summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--CREDITS5
-rw-r--r--ChangeLog830
-rw-r--r--INSTALL83
-rw-r--r--LICENCE44
-rw-r--r--Makefile.in57
-rw-r--r--OVERVIEW18
-rw-r--r--README23
-rw-r--r--README.dns23
-rw-r--r--README.platform22
-rw-r--r--README.privsep12
-rw-r--r--README.smartcard14
-rw-r--r--RFC.nroff4
-rw-r--r--TODO14
-rw-r--r--WARNING.RNG10
-rw-r--r--acconfig.h23
-rw-r--r--acss.c264
-rw-r--r--acss.h47
-rw-r--r--auth-chall.c44
-rw-r--r--auth-krb5.c35
-rw-r--r--auth-pam.c327
-rw-r--r--auth-pam.h7
-rw-r--r--auth-passwd.c141
-rw-r--r--auth-rh-rsa.c7
-rw-r--r--auth-rhosts.c6
-rw-r--r--auth-rsa.c7
-rw-r--r--auth-shadow.c135
-rw-r--r--auth-sia.c9
-rw-r--r--auth.c65
-rw-r--r--auth.h23
-rw-r--r--auth1.c18
-rw-r--r--auth2-gss.c84
-rw-r--r--auth2-hostbased.c4
-rw-r--r--auth2-passwd.c20
-rw-r--r--auth2-pubkey.c9
-rw-r--r--auth2.c23
-rw-r--r--authfd.c13
-rw-r--r--authfd.h4
-rw-r--r--authfile.c3
-rw-r--r--bufaux.c43
-rw-r--r--bufaux.h6
-rw-r--r--buffer.c6
-rw-r--r--canohost.c60
-rw-r--r--channels.c85
-rw-r--r--channels.h3
-rw-r--r--cipher-3des1.c9
-rw-r--r--cipher-acss.c84
-rw-r--r--cipher-aes.c6
-rw-r--r--cipher-ctr.c11
-rw-r--r--cipher.c33
-rw-r--r--cipher.h12
-rw-r--r--cleanup.c26
-rw-r--r--clientloop.c156
-rw-r--r--clientloop.h4
-rw-r--r--compat.c8
-rw-r--r--compat.h3
-rw-r--r--compress.c12
-rwxr-xr-xconfig.guess158
-rw-r--r--config.h.in62
-rwxr-xr-xconfig.sub18
-rwxr-xr-xconfigure4846
-rw-r--r--configure.ac595
-rw-r--r--contrib/README6
-rwxr-xr-xcontrib/aix/buildbff.sh50
-rwxr-xr-xcontrib/aix/inventory.sh4
-rw-r--r--contrib/caldera/openssh.spec7
-rwxr-xr-xcontrib/caldera/ssh-host-keygen8
-rwxr-xr-xcontrib/caldera/sshd.init8
-rw-r--r--contrib/cygwin/Makefile56
-rw-r--r--contrib/cygwin/README134
-rw-r--r--contrib/cygwin/ssh-host-config533
-rw-r--r--contrib/cygwin/ssh-user-config64
-rw-r--r--contrib/findssl.sh16
-rw-r--r--contrib/gnome-ssh-askpass1.c14
-rw-r--r--contrib/gnome-ssh-askpass2.c14
-rw-r--r--contrib/redhat/openssh.spec21
-rwxr-xr-xcontrib/solaris/README2
-rwxr-xr-xcontrib/solaris/buildpkg.sh67
-rwxr-xr-xcontrib/solaris/opensshd.in16
-rw-r--r--contrib/suse/openssh.spec26
-rw-r--r--debian/changelog10
-rw-r--r--defines.h20
-rw-r--r--dh.c10
-rw-r--r--dns.c71
-rw-r--r--dns.h15
-rw-r--r--entropy.c24
-rw-r--r--fatal.c4
-rwxr-xr-xfixprogs2
-rw-r--r--groupaccess.c15
-rw-r--r--gss-genr.c27
-rw-r--r--gss-serv-krb5.c29
-rw-r--r--gss-serv.c18
-rw-r--r--hostfile.c10
-rw-r--r--hostfile.h6
-rw-r--r--includes.h15
-rwxr-xr-xinstall-sh12
-rw-r--r--kex.c6
-rw-r--r--kexgexc.c11
-rw-r--r--key.c40
-rw-r--r--key.h46
-rw-r--r--log.c83
-rw-r--r--log.h9
-rw-r--r--loginrec.c11
-rw-r--r--mac.c4
-rw-r--r--md5crypt.c10
-rw-r--r--mdoc2man.awk158
-rw-r--r--misc.c15
-rwxr-xr-xmkinstalldirs12
-rw-r--r--moduli340
-rw-r--r--moduli.c107
-rw-r--r--monitor.c63
-rw-r--r--monitor.h5
-rw-r--r--monitor_wrap.c51
-rw-r--r--monitor_wrap.h7
-rw-r--r--msg.c37
-rw-r--r--msg.h4
-rw-r--r--nchan.ms8
-rw-r--r--nchan2.ms8
-rw-r--r--openbsd-compat/Makefile.in6
-rw-r--r--openbsd-compat/base64.c2
-rw-r--r--openbsd-compat/basename.c2
-rw-r--r--openbsd-compat/bsd-arc4random.c32
-rw-r--r--openbsd-compat/bsd-cray.c109
-rw-r--r--openbsd-compat/bsd-cray.h3
-rw-r--r--openbsd-compat/bsd-getpeereid.c32
-rw-r--r--openbsd-compat/bsd-misc.c34
-rw-r--r--openbsd-compat/bsd-misc.h32
-rw-r--r--openbsd-compat/bsd-openpty.c203
-rw-r--r--openbsd-compat/daemon.c2
-rw-r--r--openbsd-compat/dirname.c2
-rw-r--r--openbsd-compat/fake-rfc2553.c6
-rw-r--r--openbsd-compat/fake-rfc2553.h8
-rw-r--r--openbsd-compat/getcwd.c2
-rw-r--r--openbsd-compat/getgrouplist.c2
-rw-r--r--openbsd-compat/getopt.c2
-rw-r--r--openbsd-compat/getrrsetbyname.c17
-rw-r--r--openbsd-compat/getrrsetbyname.h14
-rw-r--r--openbsd-compat/glob.c2
-rw-r--r--openbsd-compat/glob.h2
-rw-r--r--openbsd-compat/inet_aton.c2
-rw-r--r--openbsd-compat/inet_ntoa.c3
-rw-r--r--openbsd-compat/inet_ntop.c2
-rw-r--r--openbsd-compat/mktemp.c2
-rw-r--r--openbsd-compat/openbsd-compat.h7
-rw-r--r--openbsd-compat/port-aix.c143
-rw-r--r--openbsd-compat/port-aix.h21
-rw-r--r--openbsd-compat/readpassphrase.c2
-rw-r--r--openbsd-compat/readpassphrase.h2
-rw-r--r--openbsd-compat/realpath.c4
-rw-r--r--openbsd-compat/rresvport.c2
-rw-r--r--openbsd-compat/setenv.c2
-rw-r--r--openbsd-compat/setproctitle.c4
-rw-r--r--openbsd-compat/sigact.c2
-rw-r--r--openbsd-compat/strlcat.c2
-rw-r--r--openbsd-compat/strlcpy.c2
-rw-r--r--openbsd-compat/strmode.c2
-rw-r--r--openbsd-compat/strsep.c2
-rw-r--r--openbsd-compat/strtoul.c114
-rw-r--r--openbsd-compat/sys-queue.h2
-rw-r--r--openbsd-compat/sys-tree.h2
-rw-r--r--openbsd-compat/vis.c2
-rw-r--r--openbsd-compat/vis.h2
-rw-r--r--openbsd-compat/xcrypt.c4
-rw-r--r--packet.c22
-rw-r--r--pathnames.h7
-rw-r--r--progressmeter.c16
-rw-r--r--readconf.c93
-rw-r--r--readconf.h10
-rw-r--r--regress/Makefile5
-rw-r--r--regress/README.regress12
-rw-r--r--regress/agent-ptrace.sh13
-rw-r--r--regress/banner.sh44
-rw-r--r--regress/sftp-badcmds.sh2
-rw-r--r--regress/sftp-batch.sh4
-rw-r--r--regress/sftp-cmds.sh16
-rw-r--r--regress/ssh-com.sh4
-rw-r--r--regress/test-exec.sh3
-rw-r--r--rijndael.c134
-rw-r--r--scard-opensc.c24
-rw-r--r--scp.0124
-rw-r--r--scp.1161
-rw-r--r--scp.c22
-rw-r--r--servconf.c37
-rw-r--r--servconf.h6
-rw-r--r--serverloop.c60
-rw-r--r--session.c313
-rw-r--r--session.h5
-rw-r--r--sftp-client.c36
-rw-r--r--sftp-client.h32
-rw-r--r--sftp-common.c10
-rw-r--r--sftp-common.h10
-rw-r--r--sftp-glob.c40
-rw-r--r--sftp-glob.h37
-rw-r--r--sftp-int.c1190
-rw-r--r--sftp-int.h27
-rw-r--r--sftp-server.016
-rw-r--r--sftp-server.85
-rw-r--r--sftp-server.c46
-rw-r--r--sftp.0209
-rw-r--r--sftp.1142
-rw-r--r--sftp.c1256
-rw-r--r--ssh-add.010
-rw-r--r--ssh-add.17
-rw-r--r--ssh-add.c8
-rw-r--r--ssh-agent.c34
-rw-r--r--ssh-dss.c20
-rw-r--r--ssh-gss.h20
-rw-r--r--ssh-keygen.070
-rw-r--r--ssh-keygen.114
-rw-r--r--ssh-keygen.c40
-rw-r--r--ssh-keyscan.c10
-rw-r--r--ssh-keysign.c6
-rw-r--r--ssh-rand-helper.824
-rw-r--r--ssh-rand-helper.c48
-rw-r--r--ssh-rsa.c10
-rw-r--r--ssh.0495
-rw-r--r--ssh.1490
-rw-r--r--ssh.c111
-rw-r--r--ssh.h5
-rw-r--r--ssh_config.0325
-rw-r--r--ssh_config.5144
-rw-r--r--ssh_prng_cmds.in4
-rw-r--r--sshconnect.c105
-rw-r--r--sshconnect2.c185
-rw-r--r--sshd.0263
-rw-r--r--sshd.885
-rw-r--r--sshd.c108
-rw-r--r--sshd_config11
-rw-r--r--sshd_config.0280
-rw-r--r--sshd_config.566
-rw-r--r--sshpty.c194
-rw-r--r--sshtty.c12
-rw-r--r--sshtty.h3
-rw-r--r--stamp-h.in0
-rw-r--r--uidswap.c45
-rw-r--r--uuencode.c4
-rw-r--r--uuencode.h4
-rw-r--r--version.h4
237 files changed, 11711 insertions, 7684 deletions
diff --git a/CREDITS b/CREDITS
index 092229cf7..a1aec3c1c 100644
--- a/CREDITS
+++ b/CREDITS
@@ -1,6 +1,6 @@
1Tatu Ylonen <ylo@cs.hut.fi> - Creator of SSH 1Tatu Ylonen <ylo@cs.hut.fi> - Creator of SSH
2 2
3Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, 3Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
4Theo de Raadt, and Dug Song - Creators of OpenSSH 4Theo de Raadt, and Dug Song - Creators of OpenSSH
5 5
6Alain St-Denis <Alain.St-Denis@ec.gc.ca> - Irix fix 6Alain St-Denis <Alain.St-Denis@ec.gc.ca> - Irix fix
@@ -88,11 +88,12 @@ Tom Bertelson's <tbert@abac.com> - AIX auth fixes
88Tor-Ake Fransson <torake@hotmail.com> - AIX support 88Tor-Ake Fransson <torake@hotmail.com> - AIX support
89Tudor Bosman <tudorb@jm.nu> - MD5 password support 89Tudor Bosman <tudorb@jm.nu> - MD5 password support
90Udo Schweigert <ust@cert.siemens.de> - ReliantUNIX support 90Udo Schweigert <ust@cert.siemens.de> - ReliantUNIX support
91Wendy Palm <wendyp at cray.com> - Cray support.
91Zack Weinberg <zack@wolery.cumb.org> - GNOME askpass enhancement 92Zack Weinberg <zack@wolery.cumb.org> - GNOME askpass enhancement
92 93
93Apologies to anyone I have missed. 94Apologies to anyone I have missed.
94 95
95Damien Miller <djm@mindrot.org> 96Damien Miller <djm@mindrot.org>
96 97
97$Id: CREDITS,v 1.74 2003/09/07 02:34:54 dtucker Exp $ 98$Id: CREDITS,v 1.77 2004/01/30 04:00:50 dtucker Exp $
98 99
diff --git a/ChangeLog b/ChangeLog
index b5505da19..c2891ba41 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,827 @@
120040224
2 - (dtucker) OpenBSD CVS Sync
3 - markus@cvs.openbsd.org 2004/02/19 21:15:04
4 [sftp-server.c]
5 switch to new license.template
6 - markus@cvs.openbsd.org 2004/02/23 12:02:33
7 [sshd.c]
8 backout revision 1.279; set listen socket to non-block; ok henning.
9 - markus@cvs.openbsd.org 2004/02/23 15:12:46
10 [bufaux.c]
11 encode 0 correctly in buffer_put_bignum2; noted by Mikulas Patocka
12 and drop support for negative BNs; ok otto@
13 - markus@cvs.openbsd.org 2004/02/23 15:16:46
14 [version.h]
15 enter 3.8
16 - (dtucker) [configure.ac gss-serv-krb5.c ssh-gss.h] Define GSSAPI when found
17 with krb5-config, hunt down gssapi.h and friends. Based partially on patch
18 from deengert at anl.gov. ok djm@
19 - (djm) [groupaccess.c uidswap.c] Bug #787: Size group arrays at runtime
20 using sysconf() if available Based on patches from
21 holger AT van-lengerich.de and openssh_bugzilla AT hockin.org
22 - (dtucker) [uidswap.c] Minor KNF. ok djm@
23 - (tim) [openbsd-compat/getrrsetbyname.c] Make gcc 2.7.2.3 happy. ok djm@
24 - (djm) Crank RPM spec versions
25 - (dtucker) [README] Add pointer to release notes. ok djm@
26 - (dtucker) {README.platform] Add platform-specific notes.
27 - (tim) [configure.ac] SCO3 needs -lcrypt_i for -lprot
28 - (djm) Release 3.8p1
29
3020040223
31 - (dtucker) [session.c] Bug #789: Only make setcred call for !privsep in the
32 non-interactive path. ok djm@
33
3420040222
35 - (dtucker) [auth-shadow.c auth.c auth.h] Move shadow account expiry test
36 to auth-shadow.c, no functional change. ok djm@
37 - (dtucker) [auth-shadow.c auth.h] Provide warnings of impending account or
38 password expiry. ok djm@
39 - (dtucker) [auth-passwd.c] Only check password expiry once. Prevents
40 multiple warnings if a wrong password is entered.
41 - (dtucker) [configure.ac] Apply krb5-config --libs fix to non-gssapi path
42 too.
43
4420040220
45 - (djm) [openbsd-compat/setproctitle.c] fix comments; from grange@
46
4720040218
48 - (dtucker) [configure.ac] Handle case where krb5-config --libs returns a
49 path with a "-" in it. From Sergio.Gelato at astro.su.se.
50 - (djm) OpenBSD CVS Sync
51 - djm@cvs.openbsd.org 2004/02/17 07:17:29
52 [sftp-glob.c sftp.c]
53 Remove useless headers; ok deraadt@
54 - djm@cvs.openbsd.org 2004/02/17 11:03:08
55 [sftp.c]
56 sftp.c and sftp-int.c, together at last; ok markus@
57 - jmc@cvs.openbsd.org 2004/02/17 19:35:21
58 [sshd_config.5]
59 remove cruft left over from RhostsAuthentication removal;
60 ok markus@
61 - (djm) [log.c] Correct use of HAVE_OPENLOG_R
62 - (djm) [log.c] Tighten openlog_r tests
63
6420040217
65 - (djm) Simplify the license on code I have written. No code changes.
66 - (djm) OpenBSD CVS Sync
67 - djm@cvs.openbsd.org 2004/02/17 05:39:51
68 [sftp-client.c sftp-client.h sftp-glob.c sftp-glob.h sftp-int.c]
69 [sftp-int.h sftp.c]
70 switch to license.template for code written by me (belated, I know...)
71 - (djm) Bug #698: Specify FILE: for KRB5CCNAME; patch from
72 stadal@suse.cz and simon@sxw.org.uk
73 - (dtucker) [auth-pam.c] Tidy up PAM debugging. ok djm@
74 - (dtucker) [auth-pam.c] Store output from pam_session and pam_setcred for
75 display after login. Should fix problems like pam_motd not displaying
76 anything, noticed by cjwatson at debian.org. ok djm@
77
7820040212
79 - (tim) [Makefile.in regress/sftp-badcmds.sh regress/test-exec.sh]
80 Portablity fixes. Data sftp transfers needs to be world readable. Some
81 older shells hang on while loops when doing sh -n some_script. OK dtucker@
82 - (tim) [configure.ac] Make sure -lcrypto is before -lsocket for sco3.
83 ok mouring@
84
8520040211
86 - (dtucker) [auth-passwd.c auth-shadow.c] Only enable shadow expiry check
87 if HAS_SHADOW_EXPIRY is set.
88 - (tim) [configure.ac] Fix comment to match code changes in ver 1.117
89
9020040210
91 - (dtucker) [auth-passwd.c auth.h openbsd-compat/port-aix.c
92 openbsd-compat/port-aix.h] Bug #14: Use do_pwchange to support AIX's
93 native password expiry.
94 - (dtucker) [LICENCE Makefile.in auth-passwd.c auth-shadow.c auth.c auth.h
95 defines.h] Bug #14: Use do_pwchange to support password expiry and force
96 change for platforms using /etc/shadow. ok djm@
97 - (dtucker) [openbsd-compat/fake-rfc2553.h] Bug #563: Prepend ssh_ to compat
98 functions to avoid conflicts with Heimdal's libroken. ok djm@
99 - (dtucker) [auth-pam.c auth-pam.h session.c] Bug #14: Use do_pwchange to
100 change expired PAM passwords for SSHv1 connections without privsep.
101 pam_chauthtok is still used when privsep is disabled. ok djm@
102 - (dtucker) [openbsd-compat/port-aix.c openbsd-compat/port-aix.h] Move
103 include from port-aix.h to port-aix.c and remove unnecessary function
104 definition. Fixes build errors on AIX.
105 - (dtucker) [configure.ac loginrec.c] Bug #464: Use updwtmpx on platforms
106 that support it. from & ok mouring@
107 - (dtucker) [configure.ac] Bug #345: Do not disable utmp on HP-UX 10.x.
108 ok djm@
109
11020040207
111 - (dtucker) OpenBSD CVS Sync
112 - dtucker@cvs.openbsd.org 2004/02/06 23:41:13
113 [cipher-ctr.c]
114 Use EVP_CIPHER_CTX_key_length for key length. ok markus@
115 (This will fix builds with OpenSSL 0.9.5)
116 - (dtucker) [cipher.c] enable AES counter modes with OpenSSL 0.9.5.
117 ok djm@, markus@
118
11920040206
120 - (dtucker) [acss.c acss.h] Fix $Id tags.
121 - (dtucker) [cipher-acss.c cipher.c] Enable acss only if building with
122 OpenSSL >= 0.9.7. ok djm@
123 - (dtucker) [session.c] Bug #789: Do not call do_pam_setcred as a non-root
124 user, since some modules might fail due to lack of privilege. ok djm@
125 - (dtucker) [configure.ac] Bug #748: Always define BROKEN_GETADDRINFO
126 for HP-UX 11.11. If there are known-good configs where this is not
127 required, please report them. ok djm@
128 - (dtucker) [sshd.c] Bug #757: Clear child's environment to prevent
129 accidentally inheriting from root's environment. ok djm@
130 - (dtucker) [openbsd-compat/port-aix.c openbsd-compat/port-aix.h] Bug #796:
131 Restore previous authdb setting after auth calls. Fixes problems with
132 setpcred failing on accounts that use AFS or NIS password registries.
133 - (dtucker) [configure.ac includes.h] Include <sys/stream.h> if present,
134 required on Solaris 2.5.1 for queue_t, which is used by <sys/ptms.h>.
135 - (dtucker) OpenBSD CVS Sync
136 - markus@cvs.openbsd.org 2004/01/30 09:48:57
137 [auth-passwd.c auth.h pathnames.h session.c]
138 support for password change; ok dtucker@
139 (set password-dead=1w in login.conf to use this).
140 In -Portable, this is currently only platforms using bsdauth.
141 - dtucker@cvs.openbsd.org 2004/02/05 05:37:17
142 [monitor.c sshd.c]
143 Pass SIGALRM through to privsep child if LoginGraceTime expires. ok markus@
144 - markus@cvs.openbsd.org 2004/02/05 15:33:33
145 [progressmeter.c]
146 fix ETA for > 4GB; bugzilla #791; ok henning@ deraadt@
147
14820040129
149 - (dtucker) OpenBSD CVS Sync regress/
150 - dtucker@cvs.openbsd.org 2003/10/11 11:49:49
151 [Makefile banner.sh]
152 Test missing banner file, suppression of banner with ssh -q, check return
153 code from ssh. ok markus@
154 - jmc@cvs.openbsd.org 2003/11/07 10:16:44
155 [ssh-com.sh]
156 adress -> address, and a few more; all from Jonathon Gray;
157 - djm@cvs.openbsd.org 2004/01/13 09:49:06
158 [sftp-batch.sh]
159 - (dtucker) [configure.ac] Add --without-zlib-version-check. Feedback from
160 tim@, ok several
161 - (dtucker) [configure.ac openbsd-compat/bsd-cray.c openbsd-compat/bsd-cray.h]
162 Bug #775: Cray fixes from wendy at cray.com
163
16420040128
165 - (dtucker) [regress/README.regress] Add tcpwrappers issue, noted by tim@
166 - (dtucker) [moduli] Import new moduli file from OpenBSD.
167
16820040127
169 - (djm) OpenBSD CVS Sync
170 - hshoexer@cvs.openbsd.org 2004/01/23 17:06:03
171 [cipher.c]
172 enable acss for ssh
173 ok deraadt@ markus@
174 - mouring@cvs.openbsd.org 2004/01/23 17:57:48
175 [sftp-int.c]
176 Fix issue pointed out with ls not handling large directories
177 with embeded paths correctly. OK damien@
178 - hshoexer@cvs.openbsd.org 2004/01/23 19:26:33
179 [cipher.c]
180 rename acss@opebsd.org to acss@openssh.org
181 ok deraadt@
182 - djm@cvs.openbsd.org 2004/01/25 03:49:09
183 [sshconnect.c]
184 reset nonblocking flag after ConnectTimeout > 0 connect; (bugzilla #785)
185 from jclonguet AT free.fr; ok millert@
186 - djm@cvs.openbsd.org 2004/01/27 10:08:10
187 [sftp.c]
188 reorder parsing so user:skey@host:file works (bugzilla #777)
189 patch from admorten AT umich.edu; ok markus@
190 - (djm) [acss.c acss.h cipher-acss.c] Portable support for ACSS
191 if libcrypto lacks it
192
19320040126
194 - (tim) Typo in regress/README.regress
195 - (tim) [regress/test-exec.sh] RhostsAuthentication is deprecated.
196 - (tim) [defines.h] Add defines for HFIXEDSZ and T_SIG
197 - (tim) [configure.ac includes.h] add <sys/ptms.h> for grantpt() and friends.
198 - (tim) [defines.h openbsd-compat/getrrsetbyname.h] Move defines for HFIXEDSZ
199 and T_SIG to getrrsetbyname.h
200
20120040124
202 - (djm) Typo in openbsd-compat/bsd-openpty.c; from wendyp AT cray.com
203
20420040123
205 - (djm) Do pam_session processing for systems with HAVE_LOGIN_CAP; from
206 ralf.hack AT pipex.net; ok dtucker@
207 - (djm) Bug #776: Update contrib/redhat/openssh.spec to dynamically detect
208 Kerberos location (and thus work with Fedora Core 1);
209 from jason AT devrandom.org
210 - (dtucker) [configure.ac] Bug #788: Test for zlib.h presence and for
211 zlib >= 1.1.4. Partly from jbasney at ncsa.uiuc.edu. ok djm@
212 - (dtucker) [contrib/cygwin/README] Document new ssh-host-config options.
213 Patch from vinschen at redhat.com.
214 - (dtucker) [acconfig.h configure.ac includes.h servconf.c session.c]
215 Change AFS symbol to USE_AFS to prevent namespace collisions, do not
216 include kafs.h unless necessary. From deengert at anl.gov.
217 - (tim) [configure.ac] Remove hard coded -L/usr/local/lib and
218 -I/usr/local/include. Users can do LDFLAGS="-L/usr/local/lib" \
219 CPPFLAGS="-I/usr/local/include" ./configure if needed.
220
22120040122
222 - (dtucker) [configure.ac] Use krb5-config where available for Kerberos/
223 GSSAPI detection, libs and includes. ok djm@
224 - (dtucker) [session.c] Enable AFS support in conjunction with KRB5 not
225 just HEIMDAL.
226 - (tim) [contrib/solaris/buildpkg.sh] Allow for the possibility of
227 /usr/local being a symbolic link. Fixes problem reported by Henry Grebler.
228
22920040121
230 - (djm) OpenBSD CVS Sync
231 - djm@cvs.openbsd.org 2004/01/13 09:25:05
232 [sftp-int.c sftp.1 sftp.c]
233 Tidy sftp batchmode handling, eliminate junk to stderr (bugzilla #754) and
234 enable use of "-b -" to accept batchfile from stdin; ok markus@
235 - jmc@cvs.openbsd.org 2004/01/13 12:17:33
236 [sftp.1]
237 remove unnecessary Ic's;
238 kill whitespace at EOL;
239 ok djm@
240 - markus@cvs.openbsd.org 2004/01/13 19:23:15
241 [compress.c session.c]
242 -Wall; ok henning
243 - markus@cvs.openbsd.org 2004/01/13 19:45:15
244 [compress.c]
245 cast for portability; millert@
246 - markus@cvs.openbsd.org 2004/01/19 09:24:21
247 [channels.c]
248 fake consumption for half closed channels since the peer is waiting for
249 window adjust messages; bugzilla #790 Matthew Dillon; test + ok dtucker@
250 reproduce with sh -c 'ulimit -f 10; ssh host -n od /bsd | cat > foo'
251 - markus@cvs.openbsd.org 2004/01/19 21:25:15
252 [auth2-hostbased.c auth2-pubkey.c serverloop.c ssh-keysign.c sshconnect2.c]
253 fix mem leaks; some fixes from Pete Flugstad; tested dtucker@
254 - djm@cvs.openbsd.org 2004/01/21 03:07:59
255 [sftp.c]
256 initialise infile in main, rather than statically - from portable
257 - deraadt@cvs.openbsd.org 2004/01/11 21:55:06
258 [sshpty.c]
259 for pty opening, only use the openpty() path. the other stuff only needs
260 to be in openssh-p; markus ok
261 - (djm) [openbsd-compat/bsd-openpty.c] Rework old sshpty.c code into an
262 openpty() replacement
263
26420040114
265 - (dtucker) [auth-pam.c] Have monitor die if PAM authentication thread exits
266 unexpectedly. with & ok djm@
267 - (dtucker) [auth-pam.c] Reset signal handler in pthread_cancel too, add
268 test for case where cleanup has already run.
269 - (dtucker) [auth-pam.c] Add minor debugging.
270
27120040113
272 - (dtucker) [auth-pam.c] Relocate struct pam_ctxt and prototypes. No
273 functional changes.
274
27520040108
276 - (dtucker) [auth-pam.c defines.h] Bug #783: move __unused to defines.h and
277 only define if not already. From des at freebsd.org.
278 - (dtucker) [configure.ac] Remove extra (typo) comma.
279
28020040105
281 - (dtucker) [contrib/ssh-copy-id] Bug #781: exit if ssh fails. Patch from
282 cjwatson at debian.org.
283 - (dtucker) [acconfig.h configure.ac includes.h servconf.c session.c]
284 Only enable KerberosGetAFSToken if Heimdal's libkafs is found. with jakob@
285
28620040102
287 - (djm) OSX/Darwin needs BIND_8_COMPAT to build getrrsetbyname. Report from
288 jakob@
289 - (djm) Remove useless DNS support configure summary message. from jakob@
290 - (djm) OSX/Darwin put the PAM headers in a different place, detect this.
291 Report from jakob@
292
29320031231
294 - (dtucker) OpenBSD CVS Sync
295 - djm@cvs.openbsd.org 2003/12/22 09:16:58
296 [moduli.c ssh-keygen.1 ssh-keygen.c]
297 tidy up moduli generation debugging, add -v (verbose/debug) option to
298 ssh-keygen; ok markus@
299 - markus@cvs.openbsd.org 2003/12/22 20:29:55
300 [cipher-3des1.c]
301 EVP_CIPHER_CTX_cleanup() for the des contexts; pruiksma@freesurf.fr
302 - jakob@cvs.openbsd.org 2003/12/23 16:12:10
303 [servconf.c servconf.h session.c sshd_config]
304 implement KerberosGetAFSToken server option. ok markus@, beck@
305 - millert@cvs.openbsd.org 2003/12/29 16:39:50
306 [sshd_config]
307 KeepAlive has been obsoleted, use TCPKeepAlive instead; markus@ OK
308 - dtucker@cvs.openbsd.org 2003/12/31 00:24:50
309 [auth2-passwd.c]
310 Ignore password change request during password auth (which we currently
311 don't support) and discard proposed new password. corrections/ok markus@
312 - (dtucker) [configure.ac] Only test setresuid and setresgid if they exist.
313
31420031219
315 - (dtucker) [defines.h] Bug #458: Define SIZE_T_MAX as UINT_MAX if we
316 typedef size_t ourselves.
317
31820031218
319 - (dtucker) [configure.ac] Don't use setre[ug]id on DG-UX, from Tom Orban.
320 - (dtucker) [auth-pam.c] Do PAM chauthtok during SSH2 keyboard-interactive
321 authentication. Partially fixes bug #423. Feedback & ok djm@
322
32320031217
324 - (djm) OpenBSD CVS Sync
325 - markus@cvs.openbsd.org 2003/12/09 15:28:43
326 [serverloop.c]
327 make ClientKeepAlive work for ssh -N, too (no login shell requested).
328 1) send a bogus channel request if we find a channel
329 2) send a bogus global request if we don't have a channel
330 ok + test beck@
331 - markus@cvs.openbsd.org 2003/12/09 17:29:04
332 [sshd.c]
333 fix -o and HUP; ok henning@
334 - markus@cvs.openbsd.org 2003/12/09 17:30:05
335 [ssh.c]
336 don't modify argv for ssh -o; similar to sshd.c 1.283
337 - markus@cvs.openbsd.org 2003/12/09 21:53:37
338 [readconf.c readconf.h scp.1 servconf.c servconf.h sftp.1 ssh.1]
339 [ssh_config.5 sshconnect.c sshd.c sshd_config.5]
340 rename keepalive to tcpkeepalive; the old name causes too much
341 confusion; ok djm, dtucker; with help from jmc@
342 - dtucker@cvs.openbsd.org 2003/12/09 23:45:32
343 [clientloop.c]
344 Clear exit code when ssh -N is terminated with a SIGTERM. ok markus@
345 - markus@cvs.openbsd.org 2003/12/14 12:37:21
346 [ssh_config.5]
347 we don't support GSS KEX; from Simon Wilkinson
348 - markus@cvs.openbsd.org 2003/12/16 15:49:51
349 [clientloop.c clientloop.h readconf.c readconf.h scp.1 sftp.1 ssh.1]
350 [ssh.c ssh_config.5]
351 application layer keep alive (ServerAliveInterval ServerAliveCountMax)
352 for ssh(1), similar to the sshd(8) option; ok beck@; with help from
353 jmc and dtucker@
354 - markus@cvs.openbsd.org 2003/12/16 15:51:54
355 [dh.c]
356 use <= instead of < in dh_estimate; ok provos/hshoexer;
357 do not return < DH_GRP_MIN
358 - (dtucker) [acconfig.h configure.ac uidswap.c] Bug #645: Check for
359 setres[ug]id() present but not implemented (eg some Linux/glibc
360 combinations).
361 - (bal) [openbsd-compat/bsd-misc.c] unset 'signal' defined if we are
362 using a real 'signal()' (Noticed by a NeXT Compile)
363
36420031209
365 - (dtucker) OpenBSD CVS Sync
366 - matthieu@cvs.openbsd.org 2003/11/25 23:10:08
367 [ssh-add.1]
368 ssh-add doesn't need to be a descendant of ssh-agent. Ok markus@, jmc@.
369 - djm@cvs.openbsd.org 2003/11/26 21:44:29
370 [cipher-aes.c]
371 fix #ifdef before #define; ok markus@
372 (RCS ID sync only, Portable already had this)
373 - markus@cvs.openbsd.org 2003/12/02 12:15:10
374 [progressmeter.c]
375 improvments from andreas@:
376 * saner speed estimate for transfers that takes less than a second by
377 rounding the time to 1 second.
378 * when the transfer is finished calculate the actual total speed
379 rather than the current speed which is given during the transfer
380 - markus@cvs.openbsd.org 2003/12/02 17:01:15
381 [channels.c session.c ssh-agent.c ssh.h sshd.c]
382 use SSH_LISTEN_BACKLOG (=128) in listen(2).
383 - djm@cvs.openbsd.org 2003/12/07 06:34:18
384 [moduli.c]
385 remove unused debugging #define templates
386 - markus@cvs.openbsd.org 2003/12/08 11:00:47
387 [kexgexc.c]
388 print requested group size in debug; ok djm
389 - dtucker@cvs.openbsd.org 2003/12/09 13:52:55
390 [moduli.c]
391 Prevent ssh-keygen -T from outputting moduli with a generator of 0, since
392 they can't be used for Diffie-Hellman. Assistance and ok djm@
393 - (dtucker) [ssh-keyscan.c] Sync RCSIDs, missed in SSH_SSFDMAX change below.
394
39520031208
396 - (tim) [configure.ac] Bug 770. Fix --without-rpath.
397
39820031123
399 - (djm) [canohost.c] Move IPv4inV6 mapped address normalisation to its own
400 function and call it unconditionally
401 - (djm) OpenBSD CVS Sync
402 - djm@cvs.openbsd.org 2003/11/23 23:17:34
403 [ssh-keyscan.c]
404 from portable - use sysconf to detect fd limit; ok markus@
405 (tidy diff by adding SSH_SSFDMAX macro to defines.h)
406 - djm@cvs.openbsd.org 2003/11/23 23:18:45
407 [ssh-keygen.c]
408 consistency PATH_MAX -> MAXPATHLEN; ok markus@
409 (RCS ID sync only)
410 - djm@cvs.openbsd.org 2003/11/23 23:21:21
411 [scp.c]
412 from portable: rename clashing variable limit-> limit_rate; ok markus@
413 (RCS ID sync only)
414 - dtucker@cvs.openbsd.org 2003/11/24 00:16:35
415 [ssh.1 ssh.c]
416 Make ssh -k mean GSSAPIDelegateCredentials=no. Suggestion & ok markus@
417 - (djm) Annotate OpenBSD-derived files in openbsd-compat/ with original
418 source file path (in OpenBSD tree).
419
42020031122
421 - (dtucker) [channels.c] Make AIX write limit code clearer. Suggested by djm@
422 - (dtucker) [auth-passwd.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h]
423 Move AIX specific password authentication code to port-aix.c, call
424 authenticate() until reenter flag is clear.
425 - (dtucker) [auth-sia.c configure.ac] Tru64 update from cmadams at hiwaay.net.
426 Use permanently_set_uid for SIA, only define DISABLE_FD_PASSING when SIA
427 is enabled, rely on SIA to check for locked accounts if enabled. ok djm@
428 - (djm) [scp.c] Rename limitbw -> limit_rate to match upstreamed patch
429 - (djm) [sftp-int.c] Remove duplicated code from bogus sync
430 - (djm) [packet.c] Shuffle #ifdef to reduce conditionally compiled code
431
43220031121
433 - (djm) OpenBSD CVS Sync
434 - markus@cvs.openbsd.org 2003/11/20 11:39:28
435 [progressmeter.c]
436 fix rounding errors; from andreas@
437 - djm@cvs.openbsd.org 2003/11/21 11:57:03
438 [everything]
439 unexpand and delete whitespace at EOL; ok markus@
440 (done locally and RCS IDs synced)
441
44220031118
443 - (djm) Fix early exit for root auth success when UsePAM=yes and
444 PermitRootLogin=no
445 - (dtucker) [auth-pam.c] Convert chauthtok_conv into a generic tty_conv,
446 and use it for do_pam_session. Fixes problems like pam_motd not
447 displaying anything. ok djm@
448 - (dtucker) [auth-pam.c] Only use pam_putenv if our platform has it. ok djm@
449 - (djm) OpenBSD CVS Sync
450 - dtucker@cvs.openbsd.org 2003/11/18 00:40:05
451 [serverloop.c]
452 Correct check for authctxt->valid. ok djm@
453 - djm@cvs.openbsd.org 2003/11/18 10:53:07
454 [monitor.c]
455 unbreak fake authloop for non-existent users (my screwup). Spotted and
456 tested by dtucker@; ok markus@
457
45820031117
459 - (djm) OpenBSD CVS Sync
460 - djm@cvs.openbsd.org 2003/11/03 09:03:37
461 [auth-chall.c]
462 make this a little more idiot-proof; ok markus@
463 (includes portable-specific changes)
464 - jakob@cvs.openbsd.org 2003/11/03 09:09:41
465 [sshconnect.c]
466 move changed key warning into warn_changed_key(). ok markus@
467 - jakob@cvs.openbsd.org 2003/11/03 09:37:32
468 [sshconnect.c]
469 do not free static type pointer in warn_changed_key()
470 - djm@cvs.openbsd.org 2003/11/04 08:54:09
471 [auth1.c auth2.c auth2-pubkey.c auth.h auth-krb5.c auth-passwd.c]
472 [auth-rhosts.c auth-rh-rsa.c auth-rsa.c monitor.c serverloop.c]
473 [session.c]
474 standardise arguments to auth methods - they should all take authctxt.
475 check authctxt->valid rather then pw != NULL; ok markus@
476 - jakob@cvs.openbsd.org 2003/11/08 16:02:40
477 [auth1.c]
478 remove unused variable (pw). ok djm@
479 (id sync only - still used in portable)
480 - jmc@cvs.openbsd.org 2003/11/08 19:17:29
481 [sftp-int.c]
482 typos from Jonathon Gray;
483 - jakob@cvs.openbsd.org 2003/11/10 16:23:41
484 [bufaux.c bufaux.h cipher.c cipher.h hostfile.c hostfile.h key.c]
485 [key.h sftp-common.c sftp-common.h sftp-server.c sshconnect.c sshd.c]
486 [ssh-dss.c ssh-rsa.c uuencode.c uuencode.h]
487 constify. ok markus@ & djm@
488 - dtucker@cvs.openbsd.org 2003/11/12 10:12:15
489 [scp.c]
490 When called with -q, pass -q to ssh; suppresses SSH2 banner. ok markus@
491 - jakob@cvs.openbsd.org 2003/11/12 16:39:58
492 [dns.c dns.h readconf.c ssh_config.5 sshconnect.c]
493 update SSHFP validation. ok markus@
494 - jmc@cvs.openbsd.org 2003/11/12 20:14:51
495 [ssh_config.5]
496 make verb agree with subject, and kill some whitespace;
497 - markus@cvs.openbsd.org 2003/11/14 13:19:09
498 [sshconnect2.c]
499 cleanup and minor fixes for the client code; from Simon Wilkinson
500 - djm@cvs.openbsd.org 2003/11/17 09:45:39
501 [msg.c msg.h sshconnect2.c ssh-keysign.c]
502 return error on msg send/receive failure (rather than fatal); ok markus@
503 - markus@cvs.openbsd.org 2003/11/17 11:06:07
504 [auth2-gss.c gss-genr.c gss-serv.c monitor.c monitor.h monitor_wrap.c]
505 [monitor_wrap.h sshconnect2.c ssh-gss.h]
506 replace "gssapi" with "gssapi-with-mic"; from Simon Wilkinson;
507 test + ok jakob.
508 - (djm) Bug #632: Don't call pam_end indirectly from within kbd-int
509 conversation function
510 - (djm) Export environment variables from authentication subprocess to
511 parent. Part of Bug #717
512
51320031115
514 - (dtucker) [regress/agent-ptrace.sh] Test for GDB output from Solaris and
515 HP-UX, skip test on AIX.
516
51720031113
518 - (dtucker) [auth-pam.c] Append newlines to lines output by the
519 pam_chauthtok_conv().
520 - (dtucker) [README ssh-host-config ssh-user-config Makefile] (All
521 contrib/cygwin). Major update from vinschen at redhat.com.
522 - Makefile provides a `cygwin-postinstall' target to run right after
523 `make install'.
524 - Better support for Windows 2003 Server.
525 - Try to get permissions as correct as possible.
526 - New command line options to allow full automated host configuration.
527 - Create configs from skeletons in /etc/defaults/etc.
528 - Use /bin/bash, allows reading user input with readline support.
529 - Remove really old configs from /usr/local.
530 - (dtucker) [auth-pam.c] Add newline to accumulated PAM_TEXT_INFO and
531 PAM_ERROR_MSG messages.
532
53320031106
534 - (djm) Clarify UsePAM consequences a little more
535
53620031103
537 - (dtucker) [contrib/cygwin/ssh-host-config] Ensure entries in /etc/services
538 are created correctly with CRLF line terminations. Patch from vinschen at
539 redhat.com.
540 - (dtucker) OpenBSD CVS Sync
541 - markus@cvs.openbsd.org 2003/10/15 09:48:45
542 [monitor_wrap.c]
543 check pmonitor != NULL
544 - markus@cvs.openbsd.org 2003/10/21 09:50:06
545 [auth2-gss.c]
546 make sure the doid is larger than 2
547 - avsm@cvs.openbsd.org 2003/10/26 16:57:43
548 [sshconnect2.c]
549 rename 'supported' static var in userauth_gssapi() to 'gss_supported'
550 to avoid shadowing the global version. markus@ ok
551 - markus@cvs.openbsd.org 2003/10/28 09:08:06
552 [misc.c]
553 error->debug for getsockopt+TCP_NODELAY; several requests
554 - markus@cvs.openbsd.org 2003/11/02 11:01:03
555 [auth2-gss.c compat.c compat.h sshconnect2.c]
556 remove support for SSH_BUG_GSSAPI_BER; simon@sxw.org.uk
557 - (dtucker) [regress/agent-ptrace.sh] Use numeric uid and gid.
558
55920031021
560 - (dtucker) [INSTALL] Some system crypt() functions support MD5 passwords
561 directly. Noted by Darren.Moffat at sun.com.
562 - (dtucker) [regress/agent-ptrace.sh] Skip agent-test unless SUDO is set,
563 make agent setgid during test.
564
56520031017
566 - (dtucker) [INSTALL] Note that --with-md5 is now required on platforms with
567 MD5 passwords even if PAM support is enabled. From steev at detritus.net.
568
56920031015
570 - (dtucker) OpenBSD CVS Sync
571 - jmc@cvs.openbsd.org 2003/10/08 08:27:36
572 [scp.1 scp.c sftp-server.8 sftp.1 sftp.c ssh.1 sshd.8]
573 scp and sftp: add options list and sort options. options list requested
574 by deraadt@
575 sshd: use same format as ssh
576 ssh: remove wrong option from list
577 sftp-server: Subsystem is documented in ssh_config(5), not sshd(8)
578 ok deraadt@ markus@
579 - markus@cvs.openbsd.org 2003/10/08 15:21:24
580 [readconf.c ssh_config.5]
581 default GSS API to no in client, too; ok jakob, deraadt@
582 - markus@cvs.openbsd.org 2003/10/11 08:24:08
583 [readconf.c readconf.h ssh.1 ssh.c ssh_config.5]
584 remote x11 clients are now untrusted by default, uses xauth(8) to generate
585 untrusted cookies; ForwardX11Trusted=yes restores old behaviour.
586 ok deraadt; feedback and ok djm/fries
587 - markus@cvs.openbsd.org 2003/10/11 08:26:43
588 [sshconnect2.c]
589 search keys in reverse order; fixes #684
590 - markus@cvs.openbsd.org 2003/10/11 11:36:23
591 [monitor_wrap.c]
592 return NULL for missing banner; ok djm@
593 - jmc@cvs.openbsd.org 2003/10/12 13:12:13
594 [ssh_config.5]
595 note that EnableSSHKeySign should be in the non-hostspecific section;
596 remove unnecessary .Pp;
597 ok markus@
598 - markus@cvs.openbsd.org 2003/10/13 08:22:25
599 [scp.1 sftp.1]
600 don't refer to options related to forwarding; ok jmc@
601 - jakob@cvs.openbsd.org 2003/10/14 19:42:10
602 [dns.c dns.h readconf.c ssh-keygen.c sshconnect.c]
603 include SSHFP lookup code (not enabled by default). ok markus@
604 - jakob@cvs.openbsd.org 2003/10/14 19:43:23
605 [README.dns]
606 update
607 - markus@cvs.openbsd.org 2003/10/14 19:54:39
608 [session.c ssh-agent.c]
609 10X for mkdtemp; djm@
610 - (dtucker) [acconfig.h configure.ac dns.c openbsd-compat/getrrsetbyname.c
611 openbsd-compat/getrrsetbyname.h] DNS fingerprint support is now always
612 compiled in but disabled in config.
613 - (dtucker) [auth.c] Check for disabled password expiry on HP-UX Trusted Mode.
614 - (tim) [regress/banner.sh] portability fix.
615
61620031009
617 - (dtucker) [sshd_config.5] UsePAM defaults to "no". ok djm@
618
61920031008
620 - (dtucker) OpenBSD CVS Sync
621 - dtucker@cvs.openbsd.org 2003/10/07 01:47:27
622 [sshconnect2.c]
623 Don't use logit for banner, since it truncates to MSGBUFSIZ; bz #668 &
624 #707. ok markus@
625 - djm@cvs.openbsd.org 2003/10/07 07:04:16
626 [sftp-int.c]
627 sftp quoting fix from admorten AT umich.edu; ok markus@
628 - deraadt@cvs.openbsd.org 2003/10/07 21:58:28
629 [sshconnect2.c]
630 set ptr to NULL after free
631 - dtucker@cvs.openbsd.org 2003/10/07 01:52:13
632 [regress/Makefile regress/banner.sh]
633 Test SSH2 banner. ok markus@
634 - djm@cvs.openbsd.org 2003/10/07 07:04:52
635 [regress/sftp-cmds.sh]
636 more sftp quoting regress tests; ok markus
637
63820031007
639 - (djm) Delete autom4te.cache after autoreconf
640 - (dtucker) [auth-pam.c auth-pam.h session.c] Make PAM use the new static
641 cleanup functions. With & ok djm@
642 - (dtucker) [contrib/redhat/openssh.spec] Bug #714: Now that UsePAM is a
643 run-time switch, always build --with-md5-passwords.
644 - (dtucker) [configure.ac openbsd-compat/Makefile.in openbsd-compat/strtoul.c]
645 Bug #670: add strtoul() to openbsd-compat for platforms lacking it. ok djm@
646 - (dtucker) [configure.ac] Bug #715: Set BROKEN_SETREUID and BROKEN_SETREGID
647 on Reliant Unix. Patch from Robert.Dahlem at siemens.com.
648 - (dtucker) [configure.ac] Bug #710: Check for dlsym() in libdl on
649 Reliant Unix. Based on patch from Robert.Dahlem at siemens.com.
650
65120031003
652 - (dtucker) OpenBSD CVS Sync
653 - markus@cvs.openbsd.org 2003/10/02 10:41:59
654 [sshd.c]
655 print openssl version, too, several requests; ok henning/djm.
656 - markus@cvs.openbsd.org 2003/10/02 08:26:53
657 [ssh-gss.h]
658 missing $OpenBSD:; dtucker
659 - (tim) [contrib/caldera/openssh.spec] Remove obsolete --with-ipv4-default
660 option.
661
66220031002
663 - (dtucker) OpenBSD CVS Sync
664 - markus@cvs.openbsd.org 2003/09/23 20:17:11
665 [Makefile.in auth1.c auth2.c auth.c auth.h auth-krb5.c canohost.c
666 cleanup.c clientloop.c fatal.c gss-serv.c log.c log.h monitor.c monitor.h
667 monitor_wrap.c monitor_wrap.h packet.c serverloop.c session.c session.h
668 ssh-agent.c sshd.c]
669 replace fatal_cleanup() and linked list of fatal callbacks with static
670 cleanup_exit() function. re-refine cleanup_exit() where appropriate,
671 allocate sshd's authctxt eary to allow simpler cleanup in sshd.
672 tested by many, ok deraadt@
673 - markus@cvs.openbsd.org 2003/09/23 20:18:52
674 [progressmeter.c]
675 don't print trailing \0; bug #709; Robert.Dahlem@siemens.com
676 ok millert/deraadt@
677 - markus@cvs.openbsd.org 2003/09/23 20:41:11
678 [channels.c channels.h clientloop.c]
679 move client only agent code to clientloop.c
680 - markus@cvs.openbsd.org 2003/09/26 08:19:29
681 [sshd.c]
682 no need to set the listen sockets to non-block; ok deraadt@
683 - jmc@cvs.openbsd.org 2003/09/29 11:40:51
684 [ssh.1]
685 - add list of options to -o and .Xr ssh_config(5)
686 - some other cleanup
687 requested by deraadt@;
688 ok deraadt@ markus@
689 - markus@cvs.openbsd.org 2003/09/29 20:19:57
690 [servconf.c sshd_config]
691 GSSAPICleanupCreds -> GSSAPICleanupCredentials
692 - (dtucker) [configure.ac] Don't set DISABLE_SHADOW when configuring
693 --with-pam. ok djm@
694 - (dtucker) [ssh-gss.h] Prototype change missed in sync.
695 - (dtucker) [session.c] Fix bus errors on some 64-bit Solaris configurations.
696 Based on patches by Matthias Koeppe and Thomas Baden. ok djm@
697
69820030930
699 - (bal) Fix issues in openbsd-compat/realpath.c
700
70120030925
702 - (dtucker) [configure.ac openbsd-compat/xcrypt.c] Bug #633: Remove
703 DISABLE_SHADOW for HP-UX, use getspnam instead of getprpwnam. Patch from
704 michael_steffens at hp.com, ok djm@
705 - (tim) [sshd_config] UsePAM defaults to no.
706
70720030924
708 - (djm) Update version.h and spec files for HEAD
709 - (dtucker) [configure.ac] IRIX5 needs the same setre[ug]id defines as IRIX6.
710
71120030923
712 - (dtucker) [Makefile.in] Bug #644: Fix "make clean" for out-of-tree
713 builds. Portability corrections from tim@.
714 - (dtucker) [configure.ac] Bug #665: uid swapping issues on Mac OS X.
715 Patch from max at quendi.de.
716 - (dtucker) [configure.ac] Bug #657: uid swapping issues on BSDi.
717 - (dtucker) [configure.ac] Bug #653: uid swapping issues on Tru64.
718 - (dtucker) [configure.ac] Bug #693: uid swapping issues on NCR MP-RAS.
719 Patch from david.haughton at ncr.com
720 - (dtucker) [configure.ac] Bug #659: uid swapping issues on IRIX 6.
721 Part of patch supplied by bugzilla-openssh at thewrittenword.com
722 - (dtucker) [configure.ac openbsd-compat/fake-rfc2553.c
723 openbsd-compat/fake-rfc2553.h] Bug #659: Test for and handle systems with
724 where gai_strerror is defined as "const char *". Part of patch supplied
725 by bugzilla-openssh at thewrittenword.com
726 - (dtucker) [contrib/cygwin/README contrib/cygwin/ssh-host-config] Update
727 ssh-host-config to match current defaults, bump README version. Patch from
728 vinschen at redhat.com.
729 - (dtucker) [uidswap.c] Don't test restoration of uid on Cygwin since the
730 OS does not support permanently dropping privileges. Patch from
731 vinschen at redhat.com.
732 - (dtucker) [openbsd-compat/port-aix.c] Use correct include for xmalloc.h,
733 add canohost.h to stop warning. Based on patch from openssh-unix-dev at
734 thewrittenword.com
735 - (dtucker) [INSTALL] Bug #686: Document requirement for zlib 1.1.4 or
736 higher.
737 - (tim) Fix typo. s/SETEIUD_BREAKS_SETUID/SETEUID_BREAKS_SETUID/
738 - (tim) [configure.ac] Bug 665: move 3 new AC_DEFINES outside of AC_TRY_RUN.
739 Report by distler AT golem ph utexas edu.
740 - (dtucker) [contrib/aix/pam.conf] Include example pam.conf for AIX from
741 article by genty at austin.ibm.com, included with the author's permission.
742 - (dtucker) OpenBSD CVS Sync
743 - markus@cvs.openbsd.org 2003/09/18 07:52:54
744 [sshconnect.c]
745 missing {}; bug #656; jclonguet at free.fr
746 - markus@cvs.openbsd.org 2003/09/18 07:54:48
747 [buffer.c]
748 protect against double free; #660; zardoz at users.sf.net
749 - markus@cvs.openbsd.org 2003/09/18 07:56:05
750 [authfile.c]
751 missing buffer_free(&encrypted); #662; zardoz at users.sf.net
752 - markus@cvs.openbsd.org 2003/09/18 08:49:45
753 [deattack.c misc.c session.c ssh-agent.c]
754 more buffer allocation fixes; from Solar Designer; CAN-2003-0682;
755 ok millert@
756 - miod@cvs.openbsd.org 2003/09/18 13:02:21
757 [authfd.c bufaux.c dh.c mac.c ssh-keygen.c]
758 A few signedness fixes for harmless situations; markus@ ok
759 - markus@cvs.openbsd.org 2003/09/19 09:02:02
760 [packet.c]
761 buffer_dump only if PACKET_DEBUG is defined; Jedi/Sector One; pr 3471
762 - markus@cvs.openbsd.org 2003/09/19 09:03:00
763 [buffer.c]
764 sign fix in buffer_dump; Jedi/Sector One; pr 3473
765 - markus@cvs.openbsd.org 2003/09/19 11:29:40
766 [ssh-agent.c]
767 provide a ssh-agent specific fatal() function; ok deraadt
768 - markus@cvs.openbsd.org 2003/09/19 11:30:39
769 [ssh-keyscan.c]
770 avoid fatal_cleanup, just call exit(); ok deraadt
771 - markus@cvs.openbsd.org 2003/09/19 11:31:33
772 [channels.c]
773 do not call channel_free_all on fatal; ok deraadt
774 - markus@cvs.openbsd.org 2003/09/19 11:33:09
775 [packet.c sshd.c]
776 do not call packet_close on fatal; ok deraadt
777 - markus@cvs.openbsd.org 2003/09/19 17:40:20
778 [scp.c]
779 error handling for remote-remote copy; #638; report Harald Koenig;
780 ok millert, fgs, henning, deraadt
781 - markus@cvs.openbsd.org 2003/09/19 17:43:35
782 [clientloop.c sshtty.c sshtty.h]
783 remove fatal callbacks from client code; ok deraadt
784 - (bal) "extration" -> "extraction" in ssh-rand-helper.c; repoted by john
785 on #unixhelp@efnet
786 - (tim) [configure.ac] add --disable-etc-default-login option. ok djm
787 - (djm) Sync with V_3_7 branch:
788 - (djm) Fix SSH1 challenge kludge
789 - (djm) Bug #671: Fix builds on OpenBSD
790 - (djm) Bug #676: Fix PAM stack corruption
791 - (djm) Fix bad free() in PAM code
792 - (djm) Don't call pam_end before pam_init
793 - (djm) Enable build with old OpenSSL again
794 - (djm) Trim deprecated options from INSTALL. Mention UsePAM
795 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
796
79720030919
798 - (djm) Bug #683: Remove reference to --with-ipv4-default from INSTALL;
799 djast AT cs.toronto.edu
800 - (djm) Bug #661: Remove duplicate check for basename; from
801 bugzilla-openssh AT thewrittenword.com
802 - (djm) Bug #641: Allow RedHat RPM building without GTK-2; Patch from
803 jason AT devrandom.org
804 - (djm) Bug #646: Fix location of x11-ssh-askpass; Jim
805 - (dtucker) [openbsd-compat/port-aix.h] Bug #640: Don't include audit.h
806 unless required. Reorder to reduce warnings.
807 - (dtucker) [session.c] Bug #643: Fix size_t -> u_int and fix null deref
808 when /etc/default/login doesn't exist or isn't readable. Fixes from
809 jparsons-lists at saffron.net and georg.oppenberg at deu mci com.
810 - (dtucker) [acconfig.h] Updated basename test needs HAVE_BASENAME
811
81220030918
813 - (djm) Bug #652: Fix empty password auth
814
81520030917
816 - (djm) Sync with V_3_7 branch
817 - (djm) OpenBSD Sync
818 - markus@cvs.openbsd.org 2003/09/16 21:02:40
819 [buffer.c channels.c version.h]
820 more malloc/fatal fixes; ok millert/deraadt; ghudson at MIT.EDU
821 - (djm) Crank RPM spec file versions
822 - (tim) [openbsd-compat/inet_ntoa.c] 20030917 "Sync with V_3_7 branch" undid
823 20030916 "Missed dead header in inet_ntoa.c"
824
120030916 82520030916
2 - (dtucker) [acconfig.h configure.ac defines.h session.c] Bug #252: Retrieve 826 - (dtucker) [acconfig.h configure.ac defines.h session.c] Bug #252: Retrieve
3 PATH (or SUPATH) and UMASK from /etc/default/login on platforms that have it 827 PATH (or SUPATH) and UMASK from /etc/default/login on platforms that have it
@@ -7,10 +831,8 @@
7 - deraadt@cvs.openbsd.org 2003/09/16 03:03:47 831 - deraadt@cvs.openbsd.org 2003/09/16 03:03:47
8 [buffer.c] 832 [buffer.c]
9 do not expand buffer before attempting to reallocate it; markus ok 833 do not expand buffer before attempting to reallocate it; markus ok
10 - (djm) Crank spec versions
11 - (djm) Banish (safe) sprintf from auth-pam.c. Patch from bal
12 - (tim) [configure.ac] Fix portability issues. 834 - (tim) [configure.ac] Fix portability issues.
13 - (djm) Release 3.7p1 835 - (bal) Missed dead header in inet_ntoa.c
14 836
1520030914 83720030914
16 - (dtucker) [Makefile regress/Makefile] Fix portability issues preventing 838 - (dtucker) [Makefile regress/Makefile] Fix portability issues preventing
@@ -1107,4 +1929,4 @@
1107 - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. 1929 - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo.
1108 Report from murple@murple.net, diagnosis from dtucker@zip.com.au 1930 Report from murple@murple.net, diagnosis from dtucker@zip.com.au
1109 1931
1110$Id: ChangeLog,v 1.2994.2.4 2003/09/16 06:00:52 djm Exp $ 1932$Id: ChangeLog,v 1.3257 2004/02/24 06:13:28 djm Exp $
diff --git a/INSTALL b/INSTALL
index 93070b105..a1c0e4b6b 100644
--- a/INSTALL
+++ b/INSTALL
@@ -3,22 +3,22 @@
3 3
4You will need working installations of Zlib and OpenSSL. 4You will need working installations of Zlib and OpenSSL.
5 5
6Zlib: 6Zlib 1.1.4 or greater:
7http://www.gzip.org/zlib/ 7http://www.gzip.org/zlib/
8 8
9OpenSSL 0.9.6 or greater: 9OpenSSL 0.9.6 or greater:
10http://www.openssl.org/ 10http://www.openssl.org/
11 11
12(OpenSSL 0.9.5a is partially supported, but some ciphers (SSH protocol 1 12(OpenSSL 0.9.5a is partially supported, but some ciphers (SSH protocol 1
13Blowfish) do not work correctly.) 13Blowfish) do not work correctly.)
14 14
15OpenSSH can utilise Pluggable Authentication Modules (PAM) if your system 15OpenSSH can utilise Pluggable Authentication Modules (PAM) if your system
16supports it. PAM is standard on Redhat and Debian Linux, Solaris and 16supports it. PAM is standard on Redhat and Debian Linux, Solaris and
17HP-UX 11. 17HP-UX 11.
18 18
19NB. If you operating system supports /dev/random, you should configure 19NB. If you operating system supports /dev/random, you should configure
20OpenSSL to use it. OpenSSH relies on OpenSSL's direct support of 20OpenSSL to use it. OpenSSH relies on OpenSSL's direct support of
21/dev/random. If you don't you will have to rely on ssh-rand-helper, which 21/dev/random. If you don't you will have to rely on ssh-rand-helper, which
22is inferior to a good kernel-based solution. 22is inferior to a good kernel-based solution.
23 23
24PAM: 24PAM:
@@ -33,11 +33,11 @@ http://www.gnome.org/
33Alternatively, Jim Knoble <jmknoble@jmknoble.cx> has written an excellent X11 33Alternatively, Jim Knoble <jmknoble@jmknoble.cx> has written an excellent X11
34passphrase requester. This is maintained separately at: 34passphrase requester. This is maintained separately at:
35 35
36http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/index.html 36http://www.jmknoble.net/software/x11-ssh-askpass/
37 37
38PRNGD: 38PRNGD:
39 39
40If your system lacks Kernel based random collection, the use of Lutz 40If your system lacks Kernel based random collection, the use of Lutz
41Jaenicke's PRNGd is recommended. 41Jaenicke's PRNGd is recommended.
42 42
43http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html 43http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html
@@ -54,7 +54,7 @@ http://www.sparc.spb.su/solaris/skey/
54 54
55If you wish to use --with-skey then you will need the above library 55If you wish to use --with-skey then you will need the above library
56installed. No other current S/Key library is currently known to be 56installed. No other current S/Key library is currently known to be
57supported. 57supported.
58 58
592. Building / Installation 592. Building / Installation
60-------------------------- 60--------------------------
@@ -73,7 +73,7 @@ installation prefix, use the --prefix option to configure:
73make 73make
74make install 74make install
75 75
76Will install OpenSSH in /opt/{bin,etc,lib,sbin}. You can also override 76Will install OpenSSH in /opt/{bin,etc,lib,sbin}. You can also override
77specific paths, for example: 77specific paths, for example:
78 78
79./configure --prefix=/opt --sysconfdir=/etc/ssh 79./configure --prefix=/opt --sysconfdir=/etc/ssh
@@ -101,56 +101,45 @@ name).
101 101
102There are a few other options to the configure script: 102There are a few other options to the configure script:
103 103
104--with-pam enables PAM support. 104--with-pam enables PAM support. If PAM support is compiled in, it must
105also be enabled in sshd_config (refer to the UsePAM directive).
105 106
106--enable-gnome-askpass will build the GNOME passphrase dialog. You 107--with-prngd-socket=/some/file allows you to enable EGD or PRNGD
107need a working installation of GNOME, including the development 108support and to specify a PRNGd socket. Use this if your Unix lacks
108headers, for this to work. 109/dev/random and you don't want to use OpenSSH's builtin entropy
109
110--with-prngd-socket=/some/file allows you to enable EGD or PRNGD
111support and to specify a PRNGd socket. Use this if your Unix lacks
112/dev/random and you don't want to use OpenSSH's builtin entropy
113collection support. 110collection support.
114 111
115--with-prngd-port=portnum allows you to enable EGD or PRNGD support 112--with-prngd-port=portnum allows you to enable EGD or PRNGD support
116and to specify a EGD localhost TCP port. Use this if your Unix lacks 113and to specify a EGD localhost TCP port. Use this if your Unix lacks
117/dev/random and you don't want to use OpenSSH's builtin entropy 114/dev/random and you don't want to use OpenSSH's builtin entropy
118collection support. 115collection support.
119 116
120--with-lastlog=FILE will specify the location of the lastlog file. 117--with-lastlog=FILE will specify the location of the lastlog file.
121./configure searches a few locations for lastlog, but may not find 118./configure searches a few locations for lastlog, but may not find
122it if lastlog is installed in a different place. 119it if lastlog is installed in a different place.
123 120
124--without-lastlog will disable lastlog support entirely. 121--without-lastlog will disable lastlog support entirely.
125 122
126--with-osfsia, --without-osfsia will enable or disable OSF1's Security 123--with-osfsia, --without-osfsia will enable or disable OSF1's Security
127Integration Architecture. The default for OSF1 machines is enable. 124Integration Architecture. The default for OSF1 machines is enable.
128 125
129--with-kerberos4=PATH will enable Kerberos IV support. You will need 126--with-skey=PATH will enable S/Key one time password support. You will
130to have the Kerberos libraries and header files installed for this
131to work. Use the optional PATH argument to specify the root of your
132Kerberos installation.
133
134--with-afs=PATH will enable AFS support. You will need to have the
135Kerberos IV and the AFS libraries and header files installed for this
136to work. Use the optional PATH argument to specify the root of your
137AFS installation. AFS requires Kerberos support to be enabled.
138
139--with-skey=PATH will enable S/Key one time password support. You will
140need the S/Key libraries and header files installed for this to work. 127need the S/Key libraries and header files installed for this to work.
141 128
142--with-tcp-wrappers will enable TCP Wrappers (/etc/hosts.allow|deny) 129--with-tcp-wrappers will enable TCP Wrappers (/etc/hosts.allow|deny)
143support. You will need libwrap.a and tcpd.h installed. 130support. You will need libwrap.a and tcpd.h installed.
144 131
145--with-md5-passwords will enable the use of MD5 passwords. Enable this 132--with-md5-passwords will enable the use of MD5 passwords. Enable this
146if your operating system uses MD5 passwords without using PAM. 133if your operating system uses MD5 passwords and the system crypt() does
134not support them directly (see the crypt(3/3c) man page). If enabled, the
135resulting binary will support both MD5 and traditional crypt passwords.
147 136
148--with-utmpx enables utmpx support. utmpx support is automatic for 137--with-utmpx enables utmpx support. utmpx support is automatic for
149some platforms. 138some platforms.
150 139
151--without-shadow disables shadow password support. 140--without-shadow disables shadow password support.
152 141
153--with-ipaddr-display forces the use of a numeric IP address in the 142--with-ipaddr-display forces the use of a numeric IP address in the
154$DISPLAY environment variable. Some broken systems need this. 143$DISPLAY environment variable. Some broken systems need this.
155 144
156--with-default-path=PATH allows you to specify a default $PATH for sessions 145--with-default-path=PATH allows you to specify a default $PATH for sessions
@@ -161,12 +150,6 @@ created.
161 150
162--with-xauth=PATH specifies the location of the xauth binary 151--with-xauth=PATH specifies the location of the xauth binary
163 152
164--with-ipv4-default instructs OpenSSH to use IPv4 by default for new
165connections. Normally OpenSSH will try attempt to lookup both IPv6 and
166IPv4 addresses. On Linux/glibc-2.1.2 this causes long delays in name
167resolution. If this option is specified, you can still attempt to
168connect to IPv6 addresses using the command line option '-6'.
169
170--with-ssl-dir=DIR allows you to specify where your OpenSSL libraries 153--with-ssl-dir=DIR allows you to specify where your OpenSSL libraries
171are installed. 154are installed.
172 155
@@ -186,35 +169,35 @@ CFLAGS="-O -m486" LDFLAGS="-s" LIBS="-lrubbish" LD="/usr/foo/ld" ./configure
1863. Configuration 1693. Configuration
187---------------- 170----------------
188 171
189The runtime configuration files are installed by in ${prefix}/etc or 172The runtime configuration files are installed by in ${prefix}/etc or
190whatever you specified as your --sysconfdir (/usr/local/etc by default). 173whatever you specified as your --sysconfdir (/usr/local/etc by default).
191 174
192The default configuration should be instantly usable, though you should 175The default configuration should be instantly usable, though you should
193review it to ensure that it matches your security requirements. 176review it to ensure that it matches your security requirements.
194 177
195To generate a host key, run "make host-key". Alternately you can do so 178To generate a host key, run "make host-key". Alternately you can do so
196manually using the following commands: 179manually using the following commands:
197 180
198 ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N "" 181 ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N ""
199 ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N "" 182 ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ""
200 ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N "" 183 ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N ""
201 184
202Replacing /etc/ssh with the correct path to the configuration directory. 185Replacing /etc/ssh with the correct path to the configuration directory.
203(${prefix}/etc or whatever you specified with --sysconfdir during 186(${prefix}/etc or whatever you specified with --sysconfdir during
204configuration) 187configuration)
205 188
206If you have configured OpenSSH with EGD support, ensure that EGD is 189If you have configured OpenSSH with EGD support, ensure that EGD is
207running and has collected some Entropy. 190running and has collected some Entropy.
208 191
209For more information on configuration, please refer to the manual pages 192For more information on configuration, please refer to the manual pages
210for sshd, ssh and ssh-agent. 193for sshd, ssh and ssh-agent.
211 194
2124. Problems? 1954. Problems?
213------------ 196------------
214 197
215If you experience problems compiling, installing or running OpenSSH. 198If you experience problems compiling, installing or running OpenSSH.
216Please refer to the "reporting bugs" section of the webpage at 199Please refer to the "reporting bugs" section of the webpage at
217http://www.openssh.com/ 200http://www.openssh.com/
218 201
219 202
220$Id: INSTALL,v 1.56 2003/05/24 01:41:16 dtucker Exp $ 203$Id: INSTALL,v 1.63 2003/11/21 12:48:55 djm Exp $
diff --git a/LICENCE b/LICENCE
index b47556dda..d8c157304 100644
--- a/LICENCE
+++ b/LICENCE
@@ -45,16 +45,16 @@ OpenSSH contains no GPL code.
45 software are publicly available on the Internet and at any major 45 software are publicly available on the Internet and at any major
46 bookstore, scientific library, and patent office worldwide. More 46 bookstore, scientific library, and patent office worldwide. More
47 information can be found e.g. at "http://www.cs.hut.fi/crypto". 47 information can be found e.g. at "http://www.cs.hut.fi/crypto".
48 48
49 The legal status of this program is some combination of all these 49 The legal status of this program is some combination of all these
50 permissions and restrictions. Use only at your own responsibility. 50 permissions and restrictions. Use only at your own responsibility.
51 You will be responsible for any legal consequences yourself; I am not 51 You will be responsible for any legal consequences yourself; I am not
52 making any claims whether possessing or using this is legal or not in 52 making any claims whether possessing or using this is legal or not in
53 your country, and I am not taking any responsibility on your behalf. 53 your country, and I am not taking any responsibility on your behalf.
54 54
55 55
56 NO WARRANTY 56 NO WARRANTY
57 57
58 BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY 58 BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
59 FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN 59 FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
60 OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES 60 OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
@@ -64,7 +64,7 @@ OpenSSH contains no GPL code.
64 TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE 64 TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
65 PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, 65 PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
66 REPAIR OR CORRECTION. 66 REPAIR OR CORRECTION.
67 67
68 IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING 68 IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
69 WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR 69 WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
70 REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, 70 REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
@@ -112,15 +112,15 @@ OpenSSH contains no GPL code.
112 with the following license: 112 with the following license:
113 113
114 * @version 3.0 (December 2000) 114 * @version 3.0 (December 2000)
115 * 115 *
116 * Optimised ANSI C code for the Rijndael cipher (now AES) 116 * Optimised ANSI C code for the Rijndael cipher (now AES)
117 * 117 *
118 * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be> 118 * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
119 * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be> 119 * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
120 * @author Paulo Barreto <paulo.barreto@terra.com.br> 120 * @author Paulo Barreto <paulo.barreto@terra.com.br>
121 * 121 *
122 * This code is hereby placed in the public domain. 122 * This code is hereby placed in the public domain.
123 * 123 *
124 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS 124 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
125 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 125 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
126 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 126 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -177,13 +177,12 @@ OpenSSH contains no GPL code.
177 Damien Miller 177 Damien Miller
178 Kevin Steves 178 Kevin Steves
179 Daniel Kouril 179 Daniel Kouril
180 Per Allansson
181 Wesley Griffin 180 Wesley Griffin
182 Per Allansson 181 Per Allansson
183 Nils Nordman 182 Nils Nordman
184 Simon Wilkinson 183 Simon Wilkinson
185 184
186 Portable OpenSSH additionally includes code from the following copyright 185 Portable OpenSSH additionally includes code from the following copyright
187 holders, also under the 2-term BSD license: 186 holders, also under the 2-term BSD license:
188 187
189 Ben Lindstrom 188 Ben Lindstrom
@@ -203,6 +202,7 @@ OpenSSH contains no GPL code.
203 Todd C. Miller 202 Todd C. Miller
204 Wayne Schroeder 203 Wayne Schroeder
205 William Jones 204 William Jones
205 Darren Tucker
206 206
207 * Redistribution and use in source and binary forms, with or without 207 * Redistribution and use in source and binary forms, with or without
208 * modification, are permitted provided that the following conditions 208 * modification, are permitted provided that the following conditions
@@ -229,24 +229,24 @@ OpenSSH contains no GPL code.
229 a) md5crypt.c, md5crypt.h 229 a) md5crypt.c, md5crypt.h
230 230
231 * "THE BEER-WARE LICENSE" (Revision 42): 231 * "THE BEER-WARE LICENSE" (Revision 42):
232 * <phk@login.dknet.dk> wrote this file. As long as you retain this 232 * <phk@login.dknet.dk> wrote this file. As long as you retain this
233 * notice you can do whatever you want with this stuff. If we meet 233 * notice you can do whatever you want with this stuff. If we meet
234 * some day, and you think this stuff is worth it, you can buy me a 234 * some day, and you think this stuff is worth it, you can buy me a
235 * beer in return. Poul-Henning Kamp 235 * beer in return. Poul-Henning Kamp
236 236
237 b) snprintf replacement 237 b) snprintf replacement
238 238
239 * Copyright Patrick Powell 1995 239 * Copyright Patrick Powell 1995
240 * This code is based on code written by Patrick Powell 240 * This code is based on code written by Patrick Powell
241 * (papowell@astart.com) It may be used for any purpose as long as this 241 * (papowell@astart.com) It may be used for any purpose as long as this
242 * notice remains intact on all source code distributions 242 * notice remains intact on all source code distributions
243 243
244 c) Compatibility code (openbsd-compat) 244 c) Compatibility code (openbsd-compat)
245 245
246 Apart from the previously mentioned licenses, various pieces of code 246 Apart from the previously mentioned licenses, various pieces of code
247 in the openbsd-compat/ subdirectory are licensed as follows: 247 in the openbsd-compat/ subdirectory are licensed as follows:
248 248
249 Some code is licensed under a 3-term BSD license, to the following 249 Some code is licensed under a 3-term BSD license, to the following
250 copyright holders: 250 copyright holders:
251 251
252 Todd C. Miller 252 Todd C. Miller
@@ -279,7 +279,7 @@ OpenSSH contains no GPL code.
279 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 279 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
280 * SUCH DAMAGE. 280 * SUCH DAMAGE.
281 281
282 Some code is licensed under an ISC-style license, to the following 282 Some code is licensed under an ISC-style license, to the following
283 copyright holders: 283 copyright holders:
284 284
285 Internet Software Consortium. 285 Internet Software Consortium.
@@ -297,7 +297,7 @@ OpenSSH contains no GPL code.
297 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN 297 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
298 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 298 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
299 299
300 Some code is licensed under a MIT-style license to the following 300 Some code is licensed under a MIT-style license to the following
301 copyright holders: 301 copyright holders:
302 302
303 Free Software Foundation, Inc. 303 Free Software Foundation, Inc.
@@ -329,4 +329,4 @@ OpenSSH contains no GPL code.
329 329
330 330
331------ 331------
332$OpenBSD: LICENCE,v 1.17 2003/08/22 20:55:06 markus Exp $ 332$OpenBSD: LICENCE,v 1.18 2003/11/21 11:57:02 djm Exp $
diff --git a/Makefile.in b/Makefile.in
index 8a8774461..919b36819 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -1,4 +1,4 @@
1# $Id: Makefile.in,v 1.249 2003/09/14 01:40:36 dtucker Exp $ 1# $Id: Makefile.in,v 1.257 2004/02/18 03:35:11 djm Exp $
2 2
3# uncomment if you run a non bourne compatable shell. Ie. csh 3# uncomment if you run a non bourne compatable shell. Ie. csh
4#SHELL = @SH@ 4#SHELL = @SH@
@@ -61,12 +61,13 @@ INSTALL_SSH_RAND_HELPER=@INSTALL_SSH_RAND_HELPER@
61 61
62TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-agent$(EXEEXT) scp$(EXEEXT) ssh-rand-helper${EXEEXT} sftp-server$(EXEEXT) sftp$(EXEEXT) 62TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-agent$(EXEEXT) scp$(EXEEXT) ssh-rand-helper${EXEEXT} sftp-server$(EXEEXT) sftp$(EXEEXT)
63 63
64LIBSSH_OBJS=authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o \ 64LIBSSH_OBJS=acss.o authfd.o authfile.o bufaux.o buffer.o \
65 cipher.o cipher-aes.o cipher-bf1.o cipher-ctr.o cipher-3des1.o \ 65 canohost.o channels.o cipher.o cipher-acss.o cipher-aes.o \
66 compat.o compress.o crc32.o deattack.o fatal.o \ 66 cipher-bf1.o cipher-ctr.o cipher-3des1.o cleanup.o \
67 hostfile.o log.o match.o moduli.o mpaux.o nchan.o packet.o \ 67 compat.o compress.o crc32.o deattack.o fatal.o hostfile.o \
68 readpass.o rsa.o tildexpand.o ttymodes.o xmalloc.o atomicio.o \ 68 log.o match.o moduli.o mpaux.o nchan.o packet.o \
69 key.o dispatch.o kex.o mac.o uuencode.o misc.o \ 69 readpass.o rsa.o tildexpand.o ttymodes.o xmalloc.o \
70 atomicio.o key.o dispatch.o kex.o mac.o uuencode.o misc.o \
70 rijndael.o ssh-dss.o ssh-rsa.o dh.o kexdh.o kexgex.o \ 71 rijndael.o ssh-dss.o ssh-rsa.o dh.o kexdh.o kexgex.o \
71 kexdhc.o kexgexc.o scard.o msg.o progressmeter.o dns.o \ 72 kexdhc.o kexgexc.o scard.o msg.o progressmeter.o dns.o \
72 entropy.o scard-opensc.o gss-genr.o 73 entropy.o scard-opensc.o gss-genr.o
@@ -84,7 +85,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \
84 kexdhs.o kexgexs.o \ 85 kexdhs.o kexgexs.o \
85 auth-krb5.o \ 86 auth-krb5.o \
86 auth2-gss.o gss-serv.o gss-serv-krb5.o \ 87 auth2-gss.o gss-serv.o gss-serv-krb5.o \
87 loginrec.o auth-pam.o auth-sia.o md5crypt.o 88 loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o
88 89
89MANPAGES = scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-rand-helper.8.out ssh-keysign.8.out sshd_config.5.out ssh_config.5.out 90MANPAGES = scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-rand-helper.8.out ssh-keysign.8.out sshd_config.5.out ssh_config.5.out
90MANPAGES_IN = scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-rand-helper.8 ssh-keysign.8 sshd_config.5 ssh_config.5 91MANPAGES_IN = scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-rand-helper.8 ssh-keysign.8 sshd_config.5 ssh_config.5
@@ -140,25 +141,25 @@ scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o
140 $(LD) -o $@ scp.o progressmeter.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) 141 $(LD) -o $@ scp.o progressmeter.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
141 142
142ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-add.o 143ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-add.o
143 $(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) 144 $(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
144 145
145ssh-agent$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-agent.o 146ssh-agent$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-agent.o
146 $(LD) -o $@ ssh-agent.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) 147 $(LD) -o $@ ssh-agent.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
147 148
148ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o 149ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o
149 $(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) 150 $(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
150 151
151ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o 152ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o
152 $(LD) -o $@ ssh-keysign.o readconf.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) 153 $(LD) -o $@ ssh-keysign.o readconf.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
153 154
154ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o 155ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o
155 $(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) 156 $(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
156 157
157sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o 158sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o
158 $(LD) -o $@ sftp-server.o sftp-common.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) 159 $(LD) -o $@ sftp-server.o sftp-common.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
159 160
160sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-int.o sftp-common.o sftp-glob.o progressmeter.o 161sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-common.o sftp-glob.o progressmeter.o
161 $(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-int.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) 162 $(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
162 163
163ssh-rand-helper${EXEEXT}: $(LIBCOMPAT) libssh.a ssh-rand-helper.o 164ssh-rand-helper${EXEEXT}: $(LIBCOMPAT) libssh.a ssh-rand-helper.o
164 $(LD) -o $@ ssh-rand-helper.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) 165 $(LD) -o $@ ssh-rand-helper.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
@@ -192,20 +193,18 @@ ssh_prng_cmds.out: ssh_prng_cmds
192moduli: 193moduli:
193 echo 194 echo
194 195
195clean: 196clean: regressclean
196 rm -f *.o *.a $(TARGETS) logintest config.cache config.log 197 rm -f *.o *.a $(TARGETS) logintest config.cache config.log
197 rm -f *.out core 198 rm -f *.out core
198 (cd openbsd-compat && $(MAKE) clean) 199 (cd openbsd-compat && $(MAKE) clean)
199 (cd regress && $(MAKE) clean)
200 200
201distclean: 201distclean: regressclean
202 rm -f *.o *.a $(TARGETS) logintest config.cache config.log 202 rm -f *.o *.a $(TARGETS) logintest config.cache config.log
203 rm -f *.out core 203 rm -f *.out core
204 rm -f Makefile config.h config.status ssh_prng_cmds *~ 204 rm -f Makefile config.h config.status ssh_prng_cmds *~
205 rm -rf autom4te.cache 205 rm -rf autom4te.cache
206 (cd openbsd-compat && $(MAKE) distclean) 206 (cd openbsd-compat && $(MAKE) distclean)
207 (cd scard && $(MAKE) distclean) 207 (cd scard && $(MAKE) distclean)
208 (cd regress && $(MAKE) distclean)
209 208
210veryclean: distclean 209veryclean: distclean
211 rm -f configure config.h.in *.0 210 rm -f configure config.h.in *.0
@@ -224,6 +223,7 @@ catman-do:
224 223
225distprep: catman-do 224distprep: catman-do
226 $(AUTORECONF) 225 $(AUTORECONF)
226 -rm -rf autom4te.cache
227 (cd scard && $(MAKE) -f Makefile.in distprep) 227 (cd scard && $(MAKE) -f Makefile.in distprep)
228 228
229install: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS) install-files host-key check-config 229install: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS) install-files host-key check-config
@@ -344,7 +344,7 @@ uninstallall: uninstall
344 -rmdir $(DESTDIR)$(mandir) 344 -rmdir $(DESTDIR)$(mandir)
345 -rmdir $(DESTDIR)$(libexecdir) 345 -rmdir $(DESTDIR)$(libexecdir)
346 346
347uninstall: 347uninstall:
348 -rm -f $(DESTDIR)$(bindir)/slogin 348 -rm -f $(DESTDIR)$(bindir)/slogin
349 -rm -f $(DESTDIR)$(bindir)/ssh$(EXEEXT) 349 -rm -f $(DESTDIR)$(bindir)/ssh$(EXEEXT)
350 -rm -f $(DESTDIR)$(bindir)/scp$(EXEEXT) 350 -rm -f $(DESTDIR)$(bindir)/scp$(EXEEXT)
@@ -373,6 +373,9 @@ uninstall:
373tests: $(TARGETS) 373tests: $(TARGETS)
374 BUILDDIR=`pwd`; \ 374 BUILDDIR=`pwd`; \
375 [ -d `pwd`/regress ] || mkdir -p `pwd`/regress; \ 375 [ -d `pwd`/regress ] || mkdir -p `pwd`/regress; \
376 [ -f `pwd`/regress/Makefile ] || \
377 ln -s $(srcdir)/regress/Makefile `pwd`/regress/Makefile ; \
378 TEST_SHELL="@TEST_MINUS_S_SH@"; \
376 TEST_SSH_SSH="$${BUILDDIR}/ssh"; \ 379 TEST_SSH_SSH="$${BUILDDIR}/ssh"; \
377 TEST_SSH_SSHD="$${BUILDDIR}/sshd"; \ 380 TEST_SSH_SSHD="$${BUILDDIR}/sshd"; \
378 TEST_SSH_SSHAGENT="$${BUILDDIR}/ssh-agent"; \ 381 TEST_SSH_SSHAGENT="$${BUILDDIR}/ssh-agent"; \
@@ -388,6 +391,7 @@ tests: $(TARGETS)
388 BUILDDIR="$${BUILDDIR}" \ 391 BUILDDIR="$${BUILDDIR}" \
389 OBJ="$${BUILDDIR}/regress/" \ 392 OBJ="$${BUILDDIR}/regress/" \
390 PATH="$${BUILDDIR}:$${PATH}" \ 393 PATH="$${BUILDDIR}:$${PATH}" \
394 TEST_SHELL="$${TEST_SHELL}" \
391 TEST_SSH_SSH="$${TEST_SSH_SSH}" \ 395 TEST_SSH_SSH="$${TEST_SSH_SSH}" \
392 TEST_SSH_SSHD="$${TEST_SSH_SSHD}" \ 396 TEST_SSH_SSHD="$${TEST_SSH_SSHD}" \
393 TEST_SSH_SSHAGENT="$${TEST_SSH_SSHAGENT}" \ 397 TEST_SSH_SSHAGENT="$${TEST_SSH_SSHAGENT}" \
@@ -398,3 +402,8 @@ tests: $(TARGETS)
398 TEST_SSH_SFTPSERVER="$${TEST_SSH_SFTPSERVER}" \ 402 TEST_SSH_SFTPSERVER="$${TEST_SSH_SFTPSERVER}" \
399 EXEEXT="$(EXEEXT)" \ 403 EXEEXT="$(EXEEXT)" \
400 $@ 404 $@
405
406regressclean:
407 if [ -f regress/Makefile -a -r regress/Makefile ]; then \
408 (cd regress && $(MAKE) clean) \
409 fi
diff --git a/OVERVIEW b/OVERVIEW
index ff03ecab2..df46ec28a 100644
--- a/OVERVIEW
+++ b/OVERVIEW
@@ -5,7 +5,7 @@ to developers.]
5 5
6This document is intended for those who wish to read the ssh source 6This document is intended for those who wish to read the ssh source
7code. This tries to give an overview of the structure of the code. 7code. This tries to give an overview of the structure of the code.
8 8
9Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi> 9Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>
10Updated 17 Nov 1995. 10Updated 17 Nov 1995.
11Updated 19 Oct 1999 for OpenSSH-1.2 11Updated 19 Oct 1999 for OpenSSH-1.2
@@ -20,7 +20,7 @@ There are some subsystems/abstractions that are used by a number of
20these programs. 20these programs.
21 21
22 Buffer manipulation routines 22 Buffer manipulation routines
23 23
24 - These provide an arbitrary size buffer, where data can be appended. 24 - These provide an arbitrary size buffer, where data can be appended.
25 Data can be consumed from either end. The code is used heavily 25 Data can be consumed from either end. The code is used heavily
26 throughout ssh. The basic buffer manipulation functions are in 26 throughout ssh. The basic buffer manipulation functions are in
@@ -28,7 +28,7 @@ these programs.
28 data types is in bufaux.c. 28 data types is in bufaux.c.
29 29
30 Compression Library 30 Compression Library
31 31
32 - Ssh uses the GNU GZIP compression library (ZLIB). 32 - Ssh uses the GNU GZIP compression library (ZLIB).
33 33
34 Encryption/Decryption 34 Encryption/Decryption
@@ -89,7 +89,7 @@ these programs.
89 code is linked into the server. The routines also manipulate 89 code is linked into the server. The routines also manipulate
90 known hosts files using code in hostfile.c. Code in canohost.c 90 known hosts files using code in hostfile.c. Code in canohost.c
91 is used to retrieve the canonical host name of the remote host. 91 is used to retrieve the canonical host name of the remote host.
92 Code in match.c is used to match host names. 92 Code in match.c is used to match host names.
93 93
94 - In the client end, authentication code is in sshconnect.c. It 94 - In the client end, authentication code is in sshconnect.c. It
95 reads Passwords/passphrases using code in readpass.c. It reads 95 reads Passwords/passphrases using code in readpass.c. It reads
@@ -147,10 +147,10 @@ these programs.
147 operations, and finally the server enters the normal session 147 operations, and finally the server enters the normal session
148 mode by calling server_loop in serverloop.c. This does the real 148 mode by calling server_loop in serverloop.c. This does the real
149 work, calling functions in other modules. 149 work, calling functions in other modules.
150 150
151 - The code for the server is in sshd.c. It contains a lot of 151 - The code for the server is in sshd.c. It contains a lot of
152 stuff, including: 152 stuff, including:
153 - server main program 153 - server main program
154 - waiting for connections 154 - waiting for connections
155 - processing new connection 155 - processing new connection
156 - authentication 156 - authentication
@@ -162,9 +162,9 @@ these programs.
162 162
163 - There are several other files in the distribution that contain 163 - There are several other files in the distribution that contain
164 various auxiliary routines: 164 various auxiliary routines:
165 ssh.h the main header file for ssh (various definitions) 165 ssh.h the main header file for ssh (various definitions)
166 getput.h byte-order independent storage of integers 166 getput.h byte-order independent storage of integers
167 includes.h includes most system headers. Lots of #ifdefs. 167 includes.h includes most system headers. Lots of #ifdefs.
168 tildexpand.c expand tilde in file names 168 tildexpand.c expand tilde in file names
169 uidswap.c uid-swapping 169 uidswap.c uid-swapping
170 xmalloc.c "safe" malloc routines 170 xmalloc.c "safe" malloc routines
diff --git a/README b/README
index 5709fbeaf..7e918fe08 100644
--- a/README
+++ b/README
@@ -1,4 +1,7 @@
1- A Japanese translation of this document and of the OpenSSH FAQ is 1See:
2http://www.openssh.com/txt/release-3.8 for the release notes.
3
4- A Japanese translation of this document and of the OpenSSH FAQ is
2- available at http://www.unixuser.org/~haruyama/security/openssh/index.html 5- available at http://www.unixuser.org/~haruyama/security/openssh/index.html
3- Thanks to HARUYAMA Seigo <haruyama@unixuser.org> 6- Thanks to HARUYAMA Seigo <haruyama@unixuser.org>
4 7
@@ -13,10 +16,10 @@ Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo de Raadt,
13and Dug Song. It has a homepage at http://www.openssh.com/ 16and Dug Song. It has a homepage at http://www.openssh.com/
14 17
15This port consists of the re-introduction of autoconf support, PAM 18This port consists of the re-introduction of autoconf support, PAM
16support (for Linux and Solaris), EGD[1]/PRNGD[2] support and replacements 19support (for Linux and Solaris), EGD[1]/PRNGD[2] support and replacements
17for OpenBSD library functions that are (regrettably) absent from other 20for OpenBSD library functions that are (regrettably) absent from other
18unices. This port has been best tested on Linux, Solaris, HP-UX, NetBSD, 21unices. This port has been best tested on Linux, Solaris, HP-UX, NetBSD,
19Irix and AIX. Support for SCO, NeXT and other Unices is underway. 22Irix and AIX. Support for SCO, NeXT and other Unices is underway.
20This version actively tracks changes in the OpenBSD CVS repository. 23This version actively tracks changes in the OpenBSD CVS repository.
21 24
22The PAM support is now more functional than the popular packages of 25The PAM support is now more functional than the popular packages of
@@ -32,20 +35,20 @@ Please send bug reports and patches to the mailing list
32openssh-unix-dev@mindrot.org. The list is open to posting by 35openssh-unix-dev@mindrot.org. The list is open to posting by
33unsubscribed users. 36unsubscribed users.
34 37
35If you are a citizen of an USA-embargoed country to which export of 38If you are a citizen of an USA-embargoed country to which export of
36cryptographic products is restricted, then please refrain from sending 39cryptographic products is restricted, then please refrain from sending
37crypto-related code or patches to the list. We cannot accept them. 40crypto-related code or patches to the list. We cannot accept them.
38Other code contribution are accepted, but please follow the OpenBSD 41Other code contribution are accepted, but please follow the OpenBSD
39style guidelines[6]. 42style guidelines[6].
40 43
41Please refer to the INSTALL document for information on how to install 44Please refer to the INSTALL document for information on how to install
42OpenSSH on your system. There are a number of differences between this 45OpenSSH on your system. There are a number of differences between this
43port of OpenSSH and F-Secure SSH 1.x, please refer to the OpenSSH FAQ[7] 46port of OpenSSH and F-Secure SSH 1.x, please refer to the OpenSSH FAQ[7]
44for details and general tips. 47for details and general tips.
45 48
46Damien Miller <djm@mindrot.org> 49Damien Miller <djm@mindrot.org>
47 50
48Miscellania - 51Miscellania -
49 52
50This version of OpenSSH is based upon code retrieved from the OpenBSD 53This version of OpenSSH is based upon code retrieved from the OpenBSD
51CVS repository which in turn was based on the last free sample 54CVS repository which in turn was based on the last free sample
@@ -63,4 +66,4 @@ References -
63[6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9 66[6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9
64[7] http://www.openssh.com/faq.html 67[7] http://www.openssh.com/faq.html
65 68
66$Id: README,v 1.51 2003/01/08 12:28:40 djm Exp $ 69$Id: README,v 1.53 2004/02/24 05:13:24 dtucker Exp $
diff --git a/README.dns b/README.dns
index e24092e03..97879183e 100644
--- a/README.dns
+++ b/README.dns
@@ -1,17 +1,13 @@
1How to verify host keys using OpenSSH and DNS 1How to verify host keys using OpenSSH and DNS
2--------------------------------------------- 2---------------------------------------------
3 3
4OpenSSH contains experimental support for verifying host keys using DNS 4OpenSSH contains support for verifying host keys using DNS as described in
5as described in draft-ietf-secsh-dns-xx.txt. The document contains 5draft-ietf-secsh-dns-05.txt. The document contains very brief instructions
6very brief instructions on how to test this feature. Configuring DNS 6on how to use this feature. Configuring DNS is out of the scope of this
7and DNSSEC is out of the scope of this document. 7document.
8 8
9 9
10(1) Enable DNS fingerprint support in OpenSSH 10(1) Server: Generate and publish the DNS RR
11
12 configure --with-dns
13
14(2) Generate and publish the DNS RR
15 11
16To create a DNS resource record (RR) containing a fingerprint of the 12To create a DNS resource record (RR) containing a fingerprint of the
17public host key, use the following command: 13public host key, use the following command:
@@ -24,15 +20,14 @@ you should generate one RR for each key.
24 20
25In the example above, ssh-keygen will print the fingerprint in a 21In the example above, ssh-keygen will print the fingerprint in a
26generic DNS RR format parsable by most modern name server 22generic DNS RR format parsable by most modern name server
27implementations. If your nameserver has support for the SSHFP RR, as 23implementations. If your nameserver has support for the SSHFP RR
28defined by the draft, you can omit the -g flag and ssh-keygen will 24you can omit the -g flag and ssh-keygen will print a standard SSHFP RR.
29print a standard RR.
30 25
31To publish the fingerprint using the DNS you must add the generated RR 26To publish the fingerprint using the DNS you must add the generated RR
32to your DNS zone file and sign your zone. 27to your DNS zone file and sign your zone.
33 28
34 29
35(3) Enable the ssh client to verify host keys using DNS 30(2) Client: Enable ssh to verify host keys using DNS
36 31
37To enable the ssh client to verify host keys using DNS, you have to 32To enable the ssh client to verify host keys using DNS, you have to
38add the following option to the ssh configuration file 33add the following option to the ssh configuration file
@@ -49,4 +44,4 @@ the remote host key, the user will be notified.
49 Wesley Griffin 44 Wesley Griffin
50 45
51 46
52$OpenBSD: README.dns,v 1.1 2003/05/14 18:16:20 jakob Exp $ 47$OpenBSD: README.dns,v 1.2 2003/10/14 19:43:23 jakob Exp $
diff --git a/README.platform b/README.platform
new file mode 100644
index 000000000..c4d0c74f8
--- /dev/null
+++ b/README.platform
@@ -0,0 +1,22 @@
1This file contains notes about OpenSSH on specific platforms.
2
3AIX
4---
5As of OpenSSH 3.8p1, sshd will now honour an accounts password expiry
6settings, where previously it did not. Because of this, it's possible for
7sites that have used OpenSSH's sshd exclusively to have accounts which
8have passwords expired longer than the inactive time (ie the "Weeks between
9password EXPIRATION and LOCKOUT" setting in SMIT or the maxexpired
10chuser attribute).
11
12Accounts in this state must have their passwords reset manually by the
13administrator. As a precaution, it is recommended that the administrative
14passwords be reset before upgrading from OpenSSH <3.8.
15
16Solaris
17-------
18Currently, sshd does not support BSM auditting. This can show up as errors
19when editting cron entries via crontab. See.
20http://bugzilla.mindrot.org/show_bug.cgi?id=125
21
22$Id: README.platform,v 1.1 2004/02/24 05:14:41 dtucker Exp $
diff --git a/README.privsep b/README.privsep
index 64adad83b..9d48bbcf9 100644
--- a/README.privsep
+++ b/README.privsep
@@ -1,15 +1,15 @@
1Privilege separation, or privsep, is method in OpenSSH by which 1Privilege separation, or privsep, is method in OpenSSH by which
2operations that require root privilege are performed by a separate 2operations that require root privilege are performed by a separate
3privileged monitor process. Its purpose is to prevent privilege 3privileged monitor process. Its purpose is to prevent privilege
4escalation by containing corruption to an unprivileged process. 4escalation by containing corruption to an unprivileged process.
5More information is available at: 5More information is available at:
6 http://www.citi.umich.edu/u/provos/ssh/privsep.html 6 http://www.citi.umich.edu/u/provos/ssh/privsep.html
7 7
8Privilege separation is now enabled by default; see the 8Privilege separation is now enabled by default; see the
9UsePrivilegeSeparation option in sshd_config(5). 9UsePrivilegeSeparation option in sshd_config(5).
10 10
11On systems which lack mmap or anonymous (MAP_ANON) memory mapping, 11On systems which lack mmap or anonymous (MAP_ANON) memory mapping,
12compression must be disabled in order for privilege separation to 12compression must be disabled in order for privilege separation to
13function. 13function.
14 14
15When privsep is enabled, during the pre-authentication phase sshd will 15When privsep is enabled, during the pre-authentication phase sshd will
@@ -38,9 +38,9 @@ privsep user and chroot directory:
38Privsep requires operating system support for file descriptor passing. 38Privsep requires operating system support for file descriptor passing.
39Compression will be disabled on systems without a working mmap MAP_ANON. 39Compression will be disabled on systems without a working mmap MAP_ANON.
40 40
41PAM-enabled OpenSSH is known to function with privsep on Linux. 41PAM-enabled OpenSSH is known to function with privsep on Linux.
42It does not function on HP-UX with a trusted system 42It does not function on HP-UX with a trusted system
43configuration. 43configuration.
44 44
45On Compaq Tru64 Unix, only the pre-authentication part of privsep is 45On Compaq Tru64 Unix, only the pre-authentication part of privsep is
46supported. Post-authentication privsep is disabled automatically (so 46supported. Post-authentication privsep is disabled automatically (so
@@ -61,4 +61,4 @@ process 1005 is the sshd process listening for new connections.
61process 6917 is the privileged monitor process, 6919 is the user owned 61process 6917 is the privileged monitor process, 6919 is the user owned
62sshd process and 6921 is the shell process. 62sshd process and 6921 is the shell process.
63 63
64$Id: README.privsep,v 1.12 2003/08/26 00:48:15 djm Exp $ 64$Id: README.privsep,v 1.13 2003/11/21 12:48:55 djm Exp $
diff --git a/README.smartcard b/README.smartcard
index 88810fc83..fdf83ecab 100644
--- a/README.smartcard
+++ b/README.smartcard
@@ -1,7 +1,7 @@
1How to use smartcards with OpenSSH? 1How to use smartcards with OpenSSH?
2 2
3OpenSSH contains experimental support for authentication using 3OpenSSH contains experimental support for authentication using
4Cyberflex smartcards and TODOS card readers, in addition to the cards 4Cyberflex smartcards and TODOS card readers, in addition to the cards
5with PKCS#15 structure supported by OpenSC. To enable this you 5with PKCS#15 structure supported by OpenSC. To enable this you
6need to: 6need to:
7 7
@@ -27,8 +27,8 @@ Using libsectok:
27 sectok> login -d 27 sectok> login -d
28 sectok> jload /usr/libdata/ssh/Ssh.bin 28 sectok> jload /usr/libdata/ssh/Ssh.bin
29 sectok> setpass 29 sectok> setpass
30 Enter new AUT0 passphrase: 30 Enter new AUT0 passphrase:
31 Re-enter passphrase: 31 Re-enter passphrase:
32 sectok> quit 32 sectok> quit
33 33
34 Do not forget the passphrase. There is no way to 34 Do not forget the passphrase. There is no way to
@@ -51,9 +51,9 @@ Using libsectok:
51 51
52 $ sectok 52 $ sectok
53 sectok> login -d 53 sectok> login -d
54 sectok> acl 0012 world: w 54 sectok> acl 0012 world: w
55 world: w 55 world: w
56 AUT0: w inval 56 AUT0: w inval
57 sectok> quit 57 sectok> quit
58 58
59 If you do this, anyone who has access to your card 59 If you do this, anyone who has access to your card
@@ -90,4 +90,4 @@ Common operations:
90-markus, 90-markus,
91Tue Jul 17 23:54:51 CEST 2001 91Tue Jul 17 23:54:51 CEST 2001
92 92
93$OpenBSD: README.smartcard,v 1.8 2002/03/26 18:56:23 rees Exp $ 93$OpenBSD: README.smartcard,v 1.9 2003/11/21 11:57:02 djm Exp $
diff --git a/RFC.nroff b/RFC.nroff
index bf7146a70..d6baed652 100644
--- a/RFC.nroff
+++ b/RFC.nroff
@@ -137,7 +137,7 @@ pseudo tty, starting X11 [X11] or TCP/IP port forwarding, starting
137authentication agent forwarding, and executing the shell or a command. 137authentication agent forwarding, and executing the shell or a command.
138 138
139When a shell or command is executed, the connection enters interactive 139When a shell or command is executed, the connection enters interactive
140session mode. In this mode, data is passed in both directions, 140session mode. In this mode, data is passed in both directions,
141new forwarded connections may be opened, etc. The interactive session 141new forwarded connections may be opened, etc. The interactive session
142normally terminates when the server sends the exit status of the 142normally terminates when the server sends the exit status of the
143program to the client. 143program to the client.
@@ -372,7 +372,7 @@ previous versions keep the same major protocol version; changes that
372are not compatible increment the major version (which will hopefully 372are not compatible increment the major version (which will hopefully
373never happen). The version described in this document is 1.3. 373never happen). The version described in this document is 1.3.
374 374
375The client will 375The client will
376 376
377.ti 0 377.ti 0
378Key Exchange and Server Host Authentication 378Key Exchange and Server Host Authentication
diff --git a/TODO b/TODO
index bca818523..1b1d03c43 100644
--- a/TODO
+++ b/TODO
@@ -8,7 +8,7 @@ Documentation:
8- Install FAQ? 8- Install FAQ?
9 9
10- General FAQ on S/Key, TIS, RSA, RSA2, DSA, etc and suggestions on when it 10- General FAQ on S/Key, TIS, RSA, RSA2, DSA, etc and suggestions on when it
11 would be best to use them. 11 would be best to use them.
12 12
13- Create a Documentation/ directory? 13- Create a Documentation/ directory?
14 14
@@ -17,7 +17,7 @@ Programming:
17- Grep for 'XXX' comments and fix 17- Grep for 'XXX' comments and fix
18 18
19- Link order is incorrect for some systems using Kerberos 4 and AFS. Result 19- Link order is incorrect for some systems using Kerberos 4 and AFS. Result
20 is multiple inclusion of DES symbols. Holger Trapp 20 is multiple inclusion of DES symbols. Holger Trapp
21 <holger.trapp@hrz.tu-chemnitz.de> reports that changing the configure 21 <holger.trapp@hrz.tu-chemnitz.de> reports that changing the configure
22 generated link order from: 22 generated link order from:
23 -lresolv -lkrb -lz -lnsl -lutil -lkafs -lkrb -ldes -lcrypto 23 -lresolv -lkrb -lz -lnsl -lutil -lkafs -lkrb -ldes -lcrypto
@@ -26,12 +26,10 @@ Programming:
26 fixing the problem. 26 fixing the problem.
27 27
28- Write a test program that calls stat() to search for EGD/PRNGd socket 28- Write a test program that calls stat() to search for EGD/PRNGd socket
29 rather than use the (non-portable) "test -S". 29 rather than use the (non-portable) "test -S".
30 30
31- More platforms for for setproctitle() emulation (testing needed) 31- More platforms for for setproctitle() emulation (testing needed)
32 32
33- Handle changing passwords for the non-PAM expired password case
34
35- Improve PAM support (a pam_lastlog module will cause sshd to exit) 33- Improve PAM support (a pam_lastlog module will cause sshd to exit)
36 and maybe support alternate forms of authentications like OPIE via 34 and maybe support alternate forms of authentications like OPIE via
37 pam? 35 pam?
@@ -70,7 +68,7 @@ Clean up configure/makefiles:
70 to allow people to (right/wrongfully) link against Bind directly. 68 to allow people to (right/wrongfully) link against Bind directly.
71 69
72- Consider splitting configure.ac into seperate files which do logically 70- Consider splitting configure.ac into seperate files which do logically
73 similar tests. E.g move all the type detection stuff into one file, 71 similar tests. E.g move all the type detection stuff into one file,
74 entropy related stuff into another. 72 entropy related stuff into another.
75 73
76Packaging: 74Packaging:
@@ -86,7 +84,7 @@ PrivSep Issues:
86 + /dev/zero solution (Solaris) 84 + /dev/zero solution (Solaris)
87 + No/broken MAP_ANON (Irix) 85 + No/broken MAP_ANON (Irix)
88 + broken /dev/zero parse (Linux) 86 + broken /dev/zero parse (Linux)
89- PAM 87- PAM
90 + See above PAM notes 88 + See above PAM notes
91- AIX 89- AIX
92 + usrinfo() does not set TTY, but only required for legacy systems. Works 90 + usrinfo() does not set TTY, but only required for legacy systems. Works
@@ -96,4 +94,4 @@ PrivSep Issues:
96- Cygwin 94- Cygwin
97 + Privsep for Pre-auth only (no fd passing) 95 + Privsep for Pre-auth only (no fd passing)
98 96
99$Id: TODO,v 1.55 2003/06/11 13:56:41 dtucker Exp $ 97$Id: TODO,v 1.57 2004/02/11 09:44:13 dtucker Exp $
diff --git a/WARNING.RNG b/WARNING.RNG
index ae43930a7..5d4ea8753 100644
--- a/WARNING.RNG
+++ b/WARNING.RNG
@@ -44,16 +44,16 @@ the specified program.
44 44
45The random number code will also read and save a seed file to 45The random number code will also read and save a seed file to
46~/.ssh/prng_seed. This contents of this file are added to the random 46~/.ssh/prng_seed. This contents of this file are added to the random
47number generator at startup. The goal here is to maintain as much 47number generator at startup. The goal here is to maintain as much
48randomness between sessions as possible. 48randomness between sessions as possible.
49 49
50The default entropy collection code has two main problems: 50The default entropy collection code has two main problems:
51 51
521. It is slow. 521. It is slow.
53 53
54Executing each program in the list can take a large amount of time, 54Executing each program in the list can take a large amount of time,
55especially on slower machines. Additionally some program can take a 55especially on slower machines. Additionally some program can take a
56disproportionate time to execute. 56disproportionate time to execute.
57 57
58Tuning the default entropy collection code is difficult at this point. 58Tuning the default entropy collection code is difficult at this point.
59It requires doing 'times ./ssh-rand-helper' and modifying the 59It requires doing 'times ./ssh-rand-helper' and modifying the
@@ -93,4 +93,4 @@ If you are forced to use ssh-rand-helper consider still downloading
93prngd/egd and configure OpenSSH using --with-prngd-port=xx or 93prngd/egd and configure OpenSSH using --with-prngd-port=xx or
94--with-prngd-socket=xx (refer to INSTALL for more information). 94--with-prngd-socket=xx (refer to INSTALL for more information).
95 95
96$Id: WARNING.RNG,v 1.5 2002/04/14 13:16:05 djm Exp $ 96$Id: WARNING.RNG,v 1.6 2003/11/21 12:48:55 djm Exp $
diff --git a/acconfig.h b/acconfig.h
index 9bfb9b6c9..62252d760 100644
--- a/acconfig.h
+++ b/acconfig.h
@@ -1,4 +1,4 @@
1/* $Id: acconfig.h,v 1.166 2003/09/16 01:52:19 dtucker Exp $ */ 1/* $Id: acconfig.h,v 1.173 2004/02/06 05:24:31 dtucker Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 1999-2003 Damien Miller. All rights reserved. 4 * Copyright (c) 1999-2003 Damien Miller. All rights reserved.
@@ -41,6 +41,12 @@
41/* Define if your setregid() is broken */ 41/* Define if your setregid() is broken */
42#undef BROKEN_SETREGID 42#undef BROKEN_SETREGID
43 43
44/* Define if your setresuid() is broken */
45#undef BROKEN_SETRESUID
46
47/* Define if your setresgid() is broken */
48#undef BROKEN_SETRESGID
49
44/* Define to a Set Process Title type if your system is */ 50/* Define to a Set Process Title type if your system is */
45/* supported by bsd-setproctitle.c */ 51/* supported by bsd-setproctitle.c */
46#undef SPT_TYPE 52#undef SPT_TYPE
@@ -59,6 +65,9 @@
59/* from environment and PATH */ 65/* from environment and PATH */
60#undef LOGIN_PROGRAM_FALLBACK 66#undef LOGIN_PROGRAM_FALLBACK
61 67
68/* Full path of your "passwd" program */
69#undef _PATH_PASSWD_PROG
70
62/* Define if your password has a pw_class field */ 71/* Define if your password has a pw_class field */
63#undef HAVE_PW_CLASS_IN_PASSWD 72#undef HAVE_PW_CLASS_IN_PASSWD
64 73
@@ -89,6 +98,9 @@
89/* Define if you have the getuserattr function. */ 98/* Define if you have the getuserattr function. */
90#undef HAVE_GETUSERATTR 99#undef HAVE_GETUSERATTR
91 100
101/* Define if you have the basename function. */
102#undef HAVE_BASENAME
103
92/* Work around problematic Linux PAM modules handling of PAM_TTY */ 104/* Work around problematic Linux PAM modules handling of PAM_TTY */
93#undef PAM_TTY_KLUDGE 105#undef PAM_TTY_KLUDGE
94 106
@@ -247,6 +259,9 @@
247/* Define this if you are using the Heimdal version of Kerberos V5 */ 259/* Define this if you are using the Heimdal version of Kerberos V5 */
248#undef HEIMDAL 260#undef HEIMDAL
249 261
262/* Define this if you want to use libkafs' AFS support */
263#undef USE_AFS
264
250/* Define if you want S/Key support */ 265/* Define if you want S/Key support */
251#undef SKEY 266#undef SKEY
252 267
@@ -415,15 +430,15 @@
415#undef LOCKED_PASSWD_PREFIX 430#undef LOCKED_PASSWD_PREFIX
416#undef LOCKED_PASSWD_SUBSTR 431#undef LOCKED_PASSWD_SUBSTR
417 432
418/* Define if DNS support is to be activated */
419#undef DNS
420
421/* Define if getrrsetbyname() exists */ 433/* Define if getrrsetbyname() exists */
422#undef HAVE_GETRRSETBYNAME 434#undef HAVE_GETRRSETBYNAME
423 435
424/* Define if HEADER.ad exists in arpa/nameser.h */ 436/* Define if HEADER.ad exists in arpa/nameser.h */
425#undef HAVE_HEADER_AD 437#undef HAVE_HEADER_AD
426 438
439/* Define if your resolver libs need this for getrrsetbyname */
440#undef BIND_8_COMPAT
441
427@BOTTOM@ 442@BOTTOM@
428 443
429/* ******************* Shouldn't need to edit below this line ************** */ 444/* ******************* Shouldn't need to edit below this line ************** */
diff --git a/acss.c b/acss.c
new file mode 100644
index 000000000..9364ba9fe
--- /dev/null
+++ b/acss.c
@@ -0,0 +1,264 @@
1/* $Id: acss.c,v 1.2 2004/02/06 04:22:43 dtucker Exp $ */
2/*
3 * Copyright (c) 2004 The OpenBSD project
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include "includes.h"
19#include <openssl/evp.h>
20
21#if !defined(EVP_CTRL_SET_ACSS_MODE) && (OPENSSL_VERSION_NUMBER >= 0x00906000L)
22
23#include "acss.h"
24
25/* decryption sbox */
26static unsigned char sboxdec[] = {
27 0x33, 0x73, 0x3b, 0x26, 0x63, 0x23, 0x6b, 0x76,
28 0x3e, 0x7e, 0x36, 0x2b, 0x6e, 0x2e, 0x66, 0x7b,
29 0xd3, 0x93, 0xdb, 0x06, 0x43, 0x03, 0x4b, 0x96,
30 0xde, 0x9e, 0xd6, 0x0b, 0x4e, 0x0e, 0x46, 0x9b,
31 0x57, 0x17, 0x5f, 0x82, 0xc7, 0x87, 0xcf, 0x12,
32 0x5a, 0x1a, 0x52, 0x8f, 0xca, 0x8a, 0xc2, 0x1f,
33 0xd9, 0x99, 0xd1, 0x00, 0x49, 0x09, 0x41, 0x90,
34 0xd8, 0x98, 0xd0, 0x01, 0x48, 0x08, 0x40, 0x91,
35 0x3d, 0x7d, 0x35, 0x24, 0x6d, 0x2d, 0x65, 0x74,
36 0x3c, 0x7c, 0x34, 0x25, 0x6c, 0x2c, 0x64, 0x75,
37 0xdd, 0x9d, 0xd5, 0x04, 0x4d, 0x0d, 0x45, 0x94,
38 0xdc, 0x9c, 0xd4, 0x05, 0x4c, 0x0c, 0x44, 0x95,
39 0x59, 0x19, 0x51, 0x80, 0xc9, 0x89, 0xc1, 0x10,
40 0x58, 0x18, 0x50, 0x81, 0xc8, 0x88, 0xc0, 0x11,
41 0xd7, 0x97, 0xdf, 0x02, 0x47, 0x07, 0x4f, 0x92,
42 0xda, 0x9a, 0xd2, 0x0f, 0x4a, 0x0a, 0x42, 0x9f,
43 0x53, 0x13, 0x5b, 0x86, 0xc3, 0x83, 0xcb, 0x16,
44 0x5e, 0x1e, 0x56, 0x8b, 0xce, 0x8e, 0xc6, 0x1b,
45 0xb3, 0xf3, 0xbb, 0xa6, 0xe3, 0xa3, 0xeb, 0xf6,
46 0xbe, 0xfe, 0xb6, 0xab, 0xee, 0xae, 0xe6, 0xfb,
47 0x37, 0x77, 0x3f, 0x22, 0x67, 0x27, 0x6f, 0x72,
48 0x3a, 0x7a, 0x32, 0x2f, 0x6a, 0x2a, 0x62, 0x7f,
49 0xb9, 0xf9, 0xb1, 0xa0, 0xe9, 0xa9, 0xe1, 0xf0,
50 0xb8, 0xf8, 0xb0, 0xa1, 0xe8, 0xa8, 0xe0, 0xf1,
51 0x5d, 0x1d, 0x55, 0x84, 0xcd, 0x8d, 0xc5, 0x14,
52 0x5c, 0x1c, 0x54, 0x85, 0xcc, 0x8c, 0xc4, 0x15,
53 0xbd, 0xfd, 0xb5, 0xa4, 0xed, 0xad, 0xe5, 0xf4,
54 0xbc, 0xfc, 0xb4, 0xa5, 0xec, 0xac, 0xe4, 0xf5,
55 0x39, 0x79, 0x31, 0x20, 0x69, 0x29, 0x61, 0x70,
56 0x38, 0x78, 0x30, 0x21, 0x68, 0x28, 0x60, 0x71,
57 0xb7, 0xf7, 0xbf, 0xa2, 0xe7, 0xa7, 0xef, 0xf2,
58 0xba, 0xfa, 0xb2, 0xaf, 0xea, 0xaa, 0xe2, 0xff
59};
60
61/* encryption sbox */
62static unsigned char sboxenc[] = {
63 0x33, 0x3b, 0x73, 0x15, 0x53, 0x5b, 0x13, 0x75,
64 0x3d, 0x35, 0x7d, 0x1b, 0x5d, 0x55, 0x1d, 0x7b,
65 0x67, 0x6f, 0x27, 0x81, 0xc7, 0xcf, 0x87, 0x21,
66 0x69, 0x61, 0x29, 0x8f, 0xc9, 0xc1, 0x89, 0x2f,
67 0xe3, 0xeb, 0xa3, 0x05, 0x43, 0x4b, 0x03, 0xa5,
68 0xed, 0xe5, 0xad, 0x0b, 0x4d, 0x45, 0x0d, 0xab,
69 0xea, 0xe2, 0xaa, 0x00, 0x4a, 0x42, 0x0a, 0xa0,
70 0xe8, 0xe0, 0xa8, 0x02, 0x48, 0x40, 0x08, 0xa2,
71 0x3e, 0x36, 0x7e, 0x14, 0x5e, 0x56, 0x1e, 0x74,
72 0x3c, 0x34, 0x7c, 0x16, 0x5c, 0x54, 0x1c, 0x76,
73 0x6a, 0x62, 0x2a, 0x80, 0xca, 0xc2, 0x8a, 0x20,
74 0x68, 0x60, 0x28, 0x82, 0xc8, 0xc0, 0x88, 0x22,
75 0xee, 0xe6, 0xae, 0x04, 0x4e, 0x46, 0x0e, 0xa4,
76 0xec, 0xe4, 0xac, 0x06, 0x4c, 0x44, 0x0c, 0xa6,
77 0xe7, 0xef, 0xa7, 0x01, 0x47, 0x4f, 0x07, 0xa1,
78 0xe9, 0xe1, 0xa9, 0x0f, 0x49, 0x41, 0x09, 0xaf,
79 0x63, 0x6b, 0x23, 0x85, 0xc3, 0xcb, 0x83, 0x25,
80 0x6d, 0x65, 0x2d, 0x8b, 0xcd, 0xc5, 0x8d, 0x2b,
81 0x37, 0x3f, 0x77, 0x11, 0x57, 0x5f, 0x17, 0x71,
82 0x39, 0x31, 0x79, 0x1f, 0x59, 0x51, 0x19, 0x7f,
83 0xb3, 0xbb, 0xf3, 0x95, 0xd3, 0xdb, 0x93, 0xf5,
84 0xbd, 0xb5, 0xfd, 0x9b, 0xdd, 0xd5, 0x9d, 0xfb,
85 0xba, 0xb2, 0xfa, 0x90, 0xda, 0xd2, 0x9a, 0xf0,
86 0xb8, 0xb0, 0xf8, 0x92, 0xd8, 0xd0, 0x98, 0xf2,
87 0x6e, 0x66, 0x2e, 0x84, 0xce, 0xc6, 0x8e, 0x24,
88 0x6c, 0x64, 0x2c, 0x86, 0xcc, 0xc4, 0x8c, 0x26,
89 0x3a, 0x32, 0x7a, 0x10, 0x5a, 0x52, 0x1a, 0x70,
90 0x38, 0x30, 0x78, 0x12, 0x58, 0x50, 0x18, 0x72,
91 0xbe, 0xb6, 0xfe, 0x94, 0xde, 0xd6, 0x9e, 0xf4,
92 0xbc, 0xb4, 0xfc, 0x96, 0xdc, 0xd4, 0x9c, 0xf6,
93 0xb7, 0xbf, 0xf7, 0x91, 0xd7, 0xdf, 0x97, 0xf1,
94 0xb9, 0xb1, 0xf9, 0x9f, 0xd9, 0xd1, 0x99, 0xff
95};
96
97static unsigned char reverse[] = {
98 0x00, 0x80, 0x40, 0xc0, 0x20, 0xa0, 0x60, 0xe0,
99 0x10, 0x90, 0x50, 0xd0, 0x30, 0xb0, 0x70, 0xf0,
100 0x08, 0x88, 0x48, 0xc8, 0x28, 0xa8, 0x68, 0xe8,
101 0x18, 0x98, 0x58, 0xd8, 0x38, 0xb8, 0x78, 0xf8,
102 0x04, 0x84, 0x44, 0xc4, 0x24, 0xa4, 0x64, 0xe4,
103 0x14, 0x94, 0x54, 0xd4, 0x34, 0xb4, 0x74, 0xf4,
104 0x0c, 0x8c, 0x4c, 0xcc, 0x2c, 0xac, 0x6c, 0xec,
105 0x1c, 0x9c, 0x5c, 0xdc, 0x3c, 0xbc, 0x7c, 0xfc,
106 0x02, 0x82, 0x42, 0xc2, 0x22, 0xa2, 0x62, 0xe2,
107 0x12, 0x92, 0x52, 0xd2, 0x32, 0xb2, 0x72, 0xf2,
108 0x0a, 0x8a, 0x4a, 0xca, 0x2a, 0xaa, 0x6a, 0xea,
109 0x1a, 0x9a, 0x5a, 0xda, 0x3a, 0xba, 0x7a, 0xfa,
110 0x06, 0x86, 0x46, 0xc6, 0x26, 0xa6, 0x66, 0xe6,
111 0x16, 0x96, 0x56, 0xd6, 0x36, 0xb6, 0x76, 0xf6,
112 0x0e, 0x8e, 0x4e, 0xce, 0x2e, 0xae, 0x6e, 0xee,
113 0x1e, 0x9e, 0x5e, 0xde, 0x3e, 0xbe, 0x7e, 0xfe,
114 0x01, 0x81, 0x41, 0xc1, 0x21, 0xa1, 0x61, 0xe1,
115 0x11, 0x91, 0x51, 0xd1, 0x31, 0xb1, 0x71, 0xf1,
116 0x09, 0x89, 0x49, 0xc9, 0x29, 0xa9, 0x69, 0xe9,
117 0x19, 0x99, 0x59, 0xd9, 0x39, 0xb9, 0x79, 0xf9,
118 0x05, 0x85, 0x45, 0xc5, 0x25, 0xa5, 0x65, 0xe5,
119 0x15, 0x95, 0x55, 0xd5, 0x35, 0xb5, 0x75, 0xf5,
120 0x0d, 0x8d, 0x4d, 0xcd, 0x2d, 0xad, 0x6d, 0xed,
121 0x1d, 0x9d, 0x5d, 0xdd, 0x3d, 0xbd, 0x7d, 0xfd,
122 0x03, 0x83, 0x43, 0xc3, 0x23, 0xa3, 0x63, 0xe3,
123 0x13, 0x93, 0x53, 0xd3, 0x33, 0xb3, 0x73, 0xf3,
124 0x0b, 0x8b, 0x4b, 0xcb, 0x2b, 0xab, 0x6b, 0xeb,
125 0x1b, 0x9b, 0x5b, 0xdb, 0x3b, 0xbb, 0x7b, 0xfb,
126 0x07, 0x87, 0x47, 0xc7, 0x27, 0xa7, 0x67, 0xe7,
127 0x17, 0x97, 0x57, 0xd7, 0x37, 0xb7, 0x77, 0xf7,
128 0x0f, 0x8f, 0x4f, 0xcf, 0x2f, 0xaf, 0x6f, 0xef,
129 0x1f, 0x9f, 0x5f, 0xdf, 0x3f, 0xbf, 0x7f, 0xff
130};
131
132/*
133 * Two linear feedback shift registers are used:
134 *
135 * lfsr17: polynomial of degree 17, primitive modulo 2 (listed in Schneier)
136 * x^15 + x + 1
137 * lfsr25: polynomial of degree 25, not know if primitive modulo 2
138 * x^13 + x^5 + x^4 + x^1 + 1
139 *
140 * Output bits are discarded, instead the feedback bits are added to produce
141 * the cipher stream. Depending on the mode, feedback bytes may be inverted
142 * bit-wise before addition.
143 *
144 * The lfsrs are seeded with bytes from the raw key:
145 *
146 * lfsr17: byte 0[0:7] at bit 9
147 * byte 1[0:7] at bit 0
148 *
149 * lfsr25: byte 2[0:4] at bit 16
150 * byte 2[5:7] at bit 22
151 * byte 3[0:7] at bit 8
152 * byte 4[0:7] at bit 0
153 *
154 * To prevent 0 cycles, 1's are inject at bit 8 in lfrs17 and bit 21 in
155 * lfsr25.
156 *
157 */
158
159int
160acss(ACSS_KEY *key, unsigned long len, const unsigned char *in,
161 unsigned char *out)
162{
163 unsigned long i;
164 unsigned long lfsr17tmp, lfsr25tmp, lfsrsumtmp;
165
166 lfsrsumtmp = lfsr17tmp = lfsr25tmp = 0;
167
168 /* keystream is sum of lfsrs */
169 for (i = 0; i < len; i++) {
170 lfsr17tmp = key->lfsr17 ^ (key->lfsr17 >> 14);
171 key->lfsr17 = (key->lfsr17 >> 8)
172 ^ (lfsr17tmp << 9)
173 ^ (lfsr17tmp << 12)
174 ^ (lfsr17tmp << 15);
175 key->lfsr17 &= 0x1ffff; /* 17 bit LFSR */
176
177 lfsr25tmp = key->lfsr25
178 ^ (key->lfsr25 >> 3)
179 ^ (key->lfsr25 >> 4)
180 ^ (key->lfsr25 >> 12);
181 key->lfsr25 = (key->lfsr25 >> 8) ^ (lfsr25tmp << 17);
182 key->lfsr25 &= 0x1ffffff; /* 25 bit LFSR */
183
184 lfsrsumtmp = key->lfsrsum;
185
186 /* addition */
187 switch (key->mode) {
188 case ACSS_AUTHENTICATE:
189 case ACSS_DATA:
190 key->lfsrsum = 0xff & ~(key->lfsr17 >> 9);
191 key->lfsrsum += key->lfsr25 >> 17;
192 break;
193 case ACSS_SESSIONKEY:
194 key->lfsrsum = key->lfsr17 >> 9;
195 key->lfsrsum += key->lfsr25 >> 17;
196 break;
197 case ACSS_TITLEKEY:
198 key->lfsrsum = key->lfsr17 >> 9;
199 key->lfsrsum += 0xff & ~(key->lfsr25 >> 17);
200 break;
201 default:
202 return 1;
203 }
204 key->lfsrsum += (lfsrsumtmp >> 8);
205
206 if (key->encrypt) {
207 out[i] = sboxenc[(in[i] ^ key->lfsrsum) & 0xff];
208 } else {
209 out[i] = (sboxdec[in[i]] ^ key->lfsrsum) & 0xff;
210 }
211 }
212
213 return 0;
214}
215
216static void
217acss_seed(ACSS_KEY *key)
218{
219 int i;
220
221 /* if available, mangle with subkey */
222 if (key->subkey_avilable) {
223 for (i = 0; i < ACSS_KEYSIZE; i++)
224 key->seed[i] = reverse[key->data[i] ^ key->subkey[i]];
225 } else {
226 for (i = 0; i < ACSS_KEYSIZE; i++)
227 key->seed[i] = reverse[key->data[i]];
228 }
229
230 /* seed lfsrs */
231 key->lfsr17 = key->seed[1]
232 | (key->seed[0] << 9)
233 | (1 << 8); /* inject 1 at bit 9 */
234 key->lfsr25 = key->seed[4]
235 | (key->seed[3] << 8)
236 | ((key->seed[2] & 0x1f) << 16)
237 | ((key->seed[2] & 0xe0) << 17)
238 | (1 << 21); /* inject 1 at bit 22 */
239
240 key->lfsrsum = 0;
241}
242
243void
244acss_setkey(ACSS_KEY *key, const unsigned char *data, int enc, int mode)
245{
246 memcpy(key->data, data, sizeof(key->data));
247 memset(key->subkey, 0, sizeof(key->subkey));
248
249 if (enc != -1)
250 key->encrypt = enc;
251 key->mode = mode;
252 key->subkey_avilable = 0;
253
254 acss_seed(key);
255}
256
257void
258acss_setsubkey(ACSS_KEY *key, const unsigned char *subkey)
259{
260 memcpy(key->subkey, subkey, sizeof(key->subkey));
261 key->subkey_avilable = 1;
262 acss_seed(key);
263}
264#endif
diff --git a/acss.h b/acss.h
new file mode 100644
index 000000000..91b489542
--- /dev/null
+++ b/acss.h
@@ -0,0 +1,47 @@
1/* $Id: acss.h,v 1.2 2004/02/06 04:22:43 dtucker Exp $ */
2/*
3 * Copyright (c) 2004 The OpenBSD project
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#ifndef _ACSS_H_
19#define _ACSS_H_
20
21/* 40bit key */
22#define ACSS_KEYSIZE 5
23
24/* modes of acss */
25#define ACSS_AUTHENTICATE 0
26#define ACSS_SESSIONKEY 1
27#define ACSS_TITLEKEY 2
28#define ACSS_DATA 3
29
30typedef struct acss_key_st {
31 unsigned int lfsr17; /* current state of lfsrs */
32 unsigned int lfsr25;
33 unsigned int lfsrsum;
34 unsigned char seed[ACSS_KEYSIZE];
35 unsigned char data[ACSS_KEYSIZE];
36 unsigned char subkey[ACSS_KEYSIZE];
37 int encrypt; /* XXX make these bit flags? */
38 int mode;
39 int seeded;
40 int subkey_avilable;
41} ACSS_KEY;
42
43void acss_setkey(ACSS_KEY *, const unsigned char *, int, int);
44void acss_setsubkey(ACSS_KEY *, const unsigned char *);
45int acss(ACSS_KEY *, unsigned long, const unsigned char *, unsigned char *);
46
47#endif /* ifndef _ACSS_H_ */
diff --git a/auth-chall.c b/auth-chall.c
index 6b7c8bd13..a9d314dd2 100644
--- a/auth-chall.c
+++ b/auth-chall.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: auth-chall.c,v 1.8 2001/05/18 14:13:28 markus Exp $"); 26RCSID("$OpenBSD: auth-chall.c,v 1.9 2003/11/03 09:03:37 djm Exp $");
27 27
28#include "auth.h" 28#include "auth.h"
29#include "log.h" 29#include "log.h"
@@ -67,36 +67,38 @@ get_challenge(Authctxt *authctxt)
67int 67int
68verify_response(Authctxt *authctxt, const char *response) 68verify_response(Authctxt *authctxt, const char *response)
69{ 69{
70 char *resp[1]; 70 char *resp[1], *name, *info, **prompts;
71 int res; 71 u_int i, numprompts, *echo_on;
72 int authenticated = 0;
72 73
73 if (device == NULL) 74 if (device == NULL)
74 return 0; 75 return 0;
75 if (authctxt->kbdintctxt == NULL) 76 if (authctxt->kbdintctxt == NULL)
76 return 0; 77 return 0;
77 resp[0] = (char *)response; 78 resp[0] = (char *)response;
78 res = device->respond(authctxt->kbdintctxt, 1, resp); 79 switch (device->respond(authctxt->kbdintctxt, 1, resp)) {
79 if (res == 1) { 80 case 0: /* Success */
80 /* postponed - send a null query just in case */ 81 authenticated = 1;
81 char *name, *info, **prompts; 82 break;
82 u_int i, numprompts, *echo_on; 83 case 1: /* Postponed - retry with empty query for PAM */
84 if ((device->query(authctxt->kbdintctxt, &name, &info,
85 &numprompts, &prompts, &echo_on)) != 0)
86 break;
87 if (numprompts == 0 &&
88 device->respond(authctxt->kbdintctxt, 0, resp) == 0)
89 authenticated = 1;
83 90
84 res = device->query(authctxt->kbdintctxt, &name, &info, 91 for (i = 0; i < numprompts; i++)
85 &numprompts, &prompts, &echo_on); 92 xfree(prompts[i]);
86 if (res == 0) { 93 xfree(prompts);
87 for (i = 0; i < numprompts; i++) 94 xfree(name);
88 xfree(prompts[i]); 95 xfree(echo_on);
89 xfree(prompts); 96 xfree(info);
90 xfree(name); 97 break;
91 xfree(echo_on);
92 xfree(info);
93 }
94 /* if we received more prompts, we're screwed */
95 res = (numprompts != 0);
96 } 98 }
97 device->free_ctx(authctxt->kbdintctxt); 99 device->free_ctx(authctxt->kbdintctxt);
98 authctxt->kbdintctxt = NULL; 100 authctxt->kbdintctxt = NULL;
99 return res ? 0 : 1; 101 return authenticated;
100} 102}
101void 103void
102abandon_challenge_response(Authctxt *authctxt) 104abandon_challenge_response(Authctxt *authctxt)
diff --git a/auth-krb5.c b/auth-krb5.c
index 0aa5195b8..859492478 100644
--- a/auth-krb5.c
+++ b/auth-krb5.c
@@ -28,7 +28,7 @@
28 */ 28 */
29 29
30#include "includes.h" 30#include "includes.h"
31RCSID("$OpenBSD: auth-krb5.c,v 1.12 2003/08/28 12:54:34 markus Exp $"); 31RCSID("$OpenBSD: auth-krb5.c,v 1.15 2003/11/21 11:57:02 djm Exp $");
32 32
33#include "ssh.h" 33#include "ssh.h"
34#include "ssh1.h" 34#include "ssh1.h"
@@ -40,7 +40,6 @@ RCSID("$OpenBSD: auth-krb5.c,v 1.12 2003/08/28 12:54:34 markus Exp $");
40#include "auth.h" 40#include "auth.h"
41 41
42#ifdef KRB5 42#ifdef KRB5
43
44#include <krb5.h> 43#include <krb5.h>
45 44
46extern ServerOptions options; 45extern ServerOptions options;
@@ -50,7 +49,6 @@ krb5_init(void *context)
50{ 49{
51 Authctxt *authctxt = (Authctxt *)context; 50 Authctxt *authctxt = (Authctxt *)context;
52 krb5_error_code problem; 51 krb5_error_code problem;
53 static int cleanup_registered = 0;
54 52
55 if (authctxt->krb5_ctx == NULL) { 53 if (authctxt->krb5_ctx == NULL) {
56 problem = krb5_init_context(&authctxt->krb5_ctx); 54 problem = krb5_init_context(&authctxt->krb5_ctx);
@@ -58,10 +56,6 @@ krb5_init(void *context)
58 return (problem); 56 return (problem);
59 krb5_init_ets(authctxt->krb5_ctx); 57 krb5_init_ets(authctxt->krb5_ctx);
60 } 58 }
61 if (!cleanup_registered) {
62 fatal_add_cleanup(krb5_cleanup_proc, authctxt);
63 cleanup_registered = 1;
64 }
65 return (0); 59 return (0);
66} 60}
67 61
@@ -73,11 +67,11 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
73 krb5_principal server; 67 krb5_principal server;
74 char ccname[40]; 68 char ccname[40];
75 int tmpfd; 69 int tmpfd;
76#endif 70#endif
77 krb5_error_code problem; 71 krb5_error_code problem;
78 krb5_ccache ccache = NULL; 72 krb5_ccache ccache = NULL;
79 73
80 if (authctxt->pw == NULL) 74 if (!authctxt->valid)
81 return (0); 75 return (0);
82 76
83 temporarily_use_uid(authctxt->pw); 77 temporarily_use_uid(authctxt->pw);
@@ -102,14 +96,15 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
102 goto out; 96 goto out;
103 97
104 restore_uid(); 98 restore_uid();
105 99
106 problem = krb5_verify_user(authctxt->krb5_ctx, authctxt->krb5_user, 100 problem = krb5_verify_user(authctxt->krb5_ctx, authctxt->krb5_user,
107 ccache, password, 1, NULL); 101 ccache, password, 1, NULL);
108 102
109 temporarily_use_uid(authctxt->pw); 103 temporarily_use_uid(authctxt->pw);
110 104
111 if (problem) 105 if (problem)
112 goto out; 106 goto out;
107
113 problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_fcc_ops, 108 problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_fcc_ops,
114 &authctxt->krb5_fwd_ccache); 109 &authctxt->krb5_fwd_ccache);
115 if (problem) 110 if (problem)
@@ -140,21 +135,21 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
140 temporarily_use_uid(authctxt->pw); 135 temporarily_use_uid(authctxt->pw);
141 if (problem) 136 if (problem)
142 goto out; 137 goto out;
143 138
144 if (!krb5_kuserok(authctxt->krb5_ctx, authctxt->krb5_user, 139 if (!krb5_kuserok(authctxt->krb5_ctx, authctxt->krb5_user,
145 authctxt->pw->pw_name)) { 140 authctxt->pw->pw_name)) {
146 problem = -1; 141 problem = -1;
147 goto out; 142 goto out;
148 } 143 }
149 144
150 snprintf(ccname,sizeof(ccname),"FILE:/tmp/krb5cc_%d_XXXXXX",geteuid()); 145 snprintf(ccname,sizeof(ccname),"FILE:/tmp/krb5cc_%d_XXXXXX",geteuid());
151 146
152 if ((tmpfd = mkstemp(ccname+strlen("FILE:")))==-1) { 147 if ((tmpfd = mkstemp(ccname+strlen("FILE:")))==-1) {
153 logit("mkstemp(): %.100s", strerror(errno)); 148 logit("mkstemp(): %.100s", strerror(errno));
154 problem = errno; 149 problem = errno;
155 goto out; 150 goto out;
156 } 151 }
157 152
158 if (fchmod(tmpfd,S_IRUSR | S_IWUSR) == -1) { 153 if (fchmod(tmpfd,S_IRUSR | S_IWUSR) == -1) {
159 logit("fchmod(): %.100s", strerror(errno)); 154 logit("fchmod(): %.100s", strerror(errno));
160 close(tmpfd); 155 close(tmpfd);
@@ -171,12 +166,12 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
171 authctxt->krb5_user); 166 authctxt->krb5_user);
172 if (problem) 167 if (problem)
173 goto out; 168 goto out;
174 169
175 problem= krb5_cc_store_cred(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache, 170 problem= krb5_cc_store_cred(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache,
176 &creds); 171 &creds);
177 if (problem) 172 if (problem)
178 goto out; 173 goto out;
179#endif 174#endif
180 175
181 authctxt->krb5_ticket_file = (char *)krb5_cc_get_name(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache); 176 authctxt->krb5_ticket_file = (char *)krb5_cc_get_name(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache);
182 177
@@ -205,10 +200,8 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
205} 200}
206 201
207void 202void
208krb5_cleanup_proc(void *context) 203krb5_cleanup_proc(Authctxt *authctxt)
209{ 204{
210 Authctxt *authctxt = (Authctxt *)context;
211
212 debug("krb5_cleanup_proc called"); 205 debug("krb5_cleanup_proc called");
213 if (authctxt->krb5_fwd_ccache) { 206 if (authctxt->krb5_fwd_ccache) {
214 krb5_cc_destroy(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache); 207 krb5_cc_destroy(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache);
diff --git a/auth-pam.c b/auth-pam.c
index b9f82a1d4..397f7d3a8 100644
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -31,10 +31,14 @@
31 31
32/* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ 32/* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */
33#include "includes.h" 33#include "includes.h"
34RCSID("$Id: auth-pam.c,v 1.72.2.2 2003/09/23 09:24:21 djm Exp $"); 34RCSID("$Id: auth-pam.c,v 1.95 2004/02/17 12:20:08 dtucker Exp $");
35 35
36#ifdef USE_PAM 36#ifdef USE_PAM
37#if defined(HAVE_SECURITY_PAM_APPL_H)
37#include <security/pam_appl.h> 38#include <security/pam_appl.h>
39#elif defined (HAVE_PAM_PAM_APPL_H)
40#include <pam/pam_appl.h>
41#endif
38 42
39#include "auth.h" 43#include "auth.h"
40#include "auth-pam.h" 44#include "auth-pam.h"
@@ -53,22 +57,53 @@ RCSID("$Id: auth-pam.c,v 1.72.2.2 2003/09/23 09:24:21 djm Exp $");
53 57
54extern ServerOptions options; 58extern ServerOptions options;
55extern Buffer loginmsg; 59extern Buffer loginmsg;
56 60extern int compat20;
57#define __unused
58 61
59#ifdef USE_POSIX_THREADS 62#ifdef USE_POSIX_THREADS
60#include <pthread.h> 63#include <pthread.h>
61/* 64/*
62 * Avoid namespace clash when *not* using pthreads for systems *with* 65 * Avoid namespace clash when *not* using pthreads for systems *with*
63 * pthreads, which unconditionally define pthread_t via sys/types.h 66 * pthreads, which unconditionally define pthread_t via sys/types.h
64 * (e.g. Linux) 67 * (e.g. Linux)
65 */ 68 */
66typedef pthread_t sp_pthread_t; 69typedef pthread_t sp_pthread_t;
67#else 70#else
71typedef pid_t sp_pthread_t;
72#endif
73
74struct pam_ctxt {
75 sp_pthread_t pam_thread;
76 int pam_psock;
77 int pam_csock;
78 int pam_done;
79};
80
81static void sshpam_free_ctx(void *);
82static struct pam_ctxt *cleanup_ctxt;
83
84#ifndef USE_POSIX_THREADS
68/* 85/*
69 * Simulate threads with processes. 86 * Simulate threads with processes.
70 */ 87 */
71typedef pid_t sp_pthread_t; 88
89static int sshpam_thread_status = -1;
90static mysig_t sshpam_oldsig;
91
92static void
93sshpam_sigchld_handler(int sig)
94{
95 if (cleanup_ctxt == NULL)
96 return; /* handler called after PAM cleanup, shouldn't happen */
97 if (waitpid(cleanup_ctxt->pam_thread, &sshpam_thread_status, 0) == -1)
98 return; /* couldn't wait for process */
99 if (WIFSIGNALED(sshpam_thread_status) &&
100 WTERMSIG(sshpam_thread_status) == SIGTERM)
101 return; /* terminated by pthread_cancel */
102 if (!WIFEXITED(sshpam_thread_status))
103 fatal("PAM: authentication thread exited unexpectedly");
104 if (WEXITSTATUS(sshpam_thread_status) != 0)
105 fatal("PAM: authentication thread exited uncleanly");
106}
72 107
73static void 108static void
74pthread_exit(void *value __unused) 109pthread_exit(void *value __unused)
@@ -91,6 +126,7 @@ pthread_create(sp_pthread_t *thread, const void *attr __unused,
91 _exit(1); 126 _exit(1);
92 default: 127 default:
93 *thread = pid; 128 *thread = pid;
129 sshpam_oldsig = signal(SIGCHLD, sshpam_sigchld_handler);
94 return (0); 130 return (0);
95 } 131 }
96} 132}
@@ -98,6 +134,7 @@ pthread_create(sp_pthread_t *thread, const void *attr __unused,
98static int 134static int
99pthread_cancel(sp_pthread_t thread) 135pthread_cancel(sp_pthread_t thread)
100{ 136{
137 signal(SIGCHLD, sshpam_oldsig);
101 return (kill(thread, SIGTERM)); 138 return (kill(thread, SIGTERM));
102} 139}
103 140
@@ -106,6 +143,9 @@ pthread_join(sp_pthread_t thread, void **value __unused)
106{ 143{
107 int status; 144 int status;
108 145
146 if (sshpam_thread_status != -1)
147 return (sshpam_thread_status);
148 signal(SIGCHLD, sshpam_oldsig);
109 waitpid(thread, &status, 0); 149 waitpid(thread, &status, 0);
110 return (status); 150 return (status);
111} 151}
@@ -115,18 +155,80 @@ pthread_join(sp_pthread_t thread, void **value __unused)
115static pam_handle_t *sshpam_handle = NULL; 155static pam_handle_t *sshpam_handle = NULL;
116static int sshpam_err = 0; 156static int sshpam_err = 0;
117static int sshpam_authenticated = 0; 157static int sshpam_authenticated = 0;
118static int sshpam_new_authtok_reqd = 0;
119static int sshpam_session_open = 0; 158static int sshpam_session_open = 0;
120static int sshpam_cred_established = 0; 159static int sshpam_cred_established = 0;
160static int sshpam_account_status = -1;
161static char **sshpam_env = NULL;
162static int *force_pwchange;
163
164/* Some PAM implementations don't implement this */
165#ifndef HAVE_PAM_GETENVLIST
166static char **
167pam_getenvlist(pam_handle_t *pamh)
168{
169 /*
170 * XXX - If necessary, we can still support envrionment passing
171 * for platforms without pam_getenvlist by searching for known
172 * env vars (e.g. KRB5CCNAME) from the PAM environment.
173 */
174 return NULL;
175}
176#endif
121 177
122struct pam_ctxt { 178void
123 sp_pthread_t pam_thread; 179pam_password_change_required(int reqd)
124 int pam_psock; 180{
125 int pam_csock; 181 debug3("%s %d", __func__, reqd);
126 int pam_done; 182 *force_pwchange = reqd;
127}; 183 if (reqd) {
184 no_port_forwarding_flag |= 2;
185 no_agent_forwarding_flag |= 2;
186 no_x11_forwarding_flag |= 2;
187 } else {
188 no_port_forwarding_flag &= ~2;
189 no_agent_forwarding_flag &= ~2;
190 no_x11_forwarding_flag &= ~2;
191 }
192}
128 193
129static void sshpam_free_ctx(void *); 194/* Import regular and PAM environment from subprocess */
195static void
196import_environments(Buffer *b)
197{
198 char *env;
199 u_int i, num_env;
200 int err;
201
202 debug3("PAM: %s entering", __func__);
203
204 /* Import variables set by do_pam_account */
205 sshpam_account_status = buffer_get_int(b);
206 pam_password_change_required(buffer_get_int(b));
207
208 /* Import environment from subprocess */
209 num_env = buffer_get_int(b);
210 sshpam_env = xmalloc((num_env + 1) * sizeof(*sshpam_env));
211 debug3("PAM: num env strings %d", num_env);
212 for(i = 0; i < num_env; i++)
213 sshpam_env[i] = buffer_get_string(b, NULL);
214
215 sshpam_env[num_env] = NULL;
216
217 /* Import PAM environment from subprocess */
218 num_env = buffer_get_int(b);
219 debug("PAM: num PAM env strings %d", num_env);
220 for(i = 0; i < num_env; i++) {
221 env = buffer_get_string(b, NULL);
222
223#ifdef HAVE_PAM_PUTENV
224 /* Errors are not fatal here */
225 if ((err = pam_putenv(sshpam_handle, env)) != PAM_SUCCESS) {
226 error("PAM: pam_putenv: %s",
227 pam_strerror(sshpam_handle, sshpam_err));
228 }
229#endif
230 }
231}
130 232
131/* 233/*
132 * Conversation function for authentication thread. 234 * Conversation function for authentication thread.
@@ -140,6 +242,7 @@ sshpam_thread_conv(int n, const struct pam_message **msg,
140 struct pam_response *reply; 242 struct pam_response *reply;
141 int i; 243 int i;
142 244
245 debug3("PAM: %s entering, %d messages", __func__, n);
143 *resp = NULL; 246 *resp = NULL;
144 247
145 ctxt = data; 248 ctxt = data;
@@ -154,36 +257,42 @@ sshpam_thread_conv(int n, const struct pam_message **msg,
154 for (i = 0; i < n; ++i) { 257 for (i = 0; i < n; ++i) {
155 switch (PAM_MSG_MEMBER(msg, i, msg_style)) { 258 switch (PAM_MSG_MEMBER(msg, i, msg_style)) {
156 case PAM_PROMPT_ECHO_OFF: 259 case PAM_PROMPT_ECHO_OFF:
157 buffer_put_cstring(&buffer, 260 buffer_put_cstring(&buffer,
158 PAM_MSG_MEMBER(msg, i, msg)); 261 PAM_MSG_MEMBER(msg, i, msg));
159 ssh_msg_send(ctxt->pam_csock, 262 if (ssh_msg_send(ctxt->pam_csock,
160 PAM_MSG_MEMBER(msg, i, msg_style), &buffer); 263 PAM_MSG_MEMBER(msg, i, msg_style), &buffer) == -1)
161 ssh_msg_recv(ctxt->pam_csock, &buffer); 264 goto fail;
265 if (ssh_msg_recv(ctxt->pam_csock, &buffer) == -1)
266 goto fail;
162 if (buffer_get_char(&buffer) != PAM_AUTHTOK) 267 if (buffer_get_char(&buffer) != PAM_AUTHTOK)
163 goto fail; 268 goto fail;
164 reply[i].resp = buffer_get_string(&buffer, NULL); 269 reply[i].resp = buffer_get_string(&buffer, NULL);
165 break; 270 break;
166 case PAM_PROMPT_ECHO_ON: 271 case PAM_PROMPT_ECHO_ON:
167 buffer_put_cstring(&buffer, 272 buffer_put_cstring(&buffer,
168 PAM_MSG_MEMBER(msg, i, msg)); 273 PAM_MSG_MEMBER(msg, i, msg));
169 ssh_msg_send(ctxt->pam_csock, 274 if (ssh_msg_send(ctxt->pam_csock,
170 PAM_MSG_MEMBER(msg, i, msg_style), &buffer); 275 PAM_MSG_MEMBER(msg, i, msg_style), &buffer) == -1)
171 ssh_msg_recv(ctxt->pam_csock, &buffer); 276 goto fail;
277 if (ssh_msg_recv(ctxt->pam_csock, &buffer) == -1)
278 goto fail;
172 if (buffer_get_char(&buffer) != PAM_AUTHTOK) 279 if (buffer_get_char(&buffer) != PAM_AUTHTOK)
173 goto fail; 280 goto fail;
174 reply[i].resp = buffer_get_string(&buffer, NULL); 281 reply[i].resp = buffer_get_string(&buffer, NULL);
175 break; 282 break;
176 case PAM_ERROR_MSG: 283 case PAM_ERROR_MSG:
177 buffer_put_cstring(&buffer, 284 buffer_put_cstring(&buffer,
178 PAM_MSG_MEMBER(msg, i, msg)); 285 PAM_MSG_MEMBER(msg, i, msg));
179 ssh_msg_send(ctxt->pam_csock, 286 if (ssh_msg_send(ctxt->pam_csock,
180 PAM_MSG_MEMBER(msg, i, msg_style), &buffer); 287 PAM_MSG_MEMBER(msg, i, msg_style), &buffer) == -1)
288 goto fail;
181 break; 289 break;
182 case PAM_TEXT_INFO: 290 case PAM_TEXT_INFO:
183 buffer_put_cstring(&buffer, 291 buffer_put_cstring(&buffer,
184 PAM_MSG_MEMBER(msg, i, msg)); 292 PAM_MSG_MEMBER(msg, i, msg));
185 ssh_msg_send(ctxt->pam_csock, 293 if (ssh_msg_send(ctxt->pam_csock,
186 PAM_MSG_MEMBER(msg, i, msg_style), &buffer); 294 PAM_MSG_MEMBER(msg, i, msg_style), &buffer) == -1)
295 goto fail;
187 break; 296 break;
188 default: 297 default:
189 goto fail; 298 goto fail;
@@ -214,10 +323,14 @@ sshpam_thread(void *ctxtp)
214 Buffer buffer; 323 Buffer buffer;
215 struct pam_conv sshpam_conv; 324 struct pam_conv sshpam_conv;
216#ifndef USE_POSIX_THREADS 325#ifndef USE_POSIX_THREADS
326 extern char **environ;
327 char **env_from_pam;
328 u_int i;
217 const char *pam_user; 329 const char *pam_user;
218 330
219 pam_get_item(sshpam_handle, PAM_USER, (const void **)&pam_user); 331 pam_get_item(sshpam_handle, PAM_USER, (const void **)&pam_user);
220 setproctitle("%s [pam]", pam_user); 332 setproctitle("%s [pam]", pam_user);
333 environ[0] = NULL;
221#endif 334#endif
222 335
223 sshpam_conv.conv = sshpam_thread_conv; 336 sshpam_conv.conv = sshpam_thread_conv;
@@ -231,7 +344,43 @@ sshpam_thread(void *ctxtp)
231 sshpam_err = pam_authenticate(sshpam_handle, 0); 344 sshpam_err = pam_authenticate(sshpam_handle, 0);
232 if (sshpam_err != PAM_SUCCESS) 345 if (sshpam_err != PAM_SUCCESS)
233 goto auth_fail; 346 goto auth_fail;
347
348 if (compat20) {
349 if (!do_pam_account())
350 goto auth_fail;
351 if (*force_pwchange) {
352 sshpam_err = pam_chauthtok(sshpam_handle,
353 PAM_CHANGE_EXPIRED_AUTHTOK);
354 if (sshpam_err != PAM_SUCCESS)
355 goto auth_fail;
356 pam_password_change_required(0);
357 }
358 }
359
234 buffer_put_cstring(&buffer, "OK"); 360 buffer_put_cstring(&buffer, "OK");
361
362#ifndef USE_POSIX_THREADS
363 /* Export variables set by do_pam_account */
364 buffer_put_int(&buffer, sshpam_account_status);
365 buffer_put_int(&buffer, *force_pwchange);
366
367 /* Export any environment strings set in child */
368 for(i = 0; environ[i] != NULL; i++)
369 ; /* Count */
370 buffer_put_int(&buffer, i);
371 for(i = 0; environ[i] != NULL; i++)
372 buffer_put_cstring(&buffer, environ[i]);
373
374 /* Export any environment strings set by PAM in child */
375 env_from_pam = pam_getenvlist(sshpam_handle);
376 for(i = 0; env_from_pam != NULL && env_from_pam[i] != NULL; i++)
377 ; /* Count */
378 buffer_put_int(&buffer, i);
379 for(i = 0; env_from_pam != NULL && env_from_pam[i] != NULL; i++)
380 buffer_put_cstring(&buffer, env_from_pam[i]);
381#endif /* USE_POSIX_THREADS */
382
383 /* XXX - can't do much about an error here */
235 ssh_msg_send(ctxt->pam_csock, sshpam_err, &buffer); 384 ssh_msg_send(ctxt->pam_csock, sshpam_err, &buffer);
236 buffer_free(&buffer); 385 buffer_free(&buffer);
237 pthread_exit(NULL); 386 pthread_exit(NULL);
@@ -239,37 +388,43 @@ sshpam_thread(void *ctxtp)
239 auth_fail: 388 auth_fail:
240 buffer_put_cstring(&buffer, 389 buffer_put_cstring(&buffer,
241 pam_strerror(sshpam_handle, sshpam_err)); 390 pam_strerror(sshpam_handle, sshpam_err));
391 /* XXX - can't do much about an error here */
242 ssh_msg_send(ctxt->pam_csock, PAM_AUTH_ERR, &buffer); 392 ssh_msg_send(ctxt->pam_csock, PAM_AUTH_ERR, &buffer);
243 buffer_free(&buffer); 393 buffer_free(&buffer);
244 pthread_exit(NULL); 394 pthread_exit(NULL);
245 395
246 return (NULL); /* Avoid warning for non-pthread case */ 396 return (NULL); /* Avoid warning for non-pthread case */
247} 397}
248 398
249static void 399void
250sshpam_thread_cleanup(void *ctxtp) 400sshpam_thread_cleanup(void)
251{ 401{
252 struct pam_ctxt *ctxt = ctxtp; 402 struct pam_ctxt *ctxt = cleanup_ctxt;
253 403
254 pthread_cancel(ctxt->pam_thread); 404 debug3("PAM: %s entering", __func__);
255 pthread_join(ctxt->pam_thread, NULL); 405 if (ctxt != NULL && ctxt->pam_thread != 0) {
256 close(ctxt->pam_psock); 406 pthread_cancel(ctxt->pam_thread);
257 close(ctxt->pam_csock); 407 pthread_join(ctxt->pam_thread, NULL);
408 close(ctxt->pam_psock);
409 close(ctxt->pam_csock);
410 memset(ctxt, 0, sizeof(*ctxt));
411 cleanup_ctxt = NULL;
412 }
258} 413}
259 414
260static int 415static int
261sshpam_null_conv(int n, const struct pam_message **msg, 416sshpam_null_conv(int n, const struct pam_message **msg,
262 struct pam_response **resp, void *data) 417 struct pam_response **resp, void *data)
263{ 418{
419 debug3("PAM: %s entering, %d messages", __func__, n);
264 return (PAM_CONV_ERR); 420 return (PAM_CONV_ERR);
265} 421}
266 422
267static struct pam_conv null_conv = { sshpam_null_conv, NULL }; 423static struct pam_conv null_conv = { sshpam_null_conv, NULL };
268 424
269static void 425void
270sshpam_cleanup(void *arg) 426sshpam_cleanup(void)
271{ 427{
272 (void)arg;
273 debug("PAM: cleanup"); 428 debug("PAM: cleanup");
274 if (sshpam_handle == NULL) 429 if (sshpam_handle == NULL)
275 return; 430 return;
@@ -282,7 +437,7 @@ sshpam_cleanup(void *arg)
282 pam_close_session(sshpam_handle, PAM_SILENT); 437 pam_close_session(sshpam_handle, PAM_SILENT);
283 sshpam_session_open = 0; 438 sshpam_session_open = 0;
284 } 439 }
285 sshpam_authenticated = sshpam_new_authtok_reqd = 0; 440 sshpam_authenticated = 0;
286 pam_end(sshpam_handle, sshpam_err); 441 pam_end(sshpam_handle, sshpam_err);
287 sshpam_handle = NULL; 442 sshpam_handle = NULL;
288} 443}
@@ -300,7 +455,6 @@ sshpam_init(const char *user)
300 PAM_USER, (const void **)&pam_user); 455 PAM_USER, (const void **)&pam_user);
301 if (sshpam_err == PAM_SUCCESS && strcmp(user, pam_user) == 0) 456 if (sshpam_err == PAM_SUCCESS && strcmp(user, pam_user) == 0)
302 return (0); 457 return (0);
303 fatal_remove_cleanup(sshpam_cleanup, NULL);
304 pam_end(sshpam_handle, sshpam_err); 458 pam_end(sshpam_handle, sshpam_err);
305 sshpam_handle = NULL; 459 sshpam_handle = NULL;
306 } 460 }
@@ -321,11 +475,11 @@ sshpam_init(const char *user)
321 return (-1); 475 return (-1);
322 } 476 }
323#ifdef PAM_TTY_KLUDGE 477#ifdef PAM_TTY_KLUDGE
324 /* 478 /*
325 * Some silly PAM modules (e.g. pam_time) require a TTY to operate. 479 * Some silly PAM modules (e.g. pam_time) require a TTY to operate.
326 * sshd doesn't set the tty until too late in the auth process and 480 * sshd doesn't set the tty until too late in the auth process and
327 * may not even set one (for tty-less connections) 481 * may not even set one (for tty-less connections)
328 */ 482 */
329 debug("PAM: setting PAM_TTY to \"ssh\""); 483 debug("PAM: setting PAM_TTY to \"ssh\"");
330 sshpam_err = pam_set_item(sshpam_handle, PAM_TTY, "ssh"); 484 sshpam_err = pam_set_item(sshpam_handle, PAM_TTY, "ssh");
331 if (sshpam_err != PAM_SUCCESS) { 485 if (sshpam_err != PAM_SUCCESS) {
@@ -334,7 +488,6 @@ sshpam_init(const char *user)
334 return (-1); 488 return (-1);
335 } 489 }
336#endif 490#endif
337 fatal_add_cleanup(sshpam_cleanup, NULL);
338 return (0); 491 return (0);
339} 492}
340 493
@@ -344,6 +497,7 @@ sshpam_init_ctx(Authctxt *authctxt)
344 struct pam_ctxt *ctxt; 497 struct pam_ctxt *ctxt;
345 int socks[2]; 498 int socks[2];
346 499
500 debug3("PAM: %s entering", __func__);
347 /* Refuse to start if we don't have PAM enabled */ 501 /* Refuse to start if we don't have PAM enabled */
348 if (!options.use_pam) 502 if (!options.use_pam)
349 return NULL; 503 return NULL;
@@ -355,7 +509,9 @@ sshpam_init_ctx(Authctxt *authctxt)
355 } 509 }
356 510
357 ctxt = xmalloc(sizeof *ctxt); 511 ctxt = xmalloc(sizeof *ctxt);
358 ctxt->pam_done = 0; 512 memset(ctxt, 0, sizeof(*ctxt));
513
514 force_pwchange = &(authctxt->force_pwchange);
359 515
360 /* Start the authentication thread */ 516 /* Start the authentication thread */
361 if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, socks) == -1) { 517 if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, socks) == -1) {
@@ -373,7 +529,7 @@ sshpam_init_ctx(Authctxt *authctxt)
373 xfree(ctxt); 529 xfree(ctxt);
374 return (NULL); 530 return (NULL);
375 } 531 }
376 fatal_add_cleanup(sshpam_thread_cleanup, ctxt); 532 cleanup_ctxt = ctxt;
377 return (ctxt); 533 return (ctxt);
378} 534}
379 535
@@ -388,6 +544,7 @@ sshpam_query(void *ctx, char **name, char **info,
388 char *msg; 544 char *msg;
389 size_t len; 545 size_t len;
390 546
547 debug3("PAM: %s entering", __func__);
391 buffer_init(&buffer); 548 buffer_init(&buffer);
392 *name = xstrdup(""); 549 *name = xstrdup("");
393 *info = xstrdup(""); 550 *info = xstrdup("");
@@ -427,6 +584,7 @@ sshpam_query(void *ctx, char **name, char **info,
427 **prompts = NULL; 584 **prompts = NULL;
428 } 585 }
429 if (type == PAM_SUCCESS) { 586 if (type == PAM_SUCCESS) {
587 import_environments(&buffer);
430 *num = 0; 588 *num = 0;
431 **echo_on = 0; 589 **echo_on = 0;
432 ctxt->pam_done = 1; 590 ctxt->pam_done = 1;
@@ -434,6 +592,7 @@ sshpam_query(void *ctx, char **name, char **info,
434 return (0); 592 return (0);
435 } 593 }
436 error("PAM: %s", msg); 594 error("PAM: %s", msg);
595 /* FALLTHROUGH */
437 default: 596 default:
438 *num = 0; 597 *num = 0;
439 **echo_on = 0; 598 **echo_on = 0;
@@ -452,7 +611,7 @@ sshpam_respond(void *ctx, u_int num, char **resp)
452 Buffer buffer; 611 Buffer buffer;
453 struct pam_ctxt *ctxt = ctx; 612 struct pam_ctxt *ctxt = ctx;
454 613
455 debug2("PAM: %s", __func__); 614 debug2("PAM: %s entering, %d responses", __func__, num);
456 switch (ctxt->pam_done) { 615 switch (ctxt->pam_done) {
457 case 1: 616 case 1:
458 sshpam_authenticated = 1; 617 sshpam_authenticated = 1;
@@ -468,7 +627,10 @@ sshpam_respond(void *ctx, u_int num, char **resp)
468 } 627 }
469 buffer_init(&buffer); 628 buffer_init(&buffer);
470 buffer_put_cstring(&buffer, *resp); 629 buffer_put_cstring(&buffer, *resp);
471 ssh_msg_send(ctxt->pam_psock, PAM_AUTHTOK, &buffer); 630 if (ssh_msg_send(ctxt->pam_psock, PAM_AUTHTOK, &buffer) == -1) {
631 buffer_free(&buffer);
632 return (-1);
633 }
472 buffer_free(&buffer); 634 buffer_free(&buffer);
473 return (1); 635 return (1);
474} 636}
@@ -478,8 +640,8 @@ sshpam_free_ctx(void *ctxtp)
478{ 640{
479 struct pam_ctxt *ctxt = ctxtp; 641 struct pam_ctxt *ctxt = ctxtp;
480 642
481 fatal_remove_cleanup(sshpam_thread_cleanup, ctxt); 643 debug3("PAM: %s entering", __func__);
482 sshpam_thread_cleanup(ctxtp); 644 sshpam_thread_cleanup();
483 xfree(ctxt); 645 xfree(ctxt);
484 /* 646 /*
485 * We don't call sshpam_cleanup() here because we may need the PAM 647 * We don't call sshpam_cleanup() here because we may need the PAM
@@ -521,29 +683,28 @@ start_pam(const char *user)
521void 683void
522finish_pam(void) 684finish_pam(void)
523{ 685{
524 fatal_remove_cleanup(sshpam_cleanup, NULL); 686 sshpam_cleanup();
525 sshpam_cleanup(NULL);
526} 687}
527 688
528u_int 689u_int
529do_pam_account(void) 690do_pam_account(void)
530{ 691{
692 if (sshpam_account_status != -1)
693 return (sshpam_account_status);
694
531 sshpam_err = pam_acct_mgmt(sshpam_handle, 0); 695 sshpam_err = pam_acct_mgmt(sshpam_handle, 0);
532 debug3("%s: pam_acct_mgmt = %d", __func__, sshpam_err); 696 debug3("PAM: %s pam_acct_mgmt = %d", __func__, sshpam_err);
533 697
534 if (sshpam_err != PAM_SUCCESS && sshpam_err != PAM_NEW_AUTHTOK_REQD) 698 if (sshpam_err != PAM_SUCCESS && sshpam_err != PAM_NEW_AUTHTOK_REQD) {
535 return (0); 699 sshpam_account_status = 0;
536 700 return (sshpam_account_status);
537 if (sshpam_err == PAM_NEW_AUTHTOK_REQD) {
538 sshpam_new_authtok_reqd = 1;
539
540 /* Prevent forwardings until password changed */
541 no_port_forwarding_flag |= 2;
542 no_agent_forwarding_flag |= 2;
543 no_x11_forwarding_flag |= 2;
544 } 701 }
545 702
546 return (1); 703 if (sshpam_err == PAM_NEW_AUTHTOK_REQD)
704 pam_password_change_required(1);
705
706 sshpam_account_status = 1;
707 return (sshpam_account_status);
547} 708}
548 709
549void 710void
@@ -585,12 +746,6 @@ do_pam_setcred(int init)
585 pam_strerror(sshpam_handle, sshpam_err)); 746 pam_strerror(sshpam_handle, sshpam_err));
586} 747}
587 748
588int
589is_pam_password_change_required(void)
590{
591 return (sshpam_new_authtok_reqd);
592}
593
594static int 749static int
595pam_tty_conv(int n, const struct pam_message **msg, 750pam_tty_conv(int n, const struct pam_message **msg,
596 struct pam_response **resp, void *data) 751 struct pam_response **resp, void *data)
@@ -599,6 +754,8 @@ pam_tty_conv(int n, const struct pam_message **msg,
599 struct pam_response *reply; 754 struct pam_response *reply;
600 int i; 755 int i;
601 756
757 debug3("PAM: %s called with %d messages", __func__, n);
758
602 *resp = NULL; 759 *resp = NULL;
603 760
604 if (n <= 0 || n > PAM_MAX_NUM_MSG || !isatty(STDIN_FILENO)) 761 if (n <= 0 || n > PAM_MAX_NUM_MSG || !isatty(STDIN_FILENO))
@@ -612,7 +769,7 @@ pam_tty_conv(int n, const struct pam_message **msg,
612 switch (PAM_MSG_MEMBER(msg, i, msg_style)) { 769 switch (PAM_MSG_MEMBER(msg, i, msg_style)) {
613 case PAM_PROMPT_ECHO_OFF: 770 case PAM_PROMPT_ECHO_OFF:
614 reply[i].resp = 771 reply[i].resp =
615 read_passphrase(PAM_MSG_MEMBER(msg, i, msg), 772 read_passphrase(PAM_MSG_MEMBER(msg, i, msg),
616 RP_ALLOW_STDIN); 773 RP_ALLOW_STDIN);
617 reply[i].resp_retcode = PAM_SUCCESS; 774 reply[i].resp_retcode = PAM_SUCCESS;
618 break; 775 break;
@@ -715,7 +872,7 @@ void
715do_pam_session(void) 872do_pam_session(void)
716{ 873{
717 debug3("PAM: opening session"); 874 debug3("PAM: opening session");
718 sshpam_err = pam_set_item(sshpam_handle, PAM_CONV, 875 sshpam_err = pam_set_item(sshpam_handle, PAM_CONV,
719 (const void *)&store_conv); 876 (const void *)&store_conv);
720 if (sshpam_err != PAM_SUCCESS) 877 if (sshpam_err != PAM_SUCCESS)
721 fatal("PAM: failed to set PAM_CONV: %s", 878 fatal("PAM: failed to set PAM_CONV: %s",
@@ -727,17 +884,16 @@ do_pam_session(void)
727 sshpam_session_open = 1; 884 sshpam_session_open = 1;
728} 885}
729 886
730/* 887/*
731 * Set a PAM environment string. We need to do this so that the session 888 * Set a PAM environment string. We need to do this so that the session
732 * modules can handle things like Kerberos/GSI credentials that appear 889 * modules can handle things like Kerberos/GSI credentials that appear
733 * during the ssh authentication process. 890 * during the ssh authentication process.
734 */ 891 */
735
736int 892int
737do_pam_putenv(char *name, char *value) 893do_pam_putenv(char *name, char *value)
738{ 894{
739 int ret = 1; 895 int ret = 1;
740#ifdef HAVE_PAM_PUTENV 896#ifdef HAVE_PAM_PUTENV
741 char *compound; 897 char *compound;
742 size_t len; 898 size_t len;
743 899
@@ -752,21 +908,16 @@ do_pam_putenv(char *name, char *value)
752 return (ret); 908 return (ret);
753} 909}
754 910
755void 911char **
756print_pam_messages(void) 912fetch_pam_child_environment(void)
757{ 913{
758 /* XXX */ 914 return sshpam_env;
759} 915}
760 916
761char ** 917char **
762fetch_pam_environment(void) 918fetch_pam_environment(void)
763{ 919{
764#ifdef HAVE_PAM_GETENVLIST
765 debug("PAM: retrieving environment");
766 return (pam_getenvlist(sshpam_handle)); 920 return (pam_getenvlist(sshpam_handle));
767#else
768 return (NULL);
769#endif
770} 921}
771 922
772void 923void
diff --git a/auth-pam.h b/auth-pam.h
index 5c952f305..4bc8d6955 100644
--- a/auth-pam.h
+++ b/auth-pam.h
@@ -1,4 +1,4 @@
1/* $Id: auth-pam.h,v 1.21 2003/09/02 13:18:53 djm Exp $ */ 1/* $Id: auth-pam.h,v 1.24 2004/02/10 02:23:29 dtucker Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000 Damien Miller. All rights reserved. 4 * Copyright (c) 2000 Damien Miller. All rights reserved.
@@ -37,11 +37,12 @@ u_int do_pam_account(void);
37void do_pam_session(void); 37void do_pam_session(void);
38void do_pam_set_tty(const char *); 38void do_pam_set_tty(const char *);
39void do_pam_setcred(int ); 39void do_pam_setcred(int );
40int is_pam_password_change_required(void);
41void do_pam_chauthtok(void); 40void do_pam_chauthtok(void);
42int do_pam_putenv(char *, char *); 41int do_pam_putenv(char *, char *);
43void print_pam_messages(void);
44char ** fetch_pam_environment(void); 42char ** fetch_pam_environment(void);
43char ** fetch_pam_child_environment(void);
45void free_pam_environment(char **); 44void free_pam_environment(char **);
45void sshpam_thread_cleanup(void);
46void sshpam_cleanup(void);
46 47
47#endif /* USE_PAM */ 48#endif /* USE_PAM */
diff --git a/auth-passwd.c b/auth-passwd.c
index 971c7ba19..b9679abd0 100644
--- a/auth-passwd.c
+++ b/auth-passwd.c
@@ -36,19 +36,24 @@
36 */ 36 */
37 37
38#include "includes.h" 38#include "includes.h"
39RCSID("$OpenBSD: auth-passwd.c,v 1.29 2003/08/26 09:58:43 markus Exp $"); 39RCSID("$OpenBSD: auth-passwd.c,v 1.31 2004/01/30 09:48:57 markus Exp $");
40 40
41#include "packet.h" 41#include "packet.h"
42#include "log.h" 42#include "log.h"
43#include "servconf.h" 43#include "servconf.h"
44#include "auth.h" 44#include "auth.h"
45#ifdef WITH_AIXAUTHENTICATE 45#include "auth-options.h"
46# include "buffer.h"
47# include "canohost.h"
48extern Buffer loginmsg;
49#endif
50 46
51extern ServerOptions options; 47extern ServerOptions options;
48int sys_auth_passwd(Authctxt *, const char *);
49
50void
51disable_forwarding(void)
52{
53 no_port_forwarding_flag = 1;
54 no_agent_forwarding_flag = 1;
55 no_x11_forwarding_flag = 1;
56}
52 57
53/* 58/*
54 * Tries to authenticate the user using password. Returns true if 59 * Tries to authenticate the user using password. Returns true if
@@ -59,29 +64,31 @@ auth_password(Authctxt *authctxt, const char *password)
59{ 64{
60 struct passwd * pw = authctxt->pw; 65 struct passwd * pw = authctxt->pw;
61 int ok = authctxt->valid; 66 int ok = authctxt->valid;
67 static int expire_checked = 0;
62 68
63 /* deny if no user. */
64 if (pw == NULL)
65 return 0;
66#ifndef HAVE_CYGWIN 69#ifndef HAVE_CYGWIN
67 if (pw && pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES) 70 if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES)
68 ok = 0; 71 ok = 0;
69#endif 72#endif
70 if (*password == '\0' && options.permit_empty_passwd == 0) 73 if (*password == '\0' && options.permit_empty_passwd == 0)
71 return 0; 74 return 0;
72 75
73#if defined(HAVE_OSF_SIA) 76#if defined(HAVE_OSF_SIA)
77 /*
78 * XXX: any reason this is before krb? could be moved to
79 * sys_auth_passwd()? -dt
80 */
74 return auth_sia_password(authctxt, password) && ok; 81 return auth_sia_password(authctxt, password) && ok;
75#else 82#endif
76# ifdef KRB5 83#ifdef KRB5
77 if (options.kerberos_authentication == 1) { 84 if (options.kerberos_authentication == 1) {
78 int ret = auth_krb5_password(authctxt, password); 85 int ret = auth_krb5_password(authctxt, password);
79 if (ret == 1 || ret == 0) 86 if (ret == 1 || ret == 0)
80 return ret && ok; 87 return ret && ok;
81 /* Fall back to ordinary passwd authentication. */ 88 /* Fall back to ordinary passwd authentication. */
82 } 89 }
83# endif 90#endif
84# ifdef HAVE_CYGWIN 91#ifdef HAVE_CYGWIN
85 if (is_winnt) { 92 if (is_winnt) {
86 HANDLE hToken = cygwin_logon_user(pw, password); 93 HANDLE hToken = cygwin_logon_user(pw, password);
87 94
@@ -90,74 +97,60 @@ auth_password(Authctxt *authctxt, const char *password)
90 cygwin_set_impersonation_token(hToken); 97 cygwin_set_impersonation_token(hToken);
91 return ok; 98 return ok;
92 } 99 }
93# endif 100#endif
94# ifdef WITH_AIXAUTHENTICATE 101#if defined(USE_SHADOW) && defined(HAS_SHADOW_EXPIRE)
95 { 102 if (!expire_checked) {
96 char *authmsg = NULL; 103 expire_checked = 1;
97 int reenter = 1; 104 if (auth_shadow_pwexpired(authctxt)) {
98 int authsuccess = 0; 105 disable_forwarding();
99 106 authctxt->force_pwchange = 1;
100 if (authenticate(pw->pw_name, password, &reenter,
101 &authmsg) == 0 && ok) {
102 char *msg;
103 char *host =
104 (char *)get_canonical_hostname(options.use_dns);
105
106 authsuccess = 1;
107 aix_remove_embedded_newlines(authmsg);
108
109 debug3("AIX/authenticate succeeded for user %s: %.100s",
110 pw->pw_name, authmsg);
111
112 /* No pty yet, so just label the line as "ssh" */
113 aix_setauthdb(authctxt->user);
114 if (loginsuccess(authctxt->user, host, "ssh",
115 &msg) == 0) {
116 if (msg != NULL) {
117 debug("%s: msg %s", __func__, msg);
118 buffer_append(&loginmsg, msg,
119 strlen(msg));
120 xfree(msg);
121 }
122 }
123 } else {
124 debug3("AIX/authenticate failed for user %s: %.100s",
125 pw->pw_name, authmsg);
126 } 107 }
108 }
109#endif
110
111 return (sys_auth_passwd(authctxt, password) && ok);
112}
127 113
128 if (authmsg != NULL) 114#ifdef BSD_AUTH
129 xfree(authmsg); 115int
130 116sys_auth_passwd(Authctxt *authctxt, const char *password)
131 return authsuccess; 117{
118 struct passwd *pw = authctxt->pw;
119 auth_session_t *as;
120
121 as = auth_usercheck(pw->pw_name, authctxt->style, "auth-ssh",
122 (char *)password);
123 if (auth_getstate(as) & AUTH_PWEXPIRED) {
124 auth_close(as);
125 disable_forwarding();
126 authctxt->force_pwchange = 1;
127 return (1);
128 } else {
129 return (auth_close(as));
132 } 130 }
133# endif 131}
134# ifdef BSD_AUTH 132#elif !defined(CUSTOM_SYS_AUTH_PASSWD)
135 if (auth_userokay(pw->pw_name, authctxt->style, "auth-ssh", 133int
136 (char *)password) == 0) 134sys_auth_passwd(Authctxt *authctxt, const char *password)
137 return 0; 135{
138 else 136 struct passwd *pw = authctxt->pw;
139 return ok; 137 char *encrypted_password;
140# else 138
141 {
142 /* Just use the supplied fake password if authctxt is invalid */ 139 /* Just use the supplied fake password if authctxt is invalid */
143 char *pw_password = authctxt->valid ? shadow_pw(pw) : pw->pw_passwd; 140 char *pw_password = authctxt->valid ? shadow_pw(pw) : pw->pw_passwd;
144 141
145 /* Check for users with no password. */ 142 /* Check for users with no password. */
146 if (strcmp(pw_password, "") == 0 && strcmp(password, "") == 0) 143 if (strcmp(pw_password, "") == 0 && strcmp(password, "") == 0)
147 return ok; 144 return (1);
148 else {
149 /* Encrypt the candidate password using the proper salt. */
150 char *encrypted_password = xcrypt(password,
151 (pw_password[0] && pw_password[1]) ? pw_password : "xx");
152 145
153 /* 146 /* Encrypt the candidate password using the proper salt. */
154 * Authentication is accepted if the encrypted passwords 147 encrypted_password = xcrypt(password,
155 * are identical. 148 (pw_password[0] && pw_password[1]) ? pw_password : "xx");
156 */
157 return (strcmp(encrypted_password, pw_password) == 0) && ok;
158 }
159 149
160 } 150 /*
161# endif 151 * Authentication is accepted if the encrypted passwords
162#endif /* !HAVE_OSF_SIA */ 152 * are identical.
153 */
154 return (strcmp(encrypted_password, pw_password) == 0);
163} 155}
156#endif
diff --git a/auth-rh-rsa.c b/auth-rh-rsa.c
index 2eb7e6e2d..29eb538ec 100644
--- a/auth-rh-rsa.c
+++ b/auth-rh-rsa.c
@@ -13,7 +13,7 @@
13 */ 13 */
14 14
15#include "includes.h" 15#include "includes.h"
16RCSID("$OpenBSD: auth-rh-rsa.c,v 1.36 2003/06/02 09:17:34 markus Exp $"); 16RCSID("$OpenBSD: auth-rh-rsa.c,v 1.37 2003/11/04 08:54:09 djm Exp $");
17 17
18#include "packet.h" 18#include "packet.h"
19#include "uidswap.h" 19#include "uidswap.h"
@@ -52,14 +52,15 @@ auth_rhosts_rsa_key_allowed(struct passwd *pw, char *cuser, char *chost,
52 * its host key. Returns true if authentication succeeds. 52 * its host key. Returns true if authentication succeeds.
53 */ 53 */
54int 54int
55auth_rhosts_rsa(struct passwd *pw, char *cuser, Key *client_host_key) 55auth_rhosts_rsa(Authctxt *authctxt, char *cuser, Key *client_host_key)
56{ 56{
57 char *chost; 57 char *chost;
58 struct passwd *pw = authctxt->pw;
58 59
59 debug("Trying rhosts with RSA host authentication for client user %.100s", 60 debug("Trying rhosts with RSA host authentication for client user %.100s",
60 cuser); 61 cuser);
61 62
62 if (pw == NULL || client_host_key == NULL || 63 if (!authctxt->valid || client_host_key == NULL ||
63 client_host_key->rsa == NULL) 64 client_host_key->rsa == NULL)
64 return 0; 65 return 0;
65 66
diff --git a/auth-rhosts.c b/auth-rhosts.c
index b42a64c90..585246e82 100644
--- a/auth-rhosts.c
+++ b/auth-rhosts.c
@@ -14,7 +14,7 @@
14 */ 14 */
15 15
16#include "includes.h" 16#include "includes.h"
17RCSID("$OpenBSD: auth-rhosts.c,v 1.31 2003/06/02 09:17:34 markus Exp $"); 17RCSID("$OpenBSD: auth-rhosts.c,v 1.32 2003/11/04 08:54:09 djm Exp $");
18 18
19#include "packet.h" 19#include "packet.h"
20#include "uidswap.h" 20#include "uidswap.h"
@@ -173,10 +173,6 @@ auth_rhosts2_raw(struct passwd *pw, const char *client_user, const char *hostnam
173 debug2("auth_rhosts2: clientuser %s hostname %s ipaddr %s", 173 debug2("auth_rhosts2: clientuser %s hostname %s ipaddr %s",
174 client_user, hostname, ipaddr); 174 client_user, hostname, ipaddr);
175 175
176 /* no user given */
177 if (pw == NULL)
178 return 0;
179
180 /* Switch to the user's uid. */ 176 /* Switch to the user's uid. */
181 temporarily_use_uid(pw); 177 temporarily_use_uid(pw);
182 /* 178 /*
diff --git a/auth-rsa.c b/auth-rsa.c
index 5631d238c..2f0746b30 100644
--- a/auth-rsa.c
+++ b/auth-rsa.c
@@ -14,7 +14,7 @@
14 */ 14 */
15 15
16#include "includes.h" 16#include "includes.h"
17RCSID("$OpenBSD: auth-rsa.c,v 1.57 2003/04/08 20:21:28 itojun Exp $"); 17RCSID("$OpenBSD: auth-rsa.c,v 1.58 2003/11/04 08:54:09 djm Exp $");
18 18
19#include <openssl/rsa.h> 19#include <openssl/rsa.h>
20#include <openssl/md5.h> 20#include <openssl/md5.h>
@@ -284,13 +284,14 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
284 * successful. This may exit if there is a serious protocol violation. 284 * successful. This may exit if there is a serious protocol violation.
285 */ 285 */
286int 286int
287auth_rsa(struct passwd *pw, BIGNUM *client_n) 287auth_rsa(Authctxt *authctxt, BIGNUM *client_n)
288{ 288{
289 Key *key; 289 Key *key;
290 char *fp; 290 char *fp;
291 struct passwd *pw = authctxt->pw;
291 292
292 /* no user given */ 293 /* no user given */
293 if (pw == NULL) 294 if (!authctxt->valid)
294 return 0; 295 return 0;
295 296
296 if (!PRIVSEP(auth_rsa_key_allowed(pw, client_n, &key))) { 297 if (!PRIVSEP(auth_rsa_key_allowed(pw, client_n, &key))) {
diff --git a/auth-shadow.c b/auth-shadow.c
new file mode 100644
index 000000000..a85442d72
--- /dev/null
+++ b/auth-shadow.c
@@ -0,0 +1,135 @@
1/*
2 * Copyright (c) 2004 Darren Tucker. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 *
13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23 */
24
25#include "includes.h"
26RCSID("$Id: auth-shadow.c,v 1.5 2004/02/21 23:22:05 dtucker Exp $");
27
28#if defined(USE_SHADOW) && defined(HAS_SHADOW_EXPIRE)
29#include <shadow.h>
30
31#include "auth.h"
32#include "buffer.h"
33#include "log.h"
34
35#define DAY (24L * 60 * 60) /* 1 day in seconds */
36
37extern Buffer loginmsg;
38
39/*
40 * For the account and password expiration functions, we assume the expiry
41 * occurs the day after the day specified.
42 */
43
44/*
45 * Check if specified account is expired. Returns 1 if account is expired,
46 * 0 otherwise.
47 */
48int
49auth_shadow_acctexpired(struct spwd *spw)
50{
51 time_t today;
52 int daysleft;
53 char buf[256];
54
55 today = time(NULL) / DAY;
56 daysleft = spw->sp_expire - today;
57 debug3("%s: today %d sp_expire %d days left %d", __func__, (int)today,
58 (int)spw->sp_expire, daysleft);
59
60 if (spw->sp_expire == -1) {
61 debug3("account expiration disabled");
62 } else if (daysleft < 0) {
63 logit("Account %.100s has expired", spw->sp_namp);
64 return 1;
65 } else if (daysleft <= spw->sp_warn) {
66 debug3("account will expire in %d days", daysleft);
67 snprintf(buf, sizeof(buf),
68 "Your account will expire in %d day%s.\n", daysleft,
69 daysleft == 1 ? "" : "s");
70 buffer_append(&loginmsg, buf, strlen(buf));
71 }
72
73 return 0;
74}
75
76/*
77 * Checks password expiry for platforms that use shadow passwd files.
78 * Returns: 1 = password expired, 0 = password not expired
79 */
80int
81auth_shadow_pwexpired(Authctxt *ctxt)
82{
83 struct spwd *spw = NULL;
84 const char *user = ctxt->pw->pw_name;
85 char buf[256];
86 time_t today;
87 int daysleft, disabled = 0;
88
89 if ((spw = getspnam((char *)user)) == NULL) {
90 error("Could not get shadow information for %.100s", user);
91 return 0;
92 }
93
94 today = time(NULL) / DAY;
95 debug3("%s: today %d sp_lstchg %d sp_max %d", __func__, (int)today,
96 (int)spw->sp_lstchg, (int)spw->sp_max);
97
98#if defined(__hpux) && !defined(HAVE_SECUREWARE)
99 if (iscomsec()) {
100 struct pr_passwd *pr;
101
102 pr = getprpwnam((char *)user);
103
104 /* Test for Trusted Mode expiry disabled */
105 if (pr != NULL && pr->ufld.fd_min == 0 &&
106 pr->ufld.fd_lifetime == 0 && pr->ufld.fd_expire == 0 &&
107 pr->ufld.fd_pw_expire_warning == 0 &&
108 pr->ufld.fd_schange != 0)
109 disabled = 1;
110 }
111#endif
112
113 /* TODO: check sp_inact */
114 daysleft = spw->sp_lstchg + spw->sp_max - today;
115 if (disabled) {
116 debug3("password expiration disabled");
117 } else if (spw->sp_lstchg == 0) {
118 logit("User %.100s password has expired (root forced)", user);
119 return 1;
120 } else if (spw->sp_max == -1) {
121 debug3("password expiration disabled");
122 } else if (daysleft < 0) {
123 logit("User %.100s password has expired (password aged)", user);
124 return 1;
125 } else if (daysleft <= spw->sp_warn) {
126 debug3("password will expire in %d days", daysleft);
127 snprintf(buf, sizeof(buf),
128 "Your password will expire in %d day%s.\n", daysleft,
129 daysleft == 1 ? "" : "s");
130 buffer_append(&loginmsg, buf, strlen(buf));
131 }
132
133 return 0;
134}
135#endif /* USE_SHADOW && HAS_SHADOW_EXPIRE */
diff --git a/auth-sia.c b/auth-sia.c
index cae5f0912..cd2dcb840 100644
--- a/auth-sia.c
+++ b/auth-sia.c
@@ -31,6 +31,7 @@
31#include "log.h" 31#include "log.h"
32#include "servconf.h" 32#include "servconf.h"
33#include "canohost.h" 33#include "canohost.h"
34#include "uidswap.h"
34 35
35#include <sia.h> 36#include <sia.h>
36#include <siad.h> 37#include <siad.h>
@@ -83,7 +84,7 @@ session_setup_sia(struct passwd *pw, char *tty)
83 84
84 host = get_canonical_hostname(options.use_dns); 85 host = get_canonical_hostname(options.use_dns);
85 86
86 if (sia_ses_init(&ent, saved_argc, saved_argv, host, pw->pw_name, 87 if (sia_ses_init(&ent, saved_argc, saved_argv, host, pw->pw_name,
87 tty, 0, NULL) != SIASUCCESS) 88 tty, 0, NULL) != SIASUCCESS)
88 fatal("sia_ses_init failed"); 89 fatal("sia_ses_init failed");
89 90
@@ -100,11 +101,11 @@ session_setup_sia(struct passwd *pw, char *tty)
100 if (sia_ses_launch(sia_collect_trm, ent) != SIASUCCESS) 101 if (sia_ses_launch(sia_collect_trm, ent) != SIASUCCESS)
101 fatal("Couldn't launch session for %s from %s", 102 fatal("Couldn't launch session for %s from %s",
102 pw->pw_name, host); 103 pw->pw_name, host);
103 104
104 sia_ses_release(&ent); 105 sia_ses_release(&ent);
105 106
106 if (setreuid(geteuid(), geteuid()) < 0) 107 setuid(0);
107 fatal("setreuid: %s", strerror(errno)); 108 permanently_set_uid(pw);
108} 109}
109 110
110#endif /* HAVE_OSF_SIA */ 111#endif /* HAVE_OSF_SIA */
diff --git a/auth.c b/auth.c
index 46e495adf..6d999221c 100644
--- a/auth.c
+++ b/auth.c
@@ -23,14 +23,14 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: auth.c,v 1.49 2003/08/26 09:58:43 markus Exp $"); 26RCSID("$OpenBSD: auth.c,v 1.51 2003/11/21 11:57:02 djm Exp $");
27 27
28#ifdef HAVE_LOGIN_H 28#ifdef HAVE_LOGIN_H
29#include <login.h> 29#include <login.h>
30#endif 30#endif
31#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) 31#ifdef USE_SHADOW
32#include <shadow.h> 32#include <shadow.h>
33#endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */ 33#endif
34 34
35#ifdef HAVE_LIBGEN_H 35#ifdef HAVE_LIBGEN_H
36#include <libgen.h> 36#include <libgen.h>
@@ -76,7 +76,7 @@ allowed_user(struct passwd * pw)
76 const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL; 76 const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL;
77 char *shell; 77 char *shell;
78 int i; 78 int i;
79#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) 79#ifdef USE_SHADOW
80 struct spwd *spw = NULL; 80 struct spwd *spw = NULL;
81#endif 81#endif
82 82
@@ -84,53 +84,24 @@ allowed_user(struct passwd * pw)
84 if (!pw || !pw->pw_name) 84 if (!pw || !pw->pw_name)
85 return 0; 85 return 0;
86 86
87#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) 87#ifdef USE_SHADOW
88 if (!options.use_pam) 88 if (!options.use_pam)
89 spw = getspnam(pw->pw_name); 89 spw = getspnam(pw->pw_name);
90#ifdef HAS_SHADOW_EXPIRE 90#ifdef HAS_SHADOW_EXPIRE
91#define DAY (24L * 60 * 60) /* 1 day in seconds */ 91 if (!options.use_pam && spw != NULL && auth_shadow_acctexpired(spw))
92 if (!options.use_pam && spw != NULL) { 92 return 0;
93 time_t today;
94
95 today = time(NULL) / DAY;
96 debug3("allowed_user: today %d sp_expire %d sp_lstchg %d"
97 " sp_max %d", (int)today, (int)spw->sp_expire,
98 (int)spw->sp_lstchg, (int)spw->sp_max);
99
100 /*
101 * We assume account and password expiration occurs the
102 * day after the day specified.
103 */
104 if (spw->sp_expire != -1 && today > spw->sp_expire) {
105 logit("Account %.100s has expired", pw->pw_name);
106 return 0;
107 }
108
109 if (spw->sp_lstchg == 0) {
110 logit("User %.100s password has expired (root forced)",
111 pw->pw_name);
112 return 0;
113 }
114
115 if (spw->sp_max != -1 &&
116 today > spw->sp_lstchg + spw->sp_max) {
117 logit("User %.100s password has expired (password aged)",
118 pw->pw_name);
119 return 0;
120 }
121 }
122#endif /* HAS_SHADOW_EXPIRE */ 93#endif /* HAS_SHADOW_EXPIRE */
123#endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */ 94#endif /* USE_SHADOW */
124 95
125 /* grab passwd field for locked account check */ 96 /* grab passwd field for locked account check */
126#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) 97#ifdef USE_SHADOW
127 if (spw != NULL) 98 if (spw != NULL)
128 passwd = spw->sp_pwdp; 99 passwd = spw->sp_pwdp;
129#else 100#else
130 passwd = pw->pw_passwd; 101 passwd = pw->pw_passwd;
131#endif 102#endif
132 103
133 /* check for locked account */ 104 /* check for locked account */
134 if (!options.use_pam && passwd && *passwd) { 105 if (!options.use_pam && passwd && *passwd) {
135 int locked = 0; 106 int locked = 0;
136 107
@@ -242,7 +213,7 @@ allowed_user(struct passwd * pw)
242 if ((pw->pw_uid != 0) && (geteuid() == 0)) { 213 if ((pw->pw_uid != 0) && (geteuid() == 0)) {
243 char *msg; 214 char *msg;
244 215
245 if (loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &msg) != 0) { 216 if (loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &msg) != 0) {
246 int loginrestrict_errno = errno; 217 int loginrestrict_errno = errno;
247 218
248 if (msg && *msg) { 219 if (msg && *msg) {
@@ -252,7 +223,7 @@ allowed_user(struct passwd * pw)
252 pw->pw_name, msg); 223 pw->pw_name, msg);
253 } 224 }
254 /* Don't fail if /etc/nologin set */ 225 /* Don't fail if /etc/nologin set */
255 if (!(loginrestrict_errno == EPERM && 226 if (!(loginrestrict_errno == EPERM &&
256 stat(_PATH_NOLOGIN, &st) == 0)) 227 stat(_PATH_NOLOGIN, &st) == 0))
257 return 0; 228 return 0;
258 } 229 }
@@ -263,14 +234,6 @@ allowed_user(struct passwd * pw)
263 return 1; 234 return 1;
264} 235}
265 236
266Authctxt *
267authctxt_new(void)
268{
269 Authctxt *authctxt = xmalloc(sizeof(*authctxt));
270 memset(authctxt, 0, sizeof(*authctxt));
271 return authctxt;
272}
273
274void 237void
275auth_log(Authctxt *authctxt, int authenticated, char *method, char *info) 238auth_log(Authctxt *authctxt, int authenticated, char *method, char *info)
276{ 239{
@@ -598,7 +561,7 @@ fakepw(void)
598 memset(&fake, 0, sizeof(fake)); 561 memset(&fake, 0, sizeof(fake));
599 fake.pw_name = "NOUSER"; 562 fake.pw_name = "NOUSER";
600 fake.pw_passwd = 563 fake.pw_passwd =
601 "$2a$06$r3.juUaHZDlIbQaO2dS9FuYxL1W9M81R1Tc92PoSNmzvpEqLkLGrK"; 564 "$2a$06$r3.juUaHZDlIbQaO2dS9FuYxL1W9M81R1Tc92PoSNmzvpEqLkLGrK";
602 fake.pw_gecos = "NOUSER"; 565 fake.pw_gecos = "NOUSER";
603 fake.pw_uid = -1; 566 fake.pw_uid = -1;
604 fake.pw_gid = -1; 567 fake.pw_gid = -1;
diff --git a/auth.h b/auth.h
index beaacb8bc..de2222aaa 100644
--- a/auth.h
+++ b/auth.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth.h,v 1.46 2003/08/28 12:54:34 markus Exp $ */ 1/* $OpenBSD: auth.h,v 1.49 2004/01/30 09:48:57 markus Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -52,6 +52,7 @@ struct Authctxt {
52 int valid; /* user exists and is allowed to login */ 52 int valid; /* user exists and is allowed to login */
53 int attempt; 53 int attempt;
54 int failures; 54 int failures;
55 int force_pwchange;
55 char *user; /* username sent by the client */ 56 char *user; /* username sent by the client */
56 char *service; 57 char *service;
57 struct passwd *pw; /* set if 'valid' */ 58 struct passwd *pw; /* set if 'valid' */
@@ -102,9 +103,9 @@ int auth_rhosts(struct passwd *, const char *);
102int 103int
103auth_rhosts2(struct passwd *, const char *, const char *, const char *); 104auth_rhosts2(struct passwd *, const char *, const char *, const char *);
104 105
105int auth_rhosts_rsa(struct passwd *, char *, Key *); 106int auth_rhosts_rsa(Authctxt *, char *, Key *);
106int auth_password(Authctxt *, const char *); 107int auth_password(Authctxt *, const char *);
107int auth_rsa(struct passwd *, BIGNUM *); 108int auth_rsa(Authctxt *, BIGNUM *);
108int auth_rsa_challenge_dialog(Key *); 109int auth_rsa_challenge_dialog(Key *);
109BIGNUM *auth_rsa_generate_challenge(Key *); 110BIGNUM *auth_rsa_generate_challenge(Key *);
110int auth_rsa_verify_response(Key *, BIGNUM *, u_char[]); 111int auth_rsa_verify_response(Key *, BIGNUM *, u_char[]);
@@ -118,15 +119,21 @@ int user_key_allowed(struct passwd *, Key *);
118int auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client, krb5_data *); 119int auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client, krb5_data *);
119int auth_krb5_tgt(Authctxt *authctxt, krb5_data *tgt); 120int auth_krb5_tgt(Authctxt *authctxt, krb5_data *tgt);
120int auth_krb5_password(Authctxt *authctxt, const char *password); 121int auth_krb5_password(Authctxt *authctxt, const char *password);
121void krb5_cleanup_proc(void *authctxt); 122void krb5_cleanup_proc(Authctxt *authctxt);
122#endif /* KRB5 */ 123#endif /* KRB5 */
123 124
125#if defined(USE_SHADOW) && defined(HAS_SHADOW_EXPIRE)
126#include <shadow.h>
127int auth_shadow_acctexpired(struct spwd *);
128int auth_shadow_pwexpired(Authctxt *);
129#endif
130
124#include "auth-pam.h" 131#include "auth-pam.h"
132void disable_forwarding(void);
125 133
126Authctxt *do_authentication(void); 134void do_authentication(Authctxt *);
127Authctxt *do_authentication2(void); 135void do_authentication2(Authctxt *);
128 136
129Authctxt *authctxt_new(void);
130void auth_log(Authctxt *, int, char *, char *); 137void auth_log(Authctxt *, int, char *, char *);
131void userauth_finish(Authctxt *, int, char *); 138void userauth_finish(Authctxt *, int, char *);
132int auth_root_allowed(char *); 139int auth_root_allowed(char *);
@@ -149,8 +156,6 @@ char *get_challenge(Authctxt *);
149int verify_response(Authctxt *, const char *); 156int verify_response(Authctxt *, const char *);
150void abandon_challenge_response(Authctxt *); 157void abandon_challenge_response(Authctxt *);
151 158
152struct passwd * auth_get_user(void);
153
154char *expand_filename(const char *, struct passwd *); 159char *expand_filename(const char *, struct passwd *);
155char *authorized_keys_file(struct passwd *); 160char *authorized_keys_file(struct passwd *);
156char *authorized_keys_file2(struct passwd *); 161char *authorized_keys_file2(struct passwd *);
diff --git a/auth1.c b/auth1.c
index dfe944dd1..82fe5fb80 100644
--- a/auth1.c
+++ b/auth1.c
@@ -10,7 +10,7 @@
10 */ 10 */
11 11
12#include "includes.h" 12#include "includes.h"
13RCSID("$OpenBSD: auth1.c,v 1.52 2003/08/28 12:54:34 markus Exp $"); 13RCSID("$OpenBSD: auth1.c,v 1.55 2003/11/08 16:02:40 jakob Exp $");
14 14
15#include "xmalloc.h" 15#include "xmalloc.h"
16#include "rsa.h" 16#include "rsa.h"
@@ -139,7 +139,7 @@ do_authloop(Authctxt *authctxt)
139 BN_num_bits(client_host_key->rsa->n), bits); 139 BN_num_bits(client_host_key->rsa->n), bits);
140 packet_check_eom(); 140 packet_check_eom();
141 141
142 authenticated = auth_rhosts_rsa(pw, client_user, 142 authenticated = auth_rhosts_rsa(authctxt, client_user,
143 client_host_key); 143 client_host_key);
144 key_free(client_host_key); 144 key_free(client_host_key);
145 145
@@ -156,7 +156,7 @@ do_authloop(Authctxt *authctxt)
156 fatal("do_authloop: BN_new failed"); 156 fatal("do_authloop: BN_new failed");
157 packet_get_bignum(n); 157 packet_get_bignum(n);
158 packet_check_eom(); 158 packet_check_eom();
159 authenticated = auth_rsa(pw, n); 159 authenticated = auth_rsa(authctxt, n);
160 BN_clear_free(n); 160 BN_clear_free(n);
161 break; 161 break;
162 162
@@ -235,7 +235,7 @@ do_authloop(Authctxt *authctxt)
235 if (authenticated && 235 if (authenticated &&
236 !check_nt_auth(type == SSH_CMSG_AUTH_PASSWORD, pw)) { 236 !check_nt_auth(type == SSH_CMSG_AUTH_PASSWORD, pw)) {
237 packet_disconnect("Authentication rejected for uid %d.", 237 packet_disconnect("Authentication rejected for uid %d.",
238 pw == NULL ? -1 : pw->pw_uid); 238 pw == NULL ? -1 : pw->pw_uid);
239 authenticated = 0; 239 authenticated = 0;
240 } 240 }
241#else 241#else
@@ -246,7 +246,7 @@ do_authloop(Authctxt *authctxt)
246#endif 246#endif
247 247
248#ifdef USE_PAM 248#ifdef USE_PAM
249 if (options.use_pam && authenticated && 249 if (options.use_pam && authenticated &&
250 !PRIVSEP(do_pam_account())) 250 !PRIVSEP(do_pam_account()))
251 authenticated = 0; 251 authenticated = 0;
252#endif 252#endif
@@ -275,10 +275,9 @@ do_authloop(Authctxt *authctxt)
275 * Performs authentication of an incoming connection. Session key has already 275 * Performs authentication of an incoming connection. Session key has already
276 * been exchanged and encryption is enabled. 276 * been exchanged and encryption is enabled.
277 */ 277 */
278Authctxt * 278void
279do_authentication(void) 279do_authentication(Authctxt *authctxt)
280{ 280{
281 Authctxt *authctxt;
282 u_int ulen; 281 u_int ulen;
283 char *user, *style = NULL; 282 char *user, *style = NULL;
284 283
@@ -292,7 +291,6 @@ do_authentication(void)
292 if ((style = strchr(user, ':')) != NULL) 291 if ((style = strchr(user, ':')) != NULL)
293 *style++ = '\0'; 292 *style++ = '\0';
294 293
295 authctxt = authctxt_new();
296 authctxt->user = user; 294 authctxt->user = user;
297 authctxt->style = style; 295 authctxt->style = style;
298 296
@@ -332,6 +330,4 @@ do_authentication(void)
332 packet_start(SSH_SMSG_SUCCESS); 330 packet_start(SSH_SMSG_SUCCESS);
333 packet_send(); 331 packet_send();
334 packet_write_wait(); 332 packet_write_wait();
335
336 return (authctxt);
337} 333}
diff --git a/auth2-gss.c b/auth2-gss.c
index 75b94b009..9249988d3 100644
--- a/auth2-gss.c
+++ b/auth2-gss.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth2-gss.c,v 1.3 2003/09/01 20:44:54 markus Exp $ */ 1/* $OpenBSD: auth2-gss.c,v 1.7 2003/11/21 11:57:03 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. 4 * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -43,6 +43,7 @@
43extern ServerOptions options; 43extern ServerOptions options;
44 44
45static void input_gssapi_token(int type, u_int32_t plen, void *ctxt); 45static void input_gssapi_token(int type, u_int32_t plen, void *ctxt);
46static void input_gssapi_mic(int type, u_int32_t plen, void *ctxt);
46static void input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt); 47static void input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt);
47static void input_gssapi_errtok(int, u_int32_t, void *); 48static void input_gssapi_errtok(int, u_int32_t, void *);
48 49
@@ -78,17 +79,19 @@ userauth_gssapi(Authctxt *authctxt)
78 if (doid) 79 if (doid)
79 xfree(doid); 80 xfree(doid);
80 81
82 present = 0;
81 doid = packet_get_string(&len); 83 doid = packet_get_string(&len);
82 84
83 if (doid[0] != SSH_GSS_OIDTYPE || doid[1] != len-2) { 85 if (len > 2 &&
84 logit("Mechanism OID received using the old encoding form"); 86 doid[0] == SSH_GSS_OIDTYPE &&
85 oid.elements = doid; 87 doid[1] == len - 2) {
86 oid.length = len;
87 } else {
88 oid.elements = doid + 2; 88 oid.elements = doid + 2;
89 oid.length = len - 2; 89 oid.length = len - 2;
90 gss_test_oid_set_member(&ms, &oid, supported,
91 &present);
92 } else {
93 logit("Badly formed OID received");
90 } 94 }
91 gss_test_oid_set_member(&ms, &oid, supported, &present);
92 } while (mechs > 0 && !present); 95 } while (mechs > 0 && !present);
93 96
94 gss_release_oid_set(&ms, &supported); 97 gss_release_oid_set(&ms, &supported);
@@ -107,7 +110,7 @@ userauth_gssapi(Authctxt *authctxt)
107 110
108 packet_start(SSH2_MSG_USERAUTH_GSSAPI_RESPONSE); 111 packet_start(SSH2_MSG_USERAUTH_GSSAPI_RESPONSE);
109 112
110 /* Return OID in same format as we received it*/ 113 /* Return the OID that we received */
111 packet_put_string(doid, len); 114 packet_put_string(doid, len);
112 115
113 packet_send(); 116 packet_send();
@@ -127,7 +130,7 @@ input_gssapi_token(int type, u_int32_t plen, void *ctxt)
127 Gssctxt *gssctxt; 130 Gssctxt *gssctxt;
128 gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; 131 gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
129 gss_buffer_desc recv_tok; 132 gss_buffer_desc recv_tok;
130 OM_uint32 maj_status, min_status; 133 OM_uint32 maj_status, min_status, flags;
131 u_int len; 134 u_int len;
132 135
133 if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep)) 136 if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep))
@@ -140,7 +143,7 @@ input_gssapi_token(int type, u_int32_t plen, void *ctxt)
140 packet_check_eom(); 143 packet_check_eom();
141 144
142 maj_status = PRIVSEP(ssh_gssapi_accept_ctx(gssctxt, &recv_tok, 145 maj_status = PRIVSEP(ssh_gssapi_accept_ctx(gssctxt, &recv_tok,
143 &send_tok, NULL)); 146 &send_tok, &flags));
144 147
145 xfree(recv_tok.value); 148 xfree(recv_tok.value);
146 149
@@ -152,7 +155,7 @@ input_gssapi_token(int type, u_int32_t plen, void *ctxt)
152 } 155 }
153 authctxt->postponed = 0; 156 authctxt->postponed = 0;
154 dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); 157 dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
155 userauth_finish(authctxt, 0, "gssapi"); 158 userauth_finish(authctxt, 0, "gssapi-with-mic");
156 } else { 159 } else {
157 if (send_tok.length != 0) { 160 if (send_tok.length != 0) {
158 packet_start(SSH2_MSG_USERAUTH_GSSAPI_TOKEN); 161 packet_start(SSH2_MSG_USERAUTH_GSSAPI_TOKEN);
@@ -161,8 +164,13 @@ input_gssapi_token(int type, u_int32_t plen, void *ctxt)
161 } 164 }
162 if (maj_status == GSS_S_COMPLETE) { 165 if (maj_status == GSS_S_COMPLETE) {
163 dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); 166 dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
164 dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, 167 if (flags & GSS_C_INTEG_FLAG)
165 &input_gssapi_exchange_complete); 168 dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_MIC,
169 &input_gssapi_mic);
170 else
171 dispatch_set(
172 SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE,
173 &input_gssapi_exchange_complete);
166 } 174 }
167 } 175 }
168 176
@@ -222,9 +230,8 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt)
222 gssctxt = authctxt->methoddata; 230 gssctxt = authctxt->methoddata;
223 231
224 /* 232 /*
225 * We don't need to check the status, because the stored credentials 233 * We don't need to check the status, because we're only enabled in
226 * which userok uses are only populated once the context init step 234 * the dispatcher once the exchange is complete
227 * has returned complete.
228 */ 235 */
229 236
230 packet_check_eom(); 237 packet_check_eom();
@@ -234,12 +241,53 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt)
234 authctxt->postponed = 0; 241 authctxt->postponed = 0;
235 dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); 242 dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
236 dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, NULL); 243 dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, NULL);
244 dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_MIC, NULL);
245 dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, NULL);
246 userauth_finish(authctxt, authenticated, "gssapi-with-mic");
247}
248
249static void
250input_gssapi_mic(int type, u_int32_t plen, void *ctxt)
251{
252 Authctxt *authctxt = ctxt;
253 Gssctxt *gssctxt;
254 int authenticated = 0;
255 Buffer b;
256 gss_buffer_desc mic, gssbuf;
257 u_int len;
258
259 if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep))
260 fatal("No authentication or GSSAPI context");
261
262 gssctxt = authctxt->methoddata;
263
264 mic.value = packet_get_string(&len);
265 mic.length = len;
266
267 ssh_gssapi_buildmic(&b, authctxt->user, authctxt->service,
268 "gssapi-with-mic");
269
270 gssbuf.value = buffer_ptr(&b);
271 gssbuf.length = buffer_len(&b);
272
273 if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic))))
274 authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user));
275 else
276 logit("GSSAPI MIC check failed");
277
278 buffer_free(&b);
279 xfree(mic.value);
280
281 authctxt->postponed = 0;
282 dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
283 dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, NULL);
284 dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_MIC, NULL);
237 dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, NULL); 285 dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, NULL);
238 userauth_finish(authctxt, authenticated, "gssapi"); 286 userauth_finish(authctxt, authenticated, "gssapi-with-mic");
239} 287}
240 288
241Authmethod method_gssapi = { 289Authmethod method_gssapi = {
242 "gssapi", 290 "gssapi-with-mic",
243 userauth_gssapi, 291 userauth_gssapi,
244 &options.gss_authentication 292 &options.gss_authentication
245}; 293};
diff --git a/auth2-hostbased.c b/auth2-hostbased.c
index 505d3eff4..1111ed67a 100644
--- a/auth2-hostbased.c
+++ b/auth2-hostbased.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: auth2-hostbased.c,v 1.5 2003/06/24 08:23:46 markus Exp $"); 26RCSID("$OpenBSD: auth2-hostbased.c,v 1.6 2004/01/19 21:25:15 markus Exp $");
27 27
28#include "ssh2.h" 28#include "ssh2.h"
29#include "xmalloc.h" 29#include "xmalloc.h"
@@ -114,7 +114,7 @@ userauth_hostbased(Authctxt *authctxt)
114 buffer_len(&b))) == 1) 114 buffer_len(&b))) == 1)
115 authenticated = 1; 115 authenticated = 1;
116 116
117 buffer_clear(&b); 117 buffer_free(&b);
118done: 118done:
119 debug2("userauth_hostbased: authenticated %d", authenticated); 119 debug2("userauth_hostbased: authenticated %d", authenticated);
120 if (key != NULL) 120 if (key != NULL)
diff --git a/auth2-passwd.c b/auth2-passwd.c
index 67fb4c921..a4f482d2e 100644
--- a/auth2-passwd.c
+++ b/auth2-passwd.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: auth2-passwd.c,v 1.4 2003/08/26 09:58:43 markus Exp $"); 26RCSID("$OpenBSD: auth2-passwd.c,v 1.5 2003/12/31 00:24:50 dtucker Exp $");
27 27
28#include "xmalloc.h" 28#include "xmalloc.h"
29#include "packet.h" 29#include "packet.h"
@@ -38,16 +38,24 @@ extern ServerOptions options;
38static int 38static int
39userauth_passwd(Authctxt *authctxt) 39userauth_passwd(Authctxt *authctxt)
40{ 40{
41 char *password; 41 char *password, *newpass;
42 int authenticated = 0; 42 int authenticated = 0;
43 int change; 43 int change;
44 u_int len; 44 u_int len, newlen;
45
45 change = packet_get_char(); 46 change = packet_get_char();
46 if (change)
47 logit("password change not supported");
48 password = packet_get_string(&len); 47 password = packet_get_string(&len);
48 if (change) {
49 /* discard new password from packet */
50 newpass = packet_get_string(&newlen);
51 memset(newpass, 0, newlen);
52 xfree(newpass);
53 }
49 packet_check_eom(); 54 packet_check_eom();
50 if (PRIVSEP(auth_password(authctxt, password)) == 1 55
56 if (change)
57 logit("password change not supported");
58 else if (PRIVSEP(auth_password(authctxt, password)) == 1
51#ifdef HAVE_CYGWIN 59#ifdef HAVE_CYGWIN
52 && check_nt_auth(1, authctxt->pw) 60 && check_nt_auth(1, authctxt->pw)
53#endif 61#endif
diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index d51e939f1..3063eecc3 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: auth2-pubkey.c,v 1.4 2003/06/24 08:23:46 markus Exp $"); 26RCSID("$OpenBSD: auth2-pubkey.c,v 1.6 2004/01/19 21:25:15 markus Exp $");
27 27
28#include "ssh2.h" 28#include "ssh2.h"
29#include "xmalloc.h" 29#include "xmalloc.h"
@@ -123,9 +123,9 @@ userauth_pubkey(Authctxt *authctxt)
123 authenticated = 0; 123 authenticated = 0;
124 if (PRIVSEP(user_key_allowed(authctxt->pw, key)) && 124 if (PRIVSEP(user_key_allowed(authctxt->pw, key)) &&
125 PRIVSEP(key_verify(key, sig, slen, buffer_ptr(&b), 125 PRIVSEP(key_verify(key, sig, slen, buffer_ptr(&b),
126 buffer_len(&b))) == 1) 126 buffer_len(&b))) == 1)
127 authenticated = 1; 127 authenticated = 1;
128 buffer_clear(&b); 128 buffer_free(&b);
129 xfree(sig); 129 xfree(sig);
130 } else { 130 } else {
131 debug("test whether pkalg/pkblob are acceptable"); 131 debug("test whether pkalg/pkblob are acceptable");
@@ -175,9 +175,6 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file)
175 Key *found; 175 Key *found;
176 char *fp; 176 char *fp;
177 177
178 if (pw == NULL)
179 return 0;
180
181 /* Temporarily use the user's uid. */ 178 /* Temporarily use the user's uid. */
182 temporarily_use_uid(pw); 179 temporarily_use_uid(pw);
183 180
diff --git a/auth2.c b/auth2.c
index 41e77efdc..a9490ccfd 100644
--- a/auth2.c
+++ b/auth2.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: auth2.c,v 1.102 2003/08/26 09:58:43 markus Exp $"); 26RCSID("$OpenBSD: auth2.c,v 1.104 2003/11/04 08:54:09 djm Exp $");
27 27
28#include "ssh2.h" 28#include "ssh2.h"
29#include "xmalloc.h" 29#include "xmalloc.h"
@@ -45,8 +45,6 @@ extern ServerOptions options;
45extern u_char *session_id2; 45extern u_char *session_id2;
46extern u_int session_id2_len; 46extern u_int session_id2_len;
47 47
48Authctxt *x_authctxt = NULL;
49
50/* methods */ 48/* methods */
51 49
52extern Authmethod method_none; 50extern Authmethod method_none;
@@ -79,19 +77,14 @@ static void input_userauth_request(int, u_int32_t, void *);
79static Authmethod *authmethod_lookup(const char *); 77static Authmethod *authmethod_lookup(const char *);
80static char *authmethods_get(void); 78static char *authmethods_get(void);
81int user_key_allowed(struct passwd *, Key *); 79int user_key_allowed(struct passwd *, Key *);
82int hostbased_key_allowed(struct passwd *, const char *, char *, Key *);
83 80
84/* 81/*
85 * loop until authctxt->success == TRUE 82 * loop until authctxt->success == TRUE
86 */ 83 */
87 84
88Authctxt * 85void
89do_authentication2(void) 86do_authentication2(Authctxt *authctxt)
90{ 87{
91 Authctxt *authctxt = authctxt_new();
92
93 x_authctxt = authctxt; /*XXX*/
94
95 /* challenge-response is implemented via keyboard interactive */ 88 /* challenge-response is implemented via keyboard interactive */
96 if (options.challenge_response_authentication) 89 if (options.challenge_response_authentication)
97 options.kbd_interactive_authentication = 1; 90 options.kbd_interactive_authentication = 1;
@@ -99,8 +92,6 @@ do_authentication2(void)
99 dispatch_init(&dispatch_protocol_error); 92 dispatch_init(&dispatch_protocol_error);
100 dispatch_set(SSH2_MSG_SERVICE_REQUEST, &input_service_request); 93 dispatch_set(SSH2_MSG_SERVICE_REQUEST, &input_service_request);
101 dispatch_run(DISPATCH_BLOCK, &authctxt->success, authctxt); 94 dispatch_run(DISPATCH_BLOCK, &authctxt->success, authctxt);
102
103 return (authctxt);
104} 95}
105 96
106static void 97static void
@@ -264,14 +255,6 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method)
264 } 255 }
265} 256}
266 257
267/* get current user */
268
269struct passwd*
270auth_get_user(void)
271{
272 return (x_authctxt != NULL && x_authctxt->valid) ? x_authctxt->pw : NULL;
273}
274
275#define DELIM "," 258#define DELIM ","
276 259
277static char * 260static char *
diff --git a/authfd.c b/authfd.c
index c78db6d94..42ca08256 100644
--- a/authfd.c
+++ b/authfd.c
@@ -35,7 +35,7 @@
35 */ 35 */
36 36
37#include "includes.h" 37#include "includes.h"
38RCSID("$OpenBSD: authfd.c,v 1.61 2003/06/28 16:23:06 deraadt Exp $"); 38RCSID("$OpenBSD: authfd.c,v 1.63 2003/11/21 11:57:03 djm Exp $");
39 39
40#include <openssl/evp.h> 40#include <openssl/evp.h>
41 41
@@ -114,7 +114,8 @@ ssh_get_authentication_socket(void)
114static int 114static int
115ssh_request_reply(AuthenticationConnection *auth, Buffer *request, Buffer *reply) 115ssh_request_reply(AuthenticationConnection *auth, Buffer *request, Buffer *reply)
116{ 116{
117 int l, len; 117 int l;
118 u_int len;
118 char buf[1024]; 119 char buf[1024];
119 120
120 /* Get the length of the message, and format it in the buffer. */ 121 /* Get the length of the message, and format it in the buffer. */
@@ -147,7 +148,7 @@ ssh_request_reply(AuthenticationConnection *auth, Buffer *request, Buffer *reply
147 /* Extract the length, and check it for sanity. */ 148 /* Extract the length, and check it for sanity. */
148 len = GET_32BIT(buf); 149 len = GET_32BIT(buf);
149 if (len > 256 * 1024) 150 if (len > 256 * 1024)
150 fatal("Authentication response too long: %d", len); 151 fatal("Authentication response too long: %u", len);
151 152
152 /* Read the rest of the response in to the buffer. */ 153 /* Read the rest of the response in to the buffer. */
153 buffer_clear(reply); 154 buffer_clear(reply);
@@ -292,7 +293,7 @@ ssh_get_num_identities(AuthenticationConnection *auth, int version)
292 293
293 /* Get the number of entries in the response and check it for sanity. */ 294 /* Get the number of entries in the response and check it for sanity. */
294 auth->howmany = buffer_get_int(&auth->identities); 295 auth->howmany = buffer_get_int(&auth->identities);
295 if (auth->howmany > 1024) 296 if ((u_int)auth->howmany > 1024)
296 fatal("Too many identities in authentication reply: %d", 297 fatal("Too many identities in authentication reply: %d",
297 auth->howmany); 298 auth->howmany);
298 299
@@ -589,7 +590,7 @@ ssh_remove_identity(AuthenticationConnection *auth, Key *key)
589} 590}
590 591
591int 592int
592ssh_update_card(AuthenticationConnection *auth, int add, 593ssh_update_card(AuthenticationConnection *auth, int add,
593 const char *reader_id, const char *pin, u_int life, u_int confirm) 594 const char *reader_id, const char *pin, u_int life, u_int confirm)
594{ 595{
595 Buffer msg; 596 Buffer msg;
@@ -606,7 +607,7 @@ ssh_update_card(AuthenticationConnection *auth, int add,
606 buffer_put_char(&msg, type); 607 buffer_put_char(&msg, type);
607 buffer_put_cstring(&msg, reader_id); 608 buffer_put_cstring(&msg, reader_id);
608 buffer_put_cstring(&msg, pin); 609 buffer_put_cstring(&msg, pin);
609 610
610 if (constrained) { 611 if (constrained) {
611 if (life != 0) { 612 if (life != 0) {
612 buffer_put_char(&msg, SSH_AGENT_CONSTRAIN_LIFETIME); 613 buffer_put_char(&msg, SSH_AGENT_CONSTRAIN_LIFETIME);
diff --git a/authfd.h b/authfd.h
index 74b825c51..0a6a4e3ec 100644
--- a/authfd.h
+++ b/authfd.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: authfd.h,v 1.33 2003/06/11 11:18:38 djm Exp $ */ 1/* $OpenBSD: authfd.h,v 1.34 2003/11/21 11:57:03 djm Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -83,7 +83,7 @@ int ssh_add_identity_constrained(AuthenticationConnection *, Key *,
83int ssh_remove_identity(AuthenticationConnection *, Key *); 83int ssh_remove_identity(AuthenticationConnection *, Key *);
84int ssh_remove_all_identities(AuthenticationConnection *, int); 84int ssh_remove_all_identities(AuthenticationConnection *, int);
85int ssh_lock_agent(AuthenticationConnection *, int, const char *); 85int ssh_lock_agent(AuthenticationConnection *, int, const char *);
86int ssh_update_card(AuthenticationConnection *, int, const char *, 86int ssh_update_card(AuthenticationConnection *, int, const char *,
87 const char *, u_int, u_int); 87 const char *, u_int, u_int);
88 88
89int 89int
diff --git a/authfile.c b/authfile.c
index 1f46093e3..83ddd635f 100644
--- a/authfile.c
+++ b/authfile.c
@@ -36,7 +36,7 @@
36 */ 36 */
37 37
38#include "includes.h" 38#include "includes.h"
39RCSID("$OpenBSD: authfile.c,v 1.54 2003/05/24 09:30:39 djm Exp $"); 39RCSID("$OpenBSD: authfile.c,v 1.55 2003/09/18 07:56:05 markus Exp $");
40 40
41#include <openssl/err.h> 41#include <openssl/err.h>
42#include <openssl/evp.h> 42#include <openssl/evp.h>
@@ -143,6 +143,7 @@ key_save_private_rsa1(Key *key, const char *filename, const char *passphrase,
143 fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); 143 fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600);
144 if (fd < 0) { 144 if (fd < 0) {
145 error("open %s failed: %s.", filename, strerror(errno)); 145 error("open %s failed: %s.", filename, strerror(errno));
146 buffer_free(&encrypted);
146 return 0; 147 return 0;
147 } 148 }
148 if (write(fd, buffer_ptr(&encrypted), buffer_len(&encrypted)) != 149 if (write(fd, buffer_ptr(&encrypted), buffer_len(&encrypted)) !=
diff --git a/bufaux.c b/bufaux.c
index 37cc27ff6..bf148316d 100644
--- a/bufaux.c
+++ b/bufaux.c
@@ -37,7 +37,7 @@
37 */ 37 */
38 38
39#include "includes.h" 39#include "includes.h"
40RCSID("$OpenBSD: bufaux.c,v 1.29 2003/04/08 20:21:28 itojun Exp $"); 40RCSID("$OpenBSD: bufaux.c,v 1.32 2004/02/23 15:12:46 markus Exp $");
41 41
42#include <openssl/bn.h> 42#include <openssl/bn.h>
43#include "bufaux.h" 43#include "bufaux.h"
@@ -50,7 +50,7 @@ RCSID("$OpenBSD: bufaux.c,v 1.29 2003/04/08 20:21:28 itojun Exp $");
50 * by (bits+7)/8 bytes of binary data, msb first. 50 * by (bits+7)/8 bytes of binary data, msb first.
51 */ 51 */
52void 52void
53buffer_put_bignum(Buffer *buffer, BIGNUM *value) 53buffer_put_bignum(Buffer *buffer, const BIGNUM *value)
54{ 54{
55 int bits = BN_num_bits(value); 55 int bits = BN_num_bits(value);
56 int bin_size = (bits + 7) / 8; 56 int bin_size = (bits + 7) / 8;
@@ -80,7 +80,7 @@ buffer_put_bignum(Buffer *buffer, BIGNUM *value)
80void 80void
81buffer_get_bignum(Buffer *buffer, BIGNUM *value) 81buffer_get_bignum(Buffer *buffer, BIGNUM *value)
82{ 82{
83 int bits, bytes; 83 u_int bits, bytes;
84 u_char buf[2], *bin; 84 u_char buf[2], *bin;
85 85
86 /* Get the number for bits. */ 86 /* Get the number for bits. */
@@ -101,48 +101,49 @@ buffer_get_bignum(Buffer *buffer, BIGNUM *value)
101 * Stores an BIGNUM in the buffer in SSH2 format. 101 * Stores an BIGNUM in the buffer in SSH2 format.
102 */ 102 */
103void 103void
104buffer_put_bignum2(Buffer *buffer, BIGNUM *value) 104buffer_put_bignum2(Buffer *buffer, const BIGNUM *value)
105{ 105{
106 int bytes = BN_num_bytes(value) + 1; 106 u_int bytes;
107 u_char *buf = xmalloc(bytes); 107 u_char *buf;
108 int oi; 108 int oi;
109 int hasnohigh = 0; 109 u_int hasnohigh = 0;
110 110
111 if (BN_is_zero(value)) {
112 buffer_put_int(buffer, 0);
113 return;
114 }
115 if (value->neg)
116 fatal("buffer_put_bignum2: negative numbers not supported");
117 bytes = BN_num_bytes(value) + 1; /* extra padding byte */
118 if (bytes < 2)
119 fatal("buffer_put_bignum2: BN too small");
120 buf = xmalloc(bytes);
111 buf[0] = '\0'; 121 buf[0] = '\0';
112 /* Get the value of in binary */ 122 /* Get the value of in binary */
113 oi = BN_bn2bin(value, buf+1); 123 oi = BN_bn2bin(value, buf+1);
114 if (oi != bytes-1) 124 if (oi != bytes-1)
115 fatal("buffer_put_bignum: BN_bn2bin() failed: oi %d != bin_size %d", 125 fatal("buffer_put_bignum2: BN_bn2bin() failed: "
116 oi, bytes); 126 "oi %d != bin_size %d", oi, bytes);
117 hasnohigh = (buf[1] & 0x80) ? 0 : 1; 127 hasnohigh = (buf[1] & 0x80) ? 0 : 1;
118 if (value->neg) {
119 /**XXX should be two's-complement */
120 int i, carry;
121 u_char *uc = buf;
122 logit("negativ!");
123 for (i = bytes-1, carry = 1; i>=0; i--) {
124 uc[i] ^= 0xff;
125 if (carry)
126 carry = !++uc[i];
127 }
128 }
129 buffer_put_string(buffer, buf+hasnohigh, bytes-hasnohigh); 128 buffer_put_string(buffer, buf+hasnohigh, bytes-hasnohigh);
130 memset(buf, 0, bytes); 129 memset(buf, 0, bytes);
131 xfree(buf); 130 xfree(buf);
132} 131}
133 132
134/* XXX does not handle negative BNs */
135void 133void
136buffer_get_bignum2(Buffer *buffer, BIGNUM *value) 134buffer_get_bignum2(Buffer *buffer, BIGNUM *value)
137{ 135{
138 u_int len; 136 u_int len;
139 u_char *bin = buffer_get_string(buffer, &len); 137 u_char *bin = buffer_get_string(buffer, &len);
140 138
139 if (len > 0 && (bin[0] & 0x80))
140 fatal("buffer_get_bignum2: negative numbers not supported");
141 if (len > 8 * 1024) 141 if (len > 8 * 1024)
142 fatal("buffer_get_bignum2: cannot handle BN of size %d", len); 142 fatal("buffer_get_bignum2: cannot handle BN of size %d", len);
143 BN_bin2bn(bin, len, value); 143 BN_bin2bn(bin, len, value);
144 xfree(bin); 144 xfree(bin);
145} 145}
146
146/* 147/*
147 * Returns integers from the buffer (msb first). 148 * Returns integers from the buffer (msb first).
148 */ 149 */
diff --git a/bufaux.h b/bufaux.h
index 935553579..61c72e353 100644
--- a/bufaux.h
+++ b/bufaux.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: bufaux.h,v 1.18 2002/04/20 09:14:58 markus Exp $ */ 1/* $OpenBSD: bufaux.h,v 1.19 2003/11/10 16:23:41 jakob Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -18,8 +18,8 @@
18#include "buffer.h" 18#include "buffer.h"
19#include <openssl/bn.h> 19#include <openssl/bn.h>
20 20
21void buffer_put_bignum(Buffer *, BIGNUM *); 21void buffer_put_bignum(Buffer *, const BIGNUM *);
22void buffer_put_bignum2(Buffer *, BIGNUM *); 22void buffer_put_bignum2(Buffer *, const BIGNUM *);
23void buffer_get_bignum(Buffer *, BIGNUM *); 23void buffer_get_bignum(Buffer *, BIGNUM *);
24void buffer_get_bignum2(Buffer *, BIGNUM *); 24void buffer_get_bignum2(Buffer *, BIGNUM *);
25 25
diff --git a/buffer.c b/buffer.c
index a80880bb9..9217cb269 100644
--- a/buffer.c
+++ b/buffer.c
@@ -12,7 +12,7 @@
12 */ 12 */
13 13
14#include "includes.h" 14#include "includes.h"
15RCSID("$OpenBSD: buffer.c,v 1.19 2003/09/18 07:54:48 markus Exp $"); 15RCSID("$OpenBSD: buffer.c,v 1.21 2003/11/21 11:57:03 djm Exp $");
16 16
17#include "xmalloc.h" 17#include "xmalloc.h"
18#include "buffer.h" 18#include "buffer.h"
@@ -105,7 +105,7 @@ restart:
105 goto restart; 105 goto restart;
106 } 106 }
107 /* Increase the size of the buffer and retry. */ 107 /* Increase the size of the buffer and retry. */
108 108
109 newlen = buffer->alloc + len + 32768; 109 newlen = buffer->alloc + len + 32768;
110 if (newlen > 0xa00000) 110 if (newlen > 0xa00000)
111 fatal("buffer_append_space: alloc %u not supported", 111 fatal("buffer_append_space: alloc %u not supported",
@@ -169,7 +169,7 @@ buffer_ptr(Buffer *buffer)
169void 169void
170buffer_dump(Buffer *buffer) 170buffer_dump(Buffer *buffer)
171{ 171{
172 int i; 172 u_int i;
173 u_char *ucp = buffer->buf; 173 u_char *ucp = buffer->buf;
174 174
175 for (i = buffer->offset; i < buffer->end; i++) { 175 for (i = buffer->offset; i < buffer->end; i++) {
diff --git a/canohost.c b/canohost.c
index 438175f76..f5145922e 100644
--- a/canohost.c
+++ b/canohost.c
@@ -12,7 +12,7 @@
12 */ 12 */
13 13
14#include "includes.h" 14#include "includes.h"
15RCSID("$OpenBSD: canohost.c,v 1.37 2003/06/02 09:17:34 markus Exp $"); 15RCSID("$OpenBSD: canohost.c,v 1.38 2003/09/23 20:17:11 markus Exp $");
16 16
17#include "packet.h" 17#include "packet.h"
18#include "xmalloc.h" 18#include "xmalloc.h"
@@ -20,6 +20,7 @@ RCSID("$OpenBSD: canohost.c,v 1.37 2003/06/02 09:17:34 markus Exp $");
20#include "canohost.h" 20#include "canohost.h"
21 21
22static void check_ip_options(int, char *); 22static void check_ip_options(int, char *);
23static void ipv64_normalise_mapped(struct sockaddr_storage *, socklen_t *);
23 24
24/* 25/*
25 * Return the canonical name of the host at the other end of the socket. The 26 * Return the canonical name of the host at the other end of the socket. The
@@ -40,31 +41,11 @@ get_remote_hostname(int socket, int use_dns)
40 memset(&from, 0, sizeof(from)); 41 memset(&from, 0, sizeof(from));
41 if (getpeername(socket, (struct sockaddr *)&from, &fromlen) < 0) { 42 if (getpeername(socket, (struct sockaddr *)&from, &fromlen) < 0) {
42 debug("getpeername failed: %.100s", strerror(errno)); 43 debug("getpeername failed: %.100s", strerror(errno));
43 fatal_cleanup(); 44 cleanup_exit(255);
44 } 45 }
45#ifdef IPV4_IN_IPV6 46
46 if (from.ss_family == AF_INET6) { 47 ipv64_normalise_mapped(&from, &fromlen);
47 struct sockaddr_in6 *from6 = (struct sockaddr_in6 *)&from; 48
48
49 /* Detect IPv4 in IPv6 mapped address and convert it to */
50 /* plain (AF_INET) IPv4 address */
51 if (IN6_IS_ADDR_V4MAPPED(&from6->sin6_addr)) {
52 struct sockaddr_in *from4 = (struct sockaddr_in *)&from;
53 struct in_addr addr;
54 u_int16_t port;
55
56 memcpy(&addr, ((char *)&from6->sin6_addr) + 12, sizeof(addr));
57 port = from6->sin6_port;
58
59 memset(&from, 0, sizeof(from));
60
61 from4->sin_family = AF_INET;
62 fromlen = sizeof(*from4);
63 memcpy(&from4->sin_addr, &addr, sizeof(addr));
64 from4->sin_port = port;
65 }
66 }
67#endif
68 if (from.ss_family == AF_INET6) 49 if (from.ss_family == AF_INET6)
69 fromlen = sizeof(struct sockaddr_in6); 50 fromlen = sizeof(struct sockaddr_in6);
70 51
@@ -185,6 +166,31 @@ check_ip_options(int socket, char *ipaddr)
185#endif /* IP_OPTIONS */ 166#endif /* IP_OPTIONS */
186} 167}
187 168
169static void
170ipv64_normalise_mapped(struct sockaddr_storage *addr, socklen_t *len)
171{
172 struct sockaddr_in6 *a6 = (struct sockaddr_in6 *)addr;
173 struct sockaddr_in *a4 = (struct sockaddr_in *)addr;
174 struct in_addr inaddr;
175 u_int16_t port;
176
177 if (addr->ss_family != AF_INET6 ||
178 !IN6_IS_ADDR_V4MAPPED(&a6->sin6_addr))
179 return;
180
181 debug3("Normalising mapped IPv4 in IPv6 address");
182
183 memcpy(&inaddr, ((char *)&a6->sin6_addr) + 12, sizeof(inaddr));
184 port = a6->sin6_port;
185
186 memset(addr, 0, sizeof(*a4));
187
188 a4->sin_family = AF_INET;
189 *len = sizeof(*a4);
190 memcpy(&a4->sin_addr, &inaddr, sizeof(inaddr));
191 a4->sin_port = port;
192}
193
188/* 194/*
189 * Return the canonical name of the host in the other side of the current 195 * Return the canonical name of the host in the other side of the current
190 * connection. The host name is cached, so it is efficient to call this 196 * connection. The host name is cached, so it is efficient to call this
@@ -296,7 +302,7 @@ get_remote_ipaddr(void)
296 canonical_host_ip = 302 canonical_host_ip =
297 get_peer_ipaddr(packet_get_connection_in()); 303 get_peer_ipaddr(packet_get_connection_in());
298 if (canonical_host_ip == NULL) 304 if (canonical_host_ip == NULL)
299 fatal_cleanup(); 305 cleanup_exit(255);
300 } else { 306 } else {
301 /* If not on socket, return UNKNOWN. */ 307 /* If not on socket, return UNKNOWN. */
302 canonical_host_ip = xstrdup("UNKNOWN"); 308 canonical_host_ip = xstrdup("UNKNOWN");
@@ -336,7 +342,7 @@ get_sock_port(int sock, int local)
336 } else { 342 } else {
337 if (getpeername(sock, (struct sockaddr *)&from, &fromlen) < 0) { 343 if (getpeername(sock, (struct sockaddr *)&from, &fromlen) < 0) {
338 debug("getpeername failed: %.100s", strerror(errno)); 344 debug("getpeername failed: %.100s", strerror(errno));
339 fatal_cleanup(); 345 cleanup_exit(255);
340 } 346 }
341 } 347 }
342 348
diff --git a/channels.c b/channels.c
index 65a6a7f00..e663c2159 100644
--- a/channels.c
+++ b/channels.c
@@ -39,7 +39,7 @@
39 */ 39 */
40 40
41#include "includes.h" 41#include "includes.h"
42RCSID("$OpenBSD: channels.c,v 1.194 2003/08/29 10:04:36 markus Exp $"); 42RCSID("$OpenBSD: channels.c,v 1.200 2004/01/19 09:24:21 markus Exp $");
43 43
44#include "ssh.h" 44#include "ssh.h"
45#include "ssh1.h" 45#include "ssh1.h"
@@ -217,7 +217,6 @@ channel_new(char *ctype, int type, int rfd, int wfd, int efd,
217 channels = xmalloc(channels_alloc * sizeof(Channel *)); 217 channels = xmalloc(channels_alloc * sizeof(Channel *));
218 for (i = 0; i < channels_alloc; i++) 218 for (i = 0; i < channels_alloc; i++)
219 channels[i] = NULL; 219 channels[i] = NULL;
220 fatal_add_cleanup((void (*) (void *)) channel_free_all, NULL);
221 } 220 }
222 /* Try to find a free slot where to put the new channel. */ 221 /* Try to find a free slot where to put the new channel. */
223 for (found = -1, i = 0; i < channels_alloc; i++) 222 for (found = -1, i = 0; i < channels_alloc; i++)
@@ -229,12 +228,13 @@ channel_new(char *ctype, int type, int rfd, int wfd, int efd,
229 if (found == -1) { 228 if (found == -1) {
230 /* There are no free slots. Take last+1 slot and expand the array. */ 229 /* There are no free slots. Take last+1 slot and expand the array. */
231 found = channels_alloc; 230 found = channels_alloc;
232 channels_alloc += 10;
233 if (channels_alloc > 10000) 231 if (channels_alloc > 10000)
234 fatal("channel_new: internal error: channels_alloc %d " 232 fatal("channel_new: internal error: channels_alloc %d "
235 "too big.", channels_alloc); 233 "too big.", channels_alloc);
234 channels = xrealloc(channels,
235 (channels_alloc + 10) * sizeof(Channel *));
236 channels_alloc += 10;
236 debug2("channel: expanding %d", channels_alloc); 237 debug2("channel: expanding %d", channels_alloc);
237 channels = xrealloc(channels, channels_alloc * sizeof(Channel *));
238 for (i = found; i < channels_alloc; i++) 238 for (i = found; i < channels_alloc; i++)
239 channels[i] = NULL; 239 channels[i] = NULL;
240 } 240 }
@@ -970,7 +970,7 @@ channel_decode_socks5(Channel *c, fd_set * readset, fd_set * writeset)
970 have = buffer_len(&c->input); 970 have = buffer_len(&c->input);
971 if (!(c->flags & SSH_SOCKS5_AUTHDONE)) { 971 if (!(c->flags & SSH_SOCKS5_AUTHDONE)) {
972 /* format: ver | nmethods | methods */ 972 /* format: ver | nmethods | methods */
973 if (have < 2) 973 if (have < 2)
974 return 0; 974 return 0;
975 nmethods = p[1]; 975 nmethods = p[1];
976 if (have < nmethods + 2) 976 if (have < nmethods + 2)
@@ -1035,7 +1035,7 @@ channel_decode_socks5(Channel *c, fd_set * readset, fd_set * writeset)
1035 else if (inet_ntop(af, dest_addr, c->path, sizeof(c->path)) == NULL) 1035 else if (inet_ntop(af, dest_addr, c->path, sizeof(c->path)) == NULL)
1036 return -1; 1036 return -1;
1037 c->host_port = ntohs(dest_port); 1037 c->host_port = ntohs(dest_port);
1038 1038
1039 debug2("channel %d: dynamic request: socks5 host %s port %u command %u", 1039 debug2("channel %d: dynamic request: socks5 host %s port %u command %u",
1040 c->self, c->path, c->host_port, s5_req.command); 1040 c->self, c->path, c->host_port, s5_req.command);
1041 1041
@@ -1397,9 +1397,9 @@ channel_handle_wfd(Channel *c, fd_set * readset, fd_set * writeset)
1397 data = buffer_ptr(&c->output); 1397 data = buffer_ptr(&c->output);
1398 dlen = buffer_len(&c->output); 1398 dlen = buffer_len(&c->output);
1399#ifdef _AIX 1399#ifdef _AIX
1400 /* XXX: Later AIX versions can't push as much data to tty */ 1400 /* XXX: Later AIX versions can't push as much data to tty */
1401 if (compat20 && c->wfd_isatty && dlen > 8*1024) 1401 if (compat20 && c->wfd_isatty)
1402 dlen = 8*1024; 1402 dlen = MIN(dlen, 8*1024);
1403#endif 1403#endif
1404 len = write(c->wfd, data, dlen); 1404 len = write(c->wfd, data, dlen);
1405 if (len < 0 && (errno == EINTR || errno == EAGAIN)) 1405 if (len < 0 && (errno == EINTR || errno == EAGAIN))
@@ -1817,13 +1817,25 @@ channel_input_data(int type, u_int32_t seq, void *ctxt)
1817 c->type != SSH_CHANNEL_X11_OPEN) 1817 c->type != SSH_CHANNEL_X11_OPEN)
1818 return; 1818 return;
1819 1819
1820 /* same for protocol 1.5 if output end is no longer open */
1821 if (!compat13 && c->ostate != CHAN_OUTPUT_OPEN)
1822 return;
1823
1824 /* Get the data. */ 1820 /* Get the data. */
1825 data = packet_get_string(&data_len); 1821 data = packet_get_string(&data_len);
1826 1822
1823 /*
1824 * Ignore data for protocol > 1.3 if output end is no longer open.
1825 * For protocol 2 the sending side is reducing its window as it sends
1826 * data, so we must 'fake' consumption of the data in order to ensure
1827 * that window updates are sent back. Otherwise the connection might
1828 * deadlock.
1829 */
1830 if (!compat13 && c->ostate != CHAN_OUTPUT_OPEN) {
1831 if (compat20) {
1832 c->local_window -= data_len;
1833 c->local_consumed += data_len;
1834 }
1835 xfree(data);
1836 return;
1837 }
1838
1827 if (compat20) { 1839 if (compat20) {
1828 if (data_len > c->local_maxpacket) { 1840 if (data_len > c->local_maxpacket) {
1829 logit("channel %d: rcvd big packet %d, maxpack %d", 1841 logit("channel %d: rcvd big packet %d, maxpack %d",
@@ -2195,7 +2207,7 @@ channel_setup_fwd_listener(int type, const char *listen_addr, u_short listen_por
2195 continue; 2207 continue;
2196 } 2208 }
2197 /* Start listening for connections on the socket. */ 2209 /* Start listening for connections on the socket. */
2198 if (listen(sock, 5) < 0) { 2210 if (listen(sock, SSH_LISTEN_BACKLOG) < 0) {
2199 error("listen: %.100s", strerror(errno)); 2211 error("listen: %.100s", strerror(errno));
2200 close(sock); 2212 close(sock);
2201 continue; 2213 continue;
@@ -2550,7 +2562,7 @@ x11_create_display_inet(int x11_display_offset, int x11_use_localhost,
2550 /* Start listening for connections on the socket. */ 2562 /* Start listening for connections on the socket. */
2551 for (n = 0; n < num_socks; n++) { 2563 for (n = 0; n < num_socks; n++) {
2552 sock = socks[n]; 2564 sock = socks[n];
2553 if (listen(sock, 5) < 0) { 2565 if (listen(sock, SSH_LISTEN_BACKLOG) < 0) {
2554 error("listen: %.100s", strerror(errno)); 2566 error("listen: %.100s", strerror(errno));
2555 close(sock); 2567 close(sock);
2556 return -1; 2568 return -1;
@@ -2838,46 +2850,3 @@ auth_request_forwarding(void)
2838 packet_send(); 2850 packet_send();
2839 packet_write_wait(); 2851 packet_write_wait();
2840} 2852}
2841
2842/* This is called to process an SSH_SMSG_AGENT_OPEN message. */
2843
2844void
2845auth_input_open_request(int type, u_int32_t seq, void *ctxt)
2846{
2847 Channel *c = NULL;
2848 int remote_id, sock;
2849
2850 /* Read the remote channel number from the message. */
2851 remote_id = packet_get_int();
2852 packet_check_eom();
2853
2854 /*
2855 * Get a connection to the local authentication agent (this may again
2856 * get forwarded).
2857 */
2858 sock = ssh_get_authentication_socket();
2859
2860 /*
2861 * If we could not connect the agent, send an error message back to
2862 * the server. This should never happen unless the agent dies,
2863 * because authentication forwarding is only enabled if we have an
2864 * agent.
2865 */
2866 if (sock >= 0) {
2867 c = channel_new("", SSH_CHANNEL_OPEN, sock, sock,
2868 -1, 0, 0, 0, "authentication agent connection", 1);
2869 c->remote_id = remote_id;
2870 c->force_drain = 1;
2871 }
2872 if (c == NULL) {
2873 packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE);
2874 packet_put_int(remote_id);
2875 } else {
2876 /* Send a confirmation to the remote host. */
2877 debug("Forwarding authentication connection.");
2878 packet_start(SSH_MSG_CHANNEL_OPEN_CONFIRMATION);
2879 packet_put_int(remote_id);
2880 packet_put_int(c->self);
2881 }
2882 packet_send();
2883}
diff --git a/channels.h b/channels.h
index bd2e92589..7d981479b 100644
--- a/channels.h
+++ b/channels.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: channels.h,v 1.70 2002/06/24 14:33:27 markus Exp $ */ 1/* $OpenBSD: channels.h,v 1.71 2003/09/23 20:41:11 markus Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -214,7 +214,6 @@ void deny_input_open(int, u_int32_t, void *);
214/* agent forwarding */ 214/* agent forwarding */
215 215
216void auth_request_forwarding(void); 216void auth_request_forwarding(void);
217void auth_input_open_request(int, u_int32_t, void *);
218 217
219/* channel close */ 218/* channel close */
220 219
diff --git a/cipher-3des1.c b/cipher-3des1.c
index f9a352397..f815e8ae5 100644
--- a/cipher-3des1.c
+++ b/cipher-3des1.c
@@ -23,12 +23,16 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: cipher-3des1.c,v 1.1 2003/05/15 03:08:29 markus Exp $"); 26RCSID("$OpenBSD: cipher-3des1.c,v 1.2 2003/12/22 20:29:55 markus Exp $");
27 27
28#include <openssl/evp.h> 28#include <openssl/evp.h>
29#include "xmalloc.h" 29#include "xmalloc.h"
30#include "log.h" 30#include "log.h"
31 31
32#if OPENSSL_VERSION_NUMBER < 0x00906000L
33#define SSH_OLD_EVP
34#endif
35
32/* 36/*
33 * This is used by SSH1: 37 * This is used by SSH1:
34 * 38 *
@@ -122,6 +126,9 @@ ssh1_3des_cleanup(EVP_CIPHER_CTX *ctx)
122 struct ssh1_3des_ctx *c; 126 struct ssh1_3des_ctx *c;
123 127
124 if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) { 128 if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) {
129 EVP_CIPHER_CTX_cleanup(&c->k1);
130 EVP_CIPHER_CTX_cleanup(&c->k2);
131 EVP_CIPHER_CTX_cleanup(&c->k3);
125 memset(c, 0, sizeof(*c)); 132 memset(c, 0, sizeof(*c));
126 xfree(c); 133 xfree(c);
127 EVP_CIPHER_CTX_set_app_data(ctx, NULL); 134 EVP_CIPHER_CTX_set_app_data(ctx, NULL);
diff --git a/cipher-acss.c b/cipher-acss.c
new file mode 100644
index 000000000..3a966a74d
--- /dev/null
+++ b/cipher-acss.c
@@ -0,0 +1,84 @@
1/*
2 * Copyright (c) 2004 The OpenBSD project
3 *
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17#include "includes.h"
18#include <openssl/evp.h>
19
20RCSID("$Id: cipher-acss.c,v 1.2 2004/02/06 04:26:11 dtucker Exp $");
21
22#if !defined(EVP_CTRL_SET_ACSS_MODE) && (OPENSSL_VERSION_NUMBER >= 0x00907000L)
23
24#include "acss.h"
25
26#define data(ctx) ((EVP_ACSS_KEY *)(ctx)->cipher_data)
27
28typedef struct {
29 ACSS_KEY ks;
30} EVP_ACSS_KEY;
31
32#define EVP_CTRL_SET_ACSS_MODE 0xff06
33#define EVP_CTRL_SET_ACSS_SUBKEY 0xff07
34
35static int
36acss_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
37 const unsigned char *iv, int enc)
38{
39 acss_setkey(&data(ctx)->ks,key,enc,ACSS_DATA);
40 return 1;
41}
42
43static int
44acss_ciph(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in,
45 unsigned int inl)
46{
47 acss(&data(ctx)->ks,inl,in,out);
48 return 1;
49}
50
51static int
52acss_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
53{
54 switch(type) {
55 case EVP_CTRL_SET_ACSS_MODE:
56 data(ctx)->ks.mode = arg;
57 return 1;
58 case EVP_CTRL_SET_ACSS_SUBKEY:
59 acss_setsubkey(&data(ctx)->ks,(unsigned char *)ptr);
60 return 1;
61 default:
62 return -1;
63 }
64}
65
66const EVP_CIPHER *
67evp_acss(void)
68{
69 static EVP_CIPHER acss_cipher;
70
71 memset(&acss_cipher, 0, sizeof(EVP_CIPHER));
72
73 acss_cipher.nid = NID_undef;
74 acss_cipher.block_size = 1;
75 acss_cipher.key_len = 5;
76 acss_cipher.init = acss_init_key;
77 acss_cipher.do_cipher = acss_ciph;
78 acss_cipher.ctx_size = sizeof(EVP_ACSS_KEY);
79 acss_cipher.ctrl = acss_ctrl;
80
81 return (&acss_cipher);
82}
83#endif
84
diff --git a/cipher-aes.c b/cipher-aes.c
index c41def600..22d500d42 100644
--- a/cipher-aes.c
+++ b/cipher-aes.c
@@ -24,13 +24,17 @@
24 24
25#include "includes.h" 25#include "includes.h"
26#if OPENSSL_VERSION_NUMBER < 0x00907000L 26#if OPENSSL_VERSION_NUMBER < 0x00907000L
27RCSID("$OpenBSD: cipher-aes.c,v 1.1 2003/05/15 03:08:29 markus Exp $"); 27RCSID("$OpenBSD: cipher-aes.c,v 1.2 2003/11/26 21:44:29 djm Exp $");
28 28
29#include <openssl/evp.h> 29#include <openssl/evp.h>
30#include "rijndael.h" 30#include "rijndael.h"
31#include "xmalloc.h" 31#include "xmalloc.h"
32#include "log.h" 32#include "log.h"
33 33
34#if OPENSSL_VERSION_NUMBER < 0x00906000L
35#define SSH_OLD_EVP
36#endif
37
34#define RIJNDAEL_BLOCKSIZE 16 38#define RIJNDAEL_BLOCKSIZE 16
35struct ssh_rijndael_ctx 39struct ssh_rijndael_ctx
36{ 40{
diff --git a/cipher-ctr.c b/cipher-ctr.c
index a2bab5c14..395dabedd 100644
--- a/cipher-ctr.c
+++ b/cipher-ctr.c
@@ -14,13 +14,17 @@
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */ 15 */
16#include "includes.h" 16#include "includes.h"
17RCSID("$OpenBSD: cipher-ctr.c,v 1.2 2003/06/17 18:14:23 markus Exp $"); 17RCSID("$OpenBSD: cipher-ctr.c,v 1.4 2004/02/06 23:41:13 dtucker Exp $");
18 18
19#include <openssl/evp.h> 19#include <openssl/evp.h>
20 20
21#include "log.h" 21#include "log.h"
22#include "xmalloc.h" 22#include "xmalloc.h"
23 23
24#if OPENSSL_VERSION_NUMBER < 0x00906000L
25#define SSH_OLD_EVP
26#endif
27
24#if OPENSSL_VERSION_NUMBER < 0x00907000L 28#if OPENSSL_VERSION_NUMBER < 0x00907000L
25#include "rijndael.h" 29#include "rijndael.h"
26#define AES_KEY rijndael_ctx 30#define AES_KEY rijndael_ctx
@@ -90,7 +94,8 @@ ssh_aes_ctr_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv,
90 EVP_CIPHER_CTX_set_app_data(ctx, c); 94 EVP_CIPHER_CTX_set_app_data(ctx, c);
91 } 95 }
92 if (key != NULL) 96 if (key != NULL)
93 AES_set_encrypt_key(key, ctx->key_len * 8, &c->aes_ctx); 97 AES_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8,
98 &c->aes_ctx);
94 if (iv != NULL) 99 if (iv != NULL)
95 memcpy(c->aes_counter, iv, AES_BLOCK_SIZE); 100 memcpy(c->aes_counter, iv, AES_BLOCK_SIZE);
96 return (1); 101 return (1);
@@ -135,7 +140,9 @@ evp_aes_128_ctr(void)
135 aes_ctr.init = ssh_aes_ctr_init; 140 aes_ctr.init = ssh_aes_ctr_init;
136 aes_ctr.cleanup = ssh_aes_ctr_cleanup; 141 aes_ctr.cleanup = ssh_aes_ctr_cleanup;
137 aes_ctr.do_cipher = ssh_aes_ctr; 142 aes_ctr.do_cipher = ssh_aes_ctr;
143#ifndef SSH_OLD_EVP
138 aes_ctr.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | 144 aes_ctr.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH |
139 EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV; 145 EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV;
146#endif
140 return (&aes_ctr); 147 return (&aes_ctr);
141} 148}
diff --git a/cipher.c b/cipher.c
index e7c3c5411..c13ff5862 100644
--- a/cipher.c
+++ b/cipher.c
@@ -35,7 +35,7 @@
35 */ 35 */
36 36
37#include "includes.h" 37#include "includes.h"
38RCSID("$OpenBSD: cipher.c,v 1.65 2003/05/17 04:27:52 markus Exp $"); 38RCSID("$OpenBSD: cipher.c,v 1.68 2004/01/23 19:26:33 hshoexer Exp $");
39 39
40#include "xmalloc.h" 40#include "xmalloc.h"
41#include "log.h" 41#include "log.h"
@@ -52,6 +52,17 @@ RCSID("$OpenBSD: cipher.c,v 1.65 2003/05/17 04:27:52 markus Exp $");
52extern const EVP_CIPHER *evp_rijndael(void); 52extern const EVP_CIPHER *evp_rijndael(void);
53extern void ssh_rijndael_iv(EVP_CIPHER_CTX *, int, u_char *, u_int); 53extern void ssh_rijndael_iv(EVP_CIPHER_CTX *, int, u_char *, u_int);
54#endif 54#endif
55
56#if !defined(EVP_CTRL_SET_ACSS_MODE)
57# if (OPENSSL_VERSION_NUMBER >= 0x00907000L)
58extern const EVP_CIPHER *evp_acss(void);
59# define EVP_acss evp_acss
60# define EVP_CTRL_SET_ACSS_MODE xxx /* used below */
61# else
62# define EVP_acss NULL /* Don't try to support ACSS on older OpenSSL */
63# endif /* (OPENSSL_VERSION_NUMBER >= 0x00906000L) */
64#endif /* !defined(EVP_CTRL_SET_ACSS_MODE) */
65
55extern const EVP_CIPHER *evp_ssh1_bf(void); 66extern const EVP_CIPHER *evp_ssh1_bf(void);
56extern const EVP_CIPHER *evp_ssh1_3des(void); 67extern const EVP_CIPHER *evp_ssh1_3des(void);
57extern void ssh1_3des_iv(EVP_CIPHER_CTX *, int, u_char *, int); 68extern void ssh1_3des_iv(EVP_CIPHER_CTX *, int, u_char *, int);
@@ -87,29 +98,33 @@ struct Cipher {
87 { "rijndael-cbc@lysator.liu.se", 98 { "rijndael-cbc@lysator.liu.se",
88 SSH_CIPHER_SSH2, 16, 32, EVP_aes_256_cbc }, 99 SSH_CIPHER_SSH2, 16, 32, EVP_aes_256_cbc },
89#endif 100#endif
101#if OPENSSL_VERSION_NUMBER >= 0x00905000L
90 { "aes128-ctr", SSH_CIPHER_SSH2, 16, 16, evp_aes_128_ctr }, 102 { "aes128-ctr", SSH_CIPHER_SSH2, 16, 16, evp_aes_128_ctr },
91 { "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, evp_aes_128_ctr }, 103 { "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, evp_aes_128_ctr },
92 { "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, evp_aes_128_ctr }, 104 { "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, evp_aes_128_ctr },
93 105#endif
106#if defined(EVP_CTRL_SET_ACSS_MODE)
107 { "acss@openssh.org", SSH_CIPHER_SSH2, 16, 5, EVP_acss },
108#endif
94 { NULL, SSH_CIPHER_ILLEGAL, 0, 0, NULL } 109 { NULL, SSH_CIPHER_ILLEGAL, 0, 0, NULL }
95}; 110};
96 111
97/*--*/ 112/*--*/
98 113
99u_int 114u_int
100cipher_blocksize(Cipher *c) 115cipher_blocksize(const Cipher *c)
101{ 116{
102 return (c->block_size); 117 return (c->block_size);
103} 118}
104 119
105u_int 120u_int
106cipher_keylen(Cipher *c) 121cipher_keylen(const Cipher *c)
107{ 122{
108 return (c->key_len); 123 return (c->key_len);
109} 124}
110 125
111u_int 126u_int
112cipher_get_number(Cipher *c) 127cipher_get_number(const Cipher *c)
113{ 128{
114 return (c->number); 129 return (c->number);
115} 130}
@@ -309,7 +324,7 @@ cipher_set_key_string(CipherContext *cc, Cipher *cipher,
309 */ 324 */
310 325
311int 326int
312cipher_get_keyiv_len(CipherContext *cc) 327cipher_get_keyiv_len(const CipherContext *cc)
313{ 328{
314 Cipher *c = cc->cipher; 329 Cipher *c = cc->cipher;
315 int ivlen; 330 int ivlen;
@@ -395,12 +410,12 @@ cipher_set_keyiv(CipherContext *cc, u_char *iv)
395#endif 410#endif
396 411
397int 412int
398cipher_get_keycontext(CipherContext *cc, u_char *dat) 413cipher_get_keycontext(const CipherContext *cc, u_char *dat)
399{ 414{
400 Cipher *c = cc->cipher; 415 Cipher *c = cc->cipher;
401 int plen = 0; 416 int plen = 0;
402 417
403 if (c->evptype == EVP_rc4) { 418 if (c->evptype == EVP_rc4 || c->evptype == EVP_acss) {
404 plen = EVP_X_STATE_LEN(cc->evp); 419 plen = EVP_X_STATE_LEN(cc->evp);
405 if (dat == NULL) 420 if (dat == NULL)
406 return (plen); 421 return (plen);
@@ -415,7 +430,7 @@ cipher_set_keycontext(CipherContext *cc, u_char *dat)
415 Cipher *c = cc->cipher; 430 Cipher *c = cc->cipher;
416 int plen; 431 int plen;
417 432
418 if (c->evptype == EVP_rc4) { 433 if (c->evptype == EVP_rc4 || c->evptype == EVP_acss) {
419 plen = EVP_X_STATE_LEN(cc->evp); 434 plen = EVP_X_STATE_LEN(cc->evp);
420 memcpy(EVP_X_STATE(cc->evp), dat, plen); 435 memcpy(EVP_X_STATE(cc->evp), dat, plen);
421 } 436 }
diff --git a/cipher.h b/cipher.h
index fc7f6dd0f..74b3669fd 100644
--- a/cipher.h
+++ b/cipher.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: cipher.h,v 1.33 2002/03/18 17:13:15 markus Exp $ */ 1/* $OpenBSD: cipher.h,v 1.34 2003/11/10 16:23:41 jakob Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -79,13 +79,13 @@ void cipher_init(CipherContext *, Cipher *, const u_char *, u_int,
79void cipher_crypt(CipherContext *, u_char *, const u_char *, u_int); 79void cipher_crypt(CipherContext *, u_char *, const u_char *, u_int);
80void cipher_cleanup(CipherContext *); 80void cipher_cleanup(CipherContext *);
81void cipher_set_key_string(CipherContext *, Cipher *, const char *, int); 81void cipher_set_key_string(CipherContext *, Cipher *, const char *, int);
82u_int cipher_blocksize(Cipher *); 82u_int cipher_blocksize(const Cipher *);
83u_int cipher_keylen(Cipher *); 83u_int cipher_keylen(const Cipher *);
84 84
85u_int cipher_get_number(Cipher *); 85u_int cipher_get_number(const Cipher *);
86void cipher_get_keyiv(CipherContext *, u_char *, u_int); 86void cipher_get_keyiv(CipherContext *, u_char *, u_int);
87void cipher_set_keyiv(CipherContext *, u_char *); 87void cipher_set_keyiv(CipherContext *, u_char *);
88int cipher_get_keyiv_len(CipherContext *); 88int cipher_get_keyiv_len(const CipherContext *);
89int cipher_get_keycontext(CipherContext *, u_char *); 89int cipher_get_keycontext(const CipherContext *, u_char *);
90void cipher_set_keycontext(CipherContext *, u_char *); 90void cipher_set_keycontext(CipherContext *, u_char *);
91#endif /* CIPHER_H */ 91#endif /* CIPHER_H */
diff --git a/cleanup.c b/cleanup.c
new file mode 100644
index 000000000..11d1d4d9a
--- /dev/null
+++ b/cleanup.c
@@ -0,0 +1,26 @@
1/*
2 * Copyright (c) 2003 Markus Friedl <markus@openbsd.org>
3 *
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16#include "includes.h"
17RCSID("$OpenBSD: cleanup.c,v 1.1 2003/09/23 20:17:11 markus Exp $");
18
19#include "log.h"
20
21/* default implementation */
22void
23cleanup_exit(int i)
24{
25 _exit(i);
26}
diff --git a/clientloop.c b/clientloop.c
index d445230e5..626b29a5a 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -59,7 +59,7 @@
59 */ 59 */
60 60
61#include "includes.h" 61#include "includes.h"
62RCSID("$OpenBSD: clientloop.c,v 1.112 2003/06/28 16:23:06 deraadt Exp $"); 62RCSID("$OpenBSD: clientloop.c,v 1.117 2003/12/16 15:49:51 markus Exp $");
63 63
64#include "ssh.h" 64#include "ssh.h"
65#include "ssh1.h" 65#include "ssh1.h"
@@ -89,6 +89,9 @@ extern Options options;
89/* Flag indicating that stdin should be redirected from /dev/null. */ 89/* Flag indicating that stdin should be redirected from /dev/null. */
90extern int stdin_null_flag; 90extern int stdin_null_flag;
91 91
92/* Flag indicating that no shell has been requested */
93extern int no_shell_flag;
94
92/* 95/*
93 * Name of the host we are connecting to. This is the name given on the 96 * Name of the host we are connecting to. This is the name given on the
94 * command line, or the HostName specified for the user-supplied name in a 97 * command line, or the HostName specified for the user-supplied name in a
@@ -124,6 +127,7 @@ static int connection_in; /* Connection to server (input). */
124static int connection_out; /* Connection to server (output). */ 127static int connection_out; /* Connection to server (output). */
125static int need_rekeying; /* Set to non-zero if rekeying is requested. */ 128static int need_rekeying; /* Set to non-zero if rekeying is requested. */
126static int session_closed = 0; /* In SSH2: login session closed. */ 129static int session_closed = 0; /* In SSH2: login session closed. */
130static int server_alive_timeouts = 0;
127 131
128static void client_init_dispatch(void); 132static void client_init_dispatch(void);
129int session_ident = -1; 133int session_ident = -1;
@@ -139,7 +143,6 @@ leave_non_blocking(void)
139 if (in_non_blocking_mode) { 143 if (in_non_blocking_mode) {
140 (void) fcntl(fileno(stdin), F_SETFL, 0); 144 (void) fcntl(fileno(stdin), F_SETFL, 0);
141 in_non_blocking_mode = 0; 145 in_non_blocking_mode = 0;
142 fatal_remove_cleanup((void (*) (void *)) leave_non_blocking, NULL);
143 } 146 }
144} 147}
145 148
@@ -150,7 +153,6 @@ enter_non_blocking(void)
150{ 153{
151 in_non_blocking_mode = 1; 154 in_non_blocking_mode = 1;
152 (void) fcntl(fileno(stdin), F_SETFL, O_NONBLOCK); 155 (void) fcntl(fileno(stdin), F_SETFL, O_NONBLOCK);
153 fatal_add_cleanup((void (*) (void *)) leave_non_blocking, NULL);
154} 156}
155 157
156/* 158/*
@@ -312,18 +314,35 @@ client_check_window_change(void)
312 } 314 }
313} 315}
314 316
317static void
318client_global_request_reply(int type, u_int32_t seq, void *ctxt)
319{
320 server_alive_timeouts = 0;
321 client_global_request_reply_fwd(type, seq, ctxt);
322}
323
324static void
325server_alive_check(void)
326{
327 if (++server_alive_timeouts > options.server_alive_count_max)
328 packet_disconnect("Timeout, server not responding.");
329 packet_start(SSH2_MSG_GLOBAL_REQUEST);
330 packet_put_cstring("keepalive@openssh.com");
331 packet_put_char(1); /* boolean: want reply */
332 packet_send();
333}
334
315/* 335/*
316 * Waits until the client can do something (some data becomes available on 336 * Waits until the client can do something (some data becomes available on
317 * one of the file descriptors). 337 * one of the file descriptors).
318 */ 338 */
319 339
320static int 340static void
321client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, 341client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp,
322 int *maxfdp, int *nallocp, int rekeying) 342 int *maxfdp, int *nallocp, int rekeying)
323{ 343{
324 struct timeval tv, *tvp; 344 struct timeval tv, *tvp;
325 int n; 345 int ret;
326 extern Options options;
327 346
328 /* Add any selections by the channel mechanism. */ 347 /* Add any selections by the channel mechanism. */
329 channel_prepare_select(readsetp, writesetp, maxfdp, nallocp, rekeying); 348 channel_prepare_select(readsetp, writesetp, maxfdp, nallocp, rekeying);
@@ -353,7 +372,7 @@ client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp,
353 /* clear mask since we did not call select() */ 372 /* clear mask since we did not call select() */
354 memset(*readsetp, 0, *nallocp); 373 memset(*readsetp, 0, *nallocp);
355 memset(*writesetp, 0, *nallocp); 374 memset(*writesetp, 0, *nallocp);
356 return 0; 375 return;
357 } else { 376 } else {
358 FD_SET(connection_in, *readsetp); 377 FD_SET(connection_in, *readsetp);
359 } 378 }
@@ -366,27 +385,18 @@ client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp,
366 /* 385 /*
367 * Wait for something to happen. This will suspend the process until 386 * Wait for something to happen. This will suspend the process until
368 * some selected descriptor can be read, written, or has some other 387 * some selected descriptor can be read, written, or has some other
369 * event pending. Note: if you want to implement SSH_MSG_IGNORE 388 * event pending.
370 * messages to fool traffic analysis, this might be the place to do
371 * it: just have a random timeout for the select, and send a random
372 * SSH_MSG_IGNORE packet when the timeout expires.
373 */ 389 */
374 390
375 /* 391 if (options.server_alive_interval == 0 || !compat20)
376 * We don't do the 'random' bit, but we want periodic ignored 392 tvp = NULL;
377 * message anyway, so as to notice when the other ends TCP 393 else {
378 * has given up during an outage. 394 tv.tv_sec = options.server_alive_interval;
379 */
380
381 if (options.protocolkeepalives > 0) {
382 tvp = &tv;
383 tv.tv_sec = options.protocolkeepalives;
384 tv.tv_usec = 0; 395 tv.tv_usec = 0;
385 } else 396 tvp = &tv;
386 tvp = 0; 397 }
387 398 ret = select((*maxfdp)+1, *readsetp, *writesetp, NULL, tvp);
388 n = select((*maxfdp)+1, *readsetp, *writesetp, NULL, tvp); 399 if (ret < 0) {
389 if (n < 0) {
390 char buf[100]; 400 char buf[100];
391 401
392 /* 402 /*
@@ -398,13 +408,13 @@ client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp,
398 memset(*writesetp, 0, *nallocp); 408 memset(*writesetp, 0, *nallocp);
399 409
400 if (errno == EINTR) 410 if (errno == EINTR)
401 return 0; 411 return;
402 /* Note: we might still have data in the buffers. */ 412 /* Note: we might still have data in the buffers. */
403 snprintf(buf, sizeof buf, "select: %s\r\n", strerror(errno)); 413 snprintf(buf, sizeof buf, "select: %s\r\n", strerror(errno));
404 buffer_append(&stderr_buffer, buf, strlen(buf)); 414 buffer_append(&stderr_buffer, buf, strlen(buf));
405 quit_pending = 1; 415 quit_pending = 1;
406 } 416 } else if (ret == 0)
407 return n == 0; 417 server_alive_check();
408} 418}
409 419
410static void 420static void
@@ -863,8 +873,7 @@ client_channel_closed(int id, void *arg)
863 id, session_ident); 873 id, session_ident);
864 channel_cancel_cleanup(id); 874 channel_cancel_cleanup(id);
865 session_closed = 1; 875 session_closed = 1;
866 if (in_raw_mode()) 876 leave_raw_mode();
867 leave_raw_mode();
868} 877}
869 878
870/* 879/*
@@ -879,7 +888,6 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
879{ 888{
880 fd_set *readset = NULL, *writeset = NULL; 889 fd_set *readset = NULL, *writeset = NULL;
881 double start_time, total_time; 890 double start_time, total_time;
882 int timed_out;
883 int max_fd = 0, max_fd2 = 0, len, rekeying = 0, nalloc = 0; 891 int max_fd = 0, max_fd2 = 0, len, rekeying = 0, nalloc = 0;
884 char buf[100]; 892 char buf[100];
885 893
@@ -993,7 +1001,7 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
993 * available on one of the descriptors). 1001 * available on one of the descriptors).
994 */ 1002 */
995 max_fd2 = max_fd; 1003 max_fd2 = max_fd;
996 timed_out = client_wait_until_can_do_something(&readset, &writeset, 1004 client_wait_until_can_do_something(&readset, &writeset,
997 &max_fd2, &nalloc, rekeying); 1005 &max_fd2, &nalloc, rekeying);
998 1006
999 if (quit_pending) 1007 if (quit_pending)
@@ -1016,21 +1024,6 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
1016 if (quit_pending) 1024 if (quit_pending)
1017 break; 1025 break;
1018 1026
1019 if(timed_out) {
1020 /*
1021 * Nothing is happening, so synthesize some
1022 * bogus activity
1023 */
1024 packet_start(compat20
1025 ? SSH2_MSG_IGNORE
1026 : SSH_MSG_IGNORE);
1027 packet_put_cstring("");
1028 packet_send();
1029 if (FD_ISSET(connection_out, writeset))
1030 packet_write_poll();
1031 continue;
1032 }
1033
1034 if (!compat20) { 1027 if (!compat20) {
1035 /* Buffer data from stdin */ 1028 /* Buffer data from stdin */
1036 client_process_input(readset); 1029 client_process_input(readset);
@@ -1069,12 +1062,19 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
1069 if (!isatty(fileno(stderr))) 1062 if (!isatty(fileno(stderr)))
1070 unset_nonblock(fileno(stderr)); 1063 unset_nonblock(fileno(stderr));
1071 1064
1072 if (received_signal) { 1065 /*
1073 if (in_non_blocking_mode) /* XXX */ 1066 * If there was no shell or command requested, there will be no remote
1074 leave_non_blocking(); 1067 * exit status to be returned. In that case, clear error code if the
1075 fatal("Killed by signal %d.", (int) received_signal); 1068 * connection was deliberately terminated at this end.
1069 */
1070 if (no_shell_flag && received_signal == SIGTERM) {
1071 received_signal = 0;
1072 exit_status = 0;
1076 } 1073 }
1077 1074
1075 if (received_signal)
1076 fatal("Killed by signal %d.", (int) received_signal);
1077
1078 /* 1078 /*
1079 * In interactive mode (with pseudo tty) display a message indicating 1079 * In interactive mode (with pseudo tty) display a message indicating
1080 * that the connection has been closed. 1080 * that the connection has been closed.
@@ -1166,6 +1166,46 @@ client_input_exit_status(int type, u_int32_t seq, void *ctxt)
1166 /* Flag that we want to exit. */ 1166 /* Flag that we want to exit. */
1167 quit_pending = 1; 1167 quit_pending = 1;
1168} 1168}
1169static void
1170client_input_agent_open(int type, u_int32_t seq, void *ctxt)
1171{
1172 Channel *c = NULL;
1173 int remote_id, sock;
1174
1175 /* Read the remote channel number from the message. */
1176 remote_id = packet_get_int();
1177 packet_check_eom();
1178
1179 /*
1180 * Get a connection to the local authentication agent (this may again
1181 * get forwarded).
1182 */
1183 sock = ssh_get_authentication_socket();
1184
1185 /*
1186 * If we could not connect the agent, send an error message back to
1187 * the server. This should never happen unless the agent dies,
1188 * because authentication forwarding is only enabled if we have an
1189 * agent.
1190 */
1191 if (sock >= 0) {
1192 c = channel_new("", SSH_CHANNEL_OPEN, sock, sock,
1193 -1, 0, 0, 0, "authentication agent connection", 1);
1194 c->remote_id = remote_id;
1195 c->force_drain = 1;
1196 }
1197 if (c == NULL) {
1198 packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE);
1199 packet_put_int(remote_id);
1200 } else {
1201 /* Send a confirmation to the remote host. */
1202 debug("Forwarding authentication connection.");
1203 packet_start(SSH_MSG_CHANNEL_OPEN_CONFIRMATION);
1204 packet_put_int(remote_id);
1205 packet_put_int(c->self);
1206 }
1207 packet_send();
1208}
1169 1209
1170static Channel * 1210static Channel *
1171client_request_forwarded_tcpip(const char *request_type, int rchan) 1211client_request_forwarded_tcpip(const char *request_type, int rchan)
@@ -1353,7 +1393,8 @@ client_input_global_request(int type, u_int32_t seq, void *ctxt)
1353 1393
1354 rtype = packet_get_string(NULL); 1394 rtype = packet_get_string(NULL);
1355 want_reply = packet_get_char(); 1395 want_reply = packet_get_char();
1356 debug("client_input_global_request: rtype %s want_reply %d", rtype, want_reply); 1396 debug("client_input_global_request: rtype %s want_reply %d",
1397 rtype, want_reply);
1357 if (want_reply) { 1398 if (want_reply) {
1358 packet_start(success ? 1399 packet_start(success ?
1359 SSH2_MSG_REQUEST_SUCCESS : SSH2_MSG_REQUEST_FAILURE); 1400 SSH2_MSG_REQUEST_SUCCESS : SSH2_MSG_REQUEST_FAILURE);
@@ -1401,7 +1442,7 @@ client_init_dispatch_13(void)
1401 dispatch_set(SSH_SMSG_STDOUT_DATA, &client_input_stdout_data); 1442 dispatch_set(SSH_SMSG_STDOUT_DATA, &client_input_stdout_data);
1402 1443
1403 dispatch_set(SSH_SMSG_AGENT_OPEN, options.forward_agent ? 1444 dispatch_set(SSH_SMSG_AGENT_OPEN, options.forward_agent ?
1404 &auth_input_open_request : &deny_input_open); 1445 &client_input_agent_open : &deny_input_open);
1405 dispatch_set(SSH_SMSG_X11_OPEN, options.forward_x11 ? 1446 dispatch_set(SSH_SMSG_X11_OPEN, options.forward_x11 ?
1406 &x11_input_open : &deny_input_open); 1447 &x11_input_open : &deny_input_open);
1407} 1448}
@@ -1422,3 +1463,12 @@ client_init_dispatch(void)
1422 else 1463 else
1423 client_init_dispatch_15(); 1464 client_init_dispatch_15();
1424} 1465}
1466
1467/* client specific fatal cleanup */
1468void
1469cleanup_exit(int i)
1470{
1471 leave_raw_mode();
1472 leave_non_blocking();
1473 _exit(i);
1474}
diff --git a/clientloop.h b/clientloop.h
index 8056a40c3..56af06bc1 100644
--- a/clientloop.h
+++ b/clientloop.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: clientloop.h,v 1.7 2002/04/22 21:04:52 markus Exp $ */ 1/* $OpenBSD: clientloop.h,v 1.8 2003/12/16 15:49:51 markus Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -37,4 +37,4 @@
37 37
38/* Client side main loop for the interactive session. */ 38/* Client side main loop for the interactive session. */
39int client_loop(int, int, int); 39int client_loop(int, int, int);
40void client_global_request_reply(int type, u_int32_t seq, void *ctxt); 40void client_global_request_reply_fwd(int, u_int32_t, void *);
diff --git a/compat.c b/compat.c
index af1d14321..2fdebe7fa 100644
--- a/compat.c
+++ b/compat.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: compat.c,v 1.69 2003/08/29 10:03:15 markus Exp $"); 26RCSID("$OpenBSD: compat.c,v 1.70 2003/11/02 11:01:03 markus Exp $");
27 27
28#include "buffer.h" 28#include "buffer.h"
29#include "packet.h" 29#include "packet.h"
@@ -79,11 +79,7 @@ compat_datafellows(const char *version)
79 { "OpenSSH_2.5.3*", SSH_BUG_NOREKEY|SSH_BUG_EXTEOF}, 79 { "OpenSSH_2.5.3*", SSH_BUG_NOREKEY|SSH_BUG_EXTEOF},
80 { "OpenSSH_2.*," 80 { "OpenSSH_2.*,"
81 "OpenSSH_3.0*," 81 "OpenSSH_3.0*,"
82 "OpenSSH_3.1*", SSH_BUG_EXTEOF|SSH_BUG_GSSAPI_BER}, 82 "OpenSSH_3.1*", SSH_BUG_EXTEOF},
83 { "OpenSSH_3.2*,"
84 "OpenSSH_3.3*,"
85 "OpenSSH_3.4*,"
86 "OpenSSH_3.5*", SSH_BUG_GSSAPI_BER},
87 { "Sun_SSH_1.0*", SSH_BUG_NOREKEY|SSH_BUG_EXTEOF}, 83 { "Sun_SSH_1.0*", SSH_BUG_NOREKEY|SSH_BUG_EXTEOF},
88 { "OpenSSH*", 0 }, 84 { "OpenSSH*", 0 },
89 { "*MindTerm*", 0 }, 85 { "*MindTerm*", 0 },
diff --git a/compat.h b/compat.h
index 7a5004455..efa0f081e 100644
--- a/compat.h
+++ b/compat.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: compat.h,v 1.36 2003/08/29 10:03:15 markus Exp $ */ 1/* $OpenBSD: compat.h,v 1.37 2003/11/02 11:01:03 markus Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved. 4 * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved.
@@ -55,7 +55,6 @@
55#define SSH_BUG_EXTEOF 0x00200000 55#define SSH_BUG_EXTEOF 0x00200000
56#define SSH_BUG_PROBE 0x00400000 56#define SSH_BUG_PROBE 0x00400000
57#define SSH_BUG_FIRSTKEX 0x00800000 57#define SSH_BUG_FIRSTKEX 0x00800000
58#define SSH_BUG_GSSAPI_BER 0x01000000
59 58
60void enable_compat13(void); 59void enable_compat13(void);
61void enable_compat20(void); 60void enable_compat20(void);
diff --git a/compress.c b/compress.c
index 85a361d3a..0d1c7e55e 100644
--- a/compress.c
+++ b/compress.c
@@ -12,7 +12,7 @@
12 */ 12 */
13 13
14#include "includes.h" 14#include "includes.h"
15RCSID("$OpenBSD: compress.c,v 1.19 2002/03/18 17:31:54 provos Exp $"); 15RCSID("$OpenBSD: compress.c,v 1.21 2004/01/13 19:45:15 markus Exp $");
16 16
17#include "log.h" 17#include "log.h"
18#include "buffer.h" 18#include "buffer.h"
@@ -56,12 +56,14 @@ buffer_compress_init_recv(void)
56void 56void
57buffer_compress_uninit(void) 57buffer_compress_uninit(void)
58{ 58{
59 debug("compress outgoing: raw data %lu, compressed %lu, factor %.2f", 59 debug("compress outgoing: raw data %llu, compressed %llu, factor %.2f",
60 outgoing_stream.total_in, outgoing_stream.total_out, 60 (unsigned long long)outgoing_stream.total_in,
61 (unsigned long long)outgoing_stream.total_out,
61 outgoing_stream.total_in == 0 ? 0.0 : 62 outgoing_stream.total_in == 0 ? 0.0 :
62 (double) outgoing_stream.total_out / outgoing_stream.total_in); 63 (double) outgoing_stream.total_out / outgoing_stream.total_in);
63 debug("compress incoming: raw data %lu, compressed %lu, factor %.2f", 64 debug("compress incoming: raw data %llu, compressed %llu, factor %.2f",
64 incoming_stream.total_out, incoming_stream.total_in, 65 (unsigned long long)incoming_stream.total_out,
66 (unsigned long long)incoming_stream.total_in,
65 incoming_stream.total_out == 0 ? 0.0 : 67 incoming_stream.total_out == 0 ? 0.0 :
66 (double) incoming_stream.total_in / incoming_stream.total_out); 68 (double) incoming_stream.total_in / incoming_stream.total_out);
67 if (compress_init_recv_called == 1 && inflate_failed == 0) 69 if (compress_init_recv_called == 1 && inflate_failed == 0)
diff --git a/config.guess b/config.guess
index 11271623b..59d4b87a5 100755
--- a/config.guess
+++ b/config.guess
@@ -176,7 +176,7 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
176 fi 176 fi
177 ;; 177 ;;
178 *) 178 *)
179 os=netbsd 179 os=netbsd
180 ;; 180 ;;
181 esac 181 esac
182 # The OS release 182 # The OS release
@@ -382,23 +382,23 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
382 # MiNT. But MiNT is downward compatible to TOS, so this should 382 # MiNT. But MiNT is downward compatible to TOS, so this should
383 # be no problem. 383 # be no problem.
384 atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) 384 atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*)
385 echo m68k-atari-mint${UNAME_RELEASE} 385 echo m68k-atari-mint${UNAME_RELEASE}
386 exit 0 ;; 386 exit 0 ;;
387 atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) 387 atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*)
388 echo m68k-atari-mint${UNAME_RELEASE} 388 echo m68k-atari-mint${UNAME_RELEASE}
389 exit 0 ;; 389 exit 0 ;;
390 *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) 390 *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*)
391 echo m68k-atari-mint${UNAME_RELEASE} 391 echo m68k-atari-mint${UNAME_RELEASE}
392 exit 0 ;; 392 exit 0 ;;
393 milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) 393 milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*)
394 echo m68k-milan-mint${UNAME_RELEASE} 394 echo m68k-milan-mint${UNAME_RELEASE}
395 exit 0 ;; 395 exit 0 ;;
396 hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) 396 hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*)
397 echo m68k-hades-mint${UNAME_RELEASE} 397 echo m68k-hades-mint${UNAME_RELEASE}
398 exit 0 ;; 398 exit 0 ;;
399 *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) 399 *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*)
400 echo m68k-unknown-mint${UNAME_RELEASE} 400 echo m68k-unknown-mint${UNAME_RELEASE}
401 exit 0 ;; 401 exit 0 ;;
402 powerpc:machten:*:*) 402 powerpc:machten:*:*)
403 echo powerpc-apple-machten${UNAME_RELEASE} 403 echo powerpc-apple-machten${UNAME_RELEASE}
404 exit 0 ;; 404 exit 0 ;;
@@ -464,8 +464,8 @@ EOF
464 echo m88k-motorola-sysv3 464 echo m88k-motorola-sysv3
465 exit 0 ;; 465 exit 0 ;;
466 AViiON:dgux:*:*) 466 AViiON:dgux:*:*)
467 # DG/UX returns AViiON for all architectures 467 # DG/UX returns AViiON for all architectures
468 UNAME_PROCESSOR=`/usr/bin/uname -p` 468 UNAME_PROCESSOR=`/usr/bin/uname -p`
469 if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ] 469 if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ]
470 then 470 then
471 if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \ 471 if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \
@@ -478,7 +478,7 @@ EOF
478 else 478 else
479 echo i586-dg-dgux${UNAME_RELEASE} 479 echo i586-dg-dgux${UNAME_RELEASE}
480 fi 480 fi
481 exit 0 ;; 481 exit 0 ;;
482 M88*:DolphinOS:*:*) # DolphinOS (SVR3) 482 M88*:DolphinOS:*:*) # DolphinOS (SVR3)
483 echo m88k-dolphin-sysv3 483 echo m88k-dolphin-sysv3
484 exit 0 ;; 484 exit 0 ;;
@@ -574,52 +574,52 @@ EOF
574 9000/[678][0-9][0-9]) 574 9000/[678][0-9][0-9])
575 if [ -x /usr/bin/getconf ]; then 575 if [ -x /usr/bin/getconf ]; then
576 sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null` 576 sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null`
577 sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` 577 sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null`
578 case "${sc_cpu_version}" in 578 case "${sc_cpu_version}" in
579 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0 579 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0
580 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1 580 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1
581 532) # CPU_PA_RISC2_0 581 532) # CPU_PA_RISC2_0
582 case "${sc_kernel_bits}" in 582 case "${sc_kernel_bits}" in
583 32) HP_ARCH="hppa2.0n" ;; 583 32) HP_ARCH="hppa2.0n" ;;
584 64) HP_ARCH="hppa2.0w" ;; 584 64) HP_ARCH="hppa2.0w" ;;
585 '') HP_ARCH="hppa2.0" ;; # HP-UX 10.20 585 '') HP_ARCH="hppa2.0" ;; # HP-UX 10.20
586 esac ;; 586 esac ;;
587 esac 587 esac
588 fi 588 fi
589 if [ "${HP_ARCH}" = "" ]; then 589 if [ "${HP_ARCH}" = "" ]; then
590 eval $set_cc_for_build 590 eval $set_cc_for_build
591 sed 's/^ //' << EOF >$dummy.c 591 sed 's/^ //' << EOF >$dummy.c
592 592
593 #define _HPUX_SOURCE 593 #define _HPUX_SOURCE
594 #include <stdlib.h> 594 #include <stdlib.h>
595 #include <unistd.h> 595 #include <unistd.h>
596 596
597 int main () 597 int main ()
598 { 598 {
599 #if defined(_SC_KERNEL_BITS) 599 #if defined(_SC_KERNEL_BITS)
600 long bits = sysconf(_SC_KERNEL_BITS); 600 long bits = sysconf(_SC_KERNEL_BITS);
601 #endif 601 #endif
602 long cpu = sysconf (_SC_CPU_VERSION); 602 long cpu = sysconf (_SC_CPU_VERSION);
603 603
604 switch (cpu) 604 switch (cpu)
605 { 605 {
606 case CPU_PA_RISC1_0: puts ("hppa1.0"); break; 606 case CPU_PA_RISC1_0: puts ("hppa1.0"); break;
607 case CPU_PA_RISC1_1: puts ("hppa1.1"); break; 607 case CPU_PA_RISC1_1: puts ("hppa1.1"); break;
608 case CPU_PA_RISC2_0: 608 case CPU_PA_RISC2_0:
609 #if defined(_SC_KERNEL_BITS) 609 #if defined(_SC_KERNEL_BITS)
610 switch (bits) 610 switch (bits)
611 { 611 {
612 case 64: puts ("hppa2.0w"); break; 612 case 64: puts ("hppa2.0w"); break;
613 case 32: puts ("hppa2.0n"); break; 613 case 32: puts ("hppa2.0n"); break;
614 default: puts ("hppa2.0"); break; 614 default: puts ("hppa2.0"); break;
615 } break; 615 } break;
616 #else /* !defined(_SC_KERNEL_BITS) */ 616 #else /* !defined(_SC_KERNEL_BITS) */
617 puts ("hppa2.0"); break; 617 puts ("hppa2.0"); break;
618 #endif 618 #endif
619 default: puts ("hppa1.0"); break; 619 default: puts ("hppa1.0"); break;
620 } 620 }
621 exit (0); 621 exit (0);
622 } 622 }
623EOF 623EOF
624 (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy` 624 (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy`
625 test -z "$HP_ARCH" && HP_ARCH=hppa 625 test -z "$HP_ARCH" && HP_ARCH=hppa
@@ -699,22 +699,22 @@ EOF
699 exit 0 ;; 699 exit 0 ;;
700 C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) 700 C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*)
701 echo c1-convex-bsd 701 echo c1-convex-bsd
702 exit 0 ;; 702 exit 0 ;;
703 C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) 703 C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*)
704 if getsysinfo -f scalar_acc 704 if getsysinfo -f scalar_acc
705 then echo c32-convex-bsd 705 then echo c32-convex-bsd
706 else echo c2-convex-bsd 706 else echo c2-convex-bsd
707 fi 707 fi
708 exit 0 ;; 708 exit 0 ;;
709 C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) 709 C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*)
710 echo c34-convex-bsd 710 echo c34-convex-bsd
711 exit 0 ;; 711 exit 0 ;;
712 C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) 712 C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*)
713 echo c38-convex-bsd 713 echo c38-convex-bsd
714 exit 0 ;; 714 exit 0 ;;
715 C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) 715 C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*)
716 echo c4-convex-bsd 716 echo c4-convex-bsd
717 exit 0 ;; 717 exit 0 ;;
718 CRAY*Y-MP:*:*:*) 718 CRAY*Y-MP:*:*:*)
719 echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' 719 echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
720 exit 0 ;; 720 exit 0 ;;
@@ -738,10 +738,10 @@ EOF
738 exit 0 ;; 738 exit 0 ;;
739 F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) 739 F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*)
740 FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` 740 FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'`
741 FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` 741 FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'`
742 FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` 742 FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'`
743 echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" 743 echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}"
744 exit 0 ;; 744 exit 0 ;;
745 i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) 745 i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*)
746 echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE} 746 echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE}
747 exit 0 ;; 747 exit 0 ;;
@@ -874,7 +874,7 @@ EOF
874 EV6) UNAME_MACHINE=alphaev6 ;; 874 EV6) UNAME_MACHINE=alphaev6 ;;
875 EV67) UNAME_MACHINE=alphaev67 ;; 875 EV67) UNAME_MACHINE=alphaev67 ;;
876 EV68*) UNAME_MACHINE=alphaev68 ;; 876 EV68*) UNAME_MACHINE=alphaev68 ;;
877 esac 877 esac
878 objdump --private-headers /bin/sh | grep ld.so.1 >/dev/null 878 objdump --private-headers /bin/sh | grep ld.so.1 >/dev/null
879 if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi 879 if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi
880 echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} 880 echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC}
@@ -916,7 +916,7 @@ EOF
916 s/.*supported targets: *// 916 s/.*supported targets: *//
917 s/ .*// 917 s/ .*//
918 p'` 918 p'`
919 case "$ld_supported_targets" in 919 case "$ld_supported_targets" in
920 elf32-i386) 920 elf32-i386)
921 TENTATIVE="${UNAME_MACHINE}-pc-linux-gnu" 921 TENTATIVE="${UNAME_MACHINE}-pc-linux-gnu"
922 ;; 922 ;;
@@ -968,11 +968,11 @@ EOF
968 echo i386-sequent-sysv4 968 echo i386-sequent-sysv4
969 exit 0 ;; 969 exit 0 ;;
970 i*86:UNIX_SV:4.2MP:2.*) 970 i*86:UNIX_SV:4.2MP:2.*)
971 # Unixware is an offshoot of SVR4, but it has its own version 971 # Unixware is an offshoot of SVR4, but it has its own version
972 # number series starting with 2... 972 # number series starting with 2...
973 # I am not positive that other SVR4 systems won't match this, 973 # I am not positive that other SVR4 systems won't match this,
974 # I just have to hope. -- rms. 974 # I just have to hope. -- rms.
975 # Use sysv4.2uw... so that sysv4* matches it. 975 # Use sysv4.2uw... so that sysv4* matches it.
976 echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION} 976 echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION}
977 exit 0 ;; 977 exit 0 ;;
978 i*86:OS/2:*:*) 978 i*86:OS/2:*:*)
@@ -1028,10 +1028,10 @@ EOF
1028 exit 0 ;; 1028 exit 0 ;;
1029 pc:*:*:*) 1029 pc:*:*:*)
1030 # Left here for compatibility: 1030 # Left here for compatibility:
1031 # uname -m prints for DJGPP always 'pc', but it prints nothing about 1031 # uname -m prints for DJGPP always 'pc', but it prints nothing about
1032 # the processor, so we play safe by assuming i386. 1032 # the processor, so we play safe by assuming i386.
1033 echo i386-pc-msdosdjgpp 1033 echo i386-pc-msdosdjgpp
1034 exit 0 ;; 1034 exit 0 ;;
1035 Intel:Mach:3*:*) 1035 Intel:Mach:3*:*)
1036 echo i386-pc-mach3 1036 echo i386-pc-mach3
1037 exit 0 ;; 1037 exit 0 ;;
@@ -1066,8 +1066,8 @@ EOF
1066 /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ 1066 /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \
1067 && echo i586-ncr-sysv4.3${OS_REL} && exit 0 ;; 1067 && echo i586-ncr-sysv4.3${OS_REL} && exit 0 ;;
1068 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) 1068 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*)
1069 /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ 1069 /bin/uname -p 2>/dev/null | grep 86 >/dev/null \
1070 && echo i486-ncr-sysv4 && exit 0 ;; 1070 && echo i486-ncr-sysv4 && exit 0 ;;
1071 m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*) 1071 m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*)
1072 echo m68k-unknown-lynxos${UNAME_RELEASE} 1072 echo m68k-unknown-lynxos${UNAME_RELEASE}
1073 exit 0 ;; 1073 exit 0 ;;
@@ -1101,9 +1101,9 @@ EOF
1101 fi 1101 fi
1102 exit 0 ;; 1102 exit 0 ;;
1103 PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort 1103 PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort
1104 # says <Richard.M.Bartel@ccMail.Census.GOV> 1104 # says <Richard.M.Bartel@ccMail.Census.GOV>
1105 echo i586-unisys-sysv4 1105 echo i586-unisys-sysv4
1106 exit 0 ;; 1106 exit 0 ;;
1107 *:UNIX_System_V:4*:FTX*) 1107 *:UNIX_System_V:4*:FTX*)
1108 # From Gerald Hewes <hewes@openmarket.com>. 1108 # From Gerald Hewes <hewes@openmarket.com>.
1109 # How about differentiating between stratus architectures? -djm 1109 # How about differentiating between stratus architectures? -djm
@@ -1125,11 +1125,11 @@ EOF
1125 exit 0 ;; 1125 exit 0 ;;
1126 R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) 1126 R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*)
1127 if [ -d /usr/nec ]; then 1127 if [ -d /usr/nec ]; then
1128 echo mips-nec-sysv${UNAME_RELEASE} 1128 echo mips-nec-sysv${UNAME_RELEASE}
1129 else 1129 else
1130 echo mips-unknown-sysv${UNAME_RELEASE} 1130 echo mips-unknown-sysv${UNAME_RELEASE}
1131 fi 1131 fi
1132 exit 0 ;; 1132 exit 0 ;;
1133 BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. 1133 BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only.
1134 echo powerpc-be-beos 1134 echo powerpc-be-beos
1135 exit 0 ;; 1135 exit 0 ;;
@@ -1238,11 +1238,11 @@ main ()
1238#include <sys/param.h> 1238#include <sys/param.h>
1239 printf ("m68k-sony-newsos%s\n", 1239 printf ("m68k-sony-newsos%s\n",
1240#ifdef NEWSOS4 1240#ifdef NEWSOS4
1241 "4" 1241 "4"
1242#else 1242#else
1243 "" 1243 ""
1244#endif 1244#endif
1245 ); exit (0); 1245 ); exit (0);
1246#endif 1246#endif
1247#endif 1247#endif
1248 1248
diff --git a/config.h.in b/config.h.in
index 41495c4fb..32622dc5f 100644
--- a/config.h.in
+++ b/config.h.in
@@ -1,5 +1,5 @@
1/* config.h.in. Generated automatically from configure.ac by autoheader. */ 1/* config.h.in. Generated automatically from configure.ac by autoheader. */
2/* $Id: acconfig.h,v 1.166 2003/09/16 01:52:19 dtucker Exp $ */ 2/* $Id: acconfig.h,v 1.173 2004/02/06 05:24:31 dtucker Exp $ */
3 3
4/* 4/*
5 * Copyright (c) 1999-2003 Damien Miller. All rights reserved. 5 * Copyright (c) 1999-2003 Damien Miller. All rights reserved.
@@ -42,6 +42,12 @@
42/* Define if your setregid() is broken */ 42/* Define if your setregid() is broken */
43#undef BROKEN_SETREGID 43#undef BROKEN_SETREGID
44 44
45/* Define if your setresuid() is broken */
46#undef BROKEN_SETRESUID
47
48/* Define if your setresgid() is broken */
49#undef BROKEN_SETRESGID
50
45/* Define to a Set Process Title type if your system is */ 51/* Define to a Set Process Title type if your system is */
46/* supported by bsd-setproctitle.c */ 52/* supported by bsd-setproctitle.c */
47#undef SPT_TYPE 53#undef SPT_TYPE
@@ -60,6 +66,9 @@
60/* from environment and PATH */ 66/* from environment and PATH */
61#undef LOGIN_PROGRAM_FALLBACK 67#undef LOGIN_PROGRAM_FALLBACK
62 68
69/* Full path of your "passwd" program */
70#undef _PATH_PASSWD_PROG
71
63/* Define if your password has a pw_class field */ 72/* Define if your password has a pw_class field */
64#undef HAVE_PW_CLASS_IN_PASSWD 73#undef HAVE_PW_CLASS_IN_PASSWD
65 74
@@ -90,6 +99,9 @@
90/* Define if you have the getuserattr function. */ 99/* Define if you have the getuserattr function. */
91#undef HAVE_GETUSERATTR 100#undef HAVE_GETUSERATTR
92 101
102/* Define if you have the basename function. */
103#undef HAVE_BASENAME
104
93/* Work around problematic Linux PAM modules handling of PAM_TTY */ 105/* Work around problematic Linux PAM modules handling of PAM_TTY */
94#undef PAM_TTY_KLUDGE 106#undef PAM_TTY_KLUDGE
95 107
@@ -248,6 +260,9 @@
248/* Define this if you are using the Heimdal version of Kerberos V5 */ 260/* Define this if you are using the Heimdal version of Kerberos V5 */
249#undef HEIMDAL 261#undef HEIMDAL
250 262
263/* Define this if you want to use libkafs' AFS support */
264#undef USE_AFS
265
251/* Define if you want S/Key support */ 266/* Define if you want S/Key support */
252#undef SKEY 267#undef SKEY
253 268
@@ -416,15 +431,15 @@
416#undef LOCKED_PASSWD_PREFIX 431#undef LOCKED_PASSWD_PREFIX
417#undef LOCKED_PASSWD_SUBSTR 432#undef LOCKED_PASSWD_SUBSTR
418 433
419/* Define if DNS support is to be activated */
420#undef DNS
421
422/* Define if getrrsetbyname() exists */ 434/* Define if getrrsetbyname() exists */
423#undef HAVE_GETRRSETBYNAME 435#undef HAVE_GETRRSETBYNAME
424 436
425/* Define if HEADER.ad exists in arpa/nameser.h */ 437/* Define if HEADER.ad exists in arpa/nameser.h */
426#undef HAVE_HEADER_AD 438#undef HAVE_HEADER_AD
427 439
440/* Define if your resolver libs need this for getrrsetbyname */
441#undef BIND_8_COMPAT
442
428 443
429/* Define if the `getpgrp' function takes no argument. */ 444/* Define if the `getpgrp' function takes no argument. */
430#undef GETPGRP_VOID 445#undef GETPGRP_VOID
@@ -438,9 +453,6 @@
438/* Define if you have the `b64_pton' function. */ 453/* Define if you have the `b64_pton' function. */
439#undef HAVE_B64_PTON 454#undef HAVE_B64_PTON
440 455
441/* Define if you have the `basename' function. */
442#undef HAVE_BASENAME
443
444/* Define if you have the `bcopy' function. */ 456/* Define if you have the `bcopy' function. */
445#undef HAVE_BCOPY 457#undef HAVE_BCOPY
446 458
@@ -453,6 +465,9 @@
453/* Define if you have the `clock' function. */ 465/* Define if you have the `clock' function. */
454#undef HAVE_CLOCK 466#undef HAVE_CLOCK
455 467
468/* Define if gai_strerror() returns const char * */
469#undef HAVE_CONST_GAI_STRERROR_PROTO
470
456/* Define if you have the <crypt.h> header file. */ 471/* Define if you have the <crypt.h> header file. */
457#undef HAVE_CRYPT_H 472#undef HAVE_CRYPT_H
458 473
@@ -552,9 +567,24 @@
552/* Define if you have the <glob.h> header file. */ 567/* Define if you have the <glob.h> header file. */
553#undef HAVE_GLOB_H 568#undef HAVE_GLOB_H
554 569
570/* Define if you have the <gssapi_generic.h> header file. */
571#undef HAVE_GSSAPI_GENERIC_H
572
573/* Define if you have the <gssapi/gssapi_generic.h> header file. */
574#undef HAVE_GSSAPI_GSSAPI_GENERIC_H
575
576/* Define if you have the <gssapi/gssapi.h> header file. */
577#undef HAVE_GSSAPI_GSSAPI_H
578
579/* Define if you have the <gssapi/gssapi_krb5.h> header file. */
580#undef HAVE_GSSAPI_GSSAPI_KRB5_H
581
555/* Define if you have the <gssapi.h> header file. */ 582/* Define if you have the <gssapi.h> header file. */
556#undef HAVE_GSSAPI_H 583#undef HAVE_GSSAPI_H
557 584
585/* Define if you have the <gssapi_krb5.h> header file. */
586#undef HAVE_GSSAPI_KRB5_H
587
558/* Define if you have the <ia.h> header file. */ 588/* Define if you have the <ia.h> header file. */
559#undef HAVE_IA_H 589#undef HAVE_IA_H
560 590
@@ -669,6 +699,9 @@
669/* Define if you have the `pam_getenvlist' function. */ 699/* Define if you have the `pam_getenvlist' function. */
670#undef HAVE_PAM_GETENVLIST 700#undef HAVE_PAM_GETENVLIST
671 701
702/* Define if you have the <pam/pam_appl.h> header file. */
703#undef HAVE_PAM_PAM_APPL_H
704
672/* Define if you have the `pam_putenv' function. */ 705/* Define if you have the `pam_putenv' function. */
673#undef HAVE_PAM_PUTENV 706#undef HAVE_PAM_PUTENV
674 707
@@ -825,6 +858,9 @@
825/* Define if you have the `strsep' function. */ 858/* Define if you have the `strsep' function. */
826#undef HAVE_STRSEP 859#undef HAVE_STRSEP
827 860
861/* Define if you have the `strtoul' function. */
862#undef HAVE_STRTOUL
863
828/* Define if `st_blksize' is member of `struct stat'. */ 864/* Define if `st_blksize' is member of `struct stat'. */
829#undef HAVE_STRUCT_STAT_ST_BLKSIZE 865#undef HAVE_STRUCT_STAT_ST_BLKSIZE
830 866
@@ -852,12 +888,18 @@
852/* Define if you have the <sys/pstat.h> header file. */ 888/* Define if you have the <sys/pstat.h> header file. */
853#undef HAVE_SYS_PSTAT_H 889#undef HAVE_SYS_PSTAT_H
854 890
891/* Define if you have the <sys/ptms.h> header file. */
892#undef HAVE_SYS_PTMS_H
893
855/* Define if you have the <sys/select.h> header file. */ 894/* Define if you have the <sys/select.h> header file. */
856#undef HAVE_SYS_SELECT_H 895#undef HAVE_SYS_SELECT_H
857 896
858/* Define if you have the <sys/stat.h> header file. */ 897/* Define if you have the <sys/stat.h> header file. */
859#undef HAVE_SYS_STAT_H 898#undef HAVE_SYS_STAT_H
860 899
900/* Define if you have the <sys/stream.h> header file. */
901#undef HAVE_SYS_STREAM_H
902
861/* Define if you have the <sys/stropts.h> header file. */ 903/* Define if you have the <sys/stropts.h> header file. */
862#undef HAVE_SYS_STROPTS_H 904#undef HAVE_SYS_STROPTS_H
863 905
@@ -906,6 +948,9 @@
906/* Define if you have the `updwtmp' function. */ 948/* Define if you have the `updwtmp' function. */
907#undef HAVE_UPDWTMP 949#undef HAVE_UPDWTMP
908 950
951/* Define if you have the `updwtmpx' function. */
952#undef HAVE_UPDWTMPX
953
909/* Define if you have the <usersec.h> header file. */ 954/* Define if you have the <usersec.h> header file. */
910#undef HAVE_USERSEC_H 955#undef HAVE_USERSEC_H
911 956
@@ -933,6 +978,9 @@
933/* Define if you have the `vhangup' function. */ 978/* Define if you have the `vhangup' function. */
934#undef HAVE_VHANGUP 979#undef HAVE_VHANGUP
935 980
981/* Define if you have the <vis.h> header file. */
982#undef HAVE_VIS_H
983
936/* Define if you have the `vsnprintf' function. */ 984/* Define if you have the `vsnprintf' function. */
937#undef HAVE_VSNPRINTF 985#undef HAVE_VSNPRINTF
938 986
diff --git a/config.sub b/config.sub
index 79657cd18..d77dd77b4 100755
--- a/config.sub
+++ b/config.sub
@@ -162,10 +162,10 @@ case $os in
162 os=-chorusos 162 os=-chorusos
163 basic_machine=$1 163 basic_machine=$1
164 ;; 164 ;;
165 -chorusrdb) 165 -chorusrdb)
166 os=-chorusrdb 166 os=-chorusrdb
167 basic_machine=$1 167 basic_machine=$1
168 ;; 168 ;;
169 -hiux*) 169 -hiux*)
170 os=-hiuxwe2 170 os=-hiuxwe2
171 ;; 171 ;;
@@ -926,6 +926,10 @@ case $basic_machine in
926 basic_machine=sv1-cray 926 basic_machine=sv1-cray
927 os=-unicos 927 os=-unicos
928 ;; 928 ;;
929 sx*-nec)
930 basic_machine=sx6-nec
931 os=-sysv
932 ;;
929 symmetry) 933 symmetry)
930 basic_machine=i386-sequent 934 basic_machine=i386-sequent
931 os=-dynix 935 os=-dynix
@@ -1006,6 +1010,10 @@ case $basic_machine in
1006 basic_machine=hppa1.1-winbond 1010 basic_machine=hppa1.1-winbond
1007 os=-proelf 1011 os=-proelf
1008 ;; 1012 ;;
1013 windows32)
1014 basic_machine=i386-pc
1015 os=-windows32-msvcrt
1016 ;;
1009 xps | xps100) 1017 xps | xps100)
1010 basic_machine=xps100-honeywell 1018 basic_machine=xps100-honeywell
1011 ;; 1019 ;;
@@ -1102,8 +1110,8 @@ esac
1102if [ x"$os" != x"" ] 1110if [ x"$os" != x"" ]
1103then 1111then
1104case $os in 1112case $os in
1105 # First match some system type aliases 1113 # First match some system type aliases
1106 # that might get confused with valid system types. 1114 # that might get confused with valid system types.
1107 # -solaris* is a basic system type, with this one exception. 1115 # -solaris* is a basic system type, with this one exception.
1108 -solaris1 | -solaris1.*) 1116 -solaris1 | -solaris1.*)
1109 os=`echo $os | sed -e 's|solaris1|sunos4|'` 1117 os=`echo $os | sed -e 's|solaris1|sunos4|'`
diff --git a/configure b/configure
index 096c51af7..c39957b7c 100755
--- a/configure
+++ b/configure
@@ -669,6 +669,7 @@ Optional Features:
669 --enable-FEATURE[=ARG] include FEATURE [ARG=yes] 669 --enable-FEATURE[=ARG] include FEATURE [ARG=yes]
670 --disable-largefile omit support for large files 670 --disable-largefile omit support for large files
671 --disable-strip Disable calling strip(1) on install 671 --disable-strip Disable calling strip(1) on install
672 --disable-etc-default-login Disable using PATH from /etc/default/login no
672 --disable-lastlog disable use of lastlog even if detected no 673 --disable-lastlog disable use of lastlog even if detected no
673 --disable-utmp disable use of utmp even if detected no 674 --disable-utmp disable use of utmp even if detected no
674 --disable-utmpx disable use of utmpx even if detected no 675 --disable-utmpx disable use of utmpx even if detected no
@@ -681,17 +682,18 @@ Optional Features:
681Optional Packages: 682Optional Packages:
682 --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] 683 --with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
683 --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) 684 --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no)
685 --without-rpath Disable auto-added -R linker paths
684 --with-osfsia Enable Digital Unix SIA 686 --with-osfsia Enable Digital Unix SIA
685 --with-cflags Specify additional flags to pass to compiler 687 --with-cflags Specify additional flags to pass to compiler
686 --with-cppflags Specify additional flags to pass to preprocessor 688 --with-cppflags Specify additional flags to pass to preprocessor
687 --with-ldflags Specify additional flags to pass to linker 689 --with-ldflags Specify additional flags to pass to linker
688 --with-libs Specify additional libraries to link with 690 --with-libs Specify additional libraries to link with
689 --without-rpath Disable auto-added -R linker paths
690 --with-zlib=PATH Use zlib in PATH 691 --with-zlib=PATH Use zlib in PATH
692 --without-zlib-version-check Disable zlib version check
691 --with-skey[=PATH] Enable S/Key support 693 --with-skey[=PATH] Enable S/Key support
692 (optionally in PATH) 694 (optionally in PATH)
693 --with-tcp-wrappers[=PATH] Enable tcpwrappers support 695 --with-tcp-wrappers[=PATH] Enable tcpwrappers support
694 (optionally in PATH) 696 (optionally in PATH)
695 --with-pam Enable PAM support 697 --with-pam Enable PAM support
696 --with-ssl-dir=PATH Specify path to OpenSSL installation 698 --with-ssl-dir=PATH Specify path to OpenSSL installation
697 --with-rand-helper Use subprocess to gather strong randomness 699 --with-rand-helper Use subprocess to gather strong randomness
@@ -701,7 +703,6 @@ Optional Packages:
701 --with-privsep-user=user Specify non-privileged user for privilege separation 703 --with-privsep-user=user Specify non-privileged user for privilege separation
702 --with-sectok Enable smartcard support using libsectok 704 --with-sectok Enable smartcard support using libsectok
703 --with-opensc=PFX Enable smartcard support using OpenSC 705 --with-opensc=PFX Enable smartcard support using OpenSC
704 --with-dns Support for fetching keys from DNS (experimental)
705 --with-kerberos5=PATH Enable Kerberos 5 support 706 --with-kerberos5=PATH Enable Kerberos 5 support
706 --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty) 707 --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)
707 --with-xauth=PATH Specify path to xauth program 708 --with-xauth=PATH Specify path to xauth program
@@ -908,7 +909,7 @@ if test -z "$CONFIG_SITE"; then
908fi 909fi
909for ac_site_file in $CONFIG_SITE; do 910for ac_site_file in $CONFIG_SITE; do
910 if test -r "$ac_site_file"; then 911 if test -r "$ac_site_file"; then
911 { echo "$as_me:911: loading site script $ac_site_file" >&5 912 { echo "$as_me:912: loading site script $ac_site_file" >&5
912echo "$as_me: loading site script $ac_site_file" >&6;} 913echo "$as_me: loading site script $ac_site_file" >&6;}
913 cat "$ac_site_file" >&5 914 cat "$ac_site_file" >&5
914 . "$ac_site_file" 915 . "$ac_site_file"
@@ -919,7 +920,7 @@ if test -r "$cache_file"; then
919 # Some versions of bash will fail to source /dev/null (special 920 # Some versions of bash will fail to source /dev/null (special
920 # files actually), so we avoid doing that. 921 # files actually), so we avoid doing that.
921 if test -f "$cache_file"; then 922 if test -f "$cache_file"; then
922 { echo "$as_me:922: loading cache $cache_file" >&5 923 { echo "$as_me:923: loading cache $cache_file" >&5
923echo "$as_me: loading cache $cache_file" >&6;} 924echo "$as_me: loading cache $cache_file" >&6;}
924 case $cache_file in 925 case $cache_file in
925 [\\/]* | ?:[\\/]* ) . $cache_file;; 926 [\\/]* | ?:[\\/]* ) . $cache_file;;
@@ -927,7 +928,7 @@ echo "$as_me: loading cache $cache_file" >&6;}
927 esac 928 esac
928 fi 929 fi
929else 930else
930 { echo "$as_me:930: creating cache $cache_file" >&5 931 { echo "$as_me:931: creating cache $cache_file" >&5
931echo "$as_me: creating cache $cache_file" >&6;} 932echo "$as_me: creating cache $cache_file" >&6;}
932 >$cache_file 933 >$cache_file
933fi 934fi
@@ -943,21 +944,21 @@ for ac_var in `(set) 2>&1 |
943 eval ac_new_val="\$ac_env_${ac_var}_value" 944 eval ac_new_val="\$ac_env_${ac_var}_value"
944 case $ac_old_set,$ac_new_set in 945 case $ac_old_set,$ac_new_set in
945 set,) 946 set,)
946 { echo "$as_me:946: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 947 { echo "$as_me:947: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5
947echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} 948echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;}
948 ac_cache_corrupted=: ;; 949 ac_cache_corrupted=: ;;
949 ,set) 950 ,set)
950 { echo "$as_me:950: error: \`$ac_var' was not set in the previous run" >&5 951 { echo "$as_me:951: error: \`$ac_var' was not set in the previous run" >&5
951echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} 952echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;}
952 ac_cache_corrupted=: ;; 953 ac_cache_corrupted=: ;;
953 ,);; 954 ,);;
954 *) 955 *)
955 if test "x$ac_old_val" != "x$ac_new_val"; then 956 if test "x$ac_old_val" != "x$ac_new_val"; then
956 { echo "$as_me:956: error: \`$ac_var' has changed since the previous run:" >&5 957 { echo "$as_me:957: error: \`$ac_var' has changed since the previous run:" >&5
957echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} 958echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;}
958 { echo "$as_me:958: former value: $ac_old_val" >&5 959 { echo "$as_me:959: former value: $ac_old_val" >&5
959echo "$as_me: former value: $ac_old_val" >&2;} 960echo "$as_me: former value: $ac_old_val" >&2;}
960 { echo "$as_me:960: current value: $ac_new_val" >&5 961 { echo "$as_me:961: current value: $ac_new_val" >&5
961echo "$as_me: current value: $ac_new_val" >&2;} 962echo "$as_me: current value: $ac_new_val" >&2;}
962 ac_cache_corrupted=: 963 ac_cache_corrupted=:
963 fi;; 964 fi;;
@@ -976,9 +977,9 @@ echo "$as_me: current value: $ac_new_val" >&2;}
976 fi 977 fi
977done 978done
978if $ac_cache_corrupted; then 979if $ac_cache_corrupted; then
979 { echo "$as_me:979: error: changes in the environment can compromise the build" >&5 980 { echo "$as_me:980: error: changes in the environment can compromise the build" >&5
980echo "$as_me: error: changes in the environment can compromise the build" >&2;} 981echo "$as_me: error: changes in the environment can compromise the build" >&2;}
981 { { echo "$as_me:981: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&5 982 { { echo "$as_me:982: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&5
982echo "$as_me: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&2;} 983echo "$as_me: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&2;}
983 { (exit 1); exit 1; }; } 984 { (exit 1); exit 1; }; }
984fi 985fi
@@ -998,10 +999,10 @@ esac
998echo "#! $SHELL" >conftest.sh 999echo "#! $SHELL" >conftest.sh
999echo "exit 0" >>conftest.sh 1000echo "exit 0" >>conftest.sh
1000chmod +x conftest.sh 1001chmod +x conftest.sh
1001if { (echo "$as_me:1001: PATH=\".;.\"; conftest.sh") >&5 1002if { (echo "$as_me:1002: PATH=\".;.\"; conftest.sh") >&5
1002 (PATH=".;."; conftest.sh) 2>&5 1003 (PATH=".;."; conftest.sh) 2>&5
1003 ac_status=$? 1004 ac_status=$?
1004 echo "$as_me:1004: \$? = $ac_status" >&5 1005 echo "$as_me:1005: \$? = $ac_status" >&5
1005 (exit $ac_status); }; then 1006 (exit $ac_status); }; then
1006 ac_path_separator=';' 1007 ac_path_separator=';'
1007else 1008else
@@ -1020,7 +1021,7 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu
1020if test -n "$ac_tool_prefix"; then 1021if test -n "$ac_tool_prefix"; then
1021 # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. 1022 # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args.
1022set dummy ${ac_tool_prefix}gcc; ac_word=$2 1023set dummy ${ac_tool_prefix}gcc; ac_word=$2
1023echo "$as_me:1023: checking for $ac_word" >&5 1024echo "$as_me:1024: checking for $ac_word" >&5
1024echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 1025echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
1025if test "${ac_cv_prog_CC+set}" = set; then 1026if test "${ac_cv_prog_CC+set}" = set; then
1026 echo $ECHO_N "(cached) $ECHO_C" >&6 1027 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -1035,7 +1036,7 @@ for ac_dir in $ac_dummy; do
1035 test -z "$ac_dir" && ac_dir=. 1036 test -z "$ac_dir" && ac_dir=.
1036 $as_executable_p "$ac_dir/$ac_word" || continue 1037 $as_executable_p "$ac_dir/$ac_word" || continue
1037ac_cv_prog_CC="${ac_tool_prefix}gcc" 1038ac_cv_prog_CC="${ac_tool_prefix}gcc"
1038echo "$as_me:1038: found $ac_dir/$ac_word" >&5 1039echo "$as_me:1039: found $ac_dir/$ac_word" >&5
1039break 1040break
1040done 1041done
1041 1042
@@ -1043,10 +1044,10 @@ fi
1043fi 1044fi
1044CC=$ac_cv_prog_CC 1045CC=$ac_cv_prog_CC
1045if test -n "$CC"; then 1046if test -n "$CC"; then
1046 echo "$as_me:1046: result: $CC" >&5 1047 echo "$as_me:1047: result: $CC" >&5
1047echo "${ECHO_T}$CC" >&6 1048echo "${ECHO_T}$CC" >&6
1048else 1049else
1049 echo "$as_me:1049: result: no" >&5 1050 echo "$as_me:1050: result: no" >&5
1050echo "${ECHO_T}no" >&6 1051echo "${ECHO_T}no" >&6
1051fi 1052fi
1052 1053
@@ -1055,7 +1056,7 @@ if test -z "$ac_cv_prog_CC"; then
1055 ac_ct_CC=$CC 1056 ac_ct_CC=$CC
1056 # Extract the first word of "gcc", so it can be a program name with args. 1057 # Extract the first word of "gcc", so it can be a program name with args.
1057set dummy gcc; ac_word=$2 1058set dummy gcc; ac_word=$2
1058echo "$as_me:1058: checking for $ac_word" >&5 1059echo "$as_me:1059: checking for $ac_word" >&5
1059echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 1060echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
1060if test "${ac_cv_prog_ac_ct_CC+set}" = set; then 1061if test "${ac_cv_prog_ac_ct_CC+set}" = set; then
1061 echo $ECHO_N "(cached) $ECHO_C" >&6 1062 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -1070,7 +1071,7 @@ for ac_dir in $ac_dummy; do
1070 test -z "$ac_dir" && ac_dir=. 1071 test -z "$ac_dir" && ac_dir=.
1071 $as_executable_p "$ac_dir/$ac_word" || continue 1072 $as_executable_p "$ac_dir/$ac_word" || continue
1072ac_cv_prog_ac_ct_CC="gcc" 1073ac_cv_prog_ac_ct_CC="gcc"
1073echo "$as_me:1073: found $ac_dir/$ac_word" >&5 1074echo "$as_me:1074: found $ac_dir/$ac_word" >&5
1074break 1075break
1075done 1076done
1076 1077
@@ -1078,10 +1079,10 @@ fi
1078fi 1079fi
1079ac_ct_CC=$ac_cv_prog_ac_ct_CC 1080ac_ct_CC=$ac_cv_prog_ac_ct_CC
1080if test -n "$ac_ct_CC"; then 1081if test -n "$ac_ct_CC"; then
1081 echo "$as_me:1081: result: $ac_ct_CC" >&5 1082 echo "$as_me:1082: result: $ac_ct_CC" >&5
1082echo "${ECHO_T}$ac_ct_CC" >&6 1083echo "${ECHO_T}$ac_ct_CC" >&6
1083else 1084else
1084 echo "$as_me:1084: result: no" >&5 1085 echo "$as_me:1085: result: no" >&5
1085echo "${ECHO_T}no" >&6 1086echo "${ECHO_T}no" >&6
1086fi 1087fi
1087 1088
@@ -1094,7 +1095,7 @@ if test -z "$CC"; then
1094 if test -n "$ac_tool_prefix"; then 1095 if test -n "$ac_tool_prefix"; then
1095 # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. 1096 # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args.
1096set dummy ${ac_tool_prefix}cc; ac_word=$2 1097set dummy ${ac_tool_prefix}cc; ac_word=$2
1097echo "$as_me:1097: checking for $ac_word" >&5 1098echo "$as_me:1098: checking for $ac_word" >&5
1098echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 1099echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
1099if test "${ac_cv_prog_CC+set}" = set; then 1100if test "${ac_cv_prog_CC+set}" = set; then
1100 echo $ECHO_N "(cached) $ECHO_C" >&6 1101 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -1109,7 +1110,7 @@ for ac_dir in $ac_dummy; do
1109 test -z "$ac_dir" && ac_dir=. 1110 test -z "$ac_dir" && ac_dir=.
1110 $as_executable_p "$ac_dir/$ac_word" || continue 1111 $as_executable_p "$ac_dir/$ac_word" || continue
1111ac_cv_prog_CC="${ac_tool_prefix}cc" 1112ac_cv_prog_CC="${ac_tool_prefix}cc"
1112echo "$as_me:1112: found $ac_dir/$ac_word" >&5 1113echo "$as_me:1113: found $ac_dir/$ac_word" >&5
1113break 1114break
1114done 1115done
1115 1116
@@ -1117,10 +1118,10 @@ fi
1117fi 1118fi
1118CC=$ac_cv_prog_CC 1119CC=$ac_cv_prog_CC
1119if test -n "$CC"; then 1120if test -n "$CC"; then
1120 echo "$as_me:1120: result: $CC" >&5 1121 echo "$as_me:1121: result: $CC" >&5
1121echo "${ECHO_T}$CC" >&6 1122echo "${ECHO_T}$CC" >&6
1122else 1123else
1123 echo "$as_me:1123: result: no" >&5 1124 echo "$as_me:1124: result: no" >&5
1124echo "${ECHO_T}no" >&6 1125echo "${ECHO_T}no" >&6
1125fi 1126fi
1126 1127
@@ -1129,7 +1130,7 @@ if test -z "$ac_cv_prog_CC"; then
1129 ac_ct_CC=$CC 1130 ac_ct_CC=$CC
1130 # Extract the first word of "cc", so it can be a program name with args. 1131 # Extract the first word of "cc", so it can be a program name with args.
1131set dummy cc; ac_word=$2 1132set dummy cc; ac_word=$2
1132echo "$as_me:1132: checking for $ac_word" >&5 1133echo "$as_me:1133: checking for $ac_word" >&5
1133echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 1134echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
1134if test "${ac_cv_prog_ac_ct_CC+set}" = set; then 1135if test "${ac_cv_prog_ac_ct_CC+set}" = set; then
1135 echo $ECHO_N "(cached) $ECHO_C" >&6 1136 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -1144,7 +1145,7 @@ for ac_dir in $ac_dummy; do
1144 test -z "$ac_dir" && ac_dir=. 1145 test -z "$ac_dir" && ac_dir=.
1145 $as_executable_p "$ac_dir/$ac_word" || continue 1146 $as_executable_p "$ac_dir/$ac_word" || continue
1146ac_cv_prog_ac_ct_CC="cc" 1147ac_cv_prog_ac_ct_CC="cc"
1147echo "$as_me:1147: found $ac_dir/$ac_word" >&5 1148echo "$as_me:1148: found $ac_dir/$ac_word" >&5
1148break 1149break
1149done 1150done
1150 1151
@@ -1152,10 +1153,10 @@ fi
1152fi 1153fi
1153ac_ct_CC=$ac_cv_prog_ac_ct_CC 1154ac_ct_CC=$ac_cv_prog_ac_ct_CC
1154if test -n "$ac_ct_CC"; then 1155if test -n "$ac_ct_CC"; then
1155 echo "$as_me:1155: result: $ac_ct_CC" >&5 1156 echo "$as_me:1156: result: $ac_ct_CC" >&5
1156echo "${ECHO_T}$ac_ct_CC" >&6 1157echo "${ECHO_T}$ac_ct_CC" >&6
1157else 1158else
1158 echo "$as_me:1158: result: no" >&5 1159 echo "$as_me:1159: result: no" >&5
1159echo "${ECHO_T}no" >&6 1160echo "${ECHO_T}no" >&6
1160fi 1161fi
1161 1162
@@ -1168,7 +1169,7 @@ fi
1168if test -z "$CC"; then 1169if test -z "$CC"; then
1169 # Extract the first word of "cc", so it can be a program name with args. 1170 # Extract the first word of "cc", so it can be a program name with args.
1170set dummy cc; ac_word=$2 1171set dummy cc; ac_word=$2
1171echo "$as_me:1171: checking for $ac_word" >&5 1172echo "$as_me:1172: checking for $ac_word" >&5
1172echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 1173echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
1173if test "${ac_cv_prog_CC+set}" = set; then 1174if test "${ac_cv_prog_CC+set}" = set; then
1174 echo $ECHO_N "(cached) $ECHO_C" >&6 1175 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -1188,7 +1189,7 @@ if test "$ac_dir/$ac_word" = "/usr/ucb/cc"; then
1188 continue 1189 continue
1189fi 1190fi
1190ac_cv_prog_CC="cc" 1191ac_cv_prog_CC="cc"
1191echo "$as_me:1191: found $ac_dir/$ac_word" >&5 1192echo "$as_me:1192: found $ac_dir/$ac_word" >&5
1192break 1193break
1193done 1194done
1194 1195
@@ -1210,10 +1211,10 @@ fi
1210fi 1211fi
1211CC=$ac_cv_prog_CC 1212CC=$ac_cv_prog_CC
1212if test -n "$CC"; then 1213if test -n "$CC"; then
1213 echo "$as_me:1213: result: $CC" >&5 1214 echo "$as_me:1214: result: $CC" >&5
1214echo "${ECHO_T}$CC" >&6 1215echo "${ECHO_T}$CC" >&6
1215else 1216else
1216 echo "$as_me:1216: result: no" >&5 1217 echo "$as_me:1217: result: no" >&5
1217echo "${ECHO_T}no" >&6 1218echo "${ECHO_T}no" >&6
1218fi 1219fi
1219 1220
@@ -1224,7 +1225,7 @@ if test -z "$CC"; then
1224 do 1225 do
1225 # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. 1226 # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
1226set dummy $ac_tool_prefix$ac_prog; ac_word=$2 1227set dummy $ac_tool_prefix$ac_prog; ac_word=$2
1227echo "$as_me:1227: checking for $ac_word" >&5 1228echo "$as_me:1228: checking for $ac_word" >&5
1228echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 1229echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
1229if test "${ac_cv_prog_CC+set}" = set; then 1230if test "${ac_cv_prog_CC+set}" = set; then
1230 echo $ECHO_N "(cached) $ECHO_C" >&6 1231 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -1239,7 +1240,7 @@ for ac_dir in $ac_dummy; do
1239 test -z "$ac_dir" && ac_dir=. 1240 test -z "$ac_dir" && ac_dir=.
1240 $as_executable_p "$ac_dir/$ac_word" || continue 1241 $as_executable_p "$ac_dir/$ac_word" || continue
1241ac_cv_prog_CC="$ac_tool_prefix$ac_prog" 1242ac_cv_prog_CC="$ac_tool_prefix$ac_prog"
1242echo "$as_me:1242: found $ac_dir/$ac_word" >&5 1243echo "$as_me:1243: found $ac_dir/$ac_word" >&5
1243break 1244break
1244done 1245done
1245 1246
@@ -1247,10 +1248,10 @@ fi
1247fi 1248fi
1248CC=$ac_cv_prog_CC 1249CC=$ac_cv_prog_CC
1249if test -n "$CC"; then 1250if test -n "$CC"; then
1250 echo "$as_me:1250: result: $CC" >&5 1251 echo "$as_me:1251: result: $CC" >&5
1251echo "${ECHO_T}$CC" >&6 1252echo "${ECHO_T}$CC" >&6
1252else 1253else
1253 echo "$as_me:1253: result: no" >&5 1254 echo "$as_me:1254: result: no" >&5
1254echo "${ECHO_T}no" >&6 1255echo "${ECHO_T}no" >&6
1255fi 1256fi
1256 1257
@@ -1263,7 +1264,7 @@ if test -z "$CC"; then
1263do 1264do
1264 # Extract the first word of "$ac_prog", so it can be a program name with args. 1265 # Extract the first word of "$ac_prog", so it can be a program name with args.
1265set dummy $ac_prog; ac_word=$2 1266set dummy $ac_prog; ac_word=$2
1266echo "$as_me:1266: checking for $ac_word" >&5 1267echo "$as_me:1267: checking for $ac_word" >&5
1267echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 1268echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
1268if test "${ac_cv_prog_ac_ct_CC+set}" = set; then 1269if test "${ac_cv_prog_ac_ct_CC+set}" = set; then
1269 echo $ECHO_N "(cached) $ECHO_C" >&6 1270 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -1278,7 +1279,7 @@ for ac_dir in $ac_dummy; do
1278 test -z "$ac_dir" && ac_dir=. 1279 test -z "$ac_dir" && ac_dir=.
1279 $as_executable_p "$ac_dir/$ac_word" || continue 1280 $as_executable_p "$ac_dir/$ac_word" || continue
1280ac_cv_prog_ac_ct_CC="$ac_prog" 1281ac_cv_prog_ac_ct_CC="$ac_prog"
1281echo "$as_me:1281: found $ac_dir/$ac_word" >&5 1282echo "$as_me:1282: found $ac_dir/$ac_word" >&5
1282break 1283break
1283done 1284done
1284 1285
@@ -1286,10 +1287,10 @@ fi
1286fi 1287fi
1287ac_ct_CC=$ac_cv_prog_ac_ct_CC 1288ac_ct_CC=$ac_cv_prog_ac_ct_CC
1288if test -n "$ac_ct_CC"; then 1289if test -n "$ac_ct_CC"; then
1289 echo "$as_me:1289: result: $ac_ct_CC" >&5 1290 echo "$as_me:1290: result: $ac_ct_CC" >&5
1290echo "${ECHO_T}$ac_ct_CC" >&6 1291echo "${ECHO_T}$ac_ct_CC" >&6
1291else 1292else
1292 echo "$as_me:1292: result: no" >&5 1293 echo "$as_me:1293: result: no" >&5
1293echo "${ECHO_T}no" >&6 1294echo "${ECHO_T}no" >&6
1294fi 1295fi
1295 1296
@@ -1301,32 +1302,32 @@ fi
1301 1302
1302fi 1303fi
1303 1304
1304test -z "$CC" && { { echo "$as_me:1304: error: no acceptable cc found in \$PATH" >&5 1305test -z "$CC" && { { echo "$as_me:1305: error: no acceptable cc found in \$PATH" >&5
1305echo "$as_me: error: no acceptable cc found in \$PATH" >&2;} 1306echo "$as_me: error: no acceptable cc found in \$PATH" >&2;}
1306 { (exit 1); exit 1; }; } 1307 { (exit 1); exit 1; }; }
1307 1308
1308# Provide some information about the compiler. 1309# Provide some information about the compiler.
1309echo "$as_me:1309:" \ 1310echo "$as_me:1310:" \
1310 "checking for C compiler version" >&5 1311 "checking for C compiler version" >&5
1311ac_compiler=`set X $ac_compile; echo $2` 1312ac_compiler=`set X $ac_compile; echo $2`
1312{ (eval echo "$as_me:1312: \"$ac_compiler --version </dev/null >&5\"") >&5 1313{ (eval echo "$as_me:1313: \"$ac_compiler --version </dev/null >&5\"") >&5
1313 (eval $ac_compiler --version </dev/null >&5) 2>&5 1314 (eval $ac_compiler --version </dev/null >&5) 2>&5
1314 ac_status=$? 1315 ac_status=$?
1315 echo "$as_me:1315: \$? = $ac_status" >&5 1316 echo "$as_me:1316: \$? = $ac_status" >&5
1316 (exit $ac_status); } 1317 (exit $ac_status); }
1317{ (eval echo "$as_me:1317: \"$ac_compiler -v </dev/null >&5\"") >&5 1318{ (eval echo "$as_me:1318: \"$ac_compiler -v </dev/null >&5\"") >&5
1318 (eval $ac_compiler -v </dev/null >&5) 2>&5 1319 (eval $ac_compiler -v </dev/null >&5) 2>&5
1319 ac_status=$? 1320 ac_status=$?
1320 echo "$as_me:1320: \$? = $ac_status" >&5 1321 echo "$as_me:1321: \$? = $ac_status" >&5
1321 (exit $ac_status); } 1322 (exit $ac_status); }
1322{ (eval echo "$as_me:1322: \"$ac_compiler -V </dev/null >&5\"") >&5 1323{ (eval echo "$as_me:1323: \"$ac_compiler -V </dev/null >&5\"") >&5
1323 (eval $ac_compiler -V </dev/null >&5) 2>&5 1324 (eval $ac_compiler -V </dev/null >&5) 2>&5
1324 ac_status=$? 1325 ac_status=$?
1325 echo "$as_me:1325: \$? = $ac_status" >&5 1326 echo "$as_me:1326: \$? = $ac_status" >&5
1326 (exit $ac_status); } 1327 (exit $ac_status); }
1327 1328
1328cat >conftest.$ac_ext <<_ACEOF 1329cat >conftest.$ac_ext <<_ACEOF
1329#line 1329 "configure" 1330#line 1330 "configure"
1330#include "confdefs.h" 1331#include "confdefs.h"
1331 1332
1332int 1333int
@@ -1342,13 +1343,13 @@ ac_clean_files="$ac_clean_files a.out a.exe"
1342# Try to create an executable without -o first, disregard a.out. 1343# Try to create an executable without -o first, disregard a.out.
1343# It will help us diagnose broken compilers, and finding out an intuition 1344# It will help us diagnose broken compilers, and finding out an intuition
1344# of exeext. 1345# of exeext.
1345echo "$as_me:1345: checking for C compiler default output" >&5 1346echo "$as_me:1346: checking for C compiler default output" >&5
1346echo $ECHO_N "checking for C compiler default output... $ECHO_C" >&6 1347echo $ECHO_N "checking for C compiler default output... $ECHO_C" >&6
1347ac_link_default=`echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'` 1348ac_link_default=`echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'`
1348if { (eval echo "$as_me:1348: \"$ac_link_default\"") >&5 1349if { (eval echo "$as_me:1349: \"$ac_link_default\"") >&5
1349 (eval $ac_link_default) 2>&5 1350 (eval $ac_link_default) 2>&5
1350 ac_status=$? 1351 ac_status=$?
1351 echo "$as_me:1351: \$? = $ac_status" >&5 1352 echo "$as_me:1352: \$? = $ac_status" >&5
1352 (exit $ac_status); }; then 1353 (exit $ac_status); }; then
1353 # Find the output, starting from the most likely. This scheme is 1354 # Find the output, starting from the most likely. This scheme is
1354# not robust to junk in `.', hence go to wildcards (a.*) only as a last 1355# not robust to junk in `.', hence go to wildcards (a.*) only as a last
@@ -1371,34 +1372,34 @@ done
1371else 1372else
1372 echo "$as_me: failed program was:" >&5 1373 echo "$as_me: failed program was:" >&5
1373cat conftest.$ac_ext >&5 1374cat conftest.$ac_ext >&5
1374{ { echo "$as_me:1374: error: C compiler cannot create executables" >&5 1375{ { echo "$as_me:1375: error: C compiler cannot create executables" >&5
1375echo "$as_me: error: C compiler cannot create executables" >&2;} 1376echo "$as_me: error: C compiler cannot create executables" >&2;}
1376 { (exit 77); exit 77; }; } 1377 { (exit 77); exit 77; }; }
1377fi 1378fi
1378 1379
1379ac_exeext=$ac_cv_exeext 1380ac_exeext=$ac_cv_exeext
1380echo "$as_me:1380: result: $ac_file" >&5 1381echo "$as_me:1381: result: $ac_file" >&5
1381echo "${ECHO_T}$ac_file" >&6 1382echo "${ECHO_T}$ac_file" >&6
1382 1383
1383# Check the compiler produces executables we can run. If not, either 1384# Check the compiler produces executables we can run. If not, either
1384# the compiler is broken, or we cross compile. 1385# the compiler is broken, or we cross compile.
1385echo "$as_me:1385: checking whether the C compiler works" >&5 1386echo "$as_me:1386: checking whether the C compiler works" >&5
1386echo $ECHO_N "checking whether the C compiler works... $ECHO_C" >&6 1387echo $ECHO_N "checking whether the C compiler works... $ECHO_C" >&6
1387# FIXME: These cross compiler hacks should be removed for Autoconf 3.0 1388# FIXME: These cross compiler hacks should be removed for Autoconf 3.0
1388# If not cross compiling, check that we can run a simple program. 1389# If not cross compiling, check that we can run a simple program.
1389if test "$cross_compiling" != yes; then 1390if test "$cross_compiling" != yes; then
1390 if { ac_try='./$ac_file' 1391 if { ac_try='./$ac_file'
1391 { (eval echo "$as_me:1391: \"$ac_try\"") >&5 1392 { (eval echo "$as_me:1392: \"$ac_try\"") >&5
1392 (eval $ac_try) 2>&5 1393 (eval $ac_try) 2>&5
1393 ac_status=$? 1394 ac_status=$?
1394 echo "$as_me:1394: \$? = $ac_status" >&5 1395 echo "$as_me:1395: \$? = $ac_status" >&5
1395 (exit $ac_status); }; }; then 1396 (exit $ac_status); }; }; then
1396 cross_compiling=no 1397 cross_compiling=no
1397 else 1398 else
1398 if test "$cross_compiling" = maybe; then 1399 if test "$cross_compiling" = maybe; then
1399 cross_compiling=yes 1400 cross_compiling=yes
1400 else 1401 else
1401 { { echo "$as_me:1401: error: cannot run C compiled programs. 1402 { { echo "$as_me:1402: error: cannot run C compiled programs.
1402If you meant to cross compile, use \`--host'." >&5 1403If you meant to cross compile, use \`--host'." >&5
1403echo "$as_me: error: cannot run C compiled programs. 1404echo "$as_me: error: cannot run C compiled programs.
1404If you meant to cross compile, use \`--host'." >&2;} 1405If you meant to cross compile, use \`--host'." >&2;}
@@ -1406,24 +1407,24 @@ If you meant to cross compile, use \`--host'." >&2;}
1406 fi 1407 fi
1407 fi 1408 fi
1408fi 1409fi
1409echo "$as_me:1409: result: yes" >&5 1410echo "$as_me:1410: result: yes" >&5
1410echo "${ECHO_T}yes" >&6 1411echo "${ECHO_T}yes" >&6
1411 1412
1412rm -f a.out a.exe conftest$ac_cv_exeext 1413rm -f a.out a.exe conftest$ac_cv_exeext
1413ac_clean_files=$ac_clean_files_save 1414ac_clean_files=$ac_clean_files_save
1414# Check the compiler produces executables we can run. If not, either 1415# Check the compiler produces executables we can run. If not, either
1415# the compiler is broken, or we cross compile. 1416# the compiler is broken, or we cross compile.
1416echo "$as_me:1416: checking whether we are cross compiling" >&5 1417echo "$as_me:1417: checking whether we are cross compiling" >&5
1417echo $ECHO_N "checking whether we are cross compiling... $ECHO_C" >&6 1418echo $ECHO_N "checking whether we are cross compiling... $ECHO_C" >&6
1418echo "$as_me:1418: result: $cross_compiling" >&5 1419echo "$as_me:1419: result: $cross_compiling" >&5
1419echo "${ECHO_T}$cross_compiling" >&6 1420echo "${ECHO_T}$cross_compiling" >&6
1420 1421
1421echo "$as_me:1421: checking for executable suffix" >&5 1422echo "$as_me:1422: checking for executable suffix" >&5
1422echo $ECHO_N "checking for executable suffix... $ECHO_C" >&6 1423echo $ECHO_N "checking for executable suffix... $ECHO_C" >&6
1423if { (eval echo "$as_me:1423: \"$ac_link\"") >&5 1424if { (eval echo "$as_me:1424: \"$ac_link\"") >&5
1424 (eval $ac_link) 2>&5 1425 (eval $ac_link) 2>&5
1425 ac_status=$? 1426 ac_status=$?
1426 echo "$as_me:1426: \$? = $ac_status" >&5 1427 echo "$as_me:1427: \$? = $ac_status" >&5
1427 (exit $ac_status); }; then 1428 (exit $ac_status); }; then
1428 # If both `conftest.exe' and `conftest' are `present' (well, observable) 1429 # If both `conftest.exe' and `conftest' are `present' (well, observable)
1429# catch `conftest.exe'. For instance with Cygwin, `ls conftest' will 1430# catch `conftest.exe'. For instance with Cygwin, `ls conftest' will
@@ -1439,25 +1440,25 @@ for ac_file in `(ls conftest.exe; ls conftest; ls conftest.*) 2>/dev/null`; do
1439 esac 1440 esac
1440done 1441done
1441else 1442else
1442 { { echo "$as_me:1442: error: cannot compute EXEEXT: cannot compile and link" >&5 1443 { { echo "$as_me:1443: error: cannot compute EXEEXT: cannot compile and link" >&5
1443echo "$as_me: error: cannot compute EXEEXT: cannot compile and link" >&2;} 1444echo "$as_me: error: cannot compute EXEEXT: cannot compile and link" >&2;}
1444 { (exit 1); exit 1; }; } 1445 { (exit 1); exit 1; }; }
1445fi 1446fi
1446 1447
1447rm -f conftest$ac_cv_exeext 1448rm -f conftest$ac_cv_exeext
1448echo "$as_me:1448: result: $ac_cv_exeext" >&5 1449echo "$as_me:1449: result: $ac_cv_exeext" >&5
1449echo "${ECHO_T}$ac_cv_exeext" >&6 1450echo "${ECHO_T}$ac_cv_exeext" >&6
1450 1451
1451rm -f conftest.$ac_ext 1452rm -f conftest.$ac_ext
1452EXEEXT=$ac_cv_exeext 1453EXEEXT=$ac_cv_exeext
1453ac_exeext=$EXEEXT 1454ac_exeext=$EXEEXT
1454echo "$as_me:1454: checking for object suffix" >&5 1455echo "$as_me:1455: checking for object suffix" >&5
1455echo $ECHO_N "checking for object suffix... $ECHO_C" >&6 1456echo $ECHO_N "checking for object suffix... $ECHO_C" >&6
1456if test "${ac_cv_objext+set}" = set; then 1457if test "${ac_cv_objext+set}" = set; then
1457 echo $ECHO_N "(cached) $ECHO_C" >&6 1458 echo $ECHO_N "(cached) $ECHO_C" >&6
1458else 1459else
1459 cat >conftest.$ac_ext <<_ACEOF 1460 cat >conftest.$ac_ext <<_ACEOF
1460#line 1460 "configure" 1461#line 1461 "configure"
1461#include "confdefs.h" 1462#include "confdefs.h"
1462 1463
1463int 1464int
@@ -1469,10 +1470,10 @@ main ()
1469} 1470}
1470_ACEOF 1471_ACEOF
1471rm -f conftest.o conftest.obj 1472rm -f conftest.o conftest.obj
1472if { (eval echo "$as_me:1472: \"$ac_compile\"") >&5 1473if { (eval echo "$as_me:1473: \"$ac_compile\"") >&5
1473 (eval $ac_compile) 2>&5 1474 (eval $ac_compile) 2>&5
1474 ac_status=$? 1475 ac_status=$?
1475 echo "$as_me:1475: \$? = $ac_status" >&5 1476 echo "$as_me:1476: \$? = $ac_status" >&5
1476 (exit $ac_status); }; then 1477 (exit $ac_status); }; then
1477 for ac_file in `(ls conftest.o conftest.obj; ls conftest.*) 2>/dev/null`; do 1478 for ac_file in `(ls conftest.o conftest.obj; ls conftest.*) 2>/dev/null`; do
1478 case $ac_file in 1479 case $ac_file in
@@ -1484,24 +1485,24 @@ done
1484else 1485else
1485 echo "$as_me: failed program was:" >&5 1486 echo "$as_me: failed program was:" >&5
1486cat conftest.$ac_ext >&5 1487cat conftest.$ac_ext >&5
1487{ { echo "$as_me:1487: error: cannot compute OBJEXT: cannot compile" >&5 1488{ { echo "$as_me:1488: error: cannot compute OBJEXT: cannot compile" >&5
1488echo "$as_me: error: cannot compute OBJEXT: cannot compile" >&2;} 1489echo "$as_me: error: cannot compute OBJEXT: cannot compile" >&2;}
1489 { (exit 1); exit 1; }; } 1490 { (exit 1); exit 1; }; }
1490fi 1491fi
1491 1492
1492rm -f conftest.$ac_cv_objext conftest.$ac_ext 1493rm -f conftest.$ac_cv_objext conftest.$ac_ext
1493fi 1494fi
1494echo "$as_me:1494: result: $ac_cv_objext" >&5 1495echo "$as_me:1495: result: $ac_cv_objext" >&5
1495echo "${ECHO_T}$ac_cv_objext" >&6 1496echo "${ECHO_T}$ac_cv_objext" >&6
1496OBJEXT=$ac_cv_objext 1497OBJEXT=$ac_cv_objext
1497ac_objext=$OBJEXT 1498ac_objext=$OBJEXT
1498echo "$as_me:1498: checking whether we are using the GNU C compiler" >&5 1499echo "$as_me:1499: checking whether we are using the GNU C compiler" >&5
1499echo $ECHO_N "checking whether we are using the GNU C compiler... $ECHO_C" >&6 1500echo $ECHO_N "checking whether we are using the GNU C compiler... $ECHO_C" >&6
1500if test "${ac_cv_c_compiler_gnu+set}" = set; then 1501if test "${ac_cv_c_compiler_gnu+set}" = set; then
1501 echo $ECHO_N "(cached) $ECHO_C" >&6 1502 echo $ECHO_N "(cached) $ECHO_C" >&6
1502else 1503else
1503 cat >conftest.$ac_ext <<_ACEOF 1504 cat >conftest.$ac_ext <<_ACEOF
1504#line 1504 "configure" 1505#line 1505 "configure"
1505#include "confdefs.h" 1506#include "confdefs.h"
1506 1507
1507int 1508int
@@ -1516,16 +1517,16 @@ main ()
1516} 1517}
1517_ACEOF 1518_ACEOF
1518rm -f conftest.$ac_objext 1519rm -f conftest.$ac_objext
1519if { (eval echo "$as_me:1519: \"$ac_compile\"") >&5 1520if { (eval echo "$as_me:1520: \"$ac_compile\"") >&5
1520 (eval $ac_compile) 2>&5 1521 (eval $ac_compile) 2>&5
1521 ac_status=$? 1522 ac_status=$?
1522 echo "$as_me:1522: \$? = $ac_status" >&5 1523 echo "$as_me:1523: \$? = $ac_status" >&5
1523 (exit $ac_status); } && 1524 (exit $ac_status); } &&
1524 { ac_try='test -s conftest.$ac_objext' 1525 { ac_try='test -s conftest.$ac_objext'
1525 { (eval echo "$as_me:1525: \"$ac_try\"") >&5 1526 { (eval echo "$as_me:1526: \"$ac_try\"") >&5
1526 (eval $ac_try) 2>&5 1527 (eval $ac_try) 2>&5
1527 ac_status=$? 1528 ac_status=$?
1528 echo "$as_me:1528: \$? = $ac_status" >&5 1529 echo "$as_me:1529: \$? = $ac_status" >&5
1529 (exit $ac_status); }; }; then 1530 (exit $ac_status); }; }; then
1530 ac_compiler_gnu=yes 1531 ac_compiler_gnu=yes
1531else 1532else
@@ -1537,19 +1538,19 @@ rm -f conftest.$ac_objext conftest.$ac_ext
1537ac_cv_c_compiler_gnu=$ac_compiler_gnu 1538ac_cv_c_compiler_gnu=$ac_compiler_gnu
1538 1539
1539fi 1540fi
1540echo "$as_me:1540: result: $ac_cv_c_compiler_gnu" >&5 1541echo "$as_me:1541: result: $ac_cv_c_compiler_gnu" >&5
1541echo "${ECHO_T}$ac_cv_c_compiler_gnu" >&6 1542echo "${ECHO_T}$ac_cv_c_compiler_gnu" >&6
1542GCC=`test $ac_compiler_gnu = yes && echo yes` 1543GCC=`test $ac_compiler_gnu = yes && echo yes`
1543ac_test_CFLAGS=${CFLAGS+set} 1544ac_test_CFLAGS=${CFLAGS+set}
1544ac_save_CFLAGS=$CFLAGS 1545ac_save_CFLAGS=$CFLAGS
1545CFLAGS="-g" 1546CFLAGS="-g"
1546echo "$as_me:1546: checking whether $CC accepts -g" >&5 1547echo "$as_me:1547: checking whether $CC accepts -g" >&5
1547echo $ECHO_N "checking whether $CC accepts -g... $ECHO_C" >&6 1548echo $ECHO_N "checking whether $CC accepts -g... $ECHO_C" >&6
1548if test "${ac_cv_prog_cc_g+set}" = set; then 1549if test "${ac_cv_prog_cc_g+set}" = set; then
1549 echo $ECHO_N "(cached) $ECHO_C" >&6 1550 echo $ECHO_N "(cached) $ECHO_C" >&6
1550else 1551else
1551 cat >conftest.$ac_ext <<_ACEOF 1552 cat >conftest.$ac_ext <<_ACEOF
1552#line 1552 "configure" 1553#line 1553 "configure"
1553#include "confdefs.h" 1554#include "confdefs.h"
1554 1555
1555int 1556int
@@ -1561,16 +1562,16 @@ main ()
1561} 1562}
1562_ACEOF 1563_ACEOF
1563rm -f conftest.$ac_objext 1564rm -f conftest.$ac_objext
1564if { (eval echo "$as_me:1564: \"$ac_compile\"") >&5 1565if { (eval echo "$as_me:1565: \"$ac_compile\"") >&5
1565 (eval $ac_compile) 2>&5 1566 (eval $ac_compile) 2>&5
1566 ac_status=$? 1567 ac_status=$?
1567 echo "$as_me:1567: \$? = $ac_status" >&5 1568 echo "$as_me:1568: \$? = $ac_status" >&5
1568 (exit $ac_status); } && 1569 (exit $ac_status); } &&
1569 { ac_try='test -s conftest.$ac_objext' 1570 { ac_try='test -s conftest.$ac_objext'
1570 { (eval echo "$as_me:1570: \"$ac_try\"") >&5 1571 { (eval echo "$as_me:1571: \"$ac_try\"") >&5
1571 (eval $ac_try) 2>&5 1572 (eval $ac_try) 2>&5
1572 ac_status=$? 1573 ac_status=$?
1573 echo "$as_me:1573: \$? = $ac_status" >&5 1574 echo "$as_me:1574: \$? = $ac_status" >&5
1574 (exit $ac_status); }; }; then 1575 (exit $ac_status); }; }; then
1575 ac_cv_prog_cc_g=yes 1576 ac_cv_prog_cc_g=yes
1576else 1577else
@@ -1580,7 +1581,7 @@ ac_cv_prog_cc_g=no
1580fi 1581fi
1581rm -f conftest.$ac_objext conftest.$ac_ext 1582rm -f conftest.$ac_objext conftest.$ac_ext
1582fi 1583fi
1583echo "$as_me:1583: result: $ac_cv_prog_cc_g" >&5 1584echo "$as_me:1584: result: $ac_cv_prog_cc_g" >&5
1584echo "${ECHO_T}$ac_cv_prog_cc_g" >&6 1585echo "${ECHO_T}$ac_cv_prog_cc_g" >&6
1585if test "$ac_test_CFLAGS" = set; then 1586if test "$ac_test_CFLAGS" = set; then
1586 CFLAGS=$ac_save_CFLAGS 1587 CFLAGS=$ac_save_CFLAGS
@@ -1607,16 +1608,16 @@ cat >conftest.$ac_ext <<_ACEOF
1607#endif 1608#endif
1608_ACEOF 1609_ACEOF
1609rm -f conftest.$ac_objext 1610rm -f conftest.$ac_objext
1610if { (eval echo "$as_me:1610: \"$ac_compile\"") >&5 1611if { (eval echo "$as_me:1611: \"$ac_compile\"") >&5
1611 (eval $ac_compile) 2>&5 1612 (eval $ac_compile) 2>&5
1612 ac_status=$? 1613 ac_status=$?
1613 echo "$as_me:1613: \$? = $ac_status" >&5 1614 echo "$as_me:1614: \$? = $ac_status" >&5
1614 (exit $ac_status); } && 1615 (exit $ac_status); } &&
1615 { ac_try='test -s conftest.$ac_objext' 1616 { ac_try='test -s conftest.$ac_objext'
1616 { (eval echo "$as_me:1616: \"$ac_try\"") >&5 1617 { (eval echo "$as_me:1617: \"$ac_try\"") >&5
1617 (eval $ac_try) 2>&5 1618 (eval $ac_try) 2>&5
1618 ac_status=$? 1619 ac_status=$?
1619 echo "$as_me:1619: \$? = $ac_status" >&5 1620 echo "$as_me:1620: \$? = $ac_status" >&5
1620 (exit $ac_status); }; }; then 1621 (exit $ac_status); }; }; then
1621 for ac_declaration in \ 1622 for ac_declaration in \
1622 ''\ 1623 ''\
@@ -1628,7 +1629,7 @@ if { (eval echo "$as_me:1610: \"$ac_compile\"") >&5
1628 'void exit (int);' 1629 'void exit (int);'
1629do 1630do
1630 cat >conftest.$ac_ext <<_ACEOF 1631 cat >conftest.$ac_ext <<_ACEOF
1631#line 1631 "configure" 1632#line 1632 "configure"
1632#include "confdefs.h" 1633#include "confdefs.h"
1633#include <stdlib.h> 1634#include <stdlib.h>
1634$ac_declaration 1635$ac_declaration
@@ -1641,16 +1642,16 @@ exit (42);
1641} 1642}
1642_ACEOF 1643_ACEOF
1643rm -f conftest.$ac_objext 1644rm -f conftest.$ac_objext
1644if { (eval echo "$as_me:1644: \"$ac_compile\"") >&5 1645if { (eval echo "$as_me:1645: \"$ac_compile\"") >&5
1645 (eval $ac_compile) 2>&5 1646 (eval $ac_compile) 2>&5
1646 ac_status=$? 1647 ac_status=$?
1647 echo "$as_me:1647: \$? = $ac_status" >&5 1648 echo "$as_me:1648: \$? = $ac_status" >&5
1648 (exit $ac_status); } && 1649 (exit $ac_status); } &&
1649 { ac_try='test -s conftest.$ac_objext' 1650 { ac_try='test -s conftest.$ac_objext'
1650 { (eval echo "$as_me:1650: \"$ac_try\"") >&5 1651 { (eval echo "$as_me:1651: \"$ac_try\"") >&5
1651 (eval $ac_try) 2>&5 1652 (eval $ac_try) 2>&5
1652 ac_status=$? 1653 ac_status=$?
1653 echo "$as_me:1653: \$? = $ac_status" >&5 1654 echo "$as_me:1654: \$? = $ac_status" >&5
1654 (exit $ac_status); }; }; then 1655 (exit $ac_status); }; }; then
1655 : 1656 :
1656else 1657else
@@ -1660,7 +1661,7 @@ continue
1660fi 1661fi
1661rm -f conftest.$ac_objext conftest.$ac_ext 1662rm -f conftest.$ac_objext conftest.$ac_ext
1662 cat >conftest.$ac_ext <<_ACEOF 1663 cat >conftest.$ac_ext <<_ACEOF
1663#line 1663 "configure" 1664#line 1664 "configure"
1664#include "confdefs.h" 1665#include "confdefs.h"
1665$ac_declaration 1666$ac_declaration
1666int 1667int
@@ -1672,16 +1673,16 @@ exit (42);
1672} 1673}
1673_ACEOF 1674_ACEOF
1674rm -f conftest.$ac_objext 1675rm -f conftest.$ac_objext
1675if { (eval echo "$as_me:1675: \"$ac_compile\"") >&5 1676if { (eval echo "$as_me:1676: \"$ac_compile\"") >&5
1676 (eval $ac_compile) 2>&5 1677 (eval $ac_compile) 2>&5
1677 ac_status=$? 1678 ac_status=$?
1678 echo "$as_me:1678: \$? = $ac_status" >&5 1679 echo "$as_me:1679: \$? = $ac_status" >&5
1679 (exit $ac_status); } && 1680 (exit $ac_status); } &&
1680 { ac_try='test -s conftest.$ac_objext' 1681 { ac_try='test -s conftest.$ac_objext'
1681 { (eval echo "$as_me:1681: \"$ac_try\"") >&5 1682 { (eval echo "$as_me:1682: \"$ac_try\"") >&5
1682 (eval $ac_try) 2>&5 1683 (eval $ac_try) 2>&5
1683 ac_status=$? 1684 ac_status=$?
1684 echo "$as_me:1684: \$? = $ac_status" >&5 1685 echo "$as_me:1685: \$? = $ac_status" >&5
1685 (exit $ac_status); }; }; then 1686 (exit $ac_status); }; }; then
1686 break 1687 break
1687else 1688else
@@ -1725,7 +1726,7 @@ for ac_dir in $srcdir $srcdir/.. $srcdir/../..; do
1725 fi 1726 fi
1726done 1727done
1727if test -z "$ac_aux_dir"; then 1728if test -z "$ac_aux_dir"; then
1728 { { echo "$as_me:1728: error: cannot find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." >&5 1729 { { echo "$as_me:1729: error: cannot find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." >&5
1729echo "$as_me: error: cannot find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." >&2;} 1730echo "$as_me: error: cannot find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." >&2;}
1730 { (exit 1); exit 1; }; } 1731 { (exit 1); exit 1; }; }
1731fi 1732fi
@@ -1735,11 +1736,11 @@ ac_configure="$SHELL $ac_aux_dir/configure" # This should be Cygnus configure.
1735 1736
1736# Make sure we can run config.sub. 1737# Make sure we can run config.sub.
1737$ac_config_sub sun4 >/dev/null 2>&1 || 1738$ac_config_sub sun4 >/dev/null 2>&1 ||
1738 { { echo "$as_me:1738: error: cannot run $ac_config_sub" >&5 1739 { { echo "$as_me:1739: error: cannot run $ac_config_sub" >&5
1739echo "$as_me: error: cannot run $ac_config_sub" >&2;} 1740echo "$as_me: error: cannot run $ac_config_sub" >&2;}
1740 { (exit 1); exit 1; }; } 1741 { (exit 1); exit 1; }; }
1741 1742
1742echo "$as_me:1742: checking build system type" >&5 1743echo "$as_me:1743: checking build system type" >&5
1743echo $ECHO_N "checking build system type... $ECHO_C" >&6 1744echo $ECHO_N "checking build system type... $ECHO_C" >&6
1744if test "${ac_cv_build+set}" = set; then 1745if test "${ac_cv_build+set}" = set; then
1745 echo $ECHO_N "(cached) $ECHO_C" >&6 1746 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -1748,23 +1749,23 @@ else
1748test -z "$ac_cv_build_alias" && 1749test -z "$ac_cv_build_alias" &&
1749 ac_cv_build_alias=`$ac_config_guess` 1750 ac_cv_build_alias=`$ac_config_guess`
1750test -z "$ac_cv_build_alias" && 1751test -z "$ac_cv_build_alias" &&
1751 { { echo "$as_me:1751: error: cannot guess build type; you must specify one" >&5 1752 { { echo "$as_me:1752: error: cannot guess build type; you must specify one" >&5
1752echo "$as_me: error: cannot guess build type; you must specify one" >&2;} 1753echo "$as_me: error: cannot guess build type; you must specify one" >&2;}
1753 { (exit 1); exit 1; }; } 1754 { (exit 1); exit 1; }; }
1754ac_cv_build=`$ac_config_sub $ac_cv_build_alias` || 1755ac_cv_build=`$ac_config_sub $ac_cv_build_alias` ||
1755 { { echo "$as_me:1755: error: $ac_config_sub $ac_cv_build_alias failed." >&5 1756 { { echo "$as_me:1756: error: $ac_config_sub $ac_cv_build_alias failed." >&5
1756echo "$as_me: error: $ac_config_sub $ac_cv_build_alias failed." >&2;} 1757echo "$as_me: error: $ac_config_sub $ac_cv_build_alias failed." >&2;}
1757 { (exit 1); exit 1; }; } 1758 { (exit 1); exit 1; }; }
1758 1759
1759fi 1760fi
1760echo "$as_me:1760: result: $ac_cv_build" >&5 1761echo "$as_me:1761: result: $ac_cv_build" >&5
1761echo "${ECHO_T}$ac_cv_build" >&6 1762echo "${ECHO_T}$ac_cv_build" >&6
1762build=$ac_cv_build 1763build=$ac_cv_build
1763build_cpu=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'` 1764build_cpu=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'`
1764build_vendor=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'` 1765build_vendor=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'`
1765build_os=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'` 1766build_os=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'`
1766 1767
1767echo "$as_me:1767: checking host system type" >&5 1768echo "$as_me:1768: checking host system type" >&5
1768echo $ECHO_N "checking host system type... $ECHO_C" >&6 1769echo $ECHO_N "checking host system type... $ECHO_C" >&6
1769if test "${ac_cv_host+set}" = set; then 1770if test "${ac_cv_host+set}" = set; then
1770 echo $ECHO_N "(cached) $ECHO_C" >&6 1771 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -1773,19 +1774,19 @@ else
1773test -z "$ac_cv_host_alias" && 1774test -z "$ac_cv_host_alias" &&
1774 ac_cv_host_alias=$ac_cv_build_alias 1775 ac_cv_host_alias=$ac_cv_build_alias
1775ac_cv_host=`$ac_config_sub $ac_cv_host_alias` || 1776ac_cv_host=`$ac_config_sub $ac_cv_host_alias` ||
1776 { { echo "$as_me:1776: error: $ac_config_sub $ac_cv_host_alias failed" >&5 1777 { { echo "$as_me:1777: error: $ac_config_sub $ac_cv_host_alias failed" >&5
1777echo "$as_me: error: $ac_config_sub $ac_cv_host_alias failed" >&2;} 1778echo "$as_me: error: $ac_config_sub $ac_cv_host_alias failed" >&2;}
1778 { (exit 1); exit 1; }; } 1779 { (exit 1); exit 1; }; }
1779 1780
1780fi 1781fi
1781echo "$as_me:1781: result: $ac_cv_host" >&5 1782echo "$as_me:1782: result: $ac_cv_host" >&5
1782echo "${ECHO_T}$ac_cv_host" >&6 1783echo "${ECHO_T}$ac_cv_host" >&6
1783host=$ac_cv_host 1784host=$ac_cv_host
1784host_cpu=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'` 1785host_cpu=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'`
1785host_vendor=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'` 1786host_vendor=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'`
1786host_os=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'` 1787host_os=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'`
1787 1788
1788echo "$as_me:1788: checking whether byte ordering is bigendian" >&5 1789echo "$as_me:1789: checking whether byte ordering is bigendian" >&5
1789echo $ECHO_N "checking whether byte ordering is bigendian... $ECHO_C" >&6 1790echo $ECHO_N "checking whether byte ordering is bigendian... $ECHO_C" >&6
1790if test "${ac_cv_c_bigendian+set}" = set; then 1791if test "${ac_cv_c_bigendian+set}" = set; then
1791 echo $ECHO_N "(cached) $ECHO_C" >&6 1792 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -1793,7 +1794,7 @@ else
1793 ac_cv_c_bigendian=unknown 1794 ac_cv_c_bigendian=unknown
1794# See if sys/param.h defines the BYTE_ORDER macro. 1795# See if sys/param.h defines the BYTE_ORDER macro.
1795cat >conftest.$ac_ext <<_ACEOF 1796cat >conftest.$ac_ext <<_ACEOF
1796#line 1796 "configure" 1797#line 1797 "configure"
1797#include "confdefs.h" 1798#include "confdefs.h"
1798#include <sys/types.h> 1799#include <sys/types.h>
1799#include <sys/param.h> 1800#include <sys/param.h>
@@ -1810,20 +1811,20 @@ main ()
1810} 1811}
1811_ACEOF 1812_ACEOF
1812rm -f conftest.$ac_objext 1813rm -f conftest.$ac_objext
1813if { (eval echo "$as_me:1813: \"$ac_compile\"") >&5 1814if { (eval echo "$as_me:1814: \"$ac_compile\"") >&5
1814 (eval $ac_compile) 2>&5 1815 (eval $ac_compile) 2>&5
1815 ac_status=$? 1816 ac_status=$?
1816 echo "$as_me:1816: \$? = $ac_status" >&5 1817 echo "$as_me:1817: \$? = $ac_status" >&5
1817 (exit $ac_status); } && 1818 (exit $ac_status); } &&
1818 { ac_try='test -s conftest.$ac_objext' 1819 { ac_try='test -s conftest.$ac_objext'
1819 { (eval echo "$as_me:1819: \"$ac_try\"") >&5 1820 { (eval echo "$as_me:1820: \"$ac_try\"") >&5
1820 (eval $ac_try) 2>&5 1821 (eval $ac_try) 2>&5
1821 ac_status=$? 1822 ac_status=$?
1822 echo "$as_me:1822: \$? = $ac_status" >&5 1823 echo "$as_me:1823: \$? = $ac_status" >&5
1823 (exit $ac_status); }; }; then 1824 (exit $ac_status); }; }; then
1824 # It does; now see whether it defined to BIG_ENDIAN or not. 1825 # It does; now see whether it defined to BIG_ENDIAN or not.
1825cat >conftest.$ac_ext <<_ACEOF 1826cat >conftest.$ac_ext <<_ACEOF
1826#line 1826 "configure" 1827#line 1827 "configure"
1827#include "confdefs.h" 1828#include "confdefs.h"
1828#include <sys/types.h> 1829#include <sys/types.h>
1829#include <sys/param.h> 1830#include <sys/param.h>
@@ -1840,16 +1841,16 @@ main ()
1840} 1841}
1841_ACEOF 1842_ACEOF
1842rm -f conftest.$ac_objext 1843rm -f conftest.$ac_objext
1843if { (eval echo "$as_me:1843: \"$ac_compile\"") >&5 1844if { (eval echo "$as_me:1844: \"$ac_compile\"") >&5
1844 (eval $ac_compile) 2>&5 1845 (eval $ac_compile) 2>&5
1845 ac_status=$? 1846 ac_status=$?
1846 echo "$as_me:1846: \$? = $ac_status" >&5 1847 echo "$as_me:1847: \$? = $ac_status" >&5
1847 (exit $ac_status); } && 1848 (exit $ac_status); } &&
1848 { ac_try='test -s conftest.$ac_objext' 1849 { ac_try='test -s conftest.$ac_objext'
1849 { (eval echo "$as_me:1849: \"$ac_try\"") >&5 1850 { (eval echo "$as_me:1850: \"$ac_try\"") >&5
1850 (eval $ac_try) 2>&5 1851 (eval $ac_try) 2>&5
1851 ac_status=$? 1852 ac_status=$?
1852 echo "$as_me:1852: \$? = $ac_status" >&5 1853 echo "$as_me:1853: \$? = $ac_status" >&5
1853 (exit $ac_status); }; }; then 1854 (exit $ac_status); }; }; then
1854 ac_cv_c_bigendian=yes 1855 ac_cv_c_bigendian=yes
1855else 1856else
@@ -1865,12 +1866,12 @@ fi
1865rm -f conftest.$ac_objext conftest.$ac_ext 1866rm -f conftest.$ac_objext conftest.$ac_ext
1866if test $ac_cv_c_bigendian = unknown; then 1867if test $ac_cv_c_bigendian = unknown; then
1867if test "$cross_compiling" = yes; then 1868if test "$cross_compiling" = yes; then
1868 { { echo "$as_me:1868: error: cannot run test program while cross compiling" >&5 1869 { { echo "$as_me:1869: error: cannot run test program while cross compiling" >&5
1869echo "$as_me: error: cannot run test program while cross compiling" >&2;} 1870echo "$as_me: error: cannot run test program while cross compiling" >&2;}
1870 { (exit 1); exit 1; }; } 1871 { (exit 1); exit 1; }; }
1871else 1872else
1872 cat >conftest.$ac_ext <<_ACEOF 1873 cat >conftest.$ac_ext <<_ACEOF
1873#line 1873 "configure" 1874#line 1874 "configure"
1874#include "confdefs.h" 1875#include "confdefs.h"
1875int 1876int
1876main () 1877main ()
@@ -1886,15 +1887,15 @@ main ()
1886} 1887}
1887_ACEOF 1888_ACEOF
1888rm -f conftest$ac_exeext 1889rm -f conftest$ac_exeext
1889if { (eval echo "$as_me:1889: \"$ac_link\"") >&5 1890if { (eval echo "$as_me:1890: \"$ac_link\"") >&5
1890 (eval $ac_link) 2>&5 1891 (eval $ac_link) 2>&5
1891 ac_status=$? 1892 ac_status=$?
1892 echo "$as_me:1892: \$? = $ac_status" >&5 1893 echo "$as_me:1893: \$? = $ac_status" >&5
1893 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' 1894 (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
1894 { (eval echo "$as_me:1894: \"$ac_try\"") >&5 1895 { (eval echo "$as_me:1895: \"$ac_try\"") >&5
1895 (eval $ac_try) 2>&5 1896 (eval $ac_try) 2>&5
1896 ac_status=$? 1897 ac_status=$?
1897 echo "$as_me:1897: \$? = $ac_status" >&5 1898 echo "$as_me:1898: \$? = $ac_status" >&5
1898 (exit $ac_status); }; }; then 1899 (exit $ac_status); }; }; then
1899 ac_cv_c_bigendian=no 1900 ac_cv_c_bigendian=no
1900else 1901else
@@ -1907,7 +1908,7 @@ rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
1907fi 1908fi
1908fi 1909fi
1909fi 1910fi
1910echo "$as_me:1910: result: $ac_cv_c_bigendian" >&5 1911echo "$as_me:1911: result: $ac_cv_c_bigendian" >&5
1911echo "${ECHO_T}$ac_cv_c_bigendian" >&6 1912echo "${ECHO_T}$ac_cv_c_bigendian" >&6
1912if test $ac_cv_c_bigendian = yes; then 1913if test $ac_cv_c_bigendian = yes; then
1913 1914
@@ -1922,7 +1923,7 @@ for ac_prog in mawk gawk nawk awk
1922do 1923do
1923 # Extract the first word of "$ac_prog", so it can be a program name with args. 1924 # Extract the first word of "$ac_prog", so it can be a program name with args.
1924set dummy $ac_prog; ac_word=$2 1925set dummy $ac_prog; ac_word=$2
1925echo "$as_me:1925: checking for $ac_word" >&5 1926echo "$as_me:1926: checking for $ac_word" >&5
1926echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 1927echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
1927if test "${ac_cv_prog_AWK+set}" = set; then 1928if test "${ac_cv_prog_AWK+set}" = set; then
1928 echo $ECHO_N "(cached) $ECHO_C" >&6 1929 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -1937,7 +1938,7 @@ for ac_dir in $ac_dummy; do
1937 test -z "$ac_dir" && ac_dir=. 1938 test -z "$ac_dir" && ac_dir=.
1938 $as_executable_p "$ac_dir/$ac_word" || continue 1939 $as_executable_p "$ac_dir/$ac_word" || continue
1939ac_cv_prog_AWK="$ac_prog" 1940ac_cv_prog_AWK="$ac_prog"
1940echo "$as_me:1940: found $ac_dir/$ac_word" >&5 1941echo "$as_me:1941: found $ac_dir/$ac_word" >&5
1941break 1942break
1942done 1943done
1943 1944
@@ -1945,10 +1946,10 @@ fi
1945fi 1946fi
1946AWK=$ac_cv_prog_AWK 1947AWK=$ac_cv_prog_AWK
1947if test -n "$AWK"; then 1948if test -n "$AWK"; then
1948 echo "$as_me:1948: result: $AWK" >&5 1949 echo "$as_me:1949: result: $AWK" >&5
1949echo "${ECHO_T}$AWK" >&6 1950echo "${ECHO_T}$AWK" >&6
1950else 1951else
1951 echo "$as_me:1951: result: no" >&5 1952 echo "$as_me:1952: result: no" >&5
1952echo "${ECHO_T}no" >&6 1953echo "${ECHO_T}no" >&6
1953fi 1954fi
1954 1955
@@ -1960,7 +1961,7 @@ ac_cpp='$CPP $CPPFLAGS'
1960ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' 1961ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
1961ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' 1962ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
1962ac_compiler_gnu=$ac_cv_c_compiler_gnu 1963ac_compiler_gnu=$ac_cv_c_compiler_gnu
1963echo "$as_me:1963: checking how to run the C preprocessor" >&5 1964echo "$as_me:1964: checking how to run the C preprocessor" >&5
1964echo $ECHO_N "checking how to run the C preprocessor... $ECHO_C" >&6 1965echo $ECHO_N "checking how to run the C preprocessor... $ECHO_C" >&6
1965# On Suns, sometimes $CPP names a directory. 1966# On Suns, sometimes $CPP names a directory.
1966if test -n "$CPP" && test -d "$CPP"; then 1967if test -n "$CPP" && test -d "$CPP"; then
@@ -1981,18 +1982,18 @@ do
1981 # On the NeXT, cc -E runs the code through the compiler's parser, 1982 # On the NeXT, cc -E runs the code through the compiler's parser,
1982 # not just through cpp. "Syntax error" is here to catch this case. 1983 # not just through cpp. "Syntax error" is here to catch this case.
1983 cat >conftest.$ac_ext <<_ACEOF 1984 cat >conftest.$ac_ext <<_ACEOF
1984#line 1984 "configure" 1985#line 1985 "configure"
1985#include "confdefs.h" 1986#include "confdefs.h"
1986#include <assert.h> 1987#include <assert.h>
1987 Syntax error 1988 Syntax error
1988_ACEOF 1989_ACEOF
1989if { (eval echo "$as_me:1989: \"$ac_cpp conftest.$ac_ext\"") >&5 1990if { (eval echo "$as_me:1990: \"$ac_cpp conftest.$ac_ext\"") >&5
1990 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 1991 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
1991 ac_status=$? 1992 ac_status=$?
1992 egrep -v '^ *\+' conftest.er1 >conftest.err 1993 egrep -v '^ *\+' conftest.er1 >conftest.err
1993 rm -f conftest.er1 1994 rm -f conftest.er1
1994 cat conftest.err >&5 1995 cat conftest.err >&5
1995 echo "$as_me:1995: \$? = $ac_status" >&5 1996 echo "$as_me:1996: \$? = $ac_status" >&5
1996 (exit $ac_status); } >/dev/null; then 1997 (exit $ac_status); } >/dev/null; then
1997 if test -s conftest.err; then 1998 if test -s conftest.err; then
1998 ac_cpp_err=$ac_c_preproc_warn_flag 1999 ac_cpp_err=$ac_c_preproc_warn_flag
@@ -2015,17 +2016,17 @@ rm -f conftest.err conftest.$ac_ext
2015 # OK, works on sane cases. Now check whether non-existent headers 2016 # OK, works on sane cases. Now check whether non-existent headers
2016 # can be detected and how. 2017 # can be detected and how.
2017 cat >conftest.$ac_ext <<_ACEOF 2018 cat >conftest.$ac_ext <<_ACEOF
2018#line 2018 "configure" 2019#line 2019 "configure"
2019#include "confdefs.h" 2020#include "confdefs.h"
2020#include <ac_nonexistent.h> 2021#include <ac_nonexistent.h>
2021_ACEOF 2022_ACEOF
2022if { (eval echo "$as_me:2022: \"$ac_cpp conftest.$ac_ext\"") >&5 2023if { (eval echo "$as_me:2023: \"$ac_cpp conftest.$ac_ext\"") >&5
2023 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 2024 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
2024 ac_status=$? 2025 ac_status=$?
2025 egrep -v '^ *\+' conftest.er1 >conftest.err 2026 egrep -v '^ *\+' conftest.er1 >conftest.err
2026 rm -f conftest.er1 2027 rm -f conftest.er1
2027 cat conftest.err >&5 2028 cat conftest.err >&5
2028 echo "$as_me:2028: \$? = $ac_status" >&5 2029 echo "$as_me:2029: \$? = $ac_status" >&5
2029 (exit $ac_status); } >/dev/null; then 2030 (exit $ac_status); } >/dev/null; then
2030 if test -s conftest.err; then 2031 if test -s conftest.err; then
2031 ac_cpp_err=$ac_c_preproc_warn_flag 2032 ac_cpp_err=$ac_c_preproc_warn_flag
@@ -2062,7 +2063,7 @@ fi
2062else 2063else
2063 ac_cv_prog_CPP=$CPP 2064 ac_cv_prog_CPP=$CPP
2064fi 2065fi
2065echo "$as_me:2065: result: $CPP" >&5 2066echo "$as_me:2066: result: $CPP" >&5
2066echo "${ECHO_T}$CPP" >&6 2067echo "${ECHO_T}$CPP" >&6
2067ac_preproc_ok=false 2068ac_preproc_ok=false
2068for ac_c_preproc_warn_flag in '' yes 2069for ac_c_preproc_warn_flag in '' yes
@@ -2072,18 +2073,18 @@ do
2072 # On the NeXT, cc -E runs the code through the compiler's parser, 2073 # On the NeXT, cc -E runs the code through the compiler's parser,
2073 # not just through cpp. "Syntax error" is here to catch this case. 2074 # not just through cpp. "Syntax error" is here to catch this case.
2074 cat >conftest.$ac_ext <<_ACEOF 2075 cat >conftest.$ac_ext <<_ACEOF
2075#line 2075 "configure" 2076#line 2076 "configure"
2076#include "confdefs.h" 2077#include "confdefs.h"
2077#include <assert.h> 2078#include <assert.h>
2078 Syntax error 2079 Syntax error
2079_ACEOF 2080_ACEOF
2080if { (eval echo "$as_me:2080: \"$ac_cpp conftest.$ac_ext\"") >&5 2081if { (eval echo "$as_me:2081: \"$ac_cpp conftest.$ac_ext\"") >&5
2081 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 2082 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
2082 ac_status=$? 2083 ac_status=$?
2083 egrep -v '^ *\+' conftest.er1 >conftest.err 2084 egrep -v '^ *\+' conftest.er1 >conftest.err
2084 rm -f conftest.er1 2085 rm -f conftest.er1
2085 cat conftest.err >&5 2086 cat conftest.err >&5
2086 echo "$as_me:2086: \$? = $ac_status" >&5 2087 echo "$as_me:2087: \$? = $ac_status" >&5
2087 (exit $ac_status); } >/dev/null; then 2088 (exit $ac_status); } >/dev/null; then
2088 if test -s conftest.err; then 2089 if test -s conftest.err; then
2089 ac_cpp_err=$ac_c_preproc_warn_flag 2090 ac_cpp_err=$ac_c_preproc_warn_flag
@@ -2106,17 +2107,17 @@ rm -f conftest.err conftest.$ac_ext
2106 # OK, works on sane cases. Now check whether non-existent headers 2107 # OK, works on sane cases. Now check whether non-existent headers
2107 # can be detected and how. 2108 # can be detected and how.
2108 cat >conftest.$ac_ext <<_ACEOF 2109 cat >conftest.$ac_ext <<_ACEOF
2109#line 2109 "configure" 2110#line 2110 "configure"
2110#include "confdefs.h" 2111#include "confdefs.h"
2111#include <ac_nonexistent.h> 2112#include <ac_nonexistent.h>
2112_ACEOF 2113_ACEOF
2113if { (eval echo "$as_me:2113: \"$ac_cpp conftest.$ac_ext\"") >&5 2114if { (eval echo "$as_me:2114: \"$ac_cpp conftest.$ac_ext\"") >&5
2114 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 2115 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
2115 ac_status=$? 2116 ac_status=$?
2116 egrep -v '^ *\+' conftest.er1 >conftest.err 2117 egrep -v '^ *\+' conftest.er1 >conftest.err
2117 rm -f conftest.er1 2118 rm -f conftest.er1
2118 cat conftest.err >&5 2119 cat conftest.err >&5
2119 echo "$as_me:2119: \$? = $ac_status" >&5 2120 echo "$as_me:2120: \$? = $ac_status" >&5
2120 (exit $ac_status); } >/dev/null; then 2121 (exit $ac_status); } >/dev/null; then
2121 if test -s conftest.err; then 2122 if test -s conftest.err; then
2122 ac_cpp_err=$ac_c_preproc_warn_flag 2123 ac_cpp_err=$ac_c_preproc_warn_flag
@@ -2144,7 +2145,7 @@ rm -f conftest.err conftest.$ac_ext
2144if $ac_preproc_ok; then 2145if $ac_preproc_ok; then
2145 : 2146 :
2146else 2147else
2147 { { echo "$as_me:2147: error: C preprocessor \"$CPP\" fails sanity check" >&5 2148 { { echo "$as_me:2148: error: C preprocessor \"$CPP\" fails sanity check" >&5
2148echo "$as_me: error: C preprocessor \"$CPP\" fails sanity check" >&2;} 2149echo "$as_me: error: C preprocessor \"$CPP\" fails sanity check" >&2;}
2149 { (exit 1); exit 1; }; } 2150 { (exit 1); exit 1; }; }
2150fi 2151fi
@@ -2158,7 +2159,7 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu
2158if test -n "$ac_tool_prefix"; then 2159if test -n "$ac_tool_prefix"; then
2159 # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args. 2160 # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args.
2160set dummy ${ac_tool_prefix}ranlib; ac_word=$2 2161set dummy ${ac_tool_prefix}ranlib; ac_word=$2
2161echo "$as_me:2161: checking for $ac_word" >&5 2162echo "$as_me:2162: checking for $ac_word" >&5
2162echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 2163echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
2163if test "${ac_cv_prog_RANLIB+set}" = set; then 2164if test "${ac_cv_prog_RANLIB+set}" = set; then
2164 echo $ECHO_N "(cached) $ECHO_C" >&6 2165 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -2173,7 +2174,7 @@ for ac_dir in $ac_dummy; do
2173 test -z "$ac_dir" && ac_dir=. 2174 test -z "$ac_dir" && ac_dir=.
2174 $as_executable_p "$ac_dir/$ac_word" || continue 2175 $as_executable_p "$ac_dir/$ac_word" || continue
2175ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" 2176ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib"
2176echo "$as_me:2176: found $ac_dir/$ac_word" >&5 2177echo "$as_me:2177: found $ac_dir/$ac_word" >&5
2177break 2178break
2178done 2179done
2179 2180
@@ -2181,10 +2182,10 @@ fi
2181fi 2182fi
2182RANLIB=$ac_cv_prog_RANLIB 2183RANLIB=$ac_cv_prog_RANLIB
2183if test -n "$RANLIB"; then 2184if test -n "$RANLIB"; then
2184 echo "$as_me:2184: result: $RANLIB" >&5 2185 echo "$as_me:2185: result: $RANLIB" >&5
2185echo "${ECHO_T}$RANLIB" >&6 2186echo "${ECHO_T}$RANLIB" >&6
2186else 2187else
2187 echo "$as_me:2187: result: no" >&5 2188 echo "$as_me:2188: result: no" >&5
2188echo "${ECHO_T}no" >&6 2189echo "${ECHO_T}no" >&6
2189fi 2190fi
2190 2191
@@ -2193,7 +2194,7 @@ if test -z "$ac_cv_prog_RANLIB"; then
2193 ac_ct_RANLIB=$RANLIB 2194 ac_ct_RANLIB=$RANLIB
2194 # Extract the first word of "ranlib", so it can be a program name with args. 2195 # Extract the first word of "ranlib", so it can be a program name with args.
2195set dummy ranlib; ac_word=$2 2196set dummy ranlib; ac_word=$2
2196echo "$as_me:2196: checking for $ac_word" >&5 2197echo "$as_me:2197: checking for $ac_word" >&5
2197echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 2198echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
2198if test "${ac_cv_prog_ac_ct_RANLIB+set}" = set; then 2199if test "${ac_cv_prog_ac_ct_RANLIB+set}" = set; then
2199 echo $ECHO_N "(cached) $ECHO_C" >&6 2200 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -2208,7 +2209,7 @@ for ac_dir in $ac_dummy; do
2208 test -z "$ac_dir" && ac_dir=. 2209 test -z "$ac_dir" && ac_dir=.
2209 $as_executable_p "$ac_dir/$ac_word" || continue 2210 $as_executable_p "$ac_dir/$ac_word" || continue
2210ac_cv_prog_ac_ct_RANLIB="ranlib" 2211ac_cv_prog_ac_ct_RANLIB="ranlib"
2211echo "$as_me:2211: found $ac_dir/$ac_word" >&5 2212echo "$as_me:2212: found $ac_dir/$ac_word" >&5
2212break 2213break
2213done 2214done
2214 2215
@@ -2217,10 +2218,10 @@ fi
2217fi 2218fi
2218ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB 2219ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB
2219if test -n "$ac_ct_RANLIB"; then 2220if test -n "$ac_ct_RANLIB"; then
2220 echo "$as_me:2220: result: $ac_ct_RANLIB" >&5 2221 echo "$as_me:2221: result: $ac_ct_RANLIB" >&5
2221echo "${ECHO_T}$ac_ct_RANLIB" >&6 2222echo "${ECHO_T}$ac_ct_RANLIB" >&6
2222else 2223else
2223 echo "$as_me:2223: result: no" >&5 2224 echo "$as_me:2224: result: no" >&5
2224echo "${ECHO_T}no" >&6 2225echo "${ECHO_T}no" >&6
2225fi 2226fi
2226 2227
@@ -2241,7 +2242,7 @@ fi
2241# AFS /usr/afsws/bin/install, which mishandles nonexistent args 2242# AFS /usr/afsws/bin/install, which mishandles nonexistent args
2242# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" 2243# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff"
2243# ./install, which can be erroneously created by make from ./install.sh. 2244# ./install, which can be erroneously created by make from ./install.sh.
2244echo "$as_me:2244: checking for a BSD compatible install" >&5 2245echo "$as_me:2245: checking for a BSD compatible install" >&5
2245echo $ECHO_N "checking for a BSD compatible install... $ECHO_C" >&6 2246echo $ECHO_N "checking for a BSD compatible install... $ECHO_C" >&6
2246if test -z "$INSTALL"; then 2247if test -z "$INSTALL"; then
2247if test "${ac_cv_path_install+set}" = set; then 2248if test "${ac_cv_path_install+set}" = set; then
@@ -2290,7 +2291,7 @@ fi
2290 INSTALL=$ac_install_sh 2291 INSTALL=$ac_install_sh
2291 fi 2292 fi
2292fi 2293fi
2293echo "$as_me:2293: result: $INSTALL" >&5 2294echo "$as_me:2294: result: $INSTALL" >&5
2294echo "${ECHO_T}$INSTALL" >&6 2295echo "${ECHO_T}$INSTALL" >&6
2295 2296
2296# Use test -z because SunOS4 sh mishandles braces in ${var-val}. 2297# Use test -z because SunOS4 sh mishandles braces in ${var-val}.
@@ -2303,7 +2304,7 @@ test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644'
2303 2304
2304# Extract the first word of "ar", so it can be a program name with args. 2305# Extract the first word of "ar", so it can be a program name with args.
2305set dummy ar; ac_word=$2 2306set dummy ar; ac_word=$2
2306echo "$as_me:2306: checking for $ac_word" >&5 2307echo "$as_me:2307: checking for $ac_word" >&5
2307echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 2308echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
2308if test "${ac_cv_path_AR+set}" = set; then 2309if test "${ac_cv_path_AR+set}" = set; then
2309 echo $ECHO_N "(cached) $ECHO_C" >&6 2310 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -2320,7 +2321,7 @@ for ac_dir in $ac_dummy; do
2320 test -z "$ac_dir" && ac_dir=. 2321 test -z "$ac_dir" && ac_dir=.
2321 if $as_executable_p "$ac_dir/$ac_word"; then 2322 if $as_executable_p "$ac_dir/$ac_word"; then
2322 ac_cv_path_AR="$ac_dir/$ac_word" 2323 ac_cv_path_AR="$ac_dir/$ac_word"
2323 echo "$as_me:2323: found $ac_dir/$ac_word" >&5 2324 echo "$as_me:2324: found $ac_dir/$ac_word" >&5
2324 break 2325 break
2325fi 2326fi
2326done 2327done
@@ -2331,10 +2332,10 @@ fi
2331AR=$ac_cv_path_AR 2332AR=$ac_cv_path_AR
2332 2333
2333if test -n "$AR"; then 2334if test -n "$AR"; then
2334 echo "$as_me:2334: result: $AR" >&5 2335 echo "$as_me:2335: result: $AR" >&5
2335echo "${ECHO_T}$AR" >&6 2336echo "${ECHO_T}$AR" >&6
2336else 2337else
2337 echo "$as_me:2337: result: no" >&5 2338 echo "$as_me:2338: result: no" >&5
2338echo "${ECHO_T}no" >&6 2339echo "${ECHO_T}no" >&6
2339fi 2340fi
2340 2341
@@ -2342,7 +2343,7 @@ for ac_prog in perl5 perl
2342do 2343do
2343 # Extract the first word of "$ac_prog", so it can be a program name with args. 2344 # Extract the first word of "$ac_prog", so it can be a program name with args.
2344set dummy $ac_prog; ac_word=$2 2345set dummy $ac_prog; ac_word=$2
2345echo "$as_me:2345: checking for $ac_word" >&5 2346echo "$as_me:2346: checking for $ac_word" >&5
2346echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 2347echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
2347if test "${ac_cv_path_PERL+set}" = set; then 2348if test "${ac_cv_path_PERL+set}" = set; then
2348 echo $ECHO_N "(cached) $ECHO_C" >&6 2349 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -2359,7 +2360,7 @@ for ac_dir in $ac_dummy; do
2359 test -z "$ac_dir" && ac_dir=. 2360 test -z "$ac_dir" && ac_dir=.
2360 if $as_executable_p "$ac_dir/$ac_word"; then 2361 if $as_executable_p "$ac_dir/$ac_word"; then
2361 ac_cv_path_PERL="$ac_dir/$ac_word" 2362 ac_cv_path_PERL="$ac_dir/$ac_word"
2362 echo "$as_me:2362: found $ac_dir/$ac_word" >&5 2363 echo "$as_me:2363: found $ac_dir/$ac_word" >&5
2363 break 2364 break
2364fi 2365fi
2365done 2366done
@@ -2370,10 +2371,10 @@ fi
2370PERL=$ac_cv_path_PERL 2371PERL=$ac_cv_path_PERL
2371 2372
2372if test -n "$PERL"; then 2373if test -n "$PERL"; then
2373 echo "$as_me:2373: result: $PERL" >&5 2374 echo "$as_me:2374: result: $PERL" >&5
2374echo "${ECHO_T}$PERL" >&6 2375echo "${ECHO_T}$PERL" >&6
2375else 2376else
2376 echo "$as_me:2376: result: no" >&5 2377 echo "$as_me:2377: result: no" >&5
2377echo "${ECHO_T}no" >&6 2378echo "${ECHO_T}no" >&6
2378fi 2379fi
2379 2380
@@ -2382,7 +2383,7 @@ done
2382 2383
2383# Extract the first word of "sed", so it can be a program name with args. 2384# Extract the first word of "sed", so it can be a program name with args.
2384set dummy sed; ac_word=$2 2385set dummy sed; ac_word=$2
2385echo "$as_me:2385: checking for $ac_word" >&5 2386echo "$as_me:2386: checking for $ac_word" >&5
2386echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 2387echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
2387if test "${ac_cv_path_SED+set}" = set; then 2388if test "${ac_cv_path_SED+set}" = set; then
2388 echo $ECHO_N "(cached) $ECHO_C" >&6 2389 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -2399,7 +2400,7 @@ for ac_dir in $ac_dummy; do
2399 test -z "$ac_dir" && ac_dir=. 2400 test -z "$ac_dir" && ac_dir=.
2400 if $as_executable_p "$ac_dir/$ac_word"; then 2401 if $as_executable_p "$ac_dir/$ac_word"; then
2401 ac_cv_path_SED="$ac_dir/$ac_word" 2402 ac_cv_path_SED="$ac_dir/$ac_word"
2402 echo "$as_me:2402: found $ac_dir/$ac_word" >&5 2403 echo "$as_me:2403: found $ac_dir/$ac_word" >&5
2403 break 2404 break
2404fi 2405fi
2405done 2406done
@@ -2410,16 +2411,16 @@ fi
2410SED=$ac_cv_path_SED 2411SED=$ac_cv_path_SED
2411 2412
2412if test -n "$SED"; then 2413if test -n "$SED"; then
2413 echo "$as_me:2413: result: $SED" >&5 2414 echo "$as_me:2414: result: $SED" >&5
2414echo "${ECHO_T}$SED" >&6 2415echo "${ECHO_T}$SED" >&6
2415else 2416else
2416 echo "$as_me:2416: result: no" >&5 2417 echo "$as_me:2417: result: no" >&5
2417echo "${ECHO_T}no" >&6 2418echo "${ECHO_T}no" >&6
2418fi 2419fi
2419 2420
2420# Extract the first word of "ent", so it can be a program name with args. 2421# Extract the first word of "ent", so it can be a program name with args.
2421set dummy ent; ac_word=$2 2422set dummy ent; ac_word=$2
2422echo "$as_me:2422: checking for $ac_word" >&5 2423echo "$as_me:2423: checking for $ac_word" >&5
2423echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 2424echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
2424if test "${ac_cv_path_ENT+set}" = set; then 2425if test "${ac_cv_path_ENT+set}" = set; then
2425 echo $ECHO_N "(cached) $ECHO_C" >&6 2426 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -2436,7 +2437,7 @@ for ac_dir in $ac_dummy; do
2436 test -z "$ac_dir" && ac_dir=. 2437 test -z "$ac_dir" && ac_dir=.
2437 if $as_executable_p "$ac_dir/$ac_word"; then 2438 if $as_executable_p "$ac_dir/$ac_word"; then
2438 ac_cv_path_ENT="$ac_dir/$ac_word" 2439 ac_cv_path_ENT="$ac_dir/$ac_word"
2439 echo "$as_me:2439: found $ac_dir/$ac_word" >&5 2440 echo "$as_me:2440: found $ac_dir/$ac_word" >&5
2440 break 2441 break
2441fi 2442fi
2442done 2443done
@@ -2447,16 +2448,16 @@ fi
2447ENT=$ac_cv_path_ENT 2448ENT=$ac_cv_path_ENT
2448 2449
2449if test -n "$ENT"; then 2450if test -n "$ENT"; then
2450 echo "$as_me:2450: result: $ENT" >&5 2451 echo "$as_me:2451: result: $ENT" >&5
2451echo "${ECHO_T}$ENT" >&6 2452echo "${ECHO_T}$ENT" >&6
2452else 2453else
2453 echo "$as_me:2453: result: no" >&5 2454 echo "$as_me:2454: result: no" >&5
2454echo "${ECHO_T}no" >&6 2455echo "${ECHO_T}no" >&6
2455fi 2456fi
2456 2457
2457# Extract the first word of "bash", so it can be a program name with args. 2458# Extract the first word of "bash", so it can be a program name with args.
2458set dummy bash; ac_word=$2 2459set dummy bash; ac_word=$2
2459echo "$as_me:2459: checking for $ac_word" >&5 2460echo "$as_me:2460: checking for $ac_word" >&5
2460echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 2461echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
2461if test "${ac_cv_path_TEST_MINUS_S_SH+set}" = set; then 2462if test "${ac_cv_path_TEST_MINUS_S_SH+set}" = set; then
2462 echo $ECHO_N "(cached) $ECHO_C" >&6 2463 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -2473,7 +2474,7 @@ for ac_dir in $ac_dummy; do
2473 test -z "$ac_dir" && ac_dir=. 2474 test -z "$ac_dir" && ac_dir=.
2474 if $as_executable_p "$ac_dir/$ac_word"; then 2475 if $as_executable_p "$ac_dir/$ac_word"; then
2475 ac_cv_path_TEST_MINUS_S_SH="$ac_dir/$ac_word" 2476 ac_cv_path_TEST_MINUS_S_SH="$ac_dir/$ac_word"
2476 echo "$as_me:2476: found $ac_dir/$ac_word" >&5 2477 echo "$as_me:2477: found $ac_dir/$ac_word" >&5
2477 break 2478 break
2478fi 2479fi
2479done 2480done
@@ -2484,16 +2485,16 @@ fi
2484TEST_MINUS_S_SH=$ac_cv_path_TEST_MINUS_S_SH 2485TEST_MINUS_S_SH=$ac_cv_path_TEST_MINUS_S_SH
2485 2486
2486if test -n "$TEST_MINUS_S_SH"; then 2487if test -n "$TEST_MINUS_S_SH"; then
2487 echo "$as_me:2487: result: $TEST_MINUS_S_SH" >&5 2488 echo "$as_me:2488: result: $TEST_MINUS_S_SH" >&5
2488echo "${ECHO_T}$TEST_MINUS_S_SH" >&6 2489echo "${ECHO_T}$TEST_MINUS_S_SH" >&6
2489else 2490else
2490 echo "$as_me:2490: result: no" >&5 2491 echo "$as_me:2491: result: no" >&5
2491echo "${ECHO_T}no" >&6 2492echo "${ECHO_T}no" >&6
2492fi 2493fi
2493 2494
2494# Extract the first word of "ksh", so it can be a program name with args. 2495# Extract the first word of "ksh", so it can be a program name with args.
2495set dummy ksh; ac_word=$2 2496set dummy ksh; ac_word=$2
2496echo "$as_me:2496: checking for $ac_word" >&5 2497echo "$as_me:2497: checking for $ac_word" >&5
2497echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 2498echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
2498if test "${ac_cv_path_TEST_MINUS_S_SH+set}" = set; then 2499if test "${ac_cv_path_TEST_MINUS_S_SH+set}" = set; then
2499 echo $ECHO_N "(cached) $ECHO_C" >&6 2500 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -2510,7 +2511,7 @@ for ac_dir in $ac_dummy; do
2510 test -z "$ac_dir" && ac_dir=. 2511 test -z "$ac_dir" && ac_dir=.
2511 if $as_executable_p "$ac_dir/$ac_word"; then 2512 if $as_executable_p "$ac_dir/$ac_word"; then
2512 ac_cv_path_TEST_MINUS_S_SH="$ac_dir/$ac_word" 2513 ac_cv_path_TEST_MINUS_S_SH="$ac_dir/$ac_word"
2513 echo "$as_me:2513: found $ac_dir/$ac_word" >&5 2514 echo "$as_me:2514: found $ac_dir/$ac_word" >&5
2514 break 2515 break
2515fi 2516fi
2516done 2517done
@@ -2521,16 +2522,16 @@ fi
2521TEST_MINUS_S_SH=$ac_cv_path_TEST_MINUS_S_SH 2522TEST_MINUS_S_SH=$ac_cv_path_TEST_MINUS_S_SH
2522 2523
2523if test -n "$TEST_MINUS_S_SH"; then 2524if test -n "$TEST_MINUS_S_SH"; then
2524 echo "$as_me:2524: result: $TEST_MINUS_S_SH" >&5 2525 echo "$as_me:2525: result: $TEST_MINUS_S_SH" >&5
2525echo "${ECHO_T}$TEST_MINUS_S_SH" >&6 2526echo "${ECHO_T}$TEST_MINUS_S_SH" >&6
2526else 2527else
2527 echo "$as_me:2527: result: no" >&5 2528 echo "$as_me:2528: result: no" >&5
2528echo "${ECHO_T}no" >&6 2529echo "${ECHO_T}no" >&6
2529fi 2530fi
2530 2531
2531# Extract the first word of "sh", so it can be a program name with args. 2532# Extract the first word of "sh", so it can be a program name with args.
2532set dummy sh; ac_word=$2 2533set dummy sh; ac_word=$2
2533echo "$as_me:2533: checking for $ac_word" >&5 2534echo "$as_me:2534: checking for $ac_word" >&5
2534echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 2535echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
2535if test "${ac_cv_path_TEST_MINUS_S_SH+set}" = set; then 2536if test "${ac_cv_path_TEST_MINUS_S_SH+set}" = set; then
2536 echo $ECHO_N "(cached) $ECHO_C" >&6 2537 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -2547,7 +2548,7 @@ for ac_dir in $ac_dummy; do
2547 test -z "$ac_dir" && ac_dir=. 2548 test -z "$ac_dir" && ac_dir=.
2548 if $as_executable_p "$ac_dir/$ac_word"; then 2549 if $as_executable_p "$ac_dir/$ac_word"; then
2549 ac_cv_path_TEST_MINUS_S_SH="$ac_dir/$ac_word" 2550 ac_cv_path_TEST_MINUS_S_SH="$ac_dir/$ac_word"
2550 echo "$as_me:2550: found $ac_dir/$ac_word" >&5 2551 echo "$as_me:2551: found $ac_dir/$ac_word" >&5
2551 break 2552 break
2552fi 2553fi
2553done 2554done
@@ -2558,16 +2559,16 @@ fi
2558TEST_MINUS_S_SH=$ac_cv_path_TEST_MINUS_S_SH 2559TEST_MINUS_S_SH=$ac_cv_path_TEST_MINUS_S_SH
2559 2560
2560if test -n "$TEST_MINUS_S_SH"; then 2561if test -n "$TEST_MINUS_S_SH"; then
2561 echo "$as_me:2561: result: $TEST_MINUS_S_SH" >&5 2562 echo "$as_me:2562: result: $TEST_MINUS_S_SH" >&5
2562echo "${ECHO_T}$TEST_MINUS_S_SH" >&6 2563echo "${ECHO_T}$TEST_MINUS_S_SH" >&6
2563else 2564else
2564 echo "$as_me:2564: result: no" >&5 2565 echo "$as_me:2565: result: no" >&5
2565echo "${ECHO_T}no" >&6 2566echo "${ECHO_T}no" >&6
2566fi 2567fi
2567 2568
2568# Extract the first word of "sh", so it can be a program name with args. 2569# Extract the first word of "sh", so it can be a program name with args.
2569set dummy sh; ac_word=$2 2570set dummy sh; ac_word=$2
2570echo "$as_me:2570: checking for $ac_word" >&5 2571echo "$as_me:2571: checking for $ac_word" >&5
2571echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 2572echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
2572if test "${ac_cv_path_SH+set}" = set; then 2573if test "${ac_cv_path_SH+set}" = set; then
2573 echo $ECHO_N "(cached) $ECHO_C" >&6 2574 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -2584,7 +2585,7 @@ for ac_dir in $ac_dummy; do
2584 test -z "$ac_dir" && ac_dir=. 2585 test -z "$ac_dir" && ac_dir=.
2585 if $as_executable_p "$ac_dir/$ac_word"; then 2586 if $as_executable_p "$ac_dir/$ac_word"; then
2586 ac_cv_path_SH="$ac_dir/$ac_word" 2587 ac_cv_path_SH="$ac_dir/$ac_word"
2587 echo "$as_me:2587: found $ac_dir/$ac_word" >&5 2588 echo "$as_me:2588: found $ac_dir/$ac_word" >&5
2588 break 2589 break
2589fi 2590fi
2590done 2591done
@@ -2595,10 +2596,10 @@ fi
2595SH=$ac_cv_path_SH 2596SH=$ac_cv_path_SH
2596 2597
2597if test -n "$SH"; then 2598if test -n "$SH"; then
2598 echo "$as_me:2598: result: $SH" >&5 2599 echo "$as_me:2599: result: $SH" >&5
2599echo "${ECHO_T}$SH" >&6 2600echo "${ECHO_T}$SH" >&6
2600else 2601else
2601 echo "$as_me:2601: result: no" >&5 2602 echo "$as_me:2602: result: no" >&5
2602echo "${ECHO_T}no" >&6 2603echo "${ECHO_T}no" >&6
2603fi 2604fi
2604 2605
@@ -2610,7 +2611,7 @@ if test "${enable_largefile+set}" = set; then
2610fi; 2611fi;
2611if test "$enable_largefile" != no; then 2612if test "$enable_largefile" != no; then
2612 2613
2613 echo "$as_me:2613: checking for special C compiler options needed for large files" >&5 2614 echo "$as_me:2614: checking for special C compiler options needed for large files" >&5
2614echo $ECHO_N "checking for special C compiler options needed for large files... $ECHO_C" >&6 2615echo $ECHO_N "checking for special C compiler options needed for large files... $ECHO_C" >&6
2615if test "${ac_cv_sys_largefile_CC+set}" = set; then 2616if test "${ac_cv_sys_largefile_CC+set}" = set; then
2616 echo $ECHO_N "(cached) $ECHO_C" >&6 2617 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -2622,7 +2623,7 @@ else
2622 # IRIX 6.2 and later do not support large files by default, 2623 # IRIX 6.2 and later do not support large files by default,
2623 # so use the C compiler's -n32 option if that helps. 2624 # so use the C compiler's -n32 option if that helps.
2624 cat >conftest.$ac_ext <<_ACEOF 2625 cat >conftest.$ac_ext <<_ACEOF
2625#line 2625 "configure" 2626#line 2626 "configure"
2626#include "confdefs.h" 2627#include "confdefs.h"
2627#include <sys/types.h> 2628#include <sys/types.h>
2628 /* Check that off_t can represent 2**63 - 1 correctly. 2629 /* Check that off_t can represent 2**63 - 1 correctly.
@@ -2642,16 +2643,16 @@ main ()
2642} 2643}
2643_ACEOF 2644_ACEOF
2644 rm -f conftest.$ac_objext 2645 rm -f conftest.$ac_objext
2645if { (eval echo "$as_me:2645: \"$ac_compile\"") >&5 2646if { (eval echo "$as_me:2646: \"$ac_compile\"") >&5
2646 (eval $ac_compile) 2>&5 2647 (eval $ac_compile) 2>&5
2647 ac_status=$? 2648 ac_status=$?
2648 echo "$as_me:2648: \$? = $ac_status" >&5 2649 echo "$as_me:2649: \$? = $ac_status" >&5
2649 (exit $ac_status); } && 2650 (exit $ac_status); } &&
2650 { ac_try='test -s conftest.$ac_objext' 2651 { ac_try='test -s conftest.$ac_objext'
2651 { (eval echo "$as_me:2651: \"$ac_try\"") >&5 2652 { (eval echo "$as_me:2652: \"$ac_try\"") >&5
2652 (eval $ac_try) 2>&5 2653 (eval $ac_try) 2>&5
2653 ac_status=$? 2654 ac_status=$?
2654 echo "$as_me:2654: \$? = $ac_status" >&5 2655 echo "$as_me:2655: \$? = $ac_status" >&5
2655 (exit $ac_status); }; }; then 2656 (exit $ac_status); }; }; then
2656 break 2657 break
2657else 2658else
@@ -2661,16 +2662,16 @@ fi
2661rm -f conftest.$ac_objext 2662rm -f conftest.$ac_objext
2662 CC="$CC -n32" 2663 CC="$CC -n32"
2663 rm -f conftest.$ac_objext 2664 rm -f conftest.$ac_objext
2664if { (eval echo "$as_me:2664: \"$ac_compile\"") >&5 2665if { (eval echo "$as_me:2665: \"$ac_compile\"") >&5
2665 (eval $ac_compile) 2>&5 2666 (eval $ac_compile) 2>&5
2666 ac_status=$? 2667 ac_status=$?
2667 echo "$as_me:2667: \$? = $ac_status" >&5 2668 echo "$as_me:2668: \$? = $ac_status" >&5
2668 (exit $ac_status); } && 2669 (exit $ac_status); } &&
2669 { ac_try='test -s conftest.$ac_objext' 2670 { ac_try='test -s conftest.$ac_objext'
2670 { (eval echo "$as_me:2670: \"$ac_try\"") >&5 2671 { (eval echo "$as_me:2671: \"$ac_try\"") >&5
2671 (eval $ac_try) 2>&5 2672 (eval $ac_try) 2>&5
2672 ac_status=$? 2673 ac_status=$?
2673 echo "$as_me:2673: \$? = $ac_status" >&5 2674 echo "$as_me:2674: \$? = $ac_status" >&5
2674 (exit $ac_status); }; }; then 2675 (exit $ac_status); }; }; then
2675 ac_cv_sys_largefile_CC=' -n32'; break 2676 ac_cv_sys_largefile_CC=' -n32'; break
2676else 2677else
@@ -2684,13 +2685,13 @@ rm -f conftest.$ac_objext
2684 rm -f conftest.$ac_ext 2685 rm -f conftest.$ac_ext
2685 fi 2686 fi
2686fi 2687fi
2687echo "$as_me:2687: result: $ac_cv_sys_largefile_CC" >&5 2688echo "$as_me:2688: result: $ac_cv_sys_largefile_CC" >&5
2688echo "${ECHO_T}$ac_cv_sys_largefile_CC" >&6 2689echo "${ECHO_T}$ac_cv_sys_largefile_CC" >&6
2689 if test "$ac_cv_sys_largefile_CC" != no; then 2690 if test "$ac_cv_sys_largefile_CC" != no; then
2690 CC=$CC$ac_cv_sys_largefile_CC 2691 CC=$CC$ac_cv_sys_largefile_CC
2691 fi 2692 fi
2692 2693
2693 echo "$as_me:2693: checking for _FILE_OFFSET_BITS value needed for large files" >&5 2694 echo "$as_me:2694: checking for _FILE_OFFSET_BITS value needed for large files" >&5
2694echo $ECHO_N "checking for _FILE_OFFSET_BITS value needed for large files... $ECHO_C" >&6 2695echo $ECHO_N "checking for _FILE_OFFSET_BITS value needed for large files... $ECHO_C" >&6
2695if test "${ac_cv_sys_file_offset_bits+set}" = set; then 2696if test "${ac_cv_sys_file_offset_bits+set}" = set; then
2696 echo $ECHO_N "(cached) $ECHO_C" >&6 2697 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -2698,7 +2699,7 @@ else
2698 while :; do 2699 while :; do
2699 ac_cv_sys_file_offset_bits=no 2700 ac_cv_sys_file_offset_bits=no
2700 cat >conftest.$ac_ext <<_ACEOF 2701 cat >conftest.$ac_ext <<_ACEOF
2701#line 2701 "configure" 2702#line 2702 "configure"
2702#include "confdefs.h" 2703#include "confdefs.h"
2703#include <sys/types.h> 2704#include <sys/types.h>
2704 /* Check that off_t can represent 2**63 - 1 correctly. 2705 /* Check that off_t can represent 2**63 - 1 correctly.
@@ -2718,16 +2719,16 @@ main ()
2718} 2719}
2719_ACEOF 2720_ACEOF
2720rm -f conftest.$ac_objext 2721rm -f conftest.$ac_objext
2721if { (eval echo "$as_me:2721: \"$ac_compile\"") >&5 2722if { (eval echo "$as_me:2722: \"$ac_compile\"") >&5
2722 (eval $ac_compile) 2>&5 2723 (eval $ac_compile) 2>&5
2723 ac_status=$? 2724 ac_status=$?
2724 echo "$as_me:2724: \$? = $ac_status" >&5 2725 echo "$as_me:2725: \$? = $ac_status" >&5
2725 (exit $ac_status); } && 2726 (exit $ac_status); } &&
2726 { ac_try='test -s conftest.$ac_objext' 2727 { ac_try='test -s conftest.$ac_objext'
2727 { (eval echo "$as_me:2727: \"$ac_try\"") >&5 2728 { (eval echo "$as_me:2728: \"$ac_try\"") >&5
2728 (eval $ac_try) 2>&5 2729 (eval $ac_try) 2>&5
2729 ac_status=$? 2730 ac_status=$?
2730 echo "$as_me:2730: \$? = $ac_status" >&5 2731 echo "$as_me:2731: \$? = $ac_status" >&5
2731 (exit $ac_status); }; }; then 2732 (exit $ac_status); }; }; then
2732 break 2733 break
2733else 2734else
@@ -2736,7 +2737,7 @@ cat conftest.$ac_ext >&5
2736fi 2737fi
2737rm -f conftest.$ac_objext conftest.$ac_ext 2738rm -f conftest.$ac_objext conftest.$ac_ext
2738 cat >conftest.$ac_ext <<_ACEOF 2739 cat >conftest.$ac_ext <<_ACEOF
2739#line 2739 "configure" 2740#line 2740 "configure"
2740#include "confdefs.h" 2741#include "confdefs.h"
2741#define _FILE_OFFSET_BITS 64 2742#define _FILE_OFFSET_BITS 64
2742#include <sys/types.h> 2743#include <sys/types.h>
@@ -2757,16 +2758,16 @@ main ()
2757} 2758}
2758_ACEOF 2759_ACEOF
2759rm -f conftest.$ac_objext 2760rm -f conftest.$ac_objext
2760if { (eval echo "$as_me:2760: \"$ac_compile\"") >&5 2761if { (eval echo "$as_me:2761: \"$ac_compile\"") >&5
2761 (eval $ac_compile) 2>&5 2762 (eval $ac_compile) 2>&5
2762 ac_status=$? 2763 ac_status=$?
2763 echo "$as_me:2763: \$? = $ac_status" >&5 2764 echo "$as_me:2764: \$? = $ac_status" >&5
2764 (exit $ac_status); } && 2765 (exit $ac_status); } &&
2765 { ac_try='test -s conftest.$ac_objext' 2766 { ac_try='test -s conftest.$ac_objext'
2766 { (eval echo "$as_me:2766: \"$ac_try\"") >&5 2767 { (eval echo "$as_me:2767: \"$ac_try\"") >&5
2767 (eval $ac_try) 2>&5 2768 (eval $ac_try) 2>&5
2768 ac_status=$? 2769 ac_status=$?
2769 echo "$as_me:2769: \$? = $ac_status" >&5 2770 echo "$as_me:2770: \$? = $ac_status" >&5
2770 (exit $ac_status); }; }; then 2771 (exit $ac_status); }; }; then
2771 ac_cv_sys_file_offset_bits=64; break 2772 ac_cv_sys_file_offset_bits=64; break
2772else 2773else
@@ -2777,7 +2778,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext
2777 break 2778 break
2778done 2779done
2779fi 2780fi
2780echo "$as_me:2780: result: $ac_cv_sys_file_offset_bits" >&5 2781echo "$as_me:2781: result: $ac_cv_sys_file_offset_bits" >&5
2781echo "${ECHO_T}$ac_cv_sys_file_offset_bits" >&6 2782echo "${ECHO_T}$ac_cv_sys_file_offset_bits" >&6
2782if test "$ac_cv_sys_file_offset_bits" != no; then 2783if test "$ac_cv_sys_file_offset_bits" != no; then
2783 2784
@@ -2787,7 +2788,7 @@ EOF
2787 2788
2788fi 2789fi
2789rm -f conftest* 2790rm -f conftest*
2790 echo "$as_me:2790: checking for _LARGE_FILES value needed for large files" >&5 2791 echo "$as_me:2791: checking for _LARGE_FILES value needed for large files" >&5
2791echo $ECHO_N "checking for _LARGE_FILES value needed for large files... $ECHO_C" >&6 2792echo $ECHO_N "checking for _LARGE_FILES value needed for large files... $ECHO_C" >&6
2792if test "${ac_cv_sys_large_files+set}" = set; then 2793if test "${ac_cv_sys_large_files+set}" = set; then
2793 echo $ECHO_N "(cached) $ECHO_C" >&6 2794 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -2795,7 +2796,7 @@ else
2795 while :; do 2796 while :; do
2796 ac_cv_sys_large_files=no 2797 ac_cv_sys_large_files=no
2797 cat >conftest.$ac_ext <<_ACEOF 2798 cat >conftest.$ac_ext <<_ACEOF
2798#line 2798 "configure" 2799#line 2799 "configure"
2799#include "confdefs.h" 2800#include "confdefs.h"
2800#include <sys/types.h> 2801#include <sys/types.h>
2801 /* Check that off_t can represent 2**63 - 1 correctly. 2802 /* Check that off_t can represent 2**63 - 1 correctly.
@@ -2815,16 +2816,16 @@ main ()
2815} 2816}
2816_ACEOF 2817_ACEOF
2817rm -f conftest.$ac_objext 2818rm -f conftest.$ac_objext
2818if { (eval echo "$as_me:2818: \"$ac_compile\"") >&5 2819if { (eval echo "$as_me:2819: \"$ac_compile\"") >&5
2819 (eval $ac_compile) 2>&5 2820 (eval $ac_compile) 2>&5
2820 ac_status=$? 2821 ac_status=$?
2821 echo "$as_me:2821: \$? = $ac_status" >&5 2822 echo "$as_me:2822: \$? = $ac_status" >&5
2822 (exit $ac_status); } && 2823 (exit $ac_status); } &&
2823 { ac_try='test -s conftest.$ac_objext' 2824 { ac_try='test -s conftest.$ac_objext'
2824 { (eval echo "$as_me:2824: \"$ac_try\"") >&5 2825 { (eval echo "$as_me:2825: \"$ac_try\"") >&5
2825 (eval $ac_try) 2>&5 2826 (eval $ac_try) 2>&5
2826 ac_status=$? 2827 ac_status=$?
2827 echo "$as_me:2827: \$? = $ac_status" >&5 2828 echo "$as_me:2828: \$? = $ac_status" >&5
2828 (exit $ac_status); }; }; then 2829 (exit $ac_status); }; }; then
2829 break 2830 break
2830else 2831else
@@ -2833,7 +2834,7 @@ cat conftest.$ac_ext >&5
2833fi 2834fi
2834rm -f conftest.$ac_objext conftest.$ac_ext 2835rm -f conftest.$ac_objext conftest.$ac_ext
2835 cat >conftest.$ac_ext <<_ACEOF 2836 cat >conftest.$ac_ext <<_ACEOF
2836#line 2836 "configure" 2837#line 2837 "configure"
2837#include "confdefs.h" 2838#include "confdefs.h"
2838#define _LARGE_FILES 1 2839#define _LARGE_FILES 1
2839#include <sys/types.h> 2840#include <sys/types.h>
@@ -2854,16 +2855,16 @@ main ()
2854} 2855}
2855_ACEOF 2856_ACEOF
2856rm -f conftest.$ac_objext 2857rm -f conftest.$ac_objext
2857if { (eval echo "$as_me:2857: \"$ac_compile\"") >&5 2858if { (eval echo "$as_me:2858: \"$ac_compile\"") >&5
2858 (eval $ac_compile) 2>&5 2859 (eval $ac_compile) 2>&5
2859 ac_status=$? 2860 ac_status=$?
2860 echo "$as_me:2860: \$? = $ac_status" >&5 2861 echo "$as_me:2861: \$? = $ac_status" >&5
2861 (exit $ac_status); } && 2862 (exit $ac_status); } &&
2862 { ac_try='test -s conftest.$ac_objext' 2863 { ac_try='test -s conftest.$ac_objext'
2863 { (eval echo "$as_me:2863: \"$ac_try\"") >&5 2864 { (eval echo "$as_me:2864: \"$ac_try\"") >&5
2864 (eval $ac_try) 2>&5 2865 (eval $ac_try) 2>&5
2865 ac_status=$? 2866 ac_status=$?
2866 echo "$as_me:2866: \$? = $ac_status" >&5 2867 echo "$as_me:2867: \$? = $ac_status" >&5
2867 (exit $ac_status); }; }; then 2868 (exit $ac_status); }; }; then
2868 ac_cv_sys_large_files=1; break 2869 ac_cv_sys_large_files=1; break
2869else 2870else
@@ -2874,7 +2875,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext
2874 break 2875 break
2875done 2876done
2876fi 2877fi
2877echo "$as_me:2877: result: $ac_cv_sys_large_files" >&5 2878echo "$as_me:2878: result: $ac_cv_sys_large_files" >&5
2878echo "${ECHO_T}$ac_cv_sys_large_files" >&6 2879echo "${ECHO_T}$ac_cv_sys_large_files" >&6
2879if test "$ac_cv_sys_large_files" != no; then 2880if test "$ac_cv_sys_large_files" != no; then
2880 2881
@@ -2887,7 +2888,7 @@ rm -f conftest*
2887fi 2888fi
2888 2889
2889if test -z "$AR" ; then 2890if test -z "$AR" ; then
2890 { { echo "$as_me:2890: error: *** 'ar' missing, please install or fix your \$PATH ***" >&5 2891 { { echo "$as_me:2891: error: *** 'ar' missing, please install or fix your \$PATH ***" >&5
2891echo "$as_me: error: *** 'ar' missing, please install or fix your \$PATH ***" >&2;} 2892echo "$as_me: error: *** 'ar' missing, please install or fix your \$PATH ***" >&2;}
2892 { (exit 1); exit 1; }; } 2893 { (exit 1); exit 1; }; }
2893fi 2894fi
@@ -2902,7 +2903,7 @@ else
2902 # Search for login 2903 # Search for login
2903 # Extract the first word of "login", so it can be a program name with args. 2904 # Extract the first word of "login", so it can be a program name with args.
2904set dummy login; ac_word=$2 2905set dummy login; ac_word=$2
2905echo "$as_me:2905: checking for $ac_word" >&5 2906echo "$as_me:2906: checking for $ac_word" >&5
2906echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 2907echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
2907if test "${ac_cv_path_LOGIN_PROGRAM_FALLBACK+set}" = set; then 2908if test "${ac_cv_path_LOGIN_PROGRAM_FALLBACK+set}" = set; then
2908 echo $ECHO_N "(cached) $ECHO_C" >&6 2909 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -2919,7 +2920,7 @@ for ac_dir in $ac_dummy; do
2919 test -z "$ac_dir" && ac_dir=. 2920 test -z "$ac_dir" && ac_dir=.
2920 if $as_executable_p "$ac_dir/$ac_word"; then 2921 if $as_executable_p "$ac_dir/$ac_word"; then
2921 ac_cv_path_LOGIN_PROGRAM_FALLBACK="$ac_dir/$ac_word" 2922 ac_cv_path_LOGIN_PROGRAM_FALLBACK="$ac_dir/$ac_word"
2922 echo "$as_me:2922: found $ac_dir/$ac_word" >&5 2923 echo "$as_me:2923: found $ac_dir/$ac_word" >&5
2923 break 2924 break
2924fi 2925fi
2925done 2926done
@@ -2930,10 +2931,10 @@ fi
2930LOGIN_PROGRAM_FALLBACK=$ac_cv_path_LOGIN_PROGRAM_FALLBACK 2931LOGIN_PROGRAM_FALLBACK=$ac_cv_path_LOGIN_PROGRAM_FALLBACK
2931 2932
2932if test -n "$LOGIN_PROGRAM_FALLBACK"; then 2933if test -n "$LOGIN_PROGRAM_FALLBACK"; then
2933 echo "$as_me:2933: result: $LOGIN_PROGRAM_FALLBACK" >&5 2934 echo "$as_me:2934: result: $LOGIN_PROGRAM_FALLBACK" >&5
2934echo "${ECHO_T}$LOGIN_PROGRAM_FALLBACK" >&6 2935echo "${ECHO_T}$LOGIN_PROGRAM_FALLBACK" >&6
2935else 2936else
2936 echo "$as_me:2936: result: no" >&5 2937 echo "$as_me:2937: result: no" >&5
2937echo "${ECHO_T}no" >&6 2938echo "${ECHO_T}no" >&6
2938fi 2939fi
2939 2940
@@ -2945,11 +2946,55 @@ EOF
2945 fi 2946 fi
2946fi 2947fi
2947 2948
2949# Extract the first word of "passwd", so it can be a program name with args.
2950set dummy passwd; ac_word=$2
2951echo "$as_me:2951: checking for $ac_word" >&5
2952echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
2953if test "${ac_cv_path_PATH_PASSWD_PROG+set}" = set; then
2954 echo $ECHO_N "(cached) $ECHO_C" >&6
2955else
2956 case $PATH_PASSWD_PROG in
2957 [\\/]* | ?:[\\/]*)
2958 ac_cv_path_PATH_PASSWD_PROG="$PATH_PASSWD_PROG" # Let the user override the test with a path.
2959 ;;
2960 *)
2961 ac_save_IFS=$IFS; IFS=$ac_path_separator
2962ac_dummy="$PATH"
2963for ac_dir in $ac_dummy; do
2964 IFS=$ac_save_IFS
2965 test -z "$ac_dir" && ac_dir=.
2966 if $as_executable_p "$ac_dir/$ac_word"; then
2967 ac_cv_path_PATH_PASSWD_PROG="$ac_dir/$ac_word"
2968 echo "$as_me:2968: found $ac_dir/$ac_word" >&5
2969 break
2970fi
2971done
2972
2973 ;;
2974esac
2975fi
2976PATH_PASSWD_PROG=$ac_cv_path_PATH_PASSWD_PROG
2977
2978if test -n "$PATH_PASSWD_PROG"; then
2979 echo "$as_me:2979: result: $PATH_PASSWD_PROG" >&5
2980echo "${ECHO_T}$PATH_PASSWD_PROG" >&6
2981else
2982 echo "$as_me:2982: result: no" >&5
2983echo "${ECHO_T}no" >&6
2984fi
2985
2986if test ! -z "$PATH_PASSWD_PROG" ; then
2987 cat >>confdefs.h <<EOF
2988#define _PATH_PASSWD_PROG "$PATH_PASSWD_PROG"
2989EOF
2990
2991fi
2992
2948if test -z "$LD" ; then 2993if test -z "$LD" ; then
2949 LD=$CC 2994 LD=$CC
2950fi 2995fi
2951 2996
2952echo "$as_me:2952: checking for $CC option to accept ANSI C" >&5 2997echo "$as_me:2997: checking for $CC option to accept ANSI C" >&5
2953echo $ECHO_N "checking for $CC option to accept ANSI C... $ECHO_C" >&6 2998echo $ECHO_N "checking for $CC option to accept ANSI C... $ECHO_C" >&6
2954if test "${ac_cv_prog_cc_stdc+set}" = set; then 2999if test "${ac_cv_prog_cc_stdc+set}" = set; then
2955 echo $ECHO_N "(cached) $ECHO_C" >&6 3000 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -2957,7 +3002,7 @@ else
2957 ac_cv_prog_cc_stdc=no 3002 ac_cv_prog_cc_stdc=no
2958ac_save_CC=$CC 3003ac_save_CC=$CC
2959cat >conftest.$ac_ext <<_ACEOF 3004cat >conftest.$ac_ext <<_ACEOF
2960#line 2960 "configure" 3005#line 3005 "configure"
2961#include "confdefs.h" 3006#include "confdefs.h"
2962#include <stdarg.h> 3007#include <stdarg.h>
2963#include <stdio.h> 3008#include <stdio.h>
@@ -3006,16 +3051,16 @@ for ac_arg in "" -qlanglvl=ansi -std1 -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIO
3006do 3051do
3007 CC="$ac_save_CC $ac_arg" 3052 CC="$ac_save_CC $ac_arg"
3008 rm -f conftest.$ac_objext 3053 rm -f conftest.$ac_objext
3009if { (eval echo "$as_me:3009: \"$ac_compile\"") >&5 3054if { (eval echo "$as_me:3054: \"$ac_compile\"") >&5
3010 (eval $ac_compile) 2>&5 3055 (eval $ac_compile) 2>&5
3011 ac_status=$? 3056 ac_status=$?
3012 echo "$as_me:3012: \$? = $ac_status" >&5 3057 echo "$as_me:3057: \$? = $ac_status" >&5
3013 (exit $ac_status); } && 3058 (exit $ac_status); } &&
3014 { ac_try='test -s conftest.$ac_objext' 3059 { ac_try='test -s conftest.$ac_objext'
3015 { (eval echo "$as_me:3015: \"$ac_try\"") >&5 3060 { (eval echo "$as_me:3060: \"$ac_try\"") >&5
3016 (eval $ac_try) 2>&5 3061 (eval $ac_try) 2>&5
3017 ac_status=$? 3062 ac_status=$?
3018 echo "$as_me:3018: \$? = $ac_status" >&5 3063 echo "$as_me:3063: \$? = $ac_status" >&5
3019 (exit $ac_status); }; }; then 3064 (exit $ac_status); }; }; then
3020 ac_cv_prog_cc_stdc=$ac_arg 3065 ac_cv_prog_cc_stdc=$ac_arg
3021break 3066break
@@ -3032,15 +3077,15 @@ fi
3032 3077
3033case "x$ac_cv_prog_cc_stdc" in 3078case "x$ac_cv_prog_cc_stdc" in
3034 x|xno) 3079 x|xno)
3035 echo "$as_me:3035: result: none needed" >&5 3080 echo "$as_me:3080: result: none needed" >&5
3036echo "${ECHO_T}none needed" >&6 ;; 3081echo "${ECHO_T}none needed" >&6 ;;
3037 *) 3082 *)
3038 echo "$as_me:3038: result: $ac_cv_prog_cc_stdc" >&5 3083 echo "$as_me:3083: result: $ac_cv_prog_cc_stdc" >&5
3039echo "${ECHO_T}$ac_cv_prog_cc_stdc" >&6 3084echo "${ECHO_T}$ac_cv_prog_cc_stdc" >&6
3040 CC="$CC $ac_cv_prog_cc_stdc" ;; 3085 CC="$CC $ac_cv_prog_cc_stdc" ;;
3041esac 3086esac
3042 3087
3043echo "$as_me:3043: checking for inline" >&5 3088echo "$as_me:3088: checking for inline" >&5
3044echo $ECHO_N "checking for inline... $ECHO_C" >&6 3089echo $ECHO_N "checking for inline... $ECHO_C" >&6
3045if test "${ac_cv_c_inline+set}" = set; then 3090if test "${ac_cv_c_inline+set}" = set; then
3046 echo $ECHO_N "(cached) $ECHO_C" >&6 3091 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -3048,7 +3093,7 @@ else
3048 ac_cv_c_inline=no 3093 ac_cv_c_inline=no
3049for ac_kw in inline __inline__ __inline; do 3094for ac_kw in inline __inline__ __inline; do
3050 cat >conftest.$ac_ext <<_ACEOF 3095 cat >conftest.$ac_ext <<_ACEOF
3051#line 3051 "configure" 3096#line 3096 "configure"
3052#include "confdefs.h" 3097#include "confdefs.h"
3053#ifndef __cplusplus 3098#ifndef __cplusplus
3054static $ac_kw int static_foo () {return 0; } 3099static $ac_kw int static_foo () {return 0; }
@@ -3057,16 +3102,16 @@ $ac_kw int foo () {return 0; }
3057 3102
3058_ACEOF 3103_ACEOF
3059rm -f conftest.$ac_objext 3104rm -f conftest.$ac_objext
3060if { (eval echo "$as_me:3060: \"$ac_compile\"") >&5 3105if { (eval echo "$as_me:3105: \"$ac_compile\"") >&5
3061 (eval $ac_compile) 2>&5 3106 (eval $ac_compile) 2>&5
3062 ac_status=$? 3107 ac_status=$?
3063 echo "$as_me:3063: \$? = $ac_status" >&5 3108 echo "$as_me:3108: \$? = $ac_status" >&5
3064 (exit $ac_status); } && 3109 (exit $ac_status); } &&
3065 { ac_try='test -s conftest.$ac_objext' 3110 { ac_try='test -s conftest.$ac_objext'
3066 { (eval echo "$as_me:3066: \"$ac_try\"") >&5 3111 { (eval echo "$as_me:3111: \"$ac_try\"") >&5
3067 (eval $ac_try) 2>&5 3112 (eval $ac_try) 2>&5
3068 ac_status=$? 3113 ac_status=$?
3069 echo "$as_me:3069: \$? = $ac_status" >&5 3114 echo "$as_me:3114: \$? = $ac_status" >&5
3070 (exit $ac_status); }; }; then 3115 (exit $ac_status); }; }; then
3071 ac_cv_c_inline=$ac_kw; break 3116 ac_cv_c_inline=$ac_kw; break
3072else 3117else
@@ -3077,7 +3122,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext
3077done 3122done
3078 3123
3079fi 3124fi
3080echo "$as_me:3080: result: $ac_cv_c_inline" >&5 3125echo "$as_me:3125: result: $ac_cv_c_inline" >&5
3081echo "${ECHO_T}$ac_cv_c_inline" >&6 3126echo "${ECHO_T}$ac_cv_c_inline" >&6
3082case $ac_cv_c_inline in 3127case $ac_cv_c_inline in
3083 inline | yes) ;; 3128 inline | yes) ;;
@@ -3096,22 +3141,33 @@ if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
3096 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wno-uninitialized" 3141 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wno-uninitialized"
3097fi 3142fi
3098 3143
3144# Check whether --with-rpath or --without-rpath was given.
3145if test "${with_rpath+set}" = set; then
3146 withval="$with_rpath"
3147
3148 if test "x$withval" = "xno" ; then
3149 need_dash_r=""
3150 fi
3151 if test "x$withval" = "xyes" ; then
3152 need_dash_r=1
3153 fi
3154
3155fi;
3156
3099# Check for some target-specific stuff 3157# Check for some target-specific stuff
3100case "$host" in 3158case "$host" in
3101*-*-aix*) 3159*-*-aix*)
3102 CPPFLAGS="$CPPFLAGS -I/usr/local/include" 3160 echo "$as_me:3160: checking how to specify blibpath for linker ($LD)" >&5
3103 LDFLAGS="$LDFLAGS -L/usr/local/lib"
3104 echo "$as_me:3104: checking how to specify blibpath for linker ($LD)" >&5
3105echo $ECHO_N "checking how to specify blibpath for linker ($LD)... $ECHO_C" >&6 3161echo $ECHO_N "checking how to specify blibpath for linker ($LD)... $ECHO_C" >&6
3106 if (test -z "$blibpath"); then 3162 if (test -z "$blibpath"); then
3107 blibpath="/usr/lib:/lib:/usr/local/lib" 3163 blibpath="/usr/lib:/lib"
3108 fi 3164 fi
3109 saved_LDFLAGS="$LDFLAGS" 3165 saved_LDFLAGS="$LDFLAGS"
3110 for tryflags in -blibpath: -Wl,-blibpath: -Wl,-rpath, ;do 3166 for tryflags in -blibpath: -Wl,-blibpath: -Wl,-rpath, ;do
3111 if (test -z "$blibflags"); then 3167 if (test -z "$blibflags"); then
3112 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath" 3168 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
3113 cat >conftest.$ac_ext <<_ACEOF 3169 cat >conftest.$ac_ext <<_ACEOF
3114#line 3114 "configure" 3170#line 3170 "configure"
3115#include "confdefs.h" 3171#include "confdefs.h"
3116 3172
3117int 3173int
@@ -3123,16 +3179,16 @@ main ()
3123} 3179}
3124_ACEOF 3180_ACEOF
3125rm -f conftest.$ac_objext conftest$ac_exeext 3181rm -f conftest.$ac_objext conftest$ac_exeext
3126if { (eval echo "$as_me:3126: \"$ac_link\"") >&5 3182if { (eval echo "$as_me:3182: \"$ac_link\"") >&5
3127 (eval $ac_link) 2>&5 3183 (eval $ac_link) 2>&5
3128 ac_status=$? 3184 ac_status=$?
3129 echo "$as_me:3129: \$? = $ac_status" >&5 3185 echo "$as_me:3185: \$? = $ac_status" >&5
3130 (exit $ac_status); } && 3186 (exit $ac_status); } &&
3131 { ac_try='test -s conftest$ac_exeext' 3187 { ac_try='test -s conftest$ac_exeext'
3132 { (eval echo "$as_me:3132: \"$ac_try\"") >&5 3188 { (eval echo "$as_me:3188: \"$ac_try\"") >&5
3133 (eval $ac_try) 2>&5 3189 (eval $ac_try) 2>&5
3134 ac_status=$? 3190 ac_status=$?
3135 echo "$as_me:3135: \$? = $ac_status" >&5 3191 echo "$as_me:3191: \$? = $ac_status" >&5
3136 (exit $ac_status); }; }; then 3192 (exit $ac_status); }; }; then
3137 blibflags=$tryflags 3193 blibflags=$tryflags
3138else 3194else
@@ -3143,23 +3199,23 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
3143 fi 3199 fi
3144 done 3200 done
3145 if (test -z "$blibflags"); then 3201 if (test -z "$blibflags"); then
3146 echo "$as_me:3146: result: not found" >&5 3202 echo "$as_me:3202: result: not found" >&5
3147echo "${ECHO_T}not found" >&6 3203echo "${ECHO_T}not found" >&6
3148 { { echo "$as_me:3148: error: *** must be able to specify blibpath on AIX - check config.log" >&5 3204 { { echo "$as_me:3204: error: *** must be able to specify blibpath on AIX - check config.log" >&5
3149echo "$as_me: error: *** must be able to specify blibpath on AIX - check config.log" >&2;} 3205echo "$as_me: error: *** must be able to specify blibpath on AIX - check config.log" >&2;}
3150 { (exit 1); exit 1; }; } 3206 { (exit 1); exit 1; }; }
3151 else 3207 else
3152 echo "$as_me:3152: result: $blibflags" >&5 3208 echo "$as_me:3208: result: $blibflags" >&5
3153echo "${ECHO_T}$blibflags" >&6 3209echo "${ECHO_T}$blibflags" >&6
3154 fi 3210 fi
3155 LDFLAGS="$saved_LDFLAGS" 3211 LDFLAGS="$saved_LDFLAGS"
3156 echo "$as_me:3156: checking for authenticate" >&5 3212 echo "$as_me:3212: checking for authenticate" >&5
3157echo $ECHO_N "checking for authenticate... $ECHO_C" >&6 3213echo $ECHO_N "checking for authenticate... $ECHO_C" >&6
3158if test "${ac_cv_func_authenticate+set}" = set; then 3214if test "${ac_cv_func_authenticate+set}" = set; then
3159 echo $ECHO_N "(cached) $ECHO_C" >&6 3215 echo $ECHO_N "(cached) $ECHO_C" >&6
3160else 3216else
3161 cat >conftest.$ac_ext <<_ACEOF 3217 cat >conftest.$ac_ext <<_ACEOF
3162#line 3162 "configure" 3218#line 3218 "configure"
3163#include "confdefs.h" 3219#include "confdefs.h"
3164/* System header to define __stub macros and hopefully few prototypes, 3220/* System header to define __stub macros and hopefully few prototypes,
3165 which can conflict with char authenticate (); below. */ 3221 which can conflict with char authenticate (); below. */
@@ -3190,16 +3246,16 @@ f = authenticate;
3190} 3246}
3191_ACEOF 3247_ACEOF
3192rm -f conftest.$ac_objext conftest$ac_exeext 3248rm -f conftest.$ac_objext conftest$ac_exeext
3193if { (eval echo "$as_me:3193: \"$ac_link\"") >&5 3249if { (eval echo "$as_me:3249: \"$ac_link\"") >&5
3194 (eval $ac_link) 2>&5 3250 (eval $ac_link) 2>&5
3195 ac_status=$? 3251 ac_status=$?
3196 echo "$as_me:3196: \$? = $ac_status" >&5 3252 echo "$as_me:3252: \$? = $ac_status" >&5
3197 (exit $ac_status); } && 3253 (exit $ac_status); } &&
3198 { ac_try='test -s conftest$ac_exeext' 3254 { ac_try='test -s conftest$ac_exeext'
3199 { (eval echo "$as_me:3199: \"$ac_try\"") >&5 3255 { (eval echo "$as_me:3255: \"$ac_try\"") >&5
3200 (eval $ac_try) 2>&5 3256 (eval $ac_try) 2>&5
3201 ac_status=$? 3257 ac_status=$?
3202 echo "$as_me:3202: \$? = $ac_status" >&5 3258 echo "$as_me:3258: \$? = $ac_status" >&5
3203 (exit $ac_status); }; }; then 3259 (exit $ac_status); }; }; then
3204 ac_cv_func_authenticate=yes 3260 ac_cv_func_authenticate=yes
3205else 3261else
@@ -3209,7 +3265,7 @@ ac_cv_func_authenticate=no
3209fi 3265fi
3210rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 3266rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
3211fi 3267fi
3212echo "$as_me:3212: result: $ac_cv_func_authenticate" >&5 3268echo "$as_me:3268: result: $ac_cv_func_authenticate" >&5
3213echo "${ECHO_T}$ac_cv_func_authenticate" >&6 3269echo "${ECHO_T}$ac_cv_func_authenticate" >&6
3214if test $ac_cv_func_authenticate = yes; then 3270if test $ac_cv_func_authenticate = yes; then
3215 cat >>confdefs.h <<\EOF 3271 cat >>confdefs.h <<\EOF
@@ -3217,7 +3273,7 @@ if test $ac_cv_func_authenticate = yes; then
3217EOF 3273EOF
3218 3274
3219else 3275else
3220 echo "$as_me:3220: checking for authenticate in -ls" >&5 3276 echo "$as_me:3276: checking for authenticate in -ls" >&5
3221echo $ECHO_N "checking for authenticate in -ls... $ECHO_C" >&6 3277echo $ECHO_N "checking for authenticate in -ls... $ECHO_C" >&6
3222if test "${ac_cv_lib_s_authenticate+set}" = set; then 3278if test "${ac_cv_lib_s_authenticate+set}" = set; then
3223 echo $ECHO_N "(cached) $ECHO_C" >&6 3279 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -3225,7 +3281,7 @@ else
3225 ac_check_lib_save_LIBS=$LIBS 3281 ac_check_lib_save_LIBS=$LIBS
3226LIBS="-ls $LIBS" 3282LIBS="-ls $LIBS"
3227cat >conftest.$ac_ext <<_ACEOF 3283cat >conftest.$ac_ext <<_ACEOF
3228#line 3228 "configure" 3284#line 3284 "configure"
3229#include "confdefs.h" 3285#include "confdefs.h"
3230 3286
3231/* Override any gcc2 internal prototype to avoid an error. */ 3287/* Override any gcc2 internal prototype to avoid an error. */
@@ -3244,16 +3300,16 @@ authenticate ();
3244} 3300}
3245_ACEOF 3301_ACEOF
3246rm -f conftest.$ac_objext conftest$ac_exeext 3302rm -f conftest.$ac_objext conftest$ac_exeext
3247if { (eval echo "$as_me:3247: \"$ac_link\"") >&5 3303if { (eval echo "$as_me:3303: \"$ac_link\"") >&5
3248 (eval $ac_link) 2>&5 3304 (eval $ac_link) 2>&5
3249 ac_status=$? 3305 ac_status=$?
3250 echo "$as_me:3250: \$? = $ac_status" >&5 3306 echo "$as_me:3306: \$? = $ac_status" >&5
3251 (exit $ac_status); } && 3307 (exit $ac_status); } &&
3252 { ac_try='test -s conftest$ac_exeext' 3308 { ac_try='test -s conftest$ac_exeext'
3253 { (eval echo "$as_me:3253: \"$ac_try\"") >&5 3309 { (eval echo "$as_me:3309: \"$ac_try\"") >&5
3254 (eval $ac_try) 2>&5 3310 (eval $ac_try) 2>&5
3255 ac_status=$? 3311 ac_status=$?
3256 echo "$as_me:3256: \$? = $ac_status" >&5 3312 echo "$as_me:3312: \$? = $ac_status" >&5
3257 (exit $ac_status); }; }; then 3313 (exit $ac_status); }; }; then
3258 ac_cv_lib_s_authenticate=yes 3314 ac_cv_lib_s_authenticate=yes
3259else 3315else
@@ -3264,7 +3320,7 @@ fi
3264rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 3320rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
3265LIBS=$ac_check_lib_save_LIBS 3321LIBS=$ac_check_lib_save_LIBS
3266fi 3322fi
3267echo "$as_me:3267: result: $ac_cv_lib_s_authenticate" >&5 3323echo "$as_me:3323: result: $ac_cv_lib_s_authenticate" >&5
3268echo "${ECHO_T}$ac_cv_lib_s_authenticate" >&6 3324echo "${ECHO_T}$ac_cv_lib_s_authenticate" >&6
3269if test $ac_cv_lib_s_authenticate = yes; then 3325if test $ac_cv_lib_s_authenticate = yes; then
3270 cat >>confdefs.h <<\EOF 3326 cat >>confdefs.h <<\EOF
@@ -3277,13 +3333,13 @@ fi
3277 3333
3278fi 3334fi
3279 3335
3280 echo "$as_me:3280: checking whether loginfailed is declared" >&5 3336 echo "$as_me:3336: checking whether loginfailed is declared" >&5
3281echo $ECHO_N "checking whether loginfailed is declared... $ECHO_C" >&6 3337echo $ECHO_N "checking whether loginfailed is declared... $ECHO_C" >&6
3282if test "${ac_cv_have_decl_loginfailed+set}" = set; then 3338if test "${ac_cv_have_decl_loginfailed+set}" = set; then
3283 echo $ECHO_N "(cached) $ECHO_C" >&6 3339 echo $ECHO_N "(cached) $ECHO_C" >&6
3284else 3340else
3285 cat >conftest.$ac_ext <<_ACEOF 3341 cat >conftest.$ac_ext <<_ACEOF
3286#line 3286 "configure" 3342#line 3342 "configure"
3287#include "confdefs.h" 3343#include "confdefs.h"
3288#include <usersec.h> 3344#include <usersec.h>
3289 3345
@@ -3299,16 +3355,16 @@ main ()
3299} 3355}
3300_ACEOF 3356_ACEOF
3301rm -f conftest.$ac_objext 3357rm -f conftest.$ac_objext
3302if { (eval echo "$as_me:3302: \"$ac_compile\"") >&5 3358if { (eval echo "$as_me:3358: \"$ac_compile\"") >&5
3303 (eval $ac_compile) 2>&5 3359 (eval $ac_compile) 2>&5
3304 ac_status=$? 3360 ac_status=$?
3305 echo "$as_me:3305: \$? = $ac_status" >&5 3361 echo "$as_me:3361: \$? = $ac_status" >&5
3306 (exit $ac_status); } && 3362 (exit $ac_status); } &&
3307 { ac_try='test -s conftest.$ac_objext' 3363 { ac_try='test -s conftest.$ac_objext'
3308 { (eval echo "$as_me:3308: \"$ac_try\"") >&5 3364 { (eval echo "$as_me:3364: \"$ac_try\"") >&5
3309 (eval $ac_try) 2>&5 3365 (eval $ac_try) 2>&5
3310 ac_status=$? 3366 ac_status=$?
3311 echo "$as_me:3311: \$? = $ac_status" >&5 3367 echo "$as_me:3367: \$? = $ac_status" >&5
3312 (exit $ac_status); }; }; then 3368 (exit $ac_status); }; }; then
3313 ac_cv_have_decl_loginfailed=yes 3369 ac_cv_have_decl_loginfailed=yes
3314else 3370else
@@ -3318,13 +3374,13 @@ ac_cv_have_decl_loginfailed=no
3318fi 3374fi
3319rm -f conftest.$ac_objext conftest.$ac_ext 3375rm -f conftest.$ac_objext conftest.$ac_ext
3320fi 3376fi
3321echo "$as_me:3321: result: $ac_cv_have_decl_loginfailed" >&5 3377echo "$as_me:3377: result: $ac_cv_have_decl_loginfailed" >&5
3322echo "${ECHO_T}$ac_cv_have_decl_loginfailed" >&6 3378echo "${ECHO_T}$ac_cv_have_decl_loginfailed" >&6
3323if test $ac_cv_have_decl_loginfailed = yes; then 3379if test $ac_cv_have_decl_loginfailed = yes; then
3324 echo "$as_me:3324: checking if loginfailed takes 4 arguments" >&5 3380 echo "$as_me:3380: checking if loginfailed takes 4 arguments" >&5
3325echo $ECHO_N "checking if loginfailed takes 4 arguments... $ECHO_C" >&6 3381echo $ECHO_N "checking if loginfailed takes 4 arguments... $ECHO_C" >&6
3326 cat >conftest.$ac_ext <<_ACEOF 3382 cat >conftest.$ac_ext <<_ACEOF
3327#line 3327 "configure" 3383#line 3383 "configure"
3328#include "confdefs.h" 3384#include "confdefs.h"
3329#include <usersec.h> 3385#include <usersec.h>
3330int 3386int
@@ -3336,18 +3392,18 @@ main ()
3336} 3392}
3337_ACEOF 3393_ACEOF
3338rm -f conftest.$ac_objext 3394rm -f conftest.$ac_objext
3339if { (eval echo "$as_me:3339: \"$ac_compile\"") >&5 3395if { (eval echo "$as_me:3395: \"$ac_compile\"") >&5
3340 (eval $ac_compile) 2>&5 3396 (eval $ac_compile) 2>&5
3341 ac_status=$? 3397 ac_status=$?
3342 echo "$as_me:3342: \$? = $ac_status" >&5 3398 echo "$as_me:3398: \$? = $ac_status" >&5
3343 (exit $ac_status); } && 3399 (exit $ac_status); } &&
3344 { ac_try='test -s conftest.$ac_objext' 3400 { ac_try='test -s conftest.$ac_objext'
3345 { (eval echo "$as_me:3345: \"$ac_try\"") >&5 3401 { (eval echo "$as_me:3401: \"$ac_try\"") >&5
3346 (eval $ac_try) 2>&5 3402 (eval $ac_try) 2>&5
3347 ac_status=$? 3403 ac_status=$?
3348 echo "$as_me:3348: \$? = $ac_status" >&5 3404 echo "$as_me:3404: \$? = $ac_status" >&5
3349 (exit $ac_status); }; }; then 3405 (exit $ac_status); }; }; then
3350 echo "$as_me:3350: result: yes" >&5 3406 echo "$as_me:3406: result: yes" >&5
3351echo "${ECHO_T}yes" >&6 3407echo "${ECHO_T}yes" >&6
3352 cat >>confdefs.h <<\EOF 3408 cat >>confdefs.h <<\EOF
3353#define AIX_LOGINFAILED_4ARG 1 3409#define AIX_LOGINFAILED_4ARG 1
@@ -3356,7 +3412,7 @@ EOF
3356else 3412else
3357 echo "$as_me: failed program was:" >&5 3413 echo "$as_me: failed program was:" >&5
3358cat conftest.$ac_ext >&5 3414cat conftest.$ac_ext >&5
3359echo "$as_me:3359: result: no" >&5 3415echo "$as_me:3415: result: no" >&5
3360echo "${ECHO_T}no" >&6 3416echo "${ECHO_T}no" >&6
3361 3417
3362fi 3418fi
@@ -3366,13 +3422,13 @@ fi
3366for ac_func in setauthdb 3422for ac_func in setauthdb
3367do 3423do
3368as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` 3424as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
3369echo "$as_me:3369: checking for $ac_func" >&5 3425echo "$as_me:3425: checking for $ac_func" >&5
3370echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 3426echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
3371if eval "test \"\${$as_ac_var+set}\" = set"; then 3427if eval "test \"\${$as_ac_var+set}\" = set"; then
3372 echo $ECHO_N "(cached) $ECHO_C" >&6 3428 echo $ECHO_N "(cached) $ECHO_C" >&6
3373else 3429else
3374 cat >conftest.$ac_ext <<_ACEOF 3430 cat >conftest.$ac_ext <<_ACEOF
3375#line 3375 "configure" 3431#line 3431 "configure"
3376#include "confdefs.h" 3432#include "confdefs.h"
3377/* System header to define __stub macros and hopefully few prototypes, 3433/* System header to define __stub macros and hopefully few prototypes,
3378 which can conflict with char $ac_func (); below. */ 3434 which can conflict with char $ac_func (); below. */
@@ -3403,16 +3459,16 @@ f = $ac_func;
3403} 3459}
3404_ACEOF 3460_ACEOF
3405rm -f conftest.$ac_objext conftest$ac_exeext 3461rm -f conftest.$ac_objext conftest$ac_exeext
3406if { (eval echo "$as_me:3406: \"$ac_link\"") >&5 3462if { (eval echo "$as_me:3462: \"$ac_link\"") >&5
3407 (eval $ac_link) 2>&5 3463 (eval $ac_link) 2>&5
3408 ac_status=$? 3464 ac_status=$?
3409 echo "$as_me:3409: \$? = $ac_status" >&5 3465 echo "$as_me:3465: \$? = $ac_status" >&5
3410 (exit $ac_status); } && 3466 (exit $ac_status); } &&
3411 { ac_try='test -s conftest$ac_exeext' 3467 { ac_try='test -s conftest$ac_exeext'
3412 { (eval echo "$as_me:3412: \"$ac_try\"") >&5 3468 { (eval echo "$as_me:3468: \"$ac_try\"") >&5
3413 (eval $ac_try) 2>&5 3469 (eval $ac_try) 2>&5
3414 ac_status=$? 3470 ac_status=$?
3415 echo "$as_me:3415: \$? = $ac_status" >&5 3471 echo "$as_me:3471: \$? = $ac_status" >&5
3416 (exit $ac_status); }; }; then 3472 (exit $ac_status); }; }; then
3417 eval "$as_ac_var=yes" 3473 eval "$as_ac_var=yes"
3418else 3474else
@@ -3422,7 +3478,7 @@ eval "$as_ac_var=no"
3422fi 3478fi
3423rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 3479rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
3424fi 3480fi
3425echo "$as_me:3425: result: `eval echo '${'$as_ac_var'}'`" >&5 3481echo "$as_me:3481: result: `eval echo '${'$as_ac_var'}'`" >&5
3426echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 3482echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
3427if test `eval echo '${'$as_ac_var'}'` = yes; then 3483if test `eval echo '${'$as_ac_var'}'` = yes; then
3428 cat >>confdefs.h <<EOF 3484 cat >>confdefs.h <<EOF
@@ -3506,16 +3562,28 @@ EOF
3506#define IP_TOS_IS_BROKEN 1 3562#define IP_TOS_IS_BROKEN 1
3507EOF 3563EOF
3508 3564
3565 cat >>confdefs.h <<\EOF
3566#define SETEUID_BREAKS_SETUID 1
3567EOF
3568
3569 cat >>confdefs.h <<\EOF
3570#define BROKEN_SETREUID 1
3571EOF
3572
3573 cat >>confdefs.h <<\EOF
3574#define BROKEN_SETREGID 1
3575EOF
3576
3509 ;; 3577 ;;
3510*-*-darwin*) 3578*-*-darwin*)
3511 echo "$as_me:3511: checking if we have working getaddrinfo" >&5 3579 echo "$as_me:3579: checking if we have working getaddrinfo" >&5
3512echo $ECHO_N "checking if we have working getaddrinfo... $ECHO_C" >&6 3580echo $ECHO_N "checking if we have working getaddrinfo... $ECHO_C" >&6
3513 if test "$cross_compiling" = yes; then 3581 if test "$cross_compiling" = yes; then
3514 echo "$as_me:3514: result: assume it is working" >&5 3582 echo "$as_me:3582: result: assume it is working" >&5
3515echo "${ECHO_T}assume it is working" >&6 3583echo "${ECHO_T}assume it is working" >&6
3516else 3584else
3517 cat >conftest.$ac_ext <<_ACEOF 3585 cat >conftest.$ac_ext <<_ACEOF
3518#line 3518 "configure" 3586#line 3586 "configure"
3519#include "confdefs.h" 3587#include "confdefs.h"
3520#include <mach-o/dyld.h> 3588#include <mach-o/dyld.h>
3521main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) 3589main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
@@ -3525,23 +3593,23 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
3525} 3593}
3526_ACEOF 3594_ACEOF
3527rm -f conftest$ac_exeext 3595rm -f conftest$ac_exeext
3528if { (eval echo "$as_me:3528: \"$ac_link\"") >&5 3596if { (eval echo "$as_me:3596: \"$ac_link\"") >&5
3529 (eval $ac_link) 2>&5 3597 (eval $ac_link) 2>&5
3530 ac_status=$? 3598 ac_status=$?
3531 echo "$as_me:3531: \$? = $ac_status" >&5 3599 echo "$as_me:3599: \$? = $ac_status" >&5
3532 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' 3600 (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
3533 { (eval echo "$as_me:3533: \"$ac_try\"") >&5 3601 { (eval echo "$as_me:3601: \"$ac_try\"") >&5
3534 (eval $ac_try) 2>&5 3602 (eval $ac_try) 2>&5
3535 ac_status=$? 3603 ac_status=$?
3536 echo "$as_me:3536: \$? = $ac_status" >&5 3604 echo "$as_me:3604: \$? = $ac_status" >&5
3537 (exit $ac_status); }; }; then 3605 (exit $ac_status); }; }; then
3538 echo "$as_me:3538: result: working" >&5 3606 echo "$as_me:3606: result: working" >&5
3539echo "${ECHO_T}working" >&6 3607echo "${ECHO_T}working" >&6
3540else 3608else
3541 echo "$as_me: program exited with status $ac_status" >&5 3609 echo "$as_me: program exited with status $ac_status" >&5
3542echo "$as_me: failed program was:" >&5 3610echo "$as_me: failed program was:" >&5
3543cat conftest.$ac_ext >&5 3611cat conftest.$ac_ext >&5
3544echo "$as_me:3544: result: buggy" >&5 3612echo "$as_me:3612: result: buggy" >&5
3545echo "${ECHO_T}buggy" >&6 3613echo "${ECHO_T}buggy" >&6
3546 cat >>confdefs.h <<\EOF 3614 cat >>confdefs.h <<\EOF
3547#define BROKEN_GETADDRINFO 1 3615#define BROKEN_GETADDRINFO 1
@@ -3550,6 +3618,22 @@ EOF
3550fi 3618fi
3551rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext 3619rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
3552fi 3620fi
3621 cat >>confdefs.h <<\EOF
3622#define SETEUID_BREAKS_SETUID 1
3623EOF
3624
3625 cat >>confdefs.h <<\EOF
3626#define BROKEN_SETREUID 1
3627EOF
3628
3629 cat >>confdefs.h <<\EOF
3630#define BROKEN_SETREGID 1
3631EOF
3632
3633 cat >>confdefs.h <<EOF
3634#define BIND_8_COMPAT 1
3635EOF
3636
3553 ;; 3637 ;;
3554*-*-hpux10.26) 3638*-*-hpux10.26)
3555 if test -z "$GCC"; then 3639 if test -z "$GCC"; then
@@ -3574,14 +3658,6 @@ EOF
3574EOF 3658EOF
3575 3659
3576 cat >>confdefs.h <<\EOF 3660 cat >>confdefs.h <<\EOF
3577#define DISABLE_SHADOW 1
3578EOF
3579
3580 cat >>confdefs.h <<\EOF
3581#define DISABLE_UTMP 1
3582EOF
3583
3584 cat >>confdefs.h <<\EOF
3585#define LOCKED_PASSWD_STRING "*" 3661#define LOCKED_PASSWD_STRING "*"
3586EOF 3662EOF
3587 3663
@@ -3591,7 +3667,7 @@ EOF
3591 3667
3592 LIBS="$LIBS -lsec -lsecpw" 3668 LIBS="$LIBS -lsec -lsecpw"
3593 3669
3594echo "$as_me:3594: checking for t_error in -lxnet" >&5 3670echo "$as_me:3670: checking for t_error in -lxnet" >&5
3595echo $ECHO_N "checking for t_error in -lxnet... $ECHO_C" >&6 3671echo $ECHO_N "checking for t_error in -lxnet... $ECHO_C" >&6
3596if test "${ac_cv_lib_xnet_t_error+set}" = set; then 3672if test "${ac_cv_lib_xnet_t_error+set}" = set; then
3597 echo $ECHO_N "(cached) $ECHO_C" >&6 3673 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -3599,7 +3675,7 @@ else
3599 ac_check_lib_save_LIBS=$LIBS 3675 ac_check_lib_save_LIBS=$LIBS
3600LIBS="-lxnet $LIBS" 3676LIBS="-lxnet $LIBS"
3601cat >conftest.$ac_ext <<_ACEOF 3677cat >conftest.$ac_ext <<_ACEOF
3602#line 3602 "configure" 3678#line 3678 "configure"
3603#include "confdefs.h" 3679#include "confdefs.h"
3604 3680
3605/* Override any gcc2 internal prototype to avoid an error. */ 3681/* Override any gcc2 internal prototype to avoid an error. */
@@ -3618,16 +3694,16 @@ t_error ();
3618} 3694}
3619_ACEOF 3695_ACEOF
3620rm -f conftest.$ac_objext conftest$ac_exeext 3696rm -f conftest.$ac_objext conftest$ac_exeext
3621if { (eval echo "$as_me:3621: \"$ac_link\"") >&5 3697if { (eval echo "$as_me:3697: \"$ac_link\"") >&5
3622 (eval $ac_link) 2>&5 3698 (eval $ac_link) 2>&5
3623 ac_status=$? 3699 ac_status=$?
3624 echo "$as_me:3624: \$? = $ac_status" >&5 3700 echo "$as_me:3700: \$? = $ac_status" >&5
3625 (exit $ac_status); } && 3701 (exit $ac_status); } &&
3626 { ac_try='test -s conftest$ac_exeext' 3702 { ac_try='test -s conftest$ac_exeext'
3627 { (eval echo "$as_me:3627: \"$ac_try\"") >&5 3703 { (eval echo "$as_me:3703: \"$ac_try\"") >&5
3628 (eval $ac_try) 2>&5 3704 (eval $ac_try) 2>&5
3629 ac_status=$? 3705 ac_status=$?
3630 echo "$as_me:3630: \$? = $ac_status" >&5 3706 echo "$as_me:3706: \$? = $ac_status" >&5
3631 (exit $ac_status); }; }; then 3707 (exit $ac_status); }; }; then
3632 ac_cv_lib_xnet_t_error=yes 3708 ac_cv_lib_xnet_t_error=yes
3633else 3709else
@@ -3638,7 +3714,7 @@ fi
3638rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 3714rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
3639LIBS=$ac_check_lib_save_LIBS 3715LIBS=$ac_check_lib_save_LIBS
3640fi 3716fi
3641echo "$as_me:3641: result: $ac_cv_lib_xnet_t_error" >&5 3717echo "$as_me:3717: result: $ac_cv_lib_xnet_t_error" >&5
3642echo "${ECHO_T}$ac_cv_lib_xnet_t_error" >&6 3718echo "${ECHO_T}$ac_cv_lib_xnet_t_error" >&6
3643if test $ac_cv_lib_xnet_t_error = yes; then 3719if test $ac_cv_lib_xnet_t_error = yes; then
3644 cat >>confdefs.h <<EOF 3720 cat >>confdefs.h <<EOF
@@ -3648,7 +3724,7 @@ EOF
3648 LIBS="-lxnet $LIBS" 3724 LIBS="-lxnet $LIBS"
3649 3725
3650else 3726else
3651 { { echo "$as_me:3651: error: *** -lxnet needed on HP-UX - check config.log ***" >&5 3727 { { echo "$as_me:3727: error: *** -lxnet needed on HP-UX - check config.log ***" >&5
3652echo "$as_me: error: *** -lxnet needed on HP-UX - check config.log ***" >&2;} 3728echo "$as_me: error: *** -lxnet needed on HP-UX - check config.log ***" >&2;}
3653 { (exit 1); exit 1; }; } 3729 { (exit 1); exit 1; }; }
3654fi 3730fi
@@ -3674,14 +3750,6 @@ EOF
3674EOF 3750EOF
3675 3751
3676 cat >>confdefs.h <<\EOF 3752 cat >>confdefs.h <<\EOF
3677#define DISABLE_SHADOW 1
3678EOF
3679
3680 cat >>confdefs.h <<\EOF
3681#define DISABLE_UTMP 1
3682EOF
3683
3684 cat >>confdefs.h <<\EOF
3685#define LOCKED_PASSWD_STRING "*" 3753#define LOCKED_PASSWD_STRING "*"
3686EOF 3754EOF
3687 3755
@@ -3691,7 +3759,7 @@ EOF
3691 3759
3692 LIBS="$LIBS -lsec" 3760 LIBS="$LIBS -lsec"
3693 3761
3694echo "$as_me:3694: checking for t_error in -lxnet" >&5 3762echo "$as_me:3762: checking for t_error in -lxnet" >&5
3695echo $ECHO_N "checking for t_error in -lxnet... $ECHO_C" >&6 3763echo $ECHO_N "checking for t_error in -lxnet... $ECHO_C" >&6
3696if test "${ac_cv_lib_xnet_t_error+set}" = set; then 3764if test "${ac_cv_lib_xnet_t_error+set}" = set; then
3697 echo $ECHO_N "(cached) $ECHO_C" >&6 3765 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -3699,7 +3767,7 @@ else
3699 ac_check_lib_save_LIBS=$LIBS 3767 ac_check_lib_save_LIBS=$LIBS
3700LIBS="-lxnet $LIBS" 3768LIBS="-lxnet $LIBS"
3701cat >conftest.$ac_ext <<_ACEOF 3769cat >conftest.$ac_ext <<_ACEOF
3702#line 3702 "configure" 3770#line 3770 "configure"
3703#include "confdefs.h" 3771#include "confdefs.h"
3704 3772
3705/* Override any gcc2 internal prototype to avoid an error. */ 3773/* Override any gcc2 internal prototype to avoid an error. */
@@ -3718,16 +3786,16 @@ t_error ();
3718} 3786}
3719_ACEOF 3787_ACEOF
3720rm -f conftest.$ac_objext conftest$ac_exeext 3788rm -f conftest.$ac_objext conftest$ac_exeext
3721if { (eval echo "$as_me:3721: \"$ac_link\"") >&5 3789if { (eval echo "$as_me:3789: \"$ac_link\"") >&5
3722 (eval $ac_link) 2>&5 3790 (eval $ac_link) 2>&5
3723 ac_status=$? 3791 ac_status=$?
3724 echo "$as_me:3724: \$? = $ac_status" >&5 3792 echo "$as_me:3792: \$? = $ac_status" >&5
3725 (exit $ac_status); } && 3793 (exit $ac_status); } &&
3726 { ac_try='test -s conftest$ac_exeext' 3794 { ac_try='test -s conftest$ac_exeext'
3727 { (eval echo "$as_me:3727: \"$ac_try\"") >&5 3795 { (eval echo "$as_me:3795: \"$ac_try\"") >&5
3728 (eval $ac_try) 2>&5 3796 (eval $ac_try) 2>&5
3729 ac_status=$? 3797 ac_status=$?
3730 echo "$as_me:3730: \$? = $ac_status" >&5 3798 echo "$as_me:3798: \$? = $ac_status" >&5
3731 (exit $ac_status); }; }; then 3799 (exit $ac_status); }; }; then
3732 ac_cv_lib_xnet_t_error=yes 3800 ac_cv_lib_xnet_t_error=yes
3733else 3801else
@@ -3738,7 +3806,7 @@ fi
3738rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 3806rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
3739LIBS=$ac_check_lib_save_LIBS 3807LIBS=$ac_check_lib_save_LIBS
3740fi 3808fi
3741echo "$as_me:3741: result: $ac_cv_lib_xnet_t_error" >&5 3809echo "$as_me:3809: result: $ac_cv_lib_xnet_t_error" >&5
3742echo "${ECHO_T}$ac_cv_lib_xnet_t_error" >&6 3810echo "${ECHO_T}$ac_cv_lib_xnet_t_error" >&6
3743if test $ac_cv_lib_xnet_t_error = yes; then 3811if test $ac_cv_lib_xnet_t_error = yes; then
3744 cat >>confdefs.h <<EOF 3812 cat >>confdefs.h <<EOF
@@ -3748,7 +3816,7 @@ EOF
3748 LIBS="-lxnet $LIBS" 3816 LIBS="-lxnet $LIBS"
3749 3817
3750else 3818else
3751 { { echo "$as_me:3751: error: *** -lxnet needed on HP-UX - check config.log ***" >&5 3819 { { echo "$as_me:3819: error: *** -lxnet needed on HP-UX - check config.log ***" >&5
3752echo "$as_me: error: *** -lxnet needed on HP-UX - check config.log ***" >&2;} 3820echo "$as_me: error: *** -lxnet needed on HP-UX - check config.log ***" >&2;}
3753 { (exit 1); exit 1; }; } 3821 { (exit 1); exit 1; }; }
3754fi 3822fi
@@ -3774,10 +3842,6 @@ EOF
3774EOF 3842EOF
3775 3843
3776 cat >>confdefs.h <<\EOF 3844 cat >>confdefs.h <<\EOF
3777#define DISABLE_SHADOW 1
3778EOF
3779
3780 cat >>confdefs.h <<\EOF
3781#define DISABLE_UTMP 1 3845#define DISABLE_UTMP 1
3782EOF 3846EOF
3783 3847
@@ -3789,9 +3853,16 @@ EOF
3789#define SPT_TYPE SPT_PSTAT 3853#define SPT_TYPE SPT_PSTAT
3790EOF 3854EOF
3791 3855
3856 case "$host" in
3857 *-*-hpux11.11*)
3858 cat >>confdefs.h <<\EOF
3859#define BROKEN_GETADDRINFO 1
3860EOF
3861;;
3862 esac
3792 LIBS="$LIBS -lsec" 3863 LIBS="$LIBS -lsec"
3793 3864
3794echo "$as_me:3794: checking for t_error in -lxnet" >&5 3865echo "$as_me:3865: checking for t_error in -lxnet" >&5
3795echo $ECHO_N "checking for t_error in -lxnet... $ECHO_C" >&6 3866echo $ECHO_N "checking for t_error in -lxnet... $ECHO_C" >&6
3796if test "${ac_cv_lib_xnet_t_error+set}" = set; then 3867if test "${ac_cv_lib_xnet_t_error+set}" = set; then
3797 echo $ECHO_N "(cached) $ECHO_C" >&6 3868 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -3799,7 +3870,7 @@ else
3799 ac_check_lib_save_LIBS=$LIBS 3870 ac_check_lib_save_LIBS=$LIBS
3800LIBS="-lxnet $LIBS" 3871LIBS="-lxnet $LIBS"
3801cat >conftest.$ac_ext <<_ACEOF 3872cat >conftest.$ac_ext <<_ACEOF
3802#line 3802 "configure" 3873#line 3873 "configure"
3803#include "confdefs.h" 3874#include "confdefs.h"
3804 3875
3805/* Override any gcc2 internal prototype to avoid an error. */ 3876/* Override any gcc2 internal prototype to avoid an error. */
@@ -3818,16 +3889,16 @@ t_error ();
3818} 3889}
3819_ACEOF 3890_ACEOF
3820rm -f conftest.$ac_objext conftest$ac_exeext 3891rm -f conftest.$ac_objext conftest$ac_exeext
3821if { (eval echo "$as_me:3821: \"$ac_link\"") >&5 3892if { (eval echo "$as_me:3892: \"$ac_link\"") >&5
3822 (eval $ac_link) 2>&5 3893 (eval $ac_link) 2>&5
3823 ac_status=$? 3894 ac_status=$?
3824 echo "$as_me:3824: \$? = $ac_status" >&5 3895 echo "$as_me:3895: \$? = $ac_status" >&5
3825 (exit $ac_status); } && 3896 (exit $ac_status); } &&
3826 { ac_try='test -s conftest$ac_exeext' 3897 { ac_try='test -s conftest$ac_exeext'
3827 { (eval echo "$as_me:3827: \"$ac_try\"") >&5 3898 { (eval echo "$as_me:3898: \"$ac_try\"") >&5
3828 (eval $ac_try) 2>&5 3899 (eval $ac_try) 2>&5
3829 ac_status=$? 3900 ac_status=$?
3830 echo "$as_me:3830: \$? = $ac_status" >&5 3901 echo "$as_me:3901: \$? = $ac_status" >&5
3831 (exit $ac_status); }; }; then 3902 (exit $ac_status); }; }; then
3832 ac_cv_lib_xnet_t_error=yes 3903 ac_cv_lib_xnet_t_error=yes
3833else 3904else
@@ -3838,7 +3909,7 @@ fi
3838rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 3909rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
3839LIBS=$ac_check_lib_save_LIBS 3910LIBS=$ac_check_lib_save_LIBS
3840fi 3911fi
3841echo "$as_me:3841: result: $ac_cv_lib_xnet_t_error" >&5 3912echo "$as_me:3912: result: $ac_cv_lib_xnet_t_error" >&5
3842echo "${ECHO_T}$ac_cv_lib_xnet_t_error" >&6 3913echo "${ECHO_T}$ac_cv_lib_xnet_t_error" >&6
3843if test $ac_cv_lib_xnet_t_error = yes; then 3914if test $ac_cv_lib_xnet_t_error = yes; then
3844 cat >>confdefs.h <<EOF 3915 cat >>confdefs.h <<EOF
@@ -3848,21 +3919,31 @@ EOF
3848 LIBS="-lxnet $LIBS" 3919 LIBS="-lxnet $LIBS"
3849 3920
3850else 3921else
3851 { { echo "$as_me:3851: error: *** -lxnet needed on HP-UX - check config.log ***" >&5 3922 { { echo "$as_me:3922: error: *** -lxnet needed on HP-UX - check config.log ***" >&5
3852echo "$as_me: error: *** -lxnet needed on HP-UX - check config.log ***" >&2;} 3923echo "$as_me: error: *** -lxnet needed on HP-UX - check config.log ***" >&2;}
3853 { (exit 1); exit 1; }; } 3924 { (exit 1); exit 1; }; }
3854fi 3925fi
3855 3926
3856 ;; 3927 ;;
3857*-*-irix5*) 3928*-*-irix5*)
3858 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
3859 LDFLAGS="$LDFLAGS"
3860 PATH="$PATH:/usr/etc" 3929 PATH="$PATH:/usr/etc"
3861 cat >>confdefs.h <<\EOF 3930 cat >>confdefs.h <<\EOF
3862#define BROKEN_INET_NTOA 1 3931#define BROKEN_INET_NTOA 1
3863EOF 3932EOF
3864 3933
3865 cat >>confdefs.h <<\EOF 3934 cat >>confdefs.h <<\EOF
3935#define SETEUID_BREAKS_SETUID 1
3936EOF
3937
3938 cat >>confdefs.h <<\EOF
3939#define BROKEN_SETREUID 1
3940EOF
3941
3942 cat >>confdefs.h <<\EOF
3943#define BROKEN_SETREGID 1
3944EOF
3945
3946 cat >>confdefs.h <<\EOF
3866#define WITH_ABBREV_NO_TTY 1 3947#define WITH_ABBREV_NO_TTY 1
3867EOF 3948EOF
3868 3949
@@ -3872,8 +3953,6 @@ EOF
3872 3953
3873 ;; 3954 ;;
3874*-*-irix6*) 3955*-*-irix6*)
3875 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
3876 LDFLAGS="$LDFLAGS"
3877 PATH="$PATH:/usr/etc" 3956 PATH="$PATH:/usr/etc"
3878 cat >>confdefs.h <<\EOF 3957 cat >>confdefs.h <<\EOF
3879#define WITH_IRIX_ARRAY 1 3958#define WITH_IRIX_ARRAY 1
@@ -3887,13 +3966,13 @@ EOF
3887#define WITH_IRIX_AUDIT 1 3966#define WITH_IRIX_AUDIT 1
3888EOF 3967EOF
3889 3968
3890 echo "$as_me:3890: checking for jlimit_startjob" >&5 3969 echo "$as_me:3969: checking for jlimit_startjob" >&5
3891echo $ECHO_N "checking for jlimit_startjob... $ECHO_C" >&6 3970echo $ECHO_N "checking for jlimit_startjob... $ECHO_C" >&6
3892if test "${ac_cv_func_jlimit_startjob+set}" = set; then 3971if test "${ac_cv_func_jlimit_startjob+set}" = set; then
3893 echo $ECHO_N "(cached) $ECHO_C" >&6 3972 echo $ECHO_N "(cached) $ECHO_C" >&6
3894else 3973else
3895 cat >conftest.$ac_ext <<_ACEOF 3974 cat >conftest.$ac_ext <<_ACEOF
3896#line 3896 "configure" 3975#line 3975 "configure"
3897#include "confdefs.h" 3976#include "confdefs.h"
3898/* System header to define __stub macros and hopefully few prototypes, 3977/* System header to define __stub macros and hopefully few prototypes,
3899 which can conflict with char jlimit_startjob (); below. */ 3978 which can conflict with char jlimit_startjob (); below. */
@@ -3924,16 +4003,16 @@ f = jlimit_startjob;
3924} 4003}
3925_ACEOF 4004_ACEOF
3926rm -f conftest.$ac_objext conftest$ac_exeext 4005rm -f conftest.$ac_objext conftest$ac_exeext
3927if { (eval echo "$as_me:3927: \"$ac_link\"") >&5 4006if { (eval echo "$as_me:4006: \"$ac_link\"") >&5
3928 (eval $ac_link) 2>&5 4007 (eval $ac_link) 2>&5
3929 ac_status=$? 4008 ac_status=$?
3930 echo "$as_me:3930: \$? = $ac_status" >&5 4009 echo "$as_me:4009: \$? = $ac_status" >&5
3931 (exit $ac_status); } && 4010 (exit $ac_status); } &&
3932 { ac_try='test -s conftest$ac_exeext' 4011 { ac_try='test -s conftest$ac_exeext'
3933 { (eval echo "$as_me:3933: \"$ac_try\"") >&5 4012 { (eval echo "$as_me:4012: \"$ac_try\"") >&5
3934 (eval $ac_try) 2>&5 4013 (eval $ac_try) 2>&5
3935 ac_status=$? 4014 ac_status=$?
3936 echo "$as_me:3936: \$? = $ac_status" >&5 4015 echo "$as_me:4015: \$? = $ac_status" >&5
3937 (exit $ac_status); }; }; then 4016 (exit $ac_status); }; }; then
3938 ac_cv_func_jlimit_startjob=yes 4017 ac_cv_func_jlimit_startjob=yes
3939else 4018else
@@ -3943,7 +4022,7 @@ ac_cv_func_jlimit_startjob=no
3943fi 4022fi
3944rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 4023rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
3945fi 4024fi
3946echo "$as_me:3946: result: $ac_cv_func_jlimit_startjob" >&5 4025echo "$as_me:4025: result: $ac_cv_func_jlimit_startjob" >&5
3947echo "${ECHO_T}$ac_cv_func_jlimit_startjob" >&6 4026echo "${ECHO_T}$ac_cv_func_jlimit_startjob" >&6
3948if test $ac_cv_func_jlimit_startjob = yes; then 4027if test $ac_cv_func_jlimit_startjob = yes; then
3949 cat >>confdefs.h <<\EOF 4028 cat >>confdefs.h <<\EOF
@@ -3957,6 +4036,18 @@ fi
3957EOF 4036EOF
3958 4037
3959 cat >>confdefs.h <<\EOF 4038 cat >>confdefs.h <<\EOF
4039#define SETEUID_BREAKS_SETUID 1
4040EOF
4041
4042 cat >>confdefs.h <<\EOF
4043#define BROKEN_SETREUID 1
4044EOF
4045
4046 cat >>confdefs.h <<\EOF
4047#define BROKEN_SETREGID 1
4048EOF
4049
4050 cat >>confdefs.h <<\EOF
3960#define WITH_ABBREV_NO_TTY 1 4051#define WITH_ABBREV_NO_TTY 1
3961EOF 4052EOF
3962 4053
@@ -4004,11 +4095,27 @@ EOF
4004 ;; 4095 ;;
4005*-*-netbsd*) 4096*-*-netbsd*)
4006 check_for_libcrypt_before=1 4097 check_for_libcrypt_before=1
4007 need_dash_r=1 4098 if test "x$withval" != "xno" ; then
4099 need_dash_r=1
4100 fi
4008 ;; 4101 ;;
4009*-*-freebsd*) 4102*-*-freebsd*)
4010 check_for_libcrypt_later=1 4103 check_for_libcrypt_later=1
4011 ;; 4104 ;;
4105*-*-bsdi*)
4106 cat >>confdefs.h <<\EOF
4107#define SETEUID_BREAKS_SETUID 1
4108EOF
4109
4110 cat >>confdefs.h <<\EOF
4111#define BROKEN_SETREUID 1
4112EOF
4113
4114 cat >>confdefs.h <<\EOF
4115#define BROKEN_SETREGID 1
4116EOF
4117
4118 ;;
4012*-next-*) 4119*-next-*)
4013 conf_lastlog_location="/usr/adm/lastlog" 4120 conf_lastlog_location="/usr/adm/lastlog"
4014 conf_utmp_location=/etc/utmp 4121 conf_utmp_location=/etc/utmp
@@ -4030,13 +4137,8 @@ EOF
4030#define BROKEN_SAVED_UIDS 1 4137#define BROKEN_SAVED_UIDS 1
4031EOF 4138EOF
4032 4139
4033 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
4034 CFLAGS="$CFLAGS"
4035 ;; 4140 ;;
4036*-*-solaris*) 4141*-*-solaris*)
4037 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
4038 LDFLAGS="$LDFLAGS -L/usr/local/lib -R/usr/local/lib"
4039 need_dash_r=1
4040 cat >>confdefs.h <<\EOF 4142 cat >>confdefs.h <<\EOF
4041#define PAM_SUN_CODEBASE 1 4143#define PAM_SUN_CODEBASE 1
4042EOF 4144EOF
@@ -4065,11 +4167,11 @@ EOF
4065 external_path_file=/etc/default/login 4167 external_path_file=/etc/default/login
4066 # hardwire lastlog location (can't detect it on some versions) 4168 # hardwire lastlog location (can't detect it on some versions)
4067 conf_lastlog_location="/var/adm/lastlog" 4169 conf_lastlog_location="/var/adm/lastlog"
4068 echo "$as_me:4068: checking for obsolete utmp and wtmp in solaris2.x" >&5 4170 echo "$as_me:4170: checking for obsolete utmp and wtmp in solaris2.x" >&5
4069echo $ECHO_N "checking for obsolete utmp and wtmp in solaris2.x... $ECHO_C" >&6 4171echo $ECHO_N "checking for obsolete utmp and wtmp in solaris2.x... $ECHO_C" >&6
4070 sol2ver=`echo "$host"| sed -e 's/.*[0-9]\.//'` 4172 sol2ver=`echo "$host"| sed -e 's/.*[0-9]\.//'`
4071 if test "$sol2ver" -ge 8; then 4173 if test "$sol2ver" -ge 8; then
4072 echo "$as_me:4072: result: yes" >&5 4174 echo "$as_me:4174: result: yes" >&5
4073echo "${ECHO_T}yes" >&6 4175echo "${ECHO_T}yes" >&6
4074 cat >>confdefs.h <<\EOF 4176 cat >>confdefs.h <<\EOF
4075#define DISABLE_UTMP 1 4177#define DISABLE_UTMP 1
@@ -4080,7 +4182,7 @@ EOF
4080EOF 4182EOF
4081 4183
4082 else 4184 else
4083 echo "$as_me:4083: result: no" >&5 4185 echo "$as_me:4185: result: no" >&5
4084echo "${ECHO_T}no" >&6 4186echo "${ECHO_T}no" >&6
4085 fi 4187 fi
4086 ;; 4188 ;;
@@ -4090,13 +4192,13 @@ echo "${ECHO_T}no" >&6
4090for ac_func in getpwanam 4192for ac_func in getpwanam
4091do 4193do
4092as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` 4194as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
4093echo "$as_me:4093: checking for $ac_func" >&5 4195echo "$as_me:4195: checking for $ac_func" >&5
4094echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 4196echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
4095if eval "test \"\${$as_ac_var+set}\" = set"; then 4197if eval "test \"\${$as_ac_var+set}\" = set"; then
4096 echo $ECHO_N "(cached) $ECHO_C" >&6 4198 echo $ECHO_N "(cached) $ECHO_C" >&6
4097else 4199else
4098 cat >conftest.$ac_ext <<_ACEOF 4200 cat >conftest.$ac_ext <<_ACEOF
4099#line 4099 "configure" 4201#line 4201 "configure"
4100#include "confdefs.h" 4202#include "confdefs.h"
4101/* System header to define __stub macros and hopefully few prototypes, 4203/* System header to define __stub macros and hopefully few prototypes,
4102 which can conflict with char $ac_func (); below. */ 4204 which can conflict with char $ac_func (); below. */
@@ -4127,16 +4229,16 @@ f = $ac_func;
4127} 4229}
4128_ACEOF 4230_ACEOF
4129rm -f conftest.$ac_objext conftest$ac_exeext 4231rm -f conftest.$ac_objext conftest$ac_exeext
4130if { (eval echo "$as_me:4130: \"$ac_link\"") >&5 4232if { (eval echo "$as_me:4232: \"$ac_link\"") >&5
4131 (eval $ac_link) 2>&5 4233 (eval $ac_link) 2>&5
4132 ac_status=$? 4234 ac_status=$?
4133 echo "$as_me:4133: \$? = $ac_status" >&5 4235 echo "$as_me:4235: \$? = $ac_status" >&5
4134 (exit $ac_status); } && 4236 (exit $ac_status); } &&
4135 { ac_try='test -s conftest$ac_exeext' 4237 { ac_try='test -s conftest$ac_exeext'
4136 { (eval echo "$as_me:4136: \"$ac_try\"") >&5 4238 { (eval echo "$as_me:4238: \"$ac_try\"") >&5
4137 (eval $ac_try) 2>&5 4239 (eval $ac_try) 2>&5
4138 ac_status=$? 4240 ac_status=$?
4139 echo "$as_me:4139: \$? = $ac_status" >&5 4241 echo "$as_me:4241: \$? = $ac_status" >&5
4140 (exit $ac_status); }; }; then 4242 (exit $ac_status); }; }; then
4141 eval "$as_ac_var=yes" 4243 eval "$as_ac_var=yes"
4142else 4244else
@@ -4146,7 +4248,7 @@ eval "$as_ac_var=no"
4146fi 4248fi
4147rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 4249rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
4148fi 4250fi
4149echo "$as_me:4149: result: `eval echo '${'$as_ac_var'}'`" >&5 4251echo "$as_me:4251: result: `eval echo '${'$as_ac_var'}'`" >&5
4150echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 4252echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
4151if test `eval echo '${'$as_ac_var'}'` = yes; then 4253if test `eval echo '${'$as_ac_var'}'` = yes; then
4152 cat >>confdefs.h <<EOF 4254 cat >>confdefs.h <<EOF
@@ -4169,8 +4271,6 @@ EOF
4169 4271
4170 ;; 4272 ;;
4171*-ncr-sysv*) 4273*-ncr-sysv*)
4172 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
4173 LDFLAGS="$LDFLAGS -L/usr/local/lib"
4174 LIBS="$LIBS -lc89" 4274 LIBS="$LIBS -lc89"
4175 cat >>confdefs.h <<\EOF 4275 cat >>confdefs.h <<\EOF
4176#define USE_PIPES 1 4276#define USE_PIPES 1
@@ -4180,11 +4280,80 @@ EOF
4180#define SSHD_ACQUIRES_CTTY 1 4280#define SSHD_ACQUIRES_CTTY 1
4181EOF 4281EOF
4182 4282
4283 cat >>confdefs.h <<\EOF
4284#define SETEUID_BREAKS_SETUID 1
4285EOF
4286
4287 cat >>confdefs.h <<\EOF
4288#define BROKEN_SETREUID 1
4289EOF
4290
4291 cat >>confdefs.h <<\EOF
4292#define BROKEN_SETREGID 1
4293EOF
4294
4183 ;; 4295 ;;
4184*-sni-sysv*) 4296*-sni-sysv*)
4185 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
4186 # /usr/ucblib MUST NOT be searched on ReliantUNIX 4297 # /usr/ucblib MUST NOT be searched on ReliantUNIX
4187 LDFLAGS="$LDFLAGS -L/usr/local/lib" 4298
4299echo "$as_me:4299: checking for dlsym in -ldl" >&5
4300echo $ECHO_N "checking for dlsym in -ldl... $ECHO_C" >&6
4301if test "${ac_cv_lib_dl_dlsym+set}" = set; then
4302 echo $ECHO_N "(cached) $ECHO_C" >&6
4303else
4304 ac_check_lib_save_LIBS=$LIBS
4305LIBS="-ldl $LIBS"
4306cat >conftest.$ac_ext <<_ACEOF
4307#line 4307 "configure"
4308#include "confdefs.h"
4309
4310/* Override any gcc2 internal prototype to avoid an error. */
4311#ifdef __cplusplus
4312extern "C"
4313#endif
4314/* We use char because int might match the return type of a gcc2
4315 builtin and then its argument prototype would still apply. */
4316char dlsym ();
4317int
4318main ()
4319{
4320dlsym ();
4321 ;
4322 return 0;
4323}
4324_ACEOF
4325rm -f conftest.$ac_objext conftest$ac_exeext
4326if { (eval echo "$as_me:4326: \"$ac_link\"") >&5
4327 (eval $ac_link) 2>&5
4328 ac_status=$?
4329 echo "$as_me:4329: \$? = $ac_status" >&5
4330 (exit $ac_status); } &&
4331 { ac_try='test -s conftest$ac_exeext'
4332 { (eval echo "$as_me:4332: \"$ac_try\"") >&5
4333 (eval $ac_try) 2>&5
4334 ac_status=$?
4335 echo "$as_me:4335: \$? = $ac_status" >&5
4336 (exit $ac_status); }; }; then
4337 ac_cv_lib_dl_dlsym=yes
4338else
4339 echo "$as_me: failed program was:" >&5
4340cat conftest.$ac_ext >&5
4341ac_cv_lib_dl_dlsym=no
4342fi
4343rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
4344LIBS=$ac_check_lib_save_LIBS
4345fi
4346echo "$as_me:4346: result: $ac_cv_lib_dl_dlsym" >&5
4347echo "${ECHO_T}$ac_cv_lib_dl_dlsym" >&6
4348if test $ac_cv_lib_dl_dlsym = yes; then
4349 cat >>confdefs.h <<EOF
4350#define HAVE_LIBDL 1
4351EOF
4352
4353 LIBS="-ldl $LIBS"
4354
4355fi
4356
4188 IPADDR_IN_DISPLAY=yes 4357 IPADDR_IN_DISPLAY=yes
4189 cat >>confdefs.h <<\EOF 4358 cat >>confdefs.h <<\EOF
4190#define USE_PIPES 1 4359#define USE_PIPES 1
@@ -4195,6 +4364,18 @@ EOF
4195EOF 4364EOF
4196 4365
4197 cat >>confdefs.h <<\EOF 4366 cat >>confdefs.h <<\EOF
4367#define SETEUID_BREAKS_SETUID 1
4368EOF
4369
4370 cat >>confdefs.h <<\EOF
4371#define BROKEN_SETREUID 1
4372EOF
4373
4374 cat >>confdefs.h <<\EOF
4375#define BROKEN_SETREGID 1
4376EOF
4377
4378 cat >>confdefs.h <<\EOF
4198#define SSHD_ACQUIRES_CTTY 1 4379#define SSHD_ACQUIRES_CTTY 1
4199EOF 4380EOF
4200 4381
@@ -4204,8 +4385,6 @@ EOF
4204 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog 4385 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
4205 ;; 4386 ;;
4206*-*-sysv4.2*) 4387*-*-sysv4.2*)
4207 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
4208 LDFLAGS="$LDFLAGS -L/usr/local/lib"
4209 cat >>confdefs.h <<\EOF 4388 cat >>confdefs.h <<\EOF
4210#define USE_PIPES 1 4389#define USE_PIPES 1
4211EOF 4390EOF
@@ -4224,8 +4403,6 @@ EOF
4224 4403
4225 ;; 4404 ;;
4226*-*-sysv5*) 4405*-*-sysv5*)
4227 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
4228 LDFLAGS="$LDFLAGS -L/usr/local/lib"
4229 cat >>confdefs.h <<\EOF 4406 cat >>confdefs.h <<\EOF
4230#define USE_PIPES 1 4407#define USE_PIPES 1
4231EOF 4408EOF
@@ -4244,13 +4421,10 @@ EOF
4244 4421
4245 ;; 4422 ;;
4246*-*-sysv*) 4423*-*-sysv*)
4247 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
4248 LDFLAGS="$LDFLAGS -L/usr/local/lib"
4249 ;; 4424 ;;
4250*-*-sco3.2v4*) 4425*-*-sco3.2v4*)
4251 CPPFLAGS="$CPPFLAGS -Dftruncate=chsize -I/usr/local/include" 4426 CPPFLAGS="$CPPFLAGS -Dftruncate=chsize"
4252 LDFLAGS="$LDFLAGS -L/usr/local/lib" 4427 LIBS="$LIBS -los -lprot -lcrypt_i -lx -ltinfo -lm"
4253 LIBS="$LIBS -los -lprot -lx -ltinfo -lm"
4254 RANLIB=true 4428 RANLIB=true
4255 no_dev_ptmx=1 4429 no_dev_ptmx=1
4256 cat >>confdefs.h <<\EOF 4430 cat >>confdefs.h <<\EOF
@@ -4280,13 +4454,13 @@ EOF
4280for ac_func in getluid setluid 4454for ac_func in getluid setluid
4281do 4455do
4282as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` 4456as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
4283echo "$as_me:4283: checking for $ac_func" >&5 4457echo "$as_me:4457: checking for $ac_func" >&5
4284echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 4458echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
4285if eval "test \"\${$as_ac_var+set}\" = set"; then 4459if eval "test \"\${$as_ac_var+set}\" = set"; then
4286 echo $ECHO_N "(cached) $ECHO_C" >&6 4460 echo $ECHO_N "(cached) $ECHO_C" >&6
4287else 4461else
4288 cat >conftest.$ac_ext <<_ACEOF 4462 cat >conftest.$ac_ext <<_ACEOF
4289#line 4289 "configure" 4463#line 4463 "configure"
4290#include "confdefs.h" 4464#include "confdefs.h"
4291/* System header to define __stub macros and hopefully few prototypes, 4465/* System header to define __stub macros and hopefully few prototypes,
4292 which can conflict with char $ac_func (); below. */ 4466 which can conflict with char $ac_func (); below. */
@@ -4317,16 +4491,16 @@ f = $ac_func;
4317} 4491}
4318_ACEOF 4492_ACEOF
4319rm -f conftest.$ac_objext conftest$ac_exeext 4493rm -f conftest.$ac_objext conftest$ac_exeext
4320if { (eval echo "$as_me:4320: \"$ac_link\"") >&5 4494if { (eval echo "$as_me:4494: \"$ac_link\"") >&5
4321 (eval $ac_link) 2>&5 4495 (eval $ac_link) 2>&5
4322 ac_status=$? 4496 ac_status=$?
4323 echo "$as_me:4323: \$? = $ac_status" >&5 4497 echo "$as_me:4497: \$? = $ac_status" >&5
4324 (exit $ac_status); } && 4498 (exit $ac_status); } &&
4325 { ac_try='test -s conftest$ac_exeext' 4499 { ac_try='test -s conftest$ac_exeext'
4326 { (eval echo "$as_me:4326: \"$ac_try\"") >&5 4500 { (eval echo "$as_me:4500: \"$ac_try\"") >&5
4327 (eval $ac_try) 2>&5 4501 (eval $ac_try) 2>&5
4328 ac_status=$? 4502 ac_status=$?
4329 echo "$as_me:4329: \$? = $ac_status" >&5 4503 echo "$as_me:4503: \$? = $ac_status" >&5
4330 (exit $ac_status); }; }; then 4504 (exit $ac_status); }; }; then
4331 eval "$as_ac_var=yes" 4505 eval "$as_ac_var=yes"
4332else 4506else
@@ -4336,7 +4510,7 @@ eval "$as_ac_var=no"
4336fi 4510fi
4337rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 4511rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
4338fi 4512fi
4339echo "$as_me:4339: result: `eval echo '${'$as_ac_var'}'`" >&5 4513echo "$as_me:4513: result: `eval echo '${'$as_ac_var'}'`" >&5
4340echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 4514echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
4341if test `eval echo '${'$as_ac_var'}'` = yes; then 4515if test `eval echo '${'$as_ac_var'}'` = yes; then
4342 cat >>confdefs.h <<EOF 4516 cat >>confdefs.h <<EOF
@@ -4353,8 +4527,6 @@ done
4353 if test -z "$GCC"; then 4527 if test -z "$GCC"; then
4354 CFLAGS="$CFLAGS -belf" 4528 CFLAGS="$CFLAGS -belf"
4355 fi 4529 fi
4356 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
4357 LDFLAGS="$LDFLAGS -L/usr/local/lib"
4358 LIBS="$LIBS -lprot -lx -ltinfo -lm" 4530 LIBS="$LIBS -lprot -lx -ltinfo -lm"
4359 no_dev_ptmx=1 4531 no_dev_ptmx=1
4360 cat >>confdefs.h <<\EOF 4532 cat >>confdefs.h <<\EOF
@@ -4392,13 +4564,13 @@ EOF
4392for ac_func in getluid setluid 4564for ac_func in getluid setluid
4393do 4565do
4394as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` 4566as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
4395echo "$as_me:4395: checking for $ac_func" >&5 4567echo "$as_me:4567: checking for $ac_func" >&5
4396echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 4568echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
4397if eval "test \"\${$as_ac_var+set}\" = set"; then 4569if eval "test \"\${$as_ac_var+set}\" = set"; then
4398 echo $ECHO_N "(cached) $ECHO_C" >&6 4570 echo $ECHO_N "(cached) $ECHO_C" >&6
4399else 4571else
4400 cat >conftest.$ac_ext <<_ACEOF 4572 cat >conftest.$ac_ext <<_ACEOF
4401#line 4401 "configure" 4573#line 4573 "configure"
4402#include "confdefs.h" 4574#include "confdefs.h"
4403/* System header to define __stub macros and hopefully few prototypes, 4575/* System header to define __stub macros and hopefully few prototypes,
4404 which can conflict with char $ac_func (); below. */ 4576 which can conflict with char $ac_func (); below. */
@@ -4429,16 +4601,16 @@ f = $ac_func;
4429} 4601}
4430_ACEOF 4602_ACEOF
4431rm -f conftest.$ac_objext conftest$ac_exeext 4603rm -f conftest.$ac_objext conftest$ac_exeext
4432if { (eval echo "$as_me:4432: \"$ac_link\"") >&5 4604if { (eval echo "$as_me:4604: \"$ac_link\"") >&5
4433 (eval $ac_link) 2>&5 4605 (eval $ac_link) 2>&5
4434 ac_status=$? 4606 ac_status=$?
4435 echo "$as_me:4435: \$? = $ac_status" >&5 4607 echo "$as_me:4607: \$? = $ac_status" >&5
4436 (exit $ac_status); } && 4608 (exit $ac_status); } &&
4437 { ac_try='test -s conftest$ac_exeext' 4609 { ac_try='test -s conftest$ac_exeext'
4438 { (eval echo "$as_me:4438: \"$ac_try\"") >&5 4610 { (eval echo "$as_me:4610: \"$ac_try\"") >&5
4439 (eval $ac_try) 2>&5 4611 (eval $ac_try) 2>&5
4440 ac_status=$? 4612 ac_status=$?
4441 echo "$as_me:4441: \$? = $ac_status" >&5 4613 echo "$as_me:4613: \$? = $ac_status" >&5
4442 (exit $ac_status); }; }; then 4614 (exit $ac_status); }; }; then
4443 eval "$as_ac_var=yes" 4615 eval "$as_ac_var=yes"
4444else 4616else
@@ -4448,7 +4620,7 @@ eval "$as_ac_var=no"
4448fi 4620fi
4449rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 4621rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
4450fi 4622fi
4451echo "$as_me:4451: result: `eval echo '${'$as_ac_var'}'`" >&5 4623echo "$as_me:4623: result: `eval echo '${'$as_ac_var'}'`" >&5
4452echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 4624echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
4453if test `eval echo '${'$as_ac_var'}'` = yes; then 4625if test `eval echo '${'$as_ac_var'}'` = yes; then
4454 cat >>confdefs.h <<EOF 4626 cat >>confdefs.h <<EOF
@@ -4462,6 +4634,22 @@ done
4462 ;; 4634 ;;
4463*-*-unicosmk*) 4635*-*-unicosmk*)
4464 cat >>confdefs.h <<\EOF 4636 cat >>confdefs.h <<\EOF
4637#define NO_SSH_LASTLOG 1
4638EOF
4639
4640 cat >>confdefs.h <<\EOF
4641#define SETEUID_BREAKS_SETUID 1
4642EOF
4643
4644 cat >>confdefs.h <<\EOF
4645#define BROKEN_SETREUID 1
4646EOF
4647
4648 cat >>confdefs.h <<\EOF
4649#define BROKEN_SETREGID 1
4650EOF
4651
4652 cat >>confdefs.h <<\EOF
4465#define USE_PIPES 1 4653#define USE_PIPES 1
4466EOF 4654EOF
4467 4655
@@ -4475,6 +4663,18 @@ EOF
4475 ;; 4663 ;;
4476*-*-unicosmp*) 4664*-*-unicosmp*)
4477 cat >>confdefs.h <<\EOF 4665 cat >>confdefs.h <<\EOF
4666#define SETEUID_BREAKS_SETUID 1
4667EOF
4668
4669 cat >>confdefs.h <<\EOF
4670#define BROKEN_SETREUID 1
4671EOF
4672
4673 cat >>confdefs.h <<\EOF
4674#define BROKEN_SETREGID 1
4675EOF
4676
4677 cat >>confdefs.h <<\EOF
4478#define WITH_ABBREV_NO_TTY 1 4678#define WITH_ABBREV_NO_TTY 1
4479EOF 4679EOF
4480 4680
@@ -4487,11 +4687,23 @@ EOF
4487EOF 4687EOF
4488 4688
4489 LDFLAGS="$LDFLAGS" 4689 LDFLAGS="$LDFLAGS"
4490 LIBS="$LIBS -lgen -lacid" 4690 LIBS="$LIBS -lgen -lacid -ldb"
4491 MANTYPE=cat 4691 MANTYPE=cat
4492 ;; 4692 ;;
4493*-*-unicos*) 4693*-*-unicos*)
4494 cat >>confdefs.h <<\EOF 4694 cat >>confdefs.h <<\EOF
4695#define SETEUID_BREAKS_SETUID 1
4696EOF
4697
4698 cat >>confdefs.h <<\EOF
4699#define BROKEN_SETREUID 1
4700EOF
4701
4702 cat >>confdefs.h <<\EOF
4703#define BROKEN_SETREGID 1
4704EOF
4705
4706 cat >>confdefs.h <<\EOF
4495#define USE_PIPES 1 4707#define USE_PIPES 1
4496EOF 4708EOF
4497 4709
@@ -4508,7 +4720,7 @@ EOF
4508 MANTYPE=cat 4720 MANTYPE=cat
4509 ;; 4721 ;;
4510*-dec-osf*) 4722*-dec-osf*)
4511 echo "$as_me:4511: checking for Digital Unix SIA" >&5 4723 echo "$as_me:4723: checking for Digital Unix SIA" >&5
4512echo $ECHO_N "checking for Digital Unix SIA... $ECHO_C" >&6 4724echo $ECHO_N "checking for Digital Unix SIA... $ECHO_C" >&6
4513 no_osfsia="" 4725 no_osfsia=""
4514 4726
@@ -4517,7 +4729,7 @@ if test "${with_osfsia+set}" = set; then
4517 withval="$with_osfsia" 4729 withval="$with_osfsia"
4518 4730
4519 if test "x$withval" = "xno" ; then 4731 if test "x$withval" = "xno" ; then
4520 echo "$as_me:4520: result: disabled" >&5 4732 echo "$as_me:4732: result: disabled" >&5
4521echo "${ECHO_T}disabled" >&6 4733echo "${ECHO_T}disabled" >&6
4522 no_osfsia=1 4734 no_osfsia=1
4523 fi 4735 fi
@@ -4525,7 +4737,7 @@ echo "${ECHO_T}disabled" >&6
4525fi; 4737fi;
4526 if test -z "$no_osfsia" ; then 4738 if test -z "$no_osfsia" ; then
4527 if test -f /etc/sia/matrix.conf; then 4739 if test -f /etc/sia/matrix.conf; then
4528 echo "$as_me:4528: result: yes" >&5 4740 echo "$as_me:4740: result: yes" >&5
4529echo "${ECHO_T}yes" >&6 4741echo "${ECHO_T}yes" >&6
4530 cat >>confdefs.h <<\EOF 4742 cat >>confdefs.h <<\EOF
4531#define HAVE_OSF_SIA 1 4743#define HAVE_OSF_SIA 1
@@ -4541,20 +4753,28 @@ EOF
4541 4753
4542 LIBS="$LIBS -lsecurity -ldb -lm -laud" 4754 LIBS="$LIBS -lsecurity -ldb -lm -laud"
4543 else 4755 else
4544 echo "$as_me:4544: result: no" >&5 4756 echo "$as_me:4756: result: no" >&5
4545echo "${ECHO_T}no" >&6 4757echo "${ECHO_T}no" >&6
4758 cat >>confdefs.h <<\EOF
4759#define LOCKED_PASSWD_SUBSTR "Nologin"
4760EOF
4761
4546 fi 4762 fi
4547 fi 4763 fi
4548 cat >>confdefs.h <<\EOF 4764 cat >>confdefs.h <<\EOF
4549#define DISABLE_FD_PASSING 1 4765#define BROKEN_GETADDRINFO 1
4550EOF 4766EOF
4551 4767
4552 cat >>confdefs.h <<\EOF 4768 cat >>confdefs.h <<\EOF
4553#define BROKEN_GETADDRINFO 1 4769#define SETEUID_BREAKS_SETUID 1
4554EOF 4770EOF
4555 4771
4556 cat >>confdefs.h <<\EOF 4772 cat >>confdefs.h <<\EOF
4557#define LOCKED_PASSWD_SUBSTR "Nologin" 4773#define BROKEN_SETREUID 1
4774EOF
4775
4776 cat >>confdefs.h <<\EOF
4777#define BROKEN_SETREGID 1
4558EOF 4778EOF
4559 4779
4560 ;; 4780 ;;
@@ -4625,15 +4845,15 @@ if test "${with_libs+set}" = set; then
4625 4845
4626fi; 4846fi;
4627 4847
4628echo "$as_me:4628: checking compiler and flags for sanity" >&5 4848echo "$as_me:4848: checking compiler and flags for sanity" >&5
4629echo $ECHO_N "checking compiler and flags for sanity... $ECHO_C" >&6 4849echo $ECHO_N "checking compiler and flags for sanity... $ECHO_C" >&6
4630if test "$cross_compiling" = yes; then 4850if test "$cross_compiling" = yes; then
4631 { { echo "$as_me:4631: error: cannot run test program while cross compiling" >&5 4851 { { echo "$as_me:4851: error: cannot run test program while cross compiling" >&5
4632echo "$as_me: error: cannot run test program while cross compiling" >&2;} 4852echo "$as_me: error: cannot run test program while cross compiling" >&2;}
4633 { (exit 1); exit 1; }; } 4853 { (exit 1); exit 1; }; }
4634else 4854else
4635 cat >conftest.$ac_ext <<_ACEOF 4855 cat >conftest.$ac_ext <<_ACEOF
4636#line 4636 "configure" 4856#line 4856 "configure"
4637#include "confdefs.h" 4857#include "confdefs.h"
4638 4858
4639#include <stdio.h> 4859#include <stdio.h>
@@ -4641,26 +4861,26 @@ int main(){exit(0);}
4641 4861
4642_ACEOF 4862_ACEOF
4643rm -f conftest$ac_exeext 4863rm -f conftest$ac_exeext
4644if { (eval echo "$as_me:4644: \"$ac_link\"") >&5 4864if { (eval echo "$as_me:4864: \"$ac_link\"") >&5
4645 (eval $ac_link) 2>&5 4865 (eval $ac_link) 2>&5
4646 ac_status=$? 4866 ac_status=$?
4647 echo "$as_me:4647: \$? = $ac_status" >&5 4867 echo "$as_me:4867: \$? = $ac_status" >&5
4648 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' 4868 (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
4649 { (eval echo "$as_me:4649: \"$ac_try\"") >&5 4869 { (eval echo "$as_me:4869: \"$ac_try\"") >&5
4650 (eval $ac_try) 2>&5 4870 (eval $ac_try) 2>&5
4651 ac_status=$? 4871 ac_status=$?
4652 echo "$as_me:4652: \$? = $ac_status" >&5 4872 echo "$as_me:4872: \$? = $ac_status" >&5
4653 (exit $ac_status); }; }; then 4873 (exit $ac_status); }; }; then
4654 echo "$as_me:4654: result: yes" >&5 4874 echo "$as_me:4874: result: yes" >&5
4655echo "${ECHO_T}yes" >&6 4875echo "${ECHO_T}yes" >&6
4656else 4876else
4657 echo "$as_me: program exited with status $ac_status" >&5 4877 echo "$as_me: program exited with status $ac_status" >&5
4658echo "$as_me: failed program was:" >&5 4878echo "$as_me: failed program was:" >&5
4659cat conftest.$ac_ext >&5 4879cat conftest.$ac_ext >&5
4660 4880
4661 echo "$as_me:4661: result: no" >&5 4881 echo "$as_me:4881: result: no" >&5
4662echo "${ECHO_T}no" >&6 4882echo "${ECHO_T}no" >&6
4663 { { echo "$as_me:4663: error: *** compiler cannot create working executables, check config.log ***" >&5 4883 { { echo "$as_me:4883: error: *** compiler cannot create working executables, check config.log ***" >&5
4664echo "$as_me: error: *** compiler cannot create working executables, check config.log ***" >&2;} 4884echo "$as_me: error: *** compiler cannot create working executables, check config.log ***" >&2;}
4665 { (exit 1); exit 1; }; } 4885 { (exit 1); exit 1; }; }
4666 4886
@@ -4673,32 +4893,32 @@ fi
4673for ac_header in bstring.h crypt.h endian.h features.h floatingpoint.h \ 4893for ac_header in bstring.h crypt.h endian.h features.h floatingpoint.h \
4674 getopt.h glob.h ia.h lastlog.h limits.h login.h \ 4894 getopt.h glob.h ia.h lastlog.h limits.h login.h \
4675 login_cap.h maillock.h netdb.h netgroup.h \ 4895 login_cap.h maillock.h netdb.h netgroup.h \
4676 netinet/in_systm.h paths.h pty.h readpassphrase.h \ 4896 netinet/in_systm.h pam/pam_appl.h paths.h pty.h readpassphrase.h \
4677 rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \ 4897 rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \
4678 strings.h sys/strtio.h sys/audit.h sys/bitypes.h sys/bsdtty.h \ 4898 strings.h sys/strtio.h sys/audit.h sys/bitypes.h sys/bsdtty.h \
4679 sys/cdefs.h sys/mman.h sys/pstat.h sys/select.h sys/stat.h \ 4899 sys/cdefs.h sys/mman.h sys/pstat.h sys/ptms.h sys/select.h sys/stat.h \
4680 sys/stropts.h sys/sysmacros.h sys/time.h sys/timers.h \ 4900 sys/stream.h sys/stropts.h sys/sysmacros.h sys/time.h sys/timers.h \
4681 sys/un.h time.h tmpdir.h ttyent.h usersec.h \ 4901 sys/un.h time.h tmpdir.h ttyent.h usersec.h \
4682 util.h utime.h utmp.h utmpx.h 4902 util.h utime.h utmp.h utmpx.h vis.h
4683do 4903do
4684as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` 4904as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
4685echo "$as_me:4685: checking for $ac_header" >&5 4905echo "$as_me:4905: checking for $ac_header" >&5
4686echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 4906echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
4687if eval "test \"\${$as_ac_Header+set}\" = set"; then 4907if eval "test \"\${$as_ac_Header+set}\" = set"; then
4688 echo $ECHO_N "(cached) $ECHO_C" >&6 4908 echo $ECHO_N "(cached) $ECHO_C" >&6
4689else 4909else
4690 cat >conftest.$ac_ext <<_ACEOF 4910 cat >conftest.$ac_ext <<_ACEOF
4691#line 4691 "configure" 4911#line 4911 "configure"
4692#include "confdefs.h" 4912#include "confdefs.h"
4693#include <$ac_header> 4913#include <$ac_header>
4694_ACEOF 4914_ACEOF
4695if { (eval echo "$as_me:4695: \"$ac_cpp conftest.$ac_ext\"") >&5 4915if { (eval echo "$as_me:4915: \"$ac_cpp conftest.$ac_ext\"") >&5
4696 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 4916 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
4697 ac_status=$? 4917 ac_status=$?
4698 egrep -v '^ *\+' conftest.er1 >conftest.err 4918 egrep -v '^ *\+' conftest.er1 >conftest.err
4699 rm -f conftest.er1 4919 rm -f conftest.er1
4700 cat conftest.err >&5 4920 cat conftest.err >&5
4701 echo "$as_me:4701: \$? = $ac_status" >&5 4921 echo "$as_me:4921: \$? = $ac_status" >&5
4702 (exit $ac_status); } >/dev/null; then 4922 (exit $ac_status); } >/dev/null; then
4703 if test -s conftest.err; then 4923 if test -s conftest.err; then
4704 ac_cpp_err=$ac_c_preproc_warn_flag 4924 ac_cpp_err=$ac_c_preproc_warn_flag
@@ -4717,7 +4937,7 @@ else
4717fi 4937fi
4718rm -f conftest.err conftest.$ac_ext 4938rm -f conftest.err conftest.$ac_ext
4719fi 4939fi
4720echo "$as_me:4720: result: `eval echo '${'$as_ac_Header'}'`" >&5 4940echo "$as_me:4940: result: `eval echo '${'$as_ac_Header'}'`" >&5
4721echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 4941echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
4722if test `eval echo '${'$as_ac_Header'}'` = yes; then 4942if test `eval echo '${'$as_ac_Header'}'` = yes; then
4723 cat >>confdefs.h <<EOF 4943 cat >>confdefs.h <<EOF
@@ -4728,13 +4948,13 @@ fi
4728done 4948done
4729 4949
4730# Checks for libraries. 4950# Checks for libraries.
4731echo "$as_me:4731: checking for yp_match" >&5 4951echo "$as_me:4951: checking for yp_match" >&5
4732echo $ECHO_N "checking for yp_match... $ECHO_C" >&6 4952echo $ECHO_N "checking for yp_match... $ECHO_C" >&6
4733if test "${ac_cv_func_yp_match+set}" = set; then 4953if test "${ac_cv_func_yp_match+set}" = set; then
4734 echo $ECHO_N "(cached) $ECHO_C" >&6 4954 echo $ECHO_N "(cached) $ECHO_C" >&6
4735else 4955else
4736 cat >conftest.$ac_ext <<_ACEOF 4956 cat >conftest.$ac_ext <<_ACEOF
4737#line 4737 "configure" 4957#line 4957 "configure"
4738#include "confdefs.h" 4958#include "confdefs.h"
4739/* System header to define __stub macros and hopefully few prototypes, 4959/* System header to define __stub macros and hopefully few prototypes,
4740 which can conflict with char yp_match (); below. */ 4960 which can conflict with char yp_match (); below. */
@@ -4765,16 +4985,16 @@ f = yp_match;
4765} 4985}
4766_ACEOF 4986_ACEOF
4767rm -f conftest.$ac_objext conftest$ac_exeext 4987rm -f conftest.$ac_objext conftest$ac_exeext
4768if { (eval echo "$as_me:4768: \"$ac_link\"") >&5 4988if { (eval echo "$as_me:4988: \"$ac_link\"") >&5
4769 (eval $ac_link) 2>&5 4989 (eval $ac_link) 2>&5
4770 ac_status=$? 4990 ac_status=$?
4771 echo "$as_me:4771: \$? = $ac_status" >&5 4991 echo "$as_me:4991: \$? = $ac_status" >&5
4772 (exit $ac_status); } && 4992 (exit $ac_status); } &&
4773 { ac_try='test -s conftest$ac_exeext' 4993 { ac_try='test -s conftest$ac_exeext'
4774 { (eval echo "$as_me:4774: \"$ac_try\"") >&5 4994 { (eval echo "$as_me:4994: \"$ac_try\"") >&5
4775 (eval $ac_try) 2>&5 4995 (eval $ac_try) 2>&5
4776 ac_status=$? 4996 ac_status=$?
4777 echo "$as_me:4777: \$? = $ac_status" >&5 4997 echo "$as_me:4997: \$? = $ac_status" >&5
4778 (exit $ac_status); }; }; then 4998 (exit $ac_status); }; }; then
4779 ac_cv_func_yp_match=yes 4999 ac_cv_func_yp_match=yes
4780else 5000else
@@ -4784,13 +5004,13 @@ ac_cv_func_yp_match=no
4784fi 5004fi
4785rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 5005rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
4786fi 5006fi
4787echo "$as_me:4787: result: $ac_cv_func_yp_match" >&5 5007echo "$as_me:5007: result: $ac_cv_func_yp_match" >&5
4788echo "${ECHO_T}$ac_cv_func_yp_match" >&6 5008echo "${ECHO_T}$ac_cv_func_yp_match" >&6
4789if test $ac_cv_func_yp_match = yes; then 5009if test $ac_cv_func_yp_match = yes; then
4790 : 5010 :
4791else 5011else
4792 5012
4793echo "$as_me:4793: checking for yp_match in -lnsl" >&5 5013echo "$as_me:5013: checking for yp_match in -lnsl" >&5
4794echo $ECHO_N "checking for yp_match in -lnsl... $ECHO_C" >&6 5014echo $ECHO_N "checking for yp_match in -lnsl... $ECHO_C" >&6
4795if test "${ac_cv_lib_nsl_yp_match+set}" = set; then 5015if test "${ac_cv_lib_nsl_yp_match+set}" = set; then
4796 echo $ECHO_N "(cached) $ECHO_C" >&6 5016 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -4798,7 +5018,7 @@ else
4798 ac_check_lib_save_LIBS=$LIBS 5018 ac_check_lib_save_LIBS=$LIBS
4799LIBS="-lnsl $LIBS" 5019LIBS="-lnsl $LIBS"
4800cat >conftest.$ac_ext <<_ACEOF 5020cat >conftest.$ac_ext <<_ACEOF
4801#line 4801 "configure" 5021#line 5021 "configure"
4802#include "confdefs.h" 5022#include "confdefs.h"
4803 5023
4804/* Override any gcc2 internal prototype to avoid an error. */ 5024/* Override any gcc2 internal prototype to avoid an error. */
@@ -4817,16 +5037,16 @@ yp_match ();
4817} 5037}
4818_ACEOF 5038_ACEOF
4819rm -f conftest.$ac_objext conftest$ac_exeext 5039rm -f conftest.$ac_objext conftest$ac_exeext
4820if { (eval echo "$as_me:4820: \"$ac_link\"") >&5 5040if { (eval echo "$as_me:5040: \"$ac_link\"") >&5
4821 (eval $ac_link) 2>&5 5041 (eval $ac_link) 2>&5
4822 ac_status=$? 5042 ac_status=$?
4823 echo "$as_me:4823: \$? = $ac_status" >&5 5043 echo "$as_me:5043: \$? = $ac_status" >&5
4824 (exit $ac_status); } && 5044 (exit $ac_status); } &&
4825 { ac_try='test -s conftest$ac_exeext' 5045 { ac_try='test -s conftest$ac_exeext'
4826 { (eval echo "$as_me:4826: \"$ac_try\"") >&5 5046 { (eval echo "$as_me:5046: \"$ac_try\"") >&5
4827 (eval $ac_try) 2>&5 5047 (eval $ac_try) 2>&5
4828 ac_status=$? 5048 ac_status=$?
4829 echo "$as_me:4829: \$? = $ac_status" >&5 5049 echo "$as_me:5049: \$? = $ac_status" >&5
4830 (exit $ac_status); }; }; then 5050 (exit $ac_status); }; }; then
4831 ac_cv_lib_nsl_yp_match=yes 5051 ac_cv_lib_nsl_yp_match=yes
4832else 5052else
@@ -4837,7 +5057,7 @@ fi
4837rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 5057rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
4838LIBS=$ac_check_lib_save_LIBS 5058LIBS=$ac_check_lib_save_LIBS
4839fi 5059fi
4840echo "$as_me:4840: result: $ac_cv_lib_nsl_yp_match" >&5 5060echo "$as_me:5060: result: $ac_cv_lib_nsl_yp_match" >&5
4841echo "${ECHO_T}$ac_cv_lib_nsl_yp_match" >&6 5061echo "${ECHO_T}$ac_cv_lib_nsl_yp_match" >&6
4842if test $ac_cv_lib_nsl_yp_match = yes; then 5062if test $ac_cv_lib_nsl_yp_match = yes; then
4843 cat >>confdefs.h <<EOF 5063 cat >>confdefs.h <<EOF
@@ -4850,13 +5070,13 @@ fi
4850 5070
4851fi 5071fi
4852 5072
4853echo "$as_me:4853: checking for setsockopt" >&5 5073echo "$as_me:5073: checking for setsockopt" >&5
4854echo $ECHO_N "checking for setsockopt... $ECHO_C" >&6 5074echo $ECHO_N "checking for setsockopt... $ECHO_C" >&6
4855if test "${ac_cv_func_setsockopt+set}" = set; then 5075if test "${ac_cv_func_setsockopt+set}" = set; then
4856 echo $ECHO_N "(cached) $ECHO_C" >&6 5076 echo $ECHO_N "(cached) $ECHO_C" >&6
4857else 5077else
4858 cat >conftest.$ac_ext <<_ACEOF 5078 cat >conftest.$ac_ext <<_ACEOF
4859#line 4859 "configure" 5079#line 5079 "configure"
4860#include "confdefs.h" 5080#include "confdefs.h"
4861/* System header to define __stub macros and hopefully few prototypes, 5081/* System header to define __stub macros and hopefully few prototypes,
4862 which can conflict with char setsockopt (); below. */ 5082 which can conflict with char setsockopt (); below. */
@@ -4887,16 +5107,16 @@ f = setsockopt;
4887} 5107}
4888_ACEOF 5108_ACEOF
4889rm -f conftest.$ac_objext conftest$ac_exeext 5109rm -f conftest.$ac_objext conftest$ac_exeext
4890if { (eval echo "$as_me:4890: \"$ac_link\"") >&5 5110if { (eval echo "$as_me:5110: \"$ac_link\"") >&5
4891 (eval $ac_link) 2>&5 5111 (eval $ac_link) 2>&5
4892 ac_status=$? 5112 ac_status=$?
4893 echo "$as_me:4893: \$? = $ac_status" >&5 5113 echo "$as_me:5113: \$? = $ac_status" >&5
4894 (exit $ac_status); } && 5114 (exit $ac_status); } &&
4895 { ac_try='test -s conftest$ac_exeext' 5115 { ac_try='test -s conftest$ac_exeext'
4896 { (eval echo "$as_me:4896: \"$ac_try\"") >&5 5116 { (eval echo "$as_me:5116: \"$ac_try\"") >&5
4897 (eval $ac_try) 2>&5 5117 (eval $ac_try) 2>&5
4898 ac_status=$? 5118 ac_status=$?
4899 echo "$as_me:4899: \$? = $ac_status" >&5 5119 echo "$as_me:5119: \$? = $ac_status" >&5
4900 (exit $ac_status); }; }; then 5120 (exit $ac_status); }; }; then
4901 ac_cv_func_setsockopt=yes 5121 ac_cv_func_setsockopt=yes
4902else 5122else
@@ -4906,13 +5126,13 @@ ac_cv_func_setsockopt=no
4906fi 5126fi
4907rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 5127rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
4908fi 5128fi
4909echo "$as_me:4909: result: $ac_cv_func_setsockopt" >&5 5129echo "$as_me:5129: result: $ac_cv_func_setsockopt" >&5
4910echo "${ECHO_T}$ac_cv_func_setsockopt" >&6 5130echo "${ECHO_T}$ac_cv_func_setsockopt" >&6
4911if test $ac_cv_func_setsockopt = yes; then 5131if test $ac_cv_func_setsockopt = yes; then
4912 : 5132 :
4913else 5133else
4914 5134
4915echo "$as_me:4915: checking for setsockopt in -lsocket" >&5 5135echo "$as_me:5135: checking for setsockopt in -lsocket" >&5
4916echo $ECHO_N "checking for setsockopt in -lsocket... $ECHO_C" >&6 5136echo $ECHO_N "checking for setsockopt in -lsocket... $ECHO_C" >&6
4917if test "${ac_cv_lib_socket_setsockopt+set}" = set; then 5137if test "${ac_cv_lib_socket_setsockopt+set}" = set; then
4918 echo $ECHO_N "(cached) $ECHO_C" >&6 5138 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -4920,7 +5140,7 @@ else
4920 ac_check_lib_save_LIBS=$LIBS 5140 ac_check_lib_save_LIBS=$LIBS
4921LIBS="-lsocket $LIBS" 5141LIBS="-lsocket $LIBS"
4922cat >conftest.$ac_ext <<_ACEOF 5142cat >conftest.$ac_ext <<_ACEOF
4923#line 4923 "configure" 5143#line 5143 "configure"
4924#include "confdefs.h" 5144#include "confdefs.h"
4925 5145
4926/* Override any gcc2 internal prototype to avoid an error. */ 5146/* Override any gcc2 internal prototype to avoid an error. */
@@ -4939,16 +5159,16 @@ setsockopt ();
4939} 5159}
4940_ACEOF 5160_ACEOF
4941rm -f conftest.$ac_objext conftest$ac_exeext 5161rm -f conftest.$ac_objext conftest$ac_exeext
4942if { (eval echo "$as_me:4942: \"$ac_link\"") >&5 5162if { (eval echo "$as_me:5162: \"$ac_link\"") >&5
4943 (eval $ac_link) 2>&5 5163 (eval $ac_link) 2>&5
4944 ac_status=$? 5164 ac_status=$?
4945 echo "$as_me:4945: \$? = $ac_status" >&5 5165 echo "$as_me:5165: \$? = $ac_status" >&5
4946 (exit $ac_status); } && 5166 (exit $ac_status); } &&
4947 { ac_try='test -s conftest$ac_exeext' 5167 { ac_try='test -s conftest$ac_exeext'
4948 { (eval echo "$as_me:4948: \"$ac_try\"") >&5 5168 { (eval echo "$as_me:5168: \"$ac_try\"") >&5
4949 (eval $ac_try) 2>&5 5169 (eval $ac_try) 2>&5
4950 ac_status=$? 5170 ac_status=$?
4951 echo "$as_me:4951: \$? = $ac_status" >&5 5171 echo "$as_me:5171: \$? = $ac_status" >&5
4952 (exit $ac_status); }; }; then 5172 (exit $ac_status); }; }; then
4953 ac_cv_lib_socket_setsockopt=yes 5173 ac_cv_lib_socket_setsockopt=yes
4954else 5174else
@@ -4959,7 +5179,7 @@ fi
4959rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 5179rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
4960LIBS=$ac_check_lib_save_LIBS 5180LIBS=$ac_check_lib_save_LIBS
4961fi 5181fi
4962echo "$as_me:4962: result: $ac_cv_lib_socket_setsockopt" >&5 5182echo "$as_me:5182: result: $ac_cv_lib_socket_setsockopt" >&5
4963echo "${ECHO_T}$ac_cv_lib_socket_setsockopt" >&6 5183echo "${ECHO_T}$ac_cv_lib_socket_setsockopt" >&6
4964if test $ac_cv_lib_socket_setsockopt = yes; then 5184if test $ac_cv_lib_socket_setsockopt = yes; then
4965 cat >>confdefs.h <<EOF 5185 cat >>confdefs.h <<EOF
@@ -4974,7 +5194,7 @@ fi
4974 5194
4975if test "x$with_tcp_wrappers" != "xno" ; then 5195if test "x$with_tcp_wrappers" != "xno" ; then
4976 if test "x$do_sco3_extra_lib_check" = "xyes" ; then 5196 if test "x$do_sco3_extra_lib_check" = "xyes" ; then
4977 echo "$as_me:4977: checking for innetgr in -lrpc" >&5 5197 echo "$as_me:5197: checking for innetgr in -lrpc" >&5
4978echo $ECHO_N "checking for innetgr in -lrpc... $ECHO_C" >&6 5198echo $ECHO_N "checking for innetgr in -lrpc... $ECHO_C" >&6
4979if test "${ac_cv_lib_rpc_innetgr+set}" = set; then 5199if test "${ac_cv_lib_rpc_innetgr+set}" = set; then
4980 echo $ECHO_N "(cached) $ECHO_C" >&6 5200 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -4982,7 +5202,7 @@ else
4982 ac_check_lib_save_LIBS=$LIBS 5202 ac_check_lib_save_LIBS=$LIBS
4983LIBS="-lrpc -lyp -lrpc $LIBS" 5203LIBS="-lrpc -lyp -lrpc $LIBS"
4984cat >conftest.$ac_ext <<_ACEOF 5204cat >conftest.$ac_ext <<_ACEOF
4985#line 4985 "configure" 5205#line 5205 "configure"
4986#include "confdefs.h" 5206#include "confdefs.h"
4987 5207
4988/* Override any gcc2 internal prototype to avoid an error. */ 5208/* Override any gcc2 internal prototype to avoid an error. */
@@ -5001,16 +5221,16 @@ innetgr ();
5001} 5221}
5002_ACEOF 5222_ACEOF
5003rm -f conftest.$ac_objext conftest$ac_exeext 5223rm -f conftest.$ac_objext conftest$ac_exeext
5004if { (eval echo "$as_me:5004: \"$ac_link\"") >&5 5224if { (eval echo "$as_me:5224: \"$ac_link\"") >&5
5005 (eval $ac_link) 2>&5 5225 (eval $ac_link) 2>&5
5006 ac_status=$? 5226 ac_status=$?
5007 echo "$as_me:5007: \$? = $ac_status" >&5 5227 echo "$as_me:5227: \$? = $ac_status" >&5
5008 (exit $ac_status); } && 5228 (exit $ac_status); } &&
5009 { ac_try='test -s conftest$ac_exeext' 5229 { ac_try='test -s conftest$ac_exeext'
5010 { (eval echo "$as_me:5010: \"$ac_try\"") >&5 5230 { (eval echo "$as_me:5230: \"$ac_try\"") >&5
5011 (eval $ac_try) 2>&5 5231 (eval $ac_try) 2>&5
5012 ac_status=$? 5232 ac_status=$?
5013 echo "$as_me:5013: \$? = $ac_status" >&5 5233 echo "$as_me:5233: \$? = $ac_status" >&5
5014 (exit $ac_status); }; }; then 5234 (exit $ac_status); }; }; then
5015 ac_cv_lib_rpc_innetgr=yes 5235 ac_cv_lib_rpc_innetgr=yes
5016else 5236else
@@ -5021,7 +5241,7 @@ fi
5021rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 5241rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
5022LIBS=$ac_check_lib_save_LIBS 5242LIBS=$ac_check_lib_save_LIBS
5023fi 5243fi
5024echo "$as_me:5024: result: $ac_cv_lib_rpc_innetgr" >&5 5244echo "$as_me:5244: result: $ac_cv_lib_rpc_innetgr" >&5
5025echo "${ECHO_T}$ac_cv_lib_rpc_innetgr" >&6 5245echo "${ECHO_T}$ac_cv_lib_rpc_innetgr" >&6
5026if test $ac_cv_lib_rpc_innetgr = yes; then 5246if test $ac_cv_lib_rpc_innetgr = yes; then
5027 LIBS="-lrpc -lyp -lrpc $LIBS" 5247 LIBS="-lrpc -lyp -lrpc $LIBS"
@@ -5033,13 +5253,13 @@ fi
5033for ac_func in dirname 5253for ac_func in dirname
5034do 5254do
5035as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` 5255as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
5036echo "$as_me:5036: checking for $ac_func" >&5 5256echo "$as_me:5256: checking for $ac_func" >&5
5037echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 5257echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
5038if eval "test \"\${$as_ac_var+set}\" = set"; then 5258if eval "test \"\${$as_ac_var+set}\" = set"; then
5039 echo $ECHO_N "(cached) $ECHO_C" >&6 5259 echo $ECHO_N "(cached) $ECHO_C" >&6
5040else 5260else
5041 cat >conftest.$ac_ext <<_ACEOF 5261 cat >conftest.$ac_ext <<_ACEOF
5042#line 5042 "configure" 5262#line 5262 "configure"
5043#include "confdefs.h" 5263#include "confdefs.h"
5044/* System header to define __stub macros and hopefully few prototypes, 5264/* System header to define __stub macros and hopefully few prototypes,
5045 which can conflict with char $ac_func (); below. */ 5265 which can conflict with char $ac_func (); below. */
@@ -5070,16 +5290,16 @@ f = $ac_func;
5070} 5290}
5071_ACEOF 5291_ACEOF
5072rm -f conftest.$ac_objext conftest$ac_exeext 5292rm -f conftest.$ac_objext conftest$ac_exeext
5073if { (eval echo "$as_me:5073: \"$ac_link\"") >&5 5293if { (eval echo "$as_me:5293: \"$ac_link\"") >&5
5074 (eval $ac_link) 2>&5 5294 (eval $ac_link) 2>&5
5075 ac_status=$? 5295 ac_status=$?
5076 echo "$as_me:5076: \$? = $ac_status" >&5 5296 echo "$as_me:5296: \$? = $ac_status" >&5
5077 (exit $ac_status); } && 5297 (exit $ac_status); } &&
5078 { ac_try='test -s conftest$ac_exeext' 5298 { ac_try='test -s conftest$ac_exeext'
5079 { (eval echo "$as_me:5079: \"$ac_try\"") >&5 5299 { (eval echo "$as_me:5299: \"$ac_try\"") >&5
5080 (eval $ac_try) 2>&5 5300 (eval $ac_try) 2>&5
5081 ac_status=$? 5301 ac_status=$?
5082 echo "$as_me:5082: \$? = $ac_status" >&5 5302 echo "$as_me:5302: \$? = $ac_status" >&5
5083 (exit $ac_status); }; }; then 5303 (exit $ac_status); }; }; then
5084 eval "$as_ac_var=yes" 5304 eval "$as_ac_var=yes"
5085else 5305else
@@ -5089,7 +5309,7 @@ eval "$as_ac_var=no"
5089fi 5309fi
5090rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 5310rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
5091fi 5311fi
5092echo "$as_me:5092: result: `eval echo '${'$as_ac_var'}'`" >&5 5312echo "$as_me:5312: result: `eval echo '${'$as_ac_var'}'`" >&5
5093echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 5313echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
5094if test `eval echo '${'$as_ac_var'}'` = yes; then 5314if test `eval echo '${'$as_ac_var'}'` = yes; then
5095 cat >>confdefs.h <<EOF 5315 cat >>confdefs.h <<EOF
@@ -5099,23 +5319,23 @@ EOF
5099for ac_header in libgen.h 5319for ac_header in libgen.h
5100do 5320do
5101as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` 5321as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
5102echo "$as_me:5102: checking for $ac_header" >&5 5322echo "$as_me:5322: checking for $ac_header" >&5
5103echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 5323echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
5104if eval "test \"\${$as_ac_Header+set}\" = set"; then 5324if eval "test \"\${$as_ac_Header+set}\" = set"; then
5105 echo $ECHO_N "(cached) $ECHO_C" >&6 5325 echo $ECHO_N "(cached) $ECHO_C" >&6
5106else 5326else
5107 cat >conftest.$ac_ext <<_ACEOF 5327 cat >conftest.$ac_ext <<_ACEOF
5108#line 5108 "configure" 5328#line 5328 "configure"
5109#include "confdefs.h" 5329#include "confdefs.h"
5110#include <$ac_header> 5330#include <$ac_header>
5111_ACEOF 5331_ACEOF
5112if { (eval echo "$as_me:5112: \"$ac_cpp conftest.$ac_ext\"") >&5 5332if { (eval echo "$as_me:5332: \"$ac_cpp conftest.$ac_ext\"") >&5
5113 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 5333 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
5114 ac_status=$? 5334 ac_status=$?
5115 egrep -v '^ *\+' conftest.er1 >conftest.err 5335 egrep -v '^ *\+' conftest.er1 >conftest.err
5116 rm -f conftest.er1 5336 rm -f conftest.er1
5117 cat conftest.err >&5 5337 cat conftest.err >&5
5118 echo "$as_me:5118: \$? = $ac_status" >&5 5338 echo "$as_me:5338: \$? = $ac_status" >&5
5119 (exit $ac_status); } >/dev/null; then 5339 (exit $ac_status); } >/dev/null; then
5120 if test -s conftest.err; then 5340 if test -s conftest.err; then
5121 ac_cpp_err=$ac_c_preproc_warn_flag 5341 ac_cpp_err=$ac_c_preproc_warn_flag
@@ -5134,7 +5354,7 @@ else
5134fi 5354fi
5135rm -f conftest.err conftest.$ac_ext 5355rm -f conftest.err conftest.$ac_ext
5136fi 5356fi
5137echo "$as_me:5137: result: `eval echo '${'$as_ac_Header'}'`" >&5 5357echo "$as_me:5357: result: `eval echo '${'$as_ac_Header'}'`" >&5
5138echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 5358echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
5139if test `eval echo '${'$as_ac_Header'}'` = yes; then 5359if test `eval echo '${'$as_ac_Header'}'` = yes; then
5140 cat >>confdefs.h <<EOF 5360 cat >>confdefs.h <<EOF
@@ -5146,7 +5366,7 @@ done
5146 5366
5147else 5367else
5148 5368
5149 echo "$as_me:5149: checking for dirname in -lgen" >&5 5369 echo "$as_me:5369: checking for dirname in -lgen" >&5
5150echo $ECHO_N "checking for dirname in -lgen... $ECHO_C" >&6 5370echo $ECHO_N "checking for dirname in -lgen... $ECHO_C" >&6
5151if test "${ac_cv_lib_gen_dirname+set}" = set; then 5371if test "${ac_cv_lib_gen_dirname+set}" = set; then
5152 echo $ECHO_N "(cached) $ECHO_C" >&6 5372 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -5154,7 +5374,7 @@ else
5154 ac_check_lib_save_LIBS=$LIBS 5374 ac_check_lib_save_LIBS=$LIBS
5155LIBS="-lgen $LIBS" 5375LIBS="-lgen $LIBS"
5156cat >conftest.$ac_ext <<_ACEOF 5376cat >conftest.$ac_ext <<_ACEOF
5157#line 5157 "configure" 5377#line 5377 "configure"
5158#include "confdefs.h" 5378#include "confdefs.h"
5159 5379
5160/* Override any gcc2 internal prototype to avoid an error. */ 5380/* Override any gcc2 internal prototype to avoid an error. */
@@ -5173,16 +5393,16 @@ dirname ();
5173} 5393}
5174_ACEOF 5394_ACEOF
5175rm -f conftest.$ac_objext conftest$ac_exeext 5395rm -f conftest.$ac_objext conftest$ac_exeext
5176if { (eval echo "$as_me:5176: \"$ac_link\"") >&5 5396if { (eval echo "$as_me:5396: \"$ac_link\"") >&5
5177 (eval $ac_link) 2>&5 5397 (eval $ac_link) 2>&5
5178 ac_status=$? 5398 ac_status=$?
5179 echo "$as_me:5179: \$? = $ac_status" >&5 5399 echo "$as_me:5399: \$? = $ac_status" >&5
5180 (exit $ac_status); } && 5400 (exit $ac_status); } &&
5181 { ac_try='test -s conftest$ac_exeext' 5401 { ac_try='test -s conftest$ac_exeext'
5182 { (eval echo "$as_me:5182: \"$ac_try\"") >&5 5402 { (eval echo "$as_me:5402: \"$ac_try\"") >&5
5183 (eval $ac_try) 2>&5 5403 (eval $ac_try) 2>&5
5184 ac_status=$? 5404 ac_status=$?
5185 echo "$as_me:5185: \$? = $ac_status" >&5 5405 echo "$as_me:5405: \$? = $ac_status" >&5
5186 (exit $ac_status); }; }; then 5406 (exit $ac_status); }; }; then
5187 ac_cv_lib_gen_dirname=yes 5407 ac_cv_lib_gen_dirname=yes
5188else 5408else
@@ -5193,11 +5413,11 @@ fi
5193rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 5413rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
5194LIBS=$ac_check_lib_save_LIBS 5414LIBS=$ac_check_lib_save_LIBS
5195fi 5415fi
5196echo "$as_me:5196: result: $ac_cv_lib_gen_dirname" >&5 5416echo "$as_me:5416: result: $ac_cv_lib_gen_dirname" >&5
5197echo "${ECHO_T}$ac_cv_lib_gen_dirname" >&6 5417echo "${ECHO_T}$ac_cv_lib_gen_dirname" >&6
5198if test $ac_cv_lib_gen_dirname = yes; then 5418if test $ac_cv_lib_gen_dirname = yes; then
5199 5419
5200 echo "$as_me:5200: checking for broken dirname" >&5 5420 echo "$as_me:5420: checking for broken dirname" >&5
5201echo $ECHO_N "checking for broken dirname... $ECHO_C" >&6 5421echo $ECHO_N "checking for broken dirname... $ECHO_C" >&6
5202if test "${ac_cv_have_broken_dirname+set}" = set; then 5422if test "${ac_cv_have_broken_dirname+set}" = set; then
5203 echo $ECHO_N "(cached) $ECHO_C" >&6 5423 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -5206,12 +5426,12 @@ else
5206 save_LIBS="$LIBS" 5426 save_LIBS="$LIBS"
5207 LIBS="$LIBS -lgen" 5427 LIBS="$LIBS -lgen"
5208 if test "$cross_compiling" = yes; then 5428 if test "$cross_compiling" = yes; then
5209 { { echo "$as_me:5209: error: cannot run test program while cross compiling" >&5 5429 { { echo "$as_me:5429: error: cannot run test program while cross compiling" >&5
5210echo "$as_me: error: cannot run test program while cross compiling" >&2;} 5430echo "$as_me: error: cannot run test program while cross compiling" >&2;}
5211 { (exit 1); exit 1; }; } 5431 { (exit 1); exit 1; }; }
5212else 5432else
5213 cat >conftest.$ac_ext <<_ACEOF 5433 cat >conftest.$ac_ext <<_ACEOF
5214#line 5214 "configure" 5434#line 5434 "configure"
5215#include "confdefs.h" 5435#include "confdefs.h"
5216 5436
5217#include <libgen.h> 5437#include <libgen.h>
@@ -5231,15 +5451,15 @@ int main(int argc, char **argv) {
5231 5451
5232_ACEOF 5452_ACEOF
5233rm -f conftest$ac_exeext 5453rm -f conftest$ac_exeext
5234if { (eval echo "$as_me:5234: \"$ac_link\"") >&5 5454if { (eval echo "$as_me:5454: \"$ac_link\"") >&5
5235 (eval $ac_link) 2>&5 5455 (eval $ac_link) 2>&5
5236 ac_status=$? 5456 ac_status=$?
5237 echo "$as_me:5237: \$? = $ac_status" >&5 5457 echo "$as_me:5457: \$? = $ac_status" >&5
5238 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' 5458 (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
5239 { (eval echo "$as_me:5239: \"$ac_try\"") >&5 5459 { (eval echo "$as_me:5459: \"$ac_try\"") >&5
5240 (eval $ac_try) 2>&5 5460 (eval $ac_try) 2>&5
5241 ac_status=$? 5461 ac_status=$?
5242 echo "$as_me:5242: \$? = $ac_status" >&5 5462 echo "$as_me:5462: \$? = $ac_status" >&5
5243 (exit $ac_status); }; }; then 5463 (exit $ac_status); }; }; then
5244 ac_cv_have_broken_dirname="no" 5464 ac_cv_have_broken_dirname="no"
5245else 5465else
@@ -5254,7 +5474,7 @@ fi
5254 LIBS="$save_LIBS" 5474 LIBS="$save_LIBS"
5255 5475
5256fi 5476fi
5257echo "$as_me:5257: result: $ac_cv_have_broken_dirname" >&5 5477echo "$as_me:5477: result: $ac_cv_have_broken_dirname" >&5
5258echo "${ECHO_T}$ac_cv_have_broken_dirname" >&6 5478echo "${ECHO_T}$ac_cv_have_broken_dirname" >&6
5259 if test "x$ac_cv_have_broken_dirname" = "xno" ; then 5479 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
5260 LIBS="$LIBS -lgen" 5480 LIBS="$LIBS -lgen"
@@ -5265,23 +5485,23 @@ EOF
5265for ac_header in libgen.h 5485for ac_header in libgen.h
5266do 5486do
5267as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` 5487as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
5268echo "$as_me:5268: checking for $ac_header" >&5 5488echo "$as_me:5488: checking for $ac_header" >&5
5269echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 5489echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
5270if eval "test \"\${$as_ac_Header+set}\" = set"; then 5490if eval "test \"\${$as_ac_Header+set}\" = set"; then
5271 echo $ECHO_N "(cached) $ECHO_C" >&6 5491 echo $ECHO_N "(cached) $ECHO_C" >&6
5272else 5492else
5273 cat >conftest.$ac_ext <<_ACEOF 5493 cat >conftest.$ac_ext <<_ACEOF
5274#line 5274 "configure" 5494#line 5494 "configure"
5275#include "confdefs.h" 5495#include "confdefs.h"
5276#include <$ac_header> 5496#include <$ac_header>
5277_ACEOF 5497_ACEOF
5278if { (eval echo "$as_me:5278: \"$ac_cpp conftest.$ac_ext\"") >&5 5498if { (eval echo "$as_me:5498: \"$ac_cpp conftest.$ac_ext\"") >&5
5279 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 5499 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
5280 ac_status=$? 5500 ac_status=$?
5281 egrep -v '^ *\+' conftest.er1 >conftest.err 5501 egrep -v '^ *\+' conftest.er1 >conftest.err
5282 rm -f conftest.er1 5502 rm -f conftest.er1
5283 cat conftest.err >&5 5503 cat conftest.err >&5
5284 echo "$as_me:5284: \$? = $ac_status" >&5 5504 echo "$as_me:5504: \$? = $ac_status" >&5
5285 (exit $ac_status); } >/dev/null; then 5505 (exit $ac_status); } >/dev/null; then
5286 if test -s conftest.err; then 5506 if test -s conftest.err; then
5287 ac_cpp_err=$ac_c_preproc_warn_flag 5507 ac_cpp_err=$ac_c_preproc_warn_flag
@@ -5300,7 +5520,7 @@ else
5300fi 5520fi
5301rm -f conftest.err conftest.$ac_ext 5521rm -f conftest.err conftest.$ac_ext
5302fi 5522fi
5303echo "$as_me:5303: result: `eval echo '${'$as_ac_Header'}'`" >&5 5523echo "$as_me:5523: result: `eval echo '${'$as_ac_Header'}'`" >&5
5304echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 5524echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
5305if test `eval echo '${'$as_ac_Header'}'` = yes; then 5525if test `eval echo '${'$as_ac_Header'}'` = yes; then
5306 cat >>confdefs.h <<EOF 5526 cat >>confdefs.h <<EOF
@@ -5317,13 +5537,13 @@ fi
5317fi 5537fi
5318done 5538done
5319 5539
5320echo "$as_me:5320: checking for getspnam" >&5 5540echo "$as_me:5540: checking for getspnam" >&5
5321echo $ECHO_N "checking for getspnam... $ECHO_C" >&6 5541echo $ECHO_N "checking for getspnam... $ECHO_C" >&6
5322if test "${ac_cv_func_getspnam+set}" = set; then 5542if test "${ac_cv_func_getspnam+set}" = set; then
5323 echo $ECHO_N "(cached) $ECHO_C" >&6 5543 echo $ECHO_N "(cached) $ECHO_C" >&6
5324else 5544else
5325 cat >conftest.$ac_ext <<_ACEOF 5545 cat >conftest.$ac_ext <<_ACEOF
5326#line 5326 "configure" 5546#line 5546 "configure"
5327#include "confdefs.h" 5547#include "confdefs.h"
5328/* System header to define __stub macros and hopefully few prototypes, 5548/* System header to define __stub macros and hopefully few prototypes,
5329 which can conflict with char getspnam (); below. */ 5549 which can conflict with char getspnam (); below. */
@@ -5354,16 +5574,16 @@ f = getspnam;
5354} 5574}
5355_ACEOF 5575_ACEOF
5356rm -f conftest.$ac_objext conftest$ac_exeext 5576rm -f conftest.$ac_objext conftest$ac_exeext
5357if { (eval echo "$as_me:5357: \"$ac_link\"") >&5 5577if { (eval echo "$as_me:5577: \"$ac_link\"") >&5
5358 (eval $ac_link) 2>&5 5578 (eval $ac_link) 2>&5
5359 ac_status=$? 5579 ac_status=$?
5360 echo "$as_me:5360: \$? = $ac_status" >&5 5580 echo "$as_me:5580: \$? = $ac_status" >&5
5361 (exit $ac_status); } && 5581 (exit $ac_status); } &&
5362 { ac_try='test -s conftest$ac_exeext' 5582 { ac_try='test -s conftest$ac_exeext'
5363 { (eval echo "$as_me:5363: \"$ac_try\"") >&5 5583 { (eval echo "$as_me:5583: \"$ac_try\"") >&5
5364 (eval $ac_try) 2>&5 5584 (eval $ac_try) 2>&5
5365 ac_status=$? 5585 ac_status=$?
5366 echo "$as_me:5366: \$? = $ac_status" >&5 5586 echo "$as_me:5586: \$? = $ac_status" >&5
5367 (exit $ac_status); }; }; then 5587 (exit $ac_status); }; }; then
5368 ac_cv_func_getspnam=yes 5588 ac_cv_func_getspnam=yes
5369else 5589else
@@ -5373,12 +5593,12 @@ ac_cv_func_getspnam=no
5373fi 5593fi
5374rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 5594rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
5375fi 5595fi
5376echo "$as_me:5376: result: $ac_cv_func_getspnam" >&5 5596echo "$as_me:5596: result: $ac_cv_func_getspnam" >&5
5377echo "${ECHO_T}$ac_cv_func_getspnam" >&6 5597echo "${ECHO_T}$ac_cv_func_getspnam" >&6
5378if test $ac_cv_func_getspnam = yes; then 5598if test $ac_cv_func_getspnam = yes; then
5379 : 5599 :
5380else 5600else
5381 echo "$as_me:5381: checking for getspnam in -lgen" >&5 5601 echo "$as_me:5601: checking for getspnam in -lgen" >&5
5382echo $ECHO_N "checking for getspnam in -lgen... $ECHO_C" >&6 5602echo $ECHO_N "checking for getspnam in -lgen... $ECHO_C" >&6
5383if test "${ac_cv_lib_gen_getspnam+set}" = set; then 5603if test "${ac_cv_lib_gen_getspnam+set}" = set; then
5384 echo $ECHO_N "(cached) $ECHO_C" >&6 5604 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -5386,7 +5606,7 @@ else
5386 ac_check_lib_save_LIBS=$LIBS 5606 ac_check_lib_save_LIBS=$LIBS
5387LIBS="-lgen $LIBS" 5607LIBS="-lgen $LIBS"
5388cat >conftest.$ac_ext <<_ACEOF 5608cat >conftest.$ac_ext <<_ACEOF
5389#line 5389 "configure" 5609#line 5609 "configure"
5390#include "confdefs.h" 5610#include "confdefs.h"
5391 5611
5392/* Override any gcc2 internal prototype to avoid an error. */ 5612/* Override any gcc2 internal prototype to avoid an error. */
@@ -5405,16 +5625,16 @@ getspnam ();
5405} 5625}
5406_ACEOF 5626_ACEOF
5407rm -f conftest.$ac_objext conftest$ac_exeext 5627rm -f conftest.$ac_objext conftest$ac_exeext
5408if { (eval echo "$as_me:5408: \"$ac_link\"") >&5 5628if { (eval echo "$as_me:5628: \"$ac_link\"") >&5
5409 (eval $ac_link) 2>&5 5629 (eval $ac_link) 2>&5
5410 ac_status=$? 5630 ac_status=$?
5411 echo "$as_me:5411: \$? = $ac_status" >&5 5631 echo "$as_me:5631: \$? = $ac_status" >&5
5412 (exit $ac_status); } && 5632 (exit $ac_status); } &&
5413 { ac_try='test -s conftest$ac_exeext' 5633 { ac_try='test -s conftest$ac_exeext'
5414 { (eval echo "$as_me:5414: \"$ac_try\"") >&5 5634 { (eval echo "$as_me:5634: \"$ac_try\"") >&5
5415 (eval $ac_try) 2>&5 5635 (eval $ac_try) 2>&5
5416 ac_status=$? 5636 ac_status=$?
5417 echo "$as_me:5417: \$? = $ac_status" >&5 5637 echo "$as_me:5637: \$? = $ac_status" >&5
5418 (exit $ac_status); }; }; then 5638 (exit $ac_status); }; }; then
5419 ac_cv_lib_gen_getspnam=yes 5639 ac_cv_lib_gen_getspnam=yes
5420else 5640else
@@ -5425,7 +5645,7 @@ fi
5425rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 5645rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
5426LIBS=$ac_check_lib_save_LIBS 5646LIBS=$ac_check_lib_save_LIBS
5427fi 5647fi
5428echo "$as_me:5428: result: $ac_cv_lib_gen_getspnam" >&5 5648echo "$as_me:5648: result: $ac_cv_lib_gen_getspnam" >&5
5429echo "${ECHO_T}$ac_cv_lib_gen_getspnam" >&6 5649echo "${ECHO_T}$ac_cv_lib_gen_getspnam" >&6
5430if test $ac_cv_lib_gen_getspnam = yes; then 5650if test $ac_cv_lib_gen_getspnam = yes; then
5431 LIBS="$LIBS -lgen" 5651 LIBS="$LIBS -lgen"
@@ -5433,7 +5653,7 @@ fi
5433 5653
5434fi 5654fi
5435 5655
5436echo "$as_me:5436: checking for library containing basename" >&5 5656echo "$as_me:5656: checking for library containing basename" >&5
5437echo $ECHO_N "checking for library containing basename... $ECHO_C" >&6 5657echo $ECHO_N "checking for library containing basename... $ECHO_C" >&6
5438if test "${ac_cv_search_basename+set}" = set; then 5658if test "${ac_cv_search_basename+set}" = set; then
5439 echo $ECHO_N "(cached) $ECHO_C" >&6 5659 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -5441,7 +5661,7 @@ else
5441 ac_func_search_save_LIBS=$LIBS 5661 ac_func_search_save_LIBS=$LIBS
5442ac_cv_search_basename=no 5662ac_cv_search_basename=no
5443cat >conftest.$ac_ext <<_ACEOF 5663cat >conftest.$ac_ext <<_ACEOF
5444#line 5444 "configure" 5664#line 5664 "configure"
5445#include "confdefs.h" 5665#include "confdefs.h"
5446 5666
5447/* Override any gcc2 internal prototype to avoid an error. */ 5667/* Override any gcc2 internal prototype to avoid an error. */
@@ -5460,16 +5680,16 @@ basename ();
5460} 5680}
5461_ACEOF 5681_ACEOF
5462rm -f conftest.$ac_objext conftest$ac_exeext 5682rm -f conftest.$ac_objext conftest$ac_exeext
5463if { (eval echo "$as_me:5463: \"$ac_link\"") >&5 5683if { (eval echo "$as_me:5683: \"$ac_link\"") >&5
5464 (eval $ac_link) 2>&5 5684 (eval $ac_link) 2>&5
5465 ac_status=$? 5685 ac_status=$?
5466 echo "$as_me:5466: \$? = $ac_status" >&5 5686 echo "$as_me:5686: \$? = $ac_status" >&5
5467 (exit $ac_status); } && 5687 (exit $ac_status); } &&
5468 { ac_try='test -s conftest$ac_exeext' 5688 { ac_try='test -s conftest$ac_exeext'
5469 { (eval echo "$as_me:5469: \"$ac_try\"") >&5 5689 { (eval echo "$as_me:5689: \"$ac_try\"") >&5
5470 (eval $ac_try) 2>&5 5690 (eval $ac_try) 2>&5
5471 ac_status=$? 5691 ac_status=$?
5472 echo "$as_me:5472: \$? = $ac_status" >&5 5692 echo "$as_me:5692: \$? = $ac_status" >&5
5473 (exit $ac_status); }; }; then 5693 (exit $ac_status); }; }; then
5474 ac_cv_search_basename="none required" 5694 ac_cv_search_basename="none required"
5475else 5695else
@@ -5481,7 +5701,7 @@ if test "$ac_cv_search_basename" = no; then
5481 for ac_lib in gen; do 5701 for ac_lib in gen; do
5482 LIBS="-l$ac_lib $ac_func_search_save_LIBS" 5702 LIBS="-l$ac_lib $ac_func_search_save_LIBS"
5483 cat >conftest.$ac_ext <<_ACEOF 5703 cat >conftest.$ac_ext <<_ACEOF
5484#line 5484 "configure" 5704#line 5704 "configure"
5485#include "confdefs.h" 5705#include "confdefs.h"
5486 5706
5487/* Override any gcc2 internal prototype to avoid an error. */ 5707/* Override any gcc2 internal prototype to avoid an error. */
@@ -5500,16 +5720,16 @@ basename ();
5500} 5720}
5501_ACEOF 5721_ACEOF
5502rm -f conftest.$ac_objext conftest$ac_exeext 5722rm -f conftest.$ac_objext conftest$ac_exeext
5503if { (eval echo "$as_me:5503: \"$ac_link\"") >&5 5723if { (eval echo "$as_me:5723: \"$ac_link\"") >&5
5504 (eval $ac_link) 2>&5 5724 (eval $ac_link) 2>&5
5505 ac_status=$? 5725 ac_status=$?
5506 echo "$as_me:5506: \$? = $ac_status" >&5 5726 echo "$as_me:5726: \$? = $ac_status" >&5
5507 (exit $ac_status); } && 5727 (exit $ac_status); } &&
5508 { ac_try='test -s conftest$ac_exeext' 5728 { ac_try='test -s conftest$ac_exeext'
5509 { (eval echo "$as_me:5509: \"$ac_try\"") >&5 5729 { (eval echo "$as_me:5729: \"$ac_try\"") >&5
5510 (eval $ac_try) 2>&5 5730 (eval $ac_try) 2>&5
5511 ac_status=$? 5731 ac_status=$?
5512 echo "$as_me:5512: \$? = $ac_status" >&5 5732 echo "$as_me:5732: \$? = $ac_status" >&5
5513 (exit $ac_status); }; }; then 5733 (exit $ac_status); }; }; then
5514 ac_cv_search_basename="-l$ac_lib" 5734 ac_cv_search_basename="-l$ac_lib"
5515break 5735break
@@ -5522,7 +5742,7 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
5522fi 5742fi
5523LIBS=$ac_func_search_save_LIBS 5743LIBS=$ac_func_search_save_LIBS
5524fi 5744fi
5525echo "$as_me:5525: result: $ac_cv_search_basename" >&5 5745echo "$as_me:5745: result: $ac_cv_search_basename" >&5
5526echo "${ECHO_T}$ac_cv_search_basename" >&6 5746echo "${ECHO_T}$ac_cv_search_basename" >&6
5527if test "$ac_cv_search_basename" != no; then 5747if test "$ac_cv_search_basename" != no; then
5528 test "$ac_cv_search_basename" = "none required" || LIBS="$ac_cv_search_basename $LIBS" 5748 test "$ac_cv_search_basename" = "none required" || LIBS="$ac_cv_search_basename $LIBS"
@@ -5532,25 +5752,12 @@ EOF
5532 5752
5533fi 5753fi
5534 5754
5535# Check whether --with-rpath or --without-rpath was given.
5536if test "${with_rpath+set}" = set; then
5537 withval="$with_rpath"
5538
5539 if test "x$withval" = "xno" ; then
5540 need_dash_r=""
5541 fi
5542 if test "x$withval" = "xyes" ; then
5543 need_dash_r=1
5544 fi
5545
5546fi;
5547
5548# Check whether --with-zlib or --without-zlib was given. 5755# Check whether --with-zlib or --without-zlib was given.
5549if test "${with_zlib+set}" = set; then 5756if test "${with_zlib+set}" = set; then
5550 withval="$with_zlib" 5757 withval="$with_zlib"
5551 5758
5552 if test "x$withval" = "xno" ; then 5759 if test "x$withval" = "xno" ; then
5553 { { echo "$as_me:5553: error: *** zlib is required ***" >&5 5760 { { echo "$as_me:5760: error: *** zlib is required ***" >&5
5554echo "$as_me: error: *** zlib is required ***" >&2;} 5761echo "$as_me: error: *** zlib is required ***" >&2;}
5555 { (exit 1); exit 1; }; } 5762 { (exit 1); exit 1; }; }
5556 fi 5763 fi
@@ -5575,7 +5782,7 @@ echo "$as_me: error: *** zlib is required ***" >&2;}
5575 5782
5576fi; 5783fi;
5577 5784
5578echo "$as_me:5578: checking for deflate in -lz" >&5 5785echo "$as_me:5785: checking for deflate in -lz" >&5
5579echo $ECHO_N "checking for deflate in -lz... $ECHO_C" >&6 5786echo $ECHO_N "checking for deflate in -lz... $ECHO_C" >&6
5580if test "${ac_cv_lib_z_deflate+set}" = set; then 5787if test "${ac_cv_lib_z_deflate+set}" = set; then
5581 echo $ECHO_N "(cached) $ECHO_C" >&6 5788 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -5583,7 +5790,7 @@ else
5583 ac_check_lib_save_LIBS=$LIBS 5790 ac_check_lib_save_LIBS=$LIBS
5584LIBS="-lz $LIBS" 5791LIBS="-lz $LIBS"
5585cat >conftest.$ac_ext <<_ACEOF 5792cat >conftest.$ac_ext <<_ACEOF
5586#line 5586 "configure" 5793#line 5793 "configure"
5587#include "confdefs.h" 5794#include "confdefs.h"
5588 5795
5589/* Override any gcc2 internal prototype to avoid an error. */ 5796/* Override any gcc2 internal prototype to avoid an error. */
@@ -5602,16 +5809,16 @@ deflate ();
5602} 5809}
5603_ACEOF 5810_ACEOF
5604rm -f conftest.$ac_objext conftest$ac_exeext 5811rm -f conftest.$ac_objext conftest$ac_exeext
5605if { (eval echo "$as_me:5605: \"$ac_link\"") >&5 5812if { (eval echo "$as_me:5812: \"$ac_link\"") >&5
5606 (eval $ac_link) 2>&5 5813 (eval $ac_link) 2>&5
5607 ac_status=$? 5814 ac_status=$?
5608 echo "$as_me:5608: \$? = $ac_status" >&5 5815 echo "$as_me:5815: \$? = $ac_status" >&5
5609 (exit $ac_status); } && 5816 (exit $ac_status); } &&
5610 { ac_try='test -s conftest$ac_exeext' 5817 { ac_try='test -s conftest$ac_exeext'
5611 { (eval echo "$as_me:5611: \"$ac_try\"") >&5 5818 { (eval echo "$as_me:5818: \"$ac_try\"") >&5
5612 (eval $ac_try) 2>&5 5819 (eval $ac_try) 2>&5
5613 ac_status=$? 5820 ac_status=$?
5614 echo "$as_me:5614: \$? = $ac_status" >&5 5821 echo "$as_me:5821: \$? = $ac_status" >&5
5615 (exit $ac_status); }; }; then 5822 (exit $ac_status); }; }; then
5616 ac_cv_lib_z_deflate=yes 5823 ac_cv_lib_z_deflate=yes
5617else 5824else
@@ -5622,7 +5829,7 @@ fi
5622rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 5829rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
5623LIBS=$ac_check_lib_save_LIBS 5830LIBS=$ac_check_lib_save_LIBS
5624fi 5831fi
5625echo "$as_me:5625: result: $ac_cv_lib_z_deflate" >&5 5832echo "$as_me:5832: result: $ac_cv_lib_z_deflate" >&5
5626echo "${ECHO_T}$ac_cv_lib_z_deflate" >&6 5833echo "${ECHO_T}$ac_cv_lib_z_deflate" >&6
5627if test $ac_cv_lib_z_deflate = yes; then 5834if test $ac_cv_lib_z_deflate = yes; then
5628 cat >>confdefs.h <<EOF 5835 cat >>confdefs.h <<EOF
@@ -5632,18 +5839,192 @@ EOF
5632 LIBS="-lz $LIBS" 5839 LIBS="-lz $LIBS"
5633 5840
5634else 5841else
5635 { { echo "$as_me:5635: error: *** zlib missing - please install first or check config.log ***" >&5 5842
5843 saved_CPPFLAGS="$CPPFLAGS"
5844 saved_LDFLAGS="$LDFLAGS"
5845 save_LIBS="$LIBS"
5846 if test -n "${need_dash_r}"; then
5847 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
5848 else
5849 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
5850 fi
5851 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
5852 LIBS="$LIBS -lz"
5853 cat >conftest.$ac_ext <<_ACEOF
5854#line 5854 "configure"
5855#include "confdefs.h"
5856
5857/* Override any gcc2 internal prototype to avoid an error. */
5858#ifdef __cplusplus
5859extern "C"
5860#endif
5861/* We use char because int might match the return type of a gcc2
5862 builtin and then its argument prototype would still apply. */
5863char deflate ();
5864int
5865main ()
5866{
5867deflate ();
5868 ;
5869 return 0;
5870}
5871_ACEOF
5872rm -f conftest.$ac_objext conftest$ac_exeext
5873if { (eval echo "$as_me:5873: \"$ac_link\"") >&5
5874 (eval $ac_link) 2>&5
5875 ac_status=$?
5876 echo "$as_me:5876: \$? = $ac_status" >&5
5877 (exit $ac_status); } &&
5878 { ac_try='test -s conftest$ac_exeext'
5879 { (eval echo "$as_me:5879: \"$ac_try\"") >&5
5880 (eval $ac_try) 2>&5
5881 ac_status=$?
5882 echo "$as_me:5882: \$? = $ac_status" >&5
5883 (exit $ac_status); }; }; then
5884 cat >>confdefs.h <<\EOF
5885#define HAVE_LIBZ 1
5886EOF
5887
5888else
5889 echo "$as_me: failed program was:" >&5
5890cat conftest.$ac_ext >&5
5891
5892 { { echo "$as_me:5892: error: *** zlib missing - please install first or check config.log ***" >&5
5636echo "$as_me: error: *** zlib missing - please install first or check config.log ***" >&2;} 5893echo "$as_me: error: *** zlib missing - please install first or check config.log ***" >&2;}
5637 { (exit 1); exit 1; }; } 5894 { (exit 1); exit 1; }; }
5895
5896fi
5897rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
5898
5899fi
5900
5901echo "$as_me:5901: checking for zlib.h" >&5
5902echo $ECHO_N "checking for zlib.h... $ECHO_C" >&6
5903if test "${ac_cv_header_zlib_h+set}" = set; then
5904 echo $ECHO_N "(cached) $ECHO_C" >&6
5905else
5906 cat >conftest.$ac_ext <<_ACEOF
5907#line 5907 "configure"
5908#include "confdefs.h"
5909#include <zlib.h>
5910_ACEOF
5911if { (eval echo "$as_me:5911: \"$ac_cpp conftest.$ac_ext\"") >&5
5912 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
5913 ac_status=$?
5914 egrep -v '^ *\+' conftest.er1 >conftest.err
5915 rm -f conftest.er1
5916 cat conftest.err >&5
5917 echo "$as_me:5917: \$? = $ac_status" >&5
5918 (exit $ac_status); } >/dev/null; then
5919 if test -s conftest.err; then
5920 ac_cpp_err=$ac_c_preproc_warn_flag
5921 else
5922 ac_cpp_err=
5923 fi
5924else
5925 ac_cpp_err=yes
5926fi
5927if test -z "$ac_cpp_err"; then
5928 ac_cv_header_zlib_h=yes
5929else
5930 echo "$as_me: failed program was:" >&5
5931 cat conftest.$ac_ext >&5
5932 ac_cv_header_zlib_h=no
5933fi
5934rm -f conftest.err conftest.$ac_ext
5935fi
5936echo "$as_me:5936: result: $ac_cv_header_zlib_h" >&5
5937echo "${ECHO_T}$ac_cv_header_zlib_h" >&6
5938if test $ac_cv_header_zlib_h = yes; then
5939 :
5940else
5941 { { echo "$as_me:5941: error: *** zlib.h missing - please install first or check config.log ***" >&5
5942echo "$as_me: error: *** zlib.h missing - please install first or check config.log ***" >&2;}
5943 { (exit 1); exit 1; }; }
5944fi
5945
5946# Check whether --with-zlib-version-check or --without-zlib-version-check was given.
5947if test "${with_zlib_version_check+set}" = set; then
5948 withval="$with_zlib_version_check"
5949 if test "x$withval" = "xno" ; then
5950 zlib_check_nonfatal=1
5951 fi
5952
5953fi;
5954
5955echo "$as_me:5955: checking for zlib 1.1.4 or greater" >&5
5956echo $ECHO_N "checking for zlib 1.1.4 or greater... $ECHO_C" >&6
5957if test "$cross_compiling" = yes; then
5958 { { echo "$as_me:5958: error: cannot run test program while cross compiling" >&5
5959echo "$as_me: error: cannot run test program while cross compiling" >&2;}
5960 { (exit 1); exit 1; }; }
5961else
5962 cat >conftest.$ac_ext <<_ACEOF
5963#line 5963 "configure"
5964#include "confdefs.h"
5965
5966#include <zlib.h>
5967int main()
5968{
5969 int a, b, c, v;
5970 if (sscanf(ZLIB_VERSION, "%d.%d.%d", &a, &b, &c) != 3)
5971 exit(1);
5972 v = a*1000000 + b*1000 + c;
5973 if (v >= 1001004)
5974 exit(0);
5975 exit(2);
5976}
5977
5978_ACEOF
5979rm -f conftest$ac_exeext
5980if { (eval echo "$as_me:5980: \"$ac_link\"") >&5
5981 (eval $ac_link) 2>&5
5982 ac_status=$?
5983 echo "$as_me:5983: \$? = $ac_status" >&5
5984 (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
5985 { (eval echo "$as_me:5985: \"$ac_try\"") >&5
5986 (eval $ac_try) 2>&5
5987 ac_status=$?
5988 echo "$as_me:5988: \$? = $ac_status" >&5
5989 (exit $ac_status); }; }; then
5990 echo "$as_me:5990: result: yes" >&5
5991echo "${ECHO_T}yes" >&6
5992else
5993 echo "$as_me: program exited with status $ac_status" >&5
5994echo "$as_me: failed program was:" >&5
5995cat conftest.$ac_ext >&5
5996 echo "$as_me:5996: result: no" >&5
5997echo "${ECHO_T}no" >&6
5998 if test -z "$zlib_check_nonfatal" ; then
5999 { { echo "$as_me:5999: error: *** zlib too old - check config.log ***
6000Your reported zlib version has known security problems. It's possible your
6001vendor has fixed these problems without changing the version number. If you
6002are sure this is the case, you can disable the check by running
6003\"./configure --without-zlib-version-check\".
6004If you are in doubt, upgrade zlib to version 1.1.4 or greater." >&5
6005echo "$as_me: error: *** zlib too old - check config.log ***
6006Your reported zlib version has known security problems. It's possible your
6007vendor has fixed these problems without changing the version number. If you
6008are sure this is the case, you can disable the check by running
6009\"./configure --without-zlib-version-check\".
6010If you are in doubt, upgrade zlib to version 1.1.4 or greater." >&2;}
6011 { (exit 1); exit 1; }; }
6012 else
6013 { echo "$as_me:6013: WARNING: zlib version may have security problems" >&5
6014echo "$as_me: WARNING: zlib version may have security problems" >&2;}
6015 fi
6016
6017fi
6018rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
5638fi 6019fi
5639 6020
5640echo "$as_me:5640: checking for strcasecmp" >&5 6021echo "$as_me:6021: checking for strcasecmp" >&5
5641echo $ECHO_N "checking for strcasecmp... $ECHO_C" >&6 6022echo $ECHO_N "checking for strcasecmp... $ECHO_C" >&6
5642if test "${ac_cv_func_strcasecmp+set}" = set; then 6023if test "${ac_cv_func_strcasecmp+set}" = set; then
5643 echo $ECHO_N "(cached) $ECHO_C" >&6 6024 echo $ECHO_N "(cached) $ECHO_C" >&6
5644else 6025else
5645 cat >conftest.$ac_ext <<_ACEOF 6026 cat >conftest.$ac_ext <<_ACEOF
5646#line 5646 "configure" 6027#line 6027 "configure"
5647#include "confdefs.h" 6028#include "confdefs.h"
5648/* System header to define __stub macros and hopefully few prototypes, 6029/* System header to define __stub macros and hopefully few prototypes,
5649 which can conflict with char strcasecmp (); below. */ 6030 which can conflict with char strcasecmp (); below. */
@@ -5674,16 +6055,16 @@ f = strcasecmp;
5674} 6055}
5675_ACEOF 6056_ACEOF
5676rm -f conftest.$ac_objext conftest$ac_exeext 6057rm -f conftest.$ac_objext conftest$ac_exeext
5677if { (eval echo "$as_me:5677: \"$ac_link\"") >&5 6058if { (eval echo "$as_me:6058: \"$ac_link\"") >&5
5678 (eval $ac_link) 2>&5 6059 (eval $ac_link) 2>&5
5679 ac_status=$? 6060 ac_status=$?
5680 echo "$as_me:5680: \$? = $ac_status" >&5 6061 echo "$as_me:6061: \$? = $ac_status" >&5
5681 (exit $ac_status); } && 6062 (exit $ac_status); } &&
5682 { ac_try='test -s conftest$ac_exeext' 6063 { ac_try='test -s conftest$ac_exeext'
5683 { (eval echo "$as_me:5683: \"$ac_try\"") >&5 6064 { (eval echo "$as_me:6064: \"$ac_try\"") >&5
5684 (eval $ac_try) 2>&5 6065 (eval $ac_try) 2>&5
5685 ac_status=$? 6066 ac_status=$?
5686 echo "$as_me:5686: \$? = $ac_status" >&5 6067 echo "$as_me:6067: \$? = $ac_status" >&5
5687 (exit $ac_status); }; }; then 6068 (exit $ac_status); }; }; then
5688 ac_cv_func_strcasecmp=yes 6069 ac_cv_func_strcasecmp=yes
5689else 6070else
@@ -5693,12 +6074,12 @@ ac_cv_func_strcasecmp=no
5693fi 6074fi
5694rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 6075rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
5695fi 6076fi
5696echo "$as_me:5696: result: $ac_cv_func_strcasecmp" >&5 6077echo "$as_me:6077: result: $ac_cv_func_strcasecmp" >&5
5697echo "${ECHO_T}$ac_cv_func_strcasecmp" >&6 6078echo "${ECHO_T}$ac_cv_func_strcasecmp" >&6
5698if test $ac_cv_func_strcasecmp = yes; then 6079if test $ac_cv_func_strcasecmp = yes; then
5699 : 6080 :
5700else 6081else
5701 echo "$as_me:5701: checking for strcasecmp in -lresolv" >&5 6082 echo "$as_me:6082: checking for strcasecmp in -lresolv" >&5
5702echo $ECHO_N "checking for strcasecmp in -lresolv... $ECHO_C" >&6 6083echo $ECHO_N "checking for strcasecmp in -lresolv... $ECHO_C" >&6
5703if test "${ac_cv_lib_resolv_strcasecmp+set}" = set; then 6084if test "${ac_cv_lib_resolv_strcasecmp+set}" = set; then
5704 echo $ECHO_N "(cached) $ECHO_C" >&6 6085 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -5706,7 +6087,7 @@ else
5706 ac_check_lib_save_LIBS=$LIBS 6087 ac_check_lib_save_LIBS=$LIBS
5707LIBS="-lresolv $LIBS" 6088LIBS="-lresolv $LIBS"
5708cat >conftest.$ac_ext <<_ACEOF 6089cat >conftest.$ac_ext <<_ACEOF
5709#line 5709 "configure" 6090#line 6090 "configure"
5710#include "confdefs.h" 6091#include "confdefs.h"
5711 6092
5712/* Override any gcc2 internal prototype to avoid an error. */ 6093/* Override any gcc2 internal prototype to avoid an error. */
@@ -5725,16 +6106,16 @@ strcasecmp ();
5725} 6106}
5726_ACEOF 6107_ACEOF
5727rm -f conftest.$ac_objext conftest$ac_exeext 6108rm -f conftest.$ac_objext conftest$ac_exeext
5728if { (eval echo "$as_me:5728: \"$ac_link\"") >&5 6109if { (eval echo "$as_me:6109: \"$ac_link\"") >&5
5729 (eval $ac_link) 2>&5 6110 (eval $ac_link) 2>&5
5730 ac_status=$? 6111 ac_status=$?
5731 echo "$as_me:5731: \$? = $ac_status" >&5 6112 echo "$as_me:6112: \$? = $ac_status" >&5
5732 (exit $ac_status); } && 6113 (exit $ac_status); } &&
5733 { ac_try='test -s conftest$ac_exeext' 6114 { ac_try='test -s conftest$ac_exeext'
5734 { (eval echo "$as_me:5734: \"$ac_try\"") >&5 6115 { (eval echo "$as_me:6115: \"$ac_try\"") >&5
5735 (eval $ac_try) 2>&5 6116 (eval $ac_try) 2>&5
5736 ac_status=$? 6117 ac_status=$?
5737 echo "$as_me:5737: \$? = $ac_status" >&5 6118 echo "$as_me:6118: \$? = $ac_status" >&5
5738 (exit $ac_status); }; }; then 6119 (exit $ac_status); }; }; then
5739 ac_cv_lib_resolv_strcasecmp=yes 6120 ac_cv_lib_resolv_strcasecmp=yes
5740else 6121else
@@ -5745,7 +6126,7 @@ fi
5745rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 6126rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
5746LIBS=$ac_check_lib_save_LIBS 6127LIBS=$ac_check_lib_save_LIBS
5747fi 6128fi
5748echo "$as_me:5748: result: $ac_cv_lib_resolv_strcasecmp" >&5 6129echo "$as_me:6129: result: $ac_cv_lib_resolv_strcasecmp" >&5
5749echo "${ECHO_T}$ac_cv_lib_resolv_strcasecmp" >&6 6130echo "${ECHO_T}$ac_cv_lib_resolv_strcasecmp" >&6
5750if test $ac_cv_lib_resolv_strcasecmp = yes; then 6131if test $ac_cv_lib_resolv_strcasecmp = yes; then
5751 LIBS="$LIBS -lresolv" 6132 LIBS="$LIBS -lresolv"
@@ -5753,13 +6134,13 @@ fi
5753 6134
5754fi 6135fi
5755 6136
5756echo "$as_me:5756: checking for utimes" >&5 6137echo "$as_me:6137: checking for utimes" >&5
5757echo $ECHO_N "checking for utimes... $ECHO_C" >&6 6138echo $ECHO_N "checking for utimes... $ECHO_C" >&6
5758if test "${ac_cv_func_utimes+set}" = set; then 6139if test "${ac_cv_func_utimes+set}" = set; then
5759 echo $ECHO_N "(cached) $ECHO_C" >&6 6140 echo $ECHO_N "(cached) $ECHO_C" >&6
5760else 6141else
5761 cat >conftest.$ac_ext <<_ACEOF 6142 cat >conftest.$ac_ext <<_ACEOF
5762#line 5762 "configure" 6143#line 6143 "configure"
5763#include "confdefs.h" 6144#include "confdefs.h"
5764/* System header to define __stub macros and hopefully few prototypes, 6145/* System header to define __stub macros and hopefully few prototypes,
5765 which can conflict with char utimes (); below. */ 6146 which can conflict with char utimes (); below. */
@@ -5790,16 +6171,16 @@ f = utimes;
5790} 6171}
5791_ACEOF 6172_ACEOF
5792rm -f conftest.$ac_objext conftest$ac_exeext 6173rm -f conftest.$ac_objext conftest$ac_exeext
5793if { (eval echo "$as_me:5793: \"$ac_link\"") >&5 6174if { (eval echo "$as_me:6174: \"$ac_link\"") >&5
5794 (eval $ac_link) 2>&5 6175 (eval $ac_link) 2>&5
5795 ac_status=$? 6176 ac_status=$?
5796 echo "$as_me:5796: \$? = $ac_status" >&5 6177 echo "$as_me:6177: \$? = $ac_status" >&5
5797 (exit $ac_status); } && 6178 (exit $ac_status); } &&
5798 { ac_try='test -s conftest$ac_exeext' 6179 { ac_try='test -s conftest$ac_exeext'
5799 { (eval echo "$as_me:5799: \"$ac_try\"") >&5 6180 { (eval echo "$as_me:6180: \"$ac_try\"") >&5
5800 (eval $ac_try) 2>&5 6181 (eval $ac_try) 2>&5
5801 ac_status=$? 6182 ac_status=$?
5802 echo "$as_me:5802: \$? = $ac_status" >&5 6183 echo "$as_me:6183: \$? = $ac_status" >&5
5803 (exit $ac_status); }; }; then 6184 (exit $ac_status); }; }; then
5804 ac_cv_func_utimes=yes 6185 ac_cv_func_utimes=yes
5805else 6186else
@@ -5809,12 +6190,12 @@ ac_cv_func_utimes=no
5809fi 6190fi
5810rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 6191rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
5811fi 6192fi
5812echo "$as_me:5812: result: $ac_cv_func_utimes" >&5 6193echo "$as_me:6193: result: $ac_cv_func_utimes" >&5
5813echo "${ECHO_T}$ac_cv_func_utimes" >&6 6194echo "${ECHO_T}$ac_cv_func_utimes" >&6
5814if test $ac_cv_func_utimes = yes; then 6195if test $ac_cv_func_utimes = yes; then
5815 : 6196 :
5816else 6197else
5817 echo "$as_me:5817: checking for utimes in -lc89" >&5 6198 echo "$as_me:6198: checking for utimes in -lc89" >&5
5818echo $ECHO_N "checking for utimes in -lc89... $ECHO_C" >&6 6199echo $ECHO_N "checking for utimes in -lc89... $ECHO_C" >&6
5819if test "${ac_cv_lib_c89_utimes+set}" = set; then 6200if test "${ac_cv_lib_c89_utimes+set}" = set; then
5820 echo $ECHO_N "(cached) $ECHO_C" >&6 6201 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -5822,7 +6203,7 @@ else
5822 ac_check_lib_save_LIBS=$LIBS 6203 ac_check_lib_save_LIBS=$LIBS
5823LIBS="-lc89 $LIBS" 6204LIBS="-lc89 $LIBS"
5824cat >conftest.$ac_ext <<_ACEOF 6205cat >conftest.$ac_ext <<_ACEOF
5825#line 5825 "configure" 6206#line 6206 "configure"
5826#include "confdefs.h" 6207#include "confdefs.h"
5827 6208
5828/* Override any gcc2 internal prototype to avoid an error. */ 6209/* Override any gcc2 internal prototype to avoid an error. */
@@ -5841,16 +6222,16 @@ utimes ();
5841} 6222}
5842_ACEOF 6223_ACEOF
5843rm -f conftest.$ac_objext conftest$ac_exeext 6224rm -f conftest.$ac_objext conftest$ac_exeext
5844if { (eval echo "$as_me:5844: \"$ac_link\"") >&5 6225if { (eval echo "$as_me:6225: \"$ac_link\"") >&5
5845 (eval $ac_link) 2>&5 6226 (eval $ac_link) 2>&5
5846 ac_status=$? 6227 ac_status=$?
5847 echo "$as_me:5847: \$? = $ac_status" >&5 6228 echo "$as_me:6228: \$? = $ac_status" >&5
5848 (exit $ac_status); } && 6229 (exit $ac_status); } &&
5849 { ac_try='test -s conftest$ac_exeext' 6230 { ac_try='test -s conftest$ac_exeext'
5850 { (eval echo "$as_me:5850: \"$ac_try\"") >&5 6231 { (eval echo "$as_me:6231: \"$ac_try\"") >&5
5851 (eval $ac_try) 2>&5 6232 (eval $ac_try) 2>&5
5852 ac_status=$? 6233 ac_status=$?
5853 echo "$as_me:5853: \$? = $ac_status" >&5 6234 echo "$as_me:6234: \$? = $ac_status" >&5
5854 (exit $ac_status); }; }; then 6235 (exit $ac_status); }; }; then
5855 ac_cv_lib_c89_utimes=yes 6236 ac_cv_lib_c89_utimes=yes
5856else 6237else
@@ -5861,7 +6242,7 @@ fi
5861rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 6242rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
5862LIBS=$ac_check_lib_save_LIBS 6243LIBS=$ac_check_lib_save_LIBS
5863fi 6244fi
5864echo "$as_me:5864: result: $ac_cv_lib_c89_utimes" >&5 6245echo "$as_me:6245: result: $ac_cv_lib_c89_utimes" >&5
5865echo "${ECHO_T}$ac_cv_lib_c89_utimes" >&6 6246echo "${ECHO_T}$ac_cv_lib_c89_utimes" >&6
5866if test $ac_cv_lib_c89_utimes = yes; then 6247if test $ac_cv_lib_c89_utimes = yes; then
5867 cat >>confdefs.h <<\EOF 6248 cat >>confdefs.h <<\EOF
@@ -5876,23 +6257,23 @@ fi
5876for ac_header in libutil.h 6257for ac_header in libutil.h
5877do 6258do
5878as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` 6259as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
5879echo "$as_me:5879: checking for $ac_header" >&5 6260echo "$as_me:6260: checking for $ac_header" >&5
5880echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 6261echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
5881if eval "test \"\${$as_ac_Header+set}\" = set"; then 6262if eval "test \"\${$as_ac_Header+set}\" = set"; then
5882 echo $ECHO_N "(cached) $ECHO_C" >&6 6263 echo $ECHO_N "(cached) $ECHO_C" >&6
5883else 6264else
5884 cat >conftest.$ac_ext <<_ACEOF 6265 cat >conftest.$ac_ext <<_ACEOF
5885#line 5885 "configure" 6266#line 6266 "configure"
5886#include "confdefs.h" 6267#include "confdefs.h"
5887#include <$ac_header> 6268#include <$ac_header>
5888_ACEOF 6269_ACEOF
5889if { (eval echo "$as_me:5889: \"$ac_cpp conftest.$ac_ext\"") >&5 6270if { (eval echo "$as_me:6270: \"$ac_cpp conftest.$ac_ext\"") >&5
5890 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 6271 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
5891 ac_status=$? 6272 ac_status=$?
5892 egrep -v '^ *\+' conftest.er1 >conftest.err 6273 egrep -v '^ *\+' conftest.er1 >conftest.err
5893 rm -f conftest.er1 6274 rm -f conftest.er1
5894 cat conftest.err >&5 6275 cat conftest.err >&5
5895 echo "$as_me:5895: \$? = $ac_status" >&5 6276 echo "$as_me:6276: \$? = $ac_status" >&5
5896 (exit $ac_status); } >/dev/null; then 6277 (exit $ac_status); } >/dev/null; then
5897 if test -s conftest.err; then 6278 if test -s conftest.err; then
5898 ac_cpp_err=$ac_c_preproc_warn_flag 6279 ac_cpp_err=$ac_c_preproc_warn_flag
@@ -5911,7 +6292,7 @@ else
5911fi 6292fi
5912rm -f conftest.err conftest.$ac_ext 6293rm -f conftest.err conftest.$ac_ext
5913fi 6294fi
5914echo "$as_me:5914: result: `eval echo '${'$as_ac_Header'}'`" >&5 6295echo "$as_me:6295: result: `eval echo '${'$as_ac_Header'}'`" >&5
5915echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 6296echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
5916if test `eval echo '${'$as_ac_Header'}'` = yes; then 6297if test `eval echo '${'$as_ac_Header'}'` = yes; then
5917 cat >>confdefs.h <<EOF 6298 cat >>confdefs.h <<EOF
@@ -5921,7 +6302,7 @@ EOF
5921fi 6302fi
5922done 6303done
5923 6304
5924echo "$as_me:5924: checking for library containing login" >&5 6305echo "$as_me:6305: checking for library containing login" >&5
5925echo $ECHO_N "checking for library containing login... $ECHO_C" >&6 6306echo $ECHO_N "checking for library containing login... $ECHO_C" >&6
5926if test "${ac_cv_search_login+set}" = set; then 6307if test "${ac_cv_search_login+set}" = set; then
5927 echo $ECHO_N "(cached) $ECHO_C" >&6 6308 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -5929,7 +6310,7 @@ else
5929 ac_func_search_save_LIBS=$LIBS 6310 ac_func_search_save_LIBS=$LIBS
5930ac_cv_search_login=no 6311ac_cv_search_login=no
5931cat >conftest.$ac_ext <<_ACEOF 6312cat >conftest.$ac_ext <<_ACEOF
5932#line 5932 "configure" 6313#line 6313 "configure"
5933#include "confdefs.h" 6314#include "confdefs.h"
5934 6315
5935/* Override any gcc2 internal prototype to avoid an error. */ 6316/* Override any gcc2 internal prototype to avoid an error. */
@@ -5948,16 +6329,16 @@ login ();
5948} 6329}
5949_ACEOF 6330_ACEOF
5950rm -f conftest.$ac_objext conftest$ac_exeext 6331rm -f conftest.$ac_objext conftest$ac_exeext
5951if { (eval echo "$as_me:5951: \"$ac_link\"") >&5 6332if { (eval echo "$as_me:6332: \"$ac_link\"") >&5
5952 (eval $ac_link) 2>&5 6333 (eval $ac_link) 2>&5
5953 ac_status=$? 6334 ac_status=$?
5954 echo "$as_me:5954: \$? = $ac_status" >&5 6335 echo "$as_me:6335: \$? = $ac_status" >&5
5955 (exit $ac_status); } && 6336 (exit $ac_status); } &&
5956 { ac_try='test -s conftest$ac_exeext' 6337 { ac_try='test -s conftest$ac_exeext'
5957 { (eval echo "$as_me:5957: \"$ac_try\"") >&5 6338 { (eval echo "$as_me:6338: \"$ac_try\"") >&5
5958 (eval $ac_try) 2>&5 6339 (eval $ac_try) 2>&5
5959 ac_status=$? 6340 ac_status=$?
5960 echo "$as_me:5960: \$? = $ac_status" >&5 6341 echo "$as_me:6341: \$? = $ac_status" >&5
5961 (exit $ac_status); }; }; then 6342 (exit $ac_status); }; }; then
5962 ac_cv_search_login="none required" 6343 ac_cv_search_login="none required"
5963else 6344else
@@ -5969,7 +6350,7 @@ if test "$ac_cv_search_login" = no; then
5969 for ac_lib in util bsd; do 6350 for ac_lib in util bsd; do
5970 LIBS="-l$ac_lib $ac_func_search_save_LIBS" 6351 LIBS="-l$ac_lib $ac_func_search_save_LIBS"
5971 cat >conftest.$ac_ext <<_ACEOF 6352 cat >conftest.$ac_ext <<_ACEOF
5972#line 5972 "configure" 6353#line 6353 "configure"
5973#include "confdefs.h" 6354#include "confdefs.h"
5974 6355
5975/* Override any gcc2 internal prototype to avoid an error. */ 6356/* Override any gcc2 internal prototype to avoid an error. */
@@ -5988,16 +6369,16 @@ login ();
5988} 6369}
5989_ACEOF 6370_ACEOF
5990rm -f conftest.$ac_objext conftest$ac_exeext 6371rm -f conftest.$ac_objext conftest$ac_exeext
5991if { (eval echo "$as_me:5991: \"$ac_link\"") >&5 6372if { (eval echo "$as_me:6372: \"$ac_link\"") >&5
5992 (eval $ac_link) 2>&5 6373 (eval $ac_link) 2>&5
5993 ac_status=$? 6374 ac_status=$?
5994 echo "$as_me:5994: \$? = $ac_status" >&5 6375 echo "$as_me:6375: \$? = $ac_status" >&5
5995 (exit $ac_status); } && 6376 (exit $ac_status); } &&
5996 { ac_try='test -s conftest$ac_exeext' 6377 { ac_try='test -s conftest$ac_exeext'
5997 { (eval echo "$as_me:5997: \"$ac_try\"") >&5 6378 { (eval echo "$as_me:6378: \"$ac_try\"") >&5
5998 (eval $ac_try) 2>&5 6379 (eval $ac_try) 2>&5
5999 ac_status=$? 6380 ac_status=$?
6000 echo "$as_me:6000: \$? = $ac_status" >&5 6381 echo "$as_me:6381: \$? = $ac_status" >&5
6001 (exit $ac_status); }; }; then 6382 (exit $ac_status); }; }; then
6002 ac_cv_search_login="-l$ac_lib" 6383 ac_cv_search_login="-l$ac_lib"
6003break 6384break
@@ -6010,7 +6391,7 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
6010fi 6391fi
6011LIBS=$ac_func_search_save_LIBS 6392LIBS=$ac_func_search_save_LIBS
6012fi 6393fi
6013echo "$as_me:6013: result: $ac_cv_search_login" >&5 6394echo "$as_me:6394: result: $ac_cv_search_login" >&5
6014echo "${ECHO_T}$ac_cv_search_login" >&6 6395echo "${ECHO_T}$ac_cv_search_login" >&6
6015if test "$ac_cv_search_login" != no; then 6396if test "$ac_cv_search_login" != no; then
6016 test "$ac_cv_search_login" = "none required" || LIBS="$ac_cv_search_login $LIBS" 6397 test "$ac_cv_search_login" = "none required" || LIBS="$ac_cv_search_login $LIBS"
@@ -6023,13 +6404,13 @@ fi
6023for ac_func in logout updwtmp logwtmp 6404for ac_func in logout updwtmp logwtmp
6024do 6405do
6025as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` 6406as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
6026echo "$as_me:6026: checking for $ac_func" >&5 6407echo "$as_me:6407: checking for $ac_func" >&5
6027echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 6408echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
6028if eval "test \"\${$as_ac_var+set}\" = set"; then 6409if eval "test \"\${$as_ac_var+set}\" = set"; then
6029 echo $ECHO_N "(cached) $ECHO_C" >&6 6410 echo $ECHO_N "(cached) $ECHO_C" >&6
6030else 6411else
6031 cat >conftest.$ac_ext <<_ACEOF 6412 cat >conftest.$ac_ext <<_ACEOF
6032#line 6032 "configure" 6413#line 6413 "configure"
6033#include "confdefs.h" 6414#include "confdefs.h"
6034/* System header to define __stub macros and hopefully few prototypes, 6415/* System header to define __stub macros and hopefully few prototypes,
6035 which can conflict with char $ac_func (); below. */ 6416 which can conflict with char $ac_func (); below. */
@@ -6060,16 +6441,16 @@ f = $ac_func;
6060} 6441}
6061_ACEOF 6442_ACEOF
6062rm -f conftest.$ac_objext conftest$ac_exeext 6443rm -f conftest.$ac_objext conftest$ac_exeext
6063if { (eval echo "$as_me:6063: \"$ac_link\"") >&5 6444if { (eval echo "$as_me:6444: \"$ac_link\"") >&5
6064 (eval $ac_link) 2>&5 6445 (eval $ac_link) 2>&5
6065 ac_status=$? 6446 ac_status=$?
6066 echo "$as_me:6066: \$? = $ac_status" >&5 6447 echo "$as_me:6447: \$? = $ac_status" >&5
6067 (exit $ac_status); } && 6448 (exit $ac_status); } &&
6068 { ac_try='test -s conftest$ac_exeext' 6449 { ac_try='test -s conftest$ac_exeext'
6069 { (eval echo "$as_me:6069: \"$ac_try\"") >&5 6450 { (eval echo "$as_me:6450: \"$ac_try\"") >&5
6070 (eval $ac_try) 2>&5 6451 (eval $ac_try) 2>&5
6071 ac_status=$? 6452 ac_status=$?
6072 echo "$as_me:6072: \$? = $ac_status" >&5 6453 echo "$as_me:6453: \$? = $ac_status" >&5
6073 (exit $ac_status); }; }; then 6454 (exit $ac_status); }; }; then
6074 eval "$as_ac_var=yes" 6455 eval "$as_ac_var=yes"
6075else 6456else
@@ -6079,7 +6460,7 @@ eval "$as_ac_var=no"
6079fi 6460fi
6080rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 6461rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
6081fi 6462fi
6082echo "$as_me:6082: result: `eval echo '${'$as_ac_var'}'`" >&5 6463echo "$as_me:6463: result: `eval echo '${'$as_ac_var'}'`" >&5
6083echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 6464echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
6084if test `eval echo '${'$as_ac_var'}'` = yes; then 6465if test `eval echo '${'$as_ac_var'}'` = yes; then
6085 cat >>confdefs.h <<EOF 6466 cat >>confdefs.h <<EOF
@@ -6092,13 +6473,13 @@ done
6092for ac_func in strftime 6473for ac_func in strftime
6093do 6474do
6094as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` 6475as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
6095echo "$as_me:6095: checking for $ac_func" >&5 6476echo "$as_me:6476: checking for $ac_func" >&5
6096echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 6477echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
6097if eval "test \"\${$as_ac_var+set}\" = set"; then 6478if eval "test \"\${$as_ac_var+set}\" = set"; then
6098 echo $ECHO_N "(cached) $ECHO_C" >&6 6479 echo $ECHO_N "(cached) $ECHO_C" >&6
6099else 6480else
6100 cat >conftest.$ac_ext <<_ACEOF 6481 cat >conftest.$ac_ext <<_ACEOF
6101#line 6101 "configure" 6482#line 6482 "configure"
6102#include "confdefs.h" 6483#include "confdefs.h"
6103/* System header to define __stub macros and hopefully few prototypes, 6484/* System header to define __stub macros and hopefully few prototypes,
6104 which can conflict with char $ac_func (); below. */ 6485 which can conflict with char $ac_func (); below. */
@@ -6129,16 +6510,16 @@ f = $ac_func;
6129} 6510}
6130_ACEOF 6511_ACEOF
6131rm -f conftest.$ac_objext conftest$ac_exeext 6512rm -f conftest.$ac_objext conftest$ac_exeext
6132if { (eval echo "$as_me:6132: \"$ac_link\"") >&5 6513if { (eval echo "$as_me:6513: \"$ac_link\"") >&5
6133 (eval $ac_link) 2>&5 6514 (eval $ac_link) 2>&5
6134 ac_status=$? 6515 ac_status=$?
6135 echo "$as_me:6135: \$? = $ac_status" >&5 6516 echo "$as_me:6516: \$? = $ac_status" >&5
6136 (exit $ac_status); } && 6517 (exit $ac_status); } &&
6137 { ac_try='test -s conftest$ac_exeext' 6518 { ac_try='test -s conftest$ac_exeext'
6138 { (eval echo "$as_me:6138: \"$ac_try\"") >&5 6519 { (eval echo "$as_me:6519: \"$ac_try\"") >&5
6139 (eval $ac_try) 2>&5 6520 (eval $ac_try) 2>&5
6140 ac_status=$? 6521 ac_status=$?
6141 echo "$as_me:6141: \$? = $ac_status" >&5 6522 echo "$as_me:6522: \$? = $ac_status" >&5
6142 (exit $ac_status); }; }; then 6523 (exit $ac_status); }; }; then
6143 eval "$as_ac_var=yes" 6524 eval "$as_ac_var=yes"
6144else 6525else
@@ -6148,7 +6529,7 @@ eval "$as_ac_var=no"
6148fi 6529fi
6149rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 6530rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
6150fi 6531fi
6151echo "$as_me:6151: result: `eval echo '${'$as_ac_var'}'`" >&5 6532echo "$as_me:6532: result: `eval echo '${'$as_ac_var'}'`" >&5
6152echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 6533echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
6153if test `eval echo '${'$as_ac_var'}'` = yes; then 6534if test `eval echo '${'$as_ac_var'}'` = yes; then
6154 cat >>confdefs.h <<EOF 6535 cat >>confdefs.h <<EOF
@@ -6157,7 +6538,7 @@ EOF
6157 6538
6158else 6539else
6159 # strftime is in -lintl on SCO UNIX. 6540 # strftime is in -lintl on SCO UNIX.
6160echo "$as_me:6160: checking for strftime in -lintl" >&5 6541echo "$as_me:6541: checking for strftime in -lintl" >&5
6161echo $ECHO_N "checking for strftime in -lintl... $ECHO_C" >&6 6542echo $ECHO_N "checking for strftime in -lintl... $ECHO_C" >&6
6162if test "${ac_cv_lib_intl_strftime+set}" = set; then 6543if test "${ac_cv_lib_intl_strftime+set}" = set; then
6163 echo $ECHO_N "(cached) $ECHO_C" >&6 6544 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -6165,7 +6546,7 @@ else
6165 ac_check_lib_save_LIBS=$LIBS 6546 ac_check_lib_save_LIBS=$LIBS
6166LIBS="-lintl $LIBS" 6547LIBS="-lintl $LIBS"
6167cat >conftest.$ac_ext <<_ACEOF 6548cat >conftest.$ac_ext <<_ACEOF
6168#line 6168 "configure" 6549#line 6549 "configure"
6169#include "confdefs.h" 6550#include "confdefs.h"
6170 6551
6171/* Override any gcc2 internal prototype to avoid an error. */ 6552/* Override any gcc2 internal prototype to avoid an error. */
@@ -6184,16 +6565,16 @@ strftime ();
6184} 6565}
6185_ACEOF 6566_ACEOF
6186rm -f conftest.$ac_objext conftest$ac_exeext 6567rm -f conftest.$ac_objext conftest$ac_exeext
6187if { (eval echo "$as_me:6187: \"$ac_link\"") >&5 6568if { (eval echo "$as_me:6568: \"$ac_link\"") >&5
6188 (eval $ac_link) 2>&5 6569 (eval $ac_link) 2>&5
6189 ac_status=$? 6570 ac_status=$?
6190 echo "$as_me:6190: \$? = $ac_status" >&5 6571 echo "$as_me:6571: \$? = $ac_status" >&5
6191 (exit $ac_status); } && 6572 (exit $ac_status); } &&
6192 { ac_try='test -s conftest$ac_exeext' 6573 { ac_try='test -s conftest$ac_exeext'
6193 { (eval echo "$as_me:6193: \"$ac_try\"") >&5 6574 { (eval echo "$as_me:6574: \"$ac_try\"") >&5
6194 (eval $ac_try) 2>&5 6575 (eval $ac_try) 2>&5
6195 ac_status=$? 6576 ac_status=$?
6196 echo "$as_me:6196: \$? = $ac_status" >&5 6577 echo "$as_me:6577: \$? = $ac_status" >&5
6197 (exit $ac_status); }; }; then 6578 (exit $ac_status); }; }; then
6198 ac_cv_lib_intl_strftime=yes 6579 ac_cv_lib_intl_strftime=yes
6199else 6580else
@@ -6204,7 +6585,7 @@ fi
6204rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 6585rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
6205LIBS=$ac_check_lib_save_LIBS 6586LIBS=$ac_check_lib_save_LIBS
6206fi 6587fi
6207echo "$as_me:6207: result: $ac_cv_lib_intl_strftime" >&5 6588echo "$as_me:6588: result: $ac_cv_lib_intl_strftime" >&5
6208echo "${ECHO_T}$ac_cv_lib_intl_strftime" >&6 6589echo "${ECHO_T}$ac_cv_lib_intl_strftime" >&6
6209if test $ac_cv_lib_intl_strftime = yes; then 6590if test $ac_cv_lib_intl_strftime = yes; then
6210 cat >>confdefs.h <<\EOF 6591 cat >>confdefs.h <<\EOF
@@ -6218,10 +6599,10 @@ fi
6218done 6599done
6219 6600
6220# Check for ALTDIRFUNC glob() extension 6601# Check for ALTDIRFUNC glob() extension
6221echo "$as_me:6221: checking for GLOB_ALTDIRFUNC support" >&5 6602echo "$as_me:6602: checking for GLOB_ALTDIRFUNC support" >&5
6222echo $ECHO_N "checking for GLOB_ALTDIRFUNC support... $ECHO_C" >&6 6603echo $ECHO_N "checking for GLOB_ALTDIRFUNC support... $ECHO_C" >&6
6223cat >conftest.$ac_ext <<_ACEOF 6604cat >conftest.$ac_ext <<_ACEOF
6224#line 6224 "configure" 6605#line 6605 "configure"
6225#include "confdefs.h" 6606#include "confdefs.h"
6226 6607
6227 #include <glob.h> 6608 #include <glob.h>
@@ -6237,55 +6618,55 @@ if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
6237#define GLOB_HAS_ALTDIRFUNC 1 6618#define GLOB_HAS_ALTDIRFUNC 1
6238EOF 6619EOF
6239 6620
6240 echo "$as_me:6240: result: yes" >&5 6621 echo "$as_me:6621: result: yes" >&5
6241echo "${ECHO_T}yes" >&6 6622echo "${ECHO_T}yes" >&6
6242 6623
6243else 6624else
6244 6625
6245 echo "$as_me:6245: result: no" >&5 6626 echo "$as_me:6626: result: no" >&5
6246echo "${ECHO_T}no" >&6 6627echo "${ECHO_T}no" >&6
6247 6628
6248fi 6629fi
6249rm -f conftest* 6630rm -f conftest*
6250 6631
6251# Check for g.gl_matchc glob() extension 6632# Check for g.gl_matchc glob() extension
6252echo "$as_me:6252: checking for gl_matchc field in glob_t" >&5 6633echo "$as_me:6633: checking for gl_matchc field in glob_t" >&5
6253echo $ECHO_N "checking for gl_matchc field in glob_t... $ECHO_C" >&6 6634echo $ECHO_N "checking for gl_matchc field in glob_t... $ECHO_C" >&6
6254cat >conftest.$ac_ext <<_ACEOF 6635cat >conftest.$ac_ext <<_ACEOF
6255#line 6255 "configure" 6636#line 6636 "configure"
6256#include "confdefs.h" 6637#include "confdefs.h"
6257 6638
6258 #include <glob.h> 6639 #include <glob.h>
6259 int main(void){glob_t g; g.gl_matchc = 1;} 6640 int main(void){glob_t g; g.gl_matchc = 1;}
6260 6641
6261_ACEOF 6642_ACEOF
6262if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | 6643if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
6263 egrep "FOUNDIT" >/dev/null 2>&1; then 6644 egrep "FOUNDIT" >/dev/null 2>&1; then
6264 6645
6265 cat >>confdefs.h <<\EOF 6646 cat >>confdefs.h <<\EOF
6266#define GLOB_HAS_GL_MATCHC 1 6647#define GLOB_HAS_GL_MATCHC 1
6267EOF 6648EOF
6268 6649
6269 echo "$as_me:6269: result: yes" >&5 6650 echo "$as_me:6650: result: yes" >&5
6270echo "${ECHO_T}yes" >&6 6651echo "${ECHO_T}yes" >&6
6271 6652
6272else 6653else
6273 6654
6274 echo "$as_me:6274: result: no" >&5 6655 echo "$as_me:6655: result: no" >&5
6275echo "${ECHO_T}no" >&6 6656echo "${ECHO_T}no" >&6
6276 6657
6277fi 6658fi
6278rm -f conftest* 6659rm -f conftest*
6279 6660
6280echo "$as_me:6280: checking whether struct dirent allocates space for d_name" >&5 6661echo "$as_me:6661: checking whether struct dirent allocates space for d_name" >&5
6281echo $ECHO_N "checking whether struct dirent allocates space for d_name... $ECHO_C" >&6 6662echo $ECHO_N "checking whether struct dirent allocates space for d_name... $ECHO_C" >&6
6282if test "$cross_compiling" = yes; then 6663if test "$cross_compiling" = yes; then
6283 { { echo "$as_me:6283: error: cannot run test program while cross compiling" >&5 6664 { { echo "$as_me:6664: error: cannot run test program while cross compiling" >&5
6284echo "$as_me: error: cannot run test program while cross compiling" >&2;} 6665echo "$as_me: error: cannot run test program while cross compiling" >&2;}
6285 { (exit 1); exit 1; }; } 6666 { (exit 1); exit 1; }; }
6286else 6667else
6287 cat >conftest.$ac_ext <<_ACEOF 6668 cat >conftest.$ac_ext <<_ACEOF
6288#line 6288 "configure" 6669#line 6669 "configure"
6289#include "confdefs.h" 6670#include "confdefs.h"
6290 6671
6291#include <sys/types.h> 6672#include <sys/types.h>
@@ -6294,24 +6675,24 @@ int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
6294 6675
6295_ACEOF 6676_ACEOF
6296rm -f conftest$ac_exeext 6677rm -f conftest$ac_exeext
6297if { (eval echo "$as_me:6297: \"$ac_link\"") >&5 6678if { (eval echo "$as_me:6678: \"$ac_link\"") >&5
6298 (eval $ac_link) 2>&5 6679 (eval $ac_link) 2>&5
6299 ac_status=$? 6680 ac_status=$?
6300 echo "$as_me:6300: \$? = $ac_status" >&5 6681 echo "$as_me:6681: \$? = $ac_status" >&5
6301 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' 6682 (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
6302 { (eval echo "$as_me:6302: \"$ac_try\"") >&5 6683 { (eval echo "$as_me:6683: \"$ac_try\"") >&5
6303 (eval $ac_try) 2>&5 6684 (eval $ac_try) 2>&5
6304 ac_status=$? 6685 ac_status=$?
6305 echo "$as_me:6305: \$? = $ac_status" >&5 6686 echo "$as_me:6686: \$? = $ac_status" >&5
6306 (exit $ac_status); }; }; then 6687 (exit $ac_status); }; }; then
6307 echo "$as_me:6307: result: yes" >&5 6688 echo "$as_me:6688: result: yes" >&5
6308echo "${ECHO_T}yes" >&6 6689echo "${ECHO_T}yes" >&6
6309else 6690else
6310 echo "$as_me: program exited with status $ac_status" >&5 6691 echo "$as_me: program exited with status $ac_status" >&5
6311echo "$as_me: failed program was:" >&5 6692echo "$as_me: failed program was:" >&5
6312cat conftest.$ac_ext >&5 6693cat conftest.$ac_ext >&5
6313 6694
6314 echo "$as_me:6314: result: no" >&5 6695 echo "$as_me:6695: result: no" >&5
6315echo "${ECHO_T}no" >&6 6696echo "${ECHO_T}no" >&6
6316 cat >>confdefs.h <<\EOF 6697 cat >>confdefs.h <<\EOF
6317#define BROKEN_ONE_BYTE_DIRENT_D_NAME 1 6698#define BROKEN_ONE_BYTE_DIRENT_D_NAME 1
@@ -6342,15 +6723,15 @@ EOF
6342 LIBS="-lskey $LIBS" 6723 LIBS="-lskey $LIBS"
6343 SKEY_MSG="yes" 6724 SKEY_MSG="yes"
6344 6725
6345 echo "$as_me:6345: checking for s/key support" >&5 6726 echo "$as_me:6726: checking for s/key support" >&5
6346echo $ECHO_N "checking for s/key support... $ECHO_C" >&6 6727echo $ECHO_N "checking for s/key support... $ECHO_C" >&6
6347 if test "$cross_compiling" = yes; then 6728 if test "$cross_compiling" = yes; then
6348 { { echo "$as_me:6348: error: cannot run test program while cross compiling" >&5 6729 { { echo "$as_me:6729: error: cannot run test program while cross compiling" >&5
6349echo "$as_me: error: cannot run test program while cross compiling" >&2;} 6730echo "$as_me: error: cannot run test program while cross compiling" >&2;}
6350 { (exit 1); exit 1; }; } 6731 { (exit 1); exit 1; }; }
6351else 6732else
6352 cat >conftest.$ac_ext <<_ACEOF 6733 cat >conftest.$ac_ext <<_ACEOF
6353#line 6353 "configure" 6734#line 6734 "configure"
6354#include "confdefs.h" 6735#include "confdefs.h"
6355 6736
6356#include <stdio.h> 6737#include <stdio.h>
@@ -6359,26 +6740,26 @@ int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
6359 6740
6360_ACEOF 6741_ACEOF
6361rm -f conftest$ac_exeext 6742rm -f conftest$ac_exeext
6362if { (eval echo "$as_me:6362: \"$ac_link\"") >&5 6743if { (eval echo "$as_me:6743: \"$ac_link\"") >&5
6363 (eval $ac_link) 2>&5 6744 (eval $ac_link) 2>&5
6364 ac_status=$? 6745 ac_status=$?
6365 echo "$as_me:6365: \$? = $ac_status" >&5 6746 echo "$as_me:6746: \$? = $ac_status" >&5
6366 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' 6747 (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
6367 { (eval echo "$as_me:6367: \"$ac_try\"") >&5 6748 { (eval echo "$as_me:6748: \"$ac_try\"") >&5
6368 (eval $ac_try) 2>&5 6749 (eval $ac_try) 2>&5
6369 ac_status=$? 6750 ac_status=$?
6370 echo "$as_me:6370: \$? = $ac_status" >&5 6751 echo "$as_me:6751: \$? = $ac_status" >&5
6371 (exit $ac_status); }; }; then 6752 (exit $ac_status); }; }; then
6372 echo "$as_me:6372: result: yes" >&5 6753 echo "$as_me:6753: result: yes" >&5
6373echo "${ECHO_T}yes" >&6 6754echo "${ECHO_T}yes" >&6
6374else 6755else
6375 echo "$as_me: program exited with status $ac_status" >&5 6756 echo "$as_me: program exited with status $ac_status" >&5
6376echo "$as_me: failed program was:" >&5 6757echo "$as_me: failed program was:" >&5
6377cat conftest.$ac_ext >&5 6758cat conftest.$ac_ext >&5
6378 6759
6379 echo "$as_me:6379: result: no" >&5 6760 echo "$as_me:6760: result: no" >&5
6380echo "${ECHO_T}no" >&6 6761echo "${ECHO_T}no" >&6
6381 { { echo "$as_me:6381: error: ** Incomplete or missing s/key libraries." >&5 6762 { { echo "$as_me:6762: error: ** Incomplete or missing s/key libraries." >&5
6382echo "$as_me: error: ** Incomplete or missing s/key libraries." >&2;} 6763echo "$as_me: error: ** Incomplete or missing s/key libraries." >&2;}
6383 { (exit 1); exit 1; }; } 6764 { (exit 1); exit 1; }; }
6384 6765
@@ -6422,10 +6803,10 @@ if test "${with_tcp_wrappers+set}" = set; then
6422 fi 6803 fi
6423 LIBWRAP="-lwrap" 6804 LIBWRAP="-lwrap"
6424 LIBS="$LIBWRAP $LIBS" 6805 LIBS="$LIBWRAP $LIBS"
6425 echo "$as_me:6425: checking for libwrap" >&5 6806 echo "$as_me:6806: checking for libwrap" >&5
6426echo $ECHO_N "checking for libwrap... $ECHO_C" >&6 6807echo $ECHO_N "checking for libwrap... $ECHO_C" >&6
6427 cat >conftest.$ac_ext <<_ACEOF 6808 cat >conftest.$ac_ext <<_ACEOF
6428#line 6428 "configure" 6809#line 6809 "configure"
6429#include "confdefs.h" 6810#include "confdefs.h"
6430 6811
6431#include <tcpd.h> 6812#include <tcpd.h>
@@ -6440,19 +6821,19 @@ hosts_access(0);
6440} 6821}
6441_ACEOF 6822_ACEOF
6442rm -f conftest.$ac_objext conftest$ac_exeext 6823rm -f conftest.$ac_objext conftest$ac_exeext
6443if { (eval echo "$as_me:6443: \"$ac_link\"") >&5 6824if { (eval echo "$as_me:6824: \"$ac_link\"") >&5
6444 (eval $ac_link) 2>&5 6825 (eval $ac_link) 2>&5
6445 ac_status=$? 6826 ac_status=$?
6446 echo "$as_me:6446: \$? = $ac_status" >&5 6827 echo "$as_me:6827: \$? = $ac_status" >&5
6447 (exit $ac_status); } && 6828 (exit $ac_status); } &&
6448 { ac_try='test -s conftest$ac_exeext' 6829 { ac_try='test -s conftest$ac_exeext'
6449 { (eval echo "$as_me:6449: \"$ac_try\"") >&5 6830 { (eval echo "$as_me:6830: \"$ac_try\"") >&5
6450 (eval $ac_try) 2>&5 6831 (eval $ac_try) 2>&5
6451 ac_status=$? 6832 ac_status=$?
6452 echo "$as_me:6452: \$? = $ac_status" >&5 6833 echo "$as_me:6833: \$? = $ac_status" >&5
6453 (exit $ac_status); }; }; then 6834 (exit $ac_status); }; }; then
6454 6835
6455 echo "$as_me:6455: result: yes" >&5 6836 echo "$as_me:6836: result: yes" >&5
6456echo "${ECHO_T}yes" >&6 6837echo "${ECHO_T}yes" >&6
6457 cat >>confdefs.h <<\EOF 6838 cat >>confdefs.h <<\EOF
6458#define LIBWRAP 1 6839#define LIBWRAP 1
@@ -6464,7 +6845,7 @@ else
6464 echo "$as_me: failed program was:" >&5 6845 echo "$as_me: failed program was:" >&5
6465cat conftest.$ac_ext >&5 6846cat conftest.$ac_ext >&5
6466 6847
6467 { { echo "$as_me:6467: error: *** libwrap missing" >&5 6848 { { echo "$as_me:6848: error: *** libwrap missing" >&5
6468echo "$as_me: error: *** libwrap missing" >&2;} 6849echo "$as_me: error: *** libwrap missing" >&2;}
6469 { (exit 1); exit 1; }; } 6850 { (exit 1); exit 1; }; }
6470 6851
@@ -6476,28 +6857,28 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
6476fi; 6857fi;
6477 6858
6478for ac_func in \ 6859for ac_func in \
6479 arc4random __b64_ntop b64_ntop __b64_pton b64_pton basename \ 6860 arc4random __b64_ntop b64_ntop __b64_pton b64_pton \
6480 bcopy bindresvport_sa clock fchmod fchown freeaddrinfo futimes \ 6861 bcopy bindresvport_sa clock fchmod fchown freeaddrinfo futimes \
6481 gai_strerror getaddrinfo getcwd getgrouplist getnameinfo getopt \ 6862 getaddrinfo getcwd getgrouplist getnameinfo getopt \
6482 getpeereid _getpty getrlimit getttyent glob inet_aton \ 6863 getpeereid _getpty getrlimit getttyent glob inet_aton \
6483 inet_ntoa inet_ntop innetgr login_getcapbool md5_crypt memmove \ 6864 inet_ntoa inet_ntop innetgr login_getcapbool md5_crypt memmove \
6484 mkdtemp mmap ngetaddrinfo nsleep ogetaddrinfo openlog_r openpty \ 6865 mkdtemp mmap ngetaddrinfo nsleep ogetaddrinfo openlog_r openpty \
6485 pstat readpassphrase realpath recvmsg rresvport_af sendmsg \ 6866 pstat readpassphrase realpath recvmsg rresvport_af sendmsg \
6486 setdtablesize setegid setenv seteuid setgroups setlogin setpcred \ 6867 setdtablesize setegid setenv seteuid setgroups setlogin setpcred \
6487 setproctitle setregid setresgid setresuid setreuid setrlimit \ 6868 setproctitle setregid setreuid setrlimit \
6488 setsid setvbuf sigaction sigvec snprintf socketpair strerror \ 6869 setsid setvbuf sigaction sigvec snprintf socketpair strerror \
6489 strlcat strlcpy strmode strnvis sysconf tcgetpgrp \ 6870 strlcat strlcpy strmode strnvis strtoul sysconf tcgetpgrp \
6490 truncate utimes vhangup vsnprintf waitpid \ 6871 truncate updwtmpx utimes vhangup vsnprintf waitpid \
6491 6872
6492do 6873do
6493as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` 6874as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
6494echo "$as_me:6494: checking for $ac_func" >&5 6875echo "$as_me:6875: checking for $ac_func" >&5
6495echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 6876echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
6496if eval "test \"\${$as_ac_var+set}\" = set"; then 6877if eval "test \"\${$as_ac_var+set}\" = set"; then
6497 echo $ECHO_N "(cached) $ECHO_C" >&6 6878 echo $ECHO_N "(cached) $ECHO_C" >&6
6498else 6879else
6499 cat >conftest.$ac_ext <<_ACEOF 6880 cat >conftest.$ac_ext <<_ACEOF
6500#line 6500 "configure" 6881#line 6881 "configure"
6501#include "confdefs.h" 6882#include "confdefs.h"
6502/* System header to define __stub macros and hopefully few prototypes, 6883/* System header to define __stub macros and hopefully few prototypes,
6503 which can conflict with char $ac_func (); below. */ 6884 which can conflict with char $ac_func (); below. */
@@ -6528,16 +6909,16 @@ f = $ac_func;
6528} 6909}
6529_ACEOF 6910_ACEOF
6530rm -f conftest.$ac_objext conftest$ac_exeext 6911rm -f conftest.$ac_objext conftest$ac_exeext
6531if { (eval echo "$as_me:6531: \"$ac_link\"") >&5 6912if { (eval echo "$as_me:6912: \"$ac_link\"") >&5
6532 (eval $ac_link) 2>&5 6913 (eval $ac_link) 2>&5
6533 ac_status=$? 6914 ac_status=$?
6534 echo "$as_me:6534: \$? = $ac_status" >&5 6915 echo "$as_me:6915: \$? = $ac_status" >&5
6535 (exit $ac_status); } && 6916 (exit $ac_status); } &&
6536 { ac_try='test -s conftest$ac_exeext' 6917 { ac_try='test -s conftest$ac_exeext'
6537 { (eval echo "$as_me:6537: \"$ac_try\"") >&5 6918 { (eval echo "$as_me:6918: \"$ac_try\"") >&5
6538 (eval $ac_try) 2>&5 6919 (eval $ac_try) 2>&5
6539 ac_status=$? 6920 ac_status=$?
6540 echo "$as_me:6540: \$? = $ac_status" >&5 6921 echo "$as_me:6921: \$? = $ac_status" >&5
6541 (exit $ac_status); }; }; then 6922 (exit $ac_status); }; }; then
6542 eval "$as_ac_var=yes" 6923 eval "$as_ac_var=yes"
6543else 6924else
@@ -6547,7 +6928,7 @@ eval "$as_ac_var=no"
6547fi 6928fi
6548rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 6929rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
6549fi 6930fi
6550echo "$as_me:6550: result: `eval echo '${'$as_ac_var'}'`" >&5 6931echo "$as_me:6931: result: `eval echo '${'$as_ac_var'}'`" >&5
6551echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 6932echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
6552if test `eval echo '${'$as_ac_var'}'` = yes; then 6933if test `eval echo '${'$as_ac_var'}'` = yes; then
6553 cat >>confdefs.h <<EOF 6934 cat >>confdefs.h <<EOF
@@ -6557,7 +6938,124 @@ EOF
6557fi 6938fi
6558done 6939done
6559 6940
6560echo "$as_me:6560: checking for library containing nanosleep" >&5 6941# IRIX has a const char return value for gai_strerror()
6942
6943for ac_func in gai_strerror
6944do
6945as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
6946echo "$as_me:6946: checking for $ac_func" >&5
6947echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
6948if eval "test \"\${$as_ac_var+set}\" = set"; then
6949 echo $ECHO_N "(cached) $ECHO_C" >&6
6950else
6951 cat >conftest.$ac_ext <<_ACEOF
6952#line 6952 "configure"
6953#include "confdefs.h"
6954/* System header to define __stub macros and hopefully few prototypes,
6955 which can conflict with char $ac_func (); below. */
6956#include <assert.h>
6957/* Override any gcc2 internal prototype to avoid an error. */
6958#ifdef __cplusplus
6959extern "C"
6960#endif
6961/* We use char because int might match the return type of a gcc2
6962 builtin and then its argument prototype would still apply. */
6963char $ac_func ();
6964char (*f) ();
6965
6966int
6967main ()
6968{
6969/* The GNU C library defines this for functions which it implements
6970 to always fail with ENOSYS. Some functions are actually named
6971 something starting with __ and the normal name is an alias. */
6972#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
6973choke me
6974#else
6975f = $ac_func;
6976#endif
6977
6978 ;
6979 return 0;
6980}
6981_ACEOF
6982rm -f conftest.$ac_objext conftest$ac_exeext
6983if { (eval echo "$as_me:6983: \"$ac_link\"") >&5
6984 (eval $ac_link) 2>&5
6985 ac_status=$?
6986 echo "$as_me:6986: \$? = $ac_status" >&5
6987 (exit $ac_status); } &&
6988 { ac_try='test -s conftest$ac_exeext'
6989 { (eval echo "$as_me:6989: \"$ac_try\"") >&5
6990 (eval $ac_try) 2>&5
6991 ac_status=$?
6992 echo "$as_me:6992: \$? = $ac_status" >&5
6993 (exit $ac_status); }; }; then
6994 eval "$as_ac_var=yes"
6995else
6996 echo "$as_me: failed program was:" >&5
6997cat conftest.$ac_ext >&5
6998eval "$as_ac_var=no"
6999fi
7000rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
7001fi
7002echo "$as_me:7002: result: `eval echo '${'$as_ac_var'}'`" >&5
7003echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
7004if test `eval echo '${'$as_ac_var'}'` = yes; then
7005 cat >>confdefs.h <<EOF
7006#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
7007EOF
7008
7009 cat >>confdefs.h <<\EOF
7010#define HAVE_GAI_STRERROR 1
7011EOF
7012
7013 cat >conftest.$ac_ext <<_ACEOF
7014#line 7014 "configure"
7015#include "confdefs.h"
7016
7017#include <sys/types.h>
7018#include <sys/socket.h>
7019#include <netdb.h>
7020
7021const char *gai_strerror(int);
7022int
7023main ()
7024{
7025
7026char *str;
7027
7028str = gai_strerror(0);
7029 ;
7030 return 0;
7031}
7032_ACEOF
7033rm -f conftest.$ac_objext
7034if { (eval echo "$as_me:7034: \"$ac_compile\"") >&5
7035 (eval $ac_compile) 2>&5
7036 ac_status=$?
7037 echo "$as_me:7037: \$? = $ac_status" >&5
7038 (exit $ac_status); } &&
7039 { ac_try='test -s conftest.$ac_objext'
7040 { (eval echo "$as_me:7040: \"$ac_try\"") >&5
7041 (eval $ac_try) 2>&5
7042 ac_status=$?
7043 echo "$as_me:7043: \$? = $ac_status" >&5
7044 (exit $ac_status); }; }; then
7045
7046cat >>confdefs.h <<\EOF
7047#define HAVE_CONST_GAI_STRERROR_PROTO 1
7048EOF
7049
7050else
7051 echo "$as_me: failed program was:" >&5
7052cat conftest.$ac_ext >&5
7053fi
7054rm -f conftest.$ac_objext conftest.$ac_ext
7055fi
7056done
7057
7058echo "$as_me:7058: checking for library containing nanosleep" >&5
6561echo $ECHO_N "checking for library containing nanosleep... $ECHO_C" >&6 7059echo $ECHO_N "checking for library containing nanosleep... $ECHO_C" >&6
6562if test "${ac_cv_search_nanosleep+set}" = set; then 7060if test "${ac_cv_search_nanosleep+set}" = set; then
6563 echo $ECHO_N "(cached) $ECHO_C" >&6 7061 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -6565,7 +7063,7 @@ else
6565 ac_func_search_save_LIBS=$LIBS 7063 ac_func_search_save_LIBS=$LIBS
6566ac_cv_search_nanosleep=no 7064ac_cv_search_nanosleep=no
6567cat >conftest.$ac_ext <<_ACEOF 7065cat >conftest.$ac_ext <<_ACEOF
6568#line 6568 "configure" 7066#line 7066 "configure"
6569#include "confdefs.h" 7067#include "confdefs.h"
6570 7068
6571/* Override any gcc2 internal prototype to avoid an error. */ 7069/* Override any gcc2 internal prototype to avoid an error. */
@@ -6584,16 +7082,16 @@ nanosleep ();
6584} 7082}
6585_ACEOF 7083_ACEOF
6586rm -f conftest.$ac_objext conftest$ac_exeext 7084rm -f conftest.$ac_objext conftest$ac_exeext
6587if { (eval echo "$as_me:6587: \"$ac_link\"") >&5 7085if { (eval echo "$as_me:7085: \"$ac_link\"") >&5
6588 (eval $ac_link) 2>&5 7086 (eval $ac_link) 2>&5
6589 ac_status=$? 7087 ac_status=$?
6590 echo "$as_me:6590: \$? = $ac_status" >&5 7088 echo "$as_me:7088: \$? = $ac_status" >&5
6591 (exit $ac_status); } && 7089 (exit $ac_status); } &&
6592 { ac_try='test -s conftest$ac_exeext' 7090 { ac_try='test -s conftest$ac_exeext'
6593 { (eval echo "$as_me:6593: \"$ac_try\"") >&5 7091 { (eval echo "$as_me:7091: \"$ac_try\"") >&5
6594 (eval $ac_try) 2>&5 7092 (eval $ac_try) 2>&5
6595 ac_status=$? 7093 ac_status=$?
6596 echo "$as_me:6596: \$? = $ac_status" >&5 7094 echo "$as_me:7094: \$? = $ac_status" >&5
6597 (exit $ac_status); }; }; then 7095 (exit $ac_status); }; }; then
6598 ac_cv_search_nanosleep="none required" 7096 ac_cv_search_nanosleep="none required"
6599else 7097else
@@ -6605,7 +7103,7 @@ if test "$ac_cv_search_nanosleep" = no; then
6605 for ac_lib in rt posix4; do 7103 for ac_lib in rt posix4; do
6606 LIBS="-l$ac_lib $ac_func_search_save_LIBS" 7104 LIBS="-l$ac_lib $ac_func_search_save_LIBS"
6607 cat >conftest.$ac_ext <<_ACEOF 7105 cat >conftest.$ac_ext <<_ACEOF
6608#line 6608 "configure" 7106#line 7106 "configure"
6609#include "confdefs.h" 7107#include "confdefs.h"
6610 7108
6611/* Override any gcc2 internal prototype to avoid an error. */ 7109/* Override any gcc2 internal prototype to avoid an error. */
@@ -6624,16 +7122,16 @@ nanosleep ();
6624} 7122}
6625_ACEOF 7123_ACEOF
6626rm -f conftest.$ac_objext conftest$ac_exeext 7124rm -f conftest.$ac_objext conftest$ac_exeext
6627if { (eval echo "$as_me:6627: \"$ac_link\"") >&5 7125if { (eval echo "$as_me:7125: \"$ac_link\"") >&5
6628 (eval $ac_link) 2>&5 7126 (eval $ac_link) 2>&5
6629 ac_status=$? 7127 ac_status=$?
6630 echo "$as_me:6630: \$? = $ac_status" >&5 7128 echo "$as_me:7128: \$? = $ac_status" >&5
6631 (exit $ac_status); } && 7129 (exit $ac_status); } &&
6632 { ac_try='test -s conftest$ac_exeext' 7130 { ac_try='test -s conftest$ac_exeext'
6633 { (eval echo "$as_me:6633: \"$ac_try\"") >&5 7131 { (eval echo "$as_me:7131: \"$ac_try\"") >&5
6634 (eval $ac_try) 2>&5 7132 (eval $ac_try) 2>&5
6635 ac_status=$? 7133 ac_status=$?
6636 echo "$as_me:6636: \$? = $ac_status" >&5 7134 echo "$as_me:7134: \$? = $ac_status" >&5
6637 (exit $ac_status); }; }; then 7135 (exit $ac_status); }; }; then
6638 ac_cv_search_nanosleep="-l$ac_lib" 7136 ac_cv_search_nanosleep="-l$ac_lib"
6639break 7137break
@@ -6646,7 +7144,7 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
6646fi 7144fi
6647LIBS=$ac_func_search_save_LIBS 7145LIBS=$ac_func_search_save_LIBS
6648fi 7146fi
6649echo "$as_me:6649: result: $ac_cv_search_nanosleep" >&5 7147echo "$as_me:7147: result: $ac_cv_search_nanosleep" >&5
6650echo "${ECHO_T}$ac_cv_search_nanosleep" >&6 7148echo "${ECHO_T}$ac_cv_search_nanosleep" >&6
6651if test "$ac_cv_search_nanosleep" != no; then 7149if test "$ac_cv_search_nanosleep" != no; then
6652 test "$ac_cv_search_nanosleep" = "none required" || LIBS="$ac_cv_search_nanosleep $LIBS" 7150 test "$ac_cv_search_nanosleep" = "none required" || LIBS="$ac_cv_search_nanosleep $LIBS"
@@ -6656,13 +7154,13 @@ EOF
6656 7154
6657fi 7155fi
6658 7156
6659echo "$as_me:6659: checking for ANSI C header files" >&5 7157echo "$as_me:7157: checking for ANSI C header files" >&5
6660echo $ECHO_N "checking for ANSI C header files... $ECHO_C" >&6 7158echo $ECHO_N "checking for ANSI C header files... $ECHO_C" >&6
6661if test "${ac_cv_header_stdc+set}" = set; then 7159if test "${ac_cv_header_stdc+set}" = set; then
6662 echo $ECHO_N "(cached) $ECHO_C" >&6 7160 echo $ECHO_N "(cached) $ECHO_C" >&6
6663else 7161else
6664 cat >conftest.$ac_ext <<_ACEOF 7162 cat >conftest.$ac_ext <<_ACEOF
6665#line 6665 "configure" 7163#line 7163 "configure"
6666#include "confdefs.h" 7164#include "confdefs.h"
6667#include <stdlib.h> 7165#include <stdlib.h>
6668#include <stdarg.h> 7166#include <stdarg.h>
@@ -6670,13 +7168,13 @@ else
6670#include <float.h> 7168#include <float.h>
6671 7169
6672_ACEOF 7170_ACEOF
6673if { (eval echo "$as_me:6673: \"$ac_cpp conftest.$ac_ext\"") >&5 7171if { (eval echo "$as_me:7171: \"$ac_cpp conftest.$ac_ext\"") >&5
6674 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 7172 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
6675 ac_status=$? 7173 ac_status=$?
6676 egrep -v '^ *\+' conftest.er1 >conftest.err 7174 egrep -v '^ *\+' conftest.er1 >conftest.err
6677 rm -f conftest.er1 7175 rm -f conftest.er1
6678 cat conftest.err >&5 7176 cat conftest.err >&5
6679 echo "$as_me:6679: \$? = $ac_status" >&5 7177 echo "$as_me:7177: \$? = $ac_status" >&5
6680 (exit $ac_status); } >/dev/null; then 7178 (exit $ac_status); } >/dev/null; then
6681 if test -s conftest.err; then 7179 if test -s conftest.err; then
6682 ac_cpp_err=$ac_c_preproc_warn_flag 7180 ac_cpp_err=$ac_c_preproc_warn_flag
@@ -6698,7 +7196,7 @@ rm -f conftest.err conftest.$ac_ext
6698if test $ac_cv_header_stdc = yes; then 7196if test $ac_cv_header_stdc = yes; then
6699 # SunOS 4.x string.h does not declare mem*, contrary to ANSI. 7197 # SunOS 4.x string.h does not declare mem*, contrary to ANSI.
6700 cat >conftest.$ac_ext <<_ACEOF 7198 cat >conftest.$ac_ext <<_ACEOF
6701#line 6701 "configure" 7199#line 7199 "configure"
6702#include "confdefs.h" 7200#include "confdefs.h"
6703#include <string.h> 7201#include <string.h>
6704 7202
@@ -6716,7 +7214,7 @@ fi
6716if test $ac_cv_header_stdc = yes; then 7214if test $ac_cv_header_stdc = yes; then
6717 # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. 7215 # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI.
6718 cat >conftest.$ac_ext <<_ACEOF 7216 cat >conftest.$ac_ext <<_ACEOF
6719#line 6719 "configure" 7217#line 7217 "configure"
6720#include "confdefs.h" 7218#include "confdefs.h"
6721#include <stdlib.h> 7219#include <stdlib.h>
6722 7220
@@ -6737,7 +7235,7 @@ if test $ac_cv_header_stdc = yes; then
6737 : 7235 :
6738else 7236else
6739 cat >conftest.$ac_ext <<_ACEOF 7237 cat >conftest.$ac_ext <<_ACEOF
6740#line 6740 "configure" 7238#line 7238 "configure"
6741#include "confdefs.h" 7239#include "confdefs.h"
6742#include <ctype.h> 7240#include <ctype.h>
6743#if ((' ' & 0x0FF) == 0x020) 7241#if ((' ' & 0x0FF) == 0x020)
@@ -6763,15 +7261,15 @@ main ()
6763} 7261}
6764_ACEOF 7262_ACEOF
6765rm -f conftest$ac_exeext 7263rm -f conftest$ac_exeext
6766if { (eval echo "$as_me:6766: \"$ac_link\"") >&5 7264if { (eval echo "$as_me:7264: \"$ac_link\"") >&5
6767 (eval $ac_link) 2>&5 7265 (eval $ac_link) 2>&5
6768 ac_status=$? 7266 ac_status=$?
6769 echo "$as_me:6769: \$? = $ac_status" >&5 7267 echo "$as_me:7267: \$? = $ac_status" >&5
6770 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' 7268 (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
6771 { (eval echo "$as_me:6771: \"$ac_try\"") >&5 7269 { (eval echo "$as_me:7269: \"$ac_try\"") >&5
6772 (eval $ac_try) 2>&5 7270 (eval $ac_try) 2>&5
6773 ac_status=$? 7271 ac_status=$?
6774 echo "$as_me:6774: \$? = $ac_status" >&5 7272 echo "$as_me:7272: \$? = $ac_status" >&5
6775 (exit $ac_status); }; }; then 7273 (exit $ac_status); }; }; then
6776 : 7274 :
6777else 7275else
@@ -6784,7 +7282,7 @@ rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
6784fi 7282fi
6785fi 7283fi
6786fi 7284fi
6787echo "$as_me:6787: result: $ac_cv_header_stdc" >&5 7285echo "$as_me:7285: result: $ac_cv_header_stdc" >&5
6788echo "${ECHO_T}$ac_cv_header_stdc" >&6 7286echo "${ECHO_T}$ac_cv_header_stdc" >&6
6789if test $ac_cv_header_stdc = yes; then 7287if test $ac_cv_header_stdc = yes; then
6790 7288
@@ -6800,28 +7298,28 @@ for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \
6800 inttypes.h stdint.h unistd.h 7298 inttypes.h stdint.h unistd.h
6801do 7299do
6802as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` 7300as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
6803echo "$as_me:6803: checking for $ac_header" >&5 7301echo "$as_me:7301: checking for $ac_header" >&5
6804echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 7302echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
6805if eval "test \"\${$as_ac_Header+set}\" = set"; then 7303if eval "test \"\${$as_ac_Header+set}\" = set"; then
6806 echo $ECHO_N "(cached) $ECHO_C" >&6 7304 echo $ECHO_N "(cached) $ECHO_C" >&6
6807else 7305else
6808 cat >conftest.$ac_ext <<_ACEOF 7306 cat >conftest.$ac_ext <<_ACEOF
6809#line 6809 "configure" 7307#line 7307 "configure"
6810#include "confdefs.h" 7308#include "confdefs.h"
6811$ac_includes_default 7309$ac_includes_default
6812#include <$ac_header> 7310#include <$ac_header>
6813_ACEOF 7311_ACEOF
6814rm -f conftest.$ac_objext 7312rm -f conftest.$ac_objext
6815if { (eval echo "$as_me:6815: \"$ac_compile\"") >&5 7313if { (eval echo "$as_me:7313: \"$ac_compile\"") >&5
6816 (eval $ac_compile) 2>&5 7314 (eval $ac_compile) 2>&5
6817 ac_status=$? 7315 ac_status=$?
6818 echo "$as_me:6818: \$? = $ac_status" >&5 7316 echo "$as_me:7316: \$? = $ac_status" >&5
6819 (exit $ac_status); } && 7317 (exit $ac_status); } &&
6820 { ac_try='test -s conftest.$ac_objext' 7318 { ac_try='test -s conftest.$ac_objext'
6821 { (eval echo "$as_me:6821: \"$ac_try\"") >&5 7319 { (eval echo "$as_me:7319: \"$ac_try\"") >&5
6822 (eval $ac_try) 2>&5 7320 (eval $ac_try) 2>&5
6823 ac_status=$? 7321 ac_status=$?
6824 echo "$as_me:6824: \$? = $ac_status" >&5 7322 echo "$as_me:7322: \$? = $ac_status" >&5
6825 (exit $ac_status); }; }; then 7323 (exit $ac_status); }; }; then
6826 eval "$as_ac_Header=yes" 7324 eval "$as_ac_Header=yes"
6827else 7325else
@@ -6831,7 +7329,7 @@ eval "$as_ac_Header=no"
6831fi 7329fi
6832rm -f conftest.$ac_objext conftest.$ac_ext 7330rm -f conftest.$ac_objext conftest.$ac_ext
6833fi 7331fi
6834echo "$as_me:6834: result: `eval echo '${'$as_ac_Header'}'`" >&5 7332echo "$as_me:7332: result: `eval echo '${'$as_ac_Header'}'`" >&5
6835echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 7333echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
6836if test `eval echo '${'$as_ac_Header'}'` = yes; then 7334if test `eval echo '${'$as_ac_Header'}'` = yes; then
6837 cat >>confdefs.h <<EOF 7335 cat >>confdefs.h <<EOF
@@ -6841,13 +7339,13 @@ EOF
6841fi 7339fi
6842done 7340done
6843 7341
6844echo "$as_me:6844: checking whether strsep is declared" >&5 7342echo "$as_me:7342: checking whether strsep is declared" >&5
6845echo $ECHO_N "checking whether strsep is declared... $ECHO_C" >&6 7343echo $ECHO_N "checking whether strsep is declared... $ECHO_C" >&6
6846if test "${ac_cv_have_decl_strsep+set}" = set; then 7344if test "${ac_cv_have_decl_strsep+set}" = set; then
6847 echo $ECHO_N "(cached) $ECHO_C" >&6 7345 echo $ECHO_N "(cached) $ECHO_C" >&6
6848else 7346else
6849 cat >conftest.$ac_ext <<_ACEOF 7347 cat >conftest.$ac_ext <<_ACEOF
6850#line 6850 "configure" 7348#line 7348 "configure"
6851#include "confdefs.h" 7349#include "confdefs.h"
6852$ac_includes_default 7350$ac_includes_default
6853int 7351int
@@ -6862,16 +7360,16 @@ main ()
6862} 7360}
6863_ACEOF 7361_ACEOF
6864rm -f conftest.$ac_objext 7362rm -f conftest.$ac_objext
6865if { (eval echo "$as_me:6865: \"$ac_compile\"") >&5 7363if { (eval echo "$as_me:7363: \"$ac_compile\"") >&5
6866 (eval $ac_compile) 2>&5 7364 (eval $ac_compile) 2>&5
6867 ac_status=$? 7365 ac_status=$?
6868 echo "$as_me:6868: \$? = $ac_status" >&5 7366 echo "$as_me:7366: \$? = $ac_status" >&5
6869 (exit $ac_status); } && 7367 (exit $ac_status); } &&
6870 { ac_try='test -s conftest.$ac_objext' 7368 { ac_try='test -s conftest.$ac_objext'
6871 { (eval echo "$as_me:6871: \"$ac_try\"") >&5 7369 { (eval echo "$as_me:7369: \"$ac_try\"") >&5
6872 (eval $ac_try) 2>&5 7370 (eval $ac_try) 2>&5
6873 ac_status=$? 7371 ac_status=$?
6874 echo "$as_me:6874: \$? = $ac_status" >&5 7372 echo "$as_me:7372: \$? = $ac_status" >&5
6875 (exit $ac_status); }; }; then 7373 (exit $ac_status); }; }; then
6876 ac_cv_have_decl_strsep=yes 7374 ac_cv_have_decl_strsep=yes
6877else 7375else
@@ -6881,20 +7379,20 @@ ac_cv_have_decl_strsep=no
6881fi 7379fi
6882rm -f conftest.$ac_objext conftest.$ac_ext 7380rm -f conftest.$ac_objext conftest.$ac_ext
6883fi 7381fi
6884echo "$as_me:6884: result: $ac_cv_have_decl_strsep" >&5 7382echo "$as_me:7382: result: $ac_cv_have_decl_strsep" >&5
6885echo "${ECHO_T}$ac_cv_have_decl_strsep" >&6 7383echo "${ECHO_T}$ac_cv_have_decl_strsep" >&6
6886if test $ac_cv_have_decl_strsep = yes; then 7384if test $ac_cv_have_decl_strsep = yes; then
6887 7385
6888for ac_func in strsep 7386for ac_func in strsep
6889do 7387do
6890as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` 7388as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
6891echo "$as_me:6891: checking for $ac_func" >&5 7389echo "$as_me:7389: checking for $ac_func" >&5
6892echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 7390echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
6893if eval "test \"\${$as_ac_var+set}\" = set"; then 7391if eval "test \"\${$as_ac_var+set}\" = set"; then
6894 echo $ECHO_N "(cached) $ECHO_C" >&6 7392 echo $ECHO_N "(cached) $ECHO_C" >&6
6895else 7393else
6896 cat >conftest.$ac_ext <<_ACEOF 7394 cat >conftest.$ac_ext <<_ACEOF
6897#line 6897 "configure" 7395#line 7395 "configure"
6898#include "confdefs.h" 7396#include "confdefs.h"
6899/* System header to define __stub macros and hopefully few prototypes, 7397/* System header to define __stub macros and hopefully few prototypes,
6900 which can conflict with char $ac_func (); below. */ 7398 which can conflict with char $ac_func (); below. */
@@ -6925,16 +7423,16 @@ f = $ac_func;
6925} 7423}
6926_ACEOF 7424_ACEOF
6927rm -f conftest.$ac_objext conftest$ac_exeext 7425rm -f conftest.$ac_objext conftest$ac_exeext
6928if { (eval echo "$as_me:6928: \"$ac_link\"") >&5 7426if { (eval echo "$as_me:7426: \"$ac_link\"") >&5
6929 (eval $ac_link) 2>&5 7427 (eval $ac_link) 2>&5
6930 ac_status=$? 7428 ac_status=$?
6931 echo "$as_me:6931: \$? = $ac_status" >&5 7429 echo "$as_me:7429: \$? = $ac_status" >&5
6932 (exit $ac_status); } && 7430 (exit $ac_status); } &&
6933 { ac_try='test -s conftest$ac_exeext' 7431 { ac_try='test -s conftest$ac_exeext'
6934 { (eval echo "$as_me:6934: \"$ac_try\"") >&5 7432 { (eval echo "$as_me:7432: \"$ac_try\"") >&5
6935 (eval $ac_try) 2>&5 7433 (eval $ac_try) 2>&5
6936 ac_status=$? 7434 ac_status=$?
6937 echo "$as_me:6937: \$? = $ac_status" >&5 7435 echo "$as_me:7435: \$? = $ac_status" >&5
6938 (exit $ac_status); }; }; then 7436 (exit $ac_status); }; }; then
6939 eval "$as_ac_var=yes" 7437 eval "$as_ac_var=yes"
6940else 7438else
@@ -6944,7 +7442,7 @@ eval "$as_ac_var=no"
6944fi 7442fi
6945rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 7443rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
6946fi 7444fi
6947echo "$as_me:6947: result: `eval echo '${'$as_ac_var'}'`" >&5 7445echo "$as_me:7445: result: `eval echo '${'$as_ac_var'}'`" >&5
6948echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 7446echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
6949if test `eval echo '${'$as_ac_var'}'` = yes; then 7447if test `eval echo '${'$as_ac_var'}'` = yes; then
6950 cat >>confdefs.h <<EOF 7448 cat >>confdefs.h <<EOF
@@ -6956,13 +7454,13 @@ done
6956 7454
6957fi 7455fi
6958 7456
6959echo "$as_me:6959: checking whether getrusage is declared" >&5 7457echo "$as_me:7457: checking whether getrusage is declared" >&5
6960echo $ECHO_N "checking whether getrusage is declared... $ECHO_C" >&6 7458echo $ECHO_N "checking whether getrusage is declared... $ECHO_C" >&6
6961if test "${ac_cv_have_decl_getrusage+set}" = set; then 7459if test "${ac_cv_have_decl_getrusage+set}" = set; then
6962 echo $ECHO_N "(cached) $ECHO_C" >&6 7460 echo $ECHO_N "(cached) $ECHO_C" >&6
6963else 7461else
6964 cat >conftest.$ac_ext <<_ACEOF 7462 cat >conftest.$ac_ext <<_ACEOF
6965#line 6965 "configure" 7463#line 7463 "configure"
6966#include "confdefs.h" 7464#include "confdefs.h"
6967$ac_includes_default 7465$ac_includes_default
6968int 7466int
@@ -6977,16 +7475,16 @@ main ()
6977} 7475}
6978_ACEOF 7476_ACEOF
6979rm -f conftest.$ac_objext 7477rm -f conftest.$ac_objext
6980if { (eval echo "$as_me:6980: \"$ac_compile\"") >&5 7478if { (eval echo "$as_me:7478: \"$ac_compile\"") >&5
6981 (eval $ac_compile) 2>&5 7479 (eval $ac_compile) 2>&5
6982 ac_status=$? 7480 ac_status=$?
6983 echo "$as_me:6983: \$? = $ac_status" >&5 7481 echo "$as_me:7481: \$? = $ac_status" >&5
6984 (exit $ac_status); } && 7482 (exit $ac_status); } &&
6985 { ac_try='test -s conftest.$ac_objext' 7483 { ac_try='test -s conftest.$ac_objext'
6986 { (eval echo "$as_me:6986: \"$ac_try\"") >&5 7484 { (eval echo "$as_me:7484: \"$ac_try\"") >&5
6987 (eval $ac_try) 2>&5 7485 (eval $ac_try) 2>&5
6988 ac_status=$? 7486 ac_status=$?
6989 echo "$as_me:6989: \$? = $ac_status" >&5 7487 echo "$as_me:7487: \$? = $ac_status" >&5
6990 (exit $ac_status); }; }; then 7488 (exit $ac_status); }; }; then
6991 ac_cv_have_decl_getrusage=yes 7489 ac_cv_have_decl_getrusage=yes
6992else 7490else
@@ -6996,20 +7494,20 @@ ac_cv_have_decl_getrusage=no
6996fi 7494fi
6997rm -f conftest.$ac_objext conftest.$ac_ext 7495rm -f conftest.$ac_objext conftest.$ac_ext
6998fi 7496fi
6999echo "$as_me:6999: result: $ac_cv_have_decl_getrusage" >&5 7497echo "$as_me:7497: result: $ac_cv_have_decl_getrusage" >&5
7000echo "${ECHO_T}$ac_cv_have_decl_getrusage" >&6 7498echo "${ECHO_T}$ac_cv_have_decl_getrusage" >&6
7001if test $ac_cv_have_decl_getrusage = yes; then 7499if test $ac_cv_have_decl_getrusage = yes; then
7002 7500
7003for ac_func in getrusage 7501for ac_func in getrusage
7004do 7502do
7005as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` 7503as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
7006echo "$as_me:7006: checking for $ac_func" >&5 7504echo "$as_me:7504: checking for $ac_func" >&5
7007echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 7505echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
7008if eval "test \"\${$as_ac_var+set}\" = set"; then 7506if eval "test \"\${$as_ac_var+set}\" = set"; then
7009 echo $ECHO_N "(cached) $ECHO_C" >&6 7507 echo $ECHO_N "(cached) $ECHO_C" >&6
7010else 7508else
7011 cat >conftest.$ac_ext <<_ACEOF 7509 cat >conftest.$ac_ext <<_ACEOF
7012#line 7012 "configure" 7510#line 7510 "configure"
7013#include "confdefs.h" 7511#include "confdefs.h"
7014/* System header to define __stub macros and hopefully few prototypes, 7512/* System header to define __stub macros and hopefully few prototypes,
7015 which can conflict with char $ac_func (); below. */ 7513 which can conflict with char $ac_func (); below. */
@@ -7040,16 +7538,16 @@ f = $ac_func;
7040} 7538}
7041_ACEOF 7539_ACEOF
7042rm -f conftest.$ac_objext conftest$ac_exeext 7540rm -f conftest.$ac_objext conftest$ac_exeext
7043if { (eval echo "$as_me:7043: \"$ac_link\"") >&5 7541if { (eval echo "$as_me:7541: \"$ac_link\"") >&5
7044 (eval $ac_link) 2>&5 7542 (eval $ac_link) 2>&5
7045 ac_status=$? 7543 ac_status=$?
7046 echo "$as_me:7046: \$? = $ac_status" >&5 7544 echo "$as_me:7544: \$? = $ac_status" >&5
7047 (exit $ac_status); } && 7545 (exit $ac_status); } &&
7048 { ac_try='test -s conftest$ac_exeext' 7546 { ac_try='test -s conftest$ac_exeext'
7049 { (eval echo "$as_me:7049: \"$ac_try\"") >&5 7547 { (eval echo "$as_me:7547: \"$ac_try\"") >&5
7050 (eval $ac_try) 2>&5 7548 (eval $ac_try) 2>&5
7051 ac_status=$? 7549 ac_status=$?
7052 echo "$as_me:7052: \$? = $ac_status" >&5 7550 echo "$as_me:7550: \$? = $ac_status" >&5
7053 (exit $ac_status); }; }; then 7551 (exit $ac_status); }; }; then
7054 eval "$as_ac_var=yes" 7552 eval "$as_ac_var=yes"
7055else 7553else
@@ -7059,7 +7557,7 @@ eval "$as_ac_var=no"
7059fi 7557fi
7060rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 7558rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
7061fi 7559fi
7062echo "$as_me:7062: result: `eval echo '${'$as_ac_var'}'`" >&5 7560echo "$as_me:7560: result: `eval echo '${'$as_ac_var'}'`" >&5
7063echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 7561echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
7064if test `eval echo '${'$as_ac_var'}'` = yes; then 7562if test `eval echo '${'$as_ac_var'}'` = yes; then
7065 cat >>confdefs.h <<EOF 7563 cat >>confdefs.h <<EOF
@@ -7071,13 +7569,13 @@ done
7071 7569
7072fi 7570fi
7073 7571
7074echo "$as_me:7074: checking whether tcsendbreak is declared" >&5 7572echo "$as_me:7572: checking whether tcsendbreak is declared" >&5
7075echo $ECHO_N "checking whether tcsendbreak is declared... $ECHO_C" >&6 7573echo $ECHO_N "checking whether tcsendbreak is declared... $ECHO_C" >&6
7076if test "${ac_cv_have_decl_tcsendbreak+set}" = set; then 7574if test "${ac_cv_have_decl_tcsendbreak+set}" = set; then
7077 echo $ECHO_N "(cached) $ECHO_C" >&6 7575 echo $ECHO_N "(cached) $ECHO_C" >&6
7078else 7576else
7079 cat >conftest.$ac_ext <<_ACEOF 7577 cat >conftest.$ac_ext <<_ACEOF
7080#line 7080 "configure" 7578#line 7578 "configure"
7081#include "confdefs.h" 7579#include "confdefs.h"
7082#include <termios.h> 7580#include <termios.h>
7083 7581
@@ -7093,16 +7591,16 @@ main ()
7093} 7591}
7094_ACEOF 7592_ACEOF
7095rm -f conftest.$ac_objext 7593rm -f conftest.$ac_objext
7096if { (eval echo "$as_me:7096: \"$ac_compile\"") >&5 7594if { (eval echo "$as_me:7594: \"$ac_compile\"") >&5
7097 (eval $ac_compile) 2>&5 7595 (eval $ac_compile) 2>&5
7098 ac_status=$? 7596 ac_status=$?
7099 echo "$as_me:7099: \$? = $ac_status" >&5 7597 echo "$as_me:7597: \$? = $ac_status" >&5
7100 (exit $ac_status); } && 7598 (exit $ac_status); } &&
7101 { ac_try='test -s conftest.$ac_objext' 7599 { ac_try='test -s conftest.$ac_objext'
7102 { (eval echo "$as_me:7102: \"$ac_try\"") >&5 7600 { (eval echo "$as_me:7600: \"$ac_try\"") >&5
7103 (eval $ac_try) 2>&5 7601 (eval $ac_try) 2>&5
7104 ac_status=$? 7602 ac_status=$?
7105 echo "$as_me:7105: \$? = $ac_status" >&5 7603 echo "$as_me:7603: \$? = $ac_status" >&5
7106 (exit $ac_status); }; }; then 7604 (exit $ac_status); }; }; then
7107 ac_cv_have_decl_tcsendbreak=yes 7605 ac_cv_have_decl_tcsendbreak=yes
7108else 7606else
@@ -7112,7 +7610,7 @@ ac_cv_have_decl_tcsendbreak=no
7112fi 7610fi
7113rm -f conftest.$ac_objext conftest.$ac_ext 7611rm -f conftest.$ac_objext conftest.$ac_ext
7114fi 7612fi
7115echo "$as_me:7115: result: $ac_cv_have_decl_tcsendbreak" >&5 7613echo "$as_me:7613: result: $ac_cv_have_decl_tcsendbreak" >&5
7116echo "${ECHO_T}$ac_cv_have_decl_tcsendbreak" >&6 7614echo "${ECHO_T}$ac_cv_have_decl_tcsendbreak" >&6
7117if test $ac_cv_have_decl_tcsendbreak = yes; then 7615if test $ac_cv_have_decl_tcsendbreak = yes; then
7118 cat >>confdefs.h <<\EOF 7616 cat >>confdefs.h <<\EOF
@@ -7124,13 +7622,84 @@ else
7124for ac_func in tcsendbreak 7622for ac_func in tcsendbreak
7125do 7623do
7126as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` 7624as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
7127echo "$as_me:7127: checking for $ac_func" >&5 7625echo "$as_me:7625: checking for $ac_func" >&5
7626echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
7627if eval "test \"\${$as_ac_var+set}\" = set"; then
7628 echo $ECHO_N "(cached) $ECHO_C" >&6
7629else
7630 cat >conftest.$ac_ext <<_ACEOF
7631#line 7631 "configure"
7632#include "confdefs.h"
7633/* System header to define __stub macros and hopefully few prototypes,
7634 which can conflict with char $ac_func (); below. */
7635#include <assert.h>
7636/* Override any gcc2 internal prototype to avoid an error. */
7637#ifdef __cplusplus
7638extern "C"
7639#endif
7640/* We use char because int might match the return type of a gcc2
7641 builtin and then its argument prototype would still apply. */
7642char $ac_func ();
7643char (*f) ();
7644
7645int
7646main ()
7647{
7648/* The GNU C library defines this for functions which it implements
7649 to always fail with ENOSYS. Some functions are actually named
7650 something starting with __ and the normal name is an alias. */
7651#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
7652choke me
7653#else
7654f = $ac_func;
7655#endif
7656
7657 ;
7658 return 0;
7659}
7660_ACEOF
7661rm -f conftest.$ac_objext conftest$ac_exeext
7662if { (eval echo "$as_me:7662: \"$ac_link\"") >&5
7663 (eval $ac_link) 2>&5
7664 ac_status=$?
7665 echo "$as_me:7665: \$? = $ac_status" >&5
7666 (exit $ac_status); } &&
7667 { ac_try='test -s conftest$ac_exeext'
7668 { (eval echo "$as_me:7668: \"$ac_try\"") >&5
7669 (eval $ac_try) 2>&5
7670 ac_status=$?
7671 echo "$as_me:7671: \$? = $ac_status" >&5
7672 (exit $ac_status); }; }; then
7673 eval "$as_ac_var=yes"
7674else
7675 echo "$as_me: failed program was:" >&5
7676cat conftest.$ac_ext >&5
7677eval "$as_ac_var=no"
7678fi
7679rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
7680fi
7681echo "$as_me:7681: result: `eval echo '${'$as_ac_var'}'`" >&5
7682echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
7683if test `eval echo '${'$as_ac_var'}'` = yes; then
7684 cat >>confdefs.h <<EOF
7685#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
7686EOF
7687
7688fi
7689done
7690
7691fi
7692
7693for ac_func in setresuid
7694do
7695as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
7696echo "$as_me:7696: checking for $ac_func" >&5
7128echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 7697echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
7129if eval "test \"\${$as_ac_var+set}\" = set"; then 7698if eval "test \"\${$as_ac_var+set}\" = set"; then
7130 echo $ECHO_N "(cached) $ECHO_C" >&6 7699 echo $ECHO_N "(cached) $ECHO_C" >&6
7131else 7700else
7132 cat >conftest.$ac_ext <<_ACEOF 7701 cat >conftest.$ac_ext <<_ACEOF
7133#line 7133 "configure" 7702#line 7702 "configure"
7134#include "confdefs.h" 7703#include "confdefs.h"
7135/* System header to define __stub macros and hopefully few prototypes, 7704/* System header to define __stub macros and hopefully few prototypes,
7136 which can conflict with char $ac_func (); below. */ 7705 which can conflict with char $ac_func (); below. */
@@ -7161,16 +7730,16 @@ f = $ac_func;
7161} 7730}
7162_ACEOF 7731_ACEOF
7163rm -f conftest.$ac_objext conftest$ac_exeext 7732rm -f conftest.$ac_objext conftest$ac_exeext
7164if { (eval echo "$as_me:7164: \"$ac_link\"") >&5 7733if { (eval echo "$as_me:7733: \"$ac_link\"") >&5
7165 (eval $ac_link) 2>&5 7734 (eval $ac_link) 2>&5
7166 ac_status=$? 7735 ac_status=$?
7167 echo "$as_me:7167: \$? = $ac_status" >&5 7736 echo "$as_me:7736: \$? = $ac_status" >&5
7168 (exit $ac_status); } && 7737 (exit $ac_status); } &&
7169 { ac_try='test -s conftest$ac_exeext' 7738 { ac_try='test -s conftest$ac_exeext'
7170 { (eval echo "$as_me:7170: \"$ac_try\"") >&5 7739 { (eval echo "$as_me:7739: \"$ac_try\"") >&5
7171 (eval $ac_try) 2>&5 7740 (eval $ac_try) 2>&5
7172 ac_status=$? 7741 ac_status=$?
7173 echo "$as_me:7173: \$? = $ac_status" >&5 7742 echo "$as_me:7742: \$? = $ac_status" >&5
7174 (exit $ac_status); }; }; then 7743 (exit $ac_status); }; }; then
7175 eval "$as_ac_var=yes" 7744 eval "$as_ac_var=yes"
7176else 7745else
@@ -7180,28 +7749,183 @@ eval "$as_ac_var=no"
7180fi 7749fi
7181rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 7750rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
7182fi 7751fi
7183echo "$as_me:7183: result: `eval echo '${'$as_ac_var'}'`" >&5 7752echo "$as_me:7752: result: `eval echo '${'$as_ac_var'}'`" >&5
7184echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 7753echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
7185if test `eval echo '${'$as_ac_var'}'` = yes; then 7754if test `eval echo '${'$as_ac_var'}'` = yes; then
7186 cat >>confdefs.h <<EOF 7755 cat >>confdefs.h <<EOF
7187#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 7756#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
7188EOF 7757EOF
7189 7758
7759 echo "$as_me:7759: checking if setresuid seems to work" >&5
7760echo $ECHO_N "checking if setresuid seems to work... $ECHO_C" >&6
7761 if test "$cross_compiling" = yes; then
7762 { { echo "$as_me:7762: error: cannot run test program while cross compiling" >&5
7763echo "$as_me: error: cannot run test program while cross compiling" >&2;}
7764 { (exit 1); exit 1; }; }
7765else
7766 cat >conftest.$ac_ext <<_ACEOF
7767#line 7767 "configure"
7768#include "confdefs.h"
7769
7770#include <stdlib.h>
7771#include <errno.h>
7772int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
7773
7774_ACEOF
7775rm -f conftest$ac_exeext
7776if { (eval echo "$as_me:7776: \"$ac_link\"") >&5
7777 (eval $ac_link) 2>&5
7778 ac_status=$?
7779 echo "$as_me:7779: \$? = $ac_status" >&5
7780 (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
7781 { (eval echo "$as_me:7781: \"$ac_try\"") >&5
7782 (eval $ac_try) 2>&5
7783 ac_status=$?
7784 echo "$as_me:7784: \$? = $ac_status" >&5
7785 (exit $ac_status); }; }; then
7786 echo "$as_me:7786: result: yes" >&5
7787echo "${ECHO_T}yes" >&6
7788else
7789 echo "$as_me: program exited with status $ac_status" >&5
7790echo "$as_me: failed program was:" >&5
7791cat conftest.$ac_ext >&5
7792cat >>confdefs.h <<\EOF
7793#define BROKEN_SETRESUID 1
7794EOF
7795
7796 echo "$as_me:7796: result: not implemented" >&5
7797echo "${ECHO_T}not implemented" >&6
7798
7799fi
7800rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
7801fi
7802
7190fi 7803fi
7191done 7804done
7192 7805
7806for ac_func in setresgid
7807do
7808as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
7809echo "$as_me:7809: checking for $ac_func" >&5
7810echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
7811if eval "test \"\${$as_ac_var+set}\" = set"; then
7812 echo $ECHO_N "(cached) $ECHO_C" >&6
7813else
7814 cat >conftest.$ac_ext <<_ACEOF
7815#line 7815 "configure"
7816#include "confdefs.h"
7817/* System header to define __stub macros and hopefully few prototypes,
7818 which can conflict with char $ac_func (); below. */
7819#include <assert.h>
7820/* Override any gcc2 internal prototype to avoid an error. */
7821#ifdef __cplusplus
7822extern "C"
7823#endif
7824/* We use char because int might match the return type of a gcc2
7825 builtin and then its argument prototype would still apply. */
7826char $ac_func ();
7827char (*f) ();
7828
7829int
7830main ()
7831{
7832/* The GNU C library defines this for functions which it implements
7833 to always fail with ENOSYS. Some functions are actually named
7834 something starting with __ and the normal name is an alias. */
7835#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
7836choke me
7837#else
7838f = $ac_func;
7839#endif
7840
7841 ;
7842 return 0;
7843}
7844_ACEOF
7845rm -f conftest.$ac_objext conftest$ac_exeext
7846if { (eval echo "$as_me:7846: \"$ac_link\"") >&5
7847 (eval $ac_link) 2>&5
7848 ac_status=$?
7849 echo "$as_me:7849: \$? = $ac_status" >&5
7850 (exit $ac_status); } &&
7851 { ac_try='test -s conftest$ac_exeext'
7852 { (eval echo "$as_me:7852: \"$ac_try\"") >&5
7853 (eval $ac_try) 2>&5
7854 ac_status=$?
7855 echo "$as_me:7855: \$? = $ac_status" >&5
7856 (exit $ac_status); }; }; then
7857 eval "$as_ac_var=yes"
7858else
7859 echo "$as_me: failed program was:" >&5
7860cat conftest.$ac_ext >&5
7861eval "$as_ac_var=no"
7862fi
7863rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
7864fi
7865echo "$as_me:7865: result: `eval echo '${'$as_ac_var'}'`" >&5
7866echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
7867if test `eval echo '${'$as_ac_var'}'` = yes; then
7868 cat >>confdefs.h <<EOF
7869#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
7870EOF
7871
7872 echo "$as_me:7872: checking if setresgid seems to work" >&5
7873echo $ECHO_N "checking if setresgid seems to work... $ECHO_C" >&6
7874 if test "$cross_compiling" = yes; then
7875 { { echo "$as_me:7875: error: cannot run test program while cross compiling" >&5
7876echo "$as_me: error: cannot run test program while cross compiling" >&2;}
7877 { (exit 1); exit 1; }; }
7878else
7879 cat >conftest.$ac_ext <<_ACEOF
7880#line 7880 "configure"
7881#include "confdefs.h"
7882
7883#include <stdlib.h>
7884#include <errno.h>
7885int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
7886
7887_ACEOF
7888rm -f conftest$ac_exeext
7889if { (eval echo "$as_me:7889: \"$ac_link\"") >&5
7890 (eval $ac_link) 2>&5
7891 ac_status=$?
7892 echo "$as_me:7892: \$? = $ac_status" >&5
7893 (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
7894 { (eval echo "$as_me:7894: \"$ac_try\"") >&5
7895 (eval $ac_try) 2>&5
7896 ac_status=$?
7897 echo "$as_me:7897: \$? = $ac_status" >&5
7898 (exit $ac_status); }; }; then
7899 echo "$as_me:7899: result: yes" >&5
7900echo "${ECHO_T}yes" >&6
7901else
7902 echo "$as_me: program exited with status $ac_status" >&5
7903echo "$as_me: failed program was:" >&5
7904cat conftest.$ac_ext >&5
7905cat >>confdefs.h <<\EOF
7906#define BROKEN_SETRESGID 1
7907EOF
7908
7909 echo "$as_me:7909: result: not implemented" >&5
7910echo "${ECHO_T}not implemented" >&6
7911
7912fi
7913rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
7193fi 7914fi
7194 7915
7916fi
7917done
7918
7195for ac_func in gettimeofday time 7919for ac_func in gettimeofday time
7196do 7920do
7197as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` 7921as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
7198echo "$as_me:7198: checking for $ac_func" >&5 7922echo "$as_me:7922: checking for $ac_func" >&5
7199echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 7923echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
7200if eval "test \"\${$as_ac_var+set}\" = set"; then 7924if eval "test \"\${$as_ac_var+set}\" = set"; then
7201 echo $ECHO_N "(cached) $ECHO_C" >&6 7925 echo $ECHO_N "(cached) $ECHO_C" >&6
7202else 7926else
7203 cat >conftest.$ac_ext <<_ACEOF 7927 cat >conftest.$ac_ext <<_ACEOF
7204#line 7204 "configure" 7928#line 7928 "configure"
7205#include "confdefs.h" 7929#include "confdefs.h"
7206/* System header to define __stub macros and hopefully few prototypes, 7930/* System header to define __stub macros and hopefully few prototypes,
7207 which can conflict with char $ac_func (); below. */ 7931 which can conflict with char $ac_func (); below. */
@@ -7232,16 +7956,16 @@ f = $ac_func;
7232} 7956}
7233_ACEOF 7957_ACEOF
7234rm -f conftest.$ac_objext conftest$ac_exeext 7958rm -f conftest.$ac_objext conftest$ac_exeext
7235if { (eval echo "$as_me:7235: \"$ac_link\"") >&5 7959if { (eval echo "$as_me:7959: \"$ac_link\"") >&5
7236 (eval $ac_link) 2>&5 7960 (eval $ac_link) 2>&5
7237 ac_status=$? 7961 ac_status=$?
7238 echo "$as_me:7238: \$? = $ac_status" >&5 7962 echo "$as_me:7962: \$? = $ac_status" >&5
7239 (exit $ac_status); } && 7963 (exit $ac_status); } &&
7240 { ac_try='test -s conftest$ac_exeext' 7964 { ac_try='test -s conftest$ac_exeext'
7241 { (eval echo "$as_me:7241: \"$ac_try\"") >&5 7965 { (eval echo "$as_me:7965: \"$ac_try\"") >&5
7242 (eval $ac_try) 2>&5 7966 (eval $ac_try) 2>&5
7243 ac_status=$? 7967 ac_status=$?
7244 echo "$as_me:7244: \$? = $ac_status" >&5 7968 echo "$as_me:7968: \$? = $ac_status" >&5
7245 (exit $ac_status); }; }; then 7969 (exit $ac_status); }; }; then
7246 eval "$as_ac_var=yes" 7970 eval "$as_ac_var=yes"
7247else 7971else
@@ -7251,7 +7975,7 @@ eval "$as_ac_var=no"
7251fi 7975fi
7252rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 7976rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
7253fi 7977fi
7254echo "$as_me:7254: result: `eval echo '${'$as_ac_var'}'`" >&5 7978echo "$as_me:7978: result: `eval echo '${'$as_ac_var'}'`" >&5
7255echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 7979echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
7256if test `eval echo '${'$as_ac_var'}'` = yes; then 7980if test `eval echo '${'$as_ac_var'}'` = yes; then
7257 cat >>confdefs.h <<EOF 7981 cat >>confdefs.h <<EOF
@@ -7264,13 +7988,13 @@ done
7264for ac_func in endutent getutent getutid getutline pututline setutent 7988for ac_func in endutent getutent getutid getutline pututline setutent
7265do 7989do
7266as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` 7990as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
7267echo "$as_me:7267: checking for $ac_func" >&5 7991echo "$as_me:7991: checking for $ac_func" >&5
7268echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 7992echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
7269if eval "test \"\${$as_ac_var+set}\" = set"; then 7993if eval "test \"\${$as_ac_var+set}\" = set"; then
7270 echo $ECHO_N "(cached) $ECHO_C" >&6 7994 echo $ECHO_N "(cached) $ECHO_C" >&6
7271else 7995else
7272 cat >conftest.$ac_ext <<_ACEOF 7996 cat >conftest.$ac_ext <<_ACEOF
7273#line 7273 "configure" 7997#line 7997 "configure"
7274#include "confdefs.h" 7998#include "confdefs.h"
7275/* System header to define __stub macros and hopefully few prototypes, 7999/* System header to define __stub macros and hopefully few prototypes,
7276 which can conflict with char $ac_func (); below. */ 8000 which can conflict with char $ac_func (); below. */
@@ -7301,16 +8025,16 @@ f = $ac_func;
7301} 8025}
7302_ACEOF 8026_ACEOF
7303rm -f conftest.$ac_objext conftest$ac_exeext 8027rm -f conftest.$ac_objext conftest$ac_exeext
7304if { (eval echo "$as_me:7304: \"$ac_link\"") >&5 8028if { (eval echo "$as_me:8028: \"$ac_link\"") >&5
7305 (eval $ac_link) 2>&5 8029 (eval $ac_link) 2>&5
7306 ac_status=$? 8030 ac_status=$?
7307 echo "$as_me:7307: \$? = $ac_status" >&5 8031 echo "$as_me:8031: \$? = $ac_status" >&5
7308 (exit $ac_status); } && 8032 (exit $ac_status); } &&
7309 { ac_try='test -s conftest$ac_exeext' 8033 { ac_try='test -s conftest$ac_exeext'
7310 { (eval echo "$as_me:7310: \"$ac_try\"") >&5 8034 { (eval echo "$as_me:8034: \"$ac_try\"") >&5
7311 (eval $ac_try) 2>&5 8035 (eval $ac_try) 2>&5
7312 ac_status=$? 8036 ac_status=$?
7313 echo "$as_me:7313: \$? = $ac_status" >&5 8037 echo "$as_me:8037: \$? = $ac_status" >&5
7314 (exit $ac_status); }; }; then 8038 (exit $ac_status); }; }; then
7315 eval "$as_ac_var=yes" 8039 eval "$as_ac_var=yes"
7316else 8040else
@@ -7320,7 +8044,7 @@ eval "$as_ac_var=no"
7320fi 8044fi
7321rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 8045rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
7322fi 8046fi
7323echo "$as_me:7323: result: `eval echo '${'$as_ac_var'}'`" >&5 8047echo "$as_me:8047: result: `eval echo '${'$as_ac_var'}'`" >&5
7324echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 8048echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
7325if test `eval echo '${'$as_ac_var'}'` = yes; then 8049if test `eval echo '${'$as_ac_var'}'` = yes; then
7326 cat >>confdefs.h <<EOF 8050 cat >>confdefs.h <<EOF
@@ -7333,13 +8057,13 @@ done
7333for ac_func in utmpname 8057for ac_func in utmpname
7334do 8058do
7335as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` 8059as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
7336echo "$as_me:7336: checking for $ac_func" >&5 8060echo "$as_me:8060: checking for $ac_func" >&5
7337echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 8061echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
7338if eval "test \"\${$as_ac_var+set}\" = set"; then 8062if eval "test \"\${$as_ac_var+set}\" = set"; then
7339 echo $ECHO_N "(cached) $ECHO_C" >&6 8063 echo $ECHO_N "(cached) $ECHO_C" >&6
7340else 8064else
7341 cat >conftest.$ac_ext <<_ACEOF 8065 cat >conftest.$ac_ext <<_ACEOF
7342#line 7342 "configure" 8066#line 8066 "configure"
7343#include "confdefs.h" 8067#include "confdefs.h"
7344/* System header to define __stub macros and hopefully few prototypes, 8068/* System header to define __stub macros and hopefully few prototypes,
7345 which can conflict with char $ac_func (); below. */ 8069 which can conflict with char $ac_func (); below. */
@@ -7370,16 +8094,16 @@ f = $ac_func;
7370} 8094}
7371_ACEOF 8095_ACEOF
7372rm -f conftest.$ac_objext conftest$ac_exeext 8096rm -f conftest.$ac_objext conftest$ac_exeext
7373if { (eval echo "$as_me:7373: \"$ac_link\"") >&5 8097if { (eval echo "$as_me:8097: \"$ac_link\"") >&5
7374 (eval $ac_link) 2>&5 8098 (eval $ac_link) 2>&5
7375 ac_status=$? 8099 ac_status=$?
7376 echo "$as_me:7376: \$? = $ac_status" >&5 8100 echo "$as_me:8100: \$? = $ac_status" >&5
7377 (exit $ac_status); } && 8101 (exit $ac_status); } &&
7378 { ac_try='test -s conftest$ac_exeext' 8102 { ac_try='test -s conftest$ac_exeext'
7379 { (eval echo "$as_me:7379: \"$ac_try\"") >&5 8103 { (eval echo "$as_me:8103: \"$ac_try\"") >&5
7380 (eval $ac_try) 2>&5 8104 (eval $ac_try) 2>&5
7381 ac_status=$? 8105 ac_status=$?
7382 echo "$as_me:7382: \$? = $ac_status" >&5 8106 echo "$as_me:8106: \$? = $ac_status" >&5
7383 (exit $ac_status); }; }; then 8107 (exit $ac_status); }; }; then
7384 eval "$as_ac_var=yes" 8108 eval "$as_ac_var=yes"
7385else 8109else
@@ -7389,7 +8113,7 @@ eval "$as_ac_var=no"
7389fi 8113fi
7390rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 8114rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
7391fi 8115fi
7392echo "$as_me:7392: result: `eval echo '${'$as_ac_var'}'`" >&5 8116echo "$as_me:8116: result: `eval echo '${'$as_ac_var'}'`" >&5
7393echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 8117echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
7394if test `eval echo '${'$as_ac_var'}'` = yes; then 8118if test `eval echo '${'$as_ac_var'}'` = yes; then
7395 cat >>confdefs.h <<EOF 8119 cat >>confdefs.h <<EOF
@@ -7402,13 +8126,13 @@ done
7402for ac_func in endutxent getutxent getutxid getutxline pututxline 8126for ac_func in endutxent getutxent getutxid getutxline pututxline
7403do 8127do
7404as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` 8128as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
7405echo "$as_me:7405: checking for $ac_func" >&5 8129echo "$as_me:8129: checking for $ac_func" >&5
7406echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 8130echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
7407if eval "test \"\${$as_ac_var+set}\" = set"; then 8131if eval "test \"\${$as_ac_var+set}\" = set"; then
7408 echo $ECHO_N "(cached) $ECHO_C" >&6 8132 echo $ECHO_N "(cached) $ECHO_C" >&6
7409else 8133else
7410 cat >conftest.$ac_ext <<_ACEOF 8134 cat >conftest.$ac_ext <<_ACEOF
7411#line 7411 "configure" 8135#line 8135 "configure"
7412#include "confdefs.h" 8136#include "confdefs.h"
7413/* System header to define __stub macros and hopefully few prototypes, 8137/* System header to define __stub macros and hopefully few prototypes,
7414 which can conflict with char $ac_func (); below. */ 8138 which can conflict with char $ac_func (); below. */
@@ -7439,16 +8163,16 @@ f = $ac_func;
7439} 8163}
7440_ACEOF 8164_ACEOF
7441rm -f conftest.$ac_objext conftest$ac_exeext 8165rm -f conftest.$ac_objext conftest$ac_exeext
7442if { (eval echo "$as_me:7442: \"$ac_link\"") >&5 8166if { (eval echo "$as_me:8166: \"$ac_link\"") >&5
7443 (eval $ac_link) 2>&5 8167 (eval $ac_link) 2>&5
7444 ac_status=$? 8168 ac_status=$?
7445 echo "$as_me:7445: \$? = $ac_status" >&5 8169 echo "$as_me:8169: \$? = $ac_status" >&5
7446 (exit $ac_status); } && 8170 (exit $ac_status); } &&
7447 { ac_try='test -s conftest$ac_exeext' 8171 { ac_try='test -s conftest$ac_exeext'
7448 { (eval echo "$as_me:7448: \"$ac_try\"") >&5 8172 { (eval echo "$as_me:8172: \"$ac_try\"") >&5
7449 (eval $ac_try) 2>&5 8173 (eval $ac_try) 2>&5
7450 ac_status=$? 8174 ac_status=$?
7451 echo "$as_me:7451: \$? = $ac_status" >&5 8175 echo "$as_me:8175: \$? = $ac_status" >&5
7452 (exit $ac_status); }; }; then 8176 (exit $ac_status); }; }; then
7453 eval "$as_ac_var=yes" 8177 eval "$as_ac_var=yes"
7454else 8178else
@@ -7458,7 +8182,7 @@ eval "$as_ac_var=no"
7458fi 8182fi
7459rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 8183rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
7460fi 8184fi
7461echo "$as_me:7461: result: `eval echo '${'$as_ac_var'}'`" >&5 8185echo "$as_me:8185: result: `eval echo '${'$as_ac_var'}'`" >&5
7462echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 8186echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
7463if test `eval echo '${'$as_ac_var'}'` = yes; then 8187if test `eval echo '${'$as_ac_var'}'` = yes; then
7464 cat >>confdefs.h <<EOF 8188 cat >>confdefs.h <<EOF
@@ -7471,13 +8195,13 @@ done
7471for ac_func in setutxent utmpxname 8195for ac_func in setutxent utmpxname
7472do 8196do
7473as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` 8197as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
7474echo "$as_me:7474: checking for $ac_func" >&5 8198echo "$as_me:8198: checking for $ac_func" >&5
7475echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 8199echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
7476if eval "test \"\${$as_ac_var+set}\" = set"; then 8200if eval "test \"\${$as_ac_var+set}\" = set"; then
7477 echo $ECHO_N "(cached) $ECHO_C" >&6 8201 echo $ECHO_N "(cached) $ECHO_C" >&6
7478else 8202else
7479 cat >conftest.$ac_ext <<_ACEOF 8203 cat >conftest.$ac_ext <<_ACEOF
7480#line 7480 "configure" 8204#line 8204 "configure"
7481#include "confdefs.h" 8205#include "confdefs.h"
7482/* System header to define __stub macros and hopefully few prototypes, 8206/* System header to define __stub macros and hopefully few prototypes,
7483 which can conflict with char $ac_func (); below. */ 8207 which can conflict with char $ac_func (); below. */
@@ -7508,16 +8232,16 @@ f = $ac_func;
7508} 8232}
7509_ACEOF 8233_ACEOF
7510rm -f conftest.$ac_objext conftest$ac_exeext 8234rm -f conftest.$ac_objext conftest$ac_exeext
7511if { (eval echo "$as_me:7511: \"$ac_link\"") >&5 8235if { (eval echo "$as_me:8235: \"$ac_link\"") >&5
7512 (eval $ac_link) 2>&5 8236 (eval $ac_link) 2>&5
7513 ac_status=$? 8237 ac_status=$?
7514 echo "$as_me:7514: \$? = $ac_status" >&5 8238 echo "$as_me:8238: \$? = $ac_status" >&5
7515 (exit $ac_status); } && 8239 (exit $ac_status); } &&
7516 { ac_try='test -s conftest$ac_exeext' 8240 { ac_try='test -s conftest$ac_exeext'
7517 { (eval echo "$as_me:7517: \"$ac_try\"") >&5 8241 { (eval echo "$as_me:8241: \"$ac_try\"") >&5
7518 (eval $ac_try) 2>&5 8242 (eval $ac_try) 2>&5
7519 ac_status=$? 8243 ac_status=$?
7520 echo "$as_me:7520: \$? = $ac_status" >&5 8244 echo "$as_me:8244: \$? = $ac_status" >&5
7521 (exit $ac_status); }; }; then 8245 (exit $ac_status); }; }; then
7522 eval "$as_ac_var=yes" 8246 eval "$as_ac_var=yes"
7523else 8247else
@@ -7527,7 +8251,7 @@ eval "$as_ac_var=no"
7527fi 8251fi
7528rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 8252rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
7529fi 8253fi
7530echo "$as_me:7530: result: `eval echo '${'$as_ac_var'}'`" >&5 8254echo "$as_me:8254: result: `eval echo '${'$as_ac_var'}'`" >&5
7531echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 8255echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
7532if test `eval echo '${'$as_ac_var'}'` = yes; then 8256if test `eval echo '${'$as_ac_var'}'` = yes; then
7533 cat >>confdefs.h <<EOF 8257 cat >>confdefs.h <<EOF
@@ -7537,13 +8261,13 @@ EOF
7537fi 8261fi
7538done 8262done
7539 8263
7540echo "$as_me:7540: checking for daemon" >&5 8264echo "$as_me:8264: checking for daemon" >&5
7541echo $ECHO_N "checking for daemon... $ECHO_C" >&6 8265echo $ECHO_N "checking for daemon... $ECHO_C" >&6
7542if test "${ac_cv_func_daemon+set}" = set; then 8266if test "${ac_cv_func_daemon+set}" = set; then
7543 echo $ECHO_N "(cached) $ECHO_C" >&6 8267 echo $ECHO_N "(cached) $ECHO_C" >&6
7544else 8268else
7545 cat >conftest.$ac_ext <<_ACEOF 8269 cat >conftest.$ac_ext <<_ACEOF
7546#line 7546 "configure" 8270#line 8270 "configure"
7547#include "confdefs.h" 8271#include "confdefs.h"
7548/* System header to define __stub macros and hopefully few prototypes, 8272/* System header to define __stub macros and hopefully few prototypes,
7549 which can conflict with char daemon (); below. */ 8273 which can conflict with char daemon (); below. */
@@ -7574,16 +8298,16 @@ f = daemon;
7574} 8298}
7575_ACEOF 8299_ACEOF
7576rm -f conftest.$ac_objext conftest$ac_exeext 8300rm -f conftest.$ac_objext conftest$ac_exeext
7577if { (eval echo "$as_me:7577: \"$ac_link\"") >&5 8301if { (eval echo "$as_me:8301: \"$ac_link\"") >&5
7578 (eval $ac_link) 2>&5 8302 (eval $ac_link) 2>&5
7579 ac_status=$? 8303 ac_status=$?
7580 echo "$as_me:7580: \$? = $ac_status" >&5 8304 echo "$as_me:8304: \$? = $ac_status" >&5
7581 (exit $ac_status); } && 8305 (exit $ac_status); } &&
7582 { ac_try='test -s conftest$ac_exeext' 8306 { ac_try='test -s conftest$ac_exeext'
7583 { (eval echo "$as_me:7583: \"$ac_try\"") >&5 8307 { (eval echo "$as_me:8307: \"$ac_try\"") >&5
7584 (eval $ac_try) 2>&5 8308 (eval $ac_try) 2>&5
7585 ac_status=$? 8309 ac_status=$?
7586 echo "$as_me:7586: \$? = $ac_status" >&5 8310 echo "$as_me:8310: \$? = $ac_status" >&5
7587 (exit $ac_status); }; }; then 8311 (exit $ac_status); }; }; then
7588 ac_cv_func_daemon=yes 8312 ac_cv_func_daemon=yes
7589else 8313else
@@ -7593,7 +8317,7 @@ ac_cv_func_daemon=no
7593fi 8317fi
7594rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 8318rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
7595fi 8319fi
7596echo "$as_me:7596: result: $ac_cv_func_daemon" >&5 8320echo "$as_me:8320: result: $ac_cv_func_daemon" >&5
7597echo "${ECHO_T}$ac_cv_func_daemon" >&6 8321echo "${ECHO_T}$ac_cv_func_daemon" >&6
7598if test $ac_cv_func_daemon = yes; then 8322if test $ac_cv_func_daemon = yes; then
7599 cat >>confdefs.h <<\EOF 8323 cat >>confdefs.h <<\EOF
@@ -7601,7 +8325,7 @@ if test $ac_cv_func_daemon = yes; then
7601EOF 8325EOF
7602 8326
7603else 8327else
7604 echo "$as_me:7604: checking for daemon in -lbsd" >&5 8328 echo "$as_me:8328: checking for daemon in -lbsd" >&5
7605echo $ECHO_N "checking for daemon in -lbsd... $ECHO_C" >&6 8329echo $ECHO_N "checking for daemon in -lbsd... $ECHO_C" >&6
7606if test "${ac_cv_lib_bsd_daemon+set}" = set; then 8330if test "${ac_cv_lib_bsd_daemon+set}" = set; then
7607 echo $ECHO_N "(cached) $ECHO_C" >&6 8331 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -7609,7 +8333,7 @@ else
7609 ac_check_lib_save_LIBS=$LIBS 8333 ac_check_lib_save_LIBS=$LIBS
7610LIBS="-lbsd $LIBS" 8334LIBS="-lbsd $LIBS"
7611cat >conftest.$ac_ext <<_ACEOF 8335cat >conftest.$ac_ext <<_ACEOF
7612#line 7612 "configure" 8336#line 8336 "configure"
7613#include "confdefs.h" 8337#include "confdefs.h"
7614 8338
7615/* Override any gcc2 internal prototype to avoid an error. */ 8339/* Override any gcc2 internal prototype to avoid an error. */
@@ -7628,16 +8352,16 @@ daemon ();
7628} 8352}
7629_ACEOF 8353_ACEOF
7630rm -f conftest.$ac_objext conftest$ac_exeext 8354rm -f conftest.$ac_objext conftest$ac_exeext
7631if { (eval echo "$as_me:7631: \"$ac_link\"") >&5 8355if { (eval echo "$as_me:8355: \"$ac_link\"") >&5
7632 (eval $ac_link) 2>&5 8356 (eval $ac_link) 2>&5
7633 ac_status=$? 8357 ac_status=$?
7634 echo "$as_me:7634: \$? = $ac_status" >&5 8358 echo "$as_me:8358: \$? = $ac_status" >&5
7635 (exit $ac_status); } && 8359 (exit $ac_status); } &&
7636 { ac_try='test -s conftest$ac_exeext' 8360 { ac_try='test -s conftest$ac_exeext'
7637 { (eval echo "$as_me:7637: \"$ac_try\"") >&5 8361 { (eval echo "$as_me:8361: \"$ac_try\"") >&5
7638 (eval $ac_try) 2>&5 8362 (eval $ac_try) 2>&5
7639 ac_status=$? 8363 ac_status=$?
7640 echo "$as_me:7640: \$? = $ac_status" >&5 8364 echo "$as_me:8364: \$? = $ac_status" >&5
7641 (exit $ac_status); }; }; then 8365 (exit $ac_status); }; }; then
7642 ac_cv_lib_bsd_daemon=yes 8366 ac_cv_lib_bsd_daemon=yes
7643else 8367else
@@ -7648,7 +8372,7 @@ fi
7648rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 8372rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
7649LIBS=$ac_check_lib_save_LIBS 8373LIBS=$ac_check_lib_save_LIBS
7650fi 8374fi
7651echo "$as_me:7651: result: $ac_cv_lib_bsd_daemon" >&5 8375echo "$as_me:8375: result: $ac_cv_lib_bsd_daemon" >&5
7652echo "${ECHO_T}$ac_cv_lib_bsd_daemon" >&6 8376echo "${ECHO_T}$ac_cv_lib_bsd_daemon" >&6
7653if test $ac_cv_lib_bsd_daemon = yes; then 8377if test $ac_cv_lib_bsd_daemon = yes; then
7654 LIBS="$LIBS -lbsd"; cat >>confdefs.h <<\EOF 8378 LIBS="$LIBS -lbsd"; cat >>confdefs.h <<\EOF
@@ -7659,13 +8383,13 @@ fi
7659 8383
7660fi 8384fi
7661 8385
7662echo "$as_me:7662: checking for getpagesize" >&5 8386echo "$as_me:8386: checking for getpagesize" >&5
7663echo $ECHO_N "checking for getpagesize... $ECHO_C" >&6 8387echo $ECHO_N "checking for getpagesize... $ECHO_C" >&6
7664if test "${ac_cv_func_getpagesize+set}" = set; then 8388if test "${ac_cv_func_getpagesize+set}" = set; then
7665 echo $ECHO_N "(cached) $ECHO_C" >&6 8389 echo $ECHO_N "(cached) $ECHO_C" >&6
7666else 8390else
7667 cat >conftest.$ac_ext <<_ACEOF 8391 cat >conftest.$ac_ext <<_ACEOF
7668#line 7668 "configure" 8392#line 8392 "configure"
7669#include "confdefs.h" 8393#include "confdefs.h"
7670/* System header to define __stub macros and hopefully few prototypes, 8394/* System header to define __stub macros and hopefully few prototypes,
7671 which can conflict with char getpagesize (); below. */ 8395 which can conflict with char getpagesize (); below. */
@@ -7696,16 +8420,16 @@ f = getpagesize;
7696} 8420}
7697_ACEOF 8421_ACEOF
7698rm -f conftest.$ac_objext conftest$ac_exeext 8422rm -f conftest.$ac_objext conftest$ac_exeext
7699if { (eval echo "$as_me:7699: \"$ac_link\"") >&5 8423if { (eval echo "$as_me:8423: \"$ac_link\"") >&5
7700 (eval $ac_link) 2>&5 8424 (eval $ac_link) 2>&5
7701 ac_status=$? 8425 ac_status=$?
7702 echo "$as_me:7702: \$? = $ac_status" >&5 8426 echo "$as_me:8426: \$? = $ac_status" >&5
7703 (exit $ac_status); } && 8427 (exit $ac_status); } &&
7704 { ac_try='test -s conftest$ac_exeext' 8428 { ac_try='test -s conftest$ac_exeext'
7705 { (eval echo "$as_me:7705: \"$ac_try\"") >&5 8429 { (eval echo "$as_me:8429: \"$ac_try\"") >&5
7706 (eval $ac_try) 2>&5 8430 (eval $ac_try) 2>&5
7707 ac_status=$? 8431 ac_status=$?
7708 echo "$as_me:7708: \$? = $ac_status" >&5 8432 echo "$as_me:8432: \$? = $ac_status" >&5
7709 (exit $ac_status); }; }; then 8433 (exit $ac_status); }; }; then
7710 ac_cv_func_getpagesize=yes 8434 ac_cv_func_getpagesize=yes
7711else 8435else
@@ -7715,7 +8439,7 @@ ac_cv_func_getpagesize=no
7715fi 8439fi
7716rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 8440rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
7717fi 8441fi
7718echo "$as_me:7718: result: $ac_cv_func_getpagesize" >&5 8442echo "$as_me:8442: result: $ac_cv_func_getpagesize" >&5
7719echo "${ECHO_T}$ac_cv_func_getpagesize" >&6 8443echo "${ECHO_T}$ac_cv_func_getpagesize" >&6
7720if test $ac_cv_func_getpagesize = yes; then 8444if test $ac_cv_func_getpagesize = yes; then
7721 cat >>confdefs.h <<\EOF 8445 cat >>confdefs.h <<\EOF
@@ -7723,7 +8447,7 @@ if test $ac_cv_func_getpagesize = yes; then
7723EOF 8447EOF
7724 8448
7725else 8449else
7726 echo "$as_me:7726: checking for getpagesize in -lucb" >&5 8450 echo "$as_me:8450: checking for getpagesize in -lucb" >&5
7727echo $ECHO_N "checking for getpagesize in -lucb... $ECHO_C" >&6 8451echo $ECHO_N "checking for getpagesize in -lucb... $ECHO_C" >&6
7728if test "${ac_cv_lib_ucb_getpagesize+set}" = set; then 8452if test "${ac_cv_lib_ucb_getpagesize+set}" = set; then
7729 echo $ECHO_N "(cached) $ECHO_C" >&6 8453 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -7731,7 +8455,7 @@ else
7731 ac_check_lib_save_LIBS=$LIBS 8455 ac_check_lib_save_LIBS=$LIBS
7732LIBS="-lucb $LIBS" 8456LIBS="-lucb $LIBS"
7733cat >conftest.$ac_ext <<_ACEOF 8457cat >conftest.$ac_ext <<_ACEOF
7734#line 7734 "configure" 8458#line 8458 "configure"
7735#include "confdefs.h" 8459#include "confdefs.h"
7736 8460
7737/* Override any gcc2 internal prototype to avoid an error. */ 8461/* Override any gcc2 internal prototype to avoid an error. */
@@ -7750,16 +8474,16 @@ getpagesize ();
7750} 8474}
7751_ACEOF 8475_ACEOF
7752rm -f conftest.$ac_objext conftest$ac_exeext 8476rm -f conftest.$ac_objext conftest$ac_exeext
7753if { (eval echo "$as_me:7753: \"$ac_link\"") >&5 8477if { (eval echo "$as_me:8477: \"$ac_link\"") >&5
7754 (eval $ac_link) 2>&5 8478 (eval $ac_link) 2>&5
7755 ac_status=$? 8479 ac_status=$?
7756 echo "$as_me:7756: \$? = $ac_status" >&5 8480 echo "$as_me:8480: \$? = $ac_status" >&5
7757 (exit $ac_status); } && 8481 (exit $ac_status); } &&
7758 { ac_try='test -s conftest$ac_exeext' 8482 { ac_try='test -s conftest$ac_exeext'
7759 { (eval echo "$as_me:7759: \"$ac_try\"") >&5 8483 { (eval echo "$as_me:8483: \"$ac_try\"") >&5
7760 (eval $ac_try) 2>&5 8484 (eval $ac_try) 2>&5
7761 ac_status=$? 8485 ac_status=$?
7762 echo "$as_me:7762: \$? = $ac_status" >&5 8486 echo "$as_me:8486: \$? = $ac_status" >&5
7763 (exit $ac_status); }; }; then 8487 (exit $ac_status); }; }; then
7764 ac_cv_lib_ucb_getpagesize=yes 8488 ac_cv_lib_ucb_getpagesize=yes
7765else 8489else
@@ -7770,7 +8494,7 @@ fi
7770rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 8494rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
7771LIBS=$ac_check_lib_save_LIBS 8495LIBS=$ac_check_lib_save_LIBS
7772fi 8496fi
7773echo "$as_me:7773: result: $ac_cv_lib_ucb_getpagesize" >&5 8497echo "$as_me:8497: result: $ac_cv_lib_ucb_getpagesize" >&5
7774echo "${ECHO_T}$ac_cv_lib_ucb_getpagesize" >&6 8498echo "${ECHO_T}$ac_cv_lib_ucb_getpagesize" >&6
7775if test $ac_cv_lib_ucb_getpagesize = yes; then 8499if test $ac_cv_lib_ucb_getpagesize = yes; then
7776 LIBS="$LIBS -lucb"; cat >>confdefs.h <<\EOF 8500 LIBS="$LIBS -lucb"; cat >>confdefs.h <<\EOF
@@ -7783,15 +8507,15 @@ fi
7783 8507
7784# Check for broken snprintf 8508# Check for broken snprintf
7785if test "x$ac_cv_func_snprintf" = "xyes" ; then 8509if test "x$ac_cv_func_snprintf" = "xyes" ; then
7786 echo "$as_me:7786: checking whether snprintf correctly terminates long strings" >&5 8510 echo "$as_me:8510: checking whether snprintf correctly terminates long strings" >&5
7787echo $ECHO_N "checking whether snprintf correctly terminates long strings... $ECHO_C" >&6 8511echo $ECHO_N "checking whether snprintf correctly terminates long strings... $ECHO_C" >&6
7788 if test "$cross_compiling" = yes; then 8512 if test "$cross_compiling" = yes; then
7789 { { echo "$as_me:7789: error: cannot run test program while cross compiling" >&5 8513 { { echo "$as_me:8513: error: cannot run test program while cross compiling" >&5
7790echo "$as_me: error: cannot run test program while cross compiling" >&2;} 8514echo "$as_me: error: cannot run test program while cross compiling" >&2;}
7791 { (exit 1); exit 1; }; } 8515 { (exit 1); exit 1; }; }
7792else 8516else
7793 cat >conftest.$ac_ext <<_ACEOF 8517 cat >conftest.$ac_ext <<_ACEOF
7794#line 7794 "configure" 8518#line 8518 "configure"
7795#include "confdefs.h" 8519#include "confdefs.h"
7796 8520
7797#include <stdio.h> 8521#include <stdio.h>
@@ -7799,30 +8523,30 @@ int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
7799 8523
7800_ACEOF 8524_ACEOF
7801rm -f conftest$ac_exeext 8525rm -f conftest$ac_exeext
7802if { (eval echo "$as_me:7802: \"$ac_link\"") >&5 8526if { (eval echo "$as_me:8526: \"$ac_link\"") >&5
7803 (eval $ac_link) 2>&5 8527 (eval $ac_link) 2>&5
7804 ac_status=$? 8528 ac_status=$?
7805 echo "$as_me:7805: \$? = $ac_status" >&5 8529 echo "$as_me:8529: \$? = $ac_status" >&5
7806 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' 8530 (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
7807 { (eval echo "$as_me:7807: \"$ac_try\"") >&5 8531 { (eval echo "$as_me:8531: \"$ac_try\"") >&5
7808 (eval $ac_try) 2>&5 8532 (eval $ac_try) 2>&5
7809 ac_status=$? 8533 ac_status=$?
7810 echo "$as_me:7810: \$? = $ac_status" >&5 8534 echo "$as_me:8534: \$? = $ac_status" >&5
7811 (exit $ac_status); }; }; then 8535 (exit $ac_status); }; }; then
7812 echo "$as_me:7812: result: yes" >&5 8536 echo "$as_me:8536: result: yes" >&5
7813echo "${ECHO_T}yes" >&6 8537echo "${ECHO_T}yes" >&6
7814else 8538else
7815 echo "$as_me: program exited with status $ac_status" >&5 8539 echo "$as_me: program exited with status $ac_status" >&5
7816echo "$as_me: failed program was:" >&5 8540echo "$as_me: failed program was:" >&5
7817cat conftest.$ac_ext >&5 8541cat conftest.$ac_ext >&5
7818 8542
7819 echo "$as_me:7819: result: no" >&5 8543 echo "$as_me:8543: result: no" >&5
7820echo "${ECHO_T}no" >&6 8544echo "${ECHO_T}no" >&6
7821 cat >>confdefs.h <<\EOF 8545 cat >>confdefs.h <<\EOF
7822#define BROKEN_SNPRINTF 1 8546#define BROKEN_SNPRINTF 1
7823EOF 8547EOF
7824 8548
7825 { echo "$as_me:7825: WARNING: ****** Your snprintf() function is broken, complain to your vendor" >&5 8549 { echo "$as_me:8549: WARNING: ****** Your snprintf() function is broken, complain to your vendor" >&5
7826echo "$as_me: WARNING: ****** Your snprintf() function is broken, complain to your vendor" >&2;} 8550echo "$as_me: WARNING: ****** Your snprintf() function is broken, complain to your vendor" >&2;}
7827 8551
7828fi 8552fi
@@ -7831,11 +8555,11 @@ fi
7831fi 8555fi
7832 8556
7833if test "x$ac_cv_func_mkdtemp" = "xyes" ; then 8557if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
7834echo "$as_me:7834: checking for (overly) strict mkstemp" >&5 8558echo "$as_me:8558: checking for (overly) strict mkstemp" >&5
7835echo $ECHO_N "checking for (overly) strict mkstemp... $ECHO_C" >&6 8559echo $ECHO_N "checking for (overly) strict mkstemp... $ECHO_C" >&6
7836if test "$cross_compiling" = yes; then 8560if test "$cross_compiling" = yes; then
7837 8561
7838 echo "$as_me:7838: result: yes" >&5 8562 echo "$as_me:8562: result: yes" >&5
7839echo "${ECHO_T}yes" >&6 8563echo "${ECHO_T}yes" >&6
7840 cat >>confdefs.h <<\EOF 8564 cat >>confdefs.h <<\EOF
7841#define HAVE_STRICT_MKSTEMP 1 8565#define HAVE_STRICT_MKSTEMP 1
@@ -7843,7 +8567,7 @@ EOF
7843 8567
7844else 8568else
7845 cat >conftest.$ac_ext <<_ACEOF 8569 cat >conftest.$ac_ext <<_ACEOF
7846#line 7846 "configure" 8570#line 8570 "configure"
7847#include "confdefs.h" 8571#include "confdefs.h"
7848 8572
7849#include <stdlib.h> 8573#include <stdlib.h>
@@ -7855,18 +8579,18 @@ unlink(template); exit(0);
7855 8579
7856_ACEOF 8580_ACEOF
7857rm -f conftest$ac_exeext 8581rm -f conftest$ac_exeext
7858if { (eval echo "$as_me:7858: \"$ac_link\"") >&5 8582if { (eval echo "$as_me:8582: \"$ac_link\"") >&5
7859 (eval $ac_link) 2>&5 8583 (eval $ac_link) 2>&5
7860 ac_status=$? 8584 ac_status=$?
7861 echo "$as_me:7861: \$? = $ac_status" >&5 8585 echo "$as_me:8585: \$? = $ac_status" >&5
7862 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' 8586 (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
7863 { (eval echo "$as_me:7863: \"$ac_try\"") >&5 8587 { (eval echo "$as_me:8587: \"$ac_try\"") >&5
7864 (eval $ac_try) 2>&5 8588 (eval $ac_try) 2>&5
7865 ac_status=$? 8589 ac_status=$?
7866 echo "$as_me:7866: \$? = $ac_status" >&5 8590 echo "$as_me:8590: \$? = $ac_status" >&5
7867 (exit $ac_status); }; }; then 8591 (exit $ac_status); }; }; then
7868 8592
7869 echo "$as_me:7869: result: no" >&5 8593 echo "$as_me:8593: result: no" >&5
7870echo "${ECHO_T}no" >&6 8594echo "${ECHO_T}no" >&6
7871 8595
7872else 8596else
@@ -7874,7 +8598,7 @@ else
7874echo "$as_me: failed program was:" >&5 8598echo "$as_me: failed program was:" >&5
7875cat conftest.$ac_ext >&5 8599cat conftest.$ac_ext >&5
7876 8600
7877 echo "$as_me:7877: result: yes" >&5 8601 echo "$as_me:8601: result: yes" >&5
7878echo "${ECHO_T}yes" >&6 8602echo "${ECHO_T}yes" >&6
7879 cat >>confdefs.h <<\EOF 8603 cat >>confdefs.h <<\EOF
7880#define HAVE_STRICT_MKSTEMP 1 8604#define HAVE_STRICT_MKSTEMP 1
@@ -7886,15 +8610,15 @@ fi
7886fi 8610fi
7887 8611
7888if test ! -z "$check_for_openpty_ctty_bug"; then 8612if test ! -z "$check_for_openpty_ctty_bug"; then
7889 echo "$as_me:7889: checking if openpty correctly handles controlling tty" >&5 8613 echo "$as_me:8613: checking if openpty correctly handles controlling tty" >&5
7890echo $ECHO_N "checking if openpty correctly handles controlling tty... $ECHO_C" >&6 8614echo $ECHO_N "checking if openpty correctly handles controlling tty... $ECHO_C" >&6
7891 if test "$cross_compiling" = yes; then 8615 if test "$cross_compiling" = yes; then
7892 { { echo "$as_me:7892: error: cannot run test program while cross compiling" >&5 8616 { { echo "$as_me:8616: error: cannot run test program while cross compiling" >&5
7893echo "$as_me: error: cannot run test program while cross compiling" >&2;} 8617echo "$as_me: error: cannot run test program while cross compiling" >&2;}
7894 { (exit 1); exit 1; }; } 8618 { (exit 1); exit 1; }; }
7895else 8619else
7896 cat >conftest.$ac_ext <<_ACEOF 8620 cat >conftest.$ac_ext <<_ACEOF
7897#line 7897 "configure" 8621#line 8621 "configure"
7898#include "confdefs.h" 8622#include "confdefs.h"
7899 8623
7900#include <stdio.h> 8624#include <stdio.h>
@@ -7931,18 +8655,18 @@ main()
7931 8655
7932_ACEOF 8656_ACEOF
7933rm -f conftest$ac_exeext 8657rm -f conftest$ac_exeext
7934if { (eval echo "$as_me:7934: \"$ac_link\"") >&5 8658if { (eval echo "$as_me:8658: \"$ac_link\"") >&5
7935 (eval $ac_link) 2>&5 8659 (eval $ac_link) 2>&5
7936 ac_status=$? 8660 ac_status=$?
7937 echo "$as_me:7937: \$? = $ac_status" >&5 8661 echo "$as_me:8661: \$? = $ac_status" >&5
7938 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' 8662 (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
7939 { (eval echo "$as_me:7939: \"$ac_try\"") >&5 8663 { (eval echo "$as_me:8663: \"$ac_try\"") >&5
7940 (eval $ac_try) 2>&5 8664 (eval $ac_try) 2>&5
7941 ac_status=$? 8665 ac_status=$?
7942 echo "$as_me:7942: \$? = $ac_status" >&5 8666 echo "$as_me:8666: \$? = $ac_status" >&5
7943 (exit $ac_status); }; }; then 8667 (exit $ac_status); }; }; then
7944 8668
7945 echo "$as_me:7945: result: yes" >&5 8669 echo "$as_me:8669: result: yes" >&5
7946echo "${ECHO_T}yes" >&6 8670echo "${ECHO_T}yes" >&6
7947 8671
7948else 8672else
@@ -7950,7 +8674,7 @@ else
7950echo "$as_me: failed program was:" >&5 8674echo "$as_me: failed program was:" >&5
7951cat conftest.$ac_ext >&5 8675cat conftest.$ac_ext >&5
7952 8676
7953 echo "$as_me:7953: result: no" >&5 8677 echo "$as_me:8677: result: no" >&5
7954echo "${ECHO_T}no" >&6 8678echo "${ECHO_T}no" >&6
7955 cat >>confdefs.h <<\EOF 8679 cat >>confdefs.h <<\EOF
7956#define SSHD_ACQUIRES_CTTY 1 8680#define SSHD_ACQUIRES_CTTY 1
@@ -7961,14 +8685,14 @@ rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
7961fi 8685fi
7962fi 8686fi
7963 8687
7964echo "$as_me:7964: checking whether getpgrp takes no argument" >&5 8688echo "$as_me:8688: checking whether getpgrp takes no argument" >&5
7965echo $ECHO_N "checking whether getpgrp takes no argument... $ECHO_C" >&6 8689echo $ECHO_N "checking whether getpgrp takes no argument... $ECHO_C" >&6
7966if test "${ac_cv_func_getpgrp_void+set}" = set; then 8690if test "${ac_cv_func_getpgrp_void+set}" = set; then
7967 echo $ECHO_N "(cached) $ECHO_C" >&6 8691 echo $ECHO_N "(cached) $ECHO_C" >&6
7968else 8692else
7969 # Use it with a single arg. 8693 # Use it with a single arg.
7970cat >conftest.$ac_ext <<_ACEOF 8694cat >conftest.$ac_ext <<_ACEOF
7971#line 7971 "configure" 8695#line 8695 "configure"
7972#include "confdefs.h" 8696#include "confdefs.h"
7973$ac_includes_default 8697$ac_includes_default
7974int 8698int
@@ -7980,16 +8704,16 @@ getpgrp (0);
7980} 8704}
7981_ACEOF 8705_ACEOF
7982rm -f conftest.$ac_objext 8706rm -f conftest.$ac_objext
7983if { (eval echo "$as_me:7983: \"$ac_compile\"") >&5 8707if { (eval echo "$as_me:8707: \"$ac_compile\"") >&5
7984 (eval $ac_compile) 2>&5 8708 (eval $ac_compile) 2>&5
7985 ac_status=$? 8709 ac_status=$?
7986 echo "$as_me:7986: \$? = $ac_status" >&5 8710 echo "$as_me:8710: \$? = $ac_status" >&5
7987 (exit $ac_status); } && 8711 (exit $ac_status); } &&
7988 { ac_try='test -s conftest.$ac_objext' 8712 { ac_try='test -s conftest.$ac_objext'
7989 { (eval echo "$as_me:7989: \"$ac_try\"") >&5 8713 { (eval echo "$as_me:8713: \"$ac_try\"") >&5
7990 (eval $ac_try) 2>&5 8714 (eval $ac_try) 2>&5
7991 ac_status=$? 8715 ac_status=$?
7992 echo "$as_me:7992: \$? = $ac_status" >&5 8716 echo "$as_me:8716: \$? = $ac_status" >&5
7993 (exit $ac_status); }; }; then 8717 (exit $ac_status); }; }; then
7994 ac_func_getpgrp_1=yes 8718 ac_func_getpgrp_1=yes
7995else 8719else
@@ -8000,7 +8724,7 @@ fi
8000rm -f conftest.$ac_objext conftest.$ac_ext 8724rm -f conftest.$ac_objext conftest.$ac_ext
8001# Use it with no arg. 8725# Use it with no arg.
8002cat >conftest.$ac_ext <<_ACEOF 8726cat >conftest.$ac_ext <<_ACEOF
8003#line 8003 "configure" 8727#line 8727 "configure"
8004#include "confdefs.h" 8728#include "confdefs.h"
8005$ac_includes_default 8729$ac_includes_default
8006int 8730int
@@ -8012,16 +8736,16 @@ getpgrp ();
8012} 8736}
8013_ACEOF 8737_ACEOF
8014rm -f conftest.$ac_objext 8738rm -f conftest.$ac_objext
8015if { (eval echo "$as_me:8015: \"$ac_compile\"") >&5 8739if { (eval echo "$as_me:8739: \"$ac_compile\"") >&5
8016 (eval $ac_compile) 2>&5 8740 (eval $ac_compile) 2>&5
8017 ac_status=$? 8741 ac_status=$?
8018 echo "$as_me:8018: \$? = $ac_status" >&5 8742 echo "$as_me:8742: \$? = $ac_status" >&5
8019 (exit $ac_status); } && 8743 (exit $ac_status); } &&
8020 { ac_try='test -s conftest.$ac_objext' 8744 { ac_try='test -s conftest.$ac_objext'
8021 { (eval echo "$as_me:8021: \"$ac_try\"") >&5 8745 { (eval echo "$as_me:8745: \"$ac_try\"") >&5
8022 (eval $ac_try) 2>&5 8746 (eval $ac_try) 2>&5
8023 ac_status=$? 8747 ac_status=$?
8024 echo "$as_me:8024: \$? = $ac_status" >&5 8748 echo "$as_me:8748: \$? = $ac_status" >&5
8025 (exit $ac_status); }; }; then 8749 (exit $ac_status); }; }; then
8026 ac_func_getpgrp_0=yes 8750 ac_func_getpgrp_0=yes
8027else 8751else
@@ -8035,12 +8759,12 @@ case $ac_func_getpgrp_0:$ac_func_getpgrp_1 in
8035 yes:no) ac_cv_func_getpgrp_void=yes;; 8759 yes:no) ac_cv_func_getpgrp_void=yes;;
8036 no:yes) ac_cv_func_getpgrp_void=false;; 8760 no:yes) ac_cv_func_getpgrp_void=false;;
8037 *) if test "$cross_compiling" = yes; then 8761 *) if test "$cross_compiling" = yes; then
8038 { { echo "$as_me:8038: error: cannot check getpgrp if cross compiling" >&5 8762 { { echo "$as_me:8762: error: cannot check getpgrp if cross compiling" >&5
8039echo "$as_me: error: cannot check getpgrp if cross compiling" >&2;} 8763echo "$as_me: error: cannot check getpgrp if cross compiling" >&2;}
8040 { (exit 1); exit 1; }; } 8764 { (exit 1); exit 1; }; }
8041else 8765else
8042 cat >conftest.$ac_ext <<_ACEOF 8766 cat >conftest.$ac_ext <<_ACEOF
8043#line 8043 "configure" 8767#line 8767 "configure"
8044#include "confdefs.h" 8768#include "confdefs.h"
8045$ac_includes_default 8769$ac_includes_default
8046 8770
@@ -8094,15 +8818,15 @@ main ()
8094 8818
8095_ACEOF 8819_ACEOF
8096rm -f conftest$ac_exeext 8820rm -f conftest$ac_exeext
8097if { (eval echo "$as_me:8097: \"$ac_link\"") >&5 8821if { (eval echo "$as_me:8821: \"$ac_link\"") >&5
8098 (eval $ac_link) 2>&5 8822 (eval $ac_link) 2>&5
8099 ac_status=$? 8823 ac_status=$?
8100 echo "$as_me:8100: \$? = $ac_status" >&5 8824 echo "$as_me:8824: \$? = $ac_status" >&5
8101 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' 8825 (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
8102 { (eval echo "$as_me:8102: \"$ac_try\"") >&5 8826 { (eval echo "$as_me:8826: \"$ac_try\"") >&5
8103 (eval $ac_try) 2>&5 8827 (eval $ac_try) 2>&5
8104 ac_status=$? 8828 ac_status=$?
8105 echo "$as_me:8105: \$? = $ac_status" >&5 8829 echo "$as_me:8829: \$? = $ac_status" >&5
8106 (exit $ac_status); }; }; then 8830 (exit $ac_status); }; }; then
8107 ac_cv_func_getpgrp_void=yes 8831 ac_cv_func_getpgrp_void=yes
8108else 8832else
@@ -8116,7 +8840,7 @@ fi;;
8116esac # $ac_func_getpgrp_0:$ac_func_getpgrp_1 8840esac # $ac_func_getpgrp_0:$ac_func_getpgrp_1
8117 8841
8118fi 8842fi
8119echo "$as_me:8119: result: $ac_cv_func_getpgrp_void" >&5 8843echo "$as_me:8843: result: $ac_cv_func_getpgrp_void" >&5
8120echo "${ECHO_T}$ac_cv_func_getpgrp_void" >&6 8844echo "${ECHO_T}$ac_cv_func_getpgrp_void" >&6
8121if test $ac_cv_func_getpgrp_void = yes; then 8845if test $ac_cv_func_getpgrp_void = yes; then
8122 8846
@@ -8134,13 +8858,14 @@ if test "${with_pam+set}" = set; then
8134 withval="$with_pam" 8858 withval="$with_pam"
8135 8859
8136 if test "x$withval" != "xno" ; then 8860 if test "x$withval" != "xno" ; then
8137 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" ; then 8861 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
8138 { { echo "$as_me:8138: error: PAM headers not found" >&5 8862 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
8863 { { echo "$as_me:8863: error: PAM headers not found" >&5
8139echo "$as_me: error: PAM headers not found" >&2;} 8864echo "$as_me: error: PAM headers not found" >&2;}
8140 { (exit 1); exit 1; }; } 8865 { (exit 1); exit 1; }; }
8141 fi 8866 fi
8142 8867
8143echo "$as_me:8143: checking for dlopen in -ldl" >&5 8868echo "$as_me:8868: checking for dlopen in -ldl" >&5
8144echo $ECHO_N "checking for dlopen in -ldl... $ECHO_C" >&6 8869echo $ECHO_N "checking for dlopen in -ldl... $ECHO_C" >&6
8145if test "${ac_cv_lib_dl_dlopen+set}" = set; then 8870if test "${ac_cv_lib_dl_dlopen+set}" = set; then
8146 echo $ECHO_N "(cached) $ECHO_C" >&6 8871 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -8148,7 +8873,7 @@ else
8148 ac_check_lib_save_LIBS=$LIBS 8873 ac_check_lib_save_LIBS=$LIBS
8149LIBS="-ldl $LIBS" 8874LIBS="-ldl $LIBS"
8150cat >conftest.$ac_ext <<_ACEOF 8875cat >conftest.$ac_ext <<_ACEOF
8151#line 8151 "configure" 8876#line 8876 "configure"
8152#include "confdefs.h" 8877#include "confdefs.h"
8153 8878
8154/* Override any gcc2 internal prototype to avoid an error. */ 8879/* Override any gcc2 internal prototype to avoid an error. */
@@ -8167,16 +8892,16 @@ dlopen ();
8167} 8892}
8168_ACEOF 8893_ACEOF
8169rm -f conftest.$ac_objext conftest$ac_exeext 8894rm -f conftest.$ac_objext conftest$ac_exeext
8170if { (eval echo "$as_me:8170: \"$ac_link\"") >&5 8895if { (eval echo "$as_me:8895: \"$ac_link\"") >&5
8171 (eval $ac_link) 2>&5 8896 (eval $ac_link) 2>&5
8172 ac_status=$? 8897 ac_status=$?
8173 echo "$as_me:8173: \$? = $ac_status" >&5 8898 echo "$as_me:8898: \$? = $ac_status" >&5
8174 (exit $ac_status); } && 8899 (exit $ac_status); } &&
8175 { ac_try='test -s conftest$ac_exeext' 8900 { ac_try='test -s conftest$ac_exeext'
8176 { (eval echo "$as_me:8176: \"$ac_try\"") >&5 8901 { (eval echo "$as_me:8901: \"$ac_try\"") >&5
8177 (eval $ac_try) 2>&5 8902 (eval $ac_try) 2>&5
8178 ac_status=$? 8903 ac_status=$?
8179 echo "$as_me:8179: \$? = $ac_status" >&5 8904 echo "$as_me:8904: \$? = $ac_status" >&5
8180 (exit $ac_status); }; }; then 8905 (exit $ac_status); }; }; then
8181 ac_cv_lib_dl_dlopen=yes 8906 ac_cv_lib_dl_dlopen=yes
8182else 8907else
@@ -8187,7 +8912,7 @@ fi
8187rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 8912rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
8188LIBS=$ac_check_lib_save_LIBS 8913LIBS=$ac_check_lib_save_LIBS
8189fi 8914fi
8190echo "$as_me:8190: result: $ac_cv_lib_dl_dlopen" >&5 8915echo "$as_me:8915: result: $ac_cv_lib_dl_dlopen" >&5
8191echo "${ECHO_T}$ac_cv_lib_dl_dlopen" >&6 8916echo "${ECHO_T}$ac_cv_lib_dl_dlopen" >&6
8192if test $ac_cv_lib_dl_dlopen = yes; then 8917if test $ac_cv_lib_dl_dlopen = yes; then
8193 cat >>confdefs.h <<EOF 8918 cat >>confdefs.h <<EOF
@@ -8198,7 +8923,7 @@ EOF
8198 8923
8199fi 8924fi
8200 8925
8201echo "$as_me:8201: checking for pam_set_item in -lpam" >&5 8926echo "$as_me:8926: checking for pam_set_item in -lpam" >&5
8202echo $ECHO_N "checking for pam_set_item in -lpam... $ECHO_C" >&6 8927echo $ECHO_N "checking for pam_set_item in -lpam... $ECHO_C" >&6
8203if test "${ac_cv_lib_pam_pam_set_item+set}" = set; then 8928if test "${ac_cv_lib_pam_pam_set_item+set}" = set; then
8204 echo $ECHO_N "(cached) $ECHO_C" >&6 8929 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -8206,7 +8931,7 @@ else
8206 ac_check_lib_save_LIBS=$LIBS 8931 ac_check_lib_save_LIBS=$LIBS
8207LIBS="-lpam $LIBS" 8932LIBS="-lpam $LIBS"
8208cat >conftest.$ac_ext <<_ACEOF 8933cat >conftest.$ac_ext <<_ACEOF
8209#line 8209 "configure" 8934#line 8934 "configure"
8210#include "confdefs.h" 8935#include "confdefs.h"
8211 8936
8212/* Override any gcc2 internal prototype to avoid an error. */ 8937/* Override any gcc2 internal prototype to avoid an error. */
@@ -8225,16 +8950,16 @@ pam_set_item ();
8225} 8950}
8226_ACEOF 8951_ACEOF
8227rm -f conftest.$ac_objext conftest$ac_exeext 8952rm -f conftest.$ac_objext conftest$ac_exeext
8228if { (eval echo "$as_me:8228: \"$ac_link\"") >&5 8953if { (eval echo "$as_me:8953: \"$ac_link\"") >&5
8229 (eval $ac_link) 2>&5 8954 (eval $ac_link) 2>&5
8230 ac_status=$? 8955 ac_status=$?
8231 echo "$as_me:8231: \$? = $ac_status" >&5 8956 echo "$as_me:8956: \$? = $ac_status" >&5
8232 (exit $ac_status); } && 8957 (exit $ac_status); } &&
8233 { ac_try='test -s conftest$ac_exeext' 8958 { ac_try='test -s conftest$ac_exeext'
8234 { (eval echo "$as_me:8234: \"$ac_try\"") >&5 8959 { (eval echo "$as_me:8959: \"$ac_try\"") >&5
8235 (eval $ac_try) 2>&5 8960 (eval $ac_try) 2>&5
8236 ac_status=$? 8961 ac_status=$?
8237 echo "$as_me:8237: \$? = $ac_status" >&5 8962 echo "$as_me:8962: \$? = $ac_status" >&5
8238 (exit $ac_status); }; }; then 8963 (exit $ac_status); }; }; then
8239 ac_cv_lib_pam_pam_set_item=yes 8964 ac_cv_lib_pam_pam_set_item=yes
8240else 8965else
@@ -8245,7 +8970,7 @@ fi
8245rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 8970rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
8246LIBS=$ac_check_lib_save_LIBS 8971LIBS=$ac_check_lib_save_LIBS
8247fi 8972fi
8248echo "$as_me:8248: result: $ac_cv_lib_pam_pam_set_item" >&5 8973echo "$as_me:8973: result: $ac_cv_lib_pam_pam_set_item" >&5
8249echo "${ECHO_T}$ac_cv_lib_pam_pam_set_item" >&6 8974echo "${ECHO_T}$ac_cv_lib_pam_pam_set_item" >&6
8250if test $ac_cv_lib_pam_pam_set_item = yes; then 8975if test $ac_cv_lib_pam_pam_set_item = yes; then
8251 cat >>confdefs.h <<EOF 8976 cat >>confdefs.h <<EOF
@@ -8255,7 +8980,7 @@ EOF
8255 LIBS="-lpam $LIBS" 8980 LIBS="-lpam $LIBS"
8256 8981
8257else 8982else
8258 { { echo "$as_me:8258: error: *** libpam missing" >&5 8983 { { echo "$as_me:8983: error: *** libpam missing" >&5
8259echo "$as_me: error: *** libpam missing" >&2;} 8984echo "$as_me: error: *** libpam missing" >&2;}
8260 { (exit 1); exit 1; }; } 8985 { (exit 1); exit 1; }; }
8261fi 8986fi
@@ -8263,13 +8988,13 @@ fi
8263for ac_func in pam_getenvlist 8988for ac_func in pam_getenvlist
8264do 8989do
8265as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` 8990as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
8266echo "$as_me:8266: checking for $ac_func" >&5 8991echo "$as_me:8991: checking for $ac_func" >&5
8267echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 8992echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
8268if eval "test \"\${$as_ac_var+set}\" = set"; then 8993if eval "test \"\${$as_ac_var+set}\" = set"; then
8269 echo $ECHO_N "(cached) $ECHO_C" >&6 8994 echo $ECHO_N "(cached) $ECHO_C" >&6
8270else 8995else
8271 cat >conftest.$ac_ext <<_ACEOF 8996 cat >conftest.$ac_ext <<_ACEOF
8272#line 8272 "configure" 8997#line 8997 "configure"
8273#include "confdefs.h" 8998#include "confdefs.h"
8274/* System header to define __stub macros and hopefully few prototypes, 8999/* System header to define __stub macros and hopefully few prototypes,
8275 which can conflict with char $ac_func (); below. */ 9000 which can conflict with char $ac_func (); below. */
@@ -8300,16 +9025,16 @@ f = $ac_func;
8300} 9025}
8301_ACEOF 9026_ACEOF
8302rm -f conftest.$ac_objext conftest$ac_exeext 9027rm -f conftest.$ac_objext conftest$ac_exeext
8303if { (eval echo "$as_me:8303: \"$ac_link\"") >&5 9028if { (eval echo "$as_me:9028: \"$ac_link\"") >&5
8304 (eval $ac_link) 2>&5 9029 (eval $ac_link) 2>&5
8305 ac_status=$? 9030 ac_status=$?
8306 echo "$as_me:8306: \$? = $ac_status" >&5 9031 echo "$as_me:9031: \$? = $ac_status" >&5
8307 (exit $ac_status); } && 9032 (exit $ac_status); } &&
8308 { ac_try='test -s conftest$ac_exeext' 9033 { ac_try='test -s conftest$ac_exeext'
8309 { (eval echo "$as_me:8309: \"$ac_try\"") >&5 9034 { (eval echo "$as_me:9034: \"$ac_try\"") >&5
8310 (eval $ac_try) 2>&5 9035 (eval $ac_try) 2>&5
8311 ac_status=$? 9036 ac_status=$?
8312 echo "$as_me:8312: \$? = $ac_status" >&5 9037 echo "$as_me:9037: \$? = $ac_status" >&5
8313 (exit $ac_status); }; }; then 9038 (exit $ac_status); }; }; then
8314 eval "$as_ac_var=yes" 9039 eval "$as_ac_var=yes"
8315else 9040else
@@ -8319,7 +9044,7 @@ eval "$as_ac_var=no"
8319fi 9044fi
8320rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 9045rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
8321fi 9046fi
8322echo "$as_me:8322: result: `eval echo '${'$as_ac_var'}'`" >&5 9047echo "$as_me:9047: result: `eval echo '${'$as_ac_var'}'`" >&5
8323echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 9048echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
8324if test `eval echo '${'$as_ac_var'}'` = yes; then 9049if test `eval echo '${'$as_ac_var'}'` = yes; then
8325 cat >>confdefs.h <<EOF 9050 cat >>confdefs.h <<EOF
@@ -8332,13 +9057,13 @@ done
8332for ac_func in pam_putenv 9057for ac_func in pam_putenv
8333do 9058do
8334as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` 9059as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
8335echo "$as_me:8335: checking for $ac_func" >&5 9060echo "$as_me:9060: checking for $ac_func" >&5
8336echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 9061echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
8337if eval "test \"\${$as_ac_var+set}\" = set"; then 9062if eval "test \"\${$as_ac_var+set}\" = set"; then
8338 echo $ECHO_N "(cached) $ECHO_C" >&6 9063 echo $ECHO_N "(cached) $ECHO_C" >&6
8339else 9064else
8340 cat >conftest.$ac_ext <<_ACEOF 9065 cat >conftest.$ac_ext <<_ACEOF
8341#line 8341 "configure" 9066#line 9066 "configure"
8342#include "confdefs.h" 9067#include "confdefs.h"
8343/* System header to define __stub macros and hopefully few prototypes, 9068/* System header to define __stub macros and hopefully few prototypes,
8344 which can conflict with char $ac_func (); below. */ 9069 which can conflict with char $ac_func (); below. */
@@ -8369,16 +9094,16 @@ f = $ac_func;
8369} 9094}
8370_ACEOF 9095_ACEOF
8371rm -f conftest.$ac_objext conftest$ac_exeext 9096rm -f conftest.$ac_objext conftest$ac_exeext
8372if { (eval echo "$as_me:8372: \"$ac_link\"") >&5 9097if { (eval echo "$as_me:9097: \"$ac_link\"") >&5
8373 (eval $ac_link) 2>&5 9098 (eval $ac_link) 2>&5
8374 ac_status=$? 9099 ac_status=$?
8375 echo "$as_me:8375: \$? = $ac_status" >&5 9100 echo "$as_me:9100: \$? = $ac_status" >&5
8376 (exit $ac_status); } && 9101 (exit $ac_status); } &&
8377 { ac_try='test -s conftest$ac_exeext' 9102 { ac_try='test -s conftest$ac_exeext'
8378 { (eval echo "$as_me:8378: \"$ac_try\"") >&5 9103 { (eval echo "$as_me:9103: \"$ac_try\"") >&5
8379 (eval $ac_try) 2>&5 9104 (eval $ac_try) 2>&5
8380 ac_status=$? 9105 ac_status=$?
8381 echo "$as_me:8381: \$? = $ac_status" >&5 9106 echo "$as_me:9106: \$? = $ac_status" >&5
8382 (exit $ac_status); }; }; then 9107 (exit $ac_status); }; }; then
8383 eval "$as_ac_var=yes" 9108 eval "$as_ac_var=yes"
8384else 9109else
@@ -8388,7 +9113,7 @@ eval "$as_ac_var=no"
8388fi 9113fi
8389rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 9114rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
8390fi 9115fi
8391echo "$as_me:8391: result: `eval echo '${'$as_ac_var'}'`" >&5 9116echo "$as_me:9116: result: `eval echo '${'$as_ac_var'}'`" >&5
8392echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 9117echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
8393if test `eval echo '${'$as_ac_var'}'` = yes; then 9118if test `eval echo '${'$as_ac_var'}'` = yes; then
8394 cat >>confdefs.h <<EOF 9119 cat >>confdefs.h <<EOF
@@ -8398,7 +9123,6 @@ EOF
8398fi 9123fi
8399done 9124done
8400 9125
8401 disable_shadow=yes
8402 PAM_MSG="yes" 9126 PAM_MSG="yes"
8403 9127
8404 cat >>confdefs.h <<\EOF 9128 cat >>confdefs.h <<\EOF
@@ -8418,14 +9142,18 @@ fi;
8418# Check for older PAM 9142# Check for older PAM
8419if test "x$PAM_MSG" = "xyes" ; then 9143if test "x$PAM_MSG" = "xyes" ; then
8420 # Check PAM strerror arguments (old PAM) 9144 # Check PAM strerror arguments (old PAM)
8421 echo "$as_me:8421: checking whether pam_strerror takes only one argument" >&5 9145 echo "$as_me:9145: checking whether pam_strerror takes only one argument" >&5
8422echo $ECHO_N "checking whether pam_strerror takes only one argument... $ECHO_C" >&6 9146echo $ECHO_N "checking whether pam_strerror takes only one argument... $ECHO_C" >&6
8423 cat >conftest.$ac_ext <<_ACEOF 9147 cat >conftest.$ac_ext <<_ACEOF
8424#line 8424 "configure" 9148#line 9148 "configure"
8425#include "confdefs.h" 9149#include "confdefs.h"
8426 9150
8427#include <stdlib.h> 9151#include <stdlib.h>
9152#if defined(HAVE_SECURITY_PAM_APPL_H)
8428#include <security/pam_appl.h> 9153#include <security/pam_appl.h>
9154#elif defined (HAVE_PAM_PAM_APPL_H)
9155#include <pam/pam_appl.h>
9156#endif
8429 9157
8430int 9158int
8431main () 9159main ()
@@ -8436,18 +9164,18 @@ main ()
8436} 9164}
8437_ACEOF 9165_ACEOF
8438rm -f conftest.$ac_objext 9166rm -f conftest.$ac_objext
8439if { (eval echo "$as_me:8439: \"$ac_compile\"") >&5 9167if { (eval echo "$as_me:9167: \"$ac_compile\"") >&5
8440 (eval $ac_compile) 2>&5 9168 (eval $ac_compile) 2>&5
8441 ac_status=$? 9169 ac_status=$?
8442 echo "$as_me:8442: \$? = $ac_status" >&5 9170 echo "$as_me:9170: \$? = $ac_status" >&5
8443 (exit $ac_status); } && 9171 (exit $ac_status); } &&
8444 { ac_try='test -s conftest.$ac_objext' 9172 { ac_try='test -s conftest.$ac_objext'
8445 { (eval echo "$as_me:8445: \"$ac_try\"") >&5 9173 { (eval echo "$as_me:9173: \"$ac_try\"") >&5
8446 (eval $ac_try) 2>&5 9174 (eval $ac_try) 2>&5
8447 ac_status=$? 9175 ac_status=$?
8448 echo "$as_me:8448: \$? = $ac_status" >&5 9176 echo "$as_me:9176: \$? = $ac_status" >&5
8449 (exit $ac_status); }; }; then 9177 (exit $ac_status); }; }; then
8450 echo "$as_me:8450: result: no" >&5 9178 echo "$as_me:9178: result: no" >&5
8451echo "${ECHO_T}no" >&6 9179echo "${ECHO_T}no" >&6
8452else 9180else
8453 echo "$as_me: failed program was:" >&5 9181 echo "$as_me: failed program was:" >&5
@@ -8457,7 +9185,7 @@ cat conftest.$ac_ext >&5
8457#define HAVE_OLD_PAM 1 9185#define HAVE_OLD_PAM 1
8458EOF 9186EOF
8459 9187
8460 echo "$as_me:8460: result: yes" >&5 9188 echo "$as_me:9188: result: yes" >&5
8461echo "${ECHO_T}yes" >&6 9189echo "${ECHO_T}yes" >&6
8462 PAM_MSG="yes (old library)" 9190 PAM_MSG="yes (old library)"
8463 9191
@@ -8465,70 +9193,6 @@ fi
8465rm -f conftest.$ac_objext conftest.$ac_ext 9193rm -f conftest.$ac_objext conftest.$ac_ext
8466fi 9194fi
8467 9195
8468# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
8469# because the system crypt() is more featureful.
8470if test "x$check_for_libcrypt_before" = "x1"; then
8471
8472echo "$as_me:8472: checking for crypt in -lcrypt" >&5
8473echo $ECHO_N "checking for crypt in -lcrypt... $ECHO_C" >&6
8474if test "${ac_cv_lib_crypt_crypt+set}" = set; then
8475 echo $ECHO_N "(cached) $ECHO_C" >&6
8476else
8477 ac_check_lib_save_LIBS=$LIBS
8478LIBS="-lcrypt $LIBS"
8479cat >conftest.$ac_ext <<_ACEOF
8480#line 8480 "configure"
8481#include "confdefs.h"
8482
8483/* Override any gcc2 internal prototype to avoid an error. */
8484#ifdef __cplusplus
8485extern "C"
8486#endif
8487/* We use char because int might match the return type of a gcc2
8488 builtin and then its argument prototype would still apply. */
8489char crypt ();
8490int
8491main ()
8492{
8493crypt ();
8494 ;
8495 return 0;
8496}
8497_ACEOF
8498rm -f conftest.$ac_objext conftest$ac_exeext
8499if { (eval echo "$as_me:8499: \"$ac_link\"") >&5
8500 (eval $ac_link) 2>&5
8501 ac_status=$?
8502 echo "$as_me:8502: \$? = $ac_status" >&5
8503 (exit $ac_status); } &&
8504 { ac_try='test -s conftest$ac_exeext'
8505 { (eval echo "$as_me:8505: \"$ac_try\"") >&5
8506 (eval $ac_try) 2>&5
8507 ac_status=$?
8508 echo "$as_me:8508: \$? = $ac_status" >&5
8509 (exit $ac_status); }; }; then
8510 ac_cv_lib_crypt_crypt=yes
8511else
8512 echo "$as_me: failed program was:" >&5
8513cat conftest.$ac_ext >&5
8514ac_cv_lib_crypt_crypt=no
8515fi
8516rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
8517LIBS=$ac_check_lib_save_LIBS
8518fi
8519echo "$as_me:8519: result: $ac_cv_lib_crypt_crypt" >&5
8520echo "${ECHO_T}$ac_cv_lib_crypt_crypt" >&6
8521if test $ac_cv_lib_crypt_crypt = yes; then
8522 cat >>confdefs.h <<EOF
8523#define HAVE_LIBCRYPT 1
8524EOF
8525
8526 LIBS="-lcrypt $LIBS"
8527
8528fi
8529
8530fi
8531
8532# Search for OpenSSL 9196# Search for OpenSSL
8533saved_CPPFLAGS="$CPPFLAGS" 9197saved_CPPFLAGS="$CPPFLAGS"
8534saved_LDFLAGS="$LDFLAGS" 9198saved_LDFLAGS="$LDFLAGS"
@@ -8559,9 +9223,9 @@ if test "${with_ssl_dir+set}" = set; then
8559 fi 9223 fi
8560 9224
8561fi; 9225fi;
8562LIBS="$LIBS -lcrypto" 9226LIBS="-lcrypto $LIBS"
8563cat >conftest.$ac_ext <<_ACEOF 9227cat >conftest.$ac_ext <<_ACEOF
8564#line 8564 "configure" 9228#line 9228 "configure"
8565#include "confdefs.h" 9229#include "confdefs.h"
8566 9230
8567/* Override any gcc2 internal prototype to avoid an error. */ 9231/* Override any gcc2 internal prototype to avoid an error. */
@@ -8580,16 +9244,16 @@ RAND_add ();
8580} 9244}
8581_ACEOF 9245_ACEOF
8582rm -f conftest.$ac_objext conftest$ac_exeext 9246rm -f conftest.$ac_objext conftest$ac_exeext
8583if { (eval echo "$as_me:8583: \"$ac_link\"") >&5 9247if { (eval echo "$as_me:9247: \"$ac_link\"") >&5
8584 (eval $ac_link) 2>&5 9248 (eval $ac_link) 2>&5
8585 ac_status=$? 9249 ac_status=$?
8586 echo "$as_me:8586: \$? = $ac_status" >&5 9250 echo "$as_me:9250: \$? = $ac_status" >&5
8587 (exit $ac_status); } && 9251 (exit $ac_status); } &&
8588 { ac_try='test -s conftest$ac_exeext' 9252 { ac_try='test -s conftest$ac_exeext'
8589 { (eval echo "$as_me:8589: \"$ac_try\"") >&5 9253 { (eval echo "$as_me:9253: \"$ac_try\"") >&5
8590 (eval $ac_try) 2>&5 9254 (eval $ac_try) 2>&5
8591 ac_status=$? 9255 ac_status=$?
8592 echo "$as_me:8592: \$? = $ac_status" >&5 9256 echo "$as_me:9256: \$? = $ac_status" >&5
8593 (exit $ac_status); }; }; then 9257 (exit $ac_status); }; }; then
8594 cat >>confdefs.h <<\EOF 9258 cat >>confdefs.h <<\EOF
8595#define HAVE_OPENSSL 1 9259#define HAVE_OPENSSL 1
@@ -8606,7 +9270,7 @@ cat conftest.$ac_ext >&5
8606 fi 9270 fi
8607 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}" 9271 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
8608 cat >conftest.$ac_ext <<_ACEOF 9272 cat >conftest.$ac_ext <<_ACEOF
8609#line 8609 "configure" 9273#line 9273 "configure"
8610#include "confdefs.h" 9274#include "confdefs.h"
8611 9275
8612/* Override any gcc2 internal prototype to avoid an error. */ 9276/* Override any gcc2 internal prototype to avoid an error. */
@@ -8625,16 +9289,16 @@ RAND_add ();
8625} 9289}
8626_ACEOF 9290_ACEOF
8627rm -f conftest.$ac_objext conftest$ac_exeext 9291rm -f conftest.$ac_objext conftest$ac_exeext
8628if { (eval echo "$as_me:8628: \"$ac_link\"") >&5 9292if { (eval echo "$as_me:9292: \"$ac_link\"") >&5
8629 (eval $ac_link) 2>&5 9293 (eval $ac_link) 2>&5
8630 ac_status=$? 9294 ac_status=$?
8631 echo "$as_me:8631: \$? = $ac_status" >&5 9295 echo "$as_me:9295: \$? = $ac_status" >&5
8632 (exit $ac_status); } && 9296 (exit $ac_status); } &&
8633 { ac_try='test -s conftest$ac_exeext' 9297 { ac_try='test -s conftest$ac_exeext'
8634 { (eval echo "$as_me:8634: \"$ac_try\"") >&5 9298 { (eval echo "$as_me:9298: \"$ac_try\"") >&5
8635 (eval $ac_try) 2>&5 9299 (eval $ac_try) 2>&5
8636 ac_status=$? 9300 ac_status=$?
8637 echo "$as_me:8637: \$? = $ac_status" >&5 9301 echo "$as_me:9301: \$? = $ac_status" >&5
8638 (exit $ac_status); }; }; then 9302 (exit $ac_status); }; }; then
8639 cat >>confdefs.h <<\EOF 9303 cat >>confdefs.h <<\EOF
8640#define HAVE_OPENSSL 1 9304#define HAVE_OPENSSL 1
@@ -8644,7 +9308,7 @@ else
8644 echo "$as_me: failed program was:" >&5 9308 echo "$as_me: failed program was:" >&5
8645cat conftest.$ac_ext >&5 9309cat conftest.$ac_ext >&5
8646 9310
8647 { { echo "$as_me:8647: error: *** Can't find recent OpenSSL libcrypto (see config.log for details) ***" >&5 9311 { { echo "$as_me:9311: error: *** Can't find recent OpenSSL libcrypto (see config.log for details) ***" >&5
8648echo "$as_me: error: *** Can't find recent OpenSSL libcrypto (see config.log for details) ***" >&2;} 9312echo "$as_me: error: *** Can't find recent OpenSSL libcrypto (see config.log for details) ***" >&2;}
8649 { (exit 1); exit 1; }; } 9313 { (exit 1); exit 1; }; }
8650 9314
@@ -8655,15 +9319,15 @@ fi
8655rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 9319rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
8656 9320
8657# Determine OpenSSL header version 9321# Determine OpenSSL header version
8658echo "$as_me:8658: checking OpenSSL header version" >&5 9322echo "$as_me:9322: checking OpenSSL header version" >&5
8659echo $ECHO_N "checking OpenSSL header version... $ECHO_C" >&6 9323echo $ECHO_N "checking OpenSSL header version... $ECHO_C" >&6
8660if test "$cross_compiling" = yes; then 9324if test "$cross_compiling" = yes; then
8661 { { echo "$as_me:8661: error: cannot run test program while cross compiling" >&5 9325 { { echo "$as_me:9325: error: cannot run test program while cross compiling" >&5
8662echo "$as_me: error: cannot run test program while cross compiling" >&2;} 9326echo "$as_me: error: cannot run test program while cross compiling" >&2;}
8663 { (exit 1); exit 1; }; } 9327 { (exit 1); exit 1; }; }
8664else 9328else
8665 cat >conftest.$ac_ext <<_ACEOF 9329 cat >conftest.$ac_ext <<_ACEOF
8666#line 8666 "configure" 9330#line 9330 "configure"
8667#include "confdefs.h" 9331#include "confdefs.h"
8668 9332
8669#include <stdio.h> 9333#include <stdio.h>
@@ -8671,12 +9335,12 @@ else
8671#include <openssl/opensslv.h> 9335#include <openssl/opensslv.h>
8672#define DATA "conftest.sslincver" 9336#define DATA "conftest.sslincver"
8673int main(void) { 9337int main(void) {
8674 FILE *fd; 9338 FILE *fd;
8675 int rc; 9339 int rc;
8676 9340
8677 fd = fopen(DATA,"w"); 9341 fd = fopen(DATA,"w");
8678 if(fd == NULL) 9342 if(fd == NULL)
8679 exit(1); 9343 exit(1);
8680 9344
8681 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0) 9345 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
8682 exit(1); 9346 exit(1);
@@ -8686,19 +9350,19 @@ int main(void) {
8686 9350
8687_ACEOF 9351_ACEOF
8688rm -f conftest$ac_exeext 9352rm -f conftest$ac_exeext
8689if { (eval echo "$as_me:8689: \"$ac_link\"") >&5 9353if { (eval echo "$as_me:9353: \"$ac_link\"") >&5
8690 (eval $ac_link) 2>&5 9354 (eval $ac_link) 2>&5
8691 ac_status=$? 9355 ac_status=$?
8692 echo "$as_me:8692: \$? = $ac_status" >&5 9356 echo "$as_me:9356: \$? = $ac_status" >&5
8693 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' 9357 (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
8694 { (eval echo "$as_me:8694: \"$ac_try\"") >&5 9358 { (eval echo "$as_me:9358: \"$ac_try\"") >&5
8695 (eval $ac_try) 2>&5 9359 (eval $ac_try) 2>&5
8696 ac_status=$? 9360 ac_status=$?
8697 echo "$as_me:8697: \$? = $ac_status" >&5 9361 echo "$as_me:9361: \$? = $ac_status" >&5
8698 (exit $ac_status); }; }; then 9362 (exit $ac_status); }; }; then
8699 9363
8700 ssl_header_ver=`cat conftest.sslincver` 9364 ssl_header_ver=`cat conftest.sslincver`
8701 echo "$as_me:8701: result: $ssl_header_ver" >&5 9365 echo "$as_me:9365: result: $ssl_header_ver" >&5
8702echo "${ECHO_T}$ssl_header_ver" >&6 9366echo "${ECHO_T}$ssl_header_ver" >&6
8703 9367
8704else 9368else
@@ -8706,9 +9370,9 @@ else
8706echo "$as_me: failed program was:" >&5 9370echo "$as_me: failed program was:" >&5
8707cat conftest.$ac_ext >&5 9371cat conftest.$ac_ext >&5
8708 9372
8709 echo "$as_me:8709: result: not found" >&5 9373 echo "$as_me:9373: result: not found" >&5
8710echo "${ECHO_T}not found" >&6 9374echo "${ECHO_T}not found" >&6
8711 { { echo "$as_me:8711: error: OpenSSL version header not found." >&5 9375 { { echo "$as_me:9375: error: OpenSSL version header not found." >&5
8712echo "$as_me: error: OpenSSL version header not found." >&2;} 9376echo "$as_me: error: OpenSSL version header not found." >&2;}
8713 { (exit 1); exit 1; }; } 9377 { (exit 1); exit 1; }; }
8714 9378
@@ -8717,15 +9381,15 @@ rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
8717fi 9381fi
8718 9382
8719# Determine OpenSSL library version 9383# Determine OpenSSL library version
8720echo "$as_me:8720: checking OpenSSL library version" >&5 9384echo "$as_me:9384: checking OpenSSL library version" >&5
8721echo $ECHO_N "checking OpenSSL library version... $ECHO_C" >&6 9385echo $ECHO_N "checking OpenSSL library version... $ECHO_C" >&6
8722if test "$cross_compiling" = yes; then 9386if test "$cross_compiling" = yes; then
8723 { { echo "$as_me:8723: error: cannot run test program while cross compiling" >&5 9387 { { echo "$as_me:9387: error: cannot run test program while cross compiling" >&5
8724echo "$as_me: error: cannot run test program while cross compiling" >&2;} 9388echo "$as_me: error: cannot run test program while cross compiling" >&2;}
8725 { (exit 1); exit 1; }; } 9389 { (exit 1); exit 1; }; }
8726else 9390else
8727 cat >conftest.$ac_ext <<_ACEOF 9391 cat >conftest.$ac_ext <<_ACEOF
8728#line 8728 "configure" 9392#line 9392 "configure"
8729#include "confdefs.h" 9393#include "confdefs.h"
8730 9394
8731#include <stdio.h> 9395#include <stdio.h>
@@ -8734,12 +9398,12 @@ else
8734#include <openssl/crypto.h> 9398#include <openssl/crypto.h>
8735#define DATA "conftest.ssllibver" 9399#define DATA "conftest.ssllibver"
8736int main(void) { 9400int main(void) {
8737 FILE *fd; 9401 FILE *fd;
8738 int rc; 9402 int rc;
8739 9403
8740 fd = fopen(DATA,"w"); 9404 fd = fopen(DATA,"w");
8741 if(fd == NULL) 9405 if(fd == NULL)
8742 exit(1); 9406 exit(1);
8743 9407
8744 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0) 9408 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
8745 exit(1); 9409 exit(1);
@@ -8749,19 +9413,19 @@ int main(void) {
8749 9413
8750_ACEOF 9414_ACEOF
8751rm -f conftest$ac_exeext 9415rm -f conftest$ac_exeext
8752if { (eval echo "$as_me:8752: \"$ac_link\"") >&5 9416if { (eval echo "$as_me:9416: \"$ac_link\"") >&5
8753 (eval $ac_link) 2>&5 9417 (eval $ac_link) 2>&5
8754 ac_status=$? 9418 ac_status=$?
8755 echo "$as_me:8755: \$? = $ac_status" >&5 9419 echo "$as_me:9419: \$? = $ac_status" >&5
8756 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' 9420 (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
8757 { (eval echo "$as_me:8757: \"$ac_try\"") >&5 9421 { (eval echo "$as_me:9421: \"$ac_try\"") >&5
8758 (eval $ac_try) 2>&5 9422 (eval $ac_try) 2>&5
8759 ac_status=$? 9423 ac_status=$?
8760 echo "$as_me:8760: \$? = $ac_status" >&5 9424 echo "$as_me:9424: \$? = $ac_status" >&5
8761 (exit $ac_status); }; }; then 9425 (exit $ac_status); }; }; then
8762 9426
8763 ssl_library_ver=`cat conftest.ssllibver` 9427 ssl_library_ver=`cat conftest.ssllibver`
8764 echo "$as_me:8764: result: $ssl_library_ver" >&5 9428 echo "$as_me:9428: result: $ssl_library_ver" >&5
8765echo "${ECHO_T}$ssl_library_ver" >&6 9429echo "${ECHO_T}$ssl_library_ver" >&6
8766 9430
8767else 9431else
@@ -8769,9 +9433,9 @@ else
8769echo "$as_me: failed program was:" >&5 9433echo "$as_me: failed program was:" >&5
8770cat conftest.$ac_ext >&5 9434cat conftest.$ac_ext >&5
8771 9435
8772 echo "$as_me:8772: result: not found" >&5 9436 echo "$as_me:9436: result: not found" >&5
8773echo "${ECHO_T}not found" >&6 9437echo "${ECHO_T}not found" >&6
8774 { { echo "$as_me:8774: error: OpenSSL library not found." >&5 9438 { { echo "$as_me:9438: error: OpenSSL library not found." >&5
8775echo "$as_me: error: OpenSSL library not found." >&2;} 9439echo "$as_me: error: OpenSSL library not found." >&2;}
8776 { (exit 1); exit 1; }; } 9440 { (exit 1); exit 1; }; }
8777 9441
@@ -8780,15 +9444,15 @@ rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
8780fi 9444fi
8781 9445
8782# Sanity check OpenSSL headers 9446# Sanity check OpenSSL headers
8783echo "$as_me:8783: checking whether OpenSSL's headers match the library" >&5 9447echo "$as_me:9447: checking whether OpenSSL's headers match the library" >&5
8784echo $ECHO_N "checking whether OpenSSL's headers match the library... $ECHO_C" >&6 9448echo $ECHO_N "checking whether OpenSSL's headers match the library... $ECHO_C" >&6
8785if test "$cross_compiling" = yes; then 9449if test "$cross_compiling" = yes; then
8786 { { echo "$as_me:8786: error: cannot run test program while cross compiling" >&5 9450 { { echo "$as_me:9450: error: cannot run test program while cross compiling" >&5
8787echo "$as_me: error: cannot run test program while cross compiling" >&2;} 9451echo "$as_me: error: cannot run test program while cross compiling" >&2;}
8788 { (exit 1); exit 1; }; } 9452 { (exit 1); exit 1; }; }
8789else 9453else
8790 cat >conftest.$ac_ext <<_ACEOF 9454 cat >conftest.$ac_ext <<_ACEOF
8791#line 8791 "configure" 9455#line 9455 "configure"
8792#include "confdefs.h" 9456#include "confdefs.h"
8793 9457
8794#include <string.h> 9458#include <string.h>
@@ -8797,18 +9461,18 @@ int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
8797 9461
8798_ACEOF 9462_ACEOF
8799rm -f conftest$ac_exeext 9463rm -f conftest$ac_exeext
8800if { (eval echo "$as_me:8800: \"$ac_link\"") >&5 9464if { (eval echo "$as_me:9464: \"$ac_link\"") >&5
8801 (eval $ac_link) 2>&5 9465 (eval $ac_link) 2>&5
8802 ac_status=$? 9466 ac_status=$?
8803 echo "$as_me:8803: \$? = $ac_status" >&5 9467 echo "$as_me:9467: \$? = $ac_status" >&5
8804 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' 9468 (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
8805 { (eval echo "$as_me:8805: \"$ac_try\"") >&5 9469 { (eval echo "$as_me:9469: \"$ac_try\"") >&5
8806 (eval $ac_try) 2>&5 9470 (eval $ac_try) 2>&5
8807 ac_status=$? 9471 ac_status=$?
8808 echo "$as_me:8808: \$? = $ac_status" >&5 9472 echo "$as_me:9472: \$? = $ac_status" >&5
8809 (exit $ac_status); }; }; then 9473 (exit $ac_status); }; }; then
8810 9474
8811 echo "$as_me:8811: result: yes" >&5 9475 echo "$as_me:9475: result: yes" >&5
8812echo "${ECHO_T}yes" >&6 9476echo "${ECHO_T}yes" >&6
8813 9477
8814else 9478else
@@ -8816,9 +9480,9 @@ else
8816echo "$as_me: failed program was:" >&5 9480echo "$as_me: failed program was:" >&5
8817cat conftest.$ac_ext >&5 9481cat conftest.$ac_ext >&5
8818 9482
8819 echo "$as_me:8819: result: no" >&5 9483 echo "$as_me:9483: result: no" >&5
8820echo "${ECHO_T}no" >&6 9484echo "${ECHO_T}no" >&6
8821 { { echo "$as_me:8821: error: Your OpenSSL headers do not match your library. 9485 { { echo "$as_me:9485: error: Your OpenSSL headers do not match your library.
8822Check config.log for details. 9486Check config.log for details.
8823Also see contrib/findssl.sh for help identifying header/library mismatches." >&5 9487Also see contrib/findssl.sh for help identifying header/library mismatches." >&5
8824echo "$as_me: error: Your OpenSSL headers do not match your library. 9488echo "$as_me: error: Your OpenSSL headers do not match your library.
@@ -8830,10 +9494,74 @@ fi
8830rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext 9494rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
8831fi 9495fi
8832 9496
9497# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
9498# because the system crypt() is more featureful.
9499if test "x$check_for_libcrypt_before" = "x1"; then
9500
9501echo "$as_me:9501: checking for crypt in -lcrypt" >&5
9502echo $ECHO_N "checking for crypt in -lcrypt... $ECHO_C" >&6
9503if test "${ac_cv_lib_crypt_crypt+set}" = set; then
9504 echo $ECHO_N "(cached) $ECHO_C" >&6
9505else
9506 ac_check_lib_save_LIBS=$LIBS
9507LIBS="-lcrypt $LIBS"
9508cat >conftest.$ac_ext <<_ACEOF
9509#line 9509 "configure"
9510#include "confdefs.h"
9511
9512/* Override any gcc2 internal prototype to avoid an error. */
9513#ifdef __cplusplus
9514extern "C"
9515#endif
9516/* We use char because int might match the return type of a gcc2
9517 builtin and then its argument prototype would still apply. */
9518char crypt ();
9519int
9520main ()
9521{
9522crypt ();
9523 ;
9524 return 0;
9525}
9526_ACEOF
9527rm -f conftest.$ac_objext conftest$ac_exeext
9528if { (eval echo "$as_me:9528: \"$ac_link\"") >&5
9529 (eval $ac_link) 2>&5
9530 ac_status=$?
9531 echo "$as_me:9531: \$? = $ac_status" >&5
9532 (exit $ac_status); } &&
9533 { ac_try='test -s conftest$ac_exeext'
9534 { (eval echo "$as_me:9534: \"$ac_try\"") >&5
9535 (eval $ac_try) 2>&5
9536 ac_status=$?
9537 echo "$as_me:9537: \$? = $ac_status" >&5
9538 (exit $ac_status); }; }; then
9539 ac_cv_lib_crypt_crypt=yes
9540else
9541 echo "$as_me: failed program was:" >&5
9542cat conftest.$ac_ext >&5
9543ac_cv_lib_crypt_crypt=no
9544fi
9545rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
9546LIBS=$ac_check_lib_save_LIBS
9547fi
9548echo "$as_me:9548: result: $ac_cv_lib_crypt_crypt" >&5
9549echo "${ECHO_T}$ac_cv_lib_crypt_crypt" >&6
9550if test $ac_cv_lib_crypt_crypt = yes; then
9551 cat >>confdefs.h <<EOF
9552#define HAVE_LIBCRYPT 1
9553EOF
9554
9555 LIBS="-lcrypt $LIBS"
9556
9557fi
9558
9559fi
9560
8833# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the 9561# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8834# version in OpenSSL. Skip this for PAM 9562# version in OpenSSL.
8835if test "x$check_for_libcrypt_later" = "x1"; then 9563if test "x$check_for_libcrypt_later" = "x1"; then
8836 echo "$as_me:8836: checking for crypt in -lcrypt" >&5 9564 echo "$as_me:9564: checking for crypt in -lcrypt" >&5
8837echo $ECHO_N "checking for crypt in -lcrypt... $ECHO_C" >&6 9565echo $ECHO_N "checking for crypt in -lcrypt... $ECHO_C" >&6
8838if test "${ac_cv_lib_crypt_crypt+set}" = set; then 9566if test "${ac_cv_lib_crypt_crypt+set}" = set; then
8839 echo $ECHO_N "(cached) $ECHO_C" >&6 9567 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -8841,7 +9569,7 @@ else
8841 ac_check_lib_save_LIBS=$LIBS 9569 ac_check_lib_save_LIBS=$LIBS
8842LIBS="-lcrypt $LIBS" 9570LIBS="-lcrypt $LIBS"
8843cat >conftest.$ac_ext <<_ACEOF 9571cat >conftest.$ac_ext <<_ACEOF
8844#line 8844 "configure" 9572#line 9572 "configure"
8845#include "confdefs.h" 9573#include "confdefs.h"
8846 9574
8847/* Override any gcc2 internal prototype to avoid an error. */ 9575/* Override any gcc2 internal prototype to avoid an error. */
@@ -8860,16 +9588,16 @@ crypt ();
8860} 9588}
8861_ACEOF 9589_ACEOF
8862rm -f conftest.$ac_objext conftest$ac_exeext 9590rm -f conftest.$ac_objext conftest$ac_exeext
8863if { (eval echo "$as_me:8863: \"$ac_link\"") >&5 9591if { (eval echo "$as_me:9591: \"$ac_link\"") >&5
8864 (eval $ac_link) 2>&5 9592 (eval $ac_link) 2>&5
8865 ac_status=$? 9593 ac_status=$?
8866 echo "$as_me:8866: \$? = $ac_status" >&5 9594 echo "$as_me:9594: \$? = $ac_status" >&5
8867 (exit $ac_status); } && 9595 (exit $ac_status); } &&
8868 { ac_try='test -s conftest$ac_exeext' 9596 { ac_try='test -s conftest$ac_exeext'
8869 { (eval echo "$as_me:8869: \"$ac_try\"") >&5 9597 { (eval echo "$as_me:9597: \"$ac_try\"") >&5
8870 (eval $ac_try) 2>&5 9598 (eval $ac_try) 2>&5
8871 ac_status=$? 9599 ac_status=$?
8872 echo "$as_me:8872: \$? = $ac_status" >&5 9600 echo "$as_me:9600: \$? = $ac_status" >&5
8873 (exit $ac_status); }; }; then 9601 (exit $ac_status); }; }; then
8874 ac_cv_lib_crypt_crypt=yes 9602 ac_cv_lib_crypt_crypt=yes
8875else 9603else
@@ -8880,7 +9608,7 @@ fi
8880rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 9608rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
8881LIBS=$ac_check_lib_save_LIBS 9609LIBS=$ac_check_lib_save_LIBS
8882fi 9610fi
8883echo "$as_me:8883: result: $ac_cv_lib_crypt_crypt" >&5 9611echo "$as_me:9611: result: $ac_cv_lib_crypt_crypt" >&5
8884echo "${ECHO_T}$ac_cv_lib_crypt_crypt" >&6 9612echo "${ECHO_T}$ac_cv_lib_crypt_crypt" >&6
8885if test $ac_cv_lib_crypt_crypt = yes; then 9613if test $ac_cv_lib_crypt_crypt = yes; then
8886 LIBS="$LIBS -lcrypt" 9614 LIBS="$LIBS -lcrypt"
@@ -8891,15 +9619,15 @@ fi
8891### Configure cryptographic random number support 9619### Configure cryptographic random number support
8892 9620
8893# Check wheter OpenSSL seeds itself 9621# Check wheter OpenSSL seeds itself
8894echo "$as_me:8894: checking whether OpenSSL's PRNG is internally seeded" >&5 9622echo "$as_me:9622: checking whether OpenSSL's PRNG is internally seeded" >&5
8895echo $ECHO_N "checking whether OpenSSL's PRNG is internally seeded... $ECHO_C" >&6 9623echo $ECHO_N "checking whether OpenSSL's PRNG is internally seeded... $ECHO_C" >&6
8896if test "$cross_compiling" = yes; then 9624if test "$cross_compiling" = yes; then
8897 { { echo "$as_me:8897: error: cannot run test program while cross compiling" >&5 9625 { { echo "$as_me:9625: error: cannot run test program while cross compiling" >&5
8898echo "$as_me: error: cannot run test program while cross compiling" >&2;} 9626echo "$as_me: error: cannot run test program while cross compiling" >&2;}
8899 { (exit 1); exit 1; }; } 9627 { (exit 1); exit 1; }; }
8900else 9628else
8901 cat >conftest.$ac_ext <<_ACEOF 9629 cat >conftest.$ac_ext <<_ACEOF
8902#line 8902 "configure" 9630#line 9630 "configure"
8903#include "confdefs.h" 9631#include "confdefs.h"
8904 9632
8905#include <string.h> 9633#include <string.h>
@@ -8908,19 +9636,19 @@ int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
8908 9636
8909_ACEOF 9637_ACEOF
8910rm -f conftest$ac_exeext 9638rm -f conftest$ac_exeext
8911if { (eval echo "$as_me:8911: \"$ac_link\"") >&5 9639if { (eval echo "$as_me:9639: \"$ac_link\"") >&5
8912 (eval $ac_link) 2>&5 9640 (eval $ac_link) 2>&5
8913 ac_status=$? 9641 ac_status=$?
8914 echo "$as_me:8914: \$? = $ac_status" >&5 9642 echo "$as_me:9642: \$? = $ac_status" >&5
8915 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' 9643 (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
8916 { (eval echo "$as_me:8916: \"$ac_try\"") >&5 9644 { (eval echo "$as_me:9644: \"$ac_try\"") >&5
8917 (eval $ac_try) 2>&5 9645 (eval $ac_try) 2>&5
8918 ac_status=$? 9646 ac_status=$?
8919 echo "$as_me:8919: \$? = $ac_status" >&5 9647 echo "$as_me:9647: \$? = $ac_status" >&5
8920 (exit $ac_status); }; }; then 9648 (exit $ac_status); }; }; then
8921 9649
8922 OPENSSL_SEEDS_ITSELF=yes 9650 OPENSSL_SEEDS_ITSELF=yes
8923 echo "$as_me:8923: result: yes" >&5 9651 echo "$as_me:9651: result: yes" >&5
8924echo "${ECHO_T}yes" >&6 9652echo "${ECHO_T}yes" >&6
8925 9653
8926else 9654else
@@ -8928,7 +9656,7 @@ else
8928echo "$as_me: failed program was:" >&5 9656echo "$as_me: failed program was:" >&5
8929cat conftest.$ac_ext >&5 9657cat conftest.$ac_ext >&5
8930 9658
8931 echo "$as_me:8931: result: no" >&5 9659 echo "$as_me:9659: result: no" >&5
8932echo "${ECHO_T}no" >&6 9660echo "${ECHO_T}no" >&6
8933 # Default to use of the rand helper if OpenSSL doesn't 9661 # Default to use of the rand helper if OpenSSL doesn't
8934 # seed itself 9662 # seed itself
@@ -8948,7 +9676,7 @@ if test "${with_rand_helper+set}" = set; then
8948 # Force use of OpenSSL's internal RNG, even if 9676 # Force use of OpenSSL's internal RNG, even if
8949 # the previous test showed it to be unseeded. 9677 # the previous test showed it to be unseeded.
8950 if test -z "$OPENSSL_SEEDS_ITSELF" ; then 9678 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
8951 { echo "$as_me:8951: WARNING: *** Forcing use of OpenSSL's non-self-seeding PRNG" >&5 9679 { echo "$as_me:9679: WARNING: *** Forcing use of OpenSSL's non-self-seeding PRNG" >&5
8952echo "$as_me: WARNING: *** Forcing use of OpenSSL's non-self-seeding PRNG" >&2;} 9680echo "$as_me: WARNING: *** Forcing use of OpenSSL's non-self-seeding PRNG" >&2;}
8953 OPENSSL_SEEDS_ITSELF=yes 9681 OPENSSL_SEEDS_ITSELF=yes
8954 USE_RAND_HELPER="" 9682 USE_RAND_HELPER=""
@@ -8989,7 +9717,7 @@ if test "${with_prngd_port+set}" = set; then
8989 [0-9]*) 9717 [0-9]*)
8990 ;; 9718 ;;
8991 *) 9719 *)
8992 { { echo "$as_me:8992: error: You must specify a numeric port number for --with-prngd-port" >&5 9720 { { echo "$as_me:9720: error: You must specify a numeric port number for --with-prngd-port" >&5
8993echo "$as_me: error: You must specify a numeric port number for --with-prngd-port" >&2;} 9721echo "$as_me: error: You must specify a numeric port number for --with-prngd-port" >&2;}
8994 { (exit 1); exit 1; }; } 9722 { (exit 1); exit 1; }; }
8995 ;; 9723 ;;
@@ -9020,7 +9748,7 @@ if test "${with_prngd_socket+set}" = set; then
9020 /*) 9748 /*)
9021 ;; 9749 ;;
9022 *) 9750 *)
9023 { { echo "$as_me:9023: error: You must specify an absolute path to the entropy socket" >&5 9751 { { echo "$as_me:9751: error: You must specify an absolute path to the entropy socket" >&5
9024echo "$as_me: error: You must specify an absolute path to the entropy socket" >&2;} 9752echo "$as_me: error: You must specify an absolute path to the entropy socket" >&2;}
9025 { (exit 1); exit 1; }; } 9753 { (exit 1); exit 1; }; }
9026 ;; 9754 ;;
@@ -9028,12 +9756,12 @@ echo "$as_me: error: You must specify an absolute path to the entropy socket" >&
9028 9756
9029 if test ! -z "$withval" ; then 9757 if test ! -z "$withval" ; then
9030 if test ! -z "$PRNGD_PORT" ; then 9758 if test ! -z "$PRNGD_PORT" ; then
9031 { { echo "$as_me:9031: error: You may not specify both a PRNGD/EGD port and socket" >&5 9759 { { echo "$as_me:9759: error: You may not specify both a PRNGD/EGD port and socket" >&5
9032echo "$as_me: error: You may not specify both a PRNGD/EGD port and socket" >&2;} 9760echo "$as_me: error: You may not specify both a PRNGD/EGD port and socket" >&2;}
9033 { (exit 1); exit 1; }; } 9761 { (exit 1); exit 1; }; }
9034 fi 9762 fi
9035 if test ! -r "$withval" ; then 9763 if test ! -r "$withval" ; then
9036 { echo "$as_me:9036: WARNING: Entropy socket is not readable" >&5 9764 { echo "$as_me:9764: WARNING: Entropy socket is not readable" >&5
9037echo "$as_me: WARNING: Entropy socket is not readable" >&2;} 9765echo "$as_me: WARNING: Entropy socket is not readable" >&2;}
9038 fi 9766 fi
9039 PRNGD_SOCKET="$withval" 9767 PRNGD_SOCKET="$withval"
@@ -9047,7 +9775,7 @@ else
9047 9775
9048 # Check for existing socket only if we don't have a random device already 9776 # Check for existing socket only if we don't have a random device already
9049 if test "$USE_RAND_HELPER" = yes ; then 9777 if test "$USE_RAND_HELPER" = yes ; then
9050 echo "$as_me:9050: checking for PRNGD/EGD socket" >&5 9778 echo "$as_me:9778: checking for PRNGD/EGD socket" >&5
9051echo $ECHO_N "checking for PRNGD/EGD socket... $ECHO_C" >&6 9779echo $ECHO_N "checking for PRNGD/EGD socket... $ECHO_C" >&6
9052 # Insert other locations here 9780 # Insert other locations here
9053 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do 9781 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
@@ -9061,10 +9789,10 @@ EOF
9061 fi 9789 fi
9062 done 9790 done
9063 if test ! -z "$PRNGD_SOCKET" ; then 9791 if test ! -z "$PRNGD_SOCKET" ; then
9064 echo "$as_me:9064: result: $PRNGD_SOCKET" >&5 9792 echo "$as_me:9792: result: $PRNGD_SOCKET" >&5
9065echo "${ECHO_T}$PRNGD_SOCKET" >&6 9793echo "${ECHO_T}$PRNGD_SOCKET" >&6
9066 else 9794 else
9067 echo "$as_me:9067: result: not found" >&5 9795 echo "$as_me:9795: result: not found" >&5
9068echo "${ECHO_T}not found" >&6 9796echo "${ECHO_T}not found" >&6
9069 fi 9797 fi
9070 fi 9798 fi
@@ -9120,7 +9848,7 @@ PATH=$PATH:/etc:$OPATH
9120 9848
9121 # Extract the first word of "ls", so it can be a program name with args. 9849 # Extract the first word of "ls", so it can be a program name with args.
9122set dummy ls; ac_word=$2 9850set dummy ls; ac_word=$2
9123echo "$as_me:9123: checking for $ac_word" >&5 9851echo "$as_me:9851: checking for $ac_word" >&5
9124echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 9852echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
9125if test "${ac_cv_path_PROG_LS+set}" = set; then 9853if test "${ac_cv_path_PROG_LS+set}" = set; then
9126 echo $ECHO_N "(cached) $ECHO_C" >&6 9854 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -9137,7 +9865,7 @@ for ac_dir in $ac_dummy; do
9137 test -z "$ac_dir" && ac_dir=. 9865 test -z "$ac_dir" && ac_dir=.
9138 if $as_executable_p "$ac_dir/$ac_word"; then 9866 if $as_executable_p "$ac_dir/$ac_word"; then
9139 ac_cv_path_PROG_LS="$ac_dir/$ac_word" 9867 ac_cv_path_PROG_LS="$ac_dir/$ac_word"
9140 echo "$as_me:9140: found $ac_dir/$ac_word" >&5 9868 echo "$as_me:9868: found $ac_dir/$ac_word" >&5
9141 break 9869 break
9142fi 9870fi
9143done 9871done
@@ -9148,10 +9876,10 @@ fi
9148PROG_LS=$ac_cv_path_PROG_LS 9876PROG_LS=$ac_cv_path_PROG_LS
9149 9877
9150if test -n "$PROG_LS"; then 9878if test -n "$PROG_LS"; then
9151 echo "$as_me:9151: result: $PROG_LS" >&5 9879 echo "$as_me:9879: result: $PROG_LS" >&5
9152echo "${ECHO_T}$PROG_LS" >&6 9880echo "${ECHO_T}$PROG_LS" >&6
9153else 9881else
9154 echo "$as_me:9154: result: no" >&5 9882 echo "$as_me:9882: result: no" >&5
9155echo "${ECHO_T}no" >&6 9883echo "${ECHO_T}no" >&6
9156fi 9884fi
9157 9885
@@ -9161,7 +9889,7 @@ fi
9161 9889
9162 # Extract the first word of "netstat", so it can be a program name with args. 9890 # Extract the first word of "netstat", so it can be a program name with args.
9163set dummy netstat; ac_word=$2 9891set dummy netstat; ac_word=$2
9164echo "$as_me:9164: checking for $ac_word" >&5 9892echo "$as_me:9892: checking for $ac_word" >&5
9165echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 9893echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
9166if test "${ac_cv_path_PROG_NETSTAT+set}" = set; then 9894if test "${ac_cv_path_PROG_NETSTAT+set}" = set; then
9167 echo $ECHO_N "(cached) $ECHO_C" >&6 9895 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -9178,7 +9906,7 @@ for ac_dir in $ac_dummy; do
9178 test -z "$ac_dir" && ac_dir=. 9906 test -z "$ac_dir" && ac_dir=.
9179 if $as_executable_p "$ac_dir/$ac_word"; then 9907 if $as_executable_p "$ac_dir/$ac_word"; then
9180 ac_cv_path_PROG_NETSTAT="$ac_dir/$ac_word" 9908 ac_cv_path_PROG_NETSTAT="$ac_dir/$ac_word"
9181 echo "$as_me:9181: found $ac_dir/$ac_word" >&5 9909 echo "$as_me:9909: found $ac_dir/$ac_word" >&5
9182 break 9910 break
9183fi 9911fi
9184done 9912done
@@ -9189,10 +9917,10 @@ fi
9189PROG_NETSTAT=$ac_cv_path_PROG_NETSTAT 9917PROG_NETSTAT=$ac_cv_path_PROG_NETSTAT
9190 9918
9191if test -n "$PROG_NETSTAT"; then 9919if test -n "$PROG_NETSTAT"; then
9192 echo "$as_me:9192: result: $PROG_NETSTAT" >&5 9920 echo "$as_me:9920: result: $PROG_NETSTAT" >&5
9193echo "${ECHO_T}$PROG_NETSTAT" >&6 9921echo "${ECHO_T}$PROG_NETSTAT" >&6
9194else 9922else
9195 echo "$as_me:9195: result: no" >&5 9923 echo "$as_me:9923: result: no" >&5
9196echo "${ECHO_T}no" >&6 9924echo "${ECHO_T}no" >&6
9197fi 9925fi
9198 9926
@@ -9202,7 +9930,7 @@ fi
9202 9930
9203 # Extract the first word of "arp", so it can be a program name with args. 9931 # Extract the first word of "arp", so it can be a program name with args.
9204set dummy arp; ac_word=$2 9932set dummy arp; ac_word=$2
9205echo "$as_me:9205: checking for $ac_word" >&5 9933echo "$as_me:9933: checking for $ac_word" >&5
9206echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 9934echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
9207if test "${ac_cv_path_PROG_ARP+set}" = set; then 9935if test "${ac_cv_path_PROG_ARP+set}" = set; then
9208 echo $ECHO_N "(cached) $ECHO_C" >&6 9936 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -9219,7 +9947,7 @@ for ac_dir in $ac_dummy; do
9219 test -z "$ac_dir" && ac_dir=. 9947 test -z "$ac_dir" && ac_dir=.
9220 if $as_executable_p "$ac_dir/$ac_word"; then 9948 if $as_executable_p "$ac_dir/$ac_word"; then
9221 ac_cv_path_PROG_ARP="$ac_dir/$ac_word" 9949 ac_cv_path_PROG_ARP="$ac_dir/$ac_word"
9222 echo "$as_me:9222: found $ac_dir/$ac_word" >&5 9950 echo "$as_me:9950: found $ac_dir/$ac_word" >&5
9223 break 9951 break
9224fi 9952fi
9225done 9953done
@@ -9230,10 +9958,10 @@ fi
9230PROG_ARP=$ac_cv_path_PROG_ARP 9958PROG_ARP=$ac_cv_path_PROG_ARP
9231 9959
9232if test -n "$PROG_ARP"; then 9960if test -n "$PROG_ARP"; then
9233 echo "$as_me:9233: result: $PROG_ARP" >&5 9961 echo "$as_me:9961: result: $PROG_ARP" >&5
9234echo "${ECHO_T}$PROG_ARP" >&6 9962echo "${ECHO_T}$PROG_ARP" >&6
9235else 9963else
9236 echo "$as_me:9236: result: no" >&5 9964 echo "$as_me:9964: result: no" >&5
9237echo "${ECHO_T}no" >&6 9965echo "${ECHO_T}no" >&6
9238fi 9966fi
9239 9967
@@ -9243,7 +9971,7 @@ fi
9243 9971
9244 # Extract the first word of "ifconfig", so it can be a program name with args. 9972 # Extract the first word of "ifconfig", so it can be a program name with args.
9245set dummy ifconfig; ac_word=$2 9973set dummy ifconfig; ac_word=$2
9246echo "$as_me:9246: checking for $ac_word" >&5 9974echo "$as_me:9974: checking for $ac_word" >&5
9247echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 9975echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
9248if test "${ac_cv_path_PROG_IFCONFIG+set}" = set; then 9976if test "${ac_cv_path_PROG_IFCONFIG+set}" = set; then
9249 echo $ECHO_N "(cached) $ECHO_C" >&6 9977 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -9260,7 +9988,7 @@ for ac_dir in $ac_dummy; do
9260 test -z "$ac_dir" && ac_dir=. 9988 test -z "$ac_dir" && ac_dir=.
9261 if $as_executable_p "$ac_dir/$ac_word"; then 9989 if $as_executable_p "$ac_dir/$ac_word"; then
9262 ac_cv_path_PROG_IFCONFIG="$ac_dir/$ac_word" 9990 ac_cv_path_PROG_IFCONFIG="$ac_dir/$ac_word"
9263 echo "$as_me:9263: found $ac_dir/$ac_word" >&5 9991 echo "$as_me:9991: found $ac_dir/$ac_word" >&5
9264 break 9992 break
9265fi 9993fi
9266done 9994done
@@ -9271,10 +9999,10 @@ fi
9271PROG_IFCONFIG=$ac_cv_path_PROG_IFCONFIG 9999PROG_IFCONFIG=$ac_cv_path_PROG_IFCONFIG
9272 10000
9273if test -n "$PROG_IFCONFIG"; then 10001if test -n "$PROG_IFCONFIG"; then
9274 echo "$as_me:9274: result: $PROG_IFCONFIG" >&5 10002 echo "$as_me:10002: result: $PROG_IFCONFIG" >&5
9275echo "${ECHO_T}$PROG_IFCONFIG" >&6 10003echo "${ECHO_T}$PROG_IFCONFIG" >&6
9276else 10004else
9277 echo "$as_me:9277: result: no" >&5 10005 echo "$as_me:10005: result: no" >&5
9278echo "${ECHO_T}no" >&6 10006echo "${ECHO_T}no" >&6
9279fi 10007fi
9280 10008
@@ -9284,7 +10012,7 @@ fi
9284 10012
9285 # Extract the first word of "jstat", so it can be a program name with args. 10013 # Extract the first word of "jstat", so it can be a program name with args.
9286set dummy jstat; ac_word=$2 10014set dummy jstat; ac_word=$2
9287echo "$as_me:9287: checking for $ac_word" >&5 10015echo "$as_me:10015: checking for $ac_word" >&5
9288echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 10016echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
9289if test "${ac_cv_path_PROG_JSTAT+set}" = set; then 10017if test "${ac_cv_path_PROG_JSTAT+set}" = set; then
9290 echo $ECHO_N "(cached) $ECHO_C" >&6 10018 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -9301,7 +10029,7 @@ for ac_dir in $ac_dummy; do
9301 test -z "$ac_dir" && ac_dir=. 10029 test -z "$ac_dir" && ac_dir=.
9302 if $as_executable_p "$ac_dir/$ac_word"; then 10030 if $as_executable_p "$ac_dir/$ac_word"; then
9303 ac_cv_path_PROG_JSTAT="$ac_dir/$ac_word" 10031 ac_cv_path_PROG_JSTAT="$ac_dir/$ac_word"
9304 echo "$as_me:9304: found $ac_dir/$ac_word" >&5 10032 echo "$as_me:10032: found $ac_dir/$ac_word" >&5
9305 break 10033 break
9306fi 10034fi
9307done 10035done
@@ -9312,10 +10040,10 @@ fi
9312PROG_JSTAT=$ac_cv_path_PROG_JSTAT 10040PROG_JSTAT=$ac_cv_path_PROG_JSTAT
9313 10041
9314if test -n "$PROG_JSTAT"; then 10042if test -n "$PROG_JSTAT"; then
9315 echo "$as_me:9315: result: $PROG_JSTAT" >&5 10043 echo "$as_me:10043: result: $PROG_JSTAT" >&5
9316echo "${ECHO_T}$PROG_JSTAT" >&6 10044echo "${ECHO_T}$PROG_JSTAT" >&6
9317else 10045else
9318 echo "$as_me:9318: result: no" >&5 10046 echo "$as_me:10046: result: no" >&5
9319echo "${ECHO_T}no" >&6 10047echo "${ECHO_T}no" >&6
9320fi 10048fi
9321 10049
@@ -9325,7 +10053,7 @@ fi
9325 10053
9326 # Extract the first word of "ps", so it can be a program name with args. 10054 # Extract the first word of "ps", so it can be a program name with args.
9327set dummy ps; ac_word=$2 10055set dummy ps; ac_word=$2
9328echo "$as_me:9328: checking for $ac_word" >&5 10056echo "$as_me:10056: checking for $ac_word" >&5
9329echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 10057echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
9330if test "${ac_cv_path_PROG_PS+set}" = set; then 10058if test "${ac_cv_path_PROG_PS+set}" = set; then
9331 echo $ECHO_N "(cached) $ECHO_C" >&6 10059 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -9342,7 +10070,7 @@ for ac_dir in $ac_dummy; do
9342 test -z "$ac_dir" && ac_dir=. 10070 test -z "$ac_dir" && ac_dir=.
9343 if $as_executable_p "$ac_dir/$ac_word"; then 10071 if $as_executable_p "$ac_dir/$ac_word"; then
9344 ac_cv_path_PROG_PS="$ac_dir/$ac_word" 10072 ac_cv_path_PROG_PS="$ac_dir/$ac_word"
9345 echo "$as_me:9345: found $ac_dir/$ac_word" >&5 10073 echo "$as_me:10073: found $ac_dir/$ac_word" >&5
9346 break 10074 break
9347fi 10075fi
9348done 10076done
@@ -9353,10 +10081,10 @@ fi
9353PROG_PS=$ac_cv_path_PROG_PS 10081PROG_PS=$ac_cv_path_PROG_PS
9354 10082
9355if test -n "$PROG_PS"; then 10083if test -n "$PROG_PS"; then
9356 echo "$as_me:9356: result: $PROG_PS" >&5 10084 echo "$as_me:10084: result: $PROG_PS" >&5
9357echo "${ECHO_T}$PROG_PS" >&6 10085echo "${ECHO_T}$PROG_PS" >&6
9358else 10086else
9359 echo "$as_me:9359: result: no" >&5 10087 echo "$as_me:10087: result: no" >&5
9360echo "${ECHO_T}no" >&6 10088echo "${ECHO_T}no" >&6
9361fi 10089fi
9362 10090
@@ -9366,7 +10094,7 @@ fi
9366 10094
9367 # Extract the first word of "sar", so it can be a program name with args. 10095 # Extract the first word of "sar", so it can be a program name with args.
9368set dummy sar; ac_word=$2 10096set dummy sar; ac_word=$2
9369echo "$as_me:9369: checking for $ac_word" >&5 10097echo "$as_me:10097: checking for $ac_word" >&5
9370echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 10098echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
9371if test "${ac_cv_path_PROG_SAR+set}" = set; then 10099if test "${ac_cv_path_PROG_SAR+set}" = set; then
9372 echo $ECHO_N "(cached) $ECHO_C" >&6 10100 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -9383,7 +10111,7 @@ for ac_dir in $ac_dummy; do
9383 test -z "$ac_dir" && ac_dir=. 10111 test -z "$ac_dir" && ac_dir=.
9384 if $as_executable_p "$ac_dir/$ac_word"; then 10112 if $as_executable_p "$ac_dir/$ac_word"; then
9385 ac_cv_path_PROG_SAR="$ac_dir/$ac_word" 10113 ac_cv_path_PROG_SAR="$ac_dir/$ac_word"
9386 echo "$as_me:9386: found $ac_dir/$ac_word" >&5 10114 echo "$as_me:10114: found $ac_dir/$ac_word" >&5
9387 break 10115 break
9388fi 10116fi
9389done 10117done
@@ -9394,10 +10122,10 @@ fi
9394PROG_SAR=$ac_cv_path_PROG_SAR 10122PROG_SAR=$ac_cv_path_PROG_SAR
9395 10123
9396if test -n "$PROG_SAR"; then 10124if test -n "$PROG_SAR"; then
9397 echo "$as_me:9397: result: $PROG_SAR" >&5 10125 echo "$as_me:10125: result: $PROG_SAR" >&5
9398echo "${ECHO_T}$PROG_SAR" >&6 10126echo "${ECHO_T}$PROG_SAR" >&6
9399else 10127else
9400 echo "$as_me:9400: result: no" >&5 10128 echo "$as_me:10128: result: no" >&5
9401echo "${ECHO_T}no" >&6 10129echo "${ECHO_T}no" >&6
9402fi 10130fi
9403 10131
@@ -9407,7 +10135,7 @@ fi
9407 10135
9408 # Extract the first word of "w", so it can be a program name with args. 10136 # Extract the first word of "w", so it can be a program name with args.
9409set dummy w; ac_word=$2 10137set dummy w; ac_word=$2
9410echo "$as_me:9410: checking for $ac_word" >&5 10138echo "$as_me:10138: checking for $ac_word" >&5
9411echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 10139echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
9412if test "${ac_cv_path_PROG_W+set}" = set; then 10140if test "${ac_cv_path_PROG_W+set}" = set; then
9413 echo $ECHO_N "(cached) $ECHO_C" >&6 10141 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -9424,7 +10152,7 @@ for ac_dir in $ac_dummy; do
9424 test -z "$ac_dir" && ac_dir=. 10152 test -z "$ac_dir" && ac_dir=.
9425 if $as_executable_p "$ac_dir/$ac_word"; then 10153 if $as_executable_p "$ac_dir/$ac_word"; then
9426 ac_cv_path_PROG_W="$ac_dir/$ac_word" 10154 ac_cv_path_PROG_W="$ac_dir/$ac_word"
9427 echo "$as_me:9427: found $ac_dir/$ac_word" >&5 10155 echo "$as_me:10155: found $ac_dir/$ac_word" >&5
9428 break 10156 break
9429fi 10157fi
9430done 10158done
@@ -9435,10 +10163,10 @@ fi
9435PROG_W=$ac_cv_path_PROG_W 10163PROG_W=$ac_cv_path_PROG_W
9436 10164
9437if test -n "$PROG_W"; then 10165if test -n "$PROG_W"; then
9438 echo "$as_me:9438: result: $PROG_W" >&5 10166 echo "$as_me:10166: result: $PROG_W" >&5
9439echo "${ECHO_T}$PROG_W" >&6 10167echo "${ECHO_T}$PROG_W" >&6
9440else 10168else
9441 echo "$as_me:9441: result: no" >&5 10169 echo "$as_me:10169: result: no" >&5
9442echo "${ECHO_T}no" >&6 10170echo "${ECHO_T}no" >&6
9443fi 10171fi
9444 10172
@@ -9448,7 +10176,7 @@ fi
9448 10176
9449 # Extract the first word of "who", so it can be a program name with args. 10177 # Extract the first word of "who", so it can be a program name with args.
9450set dummy who; ac_word=$2 10178set dummy who; ac_word=$2
9451echo "$as_me:9451: checking for $ac_word" >&5 10179echo "$as_me:10179: checking for $ac_word" >&5
9452echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 10180echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
9453if test "${ac_cv_path_PROG_WHO+set}" = set; then 10181if test "${ac_cv_path_PROG_WHO+set}" = set; then
9454 echo $ECHO_N "(cached) $ECHO_C" >&6 10182 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -9465,7 +10193,7 @@ for ac_dir in $ac_dummy; do
9465 test -z "$ac_dir" && ac_dir=. 10193 test -z "$ac_dir" && ac_dir=.
9466 if $as_executable_p "$ac_dir/$ac_word"; then 10194 if $as_executable_p "$ac_dir/$ac_word"; then
9467 ac_cv_path_PROG_WHO="$ac_dir/$ac_word" 10195 ac_cv_path_PROG_WHO="$ac_dir/$ac_word"
9468 echo "$as_me:9468: found $ac_dir/$ac_word" >&5 10196 echo "$as_me:10196: found $ac_dir/$ac_word" >&5
9469 break 10197 break
9470fi 10198fi
9471done 10199done
@@ -9476,10 +10204,10 @@ fi
9476PROG_WHO=$ac_cv_path_PROG_WHO 10204PROG_WHO=$ac_cv_path_PROG_WHO
9477 10205
9478if test -n "$PROG_WHO"; then 10206if test -n "$PROG_WHO"; then
9479 echo "$as_me:9479: result: $PROG_WHO" >&5 10207 echo "$as_me:10207: result: $PROG_WHO" >&5
9480echo "${ECHO_T}$PROG_WHO" >&6 10208echo "${ECHO_T}$PROG_WHO" >&6
9481else 10209else
9482 echo "$as_me:9482: result: no" >&5 10210 echo "$as_me:10210: result: no" >&5
9483echo "${ECHO_T}no" >&6 10211echo "${ECHO_T}no" >&6
9484fi 10212fi
9485 10213
@@ -9489,7 +10217,7 @@ fi
9489 10217
9490 # Extract the first word of "last", so it can be a program name with args. 10218 # Extract the first word of "last", so it can be a program name with args.
9491set dummy last; ac_word=$2 10219set dummy last; ac_word=$2
9492echo "$as_me:9492: checking for $ac_word" >&5 10220echo "$as_me:10220: checking for $ac_word" >&5
9493echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 10221echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
9494if test "${ac_cv_path_PROG_LAST+set}" = set; then 10222if test "${ac_cv_path_PROG_LAST+set}" = set; then
9495 echo $ECHO_N "(cached) $ECHO_C" >&6 10223 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -9506,7 +10234,7 @@ for ac_dir in $ac_dummy; do
9506 test -z "$ac_dir" && ac_dir=. 10234 test -z "$ac_dir" && ac_dir=.
9507 if $as_executable_p "$ac_dir/$ac_word"; then 10235 if $as_executable_p "$ac_dir/$ac_word"; then
9508 ac_cv_path_PROG_LAST="$ac_dir/$ac_word" 10236 ac_cv_path_PROG_LAST="$ac_dir/$ac_word"
9509 echo "$as_me:9509: found $ac_dir/$ac_word" >&5 10237 echo "$as_me:10237: found $ac_dir/$ac_word" >&5
9510 break 10238 break
9511fi 10239fi
9512done 10240done
@@ -9517,10 +10245,10 @@ fi
9517PROG_LAST=$ac_cv_path_PROG_LAST 10245PROG_LAST=$ac_cv_path_PROG_LAST
9518 10246
9519if test -n "$PROG_LAST"; then 10247if test -n "$PROG_LAST"; then
9520 echo "$as_me:9520: result: $PROG_LAST" >&5 10248 echo "$as_me:10248: result: $PROG_LAST" >&5
9521echo "${ECHO_T}$PROG_LAST" >&6 10249echo "${ECHO_T}$PROG_LAST" >&6
9522else 10250else
9523 echo "$as_me:9523: result: no" >&5 10251 echo "$as_me:10251: result: no" >&5
9524echo "${ECHO_T}no" >&6 10252echo "${ECHO_T}no" >&6
9525fi 10253fi
9526 10254
@@ -9530,7 +10258,7 @@ fi
9530 10258
9531 # Extract the first word of "lastlog", so it can be a program name with args. 10259 # Extract the first word of "lastlog", so it can be a program name with args.
9532set dummy lastlog; ac_word=$2 10260set dummy lastlog; ac_word=$2
9533echo "$as_me:9533: checking for $ac_word" >&5 10261echo "$as_me:10261: checking for $ac_word" >&5
9534echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 10262echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
9535if test "${ac_cv_path_PROG_LASTLOG+set}" = set; then 10263if test "${ac_cv_path_PROG_LASTLOG+set}" = set; then
9536 echo $ECHO_N "(cached) $ECHO_C" >&6 10264 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -9547,7 +10275,7 @@ for ac_dir in $ac_dummy; do
9547 test -z "$ac_dir" && ac_dir=. 10275 test -z "$ac_dir" && ac_dir=.
9548 if $as_executable_p "$ac_dir/$ac_word"; then 10276 if $as_executable_p "$ac_dir/$ac_word"; then
9549 ac_cv_path_PROG_LASTLOG="$ac_dir/$ac_word" 10277 ac_cv_path_PROG_LASTLOG="$ac_dir/$ac_word"
9550 echo "$as_me:9550: found $ac_dir/$ac_word" >&5 10278 echo "$as_me:10278: found $ac_dir/$ac_word" >&5
9551 break 10279 break
9552fi 10280fi
9553done 10281done
@@ -9558,10 +10286,10 @@ fi
9558PROG_LASTLOG=$ac_cv_path_PROG_LASTLOG 10286PROG_LASTLOG=$ac_cv_path_PROG_LASTLOG
9559 10287
9560if test -n "$PROG_LASTLOG"; then 10288if test -n "$PROG_LASTLOG"; then
9561 echo "$as_me:9561: result: $PROG_LASTLOG" >&5 10289 echo "$as_me:10289: result: $PROG_LASTLOG" >&5
9562echo "${ECHO_T}$PROG_LASTLOG" >&6 10290echo "${ECHO_T}$PROG_LASTLOG" >&6
9563else 10291else
9564 echo "$as_me:9564: result: no" >&5 10292 echo "$as_me:10292: result: no" >&5
9565echo "${ECHO_T}no" >&6 10293echo "${ECHO_T}no" >&6
9566fi 10294fi
9567 10295
@@ -9571,7 +10299,7 @@ fi
9571 10299
9572 # Extract the first word of "df", so it can be a program name with args. 10300 # Extract the first word of "df", so it can be a program name with args.
9573set dummy df; ac_word=$2 10301set dummy df; ac_word=$2
9574echo "$as_me:9574: checking for $ac_word" >&5 10302echo "$as_me:10302: checking for $ac_word" >&5
9575echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 10303echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
9576if test "${ac_cv_path_PROG_DF+set}" = set; then 10304if test "${ac_cv_path_PROG_DF+set}" = set; then
9577 echo $ECHO_N "(cached) $ECHO_C" >&6 10305 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -9588,7 +10316,7 @@ for ac_dir in $ac_dummy; do
9588 test -z "$ac_dir" && ac_dir=. 10316 test -z "$ac_dir" && ac_dir=.
9589 if $as_executable_p "$ac_dir/$ac_word"; then 10317 if $as_executable_p "$ac_dir/$ac_word"; then
9590 ac_cv_path_PROG_DF="$ac_dir/$ac_word" 10318 ac_cv_path_PROG_DF="$ac_dir/$ac_word"
9591 echo "$as_me:9591: found $ac_dir/$ac_word" >&5 10319 echo "$as_me:10319: found $ac_dir/$ac_word" >&5
9592 break 10320 break
9593fi 10321fi
9594done 10322done
@@ -9599,10 +10327,10 @@ fi
9599PROG_DF=$ac_cv_path_PROG_DF 10327PROG_DF=$ac_cv_path_PROG_DF
9600 10328
9601if test -n "$PROG_DF"; then 10329if test -n "$PROG_DF"; then
9602 echo "$as_me:9602: result: $PROG_DF" >&5 10330 echo "$as_me:10330: result: $PROG_DF" >&5
9603echo "${ECHO_T}$PROG_DF" >&6 10331echo "${ECHO_T}$PROG_DF" >&6
9604else 10332else
9605 echo "$as_me:9605: result: no" >&5 10333 echo "$as_me:10333: result: no" >&5
9606echo "${ECHO_T}no" >&6 10334echo "${ECHO_T}no" >&6
9607fi 10335fi
9608 10336
@@ -9612,7 +10340,7 @@ fi
9612 10340
9613 # Extract the first word of "vmstat", so it can be a program name with args. 10341 # Extract the first word of "vmstat", so it can be a program name with args.
9614set dummy vmstat; ac_word=$2 10342set dummy vmstat; ac_word=$2
9615echo "$as_me:9615: checking for $ac_word" >&5 10343echo "$as_me:10343: checking for $ac_word" >&5
9616echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 10344echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
9617if test "${ac_cv_path_PROG_VMSTAT+set}" = set; then 10345if test "${ac_cv_path_PROG_VMSTAT+set}" = set; then
9618 echo $ECHO_N "(cached) $ECHO_C" >&6 10346 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -9629,7 +10357,7 @@ for ac_dir in $ac_dummy; do
9629 test -z "$ac_dir" && ac_dir=. 10357 test -z "$ac_dir" && ac_dir=.
9630 if $as_executable_p "$ac_dir/$ac_word"; then 10358 if $as_executable_p "$ac_dir/$ac_word"; then
9631 ac_cv_path_PROG_VMSTAT="$ac_dir/$ac_word" 10359 ac_cv_path_PROG_VMSTAT="$ac_dir/$ac_word"
9632 echo "$as_me:9632: found $ac_dir/$ac_word" >&5 10360 echo "$as_me:10360: found $ac_dir/$ac_word" >&5
9633 break 10361 break
9634fi 10362fi
9635done 10363done
@@ -9640,10 +10368,10 @@ fi
9640PROG_VMSTAT=$ac_cv_path_PROG_VMSTAT 10368PROG_VMSTAT=$ac_cv_path_PROG_VMSTAT
9641 10369
9642if test -n "$PROG_VMSTAT"; then 10370if test -n "$PROG_VMSTAT"; then
9643 echo "$as_me:9643: result: $PROG_VMSTAT" >&5 10371 echo "$as_me:10371: result: $PROG_VMSTAT" >&5
9644echo "${ECHO_T}$PROG_VMSTAT" >&6 10372echo "${ECHO_T}$PROG_VMSTAT" >&6
9645else 10373else
9646 echo "$as_me:9646: result: no" >&5 10374 echo "$as_me:10374: result: no" >&5
9647echo "${ECHO_T}no" >&6 10375echo "${ECHO_T}no" >&6
9648fi 10376fi
9649 10377
@@ -9653,7 +10381,7 @@ fi
9653 10381
9654 # Extract the first word of "uptime", so it can be a program name with args. 10382 # Extract the first word of "uptime", so it can be a program name with args.
9655set dummy uptime; ac_word=$2 10383set dummy uptime; ac_word=$2
9656echo "$as_me:9656: checking for $ac_word" >&5 10384echo "$as_me:10384: checking for $ac_word" >&5
9657echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 10385echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
9658if test "${ac_cv_path_PROG_UPTIME+set}" = set; then 10386if test "${ac_cv_path_PROG_UPTIME+set}" = set; then
9659 echo $ECHO_N "(cached) $ECHO_C" >&6 10387 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -9670,7 +10398,7 @@ for ac_dir in $ac_dummy; do
9670 test -z "$ac_dir" && ac_dir=. 10398 test -z "$ac_dir" && ac_dir=.
9671 if $as_executable_p "$ac_dir/$ac_word"; then 10399 if $as_executable_p "$ac_dir/$ac_word"; then
9672 ac_cv_path_PROG_UPTIME="$ac_dir/$ac_word" 10400 ac_cv_path_PROG_UPTIME="$ac_dir/$ac_word"
9673 echo "$as_me:9673: found $ac_dir/$ac_word" >&5 10401 echo "$as_me:10401: found $ac_dir/$ac_word" >&5
9674 break 10402 break
9675fi 10403fi
9676done 10404done
@@ -9681,10 +10409,10 @@ fi
9681PROG_UPTIME=$ac_cv_path_PROG_UPTIME 10409PROG_UPTIME=$ac_cv_path_PROG_UPTIME
9682 10410
9683if test -n "$PROG_UPTIME"; then 10411if test -n "$PROG_UPTIME"; then
9684 echo "$as_me:9684: result: $PROG_UPTIME" >&5 10412 echo "$as_me:10412: result: $PROG_UPTIME" >&5
9685echo "${ECHO_T}$PROG_UPTIME" >&6 10413echo "${ECHO_T}$PROG_UPTIME" >&6
9686else 10414else
9687 echo "$as_me:9687: result: no" >&5 10415 echo "$as_me:10415: result: no" >&5
9688echo "${ECHO_T}no" >&6 10416echo "${ECHO_T}no" >&6
9689fi 10417fi
9690 10418
@@ -9694,7 +10422,7 @@ fi
9694 10422
9695 # Extract the first word of "ipcs", so it can be a program name with args. 10423 # Extract the first word of "ipcs", so it can be a program name with args.
9696set dummy ipcs; ac_word=$2 10424set dummy ipcs; ac_word=$2
9697echo "$as_me:9697: checking for $ac_word" >&5 10425echo "$as_me:10425: checking for $ac_word" >&5
9698echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 10426echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
9699if test "${ac_cv_path_PROG_IPCS+set}" = set; then 10427if test "${ac_cv_path_PROG_IPCS+set}" = set; then
9700 echo $ECHO_N "(cached) $ECHO_C" >&6 10428 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -9711,7 +10439,7 @@ for ac_dir in $ac_dummy; do
9711 test -z "$ac_dir" && ac_dir=. 10439 test -z "$ac_dir" && ac_dir=.
9712 if $as_executable_p "$ac_dir/$ac_word"; then 10440 if $as_executable_p "$ac_dir/$ac_word"; then
9713 ac_cv_path_PROG_IPCS="$ac_dir/$ac_word" 10441 ac_cv_path_PROG_IPCS="$ac_dir/$ac_word"
9714 echo "$as_me:9714: found $ac_dir/$ac_word" >&5 10442 echo "$as_me:10442: found $ac_dir/$ac_word" >&5
9715 break 10443 break
9716fi 10444fi
9717done 10445done
@@ -9722,10 +10450,10 @@ fi
9722PROG_IPCS=$ac_cv_path_PROG_IPCS 10450PROG_IPCS=$ac_cv_path_PROG_IPCS
9723 10451
9724if test -n "$PROG_IPCS"; then 10452if test -n "$PROG_IPCS"; then
9725 echo "$as_me:9725: result: $PROG_IPCS" >&5 10453 echo "$as_me:10453: result: $PROG_IPCS" >&5
9726echo "${ECHO_T}$PROG_IPCS" >&6 10454echo "${ECHO_T}$PROG_IPCS" >&6
9727else 10455else
9728 echo "$as_me:9728: result: no" >&5 10456 echo "$as_me:10456: result: no" >&5
9729echo "${ECHO_T}no" >&6 10457echo "${ECHO_T}no" >&6
9730fi 10458fi
9731 10459
@@ -9735,7 +10463,7 @@ fi
9735 10463
9736 # Extract the first word of "tail", so it can be a program name with args. 10464 # Extract the first word of "tail", so it can be a program name with args.
9737set dummy tail; ac_word=$2 10465set dummy tail; ac_word=$2
9738echo "$as_me:9738: checking for $ac_word" >&5 10466echo "$as_me:10466: checking for $ac_word" >&5
9739echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 10467echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
9740if test "${ac_cv_path_PROG_TAIL+set}" = set; then 10468if test "${ac_cv_path_PROG_TAIL+set}" = set; then
9741 echo $ECHO_N "(cached) $ECHO_C" >&6 10469 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -9752,7 +10480,7 @@ for ac_dir in $ac_dummy; do
9752 test -z "$ac_dir" && ac_dir=. 10480 test -z "$ac_dir" && ac_dir=.
9753 if $as_executable_p "$ac_dir/$ac_word"; then 10481 if $as_executable_p "$ac_dir/$ac_word"; then
9754 ac_cv_path_PROG_TAIL="$ac_dir/$ac_word" 10482 ac_cv_path_PROG_TAIL="$ac_dir/$ac_word"
9755 echo "$as_me:9755: found $ac_dir/$ac_word" >&5 10483 echo "$as_me:10483: found $ac_dir/$ac_word" >&5
9756 break 10484 break
9757fi 10485fi
9758done 10486done
@@ -9763,10 +10491,10 @@ fi
9763PROG_TAIL=$ac_cv_path_PROG_TAIL 10491PROG_TAIL=$ac_cv_path_PROG_TAIL
9764 10492
9765if test -n "$PROG_TAIL"; then 10493if test -n "$PROG_TAIL"; then
9766 echo "$as_me:9766: result: $PROG_TAIL" >&5 10494 echo "$as_me:10494: result: $PROG_TAIL" >&5
9767echo "${ECHO_T}$PROG_TAIL" >&6 10495echo "${ECHO_T}$PROG_TAIL" >&6
9768else 10496else
9769 echo "$as_me:9769: result: no" >&5 10497 echo "$as_me:10497: result: no" >&5
9770echo "${ECHO_T}no" >&6 10498echo "${ECHO_T}no" >&6
9771fi 10499fi
9772 10500
@@ -9797,13 +10525,13 @@ if test ! -z "$SONY" ; then
9797fi 10525fi
9798 10526
9799# Checks for data types 10527# Checks for data types
9800echo "$as_me:9800: checking for char" >&5 10528echo "$as_me:10528: checking for char" >&5
9801echo $ECHO_N "checking for char... $ECHO_C" >&6 10529echo $ECHO_N "checking for char... $ECHO_C" >&6
9802if test "${ac_cv_type_char+set}" = set; then 10530if test "${ac_cv_type_char+set}" = set; then
9803 echo $ECHO_N "(cached) $ECHO_C" >&6 10531 echo $ECHO_N "(cached) $ECHO_C" >&6
9804else 10532else
9805 cat >conftest.$ac_ext <<_ACEOF 10533 cat >conftest.$ac_ext <<_ACEOF
9806#line 9806 "configure" 10534#line 10534 "configure"
9807#include "confdefs.h" 10535#include "confdefs.h"
9808$ac_includes_default 10536$ac_includes_default
9809int 10537int
@@ -9818,16 +10546,16 @@ if (sizeof (char))
9818} 10546}
9819_ACEOF 10547_ACEOF
9820rm -f conftest.$ac_objext 10548rm -f conftest.$ac_objext
9821if { (eval echo "$as_me:9821: \"$ac_compile\"") >&5 10549if { (eval echo "$as_me:10549: \"$ac_compile\"") >&5
9822 (eval $ac_compile) 2>&5 10550 (eval $ac_compile) 2>&5
9823 ac_status=$? 10551 ac_status=$?
9824 echo "$as_me:9824: \$? = $ac_status" >&5 10552 echo "$as_me:10552: \$? = $ac_status" >&5
9825 (exit $ac_status); } && 10553 (exit $ac_status); } &&
9826 { ac_try='test -s conftest.$ac_objext' 10554 { ac_try='test -s conftest.$ac_objext'
9827 { (eval echo "$as_me:9827: \"$ac_try\"") >&5 10555 { (eval echo "$as_me:10555: \"$ac_try\"") >&5
9828 (eval $ac_try) 2>&5 10556 (eval $ac_try) 2>&5
9829 ac_status=$? 10557 ac_status=$?
9830 echo "$as_me:9830: \$? = $ac_status" >&5 10558 echo "$as_me:10558: \$? = $ac_status" >&5
9831 (exit $ac_status); }; }; then 10559 (exit $ac_status); }; }; then
9832 ac_cv_type_char=yes 10560 ac_cv_type_char=yes
9833else 10561else
@@ -9837,10 +10565,10 @@ ac_cv_type_char=no
9837fi 10565fi
9838rm -f conftest.$ac_objext conftest.$ac_ext 10566rm -f conftest.$ac_objext conftest.$ac_ext
9839fi 10567fi
9840echo "$as_me:9840: result: $ac_cv_type_char" >&5 10568echo "$as_me:10568: result: $ac_cv_type_char" >&5
9841echo "${ECHO_T}$ac_cv_type_char" >&6 10569echo "${ECHO_T}$ac_cv_type_char" >&6
9842 10570
9843echo "$as_me:9843: checking size of char" >&5 10571echo "$as_me:10571: checking size of char" >&5
9844echo $ECHO_N "checking size of char... $ECHO_C" >&6 10572echo $ECHO_N "checking size of char... $ECHO_C" >&6
9845if test "${ac_cv_sizeof_char+set}" = set; then 10573if test "${ac_cv_sizeof_char+set}" = set; then
9846 echo $ECHO_N "(cached) $ECHO_C" >&6 10574 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -9849,7 +10577,7 @@ else
9849 if test "$cross_compiling" = yes; then 10577 if test "$cross_compiling" = yes; then
9850 # Depending upon the size, compute the lo and hi bounds. 10578 # Depending upon the size, compute the lo and hi bounds.
9851cat >conftest.$ac_ext <<_ACEOF 10579cat >conftest.$ac_ext <<_ACEOF
9852#line 9852 "configure" 10580#line 10580 "configure"
9853#include "confdefs.h" 10581#include "confdefs.h"
9854$ac_includes_default 10582$ac_includes_default
9855int 10583int
@@ -9861,21 +10589,21 @@ int _array_ [1 - 2 * !((sizeof (char)) >= 0)]
9861} 10589}
9862_ACEOF 10590_ACEOF
9863rm -f conftest.$ac_objext 10591rm -f conftest.$ac_objext
9864if { (eval echo "$as_me:9864: \"$ac_compile\"") >&5 10592if { (eval echo "$as_me:10592: \"$ac_compile\"") >&5
9865 (eval $ac_compile) 2>&5 10593 (eval $ac_compile) 2>&5
9866 ac_status=$? 10594 ac_status=$?
9867 echo "$as_me:9867: \$? = $ac_status" >&5 10595 echo "$as_me:10595: \$? = $ac_status" >&5
9868 (exit $ac_status); } && 10596 (exit $ac_status); } &&
9869 { ac_try='test -s conftest.$ac_objext' 10597 { ac_try='test -s conftest.$ac_objext'
9870 { (eval echo "$as_me:9870: \"$ac_try\"") >&5 10598 { (eval echo "$as_me:10598: \"$ac_try\"") >&5
9871 (eval $ac_try) 2>&5 10599 (eval $ac_try) 2>&5
9872 ac_status=$? 10600 ac_status=$?
9873 echo "$as_me:9873: \$? = $ac_status" >&5 10601 echo "$as_me:10601: \$? = $ac_status" >&5
9874 (exit $ac_status); }; }; then 10602 (exit $ac_status); }; }; then
9875 ac_lo=0 ac_mid=0 10603 ac_lo=0 ac_mid=0
9876 while :; do 10604 while :; do
9877 cat >conftest.$ac_ext <<_ACEOF 10605 cat >conftest.$ac_ext <<_ACEOF
9878#line 9878 "configure" 10606#line 10606 "configure"
9879#include "confdefs.h" 10607#include "confdefs.h"
9880$ac_includes_default 10608$ac_includes_default
9881int 10609int
@@ -9887,16 +10615,16 @@ int _array_ [1 - 2 * !((sizeof (char)) <= $ac_mid)]
9887} 10615}
9888_ACEOF 10616_ACEOF
9889rm -f conftest.$ac_objext 10617rm -f conftest.$ac_objext
9890if { (eval echo "$as_me:9890: \"$ac_compile\"") >&5 10618if { (eval echo "$as_me:10618: \"$ac_compile\"") >&5
9891 (eval $ac_compile) 2>&5 10619 (eval $ac_compile) 2>&5
9892 ac_status=$? 10620 ac_status=$?
9893 echo "$as_me:9893: \$? = $ac_status" >&5 10621 echo "$as_me:10621: \$? = $ac_status" >&5
9894 (exit $ac_status); } && 10622 (exit $ac_status); } &&
9895 { ac_try='test -s conftest.$ac_objext' 10623 { ac_try='test -s conftest.$ac_objext'
9896 { (eval echo "$as_me:9896: \"$ac_try\"") >&5 10624 { (eval echo "$as_me:10624: \"$ac_try\"") >&5
9897 (eval $ac_try) 2>&5 10625 (eval $ac_try) 2>&5
9898 ac_status=$? 10626 ac_status=$?
9899 echo "$as_me:9899: \$? = $ac_status" >&5 10627 echo "$as_me:10627: \$? = $ac_status" >&5
9900 (exit $ac_status); }; }; then 10628 (exit $ac_status); }; }; then
9901 ac_hi=$ac_mid; break 10629 ac_hi=$ac_mid; break
9902else 10630else
@@ -9912,7 +10640,7 @@ cat conftest.$ac_ext >&5
9912ac_hi=-1 ac_mid=-1 10640ac_hi=-1 ac_mid=-1
9913 while :; do 10641 while :; do
9914 cat >conftest.$ac_ext <<_ACEOF 10642 cat >conftest.$ac_ext <<_ACEOF
9915#line 9915 "configure" 10643#line 10643 "configure"
9916#include "confdefs.h" 10644#include "confdefs.h"
9917$ac_includes_default 10645$ac_includes_default
9918int 10646int
@@ -9924,16 +10652,16 @@ int _array_ [1 - 2 * !((sizeof (char)) >= $ac_mid)]
9924} 10652}
9925_ACEOF 10653_ACEOF
9926rm -f conftest.$ac_objext 10654rm -f conftest.$ac_objext
9927if { (eval echo "$as_me:9927: \"$ac_compile\"") >&5 10655if { (eval echo "$as_me:10655: \"$ac_compile\"") >&5
9928 (eval $ac_compile) 2>&5 10656 (eval $ac_compile) 2>&5
9929 ac_status=$? 10657 ac_status=$?
9930 echo "$as_me:9930: \$? = $ac_status" >&5 10658 echo "$as_me:10658: \$? = $ac_status" >&5
9931 (exit $ac_status); } && 10659 (exit $ac_status); } &&
9932 { ac_try='test -s conftest.$ac_objext' 10660 { ac_try='test -s conftest.$ac_objext'
9933 { (eval echo "$as_me:9933: \"$ac_try\"") >&5 10661 { (eval echo "$as_me:10661: \"$ac_try\"") >&5
9934 (eval $ac_try) 2>&5 10662 (eval $ac_try) 2>&5
9935 ac_status=$? 10663 ac_status=$?
9936 echo "$as_me:9936: \$? = $ac_status" >&5 10664 echo "$as_me:10664: \$? = $ac_status" >&5
9937 (exit $ac_status); }; }; then 10665 (exit $ac_status); }; }; then
9938 ac_lo=$ac_mid; break 10666 ac_lo=$ac_mid; break
9939else 10667else
@@ -9949,7 +10677,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext
9949while test "x$ac_lo" != "x$ac_hi"; do 10677while test "x$ac_lo" != "x$ac_hi"; do
9950 ac_mid=`expr '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo` 10678 ac_mid=`expr '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo`
9951 cat >conftest.$ac_ext <<_ACEOF 10679 cat >conftest.$ac_ext <<_ACEOF
9952#line 9952 "configure" 10680#line 10680 "configure"
9953#include "confdefs.h" 10681#include "confdefs.h"
9954$ac_includes_default 10682$ac_includes_default
9955int 10683int
@@ -9961,16 +10689,16 @@ int _array_ [1 - 2 * !((sizeof (char)) <= $ac_mid)]
9961} 10689}
9962_ACEOF 10690_ACEOF
9963rm -f conftest.$ac_objext 10691rm -f conftest.$ac_objext
9964if { (eval echo "$as_me:9964: \"$ac_compile\"") >&5 10692if { (eval echo "$as_me:10692: \"$ac_compile\"") >&5
9965 (eval $ac_compile) 2>&5 10693 (eval $ac_compile) 2>&5
9966 ac_status=$? 10694 ac_status=$?
9967 echo "$as_me:9967: \$? = $ac_status" >&5 10695 echo "$as_me:10695: \$? = $ac_status" >&5
9968 (exit $ac_status); } && 10696 (exit $ac_status); } &&
9969 { ac_try='test -s conftest.$ac_objext' 10697 { ac_try='test -s conftest.$ac_objext'
9970 { (eval echo "$as_me:9970: \"$ac_try\"") >&5 10698 { (eval echo "$as_me:10698: \"$ac_try\"") >&5
9971 (eval $ac_try) 2>&5 10699 (eval $ac_try) 2>&5
9972 ac_status=$? 10700 ac_status=$?
9973 echo "$as_me:9973: \$? = $ac_status" >&5 10701 echo "$as_me:10701: \$? = $ac_status" >&5
9974 (exit $ac_status); }; }; then 10702 (exit $ac_status); }; }; then
9975 ac_hi=$ac_mid 10703 ac_hi=$ac_mid
9976else 10704else
@@ -9983,12 +10711,12 @@ done
9983ac_cv_sizeof_char=$ac_lo 10711ac_cv_sizeof_char=$ac_lo
9984else 10712else
9985 if test "$cross_compiling" = yes; then 10713 if test "$cross_compiling" = yes; then
9986 { { echo "$as_me:9986: error: cannot run test program while cross compiling" >&5 10714 { { echo "$as_me:10714: error: cannot run test program while cross compiling" >&5
9987echo "$as_me: error: cannot run test program while cross compiling" >&2;} 10715echo "$as_me: error: cannot run test program while cross compiling" >&2;}
9988 { (exit 1); exit 1; }; } 10716 { (exit 1); exit 1; }; }
9989else 10717else
9990 cat >conftest.$ac_ext <<_ACEOF 10718 cat >conftest.$ac_ext <<_ACEOF
9991#line 9991 "configure" 10719#line 10719 "configure"
9992#include "confdefs.h" 10720#include "confdefs.h"
9993$ac_includes_default 10721$ac_includes_default
9994int 10722int
@@ -10004,15 +10732,15 @@ fclose (f);
10004} 10732}
10005_ACEOF 10733_ACEOF
10006rm -f conftest$ac_exeext 10734rm -f conftest$ac_exeext
10007if { (eval echo "$as_me:10007: \"$ac_link\"") >&5 10735if { (eval echo "$as_me:10735: \"$ac_link\"") >&5
10008 (eval $ac_link) 2>&5 10736 (eval $ac_link) 2>&5
10009 ac_status=$? 10737 ac_status=$?
10010 echo "$as_me:10010: \$? = $ac_status" >&5 10738 echo "$as_me:10738: \$? = $ac_status" >&5
10011 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' 10739 (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
10012 { (eval echo "$as_me:10012: \"$ac_try\"") >&5 10740 { (eval echo "$as_me:10740: \"$ac_try\"") >&5
10013 (eval $ac_try) 2>&5 10741 (eval $ac_try) 2>&5
10014 ac_status=$? 10742 ac_status=$?
10015 echo "$as_me:10015: \$? = $ac_status" >&5 10743 echo "$as_me:10743: \$? = $ac_status" >&5
10016 (exit $ac_status); }; }; then 10744 (exit $ac_status); }; }; then
10017 ac_cv_sizeof_char=`cat conftest.val` 10745 ac_cv_sizeof_char=`cat conftest.val`
10018else 10746else
@@ -10028,19 +10756,19 @@ else
10028 ac_cv_sizeof_char=0 10756 ac_cv_sizeof_char=0
10029fi 10757fi
10030fi 10758fi
10031echo "$as_me:10031: result: $ac_cv_sizeof_char" >&5 10759echo "$as_me:10759: result: $ac_cv_sizeof_char" >&5
10032echo "${ECHO_T}$ac_cv_sizeof_char" >&6 10760echo "${ECHO_T}$ac_cv_sizeof_char" >&6
10033cat >>confdefs.h <<EOF 10761cat >>confdefs.h <<EOF
10034#define SIZEOF_CHAR $ac_cv_sizeof_char 10762#define SIZEOF_CHAR $ac_cv_sizeof_char
10035EOF 10763EOF
10036 10764
10037echo "$as_me:10037: checking for short int" >&5 10765echo "$as_me:10765: checking for short int" >&5
10038echo $ECHO_N "checking for short int... $ECHO_C" >&6 10766echo $ECHO_N "checking for short int... $ECHO_C" >&6
10039if test "${ac_cv_type_short_int+set}" = set; then 10767if test "${ac_cv_type_short_int+set}" = set; then
10040 echo $ECHO_N "(cached) $ECHO_C" >&6 10768 echo $ECHO_N "(cached) $ECHO_C" >&6
10041else 10769else
10042 cat >conftest.$ac_ext <<_ACEOF 10770 cat >conftest.$ac_ext <<_ACEOF
10043#line 10043 "configure" 10771#line 10771 "configure"
10044#include "confdefs.h" 10772#include "confdefs.h"
10045$ac_includes_default 10773$ac_includes_default
10046int 10774int
@@ -10055,16 +10783,16 @@ if (sizeof (short int))
10055} 10783}
10056_ACEOF 10784_ACEOF
10057rm -f conftest.$ac_objext 10785rm -f conftest.$ac_objext
10058if { (eval echo "$as_me:10058: \"$ac_compile\"") >&5 10786if { (eval echo "$as_me:10786: \"$ac_compile\"") >&5
10059 (eval $ac_compile) 2>&5 10787 (eval $ac_compile) 2>&5
10060 ac_status=$? 10788 ac_status=$?
10061 echo "$as_me:10061: \$? = $ac_status" >&5 10789 echo "$as_me:10789: \$? = $ac_status" >&5
10062 (exit $ac_status); } && 10790 (exit $ac_status); } &&
10063 { ac_try='test -s conftest.$ac_objext' 10791 { ac_try='test -s conftest.$ac_objext'
10064 { (eval echo "$as_me:10064: \"$ac_try\"") >&5 10792 { (eval echo "$as_me:10792: \"$ac_try\"") >&5
10065 (eval $ac_try) 2>&5 10793 (eval $ac_try) 2>&5
10066 ac_status=$? 10794 ac_status=$?
10067 echo "$as_me:10067: \$? = $ac_status" >&5 10795 echo "$as_me:10795: \$? = $ac_status" >&5
10068 (exit $ac_status); }; }; then 10796 (exit $ac_status); }; }; then
10069 ac_cv_type_short_int=yes 10797 ac_cv_type_short_int=yes
10070else 10798else
@@ -10074,10 +10802,10 @@ ac_cv_type_short_int=no
10074fi 10802fi
10075rm -f conftest.$ac_objext conftest.$ac_ext 10803rm -f conftest.$ac_objext conftest.$ac_ext
10076fi 10804fi
10077echo "$as_me:10077: result: $ac_cv_type_short_int" >&5 10805echo "$as_me:10805: result: $ac_cv_type_short_int" >&5
10078echo "${ECHO_T}$ac_cv_type_short_int" >&6 10806echo "${ECHO_T}$ac_cv_type_short_int" >&6
10079 10807
10080echo "$as_me:10080: checking size of short int" >&5 10808echo "$as_me:10808: checking size of short int" >&5
10081echo $ECHO_N "checking size of short int... $ECHO_C" >&6 10809echo $ECHO_N "checking size of short int... $ECHO_C" >&6
10082if test "${ac_cv_sizeof_short_int+set}" = set; then 10810if test "${ac_cv_sizeof_short_int+set}" = set; then
10083 echo $ECHO_N "(cached) $ECHO_C" >&6 10811 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -10086,7 +10814,7 @@ else
10086 if test "$cross_compiling" = yes; then 10814 if test "$cross_compiling" = yes; then
10087 # Depending upon the size, compute the lo and hi bounds. 10815 # Depending upon the size, compute the lo and hi bounds.
10088cat >conftest.$ac_ext <<_ACEOF 10816cat >conftest.$ac_ext <<_ACEOF
10089#line 10089 "configure" 10817#line 10817 "configure"
10090#include "confdefs.h" 10818#include "confdefs.h"
10091$ac_includes_default 10819$ac_includes_default
10092int 10820int
@@ -10098,21 +10826,21 @@ int _array_ [1 - 2 * !((sizeof (short int)) >= 0)]
10098} 10826}
10099_ACEOF 10827_ACEOF
10100rm -f conftest.$ac_objext 10828rm -f conftest.$ac_objext
10101if { (eval echo "$as_me:10101: \"$ac_compile\"") >&5 10829if { (eval echo "$as_me:10829: \"$ac_compile\"") >&5
10102 (eval $ac_compile) 2>&5 10830 (eval $ac_compile) 2>&5
10103 ac_status=$? 10831 ac_status=$?
10104 echo "$as_me:10104: \$? = $ac_status" >&5 10832 echo "$as_me:10832: \$? = $ac_status" >&5
10105 (exit $ac_status); } && 10833 (exit $ac_status); } &&
10106 { ac_try='test -s conftest.$ac_objext' 10834 { ac_try='test -s conftest.$ac_objext'
10107 { (eval echo "$as_me:10107: \"$ac_try\"") >&5 10835 { (eval echo "$as_me:10835: \"$ac_try\"") >&5
10108 (eval $ac_try) 2>&5 10836 (eval $ac_try) 2>&5
10109 ac_status=$? 10837 ac_status=$?
10110 echo "$as_me:10110: \$? = $ac_status" >&5 10838 echo "$as_me:10838: \$? = $ac_status" >&5
10111 (exit $ac_status); }; }; then 10839 (exit $ac_status); }; }; then
10112 ac_lo=0 ac_mid=0 10840 ac_lo=0 ac_mid=0
10113 while :; do 10841 while :; do
10114 cat >conftest.$ac_ext <<_ACEOF 10842 cat >conftest.$ac_ext <<_ACEOF
10115#line 10115 "configure" 10843#line 10843 "configure"
10116#include "confdefs.h" 10844#include "confdefs.h"
10117$ac_includes_default 10845$ac_includes_default
10118int 10846int
@@ -10124,16 +10852,16 @@ int _array_ [1 - 2 * !((sizeof (short int)) <= $ac_mid)]
10124} 10852}
10125_ACEOF 10853_ACEOF
10126rm -f conftest.$ac_objext 10854rm -f conftest.$ac_objext
10127if { (eval echo "$as_me:10127: \"$ac_compile\"") >&5 10855if { (eval echo "$as_me:10855: \"$ac_compile\"") >&5
10128 (eval $ac_compile) 2>&5 10856 (eval $ac_compile) 2>&5
10129 ac_status=$? 10857 ac_status=$?
10130 echo "$as_me:10130: \$? = $ac_status" >&5 10858 echo "$as_me:10858: \$? = $ac_status" >&5
10131 (exit $ac_status); } && 10859 (exit $ac_status); } &&
10132 { ac_try='test -s conftest.$ac_objext' 10860 { ac_try='test -s conftest.$ac_objext'
10133 { (eval echo "$as_me:10133: \"$ac_try\"") >&5 10861 { (eval echo "$as_me:10861: \"$ac_try\"") >&5
10134 (eval $ac_try) 2>&5 10862 (eval $ac_try) 2>&5
10135 ac_status=$? 10863 ac_status=$?
10136 echo "$as_me:10136: \$? = $ac_status" >&5 10864 echo "$as_me:10864: \$? = $ac_status" >&5
10137 (exit $ac_status); }; }; then 10865 (exit $ac_status); }; }; then
10138 ac_hi=$ac_mid; break 10866 ac_hi=$ac_mid; break
10139else 10867else
@@ -10149,7 +10877,7 @@ cat conftest.$ac_ext >&5
10149ac_hi=-1 ac_mid=-1 10877ac_hi=-1 ac_mid=-1
10150 while :; do 10878 while :; do
10151 cat >conftest.$ac_ext <<_ACEOF 10879 cat >conftest.$ac_ext <<_ACEOF
10152#line 10152 "configure" 10880#line 10880 "configure"
10153#include "confdefs.h" 10881#include "confdefs.h"
10154$ac_includes_default 10882$ac_includes_default
10155int 10883int
@@ -10161,16 +10889,16 @@ int _array_ [1 - 2 * !((sizeof (short int)) >= $ac_mid)]
10161} 10889}
10162_ACEOF 10890_ACEOF
10163rm -f conftest.$ac_objext 10891rm -f conftest.$ac_objext
10164if { (eval echo "$as_me:10164: \"$ac_compile\"") >&5 10892if { (eval echo "$as_me:10892: \"$ac_compile\"") >&5
10165 (eval $ac_compile) 2>&5 10893 (eval $ac_compile) 2>&5
10166 ac_status=$? 10894 ac_status=$?
10167 echo "$as_me:10167: \$? = $ac_status" >&5 10895 echo "$as_me:10895: \$? = $ac_status" >&5
10168 (exit $ac_status); } && 10896 (exit $ac_status); } &&
10169 { ac_try='test -s conftest.$ac_objext' 10897 { ac_try='test -s conftest.$ac_objext'
10170 { (eval echo "$as_me:10170: \"$ac_try\"") >&5 10898 { (eval echo "$as_me:10898: \"$ac_try\"") >&5
10171 (eval $ac_try) 2>&5 10899 (eval $ac_try) 2>&5
10172 ac_status=$? 10900 ac_status=$?
10173 echo "$as_me:10173: \$? = $ac_status" >&5 10901 echo "$as_me:10901: \$? = $ac_status" >&5
10174 (exit $ac_status); }; }; then 10902 (exit $ac_status); }; }; then
10175 ac_lo=$ac_mid; break 10903 ac_lo=$ac_mid; break
10176else 10904else
@@ -10186,7 +10914,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext
10186while test "x$ac_lo" != "x$ac_hi"; do 10914while test "x$ac_lo" != "x$ac_hi"; do
10187 ac_mid=`expr '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo` 10915 ac_mid=`expr '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo`
10188 cat >conftest.$ac_ext <<_ACEOF 10916 cat >conftest.$ac_ext <<_ACEOF
10189#line 10189 "configure" 10917#line 10917 "configure"
10190#include "confdefs.h" 10918#include "confdefs.h"
10191$ac_includes_default 10919$ac_includes_default
10192int 10920int
@@ -10198,16 +10926,16 @@ int _array_ [1 - 2 * !((sizeof (short int)) <= $ac_mid)]
10198} 10926}
10199_ACEOF 10927_ACEOF
10200rm -f conftest.$ac_objext 10928rm -f conftest.$ac_objext
10201if { (eval echo "$as_me:10201: \"$ac_compile\"") >&5 10929if { (eval echo "$as_me:10929: \"$ac_compile\"") >&5
10202 (eval $ac_compile) 2>&5 10930 (eval $ac_compile) 2>&5
10203 ac_status=$? 10931 ac_status=$?
10204 echo "$as_me:10204: \$? = $ac_status" >&5 10932 echo "$as_me:10932: \$? = $ac_status" >&5
10205 (exit $ac_status); } && 10933 (exit $ac_status); } &&
10206 { ac_try='test -s conftest.$ac_objext' 10934 { ac_try='test -s conftest.$ac_objext'
10207 { (eval echo "$as_me:10207: \"$ac_try\"") >&5 10935 { (eval echo "$as_me:10935: \"$ac_try\"") >&5
10208 (eval $ac_try) 2>&5 10936 (eval $ac_try) 2>&5
10209 ac_status=$? 10937 ac_status=$?
10210 echo "$as_me:10210: \$? = $ac_status" >&5 10938 echo "$as_me:10938: \$? = $ac_status" >&5
10211 (exit $ac_status); }; }; then 10939 (exit $ac_status); }; }; then
10212 ac_hi=$ac_mid 10940 ac_hi=$ac_mid
10213else 10941else
@@ -10220,12 +10948,12 @@ done
10220ac_cv_sizeof_short_int=$ac_lo 10948ac_cv_sizeof_short_int=$ac_lo
10221else 10949else
10222 if test "$cross_compiling" = yes; then 10950 if test "$cross_compiling" = yes; then
10223 { { echo "$as_me:10223: error: cannot run test program while cross compiling" >&5 10951 { { echo "$as_me:10951: error: cannot run test program while cross compiling" >&5
10224echo "$as_me: error: cannot run test program while cross compiling" >&2;} 10952echo "$as_me: error: cannot run test program while cross compiling" >&2;}
10225 { (exit 1); exit 1; }; } 10953 { (exit 1); exit 1; }; }
10226else 10954else
10227 cat >conftest.$ac_ext <<_ACEOF 10955 cat >conftest.$ac_ext <<_ACEOF
10228#line 10228 "configure" 10956#line 10956 "configure"
10229#include "confdefs.h" 10957#include "confdefs.h"
10230$ac_includes_default 10958$ac_includes_default
10231int 10959int
@@ -10241,15 +10969,15 @@ fclose (f);
10241} 10969}
10242_ACEOF 10970_ACEOF
10243rm -f conftest$ac_exeext 10971rm -f conftest$ac_exeext
10244if { (eval echo "$as_me:10244: \"$ac_link\"") >&5 10972if { (eval echo "$as_me:10972: \"$ac_link\"") >&5
10245 (eval $ac_link) 2>&5 10973 (eval $ac_link) 2>&5
10246 ac_status=$? 10974 ac_status=$?
10247 echo "$as_me:10247: \$? = $ac_status" >&5 10975 echo "$as_me:10975: \$? = $ac_status" >&5
10248 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' 10976 (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
10249 { (eval echo "$as_me:10249: \"$ac_try\"") >&5 10977 { (eval echo "$as_me:10977: \"$ac_try\"") >&5
10250 (eval $ac_try) 2>&5 10978 (eval $ac_try) 2>&5
10251 ac_status=$? 10979 ac_status=$?
10252 echo "$as_me:10252: \$? = $ac_status" >&5 10980 echo "$as_me:10980: \$? = $ac_status" >&5
10253 (exit $ac_status); }; }; then 10981 (exit $ac_status); }; }; then
10254 ac_cv_sizeof_short_int=`cat conftest.val` 10982 ac_cv_sizeof_short_int=`cat conftest.val`
10255else 10983else
@@ -10265,19 +10993,19 @@ else
10265 ac_cv_sizeof_short_int=0 10993 ac_cv_sizeof_short_int=0
10266fi 10994fi
10267fi 10995fi
10268echo "$as_me:10268: result: $ac_cv_sizeof_short_int" >&5 10996echo "$as_me:10996: result: $ac_cv_sizeof_short_int" >&5
10269echo "${ECHO_T}$ac_cv_sizeof_short_int" >&6 10997echo "${ECHO_T}$ac_cv_sizeof_short_int" >&6
10270cat >>confdefs.h <<EOF 10998cat >>confdefs.h <<EOF
10271#define SIZEOF_SHORT_INT $ac_cv_sizeof_short_int 10999#define SIZEOF_SHORT_INT $ac_cv_sizeof_short_int
10272EOF 11000EOF
10273 11001
10274echo "$as_me:10274: checking for int" >&5 11002echo "$as_me:11002: checking for int" >&5
10275echo $ECHO_N "checking for int... $ECHO_C" >&6 11003echo $ECHO_N "checking for int... $ECHO_C" >&6
10276if test "${ac_cv_type_int+set}" = set; then 11004if test "${ac_cv_type_int+set}" = set; then
10277 echo $ECHO_N "(cached) $ECHO_C" >&6 11005 echo $ECHO_N "(cached) $ECHO_C" >&6
10278else 11006else
10279 cat >conftest.$ac_ext <<_ACEOF 11007 cat >conftest.$ac_ext <<_ACEOF
10280#line 10280 "configure" 11008#line 11008 "configure"
10281#include "confdefs.h" 11009#include "confdefs.h"
10282$ac_includes_default 11010$ac_includes_default
10283int 11011int
@@ -10292,16 +11020,16 @@ if (sizeof (int))
10292} 11020}
10293_ACEOF 11021_ACEOF
10294rm -f conftest.$ac_objext 11022rm -f conftest.$ac_objext
10295if { (eval echo "$as_me:10295: \"$ac_compile\"") >&5 11023if { (eval echo "$as_me:11023: \"$ac_compile\"") >&5
10296 (eval $ac_compile) 2>&5 11024 (eval $ac_compile) 2>&5
10297 ac_status=$? 11025 ac_status=$?
10298 echo "$as_me:10298: \$? = $ac_status" >&5 11026 echo "$as_me:11026: \$? = $ac_status" >&5
10299 (exit $ac_status); } && 11027 (exit $ac_status); } &&
10300 { ac_try='test -s conftest.$ac_objext' 11028 { ac_try='test -s conftest.$ac_objext'
10301 { (eval echo "$as_me:10301: \"$ac_try\"") >&5 11029 { (eval echo "$as_me:11029: \"$ac_try\"") >&5
10302 (eval $ac_try) 2>&5 11030 (eval $ac_try) 2>&5
10303 ac_status=$? 11031 ac_status=$?
10304 echo "$as_me:10304: \$? = $ac_status" >&5 11032 echo "$as_me:11032: \$? = $ac_status" >&5
10305 (exit $ac_status); }; }; then 11033 (exit $ac_status); }; }; then
10306 ac_cv_type_int=yes 11034 ac_cv_type_int=yes
10307else 11035else
@@ -10311,10 +11039,10 @@ ac_cv_type_int=no
10311fi 11039fi
10312rm -f conftest.$ac_objext conftest.$ac_ext 11040rm -f conftest.$ac_objext conftest.$ac_ext
10313fi 11041fi
10314echo "$as_me:10314: result: $ac_cv_type_int" >&5 11042echo "$as_me:11042: result: $ac_cv_type_int" >&5
10315echo "${ECHO_T}$ac_cv_type_int" >&6 11043echo "${ECHO_T}$ac_cv_type_int" >&6
10316 11044
10317echo "$as_me:10317: checking size of int" >&5 11045echo "$as_me:11045: checking size of int" >&5
10318echo $ECHO_N "checking size of int... $ECHO_C" >&6 11046echo $ECHO_N "checking size of int... $ECHO_C" >&6
10319if test "${ac_cv_sizeof_int+set}" = set; then 11047if test "${ac_cv_sizeof_int+set}" = set; then
10320 echo $ECHO_N "(cached) $ECHO_C" >&6 11048 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -10323,7 +11051,7 @@ else
10323 if test "$cross_compiling" = yes; then 11051 if test "$cross_compiling" = yes; then
10324 # Depending upon the size, compute the lo and hi bounds. 11052 # Depending upon the size, compute the lo and hi bounds.
10325cat >conftest.$ac_ext <<_ACEOF 11053cat >conftest.$ac_ext <<_ACEOF
10326#line 10326 "configure" 11054#line 11054 "configure"
10327#include "confdefs.h" 11055#include "confdefs.h"
10328$ac_includes_default 11056$ac_includes_default
10329int 11057int
@@ -10335,21 +11063,21 @@ int _array_ [1 - 2 * !((sizeof (int)) >= 0)]
10335} 11063}
10336_ACEOF 11064_ACEOF
10337rm -f conftest.$ac_objext 11065rm -f conftest.$ac_objext
10338if { (eval echo "$as_me:10338: \"$ac_compile\"") >&5 11066if { (eval echo "$as_me:11066: \"$ac_compile\"") >&5
10339 (eval $ac_compile) 2>&5 11067 (eval $ac_compile) 2>&5
10340 ac_status=$? 11068 ac_status=$?
10341 echo "$as_me:10341: \$? = $ac_status" >&5 11069 echo "$as_me:11069: \$? = $ac_status" >&5
10342 (exit $ac_status); } && 11070 (exit $ac_status); } &&
10343 { ac_try='test -s conftest.$ac_objext' 11071 { ac_try='test -s conftest.$ac_objext'
10344 { (eval echo "$as_me:10344: \"$ac_try\"") >&5 11072 { (eval echo "$as_me:11072: \"$ac_try\"") >&5
10345 (eval $ac_try) 2>&5 11073 (eval $ac_try) 2>&5
10346 ac_status=$? 11074 ac_status=$?
10347 echo "$as_me:10347: \$? = $ac_status" >&5 11075 echo "$as_me:11075: \$? = $ac_status" >&5
10348 (exit $ac_status); }; }; then 11076 (exit $ac_status); }; }; then
10349 ac_lo=0 ac_mid=0 11077 ac_lo=0 ac_mid=0
10350 while :; do 11078 while :; do
10351 cat >conftest.$ac_ext <<_ACEOF 11079 cat >conftest.$ac_ext <<_ACEOF
10352#line 10352 "configure" 11080#line 11080 "configure"
10353#include "confdefs.h" 11081#include "confdefs.h"
10354$ac_includes_default 11082$ac_includes_default
10355int 11083int
@@ -10361,16 +11089,16 @@ int _array_ [1 - 2 * !((sizeof (int)) <= $ac_mid)]
10361} 11089}
10362_ACEOF 11090_ACEOF
10363rm -f conftest.$ac_objext 11091rm -f conftest.$ac_objext
10364if { (eval echo "$as_me:10364: \"$ac_compile\"") >&5 11092if { (eval echo "$as_me:11092: \"$ac_compile\"") >&5
10365 (eval $ac_compile) 2>&5 11093 (eval $ac_compile) 2>&5
10366 ac_status=$? 11094 ac_status=$?
10367 echo "$as_me:10367: \$? = $ac_status" >&5 11095 echo "$as_me:11095: \$? = $ac_status" >&5
10368 (exit $ac_status); } && 11096 (exit $ac_status); } &&
10369 { ac_try='test -s conftest.$ac_objext' 11097 { ac_try='test -s conftest.$ac_objext'
10370 { (eval echo "$as_me:10370: \"$ac_try\"") >&5 11098 { (eval echo "$as_me:11098: \"$ac_try\"") >&5
10371 (eval $ac_try) 2>&5 11099 (eval $ac_try) 2>&5
10372 ac_status=$? 11100 ac_status=$?
10373 echo "$as_me:10373: \$? = $ac_status" >&5 11101 echo "$as_me:11101: \$? = $ac_status" >&5
10374 (exit $ac_status); }; }; then 11102 (exit $ac_status); }; }; then
10375 ac_hi=$ac_mid; break 11103 ac_hi=$ac_mid; break
10376else 11104else
@@ -10386,7 +11114,7 @@ cat conftest.$ac_ext >&5
10386ac_hi=-1 ac_mid=-1 11114ac_hi=-1 ac_mid=-1
10387 while :; do 11115 while :; do
10388 cat >conftest.$ac_ext <<_ACEOF 11116 cat >conftest.$ac_ext <<_ACEOF
10389#line 10389 "configure" 11117#line 11117 "configure"
10390#include "confdefs.h" 11118#include "confdefs.h"
10391$ac_includes_default 11119$ac_includes_default
10392int 11120int
@@ -10398,16 +11126,16 @@ int _array_ [1 - 2 * !((sizeof (int)) >= $ac_mid)]
10398} 11126}
10399_ACEOF 11127_ACEOF
10400rm -f conftest.$ac_objext 11128rm -f conftest.$ac_objext
10401if { (eval echo "$as_me:10401: \"$ac_compile\"") >&5 11129if { (eval echo "$as_me:11129: \"$ac_compile\"") >&5
10402 (eval $ac_compile) 2>&5 11130 (eval $ac_compile) 2>&5
10403 ac_status=$? 11131 ac_status=$?
10404 echo "$as_me:10404: \$? = $ac_status" >&5 11132 echo "$as_me:11132: \$? = $ac_status" >&5
10405 (exit $ac_status); } && 11133 (exit $ac_status); } &&
10406 { ac_try='test -s conftest.$ac_objext' 11134 { ac_try='test -s conftest.$ac_objext'
10407 { (eval echo "$as_me:10407: \"$ac_try\"") >&5 11135 { (eval echo "$as_me:11135: \"$ac_try\"") >&5
10408 (eval $ac_try) 2>&5 11136 (eval $ac_try) 2>&5
10409 ac_status=$? 11137 ac_status=$?
10410 echo "$as_me:10410: \$? = $ac_status" >&5 11138 echo "$as_me:11138: \$? = $ac_status" >&5
10411 (exit $ac_status); }; }; then 11139 (exit $ac_status); }; }; then
10412 ac_lo=$ac_mid; break 11140 ac_lo=$ac_mid; break
10413else 11141else
@@ -10423,7 +11151,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext
10423while test "x$ac_lo" != "x$ac_hi"; do 11151while test "x$ac_lo" != "x$ac_hi"; do
10424 ac_mid=`expr '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo` 11152 ac_mid=`expr '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo`
10425 cat >conftest.$ac_ext <<_ACEOF 11153 cat >conftest.$ac_ext <<_ACEOF
10426#line 10426 "configure" 11154#line 11154 "configure"
10427#include "confdefs.h" 11155#include "confdefs.h"
10428$ac_includes_default 11156$ac_includes_default
10429int 11157int
@@ -10435,16 +11163,16 @@ int _array_ [1 - 2 * !((sizeof (int)) <= $ac_mid)]
10435} 11163}
10436_ACEOF 11164_ACEOF
10437rm -f conftest.$ac_objext 11165rm -f conftest.$ac_objext
10438if { (eval echo "$as_me:10438: \"$ac_compile\"") >&5 11166if { (eval echo "$as_me:11166: \"$ac_compile\"") >&5
10439 (eval $ac_compile) 2>&5 11167 (eval $ac_compile) 2>&5
10440 ac_status=$? 11168 ac_status=$?
10441 echo "$as_me:10441: \$? = $ac_status" >&5 11169 echo "$as_me:11169: \$? = $ac_status" >&5
10442 (exit $ac_status); } && 11170 (exit $ac_status); } &&
10443 { ac_try='test -s conftest.$ac_objext' 11171 { ac_try='test -s conftest.$ac_objext'
10444 { (eval echo "$as_me:10444: \"$ac_try\"") >&5 11172 { (eval echo "$as_me:11172: \"$ac_try\"") >&5
10445 (eval $ac_try) 2>&5 11173 (eval $ac_try) 2>&5
10446 ac_status=$? 11174 ac_status=$?
10447 echo "$as_me:10447: \$? = $ac_status" >&5 11175 echo "$as_me:11175: \$? = $ac_status" >&5
10448 (exit $ac_status); }; }; then 11176 (exit $ac_status); }; }; then
10449 ac_hi=$ac_mid 11177 ac_hi=$ac_mid
10450else 11178else
@@ -10457,12 +11185,12 @@ done
10457ac_cv_sizeof_int=$ac_lo 11185ac_cv_sizeof_int=$ac_lo
10458else 11186else
10459 if test "$cross_compiling" = yes; then 11187 if test "$cross_compiling" = yes; then
10460 { { echo "$as_me:10460: error: cannot run test program while cross compiling" >&5 11188 { { echo "$as_me:11188: error: cannot run test program while cross compiling" >&5
10461echo "$as_me: error: cannot run test program while cross compiling" >&2;} 11189echo "$as_me: error: cannot run test program while cross compiling" >&2;}
10462 { (exit 1); exit 1; }; } 11190 { (exit 1); exit 1; }; }
10463else 11191else
10464 cat >conftest.$ac_ext <<_ACEOF 11192 cat >conftest.$ac_ext <<_ACEOF
10465#line 10465 "configure" 11193#line 11193 "configure"
10466#include "confdefs.h" 11194#include "confdefs.h"
10467$ac_includes_default 11195$ac_includes_default
10468int 11196int
@@ -10478,15 +11206,15 @@ fclose (f);
10478} 11206}
10479_ACEOF 11207_ACEOF
10480rm -f conftest$ac_exeext 11208rm -f conftest$ac_exeext
10481if { (eval echo "$as_me:10481: \"$ac_link\"") >&5 11209if { (eval echo "$as_me:11209: \"$ac_link\"") >&5
10482 (eval $ac_link) 2>&5 11210 (eval $ac_link) 2>&5
10483 ac_status=$? 11211 ac_status=$?
10484 echo "$as_me:10484: \$? = $ac_status" >&5 11212 echo "$as_me:11212: \$? = $ac_status" >&5
10485 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' 11213 (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
10486 { (eval echo "$as_me:10486: \"$ac_try\"") >&5 11214 { (eval echo "$as_me:11214: \"$ac_try\"") >&5
10487 (eval $ac_try) 2>&5 11215 (eval $ac_try) 2>&5
10488 ac_status=$? 11216 ac_status=$?
10489 echo "$as_me:10489: \$? = $ac_status" >&5 11217 echo "$as_me:11217: \$? = $ac_status" >&5
10490 (exit $ac_status); }; }; then 11218 (exit $ac_status); }; }; then
10491 ac_cv_sizeof_int=`cat conftest.val` 11219 ac_cv_sizeof_int=`cat conftest.val`
10492else 11220else
@@ -10502,19 +11230,19 @@ else
10502 ac_cv_sizeof_int=0 11230 ac_cv_sizeof_int=0
10503fi 11231fi
10504fi 11232fi
10505echo "$as_me:10505: result: $ac_cv_sizeof_int" >&5 11233echo "$as_me:11233: result: $ac_cv_sizeof_int" >&5
10506echo "${ECHO_T}$ac_cv_sizeof_int" >&6 11234echo "${ECHO_T}$ac_cv_sizeof_int" >&6
10507cat >>confdefs.h <<EOF 11235cat >>confdefs.h <<EOF
10508#define SIZEOF_INT $ac_cv_sizeof_int 11236#define SIZEOF_INT $ac_cv_sizeof_int
10509EOF 11237EOF
10510 11238
10511echo "$as_me:10511: checking for long int" >&5 11239echo "$as_me:11239: checking for long int" >&5
10512echo $ECHO_N "checking for long int... $ECHO_C" >&6 11240echo $ECHO_N "checking for long int... $ECHO_C" >&6
10513if test "${ac_cv_type_long_int+set}" = set; then 11241if test "${ac_cv_type_long_int+set}" = set; then
10514 echo $ECHO_N "(cached) $ECHO_C" >&6 11242 echo $ECHO_N "(cached) $ECHO_C" >&6
10515else 11243else
10516 cat >conftest.$ac_ext <<_ACEOF 11244 cat >conftest.$ac_ext <<_ACEOF
10517#line 10517 "configure" 11245#line 11245 "configure"
10518#include "confdefs.h" 11246#include "confdefs.h"
10519$ac_includes_default 11247$ac_includes_default
10520int 11248int
@@ -10529,16 +11257,16 @@ if (sizeof (long int))
10529} 11257}
10530_ACEOF 11258_ACEOF
10531rm -f conftest.$ac_objext 11259rm -f conftest.$ac_objext
10532if { (eval echo "$as_me:10532: \"$ac_compile\"") >&5 11260if { (eval echo "$as_me:11260: \"$ac_compile\"") >&5
10533 (eval $ac_compile) 2>&5 11261 (eval $ac_compile) 2>&5
10534 ac_status=$? 11262 ac_status=$?
10535 echo "$as_me:10535: \$? = $ac_status" >&5 11263 echo "$as_me:11263: \$? = $ac_status" >&5
10536 (exit $ac_status); } && 11264 (exit $ac_status); } &&
10537 { ac_try='test -s conftest.$ac_objext' 11265 { ac_try='test -s conftest.$ac_objext'
10538 { (eval echo "$as_me:10538: \"$ac_try\"") >&5 11266 { (eval echo "$as_me:11266: \"$ac_try\"") >&5
10539 (eval $ac_try) 2>&5 11267 (eval $ac_try) 2>&5
10540 ac_status=$? 11268 ac_status=$?
10541 echo "$as_me:10541: \$? = $ac_status" >&5 11269 echo "$as_me:11269: \$? = $ac_status" >&5
10542 (exit $ac_status); }; }; then 11270 (exit $ac_status); }; }; then
10543 ac_cv_type_long_int=yes 11271 ac_cv_type_long_int=yes
10544else 11272else
@@ -10548,10 +11276,10 @@ ac_cv_type_long_int=no
10548fi 11276fi
10549rm -f conftest.$ac_objext conftest.$ac_ext 11277rm -f conftest.$ac_objext conftest.$ac_ext
10550fi 11278fi
10551echo "$as_me:10551: result: $ac_cv_type_long_int" >&5 11279echo "$as_me:11279: result: $ac_cv_type_long_int" >&5
10552echo "${ECHO_T}$ac_cv_type_long_int" >&6 11280echo "${ECHO_T}$ac_cv_type_long_int" >&6
10553 11281
10554echo "$as_me:10554: checking size of long int" >&5 11282echo "$as_me:11282: checking size of long int" >&5
10555echo $ECHO_N "checking size of long int... $ECHO_C" >&6 11283echo $ECHO_N "checking size of long int... $ECHO_C" >&6
10556if test "${ac_cv_sizeof_long_int+set}" = set; then 11284if test "${ac_cv_sizeof_long_int+set}" = set; then
10557 echo $ECHO_N "(cached) $ECHO_C" >&6 11285 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -10560,7 +11288,7 @@ else
10560 if test "$cross_compiling" = yes; then 11288 if test "$cross_compiling" = yes; then
10561 # Depending upon the size, compute the lo and hi bounds. 11289 # Depending upon the size, compute the lo and hi bounds.
10562cat >conftest.$ac_ext <<_ACEOF 11290cat >conftest.$ac_ext <<_ACEOF
10563#line 10563 "configure" 11291#line 11291 "configure"
10564#include "confdefs.h" 11292#include "confdefs.h"
10565$ac_includes_default 11293$ac_includes_default
10566int 11294int
@@ -10572,21 +11300,21 @@ int _array_ [1 - 2 * !((sizeof (long int)) >= 0)]
10572} 11300}
10573_ACEOF 11301_ACEOF
10574rm -f conftest.$ac_objext 11302rm -f conftest.$ac_objext
10575if { (eval echo "$as_me:10575: \"$ac_compile\"") >&5 11303if { (eval echo "$as_me:11303: \"$ac_compile\"") >&5
10576 (eval $ac_compile) 2>&5 11304 (eval $ac_compile) 2>&5
10577 ac_status=$? 11305 ac_status=$?
10578 echo "$as_me:10578: \$? = $ac_status" >&5 11306 echo "$as_me:11306: \$? = $ac_status" >&5
10579 (exit $ac_status); } && 11307 (exit $ac_status); } &&
10580 { ac_try='test -s conftest.$ac_objext' 11308 { ac_try='test -s conftest.$ac_objext'
10581 { (eval echo "$as_me:10581: \"$ac_try\"") >&5 11309 { (eval echo "$as_me:11309: \"$ac_try\"") >&5
10582 (eval $ac_try) 2>&5 11310 (eval $ac_try) 2>&5
10583 ac_status=$? 11311 ac_status=$?
10584 echo "$as_me:10584: \$? = $ac_status" >&5 11312 echo "$as_me:11312: \$? = $ac_status" >&5
10585 (exit $ac_status); }; }; then 11313 (exit $ac_status); }; }; then
10586 ac_lo=0 ac_mid=0 11314 ac_lo=0 ac_mid=0
10587 while :; do 11315 while :; do
10588 cat >conftest.$ac_ext <<_ACEOF 11316 cat >conftest.$ac_ext <<_ACEOF
10589#line 10589 "configure" 11317#line 11317 "configure"
10590#include "confdefs.h" 11318#include "confdefs.h"
10591$ac_includes_default 11319$ac_includes_default
10592int 11320int
@@ -10598,16 +11326,16 @@ int _array_ [1 - 2 * !((sizeof (long int)) <= $ac_mid)]
10598} 11326}
10599_ACEOF 11327_ACEOF
10600rm -f conftest.$ac_objext 11328rm -f conftest.$ac_objext
10601if { (eval echo "$as_me:10601: \"$ac_compile\"") >&5 11329if { (eval echo "$as_me:11329: \"$ac_compile\"") >&5
10602 (eval $ac_compile) 2>&5 11330 (eval $ac_compile) 2>&5
10603 ac_status=$? 11331 ac_status=$?
10604 echo "$as_me:10604: \$? = $ac_status" >&5 11332 echo "$as_me:11332: \$? = $ac_status" >&5
10605 (exit $ac_status); } && 11333 (exit $ac_status); } &&
10606 { ac_try='test -s conftest.$ac_objext' 11334 { ac_try='test -s conftest.$ac_objext'
10607 { (eval echo "$as_me:10607: \"$ac_try\"") >&5 11335 { (eval echo "$as_me:11335: \"$ac_try\"") >&5
10608 (eval $ac_try) 2>&5 11336 (eval $ac_try) 2>&5
10609 ac_status=$? 11337 ac_status=$?
10610 echo "$as_me:10610: \$? = $ac_status" >&5 11338 echo "$as_me:11338: \$? = $ac_status" >&5
10611 (exit $ac_status); }; }; then 11339 (exit $ac_status); }; }; then
10612 ac_hi=$ac_mid; break 11340 ac_hi=$ac_mid; break
10613else 11341else
@@ -10623,7 +11351,7 @@ cat conftest.$ac_ext >&5
10623ac_hi=-1 ac_mid=-1 11351ac_hi=-1 ac_mid=-1
10624 while :; do 11352 while :; do
10625 cat >conftest.$ac_ext <<_ACEOF 11353 cat >conftest.$ac_ext <<_ACEOF
10626#line 10626 "configure" 11354#line 11354 "configure"
10627#include "confdefs.h" 11355#include "confdefs.h"
10628$ac_includes_default 11356$ac_includes_default
10629int 11357int
@@ -10635,16 +11363,16 @@ int _array_ [1 - 2 * !((sizeof (long int)) >= $ac_mid)]
10635} 11363}
10636_ACEOF 11364_ACEOF
10637rm -f conftest.$ac_objext 11365rm -f conftest.$ac_objext
10638if { (eval echo "$as_me:10638: \"$ac_compile\"") >&5 11366if { (eval echo "$as_me:11366: \"$ac_compile\"") >&5
10639 (eval $ac_compile) 2>&5 11367 (eval $ac_compile) 2>&5
10640 ac_status=$? 11368 ac_status=$?
10641 echo "$as_me:10641: \$? = $ac_status" >&5 11369 echo "$as_me:11369: \$? = $ac_status" >&5
10642 (exit $ac_status); } && 11370 (exit $ac_status); } &&
10643 { ac_try='test -s conftest.$ac_objext' 11371 { ac_try='test -s conftest.$ac_objext'
10644 { (eval echo "$as_me:10644: \"$ac_try\"") >&5 11372 { (eval echo "$as_me:11372: \"$ac_try\"") >&5
10645 (eval $ac_try) 2>&5 11373 (eval $ac_try) 2>&5
10646 ac_status=$? 11374 ac_status=$?
10647 echo "$as_me:10647: \$? = $ac_status" >&5 11375 echo "$as_me:11375: \$? = $ac_status" >&5
10648 (exit $ac_status); }; }; then 11376 (exit $ac_status); }; }; then
10649 ac_lo=$ac_mid; break 11377 ac_lo=$ac_mid; break
10650else 11378else
@@ -10660,7 +11388,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext
10660while test "x$ac_lo" != "x$ac_hi"; do 11388while test "x$ac_lo" != "x$ac_hi"; do
10661 ac_mid=`expr '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo` 11389 ac_mid=`expr '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo`
10662 cat >conftest.$ac_ext <<_ACEOF 11390 cat >conftest.$ac_ext <<_ACEOF
10663#line 10663 "configure" 11391#line 11391 "configure"
10664#include "confdefs.h" 11392#include "confdefs.h"
10665$ac_includes_default 11393$ac_includes_default
10666int 11394int
@@ -10672,16 +11400,16 @@ int _array_ [1 - 2 * !((sizeof (long int)) <= $ac_mid)]
10672} 11400}
10673_ACEOF 11401_ACEOF
10674rm -f conftest.$ac_objext 11402rm -f conftest.$ac_objext
10675if { (eval echo "$as_me:10675: \"$ac_compile\"") >&5 11403if { (eval echo "$as_me:11403: \"$ac_compile\"") >&5
10676 (eval $ac_compile) 2>&5 11404 (eval $ac_compile) 2>&5
10677 ac_status=$? 11405 ac_status=$?
10678 echo "$as_me:10678: \$? = $ac_status" >&5 11406 echo "$as_me:11406: \$? = $ac_status" >&5
10679 (exit $ac_status); } && 11407 (exit $ac_status); } &&
10680 { ac_try='test -s conftest.$ac_objext' 11408 { ac_try='test -s conftest.$ac_objext'
10681 { (eval echo "$as_me:10681: \"$ac_try\"") >&5 11409 { (eval echo "$as_me:11409: \"$ac_try\"") >&5
10682 (eval $ac_try) 2>&5 11410 (eval $ac_try) 2>&5
10683 ac_status=$? 11411 ac_status=$?
10684 echo "$as_me:10684: \$? = $ac_status" >&5 11412 echo "$as_me:11412: \$? = $ac_status" >&5
10685 (exit $ac_status); }; }; then 11413 (exit $ac_status); }; }; then
10686 ac_hi=$ac_mid 11414 ac_hi=$ac_mid
10687else 11415else
@@ -10694,12 +11422,12 @@ done
10694ac_cv_sizeof_long_int=$ac_lo 11422ac_cv_sizeof_long_int=$ac_lo
10695else 11423else
10696 if test "$cross_compiling" = yes; then 11424 if test "$cross_compiling" = yes; then
10697 { { echo "$as_me:10697: error: cannot run test program while cross compiling" >&5 11425 { { echo "$as_me:11425: error: cannot run test program while cross compiling" >&5
10698echo "$as_me: error: cannot run test program while cross compiling" >&2;} 11426echo "$as_me: error: cannot run test program while cross compiling" >&2;}
10699 { (exit 1); exit 1; }; } 11427 { (exit 1); exit 1; }; }
10700else 11428else
10701 cat >conftest.$ac_ext <<_ACEOF 11429 cat >conftest.$ac_ext <<_ACEOF
10702#line 10702 "configure" 11430#line 11430 "configure"
10703#include "confdefs.h" 11431#include "confdefs.h"
10704$ac_includes_default 11432$ac_includes_default
10705int 11433int
@@ -10715,15 +11443,15 @@ fclose (f);
10715} 11443}
10716_ACEOF 11444_ACEOF
10717rm -f conftest$ac_exeext 11445rm -f conftest$ac_exeext
10718if { (eval echo "$as_me:10718: \"$ac_link\"") >&5 11446if { (eval echo "$as_me:11446: \"$ac_link\"") >&5
10719 (eval $ac_link) 2>&5 11447 (eval $ac_link) 2>&5
10720 ac_status=$? 11448 ac_status=$?
10721 echo "$as_me:10721: \$? = $ac_status" >&5 11449 echo "$as_me:11449: \$? = $ac_status" >&5
10722 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' 11450 (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
10723 { (eval echo "$as_me:10723: \"$ac_try\"") >&5 11451 { (eval echo "$as_me:11451: \"$ac_try\"") >&5
10724 (eval $ac_try) 2>&5 11452 (eval $ac_try) 2>&5
10725 ac_status=$? 11453 ac_status=$?
10726 echo "$as_me:10726: \$? = $ac_status" >&5 11454 echo "$as_me:11454: \$? = $ac_status" >&5
10727 (exit $ac_status); }; }; then 11455 (exit $ac_status); }; }; then
10728 ac_cv_sizeof_long_int=`cat conftest.val` 11456 ac_cv_sizeof_long_int=`cat conftest.val`
10729else 11457else
@@ -10739,19 +11467,19 @@ else
10739 ac_cv_sizeof_long_int=0 11467 ac_cv_sizeof_long_int=0
10740fi 11468fi
10741fi 11469fi
10742echo "$as_me:10742: result: $ac_cv_sizeof_long_int" >&5 11470echo "$as_me:11470: result: $ac_cv_sizeof_long_int" >&5
10743echo "${ECHO_T}$ac_cv_sizeof_long_int" >&6 11471echo "${ECHO_T}$ac_cv_sizeof_long_int" >&6
10744cat >>confdefs.h <<EOF 11472cat >>confdefs.h <<EOF
10745#define SIZEOF_LONG_INT $ac_cv_sizeof_long_int 11473#define SIZEOF_LONG_INT $ac_cv_sizeof_long_int
10746EOF 11474EOF
10747 11475
10748echo "$as_me:10748: checking for long long int" >&5 11476echo "$as_me:11476: checking for long long int" >&5
10749echo $ECHO_N "checking for long long int... $ECHO_C" >&6 11477echo $ECHO_N "checking for long long int... $ECHO_C" >&6
10750if test "${ac_cv_type_long_long_int+set}" = set; then 11478if test "${ac_cv_type_long_long_int+set}" = set; then
10751 echo $ECHO_N "(cached) $ECHO_C" >&6 11479 echo $ECHO_N "(cached) $ECHO_C" >&6
10752else 11480else
10753 cat >conftest.$ac_ext <<_ACEOF 11481 cat >conftest.$ac_ext <<_ACEOF
10754#line 10754 "configure" 11482#line 11482 "configure"
10755#include "confdefs.h" 11483#include "confdefs.h"
10756$ac_includes_default 11484$ac_includes_default
10757int 11485int
@@ -10766,16 +11494,16 @@ if (sizeof (long long int))
10766} 11494}
10767_ACEOF 11495_ACEOF
10768rm -f conftest.$ac_objext 11496rm -f conftest.$ac_objext
10769if { (eval echo "$as_me:10769: \"$ac_compile\"") >&5 11497if { (eval echo "$as_me:11497: \"$ac_compile\"") >&5
10770 (eval $ac_compile) 2>&5 11498 (eval $ac_compile) 2>&5
10771 ac_status=$? 11499 ac_status=$?
10772 echo "$as_me:10772: \$? = $ac_status" >&5 11500 echo "$as_me:11500: \$? = $ac_status" >&5
10773 (exit $ac_status); } && 11501 (exit $ac_status); } &&
10774 { ac_try='test -s conftest.$ac_objext' 11502 { ac_try='test -s conftest.$ac_objext'
10775 { (eval echo "$as_me:10775: \"$ac_try\"") >&5 11503 { (eval echo "$as_me:11503: \"$ac_try\"") >&5
10776 (eval $ac_try) 2>&5 11504 (eval $ac_try) 2>&5
10777 ac_status=$? 11505 ac_status=$?
10778 echo "$as_me:10778: \$? = $ac_status" >&5 11506 echo "$as_me:11506: \$? = $ac_status" >&5
10779 (exit $ac_status); }; }; then 11507 (exit $ac_status); }; }; then
10780 ac_cv_type_long_long_int=yes 11508 ac_cv_type_long_long_int=yes
10781else 11509else
@@ -10785,10 +11513,10 @@ ac_cv_type_long_long_int=no
10785fi 11513fi
10786rm -f conftest.$ac_objext conftest.$ac_ext 11514rm -f conftest.$ac_objext conftest.$ac_ext
10787fi 11515fi
10788echo "$as_me:10788: result: $ac_cv_type_long_long_int" >&5 11516echo "$as_me:11516: result: $ac_cv_type_long_long_int" >&5
10789echo "${ECHO_T}$ac_cv_type_long_long_int" >&6 11517echo "${ECHO_T}$ac_cv_type_long_long_int" >&6
10790 11518
10791echo "$as_me:10791: checking size of long long int" >&5 11519echo "$as_me:11519: checking size of long long int" >&5
10792echo $ECHO_N "checking size of long long int... $ECHO_C" >&6 11520echo $ECHO_N "checking size of long long int... $ECHO_C" >&6
10793if test "${ac_cv_sizeof_long_long_int+set}" = set; then 11521if test "${ac_cv_sizeof_long_long_int+set}" = set; then
10794 echo $ECHO_N "(cached) $ECHO_C" >&6 11522 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -10797,7 +11525,7 @@ else
10797 if test "$cross_compiling" = yes; then 11525 if test "$cross_compiling" = yes; then
10798 # Depending upon the size, compute the lo and hi bounds. 11526 # Depending upon the size, compute the lo and hi bounds.
10799cat >conftest.$ac_ext <<_ACEOF 11527cat >conftest.$ac_ext <<_ACEOF
10800#line 10800 "configure" 11528#line 11528 "configure"
10801#include "confdefs.h" 11529#include "confdefs.h"
10802$ac_includes_default 11530$ac_includes_default
10803int 11531int
@@ -10809,21 +11537,21 @@ int _array_ [1 - 2 * !((sizeof (long long int)) >= 0)]
10809} 11537}
10810_ACEOF 11538_ACEOF
10811rm -f conftest.$ac_objext 11539rm -f conftest.$ac_objext
10812if { (eval echo "$as_me:10812: \"$ac_compile\"") >&5 11540if { (eval echo "$as_me:11540: \"$ac_compile\"") >&5
10813 (eval $ac_compile) 2>&5 11541 (eval $ac_compile) 2>&5
10814 ac_status=$? 11542 ac_status=$?
10815 echo "$as_me:10815: \$? = $ac_status" >&5 11543 echo "$as_me:11543: \$? = $ac_status" >&5
10816 (exit $ac_status); } && 11544 (exit $ac_status); } &&
10817 { ac_try='test -s conftest.$ac_objext' 11545 { ac_try='test -s conftest.$ac_objext'
10818 { (eval echo "$as_me:10818: \"$ac_try\"") >&5 11546 { (eval echo "$as_me:11546: \"$ac_try\"") >&5
10819 (eval $ac_try) 2>&5 11547 (eval $ac_try) 2>&5
10820 ac_status=$? 11548 ac_status=$?
10821 echo "$as_me:10821: \$? = $ac_status" >&5 11549 echo "$as_me:11549: \$? = $ac_status" >&5
10822 (exit $ac_status); }; }; then 11550 (exit $ac_status); }; }; then
10823 ac_lo=0 ac_mid=0 11551 ac_lo=0 ac_mid=0
10824 while :; do 11552 while :; do
10825 cat >conftest.$ac_ext <<_ACEOF 11553 cat >conftest.$ac_ext <<_ACEOF
10826#line 10826 "configure" 11554#line 11554 "configure"
10827#include "confdefs.h" 11555#include "confdefs.h"
10828$ac_includes_default 11556$ac_includes_default
10829int 11557int
@@ -10835,16 +11563,16 @@ int _array_ [1 - 2 * !((sizeof (long long int)) <= $ac_mid)]
10835} 11563}
10836_ACEOF 11564_ACEOF
10837rm -f conftest.$ac_objext 11565rm -f conftest.$ac_objext
10838if { (eval echo "$as_me:10838: \"$ac_compile\"") >&5 11566if { (eval echo "$as_me:11566: \"$ac_compile\"") >&5
10839 (eval $ac_compile) 2>&5 11567 (eval $ac_compile) 2>&5
10840 ac_status=$? 11568 ac_status=$?
10841 echo "$as_me:10841: \$? = $ac_status" >&5 11569 echo "$as_me:11569: \$? = $ac_status" >&5
10842 (exit $ac_status); } && 11570 (exit $ac_status); } &&
10843 { ac_try='test -s conftest.$ac_objext' 11571 { ac_try='test -s conftest.$ac_objext'
10844 { (eval echo "$as_me:10844: \"$ac_try\"") >&5 11572 { (eval echo "$as_me:11572: \"$ac_try\"") >&5
10845 (eval $ac_try) 2>&5 11573 (eval $ac_try) 2>&5
10846 ac_status=$? 11574 ac_status=$?
10847 echo "$as_me:10847: \$? = $ac_status" >&5 11575 echo "$as_me:11575: \$? = $ac_status" >&5
10848 (exit $ac_status); }; }; then 11576 (exit $ac_status); }; }; then
10849 ac_hi=$ac_mid; break 11577 ac_hi=$ac_mid; break
10850else 11578else
@@ -10860,7 +11588,7 @@ cat conftest.$ac_ext >&5
10860ac_hi=-1 ac_mid=-1 11588ac_hi=-1 ac_mid=-1
10861 while :; do 11589 while :; do
10862 cat >conftest.$ac_ext <<_ACEOF 11590 cat >conftest.$ac_ext <<_ACEOF
10863#line 10863 "configure" 11591#line 11591 "configure"
10864#include "confdefs.h" 11592#include "confdefs.h"
10865$ac_includes_default 11593$ac_includes_default
10866int 11594int
@@ -10872,16 +11600,16 @@ int _array_ [1 - 2 * !((sizeof (long long int)) >= $ac_mid)]
10872} 11600}
10873_ACEOF 11601_ACEOF
10874rm -f conftest.$ac_objext 11602rm -f conftest.$ac_objext
10875if { (eval echo "$as_me:10875: \"$ac_compile\"") >&5 11603if { (eval echo "$as_me:11603: \"$ac_compile\"") >&5
10876 (eval $ac_compile) 2>&5 11604 (eval $ac_compile) 2>&5
10877 ac_status=$? 11605 ac_status=$?
10878 echo "$as_me:10878: \$? = $ac_status" >&5 11606 echo "$as_me:11606: \$? = $ac_status" >&5
10879 (exit $ac_status); } && 11607 (exit $ac_status); } &&
10880 { ac_try='test -s conftest.$ac_objext' 11608 { ac_try='test -s conftest.$ac_objext'
10881 { (eval echo "$as_me:10881: \"$ac_try\"") >&5 11609 { (eval echo "$as_me:11609: \"$ac_try\"") >&5
10882 (eval $ac_try) 2>&5 11610 (eval $ac_try) 2>&5
10883 ac_status=$? 11611 ac_status=$?
10884 echo "$as_me:10884: \$? = $ac_status" >&5 11612 echo "$as_me:11612: \$? = $ac_status" >&5
10885 (exit $ac_status); }; }; then 11613 (exit $ac_status); }; }; then
10886 ac_lo=$ac_mid; break 11614 ac_lo=$ac_mid; break
10887else 11615else
@@ -10897,7 +11625,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext
10897while test "x$ac_lo" != "x$ac_hi"; do 11625while test "x$ac_lo" != "x$ac_hi"; do
10898 ac_mid=`expr '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo` 11626 ac_mid=`expr '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo`
10899 cat >conftest.$ac_ext <<_ACEOF 11627 cat >conftest.$ac_ext <<_ACEOF
10900#line 10900 "configure" 11628#line 11628 "configure"
10901#include "confdefs.h" 11629#include "confdefs.h"
10902$ac_includes_default 11630$ac_includes_default
10903int 11631int
@@ -10909,16 +11637,16 @@ int _array_ [1 - 2 * !((sizeof (long long int)) <= $ac_mid)]
10909} 11637}
10910_ACEOF 11638_ACEOF
10911rm -f conftest.$ac_objext 11639rm -f conftest.$ac_objext
10912if { (eval echo "$as_me:10912: \"$ac_compile\"") >&5 11640if { (eval echo "$as_me:11640: \"$ac_compile\"") >&5
10913 (eval $ac_compile) 2>&5 11641 (eval $ac_compile) 2>&5
10914 ac_status=$? 11642 ac_status=$?
10915 echo "$as_me:10915: \$? = $ac_status" >&5 11643 echo "$as_me:11643: \$? = $ac_status" >&5
10916 (exit $ac_status); } && 11644 (exit $ac_status); } &&
10917 { ac_try='test -s conftest.$ac_objext' 11645 { ac_try='test -s conftest.$ac_objext'
10918 { (eval echo "$as_me:10918: \"$ac_try\"") >&5 11646 { (eval echo "$as_me:11646: \"$ac_try\"") >&5
10919 (eval $ac_try) 2>&5 11647 (eval $ac_try) 2>&5
10920 ac_status=$? 11648 ac_status=$?
10921 echo "$as_me:10921: \$? = $ac_status" >&5 11649 echo "$as_me:11649: \$? = $ac_status" >&5
10922 (exit $ac_status); }; }; then 11650 (exit $ac_status); }; }; then
10923 ac_hi=$ac_mid 11651 ac_hi=$ac_mid
10924else 11652else
@@ -10931,12 +11659,12 @@ done
10931ac_cv_sizeof_long_long_int=$ac_lo 11659ac_cv_sizeof_long_long_int=$ac_lo
10932else 11660else
10933 if test "$cross_compiling" = yes; then 11661 if test "$cross_compiling" = yes; then
10934 { { echo "$as_me:10934: error: cannot run test program while cross compiling" >&5 11662 { { echo "$as_me:11662: error: cannot run test program while cross compiling" >&5
10935echo "$as_me: error: cannot run test program while cross compiling" >&2;} 11663echo "$as_me: error: cannot run test program while cross compiling" >&2;}
10936 { (exit 1); exit 1; }; } 11664 { (exit 1); exit 1; }; }
10937else 11665else
10938 cat >conftest.$ac_ext <<_ACEOF 11666 cat >conftest.$ac_ext <<_ACEOF
10939#line 10939 "configure" 11667#line 11667 "configure"
10940#include "confdefs.h" 11668#include "confdefs.h"
10941$ac_includes_default 11669$ac_includes_default
10942int 11670int
@@ -10952,15 +11680,15 @@ fclose (f);
10952} 11680}
10953_ACEOF 11681_ACEOF
10954rm -f conftest$ac_exeext 11682rm -f conftest$ac_exeext
10955if { (eval echo "$as_me:10955: \"$ac_link\"") >&5 11683if { (eval echo "$as_me:11683: \"$ac_link\"") >&5
10956 (eval $ac_link) 2>&5 11684 (eval $ac_link) 2>&5
10957 ac_status=$? 11685 ac_status=$?
10958 echo "$as_me:10958: \$? = $ac_status" >&5 11686 echo "$as_me:11686: \$? = $ac_status" >&5
10959 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' 11687 (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
10960 { (eval echo "$as_me:10960: \"$ac_try\"") >&5 11688 { (eval echo "$as_me:11688: \"$ac_try\"") >&5
10961 (eval $ac_try) 2>&5 11689 (eval $ac_try) 2>&5
10962 ac_status=$? 11690 ac_status=$?
10963 echo "$as_me:10963: \$? = $ac_status" >&5 11691 echo "$as_me:11691: \$? = $ac_status" >&5
10964 (exit $ac_status); }; }; then 11692 (exit $ac_status); }; }; then
10965 ac_cv_sizeof_long_long_int=`cat conftest.val` 11693 ac_cv_sizeof_long_long_int=`cat conftest.val`
10966else 11694else
@@ -10976,7 +11704,7 @@ else
10976 ac_cv_sizeof_long_long_int=0 11704 ac_cv_sizeof_long_long_int=0
10977fi 11705fi
10978fi 11706fi
10979echo "$as_me:10979: result: $ac_cv_sizeof_long_long_int" >&5 11707echo "$as_me:11707: result: $ac_cv_sizeof_long_long_int" >&5
10980echo "${ECHO_T}$ac_cv_sizeof_long_long_int" >&6 11708echo "${ECHO_T}$ac_cv_sizeof_long_long_int" >&6
10981cat >>confdefs.h <<EOF 11709cat >>confdefs.h <<EOF
10982#define SIZEOF_LONG_LONG_INT $ac_cv_sizeof_long_long_int 11710#define SIZEOF_LONG_LONG_INT $ac_cv_sizeof_long_long_int
@@ -10988,14 +11716,14 @@ if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
10988fi 11716fi
10989 11717
10990# More checks for data types 11718# More checks for data types
10991echo "$as_me:10991: checking for u_int type" >&5 11719echo "$as_me:11719: checking for u_int type" >&5
10992echo $ECHO_N "checking for u_int type... $ECHO_C" >&6 11720echo $ECHO_N "checking for u_int type... $ECHO_C" >&6
10993if test "${ac_cv_have_u_int+set}" = set; then 11721if test "${ac_cv_have_u_int+set}" = set; then
10994 echo $ECHO_N "(cached) $ECHO_C" >&6 11722 echo $ECHO_N "(cached) $ECHO_C" >&6
10995else 11723else
10996 11724
10997 cat >conftest.$ac_ext <<_ACEOF 11725 cat >conftest.$ac_ext <<_ACEOF
10998#line 10998 "configure" 11726#line 11726 "configure"
10999#include "confdefs.h" 11727#include "confdefs.h"
11000 #include <sys/types.h> 11728 #include <sys/types.h>
11001int 11729int
@@ -11007,16 +11735,16 @@ main ()
11007} 11735}
11008_ACEOF 11736_ACEOF
11009rm -f conftest.$ac_objext 11737rm -f conftest.$ac_objext
11010if { (eval echo "$as_me:11010: \"$ac_compile\"") >&5 11738if { (eval echo "$as_me:11738: \"$ac_compile\"") >&5
11011 (eval $ac_compile) 2>&5 11739 (eval $ac_compile) 2>&5
11012 ac_status=$? 11740 ac_status=$?
11013 echo "$as_me:11013: \$? = $ac_status" >&5 11741 echo "$as_me:11741: \$? = $ac_status" >&5
11014 (exit $ac_status); } && 11742 (exit $ac_status); } &&
11015 { ac_try='test -s conftest.$ac_objext' 11743 { ac_try='test -s conftest.$ac_objext'
11016 { (eval echo "$as_me:11016: \"$ac_try\"") >&5 11744 { (eval echo "$as_me:11744: \"$ac_try\"") >&5
11017 (eval $ac_try) 2>&5 11745 (eval $ac_try) 2>&5
11018 ac_status=$? 11746 ac_status=$?
11019 echo "$as_me:11019: \$? = $ac_status" >&5 11747 echo "$as_me:11747: \$? = $ac_status" >&5
11020 (exit $ac_status); }; }; then 11748 (exit $ac_status); }; }; then
11021 ac_cv_have_u_int="yes" 11749 ac_cv_have_u_int="yes"
11022else 11750else
@@ -11028,7 +11756,7 @@ fi
11028rm -f conftest.$ac_objext conftest.$ac_ext 11756rm -f conftest.$ac_objext conftest.$ac_ext
11029 11757
11030fi 11758fi
11031echo "$as_me:11031: result: $ac_cv_have_u_int" >&5 11759echo "$as_me:11759: result: $ac_cv_have_u_int" >&5
11032echo "${ECHO_T}$ac_cv_have_u_int" >&6 11760echo "${ECHO_T}$ac_cv_have_u_int" >&6
11033if test "x$ac_cv_have_u_int" = "xyes" ; then 11761if test "x$ac_cv_have_u_int" = "xyes" ; then
11034 cat >>confdefs.h <<\EOF 11762 cat >>confdefs.h <<\EOF
@@ -11038,14 +11766,14 @@ EOF
11038 have_u_int=1 11766 have_u_int=1
11039fi 11767fi
11040 11768
11041echo "$as_me:11041: checking for intXX_t types" >&5 11769echo "$as_me:11769: checking for intXX_t types" >&5
11042echo $ECHO_N "checking for intXX_t types... $ECHO_C" >&6 11770echo $ECHO_N "checking for intXX_t types... $ECHO_C" >&6
11043if test "${ac_cv_have_intxx_t+set}" = set; then 11771if test "${ac_cv_have_intxx_t+set}" = set; then
11044 echo $ECHO_N "(cached) $ECHO_C" >&6 11772 echo $ECHO_N "(cached) $ECHO_C" >&6
11045else 11773else
11046 11774
11047 cat >conftest.$ac_ext <<_ACEOF 11775 cat >conftest.$ac_ext <<_ACEOF
11048#line 11048 "configure" 11776#line 11776 "configure"
11049#include "confdefs.h" 11777#include "confdefs.h"
11050 #include <sys/types.h> 11778 #include <sys/types.h>
11051int 11779int
@@ -11057,16 +11785,16 @@ main ()
11057} 11785}
11058_ACEOF 11786_ACEOF
11059rm -f conftest.$ac_objext 11787rm -f conftest.$ac_objext
11060if { (eval echo "$as_me:11060: \"$ac_compile\"") >&5 11788if { (eval echo "$as_me:11788: \"$ac_compile\"") >&5
11061 (eval $ac_compile) 2>&5 11789 (eval $ac_compile) 2>&5
11062 ac_status=$? 11790 ac_status=$?
11063 echo "$as_me:11063: \$? = $ac_status" >&5 11791 echo "$as_me:11791: \$? = $ac_status" >&5
11064 (exit $ac_status); } && 11792 (exit $ac_status); } &&
11065 { ac_try='test -s conftest.$ac_objext' 11793 { ac_try='test -s conftest.$ac_objext'
11066 { (eval echo "$as_me:11066: \"$ac_try\"") >&5 11794 { (eval echo "$as_me:11794: \"$ac_try\"") >&5
11067 (eval $ac_try) 2>&5 11795 (eval $ac_try) 2>&5
11068 ac_status=$? 11796 ac_status=$?
11069 echo "$as_me:11069: \$? = $ac_status" >&5 11797 echo "$as_me:11797: \$? = $ac_status" >&5
11070 (exit $ac_status); }; }; then 11798 (exit $ac_status); }; }; then
11071 ac_cv_have_intxx_t="yes" 11799 ac_cv_have_intxx_t="yes"
11072else 11800else
@@ -11078,7 +11806,7 @@ fi
11078rm -f conftest.$ac_objext conftest.$ac_ext 11806rm -f conftest.$ac_objext conftest.$ac_ext
11079 11807
11080fi 11808fi
11081echo "$as_me:11081: result: $ac_cv_have_intxx_t" >&5 11809echo "$as_me:11809: result: $ac_cv_have_intxx_t" >&5
11082echo "${ECHO_T}$ac_cv_have_intxx_t" >&6 11810echo "${ECHO_T}$ac_cv_have_intxx_t" >&6
11083if test "x$ac_cv_have_intxx_t" = "xyes" ; then 11811if test "x$ac_cv_have_intxx_t" = "xyes" ; then
11084 cat >>confdefs.h <<\EOF 11812 cat >>confdefs.h <<\EOF
@@ -11089,12 +11817,12 @@ EOF
11089fi 11817fi
11090 11818
11091if (test -z "$have_intxx_t" && \ 11819if (test -z "$have_intxx_t" && \
11092 test "x$ac_cv_header_stdint_h" = "xyes") 11820 test "x$ac_cv_header_stdint_h" = "xyes")
11093then 11821then
11094 echo "$as_me:11094: checking for intXX_t types in stdint.h" >&5 11822 echo "$as_me:11822: checking for intXX_t types in stdint.h" >&5
11095echo $ECHO_N "checking for intXX_t types in stdint.h... $ECHO_C" >&6 11823echo $ECHO_N "checking for intXX_t types in stdint.h... $ECHO_C" >&6
11096 cat >conftest.$ac_ext <<_ACEOF 11824 cat >conftest.$ac_ext <<_ACEOF
11097#line 11097 "configure" 11825#line 11825 "configure"
11098#include "confdefs.h" 11826#include "confdefs.h"
11099 #include <stdint.h> 11827 #include <stdint.h>
11100int 11828int
@@ -11106,43 +11834,43 @@ main ()
11106} 11834}
11107_ACEOF 11835_ACEOF
11108rm -f conftest.$ac_objext 11836rm -f conftest.$ac_objext
11109if { (eval echo "$as_me:11109: \"$ac_compile\"") >&5 11837if { (eval echo "$as_me:11837: \"$ac_compile\"") >&5
11110 (eval $ac_compile) 2>&5 11838 (eval $ac_compile) 2>&5
11111 ac_status=$? 11839 ac_status=$?
11112 echo "$as_me:11112: \$? = $ac_status" >&5 11840 echo "$as_me:11840: \$? = $ac_status" >&5
11113 (exit $ac_status); } && 11841 (exit $ac_status); } &&
11114 { ac_try='test -s conftest.$ac_objext' 11842 { ac_try='test -s conftest.$ac_objext'
11115 { (eval echo "$as_me:11115: \"$ac_try\"") >&5 11843 { (eval echo "$as_me:11843: \"$ac_try\"") >&5
11116 (eval $ac_try) 2>&5 11844 (eval $ac_try) 2>&5
11117 ac_status=$? 11845 ac_status=$?
11118 echo "$as_me:11118: \$? = $ac_status" >&5 11846 echo "$as_me:11846: \$? = $ac_status" >&5
11119 (exit $ac_status); }; }; then 11847 (exit $ac_status); }; }; then
11120 11848
11121 cat >>confdefs.h <<\EOF 11849 cat >>confdefs.h <<\EOF
11122#define HAVE_INTXX_T 1 11850#define HAVE_INTXX_T 1
11123EOF 11851EOF
11124 11852
11125 echo "$as_me:11125: result: yes" >&5 11853 echo "$as_me:11853: result: yes" >&5
11126echo "${ECHO_T}yes" >&6 11854echo "${ECHO_T}yes" >&6
11127 11855
11128else 11856else
11129 echo "$as_me: failed program was:" >&5 11857 echo "$as_me: failed program was:" >&5
11130cat conftest.$ac_ext >&5 11858cat conftest.$ac_ext >&5
11131 echo "$as_me:11131: result: no" >&5 11859 echo "$as_me:11859: result: no" >&5
11132echo "${ECHO_T}no" >&6 11860echo "${ECHO_T}no" >&6
11133 11861
11134fi 11862fi
11135rm -f conftest.$ac_objext conftest.$ac_ext 11863rm -f conftest.$ac_objext conftest.$ac_ext
11136fi 11864fi
11137 11865
11138echo "$as_me:11138: checking for int64_t type" >&5 11866echo "$as_me:11866: checking for int64_t type" >&5
11139echo $ECHO_N "checking for int64_t type... $ECHO_C" >&6 11867echo $ECHO_N "checking for int64_t type... $ECHO_C" >&6
11140if test "${ac_cv_have_int64_t+set}" = set; then 11868if test "${ac_cv_have_int64_t+set}" = set; then
11141 echo $ECHO_N "(cached) $ECHO_C" >&6 11869 echo $ECHO_N "(cached) $ECHO_C" >&6
11142else 11870else
11143 11871
11144 cat >conftest.$ac_ext <<_ACEOF 11872 cat >conftest.$ac_ext <<_ACEOF
11145#line 11145 "configure" 11873#line 11873 "configure"
11146#include "confdefs.h" 11874#include "confdefs.h"
11147 11875
11148#include <sys/types.h> 11876#include <sys/types.h>
@@ -11163,16 +11891,16 @@ main ()
11163} 11891}
11164_ACEOF 11892_ACEOF
11165rm -f conftest.$ac_objext 11893rm -f conftest.$ac_objext
11166if { (eval echo "$as_me:11166: \"$ac_compile\"") >&5 11894if { (eval echo "$as_me:11894: \"$ac_compile\"") >&5
11167 (eval $ac_compile) 2>&5 11895 (eval $ac_compile) 2>&5
11168 ac_status=$? 11896 ac_status=$?
11169 echo "$as_me:11169: \$? = $ac_status" >&5 11897 echo "$as_me:11897: \$? = $ac_status" >&5
11170 (exit $ac_status); } && 11898 (exit $ac_status); } &&
11171 { ac_try='test -s conftest.$ac_objext' 11899 { ac_try='test -s conftest.$ac_objext'
11172 { (eval echo "$as_me:11172: \"$ac_try\"") >&5 11900 { (eval echo "$as_me:11900: \"$ac_try\"") >&5
11173 (eval $ac_try) 2>&5 11901 (eval $ac_try) 2>&5
11174 ac_status=$? 11902 ac_status=$?
11175 echo "$as_me:11175: \$? = $ac_status" >&5 11903 echo "$as_me:11903: \$? = $ac_status" >&5
11176 (exit $ac_status); }; }; then 11904 (exit $ac_status); }; }; then
11177 ac_cv_have_int64_t="yes" 11905 ac_cv_have_int64_t="yes"
11178else 11906else
@@ -11184,7 +11912,7 @@ fi
11184rm -f conftest.$ac_objext conftest.$ac_ext 11912rm -f conftest.$ac_objext conftest.$ac_ext
11185 11913
11186fi 11914fi
11187echo "$as_me:11187: result: $ac_cv_have_int64_t" >&5 11915echo "$as_me:11915: result: $ac_cv_have_int64_t" >&5
11188echo "${ECHO_T}$ac_cv_have_int64_t" >&6 11916echo "${ECHO_T}$ac_cv_have_int64_t" >&6
11189if test "x$ac_cv_have_int64_t" = "xyes" ; then 11917if test "x$ac_cv_have_int64_t" = "xyes" ; then
11190 cat >>confdefs.h <<\EOF 11918 cat >>confdefs.h <<\EOF
@@ -11193,14 +11921,14 @@ EOF
11193 11921
11194fi 11922fi
11195 11923
11196echo "$as_me:11196: checking for u_intXX_t types" >&5 11924echo "$as_me:11924: checking for u_intXX_t types" >&5
11197echo $ECHO_N "checking for u_intXX_t types... $ECHO_C" >&6 11925echo $ECHO_N "checking for u_intXX_t types... $ECHO_C" >&6
11198if test "${ac_cv_have_u_intxx_t+set}" = set; then 11926if test "${ac_cv_have_u_intxx_t+set}" = set; then
11199 echo $ECHO_N "(cached) $ECHO_C" >&6 11927 echo $ECHO_N "(cached) $ECHO_C" >&6
11200else 11928else
11201 11929
11202 cat >conftest.$ac_ext <<_ACEOF 11930 cat >conftest.$ac_ext <<_ACEOF
11203#line 11203 "configure" 11931#line 11931 "configure"
11204#include "confdefs.h" 11932#include "confdefs.h"
11205 #include <sys/types.h> 11933 #include <sys/types.h>
11206int 11934int
@@ -11212,16 +11940,16 @@ main ()
11212} 11940}
11213_ACEOF 11941_ACEOF
11214rm -f conftest.$ac_objext 11942rm -f conftest.$ac_objext
11215if { (eval echo "$as_me:11215: \"$ac_compile\"") >&5 11943if { (eval echo "$as_me:11943: \"$ac_compile\"") >&5
11216 (eval $ac_compile) 2>&5 11944 (eval $ac_compile) 2>&5
11217 ac_status=$? 11945 ac_status=$?
11218 echo "$as_me:11218: \$? = $ac_status" >&5 11946 echo "$as_me:11946: \$? = $ac_status" >&5
11219 (exit $ac_status); } && 11947 (exit $ac_status); } &&
11220 { ac_try='test -s conftest.$ac_objext' 11948 { ac_try='test -s conftest.$ac_objext'
11221 { (eval echo "$as_me:11221: \"$ac_try\"") >&5 11949 { (eval echo "$as_me:11949: \"$ac_try\"") >&5
11222 (eval $ac_try) 2>&5 11950 (eval $ac_try) 2>&5
11223 ac_status=$? 11951 ac_status=$?
11224 echo "$as_me:11224: \$? = $ac_status" >&5 11952 echo "$as_me:11952: \$? = $ac_status" >&5
11225 (exit $ac_status); }; }; then 11953 (exit $ac_status); }; }; then
11226 ac_cv_have_u_intxx_t="yes" 11954 ac_cv_have_u_intxx_t="yes"
11227else 11955else
@@ -11233,7 +11961,7 @@ fi
11233rm -f conftest.$ac_objext conftest.$ac_ext 11961rm -f conftest.$ac_objext conftest.$ac_ext
11234 11962
11235fi 11963fi
11236echo "$as_me:11236: result: $ac_cv_have_u_intxx_t" >&5 11964echo "$as_me:11964: result: $ac_cv_have_u_intxx_t" >&5
11237echo "${ECHO_T}$ac_cv_have_u_intxx_t" >&6 11965echo "${ECHO_T}$ac_cv_have_u_intxx_t" >&6
11238if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then 11966if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
11239 cat >>confdefs.h <<\EOF 11967 cat >>confdefs.h <<\EOF
@@ -11244,10 +11972,10 @@ EOF
11244fi 11972fi
11245 11973
11246if test -z "$have_u_intxx_t" ; then 11974if test -z "$have_u_intxx_t" ; then
11247 echo "$as_me:11247: checking for u_intXX_t types in sys/socket.h" >&5 11975 echo "$as_me:11975: checking for u_intXX_t types in sys/socket.h" >&5
11248echo $ECHO_N "checking for u_intXX_t types in sys/socket.h... $ECHO_C" >&6 11976echo $ECHO_N "checking for u_intXX_t types in sys/socket.h... $ECHO_C" >&6
11249 cat >conftest.$ac_ext <<_ACEOF 11977 cat >conftest.$ac_ext <<_ACEOF
11250#line 11250 "configure" 11978#line 11978 "configure"
11251#include "confdefs.h" 11979#include "confdefs.h"
11252 #include <sys/socket.h> 11980 #include <sys/socket.h>
11253int 11981int
@@ -11259,43 +11987,43 @@ main ()
11259} 11987}
11260_ACEOF 11988_ACEOF
11261rm -f conftest.$ac_objext 11989rm -f conftest.$ac_objext
11262if { (eval echo "$as_me:11262: \"$ac_compile\"") >&5 11990if { (eval echo "$as_me:11990: \"$ac_compile\"") >&5
11263 (eval $ac_compile) 2>&5 11991 (eval $ac_compile) 2>&5
11264 ac_status=$? 11992 ac_status=$?
11265 echo "$as_me:11265: \$? = $ac_status" >&5 11993 echo "$as_me:11993: \$? = $ac_status" >&5
11266 (exit $ac_status); } && 11994 (exit $ac_status); } &&
11267 { ac_try='test -s conftest.$ac_objext' 11995 { ac_try='test -s conftest.$ac_objext'
11268 { (eval echo "$as_me:11268: \"$ac_try\"") >&5 11996 { (eval echo "$as_me:11996: \"$ac_try\"") >&5
11269 (eval $ac_try) 2>&5 11997 (eval $ac_try) 2>&5
11270 ac_status=$? 11998 ac_status=$?
11271 echo "$as_me:11271: \$? = $ac_status" >&5 11999 echo "$as_me:11999: \$? = $ac_status" >&5
11272 (exit $ac_status); }; }; then 12000 (exit $ac_status); }; }; then
11273 12001
11274 cat >>confdefs.h <<\EOF 12002 cat >>confdefs.h <<\EOF
11275#define HAVE_U_INTXX_T 1 12003#define HAVE_U_INTXX_T 1
11276EOF 12004EOF
11277 12005
11278 echo "$as_me:11278: result: yes" >&5 12006 echo "$as_me:12006: result: yes" >&5
11279echo "${ECHO_T}yes" >&6 12007echo "${ECHO_T}yes" >&6
11280 12008
11281else 12009else
11282 echo "$as_me: failed program was:" >&5 12010 echo "$as_me: failed program was:" >&5
11283cat conftest.$ac_ext >&5 12011cat conftest.$ac_ext >&5
11284 echo "$as_me:11284: result: no" >&5 12012 echo "$as_me:12012: result: no" >&5
11285echo "${ECHO_T}no" >&6 12013echo "${ECHO_T}no" >&6
11286 12014
11287fi 12015fi
11288rm -f conftest.$ac_objext conftest.$ac_ext 12016rm -f conftest.$ac_objext conftest.$ac_ext
11289fi 12017fi
11290 12018
11291echo "$as_me:11291: checking for u_int64_t types" >&5 12019echo "$as_me:12019: checking for u_int64_t types" >&5
11292echo $ECHO_N "checking for u_int64_t types... $ECHO_C" >&6 12020echo $ECHO_N "checking for u_int64_t types... $ECHO_C" >&6
11293if test "${ac_cv_have_u_int64_t+set}" = set; then 12021if test "${ac_cv_have_u_int64_t+set}" = set; then
11294 echo $ECHO_N "(cached) $ECHO_C" >&6 12022 echo $ECHO_N "(cached) $ECHO_C" >&6
11295else 12023else
11296 12024
11297 cat >conftest.$ac_ext <<_ACEOF 12025 cat >conftest.$ac_ext <<_ACEOF
11298#line 11298 "configure" 12026#line 12026 "configure"
11299#include "confdefs.h" 12027#include "confdefs.h"
11300 #include <sys/types.h> 12028 #include <sys/types.h>
11301int 12029int
@@ -11307,16 +12035,16 @@ main ()
11307} 12035}
11308_ACEOF 12036_ACEOF
11309rm -f conftest.$ac_objext 12037rm -f conftest.$ac_objext
11310if { (eval echo "$as_me:11310: \"$ac_compile\"") >&5 12038if { (eval echo "$as_me:12038: \"$ac_compile\"") >&5
11311 (eval $ac_compile) 2>&5 12039 (eval $ac_compile) 2>&5
11312 ac_status=$? 12040 ac_status=$?
11313 echo "$as_me:11313: \$? = $ac_status" >&5 12041 echo "$as_me:12041: \$? = $ac_status" >&5
11314 (exit $ac_status); } && 12042 (exit $ac_status); } &&
11315 { ac_try='test -s conftest.$ac_objext' 12043 { ac_try='test -s conftest.$ac_objext'
11316 { (eval echo "$as_me:11316: \"$ac_try\"") >&5 12044 { (eval echo "$as_me:12044: \"$ac_try\"") >&5
11317 (eval $ac_try) 2>&5 12045 (eval $ac_try) 2>&5
11318 ac_status=$? 12046 ac_status=$?
11319 echo "$as_me:11319: \$? = $ac_status" >&5 12047 echo "$as_me:12047: \$? = $ac_status" >&5
11320 (exit $ac_status); }; }; then 12048 (exit $ac_status); }; }; then
11321 ac_cv_have_u_int64_t="yes" 12049 ac_cv_have_u_int64_t="yes"
11322else 12050else
@@ -11328,7 +12056,7 @@ fi
11328rm -f conftest.$ac_objext conftest.$ac_ext 12056rm -f conftest.$ac_objext conftest.$ac_ext
11329 12057
11330fi 12058fi
11331echo "$as_me:11331: result: $ac_cv_have_u_int64_t" >&5 12059echo "$as_me:12059: result: $ac_cv_have_u_int64_t" >&5
11332echo "${ECHO_T}$ac_cv_have_u_int64_t" >&6 12060echo "${ECHO_T}$ac_cv_have_u_int64_t" >&6
11333if test "x$ac_cv_have_u_int64_t" = "xyes" ; then 12061if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
11334 cat >>confdefs.h <<\EOF 12062 cat >>confdefs.h <<\EOF
@@ -11339,10 +12067,10 @@ EOF
11339fi 12067fi
11340 12068
11341if test -z "$have_u_int64_t" ; then 12069if test -z "$have_u_int64_t" ; then
11342 echo "$as_me:11342: checking for u_int64_t type in sys/bitypes.h" >&5 12070 echo "$as_me:12070: checking for u_int64_t type in sys/bitypes.h" >&5
11343echo $ECHO_N "checking for u_int64_t type in sys/bitypes.h... $ECHO_C" >&6 12071echo $ECHO_N "checking for u_int64_t type in sys/bitypes.h... $ECHO_C" >&6
11344 cat >conftest.$ac_ext <<_ACEOF 12072 cat >conftest.$ac_ext <<_ACEOF
11345#line 11345 "configure" 12073#line 12073 "configure"
11346#include "confdefs.h" 12074#include "confdefs.h"
11347 #include <sys/bitypes.h> 12075 #include <sys/bitypes.h>
11348int 12076int
@@ -11354,29 +12082,29 @@ main ()
11354} 12082}
11355_ACEOF 12083_ACEOF
11356rm -f conftest.$ac_objext 12084rm -f conftest.$ac_objext
11357if { (eval echo "$as_me:11357: \"$ac_compile\"") >&5 12085if { (eval echo "$as_me:12085: \"$ac_compile\"") >&5
11358 (eval $ac_compile) 2>&5 12086 (eval $ac_compile) 2>&5
11359 ac_status=$? 12087 ac_status=$?
11360 echo "$as_me:11360: \$? = $ac_status" >&5 12088 echo "$as_me:12088: \$? = $ac_status" >&5
11361 (exit $ac_status); } && 12089 (exit $ac_status); } &&
11362 { ac_try='test -s conftest.$ac_objext' 12090 { ac_try='test -s conftest.$ac_objext'
11363 { (eval echo "$as_me:11363: \"$ac_try\"") >&5 12091 { (eval echo "$as_me:12091: \"$ac_try\"") >&5
11364 (eval $ac_try) 2>&5 12092 (eval $ac_try) 2>&5
11365 ac_status=$? 12093 ac_status=$?
11366 echo "$as_me:11366: \$? = $ac_status" >&5 12094 echo "$as_me:12094: \$? = $ac_status" >&5
11367 (exit $ac_status); }; }; then 12095 (exit $ac_status); }; }; then
11368 12096
11369 cat >>confdefs.h <<\EOF 12097 cat >>confdefs.h <<\EOF
11370#define HAVE_U_INT64_T 1 12098#define HAVE_U_INT64_T 1
11371EOF 12099EOF
11372 12100
11373 echo "$as_me:11373: result: yes" >&5 12101 echo "$as_me:12101: result: yes" >&5
11374echo "${ECHO_T}yes" >&6 12102echo "${ECHO_T}yes" >&6
11375 12103
11376else 12104else
11377 echo "$as_me: failed program was:" >&5 12105 echo "$as_me: failed program was:" >&5
11378cat conftest.$ac_ext >&5 12106cat conftest.$ac_ext >&5
11379 echo "$as_me:11379: result: no" >&5 12107 echo "$as_me:12107: result: no" >&5
11380echo "${ECHO_T}no" >&6 12108echo "${ECHO_T}no" >&6
11381 12109
11382fi 12110fi
@@ -11384,14 +12112,14 @@ rm -f conftest.$ac_objext conftest.$ac_ext
11384fi 12112fi
11385 12113
11386if test -z "$have_u_intxx_t" ; then 12114if test -z "$have_u_intxx_t" ; then
11387 echo "$as_me:11387: checking for uintXX_t types" >&5 12115 echo "$as_me:12115: checking for uintXX_t types" >&5
11388echo $ECHO_N "checking for uintXX_t types... $ECHO_C" >&6 12116echo $ECHO_N "checking for uintXX_t types... $ECHO_C" >&6
11389if test "${ac_cv_have_uintxx_t+set}" = set; then 12117if test "${ac_cv_have_uintxx_t+set}" = set; then
11390 echo $ECHO_N "(cached) $ECHO_C" >&6 12118 echo $ECHO_N "(cached) $ECHO_C" >&6
11391else 12119else
11392 12120
11393 cat >conftest.$ac_ext <<_ACEOF 12121 cat >conftest.$ac_ext <<_ACEOF
11394#line 11394 "configure" 12122#line 12122 "configure"
11395#include "confdefs.h" 12123#include "confdefs.h"
11396 12124
11397#include <sys/types.h> 12125#include <sys/types.h>
@@ -11405,16 +12133,16 @@ main ()
11405} 12133}
11406_ACEOF 12134_ACEOF
11407rm -f conftest.$ac_objext 12135rm -f conftest.$ac_objext
11408if { (eval echo "$as_me:11408: \"$ac_compile\"") >&5 12136if { (eval echo "$as_me:12136: \"$ac_compile\"") >&5
11409 (eval $ac_compile) 2>&5 12137 (eval $ac_compile) 2>&5
11410 ac_status=$? 12138 ac_status=$?
11411 echo "$as_me:11411: \$? = $ac_status" >&5 12139 echo "$as_me:12139: \$? = $ac_status" >&5
11412 (exit $ac_status); } && 12140 (exit $ac_status); } &&
11413 { ac_try='test -s conftest.$ac_objext' 12141 { ac_try='test -s conftest.$ac_objext'
11414 { (eval echo "$as_me:11414: \"$ac_try\"") >&5 12142 { (eval echo "$as_me:12142: \"$ac_try\"") >&5
11415 (eval $ac_try) 2>&5 12143 (eval $ac_try) 2>&5
11416 ac_status=$? 12144 ac_status=$?
11417 echo "$as_me:11417: \$? = $ac_status" >&5 12145 echo "$as_me:12145: \$? = $ac_status" >&5
11418 (exit $ac_status); }; }; then 12146 (exit $ac_status); }; }; then
11419 ac_cv_have_uintxx_t="yes" 12147 ac_cv_have_uintxx_t="yes"
11420else 12148else
@@ -11426,7 +12154,7 @@ fi
11426rm -f conftest.$ac_objext conftest.$ac_ext 12154rm -f conftest.$ac_objext conftest.$ac_ext
11427 12155
11428fi 12156fi
11429echo "$as_me:11429: result: $ac_cv_have_uintxx_t" >&5 12157echo "$as_me:12157: result: $ac_cv_have_uintxx_t" >&5
11430echo "${ECHO_T}$ac_cv_have_uintxx_t" >&6 12158echo "${ECHO_T}$ac_cv_have_uintxx_t" >&6
11431 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then 12159 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
11432 cat >>confdefs.h <<\EOF 12160 cat >>confdefs.h <<\EOF
@@ -11437,10 +12165,10 @@ EOF
11437fi 12165fi
11438 12166
11439if test -z "$have_uintxx_t" ; then 12167if test -z "$have_uintxx_t" ; then
11440 echo "$as_me:11440: checking for uintXX_t types in stdint.h" >&5 12168 echo "$as_me:12168: checking for uintXX_t types in stdint.h" >&5
11441echo $ECHO_N "checking for uintXX_t types in stdint.h... $ECHO_C" >&6 12169echo $ECHO_N "checking for uintXX_t types in stdint.h... $ECHO_C" >&6
11442 cat >conftest.$ac_ext <<_ACEOF 12170 cat >conftest.$ac_ext <<_ACEOF
11443#line 11443 "configure" 12171#line 12171 "configure"
11444#include "confdefs.h" 12172#include "confdefs.h"
11445 #include <stdint.h> 12173 #include <stdint.h>
11446int 12174int
@@ -11452,29 +12180,29 @@ main ()
11452} 12180}
11453_ACEOF 12181_ACEOF
11454rm -f conftest.$ac_objext 12182rm -f conftest.$ac_objext
11455if { (eval echo "$as_me:11455: \"$ac_compile\"") >&5 12183if { (eval echo "$as_me:12183: \"$ac_compile\"") >&5
11456 (eval $ac_compile) 2>&5 12184 (eval $ac_compile) 2>&5
11457 ac_status=$? 12185 ac_status=$?
11458 echo "$as_me:11458: \$? = $ac_status" >&5 12186 echo "$as_me:12186: \$? = $ac_status" >&5
11459 (exit $ac_status); } && 12187 (exit $ac_status); } &&
11460 { ac_try='test -s conftest.$ac_objext' 12188 { ac_try='test -s conftest.$ac_objext'
11461 { (eval echo "$as_me:11461: \"$ac_try\"") >&5 12189 { (eval echo "$as_me:12189: \"$ac_try\"") >&5
11462 (eval $ac_try) 2>&5 12190 (eval $ac_try) 2>&5
11463 ac_status=$? 12191 ac_status=$?
11464 echo "$as_me:11464: \$? = $ac_status" >&5 12192 echo "$as_me:12192: \$? = $ac_status" >&5
11465 (exit $ac_status); }; }; then 12193 (exit $ac_status); }; }; then
11466 12194
11467 cat >>confdefs.h <<\EOF 12195 cat >>confdefs.h <<\EOF
11468#define HAVE_UINTXX_T 1 12196#define HAVE_UINTXX_T 1
11469EOF 12197EOF
11470 12198
11471 echo "$as_me:11471: result: yes" >&5 12199 echo "$as_me:12199: result: yes" >&5
11472echo "${ECHO_T}yes" >&6 12200echo "${ECHO_T}yes" >&6
11473 12201
11474else 12202else
11475 echo "$as_me: failed program was:" >&5 12203 echo "$as_me: failed program was:" >&5
11476cat conftest.$ac_ext >&5 12204cat conftest.$ac_ext >&5
11477 echo "$as_me:11477: result: no" >&5 12205 echo "$as_me:12205: result: no" >&5
11478echo "${ECHO_T}no" >&6 12206echo "${ECHO_T}no" >&6
11479 12207
11480fi 12208fi
@@ -11482,12 +12210,12 @@ rm -f conftest.$ac_objext conftest.$ac_ext
11482fi 12210fi
11483 12211
11484if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \ 12212if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
11485 test "x$ac_cv_header_sys_bitypes_h" = "xyes") 12213 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
11486then 12214then
11487 echo "$as_me:11487: checking for intXX_t and u_intXX_t types in sys/bitypes.h" >&5 12215 echo "$as_me:12215: checking for intXX_t and u_intXX_t types in sys/bitypes.h" >&5
11488echo $ECHO_N "checking for intXX_t and u_intXX_t types in sys/bitypes.h... $ECHO_C" >&6 12216echo $ECHO_N "checking for intXX_t and u_intXX_t types in sys/bitypes.h... $ECHO_C" >&6
11489 cat >conftest.$ac_ext <<_ACEOF 12217 cat >conftest.$ac_ext <<_ACEOF
11490#line 11490 "configure" 12218#line 12218 "configure"
11491#include "confdefs.h" 12219#include "confdefs.h"
11492 12220
11493#include <sys/bitypes.h> 12221#include <sys/bitypes.h>
@@ -11505,16 +12233,16 @@ main ()
11505} 12233}
11506_ACEOF 12234_ACEOF
11507rm -f conftest.$ac_objext 12235rm -f conftest.$ac_objext
11508if { (eval echo "$as_me:11508: \"$ac_compile\"") >&5 12236if { (eval echo "$as_me:12236: \"$ac_compile\"") >&5
11509 (eval $ac_compile) 2>&5 12237 (eval $ac_compile) 2>&5
11510 ac_status=$? 12238 ac_status=$?
11511 echo "$as_me:11511: \$? = $ac_status" >&5 12239 echo "$as_me:12239: \$? = $ac_status" >&5
11512 (exit $ac_status); } && 12240 (exit $ac_status); } &&
11513 { ac_try='test -s conftest.$ac_objext' 12241 { ac_try='test -s conftest.$ac_objext'
11514 { (eval echo "$as_me:11514: \"$ac_try\"") >&5 12242 { (eval echo "$as_me:12242: \"$ac_try\"") >&5
11515 (eval $ac_try) 2>&5 12243 (eval $ac_try) 2>&5
11516 ac_status=$? 12244 ac_status=$?
11517 echo "$as_me:11517: \$? = $ac_status" >&5 12245 echo "$as_me:12245: \$? = $ac_status" >&5
11518 (exit $ac_status); }; }; then 12246 (exit $ac_status); }; }; then
11519 12247
11520 cat >>confdefs.h <<\EOF 12248 cat >>confdefs.h <<\EOF
@@ -11525,27 +12253,27 @@ EOF
11525#define HAVE_INTXX_T 1 12253#define HAVE_INTXX_T 1
11526EOF 12254EOF
11527 12255
11528 echo "$as_me:11528: result: yes" >&5 12256 echo "$as_me:12256: result: yes" >&5
11529echo "${ECHO_T}yes" >&6 12257echo "${ECHO_T}yes" >&6
11530 12258
11531else 12259else
11532 echo "$as_me: failed program was:" >&5 12260 echo "$as_me: failed program was:" >&5
11533cat conftest.$ac_ext >&5 12261cat conftest.$ac_ext >&5
11534echo "$as_me:11534: result: no" >&5 12262echo "$as_me:12262: result: no" >&5
11535echo "${ECHO_T}no" >&6 12263echo "${ECHO_T}no" >&6
11536 12264
11537fi 12265fi
11538rm -f conftest.$ac_objext conftest.$ac_ext 12266rm -f conftest.$ac_objext conftest.$ac_ext
11539fi 12267fi
11540 12268
11541echo "$as_me:11541: checking for u_char" >&5 12269echo "$as_me:12269: checking for u_char" >&5
11542echo $ECHO_N "checking for u_char... $ECHO_C" >&6 12270echo $ECHO_N "checking for u_char... $ECHO_C" >&6
11543if test "${ac_cv_have_u_char+set}" = set; then 12271if test "${ac_cv_have_u_char+set}" = set; then
11544 echo $ECHO_N "(cached) $ECHO_C" >&6 12272 echo $ECHO_N "(cached) $ECHO_C" >&6
11545else 12273else
11546 12274
11547 cat >conftest.$ac_ext <<_ACEOF 12275 cat >conftest.$ac_ext <<_ACEOF
11548#line 11548 "configure" 12276#line 12276 "configure"
11549#include "confdefs.h" 12277#include "confdefs.h"
11550 12278
11551#include <sys/types.h> 12279#include <sys/types.h>
@@ -11559,16 +12287,16 @@ main ()
11559} 12287}
11560_ACEOF 12288_ACEOF
11561rm -f conftest.$ac_objext 12289rm -f conftest.$ac_objext
11562if { (eval echo "$as_me:11562: \"$ac_compile\"") >&5 12290if { (eval echo "$as_me:12290: \"$ac_compile\"") >&5
11563 (eval $ac_compile) 2>&5 12291 (eval $ac_compile) 2>&5
11564 ac_status=$? 12292 ac_status=$?
11565 echo "$as_me:11565: \$? = $ac_status" >&5 12293 echo "$as_me:12293: \$? = $ac_status" >&5
11566 (exit $ac_status); } && 12294 (exit $ac_status); } &&
11567 { ac_try='test -s conftest.$ac_objext' 12295 { ac_try='test -s conftest.$ac_objext'
11568 { (eval echo "$as_me:11568: \"$ac_try\"") >&5 12296 { (eval echo "$as_me:12296: \"$ac_try\"") >&5
11569 (eval $ac_try) 2>&5 12297 (eval $ac_try) 2>&5
11570 ac_status=$? 12298 ac_status=$?
11571 echo "$as_me:11571: \$? = $ac_status" >&5 12299 echo "$as_me:12299: \$? = $ac_status" >&5
11572 (exit $ac_status); }; }; then 12300 (exit $ac_status); }; }; then
11573 ac_cv_have_u_char="yes" 12301 ac_cv_have_u_char="yes"
11574else 12302else
@@ -11580,7 +12308,7 @@ fi
11580rm -f conftest.$ac_objext conftest.$ac_ext 12308rm -f conftest.$ac_objext conftest.$ac_ext
11581 12309
11582fi 12310fi
11583echo "$as_me:11583: result: $ac_cv_have_u_char" >&5 12311echo "$as_me:12311: result: $ac_cv_have_u_char" >&5
11584echo "${ECHO_T}$ac_cv_have_u_char" >&6 12312echo "${ECHO_T}$ac_cv_have_u_char" >&6
11585if test "x$ac_cv_have_u_char" = "xyes" ; then 12313if test "x$ac_cv_have_u_char" = "xyes" ; then
11586 cat >>confdefs.h <<\EOF 12314 cat >>confdefs.h <<\EOF
@@ -11589,13 +12317,13 @@ EOF
11589 12317
11590fi 12318fi
11591 12319
11592 echo "$as_me:11592: checking for socklen_t" >&5 12320 echo "$as_me:12320: checking for socklen_t" >&5
11593echo $ECHO_N "checking for socklen_t... $ECHO_C" >&6 12321echo $ECHO_N "checking for socklen_t... $ECHO_C" >&6
11594if test "${ac_cv_type_socklen_t+set}" = set; then 12322if test "${ac_cv_type_socklen_t+set}" = set; then
11595 echo $ECHO_N "(cached) $ECHO_C" >&6 12323 echo $ECHO_N "(cached) $ECHO_C" >&6
11596else 12324else
11597 cat >conftest.$ac_ext <<_ACEOF 12325 cat >conftest.$ac_ext <<_ACEOF
11598#line 11598 "configure" 12326#line 12326 "configure"
11599#include "confdefs.h" 12327#include "confdefs.h"
11600#include <sys/types.h> 12328#include <sys/types.h>
11601#include <sys/socket.h> 12329#include <sys/socket.h>
@@ -11612,16 +12340,16 @@ if (sizeof (socklen_t))
11612} 12340}
11613_ACEOF 12341_ACEOF
11614rm -f conftest.$ac_objext 12342rm -f conftest.$ac_objext
11615if { (eval echo "$as_me:11615: \"$ac_compile\"") >&5 12343if { (eval echo "$as_me:12343: \"$ac_compile\"") >&5
11616 (eval $ac_compile) 2>&5 12344 (eval $ac_compile) 2>&5
11617 ac_status=$? 12345 ac_status=$?
11618 echo "$as_me:11618: \$? = $ac_status" >&5 12346 echo "$as_me:12346: \$? = $ac_status" >&5
11619 (exit $ac_status); } && 12347 (exit $ac_status); } &&
11620 { ac_try='test -s conftest.$ac_objext' 12348 { ac_try='test -s conftest.$ac_objext'
11621 { (eval echo "$as_me:11621: \"$ac_try\"") >&5 12349 { (eval echo "$as_me:12349: \"$ac_try\"") >&5
11622 (eval $ac_try) 2>&5 12350 (eval $ac_try) 2>&5
11623 ac_status=$? 12351 ac_status=$?
11624 echo "$as_me:11624: \$? = $ac_status" >&5 12352 echo "$as_me:12352: \$? = $ac_status" >&5
11625 (exit $ac_status); }; }; then 12353 (exit $ac_status); }; }; then
11626 ac_cv_type_socklen_t=yes 12354 ac_cv_type_socklen_t=yes
11627else 12355else
@@ -11631,13 +12359,13 @@ ac_cv_type_socklen_t=no
11631fi 12359fi
11632rm -f conftest.$ac_objext conftest.$ac_ext 12360rm -f conftest.$ac_objext conftest.$ac_ext
11633fi 12361fi
11634echo "$as_me:11634: result: $ac_cv_type_socklen_t" >&5 12362echo "$as_me:12362: result: $ac_cv_type_socklen_t" >&5
11635echo "${ECHO_T}$ac_cv_type_socklen_t" >&6 12363echo "${ECHO_T}$ac_cv_type_socklen_t" >&6
11636if test $ac_cv_type_socklen_t = yes; then 12364if test $ac_cv_type_socklen_t = yes; then
11637 : 12365 :
11638else 12366else
11639 12367
11640 echo "$as_me:11640: checking for socklen_t equivalent" >&5 12368 echo "$as_me:12368: checking for socklen_t equivalent" >&5
11641echo $ECHO_N "checking for socklen_t equivalent... $ECHO_C" >&6 12369echo $ECHO_N "checking for socklen_t equivalent... $ECHO_C" >&6
11642 if test "${curl_cv_socklen_t_equiv+set}" = set; then 12370 if test "${curl_cv_socklen_t_equiv+set}" = set; then
11643 echo $ECHO_N "(cached) $ECHO_C" >&6 12371 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -11649,7 +12377,7 @@ else
11649 for arg2 in "struct sockaddr" void; do 12377 for arg2 in "struct sockaddr" void; do
11650 for t in int size_t unsigned long "unsigned long"; do 12378 for t in int size_t unsigned long "unsigned long"; do
11651 cat >conftest.$ac_ext <<_ACEOF 12379 cat >conftest.$ac_ext <<_ACEOF
11652#line 11652 "configure" 12380#line 12380 "configure"
11653#include "confdefs.h" 12381#include "confdefs.h"
11654 12382
11655 #include <sys/types.h> 12383 #include <sys/types.h>
@@ -11669,16 +12397,16 @@ main ()
11669} 12397}
11670_ACEOF 12398_ACEOF
11671rm -f conftest.$ac_objext 12399rm -f conftest.$ac_objext
11672if { (eval echo "$as_me:11672: \"$ac_compile\"") >&5 12400if { (eval echo "$as_me:12400: \"$ac_compile\"") >&5
11673 (eval $ac_compile) 2>&5 12401 (eval $ac_compile) 2>&5
11674 ac_status=$? 12402 ac_status=$?
11675 echo "$as_me:11675: \$? = $ac_status" >&5 12403 echo "$as_me:12403: \$? = $ac_status" >&5
11676 (exit $ac_status); } && 12404 (exit $ac_status); } &&
11677 { ac_try='test -s conftest.$ac_objext' 12405 { ac_try='test -s conftest.$ac_objext'
11678 { (eval echo "$as_me:11678: \"$ac_try\"") >&5 12406 { (eval echo "$as_me:12406: \"$ac_try\"") >&5
11679 (eval $ac_try) 2>&5 12407 (eval $ac_try) 2>&5
11680 ac_status=$? 12408 ac_status=$?
11681 echo "$as_me:11681: \$? = $ac_status" >&5 12409 echo "$as_me:12409: \$? = $ac_status" >&5
11682 (exit $ac_status); }; }; then 12410 (exit $ac_status); }; }; then
11683 12411
11684 curl_cv_socklen_t_equiv="$t" 12412 curl_cv_socklen_t_equiv="$t"
@@ -11693,14 +12421,14 @@ rm -f conftest.$ac_objext conftest.$ac_ext
11693 done 12421 done
11694 12422
11695 if test "x$curl_cv_socklen_t_equiv" = x; then 12423 if test "x$curl_cv_socklen_t_equiv" = x; then
11696 { { echo "$as_me:11696: error: Cannot find a type to use in place of socklen_t" >&5 12424 { { echo "$as_me:12424: error: Cannot find a type to use in place of socklen_t" >&5
11697echo "$as_me: error: Cannot find a type to use in place of socklen_t" >&2;} 12425echo "$as_me: error: Cannot find a type to use in place of socklen_t" >&2;}
11698 { (exit 1); exit 1; }; } 12426 { (exit 1); exit 1; }; }
11699 fi 12427 fi
11700 12428
11701fi 12429fi
11702 12430
11703 echo "$as_me:11703: result: $curl_cv_socklen_t_equiv" >&5 12431 echo "$as_me:12431: result: $curl_cv_socklen_t_equiv" >&5
11704echo "${ECHO_T}$curl_cv_socklen_t_equiv" >&6 12432echo "${ECHO_T}$curl_cv_socklen_t_equiv" >&6
11705 12433
11706cat >>confdefs.h <<EOF 12434cat >>confdefs.h <<EOF
@@ -11709,13 +12437,13 @@ EOF
11709 12437
11710fi 12438fi
11711 12439
11712echo "$as_me:11712: checking for sig_atomic_t" >&5 12440echo "$as_me:12440: checking for sig_atomic_t" >&5
11713echo $ECHO_N "checking for sig_atomic_t... $ECHO_C" >&6 12441echo $ECHO_N "checking for sig_atomic_t... $ECHO_C" >&6
11714if test "${ac_cv_type_sig_atomic_t+set}" = set; then 12442if test "${ac_cv_type_sig_atomic_t+set}" = set; then
11715 echo $ECHO_N "(cached) $ECHO_C" >&6 12443 echo $ECHO_N "(cached) $ECHO_C" >&6
11716else 12444else
11717 cat >conftest.$ac_ext <<_ACEOF 12445 cat >conftest.$ac_ext <<_ACEOF
11718#line 11718 "configure" 12446#line 12446 "configure"
11719#include "confdefs.h" 12447#include "confdefs.h"
11720#include <signal.h> 12448#include <signal.h>
11721 12449
@@ -11731,16 +12459,16 @@ if (sizeof (sig_atomic_t))
11731} 12459}
11732_ACEOF 12460_ACEOF
11733rm -f conftest.$ac_objext 12461rm -f conftest.$ac_objext
11734if { (eval echo "$as_me:11734: \"$ac_compile\"") >&5 12462if { (eval echo "$as_me:12462: \"$ac_compile\"") >&5
11735 (eval $ac_compile) 2>&5 12463 (eval $ac_compile) 2>&5
11736 ac_status=$? 12464 ac_status=$?
11737 echo "$as_me:11737: \$? = $ac_status" >&5 12465 echo "$as_me:12465: \$? = $ac_status" >&5
11738 (exit $ac_status); } && 12466 (exit $ac_status); } &&
11739 { ac_try='test -s conftest.$ac_objext' 12467 { ac_try='test -s conftest.$ac_objext'
11740 { (eval echo "$as_me:11740: \"$ac_try\"") >&5 12468 { (eval echo "$as_me:12468: \"$ac_try\"") >&5
11741 (eval $ac_try) 2>&5 12469 (eval $ac_try) 2>&5
11742 ac_status=$? 12470 ac_status=$?
11743 echo "$as_me:11743: \$? = $ac_status" >&5 12471 echo "$as_me:12471: \$? = $ac_status" >&5
11744 (exit $ac_status); }; }; then 12472 (exit $ac_status); }; }; then
11745 ac_cv_type_sig_atomic_t=yes 12473 ac_cv_type_sig_atomic_t=yes
11746else 12474else
@@ -11750,7 +12478,7 @@ ac_cv_type_sig_atomic_t=no
11750fi 12478fi
11751rm -f conftest.$ac_objext conftest.$ac_ext 12479rm -f conftest.$ac_objext conftest.$ac_ext
11752fi 12480fi
11753echo "$as_me:11753: result: $ac_cv_type_sig_atomic_t" >&5 12481echo "$as_me:12481: result: $ac_cv_type_sig_atomic_t" >&5
11754echo "${ECHO_T}$ac_cv_type_sig_atomic_t" >&6 12482echo "${ECHO_T}$ac_cv_type_sig_atomic_t" >&6
11755if test $ac_cv_type_sig_atomic_t = yes; then 12483if test $ac_cv_type_sig_atomic_t = yes; then
11756 12484
@@ -11760,14 +12488,14 @@ EOF
11760 12488
11761fi 12489fi
11762 12490
11763echo "$as_me:11763: checking for size_t" >&5 12491echo "$as_me:12491: checking for size_t" >&5
11764echo $ECHO_N "checking for size_t... $ECHO_C" >&6 12492echo $ECHO_N "checking for size_t... $ECHO_C" >&6
11765if test "${ac_cv_have_size_t+set}" = set; then 12493if test "${ac_cv_have_size_t+set}" = set; then
11766 echo $ECHO_N "(cached) $ECHO_C" >&6 12494 echo $ECHO_N "(cached) $ECHO_C" >&6
11767else 12495else
11768 12496
11769 cat >conftest.$ac_ext <<_ACEOF 12497 cat >conftest.$ac_ext <<_ACEOF
11770#line 11770 "configure" 12498#line 12498 "configure"
11771#include "confdefs.h" 12499#include "confdefs.h"
11772 12500
11773#include <sys/types.h> 12501#include <sys/types.h>
@@ -11781,16 +12509,16 @@ main ()
11781} 12509}
11782_ACEOF 12510_ACEOF
11783rm -f conftest.$ac_objext 12511rm -f conftest.$ac_objext
11784if { (eval echo "$as_me:11784: \"$ac_compile\"") >&5 12512if { (eval echo "$as_me:12512: \"$ac_compile\"") >&5
11785 (eval $ac_compile) 2>&5 12513 (eval $ac_compile) 2>&5
11786 ac_status=$? 12514 ac_status=$?
11787 echo "$as_me:11787: \$? = $ac_status" >&5 12515 echo "$as_me:12515: \$? = $ac_status" >&5
11788 (exit $ac_status); } && 12516 (exit $ac_status); } &&
11789 { ac_try='test -s conftest.$ac_objext' 12517 { ac_try='test -s conftest.$ac_objext'
11790 { (eval echo "$as_me:11790: \"$ac_try\"") >&5 12518 { (eval echo "$as_me:12518: \"$ac_try\"") >&5
11791 (eval $ac_try) 2>&5 12519 (eval $ac_try) 2>&5
11792 ac_status=$? 12520 ac_status=$?
11793 echo "$as_me:11793: \$? = $ac_status" >&5 12521 echo "$as_me:12521: \$? = $ac_status" >&5
11794 (exit $ac_status); }; }; then 12522 (exit $ac_status); }; }; then
11795 ac_cv_have_size_t="yes" 12523 ac_cv_have_size_t="yes"
11796else 12524else
@@ -11802,7 +12530,7 @@ fi
11802rm -f conftest.$ac_objext conftest.$ac_ext 12530rm -f conftest.$ac_objext conftest.$ac_ext
11803 12531
11804fi 12532fi
11805echo "$as_me:11805: result: $ac_cv_have_size_t" >&5 12533echo "$as_me:12533: result: $ac_cv_have_size_t" >&5
11806echo "${ECHO_T}$ac_cv_have_size_t" >&6 12534echo "${ECHO_T}$ac_cv_have_size_t" >&6
11807if test "x$ac_cv_have_size_t" = "xyes" ; then 12535if test "x$ac_cv_have_size_t" = "xyes" ; then
11808 cat >>confdefs.h <<\EOF 12536 cat >>confdefs.h <<\EOF
@@ -11811,14 +12539,14 @@ EOF
11811 12539
11812fi 12540fi
11813 12541
11814echo "$as_me:11814: checking for ssize_t" >&5 12542echo "$as_me:12542: checking for ssize_t" >&5
11815echo $ECHO_N "checking for ssize_t... $ECHO_C" >&6 12543echo $ECHO_N "checking for ssize_t... $ECHO_C" >&6
11816if test "${ac_cv_have_ssize_t+set}" = set; then 12544if test "${ac_cv_have_ssize_t+set}" = set; then
11817 echo $ECHO_N "(cached) $ECHO_C" >&6 12545 echo $ECHO_N "(cached) $ECHO_C" >&6
11818else 12546else
11819 12547
11820 cat >conftest.$ac_ext <<_ACEOF 12548 cat >conftest.$ac_ext <<_ACEOF
11821#line 11821 "configure" 12549#line 12549 "configure"
11822#include "confdefs.h" 12550#include "confdefs.h"
11823 12551
11824#include <sys/types.h> 12552#include <sys/types.h>
@@ -11832,16 +12560,16 @@ main ()
11832} 12560}
11833_ACEOF 12561_ACEOF
11834rm -f conftest.$ac_objext 12562rm -f conftest.$ac_objext
11835if { (eval echo "$as_me:11835: \"$ac_compile\"") >&5 12563if { (eval echo "$as_me:12563: \"$ac_compile\"") >&5
11836 (eval $ac_compile) 2>&5 12564 (eval $ac_compile) 2>&5
11837 ac_status=$? 12565 ac_status=$?
11838 echo "$as_me:11838: \$? = $ac_status" >&5 12566 echo "$as_me:12566: \$? = $ac_status" >&5
11839 (exit $ac_status); } && 12567 (exit $ac_status); } &&
11840 { ac_try='test -s conftest.$ac_objext' 12568 { ac_try='test -s conftest.$ac_objext'
11841 { (eval echo "$as_me:11841: \"$ac_try\"") >&5 12569 { (eval echo "$as_me:12569: \"$ac_try\"") >&5
11842 (eval $ac_try) 2>&5 12570 (eval $ac_try) 2>&5
11843 ac_status=$? 12571 ac_status=$?
11844 echo "$as_me:11844: \$? = $ac_status" >&5 12572 echo "$as_me:12572: \$? = $ac_status" >&5
11845 (exit $ac_status); }; }; then 12573 (exit $ac_status); }; }; then
11846 ac_cv_have_ssize_t="yes" 12574 ac_cv_have_ssize_t="yes"
11847else 12575else
@@ -11853,7 +12581,7 @@ fi
11853rm -f conftest.$ac_objext conftest.$ac_ext 12581rm -f conftest.$ac_objext conftest.$ac_ext
11854 12582
11855fi 12583fi
11856echo "$as_me:11856: result: $ac_cv_have_ssize_t" >&5 12584echo "$as_me:12584: result: $ac_cv_have_ssize_t" >&5
11857echo "${ECHO_T}$ac_cv_have_ssize_t" >&6 12585echo "${ECHO_T}$ac_cv_have_ssize_t" >&6
11858if test "x$ac_cv_have_ssize_t" = "xyes" ; then 12586if test "x$ac_cv_have_ssize_t" = "xyes" ; then
11859 cat >>confdefs.h <<\EOF 12587 cat >>confdefs.h <<\EOF
@@ -11862,14 +12590,14 @@ EOF
11862 12590
11863fi 12591fi
11864 12592
11865echo "$as_me:11865: checking for clock_t" >&5 12593echo "$as_me:12593: checking for clock_t" >&5
11866echo $ECHO_N "checking for clock_t... $ECHO_C" >&6 12594echo $ECHO_N "checking for clock_t... $ECHO_C" >&6
11867if test "${ac_cv_have_clock_t+set}" = set; then 12595if test "${ac_cv_have_clock_t+set}" = set; then
11868 echo $ECHO_N "(cached) $ECHO_C" >&6 12596 echo $ECHO_N "(cached) $ECHO_C" >&6
11869else 12597else
11870 12598
11871 cat >conftest.$ac_ext <<_ACEOF 12599 cat >conftest.$ac_ext <<_ACEOF
11872#line 11872 "configure" 12600#line 12600 "configure"
11873#include "confdefs.h" 12601#include "confdefs.h"
11874 12602
11875#include <time.h> 12603#include <time.h>
@@ -11883,16 +12611,16 @@ main ()
11883} 12611}
11884_ACEOF 12612_ACEOF
11885rm -f conftest.$ac_objext 12613rm -f conftest.$ac_objext
11886if { (eval echo "$as_me:11886: \"$ac_compile\"") >&5 12614if { (eval echo "$as_me:12614: \"$ac_compile\"") >&5
11887 (eval $ac_compile) 2>&5 12615 (eval $ac_compile) 2>&5
11888 ac_status=$? 12616 ac_status=$?
11889 echo "$as_me:11889: \$? = $ac_status" >&5 12617 echo "$as_me:12617: \$? = $ac_status" >&5
11890 (exit $ac_status); } && 12618 (exit $ac_status); } &&
11891 { ac_try='test -s conftest.$ac_objext' 12619 { ac_try='test -s conftest.$ac_objext'
11892 { (eval echo "$as_me:11892: \"$ac_try\"") >&5 12620 { (eval echo "$as_me:12620: \"$ac_try\"") >&5
11893 (eval $ac_try) 2>&5 12621 (eval $ac_try) 2>&5
11894 ac_status=$? 12622 ac_status=$?
11895 echo "$as_me:11895: \$? = $ac_status" >&5 12623 echo "$as_me:12623: \$? = $ac_status" >&5
11896 (exit $ac_status); }; }; then 12624 (exit $ac_status); }; }; then
11897 ac_cv_have_clock_t="yes" 12625 ac_cv_have_clock_t="yes"
11898else 12626else
@@ -11904,7 +12632,7 @@ fi
11904rm -f conftest.$ac_objext conftest.$ac_ext 12632rm -f conftest.$ac_objext conftest.$ac_ext
11905 12633
11906fi 12634fi
11907echo "$as_me:11907: result: $ac_cv_have_clock_t" >&5 12635echo "$as_me:12635: result: $ac_cv_have_clock_t" >&5
11908echo "${ECHO_T}$ac_cv_have_clock_t" >&6 12636echo "${ECHO_T}$ac_cv_have_clock_t" >&6
11909if test "x$ac_cv_have_clock_t" = "xyes" ; then 12637if test "x$ac_cv_have_clock_t" = "xyes" ; then
11910 cat >>confdefs.h <<\EOF 12638 cat >>confdefs.h <<\EOF
@@ -11913,14 +12641,14 @@ EOF
11913 12641
11914fi 12642fi
11915 12643
11916echo "$as_me:11916: checking for sa_family_t" >&5 12644echo "$as_me:12644: checking for sa_family_t" >&5
11917echo $ECHO_N "checking for sa_family_t... $ECHO_C" >&6 12645echo $ECHO_N "checking for sa_family_t... $ECHO_C" >&6
11918if test "${ac_cv_have_sa_family_t+set}" = set; then 12646if test "${ac_cv_have_sa_family_t+set}" = set; then
11919 echo $ECHO_N "(cached) $ECHO_C" >&6 12647 echo $ECHO_N "(cached) $ECHO_C" >&6
11920else 12648else
11921 12649
11922 cat >conftest.$ac_ext <<_ACEOF 12650 cat >conftest.$ac_ext <<_ACEOF
11923#line 11923 "configure" 12651#line 12651 "configure"
11924#include "confdefs.h" 12652#include "confdefs.h"
11925 12653
11926#include <sys/types.h> 12654#include <sys/types.h>
@@ -11935,23 +12663,23 @@ main ()
11935} 12663}
11936_ACEOF 12664_ACEOF
11937rm -f conftest.$ac_objext 12665rm -f conftest.$ac_objext
11938if { (eval echo "$as_me:11938: \"$ac_compile\"") >&5 12666if { (eval echo "$as_me:12666: \"$ac_compile\"") >&5
11939 (eval $ac_compile) 2>&5 12667 (eval $ac_compile) 2>&5
11940 ac_status=$? 12668 ac_status=$?
11941 echo "$as_me:11941: \$? = $ac_status" >&5 12669 echo "$as_me:12669: \$? = $ac_status" >&5
11942 (exit $ac_status); } && 12670 (exit $ac_status); } &&
11943 { ac_try='test -s conftest.$ac_objext' 12671 { ac_try='test -s conftest.$ac_objext'
11944 { (eval echo "$as_me:11944: \"$ac_try\"") >&5 12672 { (eval echo "$as_me:12672: \"$ac_try\"") >&5
11945 (eval $ac_try) 2>&5 12673 (eval $ac_try) 2>&5
11946 ac_status=$? 12674 ac_status=$?
11947 echo "$as_me:11947: \$? = $ac_status" >&5 12675 echo "$as_me:12675: \$? = $ac_status" >&5
11948 (exit $ac_status); }; }; then 12676 (exit $ac_status); }; }; then
11949 ac_cv_have_sa_family_t="yes" 12677 ac_cv_have_sa_family_t="yes"
11950else 12678else
11951 echo "$as_me: failed program was:" >&5 12679 echo "$as_me: failed program was:" >&5
11952cat conftest.$ac_ext >&5 12680cat conftest.$ac_ext >&5
11953 cat >conftest.$ac_ext <<_ACEOF 12681 cat >conftest.$ac_ext <<_ACEOF
11954#line 11954 "configure" 12682#line 12682 "configure"
11955#include "confdefs.h" 12683#include "confdefs.h"
11956 12684
11957#include <sys/types.h> 12685#include <sys/types.h>
@@ -11967,16 +12695,16 @@ main ()
11967} 12695}
11968_ACEOF 12696_ACEOF
11969rm -f conftest.$ac_objext 12697rm -f conftest.$ac_objext
11970if { (eval echo "$as_me:11970: \"$ac_compile\"") >&5 12698if { (eval echo "$as_me:12698: \"$ac_compile\"") >&5
11971 (eval $ac_compile) 2>&5 12699 (eval $ac_compile) 2>&5
11972 ac_status=$? 12700 ac_status=$?
11973 echo "$as_me:11973: \$? = $ac_status" >&5 12701 echo "$as_me:12701: \$? = $ac_status" >&5
11974 (exit $ac_status); } && 12702 (exit $ac_status); } &&
11975 { ac_try='test -s conftest.$ac_objext' 12703 { ac_try='test -s conftest.$ac_objext'
11976 { (eval echo "$as_me:11976: \"$ac_try\"") >&5 12704 { (eval echo "$as_me:12704: \"$ac_try\"") >&5
11977 (eval $ac_try) 2>&5 12705 (eval $ac_try) 2>&5
11978 ac_status=$? 12706 ac_status=$?
11979 echo "$as_me:11979: \$? = $ac_status" >&5 12707 echo "$as_me:12707: \$? = $ac_status" >&5
11980 (exit $ac_status); }; }; then 12708 (exit $ac_status); }; }; then
11981 ac_cv_have_sa_family_t="yes" 12709 ac_cv_have_sa_family_t="yes"
11982else 12710else
@@ -11991,7 +12719,7 @@ fi
11991rm -f conftest.$ac_objext conftest.$ac_ext 12719rm -f conftest.$ac_objext conftest.$ac_ext
11992 12720
11993fi 12721fi
11994echo "$as_me:11994: result: $ac_cv_have_sa_family_t" >&5 12722echo "$as_me:12722: result: $ac_cv_have_sa_family_t" >&5
11995echo "${ECHO_T}$ac_cv_have_sa_family_t" >&6 12723echo "${ECHO_T}$ac_cv_have_sa_family_t" >&6
11996if test "x$ac_cv_have_sa_family_t" = "xyes" ; then 12724if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
11997 cat >>confdefs.h <<\EOF 12725 cat >>confdefs.h <<\EOF
@@ -12000,14 +12728,14 @@ EOF
12000 12728
12001fi 12729fi
12002 12730
12003echo "$as_me:12003: checking for pid_t" >&5 12731echo "$as_me:12731: checking for pid_t" >&5
12004echo $ECHO_N "checking for pid_t... $ECHO_C" >&6 12732echo $ECHO_N "checking for pid_t... $ECHO_C" >&6
12005if test "${ac_cv_have_pid_t+set}" = set; then 12733if test "${ac_cv_have_pid_t+set}" = set; then
12006 echo $ECHO_N "(cached) $ECHO_C" >&6 12734 echo $ECHO_N "(cached) $ECHO_C" >&6
12007else 12735else
12008 12736
12009 cat >conftest.$ac_ext <<_ACEOF 12737 cat >conftest.$ac_ext <<_ACEOF
12010#line 12010 "configure" 12738#line 12738 "configure"
12011#include "confdefs.h" 12739#include "confdefs.h"
12012 12740
12013#include <sys/types.h> 12741#include <sys/types.h>
@@ -12021,16 +12749,16 @@ main ()
12021} 12749}
12022_ACEOF 12750_ACEOF
12023rm -f conftest.$ac_objext 12751rm -f conftest.$ac_objext
12024if { (eval echo "$as_me:12024: \"$ac_compile\"") >&5 12752if { (eval echo "$as_me:12752: \"$ac_compile\"") >&5
12025 (eval $ac_compile) 2>&5 12753 (eval $ac_compile) 2>&5
12026 ac_status=$? 12754 ac_status=$?
12027 echo "$as_me:12027: \$? = $ac_status" >&5 12755 echo "$as_me:12755: \$? = $ac_status" >&5
12028 (exit $ac_status); } && 12756 (exit $ac_status); } &&
12029 { ac_try='test -s conftest.$ac_objext' 12757 { ac_try='test -s conftest.$ac_objext'
12030 { (eval echo "$as_me:12030: \"$ac_try\"") >&5 12758 { (eval echo "$as_me:12758: \"$ac_try\"") >&5
12031 (eval $ac_try) 2>&5 12759 (eval $ac_try) 2>&5
12032 ac_status=$? 12760 ac_status=$?
12033 echo "$as_me:12033: \$? = $ac_status" >&5 12761 echo "$as_me:12761: \$? = $ac_status" >&5
12034 (exit $ac_status); }; }; then 12762 (exit $ac_status); }; }; then
12035 ac_cv_have_pid_t="yes" 12763 ac_cv_have_pid_t="yes"
12036else 12764else
@@ -12042,7 +12770,7 @@ fi
12042rm -f conftest.$ac_objext conftest.$ac_ext 12770rm -f conftest.$ac_objext conftest.$ac_ext
12043 12771
12044fi 12772fi
12045echo "$as_me:12045: result: $ac_cv_have_pid_t" >&5 12773echo "$as_me:12773: result: $ac_cv_have_pid_t" >&5
12046echo "${ECHO_T}$ac_cv_have_pid_t" >&6 12774echo "${ECHO_T}$ac_cv_have_pid_t" >&6
12047if test "x$ac_cv_have_pid_t" = "xyes" ; then 12775if test "x$ac_cv_have_pid_t" = "xyes" ; then
12048 cat >>confdefs.h <<\EOF 12776 cat >>confdefs.h <<\EOF
@@ -12051,14 +12779,14 @@ EOF
12051 12779
12052fi 12780fi
12053 12781
12054echo "$as_me:12054: checking for mode_t" >&5 12782echo "$as_me:12782: checking for mode_t" >&5
12055echo $ECHO_N "checking for mode_t... $ECHO_C" >&6 12783echo $ECHO_N "checking for mode_t... $ECHO_C" >&6
12056if test "${ac_cv_have_mode_t+set}" = set; then 12784if test "${ac_cv_have_mode_t+set}" = set; then
12057 echo $ECHO_N "(cached) $ECHO_C" >&6 12785 echo $ECHO_N "(cached) $ECHO_C" >&6
12058else 12786else
12059 12787
12060 cat >conftest.$ac_ext <<_ACEOF 12788 cat >conftest.$ac_ext <<_ACEOF
12061#line 12061 "configure" 12789#line 12789 "configure"
12062#include "confdefs.h" 12790#include "confdefs.h"
12063 12791
12064#include <sys/types.h> 12792#include <sys/types.h>
@@ -12072,16 +12800,16 @@ main ()
12072} 12800}
12073_ACEOF 12801_ACEOF
12074rm -f conftest.$ac_objext 12802rm -f conftest.$ac_objext
12075if { (eval echo "$as_me:12075: \"$ac_compile\"") >&5 12803if { (eval echo "$as_me:12803: \"$ac_compile\"") >&5
12076 (eval $ac_compile) 2>&5 12804 (eval $ac_compile) 2>&5
12077 ac_status=$? 12805 ac_status=$?
12078 echo "$as_me:12078: \$? = $ac_status" >&5 12806 echo "$as_me:12806: \$? = $ac_status" >&5
12079 (exit $ac_status); } && 12807 (exit $ac_status); } &&
12080 { ac_try='test -s conftest.$ac_objext' 12808 { ac_try='test -s conftest.$ac_objext'
12081 { (eval echo "$as_me:12081: \"$ac_try\"") >&5 12809 { (eval echo "$as_me:12809: \"$ac_try\"") >&5
12082 (eval $ac_try) 2>&5 12810 (eval $ac_try) 2>&5
12083 ac_status=$? 12811 ac_status=$?
12084 echo "$as_me:12084: \$? = $ac_status" >&5 12812 echo "$as_me:12812: \$? = $ac_status" >&5
12085 (exit $ac_status); }; }; then 12813 (exit $ac_status); }; }; then
12086 ac_cv_have_mode_t="yes" 12814 ac_cv_have_mode_t="yes"
12087else 12815else
@@ -12093,7 +12821,7 @@ fi
12093rm -f conftest.$ac_objext conftest.$ac_ext 12821rm -f conftest.$ac_objext conftest.$ac_ext
12094 12822
12095fi 12823fi
12096echo "$as_me:12096: result: $ac_cv_have_mode_t" >&5 12824echo "$as_me:12824: result: $ac_cv_have_mode_t" >&5
12097echo "${ECHO_T}$ac_cv_have_mode_t" >&6 12825echo "${ECHO_T}$ac_cv_have_mode_t" >&6
12098if test "x$ac_cv_have_mode_t" = "xyes" ; then 12826if test "x$ac_cv_have_mode_t" = "xyes" ; then
12099 cat >>confdefs.h <<\EOF 12827 cat >>confdefs.h <<\EOF
@@ -12102,14 +12830,14 @@ EOF
12102 12830
12103fi 12831fi
12104 12832
12105echo "$as_me:12105: checking for struct sockaddr_storage" >&5 12833echo "$as_me:12833: checking for struct sockaddr_storage" >&5
12106echo $ECHO_N "checking for struct sockaddr_storage... $ECHO_C" >&6 12834echo $ECHO_N "checking for struct sockaddr_storage... $ECHO_C" >&6
12107if test "${ac_cv_have_struct_sockaddr_storage+set}" = set; then 12835if test "${ac_cv_have_struct_sockaddr_storage+set}" = set; then
12108 echo $ECHO_N "(cached) $ECHO_C" >&6 12836 echo $ECHO_N "(cached) $ECHO_C" >&6
12109else 12837else
12110 12838
12111 cat >conftest.$ac_ext <<_ACEOF 12839 cat >conftest.$ac_ext <<_ACEOF
12112#line 12112 "configure" 12840#line 12840 "configure"
12113#include "confdefs.h" 12841#include "confdefs.h"
12114 12842
12115#include <sys/types.h> 12843#include <sys/types.h>
@@ -12124,16 +12852,16 @@ main ()
12124} 12852}
12125_ACEOF 12853_ACEOF
12126rm -f conftest.$ac_objext 12854rm -f conftest.$ac_objext
12127if { (eval echo "$as_me:12127: \"$ac_compile\"") >&5 12855if { (eval echo "$as_me:12855: \"$ac_compile\"") >&5
12128 (eval $ac_compile) 2>&5 12856 (eval $ac_compile) 2>&5
12129 ac_status=$? 12857 ac_status=$?
12130 echo "$as_me:12130: \$? = $ac_status" >&5 12858 echo "$as_me:12858: \$? = $ac_status" >&5
12131 (exit $ac_status); } && 12859 (exit $ac_status); } &&
12132 { ac_try='test -s conftest.$ac_objext' 12860 { ac_try='test -s conftest.$ac_objext'
12133 { (eval echo "$as_me:12133: \"$ac_try\"") >&5 12861 { (eval echo "$as_me:12861: \"$ac_try\"") >&5
12134 (eval $ac_try) 2>&5 12862 (eval $ac_try) 2>&5
12135 ac_status=$? 12863 ac_status=$?
12136 echo "$as_me:12136: \$? = $ac_status" >&5 12864 echo "$as_me:12864: \$? = $ac_status" >&5
12137 (exit $ac_status); }; }; then 12865 (exit $ac_status); }; }; then
12138 ac_cv_have_struct_sockaddr_storage="yes" 12866 ac_cv_have_struct_sockaddr_storage="yes"
12139else 12867else
@@ -12145,7 +12873,7 @@ fi
12145rm -f conftest.$ac_objext conftest.$ac_ext 12873rm -f conftest.$ac_objext conftest.$ac_ext
12146 12874
12147fi 12875fi
12148echo "$as_me:12148: result: $ac_cv_have_struct_sockaddr_storage" >&5 12876echo "$as_me:12876: result: $ac_cv_have_struct_sockaddr_storage" >&5
12149echo "${ECHO_T}$ac_cv_have_struct_sockaddr_storage" >&6 12877echo "${ECHO_T}$ac_cv_have_struct_sockaddr_storage" >&6
12150if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then 12878if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
12151 cat >>confdefs.h <<\EOF 12879 cat >>confdefs.h <<\EOF
@@ -12154,14 +12882,14 @@ EOF
12154 12882
12155fi 12883fi
12156 12884
12157echo "$as_me:12157: checking for struct sockaddr_in6" >&5 12885echo "$as_me:12885: checking for struct sockaddr_in6" >&5
12158echo $ECHO_N "checking for struct sockaddr_in6... $ECHO_C" >&6 12886echo $ECHO_N "checking for struct sockaddr_in6... $ECHO_C" >&6
12159if test "${ac_cv_have_struct_sockaddr_in6+set}" = set; then 12887if test "${ac_cv_have_struct_sockaddr_in6+set}" = set; then
12160 echo $ECHO_N "(cached) $ECHO_C" >&6 12888 echo $ECHO_N "(cached) $ECHO_C" >&6
12161else 12889else
12162 12890
12163 cat >conftest.$ac_ext <<_ACEOF 12891 cat >conftest.$ac_ext <<_ACEOF
12164#line 12164 "configure" 12892#line 12892 "configure"
12165#include "confdefs.h" 12893#include "confdefs.h"
12166 12894
12167#include <sys/types.h> 12895#include <sys/types.h>
@@ -12176,16 +12904,16 @@ main ()
12176} 12904}
12177_ACEOF 12905_ACEOF
12178rm -f conftest.$ac_objext 12906rm -f conftest.$ac_objext
12179if { (eval echo "$as_me:12179: \"$ac_compile\"") >&5 12907if { (eval echo "$as_me:12907: \"$ac_compile\"") >&5
12180 (eval $ac_compile) 2>&5 12908 (eval $ac_compile) 2>&5
12181 ac_status=$? 12909 ac_status=$?
12182 echo "$as_me:12182: \$? = $ac_status" >&5 12910 echo "$as_me:12910: \$? = $ac_status" >&5
12183 (exit $ac_status); } && 12911 (exit $ac_status); } &&
12184 { ac_try='test -s conftest.$ac_objext' 12912 { ac_try='test -s conftest.$ac_objext'
12185 { (eval echo "$as_me:12185: \"$ac_try\"") >&5 12913 { (eval echo "$as_me:12913: \"$ac_try\"") >&5
12186 (eval $ac_try) 2>&5 12914 (eval $ac_try) 2>&5
12187 ac_status=$? 12915 ac_status=$?
12188 echo "$as_me:12188: \$? = $ac_status" >&5 12916 echo "$as_me:12916: \$? = $ac_status" >&5
12189 (exit $ac_status); }; }; then 12917 (exit $ac_status); }; }; then
12190 ac_cv_have_struct_sockaddr_in6="yes" 12918 ac_cv_have_struct_sockaddr_in6="yes"
12191else 12919else
@@ -12197,7 +12925,7 @@ fi
12197rm -f conftest.$ac_objext conftest.$ac_ext 12925rm -f conftest.$ac_objext conftest.$ac_ext
12198 12926
12199fi 12927fi
12200echo "$as_me:12200: result: $ac_cv_have_struct_sockaddr_in6" >&5 12928echo "$as_me:12928: result: $ac_cv_have_struct_sockaddr_in6" >&5
12201echo "${ECHO_T}$ac_cv_have_struct_sockaddr_in6" >&6 12929echo "${ECHO_T}$ac_cv_have_struct_sockaddr_in6" >&6
12202if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then 12930if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
12203 cat >>confdefs.h <<\EOF 12931 cat >>confdefs.h <<\EOF
@@ -12206,14 +12934,14 @@ EOF
12206 12934
12207fi 12935fi
12208 12936
12209echo "$as_me:12209: checking for struct in6_addr" >&5 12937echo "$as_me:12937: checking for struct in6_addr" >&5
12210echo $ECHO_N "checking for struct in6_addr... $ECHO_C" >&6 12938echo $ECHO_N "checking for struct in6_addr... $ECHO_C" >&6
12211if test "${ac_cv_have_struct_in6_addr+set}" = set; then 12939if test "${ac_cv_have_struct_in6_addr+set}" = set; then
12212 echo $ECHO_N "(cached) $ECHO_C" >&6 12940 echo $ECHO_N "(cached) $ECHO_C" >&6
12213else 12941else
12214 12942
12215 cat >conftest.$ac_ext <<_ACEOF 12943 cat >conftest.$ac_ext <<_ACEOF
12216#line 12216 "configure" 12944#line 12944 "configure"
12217#include "confdefs.h" 12945#include "confdefs.h"
12218 12946
12219#include <sys/types.h> 12947#include <sys/types.h>
@@ -12228,16 +12956,16 @@ main ()
12228} 12956}
12229_ACEOF 12957_ACEOF
12230rm -f conftest.$ac_objext 12958rm -f conftest.$ac_objext
12231if { (eval echo "$as_me:12231: \"$ac_compile\"") >&5 12959if { (eval echo "$as_me:12959: \"$ac_compile\"") >&5
12232 (eval $ac_compile) 2>&5 12960 (eval $ac_compile) 2>&5
12233 ac_status=$? 12961 ac_status=$?
12234 echo "$as_me:12234: \$? = $ac_status" >&5 12962 echo "$as_me:12962: \$? = $ac_status" >&5
12235 (exit $ac_status); } && 12963 (exit $ac_status); } &&
12236 { ac_try='test -s conftest.$ac_objext' 12964 { ac_try='test -s conftest.$ac_objext'
12237 { (eval echo "$as_me:12237: \"$ac_try\"") >&5 12965 { (eval echo "$as_me:12965: \"$ac_try\"") >&5
12238 (eval $ac_try) 2>&5 12966 (eval $ac_try) 2>&5
12239 ac_status=$? 12967 ac_status=$?
12240 echo "$as_me:12240: \$? = $ac_status" >&5 12968 echo "$as_me:12968: \$? = $ac_status" >&5
12241 (exit $ac_status); }; }; then 12969 (exit $ac_status); }; }; then
12242 ac_cv_have_struct_in6_addr="yes" 12970 ac_cv_have_struct_in6_addr="yes"
12243else 12971else
@@ -12249,7 +12977,7 @@ fi
12249rm -f conftest.$ac_objext conftest.$ac_ext 12977rm -f conftest.$ac_objext conftest.$ac_ext
12250 12978
12251fi 12979fi
12252echo "$as_me:12252: result: $ac_cv_have_struct_in6_addr" >&5 12980echo "$as_me:12980: result: $ac_cv_have_struct_in6_addr" >&5
12253echo "${ECHO_T}$ac_cv_have_struct_in6_addr" >&6 12981echo "${ECHO_T}$ac_cv_have_struct_in6_addr" >&6
12254if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then 12982if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
12255 cat >>confdefs.h <<\EOF 12983 cat >>confdefs.h <<\EOF
@@ -12258,14 +12986,14 @@ EOF
12258 12986
12259fi 12987fi
12260 12988
12261echo "$as_me:12261: checking for struct addrinfo" >&5 12989echo "$as_me:12989: checking for struct addrinfo" >&5
12262echo $ECHO_N "checking for struct addrinfo... $ECHO_C" >&6 12990echo $ECHO_N "checking for struct addrinfo... $ECHO_C" >&6
12263if test "${ac_cv_have_struct_addrinfo+set}" = set; then 12991if test "${ac_cv_have_struct_addrinfo+set}" = set; then
12264 echo $ECHO_N "(cached) $ECHO_C" >&6 12992 echo $ECHO_N "(cached) $ECHO_C" >&6
12265else 12993else
12266 12994
12267 cat >conftest.$ac_ext <<_ACEOF 12995 cat >conftest.$ac_ext <<_ACEOF
12268#line 12268 "configure" 12996#line 12996 "configure"
12269#include "confdefs.h" 12997#include "confdefs.h"
12270 12998
12271#include <sys/types.h> 12999#include <sys/types.h>
@@ -12281,16 +13009,16 @@ main ()
12281} 13009}
12282_ACEOF 13010_ACEOF
12283rm -f conftest.$ac_objext 13011rm -f conftest.$ac_objext
12284if { (eval echo "$as_me:12284: \"$ac_compile\"") >&5 13012if { (eval echo "$as_me:13012: \"$ac_compile\"") >&5
12285 (eval $ac_compile) 2>&5 13013 (eval $ac_compile) 2>&5
12286 ac_status=$? 13014 ac_status=$?
12287 echo "$as_me:12287: \$? = $ac_status" >&5 13015 echo "$as_me:13015: \$? = $ac_status" >&5
12288 (exit $ac_status); } && 13016 (exit $ac_status); } &&
12289 { ac_try='test -s conftest.$ac_objext' 13017 { ac_try='test -s conftest.$ac_objext'
12290 { (eval echo "$as_me:12290: \"$ac_try\"") >&5 13018 { (eval echo "$as_me:13018: \"$ac_try\"") >&5
12291 (eval $ac_try) 2>&5 13019 (eval $ac_try) 2>&5
12292 ac_status=$? 13020 ac_status=$?
12293 echo "$as_me:12293: \$? = $ac_status" >&5 13021 echo "$as_me:13021: \$? = $ac_status" >&5
12294 (exit $ac_status); }; }; then 13022 (exit $ac_status); }; }; then
12295 ac_cv_have_struct_addrinfo="yes" 13023 ac_cv_have_struct_addrinfo="yes"
12296else 13024else
@@ -12302,7 +13030,7 @@ fi
12302rm -f conftest.$ac_objext conftest.$ac_ext 13030rm -f conftest.$ac_objext conftest.$ac_ext
12303 13031
12304fi 13032fi
12305echo "$as_me:12305: result: $ac_cv_have_struct_addrinfo" >&5 13033echo "$as_me:13033: result: $ac_cv_have_struct_addrinfo" >&5
12306echo "${ECHO_T}$ac_cv_have_struct_addrinfo" >&6 13034echo "${ECHO_T}$ac_cv_have_struct_addrinfo" >&6
12307if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then 13035if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
12308 cat >>confdefs.h <<\EOF 13036 cat >>confdefs.h <<\EOF
@@ -12311,14 +13039,14 @@ EOF
12311 13039
12312fi 13040fi
12313 13041
12314echo "$as_me:12314: checking for struct timeval" >&5 13042echo "$as_me:13042: checking for struct timeval" >&5
12315echo $ECHO_N "checking for struct timeval... $ECHO_C" >&6 13043echo $ECHO_N "checking for struct timeval... $ECHO_C" >&6
12316if test "${ac_cv_have_struct_timeval+set}" = set; then 13044if test "${ac_cv_have_struct_timeval+set}" = set; then
12317 echo $ECHO_N "(cached) $ECHO_C" >&6 13045 echo $ECHO_N "(cached) $ECHO_C" >&6
12318else 13046else
12319 13047
12320 cat >conftest.$ac_ext <<_ACEOF 13048 cat >conftest.$ac_ext <<_ACEOF
12321#line 12321 "configure" 13049#line 13049 "configure"
12322#include "confdefs.h" 13050#include "confdefs.h"
12323 #include <sys/time.h> 13051 #include <sys/time.h>
12324int 13052int
@@ -12330,16 +13058,16 @@ main ()
12330} 13058}
12331_ACEOF 13059_ACEOF
12332rm -f conftest.$ac_objext 13060rm -f conftest.$ac_objext
12333if { (eval echo "$as_me:12333: \"$ac_compile\"") >&5 13061if { (eval echo "$as_me:13061: \"$ac_compile\"") >&5
12334 (eval $ac_compile) 2>&5 13062 (eval $ac_compile) 2>&5
12335 ac_status=$? 13063 ac_status=$?
12336 echo "$as_me:12336: \$? = $ac_status" >&5 13064 echo "$as_me:13064: \$? = $ac_status" >&5
12337 (exit $ac_status); } && 13065 (exit $ac_status); } &&
12338 { ac_try='test -s conftest.$ac_objext' 13066 { ac_try='test -s conftest.$ac_objext'
12339 { (eval echo "$as_me:12339: \"$ac_try\"") >&5 13067 { (eval echo "$as_me:13067: \"$ac_try\"") >&5
12340 (eval $ac_try) 2>&5 13068 (eval $ac_try) 2>&5
12341 ac_status=$? 13069 ac_status=$?
12342 echo "$as_me:12342: \$? = $ac_status" >&5 13070 echo "$as_me:13070: \$? = $ac_status" >&5
12343 (exit $ac_status); }; }; then 13071 (exit $ac_status); }; }; then
12344 ac_cv_have_struct_timeval="yes" 13072 ac_cv_have_struct_timeval="yes"
12345else 13073else
@@ -12351,7 +13079,7 @@ fi
12351rm -f conftest.$ac_objext conftest.$ac_ext 13079rm -f conftest.$ac_objext conftest.$ac_ext
12352 13080
12353fi 13081fi
12354echo "$as_me:12354: result: $ac_cv_have_struct_timeval" >&5 13082echo "$as_me:13082: result: $ac_cv_have_struct_timeval" >&5
12355echo "${ECHO_T}$ac_cv_have_struct_timeval" >&6 13083echo "${ECHO_T}$ac_cv_have_struct_timeval" >&6
12356if test "x$ac_cv_have_struct_timeval" = "xyes" ; then 13084if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
12357 cat >>confdefs.h <<\EOF 13085 cat >>confdefs.h <<\EOF
@@ -12361,13 +13089,13 @@ EOF
12361 have_struct_timeval=1 13089 have_struct_timeval=1
12362fi 13090fi
12363 13091
12364echo "$as_me:12364: checking for struct timespec" >&5 13092echo "$as_me:13092: checking for struct timespec" >&5
12365echo $ECHO_N "checking for struct timespec... $ECHO_C" >&6 13093echo $ECHO_N "checking for struct timespec... $ECHO_C" >&6
12366if test "${ac_cv_type_struct_timespec+set}" = set; then 13094if test "${ac_cv_type_struct_timespec+set}" = set; then
12367 echo $ECHO_N "(cached) $ECHO_C" >&6 13095 echo $ECHO_N "(cached) $ECHO_C" >&6
12368else 13096else
12369 cat >conftest.$ac_ext <<_ACEOF 13097 cat >conftest.$ac_ext <<_ACEOF
12370#line 12370 "configure" 13098#line 13098 "configure"
12371#include "confdefs.h" 13099#include "confdefs.h"
12372$ac_includes_default 13100$ac_includes_default
12373int 13101int
@@ -12382,16 +13110,16 @@ if (sizeof (struct timespec))
12382} 13110}
12383_ACEOF 13111_ACEOF
12384rm -f conftest.$ac_objext 13112rm -f conftest.$ac_objext
12385if { (eval echo "$as_me:12385: \"$ac_compile\"") >&5 13113if { (eval echo "$as_me:13113: \"$ac_compile\"") >&5
12386 (eval $ac_compile) 2>&5 13114 (eval $ac_compile) 2>&5
12387 ac_status=$? 13115 ac_status=$?
12388 echo "$as_me:12388: \$? = $ac_status" >&5 13116 echo "$as_me:13116: \$? = $ac_status" >&5
12389 (exit $ac_status); } && 13117 (exit $ac_status); } &&
12390 { ac_try='test -s conftest.$ac_objext' 13118 { ac_try='test -s conftest.$ac_objext'
12391 { (eval echo "$as_me:12391: \"$ac_try\"") >&5 13119 { (eval echo "$as_me:13119: \"$ac_try\"") >&5
12392 (eval $ac_try) 2>&5 13120 (eval $ac_try) 2>&5
12393 ac_status=$? 13121 ac_status=$?
12394 echo "$as_me:12394: \$? = $ac_status" >&5 13122 echo "$as_me:13122: \$? = $ac_status" >&5
12395 (exit $ac_status); }; }; then 13123 (exit $ac_status); }; }; then
12396 ac_cv_type_struct_timespec=yes 13124 ac_cv_type_struct_timespec=yes
12397else 13125else
@@ -12401,7 +13129,7 @@ ac_cv_type_struct_timespec=no
12401fi 13129fi
12402rm -f conftest.$ac_objext conftest.$ac_ext 13130rm -f conftest.$ac_objext conftest.$ac_ext
12403fi 13131fi
12404echo "$as_me:12404: result: $ac_cv_type_struct_timespec" >&5 13132echo "$as_me:13132: result: $ac_cv_type_struct_timespec" >&5
12405echo "${ECHO_T}$ac_cv_type_struct_timespec" >&6 13133echo "${ECHO_T}$ac_cv_type_struct_timespec" >&6
12406if test $ac_cv_type_struct_timespec = yes; then 13134if test $ac_cv_type_struct_timespec = yes; then
12407 13135
@@ -12421,12 +13149,12 @@ if test "x$ac_cv_have_int64_t" = "xno" -a \
12421 exit 1; 13149 exit 1;
12422else 13150else
12423 if test "$cross_compiling" = yes; then 13151 if test "$cross_compiling" = yes; then
12424 { { echo "$as_me:12424: error: cannot run test program while cross compiling" >&5 13152 { { echo "$as_me:13152: error: cannot run test program while cross compiling" >&5
12425echo "$as_me: error: cannot run test program while cross compiling" >&2;} 13153echo "$as_me: error: cannot run test program while cross compiling" >&2;}
12426 { (exit 1); exit 1; }; } 13154 { (exit 1); exit 1; }; }
12427else 13155else
12428 cat >conftest.$ac_ext <<_ACEOF 13156 cat >conftest.$ac_ext <<_ACEOF
12429#line 12429 "configure" 13157#line 13157 "configure"
12430#include "confdefs.h" 13158#include "confdefs.h"
12431 13159
12432#include <stdio.h> 13160#include <stdio.h>
@@ -12445,7 +13173,7 @@ main()
12445 strcpy(expected_out, "9223372036854775807"); 13173 strcpy(expected_out, "9223372036854775807");
12446 snprintf(buf, mazsize, "%lld", num); 13174 snprintf(buf, mazsize, "%lld", num);
12447 if(strcmp(buf, expected_out) != 0) 13175 if(strcmp(buf, expected_out) != 0)
12448 exit(1); 13176 exit(1);
12449 exit(0); 13177 exit(0);
12450} 13178}
12451#else 13179#else
@@ -12454,15 +13182,15 @@ main() { exit(0); }
12454 13182
12455_ACEOF 13183_ACEOF
12456rm -f conftest$ac_exeext 13184rm -f conftest$ac_exeext
12457if { (eval echo "$as_me:12457: \"$ac_link\"") >&5 13185if { (eval echo "$as_me:13185: \"$ac_link\"") >&5
12458 (eval $ac_link) 2>&5 13186 (eval $ac_link) 2>&5
12459 ac_status=$? 13187 ac_status=$?
12460 echo "$as_me:12460: \$? = $ac_status" >&5 13188 echo "$as_me:13188: \$? = $ac_status" >&5
12461 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' 13189 (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
12462 { (eval echo "$as_me:12462: \"$ac_try\"") >&5 13190 { (eval echo "$as_me:13190: \"$ac_try\"") >&5
12463 (eval $ac_try) 2>&5 13191 (eval $ac_try) 2>&5
12464 ac_status=$? 13192 ac_status=$?
12465 echo "$as_me:12465: \$? = $ac_status" >&5 13193 echo "$as_me:13193: \$? = $ac_status" >&5
12466 (exit $ac_status); }; }; then 13194 (exit $ac_status); }; }; then
12467 true 13195 true
12468else 13196else
@@ -12481,14 +13209,14 @@ fi
12481# look for field 'ut_host' in header 'utmp.h' 13209# look for field 'ut_host' in header 'utmp.h'
12482 ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` 13210 ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'`
12483 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_host 13211 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_host
12484 echo "$as_me:12484: checking for ut_host field in utmp.h" >&5 13212 echo "$as_me:13212: checking for ut_host field in utmp.h" >&5
12485echo $ECHO_N "checking for ut_host field in utmp.h... $ECHO_C" >&6 13213echo $ECHO_N "checking for ut_host field in utmp.h... $ECHO_C" >&6
12486 if eval "test \"\${$ossh_varname+set}\" = set"; then 13214 if eval "test \"\${$ossh_varname+set}\" = set"; then
12487 echo $ECHO_N "(cached) $ECHO_C" >&6 13215 echo $ECHO_N "(cached) $ECHO_C" >&6
12488else 13216else
12489 13217
12490 cat >conftest.$ac_ext <<_ACEOF 13218 cat >conftest.$ac_ext <<_ACEOF
12491#line 12491 "configure" 13219#line 13219 "configure"
12492#include "confdefs.h" 13220#include "confdefs.h"
12493#include <utmp.h> 13221#include <utmp.h>
12494 13222
@@ -12505,7 +13233,7 @@ fi
12505 13233
12506 ossh_result=`eval 'echo $'"$ossh_varname"` 13234 ossh_result=`eval 'echo $'"$ossh_varname"`
12507 if test -n "`echo $ossh_varname`"; then 13235 if test -n "`echo $ossh_varname`"; then
12508 echo "$as_me:12508: result: $ossh_result" >&5 13236 echo "$as_me:13236: result: $ossh_result" >&5
12509echo "${ECHO_T}$ossh_result" >&6 13237echo "${ECHO_T}$ossh_result" >&6
12510 if test "x$ossh_result" = "xyes"; then 13238 if test "x$ossh_result" = "xyes"; then
12511 cat >>confdefs.h <<\EOF 13239 cat >>confdefs.h <<\EOF
@@ -12514,21 +13242,21 @@ EOF
12514 13242
12515 fi 13243 fi
12516 else 13244 else
12517 echo "$as_me:12517: result: no" >&5 13245 echo "$as_me:13245: result: no" >&5
12518echo "${ECHO_T}no" >&6 13246echo "${ECHO_T}no" >&6
12519 fi 13247 fi
12520 13248
12521# look for field 'ut_host' in header 'utmpx.h' 13249# look for field 'ut_host' in header 'utmpx.h'
12522 ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` 13250 ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'`
12523 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_host 13251 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_host
12524 echo "$as_me:12524: checking for ut_host field in utmpx.h" >&5 13252 echo "$as_me:13252: checking for ut_host field in utmpx.h" >&5
12525echo $ECHO_N "checking for ut_host field in utmpx.h... $ECHO_C" >&6 13253echo $ECHO_N "checking for ut_host field in utmpx.h... $ECHO_C" >&6
12526 if eval "test \"\${$ossh_varname+set}\" = set"; then 13254 if eval "test \"\${$ossh_varname+set}\" = set"; then
12527 echo $ECHO_N "(cached) $ECHO_C" >&6 13255 echo $ECHO_N "(cached) $ECHO_C" >&6
12528else 13256else
12529 13257
12530 cat >conftest.$ac_ext <<_ACEOF 13258 cat >conftest.$ac_ext <<_ACEOF
12531#line 12531 "configure" 13259#line 13259 "configure"
12532#include "confdefs.h" 13260#include "confdefs.h"
12533#include <utmpx.h> 13261#include <utmpx.h>
12534 13262
@@ -12545,7 +13273,7 @@ fi
12545 13273
12546 ossh_result=`eval 'echo $'"$ossh_varname"` 13274 ossh_result=`eval 'echo $'"$ossh_varname"`
12547 if test -n "`echo $ossh_varname`"; then 13275 if test -n "`echo $ossh_varname`"; then
12548 echo "$as_me:12548: result: $ossh_result" >&5 13276 echo "$as_me:13276: result: $ossh_result" >&5
12549echo "${ECHO_T}$ossh_result" >&6 13277echo "${ECHO_T}$ossh_result" >&6
12550 if test "x$ossh_result" = "xyes"; then 13278 if test "x$ossh_result" = "xyes"; then
12551 cat >>confdefs.h <<\EOF 13279 cat >>confdefs.h <<\EOF
@@ -12554,21 +13282,21 @@ EOF
12554 13282
12555 fi 13283 fi
12556 else 13284 else
12557 echo "$as_me:12557: result: no" >&5 13285 echo "$as_me:13285: result: no" >&5
12558echo "${ECHO_T}no" >&6 13286echo "${ECHO_T}no" >&6
12559 fi 13287 fi
12560 13288
12561# look for field 'syslen' in header 'utmpx.h' 13289# look for field 'syslen' in header 'utmpx.h'
12562 ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` 13290 ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'`
12563 ossh_varname="ossh_cv_$ossh_safe""_has_"syslen 13291 ossh_varname="ossh_cv_$ossh_safe""_has_"syslen
12564 echo "$as_me:12564: checking for syslen field in utmpx.h" >&5 13292 echo "$as_me:13292: checking for syslen field in utmpx.h" >&5
12565echo $ECHO_N "checking for syslen field in utmpx.h... $ECHO_C" >&6 13293echo $ECHO_N "checking for syslen field in utmpx.h... $ECHO_C" >&6
12566 if eval "test \"\${$ossh_varname+set}\" = set"; then 13294 if eval "test \"\${$ossh_varname+set}\" = set"; then
12567 echo $ECHO_N "(cached) $ECHO_C" >&6 13295 echo $ECHO_N "(cached) $ECHO_C" >&6
12568else 13296else
12569 13297
12570 cat >conftest.$ac_ext <<_ACEOF 13298 cat >conftest.$ac_ext <<_ACEOF
12571#line 12571 "configure" 13299#line 13299 "configure"
12572#include "confdefs.h" 13300#include "confdefs.h"
12573#include <utmpx.h> 13301#include <utmpx.h>
12574 13302
@@ -12585,7 +13313,7 @@ fi
12585 13313
12586 ossh_result=`eval 'echo $'"$ossh_varname"` 13314 ossh_result=`eval 'echo $'"$ossh_varname"`
12587 if test -n "`echo $ossh_varname`"; then 13315 if test -n "`echo $ossh_varname`"; then
12588 echo "$as_me:12588: result: $ossh_result" >&5 13316 echo "$as_me:13316: result: $ossh_result" >&5
12589echo "${ECHO_T}$ossh_result" >&6 13317echo "${ECHO_T}$ossh_result" >&6
12590 if test "x$ossh_result" = "xyes"; then 13318 if test "x$ossh_result" = "xyes"; then
12591 cat >>confdefs.h <<\EOF 13319 cat >>confdefs.h <<\EOF
@@ -12594,21 +13322,21 @@ EOF
12594 13322
12595 fi 13323 fi
12596 else 13324 else
12597 echo "$as_me:12597: result: no" >&5 13325 echo "$as_me:13325: result: no" >&5
12598echo "${ECHO_T}no" >&6 13326echo "${ECHO_T}no" >&6
12599 fi 13327 fi
12600 13328
12601# look for field 'ut_pid' in header 'utmp.h' 13329# look for field 'ut_pid' in header 'utmp.h'
12602 ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` 13330 ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'`
12603 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_pid 13331 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_pid
12604 echo "$as_me:12604: checking for ut_pid field in utmp.h" >&5 13332 echo "$as_me:13332: checking for ut_pid field in utmp.h" >&5
12605echo $ECHO_N "checking for ut_pid field in utmp.h... $ECHO_C" >&6 13333echo $ECHO_N "checking for ut_pid field in utmp.h... $ECHO_C" >&6
12606 if eval "test \"\${$ossh_varname+set}\" = set"; then 13334 if eval "test \"\${$ossh_varname+set}\" = set"; then
12607 echo $ECHO_N "(cached) $ECHO_C" >&6 13335 echo $ECHO_N "(cached) $ECHO_C" >&6
12608else 13336else
12609 13337
12610 cat >conftest.$ac_ext <<_ACEOF 13338 cat >conftest.$ac_ext <<_ACEOF
12611#line 12611 "configure" 13339#line 13339 "configure"
12612#include "confdefs.h" 13340#include "confdefs.h"
12613#include <utmp.h> 13341#include <utmp.h>
12614 13342
@@ -12625,7 +13353,7 @@ fi
12625 13353
12626 ossh_result=`eval 'echo $'"$ossh_varname"` 13354 ossh_result=`eval 'echo $'"$ossh_varname"`
12627 if test -n "`echo $ossh_varname`"; then 13355 if test -n "`echo $ossh_varname`"; then
12628 echo "$as_me:12628: result: $ossh_result" >&5 13356 echo "$as_me:13356: result: $ossh_result" >&5
12629echo "${ECHO_T}$ossh_result" >&6 13357echo "${ECHO_T}$ossh_result" >&6
12630 if test "x$ossh_result" = "xyes"; then 13358 if test "x$ossh_result" = "xyes"; then
12631 cat >>confdefs.h <<\EOF 13359 cat >>confdefs.h <<\EOF
@@ -12634,21 +13362,21 @@ EOF
12634 13362
12635 fi 13363 fi
12636 else 13364 else
12637 echo "$as_me:12637: result: no" >&5 13365 echo "$as_me:13365: result: no" >&5
12638echo "${ECHO_T}no" >&6 13366echo "${ECHO_T}no" >&6
12639 fi 13367 fi
12640 13368
12641# look for field 'ut_type' in header 'utmp.h' 13369# look for field 'ut_type' in header 'utmp.h'
12642 ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` 13370 ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'`
12643 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_type 13371 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_type
12644 echo "$as_me:12644: checking for ut_type field in utmp.h" >&5 13372 echo "$as_me:13372: checking for ut_type field in utmp.h" >&5
12645echo $ECHO_N "checking for ut_type field in utmp.h... $ECHO_C" >&6 13373echo $ECHO_N "checking for ut_type field in utmp.h... $ECHO_C" >&6
12646 if eval "test \"\${$ossh_varname+set}\" = set"; then 13374 if eval "test \"\${$ossh_varname+set}\" = set"; then
12647 echo $ECHO_N "(cached) $ECHO_C" >&6 13375 echo $ECHO_N "(cached) $ECHO_C" >&6
12648else 13376else
12649 13377
12650 cat >conftest.$ac_ext <<_ACEOF 13378 cat >conftest.$ac_ext <<_ACEOF
12651#line 12651 "configure" 13379#line 13379 "configure"
12652#include "confdefs.h" 13380#include "confdefs.h"
12653#include <utmp.h> 13381#include <utmp.h>
12654 13382
@@ -12665,7 +13393,7 @@ fi
12665 13393
12666 ossh_result=`eval 'echo $'"$ossh_varname"` 13394 ossh_result=`eval 'echo $'"$ossh_varname"`
12667 if test -n "`echo $ossh_varname`"; then 13395 if test -n "`echo $ossh_varname`"; then
12668 echo "$as_me:12668: result: $ossh_result" >&5 13396 echo "$as_me:13396: result: $ossh_result" >&5
12669echo "${ECHO_T}$ossh_result" >&6 13397echo "${ECHO_T}$ossh_result" >&6
12670 if test "x$ossh_result" = "xyes"; then 13398 if test "x$ossh_result" = "xyes"; then
12671 cat >>confdefs.h <<\EOF 13399 cat >>confdefs.h <<\EOF
@@ -12674,21 +13402,21 @@ EOF
12674 13402
12675 fi 13403 fi
12676 else 13404 else
12677 echo "$as_me:12677: result: no" >&5 13405 echo "$as_me:13405: result: no" >&5
12678echo "${ECHO_T}no" >&6 13406echo "${ECHO_T}no" >&6
12679 fi 13407 fi
12680 13408
12681# look for field 'ut_type' in header 'utmpx.h' 13409# look for field 'ut_type' in header 'utmpx.h'
12682 ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` 13410 ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'`
12683 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_type 13411 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_type
12684 echo "$as_me:12684: checking for ut_type field in utmpx.h" >&5 13412 echo "$as_me:13412: checking for ut_type field in utmpx.h" >&5
12685echo $ECHO_N "checking for ut_type field in utmpx.h... $ECHO_C" >&6 13413echo $ECHO_N "checking for ut_type field in utmpx.h... $ECHO_C" >&6
12686 if eval "test \"\${$ossh_varname+set}\" = set"; then 13414 if eval "test \"\${$ossh_varname+set}\" = set"; then
12687 echo $ECHO_N "(cached) $ECHO_C" >&6 13415 echo $ECHO_N "(cached) $ECHO_C" >&6
12688else 13416else
12689 13417
12690 cat >conftest.$ac_ext <<_ACEOF 13418 cat >conftest.$ac_ext <<_ACEOF
12691#line 12691 "configure" 13419#line 13419 "configure"
12692#include "confdefs.h" 13420#include "confdefs.h"
12693#include <utmpx.h> 13421#include <utmpx.h>
12694 13422
@@ -12705,7 +13433,7 @@ fi
12705 13433
12706 ossh_result=`eval 'echo $'"$ossh_varname"` 13434 ossh_result=`eval 'echo $'"$ossh_varname"`
12707 if test -n "`echo $ossh_varname`"; then 13435 if test -n "`echo $ossh_varname`"; then
12708 echo "$as_me:12708: result: $ossh_result" >&5 13436 echo "$as_me:13436: result: $ossh_result" >&5
12709echo "${ECHO_T}$ossh_result" >&6 13437echo "${ECHO_T}$ossh_result" >&6
12710 if test "x$ossh_result" = "xyes"; then 13438 if test "x$ossh_result" = "xyes"; then
12711 cat >>confdefs.h <<\EOF 13439 cat >>confdefs.h <<\EOF
@@ -12714,21 +13442,21 @@ EOF
12714 13442
12715 fi 13443 fi
12716 else 13444 else
12717 echo "$as_me:12717: result: no" >&5 13445 echo "$as_me:13445: result: no" >&5
12718echo "${ECHO_T}no" >&6 13446echo "${ECHO_T}no" >&6
12719 fi 13447 fi
12720 13448
12721# look for field 'ut_tv' in header 'utmp.h' 13449# look for field 'ut_tv' in header 'utmp.h'
12722 ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` 13450 ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'`
12723 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_tv 13451 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_tv
12724 echo "$as_me:12724: checking for ut_tv field in utmp.h" >&5 13452 echo "$as_me:13452: checking for ut_tv field in utmp.h" >&5
12725echo $ECHO_N "checking for ut_tv field in utmp.h... $ECHO_C" >&6 13453echo $ECHO_N "checking for ut_tv field in utmp.h... $ECHO_C" >&6
12726 if eval "test \"\${$ossh_varname+set}\" = set"; then 13454 if eval "test \"\${$ossh_varname+set}\" = set"; then
12727 echo $ECHO_N "(cached) $ECHO_C" >&6 13455 echo $ECHO_N "(cached) $ECHO_C" >&6
12728else 13456else
12729 13457
12730 cat >conftest.$ac_ext <<_ACEOF 13458 cat >conftest.$ac_ext <<_ACEOF
12731#line 12731 "configure" 13459#line 13459 "configure"
12732#include "confdefs.h" 13460#include "confdefs.h"
12733#include <utmp.h> 13461#include <utmp.h>
12734 13462
@@ -12745,7 +13473,7 @@ fi
12745 13473
12746 ossh_result=`eval 'echo $'"$ossh_varname"` 13474 ossh_result=`eval 'echo $'"$ossh_varname"`
12747 if test -n "`echo $ossh_varname`"; then 13475 if test -n "`echo $ossh_varname`"; then
12748 echo "$as_me:12748: result: $ossh_result" >&5 13476 echo "$as_me:13476: result: $ossh_result" >&5
12749echo "${ECHO_T}$ossh_result" >&6 13477echo "${ECHO_T}$ossh_result" >&6
12750 if test "x$ossh_result" = "xyes"; then 13478 if test "x$ossh_result" = "xyes"; then
12751 cat >>confdefs.h <<\EOF 13479 cat >>confdefs.h <<\EOF
@@ -12754,21 +13482,21 @@ EOF
12754 13482
12755 fi 13483 fi
12756 else 13484 else
12757 echo "$as_me:12757: result: no" >&5 13485 echo "$as_me:13485: result: no" >&5
12758echo "${ECHO_T}no" >&6 13486echo "${ECHO_T}no" >&6
12759 fi 13487 fi
12760 13488
12761# look for field 'ut_id' in header 'utmp.h' 13489# look for field 'ut_id' in header 'utmp.h'
12762 ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` 13490 ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'`
12763 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_id 13491 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_id
12764 echo "$as_me:12764: checking for ut_id field in utmp.h" >&5 13492 echo "$as_me:13492: checking for ut_id field in utmp.h" >&5
12765echo $ECHO_N "checking for ut_id field in utmp.h... $ECHO_C" >&6 13493echo $ECHO_N "checking for ut_id field in utmp.h... $ECHO_C" >&6
12766 if eval "test \"\${$ossh_varname+set}\" = set"; then 13494 if eval "test \"\${$ossh_varname+set}\" = set"; then
12767 echo $ECHO_N "(cached) $ECHO_C" >&6 13495 echo $ECHO_N "(cached) $ECHO_C" >&6
12768else 13496else
12769 13497
12770 cat >conftest.$ac_ext <<_ACEOF 13498 cat >conftest.$ac_ext <<_ACEOF
12771#line 12771 "configure" 13499#line 13499 "configure"
12772#include "confdefs.h" 13500#include "confdefs.h"
12773#include <utmp.h> 13501#include <utmp.h>
12774 13502
@@ -12785,7 +13513,7 @@ fi
12785 13513
12786 ossh_result=`eval 'echo $'"$ossh_varname"` 13514 ossh_result=`eval 'echo $'"$ossh_varname"`
12787 if test -n "`echo $ossh_varname`"; then 13515 if test -n "`echo $ossh_varname`"; then
12788 echo "$as_me:12788: result: $ossh_result" >&5 13516 echo "$as_me:13516: result: $ossh_result" >&5
12789echo "${ECHO_T}$ossh_result" >&6 13517echo "${ECHO_T}$ossh_result" >&6
12790 if test "x$ossh_result" = "xyes"; then 13518 if test "x$ossh_result" = "xyes"; then
12791 cat >>confdefs.h <<\EOF 13519 cat >>confdefs.h <<\EOF
@@ -12794,21 +13522,21 @@ EOF
12794 13522
12795 fi 13523 fi
12796 else 13524 else
12797 echo "$as_me:12797: result: no" >&5 13525 echo "$as_me:13525: result: no" >&5
12798echo "${ECHO_T}no" >&6 13526echo "${ECHO_T}no" >&6
12799 fi 13527 fi
12800 13528
12801# look for field 'ut_id' in header 'utmpx.h' 13529# look for field 'ut_id' in header 'utmpx.h'
12802 ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` 13530 ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'`
12803 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_id 13531 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_id
12804 echo "$as_me:12804: checking for ut_id field in utmpx.h" >&5 13532 echo "$as_me:13532: checking for ut_id field in utmpx.h" >&5
12805echo $ECHO_N "checking for ut_id field in utmpx.h... $ECHO_C" >&6 13533echo $ECHO_N "checking for ut_id field in utmpx.h... $ECHO_C" >&6
12806 if eval "test \"\${$ossh_varname+set}\" = set"; then 13534 if eval "test \"\${$ossh_varname+set}\" = set"; then
12807 echo $ECHO_N "(cached) $ECHO_C" >&6 13535 echo $ECHO_N "(cached) $ECHO_C" >&6
12808else 13536else
12809 13537
12810 cat >conftest.$ac_ext <<_ACEOF 13538 cat >conftest.$ac_ext <<_ACEOF
12811#line 12811 "configure" 13539#line 13539 "configure"
12812#include "confdefs.h" 13540#include "confdefs.h"
12813#include <utmpx.h> 13541#include <utmpx.h>
12814 13542
@@ -12825,7 +13553,7 @@ fi
12825 13553
12826 ossh_result=`eval 'echo $'"$ossh_varname"` 13554 ossh_result=`eval 'echo $'"$ossh_varname"`
12827 if test -n "`echo $ossh_varname`"; then 13555 if test -n "`echo $ossh_varname`"; then
12828 echo "$as_me:12828: result: $ossh_result" >&5 13556 echo "$as_me:13556: result: $ossh_result" >&5
12829echo "${ECHO_T}$ossh_result" >&6 13557echo "${ECHO_T}$ossh_result" >&6
12830 if test "x$ossh_result" = "xyes"; then 13558 if test "x$ossh_result" = "xyes"; then
12831 cat >>confdefs.h <<\EOF 13559 cat >>confdefs.h <<\EOF
@@ -12834,21 +13562,21 @@ EOF
12834 13562
12835 fi 13563 fi
12836 else 13564 else
12837 echo "$as_me:12837: result: no" >&5 13565 echo "$as_me:13565: result: no" >&5
12838echo "${ECHO_T}no" >&6 13566echo "${ECHO_T}no" >&6
12839 fi 13567 fi
12840 13568
12841# look for field 'ut_addr' in header 'utmp.h' 13569# look for field 'ut_addr' in header 'utmp.h'
12842 ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` 13570 ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'`
12843 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_addr 13571 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_addr
12844 echo "$as_me:12844: checking for ut_addr field in utmp.h" >&5 13572 echo "$as_me:13572: checking for ut_addr field in utmp.h" >&5
12845echo $ECHO_N "checking for ut_addr field in utmp.h... $ECHO_C" >&6 13573echo $ECHO_N "checking for ut_addr field in utmp.h... $ECHO_C" >&6
12846 if eval "test \"\${$ossh_varname+set}\" = set"; then 13574 if eval "test \"\${$ossh_varname+set}\" = set"; then
12847 echo $ECHO_N "(cached) $ECHO_C" >&6 13575 echo $ECHO_N "(cached) $ECHO_C" >&6
12848else 13576else
12849 13577
12850 cat >conftest.$ac_ext <<_ACEOF 13578 cat >conftest.$ac_ext <<_ACEOF
12851#line 12851 "configure" 13579#line 13579 "configure"
12852#include "confdefs.h" 13580#include "confdefs.h"
12853#include <utmp.h> 13581#include <utmp.h>
12854 13582
@@ -12865,7 +13593,7 @@ fi
12865 13593
12866 ossh_result=`eval 'echo $'"$ossh_varname"` 13594 ossh_result=`eval 'echo $'"$ossh_varname"`
12867 if test -n "`echo $ossh_varname`"; then 13595 if test -n "`echo $ossh_varname`"; then
12868 echo "$as_me:12868: result: $ossh_result" >&5 13596 echo "$as_me:13596: result: $ossh_result" >&5
12869echo "${ECHO_T}$ossh_result" >&6 13597echo "${ECHO_T}$ossh_result" >&6
12870 if test "x$ossh_result" = "xyes"; then 13598 if test "x$ossh_result" = "xyes"; then
12871 cat >>confdefs.h <<\EOF 13599 cat >>confdefs.h <<\EOF
@@ -12874,21 +13602,21 @@ EOF
12874 13602
12875 fi 13603 fi
12876 else 13604 else
12877 echo "$as_me:12877: result: no" >&5 13605 echo "$as_me:13605: result: no" >&5
12878echo "${ECHO_T}no" >&6 13606echo "${ECHO_T}no" >&6
12879 fi 13607 fi
12880 13608
12881# look for field 'ut_addr' in header 'utmpx.h' 13609# look for field 'ut_addr' in header 'utmpx.h'
12882 ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` 13610 ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'`
12883 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_addr 13611 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_addr
12884 echo "$as_me:12884: checking for ut_addr field in utmpx.h" >&5 13612 echo "$as_me:13612: checking for ut_addr field in utmpx.h" >&5
12885echo $ECHO_N "checking for ut_addr field in utmpx.h... $ECHO_C" >&6 13613echo $ECHO_N "checking for ut_addr field in utmpx.h... $ECHO_C" >&6
12886 if eval "test \"\${$ossh_varname+set}\" = set"; then 13614 if eval "test \"\${$ossh_varname+set}\" = set"; then
12887 echo $ECHO_N "(cached) $ECHO_C" >&6 13615 echo $ECHO_N "(cached) $ECHO_C" >&6
12888else 13616else
12889 13617
12890 cat >conftest.$ac_ext <<_ACEOF 13618 cat >conftest.$ac_ext <<_ACEOF
12891#line 12891 "configure" 13619#line 13619 "configure"
12892#include "confdefs.h" 13620#include "confdefs.h"
12893#include <utmpx.h> 13621#include <utmpx.h>
12894 13622
@@ -12905,7 +13633,7 @@ fi
12905 13633
12906 ossh_result=`eval 'echo $'"$ossh_varname"` 13634 ossh_result=`eval 'echo $'"$ossh_varname"`
12907 if test -n "`echo $ossh_varname`"; then 13635 if test -n "`echo $ossh_varname`"; then
12908 echo "$as_me:12908: result: $ossh_result" >&5 13636 echo "$as_me:13636: result: $ossh_result" >&5
12909echo "${ECHO_T}$ossh_result" >&6 13637echo "${ECHO_T}$ossh_result" >&6
12910 if test "x$ossh_result" = "xyes"; then 13638 if test "x$ossh_result" = "xyes"; then
12911 cat >>confdefs.h <<\EOF 13639 cat >>confdefs.h <<\EOF
@@ -12914,21 +13642,21 @@ EOF
12914 13642
12915 fi 13643 fi
12916 else 13644 else
12917 echo "$as_me:12917: result: no" >&5 13645 echo "$as_me:13645: result: no" >&5
12918echo "${ECHO_T}no" >&6 13646echo "${ECHO_T}no" >&6
12919 fi 13647 fi
12920 13648
12921# look for field 'ut_addr_v6' in header 'utmp.h' 13649# look for field 'ut_addr_v6' in header 'utmp.h'
12922 ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` 13650 ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'`
12923 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_addr_v6 13651 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_addr_v6
12924 echo "$as_me:12924: checking for ut_addr_v6 field in utmp.h" >&5 13652 echo "$as_me:13652: checking for ut_addr_v6 field in utmp.h" >&5
12925echo $ECHO_N "checking for ut_addr_v6 field in utmp.h... $ECHO_C" >&6 13653echo $ECHO_N "checking for ut_addr_v6 field in utmp.h... $ECHO_C" >&6
12926 if eval "test \"\${$ossh_varname+set}\" = set"; then 13654 if eval "test \"\${$ossh_varname+set}\" = set"; then
12927 echo $ECHO_N "(cached) $ECHO_C" >&6 13655 echo $ECHO_N "(cached) $ECHO_C" >&6
12928else 13656else
12929 13657
12930 cat >conftest.$ac_ext <<_ACEOF 13658 cat >conftest.$ac_ext <<_ACEOF
12931#line 12931 "configure" 13659#line 13659 "configure"
12932#include "confdefs.h" 13660#include "confdefs.h"
12933#include <utmp.h> 13661#include <utmp.h>
12934 13662
@@ -12945,7 +13673,7 @@ fi
12945 13673
12946 ossh_result=`eval 'echo $'"$ossh_varname"` 13674 ossh_result=`eval 'echo $'"$ossh_varname"`
12947 if test -n "`echo $ossh_varname`"; then 13675 if test -n "`echo $ossh_varname`"; then
12948 echo "$as_me:12948: result: $ossh_result" >&5 13676 echo "$as_me:13676: result: $ossh_result" >&5
12949echo "${ECHO_T}$ossh_result" >&6 13677echo "${ECHO_T}$ossh_result" >&6
12950 if test "x$ossh_result" = "xyes"; then 13678 if test "x$ossh_result" = "xyes"; then
12951 cat >>confdefs.h <<\EOF 13679 cat >>confdefs.h <<\EOF
@@ -12954,21 +13682,21 @@ EOF
12954 13682
12955 fi 13683 fi
12956 else 13684 else
12957 echo "$as_me:12957: result: no" >&5 13685 echo "$as_me:13685: result: no" >&5
12958echo "${ECHO_T}no" >&6 13686echo "${ECHO_T}no" >&6
12959 fi 13687 fi
12960 13688
12961# look for field 'ut_addr_v6' in header 'utmpx.h' 13689# look for field 'ut_addr_v6' in header 'utmpx.h'
12962 ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` 13690 ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'`
12963 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_addr_v6 13691 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_addr_v6
12964 echo "$as_me:12964: checking for ut_addr_v6 field in utmpx.h" >&5 13692 echo "$as_me:13692: checking for ut_addr_v6 field in utmpx.h" >&5
12965echo $ECHO_N "checking for ut_addr_v6 field in utmpx.h... $ECHO_C" >&6 13693echo $ECHO_N "checking for ut_addr_v6 field in utmpx.h... $ECHO_C" >&6
12966 if eval "test \"\${$ossh_varname+set}\" = set"; then 13694 if eval "test \"\${$ossh_varname+set}\" = set"; then
12967 echo $ECHO_N "(cached) $ECHO_C" >&6 13695 echo $ECHO_N "(cached) $ECHO_C" >&6
12968else 13696else
12969 13697
12970 cat >conftest.$ac_ext <<_ACEOF 13698 cat >conftest.$ac_ext <<_ACEOF
12971#line 12971 "configure" 13699#line 13699 "configure"
12972#include "confdefs.h" 13700#include "confdefs.h"
12973#include <utmpx.h> 13701#include <utmpx.h>
12974 13702
@@ -12985,7 +13713,7 @@ fi
12985 13713
12986 ossh_result=`eval 'echo $'"$ossh_varname"` 13714 ossh_result=`eval 'echo $'"$ossh_varname"`
12987 if test -n "`echo $ossh_varname`"; then 13715 if test -n "`echo $ossh_varname`"; then
12988 echo "$as_me:12988: result: $ossh_result" >&5 13716 echo "$as_me:13716: result: $ossh_result" >&5
12989echo "${ECHO_T}$ossh_result" >&6 13717echo "${ECHO_T}$ossh_result" >&6
12990 if test "x$ossh_result" = "xyes"; then 13718 if test "x$ossh_result" = "xyes"; then
12991 cat >>confdefs.h <<\EOF 13719 cat >>confdefs.h <<\EOF
@@ -12994,21 +13722,21 @@ EOF
12994 13722
12995 fi 13723 fi
12996 else 13724 else
12997 echo "$as_me:12997: result: no" >&5 13725 echo "$as_me:13725: result: no" >&5
12998echo "${ECHO_T}no" >&6 13726echo "${ECHO_T}no" >&6
12999 fi 13727 fi
13000 13728
13001# look for field 'ut_exit' in header 'utmp.h' 13729# look for field 'ut_exit' in header 'utmp.h'
13002 ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` 13730 ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'`
13003 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_exit 13731 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_exit
13004 echo "$as_me:13004: checking for ut_exit field in utmp.h" >&5 13732 echo "$as_me:13732: checking for ut_exit field in utmp.h" >&5
13005echo $ECHO_N "checking for ut_exit field in utmp.h... $ECHO_C" >&6 13733echo $ECHO_N "checking for ut_exit field in utmp.h... $ECHO_C" >&6
13006 if eval "test \"\${$ossh_varname+set}\" = set"; then 13734 if eval "test \"\${$ossh_varname+set}\" = set"; then
13007 echo $ECHO_N "(cached) $ECHO_C" >&6 13735 echo $ECHO_N "(cached) $ECHO_C" >&6
13008else 13736else
13009 13737
13010 cat >conftest.$ac_ext <<_ACEOF 13738 cat >conftest.$ac_ext <<_ACEOF
13011#line 13011 "configure" 13739#line 13739 "configure"
13012#include "confdefs.h" 13740#include "confdefs.h"
13013#include <utmp.h> 13741#include <utmp.h>
13014 13742
@@ -13025,7 +13753,7 @@ fi
13025 13753
13026 ossh_result=`eval 'echo $'"$ossh_varname"` 13754 ossh_result=`eval 'echo $'"$ossh_varname"`
13027 if test -n "`echo $ossh_varname`"; then 13755 if test -n "`echo $ossh_varname`"; then
13028 echo "$as_me:13028: result: $ossh_result" >&5 13756 echo "$as_me:13756: result: $ossh_result" >&5
13029echo "${ECHO_T}$ossh_result" >&6 13757echo "${ECHO_T}$ossh_result" >&6
13030 if test "x$ossh_result" = "xyes"; then 13758 if test "x$ossh_result" = "xyes"; then
13031 cat >>confdefs.h <<\EOF 13759 cat >>confdefs.h <<\EOF
@@ -13034,21 +13762,21 @@ EOF
13034 13762
13035 fi 13763 fi
13036 else 13764 else
13037 echo "$as_me:13037: result: no" >&5 13765 echo "$as_me:13765: result: no" >&5
13038echo "${ECHO_T}no" >&6 13766echo "${ECHO_T}no" >&6
13039 fi 13767 fi
13040 13768
13041# look for field 'ut_time' in header 'utmp.h' 13769# look for field 'ut_time' in header 'utmp.h'
13042 ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` 13770 ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'`
13043 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_time 13771 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_time
13044 echo "$as_me:13044: checking for ut_time field in utmp.h" >&5 13772 echo "$as_me:13772: checking for ut_time field in utmp.h" >&5
13045echo $ECHO_N "checking for ut_time field in utmp.h... $ECHO_C" >&6 13773echo $ECHO_N "checking for ut_time field in utmp.h... $ECHO_C" >&6
13046 if eval "test \"\${$ossh_varname+set}\" = set"; then 13774 if eval "test \"\${$ossh_varname+set}\" = set"; then
13047 echo $ECHO_N "(cached) $ECHO_C" >&6 13775 echo $ECHO_N "(cached) $ECHO_C" >&6
13048else 13776else
13049 13777
13050 cat >conftest.$ac_ext <<_ACEOF 13778 cat >conftest.$ac_ext <<_ACEOF
13051#line 13051 "configure" 13779#line 13779 "configure"
13052#include "confdefs.h" 13780#include "confdefs.h"
13053#include <utmp.h> 13781#include <utmp.h>
13054 13782
@@ -13065,7 +13793,7 @@ fi
13065 13793
13066 ossh_result=`eval 'echo $'"$ossh_varname"` 13794 ossh_result=`eval 'echo $'"$ossh_varname"`
13067 if test -n "`echo $ossh_varname`"; then 13795 if test -n "`echo $ossh_varname`"; then
13068 echo "$as_me:13068: result: $ossh_result" >&5 13796 echo "$as_me:13796: result: $ossh_result" >&5
13069echo "${ECHO_T}$ossh_result" >&6 13797echo "${ECHO_T}$ossh_result" >&6
13070 if test "x$ossh_result" = "xyes"; then 13798 if test "x$ossh_result" = "xyes"; then
13071 cat >>confdefs.h <<\EOF 13799 cat >>confdefs.h <<\EOF
@@ -13074,21 +13802,21 @@ EOF
13074 13802
13075 fi 13803 fi
13076 else 13804 else
13077 echo "$as_me:13077: result: no" >&5 13805 echo "$as_me:13805: result: no" >&5
13078echo "${ECHO_T}no" >&6 13806echo "${ECHO_T}no" >&6
13079 fi 13807 fi
13080 13808
13081# look for field 'ut_time' in header 'utmpx.h' 13809# look for field 'ut_time' in header 'utmpx.h'
13082 ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` 13810 ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'`
13083 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_time 13811 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_time
13084 echo "$as_me:13084: checking for ut_time field in utmpx.h" >&5 13812 echo "$as_me:13812: checking for ut_time field in utmpx.h" >&5
13085echo $ECHO_N "checking for ut_time field in utmpx.h... $ECHO_C" >&6 13813echo $ECHO_N "checking for ut_time field in utmpx.h... $ECHO_C" >&6
13086 if eval "test \"\${$ossh_varname+set}\" = set"; then 13814 if eval "test \"\${$ossh_varname+set}\" = set"; then
13087 echo $ECHO_N "(cached) $ECHO_C" >&6 13815 echo $ECHO_N "(cached) $ECHO_C" >&6
13088else 13816else
13089 13817
13090 cat >conftest.$ac_ext <<_ACEOF 13818 cat >conftest.$ac_ext <<_ACEOF
13091#line 13091 "configure" 13819#line 13819 "configure"
13092#include "confdefs.h" 13820#include "confdefs.h"
13093#include <utmpx.h> 13821#include <utmpx.h>
13094 13822
@@ -13105,7 +13833,7 @@ fi
13105 13833
13106 ossh_result=`eval 'echo $'"$ossh_varname"` 13834 ossh_result=`eval 'echo $'"$ossh_varname"`
13107 if test -n "`echo $ossh_varname`"; then 13835 if test -n "`echo $ossh_varname`"; then
13108 echo "$as_me:13108: result: $ossh_result" >&5 13836 echo "$as_me:13836: result: $ossh_result" >&5
13109echo "${ECHO_T}$ossh_result" >&6 13837echo "${ECHO_T}$ossh_result" >&6
13110 if test "x$ossh_result" = "xyes"; then 13838 if test "x$ossh_result" = "xyes"; then
13111 cat >>confdefs.h <<\EOF 13839 cat >>confdefs.h <<\EOF
@@ -13114,21 +13842,21 @@ EOF
13114 13842
13115 fi 13843 fi
13116 else 13844 else
13117 echo "$as_me:13117: result: no" >&5 13845 echo "$as_me:13845: result: no" >&5
13118echo "${ECHO_T}no" >&6 13846echo "${ECHO_T}no" >&6
13119 fi 13847 fi
13120 13848
13121# look for field 'ut_tv' in header 'utmpx.h' 13849# look for field 'ut_tv' in header 'utmpx.h'
13122 ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` 13850 ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'`
13123 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_tv 13851 ossh_varname="ossh_cv_$ossh_safe""_has_"ut_tv
13124 echo "$as_me:13124: checking for ut_tv field in utmpx.h" >&5 13852 echo "$as_me:13852: checking for ut_tv field in utmpx.h" >&5
13125echo $ECHO_N "checking for ut_tv field in utmpx.h... $ECHO_C" >&6 13853echo $ECHO_N "checking for ut_tv field in utmpx.h... $ECHO_C" >&6
13126 if eval "test \"\${$ossh_varname+set}\" = set"; then 13854 if eval "test \"\${$ossh_varname+set}\" = set"; then
13127 echo $ECHO_N "(cached) $ECHO_C" >&6 13855 echo $ECHO_N "(cached) $ECHO_C" >&6
13128else 13856else
13129 13857
13130 cat >conftest.$ac_ext <<_ACEOF 13858 cat >conftest.$ac_ext <<_ACEOF
13131#line 13131 "configure" 13859#line 13859 "configure"
13132#include "confdefs.h" 13860#include "confdefs.h"
13133#include <utmpx.h> 13861#include <utmpx.h>
13134 13862
@@ -13145,7 +13873,7 @@ fi
13145 13873
13146 ossh_result=`eval 'echo $'"$ossh_varname"` 13874 ossh_result=`eval 'echo $'"$ossh_varname"`
13147 if test -n "`echo $ossh_varname`"; then 13875 if test -n "`echo $ossh_varname`"; then
13148 echo "$as_me:13148: result: $ossh_result" >&5 13876 echo "$as_me:13876: result: $ossh_result" >&5
13149echo "${ECHO_T}$ossh_result" >&6 13877echo "${ECHO_T}$ossh_result" >&6
13150 if test "x$ossh_result" = "xyes"; then 13878 if test "x$ossh_result" = "xyes"; then
13151 cat >>confdefs.h <<\EOF 13879 cat >>confdefs.h <<\EOF
@@ -13154,17 +13882,17 @@ EOF
13154 13882
13155 fi 13883 fi
13156 else 13884 else
13157 echo "$as_me:13157: result: no" >&5 13885 echo "$as_me:13885: result: no" >&5
13158echo "${ECHO_T}no" >&6 13886echo "${ECHO_T}no" >&6
13159 fi 13887 fi
13160 13888
13161echo "$as_me:13161: checking for struct stat.st_blksize" >&5 13889echo "$as_me:13889: checking for struct stat.st_blksize" >&5
13162echo $ECHO_N "checking for struct stat.st_blksize... $ECHO_C" >&6 13890echo $ECHO_N "checking for struct stat.st_blksize... $ECHO_C" >&6
13163if test "${ac_cv_member_struct_stat_st_blksize+set}" = set; then 13891if test "${ac_cv_member_struct_stat_st_blksize+set}" = set; then
13164 echo $ECHO_N "(cached) $ECHO_C" >&6 13892 echo $ECHO_N "(cached) $ECHO_C" >&6
13165else 13893else
13166 cat >conftest.$ac_ext <<_ACEOF 13894 cat >conftest.$ac_ext <<_ACEOF
13167#line 13167 "configure" 13895#line 13895 "configure"
13168#include "confdefs.h" 13896#include "confdefs.h"
13169$ac_includes_default 13897$ac_includes_default
13170int 13898int
@@ -13178,16 +13906,16 @@ return 0;
13178} 13906}
13179_ACEOF 13907_ACEOF
13180rm -f conftest.$ac_objext 13908rm -f conftest.$ac_objext
13181if { (eval echo "$as_me:13181: \"$ac_compile\"") >&5 13909if { (eval echo "$as_me:13909: \"$ac_compile\"") >&5
13182 (eval $ac_compile) 2>&5 13910 (eval $ac_compile) 2>&5
13183 ac_status=$? 13911 ac_status=$?
13184 echo "$as_me:13184: \$? = $ac_status" >&5 13912 echo "$as_me:13912: \$? = $ac_status" >&5
13185 (exit $ac_status); } && 13913 (exit $ac_status); } &&
13186 { ac_try='test -s conftest.$ac_objext' 13914 { ac_try='test -s conftest.$ac_objext'
13187 { (eval echo "$as_me:13187: \"$ac_try\"") >&5 13915 { (eval echo "$as_me:13915: \"$ac_try\"") >&5
13188 (eval $ac_try) 2>&5 13916 (eval $ac_try) 2>&5
13189 ac_status=$? 13917 ac_status=$?
13190 echo "$as_me:13190: \$? = $ac_status" >&5 13918 echo "$as_me:13918: \$? = $ac_status" >&5
13191 (exit $ac_status); }; }; then 13919 (exit $ac_status); }; }; then
13192 ac_cv_member_struct_stat_st_blksize=yes 13920 ac_cv_member_struct_stat_st_blksize=yes
13193else 13921else
@@ -13197,7 +13925,7 @@ ac_cv_member_struct_stat_st_blksize=no
13197fi 13925fi
13198rm -f conftest.$ac_objext conftest.$ac_ext 13926rm -f conftest.$ac_objext conftest.$ac_ext
13199fi 13927fi
13200echo "$as_me:13200: result: $ac_cv_member_struct_stat_st_blksize" >&5 13928echo "$as_me:13928: result: $ac_cv_member_struct_stat_st_blksize" >&5
13201echo "${ECHO_T}$ac_cv_member_struct_stat_st_blksize" >&6 13929echo "${ECHO_T}$ac_cv_member_struct_stat_st_blksize" >&6
13202if test $ac_cv_member_struct_stat_st_blksize = yes; then 13930if test $ac_cv_member_struct_stat_st_blksize = yes; then
13203 13931
@@ -13207,14 +13935,14 @@ EOF
13207 13935
13208fi 13936fi
13209 13937
13210echo "$as_me:13210: checking for ss_family field in struct sockaddr_storage" >&5 13938echo "$as_me:13938: checking for ss_family field in struct sockaddr_storage" >&5
13211echo $ECHO_N "checking for ss_family field in struct sockaddr_storage... $ECHO_C" >&6 13939echo $ECHO_N "checking for ss_family field in struct sockaddr_storage... $ECHO_C" >&6
13212if test "${ac_cv_have_ss_family_in_struct_ss+set}" = set; then 13940if test "${ac_cv_have_ss_family_in_struct_ss+set}" = set; then
13213 echo $ECHO_N "(cached) $ECHO_C" >&6 13941 echo $ECHO_N "(cached) $ECHO_C" >&6
13214else 13942else
13215 13943
13216 cat >conftest.$ac_ext <<_ACEOF 13944 cat >conftest.$ac_ext <<_ACEOF
13217#line 13217 "configure" 13945#line 13945 "configure"
13218#include "confdefs.h" 13946#include "confdefs.h"
13219 13947
13220#include <sys/types.h> 13948#include <sys/types.h>
@@ -13229,16 +13957,16 @@ main ()
13229} 13957}
13230_ACEOF 13958_ACEOF
13231rm -f conftest.$ac_objext 13959rm -f conftest.$ac_objext
13232if { (eval echo "$as_me:13232: \"$ac_compile\"") >&5 13960if { (eval echo "$as_me:13960: \"$ac_compile\"") >&5
13233 (eval $ac_compile) 2>&5 13961 (eval $ac_compile) 2>&5
13234 ac_status=$? 13962 ac_status=$?
13235 echo "$as_me:13235: \$? = $ac_status" >&5 13963 echo "$as_me:13963: \$? = $ac_status" >&5
13236 (exit $ac_status); } && 13964 (exit $ac_status); } &&
13237 { ac_try='test -s conftest.$ac_objext' 13965 { ac_try='test -s conftest.$ac_objext'
13238 { (eval echo "$as_me:13238: \"$ac_try\"") >&5 13966 { (eval echo "$as_me:13966: \"$ac_try\"") >&5
13239 (eval $ac_try) 2>&5 13967 (eval $ac_try) 2>&5
13240 ac_status=$? 13968 ac_status=$?
13241 echo "$as_me:13241: \$? = $ac_status" >&5 13969 echo "$as_me:13969: \$? = $ac_status" >&5
13242 (exit $ac_status); }; }; then 13970 (exit $ac_status); }; }; then
13243 ac_cv_have_ss_family_in_struct_ss="yes" 13971 ac_cv_have_ss_family_in_struct_ss="yes"
13244else 13972else
@@ -13249,7 +13977,7 @@ fi
13249rm -f conftest.$ac_objext conftest.$ac_ext 13977rm -f conftest.$ac_objext conftest.$ac_ext
13250 13978
13251fi 13979fi
13252echo "$as_me:13252: result: $ac_cv_have_ss_family_in_struct_ss" >&5 13980echo "$as_me:13980: result: $ac_cv_have_ss_family_in_struct_ss" >&5
13253echo "${ECHO_T}$ac_cv_have_ss_family_in_struct_ss" >&6 13981echo "${ECHO_T}$ac_cv_have_ss_family_in_struct_ss" >&6
13254if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then 13982if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
13255 cat >>confdefs.h <<\EOF 13983 cat >>confdefs.h <<\EOF
@@ -13258,14 +13986,14 @@ EOF
13258 13986
13259fi 13987fi
13260 13988
13261echo "$as_me:13261: checking for __ss_family field in struct sockaddr_storage" >&5 13989echo "$as_me:13989: checking for __ss_family field in struct sockaddr_storage" >&5
13262echo $ECHO_N "checking for __ss_family field in struct sockaddr_storage... $ECHO_C" >&6 13990echo $ECHO_N "checking for __ss_family field in struct sockaddr_storage... $ECHO_C" >&6
13263if test "${ac_cv_have___ss_family_in_struct_ss+set}" = set; then 13991if test "${ac_cv_have___ss_family_in_struct_ss+set}" = set; then
13264 echo $ECHO_N "(cached) $ECHO_C" >&6 13992 echo $ECHO_N "(cached) $ECHO_C" >&6
13265else 13993else
13266 13994
13267 cat >conftest.$ac_ext <<_ACEOF 13995 cat >conftest.$ac_ext <<_ACEOF
13268#line 13268 "configure" 13996#line 13996 "configure"
13269#include "confdefs.h" 13997#include "confdefs.h"
13270 13998
13271#include <sys/types.h> 13999#include <sys/types.h>
@@ -13280,16 +14008,16 @@ main ()
13280} 14008}
13281_ACEOF 14009_ACEOF
13282rm -f conftest.$ac_objext 14010rm -f conftest.$ac_objext
13283if { (eval echo "$as_me:13283: \"$ac_compile\"") >&5 14011if { (eval echo "$as_me:14011: \"$ac_compile\"") >&5
13284 (eval $ac_compile) 2>&5 14012 (eval $ac_compile) 2>&5
13285 ac_status=$? 14013 ac_status=$?
13286 echo "$as_me:13286: \$? = $ac_status" >&5 14014 echo "$as_me:14014: \$? = $ac_status" >&5
13287 (exit $ac_status); } && 14015 (exit $ac_status); } &&
13288 { ac_try='test -s conftest.$ac_objext' 14016 { ac_try='test -s conftest.$ac_objext'
13289 { (eval echo "$as_me:13289: \"$ac_try\"") >&5 14017 { (eval echo "$as_me:14017: \"$ac_try\"") >&5
13290 (eval $ac_try) 2>&5 14018 (eval $ac_try) 2>&5
13291 ac_status=$? 14019 ac_status=$?
13292 echo "$as_me:13292: \$? = $ac_status" >&5 14020 echo "$as_me:14020: \$? = $ac_status" >&5
13293 (exit $ac_status); }; }; then 14021 (exit $ac_status); }; }; then
13294 ac_cv_have___ss_family_in_struct_ss="yes" 14022 ac_cv_have___ss_family_in_struct_ss="yes"
13295else 14023else
@@ -13301,7 +14029,7 @@ fi
13301rm -f conftest.$ac_objext conftest.$ac_ext 14029rm -f conftest.$ac_objext conftest.$ac_ext
13302 14030
13303fi 14031fi
13304echo "$as_me:13304: result: $ac_cv_have___ss_family_in_struct_ss" >&5 14032echo "$as_me:14032: result: $ac_cv_have___ss_family_in_struct_ss" >&5
13305echo "${ECHO_T}$ac_cv_have___ss_family_in_struct_ss" >&6 14033echo "${ECHO_T}$ac_cv_have___ss_family_in_struct_ss" >&6
13306if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then 14034if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
13307 cat >>confdefs.h <<\EOF 14035 cat >>confdefs.h <<\EOF
@@ -13310,14 +14038,14 @@ EOF
13310 14038
13311fi 14039fi
13312 14040
13313echo "$as_me:13313: checking for pw_class field in struct passwd" >&5 14041echo "$as_me:14041: checking for pw_class field in struct passwd" >&5
13314echo $ECHO_N "checking for pw_class field in struct passwd... $ECHO_C" >&6 14042echo $ECHO_N "checking for pw_class field in struct passwd... $ECHO_C" >&6
13315if test "${ac_cv_have_pw_class_in_struct_passwd+set}" = set; then 14043if test "${ac_cv_have_pw_class_in_struct_passwd+set}" = set; then
13316 echo $ECHO_N "(cached) $ECHO_C" >&6 14044 echo $ECHO_N "(cached) $ECHO_C" >&6
13317else 14045else
13318 14046
13319 cat >conftest.$ac_ext <<_ACEOF 14047 cat >conftest.$ac_ext <<_ACEOF
13320#line 13320 "configure" 14048#line 14048 "configure"
13321#include "confdefs.h" 14049#include "confdefs.h"
13322 14050
13323#include <pwd.h> 14051#include <pwd.h>
@@ -13331,16 +14059,16 @@ main ()
13331} 14059}
13332_ACEOF 14060_ACEOF
13333rm -f conftest.$ac_objext 14061rm -f conftest.$ac_objext
13334if { (eval echo "$as_me:13334: \"$ac_compile\"") >&5 14062if { (eval echo "$as_me:14062: \"$ac_compile\"") >&5
13335 (eval $ac_compile) 2>&5 14063 (eval $ac_compile) 2>&5
13336 ac_status=$? 14064 ac_status=$?
13337 echo "$as_me:13337: \$? = $ac_status" >&5 14065 echo "$as_me:14065: \$? = $ac_status" >&5
13338 (exit $ac_status); } && 14066 (exit $ac_status); } &&
13339 { ac_try='test -s conftest.$ac_objext' 14067 { ac_try='test -s conftest.$ac_objext'
13340 { (eval echo "$as_me:13340: \"$ac_try\"") >&5 14068 { (eval echo "$as_me:14068: \"$ac_try\"") >&5
13341 (eval $ac_try) 2>&5 14069 (eval $ac_try) 2>&5
13342 ac_status=$? 14070 ac_status=$?
13343 echo "$as_me:13343: \$? = $ac_status" >&5 14071 echo "$as_me:14071: \$? = $ac_status" >&5
13344 (exit $ac_status); }; }; then 14072 (exit $ac_status); }; }; then
13345 ac_cv_have_pw_class_in_struct_passwd="yes" 14073 ac_cv_have_pw_class_in_struct_passwd="yes"
13346else 14074else
@@ -13352,7 +14080,7 @@ fi
13352rm -f conftest.$ac_objext conftest.$ac_ext 14080rm -f conftest.$ac_objext conftest.$ac_ext
13353 14081
13354fi 14082fi
13355echo "$as_me:13355: result: $ac_cv_have_pw_class_in_struct_passwd" >&5 14083echo "$as_me:14083: result: $ac_cv_have_pw_class_in_struct_passwd" >&5
13356echo "${ECHO_T}$ac_cv_have_pw_class_in_struct_passwd" >&6 14084echo "${ECHO_T}$ac_cv_have_pw_class_in_struct_passwd" >&6
13357if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then 14085if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
13358 cat >>confdefs.h <<\EOF 14086 cat >>confdefs.h <<\EOF
@@ -13361,14 +14089,14 @@ EOF
13361 14089
13362fi 14090fi
13363 14091
13364echo "$as_me:13364: checking for pw_expire field in struct passwd" >&5 14092echo "$as_me:14092: checking for pw_expire field in struct passwd" >&5
13365echo $ECHO_N "checking for pw_expire field in struct passwd... $ECHO_C" >&6 14093echo $ECHO_N "checking for pw_expire field in struct passwd... $ECHO_C" >&6
13366if test "${ac_cv_have_pw_expire_in_struct_passwd+set}" = set; then 14094if test "${ac_cv_have_pw_expire_in_struct_passwd+set}" = set; then
13367 echo $ECHO_N "(cached) $ECHO_C" >&6 14095 echo $ECHO_N "(cached) $ECHO_C" >&6
13368else 14096else
13369 14097
13370 cat >conftest.$ac_ext <<_ACEOF 14098 cat >conftest.$ac_ext <<_ACEOF
13371#line 13371 "configure" 14099#line 14099 "configure"
13372#include "confdefs.h" 14100#include "confdefs.h"
13373 14101
13374#include <pwd.h> 14102#include <pwd.h>
@@ -13382,16 +14110,16 @@ main ()
13382} 14110}
13383_ACEOF 14111_ACEOF
13384rm -f conftest.$ac_objext 14112rm -f conftest.$ac_objext
13385if { (eval echo "$as_me:13385: \"$ac_compile\"") >&5 14113if { (eval echo "$as_me:14113: \"$ac_compile\"") >&5
13386 (eval $ac_compile) 2>&5 14114 (eval $ac_compile) 2>&5
13387 ac_status=$? 14115 ac_status=$?
13388 echo "$as_me:13388: \$? = $ac_status" >&5 14116 echo "$as_me:14116: \$? = $ac_status" >&5
13389 (exit $ac_status); } && 14117 (exit $ac_status); } &&
13390 { ac_try='test -s conftest.$ac_objext' 14118 { ac_try='test -s conftest.$ac_objext'
13391 { (eval echo "$as_me:13391: \"$ac_try\"") >&5 14119 { (eval echo "$as_me:14119: \"$ac_try\"") >&5
13392 (eval $ac_try) 2>&5 14120 (eval $ac_try) 2>&5
13393 ac_status=$? 14121 ac_status=$?
13394 echo "$as_me:13394: \$? = $ac_status" >&5 14122 echo "$as_me:14122: \$? = $ac_status" >&5
13395 (exit $ac_status); }; }; then 14123 (exit $ac_status); }; }; then
13396 ac_cv_have_pw_expire_in_struct_passwd="yes" 14124 ac_cv_have_pw_expire_in_struct_passwd="yes"
13397else 14125else
@@ -13403,7 +14131,7 @@ fi
13403rm -f conftest.$ac_objext conftest.$ac_ext 14131rm -f conftest.$ac_objext conftest.$ac_ext
13404 14132
13405fi 14133fi
13406echo "$as_me:13406: result: $ac_cv_have_pw_expire_in_struct_passwd" >&5 14134echo "$as_me:14134: result: $ac_cv_have_pw_expire_in_struct_passwd" >&5
13407echo "${ECHO_T}$ac_cv_have_pw_expire_in_struct_passwd" >&6 14135echo "${ECHO_T}$ac_cv_have_pw_expire_in_struct_passwd" >&6
13408if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then 14136if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
13409 cat >>confdefs.h <<\EOF 14137 cat >>confdefs.h <<\EOF
@@ -13412,14 +14140,14 @@ EOF
13412 14140
13413fi 14141fi
13414 14142
13415echo "$as_me:13415: checking for pw_change field in struct passwd" >&5 14143echo "$as_me:14143: checking for pw_change field in struct passwd" >&5
13416echo $ECHO_N "checking for pw_change field in struct passwd... $ECHO_C" >&6 14144echo $ECHO_N "checking for pw_change field in struct passwd... $ECHO_C" >&6
13417if test "${ac_cv_have_pw_change_in_struct_passwd+set}" = set; then 14145if test "${ac_cv_have_pw_change_in_struct_passwd+set}" = set; then
13418 echo $ECHO_N "(cached) $ECHO_C" >&6 14146 echo $ECHO_N "(cached) $ECHO_C" >&6
13419else 14147else
13420 14148
13421 cat >conftest.$ac_ext <<_ACEOF 14149 cat >conftest.$ac_ext <<_ACEOF
13422#line 13422 "configure" 14150#line 14150 "configure"
13423#include "confdefs.h" 14151#include "confdefs.h"
13424 14152
13425#include <pwd.h> 14153#include <pwd.h>
@@ -13433,16 +14161,16 @@ main ()
13433} 14161}
13434_ACEOF 14162_ACEOF
13435rm -f conftest.$ac_objext 14163rm -f conftest.$ac_objext
13436if { (eval echo "$as_me:13436: \"$ac_compile\"") >&5 14164if { (eval echo "$as_me:14164: \"$ac_compile\"") >&5
13437 (eval $ac_compile) 2>&5 14165 (eval $ac_compile) 2>&5
13438 ac_status=$? 14166 ac_status=$?
13439 echo "$as_me:13439: \$? = $ac_status" >&5 14167 echo "$as_me:14167: \$? = $ac_status" >&5
13440 (exit $ac_status); } && 14168 (exit $ac_status); } &&
13441 { ac_try='test -s conftest.$ac_objext' 14169 { ac_try='test -s conftest.$ac_objext'
13442 { (eval echo "$as_me:13442: \"$ac_try\"") >&5 14170 { (eval echo "$as_me:14170: \"$ac_try\"") >&5
13443 (eval $ac_try) 2>&5 14171 (eval $ac_try) 2>&5
13444 ac_status=$? 14172 ac_status=$?
13445 echo "$as_me:13445: \$? = $ac_status" >&5 14173 echo "$as_me:14173: \$? = $ac_status" >&5
13446 (exit $ac_status); }; }; then 14174 (exit $ac_status); }; }; then
13447 ac_cv_have_pw_change_in_struct_passwd="yes" 14175 ac_cv_have_pw_change_in_struct_passwd="yes"
13448else 14176else
@@ -13454,7 +14182,7 @@ fi
13454rm -f conftest.$ac_objext conftest.$ac_ext 14182rm -f conftest.$ac_objext conftest.$ac_ext
13455 14183
13456fi 14184fi
13457echo "$as_me:13457: result: $ac_cv_have_pw_change_in_struct_passwd" >&5 14185echo "$as_me:14185: result: $ac_cv_have_pw_change_in_struct_passwd" >&5
13458echo "${ECHO_T}$ac_cv_have_pw_change_in_struct_passwd" >&6 14186echo "${ECHO_T}$ac_cv_have_pw_change_in_struct_passwd" >&6
13459if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then 14187if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
13460 cat >>confdefs.h <<\EOF 14188 cat >>confdefs.h <<\EOF
@@ -13463,19 +14191,19 @@ EOF
13463 14191
13464fi 14192fi
13465 14193
13466echo "$as_me:13466: checking for msg_accrights field in struct msghdr" >&5 14194echo "$as_me:14194: checking for msg_accrights field in struct msghdr" >&5
13467echo $ECHO_N "checking for msg_accrights field in struct msghdr... $ECHO_C" >&6 14195echo $ECHO_N "checking for msg_accrights field in struct msghdr... $ECHO_C" >&6
13468if test "${ac_cv_have_accrights_in_msghdr+set}" = set; then 14196if test "${ac_cv_have_accrights_in_msghdr+set}" = set; then
13469 echo $ECHO_N "(cached) $ECHO_C" >&6 14197 echo $ECHO_N "(cached) $ECHO_C" >&6
13470else 14198else
13471 14199
13472 if test "$cross_compiling" = yes; then 14200 if test "$cross_compiling" = yes; then
13473 { { echo "$as_me:13473: error: cannot run test program while cross compiling" >&5 14201 { { echo "$as_me:14201: error: cannot run test program while cross compiling" >&5
13474echo "$as_me: error: cannot run test program while cross compiling" >&2;} 14202echo "$as_me: error: cannot run test program while cross compiling" >&2;}
13475 { (exit 1); exit 1; }; } 14203 { (exit 1); exit 1; }; }
13476else 14204else
13477 cat >conftest.$ac_ext <<_ACEOF 14205 cat >conftest.$ac_ext <<_ACEOF
13478#line 13478 "configure" 14206#line 14206 "configure"
13479#include "confdefs.h" 14207#include "confdefs.h"
13480 14208
13481#include <sys/types.h> 14209#include <sys/types.h>
@@ -13492,15 +14220,15 @@ exit(0);
13492 14220
13493_ACEOF 14221_ACEOF
13494rm -f conftest$ac_exeext 14222rm -f conftest$ac_exeext
13495if { (eval echo "$as_me:13495: \"$ac_link\"") >&5 14223if { (eval echo "$as_me:14223: \"$ac_link\"") >&5
13496 (eval $ac_link) 2>&5 14224 (eval $ac_link) 2>&5
13497 ac_status=$? 14225 ac_status=$?
13498 echo "$as_me:13498: \$? = $ac_status" >&5 14226 echo "$as_me:14226: \$? = $ac_status" >&5
13499 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' 14227 (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
13500 { (eval echo "$as_me:13500: \"$ac_try\"") >&5 14228 { (eval echo "$as_me:14228: \"$ac_try\"") >&5
13501 (eval $ac_try) 2>&5 14229 (eval $ac_try) 2>&5
13502 ac_status=$? 14230 ac_status=$?
13503 echo "$as_me:13503: \$? = $ac_status" >&5 14231 echo "$as_me:14231: \$? = $ac_status" >&5
13504 (exit $ac_status); }; }; then 14232 (exit $ac_status); }; }; then
13505 ac_cv_have_accrights_in_msghdr="yes" 14233 ac_cv_have_accrights_in_msghdr="yes"
13506else 14234else
@@ -13514,7 +14242,7 @@ rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
13514fi 14242fi
13515 14243
13516fi 14244fi
13517echo "$as_me:13517: result: $ac_cv_have_accrights_in_msghdr" >&5 14245echo "$as_me:14245: result: $ac_cv_have_accrights_in_msghdr" >&5
13518echo "${ECHO_T}$ac_cv_have_accrights_in_msghdr" >&6 14246echo "${ECHO_T}$ac_cv_have_accrights_in_msghdr" >&6
13519if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then 14247if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
13520 cat >>confdefs.h <<\EOF 14248 cat >>confdefs.h <<\EOF
@@ -13523,19 +14251,19 @@ EOF
13523 14251
13524fi 14252fi
13525 14253
13526echo "$as_me:13526: checking for msg_control field in struct msghdr" >&5 14254echo "$as_me:14254: checking for msg_control field in struct msghdr" >&5
13527echo $ECHO_N "checking for msg_control field in struct msghdr... $ECHO_C" >&6 14255echo $ECHO_N "checking for msg_control field in struct msghdr... $ECHO_C" >&6
13528if test "${ac_cv_have_control_in_msghdr+set}" = set; then 14256if test "${ac_cv_have_control_in_msghdr+set}" = set; then
13529 echo $ECHO_N "(cached) $ECHO_C" >&6 14257 echo $ECHO_N "(cached) $ECHO_C" >&6
13530else 14258else
13531 14259
13532 if test "$cross_compiling" = yes; then 14260 if test "$cross_compiling" = yes; then
13533 { { echo "$as_me:13533: error: cannot run test program while cross compiling" >&5 14261 { { echo "$as_me:14261: error: cannot run test program while cross compiling" >&5
13534echo "$as_me: error: cannot run test program while cross compiling" >&2;} 14262echo "$as_me: error: cannot run test program while cross compiling" >&2;}
13535 { (exit 1); exit 1; }; } 14263 { (exit 1); exit 1; }; }
13536else 14264else
13537 cat >conftest.$ac_ext <<_ACEOF 14265 cat >conftest.$ac_ext <<_ACEOF
13538#line 13538 "configure" 14266#line 14266 "configure"
13539#include "confdefs.h" 14267#include "confdefs.h"
13540 14268
13541#include <sys/types.h> 14269#include <sys/types.h>
@@ -13552,15 +14280,15 @@ exit(0);
13552 14280
13553_ACEOF 14281_ACEOF
13554rm -f conftest$ac_exeext 14282rm -f conftest$ac_exeext
13555if { (eval echo "$as_me:13555: \"$ac_link\"") >&5 14283if { (eval echo "$as_me:14283: \"$ac_link\"") >&5
13556 (eval $ac_link) 2>&5 14284 (eval $ac_link) 2>&5
13557 ac_status=$? 14285 ac_status=$?
13558 echo "$as_me:13558: \$? = $ac_status" >&5 14286 echo "$as_me:14286: \$? = $ac_status" >&5
13559 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' 14287 (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
13560 { (eval echo "$as_me:13560: \"$ac_try\"") >&5 14288 { (eval echo "$as_me:14288: \"$ac_try\"") >&5
13561 (eval $ac_try) 2>&5 14289 (eval $ac_try) 2>&5
13562 ac_status=$? 14290 ac_status=$?
13563 echo "$as_me:13563: \$? = $ac_status" >&5 14291 echo "$as_me:14291: \$? = $ac_status" >&5
13564 (exit $ac_status); }; }; then 14292 (exit $ac_status); }; }; then
13565 ac_cv_have_control_in_msghdr="yes" 14293 ac_cv_have_control_in_msghdr="yes"
13566else 14294else
@@ -13574,7 +14302,7 @@ rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
13574fi 14302fi
13575 14303
13576fi 14304fi
13577echo "$as_me:13577: result: $ac_cv_have_control_in_msghdr" >&5 14305echo "$as_me:14305: result: $ac_cv_have_control_in_msghdr" >&5
13578echo "${ECHO_T}$ac_cv_have_control_in_msghdr" >&6 14306echo "${ECHO_T}$ac_cv_have_control_in_msghdr" >&6
13579if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then 14307if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
13580 cat >>confdefs.h <<\EOF 14308 cat >>confdefs.h <<\EOF
@@ -13583,14 +14311,14 @@ EOF
13583 14311
13584fi 14312fi
13585 14313
13586echo "$as_me:13586: checking if libc defines __progname" >&5 14314echo "$as_me:14314: checking if libc defines __progname" >&5
13587echo $ECHO_N "checking if libc defines __progname... $ECHO_C" >&6 14315echo $ECHO_N "checking if libc defines __progname... $ECHO_C" >&6
13588if test "${ac_cv_libc_defines___progname+set}" = set; then 14316if test "${ac_cv_libc_defines___progname+set}" = set; then
13589 echo $ECHO_N "(cached) $ECHO_C" >&6 14317 echo $ECHO_N "(cached) $ECHO_C" >&6
13590else 14318else
13591 14319
13592 cat >conftest.$ac_ext <<_ACEOF 14320 cat >conftest.$ac_ext <<_ACEOF
13593#line 13593 "configure" 14321#line 14321 "configure"
13594#include "confdefs.h" 14322#include "confdefs.h"
13595 14323
13596int 14324int
@@ -13602,16 +14330,16 @@ main ()
13602} 14330}
13603_ACEOF 14331_ACEOF
13604rm -f conftest.$ac_objext conftest$ac_exeext 14332rm -f conftest.$ac_objext conftest$ac_exeext
13605if { (eval echo "$as_me:13605: \"$ac_link\"") >&5 14333if { (eval echo "$as_me:14333: \"$ac_link\"") >&5
13606 (eval $ac_link) 2>&5 14334 (eval $ac_link) 2>&5
13607 ac_status=$? 14335 ac_status=$?
13608 echo "$as_me:13608: \$? = $ac_status" >&5 14336 echo "$as_me:14336: \$? = $ac_status" >&5
13609 (exit $ac_status); } && 14337 (exit $ac_status); } &&
13610 { ac_try='test -s conftest$ac_exeext' 14338 { ac_try='test -s conftest$ac_exeext'
13611 { (eval echo "$as_me:13611: \"$ac_try\"") >&5 14339 { (eval echo "$as_me:14339: \"$ac_try\"") >&5
13612 (eval $ac_try) 2>&5 14340 (eval $ac_try) 2>&5
13613 ac_status=$? 14341 ac_status=$?
13614 echo "$as_me:13614: \$? = $ac_status" >&5 14342 echo "$as_me:14342: \$? = $ac_status" >&5
13615 (exit $ac_status); }; }; then 14343 (exit $ac_status); }; }; then
13616 ac_cv_libc_defines___progname="yes" 14344 ac_cv_libc_defines___progname="yes"
13617else 14345else
@@ -13623,7 +14351,7 @@ fi
13623rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 14351rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
13624 14352
13625fi 14353fi
13626echo "$as_me:13626: result: $ac_cv_libc_defines___progname" >&5 14354echo "$as_me:14354: result: $ac_cv_libc_defines___progname" >&5
13627echo "${ECHO_T}$ac_cv_libc_defines___progname" >&6 14355echo "${ECHO_T}$ac_cv_libc_defines___progname" >&6
13628if test "x$ac_cv_libc_defines___progname" = "xyes" ; then 14356if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
13629 cat >>confdefs.h <<\EOF 14357 cat >>confdefs.h <<\EOF
@@ -13632,14 +14360,14 @@ EOF
13632 14360
13633fi 14361fi
13634 14362
13635echo "$as_me:13635: checking whether $CC implements __FUNCTION__" >&5 14363echo "$as_me:14363: checking whether $CC implements __FUNCTION__" >&5
13636echo $ECHO_N "checking whether $CC implements __FUNCTION__... $ECHO_C" >&6 14364echo $ECHO_N "checking whether $CC implements __FUNCTION__... $ECHO_C" >&6
13637if test "${ac_cv_cc_implements___FUNCTION__+set}" = set; then 14365if test "${ac_cv_cc_implements___FUNCTION__+set}" = set; then
13638 echo $ECHO_N "(cached) $ECHO_C" >&6 14366 echo $ECHO_N "(cached) $ECHO_C" >&6
13639else 14367else
13640 14368
13641 cat >conftest.$ac_ext <<_ACEOF 14369 cat >conftest.$ac_ext <<_ACEOF
13642#line 13642 "configure" 14370#line 14370 "configure"
13643#include "confdefs.h" 14371#include "confdefs.h"
13644 14372
13645#include <stdio.h> 14373#include <stdio.h>
@@ -13653,16 +14381,16 @@ main ()
13653} 14381}
13654_ACEOF 14382_ACEOF
13655rm -f conftest.$ac_objext conftest$ac_exeext 14383rm -f conftest.$ac_objext conftest$ac_exeext
13656if { (eval echo "$as_me:13656: \"$ac_link\"") >&5 14384if { (eval echo "$as_me:14384: \"$ac_link\"") >&5
13657 (eval $ac_link) 2>&5 14385 (eval $ac_link) 2>&5
13658 ac_status=$? 14386 ac_status=$?
13659 echo "$as_me:13659: \$? = $ac_status" >&5 14387 echo "$as_me:14387: \$? = $ac_status" >&5
13660 (exit $ac_status); } && 14388 (exit $ac_status); } &&
13661 { ac_try='test -s conftest$ac_exeext' 14389 { ac_try='test -s conftest$ac_exeext'
13662 { (eval echo "$as_me:13662: \"$ac_try\"") >&5 14390 { (eval echo "$as_me:14390: \"$ac_try\"") >&5
13663 (eval $ac_try) 2>&5 14391 (eval $ac_try) 2>&5
13664 ac_status=$? 14392 ac_status=$?
13665 echo "$as_me:13665: \$? = $ac_status" >&5 14393 echo "$as_me:14393: \$? = $ac_status" >&5
13666 (exit $ac_status); }; }; then 14394 (exit $ac_status); }; }; then
13667 ac_cv_cc_implements___FUNCTION__="yes" 14395 ac_cv_cc_implements___FUNCTION__="yes"
13668else 14396else
@@ -13674,7 +14402,7 @@ fi
13674rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 14402rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
13675 14403
13676fi 14404fi
13677echo "$as_me:13677: result: $ac_cv_cc_implements___FUNCTION__" >&5 14405echo "$as_me:14405: result: $ac_cv_cc_implements___FUNCTION__" >&5
13678echo "${ECHO_T}$ac_cv_cc_implements___FUNCTION__" >&6 14406echo "${ECHO_T}$ac_cv_cc_implements___FUNCTION__" >&6
13679if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then 14407if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
13680 cat >>confdefs.h <<\EOF 14408 cat >>confdefs.h <<\EOF
@@ -13683,14 +14411,14 @@ EOF
13683 14411
13684fi 14412fi
13685 14413
13686echo "$as_me:13686: checking whether $CC implements __func__" >&5 14414echo "$as_me:14414: checking whether $CC implements __func__" >&5
13687echo $ECHO_N "checking whether $CC implements __func__... $ECHO_C" >&6 14415echo $ECHO_N "checking whether $CC implements __func__... $ECHO_C" >&6
13688if test "${ac_cv_cc_implements___func__+set}" = set; then 14416if test "${ac_cv_cc_implements___func__+set}" = set; then
13689 echo $ECHO_N "(cached) $ECHO_C" >&6 14417 echo $ECHO_N "(cached) $ECHO_C" >&6
13690else 14418else
13691 14419
13692 cat >conftest.$ac_ext <<_ACEOF 14420 cat >conftest.$ac_ext <<_ACEOF
13693#line 13693 "configure" 14421#line 14421 "configure"
13694#include "confdefs.h" 14422#include "confdefs.h"
13695 14423
13696#include <stdio.h> 14424#include <stdio.h>
@@ -13704,16 +14432,16 @@ main ()
13704} 14432}
13705_ACEOF 14433_ACEOF
13706rm -f conftest.$ac_objext conftest$ac_exeext 14434rm -f conftest.$ac_objext conftest$ac_exeext
13707if { (eval echo "$as_me:13707: \"$ac_link\"") >&5 14435if { (eval echo "$as_me:14435: \"$ac_link\"") >&5
13708 (eval $ac_link) 2>&5 14436 (eval $ac_link) 2>&5
13709 ac_status=$? 14437 ac_status=$?
13710 echo "$as_me:13710: \$? = $ac_status" >&5 14438 echo "$as_me:14438: \$? = $ac_status" >&5
13711 (exit $ac_status); } && 14439 (exit $ac_status); } &&
13712 { ac_try='test -s conftest$ac_exeext' 14440 { ac_try='test -s conftest$ac_exeext'
13713 { (eval echo "$as_me:13713: \"$ac_try\"") >&5 14441 { (eval echo "$as_me:14441: \"$ac_try\"") >&5
13714 (eval $ac_try) 2>&5 14442 (eval $ac_try) 2>&5
13715 ac_status=$? 14443 ac_status=$?
13716 echo "$as_me:13716: \$? = $ac_status" >&5 14444 echo "$as_me:14444: \$? = $ac_status" >&5
13717 (exit $ac_status); }; }; then 14445 (exit $ac_status); }; }; then
13718 ac_cv_cc_implements___func__="yes" 14446 ac_cv_cc_implements___func__="yes"
13719else 14447else
@@ -13725,7 +14453,7 @@ fi
13725rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 14453rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
13726 14454
13727fi 14455fi
13728echo "$as_me:13728: result: $ac_cv_cc_implements___func__" >&5 14456echo "$as_me:14456: result: $ac_cv_cc_implements___func__" >&5
13729echo "${ECHO_T}$ac_cv_cc_implements___func__" >&6 14457echo "${ECHO_T}$ac_cv_cc_implements___func__" >&6
13730if test "x$ac_cv_cc_implements___func__" = "xyes" ; then 14458if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
13731 cat >>confdefs.h <<\EOF 14459 cat >>confdefs.h <<\EOF
@@ -13734,14 +14462,14 @@ EOF
13734 14462
13735fi 14463fi
13736 14464
13737echo "$as_me:13737: checking whether getopt has optreset support" >&5 14465echo "$as_me:14465: checking whether getopt has optreset support" >&5
13738echo $ECHO_N "checking whether getopt has optreset support... $ECHO_C" >&6 14466echo $ECHO_N "checking whether getopt has optreset support... $ECHO_C" >&6
13739if test "${ac_cv_have_getopt_optreset+set}" = set; then 14467if test "${ac_cv_have_getopt_optreset+set}" = set; then
13740 echo $ECHO_N "(cached) $ECHO_C" >&6 14468 echo $ECHO_N "(cached) $ECHO_C" >&6
13741else 14469else
13742 14470
13743 cat >conftest.$ac_ext <<_ACEOF 14471 cat >conftest.$ac_ext <<_ACEOF
13744#line 13744 "configure" 14472#line 14472 "configure"
13745#include "confdefs.h" 14473#include "confdefs.h"
13746 14474
13747#include <getopt.h> 14475#include <getopt.h>
@@ -13755,16 +14483,16 @@ main ()
13755} 14483}
13756_ACEOF 14484_ACEOF
13757rm -f conftest.$ac_objext conftest$ac_exeext 14485rm -f conftest.$ac_objext conftest$ac_exeext
13758if { (eval echo "$as_me:13758: \"$ac_link\"") >&5 14486if { (eval echo "$as_me:14486: \"$ac_link\"") >&5
13759 (eval $ac_link) 2>&5 14487 (eval $ac_link) 2>&5
13760 ac_status=$? 14488 ac_status=$?
13761 echo "$as_me:13761: \$? = $ac_status" >&5 14489 echo "$as_me:14489: \$? = $ac_status" >&5
13762 (exit $ac_status); } && 14490 (exit $ac_status); } &&
13763 { ac_try='test -s conftest$ac_exeext' 14491 { ac_try='test -s conftest$ac_exeext'
13764 { (eval echo "$as_me:13764: \"$ac_try\"") >&5 14492 { (eval echo "$as_me:14492: \"$ac_try\"") >&5
13765 (eval $ac_try) 2>&5 14493 (eval $ac_try) 2>&5
13766 ac_status=$? 14494 ac_status=$?
13767 echo "$as_me:13767: \$? = $ac_status" >&5 14495 echo "$as_me:14495: \$? = $ac_status" >&5
13768 (exit $ac_status); }; }; then 14496 (exit $ac_status); }; }; then
13769 ac_cv_have_getopt_optreset="yes" 14497 ac_cv_have_getopt_optreset="yes"
13770else 14498else
@@ -13776,7 +14504,7 @@ fi
13776rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 14504rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
13777 14505
13778fi 14506fi
13779echo "$as_me:13779: result: $ac_cv_have_getopt_optreset" >&5 14507echo "$as_me:14507: result: $ac_cv_have_getopt_optreset" >&5
13780echo "${ECHO_T}$ac_cv_have_getopt_optreset" >&6 14508echo "${ECHO_T}$ac_cv_have_getopt_optreset" >&6
13781if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then 14509if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
13782 cat >>confdefs.h <<\EOF 14510 cat >>confdefs.h <<\EOF
@@ -13785,14 +14513,14 @@ EOF
13785 14513
13786fi 14514fi
13787 14515
13788echo "$as_me:13788: checking if libc defines sys_errlist" >&5 14516echo "$as_me:14516: checking if libc defines sys_errlist" >&5
13789echo $ECHO_N "checking if libc defines sys_errlist... $ECHO_C" >&6 14517echo $ECHO_N "checking if libc defines sys_errlist... $ECHO_C" >&6
13790if test "${ac_cv_libc_defines_sys_errlist+set}" = set; then 14518if test "${ac_cv_libc_defines_sys_errlist+set}" = set; then
13791 echo $ECHO_N "(cached) $ECHO_C" >&6 14519 echo $ECHO_N "(cached) $ECHO_C" >&6
13792else 14520else
13793 14521
13794 cat >conftest.$ac_ext <<_ACEOF 14522 cat >conftest.$ac_ext <<_ACEOF
13795#line 13795 "configure" 14523#line 14523 "configure"
13796#include "confdefs.h" 14524#include "confdefs.h"
13797 14525
13798int 14526int
@@ -13804,16 +14532,16 @@ main ()
13804} 14532}
13805_ACEOF 14533_ACEOF
13806rm -f conftest.$ac_objext conftest$ac_exeext 14534rm -f conftest.$ac_objext conftest$ac_exeext
13807if { (eval echo "$as_me:13807: \"$ac_link\"") >&5 14535if { (eval echo "$as_me:14535: \"$ac_link\"") >&5
13808 (eval $ac_link) 2>&5 14536 (eval $ac_link) 2>&5
13809 ac_status=$? 14537 ac_status=$?
13810 echo "$as_me:13810: \$? = $ac_status" >&5 14538 echo "$as_me:14538: \$? = $ac_status" >&5
13811 (exit $ac_status); } && 14539 (exit $ac_status); } &&
13812 { ac_try='test -s conftest$ac_exeext' 14540 { ac_try='test -s conftest$ac_exeext'
13813 { (eval echo "$as_me:13813: \"$ac_try\"") >&5 14541 { (eval echo "$as_me:14541: \"$ac_try\"") >&5
13814 (eval $ac_try) 2>&5 14542 (eval $ac_try) 2>&5
13815 ac_status=$? 14543 ac_status=$?
13816 echo "$as_me:13816: \$? = $ac_status" >&5 14544 echo "$as_me:14544: \$? = $ac_status" >&5
13817 (exit $ac_status); }; }; then 14545 (exit $ac_status); }; }; then
13818 ac_cv_libc_defines_sys_errlist="yes" 14546 ac_cv_libc_defines_sys_errlist="yes"
13819else 14547else
@@ -13825,7 +14553,7 @@ fi
13825rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 14553rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
13826 14554
13827fi 14555fi
13828echo "$as_me:13828: result: $ac_cv_libc_defines_sys_errlist" >&5 14556echo "$as_me:14556: result: $ac_cv_libc_defines_sys_errlist" >&5
13829echo "${ECHO_T}$ac_cv_libc_defines_sys_errlist" >&6 14557echo "${ECHO_T}$ac_cv_libc_defines_sys_errlist" >&6
13830if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then 14558if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
13831 cat >>confdefs.h <<\EOF 14559 cat >>confdefs.h <<\EOF
@@ -13834,14 +14562,14 @@ EOF
13834 14562
13835fi 14563fi
13836 14564
13837echo "$as_me:13837: checking if libc defines sys_nerr" >&5 14565echo "$as_me:14565: checking if libc defines sys_nerr" >&5
13838echo $ECHO_N "checking if libc defines sys_nerr... $ECHO_C" >&6 14566echo $ECHO_N "checking if libc defines sys_nerr... $ECHO_C" >&6
13839if test "${ac_cv_libc_defines_sys_nerr+set}" = set; then 14567if test "${ac_cv_libc_defines_sys_nerr+set}" = set; then
13840 echo $ECHO_N "(cached) $ECHO_C" >&6 14568 echo $ECHO_N "(cached) $ECHO_C" >&6
13841else 14569else
13842 14570
13843 cat >conftest.$ac_ext <<_ACEOF 14571 cat >conftest.$ac_ext <<_ACEOF
13844#line 13844 "configure" 14572#line 14572 "configure"
13845#include "confdefs.h" 14573#include "confdefs.h"
13846 14574
13847int 14575int
@@ -13853,16 +14581,16 @@ main ()
13853} 14581}
13854_ACEOF 14582_ACEOF
13855rm -f conftest.$ac_objext conftest$ac_exeext 14583rm -f conftest.$ac_objext conftest$ac_exeext
13856if { (eval echo "$as_me:13856: \"$ac_link\"") >&5 14584if { (eval echo "$as_me:14584: \"$ac_link\"") >&5
13857 (eval $ac_link) 2>&5 14585 (eval $ac_link) 2>&5
13858 ac_status=$? 14586 ac_status=$?
13859 echo "$as_me:13859: \$? = $ac_status" >&5 14587 echo "$as_me:14587: \$? = $ac_status" >&5
13860 (exit $ac_status); } && 14588 (exit $ac_status); } &&
13861 { ac_try='test -s conftest$ac_exeext' 14589 { ac_try='test -s conftest$ac_exeext'
13862 { (eval echo "$as_me:13862: \"$ac_try\"") >&5 14590 { (eval echo "$as_me:14590: \"$ac_try\"") >&5
13863 (eval $ac_try) 2>&5 14591 (eval $ac_try) 2>&5
13864 ac_status=$? 14592 ac_status=$?
13865 echo "$as_me:13865: \$? = $ac_status" >&5 14593 echo "$as_me:14593: \$? = $ac_status" >&5
13866 (exit $ac_status); }; }; then 14594 (exit $ac_status); }; }; then
13867 ac_cv_libc_defines_sys_nerr="yes" 14595 ac_cv_libc_defines_sys_nerr="yes"
13868else 14596else
@@ -13874,7 +14602,7 @@ fi
13874rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 14602rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
13875 14603
13876fi 14604fi
13877echo "$as_me:13877: result: $ac_cv_libc_defines_sys_nerr" >&5 14605echo "$as_me:14605: result: $ac_cv_libc_defines_sys_nerr" >&5
13878echo "${ECHO_T}$ac_cv_libc_defines_sys_nerr" >&6 14606echo "${ECHO_T}$ac_cv_libc_defines_sys_nerr" >&6
13879if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then 14607if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
13880 cat >>confdefs.h <<\EOF 14608 cat >>confdefs.h <<\EOF
@@ -13905,23 +14633,23 @@ if test "${with_sectok+set}" = set; then
13905for ac_header in sectok.h 14633for ac_header in sectok.h
13906do 14634do
13907as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` 14635as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
13908echo "$as_me:13908: checking for $ac_header" >&5 14636echo "$as_me:14636: checking for $ac_header" >&5
13909echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 14637echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
13910if eval "test \"\${$as_ac_Header+set}\" = set"; then 14638if eval "test \"\${$as_ac_Header+set}\" = set"; then
13911 echo $ECHO_N "(cached) $ECHO_C" >&6 14639 echo $ECHO_N "(cached) $ECHO_C" >&6
13912else 14640else
13913 cat >conftest.$ac_ext <<_ACEOF 14641 cat >conftest.$ac_ext <<_ACEOF
13914#line 13914 "configure" 14642#line 14642 "configure"
13915#include "confdefs.h" 14643#include "confdefs.h"
13916#include <$ac_header> 14644#include <$ac_header>
13917_ACEOF 14645_ACEOF
13918if { (eval echo "$as_me:13918: \"$ac_cpp conftest.$ac_ext\"") >&5 14646if { (eval echo "$as_me:14646: \"$ac_cpp conftest.$ac_ext\"") >&5
13919 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 14647 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
13920 ac_status=$? 14648 ac_status=$?
13921 egrep -v '^ *\+' conftest.er1 >conftest.err 14649 egrep -v '^ *\+' conftest.er1 >conftest.err
13922 rm -f conftest.er1 14650 rm -f conftest.er1
13923 cat conftest.err >&5 14651 cat conftest.err >&5
13924 echo "$as_me:13924: \$? = $ac_status" >&5 14652 echo "$as_me:14652: \$? = $ac_status" >&5
13925 (exit $ac_status); } >/dev/null; then 14653 (exit $ac_status); } >/dev/null; then
13926 if test -s conftest.err; then 14654 if test -s conftest.err; then
13927 ac_cpp_err=$ac_c_preproc_warn_flag 14655 ac_cpp_err=$ac_c_preproc_warn_flag
@@ -13940,7 +14668,7 @@ else
13940fi 14668fi
13941rm -f conftest.err conftest.$ac_ext 14669rm -f conftest.err conftest.$ac_ext
13942fi 14670fi
13943echo "$as_me:13943: result: `eval echo '${'$as_ac_Header'}'`" >&5 14671echo "$as_me:14671: result: `eval echo '${'$as_ac_Header'}'`" >&5
13944echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 14672echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
13945if test `eval echo '${'$as_ac_Header'}'` = yes; then 14673if test `eval echo '${'$as_ac_Header'}'` = yes; then
13946 cat >>confdefs.h <<EOF 14674 cat >>confdefs.h <<EOF
@@ -13951,12 +14679,12 @@ fi
13951done 14679done
13952 14680
13953 if test "$ac_cv_header_sectok_h" != yes; then 14681 if test "$ac_cv_header_sectok_h" != yes; then
13954 { { echo "$as_me:13954: error: Can't find sectok.h" >&5 14682 { { echo "$as_me:14682: error: Can't find sectok.h" >&5
13955echo "$as_me: error: Can't find sectok.h" >&2;} 14683echo "$as_me: error: Can't find sectok.h" >&2;}
13956 { (exit 1); exit 1; }; } 14684 { (exit 1); exit 1; }; }
13957 fi 14685 fi
13958 14686
13959echo "$as_me:13959: checking for sectok_open in -lsectok" >&5 14687echo "$as_me:14687: checking for sectok_open in -lsectok" >&5
13960echo $ECHO_N "checking for sectok_open in -lsectok... $ECHO_C" >&6 14688echo $ECHO_N "checking for sectok_open in -lsectok... $ECHO_C" >&6
13961if test "${ac_cv_lib_sectok_sectok_open+set}" = set; then 14689if test "${ac_cv_lib_sectok_sectok_open+set}" = set; then
13962 echo $ECHO_N "(cached) $ECHO_C" >&6 14690 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -13964,7 +14692,7 @@ else
13964 ac_check_lib_save_LIBS=$LIBS 14692 ac_check_lib_save_LIBS=$LIBS
13965LIBS="-lsectok $LIBS" 14693LIBS="-lsectok $LIBS"
13966cat >conftest.$ac_ext <<_ACEOF 14694cat >conftest.$ac_ext <<_ACEOF
13967#line 13967 "configure" 14695#line 14695 "configure"
13968#include "confdefs.h" 14696#include "confdefs.h"
13969 14697
13970/* Override any gcc2 internal prototype to avoid an error. */ 14698/* Override any gcc2 internal prototype to avoid an error. */
@@ -13983,16 +14711,16 @@ sectok_open ();
13983} 14711}
13984_ACEOF 14712_ACEOF
13985rm -f conftest.$ac_objext conftest$ac_exeext 14713rm -f conftest.$ac_objext conftest$ac_exeext
13986if { (eval echo "$as_me:13986: \"$ac_link\"") >&5 14714if { (eval echo "$as_me:14714: \"$ac_link\"") >&5
13987 (eval $ac_link) 2>&5 14715 (eval $ac_link) 2>&5
13988 ac_status=$? 14716 ac_status=$?
13989 echo "$as_me:13989: \$? = $ac_status" >&5 14717 echo "$as_me:14717: \$? = $ac_status" >&5
13990 (exit $ac_status); } && 14718 (exit $ac_status); } &&
13991 { ac_try='test -s conftest$ac_exeext' 14719 { ac_try='test -s conftest$ac_exeext'
13992 { (eval echo "$as_me:13992: \"$ac_try\"") >&5 14720 { (eval echo "$as_me:14720: \"$ac_try\"") >&5
13993 (eval $ac_try) 2>&5 14721 (eval $ac_try) 2>&5
13994 ac_status=$? 14722 ac_status=$?
13995 echo "$as_me:13995: \$? = $ac_status" >&5 14723 echo "$as_me:14723: \$? = $ac_status" >&5
13996 (exit $ac_status); }; }; then 14724 (exit $ac_status); }; }; then
13997 ac_cv_lib_sectok_sectok_open=yes 14725 ac_cv_lib_sectok_sectok_open=yes
13998else 14726else
@@ -14003,7 +14731,7 @@ fi
14003rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 14731rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
14004LIBS=$ac_check_lib_save_LIBS 14732LIBS=$ac_check_lib_save_LIBS
14005fi 14733fi
14006echo "$as_me:14006: result: $ac_cv_lib_sectok_sectok_open" >&5 14734echo "$as_me:14734: result: $ac_cv_lib_sectok_sectok_open" >&5
14007echo "${ECHO_T}$ac_cv_lib_sectok_sectok_open" >&6 14735echo "${ECHO_T}$ac_cv_lib_sectok_sectok_open" >&6
14008if test $ac_cv_lib_sectok_sectok_open = yes; then 14736if test $ac_cv_lib_sectok_sectok_open = yes; then
14009 cat >>confdefs.h <<EOF 14737 cat >>confdefs.h <<EOF
@@ -14015,7 +14743,7 @@ EOF
14015fi 14743fi
14016 14744
14017 if test "$ac_cv_lib_sectok_sectok_open" != yes; then 14745 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
14018 { { echo "$as_me:14018: error: Can't find libsectok" >&5 14746 { { echo "$as_me:14746: error: Can't find libsectok" >&5
14019echo "$as_me: error: Can't find libsectok" >&2;} 14747echo "$as_me: error: Can't find libsectok" >&2;}
14020 { (exit 1); exit 1; }; } 14748 { (exit 1); exit 1; }; }
14021 fi 14749 fi
@@ -14045,7 +14773,7 @@ if test x$opensc_config_prefix != x ; then
14045 OPENSC_CONFIG=$opensc_config_prefix/bin/opensc-config 14773 OPENSC_CONFIG=$opensc_config_prefix/bin/opensc-config
14046 # Extract the first word of "opensc-config", so it can be a program name with args. 14774 # Extract the first word of "opensc-config", so it can be a program name with args.
14047set dummy opensc-config; ac_word=$2 14775set dummy opensc-config; ac_word=$2
14048echo "$as_me:14048: checking for $ac_word" >&5 14776echo "$as_me:14776: checking for $ac_word" >&5
14049echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 14777echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
14050if test "${ac_cv_path_OPENSC_CONFIG+set}" = set; then 14778if test "${ac_cv_path_OPENSC_CONFIG+set}" = set; then
14051 echo $ECHO_N "(cached) $ECHO_C" >&6 14779 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -14062,7 +14790,7 @@ for ac_dir in $ac_dummy; do
14062 test -z "$ac_dir" && ac_dir=. 14790 test -z "$ac_dir" && ac_dir=.
14063 if $as_executable_p "$ac_dir/$ac_word"; then 14791 if $as_executable_p "$ac_dir/$ac_word"; then
14064 ac_cv_path_OPENSC_CONFIG="$ac_dir/$ac_word" 14792 ac_cv_path_OPENSC_CONFIG="$ac_dir/$ac_word"
14065 echo "$as_me:14065: found $ac_dir/$ac_word" >&5 14793 echo "$as_me:14793: found $ac_dir/$ac_word" >&5
14066 break 14794 break
14067fi 14795fi
14068done 14796done
@@ -14074,10 +14802,10 @@ fi
14074OPENSC_CONFIG=$ac_cv_path_OPENSC_CONFIG 14802OPENSC_CONFIG=$ac_cv_path_OPENSC_CONFIG
14075 14803
14076if test -n "$OPENSC_CONFIG"; then 14804if test -n "$OPENSC_CONFIG"; then
14077 echo "$as_me:14077: result: $OPENSC_CONFIG" >&5 14805 echo "$as_me:14805: result: $OPENSC_CONFIG" >&5
14078echo "${ECHO_T}$OPENSC_CONFIG" >&6 14806echo "${ECHO_T}$OPENSC_CONFIG" >&6
14079else 14807else
14080 echo "$as_me:14080: result: no" >&5 14808 echo "$as_me:14808: result: no" >&5
14081echo "${ECHO_T}no" >&6 14809echo "${ECHO_T}no" >&6
14082fi 14810fi
14083 14811
@@ -14098,20 +14826,8 @@ EOF
14098 fi 14826 fi
14099fi 14827fi
14100 14828
14101# Check whether user wants DNS support 14829# Check libraries needed by DNS fingerprint support
14102DNS_MSG="no" 14830echo "$as_me:14830: checking for library containing getrrsetbyname" >&5
14103
14104# Check whether --with-dns or --without-dns was given.
14105if test "${with_dns+set}" = set; then
14106 withval="$with_dns"
14107
14108 if test "x$withval" != "xno" ; then
14109 DNS_MSG="yes"
14110 cat >>confdefs.h <<\EOF
14111#define DNS 1
14112EOF
14113
14114 echo "$as_me:14114: checking for library containing getrrsetbyname" >&5
14115echo $ECHO_N "checking for library containing getrrsetbyname... $ECHO_C" >&6 14831echo $ECHO_N "checking for library containing getrrsetbyname... $ECHO_C" >&6
14116if test "${ac_cv_search_getrrsetbyname+set}" = set; then 14832if test "${ac_cv_search_getrrsetbyname+set}" = set; then
14117 echo $ECHO_N "(cached) $ECHO_C" >&6 14833 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -14119,7 +14835,7 @@ else
14119 ac_func_search_save_LIBS=$LIBS 14835 ac_func_search_save_LIBS=$LIBS
14120ac_cv_search_getrrsetbyname=no 14836ac_cv_search_getrrsetbyname=no
14121cat >conftest.$ac_ext <<_ACEOF 14837cat >conftest.$ac_ext <<_ACEOF
14122#line 14122 "configure" 14838#line 14838 "configure"
14123#include "confdefs.h" 14839#include "confdefs.h"
14124 14840
14125/* Override any gcc2 internal prototype to avoid an error. */ 14841/* Override any gcc2 internal prototype to avoid an error. */
@@ -14138,16 +14854,16 @@ getrrsetbyname ();
14138} 14854}
14139_ACEOF 14855_ACEOF
14140rm -f conftest.$ac_objext conftest$ac_exeext 14856rm -f conftest.$ac_objext conftest$ac_exeext
14141if { (eval echo "$as_me:14141: \"$ac_link\"") >&5 14857if { (eval echo "$as_me:14857: \"$ac_link\"") >&5
14142 (eval $ac_link) 2>&5 14858 (eval $ac_link) 2>&5
14143 ac_status=$? 14859 ac_status=$?
14144 echo "$as_me:14144: \$? = $ac_status" >&5 14860 echo "$as_me:14860: \$? = $ac_status" >&5
14145 (exit $ac_status); } && 14861 (exit $ac_status); } &&
14146 { ac_try='test -s conftest$ac_exeext' 14862 { ac_try='test -s conftest$ac_exeext'
14147 { (eval echo "$as_me:14147: \"$ac_try\"") >&5 14863 { (eval echo "$as_me:14863: \"$ac_try\"") >&5
14148 (eval $ac_try) 2>&5 14864 (eval $ac_try) 2>&5
14149 ac_status=$? 14865 ac_status=$?
14150 echo "$as_me:14150: \$? = $ac_status" >&5 14866 echo "$as_me:14866: \$? = $ac_status" >&5
14151 (exit $ac_status); }; }; then 14867 (exit $ac_status); }; }; then
14152 ac_cv_search_getrrsetbyname="none required" 14868 ac_cv_search_getrrsetbyname="none required"
14153else 14869else
@@ -14159,7 +14875,7 @@ if test "$ac_cv_search_getrrsetbyname" = no; then
14159 for ac_lib in resolv; do 14875 for ac_lib in resolv; do
14160 LIBS="-l$ac_lib $ac_func_search_save_LIBS" 14876 LIBS="-l$ac_lib $ac_func_search_save_LIBS"
14161 cat >conftest.$ac_ext <<_ACEOF 14877 cat >conftest.$ac_ext <<_ACEOF
14162#line 14162 "configure" 14878#line 14878 "configure"
14163#include "confdefs.h" 14879#include "confdefs.h"
14164 14880
14165/* Override any gcc2 internal prototype to avoid an error. */ 14881/* Override any gcc2 internal prototype to avoid an error. */
@@ -14178,16 +14894,16 @@ getrrsetbyname ();
14178} 14894}
14179_ACEOF 14895_ACEOF
14180rm -f conftest.$ac_objext conftest$ac_exeext 14896rm -f conftest.$ac_objext conftest$ac_exeext
14181if { (eval echo "$as_me:14181: \"$ac_link\"") >&5 14897if { (eval echo "$as_me:14897: \"$ac_link\"") >&5
14182 (eval $ac_link) 2>&5 14898 (eval $ac_link) 2>&5
14183 ac_status=$? 14899 ac_status=$?
14184 echo "$as_me:14184: \$? = $ac_status" >&5 14900 echo "$as_me:14900: \$? = $ac_status" >&5
14185 (exit $ac_status); } && 14901 (exit $ac_status); } &&
14186 { ac_try='test -s conftest$ac_exeext' 14902 { ac_try='test -s conftest$ac_exeext'
14187 { (eval echo "$as_me:14187: \"$ac_try\"") >&5 14903 { (eval echo "$as_me:14903: \"$ac_try\"") >&5
14188 (eval $ac_try) 2>&5 14904 (eval $ac_try) 2>&5
14189 ac_status=$? 14905 ac_status=$?
14190 echo "$as_me:14190: \$? = $ac_status" >&5 14906 echo "$as_me:14906: \$? = $ac_status" >&5
14191 (exit $ac_status); }; }; then 14907 (exit $ac_status); }; }; then
14192 ac_cv_search_getrrsetbyname="-l$ac_lib" 14908 ac_cv_search_getrrsetbyname="-l$ac_lib"
14193break 14909break
@@ -14200,7 +14916,7 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
14200fi 14916fi
14201LIBS=$ac_func_search_save_LIBS 14917LIBS=$ac_func_search_save_LIBS
14202fi 14918fi
14203echo "$as_me:14203: result: $ac_cv_search_getrrsetbyname" >&5 14919echo "$as_me:14919: result: $ac_cv_search_getrrsetbyname" >&5
14204echo "${ECHO_T}$ac_cv_search_getrrsetbyname" >&6 14920echo "${ECHO_T}$ac_cv_search_getrrsetbyname" >&6
14205if test "$ac_cv_search_getrrsetbyname" != no; then 14921if test "$ac_cv_search_getrrsetbyname" != no; then
14206 test "$ac_cv_search_getrrsetbyname" = "none required" || LIBS="$ac_cv_search_getrrsetbyname $LIBS" 14922 test "$ac_cv_search_getrrsetbyname" = "none required" || LIBS="$ac_cv_search_getrrsetbyname $LIBS"
@@ -14210,8 +14926,8 @@ EOF
14210 14926
14211else 14927else
14212 14928
14213 # Needed by our getrrsetbyname() 14929 # Needed by our getrrsetbyname()
14214 echo "$as_me:14214: checking for library containing res_query" >&5 14930 echo "$as_me:14930: checking for library containing res_query" >&5
14215echo $ECHO_N "checking for library containing res_query... $ECHO_C" >&6 14931echo $ECHO_N "checking for library containing res_query... $ECHO_C" >&6
14216if test "${ac_cv_search_res_query+set}" = set; then 14932if test "${ac_cv_search_res_query+set}" = set; then
14217 echo $ECHO_N "(cached) $ECHO_C" >&6 14933 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -14219,7 +14935,7 @@ else
14219 ac_func_search_save_LIBS=$LIBS 14935 ac_func_search_save_LIBS=$LIBS
14220ac_cv_search_res_query=no 14936ac_cv_search_res_query=no
14221cat >conftest.$ac_ext <<_ACEOF 14937cat >conftest.$ac_ext <<_ACEOF
14222#line 14222 "configure" 14938#line 14938 "configure"
14223#include "confdefs.h" 14939#include "confdefs.h"
14224 14940
14225/* Override any gcc2 internal prototype to avoid an error. */ 14941/* Override any gcc2 internal prototype to avoid an error. */
@@ -14238,16 +14954,16 @@ res_query ();
14238} 14954}
14239_ACEOF 14955_ACEOF
14240rm -f conftest.$ac_objext conftest$ac_exeext 14956rm -f conftest.$ac_objext conftest$ac_exeext
14241if { (eval echo "$as_me:14241: \"$ac_link\"") >&5 14957if { (eval echo "$as_me:14957: \"$ac_link\"") >&5
14242 (eval $ac_link) 2>&5 14958 (eval $ac_link) 2>&5
14243 ac_status=$? 14959 ac_status=$?
14244 echo "$as_me:14244: \$? = $ac_status" >&5 14960 echo "$as_me:14960: \$? = $ac_status" >&5
14245 (exit $ac_status); } && 14961 (exit $ac_status); } &&
14246 { ac_try='test -s conftest$ac_exeext' 14962 { ac_try='test -s conftest$ac_exeext'
14247 { (eval echo "$as_me:14247: \"$ac_try\"") >&5 14963 { (eval echo "$as_me:14963: \"$ac_try\"") >&5
14248 (eval $ac_try) 2>&5 14964 (eval $ac_try) 2>&5
14249 ac_status=$? 14965 ac_status=$?
14250 echo "$as_me:14250: \$? = $ac_status" >&5 14966 echo "$as_me:14966: \$? = $ac_status" >&5
14251 (exit $ac_status); }; }; then 14967 (exit $ac_status); }; }; then
14252 ac_cv_search_res_query="none required" 14968 ac_cv_search_res_query="none required"
14253else 14969else
@@ -14259,7 +14975,7 @@ if test "$ac_cv_search_res_query" = no; then
14259 for ac_lib in resolv; do 14975 for ac_lib in resolv; do
14260 LIBS="-l$ac_lib $ac_func_search_save_LIBS" 14976 LIBS="-l$ac_lib $ac_func_search_save_LIBS"
14261 cat >conftest.$ac_ext <<_ACEOF 14977 cat >conftest.$ac_ext <<_ACEOF
14262#line 14262 "configure" 14978#line 14978 "configure"
14263#include "confdefs.h" 14979#include "confdefs.h"
14264 14980
14265/* Override any gcc2 internal prototype to avoid an error. */ 14981/* Override any gcc2 internal prototype to avoid an error. */
@@ -14278,16 +14994,16 @@ res_query ();
14278} 14994}
14279_ACEOF 14995_ACEOF
14280rm -f conftest.$ac_objext conftest$ac_exeext 14996rm -f conftest.$ac_objext conftest$ac_exeext
14281if { (eval echo "$as_me:14281: \"$ac_link\"") >&5 14997if { (eval echo "$as_me:14997: \"$ac_link\"") >&5
14282 (eval $ac_link) 2>&5 14998 (eval $ac_link) 2>&5
14283 ac_status=$? 14999 ac_status=$?
14284 echo "$as_me:14284: \$? = $ac_status" >&5 15000 echo "$as_me:15000: \$? = $ac_status" >&5
14285 (exit $ac_status); } && 15001 (exit $ac_status); } &&
14286 { ac_try='test -s conftest$ac_exeext' 15002 { ac_try='test -s conftest$ac_exeext'
14287 { (eval echo "$as_me:14287: \"$ac_try\"") >&5 15003 { (eval echo "$as_me:15003: \"$ac_try\"") >&5
14288 (eval $ac_try) 2>&5 15004 (eval $ac_try) 2>&5
14289 ac_status=$? 15005 ac_status=$?
14290 echo "$as_me:14290: \$? = $ac_status" >&5 15006 echo "$as_me:15006: \$? = $ac_status" >&5
14291 (exit $ac_status); }; }; then 15007 (exit $ac_status); }; }; then
14292 ac_cv_search_res_query="-l$ac_lib" 15008 ac_cv_search_res_query="-l$ac_lib"
14293break 15009break
@@ -14300,14 +15016,14 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
14300fi 15016fi
14301LIBS=$ac_func_search_save_LIBS 15017LIBS=$ac_func_search_save_LIBS
14302fi 15018fi
14303echo "$as_me:14303: result: $ac_cv_search_res_query" >&5 15019echo "$as_me:15019: result: $ac_cv_search_res_query" >&5
14304echo "${ECHO_T}$ac_cv_search_res_query" >&6 15020echo "${ECHO_T}$ac_cv_search_res_query" >&6
14305if test "$ac_cv_search_res_query" != no; then 15021if test "$ac_cv_search_res_query" != no; then
14306 test "$ac_cv_search_res_query" = "none required" || LIBS="$ac_cv_search_res_query $LIBS" 15022 test "$ac_cv_search_res_query" = "none required" || LIBS="$ac_cv_search_res_query $LIBS"
14307 15023
14308fi 15024fi
14309 15025
14310 echo "$as_me:14310: checking for library containing dn_expand" >&5 15026 echo "$as_me:15026: checking for library containing dn_expand" >&5
14311echo $ECHO_N "checking for library containing dn_expand... $ECHO_C" >&6 15027echo $ECHO_N "checking for library containing dn_expand... $ECHO_C" >&6
14312if test "${ac_cv_search_dn_expand+set}" = set; then 15028if test "${ac_cv_search_dn_expand+set}" = set; then
14313 echo $ECHO_N "(cached) $ECHO_C" >&6 15029 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -14315,7 +15031,7 @@ else
14315 ac_func_search_save_LIBS=$LIBS 15031 ac_func_search_save_LIBS=$LIBS
14316ac_cv_search_dn_expand=no 15032ac_cv_search_dn_expand=no
14317cat >conftest.$ac_ext <<_ACEOF 15033cat >conftest.$ac_ext <<_ACEOF
14318#line 14318 "configure" 15034#line 15034 "configure"
14319#include "confdefs.h" 15035#include "confdefs.h"
14320 15036
14321/* Override any gcc2 internal prototype to avoid an error. */ 15037/* Override any gcc2 internal prototype to avoid an error. */
@@ -14334,16 +15050,16 @@ dn_expand ();
14334} 15050}
14335_ACEOF 15051_ACEOF
14336rm -f conftest.$ac_objext conftest$ac_exeext 15052rm -f conftest.$ac_objext conftest$ac_exeext
14337if { (eval echo "$as_me:14337: \"$ac_link\"") >&5 15053if { (eval echo "$as_me:15053: \"$ac_link\"") >&5
14338 (eval $ac_link) 2>&5 15054 (eval $ac_link) 2>&5
14339 ac_status=$? 15055 ac_status=$?
14340 echo "$as_me:14340: \$? = $ac_status" >&5 15056 echo "$as_me:15056: \$? = $ac_status" >&5
14341 (exit $ac_status); } && 15057 (exit $ac_status); } &&
14342 { ac_try='test -s conftest$ac_exeext' 15058 { ac_try='test -s conftest$ac_exeext'
14343 { (eval echo "$as_me:14343: \"$ac_try\"") >&5 15059 { (eval echo "$as_me:15059: \"$ac_try\"") >&5
14344 (eval $ac_try) 2>&5 15060 (eval $ac_try) 2>&5
14345 ac_status=$? 15061 ac_status=$?
14346 echo "$as_me:14346: \$? = $ac_status" >&5 15062 echo "$as_me:15062: \$? = $ac_status" >&5
14347 (exit $ac_status); }; }; then 15063 (exit $ac_status); }; }; then
14348 ac_cv_search_dn_expand="none required" 15064 ac_cv_search_dn_expand="none required"
14349else 15065else
@@ -14355,7 +15071,7 @@ if test "$ac_cv_search_dn_expand" = no; then
14355 for ac_lib in resolv; do 15071 for ac_lib in resolv; do
14356 LIBS="-l$ac_lib $ac_func_search_save_LIBS" 15072 LIBS="-l$ac_lib $ac_func_search_save_LIBS"
14357 cat >conftest.$ac_ext <<_ACEOF 15073 cat >conftest.$ac_ext <<_ACEOF
14358#line 14358 "configure" 15074#line 15074 "configure"
14359#include "confdefs.h" 15075#include "confdefs.h"
14360 15076
14361/* Override any gcc2 internal prototype to avoid an error. */ 15077/* Override any gcc2 internal prototype to avoid an error. */
@@ -14374,16 +15090,16 @@ dn_expand ();
14374} 15090}
14375_ACEOF 15091_ACEOF
14376rm -f conftest.$ac_objext conftest$ac_exeext 15092rm -f conftest.$ac_objext conftest$ac_exeext
14377if { (eval echo "$as_me:14377: \"$ac_link\"") >&5 15093if { (eval echo "$as_me:15093: \"$ac_link\"") >&5
14378 (eval $ac_link) 2>&5 15094 (eval $ac_link) 2>&5
14379 ac_status=$? 15095 ac_status=$?
14380 echo "$as_me:14380: \$? = $ac_status" >&5 15096 echo "$as_me:15096: \$? = $ac_status" >&5
14381 (exit $ac_status); } && 15097 (exit $ac_status); } &&
14382 { ac_try='test -s conftest$ac_exeext' 15098 { ac_try='test -s conftest$ac_exeext'
14383 { (eval echo "$as_me:14383: \"$ac_try\"") >&5 15099 { (eval echo "$as_me:15099: \"$ac_try\"") >&5
14384 (eval $ac_try) 2>&5 15100 (eval $ac_try) 2>&5
14385 ac_status=$? 15101 ac_status=$?
14386 echo "$as_me:14386: \$? = $ac_status" >&5 15102 echo "$as_me:15102: \$? = $ac_status" >&5
14387 (exit $ac_status); }; }; then 15103 (exit $ac_status); }; }; then
14388 ac_cv_search_dn_expand="-l$ac_lib" 15104 ac_cv_search_dn_expand="-l$ac_lib"
14389break 15105break
@@ -14396,7 +15112,7 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
14396fi 15112fi
14397LIBS=$ac_func_search_save_LIBS 15113LIBS=$ac_func_search_save_LIBS
14398fi 15114fi
14399echo "$as_me:14399: result: $ac_cv_search_dn_expand" >&5 15115echo "$as_me:15115: result: $ac_cv_search_dn_expand" >&5
14400echo "${ECHO_T}$ac_cv_search_dn_expand" >&6 15116echo "${ECHO_T}$ac_cv_search_dn_expand" >&6
14401if test "$ac_cv_search_dn_expand" != no; then 15117if test "$ac_cv_search_dn_expand" != no; then
14402 test "$ac_cv_search_dn_expand" = "none required" || LIBS="$ac_cv_search_dn_expand $LIBS" 15118 test "$ac_cv_search_dn_expand" = "none required" || LIBS="$ac_cv_search_dn_expand $LIBS"
@@ -14406,13 +15122,13 @@ fi
14406for ac_func in _getshort _getlong 15122for ac_func in _getshort _getlong
14407do 15123do
14408as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` 15124as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
14409echo "$as_me:14409: checking for $ac_func" >&5 15125echo "$as_me:15125: checking for $ac_func" >&5
14410echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 15126echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
14411if eval "test \"\${$as_ac_var+set}\" = set"; then 15127if eval "test \"\${$as_ac_var+set}\" = set"; then
14412 echo $ECHO_N "(cached) $ECHO_C" >&6 15128 echo $ECHO_N "(cached) $ECHO_C" >&6
14413else 15129else
14414 cat >conftest.$ac_ext <<_ACEOF 15130 cat >conftest.$ac_ext <<_ACEOF
14415#line 14415 "configure" 15131#line 15131 "configure"
14416#include "confdefs.h" 15132#include "confdefs.h"
14417/* System header to define __stub macros and hopefully few prototypes, 15133/* System header to define __stub macros and hopefully few prototypes,
14418 which can conflict with char $ac_func (); below. */ 15134 which can conflict with char $ac_func (); below. */
@@ -14443,16 +15159,16 @@ f = $ac_func;
14443} 15159}
14444_ACEOF 15160_ACEOF
14445rm -f conftest.$ac_objext conftest$ac_exeext 15161rm -f conftest.$ac_objext conftest$ac_exeext
14446if { (eval echo "$as_me:14446: \"$ac_link\"") >&5 15162if { (eval echo "$as_me:15162: \"$ac_link\"") >&5
14447 (eval $ac_link) 2>&5 15163 (eval $ac_link) 2>&5
14448 ac_status=$? 15164 ac_status=$?
14449 echo "$as_me:14449: \$? = $ac_status" >&5 15165 echo "$as_me:15165: \$? = $ac_status" >&5
14450 (exit $ac_status); } && 15166 (exit $ac_status); } &&
14451 { ac_try='test -s conftest$ac_exeext' 15167 { ac_try='test -s conftest$ac_exeext'
14452 { (eval echo "$as_me:14452: \"$ac_try\"") >&5 15168 { (eval echo "$as_me:15168: \"$ac_try\"") >&5
14453 (eval $ac_try) 2>&5 15169 (eval $ac_try) 2>&5
14454 ac_status=$? 15170 ac_status=$?
14455 echo "$as_me:14455: \$? = $ac_status" >&5 15171 echo "$as_me:15171: \$? = $ac_status" >&5
14456 (exit $ac_status); }; }; then 15172 (exit $ac_status); }; }; then
14457 eval "$as_ac_var=yes" 15173 eval "$as_ac_var=yes"
14458else 15174else
@@ -14462,7 +15178,7 @@ eval "$as_ac_var=no"
14462fi 15178fi
14463rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 15179rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
14464fi 15180fi
14465echo "$as_me:14465: result: `eval echo '${'$as_ac_var'}'`" >&5 15181echo "$as_me:15181: result: `eval echo '${'$as_ac_var'}'`" >&5
14466echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 15182echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
14467if test `eval echo '${'$as_ac_var'}'` = yes; then 15183if test `eval echo '${'$as_ac_var'}'` = yes; then
14468 cat >>confdefs.h <<EOF 15184 cat >>confdefs.h <<EOF
@@ -14472,13 +15188,13 @@ EOF
14472fi 15188fi
14473done 15189done
14474 15190
14475 echo "$as_me:14475: checking for HEADER.ad" >&5 15191 echo "$as_me:15191: checking for HEADER.ad" >&5
14476echo $ECHO_N "checking for HEADER.ad... $ECHO_C" >&6 15192echo $ECHO_N "checking for HEADER.ad... $ECHO_C" >&6
14477if test "${ac_cv_member_HEADER_ad+set}" = set; then 15193if test "${ac_cv_member_HEADER_ad+set}" = set; then
14478 echo $ECHO_N "(cached) $ECHO_C" >&6 15194 echo $ECHO_N "(cached) $ECHO_C" >&6
14479else 15195else
14480 cat >conftest.$ac_ext <<_ACEOF 15196 cat >conftest.$ac_ext <<_ACEOF
14481#line 14481 "configure" 15197#line 15197 "configure"
14482#include "confdefs.h" 15198#include "confdefs.h"
14483#include <arpa/nameser.h> 15199#include <arpa/nameser.h>
14484 15200
@@ -14493,16 +15209,16 @@ return 0;
14493} 15209}
14494_ACEOF 15210_ACEOF
14495rm -f conftest.$ac_objext 15211rm -f conftest.$ac_objext
14496if { (eval echo "$as_me:14496: \"$ac_compile\"") >&5 15212if { (eval echo "$as_me:15212: \"$ac_compile\"") >&5
14497 (eval $ac_compile) 2>&5 15213 (eval $ac_compile) 2>&5
14498 ac_status=$? 15214 ac_status=$?
14499 echo "$as_me:14499: \$? = $ac_status" >&5 15215 echo "$as_me:15215: \$? = $ac_status" >&5
14500 (exit $ac_status); } && 15216 (exit $ac_status); } &&
14501 { ac_try='test -s conftest.$ac_objext' 15217 { ac_try='test -s conftest.$ac_objext'
14502 { (eval echo "$as_me:14502: \"$ac_try\"") >&5 15218 { (eval echo "$as_me:15218: \"$ac_try\"") >&5
14503 (eval $ac_try) 2>&5 15219 (eval $ac_try) 2>&5
14504 ac_status=$? 15220 ac_status=$?
14505 echo "$as_me:14505: \$? = $ac_status" >&5 15221 echo "$as_me:15221: \$? = $ac_status" >&5
14506 (exit $ac_status); }; }; then 15222 (exit $ac_status); }; }; then
14507 ac_cv_member_HEADER_ad=yes 15223 ac_cv_member_HEADER_ad=yes
14508else 15224else
@@ -14512,7 +15228,7 @@ ac_cv_member_HEADER_ad=no
14512fi 15228fi
14513rm -f conftest.$ac_objext conftest.$ac_ext 15229rm -f conftest.$ac_objext conftest.$ac_ext
14514fi 15230fi
14515echo "$as_me:14515: result: $ac_cv_member_HEADER_ad" >&5 15231echo "$as_me:15231: result: $ac_cv_member_HEADER_ad" >&5
14516echo "${ECHO_T}$ac_cv_member_HEADER_ad" >&6 15232echo "${ECHO_T}$ac_cv_member_HEADER_ad" >&6
14517if test $ac_cv_member_HEADER_ad = yes; then 15233if test $ac_cv_member_HEADER_ad = yes; then
14518 cat >>confdefs.h <<\EOF 15234 cat >>confdefs.h <<\EOF
@@ -14523,34 +15239,99 @@ fi
14523 15239
14524fi 15240fi
14525 15241
14526 fi
14527
14528fi;
14529
14530# Check whether user wants Kerberos 5 support 15242# Check whether user wants Kerberos 5 support
14531KRB5_MSG="no" 15243KRB5_MSG="no"
14532 15244
14533# Check whether --with-kerberos5 or --without-kerberos5 was given. 15245# Check whether --with-kerberos5 or --without-kerberos5 was given.
14534if test "${with_kerberos5+set}" = set; then 15246if test "${with_kerberos5+set}" = set; then
14535 withval="$with_kerberos5" 15247 withval="$with_kerberos5"
15248 if test "x$withval" != "xno" ; then
15249 if test "x$withval" = "xyes" ; then
15250 KRB5ROOT="/usr/local"
15251 else
15252 KRB5ROOT=${withval}
15253 fi
14536 15254
14537 if test "x$withval" != "xno" ; then 15255 cat >>confdefs.h <<\EOF
14538 if test "x$withval" = "xyes" ; then
14539 KRB5ROOT="/usr/local"
14540 else
14541 KRB5ROOT=${withval}
14542 fi
14543 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
14544 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
14545 cat >>confdefs.h <<\EOF
14546#define KRB5 1 15256#define KRB5 1
14547EOF 15257EOF
14548 15258
14549 KRB5_MSG="yes" 15259 KRB5_MSG="yes"
14550 echo "$as_me:14550: checking whether we are using Heimdal" >&5 15260
15261 echo "$as_me:15261: checking for krb5-config" >&5
15262echo $ECHO_N "checking for krb5-config... $ECHO_C" >&6
15263 if test -x $KRB5ROOT/bin/krb5-config ; then
15264 KRB5CONF=$KRB5ROOT/bin/krb5-config
15265 echo "$as_me:15265: result: $KRB5CONF" >&5
15266echo "${ECHO_T}$KRB5CONF" >&6
15267
15268 echo "$as_me:15268: checking for gssapi support" >&5
15269echo $ECHO_N "checking for gssapi support... $ECHO_C" >&6
15270 if $KRB5CONF | grep gssapi >/dev/null ; then
15271 echo "$as_me:15271: result: yes" >&5
15272echo "${ECHO_T}yes" >&6
15273 cat >>confdefs.h <<\EOF
15274#define GSSAPI 1
15275EOF
15276
15277 k5confopts=gssapi
15278 else
15279 echo "$as_me:15279: result: no" >&5
15280echo "${ECHO_T}no" >&6
15281 k5confopts=""
15282 fi
15283 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
15284 K5LIBS="`$KRB5CONF --libs $k5confopts`"
15285 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
15286 echo "$as_me:15286: checking whether we are using Heimdal" >&5
15287echo $ECHO_N "checking whether we are using Heimdal... $ECHO_C" >&6
15288 cat >conftest.$ac_ext <<_ACEOF
15289#line 15289 "configure"
15290#include "confdefs.h"
15291 #include <krb5.h>
15292int
15293main ()
15294{
15295 char *tmp = heimdal_version;
15296 ;
15297 return 0;
15298}
15299_ACEOF
15300rm -f conftest.$ac_objext
15301if { (eval echo "$as_me:15301: \"$ac_compile\"") >&5
15302 (eval $ac_compile) 2>&5
15303 ac_status=$?
15304 echo "$as_me:15304: \$? = $ac_status" >&5
15305 (exit $ac_status); } &&
15306 { ac_try='test -s conftest.$ac_objext'
15307 { (eval echo "$as_me:15307: \"$ac_try\"") >&5
15308 (eval $ac_try) 2>&5
15309 ac_status=$?
15310 echo "$as_me:15310: \$? = $ac_status" >&5
15311 (exit $ac_status); }; }; then
15312 echo "$as_me:15312: result: yes" >&5
15313echo "${ECHO_T}yes" >&6
15314 cat >>confdefs.h <<\EOF
15315#define HEIMDAL 1
15316EOF
15317
15318else
15319 echo "$as_me: failed program was:" >&5
15320cat conftest.$ac_ext >&5
15321echo "$as_me:15321: result: no" >&5
15322echo "${ECHO_T}no" >&6
15323
15324fi
15325rm -f conftest.$ac_objext conftest.$ac_ext
15326 else
15327 echo "$as_me:15327: result: no" >&5
15328echo "${ECHO_T}no" >&6
15329 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
15330 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
15331 echo "$as_me:15331: checking whether we are using Heimdal" >&5
14551echo $ECHO_N "checking whether we are using Heimdal... $ECHO_C" >&6 15332echo $ECHO_N "checking whether we are using Heimdal... $ECHO_C" >&6
14552 cat >conftest.$ac_ext <<_ACEOF 15333 cat >conftest.$ac_ext <<_ACEOF
14553#line 14553 "configure" 15334#line 15334 "configure"
14554#include "confdefs.h" 15335#include "confdefs.h"
14555 #include <krb5.h> 15336 #include <krb5.h>
14556int 15337int
@@ -14562,41 +15343,35 @@ main ()
14562} 15343}
14563_ACEOF 15344_ACEOF
14564rm -f conftest.$ac_objext 15345rm -f conftest.$ac_objext
14565if { (eval echo "$as_me:14565: \"$ac_compile\"") >&5 15346if { (eval echo "$as_me:15346: \"$ac_compile\"") >&5
14566 (eval $ac_compile) 2>&5 15347 (eval $ac_compile) 2>&5
14567 ac_status=$? 15348 ac_status=$?
14568 echo "$as_me:14568: \$? = $ac_status" >&5 15349 echo "$as_me:15349: \$? = $ac_status" >&5
14569 (exit $ac_status); } && 15350 (exit $ac_status); } &&
14570 { ac_try='test -s conftest.$ac_objext' 15351 { ac_try='test -s conftest.$ac_objext'
14571 { (eval echo "$as_me:14571: \"$ac_try\"") >&5 15352 { (eval echo "$as_me:15352: \"$ac_try\"") >&5
14572 (eval $ac_try) 2>&5 15353 (eval $ac_try) 2>&5
14573 ac_status=$? 15354 ac_status=$?
14574 echo "$as_me:14574: \$? = $ac_status" >&5 15355 echo "$as_me:15355: \$? = $ac_status" >&5
14575 (exit $ac_status); }; }; then 15356 (exit $ac_status); }; }; then
14576 echo "$as_me:14576: result: yes" >&5 15357 echo "$as_me:15357: result: yes" >&5
14577echo "${ECHO_T}yes" >&6 15358echo "${ECHO_T}yes" >&6
14578 cat >>confdefs.h <<\EOF 15359 cat >>confdefs.h <<\EOF
14579#define HEIMDAL 1 15360#define HEIMDAL 1
14580EOF 15361EOF
14581 15362
14582 K5LIBS="-lkrb5 -ldes -lcom_err -lasn1 -lroken" 15363 K5LIBS="-lkrb5 -ldes -lcom_err -lasn1 -lroken"
14583 15364
14584else 15365else
14585 echo "$as_me: failed program was:" >&5 15366 echo "$as_me: failed program was:" >&5
14586cat conftest.$ac_ext >&5 15367cat conftest.$ac_ext >&5
14587 echo "$as_me:14587: result: no" >&5 15368 echo "$as_me:15368: result: no" >&5
14588echo "${ECHO_T}no" >&6 15369echo "${ECHO_T}no" >&6
14589 K5LIBS="-lkrb5 -lk5crypto -lcom_err" 15370 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
14590 15371
14591fi 15372fi
14592rm -f conftest.$ac_objext conftest.$ac_ext 15373rm -f conftest.$ac_objext conftest.$ac_ext
14593 if test ! -z "$need_dash_r" ; then 15374 echo "$as_me:15374: checking for library containing dn_expand" >&5
14594 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
14595 fi
14596 if test ! -z "$blibpath" ; then
14597 blibpath="$blibpath:${KRB5ROOT}/lib"
14598 fi
14599 echo "$as_me:14599: checking for library containing dn_expand" >&5
14600echo $ECHO_N "checking for library containing dn_expand... $ECHO_C" >&6 15375echo $ECHO_N "checking for library containing dn_expand... $ECHO_C" >&6
14601if test "${ac_cv_search_dn_expand+set}" = set; then 15376if test "${ac_cv_search_dn_expand+set}" = set; then
14602 echo $ECHO_N "(cached) $ECHO_C" >&6 15377 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -14604,7 +15379,7 @@ else
14604 ac_func_search_save_LIBS=$LIBS 15379 ac_func_search_save_LIBS=$LIBS
14605ac_cv_search_dn_expand=no 15380ac_cv_search_dn_expand=no
14606cat >conftest.$ac_ext <<_ACEOF 15381cat >conftest.$ac_ext <<_ACEOF
14607#line 14607 "configure" 15382#line 15382 "configure"
14608#include "confdefs.h" 15383#include "confdefs.h"
14609 15384
14610/* Override any gcc2 internal prototype to avoid an error. */ 15385/* Override any gcc2 internal prototype to avoid an error. */
@@ -14623,16 +15398,16 @@ dn_expand ();
14623} 15398}
14624_ACEOF 15399_ACEOF
14625rm -f conftest.$ac_objext conftest$ac_exeext 15400rm -f conftest.$ac_objext conftest$ac_exeext
14626if { (eval echo "$as_me:14626: \"$ac_link\"") >&5 15401if { (eval echo "$as_me:15401: \"$ac_link\"") >&5
14627 (eval $ac_link) 2>&5 15402 (eval $ac_link) 2>&5
14628 ac_status=$? 15403 ac_status=$?
14629 echo "$as_me:14629: \$? = $ac_status" >&5 15404 echo "$as_me:15404: \$? = $ac_status" >&5
14630 (exit $ac_status); } && 15405 (exit $ac_status); } &&
14631 { ac_try='test -s conftest$ac_exeext' 15406 { ac_try='test -s conftest$ac_exeext'
14632 { (eval echo "$as_me:14632: \"$ac_try\"") >&5 15407 { (eval echo "$as_me:15407: \"$ac_try\"") >&5
14633 (eval $ac_try) 2>&5 15408 (eval $ac_try) 2>&5
14634 ac_status=$? 15409 ac_status=$?
14635 echo "$as_me:14635: \$? = $ac_status" >&5 15410 echo "$as_me:15410: \$? = $ac_status" >&5
14636 (exit $ac_status); }; }; then 15411 (exit $ac_status); }; }; then
14637 ac_cv_search_dn_expand="none required" 15412 ac_cv_search_dn_expand="none required"
14638else 15413else
@@ -14644,7 +15419,7 @@ if test "$ac_cv_search_dn_expand" = no; then
14644 for ac_lib in resolv; do 15419 for ac_lib in resolv; do
14645 LIBS="-l$ac_lib $ac_func_search_save_LIBS" 15420 LIBS="-l$ac_lib $ac_func_search_save_LIBS"
14646 cat >conftest.$ac_ext <<_ACEOF 15421 cat >conftest.$ac_ext <<_ACEOF
14647#line 14647 "configure" 15422#line 15422 "configure"
14648#include "confdefs.h" 15423#include "confdefs.h"
14649 15424
14650/* Override any gcc2 internal prototype to avoid an error. */ 15425/* Override any gcc2 internal prototype to avoid an error. */
@@ -14663,16 +15438,16 @@ dn_expand ();
14663} 15438}
14664_ACEOF 15439_ACEOF
14665rm -f conftest.$ac_objext conftest$ac_exeext 15440rm -f conftest.$ac_objext conftest$ac_exeext
14666if { (eval echo "$as_me:14666: \"$ac_link\"") >&5 15441if { (eval echo "$as_me:15441: \"$ac_link\"") >&5
14667 (eval $ac_link) 2>&5 15442 (eval $ac_link) 2>&5
14668 ac_status=$? 15443 ac_status=$?
14669 echo "$as_me:14669: \$? = $ac_status" >&5 15444 echo "$as_me:15444: \$? = $ac_status" >&5
14670 (exit $ac_status); } && 15445 (exit $ac_status); } &&
14671 { ac_try='test -s conftest$ac_exeext' 15446 { ac_try='test -s conftest$ac_exeext'
14672 { (eval echo "$as_me:14672: \"$ac_try\"") >&5 15447 { (eval echo "$as_me:15447: \"$ac_try\"") >&5
14673 (eval $ac_try) 2>&5 15448 (eval $ac_try) 2>&5
14674 ac_status=$? 15449 ac_status=$?
14675 echo "$as_me:14675: \$? = $ac_status" >&5 15450 echo "$as_me:15450: \$? = $ac_status" >&5
14676 (exit $ac_status); }; }; then 15451 (exit $ac_status); }; }; then
14677 ac_cv_search_dn_expand="-l$ac_lib" 15452 ac_cv_search_dn_expand="-l$ac_lib"
14678break 15453break
@@ -14685,14 +15460,14 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
14685fi 15460fi
14686LIBS=$ac_func_search_save_LIBS 15461LIBS=$ac_func_search_save_LIBS
14687fi 15462fi
14688echo "$as_me:14688: result: $ac_cv_search_dn_expand" >&5 15463echo "$as_me:15463: result: $ac_cv_search_dn_expand" >&5
14689echo "${ECHO_T}$ac_cv_search_dn_expand" >&6 15464echo "${ECHO_T}$ac_cv_search_dn_expand" >&6
14690if test "$ac_cv_search_dn_expand" != no; then 15465if test "$ac_cv_search_dn_expand" != no; then
14691 test "$ac_cv_search_dn_expand" = "none required" || LIBS="$ac_cv_search_dn_expand $LIBS" 15466 test "$ac_cv_search_dn_expand" = "none required" || LIBS="$ac_cv_search_dn_expand $LIBS"
14692 15467
14693fi 15468fi
14694 15469
14695 echo "$as_me:14695: checking for gss_init_sec_context in -lgssapi" >&5 15470 echo "$as_me:15470: checking for gss_init_sec_context in -lgssapi" >&5
14696echo $ECHO_N "checking for gss_init_sec_context in -lgssapi... $ECHO_C" >&6 15471echo $ECHO_N "checking for gss_init_sec_context in -lgssapi... $ECHO_C" >&6
14697if test "${ac_cv_lib_gssapi_gss_init_sec_context+set}" = set; then 15472if test "${ac_cv_lib_gssapi_gss_init_sec_context+set}" = set; then
14698 echo $ECHO_N "(cached) $ECHO_C" >&6 15473 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -14700,7 +15475,7 @@ else
14700 ac_check_lib_save_LIBS=$LIBS 15475 ac_check_lib_save_LIBS=$LIBS
14701LIBS="-lgssapi $K5LIBS $LIBS" 15476LIBS="-lgssapi $K5LIBS $LIBS"
14702cat >conftest.$ac_ext <<_ACEOF 15477cat >conftest.$ac_ext <<_ACEOF
14703#line 14703 "configure" 15478#line 15478 "configure"
14704#include "confdefs.h" 15479#include "confdefs.h"
14705 15480
14706/* Override any gcc2 internal prototype to avoid an error. */ 15481/* Override any gcc2 internal prototype to avoid an error. */
@@ -14719,16 +15494,16 @@ gss_init_sec_context ();
14719} 15494}
14720_ACEOF 15495_ACEOF
14721rm -f conftest.$ac_objext conftest$ac_exeext 15496rm -f conftest.$ac_objext conftest$ac_exeext
14722if { (eval echo "$as_me:14722: \"$ac_link\"") >&5 15497if { (eval echo "$as_me:15497: \"$ac_link\"") >&5
14723 (eval $ac_link) 2>&5 15498 (eval $ac_link) 2>&5
14724 ac_status=$? 15499 ac_status=$?
14725 echo "$as_me:14725: \$? = $ac_status" >&5 15500 echo "$as_me:15500: \$? = $ac_status" >&5
14726 (exit $ac_status); } && 15501 (exit $ac_status); } &&
14727 { ac_try='test -s conftest$ac_exeext' 15502 { ac_try='test -s conftest$ac_exeext'
14728 { (eval echo "$as_me:14728: \"$ac_try\"") >&5 15503 { (eval echo "$as_me:15503: \"$ac_try\"") >&5
14729 (eval $ac_try) 2>&5 15504 (eval $ac_try) 2>&5
14730 ac_status=$? 15505 ac_status=$?
14731 echo "$as_me:14731: \$? = $ac_status" >&5 15506 echo "$as_me:15506: \$? = $ac_status" >&5
14732 (exit $ac_status); }; }; then 15507 (exit $ac_status); }; }; then
14733 ac_cv_lib_gssapi_gss_init_sec_context=yes 15508 ac_cv_lib_gssapi_gss_init_sec_context=yes
14734else 15509else
@@ -14739,7 +15514,7 @@ fi
14739rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 15514rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
14740LIBS=$ac_check_lib_save_LIBS 15515LIBS=$ac_check_lib_save_LIBS
14741fi 15516fi
14742echo "$as_me:14742: result: $ac_cv_lib_gssapi_gss_init_sec_context" >&5 15517echo "$as_me:15517: result: $ac_cv_lib_gssapi_gss_init_sec_context" >&5
14743echo "${ECHO_T}$ac_cv_lib_gssapi_gss_init_sec_context" >&6 15518echo "${ECHO_T}$ac_cv_lib_gssapi_gss_init_sec_context" >&6
14744if test $ac_cv_lib_gssapi_gss_init_sec_context = yes; then 15519if test $ac_cv_lib_gssapi_gss_init_sec_context = yes; then
14745 cat >>confdefs.h <<\EOF 15520 cat >>confdefs.h <<\EOF
@@ -14748,7 +15523,7 @@ EOF
14748 15523
14749 K5LIBS="-lgssapi $K5LIBS" 15524 K5LIBS="-lgssapi $K5LIBS"
14750else 15525else
14751 echo "$as_me:14751: checking for gss_init_sec_context in -lgssapi_krb5" >&5 15526 echo "$as_me:15526: checking for gss_init_sec_context in -lgssapi_krb5" >&5
14752echo $ECHO_N "checking for gss_init_sec_context in -lgssapi_krb5... $ECHO_C" >&6 15527echo $ECHO_N "checking for gss_init_sec_context in -lgssapi_krb5... $ECHO_C" >&6
14753if test "${ac_cv_lib_gssapi_krb5_gss_init_sec_context+set}" = set; then 15528if test "${ac_cv_lib_gssapi_krb5_gss_init_sec_context+set}" = set; then
14754 echo $ECHO_N "(cached) $ECHO_C" >&6 15529 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -14756,7 +15531,7 @@ else
14756 ac_check_lib_save_LIBS=$LIBS 15531 ac_check_lib_save_LIBS=$LIBS
14757LIBS="-lgssapi_krb5 $K5LIBS $LIBS" 15532LIBS="-lgssapi_krb5 $K5LIBS $LIBS"
14758cat >conftest.$ac_ext <<_ACEOF 15533cat >conftest.$ac_ext <<_ACEOF
14759#line 14759 "configure" 15534#line 15534 "configure"
14760#include "confdefs.h" 15535#include "confdefs.h"
14761 15536
14762/* Override any gcc2 internal prototype to avoid an error. */ 15537/* Override any gcc2 internal prototype to avoid an error. */
@@ -14775,16 +15550,16 @@ gss_init_sec_context ();
14775} 15550}
14776_ACEOF 15551_ACEOF
14777rm -f conftest.$ac_objext conftest$ac_exeext 15552rm -f conftest.$ac_objext conftest$ac_exeext
14778if { (eval echo "$as_me:14778: \"$ac_link\"") >&5 15553if { (eval echo "$as_me:15553: \"$ac_link\"") >&5
14779 (eval $ac_link) 2>&5 15554 (eval $ac_link) 2>&5
14780 ac_status=$? 15555 ac_status=$?
14781 echo "$as_me:14781: \$? = $ac_status" >&5 15556 echo "$as_me:15556: \$? = $ac_status" >&5
14782 (exit $ac_status); } && 15557 (exit $ac_status); } &&
14783 { ac_try='test -s conftest$ac_exeext' 15558 { ac_try='test -s conftest$ac_exeext'
14784 { (eval echo "$as_me:14784: \"$ac_try\"") >&5 15559 { (eval echo "$as_me:15559: \"$ac_try\"") >&5
14785 (eval $ac_try) 2>&5 15560 (eval $ac_try) 2>&5
14786 ac_status=$? 15561 ac_status=$?
14787 echo "$as_me:14787: \$? = $ac_status" >&5 15562 echo "$as_me:15562: \$? = $ac_status" >&5
14788 (exit $ac_status); }; }; then 15563 (exit $ac_status); }; }; then
14789 ac_cv_lib_gssapi_krb5_gss_init_sec_context=yes 15564 ac_cv_lib_gssapi_krb5_gss_init_sec_context=yes
14790else 15565else
@@ -14795,38 +15570,38 @@ fi
14795rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 15570rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
14796LIBS=$ac_check_lib_save_LIBS 15571LIBS=$ac_check_lib_save_LIBS
14797fi 15572fi
14798echo "$as_me:14798: result: $ac_cv_lib_gssapi_krb5_gss_init_sec_context" >&5 15573echo "$as_me:15573: result: $ac_cv_lib_gssapi_krb5_gss_init_sec_context" >&5
14799echo "${ECHO_T}$ac_cv_lib_gssapi_krb5_gss_init_sec_context" >&6 15574echo "${ECHO_T}$ac_cv_lib_gssapi_krb5_gss_init_sec_context" >&6
14800if test $ac_cv_lib_gssapi_krb5_gss_init_sec_context = yes; then 15575if test $ac_cv_lib_gssapi_krb5_gss_init_sec_context = yes; then
14801 cat >>confdefs.h <<\EOF 15576 cat >>confdefs.h <<\EOF
14802#define GSSAPI 1 15577#define GSSAPI 1
14803EOF 15578EOF
14804 15579
14805 K5LIBS="-lgssapi_krb5 $K5LIBS" 15580 K5LIBS="-lgssapi_krb5 $K5LIBS"
14806else 15581else
14807 { echo "$as_me:14807: WARNING: Cannot find any suitable gss-api library - build may fail" >&5 15582 { echo "$as_me:15582: WARNING: Cannot find any suitable gss-api library - build may fail" >&5
14808echo "$as_me: WARNING: Cannot find any suitable gss-api library - build may fail" >&2;} 15583echo "$as_me: WARNING: Cannot find any suitable gss-api library - build may fail" >&2;}
14809fi 15584fi
14810 15585
14811fi 15586fi
14812 15587
14813 echo "$as_me:14813: checking for gssapi.h" >&5 15588 echo "$as_me:15588: checking for gssapi.h" >&5
14814echo $ECHO_N "checking for gssapi.h... $ECHO_C" >&6 15589echo $ECHO_N "checking for gssapi.h... $ECHO_C" >&6
14815if test "${ac_cv_header_gssapi_h+set}" = set; then 15590if test "${ac_cv_header_gssapi_h+set}" = set; then
14816 echo $ECHO_N "(cached) $ECHO_C" >&6 15591 echo $ECHO_N "(cached) $ECHO_C" >&6
14817else 15592else
14818 cat >conftest.$ac_ext <<_ACEOF 15593 cat >conftest.$ac_ext <<_ACEOF
14819#line 14819 "configure" 15594#line 15594 "configure"
14820#include "confdefs.h" 15595#include "confdefs.h"
14821#include <gssapi.h> 15596#include <gssapi.h>
14822_ACEOF 15597_ACEOF
14823if { (eval echo "$as_me:14823: \"$ac_cpp conftest.$ac_ext\"") >&5 15598if { (eval echo "$as_me:15598: \"$ac_cpp conftest.$ac_ext\"") >&5
14824 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 15599 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
14825 ac_status=$? 15600 ac_status=$?
14826 egrep -v '^ *\+' conftest.er1 >conftest.err 15601 egrep -v '^ *\+' conftest.er1 >conftest.err
14827 rm -f conftest.er1 15602 rm -f conftest.er1
14828 cat conftest.err >&5 15603 cat conftest.err >&5
14829 echo "$as_me:14829: \$? = $ac_status" >&5 15604 echo "$as_me:15604: \$? = $ac_status" >&5
14830 (exit $ac_status); } >/dev/null; then 15605 (exit $ac_status); } >/dev/null; then
14831 if test -s conftest.err; then 15606 if test -s conftest.err; then
14832 ac_cpp_err=$ac_c_preproc_warn_flag 15607 ac_cpp_err=$ac_c_preproc_warn_flag
@@ -14845,7 +15620,7 @@ else
14845fi 15620fi
14846rm -f conftest.err conftest.$ac_ext 15621rm -f conftest.err conftest.$ac_ext
14847fi 15622fi
14848echo "$as_me:14848: result: $ac_cv_header_gssapi_h" >&5 15623echo "$as_me:15623: result: $ac_cv_header_gssapi_h" >&5
14849echo "${ECHO_T}$ac_cv_header_gssapi_h" >&6 15624echo "${ECHO_T}$ac_cv_header_gssapi_h" >&6
14850if test $ac_cv_header_gssapi_h = yes; then 15625if test $ac_cv_header_gssapi_h = yes; then
14851 : 15626 :
@@ -14856,23 +15631,23 @@ else
14856for ac_header in gssapi.h 15631for ac_header in gssapi.h
14857do 15632do
14858as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` 15633as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
14859echo "$as_me:14859: checking for $ac_header" >&5 15634echo "$as_me:15634: checking for $ac_header" >&5
14860echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 15635echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
14861if eval "test \"\${$as_ac_Header+set}\" = set"; then 15636if eval "test \"\${$as_ac_Header+set}\" = set"; then
14862 echo $ECHO_N "(cached) $ECHO_C" >&6 15637 echo $ECHO_N "(cached) $ECHO_C" >&6
14863else 15638else
14864 cat >conftest.$ac_ext <<_ACEOF 15639 cat >conftest.$ac_ext <<_ACEOF
14865#line 14865 "configure" 15640#line 15640 "configure"
14866#include "confdefs.h" 15641#include "confdefs.h"
14867#include <$ac_header> 15642#include <$ac_header>
14868_ACEOF 15643_ACEOF
14869if { (eval echo "$as_me:14869: \"$ac_cpp conftest.$ac_ext\"") >&5 15644if { (eval echo "$as_me:15644: \"$ac_cpp conftest.$ac_ext\"") >&5
14870 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 15645 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
14871 ac_status=$? 15646 ac_status=$?
14872 egrep -v '^ *\+' conftest.er1 >conftest.err 15647 egrep -v '^ *\+' conftest.er1 >conftest.err
14873 rm -f conftest.er1 15648 rm -f conftest.er1
14874 cat conftest.err >&5 15649 cat conftest.err >&5
14875 echo "$as_me:14875: \$? = $ac_status" >&5 15650 echo "$as_me:15650: \$? = $ac_status" >&5
14876 (exit $ac_status); } >/dev/null; then 15651 (exit $ac_status); } >/dev/null; then
14877 if test -s conftest.err; then 15652 if test -s conftest.err; then
14878 ac_cpp_err=$ac_c_preproc_warn_flag 15653 ac_cpp_err=$ac_c_preproc_warn_flag
@@ -14891,7 +15666,7 @@ else
14891fi 15666fi
14892rm -f conftest.err conftest.$ac_ext 15667rm -f conftest.err conftest.$ac_ext
14893fi 15668fi
14894echo "$as_me:14894: result: `eval echo '${'$as_ac_Header'}'`" >&5 15669echo "$as_me:15669: result: `eval echo '${'$as_ac_Header'}'`" >&5
14895echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 15670echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
14896if test `eval echo '${'$as_ac_Header'}'` = yes; then 15671if test `eval echo '${'$as_ac_Header'}'` = yes; then
14897 cat >>confdefs.h <<EOF 15672 cat >>confdefs.h <<EOF
@@ -14899,7 +15674,7 @@ if test `eval echo '${'$as_ac_Header'}'` = yes; then
14899EOF 15674EOF
14900 15675
14901else 15676else
14902 { echo "$as_me:14902: WARNING: Cannot find any suitable gss-api header - build may fail" >&5 15677 { echo "$as_me:15677: WARNING: Cannot find any suitable gss-api header - build may fail" >&5
14903echo "$as_me: WARNING: Cannot find any suitable gss-api header - build may fail" >&2;} 15678echo "$as_me: WARNING: Cannot find any suitable gss-api header - build may fail" >&2;}
14904 15679
14905fi 15680fi
@@ -14909,23 +15684,23 @@ fi
14909 15684
14910 oldCPP="$CPPFLAGS" 15685 oldCPP="$CPPFLAGS"
14911 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" 15686 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
14912 echo "$as_me:14912: checking for gssapi_krb5.h" >&5 15687 echo "$as_me:15687: checking for gssapi_krb5.h" >&5
14913echo $ECHO_N "checking for gssapi_krb5.h... $ECHO_C" >&6 15688echo $ECHO_N "checking for gssapi_krb5.h... $ECHO_C" >&6
14914if test "${ac_cv_header_gssapi_krb5_h+set}" = set; then 15689if test "${ac_cv_header_gssapi_krb5_h+set}" = set; then
14915 echo $ECHO_N "(cached) $ECHO_C" >&6 15690 echo $ECHO_N "(cached) $ECHO_C" >&6
14916else 15691else
14917 cat >conftest.$ac_ext <<_ACEOF 15692 cat >conftest.$ac_ext <<_ACEOF
14918#line 14918 "configure" 15693#line 15693 "configure"
14919#include "confdefs.h" 15694#include "confdefs.h"
14920#include <gssapi_krb5.h> 15695#include <gssapi_krb5.h>
14921_ACEOF 15696_ACEOF
14922if { (eval echo "$as_me:14922: \"$ac_cpp conftest.$ac_ext\"") >&5 15697if { (eval echo "$as_me:15697: \"$ac_cpp conftest.$ac_ext\"") >&5
14923 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 15698 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
14924 ac_status=$? 15699 ac_status=$?
14925 egrep -v '^ *\+' conftest.er1 >conftest.err 15700 egrep -v '^ *\+' conftest.er1 >conftest.err
14926 rm -f conftest.er1 15701 rm -f conftest.er1
14927 cat conftest.err >&5 15702 cat conftest.err >&5
14928 echo "$as_me:14928: \$? = $ac_status" >&5 15703 echo "$as_me:15703: \$? = $ac_status" >&5
14929 (exit $ac_status); } >/dev/null; then 15704 (exit $ac_status); } >/dev/null; then
14930 if test -s conftest.err; then 15705 if test -s conftest.err; then
14931 ac_cpp_err=$ac_c_preproc_warn_flag 15706 ac_cpp_err=$ac_c_preproc_warn_flag
@@ -14944,7 +15719,7 @@ else
14944fi 15719fi
14945rm -f conftest.err conftest.$ac_ext 15720rm -f conftest.err conftest.$ac_ext
14946fi 15721fi
14947echo "$as_me:14947: result: $ac_cv_header_gssapi_krb5_h" >&5 15722echo "$as_me:15722: result: $ac_cv_header_gssapi_krb5_h" >&5
14948echo "${ECHO_T}$ac_cv_header_gssapi_krb5_h" >&6 15723echo "${ECHO_T}$ac_cv_header_gssapi_krb5_h" >&6
14949if test $ac_cv_header_gssapi_krb5_h = yes; then 15724if test $ac_cv_header_gssapi_krb5_h = yes; then
14950 : 15725 :
@@ -14952,11 +15727,260 @@ else
14952 CPPFLAGS="$oldCPP" 15727 CPPFLAGS="$oldCPP"
14953fi 15728fi
14954 15729
14955 KRB5=yes 15730 fi
14956 fi 15731 if test ! -z "$need_dash_r" ; then
15732 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
15733 fi
15734 if test ! -z "$blibpath" ; then
15735 blibpath="$blibpath:${KRB5ROOT}/lib"
15736 fi
15737 fi
15738
15739for ac_header in gssapi.h gssapi/gssapi.h
15740do
15741as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
15742echo "$as_me:15742: checking for $ac_header" >&5
15743echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
15744if eval "test \"\${$as_ac_Header+set}\" = set"; then
15745 echo $ECHO_N "(cached) $ECHO_C" >&6
15746else
15747 cat >conftest.$ac_ext <<_ACEOF
15748#line 15748 "configure"
15749#include "confdefs.h"
15750#include <$ac_header>
15751_ACEOF
15752if { (eval echo "$as_me:15752: \"$ac_cpp conftest.$ac_ext\"") >&5
15753 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
15754 ac_status=$?
15755 egrep -v '^ *\+' conftest.er1 >conftest.err
15756 rm -f conftest.er1
15757 cat conftest.err >&5
15758 echo "$as_me:15758: \$? = $ac_status" >&5
15759 (exit $ac_status); } >/dev/null; then
15760 if test -s conftest.err; then
15761 ac_cpp_err=$ac_c_preproc_warn_flag
15762 else
15763 ac_cpp_err=
15764 fi
15765else
15766 ac_cpp_err=yes
15767fi
15768if test -z "$ac_cpp_err"; then
15769 eval "$as_ac_Header=yes"
15770else
15771 echo "$as_me: failed program was:" >&5
15772 cat conftest.$ac_ext >&5
15773 eval "$as_ac_Header=no"
15774fi
15775rm -f conftest.err conftest.$ac_ext
15776fi
15777echo "$as_me:15777: result: `eval echo '${'$as_ac_Header'}'`" >&5
15778echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
15779if test `eval echo '${'$as_ac_Header'}'` = yes; then
15780 cat >>confdefs.h <<EOF
15781#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
15782EOF
15783
15784fi
15785done
15786
15787for ac_header in gssapi_krb5.h gssapi/gssapi_krb5.h
15788do
15789as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
15790echo "$as_me:15790: checking for $ac_header" >&5
15791echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
15792if eval "test \"\${$as_ac_Header+set}\" = set"; then
15793 echo $ECHO_N "(cached) $ECHO_C" >&6
15794else
15795 cat >conftest.$ac_ext <<_ACEOF
15796#line 15796 "configure"
15797#include "confdefs.h"
15798#include <$ac_header>
15799_ACEOF
15800if { (eval echo "$as_me:15800: \"$ac_cpp conftest.$ac_ext\"") >&5
15801 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
15802 ac_status=$?
15803 egrep -v '^ *\+' conftest.er1 >conftest.err
15804 rm -f conftest.er1
15805 cat conftest.err >&5
15806 echo "$as_me:15806: \$? = $ac_status" >&5
15807 (exit $ac_status); } >/dev/null; then
15808 if test -s conftest.err; then
15809 ac_cpp_err=$ac_c_preproc_warn_flag
15810 else
15811 ac_cpp_err=
15812 fi
15813else
15814 ac_cpp_err=yes
15815fi
15816if test -z "$ac_cpp_err"; then
15817 eval "$as_ac_Header=yes"
15818else
15819 echo "$as_me: failed program was:" >&5
15820 cat conftest.$ac_ext >&5
15821 eval "$as_ac_Header=no"
15822fi
15823rm -f conftest.err conftest.$ac_ext
15824fi
15825echo "$as_me:15825: result: `eval echo '${'$as_ac_Header'}'`" >&5
15826echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
15827if test `eval echo '${'$as_ac_Header'}'` = yes; then
15828 cat >>confdefs.h <<EOF
15829#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
15830EOF
15831
15832fi
15833done
15834
15835for ac_header in gssapi_generic.h gssapi/gssapi_generic.h
15836do
15837as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
15838echo "$as_me:15838: checking for $ac_header" >&5
15839echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
15840if eval "test \"\${$as_ac_Header+set}\" = set"; then
15841 echo $ECHO_N "(cached) $ECHO_C" >&6
15842else
15843 cat >conftest.$ac_ext <<_ACEOF
15844#line 15844 "configure"
15845#include "confdefs.h"
15846#include <$ac_header>
15847_ACEOF
15848if { (eval echo "$as_me:15848: \"$ac_cpp conftest.$ac_ext\"") >&5
15849 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
15850 ac_status=$?
15851 egrep -v '^ *\+' conftest.er1 >conftest.err
15852 rm -f conftest.er1
15853 cat conftest.err >&5
15854 echo "$as_me:15854: \$? = $ac_status" >&5
15855 (exit $ac_status); } >/dev/null; then
15856 if test -s conftest.err; then
15857 ac_cpp_err=$ac_c_preproc_warn_flag
15858 else
15859 ac_cpp_err=
15860 fi
15861else
15862 ac_cpp_err=yes
15863fi
15864if test -z "$ac_cpp_err"; then
15865 eval "$as_ac_Header=yes"
15866else
15867 echo "$as_me: failed program was:" >&5
15868 cat conftest.$ac_ext >&5
15869 eval "$as_ac_Header=no"
15870fi
15871rm -f conftest.err conftest.$ac_ext
15872fi
15873echo "$as_me:15873: result: `eval echo '${'$as_ac_Header'}'`" >&5
15874echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
15875if test `eval echo '${'$as_ac_Header'}'` = yes; then
15876 cat >>confdefs.h <<EOF
15877#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
15878EOF
15879
15880fi
15881done
15882
15883 LIBS="$LIBS $K5LIBS"
15884 echo "$as_me:15884: checking for library containing k_hasafs" >&5
15885echo $ECHO_N "checking for library containing k_hasafs... $ECHO_C" >&6
15886if test "${ac_cv_search_k_hasafs+set}" = set; then
15887 echo $ECHO_N "(cached) $ECHO_C" >&6
15888else
15889 ac_func_search_save_LIBS=$LIBS
15890ac_cv_search_k_hasafs=no
15891cat >conftest.$ac_ext <<_ACEOF
15892#line 15892 "configure"
15893#include "confdefs.h"
15894
15895/* Override any gcc2 internal prototype to avoid an error. */
15896#ifdef __cplusplus
15897extern "C"
15898#endif
15899/* We use char because int might match the return type of a gcc2
15900 builtin and then its argument prototype would still apply. */
15901char k_hasafs ();
15902int
15903main ()
15904{
15905k_hasafs ();
15906 ;
15907 return 0;
15908}
15909_ACEOF
15910rm -f conftest.$ac_objext conftest$ac_exeext
15911if { (eval echo "$as_me:15911: \"$ac_link\"") >&5
15912 (eval $ac_link) 2>&5
15913 ac_status=$?
15914 echo "$as_me:15914: \$? = $ac_status" >&5
15915 (exit $ac_status); } &&
15916 { ac_try='test -s conftest$ac_exeext'
15917 { (eval echo "$as_me:15917: \"$ac_try\"") >&5
15918 (eval $ac_try) 2>&5
15919 ac_status=$?
15920 echo "$as_me:15920: \$? = $ac_status" >&5
15921 (exit $ac_status); }; }; then
15922 ac_cv_search_k_hasafs="none required"
15923else
15924 echo "$as_me: failed program was:" >&5
15925cat conftest.$ac_ext >&5
15926fi
15927rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
15928if test "$ac_cv_search_k_hasafs" = no; then
15929 for ac_lib in kafs; do
15930 LIBS="-l$ac_lib $ac_func_search_save_LIBS"
15931 cat >conftest.$ac_ext <<_ACEOF
15932#line 15932 "configure"
15933#include "confdefs.h"
15934
15935/* Override any gcc2 internal prototype to avoid an error. */
15936#ifdef __cplusplus
15937extern "C"
15938#endif
15939/* We use char because int might match the return type of a gcc2
15940 builtin and then its argument prototype would still apply. */
15941char k_hasafs ();
15942int
15943main ()
15944{
15945k_hasafs ();
15946 ;
15947 return 0;
15948}
15949_ACEOF
15950rm -f conftest.$ac_objext conftest$ac_exeext
15951if { (eval echo "$as_me:15951: \"$ac_link\"") >&5
15952 (eval $ac_link) 2>&5
15953 ac_status=$?
15954 echo "$as_me:15954: \$? = $ac_status" >&5
15955 (exit $ac_status); } &&
15956 { ac_try='test -s conftest$ac_exeext'
15957 { (eval echo "$as_me:15957: \"$ac_try\"") >&5
15958 (eval $ac_try) 2>&5
15959 ac_status=$?
15960 echo "$as_me:15960: \$? = $ac_status" >&5
15961 (exit $ac_status); }; }; then
15962 ac_cv_search_k_hasafs="-l$ac_lib"
15963break
15964else
15965 echo "$as_me: failed program was:" >&5
15966cat conftest.$ac_ext >&5
15967fi
15968rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
15969 done
15970fi
15971LIBS=$ac_func_search_save_LIBS
15972fi
15973echo "$as_me:15973: result: $ac_cv_search_k_hasafs" >&5
15974echo "${ECHO_T}$ac_cv_search_k_hasafs" >&6
15975if test "$ac_cv_search_k_hasafs" != no; then
15976 test "$ac_cv_search_k_hasafs" = "none required" || LIBS="$ac_cv_search_k_hasafs $LIBS"
15977 cat >>confdefs.h <<\EOF
15978#define USE_AFS 1
15979EOF
15980
15981fi
14957 15982
14958fi; 15983fi;
14959LIBS="$LIBS $K5LIBS"
14960 15984
14961# Looking for programs, paths and files 15985# Looking for programs, paths and files
14962 15986
@@ -14989,7 +16013,7 @@ else
14989 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin" 16013 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
14990 # Extract the first word of "xauth", so it can be a program name with args. 16014 # Extract the first word of "xauth", so it can be a program name with args.
14991set dummy xauth; ac_word=$2 16015set dummy xauth; ac_word=$2
14992echo "$as_me:14992: checking for $ac_word" >&5 16016echo "$as_me:16016: checking for $ac_word" >&5
14993echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 16017echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
14994if test "${ac_cv_path_xauth_path+set}" = set; then 16018if test "${ac_cv_path_xauth_path+set}" = set; then
14995 echo $ECHO_N "(cached) $ECHO_C" >&6 16019 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -15006,7 +16030,7 @@ for ac_dir in $ac_dummy; do
15006 test -z "$ac_dir" && ac_dir=. 16030 test -z "$ac_dir" && ac_dir=.
15007 if $as_executable_p "$ac_dir/$ac_word"; then 16031 if $as_executable_p "$ac_dir/$ac_word"; then
15008 ac_cv_path_xauth_path="$ac_dir/$ac_word" 16032 ac_cv_path_xauth_path="$ac_dir/$ac_word"
15009 echo "$as_me:15009: found $ac_dir/$ac_word" >&5 16033 echo "$as_me:16033: found $ac_dir/$ac_word" >&5
15010 break 16034 break
15011fi 16035fi
15012done 16036done
@@ -15017,10 +16041,10 @@ fi
15017xauth_path=$ac_cv_path_xauth_path 16041xauth_path=$ac_cv_path_xauth_path
15018 16042
15019if test -n "$xauth_path"; then 16043if test -n "$xauth_path"; then
15020 echo "$as_me:15020: result: $xauth_path" >&5 16044 echo "$as_me:16044: result: $xauth_path" >&5
15021echo "${ECHO_T}$xauth_path" >&6 16045echo "${ECHO_T}$xauth_path" >&6
15022else 16046else
15023 echo "$as_me:15023: result: no" >&5 16047 echo "$as_me:16047: result: no" >&5
15024echo "${ECHO_T}no" >&6 16048echo "${ECHO_T}no" >&6
15025fi 16049fi
15026 16050
@@ -15064,13 +16088,13 @@ fi
15064 16088
15065if test -z "$no_dev_ptmx" ; then 16089if test -z "$no_dev_ptmx" ; then
15066 if test "x$disable_ptmx_check" != "xyes" ; then 16090 if test "x$disable_ptmx_check" != "xyes" ; then
15067 echo "$as_me:15067: checking for \"/dev/ptmx\"" >&5 16091 echo "$as_me:16091: checking for \"/dev/ptmx\"" >&5
15068echo $ECHO_N "checking for \"/dev/ptmx\"... $ECHO_C" >&6 16092echo $ECHO_N "checking for \"/dev/ptmx\"... $ECHO_C" >&6
15069if test "${ac_cv_file___dev_ptmx_+set}" = set; then 16093if test "${ac_cv_file___dev_ptmx_+set}" = set; then
15070 echo $ECHO_N "(cached) $ECHO_C" >&6 16094 echo $ECHO_N "(cached) $ECHO_C" >&6
15071else 16095else
15072 test "$cross_compiling" = yes && 16096 test "$cross_compiling" = yes &&
15073 { { echo "$as_me:15073: error: cannot check for file existence when cross compiling" >&5 16097 { { echo "$as_me:16097: error: cannot check for file existence when cross compiling" >&5
15074echo "$as_me: error: cannot check for file existence when cross compiling" >&2;} 16098echo "$as_me: error: cannot check for file existence when cross compiling" >&2;}
15075 { (exit 1); exit 1; }; } 16099 { (exit 1); exit 1; }; }
15076if test -r ""/dev/ptmx""; then 16100if test -r ""/dev/ptmx""; then
@@ -15079,7 +16103,7 @@ else
15079 ac_cv_file___dev_ptmx_=no 16103 ac_cv_file___dev_ptmx_=no
15080fi 16104fi
15081fi 16105fi
15082echo "$as_me:15082: result: $ac_cv_file___dev_ptmx_" >&5 16106echo "$as_me:16106: result: $ac_cv_file___dev_ptmx_" >&5
15083echo "${ECHO_T}$ac_cv_file___dev_ptmx_" >&6 16107echo "${ECHO_T}$ac_cv_file___dev_ptmx_" >&6
15084if test $ac_cv_file___dev_ptmx_ = yes; then 16108if test $ac_cv_file___dev_ptmx_ = yes; then
15085 16109
@@ -15093,13 +16117,13 @@ fi
15093 16117
15094 fi 16118 fi
15095fi 16119fi
15096echo "$as_me:15096: checking for \"/dev/ptc\"" >&5 16120echo "$as_me:16120: checking for \"/dev/ptc\"" >&5
15097echo $ECHO_N "checking for \"/dev/ptc\"... $ECHO_C" >&6 16121echo $ECHO_N "checking for \"/dev/ptc\"... $ECHO_C" >&6
15098if test "${ac_cv_file___dev_ptc_+set}" = set; then 16122if test "${ac_cv_file___dev_ptc_+set}" = set; then
15099 echo $ECHO_N "(cached) $ECHO_C" >&6 16123 echo $ECHO_N "(cached) $ECHO_C" >&6
15100else 16124else
15101 test "$cross_compiling" = yes && 16125 test "$cross_compiling" = yes &&
15102 { { echo "$as_me:15102: error: cannot check for file existence when cross compiling" >&5 16126 { { echo "$as_me:16126: error: cannot check for file existence when cross compiling" >&5
15103echo "$as_me: error: cannot check for file existence when cross compiling" >&2;} 16127echo "$as_me: error: cannot check for file existence when cross compiling" >&2;}
15104 { (exit 1); exit 1; }; } 16128 { (exit 1); exit 1; }; }
15105if test -r ""/dev/ptc""; then 16129if test -r ""/dev/ptc""; then
@@ -15108,7 +16132,7 @@ else
15108 ac_cv_file___dev_ptc_=no 16132 ac_cv_file___dev_ptc_=no
15109fi 16133fi
15110fi 16134fi
15111echo "$as_me:15111: result: $ac_cv_file___dev_ptc_" >&5 16135echo "$as_me:16135: result: $ac_cv_file___dev_ptc_" >&5
15112echo "${ECHO_T}$ac_cv_file___dev_ptc_" >&6 16136echo "${ECHO_T}$ac_cv_file___dev_ptc_" >&6
15113if test $ac_cv_file___dev_ptc_ = yes; then 16137if test $ac_cv_file___dev_ptc_ = yes; then
15114 16138
@@ -15131,7 +16155,7 @@ if test "${with_mantype+set}" = set; then
15131 MANTYPE=$withval 16155 MANTYPE=$withval
15132 ;; 16156 ;;
15133 *) 16157 *)
15134 { { echo "$as_me:15134: error: invalid man type: $withval" >&5 16158 { { echo "$as_me:16158: error: invalid man type: $withval" >&5
15135echo "$as_me: error: invalid man type: $withval" >&2;} 16159echo "$as_me: error: invalid man type: $withval" >&2;}
15136 { (exit 1); exit 1; }; } 16160 { (exit 1); exit 1; }; }
15137 ;; 16161 ;;
@@ -15144,7 +16168,7 @@ if test -z "$MANTYPE"; then
15144do 16168do
15145 # Extract the first word of "$ac_prog", so it can be a program name with args. 16169 # Extract the first word of "$ac_prog", so it can be a program name with args.
15146set dummy $ac_prog; ac_word=$2 16170set dummy $ac_prog; ac_word=$2
15147echo "$as_me:15147: checking for $ac_word" >&5 16171echo "$as_me:16171: checking for $ac_word" >&5
15148echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 16172echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
15149if test "${ac_cv_path_NROFF+set}" = set; then 16173if test "${ac_cv_path_NROFF+set}" = set; then
15150 echo $ECHO_N "(cached) $ECHO_C" >&6 16174 echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -15161,7 +16185,7 @@ for ac_dir in $ac_dummy; do
15161 test -z "$ac_dir" && ac_dir=. 16185 test -z "$ac_dir" && ac_dir=.
15162 if $as_executable_p "$ac_dir/$ac_word"; then 16186 if $as_executable_p "$ac_dir/$ac_word"; then
15163 ac_cv_path_NROFF="$ac_dir/$ac_word" 16187 ac_cv_path_NROFF="$ac_dir/$ac_word"
15164 echo "$as_me:15164: found $ac_dir/$ac_word" >&5 16188 echo "$as_me:16188: found $ac_dir/$ac_word" >&5
15165 break 16189 break
15166fi 16190fi
15167done 16191done
@@ -15172,10 +16196,10 @@ fi
15172NROFF=$ac_cv_path_NROFF 16196NROFF=$ac_cv_path_NROFF
15173 16197
15174if test -n "$NROFF"; then 16198if test -n "$NROFF"; then
15175 echo "$as_me:15175: result: $NROFF" >&5 16199 echo "$as_me:16199: result: $NROFF" >&5
15176echo "${ECHO_T}$NROFF" >&6 16200echo "${ECHO_T}$NROFF" >&6
15177else 16201else
15178 echo "$as_me:15178: result: no" >&5 16202 echo "$as_me:16202: result: no" >&5
15179echo "${ECHO_T}no" >&6 16203echo "${ECHO_T}no" >&6
15180fi 16204fi
15181 16205
@@ -15232,10 +16256,10 @@ EOF
15232fi; 16256fi;
15233 16257
15234if test -z "$disable_shadow" ; then 16258if test -z "$disable_shadow" ; then
15235 echo "$as_me:15235: checking if the systems has expire shadow information" >&5 16259 echo "$as_me:16259: checking if the systems has expire shadow information" >&5
15236echo $ECHO_N "checking if the systems has expire shadow information... $ECHO_C" >&6 16260echo $ECHO_N "checking if the systems has expire shadow information... $ECHO_C" >&6
15237 cat >conftest.$ac_ext <<_ACEOF 16261 cat >conftest.$ac_ext <<_ACEOF
15238#line 15238 "configure" 16262#line 16262 "configure"
15239#include "confdefs.h" 16263#include "confdefs.h"
15240 16264
15241#include <sys/types.h> 16265#include <sys/types.h>
@@ -15251,16 +16275,16 @@ main ()
15251} 16275}
15252_ACEOF 16276_ACEOF
15253rm -f conftest.$ac_objext 16277rm -f conftest.$ac_objext
15254if { (eval echo "$as_me:15254: \"$ac_compile\"") >&5 16278if { (eval echo "$as_me:16278: \"$ac_compile\"") >&5
15255 (eval $ac_compile) 2>&5 16279 (eval $ac_compile) 2>&5
15256 ac_status=$? 16280 ac_status=$?
15257 echo "$as_me:15257: \$? = $ac_status" >&5 16281 echo "$as_me:16281: \$? = $ac_status" >&5
15258 (exit $ac_status); } && 16282 (exit $ac_status); } &&
15259 { ac_try='test -s conftest.$ac_objext' 16283 { ac_try='test -s conftest.$ac_objext'
15260 { (eval echo "$as_me:15260: \"$ac_try\"") >&5 16284 { (eval echo "$as_me:16284: \"$ac_try\"") >&5
15261 (eval $ac_try) 2>&5 16285 (eval $ac_try) 2>&5
15262 ac_status=$? 16286 ac_status=$?
15263 echo "$as_me:15263: \$? = $ac_status" >&5 16287 echo "$as_me:16287: \$? = $ac_status" >&5
15264 (exit $ac_status); }; }; then 16288 (exit $ac_status); }; }; then
15265 sp_expire_available=yes 16289 sp_expire_available=yes
15266else 16290else
@@ -15271,14 +16295,14 @@ fi
15271rm -f conftest.$ac_objext conftest.$ac_ext 16295rm -f conftest.$ac_objext conftest.$ac_ext
15272 16296
15273 if test "x$sp_expire_available" = "xyes" ; then 16297 if test "x$sp_expire_available" = "xyes" ; then
15274 echo "$as_me:15274: result: yes" >&5 16298 echo "$as_me:16298: result: yes" >&5
15275echo "${ECHO_T}yes" >&6 16299echo "${ECHO_T}yes" >&6
15276 cat >>confdefs.h <<\EOF 16300 cat >>confdefs.h <<\EOF
15277#define HAS_SHADOW_EXPIRE 1 16301#define HAS_SHADOW_EXPIRE 1
15278EOF 16302EOF
15279 16303
15280 else 16304 else
15281 echo "$as_me:15281: result: no" >&5 16305 echo "$as_me:16305: result: no" >&5
15282echo "${ECHO_T}no" >&6 16306echo "${ECHO_T}no" >&6
15283 fi 16307 fi
15284fi 16308fi
@@ -15309,13 +16333,19 @@ fi;
15309fi 16333fi
15310 16334
15311# check for /etc/default/login and use it if present. 16335# check for /etc/default/login and use it if present.
15312echo "$as_me:15312: checking for \"/etc/default/login\"" >&5 16336# Check whether --enable-etc-default-login or --disable-etc-default-login was given.
16337if test "${enable_etc_default_login+set}" = set; then
16338 enableval="$enable_etc_default_login"
16339
16340else
16341
16342echo "$as_me:16342: checking for \"/etc/default/login\"" >&5
15313echo $ECHO_N "checking for \"/etc/default/login\"... $ECHO_C" >&6 16343echo $ECHO_N "checking for \"/etc/default/login\"... $ECHO_C" >&6
15314if test "${ac_cv_file___etc_default_login_+set}" = set; then 16344if test "${ac_cv_file___etc_default_login_+set}" = set; then
15315 echo $ECHO_N "(cached) $ECHO_C" >&6 16345 echo $ECHO_N "(cached) $ECHO_C" >&6
15316else 16346else
15317 test "$cross_compiling" = yes && 16347 test "$cross_compiling" = yes &&
15318 { { echo "$as_me:15318: error: cannot check for file existence when cross compiling" >&5 16348 { { echo "$as_me:16348: error: cannot check for file existence when cross compiling" >&5
15319echo "$as_me: error: cannot check for file existence when cross compiling" >&2;} 16349echo "$as_me: error: cannot check for file existence when cross compiling" >&2;}
15320 { (exit 1); exit 1; }; } 16350 { (exit 1); exit 1; }; }
15321if test -r ""/etc/default/login""; then 16351if test -r ""/etc/default/login""; then
@@ -15324,7 +16354,7 @@ else
15324 ac_cv_file___etc_default_login_=no 16354 ac_cv_file___etc_default_login_=no
15325fi 16355fi
15326fi 16356fi
15327echo "$as_me:15327: result: $ac_cv_file___etc_default_login_" >&5 16357echo "$as_me:16357: result: $ac_cv_file___etc_default_login_" >&5
15328echo "${ECHO_T}$ac_cv_file___etc_default_login_" >&6 16358echo "${ECHO_T}$ac_cv_file___etc_default_login_" >&6
15329if test $ac_cv_file___etc_default_login_ = yes; then 16359if test $ac_cv_file___etc_default_login_ = yes; then
15330 external_path_file=/etc/default/login 16360 external_path_file=/etc/default/login
@@ -15337,6 +16367,8 @@ EOF
15337 16367
15338fi 16368fi
15339 16369
16370fi;
16371
15340if test $ac_cv_func_login_getcapbool = "yes" -a \ 16372if test $ac_cv_func_login_getcapbool = "yes" -a \
15341 $ac_cv_header_login_cap_h = "yes" ; then 16373 $ac_cv_header_login_cap_h = "yes" ; then
15342 external_path_file=/etc/login.conf 16374 external_path_file=/etc/login.conf
@@ -15350,7 +16382,7 @@ if test "${with_default_path+set}" = set; then
15350 withval="$with_default_path" 16382 withval="$with_default_path"
15351 16383
15352 if test "x$external_path_file" = "x/etc/login.conf" ; then 16384 if test "x$external_path_file" = "x/etc/login.conf" ; then
15353 { echo "$as_me:15353: WARNING: 16385 { echo "$as_me:16385: WARNING:
15354--with-default-path=PATH has no effect on this system. 16386--with-default-path=PATH has no effect on this system.
15355Edit /etc/login.conf instead." >&5 16387Edit /etc/login.conf instead." >&5
15356echo "$as_me: WARNING: 16388echo "$as_me: WARNING:
@@ -15358,7 +16390,7 @@ echo "$as_me: WARNING:
15358Edit /etc/login.conf instead." >&2;} 16390Edit /etc/login.conf instead." >&2;}
15359 elif test "x$withval" != "xno" ; then 16391 elif test "x$withval" != "xno" ; then
15360 if test ! -z "$external_path_file" ; then 16392 if test ! -z "$external_path_file" ; then
15361 { echo "$as_me:15361: WARNING: 16393 { echo "$as_me:16393: WARNING:
15362--with-default-path=PATH will only be used if PATH is not defined in 16394--with-default-path=PATH will only be used if PATH is not defined in
15363$external_path_file ." >&5 16395$external_path_file ." >&5
15364echo "$as_me: WARNING: 16396echo "$as_me: WARNING:
@@ -15371,11 +16403,11 @@ $external_path_file ." >&2;}
15371 16403
15372else 16404else
15373 if test "x$external_path_file" = "x/etc/login.conf" ; then 16405 if test "x$external_path_file" = "x/etc/login.conf" ; then
15374 { echo "$as_me:15374: WARNING: Make sure the path to scp is in /etc/login.conf" >&5 16406 { echo "$as_me:16406: WARNING: Make sure the path to scp is in /etc/login.conf" >&5
15375echo "$as_me: WARNING: Make sure the path to scp is in /etc/login.conf" >&2;} 16407echo "$as_me: WARNING: Make sure the path to scp is in /etc/login.conf" >&2;}
15376 else 16408 else
15377 if test ! -z "$external_path_file" ; then 16409 if test ! -z "$external_path_file" ; then
15378 { echo "$as_me:15378: WARNING: 16410 { echo "$as_me:16410: WARNING:
15379If PATH is defined in $external_path_file, ensure the path to scp is included, 16411If PATH is defined in $external_path_file, ensure the path to scp is included,
15380otherwise scp will not work." >&5 16412otherwise scp will not work." >&5
15381echo "$as_me: WARNING: 16413echo "$as_me: WARNING:
@@ -15387,7 +16419,7 @@ otherwise scp will not work." >&2;}
15387 16419
15388else 16420else
15389 cat >conftest.$ac_ext <<_ACEOF 16421 cat >conftest.$ac_ext <<_ACEOF
15390#line 15390 "configure" 16422#line 16422 "configure"
15391#include "confdefs.h" 16423#include "confdefs.h"
15392 16424
15393/* find out what STDPATH is */ 16425/* find out what STDPATH is */
@@ -15424,15 +16456,15 @@ main()
15424 16456
15425_ACEOF 16457_ACEOF
15426rm -f conftest$ac_exeext 16458rm -f conftest$ac_exeext
15427if { (eval echo "$as_me:15427: \"$ac_link\"") >&5 16459if { (eval echo "$as_me:16459: \"$ac_link\"") >&5
15428 (eval $ac_link) 2>&5 16460 (eval $ac_link) 2>&5
15429 ac_status=$? 16461 ac_status=$?
15430 echo "$as_me:15430: \$? = $ac_status" >&5 16462 echo "$as_me:16462: \$? = $ac_status" >&5
15431 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' 16463 (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
15432 { (eval echo "$as_me:15432: \"$ac_try\"") >&5 16464 { (eval echo "$as_me:16464: \"$ac_try\"") >&5
15433 (eval $ac_try) 2>&5 16465 (eval $ac_try) 2>&5
15434 ac_status=$? 16466 ac_status=$?
15435 echo "$as_me:15435: \$? = $ac_status" >&5 16467 echo "$as_me:16467: \$? = $ac_status" >&5
15436 (exit $ac_status); }; }; then 16468 (exit $ac_status); }; }; then
15437 user_path=`cat conftest.stdpath` 16469 user_path=`cat conftest.stdpath`
15438else 16470else
@@ -15456,7 +16488,7 @@ fi
15456 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1 16488 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
15457 if test $? -ne 0 ; then 16489 if test $? -ne 0 ; then
15458 user_path=$user_path:$t_bindir 16490 user_path=$user_path:$t_bindir
15459 echo "$as_me:15459: result: Adding $t_bindir to USER_PATH so scp will work" >&5 16491 echo "$as_me:16491: result: Adding $t_bindir to USER_PATH so scp will work" >&5
15460echo "${ECHO_T}Adding $t_bindir to USER_PATH so scp will work" >&6 16492echo "${ECHO_T}Adding $t_bindir to USER_PATH so scp will work" >&6
15461 fi 16493 fi
15462 fi 16494 fi
@@ -15486,7 +16518,7 @@ EOF
15486 16518
15487fi; 16519fi;
15488 16520
15489echo "$as_me:15489: checking if we need to convert IPv4 in IPv6-mapped addresses" >&5 16521echo "$as_me:16521: checking if we need to convert IPv4 in IPv6-mapped addresses" >&5
15490echo $ECHO_N "checking if we need to convert IPv4 in IPv6-mapped addresses... $ECHO_C" >&6 16522echo $ECHO_N "checking if we need to convert IPv4 in IPv6-mapped addresses... $ECHO_C" >&6
15491IPV4_IN6_HACK_MSG="no" 16523IPV4_IN6_HACK_MSG="no"
15492 16524
@@ -15495,7 +16527,7 @@ if test "${with_4in6+set}" = set; then
15495 withval="$with_4in6" 16527 withval="$with_4in6"
15496 16528
15497 if test "x$withval" != "xno" ; then 16529 if test "x$withval" != "xno" ; then
15498 echo "$as_me:15498: result: yes" >&5 16530 echo "$as_me:16530: result: yes" >&5
15499echo "${ECHO_T}yes" >&6 16531echo "${ECHO_T}yes" >&6
15500 cat >>confdefs.h <<\EOF 16532 cat >>confdefs.h <<\EOF
15501#define IPV4_IN_IPV6 1 16533#define IPV4_IN_IPV6 1
@@ -15503,14 +16535,14 @@ EOF
15503 16535
15504 IPV4_IN6_HACK_MSG="yes" 16536 IPV4_IN6_HACK_MSG="yes"
15505 else 16537 else
15506 echo "$as_me:15506: result: no" >&5 16538 echo "$as_me:16538: result: no" >&5
15507echo "${ECHO_T}no" >&6 16539echo "${ECHO_T}no" >&6
15508 fi 16540 fi
15509 16541
15510else 16542else
15511 16543
15512 if test "x$inet6_default_4in6" = "xyes"; then 16544 if test "x$inet6_default_4in6" = "xyes"; then
15513 echo "$as_me:15513: result: yes (default)" >&5 16545 echo "$as_me:16545: result: yes (default)" >&5
15514echo "${ECHO_T}yes (default)" >&6 16546echo "${ECHO_T}yes (default)" >&6
15515 cat >>confdefs.h <<\EOF 16547 cat >>confdefs.h <<\EOF
15516#define IPV4_IN_IPV6 1 16548#define IPV4_IN_IPV6 1
@@ -15518,7 +16550,7 @@ EOF
15518 16550
15519 IPV4_IN6_HACK_MSG="yes" 16551 IPV4_IN6_HACK_MSG="yes"
15520 else 16552 else
15521 echo "$as_me:15521: result: no (default)" >&5 16553 echo "$as_me:16553: result: no (default)" >&5
15522echo "${ECHO_T}no (default)" >&6 16554echo "${ECHO_T}no (default)" >&6
15523 fi 16555 fi
15524 16556
@@ -15547,7 +16579,7 @@ piddir=/var/run
15547if test ! -d $piddir ; then 16579if test ! -d $piddir ; then
15548 piddir=`eval echo ${sysconfdir}` 16580 piddir=`eval echo ${sysconfdir}`
15549 case $piddir in 16581 case $piddir in
15550 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;; 16582 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
15551 esac 16583 esac
15552fi 16584fi
15553 16585
@@ -15558,7 +16590,7 @@ if test "${with_pid_dir+set}" = set; then
15558 if test "x$withval" != "xno" ; then 16590 if test "x$withval" != "xno" ; then
15559 piddir=$withval 16591 piddir=$withval
15560 if test ! -d $piddir ; then 16592 if test ! -d $piddir ; then
15561 { echo "$as_me:15561: WARNING: ** no $piddir directory on this system **" >&5 16593 { echo "$as_me:16593: WARNING: ** no $piddir directory on this system **" >&5
15562echo "$as_me: WARNING: ** no $piddir directory on this system **" >&2;} 16594echo "$as_me: WARNING: ** no $piddir directory on this system **" >&2;}
15563 fi 16595 fi
15564 fi 16596 fi
@@ -15681,10 +16713,10 @@ EOF
15681 16713
15682fi; 16714fi;
15683 16715
15684echo "$as_me:15684: checking if your system defines LASTLOG_FILE" >&5 16716echo "$as_me:16716: checking if your system defines LASTLOG_FILE" >&5
15685echo $ECHO_N "checking if your system defines LASTLOG_FILE... $ECHO_C" >&6 16717echo $ECHO_N "checking if your system defines LASTLOG_FILE... $ECHO_C" >&6
15686cat >conftest.$ac_ext <<_ACEOF 16718cat >conftest.$ac_ext <<_ACEOF
15687#line 15687 "configure" 16719#line 16719 "configure"
15688#include "confdefs.h" 16720#include "confdefs.h"
15689 16721
15690#include <sys/types.h> 16722#include <sys/types.h>
@@ -15708,29 +16740,29 @@ main ()
15708} 16740}
15709_ACEOF 16741_ACEOF
15710rm -f conftest.$ac_objext 16742rm -f conftest.$ac_objext
15711if { (eval echo "$as_me:15711: \"$ac_compile\"") >&5 16743if { (eval echo "$as_me:16743: \"$ac_compile\"") >&5
15712 (eval $ac_compile) 2>&5 16744 (eval $ac_compile) 2>&5
15713 ac_status=$? 16745 ac_status=$?
15714 echo "$as_me:15714: \$? = $ac_status" >&5 16746 echo "$as_me:16746: \$? = $ac_status" >&5
15715 (exit $ac_status); } && 16747 (exit $ac_status); } &&
15716 { ac_try='test -s conftest.$ac_objext' 16748 { ac_try='test -s conftest.$ac_objext'
15717 { (eval echo "$as_me:15717: \"$ac_try\"") >&5 16749 { (eval echo "$as_me:16749: \"$ac_try\"") >&5
15718 (eval $ac_try) 2>&5 16750 (eval $ac_try) 2>&5
15719 ac_status=$? 16751 ac_status=$?
15720 echo "$as_me:15720: \$? = $ac_status" >&5 16752 echo "$as_me:16752: \$? = $ac_status" >&5
15721 (exit $ac_status); }; }; then 16753 (exit $ac_status); }; }; then
15722 echo "$as_me:15722: result: yes" >&5 16754 echo "$as_me:16754: result: yes" >&5
15723echo "${ECHO_T}yes" >&6 16755echo "${ECHO_T}yes" >&6
15724else 16756else
15725 echo "$as_me: failed program was:" >&5 16757 echo "$as_me: failed program was:" >&5
15726cat conftest.$ac_ext >&5 16758cat conftest.$ac_ext >&5
15727 16759
15728 echo "$as_me:15728: result: no" >&5 16760 echo "$as_me:16760: result: no" >&5
15729echo "${ECHO_T}no" >&6 16761echo "${ECHO_T}no" >&6
15730 echo "$as_me:15730: checking if your system defines _PATH_LASTLOG" >&5 16762 echo "$as_me:16762: checking if your system defines _PATH_LASTLOG" >&5
15731echo $ECHO_N "checking if your system defines _PATH_LASTLOG... $ECHO_C" >&6 16763echo $ECHO_N "checking if your system defines _PATH_LASTLOG... $ECHO_C" >&6
15732 cat >conftest.$ac_ext <<_ACEOF 16764 cat >conftest.$ac_ext <<_ACEOF
15733#line 15733 "configure" 16765#line 16765 "configure"
15734#include "confdefs.h" 16766#include "confdefs.h"
15735 16767
15736#include <sys/types.h> 16768#include <sys/types.h>
@@ -15751,24 +16783,24 @@ main ()
15751} 16783}
15752_ACEOF 16784_ACEOF
15753rm -f conftest.$ac_objext 16785rm -f conftest.$ac_objext
15754if { (eval echo "$as_me:15754: \"$ac_compile\"") >&5 16786if { (eval echo "$as_me:16786: \"$ac_compile\"") >&5
15755 (eval $ac_compile) 2>&5 16787 (eval $ac_compile) 2>&5
15756 ac_status=$? 16788 ac_status=$?
15757 echo "$as_me:15757: \$? = $ac_status" >&5 16789 echo "$as_me:16789: \$? = $ac_status" >&5
15758 (exit $ac_status); } && 16790 (exit $ac_status); } &&
15759 { ac_try='test -s conftest.$ac_objext' 16791 { ac_try='test -s conftest.$ac_objext'
15760 { (eval echo "$as_me:15760: \"$ac_try\"") >&5 16792 { (eval echo "$as_me:16792: \"$ac_try\"") >&5
15761 (eval $ac_try) 2>&5 16793 (eval $ac_try) 2>&5
15762 ac_status=$? 16794 ac_status=$?
15763 echo "$as_me:15763: \$? = $ac_status" >&5 16795 echo "$as_me:16795: \$? = $ac_status" >&5
15764 (exit $ac_status); }; }; then 16796 (exit $ac_status); }; }; then
15765 echo "$as_me:15765: result: yes" >&5 16797 echo "$as_me:16797: result: yes" >&5
15766echo "${ECHO_T}yes" >&6 16798echo "${ECHO_T}yes" >&6
15767else 16799else
15768 echo "$as_me: failed program was:" >&5 16800 echo "$as_me: failed program was:" >&5
15769cat conftest.$ac_ext >&5 16801cat conftest.$ac_ext >&5
15770 16802
15771 echo "$as_me:15771: result: no" >&5 16803 echo "$as_me:16803: result: no" >&5
15772echo "${ECHO_T}no" >&6 16804echo "${ECHO_T}no" >&6
15773 system_lastlog_path=no 16805 system_lastlog_path=no
15774 16806
@@ -15786,7 +16818,7 @@ if test -z "$conf_lastlog_location"; then
15786 fi 16818 fi
15787 done 16819 done
15788 if test -z "$conf_lastlog_location"; then 16820 if test -z "$conf_lastlog_location"; then
15789 { echo "$as_me:15789: WARNING: ** Cannot find lastlog **" >&5 16821 { echo "$as_me:16821: WARNING: ** Cannot find lastlog **" >&5
15790echo "$as_me: WARNING: ** Cannot find lastlog **" >&2;} 16822echo "$as_me: WARNING: ** Cannot find lastlog **" >&2;}
15791 fi 16823 fi
15792 fi 16824 fi
@@ -15799,10 +16831,10 @@ EOF
15799 16831
15800fi 16832fi
15801 16833
15802echo "$as_me:15802: checking if your system defines UTMP_FILE" >&5 16834echo "$as_me:16834: checking if your system defines UTMP_FILE" >&5
15803echo $ECHO_N "checking if your system defines UTMP_FILE... $ECHO_C" >&6 16835echo $ECHO_N "checking if your system defines UTMP_FILE... $ECHO_C" >&6
15804cat >conftest.$ac_ext <<_ACEOF 16836cat >conftest.$ac_ext <<_ACEOF
15805#line 15805 "configure" 16837#line 16837 "configure"
15806#include "confdefs.h" 16838#include "confdefs.h"
15807 16839
15808#include <sys/types.h> 16840#include <sys/types.h>
@@ -15820,23 +16852,23 @@ main ()
15820} 16852}
15821_ACEOF 16853_ACEOF
15822rm -f conftest.$ac_objext 16854rm -f conftest.$ac_objext
15823if { (eval echo "$as_me:15823: \"$ac_compile\"") >&5 16855if { (eval echo "$as_me:16855: \"$ac_compile\"") >&5
15824 (eval $ac_compile) 2>&5 16856 (eval $ac_compile) 2>&5
15825 ac_status=$? 16857 ac_status=$?
15826 echo "$as_me:15826: \$? = $ac_status" >&5 16858 echo "$as_me:16858: \$? = $ac_status" >&5
15827 (exit $ac_status); } && 16859 (exit $ac_status); } &&
15828 { ac_try='test -s conftest.$ac_objext' 16860 { ac_try='test -s conftest.$ac_objext'
15829 { (eval echo "$as_me:15829: \"$ac_try\"") >&5 16861 { (eval echo "$as_me:16861: \"$ac_try\"") >&5
15830 (eval $ac_try) 2>&5 16862 (eval $ac_try) 2>&5
15831 ac_status=$? 16863 ac_status=$?
15832 echo "$as_me:15832: \$? = $ac_status" >&5 16864 echo "$as_me:16864: \$? = $ac_status" >&5
15833 (exit $ac_status); }; }; then 16865 (exit $ac_status); }; }; then
15834 echo "$as_me:15834: result: yes" >&5 16866 echo "$as_me:16866: result: yes" >&5
15835echo "${ECHO_T}yes" >&6 16867echo "${ECHO_T}yes" >&6
15836else 16868else
15837 echo "$as_me: failed program was:" >&5 16869 echo "$as_me: failed program was:" >&5
15838cat conftest.$ac_ext >&5 16870cat conftest.$ac_ext >&5
15839 echo "$as_me:15839: result: no" >&5 16871 echo "$as_me:16871: result: no" >&5
15840echo "${ECHO_T}no" >&6 16872echo "${ECHO_T}no" >&6
15841 system_utmp_path=no 16873 system_utmp_path=no
15842 16874
@@ -15864,10 +16896,10 @@ EOF
15864 16896
15865fi 16897fi
15866 16898
15867echo "$as_me:15867: checking if your system defines WTMP_FILE" >&5 16899echo "$as_me:16899: checking if your system defines WTMP_FILE" >&5
15868echo $ECHO_N "checking if your system defines WTMP_FILE... $ECHO_C" >&6 16900echo $ECHO_N "checking if your system defines WTMP_FILE... $ECHO_C" >&6
15869cat >conftest.$ac_ext <<_ACEOF 16901cat >conftest.$ac_ext <<_ACEOF
15870#line 15870 "configure" 16902#line 16902 "configure"
15871#include "confdefs.h" 16903#include "confdefs.h"
15872 16904
15873#include <sys/types.h> 16905#include <sys/types.h>
@@ -15885,23 +16917,23 @@ main ()
15885} 16917}
15886_ACEOF 16918_ACEOF
15887rm -f conftest.$ac_objext 16919rm -f conftest.$ac_objext
15888if { (eval echo "$as_me:15888: \"$ac_compile\"") >&5 16920if { (eval echo "$as_me:16920: \"$ac_compile\"") >&5
15889 (eval $ac_compile) 2>&5 16921 (eval $ac_compile) 2>&5
15890 ac_status=$? 16922 ac_status=$?
15891 echo "$as_me:15891: \$? = $ac_status" >&5 16923 echo "$as_me:16923: \$? = $ac_status" >&5
15892 (exit $ac_status); } && 16924 (exit $ac_status); } &&
15893 { ac_try='test -s conftest.$ac_objext' 16925 { ac_try='test -s conftest.$ac_objext'
15894 { (eval echo "$as_me:15894: \"$ac_try\"") >&5 16926 { (eval echo "$as_me:16926: \"$ac_try\"") >&5
15895 (eval $ac_try) 2>&5 16927 (eval $ac_try) 2>&5
15896 ac_status=$? 16928 ac_status=$?
15897 echo "$as_me:15897: \$? = $ac_status" >&5 16929 echo "$as_me:16929: \$? = $ac_status" >&5
15898 (exit $ac_status); }; }; then 16930 (exit $ac_status); }; }; then
15899 echo "$as_me:15899: result: yes" >&5 16931 echo "$as_me:16931: result: yes" >&5
15900echo "${ECHO_T}yes" >&6 16932echo "${ECHO_T}yes" >&6
15901else 16933else
15902 echo "$as_me: failed program was:" >&5 16934 echo "$as_me: failed program was:" >&5
15903cat conftest.$ac_ext >&5 16935cat conftest.$ac_ext >&5
15904 echo "$as_me:15904: result: no" >&5 16936 echo "$as_me:16936: result: no" >&5
15905echo "${ECHO_T}no" >&6 16937echo "${ECHO_T}no" >&6
15906 system_wtmp_path=no 16938 system_wtmp_path=no
15907 16939
@@ -15929,10 +16961,10 @@ EOF
15929 16961
15930fi 16962fi
15931 16963
15932echo "$as_me:15932: checking if your system defines UTMPX_FILE" >&5 16964echo "$as_me:16964: checking if your system defines UTMPX_FILE" >&5
15933echo $ECHO_N "checking if your system defines UTMPX_FILE... $ECHO_C" >&6 16965echo $ECHO_N "checking if your system defines UTMPX_FILE... $ECHO_C" >&6
15934cat >conftest.$ac_ext <<_ACEOF 16966cat >conftest.$ac_ext <<_ACEOF
15935#line 15935 "configure" 16967#line 16967 "configure"
15936#include "confdefs.h" 16968#include "confdefs.h"
15937 16969
15938#include <sys/types.h> 16970#include <sys/types.h>
@@ -15953,23 +16985,23 @@ main ()
15953} 16985}
15954_ACEOF 16986_ACEOF
15955rm -f conftest.$ac_objext 16987rm -f conftest.$ac_objext
15956if { (eval echo "$as_me:15956: \"$ac_compile\"") >&5 16988if { (eval echo "$as_me:16988: \"$ac_compile\"") >&5
15957 (eval $ac_compile) 2>&5 16989 (eval $ac_compile) 2>&5
15958 ac_status=$? 16990 ac_status=$?
15959 echo "$as_me:15959: \$? = $ac_status" >&5 16991 echo "$as_me:16991: \$? = $ac_status" >&5
15960 (exit $ac_status); } && 16992 (exit $ac_status); } &&
15961 { ac_try='test -s conftest.$ac_objext' 16993 { ac_try='test -s conftest.$ac_objext'
15962 { (eval echo "$as_me:15962: \"$ac_try\"") >&5 16994 { (eval echo "$as_me:16994: \"$ac_try\"") >&5
15963 (eval $ac_try) 2>&5 16995 (eval $ac_try) 2>&5
15964 ac_status=$? 16996 ac_status=$?
15965 echo "$as_me:15965: \$? = $ac_status" >&5 16997 echo "$as_me:16997: \$? = $ac_status" >&5
15966 (exit $ac_status); }; }; then 16998 (exit $ac_status); }; }; then
15967 echo "$as_me:15967: result: yes" >&5 16999 echo "$as_me:16999: result: yes" >&5
15968echo "${ECHO_T}yes" >&6 17000echo "${ECHO_T}yes" >&6
15969else 17001else
15970 echo "$as_me: failed program was:" >&5 17002 echo "$as_me: failed program was:" >&5
15971cat conftest.$ac_ext >&5 17003cat conftest.$ac_ext >&5
15972 echo "$as_me:15972: result: no" >&5 17004 echo "$as_me:17004: result: no" >&5
15973echo "${ECHO_T}no" >&6 17005echo "${ECHO_T}no" >&6
15974 system_utmpx_path=no 17006 system_utmpx_path=no
15975 17007
@@ -15989,10 +17021,10 @@ EOF
15989 17021
15990fi 17022fi
15991 17023
15992echo "$as_me:15992: checking if your system defines WTMPX_FILE" >&5 17024echo "$as_me:17024: checking if your system defines WTMPX_FILE" >&5
15993echo $ECHO_N "checking if your system defines WTMPX_FILE... $ECHO_C" >&6 17025echo $ECHO_N "checking if your system defines WTMPX_FILE... $ECHO_C" >&6
15994cat >conftest.$ac_ext <<_ACEOF 17026cat >conftest.$ac_ext <<_ACEOF
15995#line 15995 "configure" 17027#line 17027 "configure"
15996#include "confdefs.h" 17028#include "confdefs.h"
15997 17029
15998#include <sys/types.h> 17030#include <sys/types.h>
@@ -16013,23 +17045,23 @@ main ()
16013} 17045}
16014_ACEOF 17046_ACEOF
16015rm -f conftest.$ac_objext 17047rm -f conftest.$ac_objext
16016if { (eval echo "$as_me:16016: \"$ac_compile\"") >&5 17048if { (eval echo "$as_me:17048: \"$ac_compile\"") >&5
16017 (eval $ac_compile) 2>&5 17049 (eval $ac_compile) 2>&5
16018 ac_status=$? 17050 ac_status=$?
16019 echo "$as_me:16019: \$? = $ac_status" >&5 17051 echo "$as_me:17051: \$? = $ac_status" >&5
16020 (exit $ac_status); } && 17052 (exit $ac_status); } &&
16021 { ac_try='test -s conftest.$ac_objext' 17053 { ac_try='test -s conftest.$ac_objext'
16022 { (eval echo "$as_me:16022: \"$ac_try\"") >&5 17054 { (eval echo "$as_me:17054: \"$ac_try\"") >&5
16023 (eval $ac_try) 2>&5 17055 (eval $ac_try) 2>&5
16024 ac_status=$? 17056 ac_status=$?
16025 echo "$as_me:16025: \$? = $ac_status" >&5 17057 echo "$as_me:17057: \$? = $ac_status" >&5
16026 (exit $ac_status); }; }; then 17058 (exit $ac_status); }; }; then
16027 echo "$as_me:16027: result: yes" >&5 17059 echo "$as_me:17059: result: yes" >&5
16028echo "${ECHO_T}yes" >&6 17060echo "${ECHO_T}yes" >&6
16029else 17061else
16030 echo "$as_me: failed program was:" >&5 17062 echo "$as_me: failed program was:" >&5
16031cat conftest.$ac_ext >&5 17063cat conftest.$ac_ext >&5
16032 echo "$as_me:16032: result: no" >&5 17064 echo "$as_me:17064: result: no" >&5
16033echo "${ECHO_T}no" >&6 17065echo "${ECHO_T}no" >&6
16034 system_wtmpx_path=no 17066 system_wtmpx_path=no
16035 17067
@@ -16051,7 +17083,7 @@ fi
16051 17083
16052if test ! -z "$blibpath" ; then 17084if test ! -z "$blibpath" ; then
16053 LDFLAGS="$LDFLAGS $blibflags$blibpath" 17085 LDFLAGS="$LDFLAGS $blibflags$blibpath"
16054 { echo "$as_me:16054: WARNING: Please check and edit blibpath in LDFLAGS in Makefile" >&5 17086 { echo "$as_me:17086: WARNING: Please check and edit blibpath in LDFLAGS in Makefile" >&5
16055echo "$as_me: WARNING: Please check and edit blibpath in LDFLAGS in Makefile" >&2;} 17087echo "$as_me: WARNING: Please check and edit blibpath in LDFLAGS in Makefile" >&2;}
16056fi 17088fi
16057 17089
@@ -16143,7 +17175,7 @@ DEFS=-DHAVE_CONFIG_H
16143: ${CONFIG_STATUS=./config.status} 17175: ${CONFIG_STATUS=./config.status}
16144ac_clean_files_save=$ac_clean_files 17176ac_clean_files_save=$ac_clean_files
16145ac_clean_files="$ac_clean_files $CONFIG_STATUS" 17177ac_clean_files="$ac_clean_files $CONFIG_STATUS"
16146{ echo "$as_me:16146: creating $CONFIG_STATUS" >&5 17178{ echo "$as_me:17178: creating $CONFIG_STATUS" >&5
16147echo "$as_me: creating $CONFIG_STATUS" >&6;} 17179echo "$as_me: creating $CONFIG_STATUS" >&6;}
16148cat >$CONFIG_STATUS <<_ACEOF 17180cat >$CONFIG_STATUS <<_ACEOF
16149#! $SHELL 17181#! $SHELL
@@ -16316,7 +17348,7 @@ cat >>$CONFIG_STATUS <<\EOF
16316 echo "$ac_cs_version"; exit 0 ;; 17348 echo "$ac_cs_version"; exit 0 ;;
16317 --he | --h) 17349 --he | --h)
16318 # Conflict between --help and --header 17350 # Conflict between --help and --header
16319 { { echo "$as_me:16319: error: ambiguous option: $1 17351 { { echo "$as_me:17351: error: ambiguous option: $1
16320Try \`$0 --help' for more information." >&5 17352Try \`$0 --help' for more information." >&5
16321echo "$as_me: error: ambiguous option: $1 17353echo "$as_me: error: ambiguous option: $1
16322Try \`$0 --help' for more information." >&2;} 17354Try \`$0 --help' for more information." >&2;}
@@ -16335,7 +17367,7 @@ Try \`$0 --help' for more information." >&2;}
16335 ac_need_defaults=false;; 17367 ac_need_defaults=false;;
16336 17368
16337 # This is an error. 17369 # This is an error.
16338 -*) { { echo "$as_me:16338: error: unrecognized option: $1 17370 -*) { { echo "$as_me:17370: error: unrecognized option: $1
16339Try \`$0 --help' for more information." >&5 17371Try \`$0 --help' for more information." >&5
16340echo "$as_me: error: unrecognized option: $1 17372echo "$as_me: error: unrecognized option: $1
16341Try \`$0 --help' for more information." >&2;} 17373Try \`$0 --help' for more information." >&2;}
@@ -16375,7 +17407,7 @@ do
16375 "scard/Makefile" ) CONFIG_FILES="$CONFIG_FILES scard/Makefile" ;; 17407 "scard/Makefile" ) CONFIG_FILES="$CONFIG_FILES scard/Makefile" ;;
16376 "ssh_prng_cmds" ) CONFIG_FILES="$CONFIG_FILES ssh_prng_cmds" ;; 17408 "ssh_prng_cmds" ) CONFIG_FILES="$CONFIG_FILES ssh_prng_cmds" ;;
16377 "config.h" ) CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;; 17409 "config.h" ) CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;;
16378 *) { { echo "$as_me:16378: error: invalid argument: $ac_config_target" >&5 17410 *) { { echo "$as_me:17410: error: invalid argument: $ac_config_target" >&5
16379echo "$as_me: error: invalid argument: $ac_config_target" >&2;} 17411echo "$as_me: error: invalid argument: $ac_config_target" >&2;}
16380 { (exit 1); exit 1; }; };; 17412 { (exit 1); exit 1; }; };;
16381 esac 17413 esac
@@ -16485,6 +17517,7 @@ s,@ENT@,$ENT,;t t
16485s,@TEST_MINUS_S_SH@,$TEST_MINUS_S_SH,;t t 17517s,@TEST_MINUS_S_SH@,$TEST_MINUS_S_SH,;t t
16486s,@SH@,$SH,;t t 17518s,@SH@,$SH,;t t
16487s,@LOGIN_PROGRAM_FALLBACK@,$LOGIN_PROGRAM_FALLBACK,;t t 17519s,@LOGIN_PROGRAM_FALLBACK@,$LOGIN_PROGRAM_FALLBACK,;t t
17520s,@PATH_PASSWD_PROG@,$PATH_PASSWD_PROG,;t t
16488s,@LD@,$LD,;t t 17521s,@LD@,$LD,;t t
16489s,@LIBWRAP@,$LIBWRAP,;t t 17522s,@LIBWRAP@,$LIBWRAP,;t t
16490s,@LIBPAM@,$LIBPAM,;t t 17523s,@LIBPAM@,$LIBPAM,;t t
@@ -16631,7 +17664,7 @@ done; }
16631 esac 17664 esac
16632 17665
16633 if test x"$ac_file" != x-; then 17666 if test x"$ac_file" != x-; then
16634 { echo "$as_me:16634: creating $ac_file" >&5 17667 { echo "$as_me:17667: creating $ac_file" >&5
16635echo "$as_me: creating $ac_file" >&6;} 17668echo "$as_me: creating $ac_file" >&6;}
16636 rm -f "$ac_file" 17669 rm -f "$ac_file"
16637 fi 17670 fi
@@ -16649,7 +17682,7 @@ echo "$as_me: creating $ac_file" >&6;}
16649 -) echo $tmp/stdin ;; 17682 -) echo $tmp/stdin ;;
16650 [\\/$]*) 17683 [\\/$]*)
16651 # Absolute (can't be DOS-style, as IFS=:) 17684 # Absolute (can't be DOS-style, as IFS=:)
16652 test -f "$f" || { { echo "$as_me:16652: error: cannot find input file: $f" >&5 17685 test -f "$f" || { { echo "$as_me:17685: error: cannot find input file: $f" >&5
16653echo "$as_me: error: cannot find input file: $f" >&2;} 17686echo "$as_me: error: cannot find input file: $f" >&2;}
16654 { (exit 1); exit 1; }; } 17687 { (exit 1); exit 1; }; }
16655 echo $f;; 17688 echo $f;;
@@ -16662,7 +17695,7 @@ echo "$as_me: error: cannot find input file: $f" >&2;}
16662 echo $srcdir/$f 17695 echo $srcdir/$f
16663 else 17696 else
16664 # /dev/null tree 17697 # /dev/null tree
16665 { { echo "$as_me:16665: error: cannot find input file: $f" >&5 17698 { { echo "$as_me:17698: error: cannot find input file: $f" >&5
16666echo "$as_me: error: cannot find input file: $f" >&2;} 17699echo "$as_me: error: cannot find input file: $f" >&2;}
16667 { (exit 1); exit 1; }; } 17700 { (exit 1); exit 1; }; }
16668 fi;; 17701 fi;;
@@ -16723,7 +17756,7 @@ for ac_file in : $CONFIG_HEADERS; do test "x$ac_file" = x: && continue
16723 * ) ac_file_in=$ac_file.in ;; 17756 * ) ac_file_in=$ac_file.in ;;
16724 esac 17757 esac
16725 17758
16726 test x"$ac_file" != x- && { echo "$as_me:16726: creating $ac_file" >&5 17759 test x"$ac_file" != x- && { echo "$as_me:17759: creating $ac_file" >&5
16727echo "$as_me: creating $ac_file" >&6;} 17760echo "$as_me: creating $ac_file" >&6;}
16728 17761
16729 # First look for the input files in the build tree, otherwise in the 17762 # First look for the input files in the build tree, otherwise in the
@@ -16734,7 +17767,7 @@ echo "$as_me: creating $ac_file" >&6;}
16734 -) echo $tmp/stdin ;; 17767 -) echo $tmp/stdin ;;
16735 [\\/$]*) 17768 [\\/$]*)
16736 # Absolute (can't be DOS-style, as IFS=:) 17769 # Absolute (can't be DOS-style, as IFS=:)
16737 test -f "$f" || { { echo "$as_me:16737: error: cannot find input file: $f" >&5 17770 test -f "$f" || { { echo "$as_me:17770: error: cannot find input file: $f" >&5
16738echo "$as_me: error: cannot find input file: $f" >&2;} 17771echo "$as_me: error: cannot find input file: $f" >&2;}
16739 { (exit 1); exit 1; }; } 17772 { (exit 1); exit 1; }; }
16740 echo $f;; 17773 echo $f;;
@@ -16747,7 +17780,7 @@ echo "$as_me: error: cannot find input file: $f" >&2;}
16747 echo $srcdir/$f 17780 echo $srcdir/$f
16748 else 17781 else
16749 # /dev/null tree 17782 # /dev/null tree
16750 { { echo "$as_me:16750: error: cannot find input file: $f" >&5 17783 { { echo "$as_me:17783: error: cannot find input file: $f" >&5
16751echo "$as_me: error: cannot find input file: $f" >&2;} 17784echo "$as_me: error: cannot find input file: $f" >&2;}
16752 { (exit 1); exit 1; }; } 17785 { (exit 1); exit 1; }; }
16753 fi;; 17786 fi;;
@@ -16777,7 +17810,7 @@ s/[\\&,]/\\&/g
16777s,[\\$`],\\&,g 17810s,[\\$`],\\&,g
16778t clear 17811t clear
16779: clear 17812: clear
16780s,^[ ]*#[ ]*define[ ][ ]*\([^ (][^ (]*\)\(([^)]*)\)[ ]*\(.*\)$,${ac_dA}\1${ac_dB}\1\2${ac_dC}\3${ac_dD},gp 17813s,^[ ]*#[ ]*define[ ][ ]*\(\([^ (][^ (]*\)([^)]*)\)[ ]*\(.*\)$,${ac_dA}\2${ac_dB}\1${ac_dC}\3${ac_dD},gp
16781t end 17814t end
16782s,^[ ]*#[ ]*define[ ][ ]*\([^ ][^ ]*\)[ ]*\(.*\)$,${ac_dA}\1${ac_dB}\1${ac_dC}\2${ac_dD},gp 17815s,^[ ]*#[ ]*define[ ][ ]*\([^ ][^ ]*\)[ ]*\(.*\)$,${ac_dA}\1${ac_dB}\1${ac_dC}\2${ac_dD},gp
16783: end 17816: end
@@ -16864,7 +17897,7 @@ cat >>$CONFIG_STATUS <<\EOF
16864 rm -f $tmp/in 17897 rm -f $tmp/in
16865 if test x"$ac_file" != x-; then 17898 if test x"$ac_file" != x-; then
16866 if cmp -s $ac_file $tmp/config.h 2>/dev/null; then 17899 if cmp -s $ac_file $tmp/config.h 2>/dev/null; then
16867 { echo "$as_me:16867: $ac_file is unchanged" >&5 17900 { echo "$as_me:17900: $ac_file is unchanged" >&5
16868echo "$as_me: $ac_file is unchanged" >&6;} 17901echo "$as_me: $ac_file is unchanged" >&6;}
16869 else 17902 else
16870 ac_dir=`$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ 17903 ac_dir=`$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
@@ -16968,7 +18001,6 @@ if test ! -z "$superuser_path" ; then
16968echo " sshd superuser user PATH: $J" 18001echo " sshd superuser user PATH: $J"
16969fi 18002fi
16970echo " Manpage format: $MANTYPE" 18003echo " Manpage format: $MANTYPE"
16971echo " DNS support: $DNS_MSG"
16972echo " PAM support: $PAM_MSG" 18004echo " PAM support: $PAM_MSG"
16973echo " KerberosV support: $KRB5_MSG" 18005echo " KerberosV support: $KRB5_MSG"
16974echo " Smartcard support: $SCARD_MSG" 18006echo " Smartcard support: $SCARD_MSG"
diff --git a/configure.ac b/configure.ac
index 7ddcb777f..836e31730 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,4 @@
1# $Id: configure.ac,v 1.154.2.1 2003/09/16 05:48:15 tim Exp $ 1# $Id: configure.ac,v 1.202 2004/02/24 05:47:04 tim Exp $
2 2
3AC_INIT 3AC_INIT
4AC_CONFIG_SRCDIR([ssh.c]) 4AC_CONFIG_SRCDIR([ssh.c])
@@ -42,24 +42,39 @@ else
42 fi 42 fi
43fi 43fi
44 44
45AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
46if test ! -z "$PATH_PASSWD_PROG" ; then
47 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG")
48fi
49
45if test -z "$LD" ; then 50if test -z "$LD" ; then
46 LD=$CC 51 LD=$CC
47fi 52fi
48AC_SUBST(LD) 53AC_SUBST(LD)
49 54
50AC_C_INLINE 55AC_C_INLINE
51if test "$GCC" = "yes" || test "$GCC" = "egcs"; then 56if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
52 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wno-uninitialized" 57 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wno-uninitialized"
53fi 58fi
54 59
60AC_ARG_WITH(rpath,
61 [ --without-rpath Disable auto-added -R linker paths],
62 [
63 if test "x$withval" = "xno" ; then
64 need_dash_r=""
65 fi
66 if test "x$withval" = "xyes" ; then
67 need_dash_r=1
68 fi
69 ]
70)
71
55# Check for some target-specific stuff 72# Check for some target-specific stuff
56case "$host" in 73case "$host" in
57*-*-aix*) 74*-*-aix*)
58 CPPFLAGS="$CPPFLAGS -I/usr/local/include" 75 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
59 LDFLAGS="$LDFLAGS -L/usr/local/lib"
60 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
61 if (test -z "$blibpath"); then 76 if (test -z "$blibpath"); then
62 blibpath="/usr/lib:/lib:/usr/local/lib" 77 blibpath="/usr/lib:/lib"
63 fi 78 fi
64 saved_LDFLAGS="$LDFLAGS" 79 saved_LDFLAGS="$LDFLAGS"
65 for tryflags in -blibpath: -Wl,-blibpath: -Wl,-rpath, ;do 80 for tryflags in -blibpath: -Wl,-blibpath: -Wl,-rpath, ;do
@@ -120,6 +135,9 @@ case "$host" in
120 ;; 135 ;;
121*-*-dgux*) 136*-*-dgux*)
122 AC_DEFINE(IP_TOS_IS_BROKEN) 137 AC_DEFINE(IP_TOS_IS_BROKEN)
138 AC_DEFINE(SETEUID_BREAKS_SETUID)
139 AC_DEFINE(BROKEN_SETREUID)
140 AC_DEFINE(BROKEN_SETREGID)
123 ;; 141 ;;
124*-*-darwin*) 142*-*-darwin*)
125 AC_MSG_CHECKING(if we have working getaddrinfo) 143 AC_MSG_CHECKING(if we have working getaddrinfo)
@@ -132,6 +150,10 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
132 [AC_MSG_RESULT(buggy) 150 [AC_MSG_RESULT(buggy)
133 AC_DEFINE(BROKEN_GETADDRINFO)], 151 AC_DEFINE(BROKEN_GETADDRINFO)],
134 [AC_MSG_RESULT(assume it is working)]) 152 [AC_MSG_RESULT(assume it is working)])
153 AC_DEFINE(SETEUID_BREAKS_SETUID)
154 AC_DEFINE(BROKEN_SETREUID)
155 AC_DEFINE(BROKEN_SETREGID)
156 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1)
135 ;; 157 ;;
136*-*-hpux10.26) 158*-*-hpux10.26)
137 if test -z "$GCC"; then 159 if test -z "$GCC"; then
@@ -143,8 +165,6 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
143 AC_DEFINE(USE_PIPES) 165 AC_DEFINE(USE_PIPES)
144 AC_DEFINE(LOGIN_NO_ENDOPT) 166 AC_DEFINE(LOGIN_NO_ENDOPT)
145 AC_DEFINE(LOGIN_NEEDS_UTMPX) 167 AC_DEFINE(LOGIN_NEEDS_UTMPX)
146 AC_DEFINE(DISABLE_SHADOW)
147 AC_DEFINE(DISABLE_UTMP)
148 AC_DEFINE(LOCKED_PASSWD_STRING, "*") 168 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
149 AC_DEFINE(SPT_TYPE,SPT_PSTAT) 169 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
150 LIBS="$LIBS -lsec -lsecpw" 170 LIBS="$LIBS -lsec -lsecpw"
@@ -160,8 +180,6 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
160 AC_DEFINE(USE_PIPES) 180 AC_DEFINE(USE_PIPES)
161 AC_DEFINE(LOGIN_NO_ENDOPT) 181 AC_DEFINE(LOGIN_NO_ENDOPT)
162 AC_DEFINE(LOGIN_NEEDS_UTMPX) 182 AC_DEFINE(LOGIN_NEEDS_UTMPX)
163 AC_DEFINE(DISABLE_SHADOW)
164 AC_DEFINE(DISABLE_UTMP)
165 AC_DEFINE(LOCKED_PASSWD_STRING, "*") 183 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
166 AC_DEFINE(SPT_TYPE,SPT_PSTAT) 184 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
167 LIBS="$LIBS -lsec" 185 LIBS="$LIBS -lsec"
@@ -174,30 +192,35 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
174 AC_DEFINE(USE_PIPES) 192 AC_DEFINE(USE_PIPES)
175 AC_DEFINE(LOGIN_NO_ENDOPT) 193 AC_DEFINE(LOGIN_NO_ENDOPT)
176 AC_DEFINE(LOGIN_NEEDS_UTMPX) 194 AC_DEFINE(LOGIN_NEEDS_UTMPX)
177 AC_DEFINE(DISABLE_SHADOW)
178 AC_DEFINE(DISABLE_UTMP) 195 AC_DEFINE(DISABLE_UTMP)
179 AC_DEFINE(LOCKED_PASSWD_STRING, "*") 196 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
180 AC_DEFINE(SPT_TYPE,SPT_PSTAT) 197 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
198 case "$host" in
199 *-*-hpux11.11*)
200 AC_DEFINE(BROKEN_GETADDRINFO);;
201 esac
181 LIBS="$LIBS -lsec" 202 LIBS="$LIBS -lsec"
182 AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***])) 203 AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
183 ;; 204 ;;
184*-*-irix5*) 205*-*-irix5*)
185 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
186 LDFLAGS="$LDFLAGS"
187 PATH="$PATH:/usr/etc" 206 PATH="$PATH:/usr/etc"
188 AC_DEFINE(BROKEN_INET_NTOA) 207 AC_DEFINE(BROKEN_INET_NTOA)
208 AC_DEFINE(SETEUID_BREAKS_SETUID)
209 AC_DEFINE(BROKEN_SETREUID)
210 AC_DEFINE(BROKEN_SETREGID)
189 AC_DEFINE(WITH_ABBREV_NO_TTY) 211 AC_DEFINE(WITH_ABBREV_NO_TTY)
190 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 212 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
191 ;; 213 ;;
192*-*-irix6*) 214*-*-irix6*)
193 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
194 LDFLAGS="$LDFLAGS"
195 PATH="$PATH:/usr/etc" 215 PATH="$PATH:/usr/etc"
196 AC_DEFINE(WITH_IRIX_ARRAY) 216 AC_DEFINE(WITH_IRIX_ARRAY)
197 AC_DEFINE(WITH_IRIX_PROJECT) 217 AC_DEFINE(WITH_IRIX_PROJECT)
198 AC_DEFINE(WITH_IRIX_AUDIT) 218 AC_DEFINE(WITH_IRIX_AUDIT)
199 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS)]) 219 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS)])
200 AC_DEFINE(BROKEN_INET_NTOA) 220 AC_DEFINE(BROKEN_INET_NTOA)
221 AC_DEFINE(SETEUID_BREAKS_SETUID)
222 AC_DEFINE(BROKEN_SETREUID)
223 AC_DEFINE(BROKEN_SETREGID)
201 AC_DEFINE(WITH_ABBREV_NO_TTY) 224 AC_DEFINE(WITH_ABBREV_NO_TTY)
202 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 225 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
203 ;; 226 ;;
@@ -222,11 +245,18 @@ mips-sony-bsd|mips-sony-newsos4)
222 ;; 245 ;;
223*-*-netbsd*) 246*-*-netbsd*)
224 check_for_libcrypt_before=1 247 check_for_libcrypt_before=1
225 need_dash_r=1 248 if test "x$withval" != "xno" ; then
249 need_dash_r=1
250 fi
226 ;; 251 ;;
227*-*-freebsd*) 252*-*-freebsd*)
228 check_for_libcrypt_later=1 253 check_for_libcrypt_later=1
229 ;; 254 ;;
255*-*-bsdi*)
256 AC_DEFINE(SETEUID_BREAKS_SETUID)
257 AC_DEFINE(BROKEN_SETREUID)
258 AC_DEFINE(BROKEN_SETREGID)
259 ;;
230*-next-*) 260*-next-*)
231 conf_lastlog_location="/usr/adm/lastlog" 261 conf_lastlog_location="/usr/adm/lastlog"
232 conf_utmp_location=/etc/utmp 262 conf_utmp_location=/etc/utmp
@@ -236,13 +266,8 @@ mips-sony-bsd|mips-sony-newsos4)
236 AC_DEFINE(BROKEN_REALPATH) 266 AC_DEFINE(BROKEN_REALPATH)
237 AC_DEFINE(USE_PIPES) 267 AC_DEFINE(USE_PIPES)
238 AC_DEFINE(BROKEN_SAVED_UIDS) 268 AC_DEFINE(BROKEN_SAVED_UIDS)
239 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
240 CFLAGS="$CFLAGS"
241 ;; 269 ;;
242*-*-solaris*) 270*-*-solaris*)
243 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
244 LDFLAGS="$LDFLAGS -L/usr/local/lib -R/usr/local/lib"
245 need_dash_r=1
246 AC_DEFINE(PAM_SUN_CODEBASE) 271 AC_DEFINE(PAM_SUN_CODEBASE)
247 AC_DEFINE(LOGIN_NEEDS_UTMPX) 272 AC_DEFINE(LOGIN_NEEDS_UTMPX)
248 AC_DEFINE(LOGIN_NEEDS_TERM) 273 AC_DEFINE(LOGIN_NEEDS_TERM)
@@ -273,19 +298,22 @@ mips-sony-bsd|mips-sony-newsos4)
273 AC_DEFINE(USE_PIPES) 298 AC_DEFINE(USE_PIPES)
274 ;; 299 ;;
275*-ncr-sysv*) 300*-ncr-sysv*)
276 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
277 LDFLAGS="$LDFLAGS -L/usr/local/lib"
278 LIBS="$LIBS -lc89" 301 LIBS="$LIBS -lc89"
279 AC_DEFINE(USE_PIPES) 302 AC_DEFINE(USE_PIPES)
280 AC_DEFINE(SSHD_ACQUIRES_CTTY) 303 AC_DEFINE(SSHD_ACQUIRES_CTTY)
304 AC_DEFINE(SETEUID_BREAKS_SETUID)
305 AC_DEFINE(BROKEN_SETREUID)
306 AC_DEFINE(BROKEN_SETREGID)
281 ;; 307 ;;
282*-sni-sysv*) 308*-sni-sysv*)
283 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
284 # /usr/ucblib MUST NOT be searched on ReliantUNIX 309 # /usr/ucblib MUST NOT be searched on ReliantUNIX
285 LDFLAGS="$LDFLAGS -L/usr/local/lib" 310 AC_CHECK_LIB(dl, dlsym, ,)
286 IPADDR_IN_DISPLAY=yes 311 IPADDR_IN_DISPLAY=yes
287 AC_DEFINE(USE_PIPES) 312 AC_DEFINE(USE_PIPES)
288 AC_DEFINE(IP_TOS_IS_BROKEN) 313 AC_DEFINE(IP_TOS_IS_BROKEN)
314 AC_DEFINE(SETEUID_BREAKS_SETUID)
315 AC_DEFINE(BROKEN_SETREUID)
316 AC_DEFINE(BROKEN_SETREGID)
289 AC_DEFINE(SSHD_ACQUIRES_CTTY) 317 AC_DEFINE(SSHD_ACQUIRES_CTTY)
290 external_path_file=/etc/default/login 318 external_path_file=/etc/default/login
291 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX 319 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
@@ -293,29 +321,22 @@ mips-sony-bsd|mips-sony-newsos4)
293 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog 321 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
294 ;; 322 ;;
295*-*-sysv4.2*) 323*-*-sysv4.2*)
296 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
297 LDFLAGS="$LDFLAGS -L/usr/local/lib"
298 AC_DEFINE(USE_PIPES) 324 AC_DEFINE(USE_PIPES)
299 AC_DEFINE(SETEUID_BREAKS_SETUID) 325 AC_DEFINE(SETEUID_BREAKS_SETUID)
300 AC_DEFINE(BROKEN_SETREUID) 326 AC_DEFINE(BROKEN_SETREUID)
301 AC_DEFINE(BROKEN_SETREGID) 327 AC_DEFINE(BROKEN_SETREGID)
302 ;; 328 ;;
303*-*-sysv5*) 329*-*-sysv5*)
304 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
305 LDFLAGS="$LDFLAGS -L/usr/local/lib"
306 AC_DEFINE(USE_PIPES) 330 AC_DEFINE(USE_PIPES)
307 AC_DEFINE(SETEUID_BREAKS_SETUID) 331 AC_DEFINE(SETEUID_BREAKS_SETUID)
308 AC_DEFINE(BROKEN_SETREUID) 332 AC_DEFINE(BROKEN_SETREUID)
309 AC_DEFINE(BROKEN_SETREGID) 333 AC_DEFINE(BROKEN_SETREGID)
310 ;; 334 ;;
311*-*-sysv*) 335*-*-sysv*)
312 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
313 LDFLAGS="$LDFLAGS -L/usr/local/lib"
314 ;; 336 ;;
315*-*-sco3.2v4*) 337*-*-sco3.2v4*)
316 CPPFLAGS="$CPPFLAGS -Dftruncate=chsize -I/usr/local/include" 338 CPPFLAGS="$CPPFLAGS -Dftruncate=chsize"
317 LDFLAGS="$LDFLAGS -L/usr/local/lib" 339 LIBS="$LIBS -los -lprot -lcrypt_i -lx -ltinfo -lm"
318 LIBS="$LIBS -los -lprot -lx -ltinfo -lm"
319 RANLIB=true 340 RANLIB=true
320 no_dev_ptmx=1 341 no_dev_ptmx=1
321 AC_DEFINE(BROKEN_SYS_TERMIO_H) 342 AC_DEFINE(BROKEN_SYS_TERMIO_H)
@@ -332,8 +353,6 @@ mips-sony-bsd|mips-sony-newsos4)
332 if test -z "$GCC"; then 353 if test -z "$GCC"; then
333 CFLAGS="$CFLAGS -belf" 354 CFLAGS="$CFLAGS -belf"
334 fi 355 fi
335 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
336 LDFLAGS="$LDFLAGS -L/usr/local/lib"
337 LIBS="$LIBS -lprot -lx -ltinfo -lm" 356 LIBS="$LIBS -lprot -lx -ltinfo -lm"
338 no_dev_ptmx=1 357 no_dev_ptmx=1
339 AC_DEFINE(USE_PIPES) 358 AC_DEFINE(USE_PIPES)
@@ -348,6 +367,10 @@ mips-sony-bsd|mips-sony-newsos4)
348 MANTYPE=man 367 MANTYPE=man
349 ;; 368 ;;
350*-*-unicosmk*) 369*-*-unicosmk*)
370 AC_DEFINE(NO_SSH_LASTLOG)
371 AC_DEFINE(SETEUID_BREAKS_SETUID)
372 AC_DEFINE(BROKEN_SETREUID)
373 AC_DEFINE(BROKEN_SETREGID)
351 AC_DEFINE(USE_PIPES) 374 AC_DEFINE(USE_PIPES)
352 AC_DEFINE(DISABLE_FD_PASSING) 375 AC_DEFINE(DISABLE_FD_PASSING)
353 LDFLAGS="$LDFLAGS" 376 LDFLAGS="$LDFLAGS"
@@ -355,14 +378,20 @@ mips-sony-bsd|mips-sony-newsos4)
355 MANTYPE=cat 378 MANTYPE=cat
356 ;; 379 ;;
357*-*-unicosmp*) 380*-*-unicosmp*)
381 AC_DEFINE(SETEUID_BREAKS_SETUID)
382 AC_DEFINE(BROKEN_SETREUID)
383 AC_DEFINE(BROKEN_SETREGID)
358 AC_DEFINE(WITH_ABBREV_NO_TTY) 384 AC_DEFINE(WITH_ABBREV_NO_TTY)
359 AC_DEFINE(USE_PIPES) 385 AC_DEFINE(USE_PIPES)
360 AC_DEFINE(DISABLE_FD_PASSING) 386 AC_DEFINE(DISABLE_FD_PASSING)
361 LDFLAGS="$LDFLAGS" 387 LDFLAGS="$LDFLAGS"
362 LIBS="$LIBS -lgen -lacid" 388 LIBS="$LIBS -lgen -lacid -ldb"
363 MANTYPE=cat 389 MANTYPE=cat
364 ;; 390 ;;
365*-*-unicos*) 391*-*-unicos*)
392 AC_DEFINE(SETEUID_BREAKS_SETUID)
393 AC_DEFINE(BROKEN_SETREUID)
394 AC_DEFINE(BROKEN_SETREGID)
366 AC_DEFINE(USE_PIPES) 395 AC_DEFINE(USE_PIPES)
367 AC_DEFINE(DISABLE_FD_PASSING) 396 AC_DEFINE(DISABLE_FD_PASSING)
368 AC_DEFINE(NO_SSH_LASTLOG) 397 AC_DEFINE(NO_SSH_LASTLOG)
@@ -391,11 +420,13 @@ mips-sony-bsd|mips-sony-newsos4)
391 LIBS="$LIBS -lsecurity -ldb -lm -laud" 420 LIBS="$LIBS -lsecurity -ldb -lm -laud"
392 else 421 else
393 AC_MSG_RESULT(no) 422 AC_MSG_RESULT(no)
423 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin")
394 fi 424 fi
395 fi 425 fi
396 AC_DEFINE(DISABLE_FD_PASSING)
397 AC_DEFINE(BROKEN_GETADDRINFO) 426 AC_DEFINE(BROKEN_GETADDRINFO)
398 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin") 427 AC_DEFINE(SETEUID_BREAKS_SETUID)
428 AC_DEFINE(BROKEN_SETREUID)
429 AC_DEFINE(BROKEN_SETREGID)
399 ;; 430 ;;
400 431
401*-*-nto-qnx) 432*-*-nto-qnx)
@@ -457,13 +488,13 @@ int main(){exit(0);}
457AC_CHECK_HEADERS(bstring.h crypt.h endian.h features.h floatingpoint.h \ 488AC_CHECK_HEADERS(bstring.h crypt.h endian.h features.h floatingpoint.h \
458 getopt.h glob.h ia.h lastlog.h limits.h login.h \ 489 getopt.h glob.h ia.h lastlog.h limits.h login.h \
459 login_cap.h maillock.h netdb.h netgroup.h \ 490 login_cap.h maillock.h netdb.h netgroup.h \
460 netinet/in_systm.h paths.h pty.h readpassphrase.h \ 491 netinet/in_systm.h pam/pam_appl.h paths.h pty.h readpassphrase.h \
461 rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \ 492 rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \
462 strings.h sys/strtio.h sys/audit.h sys/bitypes.h sys/bsdtty.h \ 493 strings.h sys/strtio.h sys/audit.h sys/bitypes.h sys/bsdtty.h \
463 sys/cdefs.h sys/mman.h sys/pstat.h sys/select.h sys/stat.h \ 494 sys/cdefs.h sys/mman.h sys/pstat.h sys/ptms.h sys/select.h sys/stat.h \
464 sys/stropts.h sys/sysmacros.h sys/time.h sys/timers.h \ 495 sys/stream.h sys/stropts.h sys/sysmacros.h sys/time.h sys/timers.h \
465 sys/un.h time.h tmpdir.h ttyent.h usersec.h \ 496 sys/un.h time.h tmpdir.h ttyent.h usersec.h \
466 util.h utime.h utmp.h utmpx.h) 497 util.h utime.h utmp.h utmpx.h vis.h)
467 498
468# Checks for libraries. 499# Checks for libraries.
469AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match)) 500AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
@@ -517,18 +548,6 @@ AC_CHECK_FUNC(getspnam, ,
517 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen")) 548 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
518AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME)) 549AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME))
519 550
520AC_ARG_WITH(rpath,
521 [ --without-rpath Disable auto-added -R linker paths],
522 [
523 if test "x$withval" = "xno" ; then
524 need_dash_r=""
525 fi
526 if test "x$withval" = "xyes" ; then
527 need_dash_r=1
528 fi
529 ]
530)
531
532dnl zlib is required 551dnl zlib is required
533AC_ARG_WITH(zlib, 552AC_ARG_WITH(zlib,
534 [ --with-zlib=PATH Use zlib in PATH], 553 [ --with-zlib=PATH Use zlib in PATH],
@@ -557,13 +576,70 @@ AC_ARG_WITH(zlib,
557 ] 576 ]
558) 577)
559 578
560AC_CHECK_LIB(z, deflate, ,AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])) 579AC_CHECK_LIB(z, deflate, ,
580 [
581 saved_CPPFLAGS="$CPPFLAGS"
582 saved_LDFLAGS="$LDFLAGS"
583 save_LIBS="$LIBS"
584 dnl Check default zlib install dir
585 if test -n "${need_dash_r}"; then
586 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
587 else
588 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
589 fi
590 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
591 LIBS="$LIBS -lz"
592 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
593 [
594 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
595 ]
596 )
597 ]
598)
599AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
600
601AC_ARG_WITH(zlib-version-check,
602 [ --without-zlib-version-check Disable zlib version check],
603 [ if test "x$withval" = "xno" ; then
604 zlib_check_nonfatal=1
605 fi
606 ]
607)
608
609AC_MSG_CHECKING(for zlib 1.1.4 or greater)
610AC_TRY_RUN([
611#include <zlib.h>
612int main()
613{
614 int a, b, c, v;
615 if (sscanf(ZLIB_VERSION, "%d.%d.%d", &a, &b, &c) != 3)
616 exit(1);
617 v = a*1000000 + b*1000 + c;
618 if (v >= 1001004)
619 exit(0);
620 exit(2);
621}
622 ],
623 AC_MSG_RESULT(yes),
624 [ AC_MSG_RESULT(no)
625 if test -z "$zlib_check_nonfatal" ; then
626 AC_MSG_ERROR([*** zlib too old - check config.log ***
627Your reported zlib version has known security problems. It's possible your
628vendor has fixed these problems without changing the version number. If you
629are sure this is the case, you can disable the check by running
630"./configure --without-zlib-version-check".
631If you are in doubt, upgrade zlib to version 1.1.4 or greater.])
632 else
633 AC_MSG_WARN([zlib version may have security problems])
634 fi
635 ]
636)
561 637
562dnl UnixWare 2.x 638dnl UnixWare 2.x
563AC_CHECK_FUNC(strcasecmp, 639AC_CHECK_FUNC(strcasecmp,
564 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ] 640 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
565) 641)
566AC_CHECK_FUNC(utimes, 642AC_CHECK_FUNC(utimes,
567 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES) 643 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
568 LIBS="$LIBS -lc89"]) ] 644 LIBS="$LIBS -lc89"]) ]
569) 645)
@@ -583,7 +659,7 @@ AC_EGREP_CPP(FOUNDIT,
583 #ifdef GLOB_ALTDIRFUNC 659 #ifdef GLOB_ALTDIRFUNC
584 FOUNDIT 660 FOUNDIT
585 #endif 661 #endif
586 ], 662 ],
587 [ 663 [
588 AC_DEFINE(GLOB_HAS_ALTDIRFUNC) 664 AC_DEFINE(GLOB_HAS_ALTDIRFUNC)
589 AC_MSG_RESULT(yes) 665 AC_MSG_RESULT(yes)
@@ -596,17 +672,17 @@ AC_EGREP_CPP(FOUNDIT,
596# Check for g.gl_matchc glob() extension 672# Check for g.gl_matchc glob() extension
597AC_MSG_CHECKING(for gl_matchc field in glob_t) 673AC_MSG_CHECKING(for gl_matchc field in glob_t)
598AC_EGREP_CPP(FOUNDIT, 674AC_EGREP_CPP(FOUNDIT,
599 [ 675 [
600 #include <glob.h> 676 #include <glob.h>
601 int main(void){glob_t g; g.gl_matchc = 1;} 677 int main(void){glob_t g; g.gl_matchc = 1;}
602 ], 678 ],
603 [ 679 [
604 AC_DEFINE(GLOB_HAS_GL_MATCHC) 680 AC_DEFINE(GLOB_HAS_GL_MATCHC)
605 AC_MSG_RESULT(yes) 681 AC_MSG_RESULT(yes)
606 ], 682 ],
607 [ 683 [
608 AC_MSG_RESULT(no) 684 AC_MSG_RESULT(no)
609 ] 685 ]
610) 686)
611 687
612AC_MSG_CHECKING([whether struct dirent allocates space for d_name]) 688AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
@@ -616,7 +692,7 @@ AC_TRY_RUN(
616#include <dirent.h> 692#include <dirent.h>
617int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));} 693int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
618 ], 694 ],
619 [AC_MSG_RESULT(yes)], 695 [AC_MSG_RESULT(yes)],
620 [ 696 [
621 AC_MSG_RESULT(no) 697 AC_MSG_RESULT(no)
622 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME) 698 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
@@ -624,10 +700,10 @@ int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
624) 700)
625 701
626# Check whether user wants S/Key support 702# Check whether user wants S/Key support
627SKEY_MSG="no" 703SKEY_MSG="no"
628AC_ARG_WITH(skey, 704AC_ARG_WITH(skey,
629 [ --with-skey[[=PATH]] Enable S/Key support 705 [ --with-skey[[=PATH]] Enable S/Key support
630 (optionally in PATH)], 706 (optionally in PATH)],
631 [ 707 [
632 if test "x$withval" != "xno" ; then 708 if test "x$withval" != "xno" ; then
633 709
@@ -638,7 +714,7 @@ AC_ARG_WITH(skey,
638 714
639 AC_DEFINE(SKEY) 715 AC_DEFINE(SKEY)
640 LIBS="-lskey $LIBS" 716 LIBS="-lskey $LIBS"
641 SKEY_MSG="yes" 717 SKEY_MSG="yes"
642 718
643 AC_MSG_CHECKING([for s/key support]) 719 AC_MSG_CHECKING([for s/key support])
644 AC_TRY_RUN( 720 AC_TRY_RUN(
@@ -660,7 +736,7 @@ int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
660TCPW_MSG="no" 736TCPW_MSG="no"
661AC_ARG_WITH(tcp-wrappers, 737AC_ARG_WITH(tcp-wrappers,
662 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support 738 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support
663 (optionally in PATH)], 739 (optionally in PATH)],
664 [ 740 [
665 if test "x$withval" != "xno" ; then 741 if test "x$withval" != "xno" ; then
666 saved_LIBS="$LIBS" 742 saved_LIBS="$LIBS"
@@ -712,20 +788,35 @@ AC_ARG_WITH(tcp-wrappers,
712 788
713dnl Checks for library functions. Please keep in alphabetical order 789dnl Checks for library functions. Please keep in alphabetical order
714AC_CHECK_FUNCS(\ 790AC_CHECK_FUNCS(\
715 arc4random __b64_ntop b64_ntop __b64_pton b64_pton basename \ 791 arc4random __b64_ntop b64_ntop __b64_pton b64_pton \
716 bcopy bindresvport_sa clock fchmod fchown freeaddrinfo futimes \ 792 bcopy bindresvport_sa clock fchmod fchown freeaddrinfo futimes \
717 gai_strerror getaddrinfo getcwd getgrouplist getnameinfo getopt \ 793 getaddrinfo getcwd getgrouplist getnameinfo getopt \
718 getpeereid _getpty getrlimit getttyent glob inet_aton \ 794 getpeereid _getpty getrlimit getttyent glob inet_aton \
719 inet_ntoa inet_ntop innetgr login_getcapbool md5_crypt memmove \ 795 inet_ntoa inet_ntop innetgr login_getcapbool md5_crypt memmove \
720 mkdtemp mmap ngetaddrinfo nsleep ogetaddrinfo openlog_r openpty \ 796 mkdtemp mmap ngetaddrinfo nsleep ogetaddrinfo openlog_r openpty \
721 pstat readpassphrase realpath recvmsg rresvport_af sendmsg \ 797 pstat readpassphrase realpath recvmsg rresvport_af sendmsg \
722 setdtablesize setegid setenv seteuid setgroups setlogin setpcred \ 798 setdtablesize setegid setenv seteuid setgroups setlogin setpcred \
723 setproctitle setregid setresgid setresuid setreuid setrlimit \ 799 setproctitle setregid setreuid setrlimit \
724 setsid setvbuf sigaction sigvec snprintf socketpair strerror \ 800 setsid setvbuf sigaction sigvec snprintf socketpair strerror \
725 strlcat strlcpy strmode strnvis sysconf tcgetpgrp \ 801 strlcat strlcpy strmode strnvis strtoul sysconf tcgetpgrp \
726 truncate utimes vhangup vsnprintf waitpid \ 802 truncate updwtmpx utimes vhangup vsnprintf waitpid \
727) 803)
728 804
805# IRIX has a const char return value for gai_strerror()
806AC_CHECK_FUNCS(gai_strerror,[
807 AC_DEFINE(HAVE_GAI_STRERROR)
808 AC_TRY_COMPILE([
809#include <sys/types.h>
810#include <sys/socket.h>
811#include <netdb.h>
812
813const char *gai_strerror(int);],[
814char *str;
815
816str = gai_strerror(0);],[
817 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
818 [Define if gai_strerror() returns const char *])])])
819
729AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP)) 820AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP))
730 821
731dnl Make sure prototypes are defined for these before using them. 822dnl Make sure prototypes are defined for these before using them.
@@ -735,10 +826,38 @@ AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
735dnl tcsendbreak might be a macro 826dnl tcsendbreak might be a macro
736AC_CHECK_DECL(tcsendbreak, 827AC_CHECK_DECL(tcsendbreak,
737 [AC_DEFINE(HAVE_TCSENDBREAK)], 828 [AC_DEFINE(HAVE_TCSENDBREAK)],
738 [AC_CHECK_FUNCS(tcsendbreak)], 829 [AC_CHECK_FUNCS(tcsendbreak)],
739 [#include <termios.h>] 830 [#include <termios.h>]
740) 831)
741 832
833AC_CHECK_FUNCS(setresuid, [
834 dnl Some platorms have setresuid that isn't implemented, test for this
835 AC_MSG_CHECKING(if setresuid seems to work)
836 AC_TRY_RUN([
837#include <stdlib.h>
838#include <errno.h>
839int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
840 ],
841 [AC_MSG_RESULT(yes)],
842 [AC_DEFINE(BROKEN_SETRESUID)
843 AC_MSG_RESULT(not implemented)]
844 )
845])
846
847AC_CHECK_FUNCS(setresgid, [
848 dnl Some platorms have setresgid that isn't implemented, test for this
849 AC_MSG_CHECKING(if setresgid seems to work)
850 AC_TRY_RUN([
851#include <stdlib.h>
852#include <errno.h>
853int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
854 ],
855 [AC_MSG_RESULT(yes)],
856 [AC_DEFINE(BROKEN_SETRESGID)
857 AC_MSG_RESULT(not implemented)]
858 )
859])
860
742dnl Checks for time functions 861dnl Checks for time functions
743AC_CHECK_FUNCS(gettimeofday time) 862AC_CHECK_FUNCS(gettimeofday time)
744dnl Checks for utmp functions 863dnl Checks for utmp functions
@@ -748,12 +867,12 @@ dnl Checks for utmpx functions
748AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline ) 867AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
749AC_CHECK_FUNCS(setutxent utmpxname) 868AC_CHECK_FUNCS(setutxent utmpxname)
750 869
751AC_CHECK_FUNC(daemon, 870AC_CHECK_FUNC(daemon,
752 [AC_DEFINE(HAVE_DAEMON)], 871 [AC_DEFINE(HAVE_DAEMON)],
753 [AC_CHECK_LIB(bsd, daemon, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])] 872 [AC_CHECK_LIB(bsd, daemon, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
754) 873)
755 874
756AC_CHECK_FUNC(getpagesize, 875AC_CHECK_FUNC(getpagesize,
757 [AC_DEFINE(HAVE_GETPAGESIZE)], 876 [AC_DEFINE(HAVE_GETPAGESIZE)],
758 [AC_CHECK_LIB(ucb, getpagesize, [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])] 877 [AC_CHECK_LIB(ucb, getpagesize, [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
759) 878)
@@ -766,7 +885,7 @@ if test "x$ac_cv_func_snprintf" = "xyes" ; then
766#include <stdio.h> 885#include <stdio.h>
767int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');} 886int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
768 ], 887 ],
769 [AC_MSG_RESULT(yes)], 888 [AC_MSG_RESULT(yes)],
770 [ 889 [
771 AC_MSG_RESULT(no) 890 AC_MSG_RESULT(no)
772 AC_DEFINE(BROKEN_SNPRINTF) 891 AC_DEFINE(BROKEN_SNPRINTF)
@@ -790,14 +909,14 @@ unlink(template); exit(0);
790 [ 909 [
791 AC_MSG_RESULT(no) 910 AC_MSG_RESULT(no)
792 ], 911 ],
793 [ 912 [
794 AC_MSG_RESULT(yes) 913 AC_MSG_RESULT(yes)
795 AC_DEFINE(HAVE_STRICT_MKSTEMP) 914 AC_DEFINE(HAVE_STRICT_MKSTEMP)
796 ], 915 ],
797 [ 916 [
798 AC_MSG_RESULT(yes) 917 AC_MSG_RESULT(yes)
799 AC_DEFINE(HAVE_STRICT_MKSTEMP) 918 AC_DEFINE(HAVE_STRICT_MKSTEMP)
800 ] 919 ]
801) 920)
802fi 921fi
803 922
@@ -822,7 +941,7 @@ main()
822 exit(1); 941 exit(1);
823 } else if (pid > 0) { /* parent */ 942 } else if (pid > 0) { /* parent */
824 waitpid(pid, &status, 0); 943 waitpid(pid, &status, 0);
825 if (WIFEXITED(status)) 944 if (WIFEXITED(status))
826 exit(WEXITSTATUS(status)); 945 exit(WEXITSTATUS(status));
827 else 946 else
828 exit(2); 947 exit(2);
@@ -856,7 +975,8 @@ AC_ARG_WITH(pam,
856 [ --with-pam Enable PAM support ], 975 [ --with-pam Enable PAM support ],
857 [ 976 [
858 if test "x$withval" != "xno" ; then 977 if test "x$withval" != "xno" ; then
859 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" ; then 978 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
979 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
860 AC_MSG_ERROR([PAM headers not found]) 980 AC_MSG_ERROR([PAM headers not found])
861 fi 981 fi
862 982
@@ -865,7 +985,6 @@ AC_ARG_WITH(pam,
865 AC_CHECK_FUNCS(pam_getenvlist) 985 AC_CHECK_FUNCS(pam_getenvlist)
866 AC_CHECK_FUNCS(pam_putenv) 986 AC_CHECK_FUNCS(pam_putenv)
867 987
868 disable_shadow=yes
869 PAM_MSG="yes" 988 PAM_MSG="yes"
870 989
871 AC_DEFINE(USE_PAM) 990 AC_DEFINE(USE_PAM)
@@ -886,9 +1005,13 @@ if test "x$PAM_MSG" = "xyes" ; then
886 AC_TRY_COMPILE( 1005 AC_TRY_COMPILE(
887 [ 1006 [
888#include <stdlib.h> 1007#include <stdlib.h>
1008#if defined(HAVE_SECURITY_PAM_APPL_H)
889#include <security/pam_appl.h> 1009#include <security/pam_appl.h>
890 ], 1010#elif defined (HAVE_PAM_PAM_APPL_H)
891 [(void)pam_strerror((pam_handle_t *)NULL, -1);], 1011#include <pam/pam_appl.h>
1012#endif
1013 ],
1014 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
892 [AC_MSG_RESULT(no)], 1015 [AC_MSG_RESULT(no)],
893 [ 1016 [
894 AC_DEFINE(HAVE_OLD_PAM) 1017 AC_DEFINE(HAVE_OLD_PAM)
@@ -898,12 +1021,6 @@ if test "x$PAM_MSG" = "xyes" ; then
898 ) 1021 )
899fi 1022fi
900 1023
901# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
902# because the system crypt() is more featureful.
903if test "x$check_for_libcrypt_before" = "x1"; then
904 AC_CHECK_LIB(crypt, crypt)
905fi
906
907# Search for OpenSSL 1024# Search for OpenSSL
908saved_CPPFLAGS="$CPPFLAGS" 1025saved_CPPFLAGS="$CPPFLAGS"
909saved_LDFLAGS="$LDFLAGS" 1026saved_LDFLAGS="$LDFLAGS"
@@ -932,7 +1049,7 @@ AC_ARG_WITH(ssl-dir,
932 fi 1049 fi
933 ] 1050 ]
934) 1051)
935LIBS="$LIBS -lcrypto" 1052LIBS="-lcrypto $LIBS"
936AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL), 1053AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
937 [ 1054 [
938 dnl Check default openssl install dir 1055 dnl Check default openssl install dir
@@ -959,12 +1076,12 @@ AC_TRY_RUN(
959#include <openssl/opensslv.h> 1076#include <openssl/opensslv.h>
960#define DATA "conftest.sslincver" 1077#define DATA "conftest.sslincver"
961int main(void) { 1078int main(void) {
962 FILE *fd; 1079 FILE *fd;
963 int rc; 1080 int rc;
964 1081
965 fd = fopen(DATA,"w"); 1082 fd = fopen(DATA,"w");
966 if(fd == NULL) 1083 if(fd == NULL)
967 exit(1); 1084 exit(1);
968 1085
969 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0) 1086 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
970 exit(1); 1087 exit(1);
@@ -992,12 +1109,12 @@ AC_TRY_RUN(
992#include <openssl/crypto.h> 1109#include <openssl/crypto.h>
993#define DATA "conftest.ssllibver" 1110#define DATA "conftest.ssllibver"
994int main(void) { 1111int main(void) {
995 FILE *fd; 1112 FILE *fd;
996 int rc; 1113 int rc;
997 1114
998 fd = fopen(DATA,"w"); 1115 fd = fopen(DATA,"w");
999 if(fd == NULL) 1116 if(fd == NULL)
1000 exit(1); 1117 exit(1);
1001 1118
1002 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0) 1119 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1003 exit(1); 1120 exit(1);
@@ -1034,8 +1151,14 @@ Also see contrib/findssl.sh for help identifying header/library mismatches.])
1034 ] 1151 ]
1035) 1152)
1036 1153
1037# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the 1154# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
1038# version in OpenSSL. Skip this for PAM 1155# because the system crypt() is more featureful.
1156if test "x$check_for_libcrypt_before" = "x1"; then
1157 AC_CHECK_LIB(crypt, crypt)
1158fi
1159
1160# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
1161# version in OpenSSL.
1039if test "x$check_for_libcrypt_later" = "x1"; then 1162if test "x$check_for_libcrypt_later" = "x1"; then
1040 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt") 1163 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
1041fi 1164fi
@@ -1069,7 +1192,7 @@ AC_ARG_WITH(rand-helper,
1069 [ --with-rand-helper Use subprocess to gather strong randomness ], 1192 [ --with-rand-helper Use subprocess to gather strong randomness ],
1070 [ 1193 [
1071 if test "x$withval" = "xno" ; then 1194 if test "x$withval" = "xno" ; then
1072 # Force use of OpenSSL's internal RNG, even if 1195 # Force use of OpenSSL's internal RNG, even if
1073 # the previous test showed it to be unseeded. 1196 # the previous test showed it to be unseeded.
1074 if test -z "$OPENSSL_SEEDS_ITSELF" ; then 1197 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
1075 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG]) 1198 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
@@ -1206,7 +1329,7 @@ test -d /sbin && PATH=$PATH:/sbin
1206test -d /usr/sbin && PATH=$PATH:/usr/sbin 1329test -d /usr/sbin && PATH=$PATH:/usr/sbin
1207PATH=$PATH:/etc:$OPATH 1330PATH=$PATH:/etc:$OPATH
1208 1331
1209# These programs are used by the command hashing source to gather entropy 1332# These programs are used by the command hashing source to gather entropy
1210OSSH_PATH_ENTROPY_PROG(PROG_LS, ls) 1333OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
1211OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat) 1334OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
1212OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp) 1335OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
@@ -1262,8 +1385,8 @@ fi
1262# More checks for data types 1385# More checks for data types
1263AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [ 1386AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
1264 AC_TRY_COMPILE( 1387 AC_TRY_COMPILE(
1265 [ #include <sys/types.h> ], 1388 [ #include <sys/types.h> ],
1266 [ u_int a; a = 1;], 1389 [ u_int a; a = 1;],
1267 [ ac_cv_have_u_int="yes" ], 1390 [ ac_cv_have_u_int="yes" ],
1268 [ ac_cv_have_u_int="no" ] 1391 [ ac_cv_have_u_int="no" ]
1269 ) 1392 )
@@ -1275,8 +1398,8 @@ fi
1275 1398
1276AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [ 1399AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
1277 AC_TRY_COMPILE( 1400 AC_TRY_COMPILE(
1278 [ #include <sys/types.h> ], 1401 [ #include <sys/types.h> ],
1279 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], 1402 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
1280 [ ac_cv_have_intxx_t="yes" ], 1403 [ ac_cv_have_intxx_t="yes" ],
1281 [ ac_cv_have_intxx_t="no" ] 1404 [ ac_cv_have_intxx_t="no" ]
1282 ) 1405 )
@@ -1287,12 +1410,12 @@ if test "x$ac_cv_have_intxx_t" = "xyes" ; then
1287fi 1410fi
1288 1411
1289if (test -z "$have_intxx_t" && \ 1412if (test -z "$have_intxx_t" && \
1290 test "x$ac_cv_header_stdint_h" = "xyes") 1413 test "x$ac_cv_header_stdint_h" = "xyes")
1291then 1414then
1292 AC_MSG_CHECKING([for intXX_t types in stdint.h]) 1415 AC_MSG_CHECKING([for intXX_t types in stdint.h])
1293 AC_TRY_COMPILE( 1416 AC_TRY_COMPILE(
1294 [ #include <stdint.h> ], 1417 [ #include <stdint.h> ],
1295 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], 1418 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
1296 [ 1419 [
1297 AC_DEFINE(HAVE_INTXX_T) 1420 AC_DEFINE(HAVE_INTXX_T)
1298 AC_MSG_RESULT(yes) 1421 AC_MSG_RESULT(yes)
@@ -1312,8 +1435,8 @@ AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
1312#ifdef HAVE_SYS_BITYPES_H 1435#ifdef HAVE_SYS_BITYPES_H
1313# include <sys/bitypes.h> 1436# include <sys/bitypes.h>
1314#endif 1437#endif
1315 ], 1438 ],
1316 [ int64_t a; a = 1;], 1439 [ int64_t a; a = 1;],
1317 [ ac_cv_have_int64_t="yes" ], 1440 [ ac_cv_have_int64_t="yes" ],
1318 [ ac_cv_have_int64_t="no" ] 1441 [ ac_cv_have_int64_t="no" ]
1319 ) 1442 )
@@ -1324,8 +1447,8 @@ fi
1324 1447
1325AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [ 1448AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
1326 AC_TRY_COMPILE( 1449 AC_TRY_COMPILE(
1327 [ #include <sys/types.h> ], 1450 [ #include <sys/types.h> ],
1328 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], 1451 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
1329 [ ac_cv_have_u_intxx_t="yes" ], 1452 [ ac_cv_have_u_intxx_t="yes" ],
1330 [ ac_cv_have_u_intxx_t="no" ] 1453 [ ac_cv_have_u_intxx_t="no" ]
1331 ) 1454 )
@@ -1338,8 +1461,8 @@ fi
1338if test -z "$have_u_intxx_t" ; then 1461if test -z "$have_u_intxx_t" ; then
1339 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h]) 1462 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
1340 AC_TRY_COMPILE( 1463 AC_TRY_COMPILE(
1341 [ #include <sys/socket.h> ], 1464 [ #include <sys/socket.h> ],
1342 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], 1465 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
1343 [ 1466 [
1344 AC_DEFINE(HAVE_U_INTXX_T) 1467 AC_DEFINE(HAVE_U_INTXX_T)
1345 AC_MSG_RESULT(yes) 1468 AC_MSG_RESULT(yes)
@@ -1350,8 +1473,8 @@ fi
1350 1473
1351AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [ 1474AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
1352 AC_TRY_COMPILE( 1475 AC_TRY_COMPILE(
1353 [ #include <sys/types.h> ], 1476 [ #include <sys/types.h> ],
1354 [ u_int64_t a; a = 1;], 1477 [ u_int64_t a; a = 1;],
1355 [ ac_cv_have_u_int64_t="yes" ], 1478 [ ac_cv_have_u_int64_t="yes" ],
1356 [ ac_cv_have_u_int64_t="no" ] 1479 [ ac_cv_have_u_int64_t="no" ]
1357 ) 1480 )
@@ -1364,7 +1487,7 @@ fi
1364if test -z "$have_u_int64_t" ; then 1487if test -z "$have_u_int64_t" ; then
1365 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h]) 1488 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
1366 AC_TRY_COMPILE( 1489 AC_TRY_COMPILE(
1367 [ #include <sys/bitypes.h> ], 1490 [ #include <sys/bitypes.h> ],
1368 [ u_int64_t a; a = 1], 1491 [ u_int64_t a; a = 1],
1369 [ 1492 [
1370 AC_DEFINE(HAVE_U_INT64_T) 1493 AC_DEFINE(HAVE_U_INT64_T)
@@ -1379,8 +1502,8 @@ if test -z "$have_u_intxx_t" ; then
1379 AC_TRY_COMPILE( 1502 AC_TRY_COMPILE(
1380 [ 1503 [
1381#include <sys/types.h> 1504#include <sys/types.h>
1382 ], 1505 ],
1383 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ], 1506 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
1384 [ ac_cv_have_uintxx_t="yes" ], 1507 [ ac_cv_have_uintxx_t="yes" ],
1385 [ ac_cv_have_uintxx_t="no" ] 1508 [ ac_cv_have_uintxx_t="no" ]
1386 ) 1509 )
@@ -1393,8 +1516,8 @@ fi
1393if test -z "$have_uintxx_t" ; then 1516if test -z "$have_uintxx_t" ; then
1394 AC_MSG_CHECKING([for uintXX_t types in stdint.h]) 1517 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
1395 AC_TRY_COMPILE( 1518 AC_TRY_COMPILE(
1396 [ #include <stdint.h> ], 1519 [ #include <stdint.h> ],
1397 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;], 1520 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
1398 [ 1521 [
1399 AC_DEFINE(HAVE_UINTXX_T) 1522 AC_DEFINE(HAVE_UINTXX_T)
1400 AC_MSG_RESULT(yes) 1523 AC_MSG_RESULT(yes)
@@ -1404,25 +1527,25 @@ if test -z "$have_uintxx_t" ; then
1404fi 1527fi
1405 1528
1406if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \ 1529if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
1407 test "x$ac_cv_header_sys_bitypes_h" = "xyes") 1530 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
1408then 1531then
1409 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h]) 1532 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
1410 AC_TRY_COMPILE( 1533 AC_TRY_COMPILE(
1411 [ 1534 [
1412#include <sys/bitypes.h> 1535#include <sys/bitypes.h>
1413 ], 1536 ],
1414 [ 1537 [
1415 int8_t a; int16_t b; int32_t c; 1538 int8_t a; int16_t b; int32_t c;
1416 u_int8_t e; u_int16_t f; u_int32_t g; 1539 u_int8_t e; u_int16_t f; u_int32_t g;
1417 a = b = c = e = f = g = 1; 1540 a = b = c = e = f = g = 1;
1418 ], 1541 ],
1419 [ 1542 [
1420 AC_DEFINE(HAVE_U_INTXX_T) 1543 AC_DEFINE(HAVE_U_INTXX_T)
1421 AC_DEFINE(HAVE_INTXX_T) 1544 AC_DEFINE(HAVE_INTXX_T)
1422 AC_MSG_RESULT(yes) 1545 AC_MSG_RESULT(yes)
1423 ], 1546 ],
1424 [AC_MSG_RESULT(no)] 1547 [AC_MSG_RESULT(no)]
1425 ) 1548 )
1426fi 1549fi
1427 1550
1428 1551
@@ -1603,8 +1726,8 @@ fi
1603 1726
1604AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [ 1727AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
1605 AC_TRY_COMPILE( 1728 AC_TRY_COMPILE(
1606 [ #include <sys/time.h> ], 1729 [ #include <sys/time.h> ],
1607 [ struct timeval tv; tv.tv_sec = 1;], 1730 [ struct timeval tv; tv.tv_sec = 1;],
1608 [ ac_cv_have_struct_timeval="yes" ], 1731 [ ac_cv_have_struct_timeval="yes" ],
1609 [ ac_cv_have_struct_timeval="no" ] 1732 [ ac_cv_have_struct_timeval="no" ]
1610 ) 1733 )
@@ -1644,7 +1767,7 @@ main()
1644 strcpy(expected_out, "9223372036854775807"); 1767 strcpy(expected_out, "9223372036854775807");
1645 snprintf(buf, mazsize, "%lld", num); 1768 snprintf(buf, mazsize, "%lld", num);
1646 if(strcmp(buf, expected_out) != 0) 1769 if(strcmp(buf, expected_out) != 0)
1647 exit(1); 1770 exit(1);
1648 exit(0); 1771 exit(0);
1649} 1772}
1650#else 1773#else
@@ -1802,8 +1925,8 @@ if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
1802fi 1925fi
1803 1926
1804AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [ 1927AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
1805 AC_TRY_LINK([], 1928 AC_TRY_LINK([],
1806 [ extern char *__progname; printf("%s", __progname); ], 1929 [ extern char *__progname; printf("%s", __progname); ],
1807 [ ac_cv_libc_defines___progname="yes" ], 1930 [ ac_cv_libc_defines___progname="yes" ],
1808 [ ac_cv_libc_defines___progname="no" ] 1931 [ ac_cv_libc_defines___progname="no" ]
1809 ) 1932 )
@@ -1815,8 +1938,8 @@ fi
1815AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [ 1938AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
1816 AC_TRY_LINK([ 1939 AC_TRY_LINK([
1817#include <stdio.h> 1940#include <stdio.h>
1818], 1941],
1819 [ printf("%s", __FUNCTION__); ], 1942 [ printf("%s", __FUNCTION__); ],
1820 [ ac_cv_cc_implements___FUNCTION__="yes" ], 1943 [ ac_cv_cc_implements___FUNCTION__="yes" ],
1821 [ ac_cv_cc_implements___FUNCTION__="no" ] 1944 [ ac_cv_cc_implements___FUNCTION__="no" ]
1822 ) 1945 )
@@ -1828,8 +1951,8 @@ fi
1828AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [ 1951AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
1829 AC_TRY_LINK([ 1952 AC_TRY_LINK([
1830#include <stdio.h> 1953#include <stdio.h>
1831], 1954],
1832 [ printf("%s", __func__); ], 1955 [ printf("%s", __func__); ],
1833 [ ac_cv_cc_implements___func__="yes" ], 1956 [ ac_cv_cc_implements___func__="yes" ],
1834 [ ac_cv_cc_implements___func__="no" ] 1957 [ ac_cv_cc_implements___func__="no" ]
1835 ) 1958 )
@@ -1854,8 +1977,8 @@ if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
1854fi 1977fi
1855 1978
1856AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [ 1979AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
1857 AC_TRY_LINK([], 1980 AC_TRY_LINK([],
1858 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);], 1981 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
1859 [ ac_cv_libc_defines_sys_errlist="yes" ], 1982 [ ac_cv_libc_defines_sys_errlist="yes" ],
1860 [ ac_cv_libc_defines_sys_errlist="no" ] 1983 [ ac_cv_libc_defines_sys_errlist="no" ]
1861 ) 1984 )
@@ -1866,8 +1989,8 @@ fi
1866 1989
1867 1990
1868AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [ 1991AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
1869 AC_TRY_LINK([], 1992 AC_TRY_LINK([],
1870 [ extern int sys_nerr; printf("%i", sys_nerr);], 1993 [ extern int sys_nerr; printf("%i", sys_nerr);],
1871 [ ac_cv_libc_defines_sys_nerr="yes" ], 1994 [ ac_cv_libc_defines_sys_nerr="yes" ],
1872 [ ac_cv_libc_defines_sys_nerr="no" ] 1995 [ ac_cv_libc_defines_sys_nerr="no" ]
1873 ) 1996 )
@@ -1876,7 +1999,7 @@ if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
1876 AC_DEFINE(HAVE_SYS_NERR) 1999 AC_DEFINE(HAVE_SYS_NERR)
1877fi 2000fi
1878 2001
1879SCARD_MSG="no" 2002SCARD_MSG="no"
1880# Check whether user wants sectok support 2003# Check whether user wants sectok support
1881AC_ARG_WITH(sectok, 2004AC_ARG_WITH(sectok,
1882 [ --with-sectok Enable smartcard support using libsectok], 2005 [ --with-sectok Enable smartcard support using libsectok],
@@ -1902,7 +2025,7 @@ AC_ARG_WITH(sectok,
1902 fi 2025 fi
1903 AC_DEFINE(SMARTCARD) 2026 AC_DEFINE(SMARTCARD)
1904 AC_DEFINE(USE_SECTOK) 2027 AC_DEFINE(USE_SECTOK)
1905 SCARD_MSG="yes, using sectok" 2028 SCARD_MSG="yes, using sectok"
1906 fi 2029 fi
1907 ] 2030 ]
1908) 2031)
@@ -1922,65 +2045,76 @@ if test x$opensc_config_prefix != x ; then
1922 LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS" 2045 LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS"
1923 AC_DEFINE(SMARTCARD) 2046 AC_DEFINE(SMARTCARD)
1924 AC_DEFINE(USE_OPENSC) 2047 AC_DEFINE(USE_OPENSC)
1925 SCARD_MSG="yes, using OpenSC" 2048 SCARD_MSG="yes, using OpenSC"
1926 fi 2049 fi
1927fi 2050fi
1928 2051
1929# Check whether user wants DNS support 2052# Check libraries needed by DNS fingerprint support
1930DNS_MSG="no" 2053AC_SEARCH_LIBS(getrrsetbyname, resolv,
1931AC_ARG_WITH(dns, 2054 [AC_DEFINE(HAVE_GETRRSETBYNAME)],
1932 [ --with-dns Support for fetching keys from DNS (experimental)],
1933 [ 2055 [
1934 if test "x$withval" != "xno" ; then 2056 # Needed by our getrrsetbyname()
1935 DNS_MSG="yes" 2057 AC_SEARCH_LIBS(res_query, resolv)
1936 AC_DEFINE(DNS) 2058 AC_SEARCH_LIBS(dn_expand, resolv)
1937 AC_SEARCH_LIBS(getrrsetbyname, resolv, 2059 AC_CHECK_FUNCS(_getshort _getlong)
1938 [AC_DEFINE(HAVE_GETRRSETBYNAME)], 2060 AC_CHECK_MEMBER(HEADER.ad,
1939 [ 2061 [AC_DEFINE(HAVE_HEADER_AD)],,
1940 # Needed by our getrrsetbyname() 2062 [#include <arpa/nameser.h>])
1941 AC_SEARCH_LIBS(res_query, resolv) 2063 ])
1942 AC_SEARCH_LIBS(dn_expand, resolv)
1943 AC_CHECK_FUNCS(_getshort _getlong)
1944 AC_CHECK_MEMBER(HEADER.ad,
1945 [AC_DEFINE(HAVE_HEADER_AD)],,
1946 [#include <arpa/nameser.h>])
1947 ])
1948 fi
1949 ]
1950)
1951 2064
1952# Check whether user wants Kerberos 5 support 2065# Check whether user wants Kerberos 5 support
1953KRB5_MSG="no" 2066KRB5_MSG="no"
1954AC_ARG_WITH(kerberos5, 2067AC_ARG_WITH(kerberos5,
1955 [ --with-kerberos5=PATH Enable Kerberos 5 support], 2068 [ --with-kerberos5=PATH Enable Kerberos 5 support],
1956 [ 2069 [ if test "x$withval" != "xno" ; then
1957 if test "x$withval" != "xno" ; then 2070 if test "x$withval" = "xyes" ; then
1958 if test "x$withval" = "xyes" ; then 2071 KRB5ROOT="/usr/local"
1959 KRB5ROOT="/usr/local" 2072 else
1960 else 2073 KRB5ROOT=${withval}
1961 KRB5ROOT=${withval} 2074 fi
1962 fi 2075
2076 AC_DEFINE(KRB5)
2077 KRB5_MSG="yes"
2078
2079 AC_MSG_CHECKING(for krb5-config)
2080 if test -x $KRB5ROOT/bin/krb5-config ; then
2081 KRB5CONF=$KRB5ROOT/bin/krb5-config
2082 AC_MSG_RESULT($KRB5CONF)
2083
2084 AC_MSG_CHECKING(for gssapi support)
2085 if $KRB5CONF | grep gssapi >/dev/null ; then
2086 AC_MSG_RESULT(yes)
2087 AC_DEFINE(GSSAPI)
2088 k5confopts=gssapi
2089 else
2090 AC_MSG_RESULT(no)
2091 k5confopts=""
2092 fi
2093 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
2094 K5LIBS="`$KRB5CONF --libs $k5confopts`"
2095 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
2096 AC_MSG_CHECKING(whether we are using Heimdal)
2097 AC_TRY_COMPILE([ #include <krb5.h> ],
2098 [ char *tmp = heimdal_version; ],
2099 [ AC_MSG_RESULT(yes)
2100 AC_DEFINE(HEIMDAL) ],
2101 AC_MSG_RESULT(no)
2102 )
2103 else
2104 AC_MSG_RESULT(no)
1963 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include" 2105 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
1964 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib" 2106 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
1965 AC_DEFINE(KRB5) 2107 AC_MSG_CHECKING(whether we are using Heimdal)
1966 KRB5_MSG="yes" 2108 AC_TRY_COMPILE([ #include <krb5.h> ],
1967 AC_MSG_CHECKING(whether we are using Heimdal) 2109 [ char *tmp = heimdal_version; ],
1968 AC_TRY_COMPILE([ #include <krb5.h> ], 2110 [ AC_MSG_RESULT(yes)
1969 [ char *tmp = heimdal_version; ], 2111 AC_DEFINE(HEIMDAL)
1970 [ AC_MSG_RESULT(yes) 2112 K5LIBS="-lkrb5 -ldes -lcom_err -lasn1 -lroken"
1971 AC_DEFINE(HEIMDAL) 2113 ],
1972 K5LIBS="-lkrb5 -ldes -lcom_err -lasn1 -lroken" 2114 [ AC_MSG_RESULT(no)
1973 ], 2115 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
1974 [ AC_MSG_RESULT(no) 2116 ]
1975 K5LIBS="-lkrb5 -lk5crypto -lcom_err" 2117 )
1976 ]
1977 )
1978 if test ! -z "$need_dash_r" ; then
1979 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
1980 fi
1981 if test ! -z "$blibpath" ; then
1982 blibpath="$blibpath:${KRB5ROOT}/lib"
1983 fi
1984 AC_SEARCH_LIBS(dn_expand, resolv) 2118 AC_SEARCH_LIBS(dn_expand, resolv)
1985 2119
1986 AC_CHECK_LIB(gssapi,gss_init_sec_context, 2120 AC_CHECK_LIB(gssapi,gss_init_sec_context,
@@ -1988,7 +2122,7 @@ AC_ARG_WITH(kerberos5,
1988 K5LIBS="-lgssapi $K5LIBS" ], 2122 K5LIBS="-lgssapi $K5LIBS" ],
1989 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context, 2123 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
1990 [ AC_DEFINE(GSSAPI) 2124 [ AC_DEFINE(GSSAPI)
1991 K5LIBS="-lgssapi_krb5 $K5LIBS" ], 2125 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
1992 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]), 2126 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
1993 $K5LIBS) 2127 $K5LIBS)
1994 ], 2128 ],
@@ -1996,10 +2130,10 @@ AC_ARG_WITH(kerberos5,
1996 2130
1997 AC_CHECK_HEADER(gssapi.h, , 2131 AC_CHECK_HEADER(gssapi.h, ,
1998 [ unset ac_cv_header_gssapi_h 2132 [ unset ac_cv_header_gssapi_h
1999 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" 2133 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
2000 AC_CHECK_HEADERS(gssapi.h, , 2134 AC_CHECK_HEADERS(gssapi.h, ,
2001 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail]) 2135 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
2002 ) 2136 )
2003 ] 2137 ]
2004 ) 2138 )
2005 2139
@@ -2008,11 +2142,23 @@ AC_ARG_WITH(kerberos5,
2008 AC_CHECK_HEADER(gssapi_krb5.h, , 2142 AC_CHECK_HEADER(gssapi_krb5.h, ,
2009 [ CPPFLAGS="$oldCPP" ]) 2143 [ CPPFLAGS="$oldCPP" ])
2010 2144
2011 KRB5=yes 2145 fi
2012 fi 2146 if test ! -z "$need_dash_r" ; then
2013 ] 2147 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
2148 fi
2149 if test ! -z "$blibpath" ; then
2150 blibpath="$blibpath:${KRB5ROOT}/lib"
2151 fi
2152 fi
2153
2154 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
2155 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
2156 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
2157
2158 LIBS="$LIBS $K5LIBS"
2159 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS))
2160 ]
2014) 2161)
2015LIBS="$LIBS $K5LIBS"
2016 2162
2017# Looking for programs, paths and files 2163# Looking for programs, paths and files
2018 2164
@@ -2075,7 +2221,7 @@ fi
2075 2221
2076if test -z "$no_dev_ptmx" ; then 2222if test -z "$no_dev_ptmx" ; then
2077 if test "x$disable_ptmx_check" != "xyes" ; then 2223 if test "x$disable_ptmx_check" != "xyes" ; then
2078 AC_CHECK_FILE("/dev/ptmx", 2224 AC_CHECK_FILE("/dev/ptmx",
2079 [ 2225 [
2080 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX) 2226 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX)
2081 have_dev_ptmx=1 2227 have_dev_ptmx=1
@@ -2083,7 +2229,7 @@ if test -z "$no_dev_ptmx" ; then
2083 ) 2229 )
2084 fi 2230 fi
2085fi 2231fi
2086AC_CHECK_FILE("/dev/ptc", 2232AC_CHECK_FILE("/dev/ptc",
2087 [ 2233 [
2088 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC) 2234 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC)
2089 have_dev_ptc=1 2235 have_dev_ptc=1
@@ -2124,13 +2270,13 @@ fi
2124AC_SUBST(mansubdir) 2270AC_SUBST(mansubdir)
2125 2271
2126# Check whether to enable MD5 passwords 2272# Check whether to enable MD5 passwords
2127MD5_MSG="no" 2273MD5_MSG="no"
2128AC_ARG_WITH(md5-passwords, 2274AC_ARG_WITH(md5-passwords,
2129 [ --with-md5-passwords Enable use of MD5 passwords], 2275 [ --with-md5-passwords Enable use of MD5 passwords],
2130 [ 2276 [
2131 if test "x$withval" != "xno" ; then 2277 if test "x$withval" != "xno" ; then
2132 AC_DEFINE(HAVE_MD5_PASSWORDS) 2278 AC_DEFINE(HAVE_MD5_PASSWORDS)
2133 MD5_MSG="yes" 2279 MD5_MSG="yes"
2134 fi 2280 fi
2135 ] 2281 ]
2136) 2282)
@@ -2170,24 +2316,28 @@ if test ! -z "$IPADDR_IN_DISPLAY" ; then
2170 DISPLAY_HACK_MSG="yes" 2316 DISPLAY_HACK_MSG="yes"
2171 AC_DEFINE(IPADDR_IN_DISPLAY) 2317 AC_DEFINE(IPADDR_IN_DISPLAY)
2172else 2318else
2173 DISPLAY_HACK_MSG="no" 2319 DISPLAY_HACK_MSG="no"
2174 AC_ARG_WITH(ipaddr-display, 2320 AC_ARG_WITH(ipaddr-display,
2175 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY], 2321 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
2176 [ 2322 [
2177 if test "x$withval" != "xno" ; then 2323 if test "x$withval" != "xno" ; then
2178 AC_DEFINE(IPADDR_IN_DISPLAY) 2324 AC_DEFINE(IPADDR_IN_DISPLAY)
2179 DISPLAY_HACK_MSG="yes" 2325 DISPLAY_HACK_MSG="yes"
2180 fi 2326 fi
2181 ] 2327 ]
2182 ) 2328 )
2183fi 2329fi
2184 2330
2185# check for /etc/default/login and use it if present. 2331# check for /etc/default/login and use it if present.
2332AC_ARG_ENABLE(etc-default-login,
2333 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],,
2334[
2186AC_CHECK_FILE("/etc/default/login", [ external_path_file=/etc/default/login ]) 2335AC_CHECK_FILE("/etc/default/login", [ external_path_file=/etc/default/login ])
2187 2336
2188if test "x$external_path_file" = "x/etc/default/login"; then 2337if test "x$external_path_file" = "x/etc/default/login"; then
2189 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN) 2338 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN)
2190fi 2339fi
2340])
2191 2341
2192dnl BSD systems use /etc/login.conf so --with-default-path= has no effect 2342dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
2193if test $ac_cv_func_login_getcapbool = "yes" -a \ 2343if test $ac_cv_func_login_getcapbool = "yes" -a \
@@ -2196,7 +2346,7 @@ if test $ac_cv_func_login_getcapbool = "yes" -a \
2196fi 2346fi
2197 2347
2198# Whether to mess with the default path 2348# Whether to mess with the default path
2199SERVER_PATH_MSG="(default)" 2349SERVER_PATH_MSG="(default)"
2200AC_ARG_WITH(default-path, 2350AC_ARG_WITH(default-path,
2201 [ --with-default-path= Specify default \$PATH environment for server], 2351 [ --with-default-path= Specify default \$PATH environment for server],
2202 [ 2352 [
@@ -2211,7 +2361,7 @@ Edit /etc/login.conf instead.])
2211$external_path_file .]) 2361$external_path_file .])
2212 fi 2362 fi
2213 user_path="$withval" 2363 user_path="$withval"
2214 SERVER_PATH_MSG="$withval" 2364 SERVER_PATH_MSG="$withval"
2215 fi 2365 fi
2216 ], 2366 ],
2217 [ if test "x$external_path_file" = "x/etc/login.conf" ; then 2367 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
@@ -2295,14 +2445,14 @@ AC_ARG_WITH(superuser-path,
2295 2445
2296 2446
2297AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses]) 2447AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
2298IPV4_IN6_HACK_MSG="no" 2448IPV4_IN6_HACK_MSG="no"
2299AC_ARG_WITH(4in6, 2449AC_ARG_WITH(4in6,
2300 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses], 2450 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
2301 [ 2451 [
2302 if test "x$withval" != "xno" ; then 2452 if test "x$withval" != "xno" ; then
2303 AC_MSG_RESULT(yes) 2453 AC_MSG_RESULT(yes)
2304 AC_DEFINE(IPV4_IN_IPV6) 2454 AC_DEFINE(IPV4_IN_IPV6)
2305 IPV4_IN6_HACK_MSG="yes" 2455 IPV4_IN6_HACK_MSG="yes"
2306 else 2456 else
2307 AC_MSG_RESULT(no) 2457 AC_MSG_RESULT(no)
2308 fi 2458 fi
@@ -2310,7 +2460,7 @@ AC_ARG_WITH(4in6,
2310 if test "x$inet6_default_4in6" = "xyes"; then 2460 if test "x$inet6_default_4in6" = "xyes"; then
2311 AC_MSG_RESULT([yes (default)]) 2461 AC_MSG_RESULT([yes (default)])
2312 AC_DEFINE(IPV4_IN_IPV6) 2462 AC_DEFINE(IPV4_IN_IPV6)
2313 IPV4_IN6_HACK_MSG="yes" 2463 IPV4_IN6_HACK_MSG="yes"
2314 else 2464 else
2315 AC_MSG_RESULT([no (default)]) 2465 AC_MSG_RESULT([no (default)])
2316 fi 2466 fi
@@ -2335,7 +2485,7 @@ piddir=/var/run
2335if test ! -d $piddir ; then 2485if test ! -d $piddir ; then
2336 piddir=`eval echo ${sysconfdir}` 2486 piddir=`eval echo ${sysconfdir}`
2337 case $piddir in 2487 case $piddir in
2338 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;; 2488 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
2339 esac 2489 esac
2340fi 2490fi
2341 2491
@@ -2407,7 +2557,7 @@ AC_ARG_ENABLE(pututline,
2407 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]], 2557 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
2408 [ 2558 [
2409 if test "x$enableval" = "xno" ; then 2559 if test "x$enableval" = "xno" ; then
2410 AC_DEFINE(DISABLE_PUTUTLINE) 2560 AC_DEFINE(DISABLE_PUTUTLINE)
2411 fi 2561 fi
2412 ] 2562 ]
2413) 2563)
@@ -2661,7 +2811,6 @@ if test ! -z "$superuser_path" ; then
2661echo " sshd superuser user PATH: $J" 2811echo " sshd superuser user PATH: $J"
2662fi 2812fi
2663echo " Manpage format: $MANTYPE" 2813echo " Manpage format: $MANTYPE"
2664echo " DNS support: $DNS_MSG"
2665echo " PAM support: $PAM_MSG" 2814echo " PAM support: $PAM_MSG"
2666echo " KerberosV support: $KRB5_MSG" 2815echo " KerberosV support: $KRB5_MSG"
2667echo " Smartcard support: $SCARD_MSG" 2816echo " Smartcard support: $SCARD_MSG"
@@ -2690,7 +2839,7 @@ echo ""
2690if test "x$PAM_MSG" = "xyes" ; then 2839if test "x$PAM_MSG" = "xyes" ; then
2691 echo "PAM is enabled. You may need to install a PAM control file " 2840 echo "PAM is enabled. You may need to install a PAM control file "
2692 echo "for sshd, otherwise password authentication may fail. " 2841 echo "for sshd, otherwise password authentication may fail. "
2693 echo "Example PAM control files can be found in the contrib/ " 2842 echo "Example PAM control files can be found in the contrib/ "
2694 echo "subdirectory" 2843 echo "subdirectory"
2695 echo "" 2844 echo ""
2696fi 2845fi
diff --git a/contrib/README b/contrib/README
index 67dbbd277..9de3d961d 100644
--- a/contrib/README
+++ b/contrib/README
@@ -1,4 +1,4 @@
1Other patches and addons for OpenSSH. Please send submissions to 1Other patches and addons for OpenSSH. Please send submissions to
2djm@mindrot.org 2djm@mindrot.org
3 3
4Externally maintained 4Externally maintained
@@ -7,7 +7,7 @@ Externally maintained
7SSH Proxy Command -- connect.c 7SSH Proxy Command -- connect.c
8 8
9Shun-ichi GOTO <gotoh@imasy.or.jp> has written a very useful ProxyCommand 9Shun-ichi GOTO <gotoh@imasy.or.jp> has written a very useful ProxyCommand
10which allows the use of outbound SSH from behind a SOCKS4, SOCKS5 or 10which allows the use of outbound SSH from behind a SOCKS4, SOCKS5 or
11https CONNECT style proxy server. His page for connect.c has extensive 11https CONNECT style proxy server. His page for connect.c has extensive
12documentation on its use as well as compiled versions for Win32. 12documentation on its use as well as compiled versions for Win32.
13 13
@@ -47,7 +47,7 @@ Dominik Brettnacher <domi@saargate.de>
47mdoc2man.pl: 47mdoc2man.pl:
48 48
49Converts mdoc formated manpages into normal manpages. This can be used 49Converts mdoc formated manpages into normal manpages. This can be used
50on Solaris machines to provide manpages that are not preformated. 50on Solaris machines to provide manpages that are not preformated.
51Contributed by Mark D. Roth <roth@feep.net> 51Contributed by Mark D. Roth <roth@feep.net>
52 52
53redhat: 53redhat:
diff --git a/contrib/aix/buildbff.sh b/contrib/aix/buildbff.sh
index 727ac446d..4a5c32b0e 100755
--- a/contrib/aix/buildbff.sh
+++ b/contrib/aix/buildbff.sh
@@ -1,12 +1,12 @@
1#!/bin/sh 1#!/bin/sh
2# 2#
3# buildbff.sh: Create AIX SMIT-installable OpenSSH packages 3# buildbff.sh: Create AIX SMIT-installable OpenSSH packages
4# $Id: buildbff.sh,v 1.6 2003/08/25 05:01:04 dtucker Exp $ 4# $Id: buildbff.sh,v 1.7 2003/11/21 12:48:56 djm Exp $
5# 5#
6# Author: Darren Tucker (dtucker at zip dot com dot au) 6# Author: Darren Tucker (dtucker at zip dot com dot au)
7# This file is placed in the public domain and comes with absolutely 7# This file is placed in the public domain and comes with absolutely
8# no warranty. 8# no warranty.
9# 9#
10# Based originally on Ben Lindstrom's buildpkg.sh for Solaris 10# Based originally on Ben Lindstrom's buildpkg.sh for Solaris
11# 11#
12 12
@@ -45,7 +45,7 @@ fi
45if [ ! -f Makefile ] 45if [ ! -f Makefile ]
46then 46then
47 echo "Makefile not found (did you run configure?)" 47 echo "Makefile not found (did you run configure?)"
48 exit 1 48 exit 1
49fi 49fi
50 50
51# 51#
@@ -96,12 +96,12 @@ then
96 PRIVSEP_PATH=/var/empty 96 PRIVSEP_PATH=/var/empty
97fi 97fi
98 98
99# Clean package build directory 99# Clean package build directory
100rm -rf $objdir/$PKGDIR 100rm -rf $objdir/$PKGDIR
101FAKE_ROOT=$objdir/$PKGDIR/root 101FAKE_ROOT=$objdir/$PKGDIR/root
102mkdir -p $FAKE_ROOT 102mkdir -p $FAKE_ROOT
103 103
104# Start by faking root install 104# Start by faking root install
105echo "Faking root install..." 105echo "Faking root install..."
106cd $objdir 106cd $objdir
107make install-nokeys DESTDIR=$FAKE_ROOT 107make install-nokeys DESTDIR=$FAKE_ROOT
@@ -136,15 +136,15 @@ echo "Building BFF for $PKGNAME $VERSION (package version $BFFVERSION)"
136# 136#
137# Set ssh and sshd parameters as per config.local 137# Set ssh and sshd parameters as per config.local
138# 138#
139if [ "${PERMIT_ROOT_LOGIN}" = no ] 139if [ "${PERMIT_ROOT_LOGIN}" = no ]
140then 140then
141 perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \ 141 perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \
142 $FAKE_ROOT/${sysconfdir}/sshd_config 142 $FAKE_ROOT/${sysconfdir}/sshd_config
143fi 143fi
144if [ "${X11_FORWARDING}" = yes ] 144if [ "${X11_FORWARDING}" = yes ]
145then 145then
146 perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \ 146 perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \
147 $FAKE_ROOT/${sysconfdir}/sshd_config 147 $FAKE_ROOT/${sysconfdir}/sshd_config
148fi 148fi
149 149
150 150
@@ -190,13 +190,13 @@ cat <<EOF >>../openssh.post_i
190echo Creating configs from defaults if necessary. 190echo Creating configs from defaults if necessary.
191for cfgfile in ssh_config sshd_config ssh_prng_cmds 191for cfgfile in ssh_config sshd_config ssh_prng_cmds
192do 192do
193 if [ ! -f $sysconfdir/\$cfgfile ] 193 if [ ! -f $sysconfdir/\$cfgfile ]
194 then 194 then
195 echo "Creating \$cfgfile from default" 195 echo "Creating \$cfgfile from default"
196 cp $sysconfdir/\$cfgfile.default $sysconfdir/\$cfgfile 196 cp $sysconfdir/\$cfgfile.default $sysconfdir/\$cfgfile
197 else 197 else
198 echo "\$cfgfile already exists." 198 echo "\$cfgfile already exists."
199 fi 199 fi
200done 200done
201echo 201echo
202 202
@@ -244,19 +244,19 @@ echo
244# Generate keys unless they already exist 244# Generate keys unless they already exist
245echo Creating host keys if required. 245echo Creating host keys if required.
246if [ -f "$sysconfdir/ssh_host_key" ] ; then 246if [ -f "$sysconfdir/ssh_host_key" ] ; then
247 echo "$sysconfdir/ssh_host_key already exists, skipping." 247 echo "$sysconfdir/ssh_host_key already exists, skipping."
248else 248else
249 $bindir/ssh-keygen -t rsa1 -f $sysconfdir/ssh_host_key -N "" 249 $bindir/ssh-keygen -t rsa1 -f $sysconfdir/ssh_host_key -N ""
250fi 250fi
251if [ -f $sysconfdir/ssh_host_dsa_key ] ; then 251if [ -f $sysconfdir/ssh_host_dsa_key ] ; then
252 echo "$sysconfdir/ssh_host_dsa_key already exists, skipping." 252 echo "$sysconfdir/ssh_host_dsa_key already exists, skipping."
253else 253else
254 $bindir/ssh-keygen -t dsa -f $sysconfdir/ssh_host_dsa_key -N "" 254 $bindir/ssh-keygen -t dsa -f $sysconfdir/ssh_host_dsa_key -N ""
255fi 255fi
256if [ -f $sysconfdir/ssh_host_rsa_key ] ; then 256if [ -f $sysconfdir/ssh_host_rsa_key ] ; then
257 echo "$sysconfdir/ssh_host_rsa_key already exists, skipping." 257 echo "$sysconfdir/ssh_host_rsa_key already exists, skipping."
258else 258else
259 $bindir/ssh-keygen -t rsa -f $sysconfdir/ssh_host_rsa_key -N "" 259 $bindir/ssh-keygen -t rsa -f $sysconfdir/ssh_host_rsa_key -N ""
260fi 260fi
261echo 261echo
262 262
@@ -369,7 +369,7 @@ echo Creating $PKGNAME-$VERSION.bff with backup...
369rm -f $PKGNAME-$VERSION.bff 369rm -f $PKGNAME-$VERSION.bff
370( 370(
371 echo "./lpp_name" 371 echo "./lpp_name"
372 find . ! -name lpp_name -a ! -name . -print 372 find . ! -name lpp_name -a ! -name . -print
373) | backup -i -q -f ../$PKGNAME-$VERSION.bff $filelist 373) | backup -i -q -f ../$PKGNAME-$VERSION.bff $filelist
374 374
375# 375#
diff --git a/contrib/aix/inventory.sh b/contrib/aix/inventory.sh
index 4f408e678..e2641e79c 100755
--- a/contrib/aix/inventory.sh
+++ b/contrib/aix/inventory.sh
@@ -1,7 +1,7 @@
1#!/bin/sh 1#!/bin/sh
2# 2#
3# inventory.sh 3# inventory.sh
4# $Id: inventory.sh,v 1.5 2003/08/26 03:43:13 dtucker Exp $ 4# $Id: inventory.sh,v 1.6 2003/11/21 12:48:56 djm Exp $
5# 5#
6# Originally written by Ben Lindstrom, modified by Darren Tucker to use perl 6# Originally written by Ben Lindstrom, modified by Darren Tucker to use perl
7# This file is placed into the public domain. 7# This file is placed into the public domain.
@@ -59,5 +59,5 @@ find . ! -name . -print | perl -ne '{
59 } elsif ( -d $_ ) { 59 } elsif ( -d $_ ) {
60 # Entry is Directory 60 # Entry is Directory
61 print "\ttype=DIRECTORY\n"; 61 print "\ttype=DIRECTORY\n";
62 } 62 }
63}' 63}'
diff --git a/contrib/caldera/openssh.spec b/contrib/caldera/openssh.spec
index 97d6adf51..599244b5d 100644
--- a/contrib/caldera/openssh.spec
+++ b/contrib/caldera/openssh.spec
@@ -17,11 +17,11 @@
17#old cvs stuff. please update before use. may be deprecated. 17#old cvs stuff. please update before use. may be deprecated.
18%define use_stable 1 18%define use_stable 1
19%if %{use_stable} 19%if %{use_stable}
20 %define version 3.7p1 20 %define version 3.8p1
21 %define cvs %{nil} 21 %define cvs %{nil}
22 %define release 1 22 %define release 1
23%else 23%else
24 %define version 2.9.9p2 24 %define version 3.8p1
25 %define cvs cvs20011009 25 %define cvs cvs20011009
26 %define release 0r1 26 %define release 0r1
27%endif 27%endif
@@ -180,7 +180,6 @@ CFLAGS="$RPM_OPT_FLAGS" \
180%configure \ 180%configure \
181 --with-pam \ 181 --with-pam \
182 --with-tcp-wrappers \ 182 --with-tcp-wrappers \
183 --with-ipv4-default \
184 --with-privsep-path=%{_var}/empty/sshd \ 183 --with-privsep-path=%{_var}/empty/sshd \
185 #leave this line for easy edits. 184 #leave this line for easy edits.
186 185
@@ -364,4 +363,4 @@ fi
364* Mon Jan 01 1998 ... 363* Mon Jan 01 1998 ...
365Template Version: 1.31 364Template Version: 1.31
366 365
367$Id: openssh.spec,v 1.43.2.2 2003/09/16 06:02:40 djm Exp $ 366$Id: openssh.spec,v 1.48 2004/02/24 05:00:04 djm Exp $
diff --git a/contrib/caldera/ssh-host-keygen b/contrib/caldera/ssh-host-keygen
index 28a97b9b4..3c5c17182 100755
--- a/contrib/caldera/ssh-host-keygen
+++ b/contrib/caldera/ssh-host-keygen
@@ -1,6 +1,6 @@
1#! /bin/sh 1#! /bin/sh
2# 2#
3# $Id: ssh-host-keygen,v 1.1 2001/04/27 05:50:50 tim Exp $ 3# $Id: ssh-host-keygen,v 1.2 2003/11/21 12:48:57 djm Exp $
4# 4#
5# This script is normally run only *once* for a given host 5# This script is normally run only *once* for a given host
6# (in a given period of time) -- on updates/upgrades/recovery 6# (in a given period of time) -- on updates/upgrades/recovery
@@ -12,7 +12,7 @@ keydir=@sysconfdir@
12keygen=@sshkeygen@ 12keygen=@sshkeygen@
13 13
14if [ -f $keydir/ssh_host_key -o \ 14if [ -f $keydir/ssh_host_key -o \
15 -f $keydir/ssh_host_key.pub ]; then 15 -f $keydir/ssh_host_key.pub ]; then
16 echo "You already have an SSH1 RSA host key in $keydir/ssh_host_key." 16 echo "You already have an SSH1 RSA host key in $keydir/ssh_host_key."
17else 17else
18 echo "Generating 1024 bit SSH1 RSA host key." 18 echo "Generating 1024 bit SSH1 RSA host key."
@@ -20,7 +20,7 @@ else
20fi 20fi
21 21
22if [ -f $keydir/ssh_host_rsa_key -o \ 22if [ -f $keydir/ssh_host_rsa_key -o \
23 -f $keydir/ssh_host_rsa_key.pub ]; then 23 -f $keydir/ssh_host_rsa_key.pub ]; then
24 echo "You already have an SSH2 RSA host key in $keydir/ssh_host_rsa_key." 24 echo "You already have an SSH2 RSA host key in $keydir/ssh_host_rsa_key."
25else 25else
26 echo "Generating 1024 bit SSH2 RSA host key." 26 echo "Generating 1024 bit SSH2 RSA host key."
@@ -28,7 +28,7 @@ else
28fi 28fi
29 29
30if [ -f $keydir/ssh_host_dsa_key -o \ 30if [ -f $keydir/ssh_host_dsa_key -o \
31 -f $keydir/ssh_host_dsa_key.pub ]; then 31 -f $keydir/ssh_host_dsa_key.pub ]; then
32 echo "You already have an SSH2 DSA host key in $keydir/ssh_host_dsa_key." 32 echo "You already have an SSH2 DSA host key in $keydir/ssh_host_dsa_key."
33else 33else
34 echo "Generating SSH2 DSA host key." 34 echo "Generating SSH2 DSA host key."
diff --git a/contrib/caldera/sshd.init b/contrib/caldera/sshd.init
index 90b36379a..983146f4f 100755
--- a/contrib/caldera/sshd.init
+++ b/contrib/caldera/sshd.init
@@ -1,6 +1,6 @@
1#! /bin/bash 1#! /bin/bash
2# 2#
3# $Id: sshd.init,v 1.3 2001/11/03 19:09:33 tim Exp $ 3# $Id: sshd.init,v 1.4 2003/11/21 12:48:57 djm Exp $
4# 4#
5### BEGIN INIT INFO 5### BEGIN INIT INFO
6# Provides: 6# Provides:
@@ -64,11 +64,11 @@ case "$1" in
64 SVIemptyConfig @sysconfdir@/sshd_config && exit 6 64 SVIemptyConfig @sysconfdir@/sshd_config && exit 6
65 65
66 if [ ! \( -f @sysconfdir@/ssh_host_key -a \ 66 if [ ! \( -f @sysconfdir@/ssh_host_key -a \
67 -f @sysconfdir@/ssh_host_key.pub \) -a \ 67 -f @sysconfdir@/ssh_host_key.pub \) -a \
68 ! \( -f @sysconfdir@/ssh_host_rsa_key -a \ 68 ! \( -f @sysconfdir@/ssh_host_rsa_key -a \
69 -f @sysconfdir@/ssh_host_rsa_key.pub \) -a \ 69 -f @sysconfdir@/ssh_host_rsa_key.pub \) -a \
70 ! \( -f @sysconfdir@/ssh_host_dsa_key -a \ 70 ! \( -f @sysconfdir@/ssh_host_dsa_key -a \
71 -f @sysconfdir@/ssh_host_dsa_key.pub \) ]; then 71 -f @sysconfdir@/ssh_host_dsa_key.pub \) ]; then
72 72
73 echo "$SVIsubsys: host key not initialized: skipped!" 73 echo "$SVIsubsys: host key not initialized: skipped!"
74 echo "$SVIsubsys: use ssh-host-keygen to generate one!" 74 echo "$SVIsubsys: use ssh-host-keygen to generate one!"
diff --git a/contrib/cygwin/Makefile b/contrib/cygwin/Makefile
new file mode 100644
index 000000000..09e8ea2db
--- /dev/null
+++ b/contrib/cygwin/Makefile
@@ -0,0 +1,56 @@
1srcdir=../..
2prefix=/usr
3exec_prefix=$(prefix)
4bindir=$(prefix)/bin
5datadir=$(prefix)/share
6docdir=$(datadir)/doc
7sshdocdir=$(docdir)/openssh
8cygdocdir=$(docdir)/Cygwin
9sysconfdir=/etc
10defaultsdir=$(sysconfdir)/defaults/etc
11PRIVSEP_PATH=/var/empty
12INSTALL=/usr/bin/install -c
13
14DESTDIR=
15
16all:
17 @echo
18 @echo "Use \`make cygwin-postinstall DESTDIR=[package directory]'"
19 @echo "Be sure having DESTDIR set correctly!"
20 @echo
21
22move-config-files: $(DESTDIR)$(sysconfdir)/ssh_config $(DESTDIR)$(sysconfdir)/sshd_config
23 $(srcdir)/mkinstalldirs $(DESTDIR)$(defaultsdir)
24 mv $(DESTDIR)$(sysconfdir)/ssh_config $(DESTDIR)$(defaultsdir)
25 mv $(DESTDIR)$(sysconfdir)/sshd_config $(DESTDIR)$(defaultsdir)
26
27remove-empty-dir:
28 rm -rf $(DESTDIR)$(PRIVSEP_PATH)
29
30install-sshdoc:
31 $(srcdir)/mkinstalldirs $(DESTDIR)$(sshdocdir)
32 $(INSTALL) -m 644 $(srcdir)/CREDITS $(DESTDIR)$(sshdocdir)/CREDITS
33 $(INSTALL) -m 644 $(srcdir)/ChangeLog $(DESTDIR)$(sshdocdir)/ChangeLog
34 $(INSTALL) -m 644 $(srcdir)/LICENCE $(DESTDIR)$(sshdocdir)/LICENCE
35 $(INSTALL) -m 644 $(srcdir)/OVERVIEW $(DESTDIR)$(sshdocdir)/OVERVIEW
36 $(INSTALL) -m 644 $(srcdir)/README $(DESTDIR)$(sshdocdir)/README
37 $(INSTALL) -m 644 $(srcdir)/README.dns $(DESTDIR)$(sshdocdir)/README.dns
38 $(INSTALL) -m 644 $(srcdir)/README.privsep $(DESTDIR)$(sshdocdir)/README.privsep
39 $(INSTALL) -m 644 $(srcdir)/README.smartcard $(DESTDIR)$(sshdocdir)/README.smartcard
40 $(INSTALL) -m 644 $(srcdir)/RFC.nroff $(DESTDIR)$(sshdocdir)/RFC.nroff
41 $(INSTALL) -m 644 $(srcdir)/TODO $(DESTDIR)$(sshdocdir)/TODO
42 $(INSTALL) -m 644 $(srcdir)/WARNING.RNG $(DESTDIR)$(sshdocdir)/WARNING.RNG
43
44install-cygwindoc: README
45 $(srcdir)/mkinstalldirs $(DESTDIR)$(cygdocdir)
46 $(INSTALL) -m 644 README $(DESTDIR)$(cygdocdir)/openssh.README
47
48install-doc: install-sshdoc install-cygwindoc
49
50install-scripts: ssh-host-config ssh-user-config
51 $(srcdir)/mkinstalldirs $(DESTDIR)$(bindir)
52 $(INSTALL) -m 755 ssh-host-config $(DESTDIR)$(bindir)/ssh-host-config
53 $(INSTALL) -m 755 ssh-user-config $(DESTDIR)$(bindir)/ssh-user-config
54
55cygwin-postinstall: move-config-files remove-empty-dir install-doc install-scripts
56 @echo "Cygwin specific configuration finished."
diff --git a/contrib/cygwin/README b/contrib/cygwin/README
index ec58964c9..fc0a2f69b 100644
--- a/contrib/cygwin/README
+++ b/contrib/cygwin/README
@@ -1,4 +1,49 @@
1This package is the actual port of OpenSSH to Cygwin 1.5. 1This package describes important Cygwin specific stuff concerning OpenSSH.
2
3The binary package is usually built for recent Cygwin versions and might
4not run on older versions. Please check http://cygwin.com/ for information
5about current Cygwin releases.
6
7Build instructions are at the end of the file.
8
9===========================================================================
10Important change since 3.7.1p2-2:
11
12The ssh-host-config file doesn't create the /etc/ssh_config and
13/etc/sshd_config files from builtin here-scripts anymore, but it uses
14skeleton files installed in /etc/defaults/etc.
15
16Also it now tries hard to create appropriate permissions on files.
17Same applies for ssh-user-config.
18
19After creating the sshd service with ssh-host-config, it's advisable to
20call ssh-user-config for all affected users, also already exising user
21configurations. In the latter case, file and directory permissions are
22checked and changed, if requireed to match the host configuration.
23
24Important note for Windows 2003 Server users:
25---------------------------------------------
26
272003 Server has a funny new feature. When starting services under SYSTEM
28account, these services have nearly all user rights which SYSTEM holds...
29except for the "Create a token object" right, which is needed to allow
30public key authentication :-(
31
32There's no way around this, except for creating a substitute account which
33has the appropriate privileges. Basically, this account should be member
34of the administrators group, plus it should have the following user rights:
35
36 Create a token object
37 Logon as a service
38 Replace a process level token
39 Increase Quota
40
41The ssh-host-config script asks you, if it should create such an account,
42called "sshd_server". If you say "no" here, you're on your own. Please
43follow the instruction in ssh-host-config exactly if possible. Note that
44ssh-user-config sets the permissions on 2003 Server machines dependent of
45whether a sshd_server account exists or not.
46===========================================================================
2 47
3=========================================================================== 48===========================================================================
4Important change since 3.4p1-2: 49Important change since 3.4p1-2:
@@ -58,7 +103,7 @@ features of the FAT/FAT32 filesystems.
58 103
59If you are installing OpenSSH the first time, you can generate global config 104If you are installing OpenSSH the first time, you can generate global config
60files and server keys by running 105files and server keys by running
61 106
62 /usr/bin/ssh-host-config 107 /usr/bin/ssh-host-config
63 108
64Note that this binary archive doesn't contain default config files in /etc. 109Note that this binary archive doesn't contain default config files in /etc.
@@ -73,10 +118,12 @@ some options:
73 118
74usage: ssh-host-config [OPTION]... 119usage: ssh-host-config [OPTION]...
75Options: 120Options:
76 --debug -d Enable shell's debug output. 121 --debug -d Enable shell's debug output.
77 --yes -y Answer all questions with "yes" automatically. 122 --yes -y Answer all questions with "yes" automatically.
78 --no -n Answer all questions with "no" automatically. 123 --no -n Answer all questions with "no" automatically.
79 --port -p <n> sshd listens on port n. 124 --cygwin -c <options> Use "options" as value for CYGWIN environment var.
125 --port -p <n> sshd listens on port n.
126 --pwd -w <passwd> Use "pwd" as password for user 'sshd_server'.
80 127
81Additionally ssh-host-config now asks if it should install sshd as a 128Additionally ssh-host-config now asks if it should install sshd as a
82service when running under NT/W2K. This requires cygrunsrv installed. 129service when running under NT/W2K. This requires cygrunsrv installed.
@@ -114,54 +161,6 @@ ${SYSTEMROOT}/system32/drivers/etc/services file:
114 161
115 ssh 22/tcp #SSH daemon 162 ssh 22/tcp #SSH daemon
116 163
117===========================================================================
118The following restrictions only apply to Cygwin versions up to 1.3.1
119===========================================================================
120
121Authentication to sshd is possible in one of two ways.
122You'll have to decide before starting sshd!
123
124- If you want to authenticate via RSA and you want to login to that
125 machine to exactly one user account you can do so by running sshd
126 under that user account. You must change /etc/sshd_config
127 to contain the following:
128
129 RSAAuthentication yes
130
131 Moreover it's possible to use rhosts and/or rhosts with
132 RSA authentication by setting the following in sshd_config:
133
134 RhostsAuthentication yes
135 RhostsRSAAuthentication yes
136
137- If you want to be able to login to different user accounts you'll
138 have to start sshd under system account or any other account that
139 is able to switch user context. Note that administrators are _not_
140 able to do that by default! You'll have to give the following
141 special user rights to the user:
142 "Act as part of the operating system"
143 "Replace process level token"
144 "Increase quotas"
145 and if used via service manager
146 "Logon as a service".
147
148 The system account does of course own that user rights by default.
149
150 Unfortunately, if you choose that way, you can only logon with
151 NT password authentification and you should change
152 /etc/sshd_config to contain the following:
153
154 PasswordAuthentication yes
155 RhostsAuthentication no
156 RhostsRSAAuthentication no
157 RSAAuthentication no
158
159 However you can login to the user which has started sshd with
160 RSA authentication anyway. If you want that, change the RSA
161 authentication setting back to "yes":
162
163 RSAAuthentication yes
164
165Please note that OpenSSH does never use the value of $HOME to 164Please note that OpenSSH does never use the value of $HOME to
166search for the users configuration files! It always uses the 165search for the users configuration files! It always uses the
167value of the pw_dir field in /etc/passwd as the home directory. 166value of the pw_dir field in /etc/passwd as the home directory.
@@ -169,7 +168,7 @@ If no home diretory is set in /etc/passwd, the root directory
169is used instead! 168is used instead!
170 169
171You may use all features of the CYGWIN=ntsec setting the same 170You may use all features of the CYGWIN=ntsec setting the same
172way as they are used by the `login' port on sources.redhat.com: 171way as they are used by Cygwin's login(1) port:
173 172
174 The pw_gecos field may contain an additional field, that begins 173 The pw_gecos field may contain an additional field, that begins
175 with (upper case!) "U-", followed by the domain and the username 174 with (upper case!) "U-", followed by the domain and the username
@@ -186,6 +185,8 @@ way as they are used by the `login' port on sources.redhat.com:
186 185
187 locuser::1104:513:John Doe,U-user,S-1-5-21-... 186 locuser::1104:513:John Doe,U-user,S-1-5-21-...
188 187
188Note that the CYGWIN=ntsec setting is required for public key authentication.
189
189SSH2 server and user keys are generated by the `ssh-*-config' scripts 190SSH2 server and user keys are generated by the `ssh-*-config' scripts
190as well. 191as well.
191 192
@@ -194,15 +195,30 @@ configure are used for the Cygwin binary distribution:
194 195
195 --prefix=/usr \ 196 --prefix=/usr \
196 --sysconfdir=/etc \ 197 --sysconfdir=/etc \
197 --libexecdir='${exec_prefix}/sbin' 198 --libexecdir='$(sbindir)' \
198 199 --localstatedir=/var \
199You must have installed the zlib and openssl packages to be able to 200 --datadir='$(prefix)/share' \
201 --mandir='$(datadir)/man' \
202 --with-tcp-wrappers
203
204If you want to create a Cygwin package, equivalent to the one
205in the Cygwin binary distribution, install like this:
206
207 mkdir /tmp/cygwin-ssh
208 cd $(builddir)
209 make install DESTDIR=/tmp/cygwin-ssh
210 cd $(srcdir)/contrib/cygwin
211 make cygwin-postinstall DESTDIR=/tmp/cygwin-ssh
212 cd /tmp/cygwin-ssh
213 find * \! -type d | tar cvjfT my-openssh.tar.bz2 -
214
215You must have installed the zlib and openssl-devel packages to be able to
200build OpenSSH! 216build OpenSSH!
201 217
202Please send requests, error reports etc. to cygwin@cygwin.com. 218Please send requests, error reports etc. to cygwin@cygwin.com.
203 219
204Have fun, 220Have fun,
205 221
206Corinna Vinschen <vinschen@redhat.com> 222Corinna Vinschen
207Cygwin Developer 223Cygwin Developer
208Red Hat Inc. 224Red Hat Inc.
diff --git a/contrib/cygwin/ssh-host-config b/contrib/cygwin/ssh-host-config
index e9c56aea9..9c0dabf41 100644
--- a/contrib/cygwin/ssh-host-config
+++ b/contrib/cygwin/ssh-host-config
@@ -1,6 +1,6 @@
1#!/bin/sh 1#!/bin/bash
2# 2#
3# ssh-host-config, Copyright 2000, Red Hat Inc. 3# ssh-host-config, Copyright 2000, 2001, 2002, 2003 Red Hat Inc.
4# 4#
5# This file is part of the Cygwin port of OpenSSH. 5# This file is part of the Cygwin port of OpenSSH.
6 6
@@ -9,10 +9,7 @@ PREFIX=/usr
9 9
10# Directory where the config files are stored 10# Directory where the config files are stored
11SYSCONFDIR=/etc 11SYSCONFDIR=/etc
12 12LOCALSTATEDIR=/var
13# Subdirectory where an old package might be installed
14OLDPREFIX=/usr/local
15OLDSYSCONFDIR=${OLDPREFIX}/etc
16 13
17progname=$0 14progname=$0
18auto_answer="" 15auto_answer=""
@@ -27,9 +24,11 @@ request()
27{ 24{
28 if [ "${auto_answer}" = "yes" ] 25 if [ "${auto_answer}" = "yes" ]
29 then 26 then
27 echo "$1 (yes/no) yes"
30 return 0 28 return 0
31 elif [ "${auto_answer}" = "no" ] 29 elif [ "${auto_answer}" = "no" ]
32 then 30 then
31 echo "$1 (yes/no) no"
33 return 1 32 return 1
34 fi 33 fi
35 34
@@ -37,7 +36,7 @@ request()
37 while [ "X${answer}" != "Xyes" -a "X${answer}" != "Xno" ] 36 while [ "X${answer}" != "Xyes" -a "X${answer}" != "Xno" ]
38 do 37 do
39 echo -n "$1 (yes/no) " 38 echo -n "$1 (yes/no) "
40 read answer 39 read -e answer
41 done 40 done
42 if [ "X${answer}" = "Xyes" ] 41 if [ "X${answer}" = "Xyes" ]
43 then 42 then
@@ -60,7 +59,7 @@ do
60 option=$1 59 option=$1
61 shift 60 shift
62 61
63 case "$option" in 62 case "${option}" in
64 -d | --debug ) 63 -d | --debug )
65 set -x 64 set -x
66 ;; 65 ;;
@@ -73,21 +72,33 @@ do
73 auto_answer=no 72 auto_answer=no
74 ;; 73 ;;
75 74
75 -c | --cygwin )
76 cygwin_value="$1"
77 shift
78 ;;
79
76 -p | --port ) 80 -p | --port )
77 port_number=$1 81 port_number=$1
78 shift 82 shift
79 ;; 83 ;;
80 84
85 -w | --pwd )
86 password_value="$1"
87 shift
88 ;;
89
81 *) 90 *)
82 echo "usage: ${progname} [OPTION]..." 91 echo "usage: ${progname} [OPTION]..."
83 echo 92 echo
84 echo "This script creates an OpenSSH host configuration." 93 echo "This script creates an OpenSSH host configuration."
85 echo 94 echo
86 echo "Options:" 95 echo "Options:"
87 echo " --debug -d Enable shell's debug output." 96 echo " --debug -d Enable shell's debug output."
88 echo " --yes -y Answer all questions with \"yes\" automatically." 97 echo " --yes -y Answer all questions with \"yes\" automatically."
89 echo " --no -n Answer all questions with \"no\" automatically." 98 echo " --no -n Answer all questions with \"no\" automatically."
90 echo " --port -p <n> sshd listens on port n." 99 echo " --cygwin -c <options> Use \"options\" as value for CYGWIN environment var."
100 echo " --port -p <n> sshd listens on port n."
101 echo " --pwd -w <passwd> Use \"pwd\" as password for user 'sshd_server'."
91 echo 102 echo
92 exit 1 103 exit 1
93 ;; 104 ;;
@@ -96,8 +107,13 @@ do
96done 107done
97 108
98# Check if running on NT 109# Check if running on NT
99_sys="`uname -a`" 110_sys="`uname`"
100_nt=`expr "$_sys" : "CYGWIN_NT"` 111_nt=`expr "${_sys}" : "CYGWIN_NT"`
112# If running on NT, check if running under 2003 Server or later
113if [ ${_nt} -gt 0 ]
114then
115 _nt2003=`uname | awk -F- '{print ( $2 >= 5.2 ) ? 1 : 0;}'`
116fi
101 117
102# Check for running ssh/sshd processes first. Refuse to do anything while 118# Check for running ssh/sshd processes first. Refuse to do anything while
103# some ssh processes are still running 119# some ssh processes are still running
@@ -137,87 +153,33 @@ fi
137 153
138# Create /var/log and /var/log/lastlog if not already existing 154# Create /var/log and /var/log/lastlog if not already existing
139 155
140if [ -f /var/log ] 156if [ -f ${LOCALSTATEDIR}/log ]
141then 157then
142 echo "Creating /var/log failed\!" 158 echo "Creating ${LOCALSTATEDIR}/log failed!"
143else 159else
144 if [ ! -d /var/log ] 160 if [ ! -d ${LOCALSTATEDIR}/log ]
145 then 161 then
146 mkdir -p /var/log 162 mkdir -p ${LOCALSTATEDIR}/log
147 fi 163 fi
148 if [ -d /var/log/lastlog ] 164 if [ -d ${LOCALSTATEDIR}/log/lastlog ]
149 then 165 then
150 echo "Creating /var/log/lastlog failed\!" 166 chmod 777 ${LOCALSTATEDIR}/log/lastlog
151 elif [ ! -f /var/log/lastlog ] 167 elif [ ! -f ${LOCALSTATEDIR}/log/lastlog ]
152 then 168 then
153 cat /dev/null > /var/log/lastlog 169 cat /dev/null > ${LOCALSTATEDIR}/log/lastlog
170 chmod 666 ${LOCALSTATEDIR}/log/lastlog
154 fi 171 fi
155fi 172fi
156 173
157# Create /var/empty file used as chroot jail for privilege separation 174# Create /var/empty file used as chroot jail for privilege separation
158if [ -f /var/empty ] 175if [ -f ${LOCALSTATEDIR}/empty ]
159then 176then
160 echo "Creating /var/empty failed\!" 177 echo "Creating ${LOCALSTATEDIR}/empty failed!"
161else 178else
162 mkdir -p /var/empty 179 mkdir -p ${LOCALSTATEDIR}/empty
163 # On NT change ownership of that dir to user "system" 180 if [ ${_nt} -gt 0 ]
164 if [ $_nt -gt 0 ]
165 then 181 then
166 chmod 755 /var/empty 182 chmod 755 ${LOCALSTATEDIR}/empty
167 chown system.system /var/empty
168 fi
169fi
170
171# Check for an old installation in ${OLDPREFIX} unless ${OLDPREFIX} isn't
172# the same as ${PREFIX}
173
174old_install=0
175if [ "${OLDPREFIX}" != "${PREFIX}" ]
176then
177 if [ -f "${OLDPREFIX}/sbin/sshd" ]
178 then
179 echo
180 echo "You seem to have an older installation in ${OLDPREFIX}."
181 echo
182 # Check if old global configuration files exist
183 if [ -f "${OLDSYSCONFDIR}/ssh_host_key" ]
184 then
185 if request "Do you want to copy your config files to your new installation?"
186 then
187 cp -f ${OLDSYSCONFDIR}/ssh_host_key ${SYSCONFDIR}
188 cp -f ${OLDSYSCONFDIR}/ssh_host_key.pub ${SYSCONFDIR}
189 cp -f ${OLDSYSCONFDIR}/ssh_host_dsa_key ${SYSCONFDIR}
190 cp -f ${OLDSYSCONFDIR}/ssh_host_dsa_key.pub ${SYSCONFDIR}
191 cp -f ${OLDSYSCONFDIR}/ssh_config ${SYSCONFDIR}
192 cp -f ${OLDSYSCONFDIR}/sshd_config ${SYSCONFDIR}
193 fi
194 fi
195 if request "Do you want to erase your old installation?"
196 then
197 rm -f ${OLDPREFIX}/bin/ssh.exe
198 rm -f ${OLDPREFIX}/bin/ssh-config
199 rm -f ${OLDPREFIX}/bin/scp.exe
200 rm -f ${OLDPREFIX}/bin/ssh-add.exe
201 rm -f ${OLDPREFIX}/bin/ssh-agent.exe
202 rm -f ${OLDPREFIX}/bin/ssh-keygen.exe
203 rm -f ${OLDPREFIX}/bin/slogin
204 rm -f ${OLDSYSCONFDIR}/ssh_host_key
205 rm -f ${OLDSYSCONFDIR}/ssh_host_key.pub
206 rm -f ${OLDSYSCONFDIR}/ssh_host_dsa_key
207 rm -f ${OLDSYSCONFDIR}/ssh_host_dsa_key.pub
208 rm -f ${OLDSYSCONFDIR}/ssh_config
209 rm -f ${OLDSYSCONFDIR}/sshd_config
210 rm -f ${OLDPREFIX}/man/man1/ssh.1
211 rm -f ${OLDPREFIX}/man/man1/scp.1
212 rm -f ${OLDPREFIX}/man/man1/ssh-add.1
213 rm -f ${OLDPREFIX}/man/man1/ssh-agent.1
214 rm -f ${OLDPREFIX}/man/man1/ssh-keygen.1
215 rm -f ${OLDPREFIX}/man/man1/slogin.1
216 rm -f ${OLDPREFIX}/man/man8/sshd.8
217 rm -f ${OLDPREFIX}/sbin/sshd.exe
218 rm -f ${OLDPREFIX}/sbin/sftp-server.exe
219 fi
220 old_install=1
221 fi 183 fi
222fi 184fi
223 185
@@ -255,52 +217,16 @@ then
255 fi 217 fi
256fi 218fi
257 219
258# Create default ssh_config from here script 220# Create default ssh_config from skeleton file in /etc/defaults/etc
259 221
260if [ ! -f "${SYSCONFDIR}/ssh_config" ] 222if [ ! -f "${SYSCONFDIR}/ssh_config" ]
261then 223then
262 echo "Generating ${SYSCONFDIR}/ssh_config file" 224 echo "Generating ${SYSCONFDIR}/ssh_config file"
263 cat > ${SYSCONFDIR}/ssh_config << EOF 225 cp ${SYSCONFDIR}/defaults/etc/ssh_config ${SYSCONFDIR}/ssh_config
264# This is the ssh client system-wide configuration file. See 226 if [ "${port_number}" != "22" ]
265# ssh_config(5) for more information. This file provides defaults for
266# users, and the values can be changed in per-user configuration files
267# or on the command line.
268
269# Configuration data is parsed as follows:
270# 1. command line options
271# 2. user-specific file
272# 3. system-wide file
273# Any configuration value is only changed the first time it is set.
274# Thus, host-specific definitions should be at the beginning of the
275# configuration file, and defaults at the end.
276
277# Site-wide defaults for various options
278
279# Host *
280# ForwardAgent no
281# ForwardX11 no
282# RhostsRSAAuthentication no
283# RSAAuthentication yes
284# PasswordAuthentication yes
285# HostbasedAuthentication no
286# BatchMode no
287# CheckHostIP yes
288# AddressFamily any
289# ConnectTimeout 0
290# StrictHostKeyChecking ask
291# IdentityFile ~/.ssh/identity
292# IdentityFile ~/.ssh/id_dsa
293# IdentityFile ~/.ssh/id_rsa
294# Port 22
295# Protocol 2,1
296# Cipher 3des
297# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
298# EscapeChar ~
299EOF
300 if [ "$port_number" != "22" ]
301 then 227 then
302 echo "Host localhost" >> ${SYSCONFDIR}/ssh_config 228 echo "Host localhost" >> ${SYSCONFDIR}/ssh_config
303 echo " Port $port_number" >> ${SYSCONFDIR}/ssh_config 229 echo " Port ${port_number}" >> ${SYSCONFDIR}/ssh_config
304 fi 230 fi
305fi 231fi
306 232
@@ -322,35 +248,35 @@ fi
322 248
323# Prior to creating or modifying sshd_config, care for privilege separation 249# Prior to creating or modifying sshd_config, care for privilege separation
324 250
325if [ "$privsep_configured" != "yes" ] 251if [ "${privsep_configured}" != "yes" ]
326then 252then
327 if [ $_nt -gt 0 ] 253 if [ ${_nt} -gt 0 ]
328 then 254 then
329 echo "Privilege separation is set to yes by default since OpenSSH 3.3." 255 echo "Privilege separation is set to yes by default since OpenSSH 3.3."
330 echo "However, this requires a non-privileged account called 'sshd'." 256 echo "However, this requires a non-privileged account called 'sshd'."
331 echo "For more info on privilege separation read /usr/doc/openssh/README.privsep." 257 echo "For more info on privilege separation read /usr/share/doc/openssh/README.privsep."
332 echo 258 echo
333 if request "Shall privilege separation be used?" 259 if request "Should privilege separation be used?"
334 then 260 then
335 privsep_used=yes 261 privsep_used=yes
336 grep -q '^sshd:' ${SYSCONFDIR}/passwd && sshd_in_passwd=yes 262 grep -q '^sshd:' ${SYSCONFDIR}/passwd && sshd_in_passwd=yes
337 net user sshd >/dev/null 2>&1 && sshd_in_sam=yes 263 net user sshd >/dev/null 2>&1 && sshd_in_sam=yes
338 if [ "$sshd_in_passwd" != "yes" ] 264 if [ "${sshd_in_passwd}" != "yes" ]
339 then 265 then
340 if [ "$sshd_in_sam" != "yes" ] 266 if [ "${sshd_in_sam}" != "yes" ]
341 then 267 then
342 echo "Warning: The following function requires administrator privileges!" 268 echo "Warning: The following function requires administrator privileges!"
343 if request "Shall this script create a local user 'sshd' on this machine?" 269 if request "Should this script create a local user 'sshd' on this machine?"
344 then 270 then
345 dos_var_empty=`cygpath -w /var/empty` 271 dos_var_empty=`cygpath -w ${LOCALSTATEDIR}/empty`
346 net user sshd /add /fullname:"sshd privsep" "/homedir:$dos_var_empty" /active:no > /dev/null 2>&1 && sshd_in_sam=yes 272 net user sshd /add /fullname:"sshd privsep" "/homedir:${dos_var_empty}" /active:no > /dev/null 2>&1 && sshd_in_sam=yes
347 if [ "$sshd_in_sam" != "yes" ] 273 if [ "${sshd_in_sam}" != "yes" ]
348 then 274 then
349 echo "Warning: Creating the user 'sshd' failed!" 275 echo "Warning: Creating the user 'sshd' failed!"
350 fi 276 fi
351 fi 277 fi
352 fi 278 fi
353 if [ "$sshd_in_sam" != "yes" ] 279 if [ "${sshd_in_sam}" != "yes" ]
354 then 280 then
355 echo "Warning: Can't create user 'sshd' in ${SYSCONFDIR}/passwd!" 281 echo "Warning: Can't create user 'sshd' in ${SYSCONFDIR}/passwd!"
356 echo " Privilege separation set to 'no' again!" 282 echo " Privilege separation set to 'no' again!"
@@ -365,161 +291,85 @@ then
365 fi 291 fi
366 else 292 else
367 # On 9x don't use privilege separation. Since security isn't 293 # On 9x don't use privilege separation. Since security isn't
368 # available it just adds useless addtional processes. 294 # available it just adds useless additional processes.
369 privsep_used=no 295 privsep_used=no
370 fi 296 fi
371fi 297fi
372 298
373# Create default sshd_config from here script or modify to add the 299# Create default sshd_config from skeleton files in /etc/defaults/etc or
374# missing privsep configuration option 300# modify to add the missing privsep configuration option
375 301
376if [ ! -f "${SYSCONFDIR}/sshd_config" ] 302if [ ! -f "${SYSCONFDIR}/sshd_config" ]
377then 303then
378 echo "Generating ${SYSCONFDIR}/sshd_config file" 304 echo "Generating ${SYSCONFDIR}/sshd_config file"
379 cat > ${SYSCONFDIR}/sshd_config << EOF 305 sed -e "s/^#UsePrivilegeSeparation yes/UsePrivilegeSeparation ${privsep_used}/
380# This is the sshd server system-wide configuration file. See 306 s/^#Port 22/Port ${port_number}/
381# sshd_config(5) for more information. 307 s/^#StrictModes yes/StrictModes no/" \
382 308 < ${SYSCONFDIR}/defaults/etc/sshd_config \
383# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin 309 > ${SYSCONFDIR}/sshd_config
384 310elif [ "${privsep_configured}" != "yes" ]
385# The strategy used for options in the default sshd_config shipped with
386# OpenSSH is to specify options with their default value where
387# possible, but leave them commented. Uncommented options change a
388# default value.
389
390Port $port_number
391#Protocol 2,1
392#ListenAddress 0.0.0.0
393#ListenAddress ::
394
395# HostKey for protocol version 1
396#HostKey ${SYSCONFDIR}/ssh_host_key
397# HostKeys for protocol version 2
398#HostKey ${SYSCONFDIR}/ssh_host_rsa_key
399#HostKey ${SYSCONFDIR}/ssh_host_dsa_key
400
401# Lifetime and size of ephemeral version 1 server key
402#KeyRegenerationInterval 1h
403#ServerKeyBits 768
404
405# Logging
406#obsoletes QuietMode and FascistLogging
407#SyslogFacility AUTH
408#LogLevel INFO
409
410# Authentication:
411
412#LoginGraceTime 2m
413#PermitRootLogin yes
414# The following setting overrides permission checks on host key files
415# and directories. For security reasons set this to "yes" when running
416# NT/W2K, NTFS and CYGWIN=ntsec.
417StrictModes no
418
419#RSAAuthentication yes
420#PubkeyAuthentication yes
421#AuthorizedKeysFile .ssh/authorized_keys
422
423# For this to work you will also need host keys in ${SYSCONFDIR}/ssh_known_hosts
424#RhostsRSAAuthentication no
425# similar for protocol version 2
426#HostbasedAuthentication no
427# Change to yes if you don't trust ~/.ssh/known_hosts for
428# RhostsRSAAuthentication and HostbasedAuthentication
429#IgnoreUserKnownHosts no
430# Don't read the user's ~/.rhosts and ~/.shosts files
431#IgnoreRhosts yes
432
433# To disable tunneled clear text passwords, change to no here!
434#PasswordAuthentication yes
435#PermitEmptyPasswords no
436
437# Change to no to disable s/key passwords
438#ChallengeResponseAuthentication yes
439
440#AllowTcpForwarding yes
441#GatewayPorts no
442#X11Forwarding no
443#X11DisplayOffset 10
444#X11UseLocalhost yes
445#PrintMotd yes
446#PrintLastLog yes
447#KeepAlive yes
448#UseLogin no
449UsePrivilegeSeparation $privsep_used
450#PermitUserEnvironment no
451#Compression yes
452#ClientAliveInterval 0
453#ClientAliveCountMax 3
454#UseDNS yes
455#PidFile /var/run/sshd.pid
456#MaxStartups 10
457
458# no default banner path
459#Banner /some/path
460
461# override default of no subsystems
462Subsystem sftp /usr/sbin/sftp-server
463EOF
464elif [ "$privsep_configured" != "yes" ]
465then 311then
466 echo >> ${SYSCONFDIR}/sshd_config 312 echo >> ${SYSCONFDIR}/sshd_config
467 echo "UsePrivilegeSeparation $privsep_used" >> ${SYSCONFDIR}/sshd_config 313 echo "UsePrivilegeSeparation ${privsep_used}" >> ${SYSCONFDIR}/sshd_config
468fi 314fi
469 315
470# Care for services file 316# Care for services file
471if [ $_nt -gt 0 ] 317_my_etcdir="/ssh-host-config.$$"
318if [ ${_nt} -gt 0 ]
472then 319then
473 _wservices="${SYSTEMROOT}\\system32\\drivers\\etc\\services" 320 _win_etcdir="${SYSTEMROOT}\\system32\\drivers\\etc"
474 _wserv_tmp="${SYSTEMROOT}\\system32\\drivers\\etc\\srv.out.$$" 321 _services="${_my_etcdir}/services"
322 # On NT, 27 spaces, no space after the hash
323 _spaces=" #"
475else 324else
476 _wservices="${WINDIR}\\SERVICES" 325 _win_etcdir="${WINDIR}"
477 _wserv_tmp="${WINDIR}\\SERV.$$" 326 _services="${_my_etcdir}/SERVICES"
327 # On 9x, 18 spaces (95 is very touchy), a space after the hash
328 _spaces=" # "
478fi 329fi
479_services=`cygpath -u "${_wservices}"` 330_serv_tmp="${_my_etcdir}/srv.out.$$"
480_serv_tmp=`cygpath -u "${_wserv_tmp}"`
481 331
482mount -t -f "${_wservices}" "${_services}" 332mount -t -f "${_win_etcdir}" "${_my_etcdir}"
483mount -t -f "${_wserv_tmp}" "${_serv_tmp}" 333
334# Depends on the above mount
335_wservices=`cygpath -w "${_services}"`
484 336
485# Remove sshd 22/port from services 337# Remove sshd 22/port from services
486if [ `grep -q 'sshd[ \t][ \t]*22' "${_services}"; echo $?` -eq 0 ] 338if [ `grep -q 'sshd[ \t][ \t]*22' "${_services}"; echo $?` -eq 0 ]
487then 339then
488 grep -v 'sshd[ \t][ \t]*22' "${_services}" > "${_serv_tmp}" 340 grep -v 'sshd[ \t][ \t]*22' "${_services}" > "${_serv_tmp}"
489 if [ -f "${_serv_tmp}" ] 341 if [ -f "${_serv_tmp}" ]
490 then 342 then
491 if mv "${_serv_tmp}" "${_services}" 343 if mv "${_serv_tmp}" "${_services}"
492 then 344 then
493 echo "Removing sshd from ${_services}" 345 echo "Removing sshd from ${_wservices}"
494 else 346 else
495 echo "Removing sshd from ${_services} failed\!" 347 echo "Removing sshd from ${_wservices} failed!"
496 fi 348 fi
497 rm -f "${_serv_tmp}" 349 rm -f "${_serv_tmp}"
498 else 350 else
499 echo "Removing sshd from ${_services} failed\!" 351 echo "Removing sshd from ${_wservices} failed!"
500 fi 352 fi
501fi 353fi
502 354
503# Add ssh 22/tcp and ssh 22/udp to services 355# Add ssh 22/tcp and ssh 22/udp to services
504if [ `grep -q 'ssh[ \t][ \t]*22' "${_services}"; echo $?` -ne 0 ] 356if [ `grep -q 'ssh[ \t][ \t]*22' "${_services}"; echo $?` -ne 0 ]
505then 357then
506 awk '{ if ( $2 ~ /^23\/tcp/ ) print "ssh 22/tcp #SSH Remote Login Protocol\nssh 22/udp #SSH Remote Login Protocol"; print $0; }' < "${_services}" > "${_serv_tmp}" 358 if awk '{ if ( $2 ~ /^23\/tcp/ ) print "ssh 22/tcp'"${_spaces}"'SSH Remote Login Protocol\nssh 22/udp'"${_spaces}"'SSH Remote Login Protocol"; print $0; }' < "${_services}" > "${_serv_tmp}"
507 if [ -f "${_serv_tmp}" ]
508 then 359 then
509 if mv "${_serv_tmp}" "${_services}" 360 if mv "${_serv_tmp}" "${_services}"
510 then 361 then
511 echo "Added ssh to ${_services}" 362 echo "Added ssh to ${_wservices}"
512 else 363 else
513 echo "Adding ssh to ${_services} failed\!" 364 echo "Adding ssh to ${_wservices} failed!"
514 fi 365 fi
515 rm -f "${_serv_tmp}" 366 rm -f "${_serv_tmp}"
516 else 367 else
517 echo "Adding ssh to ${_services} failed\!" 368 echo "WARNING: Adding ssh to ${_wservices} failed!"
518 fi 369 fi
519fi 370fi
520 371
521umount "${_services}" 372umount "${_my_etcdir}"
522umount "${_serv_tmp}"
523 373
524# Care for inetd.conf file 374# Care for inetd.conf file
525_inetcnf="${SYSCONFDIR}/inetd.conf" 375_inetcnf="${SYSCONFDIR}/inetd.conf"
@@ -538,13 +388,13 @@ then
538 then 388 then
539 if mv "${_inetcnf_tmp}" "${_inetcnf}" 389 if mv "${_inetcnf_tmp}" "${_inetcnf}"
540 then 390 then
541 echo "Removed sshd from ${_inetcnf}" 391 echo "Removed sshd from ${_inetcnf}"
542 else 392 else
543 echo "Removing sshd from ${_inetcnf} failed\!" 393 echo "Removing sshd from ${_inetcnf} failed!"
544 fi 394 fi
545 rm -f "${_inetcnf_tmp}" 395 rm -f "${_inetcnf_tmp}"
546 else 396 else
547 echo "Removing sshd from ${_inetcnf} failed\!" 397 echo "Removing sshd from ${_inetcnf} failed!"
548 fi 398 fi
549 fi 399 fi
550 400
@@ -562,34 +412,181 @@ then
562fi 412fi
563 413
564# On NT ask if sshd should be installed as service 414# On NT ask if sshd should be installed as service
565if [ $_nt -gt 0 ] 415if [ ${_nt} -gt 0 ]
566then 416then
567 echo 417 # But only if it is not already installed
568 echo "Do you want to install sshd as service?" 418 if ! cygrunsrv -Q sshd > /dev/null 2>&1
569 if request "(Say \"no\" if it's already installed as service)"
570 then 419 then
571 echo 420 echo
572 echo "Which value should the environment variable CYGWIN have when" 421 echo
573 echo "sshd starts? It's recommended to set at least \"ntsec\" to be" 422 echo "Warning: The following functions require administrator privileges!"
574 echo "able to change user context without password." 423 echo
575 echo -n "Default is \"binmode ntsec tty\". CYGWIN=" 424 echo "Do you want to install sshd as service?"
576 read _cygwin 425 if request "(Say \"no\" if it's already installed as service)"
577 [ -z "${_cygwin}" ] && _cygwin="binmode ntsec tty" 426 then
578 if cygrunsrv -I sshd -d "CYGWIN sshd" -p /usr/sbin/sshd -a -D -e "CYGWIN=${_cygwin}" 427 if [ $_nt2003 -gt 0 ]
428 then
429 grep -q '^sshd_server:' ${SYSCONFDIR}/passwd && sshd_server_in_passwd=yes
430 if [ "${sshd_server_in_passwd}" = "yes" ]
431 then
432 # Drop sshd_server from passwd since it could have wrong settings
433 grep -v '^sshd_server:' ${SYSCONFDIR}/passwd > ${SYSCONFDIR}/passwd.$$
434 rm -f ${SYSCONFDIR}/passwd
435 mv ${SYSCONFDIR}/passwd.$$ ${SYSCONFDIR}/passwd
436 chmod g-w,o-w ${SYSCONFDIR}/passwd
437 fi
438 net user sshd_server >/dev/null 2>&1 && sshd_server_in_sam=yes
439 if [ "${sshd_server_in_sam}" != "yes" ]
440 then
441 echo
442 echo "You appear to be running Windows 2003 Server or later. On 2003 and"
443 echo "later systems, it's not possible to use the LocalSystem account"
444 echo "if sshd should allow passwordless logon (e. g. public key authentication)."
445 echo "If you want to enable that functionality, it's required to create a new"
446 echo "account 'sshd_server' with special privileges, which is then used to run"
447 echo "the sshd service under."
448 echo
449 echo "Should this script create a new local account 'sshd_server' which has"
450 if request "the required privileges?"
451 then
452 _admingroup=`awk -F: '{if ( $2 == "S-1-5-32-544" ) print $1;}' ${SYSCONFDIR}/group`
453 if [ -z "${_admingroup}" ]
454 then
455 echo "There's no group with SID S-1-5-32-544 (Local administrators group) in"
456 echo "your ${SYSCONFDIR}/group file. Please regenerate this entry using 'mkgroup -l'"
457 echo "and restart this script."
458 exit 1
459 fi
460 dos_var_empty=`cygpath -w ${LOCALSTATEDIR}/empty`
461 while [ "${sshd_server_in_sam}" != "yes" ]
462 do
463 if [ -n "${password_value}" ]
464 then
465 _password="${password_value}"
466 # Allow to ask for password if first try fails
467 password_value=""
468 else
469 echo
470 echo "Please enter a password for new user 'sshd_server'. Please be sure that"
471 echo "this password matches the password rules given on your system."
472 echo -n "Entering no password will exit the configuration. PASSWORD="
473 read -e _password
474 if [ -z "${_password}" ]
475 then
476 echo
477 echo "Exiting configuration. No user sshd_server has been created,"
478 echo "no sshd service installed."
479 exit 1
480 fi
481 fi
482 net user sshd_server "${_password}" /add /fullname:"sshd server account" "/homedir:${dos_var_empty}" /yes > /tmp/nu.$$ 2>&1 && sshd_server_in_sam=yes
483 if [ "${sshd_server_in_sam}" != "yes" ]
484 then
485 echo "Creating the user 'sshd_server' failed! Reason:"
486 cat /tmp/nu.$$
487 rm /tmp/nu.$$
488 fi
489 done
490 net localgroup "${_admingroup}" sshd_server /add > /dev/null 2>&1 && sshd_server_in_admingroup=yes
491 if [ "${sshd_server_in_admingroup}" != "yes" ]
492 then
493 echo "WARNING: Adding user sshd_server to local group ${_admingroup} failed!"
494 echo "Please add sshd_server to local group ${_admingroup} before"
495 echo "starting the sshd service!"
496 echo
497 fi
498 passwd_has_expiry_flags=`passwd -v | awk '/^passwd /{print ( $3 >= 1.5 ) ? "yes" : "no";}'`
499 if [ "${passwd_has_expiry_flags}" != "yes" ]
500 then
501 echo
502 echo "WARNING: User sshd_server has password expiry set to system default."
503 echo "Please check that password never expires or set it to your needs."
504 elif ! passwd -e sshd_server
505 then
506 echo
507 echo "WARNING: Setting password expiry for user sshd_server failed!"
508 echo "Please check that password never expires or set it to your needs."
509 fi
510 editrights -a SeAssignPrimaryTokenPrivilege -u sshd_server &&
511 editrights -a SeCreateTokenPrivilege -u sshd_server &&
512 editrights -a SeDenyInteractiveLogonRight -u sshd_server &&
513 editrights -a SeDenyNetworkLogonRight -u sshd_server &&
514 editrights -a SeDenyRemoteInteractiveLogonRight -u sshd_server &&
515 editrights -a SeIncreaseQuotaPrivilege -u sshd_server &&
516 editrights -a SeServiceLogonRight -u sshd_server &&
517 sshd_server_got_all_rights="yes"
518 if [ "${sshd_server_got_all_rights}" != "yes" ]
519 then
520 echo
521 echo "Assigning the appropriate privileges to user 'sshd_server' failed!"
522 echo "Can't create sshd service!"
523 exit 1
524 fi
525 echo
526 echo "User 'sshd_server' has been created with password '${_password}'."
527 echo "If you change the password, please keep in mind to change the password"
528 echo "for the sshd service, too."
529 echo
530 echo "Also keep in mind that the user sshd_server needs read permissions on all"
531 echo "users' .ssh/authorized_keys file to allow public key authentication for"
532 echo "these users!. (Re-)running ssh-user-config for each user will set the"
533 echo "required permissions correctly."
534 echo
535 fi
536 fi
537 if [ "${sshd_server_in_sam}" = "yes" ]
538 then
539 mkpasswd -l -u sshd_server | sed -e 's/bash$/false/' >> ${SYSCONFDIR}/passwd
540 fi
541 fi
542 if [ -n "${cygwin_value}" ]
543 then
544 _cygwin="${cygwin_value}"
545 else
546 echo
547 echo "Which value should the environment variable CYGWIN have when"
548 echo "sshd starts? It's recommended to set at least \"ntsec\" to be"
549 echo "able to change user context without password."
550 echo -n "Default is \"ntsec\". CYGWIN="
551 read -e _cygwin
552 fi
553 [ -z "${_cygwin}" ] && _cygwin="ntsec"
554 if [ $_nt2003 -gt 0 -a "${sshd_server_in_sam}" = "yes" ]
555 then
556 if cygrunsrv -I sshd -d "CYGWIN sshd" -p /usr/sbin/sshd -a -D -u sshd_server -w "${_password}" -e "CYGWIN=${_cygwin}"
557 then
558 echo
559 echo "The service has been installed under sshd_server account."
560 echo "To start the service, call \`net start sshd' or \`cygrunsrv -S sshd'."
561 fi
562 else
563 if cygrunsrv -I sshd -d "CYGWIN sshd" -p /usr/sbin/sshd -a -D -e "CYGWIN=${_cygwin}"
564 then
565 echo
566 echo "The service has been installed under LocalSystem account."
567 echo "To start the service, call \`net start sshd' or \`cygrunsrv -S sshd'."
568 fi
569 fi
570 fi
571 # Now check if sshd has been successfully installed. This allows to
572 # set the ownership of the affected files correctly.
573 if cygrunsrv -Q sshd > /dev/null 2>&1
579 then 574 then
580 chown system ${SYSCONFDIR}/ssh* 575 if [ $_nt2003 -gt 0 -a "${sshd_server_in_sam}" = "yes" ]
581 echo 576 then
582 echo "The service has been installed under LocalSystem account." 577 _user="sshd_server"
578 else
579 _user="system"
580 fi
581 chown "${_user}" ${SYSCONFDIR}/ssh*
582 chown "${_user}".544 ${LOCALSTATEDIR}/empty
583 if [ -f ${LOCALSTATEDIR}/log/sshd.log ]
584 then
585 chown "${_user}".544 ${LOCALSTATEDIR}/log/sshd.log
586 fi
583 fi 587 fi
584 fi 588 fi
585fi 589fi
586 590
587if [ "${old_install}" = "1" ]
588then
589 echo
590 echo "Note: If you have used sshd as service or from inetd, don't forget to"
591 echo " change the path to sshd.exe in the service entry or in inetd.conf."
592fi
593
594echo 591echo
595echo "Host configuration finished. Have fun!" 592echo "Host configuration finished. Have fun!"
diff --git a/contrib/cygwin/ssh-user-config b/contrib/cygwin/ssh-user-config
index 4da113181..fe07ce360 100644
--- a/contrib/cygwin/ssh-user-config
+++ b/contrib/cygwin/ssh-user-config
@@ -1,9 +1,12 @@
1#!/bin/sh 1#!/bin/sh
2# 2#
3# ssh-user-config, Copyright 2000, Red Hat Inc. 3# ssh-user-config, Copyright 2000, 2001, 2002, 2003, Red Hat Inc.
4# 4#
5# This file is part of the Cygwin port of OpenSSH. 5# This file is part of the Cygwin port of OpenSSH.
6 6
7# Directory where the config files are stored
8SYSCONFDIR=/etc
9
7progname=$0 10progname=$0
8auto_answer="" 11auto_answer=""
9auto_passphrase="no" 12auto_passphrase="no"
@@ -33,6 +36,15 @@ request()
33 fi 36 fi
34} 37}
35 38
39# Check if running on NT
40_sys="`uname -a`"
41_nt=`expr "$_sys" : "CYGWIN_NT"`
42# If running on NT, check if running under 2003 Server or later
43if [ $_nt -gt 0 ]
44then
45 _nt2003=`uname | awk -F- '{print ( $2 >= 5.2 ) ? 1 : 0;}'`
46fi
47
36# Check options 48# Check options
37 49
38while : 50while :
@@ -84,27 +96,27 @@ done
84 96
85# Ask user if user identity should be generated 97# Ask user if user identity should be generated
86 98
87if [ ! -f /etc/passwd ] 99if [ ! -f ${SYSCONFDIR}/passwd ]
88then 100then
89 echo '/etc/passwd is nonexistant. Please generate an /etc/passwd file' 101 echo "${SYSCONFDIR}/passwd is nonexistant. Please generate an ${SYSCONFDIR}/passwd file"
90 echo 'first using mkpasswd. Check if it contains an entry for you and' 102 echo 'first using mkpasswd. Check if it contains an entry for you and'
91 echo 'please care for the home directory in your entry as well.' 103 echo 'please care for the home directory in your entry as well.'
92 exit 1 104 exit 1
93fi 105fi
94 106
95uid=`id -u` 107uid=`id -u`
96pwdhome=`awk -F: '{ if ( $3 == '${uid}' ) print $6; }' < /etc/passwd` 108pwdhome=`awk -F: '{ if ( $3 == '${uid}' ) print $6; }' < ${SYSCONFDIR}/passwd`
97 109
98if [ "X${pwdhome}" = "X" ] 110if [ "X${pwdhome}" = "X" ]
99then 111then
100 echo 'There is no home directory set for you in /etc/passwd.' 112 echo "There is no home directory set for you in ${SYSCONFDIR}/passwd."
101 echo 'Setting $HOME is not sufficient!' 113 echo 'Setting $HOME is not sufficient!'
102 exit 1 114 exit 1
103fi 115fi
104 116
105if [ ! -d "${pwdhome}" ] 117if [ ! -d "${pwdhome}" ]
106then 118then
107 echo "${pwdhome} is set in /etc/passwd as your home directory" 119 echo "${pwdhome} is set in ${SYSCONFDIR}/passwd as your home directory"
108 echo 'but it is not a valid directory. Cannot create user identity files.' 120 echo 'but it is not a valid directory. Cannot create user identity files.'
109 exit 1 121 exit 1
110fi 122fi
@@ -114,7 +126,7 @@ fi
114if [ "X${pwdhome}" = "X/" ] 126if [ "X${pwdhome}" = "X/" ]
115then 127then
116 # But first raise a warning! 128 # But first raise a warning!
117 echo 'Your home directory in /etc/passwd is set to root (/). This is not recommended!' 129 echo "Your home directory in ${SYSCONFDIR}/passwd is set to root (/). This is not recommended!"
118 if request "Would you like to proceed anyway?" 130 if request "Would you like to proceed anyway?"
119 then 131 then
120 pwdhome='' 132 pwdhome=''
@@ -123,6 +135,17 @@ then
123 fi 135 fi
124fi 136fi
125 137
138if [ -d "${pwdhome}" -a $_nt -gt 0 -a -n "`chmod -c g-w,o-w "${pwdhome}"`" ]
139then
140 echo
141 echo 'WARNING: group and other have been revoked write permission to your home'
142 echo " directory ${pwdhome}."
143 echo ' This is required by OpenSSH to allow public key authentication using'
144 echo ' the key files stored in your .ssh subdirectory.'
145 echo ' Revert this change ONLY if you know what you are doing!'
146 echo
147fi
148
126if [ -e "${pwdhome}/.ssh" -a ! -d "${pwdhome}/.ssh" ] 149if [ -e "${pwdhome}/.ssh" -a ! -d "${pwdhome}/.ssh" ]
127then 150then
128 echo "${pwdhome}/.ssh is existant but not a directory. Cannot create user identity files." 151 echo "${pwdhome}/.ssh is existant but not a directory. Cannot create user identity files."
@@ -139,6 +162,21 @@ then
139 fi 162 fi
140fi 163fi
141 164
165if [ $_nt -gt 0 ]
166then
167 _user="system"
168 if [ $_nt2003 -gt 0 ]
169 then
170 grep -q '^sshd_server:' ${SYSCONFDIR}/passwd && _user="sshd_server"
171 fi
172 if ! setfacl -m "u::rwx,u:${_user}:r--,g::---,o::---" "${pwdhome}/.ssh"
173 then
174 echo "${pwdhome}/.ssh couldn't be given the correct permissions."
175 echo "Please try to solve this problem first."
176 exit 1
177 fi
178fi
179
142if [ ! -f "${pwdhome}/.ssh/identity" ] 180if [ ! -f "${pwdhome}/.ssh/identity" ]
143then 181then
144 if request "Shall I create an SSH1 RSA identity file for you?" 182 if request "Shall I create an SSH1 RSA identity file for you?"
@@ -196,5 +234,17 @@ then
196 fi 234 fi
197fi 235fi
198 236
237if [ $_nt -gt 0 -a -e "${pwdhome}/.ssh/authorized_keys" ]
238then
239 if ! setfacl -m "u::rw-,u:${_user}:r--,g::---,o::---" "${pwdhome}/.ssh/authorized_keys"
240 then
241 echo
242 echo "WARNING: Setting correct permissions to ${pwdhome}/.ssh/authorized_keys"
243 echo "failed. Please care for the correct permissions. The minimum requirement"
244 echo "is, the owner and ${_user} both need read permissions."
245 echo
246 fi
247fi
248
199echo 249echo
200echo "Configuration finished. Have fun!" 250echo "Configuration finished. Have fun!"
diff --git a/contrib/findssl.sh b/contrib/findssl.sh
index 87a4abce2..0c08d4a18 100644
--- a/contrib/findssl.sh
+++ b/contrib/findssl.sh
@@ -9,24 +9,24 @@
9# Written by Darren Tucker (dtucker at zip dot com dot au) 9# Written by Darren Tucker (dtucker at zip dot com dot au)
10# This file is placed in the public domain. 10# This file is placed in the public domain.
11# 11#
12# $Id: findssl.sh,v 1.1 2003/06/24 10:22:10 dtucker Exp $ 12# $Id: findssl.sh,v 1.2 2003/11/21 12:48:56 djm Exp $
13# 2002-07-27: Initial release. 13# 2002-07-27: Initial release.
14# 2002-08-04: Added public domain notice. 14# 2002-08-04: Added public domain notice.
15# 2003-06-24: Incorporated readme, set library paths. First cvs version. 15# 2003-06-24: Incorporated readme, set library paths. First cvs version.
16# 16#
17# "OpenSSL headers do not match your library" are usually caused by 17# "OpenSSL headers do not match your library" are usually caused by
18# OpenSSH's configure picking up an older version of OpenSSL headers 18# OpenSSH's configure picking up an older version of OpenSSL headers
19# or libraries. You can use the following # procedure to help identify 19# or libraries. You can use the following # procedure to help identify
20# the cause. 20# the cause.
21# 21#
22# The output of configure will tell you the versions of the OpenSSL 22# The output of configure will tell you the versions of the OpenSSL
23# headers and libraries that were picked up, for example: 23# headers and libraries that were picked up, for example:
24# 24#
25# checking OpenSSL header version... 90604f (OpenSSL 0.9.6d 9 May 2002) 25# checking OpenSSL header version... 90604f (OpenSSL 0.9.6d 9 May 2002)
26# checking OpenSSL library version... 90602f (OpenSSL 0.9.6b [engine] 9 Jul 2001) 26# checking OpenSSL library version... 90602f (OpenSSL 0.9.6b [engine] 9 Jul 2001)
27# checking whether OpenSSL's headers match the library... no 27# checking whether OpenSSL's headers match the library... no
28# configure: error: Your OpenSSL headers do not match your library 28# configure: error: Your OpenSSL headers do not match your library
29# 29#
30# Now run findssl.sh. This should identify the headers and libraries 30# Now run findssl.sh. This should identify the headers and libraries
31# present and their versions. You should be able to identify the 31# present and their versions. You should be able to identify the
32# libraries and headers used and adjust your CFLAGS or remove incorrect 32# libraries and headers used and adjust your CFLAGS or remove incorrect
@@ -37,7 +37,7 @@
37# Searching for OpenSSL header files. 37# Searching for OpenSSL header files.
38# 0x0090604fL /usr/include/openssl/opensslv.h 38# 0x0090604fL /usr/include/openssl/opensslv.h
39# 0x0090604fL /usr/local/ssl/include/openssl/opensslv.h 39# 0x0090604fL /usr/local/ssl/include/openssl/opensslv.h
40# 40#
41# Searching for OpenSSL shared library files. 41# Searching for OpenSSL shared library files.
42# 0x0090602fL /lib/libcrypto.so.0.9.6b 42# 0x0090602fL /lib/libcrypto.so.0.9.6b
43# 0x0090602fL /lib/libcrypto.so.2 43# 0x0090602fL /lib/libcrypto.so.2
@@ -46,11 +46,11 @@
46# 0x0090581fL /usr/lib/libcrypto.so.0.9.5a 46# 0x0090581fL /usr/lib/libcrypto.so.0.9.5a
47# 0x0090600fL /usr/lib/libcrypto.so.0.9.6 47# 0x0090600fL /usr/lib/libcrypto.so.0.9.6
48# 0x0090600fL /usr/lib/libcrypto.so.1 48# 0x0090600fL /usr/lib/libcrypto.so.1
49# 49#
50# Searching for OpenSSL static library files. 50# Searching for OpenSSL static library files.
51# 0x0090602fL /usr/lib/libcrypto.a 51# 0x0090602fL /usr/lib/libcrypto.a
52# 0x0090604fL /usr/local/ssl/lib/libcrypto.a 52# 0x0090604fL /usr/local/ssl/lib/libcrypto.a
53# 53#
54# In this example, I gave configure no extra flags, so it's picking up 54# In this example, I gave configure no extra flags, so it's picking up
55# the OpenSSL header from /usr/include/openssl (90604f) and the library 55# the OpenSSL header from /usr/include/openssl (90604f) and the library
56# from /usr/lib/ (90602f). 56# from /usr/lib/ (90602f).
diff --git a/contrib/gnome-ssh-askpass1.c b/contrib/gnome-ssh-askpass1.c
index b6b342b84..4d51032d1 100644
--- a/contrib/gnome-ssh-askpass1.c
+++ b/contrib/gnome-ssh-askpass1.c
@@ -23,14 +23,14 @@
23 */ 23 */
24 24
25/* 25/*
26 * This is a simple GNOME SSH passphrase grabber. To use it, set the 26 * This is a simple GNOME SSH passphrase grabber. To use it, set the
27 * environment variable SSH_ASKPASS to point to the location of 27 * environment variable SSH_ASKPASS to point to the location of
28 * gnome-ssh-askpass before calling "ssh-add < /dev/null". 28 * gnome-ssh-askpass before calling "ssh-add < /dev/null".
29 * 29 *
30 * There is only two run-time options: if you set the environment variable 30 * There is only two run-time options: if you set the environment variable
31 * "GNOME_SSH_ASKPASS_GRAB_SERVER=true" then gnome-ssh-askpass will grab 31 * "GNOME_SSH_ASKPASS_GRAB_SERVER=true" then gnome-ssh-askpass will grab
32 * the X server. If you set "GNOME_SSH_ASKPASS_GRAB_POINTER=true", then the 32 * the X server. If you set "GNOME_SSH_ASKPASS_GRAB_POINTER=true", then the
33 * pointer will be grabbed too. These may have some benefit to security if 33 * pointer will be grabbed too. These may have some benefit to security if
34 * you don't trust your X server. We grab the keyboard always. 34 * you don't trust your X server. We grab the keyboard always.
35 */ 35 */
36 36
@@ -87,7 +87,7 @@ passphrase_dialog(char *message)
87 } 87 }
88 88
89 entry = gtk_entry_new(); 89 entry = gtk_entry_new();
90 gtk_box_pack_start(GTK_BOX(GNOME_DIALOG(dialog)->vbox), entry, FALSE, 90 gtk_box_pack_start(GTK_BOX(GNOME_DIALOG(dialog)->vbox), entry, FALSE,
91 FALSE, 0); 91 FALSE, 0);
92 gtk_entry_set_visibility(GTK_ENTRY(entry), FALSE); 92 gtk_entry_set_visibility(GTK_ENTRY(entry), FALSE);
93 gtk_widget_grab_focus(entry); 93 gtk_widget_grab_focus(entry);
@@ -105,7 +105,7 @@ passphrase_dialog(char *message)
105 /* Grab focus */ 105 /* Grab focus */
106 if (grab_server) 106 if (grab_server)
107 XGrabServer(GDK_DISPLAY()); 107 XGrabServer(GDK_DISPLAY());
108 if (grab_pointer && gdk_pointer_grab(dialog->window, TRUE, 0, 108 if (grab_pointer && gdk_pointer_grab(dialog->window, TRUE, 0,
109 NULL, NULL, GDK_CURRENT_TIME)) 109 NULL, NULL, GDK_CURRENT_TIME))
110 goto nograb; 110 goto nograb;
111 if (gdk_keyboard_grab(dialog->window, FALSE, GDK_CURRENT_TIME)) 111 if (gdk_keyboard_grab(dialog->window, FALSE, GDK_CURRENT_TIME))
diff --git a/contrib/gnome-ssh-askpass2.c b/contrib/gnome-ssh-askpass2.c
index 9e8eaf920..0ce8daec9 100644
--- a/contrib/gnome-ssh-askpass2.c
+++ b/contrib/gnome-ssh-askpass2.c
@@ -25,14 +25,14 @@
25/* GTK2 support by Nalin Dahyabhai <nalin@redhat.com> */ 25/* GTK2 support by Nalin Dahyabhai <nalin@redhat.com> */
26 26
27/* 27/*
28 * This is a simple GNOME SSH passphrase grabber. To use it, set the 28 * This is a simple GNOME SSH passphrase grabber. To use it, set the
29 * environment variable SSH_ASKPASS to point to the location of 29 * environment variable SSH_ASKPASS to point to the location of
30 * gnome-ssh-askpass before calling "ssh-add < /dev/null". 30 * gnome-ssh-askpass before calling "ssh-add < /dev/null".
31 * 31 *
32 * There is only two run-time options: if you set the environment variable 32 * There is only two run-time options: if you set the environment variable
33 * "GNOME_SSH_ASKPASS_GRAB_SERVER=true" then gnome-ssh-askpass will grab 33 * "GNOME_SSH_ASKPASS_GRAB_SERVER=true" then gnome-ssh-askpass will grab
34 * the X server. If you set "GNOME_SSH_ASKPASS_GRAB_POINTER=true", then the 34 * the X server. If you set "GNOME_SSH_ASKPASS_GRAB_POINTER=true", then the
35 * pointer will be grabbed too. These may have some benefit to security if 35 * pointer will be grabbed too. These may have some benefit to security if
36 * you don't trust your X server. We grab the keyboard always. 36 * you don't trust your X server. We grab the keyboard always.
37 */ 37 */
38 38
@@ -103,7 +103,7 @@ passphrase_dialog(char *message)
103 message); 103 message);
104 104
105 entry = gtk_entry_new(); 105 entry = gtk_entry_new();
106 gtk_box_pack_start(GTK_BOX(GTK_DIALOG(dialog)->vbox), entry, FALSE, 106 gtk_box_pack_start(GTK_BOX(GTK_DIALOG(dialog)->vbox), entry, FALSE,
107 FALSE, 0); 107 FALSE, 0);
108 gtk_entry_set_visibility(GTK_ENTRY(entry), FALSE); 108 gtk_entry_set_visibility(GTK_ENTRY(entry), FALSE);
109 gtk_widget_grab_focus(entry); 109 gtk_widget_grab_focus(entry);
@@ -124,7 +124,7 @@ passphrase_dialog(char *message)
124 if (grab_pointer) { 124 if (grab_pointer) {
125 for(;;) { 125 for(;;) {
126 status = gdk_pointer_grab( 126 status = gdk_pointer_grab(
127 (GTK_WIDGET(dialog))->window, TRUE, 0, NULL, 127 (GTK_WIDGET(dialog))->window, TRUE, 0, NULL,
128 NULL, GDK_CURRENT_TIME); 128 NULL, GDK_CURRENT_TIME);
129 if (status == GDK_GRAB_SUCCESS) 129 if (status == GDK_GRAB_SUCCESS)
130 break; 130 break;
diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec
index ce7c564c3..05750e3a9 100644
--- a/contrib/redhat/openssh.spec
+++ b/contrib/redhat/openssh.spec
@@ -1,4 +1,4 @@
1%define ver 3.7p1 1%define ver 3.8p1
2%define rel 1 2%define rel 1
3 3
4# OpenSSH privilege separation requires a user & group ID 4# OpenSSH privilege separation requires a user & group ID
@@ -34,6 +34,11 @@
34%{?skip_x11_askpass:%define no_x11_askpass 1} 34%{?skip_x11_askpass:%define no_x11_askpass 1}
35%{?skip_gnome_askpass:%define no_gnome_askpass 1} 35%{?skip_gnome_askpass:%define no_gnome_askpass 1}
36 36
37# Add option to build without GTK2 for older platforms with only GTK+.
38# RedHat <= 7.2 and Red Hat Advanced Server 2.1 are examples.
39# rpm -ba|--rebuild --define 'no_gtk2 1'
40%{?no_gtk2:%define gtk2 0}
41
37# Is this a build for RHL 6.x or earlier? 42# Is this a build for RHL 6.x or earlier?
38%{?build_6x:%define build6x 1} 43%{?build_6x:%define build6x 1}
39 44
@@ -176,6 +181,11 @@ environment.
176CFLAGS="$RPM_OPT_FLAGS -Os"; export CFLAGS 181CFLAGS="$RPM_OPT_FLAGS -Os"; export CFLAGS
177%endif 182%endif
178 183
184%if %{kerberos5}
185K5DIR=`rpm -ql krb5-devel | grep include/krb5.h | sed 's,\/include\/krb5.h,,'`
186echo K5DIR=$K5DIR
187%endif
188
179%configure \ 189%configure \
180 --sysconfdir=%{_sysconfdir}/ssh \ 190 --sysconfdir=%{_sysconfdir}/ssh \
181 --libexecdir=%{_libexecdir}/openssh \ 191 --libexecdir=%{_libexecdir}/openssh \
@@ -185,16 +195,17 @@ CFLAGS="$RPM_OPT_FLAGS -Os"; export CFLAGS
185 --with-default-path=/usr/local/bin:/bin:/usr/bin \ 195 --with-default-path=/usr/local/bin:/bin:/usr/bin \
186 --with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin \ 196 --with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin \
187 --with-privsep-path=%{_var}/empty/sshd \ 197 --with-privsep-path=%{_var}/empty/sshd \
198 --with-md5-passwords \
188%if %{scard} 199%if %{scard}
189 --with-smartcard \ 200 --with-smartcard \
190%endif 201%endif
191%if %{rescue} 202%if %{rescue}
192 --without-pam --with-md5-passwords \ 203 --without-pam \
193%else 204%else
194 --with-pam \ 205 --with-pam \
195%endif 206%endif
196%if %{kerberos5} 207%if %{kerberos5}
197 --with-kerberos5=/usr/kerberos \ 208 --with-kerberos5=$K5DIR \
198%endif 209%endif
199 210
200 211
@@ -392,7 +403,7 @@ fi
392 403
393%changelog 404%changelog
394* Mon Jun 2 2003 Damien Miller <djm@mindrot.org> 405* Mon Jun 2 2003 Damien Miller <djm@mindrot.org>
395- Remove noip6 option. This may be controlled at run-time in client config 406- Remove noip6 option. This may be controlled at run-time in client config
396 file using new AddressFamily directive 407 file using new AddressFamily directive
397 408
398* Mon May 12 2003 Damien Miller <djm@mindrot.org> 409* Mon May 12 2003 Damien Miller <djm@mindrot.org>
@@ -552,7 +563,7 @@ fi
552 563
553* Sun Apr 8 2001 Preston Brown <pbrown@redhat.com> 564* Sun Apr 8 2001 Preston Brown <pbrown@redhat.com>
554- remove explicit openssl requirement, fixes builddistro issue 565- remove explicit openssl requirement, fixes builddistro issue
555- make initscript stop() function wait until sshd really dead to avoid 566- make initscript stop() function wait until sshd really dead to avoid
556 races in condrestart 567 races in condrestart
557 568
558* Mon Apr 2 2001 Nalin Dahyabhai <nalin@redhat.com> 569* Mon Apr 2 2001 Nalin Dahyabhai <nalin@redhat.com>
diff --git a/contrib/solaris/README b/contrib/solaris/README
index 9b0a46e29..eb4c590f4 100755
--- a/contrib/solaris/README
+++ b/contrib/solaris/README
@@ -17,7 +17,7 @@ Directions:
17 17
18If all goes well you should have a solaris package ready to be installed. 18If all goes well you should have a solaris package ready to be installed.
19 19
20If you have any problems with this script please post them to 20If you have any problems with this script please post them to
21openssh-unix-dev@mindrot.org and I will try to assist you as best as I can. 21openssh-unix-dev@mindrot.org and I will try to assist you as best as I can.
22 22
23- Ben Lindstrom 23- Ben Lindstrom
diff --git a/contrib/solaris/buildpkg.sh b/contrib/solaris/buildpkg.sh
index c41b3f963..29d096306 100755
--- a/contrib/solaris/buildpkg.sh
+++ b/contrib/solaris/buildpkg.sh
@@ -5,7 +5,7 @@
5# The following code has been provide under Public Domain License. I really 5# The following code has been provide under Public Domain License. I really
6# don't care what you use it for. Just as long as you don't complain to me 6# don't care what you use it for. Just as long as you don't complain to me
7# nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org) 7# nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org)
8# 8#
9umask 022 9umask 022
10# 10#
11# Options for building the package 11# Options for building the package
@@ -13,7 +13,7 @@ umask 022
13# 13#
14# uncommenting TEST_DIR and using 14# uncommenting TEST_DIR and using
15# configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty 15# configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty
16# and 16# and
17# PKGNAME=tOpenSSH should allow testing a package without interfering 17# PKGNAME=tOpenSSH should allow testing a package without interfering
18# with a real OpenSSH package on a system. This is not needed on systems 18# with a real OpenSSH package on a system. This is not needed on systems
19# that support the -R option to pkgadd. 19# that support the -R option to pkgadd.
@@ -23,9 +23,10 @@ SYSVINIT_NAME=opensshd
23MAKE=${MAKE:="make"} 23MAKE=${MAKE:="make"}
24SSHDUID=67 # Default privsep uid 24SSHDUID=67 # Default privsep uid
25SSHDGID=67 # Default privsep gid 25SSHDGID=67 # Default privsep gid
26# uncomment these next two as needed 26# uncomment these next three as needed
27#PERMIT_ROOT_LOGIN=no 27#PERMIT_ROOT_LOGIN=no
28#X11_FORWARDING=yes 28#X11_FORWARDING=yes
29#USR_LOCAL_IS_SYMLINK=yes
29# list of system directories we do NOT want to change owner/group/perms 30# list of system directories we do NOT want to change owner/group/perms
30# when installing our package 31# when installing our package
31SYSTEM_DIR="/etc \ 32SYSTEM_DIR="/etc \
@@ -81,7 +82,7 @@ export PATH
81# we will look for config.local to override the above options 82# we will look for config.local to override the above options
82[ -s ./config.local ] && . ./config.local 83[ -s ./config.local ] && . ./config.local
83 84
84## Start by faking root install 85## Start by faking root install
85echo "Faking root install..." 86echo "Faking root install..."
86START=`pwd` 87START=`pwd`
87OPENSSHD_IN=`dirname $0`/opensshd.in 88OPENSSHD_IN=`dirname $0`/opensshd.in
@@ -98,20 +99,20 @@ fi
98## Fill in some details, like prefix and sysconfdir 99## Fill in some details, like prefix and sysconfdir
99for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir 100for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir
100do 101do
101 eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2` 102 eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2`
102done 103done
103 104
104 105
105## Collect value of privsep user 106## Collect value of privsep user
106for confvar in SSH_PRIVSEP_USER 107for confvar in SSH_PRIVSEP_USER
107do 108do
108 eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h` 109 eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h`
109done 110done
110 111
111## Set privsep defaults if not defined 112## Set privsep defaults if not defined
112if [ -z "$SSH_PRIVSEP_USER" ] 113if [ -z "$SSH_PRIVSEP_USER" ]
113then 114then
114 SSH_PRIVSEP_USER=sshd 115 SSH_PRIVSEP_USER=sshd
115fi 116fi
116 117
117## Extract common info requires for the 'info' part of the package. 118## Extract common info requires for the 'info' part of the package.
@@ -243,16 +244,16 @@ fi
243 244
244if egrep '^[ \t]*UsePrivilegeSeparation[ \t]+no' \${PKG_INSTALL_ROOT}/$sysconfdir/sshd_config >/dev/null 245if egrep '^[ \t]*UsePrivilegeSeparation[ \t]+no' \${PKG_INSTALL_ROOT}/$sysconfdir/sshd_config >/dev/null
245then 246then
246 echo "UsePrivilegeSeparation disabled in config, not creating PrivSep user" 247 echo "UsePrivilegeSeparation disabled in config, not creating PrivSep user"
247 echo "or group." 248 echo "or group."
248else 249else
249 echo "UsePrivilegeSeparation enabled in config (or defaulting to on)." 250 echo "UsePrivilegeSeparation enabled in config (or defaulting to on)."
250 251
251 # create group if required 252 # create group if required
252 if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null 253 if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
253 then 254 then
254 echo "PrivSep group $SSH_PRIVSEP_USER already exists." 255 echo "PrivSep group $SSH_PRIVSEP_USER already exists."
255 else 256 else
256 # Use gid of 67 if possible 257 # Use gid of 67 if possible
257 if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null 258 if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null
258 then 259 then
@@ -260,15 +261,15 @@ else
260 else 261 else
261 sshdgid="-g $SSHDGID" 262 sshdgid="-g $SSHDGID"
262 fi 263 fi
263 echo "Creating PrivSep group $SSH_PRIVSEP_USER." 264 echo "Creating PrivSep group $SSH_PRIVSEP_USER."
264 \$chroot /usr/sbin/groupadd \$sshdgid $SSH_PRIVSEP_USER 265 \$chroot /usr/sbin/groupadd \$sshdgid $SSH_PRIVSEP_USER
265 fi 266 fi
266 267
267 # Create user if required 268 # Create user if required
268 if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null 269 if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
269 then 270 then
270 echo "PrivSep user $SSH_PRIVSEP_USER already exists." 271 echo "PrivSep user $SSH_PRIVSEP_USER already exists."
271 else 272 else
272 # Use uid of 67 if possible 273 # Use uid of 67 if possible
273 if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDGID'\$' >/dev/null 274 if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDGID'\$' >/dev/null
274 then 275 then
@@ -276,10 +277,10 @@ else
276 else 277 else
277 sshduid="-u $SSHDUID" 278 sshduid="-u $SSHDUID"
278 fi 279 fi
279 echo "Creating PrivSep user $SSH_PRIVSEP_USER." 280 echo "Creating PrivSep user $SSH_PRIVSEP_USER."
280 \$chroot /usr/sbin/useradd -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER 281 \$chroot /usr/sbin/useradd -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER
281 \$chroot /usr/bin/passwd -l $SSH_PRIVSEP_USER 282 \$chroot /usr/bin/passwd -l $SSH_PRIVSEP_USER
282 fi 283 fi
283fi 284fi
284 285
285[ "\${POST_INS_START}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start 286[ "\${POST_INS_START}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start
@@ -358,18 +359,24 @@ cat >mk-proto.awk << _EOF
358 BEGIN { print "i pkginfo"; print "i preinstall"; \\ 359 BEGIN { print "i pkginfo"; print "i preinstall"; \\
359 print "i postinstall"; print "i preremove"; \\ 360 print "i postinstall"; print "i preremove"; \\
360 print "i request"; print "i space"; \\ 361 print "i request"; print "i space"; \\
361 split("$SYSTEM_DIR",sys_files); } 362 split("$SYSTEM_DIR",sys_files); }
362 { 363 {
363 for (dir in sys_files) { if ( \$3 != sys_files[dir] ) 364 for (dir in sys_files) { if ( \$3 != sys_files[dir] )
364 { \$5="root"; \$6="sys"; } 365 { \$5="root"; \$6="sys"; }
365 else 366 else
366 { \$4="?"; \$5="?"; \$6="?"; break;} 367 { \$4="?"; \$5="?"; \$6="?"; break;}
367 } } 368 } }
368 { print; } 369 { print; }
369_EOF 370_EOF
370find . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \ 371find . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \
371 pkgproto $PROTO_ARGS | nawk -f mk-proto.awk > prototype 372 pkgproto $PROTO_ARGS | nawk -f mk-proto.awk > prototype
372 373
374# /usr/local is a symlink on some systems
375[ "${USR_LOCAL_IS_SYMLINK}" = yes ] && {
376 grep -v "^d none /usr/local ? ? ?$" prototype > prototype.new
377 mv prototype.new prototype
378}
379
373## Step back a directory and now build the package. 380## Step back a directory and now build the package.
374echo "Building package.." 381echo "Building package.."
375cd .. 382cd ..
diff --git a/contrib/solaris/opensshd.in b/contrib/solaris/opensshd.in
index 48b6c5702..50e18deea 100755
--- a/contrib/solaris/opensshd.in
+++ b/contrib/solaris/opensshd.in
@@ -22,24 +22,24 @@ HOST_KEY_RSA=$etcdir/ssh_host_rsa_key
22 22
23checkkeys() { 23checkkeys() {
24 if [ ! -f $HOST_KEY_RSA1 ]; then 24 if [ ! -f $HOST_KEY_RSA1 ]; then
25 ${SSH_KEYGEN} -t rsa1 -f ${HOST_KEY_RSA1} -N "" 25 ${SSH_KEYGEN} -t rsa1 -f ${HOST_KEY_RSA1} -N ""
26 fi 26 fi
27 if [ ! -f $HOST_KEY_DSA ]; then 27 if [ ! -f $HOST_KEY_DSA ]; then
28 ${SSH_KEYGEN} -t dsa -f ${HOST_KEY_DSA} -N "" 28 ${SSH_KEYGEN} -t dsa -f ${HOST_KEY_DSA} -N ""
29 fi 29 fi
30 if [ ! -f $HOST_KEY_RSA ]; then 30 if [ ! -f $HOST_KEY_RSA ]; then
31 ${SSH_KEYGEN} -t rsa -f ${HOST_KEY_RSA} -N "" 31 ${SSH_KEYGEN} -t rsa -f ${HOST_KEY_RSA} -N ""
32 fi 32 fi
33} 33}
34 34
35stop_service() { 35stop_service() {
36 if [ -r $PIDFILE -a ! -z ${PIDFILE} ]; then 36 if [ -r $PIDFILE -a ! -z ${PIDFILE} ]; then
37 PID=`${CAT} ${PIDFILE}` 37 PID=`${CAT} ${PIDFILE}`
38 fi 38 fi
39 if [ ${PID:=0} -gt 1 -a ! "X$PID" = "X " ]; then 39 if [ ${PID:=0} -gt 1 -a ! "X$PID" = "X " ]; then
40 ${KILL} ${PID} 40 ${KILL} ${PID}
41 else 41 else
42 echo "Unable to read PID file" 42 echo "Unable to read PID file"
43 fi 43 fi
44} 44}
45 45
@@ -55,8 +55,8 @@ start_service() {
55 55
56 sshd_rc=$? 56 sshd_rc=$?
57 if [ $sshd_rc -ne 0 ]; then 57 if [ $sshd_rc -ne 0 ]; then
58 echo "$0: Error ${sshd_rc} starting ${SSHD}... bailing." 58 echo "$0: Error ${sshd_rc} starting ${SSHD}... bailing."
59 exit $sshd_rc 59 exit $sshd_rc
60 fi 60 fi
61 echo done. 61 echo done.
62} 62}
diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec
index ca7437bd6..7eb71adf4 100644
--- a/contrib/suse/openssh.spec
+++ b/contrib/suse/openssh.spec
@@ -1,6 +1,6 @@
1Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation 1Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation
2Name: openssh 2Name: openssh
3Version: 3.7p1 3Version: 3.8p1
4URL: http://www.openssh.com/ 4URL: http://www.openssh.com/
5Release: 1 5Release: 1
6Source0: openssh-%{version}.tar.gz 6Source0: openssh-%{version}.tar.gz
@@ -30,7 +30,7 @@ two untrusted hosts over an insecure network. X11 connections and
30arbitrary TCP/IP ports can also be forwarded over the secure channel. 30arbitrary TCP/IP ports can also be forwarded over the secure channel.
31 31
32OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it 32OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
33up to date in terms of security and features, as well as removing all 33up to date in terms of security and features, as well as removing all
34patented algorithms to seperate libraries (OpenSSL). 34patented algorithms to seperate libraries (OpenSSL).
35 35
36This package includes all files necessary for both the OpenSSH 36This package includes all files necessary for both the OpenSSH
@@ -100,8 +100,8 @@ make
100 100
101cd contrib 101cd contrib
102gcc -O -g `gnome-config --cflags gnome gnomeui` \ 102gcc -O -g `gnome-config --cflags gnome gnomeui` \
103 gnome-ssh-askpass.c -o gnome-ssh-askpass \ 103 gnome-ssh-askpass.c -o gnome-ssh-askpass \
104 `gnome-config --libs gnome gnomeui` 104 `gnome-config --libs gnome gnomeui`
105cd .. 105cd ..
106 106
107%install 107%install
@@ -140,34 +140,34 @@ else
140 echo " /var/adm/fillup-templates/rc.config.sshd" 140 echo " /var/adm/fillup-templates/rc.config.sshd"
141fi 141fi
142if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then 142if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
143 echo "Generating SSH host key..." 143 echo "Generating SSH host key..."
144 /usr/bin/ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N '' >&2 144 /usr/bin/ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N '' >&2
145fi 145fi
146if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then 146if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
147 echo "Generating SSH DSA host key..." 147 echo "Generating SSH DSA host key..."
148 /usr/bin/ssh-keygen -d -f /etc/ssh/ssh_host_dsa_key -N '' >&2 148 /usr/bin/ssh-keygen -d -f /etc/ssh/ssh_host_dsa_key -N '' >&2
149fi 149fi
150if test -r /var/run/sshd.pid 150if test -r /var/run/sshd.pid
151then 151then
152 echo "Restarting the running SSH daemon..." 152 echo "Restarting the running SSH daemon..."
153 /usr/sbin/rcsshd restart >&2 153 /usr/sbin/rcsshd restart >&2
154fi 154fi
155 155
156%preun 156%preun
157if [ "$1" = 0 ] 157if [ "$1" = 0 ]
158then 158then
159 echo "Stopping the SSH daemon..." 159 echo "Stopping the SSH daemon..."
160 /usr/sbin/rcsshd stop >&2 160 /usr/sbin/rcsshd stop >&2
161 echo "Removing SSH stop/start scripts from the rc directories..." 161 echo "Removing SSH stop/start scripts from the rc directories..."
162 rm /sbin/init.d/rc2.d/K20sshd 162 rm /sbin/init.d/rc2.d/K20sshd
163 rm /sbin/init.d/rc2.d/S20sshd 163 rm /sbin/init.d/rc2.d/S20sshd
164 rm /sbin/init.d/rc3.d/K20sshd 164 rm /sbin/init.d/rc3.d/K20sshd
165 rm /sbin/init.d/rc3.d/S20sshd 165 rm /sbin/init.d/rc3.d/S20sshd
166fi 166fi
167 167
168%files 168%files
169%defattr(-,root,root) 169%defattr(-,root,root)
170%doc ChangeLog OVERVIEW README* 170%doc ChangeLog OVERVIEW README*
171%doc RFC.nroff TODO CREDITS LICENCE 171%doc RFC.nroff TODO CREDITS LICENCE
172%attr(0755,root,root) %dir /etc/ssh 172%attr(0755,root,root) %dir /etc/ssh
173%attr(0644,root,root) %config /etc/ssh/ssh_config 173%attr(0644,root,root) %config /etc/ssh/ssh_config
diff --git a/debian/changelog b/debian/changelog
index fce34d72b..b05e92200 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,4 +1,4 @@
1openssh (1:3.7.1p2-1) UNRELEASED; urgency=low 1openssh (1:3.8p1-1) UNRELEASED; urgency=low
2 2
3 * New upstream release (closes: #232281): 3 * New upstream release (closes: #232281):
4 - New PAM implementation based on that in FreeBSD. This runs PAM session 4 - New PAM implementation based on that in FreeBSD. This runs PAM session
@@ -12,13 +12,11 @@ openssh (1:3.7.1p2-1) UNRELEASED; urgency=low
12 than this, to maintain the standard Debian sshd configuration. 12 than this, to maintain the standard Debian sshd configuration.
13 * Comment out PAMAuthenticationViaKbdInt and RhostsAuthentication in 13 * Comment out PAMAuthenticationViaKbdInt and RhostsAuthentication in
14 sshd_config on upgrade. Neither option is supported any more. 14 sshd_config on upgrade. Neither option is supported any more.
15 * ServerAliveInterval implemented upstream, so ProtocolKeepAlives is now a
16 compatibility alias. The semantics differ slightly, though; see
17 ssh_config(5) for details.
15 * Remove -fno-builtin-log, -DHAVE_MMAP_ANON_SHARED, and 18 * Remove -fno-builtin-log, -DHAVE_MMAP_ANON_SHARED, and
16 -D__FILE_OFFSET_BITS=64 compiler options, which are no longer necessary. 19 -D__FILE_OFFSET_BITS=64 compiler options, which are no longer necessary.
17 * Darren Tucker:
18 - Supply newlines in chauthtok PAM conversation function and in
19 accumulated PAM_TEXT_INFO and PAM_ERROR_MSG messages.
20 - Store output from pam_session and pam_setcred for display after login,
21 to fix problems with missing output from PAM session modules.
22 20
23 -- Colin Watson <cjwatson@debian.org> Tue, 23 Sep 2003 19:22:38 +0100 21 -- Colin Watson <cjwatson@debian.org> Tue, 23 Sep 2003 19:22:38 +0100
24 22
diff --git a/defines.h b/defines.h
index e662966fb..5e1cac7bc 100644
--- a/defines.h
+++ b/defines.h
@@ -25,7 +25,7 @@
25#ifndef _DEFINES_H 25#ifndef _DEFINES_H
26#define _DEFINES_H 26#define _DEFINES_H
27 27
28/* $Id: defines.h,v 1.103 2003/09/16 01:52:19 dtucker Exp $ */ 28/* $Id: defines.h,v 1.110 2004/02/10 02:01:14 dtucker Exp $ */
29 29
30 30
31/* Constants */ 31/* Constants */
@@ -84,7 +84,7 @@ enum
84# define S_ISDIR(mode) (((mode) & (_S_IFMT)) == (_S_IFDIR)) 84# define S_ISDIR(mode) (((mode) & (_S_IFMT)) == (_S_IFDIR))
85#endif /* S_ISDIR */ 85#endif /* S_ISDIR */
86 86
87#ifndef S_ISREG 87#ifndef S_ISREG
88# define S_ISREG(mode) (((mode) & (_S_IFMT)) == (_S_IFREG)) 88# define S_ISREG(mode) (((mode) & (_S_IFMT)) == (_S_IFREG))
89#endif /* S_ISREG */ 89#endif /* S_ISREG */
90 90
@@ -129,6 +129,10 @@ including rpc/rpc.h breaks Solaris 6
129#define INADDR_LOOPBACK ((u_long)0x7f000001) 129#define INADDR_LOOPBACK ((u_long)0x7f000001)
130#endif 130#endif
131 131
132#ifndef __unused
133#define __unused
134#endif
135
132/* Types */ 136/* Types */
133 137
134/* If sys/types.h does not supply intXX_t, supply them ourselves */ 138/* If sys/types.h does not supply intXX_t, supply them ourselves */
@@ -240,6 +244,7 @@ typedef unsigned char u_char;
240#ifndef HAVE_SIZE_T 244#ifndef HAVE_SIZE_T
241typedef unsigned int size_t; 245typedef unsigned int size_t;
242# define HAVE_SIZE_T 246# define HAVE_SIZE_T
247# define SIZE_T_MAX UINT_MAX
243#endif /* HAVE_SIZE_T */ 248#endif /* HAVE_SIZE_T */
244 249
245#ifndef HAVE_SSIZE_T 250#ifndef HAVE_SSIZE_T
@@ -529,6 +534,14 @@ struct winsize {
529# define krb5_get_err_text(context,code) error_message(code) 534# define krb5_get_err_text(context,code) error_message(code)
530#endif 535#endif
531 536
537/* Maximum number of file descriptors available */
538#ifdef HAVE_SYSCONF
539# define SSH_SYSFDMAX sysconf(_SC_OPEN_MAX)
540#else
541# define SSH_SYSFDMAX 10000
542#endif
543
544
532/* 545/*
533 * Define this to use pipes instead of socketpairs for communicating with the 546 * Define this to use pipes instead of socketpairs for communicating with the
534 * client program. Socketpairs do not seem to work on all systems. 547 * client program. Socketpairs do not seem to work on all systems.
@@ -572,6 +585,9 @@ struct winsize {
572# endif 585# endif
573#endif 586#endif
574 587
588#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW)
589# define USE_SHADOW
590#endif
575 591
576/* The login() library function in libutil is first choice */ 592/* The login() library function in libutil is first choice */
577#if defined(HAVE_LOGIN) && !defined(DISABLE_LOGIN) 593#if defined(HAVE_LOGIN) && !defined(DISABLE_LOGIN)
diff --git a/dh.c b/dh.c
index 996428b7f..c7a3e18be 100644
--- a/dh.c
+++ b/dh.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: dh.c,v 1.24 2003/04/08 20:21:28 itojun Exp $"); 26RCSID("$OpenBSD: dh.c,v 1.26 2003/12/16 15:51:54 markus Exp $");
27 27
28#include "xmalloc.h" 28#include "xmalloc.h"
29 29
@@ -198,7 +198,7 @@ dh_gen_key(DH *dh, int need)
198 198
199 if (dh->p == NULL) 199 if (dh->p == NULL)
200 fatal("dh_gen_key: dh->p == NULL"); 200 fatal("dh_gen_key: dh->p == NULL");
201 if (2*need >= BN_num_bits(dh->p)) 201 if (need > INT_MAX / 2 || 2 * need >= BN_num_bits(dh->p))
202 fatal("dh_gen_key: group too small: %d (2*need %d)", 202 fatal("dh_gen_key: group too small: %d (2*need %d)",
203 BN_num_bits(dh->p), 2*need); 203 BN_num_bits(dh->p), 2*need);
204 do { 204 do {
@@ -279,11 +279,9 @@ int
279dh_estimate(int bits) 279dh_estimate(int bits)
280{ 280{
281 281
282 if (bits < 64) 282 if (bits <= 128)
283 return (512); /* O(2**63) */
284 if (bits < 128)
285 return (1024); /* O(2**86) */ 283 return (1024); /* O(2**86) */
286 if (bits < 192) 284 if (bits <= 192)
287 return (2048); /* O(2**116) */ 285 return (2048); /* O(2**116) */
288 return (4096); /* O(2**156) */ 286 return (4096); /* O(2**156) */
289} 287}
diff --git a/dns.c b/dns.c
index 90ab5601a..ad634f1f7 100644
--- a/dns.c
+++ b/dns.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dns.c,v 1.6 2003/06/11 10:18:47 jakob Exp $ */ 1/* $OpenBSD: dns.c,v 1.9 2003/11/21 11:57:03 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2003 Wesley Griffin. All rights reserved. 4 * Copyright (c) 2003 Wesley Griffin. All rights reserved.
@@ -28,7 +28,6 @@
28 28
29#include "includes.h" 29#include "includes.h"
30 30
31#ifdef DNS
32#include <openssl/bn.h> 31#include <openssl/bn.h>
33#ifdef LWRES 32#ifdef LWRES
34#include <lwres/netdb.h> 33#include <lwres/netdb.h>
@@ -44,7 +43,7 @@
44#include "uuencode.h" 43#include "uuencode.h"
45 44
46extern char *__progname; 45extern char *__progname;
47RCSID("$OpenBSD: dns.c,v 1.6 2003/06/11 10:18:47 jakob Exp $"); 46RCSID("$OpenBSD: dns.c,v 1.9 2003/11/21 11:57:03 djm Exp $");
48 47
49#ifndef LWRES 48#ifndef LWRES
50static const char *errset_text[] = { 49static const char *errset_text[] = {
@@ -84,7 +83,7 @@ dns_result_totext(unsigned int error)
84 */ 83 */
85static int 84static int
86dns_read_key(u_int8_t *algorithm, u_int8_t *digest_type, 85dns_read_key(u_int8_t *algorithm, u_int8_t *digest_type,
87 u_char **digest, u_int *digest_len, Key *key) 86 u_char **digest, u_int *digest_len, const Key *key)
88{ 87{
89 int success = 0; 88 int success = 0;
90 89
@@ -146,16 +145,15 @@ dns_read_rdata(u_int8_t *algorithm, u_int8_t *digest_type,
146 145
147/* 146/*
148 * Verify the given hostname, address and host key using DNS. 147 * Verify the given hostname, address and host key using DNS.
149 * Returns 0 if key verifies or -1 if key does NOT verify 148 * Returns 0 if lookup succeeds, -1 otherwise
150 */ 149 */
151int 150int
152verify_host_key_dns(const char *hostname, struct sockaddr *address, 151verify_host_key_dns(const char *hostname, struct sockaddr *address,
153 Key *hostkey) 152 const Key *hostkey, int *flags)
154{ 153{
155 int counter; 154 int counter;
156 int result; 155 int result;
157 struct rrsetinfo *fingerprints = NULL; 156 struct rrsetinfo *fingerprints = NULL;
158 int failures = 0;
159 157
160 u_int8_t hostkey_algorithm; 158 u_int8_t hostkey_algorithm;
161 u_int8_t hostkey_digest_type; 159 u_int8_t hostkey_digest_type;
@@ -167,6 +165,7 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address,
167 u_char *dnskey_digest; 165 u_char *dnskey_digest;
168 u_int dnskey_digest_len; 166 u_int dnskey_digest_len;
169 167
168 *flags = 0;
170 169
171 debug3("verify_hostkey_dns"); 170 debug3("verify_hostkey_dns");
172 if (hostkey == NULL) 171 if (hostkey == NULL)
@@ -176,28 +175,29 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address,
176 DNS_RDATATYPE_SSHFP, 0, &fingerprints); 175 DNS_RDATATYPE_SSHFP, 0, &fingerprints);
177 if (result) { 176 if (result) {
178 verbose("DNS lookup error: %s", dns_result_totext(result)); 177 verbose("DNS lookup error: %s", dns_result_totext(result));
179 return DNS_VERIFY_ERROR; 178 return -1;
180 } 179 }
181 180
182#ifdef DNSSEC 181 if (fingerprints->rri_flags & RRSET_VALIDATED) {
183 /* Only accept validated answers */ 182 *flags |= DNS_VERIFY_SECURE;
184 if (!fingerprints->rri_flags & RRSET_VALIDATED) { 183 debug("found %d secure fingerprints in DNS",
185 error("Ignored unvalidated fingerprint from DNS."); 184 fingerprints->rri_nrdatas);
186 freerrset(fingerprints); 185 } else {
187 return DNS_VERIFY_ERROR; 186 debug("found %d insecure fingerprints in DNS",
187 fingerprints->rri_nrdatas);
188 } 188 }
189#endif
190
191 debug("found %d fingerprints in DNS", fingerprints->rri_nrdatas);
192 189
193 /* Initialize host key parameters */ 190 /* Initialize host key parameters */
194 if (!dns_read_key(&hostkey_algorithm, &hostkey_digest_type, 191 if (!dns_read_key(&hostkey_algorithm, &hostkey_digest_type,
195 &hostkey_digest, &hostkey_digest_len, hostkey)) { 192 &hostkey_digest, &hostkey_digest_len, hostkey)) {
196 error("Error calculating host key fingerprint."); 193 error("Error calculating host key fingerprint.");
197 freerrset(fingerprints); 194 freerrset(fingerprints);
198 return DNS_VERIFY_ERROR; 195 return -1;
199 } 196 }
200 197
198 if (fingerprints->rri_nrdatas)
199 *flags |= DNS_VERIFY_FOUND;
200
201 for (counter = 0 ; counter < fingerprints->rri_nrdatas ; counter++) { 201 for (counter = 0 ; counter < fingerprints->rri_nrdatas ; counter++) {
202 /* 202 /*
203 * Extract the key from the answer. Ignore any badly 203 * Extract the key from the answer. Ignore any badly
@@ -219,35 +219,22 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address,
219 memcmp(hostkey_digest, dnskey_digest, 219 memcmp(hostkey_digest, dnskey_digest,
220 hostkey_digest_len) == 0) { 220 hostkey_digest_len) == 0) {
221 221
222 /* Matching algoritm and digest. */ 222 *flags |= DNS_VERIFY_MATCH;
223 freerrset(fingerprints);
224 debug("matching host key fingerprint found in DNS");
225 return DNS_VERIFY_OK;
226 } else {
227 /* Correct algorithm but bad digest */
228 debug("verify_hostkey_dns: failed");
229 failures++;
230 } 223 }
231 } 224 }
232 } 225 }
233 226
234 freerrset(fingerprints); 227 freerrset(fingerprints);
235 228
236 if (failures) { 229 if (*flags & DNS_VERIFY_FOUND)
237 error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); 230 if (*flags & DNS_VERIFY_MATCH)
238 error("@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @"); 231 debug("matching host key fingerprint found in DNS");
239 error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); 232 else
240 error("IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!"); 233 debug("mismatching host key fingerprint found in DNS");
241 error("Someone could be eavesdropping on you right now (man-in-the-middle attack)!"); 234 else
242 error("It is also possible that the %s host key has just been changed.", 235 debug("no host key fingerprint found in DNS");
243 key_type(hostkey));
244 error("Please contact your system administrator.");
245 return DNS_VERIFY_FAILED;
246 }
247
248 debug("fingerprints found in DNS, but none of them matched");
249 236
250 return DNS_VERIFY_ERROR; 237 return 0;
251} 238}
252 239
253 240
@@ -255,7 +242,7 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address,
255 * Export the fingerprint of a key as a DNS resource record 242 * Export the fingerprint of a key as a DNS resource record
256 */ 243 */
257int 244int
258export_dns_rr(const char *hostname, Key *key, FILE *f, int generic) 245export_dns_rr(const char *hostname, const Key *key, FILE *f, int generic)
259{ 246{
260 u_int8_t rdata_pubkey_algorithm = 0; 247 u_int8_t rdata_pubkey_algorithm = 0;
261 u_int8_t rdata_digest_type = SSHFP_HASH_SHA1; 248 u_int8_t rdata_digest_type = SSHFP_HASH_SHA1;
@@ -286,5 +273,3 @@ export_dns_rr(const char *hostname, Key *key, FILE *f, int generic)
286 273
287 return success; 274 return success;
288} 275}
289
290#endif /* DNS */
diff --git a/dns.h b/dns.h
index ba0ea9fb4..c5da22ef6 100644
--- a/dns.h
+++ b/dns.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: dns.h,v 1.3 2003/05/14 22:56:51 jakob Exp $ */ 1/* $OpenBSD: dns.h,v 1.5 2003/11/12 16:39:58 jakob Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2003 Wesley Griffin. All rights reserved. 4 * Copyright (c) 2003 Wesley Griffin. All rights reserved.
@@ -28,7 +28,6 @@
28 28
29#include "includes.h" 29#include "includes.h"
30 30
31#ifdef DNS
32#ifndef DNS_H 31#ifndef DNS_H
33#define DNS_H 32#define DNS_H
34 33
@@ -46,12 +45,12 @@ enum sshfp_hashes {
46#define DNS_RDATACLASS_IN 1 45#define DNS_RDATACLASS_IN 1
47#define DNS_RDATATYPE_SSHFP 44 46#define DNS_RDATATYPE_SSHFP 44
48 47
49#define DNS_VERIFY_FAILED -1 48#define DNS_VERIFY_FOUND 0x00000001
50#define DNS_VERIFY_OK 0 49#define DNS_VERIFY_MATCH 0x00000002
51#define DNS_VERIFY_ERROR 1 50#define DNS_VERIFY_SECURE 0x00000004
52 51
53int verify_host_key_dns(const char *, struct sockaddr *, Key *); 52
54int export_dns_rr(const char *, Key *, FILE *, int); 53int verify_host_key_dns(const char *, struct sockaddr *, const Key *, int *);
54int export_dns_rr(const char *, const Key *, FILE *, int);
55 55
56#endif /* DNS_H */ 56#endif /* DNS_H */
57#endif /* DNS */
diff --git a/entropy.c b/entropy.c
index d7c7fdf6e..572e8cece 100644
--- a/entropy.c
+++ b/entropy.c
@@ -36,16 +36,16 @@
36 36
37/* 37/*
38 * Portable OpenSSH PRNG seeding: 38 * Portable OpenSSH PRNG seeding:
39 * If OpenSSL has not "internally seeded" itself (e.g. pulled data from 39 * If OpenSSL has not "internally seeded" itself (e.g. pulled data from
40 * /dev/random), then we execute a "ssh-rand-helper" program which 40 * /dev/random), then we execute a "ssh-rand-helper" program which
41 * collects entropy and writes it to stdout. The child program must 41 * collects entropy and writes it to stdout. The child program must
42 * write at least RANDOM_SEED_SIZE bytes. The child is run with stderr 42 * write at least RANDOM_SEED_SIZE bytes. The child is run with stderr
43 * attached, so error/debugging output should be visible. 43 * attached, so error/debugging output should be visible.
44 * 44 *
45 * XXX: we should tell the child how many bytes we need. 45 * XXX: we should tell the child how many bytes we need.
46 */ 46 */
47 47
48RCSID("$Id: entropy.c,v 1.46 2003/08/25 01:16:21 mouring Exp $"); 48RCSID("$Id: entropy.c,v 1.48 2003/11/21 12:56:47 djm Exp $");
49 49
50#ifndef OPENSSL_PRNG_ONLY 50#ifndef OPENSSL_PRNG_ONLY
51#define RANDOM_SEED_SIZE 48 51#define RANDOM_SEED_SIZE 48
@@ -86,16 +86,16 @@ seed_rng(void)
86 close(p[1]); 86 close(p[1]);
87 close(devnull); 87 close(devnull);
88 88
89 if (original_uid != original_euid && 89 if (original_uid != original_euid &&
90 ( seteuid(getuid()) == -1 || 90 ( seteuid(getuid()) == -1 ||
91 setuid(original_uid) == -1) ) { 91 setuid(original_uid) == -1) ) {
92 fprintf(stderr, "(rand child) setuid(%li): %s\n", 92 fprintf(stderr, "(rand child) setuid(%li): %s\n",
93 (long int)original_uid, strerror(errno)); 93 (long int)original_uid, strerror(errno));
94 _exit(1); 94 _exit(1);
95 } 95 }
96 96
97 execl(SSH_RAND_HELPER, "ssh-rand-helper", NULL); 97 execl(SSH_RAND_HELPER, "ssh-rand-helper", NULL);
98 fprintf(stderr, "(rand child) Couldn't exec '%s': %s\n", 98 fprintf(stderr, "(rand child) Couldn't exec '%s': %s\n",
99 SSH_RAND_HELPER, strerror(errno)); 99 SSH_RAND_HELPER, strerror(errno));
100 _exit(1); 100 _exit(1);
101 } 101 }
@@ -114,12 +114,12 @@ seed_rng(void)
114 close(p[0]); 114 close(p[0]);
115 115
116 if (waitpid(pid, &ret, 0) == -1) 116 if (waitpid(pid, &ret, 0) == -1)
117 fatal("Couldn't wait for ssh-rand-helper completion: %s", 117 fatal("Couldn't wait for ssh-rand-helper completion: %s",
118 strerror(errno)); 118 strerror(errno));
119 signal(SIGCHLD, old_sigchld); 119 signal(SIGCHLD, old_sigchld);
120 120
121 /* We don't mind if the child exits upon a SIGPIPE */ 121 /* We don't mind if the child exits upon a SIGPIPE */
122 if (!WIFEXITED(ret) && 122 if (!WIFEXITED(ret) &&
123 (!WIFSIGNALED(ret) || WTERMSIG(ret) != SIGPIPE)) 123 (!WIFSIGNALED(ret) || WTERMSIG(ret) != SIGPIPE))
124 fatal("ssh-rand-helper terminated abnormally"); 124 fatal("ssh-rand-helper terminated abnormally");
125 if (WEXITSTATUS(ret) != 0) 125 if (WEXITSTATUS(ret) != 0)
@@ -134,7 +134,7 @@ seed_rng(void)
134} 134}
135 135
136void 136void
137init_rng(void) 137init_rng(void)
138{ 138{
139#if defined (DISABLED_BY_DEBIAN) 139#if defined (DISABLED_BY_DEBIAN)
140 /* drow: Is this check still too strict for Debian? */ 140 /* drow: Is this check still too strict for Debian? */
diff --git a/fatal.c b/fatal.c
index 9e7d16000..ae1aaac6e 100644
--- a/fatal.c
+++ b/fatal.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: fatal.c,v 1.1 2002/02/22 12:20:34 markus Exp $"); 26RCSID("$OpenBSD: fatal.c,v 1.2 2003/09/23 20:17:11 markus Exp $");
27 27
28#include "log.h" 28#include "log.h"
29 29
@@ -36,5 +36,5 @@ fatal(const char *fmt,...)
36 va_start(args, fmt); 36 va_start(args, fmt);
37 do_log(SYSLOG_LEVEL_FATAL, fmt, args); 37 do_log(SYSLOG_LEVEL_FATAL, fmt, args);
38 va_end(args); 38 va_end(args);
39 fatal_cleanup(); 39 cleanup_exit(255);
40} 40}
diff --git a/fixprogs b/fixprogs
index 61840cf81..af76ee392 100755
--- a/fixprogs
+++ b/fixprogs
@@ -65,7 +65,7 @@ foreach (@infile) {
65 ($null, $null, $rate) = split(/,/, $ent[0]); 65 ($null, $null, $rate) = split(/,/, $ent[0]);
66 $est = $rate / $entscale; # scale the estimate back 66 $est = $rate / $entscale; # scale the estimate back
67 } 67 }
68 } 68 }
69 print OUT "\"$cmd\" $path $est\n"; 69 print OUT "\"$cmd\" $path $est\n";
70} 70}
71 71
diff --git a/groupaccess.c b/groupaccess.c
index fbf794fc8..f50879f83 100644
--- a/groupaccess.c
+++ b/groupaccess.c
@@ -31,7 +31,7 @@ RCSID("$OpenBSD: groupaccess.c,v 1.6 2003/04/08 20:21:28 itojun Exp $");
31#include "log.h" 31#include "log.h"
32 32
33static int ngroups; 33static int ngroups;
34static char *groups_byname[NGROUPS_MAX + 1]; /* +1 for base/primary group */ 34static char **groups_byname;
35 35
36/* 36/*
37 * Initialize group access list for user with primary (base) and 37 * Initialize group access list for user with primary (base) and
@@ -40,19 +40,27 @@ static char *groups_byname[NGROUPS_MAX + 1]; /* +1 for base/primary group */
40int 40int
41ga_init(const char *user, gid_t base) 41ga_init(const char *user, gid_t base)
42{ 42{
43 gid_t groups_bygid[NGROUPS_MAX + 1]; 43 gid_t *groups_bygid;
44 int i, j; 44 int i, j;
45 struct group *gr; 45 struct group *gr;
46 46
47 if (ngroups > 0) 47 if (ngroups > 0)
48 ga_free(); 48 ga_free();
49 49
50 ngroups = sizeof(groups_bygid) / sizeof(gid_t); 50 ngroups = NGROUPS_MAX;
51#if defined(HAVE_SYSCONF) && defined(_SC_NGROUPS_MAX)
52 ngroups = MAX(NGROUPS_MAX, sysconf(_SC_NGROUPS_MAX));
53#endif
54
55 groups_bygid = xmalloc(ngroups * sizeof(*groups_bygid));
56 groups_byname = xmalloc(ngroups * sizeof(*groups_byname));
57
51 if (getgrouplist(user, base, groups_bygid, &ngroups) == -1) 58 if (getgrouplist(user, base, groups_bygid, &ngroups) == -1)
52 logit("getgrouplist: groups list too small"); 59 logit("getgrouplist: groups list too small");
53 for (i = 0, j = 0; i < ngroups; i++) 60 for (i = 0, j = 0; i < ngroups; i++)
54 if ((gr = getgrgid(groups_bygid[i])) != NULL) 61 if ((gr = getgrgid(groups_bygid[i])) != NULL)
55 groups_byname[j++] = xstrdup(gr->gr_name); 62 groups_byname[j++] = xstrdup(gr->gr_name);
63 xfree(groups_bygid);
56 return (ngroups = j); 64 return (ngroups = j);
57} 65}
58 66
@@ -84,5 +92,6 @@ ga_free(void)
84 for (i = 0; i < ngroups; i++) 92 for (i = 0; i < ngroups; i++)
85 xfree(groups_byname[i]); 93 xfree(groups_byname[i]);
86 ngroups = 0; 94 ngroups = 0;
95 xfree(groups_byname);
87 } 96 }
88} 97}
diff --git a/gss-genr.c b/gss-genr.c
index bda12d6f1..3f5727b3e 100644
--- a/gss-genr.c
+++ b/gss-genr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: gss-genr.c,v 1.1 2003/08/22 10:56:09 markus Exp $ */ 1/* $OpenBSD: gss-genr.c,v 1.3 2003/11/21 11:57:03 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. 4 * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -33,9 +33,12 @@
33#include "compat.h" 33#include "compat.h"
34#include "log.h" 34#include "log.h"
35#include "monitor_wrap.h" 35#include "monitor_wrap.h"
36#include "ssh2.h"
36 37
37#include "ssh-gss.h" 38#include "ssh-gss.h"
38 39
40extern u_char *session_id2;
41extern u_int session_id2_len;
39 42
40/* Check that the OID in a data stream matches that in the context */ 43/* Check that the OID in a data stream matches that in the context */
41int 44int
@@ -245,6 +248,28 @@ ssh_gssapi_acquire_cred(Gssctxt *ctx)
245} 248}
246 249
247OM_uint32 250OM_uint32
251ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash)
252{
253 if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context,
254 GSS_C_QOP_DEFAULT, buffer, hash)))
255 ssh_gssapi_error(ctx);
256
257 return (ctx->major);
258}
259
260void
261ssh_gssapi_buildmic(Buffer *b, const char *user, const char *service,
262 const char *context)
263{
264 buffer_init(b);
265 buffer_put_string(b, session_id2, session_id2_len);
266 buffer_put_char(b, SSH2_MSG_USERAUTH_REQUEST);
267 buffer_put_cstring(b, user);
268 buffer_put_cstring(b, service);
269 buffer_put_cstring(b, context);
270}
271
272OM_uint32
248ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid) { 273ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid) {
249 if (*ctx) 274 if (*ctx)
250 ssh_gssapi_delete_ctx(ctx); 275 ssh_gssapi_delete_ctx(ctx);
diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c
index f48e09911..8ba3e7182 100644
--- a/gss-serv-krb5.c
+++ b/gss-serv-krb5.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: gss-serv-krb5.c,v 1.1 2003/08/22 10:56:09 markus Exp $ */ 1/* $OpenBSD: gss-serv-krb5.c,v 1.2 2003/11/21 11:57:03 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. 4 * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -39,16 +39,20 @@
39extern ServerOptions options; 39extern ServerOptions options;
40 40
41#ifdef HEIMDAL 41#ifdef HEIMDAL
42#include <krb5.h> 42# include <krb5.h>
43#else 43#else
44#include <gssapi_krb5.h> 44# ifdef HAVE_GSSAPI_KRB5
45# include <gssapi_krb5.h>
46# elif HAVE_GSSAPI_GSSAPI_KRB5
47# include <gssapi/gssapi_krb5.h>
48# endif
45#endif 49#endif
46 50
47static krb5_context krb_context = NULL; 51static krb5_context krb_context = NULL;
48 52
49/* Initialise the krb5 library, for the stuff that GSSAPI won't do */ 53/* Initialise the krb5 library, for the stuff that GSSAPI won't do */
50 54
51static int 55static int
52ssh_gssapi_krb5_init() 56ssh_gssapi_krb5_init()
53{ 57{
54 krb5_error_code problem; 58 krb5_error_code problem;
@@ -108,6 +112,7 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client)
108 krb5_error_code problem; 112 krb5_error_code problem;
109 krb5_principal princ; 113 krb5_principal princ;
110 OM_uint32 maj_status, min_status; 114 OM_uint32 maj_status, min_status;
115 int len;
111 116
112 if (client->creds == NULL) { 117 if (client->creds == NULL) {
113 debug("No credentials stored"); 118 debug("No credentials stored");
@@ -127,10 +132,10 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client)
127 { 132 {
128 int tmpfd; 133 int tmpfd;
129 char ccname[40]; 134 char ccname[40];
130 135
131 snprintf(ccname, sizeof(ccname), 136 snprintf(ccname, sizeof(ccname),
132 "FILE:/tmp/krb5cc_%d_XXXXXX", geteuid()); 137 "FILE:/tmp/krb5cc_%d_XXXXXX", geteuid());
133 138
134 if ((tmpfd = mkstemp(ccname + strlen("FILE:"))) == -1) { 139 if ((tmpfd = mkstemp(ccname + strlen("FILE:"))) == -1) {
135 logit("mkstemp(): %.100s", strerror(errno)); 140 logit("mkstemp(): %.100s", strerror(errno));
136 problem = errno; 141 problem = errno;
@@ -151,7 +156,7 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client)
151 } 156 }
152#endif /* #ifdef HEIMDAL */ 157#endif /* #ifdef HEIMDAL */
153 158
154 if ((problem = krb5_parse_name(krb_context, 159 if ((problem = krb5_parse_name(krb_context,
155 client->exportedname.value, &princ))) { 160 client->exportedname.value, &princ))) {
156 logit("krb5_parse_name(): %.100s", 161 logit("krb5_parse_name(): %.100s",
157 krb5_get_err_text(krb_context, problem)); 162 krb5_get_err_text(krb_context, problem));
@@ -169,7 +174,7 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client)
169 174
170 krb5_free_principal(krb_context, princ); 175 krb5_free_principal(krb_context, princ);
171 176
172 if ((maj_status = gss_krb5_copy_ccache(&min_status, 177 if ((maj_status = gss_krb5_copy_ccache(&min_status,
173 client->creds, ccache))) { 178 client->creds, ccache))) {
174 logit("gss_krb5_copy_ccache() failed"); 179 logit("gss_krb5_copy_ccache() failed");
175 krb5_cc_destroy(krb_context, ccache); 180 krb5_cc_destroy(krb_context, ccache);
@@ -178,11 +183,13 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client)
178 183
179 client->store.filename = xstrdup(krb5_cc_get_name(krb_context, ccache)); 184 client->store.filename = xstrdup(krb5_cc_get_name(krb_context, ccache));
180 client->store.envvar = "KRB5CCNAME"; 185 client->store.envvar = "KRB5CCNAME";
181 client->store.envval = xstrdup(client->store.filename); 186 len = strlen(client->store.filename) + 6;
187 client->store.envval = xmalloc(len);
188 snprintf(client->store.envval, len, "FILE:%s", client->store.filename);
182 189
183#ifdef USE_PAM 190#ifdef USE_PAM
184 if (options.use_pam) 191 if (options.use_pam)
185 do_pam_putenv(client->store.envvar,client->store.envval); 192 do_pam_putenv(client->store.envvar, client->store.envval);
186#endif 193#endif
187 194
188 krb5_cc_close(krb_context, ccache); 195 krb5_cc_close(krb_context, ccache);
diff --git a/gss-serv.c b/gss-serv.c
index 8fd1d63f0..de32a3f2e 100644
--- a/gss-serv.c
+++ b/gss-serv.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: gss-serv.c,v 1.3 2003/08/31 13:31:57 markus Exp $ */ 1/* $OpenBSD: gss-serv.c,v 1.5 2003/11/17 11:06:07 markus Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. 4 * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -232,9 +232,9 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client)
232 return (ctx->major); 232 return (ctx->major);
233} 233}
234 234
235/* As user - called through fatal cleanup hook */ 235/* As user - called on fatal/exit */
236void 236void
237ssh_gssapi_cleanup_creds(void *ignored) 237ssh_gssapi_cleanup_creds(void)
238{ 238{
239 if (gssapi_client.store.filename != NULL) { 239 if (gssapi_client.store.filename != NULL) {
240 /* Unlink probably isn't sufficient */ 240 /* Unlink probably isn't sufficient */
@@ -249,8 +249,6 @@ ssh_gssapi_storecreds(void)
249{ 249{
250 if (gssapi_client.mech && gssapi_client.mech->storecreds) { 250 if (gssapi_client.mech && gssapi_client.mech->storecreds) {
251 (*gssapi_client.mech->storecreds)(&gssapi_client); 251 (*gssapi_client.mech->storecreds)(&gssapi_client);
252 if (options.gss_cleanup_creds)
253 fatal_add_cleanup(ssh_gssapi_cleanup_creds, NULL);
254 } else 252 } else
255 debug("ssh_gssapi_storecreds: Not a GSSAPI mechanism"); 253 debug("ssh_gssapi_storecreds: Not a GSSAPI mechanism");
256} 254}
@@ -289,4 +287,14 @@ ssh_gssapi_userok(char *user)
289 return (0); 287 return (0);
290} 288}
291 289
290/* Priviledged */
291OM_uint32
292ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic)
293{
294 ctx->major = gss_verify_mic(&ctx->minor, ctx->context,
295 gssbuf, gssmic, NULL);
296
297 return (ctx->major);
298}
299
292#endif 300#endif
diff --git a/hostfile.c b/hostfile.c
index 42a8aa71d..88c054912 100644
--- a/hostfile.c
+++ b/hostfile.c
@@ -36,7 +36,7 @@
36 */ 36 */
37 37
38#include "includes.h" 38#include "includes.h"
39RCSID("$OpenBSD: hostfile.c,v 1.31 2003/04/08 20:21:28 itojun Exp $"); 39RCSID("$OpenBSD: hostfile.c,v 1.32 2003/11/10 16:23:41 jakob Exp $");
40 40
41#include "packet.h" 41#include "packet.h"
42#include "match.h" 42#include "match.h"
@@ -72,7 +72,7 @@ hostfile_read_key(char **cpp, u_int *bitsp, Key *ret)
72} 72}
73 73
74static int 74static int
75hostfile_check_key(int bits, Key *key, const char *host, const char *filename, int linenum) 75hostfile_check_key(int bits, const Key *key, const char *host, const char *filename, int linenum)
76{ 76{
77 if (key == NULL || key->type != KEY_RSA1 || key->rsa == NULL) 77 if (key == NULL || key->type != KEY_RSA1 || key->rsa == NULL)
78 return 1; 78 return 1;
@@ -98,7 +98,7 @@ hostfile_check_key(int bits, Key *key, const char *host, const char *filename, i
98 98
99static HostStatus 99static HostStatus
100check_host_in_hostfile_by_key_or_type(const char *filename, 100check_host_in_hostfile_by_key_or_type(const char *filename,
101 const char *host, Key *key, int keytype, Key *found, int *numret) 101 const char *host, const Key *key, int keytype, Key *found, int *numret)
102{ 102{
103 FILE *f; 103 FILE *f;
104 char line[8192]; 104 char line[8192];
@@ -188,7 +188,7 @@ check_host_in_hostfile_by_key_or_type(const char *filename,
188} 188}
189 189
190HostStatus 190HostStatus
191check_host_in_hostfile(const char *filename, const char *host, Key *key, 191check_host_in_hostfile(const char *filename, const char *host, const Key *key,
192 Key *found, int *numret) 192 Key *found, int *numret)
193{ 193{
194 if (key == NULL) 194 if (key == NULL)
@@ -211,7 +211,7 @@ lookup_key_in_hostfile_by_type(const char *filename, const char *host,
211 */ 211 */
212 212
213int 213int
214add_host_to_hostfile(const char *filename, const char *host, Key *key) 214add_host_to_hostfile(const char *filename, const char *host, const Key *key)
215{ 215{
216 FILE *f; 216 FILE *f;
217 int success = 0; 217 int success = 0;
diff --git a/hostfile.h b/hostfile.h
index e3d116581..efcddc9f9 100644
--- a/hostfile.h
+++ b/hostfile.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: hostfile.h,v 1.13 2002/11/21 23:03:51 deraadt Exp $ */ 1/* $OpenBSD: hostfile.h,v 1.14 2003/11/10 16:23:41 jakob Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -20,8 +20,8 @@ typedef enum {
20 20
21int hostfile_read_key(char **, u_int *, Key *); 21int hostfile_read_key(char **, u_int *, Key *);
22HostStatus check_host_in_hostfile(const char *, const char *, 22HostStatus check_host_in_hostfile(const char *, const char *,
23 Key *, Key *, int *); 23 const Key *, Key *, int *);
24int add_host_to_hostfile(const char *, const char *, Key *); 24int add_host_to_hostfile(const char *, const char *, const Key *);
25int lookup_key_in_hostfile_by_type(const char *, const char *, 25int lookup_key_in_hostfile_by_type(const char *, const char *,
26 int, Key *, int *); 26 int, Key *, int *);
27 27
diff --git a/includes.h b/includes.h
index 033cd91fa..ca943c7e6 100644
--- a/includes.h
+++ b/includes.h
@@ -134,6 +134,12 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg }
134#ifdef HAVE_SYS_STRTIO_H 134#ifdef HAVE_SYS_STRTIO_H
135#include <sys/strtio.h> /* for TIOCCBRK on HP-UX */ 135#include <sys/strtio.h> /* for TIOCCBRK on HP-UX */
136#endif 136#endif
137#if defined(HAVE_SYS_PTMS_H) && defined(HAVE_DEV_PTMX)
138# if defined(HAVE_SYS_STREAM_H)
139# include <sys/stream.h> /* reqd for queue_t on Solaris 2.5.1 */
140# endif
141#include <sys/ptms.h> /* for grantpt() and friends */
142#endif
137 143
138#include <netinet/in_systm.h> /* For typedefs */ 144#include <netinet/in_systm.h> /* For typedefs */
139#include <netinet/in.h> /* For IPv6 macros */ 145#include <netinet/in.h> /* For IPv6 macros */
@@ -147,7 +153,11 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg }
147# include <rpc/types.h> /* For INADDR_LOOPBACK */ 153# include <rpc/types.h> /* For INADDR_LOOPBACK */
148#endif 154#endif
149#ifdef USE_PAM 155#ifdef USE_PAM
156#if defined(HAVE_SECURITY_PAM_APPL_H)
150# include <security/pam_appl.h> 157# include <security/pam_appl.h>
158#elif defined (HAVE_PAM_PAM_APPL_H)
159# include <pam/pam_appl.h>
160#endif
151#endif 161#endif
152#ifdef HAVE_READPASSPHRASE_H 162#ifdef HAVE_READPASSPHRASE_H
153# include <readpassphrase.h> 163# include <readpassphrase.h>
@@ -165,6 +175,11 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg }
165# include <libutil.h> /* Openpty on FreeBSD at least */ 175# include <libutil.h> /* Openpty on FreeBSD at least */
166#endif 176#endif
167 177
178#if defined(KRB5) && defined(USE_AFS)
179# include <krb5.h>
180# include <kafs.h>
181#endif
182
168#include <openssl/opensslv.h> /* For OPENSSL_VERSION_NUMBER */ 183#include <openssl/opensslv.h> /* For OPENSSL_VERSION_NUMBER */
169 184
170#include "defines.h" 185#include "defines.h"
diff --git a/install-sh b/install-sh
index e9de23842..220abbf61 100755
--- a/install-sh
+++ b/install-sh
@@ -125,7 +125,7 @@ if [ x"$dir_arg" != x ]; then
125else 125else
126 126
127# Waiting for this to be detected by the "$instcmd $src $dsttmp" command 127# Waiting for this to be detected by the "$instcmd $src $dsttmp" command
128# might cause directories to be created, which would be especially bad 128# might cause directories to be created, which would be especially bad
129# if $src (and thus $dsttmp) contains '*'. 129# if $src (and thus $dsttmp) contains '*'.
130 130
131 if [ -f $src -o -d $src ] 131 if [ -f $src -o -d $src ]
@@ -180,7 +180,7 @@ while [ $# -ne 0 ] ; do
180 shift 180 shift
181 181
182 if [ ! -d "${pathcomp}" ] ; 182 if [ ! -d "${pathcomp}" ] ;
183 then 183 then
184 $mkdirprog "${pathcomp}" 184 $mkdirprog "${pathcomp}"
185 else 185 else
186 true 186 true
@@ -202,17 +202,17 @@ else
202 202
203# If we're going to rename the final executable, determine the name now. 203# If we're going to rename the final executable, determine the name now.
204 204
205 if [ x"$transformarg" = x ] 205 if [ x"$transformarg" = x ]
206 then 206 then
207 dstfile=`basename $dst` 207 dstfile=`basename $dst`
208 else 208 else
209 dstfile=`basename $dst $transformbasename | 209 dstfile=`basename $dst $transformbasename |
210 sed $transformarg`$transformbasename 210 sed $transformarg`$transformbasename
211 fi 211 fi
212 212
213# don't allow the sed command to completely eliminate the filename 213# don't allow the sed command to completely eliminate the filename
214 214
215 if [ x"$dstfile" = x ] 215 if [ x"$dstfile" = x ]
216 then 216 then
217 dstfile=`basename $dst` 217 dstfile=`basename $dst`
218 else 218 else
@@ -243,7 +243,7 @@ else
243# Now rename the file to the real destination. 243# Now rename the file to the real destination.
244 244
245 $doit $rmcmd -f $dstdir/$dstfile && 245 $doit $rmcmd -f $dstdir/$dstfile &&
246 $doit $mvcmd $dsttmp $dstdir/$dstfile 246 $doit $mvcmd $dsttmp $dstdir/$dstfile
247 247
248fi && 248fi &&
249 249
diff --git a/kex.c b/kex.c
index b070ccf42..5a952c9c2 100644
--- a/kex.c
+++ b/kex.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: kex.c,v 1.55 2003/04/01 10:31:26 markus Exp $"); 26RCSID("$OpenBSD: kex.c,v 1.56 2003/11/21 11:57:03 djm Exp $");
27 27
28#include <openssl/crypto.h> 28#include <openssl/crypto.h>
29 29
@@ -310,7 +310,7 @@ choose_hostkeyalg(Kex *k, char *client, char *server)
310 xfree(hostkeyalg); 310 xfree(hostkeyalg);
311} 311}
312 312
313static int 313static int
314proposals_match(char *my[PROPOSAL_MAX], char *peer[PROPOSAL_MAX]) 314proposals_match(char *my[PROPOSAL_MAX], char *peer[PROPOSAL_MAX])
315{ 315{
316 static int check[] = { 316 static int check[] = {
@@ -392,7 +392,7 @@ kex_choose_conf(Kex *kex)
392 kex->we_need = need; 392 kex->we_need = need;
393 393
394 /* ignore the next message if the proposals do not match */ 394 /* ignore the next message if the proposals do not match */
395 if (first_kex_follows && !proposals_match(my, peer) && 395 if (first_kex_follows && !proposals_match(my, peer) &&
396 !(datafellows & SSH_BUG_FIRSTKEX)) { 396 !(datafellows & SSH_BUG_FIRSTKEX)) {
397 type = packet_read(); 397 type = packet_read();
398 debug2("skipping next packet (type %u)", type); 398 debug2("skipping next packet (type %u)", type);
diff --git a/kexgexc.c b/kexgexc.c
index f14ac44ca..0193183b9 100644
--- a/kexgexc.c
+++ b/kexgexc.c
@@ -24,7 +24,7 @@
24 */ 24 */
25 25
26#include "includes.h" 26#include "includes.h"
27RCSID("$OpenBSD: kexgexc.c,v 1.1 2003/02/16 17:09:57 markus Exp $"); 27RCSID("$OpenBSD: kexgexc.c,v 1.2 2003/12/08 11:00:47 markus Exp $");
28 28
29#include "xmalloc.h" 29#include "xmalloc.h"
30#include "key.h" 30#include "key.h"
@@ -49,16 +49,14 @@ kexgex_client(Kex *kex)
49 nbits = dh_estimate(kex->we_need * 8); 49 nbits = dh_estimate(kex->we_need * 8);
50 50
51 if (datafellows & SSH_OLD_DHGEX) { 51 if (datafellows & SSH_OLD_DHGEX) {
52 debug("SSH2_MSG_KEX_DH_GEX_REQUEST_OLD sent");
53
54 /* Old GEX request */ 52 /* Old GEX request */
55 packet_start(SSH2_MSG_KEX_DH_GEX_REQUEST_OLD); 53 packet_start(SSH2_MSG_KEX_DH_GEX_REQUEST_OLD);
56 packet_put_int(nbits); 54 packet_put_int(nbits);
57 min = DH_GRP_MIN; 55 min = DH_GRP_MIN;
58 max = DH_GRP_MAX; 56 max = DH_GRP_MAX;
59 } else {
60 debug("SSH2_MSG_KEX_DH_GEX_REQUEST sent");
61 57
58 debug("SSH2_MSG_KEX_DH_GEX_REQUEST_OLD(%u) sent", nbits);
59 } else {
62 /* New GEX request */ 60 /* New GEX request */
63 min = DH_GRP_MIN; 61 min = DH_GRP_MIN;
64 max = DH_GRP_MAX; 62 max = DH_GRP_MAX;
@@ -66,6 +64,9 @@ kexgex_client(Kex *kex)
66 packet_put_int(min); 64 packet_put_int(min);
67 packet_put_int(nbits); 65 packet_put_int(nbits);
68 packet_put_int(max); 66 packet_put_int(max);
67
68 debug("SSH2_MSG_KEX_DH_GEX_REQUEST(%u<%u<%u) sent",
69 min, nbits, max);
69 } 70 }
70#ifdef DEBUG_KEXDH 71#ifdef DEBUG_KEXDH
71 fprintf(stderr, "\nmin = %d, nbits = %d, max = %d\n", 72 fprintf(stderr, "\nmin = %d, nbits = %d, max = %d\n",
diff --git a/key.c b/key.c
index 54318cbbf..323e6ff84 100644
--- a/key.c
+++ b/key.c
@@ -32,7 +32,7 @@
32 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
33 */ 33 */
34#include "includes.h" 34#include "includes.h"
35RCSID("$OpenBSD: key.c,v 1.54 2003/07/09 13:58:19 avsm Exp $"); 35RCSID("$OpenBSD: key.c,v 1.55 2003/11/10 16:23:41 jakob Exp $");
36 36
37#include <openssl/evp.h> 37#include <openssl/evp.h>
38 38
@@ -143,8 +143,9 @@ key_free(Key *k)
143 } 143 }
144 xfree(k); 144 xfree(k);
145} 145}
146
146int 147int
147key_equal(Key *a, Key *b) 148key_equal(const Key *a, const Key *b)
148{ 149{
149 if (a == NULL || b == NULL || a->type != b->type) 150 if (a == NULL || b == NULL || a->type != b->type)
150 return 0; 151 return 0;
@@ -170,7 +171,8 @@ key_equal(Key *a, Key *b)
170} 171}
171 172
172u_char* 173u_char*
173key_fingerprint_raw(Key *k, enum fp_type dgst_type, u_int *dgst_raw_length) 174key_fingerprint_raw(const Key *k, enum fp_type dgst_type,
175 u_int *dgst_raw_length)
174{ 176{
175 const EVP_MD *md = NULL; 177 const EVP_MD *md = NULL;
176 EVP_MD_CTX ctx; 178 EVP_MD_CTX ctx;
@@ -292,7 +294,7 @@ key_fingerprint_bubblebabble(u_char *dgst_raw, u_int dgst_raw_len)
292} 294}
293 295
294char * 296char *
295key_fingerprint(Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep) 297key_fingerprint(const Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep)
296{ 298{
297 char *retval = NULL; 299 char *retval = NULL;
298 u_char *dgst_raw; 300 u_char *dgst_raw;
@@ -490,7 +492,7 @@ key_read(Key *ret, char **cpp)
490} 492}
491 493
492int 494int
493key_write(Key *key, FILE *f) 495key_write(const Key *key, FILE *f)
494{ 496{
495 int n, success = 0; 497 int n, success = 0;
496 u_int len, bits = 0; 498 u_int len, bits = 0;
@@ -522,8 +524,8 @@ key_write(Key *key, FILE *f)
522 return success; 524 return success;
523} 525}
524 526
525char * 527const char *
526key_type(Key *k) 528key_type(const Key *k)
527{ 529{
528 switch (k->type) { 530 switch (k->type) {
529 case KEY_RSA1: 531 case KEY_RSA1:
@@ -539,8 +541,8 @@ key_type(Key *k)
539 return "unknown"; 541 return "unknown";
540} 542}
541 543
542char * 544const char *
543key_ssh_name(Key *k) 545key_ssh_name(const Key *k)
544{ 546{
545 switch (k->type) { 547 switch (k->type) {
546 case KEY_RSA: 548 case KEY_RSA:
@@ -554,7 +556,7 @@ key_ssh_name(Key *k)
554} 556}
555 557
556u_int 558u_int
557key_size(Key *k) 559key_size(const Key *k)
558{ 560{
559 switch (k->type) { 561 switch (k->type) {
560 case KEY_RSA1: 562 case KEY_RSA1:
@@ -611,7 +613,7 @@ key_generate(int type, u_int bits)
611} 613}
612 614
613Key * 615Key *
614key_from_private(Key *k) 616key_from_private(const Key *k)
615{ 617{
616 Key *n = NULL; 618 Key *n = NULL;
617 switch (k->type) { 619 switch (k->type) {
@@ -676,7 +678,7 @@ key_names_valid2(const char *names)
676} 678}
677 679
678Key * 680Key *
679key_from_blob(u_char *blob, u_int blen) 681key_from_blob(const u_char *blob, u_int blen)
680{ 682{
681 Buffer b; 683 Buffer b;
682 char *ktype; 684 char *ktype;
@@ -726,7 +728,7 @@ key_from_blob(u_char *blob, u_int blen)
726} 728}
727 729
728int 730int
729key_to_blob(Key *key, u_char **blobp, u_int *lenp) 731key_to_blob(const Key *key, u_char **blobp, u_int *lenp)
730{ 732{
731 Buffer b; 733 Buffer b;
732 int len; 734 int len;
@@ -768,9 +770,9 @@ key_to_blob(Key *key, u_char **blobp, u_int *lenp)
768 770
769int 771int
770key_sign( 772key_sign(
771 Key *key, 773 const Key *key,
772 u_char **sigp, u_int *lenp, 774 u_char **sigp, u_int *lenp,
773 u_char *data, u_int datalen) 775 const u_char *data, u_int datalen)
774{ 776{
775 switch (key->type) { 777 switch (key->type) {
776 case KEY_DSA: 778 case KEY_DSA:
@@ -792,9 +794,9 @@ key_sign(
792 */ 794 */
793int 795int
794key_verify( 796key_verify(
795 Key *key, 797 const Key *key,
796 u_char *signature, u_int signaturelen, 798 const u_char *signature, u_int signaturelen,
797 u_char *data, u_int datalen) 799 const u_char *data, u_int datalen)
798{ 800{
799 if (signaturelen == 0) 801 if (signaturelen == 0)
800 return -1; 802 return -1;
@@ -815,7 +817,7 @@ key_verify(
815 817
816/* Converts a private to a public key */ 818/* Converts a private to a public key */
817Key * 819Key *
818key_demote(Key *k) 820key_demote(const Key *k)
819{ 821{
820 Key *pk; 822 Key *pk;
821 823
diff --git a/key.h b/key.h
index 28753fdfa..50df8500b 100644
--- a/key.h
+++ b/key.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: key.h,v 1.22 2003/06/24 08:23:46 markus Exp $ */ 1/* $OpenBSD: key.h,v 1.23 2003/11/10 16:23:41 jakob Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@@ -55,33 +55,33 @@ struct Key {
55 DSA *dsa; 55 DSA *dsa;
56}; 56};
57 57
58Key *key_new(int); 58Key *key_new(int);
59Key *key_new_private(int); 59Key *key_new_private(int);
60void key_free(Key *); 60void key_free(Key *);
61Key *key_demote(Key *); 61Key *key_demote(const Key *);
62int key_equal(Key *, Key *); 62int key_equal(const Key *, const Key *);
63char *key_fingerprint(Key *, enum fp_type, enum fp_rep); 63char *key_fingerprint(const Key *, enum fp_type, enum fp_rep);
64u_char *key_fingerprint_raw(Key *, enum fp_type, u_int *); 64u_char *key_fingerprint_raw(const Key *, enum fp_type, u_int *);
65char *key_type(Key *); 65const char *key_type(const Key *);
66int key_write(Key *, FILE *); 66int key_write(const Key *, FILE *);
67int key_read(Key *, char **); 67int key_read(Key *, char **);
68u_int key_size(Key *); 68u_int key_size(const Key *);
69 69
70Key *key_generate(int, u_int); 70Key *key_generate(int, u_int);
71Key *key_from_private(Key *); 71Key *key_from_private(const Key *);
72int key_type_from_name(char *); 72int key_type_from_name(char *);
73 73
74Key *key_from_blob(u_char *, u_int); 74Key *key_from_blob(const u_char *, u_int);
75int key_to_blob(Key *, u_char **, u_int *); 75int key_to_blob(const Key *, u_char **, u_int *);
76char *key_ssh_name(Key *); 76const char *key_ssh_name(const Key *);
77int key_names_valid2(const char *); 77int key_names_valid2(const char *);
78 78
79int key_sign(Key *, u_char **, u_int *, u_char *, u_int); 79int key_sign(const Key *, u_char **, u_int *, const u_char *, u_int);
80int key_verify(Key *, u_char *, u_int, u_char *, u_int); 80int key_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
81 81
82int ssh_dss_sign(Key *, u_char **, u_int *, u_char *, u_int); 82int ssh_dss_sign(const Key *, u_char **, u_int *, const u_char *, u_int);
83int ssh_dss_verify(Key *, u_char *, u_int, u_char *, u_int); 83int ssh_dss_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
84int ssh_rsa_sign(Key *, u_char **, u_int *, u_char *, u_int); 84int ssh_rsa_sign(const Key *, u_char **, u_int *, const u_char *, u_int);
85int ssh_rsa_verify(Key *, u_char *, u_int, u_char *, u_int); 85int ssh_rsa_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
86 86
87#endif 87#endif
diff --git a/log.c b/log.c
index 45affca13..dd9e9b802 100644
--- a/log.c
+++ b/log.c
@@ -34,7 +34,7 @@
34 */ 34 */
35 35
36#include "includes.h" 36#include "includes.h"
37RCSID("$OpenBSD: log.c,v 1.28 2003/05/24 09:02:22 djm Exp $"); 37RCSID("$OpenBSD: log.c,v 1.29 2003/09/23 20:17:11 markus Exp $");
38 38
39#include "log.h" 39#include "log.h"
40#include "xmalloc.h" 40#include "xmalloc.h"
@@ -184,83 +184,6 @@ debug3(const char *fmt,...)
184 va_end(args); 184 va_end(args);
185} 185}
186 186
187/* Fatal cleanup */
188
189struct fatal_cleanup {
190 struct fatal_cleanup *next;
191 void (*proc) (void *);
192 void *context;
193};
194
195static struct fatal_cleanup *fatal_cleanups = NULL;
196
197/* Registers a cleanup function to be called by fatal() before exiting. */
198
199void
200fatal_add_cleanup(void (*proc) (void *), void *context)
201{
202 struct fatal_cleanup *cu;
203
204 cu = xmalloc(sizeof(*cu));
205 cu->proc = proc;
206 cu->context = context;
207 cu->next = fatal_cleanups;
208 fatal_cleanups = cu;
209}
210
211/* Removes a cleanup frunction to be called at fatal(). */
212
213void
214fatal_remove_cleanup(void (*proc) (void *context), void *context)
215{
216 struct fatal_cleanup **cup, *cu;
217
218 for (cup = &fatal_cleanups; *cup; cup = &cu->next) {
219 cu = *cup;
220 if (cu->proc == proc && cu->context == context) {
221 *cup = cu->next;
222 xfree(cu);
223 return;
224 }
225 }
226 fatal("fatal_remove_cleanup: no such cleanup function: 0x%lx 0x%lx",
227 (u_long) proc, (u_long) context);
228}
229
230/* Remove all cleanups, to be called after fork() */
231void
232fatal_remove_all_cleanups(void)
233{
234 struct fatal_cleanup *cu, *next_cu;
235
236 for (cu = fatal_cleanups; cu; cu = next_cu) {
237 next_cu = cu->next;
238 xfree(cu);
239 }
240 fatal_cleanups = NULL;
241}
242
243/* Cleanup and exit */
244void
245fatal_cleanup(void)
246{
247 struct fatal_cleanup *cu, *next_cu;
248 static int called = 0;
249
250 if (called)
251 exit(255);
252 called = 1;
253 /* Call cleanup functions. */
254 for (cu = fatal_cleanups; cu; cu = next_cu) {
255 next_cu = cu->next;
256 debug("Calling cleanup 0x%lx(0x%lx)",
257 (u_long) cu->proc, (u_long) cu->context);
258 (*cu->proc) (cu->context);
259 }
260 exit(255);
261}
262
263
264/* 187/*
265 * Initialize the log. 188 * Initialize the log.
266 */ 189 */
@@ -344,7 +267,7 @@ log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr)
344void 267void
345do_log(LogLevel level, const char *fmt, va_list args) 268do_log(LogLevel level, const char *fmt, va_list args)
346{ 269{
347#ifdef OPENLOG_R 270#if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT)
348 struct syslog_data sdata = SYSLOG_DATA_INIT; 271 struct syslog_data sdata = SYSLOG_DATA_INIT;
349#endif 272#endif
350 char msgbuf[MSGBUFSIZ]; 273 char msgbuf[MSGBUFSIZ];
@@ -400,7 +323,7 @@ do_log(LogLevel level, const char *fmt, va_list args)
400 snprintf(msgbuf, sizeof msgbuf, "%s\r\n", fmtbuf); 323 snprintf(msgbuf, sizeof msgbuf, "%s\r\n", fmtbuf);
401 write(STDERR_FILENO, msgbuf, strlen(msgbuf)); 324 write(STDERR_FILENO, msgbuf, strlen(msgbuf));
402 } else { 325 } else {
403#ifdef OPENLOG_R 326#if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT)
404 openlog_r(argv0 ? argv0 : __progname, LOG_PID, log_facility, &sdata); 327 openlog_r(argv0 ? argv0 : __progname, LOG_PID, log_facility, &sdata);
405 syslog_r(pri, &sdata, "%.500s", fmtbuf); 328 syslog_r(pri, &sdata, "%.500s", fmtbuf);
406 closelog_r(&sdata); 329 closelog_r(&sdata);
diff --git a/log.h b/log.h
index 5c0402b52..14700be9c 100644
--- a/log.h
+++ b/log.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: log.h,v 1.9 2003/04/08 20:21:28 itojun Exp $ */ 1/* $OpenBSD: log.h,v 1.10 2003/09/23 20:17:11 markus Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -62,11 +62,6 @@ void debug(const char *, ...) __attribute__((format(printf, 1, 2)));
62void debug2(const char *, ...) __attribute__((format(printf, 1, 2))); 62void debug2(const char *, ...) __attribute__((format(printf, 1, 2)));
63void debug3(const char *, ...) __attribute__((format(printf, 1, 2))); 63void debug3(const char *, ...) __attribute__((format(printf, 1, 2)));
64 64
65void fatal_cleanup(void);
66void fatal_add_cleanup(void (*) (void *), void *);
67void fatal_remove_cleanup(void (*) (void *), void *);
68void fatal_remove_all_cleanups(void);
69
70void do_log(LogLevel, const char *, va_list); 65void do_log(LogLevel, const char *, va_list);
71 66void cleanup_exit(int);
72#endif 67#endif
diff --git a/loginrec.c b/loginrec.c
index bdac3e959..71dbaea15 100644
--- a/loginrec.c
+++ b/loginrec.c
@@ -158,7 +158,7 @@
158#include "log.h" 158#include "log.h"
159#include "atomicio.h" 159#include "atomicio.h"
160 160
161RCSID("$Id: loginrec.c,v 1.52 2003/07/06 05:20:46 dtucker Exp $"); 161RCSID("$Id: loginrec.c,v 1.54 2004/02/10 05:49:35 dtucker Exp $");
162 162
163#ifdef HAVE_UTIL_H 163#ifdef HAVE_UTIL_H
164# include <util.h> 164# include <util.h>
@@ -442,7 +442,7 @@ login_write (struct logininfo *li)
442int 442int
443login_utmp_only(struct logininfo *li) 443login_utmp_only(struct logininfo *li)
444{ 444{
445 li->type = LTYPE_LOGIN; 445 li->type = LTYPE_LOGIN;
446 login_set_current_time(li); 446 login_set_current_time(li);
447# ifdef USE_UTMP 447# ifdef USE_UTMP
448 utmp_write_entry(li); 448 utmp_write_entry(li);
@@ -1183,6 +1183,7 @@ wtmp_get_entry(struct logininfo *li)
1183static int 1183static int
1184wtmpx_write(struct logininfo *li, struct utmpx *utx) 1184wtmpx_write(struct logininfo *li, struct utmpx *utx)
1185{ 1185{
1186#ifndef HAVE_UPDWTMPX
1186 struct stat buf; 1187 struct stat buf;
1187 int fd, ret = 1; 1188 int fd, ret = 1;
1188 1189
@@ -1202,6 +1203,10 @@ wtmpx_write(struct logininfo *li, struct utmpx *utx)
1202 (void)close(fd); 1203 (void)close(fd);
1203 1204
1204 return ret; 1205 return ret;
1206#else
1207 updwtmpx(WTMPX_FILE, utx);
1208 return 1;
1209#endif
1205} 1210}
1206 1211
1207 1212
@@ -1534,7 +1539,7 @@ lastlog_get_entry(struct logininfo *li)
1534 lastlog_populate_entry(li, &last); 1539 lastlog_populate_entry(li, &last);
1535 return (1); 1540 return (1);
1536 case -1: 1541 case -1:
1537 error("%s: Error reading from %s: %s", __func__, 1542 error("%s: Error reading from %s: %s", __func__,
1538 LASTLOG_FILE, strerror(errno)); 1543 LASTLOG_FILE, strerror(errno));
1539 return (0); 1544 return (0);
1540 default: 1545 default:
diff --git a/mac.c b/mac.c
index ab9a03d84..097f0b93b 100644
--- a/mac.c
+++ b/mac.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: mac.c,v 1.5 2002/05/16 22:02:50 markus Exp $"); 26RCSID("$OpenBSD: mac.c,v 1.6 2003/09/18 13:02:21 miod Exp $");
27 27
28#include <openssl/hmac.h> 28#include <openssl/hmac.h>
29 29
@@ -77,7 +77,7 @@ mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen)
77 77
78 if (mac->key == NULL) 78 if (mac->key == NULL)
79 fatal("mac_compute: no key"); 79 fatal("mac_compute: no key");
80 if (mac->mac_len > sizeof(m)) 80 if ((u_int)mac->mac_len > sizeof(m))
81 fatal("mac_compute: mac too long"); 81 fatal("mac_compute: mac too long");
82 HMAC_Init(&c, mac->key, mac->key_len, mac->md); 82 HMAC_Init(&c, mac->key, mac->key_len, mac->md);
83 PUT_32BIT(b, seqno); 83 PUT_32BIT(b, seqno);
diff --git a/md5crypt.c b/md5crypt.c
index e14d53ac1..8f2523e62 100644
--- a/md5crypt.c
+++ b/md5crypt.c
@@ -1,9 +1,9 @@
1/* 1/*
2 * ---------------------------------------------------------------------------- 2 * ----------------------------------------------------------------------------
3 * "THE BEER-WARE LICENSE" (Revision 42): 3 * "THE BEER-WARE LICENSE" (Revision 42):
4 * <phk@login.dknet.dk> wrote this file. As long as you retain this 4 * <phk@login.dknet.dk> wrote this file. As long as you retain this
5 * notice you can do whatever you want with this stuff. If we meet some 5 * notice you can do whatever you want with this stuff. If we meet some
6 * day, and you think this stuff is worth it, you can buy me a beer in 6 * day, and you think this stuff is worth it, you can buy me a beer in
7 * return. Poul-Henning Kamp 7 * return. Poul-Henning Kamp
8 * ---------------------------------------------------------------------------- 8 * ----------------------------------------------------------------------------
9 */ 9 */
@@ -13,7 +13,7 @@
13#if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) 13#if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT)
14#include <openssl/md5.h> 14#include <openssl/md5.h>
15 15
16RCSID("$Id: md5crypt.c,v 1.7 2003/05/30 06:58:23 dtucker Exp $"); 16RCSID("$Id: md5crypt.c,v 1.9 2003/11/21 12:56:47 djm Exp $");
17 17
18/* 0 ... 63 => ascii - 64 */ 18/* 0 ... 63 => ascii - 64 */
19static unsigned char itoa64[] = 19static unsigned char itoa64[] =
@@ -35,7 +35,7 @@ to64(unsigned long v, int n)
35 *s++ = itoa64[v&0x3f]; 35 *s++ = itoa64[v&0x3f];
36 v >>= 6; 36 v >>= 6;
37 } 37 }
38 38
39 return (buf); 39 return (buf);
40} 40}
41 41
diff --git a/mdoc2man.awk b/mdoc2man.awk
index 856e2d7c5..9135af07e 100644
--- a/mdoc2man.awk
+++ b/mdoc2man.awk
@@ -76,19 +76,19 @@ function add(str) {
76 skip=1 76 skip=1
77 ext=1 77 ext=1
78 if(length(line)&&!(match(line," $")||prenl)) 78 if(length(line)&&!(match(line," $")||prenl))
79 add(OFS) 79 add(OFS)
80 } else if(match(words[w],"^Xc$")) { 80 } else if(match(words[w],"^Xc$")) {
81 skip=1 81 skip=1
82 ext=0 82 ext=0
83 if(!extopt) 83 if(!extopt)
84 prenl++ 84 prenl++
85 w=nwords 85 w=nwords
86 } else if(match(words[w],"^Bd$")) { 86 } else if(match(words[w],"^Bd$")) {
87 skip=1 87 skip=1
88 if(match(words[w+1],"-literal")) { 88 if(match(words[w+1],"-literal")) {
89 literal=1 89 literal=1
90 prenl++ 90 prenl++
91 w=nwords 91 w=nwords
92 } 92 }
93 } else if(match(words[w],"^Ed$")) { 93 } else if(match(words[w],"^Ed$")) {
94 skip=1 94 skip=1
@@ -96,7 +96,7 @@ function add(str) {
96 } else if(match(words[w],"^Ns$")) { 96 } else if(match(words[w],"^Ns$")) {
97 skip=1 97 skip=1
98 if(!nospace) 98 if(!nospace)
99 nospace=1 99 nospace=1
100 sub(" $","",line) 100 sub(" $","",line)
101 } else if(match(words[w],"^No$")) { 101 } else if(match(words[w],"^No$")) {
102 skip=1 102 skip=1
@@ -107,20 +107,20 @@ function add(str) {
107 add("``") 107 add("``")
108 add(words[++w]) 108 add(words[++w])
109 while(w<nwords&&!match(words[w+1],"^[\\.,]")) 109 while(w<nwords&&!match(words[w+1],"^[\\.,]"))
110 add(OFS words[++w]) 110 add(OFS words[++w])
111 add("''") 111 add("''")
112 if(!nospace&&match(words[w+1],"^[\\.,]")) 112 if(!nospace&&match(words[w+1],"^[\\.,]"))
113 nospace=1 113 nospace=1
114 } else if(match(words[w],"^Sq|Ql$")) { 114 } else if(match(words[w],"^Sq|Ql$")) {
115 skip=1 115 skip=1
116 add("`" words[++w] "'") 116 add("`" words[++w] "'")
117 if(!nospace&&match(words[w+1],"^[\\.,]")) 117 if(!nospace&&match(words[w+1],"^[\\.,]"))
118 nospace=1 118 nospace=1
119 } else if(match(words[w],"^Oo$")) { 119 } else if(match(words[w],"^Oo$")) {
120 skip=1 120 skip=1
121 extopt=1 121 extopt=1
122 if(!nospace) 122 if(!nospace)
123 nospace=1 123 nospace=1
124 add("[") 124 add("[")
125 } else if(match(words[w],"^Oc$")) { 125 } else if(match(words[w],"^Oc$")) {
126 skip=1 126 skip=1
@@ -129,9 +129,9 @@ function add(str) {
129 } 129 }
130 if(!skip) { 130 if(!skip) {
131 if(!nospace&&length(line)&&!(match(line," $")||prenl)) 131 if(!nospace&&length(line)&&!(match(line," $")||prenl))
132 add(OFS) 132 add(OFS)
133 if(nospace==1) 133 if(nospace==1)
134 nospace=0 134 nospace=0
135 } 135 }
136 if(match(words[w],"^Dd$")) { 136 if(match(words[w],"^Dd$")) {
137 date=wtail() 137 date=wtail()
@@ -158,69 +158,69 @@ function add(str) {
158 } else if(match(words[w],"^Re$")) { 158 } else if(match(words[w],"^Re$")) {
159 prenl++ 159 prenl++
160 for(i=nrefauthors-1;i>0;i--) { 160 for(i=nrefauthors-1;i>0;i--) {
161 add(refauthors[i]) 161 add(refauthors[i])
162 if(i>1) 162 if(i>1)
163 add(", ") 163 add(", ")
164 } 164 }
165 if(nrefauthors>1) 165 if(nrefauthors>1)
166 add(" and ") 166 add(" and ")
167 add(refauthors[0] ", \\fI" reftitle "\\fP") 167 add(refauthors[0] ", \\fI" reftitle "\\fP")
168 if(length(refissue)) 168 if(length(refissue))
169 add(", " refissue) 169 add(", " refissue)
170 if(length(refdate)) 170 if(length(refdate))
171 add(", " refdate) 171 add(", " refdate)
172 if(length(refopt)) 172 if(length(refopt))
173 add(", " refopt) 173 add(", " refopt)
174 add(".") 174 add(".")
175 reference=0 175 reference=0
176 } else if(reference) { 176 } else if(reference) {
177 if(match(words[w],"^%A$")) { refauthors[nrefauthors++]=wtail() } 177 if(match(words[w],"^%A$")) { refauthors[nrefauthors++]=wtail() }
178 if(match(words[w],"^%T$")) { 178 if(match(words[w],"^%T$")) {
179 reftitle=wtail() 179 reftitle=wtail()
180 sub("^\"","",reftitle) 180 sub("^\"","",reftitle)
181 sub("\"$","",reftitle) 181 sub("\"$","",reftitle)
182 } 182 }
183 if(match(words[w],"^%N$")) { refissue=wtail() } 183 if(match(words[w],"^%N$")) { refissue=wtail() }
184 if(match(words[w],"^%D$")) { refdate=wtail() } 184 if(match(words[w],"^%D$")) { refdate=wtail() }
185 if(match(words[w],"^%O$")) { refopt=wtail() } 185 if(match(words[w],"^%O$")) { refopt=wtail() }
186 } else if(match(words[w],"^Nm$")) { 186 } else if(match(words[w],"^Nm$")) {
187 if(synopsis) { 187 if(synopsis) {
188 add(".br") 188 add(".br")
189 prenl++ 189 prenl++
190 } 190 }
191 n=words[++w] 191 n=words[++w]
192 if(!length(name)) 192 if(!length(name))
193 name=n 193 name=n
194 if(!length(n)) 194 if(!length(n))
195 n=name 195 n=name
196 add("\\fB" n "\\fP") 196 add("\\fB" n "\\fP")
197 if(!nospace&&match(words[w+1],"^[\\.,]")) 197 if(!nospace&&match(words[w+1],"^[\\.,]"))
198 nospace=1 198 nospace=1
199 } else if(match(words[w],"^Nd$")) { 199 } else if(match(words[w],"^Nd$")) {
200 add("\\- " wtail()) 200 add("\\- " wtail())
201 } else if(match(words[w],"^Fl$")) { 201 } else if(match(words[w],"^Fl$")) {
202 add("\\fB\\-" words[++w] "\\fP") 202 add("\\fB\\-" words[++w] "\\fP")
203 if(!nospace&&match(words[w+1],"^[\\.,]")) 203 if(!nospace&&match(words[w+1],"^[\\.,]"))
204 nospace=1 204 nospace=1
205 } else if(match(words[w],"^Ar$")) { 205 } else if(match(words[w],"^Ar$")) {
206 add("\\fI") 206 add("\\fI")
207 if(w==nwords) 207 if(w==nwords)
208 add("file ...\\fP") 208 add("file ...\\fP")
209 else { 209 else {
210 add(words[++w] "\\fP") 210 add(words[++w] "\\fP")
211 while(match(words[w+1],"^\\|$")) 211 while(match(words[w+1],"^\\|$"))
212 add(OFS words[++w] " \\fI" words[++w] "\\fP") 212 add(OFS words[++w] " \\fI" words[++w] "\\fP")
213 } 213 }
214 if(!nospace&&match(words[w+1],"^[\\.,]")) 214 if(!nospace&&match(words[w+1],"^[\\.,]"))
215 nospace=1 215 nospace=1
216 } else if(match(words[w],"^Cm$")) { 216 } else if(match(words[w],"^Cm$")) {
217 add("\\fB" words[++w] "\\fP") 217 add("\\fB" words[++w] "\\fP")
218 while(w<nwords&&match(words[w+1],"^[\\.,:;)]")) 218 while(w<nwords&&match(words[w+1],"^[\\.,:;)]"))
219 add(words[++w]) 219 add(words[++w])
220 } else if(match(words[w],"^Op$")) { 220 } else if(match(words[w],"^Op$")) {
221 option=1 221 option=1
222 if(!nospace) 222 if(!nospace)
223 nospace=1 223 nospace=1
224 add("[") 224 add("[")
225 } else if(match(words[w],"^Pp$")) { 225 } else if(match(words[w],"^Pp$")) {
226 prenl++ 226 prenl++
@@ -232,10 +232,10 @@ function add(str) {
232 add("\\fI") 232 add("\\fI")
233 w++ 233 w++
234 if(match(words[w],"^\\.")) 234 if(match(words[w],"^\\."))
235 add("\\&") 235 add("\\&")
236 add(words[w] "\\fP") 236 add(words[w] "\\fP")
237 while(w<nwords&&match(words[w+1],"^[\\.,:;)]")) 237 while(w<nwords&&match(words[w+1],"^[\\.,:;)]"))
238 add(words[++w]) 238 add(words[++w])
239 } else if(match(words[w],"^Dv$")) { 239 } else if(match(words[w],"^Dv$")) {
240 add(".BR") 240 add(".BR")
241 } else if(match(words[w],"^Em|Ev$")) { 241 } else if(match(words[w],"^Em|Ev$")) {
@@ -254,69 +254,69 @@ function add(str) {
254 plain=1 254 plain=1
255 add("\\fB") 255 add("\\fB")
256 while(w<nwords) { 256 while(w<nwords) {
257 w++ 257 w++
258 if(match(words[w],"^Op$")) { 258 if(match(words[w],"^Op$")) {
259 w++ 259 w++
260 add("[") 260 add("[")
261 words[nwords]=words[nwords] "]" 261 words[nwords]=words[nwords] "]"
262 } 262 }
263 if(match(words[w],"^Ar$")) { 263 if(match(words[w],"^Ar$")) {
264 add("\\fI" words[++w] "\\fP") 264 add("\\fI" words[++w] "\\fP")
265 } else if(match(words[w],"^[\\.,]")) { 265 } else if(match(words[w],"^[\\.,]")) {
266 sub(" $","",line) 266 sub(" $","",line)
267 if(plain) { 267 if(plain) {
268 add("\\fP") 268 add("\\fP")
269 plain=0 269 plain=0
270 } 270 }
271 add(words[w]) 271 add(words[w])
272 } else { 272 } else {
273 if(!plain) { 273 if(!plain) {
274 add("\\fB") 274 add("\\fB")
275 plain=1 275 plain=1
276 } 276 }
277 add(words[w]) 277 add(words[w])
278 } 278 }
279 if(!nospace) 279 if(!nospace)
280 add(OFS) 280 add(OFS)
281 } 281 }
282 sub(" $","",line) 282 sub(" $","",line)
283 if(plain) 283 if(plain)
284 add("\\fP") 284 add("\\fP")
285 } else if(match(words[w],"^Bl$")) { 285 } else if(match(words[w],"^Bl$")) {
286 oldoptlist=optlist 286 oldoptlist=optlist
287 if(match(words[w+1],"-bullet")) 287 if(match(words[w+1],"-bullet"))
288 optlist=1 288 optlist=1
289 else if(match(words[w+1],"-enum")) { 289 else if(match(words[w+1],"-enum")) {
290 optlist=2 290 optlist=2
291 enum=0 291 enum=0
292 } else if(match(words[w+1],"-tag")) 292 } else if(match(words[w+1],"-tag"))
293 optlist=3 293 optlist=3
294 else if(match(words[w+1],"-item")) 294 else if(match(words[w+1],"-item"))
295 optlist=4 295 optlist=4
296 else if(match(words[w+1],"-bullet")) 296 else if(match(words[w+1],"-bullet"))
297 optlist=1 297 optlist=1
298 w=nwords 298 w=nwords
299 } else if(match(words[w],"^El$")) { 299 } else if(match(words[w],"^El$")) {
300 optlist=oldoptlist 300 optlist=oldoptlist
301 } else if(match(words[w],"^It$")&&optlist) { 301 } else if(match(words[w],"^It$")&&optlist) {
302 if(optlist==1) 302 if(optlist==1)
303 add(".IP \\(bu") 303 add(".IP \\(bu")
304 else if(optlist==2) 304 else if(optlist==2)
305 add(".IP " ++enum ".") 305 add(".IP " ++enum ".")
306 else if(optlist==3) { 306 else if(optlist==3) {
307 add(".TP") 307 add(".TP")
308 prenl++ 308 prenl++
309 if(match(words[w+1],"^Pa|Ev$")) { 309 if(match(words[w+1],"^Pa|Ev$")) {
310 add(".B") 310 add(".B")
311 w++ 311 w++
312 } 312 }
313 } else if(optlist==4) 313 } else if(optlist==4)
314 add(".IP") 314 add(".IP")
315 } else if(match(words[w],"^Sm$")) { 315 } else if(match(words[w],"^Sm$")) {
316 if(match(words[w+1],"off")) 316 if(match(words[w+1],"off"))
317 nospace=2 317 nospace=2
318 else if(match(words[w+1],"on")) 318 else if(match(words[w+1],"on"))
319 nospace=0 319 nospace=0
320 w++ 320 w++
321 } else if(!skip) { 321 } else if(!skip) {
322 add(words[w]) 322 add(words[w])
diff --git a/misc.c b/misc.c
index c457a952c..1f320353e 100644
--- a/misc.c
+++ b/misc.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: misc.c,v 1.21 2003/04/12 10:15:36 markus Exp $"); 26RCSID("$OpenBSD: misc.c,v 1.23 2003/10/28 09:08:06 markus Exp $");
27 27
28#include "misc.h" 28#include "misc.h"
29#include "log.h" 29#include "log.h"
@@ -97,7 +97,7 @@ set_nodelay(int fd)
97 97
98 optlen = sizeof opt; 98 optlen = sizeof opt;
99 if (getsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &opt, &optlen) == -1) { 99 if (getsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &opt, &optlen) == -1) {
100 error("getsockopt TCP_NODELAY: %.100s", strerror(errno)); 100 debug("getsockopt TCP_NODELAY: %.100s", strerror(errno));
101 return; 101 return;
102 } 102 }
103 if (opt == 1) { 103 if (opt == 1) {
@@ -308,18 +308,21 @@ addargs(arglist *args, char *fmt, ...)
308{ 308{
309 va_list ap; 309 va_list ap;
310 char buf[1024]; 310 char buf[1024];
311 int nalloc;
311 312
312 va_start(ap, fmt); 313 va_start(ap, fmt);
313 vsnprintf(buf, sizeof(buf), fmt, ap); 314 vsnprintf(buf, sizeof(buf), fmt, ap);
314 va_end(ap); 315 va_end(ap);
315 316
317 nalloc = args->nalloc;
316 if (args->list == NULL) { 318 if (args->list == NULL) {
317 args->nalloc = 32; 319 nalloc = 32;
318 args->num = 0; 320 args->num = 0;
319 } else if (args->num+2 >= args->nalloc) 321 } else if (args->num+2 >= nalloc)
320 args->nalloc *= 2; 322 nalloc *= 2;
321 323
322 args->list = xrealloc(args->list, args->nalloc * sizeof(char *)); 324 args->list = xrealloc(args->list, nalloc * sizeof(char *));
325 args->nalloc = nalloc;
323 args->list[args->num++] = xstrdup(buf); 326 args->list[args->num++] = xstrdup(buf);
324 args->list[args->num] = NULL; 327 args->list[args->num] = NULL;
325} 328}
diff --git a/mkinstalldirs b/mkinstalldirs
index 614ef33d8..47d5f43fe 100755
--- a/mkinstalldirs
+++ b/mkinstalldirs
@@ -4,7 +4,7 @@
4# Created: 1993-05-16 4# Created: 1993-05-16
5# Public domain 5# Public domain
6 6
7# $Id: mkinstalldirs,v 1.1 2000/05/20 05:33:45 damien Exp $ 7# $Id: mkinstalldirs,v 1.2 2003/11/21 12:48:55 djm Exp $
8 8
9errstatus=0 9errstatus=0
10 10
@@ -22,13 +22,13 @@ do
22 esac 22 esac
23 23
24 if test ! -d "$pathcomp"; then 24 if test ! -d "$pathcomp"; then
25 echo "mkdir $pathcomp" 25 echo "mkdir $pathcomp"
26 26
27 mkdir "$pathcomp" || lasterr=$? 27 mkdir "$pathcomp" || lasterr=$?
28 28
29 if test ! -d "$pathcomp"; then 29 if test ! -d "$pathcomp"; then
30 errstatus=$lasterr 30 errstatus=$lasterr
31 fi 31 fi
32 fi 32 fi
33 33
34 pathcomp="$pathcomp/" 34 pathcomp="$pathcomp/"
diff --git a/moduli b/moduli
index 6b94e2e23..52639d336 100644
--- a/moduli
+++ b/moduli
@@ -1,158 +1,186 @@
1# $OpenBSD: moduli,v 1.1 2001/06/22 22:07:54 provos Exp $ 1# $OpenBSD: moduli,v 1.2 2004/01/28 04:44:00 dtucker Exp $
2 2
3# Time Type Tests Tries Size Generator Modulus 3# Time Type Tests Tries Size Generator Modulus
420010328182134 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF5449C221CB 420031210004503 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB22C583AB
520010328182222 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF5449C95A43 520031210004553 2 6 100 1023 5 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB22D0A0D7
620010328182256 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF5449CC8CFB 620031210004628 2 6 100 1023 5 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB22D6CB97
720010328182409 2 6 100 1023 5 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF5449D9BDB7 720031210004801 2 6 100 1023 5 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB22F2D1B7
820010328182628 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF5449FB6EF3 820031210004827 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB22F5615B
920010328182708 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544A000153 920031210004919 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB230138C3
1020010328182758 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544A06E9EB 1020031210004952 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB2305F6A3
1120010328182946 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544A1F2C93 1120031210005018 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB230801DB
1220010328183015 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544A206ADB 1220031210005043 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB230A0383
1320010328183112 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544A2A109B 1320031210005147 2 6 100 1023 5 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB231C3A7F
1420010328183143 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544A2BC1BB 1420031210005230 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB23249C1B
1520010328183301 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544A3ADCEB 1520031210005301 2 6 100 1023 5 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB23288F0F
1620010328183532 2 6 100 1023 5 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544A5E8BAF 1620031210005438 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB2344EC9B
1720010328183646 2 6 100 1023 5 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544A6D54D7 1720031210005548 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB235892F3
1820010328183712 2 6 100 1023 5 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544A6EC46F 1820031210005700 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB236C3F03
1920010328184223 2 6 100 1023 5 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544AB8626F 1920031210005841 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB238BC713
2020010328184337 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544AC7DC73 2020031210010040 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB23B466C3
2120010328184634 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544AEFF073 2120031210010119 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB23BB1F8B
2220010328184714 2 6 100 1023 5 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544AF594FF 2220031210010313 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB23E03DDB
2320010328184807 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544AFEEC53 2320031210010335 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB23E130AB
2420010328184910 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544B0B3513 2420031210010422 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB23EA20A3
2520010328185030 2 6 100 1023 5 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544B165707 2520031210010500 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB23F1807B
2620010328185334 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544B3A9673 2620031210010628 2 6 100 1023 5 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB2409DC07
2720010328185423 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544B426623 2720031210010759 2 6 100 1023 5 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB2425487F
2820010328185451 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544B4427DB 2820031210010906 2 6 100 1023 5 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB24397A3F
2920010328185637 2 6 100 1023 5 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544B5E3FC7 2920031210010945 2 6 100 1023 5 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB2440ABF7
3020010328185720 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544B65964B 3020031210011017 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB2445C00B
3120010328185757 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544B6A9373 3120031210011059 2 6 100 1023 5 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB244E4EBF
3220010328185844 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544B7203B3 3220031210011158 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB245E056B
3320010328185933 2 6 100 1023 5 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544B7A9FFF 3320031210011340 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB24808F43
3420010328190006 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544B7DAAD3 3420031210011408 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB24834C0B
3520010328190054 2 6 100 1023 5 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544B855C2F 3520031210011517 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB2495148B
3620010328190139 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544B8C53EB 3620031210011632 2 6 100 1023 5 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB24A89B27
3720010328190304 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544B9F26C3 3720031210014802 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772D3B9DD3
3820010328190329 2 6 100 1023 5 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544BA00697 3820031210015017 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772D463D83
3920010328190412 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544BA54313 3920031210015524 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772D68288B
4020010328190506 2 6 100 1023 5 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544BAEEF27 4020031210015701 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772D6C64C3
4120010328190550 2 6 100 1023 2 DCFAC4EFE89F5B082962AB9A67E8D63E84FA491E5D3874978815868595469163DA0661E6208A8C2CD4F83893B53864ADFD2154E8D8EFA146BAD808562E4BF6C90348FD79EEB3387D93FC7943BC450BA55399BA3CF3DFBD0D4E71800007B0E9D5F12E7A2CB7EA4E49812E715F8DC570C478DC2DEB1C49B0AE87A5DF544BB5CE0B 4120031210020258 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772D94316B
4220010328200734 2 6 100 1534 5 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC33395187 4220031210022106 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772E1F8453
4320010328201124 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC334ED15B 4320031210022738 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772E4BDAC7
4420010328201358 2 6 100 1534 5 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC3359FC07 4420031210022948 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772E5541E7
4520010328201537 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC335F7A83 4520031210023056 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772E56464B
4620010328201829 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC336D1433 4620031210023414 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772E695C8B
4720010328202120 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC337B253B 4720031210024039 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772E939ABF
4820010328202848 2 6 100 1534 5 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC33A3D43F 4820031210024457 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772EAE295B
4920010328203335 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC33BF24A3 4920031210024630 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772EB2BDFB
5020010328204332 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC34011B8B 5020031210025118 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772ED059DB
5120010328204443 2 6 100 1534 5 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC3402A92F 5120031210025540 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772EECB4D3
5220010328204617 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC3406D343 5220031210025956 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772F043973
5320010328205458 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC3436FA2B 5320031210030256 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772F134903
5420010328210413 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC3471CF1B 5420031210030415 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772F15B5EB
5520010328213513 2 6 100 1534 5 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC352AF5EF 5520031210030717 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772F25BF3B
5620010328215014 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC358CC3CB 5620031210030826 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772F2670D7
5720010328215520 2 6 100 1534 5 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC35A9B7FF 5720031210031055 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772F31E5F3
5820010328215733 2 6 100 1534 5 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC35B2927F 5820031210031311 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772F3BFE2B
5920010328220114 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC35C47323 5920031210032243 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772F83082B
6020010328220334 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC35CFA9C3 6020031210032437 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772F898187
6120010328220653 2 6 100 1534 5 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC35E0BB37 6120031210032703 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772F95718B
6220010328220915 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC35E9CC23 6220031210032953 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772FA3F5CB
6320010328221256 2 6 100 1534 5 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC35FD7D67 6320031210033059 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772FA48FEB
6420010328221457 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC36052CCB 6420031210033247 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772FAA6267
6520010328222639 2 6 100 1534 5 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC364A1E07 6520031210033633 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772FC1BE7B
6620010328224126 2 6 100 1534 5 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC36AD5557 6620031210034313 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772FF18FA7
6720010328225125 2 6 100 1534 5 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC36EE57BF 6720031210034507 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772FF84977
6820010328225751 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC3716A70B 6820031210035121 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A7730233FBF
6920010328225943 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC371D010B 6920031210035813 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A773054E8F3
7020010328230054 2 6 100 1534 5 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC371EB5C7 7020031210035955 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A7730597847
7120010328230301 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC37275F4B 7120031210040259 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A77306A1B57
7220010328230628 2 6 100 1534 2 6DFD16D9669EDAF42EF5D4EED82AA84B0541DEC2045B6AF55021A184F32BCADE614A114137022C9A8B41C09AFC38199E7305864F70A8708F37FC2127264ECF4FA32391F243CC62B89602D3813082679E5BDF496BA9DFA4C818AD21EC261B6F11841E6F2DE1574CE95095841DAF052868CCD5E9BFCA543E0934B50A76A598E693136DE2D479AEF3785D97BAFF4FB85AB8D46DA424C4CC5E11ABCAF718837E16350982BF8A27728318EC02C71ED164F57CDB121B72614B7B7C406613EC3738C3F3 7220031210040704 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A77308258FB
7320010329000424 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853ACAACAB 7320031210040913 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A77308A63F7
7420010329001637 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853AE5BE0F 7420031210042047 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A7730DEEF8F
7520010329002229 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853AEDE2D3 7520031210042156 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A7730DFE787
7620010329003652 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853B0F32CB 7620031210042511 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A7730F1D3CB
7720010329005040 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853B30E503 7720031210042907 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A773107039B
7820010329014643 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853BC9AF57 7820031210043815 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A7731492E37
7920010329021950 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853C205263 7920031210045243 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A7731AB1953
8020010329023256 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853C3F2E53 8020031210054833 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1C0B0F8B
8120010329031049 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853CA28BBF 8120031210055609 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1C1CF773
8220010329032045 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853CB81103 8220031210065401 2 6 100 2047 5 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1CDD973F
8320010329052113 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853DF13B47 8320031210071146 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1D11D9FB
8420010329052449 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853DF3ED53 8420031210071754 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1D1ED47B
8520010329060404 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853E5D25E7 8520031210072552 2 6 100 2047 5 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1D32CE4F
8620010329062856 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853E9CF013 8620031210073644 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1D4EC983
8720010329063152 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853E9E1CEB 8720031210074309 2 6 100 2047 5 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1D5D4F07
8820010329070601 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853EF58B7F 8820031210075517 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1D7DE133
8920010329071302 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853F017697 8920031210081718 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1DC395C3
9020010329072011 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853F0E72D3 9020031210084322 2 6 100 2047 5 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1E1A5567
9120010329072445 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853F14CE17 9120031210085218 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1E3127AB
9220010329073641 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853F2EEBA3 9220031210090542 2 6 100 2047 5 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1E586AD7
9320010329075209 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853F52E927 9320031210093920 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1EC6C9D3
9420010329080750 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853F776F8B 9420031210100616 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1F19C713
9520010329084002 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853FC98043 9520031210103627 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1F7B82B3
9620010329084744 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853FD7EAAF 9620031210104559 2 6 100 2047 5 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1F95C2EF
9720010329090209 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993853FF9AF5F 9720031210104836 2 6 100 2047 5 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1F969EAF
9820010329093527 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC3499385404E330B 9820031210110201 2 6 100 2047 5 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1FBEA0DF
9920010329094652 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC349938540672D1F 9920031210111610 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1FE4C70B
10020010329103445 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC349938540E4B213 10020031210111837 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1FE50DBB
10120010329111418 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC34993854144947F 10120031210112215 2 6 100 2047 5 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1FE964FF
10220010329112031 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC3499385414F223B 10220031210124102 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F20F33023
10320010329112413 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC349938541522073 10320031210125610 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F21208AFB
10420010329114209 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC3499385417C8E53 10420031210130630 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F213CBA8B
10520010329125026 2 6 100 2046 2 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC3499385422E41AB 10520031210132517 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F21754843
10620010329132045 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC3499385427DD3FF 10620031210132855 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F2179D39B
10720010329134105 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC349938542AFA2D7 10720031210140211 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F21E6E73B
10820010329134914 2 6 100 2046 5 7ED0888B660A818F15E5F76A7F2BF10C99D74129DA04446C60116C9C800501060B8AFF075DCE0C08CEFDF695440E6F16FCCDB06359D080EF62D6485CBAEB94B92BE771D535B4EA9C5D14D84CD7649E25C7CFEA2C914486CC2BFDE77C4C0DF1D6DDED65FEE2F53A7FA690AFE38EE00C154FBAEFF935466B176CB0AED02458A552929F4EA7FC3E6F9F758DE7F22CC1F49641F492820441BDC109F0CE18F883FC93EA9AC4C1432682BA1C5B67BED8C861152A5F952A8CDCF1BCE02B8D93E80C113CE9FE2E4ACA49B2978B99A8C5FA231A77F5E7C604D44C7C6EA98D561294D4F7AB061432CAB8BBDCEC3659DE64F65265E6B9FC5F46879BB17CC349938542C04A37 10820031210141340 2 6 100 2047 5 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F22068817
10920010403222140 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B0AB16DAF 10920031210143133 2 6 100 2047 5 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F223D6017
11020010403225231 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B0AC56CFF 11020031210143812 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F224A70F3
11120010404053436 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B0C2F4B7F 11120031210150410 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F22A24CFB
11220010404092851 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B0D04E7F7 11220031210153131 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F22FAA253
11320010404093943 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B0D07794B 11320031210153718 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F23071C7B
11420010404102659 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B0D2BE8CF 11420031210154203 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F230FFC0B
11520010404112553 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B0D5D012B 11520031210161808 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F2383B65B
11620010404174625 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B0EA59E17 11620031210185714 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061924F36F3
11720010404184645 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B0ED6DA4F 11720031210204537 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A306192C04AB3
11820010404193402 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B0EFB39B3 11820031210205604 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A306192C3734B
11920010404230716 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B0FB07C1B 11920031210210523 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A306192C58A0B
12020010405044433 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B10DD9FC3 12020031210233701 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A306193680D03
12120010405053429 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B11038737 12120031211013125 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A306193E1DD73
12220010405062826 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B112E24E7 12220031211052015 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A306194DA94E3
12320010405092601 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B11C9E9FB 12320031211064439 2 6 100 3071 5 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A30619531A017
12420010405113007 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B123803EB 12420031211074935 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A306195731BAB
12520010405122212 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B12612ED3 12520031211081053 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A306195830BAB
12620010405182035 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B13A25087 12620031211123240 2 6 100 3071 5 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A306196A4C097
12720010405210758 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B142C4E23 12720031211160831 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061978B740B
12820010405220222 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B145878F3 12820031211195847 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A30619889E1B3
12920010406020130 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B152AF6AB 12920031211201456 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A30619892ED83
13020010406053538 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B15E78C8B 13020031211221441 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A30619910A74B
13120010406073014 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B1649BFEF 13120031211223303 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061991D35CB
13220010406074100 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B164D4E3F 13220031211235558 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A306199712CCB
13320010406103625 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B16E07B33 13320031212005818 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A306199AE96DB
13420010406131946 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B17706243 13420031212033251 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A30619A50DDD3
13520010406170234 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B182FD957 13520031212053332 2 6 100 3071 5 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A30619AB31B57
13620010406182949 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B18768903 13620031212084926 2 6 100 3071 5 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A30619B8949F7
13720010406203157 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B18DCFC3B 13720031212130319 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A30619C84A1A3
13820010407022825 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B1A1AF797 13820031212192346 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A30619E1B24BB
13920010407071024 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B1B1551E7 13920031212210042 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A30619E7F37FB
14020010407112402 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B1BF78EC7 14020031213002102 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A30619F59BABB
14120010407123215 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B1C30021B 14120031213061439 2 6 100 3071 5 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061A0D9208F
14220010407161504 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B1CF27743 14220031213071620 2 6 100 3071 5 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061A115D66F
14320010407171629 2 6 100 3190 5 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B1D25FAD7 14320031213072644 2 6 100 3071 5 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061A1186097
14420010407191502 2 6 100 3190 2 669BA3ED661F226A090BE5644A2BB4209371B78FC3E6848A095821993F59084CA5EE12052F977D01F0666F03F6573B199DFEC9AB94588C2C60DE3B3E7CF5094587919FCC3FB40A61C261E891A0F91D9FFC8F30CA12CF809DD8290DD786FA8B041FFAC5793C38F38757EA6790472AC2692185B554B0046E8C065C983C0ACC8D2F85AB4BEDF7CE233009218C9691FE44261580D4149F1D4471B0B5DF79E224252474EBC3B7B5490950BB438BF498E79F8794498B3A3B5FBB42829C3BBEA4067F28C23BE40377B986BD5443CCCF02405B8CCCAA09E8179F0168D4969994171A6AD98F81015BC84E10A44E1EFD2E0862C5D1AAFE99014715A36800DBD9A6C51C0226CC82A651DAE4F73D54C4D103C13D1C15CF8CCA67D5CB39F03C66F3B7467F8FFDCC5074CD0C1B2538FBF956971BF39314CEDD20E1B10DE16D86E10BE7FA5B1A706AEB4C356F49807A22072CD00559AF0A863788956651919E26A315EAD1D26E7C98FC4CFA35A0F04DD400A2991A1FFE5B271FEDE54375896A29F968BE1D511BA466A92AC3E3772709FC815B1D8C2753 14420031213090613 2 6 100 3071 5 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061A17DACC7
14520010420002705 2 6 100 4094 2 65B5B9F5ECFADB4CCB38D1BC894302E95B4843290F1A7A40579DF3E2FF98C1D3DA9F210857C784433DF32ADF9E0C80121211690E1FFB41B8DB4E86AFE388A09C9BB2C98EDC581C2E65D57F61BB920C3D1B7B058B5FADFF65D607DAFF443B8BA1ACE1A3A7B16EA0713F62537C6689E3C4A0F61198F3B054FCF140CFADD8622C0E7621998331E59DA6F72E9D608D0E58F526E95F485C7CA30A416617DA3CCFF722BB82362606283D054B34B83ECDB4C91BAB835944010EBE5E9FA7B016ED89891DD553CC71B5CF76EDB2A184B377F670D6AF191763EEFD175E48EA37EE18B9E44E2D017D845C444C8111816819866E490B52F7F879A0C6F401CF7859674F93E304365F4E8CB8C312EFB725732A46D7CF0C9D2939AEE25F428CEFC90959DBF8ADD612F343EF9BFCA2FBA61BD4BF93E1E54626D227FDA812E18D071579AB4EEAC9901DAB183BCB0D9F48732D92CE66B386EAE5D8212C9FD156DC3F09B171B5603E17A468D244F3B6880EBCDA189BA9E23E4A4C6C2995ACF264F8CE9D54B27316343C0BC19221F75E6A2AC68011741695E599F73460B7A042E0461DB189CDCE223B40336BF2251AE3B363159960C9F63B47EFC43790D474DABB9A686DAF21E0DD76533749FCA9F144FA9C243CEF1364C79D981ED81DC4635C73B7F8908BA190AA920ED370F815BC2F9B3D28ED87BE34A01498836222C17B70C246C03CA1C10C1E08F3 14520031213110037 2 6 100 3071 5 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061A1F577E7
14620010420005243 2 6 100 4094 2 65B5B9F5ECFADB4CCB38D1BC894302E95B4843290F1A7A40579DF3E2FF98C1D3DA9F210857C784433DF32ADF9E0C80121211690E1FFB41B8DB4E86AFE388A09C9BB2C98EDC581C2E65D57F61BB920C3D1B7B058B5FADFF65D607DAFF443B8BA1ACE1A3A7B16EA0713F62537C6689E3C4A0F61198F3B054FCF140CFADD8622C0E7621998331E59DA6F72E9D608D0E58F526E95F485C7CA30A416617DA3CCFF722BB82362606283D054B34B83ECDB4C91BAB835944010EBE5E9FA7B016ED89891DD553CC71B5CF76EDB2A184B377F670D6AF191763EEFD175E48EA37EE18B9E44E2D017D845C444C8111816819866E490B52F7F879A0C6F401CF7859674F93E304365F4E8CB8C312EFB725732A46D7CF0C9D2939AEE25F428CEFC90959DBF8ADD612F343EF9BFCA2FBA61BD4BF93E1E54626D227FDA812E18D071579AB4EEAC9901DAB183BCB0D9F48732D92CE66B386EAE5D8212C9FD156DC3F09B171B5603E17A468D244F3B6880EBCDA189BA9E23E4A4C6C2995ACF264F8CE9D54B27316343C0BC19221F75E6A2AC68011741695E599F73460B7A042E0461DB189CDCE223B40336BF2251AE3B363159960C9F63B47EFC43790D474DABB9A686DAF21E0DD76533749FCA9F144FA9C243CEF1364C79D981ED81DC4635C73B7F8908BA190AA920ED370F815BC2F9B3D28ED87BE34A01498836222C17B70C246C03CA1C10C219FB3 14620031213113226 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061A2113AC3
14720010420035225 2 6 100 4094 5 65B5B9F5ECFADB4CCB38D1BC894302E95B4843290F1A7A40579DF3E2FF98C1D3DA9F210857C784433DF32ADF9E0C80121211690E1FFB41B8DB4E86AFE388A09C9BB2C98EDC581C2E65D57F61BB920C3D1B7B058B5FADFF65D607DAFF443B8BA1ACE1A3A7B16EA0713F62537C6689E3C4A0F61198F3B054FCF140CFADD8622C0E7621998331E59DA6F72E9D608D0E58F526E95F485C7CA30A416617DA3CCFF722BB82362606283D054B34B83ECDB4C91BAB835944010EBE5E9FA7B016ED89891DD553CC71B5CF76EDB2A184B377F670D6AF191763EEFD175E48EA37EE18B9E44E2D017D845C444C8111816819866E490B52F7F879A0C6F401CF7859674F93E304365F4E8CB8C312EFB725732A46D7CF0C9D2939AEE25F428CEFC90959DBF8ADD612F343EF9BFCA2FBA61BD4BF93E1E54626D227FDA812E18D071579AB4EEAC9901DAB183BCB0D9F48732D92CE66B386EAE5D8212C9FD156DC3F09B171B5603E17A468D244F3B6880EBCDA189BA9E23E4A4C6C2995ACF264F8CE9D54B27316343C0BC19221F75E6A2AC68011741695E599F73460B7A042E0461DB189CDCE223B40336BF2251AE3B363159960C9F63B47EFC43790D474DABB9A686DAF21E0DD76533749FCA9F144FA9C243CEF1364C79D981ED81DC4635C73B7F8908BA190AA920ED370F815BC2F9B3D28ED87BE34A01498836222C17B70C246C03CA1C10C660B3F 14720031213120232 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061A22A232B
14820010420145749 2 6 100 4094 2 65B5B9F5ECFADB4CCB38D1BC894302E95B4843290F1A7A40579DF3E2FF98C1D3DA9F210857C784433DF32ADF9E0C80121211690E1FFB41B8DB4E86AFE388A09C9BB2C98EDC581C2E65D57F61BB920C3D1B7B058B5FADFF65D607DAFF443B8BA1ACE1A3A7B16EA0713F62537C6689E3C4A0F61198F3B054FCF140CFADD8622C0E7621998331E59DA6F72E9D608D0E58F526E95F485C7CA30A416617DA3CCFF722BB82362606283D054B34B83ECDB4C91BAB835944010EBE5E9FA7B016ED89891DD553CC71B5CF76EDB2A184B377F670D6AF191763EEFD175E48EA37EE18B9E44E2D017D845C444C8111816819866E490B52F7F879A0C6F401CF7859674F93E304365F4E8CB8C312EFB725732A46D7CF0C9D2939AEE25F428CEFC90959DBF8ADD612F343EF9BFCA2FBA61BD4BF93E1E54626D227FDA812E18D071579AB4EEAC9901DAB183BCB0D9F48732D92CE66B386EAE5D8212C9FD156DC3F09B171B5603E17A468D244F3B6880EBCDA189BA9E23E4A4C6C2995ACF264F8CE9D54B27316343C0BC19221F75E6A2AC68011741695E599F73460B7A042E0461DB189CDCE223B40336BF2251AE3B363159960C9F63B47EFC43790D474DABB9A686DAF21E0DD76533749FCA9F144FA9C243CEF1364C79D981ED81DC4635C73B7F8908BA190AA920ED370F815BC2F9B3D28ED87BE34A01498836222C17B70C246C03CA1C10D741313 14820031213121926 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061A23443D3
14920010420205718 2 6 100 4094 2 65B5B9F5ECFADB4CCB38D1BC894302E95B4843290F1A7A40579DF3E2FF98C1D3DA9F210857C784433DF32ADF9E0C80121211690E1FFB41B8DB4E86AFE388A09C9BB2C98EDC581C2E65D57F61BB920C3D1B7B058B5FADFF65D607DAFF443B8BA1ACE1A3A7B16EA0713F62537C6689E3C4A0F61198F3B054FCF140CFADD8622C0E7621998331E59DA6F72E9D608D0E58F526E95F485C7CA30A416617DA3CCFF722BB82362606283D054B34B83ECDB4C91BAB835944010EBE5E9FA7B016ED89891DD553CC71B5CF76EDB2A184B377F670D6AF191763EEFD175E48EA37EE18B9E44E2D017D845C444C8111816819866E490B52F7F879A0C6F401CF7859674F93E304365F4E8CB8C312EFB725732A46D7CF0C9D2939AEE25F428CEFC90959DBF8ADD612F343EF9BFCA2FBA61BD4BF93E1E54626D227FDA812E18D071579AB4EEAC9901DAB183BCB0D9F48732D92CE66B386EAE5D8212C9FD156DC3F09B171B5603E17A468D244F3B6880EBCDA189BA9E23E4A4C6C2995ACF264F8CE9D54B27316343C0BC19221F75E6A2AC68011741695E599F73460B7A042E0461DB189CDCE223B40336BF2251AE3B363159960C9F63B47EFC43790D474DABB9A686DAF21E0DD76533749FCA9F144FA9C243CEF1364C79D981ED81DC4635C73B7F8908BA190AA920ED370F815BC2F9B3D28ED87BE34A01498836222C17B70C246C03CA1C10DD41193 14920031213130353 2 6 100 3071 5 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061A25D51E7
15020010420232458 2 6 100 4094 5 65B5B9F5ECFADB4CCB38D1BC894302E95B4843290F1A7A40579DF3E2FF98C1D3DA9F210857C784433DF32ADF9E0C80121211690E1FFB41B8DB4E86AFE388A09C9BB2C98EDC581C2E65D57F61BB920C3D1B7B058B5FADFF65D607DAFF443B8BA1ACE1A3A7B16EA0713F62537C6689E3C4A0F61198F3B054FCF140CFADD8622C0E7621998331E59DA6F72E9D608D0E58F526E95F485C7CA30A416617DA3CCFF722BB82362606283D054B34B83ECDB4C91BAB835944010EBE5E9FA7B016ED89891DD553CC71B5CF76EDB2A184B377F670D6AF191763EEFD175E48EA37EE18B9E44E2D017D845C444C8111816819866E490B52F7F879A0C6F401CF7859674F93E304365F4E8CB8C312EFB725732A46D7CF0C9D2939AEE25F428CEFC90959DBF8ADD612F343EF9BFCA2FBA61BD4BF93E1E54626D227FDA812E18D071579AB4EEAC9901DAB183BCB0D9F48732D92CE66B386EAE5D8212C9FD156DC3F09B171B5603E17A468D244F3B6880EBCDA189BA9E23E4A4C6C2995ACF264F8CE9D54B27316343C0BC19221F75E6A2AC68011741695E599F73460B7A042E0461DB189CDCE223B40336BF2251AE3B363159960C9F63B47EFC43790D474DABB9A686DAF21E0DD76533749FCA9F144FA9C243CEF1364C79D981ED81DC4635C73B7F8908BA190AA920ED370F815BC2F9B3D28ED87BE34A01498836222C17B70C246C03CA1C10E0AB4EF 15020031213143149 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061A2B63CBB
15120010421003952 2 6 100 4094 5 65B5B9F5ECFADB4CCB38D1BC894302E95B4843290F1A7A40579DF3E2FF98C1D3DA9F210857C784433DF32ADF9E0C80121211690E1FFB41B8DB4E86AFE388A09C9BB2C98EDC581C2E65D57F61BB920C3D1B7B058B5FADFF65D607DAFF443B8BA1ACE1A3A7B16EA0713F62537C6689E3C4A0F61198F3B054FCF140CFADD8622C0E7621998331E59DA6F72E9D608D0E58F526E95F485C7CA30A416617DA3CCFF722BB82362606283D054B34B83ECDB4C91BAB835944010EBE5E9FA7B016ED89891DD553CC71B5CF76EDB2A184B377F670D6AF191763EEFD175E48EA37EE18B9E44E2D017D845C444C8111816819866E490B52F7F879A0C6F401CF7859674F93E304365F4E8CB8C312EFB725732A46D7CF0C9D2939AEE25F428CEFC90959DBF8ADD612F343EF9BFCA2FBA61BD4BF93E1E54626D227FDA812E18D071579AB4EEAC9901DAB183BCB0D9F48732D92CE66B386EAE5D8212C9FD156DC3F09B171B5603E17A468D244F3B6880EBCDA189BA9E23E4A4C6C2995ACF264F8CE9D54B27316343C0BC19221F75E6A2AC68011741695E599F73460B7A042E0461DB189CDCE223B40336BF2251AE3B363159960C9F63B47EFC43790D474DABB9A686DAF21E0DD76533749FCA9F144FA9C243CEF1364C79D981ED81DC4635C73B7F8908BA190AA920ED370F815BC2F9B3D28ED87BE34A01498836222C17B70C246C03CA1C10E22F857 15120031213153322 2 6 100 3071 5 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061A2F05FC7
15220010421013245 2 6 100 4094 2 65B5B9F5ECFADB4CCB38D1BC894302E95B4843290F1A7A40579DF3E2FF98C1D3DA9F210857C784433DF32ADF9E0C80121211690E1FFB41B8DB4E86AFE388A09C9BB2C98EDC581C2E65D57F61BB920C3D1B7B058B5FADFF65D607DAFF443B8BA1ACE1A3A7B16EA0713F62537C6689E3C4A0F61198F3B054FCF140CFADD8622C0E7621998331E59DA6F72E9D608D0E58F526E95F485C7CA30A416617DA3CCFF722BB82362606283D054B34B83ECDB4C91BAB835944010EBE5E9FA7B016ED89891DD553CC71B5CF76EDB2A184B377F670D6AF191763EEFD175E48EA37EE18B9E44E2D017D845C444C8111816819866E490B52F7F879A0C6F401CF7859674F93E304365F4E8CB8C312EFB725732A46D7CF0C9D2939AEE25F428CEFC90959DBF8ADD612F343EF9BFCA2FBA61BD4BF93E1E54626D227FDA812E18D071579AB4EEAC9901DAB183BCB0D9F48732D92CE66B386EAE5D8212C9FD156DC3F09B171B5603E17A468D244F3B6880EBCDA189BA9E23E4A4C6C2995ACF264F8CE9D54B27316343C0BC19221F75E6A2AC68011741695E599F73460B7A042E0461DB189CDCE223B40336BF2251AE3B363159960C9F63B47EFC43790D474DABB9A686DAF21E0DD76533749FCA9F144FA9C243CEF1364C79D981ED81DC4635C73B7F8908BA190AA920ED370F815BC2F9B3D28ED87BE34A01498836222C17B70C246C03CA1C10E31828B 15220031213180906 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061A39439A3
15320010421085157 2 6 100 4094 2 65B5B9F5ECFADB4CCB38D1BC894302E95B4843290F1A7A40579DF3E2FF98C1D3DA9F210857C784433DF32ADF9E0C80121211690E1FFB41B8DB4E86AFE388A09C9BB2C98EDC581C2E65D57F61BB920C3D1B7B058B5FADFF65D607DAFF443B8BA1ACE1A3A7B16EA0713F62537C6689E3C4A0F61198F3B054FCF140CFADD8622C0E7621998331E59DA6F72E9D608D0E58F526E95F485C7CA30A416617DA3CCFF722BB82362606283D054B34B83ECDB4C91BAB835944010EBE5E9FA7B016ED89891DD553CC71B5CF76EDB2A184B377F670D6AF191763EEFD175E48EA37EE18B9E44E2D017D845C444C8111816819866E490B52F7F879A0C6F401CF7859674F93E304365F4E8CB8C312EFB725732A46D7CF0C9D2939AEE25F428CEFC90959DBF8ADD612F343EF9BFCA2FBA61BD4BF93E1E54626D227FDA812E18D071579AB4EEAC9901DAB183BCB0D9F48732D92CE66B386EAE5D8212C9FD156DC3F09B171B5603E17A468D244F3B6880EBCDA189BA9E23E4A4C6C2995ACF264F8CE9D54B27316343C0BC19221F75E6A2AC68011741695E599F73460B7A042E0461DB189CDCE223B40336BF2251AE3B363159960C9F63B47EFC43790D474DABB9A686DAF21E0DD76533749FCA9F144FA9C243CEF1364C79D981ED81DC4635C73B7F8908BA190AA920ED370F815BC2F9B3D28ED87BE34A01498836222C17B70C246C03CA1C10EE28B2B 15320031213183520 2 6 100 3071 5 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061A3A7705F
15420010421092617 2 6 100 4094 2 65B5B9F5ECFADB4CCB38D1BC894302E95B4843290F1A7A40579DF3E2FF98C1D3DA9F210857C784433DF32ADF9E0C80121211690E1FFB41B8DB4E86AFE388A09C9BB2C98EDC581C2E65D57F61BB920C3D1B7B058B5FADFF65D607DAFF443B8BA1ACE1A3A7B16EA0713F62537C6689E3C4A0F61198F3B054FCF140CFADD8622C0E7621998331E59DA6F72E9D608D0E58F526E95F485C7CA30A416617DA3CCFF722BB82362606283D054B34B83ECDB4C91BAB835944010EBE5E9FA7B016ED89891DD553CC71B5CF76EDB2A184B377F670D6AF191763EEFD175E48EA37EE18B9E44E2D017D845C444C8111816819866E490B52F7F879A0C6F401CF7859674F93E304365F4E8CB8C312EFB725732A46D7CF0C9D2939AEE25F428CEFC90959DBF8ADD612F343EF9BFCA2FBA61BD4BF93E1E54626D227FDA812E18D071579AB4EEAC9901DAB183BCB0D9F48732D92CE66B386EAE5D8212C9FD156DC3F09B171B5603E17A468D244F3B6880EBCDA189BA9E23E4A4C6C2995ACF264F8CE9D54B27316343C0BC19221F75E6A2AC68011741695E599F73460B7A042E0461DB189CDCE223B40336BF2251AE3B363159960C9F63B47EFC43790D474DABB9A686DAF21E0DD76533749FCA9F144FA9C243CEF1364C79D981ED81DC4635C73B7F8908BA190AA920ED370F815BC2F9B3D28ED87BE34A01498836222C17B70C246C03CA1C10EE97A3B 15420031213192228 2 6 100 3071 5 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061A3D2DEA7
15520010421135621 2 6 100 4094 2 65B5B9F5ECFADB4CCB38D1BC894302E95B4843290F1A7A40579DF3E2FF98C1D3DA9F210857C784433DF32ADF9E0C80121211690E1FFB41B8DB4E86AFE388A09C9BB2C98EDC581C2E65D57F61BB920C3D1B7B058B5FADFF65D607DAFF443B8BA1ACE1A3A7B16EA0713F62537C6689E3C4A0F61198F3B054FCF140CFADD8622C0E7621998331E59DA6F72E9D608D0E58F526E95F485C7CA30A416617DA3CCFF722BB82362606283D054B34B83ECDB4C91BAB835944010EBE5E9FA7B016ED89891DD553CC71B5CF76EDB2A184B377F670D6AF191763EEFD175E48EA37EE18B9E44E2D017D845C444C8111816819866E490B52F7F879A0C6F401CF7859674F93E304365F4E8CB8C312EFB725732A46D7CF0C9D2939AEE25F428CEFC90959DBF8ADD612F343EF9BFCA2FBA61BD4BF93E1E54626D227FDA812E18D071579AB4EEAC9901DAB183BCB0D9F48732D92CE66B386EAE5D8212C9FD156DC3F09B171B5603E17A468D244F3B6880EBCDA189BA9E23E4A4C6C2995ACF264F8CE9D54B27316343C0BC19221F75E6A2AC68011741695E599F73460B7A042E0461DB189CDCE223B40336BF2251AE3B363159960C9F63B47EFC43790D474DABB9A686DAF21E0DD76533749FCA9F144FA9C243CEF1364C79D981ED81DC4635C73B7F8908BA190AA920ED370F815BC2F9B3D28ED87BE34A01498836222C17B70C246C03CA1C10F52C463 15520031213125532 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923E8050C3B
15620010422012438 2 6 100 4094 2 65B5B9F5ECFADB4CCB38D1BC894302E95B4843290F1A7A40579DF3E2FF98C1D3DA9F210857C784433DF32ADF9E0C80121211690E1FFB41B8DB4E86AFE388A09C9BB2C98EDC581C2E65D57F61BB920C3D1B7B058B5FADFF65D607DAFF443B8BA1ACE1A3A7B16EA0713F62537C6689E3C4A0F61198F3B054FCF140CFADD8622C0E7621998331E59DA6F72E9D608D0E58F526E95F485C7CA30A416617DA3CCFF722BB82362606283D054B34B83ECDB4C91BAB835944010EBE5E9FA7B016ED89891DD553CC71B5CF76EDB2A184B377F670D6AF191763EEFD175E48EA37EE18B9E44E2D017D845C444C8111816819866E490B52F7F879A0C6F401CF7859674F93E304365F4E8CB8C312EFB725732A46D7CF0C9D2939AEE25F428CEFC90959DBF8ADD612F343EF9BFCA2FBA61BD4BF93E1E54626D227FDA812E18D071579AB4EEAC9901DAB183BCB0D9F48732D92CE66B386EAE5D8212C9FD156DC3F09B171B5603E17A468D244F3B6880EBCDA189BA9E23E4A4C6C2995ACF264F8CE9D54B27316343C0BC19221F75E6A2AC68011741695E599F73460B7A042E0461DB189CDCE223B40336BF2251AE3B363159960C9F63B47EFC43790D474DABB9A686DAF21E0DD76533749FCA9F144FA9C243CEF1364C79D981ED81DC4635C73B7F8908BA190AA920ED370F815BC2F9B3D28ED87BE34A01498836222C17B70C246C03CA1C110627AF3 15620031213125653 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923E8EB2F2B
15720010422042530 2 6 100 4094 2 65B5B9F5ECFADB4CCB38D1BC894302E95B4843290F1A7A40579DF3E2FF98C1D3DA9F210857C784433DF32ADF9E0C80121211690E1FFB41B8DB4E86AFE388A09C9BB2C98EDC581C2E65D57F61BB920C3D1B7B058B5FADFF65D607DAFF443B8BA1ACE1A3A7B16EA0713F62537C6689E3C4A0F61198F3B054FCF140CFADD8622C0E7621998331E59DA6F72E9D608D0E58F526E95F485C7CA30A416617DA3CCFF722BB82362606283D054B34B83ECDB4C91BAB835944010EBE5E9FA7B016ED89891DD553CC71B5CF76EDB2A184B377F670D6AF191763EEFD175E48EA37EE18B9E44E2D017D845C444C8111816819866E490B52F7F879A0C6F401CF7859674F93E304365F4E8CB8C312EFB725732A46D7CF0C9D2939AEE25F428CEFC90959DBF8ADD612F343EF9BFCA2FBA61BD4BF93E1E54626D227FDA812E18D071579AB4EEAC9901DAB183BCB0D9F48732D92CE66B386EAE5D8212C9FD156DC3F09B171B5603E17A468D244F3B6880EBCDA189BA9E23E4A4C6C2995ACF264F8CE9D54B27316343C0BC19221F75E6A2AC68011741695E599F73460B7A042E0461DB189CDCE223B40336BF2251AE3B363159960C9F63B47EFC43790D474DABB9A686DAF21E0DD76533749FCA9F144FA9C243CEF1364C79D981ED81DC4635C73B7F8908BA190AA920ED370F815BC2F9B3D28ED87BE34A01498836222C17B70C246C03CA1C110A793B3 15720031213125813 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923EAB66F4B
15820010422163438 2 6 100 4094 5 65B5B9F5ECFADB4CCB38D1BC894302E95B4843290F1A7A40579DF3E2FF98C1D3DA9F210857C784433DF32ADF9E0C80121211690E1FFB41B8DB4E86AFE388A09C9BB2C98EDC581C2E65D57F61BB920C3D1B7B058B5FADFF65D607DAFF443B8BA1ACE1A3A7B16EA0713F62537C6689E3C4A0F61198F3B054FCF140CFADD8622C0E7621998331E59DA6F72E9D608D0E58F526E95F485C7CA30A416617DA3CCFF722BB82362606283D054B34B83ECDB4C91BAB835944010EBE5E9FA7B016ED89891DD553CC71B5CF76EDB2A184B377F670D6AF191763EEFD175E48EA37EE18B9E44E2D017D845C444C8111816819866E490B52F7F879A0C6F401CF7859674F93E304365F4E8CB8C312EFB725732A46D7CF0C9D2939AEE25F428CEFC90959DBF8ADD612F343EF9BFCA2FBA61BD4BF93E1E54626D227FDA812E18D071579AB4EEAC9901DAB183BCB0D9F48732D92CE66B386EAE5D8212C9FD156DC3F09B171B5603E17A468D244F3B6880EBCDA189BA9E23E4A4C6C2995ACF264F8CE9D54B27316343C0BC19221F75E6A2AC68011741695E599F73460B7A042E0461DB189CDCE223B40336BF2251AE3B363159960C9F63B47EFC43790D474DABB9A686DAF21E0DD76533749FCA9F144FA9C243CEF1364C79D981ED81DC4635C73B7F8908BA190AA920ED370F815BC2F9B3D28ED87BE34A01498836222C17B70C246C03CA1C111D2A227 15820031213125934 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923EAFE508B
15920031213130055 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923EB96812B
16020031213130217 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923EBB738CB
16120031213130337 2 6 200 4095 5 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923EBDB337F
16220031213130458 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923ECA8B62B
16320031213130619 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923ECBCE443
16420031213130740 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923ED1637DB
16520031213130901 2 6 200 4095 5 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923ED3EA08F
16620031213131021 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923EDC96C6B
16720031213131142 2 6 200 4095 5 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923EEB92FCF
16820031213131303 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923F2D2CCF3
16920031213131424 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923F6C89BBB
17020031213131545 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923F7962EDB
17120031213131706 2 6 200 4095 5 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923F85A4767
17220031213131827 2 6 200 4095 5 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923F8A196C7
17320031213131947 2 6 200 4095 5 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923F94500EF
17420031213132108 2 6 200 4095 5 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923FAF467BF
17520031213132229 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923FB5A7803
17620031213132350 2 6 200 4095 5 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923FB7D5467
17720031213132511 2 6 200 4095 5 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923FC4A16D7
17820031213132632 2 6 200 4095 5 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923FEEDC36F
17920031213132752 2 6 200 4095 5 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923FFA077EF
18020031213132913 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA992400725B7B
18120031213133034 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA992400728FFB
18220031213133155 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9924011CFA13
18320031213133316 2 6 200 4095 5 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA99240165703F
18420031213133436 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA99240166BA7B
18520031213133557 2 6 200 4095 5 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9924018E41B7
18620031213133718 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA992402C07A93
diff --git a/moduli.c b/moduli.c
index eb2c0fd18..a09073aed 100644
--- a/moduli.c
+++ b/moduli.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: moduli.c,v 1.1 2003/07/28 09:49:56 djm Exp $ */ 1/* $OpenBSD: moduli.c,v 1.5 2003/12/22 09:16:57 djm Exp $ */
2/* 2/*
3 * Copyright 1994 Phil Karn <karn@qualcomm.com> 3 * Copyright 1994 Phil Karn <karn@qualcomm.com>
4 * Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com> 4 * Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com>
@@ -44,15 +44,6 @@
44 44
45#include <openssl/bn.h> 45#include <openssl/bn.h>
46 46
47
48/*
49 * Debugging defines
50 */
51
52/* define DEBUG_LARGE 1 */
53/* define DEBUG_SMALL 1 */
54/* define DEBUG_TEST 1 */
55
56/* 47/*
57 * File output defines 48 * File output defines
58 */ 49 */
@@ -81,9 +72,10 @@
81#define QTEST_JACOBI (0x08) 72#define QTEST_JACOBI (0x08)
82#define QTEST_ELLIPTIC (0x10) 73#define QTEST_ELLIPTIC (0x10)
83 74
84/* Size: decimal. 75/*
76 * Size: decimal.
85 * Specifies the number of the most significant bit (0 to M). 77 * Specifies the number of the most significant bit (0 to M).
86 ** WARNING: internally, usually 1 to N. 78 * WARNING: internally, usually 1 to N.
87 */ 79 */
88#define QSIZE_MINIMUM (511) 80#define QSIZE_MINIMUM (511)
89 81
@@ -151,7 +143,7 @@ qfileout(FILE * ofile, u_int32_t otype, u_int32_t otests, u_int32_t otries,
151 143
152 time(&time_now); 144 time(&time_now);
153 gtm = gmtime(&time_now); 145 gtm = gmtime(&time_now);
154 146
155 res = fprintf(ofile, "%04d%02d%02d%02d%02d%02d %u %u %u %u %x ", 147 res = fprintf(ofile, "%04d%02d%02d%02d%02d%02d %u %u %u %u %x ",
156 gtm->tm_year + 1900, gtm->tm_mon + 1, gtm->tm_mday, 148 gtm->tm_year + 1900, gtm->tm_mon + 1, gtm->tm_mday,
157 gtm->tm_hour, gtm->tm_min, gtm->tm_sec, 149 gtm->tm_hour, gtm->tm_min, gtm->tm_sec,
@@ -178,7 +170,7 @@ sieve_large(u_int32_t s)
178{ 170{
179 u_int32_t r, u; 171 u_int32_t r, u;
180 172
181 debug2("sieve_large %u", s); 173 debug3("sieve_large %u", s);
182 largetries++; 174 largetries++;
183 /* r = largebase mod s */ 175 /* r = largebase mod s */
184 r = BN_mod_word(largebase, s); 176 r = BN_mod_word(largebase, s);
@@ -244,9 +236,9 @@ gen_candidates(FILE *out, int memory, int power, BIGNUM *start)
244 largememory = memory; 236 largememory = memory;
245 237
246 /* 238 /*
247 * Set power to the length in bits of the prime to be generated. 239 * Set power to the length in bits of the prime to be generated.
248 * This is changed to 1 less than the desired safe prime moduli p. 240 * This is changed to 1 less than the desired safe prime moduli p.
249 */ 241 */
250 if (power > TEST_MAXIMUM) { 242 if (power > TEST_MAXIMUM) {
251 error("Too many bits: %u > %lu", power, TEST_MAXIMUM); 243 error("Too many bits: %u > %lu", power, TEST_MAXIMUM);
252 return (-1); 244 return (-1);
@@ -257,16 +249,16 @@ gen_candidates(FILE *out, int memory, int power, BIGNUM *start)
257 power--; /* decrement before squaring */ 249 power--; /* decrement before squaring */
258 250
259 /* 251 /*
260 * The density of ordinary primes is on the order of 1/bits, so the 252 * The density of ordinary primes is on the order of 1/bits, so the
261 * density of safe primes should be about (1/bits)**2. Set test range 253 * density of safe primes should be about (1/bits)**2. Set test range
262 * to something well above bits**2 to be reasonably sure (but not 254 * to something well above bits**2 to be reasonably sure (but not
263 * guaranteed) of catching at least one safe prime. 255 * guaranteed) of catching at least one safe prime.
264 */ 256 */
265 largewords = ((power * power) >> (SHIFT_WORD - TEST_POWER)); 257 largewords = ((power * power) >> (SHIFT_WORD - TEST_POWER));
266 258
267 /* 259 /*
268 * Need idea of how much memory is available. We don't have to use all 260 * Need idea of how much memory is available. We don't have to use all
269 * of it. 261 * of it.
270 */ 262 */
271 if (largememory > LARGE_MAXIMUM) { 263 if (largememory > LARGE_MAXIMUM) {
272 logit("Limited memory: %u MB; limit %lu MB", 264 logit("Limited memory: %u MB; limit %lu MB",
@@ -315,8 +307,8 @@ gen_candidates(FILE *out, int memory, int power, BIGNUM *start)
315 q = BN_new(); 307 q = BN_new();
316 308
317 /* 309 /*
318 * Generate random starting point for subprime search, or use 310 * Generate random starting point for subprime search, or use
319 * specified parameter. 311 * specified parameter.
320 */ 312 */
321 largebase = BN_new(); 313 largebase = BN_new();
322 if (start == NULL) 314 if (start == NULL)
@@ -329,13 +321,13 @@ gen_candidates(FILE *out, int memory, int power, BIGNUM *start)
329 321
330 time(&time_start); 322 time(&time_start);
331 323
332 logit("%.24s Sieve next %u plus %u-bit", ctime(&time_start), 324 logit("%.24s Sieve next %u plus %u-bit", ctime(&time_start),
333 largenumbers, power); 325 largenumbers, power);
334 debug2("start point: 0x%s", BN_bn2hex(largebase)); 326 debug2("start point: 0x%s", BN_bn2hex(largebase));
335 327
336 /* 328 /*
337 * TinySieve 329 * TinySieve
338 */ 330 */
339 for (i = 0; i < tinybits; i++) { 331 for (i = 0; i < tinybits; i++) {
340 if (BIT_TEST(TinySieve, i)) 332 if (BIT_TEST(TinySieve, i))
341 continue; /* 2*i+3 is composite */ 333 continue; /* 2*i+3 is composite */
@@ -351,9 +343,9 @@ gen_candidates(FILE *out, int memory, int power, BIGNUM *start)
351 } 343 }
352 344
353 /* 345 /*
354 * Start the small block search at the next possible prime. To avoid 346 * Start the small block search at the next possible prime. To avoid
355 * fencepost errors, the last pass is skipped. 347 * fencepost errors, the last pass is skipped.
356 */ 348 */
357 for (smallbase = TINY_NUMBER + 3; 349 for (smallbase = TINY_NUMBER + 3;
358 smallbase < (SMALL_MAXIMUM - TINY_NUMBER); 350 smallbase < (SMALL_MAXIMUM - TINY_NUMBER);
359 smallbase += TINY_NUMBER) { 351 smallbase += TINY_NUMBER) {
@@ -386,8 +378,8 @@ gen_candidates(FILE *out, int memory, int power, BIGNUM *start)
386 } 378 }
387 379
388 /* 380 /*
389 * SmallSieve 381 * SmallSieve
390 */ 382 */
391 for (i = 0; i < smallbits; i++) { 383 for (i = 0; i < smallbits; i++) {
392 if (BIT_TEST(SmallSieve, i)) 384 if (BIT_TEST(SmallSieve, i))
393 continue; /* 2*i+smallbase is composite */ 385 continue; /* 2*i+smallbase is composite */
@@ -438,7 +430,7 @@ gen_candidates(FILE *out, int memory, int power, BIGNUM *start)
438 * The result is a list of so-call "safe" primes 430 * The result is a list of so-call "safe" primes
439 */ 431 */
440int 432int
441prime_test(FILE *in, FILE *out, u_int32_t trials, 433prime_test(FILE *in, FILE *out, u_int32_t trials,
442 u_int32_t generator_wanted) 434 u_int32_t generator_wanted)
443{ 435{
444 BIGNUM *q, *p, *a; 436 BIGNUM *q, *p, *a;
@@ -483,6 +475,7 @@ prime_test(FILE *in, FILE *out, u_int32_t trials,
483 debug2("%10u: known composite", count_in); 475 debug2("%10u: known composite", count_in);
484 continue; 476 continue;
485 } 477 }
478
486 /* tries */ 479 /* tries */
487 in_tries = strtoul(cp, &cp, 10); 480 in_tries = strtoul(cp, &cp, 10);
488 481
@@ -507,13 +500,20 @@ prime_test(FILE *in, FILE *out, u_int32_t trials,
507 in_size += 1; 500 in_size += 1;
508 generator_known = 0; 501 generator_known = 0;
509 break; 502 break;
510 default: 503 case QTYPE_UNSTRUCTURED:
504 case QTYPE_SAFE:
505 case QTYPE_SCHNOOR:
506 case QTYPE_STRONG:
507 case QTYPE_UNKNOWN:
511 debug2("%10u: (%u)", count_in, in_type); 508 debug2("%10u: (%u)", count_in, in_type);
512 a = p; 509 a = p;
513 BN_hex2bn(&a, cp); 510 BN_hex2bn(&a, cp);
514 /* q = (p-1) / 2 */ 511 /* q = (p-1) / 2 */
515 BN_rshift(q, p, 1); 512 BN_rshift(q, p, 1);
516 break; 513 break;
514 default:
515 debug2("Unknown prime type");
516 break;
517 } 517 }
518 518
519 /* 519 /*
@@ -533,6 +533,7 @@ prime_test(FILE *in, FILE *out, u_int32_t trials,
533 in_tries += trials; 533 in_tries += trials;
534 else 534 else
535 in_tries = trials; 535 in_tries = trials;
536
536 /* 537 /*
537 * guess unknown generator 538 * guess unknown generator
538 */ 539 */
@@ -544,9 +545,8 @@ prime_test(FILE *in, FILE *out, u_int32_t trials,
544 else { 545 else {
545 u_int32_t r = BN_mod_word(p, 10); 546 u_int32_t r = BN_mod_word(p, 10);
546 547
547 if (r == 3 || r == 7) { 548 if (r == 3 || r == 7)
548 generator_known = 5; 549 generator_known = 5;
549 }
550 } 550 }
551 } 551 }
552 /* 552 /*
@@ -559,30 +559,39 @@ prime_test(FILE *in, FILE *out, u_int32_t trials,
559 continue; 559 continue;
560 } 560 }
561 561
562 /*
563 * Primes with no known generator are useless for DH, so
564 * skip those.
565 */
566 if (generator_known == 0) {
567 debug2("%10u: no known generator", count_in);
568 continue;
569 }
570
562 count_possible++; 571 count_possible++;
563 572
564 /* 573 /*
565 * The (1/4)^N performance bound on Miller-Rabin is 574 * The (1/4)^N performance bound on Miller-Rabin is
566 * extremely pessimistic, so don't spend a lot of time 575 * extremely pessimistic, so don't spend a lot of time
567 * really verifying that q is prime until after we know 576 * really verifying that q is prime until after we know
568 * that p is also prime. A single pass will weed out the 577 * that p is also prime. A single pass will weed out the
569 * vast majority of composite q's. 578 * vast majority of composite q's.
570 */ 579 */
571 if (BN_is_prime(q, 1, NULL, ctx, NULL) <= 0) { 580 if (BN_is_prime(q, 1, NULL, ctx, NULL) <= 0) {
572 debug2("%10u: q failed first possible prime test", 581 debug("%10u: q failed first possible prime test",
573 count_in); 582 count_in);
574 continue; 583 continue;
575 } 584 }
576 585
577 /* 586 /*
578 * q is possibly prime, so go ahead and really make sure 587 * q is possibly prime, so go ahead and really make sure
579 * that p is prime. If it is, then we can go back and do 588 * that p is prime. If it is, then we can go back and do
580 * the same for q. If p is composite, chances are that 589 * the same for q. If p is composite, chances are that
581 * will show up on the first Rabin-Miller iteration so it 590 * will show up on the first Rabin-Miller iteration so it
582 * doesn't hurt to specify a high iteration count. 591 * doesn't hurt to specify a high iteration count.
583 */ 592 */
584 if (!BN_is_prime(p, trials, NULL, ctx, NULL)) { 593 if (!BN_is_prime(p, trials, NULL, ctx, NULL)) {
585 debug2("%10u: p is not prime", count_in); 594 debug("%10u: p is not prime", count_in);
586 continue; 595 continue;
587 } 596 }
588 debug("%10u: p is almost certainly prime", count_in); 597 debug("%10u: p is almost certainly prime", count_in);
@@ -594,7 +603,7 @@ prime_test(FILE *in, FILE *out, u_int32_t trials,
594 } 603 }
595 debug("%10u: q is almost certainly prime", count_in); 604 debug("%10u: q is almost certainly prime", count_in);
596 605
597 if (qfileout(out, QTYPE_SAFE, (in_tests | QTEST_MILLER_RABIN), 606 if (qfileout(out, QTYPE_SAFE, (in_tests | QTEST_MILLER_RABIN),
598 in_tries, in_size, generator_known, p)) { 607 in_tries, in_size, generator_known, p)) {
599 res = -1; 608 res = -1;
600 break; 609 break;
@@ -610,7 +619,7 @@ prime_test(FILE *in, FILE *out, u_int32_t trials,
610 BN_CTX_free(ctx); 619 BN_CTX_free(ctx);
611 620
612 logit("%.24s Found %u safe primes of %u candidates in %ld seconds", 621 logit("%.24s Found %u safe primes of %u candidates in %ld seconds",
613 ctime(&time_stop), count_out, count_possible, 622 ctime(&time_stop), count_out, count_possible,
614 (long) (time_stop - time_start)); 623 (long) (time_stop - time_start));
615 624
616 return (res); 625 return (res);
diff --git a/monitor.c b/monitor.c
index e5656470d..009dcf182 100644
--- a/monitor.c
+++ b/monitor.c
@@ -25,7 +25,7 @@
25 */ 25 */
26 26
27#include "includes.h" 27#include "includes.h"
28RCSID("$OpenBSD: monitor.c,v 1.49 2003/08/28 12:54:34 markus Exp $"); 28RCSID("$OpenBSD: monitor.c,v 1.55 2004/02/05 05:37:17 dtucker Exp $");
29 29
30#include <openssl/dh.h> 30#include <openssl/dh.h>
31 31
@@ -134,6 +134,7 @@ int mm_answer_pam_free_ctx(int, Buffer *);
134int mm_answer_gss_setup_ctx(int, Buffer *); 134int mm_answer_gss_setup_ctx(int, Buffer *);
135int mm_answer_gss_accept_ctx(int, Buffer *); 135int mm_answer_gss_accept_ctx(int, Buffer *);
136int mm_answer_gss_userok(int, Buffer *); 136int mm_answer_gss_userok(int, Buffer *);
137int mm_answer_gss_checkmic(int, Buffer *);
137#endif 138#endif
138 139
139static Authctxt *authctxt; 140static Authctxt *authctxt;
@@ -193,6 +194,7 @@ struct mon_table mon_dispatch_proto20[] = {
193 {MONITOR_REQ_GSSSETUP, MON_ISAUTH, mm_answer_gss_setup_ctx}, 194 {MONITOR_REQ_GSSSETUP, MON_ISAUTH, mm_answer_gss_setup_ctx},
194 {MONITOR_REQ_GSSSTEP, MON_ISAUTH, mm_answer_gss_accept_ctx}, 195 {MONITOR_REQ_GSSSTEP, MON_ISAUTH, mm_answer_gss_accept_ctx},
195 {MONITOR_REQ_GSSUSEROK, MON_AUTH, mm_answer_gss_userok}, 196 {MONITOR_REQ_GSSUSEROK, MON_AUTH, mm_answer_gss_userok},
197 {MONITOR_REQ_GSSCHECKMIC, MON_ISAUTH, mm_answer_gss_checkmic},
196#endif 198#endif
197 {0, 0, NULL} 199 {0, 0, NULL}
198}; 200};
@@ -272,14 +274,17 @@ monitor_permit_authentications(int permit)
272 } 274 }
273} 275}
274 276
275Authctxt * 277void
276monitor_child_preauth(struct monitor *pmonitor) 278monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
277{ 279{
278 struct mon_table *ent; 280 struct mon_table *ent;
279 int authenticated = 0; 281 int authenticated = 0;
280 282
281 debug3("preauth child monitor started"); 283 debug3("preauth child monitor started");
282 284
285 authctxt = _authctxt;
286 memset(authctxt, 0, sizeof(*authctxt));
287
283 if (compat20) { 288 if (compat20) {
284 mon_dispatch = mon_dispatch_proto20; 289 mon_dispatch = mon_dispatch_proto20;
285 290
@@ -292,8 +297,6 @@ monitor_child_preauth(struct monitor *pmonitor)
292 monitor_permit(mon_dispatch, MONITOR_REQ_SESSKEY, 1); 297 monitor_permit(mon_dispatch, MONITOR_REQ_SESSKEY, 1);
293 } 298 }
294 299
295 authctxt = authctxt_new();
296
297 /* The first few requests do not require asynchronous access */ 300 /* The first few requests do not require asynchronous access */
298 while (!authenticated) { 301 while (!authenticated) {
299 authenticated = monitor_read(pmonitor, mon_dispatch, &ent); 302 authenticated = monitor_read(pmonitor, mon_dispatch, &ent);
@@ -306,11 +309,11 @@ monitor_child_preauth(struct monitor *pmonitor)
306 authenticated = 0; 309 authenticated = 0;
307#ifdef USE_PAM 310#ifdef USE_PAM
308 /* PAM needs to perform account checks after auth */ 311 /* PAM needs to perform account checks after auth */
309 if (options.use_pam) { 312 if (options.use_pam && authenticated) {
310 Buffer m; 313 Buffer m;
311 314
312 buffer_init(&m); 315 buffer_init(&m);
313 mm_request_receive_expect(pmonitor->m_sendfd, 316 mm_request_receive_expect(pmonitor->m_sendfd,
314 MONITOR_REQ_PAM_ACCOUNT, &m); 317 MONITOR_REQ_PAM_ACCOUNT, &m);
315 authenticated = mm_answer_pam_account(pmonitor->m_sendfd, &m); 318 authenticated = mm_answer_pam_account(pmonitor->m_sendfd, &m);
316 buffer_free(&m); 319 buffer_free(&m);
@@ -333,8 +336,6 @@ monitor_child_preauth(struct monitor *pmonitor)
333 __func__, authctxt->user); 336 __func__, authctxt->user);
334 337
335 mm_get_keystate(pmonitor); 338 mm_get_keystate(pmonitor);
336
337 return (authctxt);
338} 339}
339 340
340static void 341static void
@@ -566,6 +567,7 @@ mm_answer_pwnamallow(int socket, Buffer *m)
566 567
567 if (pwent == NULL) { 568 if (pwent == NULL) {
568 buffer_put_char(m, 0); 569 buffer_put_char(m, 0);
570 authctxt->pw = fakepw();
569 goto out; 571 goto out;
570 } 572 }
571 573
@@ -781,7 +783,7 @@ int
781mm_answer_pam_start(int socket, Buffer *m) 783mm_answer_pam_start(int socket, Buffer *m)
782{ 784{
783 char *user; 785 char *user;
784 786
785 if (!options.use_pam) 787 if (!options.use_pam)
786 fatal("UsePAM not set, but ended up in %s anyway", __func__); 788 fatal("UsePAM not set, but ended up in %s anyway", __func__);
787 789
@@ -800,7 +802,7 @@ int
800mm_answer_pam_account(int socket, Buffer *m) 802mm_answer_pam_account(int socket, Buffer *m)
801{ 803{
802 u_int ret; 804 u_int ret;
803 805
804 if (!options.use_pam) 806 if (!options.use_pam)
805 fatal("UsePAM not set, but ended up in %s anyway", __func__); 807 fatal("UsePAM not set, but ended up in %s anyway", __func__);
806 808
@@ -947,7 +949,7 @@ mm_answer_keyallowed(int socket, Buffer *m)
947 949
948 debug3("%s: key_from_blob: %p", __func__, key); 950 debug3("%s: key_from_blob: %p", __func__, key);
949 951
950 if (key != NULL && authctxt->pw != NULL) { 952 if (key != NULL && authctxt->valid) {
951 switch(type) { 953 switch(type) {
952 case MM_USERKEY: 954 case MM_USERKEY:
953 allowed = options.pubkey_authentication && 955 allowed = options.pubkey_authentication &&
@@ -1185,7 +1187,7 @@ mm_record_login(Session *s, struct passwd *pw)
1185 if (getpeername(packet_get_connection_in(), 1187 if (getpeername(packet_get_connection_in(),
1186 (struct sockaddr *) & from, &fromlen) < 0) { 1188 (struct sockaddr *) & from, &fromlen) < 0) {
1187 debug("getpeername: %.100s", strerror(errno)); 1189 debug("getpeername: %.100s", strerror(errno));
1188 fatal_cleanup(); 1190 cleanup_exit(255);
1189 } 1191 }
1190 } 1192 }
1191 /* Record that there was a login on that tty from the remote host. */ 1193 /* Record that there was a login on that tty from the remote host. */
@@ -1200,7 +1202,6 @@ mm_session_close(Session *s)
1200 debug3("%s: session %d pid %ld", __func__, s->self, (long)s->pid); 1202 debug3("%s: session %d pid %ld", __func__, s->self, (long)s->pid);
1201 if (s->ttyfd != -1) { 1203 if (s->ttyfd != -1) {
1202 debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ptyfd); 1204 debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ptyfd);
1203 fatal_remove_cleanup(session_pty_cleanup2, (void *)s);
1204 session_pty_cleanup2(s); 1205 session_pty_cleanup2(s);
1205 } 1206 }
1206 s->used = 0; 1207 s->used = 0;
@@ -1225,7 +1226,6 @@ mm_answer_pty(int socket, Buffer *m)
1225 res = pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty)); 1226 res = pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty));
1226 if (res == 0) 1227 if (res == 0)
1227 goto error; 1228 goto error;
1228 fatal_add_cleanup(session_pty_cleanup2, (void *)s);
1229 pty_setowner(authctxt->pw, s->tty); 1229 pty_setowner(authctxt->pw, s->tty);
1230 1230
1231 buffer_put_int(m, 1); 1231 buffer_put_int(m, 1);
@@ -1708,6 +1708,7 @@ monitor_init(void)
1708 1708
1709 mon = xmalloc(sizeof(*mon)); 1709 mon = xmalloc(sizeof(*mon));
1710 1710
1711 mon->m_pid = 0;
1711 monitor_socketpair(pair); 1712 monitor_socketpair(pair);
1712 1713
1713 mon->m_recvfd = pair[0]; 1714 mon->m_recvfd = pair[0];
@@ -1784,15 +1785,43 @@ mm_answer_gss_accept_ctx(int socket, Buffer *m)
1784 1785
1785 gss_release_buffer(&minor, &out); 1786 gss_release_buffer(&minor, &out);
1786 1787
1787 /* Complete - now we can do signing */
1788 if (major==GSS_S_COMPLETE) { 1788 if (major==GSS_S_COMPLETE) {
1789 monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0); 1789 monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0);
1790 monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1); 1790 monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1);
1791 monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1);
1791 } 1792 }
1792 return (0); 1793 return (0);
1793} 1794}
1794 1795
1795int 1796int
1797mm_answer_gss_checkmic(int socket, Buffer *m)
1798{
1799 gss_buffer_desc gssbuf, mic;
1800 OM_uint32 ret;
1801 u_int len;
1802
1803 gssbuf.value = buffer_get_string(m, &len);
1804 gssbuf.length = len;
1805 mic.value = buffer_get_string(m, &len);
1806 mic.length = len;
1807
1808 ret = ssh_gssapi_checkmic(gsscontext, &gssbuf, &mic);
1809
1810 xfree(gssbuf.value);
1811 xfree(mic.value);
1812
1813 buffer_clear(m);
1814 buffer_put_int(m, ret);
1815
1816 mm_request_send(socket, MONITOR_ANS_GSSCHECKMIC, m);
1817
1818 if (!GSS_ERROR(ret))
1819 monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1);
1820
1821 return (0);
1822}
1823
1824int
1796mm_answer_gss_userok(int socket, Buffer *m) 1825mm_answer_gss_userok(int socket, Buffer *m)
1797{ 1826{
1798 int authenticated; 1827 int authenticated;
@@ -1805,7 +1834,7 @@ mm_answer_gss_userok(int socket, Buffer *m)
1805 debug3("%s: sending result %d", __func__, authenticated); 1834 debug3("%s: sending result %d", __func__, authenticated);
1806 mm_request_send(socket, MONITOR_ANS_GSSUSEROK, m); 1835 mm_request_send(socket, MONITOR_ANS_GSSUSEROK, m);
1807 1836
1808 auth_method="gssapi"; 1837 auth_method="gssapi-with-mic";
1809 1838
1810 /* Monitor loop will terminate if authenticated */ 1839 /* Monitor loop will terminate if authenticated */
1811 return (authenticated); 1840 return (authenticated);
diff --git a/monitor.h b/monitor.h
index 2461156c7..621a4ad18 100644
--- a/monitor.h
+++ b/monitor.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: monitor.h,v 1.11 2003/08/28 12:54:34 markus Exp $ */ 1/* $OpenBSD: monitor.h,v 1.13 2003/11/17 11:06:07 markus Exp $ */
2 2
3/* 3/*
4 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 4 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
@@ -52,6 +52,7 @@ enum monitor_reqtype {
52 MONITOR_REQ_GSSSETUP, MONITOR_ANS_GSSSETUP, 52 MONITOR_REQ_GSSSETUP, MONITOR_ANS_GSSSETUP,
53 MONITOR_REQ_GSSSTEP, MONITOR_ANS_GSSSTEP, 53 MONITOR_REQ_GSSSTEP, MONITOR_ANS_GSSSTEP,
54 MONITOR_REQ_GSSUSEROK, MONITOR_ANS_GSSUSEROK, 54 MONITOR_REQ_GSSUSEROK, MONITOR_ANS_GSSUSEROK,
55 MONITOR_REQ_GSSCHECKMIC, MONITOR_ANS_GSSCHECKMIC,
55 MONITOR_REQ_PAM_START, 56 MONITOR_REQ_PAM_START,
56 MONITOR_REQ_PAM_ACCOUNT, MONITOR_ANS_PAM_ACCOUNT, 57 MONITOR_REQ_PAM_ACCOUNT, MONITOR_ANS_PAM_ACCOUNT,
57 MONITOR_REQ_PAM_INIT_CTX, MONITOR_ANS_PAM_INIT_CTX, 58 MONITOR_REQ_PAM_INIT_CTX, MONITOR_ANS_PAM_INIT_CTX,
@@ -76,7 +77,7 @@ void monitor_reinit(struct monitor *);
76void monitor_sync(struct monitor *); 77void monitor_sync(struct monitor *);
77 78
78struct Authctxt; 79struct Authctxt;
79struct Authctxt *monitor_child_preauth(struct monitor *); 80void monitor_child_preauth(struct Authctxt *, struct monitor *);
80void monitor_child_postauth(struct monitor *); 81void monitor_child_postauth(struct monitor *);
81 82
82struct mon_table; 83struct mon_table;
diff --git a/monitor_wrap.c b/monitor_wrap.c
index 4034d569c..e7c15cecd 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -25,7 +25,7 @@
25 */ 25 */
26 26
27#include "includes.h" 27#include "includes.h"
28RCSID("$OpenBSD: monitor_wrap.c,v 1.31 2003/08/28 12:54:34 markus Exp $"); 28RCSID("$OpenBSD: monitor_wrap.c,v 1.35 2003/11/17 11:06:07 markus Exp $");
29 29
30#include <openssl/bn.h> 30#include <openssl/bn.h>
31#include <openssl/dh.h> 31#include <openssl/dh.h>
@@ -66,6 +66,16 @@ extern struct monitor *pmonitor;
66extern Buffer input, output; 66extern Buffer input, output;
67extern ServerOptions options; 67extern ServerOptions options;
68 68
69int
70mm_is_monitor(void)
71{
72 /*
73 * m_pid is only set in the privileged part, and
74 * points to the unprivileged child.
75 */
76 return (pmonitor && pmonitor->m_pid > 0);
77}
78
69void 79void
70mm_request_send(int socket, enum monitor_reqtype type, Buffer *m) 80mm_request_send(int socket, enum monitor_reqtype type, Buffer *m)
71{ 81{
@@ -94,7 +104,7 @@ mm_request_receive(int socket, Buffer *m)
94 res = atomicio(read, socket, buf, sizeof(buf)); 104 res = atomicio(read, socket, buf, sizeof(buf));
95 if (res != sizeof(buf)) { 105 if (res != sizeof(buf)) {
96 if (res == 0) 106 if (res == 0)
97 fatal_cleanup(); 107 cleanup_exit(255);
98 fatal("%s: read: %ld", __func__, (long)res); 108 fatal("%s: read: %ld", __func__, (long)res);
99 } 109 }
100 msg_len = GET_32BIT(buf); 110 msg_len = GET_32BIT(buf);
@@ -214,7 +224,8 @@ mm_getpwnamallow(const char *login)
214 return (pw); 224 return (pw);
215} 225}
216 226
217char *mm_auth2_read_banner(void) 227char *
228mm_auth2_read_banner(void)
218{ 229{
219 Buffer m; 230 Buffer m;
220 char *banner; 231 char *banner;
@@ -225,10 +236,16 @@ char *mm_auth2_read_banner(void)
225 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTH2_READ_BANNER, &m); 236 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTH2_READ_BANNER, &m);
226 buffer_clear(&m); 237 buffer_clear(&m);
227 238
228 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUTH2_READ_BANNER, &m); 239 mm_request_receive_expect(pmonitor->m_recvfd,
240 MONITOR_ANS_AUTH2_READ_BANNER, &m);
229 banner = buffer_get_string(&m, NULL); 241 banner = buffer_get_string(&m, NULL);
230 buffer_free(&m); 242 buffer_free(&m);
231 243
244 /* treat empty banner as missing banner */
245 if (strlen(banner) == 0) {
246 xfree(banner);
247 banner = NULL;
248 }
232 return (banner); 249 return (banner);
233} 250}
234 251
@@ -648,9 +665,8 @@ mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen)
648} 665}
649 666
650void 667void
651mm_session_pty_cleanup2(void *session) 668mm_session_pty_cleanup2(Session *s)
652{ 669{
653 Session *s = session;
654 Buffer m; 670 Buffer m;
655 671
656 if (s->ttyfd == -1) 672 if (s->ttyfd == -1)
@@ -699,12 +715,12 @@ mm_do_pam_account(void)
699 buffer_init(&m); 715 buffer_init(&m);
700 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_ACCOUNT, &m); 716 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_ACCOUNT, &m);
701 717
702 mm_request_receive_expect(pmonitor->m_recvfd, 718 mm_request_receive_expect(pmonitor->m_recvfd,
703 MONITOR_ANS_PAM_ACCOUNT, &m); 719 MONITOR_ANS_PAM_ACCOUNT, &m);
704 ret = buffer_get_int(&m); 720 ret = buffer_get_int(&m);
705 721
706 buffer_free(&m); 722 buffer_free(&m);
707 723
708 debug3("%s returning %d", __func__, ret); 724 debug3("%s returning %d", __func__, ret);
709 725
710 return (ret); 726 return (ret);
@@ -1118,6 +1134,25 @@ mm_ssh_gssapi_accept_ctx(Gssctxt *ctx, gss_buffer_desc *in,
1118 return (major); 1134 return (major);
1119} 1135}
1120 1136
1137OM_uint32
1138mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic)
1139{
1140 Buffer m;
1141 OM_uint32 major;
1142
1143 buffer_init(&m);
1144 buffer_put_string(&m, gssbuf->value, gssbuf->length);
1145 buffer_put_string(&m, gssmic->value, gssmic->length);
1146
1147 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSCHECKMIC, &m);
1148 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSCHECKMIC,
1149 &m);
1150
1151 major = buffer_get_int(&m);
1152 buffer_free(&m);
1153 return(major);
1154}
1155
1121int 1156int
1122mm_ssh_gssapi_userok(char *user) 1157mm_ssh_gssapi_userok(char *user)
1123{ 1158{
diff --git a/monitor_wrap.h b/monitor_wrap.h
index 5e0334588..55be10b19 100644
--- a/monitor_wrap.h
+++ b/monitor_wrap.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: monitor_wrap.h,v 1.11 2003/08/28 12:54:34 markus Exp $ */ 1/* $OpenBSD: monitor_wrap.h,v 1.13 2003/11/17 11:06:07 markus Exp $ */
2 2
3/* 3/*
4 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 4 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
@@ -40,6 +40,7 @@ struct mm_master;
40struct passwd; 40struct passwd;
41struct Authctxt; 41struct Authctxt;
42 42
43int mm_is_monitor(void);
43DH *mm_choose_dh(int, int, int); 44DH *mm_choose_dh(int, int, int);
44int mm_key_sign(Key *, u_char **, u_int *, u_char *, u_int); 45int mm_key_sign(Key *, u_char **, u_int *, u_char *, u_int);
45void mm_inform_authserv(char *, char *); 46void mm_inform_authserv(char *, char *);
@@ -61,6 +62,7 @@ OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **ctxt, gss_OID oid);
61OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *ctxt, 62OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *ctxt,
62 gss_buffer_desc *recv, gss_buffer_desc *send, OM_uint32 *flags); 63 gss_buffer_desc *recv, gss_buffer_desc *send, OM_uint32 *flags);
63int mm_ssh_gssapi_userok(char *user); 64int mm_ssh_gssapi_userok(char *user);
65OM_uint32 mm_ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t);
64#endif 66#endif
65 67
66#ifdef USE_PAM 68#ifdef USE_PAM
@@ -72,9 +74,10 @@ int mm_sshpam_respond(void *, u_int, char **);
72void mm_sshpam_free_ctx(void *); 74void mm_sshpam_free_ctx(void *);
73#endif 75#endif
74 76
77struct Session;
75void mm_terminate(void); 78void mm_terminate(void);
76int mm_pty_allocate(int *, int *, char *, int); 79int mm_pty_allocate(int *, int *, char *, int);
77void mm_session_pty_cleanup2(void *); 80void mm_session_pty_cleanup2(struct Session *);
78 81
79/* SSHv1 interfaces */ 82/* SSHv1 interfaces */
80void mm_ssh1_session_id(u_char *); 83void mm_ssh1_session_id(u_char *);
diff --git a/msg.c b/msg.c
index 6a806c3f5..30bc3f107 100644
--- a/msg.c
+++ b/msg.c
@@ -22,7 +22,7 @@
22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23 */ 23 */
24#include "includes.h" 24#include "includes.h"
25RCSID("$OpenBSD: msg.c,v 1.6 2003/06/28 16:23:06 deraadt Exp $"); 25RCSID("$OpenBSD: msg.c,v 1.7 2003/11/17 09:45:39 djm Exp $");
26 26
27#include "buffer.h" 27#include "buffer.h"
28#include "getput.h" 28#include "getput.h"
@@ -30,7 +30,7 @@ RCSID("$OpenBSD: msg.c,v 1.6 2003/06/28 16:23:06 deraadt Exp $");
30#include "atomicio.h" 30#include "atomicio.h"
31#include "msg.h" 31#include "msg.h"
32 32
33void 33int
34ssh_msg_send(int fd, u_char type, Buffer *m) 34ssh_msg_send(int fd, u_char type, Buffer *m)
35{ 35{
36 u_char buf[5]; 36 u_char buf[5];
@@ -40,10 +40,15 @@ ssh_msg_send(int fd, u_char type, Buffer *m)
40 40
41 PUT_32BIT(buf, mlen + 1); 41 PUT_32BIT(buf, mlen + 1);
42 buf[4] = type; /* 1st byte of payload is mesg-type */ 42 buf[4] = type; /* 1st byte of payload is mesg-type */
43 if (atomicio(vwrite, fd, buf, sizeof(buf)) != sizeof(buf)) 43 if (atomicio(vwrite, fd, buf, sizeof(buf)) != sizeof(buf)) {
44 fatal("ssh_msg_send: write"); 44 error("ssh_msg_send: write");
45 if (atomicio(vwrite, fd, buffer_ptr(m), mlen) != mlen) 45 return (-1);
46 fatal("ssh_msg_send: write"); 46 }
47 if (atomicio(vwrite, fd, buffer_ptr(m), mlen) != mlen) {
48 error("ssh_msg_send: write");
49 return (-1);
50 }
51 return (0);
47} 52}
48 53
49int 54int
@@ -57,17 +62,21 @@ ssh_msg_recv(int fd, Buffer *m)
57 62
58 res = atomicio(read, fd, buf, sizeof(buf)); 63 res = atomicio(read, fd, buf, sizeof(buf));
59 if (res != sizeof(buf)) { 64 if (res != sizeof(buf)) {
60 if (res == 0) 65 if (res != 0)
61 return -1; 66 error("ssh_msg_recv: read: header %ld", (long)res);
62 fatal("ssh_msg_recv: read: header %ld", (long)res); 67 return (-1);
63 } 68 }
64 msg_len = GET_32BIT(buf); 69 msg_len = GET_32BIT(buf);
65 if (msg_len > 256 * 1024) 70 if (msg_len > 256 * 1024) {
66 fatal("ssh_msg_recv: read: bad msg_len %u", msg_len); 71 error("ssh_msg_recv: read: bad msg_len %u", msg_len);
72 return (-1);
73 }
67 buffer_clear(m); 74 buffer_clear(m);
68 buffer_append_space(m, msg_len); 75 buffer_append_space(m, msg_len);
69 res = atomicio(read, fd, buffer_ptr(m), msg_len); 76 res = atomicio(read, fd, buffer_ptr(m), msg_len);
70 if (res != msg_len) 77 if (res != msg_len) {
71 fatal("ssh_msg_recv: read: %ld != msg_len", (long)res); 78 error("ssh_msg_recv: read: %ld != msg_len", (long)res);
72 return 0; 79 return (-1);
80 }
81 return (0);
73} 82}
diff --git a/msg.h b/msg.h
index c07df88a7..0d3ea0658 100644
--- a/msg.h
+++ b/msg.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: msg.h,v 1.2 2002/12/19 00:07:02 djm Exp $ */ 1/* $OpenBSD: msg.h,v 1.3 2003/11/17 09:45:39 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2002 Markus Friedl. All rights reserved. 3 * Copyright (c) 2002 Markus Friedl. All rights reserved.
4 * 4 *
@@ -25,7 +25,7 @@
25#ifndef SSH_MSG_H 25#ifndef SSH_MSG_H
26#define SSH_MSG_H 26#define SSH_MSG_H
27 27
28void ssh_msg_send(int, u_char, Buffer *); 28int ssh_msg_send(int, u_char, Buffer *);
29int ssh_msg_recv(int, Buffer *); 29int ssh_msg_recv(int, Buffer *);
30 30
31#endif 31#endif
diff --git a/nchan.ms b/nchan.ms
index 2d080228c..57576017b 100644
--- a/nchan.ms
+++ b/nchan.ms
@@ -1,8 +1,8 @@
1.\" $OpenBSD: nchan.ms,v 1.7 2001/01/29 01:58:17 niklas Exp $ 1.\" $OpenBSD: nchan.ms,v 1.8 2003/11/21 11:57:03 djm Exp $
2.\"
2.\" 3.\"
3.\"
4.\" Copyright (c) 1999 Markus Friedl. All rights reserved. 4.\" Copyright (c) 1999 Markus Friedl. All rights reserved.
5.\" 5.\"
6.\" Redistribution and use in source and binary forms, with or without 6.\" Redistribution and use in source and binary forms, with or without
7.\" modification, are permitted provided that the following conditions 7.\" modification, are permitted provided that the following conditions
8.\" are met: 8.\" are met:
@@ -11,7 +11,7 @@
11.\" 2. Redistributions in binary form must reproduce the above copyright 11.\" 2. Redistributions in binary form must reproduce the above copyright
12.\" notice, this list of conditions and the following disclaimer in the 12.\" notice, this list of conditions and the following disclaimer in the
13.\" documentation and/or other materials provided with the distribution. 13.\" documentation and/or other materials provided with the distribution.
14.\" 14.\"
15.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
diff --git a/nchan2.ms b/nchan2.ms
index 1cc51fa12..a7a67b127 100644
--- a/nchan2.ms
+++ b/nchan2.ms
@@ -1,7 +1,7 @@
1.\" $OpenBSD: nchan2.ms,v 1.2 2001/10/03 10:05:57 markus Exp $ 1.\" $OpenBSD: nchan2.ms,v 1.3 2003/11/21 11:57:03 djm Exp $
2.\" 2.\"
3.\" Copyright (c) 2000 Markus Friedl. All rights reserved. 3.\" Copyright (c) 2000 Markus Friedl. All rights reserved.
4.\" 4.\"
5.\" Redistribution and use in source and binary forms, with or without 5.\" Redistribution and use in source and binary forms, with or without
6.\" modification, are permitted provided that the following conditions 6.\" modification, are permitted provided that the following conditions
7.\" are met: 7.\" are met:
@@ -10,7 +10,7 @@
10.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" 2. Redistributions in binary form must reproduce the above copyright
11.\" notice, this list of conditions and the following disclaimer in the 11.\" notice, this list of conditions and the following disclaimer in the
12.\" documentation and/or other materials provided with the distribution. 12.\" documentation and/or other materials provided with the distribution.
13.\" 13.\"
14.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 14.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 15.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 16.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in
index c48593f7b..5de20abbc 100644
--- a/openbsd-compat/Makefile.in
+++ b/openbsd-compat/Makefile.in
@@ -1,4 +1,4 @@
1# $Id: Makefile.in,v 1.28 2003/07/24 06:52:14 mouring Exp $ 1# $Id: Makefile.in,v 1.30 2004/01/21 06:07:23 djm Exp $
2 2
3sysconfdir=@sysconfdir@ 3sysconfdir=@sysconfdir@
4piddir=@piddir@ 4piddir=@piddir@
@@ -16,9 +16,9 @@ RANLIB=@RANLIB@
16INSTALL=@INSTALL@ 16INSTALL=@INSTALL@
17LDFLAGS=-L. @LDFLAGS@ 17LDFLAGS=-L. @LDFLAGS@
18 18
19OPENBSD=base64.o basename.o bindresvport.o daemon.o dirname.o getcwd.o getgrouplist.o getopt.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sigact.o strlcat.o strlcpy.o strmode.o strsep.o vis.o 19OPENBSD=base64.o basename.o bindresvport.o daemon.o dirname.o getcwd.o getgrouplist.o getopt.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sigact.o strlcat.o strlcpy.o strmode.o strsep.o strtoul.o vis.o
20 20
21COMPAT=bsd-arc4random.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o bsd-misc.o bsd-nextstep.o bsd-snprintf.o bsd-waitpid.o fake-rfc2553.o xmmap.o xcrypt.o 21COMPAT=bsd-arc4random.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-snprintf.o bsd-waitpid.o fake-rfc2553.o xmmap.o xcrypt.o
22 22
23PORTS=port-irix.o port-aix.o 23PORTS=port-irix.o port-aix.o
24 24
diff --git a/openbsd-compat/base64.c b/openbsd-compat/base64.c
index 91a5ab0ed..dcaa03e5d 100644
--- a/openbsd-compat/base64.c
+++ b/openbsd-compat/base64.c
@@ -1,3 +1,5 @@
1/* OPENBSD ORIGINAL: lib/libc/net/base64.c */
2
1/* $OpenBSD: base64.c,v 1.4 2002/01/02 23:00:10 deraadt Exp $ */ 3/* $OpenBSD: base64.c,v 1.4 2002/01/02 23:00:10 deraadt Exp $ */
2 4
3/* 5/*
diff --git a/openbsd-compat/basename.c b/openbsd-compat/basename.c
index 2054c8068..552dc1e1c 100644
--- a/openbsd-compat/basename.c
+++ b/openbsd-compat/basename.c
@@ -1,3 +1,5 @@
1/* OPENBSD ORIGINAL: lib/libc/gen/basename.c */
2
1/* $OpenBSD: basename.c,v 1.11 2003/06/17 21:56:23 millert Exp $ */ 3/* $OpenBSD: basename.c,v 1.11 2003/06/17 21:56:23 millert Exp $ */
2 4
3/* 5/*
diff --git a/openbsd-compat/bsd-arc4random.c b/openbsd-compat/bsd-arc4random.c
index 5f890968e..22003ff0a 100644
--- a/openbsd-compat/bsd-arc4random.c
+++ b/openbsd-compat/bsd-arc4random.c
@@ -1,31 +1,23 @@
1/* 1/*
2 * Copyright (c) 1999-2000 Damien Miller. All rights reserved. 2 * Copyright (c) 1999,2000,2004 Damien Miller <djm@mindrot.org>
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Permission to use, copy, modify, and distribute this software for any
5 * modification, are permitted provided that the following conditions 5 * purpose with or without fee is hereby granted, provided that the above
6 * are met: 6 * copyright notice and this permission notice appear in all copies.
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * 7 *
13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23 */ 15 */
24 16
25#include "includes.h" 17#include "includes.h"
26#include "log.h" 18#include "log.h"
27 19
28RCSID("$Id: bsd-arc4random.c,v 1.7 2003/05/18 14:13:38 djm Exp $"); 20RCSID("$Id: bsd-arc4random.c,v 1.8 2004/02/17 05:49:55 djm Exp $");
29 21
30#ifndef HAVE_ARC4RANDOM 22#ifndef HAVE_ARC4RANDOM
31 23
diff --git a/openbsd-compat/bsd-cray.c b/openbsd-compat/bsd-cray.c
index f2ac428cc..f630366be 100644
--- a/openbsd-compat/bsd-cray.c
+++ b/openbsd-compat/bsd-cray.c
@@ -1,5 +1,5 @@
1/* 1/*
2 * $Id: bsd-cray.c,v 1.12 2003/06/03 02:45:27 dtucker Exp $ 2 * $Id: bsd-cray.c,v 1.13 2004/01/30 03:34:22 dtucker Exp $
3 * 3 *
4 * bsd-cray.c 4 * bsd-cray.c
5 * 5 *
@@ -59,6 +59,28 @@
59#include <ia.h> 59#include <ia.h>
60#include <urm.h> 60#include <urm.h>
61#include "ssh.h" 61#include "ssh.h"
62
63#include "includes.h"
64#include "sys/types.h"
65
66#ifndef HAVE_STRUCT_SOCKADDR_STORAGE
67# define _SS_MAXSIZE 128 /* Implementation specific max size */
68# define _SS_PADSIZE (_SS_MAXSIZE - sizeof (struct sockaddr))
69
70# define ss_family ss_sa.sa_family
71#endif /* !HAVE_STRUCT_SOCKADDR_STORAGE */
72
73#ifndef IN6_IS_ADDR_LOOPBACK
74# define IN6_IS_ADDR_LOOPBACK(a) \
75 (((u_int32_t *) (a))[0] == 0 && ((u_int32_t *) (a))[1] == 0 && \
76 ((u_int32_t *) (a))[2] == 0 && ((u_int32_t *) (a))[3] == htonl (1))
77#endif /* !IN6_IS_ADDR_LOOPBACK */
78
79#ifndef AF_INET6
80/* Define it to something that should never appear */
81#define AF_INET6 AF_MAX
82#endif
83
62#include "log.h" 84#include "log.h"
63#include "servconf.h" 85#include "servconf.h"
64#include "bsd-cray.h" 86#include "bsd-cray.h"
@@ -182,7 +204,7 @@ cray_setup (uid_t uid, char *username, const char *command)
182 /* passwd stuff for ia_user */ 204 /* passwd stuff for ia_user */
183 passwd_t pwdacm, pwddialup, pwdudb, pwdwal, pwddce; 205 passwd_t pwdacm, pwddialup, pwdudb, pwdwal, pwddce;
184 ia_user_ret_t uret; /* stuff returned from ia_user */ 206 ia_user_ret_t uret; /* stuff returned from ia_user */
185 ia_user_t usent /* ia_user main structure */ 207 ia_user_t usent; /* ia_user main structure */
186 int ia_rcode; /* ia_user return code */ 208 int ia_rcode; /* ia_user return code */
187 ia_failure_t fsent; /* ia_failure structure */ 209 ia_failure_t fsent; /* ia_failure structure */
188 ia_failure_ret_t fret; /* ia_failure return stuff */ 210 ia_failure_ret_t fret; /* ia_failure return stuff */
@@ -501,54 +523,54 @@ cray_setup (uid_t uid, char *username, const char *command)
501 break; 523 break;
502 default: 524 default:
503 valid_acct = nam2acid(acct_name); 525 valid_acct = nam2acid(acct_name);
504 if (valid_acct == -1) { 526 if (valid_acct == -1)
505 printf( 527 printf(
506 "Account id not found for" 528 "Account id not found for"
507 " account name \"%s\"\n\n", 529 " account name \"%s\"\n\n",
508 acct_name); 530 acct_name);
509 break; 531 break;
510 }
511 /*
512 * If an account was given, search the user's
513 * acids array to verify they can use this account.
514 */
515 if ((valid_acct != -1) &&
516 !(ue.ue_permbits & PERMBITS_ACCTID)) {
517 for (i = 0; i < MAXVIDS; i++) {
518 if (ue.ue_acids[i] == -1)
519 break;
520 if (valid_acct == ue.ue_acids[i])
521 break;
522 }
523 if (i == MAXVIDS ||
524 ue.ue_acids[i] == -1) {
525 fprintf(stderr, "Cannot set"
526 " account name to "
527 "\"%s\", permission "
528 "denied\n\n", acct_name);
529 valid_acct = -1;
530 }
531 }
532 } 532 }
533 } else {
534 /* 533 /*
535 * The client isn't connected to a terminal and can't 534 * If an account was given, search the user's
536 * respond to an acid prompt. Use default acid. 535 * acids array to verify they can use this account.
537 */ 536 */
538 debug("cray_setup: ttyname false case, %.100s", 537 if ((valid_acct != -1) &&
539 ttyname); 538 !(ue.ue_permbits & PERMBITS_ACCTID)) {
540 valid_acct = ue.ue_acids[0]; 539 for (i = 0; i < MAXVIDS; i++) {
540 if (ue.ue_acids[i] == -1)
541 break;
542 if (valid_acct == ue.ue_acids[i])
543 break;
544 }
545 if (i == MAXVIDS ||
546 ue.ue_acids[i] == -1) {
547 fprintf(stderr, "Cannot set"
548 " account name to "
549 "\"%s\", permission "
550 "denied\n\n", acct_name);
551 valid_acct = -1;
552 }
553 }
541 } 554 }
542 } else { 555 } else {
543 /* 556 /*
544 * The user doesn't have the askacid permbit set or 557 * The client isn't connected to a terminal and can't
545 * only has one valid account to use. 558 * respond to an acid prompt. Use default acid.
546 */ 559 */
560 debug("cray_setup: ttyname false case, %.100s",
561 ttyname);
547 valid_acct = ue.ue_acids[0]; 562 valid_acct = ue.ue_acids[0];
548 } 563 }
549 if (acctid(0, valid_acct) < 0) { 564 } else {
550 printf ("Bad account id: %d\n", valid_acct); 565 /*
551 exit(1); 566 * The user doesn't have the askacid permbit set or
567 * only has one valid account to use.
568 */
569 valid_acct = ue.ue_acids[0];
570 }
571 if (acctid(0, valid_acct) < 0) {
572 printf ("Bad account id: %d\n", valid_acct);
573 exit(1);
552 } 574 }
553 575
554 /* 576 /*
@@ -778,4 +800,17 @@ cray_set_tmpdir(struct utmp *ut)
778 ut->ut_jid = jid; 800 ut->ut_jid = jid;
779 strncpy(ut->ut_tpath, cray_tmpdir, TPATHSIZ); 801 strncpy(ut->ut_tpath, cray_tmpdir, TPATHSIZ);
780} 802}
781#endif 803#endif /* UNICOS */
804
805#ifdef _UNICOSMP
806#include <pwd.h>
807/*
808 * Set job id and create tmpdir directory.
809 */
810void
811cray_init_job(struct passwd *pw)
812{
813 initrm_silent(pw->pw_uid);
814 return;
815}
816#endif /* _UNICOSMP */
diff --git a/openbsd-compat/bsd-cray.h b/openbsd-compat/bsd-cray.h
index a121ea152..de6ba1a8d 100644
--- a/openbsd-compat/bsd-cray.h
+++ b/openbsd-compat/bsd-cray.h
@@ -1,4 +1,4 @@
1/* $Id: bsd-cray.h,v 1.10 2003/08/29 16:59:52 mouring Exp $ */ 1/* $Id: bsd-cray.h,v 1.11 2004/01/30 03:34:22 dtucker Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2002, Cray Inc. (Wendy Palm <wendyp@cray.com>) 4 * Copyright (c) 2002, Cray Inc. (Wendy Palm <wendyp@cray.com>)
@@ -53,7 +53,6 @@ extern char cray_tmpdir[];
53# define MAXHOSTNAMELEN 64 53# define MAXHOSTNAMELEN 64
54#endif 54#endif
55#ifndef _CRAYT3E 55#ifndef _CRAYT3E
56# include <sys/ttold.h>
57# define TIOCGPGRP (tIOC|20) 56# define TIOCGPGRP (tIOC|20)
58#endif 57#endif
59 58
diff --git a/openbsd-compat/bsd-getpeereid.c b/openbsd-compat/bsd-getpeereid.c
index bcda2c155..fe2edad71 100644
--- a/openbsd-compat/bsd-getpeereid.c
+++ b/openbsd-compat/bsd-getpeereid.c
@@ -1,30 +1,22 @@
1/* 1/*
2 * Copyright (c) 2002 Damien Miller. All rights reserved. 2 * Copyright (c) 2002,2004 Damien Miller <djm@mindrot.org>
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Permission to use, copy, modify, and distribute this software for any
5 * modification, are permitted provided that the following conditions 5 * purpose with or without fee is hereby granted, provided that the above
6 * are met: 6 * copyright notice and this permission notice appear in all copies.
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * 7 *
13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23 */ 15 */
24 16
25#include "includes.h" 17#include "includes.h"
26 18
27RCSID("$Id: bsd-getpeereid.c,v 1.2 2003/03/24 22:07:52 djm Exp $"); 19RCSID("$Id: bsd-getpeereid.c,v 1.3 2004/02/17 05:49:55 djm Exp $");
28 20
29#if !defined(HAVE_GETPEEREID) 21#if !defined(HAVE_GETPEEREID)
30 22
diff --git a/openbsd-compat/bsd-misc.c b/openbsd-compat/bsd-misc.c
index 08b089bdc..7b06786f5 100644
--- a/openbsd-compat/bsd-misc.c
+++ b/openbsd-compat/bsd-misc.c
@@ -1,31 +1,23 @@
1/* 1/*
2 * Copyright (c) 1999-2003 Damien Miller. All rights reserved. 2 * Copyright (c) 1999-2004 Damien Miller <djm@mindrot.org>
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Permission to use, copy, modify, and distribute this software for any
5 * modification, are permitted provided that the following conditions 5 * purpose with or without fee is hereby granted, provided that the above
6 * are met: 6 * copyright notice and this permission notice appear in all copies.
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * 7 *
13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23 */ 15 */
24 16
25#include "includes.h" 17#include "includes.h"
26#include "xmalloc.h" 18#include "xmalloc.h"
27 19
28RCSID("$Id: bsd-misc.c,v 1.19 2003/08/25 01:16:21 mouring Exp $"); 20RCSID("$Id: bsd-misc.c,v 1.21 2004/02/17 05:49:55 djm Exp $");
29 21
30/* 22/*
31 * NB. duplicate __progname in case it is an alias for argv[0] 23 * NB. duplicate __progname in case it is an alias for argv[0]
@@ -164,7 +156,6 @@ int nanosleep(const struct timespec *req, struct timespec *rem)
164 156
165 return(rc); 157 return(rc);
166} 158}
167
168#endif 159#endif
169 160
170#ifndef HAVE_TCGETPGRP 161#ifndef HAVE_TCGETPGRP
@@ -223,6 +214,7 @@ mysignal(int sig, mysig_t act)
223 } 214 }
224 return (osa.sa_handler); 215 return (osa.sa_handler);
225#else 216#else
217 #undef signal
226 return (signal(sig, act)); 218 return (signal(sig, act));
227#endif 219#endif
228} 220}
diff --git a/openbsd-compat/bsd-misc.h b/openbsd-compat/bsd-misc.h
index 6b70473f3..c8073942c 100644
--- a/openbsd-compat/bsd-misc.h
+++ b/openbsd-compat/bsd-misc.h
@@ -1,27 +1,19 @@
1/* $Id: bsd-misc.h,v 1.13 2003/08/29 16:59:52 mouring Exp $ */ 1/* $Id: bsd-misc.h,v 1.14 2004/02/17 05:49:55 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 1999-2003 Damien Miller. All rights reserved. 4 * Copyright (c) 1999-2004 Damien Miller <djm@mindrot.org>
5 * 5 *
6 * Redistribution and use in source and binary forms, with or without 6 * Permission to use, copy, modify, and distribute this software for any
7 * modification, are permitted provided that the following conditions 7 * purpose with or without fee is hereby granted, provided that the above
8 * are met: 8 * copyright notice and this permission notice appear in all copies.
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 * 9 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25 */ 17 */
26 18
27#ifndef _BSD_MISC_H 19#ifndef _BSD_MISC_H
diff --git a/openbsd-compat/bsd-openpty.c b/openbsd-compat/bsd-openpty.c
new file mode 100644
index 000000000..daf5f8b81
--- /dev/null
+++ b/openbsd-compat/bsd-openpty.c
@@ -0,0 +1,203 @@
1/*
2 * Please note: this implementation of openpty() is far from complete.
3 * it is just enough for portable OpenSSH's needs.
4 */
5
6/*
7 * Copyright (c) 2004 Damien Miller <djm@mindrot.org>
8 *
9 * Permission to use, copy, modify, and distribute this software for any
10 * purpose with or without fee is hereby granted, provided that the above
11 * copyright notice and this permission notice appear in all copies.
12 *
13 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
14 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
15 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
16 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
17 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
18 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
19 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 */
21
22/*
23 * Author: Tatu Ylonen <ylo@cs.hut.fi>
24 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
25 * All rights reserved
26 * Allocating a pseudo-terminal, and making it the controlling tty.
27 *
28 * As far as I am concerned, the code I have written for this software
29 * can be used freely for any purpose. Any derived versions of this
30 * software must be clearly marked as such, and if the derived work is
31 * incompatible with the protocol description in the RFC file, it must be
32 * called by a name other than "ssh" or "Secure Shell".
33 */
34
35#include "includes.h"
36#if !defined(HAVE_OPENPTY)
37
38#ifdef HAVE_UTIL_H
39# include <util.h>
40#endif /* HAVE_UTIL_H */
41
42#ifdef HAVE_PTY_H
43# include <pty.h>
44#endif
45#if defined(HAVE_DEV_PTMX) && defined(HAVE_SYS_STROPTS_H)
46# include <sys/stropts.h>
47#endif
48
49#ifndef O_NOCTTY
50#define O_NOCTTY 0
51#endif
52
53int
54openpty(int *amaster, int *aslave, char *name, struct termios *termp,
55 struct winsize *winp)
56{
57#if defined(HAVE__GETPTY)
58 /*
59 * _getpty(3) exists in SGI Irix 4.x, 5.x & 6.x -- it generates more
60 * pty's automagically when needed
61 */
62 char *slave;
63
64 if ((slave = _getpty(amaster, O_RDWR, 0622, 0)) == NULL)
65 return (-1);
66
67 /* Open the slave side. */
68 if ((*aslave = open(slave, O_RDWR | O_NOCTTY)) == -1) {
69 close(*amaster);
70 return (-1);
71 }
72 return (0);
73
74#elif defined(HAVE_DEV_PTMX)
75 /*
76 * This code is used e.g. on Solaris 2.x. (Note that Solaris 2.3
77 * also has bsd-style ptys, but they simply do not work.)
78 */
79 int ptm;
80 char *pts;
81 mysig_t old_signal;
82
83 if ((ptm = open("/dev/ptmx", O_RDWR | O_NOCTTY)) == -1)
84 return (-1);
85
86 /* XXX: need to close ptm on error? */
87 old_signal = signal(SIGCHLD, SIG_DFL);
88 if (grantpt(ptm) < 0)
89 return (-1);
90 signal(SIGCHLD, old_signal);
91
92 if (unlockpt(ptm) < 0)
93 return (-1);
94
95 if ((pts = ptsname(ptm)) == NULL)
96 return (-1);
97 *amaster = ptm;
98
99 /* Open the slave side. */
100 if ((*aslave = open(pts, O_RDWR | O_NOCTTY)) == -1) {
101 close(*amaster);
102 return (-1);
103 }
104
105#ifndef HAVE_CYGWIN
106 /*
107 * Try to push the appropriate streams modules, as described
108 * in Solaris pts(7).
109 */
110 ioctl(*aslave, I_PUSH, "ptem");
111 ioctl(*aslave, I_PUSH, "ldterm");
112# ifndef __hpux
113 ioctl(*aslave, I_PUSH, "ttcompat");
114# endif /* __hpux */
115#endif /* HAVE_CYGWIN */
116
117 return (0);
118
119#elif defined(HAVE_DEV_PTS_AND_PTC)
120 /* AIX-style pty code. */
121 const char *ttname;
122
123 if ((*amaster = open("/dev/ptc", O_RDWR | O_NOCTTY)) == -1)
124 return (-1);
125 if ((ttname = ttyname(*amaster)) == NULL)
126 return (-1);
127 if ((*aslave = open(ttname, O_RDWR | O_NOCTTY)) == -1) {
128 close(*amaster);
129 return (-1);
130 }
131 return (0);
132
133#elif defined(_UNICOS)
134 char ptbuf[64], ttbuf[64];
135 int i;
136 int highpty;
137
138 highpty = 128;
139#ifdef _SC_CRAY_NPTY
140 if ((highpty = sysconf(_SC_CRAY_NPTY)) == -1)
141 highpty = 128;
142#endif /* _SC_CRAY_NPTY */
143
144 for (i = 0; i < highpty; i++) {
145 snprintf(ptbuf, sizeof(ptbuf), "/dev/pty/%03d", i);
146 snprintf(ttbuf, sizeof(ttbuf), "/dev/ttyp%03d", i);
147 if ((*amaster = open(ptbuf, O_RDWR|O_NOCTTY)) == -1)
148 continue;
149 /* Open the slave side. */
150 if ((*aslave = open(ttbuf, O_RDWR|O_NOCTTY)) == -1) {
151 close(*amaster);
152 return (-1);
153 }
154 return (0);
155 }
156 return (-1);
157
158#else
159 /* BSD-style pty code. */
160 char ptbuf[64], ttbuf[64];
161 int i;
162 const char *ptymajors = "pqrstuvwxyzabcdefghijklmno"
163 "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
164 const char *ptyminors = "0123456789abcdef";
165 int num_minors = strlen(ptyminors);
166 int num_ptys = strlen(ptymajors) * num_minors;
167 struct termios tio;
168
169 for (i = 0; i < num_ptys; i++) {
170 snprintf(ptbuf, sizeof(ptbuf), "/dev/pty%c%c",
171 ptymajors[i / num_minors], ptyminors[i % num_minors]);
172 snprintf(ttbuf, sizeof(ttbuf), "/dev/tty%c%c",
173 ptymajors[i / num_minors], ptyminors[i % num_minors]);
174
175 if ((*amaster = open(ptbuf, O_RDWR | O_NOCTTY)) == -1) {
176 /* Try SCO style naming */
177 snprintf(ptbuf, sizeof(ptbuf), "/dev/ptyp%d", i);
178 snprintf(ttbuf, sizeof(ttbuf), "/dev/ttyp%d", i);
179 if ((*amaster = open(ptbuf, O_RDWR | O_NOCTTY)) == -1)
180 continue;
181 }
182
183 /* Open the slave side. */
184 if ((*aslave = open(ttbuf, O_RDWR | O_NOCTTY)) == -1) {
185 close(*amaster);
186 return (-1);
187 }
188 /* set tty modes to a sane state for broken clients */
189 if (tcgetattr(*amaster, &tio) != -1) {
190 tio.c_lflag |= (ECHO | ISIG | ICANON);
191 tio.c_oflag |= (OPOST | ONLCR);
192 tio.c_iflag |= ICRNL;
193 tcsetattr(*amaster, TCSANOW, &tio);
194 }
195
196 return (0);
197 }
198 return (-1);
199#endif
200}
201
202#endif /* !defined(HAVE_OPENPTY) */
203
diff --git a/openbsd-compat/daemon.c b/openbsd-compat/daemon.c
index 6dd45f6a7..c0be5fff9 100644
--- a/openbsd-compat/daemon.c
+++ b/openbsd-compat/daemon.c
@@ -1,3 +1,5 @@
1/* OPENBSD ORIGINAL: lib/libc/gen/daemon.c */
2
1/*- 3/*-
2 * Copyright (c) 1990, 1993 4 * Copyright (c) 1990, 1993
3 * The Regents of the University of California. All rights reserved. 5 * The Regents of the University of California. All rights reserved.
diff --git a/openbsd-compat/dirname.c b/openbsd-compat/dirname.c
index 1ab7516d8..25ab34dd6 100644
--- a/openbsd-compat/dirname.c
+++ b/openbsd-compat/dirname.c
@@ -1,3 +1,5 @@
1/* OPENBSD ORIGINAL: lib/libc/gen/dirname.c */
2
1/* $OpenBSD: dirname.c,v 1.10 2003/06/17 21:56:23 millert Exp $ */ 3/* $OpenBSD: dirname.c,v 1.10 2003/06/17 21:56:23 millert Exp $ */
2 4
3/* 5/*
diff --git a/openbsd-compat/fake-rfc2553.c b/openbsd-compat/fake-rfc2553.c
index f44924836..0186b5300 100644
--- a/openbsd-compat/fake-rfc2553.c
+++ b/openbsd-compat/fake-rfc2553.c
@@ -37,7 +37,7 @@
37 37
38#include "includes.h" 38#include "includes.h"
39 39
40RCSID("$Id: fake-rfc2553.c,v 1.4 2003/06/13 22:43:23 djm Exp $"); 40RCSID("$Id: fake-rfc2553.c,v 1.5 2003/09/22 02:08:23 dtucker Exp $");
41 41
42#ifndef HAVE_GETNAMEINFO 42#ifndef HAVE_GETNAMEINFO
43int getnameinfo(const struct sockaddr *sa, size_t salen, char *host, 43int getnameinfo(const struct sockaddr *sa, size_t salen, char *host,
@@ -77,7 +77,11 @@ int getnameinfo(const struct sockaddr *sa, size_t salen, char *host,
77#endif /* !HAVE_GETNAMEINFO */ 77#endif /* !HAVE_GETNAMEINFO */
78 78
79#ifndef HAVE_GAI_STRERROR 79#ifndef HAVE_GAI_STRERROR
80#ifdef HAVE_CONST_GAI_STRERROR_PROTO
81const char *
82#else
80char * 83char *
84#endif
81gai_strerror(int err) 85gai_strerror(int err)
82{ 86{
83 switch (err) { 87 switch (err) {
diff --git a/openbsd-compat/fake-rfc2553.h b/openbsd-compat/fake-rfc2553.h
index b70b928f8..eb88605fa 100644
--- a/openbsd-compat/fake-rfc2553.h
+++ b/openbsd-compat/fake-rfc2553.h
@@ -1,4 +1,4 @@
1/* $Id: fake-rfc2553.h,v 1.6 2003/08/29 16:59:52 mouring Exp $ */ 1/* $Id: fake-rfc2553.h,v 1.8 2004/02/10 02:05:41 dtucker Exp $ */
2 2
3/* 3/*
4 * Copyright (C) 2000-2003 Damien Miller. All rights reserved. 4 * Copyright (C) 2000-2003 Damien Miller. All rights reserved.
@@ -133,19 +133,23 @@ struct addrinfo {
133#endif /* !HAVE_STRUCT_ADDRINFO */ 133#endif /* !HAVE_STRUCT_ADDRINFO */
134 134
135#ifndef HAVE_GETADDRINFO 135#ifndef HAVE_GETADDRINFO
136#define getaddrinfo(a,b,c,d) (ssh_getaddrinfo(a,b,c,d))
136int getaddrinfo(const char *, const char *, 137int getaddrinfo(const char *, const char *,
137 const struct addrinfo *, struct addrinfo **); 138 const struct addrinfo *, struct addrinfo **);
138#endif /* !HAVE_GETADDRINFO */ 139#endif /* !HAVE_GETADDRINFO */
139 140
140#ifndef HAVE_GAI_STRERROR 141#if !defined(HAVE_GAI_STRERROR) && !defined(HAVE_CONST_GAI_STRERROR_PROTO)
142#define gai_strerror(a) (ssh_gai_strerror(a))
141char *gai_strerror(int); 143char *gai_strerror(int);
142#endif /* !HAVE_GAI_STRERROR */ 144#endif /* !HAVE_GAI_STRERROR */
143 145
144#ifndef HAVE_FREEADDRINFO 146#ifndef HAVE_FREEADDRINFO
147#define freeaddrinfo(a) (ssh_freeaddrinfo(a))
145void freeaddrinfo(struct addrinfo *); 148void freeaddrinfo(struct addrinfo *);
146#endif /* !HAVE_FREEADDRINFO */ 149#endif /* !HAVE_FREEADDRINFO */
147 150
148#ifndef HAVE_GETNAMEINFO 151#ifndef HAVE_GETNAMEINFO
152#define getnameinfo(a,b,c,d,e,f,g) (ssh_getnameinfo(a,b,c,d,e,f,g))
149int getnameinfo(const struct sockaddr *, size_t, char *, size_t, 153int getnameinfo(const struct sockaddr *, size_t, char *, size_t,
150 char *, size_t, int); 154 char *, size_t, int);
151#endif /* !HAVE_GETNAMEINFO */ 155#endif /* !HAVE_GETNAMEINFO */
diff --git a/openbsd-compat/getcwd.c b/openbsd-compat/getcwd.c
index 31d1cfe93..19be59172 100644
--- a/openbsd-compat/getcwd.c
+++ b/openbsd-compat/getcwd.c
@@ -1,3 +1,5 @@
1/* OPENBSD ORIGINAL: lib/libc/gen/getcwd.c */
2
1/* 3/*
2 * Copyright (c) 1989, 1991, 1993 4 * Copyright (c) 1989, 1991, 1993
3 * The Regents of the University of California. All rights reserved. 5 * The Regents of the University of California. All rights reserved.
diff --git a/openbsd-compat/getgrouplist.c b/openbsd-compat/getgrouplist.c
index 085cda8c3..59c164f44 100644
--- a/openbsd-compat/getgrouplist.c
+++ b/openbsd-compat/getgrouplist.c
@@ -1,3 +1,5 @@
1/* OPENBSD ORIGINAL: lib/libc/gen/getgrouplist.c */
2
1/* 3/*
2 * Copyright (c) 1991, 1993 4 * Copyright (c) 1991, 1993
3 * The Regents of the University of California. All rights reserved. 5 * The Regents of the University of California. All rights reserved.
diff --git a/openbsd-compat/getopt.c b/openbsd-compat/getopt.c
index 2136fbfcc..f5ee6778d 100644
--- a/openbsd-compat/getopt.c
+++ b/openbsd-compat/getopt.c
@@ -1,3 +1,5 @@
1/* OPENBSD ORIGINAL: lib/libc/stdlib/getopt.c */
2
1/* 3/*
2 * Copyright (c) 1987, 1993, 1994 4 * Copyright (c) 1987, 1993, 1994
3 * The Regents of the University of California. All rights reserved. 5 * The Regents of the University of California. All rights reserved.
diff --git a/openbsd-compat/getrrsetbyname.c b/openbsd-compat/getrrsetbyname.c
index 44fa2755b..66d18142e 100644
--- a/openbsd-compat/getrrsetbyname.c
+++ b/openbsd-compat/getrrsetbyname.c
@@ -1,3 +1,5 @@
1/* OPENBSD ORIGINAL: lib/libc/net/getrrsetbyname.c */
2
1/* $OpenBSD: getrrsetbyname.c,v 1.7 2003/03/07 07:34:14 itojun Exp $ */ 3/* $OpenBSD: getrrsetbyname.c,v 1.7 2003/03/07 07:34:14 itojun Exp $ */
2 4
3/* 5/*
@@ -45,12 +47,10 @@
45 47
46#include "includes.h" 48#include "includes.h"
47 49
48#if defined(DNS) && !defined(HAVE_GETRRSETBYNAME) 50#ifndef HAVE_GETRRSETBYNAME
49 51
50#include "getrrsetbyname.h" 52#include "getrrsetbyname.h"
51 53
52/* #include "thread_private.h" */
53
54#define ANSWER_BUFFER_SIZE 1024*64 54#define ANSWER_BUFFER_SIZE 1024*64
55 55
56struct dns_query { 56struct dns_query {
@@ -159,7 +159,6 @@ getrrsetbyname(const char *hostname, unsigned int rdclass,
159 unsigned int rdtype, unsigned int flags, 159 unsigned int rdtype, unsigned int flags,
160 struct rrsetinfo **res) 160 struct rrsetinfo **res)
161{ 161{
162 struct __res_state *_resp = &_res;
163 int result; 162 int result;
164 struct rrsetinfo *rrset = NULL; 163 struct rrsetinfo *rrset = NULL;
165 struct dns_response *response; 164 struct dns_response *response;
@@ -188,19 +187,19 @@ getrrsetbyname(const char *hostname, unsigned int rdclass,
188 } 187 }
189 188
190 /* initialize resolver */ 189 /* initialize resolver */
191 if ((_resp->options & RES_INIT) == 0 && res_init() == -1) { 190 if ((_res.options & RES_INIT) == 0 && res_init() == -1) {
192 result = ERRSET_FAIL; 191 result = ERRSET_FAIL;
193 goto fail; 192 goto fail;
194 } 193 }
195 194
196#ifdef DEBUG 195#ifdef DEBUG
197 _resp->options |= RES_DEBUG; 196 _res.options |= RES_DEBUG;
198#endif /* DEBUG */ 197#endif /* DEBUG */
199 198
200#ifdef RES_USE_DNSSEC 199#ifdef RES_USE_DNSSEC
201 /* turn on DNSSEC if EDNS0 is configured */ 200 /* turn on DNSSEC if EDNS0 is configured */
202 if (_resp->options & RES_USE_EDNS0) 201 if (_res.options & RES_USE_EDNS0)
203 _resp->options |= RES_USE_DNSSEC; 202 _res.options |= RES_USE_DNSSEC;
204#endif /* RES_USE_DNSEC */ 203#endif /* RES_USE_DNSEC */
205 204
206 /* make query */ 205 /* make query */
@@ -575,4 +574,4 @@ count_dns_rr(struct dns_rr *p, u_int16_t class, u_int16_t type)
575 return (n); 574 return (n);
576} 575}
577 576
578#endif /* defined(DNS) && !defined(HAVE_GETRRSETBYNAME) */ 577#endif /* !defined(HAVE_GETRRSETBYNAME) */
diff --git a/openbsd-compat/getrrsetbyname.h b/openbsd-compat/getrrsetbyname.h
index 6466a54d6..39995b63f 100644
--- a/openbsd-compat/getrrsetbyname.h
+++ b/openbsd-compat/getrrsetbyname.h
@@ -1,3 +1,5 @@
1/* OPENBSD BASED ON : include/netdb.h */
2
1/* $OpenBSD: getrrsetbyname.c,v 1.4 2001/08/16 18:16:43 ho Exp $ */ 3/* $OpenBSD: getrrsetbyname.c,v 1.4 2001/08/16 18:16:43 ho Exp $ */
2 4
3/* 5/*
@@ -48,7 +50,7 @@
48 50
49#include "includes.h" 51#include "includes.h"
50 52
51#if defined(DNS) && !defined(HAVE_GETRRSETBYNAME) 53#ifndef HAVE_GETRRSETBYNAME
52 54
53#include <sys/types.h> 55#include <sys/types.h>
54#include <netinet/in.h> 56#include <netinet/in.h>
@@ -56,6 +58,14 @@
56#include <netdb.h> 58#include <netdb.h>
57#include <resolv.h> 59#include <resolv.h>
58 60
61#ifndef HFIXEDSZ
62#define HFIXEDSZ 12
63#endif
64
65#ifndef T_SIG
66#define T_SIG 24
67#endif
68
59/* 69/*
60 * Flags for getrrsetbyname() 70 * Flags for getrrsetbyname()
61 */ 71 */
@@ -95,6 +105,6 @@ struct rrsetinfo {
95int getrrsetbyname(const char *, unsigned int, unsigned int, unsigned int, struct rrsetinfo **); 105int getrrsetbyname(const char *, unsigned int, unsigned int, unsigned int, struct rrsetinfo **);
96void freerrset(struct rrsetinfo *); 106void freerrset(struct rrsetinfo *);
97 107
98#endif /* defined(DNS) && !defined(HAVE_GETRRSETBYNAME) */ 108#endif /* !defined(HAVE_GETRRSETBYNAME) */
99 109
100#endif /* _GETRRSETBYNAME_H */ 110#endif /* _GETRRSETBYNAME_H */
diff --git a/openbsd-compat/glob.c b/openbsd-compat/glob.c
index 50f35c304..7fafc8c40 100644
--- a/openbsd-compat/glob.c
+++ b/openbsd-compat/glob.c
@@ -1,3 +1,5 @@
1/* OPENBSD ORIGINAL: lib/libc/gen/glob.c */
2
1/* 3/*
2 * Copyright (c) 1989, 1993 4 * Copyright (c) 1989, 1993
3 * The Regents of the University of California. All rights reserved. 5 * The Regents of the University of California. All rights reserved.
diff --git a/openbsd-compat/glob.h b/openbsd-compat/glob.h
index aceddbc48..3428b2013 100644
--- a/openbsd-compat/glob.h
+++ b/openbsd-compat/glob.h
@@ -1,3 +1,5 @@
1/* OPENBSD ORIGINAL: include/glob.h */
2
1/* $OpenBSD: glob.h,v 1.8 2003/06/02 19:34:12 millert Exp $ */ 3/* $OpenBSD: glob.h,v 1.8 2003/06/02 19:34:12 millert Exp $ */
2/* $NetBSD: glob.h,v 1.5 1994/10/26 00:55:56 cgd Exp $ */ 4/* $NetBSD: glob.h,v 1.5 1994/10/26 00:55:56 cgd Exp $ */
3 5
diff --git a/openbsd-compat/inet_aton.c b/openbsd-compat/inet_aton.c
index 5de49868d..c141bcc68 100644
--- a/openbsd-compat/inet_aton.c
+++ b/openbsd-compat/inet_aton.c
@@ -1,3 +1,5 @@
1/* OPENBSD ORIGINAL: lib/libc/net/inet_addr.c */
2
1/* $OpenBSD: inet_addr.c,v 1.7 2003/06/02 20:18:35 millert Exp $ */ 3/* $OpenBSD: inet_addr.c,v 1.7 2003/06/02 20:18:35 millert Exp $ */
2 4
3/* 5/*
diff --git a/openbsd-compat/inet_ntoa.c b/openbsd-compat/inet_ntoa.c
index e0384491d..dc010dc53 100644
--- a/openbsd-compat/inet_ntoa.c
+++ b/openbsd-compat/inet_ntoa.c
@@ -1,3 +1,5 @@
1/* OPENBSD ORIGINAL: lib/libc/net/inet_ntoa.c */
2
1/* 3/*
2 * Copyright (c) 1983, 1993 4 * Copyright (c) 1983, 1993
3 * The Regents of the University of California. All rights reserved. 5 * The Regents of the University of California. All rights reserved.
@@ -43,7 +45,6 @@ static char rcsid[] = "$OpenBSD: inet_ntoa.c,v 1.4 2003/06/02 20:18:35 millert E
43#include <netinet/in.h> 45#include <netinet/in.h>
44#include <arpa/inet.h> 46#include <arpa/inet.h>
45#include <stdio.h> 47#include <stdio.h>
46#include "inet_ntoa.h"
47 48
48char *inet_ntoa(struct in_addr in) 49char *inet_ntoa(struct in_addr in)
49{ 50{
diff --git a/openbsd-compat/inet_ntop.c b/openbsd-compat/inet_ntop.c
index 075eac44f..7031625b4 100644
--- a/openbsd-compat/inet_ntop.c
+++ b/openbsd-compat/inet_ntop.c
@@ -1,3 +1,5 @@
1/* OPENBSD ORIGINAL: lib/libc/net/inet_ntop.c */
2
1/* $OpenBSD: inet_ntop.c,v 1.5 2002/08/23 16:27:31 itojun Exp $ */ 3/* $OpenBSD: inet_ntop.c,v 1.5 2002/08/23 16:27:31 itojun Exp $ */
2 4
3/* Copyright (c) 1996 by Internet Software Consortium. 5/* Copyright (c) 1996 by Internet Software Consortium.
diff --git a/openbsd-compat/mktemp.c b/openbsd-compat/mktemp.c
index 2cd747835..aff8d2005 100644
--- a/openbsd-compat/mktemp.c
+++ b/openbsd-compat/mktemp.c
@@ -1,3 +1,5 @@
1/* OPENBSD ORIGINAL: lib/libc/stdio/mktemp.c */
2
1/* THIS FILE HAS BEEN MODIFIED FROM THE ORIGINAL OPENBSD SOURCE */ 3/* THIS FILE HAS BEEN MODIFIED FROM THE ORIGINAL OPENBSD SOURCE */
2/* Changes: Removed mktemp */ 4/* Changes: Removed mktemp */
3 5
diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h
index 852948c54..6be1bcda4 100644
--- a/openbsd-compat/openbsd-compat.h
+++ b/openbsd-compat/openbsd-compat.h
@@ -1,4 +1,4 @@
1/* $Id: openbsd-compat.h,v 1.24 2003/08/29 16:59:52 mouring Exp $ */ 1/* $Id: openbsd-compat.h,v 1.25 2004/01/21 06:07:23 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 1999-2003 Damien Miller. All rights reserved. 4 * Copyright (c) 1999-2003 Damien Miller. All rights reserved.
@@ -138,8 +138,9 @@ unsigned int arc4random(void);
138void arc4random_stir(void); 138void arc4random_stir(void);
139#endif /* !HAVE_ARC4RANDOM */ 139#endif /* !HAVE_ARC4RANDOM */
140 140
141 141#ifndef HAVE_OPENPTY
142 142int openpty(int *, int *, char *, struct termios *, struct winsize *);
143#endif /* HAVE_OPENPTY */
143 144
144/* #include <sys/types.h> XXX needed? For size_t */ 145/* #include <sys/types.h> XXX needed? For size_t */
145 146
diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c
index 7a981634b..2895f0d44 100644
--- a/openbsd-compat/port-aix.c
+++ b/openbsd-compat/port-aix.c
@@ -24,17 +24,25 @@
24 * 24 *
25 */ 25 */
26#include "includes.h" 26#include "includes.h"
27#include "auth.h"
27#include "ssh.h" 28#include "ssh.h"
28#include "log.h" 29#include "log.h"
29#include "servconf.h" 30#include "servconf.h"
31#include "canohost.h"
32#include "xmalloc.h"
33#include "buffer.h"
30 34
31#ifdef _AIX 35#ifdef _AIX
32 36
33#include <uinfo.h> 37#include <uinfo.h>
34#include <../xmalloc.h>
35#include "port-aix.h" 38#include "port-aix.h"
36 39
37extern ServerOptions options; 40extern ServerOptions options;
41extern Buffer loginmsg;
42
43# ifdef HAVE_SETAUTHDB
44static char old_registry[REGISTRY_SIZE] = "";
45# endif
38 46
39/* 47/*
40 * AIX has a "usrinfo" area where logname and other stuff is stored - 48 * AIX has a "usrinfo" area where logname and other stuff is stored -
@@ -62,7 +70,7 @@ aix_usrinfo(struct passwd *pw)
62 xfree(cp); 70 xfree(cp);
63} 71}
64 72
65#ifdef WITH_AIXAUTHENTICATE 73# ifdef WITH_AIXAUTHENTICATE
66/* 74/*
67 * Remove embedded newlines in string (if any). 75 * Remove embedded newlines in string (if any).
68 * Used before logging messages returned by AIX authentication functions 76 * Used before logging messages returned by AIX authentication functions
@@ -82,41 +90,113 @@ aix_remove_embedded_newlines(char *p)
82 if (*--p == ' ') 90 if (*--p == ' ')
83 *p = '\0'; 91 *p = '\0';
84} 92}
85#endif /* WITH_AIXAUTHENTICATE */ 93
94/*
95 * Do authentication via AIX's authenticate routine. We loop until the
96 * reenter parameter is 0, but normally authenticate is called only once.
97 *
98 * Note: this function returns 1 on success, whereas AIX's authenticate()
99 * returns 0.
100 */
101int
102sys_auth_passwd(Authctxt *ctxt, const char *password)
103{
104 char *authmsg = NULL, *host, *msg, *name = ctxt->pw->pw_name;
105 int authsuccess = 0, expired, reenter, result;
106
107 do {
108 result = authenticate((char *)name, (char *)password, &reenter,
109 &authmsg);
110 aix_remove_embedded_newlines(authmsg);
111 debug3("AIX/authenticate result %d, msg %.100s", result,
112 authmsg);
113 } while (reenter);
114
115 if (result == 0) {
116 authsuccess = 1;
117
118 host = (char *)get_canonical_hostname(options.use_dns);
119
120 /*
121 * Record successful login. We don't have a pty yet, so just
122 * label the line as "ssh"
123 */
124 aix_setauthdb(name);
125 if (loginsuccess((char *)name, (char *)host, "ssh", &msg) == 0) {
126 if (msg != NULL) {
127 debug("%s: msg %s", __func__, msg);
128 buffer_append(&loginmsg, msg, strlen(msg));
129 xfree(msg);
130 }
131 }
132
133 /*
134 * Check if the user's password is expired.
135 */
136 expired = passwdexpired(name, &msg);
137 if (msg && *msg) {
138 buffer_append(&loginmsg, msg, strlen(msg));
139 aix_remove_embedded_newlines(msg);
140 }
141 debug3("AIX/passwdexpired returned %d msg %.100s", expired, msg);
142
143 switch (expired) {
144 case 0: /* password not expired */
145 break;
146 case 1: /* expired, password change required */
147 ctxt->force_pwchange = 1;
148 disable_forwarding();
149 break;
150 default: /* user can't change(2) or other error (-1) */
151 logit("Password can't be changed for user %s: %.100s",
152 name, msg);
153 if (msg)
154 xfree(msg);
155 authsuccess = 0;
156 }
157
158 aix_restoreauthdb();
159 }
160
161 if (authmsg != NULL)
162 xfree(authmsg);
163
164 return authsuccess;
165}
86 166
87# ifdef CUSTOM_FAILED_LOGIN 167# ifdef CUSTOM_FAILED_LOGIN
88/* 168/*
89 * record_failed_login: generic "login failed" interface function 169 * record_failed_login: generic "login failed" interface function
90 */ 170 */
91void 171void
92record_failed_login(const char *user, const char *ttyname) 172record_failed_login(const char *user, const char *ttyname)
93{ 173{
94 char *hostname = get_canonical_hostname(options.use_dns); 174 char *hostname = (char *)get_canonical_hostname(options.use_dns);
95 175
96 if (geteuid() != 0) 176 if (geteuid() != 0)
97 return; 177 return;
98 178
99 aix_setauthdb(user); 179 aix_setauthdb(user);
100# ifdef AIX_LOGINFAILED_4ARG 180# ifdef AIX_LOGINFAILED_4ARG
101 loginfailed((char *)user, hostname, (char *)ttyname, AUDIT_FAIL_AUTH); 181 loginfailed((char *)user, hostname, (char *)ttyname, AUDIT_FAIL_AUTH);
102# else 182# else
103 loginfailed((char *)user, hostname, (char *)ttyname); 183 loginfailed((char *)user, hostname, (char *)ttyname);
104# endif 184# endif
185 aix_restoreauthdb();
105} 186}
187# endif /* CUSTOM_FAILED_LOGIN */
106 188
107/* 189/*
108 * If we have setauthdb, retrieve the password registry for the user's 190 * If we have setauthdb, retrieve the password registry for the user's
109 * account then feed it to setauthdb. This may load registry-specific method 191 * account then feed it to setauthdb. This will mean that subsequent AIX auth
110 * code. If we don't have setauthdb or have already called it this is a no-op. 192 * functions will only use the specified loadable module. If we don't have
193 * setauthdb this is a no-op.
111 */ 194 */
112void 195void
113aix_setauthdb(const char *user) 196aix_setauthdb(const char *user)
114{ 197{
115# ifdef HAVE_SETAUTHDB 198# ifdef HAVE_SETAUTHDB
116 static char *registry = NULL; 199 char *registry;
117
118 if (registry != NULL) /* have already done setauthdb */
119 return;
120 200
121 if (setuserdb(S_READ) == -1) { 201 if (setuserdb(S_READ) == -1) {
122 debug3("%s: Could not open userdb to read", __func__); 202 debug3("%s: Could not open userdb to read", __func__);
@@ -124,18 +204,37 @@ aix_setauthdb(const char *user)
124 } 204 }
125 205
126 if (getuserattr((char *)user, S_REGISTRY, &registry, SEC_CHAR) == 0) { 206 if (getuserattr((char *)user, S_REGISTRY, &registry, SEC_CHAR) == 0) {
127 if (setauthdb(registry, NULL) == 0) 207 if (setauthdb(registry, old_registry) == 0)
128 debug3("%s: AIX/setauthdb set registry %s", __func__, 208 debug3("AIX/setauthdb set registry '%s'", registry);
129 registry);
130 else 209 else
131 debug3("%s: AIX/setauthdb set registry %s failed: %s", 210 debug3("AIX/setauthdb set registry '%s' failed: %s",
132 __func__, registry, strerror(errno)); 211 registry, strerror(errno));
133 } else 212 } else
134 debug3("%s: Could not read S_REGISTRY for user: %s", __func__, 213 debug3("%s: Could not read S_REGISTRY for user: %s", __func__,
135 strerror(errno)); 214 strerror(errno));
136 enduserdb(); 215 enduserdb();
137# endif 216# endif /* HAVE_SETAUTHDB */
138} 217}
139# endif /* CUSTOM_FAILED_LOGIN */
140#endif /* _AIX */
141 218
219/*
220 * Restore the user's registry settings from old_registry.
221 * Note that if the first aix_setauthdb fails, setauthdb("") is still safe
222 * (it restores the system default behaviour). If we don't have setauthdb,
223 * this is a no-op.
224 */
225void
226aix_restoreauthdb(void)
227{
228# ifdef HAVE_SETAUTHDB
229 if (setauthdb(old_registry, NULL) == 0)
230 debug3("%s: restoring old registry '%s'", __func__,
231 old_registry);
232 else
233 debug3("%s: failed to restore old registry %s", __func__,
234 old_registry);
235# endif /* HAVE_SETAUTHDB */
236}
237
238# endif /* WITH_AIXAUTHENTICATE */
239
240#endif /* _AIX */
diff --git a/openbsd-compat/port-aix.h b/openbsd-compat/port-aix.h
index 09e7f9e97..3118af9a9 100644
--- a/openbsd-compat/port-aix.h
+++ b/openbsd-compat/port-aix.h
@@ -1,4 +1,4 @@
1/* $Id: port-aix.h,v 1.14 2003/08/29 16:59:52 mouring Exp $ */ 1/* $Id: port-aix.h,v 1.19 2004/02/10 04:27:35 dtucker Exp $ */
2 2
3/* 3/*
4 * 4 *
@@ -30,10 +30,10 @@
30#ifdef WITH_AIXAUTHENTICATE 30#ifdef WITH_AIXAUTHENTICATE
31# include <login.h> 31# include <login.h>
32# include <userpw.h> 32# include <userpw.h>
33# include <usersec.h> 33# if defined(HAVE_SYS_AUDIT_H) && defined(AIX_LOGINFAILED_4ARG)
34# ifdef HAVE_SYS_AUDIT_H
35# include <sys/audit.h> 34# include <sys/audit.h>
36# endif 35# endif
36# include <usersec.h>
37#endif 37#endif
38 38
39/* Some versions define r_type in the above headers, which causes a conflict */ 39/* Some versions define r_type in the above headers, which causes a conflict */
@@ -51,12 +51,23 @@
51# include <sys/timers.h> 51# include <sys/timers.h>
52#endif 52#endif
53 53
54/*
55 * According to the setauthdb man page, AIX password registries must be 15
56 * chars or less plus terminating NUL.
57 */
58#ifdef HAVE_SETAUTHDB
59# define REGISTRY_SIZE 16
60#endif
61
62void aix_usrinfo(struct passwd *);
63
54#ifdef WITH_AIXAUTHENTICATE 64#ifdef WITH_AIXAUTHENTICATE
65# define CUSTOM_SYS_AUTH_PASSWD 1
55# define CUSTOM_FAILED_LOGIN 1 66# define CUSTOM_FAILED_LOGIN 1
56void record_failed_login(const char *, const char *); 67void record_failed_login(const char *, const char *);
57void aix_setauthdb(const char *);
58#endif 68#endif
59 69
60void aix_usrinfo(struct passwd *); 70void aix_setauthdb(const char *);
71void aix_restoreauthdb(void);
61void aix_remove_embedded_newlines(char *); 72void aix_remove_embedded_newlines(char *);
62#endif /* _AIX */ 73#endif /* _AIX */
diff --git a/openbsd-compat/readpassphrase.c b/openbsd-compat/readpassphrase.c
index 0d0baf569..4ee1be5de 100644
--- a/openbsd-compat/readpassphrase.c
+++ b/openbsd-compat/readpassphrase.c
@@ -1,3 +1,5 @@
1/* OPENBSD ORIGINAL: lib/libc/gen/readpassphrase.c */
2
1/* $OpenBSD: readpassphrase.c,v 1.16 2003/06/17 21:56:23 millert Exp $ */ 3/* $OpenBSD: readpassphrase.c,v 1.16 2003/06/17 21:56:23 millert Exp $ */
2 4
3/* 5/*
diff --git a/openbsd-compat/readpassphrase.h b/openbsd-compat/readpassphrase.h
index 92908a489..178edf346 100644
--- a/openbsd-compat/readpassphrase.h
+++ b/openbsd-compat/readpassphrase.h
@@ -1,3 +1,5 @@
1/* OPENBSD ORIGINAL: include/readpassphrase.h */
2
1/* $OpenBSD: readpassphrase.h,v 1.3 2002/06/28 12:32:22 millert Exp $ */ 3/* $OpenBSD: readpassphrase.h,v 1.3 2002/06/28 12:32:22 millert Exp $ */
2 4
3/* 5/*
diff --git a/openbsd-compat/realpath.c b/openbsd-compat/realpath.c
index 77da14e7c..218fbecb2 100644
--- a/openbsd-compat/realpath.c
+++ b/openbsd-compat/realpath.c
@@ -1,3 +1,5 @@
1/* OPENBSD ORIGINAL: lib/libc/stdlib/realpath.c */
2
1/* 3/*
2 * Copyright (c) 1994 4 * Copyright (c) 1994
3 * The Regents of the University of California. All rights reserved. 5 * The Regents of the University of California. All rights reserved.
@@ -150,7 +152,7 @@ loop:
150 serrno = ENAMETOOLONG; 152 serrno = ENAMETOOLONG;
151 goto err1; 153 goto err1;
152 } 154 }
153 if (needslash == 0) 155 if (needslash)
154 strlcat(resolved, "/", MAXPATHLEN); 156 strlcat(resolved, "/", MAXPATHLEN);
155 strlcat(resolved, wbuf, MAXPATHLEN); 157 strlcat(resolved, wbuf, MAXPATHLEN);
156 } 158 }
diff --git a/openbsd-compat/rresvport.c b/openbsd-compat/rresvport.c
index 608a3b184..75167065c 100644
--- a/openbsd-compat/rresvport.c
+++ b/openbsd-compat/rresvport.c
@@ -1,3 +1,5 @@
1/* OPENBSD ORIGINAL: lib/libc/net/rresvport.c */
2
1/* 3/*
2 * Copyright (c) 1995, 1996, 1998 Theo de Raadt. All rights reserved. 4 * Copyright (c) 1995, 1996, 1998 Theo de Raadt. All rights reserved.
3 * Copyright (c) 1983, 1993, 1994 5 * Copyright (c) 1983, 1993, 1994
diff --git a/openbsd-compat/setenv.c b/openbsd-compat/setenv.c
index c9941c195..b7ba0ce83 100644
--- a/openbsd-compat/setenv.c
+++ b/openbsd-compat/setenv.c
@@ -1,3 +1,5 @@
1/* OPENBSD ORIGINAL: lib/libc/stdlib/setenv.c */
2
1/* 3/*
2 * Copyright (c) 1987 Regents of the University of California. 4 * Copyright (c) 1987 Regents of the University of California.
3 * All rights reserved. 5 * All rights reserved.
diff --git a/openbsd-compat/setproctitle.c b/openbsd-compat/setproctitle.c
index b41100fc6..6e2b19bb4 100644
--- a/openbsd-compat/setproctitle.c
+++ b/openbsd-compat/setproctitle.c
@@ -41,8 +41,8 @@
41#endif 41#endif
42 42
43#define SPT_NONE 0 /* don't use it at all */ 43#define SPT_NONE 0 /* don't use it at all */
44#define SPT_PSTAT 1 /* cover argv with title information */ 44#define SPT_PSTAT 1 /* use pstat(PSTAT_SETCMD, ...) */
45#define SPT_REUSEARGV 2 /* use pstat(PSTAT_SETCMD, ...) */ 45#define SPT_REUSEARGV 2 /* cover argv with title information */
46 46
47#ifndef SPT_TYPE 47#ifndef SPT_TYPE
48# define SPT_TYPE SPT_NONE 48# define SPT_TYPE SPT_NONE
diff --git a/openbsd-compat/sigact.c b/openbsd-compat/sigact.c
index 35fbab0eb..2772ac574 100644
--- a/openbsd-compat/sigact.c
+++ b/openbsd-compat/sigact.c
@@ -1,3 +1,5 @@
1/* OPENBSD ORIGINAL: lib/libcurses/base/sigaction.c */
2
1/* $OpenBSD: sigaction.c,v 1.3 1999/06/27 08:14:21 millert Exp $ */ 3/* $OpenBSD: sigaction.c,v 1.3 1999/06/27 08:14:21 millert Exp $ */
2 4
3/**************************************************************************** 5/****************************************************************************
diff --git a/openbsd-compat/strlcat.c b/openbsd-compat/strlcat.c
index cae16657c..70f01cb2a 100644
--- a/openbsd-compat/strlcat.c
+++ b/openbsd-compat/strlcat.c
@@ -1,3 +1,5 @@
1/* OPENBSD ORIGINAL: lib/libc/string/strlcat.c */
2
1/* $OpenBSD: strlcat.c,v 1.11 2003/06/17 21:56:24 millert Exp $ */ 3/* $OpenBSD: strlcat.c,v 1.11 2003/06/17 21:56:24 millert Exp $ */
2 4
3/* 5/*
diff --git a/openbsd-compat/strlcpy.c b/openbsd-compat/strlcpy.c
index c8fe29987..ccfa12a0a 100644
--- a/openbsd-compat/strlcpy.c
+++ b/openbsd-compat/strlcpy.c
@@ -1,3 +1,5 @@
1/* OPENBSD ORIGINAL: lib/libc/string/strlcpy.c */
2
1/* $OpenBSD: strlcpy.c,v 1.8 2003/06/17 21:56:24 millert Exp $ */ 3/* $OpenBSD: strlcpy.c,v 1.8 2003/06/17 21:56:24 millert Exp $ */
2 4
3/* 5/*
diff --git a/openbsd-compat/strmode.c b/openbsd-compat/strmode.c
index adf5e273e..ea8d515e3 100644
--- a/openbsd-compat/strmode.c
+++ b/openbsd-compat/strmode.c
@@ -1,3 +1,5 @@
1/* OPENBSD ORIGINAL: lib/libc/string/strmode.c */
2
1/*- 3/*-
2 * Copyright (c) 1990 The Regents of the University of California. 4 * Copyright (c) 1990 The Regents of the University of California.
3 * All rights reserved. 5 * All rights reserved.
diff --git a/openbsd-compat/strsep.c b/openbsd-compat/strsep.c
index b13671343..330d84ce1 100644
--- a/openbsd-compat/strsep.c
+++ b/openbsd-compat/strsep.c
@@ -1,3 +1,5 @@
1/* OPENBSD ORIGINAL: lib/libc/string/strsep.c */
2
1/* $OpenBSD: strsep.c,v 1.5 2003/06/11 21:08:16 deraadt Exp $ */ 3/* $OpenBSD: strsep.c,v 1.5 2003/06/11 21:08:16 deraadt Exp $ */
2 4
3/*- 5/*-
diff --git a/openbsd-compat/strtoul.c b/openbsd-compat/strtoul.c
new file mode 100644
index 000000000..24d0e253d
--- /dev/null
+++ b/openbsd-compat/strtoul.c
@@ -0,0 +1,114 @@
1/* OPENBSD ORIGINAL: lib/libc/stdlib/strtoul.c */
2
3/*
4 * Copyright (c) 1990 Regents of the University of California.
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the University nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 */
31
32#include "includes.h"
33#ifndef HAVE_STRTOUL
34
35#if defined(LIBC_SCCS) && !defined(lint)
36static char *rcsid = "$OpenBSD: strtoul.c,v 1.5 2003/06/02 20:18:38 millert Exp $";
37#endif /* LIBC_SCCS and not lint */
38
39#include <ctype.h>
40#include <errno.h>
41#include <limits.h>
42#include <stdlib.h>
43
44/*
45 * Convert a string to an unsigned long integer.
46 *
47 * Ignores `locale' stuff. Assumes that the upper and lower case
48 * alphabets and digits are each contiguous.
49 */
50unsigned long
51strtoul(nptr, endptr, base)
52 const char *nptr;
53 char **endptr;
54 register int base;
55{
56 register const char *s;
57 register unsigned long acc, cutoff;
58 register int c;
59 register int neg, any, cutlim;
60
61 /*
62 * See strtol for comments as to the logic used.
63 */
64 s = nptr;
65 do {
66 c = (unsigned char) *s++;
67 } while (isspace(c));
68 if (c == '-') {
69 neg = 1;
70 c = *s++;
71 } else {
72 neg = 0;
73 if (c == '+')
74 c = *s++;
75 }
76 if ((base == 0 || base == 16) &&
77 c == '0' && (*s == 'x' || *s == 'X')) {
78 c = s[1];
79 s += 2;
80 base = 16;
81 }
82 if (base == 0)
83 base = c == '0' ? 8 : 10;
84
85 cutoff = ULONG_MAX / (unsigned long)base;
86 cutlim = ULONG_MAX % (unsigned long)base;
87 for (acc = 0, any = 0;; c = (unsigned char) *s++) {
88 if (isdigit(c))
89 c -= '0';
90 else if (isalpha(c))
91 c -= isupper(c) ? 'A' - 10 : 'a' - 10;
92 else
93 break;
94 if (c >= base)
95 break;
96 if (any < 0)
97 continue;
98 if (acc > cutoff || acc == cutoff && c > cutlim) {
99 any = -1;
100 acc = ULONG_MAX;
101 errno = ERANGE;
102 } else {
103 any = 1;
104 acc *= (unsigned long)base;
105 acc += c;
106 }
107 }
108 if (neg && any > 0)
109 acc = -acc;
110 if (endptr != 0)
111 *endptr = (char *) (any ? s - 1 : nptr);
112 return (acc);
113}
114#endif /* !HAVE_STRTOUL */
diff --git a/openbsd-compat/sys-queue.h b/openbsd-compat/sys-queue.h
index dd5c47525..8ff19e452 100644
--- a/openbsd-compat/sys-queue.h
+++ b/openbsd-compat/sys-queue.h
@@ -1,3 +1,5 @@
1/* OPENBSD ORIGINAL: sys/sys/queue.h */
2
1/* $OpenBSD: queue.h,v 1.23 2003/06/02 23:28:21 millert Exp $ */ 3/* $OpenBSD: queue.h,v 1.23 2003/06/02 23:28:21 millert Exp $ */
2/* $NetBSD: queue.h,v 1.11 1996/05/16 05:17:14 mycroft Exp $ */ 4/* $NetBSD: queue.h,v 1.11 1996/05/16 05:17:14 mycroft Exp $ */
3 5
diff --git a/openbsd-compat/sys-tree.h b/openbsd-compat/sys-tree.h
index 927ca04cd..73cfbe72a 100644
--- a/openbsd-compat/sys-tree.h
+++ b/openbsd-compat/sys-tree.h
@@ -1,3 +1,5 @@
1/* OPENBSD ORIGINAL: sys/sys/tree.h */
2
1/* $OpenBSD: tree.h,v 1.7 2002/10/17 21:51:54 art Exp $ */ 3/* $OpenBSD: tree.h,v 1.7 2002/10/17 21:51:54 art Exp $ */
2/* 4/*
3 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 5 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
diff --git a/openbsd-compat/vis.c b/openbsd-compat/vis.c
index e6a2ce98d..1fb7a01e3 100644
--- a/openbsd-compat/vis.c
+++ b/openbsd-compat/vis.c
@@ -1,3 +1,5 @@
1/* OPENBSD ORIGINAL: lib/libc/gen/vis.c */
2
1/*- 3/*-
2 * Copyright (c) 1989, 1993 4 * Copyright (c) 1989, 1993
3 * The Regents of the University of California. All rights reserved. 5 * The Regents of the University of California. All rights reserved.
diff --git a/openbsd-compat/vis.h b/openbsd-compat/vis.h
index 1c131cc85..663355a24 100644
--- a/openbsd-compat/vis.h
+++ b/openbsd-compat/vis.h
@@ -1,3 +1,5 @@
1/* OPENBSD ORIGINAL: include/vis.h */
2
1/* $OpenBSD: vis.h,v 1.6 2003/06/02 19:34:12 millert Exp $ */ 3/* $OpenBSD: vis.h,v 1.6 2003/06/02 19:34:12 millert Exp $ */
2/* $NetBSD: vis.h,v 1.4 1994/10/26 00:56:41 cgd Exp $ */ 4/* $NetBSD: vis.h,v 1.4 1994/10/26 00:56:41 cgd Exp $ */
3 5
diff --git a/openbsd-compat/xcrypt.c b/openbsd-compat/xcrypt.c
index 5b5d69c72..a0fe6c620 100644
--- a/openbsd-compat/xcrypt.c
+++ b/openbsd-compat/xcrypt.c
@@ -104,10 +104,6 @@ shadow_pw(struct passwd *pw)
104 104
105 if (spw != NULL) 105 if (spw != NULL)
106 pw_password = spw->ufld.fd_encrypt; 106 pw_password = spw->ufld.fd_encrypt;
107# elif defined(__hpux) && !defined(HAVE_SECUREWARE)
108 struct pr_passwd *spw;
109 if (iscomsec() && (spw = getprpwnam(pw->pw_name)) != NULL)
110 pw_password = spw->ufld.fd_encrypt;
111# endif 107# endif
112 108
113 return pw_password; 109 return pw_password;
diff --git a/packet.c b/packet.c
index fd436d56f..f557cd75d 100644
--- a/packet.c
+++ b/packet.c
@@ -37,7 +37,7 @@
37 */ 37 */
38 38
39#include "includes.h" 39#include "includes.h"
40RCSID("$OpenBSD: packet.c,v 1.110 2003/09/19 09:02:02 markus Exp $"); 40RCSID("$OpenBSD: packet.c,v 1.112 2003/09/23 20:17:11 markus Exp $");
41 41
42#include "openbsd-compat/sys-queue.h" 42#include "openbsd-compat/sys-queue.h"
43 43
@@ -168,8 +168,6 @@ packet_set_connection(int fd_in, int fd_out, int new_setup_timeout)
168 buffer_init(&incoming_packet); 168 buffer_init(&incoming_packet);
169 TAILQ_INIT(&outgoing); 169 TAILQ_INIT(&outgoing);
170 } 170 }
171 /* Kludge: arrange the close function to be called from fatal(). */
172 fatal_add_cleanup((void (*) (void *)) packet_close, NULL);
173} 171}
174 172
175/* Returns 1 if remote host is connected via socket, 0 if not. */ 173/* Returns 1 if remote host is connected via socket, 0 if not. */
@@ -309,7 +307,7 @@ packet_connection_is_ipv4(void)
309 if (to.ss_family == AF_INET) 307 if (to.ss_family == AF_INET)
310 return 1; 308 return 1;
311#ifdef IPV4_IN_IPV6 309#ifdef IPV4_IN_IPV6
312 if (to.ss_family == AF_INET6 && 310 if (to.ss_family == AF_INET6 &&
313 IN6_IS_ADDR_V4MAPPED(&((struct sockaddr_in6 *)&to)->sin6_addr)) 311 IN6_IS_ADDR_V4MAPPED(&((struct sockaddr_in6 *)&to)->sin6_addr))
314 return 1; 312 return 1;
315#endif 313#endif
@@ -884,7 +882,7 @@ packet_read_seqnr(u_int32_t *seqnr_p)
884 len = read(connection_in, buf, sizeof(buf)); 882 len = read(connection_in, buf, sizeof(buf));
885 if (len == 0) { 883 if (len == 0) {
886 logit("Connection closed by %.200s", get_remote_ipaddr()); 884 logit("Connection closed by %.200s", get_remote_ipaddr());
887 fatal_cleanup(); 885 cleanup_exit(255);
888 } 886 }
889 if (len < 0) 887 if (len < 0)
890 fatal("Read from socket failed: %.100s", strerror(errno)); 888 fatal("Read from socket failed: %.100s", strerror(errno));
@@ -1150,7 +1148,7 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p)
1150 logit("Received disconnect from %s: %u: %.400s", 1148 logit("Received disconnect from %s: %u: %.400s",
1151 get_remote_ipaddr(), reason, msg); 1149 get_remote_ipaddr(), reason, msg);
1152 xfree(msg); 1150 xfree(msg);
1153 fatal_cleanup(); 1151 cleanup_exit(255);
1154 break; 1152 break;
1155 case SSH2_MSG_UNIMPLEMENTED: 1153 case SSH2_MSG_UNIMPLEMENTED:
1156 seqnr = packet_get_int(); 1154 seqnr = packet_get_int();
@@ -1175,7 +1173,7 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p)
1175 msg = packet_get_string(NULL); 1173 msg = packet_get_string(NULL);
1176 logit("Received disconnect from %s: %.400s", 1174 logit("Received disconnect from %s: %.400s",
1177 get_remote_ipaddr(), msg); 1175 get_remote_ipaddr(), msg);
1178 fatal_cleanup(); 1176 cleanup_exit(255);
1179 xfree(msg); 1177 xfree(msg);
1180 break; 1178 break;
1181 default: 1179 default:
@@ -1352,8 +1350,7 @@ packet_disconnect(const char *fmt,...)
1352 1350
1353 /* Close the connection. */ 1351 /* Close the connection. */
1354 packet_close(); 1352 packet_close();
1355 1353 cleanup_exit(255);
1356 fatal_cleanup();
1357} 1354}
1358 1355
1359/* Checks if there is any buffered output, and tries to write some of the output. */ 1356/* Checks if there is any buffered output, and tries to write some of the output. */
@@ -1420,10 +1417,10 @@ packet_not_very_much_data_to_write(void)
1420} 1417}
1421 1418
1422 1419
1423#if defined(IP_TOS) && !defined(IP_TOS_IS_BROKEN)
1424static void 1420static void
1425packet_set_tos(int interactive) 1421packet_set_tos(int interactive)
1426{ 1422{
1423#if defined(IP_TOS) && !defined(IP_TOS_IS_BROKEN)
1427 int tos = interactive ? IPTOS_LOWDELAY : IPTOS_THROUGHPUT; 1424 int tos = interactive ? IPTOS_LOWDELAY : IPTOS_THROUGHPUT;
1428 1425
1429 if (!packet_connection_is_on_socket() || 1426 if (!packet_connection_is_on_socket() ||
@@ -1433,8 +1430,8 @@ packet_set_tos(int interactive)
1433 sizeof(tos)) < 0) 1430 sizeof(tos)) < 0)
1434 error("setsockopt IP_TOS %d: %.100s:", 1431 error("setsockopt IP_TOS %d: %.100s:",
1435 tos, strerror(errno)); 1432 tos, strerror(errno));
1436}
1437#endif 1433#endif
1434}
1438 1435
1439/* Informs that the current session is interactive. Sets IP flags for that. */ 1436/* Informs that the current session is interactive. Sets IP flags for that. */
1440 1437
@@ -1455,10 +1452,7 @@ packet_set_interactive(int interactive)
1455 return; 1452 return;
1456 if (interactive) 1453 if (interactive)
1457 set_nodelay(connection_in); 1454 set_nodelay(connection_in);
1458#if defined(IP_TOS) && !defined(IP_TOS_IS_BROKEN)
1459 packet_set_tos(interactive); 1455 packet_set_tos(interactive);
1460#endif
1461
1462} 1456}
1463 1457
1464/* Returns true if the current connection is interactive. */ 1458/* Returns true if the current connection is interactive. */
diff --git a/pathnames.h b/pathnames.h
index 89e22c77a..53208cf58 100644
--- a/pathnames.h
+++ b/pathnames.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: pathnames.h,v 1.13 2002/05/23 19:24:30 markus Exp $ */ 1/* $OpenBSD: pathnames.h,v 1.14 2004/01/30 09:48:57 markus Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -150,6 +150,11 @@
150#define _PATH_PRIVSEP_CHROOT_DIR "/var/empty" 150#define _PATH_PRIVSEP_CHROOT_DIR "/var/empty"
151#endif 151#endif
152 152
153/* for passwd change */
154#ifndef _PATH_PASSWD_PROG
155#define _PATH_PASSWD_PROG "/usr/bin/passwd"
156#endif
157
153#ifndef _PATH_LS 158#ifndef _PATH_LS
154#define _PATH_LS "ls" 159#define _PATH_LS "ls"
155#endif 160#endif
diff --git a/progressmeter.c b/progressmeter.c
index c315464ee..f42668526 100644
--- a/progressmeter.c
+++ b/progressmeter.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: progressmeter.c,v 1.15 2003/08/31 12:14:22 markus Exp $"); 26RCSID("$OpenBSD: progressmeter.c,v 1.19 2004/02/05 15:33:33 markus Exp $");
27 27
28#include "progressmeter.h" 28#include "progressmeter.h"
29#include "atomicio.h" 29#include "atomicio.h"
@@ -80,7 +80,7 @@ format_rate(char *buf, int size, off_t bytes)
80 bytes = (bytes + 512) / 1024; 80 bytes = (bytes + 512) / 1024;
81 } 81 }
82 snprintf(buf, size, "%3lld.%1lld%c%s", 82 snprintf(buf, size, "%3lld.%1lld%c%s",
83 (int64_t) bytes / 100, 83 (int64_t) (bytes + 5) / 100,
84 (int64_t) (bytes + 5) / 10 % 10, 84 (int64_t) (bytes + 5) / 10 % 10,
85 unit[i], 85 unit[i],
86 i ? "B" : " "); 86 i ? "B" : " ");
@@ -107,7 +107,7 @@ refresh_progress_meter(void)
107 off_t transferred; 107 off_t transferred;
108 double elapsed; 108 double elapsed;
109 int percent; 109 int percent;
110 int bytes_left; 110 off_t bytes_left;
111 int cur_speed; 111 int cur_speed;
112 int hours, minutes, seconds; 112 int hours, minutes, seconds;
113 int i, len; 113 int i, len;
@@ -120,14 +120,18 @@ refresh_progress_meter(void)
120 120
121 if (bytes_left > 0) 121 if (bytes_left > 0)
122 elapsed = now - last_update; 122 elapsed = now - last_update;
123 else 123 else {
124 elapsed = now - start; 124 elapsed = now - start;
125 /* Calculate true total speed when done */
126 transferred = end_pos;
127 bytes_per_second = 0;
128 }
125 129
126 /* calculate speed */ 130 /* calculate speed */
127 if (elapsed != 0) 131 if (elapsed != 0)
128 cur_speed = (transferred / elapsed); 132 cur_speed = (transferred / elapsed);
129 else 133 else
130 cur_speed = 0; 134 cur_speed = transferred;
131 135
132#define AGE_FACTOR 0.9 136#define AGE_FACTOR 0.9
133 if (bytes_per_second != 0) { 137 if (bytes_per_second != 0) {
@@ -200,7 +204,7 @@ refresh_progress_meter(void)
200 strlcat(buf, " ", win_size); 204 strlcat(buf, " ", win_size);
201 } 205 }
202 206
203 atomicio(vwrite, STDOUT_FILENO, buf, win_size); 207 atomicio(vwrite, STDOUT_FILENO, buf, win_size - 1);
204 last_update = now; 208 last_update = now;
205} 209}
206 210
diff --git a/readconf.c b/readconf.c
index 0a1788ba0..3af3038bb 100644
--- a/readconf.c
+++ b/readconf.c
@@ -12,7 +12,7 @@
12 */ 12 */
13 13
14#include "includes.h" 14#include "includes.h"
15RCSID("$OpenBSD: readconf.c,v 1.121 2003/09/01 18:15:50 markus Exp $"); 15RCSID("$OpenBSD: readconf.c,v 1.127 2003/12/16 15:49:51 markus Exp $");
16 16
17#include "ssh.h" 17#include "ssh.h"
18#include "xmalloc.h" 18#include "xmalloc.h"
@@ -78,9 +78,7 @@ RCSID("$OpenBSD: readconf.c,v 1.121 2003/09/01 18:15:50 markus Exp $");
78 RSAAuthentication yes 78 RSAAuthentication yes
79 RhostsRSAAuthentication yes 79 RhostsRSAAuthentication yes
80 StrictHostKeyChecking yes 80 StrictHostKeyChecking yes
81 KeepAlives no 81 TcpKeepAlive no
82 ProtocolKeepAlives 0
83 SetupTimeOut 0
84 IdentityFile ~/.ssh/identity 82 IdentityFile ~/.ssh/identity
85 Port 22 83 Port 22
86 EscapeChar ~ 84 EscapeChar ~
@@ -91,14 +89,14 @@ RCSID("$OpenBSD: readconf.c,v 1.121 2003/09/01 18:15:50 markus Exp $");
91 89
92typedef enum { 90typedef enum {
93 oBadOption, 91 oBadOption,
94 oForwardAgent, oForwardX11, oGatewayPorts, 92 oForwardAgent, oForwardX11, oForwardX11Trusted, oGatewayPorts,
95 oPasswordAuthentication, oRSAAuthentication, 93 oPasswordAuthentication, oRSAAuthentication,
96 oChallengeResponseAuthentication, oXAuthLocation, 94 oChallengeResponseAuthentication, oXAuthLocation,
97 oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, 95 oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
98 oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand, 96 oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,
99 oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, 97 oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
100 oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, 98 oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
101 oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts, 99 oCompressionLevel, oTCPKeepAlive, oNumberOfPasswordPrompts,
102 oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oMacs, 100 oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oMacs,
103 oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication, 101 oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication,
104 oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, 102 oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,
@@ -107,6 +105,7 @@ typedef enum {
107 oClearAllForwardings, oNoHostAuthenticationForLocalhost, 105 oClearAllForwardings, oNoHostAuthenticationForLocalhost,
108 oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, 106 oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
109 oAddressFamily, oGssAuthentication, oGssDelegateCreds, 107 oAddressFamily, oGssAuthentication, oGssDelegateCreds,
108 oServerAliveInterval, oServerAliveCountMax,
110 oProtocolKeepAlives, oSetupTimeOut, 109 oProtocolKeepAlives, oSetupTimeOut,
111 oDeprecated, oUnsupported 110 oDeprecated, oUnsupported
112} OpCodes; 111} OpCodes;
@@ -119,6 +118,7 @@ static struct {
119} keywords[] = { 118} keywords[] = {
120 { "forwardagent", oForwardAgent }, 119 { "forwardagent", oForwardAgent },
121 { "forwardx11", oForwardX11 }, 120 { "forwardx11", oForwardX11 },
121 { "forwardx11trusted", oForwardX11Trusted },
122 { "xauthlocation", oXAuthLocation }, 122 { "xauthlocation", oXAuthLocation },
123 { "gatewayports", oGatewayPorts }, 123 { "gatewayports", oGatewayPorts },
124 { "useprivilegedport", oUsePrivilegedPort }, 124 { "useprivilegedport", oUsePrivilegedPort },
@@ -171,7 +171,8 @@ static struct {
171 { "stricthostkeychecking", oStrictHostKeyChecking }, 171 { "stricthostkeychecking", oStrictHostKeyChecking },
172 { "compression", oCompression }, 172 { "compression", oCompression },
173 { "compressionlevel", oCompressionLevel }, 173 { "compressionlevel", oCompressionLevel },
174 { "keepalive", oKeepAlives }, 174 { "tcpkeepalive", oTCPKeepAlive },
175 { "keepalive", oTCPKeepAlive }, /* obsolete */
175 { "numberofpasswordprompts", oNumberOfPasswordPrompts }, 176 { "numberofpasswordprompts", oNumberOfPasswordPrompts },
176 { "loglevel", oLogLevel }, 177 { "loglevel", oLogLevel },
177 { "dynamicforward", oDynamicForward }, 178 { "dynamicforward", oDynamicForward },
@@ -185,15 +186,13 @@ static struct {
185#endif 186#endif
186 { "clearallforwardings", oClearAllForwardings }, 187 { "clearallforwardings", oClearAllForwardings },
187 { "enablesshkeysign", oEnableSSHKeysign }, 188 { "enablesshkeysign", oEnableSSHKeysign },
188#ifdef DNS
189 { "verifyhostkeydns", oVerifyHostKeyDNS }, 189 { "verifyhostkeydns", oVerifyHostKeyDNS },
190#else
191 { "verifyhostkeydns", oUnsupported },
192#endif
193 { "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost }, 190 { "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost },
194 { "rekeylimit", oRekeyLimit }, 191 { "rekeylimit", oRekeyLimit },
195 { "connecttimeout", oConnectTimeout }, 192 { "connecttimeout", oConnectTimeout },
196 { "addressfamily", oAddressFamily }, 193 { "addressfamily", oAddressFamily },
194 { "serveraliveinterval", oServerAliveInterval },
195 { "serveralivecountmax", oServerAliveCountMax },
197 { "protocolkeepalives", oProtocolKeepAlives }, 196 { "protocolkeepalives", oProtocolKeepAlives },
198 { "setuptimeout", oSetupTimeOut }, 197 { "setuptimeout", oSetupTimeOut },
199 { NULL, oBadOption } 198 { NULL, oBadOption }
@@ -314,7 +313,7 @@ process_config_line(Options *options, const char *host,
314 /* NOTREACHED */ 313 /* NOTREACHED */
315 case oConnectTimeout: 314 case oConnectTimeout:
316 intptr = &options->connection_timeout; 315 intptr = &options->connection_timeout;
317/* parse_time: */ 316parse_time:
318 arg = strdelim(&s); 317 arg = strdelim(&s);
319 if (!arg || *arg == '\0') 318 if (!arg || *arg == '\0')
320 fatal("%s line %d: missing time value.", 319 fatal("%s line %d: missing time value.",
@@ -347,6 +346,10 @@ parse_flag:
347 intptr = &options->forward_x11; 346 intptr = &options->forward_x11;
348 goto parse_flag; 347 goto parse_flag;
349 348
349 case oForwardX11Trusted:
350 intptr = &options->forward_x11_trusted;
351 goto parse_flag;
352
350 case oGatewayPorts: 353 case oGatewayPorts:
351 intptr = &options->gateway_ports; 354 intptr = &options->gateway_ports;
352 goto parse_flag; 355 goto parse_flag;
@@ -405,10 +408,11 @@ parse_flag:
405 408
406 case oVerifyHostKeyDNS: 409 case oVerifyHostKeyDNS:
407 intptr = &options->verify_host_key_dns; 410 intptr = &options->verify_host_key_dns;
408 goto parse_flag; 411 goto parse_yesnoask;
409 412
410 case oStrictHostKeyChecking: 413 case oStrictHostKeyChecking:
411 intptr = &options->strict_host_key_checking; 414 intptr = &options->strict_host_key_checking;
415parse_yesnoask:
412 arg = strdelim(&s); 416 arg = strdelim(&s);
413 if (!arg || *arg == '\0') 417 if (!arg || *arg == '\0')
414 fatal("%.200s line %d: Missing yes/no/ask argument.", 418 fatal("%.200s line %d: Missing yes/no/ask argument.",
@@ -430,22 +434,14 @@ parse_flag:
430 intptr = &options->compression; 434 intptr = &options->compression;
431 goto parse_flag; 435 goto parse_flag;
432 436
433 case oKeepAlives: 437 case oTCPKeepAlive:
434 intptr = &options->keepalives; 438 intptr = &options->tcp_keep_alive;
435 goto parse_flag; 439 goto parse_flag;
436 440
437 case oNoHostAuthenticationForLocalhost: 441 case oNoHostAuthenticationForLocalhost:
438 intptr = &options->no_host_authentication_for_localhost; 442 intptr = &options->no_host_authentication_for_localhost;
439 goto parse_flag; 443 goto parse_flag;
440 444
441 case oProtocolKeepAlives:
442 intptr = &options->protocolkeepalives;
443 goto parse_int;
444
445 case oSetupTimeOut:
446 intptr = &options->setuptimeout;
447 goto parse_int;
448
449 case oNumberOfPasswordPrompts: 445 case oNumberOfPasswordPrompts:
450 intptr = &options->number_of_password_prompts; 446 intptr = &options->number_of_password_prompts;
451 goto parse_int; 447 goto parse_int;
@@ -743,6 +739,19 @@ parse_int:
743 intptr = &options->enable_ssh_keysign; 739 intptr = &options->enable_ssh_keysign;
744 goto parse_flag; 740 goto parse_flag;
745 741
742 case oServerAliveInterval:
743 case oProtocolKeepAlives: /* Debian-specific compatibility alias */
744 intptr = &options->server_alive_interval;
745 goto parse_time;
746
747 case oServerAliveCountMax:
748 intptr = &options->server_alive_count_max;
749 goto parse_int;
750
751 case oSetupTimeOut:
752 intptr = &options->setuptimeout;
753 goto parse_int;
754
746 case oDeprecated: 755 case oDeprecated:
747 debug("%s line %d: Deprecated option \"%s\"", 756 debug("%s line %d: Deprecated option \"%s\"",
748 filename, linenum, keyword); 757 filename, linenum, keyword);
@@ -819,6 +828,7 @@ initialize_options(Options * options)
819 memset(options, 'X', sizeof(*options)); 828 memset(options, 'X', sizeof(*options));
820 options->forward_agent = -1; 829 options->forward_agent = -1;
821 options->forward_x11 = -1; 830 options->forward_x11 = -1;
831 options->forward_x11_trusted = -1;
822 options->xauth_location = NULL; 832 options->xauth_location = NULL;
823 options->gateway_ports = -1; 833 options->gateway_ports = -1;
824 options->use_privileged_port = -1; 834 options->use_privileged_port = -1;
@@ -836,8 +846,7 @@ initialize_options(Options * options)
836 options->check_host_ip = -1; 846 options->check_host_ip = -1;
837 options->strict_host_key_checking = -1; 847 options->strict_host_key_checking = -1;
838 options->compression = -1; 848 options->compression = -1;
839 options->keepalives = -1; 849 options->tcp_keep_alive = -1;
840 options->protocolkeepalives = -1;
841 options->setuptimeout = -1; 850 options->setuptimeout = -1;
842 options->compression_level = -1; 851 options->compression_level = -1;
843 options->port = -1; 852 options->port = -1;
@@ -871,6 +880,8 @@ initialize_options(Options * options)
871 options->no_host_authentication_for_localhost = - 1; 880 options->no_host_authentication_for_localhost = - 1;
872 options->rekey_limit = - 1; 881 options->rekey_limit = - 1;
873 options->verify_host_key_dns = -1; 882 options->verify_host_key_dns = -1;
883 options->server_alive_interval = -1;
884 options->server_alive_count_max = -1;
874} 885}
875 886
876/* 887/*
@@ -887,6 +898,8 @@ fill_default_options(Options * options)
887 options->forward_agent = 0; 898 options->forward_agent = 0;
888 if (options->forward_x11 == -1) 899 if (options->forward_x11 == -1)
889 options->forward_x11 = 0; 900 options->forward_x11 = 0;
901 if (options->forward_x11_trusted == -1)
902 options->forward_x11_trusted = 0;
890 if (options->xauth_location == NULL) 903 if (options->xauth_location == NULL)
891 options->xauth_location = _PATH_XAUTH; 904 options->xauth_location = _PATH_XAUTH;
892 if (options->gateway_ports == -1) 905 if (options->gateway_ports == -1)
@@ -900,7 +913,7 @@ fill_default_options(Options * options)
900 if (options->challenge_response_authentication == -1) 913 if (options->challenge_response_authentication == -1)
901 options->challenge_response_authentication = 1; 914 options->challenge_response_authentication = 1;
902 if (options->gss_authentication == -1) 915 if (options->gss_authentication == -1)
903 options->gss_authentication = 1; 916 options->gss_authentication = 0;
904 if (options->gss_deleg_creds == -1) 917 if (options->gss_deleg_creds == -1)
905 options->gss_deleg_creds = 0; 918 options->gss_deleg_creds = 0;
906 if (options->password_authentication == -1) 919 if (options->password_authentication == -1)
@@ -919,16 +932,8 @@ fill_default_options(Options * options)
919 options->strict_host_key_checking = 2; /* 2 is default */ 932 options->strict_host_key_checking = 2; /* 2 is default */
920 if (options->compression == -1) 933 if (options->compression == -1)
921 options->compression = 0; 934 options->compression = 0;
922 if (options->keepalives == -1) 935 if (options->tcp_keep_alive == -1)
923 options->keepalives = 1; 936 options->tcp_keep_alive = 1;
924 if (options->protocolkeepalives == -1){
925 if (options->batch_mode == 1) /*in batch mode, default is 5mins */
926 options->protocolkeepalives = 300;
927 else options->protocolkeepalives = 0;}
928 if (options->setuptimeout == -1){
929 if (options->batch_mode == 1) /*in batch mode, default is 5mins */
930 options->setuptimeout = 300;
931 else options->setuptimeout = 0;}
932 if (options->compression_level == -1) 937 if (options->compression_level == -1)
933 options->compression_level = 6; 938 options->compression_level = 6;
934 if (options->port == -1) 939 if (options->port == -1)
@@ -991,6 +996,22 @@ fill_default_options(Options * options)
991 options->rekey_limit = 0; 996 options->rekey_limit = 0;
992 if (options->verify_host_key_dns == -1) 997 if (options->verify_host_key_dns == -1)
993 options->verify_host_key_dns = 0; 998 options->verify_host_key_dns = 0;
999 if (options->server_alive_interval == -1) {
1000 /* in batch mode, default is 5mins */
1001 if (options->batch_mode == 1)
1002 options->server_alive_interval = 300;
1003 else
1004 options->server_alive_interval = 0;
1005 }
1006 if (options->server_alive_count_max == -1)
1007 options->server_alive_count_max = 3;
1008 if (options->setuptimeout == -1) {
1009 /* in batch mode, default is 5mins */
1010 if (options->batch_mode == 1)
1011 options->setuptimeout = 300;
1012 else
1013 options->setuptimeout = 0;
1014 }
994 /* options->proxy_command should not be set by default */ 1015 /* options->proxy_command should not be set by default */
995 /* options->user will be set in the main program if appropriate */ 1016 /* options->user will be set in the main program if appropriate */
996 /* options->hostname will be set in the main program if appropriate */ 1017 /* options->hostname will be set in the main program if appropriate */
diff --git a/readconf.h b/readconf.h
index 56cbec539..8521f85ac 100644
--- a/readconf.h
+++ b/readconf.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: readconf.h,v 1.55 2003/09/01 18:15:50 markus Exp $ */ 1/* $OpenBSD: readconf.h,v 1.59 2003/12/16 15:49:51 markus Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -30,6 +30,7 @@ typedef struct {
30typedef struct { 30typedef struct {
31 int forward_agent; /* Forward authentication agent. */ 31 int forward_agent; /* Forward authentication agent. */
32 int forward_x11; /* Forward X11 display. */ 32 int forward_x11; /* Forward X11 display. */
33 int forward_x11_trusted; /* Trust Forward X11 display. */
33 char *xauth_location; /* Location for xauth program */ 34 char *xauth_location; /* Location for xauth program */
34 int gateway_ports; /* Allow remote connects to forwarded ports. */ 35 int gateway_ports; /* Allow remote connects to forwarded ports. */
35 int use_privileged_port; /* Don't use privileged port if false. */ 36 int use_privileged_port; /* Don't use privileged port if false. */
@@ -52,8 +53,7 @@ typedef struct {
52 int compression; /* Compress packets in both directions. */ 53 int compression; /* Compress packets in both directions. */
53 int compression_level; /* Compression level 1 (fast) to 9 54 int compression_level; /* Compression level 1 (fast) to 9
54 * (best). */ 55 * (best). */
55 int keepalives; /* Set SO_KEEPALIVE. */ 56 int tcp_keep_alive; /* Set SO_KEEPALIVE. */
56 int protocolkeepalives; /* ssh-level keepalives */
57 int setuptimeout; /* timeout in the protocol banner exchange */ 57 int setuptimeout; /* timeout in the protocol banner exchange */
58 LogLevel log_level; /* Level for logging. */ 58 LogLevel log_level; /* Level for logging. */
59 59
@@ -62,7 +62,7 @@ typedef struct {
62 int connection_attempts; /* Max attempts (seconds) before 62 int connection_attempts; /* Max attempts (seconds) before
63 * giving up */ 63 * giving up */
64 int connection_timeout; /* Max time (seconds) before 64 int connection_timeout; /* Max time (seconds) before
65 * aborting connection attempt */ 65 * aborting connection attempt */
66 int number_of_password_prompts; /* Max number of password 66 int number_of_password_prompts; /* Max number of password
67 * prompts. */ 67 * prompts. */
68 int cipher; /* Cipher to use. */ 68 int cipher; /* Cipher to use. */
@@ -101,6 +101,8 @@ typedef struct {
101 int enable_ssh_keysign; 101 int enable_ssh_keysign;
102 int rekey_limit; 102 int rekey_limit;
103 int no_host_authentication_for_localhost; 103 int no_host_authentication_for_localhost;
104 int server_alive_interval;
105 int server_alive_count_max;
104} Options; 106} Options;
105 107
106 108
diff --git a/regress/Makefile b/regress/Makefile
index 623be8d82..76e28d36d 100644
--- a/regress/Makefile
+++ b/regress/Makefile
@@ -1,4 +1,4 @@
1# $OpenBSD: Makefile,v 1.24 2003/07/03 08:24:13 markus Exp $ 1# $OpenBSD: Makefile,v 1.26 2003/10/11 11:49:49 dtucker Exp $
2 2
3REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t-exec 3REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t-exec
4tests: $(REGRESS_TARGETS) 4tests: $(REGRESS_TARGETS)
@@ -14,6 +14,7 @@ LTESTS= connect \
14 proto-mismatch \ 14 proto-mismatch \
15 exit-status \ 15 exit-status \
16 transfer \ 16 transfer \
17 banner \
17 rekey \ 18 rekey \
18 stderr-data \ 19 stderr-data \
19 stderr-after-eof \ 20 stderr-after-eof \
@@ -40,7 +41,7 @@ CLEANFILES= t2.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \
40 ssh_config ssh_proxy sshd_config sshd_proxy \ 41 ssh_config ssh_proxy sshd_config sshd_proxy \
41 rsa.pub rsa rsa1.pub rsa1 host.rsa host.rsa1 \ 42 rsa.pub rsa rsa1.pub rsa1 host.rsa host.rsa1 \
42 rsa-agent rsa-agent.pub rsa1-agent rsa1-agent.pub \ 43 rsa-agent rsa-agent.pub rsa1-agent rsa1-agent.pub \
43 ls.copy remote_pid 44 ls.copy banner.in banner.out empty.in remote_pid
44 45
45#LTESTS += ssh-com ssh-com-client ssh-com-keygen ssh-com-sftp 46#LTESTS += ssh-com ssh-com-client ssh-com-keygen ssh-com-sftp
46 47
diff --git a/regress/README.regress b/regress/README.regress
index 916894a88..b479c6c07 100644
--- a/regress/README.regress
+++ b/regress/README.regress
@@ -22,7 +22,7 @@ Environment variables.
22 22
23SUDO: path to sudo command, if desired. Note that some systems (notably 23SUDO: path to sudo command, if desired. Note that some systems (notably
24 systems using PAM) require sudo to execute some tests. 24 systems using PAM) require sudo to execute some tests.
25TEST_SSH_TRACE: set yo "yes" for verbose output from tests 25TEST_SSH_TRACE: set to "yes" for verbose output from tests
26TEST_SSH_QUIET: set to "yes" to suppress non-fatal output. 26TEST_SSH_QUIET: set to "yes" to suppress non-fatal output.
27TEST_SSH_x: path to "ssh" command under test, where x=SSH,SSHD,SSHAGENT,SSHADD 27TEST_SSH_x: path to "ssh" command under test, where x=SSH,SSHD,SSHAGENT,SSHADD
28 SSHKEYGEN,SSHKEYSCAN,SFTP,SFTPSERVER 28 SSHKEYGEN,SSHKEYSCAN,SFTP,SFTPSERVER
@@ -82,5 +82,13 @@ Failed tests can be difficult to diagnose. Suggestions:
82 82
83Known Issues. 83Known Issues.
84 84
85- If you build with tcpwrappers and try to run the regression tests,
86 your hosts.allow must permit connections from localhost and from
87 "unknown". This is because some tests are performed via the loopback
88 interface, while others are done with "sshd -i" as a ProxyCommand. In
89 the latter case, when sshd calls getpeername() on the socket it will
90 fail (because it's not a tcp socket) and will be identified as
91 "unknown", which is then checked against tcpwrappers.
85 92
86$Id: README.regress,v 1.1 2003/09/04 05:39:54 dtucker Exp $ 93
94$Id: README.regress,v 1.3 2004/01/28 01:26:14 dtucker Exp $
diff --git a/regress/agent-ptrace.sh b/regress/agent-ptrace.sh
index cd9c0023d..bd79d7cb8 100644
--- a/regress/agent-ptrace.sh
+++ b/regress/agent-ptrace.sh
@@ -5,7 +5,7 @@ tid="disallow agent ptrace attach"
5 5
6if have_prog uname ; then 6if have_prog uname ; then
7 case `uname` in 7 case `uname` in
8 Linux|HP-UX|SunOS|NetBSD|AIX|CYGWIN*) 8 AIX|CYGWIN*)
9 echo "skipped (not supported on this platform)" 9 echo "skipped (not supported on this platform)"
10 exit 0 10 exit 0
11 ;; 11 ;;
@@ -19,6 +19,15 @@ else
19 exit 0 19 exit 0
20fi 20fi
21 21
22if test -z "$SUDO" ; then
23 echo "skipped (SUDO not set)"
24 exit 0
25else
26 $SUDO chown 0 ${SSHAGENT}
27 $SUDO chgrp 0 ${SSHAGENT}
28 $SUDO chmod 2755 ${SSHAGENT}
29fi
30
22trace "start agent" 31trace "start agent"
23eval `${SSHAGENT} -s` > /dev/null 32eval `${SSHAGENT} -s` > /dev/null
24r=$? 33r=$?
@@ -32,7 +41,7 @@ EOF
32 if [ $? -ne 0 ]; then 41 if [ $? -ne 0 ]; then
33 fail "gdb failed: exit code $?" 42 fail "gdb failed: exit code $?"
34 fi 43 fi
35 grep 'ptrace: Operation not permitted.' >/dev/null ${OBJ}/gdb.out 44 egrep 'ptrace: Operation not permitted.|procfs:.*Permission denied.|ttrace attach: Permission denied.' >/dev/null ${OBJ}/gdb.out
36 r=$? 45 r=$?
37 rm -f ${OBJ}/gdb.out 46 rm -f ${OBJ}/gdb.out
38 if [ $r -ne 0 ]; then 47 if [ $r -ne 0 ]; then
diff --git a/regress/banner.sh b/regress/banner.sh
new file mode 100644
index 000000000..0b9c95007
--- /dev/null
+++ b/regress/banner.sh
@@ -0,0 +1,44 @@
1# $OpenBSD: banner.sh,v 1.2 2003/10/11 11:49:49 dtucker Exp $
2# Placed in the Public Domain.
3
4tid="banner"
5echo "Banner $OBJ/banner.in" >> $OBJ/sshd_proxy
6
7rm -f $OBJ/banner.out $OBJ/banner.in $OBJ/empty.in
8touch $OBJ/empty.in
9
10trace "test missing banner file"
11verbose "test $tid: missing banner file"
12( ${SSH} -2 -F $OBJ/ssh_proxy otherhost true 2>$OBJ/banner.out && \
13 cmp $OBJ/empty.in $OBJ/banner.out ) || \
14 fail "missing banner file"
15
16for s in 0 10 100 1000 10000 100000 ; do
17 if [ "$s" = "0" ]; then
18 # create empty banner
19 touch $OBJ/banner.in
20 elif [ "$s" = "10" ]; then
21 # create 10-byte banner file
22 echo "abcdefghi" >$OBJ/banner.in
23 else
24 # increase size 10x
25 cp $OBJ/banner.in $OBJ/banner.out
26 for i in 0 1 2 3 4 5 6 7 8 ; do
27 cat $OBJ/banner.out >> $OBJ/banner.in
28 done
29 fi
30
31 trace "test banner size $s"
32 verbose "test $tid: size $s"
33 ( ${SSH} -2 -F $OBJ/ssh_proxy otherhost true 2>$OBJ/banner.out && \
34 cmp $OBJ/banner.in $OBJ/banner.out ) || \
35 fail "banner size $s mismatch"
36done
37
38trace "test suppress banner (-q)"
39verbose "test $tid: suppress banner (-q)"
40( ${SSH} -q -2 -F $OBJ/ssh_proxy otherhost true 2>$OBJ/banner.out && \
41 cmp $OBJ/empty.in $OBJ/banner.out ) || \
42 fail "suppress banner (-q)"
43
44rm -f $OBJ/banner.out $OBJ/banner.in $OBJ/empty.in
diff --git a/regress/sftp-badcmds.sh b/regress/sftp-badcmds.sh
index a6a19409d..eac189aaf 100644
--- a/regress/sftp-badcmds.sh
+++ b/regress/sftp-badcmds.sh
@@ -4,7 +4,7 @@
4tid="sftp invalid commands" 4tid="sftp invalid commands"
5 5
6DATA=/bin/ls${EXEEXT} 6DATA=/bin/ls${EXEEXT}
7DATA2=/bin/cat${EXEEXT} 7DATA2=/bin/sh${EXEEXT}
8NONEXIST=/NONEXIST.$$ 8NONEXIST=/NONEXIST.$$
9COPY=${OBJ}/copy 9COPY=${OBJ}/copy
10GLOBFILES=`(cd /bin;echo l*)` 10GLOBFILES=`(cd /bin;echo l*)`
diff --git a/regress/sftp-batch.sh b/regress/sftp-batch.sh
index f648eae80..365c47cfc 100644
--- a/regress/sftp-batch.sh
+++ b/regress/sftp-batch.sh
@@ -1,11 +1,11 @@
1# $OpenBSD: sftp-batch.sh,v 1.2 2003/01/10 07:52:41 djm Exp $ 1# $OpenBSD: sftp-batch.sh,v 1.3 2004/01/13 09:49:06 djm Exp $
2# Placed in the Public Domain. 2# Placed in the Public Domain.
3 3
4tid="sftp batchfile" 4tid="sftp batchfile"
5 5
6DATA=/bin/ls${EXEEXT} 6DATA=/bin/ls${EXEEXT}
7COPY=${OBJ}/copy 7COPY=${OBJ}/copy
8BATCH=${OBJ}/sftp-batch.tmp 8BATCH=${OBJ}/sftp.bb
9 9
10rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${BATCH}.* 10rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${BATCH}.*
11 11
diff --git a/regress/sftp-cmds.sh b/regress/sftp-cmds.sh
index 1256aeb2d..3669b19ff 100644
--- a/regress/sftp-cmds.sh
+++ b/regress/sftp-cmds.sh
@@ -1,4 +1,4 @@
1# $OpenBSD: sftp-cmds.sh,v 1.5 2003/07/19 00:46:31 djm Exp $ 1# $OpenBSD: sftp-cmds.sh,v 1.6 2003/10/07 07:04:52 djm Exp $
2# Placed in the Public Domain. 2# Placed in the Public Domain.
3 3
4# XXX - TODO: 4# XXX - TODO:
@@ -79,6 +79,20 @@ echo "get $DATA $COPY" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
79 || fail "get failed" 79 || fail "get failed"
80cmp $DATA ${COPY} || fail "corrupted copy after get" 80cmp $DATA ${COPY} || fail "corrupted copy after get"
81 81
82rm -f ${COPY}
83verbose "$tid: get quoted"
84echo "get \"$DATA\" $COPY" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
85 || fail "get failed"
86cmp $DATA ${COPY} || fail "corrupted copy after get"
87
88rm -f ${QUOTECOPY}
89cp $DATA ${QUOTECOPY}
90verbose "$tid: get filename with quotes"
91echo "get \"$QUOTECOPY_ARG\" ${COPY}" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
92 || fail "put failed"
93cmp ${COPY} ${QUOTECOPY} || fail "corrupted copy after get with quotes"
94rm -f ${QUOTECOPY} ${COPY}
95
82rm -f ${COPY}.dd/* 96rm -f ${COPY}.dd/*
83verbose "$tid: get to directory" 97verbose "$tid: get to directory"
84echo "get $DATA ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \ 98echo "get $DATA ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
diff --git a/regress/ssh-com.sh b/regress/ssh-com.sh
index 78ae6e9e1..c3715a242 100644
--- a/regress/ssh-com.sh
+++ b/regress/ssh-com.sh
@@ -1,4 +1,4 @@
1# $OpenBSD: ssh-com.sh,v 1.5 2003/05/14 22:08:27 markus Exp $ 1# $OpenBSD: ssh-com.sh,v 1.6 2003/11/07 10:16:44 jmc Exp $
2# Placed in the Public Domain. 2# Placed in the Public Domain.
3 3
4tid="connect to ssh.com server" 4tid="connect to ssh.com server"
@@ -29,7 +29,7 @@ SRC=`dirname ${SCRIPT}`
29# ssh.com 29# ssh.com
30cat << EOF > $OBJ/sshd2_config 30cat << EOF > $OBJ/sshd2_config
31#*: 31#*:
32 # Port and ListenAdress are not used. 32 # Port and ListenAddress are not used.
33 QuietMode yes 33 QuietMode yes
34 Port 4343 34 Port 4343
35 ListenAddress 127.0.0.1 35 ListenAddress 127.0.0.1
diff --git a/regress/test-exec.sh b/regress/test-exec.sh
index cc7ea67fe..98851dc97 100644
--- a/regress/test-exec.sh
+++ b/regress/test-exec.sh
@@ -30,7 +30,7 @@ if [ ! -f $SCRIPT ]; then
30 echo "not a file: $SCRIPT" 30 echo "not a file: $SCRIPT"
31 exit 2 31 exit 2
32fi 32fi
33if sh -n $SCRIPT; then 33if $TEST_SHELL -n $SCRIPT; then
34 true 34 true
35else 35else
36 echo "syntax error in $SCRIPT" 36 echo "syntax error in $SCRIPT"
@@ -185,7 +185,6 @@ Host *
185 ChallengeResponseAuthentication no 185 ChallengeResponseAuthentication no
186 HostbasedAuthentication no 186 HostbasedAuthentication no
187 PasswordAuthentication no 187 PasswordAuthentication no
188 RhostsAuthentication no
189 RhostsRSAAuthentication no 188 RhostsRSAAuthentication no
190 BatchMode yes 189 BatchMode yes
191 StrictHostKeyChecking yes 190 StrictHostKeyChecking yes
diff --git a/rijndael.c b/rijndael.c
index 6965ca3b0..1cd24de14 100644
--- a/rijndael.c
+++ b/rijndael.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: rijndael.c,v 1.14 2002/07/10 17:53:54 deraadt Exp $ */ 1/* $OpenBSD: rijndael.c,v 1.15 2003/11/21 11:57:03 djm Exp $ */
2 2
3/** 3/**
4 * rijndael-alg-fst.c 4 * rijndael-alg-fst.c
@@ -725,7 +725,7 @@ static const u32 rcon[] = {
725 * @return the number of rounds for the given cipher key size. 725 * @return the number of rounds for the given cipher key size.
726 */ 726 */
727static int rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits) { 727static int rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits) {
728 int i = 0; 728 int i = 0;
729 u32 temp; 729 u32 temp;
730 730
731 rk[0] = GETU32(cipherKey ); 731 rk[0] = GETU32(cipherKey );
@@ -797,7 +797,7 @@ static int rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int
797 (Te4[(temp ) & 0xff] & 0x000000ff); 797 (Te4[(temp ) & 0xff] & 0x000000ff);
798 rk[13] = rk[ 5] ^ rk[12]; 798 rk[13] = rk[ 5] ^ rk[12];
799 rk[14] = rk[ 6] ^ rk[13]; 799 rk[14] = rk[ 6] ^ rk[13];
800 rk[15] = rk[ 7] ^ rk[14]; 800 rk[15] = rk[ 7] ^ rk[14];
801 rk += 8; 801 rk += 8;
802 } 802 }
803 } 803 }
@@ -871,50 +871,50 @@ static void rijndaelEncrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 pt[16
871 s3 = GETU32(pt + 12) ^ rk[3]; 871 s3 = GETU32(pt + 12) ^ rk[3];
872#ifdef FULL_UNROLL 872#ifdef FULL_UNROLL
873 /* round 1: */ 873 /* round 1: */
874 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4]; 874 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4];
875 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[ 5]; 875 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[ 5];
876 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[ 6]; 876 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[ 6];
877 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[ 7]; 877 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[ 7];
878 /* round 2: */ 878 /* round 2: */
879 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[ 8]; 879 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[ 8];
880 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[ 9]; 880 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[ 9];
881 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[10]; 881 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[10];
882 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[11]; 882 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[11];
883 /* round 3: */ 883 /* round 3: */
884 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[12]; 884 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[12];
885 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[13]; 885 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[13];
886 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[14]; 886 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[14];
887 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[15]; 887 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[15];
888 /* round 4: */ 888 /* round 4: */
889 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[16]; 889 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[16];
890 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[17]; 890 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[17];
891 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[18]; 891 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[18];
892 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[19]; 892 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[19];
893 /* round 5: */ 893 /* round 5: */
894 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[20]; 894 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[20];
895 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[21]; 895 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[21];
896 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[22]; 896 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[22];
897 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[23]; 897 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[23];
898 /* round 6: */ 898 /* round 6: */
899 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[24]; 899 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[24];
900 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[25]; 900 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[25];
901 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[26]; 901 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[26];
902 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[27]; 902 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[27];
903 /* round 7: */ 903 /* round 7: */
904 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[28]; 904 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[28];
905 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[29]; 905 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[29];
906 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[30]; 906 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[30];
907 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[31]; 907 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[31];
908 /* round 8: */ 908 /* round 8: */
909 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[32]; 909 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[32];
910 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[33]; 910 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[33];
911 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[34]; 911 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[34];
912 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[35]; 912 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[35];
913 /* round 9: */ 913 /* round 9: */
914 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[36]; 914 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[36];
915 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[37]; 915 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[37];
916 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38]; 916 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38];
917 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39]; 917 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39];
918 if (Nr > 10) { 918 if (Nr > 10) {
919 /* round 10: */ 919 /* round 10: */
920 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40]; 920 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40];
@@ -1187,33 +1187,33 @@ static void rijndaelDecrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 ct[16
1187 * apply last round and 1187 * apply last round and
1188 * map cipher state to byte array block: 1188 * map cipher state to byte array block:
1189 */ 1189 */
1190 s0 = 1190 s0 =
1191 (Td4[(t0 >> 24) ] & 0xff000000) ^ 1191 (Td4[(t0 >> 24) ] & 0xff000000) ^
1192 (Td4[(t3 >> 16) & 0xff] & 0x00ff0000) ^ 1192 (Td4[(t3 >> 16) & 0xff] & 0x00ff0000) ^
1193 (Td4[(t2 >> 8) & 0xff] & 0x0000ff00) ^ 1193 (Td4[(t2 >> 8) & 0xff] & 0x0000ff00) ^
1194 (Td4[(t1 ) & 0xff] & 0x000000ff) ^ 1194 (Td4[(t1 ) & 0xff] & 0x000000ff) ^
1195 rk[0]; 1195 rk[0];
1196 PUTU32(pt , s0); 1196 PUTU32(pt , s0);
1197 s1 = 1197 s1 =
1198 (Td4[(t1 >> 24) ] & 0xff000000) ^ 1198 (Td4[(t1 >> 24) ] & 0xff000000) ^
1199 (Td4[(t0 >> 16) & 0xff] & 0x00ff0000) ^ 1199 (Td4[(t0 >> 16) & 0xff] & 0x00ff0000) ^
1200 (Td4[(t3 >> 8) & 0xff] & 0x0000ff00) ^ 1200 (Td4[(t3 >> 8) & 0xff] & 0x0000ff00) ^
1201 (Td4[(t2 ) & 0xff] & 0x000000ff) ^ 1201 (Td4[(t2 ) & 0xff] & 0x000000ff) ^
1202 rk[1]; 1202 rk[1];
1203 PUTU32(pt + 4, s1); 1203 PUTU32(pt + 4, s1);
1204 s2 = 1204 s2 =
1205 (Td4[(t2 >> 24) ] & 0xff000000) ^ 1205 (Td4[(t2 >> 24) ] & 0xff000000) ^
1206 (Td4[(t1 >> 16) & 0xff] & 0x00ff0000) ^ 1206 (Td4[(t1 >> 16) & 0xff] & 0x00ff0000) ^
1207 (Td4[(t0 >> 8) & 0xff] & 0x0000ff00) ^ 1207 (Td4[(t0 >> 8) & 0xff] & 0x0000ff00) ^
1208 (Td4[(t3 ) & 0xff] & 0x000000ff) ^ 1208 (Td4[(t3 ) & 0xff] & 0x000000ff) ^
1209 rk[2]; 1209 rk[2];
1210 PUTU32(pt + 8, s2); 1210 PUTU32(pt + 8, s2);
1211 s3 = 1211 s3 =
1212 (Td4[(t3 >> 24) ] & 0xff000000) ^ 1212 (Td4[(t3 >> 24) ] & 0xff000000) ^
1213 (Td4[(t2 >> 16) & 0xff] & 0x00ff0000) ^ 1213 (Td4[(t2 >> 16) & 0xff] & 0x00ff0000) ^
1214 (Td4[(t1 >> 8) & 0xff] & 0x0000ff00) ^ 1214 (Td4[(t1 >> 8) & 0xff] & 0x0000ff00) ^
1215 (Td4[(t0 ) & 0xff] & 0x000000ff) ^ 1215 (Td4[(t0 ) & 0xff] & 0x000000ff) ^
1216 rk[3]; 1216 rk[3];
1217 PUTU32(pt + 12, s3); 1217 PUTU32(pt + 12, s3);
1218} 1218}
1219 1219
diff --git a/scard-opensc.c b/scard-opensc.c
index 2489fec45..a9b7ebc61 100644
--- a/scard-opensc.c
+++ b/scard-opensc.c
@@ -1,7 +1,7 @@
1/* 1/*
2 * Copyright (c) 2002 Juha Yrjölä. All rights reserved. 2 * Copyright (c) 2002 Juha Yrjölä. All rights reserved.
3 * Copyright (c) 2001 Markus Friedl. 3 * Copyright (c) 2001 Markus Friedl.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
7 * are met: 7 * are met:
@@ -81,7 +81,7 @@ sc_close(void)
81 } 81 }
82} 82}
83 83
84static int 84static int
85sc_init(void) 85sc_init(void)
86{ 86{
87 int r; 87 int r;
@@ -91,7 +91,7 @@ sc_init(void)
91 goto err; 91 goto err;
92 if (sc_reader_id >= ctx->reader_count) { 92 if (sc_reader_id >= ctx->reader_count) {
93 r = SC_ERROR_NO_READERS_FOUND; 93 r = SC_ERROR_NO_READERS_FOUND;
94 error("Illegal reader number %d (max %d)", sc_reader_id, 94 error("Illegal reader number %d (max %d)", sc_reader_id,
95 ctx->reader_count -1); 95 ctx->reader_count -1);
96 goto err; 96 goto err;
97 } 97 }
@@ -131,7 +131,7 @@ sc_prkey_op_init(RSA *rsa, struct sc_pkcs15_object **key_obj_out,
131 goto err; 131 goto err;
132 } 132 }
133 } 133 }
134 r = sc_pkcs15_find_prkey_by_id_usage(p15card, &priv->cert_id, 134 r = sc_pkcs15_find_prkey_by_id_usage(p15card, &priv->cert_id,
135 usage, &key_obj); 135 usage, &key_obj);
136 if (r) { 136 if (r) {
137 error("Unable to find private key from SmartCard: %s", 137 error("Unable to find private key from SmartCard: %s",
@@ -189,11 +189,11 @@ sc_private_decrypt(int flen, u_char *from, u_char *to, RSA *rsa,
189 int r; 189 int r;
190 190
191 if (padding != RSA_PKCS1_PADDING) 191 if (padding != RSA_PKCS1_PADDING)
192 return -1; 192 return -1;
193 r = sc_prkey_op_init(rsa, &key_obj, SC_USAGE_DECRYPT); 193 r = sc_prkey_op_init(rsa, &key_obj, SC_USAGE_DECRYPT);
194 if (r) 194 if (r)
195 return -1; 195 return -1;
196 r = sc_pkcs15_decipher(p15card, key_obj, SC_ALGORITHM_RSA_PAD_PKCS1, 196 r = sc_pkcs15_decipher(p15card, key_obj, SC_ALGORITHM_RSA_PAD_PKCS1,
197 from, flen, to, flen); 197 from, flen, to, flen);
198 sc_unlock(card); 198 sc_unlock(card);
199 if (r < 0) { 199 if (r < 0) {
@@ -223,7 +223,7 @@ sc_sign(int type, u_char *m, unsigned int m_len,
223 * the key will be rejected as using a non-repudiation key 223 * the key will be rejected as using a non-repudiation key
224 * for authentication is not recommended. Note: This does not 224 * for authentication is not recommended. Note: This does not
225 * prevent the use of a non-repudiation key for authentication 225 * prevent the use of a non-repudiation key for authentication
226 * if the sign or signrecover flag is set as well. 226 * if the sign or signrecover flag is set as well.
227 */ 227 */
228 r = sc_prkey_op_init(rsa, &key_obj, SC_USAGE_SIGN); 228 r = sc_prkey_op_init(rsa, &key_obj, SC_USAGE_SIGN);
229 if (r) 229 if (r)
@@ -325,7 +325,7 @@ static void
325convert_rsa_to_rsa1(Key * in, Key * out) 325convert_rsa_to_rsa1(Key * in, Key * out)
326{ 326{
327 struct sc_priv_data *priv; 327 struct sc_priv_data *priv;
328 328
329 out->rsa->flags = in->rsa->flags; 329 out->rsa->flags = in->rsa->flags;
330 out->flags = in->flags; 330 out->flags = in->flags;
331 RSA_set_method(out->rsa, RSA_get_method(in->rsa)); 331 RSA_set_method(out->rsa, RSA_get_method(in->rsa));
@@ -337,7 +337,7 @@ convert_rsa_to_rsa1(Key * in, Key * out)
337 return; 337 return;
338} 338}
339 339
340static int 340static int
341sc_read_pubkey(Key * k, const struct sc_pkcs15_object *cert_obj) 341sc_read_pubkey(Key * k, const struct sc_pkcs15_object *cert_obj)
342{ 342{
343 int r; 343 int r;
@@ -349,7 +349,7 @@ sc_read_pubkey(Key * k, const struct sc_pkcs15_object *cert_obj)
349 EVP_PKEY *pubkey = NULL; 349 EVP_PKEY *pubkey = NULL;
350 u8 *p; 350 u8 *p;
351 char *tmp; 351 char *tmp;
352 352
353 debug("sc_read_pubkey() with cert id %02X", cinfo->id.value[0]); 353 debug("sc_read_pubkey() with cert id %02X", cinfo->id.value[0]);
354 r = sc_pkcs15_read_certificate(p15card, cinfo, &cert); 354 r = sc_pkcs15_read_certificate(p15card, cinfo, &cert);
355 if (r) { 355 if (r) {
@@ -358,7 +358,7 @@ sc_read_pubkey(Key * k, const struct sc_pkcs15_object *cert_obj)
358 } 358 }
359 x509 = X509_new(); 359 x509 = X509_new();
360 if (x509 == NULL) { 360 if (x509 == NULL) {
361 r = -1; 361 r = -1;
362 goto err; 362 goto err;
363 } 363 }
364 p = cert->data; 364 p = cert->data;
@@ -391,7 +391,7 @@ sc_read_pubkey(Key * k, const struct sc_pkcs15_object *cert_obj)
391 tmp = key_fingerprint(k, SSH_FP_MD5, SSH_FP_HEX); 391 tmp = key_fingerprint(k, SSH_FP_MD5, SSH_FP_HEX);
392 debug("fingerprint %d %s", key_size(k), tmp); 392 debug("fingerprint %d %s", key_size(k), tmp);
393 xfree(tmp); 393 xfree(tmp);
394 394
395 return 0; 395 return 0;
396err: 396err:
397 if (cert) 397 if (cert)
diff --git a/scp.0 b/scp.0
index 2ebff48d0..d107ae7f7 100644
--- a/scp.0
+++ b/scp.0
@@ -1,12 +1,12 @@
1SCP(1) BSD General Commands Manual SCP(1) 1SCP(1) OpenBSD Reference Manual SCP(1)
2 2
3NAME 3NAME
4 scp - secure copy (remote file copy program) 4 scp - secure copy (remote file copy program)
5 5
6SYNOPSIS 6SYNOPSIS
7 scp [-pqrvBC1246] [-F ssh_config] [-S program] [-P port] [-c cipher] 7 scp [-1246BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file]
8 [-i identity_file] [-l limit] [-o ssh_option] [[user@]host1:]file1 8 [-l limit] [-o ssh_option] [-P port] [-S program]
9 [...] [[user@]host2:]file2 9 [[user@]host1:]file1 [...] [[user@]host2:]file2
10 10
11DESCRIPTION 11DESCRIPTION
12 scp copies files between hosts on a network. It uses ssh(1) for data 12 scp copies files between hosts on a network. It uses ssh(1) for data
@@ -20,10 +20,28 @@ DESCRIPTION
20 20
21 The options are as follows: 21 The options are as follows:
22 22
23 -1 Forces scp to use protocol 1.
24
25 -2 Forces scp to use protocol 2.
26
27 -4 Forces scp to use IPv4 addresses only.
28
29 -6 Forces scp to use IPv6 addresses only.
30
31 -B Selects batch mode (prevents asking for passwords or passphras-
32 es).
33
34 -C Compression enable. Passes the -C flag to ssh(1) to enable com-
35 pression.
36
23 -c cipher 37 -c cipher
24 Selects the cipher to use for encrypting the data transfer. This 38 Selects the cipher to use for encrypting the data transfer. This
25 option is directly passed to ssh(1). 39 option is directly passed to ssh(1).
26 40
41 -F ssh_config
42 Specifies an alternative per-user configuration file for ssh.
43 This option is directly passed to ssh(1).
44
27 -i identity_file 45 -i identity_file
28 Selects the file from which the identity (private key) for RSA 46 Selects the file from which the identity (private key) for RSA
29 authentication is read. This option is directly passed to 47 authentication is read. This option is directly passed to
@@ -32,49 +50,75 @@ DESCRIPTION
32 -l limit 50 -l limit
33 Limits the used bandwidth, specified in Kbit/s. 51 Limits the used bandwidth, specified in Kbit/s.
34 52
35 -p Preserves modification times, access times, and modes from the 53 -o ssh_option
36 original file. 54 Can be used to pass options to ssh in the format used in
37 55 ssh_config(5). This is useful for specifying options for which
38 -r Recursively copy entire directories. 56 there is no separate scp command-line flag. For full details of
39 57 the options listed below, and their possible values, see
40 -v Verbose mode. Causes scp and ssh(1) to print debugging messages 58 ssh_config(5).
41 about their progress. This is helpful in debugging connection, 59
42 authentication, and configuration problems. 60 AddressFamily
43 61 BatchMode
44 -B Selects batch mode (prevents asking for passwords or 62 BindAddress
45 passphrases). 63 ChallengeResponseAuthentication
46 64 CheckHostIP
47 -q Disables the progress meter. 65 Cipher
48 66 Ciphers
49 -C Compression enable. Passes the -C flag to ssh(1) to enable com- 67 Compression
50 pression. 68 CompressionLevel
51 69 ConnectionAttempts
52 -F ssh_config 70 ConnectionTimeout
53 Specifies an alternative per-user configuration file for ssh. 71 GlobalKnownHostsFile
54 This option is directly passed to ssh(1). 72 GSSAPIAuthentication
73 GSSAPIDelegateCredentials
74 Host
75 HostbasedAuthentication
76 HostKeyAlgorithms
77 HostKeyAlias
78 HostName
79 IdentityFile
80 LogLevel
81 MACs
82 NoHostAuthenticationForLocalhost
83 NumberOfPasswordPrompts
84 PasswordAuthentication
85 Port
86 PreferredAuthentications
87 Protocol
88 ProxyCommand
89 PubkeyAuthentication
90 RhostsRSAAuthentication
91 RSAAuthentication
92 ServerAliveInterval
93 ServerAliveCountMax
94 SmartcardDevice
95 StrictHostKeyChecking
96 TCPKeepAlive
97 UsePrivilegedPort
98 User
99 UserKnownHostsFile
100 VerifyHostKeyDNS
55 101
56 -P port 102 -P port
57 Specifies the port to connect to on the remote host. Note that 103 Specifies the port to connect to on the remote host. Note that
58 this option is written with a capital M-bM-^@M-^XPM-bM-^@M-^Y, because -p is already 104 this option is written with a capital `P', because -p is already
59 reserved for preserving the times and modes of the file in 105 reserved for preserving the times and modes of the file in
60 rcp(1). 106 rcp(1).
61 107
62 -S program 108 -p Preserves modification times, access times, and modes from the
63 Name of program to use for the encrypted connection. The program 109 original file.
64 must understand ssh(1) options.
65
66 -o ssh_option
67 Can be used to pass options to ssh in the format used in
68 ssh_config(5). This is useful for specifying options for which
69 there is no separate scp command-line flag.
70 110
71 -1 Forces scp to use protocol 1. 111 -q Disables the progress meter.
72 112
73 -2 Forces scp to use protocol 2. 113 -r Recursively copy entire directories.
74 114
75 -4 Forces scp to use IPv4 addresses only. 115 -S program
116 Name of program to use for the encrypted connection. The program
117 must understand ssh(1) options.
76 118
77 -6 Forces scp to use IPv6 addresses only. 119 -v Verbose mode. Causes scp and ssh(1) to print debugging messages
120 about their progress. This is helpful in debugging connection,
121 authentication, and configuration problems.
78 122
79DIAGNOSTICS 123DIAGNOSTICS
80 scp exits with 0 on success or >0 if an error occurred. 124 scp exits with 0 on success or >0 if an error occurred.
@@ -88,7 +132,7 @@ HISTORY
88 the University of California. 132 the University of California.
89 133
90AUTHORS 134AUTHORS
91 Timo Rinne M-bM-^LM-)tri@iki.fiM-bM-^LM-* and 135 Timo Rinne <tri@iki.fi>
92 Tatu Ylonen M-bM-^LM-)ylo@cs.hut.fiM-bM-^LM-* 136 Tatu Ylonen <ylo@cs.hut.fi>
93 137
94BSD September 25, 1999 BSD 138OpenBSD 3.4 September 25, 1999 3
diff --git a/scp.1 b/scp.1
index a971500ee..f5ca1e45a 100644
--- a/scp.1
+++ b/scp.1
@@ -9,7 +9,7 @@
9.\" 9.\"
10.\" Created: Sun May 7 00:14:37 1995 ylo 10.\" Created: Sun May 7 00:14:37 1995 ylo
11.\" 11.\"
12.\" $OpenBSD: scp.1,v 1.28 2003/06/10 09:12:11 jmc Exp $ 12.\" $OpenBSD: scp.1,v 1.32 2003/12/16 15:49:51 markus Exp $
13.\" 13.\"
14.Dd September 25, 1999 14.Dd September 25, 1999
15.Dt SCP 1 15.Dt SCP 1
@@ -20,24 +20,24 @@
20.Sh SYNOPSIS 20.Sh SYNOPSIS
21.Nm scp 21.Nm scp
22.Bk -words 22.Bk -words
23.Op Fl pqrvBC1246 23.Op Fl 1246BCpqrv
24.Op Fl F Ar ssh_config
25.Op Fl S Ar program
26.Op Fl P Ar port
27.Op Fl c Ar cipher 24.Op Fl c Ar cipher
25.Op Fl F Ar ssh_config
28.Op Fl i Ar identity_file 26.Op Fl i Ar identity_file
29.Op Fl l Ar limit 27.Op Fl l Ar limit
30.Op Fl o Ar ssh_option 28.Op Fl o Ar ssh_option
29.Op Fl P Ar port
30.Op Fl S Ar program
31.Sm off 31.Sm off
32.Oo 32.Oo
33.Op Ar user@ 33.Op Ar user No @
34.Ar host1 No : 34.Ar host1 No :
35.Oc Ns Ar file1 35.Oc Ns Ar file1
36.Sm on 36.Sm on
37.Op Ar ... 37.Op Ar ...
38.Sm off 38.Sm off
39.Oo 39.Oo
40.Op Ar user@ 40.Op Ar user No @
41.Ar host2 No : 41.Ar host2 No :
42.Oc Ar file2 42.Oc Ar file2
43.Sm on 43.Sm on
@@ -62,35 +62,24 @@ Copies between two remote hosts are permitted.
62.Pp 62.Pp
63The options are as follows: 63The options are as follows:
64.Bl -tag -width Ds 64.Bl -tag -width Ds
65.It Fl c Ar cipher 65.It Fl 1
66Selects the cipher to use for encrypting the data transfer. 66Forces
67This option is directly passed to
68.Xr ssh 1 .
69.It Fl i Ar identity_file
70Selects the file from which the identity (private key) for RSA
71authentication is read.
72This option is directly passed to
73.Xr ssh 1 .
74.It Fl l Ar limit
75Limits the used bandwidth, specified in Kbit/s.
76.It Fl p
77Preserves modification times, access times, and modes from the
78original file.
79.It Fl r
80Recursively copy entire directories.
81.It Fl v
82Verbose mode.
83Causes
84.Nm 67.Nm
85and 68to use protocol 1.
86.Xr ssh 1 69.It Fl 2
87to print debugging messages about their progress. 70Forces
88This is helpful in 71.Nm
89debugging connection, authentication, and configuration problems. 72to use protocol 2.
73.It Fl 4
74Forces
75.Nm
76to use IPv4 addresses only.
77.It Fl 6
78Forces
79.Nm
80to use IPv6 addresses only.
90.It Fl B 81.It Fl B
91Selects batch mode (prevents asking for passwords or passphrases). 82Selects batch mode (prevents asking for passwords or passphrases).
92.It Fl q
93Disables the progress meter.
94.It Fl C 83.It Fl C
95Compression enable. 84Compression enable.
96Passes the 85Passes the
@@ -98,12 +87,78 @@ Passes the
98flag to 87flag to
99.Xr ssh 1 88.Xr ssh 1
100to enable compression. 89to enable compression.
90.It Fl c Ar cipher
91Selects the cipher to use for encrypting the data transfer.
92This option is directly passed to
93.Xr ssh 1 .
101.It Fl F Ar ssh_config 94.It Fl F Ar ssh_config
102Specifies an alternative 95Specifies an alternative
103per-user configuration file for 96per-user configuration file for
104.Nm ssh . 97.Nm ssh .
105This option is directly passed to 98This option is directly passed to
106.Xr ssh 1 . 99.Xr ssh 1 .
100.It Fl i Ar identity_file
101Selects the file from which the identity (private key) for RSA
102authentication is read.
103This option is directly passed to
104.Xr ssh 1 .
105.It Fl l Ar limit
106Limits the used bandwidth, specified in Kbit/s.
107.It Fl o Ar ssh_option
108Can be used to pass options to
109.Nm ssh
110in the format used in
111.Xr ssh_config 5 .
112This is useful for specifying options
113for which there is no separate
114.Nm scp
115command-line flag.
116For full details of the options listed below, and their possible values, see
117.Xr ssh_config 5 .
118.Pp
119.Bl -tag -width Ds -offset indent -compact
120.It AddressFamily
121.It BatchMode
122.It BindAddress
123.It ChallengeResponseAuthentication
124.It CheckHostIP
125.It Cipher
126.It Ciphers
127.It Compression
128.It CompressionLevel
129.It ConnectionAttempts
130.It ConnectionTimeout
131.It GlobalKnownHostsFile
132.It GSSAPIAuthentication
133.It GSSAPIDelegateCredentials
134.It Host
135.It HostbasedAuthentication
136.It HostKeyAlgorithms
137.It HostKeyAlias
138.It HostName
139.It IdentityFile
140.It LogLevel
141.It MACs
142.It NoHostAuthenticationForLocalhost
143.It NumberOfPasswordPrompts
144.It PasswordAuthentication
145.It Port
146.It PreferredAuthentications
147.It Protocol
148.It ProxyCommand
149.It PubkeyAuthentication
150.It RhostsRSAAuthentication
151.It RSAAuthentication
152.It ServerAliveInterval
153.It ServerAliveCountMax
154.It SmartcardDevice
155.It StrictHostKeyChecking
156.It TCPKeepAlive
157.It UsePrivilegedPort
158.It User
159.It UserKnownHostsFile
160.It VerifyHostKeyDNS
161.El
107.It Fl P Ar port 162.It Fl P Ar port
108Specifies the port to connect to on the remote host. 163Specifies the port to connect to on the remote host.
109Note that this option is written with a capital 164Note that this option is written with a capital
@@ -112,6 +167,13 @@ because
112.Fl p 167.Fl p
113is already reserved for preserving the times and modes of the file in 168is already reserved for preserving the times and modes of the file in
114.Xr rcp 1 . 169.Xr rcp 1 .
170.It Fl p
171Preserves modification times, access times, and modes from the
172original file.
173.It Fl q
174Disables the progress meter.
175.It Fl r
176Recursively copy entire directories.
115.It Fl S Ar program 177.It Fl S Ar program
116Name of 178Name of
117.Ar program 179.Ar program
@@ -119,31 +181,15 @@ to use for the encrypted connection.
119The program must understand 181The program must understand
120.Xr ssh 1 182.Xr ssh 1
121options. 183options.
122.It Fl o Ar ssh_option 184.It Fl v
123Can be used to pass options to 185Verbose mode.
124.Nm ssh 186Causes
125in the format used in
126.Xr ssh_config 5 .
127This is useful for specifying options
128for which there is no separate
129.Nm scp
130command-line flag.
131.It Fl 1
132Forces
133.Nm
134to use protocol 1.
135.It Fl 2
136Forces
137.Nm
138to use protocol 2.
139.It Fl 4
140Forces
141.Nm
142to use IPv4 addresses only.
143.It Fl 6
144Forces
145.Nm 187.Nm
146to use IPv6 addresses only. 188and
189.Xr ssh 1
190to print debugging messages about their progress.
191This is helpful in
192debugging connection, authentication, and configuration problems.
147.El 193.El
148.Sh DIAGNOSTICS 194.Sh DIAGNOSTICS
149.Nm 195.Nm
@@ -165,5 +211,4 @@ program in BSD source code from the Regents of the University of
165California. 211California.
166.Sh AUTHORS 212.Sh AUTHORS
167.An Timo Rinne Aq tri@iki.fi 213.An Timo Rinne Aq tri@iki.fi
168and
169.An Tatu Ylonen Aq ylo@cs.hut.fi 214.An Tatu Ylonen Aq ylo@cs.hut.fi
diff --git a/scp.c b/scp.c
index 4f9247c2d..1daa2ccf7 100644
--- a/scp.c
+++ b/scp.c
@@ -71,7 +71,7 @@
71 */ 71 */
72 72
73#include "includes.h" 73#include "includes.h"
74RCSID("$OpenBSD: scp.c,v 1.108 2003/07/18 01:54:25 deraadt Exp $"); 74RCSID("$OpenBSD: scp.c,v 1.113 2003/11/23 23:21:21 djm Exp $");
75 75
76#include "xmalloc.h" 76#include "xmalloc.h"
77#include "atomicio.h" 77#include "atomicio.h"
@@ -92,7 +92,7 @@ void bwlimit(int);
92arglist args; 92arglist args;
93 93
94/* Bandwidth limit */ 94/* Bandwidth limit */
95off_t limitbw = 0; 95off_t limit_rate = 0;
96 96
97/* Name of current file being transferred. */ 97/* Name of current file being transferred. */
98char *curfile; 98char *curfile;
@@ -257,7 +257,7 @@ main(int argc, char **argv)
257 speed = strtod(optarg, &endp); 257 speed = strtod(optarg, &endp);
258 if (speed <= 0 || *endp != '\0') 258 if (speed <= 0 || *endp != '\0')
259 usage(); 259 usage();
260 limitbw = speed * 1024; 260 limit_rate = speed * 1024;
261 break; 261 break;
262 case 'p': 262 case 'p':
263 pflag = 1; 263 pflag = 1;
@@ -273,6 +273,7 @@ main(int argc, char **argv)
273 verbose_mode = 1; 273 verbose_mode = 1;
274 break; 274 break;
275 case 'q': 275 case 'q':
276 addargs(&args, "-q");
276 showprogress = 0; 277 showprogress = 0;
277 break; 278 break;
278 279
@@ -426,7 +427,8 @@ toremote(char *targ, int argc, char **argv)
426 } 427 }
427 if (verbose_mode) 428 if (verbose_mode)
428 fprintf(stderr, "Executing: %s\n", bp); 429 fprintf(stderr, "Executing: %s\n", bp);
429 (void) system(bp); 430 if (system(bp) != 0)
431 errs = 1;
430 (void) xfree(bp); 432 (void) xfree(bp);
431 } else { /* local to remote */ 433 } else { /* local to remote */
432 if (remin == -1) { 434 if (remin == -1) {
@@ -587,7 +589,7 @@ next: (void) close(fd);
587 haderr = result >= 0 ? EIO : errno; 589 haderr = result >= 0 ? EIO : errno;
588 statbytes += result; 590 statbytes += result;
589 } 591 }
590 if (limitbw) 592 if (limit_rate)
591 bwlimit(amt); 593 bwlimit(amt);
592 } 594 }
593 if (showprogress) 595 if (showprogress)
@@ -679,7 +681,7 @@ bwlimit(int amount)
679 return; 681 return;
680 682
681 lamt *= 8; 683 lamt *= 8;
682 wait = (double)1000000L * lamt / limitbw; 684 wait = (double)1000000L * lamt / limit_rate;
683 685
684 bwstart.tv_sec = wait / 1000000L; 686 bwstart.tv_sec = wait / 1000000L;
685 bwstart.tv_usec = wait % 1000000L; 687 bwstart.tv_usec = wait % 1000000L;
@@ -905,8 +907,8 @@ bad: run_err("%s: %s", np, strerror(errno));
905 cp += j; 907 cp += j;
906 statbytes += j; 908 statbytes += j;
907 } while (amt > 0); 909 } while (amt > 0);
908 910
909 if (limitbw) 911 if (limit_rate)
910 bwlimit(4096); 912 bwlimit(4096);
911 913
912 if (count == bp->cnt) { 914 if (count == bp->cnt) {
@@ -1018,8 +1020,8 @@ void
1018usage(void) 1020usage(void)
1019{ 1021{
1020 (void) fprintf(stderr, 1022 (void) fprintf(stderr,
1021 "usage: scp [-pqrvBC1246] [-F config] [-S program] [-P port]\n" 1023 "usage: scp [-1246BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file]\n"
1022 " [-c cipher] [-i identity] [-l limit] [-o option]\n" 1024 " [-l limit] [-o ssh_option] [-P port] [-S program]\n"
1023 " [[user@]host1:]file1 [...] [[user@]host2:]file2\n"); 1025 " [[user@]host1:]file1 [...] [[user@]host2:]file2\n");
1024 exit(1); 1026 exit(1);
1025} 1027}
diff --git a/servconf.c b/servconf.c
index 71e28b3cb..a72246b6c 100644
--- a/servconf.c
+++ b/servconf.c
@@ -10,7 +10,7 @@
10 */ 10 */
11 11
12#include "includes.h" 12#include "includes.h"
13RCSID("$OpenBSD: servconf.c,v 1.127 2003/09/01 18:15:50 markus Exp $"); 13RCSID("$OpenBSD: servconf.c,v 1.130 2003/12/23 16:12:10 jakob Exp $");
14 14
15#include "ssh.h" 15#include "ssh.h"
16#include "log.h" 16#include "log.h"
@@ -61,7 +61,7 @@ initialize_server_options(ServerOptions *options)
61 options->x11_use_localhost = -1; 61 options->x11_use_localhost = -1;
62 options->xauth_location = NULL; 62 options->xauth_location = NULL;
63 options->strict_modes = -1; 63 options->strict_modes = -1;
64 options->keepalives = -1; 64 options->tcp_keep_alive = -1;
65 options->log_facility = SYSLOG_FACILITY_NOT_SET; 65 options->log_facility = SYSLOG_FACILITY_NOT_SET;
66 options->log_level = SYSLOG_LEVEL_NOT_SET; 66 options->log_level = SYSLOG_LEVEL_NOT_SET;
67 options->rhosts_rsa_authentication = -1; 67 options->rhosts_rsa_authentication = -1;
@@ -72,6 +72,7 @@ initialize_server_options(ServerOptions *options)
72 options->kerberos_authentication = -1; 72 options->kerberos_authentication = -1;
73 options->kerberos_or_local_passwd = -1; 73 options->kerberos_or_local_passwd = -1;
74 options->kerberos_ticket_cleanup = -1; 74 options->kerberos_ticket_cleanup = -1;
75 options->kerberos_get_afs_token = -1;
75 options->gss_authentication=-1; 76 options->gss_authentication=-1;
76 options->gss_cleanup_creds = -1; 77 options->gss_cleanup_creds = -1;
77 options->password_authentication = -1; 78 options->password_authentication = -1;
@@ -110,7 +111,7 @@ fill_default_server_options(ServerOptions *options)
110{ 111{
111 /* Portable-specific options */ 112 /* Portable-specific options */
112 if (options->use_pam == -1) 113 if (options->use_pam == -1)
113 options->use_pam = 1; 114 options->use_pam = 0;
114 115
115 /* Standard Options */ 116 /* Standard Options */
116 if (options->protocol == SSH_PROTO_UNKNOWN) 117 if (options->protocol == SSH_PROTO_UNKNOWN)
@@ -159,8 +160,8 @@ fill_default_server_options(ServerOptions *options)
159 options->xauth_location = _PATH_XAUTH; 160 options->xauth_location = _PATH_XAUTH;
160 if (options->strict_modes == -1) 161 if (options->strict_modes == -1)
161 options->strict_modes = 1; 162 options->strict_modes = 1;
162 if (options->keepalives == -1) 163 if (options->tcp_keep_alive == -1)
163 options->keepalives = 1; 164 options->tcp_keep_alive = 1;
164 if (options->log_facility == SYSLOG_FACILITY_NOT_SET) 165 if (options->log_facility == SYSLOG_FACILITY_NOT_SET)
165 options->log_facility = SYSLOG_FACILITY_AUTH; 166 options->log_facility = SYSLOG_FACILITY_AUTH;
166 if (options->log_level == SYSLOG_LEVEL_NOT_SET) 167 if (options->log_level == SYSLOG_LEVEL_NOT_SET)
@@ -181,6 +182,8 @@ fill_default_server_options(ServerOptions *options)
181 options->kerberos_or_local_passwd = 1; 182 options->kerberos_or_local_passwd = 1;
182 if (options->kerberos_ticket_cleanup == -1) 183 if (options->kerberos_ticket_cleanup == -1)
183 options->kerberos_ticket_cleanup = 1; 184 options->kerberos_ticket_cleanup = 1;
185 if (options->kerberos_get_afs_token == -1)
186 options->kerberos_get_afs_token = 0;
184 if (options->gss_authentication == -1) 187 if (options->gss_authentication == -1)
185 options->gss_authentication = 0; 188 options->gss_authentication = 0;
186 if (options->gss_cleanup_creds == -1) 189 if (options->gss_cleanup_creds == -1)
@@ -250,11 +253,12 @@ typedef enum {
250 sPermitRootLogin, sLogFacility, sLogLevel, 253 sPermitRootLogin, sLogFacility, sLogLevel,
251 sRhostsRSAAuthentication, sRSAAuthentication, 254 sRhostsRSAAuthentication, sRSAAuthentication,
252 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, 255 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,
256 sKerberosGetAFSToken,
253 sKerberosTgtPassing, sChallengeResponseAuthentication, 257 sKerberosTgtPassing, sChallengeResponseAuthentication,
254 sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress, 258 sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress,
255 sPrintMotd, sPrintLastLog, sIgnoreRhosts, 259 sPrintMotd, sPrintLastLog, sIgnoreRhosts,
256 sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, 260 sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,
257 sStrictModes, sEmptyPasswd, sKeepAlives, 261 sStrictModes, sEmptyPasswd, sTCPKeepAlive,
258 sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, 262 sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression,
259 sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, 263 sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
260 sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, 264 sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
@@ -301,19 +305,25 @@ static struct {
301 { "kerberosauthentication", sKerberosAuthentication }, 305 { "kerberosauthentication", sKerberosAuthentication },
302 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd }, 306 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd },
303 { "kerberosticketcleanup", sKerberosTicketCleanup }, 307 { "kerberosticketcleanup", sKerberosTicketCleanup },
308#ifdef USE_AFS
309 { "kerberosgetafstoken", sKerberosGetAFSToken },
310#else
311 { "kerberosgetafstoken", sUnsupported },
312#endif
304#else 313#else
305 { "kerberosauthentication", sUnsupported }, 314 { "kerberosauthentication", sUnsupported },
306 { "kerberosorlocalpasswd", sUnsupported }, 315 { "kerberosorlocalpasswd", sUnsupported },
307 { "kerberosticketcleanup", sUnsupported }, 316 { "kerberosticketcleanup", sUnsupported },
317 { "kerberosgetafstoken", sUnsupported },
308#endif 318#endif
309 { "kerberostgtpassing", sUnsupported }, 319 { "kerberostgtpassing", sUnsupported },
310 { "afstokenpassing", sUnsupported }, 320 { "afstokenpassing", sUnsupported },
311#ifdef GSSAPI 321#ifdef GSSAPI
312 { "gssapiauthentication", sGssAuthentication }, 322 { "gssapiauthentication", sGssAuthentication },
313 { "gssapicleanupcreds", sGssCleanupCreds }, 323 { "gssapicleanupcredentials", sGssCleanupCreds },
314#else 324#else
315 { "gssapiauthentication", sUnsupported }, 325 { "gssapiauthentication", sUnsupported },
316 { "gssapicleanupcreds", sUnsupported }, 326 { "gssapicleanupcredentials", sUnsupported },
317#endif 327#endif
318 { "passwordauthentication", sPasswordAuthentication }, 328 { "passwordauthentication", sPasswordAuthentication },
319 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication }, 329 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication },
@@ -334,7 +344,8 @@ static struct {
334 { "permituserenvironment", sPermitUserEnvironment }, 344 { "permituserenvironment", sPermitUserEnvironment },
335 { "uselogin", sUseLogin }, 345 { "uselogin", sUseLogin },
336 { "compression", sCompression }, 346 { "compression", sCompression },
337 { "keepalive", sKeepAlives }, 347 { "tcpkeepalive", sTCPKeepAlive },
348 { "keepalive", sTCPKeepAlive }, /* obsolete alias */
338 { "allowtcpforwarding", sAllowTcpForwarding }, 349 { "allowtcpforwarding", sAllowTcpForwarding },
339 { "allowusers", sAllowUsers }, 350 { "allowusers", sAllowUsers },
340 { "denyusers", sDenyUsers }, 351 { "denyusers", sDenyUsers },
@@ -629,6 +640,10 @@ parse_flag:
629 intptr = &options->kerberos_ticket_cleanup; 640 intptr = &options->kerberos_ticket_cleanup;
630 goto parse_flag; 641 goto parse_flag;
631 642
643 case sKerberosGetAFSToken:
644 intptr = &options->kerberos_get_afs_token;
645 goto parse_flag;
646
632 case sGssAuthentication: 647 case sGssAuthentication:
633 intptr = &options->gss_authentication; 648 intptr = &options->gss_authentication;
634 goto parse_flag; 649 goto parse_flag;
@@ -677,8 +692,8 @@ parse_flag:
677 intptr = &options->strict_modes; 692 intptr = &options->strict_modes;
678 goto parse_flag; 693 goto parse_flag;
679 694
680 case sKeepAlives: 695 case sTCPKeepAlive:
681 intptr = &options->keepalives; 696 intptr = &options->tcp_keep_alive;
682 goto parse_flag; 697 goto parse_flag;
683 698
684 case sEmptyPasswd: 699 case sEmptyPasswd:
diff --git a/servconf.h b/servconf.h
index 828e94c5c..57c7e5fab 100644
--- a/servconf.h
+++ b/servconf.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: servconf.h,v 1.65 2003/09/01 18:15:50 markus Exp $ */ 1/* $OpenBSD: servconf.h,v 1.67 2003/12/23 16:12:10 jakob Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -58,7 +58,7 @@ typedef struct {
58 int x11_use_localhost; /* If true, use localhost for fake X11 server. */ 58 int x11_use_localhost; /* If true, use localhost for fake X11 server. */
59 char *xauth_location; /* Location of xauth program */ 59 char *xauth_location; /* Location of xauth program */
60 int strict_modes; /* If true, require string home dir modes. */ 60 int strict_modes; /* If true, require string home dir modes. */
61 int keepalives; /* If true, set SO_KEEPALIVE. */ 61 int tcp_keep_alive; /* If true, set SO_KEEPALIVE. */
62 char *ciphers; /* Supported SSH2 ciphers. */ 62 char *ciphers; /* Supported SSH2 ciphers. */
63 char *macs; /* Supported SSH2 macs. */ 63 char *macs; /* Supported SSH2 macs. */
64 int protocol; /* Supported protocol versions. */ 64 int protocol; /* Supported protocol versions. */
@@ -80,6 +80,8 @@ typedef struct {
80 * /etc/passwd */ 80 * /etc/passwd */
81 int kerberos_ticket_cleanup; /* If true, destroy ticket 81 int kerberos_ticket_cleanup; /* If true, destroy ticket
82 * file on logout. */ 82 * file on logout. */
83 int kerberos_get_afs_token; /* If true, try to get AFS token if
84 * authenticated with Kerberos. */
83 int gss_authentication; /* If true, permit GSSAPI authentication */ 85 int gss_authentication; /* If true, permit GSSAPI authentication */
84 int gss_cleanup_creds; /* If true, destroy cred cache on logout */ 86 int gss_cleanup_creds; /* If true, destroy cred cache on logout */
85 int password_authentication; /* If true, permit password 87 int password_authentication; /* If true, permit password
diff --git a/serverloop.c b/serverloop.c
index 6dbb4fd12..c4e35a377 100644
--- a/serverloop.c
+++ b/serverloop.c
@@ -35,7 +35,7 @@
35 */ 35 */
36 36
37#include "includes.h" 37#include "includes.h"
38RCSID("$OpenBSD: serverloop.c,v 1.110 2003/06/24 08:23:46 markus Exp $"); 38RCSID("$OpenBSD: serverloop.c,v 1.115 2004/01/19 21:25:15 markus Exp $");
39 39
40#include "xmalloc.h" 40#include "xmalloc.h"
41#include "packet.h" 41#include "packet.h"
@@ -60,7 +60,7 @@ extern ServerOptions options;
60 60
61/* XXX */ 61/* XXX */
62extern Kex *xxx_kex; 62extern Kex *xxx_kex;
63static Authctxt *xxx_authctxt; 63extern Authctxt *the_authctxt;
64 64
65static Buffer stdin_buffer; /* Buffer for stdin data. */ 65static Buffer stdin_buffer; /* Buffer for stdin data. */
66static Buffer stdout_buffer; /* Buffer for stdout data. */ 66static Buffer stdout_buffer; /* Buffer for stdout data. */
@@ -212,26 +212,23 @@ make_packets_from_stdout_data(void)
212static void 212static void
213client_alive_check(void) 213client_alive_check(void)
214{ 214{
215 static int had_channel = 0; 215 int channel_id;
216 int id;
217
218 id = channel_find_open();
219 if (id == -1) {
220 if (!had_channel)
221 return;
222 packet_disconnect("No open channels after timeout!");
223 }
224 had_channel = 1;
225 216
226 /* timeout, check to see how many we have had */ 217 /* timeout, check to see how many we have had */
227 if (++client_alive_timeouts > options.client_alive_count_max) 218 if (++client_alive_timeouts > options.client_alive_count_max)
228 packet_disconnect("Timeout, your session not responding."); 219 packet_disconnect("Timeout, your session not responding.");
229 220
230 /* 221 /*
231 * send a bogus channel request with "wantreply", 222 * send a bogus global/channel request with "wantreply",
232 * we should get back a failure 223 * we should get back a failure
233 */ 224 */
234 channel_request_start(id, "keepalive@openssh.com", 1); 225 if ((channel_id = channel_find_open()) == -1) {
226 packet_start(SSH2_MSG_GLOBAL_REQUEST);
227 packet_put_cstring("keepalive@openssh.com");
228 packet_put_char(1); /* boolean: want reply */
229 } else {
230 channel_request_start(channel_id, "keepalive@openssh.com", 1);
231 }
235 packet_send(); 232 packet_send();
236} 233}
237 234
@@ -355,13 +352,13 @@ process_input(fd_set * readset)
355 connection_closed = 1; 352 connection_closed = 1;
356 if (compat20) 353 if (compat20)
357 return; 354 return;
358 fatal_cleanup(); 355 cleanup_exit(255);
359 } else if (len < 0) { 356 } else if (len < 0) {
360 if (errno != EINTR && errno != EAGAIN) { 357 if (errno != EINTR && errno != EAGAIN) {
361 verbose("Read error from remote host " 358 verbose("Read error from remote host "
362 "%.100s: %.100s", 359 "%.100s: %.100s",
363 get_remote_ipaddr(), strerror(errno)); 360 get_remote_ipaddr(), strerror(errno));
364 fatal_cleanup(); 361 cleanup_exit(255);
365 } 362 }
366 } else { 363 } else {
367 /* Buffer any received data. */ 364 /* Buffer any received data. */
@@ -756,8 +753,6 @@ server_loop2(Authctxt *authctxt)
756 max_fd = MAX(connection_in, connection_out); 753 max_fd = MAX(connection_in, connection_out);
757 max_fd = MAX(max_fd, notify_pipe[0]); 754 max_fd = MAX(max_fd, notify_pipe[0]);
758 755
759 xxx_authctxt = authctxt;
760
761 server_init_dispatch(); 756 server_init_dispatch();
762 757
763 for (;;) { 758 for (;;) {
@@ -799,9 +794,9 @@ server_loop2(Authctxt *authctxt)
799} 794}
800 795
801static void 796static void
802server_input_channel_failure(int type, u_int32_t seq, void *ctxt) 797server_input_keep_alive(int type, u_int32_t seq, void *ctxt)
803{ 798{
804 debug("Got CHANNEL_FAILURE for keepalive"); 799 debug("Got %d/%u for keepalive", type, seq);
805 /* 800 /*
806 * reset timeout, since we got a sane answer from the client. 801 * reset timeout, since we got a sane answer from the client.
807 * even if this was generated by something other than 802 * even if this was generated by something other than
@@ -810,7 +805,6 @@ server_input_channel_failure(int type, u_int32_t seq, void *ctxt)
810 client_alive_timeouts = 0; 805 client_alive_timeouts = 0;
811} 806}
812 807
813
814static void 808static void
815server_input_stdin_data(int type, u_int32_t seq, void *ctxt) 809server_input_stdin_data(int type, u_int32_t seq, void *ctxt)
816{ 810{
@@ -856,7 +850,7 @@ server_input_window_size(int type, u_int32_t seq, void *ctxt)
856} 850}
857 851
858static Channel * 852static Channel *
859server_request_direct_tcpip(char *ctype) 853server_request_direct_tcpip(void)
860{ 854{
861 Channel *c; 855 Channel *c;
862 int sock; 856 int sock;
@@ -878,14 +872,14 @@ server_request_direct_tcpip(char *ctype)
878 xfree(originator); 872 xfree(originator);
879 if (sock < 0) 873 if (sock < 0)
880 return NULL; 874 return NULL;
881 c = channel_new(ctype, SSH_CHANNEL_CONNECTING, 875 c = channel_new("direct-tcpip", SSH_CHANNEL_CONNECTING,
882 sock, sock, -1, CHAN_TCP_WINDOW_DEFAULT, 876 sock, sock, -1, CHAN_TCP_WINDOW_DEFAULT,
883 CHAN_TCP_PACKET_DEFAULT, 0, "direct-tcpip", 1); 877 CHAN_TCP_PACKET_DEFAULT, 0, "direct-tcpip", 1);
884 return c; 878 return c;
885} 879}
886 880
887static Channel * 881static Channel *
888server_request_session(char *ctype) 882server_request_session(void)
889{ 883{
890 Channel *c; 884 Channel *c;
891 885
@@ -897,10 +891,10 @@ server_request_session(char *ctype)
897 * SSH_CHANNEL_LARVAL. Additionally, a callback for handling all 891 * SSH_CHANNEL_LARVAL. Additionally, a callback for handling all
898 * CHANNEL_REQUEST messages is registered. 892 * CHANNEL_REQUEST messages is registered.
899 */ 893 */
900 c = channel_new(ctype, SSH_CHANNEL_LARVAL, 894 c = channel_new("session", SSH_CHANNEL_LARVAL,
901 -1, -1, -1, /*window size*/0, CHAN_SES_PACKET_DEFAULT, 895 -1, -1, -1, /*window size*/0, CHAN_SES_PACKET_DEFAULT,
902 0, "server-session", 1); 896 0, "server-session", 1);
903 if (session_open(xxx_authctxt, c->self) != 1) { 897 if (session_open(the_authctxt, c->self) != 1) {
904 debug("session open failed, free channel %d", c->self); 898 debug("session open failed, free channel %d", c->self);
905 channel_free(c); 899 channel_free(c);
906 return NULL; 900 return NULL;
@@ -926,9 +920,9 @@ server_input_channel_open(int type, u_int32_t seq, void *ctxt)
926 ctype, rchan, rwindow, rmaxpack); 920 ctype, rchan, rwindow, rmaxpack);
927 921
928 if (strcmp(ctype, "session") == 0) { 922 if (strcmp(ctype, "session") == 0) {
929 c = server_request_session(ctype); 923 c = server_request_session();
930 } else if (strcmp(ctype, "direct-tcpip") == 0) { 924 } else if (strcmp(ctype, "direct-tcpip") == 0) {
931 c = server_request_direct_tcpip(ctype); 925 c = server_request_direct_tcpip();
932 } 926 }
933 if (c != NULL) { 927 if (c != NULL) {
934 debug("server_input_channel_open: confirm %s", ctype); 928 debug("server_input_channel_open: confirm %s", ctype);
@@ -974,9 +968,9 @@ server_input_global_request(int type, u_int32_t seq, void *ctxt)
974 char *listen_address; 968 char *listen_address;
975 u_short listen_port; 969 u_short listen_port;
976 970
977 pw = auth_get_user(); 971 pw = the_authctxt->pw;
978 if (pw == NULL) 972 if (pw == NULL || !the_authctxt->valid)
979 fatal("server_input_global_request: no user"); 973 fatal("server_input_global_request: no/invalid user");
980 listen_address = packet_get_string(NULL); 974 listen_address = packet_get_string(NULL);
981 listen_port = (u_short)packet_get_int(); 975 listen_port = (u_short)packet_get_int();
982 debug("server_input_global_request: tcpip-forward listen %s port %d", 976 debug("server_input_global_request: tcpip-forward listen %s port %d",
@@ -1050,7 +1044,9 @@ server_init_dispatch_20(void)
1050 dispatch_set(SSH2_MSG_CHANNEL_WINDOW_ADJUST, &channel_input_window_adjust); 1044 dispatch_set(SSH2_MSG_CHANNEL_WINDOW_ADJUST, &channel_input_window_adjust);
1051 dispatch_set(SSH2_MSG_GLOBAL_REQUEST, &server_input_global_request); 1045 dispatch_set(SSH2_MSG_GLOBAL_REQUEST, &server_input_global_request);
1052 /* client_alive */ 1046 /* client_alive */
1053 dispatch_set(SSH2_MSG_CHANNEL_FAILURE, &server_input_channel_failure); 1047 dispatch_set(SSH2_MSG_CHANNEL_FAILURE, &server_input_keep_alive);
1048 dispatch_set(SSH2_MSG_REQUEST_SUCCESS, &server_input_keep_alive);
1049 dispatch_set(SSH2_MSG_REQUEST_FAILURE, &server_input_keep_alive);
1054 /* rekeying */ 1050 /* rekeying */
1055 dispatch_set(SSH2_MSG_KEXINIT, &kex_input_kexinit); 1051 dispatch_set(SSH2_MSG_KEXINIT, &kex_input_kexinit);
1056} 1052}
diff --git a/session.c b/session.c
index 4497f5c0b..af2e71992 100644
--- a/session.c
+++ b/session.c
@@ -33,7 +33,7 @@
33 */ 33 */
34 34
35#include "includes.h" 35#include "includes.h"
36RCSID("$OpenBSD: session.c,v 1.163 2003/08/31 13:29:05 markus Exp $"); 36RCSID("$OpenBSD: session.c,v 1.172 2004/01/30 09:48:57 markus Exp $");
37 37
38#include "ssh.h" 38#include "ssh.h"
39#include "ssh1.h" 39#include "ssh1.h"
@@ -58,6 +58,10 @@ RCSID("$OpenBSD: session.c,v 1.163 2003/08/31 13:29:05 markus Exp $");
58#include "session.h" 58#include "session.h"
59#include "monitor_wrap.h" 59#include "monitor_wrap.h"
60 60
61#if defined(KRB5) && defined(USE_AFS)
62#include <kafs.h>
63#endif
64
61#ifdef GSSAPI 65#ifdef GSSAPI
62#include "ssh-gss.h" 66#include "ssh-gss.h"
63#endif 67#endif
@@ -66,7 +70,7 @@ RCSID("$OpenBSD: session.c,v 1.163 2003/08/31 13:29:05 markus Exp $");
66 70
67Session *session_new(void); 71Session *session_new(void);
68void session_set_fds(Session *, int, int, int); 72void session_set_fds(Session *, int, int, int);
69void session_pty_cleanup(void *); 73void session_pty_cleanup(Session *);
70void session_proctitle(Session *); 74void session_proctitle(Session *);
71int session_setup_x11fwd(Session *); 75int session_setup_x11fwd(Session *);
72void do_exec_pty(Session *, const char *); 76void do_exec_pty(Session *, const char *);
@@ -106,6 +110,8 @@ Session sessions[MAX_SESSIONS];
106login_cap_t *lc; 110login_cap_t *lc;
107#endif 111#endif
108 112
113static int is_child = 0;
114
109/* Name and directory of socket for authentication agent forwarding. */ 115/* Name and directory of socket for authentication agent forwarding. */
110static char *auth_sock_name = NULL; 116static char *auth_sock_name = NULL;
111static char *auth_sock_dir = NULL; 117static char *auth_sock_dir = NULL;
@@ -113,10 +119,8 @@ static char *auth_sock_dir = NULL;
113/* removes the agent forwarding socket */ 119/* removes the agent forwarding socket */
114 120
115static void 121static void
116auth_sock_cleanup_proc(void *_pw) 122auth_sock_cleanup_proc(struct passwd *pw)
117{ 123{
118 struct passwd *pw = _pw;
119
120 if (auth_sock_name != NULL) { 124 if (auth_sock_name != NULL) {
121 temporarily_use_uid(pw); 125 temporarily_use_uid(pw);
122 unlink(auth_sock_name); 126 unlink(auth_sock_name);
@@ -144,7 +148,7 @@ auth_input_request_forwarding(struct passwd * pw)
144 /* Allocate a buffer for the socket name, and format the name. */ 148 /* Allocate a buffer for the socket name, and format the name. */
145 auth_sock_name = xmalloc(MAXPATHLEN); 149 auth_sock_name = xmalloc(MAXPATHLEN);
146 auth_sock_dir = xmalloc(MAXPATHLEN); 150 auth_sock_dir = xmalloc(MAXPATHLEN);
147 strlcpy(auth_sock_dir, "/tmp/ssh-XXXXXXXX", MAXPATHLEN); 151 strlcpy(auth_sock_dir, "/tmp/ssh-XXXXXXXXXX", MAXPATHLEN);
148 152
149 /* Create private directory for socket */ 153 /* Create private directory for socket */
150 if (mkdtemp(auth_sock_dir) == NULL) { 154 if (mkdtemp(auth_sock_dir) == NULL) {
@@ -160,9 +164,6 @@ auth_input_request_forwarding(struct passwd * pw)
160 snprintf(auth_sock_name, MAXPATHLEN, "%s/agent.%ld", 164 snprintf(auth_sock_name, MAXPATHLEN, "%s/agent.%ld",
161 auth_sock_dir, (long) getpid()); 165 auth_sock_dir, (long) getpid());
162 166
163 /* delete agent socket on fatal() */
164 fatal_add_cleanup(auth_sock_cleanup_proc, pw);
165
166 /* Create the socket. */ 167 /* Create the socket. */
167 sock = socket(AF_UNIX, SOCK_STREAM, 0); 168 sock = socket(AF_UNIX, SOCK_STREAM, 0);
168 if (sock < 0) 169 if (sock < 0)
@@ -180,7 +181,7 @@ auth_input_request_forwarding(struct passwd * pw)
180 restore_uid(); 181 restore_uid();
181 182
182 /* Start listening on the socket. */ 183 /* Start listening on the socket. */
183 if (listen(sock, 5) < 0) 184 if (listen(sock, SSH_LISTEN_BACKLOG) < 0)
184 packet_disconnect("listen: %.100s", strerror(errno)); 185 packet_disconnect("listen: %.100s", strerror(errno));
185 186
186 /* Allocate a channel for the authentication agent socket. */ 187 /* Allocate a channel for the authentication agent socket. */
@@ -192,6 +193,15 @@ auth_input_request_forwarding(struct passwd * pw)
192 return 1; 193 return 1;
193} 194}
194 195
196static void
197display_loginmsg(void)
198{
199 if (buffer_len(&loginmsg) > 0) {
200 buffer_append(&loginmsg, "\0", 1);
201 printf("%s\n", (char *)buffer_ptr(&loginmsg));
202 buffer_clear(&loginmsg);
203 }
204}
195 205
196void 206void
197do_authenticated(Authctxt *authctxt) 207do_authenticated(Authctxt *authctxt)
@@ -207,7 +217,6 @@ do_authenticated(Authctxt *authctxt)
207 close(startup_pipe); 217 close(startup_pipe);
208 startup_pipe = -1; 218 startup_pipe = -1;
209 } 219 }
210
211 /* setup the channel layer */ 220 /* setup the channel layer */
212 if (!no_port_forwarding_flag && options.allow_tcp_forwarding) 221 if (!no_port_forwarding_flag && options.allow_tcp_forwarding)
213 channel_permit_all_opens(); 222 channel_permit_all_opens();
@@ -217,13 +226,7 @@ do_authenticated(Authctxt *authctxt)
217 else 226 else
218 do_authenticated1(authctxt); 227 do_authenticated1(authctxt);
219 228
220 /* remove agent socket */ 229 do_cleanup(authctxt);
221 if (auth_sock_name != NULL)
222 auth_sock_cleanup_proc(authctxt->pw);
223#ifdef KRB5
224 if (options.kerberos_ticket_cleanup)
225 krb5_cleanup_proc(authctxt);
226#endif
227} 230}
228 231
229/* 232/*
@@ -395,17 +398,13 @@ do_exec_no_pty(Session *s, const char *command)
395 session_proctitle(s); 398 session_proctitle(s);
396 399
397#if defined(USE_PAM) 400#if defined(USE_PAM)
398 if (options.use_pam) { 401 if (options.use_pam && !use_privsep)
399 do_pam_setcred(1); 402 do_pam_setcred(1);
400 if (is_pam_password_change_required())
401 packet_disconnect("Password change required but no "
402 "TTY available");
403 }
404#endif /* USE_PAM */ 403#endif /* USE_PAM */
405 404
406 /* Fork the child. */ 405 /* Fork the child. */
407 if ((pid = fork()) == 0) { 406 if ((pid = fork()) == 0) {
408 fatal_remove_all_cleanups(); 407 is_child = 1;
409 408
410 /* Child. Reinitialize the log since the pid has changed. */ 409 /* Child. Reinitialize the log since the pid has changed. */
411 log_init(__progname, options.log_level, options.log_facility, log_stderr); 410 log_init(__progname, options.log_level, options.log_facility, log_stderr);
@@ -525,13 +524,14 @@ do_exec_pty(Session *s, const char *command)
525#if defined(USE_PAM) 524#if defined(USE_PAM)
526 if (options.use_pam) { 525 if (options.use_pam) {
527 do_pam_set_tty(s->tty); 526 do_pam_set_tty(s->tty);
528 do_pam_setcred(1); 527 if (!use_privsep)
528 do_pam_setcred(1);
529 } 529 }
530#endif 530#endif
531 531
532 /* Fork the child. */ 532 /* Fork the child. */
533 if ((pid = fork()) == 0) { 533 if ((pid = fork()) == 0) {
534 fatal_remove_all_cleanups(); 534 is_child = 1;
535 535
536 /* Child. Reinitialize the log because the pid has changed. */ 536 /* Child. Reinitialize the log because the pid has changed. */
537 log_init(__progname, options.log_level, options.log_facility, log_stderr); 537 log_init(__progname, options.log_level, options.log_facility, log_stderr);
@@ -627,7 +627,7 @@ do_pre_login(Session *s)
627 if (getpeername(packet_get_connection_in(), 627 if (getpeername(packet_get_connection_in(),
628 (struct sockaddr *) & from, &fromlen) < 0) { 628 (struct sockaddr *) & from, &fromlen) < 0) {
629 debug("getpeername: %.100s", strerror(errno)); 629 debug("getpeername: %.100s", strerror(errno));
630 fatal_cleanup(); 630 cleanup_exit(255);
631 } 631 }
632 } 632 }
633 633
@@ -687,7 +687,7 @@ do_login(Session *s, const char *command)
687 if (getpeername(packet_get_connection_in(), 687 if (getpeername(packet_get_connection_in(),
688 (struct sockaddr *) & from, &fromlen) < 0) { 688 (struct sockaddr *) & from, &fromlen) < 0) {
689 debug("getpeername: %.100s", strerror(errno)); 689 debug("getpeername: %.100s", strerror(errno));
690 fatal_cleanup(); 690 cleanup_exit(255);
691 } 691 }
692 } 692 }
693 693
@@ -703,9 +703,10 @@ do_login(Session *s, const char *command)
703 * If password change is needed, do it now. 703 * If password change is needed, do it now.
704 * This needs to occur before the ~/.hushlogin check. 704 * This needs to occur before the ~/.hushlogin check.
705 */ 705 */
706 if (options.use_pam && is_pam_password_change_required()) { 706 if (options.use_pam && !use_privsep && s->authctxt->force_pwchange) {
707 print_pam_messages(); 707 display_loginmsg();
708 do_pam_chauthtok(); 708 do_pam_chauthtok();
709 s->authctxt->force_pwchange = 0;
709 /* XXX - signal [net] parent to enable forwardings */ 710 /* XXX - signal [net] parent to enable forwardings */
710 } 711 }
711#endif 712#endif
@@ -713,17 +714,7 @@ do_login(Session *s, const char *command)
713 if (check_quietlogin(s, command)) 714 if (check_quietlogin(s, command))
714 return; 715 return;
715 716
716#ifdef USE_PAM 717 display_loginmsg();
717 if (options.use_pam && !is_pam_password_change_required())
718 print_pam_messages();
719#endif /* USE_PAM */
720
721 /* display post-login message */
722 if (buffer_len(&loginmsg) > 0) {
723 buffer_append(&loginmsg, "\0", 1);
724 printf("%s\n", (char *)buffer_ptr(&loginmsg));
725 }
726 buffer_free(&loginmsg);
727 718
728#ifndef NO_SSH_LASTLOG 719#ifndef NO_SSH_LASTLOG
729 if (options.print_lastlog && s->last_login_time != 0) { 720 if (options.print_lastlog && s->last_login_time != 0) {
@@ -798,8 +789,9 @@ void
798child_set_env(char ***envp, u_int *envsizep, const char *name, 789child_set_env(char ***envp, u_int *envsizep, const char *name,
799 const char *value) 790 const char *value)
800{ 791{
801 u_int i, namelen;
802 char **env; 792 char **env;
793 u_int envsize;
794 u_int i, namelen;
803 795
804 /* 796 /*
805 * If we're passed an uninitialized list, allocate a single null 797 * If we're passed an uninitialized list, allocate a single null
@@ -826,12 +818,13 @@ child_set_env(char ***envp, u_int *envsizep, const char *name,
826 xfree(env[i]); 818 xfree(env[i]);
827 } else { 819 } else {
828 /* New variable. Expand if necessary. */ 820 /* New variable. Expand if necessary. */
829 if (i >= (*envsizep) - 1) { 821 envsize = *envsizep;
830 if (*envsizep >= 1000) 822 if (i >= envsize - 1) {
831 fatal("child_set_env: too many env vars," 823 if (envsize >= 1000)
832 " skipping: %.100s", name); 824 fatal("child_set_env: too many env vars");
833 (*envsizep) += 50; 825 envsize += 50;
834 env = (*envp) = xrealloc(env, (*envsizep) * sizeof(char *)); 826 env = (*envp) = xrealloc(env, envsize * sizeof(char *));
827 *envsizep = envsize;
835 } 828 }
836 /* Need to set the NULL pointer at end of array beyond the new slot. */ 829 /* Need to set the NULL pointer at end of array beyond the new slot. */
837 env[i + 1] = NULL; 830 env[i + 1] = NULL;
@@ -912,9 +905,8 @@ static void
912read_etc_default_login(char ***env, u_int *envsize, uid_t uid) 905read_etc_default_login(char ***env, u_int *envsize, uid_t uid)
913{ 906{
914 char **tmpenv = NULL, *var; 907 char **tmpenv = NULL, *var;
915 u_int i; 908 u_int i, tmpenvsize = 0;
916 size_t tmpenvsize = 0; 909 u_long mask;
917 mode_t mask;
918 910
919 /* 911 /*
920 * We don't want to copy the whole file to the child's environment, 912 * We don't want to copy the whole file to the child's environment,
@@ -923,17 +915,20 @@ read_etc_default_login(char ***env, u_int *envsize, uid_t uid)
923 */ 915 */
924 read_environment_file(&tmpenv, &tmpenvsize, "/etc/default/login"); 916 read_environment_file(&tmpenv, &tmpenvsize, "/etc/default/login");
925 917
918 if (tmpenv == NULL)
919 return;
920
926 if (uid == 0) 921 if (uid == 0)
927 var = child_get_env(tmpenv, "SUPATH"); 922 var = child_get_env(tmpenv, "SUPATH");
928 else 923 else
929 var = child_get_env(tmpenv, "PATH"); 924 var = child_get_env(tmpenv, "PATH");
930 if (var != NULL) 925 if (var != NULL)
931 child_set_env(env, envsize, "PATH", var); 926 child_set_env(env, envsize, "PATH", var);
932 927
933 if ((var = child_get_env(tmpenv, "UMASK")) != NULL) 928 if ((var = child_get_env(tmpenv, "UMASK")) != NULL)
934 if (sscanf(var, "%5lo", &mask) == 1) 929 if (sscanf(var, "%5lo", &mask) == 1)
935 umask(mask); 930 umask((mode_t)mask);
936 931
937 for (i = 0; tmpenv[i] != NULL; i++) 932 for (i = 0; tmpenv[i] != NULL; i++)
938 xfree(tmpenv[i]); 933 xfree(tmpenv[i]);
939 xfree(tmpenv); 934 xfree(tmpenv);
@@ -958,7 +953,7 @@ void copy_environment(char **source, char ***env, u_int *envsize)
958 953
959 debug3("Copy environment: %s=%s", var_name, var_val); 954 debug3("Copy environment: %s=%s", var_name, var_val);
960 child_set_env(env, envsize, var_name, var_val); 955 child_set_env(env, envsize, var_name, var_val);
961 956
962 xfree(var_name); 957 xfree(var_name);
963 } 958 }
964} 959}
@@ -985,7 +980,7 @@ do_setup_env(Session *s, const char *shell)
985#endif 980#endif
986 981
987#ifdef GSSAPI 982#ifdef GSSAPI
988 /* Allow any GSSAPI methods that we've used to alter 983 /* Allow any GSSAPI methods that we've used to alter
989 * the childs environment as they see fit 984 * the childs environment as they see fit
990 */ 985 */
991 ssh_gssapi_do_child(&env, &envsize); 986 ssh_gssapi_do_child(&env, &envsize);
@@ -1017,7 +1012,7 @@ do_setup_env(Session *s, const char *shell)
1017 path = child_get_env(env, "PATH"); 1012 path = child_get_env(env, "PATH");
1018# endif /* HAVE_ETC_DEFAULT_LOGIN */ 1013# endif /* HAVE_ETC_DEFAULT_LOGIN */
1019 if (path == NULL || *path == '\0') { 1014 if (path == NULL || *path == '\0') {
1020 child_set_env(&env, &envsize, "PATH", 1015 child_set_env(&env, &envsize, "PATH",
1021 s->pw->pw_uid == 0 ? 1016 s->pw->pw_uid == 0 ?
1022 SUPERUSER_PATH : _PATH_STDPATH); 1017 SUPERUSER_PATH : _PATH_STDPATH);
1023 } 1018 }
@@ -1100,8 +1095,13 @@ do_setup_env(Session *s, const char *shell)
1100 * been set by PAM. 1095 * been set by PAM.
1101 */ 1096 */
1102 if (options.use_pam) { 1097 if (options.use_pam) {
1103 char **p = fetch_pam_environment(); 1098 char **p;
1099
1100 p = fetch_pam_child_environment();
1101 copy_environment(p, &env, &envsize);
1102 free_pam_environment(p);
1104 1103
1104 p = fetch_pam_environment();
1105 copy_environment(p, &env, &envsize); 1105 copy_environment(p, &env, &envsize);
1106 free_pam_environment(p); 1106 free_pam_environment(p);
1107 } 1107 }
@@ -1174,7 +1174,7 @@ do_rc_files(Session *s, const char *shell)
1174 if (debug_flag) { 1174 if (debug_flag) {
1175 fprintf(stderr, 1175 fprintf(stderr,
1176 "Running %.500s remove %.100s\n", 1176 "Running %.500s remove %.100s\n",
1177 options.xauth_location, s->auth_display); 1177 options.xauth_location, s->auth_display);
1178 fprintf(stderr, 1178 fprintf(stderr,
1179 "%.500s add %.100s %.100s %.100s\n", 1179 "%.500s add %.100s %.100s %.100s\n",
1180 options.xauth_location, s->auth_display, 1180 options.xauth_location, s->auth_display,
@@ -1240,6 +1240,12 @@ do_setusercontext(struct passwd *pw)
1240# ifdef __bsdi__ 1240# ifdef __bsdi__
1241 setpgid(0, 0); 1241 setpgid(0, 0);
1242# endif 1242# endif
1243# ifdef USE_PAM
1244 if (options.use_pam) {
1245 do_pam_session();
1246 do_pam_setcred(0);
1247 }
1248# endif /* USE_PAM */
1243 if (setusercontext(lc, pw, pw->pw_uid, 1249 if (setusercontext(lc, pw, pw->pw_uid,
1244 (LOGIN_SETALL & ~LOGIN_SETPATH)) < 0) { 1250 (LOGIN_SETALL & ~LOGIN_SETPATH)) < 0) {
1245 perror("unable to set user context"); 1251 perror("unable to set user context");
@@ -1266,7 +1272,7 @@ do_setusercontext(struct passwd *pw)
1266 endgrent(); 1272 endgrent();
1267# ifdef USE_PAM 1273# ifdef USE_PAM
1268 /* 1274 /*
1269 * PAM credentials may take the form of supplementary groups. 1275 * PAM credentials may take the form of supplementary groups.
1270 * These will have been wiped by the above initgroups() call. 1276 * These will have been wiped by the above initgroups() call.
1271 * Reestablish them here. 1277 * Reestablish them here.
1272 */ 1278 */
@@ -1294,6 +1300,22 @@ do_setusercontext(struct passwd *pw)
1294} 1300}
1295 1301
1296static void 1302static void
1303do_pwchange(Session *s)
1304{
1305 fprintf(stderr, "WARNING: Your password has expired.\n");
1306 if (s->ttyfd != -1) {
1307 fprintf(stderr,
1308 "You must change your password now and login again!\n");
1309 execl(_PATH_PASSWD_PROG, "passwd", (char *)NULL);
1310 perror("passwd");
1311 } else {
1312 fprintf(stderr,
1313 "Password change required but no TTY available.\n");
1314 }
1315 exit(1);
1316}
1317
1318static void
1297launch_login(struct passwd *pw, const char *hostname) 1319launch_login(struct passwd *pw, const char *hostname)
1298{ 1320{
1299 /* Launch login(1). */ 1321 /* Launch login(1). */
@@ -1314,6 +1336,40 @@ launch_login(struct passwd *pw, const char *hostname)
1314 exit(1); 1336 exit(1);
1315} 1337}
1316 1338
1339static void
1340child_close_fds(void)
1341{
1342 int i;
1343
1344 if (packet_get_connection_in() == packet_get_connection_out())
1345 close(packet_get_connection_in());
1346 else {
1347 close(packet_get_connection_in());
1348 close(packet_get_connection_out());
1349 }
1350 /*
1351 * Close all descriptors related to channels. They will still remain
1352 * open in the parent.
1353 */
1354 /* XXX better use close-on-exec? -markus */
1355 channel_close_all();
1356
1357 /*
1358 * Close any extra file descriptors. Note that there may still be
1359 * descriptors left by system functions. They will be closed later.
1360 */
1361 endpwent();
1362
1363 /*
1364 * Close any extra open file descriptors so that we don\'t have them
1365 * hanging around in clients. Note that we want to do this after
1366 * initgroups, because at least on Solaris 2.3 it leaves file
1367 * descriptors open.
1368 */
1369 for (i = 3; i < 64; i++)
1370 close(i);
1371}
1372
1317/* 1373/*
1318 * Performs common processing for the child, such as setting up the 1374 * Performs common processing for the child, such as setting up the
1319 * environment, closing extra file descriptors, setting the user and group 1375 * environment, closing extra file descriptors, setting the user and group
@@ -1327,11 +1383,18 @@ do_child(Session *s, const char *command)
1327 char *argv[10]; 1383 char *argv[10];
1328 const char *shell, *shell0, *hostname = NULL; 1384 const char *shell, *shell0, *hostname = NULL;
1329 struct passwd *pw = s->pw; 1385 struct passwd *pw = s->pw;
1330 u_int i;
1331 1386
1332 /* remove hostkey from the child's memory */ 1387 /* remove hostkey from the child's memory */
1333 destroy_sensitive_data(); 1388 destroy_sensitive_data();
1334 1389
1390 /* Force a password change */
1391 if (s->authctxt->force_pwchange) {
1392 do_setusercontext(pw);
1393 child_close_fds();
1394 do_pwchange(s);
1395 exit(1);
1396 }
1397
1335 /* login(1) is only called if we execute the login shell */ 1398 /* login(1) is only called if we execute the login shell */
1336 if (options.use_login && command != NULL) 1399 if (options.use_login && command != NULL)
1337 options.use_login = 0; 1400 options.use_login = 0;
@@ -1382,39 +1445,39 @@ do_child(Session *s, const char *command)
1382 * closed before building the environment, as we call 1445 * closed before building the environment, as we call
1383 * get_remote_ipaddr there. 1446 * get_remote_ipaddr there.
1384 */ 1447 */
1385 if (packet_get_connection_in() == packet_get_connection_out()) 1448 child_close_fds();
1386 close(packet_get_connection_in());
1387 else {
1388 close(packet_get_connection_in());
1389 close(packet_get_connection_out());
1390 }
1391 /*
1392 * Close all descriptors related to channels. They will still remain
1393 * open in the parent.
1394 */
1395 /* XXX better use close-on-exec? -markus */
1396 channel_close_all();
1397 1449
1398 /* 1450 /*
1399 * Close any extra file descriptors. Note that there may still be 1451 * Must take new environment into use so that .ssh/rc,
1400 * descriptors left by system functions. They will be closed later. 1452 * /etc/ssh/sshrc and xauth are run in the proper environment.
1401 */ 1453 */
1402 endpwent(); 1454 environ = env;
1403 1455
1456#if defined(KRB5) && defined(USE_AFS)
1404 /* 1457 /*
1405 * Close any extra open file descriptors so that we don\'t have them 1458 * At this point, we check to see if AFS is active and if we have
1406 * hanging around in clients. Note that we want to do this after 1459 * a valid Kerberos 5 TGT. If so, it seems like a good idea to see
1407 * initgroups, because at least on Solaris 2.3 it leaves file 1460 * if we can (and need to) extend the ticket into an AFS token. If
1408 * descriptors open. 1461 * we don't do this, we run into potential problems if the user's
1462 * home directory is in AFS and it's not world-readable.
1409 */ 1463 */
1410 for (i = 3; i < 64; i++)
1411 close(i);
1412 1464
1413 /* 1465 if (options.kerberos_get_afs_token && k_hasafs() &&
1414 * Must take new environment into use so that .ssh/rc, 1466 (s->authctxt->krb5_ctx != NULL)) {
1415 * /etc/ssh/sshrc and xauth are run in the proper environment. 1467 char cell[64];
1416 */ 1468
1417 environ = env; 1469 debug("Getting AFS token");
1470
1471 k_setpag();
1472
1473 if (k_afs_cell_of_file(pw->pw_dir, cell, sizeof(cell)) == 0)
1474 krb5_afslog(s->authctxt->krb5_ctx,
1475 s->authctxt->krb5_fwd_ccache, cell, NULL);
1476
1477 krb5_afslog_home(s->authctxt->krb5_ctx,
1478 s->authctxt->krb5_fwd_ccache, NULL, NULL, pw->pw_dir);
1479 }
1480#endif
1418 1481
1419 /* Change current directory to the user\'s home directory. */ 1482 /* Change current directory to the user\'s home directory. */
1420 if (chdir(pw->pw_dir) < 0) { 1483 if (chdir(pw->pw_dir) < 0) {
@@ -1537,7 +1600,7 @@ session_open(Authctxt *authctxt, int chanid)
1537 } 1600 }
1538 s->authctxt = authctxt; 1601 s->authctxt = authctxt;
1539 s->pw = authctxt->pw; 1602 s->pw = authctxt->pw;
1540 if (s->pw == NULL) 1603 if (s->pw == NULL || !authctxt->valid)
1541 fatal("no user for session %d", s->self); 1604 fatal("no user for session %d", s->self);
1542 debug("session_open: session %d: link with channel %d", s->self, chanid); 1605 debug("session_open: session %d: link with channel %d", s->self, chanid);
1543 s->chanid = chanid; 1606 s->chanid = chanid;
@@ -1659,11 +1722,6 @@ session_pty_req(Session *s)
1659 n_bytes = packet_remaining(); 1722 n_bytes = packet_remaining();
1660 tty_parse_modes(s->ttyfd, &n_bytes); 1723 tty_parse_modes(s->ttyfd, &n_bytes);
1661 1724
1662 /*
1663 * Add a cleanup function to clear the utmp entry and record logout
1664 * time in case we call fatal() (e.g., the connection gets closed).
1665 */
1666 fatal_add_cleanup(session_pty_cleanup, (void *)s);
1667 if (!use_privsep) 1725 if (!use_privsep)
1668 pty_setowner(s->pw, s->tty); 1726 pty_setowner(s->pw, s->tty);
1669 1727
@@ -1845,10 +1903,8 @@ session_set_fds(Session *s, int fdin, int fdout, int fderr)
1845 * (e.g., due to a dropped connection). 1903 * (e.g., due to a dropped connection).
1846 */ 1904 */
1847void 1905void
1848session_pty_cleanup2(void *session) 1906session_pty_cleanup2(Session *s)
1849{ 1907{
1850 Session *s = session;
1851
1852 if (s == NULL) { 1908 if (s == NULL) {
1853 error("session_pty_cleanup: no session"); 1909 error("session_pty_cleanup: no session");
1854 return; 1910 return;
@@ -1879,9 +1935,9 @@ session_pty_cleanup2(void *session)
1879} 1935}
1880 1936
1881void 1937void
1882session_pty_cleanup(void *session) 1938session_pty_cleanup(Session *s)
1883{ 1939{
1884 PRIVSEP(session_pty_cleanup2(session)); 1940 PRIVSEP(session_pty_cleanup2(s));
1885} 1941}
1886 1942
1887static char * 1943static char *
@@ -1954,10 +2010,8 @@ void
1954session_close(Session *s) 2010session_close(Session *s)
1955{ 2011{
1956 debug("session_close: session %d pid %ld", s->self, (long)s->pid); 2012 debug("session_close: session %d pid %ld", s->self, (long)s->pid);
1957 if (s->ttyfd != -1) { 2013 if (s->ttyfd != -1)
1958 fatal_remove_cleanup(session_pty_cleanup, (void *)s);
1959 session_pty_cleanup(s); 2014 session_pty_cleanup(s);
1960 }
1961 if (s->term) 2015 if (s->term)
1962 xfree(s->term); 2016 xfree(s->term);
1963 if (s->display) 2017 if (s->display)
@@ -2006,10 +2060,8 @@ session_close_by_channel(int id, void *arg)
2006 * delay detach of session, but release pty, since 2060 * delay detach of session, but release pty, since
2007 * the fd's to the child are already closed 2061 * the fd's to the child are already closed
2008 */ 2062 */
2009 if (s->ttyfd != -1) { 2063 if (s->ttyfd != -1)
2010 fatal_remove_cleanup(session_pty_cleanup, (void *)s);
2011 session_pty_cleanup(s); 2064 session_pty_cleanup(s);
2012 }
2013 return; 2065 return;
2014 } 2066 }
2015 /* detach by removing callback */ 2067 /* detach by removing callback */
@@ -2044,13 +2096,13 @@ session_tty_list(void)
2044 for (i = 0; i < MAX_SESSIONS; i++) { 2096 for (i = 0; i < MAX_SESSIONS; i++) {
2045 Session *s = &sessions[i]; 2097 Session *s = &sessions[i];
2046 if (s->used && s->ttyfd != -1) { 2098 if (s->used && s->ttyfd != -1) {
2047 2099
2048 if (strncmp(s->tty, "/dev/", 5) != 0) { 2100 if (strncmp(s->tty, "/dev/", 5) != 0) {
2049 cp = strrchr(s->tty, '/'); 2101 cp = strrchr(s->tty, '/');
2050 cp = (cp == NULL) ? s->tty : cp + 1; 2102 cp = (cp == NULL) ? s->tty : cp + 1;
2051 } else 2103 } else
2052 cp = s->tty + 5; 2104 cp = s->tty + 5;
2053 2105
2054 if (buf[0] != '\0') 2106 if (buf[0] != '\0')
2055 strlcat(buf, ",", sizeof buf); 2107 strlcat(buf, ",", sizeof buf);
2056 strlcat(buf, cp, sizeof buf); 2108 strlcat(buf, cp, sizeof buf);
@@ -2150,8 +2202,51 @@ static void
2150do_authenticated2(Authctxt *authctxt) 2202do_authenticated2(Authctxt *authctxt)
2151{ 2203{
2152 server_loop2(authctxt); 2204 server_loop2(authctxt);
2153#if defined(GSSAPI) 2205}
2154 if (options.gss_cleanup_creds) 2206
2155 ssh_gssapi_cleanup_creds(NULL); 2207void
2208do_cleanup(Authctxt *authctxt)
2209{
2210 static int called = 0;
2211
2212 debug("do_cleanup");
2213
2214 /* no cleanup if we're in the child for login shell */
2215 if (is_child)
2216 return;
2217
2218 /* avoid double cleanup */
2219 if (called)
2220 return;
2221 called = 1;
2222
2223 if (authctxt == NULL)
2224 return;
2225#ifdef KRB5
2226 if (options.kerberos_ticket_cleanup &&
2227 authctxt->krb5_ctx)
2228 krb5_cleanup_proc(authctxt);
2229#endif
2230
2231#ifdef GSSAPI
2232 if (compat20 && options.gss_cleanup_creds)
2233 ssh_gssapi_cleanup_creds();
2156#endif 2234#endif
2235
2236#ifdef USE_PAM
2237 if (options.use_pam) {
2238 sshpam_cleanup();
2239 sshpam_thread_cleanup();
2240 }
2241#endif
2242
2243 /* remove agent socket */
2244 auth_sock_cleanup_proc(authctxt->pw);
2245
2246 /*
2247 * Cleanup ptys/utmp only if privsep is disabled,
2248 * or if running in monitor.
2249 */
2250 if (!use_privsep || mm_is_monitor())
2251 session_destroy_all(session_pty_cleanup2);
2157} 2252}
diff --git a/session.h b/session.h
index 525e47f64..405b8fe8a 100644
--- a/session.h
+++ b/session.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: session.h,v 1.20 2003/08/22 10:56:09 markus Exp $ */ 1/* $OpenBSD: session.h,v 1.21 2003/09/23 20:17:11 markus Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@@ -56,13 +56,14 @@ struct Session {
56}; 56};
57 57
58void do_authenticated(Authctxt *); 58void do_authenticated(Authctxt *);
59void do_cleanup(Authctxt *);
59 60
60int session_open(Authctxt *, int); 61int session_open(Authctxt *, int);
61int session_input_channel_req(Channel *, const char *); 62int session_input_channel_req(Channel *, const char *);
62void session_close_by_pid(pid_t, int); 63void session_close_by_pid(pid_t, int);
63void session_close_by_channel(int, void *); 64void session_close_by_channel(int, void *);
64void session_destroy_all(void (*)(Session *)); 65void session_destroy_all(void (*)(Session *));
65void session_pty_cleanup2(void *); 66void session_pty_cleanup2(Session *);
66 67
67Session *session_new(void); 68Session *session_new(void);
68Session *session_by_tty(char *); 69Session *session_by_tty(char *);
diff --git a/sftp-client.c b/sftp-client.c
index ffff0fe5a..81c5dd497 100644
--- a/sftp-client.c
+++ b/sftp-client.c
@@ -1,25 +1,17 @@
1/* 1/*
2 * Copyright (c) 2001-2003 Damien Miller. All rights reserved. 2 * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Permission to use, copy, modify, and distribute this software for any
5 * modification, are permitted provided that the following conditions 5 * purpose with or without fee is hereby granted, provided that the above
6 * are met: 6 * copyright notice and this permission notice appear in all copies.
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * 7 *
13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23 */ 15 */
24 16
25/* XXX: memleaks */ 17/* XXX: memleaks */
@@ -28,7 +20,7 @@
28/* XXX: copy between two remote sites */ 20/* XXX: copy between two remote sites */
29 21
30#include "includes.h" 22#include "includes.h"
31RCSID("$OpenBSD: sftp-client.c,v 1.44 2003/06/28 16:23:06 deraadt Exp $"); 23RCSID("$OpenBSD: sftp-client.c,v 1.46 2004/02/17 05:39:51 djm Exp $");
32 24
33#include "openbsd-compat/sys-queue.h" 25#include "openbsd-compat/sys-queue.h"
34 26
@@ -798,7 +790,7 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path,
798 return(-1); 790 return(-1);
799 } 791 }
800 792
801 local_fd = open(local_path, O_WRONLY | O_CREAT | O_TRUNC, 793 local_fd = open(local_path, O_WRONLY | O_CREAT | O_TRUNC,
802 mode | S_IWRITE); 794 mode | S_IWRITE);
803 if (local_fd == -1) { 795 if (local_fd == -1) {
804 error("Couldn't open local file \"%s\" for writing: %s", 796 error("Couldn't open local file \"%s\" for writing: %s",
@@ -946,7 +938,7 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path,
946 /* Override umask and utimes if asked */ 938 /* Override umask and utimes if asked */
947#ifdef HAVE_FCHMOD 939#ifdef HAVE_FCHMOD
948 if (pflag && fchmod(local_fd, mode) == -1) 940 if (pflag && fchmod(local_fd, mode) == -1)
949#else 941#else
950 if (pflag && chmod(local_path, mode) == -1) 942 if (pflag && chmod(local_path, mode) == -1)
951#endif /* HAVE_FCHMOD */ 943#endif /* HAVE_FCHMOD */
952 error("Couldn't set mode on \"%s\": %s", local_path, 944 error("Couldn't set mode on \"%s\": %s", local_path,
diff --git a/sftp-client.h b/sftp-client.h
index 98e08ffa7..a0e8e44b3 100644
--- a/sftp-client.h
+++ b/sftp-client.h
@@ -1,27 +1,19 @@
1/* $OpenBSD: sftp-client.h,v 1.11 2002/09/11 22:41:50 djm Exp $ */ 1/* $OpenBSD: sftp-client.h,v 1.12 2004/02/17 05:39:51 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2001,2002 Damien Miller. All rights reserved. 4 * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
5 * 5 *
6 * Redistribution and use in source and binary forms, with or without 6 * Permission to use, copy, modify, and distribute this software for any
7 * modification, are permitted provided that the following conditions 7 * purpose with or without fee is hereby granted, provided that the above
8 * are met: 8 * copyright notice and this permission notice appear in all copies.
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 * 9 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25 */ 17 */
26 18
27/* Client side of SSH2 filexfer protocol */ 19/* Client side of SSH2 filexfer protocol */
diff --git a/sftp-common.c b/sftp-common.c
index 5313b134d..4cea3c305 100644
--- a/sftp-common.c
+++ b/sftp-common.c
@@ -24,7 +24,7 @@
24 */ 24 */
25 25
26#include "includes.h" 26#include "includes.h"
27RCSID("$OpenBSD: sftp-common.c,v 1.9 2003/05/24 09:30:40 djm Exp $"); 27RCSID("$OpenBSD: sftp-common.c,v 1.10 2003/11/10 16:23:41 jakob Exp $");
28 28
29#include "buffer.h" 29#include "buffer.h"
30#include "bufaux.h" 30#include "bufaux.h"
@@ -49,7 +49,7 @@ attrib_clear(Attrib *a)
49 49
50/* Convert from struct stat to filexfer attribs */ 50/* Convert from struct stat to filexfer attribs */
51void 51void
52stat_to_attrib(struct stat *st, Attrib *a) 52stat_to_attrib(const struct stat *st, Attrib *a)
53{ 53{
54 attrib_clear(a); 54 attrib_clear(a);
55 a->flags = 0; 55 a->flags = 0;
@@ -67,7 +67,7 @@ stat_to_attrib(struct stat *st, Attrib *a)
67 67
68/* Convert from filexfer attribs to struct stat */ 68/* Convert from filexfer attribs to struct stat */
69void 69void
70attrib_to_stat(Attrib *a, struct stat *st) 70attrib_to_stat(const Attrib *a, struct stat *st)
71{ 71{
72 memset(st, 0, sizeof(*st)); 72 memset(st, 0, sizeof(*st));
73 73
@@ -124,7 +124,7 @@ decode_attrib(Buffer *b)
124 124
125/* Encode attributes to buffer */ 125/* Encode attributes to buffer */
126void 126void
127encode_attrib(Buffer *b, Attrib *a) 127encode_attrib(Buffer *b, const Attrib *a)
128{ 128{
129 buffer_put_int(b, a->flags); 129 buffer_put_int(b, a->flags);
130 if (a->flags & SSH2_FILEXFER_ATTR_SIZE) 130 if (a->flags & SSH2_FILEXFER_ATTR_SIZE)
@@ -174,7 +174,7 @@ fx2txt(int status)
174 * drwxr-xr-x 5 markus markus 1024 Jan 13 18:39 .ssh 174 * drwxr-xr-x 5 markus markus 1024 Jan 13 18:39 .ssh
175 */ 175 */
176char * 176char *
177ls_file(char *name, struct stat *st, int remote) 177ls_file(const char *name, const struct stat *st, int remote)
178{ 178{
179 int ulen, glen, sz = 0; 179 int ulen, glen, sz = 0;
180 struct passwd *pw; 180 struct passwd *pw;
diff --git a/sftp-common.h b/sftp-common.h
index 201611cc4..b42ba9140 100644
--- a/sftp-common.h
+++ b/sftp-common.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: sftp-common.h,v 1.4 2002/09/11 22:41:50 djm Exp $ */ 1/* $OpenBSD: sftp-common.h,v 1.5 2003/11/10 16:23:41 jakob Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2001 Markus Friedl. All rights reserved. 4 * Copyright (c) 2001 Markus Friedl. All rights reserved.
@@ -39,10 +39,10 @@ struct Attrib {
39}; 39};
40 40
41void attrib_clear(Attrib *); 41void attrib_clear(Attrib *);
42void stat_to_attrib(struct stat *, Attrib *); 42void stat_to_attrib(const struct stat *, Attrib *);
43void attrib_to_stat(Attrib *, struct stat *); 43void attrib_to_stat(const Attrib *, struct stat *);
44Attrib *decode_attrib(Buffer *); 44Attrib *decode_attrib(Buffer *);
45void encode_attrib(Buffer *, Attrib *); 45void encode_attrib(Buffer *, const Attrib *);
46char *ls_file(char *, struct stat *, int); 46char *ls_file(const char *, const struct stat *, int);
47 47
48const char *fx2txt(int); 48const char *fx2txt(int);
diff --git a/sftp-glob.c b/sftp-glob.c
index ee122a2cd..16c5e206a 100644
--- a/sftp-glob.c
+++ b/sftp-glob.c
@@ -1,29 +1,21 @@
1/* 1/*
2 * Copyright (c) 2001,2002 Damien Miller. All rights reserved. 2 * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Permission to use, copy, modify, and distribute this software for any
5 * modification, are permitted provided that the following conditions 5 * purpose with or without fee is hereby granted, provided that the above
6 * are met: 6 * copyright notice and this permission notice appear in all copies.
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * 7 *
13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23 */ 15 */
24 16
25#include "includes.h" 17#include "includes.h"
26RCSID("$OpenBSD: sftp-glob.c,v 1.13 2002/09/11 22:41:50 djm Exp $"); 18RCSID("$OpenBSD: sftp-glob.c,v 1.15 2004/02/17 07:17:29 djm Exp $");
27 19
28#include "buffer.h" 20#include "buffer.h"
29#include "bufaux.h" 21#include "bufaux.h"
@@ -33,7 +25,9 @@ RCSID("$OpenBSD: sftp-glob.c,v 1.13 2002/09/11 22:41:50 djm Exp $");
33#include "sftp.h" 25#include "sftp.h"
34#include "sftp-common.h" 26#include "sftp-common.h"
35#include "sftp-client.h" 27#include "sftp-client.h"
36#include "sftp-glob.h" 28
29int remote_glob(struct sftp_conn *, const char *, int,
30 int (*)(const char *, int), glob_t *);
37 31
38struct SFTP_OPENDIR { 32struct SFTP_OPENDIR {
39 SFTP_DIRENT **dir; 33 SFTP_DIRENT **dir;
@@ -70,7 +64,7 @@ fudge_readdir(struct SFTP_OPENDIR *od)
70#ifdef __GNU_LIBRARY__ 64#ifdef __GNU_LIBRARY__
71 static int inum = 1; 65 static int inum = 1;
72#endif /* __GNU_LIBRARY__ */ 66#endif /* __GNU_LIBRARY__ */
73 67
74 if (od->dir[od->offset] == NULL) 68 if (od->dir[od->offset] == NULL)
75 return(NULL); 69 return(NULL);
76 70
@@ -89,7 +83,7 @@ fudge_readdir(struct SFTP_OPENDIR *od)
89#ifdef __GNU_LIBRARY__ 83#ifdef __GNU_LIBRARY__
90 /* 84 /*
91 * Idiot glibc uses extensions to struct dirent for readdir with 85 * Idiot glibc uses extensions to struct dirent for readdir with
92 * ALTDIRFUNCs. Not that this is documented anywhere but the 86 * ALTDIRFUNCs. Not that this is documented anywhere but the
93 * source... Fake an inode number to appease it. 87 * source... Fake an inode number to appease it.
94 */ 88 */
95 ret->d_ino = inum++; 89 ret->d_ino = inum++;
diff --git a/sftp-glob.h b/sftp-glob.h
deleted file mode 100644
index f879e8719..000000000
--- a/sftp-glob.h
+++ /dev/null
@@ -1,37 +0,0 @@
1/* $OpenBSD: sftp-glob.h,v 1.8 2002/09/11 22:41:50 djm Exp $ */
2
3/*
4 * Copyright (c) 2001,2002 Damien Miller. All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25 */
26
27/* Remote sftp filename globbing */
28
29#ifndef _SFTP_GLOB_H
30#define _SFTP_GLOB_H
31
32#include "sftp-client.h"
33
34int remote_glob(struct sftp_conn *, const char *, int,
35 int (*)(const char *, int), glob_t *);
36
37#endif
diff --git a/sftp-int.c b/sftp-int.c
deleted file mode 100644
index 94299aa43..000000000
--- a/sftp-int.c
+++ /dev/null
@@ -1,1190 +0,0 @@
1/*
2 * Copyright (c) 2001,2002 Damien Miller. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 *
13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23 */
24
25/* XXX: recursive operations */
26
27#include "includes.h"
28RCSID("$OpenBSD: sftp-int.c,v 1.62 2003/08/25 08:13:09 fgsch Exp $");
29
30#include "buffer.h"
31#include "xmalloc.h"
32#include "log.h"
33#include "pathnames.h"
34
35#include "sftp.h"
36#include "sftp-common.h"
37#include "sftp-glob.h"
38#include "sftp-client.h"
39#include "sftp-int.h"
40
41/* File to read commands from */
42extern FILE *infile;
43
44/* Size of buffer used when copying files */
45extern size_t copy_buffer_len;
46
47/* Number of concurrent outstanding requests */
48extern int num_requests;
49
50/* This is set to 0 if the progressmeter is not desired. */
51int showprogress = 1;
52
53/* Seperators for interactive commands */
54#define WHITESPACE " \t\r\n"
55
56/* Define what type of ls view (0 - multi-column) */
57#define LONG_VIEW 1 /* Full view ala ls -l */
58#define SHORT_VIEW 2 /* Single row view ala ls -1 */
59
60/* Commands for interactive mode */
61#define I_CHDIR 1
62#define I_CHGRP 2
63#define I_CHMOD 3
64#define I_CHOWN 4
65#define I_GET 5
66#define I_HELP 6
67#define I_LCHDIR 7
68#define I_LLS 8
69#define I_LMKDIR 9
70#define I_LPWD 10
71#define I_LS 11
72#define I_LUMASK 12
73#define I_MKDIR 13
74#define I_PUT 14
75#define I_PWD 15
76#define I_QUIT 16
77#define I_RENAME 17
78#define I_RM 18
79#define I_RMDIR 19
80#define I_SHELL 20
81#define I_SYMLINK 21
82#define I_VERSION 22
83#define I_PROGRESS 23
84
85struct CMD {
86 const char *c;
87 const int n;
88};
89
90static const struct CMD cmds[] = {
91 { "bye", I_QUIT },
92 { "cd", I_CHDIR },
93 { "chdir", I_CHDIR },
94 { "chgrp", I_CHGRP },
95 { "chmod", I_CHMOD },
96 { "chown", I_CHOWN },
97 { "dir", I_LS },
98 { "exit", I_QUIT },
99 { "get", I_GET },
100 { "mget", I_GET },
101 { "help", I_HELP },
102 { "lcd", I_LCHDIR },
103 { "lchdir", I_LCHDIR },
104 { "lls", I_LLS },
105 { "lmkdir", I_LMKDIR },
106 { "ln", I_SYMLINK },
107 { "lpwd", I_LPWD },
108 { "ls", I_LS },
109 { "lumask", I_LUMASK },
110 { "mkdir", I_MKDIR },
111 { "progress", I_PROGRESS },
112 { "put", I_PUT },
113 { "mput", I_PUT },
114 { "pwd", I_PWD },
115 { "quit", I_QUIT },
116 { "rename", I_RENAME },
117 { "rm", I_RM },
118 { "rmdir", I_RMDIR },
119 { "symlink", I_SYMLINK },
120 { "version", I_VERSION },
121 { "!", I_SHELL },
122 { "?", I_HELP },
123 { NULL, -1}
124};
125
126static void
127help(void)
128{
129 printf("Available commands:\n");
130 printf("cd path Change remote directory to 'path'\n");
131 printf("lcd path Change local directory to 'path'\n");
132 printf("chgrp grp path Change group of file 'path' to 'grp'\n");
133 printf("chmod mode path Change permissions of file 'path' to 'mode'\n");
134 printf("chown own path Change owner of file 'path' to 'own'\n");
135 printf("help Display this help text\n");
136 printf("get remote-path [local-path] Download file\n");
137 printf("lls [ls-options [path]] Display local directory listing\n");
138 printf("ln oldpath newpath Symlink remote file\n");
139 printf("lmkdir path Create local directory\n");
140 printf("lpwd Print local working directory\n");
141 printf("ls [path] Display remote directory listing\n");
142 printf("lumask umask Set local umask to 'umask'\n");
143 printf("mkdir path Create remote directory\n");
144 printf("progress Toggle display of progress meter\n");
145 printf("put local-path [remote-path] Upload file\n");
146 printf("pwd Display remote working directory\n");
147 printf("exit Quit sftp\n");
148 printf("quit Quit sftp\n");
149 printf("rename oldpath newpath Rename remote file\n");
150 printf("rmdir path Remove remote directory\n");
151 printf("rm path Delete remote file\n");
152 printf("symlink oldpath newpath Symlink remote file\n");
153 printf("version Show SFTP version\n");
154 printf("!command Execute 'command' in local shell\n");
155 printf("! Escape to local shell\n");
156 printf("? Synonym for help\n");
157}
158
159static void
160local_do_shell(const char *args)
161{
162 int status;
163 char *shell;
164 pid_t pid;
165
166 if (!*args)
167 args = NULL;
168
169 if ((shell = getenv("SHELL")) == NULL)
170 shell = _PATH_BSHELL;
171
172 if ((pid = fork()) == -1)
173 fatal("Couldn't fork: %s", strerror(errno));
174
175 if (pid == 0) {
176 /* XXX: child has pipe fds to ssh subproc open - issue? */
177 if (args) {
178 debug3("Executing %s -c \"%s\"", shell, args);
179 execl(shell, shell, "-c", args, (char *)NULL);
180 } else {
181 debug3("Executing %s", shell);
182 execl(shell, shell, (char *)NULL);
183 }
184 fprintf(stderr, "Couldn't execute \"%s\": %s\n", shell,
185 strerror(errno));
186 _exit(1);
187 }
188 while (waitpid(pid, &status, 0) == -1)
189 if (errno != EINTR)
190 fatal("Couldn't wait for child: %s", strerror(errno));
191 if (!WIFEXITED(status))
192 error("Shell exited abormally");
193 else if (WEXITSTATUS(status))
194 error("Shell exited with status %d", WEXITSTATUS(status));
195}
196
197static void
198local_do_ls(const char *args)
199{
200 if (!args || !*args)
201 local_do_shell(_PATH_LS);
202 else {
203 int len = strlen(_PATH_LS " ") + strlen(args) + 1;
204 char *buf = xmalloc(len);
205
206 /* XXX: quoting - rip quoting code from ftp? */
207 snprintf(buf, len, _PATH_LS " %s", args);
208 local_do_shell(buf);
209 xfree(buf);
210 }
211}
212
213/* Strip one path (usually the pwd) from the start of another */
214static char *
215path_strip(char *path, char *strip)
216{
217 size_t len;
218
219 if (strip == NULL)
220 return (xstrdup(path));
221
222 len = strlen(strip);
223 if (strip != NULL && strncmp(path, strip, len) == 0) {
224 if (strip[len - 1] != '/' && path[len] == '/')
225 len++;
226 return (xstrdup(path + len));
227 }
228
229 return (xstrdup(path));
230}
231
232static char *
233path_append(char *p1, char *p2)
234{
235 char *ret;
236 int len = strlen(p1) + strlen(p2) + 2;
237
238 ret = xmalloc(len);
239 strlcpy(ret, p1, len);
240 if (p1[strlen(p1) - 1] != '/')
241 strlcat(ret, "/", len);
242 strlcat(ret, p2, len);
243
244 return(ret);
245}
246
247static char *
248make_absolute(char *p, char *pwd)
249{
250 char *abs;
251
252 /* Derelativise */
253 if (p && p[0] != '/') {
254 abs = path_append(pwd, p);
255 xfree(p);
256 return(abs);
257 } else
258 return(p);
259}
260
261static int
262infer_path(const char *p, char **ifp)
263{
264 char *cp;
265
266 cp = strrchr(p, '/');
267 if (cp == NULL) {
268 *ifp = xstrdup(p);
269 return(0);
270 }
271
272 if (!cp[1]) {
273 error("Invalid path");
274 return(-1);
275 }
276
277 *ifp = xstrdup(cp + 1);
278 return(0);
279}
280
281static int
282parse_getput_flags(const char **cpp, int *pflag)
283{
284 const char *cp = *cpp;
285
286 /* Check for flags */
287 if (cp[0] == '-' && cp[1] && strchr(WHITESPACE, cp[2])) {
288 switch (cp[1]) {
289 case 'p':
290 case 'P':
291 *pflag = 1;
292 break;
293 default:
294 error("Invalid flag -%c", cp[1]);
295 return(-1);
296 }
297 cp += 2;
298 *cpp = cp + strspn(cp, WHITESPACE);
299 }
300
301 return(0);
302}
303
304static int
305parse_ls_flags(const char **cpp, int *lflag)
306{
307 const char *cp = *cpp;
308
309 /* Check for flags */
310 if (cp++[0] == '-') {
311 for(; strchr(WHITESPACE, *cp) == NULL; cp++) {
312 switch (*cp) {
313 case 'l':
314 *lflag = LONG_VIEW;
315 break;
316 case '1':
317 *lflag = SHORT_VIEW;
318 break;
319 default:
320 error("Invalid flag -%c", *cp);
321 return(-1);
322 }
323 }
324 *cpp = cp + strspn(cp, WHITESPACE);
325 }
326
327 return(0);
328}
329
330static int
331get_pathname(const char **cpp, char **path)
332{
333 const char *cp = *cpp, *end;
334 char quot;
335 int i, j;
336
337 cp += strspn(cp, WHITESPACE);
338 if (!*cp) {
339 *cpp = cp;
340 *path = NULL;
341 return (0);
342 }
343
344 *path = xmalloc(strlen(cp) + 1);
345
346 /* Check for quoted filenames */
347 if (*cp == '\"' || *cp == '\'') {
348 quot = *cp++;
349
350 /* Search for terminating quote, unescape some chars */
351 for (i = j = 0; i <= strlen(cp); i++) {
352 if (cp[i] == quot) { /* Found quote */
353 (*path)[j] = '\0';
354 break;
355 }
356 if (cp[i] == '\0') { /* End of string */
357 error("Unterminated quote");
358 goto fail;
359 }
360 if (cp[i] == '\\') { /* Escaped characters */
361 i++;
362 if (cp[i] != '\'' && cp[i] != '\"' &&
363 cp[i] != '\\') {
364 error("Bad escaped character '\%c'",
365 cp[i]);
366 goto fail;
367 }
368 }
369 (*path)[j++] = cp[i];
370 }
371
372 if (j == 0) {
373 error("Empty quotes");
374 goto fail;
375 }
376 *cpp = cp + i + strspn(cp + i, WHITESPACE);
377 } else {
378 /* Read to end of filename */
379 end = strpbrk(cp, WHITESPACE);
380 if (end == NULL)
381 end = strchr(cp, '\0');
382 *cpp = end + strspn(end, WHITESPACE);
383
384 memcpy(*path, cp, end - cp);
385 (*path)[end - cp] = '\0';
386 }
387 return (0);
388
389 fail:
390 xfree(*path);
391 *path = NULL;
392 return (-1);
393}
394
395static int
396is_dir(char *path)
397{
398 struct stat sb;
399
400 /* XXX: report errors? */
401 if (stat(path, &sb) == -1)
402 return(0);
403
404 return(sb.st_mode & S_IFDIR);
405}
406
407static int
408is_reg(char *path)
409{
410 struct stat sb;
411
412 if (stat(path, &sb) == -1)
413 fatal("stat %s: %s", path, strerror(errno));
414
415 return(S_ISREG(sb.st_mode));
416}
417
418static int
419remote_is_dir(struct sftp_conn *conn, char *path)
420{
421 Attrib *a;
422
423 /* XXX: report errors? */
424 if ((a = do_stat(conn, path, 1)) == NULL)
425 return(0);
426 if (!(a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS))
427 return(0);
428 return(a->perm & S_IFDIR);
429}
430
431static int
432process_get(struct sftp_conn *conn, char *src, char *dst, char *pwd, int pflag)
433{
434 char *abs_src = NULL;
435 char *abs_dst = NULL;
436 char *tmp;
437 glob_t g;
438 int err = 0;
439 int i;
440
441 abs_src = xstrdup(src);
442 abs_src = make_absolute(abs_src, pwd);
443
444 memset(&g, 0, sizeof(g));
445 debug3("Looking up %s", abs_src);
446 if (remote_glob(conn, abs_src, 0, NULL, &g)) {
447 error("File \"%s\" not found.", abs_src);
448 err = -1;
449 goto out;
450 }
451
452 /* If multiple matches, dst must be a directory or unspecified */
453 if (g.gl_matchc > 1 && dst && !is_dir(dst)) {
454 error("Multiple files match, but \"%s\" is not a directory",
455 dst);
456 err = -1;
457 goto out;
458 }
459
460 for (i = 0; g.gl_pathv[i]; i++) {
461 if (infer_path(g.gl_pathv[i], &tmp)) {
462 err = -1;
463 goto out;
464 }
465
466 if (g.gl_matchc == 1 && dst) {
467 /* If directory specified, append filename */
468 if (is_dir(dst)) {
469 if (infer_path(g.gl_pathv[0], &tmp)) {
470 err = 1;
471 goto out;
472 }
473 abs_dst = path_append(dst, tmp);
474 xfree(tmp);
475 } else
476 abs_dst = xstrdup(dst);
477 } else if (dst) {
478 abs_dst = path_append(dst, tmp);
479 xfree(tmp);
480 } else
481 abs_dst = tmp;
482
483 printf("Fetching %s to %s\n", g.gl_pathv[i], abs_dst);
484 if (do_download(conn, g.gl_pathv[i], abs_dst, pflag) == -1)
485 err = -1;
486 xfree(abs_dst);
487 abs_dst = NULL;
488 }
489
490out:
491 xfree(abs_src);
492 if (abs_dst)
493 xfree(abs_dst);
494 globfree(&g);
495 return(err);
496}
497
498static int
499process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd, int pflag)
500{
501 char *tmp_dst = NULL;
502 char *abs_dst = NULL;
503 char *tmp;
504 glob_t g;
505 int err = 0;
506 int i;
507
508 if (dst) {
509 tmp_dst = xstrdup(dst);
510 tmp_dst = make_absolute(tmp_dst, pwd);
511 }
512
513 memset(&g, 0, sizeof(g));
514 debug3("Looking up %s", src);
515 if (glob(src, 0, NULL, &g)) {
516 error("File \"%s\" not found.", src);
517 err = -1;
518 goto out;
519 }
520
521 /* If multiple matches, dst may be directory or unspecified */
522 if (g.gl_matchc > 1 && tmp_dst && !remote_is_dir(conn, tmp_dst)) {
523 error("Multiple files match, but \"%s\" is not a directory",
524 tmp_dst);
525 err = -1;
526 goto out;
527 }
528
529 for (i = 0; g.gl_pathv[i]; i++) {
530 if (!is_reg(g.gl_pathv[i])) {
531 error("skipping non-regular file %s",
532 g.gl_pathv[i]);
533 continue;
534 }
535 if (infer_path(g.gl_pathv[i], &tmp)) {
536 err = -1;
537 goto out;
538 }
539
540 if (g.gl_matchc == 1 && tmp_dst) {
541 /* If directory specified, append filename */
542 if (remote_is_dir(conn, tmp_dst)) {
543 if (infer_path(g.gl_pathv[0], &tmp)) {
544 err = 1;
545 goto out;
546 }
547 abs_dst = path_append(tmp_dst, tmp);
548 xfree(tmp);
549 } else
550 abs_dst = xstrdup(tmp_dst);
551
552 } else if (tmp_dst) {
553 abs_dst = path_append(tmp_dst, tmp);
554 xfree(tmp);
555 } else
556 abs_dst = make_absolute(tmp, pwd);
557
558 printf("Uploading %s to %s\n", g.gl_pathv[i], abs_dst);
559 if (do_upload(conn, g.gl_pathv[i], abs_dst, pflag) == -1)
560 err = -1;
561 }
562
563out:
564 if (abs_dst)
565 xfree(abs_dst);
566 if (tmp_dst)
567 xfree(tmp_dst);
568 globfree(&g);
569 return(err);
570}
571
572static int
573sdirent_comp(const void *aa, const void *bb)
574{
575 SFTP_DIRENT *a = *(SFTP_DIRENT **)aa;
576 SFTP_DIRENT *b = *(SFTP_DIRENT **)bb;
577
578 return (strcmp(a->filename, b->filename));
579}
580
581/* sftp ls.1 replacement for directories */
582static int
583do_ls_dir(struct sftp_conn *conn, char *path, char *strip_path, int lflag)
584{
585 int n, c = 1, colspace = 0, columns = 1;
586 SFTP_DIRENT **d;
587
588 if ((n = do_readdir(conn, path, &d)) != 0)
589 return (n);
590
591 if (!(lflag & SHORT_VIEW)) {
592 int m = 0, width = 80;
593 struct winsize ws;
594
595 /* Count entries for sort and find longest filename */
596 for (n = 0; d[n] != NULL; n++)
597 m = MAX(m, strlen(d[n]->filename));
598
599 if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) != -1)
600 width = ws.ws_col;
601
602 columns = width / (m + 2);
603 columns = MAX(columns, 1);
604 colspace = width / columns;
605 }
606
607 qsort(d, n, sizeof(*d), sdirent_comp);
608
609 for (n = 0; d[n] != NULL; n++) {
610 char *tmp, *fname;
611
612 tmp = path_append(path, d[n]->filename);
613 fname = path_strip(tmp, strip_path);
614 xfree(tmp);
615
616 if (lflag & LONG_VIEW) {
617 char *lname;
618 struct stat sb;
619
620 memset(&sb, 0, sizeof(sb));
621 attrib_to_stat(&d[n]->a, &sb);
622 lname = ls_file(fname, &sb, 1);
623 printf("%s\n", lname);
624 xfree(lname);
625 } else {
626 printf("%-*s", colspace, fname);
627 if (c >= columns) {
628 printf("\n");
629 c = 1;
630 } else
631 c++;
632 }
633
634 xfree(fname);
635 }
636
637 if (!(lflag & LONG_VIEW) && (c != 1))
638 printf("\n");
639
640 free_sftp_dirents(d);
641 return (0);
642}
643
644/* sftp ls.1 replacement which handles path globs */
645static int
646do_globbed_ls(struct sftp_conn *conn, char *path, char *strip_path,
647 int lflag)
648{
649 glob_t g;
650 int i, c = 1, colspace = 0, columns = 1;
651 Attrib *a;
652
653 memset(&g, 0, sizeof(g));
654
655 if (remote_glob(conn, path, GLOB_MARK|GLOB_NOCHECK|GLOB_BRACE,
656 NULL, &g)) {
657 error("Can't ls: \"%s\" not found", path);
658 return (-1);
659 }
660
661 /*
662 * If the glob returns a single match, which is the same as the
663 * input glob, and it is a directory, then just list its contents
664 */
665 if (g.gl_pathc == 1 &&
666 strncmp(path, g.gl_pathv[0], strlen(g.gl_pathv[0]) - 1) == 0) {
667 if ((a = do_lstat(conn, path, 1)) == NULL) {
668 globfree(&g);
669 return (-1);
670 }
671 if ((a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) &&
672 S_ISDIR(a->perm)) {
673 globfree(&g);
674 return (do_ls_dir(conn, path, strip_path, lflag));
675 }
676 }
677
678 if (!(lflag & SHORT_VIEW)) {
679 int m = 0, width = 80;
680 struct winsize ws;
681
682 /* Count entries for sort and find longest filename */
683 for (i = 0; g.gl_pathv[i]; i++)
684 m = MAX(m, strlen(g.gl_pathv[i]));
685
686 if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) != -1)
687 width = ws.ws_col;
688
689 columns = width / (m + 2);
690 columns = MAX(columns, 1);
691 colspace = width / columns;
692 }
693
694 for (i = 0; g.gl_pathv[i]; i++) {
695 char *fname;
696
697 fname = path_strip(g.gl_pathv[i], strip_path);
698
699 if (lflag & LONG_VIEW) {
700 char *lname;
701 struct stat sb;
702
703 /*
704 * XXX: this is slow - 1 roundtrip per path
705 * A solution to this is to fork glob() and
706 * build a sftp specific version which keeps the
707 * attribs (which currently get thrown away)
708 * that the server returns as well as the filenames.
709 */
710 memset(&sb, 0, sizeof(sb));
711 a = do_lstat(conn, g.gl_pathv[i], 1);
712 if (a != NULL)
713 attrib_to_stat(a, &sb);
714 lname = ls_file(fname, &sb, 1);
715 printf("%s\n", lname);
716 xfree(lname);
717 } else {
718 printf("%-*s", colspace, fname);
719 if (c >= columns) {
720 printf("\n");
721 c = 1;
722 } else
723 c++;
724 }
725 xfree(fname);
726 }
727
728 if (!(lflag & LONG_VIEW) && (c != 1))
729 printf("\n");
730
731 if (g.gl_pathc)
732 globfree(&g);
733
734 return (0);
735}
736
737static int
738parse_args(const char **cpp, int *pflag, int *lflag, int *iflag,
739 unsigned long *n_arg, char **path1, char **path2)
740{
741 const char *cmd, *cp = *cpp;
742 char *cp2;
743 int base = 0;
744 long l;
745 int i, cmdnum;
746
747 /* Skip leading whitespace */
748 cp = cp + strspn(cp, WHITESPACE);
749
750 /* Ignore blank lines and lines which begin with comment '#' char */
751 if (*cp == '\0' || *cp == '#')
752 return (0);
753
754 /* Check for leading '-' (disable error processing) */
755 *iflag = 0;
756 if (*cp == '-') {
757 *iflag = 1;
758 cp++;
759 }
760
761 /* Figure out which command we have */
762 for (i = 0; cmds[i].c; i++) {
763 int cmdlen = strlen(cmds[i].c);
764
765 /* Check for command followed by whitespace */
766 if (!strncasecmp(cp, cmds[i].c, cmdlen) &&
767 strchr(WHITESPACE, cp[cmdlen])) {
768 cp += cmdlen;
769 cp = cp + strspn(cp, WHITESPACE);
770 break;
771 }
772 }
773 cmdnum = cmds[i].n;
774 cmd = cmds[i].c;
775
776 /* Special case */
777 if (*cp == '!') {
778 cp++;
779 cmdnum = I_SHELL;
780 } else if (cmdnum == -1) {
781 error("Invalid command.");
782 return (-1);
783 }
784
785 /* Get arguments and parse flags */
786 *lflag = *pflag = *n_arg = 0;
787 *path1 = *path2 = NULL;
788 switch (cmdnum) {
789 case I_GET:
790 case I_PUT:
791 if (parse_getput_flags(&cp, pflag))
792 return(-1);
793 /* Get first pathname (mandatory) */
794 if (get_pathname(&cp, path1))
795 return(-1);
796 if (*path1 == NULL) {
797 error("You must specify at least one path after a "
798 "%s command.", cmd);
799 return(-1);
800 }
801 /* Try to get second pathname (optional) */
802 if (get_pathname(&cp, path2))
803 return(-1);
804 break;
805 case I_RENAME:
806 case I_SYMLINK:
807 if (get_pathname(&cp, path1))
808 return(-1);
809 if (get_pathname(&cp, path2))
810 return(-1);
811 if (!*path1 || !*path2) {
812 error("You must specify two paths after a %s "
813 "command.", cmd);
814 return(-1);
815 }
816 break;
817 case I_RM:
818 case I_MKDIR:
819 case I_RMDIR:
820 case I_CHDIR:
821 case I_LCHDIR:
822 case I_LMKDIR:
823 /* Get pathname (mandatory) */
824 if (get_pathname(&cp, path1))
825 return(-1);
826 if (*path1 == NULL) {
827 error("You must specify a path after a %s command.",
828 cmd);
829 return(-1);
830 }
831 break;
832 case I_LS:
833 if (parse_ls_flags(&cp, lflag))
834 return(-1);
835 /* Path is optional */
836 if (get_pathname(&cp, path1))
837 return(-1);
838 break;
839 case I_LLS:
840 case I_SHELL:
841 /* Uses the rest of the line */
842 break;
843 case I_LUMASK:
844 base = 8;
845 case I_CHMOD:
846 base = 8;
847 case I_CHOWN:
848 case I_CHGRP:
849 /* Get numeric arg (mandatory) */
850 l = strtol(cp, &cp2, base);
851 if (cp2 == cp || ((l == LONG_MIN || l == LONG_MAX) &&
852 errno == ERANGE) || l < 0) {
853 error("You must supply a numeric argument "
854 "to the %s command.", cmd);
855 return(-1);
856 }
857 cp = cp2;
858 *n_arg = l;
859 if (cmdnum == I_LUMASK && strchr(WHITESPACE, *cp))
860 break;
861 if (cmdnum == I_LUMASK || !strchr(WHITESPACE, *cp)) {
862 error("You must supply a numeric argument "
863 "to the %s command.", cmd);
864 return(-1);
865 }
866 cp += strspn(cp, WHITESPACE);
867
868 /* Get pathname (mandatory) */
869 if (get_pathname(&cp, path1))
870 return(-1);
871 if (*path1 == NULL) {
872 error("You must specify a path after a %s command.",
873 cmd);
874 return(-1);
875 }
876 break;
877 case I_QUIT:
878 case I_PWD:
879 case I_LPWD:
880 case I_HELP:
881 case I_VERSION:
882 case I_PROGRESS:
883 break;
884 default:
885 fatal("Command not implemented");
886 }
887
888 *cpp = cp;
889 return(cmdnum);
890}
891
892static int
893parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd,
894 int err_abort)
895{
896 char *path1, *path2, *tmp;
897 int pflag, lflag, iflag, cmdnum, i;
898 unsigned long n_arg;
899 Attrib a, *aa;
900 char path_buf[MAXPATHLEN];
901 int err = 0;
902 glob_t g;
903
904 path1 = path2 = NULL;
905 cmdnum = parse_args(&cmd, &pflag, &lflag, &iflag, &n_arg,
906 &path1, &path2);
907
908 if (iflag != 0)
909 err_abort = 0;
910
911 memset(&g, 0, sizeof(g));
912
913 /* Perform command */
914 switch (cmdnum) {
915 case 0:
916 /* Blank line */
917 break;
918 case -1:
919 /* Unrecognized command */
920 err = -1;
921 break;
922 case I_GET:
923 err = process_get(conn, path1, path2, *pwd, pflag);
924 break;
925 case I_PUT:
926 err = process_put(conn, path1, path2, *pwd, pflag);
927 break;
928 case I_RENAME:
929 path1 = make_absolute(path1, *pwd);
930 path2 = make_absolute(path2, *pwd);
931 err = do_rename(conn, path1, path2);
932 break;
933 case I_SYMLINK:
934 path2 = make_absolute(path2, *pwd);
935 err = do_symlink(conn, path1, path2);
936 break;
937 case I_RM:
938 path1 = make_absolute(path1, *pwd);
939 remote_glob(conn, path1, GLOB_NOCHECK, NULL, &g);
940 for (i = 0; g.gl_pathv[i]; i++) {
941 printf("Removing %s\n", g.gl_pathv[i]);
942 err = do_rm(conn, g.gl_pathv[i]);
943 if (err != 0 && err_abort)
944 break;
945 }
946 break;
947 case I_MKDIR:
948 path1 = make_absolute(path1, *pwd);
949 attrib_clear(&a);
950 a.flags |= SSH2_FILEXFER_ATTR_PERMISSIONS;
951 a.perm = 0777;
952 err = do_mkdir(conn, path1, &a);
953 break;
954 case I_RMDIR:
955 path1 = make_absolute(path1, *pwd);
956 err = do_rmdir(conn, path1);
957 break;
958 case I_CHDIR:
959 path1 = make_absolute(path1, *pwd);
960 if ((tmp = do_realpath(conn, path1)) == NULL) {
961 err = 1;
962 break;
963 }
964 if ((aa = do_stat(conn, tmp, 0)) == NULL) {
965 xfree(tmp);
966 err = 1;
967 break;
968 }
969 if (!(aa->flags & SSH2_FILEXFER_ATTR_PERMISSIONS)) {
970 error("Can't change directory: Can't check target");
971 xfree(tmp);
972 err = 1;
973 break;
974 }
975 if (!S_ISDIR(aa->perm)) {
976 error("Can't change directory: \"%s\" is not "
977 "a directory", tmp);
978 xfree(tmp);
979 err = 1;
980 break;
981 }
982 xfree(*pwd);
983 *pwd = tmp;
984 break;
985 case I_LS:
986 if (!path1) {
987 do_globbed_ls(conn, *pwd, *pwd, lflag);
988 break;
989 }
990
991 /* Strip pwd off beginning of non-absolute paths */
992 tmp = NULL;
993 if (*path1 != '/')
994 tmp = *pwd;
995
996 path1 = make_absolute(path1, *pwd);
997 err = do_globbed_ls(conn, path1, tmp, lflag);
998 break;
999 case I_LCHDIR:
1000 if (chdir(path1) == -1) {
1001 error("Couldn't change local directory to "
1002 "\"%s\": %s", path1, strerror(errno));
1003 err = 1;
1004 }
1005 break;
1006 case I_LMKDIR:
1007 if (mkdir(path1, 0777) == -1) {
1008 error("Couldn't create local directory "
1009 "\"%s\": %s", path1, strerror(errno));
1010 err = 1;
1011 }
1012 break;
1013 case I_LLS:
1014 local_do_ls(cmd);
1015 break;
1016 case I_SHELL:
1017 local_do_shell(cmd);
1018 break;
1019 case I_LUMASK:
1020 umask(n_arg);
1021 printf("Local umask: %03lo\n", n_arg);
1022 break;
1023 case I_CHMOD:
1024 path1 = make_absolute(path1, *pwd);
1025 attrib_clear(&a);
1026 a.flags |= SSH2_FILEXFER_ATTR_PERMISSIONS;
1027 a.perm = n_arg;
1028 remote_glob(conn, path1, GLOB_NOCHECK, NULL, &g);
1029 for (i = 0; g.gl_pathv[i]; i++) {
1030 printf("Changing mode on %s\n", g.gl_pathv[i]);
1031 err = do_setstat(conn, g.gl_pathv[i], &a);
1032 if (err != 0 && err_abort)
1033 break;
1034 }
1035 break;
1036 case I_CHOWN:
1037 case I_CHGRP:
1038 path1 = make_absolute(path1, *pwd);
1039 remote_glob(conn, path1, GLOB_NOCHECK, NULL, &g);
1040 for (i = 0; g.gl_pathv[i]; i++) {
1041 if (!(aa = do_stat(conn, g.gl_pathv[i], 0))) {
1042 if (err != 0 && err_abort)
1043 break;
1044 else
1045 continue;
1046 }
1047 if (!(aa->flags & SSH2_FILEXFER_ATTR_UIDGID)) {
1048 error("Can't get current ownership of "
1049 "remote file \"%s\"", g.gl_pathv[i]);
1050 if (err != 0 && err_abort)
1051 break;
1052 else
1053 continue;
1054 }
1055 aa->flags &= SSH2_FILEXFER_ATTR_UIDGID;
1056 if (cmdnum == I_CHOWN) {
1057 printf("Changing owner on %s\n", g.gl_pathv[i]);
1058 aa->uid = n_arg;
1059 } else {
1060 printf("Changing group on %s\n", g.gl_pathv[i]);
1061 aa->gid = n_arg;
1062 }
1063 err = do_setstat(conn, g.gl_pathv[i], aa);
1064 if (err != 0 && err_abort)
1065 break;
1066 }
1067 break;
1068 case I_PWD:
1069 printf("Remote working directory: %s\n", *pwd);
1070 break;
1071 case I_LPWD:
1072 if (!getcwd(path_buf, sizeof(path_buf))) {
1073 error("Couldn't get local cwd: %s", strerror(errno));
1074 err = -1;
1075 break;
1076 }
1077 printf("Local working directory: %s\n", path_buf);
1078 break;
1079 case I_QUIT:
1080 /* Processed below */
1081 break;
1082 case I_HELP:
1083 help();
1084 break;
1085 case I_VERSION:
1086 printf("SFTP protocol version %u\n", sftp_proto_version(conn));
1087 break;
1088 case I_PROGRESS:
1089 showprogress = !showprogress;
1090 if (showprogress)
1091 printf("Progress meter enabled\n");
1092 else
1093 printf("Progress meter disabled\n");
1094 break;
1095 default:
1096 fatal("%d is not implemented", cmdnum);
1097 }
1098
1099 if (g.gl_pathc)
1100 globfree(&g);
1101 if (path1)
1102 xfree(path1);
1103 if (path2)
1104 xfree(path2);
1105
1106 /* If an unignored error occurs in batch mode we should abort. */
1107 if (err_abort && err != 0)
1108 return (-1);
1109 else if (cmdnum == I_QUIT)
1110 return (1);
1111
1112 return (0);
1113}
1114
1115int
1116interactive_loop(int fd_in, int fd_out, char *file1, char *file2)
1117{
1118 char *pwd;
1119 char *dir = NULL;
1120 char cmd[2048];
1121 struct sftp_conn *conn;
1122 int err;
1123
1124 conn = do_init(fd_in, fd_out, copy_buffer_len, num_requests);
1125 if (conn == NULL)
1126 fatal("Couldn't initialise connection to server");
1127
1128 pwd = do_realpath(conn, ".");
1129 if (pwd == NULL)
1130 fatal("Need cwd");
1131
1132 if (file1 != NULL) {
1133 dir = xstrdup(file1);
1134 dir = make_absolute(dir, pwd);
1135
1136 if (remote_is_dir(conn, dir) && file2 == NULL) {
1137 printf("Changing to: %s\n", dir);
1138 snprintf(cmd, sizeof cmd, "cd \"%s\"", dir);
1139 if (parse_dispatch_command(conn, cmd, &pwd, 1) != 0)
1140 return (-1);
1141 } else {
1142 if (file2 == NULL)
1143 snprintf(cmd, sizeof cmd, "get %s", dir);
1144 else
1145 snprintf(cmd, sizeof cmd, "get %s %s", dir,
1146 file2);
1147
1148 err = parse_dispatch_command(conn, cmd, &pwd, 1);
1149 xfree(dir);
1150 xfree(pwd);
1151 return (err);
1152 }
1153 xfree(dir);
1154 }
1155
1156#if HAVE_SETVBUF
1157 setvbuf(stdout, NULL, _IOLBF, 0);
1158 setvbuf(infile, NULL, _IOLBF, 0);
1159#else
1160 setlinebuf(stdout);
1161 setlinebuf(infile);
1162#endif
1163
1164 err = 0;
1165 for (;;) {
1166 char *cp;
1167
1168 printf("sftp> ");
1169
1170 /* XXX: use libedit */
1171 if (fgets(cmd, sizeof(cmd), infile) == NULL) {
1172 printf("\n");
1173 break;
1174 } else if (infile != stdin) /* Bluff typing */
1175 printf("%s", cmd);
1176
1177 cp = strrchr(cmd, '\n');
1178 if (cp)
1179 *cp = '\0';
1180
1181 err = parse_dispatch_command(conn, cmd, &pwd, infile != stdin);
1182 if (err != 0)
1183 break;
1184 }
1185 xfree(pwd);
1186
1187 /* err == 1 signifies normal "quit" exit */
1188 return (err >= 0 ? 0 : -1);
1189}
1190
diff --git a/sftp-int.h b/sftp-int.h
deleted file mode 100644
index 8a04a03f6..000000000
--- a/sftp-int.h
+++ /dev/null
@@ -1,27 +0,0 @@
1/* $OpenBSD: sftp-int.h,v 1.6 2003/01/08 23:53:26 djm Exp $ */
2
3/*
4 * Copyright (c) 2001,2002 Damien Miller. All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25 */
26
27int interactive_loop(int, int, char *, char *);
diff --git a/sftp-server.0 b/sftp-server.0
index fc57814f5..dad6bda73 100644
--- a/sftp-server.0
+++ b/sftp-server.0
@@ -1,4 +1,4 @@
1SFTP-SERVER(8) BSD System ManagerM-bM-^@M-^Ys Manual SFTP-SERVER(8) 1SFTP-SERVER(8) OpenBSD System Manager's Manual SFTP-SERVER(8)
2 2
3NAME 3NAME
4 sftp-server - SFTP server subsystem 4 sftp-server - SFTP server subsystem
@@ -8,20 +8,20 @@ SYNOPSIS
8 8
9DESCRIPTION 9DESCRIPTION
10 sftp-server is a program that speaks the server side of SFTP protocol to 10 sftp-server is a program that speaks the server side of SFTP protocol to
11 stdout and expects client requests from stdin. sftp-server is not 11 stdout and expects client requests from stdin. sftp-server is not in-
12 intended to be called directly, but from sshd(8) using the Subsystem 12 tended to be called directly, but from sshd(8) using the Subsystem op-
13 option. See sshd(8) for more information. 13 tion. See sshd_config(5) for more information.
14 14
15SEE ALSO 15SEE ALSO
16 sftp(1), ssh(1), sshd(8) 16 sftp(1), ssh(1), sshd_config(5), sshd(8)
17 17
18 T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh- 18 T. Ylonen, and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh-
19 filexfer-00.txt, January 2001, work in progress material. 19 filexfer-00.txt, January 2001, work in progress material.
20 20
21AUTHORS 21AUTHORS
22 Markus Friedl M-bM-^LM-)markus@openbsd.orgM-bM-^LM-* 22 Markus Friedl <markus@openbsd.org>
23 23
24HISTORY 24HISTORY
25 sftp-server first appeared in OpenBSD 2.8 . 25 sftp-server first appeared in OpenBSD 2.8 .
26 26
27BSD August 30, 2000 BSD 27OpenBSD 3.4 August 30, 2000 1
diff --git a/sftp-server.8 b/sftp-server.8
index 871f83796..42f5d437c 100644
--- a/sftp-server.8
+++ b/sftp-server.8
@@ -1,4 +1,4 @@
1.\" $OpenBSD: sftp-server.8,v 1.9 2003/06/10 09:12:11 jmc Exp $ 1.\" $OpenBSD: sftp-server.8,v 1.10 2003/10/08 08:27:36 jmc Exp $
2.\" 2.\"
3.\" Copyright (c) 2000 Markus Friedl. All rights reserved. 3.\" Copyright (c) 2000 Markus Friedl. All rights reserved.
4.\" 4.\"
@@ -41,11 +41,12 @@ using the
41.Cm Subsystem 41.Cm Subsystem
42option. 42option.
43See 43See
44.Xr sshd 8 44.Xr sshd_config 5
45for more information. 45for more information.
46.Sh SEE ALSO 46.Sh SEE ALSO
47.Xr sftp 1 , 47.Xr sftp 1 ,
48.Xr ssh 1 , 48.Xr ssh 1 ,
49.Xr sshd_config 5 ,
49.Xr sshd 8 50.Xr sshd 8
50.Rs 51.Rs
51.%A T. Ylonen 52.%A T. Ylonen
diff --git a/sftp-server.c b/sftp-server.c
index 9166853ed..1d13e97b2 100644
--- a/sftp-server.c
+++ b/sftp-server.c
@@ -1,28 +1,20 @@
1/* 1/*
2 * Copyright (c) 2000, 2001, 2002 Markus Friedl. All rights reserved. 2 * Copyright (c) 2000-2004 Markus Friedl. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Permission to use, copy, modify, and distribute this software for any
5 * modification, are permitted provided that the following conditions 5 * purpose with or without fee is hereby granted, provided that the above
6 * are met: 6 * copyright notice and this permission notice appear in all copies.
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * 7 *
13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23 */ 15 */
24#include "includes.h" 16#include "includes.h"
25RCSID("$OpenBSD: sftp-server.c,v 1.43 2003/06/25 22:39:36 miod Exp $"); 17RCSID("$OpenBSD: sftp-server.c,v 1.45 2004/02/19 21:15:04 markus Exp $");
26 18
27#include "buffer.h" 19#include "buffer.h"
28#include "bufaux.h" 20#include "bufaux.h"
@@ -149,7 +141,7 @@ handle_init(void)
149} 141}
150 142
151static int 143static int
152handle_new(int use, char *name, int fd, DIR *dirp) 144handle_new(int use, const char *name, int fd, DIR *dirp)
153{ 145{
154 int i; 146 int i;
155 147
@@ -184,7 +176,7 @@ handle_to_string(int handle, char **stringp, int *hlenp)
184} 176}
185 177
186static int 178static int
187handle_from_string(char *handle, u_int hlen) 179handle_from_string(const char *handle, u_int hlen)
188{ 180{
189 int val; 181 int val;
190 182
@@ -298,7 +290,7 @@ send_status(u_int32_t id, u_int32_t error)
298 buffer_free(&msg); 290 buffer_free(&msg);
299} 291}
300static void 292static void
301send_data_or_handle(char type, u_int32_t id, char *data, int dlen) 293send_data_or_handle(char type, u_int32_t id, const char *data, int dlen)
302{ 294{
303 Buffer msg; 295 Buffer msg;
304 296
@@ -311,7 +303,7 @@ send_data_or_handle(char type, u_int32_t id, char *data, int dlen)
311} 303}
312 304
313static void 305static void
314send_data(u_int32_t id, char *data, int dlen) 306send_data(u_int32_t id, const char *data, int dlen)
315{ 307{
316 TRACE("sent data id %u len %d", id, dlen); 308 TRACE("sent data id %u len %d", id, dlen);
317 send_data_or_handle(SSH2_FXP_DATA, id, data, dlen); 309 send_data_or_handle(SSH2_FXP_DATA, id, data, dlen);
@@ -330,7 +322,7 @@ send_handle(u_int32_t id, int handle)
330} 322}
331 323
332static void 324static void
333send_names(u_int32_t id, int count, Stat *stats) 325send_names(u_int32_t id, int count, const Stat *stats)
334{ 326{
335 Buffer msg; 327 Buffer msg;
336 int i; 328 int i;
@@ -350,7 +342,7 @@ send_names(u_int32_t id, int count, Stat *stats)
350} 342}
351 343
352static void 344static void
353send_attrib(u_int32_t id, Attrib *a) 345send_attrib(u_int32_t id, const Attrib *a)
354{ 346{
355 Buffer msg; 347 Buffer msg;
356 348
@@ -567,7 +559,7 @@ process_fstat(void)
567} 559}
568 560
569static struct timeval * 561static struct timeval *
570attrib_to_tv(Attrib *a) 562attrib_to_tv(const Attrib *a)
571{ 563{
572 static struct timeval tv[2]; 564 static struct timeval tv[2];
573 565
diff --git a/sftp.0 b/sftp.0
index b72ea4700..acb400dad 100644
--- a/sftp.0
+++ b/sftp.0
@@ -1,12 +1,12 @@
1SFTP(1) BSD General Commands Manual SFTP(1) 1SFTP(1) OpenBSD Reference Manual SFTP(1)
2 2
3NAME 3NAME
4 sftp - secure file transfer program 4 sftp - secure file transfer program
5 5
6SYNOPSIS 6SYNOPSIS
7 sftp [-vC1] [-b batchfile] [-o ssh_option] [-s subsystem | sftp_server] 7 sftp [-1Cv] [-B buffer_size] [-b batchfile] [-F ssh_config]
8 [-B buffer_size] [-F ssh_config] [-P sftp_server path] 8 [-o ssh_option] [-P sftp_server_path] [-R num_requests] [-S program]
9 [-R num_requests] [-S program] host 9 [-s subsystem | sftp_server] host
10 sftp [[user@]host[:file [file]]] 10 sftp [[user@]host[:file [file]]]
11 sftp [[user@]host[:dir[/]]] 11 sftp [[user@]host[:dir[/]]]
12 sftp -b batchfile [user@]host 12 sftp -b batchfile [user@]host
@@ -15,8 +15,8 @@ DESCRIPTION
15 sftp is an interactive file transfer program, similar to ftp(1), which 15 sftp is an interactive file transfer program, similar to ftp(1), which
16 performs all operations over an encrypted ssh(1) transport. It may also 16 performs all operations over an encrypted ssh(1) transport. It may also
17 use many features of ssh, such as public key authentication and compres- 17 use many features of ssh, such as public key authentication and compres-
18 sion. sftp connects and logs into the specified host, then enters an 18 sion. sftp connects and logs into the specified host, then enters an in-
19 interactive command mode. 19 teractive command mode.
20 20
21 The second usage format will retrieve files automatically if a non-inter- 21 The second usage format will retrieve files automatically if a non-inter-
22 active authentication method is used; otherwise it will do so after suc- 22 active authentication method is used; otherwise it will do so after suc-
@@ -30,42 +30,81 @@ DESCRIPTION
30 cation to obviate the need to enter a password at connection time (see 30 cation to obviate the need to enter a password at connection time (see
31 sshd(8) and ssh-keygen(1) for details). The options are as follows: 31 sshd(8) and ssh-keygen(1) for details). The options are as follows:
32 32
33 -b batchfile 33 -1 Specify the use of protocol version 1.
34 Batch mode reads a series of commands from an input batchfile
35 instead of stdin. Since it lacks user interaction it should be
36 used in conjunction with non-interactive authentication. sftp
37 will abort if any of the following commands fail: get, put,
38 rename, ln, rm, mkdir, chdir, ls, lchdir, chmod, chown, chgrp,
39 lpwd and lmkdir. Termination on error can be suppressed on a
40 command by command basis by prefixing the command with a M-bM-^@M-^X-M-bM-^@M-^Y
41 character (for example, -rm /tmp/blah*).
42
43 -o ssh_option
44 Can be used to pass options to ssh in the format used in
45 ssh_config(5). This is useful for specifying options for which
46 there is no separate sftp command-line flag. For example, to
47 specify an alternate port use: sftp -oPort=24.
48
49 -s subsystem | sftp_server
50 Specifies the SSH2 subsystem or the path for an sftp server on
51 the remote host. A path is useful for using sftp over protocol
52 version 1, or when the remote sshd(8) does not have an sftp sub-
53 system configured.
54
55 -v Raise logging level. This option is also passed to ssh.
56 34
57 -B buffer_size 35 -B buffer_size
58 Specify the size of the buffer that sftp uses when transferring 36 Specify the size of the buffer that sftp uses when transferring
59 files. Larger buffers require fewer round trips at the cost of 37 files. Larger buffers require fewer round trips at the cost of
60 higher memory consumption. The default is 32768 bytes. 38 higher memory consumption. The default is 32768 bytes.
61 39
62 -C Enables compression (via sshM-bM-^@M-^Ys -C flag). 40 -b batchfile
41 Batch mode reads a series of commands from an input batchfile in-
42 stead of stdin. Since it lacks user interaction it should be
43 used in conjunction with non-interactive authentication. A
44 batchfile of `-' may be used to indicate standard input. sftp
45 will abort if any of the following commands fail: get, put,
46 rename, ln, rm, mkdir, chdir, ls, lchdir, chmod, chown, chgrp,
47 lpwd and lmkdir. Termination on error can be suppressed on a
48 command by command basis by prefixing the command with a `-'
49 character (for example, -rm /tmp/blah*).
50
51 -C Enables compression (via ssh's -C flag).
63 52
64 -F ssh_config 53 -F ssh_config
65 Specifies an alternative per-user configuration file for ssh(1). 54 Specifies an alternative per-user configuration file for ssh(1).
66 This option is directly passed to ssh(1). 55 This option is directly passed to ssh(1).
67 56
68 -P sftp_server path 57 -o ssh_option
58 Can be used to pass options to ssh in the format used in
59 ssh_config(5). This is useful for specifying options for which
60 there is no separate sftp command-line flag. For example, to
61 specify an alternate port use: sftp -oPort=24. For full details
62 of the options listed below, and their possible values, see
63 ssh_config(5).
64
65 AddressFamily
66 BatchMode
67 BindAddress
68 ChallengeResponseAuthentication
69 CheckHostIP
70 Cipher
71 Ciphers
72 Compression
73 CompressionLevel
74 ConnectionAttempts
75 ConnectionTimeout
76 GlobalKnownHostsFile
77 GSSAPIAuthentication
78 GSSAPIDelegateCredentials
79 Host
80 HostbasedAuthentication
81 HostKeyAlgorithms
82 HostKeyAlias
83 HostName
84 IdentityFile
85 LogLevel
86 MACs
87 NoHostAuthenticationForLocalhost
88 NumberOfPasswordPrompts
89 PasswordAuthentication
90 Port
91 PreferredAuthentications
92 Protocol
93 ProxyCommand
94 PubkeyAuthentication
95 RhostsRSAAuthentication
96 RSAAuthentication
97 ServerAliveInterval
98 ServerAliveCountMax
99 SmartcardDevice
100 StrictHostKeyChecking
101 TCPKeepAlive
102 UsePrivilegedPort
103 User
104 UserKnownHostsFile
105 VerifyHostKeyDNS
106
107 -P sftp_server_path
69 Connect directly to a local sftp server (rather than via ssh(1)) 108 Connect directly to a local sftp server (rather than via ssh(1))
70 This option may be useful in debugging the client and server. 109 This option may be useful in debugging the client and server.
71 110
@@ -78,104 +117,104 @@ DESCRIPTION
78 Name of the program to use for the encrypted connection. The 117 Name of the program to use for the encrypted connection. The
79 program must understand ssh(1) options. 118 program must understand ssh(1) options.
80 119
81 -1 Specify the use of protocol version 1. 120 -s subsystem | sftp_server
121 Specifies the SSH2 subsystem or the path for an sftp server on
122 the remote host. A path is useful for using sftp over protocol
123 version 1, or when the remote sshd(8) does not have an sftp sub-
124 system configured.
125
126 -v Raise logging level. This option is also passed to ssh.
82 127
83INTERACTIVE COMMANDS 128INTERACTIVE COMMANDS
84 Once in interactive mode, sftp understands a set of commands similar to 129 Once in interactive mode, sftp understands a set of commands similar to
85 those of ftp(1). Commands are case insensitive and pathnames may be 130 those of ftp(1). Commands are case insensitive and pathnames may be en-
86 enclosed in quotes if they contain spaces. 131 closed in quotes if they contain spaces.
87 132
88 bye Quit sftp. 133 bye Quit sftp.
89 134
90 cd path 135 cd path Change remote directory to path.
91 Change remote directory to path.
92
93 lcd path
94 Change local directory to path.
95 136
96 chgrp grp path 137 chgrp grp path
97 Change group of file path to grp. grp must be a numeric GID. 138 Change group of file path to grp. grp must be a numeric GID.
98 139
99 chmod mode path 140 chmod mode path
100 Change permissions of file path to mode. 141 Change permissions of file path to mode.
101 142
102 chown own path 143 chown own path
103 Change owner of file path to own. own must be a numeric UID. 144 Change owner of file path to own. own must be a numeric UID.
104 145
105 exit Quit sftp. 146 exit Quit sftp.
106 147
107 get [flags] remote-path [local-path] 148 get [flags] remote-path [local-path]
108 Retrieve the remote-path and store it on the local machine. If 149 Retrieve the remote-path and store it on the local machine.
109 the local path name is not specified, it is given the same name 150 If the local path name is not specified, it is given the same
110 it has on the remote machine. If the -P flag is specified, then 151 name it has on the remote machine. If the -P flag is speci-
111 the fileM-bM-^@M-^Ys full permission and access time are copied too. 152 fied, then the file's full permission and access time are
153 copied too.
154
155 help Display help text.
112 156
113 help Display help text. 157 lcd path Change local directory to path.
114 158
115 lls [ls-options [path]] 159 lls [ls-options [path]]
116 Display local directory listing of either path or current direc- 160 Display local directory listing of either path or current di-
117 tory if path is not specified. 161 rectory if path is not specified.
118 162
119 lmkdir path 163 lmkdir path
120 Create local directory specified by path. 164 Create local directory specified by path.
121 165
122 ln oldpath newpath 166 ln oldpath newpath
123 Create a symbolic link from oldpath to newpath. 167 Create a symbolic link from oldpath to newpath.
124 168
125 lpwd Print local working directory. 169 lpwd Print local working directory.
126 170
127 ls [flags] [path] 171 ls [flags] [path]
128 Display remote directory listing of either path or current direc- 172 Display remote directory listing of either path or current
129 tory if path is not specified. If the -l flag is specified, then 173 directory if path is not specified. If the -l flag is speci-
130 display additional details including permissions and ownership 174 fied, then display additional details including permissions
131 information. 175 and ownership information.
132 176
133 lumask umask 177 lumask umask
134 Set local umask to umask. 178 Set local umask to umask.
135 179
136 mkdir path 180 mkdir path Create remote directory specified by path.
137 Create remote directory specified by path.
138 181
139 progress 182 progress Toggle display of progress meter.
140 Toggle display of progress meter.
141 183
142 put [flags] local-path [remote-path] 184 put [flags] local-path [remote-path]
143 Upload local-path and store it on the remote machine. If the 185 Upload local-path and store it on the remote machine. If the
144 remote path name is not specified, it is given the same name it 186 remote path name is not specified, it is given the same name
145 has on the local machine. If the -P flag is specified, then the 187 it has on the local machine. If the -P flag is specified,
146 fileM-bM-^@M-^Ys full permission and access time are copied too. 188 then the file's full permission and access time are copied
189 too.
147 190
148 pwd Display remote working directory. 191 pwd Display remote working directory.
149 192
150 quit Quit sftp. 193 quit Quit sftp.
151 194
152 rename oldpath newpath 195 rename oldpath newpath
153 Rename remote file from oldpath to newpath. 196 Rename remote file from oldpath to newpath.
154 197
155 rmdir path 198 rm path Delete remote file specified by path.
156 Remove remote directory specified by path.
157 199
158 rm path 200 rmdir path Remove remote directory specified by path.
159 Delete remote file specified by path.
160 201
161 symlink oldpath newpath 202 symlink oldpath newpath
162 Create a symbolic link from oldpath to newpath. 203 Create a symbolic link from oldpath to newpath.
163 204
164 version 205 version Display the sftp protocol version.
165 Display the sftp protocol version.
166 206
167 ! command 207 ! command Execute command in local shell.
168 Execute command in local shell.
169 208
170 ! Escape to local shell. 209 ! Escape to local shell.
171 210
172 ? Synonym for help. 211 ? Synonym for help.
173 212
174SEE ALSO 213SEE ALSO
175 scp(1), ssh(1), ssh-add(1), ssh-keygen(1), ssh_config(5), sftp-server(8), 214 ftp(1), scp(1), ssh(1), ssh-add(1), ssh-keygen(1), ssh_config(5),
176 sshd(8) 215 sftp-server(8), sshd(8)
177 216
178 T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh- 217 T. Ylonen, and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh-
179 filexfer-00.txt, January 2001, work in progress material. 218 filexfer-00.txt, January 2001, work in progress material.
180 219
181BSD February 4, 2001 BSD 220OpenBSD 3.4 February 4, 2001 4
diff --git a/sftp.1 b/sftp.1
index 753a4f2b9..2a67a888e 100644
--- a/sftp.1
+++ b/sftp.1
@@ -1,4 +1,4 @@
1.\" $OpenBSD: sftp.1,v 1.45 2003/09/02 18:50:06 jmc Exp $ 1.\" $OpenBSD: sftp.1,v 1.51 2004/01/13 12:17:33 jmc Exp $
2.\" 2.\"
3.\" Copyright (c) 2001 Damien Miller. All rights reserved. 3.\" Copyright (c) 2001 Damien Miller. All rights reserved.
4.\" 4.\"
@@ -31,15 +31,15 @@
31.Sh SYNOPSIS 31.Sh SYNOPSIS
32.Nm sftp 32.Nm sftp
33.Bk -words 33.Bk -words
34.Op Fl vC1 34.Op Fl 1Cv
35.Op Fl b Ar batchfile
36.Op Fl o Ar ssh_option
37.Op Fl s Ar subsystem | sftp_server
38.Op Fl B Ar buffer_size 35.Op Fl B Ar buffer_size
36.Op Fl b Ar batchfile
39.Op Fl F Ar ssh_config 37.Op Fl F Ar ssh_config
40.Op Fl P Ar sftp_server path 38.Op Fl o Ar ssh_option
39.Op Fl P Ar sftp_server_path
41.Op Fl R Ar num_requests 40.Op Fl R Ar num_requests
42.Op Fl S Ar program 41.Op Fl S Ar program
42.Op Fl s Ar subsystem | sftp_server
43.Ar host 43.Ar host
44.Ek 44.Ek
45.Nm sftp 45.Nm sftp
@@ -84,6 +84,15 @@ and
84for details). 84for details).
85The options are as follows: 85The options are as follows:
86.Bl -tag -width Ds 86.Bl -tag -width Ds
87.It Fl 1
88Specify the use of protocol version 1.
89.It Fl B Ar buffer_size
90Specify the size of the buffer that
91.Nm
92uses when transferring files.
93Larger buffers require fewer round trips at the cost of higher
94memory consumption.
95The default is 32768 bytes.
87.It Fl b Ar batchfile 96.It Fl b Ar batchfile
88Batch mode reads a series of commands from an input 97Batch mode reads a series of commands from an input
89.Ar batchfile 98.Ar batchfile
@@ -91,6 +100,11 @@ instead of
91.Em stdin . 100.Em stdin .
92Since it lacks user interaction it should be used in conjunction with 101Since it lacks user interaction it should be used in conjunction with
93non-interactive authentication. 102non-interactive authentication.
103A
104.Ar batchfile
105of
106.Sq \-
107may be used to indicate standard input.
94.Nm 108.Nm
95will abort if any of the following 109will abort if any of the following
96commands fail: 110commands fail:
@@ -101,9 +115,19 @@ and
101.Ic lmkdir . 115.Ic lmkdir .
102Termination on error can be suppressed on a command by command basis by 116Termination on error can be suppressed on a command by command basis by
103prefixing the command with a 117prefixing the command with a
104.Sq Ic \- 118.Sq \-
105character (for example, 119character (for example,
106.Ic -rm /tmp/blah* ) . 120.Ic -rm /tmp/blah* ) .
121.It Fl C
122Enables compression (via ssh's
123.Fl C
124flag).
125.It Fl F Ar ssh_config
126Specifies an alternative
127per-user configuration file for
128.Xr ssh 1 .
129This option is directly passed to
130.Xr ssh 1 .
107.It Fl o Ar ssh_option 131.It Fl o Ar ssh_option
108Can be used to pass options to 132Can be used to pass options to
109.Nm ssh 133.Nm ssh
@@ -115,35 +139,53 @@ for which there is no separate
115command-line flag. 139command-line flag.
116For example, to specify an alternate port use: 140For example, to specify an alternate port use:
117.Ic sftp -oPort=24 . 141.Ic sftp -oPort=24 .
118.It Fl s Ar subsystem | sftp_server 142For full details of the options listed below, and their possible values, see
119Specifies the SSH2 subsystem or the path for an sftp server 143.Xr ssh_config 5 .
120on the remote host. 144.Pp
121A path is useful for using 145.Bl -tag -width Ds -offset indent -compact
122.Nm 146.It AddressFamily
123over protocol version 1, or when the remote 147.It BatchMode
124.Xr sshd 8 148.It BindAddress
125does not have an sftp subsystem configured. 149.It ChallengeResponseAuthentication
126.It Fl v 150.It CheckHostIP
127Raise logging level. 151.It Cipher
128This option is also passed to ssh. 152.It Ciphers
129.It Fl B Ar buffer_size 153.It Compression
130Specify the size of the buffer that 154.It CompressionLevel
131.Nm 155.It ConnectionAttempts
132uses when transferring files. 156.It ConnectionTimeout
133Larger buffers require fewer round trips at the cost of higher 157.It GlobalKnownHostsFile
134memory consumption. 158.It GSSAPIAuthentication
135The default is 32768 bytes. 159.It GSSAPIDelegateCredentials
136.It Fl C 160.It Host
137Enables compression (via ssh's 161.It HostbasedAuthentication
138.Fl C 162.It HostKeyAlgorithms
139flag). 163.It HostKeyAlias
140.It Fl F Ar ssh_config 164.It HostName
141Specifies an alternative 165.It IdentityFile
142per-user configuration file for 166.It LogLevel
143.Xr ssh 1 . 167.It MACs
144This option is directly passed to 168.It NoHostAuthenticationForLocalhost
145.Xr ssh 1 . 169.It NumberOfPasswordPrompts
146.It Fl P Ar sftp_server path 170.It PasswordAuthentication
171.It Port
172.It PreferredAuthentications
173.It Protocol
174.It ProxyCommand
175.It PubkeyAuthentication
176.It RhostsRSAAuthentication
177.It RSAAuthentication
178.It ServerAliveInterval
179.It ServerAliveCountMax
180.It SmartcardDevice
181.It StrictHostKeyChecking
182.It TCPKeepAlive
183.It UsePrivilegedPort
184.It User
185.It UserKnownHostsFile
186.It VerifyHostKeyDNS
187.El
188.It Fl P Ar sftp_server_path
147Connect directly to a local sftp server 189Connect directly to a local sftp server
148(rather than via 190(rather than via
149.Xr ssh 1 ) 191.Xr ssh 1 )
@@ -160,8 +202,17 @@ to use for the encrypted connection.
160The program must understand 202The program must understand
161.Xr ssh 1 203.Xr ssh 1
162options. 204options.
163.It Fl 1 205.It Fl s Ar subsystem | sftp_server
164Specify the use of protocol version 1. 206Specifies the SSH2 subsystem or the path for an sftp server
207on the remote host.
208A path is useful for using
209.Nm
210over protocol version 1, or when the remote
211.Xr sshd 8
212does not have an sftp subsystem configured.
213.It Fl v
214Raise logging level.
215This option is also passed to ssh.
165.El 216.El
166.Sh INTERACTIVE COMMANDS 217.Sh INTERACTIVE COMMANDS
167Once in interactive mode, 218Once in interactive mode,
@@ -170,16 +221,13 @@ understands a set of commands similar to those of
170.Xr ftp 1 . 221.Xr ftp 1 .
171Commands are case insensitive and pathnames may be enclosed in quotes if they 222Commands are case insensitive and pathnames may be enclosed in quotes if they
172contain spaces. 223contain spaces.
173.Bl -tag -width Ds 224.Bl -tag -width "lmdir path"
174.It Ic bye 225.It Ic bye
175Quit 226Quit
176.Nm sftp . 227.Nm sftp .
177.It Ic cd Ar path 228.It Ic cd Ar path
178Change remote directory to 229Change remote directory to
179.Ar path . 230.Ar path .
180.It Ic lcd Ar path
181Change local directory to
182.Ar path .
183.It Ic chgrp Ar grp Ar path 231.It Ic chgrp Ar grp Ar path
184Change group of file 232Change group of file
185.Ar path 233.Ar path
@@ -219,6 +267,9 @@ flag is specified, then the file's full permission and access time are
219copied too. 267copied too.
220.It Ic help 268.It Ic help
221Display help text. 269Display help text.
270.It Ic lcd Ar path
271Change local directory to
272.Ar path .
222.It Ic lls Op Ar ls-options Op Ar path 273.It Ic lls Op Ar ls-options Op Ar path
223Display local directory listing of either 274Display local directory listing of either
224.Ar path 275.Ar path
@@ -280,12 +331,12 @@ Rename remote file from
280.Ar oldpath 331.Ar oldpath
281to 332to
282.Ar newpath . 333.Ar newpath .
283.It Ic rmdir Ar path
284Remove remote directory specified by
285.Ar path .
286.It Ic rm Ar path 334.It Ic rm Ar path
287Delete remote file specified by 335Delete remote file specified by
288.Ar path . 336.Ar path .
337.It Ic rmdir Ar path
338Remove remote directory specified by
339.Ar path .
289.It Ic symlink Ar oldpath Ar newpath 340.It Ic symlink Ar oldpath Ar newpath
290Create a symbolic link from 341Create a symbolic link from
291.Ar oldpath 342.Ar oldpath
@@ -305,6 +356,7 @@ Escape to local shell.
305Synonym for help. 356Synonym for help.
306.El 357.El
307.Sh SEE ALSO 358.Sh SEE ALSO
359.Xr ftp 1 ,
308.Xr scp 1 , 360.Xr scp 1 ,
309.Xr ssh 1 , 361.Xr ssh 1 ,
310.Xr ssh-add 1 , 362.Xr ssh-add 1 ,
diff --git a/sftp.c b/sftp.c
index c2a6593b8..7f7f50731 100644
--- a/sftp.c
+++ b/sftp.c
@@ -1,30 +1,22 @@
1/* 1/*
2 * Copyright (c) 2001,2002 Damien Miller. All rights reserved. 2 * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Permission to use, copy, modify, and distribute this software for any
5 * modification, are permitted provided that the following conditions 5 * purpose with or without fee is hereby granted, provided that the above
6 * are met: 6 * copyright notice and this permission notice appear in all copies.
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * 7 *
13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23 */ 15 */
24 16
25#include "includes.h" 17#include "includes.h"
26 18
27RCSID("$OpenBSD: sftp.c,v 1.37 2003/07/10 20:05:55 markus Exp $"); 19RCSID("$OpenBSD: sftp.c,v 1.44 2004/02/17 11:03:08 djm Exp $");
28 20
29#include "buffer.h" 21#include "buffer.h"
30#include "xmalloc.h" 22#include "xmalloc.h"
@@ -35,7 +27,27 @@ RCSID("$OpenBSD: sftp.c,v 1.37 2003/07/10 20:05:55 markus Exp $");
35#include "sftp.h" 27#include "sftp.h"
36#include "sftp-common.h" 28#include "sftp-common.h"
37#include "sftp-client.h" 29#include "sftp-client.h"
38#include "sftp-int.h" 30
31/* File to read commands from */
32FILE* infile;
33
34/* Are we in batchfile mode? */
35int batchmode = 0;
36
37/* Size of buffer used when copying files */
38size_t copy_buffer_len = 32768;
39
40/* Number of concurrent outstanding requests */
41size_t num_requests = 16;
42
43/* PID of ssh transport process */
44static pid_t sshpid = -1;
45
46/* This is set to 0 if the progressmeter is not desired. */
47int showprogress;
48
49int remote_glob(struct sftp_conn *, const char *, int,
50 int (*)(const char *, int), glob_t *); /* proto for sftp-glob.c */
39 51
40#ifdef HAVE___PROGNAME 52#ifdef HAVE___PROGNAME
41extern char *__progname; 53extern char *__progname;
@@ -43,12 +55,1155 @@ extern char *__progname;
43char *__progname; 55char *__progname;
44#endif 56#endif
45 57
46FILE* infile; 58/* Separators for interactive commands */
47size_t copy_buffer_len = 32768; 59#define WHITESPACE " \t\r\n"
48size_t num_requests = 16; 60
49static pid_t sshpid = -1; 61/* Define what type of ls view (0 - multi-column) */
62#define LONG_VIEW 1 /* Full view ala ls -l */
63#define SHORT_VIEW 2 /* Single row view ala ls -1 */
64
65/* Commands for interactive mode */
66#define I_CHDIR 1
67#define I_CHGRP 2
68#define I_CHMOD 3
69#define I_CHOWN 4
70#define I_GET 5
71#define I_HELP 6
72#define I_LCHDIR 7
73#define I_LLS 8
74#define I_LMKDIR 9
75#define I_LPWD 10
76#define I_LS 11
77#define I_LUMASK 12
78#define I_MKDIR 13
79#define I_PUT 14
80#define I_PWD 15
81#define I_QUIT 16
82#define I_RENAME 17
83#define I_RM 18
84#define I_RMDIR 19
85#define I_SHELL 20
86#define I_SYMLINK 21
87#define I_VERSION 22
88#define I_PROGRESS 23
89
90struct CMD {
91 const char *c;
92 const int n;
93};
94
95static const struct CMD cmds[] = {
96 { "bye", I_QUIT },
97 { "cd", I_CHDIR },
98 { "chdir", I_CHDIR },
99 { "chgrp", I_CHGRP },
100 { "chmod", I_CHMOD },
101 { "chown", I_CHOWN },
102 { "dir", I_LS },
103 { "exit", I_QUIT },
104 { "get", I_GET },
105 { "mget", I_GET },
106 { "help", I_HELP },
107 { "lcd", I_LCHDIR },
108 { "lchdir", I_LCHDIR },
109 { "lls", I_LLS },
110 { "lmkdir", I_LMKDIR },
111 { "ln", I_SYMLINK },
112 { "lpwd", I_LPWD },
113 { "ls", I_LS },
114 { "lumask", I_LUMASK },
115 { "mkdir", I_MKDIR },
116 { "progress", I_PROGRESS },
117 { "put", I_PUT },
118 { "mput", I_PUT },
119 { "pwd", I_PWD },
120 { "quit", I_QUIT },
121 { "rename", I_RENAME },
122 { "rm", I_RM },
123 { "rmdir", I_RMDIR },
124 { "symlink", I_SYMLINK },
125 { "version", I_VERSION },
126 { "!", I_SHELL },
127 { "?", I_HELP },
128 { NULL, -1}
129};
50 130
51extern int showprogress; 131int interactive_loop(int fd_in, int fd_out, char *file1, char *file2);
132
133static void
134help(void)
135{
136 printf("Available commands:\n");
137 printf("cd path Change remote directory to 'path'\n");
138 printf("lcd path Change local directory to 'path'\n");
139 printf("chgrp grp path Change group of file 'path' to 'grp'\n");
140 printf("chmod mode path Change permissions of file 'path' to 'mode'\n");
141 printf("chown own path Change owner of file 'path' to 'own'\n");
142 printf("help Display this help text\n");
143 printf("get remote-path [local-path] Download file\n");
144 printf("lls [ls-options [path]] Display local directory listing\n");
145 printf("ln oldpath newpath Symlink remote file\n");
146 printf("lmkdir path Create local directory\n");
147 printf("lpwd Print local working directory\n");
148 printf("ls [path] Display remote directory listing\n");
149 printf("lumask umask Set local umask to 'umask'\n");
150 printf("mkdir path Create remote directory\n");
151 printf("progress Toggle display of progress meter\n");
152 printf("put local-path [remote-path] Upload file\n");
153 printf("pwd Display remote working directory\n");
154 printf("exit Quit sftp\n");
155 printf("quit Quit sftp\n");
156 printf("rename oldpath newpath Rename remote file\n");
157 printf("rmdir path Remove remote directory\n");
158 printf("rm path Delete remote file\n");
159 printf("symlink oldpath newpath Symlink remote file\n");
160 printf("version Show SFTP version\n");
161 printf("!command Execute 'command' in local shell\n");
162 printf("! Escape to local shell\n");
163 printf("? Synonym for help\n");
164}
165
166static void
167local_do_shell(const char *args)
168{
169 int status;
170 char *shell;
171 pid_t pid;
172
173 if (!*args)
174 args = NULL;
175
176 if ((shell = getenv("SHELL")) == NULL)
177 shell = _PATH_BSHELL;
178
179 if ((pid = fork()) == -1)
180 fatal("Couldn't fork: %s", strerror(errno));
181
182 if (pid == 0) {
183 /* XXX: child has pipe fds to ssh subproc open - issue? */
184 if (args) {
185 debug3("Executing %s -c \"%s\"", shell, args);
186 execl(shell, shell, "-c", args, (char *)NULL);
187 } else {
188 debug3("Executing %s", shell);
189 execl(shell, shell, (char *)NULL);
190 }
191 fprintf(stderr, "Couldn't execute \"%s\": %s\n", shell,
192 strerror(errno));
193 _exit(1);
194 }
195 while (waitpid(pid, &status, 0) == -1)
196 if (errno != EINTR)
197 fatal("Couldn't wait for child: %s", strerror(errno));
198 if (!WIFEXITED(status))
199 error("Shell exited abormally");
200 else if (WEXITSTATUS(status))
201 error("Shell exited with status %d", WEXITSTATUS(status));
202}
203
204static void
205local_do_ls(const char *args)
206{
207 if (!args || !*args)
208 local_do_shell(_PATH_LS);
209 else {
210 int len = strlen(_PATH_LS " ") + strlen(args) + 1;
211 char *buf = xmalloc(len);
212
213 /* XXX: quoting - rip quoting code from ftp? */
214 snprintf(buf, len, _PATH_LS " %s", args);
215 local_do_shell(buf);
216 xfree(buf);
217 }
218}
219
220/* Strip one path (usually the pwd) from the start of another */
221static char *
222path_strip(char *path, char *strip)
223{
224 size_t len;
225
226 if (strip == NULL)
227 return (xstrdup(path));
228
229 len = strlen(strip);
230 if (strip != NULL && strncmp(path, strip, len) == 0) {
231 if (strip[len - 1] != '/' && path[len] == '/')
232 len++;
233 return (xstrdup(path + len));
234 }
235
236 return (xstrdup(path));
237}
238
239static char *
240path_append(char *p1, char *p2)
241{
242 char *ret;
243 int len = strlen(p1) + strlen(p2) + 2;
244
245 ret = xmalloc(len);
246 strlcpy(ret, p1, len);
247 if (p1[strlen(p1) - 1] != '/')
248 strlcat(ret, "/", len);
249 strlcat(ret, p2, len);
250
251 return(ret);
252}
253
254static char *
255make_absolute(char *p, char *pwd)
256{
257 char *abs;
258
259 /* Derelativise */
260 if (p && p[0] != '/') {
261 abs = path_append(pwd, p);
262 xfree(p);
263 return(abs);
264 } else
265 return(p);
266}
267
268static int
269infer_path(const char *p, char **ifp)
270{
271 char *cp;
272
273 cp = strrchr(p, '/');
274 if (cp == NULL) {
275 *ifp = xstrdup(p);
276 return(0);
277 }
278
279 if (!cp[1]) {
280 error("Invalid path");
281 return(-1);
282 }
283
284 *ifp = xstrdup(cp + 1);
285 return(0);
286}
287
288static int
289parse_getput_flags(const char **cpp, int *pflag)
290{
291 const char *cp = *cpp;
292
293 /* Check for flags */
294 if (cp[0] == '-' && cp[1] && strchr(WHITESPACE, cp[2])) {
295 switch (cp[1]) {
296 case 'p':
297 case 'P':
298 *pflag = 1;
299 break;
300 default:
301 error("Invalid flag -%c", cp[1]);
302 return(-1);
303 }
304 cp += 2;
305 *cpp = cp + strspn(cp, WHITESPACE);
306 }
307
308 return(0);
309}
310
311static int
312parse_ls_flags(const char **cpp, int *lflag)
313{
314 const char *cp = *cpp;
315
316 /* Check for flags */
317 if (cp++[0] == '-') {
318 for(; strchr(WHITESPACE, *cp) == NULL; cp++) {
319 switch (*cp) {
320 case 'l':
321 *lflag = LONG_VIEW;
322 break;
323 case '1':
324 *lflag = SHORT_VIEW;
325 break;
326 default:
327 error("Invalid flag -%c", *cp);
328 return(-1);
329 }
330 }
331 *cpp = cp + strspn(cp, WHITESPACE);
332 }
333
334 return(0);
335}
336
337static int
338get_pathname(const char **cpp, char **path)
339{
340 const char *cp = *cpp, *end;
341 char quot;
342 int i, j;
343
344 cp += strspn(cp, WHITESPACE);
345 if (!*cp) {
346 *cpp = cp;
347 *path = NULL;
348 return (0);
349 }
350
351 *path = xmalloc(strlen(cp) + 1);
352
353 /* Check for quoted filenames */
354 if (*cp == '\"' || *cp == '\'') {
355 quot = *cp++;
356
357 /* Search for terminating quote, unescape some chars */
358 for (i = j = 0; i <= strlen(cp); i++) {
359 if (cp[i] == quot) { /* Found quote */
360 i++;
361 (*path)[j] = '\0';
362 break;
363 }
364 if (cp[i] == '\0') { /* End of string */
365 error("Unterminated quote");
366 goto fail;
367 }
368 if (cp[i] == '\\') { /* Escaped characters */
369 i++;
370 if (cp[i] != '\'' && cp[i] != '\"' &&
371 cp[i] != '\\') {
372 error("Bad escaped character '\%c'",
373 cp[i]);
374 goto fail;
375 }
376 }
377 (*path)[j++] = cp[i];
378 }
379
380 if (j == 0) {
381 error("Empty quotes");
382 goto fail;
383 }
384 *cpp = cp + i + strspn(cp + i, WHITESPACE);
385 } else {
386 /* Read to end of filename */
387 end = strpbrk(cp, WHITESPACE);
388 if (end == NULL)
389 end = strchr(cp, '\0');
390 *cpp = end + strspn(end, WHITESPACE);
391
392 memcpy(*path, cp, end - cp);
393 (*path)[end - cp] = '\0';
394 }
395 return (0);
396
397 fail:
398 xfree(*path);
399 *path = NULL;
400 return (-1);
401}
402
403static int
404is_dir(char *path)
405{
406 struct stat sb;
407
408 /* XXX: report errors? */
409 if (stat(path, &sb) == -1)
410 return(0);
411
412 return(sb.st_mode & S_IFDIR);
413}
414
415static int
416is_reg(char *path)
417{
418 struct stat sb;
419
420 if (stat(path, &sb) == -1)
421 fatal("stat %s: %s", path, strerror(errno));
422
423 return(S_ISREG(sb.st_mode));
424}
425
426static int
427remote_is_dir(struct sftp_conn *conn, char *path)
428{
429 Attrib *a;
430
431 /* XXX: report errors? */
432 if ((a = do_stat(conn, path, 1)) == NULL)
433 return(0);
434 if (!(a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS))
435 return(0);
436 return(a->perm & S_IFDIR);
437}
438
439static int
440process_get(struct sftp_conn *conn, char *src, char *dst, char *pwd, int pflag)
441{
442 char *abs_src = NULL;
443 char *abs_dst = NULL;
444 char *tmp;
445 glob_t g;
446 int err = 0;
447 int i;
448
449 abs_src = xstrdup(src);
450 abs_src = make_absolute(abs_src, pwd);
451
452 memset(&g, 0, sizeof(g));
453 debug3("Looking up %s", abs_src);
454 if (remote_glob(conn, abs_src, 0, NULL, &g)) {
455 error("File \"%s\" not found.", abs_src);
456 err = -1;
457 goto out;
458 }
459
460 /* If multiple matches, dst must be a directory or unspecified */
461 if (g.gl_matchc > 1 && dst && !is_dir(dst)) {
462 error("Multiple files match, but \"%s\" is not a directory",
463 dst);
464 err = -1;
465 goto out;
466 }
467
468 for (i = 0; g.gl_pathv[i]; i++) {
469 if (infer_path(g.gl_pathv[i], &tmp)) {
470 err = -1;
471 goto out;
472 }
473
474 if (g.gl_matchc == 1 && dst) {
475 /* If directory specified, append filename */
476 if (is_dir(dst)) {
477 if (infer_path(g.gl_pathv[0], &tmp)) {
478 err = 1;
479 goto out;
480 }
481 abs_dst = path_append(dst, tmp);
482 xfree(tmp);
483 } else
484 abs_dst = xstrdup(dst);
485 } else if (dst) {
486 abs_dst = path_append(dst, tmp);
487 xfree(tmp);
488 } else
489 abs_dst = tmp;
490
491 printf("Fetching %s to %s\n", g.gl_pathv[i], abs_dst);
492 if (do_download(conn, g.gl_pathv[i], abs_dst, pflag) == -1)
493 err = -1;
494 xfree(abs_dst);
495 abs_dst = NULL;
496 }
497
498out:
499 xfree(abs_src);
500 if (abs_dst)
501 xfree(abs_dst);
502 globfree(&g);
503 return(err);
504}
505
506static int
507process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd, int pflag)
508{
509 char *tmp_dst = NULL;
510 char *abs_dst = NULL;
511 char *tmp;
512 glob_t g;
513 int err = 0;
514 int i;
515
516 if (dst) {
517 tmp_dst = xstrdup(dst);
518 tmp_dst = make_absolute(tmp_dst, pwd);
519 }
520
521 memset(&g, 0, sizeof(g));
522 debug3("Looking up %s", src);
523 if (glob(src, 0, NULL, &g)) {
524 error("File \"%s\" not found.", src);
525 err = -1;
526 goto out;
527 }
528
529 /* If multiple matches, dst may be directory or unspecified */
530 if (g.gl_matchc > 1 && tmp_dst && !remote_is_dir(conn, tmp_dst)) {
531 error("Multiple files match, but \"%s\" is not a directory",
532 tmp_dst);
533 err = -1;
534 goto out;
535 }
536
537 for (i = 0; g.gl_pathv[i]; i++) {
538 if (!is_reg(g.gl_pathv[i])) {
539 error("skipping non-regular file %s",
540 g.gl_pathv[i]);
541 continue;
542 }
543 if (infer_path(g.gl_pathv[i], &tmp)) {
544 err = -1;
545 goto out;
546 }
547
548 if (g.gl_matchc == 1 && tmp_dst) {
549 /* If directory specified, append filename */
550 if (remote_is_dir(conn, tmp_dst)) {
551 if (infer_path(g.gl_pathv[0], &tmp)) {
552 err = 1;
553 goto out;
554 }
555 abs_dst = path_append(tmp_dst, tmp);
556 xfree(tmp);
557 } else
558 abs_dst = xstrdup(tmp_dst);
559
560 } else if (tmp_dst) {
561 abs_dst = path_append(tmp_dst, tmp);
562 xfree(tmp);
563 } else
564 abs_dst = make_absolute(tmp, pwd);
565
566 printf("Uploading %s to %s\n", g.gl_pathv[i], abs_dst);
567 if (do_upload(conn, g.gl_pathv[i], abs_dst, pflag) == -1)
568 err = -1;
569 }
570
571out:
572 if (abs_dst)
573 xfree(abs_dst);
574 if (tmp_dst)
575 xfree(tmp_dst);
576 globfree(&g);
577 return(err);
578}
579
580static int
581sdirent_comp(const void *aa, const void *bb)
582{
583 SFTP_DIRENT *a = *(SFTP_DIRENT **)aa;
584 SFTP_DIRENT *b = *(SFTP_DIRENT **)bb;
585
586 return (strcmp(a->filename, b->filename));
587}
588
589/* sftp ls.1 replacement for directories */
590static int
591do_ls_dir(struct sftp_conn *conn, char *path, char *strip_path, int lflag)
592{
593 int n, c = 1, colspace = 0, columns = 1;
594 SFTP_DIRENT **d;
595
596 if ((n = do_readdir(conn, path, &d)) != 0)
597 return (n);
598
599 if (!(lflag & SHORT_VIEW)) {
600 int m = 0, width = 80;
601 struct winsize ws;
602 char *tmp;
603
604 /* Count entries for sort and find longest filename */
605 for (n = 0; d[n] != NULL; n++)
606 m = MAX(m, strlen(d[n]->filename));
607
608 /* Add any subpath that also needs to be counted */
609 tmp = path_strip(path, strip_path);
610 m += strlen(tmp);
611 xfree(tmp);
612
613 if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) != -1)
614 width = ws.ws_col;
615
616 columns = width / (m + 2);
617 columns = MAX(columns, 1);
618 colspace = width / columns;
619 colspace = MIN(colspace, width);
620 }
621
622 qsort(d, n, sizeof(*d), sdirent_comp);
623
624 for (n = 0; d[n] != NULL; n++) {
625 char *tmp, *fname;
626
627 tmp = path_append(path, d[n]->filename);
628 fname = path_strip(tmp, strip_path);
629 xfree(tmp);
630
631 if (lflag & LONG_VIEW) {
632 char *lname;
633 struct stat sb;
634
635 memset(&sb, 0, sizeof(sb));
636 attrib_to_stat(&d[n]->a, &sb);
637 lname = ls_file(fname, &sb, 1);
638 printf("%s\n", lname);
639 xfree(lname);
640 } else {
641 printf("%-*s", colspace, fname);
642 if (c >= columns) {
643 printf("\n");
644 c = 1;
645 } else
646 c++;
647 }
648
649 xfree(fname);
650 }
651
652 if (!(lflag & LONG_VIEW) && (c != 1))
653 printf("\n");
654
655 free_sftp_dirents(d);
656 return (0);
657}
658
659/* sftp ls.1 replacement which handles path globs */
660static int
661do_globbed_ls(struct sftp_conn *conn, char *path, char *strip_path,
662 int lflag)
663{
664 glob_t g;
665 int i, c = 1, colspace = 0, columns = 1;
666 Attrib *a;
667
668 memset(&g, 0, sizeof(g));
669
670 if (remote_glob(conn, path, GLOB_MARK|GLOB_NOCHECK|GLOB_BRACE,
671 NULL, &g)) {
672 error("Can't ls: \"%s\" not found", path);
673 return (-1);
674 }
675
676 /*
677 * If the glob returns a single match, which is the same as the
678 * input glob, and it is a directory, then just list its contents
679 */
680 if (g.gl_pathc == 1 &&
681 strncmp(path, g.gl_pathv[0], strlen(g.gl_pathv[0]) - 1) == 0) {
682 if ((a = do_lstat(conn, path, 1)) == NULL) {
683 globfree(&g);
684 return (-1);
685 }
686 if ((a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) &&
687 S_ISDIR(a->perm)) {
688 globfree(&g);
689 return (do_ls_dir(conn, path, strip_path, lflag));
690 }
691 }
692
693 if (!(lflag & SHORT_VIEW)) {
694 int m = 0, width = 80;
695 struct winsize ws;
696
697 /* Count entries for sort and find longest filename */
698 for (i = 0; g.gl_pathv[i]; i++)
699 m = MAX(m, strlen(g.gl_pathv[i]));
700
701 if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) != -1)
702 width = ws.ws_col;
703
704 columns = width / (m + 2);
705 columns = MAX(columns, 1);
706 colspace = width / columns;
707 }
708
709 for (i = 0; g.gl_pathv[i]; i++) {
710 char *fname;
711
712 fname = path_strip(g.gl_pathv[i], strip_path);
713
714 if (lflag & LONG_VIEW) {
715 char *lname;
716 struct stat sb;
717
718 /*
719 * XXX: this is slow - 1 roundtrip per path
720 * A solution to this is to fork glob() and
721 * build a sftp specific version which keeps the
722 * attribs (which currently get thrown away)
723 * that the server returns as well as the filenames.
724 */
725 memset(&sb, 0, sizeof(sb));
726 a = do_lstat(conn, g.gl_pathv[i], 1);
727 if (a != NULL)
728 attrib_to_stat(a, &sb);
729 lname = ls_file(fname, &sb, 1);
730 printf("%s\n", lname);
731 xfree(lname);
732 } else {
733 printf("%-*s", colspace, fname);
734 if (c >= columns) {
735 printf("\n");
736 c = 1;
737 } else
738 c++;
739 }
740 xfree(fname);
741 }
742
743 if (!(lflag & LONG_VIEW) && (c != 1))
744 printf("\n");
745
746 if (g.gl_pathc)
747 globfree(&g);
748
749 return (0);
750}
751
752static int
753parse_args(const char **cpp, int *pflag, int *lflag, int *iflag,
754 unsigned long *n_arg, char **path1, char **path2)
755{
756 const char *cmd, *cp = *cpp;
757 char *cp2;
758 int base = 0;
759 long l;
760 int i, cmdnum;
761
762 /* Skip leading whitespace */
763 cp = cp + strspn(cp, WHITESPACE);
764
765 /* Ignore blank lines and lines which begin with comment '#' char */
766 if (*cp == '\0' || *cp == '#')
767 return (0);
768
769 /* Check for leading '-' (disable error processing) */
770 *iflag = 0;
771 if (*cp == '-') {
772 *iflag = 1;
773 cp++;
774 }
775
776 /* Figure out which command we have */
777 for (i = 0; cmds[i].c; i++) {
778 int cmdlen = strlen(cmds[i].c);
779
780 /* Check for command followed by whitespace */
781 if (!strncasecmp(cp, cmds[i].c, cmdlen) &&
782 strchr(WHITESPACE, cp[cmdlen])) {
783 cp += cmdlen;
784 cp = cp + strspn(cp, WHITESPACE);
785 break;
786 }
787 }
788 cmdnum = cmds[i].n;
789 cmd = cmds[i].c;
790
791 /* Special case */
792 if (*cp == '!') {
793 cp++;
794 cmdnum = I_SHELL;
795 } else if (cmdnum == -1) {
796 error("Invalid command.");
797 return (-1);
798 }
799
800 /* Get arguments and parse flags */
801 *lflag = *pflag = *n_arg = 0;
802 *path1 = *path2 = NULL;
803 switch (cmdnum) {
804 case I_GET:
805 case I_PUT:
806 if (parse_getput_flags(&cp, pflag))
807 return(-1);
808 /* Get first pathname (mandatory) */
809 if (get_pathname(&cp, path1))
810 return(-1);
811 if (*path1 == NULL) {
812 error("You must specify at least one path after a "
813 "%s command.", cmd);
814 return(-1);
815 }
816 /* Try to get second pathname (optional) */
817 if (get_pathname(&cp, path2))
818 return(-1);
819 break;
820 case I_RENAME:
821 case I_SYMLINK:
822 if (get_pathname(&cp, path1))
823 return(-1);
824 if (get_pathname(&cp, path2))
825 return(-1);
826 if (!*path1 || !*path2) {
827 error("You must specify two paths after a %s "
828 "command.", cmd);
829 return(-1);
830 }
831 break;
832 case I_RM:
833 case I_MKDIR:
834 case I_RMDIR:
835 case I_CHDIR:
836 case I_LCHDIR:
837 case I_LMKDIR:
838 /* Get pathname (mandatory) */
839 if (get_pathname(&cp, path1))
840 return(-1);
841 if (*path1 == NULL) {
842 error("You must specify a path after a %s command.",
843 cmd);
844 return(-1);
845 }
846 break;
847 case I_LS:
848 if (parse_ls_flags(&cp, lflag))
849 return(-1);
850 /* Path is optional */
851 if (get_pathname(&cp, path1))
852 return(-1);
853 break;
854 case I_LLS:
855 case I_SHELL:
856 /* Uses the rest of the line */
857 break;
858 case I_LUMASK:
859 base = 8;
860 case I_CHMOD:
861 base = 8;
862 case I_CHOWN:
863 case I_CHGRP:
864 /* Get numeric arg (mandatory) */
865 l = strtol(cp, &cp2, base);
866 if (cp2 == cp || ((l == LONG_MIN || l == LONG_MAX) &&
867 errno == ERANGE) || l < 0) {
868 error("You must supply a numeric argument "
869 "to the %s command.", cmd);
870 return(-1);
871 }
872 cp = cp2;
873 *n_arg = l;
874 if (cmdnum == I_LUMASK && strchr(WHITESPACE, *cp))
875 break;
876 if (cmdnum == I_LUMASK || !strchr(WHITESPACE, *cp)) {
877 error("You must supply a numeric argument "
878 "to the %s command.", cmd);
879 return(-1);
880 }
881 cp += strspn(cp, WHITESPACE);
882
883 /* Get pathname (mandatory) */
884 if (get_pathname(&cp, path1))
885 return(-1);
886 if (*path1 == NULL) {
887 error("You must specify a path after a %s command.",
888 cmd);
889 return(-1);
890 }
891 break;
892 case I_QUIT:
893 case I_PWD:
894 case I_LPWD:
895 case I_HELP:
896 case I_VERSION:
897 case I_PROGRESS:
898 break;
899 default:
900 fatal("Command not implemented");
901 }
902
903 *cpp = cp;
904 return(cmdnum);
905}
906
907static int
908parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd,
909 int err_abort)
910{
911 char *path1, *path2, *tmp;
912 int pflag, lflag, iflag, cmdnum, i;
913 unsigned long n_arg;
914 Attrib a, *aa;
915 char path_buf[MAXPATHLEN];
916 int err = 0;
917 glob_t g;
918
919 path1 = path2 = NULL;
920 cmdnum = parse_args(&cmd, &pflag, &lflag, &iflag, &n_arg,
921 &path1, &path2);
922
923 if (iflag != 0)
924 err_abort = 0;
925
926 memset(&g, 0, sizeof(g));
927
928 /* Perform command */
929 switch (cmdnum) {
930 case 0:
931 /* Blank line */
932 break;
933 case -1:
934 /* Unrecognized command */
935 err = -1;
936 break;
937 case I_GET:
938 err = process_get(conn, path1, path2, *pwd, pflag);
939 break;
940 case I_PUT:
941 err = process_put(conn, path1, path2, *pwd, pflag);
942 break;
943 case I_RENAME:
944 path1 = make_absolute(path1, *pwd);
945 path2 = make_absolute(path2, *pwd);
946 err = do_rename(conn, path1, path2);
947 break;
948 case I_SYMLINK:
949 path2 = make_absolute(path2, *pwd);
950 err = do_symlink(conn, path1, path2);
951 break;
952 case I_RM:
953 path1 = make_absolute(path1, *pwd);
954 remote_glob(conn, path1, GLOB_NOCHECK, NULL, &g);
955 for (i = 0; g.gl_pathv[i]; i++) {
956 printf("Removing %s\n", g.gl_pathv[i]);
957 err = do_rm(conn, g.gl_pathv[i]);
958 if (err != 0 && err_abort)
959 break;
960 }
961 break;
962 case I_MKDIR:
963 path1 = make_absolute(path1, *pwd);
964 attrib_clear(&a);
965 a.flags |= SSH2_FILEXFER_ATTR_PERMISSIONS;
966 a.perm = 0777;
967 err = do_mkdir(conn, path1, &a);
968 break;
969 case I_RMDIR:
970 path1 = make_absolute(path1, *pwd);
971 err = do_rmdir(conn, path1);
972 break;
973 case I_CHDIR:
974 path1 = make_absolute(path1, *pwd);
975 if ((tmp = do_realpath(conn, path1)) == NULL) {
976 err = 1;
977 break;
978 }
979 if ((aa = do_stat(conn, tmp, 0)) == NULL) {
980 xfree(tmp);
981 err = 1;
982 break;
983 }
984 if (!(aa->flags & SSH2_FILEXFER_ATTR_PERMISSIONS)) {
985 error("Can't change directory: Can't check target");
986 xfree(tmp);
987 err = 1;
988 break;
989 }
990 if (!S_ISDIR(aa->perm)) {
991 error("Can't change directory: \"%s\" is not "
992 "a directory", tmp);
993 xfree(tmp);
994 err = 1;
995 break;
996 }
997 xfree(*pwd);
998 *pwd = tmp;
999 break;
1000 case I_LS:
1001 if (!path1) {
1002 do_globbed_ls(conn, *pwd, *pwd, lflag);
1003 break;
1004 }
1005
1006 /* Strip pwd off beginning of non-absolute paths */
1007 tmp = NULL;
1008 if (*path1 != '/')
1009 tmp = *pwd;
1010
1011 path1 = make_absolute(path1, *pwd);
1012 err = do_globbed_ls(conn, path1, tmp, lflag);
1013 break;
1014 case I_LCHDIR:
1015 if (chdir(path1) == -1) {
1016 error("Couldn't change local directory to "
1017 "\"%s\": %s", path1, strerror(errno));
1018 err = 1;
1019 }
1020 break;
1021 case I_LMKDIR:
1022 if (mkdir(path1, 0777) == -1) {
1023 error("Couldn't create local directory "
1024 "\"%s\": %s", path1, strerror(errno));
1025 err = 1;
1026 }
1027 break;
1028 case I_LLS:
1029 local_do_ls(cmd);
1030 break;
1031 case I_SHELL:
1032 local_do_shell(cmd);
1033 break;
1034 case I_LUMASK:
1035 umask(n_arg);
1036 printf("Local umask: %03lo\n", n_arg);
1037 break;
1038 case I_CHMOD:
1039 path1 = make_absolute(path1, *pwd);
1040 attrib_clear(&a);
1041 a.flags |= SSH2_FILEXFER_ATTR_PERMISSIONS;
1042 a.perm = n_arg;
1043 remote_glob(conn, path1, GLOB_NOCHECK, NULL, &g);
1044 for (i = 0; g.gl_pathv[i]; i++) {
1045 printf("Changing mode on %s\n", g.gl_pathv[i]);
1046 err = do_setstat(conn, g.gl_pathv[i], &a);
1047 if (err != 0 && err_abort)
1048 break;
1049 }
1050 break;
1051 case I_CHOWN:
1052 case I_CHGRP:
1053 path1 = make_absolute(path1, *pwd);
1054 remote_glob(conn, path1, GLOB_NOCHECK, NULL, &g);
1055 for (i = 0; g.gl_pathv[i]; i++) {
1056 if (!(aa = do_stat(conn, g.gl_pathv[i], 0))) {
1057 if (err != 0 && err_abort)
1058 break;
1059 else
1060 continue;
1061 }
1062 if (!(aa->flags & SSH2_FILEXFER_ATTR_UIDGID)) {
1063 error("Can't get current ownership of "
1064 "remote file \"%s\"", g.gl_pathv[i]);
1065 if (err != 0 && err_abort)
1066 break;
1067 else
1068 continue;
1069 }
1070 aa->flags &= SSH2_FILEXFER_ATTR_UIDGID;
1071 if (cmdnum == I_CHOWN) {
1072 printf("Changing owner on %s\n", g.gl_pathv[i]);
1073 aa->uid = n_arg;
1074 } else {
1075 printf("Changing group on %s\n", g.gl_pathv[i]);
1076 aa->gid = n_arg;
1077 }
1078 err = do_setstat(conn, g.gl_pathv[i], aa);
1079 if (err != 0 && err_abort)
1080 break;
1081 }
1082 break;
1083 case I_PWD:
1084 printf("Remote working directory: %s\n", *pwd);
1085 break;
1086 case I_LPWD:
1087 if (!getcwd(path_buf, sizeof(path_buf))) {
1088 error("Couldn't get local cwd: %s", strerror(errno));
1089 err = -1;
1090 break;
1091 }
1092 printf("Local working directory: %s\n", path_buf);
1093 break;
1094 case I_QUIT:
1095 /* Processed below */
1096 break;
1097 case I_HELP:
1098 help();
1099 break;
1100 case I_VERSION:
1101 printf("SFTP protocol version %u\n", sftp_proto_version(conn));
1102 break;
1103 case I_PROGRESS:
1104 showprogress = !showprogress;
1105 if (showprogress)
1106 printf("Progress meter enabled\n");
1107 else
1108 printf("Progress meter disabled\n");
1109 break;
1110 default:
1111 fatal("%d is not implemented", cmdnum);
1112 }
1113
1114 if (g.gl_pathc)
1115 globfree(&g);
1116 if (path1)
1117 xfree(path1);
1118 if (path2)
1119 xfree(path2);
1120
1121 /* If an unignored error occurs in batch mode we should abort. */
1122 if (err_abort && err != 0)
1123 return (-1);
1124 else if (cmdnum == I_QUIT)
1125 return (1);
1126
1127 return (0);
1128}
1129
1130int
1131interactive_loop(int fd_in, int fd_out, char *file1, char *file2)
1132{
1133 char *pwd;
1134 char *dir = NULL;
1135 char cmd[2048];
1136 struct sftp_conn *conn;
1137 int err;
1138
1139 conn = do_init(fd_in, fd_out, copy_buffer_len, num_requests);
1140 if (conn == NULL)
1141 fatal("Couldn't initialise connection to server");
1142
1143 pwd = do_realpath(conn, ".");
1144 if (pwd == NULL)
1145 fatal("Need cwd");
1146
1147 if (file1 != NULL) {
1148 dir = xstrdup(file1);
1149 dir = make_absolute(dir, pwd);
1150
1151 if (remote_is_dir(conn, dir) && file2 == NULL) {
1152 printf("Changing to: %s\n", dir);
1153 snprintf(cmd, sizeof cmd, "cd \"%s\"", dir);
1154 if (parse_dispatch_command(conn, cmd, &pwd, 1) != 0)
1155 return (-1);
1156 } else {
1157 if (file2 == NULL)
1158 snprintf(cmd, sizeof cmd, "get %s", dir);
1159 else
1160 snprintf(cmd, sizeof cmd, "get %s %s", dir,
1161 file2);
1162
1163 err = parse_dispatch_command(conn, cmd, &pwd, 1);
1164 xfree(dir);
1165 xfree(pwd);
1166 return (err);
1167 }
1168 xfree(dir);
1169 }
1170
1171#if HAVE_SETVBUF
1172 setvbuf(stdout, NULL, _IOLBF, 0);
1173 setvbuf(infile, NULL, _IOLBF, 0);
1174#else
1175 setlinebuf(stdout);
1176 setlinebuf(infile);
1177#endif
1178
1179 err = 0;
1180 for (;;) {
1181 char *cp;
1182
1183 printf("sftp> ");
1184
1185 /* XXX: use libedit */
1186 if (fgets(cmd, sizeof(cmd), infile) == NULL) {
1187 printf("\n");
1188 break;
1189 }
1190
1191 if (batchmode) /* Echo command */
1192 printf("%s", cmd);
1193
1194 cp = strrchr(cmd, '\n');
1195 if (cp)
1196 *cp = '\0';
1197
1198 err = parse_dispatch_command(conn, cmd, &pwd, batchmode);
1199 if (err != 0)
1200 break;
1201 }
1202 xfree(pwd);
1203
1204 /* err == 1 signifies normal "quit" exit */
1205 return (err >= 0 ? 0 : -1);
1206}
52 1207
53static void 1208static void
54killchild(int signo) 1209killchild(int signo)
@@ -112,10 +1267,12 @@ usage(void)
112 extern char *__progname; 1267 extern char *__progname;
113 1268
114 fprintf(stderr, 1269 fprintf(stderr,
115 "usage: %s [-vC1] [-b batchfile] [-o ssh_option] [-s subsystem | sftp_server]\n" 1270 "usage: %s [-1Cv] [-B buffer_size] [-b batchfile] [-F ssh_config]\n"
116 " [-B buffer_size] [-F ssh_config] [-P sftp_server path]\n" 1271 " [-o ssh_option] [-P sftp_server_path] [-R num_requests]\n"
117 " [-R num_requests] [-S program]\n" 1272 " [-S program] [-s subsystem | sftp_server] host\n"
118 " [user@]host[:file [file]]\n", __progname); 1273 " %s [[user@]host[:file [file]]]\n"
1274 " %s [[user@]host[:dir[/]]]\n"
1275 " %s -b batchfile [user@]host\n", __progname, __progname, __progname, __progname);
119 exit(1); 1276 exit(1);
120} 1277}
121 1278
@@ -138,8 +1295,9 @@ main(int argc, char **argv)
138 addargs(&args, "-oForwardX11 no"); 1295 addargs(&args, "-oForwardX11 no");
139 addargs(&args, "-oForwardAgent no"); 1296 addargs(&args, "-oForwardAgent no");
140 addargs(&args, "-oClearAllForwardings yes"); 1297 addargs(&args, "-oClearAllForwardings yes");
1298
141 ll = SYSLOG_LEVEL_INFO; 1299 ll = SYSLOG_LEVEL_INFO;
142 infile = stdin; /* Read from STDIN unless changed by -b */ 1300 infile = stdin;
143 1301
144 while ((ch = getopt(argc, argv, "1hvCo:s:S:b:B:F:P:R:")) != -1) { 1302 while ((ch = getopt(argc, argv, "1hvCo:s:S:b:B:F:P:R:")) != -1) {
145 switch (ch) { 1303 switch (ch) {
@@ -169,13 +1327,15 @@ main(int argc, char **argv)
169 ssh_program = optarg; 1327 ssh_program = optarg;
170 break; 1328 break;
171 case 'b': 1329 case 'b':
172 if (infile == stdin) { 1330 if (batchmode)
173 infile = fopen(optarg, "r"); 1331 fatal("Batch file already specified.");
174 if (infile == NULL) 1332
175 fatal("%s (%s).", strerror(errno), optarg); 1333 /* Allow "-" as stdin */
176 } else 1334 if (strcmp(optarg, "-") != 0 &&
177 fatal("Filename already specified."); 1335 (infile = fopen(optarg, "r")) == NULL)
1336 fatal("%s (%s).", strerror(errno), optarg);
178 showprogress = 0; 1337 showprogress = 0;
1338 batchmode = 1;
179 break; 1339 break;
180 case 'P': 1340 case 'P':
181 sftp_direct = optarg; 1341 sftp_direct = optarg;
@@ -206,11 +1366,6 @@ main(int argc, char **argv)
206 userhost = xstrdup(argv[optind]); 1366 userhost = xstrdup(argv[optind]);
207 file2 = argv[optind+1]; 1367 file2 = argv[optind+1];
208 1368
209 if ((cp = colon(userhost)) != NULL) {
210 *cp++ = '\0';
211 file1 = cp;
212 }
213
214 if ((host = strrchr(userhost, '@')) == NULL) 1369 if ((host = strrchr(userhost, '@')) == NULL)
215 host = userhost; 1370 host = userhost;
216 else { 1371 else {
@@ -222,6 +1377,11 @@ main(int argc, char **argv)
222 addargs(&args, "-l%s",userhost); 1377 addargs(&args, "-l%s",userhost);
223 } 1378 }
224 1379
1380 if ((cp = colon(host)) != NULL) {
1381 *cp++ = '\0';
1382 file1 = cp;
1383 }
1384
225 host = cleanhostname(host); 1385 host = cleanhostname(host);
226 if (!*host) { 1386 if (!*host) {
227 fprintf(stderr, "Missing hostname\n"); 1387 fprintf(stderr, "Missing hostname\n");
@@ -239,26 +1399,28 @@ main(int argc, char **argv)
239 sftp_server : "sftp")); 1399 sftp_server : "sftp"));
240 args.list[0] = ssh_program; 1400 args.list[0] = ssh_program;
241 1401
242 fprintf(stderr, "Connecting to %s...\n", host); 1402 if (!batchmode)
1403 fprintf(stderr, "Connecting to %s...\n", host);
243 connect_to_server(ssh_program, args.list, &in, &out); 1404 connect_to_server(ssh_program, args.list, &in, &out);
244 } else { 1405 } else {
245 args.list = NULL; 1406 args.list = NULL;
246 addargs(&args, "sftp-server"); 1407 addargs(&args, "sftp-server");
247 1408
248 fprintf(stderr, "Attaching to %s...\n", sftp_direct); 1409 if (!batchmode)
1410 fprintf(stderr, "Attaching to %s...\n", sftp_direct);
249 connect_to_server(sftp_direct, args.list, &in, &out); 1411 connect_to_server(sftp_direct, args.list, &in, &out);
250 } 1412 }
251 1413
252 err = interactive_loop(in, out, file1, file2); 1414 err = interactive_loop(in, out, file1, file2);
253 1415
254#if !defined(USE_PIPES) 1416#if !defined(USE_PIPES)
255 shutdown(in, SHUT_RDWR); 1417 shutdown(in, SHUT_RDWR);
256 shutdown(out, SHUT_RDWR); 1418 shutdown(out, SHUT_RDWR);
257#endif 1419#endif
258 1420
259 close(in); 1421 close(in);
260 close(out); 1422 close(out);
261 if (infile != stdin) 1423 if (batchmode)
262 fclose(infile); 1424 fclose(infile);
263 1425
264 while (waitpid(sshpid, NULL, 0) == -1) 1426 while (waitpid(sshpid, NULL, 0) == -1)
diff --git a/ssh-add.0 b/ssh-add.0
index 95929d4d3..93116334b 100644
--- a/ssh-add.0
+++ b/ssh-add.0
@@ -1,4 +1,4 @@
1SSH-ADD(1) BSD General Commands Manual SSH-ADD(1) 1SSH-ADD(1) OpenBSD Reference Manual SSH-ADD(1)
2 2
3NAME 3NAME
4 ssh-add - adds RSA or DSA identities to the authentication agent 4 ssh-add - adds RSA or DSA identities to the authentication agent
@@ -14,11 +14,11 @@ DESCRIPTION
14 $HOME/.ssh/id_rsa, $HOME/.ssh/id_dsa and $HOME/.ssh/identity. Alterna- 14 $HOME/.ssh/id_rsa, $HOME/.ssh/id_dsa and $HOME/.ssh/identity. Alterna-
15 tive file names can be given on the command line. If any file requires a 15 tive file names can be given on the command line. If any file requires a
16 passphrase, ssh-add asks for the passphrase from the user. The 16 passphrase, ssh-add asks for the passphrase from the user. The
17 passphrase is read from the userM-bM-^@M-^Ys tty. ssh-add retries the last 17 passphrase is read from the user's tty. ssh-add retries the last
18 passphrase if multiple identity files are given. 18 passphrase if multiple identity files are given.
19 19
20 The authentication agent must be running and must be an ancestor of the 20 The authentication agent must be running and the SSH_AUTH_SOCK environ-
21 current process for ssh-add to work. 21 ment variable must contain the name of its socket for ssh-add to work.
22 22
23 The options are as follows: 23 The options are as follows:
24 24
@@ -99,4 +99,4 @@ AUTHORS
99 ated OpenSSH. Markus Friedl contributed the support for SSH protocol 99 ated OpenSSH. Markus Friedl contributed the support for SSH protocol
100 versions 1.5 and 2.0. 100 versions 1.5 and 2.0.
101 101
102BSD September 25, 1999 BSD 102OpenBSD 3.4 September 25, 1999 2
diff --git a/ssh-add.1 b/ssh-add.1
index fe0190859..6348197b3 100644
--- a/ssh-add.1
+++ b/ssh-add.1
@@ -1,4 +1,4 @@
1.\" $OpenBSD: ssh-add.1,v 1.39 2003/06/10 09:12:11 jmc Exp $ 1.\" $OpenBSD: ssh-add.1,v 1.40 2003/11/25 23:10:08 matthieu Exp $
2.\" 2.\"
3.\" -*- nroff -*- 3.\" -*- nroff -*-
4.\" 4.\"
@@ -69,8 +69,9 @@ The passphrase is read from the user's tty.
69.Nm 69.Nm
70retries the last passphrase if multiple identity files are given. 70retries the last passphrase if multiple identity files are given.
71.Pp 71.Pp
72The authentication agent must be running and must be an ancestor of 72The authentication agent must be running and the
73the current process for 73.Ev SSH_AUTH_SOCK
74environment variable must contain the name of its socket for
74.Nm 75.Nm
75to work. 76to work.
76.Pp 77.Pp
diff --git a/ssh-add.c b/ssh-add.c
index 2e394e5c1..e7699c95c 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -35,7 +35,7 @@
35 */ 35 */
36 36
37#include "includes.h" 37#include "includes.h"
38RCSID("$OpenBSD: ssh-add.c,v 1.68 2003/06/16 10:22:45 markus Exp $"); 38RCSID("$OpenBSD: ssh-add.c,v 1.69 2003/11/21 11:57:03 djm Exp $");
39 39
40#include <openssl/evp.h> 40#include <openssl/evp.h>
41 41
@@ -169,14 +169,14 @@ add_file(AuthenticationConnection *ac, const char *filename)
169 } 169 }
170 } 170 }
171 171
172 if (ssh_add_identity_constrained(ac, private, comment, lifetime, 172 if (ssh_add_identity_constrained(ac, private, comment, lifetime,
173 confirm)) { 173 confirm)) {
174 fprintf(stderr, "Identity added: %s (%s)\n", filename, comment); 174 fprintf(stderr, "Identity added: %s (%s)\n", filename, comment);
175 ret = 0; 175 ret = 0;
176 if (lifetime != 0) 176 if (lifetime != 0)
177 fprintf(stderr, 177 fprintf(stderr,
178 "Lifetime set to %d seconds\n", lifetime); 178 "Lifetime set to %d seconds\n", lifetime);
179 if (confirm != 0) 179 if (confirm != 0)
180 fprintf(stderr, 180 fprintf(stderr,
181 "The user has to confirm each use of the key\n"); 181 "The user has to confirm each use of the key\n");
182 } else if (ssh_add_identity(ac, private, comment)) { 182 } else if (ssh_add_identity(ac, private, comment)) {
diff --git a/ssh-agent.c b/ssh-agent.c
index c05c61468..e5232fc9b 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -35,7 +35,7 @@
35 35
36#include "includes.h" 36#include "includes.h"
37#include "openbsd-compat/sys-queue.h" 37#include "openbsd-compat/sys-queue.h"
38RCSID("$OpenBSD: ssh-agent.c,v 1.111 2003/06/12 19:12:03 markus Exp $"); 38RCSID("$OpenBSD: ssh-agent.c,v 1.117 2003/12/02 17:01:15 markus Exp $");
39 39
40#include <openssl/evp.h> 40#include <openssl/evp.h>
41#include <openssl/md5.h> 41#include <openssl/md5.h>
@@ -179,7 +179,7 @@ confirm_key(Identity *id)
179 p = read_passphrase(prompt, RP_ALLOW_EOF); 179 p = read_passphrase(prompt, RP_ALLOW_EOF);
180 if (p != NULL) { 180 if (p != NULL) {
181 /* 181 /*
182 * Accept empty responses and responses consisting 182 * Accept empty responses and responses consisting
183 * of the word "yes" as affirmative. 183 * of the word "yes" as affirmative.
184 */ 184 */
185 if (*p == '\0' || *p == '\n' || strcasecmp(p, "yes") == 0) 185 if (*p == '\0' || *p == '\n' || strcasecmp(p, "yes") == 0)
@@ -784,7 +784,7 @@ process_message(SocketEntry *e)
784static void 784static void
785new_socket(sock_type type, int fd) 785new_socket(sock_type type, int fd)
786{ 786{
787 u_int i, old_alloc; 787 u_int i, old_alloc, new_alloc;
788 788
789 if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0) 789 if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0)
790 error("fcntl O_NONBLOCK: %s", strerror(errno)); 790 error("fcntl O_NONBLOCK: %s", strerror(errno));
@@ -795,25 +795,26 @@ new_socket(sock_type type, int fd)
795 for (i = 0; i < sockets_alloc; i++) 795 for (i = 0; i < sockets_alloc; i++)
796 if (sockets[i].type == AUTH_UNUSED) { 796 if (sockets[i].type == AUTH_UNUSED) {
797 sockets[i].fd = fd; 797 sockets[i].fd = fd;
798 sockets[i].type = type;
799 buffer_init(&sockets[i].input); 798 buffer_init(&sockets[i].input);
800 buffer_init(&sockets[i].output); 799 buffer_init(&sockets[i].output);
801 buffer_init(&sockets[i].request); 800 buffer_init(&sockets[i].request);
801 sockets[i].type = type;
802 return; 802 return;
803 } 803 }
804 old_alloc = sockets_alloc; 804 old_alloc = sockets_alloc;
805 sockets_alloc += 10; 805 new_alloc = sockets_alloc + 10;
806 if (sockets) 806 if (sockets)
807 sockets = xrealloc(sockets, sockets_alloc * sizeof(sockets[0])); 807 sockets = xrealloc(sockets, new_alloc * sizeof(sockets[0]));
808 else 808 else
809 sockets = xmalloc(sockets_alloc * sizeof(sockets[0])); 809 sockets = xmalloc(new_alloc * sizeof(sockets[0]));
810 for (i = old_alloc; i < sockets_alloc; i++) 810 for (i = old_alloc; i < new_alloc; i++)
811 sockets[i].type = AUTH_UNUSED; 811 sockets[i].type = AUTH_UNUSED;
812 sockets[old_alloc].type = type; 812 sockets_alloc = new_alloc;
813 sockets[old_alloc].fd = fd; 813 sockets[old_alloc].fd = fd;
814 buffer_init(&sockets[old_alloc].input); 814 buffer_init(&sockets[old_alloc].input);
815 buffer_init(&sockets[old_alloc].output); 815 buffer_init(&sockets[old_alloc].output);
816 buffer_init(&sockets[old_alloc].request); 816 buffer_init(&sockets[old_alloc].request);
817 sockets[old_alloc].type = type;
817} 818}
818 819
819static int 820static int
@@ -948,7 +949,7 @@ after_select(fd_set *readset, fd_set *writeset)
948} 949}
949 950
950static void 951static void
951cleanup_socket(void *p) 952cleanup_socket(void)
952{ 953{
953 if (socket_name[0]) 954 if (socket_name[0])
954 unlink(socket_name); 955 unlink(socket_name);
@@ -956,17 +957,17 @@ cleanup_socket(void *p)
956 rmdir(socket_dir); 957 rmdir(socket_dir);
957} 958}
958 959
959static void 960void
960cleanup_exit(int i) 961cleanup_exit(int i)
961{ 962{
962 cleanup_socket(NULL); 963 cleanup_socket();
963 exit(i); 964 _exit(i);
964} 965}
965 966
966static void 967static void
967cleanup_handler(int sig) 968cleanup_handler(int sig)
968{ 969{
969 cleanup_socket(NULL); 970 cleanup_socket();
970 _exit(2); 971 _exit(2);
971} 972}
972 973
@@ -1099,7 +1100,7 @@ main(int ac, char **av)
1099 1100
1100 if (agentsocket == NULL) { 1101 if (agentsocket == NULL) {
1101 /* Create private directory for agent socket */ 1102 /* Create private directory for agent socket */
1102 strlcpy(socket_dir, "/tmp/ssh-XXXXXXXX", sizeof socket_dir); 1103 strlcpy(socket_dir, "/tmp/ssh-XXXXXXXXXX", sizeof socket_dir);
1103 if (mkdtemp(socket_dir) == NULL) { 1104 if (mkdtemp(socket_dir) == NULL) {
1104 perror("mkdtemp: private socket dir"); 1105 perror("mkdtemp: private socket dir");
1105 exit(1); 1106 exit(1);
@@ -1137,7 +1138,7 @@ main(int ac, char **av)
1137#ifdef HAVE_CYGWIN 1138#ifdef HAVE_CYGWIN
1138 umask(prev_mask); 1139 umask(prev_mask);
1139#endif 1140#endif
1140 if (listen(sock, 128) < 0) { 1141 if (listen(sock, SSH_LISTEN_BACKLOG) < 0) {
1141 perror("listen"); 1142 perror("listen");
1142 cleanup_exit(1); 1143 cleanup_exit(1);
1143 } 1144 }
@@ -1208,7 +1209,6 @@ main(int ac, char **av)
1208#endif 1209#endif
1209 1210
1210skip: 1211skip:
1211 fatal_add_cleanup(cleanup_socket, NULL);
1212 new_socket(AUTH_SOCKET, sock); 1212 new_socket(AUTH_SOCKET, sock);
1213 if (ac > 0) { 1213 if (ac > 0) {
1214 mysignal(SIGALRM, check_parent_exists); 1214 mysignal(SIGALRM, check_parent_exists);
diff --git a/ssh-dss.c b/ssh-dss.c
index 6cedcc4dc..381b7dedb 100644
--- a/ssh-dss.c
+++ b/ssh-dss.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: ssh-dss.c,v 1.18 2003/02/12 09:33:04 markus Exp $"); 26RCSID("$OpenBSD: ssh-dss.c,v 1.19 2003/11/10 16:23:41 jakob Exp $");
27 27
28#include <openssl/bn.h> 28#include <openssl/bn.h>
29#include <openssl/evp.h> 29#include <openssl/evp.h>
@@ -39,8 +39,8 @@ RCSID("$OpenBSD: ssh-dss.c,v 1.18 2003/02/12 09:33:04 markus Exp $");
39#define SIGBLOB_LEN (2*INTBLOB_LEN) 39#define SIGBLOB_LEN (2*INTBLOB_LEN)
40 40
41int 41int
42ssh_dss_sign(Key *key, u_char **sigp, u_int *lenp, 42ssh_dss_sign(const Key *key, u_char **sigp, u_int *lenp,
43 u_char *data, u_int datalen) 43 const u_char *data, u_int datalen)
44{ 44{
45 DSA_SIG *sig; 45 DSA_SIG *sig;
46 const EVP_MD *evp_md = EVP_sha1(); 46 const EVP_MD *evp_md = EVP_sha1();
@@ -101,8 +101,8 @@ ssh_dss_sign(Key *key, u_char **sigp, u_int *lenp,
101 return 0; 101 return 0;
102} 102}
103int 103int
104ssh_dss_verify(Key *key, u_char *signature, u_int signaturelen, 104ssh_dss_verify(const Key *key, const u_char *signature, u_int signaturelen,
105 u_char *data, u_int datalen) 105 const u_char *data, u_int datalen)
106{ 106{
107 DSA_SIG *sig; 107 DSA_SIG *sig;
108 const EVP_MD *evp_md = EVP_sha1(); 108 const EVP_MD *evp_md = EVP_sha1();
@@ -119,7 +119,8 @@ ssh_dss_verify(Key *key, u_char *signature, u_int signaturelen,
119 119
120 /* fetch signature */ 120 /* fetch signature */
121 if (datafellows & SSH_BUG_SIGBLOB) { 121 if (datafellows & SSH_BUG_SIGBLOB) {
122 sigblob = signature; 122 sigblob = xmalloc(signaturelen);
123 memcpy(sigblob, signature, signaturelen);
123 len = signaturelen; 124 len = signaturelen;
124 } else { 125 } else {
125 /* ietf-drafts */ 126 /* ietf-drafts */
@@ -159,10 +160,9 @@ ssh_dss_verify(Key *key, u_char *signature, u_int signaturelen,
159 BN_bin2bn(sigblob, INTBLOB_LEN, sig->r); 160 BN_bin2bn(sigblob, INTBLOB_LEN, sig->r);
160 BN_bin2bn(sigblob+ INTBLOB_LEN, INTBLOB_LEN, sig->s); 161 BN_bin2bn(sigblob+ INTBLOB_LEN, INTBLOB_LEN, sig->s);
161 162
162 if (!(datafellows & SSH_BUG_SIGBLOB)) { 163 /* clean up */
163 memset(sigblob, 0, len); 164 memset(sigblob, 0, len);
164 xfree(sigblob); 165 xfree(sigblob);
165 }
166 166
167 /* sha1 the data */ 167 /* sha1 the data */
168 EVP_DigestInit(&md, evp_md); 168 EVP_DigestInit(&md, evp_md);
diff --git a/ssh-gss.h b/ssh-gss.h
index 6b58adb3a..4f032aa8f 100644
--- a/ssh-gss.h
+++ b/ssh-gss.h
@@ -1,3 +1,4 @@
1/* $OpenBSD: ssh-gss.h,v 1.4 2003/11/17 11:06:07 markus Exp $ */
1/* 2/*
2 * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. 3 * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
3 * 4 *
@@ -29,11 +30,19 @@
29 30
30#include "buffer.h" 31#include "buffer.h"
31 32
33#ifdef HAVE_GSSAPI_H
32#include <gssapi.h> 34#include <gssapi.h>
35#elif defined(HAVE_GSSAPI_GSSAPI_H)
36#include <gssapi/gssapi.h>
37#endif
33 38
34#ifdef KRB5 39#ifdef KRB5
35#ifndef HEIMDAL 40# ifndef HEIMDAL
36#include <gssapi_generic.h> 41# ifdef HAVE_GSSAPI_GENERIC_H
42# include <gssapi_generic.h>
43# elif defined(HAVE_GSSAPI_GSSAPI_GENERIC_H)
44# include <gssapi/gssapi_generic.h>
45# endif
37 46
38/* MIT Kerberos doesn't seem to define GSS_NT_HOSTBASED_SERVICE */ 47/* MIT Kerberos doesn't seem to define GSS_NT_HOSTBASED_SERVICE */
39 48
@@ -49,6 +58,7 @@
49#define SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE 63 58#define SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE 63
50#define SSH2_MSG_USERAUTH_GSSAPI_ERROR 64 59#define SSH2_MSG_USERAUTH_GSSAPI_ERROR 64
51#define SSH2_MSG_USERAUTH_GSSAPI_ERRTOK 65 60#define SSH2_MSG_USERAUTH_GSSAPI_ERRTOK 65
61#define SSH2_MSG_USERAUTH_GSSAPI_MIC 66
52 62
53#define SSH_GSS_OIDTYPE 0x06 63#define SSH_GSS_OIDTYPE 0x06
54 64
@@ -107,13 +117,15 @@ void ssh_gssapi_error(Gssctxt *ctx);
107char *ssh_gssapi_last_error(Gssctxt *ctxt, OM_uint32 *maj, OM_uint32 *min); 117char *ssh_gssapi_last_error(Gssctxt *ctxt, OM_uint32 *maj, OM_uint32 *min);
108void ssh_gssapi_build_ctx(Gssctxt **ctx); 118void ssh_gssapi_build_ctx(Gssctxt **ctx);
109void ssh_gssapi_delete_ctx(Gssctxt **ctx); 119void ssh_gssapi_delete_ctx(Gssctxt **ctx);
120OM_uint32 ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t);
110OM_uint32 ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid); 121OM_uint32 ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid);
122void ssh_gssapi_buildmic(Buffer *, const char *, const char *, const char *);
111 123
112/* In the server */ 124/* In the server */
113int ssh_gssapi_userok(char *name); 125int ssh_gssapi_userok(char *name);
114 126OM_uint32 ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t);
115void ssh_gssapi_do_child(char ***envp, u_int *envsizep); 127void ssh_gssapi_do_child(char ***envp, u_int *envsizep);
116void ssh_gssapi_cleanup_creds(void *ignored); 128void ssh_gssapi_cleanup_creds(void);
117void ssh_gssapi_storecreds(void); 129void ssh_gssapi_storecreds(void);
118 130
119#endif /* GSSAPI */ 131#endif /* GSSAPI */
diff --git a/ssh-keygen.0 b/ssh-keygen.0
index 2db957554..d4fcc682b 100644
--- a/ssh-keygen.0
+++ b/ssh-keygen.0
@@ -1,4 +1,4 @@
1SSH-KEYGEN(1) BSD General Commands Manual SSH-KEYGEN(1) 1SSH-KEYGEN(1) OpenBSD Reference Manual SSH-KEYGEN(1)
2 2
3NAME 3NAME
4 ssh-keygen - authentication key generation, management and conversion 4 ssh-keygen - authentication key generation, management and conversion
@@ -16,8 +16,9 @@ SYNOPSIS
16 ssh-keygen -D reader 16 ssh-keygen -D reader
17 ssh-keygen -U reader [-f input_keyfile] 17 ssh-keygen -U reader [-f input_keyfile]
18 ssh-keygen -r hostname [-f input_keyfile] [-g] 18 ssh-keygen -r hostname [-f input_keyfile] [-g]
19 ssh-keygen -G output_file [-b bits] [-M memory] [-S start_point] 19 ssh-keygen -G output_file [-v] [-b bits] [-M memory] [-S start_point]
20 ssh-keygen -T output_file -f input_file [-a num_trials] [-W generator] 20 ssh-keygen -T output_file -f input_file [-v] [-a num_trials] [-W
21 generator]
21 22
22DESCRIPTION 23DESCRIPTION
23 ssh-keygen generates, manages and converts authentication keys for 24 ssh-keygen generates, manages and converts authentication keys for
@@ -35,17 +36,17 @@ DESCRIPTION
35 36
36 Normally this program generates the key and asks for a file in which to 37 Normally this program generates the key and asks for a file in which to
37 store the private key. The public key is stored in a file with the same 38 store the private key. The public key is stored in a file with the same
38 name but M-bM-^@M-^\.pubM-bM-^@M-^] appended. The program also asks for a passphrase. The 39 name but ``.pub'' appended. The program also asks for a passphrase. The
39 passphrase may be empty to indicate no passphrase (host keys must have an 40 passphrase may be empty to indicate no passphrase (host keys must have an
40 empty passphrase), or it may be a string of arbitrary length. A 41 empty passphrase), or it may be a string of arbitrary length. A
41 passphrase is similar to a password, except it can be a phrase with a 42 passphrase is similar to a password, except it can be a phrase with a se-
42 series of words, punctuation, numbers, whitespace, or any string of char- 43 ries of words, punctuation, numbers, whitespace, or any string of charac-
43 acters you want. Good passphrases are 10-30 characters long, are not 44 ters you want. Good passphrases are 10-30 characters long, are not sim-
44 simple sentences or otherwise easily guessable (English prose has only 45 ple sentences or otherwise easily guessable (English prose has only 1-2
45 1-2 bits of entropy per character, and provides very bad passphrases), 46 bits of entropy per character, and provides very bad passphrases), and
46 and contain a mix of upper and lowercase letters, numbers, and non- 47 contain a mix of upper and lowercase letters, numbers, and non-alphanu-
47 alphanumeric characters. The passphrase can be changed later by using 48 meric characters. The passphrase can be changed later by using the -p
48 the -p option. 49 option.
49 50
50 There is no way to recover a lost passphrase. If the passphrase is lost 51 There is no way to recover a lost passphrase. If the passphrase is lost
51 or forgotten, a new key must be generated and copied to the corresponding 52 or forgotten, a new key must be generated and copied to the corresponding
@@ -54,8 +55,8 @@ DESCRIPTION
54 For RSA1 keys, there is also a comment field in the key file that is only 55 For RSA1 keys, there is also a comment field in the key file that is only
55 for convenience to the user to help identify the key. The comment can 56 for convenience to the user to help identify the key. The comment can
56 tell what the key is for, or whatever is useful. The comment is initial- 57 tell what the key is for, or whatever is useful. The comment is initial-
57 ized to M-bM-^@M-^\user@hostM-bM-^@M-^] when the key is created, but can be changed using the 58 ized to ``user@host'' when the key is created, but can be changed using
58 -c option. 59 the -c option.
59 60
60 After a key is generated, instructions below detail where the keys should 61 After a key is generated, instructions below detail where the keys should
61 be placed to be activated. 62 be placed to be activated.
@@ -77,7 +78,7 @@ DESCRIPTION
77 the passphrase if the key has one, and for the new comment. 78 the passphrase if the key has one, and for the new comment.
78 79
79 -e This option will read a private or public OpenSSH key file and 80 -e This option will read a private or public OpenSSH key file and
80 print the key in a M-bM-^@M-^XSECSH Public Key File FormatM-bM-^@M-^Y to stdout. 81 print the key in a `SECSH Public Key File Format' to stdout.
81 This option allows exporting keys for use by several commercial 82 This option allows exporting keys for use by several commercial
82 SSH implementations. 83 SSH implementations.
83 84
@@ -88,8 +89,8 @@ DESCRIPTION
88 89
89 -i This option will read an unencrypted private (or public) key file 90 -i This option will read an unencrypted private (or public) key file
90 in SSH2-compatible format and print an OpenSSH compatible private 91 in SSH2-compatible format and print an OpenSSH compatible private
91 (or public) key to stdout. ssh-keygen also reads the M-bM-^@M-^XSECSH 92 (or public) key to stdout. ssh-keygen also reads the `SECSH
92 Public Key File FormatM-bM-^@M-^Y. This option allows importing keys from 93 Public Key File Format'. This option allows importing keys from
93 several commercial SSH implementations. 94 several commercial SSH implementations.
94 95
95 -l Show fingerprint of specified public key file. Private RSA1 keys 96 -l Show fingerprint of specified public key file. Private RSA1 keys
@@ -108,8 +109,8 @@ DESCRIPTION
108 109
109 -t type 110 -t type
110 Specifies the type of the key to create. The possible values are 111 Specifies the type of the key to create. The possible values are
111 M-bM-^@M-^\rsa1M-bM-^@M-^] for protocol version 1 and M-bM-^@M-^\rsaM-bM-^@M-^] or M-bM-^@M-^\dsaM-bM-^@M-^] for protocol 112 ``rsa1'' for protocol version 1 and ``rsa'' or ``dsa'' for proto-
112 version 2. 113 col version 2.
113 114
114 -B Show the bubblebabble digest of specified private or public key 115 -B Show the bubblebabble digest of specified private or public key
115 file. 116 file.
@@ -149,15 +150,20 @@ DESCRIPTION
149 -U reader 150 -U reader
150 Upload an existing RSA private key into the smartcard in reader. 151 Upload an existing RSA private key into the smartcard in reader.
151 152
153 -v Verbose mode. Causes ssh-keygen to print debugging messages
154 about its progress. This is helpful for debugging moduli genera-
155 tion. Multiple -v options increase the verbosity. The maximum
156 is 3.
157
152 -r hostname 158 -r hostname
153 Print DNS resource record with the specified hostname. 159 Print DNS resource record with the specified hostname.
154 160
155MODULI GENERATION 161MODULI GENERATION
156 ssh-keygen may be used to generate groups for the Diffie-Hellman Group 162 ssh-keygen may be used to generate groups for the Diffie-Hellman Group
157 Exchange (DH-GEX) protocol. Generating these groups is a two-step pro- 163 Exchange (DH-GEX) protocol. Generating these groups is a two-step pro-
158 cess: first, candidate primes are generated using a fast, but memory 164 cess: first, candidate primes are generated using a fast, but memory in-
159 intensive process. These candidate primes are then tested for suitabil- 165 tensive process. These candidate primes are then tested for suitability
160 ity (a CPU-intensive process). 166 (a CPU-intensive process).
161 167
162 Generation of primes is performed using the -G option. The desired 168 Generation of primes is performed using the -G option. The desired
163 length of the primes may be specified by the -b option. For example: 169 length of the primes may be specified by the -b option. For example:
@@ -188,8 +194,8 @@ MODULI GENERATION
188FILES 194FILES
189 $HOME/.ssh/identity 195 $HOME/.ssh/identity
190 Contains the protocol version 1 RSA authentication identity of 196 Contains the protocol version 1 RSA authentication identity of
191 the user. This file should not be readable by anyone but the 197 the user. This file should not be readable by anyone but the us-
192 user. It is possible to specify a passphrase when generating the 198 er. It is possible to specify a passphrase when generating the
193 key; that passphrase will be used to encrypt the private part of 199 key; that passphrase will be used to encrypt the private part of
194 this file using 3DES. This file is not automatically accessed by 200 this file using 3DES. This file is not automatically accessed by
195 ssh-keygen but it is offered as the default file for the private 201 ssh-keygen but it is offered as the default file for the private
@@ -204,8 +210,8 @@ FILES
204 210
205 $HOME/.ssh/id_dsa 211 $HOME/.ssh/id_dsa
206 Contains the protocol version 2 DSA authentication identity of 212 Contains the protocol version 2 DSA authentication identity of
207 the user. This file should not be readable by anyone but the 213 the user. This file should not be readable by anyone but the us-
208 user. It is possible to specify a passphrase when generating the 214 er. It is possible to specify a passphrase when generating the
209 key; that passphrase will be used to encrypt the private part of 215 key; that passphrase will be used to encrypt the private part of
210 this file using 3DES. This file is not automatically accessed by 216 this file using 3DES. This file is not automatically accessed by
211 ssh-keygen but it is offered as the default file for the private 217 ssh-keygen but it is offered as the default file for the private
@@ -220,8 +226,8 @@ FILES
220 226
221 $HOME/.ssh/id_rsa 227 $HOME/.ssh/id_rsa
222 Contains the protocol version 2 RSA authentication identity of 228 Contains the protocol version 2 RSA authentication identity of
223 the user. This file should not be readable by anyone but the 229 the user. This file should not be readable by anyone but the us-
224 user. It is possible to specify a passphrase when generating the 230 er. It is possible to specify a passphrase when generating the
225 key; that passphrase will be used to encrypt the private part of 231 key; that passphrase will be used to encrypt the private part of
226 this file using 3DES. This file is not automatically accessed by 232 this file using 3DES. This file is not automatically accessed by
227 ssh-keygen but it is offered as the default file for the private 233 ssh-keygen but it is offered as the default file for the private
@@ -241,14 +247,14 @@ FILES
241SEE ALSO 247SEE ALSO
242 ssh(1), ssh-add(1), ssh-agent(1), moduli(5), sshd(8) 248 ssh(1), ssh-add(1), ssh-agent(1), moduli(5), sshd(8)
243 249
244 J. Galbraith and R. Thayer, SECSH Public Key File Format, draft-ietf- 250 J. Galbraith, and R. Thayer, SECSH Public Key File Format, draft-ietf-
245 secsh-publickeyfile-01.txt, March 2001, work in progress material. 251 secsh-publickeyfile-01.txt, March 2001, work in progress material.
246 252
247AUTHORS 253AUTHORS
248 OpenSSH is a derivative of the original and free ssh 1.2.12 release by 254 OpenSSH is a derivative of the original and free ssh 1.2.12 release by
249 Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo 255 Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
250 de Raadt and Dug Song removed many bugs, re-added newer features and cre- 256 de Raadt and Dug Song removed many bugs, re-added newer features and
251 ated OpenSSH. Markus Friedl contributed the support for SSH protocol 257 created OpenSSH. Markus Friedl contributed the support for SSH protocol
252 versions 1.5 and 2.0. 258 versions 1.5 and 2.0.
253 259
254BSD September 25, 1999 BSD 260OpenBSD 3.4 September 25, 1999 4
diff --git a/ssh-keygen.1 b/ssh-keygen.1
index dc4bcacd0..6dd615428 100644
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
1.\" $OpenBSD: ssh-keygen.1,v 1.60 2003/07/28 09:49:56 djm Exp $ 1.\" $OpenBSD: ssh-keygen.1,v 1.61 2003/12/22 09:16:58 djm Exp $
2.\" 2.\"
3.\" -*- nroff -*- 3.\" -*- nroff -*-
4.\" 4.\"
@@ -89,12 +89,14 @@
89.Op Fl g 89.Op Fl g
90.Nm ssh-keygen 90.Nm ssh-keygen
91.Fl G Ar output_file 91.Fl G Ar output_file
92.Op Fl v
92.Op Fl b Ar bits 93.Op Fl b Ar bits
93.Op Fl M Ar memory 94.Op Fl M Ar memory
94.Op Fl S Ar start_point 95.Op Fl S Ar start_point
95.Nm ssh-keygen 96.Nm ssh-keygen
96.Fl T Ar output_file 97.Fl T Ar output_file
97.Fl f Ar input_file 98.Fl f Ar input_file
99.Op Fl v
98.Op Fl a Ar num_trials 100.Op Fl a Ar num_trials
99.Op Fl W Ar generator 101.Op Fl W Ar generator
100.Sh DESCRIPTION 102.Sh DESCRIPTION
@@ -263,6 +265,16 @@ Specify desired generator when testing candidate moduli for DH-GEX.
263.It Fl U Ar reader 265.It Fl U Ar reader
264Upload an existing RSA private key into the smartcard in 266Upload an existing RSA private key into the smartcard in
265.Ar reader . 267.Ar reader .
268.It Fl v
269Verbose mode.
270Causes
271.Nm
272to print debugging messages about its progress.
273This is helpful for debugging moduli generation.
274Multiple
275.Fl v
276options increase the verbosity.
277The maximum is 3.
266.It Fl r Ar hostname 278.It Fl r Ar hostname
267Print DNS resource record with the specified 279Print DNS resource record with the specified
268.Ar hostname . 280.Ar hostname .
diff --git a/ssh-keygen.c b/ssh-keygen.c
index e74d3cd37..1156a010a 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -12,7 +12,7 @@
12 */ 12 */
13 13
14#include "includes.h" 14#include "includes.h"
15RCSID("$OpenBSD: ssh-keygen.c,v 1.108 2003/08/14 16:08:58 markus Exp $"); 15RCSID("$OpenBSD: ssh-keygen.c,v 1.113 2003/12/22 09:16:58 djm Exp $");
16 16
17#include <openssl/evp.h> 17#include <openssl/evp.h>
18#include <openssl/pem.h> 18#include <openssl/pem.h>
@@ -32,9 +32,7 @@ RCSID("$OpenBSD: ssh-keygen.c,v 1.108 2003/08/14 16:08:58 markus Exp $");
32#ifdef SMARTCARD 32#ifdef SMARTCARD
33#include "scard.h" 33#include "scard.h"
34#endif 34#endif
35#ifdef DNS
36#include "dns.h" 35#include "dns.h"
37#endif
38 36
39/* Number of bits in the RSA/DSA key. This value can be changed on the command line. */ 37/* Number of bits in the RSA/DSA key. This value can be changed on the command line. */
40int bits = 1024; 38int bits = 1024;
@@ -191,8 +189,8 @@ do_convert_to_ssh2(struct passwd *pw)
191static void 189static void
192buffer_get_bignum_bits(Buffer *b, BIGNUM *value) 190buffer_get_bignum_bits(Buffer *b, BIGNUM *value)
193{ 191{
194 int bits = buffer_get_int(b); 192 u_int bits = buffer_get_int(b);
195 int bytes = (bits + 7) / 8; 193 u_int bytes = (bits + 7) / 8;
196 194
197 if (buffer_len(b) < bytes) 195 if (buffer_len(b) < bytes)
198 fatal("buffer_get_bignum_bits: input buffer too small: " 196 fatal("buffer_get_bignum_bits: input buffer too small: "
@@ -625,7 +623,6 @@ do_change_passphrase(struct passwd *pw)
625 exit(0); 623 exit(0);
626} 624}
627 625
628#ifdef DNS
629/* 626/*
630 * Print the SSHFP RR. 627 * Print the SSHFP RR.
631 */ 628 */
@@ -655,7 +652,6 @@ do_print_resource_record(struct passwd *pw, char *hostname)
655 printf("failed to read v2 public key from %s.\n", identity_file); 652 printf("failed to read v2 public key from %s.\n", identity_file);
656 exit(1); 653 exit(1);
657} 654}
658#endif /* DNS */
659 655
660/* 656/*
661 * Change the comment of a private key file. 657 * Change the comment of a private key file.
@@ -774,9 +770,7 @@ usage(void)
774 fprintf(stderr, " -C comment Provide new comment.\n"); 770 fprintf(stderr, " -C comment Provide new comment.\n");
775 fprintf(stderr, " -N phrase Provide new passphrase.\n"); 771 fprintf(stderr, " -N phrase Provide new passphrase.\n");
776 fprintf(stderr, " -P phrase Provide old passphrase.\n"); 772 fprintf(stderr, " -P phrase Provide old passphrase.\n");
777#ifdef DNS
778 fprintf(stderr, " -r hostname Print DNS resource record.\n"); 773 fprintf(stderr, " -r hostname Print DNS resource record.\n");
779#endif /* DNS */
780#ifdef SMARTCARD 774#ifdef SMARTCARD
781 fprintf(stderr, " -D reader Download public key from smartcard.\n"); 775 fprintf(stderr, " -D reader Download public key from smartcard.\n");
782 fprintf(stderr, " -U reader Upload private key to smartcard.\n"); 776 fprintf(stderr, " -U reader Upload private key to smartcard.\n");
@@ -803,6 +797,7 @@ main(int ac, char **av)
803 int opt, type, fd, download = 0, memory = 0; 797 int opt, type, fd, download = 0, memory = 0;
804 int generator_wanted = 0, trials = 100; 798 int generator_wanted = 0, trials = 100;
805 int do_gen_candidates = 0, do_screen_candidates = 0; 799 int do_gen_candidates = 0, do_screen_candidates = 0;
800 int log_level = SYSLOG_LEVEL_INFO;
806 BIGNUM *start = NULL; 801 BIGNUM *start = NULL;
807 FILE *f; 802 FILE *f;
808 803
@@ -829,7 +824,7 @@ main(int ac, char **av)
829 } 824 }
830 825
831 while ((opt = getopt(ac, av, 826 while ((opt = getopt(ac, av,
832 "degiqpclBRxXyb:f:t:U:D:P:N:C:r:g:T:G:M:S:a:W:")) != -1) { 827 "degiqpclBRvxXyb:f:t:U:D:P:N:C:r:g:T:G:M:S:a:W:")) != -1) {
833 switch (opt) { 828 switch (opt) {
834 case 'b': 829 case 'b':
835 bits = atoi(optarg); 830 bits = atoi(optarg);
@@ -897,6 +892,15 @@ main(int ac, char **av)
897 case 'U': 892 case 'U':
898 reader_id = optarg; 893 reader_id = optarg;
899 break; 894 break;
895 case 'v':
896 if (log_level == SYSLOG_LEVEL_INFO)
897 log_level = SYSLOG_LEVEL_DEBUG1;
898 else {
899 if (log_level >= SYSLOG_LEVEL_DEBUG1 &&
900 log_level < SYSLOG_LEVEL_DEBUG3)
901 log_level++;
902 }
903 break;
900 case 'r': 904 case 'r':
901 resource_record_hostname = optarg; 905 resource_record_hostname = optarg;
902 break; 906 break;
@@ -908,13 +912,13 @@ main(int ac, char **av)
908 case 'a': 912 case 'a':
909 trials = atoi(optarg); 913 trials = atoi(optarg);
910 if (trials < TRIAL_MINIMUM) { 914 if (trials < TRIAL_MINIMUM) {
911 fatal("Minimum primality trials is %d", 915 fatal("Minimum primality trials is %d",
912 TRIAL_MINIMUM); 916 TRIAL_MINIMUM);
913 } 917 }
914 break; 918 break;
915 case 'M': 919 case 'M':
916 memory = atoi(optarg); 920 memory = atoi(optarg);
917 if (memory != 0 && 921 if (memory != 0 &&
918 (memory < LARGE_MINIMUM || memory > LARGE_MAXIMUM)) { 922 (memory < LARGE_MINIMUM || memory > LARGE_MAXIMUM)) {
919 fatal("Invalid memory amount (min %ld, max %ld)", 923 fatal("Invalid memory amount (min %ld, max %ld)",
920 LARGE_MINIMUM, LARGE_MAXIMUM); 924 LARGE_MINIMUM, LARGE_MAXIMUM);
@@ -938,6 +942,10 @@ main(int ac, char **av)
938 usage(); 942 usage();
939 } 943 }
940 } 944 }
945
946 /* reinit */
947 log_init(av[0], log_level, SYSLOG_FACILITY_USER, 1);
948
941 if (optind < ac) { 949 if (optind < ac) {
942 printf("Too many arguments.\n"); 950 printf("Too many arguments.\n");
943 usage(); 951 usage();
@@ -959,11 +967,7 @@ main(int ac, char **av)
959 if (print_public) 967 if (print_public)
960 do_print_public(pw); 968 do_print_public(pw);
961 if (resource_record_hostname != NULL) { 969 if (resource_record_hostname != NULL) {
962#ifdef DNS
963 do_print_resource_record(pw, resource_record_hostname); 970 do_print_resource_record(pw, resource_record_hostname);
964#else /* DNS */
965 fatal("no DNS support.");
966#endif /* DNS */
967 } 971 }
968 if (reader_id != NULL) { 972 if (reader_id != NULL) {
969#ifdef SMARTCARD 973#ifdef SMARTCARD
@@ -978,7 +982,7 @@ main(int ac, char **av)
978 982
979 if (do_gen_candidates) { 983 if (do_gen_candidates) {
980 FILE *out = fopen(out_file, "w"); 984 FILE *out = fopen(out_file, "w");
981 985
982 if (out == NULL) { 986 if (out == NULL) {
983 error("Couldn't open modulus candidate file \"%s\": %s", 987 error("Couldn't open modulus candidate file \"%s\": %s",
984 out_file, strerror(errno)); 988 out_file, strerror(errno));
@@ -997,7 +1001,7 @@ main(int ac, char **av)
997 if (have_identity && strcmp(identity_file, "-") != 0) { 1001 if (have_identity && strcmp(identity_file, "-") != 0) {
998 if ((in = fopen(identity_file, "r")) == NULL) { 1002 if ((in = fopen(identity_file, "r")) == NULL) {
999 fatal("Couldn't open modulus candidate " 1003 fatal("Couldn't open modulus candidate "
1000 "file \"%s\": %s", identity_file, 1004 "file \"%s\": %s", identity_file,
1001 strerror(errno)); 1005 strerror(errno));
1002 } 1006 }
1003 } else 1007 } else
diff --git a/ssh-keyscan.c b/ssh-keyscan.c
index e541b4709..6fc624c63 100644
--- a/ssh-keyscan.c
+++ b/ssh-keyscan.c
@@ -7,7 +7,7 @@
7 */ 7 */
8 8
9#include "includes.h" 9#include "includes.h"
10RCSID("$OpenBSD: ssh-keyscan.c,v 1.44 2003/06/28 16:23:06 deraadt Exp $"); 10RCSID("$OpenBSD: ssh-keyscan.c,v 1.46 2003/11/23 23:17:34 djm Exp $");
11 11
12#include "openbsd-compat/sys-queue.h" 12#include "openbsd-compat/sys-queue.h"
13 13
@@ -214,13 +214,11 @@ fdlim_get(int hard)
214 if (getrlimit(RLIMIT_NOFILE, &rlfd) < 0) 214 if (getrlimit(RLIMIT_NOFILE, &rlfd) < 0)
215 return (-1); 215 return (-1);
216 if ((hard ? rlfd.rlim_max : rlfd.rlim_cur) == RLIM_INFINITY) 216 if ((hard ? rlfd.rlim_max : rlfd.rlim_cur) == RLIM_INFINITY)
217 return 10000; 217 return SSH_SYSFDMAX;
218 else 218 else
219 return hard ? rlfd.rlim_max : rlfd.rlim_cur; 219 return hard ? rlfd.rlim_max : rlfd.rlim_cur;
220#elif defined (HAVE_SYSCONF)
221 return sysconf (_SC_OPEN_MAX);
222#else 220#else
223 return 10000; 221 return SSH_SYSFDMAX;
224#endif 222#endif
225} 223}
226 224
@@ -675,7 +673,7 @@ fatal(const char *fmt,...)
675 if (nonfatal_fatal) 673 if (nonfatal_fatal)
676 longjmp(kexjmp, -1); 674 longjmp(kexjmp, -1);
677 else 675 else
678 fatal_cleanup(); 676 exit(255);
679} 677}
680 678
681static void 679static void
diff --git a/ssh-keysign.c b/ssh-keysign.c
index c7ca5c4e4..9e9ebe2f1 100644
--- a/ssh-keysign.c
+++ b/ssh-keysign.c
@@ -22,7 +22,7 @@
22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23 */ 23 */
24#include "includes.h" 24#include "includes.h"
25RCSID("$OpenBSD: ssh-keysign.c,v 1.13 2003/07/03 08:09:06 djm Exp $"); 25RCSID("$OpenBSD: ssh-keysign.c,v 1.15 2004/01/19 21:25:15 markus Exp $");
26 26
27#include <openssl/evp.h> 27#include <openssl/evp.h>
28#include <openssl/rand.h> 28#include <openssl/rand.h>
@@ -126,6 +126,7 @@ valid_request(struct passwd *pw, char *host, Key **ret, u_char *data,
126 /* end of message */ 126 /* end of message */
127 if (buffer_len(&b) != 0) 127 if (buffer_len(&b) != 0)
128 fail++; 128 fail++;
129 buffer_free(&b);
129 130
130 debug3("valid_request: fail %d", fail); 131 debug3("valid_request: fail %d", fail);
131 132
@@ -233,7 +234,8 @@ main(int argc, char **argv)
233 /* send reply */ 234 /* send reply */
234 buffer_clear(&b); 235 buffer_clear(&b);
235 buffer_put_string(&b, signature, slen); 236 buffer_put_string(&b, signature, slen);
236 ssh_msg_send(STDOUT_FILENO, version, &b); 237 if (ssh_msg_send(STDOUT_FILENO, version, &b) == -1)
238 fatal("ssh_msg_send failed");
237 239
238 return (0); 240 return (0);
239} 241}
diff --git a/ssh-rand-helper.8 b/ssh-rand-helper.8
index a89185c0a..df559d332 100644
--- a/ssh-rand-helper.8
+++ b/ssh-rand-helper.8
@@ -1,4 +1,4 @@
1.\" $Id: ssh-rand-helper.8,v 1.1 2002/04/14 09:27:13 djm Exp $ 1.\" $Id: ssh-rand-helper.8,v 1.2 2003/11/21 12:48:56 djm Exp $
2.\" 2.\"
3.\" Copyright (c) 2002 Damien Miller. All rights reserved. 3.\" Copyright (c) 2002 Damien Miller. All rights reserved.
4.\" 4.\"
@@ -34,22 +34,22 @@
34.Op Fl b Ar bytes 34.Op Fl b Ar bytes
35.Sh DESCRIPTION 35.Sh DESCRIPTION
36.Nm 36.Nm
37is a small helper program used by 37is a small helper program used by
38.Xr ssh 1 , 38.Xr ssh 1 ,
39.Xr ssh-add 1 , 39.Xr ssh-add 1 ,
40.Xr ssh-agent 1 , 40.Xr ssh-agent 1 ,
41.Xr ssh-keygen 1 , 41.Xr ssh-keygen 1 ,
42.Xr ssh-keyscan 1 42.Xr ssh-keyscan 1
43and 43and
44.Xr sshd 8 44.Xr sshd 8
45to gather random numbers of cryptographic quality if the 45to gather random numbers of cryptographic quality if the
46.Xr openssl 4 46.Xr openssl 4
47library has not been configured to provide them itself. 47library has not been configured to provide them itself.
48.Pp 48.Pp
49Normally 49Normally
50.Nm 50.Nm
51will generate a strong random seed and provide it to the calling 51will generate a strong random seed and provide it to the calling
52program via standard output. If standard output is a tty, 52program via standard output. If standard output is a tty,
53.Nm 53.Nm
54will instead print the seed in hexidecimal format unless told otherwise. 54will instead print the seed in hexidecimal format unless told otherwise.
55.Pp 55.Pp
@@ -57,19 +57,19 @@ will instead print the seed in hexidecimal format unless told otherwise.
57will by default gather random numbers from the system commands listed 57will by default gather random numbers from the system commands listed
58in 58in
59.Pa /etc/ssh/ssh_prng_cmds . 59.Pa /etc/ssh/ssh_prng_cmds .
60The output of each of the commands listed will be hashed and used to 60The output of each of the commands listed will be hashed and used to
61generate a random seed for the calling program. 61generate a random seed for the calling program.
62.Nm 62.Nm
63will also store seed files in 63will also store seed files in
64.Pa ~/.ssh/prng_seed 64.Pa ~/.ssh/prng_seed
65between executions. 65between executions.
66.Pp 66.Pp
67Alternately, 67Alternately,
68.Nm 68.Nm
69may be configured at build time to collect random numbers from a 69may be configured at build time to collect random numbers from a
70EGD/PRNGd server via a unix domain or localhost tcp socket. 70EGD/PRNGd server via a unix domain or localhost tcp socket.
71.Pp 71.Pp
72This program is not intended to be run by the end-user, so the few 72This program is not intended to be run by the end-user, so the few
73commandline options are for debugging purposes only. 73commandline options are for debugging purposes only.
74.Bl -tag -width Ds 74.Bl -tag -width Ds
75.It Fl b Ar bytes 75.It Fl b Ar bytes
diff --git a/ssh-rand-helper.c b/ssh-rand-helper.c
index 7e65e4569..8a320a71e 100644
--- a/ssh-rand-helper.c
+++ b/ssh-rand-helper.c
@@ -39,7 +39,7 @@
39#include "pathnames.h" 39#include "pathnames.h"
40#include "log.h" 40#include "log.h"
41 41
42RCSID("$Id: ssh-rand-helper.c,v 1.13 2003/08/21 23:34:41 djm Exp $"); 42RCSID("$Id: ssh-rand-helper.c,v 1.16 2003/11/21 12:56:47 djm Exp $");
43 43
44/* Number of bytes we write out */ 44/* Number of bytes we write out */
45#define OUTPUT_SEED_SIZE 48 45#define OUTPUT_SEED_SIZE 48
@@ -115,19 +115,19 @@ double stir_gettimeofday(double entropy_estimate);
115double stir_clock(double entropy_estimate); 115double stir_clock(double entropy_estimate);
116double stir_rusage(int who, double entropy_estimate); 116double stir_rusage(int who, double entropy_estimate);
117double hash_command_output(entropy_cmd_t *src, unsigned char *hash); 117double hash_command_output(entropy_cmd_t *src, unsigned char *hash);
118int get_random_bytes_prngd(unsigned char *buf, int len, 118int get_random_bytes_prngd(unsigned char *buf, int len,
119 unsigned short tcp_port, char *socket_path); 119 unsigned short tcp_port, char *socket_path);
120 120
121/* 121/*
122 * Collect 'len' bytes of entropy into 'buf' from PRNGD/EGD daemon 122 * Collect 'len' bytes of entropy into 'buf' from PRNGD/EGD daemon
123 * listening either on 'tcp_port', or via Unix domain socket at * 123 * listening either on 'tcp_port', or via Unix domain socket at *
124 * 'socket_path'. 124 * 'socket_path'.
125 * Either a non-zero tcp_port or a non-null socket_path must be 125 * Either a non-zero tcp_port or a non-null socket_path must be
126 * supplied. 126 * supplied.
127 * Returns 0 on success, -1 on error 127 * Returns 0 on success, -1 on error
128 */ 128 */
129int 129int
130get_random_bytes_prngd(unsigned char *buf, int len, 130get_random_bytes_prngd(unsigned char *buf, int len,
131 unsigned short tcp_port, char *socket_path) 131 unsigned short tcp_port, char *socket_path)
132{ 132{
133 int fd, addr_len, rval, errors; 133 int fd, addr_len, rval, errors;
@@ -289,7 +289,7 @@ hash_command_output(entropy_cmd_t *src, unsigned char *hash)
289 if (devnull == -1) { 289 if (devnull == -1) {
290 devnull = open("/dev/null", O_RDWR); 290 devnull = open("/dev/null", O_RDWR);
291 if (devnull == -1) 291 if (devnull == -1)
292 fatal("Couldn't open /dev/null: %s", 292 fatal("Couldn't open /dev/null: %s",
293 strerror(errno)); 293 strerror(errno));
294 } 294 }
295 295
@@ -314,7 +314,7 @@ hash_command_output(entropy_cmd_t *src, unsigned char *hash)
314 314
315 execv(src->path, (char**)(src->args)); 315 execv(src->path, (char**)(src->args));
316 316
317 debug("(child) Couldn't exec '%s': %s", 317 debug("(child) Couldn't exec '%s': %s",
318 src->cmdstring, strerror(errno)); 318 src->cmdstring, strerror(errno));
319 _exit(-1); 319 _exit(-1);
320 default: /* Parent */ 320 default: /* Parent */
@@ -376,7 +376,7 @@ hash_command_output(entropy_cmd_t *src, unsigned char *hash)
376 case -1: 376 case -1:
377 default: 377 default:
378 /* error */ 378 /* error */
379 debug("Command '%s': select() failed: %s", 379 debug("Command '%s': select() failed: %s",
380 src->cmdstring, strerror(errno)); 380 src->cmdstring, strerror(errno));
381 error_abort = 1; 381 error_abort = 1;
382 break; 382 break;
@@ -400,8 +400,8 @@ hash_command_output(entropy_cmd_t *src, unsigned char *hash)
400 if (error_abort) { 400 if (error_abort) {
401 /* 401 /*
402 * Closing p[0] on timeout causes the entropy command to 402 * Closing p[0] on timeout causes the entropy command to
403 * SIGPIPE. Take whatever output we got, and mark this 403 * SIGPIPE. Take whatever output we got, and mark this
404 * command as slow 404 * command as slow
405 */ 405 */
406 debug2("Command '%s' timed out", src->cmdstring); 406 debug2("Command '%s' timed out", src->cmdstring);
407 src->sticky_badness *= 2; 407 src->sticky_badness *= 2;
@@ -479,7 +479,7 @@ stir_from_programs(void)
479 /* Stir it in */ 479 /* Stir it in */
480 RAND_add(hash, sizeof(hash), entropy); 480 RAND_add(hash, sizeof(hash), entropy);
481 481
482 debug3("Got %0.2f bytes of entropy from '%s'", 482 debug3("Got %0.2f bytes of entropy from '%s'",
483 entropy, entropy_cmds[c].cmdstring); 483 entropy, entropy_cmds[c].cmdstring);
484 484
485 total_entropy += entropy; 485 total_entropy += entropy;
@@ -491,7 +491,7 @@ stir_from_programs(void)
491 total_entropy += stir_rusage(RUSAGE_CHILDREN, 0.1); 491 total_entropy += stir_rusage(RUSAGE_CHILDREN, 0.1);
492 } else { 492 } else {
493 debug2("Command '%s' disabled (badness %d)", 493 debug2("Command '%s' disabled (badness %d)",
494 entropy_cmds[c].cmdstring, 494 entropy_cmds[c].cmdstring,
495 entropy_cmds[c].badness); 495 entropy_cmds[c].badness);
496 496
497 if (entropy_cmds[c].badness > 0) 497 if (entropy_cmds[c].badness > 0)
@@ -511,8 +511,8 @@ prng_check_seedfile(char *filename)
511 struct stat st; 511 struct stat st;
512 512
513 /* 513 /*
514 * XXX raceable: eg replace seed between this stat and subsequent 514 * XXX raceable: eg replace seed between this stat and subsequent
515 * open. Not such a problem because we don't really trust the 515 * open. Not such a problem because we don't really trust the
516 * seed file anyway. 516 * seed file anyway.
517 * XXX: use secure path checking as elsewhere in OpenSSH 517 * XXX: use secure path checking as elsewhere in OpenSSH
518 */ 518 */
@@ -563,7 +563,7 @@ prng_write_seedfile(void)
563 debug("writing PRNG seed to file %.100s", filename); 563 debug("writing PRNG seed to file %.100s", filename);
564 564
565 if (RAND_bytes(seed, sizeof(seed)) <= 0) 565 if (RAND_bytes(seed, sizeof(seed)) <= 0)
566 fatal("PRNG seed extration failed"); 566 fatal("PRNG seed extraction failed");
567 567
568 /* Don't care if the seed doesn't exist */ 568 /* Don't care if the seed doesn't exist */
569 prng_check_seedfile(filename); 569 prng_check_seedfile(filename);
@@ -651,7 +651,7 @@ prng_read_commands(char *cmdfilename)
651 continue; /* done with this line */ 651 continue; /* done with this line */
652 652
653 /* 653 /*
654 * The first non-whitespace char should be a double quote 654 * The first non-whitespace char should be a double quote
655 * delimiting the commandline 655 * delimiting the commandline
656 */ 656 */
657 if (*cp != '"') { 657 if (*cp != '"') {
@@ -726,7 +726,7 @@ prng_read_commands(char *cmdfilename)
726 726
727 /* 727 /*
728 * If we've filled the array, reallocate it twice the size 728 * If we've filled the array, reallocate it twice the size
729 * Do this now because even if this we're on the last 729 * Do this now because even if this we're on the last
730 * command we need another slot to mark the last entry 730 * command we need another slot to mark the last entry
731 */ 731 */
732 if (cur_cmd == num_cmds) { 732 if (cur_cmd == num_cmds) {
@@ -761,7 +761,7 @@ usage(void)
761 OUTPUT_SEED_SIZE); 761 OUTPUT_SEED_SIZE);
762} 762}
763 763
764int 764int
765main(int argc, char **argv) 765main(int argc, char **argv)
766{ 766{
767 unsigned char *buf; 767 unsigned char *buf;
@@ -779,7 +779,7 @@ main(int argc, char **argv)
779 /* Don't write binary data to a tty, unless we are forced to */ 779 /* Don't write binary data to a tty, unless we are forced to */
780 if (isatty(STDOUT_FILENO)) 780 if (isatty(STDOUT_FILENO))
781 output_hex = 1; 781 output_hex = 1;
782 782
783 while ((ch = getopt(argc, argv, "vxXhb:")) != -1) { 783 while ((ch = getopt(argc, argv, "vxXhb:")) != -1) {
784 switch (ch) { 784 switch (ch) {
785 case 'v': 785 case 'v':
@@ -806,7 +806,7 @@ main(int argc, char **argv)
806 } 806 }
807 807
808 log_init(argv[0], ll, SYSLOG_FACILITY_USER, 1); 808 log_init(argv[0], ll, SYSLOG_FACILITY_USER, 1);
809 809
810#ifdef USE_SEED_FILES 810#ifdef USE_SEED_FILES
811 prng_read_seedfile(); 811 prng_read_seedfile();
812#endif 812#endif
@@ -816,11 +816,11 @@ main(int argc, char **argv)
816 /* 816 /*
817 * Seed the RNG from wherever we can 817 * Seed the RNG from wherever we can
818 */ 818 */
819 819
820 /* Take whatever is on the stack, but don't credit it */ 820 /* Take whatever is on the stack, but don't credit it */
821 RAND_add(buf, bytes, 0); 821 RAND_add(buf, bytes, 0);
822 822
823 debug("Seeded RNG with %i bytes from system calls", 823 debug("Seeded RNG with %i bytes from system calls",
824 (int)stir_from_system()); 824 (int)stir_from_system());
825 825
826#ifdef PRNGD_PORT 826#ifdef PRNGD_PORT
@@ -835,7 +835,7 @@ main(int argc, char **argv)
835 /* Read in collection commands */ 835 /* Read in collection commands */
836 if (prng_read_commands(SSH_PRNG_COMMAND_FILE) == -1) 836 if (prng_read_commands(SSH_PRNG_COMMAND_FILE) == -1)
837 fatal("PRNG initialisation failed -- exiting."); 837 fatal("PRNG initialisation failed -- exiting.");
838 debug("Seeded RNG with %i bytes from programs", 838 debug("Seeded RNG with %i bytes from programs",
839 (int)stir_from_programs()); 839 (int)stir_from_programs());
840#endif 840#endif
841 841
@@ -859,9 +859,9 @@ main(int argc, char **argv)
859 printf("\n"); 859 printf("\n");
860 } else 860 } else
861 ret = atomicio(vwrite, STDOUT_FILENO, buf, bytes); 861 ret = atomicio(vwrite, STDOUT_FILENO, buf, bytes);
862 862
863 memset(buf, '\0', bytes); 863 memset(buf, '\0', bytes);
864 xfree(buf); 864 xfree(buf);
865 865
866 return ret == bytes ? 0 : 1; 866 return ret == bytes ? 0 : 1;
867} 867}
diff --git a/ssh-rsa.c b/ssh-rsa.c
index 53e5023f7..6e3be0a7e 100644
--- a/ssh-rsa.c
+++ b/ssh-rsa.c
@@ -14,7 +14,7 @@
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */ 15 */
16#include "includes.h" 16#include "includes.h"
17RCSID("$OpenBSD: ssh-rsa.c,v 1.30 2003/06/18 11:28:11 markus Exp $"); 17RCSID("$OpenBSD: ssh-rsa.c,v 1.31 2003/11/10 16:23:41 jakob Exp $");
18 18
19#include <openssl/evp.h> 19#include <openssl/evp.h>
20#include <openssl/err.h> 20#include <openssl/err.h>
@@ -31,8 +31,8 @@ static int openssh_RSA_verify(int, u_char *, u_int, u_char *, u_int, RSA *);
31 31
32/* RSASSA-PKCS1-v1_5 (PKCS #1 v2.0 signature) with SHA1 */ 32/* RSASSA-PKCS1-v1_5 (PKCS #1 v2.0 signature) with SHA1 */
33int 33int
34ssh_rsa_sign(Key *key, u_char **sigp, u_int *lenp, 34ssh_rsa_sign(const Key *key, u_char **sigp, u_int *lenp,
35 u_char *data, u_int datalen) 35 const u_char *data, u_int datalen)
36{ 36{
37 const EVP_MD *evp_md; 37 const EVP_MD *evp_md;
38 EVP_MD_CTX md; 38 EVP_MD_CTX md;
@@ -96,8 +96,8 @@ ssh_rsa_sign(Key *key, u_char **sigp, u_int *lenp,
96} 96}
97 97
98int 98int
99ssh_rsa_verify(Key *key, u_char *signature, u_int signaturelen, 99ssh_rsa_verify(const Key *key, const u_char *signature, u_int signaturelen,
100 u_char *data, u_int datalen) 100 const u_char *data, u_int datalen)
101{ 101{
102 Buffer b; 102 Buffer b;
103 const EVP_MD *evp_md; 103 const EVP_MD *evp_md;
diff --git a/ssh.0 b/ssh.0
index 972ac45c7..4f5a282f8 100644
--- a/ssh.0
+++ b/ssh.0
@@ -1,32 +1,33 @@
1SSH(1) BSD General Commands Manual SSH(1) 1SSH(1) OpenBSD Reference Manual SSH(1)
2 2
3NAME 3NAME
4 ssh - OpenSSH SSH client (remote login program) 4 ssh - OpenSSH SSH client (remote login program)
5 5
6SYNOPSIS 6SYNOPSIS
7 ssh [-l login_name] hostname | user@hostname [command] 7 ssh [-1246AaCfgkNnqsTtVvXxY] [-b bind_address] [-c cipher_spec] [-D port]
8 8 [-e escape_char] [-F configfile] [-i identity_file]
9 ssh [-afgknqstvxACNTVX1246] [-b bind_address] [-c cipher_spec] 9 [-L port:host:hostport] [-l login_name] [-m mac_spec] [-o option]
10 [-e escape_char] [-i identity_file] [-l login_name] [-m mac_spec] 10 [-p port] [-R port:host:hostport] [user@]hostname [command]
11 [-o option] [-p port] [-F configfile] [-L port:host:hostport]
12 [-R port:host:hostport] [-D port] hostname | user@hostname [command]
13 11
14DESCRIPTION 12DESCRIPTION
15 ssh (SSH client) is a program for logging into a remote machine and for 13 ssh (SSH client) is a program for logging into a remote machine and for
16 executing commands on a remote machine. It is intended to replace rlogin 14 executing commands on a remote machine. It is intended to replace rlogin
17 and rsh, and provide secure encrypted communications between two 15 and rsh, and provide secure encrypted communications between two untrust-
18 untrusted hosts over an insecure network. X11 connections and arbitrary 16 ed hosts over an insecure network. X11 connections and arbitrary TCP/IP
19 TCP/IP ports can also be forwarded over the secure channel. 17 ports can also be forwarded over the secure channel.
18
19 ssh connects and logs into the specified hostname (with optional user
20 name). The user must prove his/her identity to the remote machine using
21 one of several methods depending on the protocol version used.
20 22
21 ssh connects and logs into the specified hostname. The user must prove 23 If command is specified, command is executed on the remote host instead
22 his/her identity to the remote machine using one of several methods 24 of a login shell.
23 depending on the protocol version used:
24 25
25 SSH protocol version 1 26 SSH protocol version 1
26 First, if the machine the user logs in from is listed in /etc/hosts.equiv 27 First, if the machine the user logs in from is listed in /etc/hosts.equiv
27 or /etc/shosts.equiv on the remote machine, and the user names are the 28 or /etc/shosts.equiv on the remote machine, and the user names are the
28 same on both sides, the user is immediately permitted to log in. Second, 29 same on both sides, the user is immediately permitted to log in. Second,
29 if .rhosts or .shosts exists in the userM-bM-^@M-^Ys home directory on the remote 30 if .rhosts or .shosts exists in the user's home directory on the remote
30 machine and contains a line containing the name of the client machine and 31 machine and contains a line containing the name of the client machine and
31 the name of the user on that machine, the user is permitted to log in. 32 the name of the user on that machine, the user is permitted to log in.
32 This form of authentication alone is normally not allowed by the server 33 This form of authentication alone is normally not allowed by the server
@@ -35,9 +36,9 @@ DESCRIPTION
35 The second authentication method is the rhosts or hosts.equiv method com- 36 The second authentication method is the rhosts or hosts.equiv method com-
36 bined with RSA-based host authentication. It means that if the login 37 bined with RSA-based host authentication. It means that if the login
37 would be permitted by $HOME/.rhosts, $HOME/.shosts, /etc/hosts.equiv, or 38 would be permitted by $HOME/.rhosts, $HOME/.shosts, /etc/hosts.equiv, or
38 /etc/shosts.equiv, and if additionally the server can verify the clientM-bM-^@M-^Ys 39 /etc/shosts.equiv, and if additionally the server can verify the client's
39 host key (see /etc/ssh/ssh_known_hosts and $HOME/.ssh/known_hosts in the 40 host key (see /etc/ssh/ssh_known_hosts and $HOME/.ssh/known_hosts in the
40 FILES section), only then login is permitted. This authentication method 41 FILES section), only then is login permitted. This authentication method
41 closes security holes due to IP spoofing, DNS spoofing and routing spoof- 42 closes security holes due to IP spoofing, DNS spoofing and routing spoof-
42 ing. [Note to the administrator: /etc/hosts.equiv, $HOME/.rhosts, and 43 ing. [Note to the administrator: /etc/hosts.equiv, $HOME/.rhosts, and
43 the rlogin/rsh protocol in general, are inherently insecure and should be 44 the rlogin/rsh protocol in general, are inherently insecure and should be
@@ -49,21 +50,22 @@ DESCRIPTION
49 not possible to derive the decryption key from the encryption key. RSA 50 not possible to derive the decryption key from the encryption key. RSA
50 is one such system. The idea is that each user creates a public/private 51 is one such system. The idea is that each user creates a public/private
51 key pair for authentication purposes. The server knows the public key, 52 key pair for authentication purposes. The server knows the public key,
52 and only the user knows the private key. The file 53 and only the user knows the private key.
53 $HOME/.ssh/authorized_keys lists the public keys that are permitted for 54
54 logging in. When the user logs in, the ssh program tells the server 55 The file $HOME/.ssh/authorized_keys lists the public keys that are per-
55 which key pair it would like to use for authentication. The server 56 mitted for logging in. When the user logs in, the ssh program tells the
56 checks if this key is permitted, and if so, sends the user (actually the 57 server which key pair it would like to use for authentication. The serv-
57 ssh program running on behalf of the user) a challenge, a random number, 58 er checks if this key is permitted, and if so, sends the user (actually
58 encrypted by the userM-bM-^@M-^Ys public key. The challenge can only be decrypted 59 the ssh program running on behalf of the user) a challenge, a random num-
59 using the proper private key. The userM-bM-^@M-^Ys client then decrypts the chal- 60 ber, encrypted by the user's public key. The challenge can only be de-
60 lenge using the private key, proving that he/she knows the private key 61 crypted using the proper private key. The user's client then decrypts
61 but without disclosing it to the server. 62 the challenge using the private key, proving that he/she knows the pri-
63 vate key but without disclosing it to the server.
62 64
63 ssh implements the RSA authentication protocol automatically. The user 65 ssh implements the RSA authentication protocol automatically. The user
64 creates his/her RSA key pair by running ssh-keygen(1). This stores the 66 creates his/her RSA key pair by running ssh-keygen(1). This stores the
65 private key in $HOME/.ssh/identity and the public key in 67 private key in $HOME/.ssh/identity and stores the public key in
66 $HOME/.ssh/identity.pub in the userM-bM-^@M-^Ys home directory. The user should 68 $HOME/.ssh/identity.pub in the user's home directory. The user should
67 then copy the identity.pub to $HOME/.ssh/authorized_keys in his/her home 69 then copy the identity.pub to $HOME/.ssh/authorized_keys in his/her home
68 directory on the remote machine (the authorized_keys file corresponds to 70 directory on the remote machine (the authorized_keys file corresponds to
69 the conventional $HOME/.rhosts file, and has one key per line, though the 71 the conventional $HOME/.rhosts file, and has one key per line, though the
@@ -80,11 +82,11 @@ DESCRIPTION
80 someone listening on the network. 82 someone listening on the network.
81 83
82 SSH protocol version 2 84 SSH protocol version 2
83 When a user connects using protocol version 2 similar authentication 85 When a user connects using protocol version 2, similar authentication
84 methods are available. Using the default values for 86 methods are available. Using the default values for
85 PreferredAuthentications, the client will try to authenticate first using 87 PreferredAuthentications, the client will try to authenticate first using
86 the hostbased method; if this method fails public key authentication is 88 the hostbased method; if this method fails, public key authentication is
87 attempted, and finally if this method fails keyboard-interactive and 89 attempted, and finally if this method fails, keyboard-interactive and
88 password authentication are tried. 90 password authentication are tried.
89 91
90 The public key method is similar to RSA authentication described in the 92 The public key method is similar to RSA authentication described in the
@@ -94,11 +96,11 @@ DESCRIPTION
94 server checks whether the matching public key is listed in 96 server checks whether the matching public key is listed in
95 $HOME/.ssh/authorized_keys and grants access if both the key is found and 97 $HOME/.ssh/authorized_keys and grants access if both the key is found and
96 the signature is correct. The session identifier is derived from a 98 the signature is correct. The session identifier is derived from a
97 shared Diffie-Hellman value and is only known to the client and the 99 shared Diffie-Hellman value and is only known to the client and the serv-
98 server. 100 er.
99 101
100 If public key authentication fails or is not available a password can be 102 If public key authentication fails or is not available, a password can be
101 sent encrypted to the remote host for proving the userM-bM-^@M-^Ys identity. 103 sent encrypted to the remote host to prove the user's identity.
102 104
103 Additionally, ssh supports hostbased or challenge response authentica- 105 Additionally, ssh supports hostbased or challenge response authentica-
104 tion. 106 tion.
@@ -109,25 +111,25 @@ DESCRIPTION
109 ensuring the integrity of the connection. 111 ensuring the integrity of the connection.
110 112
111 Login session and remote execution 113 Login session and remote execution
112 When the userM-bM-^@M-^Ys identity has been accepted by the server, the server 114 When the user's identity has been accepted by the server, the server ei-
113 either executes the given command, or logs into the machine and gives the 115 ther executes the given command, or logs into the machine and gives the
114 user a normal shell on the remote machine. All communication with the 116 user a normal shell on the remote machine. All communication with the
115 remote command or shell will be automatically encrypted. 117 remote command or shell will be automatically encrypted.
116 118
117 If a pseudo-terminal has been allocated (normal login session), the user 119 If a pseudo-terminal has been allocated (normal login session), the user
118 may use the escape characters noted below. 120 may use the escape characters noted below.
119 121
120 If no pseudo tty has been allocated, the session is transparent and can 122 If no pseudo-tty has been allocated, the session is transparent and can
121 be used to reliably transfer binary data. On most systems, setting the 123 be used to reliably transfer binary data. On most systems, setting the
122 escape character to M-bM-^@M-^\noneM-bM-^@M-^] will also make the session transparent even if 124 escape character to ``none'' will also make the session transparent even
123 a tty is used. 125 if a tty is used.
124 126
125 The session terminates when the command or shell on the remote machine 127 The session terminates when the command or shell on the remote machine
126 exits and all X11 and TCP/IP connections have been closed. The exit sta- 128 exits and all X11 and TCP/IP connections have been closed. The exit sta-
127 tus of the remote program is returned as the exit status of ssh. 129 tus of the remote program is returned as the exit status of ssh.
128 130
129 Escape Characters 131 Escape Characters
130 When a pseudo terminal has been requested, ssh supports a number of func- 132 When a pseudo-terminal has been requested, ssh supports a number of func-
131 tions through the use of an escape character. 133 tions through the use of an escape character.
132 134
133 A single tilde character can be sent as ~~ or by following the tilde by a 135 A single tilde character can be sent as ~~ or by following the tilde by a
@@ -136,42 +138,42 @@ DESCRIPTION
136 ter can be changed in configuration files using the EscapeChar configura- 138 ter can be changed in configuration files using the EscapeChar configura-
137 tion directive or on the command line by the -e option. 139 tion directive or on the command line by the -e option.
138 140
139 The supported escapes (assuming the default M-bM-^@M-^X~M-bM-^@M-^Y) are: 141 The supported escapes (assuming the default `~') are:
140 142
141 ~. Disconnect 143 ~. Disconnect.
142 144
143 ~^Z Background ssh 145 ~^Z Background ssh.
144 146
145 ~# List forwarded connections 147 ~# List forwarded connections.
146 148
147 ~& Background ssh at logout when waiting for forwarded connection / 149 ~& Background ssh at logout when waiting for forwarded connection /
148 X11 sessions to terminate 150 X11 sessions to terminate.
149 151
150 ~? Display a list of escape characters 152 ~? Display a list of escape characters.
151 153
152 ~B Send a BREAK to the remote system (only useful for SSH protocol 154 ~B Send a BREAK to the remote system (only useful for SSH protocol
153 version 2 and if the peer supports it) 155 version 2 and if the peer supports it).
154 156
155 ~C Open command line (only useful for adding port forwardings using 157 ~C Open command line (only useful for adding port forwardings using
156 the -L and -R options) 158 the -L and -R options).
157 159
158 ~R Request rekeying of the connection (only useful for SSH protocol 160 ~R Request rekeying of the connection (only useful for SSH protocol
159 version 2 and if the peer supports it) 161 version 2 and if the peer supports it).
160 162
161 X11 and TCP forwarding 163 X11 and TCP forwarding
162 If the ForwardX11 variable is set to M-bM-^@M-^\yesM-bM-^@M-^] (or, see the description of 164 If the ForwardX11 variable is set to ``yes'' (or see the description of
163 the -X and -x options described later) and the user is using X11 (the 165 the -X and -x options described later) and the user is using X11 (the
164 DISPLAY environment variable is set), the connection to the X11 display 166 DISPLAY environment variable is set), the connection to the X11 display
165 is automatically forwarded to the remote side in such a way that any X11 167 is automatically forwarded to the remote side in such a way that any X11
166 programs started from the shell (or command) will go through the 168 programs started from the shell (or command) will go through the encrypt-
167 encrypted channel, and the connection to the real X server will be made 169 ed channel, and the connection to the real X server will be made from the
168 from the local machine. The user should not manually set DISPLAY. For- 170 local machine. The user should not manually set DISPLAY. Forwarding of
169 warding of X11 connections can be configured on the command line or in 171 X11 connections can be configured on the command line or in configuration
170 configuration files. 172 files.
171 173
172 The DISPLAY value set by ssh will point to the server machine, but with a 174 The DISPLAY value set by ssh will point to the server machine, but with a
173 display number greater than zero. This is normal, and happens because 175 display number greater than zero. This is normal, and happens because
174 ssh creates a M-bM-^@M-^\proxyM-bM-^@M-^] X server on the server machine for forwarding the 176 ssh creates a ``proxy'' X server on the server machine for forwarding the
175 connections over the encrypted channel. 177 connections over the encrypted channel.
176 178
177 ssh will also automatically set up Xauthority data on the server machine. 179 ssh will also automatically set up Xauthority data on the server machine.
@@ -181,7 +183,7 @@ DESCRIPTION
181 is opened. The real authentication cookie is never sent to the server 183 is opened. The real authentication cookie is never sent to the server
182 machine (and no cookies are sent in the plain). 184 machine (and no cookies are sent in the plain).
183 185
184 If the ForwardAgent variable is set to M-bM-^@M-^\yesM-bM-^@M-^] (or, see the description of 186 If the ForwardAgent variable is set to ``yes'' (or see the description of
185 the -A and -a options described later) and the user is using an authenti- 187 the -A and -a options described later) and the user is using an authenti-
186 cation agent, the connection to the agent is automatically forwarded to 188 cation agent, the connection to the agent is automatically forwarded to
187 the remote side. 189 the remote side.
@@ -194,11 +196,11 @@ DESCRIPTION
194 Server authentication 196 Server authentication
195 ssh automatically maintains and checks a database containing identifica- 197 ssh automatically maintains and checks a database containing identifica-
196 tions for all hosts it has ever been used with. Host keys are stored in 198 tions for all hosts it has ever been used with. Host keys are stored in
197 $HOME/.ssh/known_hosts in the userM-bM-^@M-^Ys home directory. Additionally, the 199 $HOME/.ssh/known_hosts in the user's home directory. Additionally, the
198 file /etc/ssh/ssh_known_hosts is automatically checked for known hosts. 200 file /etc/ssh/ssh_known_hosts is automatically checked for known hosts.
199 Any new hosts are automatically added to the userM-bM-^@M-^Ys file. If a hostM-bM-^@M-^Ys 201 Any new hosts are automatically added to the user's file. If a host's
200 identification ever changes, ssh warns about this and disables password 202 identification ever changes, ssh warns about this and disables password
201 authentication to prevent a trojan horse from getting the userM-bM-^@M-^Ys pass- 203 authentication to prevent a trojan horse from getting the user's pass-
202 word. Another purpose of this mechanism is to prevent man-in-the-middle 204 word. Another purpose of this mechanism is to prevent man-in-the-middle
203 attacks which could otherwise be used to circumvent the encryption. The 205 attacks which could otherwise be used to circumvent the encryption. The
204 StrictHostKeyChecking option can be used to prevent logins to machines 206 StrictHostKeyChecking option can be used to prevent logins to machines
@@ -206,7 +208,13 @@ DESCRIPTION
206 208
207 The options are as follows: 209 The options are as follows:
208 210
209 -a Disables forwarding of the authentication agent connection. 211 -1 Forces ssh to try protocol version 1 only.
212
213 -2 Forces ssh to try protocol version 2 only.
214
215 -4 Forces ssh to use IPv4 addresses only.
216
217 -6 Forces ssh to use IPv6 addresses only.
210 218
211 -A Enables forwarding of the authentication agent connection. This 219 -A Enables forwarding of the authentication agent connection. This
212 can also be specified on a per-host basis in a configuration 220 can also be specified on a per-host basis in a configuration
@@ -214,21 +222,32 @@ DESCRIPTION
214 222
215 Agent forwarding should be enabled with caution. Users with the 223 Agent forwarding should be enabled with caution. Users with the
216 ability to bypass file permissions on the remote host (for the 224 ability to bypass file permissions on the remote host (for the
217 agentM-bM-^@M-^Ys Unix-domain socket) can access the local agent through 225 agent's Unix-domain socket) can access the local agent through
218 the forwarded connection. An attacker cannot obtain key material 226 the forwarded connection. An attacker cannot obtain key material
219 from the agent, however they can perform operations on the keys 227 from the agent, however they can perform operations on the keys
220 that enable them to authenticate using the identities loaded into 228 that enable them to authenticate using the identities loaded into
221 the agent. 229 the agent.
222 230
231 -a Disables forwarding of the authentication agent connection.
232
223 -b bind_address 233 -b bind_address
224 Specify the interface to transmit from on machines with multiple 234 Specify the interface to transmit from on machines with multiple
225 interfaces or aliased addresses. 235 interfaces or aliased addresses.
226 236
227 -c blowfish|3des|des 237 -C Requests compression of all data (including stdin, stdout,
238 stderr, and data for forwarded X11 and TCP/IP connections). The
239 compression algorithm is the same used by gzip(1), and the
240 ``level'' can be controlled by the CompressionLevel option for
241 protocol version 1. Compression is desirable on modem lines and
242 other slow connections, but will only slow down things on fast
243 networks. The default value can be set on a host-by-host basis
244 in the configuration files; see the Compression option.
245
246 -c blowfish | 3des | des
228 Selects the cipher to use for encrypting the session. 3des is 247 Selects the cipher to use for encrypting the session. 3des is
229 used by default. It is believed to be secure. 3des (triple-des) 248 used by default. It is believed to be secure. 3des (triple-des)
230 is an encrypt-decrypt-encrypt triple with three different keys. 249 is an encrypt-decrypt-encrypt triple with three different keys.
231 blowfish is a fast block cipher, it appears very secure and is 250 blowfish is a fast block cipher; it appears very secure and is
232 much faster than 3des. des is only supported in the ssh client 251 much faster than 3des. des is only supported in the ssh client
233 for interoperability with legacy protocol 1 implementations that 252 for interoperability with legacy protocol 1 implementations that
234 do not support the 3des cipher. Its use is strongly discouraged 253 do not support the 3des cipher. Its use is strongly discouraged
@@ -239,39 +258,67 @@ DESCRIPTION
239 ciphers can be specified in order of preference. See Ciphers for 258 ciphers can be specified in order of preference. See Ciphers for
240 more information. 259 more information.
241 260
242 -e ch|^ch|none 261 -D port
243 Sets the escape character for sessions with a pty (default: M-bM-^@M-^X~M-bM-^@M-^Y). 262 Specifies a local ``dynamic'' application-level port forwarding.
263 This works by allocating a socket to listen to port on the local
264 side, and whenever a connection is made to this port, the connec-
265 tion is forwarded over the secure channel, and the application
266 protocol is then used to determine where to connect to from the
267 remote machine. Currently the SOCKS4 and SOCKS5 protocols are
268 supported, and ssh will act as a SOCKS server. Only root can
269 forward privileged ports. Dynamic port forwardings can also be
270 specified in the configuration file.
271
272 -e ch | ^ch | none
273 Sets the escape character for sessions with a pty (default: `~').
244 The escape character is only recognized at the beginning of a 274 The escape character is only recognized at the beginning of a
245 line. The escape character followed by a dot (M-bM-^@M-^X.M-bM-^@M-^Y) closes the 275 line. The escape character followed by a dot (`.') closes the
246 connection, followed by control-Z suspends the connection, and 276 connection; followed by control-Z suspends the connection; and
247 followed by itself sends the escape character once. Setting the 277 followed by itself sends the escape character once. Setting the
248 character to M-bM-^@M-^\noneM-bM-^@M-^] disables any escapes and makes the session 278 character to ``none'' disables any escapes and makes the session
249 fully transparent. 279 fully transparent.
250 280
281 -F configfile
282 Specifies an alternative per-user configuration file. If a con-
283 figuration file is given on the command line, the system-wide
284 configuration file (/etc/ssh/ssh_config) will be ignored. The
285 default for the per-user configuration file is $HOME/.ssh/config.
286
251 -f Requests ssh to go to background just before command execution. 287 -f Requests ssh to go to background just before command execution.
252 This is useful if ssh is going to ask for passwords or 288 This is useful if ssh is going to ask for passwords or passphras-
253 passphrases, but the user wants it in the background. This 289 es, but the user wants it in the background. This implies -n.
254 implies -n. The recommended way to start X11 programs at a 290 The recommended way to start X11 programs at a remote site is
255 remote site is with something like ssh -f host xterm. 291 with something like ssh -f host xterm.
256 292
257 -g Allows remote hosts to connect to local forwarded ports. 293 -g Allows remote hosts to connect to local forwarded ports.
258 294
295 -I smartcard_device
296 Specifies which smartcard device to use. The argument is the de-
297 vice ssh should use to communicate with a smartcard used for
298 storing the user's private RSA key.
299
259 -i identity_file 300 -i identity_file
260 Selects a file from which the identity (private key) for RSA or 301 Selects a file from which the identity (private key) for RSA or
261 DSA authentication is read. The default is $HOME/.ssh/identity 302 DSA authentication is read. The default is $HOME/.ssh/identity
262 for protocol version 1, and $HOME/.ssh/id_rsa and 303 for protocol version 1, and $HOME/.ssh/id_rsa and
263 $HOME/.ssh/id_dsa for protocol version 2. Identity files may 304 $HOME/.ssh/id_dsa for protocol version 2. Identity files may al-
264 also be specified on a per-host basis in the configuration file. 305 so be specified on a per-host basis in the configuration file.
265 It is possible to have multiple -i options (and multiple identi- 306 It is possible to have multiple -i options (and multiple identi-
266 ties specified in configuration files). 307 ties specified in configuration files).
267 308
268 -I smartcard_device 309 -k Disables forwarding (delegation) of GSSAPI credentials to the
269 Specifies which smartcard device to use. The argument is the 310 server.
270 device ssh should use to communicate with a smartcard used for
271 storing the userM-bM-^@M-^Ys private RSA key.
272 311
273 -k Disables forwarding of Kerberos tickets. This may also be speci- 312 -L port:host:hostport
274 fied on a per-host basis in the configuration file. 313 Specifies that the given port on the local (client) host is to be
314 forwarded to the given host and port on the remote side. This
315 works by allocating a socket to listen to port on the local side,
316 and whenever a connection is made to this port, the connection is
317 forwarded over the secure channel, and a connection is made to
318 host port hostport from the remote machine. Port forwardings can
319 also be specified in the configuration file. Only root can for-
320 ward privileged ports. IPv6 addresses can be specified with an
321 alternative syntax: port/host/hostport.
275 322
276 -l login_name 323 -l login_name
277 Specifies the user to log in as on the remote machine. This also 324 Specifies the user to log in as on the remote machine. This also
@@ -282,23 +329,75 @@ DESCRIPTION
282 MAC (message authentication code) algorithms can be specified in 329 MAC (message authentication code) algorithms can be specified in
283 order of preference. See the MACs keyword for more information. 330 order of preference. See the MACs keyword for more information.
284 331
285 -n Redirects stdin from /dev/null (actually, prevents reading from
286 stdin). This must be used when ssh is run in the background. A
287 common trick is to use this to run X11 programs on a remote
288 machine. For example, ssh -n shadows.cs.hut.fi emacs & will
289 start an emacs on shadows.cs.hut.fi, and the X11 connection will
290 be automatically forwarded over an encrypted channel. The ssh
291 program will be put in the background. (This does not work if
292 ssh needs to ask for a password or passphrase; see also the -f
293 option.)
294
295 -N Do not execute a remote command. This is useful for just for- 332 -N Do not execute a remote command. This is useful for just for-
296 warding ports (protocol version 2 only). 333 warding ports (protocol version 2 only).
297 334
335 -n Redirects stdin from /dev/null (actually, prevents reading from
336 stdin). This must be used when ssh is run in the background. A
337 common trick is to use this to run X11 programs on a remote ma-
338 chine. For example, ssh -n shadows.cs.hut.fi emacs & will start
339 an emacs on shadows.cs.hut.fi, and the X11 connection will be au-
340 tomatically forwarded over an encrypted channel. The ssh program
341 will be put in the background. (This does not work if ssh needs
342 to ask for a password or passphrase; see also the -f option.)
343
298 -o option 344 -o option
299 Can be used to give options in the format used in the configura- 345 Can be used to give options in the format used in the configura-
300 tion file. This is useful for specifying options for which there 346 tion file. This is useful for specifying options for which there
301 is no separate command-line flag. 347 is no separate command-line flag. For full details of the op-
348 tions listed below, and their possible values, see ssh_config(5).
349
350 AddressFamily
351 BatchMode
352 BindAddress
353 ChallengeResponseAuthentication
354 CheckHostIP
355 Cipher
356 Ciphers
357 ClearAllForwardings
358 Compression
359 CompressionLevel
360 ConnectionAttempts
361 ConnectionTimeout
362 DynamicForward
363 EscapeChar
364 ForwardAgent
365 ForwardX11
366 ForwardX11Trusted
367 GatewayPorts
368 GlobalKnownHostsFile
369 GSSAPIAuthentication
370 GSSAPIDelegateCredentials
371 Host
372 HostbasedAuthentication
373 HostKeyAlgorithms
374 HostKeyAlias
375 HostName
376 IdentityFile
377 LocalForward
378 LogLevel
379 MACs
380 NoHostAuthenticationForLocalhost
381 NumberOfPasswordPrompts
382 PasswordAuthentication
383 Port
384 PreferredAuthentications
385 Protocol
386 ProxyCommand
387 PubkeyAuthentication
388 RemoteForward
389 RhostsRSAAuthentication
390 RSAAuthentication
391 ServerAliveInterval
392 ServerAliveCountMax
393 SmartcardDevice
394 StrictHostKeyChecking
395 TCPKeepAlive
396 UsePrivilegedPort
397 User
398 UserKnownHostsFile
399 VerifyHostKeyDNS
400 XAuthLocation
302 401
303 -p port 402 -p port
304 Port to connect to on the remote host. This can be specified on 403 Port to connect to on the remote host. This can be specified on
@@ -307,93 +406,50 @@ DESCRIPTION
307 -q Quiet mode. Causes all warning and diagnostic messages to be 406 -q Quiet mode. Causes all warning and diagnostic messages to be
308 suppressed. 407 suppressed.
309 408
409 -R port:host:hostport
410 Specifies that the given port on the remote (server) host is to
411 be forwarded to the given host and port on the local side. This
412 works by allocating a socket to listen to port on the remote
413 side, and whenever a connection is made to this port, the connec-
414 tion is forwarded over the secure channel, and a connection is
415 made to host port hostport from the local machine. Port forward-
416 ings can also be specified in the configuration file. Privileged
417 ports can be forwarded only when logging in as root on the remote
418 machine. IPv6 addresses can be specified with an alternative
419 syntax: port/host/hostport.
420
310 -s May be used to request invocation of a subsystem on the remote 421 -s May be used to request invocation of a subsystem on the remote
311 system. Subsystems are a feature of the SSH2 protocol which 422 system. Subsystems are a feature of the SSH2 protocol which fa-
312 facilitate the use of SSH as a secure transport for other appli- 423 cilitate the use of SSH as a secure transport for other applica-
313 cations (eg. sftp). The subsystem is specified as the remote 424 tions (eg. sftp(1)). The subsystem is specified as the remote
314 command. 425 command.
315 426
427 -T Disable pseudo-tty allocation.
428
316 -t Force pseudo-tty allocation. This can be used to execute arbi- 429 -t Force pseudo-tty allocation. This can be used to execute arbi-
317 trary screen-based programs on a remote machine, which can be 430 trary screen-based programs on a remote machine, which can be
318 very useful, e.g., when implementing menu services. Multiple -t 431 very useful, e.g., when implementing menu services. Multiple -t
319 options force tty allocation, even if ssh has no local tty. 432 options force tty allocation, even if ssh has no local tty.
320 433
321 -T Disable pseudo-tty allocation. 434 -V Display the version number and exit.
322 435
323 -v Verbose mode. Causes ssh to print debugging messages about its 436 -v Verbose mode. Causes ssh to print debugging messages about its
324 progress. This is helpful in debugging connection, authentica- 437 progress. This is helpful in debugging connection, authentica-
325 tion, and configuration problems. Multiple -v options increase 438 tion, and configuration problems. Multiple -v options increase
326 the verbosity. The maximum is 3. 439 the verbosity. The maximum is 3.
327 440
328 -V Display the version number and exit.
329
330 -x Disables X11 forwarding.
331
332 -X Enables X11 forwarding. This can also be specified on a per-host 441 -X Enables X11 forwarding. This can also be specified on a per-host
333 basis in a configuration file. 442 basis in a configuration file.
334 443
335 X11 forwarding should be enabled with caution. Users with the 444 X11 forwarding should be enabled with caution. Users with the
336 ability to bypass file permissions on the remote host (for the 445 ability to bypass file permissions on the remote host (for the
337 userM-bM-^@M-^Ys X authorization database) can access the local X11 display 446 user's X authorization database) can access the local X11 display
338 through the forwarded connection. An attacker may then be able 447 through the forwarded connection. An attacker may then be able
339 to perform activities such as keystroke monitoring. 448 to perform activities such as keystroke monitoring.
340 449
341 -C Requests compression of all data (including stdin, stdout, 450 -x Disables X11 forwarding.
342 stderr, and data for forwarded X11 and TCP/IP connections). The
343 compression algorithm is the same used by gzip(1), and the
344 M-bM-^@M-^\levelM-bM-^@M-^] can be controlled by the CompressionLevel option for pro-
345 tocol version 1. Compression is desirable on modem lines and
346 other slow connections, but will only slow down things on fast
347 networks. The default value can be set on a host-by-host basis
348 in the configuration files; see the Compression option.
349
350 -F configfile
351 Specifies an alternative per-user configuration file. If a con-
352 figuration file is given on the command line, the system-wide
353 configuration file (/etc/ssh/ssh_config) will be ignored. The
354 default for the per-user configuration file is $HOME/.ssh/config.
355
356 -L port:host:hostport
357 Specifies that the given port on the local (client) host is to be
358 forwarded to the given host and port on the remote side. This
359 works by allocating a socket to listen to port on the local side,
360 and whenever a connection is made to this port, the connection is
361 forwarded over the secure channel, and a connection is made to
362 host port hostport from the remote machine. Port forwardings can
363 also be specified in the configuration file. Only root can for-
364 ward privileged ports. IPv6 addresses can be specified with an
365 alternative syntax: port/host/hostport
366
367 -R port:host:hostport
368 Specifies that the given port on the remote (server) host is to
369 be forwarded to the given host and port on the local side. This
370 works by allocating a socket to listen to port on the remote
371 side, and whenever a connection is made to this port, the connec-
372 tion is forwarded over the secure channel, and a connection is
373 made to host port hostport from the local machine. Port forward-
374 ings can also be specified in the configuration file. Privileged
375 ports can be forwarded only when logging in as root on the remote
376 machine. IPv6 addresses can be specified with an alternative
377 syntax: port/host/hostport
378
379 -D port
380 Specifies a local M-bM-^@M-^\dynamicM-bM-^@M-^] application-level port forwarding.
381 This works by allocating a socket to listen to port on the local
382 side, and whenever a connection is made to this port, the connec-
383 tion is forwarded over the secure channel, and the application
384 protocol is then used to determine where to connect to from the
385 remote machine. Currently the SOCKS4 and SOCKS5 protocols are
386 supported, and ssh will act as a SOCKS server. Only root can
387 forward privileged ports. Dynamic port forwardings can also be
388 specified in the configuration file.
389
390 -1 Forces ssh to try protocol version 1 only.
391
392 -2 Forces ssh to try protocol version 2 only.
393
394 -4 Forces ssh to use IPv4 addresses only.
395 451
396 -6 Forces ssh to use IPv6 addresses only. 452 -Y Enables trusted X11 forwarding.
397 453
398CONFIGURATION FILES 454CONFIGURATION FILES
399 ssh may additionally obtain configuration data from a per-user configura- 455 ssh may additionally obtain configuration data from a per-user configura-
@@ -403,65 +459,63 @@ CONFIGURATION FILES
403ENVIRONMENT 459ENVIRONMENT
404 ssh will normally set the following environment variables: 460 ssh will normally set the following environment variables:
405 461
406 DISPLAY 462 DISPLAY The DISPLAY variable indicates the location of the X11 server.
407 The DISPLAY variable indicates the location of the X11 server. 463 It is automatically set by ssh to point to a value of the form
408 It is automatically set by ssh to point to a value of the form 464 ``hostname:n'' where hostname indicates the host where the shell
409 M-bM-^@M-^\hostname:nM-bM-^@M-^] where hostname indicates the host where the shell 465 runs, and n is an integer >= 1. ssh uses this special value to
410 runs, and n is an integer >= 1. ssh uses this special value to 466 forward X11 connections over the secure channel. The user
411 forward X11 connections over the secure channel. The user should 467 should normally not set DISPLAY explicitly, as that will render
412 normally not set DISPLAY explicitly, as that will render the X11 468 the X11 connection insecure (and will require the user to manu-
413 connection insecure (and will require the user to manually copy 469 ally copy any required authorization cookies).
414 any required authorization cookies).
415 470
416 HOME Set to the path of the userM-bM-^@M-^Ys home directory. 471 HOME Set to the path of the user's home directory.
417 472
418 LOGNAME 473 LOGNAME Synonym for USER; set for compatibility with systems that use
419 Synonym for USER; set for compatibility with systems that use 474 this variable.
420 this variable.
421 475
422 MAIL Set to the path of the userM-bM-^@M-^Ys mailbox. 476 MAIL Set to the path of the user's mailbox.
423 477
424 PATH Set to the default PATH, as specified when compiling ssh. 478 PATH Set to the default PATH, as specified when compiling ssh.
425 479
426 SSH_ASKPASS 480 SSH_ASKPASS
427 If ssh needs a passphrase, it will read the passphrase from the 481 If ssh needs a passphrase, it will read the passphrase from the
428 current terminal if it was run from a terminal. If ssh does not 482 current terminal if it was run from a terminal. If ssh does not
429 have a terminal associated with it but DISPLAY and SSH_ASKPASS 483 have a terminal associated with it but DISPLAY and SSH_ASKPASS
430 are set, it will execute the program specified by SSH_ASKPASS and 484 are set, it will execute the program specified by SSH_ASKPASS
431 open an X11 window to read the passphrase. This is particularly 485 and open an X11 window to read the passphrase. This is particu-
432 useful when calling ssh from a .Xsession or related script. 486 larly useful when calling ssh from a .Xsession or related
433 (Note that on some machines it may be necessary to redirect the 487 script. (Note that on some machines it may be necessary to
434 input from /dev/null to make this work.) 488 redirect the input from /dev/null to make this work.)
435 489
436 SSH_AUTH_SOCK 490 SSH_AUTH_SOCK
437 Identifies the path of a unix-domain socket used to communicate 491 Identifies the path of a unix-domain socket used to communicate
438 with the agent. 492 with the agent.
439 493
440 SSH_CONNECTION 494 SSH_CONNECTION
441 Identifies the client and server ends of the connection. The 495 Identifies the client and server ends of the connection. The
442 variable contains four space-separated values: client ip-address, 496 variable contains four space-separated values: client ip-ad-
443 client port number, server ip-address and server port number. 497 dress, client port number, server ip-address and server port
498 number.
444 499
445 SSH_ORIGINAL_COMMAND 500 SSH_ORIGINAL_COMMAND
446 The variable contains the original command line if a forced com- 501 The variable contains the original command line if a forced com-
447 mand is executed. It can be used to extract the original argu- 502 mand is executed. It can be used to extract the original argu-
448 ments. 503 ments.
449 504
450 SSH_TTY 505 SSH_TTY This is set to the name of the tty (path to the device) associ-
451 This is set to the name of the tty (path to the device) associ- 506 ated with the current shell or command. If the current session
452 ated with the current shell or command. If the current session 507 has no tty, this variable is not set.
453 has no tty, this variable is not set.
454 508
455 TZ The timezone variable is set to indicate the present timezone if 509 TZ The timezone variable is set to indicate the present timezone if
456 it was set when the daemon was started (i.e., the daemon passes 510 it was set when the daemon was started (i.e., the daemon passes
457 the value on to new connections). 511 the value on to new connections).
458 512
459 USER Set to the name of the user logging in. 513 USER Set to the name of the user logging in.
460 514
461 Additionally, ssh reads $HOME/.ssh/environment, and adds lines of the 515 Additionally, ssh reads $HOME/.ssh/environment, and adds lines of the
462 format M-bM-^@M-^\VARNAME=valueM-bM-^@M-^] to the environment if the file exists and if users 516 format ``VARNAME=value'' to the environment if the file exists and if
463 are allowed to change their environment. See the PermitUserEnvironment 517 users are allowed to change their environment. For more information, see
464 option in sshd_config(5). 518 the PermitUserEnvironment option in sshd_config(5).
465 519
466FILES 520FILES
467 $HOME/.ssh/known_hosts 521 $HOME/.ssh/known_hosts
@@ -481,7 +535,7 @@ FILES
481 $HOME/.ssh/identity.pub, $HOME/.ssh/id_dsa.pub, $HOME/.ssh/id_rsa.pub 535 $HOME/.ssh/identity.pub, $HOME/.ssh/id_dsa.pub, $HOME/.ssh/id_rsa.pub
482 Contains the public key for authentication (public part of the 536 Contains the public key for authentication (public part of the
483 identity file in human-readable form). The contents of the 537 identity file in human-readable form). The contents of the
484 $HOME/.ssh/identity.pub file should be added to 538 $HOME/.ssh/identity.pub file should be added to the file
485 $HOME/.ssh/authorized_keys on all machines where the user wishes 539 $HOME/.ssh/authorized_keys on all machines where the user wishes
486 to log in using protocol version 1 RSA authentication. The con- 540 to log in using protocol version 1 RSA authentication. The con-
487 tents of the $HOME/.ssh/id_dsa.pub and $HOME/.ssh/id_rsa.pub file 541 tents of the $HOME/.ssh/id_dsa.pub and $HOME/.ssh/id_rsa.pub file
@@ -512,15 +566,15 @@ FILES
512 following format (fields separated by spaces): system name, pub- 566 following format (fields separated by spaces): system name, pub-
513 lic key and optional comment field. When different names are 567 lic key and optional comment field. When different names are
514 used for the same machine, all such names should be listed, sepa- 568 used for the same machine, all such names should be listed, sepa-
515 rated by commas. The format is described on the sshd(8) manual 569 rated by commas. The format is described in the sshd(8) manual
516 page. 570 page.
517 571
518 The canonical system name (as returned by name servers) is used 572 The canonical system name (as returned by name servers) is used
519 by sshd(8) to verify the client host when logging in; other names 573 by sshd(8) to verify the client host when logging in; other names
520 are needed because ssh does not convert the user-supplied name to 574 are needed because ssh does not convert the user-supplied name to
521 a canonical name before checking the key, because someone with 575 a canonical name before checking the key, because someone with
522 access to the name servers would then be able to fool host 576 access to the name servers would then be able to fool host au-
523 authentication. 577 thentication.
524 578
525 /etc/ssh/ssh_config 579 /etc/ssh/ssh_config
526 Systemwide configuration file. The file format and configuration 580 Systemwide configuration file. The file format and configuration
@@ -538,22 +592,22 @@ FILES
538 method is used. By default ssh is not setuid root. 592 method is used. By default ssh is not setuid root.
539 593
540 $HOME/.rhosts 594 $HOME/.rhosts
541 This file is used in .rhosts authentication to list the host/user 595 This file is used in rhosts authentication to list the host/user
542 pairs that are permitted to log in. (Note that this file is also 596 pairs that are permitted to log in. (Note that this file is also
543 used by rlogin and rsh, which makes using this file insecure.) 597 used by rlogin and rsh, which makes using this file insecure.)
544 Each line of the file contains a host name (in the canonical form 598 Each line of the file contains a host name (in the canonical form
545 returned by name servers), and then a user name on that host, 599 returned by name servers), and then a user name on that host,
546 separated by a space. On some machines this file may need to be 600 separated by a space. On some machines this file may need to be
547 world-readable if the userM-bM-^@M-^Ys home directory is on a NFS parti- 601 world-readable if the user's home directory is on a NFS parti-
548 tion, because sshd(8) reads it as root. Additionally, this file 602 tion, because sshd(8) reads it as root. Additionally, this file
549 must be owned by the user, and must not have write permissions 603 must be owned by the user, and must not have write permissions
550 for anyone else. The recommended permission for most machines is 604 for anyone else. The recommended permission for most machines is
551 read/write for the user, and not accessible by others. 605 read/write for the user, and not accessible by others.
552 606
553 Note that by default sshd(8) will be installed so that it 607 Note that by default sshd(8) will be installed so that it re-
554 requires successful RSA host authentication before permitting 608 quires successful RSA host authentication before permitting
555 .rhosts authentication. If the server machine does not have the 609 rhosts authentication. If the server machine does not have the
556 clientM-bM-^@M-^Ys host key in /etc/ssh/ssh_known_hosts, it can be stored 610 client's host key in /etc/ssh/ssh_known_hosts, it can be stored
557 in $HOME/.ssh/known_hosts. The easiest way to do this is to con- 611 in $HOME/.ssh/known_hosts. The easiest way to do this is to con-
558 nect back to the client from the server machine using ssh; this 612 nect back to the client from the server machine using ssh; this
559 will automatically add the host key to $HOME/.ssh/known_hosts. 613 will automatically add the host key to $HOME/.ssh/known_hosts.
@@ -564,12 +618,12 @@ FILES
564 with ssh without permitting login with rlogin or rsh(1). 618 with ssh without permitting login with rlogin or rsh(1).
565 619
566 /etc/hosts.equiv 620 /etc/hosts.equiv
567 This file is used during .rhosts authentication. It contains 621 This file is used during rhosts authentication. It contains
568 canonical hosts names, one per line (the full format is described 622 canonical hosts names, one per line (the full format is described
569 on the sshd(8) manual page). If the client host is found in this 623 in the sshd(8) manual page). If the client host is found in this
570 file, login is automatically permitted provided client and server 624 file, login is automatically permitted provided client and server
571 user names are the same. Additionally, successful RSA host 625 user names are the same. Additionally, successful RSA host au-
572 authentication is normally required. This file should only be 626 thentication is normally required. This file should only be
573 writable by root. 627 writable by root.
574 628
575 /etc/shosts.equiv 629 /etc/shosts.equiv
@@ -579,12 +633,12 @@ FILES
579 633
580 /etc/ssh/sshrc 634 /etc/ssh/sshrc
581 Commands in this file are executed by ssh when the user logs in 635 Commands in this file are executed by ssh when the user logs in
582 just before the userM-bM-^@M-^Ys shell (or command) is started. See the 636 just before the user's shell (or command) is started. See the
583 sshd(8) manual page for more information. 637 sshd(8) manual page for more information.
584 638
585 $HOME/.ssh/rc 639 $HOME/.ssh/rc
586 Commands in this file are executed by ssh when the user logs in 640 Commands in this file are executed by ssh when the user logs in
587 just before the userM-bM-^@M-^Ys shell (or command) is started. See the 641 just before the user's shell (or command) is started. See the
588 sshd(8) manual page for more information. 642 sshd(8) manual page for more information.
589 643
590 $HOME/.ssh/environment 644 $HOME/.ssh/environment
@@ -596,8 +650,9 @@ DIAGNOSTICS
596 error occurred. 650 error occurred.
597 651
598SEE ALSO 652SEE ALSO
599 rsh(1), scp(1), sftp(1), ssh-add(1), ssh-agent(1), ssh-keygen(1), 653 gzip(1), rsh(1), scp(1), sftp(1), ssh-add(1), ssh-agent(1),
600 telnet(1), ssh_config(5), ssh-keysign(8), sshd(8) 654 ssh-keygen(1), telnet(1), hosts.equiv(5), ssh_config(5), ssh-keysign(8),
655 sshd(8)
601 656
602 T. Ylonen, T. Kivinen, M. Saarinen, T. Rinne, and S. Lehtinen, SSH 657 T. Ylonen, T. Kivinen, M. Saarinen, T. Rinne, and S. Lehtinen, SSH
603 Protocol Architecture, draft-ietf-secsh-architecture-12.txt, January 658 Protocol Architecture, draft-ietf-secsh-architecture-12.txt, January
@@ -606,8 +661,8 @@ SEE ALSO
606AUTHORS 661AUTHORS
607 OpenSSH is a derivative of the original and free ssh 1.2.12 release by 662 OpenSSH is a derivative of the original and free ssh 1.2.12 release by
608 Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo 663 Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
609 de Raadt and Dug Song removed many bugs, re-added newer features and cre- 664 de Raadt and Dug Song removed many bugs, re-added newer features and
610 ated OpenSSH. Markus Friedl contributed the support for SSH protocol 665 created OpenSSH. Markus Friedl contributed the support for SSH protocol
611 versions 1.5 and 2.0. 666 versions 1.5 and 2.0.
612 667
613BSD September 25, 1999 BSD 668OpenBSD 3.4 September 25, 1999 11
diff --git a/ssh.1 b/ssh.1
index 3fbd954e8..6c9ac5909 100644
--- a/ssh.1
+++ b/ssh.1
@@ -34,7 +34,7 @@
34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36.\" 36.\"
37.\" $OpenBSD: ssh.1,v 1.175 2003/07/22 13:35:22 markus Exp $ 37.\" $OpenBSD: ssh.1,v 1.181 2003/12/16 15:49:51 markus Exp $
38.Dd September 25, 1999 38.Dd September 25, 1999
39.Dt SSH 1 39.Dt SSH 1
40.Os 40.Os
@@ -43,22 +43,14 @@
43.Nd OpenSSH SSH client (remote login program) 43.Nd OpenSSH SSH client (remote login program)
44.Sh SYNOPSIS 44.Sh SYNOPSIS
45.Nm ssh 45.Nm ssh
46.Op Fl l Ar login_name 46.Op Fl 1246AaCfgkNnqsTtVvXxY
47.Ar hostname | user@hostname
48.Op Ar command
49.Pp
50.Nm ssh
51.Bk -words
52.Op Fl afgknqstvxACNTVX1246
53.Op Fl b Ar bind_address 47.Op Fl b Ar bind_address
54.Op Fl c Ar cipher_spec 48.Op Fl c Ar cipher_spec
49.Op Fl D Ar port
55.Op Fl e Ar escape_char 50.Op Fl e Ar escape_char
56.Op Fl i Ar identity_file
57.Op Fl l Ar login_name
58.Op Fl m Ar mac_spec
59.Op Fl o Ar option
60.Op Fl p Ar port
61.Op Fl F Ar configfile 51.Op Fl F Ar configfile
52.Op Fl i Ar identity_file
53.Bk -words
62.Oo Fl L Xo 54.Oo Fl L Xo
63.Sm off 55.Sm off
64.Ar port : 56.Ar port :
@@ -68,7 +60,12 @@
68.Xc 60.Xc
69.Oc 61.Oc
70.Ek 62.Ek
63.Op Fl l Ar login_name
64.Op Fl m Ar mac_spec
65.Op Fl o Ar option
71.Bk -words 66.Bk -words
67.Op Fl p Ar port
68.Ek
72.Oo Fl R Xo 69.Oo Fl R Xo
73.Sm off 70.Sm off
74.Ar port : 71.Ar port :
@@ -77,29 +74,34 @@
77.Sm on 74.Sm on
78.Xc 75.Xc
79.Oc 76.Oc
80.Op Fl D Ar port 77.Oo Ar user Ns @ Oc Ns Ar hostname
81.Ar hostname | user@hostname
82.Op Ar command 78.Op Ar command
83.Ek
84.Sh DESCRIPTION 79.Sh DESCRIPTION
85.Nm 80.Nm
86(SSH client) is a program for logging into a remote machine and for 81(SSH client) is a program for logging into a remote machine and for
87executing commands on a remote machine. 82executing commands on a remote machine.
88It is intended to replace 83It is intended to replace rlogin and rsh,
89rlogin and rsh, and provide secure encrypted communications between 84and provide secure encrypted communications between
90two untrusted hosts over an insecure network. 85two untrusted hosts over an insecure network.
91X11 connections and 86X11 connections and arbitrary TCP/IP ports
92arbitrary TCP/IP ports can also be forwarded over the secure channel. 87can also be forwarded over the secure channel.
93.Pp 88.Pp
94.Nm 89.Nm
95connects and logs into the specified 90connects and logs into the specified
96.Ar hostname . 91.Ar hostname
92(with optional
93.Ar user
94name).
97The user must prove 95The user must prove
98his/her identity to the remote machine using one of several methods 96his/her identity to the remote machine using one of several methods
99depending on the protocol version used: 97depending on the protocol version used.
100.Pp 98.Pp
99If
100.Ar command
101is specified,
102.Ar command
103is executed on the remote host instead of a login shell.
101.Ss SSH protocol version 1 104.Ss SSH protocol version 1
102.Pp
103First, if the machine the user logs in from is listed in 105First, if the machine the user logs in from is listed in
104.Pa /etc/hosts.equiv 106.Pa /etc/hosts.equiv
105or 107or
@@ -107,9 +109,9 @@ or
107on the remote machine, and the user names are 109on the remote machine, and the user names are
108the same on both sides, the user is immediately permitted to log in. 110the same on both sides, the user is immediately permitted to log in.
109Second, if 111Second, if
110.Pa \&.rhosts 112.Pa .rhosts
111or 113or
112.Pa \&.shosts 114.Pa .shosts
113exists in the user's home directory on the 115exists in the user's home directory on the
114remote machine and contains a line containing the name of the client 116remote machine and contains a line containing the name of the client
115machine and the name of the user on that machine, the user is 117machine and the name of the user on that machine, the user is
@@ -118,9 +120,9 @@ This form of authentication alone is normally not
118allowed by the server because it is not secure. 120allowed by the server because it is not secure.
119.Pp 121.Pp
120The second authentication method is the 122The second authentication method is the
121.Pa rhosts 123.Em rhosts
122or 124or
123.Pa hosts.equiv 125.Em hosts.equiv
124method combined with RSA-based host authentication. 126method combined with RSA-based host authentication.
125It means that if the login would be permitted by 127It means that if the login would be permitted by
126.Pa $HOME/.rhosts , 128.Pa $HOME/.rhosts ,
@@ -135,7 +137,7 @@ and
135.Pa $HOME/.ssh/known_hosts 137.Pa $HOME/.ssh/known_hosts
136in the 138in the
137.Sx FILES 139.Sx FILES
138section), only then login is permitted. 140section), only then is login permitted.
139This authentication method closes security holes due to IP 141This authentication method closes security holes due to IP
140spoofing, DNS spoofing and routing spoofing. 142spoofing, DNS spoofing and routing spoofing.
141[Note to the administrator: 143[Note to the administrator:
@@ -154,24 +156,23 @@ RSA is one such system.
154The idea is that each user creates a public/private 156The idea is that each user creates a public/private
155key pair for authentication purposes. 157key pair for authentication purposes.
156The server knows the public key, and only the user knows the private key. 158The server knows the public key, and only the user knows the private key.
159.Pp
157The file 160The file
158.Pa $HOME/.ssh/authorized_keys 161.Pa $HOME/.ssh/authorized_keys
159lists the public keys that are permitted for logging 162lists the public keys that are permitted for logging in.
160in.
161When the user logs in, the 163When the user logs in, the
162.Nm 164.Nm
163program tells the server which key pair it would like to use for 165program tells the server which key pair it would like to use for
164authentication. 166authentication.
165The server checks if this key is permitted, and if 167The server checks if this key is permitted, and if so,
166so, sends the user (actually the 168sends the user (actually the
167.Nm 169.Nm
168program running on behalf of the user) a challenge, a random number, 170program running on behalf of the user) a challenge, a random number,
169encrypted by the user's public key. 171encrypted by the user's public key.
170The challenge can only be 172The challenge can only be decrypted using the proper private key.
171decrypted using the proper private key. 173The user's client then decrypts the challenge using the private key,
172The user's client then decrypts the 174proving that he/she knows the private key
173challenge using the private key, proving that he/she knows the private 175but without disclosing it to the server.
174key but without disclosing it to the server.
175.Pp 176.Pp
176.Nm 177.Nm
177implements the RSA authentication protocol automatically. 178implements the RSA authentication protocol automatically.
@@ -179,7 +180,7 @@ The user creates his/her RSA key pair by running
179.Xr ssh-keygen 1 . 180.Xr ssh-keygen 1 .
180This stores the private key in 181This stores the private key in
181.Pa $HOME/.ssh/identity 182.Pa $HOME/.ssh/identity
182and the public key in 183and stores the public key in
183.Pa $HOME/.ssh/identity.pub 184.Pa $HOME/.ssh/identity.pub
184in the user's home directory. 185in the user's home directory.
185The user should then copy the 186The user should then copy the
@@ -193,8 +194,9 @@ file corresponds to the conventional
193file, and has one key 194file, and has one key
194per line, though the lines can be very long). 195per line, though the lines can be very long).
195After this, the user can log in without giving the password. 196After this, the user can log in without giving the password.
196RSA authentication is much 197RSA authentication is much more secure than
197more secure than rhosts authentication. 198.Em rhosts
199authentication.
198.Pp 200.Pp
199The most convenient way to use RSA authentication may be with an 201The most convenient way to use RSA authentication may be with an
200authentication agent. 202authentication agent.
@@ -208,16 +210,14 @@ prompts the user for a password.
208The password is sent to the remote 210The password is sent to the remote
209host for checking; however, since all communications are encrypted, 211host for checking; however, since all communications are encrypted,
210the password cannot be seen by someone listening on the network. 212the password cannot be seen by someone listening on the network.
211.Pp
212.Ss SSH protocol version 2 213.Ss SSH protocol version 2
213.Pp 214When a user connects using protocol version 2,
214When a user connects using protocol version 2
215similar authentication methods are available. 215similar authentication methods are available.
216Using the default values for 216Using the default values for
217.Cm PreferredAuthentications , 217.Cm PreferredAuthentications ,
218the client will try to authenticate first using the hostbased method; 218the client will try to authenticate first using the hostbased method;
219if this method fails public key authentication is attempted, 219if this method fails, public key authentication is attempted,
220and finally if this method fails keyboard-interactive and 220and finally if this method fails, keyboard-interactive and
221password authentication are tried. 221password authentication are tried.
222.Pp 222.Pp
223The public key method is similar to RSA authentication described 223The public key method is similar to RSA authentication described
@@ -233,8 +233,8 @@ and grants access if both the key is found and the signature is correct.
233The session identifier is derived from a shared Diffie-Hellman value 233The session identifier is derived from a shared Diffie-Hellman value
234and is only known to the client and the server. 234and is only known to the client and the server.
235.Pp 235.Pp
236If public key authentication fails or is not available a password 236If public key authentication fails or is not available, a password
237can be sent encrypted to the remote host for proving the user's identity. 237can be sent encrypted to the remote host to prove the user's identity.
238.Pp 238.Pp
239Additionally, 239Additionally,
240.Nm 240.Nm
@@ -245,9 +245,7 @@ Protocol 2 provides additional mechanisms for confidentiality
245and integrity (hmac-md5, hmac-sha1). 245and integrity (hmac-md5, hmac-sha1).
246Note that protocol 1 lacks a strong mechanism for ensuring the 246Note that protocol 1 lacks a strong mechanism for ensuring the
247integrity of the connection. 247integrity of the connection.
248.Pp
249.Ss Login session and remote execution 248.Ss Login session and remote execution
250.Pp
251When the user's identity has been accepted by the server, the server 249When the user's identity has been accepted by the server, the server
252either executes the given command, or logs into the machine and gives 250either executes the given command, or logs into the machine and gives
253the user a normal shell on the remote machine. 251the user a normal shell on the remote machine.
@@ -257,23 +255,20 @@ the remote command or shell will be automatically encrypted.
257If a pseudo-terminal has been allocated (normal login session), the 255If a pseudo-terminal has been allocated (normal login session), the
258user may use the escape characters noted below. 256user may use the escape characters noted below.
259.Pp 257.Pp
260If no pseudo tty has been allocated, the 258If no pseudo-tty has been allocated,
261session is transparent and can be used to reliably transfer binary 259the session is transparent and can be used to reliably transfer binary data.
262data.
263On most systems, setting the escape character to 260On most systems, setting the escape character to
264.Dq none 261.Dq none
265will also make the session transparent even if a tty is used. 262will also make the session transparent even if a tty is used.
266.Pp 263.Pp
267The session terminates when the command or shell on the remote 264The session terminates when the command or shell on the remote
268machine exits and all X11 and TCP/IP connections have been closed. 265machine exits and all X11 and TCP/IP connections have been closed.
269The exit status of the remote program is returned as the exit status 266The exit status of the remote program is returned as the exit status of
270of
271.Nm ssh . 267.Nm ssh .
272.Pp
273.Ss Escape Characters 268.Ss Escape Characters
274.Pp 269When a pseudo-terminal has been requested,
275When a pseudo terminal has been requested, ssh supports a number of functions 270.Nm
276through the use of an escape character. 271supports a number of functions through the use of an escape character.
277.Pp 272.Pp
278A single tilde character can be sent as 273A single tilde character can be sent as
279.Ic ~~ 274.Ic ~~
@@ -291,37 +286,37 @@ The supported escapes (assuming the default
291are: 286are:
292.Bl -tag -width Ds 287.Bl -tag -width Ds
293.It Cm ~. 288.It Cm ~.
294Disconnect 289Disconnect.
295.It Cm ~^Z 290.It Cm ~^Z
296Background ssh 291Background
292.Nm ssh .
297.It Cm ~# 293.It Cm ~#
298List forwarded connections 294List forwarded connections.
299.It Cm ~& 295.It Cm ~&
300Background ssh at logout when waiting for forwarded connection / X11 sessions 296Background
301to terminate 297.Nm
298at logout when waiting for forwarded connection / X11 sessions to terminate.
302.It Cm ~? 299.It Cm ~?
303Display a list of escape characters 300Display a list of escape characters.
304.It Cm ~B 301.It Cm ~B
305Send a BREAK to the remote system (only useful for SSH protocol version 2 302Send a BREAK to the remote system
306and if the peer supports it) 303(only useful for SSH protocol version 2 and if the peer supports it).
307.It Cm ~C 304.It Cm ~C
308Open command line (only useful for adding port forwardings using the 305Open command line (only useful for adding port forwardings using the
309.Fl L 306.Fl L
310and 307and
311.Fl R 308.Fl R
312options) 309options).
313.It Cm ~R 310.It Cm ~R
314Request rekeying of the connection (only useful for SSH protocol version 2 311Request rekeying of the connection
315and if the peer supports it) 312(only useful for SSH protocol version 2 and if the peer supports it).
316.El 313.El
317.Pp
318.Ss X11 and TCP forwarding 314.Ss X11 and TCP forwarding
319.Pp
320If the 315If the
321.Cm ForwardX11 316.Cm ForwardX11
322variable is set to 317variable is set to
323.Dq yes 318.Dq yes
324(or, see the description of the 319(or see the description of the
325.Fl X 320.Fl X
326and 321and
327.Fl x 322.Fl x
@@ -342,8 +337,7 @@ The
342.Ev DISPLAY 337.Ev DISPLAY
343value set by 338value set by
344.Nm 339.Nm
345will point to the server machine, but with a display number greater 340will point to the server machine, but with a display number greater than zero.
346than zero.
347This is normal, and happens because 341This is normal, and happens because
348.Nm 342.Nm
349creates a 343creates a
@@ -364,7 +358,7 @@ If the
364.Cm ForwardAgent 358.Cm ForwardAgent
365variable is set to 359variable is set to
366.Dq yes 360.Dq yes
367(or, see the description of the 361(or see the description of the
368.Fl A 362.Fl A
369and 363and
370.Fl a 364.Fl a
@@ -376,9 +370,7 @@ Forwarding of arbitrary TCP/IP connections over the secure channel can
376be specified either on the command line or in a configuration file. 370be specified either on the command line or in a configuration file.
377One possible application of TCP/IP forwarding is a secure connection to an 371One possible application of TCP/IP forwarding is a secure connection to an
378electronic purse; another is going through firewalls. 372electronic purse; another is going through firewalls.
379.Pp
380.Ss Server authentication 373.Ss Server authentication
381.Pp
382.Nm 374.Nm
383automatically maintains and checks a database containing 375automatically maintains and checks a database containing
384identifications for all hosts it has ever been used with. 376identifications for all hosts it has ever been used with.
@@ -389,14 +381,12 @@ Additionally, the file
389.Pa /etc/ssh/ssh_known_hosts 381.Pa /etc/ssh/ssh_known_hosts
390is automatically checked for known hosts. 382is automatically checked for known hosts.
391Any new hosts are automatically added to the user's file. 383Any new hosts are automatically added to the user's file.
392If a host's identification 384If a host's identification ever changes,
393ever changes,
394.Nm 385.Nm
395warns about this and disables password authentication to prevent a 386warns about this and disables password authentication to prevent a
396trojan horse from getting the user's password. 387trojan horse from getting the user's password.
397Another purpose of 388Another purpose of this mechanism is to prevent man-in-the-middle attacks
398this mechanism is to prevent man-in-the-middle attacks which could 389which could otherwise be used to circumvent the encryption.
399otherwise be used to circumvent the encryption.
400The 390The
401.Cm StrictHostKeyChecking 391.Cm StrictHostKeyChecking
402option can be used to prevent logins to machines whose 392option can be used to prevent logins to machines whose
@@ -404,8 +394,22 @@ host key is not known or has changed.
404.Pp 394.Pp
405The options are as follows: 395The options are as follows:
406.Bl -tag -width Ds 396.Bl -tag -width Ds
407.It Fl a 397.It Fl 1
408Disables forwarding of the authentication agent connection. 398Forces
399.Nm
400to try protocol version 1 only.
401.It Fl 2
402Forces
403.Nm
404to try protocol version 2 only.
405.It Fl 4
406Forces
407.Nm
408to use IPv4 addresses only.
409.It Fl 6
410Forces
411.Nm
412to use IPv6 addresses only.
409.It Fl A 413.It Fl A
410Enables forwarding of the authentication agent connection. 414Enables forwarding of the authentication agent connection.
411This can also be specified on a per-host basis in a configuration file. 415This can also be specified on a per-host basis in a configuration file.
@@ -417,10 +421,28 @@ can access the local agent through the forwarded connection.
417An attacker cannot obtain key material from the agent, 421An attacker cannot obtain key material from the agent,
418however they can perform operations on the keys that enable them to 422however they can perform operations on the keys that enable them to
419authenticate using the identities loaded into the agent. 423authenticate using the identities loaded into the agent.
424.It Fl a
425Disables forwarding of the authentication agent connection.
420.It Fl b Ar bind_address 426.It Fl b Ar bind_address
421Specify the interface to transmit from on machines with multiple 427Specify the interface to transmit from on machines with multiple
422interfaces or aliased addresses. 428interfaces or aliased addresses.
423.It Fl c Ar blowfish|3des|des 429.It Fl C
430Requests compression of all data (including stdin, stdout, stderr, and
431data for forwarded X11 and TCP/IP connections).
432The compression algorithm is the same used by
433.Xr gzip 1 ,
434and the
435.Dq level
436can be controlled by the
437.Cm CompressionLevel
438option for protocol version 1.
439Compression is desirable on modem lines and other
440slow connections, but will only slow down things on fast networks.
441The default value can be set on a host-by-host basis in the
442configuration files; see the
443.Cm Compression
444option.
445.It Fl c Ar blowfish | 3des | des
424Selects the cipher to use for encrypting the session. 446Selects the cipher to use for encrypting the session.
425.Ar 3des 447.Ar 3des
426is used by default. 448is used by default.
@@ -428,7 +450,7 @@ It is believed to be secure.
428.Ar 3des 450.Ar 3des
429(triple-des) is an encrypt-decrypt-encrypt triple with three different keys. 451(triple-des) is an encrypt-decrypt-encrypt triple with three different keys.
430.Ar blowfish 452.Ar blowfish
431is a fast block cipher, it appears very secure and is much faster than 453is a fast block cipher; it appears very secure and is much faster than
432.Ar 3des . 454.Ar 3des .
433.Ar des 455.Ar des
434is only supported in the 456is only supported in the
@@ -444,18 +466,41 @@ be specified in order of preference.
444See 466See
445.Cm Ciphers 467.Cm Ciphers
446for more information. 468for more information.
447.It Fl e Ar ch|^ch|none 469.It Fl D Ar port
470Specifies a local
471.Dq dynamic
472application-level port forwarding.
473This works by allocating a socket to listen to
474.Ar port
475on the local side, and whenever a connection is made to this port, the
476connection is forwarded over the secure channel, and the application
477protocol is then used to determine where to connect to from the
478remote machine.
479Currently the SOCKS4 and SOCKS5 protocols are supported, and
480.Nm
481will act as a SOCKS server.
482Only root can forward privileged ports.
483Dynamic port forwardings can also be specified in the configuration file.
484.It Fl e Ar ch | ^ch | none
448Sets the escape character for sessions with a pty (default: 485Sets the escape character for sessions with a pty (default:
449.Ql ~ ) . 486.Ql ~ ) .
450The escape character is only recognized at the beginning of a line. 487The escape character is only recognized at the beginning of a line.
451The escape character followed by a dot 488The escape character followed by a dot
452.Pq Ql \&. 489.Pq Ql \&.
453closes the connection, followed 490closes the connection;
454by control-Z suspends the connection, and followed by itself sends the 491followed by control-Z suspends the connection;
455escape character once. 492and followed by itself sends the escape character once.
456Setting the character to 493Setting the character to
457.Dq none 494.Dq none
458disables any escapes and makes the session fully transparent. 495disables any escapes and makes the session fully transparent.
496.It Fl F Ar configfile
497Specifies an alternative per-user configuration file.
498If a configuration file is given on the command line,
499the system-wide configuration file
500.Pq Pa /etc/ssh/ssh_config
501will be ignored.
502The default for the per-user configuration file is
503.Pa $HOME/.ssh/config .
459.It Fl f 504.It Fl f
460Requests 505Requests
461.Nm 506.Nm
@@ -471,6 +516,12 @@ something like
471.Ic ssh -f host xterm . 516.Ic ssh -f host xterm .
472.It Fl g 517.It Fl g
473Allows remote hosts to connect to local forwarded ports. 518Allows remote hosts to connect to local forwarded ports.
519.It Fl I Ar smartcard_device
520Specifies which smartcard device to use.
521The argument is the device
522.Nm
523should use to communicate with a smartcard used for storing the user's
524private RSA key.
474.It Fl i Ar identity_file 525.It Fl i Ar identity_file
475Selects a file from which the identity (private key) for 526Selects a file from which the identity (private key) for
476RSA or DSA authentication is read. 527RSA or DSA authentication is read.
@@ -487,15 +538,33 @@ It is possible to have multiple
487.Fl i 538.Fl i
488options (and multiple identities specified in 539options (and multiple identities specified in
489configuration files). 540configuration files).
490.It Fl I Ar smartcard_device
491Specifies which smartcard device to use.
492The argument is the device
493.Nm
494should use to communicate with a smartcard used for storing the user's
495private RSA key.
496.It Fl k 541.It Fl k
497Disables forwarding of Kerberos tickets. 542Disables forwarding (delegation) of GSSAPI credentials to the server.
498This may also be specified on a per-host basis in the configuration file. 543.It Fl L Xo
544.Sm off
545.Ar port : host : hostport
546.Sm on
547.Xc
548Specifies that the given port on the local (client) host is to be
549forwarded to the given host and port on the remote side.
550This works by allocating a socket to listen to
551.Ar port
552on the local side, and whenever a connection is made to this port, the
553connection is forwarded over the secure channel, and a connection is
554made to
555.Ar host
556port
557.Ar hostport
558from the remote machine.
559Port forwardings can also be specified in the configuration file.
560Only root can forward privileged ports.
561IPv6 addresses can be specified with an alternative syntax:
562.Sm off
563.Xo
564.Ar port No / Ar host No /
565.Ar hostport .
566.Xc
567.Sm on
499.It Fl l Ar login_name 568.It Fl l Ar login_name
500Specifies the user to log in as on the remote machine. 569Specifies the user to log in as on the remote machine.
501This also may be specified on a per-host basis in the configuration file. 570This also may be specified on a per-host basis in the configuration file.
@@ -506,6 +575,10 @@ be specified in order of preference.
506See the 575See the
507.Cm MACs 576.Cm MACs
508keyword for more information. 577keyword for more information.
578.It Fl N
579Do not execute a remote command.
580This is useful for just forwarding ports
581(protocol version 2 only).
509.It Fl n 582.It Fl n
510Redirects stdin from 583Redirects stdin from
511.Pa /dev/null 584.Pa /dev/null
@@ -526,14 +599,66 @@ program will be put in the background.
526needs to ask for a password or passphrase; see also the 599needs to ask for a password or passphrase; see also the
527.Fl f 600.Fl f
528option.) 601option.)
529.It Fl N
530Do not execute a remote command.
531This is useful for just forwarding ports
532(protocol version 2 only).
533.It Fl o Ar option 602.It Fl o Ar option
534Can be used to give options in the format used in the configuration file. 603Can be used to give options in the format used in the configuration file.
535This is useful for specifying options for which there is no separate 604This is useful for specifying options for which there is no separate
536command-line flag. 605command-line flag.
606For full details of the options listed below, and their possible values, see
607.Xr ssh_config 5 .
608.Pp
609.Bl -tag -width Ds -offset indent -compact
610.It AddressFamily
611.It BatchMode
612.It BindAddress
613.It ChallengeResponseAuthentication
614.It CheckHostIP
615.It Cipher
616.It Ciphers
617.It ClearAllForwardings
618.It Compression
619.It CompressionLevel
620.It ConnectionAttempts
621.It ConnectionTimeout
622.It DynamicForward
623.It EscapeChar
624.It ForwardAgent
625.It ForwardX11
626.It ForwardX11Trusted
627.It GatewayPorts
628.It GlobalKnownHostsFile
629.It GSSAPIAuthentication
630.It GSSAPIDelegateCredentials
631.It Host
632.It HostbasedAuthentication
633.It HostKeyAlgorithms
634.It HostKeyAlias
635.It HostName
636.It IdentityFile
637.It LocalForward
638.It LogLevel
639.It MACs
640.It NoHostAuthenticationForLocalhost
641.It NumberOfPasswordPrompts
642.It PasswordAuthentication
643.It Port
644.It PreferredAuthentications
645.It Protocol
646.It ProxyCommand
647.It PubkeyAuthentication
648.It RemoteForward
649.It RhostsRSAAuthentication
650.It RSAAuthentication
651.It ServerAliveInterval
652.It ServerAliveCountMax
653.It SmartcardDevice
654.It StrictHostKeyChecking
655.It TCPKeepAlive
656.It UsePrivilegedPort
657.It User
658.It UserKnownHostsFile
659.It VerifyHostKeyDNS
660.It XAuthLocation
661.El
537.It Fl p Ar port 662.It Fl p Ar port
538Port to connect to on the remote host. 663Port to connect to on the remote host.
539This can be specified on a 664This can be specified on a
@@ -545,11 +670,40 @@ Only fatal errors are displayed.
545If a second 670If a second
546.Fl q 671.Fl q
547is given then even fatal errors are suppressed. 672is given then even fatal errors are suppressed.
673.It Fl R Xo
674.Sm off
675.Ar port : host : hostport
676.Sm on
677.Xc
678Specifies that the given port on the remote (server) host is to be
679forwarded to the given host and port on the local side.
680This works by allocating a socket to listen to
681.Ar port
682on the remote side, and whenever a connection is made to this port, the
683connection is forwarded over the secure channel, and a connection is
684made to
685.Ar host
686port
687.Ar hostport
688from the local machine.
689Port forwardings can also be specified in the configuration file.
690Privileged ports can be forwarded only when
691logging in as root on the remote machine.
692IPv6 addresses can be specified with an alternative syntax:
693.Sm off
694.Xo
695.Ar port No / Ar host No /
696.Ar hostport .
697.Xc
698.Sm on
548.It Fl s 699.It Fl s
549May be used to request invocation of a subsystem on the remote system. 700May be used to request invocation of a subsystem on the remote system.
550Subsystems are a feature of the SSH2 protocol which facilitate the use 701Subsystems are a feature of the SSH2 protocol which facilitate the use
551of SSH as a secure transport for other applications (eg. sftp). 702of SSH as a secure transport for other applications (eg.\&
703.Xr sftp 1 ) .
552The subsystem is specified as the remote command. 704The subsystem is specified as the remote command.
705.It Fl T
706Disable pseudo-tty allocation.
553.It Fl t 707.It Fl t
554Force pseudo-tty allocation. 708Force pseudo-tty allocation.
555This can be used to execute arbitrary 709This can be used to execute arbitrary
@@ -560,8 +714,8 @@ Multiple
560options force tty allocation, even if 714options force tty allocation, even if
561.Nm 715.Nm
562has no local tty. 716has no local tty.
563.It Fl T 717.It Fl V
564Disable pseudo-tty allocation. 718Display the version number and exit.
565.It Fl v 719.It Fl v
566Verbose mode. 720Verbose mode.
567Causes 721Causes
@@ -573,10 +727,6 @@ Multiple
573.Fl v 727.Fl v
574options increase the verbosity. 728options increase the verbosity.
575The maximum is 3. 729The maximum is 3.
576.It Fl V
577Display the version number and exit.
578.It Fl x
579Disables X11 forwarding.
580.It Fl X 730.It Fl X
581Enables X11 forwarding. 731Enables X11 forwarding.
582This can also be specified on a per-host basis in a configuration file. 732This can also be specified on a per-host basis in a configuration file.
@@ -586,94 +736,10 @@ Users with the ability to bypass file permissions on the remote host
586(for the user's X authorization database) 736(for the user's X authorization database)
587can access the local X11 display through the forwarded connection. 737can access the local X11 display through the forwarded connection.
588An attacker may then be able to perform activities such as keystroke monitoring. 738An attacker may then be able to perform activities such as keystroke monitoring.
589.It Fl C 739.It Fl x
590Requests compression of all data (including stdin, stdout, stderr, and 740Disables X11 forwarding.
591data for forwarded X11 and TCP/IP connections). 741.It Fl Y
592The compression algorithm is the same used by 742Enables trusted X11 forwarding.
593.Xr gzip 1 ,
594and the
595.Dq level
596can be controlled by the
597.Cm CompressionLevel
598option for protocol version 1.
599Compression is desirable on modem lines and other
600slow connections, but will only slow down things on fast networks.
601The default value can be set on a host-by-host basis in the
602configuration files; see the
603.Cm Compression
604option.
605.It Fl F Ar configfile
606Specifies an alternative per-user configuration file.
607If a configuration file is given on the command line,
608the system-wide configuration file
609.Pq Pa /etc/ssh/ssh_config
610will be ignored.
611The default for the per-user configuration file is
612.Pa $HOME/.ssh/config .
613.It Fl L Ar port:host:hostport
614Specifies that the given port on the local (client) host is to be
615forwarded to the given host and port on the remote side.
616This works by allocating a socket to listen to
617.Ar port
618on the local side, and whenever a connection is made to this port, the
619connection is forwarded over the secure channel, and a connection is
620made to
621.Ar host
622port
623.Ar hostport
624from the remote machine.
625Port forwardings can also be specified in the configuration file.
626Only root can forward privileged ports.
627IPv6 addresses can be specified with an alternative syntax:
628.Ar port/host/hostport
629.It Fl R Ar port:host:hostport
630Specifies that the given port on the remote (server) host is to be
631forwarded to the given host and port on the local side.
632This works by allocating a socket to listen to
633.Ar port
634on the remote side, and whenever a connection is made to this port, the
635connection is forwarded over the secure channel, and a connection is
636made to
637.Ar host
638port
639.Ar hostport
640from the local machine.
641Port forwardings can also be specified in the configuration file.
642Privileged ports can be forwarded only when
643logging in as root on the remote machine.
644IPv6 addresses can be specified with an alternative syntax:
645.Ar port/host/hostport
646.It Fl D Ar port
647Specifies a local
648.Dq dynamic
649application-level port forwarding.
650This works by allocating a socket to listen to
651.Ar port
652on the local side, and whenever a connection is made to this port, the
653connection is forwarded over the secure channel, and the application
654protocol is then used to determine where to connect to from the
655remote machine.
656Currently the SOCKS4 and SOCKS5 protocols are supported, and
657.Nm
658will act as a SOCKS server.
659Only root can forward privileged ports.
660Dynamic port forwardings can also be specified in the configuration file.
661.It Fl 1
662Forces
663.Nm
664to try protocol version 1 only.
665.It Fl 2
666Forces
667.Nm
668to try protocol version 2 only.
669.It Fl 4
670Forces
671.Nm
672to use IPv4 addresses only.
673.It Fl 6
674Forces
675.Nm
676to use IPv6 addresses only.
677.El 743.El
678.Sh CONFIGURATION FILES 744.Sh CONFIGURATION FILES
679.Nm 745.Nm
@@ -684,7 +750,7 @@ The file format and configuration options are described in
684.Sh ENVIRONMENT 750.Sh ENVIRONMENT
685.Nm 751.Nm
686will normally set the following environment variables: 752will normally set the following environment variables:
687.Bl -tag -width Ds 753.Bl -tag -width LOGNAME
688.It Ev DISPLAY 754.It Ev DISPLAY
689The 755The
690.Ev DISPLAY 756.Ev DISPLAY
@@ -694,7 +760,7 @@ It is automatically set by
694to point to a value of the form 760to point to a value of the form
695.Dq hostname:n 761.Dq hostname:n
696where hostname indicates 762where hostname indicates
697the host where the shell runs, and n is an integer >= 1. 763the host where the shell runs, and n is an integer \*(Ge 1.
698.Nm 764.Nm
699uses this special value to forward X11 connections over the secure 765uses this special value to forward X11 connections over the secure
700channel. 766channel.
@@ -772,7 +838,7 @@ and adds lines of the format
772.Dq VARNAME=value 838.Dq VARNAME=value
773to the environment if the file exists and if users are allowed to 839to the environment if the file exists and if users are allowed to
774change their environment. 840change their environment.
775See the 841For more information, see the
776.Cm PermitUserEnvironment 842.Cm PermitUserEnvironment
777option in 843option in
778.Xr sshd_config 5 . 844.Xr sshd_config 5 .
@@ -801,7 +867,7 @@ Contains the public key for authentication (public part of the
801identity file in human-readable form). 867identity file in human-readable form).
802The contents of the 868The contents of the
803.Pa $HOME/.ssh/identity.pub 869.Pa $HOME/.ssh/identity.pub
804file should be added to 870file should be added to the file
805.Pa $HOME/.ssh/authorized_keys 871.Pa $HOME/.ssh/authorized_keys
806on all machines 872on all machines
807where the user wishes to log in using protocol version 1 RSA authentication. 873where the user wishes to log in using protocol version 1 RSA authentication.
@@ -827,7 +893,8 @@ Lists the public keys (RSA/DSA) that can be used for logging in as this user.
827The format of this file is described in the 893The format of this file is described in the
828.Xr sshd 8 894.Xr sshd 8
829manual page. 895manual page.
830In the simplest form the format is the same as the .pub 896In the simplest form the format is the same as the
897.Pa .pub
831identity files. 898identity files.
832This file is not highly sensitive, but the recommended 899This file is not highly sensitive, but the recommended
833permissions are read/write for the user, and not accessible by others. 900permissions are read/write for the user, and not accessible by others.
@@ -843,7 +910,7 @@ by spaces): system name, public key and optional comment field.
843When different names are used 910When different names are used
844for the same machine, all such names should be listed, separated by 911for the same machine, all such names should be listed, separated by
845commas. 912commas.
846The format is described on the 913The format is described in the
847.Xr sshd 8 914.Xr sshd 8
848manual page. 915manual page.
849.Pp 916.Pp
@@ -883,7 +950,7 @@ By default
883is not setuid root. 950is not setuid root.
884.It Pa $HOME/.rhosts 951.It Pa $HOME/.rhosts
885This file is used in 952This file is used in
886.Pa \&.rhosts 953.Em rhosts
887authentication to list the 954authentication to list the
888host/user pairs that are permitted to log in. 955host/user pairs that are permitted to log in.
889(Note that this file is 956(Note that this file is
@@ -905,7 +972,9 @@ accessible by others.
905Note that by default 972Note that by default
906.Xr sshd 8 973.Xr sshd 8
907will be installed so that it requires successful RSA host 974will be installed so that it requires successful RSA host
908authentication before permitting \s+2.\s0rhosts authentication. 975authentication before permitting
976.Em rhosts
977authentication.
909If the server machine does not have the client's host key in 978If the server machine does not have the client's host key in
910.Pa /etc/ssh/ssh_known_hosts , 979.Pa /etc/ssh/ssh_known_hosts ,
911it can be stored in 980it can be stored in
@@ -916,21 +985,20 @@ will automatically add the host key to
916.Pa $HOME/.ssh/known_hosts . 985.Pa $HOME/.ssh/known_hosts .
917.It Pa $HOME/.shosts 986.It Pa $HOME/.shosts
918This file is used exactly the same way as 987This file is used exactly the same way as
919.Pa \&.rhosts . 988.Pa .rhosts .
920The purpose for 989The purpose for
921having this file is to be able to use rhosts authentication with 990having this file is to be able to use rhosts authentication with
922.Nm 991.Nm
923without permitting login with 992without permitting login with
924.Nm rlogin 993.Xr rlogin
925or 994or
926.Xr rsh 1 . 995.Xr rsh 1 .
927.It Pa /etc/hosts.equiv 996.It Pa /etc/hosts.equiv
928This file is used during 997This file is used during
929.Pa \&.rhosts 998.Em rhosts
930authentication. 999authentication.
931It contains 1000It contains
932canonical hosts names, one per line (the full format is described on 1001canonical hosts names, one per line (the full format is described in the
933the
934.Xr sshd 8 1002.Xr sshd 8
935manual page). 1003manual page).
936If the client host is found in this file, login is 1004If the client host is found in this file, login is
@@ -970,6 +1038,7 @@ above.
970exits with the exit status of the remote command or with 255 1038exits with the exit status of the remote command or with 255
971if an error occurred. 1039if an error occurred.
972.Sh SEE ALSO 1040.Sh SEE ALSO
1041.Xr gzip 1 ,
973.Xr rsh 1 , 1042.Xr rsh 1 ,
974.Xr scp 1 , 1043.Xr scp 1 ,
975.Xr sftp 1 , 1044.Xr sftp 1 ,
@@ -978,6 +1047,7 @@ if an error occurred.
978.Xr ssh-argv0 1 , 1047.Xr ssh-argv0 1 ,
979.Xr ssh-keygen 1 , 1048.Xr ssh-keygen 1 ,
980.Xr telnet 1 , 1049.Xr telnet 1 ,
1050.Xr hosts.equiv 5 ,
981.Xr ssh_config 5 , 1051.Xr ssh_config 5 ,
982.Xr ssh-keysign 8 , 1052.Xr ssh-keysign 8 ,
983.Xr sshd 8 1053.Xr sshd 8
diff --git a/ssh.c b/ssh.c
index ca279fbb8..05960af98 100644
--- a/ssh.c
+++ b/ssh.c
@@ -13,7 +13,7 @@
13 * called by a name other than "ssh" or "Secure Shell". 13 * called by a name other than "ssh" or "Secure Shell".
14 * 14 *
15 * Copyright (c) 1999 Niels Provos. All rights reserved. 15 * Copyright (c) 1999 Niels Provos. All rights reserved.
16 * Copyright (c) 2000, 2001, 2002 Markus Friedl. All rights reserved. 16 * Copyright (c) 2000, 2001, 2002, 2003 Markus Friedl. All rights reserved.
17 * 17 *
18 * Modified to work with SSL by Niels Provos <provos@citi.umich.edu> 18 * Modified to work with SSL by Niels Provos <provos@citi.umich.edu>
19 * in Canada (German citizen). 19 * in Canada (German citizen).
@@ -40,7 +40,7 @@
40 */ 40 */
41 41
42#include "includes.h" 42#include "includes.h"
43RCSID("$OpenBSD: ssh.c,v 1.201 2003/09/01 18:15:50 markus Exp $"); 43RCSID("$OpenBSD: ssh.c,v 1.206 2003/12/16 15:49:51 markus Exp $");
44 44
45#include <openssl/evp.h> 45#include <openssl/evp.h>
46#include <openssl/err.h> 46#include <openssl/err.h>
@@ -155,6 +155,7 @@ usage(void)
155 fprintf(stderr, " -A Enable authentication agent forwarding.\n"); 155 fprintf(stderr, " -A Enable authentication agent forwarding.\n");
156 fprintf(stderr, " -a Disable authentication agent forwarding (default).\n"); 156 fprintf(stderr, " -a Disable authentication agent forwarding (default).\n");
157 fprintf(stderr, " -X Enable X11 connection forwarding.\n"); 157 fprintf(stderr, " -X Enable X11 connection forwarding.\n");
158 fprintf(stderr, " -Y Enable trusted X11 connection forwarding.\n");
158 fprintf(stderr, " -x Disable X11 connection forwarding (default).\n"); 159 fprintf(stderr, " -x Disable X11 connection forwarding (default).\n");
159 fprintf(stderr, " -i file Identity for public key authentication " 160 fprintf(stderr, " -i file Identity for public key authentication "
160 "(default: ~/.ssh/identity)\n"); 161 "(default: ~/.ssh/identity)\n");
@@ -204,7 +205,7 @@ main(int ac, char **av)
204 int i, opt, exit_status; 205 int i, opt, exit_status;
205 u_short fwd_port, fwd_host_port; 206 u_short fwd_port, fwd_host_port;
206 char sfwd_port[6], sfwd_host_port[6]; 207 char sfwd_port[6], sfwd_host_port[6];
207 char *p, *cp, buf[256]; 208 char *p, *cp, *line, buf[256];
208 struct stat st; 209 struct stat st;
209 struct passwd *pw; 210 struct passwd *pw;
210 int dummy; 211 int dummy;
@@ -220,7 +221,7 @@ main(int ac, char **av)
220 */ 221 */
221 original_real_uid = getuid(); 222 original_real_uid = getuid();
222 original_effective_uid = geteuid(); 223 original_effective_uid = geteuid();
223 224
224 /* 225 /*
225 * Use uid-swapping to give up root privileges for the duration of 226 * Use uid-swapping to give up root privileges for the duration of
226 * option processing. We will re-instantiate the rights when we are 227 * option processing. We will re-instantiate the rights when we are
@@ -264,7 +265,7 @@ main(int ac, char **av)
264 265
265again: 266again:
266 while ((opt = getopt(ac, av, 267 while ((opt = getopt(ac, av,
267 "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:L:NPR:TVX")) != -1) { 268 "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:L:NPR:TVXY")) != -1) {
268 switch (opt) { 269 switch (opt) {
269 case '1': 270 case '1':
270 options.protocol = SSH_PROTO_1; 271 options.protocol = SSH_PROTO_1;
@@ -291,6 +292,10 @@ again:
291 case 'X': 292 case 'X':
292 options.forward_x11 = 1; 293 options.forward_x11 = 1;
293 break; 294 break;
295 case 'Y':
296 options.forward_x11 = 1;
297 options.forward_x11_trusted = 1;
298 break;
294 case 'g': 299 case 'g':
295 options.gateway_ports = 1; 300 options.gateway_ports = 1;
296 break; 301 break;
@@ -304,7 +309,7 @@ again:
304 options.forward_agent = 1; 309 options.forward_agent = 1;
305 break; 310 break;
306 case 'k': 311 case 'k':
307 /* ignored for backward compatibility */ 312 options.gss_deleg_creds = 0;
308 break; 313 break;
309 case 'i': 314 case 'i':
310 if (stat(optarg, &st) < 0) { 315 if (stat(optarg, &st) < 0) {
@@ -464,9 +469,11 @@ again:
464 break; 469 break;
465 case 'o': 470 case 'o':
466 dummy = 1; 471 dummy = 1;
472 line = xstrdup(optarg);
467 if (process_config_line(&options, host ? host : "", 473 if (process_config_line(&options, host ? host : "",
468 optarg, "command-line", 0, &dummy) != 0) 474 line, "command-line", 0, &dummy) != 0)
469 exit(1); 475 exit(1);
476 xfree(line);
470 break; 477 break;
471 case 's': 478 case 's':
472 subsystem_flag = 1; 479 subsystem_flag = 1;
@@ -717,7 +724,7 @@ again:
717 packet_close(); 724 packet_close();
718 725
719 /* 726 /*
720 * Send SIGHUP to proxy command if used. We don't wait() in 727 * Send SIGHUP to proxy command if used. We don't wait() in
721 * case it hangs and instead rely on init to reap the child 728 * case it hangs and instead rely on init to reap the child
722 */ 729 */
723 if (proxy_command_pid > 1) 730 if (proxy_command_pid > 1)
@@ -726,19 +733,25 @@ again:
726 return exit_status; 733 return exit_status;
727} 734}
728 735
736#define SSH_X11_PROTO "MIT-MAGIC-COOKIE-1"
737
729static void 738static void
730x11_get_proto(char **_proto, char **_data) 739x11_get_proto(char **_proto, char **_data)
731{ 740{
741 char cmd[1024];
732 char line[512]; 742 char line[512];
743 char xdisplay[512];
733 static char proto[512], data[512]; 744 static char proto[512], data[512];
734 FILE *f; 745 FILE *f;
735 int got_data = 0, i; 746 int got_data = 0, generated = 0, do_unlink = 0, i;
736 char *display; 747 char *display, *xauthdir, *xauthfile;
737 struct stat st; 748 struct stat st;
738 749
750 xauthdir = xauthfile = NULL;
739 *_proto = proto; 751 *_proto = proto;
740 *_data = data; 752 *_data = data;
741 proto[0] = data[0] = '\0'; 753 proto[0] = data[0] = '\0';
754
742 if (!options.xauth_location || 755 if (!options.xauth_location ||
743 (stat(options.xauth_location, &st) == -1)) { 756 (stat(options.xauth_location, &st) == -1)) {
744 debug("No xauth program."); 757 debug("No xauth program.");
@@ -747,28 +760,59 @@ x11_get_proto(char **_proto, char **_data)
747 debug("x11_get_proto: DISPLAY not set"); 760 debug("x11_get_proto: DISPLAY not set");
748 return; 761 return;
749 } 762 }
750 /* Try to get Xauthority information for the display. */ 763 /*
751 if (strncmp(display, "localhost:", 10) == 0) 764 * Handle FamilyLocal case where $DISPLAY does
752 /* 765 * not match an authorization entry. For this we
753 * Handle FamilyLocal case where $DISPLAY does 766 * just try "xauth list unix:displaynum.screennum".
754 * not match an authorization entry. For this we 767 * XXX: "localhost" match to determine FamilyLocal
755 * just try "xauth list unix:displaynum.screennum". 768 * is not perfect.
756 * XXX: "localhost" match to determine FamilyLocal 769 */
757 * is not perfect. 770 if (strncmp(display, "localhost:", 10) == 0) {
758 */ 771 snprintf(xdisplay, sizeof(xdisplay), "unix:%s",
759 snprintf(line, sizeof line, "%s list unix:%s 2>" 772 display + 10);
760 _PATH_DEVNULL, options.xauth_location, display+10); 773 display = xdisplay;
761 else 774 }
762 snprintf(line, sizeof line, "%s list %.200s 2>" 775 if (options.forward_x11_trusted == 0) {
763 _PATH_DEVNULL, options.xauth_location, display); 776 xauthdir = xmalloc(MAXPATHLEN);
764 debug2("x11_get_proto: %s", line); 777 xauthfile = xmalloc(MAXPATHLEN);
765 f = popen(line, "r"); 778 strlcpy(xauthdir, "/tmp/ssh-XXXXXXXXXX", MAXPATHLEN);
779 if (mkdtemp(xauthdir) != NULL) {
780 do_unlink = 1;
781 snprintf(xauthfile, MAXPATHLEN, "%s/xauthfile",
782 xauthdir);
783 snprintf(cmd, sizeof(cmd),
784 "%s -f %s generate %s " SSH_X11_PROTO
785 " untrusted timeout 120 2>" _PATH_DEVNULL,
786 options.xauth_location, xauthfile, display);
787 debug2("x11_get_proto: %s", cmd);
788 if (system(cmd) == 0)
789 generated = 1;
790 }
791 }
792 snprintf(cmd, sizeof(cmd),
793 "%s %s%s list %s . 2>" _PATH_DEVNULL,
794 options.xauth_location,
795 generated ? "-f " : "" ,
796 generated ? xauthfile : "",
797 display);
798 debug2("x11_get_proto: %s", cmd);
799 f = popen(cmd, "r");
766 if (f && fgets(line, sizeof(line), f) && 800 if (f && fgets(line, sizeof(line), f) &&
767 sscanf(line, "%*s %511s %511s", proto, data) == 2) 801 sscanf(line, "%*s %511s %511s", proto, data) == 2)
768 got_data = 1; 802 got_data = 1;
769 if (f) 803 if (f)
770 pclose(f); 804 pclose(f);
771 } 805 }
806
807 if (do_unlink) {
808 unlink(xauthfile);
809 rmdir(xauthdir);
810 }
811 if (xauthdir)
812 xfree(xauthdir);
813 if (xauthfile)
814 xfree(xauthfile);
815
772 /* 816 /*
773 * If we didn't get authentication data, just make up some 817 * If we didn't get authentication data, just make up some
774 * data. The forwarding code will check the validity of the 818 * data. The forwarding code will check the validity of the
@@ -780,12 +824,14 @@ x11_get_proto(char **_proto, char **_data)
780 if (!got_data) { 824 if (!got_data) {
781 u_int32_t rand = 0; 825 u_int32_t rand = 0;
782 826
783 logit("Warning: No xauth data; using fake authentication data for X11 forwarding."); 827 logit("Warning: No xauth data; "
784 strlcpy(proto, "MIT-MAGIC-COOKIE-1", sizeof proto); 828 "using fake authentication data for X11 forwarding.");
829 strlcpy(proto, SSH_X11_PROTO, sizeof proto);
785 for (i = 0; i < 16; i++) { 830 for (i = 0; i < 16; i++) {
786 if (i % 4 == 0) 831 if (i % 4 == 0)
787 rand = arc4random(); 832 rand = arc4random();
788 snprintf(data + 2 * i, sizeof data - 2 * i, "%02x", rand & 0xff); 833 snprintf(data + 2 * i, sizeof data - 2 * i, "%02x",
834 rand & 0xff);
789 rand >>= 8; 835 rand >>= 8;
790 } 836 }
791 } 837 }
@@ -988,16 +1034,13 @@ client_subsystem_reply(int type, u_int32_t seq, void *ctxt)
988} 1034}
989 1035
990void 1036void
991client_global_request_reply(int type, u_int32_t seq, void *ctxt) 1037client_global_request_reply_fwd(int type, u_int32_t seq, void *ctxt)
992{ 1038{
993 int i; 1039 int i;
994 1040
995 i = client_global_request_id++; 1041 i = client_global_request_id++;
996 if (i >= options.num_remote_forwards) { 1042 if (i >= options.num_remote_forwards)
997 debug("client_global_request_reply: too many replies %d > %d",
998 i, options.num_remote_forwards);
999 return; 1043 return;
1000 }
1001 debug("remote forward %s for: listen %d, connect %s:%d", 1044 debug("remote forward %s for: listen %d, connect %s:%d",
1002 type == SSH2_MSG_REQUEST_SUCCESS ? "success" : "failure", 1045 type == SSH2_MSG_REQUEST_SUCCESS ? "success" : "failure",
1003 options.remote_forwards[i].port, 1046 options.remote_forwards[i].port,
diff --git a/ssh.h b/ssh.h
index e88b9b83e..a3b2ebbb5 100644
--- a/ssh.h
+++ b/ssh.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh.h,v 1.74 2003/09/01 13:52:18 markus Exp $ */ 1/* $OpenBSD: ssh.h,v 1.75 2003/12/02 17:01:15 markus Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -103,4 +103,7 @@
103/* Minimum modulus size (n) for RSA keys. */ 103/* Minimum modulus size (n) for RSA keys. */
104#define SSH_RSA_MINIMUM_MODULUS_SIZE 768 104#define SSH_RSA_MINIMUM_MODULUS_SIZE 768
105 105
106/* Listen backlog for sshd, ssh-agent and forwarding sockets */
107#define SSH_LISTEN_BACKLOG 128
108
106#endif /* SSH_H */ 109#endif /* SSH_H */
diff --git a/ssh_config.0 b/ssh_config.0
index a8687ffc2..40e9d3001 100644
--- a/ssh_config.0
+++ b/ssh_config.0
@@ -1,4 +1,4 @@
1SSH_CONFIG(5) BSD File Formats Manual SSH_CONFIG(5) 1SSH_CONFIG(5) OpenBSD Programmer's Manual SSH_CONFIG(5)
2 2
3NAME 3NAME
4 ssh_config - OpenSSH SSH client configuration files 4 ssh_config - OpenSSH SSH client configuration files
@@ -11,11 +11,11 @@ DESCRIPTION
11 ssh obtains configuration data from the following sources in the follow- 11 ssh obtains configuration data from the following sources in the follow-
12 ing order: 12 ing order:
13 1. command-line options 13 1. command-line options
14 2. userM-bM-^@M-^Ys configuration file ($HOME/.ssh/config) 14 2. user's configuration file ($HOME/.ssh/config)
15 3. system-wide configuration file (/etc/ssh/ssh_config) 15 3. system-wide configuration file (/etc/ssh/ssh_config)
16 16
17 For each parameter, the first obtained value will be used. The configu- 17 For each parameter, the first obtained value will be used. The configu-
18 ration files contain sections bracketed by M-bM-^@M-^\HostM-bM-^@M-^] specifications, and 18 ration files contain sections bracketed by ``Host'' specifications, and
19 that section is only applied for hosts that match one of the patterns 19 that section is only applied for hosts that match one of the patterns
20 given in the specification. The matched host name is the one given on 20 given in the specification. The matched host name is the one given on
21 the command line. 21 the command line.
@@ -26,11 +26,11 @@ DESCRIPTION
26 26
27 The configuration file has the following format: 27 The configuration file has the following format:
28 28
29 Empty lines and lines starting with M-bM-^@M-^X#M-bM-^@M-^Y are comments. 29 Empty lines and lines starting with `#' are comments.
30 30
31 Otherwise a line is of the format M-bM-^@M-^\keyword argumentsM-bM-^@M-^]. Configuration 31 Otherwise a line is of the format ``keyword arguments''. Configuration
32 options may be separated by whitespace or optional whitespace and exactly 32 options may be separated by whitespace or optional whitespace and exactly
33 one M-bM-^@M-^X=M-bM-^@M-^Y; the latter format is useful to avoid the need to quote whites- 33 one `='; the latter format is useful to avoid the need to quote whites-
34 pace when specifying configuration options using the ssh, scp and sftp -o 34 pace when specifying configuration options using the ssh, scp and sftp -o
35 option. 35 option.
36 36
@@ -39,54 +39,54 @@ DESCRIPTION
39 39
40 Host Restricts the following declarations (up to the next Host key- 40 Host Restricts the following declarations (up to the next Host key-
41 word) to be only for those hosts that match one of the patterns 41 word) to be only for those hosts that match one of the patterns
42 given after the keyword. M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^X?M-bM-^@M-^Y can be used as wildcards in 42 given after the keyword. `*' and `?' can be used as wildcards in
43 the patterns. A single M-bM-^@M-^X*M-bM-^@M-^Y as a pattern can be used to provide 43 the patterns. A single `*' as a pattern can be used to provide
44 global defaults for all hosts. The host is the hostname argument 44 global defaults for all hosts. The host is the hostname argument
45 given on the command line (i.e., the name is not converted to a 45 given on the command line (i.e., the name is not converted to a
46 canonicalized host name before matching). 46 canonicalized host name before matching).
47 47
48 AddressFamily 48 AddressFamily
49 Specifies which address family to use when connecting. Valid 49 Specifies which address family to use when connecting. Valid ar-
50 arguments are M-bM-^@M-^\anyM-bM-^@M-^], M-bM-^@M-^\inetM-bM-^@M-^] (Use IPv4 only) or M-bM-^@M-^\inet6M-bM-^@M-^] (Use IPv6 50 guments are ``any'', ``inet'' (Use IPv4 only) or ``inet6'' (Use
51 only.) 51 IPv6 only.)
52 52
53 BatchMode 53 BatchMode
54 If set to M-bM-^@M-^\yesM-bM-^@M-^], passphrase/password querying will be disabled. 54 If set to ``yes'', passphrase/password querying will be disabled.
55 This option is useful in scripts and other batch jobs where no 55 This option is useful in scripts and other batch jobs where no
56 user is present to supply the password. The argument must be 56 user is present to supply the password. The argument must be
57 M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. 57 ``yes'' or ``no''. The default is ``no''.
58 58
59 BindAddress 59 BindAddress
60 Specify the interface to transmit from on machines with multiple 60 Specify the interface to transmit from on machines with multiple
61 interfaces or aliased addresses. Note that this option does not 61 interfaces or aliased addresses. Note that this option does not
62 work if UsePrivilegedPort is set to M-bM-^@M-^\yesM-bM-^@M-^]. 62 work if UsePrivilegedPort is set to ``yes''.
63 63
64 ChallengeResponseAuthentication 64 ChallengeResponseAuthentication
65 Specifies whether to use challenge response authentication. The 65 Specifies whether to use challenge response authentication. The
66 argument to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is 66 argument to this keyword must be ``yes'' or ``no''. The default
67 M-bM-^@M-^\yesM-bM-^@M-^]. 67 is ``yes''.
68 68
69 CheckHostIP 69 CheckHostIP
70 If this flag is set to M-bM-^@M-^\yesM-bM-^@M-^], ssh will additionally check the 70 If this flag is set to ``yes'', ssh will additionally check the
71 host IP address in the known_hosts file. This allows ssh to 71 host IP address in the known_hosts file. This allows ssh to de-
72 detect if a host key changed due to DNS spoofing. If the option 72 tect if a host key changed due to DNS spoofing. If the option is
73 is set to M-bM-^@M-^\noM-bM-^@M-^], the check will not be executed. The default is 73 set to ``no'', the check will not be executed. The default is
74 M-bM-^@M-^\yesM-bM-^@M-^]. 74 ``yes''.
75 75
76 Cipher Specifies the cipher to use for encrypting the session in proto- 76 Cipher Specifies the cipher to use for encrypting the session in proto-
77 col version 1. Currently, M-bM-^@M-^\blowfishM-bM-^@M-^], M-bM-^@M-^\3desM-bM-^@M-^], and M-bM-^@M-^\desM-bM-^@M-^] are sup- 77 col version 1. Currently, ``blowfish'', ``3des'', and ``des''
78 ported. des is only supported in the ssh client for interoper- 78 are supported. des is only supported in the ssh client for in-
79 ability with legacy protocol 1 implementations that do not sup- 79 teroperability with legacy protocol 1 implementations that do not
80 port the 3des cipher. Its use is strongly discouraged due to 80 support the 3des cipher. Its use is strongly discouraged due to
81 cryptographic weaknesses. The default is M-bM-^@M-^\3desM-bM-^@M-^]. 81 cryptographic weaknesses. The default is ``3des''.
82 82
83 Ciphers 83 Ciphers
84 Specifies the ciphers allowed for protocol version 2 in order of 84 Specifies the ciphers allowed for protocol version 2 in order of
85 preference. Multiple ciphers must be comma-separated. The 85 preference. Multiple ciphers must be comma-separated. The de-
86 default is 86 fault is
87 87
88 M-bM-^@M-^XM-bM-^@M-^Xaes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, 88 ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,
89 aes192-cbc,aes256-cbcM-bM-^@M-^YM-bM-^@M-^Y 89 aes192-cbc,aes256-cbc''
90 90
91 ClearAllForwardings 91 ClearAllForwardings
92 Specifies that all local, remote and dynamic port forwardings 92 Specifies that all local, remote and dynamic port forwardings
@@ -94,11 +94,11 @@ DESCRIPTION
94 cleared. This option is primarily useful when used from the ssh 94 cleared. This option is primarily useful when used from the ssh
95 command line to clear port forwardings set in configuration 95 command line to clear port forwardings set in configuration
96 files, and is automatically set by scp(1) and sftp(1). The argu- 96 files, and is automatically set by scp(1) and sftp(1). The argu-
97 ment must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. 97 ment must be ``yes'' or ``no''. The default is ``no''.
98 98
99 Compression 99 Compression
100 Specifies whether to use compression. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] 100 Specifies whether to use compression. The argument must be
101 or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. 101 ``yes'' or ``no''. The default is ``no''.
102 102
103 CompressionLevel 103 CompressionLevel
104 Specifies the compression level to use if compression is enabled. 104 Specifies the compression level to use if compression is enabled.
@@ -108,97 +108,111 @@ DESCRIPTION
108 option applies to protocol version 1 only. 108 option applies to protocol version 1 only.
109 109
110 ConnectionAttempts 110 ConnectionAttempts
111 Specifies the number of tries (one per second) to make before 111 Specifies the number of tries (one per second) to make before ex-
112 exiting. The argument must be an integer. This may be useful in 112 iting. The argument must be an integer. This may be useful in
113 scripts if the connection sometimes fails. The default is 1. 113 scripts if the connection sometimes fails. The default is 1.
114 114
115 ConnectTimeout 115 ConnectTimeout
116 Specifies the timeout (in seconds) used when connecting to the 116 Specifies the timeout (in seconds) used when connecting to the
117 ssh server, instead of using the default system TCP timeout. 117 ssh server, instead of using the default system TCP timeout.
118 This value is used only when the target is down or really 118 This value is used only when the target is down or really un-
119 unreachable, not when it refuses the connection. 119 reachable, not when it refuses the connection.
120 120
121 DynamicForward 121 DynamicForward
122 Specifies that a TCP/IP port on the local machine be forwarded 122 Specifies that a TCP/IP port on the local machine be forwarded
123 over the secure channel, and the application protocol is then 123 over the secure channel, and the application protocol is then
124 used to determine where to connect to from the remote machine. 124 used to determine where to connect to from the remote machine.
125 The argument must be a port number. Currently the SOCKS4 and 125 The argument must be a port number. Currently the SOCKS4 and
126 SOCKS5 protocols are supported, and ssh will act as a SOCKS 126 SOCKS5 protocols are supported, and ssh will act as a SOCKS serv-
127 server. Multiple forwardings may be specified, and additional 127 er. Multiple forwardings may be specified, and additional for-
128 forwardings can be given on the command line. Only the superuser 128 wardings can be given on the command line. Only the superuser
129 can forward privileged ports. 129 can forward privileged ports.
130 130
131 EnableSSHKeysign 131 EnableSSHKeysign
132 Setting this option to M-bM-^@M-^\yesM-bM-^@M-^] in the global client configuration 132 Setting this option to ``yes'' in the global client configuration
133 file /etc/ssh/ssh_config enables the use of the helper program 133 file /etc/ssh/ssh_config enables the use of the helper program
134 ssh-keysign(8) during HostbasedAuthentication. The argument must 134 ssh-keysign(8) during HostbasedAuthentication. The argument must
135 be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. See ssh-keysign(8) for 135 be ``yes'' or ``no''. The default is ``no''. This option should
136 more information. 136 be placed in the non-hostspecific section. See ssh-keysign(8)
137 for more information.
137 138
138 EscapeChar 139 EscapeChar
139 Sets the escape character (default: M-bM-^@M-^X~M-bM-^@M-^Y). The escape character 140 Sets the escape character (default: `~'). The escape character
140 can also be set on the command line. The argument should be a 141 can also be set on the command line. The argument should be a
141 single character, M-bM-^@M-^X^M-bM-^@M-^Y followed by a letter, or M-bM-^@M-^\noneM-bM-^@M-^] to disable 142 single character, `^' followed by a letter, or ``none'' to dis-
142 the escape character entirely (making the connection transparent 143 able the escape character entirely (making the connection trans-
143 for binary data). 144 parent for binary data).
144 145
145 ForwardAgent 146 ForwardAgent
146 Specifies whether the connection to the authentication agent (if 147 Specifies whether the connection to the authentication agent (if
147 any) will be forwarded to the remote machine. The argument must 148 any) will be forwarded to the remote machine. The argument must
148 be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. 149 be ``yes'' or ``no''. The default is ``no''.
149 150
150 Agent forwarding should be enabled with caution. Users with the 151 Agent forwarding should be enabled with caution. Users with the
151 ability to bypass file permissions on the remote host (for the 152 ability to bypass file permissions on the remote host (for the
152 agentM-bM-^@M-^Ys Unix-domain socket) can access the local agent through 153 agent's Unix-domain socket) can access the local agent through
153 the forwarded connection. An attacker cannot obtain key material 154 the forwarded connection. An attacker cannot obtain key material
154 from the agent, however they can perform operations on the keys 155 from the agent, however they can perform operations on the keys
155 that enable them to authenticate using the identities loaded into 156 that enable them to authenticate using the identities loaded into
156 the agent. 157 the agent.
157 158
158 ForwardX11 159 ForwardX11
159 Specifies whether X11 connections will be automatically redi- 160 Specifies whether X11 connections will be automatically redirect-
160 rected over the secure channel and DISPLAY set. The argument 161 ed over the secure channel and DISPLAY set. The argument must be
161 must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. 162 ``yes'' or ``no''. The default is ``no''.
162 163
163 X11 forwarding should be enabled with caution. Users with the 164 X11 forwarding should be enabled with caution. Users with the
164 ability to bypass file permissions on the remote host (for the 165 ability to bypass file permissions on the remote host (for the
165 userM-bM-^@M-^Ys X authorization database) can access the local X11 display 166 user's X11 authorization database) can access the local X11 dis-
166 through the forwarded connection. An attacker may then be able 167 play through the forwarded connection. An attacker may then be
167 to perform activities such as keystroke monitoring. 168 able to perform activities such as keystroke monitoring if the
169 ForwardX11Trusted option is also enabled.
170
171 ForwardX11Trusted
172 If the this option is set to ``yes'' then remote X11 clients will
173 have full access to the original X11 display. If this option is
174 set to ``no'' then remote X11 clients will be considered untrust-
175 ed and prevented from stealing or tampering with data belonging
176 to trusted X11 clients.
177
178 The default is ``no''.
179
180 See the X11 SECURITY extension specification for full details on
181 the restrictions imposed on untrusted clients.
168 182
169 GatewayPorts 183 GatewayPorts
170 Specifies whether remote hosts are allowed to connect to local 184 Specifies whether remote hosts are allowed to connect to local
171 forwarded ports. By default, ssh binds local port forwardings to 185 forwarded ports. By default, ssh binds local port forwardings to
172 the loopback address. This prevents other remote hosts from con- 186 the loopback address. This prevents other remote hosts from con-
173 necting to forwarded ports. GatewayPorts can be used to specify 187 necting to forwarded ports. GatewayPorts can be used to specify
174 that ssh should bind local port forwardings to the wildcard 188 that ssh should bind local port forwardings to the wildcard ad-
175 address, thus allowing remote hosts to connect to forwarded 189 dress, thus allowing remote hosts to connect to forwarded ports.
176 ports. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. 190 The argument must be ``yes'' or ``no''. The default is ``no''.
177 191
178 GlobalKnownHostsFile 192 GlobalKnownHostsFile
179 Specifies a file to use for the global host key database instead 193 Specifies a file to use for the global host key database instead
180 of /etc/ssh/ssh_known_hosts. 194 of /etc/ssh/ssh_known_hosts.
181 195
182 GSSAPIAuthentication 196 GSSAPIAuthentication
183 Specifies whether authentication based on GSSAPI may be used, 197 Specifies whether user authentication based on GSSAPI is allowed.
184 either using the result of a successful key exchange, or using 198 The default is ``no''. Note that this option applies to protocol
185 GSSAPI user authentication. The default is M-bM-^@M-^\yesM-bM-^@M-^]. Note that 199 version 2 only.
186 this option applies to protocol version 2 only.
187 200
188 GSSAPIDelegateCredentials 201 GSSAPIDelegateCredentials
189 Forward (delegate) credentials to the server. The default is 202 Forward (delegate) credentials to the server. The default is
190 M-bM-^@M-^\noM-bM-^@M-^]. Note that this option applies to protocol version 2 only. 203 ``no''. Note that this option applies to protocol version 2 on-
204 ly.
191 205
192 HostbasedAuthentication 206 HostbasedAuthentication
193 Specifies whether to try rhosts based authentication with public 207 Specifies whether to try rhosts based authentication with public
194 key authentication. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The 208 key authentication. The argument must be ``yes'' or ``no''. The
195 default is M-bM-^@M-^\noM-bM-^@M-^]. This option applies to protocol version 2 only 209 default is ``no''. This option applies to protocol version 2 on-
196 and is similar to RhostsRSAAuthentication. 210 ly and is similar to RhostsRSAAuthentication.
197 211
198 HostKeyAlgorithms 212 HostKeyAlgorithms
199 Specifies the protocol version 2 host key algorithms that the 213 Specifies the protocol version 2 host key algorithms that the
200 client wants to use in order of preference. The default for this 214 client wants to use in order of preference. The default for this
201 option is: M-bM-^@M-^\ssh-rsa,ssh-dssM-bM-^@M-^]. 215 option is: ``ssh-rsa,ssh-dss''.
202 216
203 HostKeyAlias 217 HostKeyAlias
204 Specifies an alias that should be used instead of the real host 218 Specifies an alias that should be used instead of the real host
@@ -214,29 +228,16 @@ DESCRIPTION
214 tions). 228 tions).
215 229
216 IdentityFile 230 IdentityFile
217 Specifies a file from which the userM-bM-^@M-^Ys RSA or DSA authentication 231 Specifies a file from which the user's RSA or DSA authentication
218 identity is read. The default is $HOME/.ssh/identity for proto- 232 identity is read. The default is $HOME/.ssh/identity for proto-
219 col version 1, and $HOME/.ssh/id_rsa and $HOME/.ssh/id_dsa for 233 col version 1, and $HOME/.ssh/id_rsa and $HOME/.ssh/id_dsa for
220 protocol version 2. Additionally, any identities represented by 234 protocol version 2. Additionally, any identities represented by
221 the authentication agent will be used for authentication. The 235 the authentication agent will be used for authentication. The
222 file name may use the tilde syntax to refer to a userM-bM-^@M-^Ys home 236 file name may use the tilde syntax to refer to a user's home di-
223 directory. It is possible to have multiple identity files speci- 237 rectory. It is possible to have multiple identity files speci-
224 fied in configuration files; all these identities will be tried 238 fied in configuration files; all these identities will be tried
225 in sequence. 239 in sequence.
226 240
227 KeepAlive
228 Specifies whether the system should send TCP keepalive messages
229 to the other side. If they are sent, death of the connection or
230 crash of one of the machines will be properly noticed. However,
231 this means that connections will die if the route is down tem-
232 porarily, and some people find it annoying.
233
234 The default is M-bM-^@M-^\yesM-bM-^@M-^] (to send keepalives), and the client will
235 notice if the network goes down or the remote host dies. This is
236 important in scripts, and many users want it too.
237
238 To disable keepalives, the value should be set to M-bM-^@M-^\noM-bM-^@M-^].
239
240 LocalForward 241 LocalForward
241 Specifies that a TCP/IP port on the local machine be forwarded 242 Specifies that a TCP/IP port on the local machine be forwarded
242 over the secure channel to the specified host and port from the 243 over the secure channel to the specified host and port from the
@@ -253,20 +254,20 @@ DESCRIPTION
253 DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify 254 DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify
254 higher levels of verbose output. 255 higher levels of verbose output.
255 256
256 MACs Specifies the MAC (message authentication code) algorithms in 257 MACs Specifies the MAC (message authentication code) algorithms in or-
257 order of preference. The MAC algorithm is used in protocol ver- 258 der of preference. The MAC algorithm is used in protocol version
258 sion 2 for data integrity protection. Multiple algorithms must 259 2 for data integrity protection. Multiple algorithms must be
259 be comma-separated. The default is 260 comma-separated. The default is ``hmac-md5,hmac-sha1,hmac-
260 M-bM-^@M-^\hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96M-bM-^@M-^]. 261 ripemd160,hmac-sha1-96,hmac-md5-96''.
261 262
262 NoHostAuthenticationForLocalhost 263 NoHostAuthenticationForLocalhost
263 This option can be used if the home directory is shared across 264 This option can be used if the home directory is shared across
264 machines. In this case localhost will refer to a different 265 machines. In this case localhost will refer to a different ma-
265 machine on each of the machines and the user will get many warn- 266 chine on each of the machines and the user will get many warnings
266 ings about changed host keys. However, this option disables host 267 about changed host keys. However, this option disables host au-
267 authentication for localhost. The argument to this keyword must 268 thentication for localhost. The argument to this keyword must be
268 be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is to check the host key for 269 ``yes'' or ``no''. The default is to check the host key for lo-
269 localhost. 270 calhost.
270 271
271 NumberOfPasswordPrompts 272 NumberOfPasswordPrompts
272 Specifies the number of password prompts before giving up. The 273 Specifies the number of password prompts before giving up. The
@@ -274,43 +275,44 @@ DESCRIPTION
274 275
275 PasswordAuthentication 276 PasswordAuthentication
276 Specifies whether to use password authentication. The argument 277 Specifies whether to use password authentication. The argument
277 to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\yesM-bM-^@M-^]. 278 to this keyword must be ``yes'' or ``no''. The default is
279 ``yes''.
278 280
279 Port Specifies the port number to connect on the remote host. Default 281 Port Specifies the port number to connect on the remote host. Default
280 is 22. 282 is 22.
281 283
282 PreferredAuthentications 284 PreferredAuthentications
283 Specifies the order in which the client should try protocol 2 285 Specifies the order in which the client should try protocol 2 au-
284 authentication methods. This allows a client to prefer one 286 thentication methods. This allows a client to prefer one method
285 method (e.g. keyboard-interactive) over another method (e.g. 287 (e.g. keyboard-interactive) over another method (e.g. password)
286 password) The default for this option is: 288 The default for this option is: ``hostbased,publickey,keyboard-
287 M-bM-^@M-^\hostbased,publickey,keyboard-interactive,passwordM-bM-^@M-^]. 289 interactive,password''.
288 290
289 Protocol 291 Protocol
290 Specifies the protocol versions ssh should support in order of 292 Specifies the protocol versions ssh should support in order of
291 preference. The possible values are M-bM-^@M-^\1M-bM-^@M-^] and M-bM-^@M-^\2M-bM-^@M-^]. Multiple ver- 293 preference. The possible values are ``1'' and ``2''. Multiple
292 sions must be comma-separated. The default is M-bM-^@M-^\2,1M-bM-^@M-^]. This means 294 versions must be comma-separated. The default is ``2,1''. This
293 that ssh tries version 2 and falls back to version 1 if version 2 295 means that ssh tries version 2 and falls back to version 1 if
294 is not available. 296 version 2 is not available.
295 297
296 ProxyCommand 298 ProxyCommand
297 Specifies the command to use to connect to the server. The com- 299 Specifies the command to use to connect to the server. The com-
298 mand string extends to the end of the line, and is executed with 300 mand string extends to the end of the line, and is executed with
299 /bin/sh. In the command string, M-bM-^@M-^X%hM-bM-^@M-^Y will be substituted by the 301 /bin/sh. In the command string, `%h' will be substituted by the
300 host name to connect and M-bM-^@M-^X%pM-bM-^@M-^Y by the port. The command can be 302 host name to connect and `%p' by the port. The command can be
301 basically anything, and should read from its standard input and 303 basically anything, and should read from its standard input and
302 write to its standard output. It should eventually connect an 304 write to its standard output. It should eventually connect an
303 sshd(8) server running on some machine, or execute sshd -i some- 305 sshd(8) server running on some machine, or execute sshd -i some-
304 where. Host key management will be done using the HostName of 306 where. Host key management will be done using the HostName of
305 the host being connected (defaulting to the name typed by the 307 the host being connected (defaulting to the name typed by the us-
306 user). Setting the command to M-bM-^@M-^\noneM-bM-^@M-^] disables this option 308 er). Setting the command to ``none'' disables this option en-
307 entirely. Note that CheckHostIP is not available for connects 309 tirely. Note that CheckHostIP is not available for connects with
308 with a proxy command. 310 a proxy command.
309 311
310 PubkeyAuthentication 312 PubkeyAuthentication
311 Specifies whether to try public key authentication. The argument 313 Specifies whether to try public key authentication. The argument
312 to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\yesM-bM-^@M-^]. 314 to this keyword must be ``yes'' or ``no''. The default is
313 This option applies to protocol version 2 only. 315 ``yes''. This option applies to protocol version 2 only.
314 316
315 RemoteForward 317 RemoteForward
316 Specifies that a TCP/IP port on the remote machine be forwarded 318 Specifies that a TCP/IP port on the remote machine be forwarded
@@ -323,45 +325,85 @@ DESCRIPTION
323 325
324 RhostsRSAAuthentication 326 RhostsRSAAuthentication
325 Specifies whether to try rhosts based authentication with RSA 327 Specifies whether to try rhosts based authentication with RSA
326 host authentication. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The 328 host authentication. The argument must be ``yes'' or ``no''.
327 default is M-bM-^@M-^\noM-bM-^@M-^]. This option applies to protocol version 1 only 329 The default is ``no''. This option applies to protocol version 1
328 and requires ssh to be setuid root. 330 only and requires ssh to be setuid root.
329 331
330 RSAAuthentication 332 RSAAuthentication
331 Specifies whether to try RSA authentication. The argument to 333 Specifies whether to try RSA authentication. The argument to
332 this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. RSA authentication will only 334 this keyword must be ``yes'' or ``no''. RSA authentication will
333 be attempted if the identity file exists, or an authentication 335 only be attempted if the identity file exists, or an authentica-
334 agent is running. The default is M-bM-^@M-^\yesM-bM-^@M-^]. Note that this option 336 tion agent is running. The default is ``yes''. Note that this
335 applies to protocol version 1 only. 337 option applies to protocol version 1 only.
338
339 ServerAliveInterval
340 Sets a timeout interval in seconds after which if no data has
341 been received from the server, ssh will send a message through
342 the encrypted channel to request a response from the server. The
343 default is 0, indicating that these messages will not be sent to
344 the server. This option applies to protocol version 2 only.
345
346 ServerAliveCountMax
347 Sets the number of server alive messages (see above) which may be
348 sent without ssh receiving any messages back from the server. If
349 this threshold is reached while server alive messages are being
350 sent, ssh will disconnect from the server, terminating the ses-
351 sion. It is important to note that the use of server alive mes-
352 sages is very different from TCPKeepAlive (below). The server
353 alive messages are sent through the encrypted channel and there-
354 fore will not be spoofable. The TCP keepalive option enabled by
355 TCPKeepAlive is spoofable. The server alive mechanism is valu-
356 able when the client or server depend on knowing when a connec-
357 tion has become inactive.
358
359 The default value is 3. If, for example, ServerAliveInterval
360 (above) is set to 15, and ServerAliveCountMax is left at the de-
361 fault, if the server becomes unresponsive ssh will disconnect af-
362 ter approximately 45 seconds.
336 363
337 SmartcardDevice 364 SmartcardDevice
338 Specifies which smartcard device to use. The argument to this 365 Specifies which smartcard device to use. The argument to this
339 keyword is the device ssh should use to communicate with a smart- 366 keyword is the device ssh should use to communicate with a smart-
340 card used for storing the userM-bM-^@M-^Ys private RSA key. By default, no 367 card used for storing the user's private RSA key. By default, no
341 device is specified and smartcard support is not activated. 368 device is specified and smartcard support is not activated.
342 369
343 StrictHostKeyChecking 370 StrictHostKeyChecking
344 If this flag is set to M-bM-^@M-^\yesM-bM-^@M-^], ssh will never automatically add 371 If this flag is set to ``yes'', ssh will never automatically add
345 host keys to the $HOME/.ssh/known_hosts file, and refuses to con- 372 host keys to the $HOME/.ssh/known_hosts file, and refuses to con-
346 nect to hosts whose host key has changed. This provides maximum 373 nect to hosts whose host key has changed. This provides maximum
347 protection against trojan horse attacks, however, can be annoying 374 protection against trojan horse attacks, however, can be annoying
348 when the /etc/ssh/ssh_known_hosts file is poorly maintained, or 375 when the /etc/ssh/ssh_known_hosts file is poorly maintained, or
349 connections to new hosts are frequently made. This option forces 376 connections to new hosts are frequently made. This option forces
350 the user to manually add all new hosts. If this flag is set to 377 the user to manually add all new hosts. If this flag is set to
351 M-bM-^@M-^\noM-bM-^@M-^], ssh will automatically add new host keys to the user known 378 ``no'', ssh will automatically add new host keys to the user
352 hosts files. If this flag is set to M-bM-^@M-^\askM-bM-^@M-^], new host keys will be 379 known hosts files. If this flag is set to ``ask'', new host keys
353 added to the user known host files only after the user has con- 380 will be added to the user known host files only after the user
354 firmed that is what they really want to do, and ssh will refuse 381 has confirmed that is what they really want to do, and ssh will
355 to connect to hosts whose host key has changed. The host keys of 382 refuse to connect to hosts whose host key has changed. The host
356 known hosts will be verified automatically in all cases. The 383 keys of known hosts will be verified automatically in all cases.
357 argument must be M-bM-^@M-^\yesM-bM-^@M-^], M-bM-^@M-^\noM-bM-^@M-^] or M-bM-^@M-^\askM-bM-^@M-^]. The default is M-bM-^@M-^\askM-bM-^@M-^]. 384 The argument must be ``yes'', ``no'' or ``ask''. The default is
385 ``ask''.
386
387 TCPKeepAlive
388 Specifies whether the system should send TCP keepalive messages
389 to the other side. If they are sent, death of the connection or
390 crash of one of the machines will be properly noticed. However,
391 this means that connections will die if the route is down tem-
392 porarily, and some people find it annoying.
393
394 The default is ``yes'' (to send TCP keepalive messages), and the
395 client will notice if the network goes down or the remote host
396 dies. This is important in scripts, and many users want it too.
397
398 To disable TCP keepalive messages, the value should be set to
399 ``no''.
358 400
359 UsePrivilegedPort 401 UsePrivilegedPort
360 Specifies whether to use a privileged port for outgoing connec- 402 Specifies whether to use a privileged port for outgoing connec-
361 tions. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. 403 tions. The argument must be ``yes'' or ``no''. The default is
362 If set to M-bM-^@M-^\yesM-bM-^@M-^] ssh must be setuid root. Note that this option 404 ``no''. If set to ``yes'' ssh must be setuid root. Note that
363 must be set to M-bM-^@M-^\yesM-bM-^@M-^] for RhostsRSAAuthentication with older 405 this option must be set to ``yes'' for RhostsRSAAuthentication
364 servers. 406 with older servers.
365 407
366 User Specifies the user to log in as. This can be useful when a dif- 408 User Specifies the user to log in as. This can be useful when a dif-
367 ferent user name is used on different machines. This saves the 409 ferent user name is used on different machines. This saves the
@@ -374,8 +416,15 @@ DESCRIPTION
374 416
375 VerifyHostKeyDNS 417 VerifyHostKeyDNS
376 Specifies whether to verify the remote key using DNS and SSHFP 418 Specifies whether to verify the remote key using DNS and SSHFP
377 resource records. The default is M-bM-^@M-^\noM-bM-^@M-^]. Note that this option 419 resource records. If this option is set to ``yes'', the client
378 applies to protocol version 2 only. 420 will implicitly trust keys that match a secure fingerprint from
421 DNS. Insecure fingerprints will be handled as if this option was
422 set to ``ask''. If this option is set to ``ask'', information on
423 fingerprint match will be displayed, but the user will still need
424 to confirm new host keys according to the StrictHostKeyChecking
425 option. The argument must be ``yes'', ``no'' or ``ask''. The
426 default is ``no''. Note that this option applies to protocol
427 version 2 only.
379 428
380 XAuthLocation 429 XAuthLocation
381 Specifies the full pathname of the xauth(1) program. The default 430 Specifies the full pathname of the xauth(1) program. The default
@@ -386,12 +435,12 @@ FILES
386 This is the per-user configuration file. The format of this file 435 This is the per-user configuration file. The format of this file
387 is described above. This file is used by the ssh client. This 436 is described above. This file is used by the ssh client. This
388 file does not usually contain any sensitive information, but the 437 file does not usually contain any sensitive information, but the
389 recommended permissions are read/write for the user, and not 438 recommended permissions are read/write for the user, and not ac-
390 accessible by others. 439 cessible by others.
391 440
392 /etc/ssh/ssh_config 441 /etc/ssh/ssh_config
393 Systemwide configuration file. This file provides defaults for 442 Systemwide configuration file. This file provides defaults for
394 those values that are not specified in the userM-bM-^@M-^Ys configuration 443 those values that are not specified in the user's configuration
395 file, and for those users who do not have a configuration file. 444 file, and for those users who do not have a configuration file.
396 This file must be world-readable. 445 This file must be world-readable.
397 446
@@ -405,4 +454,4 @@ AUTHORS
405 ated OpenSSH. Markus Friedl contributed the support for SSH protocol 454 ated OpenSSH. Markus Friedl contributed the support for SSH protocol
406 versions 1.5 and 2.0. 455 versions 1.5 and 2.0.
407 456
408BSD September 25, 1999 BSD 457OpenBSD 3.4 September 25, 1999 7
diff --git a/ssh_config.5 b/ssh_config.5
index 2ca7ce02f..25485f3da 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -34,7 +34,7 @@
34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36.\" 36.\"
37.\" $OpenBSD: ssh_config.5,v 1.20 2003/09/02 18:50:06 jmc Exp $ 37.\" $OpenBSD: ssh_config.5,v 1.28 2003/12/16 15:49:51 markus Exp $
38.Dd September 25, 1999 38.Dd September 25, 1999
39.Dt SSH_CONFIG 5 39.Dt SSH_CONFIG 5
40.Os 40.Os
@@ -128,7 +128,7 @@ If set to
128.Dq yes , 128.Dq yes ,
129passphrase/password querying will be disabled. 129passphrase/password querying will be disabled.
130In addition, the 130In addition, the
131.Cm ProtocolKeepAlives 131.Cm ServerAliveInterval
132and 132and
133.Cm SetupTimeOut 133.Cm SetupTimeOut
134options will both be set to 300 seconds by default. 134options will both be set to 300 seconds by default.
@@ -193,7 +193,6 @@ Specifies the ciphers allowed for protocol version 2
193in order of preference. 193in order of preference.
194Multiple ciphers must be comma-separated. 194Multiple ciphers must be comma-separated.
195The default is 195The default is
196.Pp
197.Bd -literal 196.Bd -literal
198 ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, 197 ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,
199 aes192-cbc,aes256-cbc'' 198 aes192-cbc,aes256-cbc''
@@ -267,6 +266,7 @@ or
267.Dq no . 266.Dq no .
268The default is 267The default is
269.Dq no . 268.Dq no .
269This option should be placed in the non-hostspecific section.
270See 270See
271.Xr ssh-keysign 8 271.Xr ssh-keysign 8
272for more information. 272for more information.
@@ -313,9 +313,27 @@ The default is
313.Pp 313.Pp
314X11 forwarding should be enabled with caution. 314X11 forwarding should be enabled with caution.
315Users with the ability to bypass file permissions on the remote host 315Users with the ability to bypass file permissions on the remote host
316(for the user's X authorization database) 316(for the user's X11 authorization database)
317can access the local X11 display through the forwarded connection. 317can access the local X11 display through the forwarded connection.
318An attacker may then be able to perform activities such as keystroke monitoring. 318An attacker may then be able to perform activities such as keystroke monitoring
319if the
320.Cm ForwardX11Trusted
321option is also enabled.
322.It Cm ForwardX11Trusted
323If the this option is set to
324.Dq yes
325then remote X11 clients will have full access to the original X11 display.
326If this option is set to
327.Dq no
328then remote X11 clients will be considered untrusted and prevented
329from stealing or tampering with data belonging to trusted X11
330clients.
331.Pp
332The default is
333.Dq no .
334.Pp
335See the X11 SECURITY extension specification for full details on
336the restrictions imposed on untrusted clients.
319.It Cm GatewayPorts 337.It Cm GatewayPorts
320Specifies whether remote hosts are allowed to connect to local 338Specifies whether remote hosts are allowed to connect to local
321forwarded ports. 339forwarded ports.
@@ -339,11 +357,9 @@ Specifies a file to use for the global
339host key database instead of 357host key database instead of
340.Pa /etc/ssh/ssh_known_hosts . 358.Pa /etc/ssh/ssh_known_hosts .
341.It Cm GSSAPIAuthentication 359.It Cm GSSAPIAuthentication
342Specifies whether authentication based on GSSAPI may be used, either using 360Specifies whether user authentication based on GSSAPI is allowed.
343the result of a successful key exchange, or using GSSAPI user
344authentication.
345The default is 361The default is
346.Dq yes . 362.Dq no .
347Note that this option applies to protocol version 2 only. 363Note that this option applies to protocol version 2 only.
348.It Cm GSSAPIDelegateCredentials 364.It Cm GSSAPIDelegateCredentials
349Forward (delegate) credentials to the server. 365Forward (delegate) credentials to the server.
@@ -397,29 +413,6 @@ syntax to refer to a user's home directory.
397It is possible to have 413It is possible to have
398multiple identity files specified in configuration files; all these 414multiple identity files specified in configuration files; all these
399identities will be tried in sequence. 415identities will be tried in sequence.
400.It Cm KeepAlive
401Specifies whether the system should send TCP keepalive messages to the
402other side.
403If they are sent, death of the connection or crash of one
404of the machines will be properly noticed.
405This option only uses TCP keepalives (as opposed to using ssh level
406keepalives), so takes a long time to notice when the connection dies.
407As such, you probably want
408the
409.Cm ProtocolKeepAlives
410option as well.
411However, this means that
412connections will die if the route is down temporarily, and some people
413find it annoying.
414.Pp
415The default is
416.Dq yes
417(to send keepalives), and the client will notice
418if the network goes down or the remote host dies.
419This is important in scripts, and many users want it too.
420.Pp
421To disable keepalives, the value should be set to
422.Dq no .
423.It Cm LocalForward 416.It Cm LocalForward
424Specifies that a TCP/IP port on the local machine be forwarded over 417Specifies that a TCP/IP port on the local machine be forwarded over
425the secure channel to the specified host and port from the remote machine. 418the secure channel to the specified host and port from the remote machine.
@@ -495,14 +488,6 @@ This means that
495.Nm ssh 488.Nm ssh
496tries version 2 and falls back to version 1 489tries version 2 and falls back to version 1
497if version 2 is not available. 490if version 2 is not available.
498.It Cm ProtocolKeepAlives
499Specifies the interval in seconds at which IGNORE packets will be sent to
500the server during idle periods.
501Use this option in scripts to detect when the network fails.
502The argument must be an integer.
503The default is 0 (disabled), or 300 if the
504.Cm BatchMode
505option is set.
506.It Cm ProxyCommand 491.It Cm ProxyCommand
507Specifies the command to use to connect to the server. 492Specifies the command to use to connect to the server.
508The command 493The command
@@ -574,6 +559,45 @@ running.
574The default is 559The default is
575.Dq yes . 560.Dq yes .
576Note that this option applies to protocol version 1 only. 561Note that this option applies to protocol version 1 only.
562.It Cm ServerAliveInterval
563Sets a timeout interval in seconds after which if no data has been received
564from the server,
565.Nm ssh
566will send a message through the encrypted
567channel to request a response from the server.
568The default
569is 0, indicating that these messages will not be sent to the server,
570or 300 if the
571.Cm BatchMode
572option is set.
573This option applies to protocol version 2 only.
574.It Cm ServerAliveCountMax
575Sets the number of server alive messages (see above) which may be
576sent without
577.Nm ssh
578receiving any messages back from the server.
579If this threshold is reached while server alive messages are being sent,
580.Nm ssh
581will disconnect from the server, terminating the session.
582It is important to note that the use of server alive messages is very
583different from
584.Cm TCPKeepAlive
585(below).
586The server alive messages are sent through the encrypted channel
587and therefore will not be spoofable.
588The TCP keepalive option enabled by
589.Cm TCPKeepAlive
590is spoofable.
591The server alive mechanism is valuable when the client or
592server depend on knowing when a connection has become inactive.
593.Pp
594The default value is 3.
595If, for example,
596.Cm ServerAliveInterval
597(above) is set to 15, and
598.Cm ServerAliveCountMax
599is left at the default, if the server becomes unresponsive ssh
600will disconnect after approximately 45 seconds.
577.It Cm SetupTimeOut 601.It Cm SetupTimeOut
578Normally, 602Normally,
579.Nm ssh 603.Nm ssh
@@ -632,6 +656,29 @@ or
632.Dq ask . 656.Dq ask .
633The default is 657The default is
634.Dq ask . 658.Dq ask .
659.It Cm TCPKeepAlive
660Specifies whether the system should send TCP keepalive messages to the
661other side.
662If they are sent, death of the connection or crash of one
663of the machines will be properly noticed.
664This option only uses TCP keepalives (as opposed to using ssh level
665keepalives), so takes a long time to notice when the connection dies.
666As such, you probably want
667the
668.Cm ServerAliveInterval
669option as well.
670However, this means that
671connections will die if the route is down temporarily, and some people
672find it annoying.
673.Pp
674The default is
675.Dq yes
676(to send TCP keepalive messages), and the client will notice
677if the network goes down or the remote host dies.
678This is important in scripts, and many users want it too.
679.Pp
680To disable TCP keepalive messages, the value should be set to
681.Dq no .
635.It Cm UsePrivilegedPort 682.It Cm UsePrivilegedPort
636Specifies whether to use a privileged port for outgoing connections. 683Specifies whether to use a privileged port for outgoing connections.
637The argument must be 684The argument must be
@@ -661,6 +708,23 @@ host key database instead of
661.It Cm VerifyHostKeyDNS 708.It Cm VerifyHostKeyDNS
662Specifies whether to verify the remote key using DNS and SSHFP resource 709Specifies whether to verify the remote key using DNS and SSHFP resource
663records. 710records.
711If this option is set to
712.Dq yes ,
713the client will implicitly trust keys that match a secure fingerprint
714from DNS.
715Insecure fingerprints will be handled as if this option was set to
716.Dq ask .
717If this option is set to
718.Dq ask ,
719information on fingerprint match will be displayed, but the user will still
720need to confirm new host keys according to the
721.Cm StrictHostKeyChecking
722option.
723The argument must be
724.Dq yes ,
725.Dq no
726or
727.Dq ask .
664The default is 728The default is
665.Dq no . 729.Dq no .
666Note that this option applies to protocol version 2 only. 730Note that this option applies to protocol version 2 only.
diff --git a/ssh_prng_cmds.in b/ssh_prng_cmds.in
index 50e7771f9..0d29d49f1 100644
--- a/ssh_prng_cmds.in
+++ b/ssh_prng_cmds.in
@@ -2,10 +2,10 @@
2 2
3# Format is: "program-name args" path rate 3# Format is: "program-name args" path rate
4 4
5# The "rate" represents the number of bits of usuable entropy per 5# The "rate" represents the number of bits of usuable entropy per
6# byte of command output. Be conservative. 6# byte of command output. Be conservative.
7# 7#
8# $Id: ssh_prng_cmds.in,v 1.8 2002/07/14 21:43:58 tim Exp $ 8# $Id: ssh_prng_cmds.in,v 1.9 2003/11/21 12:48:56 djm Exp $
9 9
10"ls -alni /var/log" @PROG_LS@ 0.02 10"ls -alni /var/log" @PROG_LS@ 0.02
11"ls -alni /var/adm" @PROG_LS@ 0.02 11"ls -alni /var/adm" @PROG_LS@ 0.02
diff --git a/sshconnect.c b/sshconnect.c
index 5c56f3178..e0d1a8c7e 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -13,7 +13,7 @@
13 */ 13 */
14 14
15#include "includes.h" 15#include "includes.h"
16RCSID("$OpenBSD: sshconnect.c,v 1.148 2003/09/18 07:52:54 markus Exp $"); 16RCSID("$OpenBSD: sshconnect.c,v 1.156 2004/01/25 03:49:09 djm Exp $");
17 17
18#include <openssl/bn.h> 18#include <openssl/bn.h>
19 19
@@ -33,16 +33,12 @@ RCSID("$OpenBSD: sshconnect.c,v 1.148 2003/09/18 07:52:54 markus Exp $");
33#include "misc.h" 33#include "misc.h"
34#include "readpass.h" 34#include "readpass.h"
35 35
36#ifdef DNS
37#include "dns.h" 36#include "dns.h"
38#endif
39 37
40char *client_version_string = NULL; 38char *client_version_string = NULL;
41char *server_version_string = NULL; 39char *server_version_string = NULL;
42 40
43#ifdef DNS 41int matching_host_key_dns = 0;
44int verified_host_key_dns = 0;
45#endif
46 42
47/* import */ 43/* import */
48extern Options options; 44extern Options options;
@@ -63,6 +59,7 @@ static void banner_alarm_catch (int signum)
63} 59}
64 60
65static int show_other_keys(const char *, Key *); 61static int show_other_keys(const char *, Key *);
62static void warn_changed_key(Key *);
66 63
67/* 64/*
68 * Connect to the given ssh server using a proxy command. 65 * Connect to the given ssh server using a proxy command.
@@ -84,7 +81,7 @@ ssh_proxy_connect(const char *host, u_short port, const char *proxy_command)
84 * Build the final command string in the buffer by making the 81 * Build the final command string in the buffer by making the
85 * appropriate substitutions to the given proxy command. 82 * appropriate substitutions to the given proxy command.
86 * 83 *
87 * Use "exec" to avoid "sh -c" processes on some platforms 84 * Use "exec" to avoid "sh -c" processes on some platforms
88 * (e.g. Solaris) 85 * (e.g. Solaris)
89 */ 86 */
90 buffer_init(&command); 87 buffer_init(&command);
@@ -241,12 +238,12 @@ timeout_connect(int sockfd, const struct sockaddr *serv_addr,
241 if (timeout <= 0) 238 if (timeout <= 0)
242 return (connect(sockfd, serv_addr, addrlen)); 239 return (connect(sockfd, serv_addr, addrlen));
243 240
244 if (fcntl(sockfd, F_SETFL, O_NONBLOCK) < 0) 241 set_nonblock(sockfd);
245 return (-1);
246
247 rc = connect(sockfd, serv_addr, addrlen); 242 rc = connect(sockfd, serv_addr, addrlen);
248 if (rc == 0) 243 if (rc == 0) {
244 unset_nonblock(sockfd);
249 return (0); 245 return (0);
246 }
250 if (errno != EINPROGRESS) 247 if (errno != EINPROGRESS)
251 return (-1); 248 return (-1);
252 249
@@ -271,15 +268,15 @@ timeout_connect(int sockfd, const struct sockaddr *serv_addr,
271 break; 268 break;
272 case -1: 269 case -1:
273 /* Select error */ 270 /* Select error */
274 debug("select: %s", strerror(errno)); 271 debug("select: %s", strerror(errno));
275 break; 272 break;
276 case 1: 273 case 1:
277 /* Completed or failed */ 274 /* Completed or failed */
278 optval = 0; 275 optval = 0;
279 optlen = sizeof(optval); 276 optlen = sizeof(optval);
280 if (getsockopt(sockfd, SOL_SOCKET, SO_ERROR, &optval, 277 if (getsockopt(sockfd, SOL_SOCKET, SO_ERROR, &optval,
281 &optlen) == -1) { 278 &optlen) == -1) {
282 debug("getsockopt: %s", strerror(errno)); 279 debug("getsockopt: %s", strerror(errno));
283 break; 280 break;
284 } 281 }
285 if (optval != 0) { 282 if (optval != 0) {
@@ -287,6 +284,7 @@ timeout_connect(int sockfd, const struct sockaddr *serv_addr,
287 break; 284 break;
288 } 285 }
289 result = 0; 286 result = 0;
287 unset_nonblock(sockfd);
290 break; 288 break;
291 default: 289 default:
292 /* Should not occur */ 290 /* Should not occur */
@@ -425,8 +423,8 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
425 423
426 debug("Connection established."); 424 debug("Connection established.");
427 425
428 /* Set keepalives if requested. */ 426 /* Set SO_KEEPALIVE if requested. */
429 if (options.keepalives && 427 if (options.tcp_keep_alive &&
430 setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE, (void *)&on, 428 setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE, (void *)&on,
431 sizeof(on)) < 0) 429 sizeof(on)) < 0)
432 error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno)); 430 error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno));
@@ -598,7 +596,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
598 int readonly, const char *user_hostfile, const char *system_hostfile) 596 int readonly, const char *user_hostfile, const char *system_hostfile)
599{ 597{
600 Key *file_key; 598 Key *file_key;
601 char *type = key_type(host_key); 599 const char *type = key_type(host_key);
602 char *ip = NULL; 600 char *ip = NULL;
603 char hostline[1000], *hostp, *fp; 601 char hostline[1000], *hostp, *fp;
604 HostStatus host_status; 602 HostStatus host_status;
@@ -762,9 +760,8 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
762 /* The default */ 760 /* The default */
763 fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX); 761 fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
764 msg2[0] = '\0'; 762 msg2[0] = '\0';
765#ifdef DNS
766 if (options.verify_host_key_dns) { 763 if (options.verify_host_key_dns) {
767 if (verified_host_key_dns) 764 if (matching_host_key_dns)
768 snprintf(msg2, sizeof(msg2), 765 snprintf(msg2, sizeof(msg2),
769 "Matching host key fingerprint" 766 "Matching host key fingerprint"
770 " found in DNS.\n"); 767 " found in DNS.\n");
@@ -773,7 +770,6 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
773 "No matching host key fingerprint" 770 "No matching host key fingerprint"
774 " found in DNS.\n"); 771 " found in DNS.\n");
775 } 772 }
776#endif
777 snprintf(msg, sizeof(msg), 773 snprintf(msg, sizeof(msg),
778 "The authenticity of host '%.200s (%s)' can't be " 774 "The authenticity of host '%.200s (%s)' can't be "
779 "established%s\n" 775 "established%s\n"
@@ -823,20 +819,10 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
823 error("Offending key for IP in %s:%d", ip_file, ip_line); 819 error("Offending key for IP in %s:%d", ip_file, ip_line);
824 } 820 }
825 /* The host key has changed. */ 821 /* The host key has changed. */
826 fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX); 822 warn_changed_key(host_key);
827 error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
828 error("@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @");
829 error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
830 error("IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!");
831 error("Someone could be eavesdropping on you right now (man-in-the-middle attack)!");
832 error("It is also possible that the %s host key has just been changed.", type);
833 error("The fingerprint for the %s key sent by the remote host is\n%s.",
834 type, fp);
835 error("Please contact your system administrator.");
836 error("Add correct host key in %.100s to get rid of this message.", 823 error("Add correct host key in %.100s to get rid of this message.",
837 user_hostfile); 824 user_hostfile);
838 error("Offending key in %s:%d", host_file, host_line); 825 error("Offending key in %s:%d", host_file, host_line);
839 xfree(fp);
840 826
841 /* 827 /*
842 * If strict host key checking is in use, the user will have 828 * If strict host key checking is in use, the user will have
@@ -939,27 +925,27 @@ int
939verify_host_key(char *host, struct sockaddr *hostaddr, Key *host_key) 925verify_host_key(char *host, struct sockaddr *hostaddr, Key *host_key)
940{ 926{
941 struct stat st; 927 struct stat st;
928 int flags = 0;
942 929
943#ifdef DNS 930 if (options.verify_host_key_dns &&
944 if (options.verify_host_key_dns) { 931 verify_host_key_dns(host, hostaddr, host_key, &flags) == 0) {
945 switch(verify_host_key_dns(host, hostaddr, host_key)) { 932
946 case DNS_VERIFY_OK: 933 if (flags & DNS_VERIFY_FOUND) {
947#ifdef DNSSEC 934
948 return 0; 935 if (options.verify_host_key_dns == 1 &&
949#else 936 flags & DNS_VERIFY_MATCH &&
950 verified_host_key_dns = 1; 937 flags & DNS_VERIFY_SECURE)
951 break; 938 return 0;
952#endif 939
953 case DNS_VERIFY_FAILED: 940 if (flags & DNS_VERIFY_MATCH) {
954 return -1; 941 matching_host_key_dns = 1;
955 case DNS_VERIFY_ERROR: 942 } else {
956 break; 943 warn_changed_key(host_key);
957 default: 944 error("Update the SSHFP RR in DNS with the new "
958 debug3("bad return value from verify_host_key_dns"); 945 "host key to get rid of this message.");
959 break; 946 }
960 } 947 }
961 } 948 }
962#endif /* DNS */
963 949
964 /* return ok if the key can be found in an old keyfile */ 950 /* return ok if the key can be found in an old keyfile */
965 if (stat(options.system_hostfile2, &st) == 0 || 951 if (stat(options.system_hostfile2, &st) == 0 ||
@@ -1085,3 +1071,24 @@ show_other_keys(const char *host, Key *key)
1085 } 1071 }
1086 return (found); 1072 return (found);
1087} 1073}
1074
1075static void
1076warn_changed_key(Key *host_key)
1077{
1078 char *fp;
1079 const char *type = key_type(host_key);
1080
1081 fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
1082
1083 error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
1084 error("@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @");
1085 error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
1086 error("IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!");
1087 error("Someone could be eavesdropping on you right now (man-in-the-middle attack)!");
1088 error("It is also possible that the %s host key has just been changed.", type);
1089 error("The fingerprint for the %s key sent by the remote host is\n%s.",
1090 type, fp);
1091 error("Please contact your system administrator.");
1092
1093 xfree(fp);
1094}
diff --git a/sshconnect2.c b/sshconnect2.c
index 933c223ec..3a218113c 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: sshconnect2.c,v 1.124 2003/08/25 10:33:33 djm Exp $"); 26RCSID("$OpenBSD: sshconnect2.c,v 1.134 2004/01/19 21:25:15 markus Exp $");
27 27
28#include "openbsd-compat/sys-queue.h" 28#include "openbsd-compat/sys-queue.h"
29 29
@@ -222,7 +222,7 @@ static char *authmethods_get(void);
222 222
223Authmethod authmethods[] = { 223Authmethod authmethods[] = {
224#ifdef GSSAPI 224#ifdef GSSAPI
225 {"gssapi", 225 {"gssapi-with-mic",
226 userauth_gssapi, 226 userauth_gssapi,
227 &options.gss_authentication, 227 &options.gss_authentication,
228 NULL}, 228 NULL},
@@ -358,10 +358,12 @@ void
358input_userauth_banner(int type, u_int32_t seq, void *ctxt) 358input_userauth_banner(int type, u_int32_t seq, void *ctxt)
359{ 359{
360 char *msg, *lang; 360 char *msg, *lang;
361
361 debug3("input_userauth_banner"); 362 debug3("input_userauth_banner");
362 msg = packet_get_string(NULL); 363 msg = packet_get_string(NULL);
363 lang = packet_get_string(NULL); 364 lang = packet_get_string(NULL);
364 logit("%s", msg); 365 if (options.log_level > SYSLOG_LEVEL_QUIET)
366 fprintf(stderr, "%s", msg);
365 xfree(msg); 367 xfree(msg);
366 xfree(lang); 368 xfree(lang);
367} 369}
@@ -372,10 +374,14 @@ input_userauth_success(int type, u_int32_t seq, void *ctxt)
372 Authctxt *authctxt = ctxt; 374 Authctxt *authctxt = ctxt;
373 if (authctxt == NULL) 375 if (authctxt == NULL)
374 fatal("input_userauth_success: no authentication context"); 376 fatal("input_userauth_success: no authentication context");
375 if (authctxt->authlist) 377 if (authctxt->authlist) {
376 xfree(authctxt->authlist); 378 xfree(authctxt->authlist);
377 if (authctxt->methoddata) 379 authctxt->authlist = NULL;
380 }
381 if (authctxt->methoddata) {
378 xfree(authctxt->methoddata); 382 xfree(authctxt->methoddata);
383 authctxt->methoddata = NULL;
384 }
379 authctxt->success = 1; /* break out */ 385 authctxt->success = 1; /* break out */
380} 386}
381 387
@@ -447,7 +453,12 @@ input_userauth_pk_ok(int type, u_int32_t seq, void *ctxt)
447 debug2("input_userauth_pk_ok: fp %s", fp); 453 debug2("input_userauth_pk_ok: fp %s", fp);
448 xfree(fp); 454 xfree(fp);
449 455
450 TAILQ_FOREACH(id, &authctxt->keys, next) { 456 /*
457 * search keys in the reverse order, because last candidate has been
458 * moved to the end of the queue. this also avoids confusion by
459 * duplicate keys
460 */
461 TAILQ_FOREACH_REVERSE(id, &authctxt->keys, next, idlist) {
451 if (key_equal(key, id->key)) { 462 if (key_equal(key, id->key)) {
452 sent = sign_and_send_pubkey(authctxt, id); 463 sent = sign_and_send_pubkey(authctxt, id);
453 break; 464 break;
@@ -465,11 +476,11 @@ done:
465} 476}
466 477
467#ifdef GSSAPI 478#ifdef GSSAPI
468int 479int
469userauth_gssapi(Authctxt *authctxt) 480userauth_gssapi(Authctxt *authctxt)
470{ 481{
471 Gssctxt *gssctxt = NULL; 482 Gssctxt *gssctxt = NULL;
472 static gss_OID_set supported = NULL; 483 static gss_OID_set gss_supported = NULL;
473 static int mech = 0; 484 static int mech = 0;
474 OM_uint32 min; 485 OM_uint32 min;
475 int ok = 0; 486 int ok = 0;
@@ -477,18 +488,18 @@ userauth_gssapi(Authctxt *authctxt)
477 /* Try one GSSAPI method at a time, rather than sending them all at 488 /* Try one GSSAPI method at a time, rather than sending them all at
478 * once. */ 489 * once. */
479 490
480 if (supported == NULL) 491 if (gss_supported == NULL)
481 gss_indicate_mechs(&min, &supported); 492 gss_indicate_mechs(&min, &gss_supported);
482 493
483 /* Check to see if the mechanism is usable before we offer it */ 494 /* Check to see if the mechanism is usable before we offer it */
484 while (mech<supported->count && !ok) { 495 while (mech < gss_supported->count && !ok) {
485 if (gssctxt) 496 if (gssctxt)
486 ssh_gssapi_delete_ctx(&gssctxt); 497 ssh_gssapi_delete_ctx(&gssctxt);
487 ssh_gssapi_build_ctx(&gssctxt); 498 ssh_gssapi_build_ctx(&gssctxt);
488 ssh_gssapi_set_oid(gssctxt, &supported->elements[mech]); 499 ssh_gssapi_set_oid(gssctxt, &gss_supported->elements[mech]);
489 500
490 /* My DER encoding requires length<128 */ 501 /* My DER encoding requires length<128 */
491 if (supported->elements[mech].length < 128 && 502 if (gss_supported->elements[mech].length < 128 &&
492 !GSS_ERROR(ssh_gssapi_import_name(gssctxt, 503 !GSS_ERROR(ssh_gssapi_import_name(gssctxt,
493 authctxt->host))) { 504 authctxt->host))) {
494 ok = 1; /* Mechanism works */ 505 ok = 1; /* Mechanism works */
@@ -508,17 +519,11 @@ userauth_gssapi(Authctxt *authctxt)
508 519
509 packet_put_int(1); 520 packet_put_int(1);
510 521
511 /* Some servers encode the OID incorrectly (as we used to) */ 522 packet_put_int((gss_supported->elements[mech].length) + 2);
512 if (datafellows & SSH_BUG_GSSAPI_BER) { 523 packet_put_char(SSH_GSS_OIDTYPE);
513 packet_put_string(supported->elements[mech].elements, 524 packet_put_char(gss_supported->elements[mech].length);
514 supported->elements[mech].length); 525 packet_put_raw(gss_supported->elements[mech].elements,
515 } else { 526 gss_supported->elements[mech].length);
516 packet_put_int((supported->elements[mech].length)+2);
517 packet_put_char(SSH_GSS_OIDTYPE);
518 packet_put_char(supported->elements[mech].length);
519 packet_put_raw(supported->elements[mech].elements,
520 supported->elements[mech].length);
521 }
522 527
523 packet_send(); 528 packet_send();
524 529
@@ -532,15 +537,66 @@ userauth_gssapi(Authctxt *authctxt)
532 return 1; 537 return 1;
533} 538}
534 539
540static OM_uint32
541process_gssapi_token(void *ctxt, gss_buffer_t recv_tok)
542{
543 Authctxt *authctxt = ctxt;
544 Gssctxt *gssctxt = authctxt->methoddata;
545 gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
546 gss_buffer_desc gssbuf, mic;
547 OM_uint32 status, ms, flags;
548 Buffer b;
549
550 status = ssh_gssapi_init_ctx(gssctxt, options.gss_deleg_creds,
551 recv_tok, &send_tok, &flags);
552
553 if (send_tok.length > 0) {
554 if (GSS_ERROR(status))
555 packet_start(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK);
556 else
557 packet_start(SSH2_MSG_USERAUTH_GSSAPI_TOKEN);
558
559 packet_put_string(send_tok.value, send_tok.length);
560 packet_send();
561 gss_release_buffer(&ms, &send_tok);
562 }
563
564 if (status == GSS_S_COMPLETE) {
565 /* send either complete or MIC, depending on mechanism */
566 if (!(flags & GSS_C_INTEG_FLAG)) {
567 packet_start(SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE);
568 packet_send();
569 } else {
570 ssh_gssapi_buildmic(&b, authctxt->server_user,
571 authctxt->service, "gssapi-with-mic");
572
573 gssbuf.value = buffer_ptr(&b);
574 gssbuf.length = buffer_len(&b);
575
576 status = ssh_gssapi_sign(gssctxt, &gssbuf, &mic);
577
578 if (!GSS_ERROR(status)) {
579 packet_start(SSH2_MSG_USERAUTH_GSSAPI_MIC);
580 packet_put_string(mic.value, mic.length);
581
582 packet_send();
583 }
584
585 buffer_free(&b);
586 gss_release_buffer(&ms, &mic);
587 }
588 }
589
590 return status;
591}
592
535void 593void
536input_gssapi_response(int type, u_int32_t plen, void *ctxt) 594input_gssapi_response(int type, u_int32_t plen, void *ctxt)
537{ 595{
538 Authctxt *authctxt = ctxt; 596 Authctxt *authctxt = ctxt;
539 Gssctxt *gssctxt; 597 Gssctxt *gssctxt;
540 OM_uint32 status, ms;
541 int oidlen; 598 int oidlen;
542 char *oidv; 599 char *oidv;
543 gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
544 600
545 if (authctxt == NULL) 601 if (authctxt == NULL)
546 fatal("input_gssapi_response: no authentication context"); 602 fatal("input_gssapi_response: no authentication context");
@@ -549,94 +605,55 @@ input_gssapi_response(int type, u_int32_t plen, void *ctxt)
549 /* Setup our OID */ 605 /* Setup our OID */
550 oidv = packet_get_string(&oidlen); 606 oidv = packet_get_string(&oidlen);
551 607
552 if (datafellows & SSH_BUG_GSSAPI_BER) { 608 if (oidlen <= 2 ||
553 if (!ssh_gssapi_check_oid(gssctxt, oidv, oidlen)) 609 oidv[0] != SSH_GSS_OIDTYPE ||
554 fatal("Server returned different OID than expected"); 610 oidv[1] != oidlen - 2) {
555 } else { 611 xfree(oidv);
556 if(oidv[0] != SSH_GSS_OIDTYPE || oidv[1] != oidlen-2) { 612 debug("Badly encoded mechanism OID received");
557 debug("Badly encoded mechanism OID received"); 613 userauth(authctxt, NULL);
558 userauth(authctxt, NULL); 614 return;
559 xfree(oidv);
560 return;
561 }
562 if (!ssh_gssapi_check_oid(gssctxt, oidv+2, oidlen-2))
563 fatal("Server returned different OID than expected");
564 } 615 }
565 616
617 if (!ssh_gssapi_check_oid(gssctxt, oidv + 2, oidlen - 2))
618 fatal("Server returned different OID than expected");
619
566 packet_check_eom(); 620 packet_check_eom();
567 621
568 xfree(oidv); 622 xfree(oidv);
569 623
570 status = ssh_gssapi_init_ctx(gssctxt, options.gss_deleg_creds, 624 if (GSS_ERROR(process_gssapi_token(ctxt, GSS_C_NO_BUFFER))) {
571 GSS_C_NO_BUFFER, &send_tok, NULL);
572 if (GSS_ERROR(status)) {
573 if (send_tok.length > 0) {
574 packet_start(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK);
575 packet_put_string(send_tok.value, send_tok.length);
576 packet_send();
577 gss_release_buffer(&ms, &send_tok);
578 }
579 /* Start again with next method on list */ 625 /* Start again with next method on list */
580 debug("Trying to start again"); 626 debug("Trying to start again");
581 userauth(authctxt, NULL); 627 userauth(authctxt, NULL);
582 return; 628 return;
583 } 629 }
584
585 /* We must have data to send */
586 packet_start(SSH2_MSG_USERAUTH_GSSAPI_TOKEN);
587 packet_put_string(send_tok.value, send_tok.length);
588 packet_send();
589 gss_release_buffer(&ms, &send_tok);
590} 630}
591 631
592void 632void
593input_gssapi_token(int type, u_int32_t plen, void *ctxt) 633input_gssapi_token(int type, u_int32_t plen, void *ctxt)
594{ 634{
595 Authctxt *authctxt = ctxt; 635 Authctxt *authctxt = ctxt;
596 Gssctxt *gssctxt;
597 gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
598 gss_buffer_desc recv_tok; 636 gss_buffer_desc recv_tok;
599 OM_uint32 status, ms; 637 OM_uint32 status;
600 u_int slen; 638 u_int slen;
601 639
602 if (authctxt == NULL) 640 if (authctxt == NULL)
603 fatal("input_gssapi_response: no authentication context"); 641 fatal("input_gssapi_response: no authentication context");
604 gssctxt = authctxt->methoddata;
605 642
606 recv_tok.value = packet_get_string(&slen); 643 recv_tok.value = packet_get_string(&slen);
607 recv_tok.length = slen; /* safe typecast */ 644 recv_tok.length = slen; /* safe typecast */
608 645
609 packet_check_eom(); 646 packet_check_eom();
610 647
611 status=ssh_gssapi_init_ctx(gssctxt, options.gss_deleg_creds, 648 status = process_gssapi_token(ctxt, &recv_tok);
612 &recv_tok, &send_tok, NULL);
613 649
614 xfree(recv_tok.value); 650 xfree(recv_tok.value);
615 651
616 if (GSS_ERROR(status)) { 652 if (GSS_ERROR(status)) {
617 if (send_tok.length > 0) {
618 packet_start(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK);
619 packet_put_string(send_tok.value, send_tok.length);
620 packet_send();
621 gss_release_buffer(&ms, &send_tok);
622 }
623 /* Start again with the next method in the list */ 653 /* Start again with the next method in the list */
624 userauth(authctxt, NULL); 654 userauth(authctxt, NULL);
625 return; 655 return;
626 } 656 }
627
628 if (send_tok.length > 0) {
629 packet_start(SSH2_MSG_USERAUTH_GSSAPI_TOKEN);
630 packet_put_string(send_tok.value, send_tok.length);
631 packet_send();
632 gss_release_buffer(&ms, &send_tok);
633 }
634
635 if (status == GSS_S_COMPLETE) {
636 /* If that succeeded, send a exchange complete message */
637 packet_start(SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE);
638 packet_send();
639 }
640} 657}
641 658
642void 659void
@@ -1016,7 +1033,7 @@ pubkey_prepare(Authctxt *authctxt)
1016 key = ssh_get_next_identity(ac, &comment, 2)) { 1033 key = ssh_get_next_identity(ac, &comment, 2)) {
1017 found = 0; 1034 found = 0;
1018 TAILQ_FOREACH(id, &files, next) { 1035 TAILQ_FOREACH(id, &files, next) {
1019 /* agent keys from the config file are preferred */ 1036 /* agent keys from the config file are preferred */
1020 if (key_equal(key, id->key)) { 1037 if (key_equal(key, id->key)) {
1021 key_free(key); 1038 key_free(key);
1022 xfree(comment); 1039 xfree(comment);
@@ -1080,6 +1097,7 @@ userauth_pubkey(Authctxt *authctxt)
1080 while ((id = TAILQ_FIRST(&authctxt->keys))) { 1097 while ((id = TAILQ_FIRST(&authctxt->keys))) {
1081 if (id->tried++) 1098 if (id->tried++)
1082 return (0); 1099 return (0);
1100 /* move key to the end of the queue */
1083 TAILQ_REMOVE(&authctxt->keys, id, next); 1101 TAILQ_REMOVE(&authctxt->keys, id, next);
1084 TAILQ_INSERT_TAIL(&authctxt->keys, id, next); 1102 TAILQ_INSERT_TAIL(&authctxt->keys, id, next);
1085 /* 1103 /*
@@ -1244,11 +1262,12 @@ ssh_keysign(Key *key, u_char **sigp, u_int *lenp,
1244 buffer_init(&b); 1262 buffer_init(&b);
1245 buffer_put_int(&b, packet_get_connection_in()); /* send # of socket */ 1263 buffer_put_int(&b, packet_get_connection_in()); /* send # of socket */
1246 buffer_put_string(&b, data, datalen); 1264 buffer_put_string(&b, data, datalen);
1247 ssh_msg_send(to[1], version, &b); 1265 if (ssh_msg_send(to[1], version, &b) == -1)
1266 fatal("ssh_keysign: couldn't send request");
1248 1267
1249 if (ssh_msg_recv(from[0], &b) < 0) { 1268 if (ssh_msg_recv(from[0], &b) < 0) {
1250 error("ssh_keysign: no reply"); 1269 error("ssh_keysign: no reply");
1251 buffer_clear(&b); 1270 buffer_free(&b);
1252 return -1; 1271 return -1;
1253 } 1272 }
1254 close(from[0]); 1273 close(from[0]);
@@ -1260,11 +1279,11 @@ ssh_keysign(Key *key, u_char **sigp, u_int *lenp,
1260 1279
1261 if (buffer_get_char(&b) != version) { 1280 if (buffer_get_char(&b) != version) {
1262 error("ssh_keysign: bad version"); 1281 error("ssh_keysign: bad version");
1263 buffer_clear(&b); 1282 buffer_free(&b);
1264 return -1; 1283 return -1;
1265 } 1284 }
1266 *sigp = buffer_get_string(&b, lenp); 1285 *sigp = buffer_get_string(&b, lenp);
1267 buffer_clear(&b); 1286 buffer_free(&b);
1268 1287
1269 return 0; 1288 return 0;
1270} 1289}
diff --git a/sshd.0 b/sshd.0
index 937e35906..339d872b9 100644
--- a/sshd.0
+++ b/sshd.0
@@ -1,10 +1,10 @@
1SSHD(8) BSD System ManagerM-bM-^@M-^Ys Manual SSHD(8) 1SSHD(8) OpenBSD System Manager's Manual SSHD(8)
2 2
3NAME 3NAME
4 sshd - OpenSSH SSH daemon 4 sshd - OpenSSH SSH daemon
5 5
6SYNOPSIS 6SYNOPSIS
7 sshd [-deiqtD46] [-b bits] [-f config_file] [-g login_grace_time] 7 sshd [-46Ddeiqt] [-b bits] [-f config_file] [-g login_grace_time]
8 [-h host_key_file] [-k key_gen_time] [-o option] [-p port] [-u len] 8 [-h host_key_file] [-k key_gen_time] [-o option] [-p port] [-u len]
9 9
10DESCRIPTION 10DESCRIPTION
@@ -14,8 +14,8 @@ DESCRIPTION
14 intended to be as easy to install and use as possible. 14 intended to be as easy to install and use as possible.
15 15
16 sshd is the daemon that listens for connections from clients. It is nor- 16 sshd is the daemon that listens for connections from clients. It is nor-
17 mally started at boot from /etc/rc. It forks a new daemon for each 17 mally started at boot from /etc/rc. It forks a new daemon for each in-
18 incoming connection. The forked daemons handle key exchange, encryption, 18 coming connection. The forked daemons handle key exchange, encryption,
19 authentication, command execution, and data exchange. This implementa- 19 authentication, command execution, and data exchange. This implementa-
20 tion of sshd supports both SSH protocol version 1 and 2 simultaneously. 20 tion of sshd supports both SSH protocol version 1 and 2 simultaneously.
21 sshd works as follows: 21 sshd works as follows:
@@ -23,15 +23,15 @@ DESCRIPTION
23 SSH protocol version 1 23 SSH protocol version 1
24 Each host has a host-specific RSA key (normally 1024 bits) used to iden- 24 Each host has a host-specific RSA key (normally 1024 bits) used to iden-
25 tify the host. Additionally, when the daemon starts, it generates a 25 tify the host. Additionally, when the daemon starts, it generates a
26 server RSA key (normally 768 bits). This key is normally regenerated 26 server RSA key (normally 768 bits). This key is normally regenerated ev-
27 every hour if it has been used, and is never stored on disk. 27 ery hour if it has been used, and is never stored on disk.
28 28
29 Whenever a client connects, the daemon responds with its public host and 29 Whenever a client connects, the daemon responds with its public host and
30 server keys. The client compares the RSA host key against its own 30 server keys. The client compares the RSA host key against its own
31 database to verify that it has not changed. The client then generates a 31 database to verify that it has not changed. The client then generates a
32 256 bit random number. It encrypts this random number using both the 32 256-bit random number. It encrypts this random number using both the
33 host key and the server key, and sends the encrypted number to the 33 host key and the server key, and sends the encrypted number to the serv-
34 server. Both sides then use this random number as a session key which is 34 er. Both sides then use this random number as a session key which is
35 used to encrypt all further communications in the session. The rest of 35 used to encrypt all further communications in the session. The rest of
36 the session is encrypted using a conventional cipher, currently Blowfish 36 the session is encrypted using a conventional cipher, currently Blowfish
37 or 3DES, with 3DES being used by default. The client selects the encryp- 37 or 3DES, with 3DES being used by default. The client selects the encryp-
@@ -39,21 +39,21 @@ DESCRIPTION
39 39
40 Next, the server and the client enter an authentication dialog. The 40 Next, the server and the client enter an authentication dialog. The
41 client tries to authenticate itself using .rhosts authentication, .rhosts 41 client tries to authenticate itself using .rhosts authentication, .rhosts
42 authentication combined with RSA host authentication, RSA challenge- 42 authentication combined with RSA host authentication, RSA challenge-re-
43 response authentication, or password based authentication. 43 sponse authentication, or password based authentication.
44 44
45 Regardless of the authentication type, the account is checked to ensure 45 Regardless of the authentication type, the account is checked to ensure
46 that it is accessible. An account is not accessible if it is locked, 46 that it is accessible. An account is not accessible if it is locked,
47 listed in DenyUsers or its group is listed in DenyGroups . The defini- 47 listed in DenyUsers or its group is listed in DenyGroups . The defini-
48 tion of a locked account is system dependant. Some platforms have their 48 tion of a locked account is system dependant. Some platforms have their
49 own account database (eg AIX) and some modify the passwd field ( M-bM-^@M-^X*LK*M-bM-^@M-^Y 49 own account database (eg AIX) and some modify the passwd field ( `*LK*'
50 on Solaris, M-bM-^@M-^X*M-bM-^@M-^Y on HP-UX, containing M-bM-^@M-^XNologinM-bM-^@M-^Y on Tru64 and a leading 50 on Solaris, `*' on HP-UX, containing `Nologin' on Tru64 and a leading
51 M-bM-^@M-^X!!M-bM-^@M-^Y on Linux). If there is a requirement to disable password authenti- 51 `!!' on Linux). If there is a requirement to disable password authenti-
52 cation for the account while allowing still public-key, then the passwd 52 cation for the account while allowing still public-key, then the passwd
53 field should be set to something other than these values (eg M-bM-^@M-^XNPM-bM-^@M-^Y or 53 field should be set to something other than these values (eg `NP' or
54 M-bM-^@M-^X*NP*M-bM-^@M-^Y ). 54 `*NP*' ).
55 55
56 Rhosts authentication is normally disabled because it is fundamentally 56 rhosts authentication is normally disabled because it is fundamentally
57 insecure, but can be enabled in the server configuration file if desired. 57 insecure, but can be enabled in the server configuration file if desired.
58 System security is not improved unless rshd, rlogind, and rexecd are dis- 58 System security is not improved unless rshd, rlogind, and rexecd are dis-
59 abled (thus completely disabling rlogin and rsh into the machine). 59 abled (thus completely disabling rlogin and rsh into the machine).
@@ -66,11 +66,10 @@ DESCRIPTION
66 key. 66 key.
67 67
68 The rest of the session is encrypted using a symmetric cipher, currently 68 The rest of the session is encrypted using a symmetric cipher, currently
69 128 bit AES, Blowfish, 3DES, CAST128, Arcfour, 192 bit AES, or 256 bit 69 128-bit AES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit
70 AES. The client selects the encryption algorithm to use from those 70 AES. The client selects the encryption algorithm to use from those of-
71 offered by the server. Additionally, session integrity is provided 71 fered by the server. Additionally, session integrity is provided through
72 through a cryptographic message authentication code (hmac-sha1 or hmac- 72 a cryptographic message authentication code (hmac-sha1 or hmac-md5).
73 md5).
74 73
75 Protocol version 2 provides a public key based user (PubkeyAuthentica- 74 Protocol version 2 provides a public key based user (PubkeyAuthentica-
76 tion) or client host (HostbasedAuthentication) authentication method, 75 tion) or client host (HostbasedAuthentication) authentication method,
@@ -93,9 +92,9 @@ DESCRIPTION
93 tions have been closed, the server sends command exit status to the 92 tions have been closed, the server sends command exit status to the
94 client, and both sides exit. 93 client, and both sides exit.
95 94
96 sshd can be configured using command-line options or a configuration 95 sshd can be configured using command-line options or a configuration file
97 file. Command-line options override values specified in the configura- 96 (by default sshd_config(5)). Command-line options override values speci-
98 tion file. 97 fied in the configuration file.
99 98
100 sshd rereads its configuration file when it receives a hangup signal, 99 sshd rereads its configuration file when it receives a hangup signal,
101 SIGHUP, by executing itself with the name it was started as, i.e., 100 SIGHUP, by executing itself with the name it was started as, i.e.,
@@ -103,15 +102,22 @@ DESCRIPTION
103 102
104 The options are as follows: 103 The options are as follows:
105 104
105 -4 Forces sshd to use IPv4 addresses only.
106
107 -6 Forces sshd to use IPv6 addresses only.
108
106 -b bits 109 -b bits
107 Specifies the number of bits in the ephemeral protocol version 1 110 Specifies the number of bits in the ephemeral protocol version 1
108 server key (default 768). 111 server key (default 768).
109 112
113 -D When this option is specified, sshd will not detach and does not
114 become a daemon. This allows easy monitoring of sshd.
115
110 -d Debug mode. The server sends verbose debug output to the system 116 -d Debug mode. The server sends verbose debug output to the system
111 log, and does not put itself in the background. The server also 117 log, and does not put itself in the background. The server also
112 will not fork and will only process one connection. This option 118 will not fork and will only process one connection. This option
113 is only intended for debugging for the server. Multiple -d 119 is only intended for debugging for the server. Multiple -d op-
114 options increase the debugging level. Maximum is 3. 120 tions increase the debugging level. Maximum is 3.
115 121
116 -e When this option is specified, sshd will send the output to the 122 -e When this option is specified, sshd will send the output to the
117 standard error instead of the system log. 123 standard error instead of the system log.
@@ -122,10 +128,10 @@ DESCRIPTION
122 figuration file. 128 figuration file.
123 129
124 -g login_grace_time 130 -g login_grace_time
125 Gives the grace time for clients to authenticate themselves 131 Gives the grace time for clients to authenticate themselves (de-
126 (default 120 seconds). If the client fails to authenticate the 132 fault 120 seconds). If the client fails to authenticate the user
127 user within this many seconds, the server disconnects and exits. 133 within this many seconds, the server disconnects and exits. A
128 A value of zero indicates no limit. 134 value of zero indicates no limit.
129 135
130 -h host_key_file 136 -h host_key_file
131 Specifies a file from which a host key is read. This option must 137 Specifies a file from which a host key is read. This option must
@@ -139,23 +145,24 @@ DESCRIPTION
139 -i Specifies that sshd is being run from inetd(8). sshd is normally 145 -i Specifies that sshd is being run from inetd(8). sshd is normally
140 not run from inetd because it needs to generate the server key 146 not run from inetd because it needs to generate the server key
141 before it can respond to the client, and this may take tens of 147 before it can respond to the client, and this may take tens of
142 seconds. Clients would have to wait too long if the key was 148 seconds. Clients would have to wait too long if the key was re-
143 regenerated every time. However, with small key sizes (e.g., 149 generated every time. However, with small key sizes (e.g., 512)
144 512) using sshd from inetd may be feasible. 150 using sshd from inetd may be feasible.
145 151
146 -k key_gen_time 152 -k key_gen_time
147 Specifies how often the ephemeral protocol version 1 server key 153 Specifies how often the ephemeral protocol version 1 server key
148 is regenerated (default 3600 seconds, or one hour). The motiva- 154 is regenerated (default 3600 seconds, or one hour). The motiva-
149 tion for regenerating the key fairly often is that the key is not 155 tion for regenerating the key fairly often is that the key is not
150 stored anywhere, and after about an hour, it becomes impossible 156 stored anywhere, and after about an hour it becomes impossible to
151 to recover the key for decrypting intercepted communications even 157 recover the key for decrypting intercepted communications even if
152 if the machine is cracked into or physically seized. A value of 158 the machine is cracked into or physically seized. A value of ze-
153 zero indicates that the key will never be regenerated. 159 ro indicates that the key will never be regenerated.
154 160
155 -o option 161 -o option
156 Can be used to give options in the format used in the configura- 162 Can be used to give options in the format used in the configura-
157 tion file. This is useful for specifying options for which there 163 tion file. This is useful for specifying options for which there
158 is no separate command-line flag. 164 is no separate command-line flag. For full details of the op-
165 tions, and their values, see sshd_config(5).
159 166
160 -p port 167 -p port
161 Specifies the port on which the server listens for connections 168 Specifies the port on which the server listens for connections
@@ -163,8 +170,8 @@ DESCRIPTION
163 fied in the configuration file are ignored when a command-line 170 fied in the configuration file are ignored when a command-line
164 port is specified. 171 port is specified.
165 172
166 -q Quiet mode. Nothing is sent to the system log. Normally the 173 -q Quiet mode. Nothing is sent to the system log. Normally the be-
167 beginning, authentication, and termination of each connection is 174 ginning, authentication, and termination of each connection is
168 logged. 175 logged.
169 176
170 -t Test mode. Only check the validity of the configuration file and 177 -t Test mode. Only check the validity of the configuration file and
@@ -179,19 +186,12 @@ DESCRIPTION
179 indicates that only dotted decimal addresses should be put into 186 indicates that only dotted decimal addresses should be put into
180 the utmp file. -u0 may also be used to prevent sshd from making 187 the utmp file. -u0 may also be used to prevent sshd from making
181 DNS requests unless the authentication mechanism or configuration 188 DNS requests unless the authentication mechanism or configuration
182 requires it. Authentication mechanisms that may require DNS 189 requires it. Authentication mechanisms that may require DNS in-
183 include RhostsRSAAuthentication, HostbasedAuthentication and 190 clude RhostsRSAAuthentication, HostbasedAuthentication and using
184 using a from="pattern-list" option in a key file. Configuration 191 a from="pattern-list" option in a key file. Configuration op-
185 options that require DNS include using a USER@HOST pattern in 192 tions that require DNS include using a USER@HOST pattern in
186 AllowUsers or DenyUsers. 193 AllowUsers or DenyUsers.
187 194
188 -D When this option is specified sshd will not detach and does not
189 become a daemon. This allows easy monitoring of sshd.
190
191 -4 Forces sshd to use IPv4 addresses only.
192
193 -6 Forces sshd to use IPv6 addresses only.
194
195CONFIGURATION FILE 195CONFIGURATION FILE
196 sshd reads configuration data from /etc/ssh/sshd_config (or the file 196 sshd reads configuration data from /etc/ssh/sshd_config (or the file
197 specified with -f on the command line). The file format and configura- 197 specified with -f on the command line). The file format and configura-
@@ -214,18 +214,18 @@ LOGIN PROCESS
214 214
215 5. Sets up basic environment. 215 5. Sets up basic environment.
216 216
217 6. Reads $HOME/.ssh/environment if it exists and users are 217 6. Reads the file $HOME/.ssh/environment, if it exists, and users
218 allowed to change their environment. See the 218 are allowed to change their environment. See the
219 PermitUserEnvironment option in sshd_config(5). 219 PermitUserEnvironment option in sshd_config(5).
220 220
221 7. Changes to userM-bM-^@M-^Ys home directory. 221 7. Changes to user's home directory.
222 222
223 8. If $HOME/.ssh/rc exists, runs it; else if /etc/ssh/sshrc 223 8. If $HOME/.ssh/rc exists, runs it; else if /etc/ssh/sshrc ex-
224 exists, runs it; otherwise runs xauth. The M-bM-^@M-^\rcM-bM-^@M-^] files are 224 ists, runs it; otherwise runs xauth. The ``rc'' files are
225 given the X11 authentication protocol and cookie in standard 225 given the X11 authentication protocol and cookie in standard
226 input. 226 input.
227 227
228 9. Runs userM-bM-^@M-^Ys shell or command. 228 9. Runs user's shell or command.
229 229
230AUTHORIZED_KEYS FILE FORMAT 230AUTHORIZED_KEYS FILE FORMAT
231 $HOME/.ssh/authorized_keys is the default file that lists the public keys 231 $HOME/.ssh/authorized_keys is the default file that lists the public keys
@@ -234,7 +234,7 @@ AUTHORIZED_KEYS FILE FORMAT
234 AuthorizedKeysFile may be used to specify an alternative file. 234 AuthorizedKeysFile may be used to specify an alternative file.
235 235
236 Each line of the file contains one key (empty lines and lines starting 236 Each line of the file contains one key (empty lines and lines starting
237 with a M-bM-^@M-^X#M-bM-^@M-^Y are ignored as comments). Each RSA public key consists of the 237 with a `#' are ignored as comments). Each RSA public key consists of the
238 following fields, separated by spaces: options, bits, exponent, modulus, 238 following fields, separated by spaces: options, bits, exponent, modulus,
239 comment. Each protocol version 2 public key consists of: options, key- 239 comment. Each protocol version 2 public key consists of: options, key-
240 type, base64 encoded key, comment. The options field is optional; its 240 type, base64 encoded key, comment. The options field is optional; its
@@ -242,11 +242,11 @@ AUTHORIZED_KEYS FILE FORMAT
242 (the options field never starts with a number). The bits, exponent, mod- 242 (the options field never starts with a number). The bits, exponent, mod-
243 ulus and comment fields give the RSA key for protocol version 1; the com- 243 ulus and comment fields give the RSA key for protocol version 1; the com-
244 ment field is not used for anything (but may be convenient for the user 244 ment field is not used for anything (but may be convenient for the user
245 to identify the key). For protocol version 2 the keytype is M-bM-^@M-^\ssh-dssM-bM-^@M-^] or 245 to identify the key). For protocol version 2 the keytype is ``ssh-dss''
246 M-bM-^@M-^\ssh-rsaM-bM-^@M-^]. 246 or ``ssh-rsa''.
247 247
248 Note that lines in this file are usually several hundred bytes long 248 Note that lines in this file are usually several hundred bytes long (be-
249 (because of the size of the public key encoding). You donM-bM-^@M-^Yt want to type 249 cause of the size of the public key encoding). You don't want to type
250 them in; instead, copy the identity.pub, id_dsa.pub or the id_rsa.pub 250 them in; instead, copy the identity.pub, id_dsa.pub or the id_rsa.pub
251 file and edit it. 251 file and edit it.
252 252
@@ -261,31 +261,31 @@ AUTHORIZED_KEYS FILE FORMAT
261 from="pattern-list" 261 from="pattern-list"
262 Specifies that in addition to public key authentication, the 262 Specifies that in addition to public key authentication, the
263 canonical name of the remote host must be present in the comma- 263 canonical name of the remote host must be present in the comma-
264 separated list of patterns (M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^X?M-bM-^@M-^Y serve as wildcards). The 264 separated list of patterns (`*' and `?' serve as wildcards). The
265 list may also contain patterns negated by prefixing them with 265 list may also contain patterns negated by prefixing them with
266 M-bM-^@M-^X!M-bM-^@M-^Y; if the canonical host name matches a negated pattern, the 266 `!'; if the canonical host name matches a negated pattern, the
267 key is not accepted. The purpose of this option is to optionally 267 key is not accepted. The purpose of this option is to optionally
268 increase security: public key authentication by itself does not 268 increase security: public key authentication by itself does not
269 trust the network or name servers or anything (but the key); how- 269 trust the network or name servers or anything (but the key); how-
270 ever, if somebody somehow steals the key, the key permits an 270 ever, if somebody somehow steals the key, the key permits an in-
271 intruder to log in from anywhere in the world. This additional 271 truder to log in from anywhere in the world. This additional op-
272 option makes using a stolen key more difficult (name servers 272 tion makes using a stolen key more difficult (name servers and/or
273 and/or routers would have to be compromised in addition to just 273 routers would have to be compromised in addition to just the
274 the key). 274 key).
275 275
276 command="command" 276 command="command"
277 Specifies that the command is executed whenever this key is used 277 Specifies that the command is executed whenever this key is used
278 for authentication. The command supplied by the user (if any) is 278 for authentication. The command supplied by the user (if any) is
279 ignored. The command is run on a pty if the client requests a 279 ignored. The command is run on a pty if the client requests a
280 pty; otherwise it is run without a tty. If an 8-bit clean chan- 280 pty; otherwise it is run without a tty. If an 8-bit clean chan-
281 nel is required, one must not request a pty or should specify 281 nel is required, one must not request a pty or should specify no-
282 no-pty. A quote may be included in the command by quoting it 282 pty. A quote may be included in the command by quoting it with a
283 with a backslash. This option might be useful to restrict cer- 283 backslash. This option might be useful to restrict certain pub-
284 tain public keys to perform just a specific operation. An exam- 284 lic keys to perform just a specific operation. An example might
285 ple might be a key that permits remote backups but nothing else. 285 be a key that permits remote backups but nothing else. Note that
286 Note that the client may specify TCP/IP and/or X11 forwarding 286 the client may specify TCP/IP and/or X11 forwarding unless they
287 unless they are explicitly prohibited. Note that this option 287 are explicitly prohibited. Note that this option applies to
288 applies to shell, command or subsystem execution. 288 shell, command or subsystem execution.
289 289
290 environment="NAME=value" 290 environment="NAME=value"
291 Specifies that the string is to be added to the environment when 291 Specifies that the string is to be added to the environment when
@@ -297,8 +297,8 @@ AUTHORIZED_KEYS FILE FORMAT
297 297
298 no-port-forwarding 298 no-port-forwarding
299 Forbids TCP/IP forwarding when this key is used for authentica- 299 Forbids TCP/IP forwarding when this key is used for authentica-
300 tion. Any port forward requests by the client will return an 300 tion. Any port forward requests by the client will return an er-
301 error. This might be used, e.g., in connection with the command 301 ror. This might be used, e.g., in connection with the command
302 option. 302 option.
303 303
304 no-X11-forwarding 304 no-X11-forwarding
@@ -312,45 +312,45 @@ AUTHORIZED_KEYS FILE FORMAT
312 no-pty Prevents tty allocation (a request to allocate a pty will fail). 312 no-pty Prevents tty allocation (a request to allocate a pty will fail).
313 313
314 permitopen="host:port" 314 permitopen="host:port"
315 Limit local M-bM-^@M-^XM-bM-^@M-^Xssh -LM-bM-^@M-^YM-bM-^@M-^Y port forwarding such that it may only con- 315 Limit local ``ssh -L'' port forwarding such that it may only con-
316 nect to the specified host and port. IPv6 addresses can be spec- 316 nect to the specified host and port. IPv6 addresses can be spec-
317 ified with an alternative syntax: host/port. Multiple permitopen 317 ified with an alternative syntax: host/port. Multiple permitopen
318 options may be applied separated by commas. No pattern matching 318 options may be applied separated by commas. No pattern matching
319 is performed on the specified hostnames, they must be literal 319 is performed on the specified hostnames, they must be literal do-
320 domains or addresses. 320 mains or addresses.
321 321
322 Examples 322 Examples
323 1024 33 12121...312314325 ylo@foo.bar 323 1024 33 12121...312314325 ylo@foo.bar
324 324
325 from="*.niksula.hut.fi,!pc.niksula.hut.fi" 1024 35 23...2334 ylo@niksula 325 from="*.niksula.hut.fi,!pc.niksula.hut.fi" 1024 35 23...2334 ylo@niksula
326 326
327 command="dump /home",no-pty,no-port-forwarding 1024 33 23...2323 327 command="dump /home",no-pty,no-port-forwarding 1024 33 23...2323 back-
328 backup.hut.fi 328 up.hut.fi
329 329
330 permitopen="10.2.1.55:80",permitopen="10.2.1.56:25" 1024 33 23...2323 330 permitopen="10.2.1.55:80",permitopen="10.2.1.56:25" 1024 33 23...2323
331 331
332SSH_KNOWN_HOSTS FILE FORMAT 332SSH_KNOWN_HOSTS FILE FORMAT
333 The /etc/ssh/ssh_known_hosts and $HOME/.ssh/known_hosts files contain 333 The /etc/ssh/ssh_known_hosts and $HOME/.ssh/known_hosts files contain
334 host public keys for all known hosts. The global file should be prepared 334 host public keys for all known hosts. The global file should be prepared
335 by the administrator (optional), and the per-user file is maintained 335 by the administrator (optional), and the per-user file is maintained au-
336 automatically: whenever the user connects from an unknown host its key is 336 tomatically: whenever the user connects from an unknown host its key is
337 added to the per-user file. 337 added to the per-user file.
338 338
339 Each line in these files contains the following fields: hostnames, bits, 339 Each line in these files contains the following fields: hostnames, bits,
340 exponent, modulus, comment. The fields are separated by spaces. 340 exponent, modulus, comment. The fields are separated by spaces.
341 341
342 Hostnames is a comma-separated list of patterns (M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^X?M-bM-^@M-^Y act as wild- 342 Hostnames is a comma-separated list of patterns (`*' and `?' act as wild-
343 cards); each pattern in turn is matched against the canonical host name 343 cards); each pattern in turn is matched against the canonical host name
344 (when authenticating a client) or against the user-supplied name (when 344 (when authenticating a client) or against the user-supplied name (when
345 authenticating a server). A pattern may also be preceded by M-bM-^@M-^X!M-bM-^@M-^Y to indi- 345 authenticating a server). A pattern may also be preceded by `!' to indi-
346 cate negation: if the host name matches a negated pattern, it is not 346 cate negation: if the host name matches a negated pattern, it is not ac-
347 accepted (by that line) even if it matched another pattern on the line. 347 cepted (by that line) even if it matched another pattern on the line.
348 348
349 Bits, exponent, and modulus are taken directly from the RSA host key; 349 Bits, exponent, and modulus are taken directly from the RSA host key;
350 they can be obtained, e.g., from /etc/ssh/ssh_host_key.pub. The optional 350 they can be obtained, e.g., from /etc/ssh/ssh_host_key.pub. The optional
351 comment field continues to the end of the line, and is not used. 351 comment field continues to the end of the line, and is not used.
352 352
353 Lines starting with M-bM-^@M-^X#M-bM-^@M-^Y and empty lines are ignored as comments. 353 Lines starting with `#' and empty lines are ignored as comments.
354 354
355 When performing host authentication, authentication is accepted if any 355 When performing host authentication, authentication is accepted if any
356 matching line has the proper key. It is thus permissible (but not recom- 356 matching line has the proper key. It is thus permissible (but not recom-
@@ -361,11 +361,12 @@ SSH_KNOWN_HOSTS FILE FORMAT
361 be found from either file. 361 be found from either file.
362 362
363 Note that the lines in these files are typically hundreds of characters 363 Note that the lines in these files are typically hundreds of characters
364 long, and you definitely donM-bM-^@M-^Yt want to type in the host keys by hand. 364 long, and you definitely don't want to type in the host keys by hand.
365 Rather, generate them by a script or by taking /etc/ssh/ssh_host_key.pub 365 Rather, generate them by a script or by taking /etc/ssh/ssh_host_key.pub
366 and adding the host names at the front. 366 and adding the host names at the front.
367 367
368 Examples 368 Examples
369
369 closenet,...,130.233.208.41 1024 37 159...93 closenet.hut.fi 370 closenet,...,130.233.208.41 1024 37 159...93 closenet.hut.fi
370 cvs.openbsd.org,199.185.137.3 ssh-rsa AAAA1234.....= 371 cvs.openbsd.org,199.185.137.3 ssh-rsa AAAA1234.....=
371 372
@@ -409,15 +410,15 @@ FILES
409 410
410 $HOME/.ssh/authorized_keys 411 $HOME/.ssh/authorized_keys
411 Lists the public keys (RSA or DSA) that can be used to log into 412 Lists the public keys (RSA or DSA) that can be used to log into
412 the userM-bM-^@M-^Ys account. This file must be readable by root (which 413 the user's account. This file must be readable by root (which
413 may on some machines imply it being world-readable if the userM-bM-^@M-^Ys 414 may on some machines imply it being world-readable if the user's
414 home directory resides on an NFS volume). It is recommended that 415 home directory resides on an NFS volume). It is recommended that
415 it not be accessible by others. The format of this file is 416 it not be accessible by others. The format of this file is de-
416 described above. Users will place the contents of their 417 scribed above. Users will place the contents of their
417 identity.pub, id_dsa.pub and/or id_rsa.pub files into this file, 418 identity.pub, id_dsa.pub and/or id_rsa.pub files into this file,
418 as described in ssh-keygen(1). 419 as described in ssh-keygen(1).
419 420
420 /etc/ssh/ssh_known_hosts and $HOME/.ssh/known_hosts 421 /etc/ssh/ssh_known_hosts, $HOME/.ssh/known_hosts
421 These files are consulted when using rhosts with RSA host authen- 422 These files are consulted when using rhosts with RSA host authen-
422 tication or protocol version 2 hostbased authentication to check 423 tication or protocol version 2 hostbased authentication to check
423 the public key of the host. The key must be listed in one of 424 the public key of the host. The key must be listed in one of
@@ -434,8 +435,8 @@ FILES
434 world-readable. 435 world-readable.
435 436
436 /etc/hosts.allow, /etc/hosts.deny 437 /etc/hosts.allow, /etc/hosts.deny
437 Access controls that should be enforced by tcp-wrappers are 438 Access controls that should be enforced by tcp-wrappers are de-
438 defined here. Further details are described in hosts_access(5). 439 fined here. Further details are described in hosts_access(5).
439 440
440 $HOME/.rhosts 441 $HOME/.rhosts
441 This file contains host-username pairs, separated by a space, one 442 This file contains host-username pairs, separated by a space, one
@@ -444,7 +445,7 @@ FILES
444 and rshd. The file must be writable only by the user; it is rec- 445 and rshd. The file must be writable only by the user; it is rec-
445 ommended that it not be accessible by others. 446 ommended that it not be accessible by others.
446 447
447 If is also possible to use netgroups in the file. Either host or 448 It is also possible to use netgroups in the file. Either host or
448 user name may be of the form +@groupname to specify all hosts or 449 user name may be of the form +@groupname to specify all hosts or
449 all users in the group. 450 all users in the group.
450 451
@@ -454,28 +455,27 @@ FILES
454 access using SSH only. 455 access using SSH only.
455 456
456 /etc/hosts.equiv 457 /etc/hosts.equiv
457 This file is used during .rhosts authentication. In the simplest 458 This file is used during rhosts authentication. In the simplest
458 form, this file contains host names, one per line. Users on 459 form, this file contains host names, one per line. Users on
459 those hosts are permitted to log in without a password, provided 460 those hosts are permitted to log in without a password, provided
460 they have the same user name on both machines. The host name may 461 they have the same user name on both machines. The host name may
461 also be followed by a user name; such users are permitted to log 462 also be followed by a user name; such users are permitted to log
462 in as any user on this machine (except root). Additionally, the 463 in as any user on this machine (except root). Additionally, the
463 syntax M-bM-^@M-^\+@groupM-bM-^@M-^] can be used to specify netgroups. Negated 464 syntax ``+@group'' can be used to specify netgroups. Negated en-
464 entries start with M-bM-^@M-^X-M-bM-^@M-^Y. 465 tries start with `-'.
465 466
466 If the client host/user is successfully matched in this file, 467 If the client host/user is successfully matched in this file, lo-
467 login is automatically permitted provided the client and server 468 gin is automatically permitted provided the client and server us-
468 user names are the same. Additionally, successful RSA host 469 er names are the same. Additionally, successful RSA host authen-
469 authentication is normally required. This file must be writable 470 tication is normally required. This file must be writable only
470 only by root; it is recommended that it be world-readable. 471 by root; it is recommended that it be world-readable.
471 472
472 Warning: It is almost never a good idea to use user names in 473 Warning: It is almost never a good idea to use user names in
473 hosts.equiv. Beware that it really means that the named user(s) 474 hosts.equiv. Beware that it really means that the named user(s)
474 can log in as anybody, which includes bin, daemon, adm, and other 475 can log in as anybody, which includes bin, daemon, adm, and other
475 accounts that own critical binaries and directories. Using a 476 accounts that own critical binaries and directories. Using a us-
476 user name practically grants the user root access. The only 477 er name practically grants the user root access. The only valid
477 valid use for user names that I can think of is in negative 478 use for user names that I can think of is in negative entries.
478 entries.
479 479
480 Note that this warning also applies to rsh/rlogin. 480 Note that this warning also applies to rsh/rlogin.
481 481
@@ -487,33 +487,33 @@ FILES
487 $HOME/.ssh/environment 487 $HOME/.ssh/environment
488 This file is read into the environment at login (if it exists). 488 This file is read into the environment at login (if it exists).
489 It can only contain empty lines, comment lines (that start with 489 It can only contain empty lines, comment lines (that start with
490 M-bM-^@M-^X#M-bM-^@M-^Y), and assignment lines of the form name=value. The file 490 `#'), and assignment lines of the form name=value. The file
491 should be writable only by the user; it need not be readable by 491 should be writable only by the user; it need not be readable by
492 anyone else. Environment processing is disabled by default and 492 anyone else. Environment processing is disabled by default and
493 is controlled via the PermitUserEnvironment option. 493 is controlled via the PermitUserEnvironment option.
494 494
495 $HOME/.ssh/rc 495 $HOME/.ssh/rc
496 If this file exists, it is run with /bin/sh after reading the 496 If this file exists, it is run with /bin/sh after reading the en-
497 environment files but before starting the userM-bM-^@M-^Ys shell or com- 497 vironment files but before starting the user's shell or command.
498 mand. It must not produce any output on stdout; stderr must be 498 It must not produce any output on stdout; stderr must be used in-
499 used instead. If X11 forwarding is in use, it will receive the 499 stead. If X11 forwarding is in use, it will receive the "proto
500 "proto cookie" pair in its standard input (and DISPLAY in its 500 cookie" pair in its standard input (and DISPLAY in its environ-
501 environment). The script must call xauth(1) because sshd will 501 ment). The script must call xauth(1) because sshd will not run
502 not run xauth automatically to add X11 cookies. 502 xauth automatically to add X11 cookies.
503 503
504 The primary purpose of this file is to run any initialization 504 The primary purpose of this file is to run any initialization
505 routines which may be needed before the userM-bM-^@M-^Ys home directory 505 routines which may be needed before the user's home directory be-
506 becomes accessible; AFS is a particular example of such an envi- 506 comes accessible; AFS is a particular example of such an environ-
507 ronment. 507 ment.
508 508
509 This file will probably contain some initialization code followed 509 This file will probably contain some initialization code followed
510 by something similar to: 510 by something similar to:
511 511
512 if read proto cookie && [ -n "$DISPLAY" ]; then 512 if read proto cookie && [ -n "$DISPLAY" ]; then
513 if [ M-bM-^@M-^Xecho $DISPLAY | cut -c1-10M-bM-^@M-^X = M-bM-^@M-^Ylocalhost:M-bM-^@M-^Y ]; then 513 if [ `echo $DISPLAY | cut -c1-10` = 'localhost:' ]; then
514 # X11UseLocalhost=yes 514 # X11UseLocalhost=yes
515 echo add unix:M-bM-^@M-^Xecho $DISPLAY | 515 echo add unix:`echo $DISPLAY |
516 cut -c11-M-bM-^@M-^X $proto $cookie 516 cut -c11-` $proto $cookie
517 else 517 else
518 # X11UseLocalhost=no 518 # X11UseLocalhost=no
519 echo add $DISPLAY $proto $cookie 519 echo add $DISPLAY $proto $cookie
@@ -533,7 +533,8 @@ FILES
533 533
534SEE ALSO 534SEE ALSO
535 scp(1), sftp(1), ssh(1), ssh-add(1), ssh-agent(1), ssh-keygen(1), 535 scp(1), sftp(1), ssh(1), ssh-add(1), ssh-agent(1), ssh-keygen(1),
536 login.conf(5), moduli(5), sshd_config(5), sftp-server(8) 536 chroot(2), hosts_access(5), login.conf(5), moduli(5), sshd_config(5),
537 inetd(8), sftp-server(8)
537 538
538 T. Ylonen, T. Kivinen, M. Saarinen, T. Rinne, and S. Lehtinen, SSH 539 T. Ylonen, T. Kivinen, M. Saarinen, T. Rinne, and S. Lehtinen, SSH
539 Protocol Architecture, draft-ietf-secsh-architecture-12.txt, January 540 Protocol Architecture, draft-ietf-secsh-architecture-12.txt, January
@@ -546,9 +547,9 @@ SEE ALSO
546AUTHORS 547AUTHORS
547 OpenSSH is a derivative of the original and free ssh 1.2.12 release by 548 OpenSSH is a derivative of the original and free ssh 1.2.12 release by
548 Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo 549 Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
549 de Raadt and Dug Song removed many bugs, re-added newer features and cre- 550 de Raadt and Dug Song removed many bugs, re-added newer features and
550 ated OpenSSH. Markus Friedl contributed the support for SSH protocol 551 created OpenSSH. Markus Friedl contributed the support for SSH protocol
551 versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support 552 versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support
552 for privilege separation. 553 for privilege separation.
553 554
554BSD September 25, 1999 BSD 555OpenBSD 3.4 September 25, 1999 9
diff --git a/sshd.8 b/sshd.8
index 27b1a3cf6..460263e92 100644
--- a/sshd.8
+++ b/sshd.8
@@ -34,7 +34,7 @@
34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36.\" 36.\"
37.\" $OpenBSD: sshd.8,v 1.199 2003/08/13 08:46:31 markus Exp $ 37.\" $OpenBSD: sshd.8,v 1.200 2003/10/08 08:27:36 jmc Exp $
38.Dd September 25, 1999 38.Dd September 25, 1999
39.Dt SSHD 8 39.Dt SSHD 8
40.Os 40.Os
@@ -44,7 +44,7 @@
44.Sh SYNOPSIS 44.Sh SYNOPSIS
45.Nm sshd 45.Nm sshd
46.Bk -words 46.Bk -words
47.Op Fl deiqtD46 47.Op Fl 46Ddeiqt
48.Op Fl b Ar bits 48.Op Fl b Ar bits
49.Op Fl f Ar config_file 49.Op Fl f Ar config_file
50.Op Fl g Ar login_grace_time 50.Op Fl g Ar login_grace_time
@@ -78,9 +78,7 @@ This implementation of
78supports both SSH protocol version 1 and 2 simultaneously. 78supports both SSH protocol version 1 and 2 simultaneously.
79.Nm 79.Nm
80works as follows: 80works as follows:
81.Pp
82.Ss SSH protocol version 1 81.Ss SSH protocol version 1
83.Pp
84Each host has a host-specific RSA key 82Each host has a host-specific RSA key
85(normally 1024 bits) used to identify the host. 83(normally 1024 bits) used to identify the host.
86Additionally, when 84Additionally, when
@@ -92,7 +90,7 @@ Whenever a client connects, the daemon responds with its public
92host and server keys. 90host and server keys.
93The client compares the 91The client compares the
94RSA host key against its own database to verify that it has not changed. 92RSA host key against its own database to verify that it has not changed.
95The client then generates a 256 bit random number. 93The client then generates a 256-bit random number.
96It encrypts this 94It encrypts this
97random number using both the host key and the server key, and sends 95random number using both the host key and the server key, and sends
98the encrypted number to the server. 96the encrypted number to the server.
@@ -107,9 +105,9 @@ to use from those offered by the server.
107.Pp 105.Pp
108Next, the server and the client enter an authentication dialog. 106Next, the server and the client enter an authentication dialog.
109The client tries to authenticate itself using 107The client tries to authenticate itself using
110.Pa .rhosts 108.Em .rhosts
111authentication, 109authentication,
112.Pa .rhosts 110.Em .rhosts
113authentication combined with RSA host 111authentication combined with RSA host
114authentication, RSA challenge-response authentication, or password 112authentication, RSA challenge-response authentication, or password
115based authentication. 113based authentication.
@@ -137,7 +135,8 @@ or
137.Ql \&*NP\&* 135.Ql \&*NP\&*
138). 136).
139.Pp 137.Pp
140Rhosts authentication is normally disabled 138.Em rhosts
139authentication is normally disabled
141because it is fundamentally insecure, but can be enabled in the server 140because it is fundamentally insecure, but can be enabled in the server
142configuration file if desired. 141configuration file if desired.
143System security is not improved unless 142System security is not improved unless
@@ -150,9 +149,7 @@ are disabled (thus completely disabling
150and 149and
151.Xr rsh 150.Xr rsh
152into the machine). 151into the machine).
153.Pp
154.Ss SSH protocol version 2 152.Ss SSH protocol version 2
155.Pp
156Version 2 works similarly: 153Version 2 works similarly:
157Each host has a host-specific key (RSA or DSA) used to identify the host. 154Each host has a host-specific key (RSA or DSA) used to identify the host.
158However, when the daemon starts, it does not generate a server key. 155However, when the daemon starts, it does not generate a server key.
@@ -160,7 +157,7 @@ Forward security is provided through a Diffie-Hellman key agreement.
160This key agreement results in a shared session key. 157This key agreement results in a shared session key.
161.Pp 158.Pp
162The rest of the session is encrypted using a symmetric cipher, currently 159The rest of the session is encrypted using a symmetric cipher, currently
163128 bit AES, Blowfish, 3DES, CAST128, Arcfour, 192 bit AES, or 256 bit AES. 160128-bit AES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit AES.
164The client selects the encryption algorithm 161The client selects the encryption algorithm
165to use from those offered by the server. 162to use from those offered by the server.
166Additionally, session integrity is provided 163Additionally, session integrity is provided
@@ -171,9 +168,7 @@ Protocol version 2 provides a public key based
171user (PubkeyAuthentication) or 168user (PubkeyAuthentication) or
172client host (HostbasedAuthentication) authentication method, 169client host (HostbasedAuthentication) authentication method,
173conventional password authentication and challenge response based methods. 170conventional password authentication and challenge response based methods.
174.Pp
175.Ss Command execution and data forwarding 171.Ss Command execution and data forwarding
176.Pp
177If the client successfully authenticates itself, a dialog for 172If the client successfully authenticates itself, a dialog for
178preparing the session is entered. 173preparing the session is entered.
179At this time the client may request 174At this time the client may request
@@ -192,8 +187,9 @@ connections have been closed, the server sends command exit status to
192the client, and both sides exit. 187the client, and both sides exit.
193.Pp 188.Pp
194.Nm 189.Nm
195can be configured using command-line options or a configuration 190can be configured using command-line options or a configuration file
196file. 191(by default
192.Xr sshd_config 5 ) .
197Command-line options override values specified in the 193Command-line options override values specified in the
198configuration file. 194configuration file.
199.Pp 195.Pp
@@ -205,9 +201,23 @@ by executing itself with the name it was started as, i.e.,
205.Pp 201.Pp
206The options are as follows: 202The options are as follows:
207.Bl -tag -width Ds 203.Bl -tag -width Ds
204.It Fl 4
205Forces
206.Nm
207to use IPv4 addresses only.
208.It Fl 6
209Forces
210.Nm
211to use IPv6 addresses only.
208.It Fl b Ar bits 212.It Fl b Ar bits
209Specifies the number of bits in the ephemeral protocol version 1 213Specifies the number of bits in the ephemeral protocol version 1
210server key (default 768). 214server key (default 768).
215.It Fl D
216When this option is specified,
217.Nm
218will not detach and does not become a daemon.
219This allows easy monitoring of
220.Nm sshd .
211.It Fl d 221.It Fl d
212Debug mode. 222Debug mode.
213The server sends verbose debug output to the system 223The server sends verbose debug output to the system
@@ -267,7 +277,7 @@ be feasible.
267Specifies how often the ephemeral protocol version 1 server key is 277Specifies how often the ephemeral protocol version 1 server key is
268regenerated (default 3600 seconds, or one hour). 278regenerated (default 3600 seconds, or one hour).
269The motivation for regenerating the key fairly 279The motivation for regenerating the key fairly
270often is that the key is not stored anywhere, and after about an hour, 280often is that the key is not stored anywhere, and after about an hour
271it becomes impossible to recover the key for decrypting intercepted 281it becomes impossible to recover the key for decrypting intercepted
272communications even if the machine is cracked into or physically 282communications even if the machine is cracked into or physically
273seized. 283seized.
@@ -276,6 +286,8 @@ A value of zero indicates that the key will never be regenerated.
276Can be used to give options in the format used in the configuration file. 286Can be used to give options in the format used in the configuration file.
277This is useful for specifying options for which there is no separate 287This is useful for specifying options for which there is no separate
278command-line flag. 288command-line flag.
289For full details of the options, and their values, see
290.Xr sshd_config 5 .
279.It Fl p Ar port 291.It Fl p Ar port
280Specifies the port on which the server listens for connections 292Specifies the port on which the server listens for connections
281(default 22). 293(default 22).
@@ -328,20 +340,6 @@ USER@HOST pattern in
328.Cm AllowUsers 340.Cm AllowUsers
329or 341or
330.Cm DenyUsers . 342.Cm DenyUsers .
331.It Fl D
332When this option is specified
333.Nm
334will not detach and does not become a daemon.
335This allows easy monitoring of
336.Nm sshd .
337.It Fl 4
338Forces
339.Nm
340to use IPv4 addresses only.
341.It Fl 6
342Forces
343.Nm
344to use IPv6 addresses only.
345.El 343.El
346.Sh CONFIGURATION FILE 344.Sh CONFIGURATION FILE
347.Nm 345.Nm
@@ -378,9 +376,9 @@ Changes to run with normal user privileges.
378.It 376.It
379Sets up basic environment. 377Sets up basic environment.
380.It 378.It
381Reads 379Reads the file
382.Pa $HOME/.ssh/environment 380.Pa $HOME/.ssh/environment ,
383if it exists and users are allowed to change their environment. 381if it exists, and users are allowed to change their environment.
384See the 382See the
385.Cm PermitUserEnvironment 383.Cm PermitUserEnvironment
386option in 384option in
@@ -519,7 +517,7 @@ Limit local
519port forwarding such that it may only connect to the specified host and 517port forwarding such that it may only connect to the specified host and
520port. 518port.
521IPv6 addresses can be specified with an alternative syntax: 519IPv6 addresses can be specified with an alternative syntax:
522.Ar host/port . 520.Ar host Ns / Ns Ar port .
523Multiple 521Multiple
524.Cm permitopen 522.Cm permitopen
525options may be applied separated by commas. 523options may be applied separated by commas.
@@ -527,13 +525,13 @@ No pattern matching is performed on the specified hostnames,
527they must be literal domains or addresses. 525they must be literal domains or addresses.
528.El 526.El
529.Ss Examples 527.Ss Examples
5301024 33 12121.\|.\|.\|312314325 ylo@foo.bar 5281024 33 12121...312314325 ylo@foo.bar
531.Pp 529.Pp
532from="*.niksula.hut.fi,!pc.niksula.hut.fi" 1024 35 23.\|.\|.\|2334 ylo@niksula 530from="*.niksula.hut.fi,!pc.niksula.hut.fi" 1024 35 23...2334 ylo@niksula
533.Pp 531.Pp
534command="dump /home",no-pty,no-port-forwarding 1024 33 23.\|.\|.\|2323 backup.hut.fi 532command="dump /home",no-pty,no-port-forwarding 1024 33 23...2323 backup.hut.fi
535.Pp 533.Pp
536permitopen="10.2.1.55:80",permitopen="10.2.1.56:25" 1024 33 23.\|.\|.\|2323 534permitopen="10.2.1.55:80",permitopen="10.2.1.56:25" 1024 33 23...2323
537.Sh SSH_KNOWN_HOSTS FILE FORMAT 535.Sh SSH_KNOWN_HOSTS FILE FORMAT
538The 536The
539.Pa /etc/ssh/ssh_known_hosts 537.Pa /etc/ssh/ssh_known_hosts
@@ -591,7 +589,7 @@ or by taking
591and adding the host names at the front. 589and adding the host names at the front.
592.Ss Examples 590.Ss Examples
593.Bd -literal 591.Bd -literal
594closenet,.\|.\|.\|,130.233.208.41 1024 37 159.\|.\|.93 closenet.hut.fi 592closenet,...,130.233.208.41 1024 37 159...93 closenet.hut.fi
595cvs.openbsd.org,199.185.137.3 ssh-rsa AAAA1234.....= 593cvs.openbsd.org,199.185.137.3 ssh-rsa AAAA1234.....=
596.Ed 594.Ed
597.Sh FILES 595.Sh FILES
@@ -650,7 +648,7 @@ and/or
650.Pa id_rsa.pub 648.Pa id_rsa.pub
651files into this file, as described in 649files into this file, as described in
652.Xr ssh-keygen 1 . 650.Xr ssh-keygen 1 .
653.It Pa "/etc/ssh/ssh_known_hosts" and "$HOME/.ssh/known_hosts" 651.It Pa "/etc/ssh/ssh_known_hosts", "$HOME/.ssh/known_hosts"
654These files are consulted when using rhosts with RSA host 652These files are consulted when using rhosts with RSA host
655authentication or protocol version 2 hostbased authentication 653authentication or protocol version 2 hostbased authentication
656to check the public key of the host. 654to check the public key of the host.
@@ -684,7 +682,7 @@ The file must
684be writable only by the user; it is recommended that it not be 682be writable only by the user; it is recommended that it not be
685accessible by others. 683accessible by others.
686.Pp 684.Pp
687If is also possible to use netgroups in the file. 685It is also possible to use netgroups in the file.
688Either host or user 686Either host or user
689name may be of the form +@groupname to specify all hosts or all users 687name may be of the form +@groupname to specify all hosts or all users
690in the group. 688in the group.
@@ -696,7 +694,7 @@ However, this file is
696not used by rlogin and rshd, so using this permits access using SSH only. 694not used by rlogin and rshd, so using this permits access using SSH only.
697.It Pa /etc/hosts.equiv 695.It Pa /etc/hosts.equiv
698This file is used during 696This file is used during
699.Pa .rhosts 697.Em rhosts
700authentication. 698authentication.
701In the simplest form, this file contains host names, one per line. 699In the simplest form, this file contains host names, one per line.
702Users on 700Users on
@@ -803,9 +801,12 @@ This file should be writable only by root, and should be world-readable.
803.Xr ssh-add 1 , 801.Xr ssh-add 1 ,
804.Xr ssh-agent 1 , 802.Xr ssh-agent 1 ,
805.Xr ssh-keygen 1 , 803.Xr ssh-keygen 1 ,
804.Xr chroot 2 ,
805.Xr hosts_access 5 ,
806.Xr login.conf 5 , 806.Xr login.conf 5 ,
807.Xr moduli 5 , 807.Xr moduli 5 ,
808.Xr sshd_config 5 , 808.Xr sshd_config 5 ,
809.Xr inetd 8 ,
809.Xr sftp-server 8 810.Xr sftp-server 8
810.Rs 811.Rs
811.%A T. Ylonen 812.%A T. Ylonen
diff --git a/sshd.c b/sshd.c
index 92fab6ccd..1f0d7747a 100644
--- a/sshd.c
+++ b/sshd.c
@@ -42,7 +42,7 @@
42 */ 42 */
43 43
44#include "includes.h" 44#include "includes.h"
45RCSID("$OpenBSD: sshd.c,v 1.276 2003/08/28 12:54:34 markus Exp $"); 45RCSID("$OpenBSD: sshd.c,v 1.286 2004/02/23 12:02:33 markus Exp $");
46 46
47#include <openssl/dh.h> 47#include <openssl/dh.h>
48#include <openssl/bn.h> 48#include <openssl/bn.h>
@@ -101,6 +101,7 @@ extern char *__progname;
101#else 101#else
102char *__progname; 102char *__progname;
103#endif 103#endif
104extern char **environ;
104 105
105/* Server configuration options. */ 106/* Server configuration options. */
106ServerOptions options; 107ServerOptions options;
@@ -199,11 +200,14 @@ int startup_pipe; /* in child */
199 200
200/* variables used for privilege separation */ 201/* variables used for privilege separation */
201int use_privsep; 202int use_privsep;
202struct monitor *pmonitor; 203struct monitor *pmonitor = NULL;
203 204
204/* message to be displayed after login */ 205/* message to be displayed after login */
205Buffer loginmsg; 206Buffer loginmsg;
206 207
208/* global authentication context */
209Authctxt *the_authctxt = NULL;
210
207/* Prototypes for various functions defined later in this file. */ 211/* Prototypes for various functions defined later in this file. */
208void destroy_sensitive_data(void); 212void destroy_sensitive_data(void);
209void demote_sensitive_data(void); 213void demote_sensitive_data(void);
@@ -302,6 +306,9 @@ grace_alarm_handler(int sig)
302{ 306{
303 /* XXX no idea how fix this signal handler */ 307 /* XXX no idea how fix this signal handler */
304 308
309 if (use_privsep && pmonitor != NULL && pmonitor->m_pid > 0)
310 kill(pmonitor->m_pid, SIGALRM);
311
305 /* Log error and exit. */ 312 /* Log error and exit. */
306 fatal("Timeout before authentication for %s", get_remote_ipaddr()); 313 fatal("Timeout before authentication for %s", get_remote_ipaddr());
307} 314}
@@ -375,7 +382,7 @@ sshd_exchange_identification(int sock_in, int sock_out)
375 strlen(server_version_string)) 382 strlen(server_version_string))
376 != strlen(server_version_string)) { 383 != strlen(server_version_string)) {
377 logit("Could not write ident string to %s", get_remote_ipaddr()); 384 logit("Could not write ident string to %s", get_remote_ipaddr());
378 fatal_cleanup(); 385 cleanup_exit(255);
379 } 386 }
380 387
381 /* Read other sides version identification. */ 388 /* Read other sides version identification. */
@@ -384,7 +391,7 @@ sshd_exchange_identification(int sock_in, int sock_out)
384 if (atomicio(read, sock_in, &buf[i], 1) != 1) { 391 if (atomicio(read, sock_in, &buf[i], 1) != 1) {
385 logit("Did not receive identification string from %s", 392 logit("Did not receive identification string from %s",
386 get_remote_ipaddr()); 393 get_remote_ipaddr());
387 fatal_cleanup(); 394 cleanup_exit(255);
388 } 395 }
389 if (buf[i] == '\r') { 396 if (buf[i] == '\r') {
390 buf[i] = 0; 397 buf[i] = 0;
@@ -414,7 +421,7 @@ sshd_exchange_identification(int sock_in, int sock_out)
414 close(sock_out); 421 close(sock_out);
415 logit("Bad protocol version identification '%.100s' from %s", 422 logit("Bad protocol version identification '%.100s' from %s",
416 client_version_string, get_remote_ipaddr()); 423 client_version_string, get_remote_ipaddr());
417 fatal_cleanup(); 424 cleanup_exit(255);
418 } 425 }
419 debug("Client protocol version %d.%d; client software version %.100s", 426 debug("Client protocol version %d.%d; client software version %.100s",
420 remote_major, remote_minor, remote_version); 427 remote_major, remote_minor, remote_version);
@@ -424,13 +431,13 @@ sshd_exchange_identification(int sock_in, int sock_out)
424 if (datafellows & SSH_BUG_PROBE) { 431 if (datafellows & SSH_BUG_PROBE) {
425 logit("probed from %s with %s. Don't panic.", 432 logit("probed from %s with %s. Don't panic.",
426 get_remote_ipaddr(), client_version_string); 433 get_remote_ipaddr(), client_version_string);
427 fatal_cleanup(); 434 cleanup_exit(255);
428 } 435 }
429 436
430 if (datafellows & SSH_BUG_SCANNER) { 437 if (datafellows & SSH_BUG_SCANNER) {
431 logit("scanned from %s with %s. Don't panic.", 438 logit("scanned from %s with %s. Don't panic.",
432 get_remote_ipaddr(), client_version_string); 439 get_remote_ipaddr(), client_version_string);
433 fatal_cleanup(); 440 cleanup_exit(255);
434 } 441 }
435 442
436 mismatch = 0; 443 mismatch = 0;
@@ -476,7 +483,7 @@ sshd_exchange_identification(int sock_in, int sock_out)
476 logit("Protocol major versions differ for %s: %.200s vs. %.200s", 483 logit("Protocol major versions differ for %s: %.200s vs. %.200s",
477 get_remote_ipaddr(), 484 get_remote_ipaddr(),
478 server_version_string, client_version_string); 485 server_version_string, client_version_string);
479 fatal_cleanup(); 486 cleanup_exit(255);
480 } 487 }
481} 488}
482 489
@@ -571,10 +578,9 @@ privsep_preauth_child(void)
571#endif 578#endif
572} 579}
573 580
574static Authctxt * 581static int
575privsep_preauth(void) 582privsep_preauth(Authctxt *authctxt)
576{ 583{
577 Authctxt *authctxt = NULL;
578 int status; 584 int status;
579 pid_t pid; 585 pid_t pid;
580 586
@@ -587,12 +593,11 @@ privsep_preauth(void)
587 if (pid == -1) { 593 if (pid == -1) {
588 fatal("fork of unprivileged child failed"); 594 fatal("fork of unprivileged child failed");
589 } else if (pid != 0) { 595 } else if (pid != 0) {
590 fatal_remove_cleanup((void (*) (void *)) packet_close, NULL);
591
592 debug2("Network child is on pid %ld", (long)pid); 596 debug2("Network child is on pid %ld", (long)pid);
593 597
594 close(pmonitor->m_recvfd); 598 close(pmonitor->m_recvfd);
595 authctxt = monitor_child_preauth(pmonitor); 599 pmonitor->m_pid = pid;
600 monitor_child_preauth(authctxt, pmonitor);
596 close(pmonitor->m_sendfd); 601 close(pmonitor->m_sendfd);
597 602
598 /* Sync memory */ 603 /* Sync memory */
@@ -602,11 +607,7 @@ privsep_preauth(void)
602 while (waitpid(pid, &status, 0) < 0) 607 while (waitpid(pid, &status, 0) < 0)
603 if (errno != EINTR) 608 if (errno != EINTR)
604 break; 609 break;
605 610 return (1);
606 /* Reinstall, since the child has finished */
607 fatal_add_cleanup((void (*) (void *)) packet_close, NULL);
608
609 return (authctxt);
610 } else { 611 } else {
611 /* child */ 612 /* child */
612 613
@@ -617,17 +618,12 @@ privsep_preauth(void)
617 privsep_preauth_child(); 618 privsep_preauth_child();
618 setproctitle("%s", "[net]"); 619 setproctitle("%s", "[net]");
619 } 620 }
620 return (NULL); 621 return (0);
621} 622}
622 623
623static void 624static void
624privsep_postauth(Authctxt *authctxt) 625privsep_postauth(Authctxt *authctxt)
625{ 626{
626 extern Authctxt *x_authctxt;
627
628 /* XXX - Remote port forwarding */
629 x_authctxt = authctxt;
630
631#ifdef DISABLE_FD_PASSING 627#ifdef DISABLE_FD_PASSING
632 if (1) { 628 if (1) {
633#else 629#else
@@ -653,8 +649,6 @@ privsep_postauth(Authctxt *authctxt)
653 if (pmonitor->m_pid == -1) 649 if (pmonitor->m_pid == -1)
654 fatal("fork of unprivileged child failed"); 650 fatal("fork of unprivileged child failed");
655 else if (pmonitor->m_pid != 0) { 651 else if (pmonitor->m_pid != 0) {
656 fatal_remove_cleanup((void (*) (void *)) packet_close, NULL);
657
658 debug2("User child is on pid %ld", (long)pmonitor->m_pid); 652 debug2("User child is on pid %ld", (long)pmonitor->m_pid);
659 close(pmonitor->m_recvfd); 653 close(pmonitor->m_recvfd);
660 monitor_child_postauth(pmonitor); 654 monitor_child_postauth(pmonitor);
@@ -679,7 +673,8 @@ static char *
679list_hostkey_types(void) 673list_hostkey_types(void)
680{ 674{
681 Buffer b; 675 Buffer b;
682 char *p; 676 const char *p;
677 char *ret;
683 int i; 678 int i;
684 679
685 buffer_init(&b); 680 buffer_init(&b);
@@ -698,10 +693,10 @@ list_hostkey_types(void)
698 } 693 }
699 } 694 }
700 buffer_append(&b, "\0", 1); 695 buffer_append(&b, "\0", 1);
701 p = xstrdup(buffer_ptr(&b)); 696 ret = xstrdup(buffer_ptr(&b));
702 buffer_free(&b); 697 buffer_free(&b);
703 debug("list_hostkey_types: %s", p); 698 debug("list_hostkey_types: %s", ret);
704 return p; 699 return ret;
705} 700}
706 701
707Key * 702Key *
@@ -769,7 +764,8 @@ drop_connection(int startups)
769static void 764static void
770usage(void) 765usage(void)
771{ 766{
772 fprintf(stderr, "sshd version %s\n", SSH_VERSION); 767 fprintf(stderr, "sshd version %s, %s\n",
768 SSH_VERSION, SSLeay_version(SSLEAY_VERSION));
773 fprintf(stderr, "Usage: %s [options]\n", __progname); 769 fprintf(stderr, "Usage: %s [options]\n", __progname);
774 fprintf(stderr, "Options:\n"); 770 fprintf(stderr, "Options:\n");
775 fprintf(stderr, " -f file Configuration file (default %s)\n", _PATH_SERVER_CONFIG_FILE); 771 fprintf(stderr, " -f file Configuration file (default %s)\n", _PATH_SERVER_CONFIG_FILE);
@@ -809,11 +805,12 @@ main(int ac, char **av)
809 FILE *f; 805 FILE *f;
810 struct addrinfo *ai; 806 struct addrinfo *ai;
811 char ntop[NI_MAXHOST], strport[NI_MAXSERV]; 807 char ntop[NI_MAXHOST], strport[NI_MAXSERV];
808 char *line;
812 int listen_sock, maxfd; 809 int listen_sock, maxfd;
813 int startup_p[2]; 810 int startup_p[2];
814 int startups = 0; 811 int startups = 0;
815 Authctxt *authctxt;
816 Key *key; 812 Key *key;
813 Authctxt *authctxt;
817 int ret, key_used = 0; 814 int ret, key_used = 0;
818 815
819#ifdef HAVE_SECUREWARE 816#ifdef HAVE_SECUREWARE
@@ -922,9 +919,11 @@ main(int ac, char **av)
922 } 919 }
923 break; 920 break;
924 case 'o': 921 case 'o':
925 if (process_server_config_line(&options, optarg, 922 line = xstrdup(optarg);
923 if (process_server_config_line(&options, line,
926 "command-line", 0) != 0) 924 "command-line", 0) != 0)
927 exit(1); 925 exit(1);
926 xfree(line);
928 break; 927 break;
929 case '?': 928 case '?':
930 default: 929 default:
@@ -1069,8 +1068,8 @@ main(int ac, char **av)
1069 /* 1068 /*
1070 * Clear out any supplemental groups we may have inherited. This 1069 * Clear out any supplemental groups we may have inherited. This
1071 * prevents inadvertent creation of files with bad modes (in the 1070 * prevents inadvertent creation of files with bad modes (in the
1072 * portable version at least, it's certainly possible for PAM 1071 * portable version at least, it's certainly possible for PAM
1073 * to create a file, and we can't control the code in every 1072 * to create a file, and we can't control the code in every
1074 * module which might be used). 1073 * module which might be used).
1075 */ 1074 */
1076 if (setgroups(0, NULL) < 0) 1075 if (setgroups(0, NULL) < 0)
@@ -1112,6 +1111,11 @@ main(int ac, char **av)
1112 unmounted if desired. */ 1111 unmounted if desired. */
1113 chdir("/"); 1112 chdir("/");
1114 1113
1114#ifndef HAVE_CYGWIN
1115 /* Clear environment */
1116 environ[0] = NULL;
1117#endif
1118
1115 /* ignore SIGPIPE */ 1119 /* ignore SIGPIPE */
1116 signal(SIGPIPE, SIG_IGN); 1120 signal(SIGPIPE, SIG_IGN);
1117 1121
@@ -1180,7 +1184,7 @@ main(int ac, char **av)
1180 1184
1181 /* Start listening on the port. */ 1185 /* Start listening on the port. */
1182 logit("Server listening on %s port %s.", ntop, strport); 1186 logit("Server listening on %s port %s.", ntop, strport);
1183 if (listen(listen_sock, 5) < 0) 1187 if (listen(listen_sock, SSH_LISTEN_BACKLOG) < 0)
1184 fatal("listen: %.100s", strerror(errno)); 1188 fatal("listen: %.100s", strerror(errno));
1185 1189
1186 } 1190 }
@@ -1419,8 +1423,8 @@ main(int ac, char **av)
1419 signal(SIGCHLD, SIG_DFL); 1423 signal(SIGCHLD, SIG_DFL);
1420 signal(SIGINT, SIG_DFL); 1424 signal(SIGINT, SIG_DFL);
1421 1425
1422 /* Set keepalives if requested. */ 1426 /* Set SO_KEEPALIVE if requested. */
1423 if (options.keepalives && 1427 if (options.tcp_keep_alive &&
1424 setsockopt(sock_in, SOL_SOCKET, SO_KEEPALIVE, &on, 1428 setsockopt(sock_in, SOL_SOCKET, SO_KEEPALIVE, &on,
1425 sizeof(on)) < 0) 1429 sizeof(on)) < 0)
1426 error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno)); 1430 error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno));
@@ -1470,21 +1474,28 @@ main(int ac, char **av)
1470 1474
1471 packet_set_nonblocking(); 1475 packet_set_nonblocking();
1472 1476
1473 /* prepare buffers to collect authentication messages */ 1477 /* prepare buffers to collect authentication messages */
1474 buffer_init(&loginmsg); 1478 buffer_init(&loginmsg);
1475 1479
1480 /* allocate authentication context */
1481 authctxt = xmalloc(sizeof(*authctxt));
1482 memset(authctxt, 0, sizeof(*authctxt));
1483
1484 /* XXX global for cleanup, access from other modules */
1485 the_authctxt = authctxt;
1486
1476 if (use_privsep) 1487 if (use_privsep)
1477 if ((authctxt = privsep_preauth()) != NULL) 1488 if (privsep_preauth(authctxt) == 1)
1478 goto authenticated; 1489 goto authenticated;
1479 1490
1480 /* perform the key exchange */ 1491 /* perform the key exchange */
1481 /* authenticate user and start session */ 1492 /* authenticate user and start session */
1482 if (compat20) { 1493 if (compat20) {
1483 do_ssh2_kex(); 1494 do_ssh2_kex();
1484 authctxt = do_authentication2(); 1495 do_authentication2(authctxt);
1485 } else { 1496 } else {
1486 do_ssh1_kex(); 1497 do_ssh1_kex();
1487 authctxt = do_authentication(); 1498 do_authentication(authctxt);
1488 } 1499 }
1489 /* 1500 /*
1490 * If we use privilege separation, the unprivileged child transfers 1501 * If we use privilege separation, the unprivileged child transfers
@@ -1507,7 +1518,7 @@ main(int ac, char **av)
1507 destroy_sensitive_data(); 1518 destroy_sensitive_data();
1508 } 1519 }
1509 1520
1510 /* Perform session preparation. */ 1521 /* Start session. */
1511 do_authenticated(authctxt); 1522 do_authenticated(authctxt);
1512 1523
1513 /* The connection has been terminated. */ 1524 /* The connection has been terminated. */
@@ -1800,3 +1811,12 @@ do_ssh2_kex(void)
1800#endif 1811#endif
1801 debug("KEX done"); 1812 debug("KEX done");
1802} 1813}
1814
1815/* server specific fatal cleanup */
1816void
1817cleanup_exit(int i)
1818{
1819 if (the_authctxt)
1820 do_cleanup(the_authctxt);
1821 _exit(i);
1822}
diff --git a/sshd_config b/sshd_config
index dd53f1057..b45c8c561 100644
--- a/sshd_config
+++ b/sshd_config
@@ -1,4 +1,4 @@
1# $OpenBSD: sshd_config,v 1.65 2003/08/28 12:54:34 markus Exp $ 1# $OpenBSD: sshd_config,v 1.68 2003/12/29 16:39:50 millert Exp $
2 2
3# This is the sshd server system-wide configuration file. See 3# This is the sshd server system-wide configuration file. See
4# sshd_config(5) for more information. 4# sshd_config(5) for more information.
@@ -61,15 +61,16 @@
61#KerberosAuthentication no 61#KerberosAuthentication no
62#KerberosOrLocalPasswd yes 62#KerberosOrLocalPasswd yes
63#KerberosTicketCleanup yes 63#KerberosTicketCleanup yes
64#KerberosGetAFSToken no
64 65
65# GSSAPI options 66# GSSAPI options
66#GSSAPIAuthentication no 67#GSSAPIAuthentication no
67#GSSAPICleanupCreds yes 68#GSSAPICleanupCredentials yes
68 69
69# Set this to 'yes' to enable PAM authentication (via challenge-response) 70# Set this to 'yes' to enable PAM authentication (via challenge-response)
70# and session processing. Depending on your PAM configuration, this may 71# and session processing. Depending on your PAM configuration, this may
71# bypass the setting of 'PasswordAuthentication' 72# bypass the setting of 'PasswordAuthentication' and 'PermitEmptyPasswords'
72#UsePAM yes 73#UsePAM no
73 74
74#AllowTcpForwarding yes 75#AllowTcpForwarding yes
75#GatewayPorts no 76#GatewayPorts no
@@ -78,7 +79,7 @@
78#X11UseLocalhost yes 79#X11UseLocalhost yes
79#PrintMotd yes 80#PrintMotd yes
80#PrintLastLog yes 81#PrintLastLog yes
81#KeepAlive yes 82#TCPKeepAlive yes
82#UseLogin no 83#UseLogin no
83#UsePrivilegeSeparation yes 84#UsePrivilegeSeparation yes
84#PermitUserEnvironment no 85#PermitUserEnvironment no
diff --git a/sshd_config.0 b/sshd_config.0
index bc266317f..981e91042 100644
--- a/sshd_config.0
+++ b/sshd_config.0
@@ -1,4 +1,4 @@
1SSHD_CONFIG(5) BSD File Formats Manual SSHD_CONFIG(5) 1SSHD_CONFIG(5) OpenBSD Programmer's Manual SSHD_CONFIG(5)
2 2
3NAME 3NAME
4 sshd_config - OpenSSH SSH daemon configuration file 4 sshd_config - OpenSSH SSH daemon configuration file
@@ -9,7 +9,7 @@ SYNOPSIS
9DESCRIPTION 9DESCRIPTION
10 sshd reads configuration data from /etc/ssh/sshd_config (or the file 10 sshd reads configuration data from /etc/ssh/sshd_config (or the file
11 specified with -f on the command line). The file contains keyword-argu- 11 specified with -f on the command line). The file contains keyword-argu-
12 ment pairs, one per line. Lines starting with M-bM-^@M-^X#M-bM-^@M-^Y and empty lines are 12 ment pairs, one per line. Lines starting with `#' and empty lines are
13 interpreted as comments. 13 interpreted as comments.
14 14
15 The possible keywords and their meanings are as follows (note that key- 15 The possible keywords and their meanings are as follows (note that key-
@@ -19,36 +19,36 @@ DESCRIPTION
19 This keyword can be followed by a list of group name patterns, 19 This keyword can be followed by a list of group name patterns,
20 separated by spaces. If specified, login is allowed only for 20 separated by spaces. If specified, login is allowed only for
21 users whose primary group or supplementary group list matches one 21 users whose primary group or supplementary group list matches one
22 of the patterns. M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^X?M-bM-^@M-^Y can be used as wildcards in the 22 of the patterns. `*' and `?' can be used as wildcards in the
23 patterns. Only group names are valid; a numerical group ID is 23 patterns. Only group names are valid; a numerical group ID is
24 not recognized. By default, login is allowed for all groups. 24 not recognized. By default, login is allowed for all groups.
25 25
26 AllowTcpForwarding 26 AllowTcpForwarding
27 Specifies whether TCP forwarding is permitted. The default is 27 Specifies whether TCP forwarding is permitted. The default is
28 M-bM-^@M-^\yesM-bM-^@M-^]. Note that disabling TCP forwarding does not improve secu- 28 ``yes''. Note that disabling TCP forwarding does not improve se-
29 rity unless users are also denied shell access, as they can 29 curity unless users are also denied shell access, as they can al-
30 always install their own forwarders. 30 ways install their own forwarders.
31 31
32 AllowUsers 32 AllowUsers
33 This keyword can be followed by a list of user name patterns, 33 This keyword can be followed by a list of user name patterns,
34 separated by spaces. If specified, login is allowed only for 34 separated by spaces. If specified, login is allowed only for us-
35 user names that match one of the patterns. M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^X?M-bM-^@M-^Y can be 35 er names that match one of the patterns. `*' and `?' can be used
36 used as wildcards in the patterns. Only user names are valid; a 36 as wildcards in the patterns. Only user names are valid; a nu-
37 numerical user ID is not recognized. By default, login is 37 merical user ID is not recognized. By default, login is allowed
38 allowed for all users. If the pattern takes the form USER@HOST 38 for all users. If the pattern takes the form USER@HOST then USER
39 then USER and HOST are separately checked, restricting logins to 39 and HOST are separately checked, restricting logins to particular
40 particular users from particular hosts. 40 users from particular hosts.
41 41
42 AuthorizedKeysFile 42 AuthorizedKeysFile
43 Specifies the file that contains the public keys that can be used 43 Specifies the file that contains the public keys that can be used
44 for user authentication. AuthorizedKeysFile may contain tokens 44 for user authentication. AuthorizedKeysFile may contain tokens
45 of the form %T which are substituted during connection set-up. 45 of the form %T which are substituted during connection set-up.
46 The following tokens are defined: %% is replaced by a literal 46 The following tokens are defined: %% is replaced by a literal
47 M-bM-^@M-^Y%M-bM-^@M-^Y, %h is replaced by the home directory of the user being 47 '%', %h is replaced by the home directory of the user being au-
48 authenticated and %u is replaced by the username of that user. 48 thenticated and %u is replaced by the username of that user. Af-
49 After expansion, AuthorizedKeysFile is taken to be an absolute 49 ter expansion, AuthorizedKeysFile is taken to be an absolute path
50 path or one relative to the userM-bM-^@M-^Ys home directory. The default 50 or one relative to the user's home directory. The default is
51 is M-bM-^@M-^\.ssh/authorized_keysM-bM-^@M-^]. 51 ``.ssh/authorized_keys''.
52 52
53 Banner In some jurisdictions, sending a warning message before authenti- 53 Banner In some jurisdictions, sending a warning message before authenti-
54 cation may be relevant for getting legal protection. The con- 54 cation may be relevant for getting legal protection. The con-
@@ -59,14 +59,14 @@ DESCRIPTION
59 ChallengeResponseAuthentication 59 ChallengeResponseAuthentication
60 Specifies whether challenge response authentication is allowed. 60 Specifies whether challenge response authentication is allowed.
61 All authentication styles from login.conf(5) are supported. The 61 All authentication styles from login.conf(5) are supported. The
62 default is M-bM-^@M-^\yesM-bM-^@M-^]. 62 default is ``yes''.
63 63
64 Ciphers 64 Ciphers
65 Specifies the ciphers allowed for protocol version 2. Multiple 65 Specifies the ciphers allowed for protocol version 2. Multiple
66 ciphers must be comma-separated. The default is 66 ciphers must be comma-separated. The default is
67 67
68 M-bM-^@M-^XM-bM-^@M-^Xaes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, 68 ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,
69 aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctrM-bM-^@M-^YM-bM-^@M-^Y 69 aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr''
70 70
71 ClientAliveInterval 71 ClientAliveInterval
72 Sets a timeout interval in seconds after which if no data has 72 Sets a timeout interval in seconds after which if no data has
@@ -78,15 +78,15 @@ DESCRIPTION
78 ClientAliveCountMax 78 ClientAliveCountMax
79 Sets the number of client alive messages (see above) which may be 79 Sets the number of client alive messages (see above) which may be
80 sent without sshd receiving any messages back from the client. 80 sent without sshd receiving any messages back from the client.
81 If this threshold is reached while client alive messages are 81 If this threshold is reached while client alive messages are be-
82 being sent, sshd will disconnect the client, terminating the ses- 82 ing sent, sshd will disconnect the client, terminating the ses-
83 sion. It is important to note that the use of client alive mes- 83 sion. It is important to note that the use of client alive mes-
84 sages is very different from KeepAlive (below). The client alive 84 sages is very different from TCPKeepAlive (below). The client
85 messages are sent through the encrypted channel and therefore 85 alive messages are sent through the encrypted channel and there-
86 will not be spoofable. The TCP keepalive option enabled by 86 fore will not be spoofable. The TCP keepalive option enabled by
87 KeepAlive is spoofable. The client alive mechanism is valuable 87 TCPKeepAlive is spoofable. The client alive mechanism is valu-
88 when the client or server depend on knowing when a connection has 88 able when the client or server depend on knowing when a connec-
89 become inactive. 89 tion has become inactive.
90 90
91 The default value is 3. If ClientAliveInterval (above) is set to 91 The default value is 3. If ClientAliveInterval (above) is set to
92 15, and ClientAliveCountMax is left at the default, unresponsive 92 15, and ClientAliveCountMax is left at the default, unresponsive
@@ -94,20 +94,20 @@ DESCRIPTION
94 94
95 Compression 95 Compression
96 Specifies whether compression is allowed. The argument must be 96 Specifies whether compression is allowed. The argument must be
97 M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\yesM-bM-^@M-^]. 97 ``yes'' or ``no''. The default is ``yes''.
98 98
99 DenyGroups 99 DenyGroups
100 This keyword can be followed by a list of group name patterns, 100 This keyword can be followed by a list of group name patterns,
101 separated by spaces. Login is disallowed for users whose primary 101 separated by spaces. Login is disallowed for users whose primary
102 group or supplementary group list matches one of the patterns. 102 group or supplementary group list matches one of the patterns.
103 M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^X?M-bM-^@M-^Y can be used as wildcards in the patterns. Only group 103 `*' and `?' can be used as wildcards in the patterns. Only group
104 names are valid; a numerical group ID is not recognized. By 104 names are valid; a numerical group ID is not recognized. By de-
105 default, login is allowed for all groups. 105 fault, login is allowed for all groups.
106 106
107 DenyUsers 107 DenyUsers
108 This keyword can be followed by a list of user name patterns, 108 This keyword can be followed by a list of user name patterns,
109 separated by spaces. Login is disallowed for user names that 109 separated by spaces. Login is disallowed for user names that
110 match one of the patterns. M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^X?M-bM-^@M-^Y can be used as wildcards 110 match one of the patterns. `*' and `?' can be used as wildcards
111 in the patterns. Only user names are valid; a numerical user ID 111 in the patterns. Only user names are valid; a numerical user ID
112 is not recognized. By default, login is allowed for all users. 112 is not recognized. By default, login is allowed for all users.
113 If the pattern takes the form USER@HOST then USER and HOST are 113 If the pattern takes the form USER@HOST then USER and HOST are
@@ -121,25 +121,25 @@ DESCRIPTION
121 hosts from connecting to forwarded ports. GatewayPorts can be 121 hosts from connecting to forwarded ports. GatewayPorts can be
122 used to specify that sshd should bind remote port forwardings to 122 used to specify that sshd should bind remote port forwardings to
123 the wildcard address, thus allowing remote hosts to connect to 123 the wildcard address, thus allowing remote hosts to connect to
124 forwarded ports. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The 124 forwarded ports. The argument must be ``yes'' or ``no''. The
125 default is M-bM-^@M-^\noM-bM-^@M-^]. 125 default is ``no''.
126 126
127 GSSAPIAuthentication 127 GSSAPIAuthentication
128 Specifies whether user authentication based on GSSAPI is allowed. 128 Specifies whether user authentication based on GSSAPI is allowed.
129 The default is M-bM-^@M-^\noM-bM-^@M-^]. Note that this option applies to protocol 129 The default is ``no''. Note that this option applies to protocol
130 version 2 only. 130 version 2 only.
131 131
132 GSSAPICleanupCredentials 132 GSSAPICleanupCredentials
133 Specifies whether to automatically destroy the userM-bM-^@M-^Ys credentials 133 Specifies whether to automatically destroy the user's credentials
134 cache on logout. The default is M-bM-^@M-^\yesM-bM-^@M-^]. Note that this option 134 cache on logout. The default is ``yes''. Note that this option
135 applies to protocol version 2 only. 135 applies to protocol version 2 only.
136 136
137 HostbasedAuthentication 137 HostbasedAuthentication
138 Specifies whether rhosts or /etc/hosts.equiv authentication 138 Specifies whether rhosts or /etc/hosts.equiv authentication to-
139 together with successful public key client host authentication is 139 gether with successful public key client host authentication is
140 allowed (hostbased authentication). This option is similar to 140 allowed (hostbased authentication). This option is similar to
141 RhostsRSAAuthentication and applies to protocol version 2 only. 141 RhostsRSAAuthentication and applies to protocol version 2 only.
142 The default is M-bM-^@M-^\noM-bM-^@M-^]. 142 The default is ``no''.
143 143
144 HostKey 144 HostKey
145 Specifies a file containing a private host key used by SSH. The 145 Specifies a file containing a private host key used by SSH. The
@@ -147,51 +147,36 @@ DESCRIPTION
147 /etc/ssh/ssh_host_rsa_key and /etc/ssh/ssh_host_dsa_key for pro- 147 /etc/ssh/ssh_host_rsa_key and /etc/ssh/ssh_host_dsa_key for pro-
148 tocol version 2. Note that sshd will refuse to use a file if it 148 tocol version 2. Note that sshd will refuse to use a file if it
149 is group/world-accessible. It is possible to have multiple host 149 is group/world-accessible. It is possible to have multiple host
150 key files. M-bM-^@M-^\rsa1M-bM-^@M-^] keys are used for version 1 and M-bM-^@M-^\dsaM-bM-^@M-^] or M-bM-^@M-^\rsaM-bM-^@M-^] 150 key files. ``rsa1'' keys are used for version 1 and ``dsa'' or
151 are used for version 2 of the SSH protocol. 151 ``rsa'' are used for version 2 of the SSH protocol.
152 152
153 IgnoreRhosts 153 IgnoreRhosts
154 Specifies that .rhosts and .shosts files will not be used in 154 Specifies that .rhosts and .shosts files will not be used in
155 RhostsRSAAuthentication or HostbasedAuthentication. 155 RhostsRSAAuthentication or HostbasedAuthentication.
156 156
157 /etc/hosts.equiv and /etc/shosts.equiv are still used. The 157 /etc/hosts.equiv and /etc/shosts.equiv are still used. The de-
158 default is M-bM-^@M-^\yesM-bM-^@M-^]. 158 fault is ``yes''.
159 159
160 IgnoreUserKnownHosts 160 IgnoreUserKnownHosts
161 Specifies whether sshd should ignore the userM-bM-^@M-^Ys 161 Specifies whether sshd should ignore the user's
162 $HOME/.ssh/known_hosts during RhostsRSAAuthentication or 162 $HOME/.ssh/known_hosts during RhostsRSAAuthentication or
163 HostbasedAuthentication. The default is M-bM-^@M-^\noM-bM-^@M-^]. 163 HostbasedAuthentication. The default is ``no''.
164
165 KeepAlive
166 Specifies whether the system should send TCP keepalive messages
167 to the other side. If they are sent, death of the connection or
168 crash of one of the machines will be properly noticed. However,
169 this means that connections will die if the route is down tem-
170 porarily, and some people find it annoying. On the other hand,
171 if keepalives are not sent, sessions may hang indefinitely on the
172 server, leaving M-bM-^@M-^\ghostM-bM-^@M-^] users and consuming server resources.
173
174 The default is M-bM-^@M-^\yesM-bM-^@M-^] (to send keepalives), and the server will
175 notice if the network goes down or the client host crashes. This
176 avoids infinitely hanging sessions.
177
178 To disable keepalives, the value should be set to M-bM-^@M-^\noM-bM-^@M-^].
179 164
180 KerberosAuthentication 165 KerberosAuthentication
181 Specifies whether the password provided by the user for 166 Specifies whether the password provided by the user for
182 PasswordAuthentication will be validated through the Kerberos 167 PasswordAuthentication will be validated through the Kerberos
183 KDC. To use this option, the server needs a Kerberos servtab 168 KDC. To use this option, the server needs a Kerberos servtab
184 which allows the verification of the KDCM-bM-^@M-^Ys identity. Default is 169 which allows the verification of the KDC's identity. Default is
185 M-bM-^@M-^\noM-bM-^@M-^]. 170 ``no''.
186 171
187 KerberosOrLocalPasswd 172 KerberosOrLocalPasswd
188 If set then if password authentication through Kerberos fails 173 If set then if password authentication through Kerberos fails
189 then the password will be validated via any additional local 174 then the password will be validated via any additional local
190 mechanism such as /etc/passwd. Default is M-bM-^@M-^\yesM-bM-^@M-^]. 175 mechanism such as /etc/passwd. Default is ``yes''.
191 176
192 KerberosTicketCleanup 177 KerberosTicketCleanup
193 Specifies whether to automatically destroy the userM-bM-^@M-^Ys ticket 178 Specifies whether to automatically destroy the user's ticket
194 cache file on logout. Default is M-bM-^@M-^\yesM-bM-^@M-^]. 179 cache file on logout. Default is ``yes''.
195 180
196 KeyRegenerationInterval 181 KeyRegenerationInterval
197 In protocol version 1, the ephemeral server key is automatically 182 In protocol version 1, the ephemeral server key is automatically
@@ -230,55 +215,55 @@ DESCRIPTION
230 215
231 MACs Specifies the available MAC (message authentication code) algo- 216 MACs Specifies the available MAC (message authentication code) algo-
232 rithms. The MAC algorithm is used in protocol version 2 for data 217 rithms. The MAC algorithm is used in protocol version 2 for data
233 integrity protection. Multiple algorithms must be comma-sepa- 218 integrity protection. Multiple algorithms must be comma-separat-
234 rated. The default is 219 ed. The default is ``hmac-md5,hmac-sha1,hmac-ripemd160,hmac-
235 M-bM-^@M-^\hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96M-bM-^@M-^]. 220 sha1-96,hmac-md5-96''.
236 221
237 MaxStartups 222 MaxStartups
238 Specifies the maximum number of concurrent unauthenticated con- 223 Specifies the maximum number of concurrent unauthenticated con-
239 nections to the sshd daemon. Additional connections will be 224 nections to the sshd daemon. Additional connections will be
240 dropped until authentication succeeds or the LoginGraceTime 225 dropped until authentication succeeds or the LoginGraceTime ex-
241 expires for a connection. The default is 10. 226 pires for a connection. The default is 10.
242 227
243 Alternatively, random early drop can be enabled by specifying the 228 Alternatively, random early drop can be enabled by specifying the
244 three colon separated values M-bM-^@M-^\start:rate:fullM-bM-^@M-^] (e.g., 229 three colon separated values ``start:rate:full'' (e.g.,
245 "10:30:60"). sshd will refuse connection attempts with a proba- 230 "10:30:60"). sshd will refuse connection attempts with a proba-
246 bility of M-bM-^@M-^\rate/100M-bM-^@M-^] (30%) if there are currently M-bM-^@M-^\startM-bM-^@M-^] (10) 231 bility of ``rate/100'' (30%) if there are currently ``start''
247 unauthenticated connections. The probability increases linearly 232 (10) unauthenticated connections. The probability increases lin-
248 and all connection attempts are refused if the number of unau- 233 early and all connection attempts are refused if the number of
249 thenticated connections reaches M-bM-^@M-^\fullM-bM-^@M-^] (60). 234 unauthenticated connections reaches ``full'' (60).
250 235
251 PasswordAuthentication 236 PasswordAuthentication
252 Specifies whether password authentication is allowed. The 237 Specifies whether password authentication is allowed. The de-
253 default is M-bM-^@M-^\yesM-bM-^@M-^]. 238 fault is ``yes''.
254 239
255 PermitEmptyPasswords 240 PermitEmptyPasswords
256 When password authentication is allowed, it specifies whether the 241 When password authentication is allowed, it specifies whether the
257 server allows login to accounts with empty password strings. The 242 server allows login to accounts with empty password strings. The
258 default is M-bM-^@M-^\noM-bM-^@M-^]. 243 default is ``no''.
259 244
260 PermitRootLogin 245 PermitRootLogin
261 Specifies whether root can login using ssh(1). The argument must 246 Specifies whether root can login using ssh(1). The argument must
262 be M-bM-^@M-^\yesM-bM-^@M-^], M-bM-^@M-^\without-passwordM-bM-^@M-^], M-bM-^@M-^\forced-commands-onlyM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. 247 be ``yes'', ``without-password'', ``forced-commands-only'' or
263 The default is M-bM-^@M-^\yesM-bM-^@M-^]. 248 ``no''. The default is ``yes''.
264 249
265 If this option is set to M-bM-^@M-^\without-passwordM-bM-^@M-^] password authentica- 250 If this option is set to ``without-password'' password authenti-
266 tion is disabled for root. 251 cation is disabled for root.
267 252
268 If this option is set to M-bM-^@M-^\forced-commands-onlyM-bM-^@M-^] root login with 253 If this option is set to ``forced-commands-only'' root login with
269 public key authentication will be allowed, but only if the 254 public key authentication will be allowed, but only if the
270 command option has been specified (which may be useful for taking 255 command option has been specified (which may be useful for taking
271 remote backups even if root login is normally not allowed). All 256 remote backups even if root login is normally not allowed). All
272 other authentication methods are disabled for root. 257 other authentication methods are disabled for root.
273 258
274 If this option is set to M-bM-^@M-^\noM-bM-^@M-^] root is not allowed to login. 259 If this option is set to ``no'' root is not allowed to login.
275 260
276 PermitUserEnvironment 261 PermitUserEnvironment
277 Specifies whether ~/.ssh/environment and environment= options in 262 Specifies whether ~/.ssh/environment and environment= options in
278 ~/.ssh/authorized_keys are processed by sshd. The default is 263 ~/.ssh/authorized_keys are processed by sshd. The default is
279 M-bM-^@M-^\noM-bM-^@M-^]. Enabling environment processing may enable users to bypass 264 ``no''. Enabling environment processing may enable users to by-
280 access restrictions in some configurations using mechanisms such 265 pass access restrictions in some configurations using mechanisms
281 as LD_PRELOAD. 266 such as LD_PRELOAD.
282 267
283 PidFile 268 PidFile
284 Specifies the file that contains the process ID of the sshd dae- 269 Specifies the file that contains the process ID of the sshd dae-
@@ -290,38 +275,36 @@ DESCRIPTION
290 275
291 PrintLastLog 276 PrintLastLog
292 Specifies whether sshd should print the date and time when the 277 Specifies whether sshd should print the date and time when the
293 user last logged in. The default is M-bM-^@M-^\yesM-bM-^@M-^]. 278 user last logged in. The default is ``yes''.
294 279
295 PrintMotd 280 PrintMotd
296 Specifies whether sshd should print /etc/motd when a user logs in 281 Specifies whether sshd should print /etc/motd when a user logs in
297 interactively. (On some systems it is also printed by the shell, 282 interactively. (On some systems it is also printed by the shell,
298 /etc/profile, or equivalent.) The default is M-bM-^@M-^\yesM-bM-^@M-^]. 283 /etc/profile, or equivalent.) The default is ``yes''.
299 284
300 Protocol 285 Protocol
301 Specifies the protocol versions sshd supports. The possible val- 286 Specifies the protocol versions sshd supports. The possible val-
302 ues are M-bM-^@M-^\1M-bM-^@M-^] and M-bM-^@M-^\2M-bM-^@M-^]. Multiple versions must be comma-separated. 287 ues are ``1'' and ``2''. Multiple versions must be comma-sepa-
303 The default is M-bM-^@M-^\2,1M-bM-^@M-^]. Note that the order of the protocol list 288 rated. The default is ``2,1''. Note that the order of the pro-
304 does not indicate preference, because the client selects among 289 tocol list does not indicate preference, because the client se-
305 multiple protocol versions offered by the server. Specifying 290 lects among multiple protocol versions offered by the server.
306 M-bM-^@M-^\2,1M-bM-^@M-^] is identical to M-bM-^@M-^\1,2M-bM-^@M-^]. 291 Specifying ``2,1'' is identical to ``1,2''.
307 292
308 PubkeyAuthentication 293 PubkeyAuthentication
309 Specifies whether public key authentication is allowed. The 294 Specifies whether public key authentication is allowed. The de-
310 default is M-bM-^@M-^\yesM-bM-^@M-^]. Note that this option applies to protocol ver- 295 fault is ``yes''. Note that this option applies to protocol ver-
311 sion 2 only. RhostsRSAAuthentication should be used instead, 296 sion 2 only.
312 because it performs RSA-based host authentication in addition to
313 normal rhosts or /etc/hosts.equiv authentication. The default is
314 M-bM-^@M-^\noM-bM-^@M-^]. This option applies to protocol version 1 only.
315 297
316 RhostsRSAAuthentication 298 RhostsRSAAuthentication
317 Specifies whether rhosts or /etc/hosts.equiv authentication 299 Specifies whether rhosts or /etc/hosts.equiv authentication to-
318 together with successful RSA host authentication is allowed. The 300 gether with successful RSA host authentication is allowed. The
319 default is M-bM-^@M-^\noM-bM-^@M-^]. This option applies to protocol version 1 only. 301 default is ``no''. This option applies to protocol version 1 on-
302 ly.
320 303
321 RSAAuthentication 304 RSAAuthentication
322 Specifies whether pure RSA authentication is allowed. The 305 Specifies whether pure RSA authentication is allowed. The de-
323 default is M-bM-^@M-^\yesM-bM-^@M-^]. This option applies to protocol version 1 306 fault is ``yes''. This option applies to protocol version 1 on-
324 only. 307 ly.
325 308
326 ServerKeyBits 309 ServerKeyBits
327 Defines the number of bits in the ephemeral protocol version 1 310 Defines the number of bits in the ephemeral protocol version 1
@@ -329,72 +312,89 @@ DESCRIPTION
329 312
330 StrictModes 313 StrictModes
331 Specifies whether sshd should check file modes and ownership of 314 Specifies whether sshd should check file modes and ownership of
332 the userM-bM-^@M-^Ys files and home directory before accepting login. This 315 the user's files and home directory before accepting login. This
333 is normally desirable because novices sometimes accidentally 316 is normally desirable because novices sometimes accidentally
334 leave their directory or files world-writable. The default is 317 leave their directory or files world-writable. The default is
335 M-bM-^@M-^\yesM-bM-^@M-^]. 318 ``yes''.
336 319
337 Subsystem 320 Subsystem
338 Configures an external subsystem (e.g., file transfer daemon). 321 Configures an external subsystem (e.g., file transfer daemon).
339 Arguments should be a subsystem name and a command to execute 322 Arguments should be a subsystem name and a command to execute up-
340 upon subsystem request. The command sftp-server(8) implements 323 on subsystem request. The command sftp-server(8) implements the
341 the M-bM-^@M-^\sftpM-bM-^@M-^] file transfer subsystem. By default no subsystems are 324 ``sftp'' file transfer subsystem. By default no subsystems are
342 defined. Note that this option applies to protocol version 2 325 defined. Note that this option applies to protocol version 2 on-
343 only. 326 ly.
344 327
345 SyslogFacility 328 SyslogFacility
346 Gives the facility code that is used when logging messages from 329 Gives the facility code that is used when logging messages from
347 sshd. The possible values are: DAEMON, USER, AUTH, LOCAL0, 330 sshd. The possible values are: DAEMON, USER, AUTH, LOCAL0, LO-
348 LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The 331 CAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The de-
349 default is AUTH. 332 fault is AUTH.
333
334 TCPKeepAlive
335 Specifies whether the system should send TCP keepalive messages
336 to the other side. If they are sent, death of the connection or
337 crash of one of the machines will be properly noticed. However,
338 this means that connections will die if the route is down tem-
339 porarily, and some people find it annoying. On the other hand,
340 if TCP keepalives are not sent, sessions may hang indefinitely on
341 the server, leaving ``ghost'' users and consuming server re-
342 sources.
343
344 The default is ``yes'' (to send TCP keepalive messages), and the
345 server will notice if the network goes down or the client host
346 crashes. This avoids infinitely hanging sessions.
347
348 To disable TCP keepalive messages, the value should be set to
349 ``no''.
350 350
351 UseDNS Specifies whether sshd should lookup the remote host name and 351 UseDNS Specifies whether sshd should lookup the remote host name and
352 check that the resolved host name for the remote IP address maps 352 check that the resolved host name for the remote IP address maps
353 back to the very same IP address. The default is M-bM-^@M-^\yesM-bM-^@M-^]. 353 back to the very same IP address. The default is ``yes''.
354 354
355 UseLogin 355 UseLogin
356 Specifies whether login(1) is used for interactive login ses- 356 Specifies whether login(1) is used for interactive login ses-
357 sions. The default is M-bM-^@M-^\noM-bM-^@M-^]. Note that login(1) is never used 357 sions. The default is ``no''. Note that login(1) is never used
358 for remote command execution. Note also, that if this is 358 for remote command execution. Note also, that if this is en-
359 enabled, X11Forwarding will be disabled because login(1) does not 359 abled, X11Forwarding will be disabled because login(1) does not
360 know how to handle xauth(1) cookies. If UsePrivilegeSeparation 360 know how to handle xauth(1) cookies. If UsePrivilegeSeparation
361 is specified, it will be disabled after authentication. 361 is specified, it will be disabled after authentication.
362 362
363 UsePAM Enables PAM authentication (via challenge-response) and session 363 UsePAM Enables PAM authentication (via challenge-response) and session
364 set up. If you enable this, you should probably disable 364 set up. If you enable this, you should probably disable
365 PasswordAuthentication. If you enable then you will not be able 365 PasswordAuthentication. If you enable then you will not be able
366 to run sshd as a non-root user. 366 to run sshd as a non-root user. The default is ``no''.
367 367
368 UsePrivilegeSeparation 368 UsePrivilegeSeparation
369 Specifies whether sshd separates privileges by creating an 369 Specifies whether sshd separates privileges by creating an un-
370 unprivileged child process to deal with incoming network traffic. 370 privileged child process to deal with incoming network traffic.
371 After successful authentication, another process will be created 371 After successful authentication, another process will be created
372 that has the privilege of the authenticated user. The goal of 372 that has the privilege of the authenticated user. The goal of
373 privilege separation is to prevent privilege escalation by con- 373 privilege separation is to prevent privilege escalation by con-
374 taining any corruption within the unprivileged processes. The 374 taining any corruption within the unprivileged processes. The
375 default is M-bM-^@M-^\yesM-bM-^@M-^]. 375 default is ``yes''.
376 376
377 X11DisplayOffset 377 X11DisplayOffset
378 Specifies the first display number available for sshdM-bM-^@M-^Ys X11 for- 378 Specifies the first display number available for sshd's X11 for-
379 warding. This prevents sshd from interfering with real X11 379 warding. This prevents sshd from interfering with real X11
380 servers. The default is 10. 380 servers. The default is 10.
381 381
382 X11Forwarding 382 X11Forwarding
383 Specifies whether X11 forwarding is permitted. The argument must 383 Specifies whether X11 forwarding is permitted. The argument must
384 be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. 384 be ``yes'' or ``no''. The default is ``no''.
385 385
386 When X11 forwarding is enabled, there may be additional exposure 386 When X11 forwarding is enabled, there may be additional exposure
387 to the server and to client displays if the sshd proxy display is 387 to the server and to client displays if the sshd proxy display is
388 configured to listen on the wildcard address (see X11UseLocalhost 388 configured to listen on the wildcard address (see X11UseLocalhost
389 below), however this is not the default. Additionally, the 389 below), however this is not the default. Additionally, the au-
390 authentication spoofing and authentication data verification and 390 thentication spoofing and authentication data verification and
391 substitution occur on the client side. The security risk of 391 substitution occur on the client side. The security risk of us-
392 using X11 forwarding is that the clientM-bM-^@M-^Ys X11 display server may 392 ing X11 forwarding is that the client's X11 display server may be
393 be exposed to attack when the ssh client requests forwarding (see 393 exposed to attack when the ssh client requests forwarding (see
394 the warnings for ForwardX11 in ssh_config(5)). A system adminis- 394 the warnings for ForwardX11 in ssh_config(5)). A system adminis-
395 trator may have a stance in which they want to protect clients 395 trator may have a stance in which they want to protect clients
396 that may expose themselves to attack by unwittingly requesting 396 that may expose themselves to attack by unwittingly requesting
397 X11 forwarding, which can warrant a M-bM-^@M-^\noM-bM-^@M-^] setting. 397 X11 forwarding, which can warrant a ``no'' setting.
398 398
399 Note that disabling X11 forwarding does not prevent users from 399 Note that disabling X11 forwarding does not prevent users from
400 forwarding X11 traffic, as users can always install their own 400 forwarding X11 traffic, as users can always install their own
@@ -406,12 +406,12 @@ DESCRIPTION
406 the loopback address or to the wildcard address. By default, 406 the loopback address or to the wildcard address. By default,
407 sshd binds the forwarding server to the loopback address and sets 407 sshd binds the forwarding server to the loopback address and sets
408 the hostname part of the DISPLAY environment variable to 408 the hostname part of the DISPLAY environment variable to
409 M-bM-^@M-^\localhostM-bM-^@M-^]. This prevents remote hosts from connecting to the 409 ``localhost''. This prevents remote hosts from connecting to the
410 proxy display. However, some older X11 clients may not function 410 proxy display. However, some older X11 clients may not function
411 with this configuration. X11UseLocalhost may be set to M-bM-^@M-^\noM-bM-^@M-^] to 411 with this configuration. X11UseLocalhost may be set to ``no'' to
412 specify that the forwarding server should be bound to the wild- 412 specify that the forwarding server should be bound to the wild-
413 card address. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default 413 card address. The argument must be ``yes'' or ``no''. The de-
414 is M-bM-^@M-^\yesM-bM-^@M-^]. 414 fault is ``yes''.
415 415
416 XAuthLocation 416 XAuthLocation
417 Specifies the full pathname of the xauth(1) program. The default 417 Specifies the full pathname of the xauth(1) program. The default
@@ -456,4 +456,4 @@ AUTHORS
456 versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support 456 versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support
457 for privilege separation. 457 for privilege separation.
458 458
459BSD September 25, 1999 BSD 459OpenBSD 3.4 September 25, 1999 7
diff --git a/sshd_config.5 b/sshd_config.5
index 727fdb12a..41228248c 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -34,7 +34,7 @@
34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36.\" 36.\"
37.\" $OpenBSD: sshd_config.5,v 1.25 2003/09/01 09:50:04 markus Exp $ 37.\" $OpenBSD: sshd_config.5,v 1.28 2004/02/17 19:35:21 jmc Exp $
38.Dd September 25, 1999 38.Dd September 25, 1999
39.Dt SSHD_CONFIG 5 39.Dt SSHD_CONFIG 5
40.Os 40.Os
@@ -156,12 +156,12 @@ If this threshold is reached while client alive messages are being sent,
156will disconnect the client, terminating the session. 156will disconnect the client, terminating the session.
157It is important to note that the use of client alive messages is very 157It is important to note that the use of client alive messages is very
158different from 158different from
159.Cm KeepAlive 159.Cm TCPKeepAlive
160(below). 160(below).
161The client alive messages are sent through the encrypted channel 161The client alive messages are sent through the encrypted channel
162and therefore will not be spoofable. 162and therefore will not be spoofable.
163The TCP keepalive option enabled by 163The TCP keepalive option enabled by
164.Cm KeepAlive 164.Cm TCPKeepAlive
165is spoofable. 165is spoofable.
166The client alive mechanism is valuable when the client or 166The client alive mechanism is valuable when the client or
167server depend on knowing when a connection has become inactive. 167server depend on knowing when a connection has become inactive.
@@ -227,7 +227,7 @@ The default is
227.Dq no . 227.Dq no .
228.It Cm GSSAPIAuthentication 228.It Cm GSSAPIAuthentication
229Specifies whether user authentication based on GSSAPI is allowed. 229Specifies whether user authentication based on GSSAPI is allowed.
230The default is 230The default is
231.Dq no . 231.Dq no .
232Note that this option applies to protocol version 2 only. 232Note that this option applies to protocol version 2 only.
233.It Cm GSSAPICleanupCredentials 233.It Cm GSSAPICleanupCredentials
@@ -292,27 +292,6 @@ or
292.Cm HostbasedAuthentication . 292.Cm HostbasedAuthentication .
293The default is 293The default is
294.Dq no . 294.Dq no .
295.It Cm KeepAlive
296Specifies whether the system should send TCP keepalive messages to the
297other side.
298If they are sent, death of the connection or crash of one
299of the machines will be properly noticed.
300However, this means that
301connections will die if the route is down temporarily, and some people
302find it annoying.
303On the other hand, if keepalives are not sent,
304sessions may hang indefinitely on the server, leaving
305.Dq ghost
306users and consuming server resources.
307.Pp
308The default is
309.Dq yes
310(to send keepalives), and the server will notice
311if the network goes down or the client host crashes.
312This avoids infinitely hanging sessions.
313.Pp
314To disable keepalives, the value should be set to
315.Dq no .
316.It Cm KerberosAuthentication 295.It Cm KerberosAuthentication
317Specifies whether the password provided by the user for 296Specifies whether the password provided by the user for
318.Cm PasswordAuthentication 297.Cm PasswordAuthentication
@@ -533,13 +512,6 @@ Specifies whether public key authentication is allowed.
533The default is 512The default is
534.Dq yes . 513.Dq yes .
535Note that this option applies to protocol version 2 only. 514Note that this option applies to protocol version 2 only.
536.Cm RhostsRSAAuthentication
537should be used
538instead, because it performs RSA-based host authentication in addition
539to normal rhosts or /etc/hosts.equiv authentication.
540The default is
541.Dq no .
542This option applies to protocol version 1 only.
543.It Cm RhostsRSAAuthentication 515.It Cm RhostsRSAAuthentication
544Specifies whether rhosts or /etc/hosts.equiv authentication together 516Specifies whether rhosts or /etc/hosts.equiv authentication together
545with successful RSA host authentication is allowed. 517with successful RSA host authentication is allowed.
@@ -580,6 +552,27 @@ Gives the facility code that is used when logging messages from
580The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, 552The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2,
581LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. 553LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7.
582The default is AUTH. 554The default is AUTH.
555.It Cm TCPKeepAlive
556Specifies whether the system should send TCP keepalive messages to the
557other side.
558If they are sent, death of the connection or crash of one
559of the machines will be properly noticed.
560However, this means that
561connections will die if the route is down temporarily, and some people
562find it annoying.
563On the other hand, if TCP keepalives are not sent,
564sessions may hang indefinitely on the server, leaving
565.Dq ghost
566users and consuming server resources.
567.Pp
568The default is
569.Dq yes
570(to send TCP keepalive messages), and the server will notice
571if the network goes down or the client host crashes.
572This avoids infinitely hanging sessions.
573.Pp
574To disable TCP keepalive messages, the value should be set to
575.Dq no .
583.It Cm UseDNS 576.It Cm UseDNS
584Specifies whether 577Specifies whether
585.Nm sshd 578.Nm sshd
@@ -608,12 +601,13 @@ If
608.Cm UsePrivilegeSeparation 601.Cm UsePrivilegeSeparation
609is specified, it will be disabled after authentication. 602is specified, it will be disabled after authentication.
610.It Cm UsePAM 603.It Cm UsePAM
611Enables PAM authentication (via challenge-response) and session set up. 604Enables PAM authentication (via challenge-response) and session set up.
612If you enable this, you should probably disable 605If you enable this, you should probably disable
613.Cm PasswordAuthentication . 606.Cm PasswordAuthentication .
614If you enable 607If you enable
615.CM UsePAM 608.CM UsePAM
616then you will not be able to run sshd as a non-root user. 609then you will not be able to run sshd as a non-root user. The default is
610.Dq no .
617.It Cm UsePrivilegeSeparation 611.It Cm UsePrivilegeSeparation
618Specifies whether 612Specifies whether
619.Nm sshd 613.Nm sshd
diff --git a/sshpty.c b/sshpty.c
index 4747ceaf4..0fe3891b6 100644
--- a/sshpty.c
+++ b/sshpty.c
@@ -12,7 +12,7 @@
12 */ 12 */
13 13
14#include "includes.h" 14#include "includes.h"
15RCSID("$OpenBSD: sshpty.c,v 1.10 2003/06/12 07:57:38 markus Exp $"); 15RCSID("$OpenBSD: sshpty.c,v 1.11 2004/01/11 21:55:06 deraadt Exp $");
16 16
17#ifdef HAVE_UTIL_H 17#ifdef HAVE_UTIL_H
18# include <util.h> 18# include <util.h>
@@ -22,17 +22,9 @@ RCSID("$OpenBSD: sshpty.c,v 1.10 2003/06/12 07:57:38 markus Exp $");
22#include "log.h" 22#include "log.h"
23#include "misc.h" 23#include "misc.h"
24 24
25/* Pty allocated with _getpty gets broken if we do I_PUSH:es to it. */
26#if defined(HAVE__GETPTY) || defined(HAVE_OPENPTY)
27#undef HAVE_DEV_PTMX
28#endif
29
30#ifdef HAVE_PTY_H 25#ifdef HAVE_PTY_H
31# include <pty.h> 26# include <pty.h>
32#endif 27#endif
33#if defined(HAVE_DEV_PTMX) && defined(HAVE_SYS_STROPTS_H)
34# include <sys/stropts.h>
35#endif
36 28
37#ifndef O_NOCTTY 29#ifndef O_NOCTTY
38#define O_NOCTTY 0 30#define O_NOCTTY 0
@@ -48,7 +40,6 @@ RCSID("$OpenBSD: sshpty.c,v 1.10 2003/06/12 07:57:38 markus Exp $");
48int 40int
49pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) 41pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen)
50{ 42{
51#if defined(HAVE_OPENPTY) || defined(BSD4_4)
52 /* openpty(3) exists in OSF/1 and some other os'es */ 43 /* openpty(3) exists in OSF/1 and some other os'es */
53 char *name; 44 char *name;
54 int i; 45 int i;
@@ -64,187 +55,6 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen)
64 55
65 strlcpy(namebuf, name, namebuflen); /* possible truncation */ 56 strlcpy(namebuf, name, namebuflen); /* possible truncation */
66 return 1; 57 return 1;
67#else /* HAVE_OPENPTY */
68#ifdef HAVE__GETPTY
69 /*
70 * _getpty(3) exists in SGI Irix 4.x, 5.x & 6.x -- it generates more
71 * pty's automagically when needed
72 */
73 char *slave;
74
75 slave = _getpty(ptyfd, O_RDWR, 0622, 0);
76 if (slave == NULL) {
77 error("_getpty: %.100s", strerror(errno));
78 return 0;
79 }
80 strlcpy(namebuf, slave, namebuflen);
81 /* Open the slave side. */
82 *ttyfd = open(namebuf, O_RDWR | O_NOCTTY);
83 if (*ttyfd < 0) {
84 error("%.200s: %.100s", namebuf, strerror(errno));
85 close(*ptyfd);
86 return 0;
87 }
88 return 1;
89#else /* HAVE__GETPTY */
90#if defined(HAVE_DEV_PTMX)
91 /*
92 * This code is used e.g. on Solaris 2.x. (Note that Solaris 2.3
93 * also has bsd-style ptys, but they simply do not work.)
94 */
95 int ptm;
96 char *pts;
97 mysig_t old_signal;
98
99 ptm = open("/dev/ptmx", O_RDWR | O_NOCTTY);
100 if (ptm < 0) {
101 error("/dev/ptmx: %.100s", strerror(errno));
102 return 0;
103 }
104 old_signal = signal(SIGCHLD, SIG_DFL);
105 if (grantpt(ptm) < 0) {
106 error("grantpt: %.100s", strerror(errno));
107 return 0;
108 }
109 signal(SIGCHLD, old_signal);
110 if (unlockpt(ptm) < 0) {
111 error("unlockpt: %.100s", strerror(errno));
112 return 0;
113 }
114 pts = ptsname(ptm);
115 if (pts == NULL)
116 error("Slave pty side name could not be obtained.");
117 strlcpy(namebuf, pts, namebuflen);
118 *ptyfd = ptm;
119
120 /* Open the slave side. */
121 *ttyfd = open(namebuf, O_RDWR | O_NOCTTY);
122 if (*ttyfd < 0) {
123 error("%.100s: %.100s", namebuf, strerror(errno));
124 close(*ptyfd);
125 return 0;
126 }
127#ifndef HAVE_CYGWIN
128 /*
129 * Push the appropriate streams modules, as described in Solaris pts(7).
130 * HP-UX pts(7) doesn't have ttcompat module.
131 */
132 if (ioctl(*ttyfd, I_PUSH, "ptem") < 0)
133 error("ioctl I_PUSH ptem: %.100s", strerror(errno));
134 if (ioctl(*ttyfd, I_PUSH, "ldterm") < 0)
135 error("ioctl I_PUSH ldterm: %.100s", strerror(errno));
136#ifndef __hpux
137 if (ioctl(*ttyfd, I_PUSH, "ttcompat") < 0)
138 error("ioctl I_PUSH ttcompat: %.100s", strerror(errno));
139#endif
140#endif
141 return 1;
142#else /* HAVE_DEV_PTMX */
143#ifdef HAVE_DEV_PTS_AND_PTC
144 /* AIX-style pty code. */
145 const char *name;
146
147 *ptyfd = open("/dev/ptc", O_RDWR | O_NOCTTY);
148 if (*ptyfd < 0) {
149 error("Could not open /dev/ptc: %.100s", strerror(errno));
150 return 0;
151 }
152 name = ttyname(*ptyfd);
153 if (!name)
154 fatal("Open of /dev/ptc returns device for which ttyname fails.");
155 strlcpy(namebuf, name, namebuflen);
156 *ttyfd = open(name, O_RDWR | O_NOCTTY);
157 if (*ttyfd < 0) {
158 error("Could not open pty slave side %.100s: %.100s",
159 name, strerror(errno));
160 close(*ptyfd);
161 return 0;
162 }
163 return 1;
164#else /* HAVE_DEV_PTS_AND_PTC */
165#ifdef _UNICOS
166 char buf[64];
167 int i;
168 int highpty;
169
170#ifdef _SC_CRAY_NPTY
171 highpty = sysconf(_SC_CRAY_NPTY);
172 if (highpty == -1)
173 highpty = 128;
174#else
175 highpty = 128;
176#endif
177
178 for (i = 0; i < highpty; i++) {
179 snprintf(buf, sizeof(buf), "/dev/pty/%03d", i);
180 *ptyfd = open(buf, O_RDWR|O_NOCTTY);
181 if (*ptyfd < 0)
182 continue;
183 snprintf(namebuf, namebuflen, "/dev/ttyp%03d", i);
184 /* Open the slave side. */
185 *ttyfd = open(namebuf, O_RDWR|O_NOCTTY);
186 if (*ttyfd < 0) {
187 error("%.100s: %.100s", namebuf, strerror(errno));
188 close(*ptyfd);
189 return 0;
190 }
191 return 1;
192 }
193 return 0;
194#else
195 /* BSD-style pty code. */
196 char buf[64];
197 int i;
198 const char *ptymajors = "pqrstuvwxyzabcdefghijklmnoABCDEFGHIJKLMNOPQRSTUVWXYZ";
199 const char *ptyminors = "0123456789abcdef";
200 int num_minors = strlen(ptyminors);
201 int num_ptys = strlen(ptymajors) * num_minors;
202 struct termios tio;
203
204 for (i = 0; i < num_ptys; i++) {
205 snprintf(buf, sizeof buf, "/dev/pty%c%c", ptymajors[i / num_minors],
206 ptyminors[i % num_minors]);
207 snprintf(namebuf, namebuflen, "/dev/tty%c%c",
208 ptymajors[i / num_minors], ptyminors[i % num_minors]);
209
210 *ptyfd = open(buf, O_RDWR | O_NOCTTY);
211 if (*ptyfd < 0) {
212 /* Try SCO style naming */
213 snprintf(buf, sizeof buf, "/dev/ptyp%d", i);
214 snprintf(namebuf, namebuflen, "/dev/ttyp%d", i);
215 *ptyfd = open(buf, O_RDWR | O_NOCTTY);
216 if (*ptyfd < 0)
217 continue;
218 }
219
220 /* Open the slave side. */
221 *ttyfd = open(namebuf, O_RDWR | O_NOCTTY);
222 if (*ttyfd < 0) {
223 error("%.100s: %.100s", namebuf, strerror(errno));
224 close(*ptyfd);
225 return 0;
226 }
227 /* set tty modes to a sane state for broken clients */
228 if (tcgetattr(*ptyfd, &tio) < 0)
229 logit("Getting tty modes for pty failed: %.100s", strerror(errno));
230 else {
231 tio.c_lflag |= (ECHO | ISIG | ICANON);
232 tio.c_oflag |= (OPOST | ONLCR);
233 tio.c_iflag |= ICRNL;
234
235 /* Set the new modes for the terminal. */
236 if (tcsetattr(*ptyfd, TCSANOW, &tio) < 0)
237 logit("Setting tty modes for pty failed: %.100s", strerror(errno));
238 }
239
240 return 1;
241 }
242 return 0;
243#endif /* CRAY */
244#endif /* HAVE_DEV_PTS_AND_PTC */
245#endif /* HAVE_DEV_PTMX */
246#endif /* HAVE__GETPTY */
247#endif /* HAVE_OPENPTY */
248} 58}
249 59
250/* Releases the tty. Its ownership is returned to root, and permissions to 0666. */ 60/* Releases the tty. Its ownership is returned to root, and permissions to 0666. */
@@ -343,7 +153,7 @@ pty_make_controlling_tty(int *ttyfd, const char *ttyname)
343 if (fd < 0) 153 if (fd < 0)
344 error("open /dev/tty failed - could not set controlling tty: %.100s", 154 error("open /dev/tty failed - could not set controlling tty: %.100s",
345 strerror(errno)); 155 strerror(errno));
346 else 156 else
347 close(fd); 157 close(fd);
348#endif /* _UNICOS */ 158#endif /* _UNICOS */
349} 159}
diff --git a/sshtty.c b/sshtty.c
index 2f47b06d1..4fb2d3dae 100644
--- a/sshtty.c
+++ b/sshtty.c
@@ -35,7 +35,7 @@
35 */ 35 */
36 36
37#include "includes.h" 37#include "includes.h"
38RCSID("$OpenBSD: sshtty.c,v 1.4 2003/07/16 10:36:28 markus Exp $"); 38RCSID("$OpenBSD: sshtty.c,v 1.5 2003/09/19 17:43:35 markus Exp $");
39 39
40#include "sshtty.h" 40#include "sshtty.h"
41#include "log.h" 41#include "log.h"
@@ -43,12 +43,6 @@ RCSID("$OpenBSD: sshtty.c,v 1.4 2003/07/16 10:36:28 markus Exp $");
43static struct termios _saved_tio; 43static struct termios _saved_tio;
44static int _in_raw_mode = 0; 44static int _in_raw_mode = 0;
45 45
46int
47in_raw_mode(void)
48{
49 return _in_raw_mode;
50}
51
52struct termios 46struct termios
53get_saved_tio(void) 47get_saved_tio(void)
54{ 48{
@@ -64,8 +58,6 @@ leave_raw_mode(void)
64 perror("tcsetattr"); 58 perror("tcsetattr");
65 else 59 else
66 _in_raw_mode = 0; 60 _in_raw_mode = 0;
67
68 fatal_remove_cleanup((void (*) (void *)) leave_raw_mode, NULL);
69} 61}
70 62
71void 63void
@@ -94,6 +86,4 @@ enter_raw_mode(void)
94 perror("tcsetattr"); 86 perror("tcsetattr");
95 else 87 else
96 _in_raw_mode = 1; 88 _in_raw_mode = 1;
97
98 fatal_add_cleanup((void (*) (void *)) leave_raw_mode, NULL);
99} 89}
diff --git a/sshtty.h b/sshtty.h
index 7ba4a2627..723b27846 100644
--- a/sshtty.h
+++ b/sshtty.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshtty.h,v 1.2 2001/06/26 17:27:25 markus Exp $ */ 1/* $OpenBSD: sshtty.h,v 1.3 2003/09/19 17:43:35 markus Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -40,7 +40,6 @@
40 40
41#include <termios.h> 41#include <termios.h>
42 42
43int in_raw_mode(void);
44struct termios get_saved_tio(void); 43struct termios get_saved_tio(void);
45void leave_raw_mode(void); 44void leave_raw_mode(void);
46void enter_raw_mode(void); 45void enter_raw_mode(void);
diff --git a/stamp-h.in b/stamp-h.in
new file mode 100644
index 000000000..e69de29bb
--- /dev/null
+++ b/stamp-h.in
diff --git a/uidswap.c b/uidswap.c
index 3f13f9bf4..44c4cb626 100644
--- a/uidswap.c
+++ b/uidswap.c
@@ -16,6 +16,7 @@ RCSID("$OpenBSD: uidswap.c,v 1.24 2003/05/29 16:58:45 deraadt Exp $");
16 16
17#include "log.h" 17#include "log.h"
18#include "uidswap.h" 18#include "uidswap.h"
19#include "xmalloc.h"
19 20
20/* 21/*
21 * Note: all these functions must work in all of the following cases: 22 * Note: all these functions must work in all of the following cases:
@@ -38,7 +39,7 @@ static gid_t saved_egid = 0;
38/* Saved effective uid. */ 39/* Saved effective uid. */
39static int privileged = 0; 40static int privileged = 0;
40static int temporarily_use_uid_effective = 0; 41static int temporarily_use_uid_effective = 0;
41static gid_t saved_egroups[NGROUPS_MAX], user_groups[NGROUPS_MAX]; 42static gid_t *saved_egroups = NULL, *user_groups = NULL;
42static int saved_egroupslen = -1, user_groupslen = -1; 43static int saved_egroupslen = -1, user_groupslen = -1;
43 44
44/* 45/*
@@ -68,18 +69,38 @@ temporarily_use_uid(struct passwd *pw)
68 69
69 privileged = 1; 70 privileged = 1;
70 temporarily_use_uid_effective = 1; 71 temporarily_use_uid_effective = 1;
71 saved_egroupslen = getgroups(NGROUPS_MAX, saved_egroups); 72
73 saved_egroupslen = getgroups(0, NULL);
72 if (saved_egroupslen < 0) 74 if (saved_egroupslen < 0)
73 fatal("getgroups: %.100s", strerror(errno)); 75 fatal("getgroups: %.100s", strerror(errno));
76 if (saved_egroupslen > 0) {
77 saved_egroups = xrealloc(saved_egroups,
78 saved_egroupslen * sizeof(gid_t));
79 if (getgroups(saved_egroupslen, saved_egroups) < 0)
80 fatal("getgroups: %.100s", strerror(errno));
81 } else { /* saved_egroupslen == 0 */
82 if (saved_egroups != NULL)
83 xfree(saved_egroups);
84 }
74 85
75 /* set and save the user's groups */ 86 /* set and save the user's groups */
76 if (user_groupslen == -1) { 87 if (user_groupslen == -1) {
77 if (initgroups(pw->pw_name, pw->pw_gid) < 0) 88 if (initgroups(pw->pw_name, pw->pw_gid) < 0)
78 fatal("initgroups: %s: %.100s", pw->pw_name, 89 fatal("initgroups: %s: %.100s", pw->pw_name,
79 strerror(errno)); 90 strerror(errno));
80 user_groupslen = getgroups(NGROUPS_MAX, user_groups); 91
92 user_groupslen = getgroups(0, NULL);
81 if (user_groupslen < 0) 93 if (user_groupslen < 0)
82 fatal("getgroups: %.100s", strerror(errno)); 94 fatal("getgroups: %.100s", strerror(errno));
95 if (user_groupslen > 0) {
96 user_groups = xrealloc(user_groups,
97 user_groupslen * sizeof(gid_t));
98 if (getgroups(user_groupslen, user_groups) < 0)
99 fatal("getgroups: %.100s", strerror(errno));
100 } else { /* user_groupslen == 0 */
101 if (user_groups)
102 xfree(user_groups);
103 }
83 } 104 }
84 /* Set the effective uid to the given (unprivileged) uid. */ 105 /* Set the effective uid to the given (unprivileged) uid. */
85 if (setgroups(user_groupslen, user_groups) < 0) 106 if (setgroups(user_groupslen, user_groups) < 0)
@@ -151,7 +172,7 @@ permanently_set_uid(struct passwd *pw)
151 debug("permanently_set_uid: %u/%u", (u_int)pw->pw_uid, 172 debug("permanently_set_uid: %u/%u", (u_int)pw->pw_uid,
152 (u_int)pw->pw_gid); 173 (u_int)pw->pw_gid);
153 174
154#if defined(HAVE_SETRESGID) 175#if defined(HAVE_SETRESGID) && !defined(BROKEN_SETRESGID)
155 if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) < 0) 176 if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) < 0)
156 fatal("setresgid %u: %.100s", (u_int)pw->pw_gid, strerror(errno)); 177 fatal("setresgid %u: %.100s", (u_int)pw->pw_gid, strerror(errno));
157#elif defined(HAVE_SETREGID) && !defined(BROKEN_SETREGID) 178#elif defined(HAVE_SETREGID) && !defined(BROKEN_SETREGID)
@@ -164,7 +185,7 @@ permanently_set_uid(struct passwd *pw)
164 fatal("setgid %u: %.100s", (u_int)pw->pw_gid, strerror(errno)); 185 fatal("setgid %u: %.100s", (u_int)pw->pw_gid, strerror(errno));
165#endif 186#endif
166 187
167#if defined(HAVE_SETRESUID) 188#if defined(HAVE_SETRESUID) && !defined(BROKEN_SETRESUID)
168 if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) < 0) 189 if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) < 0)
169 fatal("setresuid %u: %.100s", (u_int)pw->pw_uid, strerror(errno)); 190 fatal("setresuid %u: %.100s", (u_int)pw->pw_uid, strerror(errno));
170#elif defined(HAVE_SETREUID) && !defined(BROKEN_SETREUID) 191#elif defined(HAVE_SETREUID) && !defined(BROKEN_SETREUID)
@@ -180,26 +201,28 @@ permanently_set_uid(struct passwd *pw)
180#endif 201#endif
181 202
182 /* Try restoration of GID if changed (test clearing of saved gid) */ 203 /* Try restoration of GID if changed (test clearing of saved gid) */
183 if (old_gid != pw->pw_gid && 204 if (old_gid != pw->pw_gid &&
184 (setgid(old_gid) != -1 || setegid(old_gid) != -1)) 205 (setgid(old_gid) != -1 || setegid(old_gid) != -1))
185 fatal("%s: was able to restore old [e]gid", __func__); 206 fatal("%s: was able to restore old [e]gid", __func__);
186 207
187 /* Verify GID drop was successful */ 208 /* Verify GID drop was successful */
188 if (getgid() != pw->pw_gid || getegid() != pw->pw_gid) { 209 if (getgid() != pw->pw_gid || getegid() != pw->pw_gid) {
189 fatal("%s: egid incorrect gid:%u egid:%u (should be %u)", 210 fatal("%s: egid incorrect gid:%u egid:%u (should be %u)",
190 __func__, (u_int)getgid(), (u_int)getegid(), 211 __func__, (u_int)getgid(), (u_int)getegid(),
191 (u_int)pw->pw_gid); 212 (u_int)pw->pw_gid);
192 } 213 }
193 214
215#ifndef HAVE_CYGWIN
194 /* Try restoration of UID if changed (test clearing of saved uid) */ 216 /* Try restoration of UID if changed (test clearing of saved uid) */
195 if (old_uid != pw->pw_uid && 217 if (old_uid != pw->pw_uid &&
196 (setuid(old_uid) != -1 || seteuid(old_uid) != -1)) 218 (setuid(old_uid) != -1 || seteuid(old_uid) != -1))
197 fatal("%s: was able to restore old [e]uid", __func__); 219 fatal("%s: was able to restore old [e]uid", __func__);
220#endif
198 221
199 /* Verify UID drop was successful */ 222 /* Verify UID drop was successful */
200 if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid) { 223 if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid) {
201 fatal("%s: euid incorrect uid:%u euid:%u (should be %u)", 224 fatal("%s: euid incorrect uid:%u euid:%u (should be %u)",
202 __func__, (u_int)getuid(), (u_int)geteuid(), 225 __func__, (u_int)getuid(), (u_int)geteuid(),
203 (u_int)pw->pw_uid); 226 (u_int)pw->pw_uid);
204 } 227 }
205} 228}
diff --git a/uuencode.c b/uuencode.c
index 21eaf4d3f..0a7c8d16a 100644
--- a/uuencode.c
+++ b/uuencode.c
@@ -23,13 +23,13 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: uuencode.c,v 1.16 2002/09/09 14:54:15 markus Exp $"); 26RCSID("$OpenBSD: uuencode.c,v 1.17 2003/11/10 16:23:41 jakob Exp $");
27 27
28#include "xmalloc.h" 28#include "xmalloc.h"
29#include "uuencode.h" 29#include "uuencode.h"
30 30
31int 31int
32uuencode(u_char *src, u_int srclength, 32uuencode(const u_char *src, u_int srclength,
33 char *target, size_t targsize) 33 char *target, size_t targsize)
34{ 34{
35 return __b64_ntop(src, srclength, target, targsize); 35 return __b64_ntop(src, srclength, target, targsize);
diff --git a/uuencode.h b/uuencode.h
index 682b623ac..08e87c4bc 100644
--- a/uuencode.h
+++ b/uuencode.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: uuencode.h,v 1.9 2002/02/25 16:33:27 markus Exp $ */ 1/* $OpenBSD: uuencode.h,v 1.10 2003/11/10 16:23:41 jakob Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -26,7 +26,7 @@
26 26
27#ifndef UUENCODE_H 27#ifndef UUENCODE_H
28#define UUENCODE_H 28#define UUENCODE_H
29int uuencode(u_char *, u_int, char *, size_t); 29int uuencode(const u_char *, u_int, char *, size_t);
30int uudecode(const char *, u_char *, size_t); 30int uudecode(const char *, u_char *, size_t);
31void dump_base64(FILE *, u_char *, u_int); 31void dump_base64(FILE *, u_char *, u_int);
32#endif 32#endif
diff --git a/version.h b/version.h
index 93e6a0b7c..082a69b57 100644
--- a/version.h
+++ b/version.h
@@ -1,5 +1,5 @@
1/* $OpenBSD: version.h,v 1.39 2003/09/16 21:02:40 markus Exp $ */ 1/* $OpenBSD: version.h,v 1.40 2004/02/23 15:16:46 markus Exp $ */
2 2
3#ifndef SSH_VERSION 3#ifndef SSH_VERSION
4#define SSH_VERSION "OpenSSH_3.7.1p2" 4#define SSH_VERSION "OpenSSH_3.8p1"
5#endif /* SSH_VERSION */ 5#endif /* SSH_VERSION */