diff --git a/CHANGELOG b/CHANGELOG index 680204565..db4bf8fb0 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,6 +1,7 @@ #Nmap Changelog ($Id$); -*-text-*- -o Upgrade included libraries: Lua 5.4.6, libpcre2 10.43, zlib 1.3.1 +o Upgrade included libraries: Lua 5.4.6, libpcre2 10.43, zlib 1.3.1, + libssh2 1.11.0 o [Zenmap][GH#2739] Fix a crash in Zenmap when changing a host comment. diff --git a/libssh2/CMakeLists.txt b/libssh2/CMakeLists.txt index e6c95c888..8d51f4654 100644 --- a/libssh2/CMakeLists.txt +++ b/libssh2/CMakeLists.txt @@ -1,4 +1,5 @@ -# Copyright (c) 2014, 2015 Alexander Lamaison +# Copyright (c) 2014, 2015 Alexander Lamaison +# Copyright (c) 2023 Viktor Szakats # # Redistribution and use in source and binary forms, # with or without modification, are permitted provided @@ -33,23 +34,32 @@ # USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY # OF SUCH DAMAGE. -cmake_minimum_required(VERSION 2.8.11) +include(CheckFunctionExists) +include(CheckSymbolExists) +include(CheckIncludeFiles) +include(CheckSymbolExists) +include(CMakePushCheckState) +include(FeatureSummary) + +set(CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake;${CMAKE_MODULE_PATH}") +include(CheckFunctionExistsMayNeedLibrary) +include(CheckNonblockingSocketSupport) + +cmake_minimum_required(VERSION 3.1) set(CMAKE_MODULE_PATH ${CMAKE_CURRENT_SOURCE_DIR}/cmake) project(libssh2 C) -set(PROJECT_URL "https://www.libssh2.org/") -set(PROJECT_DESCRIPTION "The SSH library") -if (CMAKE_VERSION VERSION_LESS "3.1") - if (CMAKE_C_COMPILER_ID STREQUAL "GNU") - set (CMAKE_C_FLAGS "--std=gnu90 ${CMAKE_C_FLAGS}") - endif() -else() - set (CMAKE_C_STANDARD 90) -endif() +set(CMAKE_UNITY_BUILD_BATCH_SIZE 32) -option(BUILD_SHARED_LIBS "Build Shared Libraries" OFF) +option(BUILD_STATIC_LIBS "Build Static Libraries" ON) +add_feature_info("Static library" BUILD_STATIC_LIBS + "creating libssh2 static library") + +option(BUILD_SHARED_LIBS "Build Shared Libraries" ON) +add_feature_info("Shared library" BUILD_SHARED_LIBS + "creating libssh2 shared library (.so/.dll)") # Parse version @@ -79,20 +89,359 @@ endif() include(GNUInstallDirs) install( - FILES docs/AUTHORS COPYING docs/HACKING README RELEASE-NOTES NEWS + FILES + COPYING README RELEASE-NOTES + docs/AUTHORS docs/BINDINGS.md docs/HACKING.md DESTINATION ${CMAKE_INSTALL_DOCDIR}) include(max_warnings) -include(FeatureSummary) + +# Add socket libraries +if(WIN32) + list(APPEND SOCKET_LIBRARIES ws2_32) +else() + check_function_exists_may_need_library(socket HAVE_SOCKET socket) + if(NEED_LIB_SOCKET) + list(APPEND SOCKET_LIBRARIES socket) + endif() + check_function_exists_may_need_library(inet_addr HAVE_INET_ADDR nsl) + if(NEED_LIB_NSL) + list(APPEND SOCKET_LIBRARIES nsl) + endif() +endif() + +option(BUILD_EXAMPLES "Build libssh2 examples" ON) +option(BUILD_TESTING "Build libssh2 test suite" ON) + +if(NOT BUILD_STATIC_LIBS AND NOT BUILD_SHARED_LIBS) + set(BUILD_STATIC_LIBS ON) +endif() + +set(LIB_STATIC "libssh2_static") +set(LIB_SHARED "libssh2_shared") + +# lib flavour selected for example and test programs. +if(BUILD_SHARED_LIBS) + set(LIB_SELECTED ${LIB_SHARED}) +else() + set(LIB_SELECTED ${LIB_STATIC}) +endif() + +# Symbol hiding + +option(HIDE_SYMBOLS "Set to ON to hide all libssh2 symbols that are not officially external" ON) +mark_as_advanced(HIDE_SYMBOLS) +if(HIDE_SYMBOLS) + set(LIB_SHARED_DEFINITIONS LIBSSH2_EXPORTS) + if(WIN32) + elseif((CMAKE_C_COMPILER_ID MATCHES "Clang") OR + (CMAKE_COMPILER_IS_GNUCC AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 4.0) OR + (CMAKE_C_COMPILER_ID MATCHES "Intel" AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 9.1)) + set(LIB_SHARED_C_FLAGS -fvisibility=hidden) + set(LIBSSH2_API "__attribute__ ((__visibility__ (\"default\")))") + elseif(CMAKE_C_COMPILER_ID MATCHES "SunPro" AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 8.0) + set(LIB_SHARED_C_FLAGS -xldscope=hidden) + set(LIBSSH2_API "__global") + endif() +endif() + +# Options + +# Enable debugging logging by default if the user configured a debug build +if(CMAKE_BUILD_TYPE STREQUAL "Debug") + set(DEBUG_LOGGING_DEFAULT ON) +else() + set(DEBUG_LOGGING_DEFAULT OFF) +endif() +option(ENABLE_DEBUG_LOGGING "log execution with debug trace" + ${DEBUG_LOGGING_DEFAULT}) +add_feature_info(Logging ENABLE_DEBUG_LOGGING + "Logging of execution with debug trace") +if(ENABLE_DEBUG_LOGGING) + # Must be visible to the library and tests using internals + add_definitions(-DLIBSSH2DEBUG) +endif() + +# Auto-detection + +# Prefill values with known detection results +# Keep this synced with src/libssh2_setup.h +if(WIN32) + if(MINGW) + set(HAVE_SNPRINTF 1) + set(HAVE_UNISTD_H 1) + set(HAVE_INTTYPES_H 1) + set(HAVE_SYS_TIME_H 1) + set(HAVE_SYS_PARAM_H 1) + set(HAVE_GETTIMEOFDAY 1) + set(HAVE_STRTOLL 1) + elseif(MSVC) + set(HAVE_GETTIMEOFDAY 0) + if(NOT MSVC_VERSION LESS 1800) + set(HAVE_INTTYPES_H 1) + set(HAVE_STRTOLL 1) + else() + set(HAVE_INTTYPES_H 0) + set(HAVE_STRTOI64 1) + endif() + if(NOT MSVC_VERSION LESS 1900) + set(HAVE_SNPRINTF 1) + endif() + endif() +endif() + +## Platform checks +check_include_files(inttypes.h HAVE_INTTYPES_H) +if(NOT MSVC) + check_include_files(unistd.h HAVE_UNISTD_H) + check_include_files(sys/time.h HAVE_SYS_TIME_H) + check_include_files(sys/param.h HAVE_SYS_PARAM_H) # tests +endif() +if(NOT WIN32) + check_include_files(sys/select.h HAVE_SYS_SELECT_H) + check_include_files(sys/uio.h HAVE_SYS_UIO_H) + check_include_files(sys/socket.h HAVE_SYS_SOCKET_H) + check_include_files(sys/ioctl.h HAVE_SYS_IOCTL_H) + check_include_files(sys/un.h HAVE_SYS_UN_H) + check_include_files(arpa/inet.h HAVE_ARPA_INET_H) # example and tests + check_include_files(netinet/in.h HAVE_NETINET_IN_H) # example and tests +endif() + +# CMake uses C syntax in check_symbol_exists() that generates a warning with +# MSVC. To not break detection with ENABLE_WERRROR, we disable it for the +# duration of these tests. +if(MSVC AND ENABLE_WERROR) + cmake_push_check_state() + set(CMAKE_REQUIRED_FLAGS "/WX-") +endif() + +if(HAVE_SYS_TIME_H) + check_symbol_exists(gettimeofday sys/time.h HAVE_GETTIMEOFDAY) +else() + check_function_exists(gettimeofday HAVE_GETTIMEOFDAY) +endif() +check_symbol_exists(strtoll stdlib.h HAVE_STRTOLL) +if(NOT HAVE_STRTOLL) + # Try _strtoi64() if strtoll() is not available + check_symbol_exists(_strtoi64 stdlib.h HAVE_STRTOI64) +endif() +check_symbol_exists(snprintf stdio.h HAVE_SNPRINTF) +if(NOT WIN32) + check_symbol_exists(explicit_bzero string.h HAVE_EXPLICIT_BZERO) + check_symbol_exists(explicit_memset string.h HAVE_EXPLICIT_MEMSET) + check_symbol_exists(memset_s string.h HAVE_MEMSET_S) +endif() + +if(MSVC AND ENABLE_WERROR) + cmake_pop_check_state() +endif() + +if(${CMAKE_SYSTEM_NAME} STREQUAL "Darwin" OR + ${CMAKE_SYSTEM_NAME} STREQUAL "Interix") + # poll() does not work on these platforms + # + # Interix: "does provide poll(), but the implementing developer must + # have been in a bad mood, because poll() only works on the /proc + # filesystem here" + # + # macOS poll() has funny behaviors, like: + # not being able to do poll on no filedescriptors (10.3?) + # not being able to poll on some files (like anything in /dev) + # not having reliable timeout support + # inconsistent return of POLLHUP where other implementations give POLLIN + message("poll use is disabled on this platform") +elseif(NOT WIN32) + check_function_exists(poll HAVE_POLL) +endif() +if(WIN32) + set(HAVE_SELECT 1) +else() + check_function_exists(select HAVE_SELECT) +endif() + +# Non-blocking socket support tests. Use a separate, yet unset variable +# for the socket libraries to not link against the other configured +# dependencies which might not have been built yet. +if(NOT WIN32) + cmake_push_check_state() + set(CMAKE_REQUIRED_LIBRARIES ${SOCKET_LIBRARIES}) + check_nonblocking_socket_support() + cmake_pop_check_state() +endif() + +# Config file + +add_definitions(-DHAVE_CONFIG_H) + +configure_file(src/libssh2_config_cmake.h.in + ${CMAKE_CURRENT_BINARY_DIR}/src/libssh2_config.h) + +## Cryptography backend choice + +set(CRYPTO_BACKEND + "" + CACHE + STRING + "The backend to use for cryptography: OpenSSL, wolfSSL, Libgcrypt, +WinCNG, mbedTLS, or empty to try any available") + +# If the crypto backend was given, rather than searching for the first +# we are able to find, the find_package commands must abort configuration +# and report to the user. +if(CRYPTO_BACKEND) + set(SPECIFIC_CRYPTO_REQUIREMENT REQUIRED) +endif() + +if(CRYPTO_BACKEND STREQUAL "OpenSSL" OR NOT CRYPTO_BACKEND) + + find_package(OpenSSL ${SPECIFIC_CRYPTO_REQUIREMENT}) + + if(OPENSSL_FOUND) + set(CRYPTO_BACKEND "OpenSSL") + set(CRYPTO_BACKEND_DEFINE "LIBSSH2_OPENSSL") + set(CRYPTO_BACKEND_INCLUDE_DIR ${OPENSSL_INCLUDE_DIR}) + list(APPEND LIBRARIES ${OPENSSL_LIBRARIES}) + list(APPEND PC_REQUIRES_PRIVATE libssl libcrypto) + + if(WIN32) + # Statically linking to OpenSSL requires crypt32 for some Windows APIs. + # This should really be handled by FindOpenSSL.cmake. + list(APPEND LIBRARIES crypt32 bcrypt) + list(APPEND PC_LIBS -lcrypt32 -lbcrypt) + + #set(CMAKE_FIND_DEBUG_MODE TRUE) + + find_file(DLL_LIBCRYPTO + NAMES crypto.dll + libcrypto-1_1.dll libcrypto-1_1-x64.dll + libcrypto-3.dll libcrypto-3-x64.dll + HINTS ${_OPENSSL_ROOT_HINTS} PATHS ${_OPENSSL_ROOT_PATHS} + PATH_SUFFIXES bin NO_DEFAULT_PATH) + if(DLL_LIBCRYPTO) + message(STATUS "Found libcrypto DLL: ${DLL_LIBCRYPTO}") + else() + message(WARNING + "Unable to find OpenSSL libcrypto DLL, executables may not run") + endif() + + find_file(DLL_LIBSSL + NAMES ssl.dll + libssl-1_1.dll libssl-1_1-x64.dll + libssl-3.dll libssl-3-x64.dll + HINTS ${_OPENSSL_ROOT_HINTS} PATHS ${_OPENSSL_ROOT_PATHS} + PATH_SUFFIXES bin NO_DEFAULT_PATH) + if(DLL_LIBSSL) + message(STATUS "Found libssl DLL: ${DLL_LIBSSL}") + else() + message(WARNING + "Unable to find OpenSSL libssl DLL, executables may not run") + endif() + + #set(CMAKE_FIND_DEBUG_MODE FALSE) + + if(DLL_LIBCRYPTO AND DLL_LIBSSL) + list(APPEND _RUNTIME_DEPENDENCIES ${DLL_LIBCRYPTO} ${DLL_LIBSSL}) + endif() + endif() + + find_package(ZLIB) + + if(ZLIB_FOUND) + list(APPEND LIBRARIES ${ZLIB_LIBRARIES}) + list(APPEND PC_REQUIRES_PRIVATE zlib) + endif() + endif() +endif() + +if(CRYPTO_BACKEND STREQUAL "wolfSSL" OR NOT CRYPTO_BACKEND) + + find_package(wolfssl ${SPECIFIC_CRYPTO_REQUIREMENT}) + + if(WOLFSSL_FOUND) + set(CRYPTO_BACKEND "wolfSSL") + set(CRYPTO_BACKEND_DEFINE "LIBSSH2_WOLFSSL") + set(CRYPTO_BACKEND_INCLUDE_DIR ${WOLFSSL_INCLUDE_DIR} ${WOLFSSL_INCLUDE_DIR}/wolfssl) + list(APPEND LIBRARIES ${WOLFSSL_LIBRARIES}) + list(APPEND PC_LIBS -lwolfssl) + + if(WIN32) + list(APPEND LIBRARIES crypt32) + list(APPEND PC_LIBS -lcrypt32) + endif() + + find_package(ZLIB) + + if(ZLIB_FOUND) + list(APPEND CRYPTO_BACKEND_INCLUDE_DIR ${ZLIB_INCLUDE_DIR}) # Public wolfSSL headers require zlib headers + list(APPEND LIBRARIES ${ZLIB_LIBRARIES}) + list(APPEND PC_REQUIRES_PRIVATE zlib) + endif() + endif() +endif() + +if(CRYPTO_BACKEND STREQUAL "Libgcrypt" OR NOT CRYPTO_BACKEND) + + find_package(Libgcrypt ${SPECIFIC_CRYPTO_REQUIREMENT}) + + if(LIBGCRYPT_FOUND) + set(CRYPTO_BACKEND "Libgcrypt") + set(CRYPTO_BACKEND_DEFINE "LIBSSH2_LIBGCRYPT") + set(CRYPTO_BACKEND_INCLUDE_DIR ${LIBGCRYPT_INCLUDE_DIRS}) + list(APPEND LIBRARIES ${LIBGCRYPT_LIBRARIES}) + list(APPEND PC_LIBS -lgcrypt) + endif() +endif() + +if(CRYPTO_BACKEND STREQUAL "mbedTLS" OR NOT CRYPTO_BACKEND) + + find_package(mbedTLS ${SPECIFIC_CRYPTO_REQUIREMENT}) + + if(MBEDTLS_FOUND) + set(CRYPTO_BACKEND "mbedTLS") + set(CRYPTO_BACKEND_DEFINE "LIBSSH2_MBEDTLS") + set(CRYPTO_BACKEND_INCLUDE_DIR ${MBEDTLS_INCLUDE_DIR}) + list(APPEND LIBRARIES ${MBEDTLS_LIBRARIES}) + list(APPEND PC_LIBS -lmbedcrypto) + link_directories(${MBEDTLS_LIBRARY_DIR}) + endif() +endif() + +# Detect platform-specific crypto-backends last: + +if(CRYPTO_BACKEND STREQUAL "WinCNG" OR NOT CRYPTO_BACKEND) + if(WIN32) + set(CRYPTO_BACKEND "WinCNG") + set(CRYPTO_BACKEND_DEFINE "LIBSSH2_WINCNG") + set(CRYPTO_BACKEND_INCLUDE_DIR "") + + list(APPEND LIBRARIES crypt32 bcrypt) + list(APPEND PC_LIBS -lcrypt32 -lbcrypt) + elseif(${SPECIFIC_CRYPTO_REQUIREMENT} STREQUAL ${REQUIRED}) + message(FATAL_ERROR "WinCNG not available") + endif() +endif() + +# Global functions + +# Convert GNU Make assignments into CMake ones. +function(transform_makefile_inc INPUT_FILE OUTPUT_FILE) + file(READ ${INPUT_FILE} MAKEFILE_INC_CMAKE) + + string(REGEX REPLACE "\\\\\n" "" MAKEFILE_INC_CMAKE ${MAKEFILE_INC_CMAKE}) + string(REGEX REPLACE "([A-Za-z_]+) *= *([^\n]*)" "set(\\1 \\2)" MAKEFILE_INC_CMAKE ${MAKEFILE_INC_CMAKE}) + + file(WRITE ${OUTPUT_FILE} ${MAKEFILE_INC_CMAKE}) + set_property(DIRECTORY APPEND PROPERTY CMAKE_CONFIGURE_DEPENDS "${INPUT_FILE}") +endfunction() + +# add_subdirectory(src) -option(BUILD_EXAMPLES "Build libssh2 examples" ON) if(BUILD_EXAMPLES) add_subdirectory(example) endif() -option(BUILD_TESTING "Build libssh2 test suite" ON) if(BUILD_TESTING) enable_testing() add_subdirectory(tests) @@ -103,7 +452,11 @@ if(LINT) add_custom_target(lint ALL ./ci/checksrc.sh WORKING_DIRECTORY ${libssh2_SOURCE_DIR}) - add_dependencies(libssh2 lint) + if(BUILD_STATIC_LIBS) + add_dependencies(${LIB_STATIC} lint) + else() + add_dependencies(${LIB_SHARED} lint) + endif() endif() add_subdirectory(docs) diff --git a/libssh2/COPYING b/libssh2/COPYING index 937ed32e3..af4d874cd 100644 --- a/libssh2/COPYING +++ b/libssh2/COPYING @@ -2,7 +2,7 @@ * Copyright (c) 2005,2006 Mikhail Gusarov * Copyright (c) 2006-2007 The Written Word, Inc. * Copyright (c) 2007 Eli Fant - * Copyright (c) 2009-2021 Daniel Stenberg + * Copyright (c) 2009-2023 Daniel Stenberg * Copyright (C) 2008, 2009 Simon Josefsson * Copyright (c) 2000 Markus Friedl * Copyright (c) 2015 Microsoft Corp. @@ -41,4 +41,3 @@ * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY * OF SUCH DAMAGE. */ - diff --git a/libssh2/ChangeLog b/libssh2/ChangeLog deleted file mode 100644 index 404c887c2..000000000 --- a/libssh2/ChangeLog +++ /dev/null @@ -1 +0,0 @@ -see NEWS diff --git a/libssh2/Makefile.am b/libssh2/Makefile.am index 986441bd6..cc7e5eed1 100644 --- a/libssh2/Makefile.am +++ b/libssh2/Makefile.am @@ -1,6 +1,9 @@ AUTOMAKE_OPTIONS = foreign nostdinc -SUBDIRS = src tests docs +SUBDIRS = src +if ENABLE_TESTS +SUBDIRS += tests +endif if BUILD_EXAMPLES SUBDIRS += example endif @@ -8,44 +11,34 @@ endif pkgconfigdir = $(libdir)/pkgconfig pkgconfig_DATA = libssh2.pc -include_HEADERS = \ - include/libssh2.h \ - include/libssh2_publickey.h \ - include/libssh2_sftp.h +include_HEADERS = \ + include/libssh2.h \ + include/libssh2_publickey.h \ + include/libssh2_sftp.h -NETWAREFILES = nw/keepscreen.c \ - nw/nwlib.c \ - nw/GNUmakefile \ - nw/test/GNUmakefile +DISTCLEANFILES = -DSP = win32/libssh2.dsp -VCPROJ = win32/libssh2.vcproj +VMSFILES = vms/libssh2_make_example.dcl vms/libssh2_make_help.dcl \ + vms/libssh2_make_kit.dcl vms/libssh2_make_lib.dcl vms/man2help.c \ + vms/readme.vms vms/libssh2_config.h -DISTCLEANFILES = $(DSP) +WIN32FILES = src/libssh2.rc NMakefile -VMSFILES = vms/libssh2_make_example.dcl vms/libssh2_make_help.dcl \ -vms/libssh2_make_kit.dcl vms/libssh2_make_lib.dcl vms/man2help.c \ -vms/readme.vms vms/libssh2_config.h +OS400FILES = os400/README400 os400/initscript.sh os400/make.sh \ + os400/make-src.sh os400/make-rpg.sh os400/make-include.sh \ + os400/os400sys.c os400/ccsid.c \ + os400/libssh2_config.h os400/macros.h os400/libssh2_ccsid.h \ + os400/include/alloca.h os400/include/sys/socket.h os400/include/stdio.h \ + os400/include/assert.h \ + os400/libssh2rpg/libssh2.rpgle.in \ + os400/libssh2rpg/libssh2_ccsid.rpgle.in \ + os400/libssh2rpg/libssh2_publickey.rpgle \ + os400/libssh2rpg/libssh2_sftp.rpgle -WIN32FILES = win32/GNUmakefile win32/test/GNUmakefile \ -win32/libssh2_config.h win32/config.mk win32/rules.mk \ -win32/Makefile.Watcom win32/libssh2.dsw win32/tests.dsp $(DSP) \ -win32/msvcproj.head win32/msvcproj.foot win32/libssh2.rc - -OS400FILES = os400/README400 os400/initscript.sh os400/make.sh \ -os400/make-src.sh os400/make-rpg.sh os400/make-include.sh \ -os400/os400sys.c os400/ccsid.c \ -os400/libssh2_config.h os400/macros.h os400/libssh2_ccsid.h \ -os400/include/alloca.h os400/include/sys/socket.h os400/include/stdio.h \ -os400/libssh2rpg/libssh2.rpgle.in \ -os400/libssh2rpg/libssh2_ccsid.rpgle.in \ -os400/libssh2rpg/libssh2_publickey.rpgle \ -os400/libssh2rpg/libssh2_sftp.rpgle \ -Makefile.os400qc3.inc - -EXTRA_DIST = $(WIN32FILES) $(NETWAREFILES) get_ver.awk \ - maketgz NMakefile RELEASE-NOTES libssh2.pc.in $(VMSFILES) config.rpath \ - CMakeLists.txt cmake $(OS400FILES) +EXTRA_DIST = $(WIN32FILES) get_ver.awk \ + maketgz RELEASE-NOTES libssh2.pc.in $(VMSFILES) config.rpath \ + CMakeLists.txt cmake git2news.pl libssh2-style.el README.md $(OS400FILES) \ + buildconf Makefile.mk ACLOCAL_AMFLAGS = -I m4 @@ -76,79 +69,21 @@ build-coverage: make CFLAGS=$(COVERAGE_CCOPTS) check mkdir -p $(COVERAGE_OUT) lcov --directory . --output-file $(COVERAGE_OUT)/$(PACKAGE).info \ - --capture + --capture gen-coverage: genhtml --output-directory $(COVERAGE_OUT) \ - $(COVERAGE_OUT)/$(PACKAGE).info \ - --highlight --frames --legend \ - --title "$(PACKAGE_NAME)" + $(COVERAGE_OUT)/$(PACKAGE).info \ + --highlight --frames --legend \ + --title "$(PACKAGE_NAME)" coverage: init-coverage build-coverage gen-coverage -# DSP/VCPROJ generation adapted from libcurl -# only OpenSSL and WinCNG are supported with this build system -CRYPTO_CSOURCES = openssl.c wincng.c mbedtls.c -CRYPTO_HHEADERS = openssl.h wincng.h mbedtls.h -# Makefile.inc provides the CSOURCES and HHEADERS defines -include Makefile.inc - -WIN32SOURCES = $(CSOURCES) -WIN32HEADERS = $(HHEADERS) libssh2_config.h - -$(DSP): win32/msvcproj.head win32/msvcproj.foot Makefile.am - echo "creating $(DSP)" - @( (cat $(srcdir)/win32/msvcproj.head; \ - echo "# Begin Group \"Source Files\""; \ - echo ""; \ - echo "# PROP Default_Filter \"cpp;c;cxx\""; \ - win32_srcs='$(WIN32SOURCES)'; \ - sorted_srcs=`for file in $$win32_srcs; do echo $$file; done | sort`; \ - for file in $$sorted_srcs; do \ - echo "# Begin Source File"; \ - echo ""; \ - echo "SOURCE=..\\src\\"$$file; \ - echo "# End Source File"; \ - done; \ - echo "# End Group"; \ - echo "# Begin Group \"Header Files\""; \ - echo ""; \ - echo "# PROP Default_Filter \"h;hpp;hxx\""; \ - win32_hdrs='$(WIN32HEADERS)'; \ - sorted_hdrs=`for file in $$win32_hdrs; do echo $$file; done | sort`; \ - for file in $$sorted_hdrs; do \ - echo "# Begin Source File"; \ - echo ""; \ - if [ "$$file" = "libssh2_config.h" ]; \ - then \ - echo "SOURCE=.\\"$$file; \ - else \ - echo "SOURCE=..\\src\\"$$file; \ - fi; \ - echo "# End Source File"; \ - done; \ - echo "# End Group"; \ - cat $(srcdir)/win32/msvcproj.foot) | \ - awk '{printf("%s\r\n", gensub("\r", "", "g"))}' > $@ ) - -$(VCPROJ): win32/vc8proj.head win32/vc8proj.foot Makefile.am - echo "creating $(VCPROJ)" - @( (cat $(srcdir)/vc8proj.head; \ - win32_srcs='$(WIN32SOURCES)'; \ - sorted_srcs=`for file in $$win32_srcs; do echo $$file; done | sort`; \ - for file in $$sorted_srcs; do \ - echo ""; \ - done; \ - echo ""; \ - win32_hdrs='$(WIN32HEADERS)'; \ - sorted_hdrs=`for file in $$win32_hdrs; do echo $$file; done | sort`; \ - for file in $$sorted_hdrs; do \ - echo ""; \ - done; \ - cat $(srcdir)/vc8proj.foot) | \ - awk '{printf("%s\r\n", gensub("\r", "", "g"))}' > $@ ) - checksrc: - perl src/checksrc.pl -i4 -m79 -ASIZEOFNOPAREN -ASNPRINTF -ACOPYRIGHT \ - -AFOPENMODE -Wsrc/libssh2_config.h src/*.[ch] include/*.h example/*.c \ - tests/*.[ch] + perl ci/checksrc.pl -i4 -m79 \ + -ASNPRINTF \ + -ACOPYRIGHT \ + -AFOPENMODE \ + -ATYPEDEFSTRUCT \ + -Wsrc/libssh2_config.h src/*.[ch] include/*.h example/*.c \ + tests/*.[ch] diff --git a/libssh2/Makefile.in b/libssh2/Makefile.in index c60873ab8..333eff84d 100644 --- a/libssh2/Makefile.in +++ b/libssh2/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.16.4 from Makefile.am. +# Makefile.in generated by automake 1.16.5 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2021 Free Software Foundation, Inc. @@ -89,7 +89,8 @@ PRE_UNINSTALL = : POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ -@BUILD_EXAMPLES_TRUE@am__append_1 = example +@ENABLE_TESTS_TRUE@am__append_1 = tests +@BUILD_EXAMPLES_TRUE@am__append_2 = example subdir = . ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/autobuild.m4 \ @@ -191,11 +192,11 @@ am__define_uniq_tagged_files = \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | $(am__uniquify_input)` -DIST_SUBDIRS = src tests docs example -am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.inc \ - $(srcdir)/libssh2.pc.in COPYING ChangeLog NEWS README compile \ - config.guess config.rpath config.sub depcomp install-sh \ - ltmain.sh missing +DIST_SUBDIRS = src docs tests example +am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/libssh2.pc.in \ + COPYING README compile config.guess \ + config.rpath config.sub depcomp install-sh ltmain.sh missing \ + tap-driver.sh DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) distdir = $(PACKAGE)-$(VERSION) top_distdir = $(distdir) @@ -274,12 +275,13 @@ EGREP = @EGREP@ ETAGS = @ETAGS@ EXEEXT = @EXEEXT@ FGREP = @FGREP@ +FILECMD = @FILECMD@ GREP = @GREP@ HAVE_LIBBCRYPT = @HAVE_LIBBCRYPT@ -HAVE_LIBCRYPT32 = @HAVE_LIBCRYPT32@ HAVE_LIBGCRYPT = @HAVE_LIBGCRYPT@ HAVE_LIBMBEDCRYPTO = @HAVE_LIBMBEDCRYPTO@ HAVE_LIBSSL = @HAVE_LIBSSL@ +HAVE_LIBWOLFSSL = @HAVE_LIBWOLFSSL@ HAVE_LIBZ = @HAVE_LIBZ@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ @@ -290,8 +292,6 @@ LD = @LD@ LDFLAGS = @LDFLAGS@ LIBBCRYPT = @LIBBCRYPT@ LIBBCRYPT_PREFIX = @LIBBCRYPT_PREFIX@ -LIBCRYPT32 = @LIBCRYPT32@ -LIBCRYPT32_PREFIX = @LIBCRYPT32_PREFIX@ LIBGCRYPT = @LIBGCRYPT@ LIBGCRYPT_PREFIX = @LIBGCRYPT_PREFIX@ LIBMBEDCRYPTO = @LIBMBEDCRYPTO@ @@ -303,17 +303,19 @@ LIBSSH2VER = @LIBSSH2VER@ LIBSSL = @LIBSSL@ LIBSSL_PREFIX = @LIBSSL_PREFIX@ LIBTOOL = @LIBTOOL@ +LIBWOLFSSL = @LIBWOLFSSL@ +LIBWOLFSSL_PREFIX = @LIBWOLFSSL_PREFIX@ LIBZ = @LIBZ@ LIBZ_PREFIX = @LIBZ_PREFIX@ LIB_FUZZING_ENGINE = @LIB_FUZZING_ENGINE@ LIPO = @LIPO@ LN_S = @LN_S@ LTLIBBCRYPT = @LTLIBBCRYPT@ -LTLIBCRYPT32 = @LTLIBCRYPT32@ LTLIBGCRYPT = @LTLIBGCRYPT@ LTLIBMBEDCRYPTO = @LTLIBMBEDCRYPTO@ LTLIBOBJS = @LTLIBOBJS@ LTLIBSSL = @LTLIBSSL@ +LTLIBWOLFSSL = @LTLIBWOLFSSL@ LTLIBZ = @LTLIBZ@ LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@ MAINT = @MAINT@ @@ -335,6 +337,7 @@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +RC = @RC@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ @@ -396,69 +399,43 @@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ AUTOMAKE_OPTIONS = foreign nostdinc -SUBDIRS = src tests docs $(am__append_1) +SUBDIRS = src docs $(am__append_1) $(am__append_2) pkgconfigdir = $(libdir)/pkgconfig pkgconfig_DATA = libssh2.pc include_HEADERS = \ - include/libssh2.h \ - include/libssh2_publickey.h \ - include/libssh2_sftp.h + include/libssh2.h \ + include/libssh2_publickey.h \ + include/libssh2_sftp.h -NETWAREFILES = nw/keepscreen.c \ - nw/nwlib.c \ - nw/GNUmakefile \ - nw/test/GNUmakefile +DISTCLEANFILES = ChangeLog +VMSFILES = vms/libssh2_make_example.dcl vms/libssh2_make_help.dcl \ + vms/libssh2_make_kit.dcl vms/libssh2_make_lib.dcl vms/man2help.c \ + vms/readme.vms vms/libssh2_config.h -DSP = win32/libssh2.dsp -VCPROJ = win32/libssh2.vcproj -DISTCLEANFILES = $(DSP) ChangeLog -VMSFILES = vms/libssh2_make_example.dcl vms/libssh2_make_help.dcl \ -vms/libssh2_make_kit.dcl vms/libssh2_make_lib.dcl vms/man2help.c \ -vms/readme.vms vms/libssh2_config.h +WIN32FILES = src/libssh2.rc NMakefile +OS400FILES = os400/README400 os400/initscript.sh os400/make.sh \ + os400/make-src.sh os400/make-rpg.sh os400/make-include.sh \ + os400/os400sys.c os400/ccsid.c \ + os400/libssh2_config.h os400/macros.h os400/libssh2_ccsid.h \ + os400/include/alloca.h os400/include/sys/socket.h os400/include/stdio.h \ + os400/include/assert.h \ + os400/libssh2rpg/libssh2.rpgle.in \ + os400/libssh2rpg/libssh2_ccsid.rpgle.in \ + os400/libssh2rpg/libssh2_publickey.rpgle \ + os400/libssh2rpg/libssh2_sftp.rpgle -WIN32FILES = win32/GNUmakefile win32/test/GNUmakefile \ -win32/libssh2_config.h win32/config.mk win32/rules.mk \ -win32/Makefile.Watcom win32/libssh2.dsw win32/tests.dsp $(DSP) \ -win32/msvcproj.head win32/msvcproj.foot win32/libssh2.rc - -OS400FILES = os400/README400 os400/initscript.sh os400/make.sh \ -os400/make-src.sh os400/make-rpg.sh os400/make-include.sh \ -os400/os400sys.c os400/ccsid.c \ -os400/libssh2_config.h os400/macros.h os400/libssh2_ccsid.h \ -os400/include/alloca.h os400/include/sys/socket.h os400/include/stdio.h \ -os400/libssh2rpg/libssh2.rpgle.in \ -os400/libssh2rpg/libssh2_ccsid.rpgle.in \ -os400/libssh2rpg/libssh2_publickey.rpgle \ -os400/libssh2rpg/libssh2_sftp.rpgle \ -Makefile.os400qc3.inc - -EXTRA_DIST = $(WIN32FILES) $(NETWAREFILES) get_ver.awk \ - maketgz NMakefile RELEASE-NOTES libssh2.pc.in $(VMSFILES) config.rpath \ - CMakeLists.txt cmake $(OS400FILES) +EXTRA_DIST = $(WIN32FILES) get_ver.awk \ + maketgz RELEASE-NOTES libssh2.pc.in $(VMSFILES) config.rpath \ + CMakeLists.txt cmake git2news.pl libssh2-style.el README.md $(OS400FILES) \ + buildconf Makefile.mk ACLOCAL_AMFLAGS = -I m4 - -# DSP/VCPROJ generation adapted from libcurl -# only OpenSSL and WinCNG are supported with this build system -CRYPTO_CSOURCES = openssl.c wincng.c mbedtls.c -CRYPTO_HHEADERS = openssl.h wincng.h mbedtls.h -CSOURCES = channel.c comp.c crypt.c hostkey.c kex.c mac.c misc.c \ - packet.c publickey.c scp.c session.c sftp.c userauth.c transport.c \ - version.c knownhost.c agent.c $(CRYPTO_CSOURCES) pem.c keepalive.c global.c \ - blowfish.c bcrypt_pbkdf.c agent_win.c - -HHEADERS = libssh2_priv.h $(CRYPTO_HHEADERS) transport.h channel.h comp.h \ - mac.h misc.h packet.h userauth.h session.h sftp.h crypto.h blf.h agent.h - -# Makefile.inc provides the CSOURCES and HHEADERS defines -WIN32SOURCES = $(CSOURCES) -WIN32HEADERS = $(HHEADERS) libssh2_config.h all: all-recursive .SUFFIXES: am--refresh: Makefile @: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(srcdir)/Makefile.inc $(am__configure_deps) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ @@ -480,7 +457,6 @@ Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status echo ' cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__maybe_remake_depfiles)'; \ cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__maybe_remake_depfiles);; \ esac; -$(srcdir)/Makefile.inc $(am__empty): $(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) $(SHELL) ./config.status --recheck @@ -1007,72 +983,24 @@ build-coverage: make CFLAGS=$(COVERAGE_CCOPTS) check mkdir -p $(COVERAGE_OUT) lcov --directory . --output-file $(COVERAGE_OUT)/$(PACKAGE).info \ - --capture + --capture gen-coverage: genhtml --output-directory $(COVERAGE_OUT) \ - $(COVERAGE_OUT)/$(PACKAGE).info \ - --highlight --frames --legend \ - --title "$(PACKAGE_NAME)" + $(COVERAGE_OUT)/$(PACKAGE).info \ + --highlight --frames --legend \ + --title "$(PACKAGE_NAME)" coverage: init-coverage build-coverage gen-coverage -$(DSP): win32/msvcproj.head win32/msvcproj.foot Makefile.am - echo "creating $(DSP)" - @( (cat $(srcdir)/win32/msvcproj.head; \ - echo "# Begin Group \"Source Files\""; \ - echo ""; \ - echo "# PROP Default_Filter \"cpp;c;cxx\""; \ - win32_srcs='$(WIN32SOURCES)'; \ - sorted_srcs=`for file in $$win32_srcs; do echo $$file; done | sort`; \ - for file in $$sorted_srcs; do \ - echo "# Begin Source File"; \ - echo ""; \ - echo "SOURCE=..\\src\\"$$file; \ - echo "# End Source File"; \ - done; \ - echo "# End Group"; \ - echo "# Begin Group \"Header Files\""; \ - echo ""; \ - echo "# PROP Default_Filter \"h;hpp;hxx\""; \ - win32_hdrs='$(WIN32HEADERS)'; \ - sorted_hdrs=`for file in $$win32_hdrs; do echo $$file; done | sort`; \ - for file in $$sorted_hdrs; do \ - echo "# Begin Source File"; \ - echo ""; \ - if [ "$$file" = "libssh2_config.h" ]; \ - then \ - echo "SOURCE=.\\"$$file; \ - else \ - echo "SOURCE=..\\src\\"$$file; \ - fi; \ - echo "# End Source File"; \ - done; \ - echo "# End Group"; \ - cat $(srcdir)/win32/msvcproj.foot) | \ - awk '{printf("%s\r\n", gensub("\r", "", "g"))}' > $@ ) - -$(VCPROJ): win32/vc8proj.head win32/vc8proj.foot Makefile.am - echo "creating $(VCPROJ)" - @( (cat $(srcdir)/vc8proj.head; \ - win32_srcs='$(WIN32SOURCES)'; \ - sorted_srcs=`for file in $$win32_srcs; do echo $$file; done | sort`; \ - for file in $$sorted_srcs; do \ - echo ""; \ - done; \ - echo ""; \ - win32_hdrs='$(WIN32HEADERS)'; \ - sorted_hdrs=`for file in $$win32_hdrs; do echo $$file; done | sort`; \ - for file in $$sorted_hdrs; do \ - echo ""; \ - done; \ - cat $(srcdir)/vc8proj.foot) | \ - awk '{printf("%s\r\n", gensub("\r", "", "g"))}' > $@ ) - checksrc: - perl src/checksrc.pl -i4 -m79 -ASIZEOFNOPAREN -ASNPRINTF -ACOPYRIGHT \ - -AFOPENMODE -Wsrc/libssh2_config.h src/*.[ch] include/*.h example/*.c \ - tests/*.[ch] + perl ci/checksrc.pl -i4 -m79 \ + -ASNPRINTF \ + -ACOPYRIGHT \ + -AFOPENMODE \ + -ATYPEDEFSTRUCT \ + -Wsrc/libssh2_config.h src/*.[ch] include/*.h example/*.c \ + tests/*.[ch] # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. diff --git a/libssh2/Makefile.mk b/libssh2/Makefile.mk new file mode 100644 index 000000000..b5c13d568 --- /dev/null +++ b/libssh2/Makefile.mk @@ -0,0 +1,326 @@ +######################################################################### +# +# Makefile for building libssh2 with GCC-like toolchains. +# Use: make -f Makefile.mk [help|all|clean|dist|distclean|dyn|objclean|example|exampleclean|test|testclean] +# +# Written by Guenter Knauf and Viktor Szakats +# +# Look for ' ?=' to find accepted customization variables. +# +######################################################################### + +### Common + +CFLAGS ?= +CPPFLAGS ?= +LIBSSH2_CPPFLAGS_LIB ?= +RCFLAGS ?= +LDFLAGS ?= +LIBSSH2_LDFLAGS_BIN ?= +LIBSSH2_LDFLAGS_DYN ?= +LIBS ?= + +CROSSPREFIX ?= + +ifeq ($(CC),cc) + CC := gcc +endif +CC := $(CROSSPREFIX)$(CC) +AR := $(CROSSPREFIX)$(AR) +RC ?= $(CROSSPREFIX)windres + +# For compatibility +ARCH ?= +ifeq ($(ARCH),w64) + TRIPLET := x86_64-w64-mingw32 + CFLAGS += -m64 + LDFLAGS += -m64 + RCFLAGS += --target=pe-x86-64 +else ifdef ARCH + TRIPLET := i686-w64-mingw32 + CFLAGS += -m32 + LDFLAGS += -m32 + RCFLAGS += --target=pe-i386 +else + TRIPLET ?= $(shell $(CC) -dumpmachine) +endif + +BLD_DIR ?= $(TRIPLET) + +ifneq ($(findstring -w,$(TRIPLET)),) + WIN32 := 1 + BIN_EXT := .exe + DYN_EXT := .dll +else + CPPFLAGS += -I$(BLD_DIR) -DHAVE_CONFIG_H +endif + +CPPFLAGS += -Isrc -Iinclude +RCFLAGS += -Iinclude + +# examples, tests + +LIBSSH2_LDFLAGS_BIN += -L$(BLD_DIR) +LIBS_BIN := -lssh2 +ifdef WIN32 + LIBS_BIN += -lws2_32 +endif + +ifdef DYN + ifdef WIN32 + libssh2_DEPENDENCIES := $(BLD_DIR)/libssh2.dll.a + else + libssh2_DEPENDENCIES := $(BLD_DIR)/libssh2$(DYN_EXT) + endif + LIBSSH2_LDFLAGS_BIN += -shared +else + libssh2_DEPENDENCIES := $(BLD_DIR)/libssh2.a + LIBSSH2_LDFLAGS_BIN += -static +endif + +### Optional features + +# must be equal to DEBUG or NDEBUG +DB ?= NDEBUG +CPPFLAGS += -D$(DB) +ifeq ($(DB),NDEBUG) + OBJ_DIR := release +else + OBJ_DIR := debug + CFLAGS += -g + CPPFLAGS += -DLIBSSH2DEBUG +endif + +OBJ_DIR := $(BLD_DIR)/$(OBJ_DIR) + +# Linker options to exclude for shared mode executables. +_LDFLAGS := +_LIBS := + +ifdef OPENSSL_PATH + CPPFLAGS += -DLIBSSH2_OPENSSL + OPENSSL_INCLUDE ?= $(OPENSSL_PATH)/include + OPENSSL_LIBPATH ?= $(OPENSSL_PATH)/lib + CPPFLAGS += -I"$(OPENSSL_INCLUDE)" + _LDFLAGS += -L"$(OPENSSL_LIBPATH)" + OPENSSL_LIBS ?= -lssl -lcrypto + _LIBS += $(OPENSSL_LIBS) +else ifdef WOLFSSL_PATH + CPPFLAGS += -DLIBSSH2_WOLFSSL + CPPFLAGS += -I"$(WOLFSSL_PATH)/include" + CPPFLAGS += -I"$(WOLFSSL_PATH)/include/wolfssl" + _LDFLAGS += -L"$(WOLFSSL_PATH)/lib" + _LIBS += -lwolfssl +else ifdef LIBGCRYPT_PATH + CPPFLAGS += -DLIBSSH2_LIBGCRYPT + CPPFLAGS += -I"$(LIBGCRYPT_PATH)/include" + _LDFLAGS += -L"$(LIBGCRYPT_PATH)/lib" + _LIBS += -lgcrypt +else ifdef MBEDTLS_PATH + CPPFLAGS += -DLIBSSH2_MBEDTLS + CPPFLAGS += -I"$(MBEDTLS_PATH)/include" + _LDFLAGS += -L"$(MBEDTLS_PATH)/lib" + _LIBS += -lmbedtls -lmbedx509 -lmbedcrypto +else ifdef WIN32 + CPPFLAGS += -DLIBSSH2_WINCNG +else + $(error No suitable cryptography backend found) +endif + +ifdef ZLIB_PATH + CPPFLAGS += -DLIBSSH2_HAVE_ZLIB + CPPFLAGS += -I"$(ZLIB_PATH)/include" + _LDFLAGS += -L"$(ZLIB_PATH)/lib" + _LIBS += -lz +endif + +ifdef WIN32 + _LIBS += -lws2_32 -lcrypt32 -lbcrypt +endif + +LIBSSH2_LDFLAGS_DYN += $(_LDFLAGS) +LIBS_DYN += $(_LIBS) + +ifndef DYN + LIBSSH2_LDFLAGS_BIN += $(_LDFLAGS) + LIBS_BIN += $(_LIBS) +endif + +### Rules + +# Platform-dependent helper tool macros +ifneq ($(findstring /sh,$(SHELL)),) +DEL = rm -f $1 +RMDIR = rm -fr $1 +MKDIR = mkdir -p $1 +COPY = -cp -afv $1 $2 +DL = ' +else +DEL = -del 2>NUL /q /f $(subst /,\,$1) +RMDIR = -rd 2>NUL /q /s $(subst /,\,$1) +MKDIR = -md 2>NUL $(subst /,\,$1) +COPY = -copy 2>NUL /y $(subst /,\,$1) $(subst /,\,$2) +endif +AWK := awk +ZIP := zip -qzr9 + +# Include the version info retrieved from libssh2.h +-include $(OBJ_DIR)/version.inc + +vpath %.c src +ifdef WIN32 +vpath %.rc src +endif + +# Get CSOURCES define +include src/Makefile.inc + +OBJS := $(addprefix $(OBJ_DIR)/,$(patsubst %.c,%.o,$(CSOURCES))) + +TARGET := $(BLD_DIR)/libssh2 + +# Override the path below to point to your Distribution folder. +DISTNAM ?= libssh2-$(LIBSSH2_VERSION_STR)-bin-$(word 1,$(subst -, ,$(TRIPLET))) +DISTDIR := $(BLD_DIR)/$(DISTNAM) +DISTARC := $(DISTDIR).zip + +LIBSSH2_DYN_SUFFIX ?= +libssh2_dyn_LIBRARY := $(TARGET)$(LIBSSH2_DYN_SUFFIX)$(DYN_EXT) +OBJS_dyn := $(OBJS) +ifdef WIN32 + libssh2_def_LIBRARY := $(libssh2_dyn_LIBRARY:$(DYN_EXT)=.def) + libssh2_dyn_a_LIBRARY := $(TARGET).dll.a + OBJS_dyn += $(OBJ_DIR)/libssh2.res + LIBSSH2_LDFLAGS_DYN += -Wl,--output-def,$(libssh2_def_LIBRARY),--out-implib,$(libssh2_dyn_a_LIBRARY) +endif + +# Get noinst_PROGRAMS define +include example/Makefile.am +TARGETS_EXAMPLES := $(patsubst %.c,%$(BIN_EXT),$(strip $(wildcard example/*.c))) + +all: lib dyn + +# For compatibility +dll: dyn + +dyn: prebuild $(libssh2_dyn_LIBRARY) + +lib: prebuild $(TARGET).a + +prebuild: $(OBJ_DIR) $(OBJ_DIR)/version.inc + +example: $(TARGETS_EXAMPLES) + +# Get DOCKER_TESTS, STANDALONE_TESTS, SSHD_TESTS, TESTS_WITH_LIB_STATIC, +# librunner_la_SOURCES defines +include tests/Makefile.inc +TARGETS_RUNNER := $(TARGET)-runner.a +TARGETS_RUNNER_OBJS := $(addprefix $(OBJ_DIR)/,$(patsubst %.c,%.o,$(filter %.c,$(librunner_la_SOURCES)))) +TARGETS_TESTS := $(patsubst %.c,%$(BIN_EXT),$(addprefix tests/,$(addsuffix .c,$(DOCKER_TESTS) $(STANDALONE_TESTS) $(SSHD_TESTS)))) +ifdef DYN +TARGETS_TESTS := $(filter-out $(patsubst %.c,%$(BIN_EXT),$(addprefix tests/,$(addsuffix .c,$(TESTS_WITH_LIB_STATIC)))),$(TARGETS_TESTS)) +endif + +test: $(TARGETS_RUNNER) $(TARGETS_TESTS) + +$(TARGETS_RUNNER_OBJS): + $(CC) -W -Wall $(CFLAGS) $(CPPFLAGS) -c $(patsubst $(OBJ_DIR)/%.o,tests/%.c,$@) -o $@ + +$(TARGETS_RUNNER): $(TARGETS_RUNNER_OBJS) + @$(call DEL, $@) + $(AR) rcs $@ $^ + +test_%$(BIN_EXT): $(libssh2_DEPENDENCIES) $(TARGETS_RUNNER) + $(CC) -W -Wall $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) $(LIBSSH2_LDFLAGS_BIN) \ + $(patsubst %$(BIN_EXT),%.c,$@) -o $@ $(TARGETS_RUNNER) $(LIBS) $(LIBS_BIN) + +%$(BIN_EXT): %.c $(libssh2_DEPENDENCIES) + $(CC) -W -Wall $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) $(LIBSSH2_LDFLAGS_BIN) $< -o $@ $(LIBS) $(LIBS_BIN) + +$(OBJ_DIR)/%.o: %.c + $(CC) -W -Wall $(CFLAGS) $(CPPFLAGS) $(LIBSSH2_CPPFLAGS_LIB) -c $< -o $@ + +$(libssh2_dyn_LIBRARY) $(libssh2_dyn_a_LIBRARY): $(OBJS_dyn) + @$(call DEL, $@) + $(CC) $(LDFLAGS) -shared $(LIBSSH2_LDFLAGS_DYN) $^ -o $@ $(LIBS) $(LIBS_DYN) + +ifdef WIN32 +$(OBJ_DIR)/%.res: %.rc + $(RC) -O coff $(RCFLAGS) -i $< -o $@ +endif + +$(TARGET).a: $(OBJS) + @$(call DEL, $@) + $(AR) rcs $@ $^ + +$(OBJ_DIR)/version.inc: get_ver.awk include/libssh2.h $(OBJ_DIR) + $(AWK) -f $^ > $@ + +dist: all $(DISTDIR) $(DISTDIR)/readme.txt + @$(call MKDIR, $(DISTDIR)/bin) + @$(call MKDIR, $(DISTDIR)/include) + @$(call MKDIR, $(DISTDIR)/lib) + @$(call COPY, COPYING, $(DISTDIR)) + @$(call COPY, README, $(DISTDIR)) + @$(call COPY, RELEASE-NOTES, $(DISTDIR)) + @$(call COPY, include/*.h, $(DISTDIR)/include) + @$(call COPY, $(TARGET).a, $(DISTDIR)/lib) +ifdef WIN32 + @$(call COPY, $(libssh2_def_LIBRARY), $(DISTDIR)/bin) + @$(call COPY, $(libssh2_dyn_LIBRARY), $(DISTDIR)/bin) + @$(call COPY, $(libssh2_dyn_a_LIBRARY), $(DISTDIR)/lib) +else + @$(call COPY, $(libssh2_dyn_LIBRARY), $(DISTDIR)/lib) +endif + @echo Creating... $(DISTARC) + (cd $(DISTDIR)/.. && $(ZIP) $(abspath $(DISTARC)) $(DISTNAM)/* < $(abspath $(DISTDIR)/readme.txt)) + +distclean vclean: clean + $(call RMDIR, $(DISTDIR)) + $(call DEL, $(DISTARC)) + +objclean: all + $(call RMDIR, $(OBJ_DIR)) + +exampleclean: + $(call DEL, $(TARGETS_EXAMPLES)) + +testclean: + $(call DEL, $(TARGETS_RUNNER_OBJS) $(TARGETS_RUNNER) $(TARGETS_TESTS)) + +clean: + $(call DEL, $(TARGET).a $(libssh2_dyn_LIBRARY) $(libssh2_def_LIBRARY) $(libssh2_dyn_a_LIBRARY)) + $(call RMDIR, $(OBJ_DIR)) + +$(OBJ_DIR) $(DISTDIR): + @$(call MKDIR, $@) + +$(DISTDIR)/readme.txt: Makefile.mk + @echo Creating... $@ + @echo $(DL)This is a binary distribution for $(TRIPLET).$(DL) > $@ + @echo $(DL)libssh2 version $(LIBSSH2_VERSION_STR)$(DL) >> $@ + @echo $(DL)Please download the complete libssh2 package for$(DL) >> $@ + @echo $(DL)any further documentation:$(DL) >> $@ + @echo $(DL)https://www.libssh2.org/$(DL) >> $@ + +help: $(OBJ_DIR)/version.inc + @echo $(DL)===========================================================$(DL) + @echo $(DL)OpenSSL path = $(OPENSSL_PATH)$(DL) + @echo $(DL)wolfSSL path = $(WOLFSSL_PATH)$(DL) + @echo $(DL)libgcrypt path = $(LIBGCRYPT_PATH)$(DL) + @echo $(DL)mbedTLS path = $(MBEDTLS_PATH)$(DL) + @echo $(DL)zlib path = $(ZLIB_PATH)$(DL) + @echo $(DL)===========================================================$(DL) + @echo $(DL)libssh2 $(LIBSSH2_VERSION_STR) - available targets are:$(DL) + @echo $(DL)$(MAKE) all$(DL) + @echo $(DL)$(MAKE) dyn$(DL) + @echo $(DL)$(MAKE) lib$(DL) + @echo $(DL)$(MAKE) clean$(DL) + @echo $(DL)$(MAKE) dist$(DL) + @echo $(DL)$(MAKE) distclean$(DL) + @echo $(DL)$(MAKE) objclean$(DL) + @echo $(DL)$(MAKE) example$(DL) + @echo $(DL)$(MAKE) exampleclean$(DL) + @echo $(DL)$(MAKE) test$(DL) + @echo $(DL)$(MAKE) testclean$(DL) + @echo $(DL)===========================================================$(DL) diff --git a/libssh2/NEWS b/libssh2/NEWS deleted file mode 100644 index 7e22b3dd8..000000000 --- a/libssh2/NEWS +++ /dev/null @@ -1,6831 +0,0 @@ - Changelog for the libssh2 project. Generated with git2news.pl - -Daniel Stenberg (29 Aug 2021) -- [Will Cosgrove brought this change] - - updated docs for 1.10.0 release - -Marc Hörsken (30 May 2021) -- [Laurent Stacul brought this change] - - [tests] Try several times to connect the ssh server - - Sometimes, as the OCI container is run in detached mode, it is possible - the actual server is not ready yet to handle SSH traffic. The goal of - this PR is to try several times (max 3). The mechanism is the same as - for the connection to the docker machine. - -- [Laurent Stacul brought this change] - - Remove openssh_server container on test exit - -- [Laurent Stacul brought this change] - - Allow the tests to run inside a container - - The current tests suite starts SSH server as OCI container. This commit - add the possibility to run the tests in a container provided that: - - * the docker client is installed builder container - * the host docker daemon unix socket has been mounted in the builder - container (with, if needed, the DOCKER_HOST environment variable - accordingly set, and the permission to write on this socket) - * the builder container is run on the default bridge network, or the - host network. This PR does not handle the case where the builder - container is on another network. - -Marc Hoersken (28 May 2021) -- CI/appveyor: run SSH server for tests on GitHub Actions (#607) - - No longer rely on DigitalOcean to host the Docker container. - - Unfortunately we require a small dispatcher script that has - access to a GitHub access token with scope repo in order to - trigger the daemon workflow on GitHub Actions also for PRs. - - This script is hosted by myself for the time being until GitHub - provides a tighter scope to trigger the workflow_dispatch event. - -GitHub (26 May 2021) -- [Will Cosgrove brought this change] - - openssl.c: guards around calling FIPS_mode() #596 (#603) - - Notes: - FIPS_mode() is not implemented in LibreSSL and this API is removed in OpenSSL 3.0 and was introduced in 0.9.7. Added guards around making this call. - - Credit: - Will Cosgrove - -- [Will Cosgrove brought this change] - - configure.ac: don't undefine scoped variable (#594) - - * configure.ac: don't undefine scoped variable - - To get this script to run with Autoconf 2.71 on macOS I had to remove the undefine of the backend for loop variable. It seems scoped to the for loop and also isn't referenced later in the script so it seems OK to remove it. - - * configure.ac: remove cygwin specific CFLAGS #598 - - Notes: - Remove cygwin specific Win32 CFLAGS and treat the build like a posix build - - Credit: - Will Cosgrove, Brian Inglis - -- [Laurent Stacul brought this change] - - tests: Makefile.am: Add missing tests client keys in distribution tarball (#604) - - Notes: - Added missing test keys. - - Credit: - Laurent Stacul - -- [Laurent Stacul brought this change] - - Makefile.am: Add missing test keys in the distribution tarball (#601) - - Notes: - Fix tests missing key to build the OCI image - - Credit: - Laurent Stacul - -Daniel Stenberg (16 May 2021) -- dist: add src/agent.h - - Fixes #597 - Closes #599 - -GitHub (12 May 2021) -- [Will Cosgrove brought this change] - - packet.c: Reset read timeout after received a packet (#576) (#586) - - File: - packet.c - - Notes: - Attempt keyboard interactive login (Azure AD 2FA login) and use more than 60 seconds to complete the login, the connection fails. - - The _libssh2_packet_require function does almost the same as _libssh2_packet_requirev but this function sets state->start = 0 before returning. - - Credit: - teottin, Co-authored-by: Tor Erik Ottinsen - -- [kkoenig brought this change] - - Support ECDSA certificate authentication (#570) - - Files: hostkey.c, userauth.c, test_public_key_auth_succeeds_with_correct_ecdsa_key.c - - Notes: - Support ECDSA certificate authentication - - Add a test for: - - Existing ecdsa basic public key authentication - - ecdsa public key authentication with a signed public key - - Credit: - kkoenig - -- [Gabriel Smith brought this change] - - agent.c: Add support for Windows OpenSSH agent (#517) - - Files: agent.c, agent.h, agent_win.c - - Notes: - * agent: Add support for Windows OpenSSH agent - - The implementation was partially taken and modified from that found in - the Portable OpenSSH port to Win32 by the PowerShell team, but mostly - based on the existing Unix OpenSSH agent support. - - https://github.com/PowerShell/openssh-portable - - Regarding the partial transfer support implementation: partial transfers - are easy to deal with, but you need to track additional state when - non-blocking IO enters the picture. A tracker of how many bytes have - been transfered has been placed in the transfer context struct as that's - where it makes most sense. This tracker isn't placed behind a WIN32 - #ifdef as it will probably be useful for other agent implementations. - - * agent: win32 openssh: Disable overlapped IO - - Non-blocking IO is not currently supported by the surrounding agent - code, despite a lot of the code having everything set up to handle it. - - Credit: - Co-authored-by: Gabriel Smith - -- [Zenju brought this change] - - Fix detailed _libssh2_error being overwritten (#473) - - Files: openssl.c, pem.c, userauth.c - - Notes: - * Fix detailed _libssh2_error being overwritten by generic errors - * Unified error handling - - Credit: - Zenju - -- [Paul Capron brought this change] - - Fix _libssh2_random() silently discarding errors (#520) - - Notes: - * Make _libssh2_random return code consistent - - Previously, _libssh2_random was advertized in HACKING.CRYPTO as - returning `void` (and was implemented that way in os400qc3.c), but that - was in other crypto backends a lie; _libssh2_random is (a macro - expanding) to an int-value expression or function. - - Moreover, that returned code was: - — 0 or success, -1 on error for the MbedTLS & WinCNG crypto backends - But also: - — 1 on success, -1 or 0 on error for the OpenSSL backend! - – 1 on success, error cannot happen for libgcrypt! - - This commit makes explicit that _libssh2_random can fail (because most of - the underlying crypto functions can indeed fail!), and it makes its result - code consistent: 0 on success, -1 on error. - - This is related to issue #519 https://github.com/libssh2/libssh2/issues/519 - It fixes the first half of it. - - * Don't silent errors of _libssh2_random - - Make sure to check the returned code of _libssh2_random(), and - propagates any failure. - - A new LIBSSH_ERROR_RANDGEN constant is added to libssh2.h - None of the existing error constants seemed fit. - - This commit is related to d74285b68450c0e9ea6d5f8070450837fb1e74a7 - and to https://github.com/libssh2/libssh2/issues/519 (see the issue - for more info.) It closes #519. - - Credit: - Paul Capron - -- [Gabriel Smith brought this change] - - ci: Remove caching of docker image layers (#589) - - Notes: - continued ci reliability work. - - Credit: - Gabriel Smith - -- [Gabriel Smith brought this change] - - ci: Speed up docker builds for tests (#587) - - Notes: - The OpenSSH server docker image used for tests is pre-built to prevent - wasting time building it during a test, and unneeded rebuilds are - prevented by caching the image layers. - - Credit: - Gabriel Smith - -- [Will Cosgrove brought this change] - - userauth.c: don't error if using keys without RSA (#555) - - file: userauth.c - - notes: libssh2 now supports many other key types besides RSA, if the library is built without RSA support and a user attempts RSA auth it shouldn't be an automatic error - - credit: - Will Cosgrove - -- [Marc brought this change] - - openssl.c: Avoid OpenSSL latent error in FIPS mode (#528) - - File: - openssl.c - - Notes: - Avoid initing MD5 digest, which is not permitted in OpenSSL FIPS certified cryptography mode. - - Credit: - Marc - -- [Laurent Stacul brought this change] - - openssl.c: Fix EVP_Cipher interface change in openssl 3 #463 - - File: - openssl.c - - Notes: - Fixes building with OpenSSL 3, #463. - - The change is described there: - https://github.com/openssl/openssl/commit/f7397f0d58ce7ddf4c5366cd1846f16b341fbe43 - - Credit: - Laurent Stacul, reported by Sergei - -- [Gabriel Smith brought this change] - - openssh_fixture.c: Fix potential overwrite of buffer when reading stdout of command (#580) - - File: - openssh_fixture.c - Notes: - If reading the full output from the executed command took multiple - passes (such as when reading multiple lines) the old code would read - into the buffer starting at the some position (the start) every time. - The old code only works if fgets updated p or had an offset parameter, - both of which are not true. - - Credit: - Gabriel Smith - -- [Gabriel Smith brought this change] - - ci: explicitly state the default branch (#585) - - Notes: - It looks like the $default-branch macro only works in templates, not - workflows. This is not explicitly stated anywhere except the linked PR - comment. - - https://github.com/actions/starter-workflows/pull/590#issuecomment-672360634 - - credit: - Gabriel Smith - -- [Gabriel Smith brought this change] - - ci: Swap from Travis to Github Actions (#581) - - Files: ci files - - Notes: - Move Linux CI using Github Actions - - Credit: - Gabriel Smith, Marc Hörsken - -- [Mary brought this change] - - libssh2_priv.h: add iovec on 3ds (#575) - - file: libssh2_priv.h - note: include iovec for 3DS - credit: Mary Mstrodl - -- [Laurent Stacul brought this change] - - Tests: Fix unused variables warning (#561) - - file: test_public_key_auth_succeeds_with_correct_ed25519_key_from_mem.c - - notes: fixed unused vars - - credit: - Laurent Stacul - -- [Viktor Szakats brought this change] - - bcrypt_pbkdf.c: fix clang10 false positive warning (#563) - - File: bcrypt_pbkdf.c - - Notes: - blf_enc() takes a number of 64-bit blocks to encrypt, but using - sizeof(uint64_t) in the calculation triggers a warning with - clang 10 because the actual data type is uint32_t. Pass - BCRYPT_BLOCKS / 2 for the number of blocks like libc bcrypt(3) - does. - - Ref: https://github.com/openbsd/src/commit/04a2240bd8f465bcae6b595d912af3e2965856de - - Fixes #562 - - Credit: - Viktor Szakats - -- [Will Cosgrove brought this change] - - transport.c: release payload on error (#554) - - file: transport.c - notes: If the payload is invalid and there is an early return, we could leak the payload - credit: - Will Cosgrove - -- [Will Cosgrove brought this change] - - ssh2_client_fuzzer.cc: fixed building - - The GitHub web editor did some funky things - -- [Will Cosgrove brought this change] - - ssh_client_fuzzer.cc: set blocking mode on (#553) - - file: ssh_client_fuzzer.cc - - notes: the session needs blocking mode turned on to avoid EAGAIN being returned from libssh2_session_handshake() - - credit: - Will Cosgrove, reviewed by Michael Buckley - -- [Etienne Samson brought this change] - - Add a LINT option to CMake (#372) - - * ci: make style-checking available locally - - * cmake: add a linting target - - * tests: check test suite syntax with checksrc.pl - -- [Will Cosgrove brought this change] - - kex.c: kex_agree_instr() improve string reading (#552) - - * kex.c: kex_agree_instr() improve string reading - - file: kex.c - notes: if haystack isn't null terminated we should use memchr() not strchar(). We should also make sure we don't walk off the end of the buffer. - credit: - Will Cosgrove, reviewed by Michael Buckley - -- [Will Cosgrove brought this change] - - kex.c: use string_buf in ecdh_sha2_nistp (#551) - - * kex.c: use string_buf in ecdh_sha2_nistp - - file: kex.c - - notes: - use string_buf in ecdh_sha2_nistp() to avoid attempting to parse malformed data - -- [Will Cosgrove brought this change] - - kex.c: move EC macro outside of if check #549 (#550) - - File: kex.c - - Notes: - Moved the macro LIBSSH2_KEX_METHOD_EC_SHA_HASH_CREATE_VERIFY outside of the LIBSSH2_ECDSA since it's also now used by the ED25519 code. - - Sha 256, 384 and 512 need to be defined for all backends now even if they aren't used directly. I believe this is already the case, but just a heads up. - - Credit: - Stefan-Ghinea - -- [Tim Gates brought this change] - - kex.c: fix simple typo, niumber -> number (#545) - - File: kex.c - - Notes: - There is a small typo in src/kex.c. - - Should read `number` rather than `niumber`. - - Credit: - Tim Gates - -- [Tseng Jun brought this change] - - session.c: Correct a typo which may lead to stack overflow (#533) - - File: session.c - - Notes: - Seems the author intend to terminate banner_dup buffer, later, print it to the debug console. - - Author: - Tseng Jun - -Marc Hoersken (10 Oct 2020) -- wincng: fix random big number generation to match openssl - - The old function would set the least significant bits in - the most significant byte instead of the most significant bits. - - The old function would also zero pad too much bits in the - most significant byte. This lead to a reduction of key space - in the most significant byte according to the following listing: - - 8 bits reduced to 0 bits => eg. 2048 bits to 2040 bits DH key - - 7 bits reduced to 1 bits => eg. 2047 bits to 2041 bits DH key - - 6 bits reduced to 2 bits => eg. 2046 bits to 2042 bits DH key - - 5 bits reduced to 3 bits => eg. 2045 bits to 2043 bits DH key - - No change would occur for the case of 4 significant bits. - For 1 to 3 significant bits in the most significant byte - the DH key would actually be expanded instead of reduced: - - 3 bits expanded to 5 bits => eg. 2043 bits to 2045 bits DH key - - 2 bits expanded to 6 bits => eg. 2042 bits to 2046 bits DH key - - 1 bits expanded to 7 bits => eg. 2041 bits to 2047 bits DH key - - There is no case of 0 significant bits in the most significant byte - since this would be a case of 8 significant bits in the next byte. - - At the moment only the following case applies due to a fixed - DH key size value currently being used in libssh2: - - The DH group_order is fixed to 256 (bytes) which leads to a - 2047 bits DH key size by calculating (256 * 8) - 1. - - This means the DH keyspace was previously reduced from 2047 bits - to 2041 bits (while the top and bottom bits are always set), so the - keyspace is actually always reduced from 2045 bits to 2039 bits. - - All of this is only relevant for Windows versions supporting the - WinCNG backend (Vista or newer) before Windows 10 version 1903. - - Closes #521 - -Daniel Stenberg (28 Sep 2020) -- libssh2_session_callback_set.3: explain the recv/send callbacks - - Describe how to actually use these callbacks. - - Closes #518 - -GitHub (23 Sep 2020) -- [Will Cosgrove brought this change] - - agent.c: formatting - - Improved formatting of RECV_SEND_ALL macro. - -- [Will Cosgrove brought this change] - - CMakeLists.txt: respect install lib dir #405 (#515) - - Files: - CMakeLists.txt - - Notes: - Use CMAKE_INSTALL_LIBDIR directory - - Credit: Arfrever - -- [Will Cosgrove brought this change] - - kex.c: group16-sha512 and group18-sha512 support #457 (#468) - - Files: kex.c - - Notes: - Added key exchange group16-sha512 and group18-sha512. As a result did the following: - - Abstracted diffie_hellman_sha256() to diffie_hellman_sha_algo() which is now algorithm agnostic and takes the algorithm as a parameter since we needed sha512 support. Unfortunately it required some helper functions but they are simple. - Deleted diffie_hellman_sha1() - Deleted diffie_hellman_sha1 specific macro - Cleaned up some formatting - Defined sha384 in os400 and wincng backends - Defined LIBSSH2_DH_MAX_MODULUS_BITS to abort the connection if we receive too large of p from the server doing sha1 key exchange. - Reorder the default key exchange list to match OpenSSH and improve security - - Credit: - Will Cosgrove - -- [Igor Klevanets brought this change] - - agent.c: Recv and send all bytes via network in agent_transact_unix() (#510) - - Files: agent.c - - Notes: - Handle sending/receiving partial packet replies in agent.c API. - - Credit: Klevanets Igor - -- [Daniel Stenberg brought this change] - - Makefile.am: include all test files in the dist #379 - - File: - Makefile.am - - Notes: - No longer conditionally include OpenSSL specific test files, they aren't run if we're not building against OpenSSL 1.1.x anyway. - - Credit: - Daniel Stenberg - -- [Max Dymond brought this change] - - Add support for an OSS Fuzzer fuzzing target (#392) - - Files: - .travis.yml, configure.ac, ossfuzz - - Notes: - This adds support for an OSS-Fuzz fuzzing target in ssh2_client_fuzzer, - which is a cut down example of ssh2.c. Future enhancements can improve - coverage. - - Credit: - Max Dymond - -- [Sebastián Katzer brought this change] - - mbedtls.c: ECDSA support for mbed TLS (#385) - - Files: - mbedtls.c, mbedtls.h, .travis.yml - - Notes: - This PR adds support for ECDSA for both key exchange and host key algorithms. - - The following elliptic curves are supported: - - 256-bit curve defined by FIPS 186-4 and SEC1 - 384-bit curve defined by FIPS 186-4 and SEC1 - 521-bit curve defined by FIPS 186-4 and SEC1 - - Credit: - Sebastián Katzer - -Marc Hoersken (1 Sep 2020) -- buildconf: exec autoreconf to avoid additional process (#512) - - Also make buildconf exit with the return code of autoreconf. - - Follow up to #224 - -- scp.c: fix indentation in shell_quotearg documentation - -- wincng: make more use of new helper functions (#496) - -- wincng: make sure algorithm providers are closed once (#496) - -GitHub (10 Jul 2020) -- [David Benjamin brought this change] - - openssl.c: clean up curve25519 code (#499) - - File: openssl.c, openssl.h, crypto.h, kex.c - - Notes: - This cleans up a few things in the curve25519 implementation: - - - There is no need to create X509_PUBKEYs or PKCS8_PRIV_KEY_INFOs to - extract key material. EVP_PKEY_get_raw_private_key and - EVP_PKEY_get_raw_public_key work fine. - - - libssh2_x25519_ctx was never used (and occasionally mis-typedefed to - libssh2_ed25519_ctx). Remove it. The _libssh2_curve25519_new and - _libssh2_curve25519_gen_k interfaces use the bytes. Note, if it needs - to be added back, there is no need to roundtrip through - EVP_PKEY_new_raw_private_key. EVP_PKEY_keygen already generated an - EVP_PKEY. - - - Add some missing error checks. - - Credit: - David Benjamin - -- [Will Cosgrove brought this change] - - transport.c: socket is disconnected, return error (#500) - - File: transport.c - - Notes: - This is to fix #102, instead of continuing to attempt to read a disconnected socket, it will now error out. - - Credit: - TDi-jonesds - -- [Will Cosgrove brought this change] - - stale.yml - - Increasing stale values. - -Marc Hoersken (6 Jul 2020) -- wincng: try newer DH API first, fallback to legacy RSA API - - Avoid the use of RtlGetVersion or similar Win32 functions, - since these depend on version information from manifests. - - This commit makes the WinCNG backend first try to use the - new DH algorithm API with the raw secret derivation feature. - In case this feature is not available the WinCNG backend - will fallback to the classic approach of using RSA-encrypt - to perform the required modular exponentiation of BigNums. - - The feature availability test is done during the first handshake - and the result is stored in the crypto backends global state. - - Follow up to #397 - Closes #484 - -- wincng: fix indentation of function arguments and comments - - Follow up to #397 - -- [Wez Furlong brought this change] - - wincng: use newer DH API for Windows 8.1+ - - Since Windows 1903 the approach used to perform DH kex with the CNG - API has been failing. - - This commit switches to using the `DH` algorithm provider to perform - generation of the key pair and derivation of the shared secret. - - It uses a feature of CNG that is not yet documented. The sources of - information that I've found on this are: - - * https://stackoverflow.com/a/56378698/149111 - * https://github.com/wbenny/mini-tor/blob/5d39011e632be8e2b6b1819ee7295e8bd9b7a769/mini/crypto/cng/dh.inl#L355 - - With this change I am able to successfully connect from Windows 10 to my - ubuntu system. - - Refs: https://github.com/alexcrichton/ssh2-rs/issues/122 - Fixes: https://github.com/libssh2/libssh2/issues/388 - Closes: https://github.com/libssh2/libssh2/pull/397 - -GitHub (1 Jul 2020) -- [Zenju brought this change] - - comp.c: Fix name clash with ZLIB macro "compress" (#418) - - File: comp.c - - Notes: - * Fix name clash with ZLIB macro "compress". - - Credit: - Zenju - -- [yann-morin-1998 brought this change] - - buildsystem: drop custom buildconf script, rely on autoreconf (#224) - - Notes: - The buildconf script is currently required, because we need to copy a - header around, because it is used both from the library and the examples - sources. - - However, having a custom 'buildconf'-like script is not needed if we can - ensure that the header exists by the time it is needed. For that, we can - just append the src/ directory to the headers search path for the - examples. - - And then it means we no longer need to generate the same header twice, - so we remove the second one from configure.ac. - - Now, we can just call "autoreconf -fi" to generate the autotools files, - instead of relying on the canned sequence in "buildconf", since - autoreconf has now long known what to do at the correct moment (future - versions of autotools, automake, autopoint, autoheader etc... may - require an other ordering, or other intermediate steps, etc...). - - Eventually, get rid of buildconf now it is no longer needed. In fact, we - really keep it for legacy, but have it just call autoreconf (and print a - nice user-friendly warning). Don't include it in the release tarballs, - though. - - Update doc, gitignore, and travis-CI jobs accordingly. - - Credit: - Signed-off-by: "Yann E. MORIN" - Cc: Sam Voss - -- [Will Cosgrove brought this change] - - libssh2.h: Update Diffie Hellman group values (#493) - - File: libssh2.h - - Notes: - Update the min, preferred and max DH group values based on RFC 8270. - - Credit: - Will Cosgrove, noted from email list by Mitchell Holland - -Marc Hoersken (22 Jun 2020) -- travis: use existing Makefile target to run checksrc - -- Makefile: also run checksrc on test source files - -- tests: avoid use of deprecated function _sleep (#490) - -- tests: avoid use of banned function strncat (#489) - -- tests: satisfy checksrc regarding max line length of 79 chars - - Follow up to 2764bc8e06d51876b6796d6080c6ac51e20f3332 - -- tests: satisfy checksrc with whitespace only fixes - - checksrc.pl -i4 -m79 -ASIZEOFNOPAREN -ASNPRINTF - -ACOPYRIGHT -AFOPENMODE tests/*.[ch] - -- tests: add support for ports published via Docker for Windows - -- tests: restore retry behaviour for docker-machine ip command - -- tests: fix mix of declarations and code failing C89 compliance - -- wincng: add and improve checks in bit counting function - -- wincng: align bits to bytes calculation in all functions - -- wincng: do not disable key validation that can be enabled - - The modular exponentiation also works with key validation enabled. - -- wincng: fix return value in _libssh2_dh_secret - - Do not ignore return value of modular exponentiation. - -- appveyor: build and run tests for WinCNG crypto backend - -GitHub (1 Jun 2020) -- [suryakalpo brought this change] - - INSTALL_CMAKE.md: Update formatting (#481) - - File: INSTALL_CMAKE.md - - Notes: - Although the original text would be immediately clear to seasoned users of CMAKE and/or Unix shell, the lack of newlines may cause some confusion for newcomers. Hence, wrapping the texts in a md code-block such that the newlines appear as intended. - - credit: - suryakalpo - -Marc Hoersken (31 May 2020) -- src: add new and align include guards in header files (#480) - - Make sure all include guards exist and follow the same format. - -- wincng: fix multiple definition of `_libssh2_wincng' (#479) - - Add missing include guard and move global state - from header to source file by using extern. - -GitHub (28 May 2020) -- [Will Cosgrove brought this change] - - transport.c: moving total_num check from #476 (#478) - - file: transport.c - - notes: - moving total_num zero length check from #476 up to the prior bounds check which already includes a total_num check. Makes it slightly more readable. - - credit: - Will Cosgrove - -- [lutianxiong brought this change] - - transport.c: fix use-of-uninitialized-value (#476) - - file:transport.c - - notes: - return error if malloc(0) - - credit: - lutianxiong - -- [Dr. Koutheir Attouchi brought this change] - - libssh2_sftp.h: Changed type of LIBSSH2_FX_* constants to unsigned long, fixes #474 - - File: - libssh2_sftp.h - - Notes: - Error constants `LIBSSH2_FX_*` are only returned by `libssh2_sftp_last_error()` which returns `unsigned long`. - Therefore these constants should be defined as unsigned long literals, instead of int literals. - - Credit: - Dr. Koutheir Attouchi - -- [monnerat brought this change] - - os400qc3.c: constify libssh2_os400qc3_hash_update() data parameter. (#469) - - Files: os400qc3.c, os400qc3.h - - Notes: - Fixes building on OS400. #426 - - Credit: - Reported-by: hjindra on github, dev by Monnerat - -- [monnerat brought this change] - - HACKING.CRYPTO: keep up to date with new crypto definitions from code. (#466) - - File: HACKING.CRYPTO - - Notes: - This commit updates the HACKING.CRYPTO documentation file in an attempt to make it in sync with current code. - New documented features are: - - SHA384 - SHA512 - ECDSA - ED25519 - - Credit: - monnerat - -- [Harry Sintonen brought this change] - - kex.c: Add diffie-hellman-group14-sha256 Key Exchange Method (#464) - - File: kex.c - - Notes: Added diffie-hellman-group14-sha256 kex - - Credit: Harry Sintonen - -- [Will Cosgrove brought this change] - - os400qc3.h: define sha512 macros (#465) - - file: os400qc3.h - notes: fixes for building libssh2 1.9.x - -- [Will Cosgrove brought this change] - - os400qc3.h: define EC types to fix building #426 (#462) - - File: os400qc3.h - Notes: define missing EC types which prevents building - Credit: hjindra - -- [Brendan Shanks brought this change] - - hostkey.c: Fix 'unsigned int'/'uint32_t' mismatch (#461) - - File: hostkey.c - - Notes: - These types are the same size so most compilers are fine with it, but CodeWarrior (on classic MacOS) throws an ‘illegal implicit conversion’ error - - Credit: Brendan Shanks - -- [Thomas Klausner brought this change] - - Makefile.am: Fix unportable test(1) operator. (#459) - - file: Makefile.am - - Notes: - The POSIX comparison operator for test(1) is =; bash supports == but not even test from GNU coreutils does. - - Credit: - Thomas Klausner - -- [Tseng Jun brought this change] - - openssl.c: minor changes of coding style (#454) - - File: openssl.c - - Notes: - minor changes of coding style and align preprocessor conditional for #439 - - Credit: - Tseng Jun - -- [Hans Meier brought this change] - - openssl.c: Fix for use of uninitialized aes_ctr_cipher.key_len (#453) - - File: - Openssl.c - - Notes: - * Fix for use of uninitialized aes_ctr_cipher.key_len when using HAVE_OPAQUE_STRUCTS, regression from #439 - - Credit: - Hans Meirer, Tseng Jun - -- [Zenju brought this change] - - agent.c: Fix Unicode builds on Windows (#417) - - File: agent.c - - Notes: - Fixes unicode builds for Windows in Visual Studio 16.3.2. - - Credit: - Zenju - -- [Hans Meier brought this change] - - openssl.c: Fix use-after-free crash in openssl backend without memory leak (#439) - - Files: openssl.c - - Notes: - Fixes memory leaks and use after free AES EVP_CIPHER contexts when using OpenSSL 1.0.x. - - Credit: - Hans Meier - -- [Romain Geissler @ Amadeus brought this change] - - Session.c: Fix undefined warning when mixing with LTO-enabled libcurl. (#449) - - File: Session.c - - Notes: - With gcc 9, libssh2, libcurl and LTO enabled for all binaries I see this - warning (error with -Werror): - - vssh/libssh2.c: In function ‘ssh_statemach_act’: - /data/mwrep/rgeissler/ospack/ssh2/BUILD/libssh2-libssh2-03c7c4a/src/session.c:579:9: error: ‘seconds_to_next’ is used uninitialized in this function [-Werror=uninitialized] - 579 | int seconds_to_next; - | ^ - lto1: all warnings being treated as errors - - Gcc normally issues -Wuninitialized when it is sure there is a problem, - and -Wmaybe-uninitialized when it's not sure, but it's possible. Here - the compiler seems to have find a real case where this could happen. I - looked in your code and overall it seems you always check if the return - code is non null, not often that it's below zero. I think we should do - the same here. With this patch, gcc is fine. - - Credit: - Romain-Geissler-1A - -- [Zenju brought this change] - - transport.c: Fix crash with delayed compression (#443) - - Files: transport.c - - Notes: - Fixes crash with delayed compression option using Bitvise server. - - Contributor: - Zenju - -- [Will Cosgrove brought this change] - - Update INSTALL_MAKE path to INSTALL_MAKE.md (#446) - - Included for #429 - -- [Will Cosgrove brought this change] - - Update INSTALL_CMAKE filename to INSTALL_CMAKE.md (#445) - - Fixing for #429 - -- [Wallace Souza brought this change] - - Rename INSTALL_CMAKE to INTALL_CMAKE.md (#429) - - Adding Markdown file extension in order to Github render the instructions properly - -Will Cosgrove (17 Dec 2019) -- [Daniel Stenberg brought this change] - - include/libssh2.h: fix comment: the known host key uses 4 bits (#438) - -- [Zenju brought this change] - - ssh-ed25519: Support PKIX + calc pubkey from private (#416) - - Files: openssl.c/h - Author: Zenju - Notes: - Adds support for PKIX key reading by fixing: - - _libssh2_pub_priv_keyfile() is missing the code to extract the ed25519 public key from a given private key - - _libssh2_ed25519_new_private_frommemory is only parsing the openssh key format but does not understand PKIX (as retrieved via PEM_read_bio_PrivateKey) - -GitHub (15 Oct 2019) -- [Will Cosgrove brought this change] - - .travis.yml: Fix Chrome and 32 bit builds (#423) - - File: .travis.yml - - Notes: - * Fix Chrome installing by using Travis build in directive - * Update to use libgcrypt20-dev package to fix 32 bit builds based on comments found here: - https://launchpad.net/ubuntu/xenial/i386/libgcrypt11-dev - -- [Will Cosgrove brought this change] - - packet.c: improved parsing in packet_x11_open (#410) - - Use new API to parse data in packet_x11_open() for better bounds checking. - -Will Cosgrove (12 Sep 2019) -- [Michael Buckley brought this change] - - knownhost.c: Double the static buffer size when reading and writing known hosts (#409) - - Notes: - We had a user who was being repeatedly prompted to accept a server key repeatedly. It turns out the base64-encoded key was larger than the static buffers allocated to read and write known hosts. I doubled the size of these buffers. - - Credit: - Michael Buckley - -GitHub (4 Sep 2019) -- [Will Cosgrove brought this change] - - packet.c: improved packet parsing in packet_queue_listener (#404) - - * improved bounds checking in packet_queue_listener - - file: packet.c - - notes: - improved parsing packet in packet_queue_listener - -- [Will Cosgrove brought this change] - - packet.c: improve message parsing (#402) - - * packet.c: improve parsing of packets - - file: packet.c - - notes: - Use _libssh2_get_string API in SSH_MSG_DEBUG/SSH_MSG_DISCONNECT. Additional uint32 bounds check in SSH_MSG_GLOBAL_REQUEST. - -- [Will Cosgrove brought this change] - - misc.c: _libssh2_ntohu32 cast bit shifting (#401) - - To quite overly aggressive analyzers. - - Note, the builds pass, Travis is having some issues with Docker images. - -- [Will Cosgrove brought this change] - - kex.c: improve bounds checking in kex_agree_methods() (#399) - - file: kex.c - - notes: - use _libssh2_get_string instead of kex_string_pair which does additional checks - -Will Cosgrove (23 Aug 2019) -- [Fabrice Fontaine brought this change] - - acinclude.m4: add mbedtls to LIBS (#371) - - Notes: - This is useful for static builds so that the Libs.private field in - libssh2.pc contains correct info for the benefit of pkg-config users. - Static link with libssh2 requires this information. - - Signed-off-by: Baruch Siach - [Retrieved from: - https://git.buildroot.net/buildroot/tree/package/libssh2/0002-acinclude.m4-add-mbedtls-to-LIBS.patch] - Signed-off-by: Fabrice Fontaine - - Credit: - Fabrice Fontaine - -- [jethrogb brought this change] - - Generate debug info when building with MSVC (#178) - - files: CMakeLists.txt - - notes: Generate debug info when building with MSVC - - credit: - jethrogb - -- [Panos brought this change] - - Add agent forwarding implementation (#219) - - files: channel.c, test_agent_forward_succeeds.c, libssh2_priv.h, libssh2.h, ssh2_agent_forwarding.c - - notes: - * Adding SSH agent forwarding. - * Fix agent forwarding message, updated example. - Added integration test code and cmake target. Added example to cmake list. - - credit: - pkittenis - -GitHub (2 Aug 2019) -- [Will Cosgrove brought this change] - - Update EditorConfig - - Added max_line_length = 80 - -- [Will Cosgrove brought this change] - - global.c : fixed call to libssh2_crypto_exit #394 (#396) - - * global.c : fixed call to libssh2_crypto_exit #394 - - File: global.c - - Notes: Don't call `libssh2_crypto_exit()` until `_libssh2_initialized` count is down to zero. - - Credit: seba30 - -Will Cosgrove (30 Jul 2019) -- [hlefebvre brought this change] - - misc.c : Add an EWOULDBLOCK check for better portability (#172) - - File: misc.c - - Notes: Added support for all OS' that implement EWOULDBLOCK, not only VMS - - Credit: hlefebvre - -- [Etienne Samson brought this change] - - userauth.c: fix off by one error when loading public keys with no id (#386) - - File: userauth.c - - Credit: - Etienne Samson - - Notes: - Caught by ASAN: - - ================================================================= - ==73797==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60700001bcf0 at pc 0x00010026198d bp 0x7ffeefbfed30 sp 0x7ffeefbfe4d8 - READ of size 69 at 0x60700001bcf0 thread T0 - 2019-07-04 08:35:30.292502+0200 atos[73890:2639175] examining /Users/USER/*/libssh2_clar [73797] - #0 0x10026198c in wrap_memchr (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x1f98c) - #1 0x1000f8e66 in file_read_publickey userauth.c:633 - #2 0x1000f2dc9 in userauth_publickey_fromfile userauth.c:1513 - #3 0x1000f2948 in libssh2_userauth_publickey_fromfile_ex userauth.c:1590 - #4 0x10000e254 in test_userauth_publickey__ed25519_auth_ok publickey.c:69 - #5 0x1000090c3 in clar_run_test clar.c:260 - #6 0x1000038f3 in clar_run_suite clar.c:343 - #7 0x100003272 in clar_test_run clar.c:522 - #8 0x10000c3cc in main runner.c:60 - #9 0x7fff5b43b3d4 in start (libdyld.dylib:x86_64+0x163d4) - - 0x60700001bcf0 is located 0 bytes to the right of 80-byte region [0x60700001bca0,0x60700001bcf0) - allocated by thread T0 here: - #0 0x10029e053 in wrap_malloc (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x5c053) - #1 0x1000b4978 in libssh2_default_alloc session.c:67 - #2 0x1000f8aba in file_read_publickey userauth.c:597 - #3 0x1000f2dc9 in userauth_publickey_fromfile userauth.c:1513 - #4 0x1000f2948 in libssh2_userauth_publickey_fromfile_ex userauth.c:1590 - #5 0x10000e254 in test_userauth_publickey__ed25519_auth_ok publickey.c:69 - #6 0x1000090c3 in clar_run_test clar.c:260 - #7 0x1000038f3 in clar_run_suite clar.c:343 - #8 0x100003272 in clar_test_run clar.c:522 - #9 0x10000c3cc in main runner.c:60 - #10 0x7fff5b43b3d4 in start (libdyld.dylib:x86_64+0x163d4) - - SUMMARY: AddressSanitizer: heap-buffer-overflow (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x1f98c) in wrap_memchr - Shadow bytes around the buggy address: - 0x1c0e00003740: fd fd fd fd fd fd fd fd fd fd fa fa fa fa fd fd - 0x1c0e00003750: fd fd fd fd fd fd fd fa fa fa fa fa 00 00 00 00 - 0x1c0e00003760: 00 00 00 00 00 00 fa fa fa fa 00 00 00 00 00 00 - 0x1c0e00003770: 00 00 00 fa fa fa fa fa fd fd fd fd fd fd fd fd - 0x1c0e00003780: fd fd fa fa fa fa fd fd fd fd fd fd fd fd fd fa - =>0x1c0e00003790: fa fa fa fa 00 00 00 00 00 00 00 00 00 00[fa]fa - 0x1c0e000037a0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa - 0x1c0e000037b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa - 0x1c0e000037c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa - 0x1c0e000037d0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa - 0x1c0e000037e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa - Shadow byte legend (one shadow byte represents 8 application bytes): - Addressable: 00 - Partially addressable: 01 02 03 04 05 06 07 - Heap left redzone: fa - Freed heap region: fd - Stack left redzone: f1 - Stack mid redzone: f2 - Stack right redzone: f3 - Stack after return: f5 - Stack use after scope: f8 - Global redzone: f9 - Global init order: f6 - Poisoned by user: f7 - Container overflow: fc - Array cookie: ac - Intra object redzone: bb - ASan internal: fe - Left alloca redzone: ca - Right alloca redzone: cb - Shadow gap: cc - -- [Thilo Schulz brought this change] - - openssl.c : Fix use-after-free crash on reinitialization of openssl backend - - file : openssl.c - - notes : - libssh2's openssl backend has a use-after-free condition if HAVE_OPAQUE_STRUCTS is defined and you call libssh2_init() again after prior initialisation/deinitialisation of libssh2 - - credit : Thilo Schulz - -- [axjowa brought this change] - - openssl.h : Use of ifdef where if should be used (#389) - - File : openssl.h - - Notes : - LIBSSH2_ECDSA and LIBSSH2_ED25519 are always defined so the #ifdef - checks would never be false. - - This change makes it possible to build libssh2 against OpenSSL built - without EC support. - - Change-Id: I0a2f07c2d80178314dcb7d505d1295d19cf15afd - - Credit : axjowa - -- [Zenju brought this change] - - Agent.c : Preserve error info from agent_list_identities() (#374) - - Files : agent.c - - Notes : - Currently the error details as returned by agent_transact_pageant() are overwritten by a generic "agent list id failed" message by int agent_list_identities(LIBSSH2_AGENT* agent). - - Credit : - Zenju - -- [Who? Me?! brought this change] - - Channel.c: Make sure the error code is set in _libssh2_channel_open() (#381) - - File : Channel.c - - Notes : - if _libssh2_channel_open() fails, set the error code. - - Credit : - mark-i-m - -- [Orgad Shaneh brought this change] - - Kex.c, Remove unneeded call to strlen (#373) - - File : Kex.c - - Notes : - Removed call to strlen - - Credit : - Orgad Shaneh - -- [Pedro Monreal brought this change] - - Spelling corrections (#380) - - Files : - libssh2.h, libssh2_sftp.h, bcrypt_pbkdf.c, mbedtls.c, sftp.c, ssh2.c - - Notes : - * Fixed misspellings - - Credit : - Pedro Monreal - -- [Sebastián Katzer brought this change] - - Fix Potential typecast error for `_libssh2_ecdsa_key_get_curve_type` (#383) - - Issue : #383 - - Files : hostkey.c, crypto.h, openssl.c - - Notes : - * Fix potential typecast error for `_libssh2_ecdsa_key_get_curve_type` - * Rename _libssh2_ecdsa_key_get_curve_type to _libssh2_ecdsa_get_curve_type - - Credit : - Sebastián Katzer - -GitHub (20 Jun 2019) -- [Will Cosgrove brought this change] - - bump copyright date - -Version 1.9.0 (19 Jun 2019) - -GitHub (19 Jun 2019) -- [Will Cosgrove brought this change] - - 1.9 Formatting - -- [Will Cosgrove brought this change] - - 1.9 Release notes - -Will Cosgrove (17 May 2019) -- [Alexander Curtiss brought this change] - - libgcrypt.c : Fixed _libssh2_rsa_sha1_sign memory leak. (#370) - - File: libgcrypt.c - - Notes : Added calls to gcry_sexp_release to free memory allocated by gcry_sexp_find_token - - Credit : - Reporter : beckmi - PR by: Alexander Curtiss - -- [Orivej Desh brought this change] - - libssh2_priv.h : Fix musl build warning on sys/poll.h (#346) - - File : libssh2_priv.h - - Notes : - musl prints `redirecting incorrect #include to ` - http://git.musl-libc.org/cgit/musl/commit/include/sys/poll.h?id=54446d730cfb17c5f7bcf57f139458678f5066cc - - poll is defined by POSIX to be in poll.h: - http://pubs.opengroup.org/onlinepubs/7908799/xsh/poll.html - - Credit : Orivej Desh - -GitHub (1 May 2019) -- [Will Cosgrove brought this change] - - kex.c : additional bounds checks in diffie_hellman_sha1/256 (#361) - - Files : kex.c, misc.c, misc.h - - Notes : - Fixed possible out of bounds memory access when reading malformed data in diffie_hellman_sha1() and diffie_hellman_sha256(). - - Added _libssh2_copy_string() to misc.c to return an allocated and filled char buffer from a string_buf offset. Removed no longer needed s var in kmdhgGPshakex_state_t. - -Will Cosgrove (26 Apr 2019) -- [Tseng Jun brought this change] - - sftp.c : sftp_bin2attr() Correct attrs->gid assignment (#366) - - Regression with fix for #339 - - Credit : Tseng Jun - -- [Tseng Jun brought this change] - - kex.c : Correct type cast in curve25519_sha256() (#365) - -GitHub (24 Apr 2019) -- [Will Cosgrove brought this change] - - transport.c : scope local total_num var (#364) - - file : transport.c - notes : move local `total_num` variable inside of if block to prevent scope access issues which caused #360. - -Will Cosgrove (24 Apr 2019) -- [doublex brought this change] - - transport.c : fixes bounds check if partial packet is read - - Files : transport.c - - Issue : #360 - - Notes : - 'p->total_num' instead of local value total_num when doing bounds check. - - Credit : Doublex - -GitHub (23 Apr 2019) -- [Will Cosgrove brought this change] - - Editor config file for source files (#322) - - Simple start to an editor config file when editing source files to make sure they are configured correctly. - -- [Will Cosgrove brought this change] - - misc.c : String buffer API improvements (#332) - - Files : misc.c, hostkey.c, kex.c, misc.h, openssl.c, sftp.c - - Notes : - * updated _libssh2_get_bignum_bytes and _libssh2_get_string. Now pass in length as an argument instead of returning it to keep signedness correct. Now returns -1 for failure, 0 for success. - - _libssh2_check_length now returns 0 on success and -1 on failure to match the other string_buf functions. Added comment to _libssh2_check_length. - - Credit : Will Cosgrove - -Will Cosgrove (19 Apr 2019) -- [doublex brought this change] - - mbedtls.c : _libssh2_mbedtls_rsa_new_private_frommemory() allow private-key from memory (#359) - - File : mbedtls.c - - Notes: _libssh2_mbedtls_rsa_new_private_frommemory() fixes private-key from memory reading to by adding NULL terminator before parsing; adds passphrase support. - - Credit: doublex - -- [Ryan Kelley brought this change] - - Session.c : banner_receive() from leaking when accessing non ssh ports (#356) - - File : session.c - - Release previous banner in banner_receive() if the session is reused after a failed connection. - - Credit : Ryan Kelley - -GitHub (11 Apr 2019) -- [Will Cosgrove brought this change] - - Formatting in agent.c - - Removed whitespace. - -- [Will Cosgrove brought this change] - - Fixed formatting in agent.c - - Quiet linter around a couple if blocks and pointer. - -Will Cosgrove (11 Apr 2019) -- [Zhen-Huan HWANG brought this change] - - sftp.c : discard and reset oversized packet in sftp_packet_read() (#269) - - file : sftp.c - - notes : when sftp_packet_read() encounters an sftp packet which exceeds SFTP max packet size it now resets the reading state so it can continue reading. - - credit : Zhen-Huan HWANG - -GitHub (11 Apr 2019) -- [Will Cosgrove brought this change] - - Add agent functions libssh2_agent_get_identity_path() and libssh2_agent_set_identity_path() (#308) - - File : agent.c - - Notes : - Libssh2 uses the SSH_AUTH_SOCK env variable to read the system agent location. However, when using a custom agent path you have to set this value using setenv which is not thread-safe. The new functions allow for a way to set a custom agent socket path in a thread safe manor. - -- [Will Cosgrove brought this change] - - Simplified _libssh2_check_length (#350) - - * Simplified _libssh2_check_length - - misc.c : _libssh2_check_length() - - Removed cast and improved bounds checking and format. - - Credit : Yuriy M. Kaminskiy - -- [Will Cosgrove brought this change] - - _libssh2_check_length() : additional bounds check (#348) - - Misc.c : _libssh2_check_length() - - Ensure the requested length is less than the total length before doing the additional bounds check - -Daniel Stenberg (25 Mar 2019) -- misc: remove 'offset' from string_buf - - It isn't necessary. - - Closes #343 - -- sftp: repair mtime from e1ead35e475 - - A regression from e1ead35e4759 broke the SFTP mtime logic in - sftp_bin2attr - - Also simplified the _libssh2_get_u32/u64 functions slightly. - - Closes #342 - -- session_disconnect: don't zero state, just clear the right bit - - If we clear the entire field, the freeing of data in session_free() is - skipped. Instead just clear the bit that risk making the code get stuck - in the transport functions. - - Regression from 4d66f6762ca3fc45d9. - - Reported-by: dimmaq on github - Fixes #338 - Closes #340 - -- libssh2_sftp.h: restore broken ABI - - Commit 41fbd44 changed variable sizes/types in a public struct which - broke the ABI, which breaks applications! - - This reverts that change. - - Closes #339 - -- style: make includes and examples code style strict - - make travis and the makefile rule verify them too - - Closes #334 - -GitHub (21 Mar 2019) -- [Daniel Stenberg brought this change] - - create a github issue template - -Daniel Stenberg (21 Mar 2019) -- stale-bot: activated - - The stale bot will automatically mark stale issues (inactive for 90 - days) and if still untouched after 21 more days, close them. - - See https://probot.github.io/apps/stale/ - -- libssh2_session_supported_algs.3: fix formatting mistakes - - Reported-by: Max Horn - Fixes #57 - -- [Zenju brought this change] - - libssh2.h: Fix Error C2371 'ssize_t': redefinition - - Closes #331 - -- travis: add code style check - - Closes #324 - -- code style: unify code style - - Indent-level: 4 - Max columns: 79 - No spaces after if/for/while - Unified brace positions - Unified white spaces - -- src/checksrc.pl: code style checker - - imported as-is from curl - -Will Cosgrove (19 Mar 2019) -- Merge branch 'MichaelBuckley-michaelbuckley-security-fixes' - -- Silence unused var warnings (#329) - - Silence warnings about unused variables in this test - -- Removed unneeded > 0 check - - When checking `userauth_kybd_num_prompts > 100` we don't care if it's also above zero. - -- [Matthew D. Fuller brought this change] - - Spell OpenSS_H_ right when talking about their specific private key (#321) - - Good catch, thanks. - -GitHub (19 Mar 2019) -- [Will Cosgrove brought this change] - - Silence unused var warnings (#329) - - Silence warnings about unused variables in this test - -Michael Buckley (19 Mar 2019) -- Fix more scope and printf warning errors - -- Silence unused variable warning - -GitHub (19 Mar 2019) -- [Will Cosgrove brought this change] - - Removed unneeded > 0 check - - When checking `userauth_kybd_num_prompts > 100` we don't care if it's also above zero. - -Will Cosgrove (19 Mar 2019) -- [Matthew D. Fuller brought this change] - - Spell OpenSS_H_ right when talking about their specific private key (#321) - - Good catch, thanks. - -Michael Buckley (18 Mar 2019) -- Fix errors identified by the build process - -- Fix casting errors after merge - -GitHub (18 Mar 2019) -- [Michael Buckley brought this change] - - Merge branch 'master' into michaelbuckley-security-fixes - -Michael Buckley (18 Mar 2019) -- Move fallback SIZE_MAX and UINT_MAX to libssh2_priv.h - -- Fix type and logic issues with _libssh2_get_u64 - -Daniel Stenberg (17 Mar 2019) -- examples: fix various compiler warnings - -- lib: fix various compiler warnings - -- session: ignore pedantic warnings for funcpointer <=> void * - -- travis: add a build using configure - - Closes #320 - -- configure: provide --enable-werror - -- appveyor: remove old builds that mostly cause failures - - ... and only run on master branch. - - Closes #323 - -- cmake: add two missing man pages to get installed too - - Both libssh2_session_handshake.3 and - libssh2_userauth_publickey_frommemory.3 were installed by the configure - build already. - - Reported-by: Arfrever on github - Fixes #278 - -- include/libssh2.h: warning: "_WIN64" is not defined, evaluates to 0 - - We don't use #if for defines that might not be defined. - -- pem: //-comments are not allowed - -Will Cosgrove (14 Mar 2019) -- [Daniel Stenberg brought this change] - - userauth: fix "Function call argument is an uninitialized value" (#318) - - Detected by scan-build. - -- fixed unsigned/signed issue - -Daniel Stenberg (15 Mar 2019) -- session_disconnect: clear state - - If authentication is started but not completed before the application - gives up and instead wants to shut down the session, the '->state' field - might still be set and thus effectively dead-lock session_disconnect. - - This happens because both _libssh2_transport_send() and - _libssh2_transport_read() refuse to do anything as long as state is set - without the LIBSSH2_STATE_KEX_ACTIVE bit. - - Reported in curl bug https://github.com/curl/curl/issues/3650 - - Closes #310 - -Will Cosgrove (14 Mar 2019) -- Release notes from 1.8.1 - -Michael Buckley (14 Mar 2019) -- Use string_buf in sftp_init(). - -- Guard against out-of-bounds reads in publickey.c - -- Guard against out-of-bounds reads in session.c - -- Guard against out-of-bounds reads in userauth.c - -- Use LIBSSH2_ERROR_BUFFER_TOO_SMALL instead of LIBSSH2_ERROR_OUT_OF_BOUNDARY in sftp.c - -- Additional bounds checking in sftp.c - -- Additional length checks to prevent out-of-bounds reads and writes in _libssh2_packet_add(). https://libssh2.org/CVE-2019-3862.html - -- Add a required_size parameter to sftp_packet_require et. al. to require callers of these functions to handle packets that are too short. https://libssh2.org/CVE-2019-3860.html - -- Check the length of data passed to sftp_packet_add() to prevent out-of-bounds reads. - -- Prevent zero-byte allocation in sftp_packet_read() which could lead to an out-of-bounds read. https://libssh2.org/CVE-2019-3858.html - -- Sanitize padding_length - _libssh2_transport_read(). https://libssh2.org/CVE-2019-3861.html - - This prevents an underflow resulting in a potential out-of-bounds read if a server sends a too-large padding_length, possibly with malicious intent. - -- Defend against writing beyond the end of the payload in _libssh2_transport_read(). - -- Defend against possible integer overflows in comp_method_zlib_decomp. - -GitHub (14 Mar 2019) -- [Will Cosgrove brought this change] - - Security fixes (#315) - - * Bounds checks - - Fixes for CVEs - https://www.libssh2.org/CVE-2019-3863.html - https://www.libssh2.org/CVE-2019-3856.html - - * Packet length bounds check - - CVE - https://www.libssh2.org/CVE-2019-3855.html - - * Response length check - - CVE - https://www.libssh2.org/CVE-2019-3859.html - - * Bounds check - - CVE - https://www.libssh2.org/CVE-2019-3857.html - - * Bounds checking - - CVE - https://www.libssh2.org/CVE-2019-3859.html - - and additional data validation - - * Check bounds before reading into buffers - - * Bounds checking - - CVE - https://www.libssh2.org/CVE-2019-3859.html - - * declare SIZE_MAX and UINT_MAX if needed - -- [Will Cosgrove brought this change] - - fixed type warnings (#309) - -- [Will Cosgrove brought this change] - - Bumping version number for pending 1.8.1 release - -Will Cosgrove (4 Mar 2019) -- [Daniel Stenberg brought this change] - - _libssh2_string_buf_free: use correct free (#304) - - Use LIBSSH2_FREE() here, not free(). We allow memory function - replacements so free() is rarely the right choice... - -GitHub (26 Feb 2019) -- [Will Cosgrove brought this change] - - Fix for building against libreSSL #302 - - Changed to use the check we use elsewhere. - -- [Will Cosgrove brought this change] - - Fix for when building against LibreSSL #302 - -Will Cosgrove (25 Feb 2019) -- [gartens brought this change] - - docs: update libssh2_hostkey_hash.3 [ci skip] (#301) - -GitHub (21 Feb 2019) -- [Will Cosgrove brought this change] - - fix malloc/free mismatches #296 (#297) - -- [Will Cosgrove brought this change] - - Replaced malloc with calloc #295 - -- [Will Cosgrove brought this change] - - Abstracted OpenSSL calls out of hostkey.c (#294) - -- [Will Cosgrove brought this change] - - Fix memory dealloc impedance mis-match #292 (#293) - - When using ed25519 host keys and a custom memory allocator. - -- [Will Cosgrove brought this change] - - Added call to OpenSSL_add_all_digests() #288 - - For OpenSSL 1.0.x we need to call OpenSSL_add_all_digests(). - -Will Cosgrove (12 Feb 2019) -- [Zhen-Huan HWANG brought this change] - - SFTP: increase maximum packet size to 256K (#268) - - to match implementations like OpenSSH. - -- [Zenju brought this change] - - Fix https://github.com/libssh2/libssh2/pull/271 (#284) - -GitHub (16 Jan 2019) -- [Will Cosgrove brought this change] - - Agent NULL check in shutdown #281 - -Will Cosgrove (15 Jan 2019) -- [Adrian Moran brought this change] - - mbedtls: Fix leak of 12 bytes by each key exchange. (#280) - - Correctly free ducts by calling _libssh2_mbedtls_bignum_free() in dtor. - -- [alex-weaver brought this change] - - Fix error compiling on Win32 with STDCALL=ON (#275) - -GitHub (8 Nov 2018) -- [Will Cosgrove brought this change] - - Allow default permissions to be used in sftp_mkdir (#271) - - Added constant LIBSSH2_SFTP_DEFAULT_MODE to use the server default permissions when making a new directory - -Will Cosgrove (13 Sep 2018) -- [Giulio Benetti brought this change] - - openssl: fix dereferencing ambiguity potentially causing build failure (#267) - - When dereferencing from *aes_ctr_cipher, being a pointer itself, - ambiguity can occur; fixed possible build errors. - -Viktor Szakats (12 Sep 2018) -- win32/GNUmakefile: define HAVE_WINDOWS_H - - This macro was only used in test/example code before, now it is - also used in library code, but only defined automatically by - automake/cmake, so let's do the same for the standalone win32 - make file. - - It'd be probably better to just rely on the built-in _WIN32 macro - to detect the presence of windows.h though. It's already used - in most of libssh2 library code. There is a 3rd, similar macro - named LIBSSH2_WIN32, which might also be replaced with _WIN32. - - Ref: https://github.com/libssh2/libssh2/commit/8b870ad771cbd9cd29edbb3dbb0878e950f868ab - Closes https://github.com/libssh2/libssh2/pull/266 - -Marc Hoersken (2 Sep 2018) -- Fix conditional check for HAVE_DECL_SECUREZEROMEMORY - - "Unlike the other `AC_CHECK_*S' macros, when a symbol is not declared, - HAVE_DECL_symbol is defined to `0' instead of leaving HAVE_DECL_symbol - undeclared. When you are sure that the check was performed, - use HAVE_DECL_symbol in #if." - - Source: autoconf documentation for AC_CHECK_DECLS. - -- Fix implicit declaration of function 'SecureZeroMemory' - - Include window.h in order to use SecureZeroMemory on Windows. - -- Fix implicit declaration of function 'free' by including stdlib.h - -GitHub (27 Aug 2018) -- [Will Cosgrove brought this change] - - Use malloc abstraction function in pem parse - - Fix warning on WinCNG build. - -- [Will Cosgrove brought this change] - - Fixed possible junk memory read in sftp_stat #258 - -- [Will Cosgrove brought this change] - - removed INT64_C define (#260) - - No longer used. - -- [Will Cosgrove brought this change] - - Added conditional around engine.h include - -Will Cosgrove (6 Aug 2018) -- [Alex Crichton brought this change] - - Fix OpenSSL link error with `no-engine` support (#259) - - This commit fixes linking against an OpenSSL library that was compiled with - `no-engine` support by bypassing the initialization routines as they won't be - available anyway. - -GitHub (2 Aug 2018) -- [Will Cosgrove brought this change] - - ED25519 Key Support #39 (#248) - - OpenSSH Key and ED25519 support #39 - Added _libssh2_explicit_zero() to explicitly zero sensitive data in memory #120 - - * ED25519 Key file support - Requires OpenSSL 1.1.1 or later - * OpenSSH Key format reading support - Supports RSA/DSA/ECDSA/ED25519 types - * New string buffer reading functions - These add build-in bounds checking and convenance methods. Used for OpenSSL PEM file reading. - * Added new tests for OpenSSH formatted Keys - -- [Will Cosgrove brought this change] - - ECDSA key types are now explicit (#251) - - * ECDSA key types are now explicit - - Issue was brough up in pull request #248 - -Will Cosgrove (2 May 2018) -- [Jakob Egger brought this change] - - Add Instructions for building from Master (#249) - -GitHub (27 Apr 2018) -- [Will Cosgrove brought this change] - - Initialize sb_intl #226 - -Will Cosgrove (19 Apr 2018) -- [doublex brought this change] - - buffer overflow (valgrind) (#159) - -- [Brendan Shanks brought this change] - - mbedTLS: Remove some C99-style intermingled variable declarations (#196) - -GitHub (18 Apr 2018) -- [Will Cosgrove brought this change] - - fix for #160 - -Will Cosgrove (18 Apr 2018) -- [doublex brought this change] - - fix memory leak when using mbedtls backend (#158) - - _libssh2_bn_init_from_bin/_libssh2_bn_free would leak bignum from mbedtls_calloc(). - -- [Brendan Shanks brought this change] - - mbedTLS: Avoid multiple definition errors for context handles (#197) - -- [Tseng Jun brought this change] - - Fix the EVP cipher meth memory leakage problem (#244) - - * Fix the EVP cipher meth memory leakage problem - - Looks good, thanks for the fixes. - -Marc Hörsken (31 Mar 2018) -- [Will Cosgrove brought this change] - - Added ECDSA defines for WinCNG (#245) - - Fixed missing defines preventing building using WinCNG - -GitHub (30 Mar 2018) -- [Will Cosgrove brought this change] - - Fix for _libssh2_rsa_new with OpenSSL 1.0.x - - missing d value assignment. - -Will Cosgrove (20 Mar 2018) -- [Etienne Samson brought this change] - - A collection of small fixes (#198) - - * tests: Remove if-pyramids - - * tests: Switch run_command arguments - - * tests: Make run_command a vararg function - - * tests: Xcode doesn't obey CMake's test working directory - - * openssl: move manual AES-CTR cipher into crypto init - - * cmake: Move our include dir before all other include paths - -GitHub (15 Mar 2018) -- [Will Cosgrove brought this change] - - Fixes incorrect indexing of KEX prefs string - - After stripping out an invalid KEX pref entry, it would incorrectly advance again leaving invalid values in the list. - -Viktor Szakats (13 Mar 2018) -- tests: fix checksrc warnings - - Also: - * add 'static' qualifier to file-wide const buffers - * fix a non-ANSI C89 comment - * silence a mismatched fprintf() mask warning by adding a cast - -- cmake: recognize OpenSSL 1.1 .dll names - - Also fix some comment typos and a stray tab. - -- docs: update an URL [ci skip] - -Daniel Stenberg (12 Mar 2018) -- docs/SECURITY: the max embargo is 14 days now - -Viktor Szakats (12 Mar 2018) -- docs: spelling fixes [ci skip] - - Closes https://github.com/libssh2/libssh2/pull/222 - -GitHub (12 Mar 2018) -- [Will Cosgrove brought this change] - - Fixed minor tabs/spacing issues - -- [Will Cosgrove brought this change] - - Update kex.c - -- [Will Cosgrove brought this change] - - Added basic bounds checking #206 - - Basic bounds checking in ecdh_sha2_nistp() - -- [Will Cosgrove brought this change] - - Fixed Clang warning #206 - - Fixed possible garbage value for secret in an error case - -- [Will Cosgrove brought this change] - - Fixed incorrect #if to #ifdef #206 - - When checking HAVE_OPAQUE_STRUCTS. - -Viktor Szakats (12 Mar 2018) -- src: suppress two checksrc warnings - - Ref: https://github.com/libssh2/libssh2/pull/235 - -- src: address fopen() warnings, add missing copyright headers - - Ref: https://github.com/libssh2/libssh2/pull/235 - -- src: replace sprintf() with snprintf() - - Ref: https://github.com/libssh2/libssh2/pull/235 - -- src: fix checksrc warnings - - Use checksrc.pl from the curl project, with (for now) - suppressed long line warnings and indentation set to - 4 spaces. Fixes are whitespace for the most part. - - Warning count went down from 2704 to 12. - - Also fix codespell typos, two non-ANSI C89 comments - and a stray tab in include/libssh2.h. - - Ref: https://github.com/libssh2/libssh2/pull/235 - -- checksrc: add source style checker - - This is a slightly extended version of this original source - from the curl project: - https://github.com/curl/curl/blob/8b754c430b9a4c51aa606c687ee5014faf7c7b06/lib/checksrc.pl - - This version adds the following options to customize it for - libssh2 (plus some whitespace formatting): - - `-i` to override indentation spaces (2) - `-m` to override maximum line length (79) - - Command-line used to check libssh2 sources: - - $ ./checksrc.pl -i4 -m500 *.c *.h - - Closes https://github.com/libssh2/libssh2/pull/236 - -- src: add static qualifier - - To private, const strings. - - Closes https://github.com/libssh2/libssh2/pull/237 - -- [Will Cosgrove brought this change] - - Add support for ECDSA keys and host keys (#41) - - This commit lands full ECDSA key support when using the OpenSSL - backend. Which includes: - - New KEX methods: - ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521 - - Can now read OpenSSL formatted ECDSA key files. - - Now supports known host keys of type ecdsa-sha2-nistp256. - - New curve types: - NID_X9_62_prime256v1, NID_secp384r1, NID_secp521r1 - - Default host key preferred ordering is now nistp256, nistp384, - nistp521, rsa, dss. - - Ref: https://github.com/libssh2/libssh2/issues/41 - - Closes https://github.com/libssh2/libssh2/pull/206 - -GitHub (15 Dec 2017) -- [Will Cosgrove brought this change] - - Fixed possible crash when decoding invalid data - - When trying to decode invalid data, it frees the buffer but doesn't nil it so the caller gets a junk memory pointer which they could potentially double free. - -- [Will Cosgrove brought this change] - - Remove call to OpenSSL_add_all_ciphers() - - Now lives in libssh2 init() from PR #189 - -- [Will Cosgrove brought this change] - - Fixed incorrect reference to decrypted block - - Fixed incorrectly copied memory from p->buf into init instead of from the decrypted buffer block. The only reason this worked was because the crypt() function decrypts the value in-place and overwrites p->buf. I'm working on a fork that no longer does this and exposed this bug. - -Will Cosgrove (20 Oct 2017) -- [Pan brought this change] - - Fix typo in crypt.c (#218) - -Kamil Dudka (17 Oct 2017) -- session: avoid printing misleading debug messages - - ... while throwing LIBSSH2_ERROR_EAGAIN out of session_startup() - - If the session runs in blocking mode, LIBSSH2_ERROR_EAGAIN never reaches - the libssh2 API boundary and, in non-blocking mode, these messages are - suppressed by the condition in _libssh2_error_flags() anyway. - - Closes #211 - -Viktor Szakats (15 Oct 2017) -- win32/GNUmakefile: allow customizing dll suffixes - - - New `LIBSSH2_DLL_SUFFIX` envvar will add a suffix to the generated - libssh2 dll name. Useful to add `-x64` to 64-bit builds so that - it can live in the same directory as the 32-bit one. By default - this is empty. - - - New `LIBSSH2_DLL_A_SUFFIX` envvar to customize the suffix of the - generated import library (implib) for libssh2 .dll. It defaults - to `dll`, and it's useful to modify that to `.dll` to have the - standard naming scheme for mingw-built .dlls, i.e. `libssh2.dll.a`. - - Ref: https://github.com/curl/curl/commit/aaa16f80256abc1463fd9374815130a165222257 - - Closes https://github.com/libssh2/libssh2/pull/215 - -- makefile.m32: allow to override gcc, ar and ranlib - - Allow to ovverride certain build tools, making it possible to - use LLVM/Clang to build libssh2. The default behavior is unchanged. - To build with clang (as offered by MSYS2), these settings can - be used: - - LIBSSH2_CC=clang - LIBSSH2_AR=llvm-ar - LIBSSH2_RANLIB=llvm-ranlib - - Also adjust ranlib parameters to be compatible with LLVM/Clang's - ranlib tool. - - Closes https://github.com/libssh2/libssh2/pull/214 - -GitHub (27 Sep 2017) -- [Will Cosgrove brought this change] - - Fixes out of bounds memory access (#210) - - If an invalid PEM file is read and the lines are longer than 128 characters it will go out of bounds and crash on line 91. - -Will Cosgrove (11 Sep 2017) -- [Kamil Dudka brought this change] - - scp: do not NUL-terminate the command for remote exec (#208) - - It breaks SCP download/upload from/to certain server implementations. - - The bug does not manifest with OpenSSH, which silently drops the NUL - byte (eventually with any garbage that follows the NUL byte) before - executing it. - - Bug: https://bugzilla.redhat.com/1489736 - -GitHub (21 Aug 2017) -- [Viktor Szakats brought this change] - - openssl.c: remove no longer used variable (#204) - - after e378d2e30a40bd9bcee06dc3a4250f269098e200 - -- [Will Cosgrove brought this change] - - Fix for #188 (#189) - - * Update openssl.c - - * Create openssl.h - -Will Cosgrove (24 May 2017) -- [Marcel Raad brought this change] - - openssl: fix build with OpenSSL 1.1 API (#176) - - When building with OPENSSL_API_COMPAT=0x10100000L, OpenSSL_add_all_algorithms - and OpenSSL_add_all_ciphers don't exist. The corresponding functionality is - handled automatically with OpenSSL 1.1. - -- [Sune Bredahl brought this change] - - Add support for SHA256 hostkey fingerprints (#180) - - Looks good, thanks! - -GitHub (12 May 2017) -- [Will Cosgrove brought this change] - - Fix memory leak of crypt_ctx->h using openSSL 1.1+ (#177) - - Need to use EVP_CIPHER_CTX_free instead of EVP_CIPHER_CTX_reset. - -Marc Hoersken (2 Mar 2017) -- tests/openssh_server/authorized_keys: add key_rsa_encrypted.pub - -- tests: add simple test for passphrase-protected PEM file support - -- os400qc3: enable passphrase-protected PEM file support using pem.c - -- pem: fix indentation and replace assert after 386e012292 - -- [Keno Fischer brought this change] - - pem: add passphrase-protected PEM file support for libgcrypt and wincng - - Since they use our own PEM parser which did not support encrypted - PEM files, trying to use such files on these backends failed. - Fix that by augmenting the PEM parser to support encrypted PEM files. - -- [Thomas brought this change] - - misc: use time constant implementation for AES CTR increment - -- [Thomas brought this change] - - wincng: add AES CTR mode support (aes128-ctr, aes192-ctr, aes256-ctr) - -- [Thomas brought this change] - - openssl: move shared AES-CTR code into misc - -Daniel Stenberg (20 Dec 2016) -- [Alex Crichton brought this change] - - kex: acknowledge error code from libssh2_dh_key_pair() - - Fixes a segfault using ssh-agent on Windows - - This commit fixes a segfault seen dereferencing a null pointer on - Windows when using ssh-agent. The problem ended up being that errors - weren't being communicated all the way through, causing null pointers to - be used when functions should have bailed out sooner. - - The `_libssh2_dh_key_pair` function for WinCNG was modified to propagate - errors, and then the two callsites in kex.c of - `diffie_hellman_sha{1,256}` were updated to recognize this error and - bail out. - - Fixes #162 - Closes #163 - -Alexander Lamaison (27 Nov 2016) -- [monnerat brought this change] - - Implement Diffie-Hellman computations in crypto backends. (#149) - - Not all backends feature the low level API needed to compute a Diffie-Hellman - secret, but some of them directly implement Diffie-Hellman support with opaque - private data. The later approach is now generalized and backends are - responsible for all Diffie Hellman computations. - As a side effect, procedures/macros _libssh2_bn_rand and _libssh2_bn_mod_exp - are no longer needed outside the backends. - -Peter Stuge (16 Nov 2016) -- acinclude.m4: The mbedtls crypto backend actually requires libmbedcrypto - - Examples can't be linked with libmbedtls but need libmbedcrypto, and - any users of libssh2 which use libtool and libssh2.la would encounter - the same problem. - - This changes the mbedtls detection to search for libmbedcrypto, which - is the actual dependency for the backend. - -- acinclude.m4: Add CPPFLAGS=-I$prefix-dir/include in LIBSSH2_LIB_HAVE_LINKFLAGS - - This is absolutely neccessary for header files to be found when - AC_LIB_HAVE_LINKFLAGS searches for libraries. - -- acinclude.m4: Make saved variables in LIBSSH2_LIB_HAVE_LINKFLAGS uniform - -- docs/HACKING.CRYPTO: Improve documentation for autoconf build system - -Alexander Lamaison (16 Nov 2016) -- [Alex Arslan brought this change] - - Check for netinet/in.h in the tests cmake file (#148) - -- [Patrick Monnerat brought this change] - - Define new Diffie-Hellman context for mbedTLS - -- [monnerat brought this change] - - Make libssh2 work again on os400. (#118) - - * os400: minimum supported OS version is now V6R1. - Do not log compiler informational messages. - - * Implement crypto backend specific Diffie-Hellman computation. - - This feature is now needed on os400 because the QC3 library does not - implement bn_mod_exp() natively. Up to now, this function was emulated using - an RSA encryption, but commits ca5222ea819cc5ed797860070b4c6c1aeeb28420 and - 7934c9ce2a029c43e3642a492d3b9e494d1542be (CVE-2016-0787) broke the emulation - because QC3 only supports RSA exponents up to 512 bits. - - Happily, QC3 supports a native API for Diffie-Hellman computation, with - opaque random value: this commit implements the use of this API and, as a - side effect, enables support of this feature for any other crypto backend that - would use it. - - A "generic" Diffie-Hellman computation internal API supports crypto backends - not implementing their own: this generic API uses the same functions as before. - - * Fix typos in docs/HACKING.CRYPTO. - -- [Peter Stuge brought this change] - - acinclude.m4: Fixup OpenSSL EVP_aes_128_ctr() detection - -- [Peter Stuge brought this change] - - configure.ac: Add --with-crypto= instead of many different --with-$backend - - The new --with-crypto option replaces the previous backend-specific - --with-{openssl,libgcrypt,mbedtls,wincng} options and fixes some issues. - - * libgcrypt or mbedtls would previously be used whenever found, even - if configure was passed --without-libgcrypt or --without-mbedtls. - - * If --with-$backend was specified then configure would not fail even - if that library could not be found, and would instead use whichever - crypto library was found first. - - The new option defaults to `auto`, which makes configure check for all - supported crypto libraries in turn, choosing the first one found, or - exiting with an error if none can be found. - -- [Tony Kelman brought this change] - - Build mbedtls from source on Travis (#133) - - * Revert "Revert "travis: Test mbedtls too"" - - This reverts commit c4c60eac5ca756333034b07dd9e0b97741493ed3. - - * travis: Build mbedtls from source on Travis - - Use TOOLCHAIN_OPTION when calling cmake on mbedtls - - * tests: only run DSA tests for non-mbedtls - - crypto backends - -- [Peter Stuge brought this change] - - configure.ac src/Makefile.am: Remove dead AM_CONDITIONAL(OS400QC3) - - According to os400/README400 this backend can not be built - with configure+make, and the conditional is hard coded to false. - -- [Peter Stuge brought this change] - - configure.ac: Add -DNDEBUG to CPPFLAGS in non-debug builds - - There are a few uses of assert() in channel.c, sftp.c and transport.c. - -- [Peter Stuge brought this change] - - src/global.c: Fix conditional AES-CTR support - - Most of libssh2 already has conditional support for AES-CTR according to - the LIBSSH2_AES_CTR crypto backend #define, but global.c needed fixing. - -- [Peter Stuge brought this change] - - src/crypto.h src/userauth.c: Fix conditional RSA support - - Most of libssh2 already has conditional support for RSA according to - the LIBSSH2_RSA crypto backend #define, but crypto.h and userauth.c - needed a few small fixes. - -- [Peter Stuge brought this change] - - src/kex.c: Cast libssh2_sha{1,256}_update data arguments properly - - The update functions take a const unsigned char * but were called - with (const) char * in some places, causing unneccessary warnings. - -- [Peter Stuge brought this change] - - docs/HACKING.CRYPTO: Fix two type typos - -- [Sergei Trofimovich brought this change] - - acinclude.m4: fix ./configure --with-libgcrypt - - The change fixes passing of bogus gcrypt prefix. - Reproducible as: - - $ ./configure --with-libgcrypt - $ make V=1 - ... - /bin/sh ../libtool --tag=CC --mode=link gcc -g -O2 -Iyes/include -version-info 1:1:0 -no-undefined -export-symbols-regex '^libssh2_.*' -lgcrypt -lz -Lyes/lib -o libssh2.la -rpath /usr/local/lib channel.lo comp.lo crypt.lo hostkey.lo kex.lo mac.lo misc.lo packet.lo publickey.lo scp.lo session.lo sftp.lo userauth.lo transport.lo version.lo knownhost.lo agent.lo libgcrypt.lo pem.lo keepalive.lo global.lo -lgcrypt - ../libtool: line 7475: cd: yes/lib: No such file or directory - libtool: error: cannot determine absolute directory name of 'yes/lib' - - These - -Iyes/include - -Lyes/lib - come from libgcrypt code autodetection: - if test -n "$use_libgcrypt" && test "$use_libgcrypt" != "no"; then - LDFLAGS="$LDFLAGS -L$use_libgcrypt/lib" - CFLAGS="$CFLAGS -I$use_libgcrypt/include" - - I assume it's a typo to use yes/no flag as a prefix and changed - it to '$with_libgcrypt_prefix'. - - Reported-by: Mikhail Pukhlikov - Signed-off-by: Sergei Trofimovich - -- [Zenju brought this change] - - libssh2_sftp_init hang: last error not set - - The problem is that the original if statement simply returns NULL, but does not set the session last error code. The consequence is that libssh2_sftp_init() also returns NULL and libssh2_session_last_errno(sshSession) == LIBSSH2_ERROR_NONE. - - In my test the LIBSSH2_ERROR_EAGAIN is coming from sftp.c row 337: - if(4 != sftp->partial_size_len) - /* we got a short read for the length part */ - return LIBSSH2_ERROR_EAGAIN; - - with "partial_size_len == 0". Not sure if this is expected. - -- [Aidan Hobson Sayers brought this change] - - docs: correctly describe channel_wait_eof - - channel_wait_eof waits for channel->remote.eof, which is set on - receiving a `SSH_MSG_CHANNEL_EOF` message. This message is sent - when a party has no more data to send on a channel. - -- [Zenju brought this change] - - Fix MSVC 14 compilation warning (#92) - - 1> sftp.c - 1>libssh2-files\src\sftp.c(3393): warning C4456: declaration of 'retcode' hides previous local declaration - 1> libssh2-files\src\sftp.c(3315): note: see declaration of 'retcode' - -- [Salvador Fandino brought this change] - - LIBSSH2_ERROR_CHANNEL_WINDOW_FULL: add new error code - - In order to signal that the requested operation can not succeed - because the receiving window had been exhausted, the error code - LIBSSH2_ERROR_BUFFER_TOO_SMALL has been reused but I have found - that in certain context it may be ambigous. - - This patch introduces a new error code, - LIBSSH2_ERROR_CHANNEL_WINDOW_FULL, exclusive to signal that condition. - -- [Salvador Fandino brought this change] - - channel_wait_eof: handle receive window exhaustion - - Until now, in blocking mode, if the remote receiving window is - exhausted this function hangs forever as data is not read and the - remote side just keeps waiting for the window to grow before sending - more data. - - This patch, makes this function check for that condition and abort - with an error when it happens. - -- [Salvador Fandino brought this change] - - channel_wait_closed: don't fail when unread data is queued - - This function was calling channel_wait_eof to ensure that the EOF - packet has already been received, but that function also checks that - the read data queue is empty before reporting the EOF. That caused - channel_wait_closed to fail with a LIBSSH2_ERROR_INVAL when some data - was queued even after a successful call to libssh2_channel_wait_eof. - - This patch changes libssh2_channel_wait_closed to look directly into - channel->remote.eof so that both libssh2_channel_wait_eof and - libssh2_channel_wait_closed bahave consistently. - -- [Salvador Fandino brought this change] - - channel_wait_eof: fix debug message - -Daniel Stenberg (25 Oct 2016) -- libssh2.h: start working on 1.8.1 - -Version 1.8.0 (25 Oct 2016) - -Daniel Stenberg (25 Oct 2016) -- RELEASE-NOTES: adjusted for 1.8.0 - -Kamil Dudka (20 Oct 2016) -- Revert "aes: the init function fails when OpenSSL has AES support" - - This partially reverts commit f4f2298ef3635acd031cc2ee0e71026cdcda5864 - because it caused the compatibility code to call initialization routines - redundantly, leading to memory leakage with OpenSSL 1.1 and broken curl - test-suite in Fedora: - - 88 bytes in 1 blocks are definitely lost in loss record 5 of 8 - at 0x4C2DB8D: malloc (vg_replace_malloc.c:299) - by 0x72C607D: CRYPTO_zalloc (mem.c:100) - by 0x72A2480: EVP_CIPHER_meth_new (cmeth_lib.c:18) - by 0x4E5A550: make_ctr_evp.isra.0 (openssl.c:407) - by 0x4E5A8E8: _libssh2_init_aes_ctr (openssl.c:471) - by 0x4E5BB5A: libssh2_init (global.c:49) - -Daniel Stenberg (19 Oct 2016) -- [Charles Collicutt brought this change] - - libssh2_wait_socket: Fix comparison with api_timeout to use milliseconds (#134) - - Fixes #74 - -- [Charles Collicutt brought this change] - - Set err_msg on _libssh2_wait_socket errors (#135) - -- Revert "travis: Test mbedtls too" - - This reverts commit 3e6de50a24815e72ec5597947f1831f6083b7da8. - - Travis doesn't seem to support the mbedtls-dev package - -- maketgz: support "only" to only update version number locally - - and fix the date output locale - -- configure: make the --with-* options override the OpenSSL default - - ... previously it would default to OpenSSL even with the --with-[crypto] - options used unless you specificly disabled OpenSSL. Now, enabling another - backend will automatically disable OpenSSL if the other one is found. - -- [Keno Fischer brought this change] - - docs: Add documentation on new cmake/configure options - -- [Keno Fischer brought this change] - - configure: Add support for building with mbedtls - -- [wildart brought this change] - - travis: Test mbedtls too - -- [wildart brought this change] - - crypto: add support for the mbedTLS backend - - Closes #132 - -- [wildart brought this change] - - cmake: Add CLEAR_MEMORY option, analogously to that for autoconf - -- README.md: fix link typo - -- README: markdown version to look nicer on github - -Viktor Szakats (5 Sep 2016) -- [Taylor Holberton brought this change] - - openssl: add OpenSSL 1.1.0 compatibility - -Daniel Stenberg (4 Sep 2016) -- [Antenore Gatta brought this change] - - tests: HAVE_NETINET_IN_H was not defined correctly (#127) - - Fixes #125 - -- SECURITY: fix web site typo - -- SECURITY: security process - -GitHub (14 Aug 2016) -- [Alexander Lamaison brought this change] - - Basic dockerised test suite. - - This introduces a test suite for libssh2. It runs OpenSSH in a Docker - container because that works well on Windows (via docker-machine) as - well as Linux. Presumably it works on Mac too with docker-machine, but - I've not tested that. - - Because the test suite is docker-machine aware, you can also run it - against a cloud provider, for more realistic network testing, by setting - your cloud provider as your active docker machine. The Appveyor CI setup - in this commit does that because Appveyor doesn't support docker - locally. - -Kamil Dudka (3 Aug 2016) -- [Viktor Szakats brought this change] - - misc.c: Delete unused static variables - - Closes #114 - -Daniel Stenberg (9 Apr 2016) -- [Will Cosgrove brought this change] - - Merge pull request #103 from willco007/patch-2 - - Fix for security issue CVE-2016-0787 - -Alexander Lamaison (2 Apr 2016) -- [Zenju brought this change] - - Fix MSVC 14 compilation errors - - For _MSC_VER == 1900 these macros are not needed and create problems: - - - - 1>C:\Program Files (x86)\Windows Kits\10\Include\10.0.10240.0\ucrt\stdio.h(1925): warning C4005: 'snprintf': macro redefinition (compiling source file libssh2-files\src\mac.c) - - 1> \win32\libssh2_config.h(27): note: see previous definition of 'snprintf' (compiling source file libssh2-files\src\mac.c) - - 1>C:\Program Files (x86)\Windows Kits\10\Include\10.0.10240.0\ucrt\stdio.h(1927): fatal error C1189: #error: Macro definition of snprintf conflicts with Standard Library function declaration (compiling source file libssh2-files\src\mac.c) - -Daniel Stenberg (26 Mar 2016) -- [Brad Harder brought this change] - - _libssh2_channel_open: speeling error fixed in channel error message - -Alexander Lamaison (15 Mar 2016) -- Link with crypt32.lib on Windows. - - Makes linking with static OpenSSL work again. Although it's not - required for dynamic OpenSSL, it does no harm. - - Fixes #98. - -- [Craig A. Berry brought this change] - - Tweak VMS help file building. - - Primarily this is handling cases where top-level files moved into - the docs/ directory. I also corrected a typo and removed the - claim that libssh2 is public domain. - -- [Craig A. Berry brought this change] - - Build with standard stat structure on VMS. - - This gets us large file support, is available on any VMS release - in the last decade and more, and gives stat other modern features - such as 64-bit ino_t. - -- [Craig A. Berry brought this change] - - Update vms/libssh2_config.h. - - VMS does have stdlib.h, gettimeofday(), and OpenSSL. The latter - is appropriate to hard-wire in the configuration because it's - installed by default as part of the base operating system and - there is currently no libgcrypt port. - -- [Craig A. Berry brought this change] - - VMS can't use %zd for off_t format. - - %z is a C99-ism that VMS doesn't currently have; even though the - compiler is C99-compliant, the library isn't quite. The off_t used - for the st_size element of the stat can be 32-bit or 64-bit, so - detect what we've got and pick a format accordingly. - -- [Craig A. Berry brought this change] - - Normalize line endings in libssh2_sftp_get_channel.3. - - Somehow it got Windows-style CRLF endings so convert to just LF, - for consistency as well as not to confuse tools that will regard - the \r as content (e.g. the OpenVMS help librarian). - -Dan Fandrich (29 Feb 2016) -- libgcrypt: Fixed a NULL pointer dereference on OOM - -Daniel Stenberg (24 Feb 2016) -- [Viktor Szakats brought this change] - - url updates, HTTP => HTTPS - - Closes #87 - -Dan Fandrich (23 Feb 2016) -- RELEASE-NOTES: removed some duplicated names - -Version 1.7.0 (23 Feb 2016) - -Daniel Stenberg (23 Feb 2016) -- web: the site is now HTTPS - -- RELEASE-NOTES: 1.7.0 release - -- diffie_hellman_sha256: convert bytes to bits - - As otherwise we get far too small numbers. - - Reported-by: Andreas Schneider - - CVE-2016-0787 - -Alexander Lamaison (18 Feb 2016) -- Allow CI failures with VS 2008 x64. - - Appveyor doesn't support this combination. - -Daniel Stenberg (16 Feb 2016) -- [Viktor Szakats brought this change] - - GNUmakefile: list system libs after user libs - - Otherwise some referenced WinSock functions will fail to - resolve when linking against LibreSSL 2.3.x static libraries - with mingw. - - Closes #80 - -- [Viktor Szakats brought this change] - - openssl: apply new HAVE_OPAQUE_STRUCTS macro - - Closes #81 - -- [Viktor Szakats brought this change] - - openssl: fix LibreSSL support after OpenSSL 1.1.0-pre1/2 support - -Alexander Lamaison (14 Feb 2016) -- sftp.h: Fix non-C90 type. - - uint64_t does not exist in C90. Use libssh2_uint64_t instead. - -- Exclude sshd tests from AppVeyor. - - They fail complaining that sshd wasn't invoked with an absolute path. - -- Test on more versions of Visual Studio. - -- Fix Appveyor builds. - -Daniel Stenberg (14 Feb 2016) -- [Viktor Szakats brought this change] - - openssl: add OpenSSL 1.1.0-pre3-dev compatibility - - by using API instead of accessing an internal structure. - - Closes #83 - -- RELEASE-NOTES: synced with 996b04ececdf - -- include/libssh2.h: next version is 1.7.0 - -- configure: build "silent" if possible - -- sftp: re-indented some minor stuff - -- [Jakob Egger brought this change] - - sftp.c: ensure minimum read packet size - - For optimum performance we need to ensure we don't request tiny packets. - -- [Jakob Egger brought this change] - - sftp.c: Explicit return values & sanity checks - -- [Jakob Egger brought this change] - - sftp.c: Check Read Packet File Offset - - This commit adds a simple check to see if the offset of the read - request matches the expected file offset. - - We could try to recover, from this condition at some point in the future. - Right now it is better to return an error instead of corrupted data. - -- [Jakob Egger brought this change] - - sftp.c: Don't return EAGAIN if data was written to buffer - -- [Jakob Egger brought this change] - - sftp.c: Send at least one read request before reading - - This commit ensures that we have sent at least one read request before - we try to read data in sftp_read(). - - Otherwise sftp_read() would return 0 bytes (indicating EOF) if the - socket is not ready for writing. - -- [Jakob Egger brought this change] - - sftp.c: stop reading when buffer is full - - Since we can only store data from a single chunk in filep, - we have to stop receiving data as soon as the buffer is full. - - This adresses the following bug report: - https://github.com/libssh2/libssh2/issues/50 - -Salvador Fandiño (21 Jan 2016) -- agent_disconnect_unix: unset the agent fd after closing it - - "agent_disconnect_unix", called by "libssh2_agent_disconnect", was - leaving the file descriptor in the agent structure unchanged. Later, - "libssh2_agent_free" would call again "libssh2_agent_disconnect" under - the hood and it would try to close again the same file descriptor. In - most cases that resulted in just a harmless error, but it is also - possible that the file descriptor had been reused between the two - calls resulting in the closing of an unrelated file descriptor. - - This patch sets agent->fd to LIBSSH2_INVALID_SOCKET avoiding that - issue. - - Signed-off-by: Salvador Fandiño - -Daniel Stenberg (18 Jan 2016) -- [Patrick Monnerat brought this change] - - os400qc3: support encrypted private keys - - PKCS#8 EncryptedPrivateKeyinfo structures are recognized and decoded to get - values accepted by the Qc3 crypto library. - -- [Patrick Monnerat brought this change] - - os400qc3: New PKCS#5 decoder - - The Qc3 library is not able to handle PKCS#8 EncryptedPrivateKeyInfo structures - by itself. It is only capable of decrypting the (encrypted) PrivateKeyInfo - part, providing a key encryption key and an encryption algorithm are given. - Since the encryption key and algorithm description part in a PKCS#8 - EncryptedPrivateKeyInfo is a PKCS#5 structure, such a decoder is needed to - get the derived key method and hash, as well as encryption algorith and - initialisation vector. - -- [Patrick Monnerat brought this change] - - os400qc3: force continuous update on non-final hash/hmac computation - -- [Patrick Monnerat brought this change] - - os400qc3: Be sure hmac keys have a minimum length - - The Qc3 library requires a minimum key length depending on the target - hash algorithm. Append binary zeroes to the given key if not long enough. - This matches RFC 2104 specifications. - -- [Patrick Monnerat brought this change] - - os400qc3: Slave descriptor for key encryption key - - The Qc3 library requires the key encryption key to exist as long as - the encrypted key is used. Its descriptor token is then kept as an - "encrypted key slave" for recursive release. - -- [Patrick Monnerat brought this change] - - os400qc3.c: comment PEM/DER decoding - -- [Patrick Monnerat brought this change] - - os400qc3.c: improve ASN.1 header byte checks - -- [Patrick Monnerat brought this change] - - os400qc3.c: improve OID matching - -- [Patrick Monnerat brought this change] - - os400: os400qc3.c: replace malloc by LIBSSH2_ALLOC or alloca where possible - -- [Patrick Monnerat brought this change] - - os400: asn1_new_from_bytes(): use data from a single element only - -- [Patrick Monnerat brought this change] - - os400: fix an ILE/RPG prototype - -- [Patrick Monnerat brought this change] - - os400: implement character encoding conversion support - -- [Patrick Monnerat brought this change] - - os400: do not miss some external prototypes - - Build procedure extproto() did not strip braces from header files, thus - possibly prepended them to true prototypes. This prevented the prototype to - be recognized as such. - The solution implemented here is to map braces to semicolons, effectively - considering them as potential prototype delimiters. - -- [Patrick Monnerat brought this change] - - os400: Really add specific README - -- [Patrick Monnerat brought this change] - - os400: Add specific README and include new files in dist tarball - -- [Patrick Monnerat brought this change] - - os400: add compilation scripts - -- [Patrick Monnerat brought this change] - - os400: include files for ILE/RPG - - In addition, file os400/macros.h declares all procedures originally - defined as macros. It must not be used for real inclusion and is only - intended to be used as a `database' for macro wrapping procedures generation. - -- [Patrick Monnerat brought this change] - - os400: add supplementary header files/wrappers. Define configuration. - -- [Patrick Monnerat brought this change] - - Protect callback function calls from macro substitution - - Some structure fields holding callback addresses have the same name as the - underlying system function (connect, send, recv). Set parentheses around - their reference to suppress a possible macro substitution. - - Use a macro for connect() on OS/400 to resolve a const/nonconst parameter - problem. - -- [Patrick Monnerat brought this change] - - Add interface for OS/400 crypto library QC3 - -- [Patrick Monnerat brought this change] - - misc: include stdarg.h for debug code - -- [Patrick Monnerat brought this change] - - Document crypto library interface - -- [Patrick Monnerat brought this change] - - Feature an optional crypto-specific macro to rsa sign a data fragment vector - - OS/400 crypto library is unable to sign a precomputed SHA1 hash: however - it does support a procedure that hashes data fragments and rsa signs. - If defined, the new macro _libssh2_rsa_sha1_signv() implements this function - and disables use of _libssh2_rsa_sha1_sign(). - - The function described above requires that the struct iovec unused slacks are - cleared: for this reason, macro libssh2_prepare_iovec() has been introduced. - It should be defined as empty for crypto backends that are not sensitive - to struct iovec unused slack values. - -- [Patrick Monnerat brought this change] - - Fold long lines in include files - -- [Viktor Szakats brought this change] - - kex.c: fix indentation - - Closes #71 - -- [Viktor Szakats brought this change] - - add OpenSSL-1.1.0-pre2 compatibility - - Closes #70 - -- [Viktor Szakats brought this change] - - add OpenSSL 1.1.0-pre1 compatibility - - * close https://github.com/libssh2/libssh2/issues/69 - * sync a declaration with the rest of similar ones - * handle EVP_MD_CTX_new() returning NULL with OpenSSL 1.1.0 - * fix potential memory leak with OpenSSL 1.1.0 in - _libssh2_*_init() functions, when EVP_MD_CTX_new() succeeds, - but EVP_DigestInit() fails. - -Marc Hoersken (22 Dec 2015) -- wincng.c: fixed _libssh2_wincng_hash_final return value - - _libssh2_wincng_hash_final was returning the internal BCRYPT - status code instead of a valid libssh2 return value (0 or -1). - - This also means that _libssh2_wincng_hash never returned 0. - -- wincng.c: fixed possible memory leak in _libssh2_wincng_hash - - If _libssh2_wincng_hash_update failed _libssh2_wincng_hash_final - would never have been called before. - - Reported by Zenju. - -Kamil Dudka (15 Dec 2015) -- [Paul Howarth brought this change] - - libssh2.pc.in: fix the output of pkg-config --libs - - ... such that it does not include LDFLAGS used to build libssh2 itself. - There was a similar fix in the curl project long time ago: - - https://github.com/bagder/curl/commit/curl-7_19_7-56-g4c8adc8 - - Bug: https://bugzilla.redhat.com/1279966 - Signed-off-by: Kamil Dudka - -Marc Hoersken (6 Dec 2015) -- hostkey.c: align code path of ssh_rsa_init to ssh_dss_init - -- hostkey.c: fix invalid memory access if libssh2_dsa_new fails - - Reported by dimmaq, fixes #66 - -Daniel Stenberg (3 Nov 2015) -- [Will Cosgrove brought this change] - - gcrypt: define libssh2_sha256_ctx - - Looks like it didn't make it into the latest commit for whatever reason. - - Closes #58 - -- [Salvador Fandino brought this change] - - libssh2_session_set_last_error: Add function - - Net::SSH2, the Perl wrapping module for libssh2 implements several features* - on top of libssh2 that can fail and so need some mechanism to report the error - condition to the user. - - Until now, besides the error state maintained internally by libssh2, another - error state was maintained at the Perl level for every session object and then - additional logic was used to merge both error states. That is a maintenance - nighmare, and actually there is no way to do it correctly and consistently. - - In order to allow the high level language to add new features to the library - but still rely in its error reporting features the new function - libssh2_session_set_last_error (that just exposses _libssh2_error_flags) is - introduced. - - *) For instance, connecting to a remote SSH service giving the hostname and - port. - - Signed-off-by: Salvador Fandino - Signed-off-by: Salvador Fandiño - -- [Salvador Fandino brought this change] - - _libssh2_error: Support allocating the error message - - Before this patch "_libssh2_error" required the error message to be a - static string. - - This patch adds a new function "_libssh2_error_flags" accepting an - additional "flags" argument and specifically the flag - "LIBSSH2_ERR_FLAG_DUP" indicating that the passed string must be - duplicated into the heap. - - Then, the method "_libssh2_error" has been rewritten to use that new - function under the hood. - - Signed-off-by: Salvador Fandino - Signed-off-by: Salvador Fandiño - -- [Will Cosgrove brought this change] - - added engine.h include to fix warning - -- [sune brought this change] - - kex.c: removed dupe entry from libssh2_kex_methods[] - - Closes #51 - -- [Salvador Fandiño brought this change] - - userauth: Fix off by one error when reading public key file - - After reading the public key from file the size was incorrectly - decremented by one. - - This was usually a harmless error as the last character on the public - key file is an unimportant EOL. But if due to some error the public key - file is empty, the public key size becomes (uint)(0 - 1), resulting in - an unrecoverable out of memory error later. - - Signed-off-by: Salvador Fandi??o - -- [Salvador Fandino brought this change] - - channel: Detect bad usage of libssh2_channel_process_startup - - A common novice programmer error (at least among those using the - wrapping Perl module Net::SSH2), is to try to reuse channels. - - This patchs detects that incorrect usage and fails with a - LIBSSH2_ERROR_BAD_USE error instead of hanging. - - Signed-off-by: Salvador Fandino - -- [Will Cosgrove brought this change] - - kex: Added diffie-hellman-group-exchange-sha256 support - - ... and fixed HMAC_Init depricated usage - - Closes #48 - -Alexander Lamaison (21 Sep 2015) -- Prefixed new #defines to prevent collisions. - - Other libraries might have their own USE_WIN32_*FILES. - -- [keith-daigle brought this change] - - Update examples/scp.c to fix bug where large files on win32 would cause got to wrap and go negative - -- [David Byron brought this change] - - add libssh2_scp_recv2 to support large (> 2GB) files on windows - -Daniel Stenberg (17 Sep 2015) -- [sune brought this change] - - WinCNG: support for SHA256/512 HMAC - - Closes #47 - -- [brian m. carlson brought this change] - - Add support for HMAC-SHA-256 and HMAC-SHA-512. - - Implement support for these algorithms and wire them up to the libgcrypt - and OpenSSL backends. Increase the maximum MAC buffer size to 64 bytes - to prevent buffer overflows. Prefer HMAC-SHA-256 over HMAC-SHA-512, and - that over HMAC-SHA-1, as OpenSSH does. - - Closes #40 - -- [Zenju brought this change] - - kex: free server host key before allocating it (again) - - Fixes a memory leak when Synology server requests key exchange - - Closes #43 - -- [Viktor Szakats brought this change] - - GNUmakefile: up OpenSSL version - - closes #23 - -- [Viktor Szakats brought this change] - - GNUmakefile: add -m64 CFLAGS when targeting mingw64, add -m32/-m64 to LDFLAGS - - libssh2 equivalent of curl patch https://github.com/bagder/curl/commit/d21b66835f2af781a3c2a685abc92ef9f0cd86be - - This allows to build for the non-default target when using a multi-target mingw distro. - Also bump default OpenSSL dependency path to 1.0.2c. - -- [Viktor Szakats brought this change] - - GNUmakefile: add support for LIBSSH2_LDFLAG_EXTRAS - - It is similar to existing LIBSSH2_CFLAG_EXTRAS, but for - extra linker options. - - Also delete some line/file ending whitespace. - - closes #27 - -- [nasacj brought this change] - - hostkey.c: Fix compiling error when OPENSSL_NO_MD5 is defined - - Closes #32 - -- [Mizunashi Mana brought this change] - - openssl.h: adjust the rsa/dsa includes - - ... to work when built without DSA support. - - Closes #36 - -Alexander Lamaison (26 Jul 2015) -- Let CMake build work as a subproject. - - Patch contributed by JasonHaslam. - -- Fix builds with Visual Studio 2015. - - VS2015 moved stdio functions to the header files as inline function. That means check_function_exists can't detect them because it doesn't use header files - just does a link check. Instead we need to use check_symbol_exists with the correct headers. - -Kamil Dudka (2 Jul 2015) -- cmake: include CMake files in the release tarballs - - Despite we announced the CMake support in libssh2-1.6.0 release notes, - the files required by the CMake build system were not included in the - release tarballs. Hence, the only way to use CMake for build was the - upstream git repository. - - This commit makes CMake actually supported in the release tarballs. - -- tests/mansyntax.sh: fix 'make distcheck' with recent autotools - - Do not create symbolic links off the build directory. Recent autotools - verify that out-of-source build works even if the source directory tree - is not writable. - -- openssl: fix memleak in _libssh2_dsa_sha1_verify() - -Daniel Stenberg (12 Jun 2015) -- openssl: make libssh2_sha1 return error code - - - use the internal prefix _libssh2_ for non-exported functions - - - removed libssh2_md5() since it wasn't used - - Reported-by: Kamil Dudka - -- [LarsNordin-LNdata brought this change] - - SFTP: Increase speed and datasize in SFTP read - - The function sftp_read never return more then 2000 bytes (as it should - when I asked Daniel). I increased the MAX_SFTP_READ_SIZE to 30000 but - didn't get the same speed as a sftp read in SecureSSH. I analyzed the - code and found that a return always was dona when a chunk has been read. - I changed it to a sliding buffer and worked on all available chunks. I - got an increase in speed and non of the test I have done has failed - (both local net and over Internet). Please review and test. I think - 30000 is still not the optimal MAX_SFTP_READ_SIZE, my next goal is to - make an API to enable changing this value (The SecureSSH sftp_read has - more complete filled packages when comparing the network traffic) - -- bump: start working on 1.6.1 - -Version 1.6.0 (5 Jun 2015) - -Daniel Stenberg (5 Jun 2015) -- RELEASE-NOTES: synced with 858930cae5c6a - -Marc Hoersken (19 May 2015) -- wincng.c: fixed indentation - -- [sbredahl brought this change] - - wincng.c: fixed memleak in (block) cipher destructor - -Alexander Lamaison (6 May 2015) -- [Jakob Egger brought this change] - - libssh2_channel_open: more detailed error message - - The error message returned by libssh2_channel_open in case of a server side channel open failure is now more detailed and includes the four standard error conditions in RFC 4254. - -- [Hannes Domani brought this change] - - kex: fix libgcrypt memory leaks of bignum - - Fixes #168. - -Marc Hoersken (3 Apr 2015) -- configure.ac: check for SecureZeroMemory for clear memory feature - -- Revert "wincng.c: fix clear memory feature compilation with mingw" - - This reverts commit 2d2744efdd0497b72b3e1ff6e732aa4c0037fc43. - - Autobuilds show that this did not solve the issue. - And it seems like RtlFillMemory is defined to memset, - which would be optimized out by some compilers. - -- wincng.c: fix clear memory feature compilation with mingw - -Alexander Lamaison (1 Apr 2015) -- [LarsNordin-LNdata brought this change] - - Enable use of OpenSSL that doesn't have DSA. - - Added #if LIBSSH2_DSA for all DSA functions. - -- [LarsNordin-LNdata brought this change] - - Use correct no-blowfish #define with OpenSSL. - - The OpenSSL define is OPENSSL_NO_BF, not OPENSSL_NO_BLOWFISH. - -Marc Hoersken (25 Mar 2015) -- configure: error if explicitly enabled clear-memory is not supported - - This takes 22bd8d81d8fab956085e2079bf8c29872455ce59 and - b8289b625e291bbb785ed4add31f4759241067f3 into account, - but still makes it enabled by default if it is supported - and error out in case it is unsupported and was requested. - -Daniel Stenberg (25 Mar 2015) -- configure: make clear-memory default but only WARN if backend unsupported - - ... instead of previous ERROR. - -Marc Hoersken (24 Mar 2015) -- wincng.h: fix warning about computed return value not being used - -- nonblocking examples: fix warning about unused tvdiff on Mac OS X - -Daniel Stenberg (24 Mar 2015) -- openssl: fix compiler warnings - -- cofigure: fix --disable-clear-memory check - -Marc Hoersken (23 Mar 2015) -- scp.c: improved command length calculation - - Reduced number of calls to strlen, because shell_quotearg already - returns the length of the resulting string (e.q. quoted path) - which we can add to the existing and known cmd_len. - Removed obsolete call to memset again, because we can put a final - NULL-byte at the end of the string using the calculated length. - -- scp.c: improved and streamlined formatting - -- scp.c: fix that scp_recv may transmit not initialised memory - -- scp.c: fix that scp_send may transmit not initialised memory - - Fixes ticket 244. Thanks Torsten. - -- kex: do not ignore failure of libssh2_sha1_init() - - Based upon 43b730ce56f010e9d33573fcb020df49798c1ed8. - Fixes ticket 290. Thanks for the suggestion, mstrsn. - -- wincng.h: fix return code of libssh2_md5_init() - -- openssl.c: fix possible segfault in case EVP_DigestInit fails - -- wincng.c: fix possible use of uninitialized variables - -- wincng.c: fix unused argument warning if clear memory is not enabled - -- wincng: Added explicit clear memory feature to WinCNG backend - - This re-introduces the original feature proposed during - the development of the WinCNG crypto backend. It still needs - to be added to libssh2 itself and probably other backends. - - Memory is cleared using the function SecureZeroMemory which is - available on Windows systems, just like the WinCNG backend. - -- wincng.c: fixed mixed line-endings - -- wincng.c: fixed use of invalid parameter types in a8d14c5dcf - -- wincng.c: only try to load keys corresponding to the algorithm - -- wincng.c: moved PEM headers into definitions - -- wincng.h: fixed invalid parameter name - -- wincng: fixed mismatch with declarations in crypto.h - -- userauth.c: fixed warning C6001: using uninitialized sig and sig_len - -- pem.c: fixed warning C6269: possible incorrect order of operations - -- wincng: add support for authentication keys to be passed in memory - - Based upon 18cfec8336e and daa2dfa2db. - -- pem.c: add _libssh2_pem_parse_memory to parse PEM from memory - - Requirement to implement 18cfec8336e for Libgcrypt and WinCNG. - -- pem.c: fix copy and paste mistake from 55d030089b8 - -- userauth.c: fix another possible dereference of a null pointer - -- userauth.c: fix possible dereference of a null pointer - -- pem.c: reduce number of calls to strlen in readline - -Alexander Lamaison (17 Mar 2015) -- [Will Cosgrove brought this change] - - Initialise HMAC_CTX in more places. - - Missed a couple more places we init ctx to avoid openssl threading crash. - -- Build build breakage in WinCNG backend caused when adding libssh2_userauth_publickey_frommemory. - - The new feature isn't implemented for the WinCNG backend currently, but the WinCNG backend didn't contain any implementation of the required backend functions - even ones that returns an error. That caused link errors. - - This change fixes the problem by providing an implementation of the backend functions that returns an error. - -- Fix breakage in WinCNG backend caused by introducing libssh2_hmac_ctx_init. - - The macro was defined to nothing for the libgcrypt backend, but not for WinCNG. This brings the latter into line with the former. - -Daniel Stenberg (15 Mar 2015) -- userauth_publickey_frommemory.3: add AVAILABILITY - - ... it will be added in 1.6.0 - -- libssh2: next version will be called 1.6.0 - - ... since we just added a new function. - -- docs: add libssh2_userauth_publickey_frommemory.3 to dist - - The function and man page were added in commit 18cfec8336e - -- [Jakob Egger brought this change] - - direct_tcpip: Fixed channel write - - There were 3 bugs in this loop: - 1) Started from beginning after partial writes - 2) Aborted when 0 bytes were sent - 3) Ignored LIBSSH2_ERROR_EAGAIN - - See also: - https://trac.libssh2.org/ticket/281 - https://trac.libssh2.org/ticket/293 - -Alexander Lamaison (15 Mar 2015) -- [Will Cosgrove brought this change] - - Must init HMAC_CTX before using it. - - Must init ctx before using it or openssl will reuse the hmac which is not thread safe and causes a crash. - Added libssh2_hmac_ctx_init macro. - -- Add continuous integration configurations. - - Linux-based CI is done by Travis CI. Windows-based CI is done by Appveyor. - -- [David Calavera brought this change] - - Allow authentication keys to be passed in memory. - - All credits go to Joe Turpin, I'm just reaplying and cleaning his patch: - http://www.libssh2.org/mail/libssh2-devel-archive-2012-01/0015.shtml - - * Use an unimplemented error for extracting keys from memory with libgcrypt. - -Daniel Stenberg (14 Mar 2015) -- docs: include the renamed INSTALL* files in dist - -Alexander Lamaison (13 Mar 2015) -- Prevent collisions between CMake and Autotools in examples/ and tests/. - -- Avoid clash between CMake build and Autotools. - - Autotools expects a configuration template file at src/libssh2_config.h.in, which buildconf generates. But the CMake build system has its CMake-specific version of the file at this path. This means that, if you don't run buildconf, the Autotools build will fail because it configured the wrong header template. - - See https://github.com/libssh2/libssh2/pull/8. - -- Merge pull request #8 from alamaison/cmake - - CMake build system. - -- CMake build system. - - Tested: - - Windows: - - Visual C++ 2005/2008/2010/2012/2013/MinGW-w64 - - static/shared - - 32/64-bit - - OpenSSL/WinCNG - - Without zlib - - Linux: - - GCC 4.6.3/Clang 3.4 - - static/shared - - 32/64-bit - - OpenSSL/Libgcrypt - - With/Without zlib - - MacOS X - - AppleClang 6.0.0 - - static - - 64-bit - - OpenSSL - - Without zlib - - Conflicts: - README - -- Man man syntax tests fail gracefully if man version is not suitable. - -- Return valid code from test fixture on failure. - - The sshd test fixture was returning -1 if an error occurred, but negative error codes aren't technically valid (google it). Bash on Windows converted them to 0 which made setup failure look as though all tests were passing. - -- Let mansyntax.sh work regardless of where it is called from. - -Daniel Stenberg (12 Mar 2015) -- [Viktor Szakáts brought this change] - - mingw build: allow to pass custom CFLAGS - - Allow to pass custom `CFLAGS` options via environment variable - `LIBSSH2_CFLAG_EXTRAS`. Default and automatically added options of - `GNUmakefile` have preference over custom ones. This addition is useful - for passing f.e. custom CPU tuning or LTO optimization (`-flto - -ffat-lto-objects`) options. The only current way to do this is to edit - `GNUmakefile`. This patch makes it unnecessary. - - This is a mirror of similar libcurl patch: - https://github.com/bagder/curl/pull/136 - -- [Will Cosgrove brought this change] - - userauth: Fixed prompt text no longer being copied to the prompts struct - - Regression from 031566f9c - -- README: update the git repo locations - -- wait_socket: wrong use of difftime() - - With reversed arguments it would always return a negative value... - - Bug: https://github.com/bagder/libssh2/issues/1 - -- bump: start working toward 1.5.1 now - -Version 1.5.0 (11 Mar 2015) - -Daniel Stenberg (11 Mar 2015) -- RELEASE-NOTES: 1.5.0 release - -- [Mariusz Ziulek brought this change] - - kex: bail out on rubbish in the incoming packet - - CVE-2015-1782 - - Bug: http://www.libssh2.org/adv_20150311.html - -- docs: move INSTALL, AUTHORS, HACKING and TODO to docs/ - - And with this, cleanup README to be shorter and mention the new source - code home. - -- .gitignore: don't ignore INSTALL - -Dan Fandrich (4 Mar 2015) -- examples/x11.c: include sys/select.h for improved portability - -Daniel Stenberg (4 Mar 2015) -- RELEASE-NOTES: synced with a8473c819bc068 - - In preparation for the upcoming 1.5.0 release. - -Guenter Knauf (8 Jan 2015) -- NetWare build: added some missing exports. - -Marc Hoersken (29 Dec 2014) -- knownhost.c: fix use of uninitialized argument variable wrote - - Detected by clang scan in line 1195, column 18. - -- examples/x11.c: fix result of operation is garbage or undefined - - Fix use of uninitialized structure w_size_bck. - Detected by clang scan in line 386, column 28. - -- examples/x11.c: remove dead assigments of some return values - - Detected by clang scan in line 212, column 9. - Detected by clang scan in line 222, column 13. - Detected by clang scan in line 410, column 13. - -- examples/x11.c: fix possible memory leak if read fails - - Detected by clang scan in line 224, column 21. - -- examples/x11.c: fix invalid removal of first list element - - Fix use of memory after it was being freed. - Detected by clang scan in line 56, column 12. - -- userauth.c: make sure that sp_len is positive and avoid overflows - - ... if the pointer subtraction of sp1 - pubkey - 1 resulted in a - negative or larger value than pubkey_len, memchr would fail. - - Reported by Coverity CID 89846. - -- channel.c: remove logically dead code, host cannot be NULL here - - ... host cannot be NULL in line 525, because it is always - valid (e.g. at least set to "0.0.0.0") after lines 430 and 431. - - Reported by Coverity CID 89807. - -- session.c: check return value of session_nonblock during startup - - Reported by Coverity CID 89803. - -- session.c: check return value of session_nonblock in debug mode - - Reported by Coverity CID 89805. - -- pem.c: fix mixed line-endings introduced with 8670f5da24 - -- pem.c: make sure there's a trailing zero and b64data is not NULL - - ... if there is no base64 data between PEM header and footer. - Reported by Coverity CID 89823. - -- kex.c: make sure mlist is not set to NULL - - ... if the currently unsupported LANG methods are called. - Reported by Coverity CID 89834. - -- packet.c: i < 256 was always true and i would overflow to 0 - - Visualize that the 0-termination is intentional, because the array - is later passed to strlen within _libssh2_packet_askv. - -- silence multiple data conversion warnings - -Daniel Stenberg (23 Dec 2014) -- agent_connect_unix: make sure there's a trailing zero - - ... if the path name was too long. Reported by Coverity CID 89801. - -Marc Hoersken (22 Dec 2014) -- examples on Windows: use native SOCKET-type instead of int - - And check return values accordingly. - -- userauth.c: improve readability and clarity of for-loops - -Daniel Stenberg (22 Dec 2014) -- calloc: introduce LIBSSH2_CALLOC() - - A simple function using LIBSSH2_ALLOC + memset, since this pattern was - used in multiple places and this simplies code in general. - -Marc Hoersken (15 Dec 2014) -- libssh2_priv.h: Ignore session, context and format parameters - -- x11 example: check return value of socket function - -- examples: fixed mixed line-endings introduced with aedfba25b8 - -- wincng.c: explicitly ignore BCrypt*AlgorithmProvider return codes - - Fixes VS2012 code analysis warning C6031: - return value ignored: could return unexpected value - -- wincng.c: fix possible invalid memory write access - - Fixes VS2012 code analysis warning C6386: - buffer overrun: accessing 'pbOutput', the writable size is - 'cbOutput' bytes, but '3' bytes may be written: libssh2 wincng.c 610 - -- tests on Windows: check for WSAStartup return code - - Fixes VS2012 code analysis warning C6031: - return value ignored: could return unexpected value - -- wincng.c: fix possible NULL pointer de-reference of bignum - - Fixes VS2012 code analysis warning C6011: - dereferencing NULL pointer 'bignum'. libssh2 wincng.c 1567 - -- wincng.c: fix possible use of uninitialized memory - - Fixes VS2012 code analysis warning C6001: - using uninitialized memory 'cbDecoded'. libssh2 wincng.c 553 - -- packet.c: fix possible NULL pointer de-reference within listen_state - - Fixes VS2012 code analysis warning C6011: - dereferencing NULL pointer 'listen_state->channel'. libssh2 packet.c 221 - -- kex.c: fix possible NULL pointer de-reference with session->kex - - Fixes VS2012 code analysis warning C6011: - dereferencing NULL pointer 'session->kex'. libssh2 kex.c 1761 - -- agent.c: check return code of MapViewOfFile - - Fixes VS2012 code analysis warning C6387: 'p+4' may be '0': - this does not adhere to the specification for the function - 'memcpy': libssh2 agent.c 330 - - Fixes VS2012 code analysis warning C6387: 'p' may be '0': - this does not adhere to the specification for the function - 'UnmapViewOfFile': libssh2 agent.c 333 - -- examples on Windows: check for socket return code - - Fixes VS2012 code analysis warning C28193: - The variable holds a value that must be examined - -- examples on Windows: check for WSAStartup return code - - Fixes VS2012 code analysis warning C6031: - return value ignored: could return unexpected value - -Guenter Knauf (11 Dec 2014) -- wincng.c: silent some more gcc compiler warnings. - -- wincng.c: silent gcc compiler warnings. - -- Watcom build: added support for WinCNG build. - -- build: updated dependencies in makefiles. - -Daniel Stenberg (4 Dec 2014) -- configure: change LIBS not LDFLAGS when checking for libs - - Closes #289 - - Patch-by: maurerpe - -Guenter Knauf (3 Dec 2014) -- MinGW build: some more GNUMakefile tweaks. - - test/GNUmakefile: added architecture autodetection; added switches to - CFLAGS and RCFLAGS to make sure that the right architecture is used. - Added support to build with WinCNG. - -- sftpdir.c: added authentication method detection. - - Stuff copied over from ssh2.c to make testing a bit easier. - -- NMake build: fixed LIBS settings. - -- NMake build: added support for WinCNG build. - -- MinGW build: some GNUMakefile tweaks. - - Added architecture autodetection; added switches to CFLAGS and - RCFLAGS to make sure that the right architecture is used. - Added support to build with WinCNG. - -- MinGW build: Fixed redefine warnings. - -- Updated copyright year. - -Daniel Stenberg (31 Aug 2014) -- COPYING: bump the copyright year - -Dan Fandrich (28 Jul 2014) -- docs: fixed a bunch of typos - -- docs: added missing libssh2_session_handshake.3 file - -Marc Hoersken (19 May 2014) -- wincng.c: specify the required libraries for dependencies using MSVC - - Initially reported by Bob Kast as "for MS VS builds, specify the - libraries that are required so they don't need to go into all - project files that may use this library". Thanks a lot. - -- [Bob Kast brought this change] - - windows build: do not export externals from static library - - If you are building a DLL, then you need to explicitly export each - entry point. When building a static library, you should not. - - libssh2 was exporting the entry points whether it was building a DLL or a - static library. To elaborate further, if libssh2 was used as a static - library, which was being linked into a DLL, the libssh2 API would be - exported from that separate DLL. - -Daniel Stenberg (19 May 2014) -- [Mikhail Gusarov brought this change] - - Fix typos in manpages - -Marc Hoersken (18 May 2014) -- wincng.c: Fixed memory leak in case of an error during ASN.1 decoding - -- configure: Display individual crypto backends on separate lines - - This avoids line-wrapping in between parameters and makes the - error message look like the following: - - configure: error: No crypto library found! - Try --with-libssl-prefix=PATH - or --with-libgcrypt-prefix=PATH - or --with-wincng on Windows - -- [Bob Kast brought this change] - - libssh2_priv.h: a 1 bit bit-field should be unsigned - - some compilers may not like this - -- knownhost.c: Fixed warning that pointer targets differ in signedness - -- wincng.c: Fixed warning about pointer targets differing in signedness - -- tcpip-forward.c: Fixed warning that pointer targets differ in signedness - - libssh2_channel_forward_listen_ex uses ints instead of unsigned ints. - -- misc.c: Fixed warning about mixed declarations and code - -- libgcrypt.h: Fixed warning about pointer targets differing in signedness - -- wincng.h: Fixed warning about pointer targets differing in signedness - -- misc.c: Fixed warning about unused parameter abstract - -- tcpip-forward.c: Removed unused variables shost, sport and sockopt - -- wincng.h: Added forward declarations for all WinCNG functions - - Initially reported by Bob Kast as "Wincng - define function - prototypes for wincng routines". Thanks a lot. - - Also replaced structure definitions with type definitions. - -- [Bob Kast brought this change] - - libssh2.h: on Windows, a socket is of type SOCKET, not int - -- win32: Added WinCNG targets to generated Visual Studio project - - Inspired by Bob Kast's reports, this commit enables the compilation - of libssh2 with WinCNG using the generated Visual Studio project files. - This commit adds WinCNG support to parts of the existing Win32 build - infrastructure, until new build systems, like pre-defined VS project - files or CMake files may be added. - - This commit and b20bfeb3e519119a48509a1099c06d65aa7da1d7 raise one - question: How to handle build systems, like VS project files, that - need to include all source files regardless of the desired target, - including all supported crypto backends? For now the mentioned commit - added a check for LIBSSH2_OPENSSL to openssl.c and with this commit - the supported crypto backends are hardcoded within Makefile.am. - -- libssh2_priv msvc: Removed redundant definition of inline keyword - - Initially reported by Bob Kast as "Remove redundant 'inline' define". - Thanks a lot. - -- wincng: Made data parameter to hash update function constant - - Initially reported by Bob Kast as "formal parameter must be const - since it is used in contexts where the actual parameter may be const". - Thanks a lot. - -- wincng: fix cross-compilation against the w64 mingw-runtime package - -- openssl: Check for LIBSSH2_OPENSSL in order to compile with openssl - -- wincng: Fixed use of possible uninitialized variable pPaddingInfo - - Reported by Bob Kast, thanks a lot. - -- wincng: Added cast for double to unsigned long conversion - -- wincng: Cleaned up includes and check NTSTATUS using macro - - Removed header file combination that is not supported on a real - Windows platform and can only be compiled using MinGW. Replaced - custom NTSTATUS return code checks with BCRYPT_SUCCESS macro. - -Daniel Stenberg (16 Mar 2014) -- userauth_hostbased_fromfile: zero assign to avoid uninitialized use - - Detected by clang-analyze - -- channel_receive_window_adjust: store windows size always - - Avoid it sometimes returning without storing it, leaving calling - functions with unknown content! - - Detected by clang-analyzer - -- publickey_packet_receive: avoid junk in returned pointers - - clang-analyzer found this risk it would return a non-initialized pointer - in a success case - -Peter Stuge (16 Mar 2014) -- [Marc Hoersken brought this change] - - Added Windows Cryptography API: Next Generation based backend - -- [Marc Hoersken brought this change] - - knownhost.c: fixed that 'key_type_len' may be used uninitialized - - ../src/knownhost.c: In function 'libssh2_knownhost_readline': - ../src/knownhost.c:651:16: warning: 'key_type_len' may be used - uninitialized in this function [-Wmaybe-uninitialized] - rc = knownhost_add(hosts, hostbuf, NULL, - ^ - ../src/knownhost.c:745:12: note: 'key_type_len' was declared here - size_t key_type_len; - ^ - -- [Marc Hoersken brought this change] - - pem.c: always compile pem.c independently of crypto backend - -- Fix non-autotools builds: Always define the LIBSSH2_OPENSSL CPP macro - - Commit d512b25f69a1b6778881f6b4b5ff9cfc6023be42 introduced a crypto - library abstraction in the autotools build system, to allow us to more - easily support new crypto libraries. In that process it was found that - all other build system which we support are hard-coded to build with - OpenSSL. Commit f5c1a0d98bd51aeb24aca3d49c7c81dcf8bd858d fixes automake - introduced into non-autotools build systems but still overlooked the - CPP macro saying that we are using OpenSSL. - - Thanks to Marc Hörsken for identifying this issue and proposing a fix - for win32/{GNUmakefile,config.mk}. This commit uses a slightly different - approach but the end result is the same. - -Dan Fandrich (15 Mar 2014) -- channel_close: Close the channel even in the case of errors - -- sftp_close_handle: ensure the handle is always closed - - Errors are reported on return, but otherwise the close path is - completed as much as possible and the handle is freed on exit. - -Alexander Lamaison (6 Mar 2014) -- knownhost: Restore behaviour of `libssh2_knownhost_writeline` with short buffer. - - Commit 85c6627c changed the behaviour of `libssh2_knownhost_writeline` so that it stopped returning the number of bytes needed when the given buffer was too small. Also, the function changed such that is might write to part of the buffer before realising it is too small. - - This commit restores the original behaviour, whilst keeping the unknown-key-type functionality that 85c6627c. Instead of writing to the buffer piecemeal, the length of the various parts is calculated up front and the buffer written only if there is enough space. The calculated necessary size is output in `outlen` regardless of whether the buffer was written to. - - The main use-case for the original behaviour that this commit restores is to allow passing in a NULL buffer to get the actual buffer size needed, before calling the function again with the buffer allocated to the exact size required. - -- knownhost: Fix DSS keys being detected as unknown. - - I missing `else` meant ssh-dss format keys were being re-detected as unknown format. - -Dan Fandrich (6 Mar 2014) -- knownhosts: Abort if the hosts buffer is too small - - This could otherwise cause a match on the wrong host - -- agent_list_identities: Fixed memory leak on OOM - -- Fixed a few typos - -- userauth: Fixed an attempt to free from stack on error - -- Fixed a few memory leaks in error paths - -- Fixed two potential use-after-frees of the payload buffer - - The first might occur if _libssh2_packet_add returns an error, as - fullpacket_state wasn't reset to idle so if it were possible for - fullpacket to be called again, it would return to the same state - handler and re-use the freed p->packet buffer. - - The second could occur if decrypt returned an error, as it freed the - packet buffer but did not clear total_num, meaning that freed buffer - could be written into again later. - -Alexander Lamaison (28 Nov 2013) -- Fix missing `_libssh2_error` in `_libssh2_channel_write`. - - In one case, the error code from `_libssh2_transport_read` was being returned from `_libssh2_channel_write` without setting it as the last error by calling `_libssh2_error`. This commit fixes that. - - Found when using a session whose socket had been inadvertently destroyed. The calling code got confused because via `libssh2_session_last_error` it appeared no error had occurred, despite one being returned from the previous function. - -Kamil Dudka (21 Nov 2013) -- [Mark McPherson brought this change] - - openssl: initialise the digest context before calling EVP_DigestInit() - - When using the OpenSSL libraries in FIPS mode, the function call - EVP_DigestInit() is actually #defined to FIPS_digestinit(). - Unfortunately wheres EVP_DigestInit() initialises the context and then - calls EVP_DigestInit_ex(), this function assumes that the context has - been pre-initialised and crashes when it isn't. - - Bug: https://trac.libssh2.org/ticket/279 - - Fixes #279 - -- [Marc Hörsken brought this change] - - .gitignore: Ignore files like src/libssh2_config.h.in~ - -Peter Stuge (13 Nov 2013) -- Move automake conditionals added by commit d512b25f out of Makefile.inc - - Commit d512b25f69a1b6778881f6b4b5ff9cfc6023be42 added automake - conditionals to Makefile.inc but since Makefile.inc is included - from Makefile for all other build systems that does not work. - - This commit instead adds Makefile.OpenSSL.inc and Makefile.libgcrypt.inc - and moves the automake conditional to its proper place, src/Makefile.am. - - The automake conditional includes the correct Makefile.$name.inc per - the crypto library selection/detection done by configure. - - All non-autotools build system files in libssh2 are hardcoded to use - OpenSSL and do not get a conditional but at least there is some reuse - because they can all include the new Makefile.OpenSSL.inc. - -Daniel Stenberg (27 Oct 2013) -- [Salvador Fandino brought this change] - - Set default window size to 2MB - - The default channel window size used until now was 256KB. This value is - too small and results on a bottleneck on real-life networks where - round-trip delays can easily reach 300ms. - - The issue was not visible because the configured channel window size - was being ignored and a hard-coded value of ~22MB being used instead, - but that was fixed on a previous commit. - - This patch just changes the default window size - (LIBSSH2_CHANNEL_WINDOW_DEFAULT) to 2MB. It is the same value used by - OpenSSH and in our opinion represents a good compromise between memory - used and transfer speed. - - Performance tests were run to determine the optimum value. The details - and related discussion are available from the following thread on the - libssh2 mailing-list: - - http://www.libssh2.org/mail/libssh2-devel-archive-2013-10/0018.shtml - http://article.gmane.org/gmane.network.ssh.libssh2.devel/6543 - - An excerpt follows: - - "I have been running some transfer test and measuring their speed. - - My setup was composed of a quad-core Linux machine running Ubuntu 13.10 - x86_64 with a LXC container inside. The data transfers were performed - from the container to the host (never crossing through a physical - network device). - - Network delays were simulated using the tc tool. And ping was used to - verify that they worked as intended during the tests. - - The operation performed was the equivalent to the following ssh command: - - $ ssh container "dd bs=16K count=8K if=/dev/zero" >/dev/null - - Though, establishment and closing of the SSH connection was excluded - from the timings. - - I run the tests several times transferring files of sizes up to 128MB - and the results were consistent between runs. - - The results corresponding to the 128MB transfer are available here: - - https://docs.google.com/spreadsheet/ccc?key=0Ao1yRmX6PQQzdG5wSFlrZl9HRWNET3ZyN0hnaGo5ZFE&usp=sharing - - It clearly shows that 256KB is too small as the default window size. - Moving to a 512MB generates a great improvement and after the 1MB mark - the returns rapidly diminish. Other factors (TCP window size, probably) - become more limiting than the channel window size - - For comparison I also performed the same transfers using OpenSSH. Its - speed is usually on par with that of libssh2 using a window size of 1MB - (even if it uses a 2MB window, maybe it is less aggressive sending the - window adjust msgs)." - - Signed-off-by: Salvador Fandino - -- [Salvador brought this change] - - _libssh2_channel_read: Honour window_size_initial - - _libssh2_channel_read was using an arbitrary hard-coded limit to trigger - the window adjusting code. The adjustment used was also hard-coded and - arbitrary, 15MB actually, which would limit the usability of libssh2 on - systems with little RAM. - - This patch, uses the window_size parameter passed to - libssh2_channel_open_ex (stored as remote.window_size_initial) plus the - buflen as the base for the trigger and the adjustment calculation. - - The memory usage when using the default window size is reduced from 22MB - to 256KB per channel (actually, if compression is used, these numbers - should be incremented by ~50% to account for the errors between the - decompressed packet sizes and the predicted sizes). - - My tests indicate that this change does not impact the performance of - transfers across localhost or a LAN, being it on par with that of - OpenSSH. On the other hand, it will probably slow down transfers on - networks with high bandwidth*delay when the default window size - (LIBSSH2_CHANNEL_WINDOW_DEFAULT=256KB) is used. - - Signed-off-by: Salvador Fandino - -- [Salvador Fandino brought this change] - - knownhosts: handle unknown key types - - Store but don't use keys of unsupported types on the known_hosts file. - - Currently, when libssh2 parses a known_host file containing keys of some - type it doesn't natively support, it stops reading the file and returns - an error. - - That means, that the known_host file can not be safely shared with other - software supporting other key types (i.e. OpenSSH). - - This patch adds support for handling keys of unknown type. It can read - and write them, even if they are never going to be matched. - - At the source level the patch does the following things: - - - add a new unknown key type LIBSSH2_KNOWNHOST_KEY_UNKNOWN - - - add a new slot (key_type_name) on the known_host struct that is - used to store the key type in ascii form when it is not supported - - - parse correctly known_hosts entries with unknown key types and - populate the key_type_name slot - - - print correctly known_hosts entries of unknown type - - - when checking a host key ignore keys that do not match the key - - Fixes #276 - -- windows build: fix build errors - - Fixes various link errors with VS2010 - - Reported-by: "kdekker" - Fixes #272 - -- man page: add missing function argument - - for libssh2_userauth_publickey_fromfile_ex() - - Reported-by: "pastey" - - Fixes #262 - -- [Salvador brought this change] - - Fix zlib deflate usage - - Deflate may return Z_OK even when not all data has been compressed - if the output buffer becomes full. - - In practice this is very unlikely to happen because the output buffer - size is always some KBs larger than the size of the data passed for - compression from the upper layers and I think that zlib never expands - the data so much, even on the worst cases. - - Anyway, this patch plays on the safe side checking that the output - buffer is not exhausted. - - Signed-off-by: Salvador - -- [Salvador brought this change] - - comp_method_zlib_decomp: Improve buffer growing algorithm - - The old algorithm was O(N^2), causing lots and lots of reallocations - when highly compressed data was transferred. - - This patch implements a simpler one that just doubles the buffer size - everytime it is exhausted. It results in O(N) complexity. - - Also a smaller inflate ratio is used to calculate the initial size (x4). - - Signed-off-by: Salvador - -- [Salvador brought this change] - - Fix zlib usage - - Data may remain in zlib internal buffers when inflate() returns Z_OK - and avail_out == 0. In that case, inflate has to be called again. - - Also, once all the data has been inflated, it returns Z_BUF_ERROR to - signal that the input buffer has been exhausted. - - Until now, the way to detect that a packet payload had been completely - decompressed was to check that no data remained on the input buffer - but that didn't account for the case where data remained on the internal - zlib buffers. - - That resulted in packets not being completely decompressed and the - missing data reappearing on the next packet, though the bug was masked - by the buffer allocation algorithm most of the time and only manifested - when transferring highly compressible data. - - This patch fixes the zlib usage. - - Signed-off-by: Salvador - -- [Salvador brought this change] - - _libssh2_channel_read: fix data drop when out of window - - After filling the read buffer with data from the read queue, when the - window size was too small, "libssh2_channel_receive_window_adjust" was - called to increase it. In non-blocking mode that function could return - EAGAIN and, in that case, the EAGAIN was propagated upwards and the data - already read on the buffer lost. - - The function was also moving between the two read states - "libssh2_NB_state_idle" and "libssh2_NB_state_created" both of which - behave in the same way (excepting a debug statment). - - This commit modifies "_libssh2_channel_read" so that the - "libssh2_channel_receive_window_adjust" call is performed first (when - required) and if everything goes well, then it reads the data from the - queued packets into the read buffer. - - It also removes the useless "libssh2_NB_state_created" read state. - - Some rotted comments have also been updated. - - Signed-off-by: Salvador - -- [Salvador Fandino brought this change] - - window_size: redid window handling for flow control reasons - - Until now, the window size (channel->remote.window_size) was being - updated just after receiving the packet from the transport layer. - - That behaviour is wrong because the channel queue may grow uncontrolled - when data arrives from the network faster that the upper layer consumes - it. - - This patch adds a new counter, read_avail, which keeps a count of the - bytes available from the packet queue for reading. Also, now the window - size is adjusted when the data is actually read by an upper layer. - - That way, if the upper layer stops reading data, the window will - eventually fill and the remote host will stop sending data. When the - upper layers reads enough data, a window adjust packet is delivered and - the transfer resumes. - - The read_avail counter is used to detect the situation when the remote - server tries to send data surpassing the window size. In that case, the - extra data is discarded. - - Signed-off-by: Salvador - -Peter Stuge (15 Sep 2013) -- configure.ac: Call zlib zlib and not libz in text but keep option names - -- configure.ac: Reorder --with-* options in --help output - -- configure.ac: Rework crypto library detection - - This further simplifies adding new crypto libraries. - -- Clean up crypto library abstraction in build system and source code - - libssh2 used to explicitly check for libgcrypt and default to OpenSSL. - - Now all possible crypto libraries are checked for explicitly, making - the addition of further crypto libraries both simpler and cleaner. - -- configure.ac: Add zlib to Requires.private in libssh2.pc if using zlib - -- Revert "Added Windows Cryptography API: Next Generation based backend" - - This reverts commit d385230e15715e67796f16f3e65fd899f21a638b. - -Daniel Stenberg (7 Sep 2013) -- [Leif Salomonsson brought this change] - - sftp_statvfs: fix for servers not supporting statfvs extension - - Fixes issue arising when server does not support statfvs and or fstatvfs - extensions. sftp_statvfs() and sftp_fstatvfs() after this patch will - handle the case when SSH_FXP_STATUS is returned from server. - -- [Marc Hoersken brought this change] - - Added Windows Cryptography API: Next Generation based backend - -- [Kamil Dudka brought this change] - - partially revert "window_size: explicit adjustments only" - - This partially reverts commit 03ca9020756a4e16f0294e5b35e9826ee6af2364 - in order to fix extreme slowdown when uploading to localhost via SFTP. - - I was able to repeat the issue on RHEL-7 on localhost only. It did not - occur when uploading via network and it did not occur on a RHEL-6 box - with the same version of libssh2. - - The problem was that sftp_read() used a read-ahead logic to figure out - the window_size, but sftp_packet_read() called indirectly from - sftp_write() did not use any read-ahead logic. - -- _libssh2_channel_write: client spins on write when window full - - When there's no window to "write to", there's no point in waiting for - the socket to become writable since it most likely just will continue to - be. - - Patch-by: ncm - Fixes #258 - -- _libssh2_channel_forward_cancel: avoid memory leaks on error - - Fixes #257 - -- _libssh2_packet_add: avoid using uninitialized memory - - In _libssh2_packet_add, called by _libssh2_packet_read, a call to - _libssh2_packet_send that is supposed to send a one-byte message - SSH_MSG_REQUEST_FAILURE would send an uninitialized byte upon re-entry - if its call to _send returns _EAGAIN. - - Fixes #259 - -- _libssh2_channel_forward_cancel: accessed struct after free - - ... and the assignment was pointless anyway since the struct was about - to be freed. Bug introduced in dde2b094. - - Fixes #268 - -Peter Stuge (2 Jun 2013) -- [Marc Hoersken brought this change] - - Fixed compilation using mingw-w64 - -- [Marc Hoersken brought this change] - - knownhost.c: use LIBSSH2_FREE macro instead of free - - Use LIBSSH2_FREE instead of free since - _libssh2_base64_encode uses LIBSSH2_ALLOC - -Daniel Stenberg (18 May 2013) -- [Matthias Kerestesch brought this change] - - libssh2_agent_init: init ->fd to LIBSSH2_INVALID_SOCKET - - ... previously it was left at 0 which is a valid file descriptor! - - Bug: https://trac.libssh2.org/ticket/265 - - Fixes #265 - -- userauth_password: pass on the underlying error code - - _libssh2_packet_requirev() may return different errors and we pass that - to the parent instead of rewriting it. - - Bug: http://libssh2.org/mail/libssh2-devel-archive-2013-04/0029.shtml - Reported by: Cosmin - -Peter Stuge (9 May 2013) -- [Marc Hoersken brought this change] - - libcrypt.c: Fix typo in _libssh2_rsa_sha1_sign() parameter type - -Kamil Dudka (4 May 2013) -- configure.ac: replace AM_CONFIG_HEADER with AC_CONFIG_HEADERS - - Reported by: Quintus - Bug: https://trac.libssh2.org/ticket/261 - -Guenter Knauf (12 Apr 2013) -- Fixed copyright string for NetWare build. - -Daniel Stenberg (9 Apr 2013) -- [Richard W.M. Jones brought this change] - - sftp: Add support for fsync (OpenSSH extension). - - The new libssh2_sftp_fsync API causes data and metadata in the - currently open file to be committed to disk at the server. - - This is an OpenSSH extension to the SFTP protocol. See: - - https://bugzilla.mindrot.org/show_bug.cgi?id=1798 - -- [Richard W.M. Jones brought this change] - - sftp: statvfs: Along error path, reset the correct 'state' variable. - -- [Richard W.M. Jones brought this change] - - sftp: seek: Don't flush buffers on same offset - - Signed-off-by: Richard W.M. Jones - -Guenter Knauf (9 Feb 2013) -- Updated dependency libs. - -- Fixed tool macro names. - -Daniel Stenberg (29 Nov 2012) -- [Seth Willits brought this change] - - compiler warnings: typecast strlen in macros - - ... in macro parameters to avoid compiler warnings about lost precision. - - Several macros in libssh2.h call strlen and pass the result directly to - unsigned int parameters of other functions, which warns about precision - loss because strlen returns size_t which is unsigned long on at least - some platforms (such as OS X). The fix is to simply typecast the - strlen() result to unsigned int. - -- libssh2.h: bump version to 1.4.4-DEV - -Version 1.4.3 (27 Nov 2012) - -Daniel Stenberg (27 Nov 2012) -- RELEASE-NOTES: fixed for 1.4.3 - -- sftp_read: return error if a too large package arrives - -Peter Stuge (13 Nov 2012) -- Only define _libssh2_dsa_*() functions when building with DSA support - -Guenter Knauf (8 Nov 2012) -- Added .def file to output. - -Kamil Dudka (1 Nov 2012) -- libssh2_hostkey_hash.3: update the description of return value - - The function returns NULL also if the hash algorithm is not available. - -Guenter Knauf (24 Oct 2012) -- Fixed mode acciedently committed. - -- Ignore generated file. - -- Added hack to make use of Makefile.inc. - - This should avoid further maintainance of the objects list. - -- Fixed MSVC NMakefile. - - Added missing source files; added resource for DLL. - -Kamil Dudka (22 Oct 2012) -- examples: use stderr for messages, stdout for data - - Reported by: Karel Srot - Bug: https://bugzilla.redhat.com/867462 - -- openssl: do not leak memory when handling errors - - ,.. in aes_ctr_init(). Detected by Coverity. - -- channel: fix possible NULL dereference - - ... in libssh2_channel_get_exit_signal(). Detected by Coverity. - -- Revert "aes: the init function fails when OpenSSL has AES support" - - This partially reverts commit f4f2298ef3635acd031cc2ee0e71026cdcda5864. - - We need to use the EVP_aes_???_ctr() functions in FIPS mode. - -- crypt: use hard-wired cipher block sizes consistently - -- openssl: do not ignore failure of EVP_CipherInit() - -- kex: do not ignore failure of libssh2_md5_init() - - The MD5 algorithm is disabled when running in FIPS mode. - -Daniel Stenberg (21 Aug 2012) -- [Peter Krempa brought this change] - - known_hosts: Fail when parsing unknown keys in known_hosts file. - - libssh2_knownhost_readfile() silently ignored problems when reading keys - in unsupported formats from the known hosts file. When the file is - written again from the internal structures of libssh2 it gets truntcated - to the point where the first unknown key was located. - - * src/knownhost.c:libssh2_knownhost_readfile() - return error if key - parsing fails - -- AUTHORS: synced with 42fec44c8a4 - - 31 recent authors added - -- [Dave Hayden brought this change] - - compression: add support for zlib@openssh.com - - Add a "use_in_auth" flag to the LIBSSH2_COMP_METHOD struct and a - separate "zlib@openssh.com" method, along with checking session->state - for LIBSSH2_STATE_AUTHENTICATED. Appears to work on the OpenSSH servers - I've tried against, and it should work as before with normal zlib - compression. - -- [Dmitry Smirnov brought this change] - - configure: gcrypt doesn't come with pkg-config support - - ... so use plain old -lgcrypt to the linker to link with it. - - Fixes #225 - -- sftp_read: Value stored to 'next' is never read - - Detected by clang-analyzer - -- publickey_init: errors are negative, fix check - - Detected by clang-analyzer. - -- [Maxime Larocque brought this change] - - session_free: wrong variable used for keeping state - - If libssh2_session_free is called without the channel being freed - previously by libssh2_channel_free a memory leak could occur. - - A mismatch of states variables in session_free() prevent the call to - libssh2_channel_free function. session->state member is used instead of - session->free_state. - - It causes a leak of around 600 bytes on every connection on my systems - (Linux, x64 and PPC). - - (Debugging done under contract for Accedian Networks) - - Fixes #246 - -Guenter Knauf (29 Jun 2012) -- Small NetWare makefile tweak. - -- Some small Win32 makefile fixes. - -Daniel Stenberg (19 Jun 2012) -- libssh2_userauth_publickey_fromfile_ex.3: mention publickey == NULL - -- comp_method_zlib_decomp: handle Z_BUF_ERROR when inflating - - When using libssh2 to perform an SFTP file transfer from the "JSCAPE MFT - Server" (http://www.jscape.com) the transfer failed. The default JSCAPE - configuration is to enforce zlib compression on SSH2 sessions so the - session was compressed. The relevant part of the debug trace contained: - - [libssh2] 1.052750 Transport: unhandled zlib error -5 - [libssh2] 1.052750 Failure Event: -29 - decompression failure - - The trace comes from comp_method_zlib_decomp() in comp.c. The "unhandled - zlib error -5" is the status returned from the zlib function - inflate(). The -5 status corresponds to "Z_BUF_ERROR". - - The inflate() function takes a pointer to a z_stream structure and - "inflates" (decompresses) as much as it can. The relevant fields of the - z_stream structure are: - - next_in - pointer to the input buffer containing compressed data - avail_in - the number of bytes available at next_in - next_out - pointer to the output buffer to be filled with uncompressed - data - avail_out - how much space available at next_out - - To decompress data you set up a z_stream struct with the relevant fields - filled in and pass it to inflate(). On return the fields will have been - updated so next_in and avail_in show how much compressed data is yet to - be processed and next_out and avail_out show how much space is left in - the output buffer. - - If the supplied output buffer is too small then on return there will be - compressed data yet to be processed (avail_in != 0) and inflate() will - return Z_OK. In this case the output buffer must be grown, avail_out - updated and inflate() called again. - - If the supplied output buffer was big enough then on return the - compressed data will have been exhausted (avail_in == 0) and inflate() - will return Z_OK, so the data has all been uncompressed. - - There is a corner case where inflate() makes no progress. That is, there - may be unprocessed compressed data and space available in the output - buffer and yet the function does nothing. In this case inflate() will - return Z_BUF_ERROR. From the zlib documentation and the source code it - is not clear under what circumstances this happens. It could be that it - needs to write multiple bytes (all in one go) from its internal state to - the output buffer before processing the next chunk of input but but - can't because there is not enough space (though my guesses as to the - cause are not really relevant). Recovery from Z_BUF_ERROR is pretty - simple - just grow the output buffer, update avail_out and call - inflate() again. - - The comp_method_zlib_decomp() function does not handle the case when - inflate() returns Z_BUF_ERROR. It treats it as a non-recoverable error - and basically aborts the session. - - Fixes #240 - -Guenter Knauf (12 Jun 2012) -- MinGW makefile tweaks. - - Use GNU tools when compiling on Linux. - Fixed dist and dev targets. - -- NetWare makefile tweaks. - - Changed to use Windows commandline tools instead of - GNU tools when compiling on Windows. Fixed dist and - dev targets. Enabled nlmconv error for unresolved - symbols. - -Daniel Stenberg (11 Jun 2012) -- Revert "config.rpath: generated file, no need to keep in git" - - This reverts commit 1ac7bd09cc685755577fb2c8829adcd081e7ab3c. - - This file still used by lib/*m4 functions so we need to keep the file - around. - -- BINDINGS: added PySsh2, a Python-ctypes binding - -Guenter Knauf (8 Jun 2012) -- Fixed MinGW debug build. - -Daniel Stenberg (5 Jun 2012) -- BINDINGS: Added the Cocoa/Objective-C one - - ... and sorted the bindings after the languages, alphabetically - - Reported by: Mike Abdullah - -- BINDINGS: document the bindings we know of - -Guenter Knauf (4 Jun 2012) -- Fixed LIBSSH2_INT64_T_FORMAT macro. - - Usually a format macro should hold the whole format, otherwise - it should be named a prefix. Also fixed usage of this macro in - scp.c for a signed var where it was used as prefix for unsigned. - -- Removed obsolete define from makefiles. - -- Renamed NetWare makefiles. - -- Renamed NetWare makefiles. - -- Synced MinGW makefiles with 56c64a6..39e438f. - - Also synced MinGW test makefile with b092696..f8cb874. - -Peter Stuge (30 May 2012) -- Revert "sftp: Don't send attrs.permissions on read-only SSH_FXP_OPEN" - - This reverts commit 04e79e0c798674a0796be8a55f63dd92e6877790. - -- sftp: Don't send attrs.permissions on read-only SSH_FXP_OPEN - - This works around a protocol violation in the ProFTPD 1.3.4 mod_sftp - server, as reported by Will Cosgrove in: - - http://libssh2.org/mail/libssh2-devel-archive-2012-05/0079.shtml - - Based on a suggested fix by TJ Saunders in: - - http://libssh2.org/mail/libssh2-devel-archive-2012-05/0104.shtml - -Guenter Knauf (28 May 2012) -- Try to detect OpenSSL build type automatically. - - Also fixed recently added libgdi32 linkage which is only - required when OpenSSL libs are linked statically. - -Daniel Stenberg (25 May 2012) -- config.rpath: generated file, no need to keep in git - -Guenter Knauf (22 May 2012) -- Updated dependency libary versions. - -Daniel Stenberg (18 May 2012) -- 1.4.3: towards the future - -Version 1.4.2 (18 May 2012) - -Daniel Stenberg (18 May 2012) -- RELEASE-NOTES: synced with 92a9f952794 - -Alexander Lamaison (15 May 2012) -- win32/libssh2_config.h: Remove hardcoded #define LIBSSH2_HAVE_ZLIB. - - Rationale: Everything else in this file states a fact about the win32 - platform that is unconditional for that platform. There is nothing - unconditional about the presence of zlib. It is neither included with - Windows nor with the platform SDK. Therefore, this is not an appropriate - place to assert its presence. Especially as, once asserted, it cannot be - overridden using a compiler flag. - - In contrast, if it is omitted, then it can easily be reasserted by adding - a compiler flag defining LIBSSH2_HAVE_ZLIB. - -Daniel Stenberg (14 May 2012) -- RELEASE-NOTES: synced with 69a3354467c - -- _libssh2_packet_add: SSH_MSG_CHANNEL_REQUEST default to want_reply - - RFC4254 says the default 'want_reply' is TRUE but the code defaulted to - FALSE. Now changed. - - Fixes #233 - -- gettimeofday: no need for a replacement under cygwin - - Fixes #224 - -Alexander Lamaison (13 May 2012) -- Prevent sftp_packet_read accessing freed memory. - - sftp_packet_add takes ownership of the packet passed to it and (now that we - handle zombies) might free the packet. sftp_packet_read uses the packet type - byte as its return code but by this point sftp_packet_add might have freed - it. This change fixes the problem by caching the packet type before calling - sftp_packet_add. - - I don't understand why sftp_packet_read uses the packet type as its return - code. A future change might get rid of this entirely. - -Daniel Stenberg (12 May 2012) -- sftp_packet_flush: flush zombies too - - As this function is called when the SFTP session is closed, it needs to - also kill all zombies left in the SFTP session to avoid leaking memory - just in case some zombie would still be in there. - -- sftp_packetlist_flush: zombies must not have responses already - - When flushing the packetlist, we must only add the request as a zombie - if no response has already been received. Otherwise we could wrongly - make it a zombie even though the response was already received and then - we'd get a zombie stuck there "forever"... - -- sftp_read: on EOF remove packet before flush - - Since the sftp_packetlist_flush() function will move all the existing - FXP_READ requests in this handle to the zombie list we must first remove - this just received packet as it is clearly not a zombie. - -- sftp_packet_require: sftp_packet_read() returning 0 is not an error - - Exactly as the comment in the code said, checking the return code from - sftp_packet_read() with <= was wrong and it should be < 0. With the new - filtering on incoming packets that are "zombies" we can now see this - getting zero returned. - -- sftp_packetlist_flush: only make it zombie if it was sent - - The list of outgoing packets may also contain packets that never were - sent off and we better not make them zombies too. - -- [Alexander Lamaison brought this change] - - Mark outstanding read requests after EOF as zombies. - - In order to be fast, sftp_read sends many read requests at once. With a small - file, this can mean that when EOF is received back, many of these requests are - still outstanding. Responses arriving after we close the file and abandon the - file handle are queued in the SFTP packet queue and never collected. This - causes transfer speed to drop as a progressively longer queue must be searched - for every packet. - - This change introduces a zombie request-ID list in the SFTP session that is - used to recognise these outstanding requests and prevent them being added to - the queue. - -Peter Stuge (23 Apr 2012) -- [Rafael Kitover brought this change] - - Update win32/GNUmakefile to use OpenSSL 1.0.1a - - libcrypto on win32 now depends on gdi32.dll, so move the OpenSSL LDLIBS - block to before the compiler definitions, so that libcrypto gets added - first, and then add -lgdi32 into the following common LDLIBS for gcc. - -Guenter Knauf (23 Apr 2012) -- Changed 'Requires' to 'Requires.private'. - - Only static builds need to link against the crypto libs. - -- Fixed 'Requires:' names. - - The 'Requires:' line lists the names of the .pc files. - -- Added 'Requires:' line to libssh2.pc. - - This is necessary so that other libs which lookup libssh2 info - via pkg-config can add the right crypto lib dependencies. - -- Updated dependency lib versions. - -Peter Stuge (18 Apr 2012) -- configure.ac: Add option to disable build of the example applications - - Examples are built by default. Any of the following options on the - configure command line will skip building them: - - --disable-examples-build - --enable-examples-build=no - --enable-examples-build=false - -- userauth.c: fread() from public key file to correctly detect any errors - - If the filename parameter for file_read_publickey() was the name of a - directory instead of a file then libssh2 would spin trying to fgetc() - from the FILE * for the opened directory when trying to determine the - length of the encoded public key, since fgetc() can't report errors. - - Use fread() instead to correctly detect this error condition along - with many others. - - This fixes the problem reported in - http://www.libssh2.org/mail/libssh2-devel-archive-2012-04/0021.shtml - - Reported-by: Oleksiy Zagorskyi - -- Return LIBSSH2_ERROR_SOCKET_DISCONNECT on EOF when reading banner - -Guenter Knauf (17 Apr 2012) -- Fixed copyright year. - -- Updated dependency lib versions in static makefiles. - -Daniel Stenberg (6 Apr 2012) -- version: bump to 1.4.2 - - We're on the 1.4.2 track now (at least) - -Version 1.4.1 (4 Apr 2012) - -Daniel Stenberg (4 Apr 2012) -- RELEASE-NOTES: updated for 1.4.1 release - -- always do "forced" window updates - - When calling _libssh2_channel_receive_window_adjust() internally, we now - always use the 'force' option to prevent libssh2 to avoid sending the - update if the update isn't big enough. - - It isn't fully analyzed but we have seen corner cases which made a - necessary window update not get send due to this and then the other side - doesn't send data our side then sits waiting for forever. - -- channel_read: force window adjusts! - - if there's not enough room to receive the data that's being requested, - the window adjustment needs to be sent to the remote and thus the force - option has to be used. _libssh2_channel_receive_window_adjust() would - otherwise "queue" small window adjustments for a later packet but that - is really terribly for the small buffer read that for example is the - final little piece of a very large file as then there is no logical next - packet! - - Reported by: Armen Babakhanian - Bug: http://www.libssh2.org/mail/libssh2-devel-archive-2012-03/0130.shtml - -- [Paul Howarth brought this change] - - aes: the init function fails when OpenSSL has AES support - - The internal init function only worked fine when the configure script - didn't detect the OpenSSL AES_CTR function! - - Bug: http://www.libssh2.org/mail/libssh2-devel-archive-2012-03/0111.shtml - Reported by: Paul Howarth - -- [Matthew Booth brought this change] - - transport_send: Finish in-progress key exchange before sending data - - _libssh2_channel_write() first reads outstanding packets before writing - new data. If it reads a key exchange request, it will immediately start - key re-exchange, which will require sending a response. If the output - socket is full, this will result in a return from - _libssh2_transport_read() of LIBSSH2_ERROR_EAGAIN. In order not to block - a write because there is no data to read, this error is explicitly - ignored and the code continues marshalling a packet for sending. When it - is sent, the remote end immediately drops the connection because it was - expecting a continuation of the key exchange, but got a data packet. - - This change adds the same check for key exchange to - _libssh2_transport_send() that is in _libssh2_transport_read(). This - ensures that key exchange is completed before any data packet is sent. - -- channel_write: acknowledge transport errors - - When draining data off the socket with _libssh2_transport_read() (which - in turn has to be done so that we can be sure to have read any possible - window-increasing packets), this code previously ignored errors which - could lead to nasty loops. Now all error codes except EAGAIN will cause - the error to be returned at once. - - Bug: http://www.libssh2.org/mail/libssh2-devel-archive-2012-03/0068.shtml - Reported by: Matthew Booth - -- [Steven Dake brought this change] - - In examples/x11.c, Make sure sizeof passed to read operation is correct - - sizeof(buf) expands to 8 or 4 (since its a pointer). This variable may - have been static in the past, leading to this error. - - Signed-off-by: Steven Dake - -- [Steven Dake brought this change] - - Fix suspicious sizeof usage in examples/x11.c - - In the x11 example, sizeof(buf) = 8UL (on x86_64), when this should - probably represent the buffer size available. I am not sure how to - test that this change is actually correct, however. - - Signed-off-by: Steven Dake - -- sftp_packet_read: follow-up fix for EAGAIN/window adjust - - The commit in 7194a9bd7ba45 wasn't complete. This change makes sure - variables are initialized properly before used in the EAGAIN and window - adjust cases. - -- sftp_packet_add: use named error code instead of number - -- sftp_packet_add: verify the packet before accepting it - - In order to bail out as quickly as possible when things are wrong and - out of sync, make sure the SFTP message is one we understand. - -- SFTP: preserve the original error code more - - Lots of places in the code translated the original error into the more - generic LIBSSH2_ERROR_SOCKET_TIMEOUT but this turns out to distort the - original error reason a lot and makes tracking down the real origin of a - problem really hard. This change makes the original error code be - preserved to a larger extent when return up to the parent function. - -- sftp_packet_read: adjust window size as necessary - - Commit 03ca9020756 tried to simplify the window sizing logic but broke - SFTP readdir as there was no window sizing code left there so large - directory listings no longer worked. - - This change introduces window sizing logic to the sftp_packet_read() - function so that it now tells the remote about the local size having a - window size that suffice when it is about to ask for directory data. - - Bug: http://www.libssh2.org/mail/libssh2-devel-archive-2012-03/0069.shtml - Reported by: Eric - -- [Steven Dake brought this change] - - Tell C compiler we don't care about return code of libssh2_init - - The call of libssh2_init returns a return code, but nothing could be done - within the _libssh2_init_if_needed execution path. - - Signed-off-by: Steven Dake - -- [Steven Dake brought this change] - - Add comment indicating a resource leak is not really a resource leak - - While possibly obvious to those investigating the code, coverity complains - about this out of scope leak. - - Signed-off-by: Steven Dake - -- [Steven Dake brought this change] - - Use safer snprintf rather then sprintf in scp_send() - - Signed-off-by: Steven Dake - -- [Steven Dake brought this change] - - Use safer snprintf rather then sprintf in scp_recv() - - While the buffer is indeed allocated to a safe length, better safe then sorry. - - Signed-off-by: Steven Dake - -- [Steven Dake brought this change] - - use snprintf in knownhost_writeline() rather then sprintf - - Although the function checks the length, if the code was in error, there - could potentially be a buffer overrun with the use of sprintf. Instead replace - with snprintf. - - Signed-off-by: Steven Dake - -- [Steven Dake brought this change] - - Add tracing to print packets left on session at libssh2_session_free - - Signed-off-by: Steven Dake - -Peter Stuge (2 Mar 2012) -- Define and use LIBSSH2_INVALID_SOCKET instead of INVALID_SOCKET - - INVALID_SOCKET is a special value in Windows representing a - non-valid socket identifier. We were #defining this to -1 on - non-Windows platforms, causing unneccessary namespace pollution. - Let's have our own identifier instead. - - Thanks to Matt Lawson for pointing this out. - -- nw/Makefile.netware: Fix project name typo to avoid needless confusion - -- example/x11: Set raw terminal mode manually instead of with cfmakeraw() - - OpenSolaris has no cfmakeraw() so to make the example more portable - we simply do the equivalent operations on struct termios ourselves. - - Thanks to Tom Weber for reporting this problem, and finding a solution. - -Daniel Stenberg (17 Feb 2012) -- sftp_write: cannot return acked data *and* EAGAIN - - Whenever we have acked data and is about to call a function that *MAY* - return EAGAIN we must return the number now and wait to get called - again. Our API only allows data *or* EAGAIN and we must never try to get - both. - -Peter Stuge (13 Feb 2012) -- example/x11: Build only when sys/un.h is found by configure - - The example can't be built on systems without AF_UNIX sockets. - -Daniel Stenberg (10 Feb 2012) -- [Alexander Lamaison brought this change] - - Simplified sftp_read. - - Removed the total_read variable that originally must have tracked how - much data had been written to the buffer. With non-blocking reads, we - must return straight away once we have read data into the buffer so this - variable served not purpose. - - I think it was still hanging around in case the initial processing of - 'leftover' data meant we wrote to the buffer but this case, like the - others, must return immediately. Now that it does, the last remaining - need for the variable is gone. - -- [Alexander Lamaison brought this change] - - Cleaned up sftp_read and added more explanation. - - Replaced the gotos which were implementing the state machine with - a switch statement which makes the states more explicit. - -- sftp_read: avoid data *and* EAGAIN - - Whenever we have data and is about to call a function that *MAY* return - EAGAIN we must return the data now and wait to get called again. Our API - only allows data *or* EAGAIN and we must never try to get both. - -Peter Stuge (2 Feb 2012) -- Add a tcpip-forward example which demonstrates remote port forwarding - -- libssh2.h: Add missing prototype for libssh2_session_banner_set() - -- example/subsystem_netconf.c: Return error when read buffer is too small - - Also remove a little redundancy in the read loop condition. - -- example/subsystem_netconf.c: Add a missing newline in an error message - -- Fix undefined reference to _libssh_error in libgcrypt backend - - Commit 209de22299b4b58e582891dfba70f57e1e0492db introduced a function - call to a non-existing function, and since then the libgcrypt backend - has not been buildable. - -Version 1.4.0 (31 Jan 2012) - -Daniel Stenberg (31 Jan 2012) -- RELEASE-NOTES: synced with 6bd584d29 for 1.4.0 - -- s/1.3.1/1.4.0 - - We're bumping the minor number - -- [Jernej Kovacic brought this change] - - libssh2_session_supported_algs: fix compiler warning - -- [Jernej Kovacic brought this change] - - session_supported_algs docs: added an example - -- [Gellule Xg brought this change] - - sftp-seek: clear EOF flag - - Set the EOF flag to False when calling seek64 to be able to get some - data back on a following read - -- [Peter Krempa brought this change] - - userauth: Provide more informations if ssh pub key extraction fails - - If the function that extracts/computes the public key from a private key - fails the errors it reports were masked by the function calling it. This - patch modifies the key extraction function to return errors using - _libssh_error() function. The error messages are tweaked to contain - reference to the failed operaton in addition to the reason. - - * AUTHORS: - add my name - * libgcrypt.c: _libssh2_pub_priv_keyfile(): - return a more verbose - error using - _libssh2_error() func. - * openssl.c: - modify call graph of _libssh2_pub_priv_keyfile() to use - _libssh2_error for error reporting(); - * userauth.c: - tweak functions calling _libssh2_pub_priv_keyfile() not - to shadow error messages - -- TODO: remove issues we (sort of) did already - -- ssh2_exec: skip error outputs for EAGAIN - - Since the example uses non-blocking mode, it will just flood the output - with this "nonsense" error. - -Guenter Knauf (30 Nov 2011) -- Some NetWare makefile tweaks. - -Daniel Stenberg (18 Nov 2011) -- LIBSSH2_SFTP_PACKET_MAXLEN: increase to 80000 - - Some SFTP servers send SFTP packets larger than 40000. Since the limit - is only present to avoid insane sizes anyway, we can easily bump it. - - The define was formerly in the public header libssh2_sftp.h but served - no external purpose and was moved into the source dir. - - Bug: http://www.libssh2.org/mail/libssh2-devel-archive-2011-11/0004.shtml - Reported by: Michael Harris - -Alexander Lamaison (18 Nov 2011) -- [Peter Krempa brought this change] - - knownhost_check(): Don't dereference ext if NULL is passed - - Documentation for libssh2_knownhost_checkp() and related functions - states that the last argument is filled with data if non-NULL. - - "knownhost if set to non-NULL, it must be a pointer to a 'struct - libssh2_knownhost' pointer that gets filled in to point to info about a - known host that matches or partially matches." - - In this function ext is dereferenced even if set to NULL, causing - segfault in applications not needing the extra data. - -Daniel Stenberg (11 Nov 2011) -- [Peter Krempa brought this change] - - knownhost_add: Avoid dereferencing uninitialized memory on error path. - - In function knownhost_add, memory is alocated for a new entry. If normal - alocation is used, memory is not initialized to 0 right after, but a - check is done to verify if correct key type is passed. This test is done - BEFORE setting the memory to null, and on the error path function - free_host() is called, that tries to dereference unititialized memory, - resulting into a glibc abort(). - - * knownhost.c - knownhost_add(): - move typemask check before alloc - -- windows build: add define to avoid compiler warning - - A recent mingw compiler has started to complain on "#warning Please - include winsock2.h before windows.h" unless the magic define is set - first. - - Reported by: Vincent Torri - Bug: http://www.libssh2.org/mail/libssh2-devel-archive-2011-10/0064.shtml - -Henrik Nordstrom (31 Oct 2011) -- [Vincent Torri brought this change] - - Correct Windows include file name case, simplifying cross-compilation - - When cross compiling to Windows, libssh2.h include Windows header files - with upper case filenames : BaseTsd.h and WinSock2.h. - - These files have lowercase names with mingw-w64 (iirc, it's the same with - mingw). And as on Windows, being lowercase or uppercase does not matter. - -Daniel Stenberg (25 Oct 2011) -- [Jernej Kovacic brought this change] - - libssh2_session_supported_algs: added - -- [Kamil Dudka brought this change] - - example/sftp_RW_nonblock: do not ignore LIBSSH2_ERROR_EAGAIN - - Bug: https://bugzilla.redhat.com/745420 - -Peter Stuge (5 Oct 2011) -- example/ssh2_agent: Print host key fingerprint before authentication - - Also moves the comment about not being authenticated to before the - agent authentication takes place, so that it better matches the code. - -Daniel Stenberg (29 Sep 2011) -- OpenSSL EVP: fix threaded use of structs - - Make sure we don't clear or reset static structs after first init so - that they work fine even when used from multiple threads. Init the - structs in the global init. - - Help and assistance by: John Engstrom - - Fixes #229 (again) - -- openssl: don't init static structs differently - - make_ctr_evp() is changed to take a struct pointer, and then each - _libssh2_EVP_aes_[keylen]_ctr function is made to pass in their own - static struct - - Reported by: John Engstrom - Fixes #229 - -Guenter Knauf (27 Sep 2011) -- Removed obsolete include path. - -Daniel Stenberg (21 Sep 2011) -- read_state: clear the state variable better - - Set read_state back to idle before trying to send anything so that if - the state somehow is wrongly set. - - Also, avoid such a case of confusion by resetting the read_state when an - sftp handle is closed. - -- sftp_read: remove leftover fprintf - - Reported by: Alexander Lamaison - -- sftp.h: fix the #ifdef to prevent multiple inclusions - -- sftp_read: use a state variable to avoid bad writes - - When a channel_write call has gotten an EAGAIN back, we try harder to - continue the same write in the subsequent invoke. - -- window_size: explicit adjustments only - - Removed the automatic window_size adjustments from - _libssh2_channel_read() and instead all channel readers must now make - sure to enlarge the window sizes properly themselves. - - libssh2_channel_read_ex() - the public function, now grows the window - size according to the requested buffer size. Applications can still opt - to grow the window more on demand. Larger windows tend to give higher - performance. - - sftp_read() now uses the read-ahead logic to figure out a window_size. - -- libssh2.h: bump the default window size to 256K - -- libssh2_userauth_keyboard_interactive.3: fix man warning - - It seemed to occur due to the excessive line length - -- [Mikhail Gusarov brought this change] - - Add missing .gitignore entries - -- [Mikhail Gusarov brought this change] - - Add manpage syntax checker to 'check' target - - In virtually every libssh2 release Debian's lintian catches syntax errors in - manpages. Prevent it by checking manpages as a part of testsuite. - -- libssh2_banner_set.3: fix nroff syntax mistake - -Guenter Knauf (10 Sep 2011) -- Use predefined resource compiler macro. - -- Added casts to silent compiler warnings. - -- Fixed uint64_t printf. - -- Fixed macro function signatures. - -- NetWare makefile tweaks. - -- Removed unused var. - -- Added 2 samples not mentioned. - -- Dont build x11 sample with MinGW. - -- Fixed executable file description. - -- Removed unused var. - -- Kill stupid gcc 3.x uninitialized warning. - -- Build all examples. - -- More MinGW makefile tweaks. - - Renamed *.mingw makefiles to GNUmakefile since GNU make picks these - up automatically, and therefore win32/Makefile removed. - -- Removed forgotten WINSOCK_VERSION defines. - -Daniel Stenberg (9 Sep 2011) -- libssh2_session_startup(3) => libssh2_session_handshake(3) - - Propagate for the current function in docs and examples. - libssh2_session_startup() is deprecated. - -- libssh2_banner_set => libssh2_session_banner_get - - Marked the old function as deprecated. Added the new name in the correct - name space with the same arguments and functionality. - -- new function: libssh2_session_banner_get - - Returns the banner from the server handshake - - Fixes #226 - -- libssh2.h: bump version to 1.4.0 for new function(s) - -- remove embedded CVS/svn tags - -- [liuzl brought this change] - - API add:libssh2_sftp_get_channel - - Return the channel of sftp, then caller can - control the channel's behavior. - - Signed-off-by: liuzl - -- _libssh2_channel_read: react on errors from receive_window_adjust - - Previously the function would ignore all errors except for EAGAIN. - -- sftp_read: extend and clarify the documentation - -- sftp_read: cap the read ahead maximum amount - - Now we only go up to LIBSSH2_CHANNEL_WINDOW_DEFAULT*30 bytes SFTP read - ahead, which currently equals 64K*30 == 1966080 bytes. - -- _libssh2_channel_read: fix non-blocking window adjusting - - If EAGAIN is returned when adjusting the receive window, we must not - read from the transport directly until we've finished the adjusting. - -Guenter Knauf (8 Sep 2011) -- Fix for systems which need sys/select.h. - -- The files were not gone but renamed ... - -Daniel Stenberg (6 Sep 2011) -- sftp_read: added documenting comment - - Taken from some recent email conversations I added some descriptions of - the logic in sftp_read() to aid readers. - -- 1.3.1: start the work - -Version 1.3.0 (6 Sep 2011) - -Daniel Stenberg (6 Sep 2011) -- Makefile.am: the Makefile.win32 files are gone - -- RELEASE-NOTES: updated for 1.3.0 - -- sftp_read: a short read is not end of file - - A returned READ packet that is short will now only reduce the - offset. - - This is a temporary fix as it is slightly better than the previous - approach but still not very good. - -- [liuzl brought this change] - - _libssh2_packet_add: adjust window size when truncating - - When receiving more data than what the window size allows on a - particular channel, make sure that the window size is adjusted in that - case too. Previously it would only adjust the window in the non-error - case. - -Guenter Knauf (29 Aug 2011) -- Silent compiler warning with MinGW64. - -- Fixed link to native Win32 awk tool. - -- Renamed MinGW makefiles. - -- Some MinGW makefile tweaks. - - Enable build without GNU tools and with MinGW64 compiler. - -- Fixed aes_ctr_do_cipher() signature. - -Daniel Stenberg (26 Aug 2011) -- [liuzl brought this change] - - libssh2_sftp_seek64: flush packetlist and buffered data - - When seeking to a new position, flush the packetlist and buffered data - to prevent already received or pending data to wrongly get used when - sftp-reading from the new offset within the file. - -- sftp_read: advance offset correctly for buffered copies - - In the case where a read packet has been received from the server, but - the entire contents couldn't be copied to the user-buffer, the data is - instead buffered and copied to the user's buffer in the next invocation - of sftp_read(). When that "extra" copy is made, the 'offset' pointer was - not advanced accordingly. - - The biggest impact of this flaw was that the 'already' variable at the - top of the function that figures out how much data "ahead" that has - already been asked for would slowly go more and more out of sync, which - could lead to the file not being read all the way to the end. - - This problem was most noticable in cases where the application would - only try to read the exact file size amount, like curl does. In the - examples libssh2 provides the sftp read function is most often called - with a fixed size large buffer and then the bug would not appear as - easily. - - This bug was introduced in the SFTP rewrite in 1.2.8. - - Bug: http://curl.haxx.se/mail/lib-2011-08/0305.html - http://www.libssh2.org/mail/libssh2-devel-archive-2011-08/0085.shtml - -- wrap some long lines < 80 columns - -- LIBSSH2_RECV: fix typo, use the RECV_FD macro - -- subsystem_netconf.c: fix compiler warnings - -- [Henrik Nordstrom brought this change] - - Custom callbacks for performing low level socket I/O - -- version bump: start working towards 1.3.0 - -Version 1.2.9 (16 Aug 2011) - -Daniel Stenberg (16 Aug 2011) -- RELEASE-NOTES: synced with 95d69d3a81261 - -- [Henrik Nordstrom brought this change] - - Document prototypes for macro defined functions - -- [Henrik Nordstrom brought this change] - - Avoid reuse after free when closing X11 channels - -- _libssh2_channel_write: handle window_size == 0 better - - When about to send data on the channel and the window size is 0, we must - not just return 0 if the transport_read() function returned EAGAIN as it - then causes a busy-loop. - - Bug: http://libssh2.org/mail/libssh2-devel-archive-2011-08/0011.shtml - -- gettimeofday: fix name space pollution - - For systems without its own gettimeofday() implementation, we still must - not provide one outside our namespace. - - Reported by: Bill Segall - -Dan Fandrich (5 Aug 2011) -- libssh2.pc.in: Fixed spelling in pkgconfig file - -Peter Stuge (17 Jul 2011) -- example/subsystem_netconf.c: Add missing #include - -- example/subsystem_netconf.c: Discard ]]>]]> and return only XML response - -- example/subsystem_netconf.c: Fix uninitialized variable bug - -- example: Add subsystem_netconf.c - - This example demonstrates how to use libssh2 to send a request to - the NETCONF subsystem available e.g. in JunOS. - - See also http://tools.ietf.org/html/draft-ietf-netconf-ssh-06 - -Daniel Stenberg (16 Jul 2011) -- man page cleanups: non-existing functions need no man pages - -- libssh2_new_host_entry.3: removed - - This is just junk leftovers. - -- userauth_keyboard_interactive: fix buffer overflow - - Partly reverse 566894494b4972ae12 which was simplifying the code far too - much and ended up overflowing a buffer within the LIBSSH2_SESSION - struct. Back to allocating the buffer properly like it used to do. - - Bug: http://www.libssh2.org/mail/libssh2-devel-archive-2011-06/0032.shtml - Reported by: Alfred Gebert - -- keyboard-interactive man page: cleaned up - -- [Alfred Gebert brought this change] - - _libssh2_recv(): handle ENOENT error as EAGAIN - - A sftp session failed with error "failure establishing ssh session" on - Solaris and HP-UX. Sometimes the first recv() function call sets errno - to ENOENT. In the man pages for recv of Solaris and HP-UX the error - ENOENT is not documented. - - I tested Solaris SPARC and x86, HP-UX i64, AIX, Windows and Linux. - -- agent_list_identities: fix out of scope access - - An auto variable out of scope was being referenced and used. - - fixes #220 - -- _libssh2_wait_socket: fix timeouts for poll() uses - -- windows: inclusion fix - - include winsock2.h for all windows compilers - -- keyb-interactive: add the fixed buffer - - Belongs to commit 5668944 - -- code cleanup: don't use C99/c++ comments - - We aim for C89 compliance - -- keyb-interactive: allow zero length fields - - Allow zero length fields so they don't cause malloc(0) calls - - Avoid free()ing NULL pointers - - Avoid a malloc of a fixed 5 byte buffer. - -- libssh2_channel_process_startup.3: clean up - - Remove the references to the macro-fied shortcuts as they have their own - individual man pages. - - Made the prototype different and more readable. - -- man page: fix .BR lines - - We don't use \fI etc on .BR lines - -- userauth_keyboard_interactive: skip code on zero length auth - -- libssh2_channel_forward_accept.3: mention how to get error - - Since this returns a pointer, libssh2_session_last_errno() must be used - to get the actual error code and it wasn't that clear before. - -- timeout docs: mention they're added in 1.2.9 - -- sftp_write_sliding.c: indent fix - - Use the standard indenting and removed CVS leftover comment - -- [zl liu brought this change] - - sftp_write_sliding: send the complete file - - When reaching the end of file there can still be data left not sent. - -- [Douglas Masterson brought this change] - - session_startup: init state properly - - libssh2_session_startup() didn't set the state correctly so it could get - confused. - - Fixes #218 - -- timeout: added man pages - -- BLOCK_ADJUST_ERRNO: move rc to right level - - We can't declare the variable within the block and use it in the final - do-while() expression to be properly portable C89. - -- [Matt Lilley brought this change] - - adds a timeout to blocking calls - - Fixes bug #160 as per Daniel's suggestion - - Adds libssh2_session_set_timeout() and libssh2_session_get_timeout() - -- SCP: fix incorrect error code - - After an error occurs in libssh2_scp_recv() or libssh2_scp_send(), the - function libssh2_session_last_error() would return - LIBSSH2_ERROR_SOCKET_NONE on error. - - Bug: http://trac.libssh2.org/ticket/216 - Patch by: "littlesavage" - - Fixes #216 - -Guenter Knauf (19 Apr 2011) -- Updated default (recommended) dependency versions. - -Daniel Stenberg (17 Apr 2011) -- libssh2_session_block_directions: fix mistake - - The last LIBSSH2_SESSION_BLOCK_INBOUND should be - LIBSSH2_SESSION_BLOCK_OUTBOUND - - And I shortened the short description - - Reported by: "drswinghead" - -- msvcproj: added libs and debug stuff - - Added libraries needed to link whether using openssl dynamically or - statically - - Added LIBSSH2DEBUG define to debug versions to enable tracing - - URL: http://trac.libssh2.org/ticket/215 - Patch by: Mark Smith - -- sftp_write: clean offsets on error - - When an error has occurred on FXP_WRITE, we must make sure that the - offset, sent offset and acked counter are reset properly. - -- example/.gitignore: ignore built binaries - -- sftp_write: flush the packetlist on error - - When an error occurs during write, flush the entire list of pending - outgoing SFTP packets. - -- keepalive: add first basic man pages - - Someone on IRC pointed out that we don't have these documented so I - wrote up a first set based on the information in the wiki: - http://trac.libssh2.org/wiki/KeepAlive - -- scp_write_nonblock.c: remove pointless check - - libssh2_channel_write() cannot return a value that is larger than the - input length value - -Mikhail Gusarov (9 Apr 2011) -- s/\.NF/.nf/ to fix wrong macro name caught by man --warnings - -Daniel Stenberg (6 Apr 2011) -- version: bump to 1.2.9_dev - - Also update the copyright year range to include 2011 - -- configure: fix $VERSION - - Stop using the $VERSION variable as it seems to be magically used by - autoconfig itself and thus gets set to the value set in AC_INIT() - without us wanting that. $LIBSSH2VER is now the libssh2 version as - detected. - - Reported by: Paul Howarth - Bug: http://www.libssh2.org/mail/libssh2-devel-archive-2011-04/0008.shtml - -- maketgz: use git2news.pl by the correct name - -Version 1.2.8 (4 Apr 2011) - -Daniel Stenberg (4 Apr 2011) -- RELEASE-NOTES: synced with fabf1a45ee - -- NEWS: auto-generated from git - - Starting now, the NEWS file is generated from git using the git2news.pl - script. This makes it always accurate and up-to-date, even for daily - snapshots etc. - -- sftp_write: handle FXP_WRITE errors - - When an sftp server returns an error back on write, make sure the - function bails out and returns the proper error. - -- configure: stop using the deprecated AM_INIT_AUTOMAKE syntax - -Alexander Lamaison (13 Mar 2011) -- Support unlimited number of host names in a single line of the known_hosts file. - - Previously the code assumed either a single host name or a hostname,ip-address pair. However, according to the spec [1], there can be any number of comma separated host names or IP addresses. - - [1] http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8 - -Daniel Stenberg (26 Feb 2011) -- libssh2_knownhost_readfile.3: clarify return value - - This function returns the number of parsed hosts on success, not just - zero as previously documented. - -Peter Stuge (26 Feb 2011) -- Don't save allocated packet size until it has actually been allocated - - The allocated packet size is internal state which needs to match reality - in order to avoid problems. This commit fixes #211. - -Daniel Stenberg (21 Feb 2011) -- [Alfred Gebert brought this change] - - session_startup: manage server data before server identification - - Fix the bug that libssh2 could not connect if the sftp server - sends data before sending the version string. - - http://tools.ietf.org/html/rfc4253#section-4.2 - - "The server MAY send other lines of data before sending the version - string. Each line SHOULD be terminated by a Carriage Return and Line - Feed. Such lines MUST NOT begin with "SSH-", and SHOULD be encoded - in ISO-10646 UTF-8 [RFC3629] (language is not specified). Clients - MUST be able to process such lines." - -- [Alfred Gebert brought this change] - - fullpacket: decompression only after init - - The buffer for the decompression (remote.comp_abstract) is initialised - in time when it is needed. With this fix decompression is disabled when - the buffer (remote.comp_abstract) is not initialised. - - Bug: http://trac.libssh2.org/ticket/200 - -- _libssh2_channel_read: store last error - - When the transport layer returns EAGAIN this function didn't call - _libssh2_error() which made the last_error not get set. - -- sftp_write: clarified the comment header - -- sftp_read: avoid wrapping counter to insanity - - As pointed out in bug #206, if a second invoke of libssh2_sftp_read() - would shrink the buffer size, libssh2 would go nuts and send out read - requests like crazy. This was due to an unsigned variable turning - "negative" by some wrong math, and that value would be the amount of - data attempt to pre-buffer! - - Bug: http://trac.libssh2.org/ticket/206 - -- sftp_packet_read: use 32bit variables for 32bit data - -- libssh2_sftp_stat_ex.3: cleaned up, extended - - Removed the macros from it as they have their own man pages. - - Added the LIBSSH2_SFTP_ATTRIBUTES struct in here for easier reference. - -- sftp_readdir: return error if buffer is too small - - If asked to read data into a buffer and the buffer is too small to hold - the data, this function now returns an error instead of as previously - just copy as much as fits. - -- sftp_symlink: return error if receive buffer too small - - and clean up some variable type mismatches - - Discussion: http://www.libssh2.org/mail/libssh2-devel-archive-2011-01/0001.shtml - -- docs: clarify what happens with a too small buffer - - This flaw is subject to change, but I figured it might be valuable to - users of existing code to know how it works. - -- channel_request_pty_size: fix reqPTY_state - - The state variable isn't properly set so every other call to the - function fails! - - Bug: http://libssh2.org/mail/libssh2-devel-archive-2010-12/0096.shtml - Reported by: Steve Legg - -- data size: cleanup - - Fix 64bit warnings by using (s)size_t and dedicated uint32_t types more. - -- [Pierre Joye brought this change] - - ssize_t: proper typedef with MSVC compilers - - As discussed on the mailing list, it was wrong for win64 and using the - VC-provided type is the safest approach instead of second- guessing - which one it should be. - -Guenter Knauf (22 Dec 2010) -- Updated OpenSSL version. - -- Expanded tabs to spaces. - -Peter Stuge (21 Dec 2010) -- [Joey Degges brought this change] - - _libssh2_ntohu64: fix conversion from network bytes to uint64 - - Cast individual bytes to uint64 to avoid overflow in arithmetic. - -Daniel Stenberg (20 Dec 2010) -- libssh2_userauth_list: language fix - - "faily" is not a good English word, and I also cleaned up some other minor - mistakes - -- crypto: unify the generic functions - - Added crypto.h that is the unified header to include when using crypto - functionality. It should be the only header that needs to adapt to the - underlying crypto library in use. It provides the set of prototypes that - are library agnostic. - -- [Mark Smith brought this change] - - userauth: derive publickey from private - - Pass a NULL pointer for the publickey parameter of - libssh2_userauth_publickey_fromfile and - libssh2_userauth_hostbased_fromfile functions. In this case, the - functions recompute the public key from the private key file data. - - This is work done by Jean-Louis CHARTON - , then adapted by Mark Smith and - slightly edited further by me Daniel. - - WARNING: this does leave the feature NOT WORKING when libssh2 is built - to use libgcrypt instead of OpenSSL simply due to lack of - implementation. - -- ssh2_echo: Value stored to 'exitcode' is never read - -- _libssh2_packet_add: fix SSH_MSG_DEBUG weirdness - - I believe I may have caused this weird typo style error when I cleaned - up this function a while ago. Corrected now. - -- uint32: more longs converted to proper types - - I also moved the MAC struct over to the mac.h header file and made sure - that the users of that struct include that file. - -- SFTP: more types to uint32_t - - The 'num_names' field in the SSH_FXP_NAME response is an unsigned 32bit - value so we make sure to treat it like that. - -- SFTP: request_ids are uint32_t - - I went over the code and made sure we use uint32_t all over for the - request_id data. It is an unsigned 32bit value on the wire. - -- SFTP: store request_id separately in packets - - By using a new separate struct for incoming SFTP packets and not sharing - the generic packet struct, we can get rid of an unused field and add a - new one dedicated for holding the request_id for the incoming - package. As sftp_packet_ask() is called fairly often, a "mere" integer - comparison is MUCH faster than the previous memcmp() of (typically) 5 - bytes. - -- libssh2_sftp_open_ex: man page extended and cleaned up - - I added the missing documentation for the 'flags' argument. - -- SFTP: unify the READ/WRITE chunk structs - -- SFTP: fix memory leaks - - Make sure that we cleanup remainders when the handle is closed and when - the subsystem is shutdown. - - Existing flaw: if a single handle sends packets that haven't been - replied to yet at the time when the handle is closed, those packets will - arrive later and end up in the generic packet brigade queue and they - will remain in there until flushed. They will use unnecessary memory, - make things slower and they will ruin the SFTP handling if the - request_id counter ever wraps (highly unlikely to every happen). - -- sftp_close_handle: packet list is generic - - Fix comment, simplify the loop logic - -- sftp_read: pipeline reads - - The SFTP read function now does transfers the same way the SFTP write - function was made to recently: it creates a list of many outgoing - FXP_READ packets that each asks for a small data chunk. The code then - tries to keep sending read request while collecting the acks for the - previous requests and returns the received data. - -- sftp_write: removed unused variable - -- _libssh2_channel_close: don't call transport read if disconnected - - The loop that waits for remote.close to get set may end up looping - forever since session->socket_state gets set to - LIBSSH2_SOCKET_DISCONNECTED by the packet_add() function called from the - transport_read() function and after having been set to - LIBSSH2_SOCKET_DISCONNECTED, the transport_read() function will only - return 0. - - Bug: http://trac.libssh2.org/ticket/198 - -- libssh2_sftp_seek64: new man page - - Split off libssh2_sftp_seek64 from the libssh2_sftp_seek man page, and - mentioned that we consider the latter deprecated. Also added a mention - about the dangers of doing seek during writing or reading. - -- sftp_seek: fix - - The new SFTP write code caused a regression as the seek function no - longer worked as it didn't set the write position properly. - - It should be noted that seeking is STRONGLY PROHIBITED during upload, as - the upload magic uses two different offset positions and the multiple - outstanding packets etc make them sensitive to change in the midst of - operations. - - This functionality was just verified with the new example code - sftp_append. This bug was filed as bug #202: - - Bug: http://trac.libssh2.org/ticket/202 - -- sftp_append: new example doing SFTP append - -- MAX_SFTP_OUTGOING_SIZE: 30000 - - I ran SFTP upload tests against localhost. It showed that to make the - app reach really good speeds, I needed to do a little code tweak and - change MAX_SFTP_OUTGOING_SIZE from 4000 to 30000. The tests I did before - with the high latency tests didn't show any real difference whatever I - had that size set to. - - This number is the size in bytes that libssh2 cuts off the large input - buffer and sends off as an individual sftp packet. - -- sftp_write_sliding.c: new example - - This is an example that is very similar to sftp_write_nonblock.c, with - the exception that this uses - - 1 - a larger upload buffer - - 2 - a sliding buffer mechnism to allow the app to keep sending lots of - data to libssh2 without having to first drain the buffer. - - These are two key issues to make libssh2 SFTP uploads really perform - well at this point in time. - -- cpp: s/#elsif/#elif - - This looks like a typo as #elsif is not really C... - -- _libssh2_channel_write: revert channel_write() use - - The attempts made to have _libssh2_channel_write() accept larger pieces - of data and split up the data by itself into 32700 byte chunks and pass - them on to channel_write() in a loop as a way to do faster operations on - larger data blocks was a failed attempt. - - The reason why it is difficult: - - The API only allows EAGAIN or a length to be returned. When looping over - multiple blocks to get sent, one block can get sent and the next might - not. And yet: when transport_send() has returned EAGAIN we must not call - it again with new data until it has returned OK on the existing data it - is still working on. This makes it a mess and we do get a much easier - job by simply returning the bytes or EAGAIN at once, as in the EAGAIN - case we can assume that we will be called with the same arguments again - and transport_send() will be happy. - - Unfortunately, I think we take a small performance hit by not being able - to do this. - -- ssh2_echo: new example - - This is a new example snippet. The code is largely based on ssh2_exec, - and is written by Tommy Lindgren. I edited it into C90 compliance and to - conform to libssh2 indent style and some more. - -- send_existing: return after send_existing - - When a piece of data is sent from the send_existing() function we must - make the parent function return afterwards. Otherwise we risk that the - parent function tries to send more data and ends up getting an EGAIN for - that more data and since it can only return one return code it doesn't - return info for the successfully sent data. - - As this change is a regression I now added a larger comment explaining - why it has to work like this. - -- _libssh2_channel_write: count resent data as written - - In the logic that resends data that was kept for that purpose due to a - previous EAGAIN, the data was not counted as sent causing badness. - -Peter Stuge (13 Nov 2010) -- Use fprintf(stderr, ) instead of write(2, ) for debugging - -- session/transport: Correctly handle when _libssh2_send() returns -EAGAIN - -- src/agent.c: Simplify _libssh2_send() error checking ever so slightly - -Daniel Stenberg (12 Nov 2010) -- send/recv: use _libssh2_recv and _libssh2_send now - - Starting now, we unconditionally use the internal replacement functions - for send() and recv() - creatively named _libssh2_recv() and - _libssh2_send(). - - On errors, these functions return the negative 'errno' value instead of - the traditional -1. This design allows systems that have no "natural" - errno support to not have to invent it. It also means that no code - outside of these two transfer functions should use the errno variable. - -- channel_write: move some logic to _libssh2_channel_write - - Some checks are better done in _libssh2_channel_write just once per - write instead of in channel_write() since the looping will call the - latter function multiple times per _libssh2_channel_write() invoke. - -- sftp_write: handle "left over" acked data - - The SFTP handle struct now buffers number of acked bytes that haven't - yet been returned. The way this is used is as following: - - 1. sftp_write() gets called with a buffer of let say size 32000. We - split 32000 into 8 smaller packets and send them off one by one. One of - them gets acked before the function returns so 4000 is returned. - - 2. sftp_write() gets called again a short while after the previous one, - now with a much smaller size passed in to the function. Lets say 8000. - In the mean-time, all of the remaining packets from the previous call - have been acked (7*4000 = 28000). This function then returns 8000 as all - data passed in are already sent and it can't return any more than what - it got passed in. But we have 28000 bytes acked. We now store the - remaining 20000 in the handle->u.file.acked struct field to add up in - the next call. - - 3. sftp_write() gets called again, and now there's a backlogged 20000 - bytes to return as fine and that will get skipped from the beginning - of the buffer that is passed in. - -- sftp_write: polished and simplified - - Removed unnecessary struct fields and state changes within the function. - - Made the loop that checks for ACKs only check chunks that were fully - sent. - -- SCP: on failure, show the numerical error reason - - By calling libssh2_session_last_errno() - -- SFTP: provide the numerical error reason on failure - -- SCP: clean up failure treatment - - When SCP send or recv fails, it gets a special message from the server - with a warning or error message included. We have no current API to - expose that message but the foundation is there. Removed unnecessary use - of session struct fields. - -- sftp_write: enlarge buffer to perform better - -- packets: code cleanup - - I added size checks in several places. I fixed the code flow to be easier - to read in some places. - - I removed unnecessary zeroing of structs. I removed unused struct fields. - -- LIBSSH2_CALLBACK_MACERROR: clarify return code use - -- _libssh2_userauth_publickey: avoid shadowing - -- packet: avoid shadowing global symbols - -- sftp_readdir: avoid shadowing - -- shadowing: don't shadow the global compress - -- _libssh2_packet_add: turn ifs into a single switch - -- _libssh2_packet_add: check SSH_MSG_GLOBAL_REQUEST packet - -- _libssh2_packet_add: SSH_MSG_DEBUG length checks - - Verify lengths before using them. Read always_display from the correct - index. Don't copy stuff around just to provide zero-termination of the - strings. - -- _libssh2_packet_add: SSH_MSG_IGNORE skip memmove - - There's no promise of a zero termination of the data in the callback so - no longer perform ugly operation in order to provide it. - -- _libssh2_packet_add: SSH_MSG_DISCONNECT length checks - - Verify lengths before trying to read data. - -- indent: break lines at 80 columns - -- SSH_MSG_CHANNEL_OPEN_FAILURE: used defined values - - We don't like magic numbers in the code. Now the acceptable failure - codes sent in the SSH_MSG_CHANNEL_OPEN_FAILURE message are added as - defined values in the private header file. - -- sftp_write: don't return EAGAIN if no EAGAIN was received - - This function now only returns EAGAIN if a lower layer actually returned - EAGAIN to it. If nothing was acked and no EAGAIN was received, it will - now instead return 0. - -- _libssh2_wait_socket: detect nothing-to-wait-for - - If _libssh2_wait_socket() gets called but there's no direction set to - wait for, this causes a "hang". This code now detects this situation, - set a 1 second timeout instead and outputs a debug output about it. - -- decomp: remove the free_dest argument - - Since the decompress function ALWAYS returns allocated memory we get a - lot simpler code by removing the ability to return data unallocated. - -- decomp: cleaned off old compression stuff - - I cleared off legacy code from when the compression and decompression - functions were a single unified function. Makes the code easier to read - too. - -- [TJ Saunders brought this change] - - decomp: increase decompression buffer sizes - -- [TJ Saunders brought this change] - - zlib: Add debug tracing of zlib errors - -- sftp_packet_read: handle partial reads of the length field - - SFTP packets come as [32 bit length][payload] and the code didn't - previously handle that the initial 32 bit field was read only partially - when it was read. - -- [Jasmeet Bagga brought this change] - - kex_agree_hostkey: fix NULL pointer derefence - - While setting up the session, ssh tries to determine the type of - encryption method it can use for the session. This requires looking at - the keys offered by the remote host and comparing these with the methods - supported by libssh2 (rsa & dss). To do this there is an iteration over - the array containing the methods supported by libssh2. - - If there is no agreement on the type of encryption we come to the 3rd - entry of the hostkeyp array. Here hostkeyp is valid but *hostkep is - NULL. Thus when we dereference that in (*hostkeyp)->name there is a - crash - -- _libssh2_transport_send: remove dead assignment - - 'data' isn't accessed beyond this point so there's no need to assign it. - -- scp_recv: remove dead assignment - - Instead of assigning a variable we won't read, we now use the more - explicit (void) prefix. - -- sftp_write: removed superfluous assignment - -- bugfix: avoid use of uninitialized value - -- sftp_packet_require: propagate error codes better - - There were some chances that they would cause -1 to get returned by - public functions and as we're hunting down all such occurances and since - the underlying functions do return valuable information the code now - passes back proper return codes better. - -- [Alfred Gebert brought this change] - - fix memory leaks (two times cipher_data) for each sftp session - -- libssh2_userauth_authenticated: make it work as documented - - The man page clearly says it returns 1 for "already authenticated" but - the code said non-zero. I changed the code to use 1 now, as that is also - non-zero but it gets the benefit that it now matches the documentation. - - Using 1 instead of non-zero is better for two reasons: - - 1. We have the opportunity to introduce other return codes in the future for - things like error and what not. - 2. We don't expose the internal bitmask variable value. - -- userauth_keyboard_interactive: fix indent - -- [Alfred Gebert brought this change] - - fix memory leak in userauth_keyboard_interactive() - - First I wanted to free the memory in session_free() but then - I had still memory leaks because in my test case the function - userauth_keyboard_interactive() is called twice. It is called - twice perhaps because the server has this authentication - methods available: publickey,gssapi-with-mic,keyboard-interactive - The keyboard-interactive method is successful. - -- dist: include sftp.h in dist archives - -Simon Josefsson (27 Oct 2010) -- Update header to match new function prototype, see c48840ba88. - -Daniel Stenberg (26 Oct 2010) -- bugfixes: the transport rearrange left some subtle flaws now gone - -- libssh2_userauth_publickey_fromfile_ex.3: cleaned up looks - -- libssh2_userauth_publickey: add man page - - I found an undocumented public function and we can't have it like - that. The description here is incomplete, but should serve as a template - to allow filling in... - -- libssh2_sftp_write.3: added blurb about the "write ahead" - - Documented the new SFTP write concept - -- sftp_close_handle: free any trailing write chunks - -- _libssh2_channel_write: fix warnings - -- SFTP: bufgix, move more sftp stuff to sftp.h - - The sftp_write function shouldn't assume that the buffer pointer will be - the same in subsequent calls, even if it assumes that the data already - passed in before haven't changed. - - The sftp structs are now moved to sftp.h (which I forgot to add before) - -- SFTP: use multiple outgoing packets when writing - - sftp_write was rewritten to split up outgoing data into multiple packets - and deal with the acks in a more asynchronous manner. This is meant to - help overcome latency and round-trip problems with the SFTP protocol. - -- TODO: implemented a lot of the ideas now - -- _libssh2_channel_write: removed 32500 size limit - - Neither _libssh2_channel_write nor sftp_write now have the 32500 size - limit anymore and instead the channel writing function now has its own - logic to send data in multiple calls until everything is sent. - -- send_existing: don't tell parent to return when drained - - That will just cause unnecessary code execution. - -- _libssh2_channel_write: general code cleanup - - simplified the function and removed some unused struct fields - -- _libssh2_transport_send: replaces _libssh2_transport_write - - The new function takes two data areas, combines them and sends them as a - single SSH packet. This allows several functions to allocate and copy - less data. - - I also found and fixed a mixed up use of the compression function - arguments that I introduced in my rewrite in a recent commit. - -- scp_write_nonblock: use select() instead of busyloop - - Make this example nicer by not busylooping. - -- send_existing: clear olen when the data is sent off - -- _libssh2_transport_write: allow 256 extra bytes around the packet - -- _libssh2_transport_write: remade to send without malloc - -- compress: compression disabled by default - - We now allow libssh2_session_flag() to enable compression with a new - flag and I added documentation for the previous LIBSSH2_FLAG_SIGPIPE - flag which I wasn't really aware of! - -- comp: split the compress function - - It is now made into two separate compress and decompress functions. In - preparation for upcoming further modficications. - -Dan Fandrich (20 Oct 2010) -- Added header file to allow compiling in older environments - -Daniel Stenberg (20 Oct 2010) -- TODO: add a possible new API for SFTP transfers - -- TODO: "New Transport API" added - -- TODO: add buffering plans - -Simon Josefsson (13 Oct 2010) -- Mention libssh2_channel_get_exit_signal and give kudos. - -- [Tommy Lindgren brought this change] - - Add libssh2_channel_get_exit_signal man page. - - Signed-off-by: Simon Josefsson - -- [Tommy Lindgren brought this change] - - Add libssh2_channel_get_exit_signal. - - Signed-off-by: Simon Josefsson - -- Add libssh2_free man page and fix typo. - -- Add libssh2_free. - -Daniel Stenberg (11 Oct 2010) -- scp_recv: improved treatment of channel_read() returning zero - - As a zero return code from channel_read() is not an error we must make - sure that the SCP functions deal with that properly. channel_read() - always returns 0 if the channel is EOFed already so we check for EOF - after 0-reads to be able to return error properly. - -- libssh2_session_methods.3: detail what can be asked for - -- compression: send zlib before none - - As the list of algorithms in a preferred order we should send zlib - before none to increase the chances that the server will let us do - compression. - -- compress: faster check, better return codes - - In the transport functions we avoid a strcmp() now and just check a - boolean instead. - - The compress/decompress function's return code is now acknowledged and - used as actual return code in case of failures. - -- libssh2_session_handshake: replaces libssh2_session_startup() - - The function libssh2_session_startup() is now considered deprecated due - to the portability issue with the socket argument. - libssh2_session_handshake() is the name of the replacement. - -- libssh2_socket_t: now externally visible - - In preparation for upcominig changes, the libssh2_socket_t type is now - typedef'ed in the public header. - -- _libssh2_transport_drain: removed - - This function proved not to be used nor useful. - -- _libssh2_channel_write: don't iterate over transport writes - - When a call to _libssh2_transport_write() succeeds, we must return from - _libssh2_channel_write() to allow the caller to provide the next chunk - of data. - - We cannot move on to send the next piece of data that may already have - been provided in this same function call, as we risk getting EAGAIN for - that and we can't return information both about sent data as well as - EAGAIN. So, by returning short now, the caller will call this function - again with new data to send. - -- _libssh2_transport_write: updated documentation blurb - -- _libssh2_transport_write: remove fprintf remainder - - Mistake from previous debugging - -- session: improved errors - - Replaced -1/SOCKET_NONE errors with appropriate error defines instead. - - Made the verbose trace output during banner receiving less annoying for - non-blocking sessions. - -- crypt_init: use correct error define - -- _libssh2_error: hide EAGAIN for non-blocking sessions - - In an attempt to make the trace output less cluttered for non-blocking - sessions the error function now avoids calling the debug function if the - error is the EAGAIN and the session is non-blocking. - -- agent: use better error defines - -- comp_method_zlib_init: use correct error defines - -- transport: better error codes - - LIBSSH2_SOCKET_NONE (-1) should no longer be used as error code as it is - (too) generic and we should instead use specific and dedicated error - codes to better describe the error. - -- channel: return code and _libssh2_error cleanup - - Made sure that all transport_write() call failures get _libssh2_error - called. - -- _libssh2_channel_write: limit to 32700 bytes - - The well known and used ssh server Dropbear has a maximum SSH packet - length at 32768 by default. Since the libssh2 design current have a - fixed one-to-one mapping from channel_write() to the packet size created - by transport_write() the previous limit of 32768 in the channel layer - caused the transport layer to create larger packets than 32768 at times - which Dropbear rejected forcibly (by closing the connection). - - The long term fix is of course to remove the hard relation between the - outgoing SSH packet size and what the input length argument is in the - transport_write() function call. - -- libssh.h: add more dedicated error codes - -- SCP: allow file names with bytes > 126 - - When parsing the SCP protocol and verifying that the data looks like a - valid file name, byte values over 126 must not be consider illegal since - UTF-8 file names will use such codes. - - Reported by: Uli Zappe - Bug: http://www.libssh2.org/mail/libssh2-devel-archive-2010-08/0112.shtml - -Dan Fandrich (25 Aug 2010) -- Document the three sftp stat constants - -Guenter Knauf (18 Aug 2010) -- Fixed Win32 makefile which was now broken at resource build. - -- It is sufficient to pipe stderr to NUL to get rid of the nasty messages. - -- [Author: Guenter Knauf brought this change] - - Removed Win32 ifdef completely for sys/uio.h. - - No idea why we had this ifdef at all but MSVC, MingW32, Watcom - and Borland all have no sys/uio.h header; so if there's another - Win32 compiler which needs it then it should be added explicitely - instead of this negative list. - -- New files should also be added to Makefile.am. - - Otherwise they will never be included with release and snapshot tarballs ... - -Daniel Stenberg (18 Aug 2010) -- version: bump to 1.2.8_DEV - -Version 1.2.7 (17 Aug 2010) - -Daniel Stenberg (17 Aug 2010) -- release: updated to hold 1.2.7 info - -Guenter Knauf (17 Aug 2010) -- Use the new libssh2.rc file. - -- Added resource file for libssh2.dll (shamelessly stolen from libcurl). - -- Updated Win32 MSVC dependencies versions. - -- Added include for sys/select.h to get fd.set on some platforms. - -- Added Watcom makefile borrowed from libcurl. - - This makefile compiles already all files fine for static lib, but needs - final touch when I have OpenSSL fully working with shared libs and Watcom. - -- Added copyright define to libssh2.h and use it for binary builds. - -- Moved version defines up in order to include from .rc file. - - Blocked rest of header with ifndef so its possible to let - the rc compiler only use the version defines. - -- Some minor makefile tweaks. - -Daniel Stenberg (2 Aug 2010) -- example: treat the libssh2_channel_read() return code properly - - A short read is not an error. Only negative values are errors! - -- libssh2_wait_socket: reset error code to "leak" EAGAIN less - - Since libssh2 often sets LIBSSH2_ERROR_EAGAIN internally before - _libssh2_wait_socket is called, we can decrease some amount of - confusion in user programs by resetting the error code in this function - to reduce the risk of EAGAIN being stored as error when a blocking - function returns. - -- _libssh2_wait_socket: poll needs milliseconds - - As reported on the mailing list, the code path using poll() should - multiple seconds with 1000 to get milliseconds, not divide! - - Reported by: Jan Van Boghout - -- typedef: make ssize_t get typedef without LIBSSH2_WIN32 - - The condition around the ssize_t typedef depended on both LIBSSH2_WIN32 - *and* _MSC_VER being defined when it should be enough to depend on - _MSC_VER only. It also makes it nicer so libssh2-using code builds fine - without having custom defines. - -- [John Little brought this change] - - session_free: free more data to avoid memory leaks - -- channel_free: ignore problems with channel_close() - - As was pointed out in bug #182, we must not return failure from - _libssh2_channel_free() when _libssh2_channel_close() returns an error - that isn't EAGAIN. It can effectively cause the function to never go - through, like it did now in the case where the socket was actually - closed but socket_state still said LIBSSH2_SOCKET_CONNECTED. - - I consider this fix the right thing as it now also survives other - errors, even if making sure socket_state isn't lying is also a good - idea. - -- publickey_list_free: no return value from a void function - - Fixed a compiler warning I introduced previously when checking input - arguments more. I also added a check for the other pointer to avoid NULL - pointer dereferences. - -- [Lars Nordin brought this change] - - openssl: make use of the EVP interface - - Make use of the EVP interface for the AES-funktion. Using this method - supports the use of different ENGINES in OpenSSL for the AES function - (and the direct call to the AES_encrypt should not be used according to - openssl.org) - -Peter Stuge (23 Jun 2010) -- [Tor Arntsen brought this change] - - Don't overflow MD5 server hostkey - - Use SHA_DIGEST_LENGTH and MD5_DIGEST_LENGTH in memcpy instead of hardcoded - values. An incorrect value was used for MD5. - -- Fix message length bugs in libssh2_debug() - - There was a buffer overflow waiting to happen when a debug message was - longer than 1536 bytes. - - Thanks to Daniel who spotted that there was a problem with the message - length passed to a trace handler also after commit - 0f0652a3093111fc7dac0205fdcf8d02bf16e89f. - -- Make libssh2_debug() create a correctly terminated string - - Also use FILE *stderr rather than fd 2, which can very well be something - completely different. - -Daniel Stenberg (23 Jun 2010) -- [TJ Saunders brought this change] - - handshake: Compression enabled at the wrong time - - In KEXINIT messages, the client and server agree on, among other - things, whether to use compression. This method agreement occurs - in src/kex.c's kex_agree_methods() function. However, if - compression is enabled (either client->server, server->client, or - both), then the compression layer is initialized in - kex_agree_methods() -- before NEWKEYS has been received. - - Instead, the initialization of the compression layer should - happen after NEWKEYS has been received. This looks to occur - insrc/kex.c's diffie_hellman_sha1(), which even has the comment: - - /* The first key exchange has been performed, - - switch to active crypt/comp/mac mode */ - - There, after NEWKEYS is received, the cipher and mac algorithms - are initialized, and that is where the compression should be - initialized as well. - - The current implementation fails if server->client compression is - enabled because most server implementations follow OpenSSH's - lead, where compression is initialized after NEWKEYS. Since the - server initializes compression after NEWKEYS, but libssh2 - initializes compression after KEXINIT (i.e. before NEWKEYS), they - are out of sync. - - Reported in bug report #180 - -- [TJ Saunders brought this change] - - userauth_hostbased_fromfile: packet length too short - - The packet length calculated in src/userauth.c's - userauth_hostbased_fromfile() function is too short by 4 bytes; - it forgets to add four bytes for the length of the hostname. - This causes hostbased authentication to fail, since the server - will read junk data. - - verified against proftpd's mod_sftp module - -- _libssh2_userauth_publickey: reject method names longer than the data - - This functions get the method length by looking at the first 32 - bit of data, and I now made it not accept method lengths that are - longer than the whole data set is, as given in the dedicated - function argument. - - This was detected when the function was given bogus public key - data as an ascii string, which caused the first 32bits to create - a HUGE number. - -- NULL resistance: make more public functions survive NULL pointer input - - Sending in NULL as the primary pointer is now dealt with by more - public functions. I also narrowed the userauth.c code somewhat to - stay within 80 columns better. - -- agent: make libssh2_agent_userauth() work blocking properly - - previously it would always work in a non-blocking manner - -Peter Stuge (17 Jun 2010) -- Fix underscore typo for 64-bit printf format specifiers on Windows - - Commit 49ddf447ff4bd80285f926eac0115f4e595f9425 was missing underscores. - -Daniel Stenberg (16 Jun 2010) -- libssh2_session_callback_set: extended the man page diff --git a/libssh2/NMakefile b/libssh2/NMakefile index 07bc2ddad..9e3f36e37 100644 --- a/libssh2/NMakefile +++ b/libssh2/NMakefile @@ -1,23 +1,86 @@ -!include "win32/config.mk" - -!if "$(WITH_WINCNG)" == "1" -!include "Makefile.WinCNG.inc" -!else -!include "Makefile.OpenSSL.inc" +!if "$(TARGET)" == "" +TARGET=Release !endif -!include "Makefile.inc" + +!if "$(TARGET)" == "Debug" +SUFFIX=_debug +CFLAGS=/Od /MDd +DLLFLAGS=/LDd /DEBUG +!else +CFLAGS=/Oi /O2 /Oy /GF /Y- /MD /DNDEBUG +DLLFLAGS=/LD +!endif + +CFLAGS=/nologo /GL /Zi /EHsc $(CFLAGS) /Iinclude + +!if "$(OPENSSL_PATH)" != "" +CFLAGS=$(CFLAGS) /DLIBSSH2_OPENSSL /I$(OPENSSL_PATH)\include +LIBS=$(LIBS) $(OPENSSL_PATH)\lib\crypto.lib $(OPENSSL_PATH)\lib\ssl.lib +!else +CFLAGS=$(CFLAGS) /DLIBSSH2_WINCNG +LIBS=crypt32.lib bcrypt.lib +!endif + +!if "$(ZLIB_PATH)" != "" +CFLAGS=$(CFLAGS) /DLIBSSH2_HAVE_ZLIB /I$(ZLIB_PATH)\include +LIBS=$(LIBS) $(ZLIB_PATH)\lib\zlib.lib +!endif + +LIBS=$(LIBS) ws2_32.lib user32.lib advapi32.lib gdi32.lib + +INTDIR=$(TARGET) + +SUBDIR=src + +!include "src/Makefile.inc" OBJECTS=$(CSOURCES:.c=.obj) -# SUBDIRS=src example -SUBDIRS=src +!if "$(TARGET)" == "Debug" +OBJECTS=Debug/$(OBJECTS: = Debug/) +OBJECTS=$(OBJECTS: Debug/ = ) +!else +TARGET=Release +OBJECTS=Release/$(OBJECTS: = Release/) +OBJECTS=$(OBJECTS: Release/ = ) +!endif -all-sub: win32\objects.mk - -for %D in ($(SUBDIRS)) do $(MAKE) /nologo /f %D/NMakefile BUILD=$(BUILD) SUBDIR=%D all-sub +!if "$(AR)" == "" +AR=lib +ARFLAGS=-nologo /LTCG +!endif -clean: - -rmdir 2>NUL /s/q $(TARGET) - -del 2>NUL win32\objects.mk +RESOURCE=$(INTDIR)\libssh2.res +DLL=libssh2$(SUFFIX).dll +STATICLIB=$(INTDIR)\libssh2.lib + +!if "$(BUILD_STATIC_LIB)" == "" +all: $(INTDIR) $(DLL) +!else +all: $(INTDIR) $(STATICLIB) +!endif + +$(INTDIR): + @if not exist $(INTDIR) mkdir $(INTDIR) + +$(DLL): $(OBJECTS) $(RESOURCE) + $(CC) -o $(DLL) $(CFLAGS) $(DLLFLAGS) $(OBJECTS) $(RESOURCE) $(LIBS) + +$(STATICLIB): $(OBJECTS) + $(AR) $(ARFLAGS) -out:$@ $(OBJECTS) + +$(RESOURCE): src\libssh2.rc + $(RC) /Iinclude /Fo"$@" $? + +all-sub: $(INTDIR) all + +clean-sub: clean + +{$(SUBDIR)}.c{$(INTDIR)}.obj:: + $(CC) -c $(CFLAGS) /Fo"$(INTDIR)\\" $< + +clean: + -rd 2>NUL /q /s $(TARGET) real-clean vclean: clean -del 2>NUL libssh2.dll @@ -25,9 +88,3 @@ real-clean vclean: clean -del 2>NUL libssh2.ilk -del 2>NUL libssh2.lib -del 2>NUL *.pdb - -win32\objects.mk: Makefile.inc - @echo OBJECTS = \>$@ - @for %O in ($(OBJECTS)) do @echo $$(INTDIR)\%O \>>$@ - @echo $$(EOL)>>$@ - diff --git a/libssh2/README b/libssh2/README index 8a148568c..89639ba7d 100644 --- a/libssh2/README +++ b/libssh2/README @@ -6,7 +6,7 @@ the revised BSD license. Web site: https://www.libssh2.org/ -Mailing list: https://cool.haxx.se/mailman/listinfo/libssh2-devel +Mailing list: https://lists.haxx.se/listinfo/libssh2-devel License: see COPYING diff --git a/libssh2/README.md b/libssh2/README.md new file mode 100644 index 000000000..caa0b6708 --- /dev/null +++ b/libssh2/README.md @@ -0,0 +1,16 @@ +# libssh2 - SSH2 library + +libssh2 is a library implementing the SSH2 protocol, available under +the revised BSD license. + +[Web site](https://www.libssh2.org/) + +[Mailing list](https://lists.haxx.se/listinfo/libssh2-devel) + +[BSD Licensed](https://www.libssh2.org/license.html) + +[Web site source code](https://github.com/libssh2/www) + +Installation instructions: + - [for CMake](docs/INSTALL_CMAKE.md) + - [for autotools](docs/INSTALL_AUTOTOOLS) diff --git a/libssh2/RELEASE-NOTES b/libssh2/RELEASE-NOTES index 62064a9fe..c1c73db96 100644 --- a/libssh2/RELEASE-NOTES +++ b/libssh2/RELEASE-NOTES @@ -1,62 +1,75 @@ -libssh2 1.10 +libssh2 1.11 This release includes the following enhancements and bugfixes: - o adds agent forwarding support - o adds OpenSSH Agent support on Windows - o adds ECDSA key support using the Mbed TLS backend - o adds ECDSA cert authentication - o adds diffie-hellman-group14-sha256, diffie-hellman-group16-sha512, - diffie-hellman-group18-sha512 key exchanges - o adds support for PKIX key reading when using ed25519 with OpenSSL - o adds support for EWOULDBLOCK on VMS systems - o adds support for building with OpenSSL 3 - o adds support for using FIPS mode in OpenSSL - o adds debug symbols when building with MSVC - o adds support for building on the 3DS - o adds unicode build support on Windows - o restores os400 building - o increases min, max and opt Diffie Hellman group values - o improves portiablity of the make file - o improves timeout behavior with 2FA keyboard auth - o various improvements to the Wincng backend - o fixes reading parital packet replies when using an agent - o fixes Diffie Hellman key exchange on Windows 1903+ builds - o fixes building tests with older versions of OpenSSL - o fixes possible multiple definition warnings - o fixes potential cast issues _libssh2_ecdsa_key_get_curve_type() - o fixes potential use after free if libssh2_init() is called twice - o improved linking when using Mbed TLS - o fixes call to libssh2_crypto_exit() if crypto hasn't been initialized - o fixes crash when loading public keys with no id - o fixes possible out of bounds read when exchanging keys - o fixes possible out of bounds read when reading packets - o fixes possible out of bounds read when opening an X11 connection - o fixes possible out of bounds read when ecdh host keys - o fixes possible hang when trying to read a disconnected socket - o fixes a crash when using the delayed compression option - o fixes read error with large known host entries - o fixes various warnings - o fixes various small memory leaks - o improved error handling, various detailed errors will now be reported - o builds are now using OSS-Fuzz - o builds now use autoreconf instead of a custom build script - o cmake now respects install directory - o improved CI backend - o updated HACKING-CRYPTO documentation - o use markdown file extensions - o improved unit tests + o Adds support for encrypt-then-mac (ETM) MACs + o Adds support for AES-GCM crypto protocols + o Adds support for sk-ecdsa-sha2-nistp256 and sk-ssh-ed25519 keys + o Adds support for RSA certificate authentication + o Adds FIDO support with *_sk() functions + o Adds RSA-SHA2 key upgrading to OpenSSL, WinCNG, mbedTLS, OS400 backends + o Adds Agent Forwarding and libssh2_agent_sign() + o Adds support for Channel Signal message libssh2_channel_signal_ex() + o Adds support to get the user auth banner message libssh2_userauth_banner() + o Adds LIBSSH2_NO_{MD5, HMAC_RIPEMD, DSA, RSA, RSA_SHA1, ECDSA, ED25519, + AES_CBC, AES_CTR, BLOWFISH, RC4, CAST, 3DES} options + o Adds direct stream UNIX sockets with libssh2_channel_direct_streamlocal_ex() + o Adds wolfSSL support to CMake file + o Adds mbedTLS 3.x support + o Adds LibreSSL 3.5 support + o Adds support for CMake "unity" builds + o Adds CMake support for building shared and static libs in a single pass + o Adds symbol hiding support to CMake + o Adds support for libssh2.rc for all build tools + o Adds .zip, .tar.xz and .tar.bz2 release tarballs + o Enables ed25519 key support for LibreSSL 3.7.0 or higher + o Improves OpenSSL 1.1 and 3 compatibility + o Now requires OpenSSL 1.0.2 or newer + o Now requires CMake 3.1 or newer + o SFTP: Adds libssh2_sftp_open_ex_r() and libssh2_sftp_open_r() extended APIs + o SFTP: No longer has a packet limit when reading a directory + o SFTP: now parses attribute extensions if they exist + o SFTP: no longer will busy loop if SFTP fails to initialize + o SFTP: now clear various errors as expected + o SFTP: no longer skips files if the line buffer is too small + o SCP: add option to not quote paths + o SCP: Enables 64-bit offset support unconditionally + o Now skips leading \r and \n characters in banner_receive() + o Enables secure memory zeroing with all build tools on all platforms + o No longer logs SSH_MSG_REQUEST_FAILURE packets from keepalive + o Speed up base64 encoding by 7x + o Assert if there is an attempt to write a value that is too large + o WinCNG: fix memory leak in _libssh2_dh_secret() + o Added protection against possible null pointer dereferences + o Agent now handles overly large comment lengths + o Now ensure KEX replies don't include extra bytes + o Fixed possible buffer overflow when receiving SSH_MSG_USERAUTH_BANNER + o Fixed possible buffer overflow in keyboard interactive code path + o Fixed overlapping memcpy() + o Fixed Windows UWP builds + o Fixed DLL import name + o Renamed local RANDOM_PADDING macro to avoid unexpected define on Windows + o Support for building with gcc versions older than 8 + o Improvements to CMake, Makefile, NMakefile, GNUmakefile, autoreconf files + o Restores ANSI C89 compliance + o Enabled new compiler warnings and fixed/silenced them + o Improved error messages + o Now uses CIFuzz + o Numerous minor code improvements + o Improvements to CI builds + o Improvements to unit tests + o Improvements to doc files + o Improvements to example files + o Removed "old gex" build option + o Removed no-encryption/no-mac builds + o Removed support for NetWare and Watcom wmake build files This release would not have looked like this without help, code, reports and advice from friends like these: - katzer, Orgad Shaneh, mark-i-m, Zenju, axjowa, Thilo Schulz, - Etienne Samson, hlefebvre, seba30, Panos, jethrogb, Fabrice Fontaine, - Will Cosgrove, Daniel Stenberg, Michael Buckley, Wallace Souza Silva, - Romain-Geissler-1A, meierha, Tseng Jun, Thomas Klausner, Brendan Shanks, - Harry Sintonen, monnerat, Koutheir Attouchi, Marc Hörsken, yann-morin-1998, - Wez Furlong, TDi-jonesds, David Benjamin, Max Dymond, Igor Klevanets, - Viktor Szakats, Laurent Stacul, Mstrodl, Gabriel Smith, MarcT512, - Paul Capron, teottin, Tor Erik Ottinsen, Brian Inglis - - (40 contributors) + Viktor Szakats, Dan Fandrich, Will Cosgrove, Daniel Stenberg, Michael Buckley, + Zenju, Miguel de Icaza, Nick Woodruff, Keith Dart, Anders Borum, + Jörgen Sigvardsson, vajdaakos, Gustavo Junior Alves, Marc Hörsken, iruis, + Nishit Majithia, Stefan Eissing, metab0t, Y. Yang, skundu07, Mike Harris, + Gabriel Smith, Leo Liu, Miguel de Icaza, Sandeep Bansal, Harry Sintonen, + xalopp, tihmstar, Sunil Nimmagadda diff --git a/libssh2/acinclude.m4 b/libssh2/acinclude.m4 index 2066f0ec9..1d7121e71 100644 --- a/libssh2/acinclude.m4 +++ b/libssh2/acinclude.m4 @@ -1,3 +1,145 @@ +dnl CURL_CPP_P +dnl +dnl Check if $cpp -P should be used for extract define values due to gcc 5 +dnl splitting up strings and defines between line outputs. gcc by default +dnl (without -P) will show TEST EINVAL TEST as +dnl +dnl # 13 "conftest.c" +dnl TEST +dnl # 13 "conftest.c" 3 4 +dnl 22 +dnl # 13 "conftest.c" +dnl TEST + +AC_DEFUN([CURL_CPP_P], [ + AC_MSG_CHECKING([if cpp -P is needed]) + AC_EGREP_CPP([TEST.*TEST], [ + #include +TEST EINVAL TEST + ], [cpp=no], [cpp=yes]) + AC_MSG_RESULT([$cpp]) + + dnl we need cpp -P so check if it works then + if test "x$cpp" = "xyes"; then + AC_MSG_CHECKING([if cpp -P works]) + OLDCPPFLAGS=$CPPFLAGS + CPPFLAGS="$CPPFLAGS -P" + AC_EGREP_CPP([TEST.*TEST], [ + #include +TEST EINVAL TEST + ], [cpp_p=yes], [cpp_p=no]) + AC_MSG_RESULT([$cpp_p]) + + if test "x$cpp_p" = "xno"; then + AC_MSG_WARN([failed to figure out cpp -P alternative]) + # without -P + CPPPFLAG="" + else + # with -P + CPPPFLAG="-P" + fi + dnl restore CPPFLAGS + CPPFLAGS=$OLDCPPFLAGS + else + # without -P + CPPPFLAG="" + fi +]) + +dnl CURL_CHECK_DEF (SYMBOL, [INCLUDES], [SILENT]) +dnl ------------------------------------------------- +dnl Use the C preprocessor to find out if the given object-style symbol +dnl is defined and get its expansion. This macro will not use default +dnl includes even if no INCLUDES argument is given. This macro will run +dnl silently when invoked with three arguments. If the expansion would +dnl result in a set of double-quoted strings the returned expansion will +dnl actually be a single double-quoted string concatenating all them. + +AC_DEFUN([CURL_CHECK_DEF], [ + AC_REQUIRE([CURL_CPP_P])dnl + OLDCPPFLAGS=$CPPFLAGS + # CPPPFLAG comes from CURL_CPP_P + CPPFLAGS="$CPPFLAGS $CPPPFLAG" + AS_VAR_PUSHDEF([ac_HaveDef], [curl_cv_have_def_$1])dnl + AS_VAR_PUSHDEF([ac_Def], [curl_cv_def_$1])dnl + if test -z "$SED"; then + AC_MSG_ERROR([SED not set. Cannot continue without SED being set.]) + fi + if test -z "$GREP"; then + AC_MSG_ERROR([GREP not set. Cannot continue without GREP being set.]) + fi + ifelse($3,,[AC_MSG_CHECKING([for preprocessor definition of $1])]) + tmp_exp="" + AC_PREPROC_IFELSE([ + AC_LANG_SOURCE( +ifelse($2,,,[$2])[[ +#ifdef $1 +CURL_DEF_TOKEN $1 +#endif + ]]) + ],[ + tmp_exp=`eval "$ac_cpp conftest.$ac_ext" 2>/dev/null | \ + "$GREP" CURL_DEF_TOKEN 2>/dev/null | \ + "$SED" 's/.*CURL_DEF_TOKEN[[ ]][[ ]]*//' 2>/dev/null | \ + "$SED" 's/[["]][[ ]]*[["]]//g' 2>/dev/null` + if test -z "$tmp_exp" || test "$tmp_exp" = "$1"; then + tmp_exp="" + fi + ]) + if test -z "$tmp_exp"; then + AS_VAR_SET(ac_HaveDef, no) + ifelse($3,,[AC_MSG_RESULT([no])]) + else + AS_VAR_SET(ac_HaveDef, yes) + AS_VAR_SET(ac_Def, $tmp_exp) + ifelse($3,,[AC_MSG_RESULT([$tmp_exp])]) + fi + AS_VAR_POPDEF([ac_Def])dnl + AS_VAR_POPDEF([ac_HaveDef])dnl + CPPFLAGS=$OLDCPPFLAGS +]) + +dnl CURL_CHECK_COMPILER_CLANG +dnl ------------------------------------------------- +dnl Verify if compiler being used is clang. + +AC_DEFUN([CURL_CHECK_COMPILER_CLANG], [ + AC_BEFORE([$0],[CURL_CHECK_COMPILER_GNU_C])dnl + AC_MSG_CHECKING([if compiler is clang]) + CURL_CHECK_DEF([__clang__], [], [silent]) + if test "$curl_cv_have_def___clang__" = "yes"; then + AC_MSG_RESULT([yes]) + AC_MSG_CHECKING([if compiler is xlclang]) + CURL_CHECK_DEF([__ibmxl__], [], [silent]) + if test "$curl_cv_have_def___ibmxl__" = "yes" ; then + dnl IBM's almost-compatible clang version + AC_MSG_RESULT([yes]) + compiler_id="XLCLANG" + else + AC_MSG_RESULT([no]) + compiler_id="CLANG" + fi + fullclangver=`$CC -v 2>&1 | grep version` + clangver=`echo $fullclangver | grep "based on LLVM " | "$SED" 's/.*(based on LLVM \(@<:@0-9@:>@*\.@<:@0-9@:>@*\).*)/\1/'` + if test -z "$clangver"; then + if echo $fullclangver | grep "Apple LLVM version " >/dev/null; then + dnl Starting with Xcode 7 / clang 3.7, Apple clang won't tell its upstream version + clangver="3.7" + else + clangver=`echo $fullclangver | "$SED" 's/.*version \(@<:@0-9@:>@*\.@<:@0-9@:>@*\).*/\1/'` + fi + fi + clangvhi=`echo $clangver | cut -d . -f1` + clangvlo=`echo $clangver | cut -d . -f2` + compiler_num=`(expr $clangvhi "*" 100 + $clangvlo) 2>/dev/null` + flags_dbg_yes="-g" + flags_opt_all="-O -O0 -O1 -O2 -Os -O3 -O4" + flags_opt_yes="-O2" + flags_opt_off="-O0" + else + AC_MSG_RESULT([no]) + fi +]) dnl ********************************************************************** dnl CURL_DETECT_ICC ([ACTION-IF-YES]) @@ -28,23 +170,136 @@ AC_DEFUN([CURL_DETECT_ICC], ]) dnl We create a function for detecting which compiler we use and then set as -dnl pendantic compiler options as possible for that particular compiler. The +dnl pedantic compiler options as possible for that particular compiler. The dnl options are only used for debug-builds. AC_DEFUN([CURL_CC_DEBUG_OPTS], [ + if test "z$CLANG" = "z"; then + CURL_CHECK_COMPILER_CLANG + if test "z$compiler_id" = "zCLANG"; then + CLANG="yes" + else + CLANG="no" + fi + fi if test "z$ICC" = "z"; then CURL_DETECT_ICC fi - if test "$GCC" = "yes"; then + if test "$CLANG" = "yes"; then + + dnl figure out clang version! + AC_MSG_CHECKING([clang version]) + fullclangver=`$CC -v 2>&1 | grep version` + clangver=`echo $fullclangver | grep "based on LLVM " | "$SED" 's/.*(based on LLVM \(@<:@0-9@:>@*\.@<:@0-9@:>@*\).*)/\1/'` + if test -z "$clangver"; then + if echo $fullclangver | grep "Apple LLVM version " >/dev/null; then + dnl Starting with Xcode 7 / clang 3.7, Apple clang won't tell its upstream version + clangver="3.7" + else + clangver=`echo $fullclangver | "$SED" 's/.*version \(@<:@0-9@:>@*\.@<:@0-9@:>@*\).*/\1/'` + fi + fi + clangvhi=`echo $clangver | cut -d . -f1` + clangvlo=`echo $clangver | cut -d . -f2` + compiler_num=`(expr $clangvhi "*" 100 + $clangvlo) 2>/dev/null` + AC_MSG_RESULT($compiler_num) + + WARN="-pedantic" + CURL_ADD_COMPILER_WARNINGS([WARN], [all extra]) + CURL_ADD_COMPILER_WARNINGS([WARN], [pointer-arith write-strings]) + CURL_ADD_COMPILER_WARNINGS([WARN], [shadow]) + CURL_ADD_COMPILER_WARNINGS([WARN], [inline nested-externs]) + CURL_ADD_COMPILER_WARNINGS([WARN], [missing-declarations]) + CURL_ADD_COMPILER_WARNINGS([WARN], [missing-prototypes]) + WARN="$WARN -Wno-long-long" + CURL_ADD_COMPILER_WARNINGS([WARN], [float-equal]) + CURL_ADD_COMPILER_WARNINGS([WARN], [no-multichar sign-compare]) + CURL_ADD_COMPILER_WARNINGS([WARN], [undef]) + WARN="$WARN -Wno-format-nonliteral" + CURL_ADD_COMPILER_WARNINGS([WARN], [endif-labels strict-prototypes]) + CURL_ADD_COMPILER_WARNINGS([WARN], [declaration-after-statement]) + CURL_ADD_COMPILER_WARNINGS([WARN], [cast-align]) + WARN="$WARN -Wno-system-headers" + CURL_ADD_COMPILER_WARNINGS([WARN], [shorten-64-to-32]) + # + dnl Only clang 1.1 or later + if test "$compiler_num" -ge "101"; then + CURL_ADD_COMPILER_WARNINGS([WARN], [unused]) + fi + # + dnl Only clang 2.8 or later + if test "$compiler_num" -ge "208"; then + CURL_ADD_COMPILER_WARNINGS([WARN], [vla]) + fi + # + dnl Only clang 2.9 or later + if test "$compiler_num" -ge "209"; then + CURL_ADD_COMPILER_WARNINGS([WARN], [shift-sign-overflow]) + fi + # + dnl Only clang 3.0 or later (possibly earlier) + if test "$compiler_num" -ge "300"; then + CURL_ADD_COMPILER_WARNINGS([WARN], [bad-function-cast]) + CURL_ADD_COMPILER_WARNINGS([WARN], [conversion]) + CURL_ADD_COMPILER_WARNINGS([WARN], [empty-body]) + CURL_ADD_COMPILER_WARNINGS([WARN], [ignored-qualifiers]) + CURL_ADD_COMPILER_WARNINGS([WARN], [type-limits]) + CURL_ADD_COMPILER_WARNINGS([WARN], [no-sign-conversion]) + fi + # + dnl Only clang 3.2 or later + if test "$compiler_num" -ge "302"; then + CURL_ADD_COMPILER_WARNINGS([WARN], [enum-conversion]) + case $host_os in + cygwin* | mingw*) + dnl skip missing-variable-declarations warnings for cygwin and + dnl mingw because the libtool wrapper executable causes them + ;; + *) + CURL_ADD_COMPILER_WARNINGS([WARN], [missing-variable-declarations]) + ;; + esac + fi + # + dnl Only clang 3.4 or later + if test "$compiler_num" -ge "304"; then + CURL_ADD_COMPILER_WARNINGS([WARN], [unused-const-variable]) + fi + # + dnl Only clang 3.6 or later + if test "$compiler_num" -ge "306"; then + CURL_ADD_COMPILER_WARNINGS([WARN], [double-promotion]) + fi + # + dnl Only clang 3.9 or later + if test "$compiler_num" -ge "309"; then + CURL_ADD_COMPILER_WARNINGS([WARN], [comma]) + # avoid the varargs warning, fixed in 4.0 + # https://bugs.llvm.org/show_bug.cgi?id=29140 + if test "$compiler_num" -lt "400"; then + WARN="$WARN -Wno-varargs" + fi + fi + dnl clang 7 or later + if test "$compiler_num" -ge "700"; then + CURL_ADD_COMPILER_WARNINGS([WARN], [assign-enum]) + CURL_ADD_COMPILER_WARNINGS([WARN], [extra-semi-stmt]) + fi + + CFLAGS="$CFLAGS $WARN" + + AC_MSG_NOTICE([Added this set of compiler options: $WARN]) + + elif test "$GCC" = "yes"; then dnl figure out gcc version! AC_MSG_CHECKING([gcc version]) gccver=`$CC -dumpversion` num1=`echo $gccver | cut -d . -f1` num2=`echo $gccver | cut -d . -f2` - gccnum=`(expr $num1 "*" 100 + $num2) 2>/dev/null` + compiler_num=`(expr $num1 "*" 100 + $num2) 2>/dev/null` AC_MSG_RESULT($gccver) if test "$ICC" = "yes"; then @@ -61,7 +316,7 @@ AC_DEFUN([CURL_CC_DEBUG_OPTS], WARN="-wd279,269,981,1418,1419" - if test "$gccnum" -gt "600"; then + if test "$compiler_num" -gt "600"; then dnl icc 6.0 and older doesn't have the -Wall flag WARN="-Wall $WARN" fi @@ -69,26 +324,24 @@ AC_DEFUN([CURL_CC_DEBUG_OPTS], dnl this is a set of options we believe *ALL* gcc versions support: WARN="-W -Wall -Wwrite-strings -pedantic -Wpointer-arith -Wnested-externs -Winline -Wmissing-prototypes" - dnl -Wcast-align is a bit too annoying on all gcc versions ;-) - - if test "$gccnum" -ge "207"; then + if test "$compiler_num" -ge "207"; then dnl gcc 2.7 or later WARN="$WARN -Wmissing-declarations" fi - if test "$gccnum" -gt "295"; then + if test "$compiler_num" -gt "295"; then dnl only if the compiler is newer than 2.95 since we got lots of dnl "`_POSIX_C_SOURCE' is not defined" in system headers with dnl gcc 2.95.4 on FreeBSD 4.9! - WARN="$WARN -Wundef -Wno-long-long -Wsign-compare" + WARN="$WARN -Wbad-function-cast -Wundef -Wno-long-long -Wno-multichar -Wshadow -Wsign-compare -Wunused" fi - if test "$gccnum" -ge "296"; then + if test "$compiler_num" -ge "296"; then dnl gcc 2.96 or later WARN="$WARN -Wfloat-equal" fi - if test "$gccnum" -gt "296"; then + if test "$compiler_num" -gt "296"; then dnl this option does not exist in 2.96 WARN="$WARN -Wno-format-nonliteral" fi @@ -98,16 +351,93 @@ AC_DEFUN([CURL_CC_DEBUG_OPTS], dnl Also, on gcc 4.0.X it is totally unbearable and complains all dnl over making it unusable for generic purposes. Let's not use it. - if test "$gccnum" -ge "303"; then + if test "$compiler_num" -ge "303"; then dnl gcc 3.3 and later WARN="$WARN -Wendif-labels -Wstrict-prototypes" fi - if test "$gccnum" -ge "304"; then + if test "$compiler_num" -ge "304"; then # try these on gcc 3.4 WARN="$WARN -Wdeclaration-after-statement" fi + dnl Only gcc 4.0 or later + if test "$compiler_num" -ge "400"; then + WARN="$WARN -Wstrict-aliasing=3" + fi + # + dnl Only gcc 4.1 or later (possibly earlier) + if test "$compiler_num" -ge "401"; then + CURL_ADD_COMPILER_WARNINGS([WARN], [no-system-headers]) + fi + # + dnl Only gcc 4.2 or later + if test "$compiler_num" -ge "402"; then + CURL_ADD_COMPILER_WARNINGS([WARN], [cast-align]) + fi + # + dnl Only gcc 4.3 or later + if test "$compiler_num" -ge "403"; then + CURL_ADD_COMPILER_WARNINGS([WARN], [type-limits old-style-declaration]) + CURL_ADD_COMPILER_WARNINGS([WARN], [missing-parameter-type empty-body]) + CURL_ADD_COMPILER_WARNINGS([WARN], [ignored-qualifiers]) + CURL_ADD_COMPILER_WARNINGS([WARN], [conversion]) + WARN="$WARN -Wno-sign-conversion" + CURL_ADD_COMPILER_WARNINGS([WARN], [vla]) + dnl required for -Warray-bounds, included in -Wall + WARN="$WARN -ftree-vrp" + fi + # + dnl Only gcc 4.5 or later + if test "$compiler_num" -ge "405"; then + dnl Only windows targets + case $host_os in + mingw*) + WARN="$WARN -Wno-pedantic-ms-format" + ;; + esac + fi + # + dnl Only gcc 4.6 or later + if test "$compiler_num" -ge "406"; then + CURL_ADD_COMPILER_WARNINGS([WARN], [double-promotion]) + fi + # + dnl only gcc 4.8 or later + if test "$compiler_num" -ge "408"; then + WARN="$WARN -Wformat=2" + fi + # + dnl Only gcc 5 or later + if test "$compiler_num" -ge "500"; then + WARN="$WARN -Warray-bounds=2" + fi + # + dnl Only gcc 6 or later + if test "$compiler_num" -ge "600"; then + CURL_ADD_COMPILER_WARNINGS([WARN], [shift-negative-value]) + WARN="$WARN -Wshift-overflow=2" + CURL_ADD_COMPILER_WARNINGS([WARN], [null-dereference]) + WARN="$WARN -fdelete-null-pointer-checks" + CURL_ADD_COMPILER_WARNINGS([WARN], [duplicated-cond]) + CURL_ADD_COMPILER_WARNINGS([WARN], [unused-const-variable]) + fi + # + dnl Only gcc 7 or later + if test "$compiler_num" -ge "700"; then + CURL_ADD_COMPILER_WARNINGS([WARN], [duplicated-branches]) + CURL_ADD_COMPILER_WARNINGS([WARN], [restrict]) + CURL_ADD_COMPILER_WARNINGS([WARN], [alloc-zero]) + WARN="$WARN -Wformat-overflow=2" + WARN="$WARN -Wformat-truncation=1" + fi + # + dnl Only gcc 10 or later + if test "$compiler_num" -ge "1000"; then + CURL_ADD_COMPILER_WARNINGS([WARN], [arith-conversion]) + CURL_ADD_COMPILER_WARNINGS([WARN], [enum-conversion]) + fi + for flag in $CPPFLAGS; do case "$flag" in -I*) @@ -148,6 +478,67 @@ AC_DEFUN([CURL_CC_DEBUG_OPTS], ]) dnl end of AC_DEFUN() +dnl CURL_ADD_COMPILER_WARNINGS (WARNING-LIST, NEW-WARNINGS) +dnl ------------------------------------------------------- +dnl Contents of variable WARNING-LIST and NEW-WARNINGS are +dnl handled as whitespace separated lists of words. +dnl Add each compiler warning from NEW-WARNINGS that has not +dnl been disabled via CFLAGS to WARNING-LIST. + +AC_DEFUN([CURL_ADD_COMPILER_WARNINGS], [ + AC_REQUIRE([CURL_SHFUNC_SQUEEZE])dnl + ac_var_added_warnings="" + for warning in [$2]; do + CURL_VAR_MATCH(CFLAGS, [-Wno-$warning -W$warning]) + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + dnl squeeze whitespace out of result + [$1]="$[$1] $ac_var_added_warnings" + squeeze [$1] +]) + +dnl CURL_SHFUNC_SQUEEZE +dnl ------------------------------------------------- +dnl Declares a shell function squeeze() which removes +dnl redundant whitespace out of a shell variable. + +AC_DEFUN([CURL_SHFUNC_SQUEEZE], [ +squeeze() { + _sqz_result="" + eval _sqz_input=\[$][$]1 + for _sqz_token in $_sqz_input; do + if test -z "$_sqz_result"; then + _sqz_result="$_sqz_token" + else + _sqz_result="$_sqz_result $_sqz_token" + fi + done + eval [$]1=\$_sqz_result + return 0 +} +]) + +dnl CURL_VAR_MATCH (VARNAME, VALUE) +dnl ------------------------------------------------- +dnl Verifies if shell variable VARNAME contains VALUE. +dnl Contents of variable VARNAME and VALUE are handled +dnl as whitespace separated lists of words. If at least +dnl one word of VALUE is present in VARNAME the match +dnl is considered positive, otherwise false. + +AC_DEFUN([CURL_VAR_MATCH], [ + ac_var_match_word="no" + for word1 in $[$1]; do + for word2 in [$2]; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done +]) + dnl CURL_CHECK_NONBLOCKING_SOCKET dnl ------------------------------------------------- dnl Check for how to set a socket to non-blocking state. There seems to exist @@ -163,12 +554,12 @@ AC_DEFUN([CURL_CHECK_NONBLOCKING_SOCKET], [ AC_MSG_CHECKING([non-blocking sockets style]) - AC_TRY_COMPILE([ + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ /* headers for O_NONBLOCK test */ #include #include #include -],[ +]], [[ /* try to compile O_NONBLOCK */ #if defined(sun) || defined(__sun__) || defined(__SUNPRO_C) || defined(__SUNPRO_CC) @@ -187,22 +578,22 @@ AC_DEFUN([CURL_CHECK_NONBLOCKING_SOCKET], #endif int socket; int flags = fcntl(socket, F_SETFL, flags | O_NONBLOCK); -],[ +]])],[ dnl the O_NONBLOCK test was fine nonblock="O_NONBLOCK" AC_DEFINE(HAVE_O_NONBLOCK, 1, [use O_NONBLOCK for non-blocking sockets]) ],[ dnl the code was bad, try a different program now, test 2 - AC_TRY_COMPILE([ + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ /* headers for FIONBIO test */ #include #include -],[ +]], [[ /* FIONBIO source test (old-style unix) */ int socket; int flags = ioctl(socket, FIONBIO, &flags); -],[ +]])],[ dnl FIONBIO test was good nonblock="FIONBIO" AC_DEFINE(HAVE_FIONBIO, 1, [use FIONBIO for non-blocking sockets]) @@ -210,67 +601,34 @@ AC_DEFINE(HAVE_FIONBIO, 1, [use FIONBIO for non-blocking sockets]) dnl FIONBIO test was also bad dnl the code was bad, try a different program now, test 3 - AC_TRY_COMPILE([ -/* headers for ioctlsocket test (Windows) */ -#undef inline -#ifdef HAVE_WINDOWS_H -#ifndef WIN32_LEAN_AND_MEAN -#define WIN32_LEAN_AND_MEAN -#endif -#include -#ifdef HAVE_WINSOCK2_H -#include -#else -#ifdef HAVE_WINSOCK_H -#include -#endif -#endif -#endif -],[ -/* ioctlsocket source code */ - SOCKET sd; - unsigned long flags = 0; - sd = socket(0, 0, 0); - ioctlsocket(sd, FIONBIO, &flags); -],[ -dnl ioctlsocket test was good -nonblock="ioctlsocket" -AC_DEFINE(HAVE_IOCTLSOCKET, 1, [use ioctlsocket() for non-blocking sockets]) -],[ -dnl ioctlsocket didnt compile!, go to test 4 - - AC_TRY_LINK([ + AC_LINK_IFELSE([AC_LANG_PROGRAM([[ /* headers for IoctlSocket test (Amiga?) */ #include -],[ +]], [[ /* IoctlSocket source code */ int socket; int flags = IoctlSocket(socket, FIONBIO, (long)1); -],[ +]])],[ dnl ioctlsocket test was good nonblock="IoctlSocket" AC_DEFINE(HAVE_IOCTLSOCKET_CASE, 1, [use Ioctlsocket() for non-blocking sockets]) ],[ -dnl Ioctlsocket didnt compile, do test 5! - AC_TRY_COMPILE([ +dnl Ioctlsocket did not compile, do test 4! + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ /* headers for SO_NONBLOCK test (BeOS) */ #include -],[ +]], [[ /* SO_NONBLOCK source code */ long b = 1; int socket; int flags = setsockopt(socket, SOL_SOCKET, SO_NONBLOCK, &b, sizeof(b)); -],[ +]])],[ dnl the SO_NONBLOCK test was good nonblock="SO_NONBLOCK" AC_DEFINE(HAVE_SO_NONBLOCK, 1, [use SO_NONBLOCK for non-blocking sockets]) ],[ -dnl test 5 didnt compile! +dnl test 4 did not compile! nonblock="nada" -AC_DEFINE(HAVE_DISABLED_NONBLOCKING, 1, [disabled non-blocking sockets]) -]) -dnl end of fifth test - ]) dnl end of forth test @@ -419,15 +777,21 @@ m4_case([$1], LIBSSH2_LIB_HAVE_LINKFLAGS([ssl], [crypto], [#include ], [ AC_DEFINE(LIBSSH2_OPENSSL, 1, [Use $1]) LIBSREQUIRED="$LIBSREQUIRED${LIBSREQUIRED:+ }libssl libcrypto" - - # Not all OpenSSL have AES-CTR functions. - libssh2_save_LIBS="$LIBS" - LIBS="$LIBS $LIBSSL" - AC_CHECK_FUNCS(EVP_aes_128_ctr) - LIBS="$libssh2_save_LIBS" - found_crypto="$1" - found_crypto_str="OpenSSL (AES-CTR: ${ac_cv_func_EVP_aes_128_ctr:-N/A})" + found_crypto_str="OpenSSL" + ]) +], + +[wolfssl], [ + if test "${with_libwolfssl_prefix+set}" = set; then + CPPFLAGS="$CPPFLAGS${CPPFLAGS:+ }-I${with_libwolfssl_prefix}/include/wolfssl" + else + AC_MSG_ERROR([When using wolfSSL, must specify prefix with --with-libwolfssl-prefix in order to find OpenSSL compatibility headers.]) + fi + LIBSSH2_LIB_HAVE_LINKFLAGS([wolfssl], [], [#include ], [ + AC_DEFINE(LIBSSH2_WOLFSSL, 1, [Use $1]) + LIBSREQUIRED="$LIBSREQUIRED${LIBSREQUIRED:+ }libwolfssl" + found_crypto="$1" ]) ], @@ -443,20 +807,15 @@ m4_case([$1], AC_DEFINE(LIBSSH2_MBEDTLS, 1, [Use $1]) LIBS="$LIBS -lmbedcrypto" found_crypto="$1" - support_clear_memory=yes ]) ], [wincng], [ # Look for Windows Cryptography API: Next Generation - AC_CHECK_HEADERS([ntdef.h ntstatus.h], [], [], [#include ]) - AC_CHECK_DECLS([SecureZeroMemory], [], [], [#include ]) + LIBS="$LIBS -lcrypt32" - LIBSSH2_LIB_HAVE_LINKFLAGS([crypt32], [], [ - #include - #include - ]) + # Check necessary for old-MinGW LIBSSH2_LIB_HAVE_LINKFLAGS([bcrypt], [], [ #include #include @@ -464,7 +823,6 @@ m4_case([$1], AC_DEFINE(LIBSSH2_WINCNG, 1, [Use $1]) found_crypto="$1" found_crypto_str="Windows Cryptography API: Next Generation" - support_clear_memory="$ac_cv_have_decl_SecureZeroMemory" ]) ], ) @@ -486,8 +844,8 @@ AC_DEFUN([LIBSSH2_CHECK_OPTION_WERROR], [ AC_MSG_CHECKING([whether to enable compiler warnings as errors]) OPT_COMPILER_WERROR="default" AC_ARG_ENABLE(werror, -AC_HELP_STRING([--enable-werror],[Enable compiler warnings as errors]) -AC_HELP_STRING([--disable-werror],[Disable compiler warnings as errors]), +AS_HELP_STRING([--enable-werror],[Enable compiler warnings as errors]) +AS_HELP_STRING([--disable-werror],[Disable compiler warnings as errors]), OPT_COMPILER_WERROR=$enableval) case "$OPT_COMPILER_WERROR" in no) @@ -509,4 +867,3 @@ AC_HELP_STRING([--disable-werror],[Disable compiler warnings as errors]), CFLAGS="$CFLAGS -Werror" fi ]) - diff --git a/libssh2/aclocal.m4 b/libssh2/aclocal.m4 index fc56a693e..a5f826bab 100644 --- a/libssh2/aclocal.m4 +++ b/libssh2/aclocal.m4 @@ -1,4 +1,4 @@ -# generated automatically by aclocal 1.16.4 -*- Autoconf -*- +# generated automatically by aclocal 1.16.5 -*- Autoconf -*- # Copyright (C) 1996-2021 Free Software Foundation, Inc. @@ -35,7 +35,7 @@ AC_DEFUN([AM_AUTOMAKE_VERSION], [am__api_version='1.16' dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to dnl require some minimum version. Point them to the right macro. -m4_if([$1], [1.16.4], [], +m4_if([$1], [1.16.5], [], [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl ]) @@ -51,7 +51,7 @@ m4_define([_AM_AUTOCONF_VERSION], []) # Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced. # This function is AC_REQUIREd by AM_INIT_AUTOMAKE. AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION], -[AM_AUTOMAKE_VERSION([1.16.4])dnl +[AM_AUTOMAKE_VERSION([1.16.5])dnl m4_ifndef([AC_AUTOCONF_VERSION], [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl _AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))]) @@ -428,6 +428,10 @@ m4_defn([AC_PROG_CC]) # release and drop the old call support. AC_DEFUN([AM_INIT_AUTOMAKE], [AC_PREREQ([2.65])dnl +m4_ifdef([_$0_ALREADY_INIT], + [m4_fatal([$0 expanded multiple times +]m4_defn([_$0_ALREADY_INIT]))], + [m4_define([_$0_ALREADY_INIT], m4_expansion_stack)])dnl dnl Autoconf wants to disallow AM_ names. We explicitly allow dnl the ones we care about. m4_pattern_allow([^AM_[A-Z]+FLAGS$])dnl diff --git a/libssh2/buildconf b/libssh2/buildconf new file mode 100755 index 000000000..1649f37bd --- /dev/null +++ b/libssh2/buildconf @@ -0,0 +1,8 @@ +#!/bin/sh + +echo "***" >&2 +echo "*** Do not use buildconf. Instead, use: autoreconf -fi" >&2 +echo "*** Doing it for you now, but buildconf may disappear in the future." >&2 +echo "***" >&2 + +exec ${AUTORECONF:-autoreconf} -fi "${@}" diff --git a/libssh2/cmake/CheckFunctionExistsMayNeedLibrary.cmake b/libssh2/cmake/CheckFunctionExistsMayNeedLibrary.cmake index 8ac61abe5..2de0a70e3 100644 --- a/libssh2/cmake/CheckFunctionExistsMayNeedLibrary.cmake +++ b/libssh2/cmake/CheckFunctionExistsMayNeedLibrary.cmake @@ -69,13 +69,13 @@ function(check_function_exists_may_need_library function variable) # new test check_library_exists(${lib} ${function} "" HAVE_${function}_IN_${lib}) if(HAVE_${function}_IN_${lib}) - set(${variable} 1 CACHE INTERNAL - "Function ${function} found in library ${lib}") - set(NEED_LIB_${UP_LIB} 1 CACHE INTERNAL - "Need to link ${lib}") - break() + set(${variable} 1 CACHE INTERNAL + "Function ${function} found in library ${lib}") + set(NEED_LIB_${UP_LIB} 1 CACHE INTERNAL + "Need to link ${lib}") + break() endif() endforeach() endif() -endfunction() \ No newline at end of file +endfunction() diff --git a/libssh2/cmake/CheckNonblockingSocketSupport.cmake b/libssh2/cmake/CheckNonblockingSocketSupport.cmake index 74f4776a6..4af73a29a 100644 --- a/libssh2/cmake/CheckNonblockingSocketSupport.cmake +++ b/libssh2/cmake/CheckNonblockingSocketSupport.cmake @@ -11,10 +11,8 @@ include(CheckCSourceCompiles) # method (if any): # HAVE_O_NONBLOCK # HAVE_FIONBIO -# HAVE_IOCTLSOCKET # HAVE_IOCTLSOCKET_CASE # HAVE_SO_NONBLOCK -# HAVE_DISABLED_NONBLOCKING # # The following variables may be set before calling this macro to # modify the way the check is run: @@ -47,73 +45,49 @@ macro(check_nonblocking_socket_support) #error \"O_NONBLOCK does not work on this platform\" #endif -int main() +int main(void) { - int socket; - int flags = fcntl(socket, F_SETFL, flags | O_NONBLOCK); + int socket = 0; + (void)fcntl(socket, F_SETFL, O_NONBLOCK); }" - HAVE_O_NONBLOCK) + HAVE_O_NONBLOCK) if(NOT HAVE_O_NONBLOCK) check_c_source_compiles("/* FIONBIO test (old-style unix) */ #include #include -int main() +int main(void) { - int socket; - int flags = ioctl(socket, FIONBIO, &flags); + int socket = 0; + int flags = 0; + (void)ioctl(socket, FIONBIO, &flags); }" - HAVE_FIONBIO) + HAVE_FIONBIO) if(NOT HAVE_FIONBIO) - check_c_source_compiles("/* ioctlsocket test (Windows) */ -#undef inline -#ifndef WIN32_LEAN_AND_MEAN -#define WIN32_LEAN_AND_MEAN -#endif - -#include -#include - -int main() -{ - SOCKET sd; - unsigned long flags = 0; - sd = socket(0, 0, 0); - ioctlsocket(sd, FIONBIO, &flags); -}" - HAVE_IOCTLSOCKET) - - if(NOT HAVE_IOCTLSOCKET) - check_c_source_compiles("/* IoctlSocket test (Amiga?) */ + check_c_source_compiles("/* IoctlSocket test (Amiga?) */ #include -int main() +int main(void) { - int socket; - int flags = IoctlSocket(socket, FIONBIO, (long)1); + int socket = 0; + (void)IoctlSocket(socket, FIONBIO, (long)1); }" HAVE_IOCTLSOCKET_CASE) - if(NOT HAVE_IOCTLSOCKET_CASE) - check_c_source_compiles("/* SO_NONBLOCK test (BeOS) */ + if(NOT HAVE_IOCTLSOCKET_CASE) + check_c_source_compiles("/* SO_NONBLOCK test (BeOS) */ #include -int main() +int main(void) { long b = 1; - int socket; - int flags = setsockopt(socket, SOL_SOCKET, SO_NONBLOCK, &b, sizeof(b)); + int socket = 0; + (void)setsockopt(socket, SOL_SOCKET, SO_NONBLOCK, &b, sizeof(b)); }" HAVE_SO_NONBLOCK) - - if(NOT HAVE_SO_NONBLOCK) - # No non-blocking socket method found - set(HAVE_DISABLED_NONBLOCKING 1) - endif() - endif() endif() endif() endif() -endmacro() \ No newline at end of file +endmacro() diff --git a/libssh2/cmake/FindLibgcrypt.cmake b/libssh2/cmake/FindLibgcrypt.cmake index 44a79873d..4de3888d1 100644 --- a/libssh2/cmake/FindLibgcrypt.cmake +++ b/libssh2/cmake/FindLibgcrypt.cmake @@ -50,4 +50,4 @@ include(FindPackageHandleStandardArgs) find_package_handle_standard_args(Libgcrypt DEFAULT_MSG LIBGCRYPT_LIBRARY LIBGCRYPT_INCLUDE_DIR) -mark_as_advanced(LIBGCRYPT_INCLUDE_DIR LIBGCRYPT_LIBRARY) \ No newline at end of file +mark_as_advanced(LIBGCRYPT_INCLUDE_DIR LIBGCRYPT_LIBRARY) diff --git a/libssh2/cmake/FindmbedTLS.cmake b/libssh2/cmake/FindmbedTLS.cmake index 2f4adbc51..906dcccbf 100644 --- a/libssh2/cmake/FindmbedTLS.cmake +++ b/libssh2/cmake/FindmbedTLS.cmake @@ -10,55 +10,53 @@ # MBEDX509_LIBRARY - path to mbedTLS X.509 library # MBEDCRYPTO_LIBRARY - path to mbedTLS Crypto library -FIND_PATH(MBEDTLS_INCLUDE_DIR mbedtls/version.h) +find_path(MBEDTLS_INCLUDE_DIR mbedtls/version.h) -IF(MBEDTLS_INCLUDE_DIR AND MBEDTLS_LIBRARIES) - # Already in cache, be silent - SET(MBEDTLS_FIND_QUIETLY TRUE) -ENDIF() +if(MBEDTLS_INCLUDE_DIR AND MBEDTLS_LIBRARIES) + # Already in cache, be silent + set(MBEDTLS_FIND_QUIETLY TRUE) +endif() -FIND_LIBRARY(MBEDTLS_LIBRARY NAMES mbedtls libmbedtls libmbedx509) -FIND_LIBRARY(MBEDX509_LIBRARY NAMES mbedx509 libmbedx509) -FIND_LIBRARY(MBEDCRYPTO_LIBRARY NAMES mbedcrypto libmbedcrypto) +find_library(MBEDTLS_LIBRARY NAMES mbedtls libmbedtls libmbedx509) +find_library(MBEDX509_LIBRARY NAMES mbedx509 libmbedx509) +find_library(MBEDCRYPTO_LIBRARY NAMES mbedcrypto libmbedcrypto) -IF(MBEDTLS_INCLUDE_DIR AND MBEDTLS_LIBRARY AND MBEDX509_LIBRARY AND MBEDCRYPTO_LIBRARY) - SET(MBEDTLS_FOUND TRUE) -ENDIF() +if(MBEDTLS_INCLUDE_DIR AND MBEDTLS_LIBRARY AND MBEDX509_LIBRARY AND MBEDCRYPTO_LIBRARY) + set(MBEDTLS_FOUND TRUE) +endif() -IF(MBEDTLS_FOUND) - # split mbedTLS into -L and -l linker options, so we can set them for pkg-config - GET_FILENAME_COMPONENT(MBEDTLS_LIBRARY_DIR ${MBEDTLS_LIBRARY} PATH) - GET_FILENAME_COMPONENT(MBEDTLS_LIBRARY_FILE ${MBEDTLS_LIBRARY} NAME_WE) - GET_FILENAME_COMPONENT(MBEDX509_LIBRARY_FILE ${MBEDX509_LIBRARY} NAME_WE) - GET_FILENAME_COMPONENT(MBEDCRYPTO_LIBRARY_FILE ${MBEDCRYPTO_LIBRARY} NAME_WE) - STRING(REGEX REPLACE "^lib" "" MBEDTLS_LIBRARY_FILE ${MBEDTLS_LIBRARY_FILE}) - STRING(REGEX REPLACE "^lib" "" MBEDX509_LIBRARY_FILE ${MBEDX509_LIBRARY_FILE}) - STRING(REGEX REPLACE "^lib" "" MBEDCRYPTO_LIBRARY_FILE ${MBEDCRYPTO_LIBRARY_FILE}) - SET(MBEDTLS_LIBRARIES "-L${MBEDTLS_LIBRARY_DIR} -l${MBEDTLS_LIBRARY_FILE} -l${MBEDX509_LIBRARY_FILE} -l${MBEDCRYPTO_LIBRARY_FILE}") +if(MBEDTLS_FOUND) + # split mbedTLS into -L and -l linker options, so we can set them for pkg-config + get_filename_component(MBEDTLS_LIBRARY_DIR ${MBEDTLS_LIBRARY} PATH) + get_filename_component(MBEDTLS_LIBRARY_FILE ${MBEDTLS_LIBRARY} NAME_WE) + get_filename_component(MBEDX509_LIBRARY_FILE ${MBEDX509_LIBRARY} NAME_WE) + get_filename_component(MBEDCRYPTO_LIBRARY_FILE ${MBEDCRYPTO_LIBRARY} NAME_WE) + string(REGEX REPLACE "^lib" "" MBEDTLS_LIBRARY_FILE ${MBEDTLS_LIBRARY_FILE}) + string(REGEX REPLACE "^lib" "" MBEDX509_LIBRARY_FILE ${MBEDX509_LIBRARY_FILE}) + string(REGEX REPLACE "^lib" "" MBEDCRYPTO_LIBRARY_FILE ${MBEDCRYPTO_LIBRARY_FILE}) + set(MBEDTLS_LIBRARIES "-L${MBEDTLS_LIBRARY_DIR} -l${MBEDTLS_LIBRARY_FILE} -l${MBEDX509_LIBRARY_FILE} -l${MBEDCRYPTO_LIBRARY_FILE}") - IF(NOT MBEDTLS_FIND_QUIETLY) - MESSAGE(STATUS "Found mbedTLS:") - FILE(READ ${MBEDTLS_INCLUDE_DIR}/mbedtls/version.h MBEDTLSCONTENT) - STRING(REGEX MATCH "MBEDTLS_VERSION_STRING +\"[0-9|.]+\"" MBEDTLSMATCH ${MBEDTLSCONTENT}) - IF (MBEDTLSMATCH) - STRING(REGEX REPLACE "MBEDTLS_VERSION_STRING +\"([0-9|.]+)\"" "\\1" MBEDTLS_VERSION ${MBEDTLSMATCH}) - MESSAGE(STATUS " version ${MBEDTLS_VERSION}") - ENDIF(MBEDTLSMATCH) - MESSAGE(STATUS " TLS: ${MBEDTLS_LIBRARY}") - MESSAGE(STATUS " X509: ${MBEDX509_LIBRARY}") - MESSAGE(STATUS " Crypto: ${MBEDCRYPTO_LIBRARY}") - ENDIF(NOT MBEDTLS_FIND_QUIETLY) -ELSE(MBEDTLS_FOUND) - IF(MBEDTLS_FIND_REQUIRED) - MESSAGE(FATAL_ERROR "Could not find mbedTLS") - ENDIF(MBEDTLS_FIND_REQUIRED) -ENDIF(MBEDTLS_FOUND) + if(NOT MBEDTLS_FIND_QUIETLY) + message(STATUS "Found mbedTLS:") + file(READ ${MBEDTLS_INCLUDE_DIR}/mbedtls/version.h MBEDTLSCONTENT) + string(REGEX MATCH "MBEDTLS_VERSION_STRING +\"[0-9|.]+\"" MBEDTLSMATCH ${MBEDTLSCONTENT}) + if(MBEDTLSMATCH) + string(REGEX REPLACE "MBEDTLS_VERSION_STRING +\"([0-9|.]+)\"" "\\1" MBEDTLS_VERSION ${MBEDTLSMATCH}) + message(STATUS " version ${MBEDTLS_VERSION}") + endif() + message(STATUS " TLS: ${MBEDTLS_LIBRARY}") + message(STATUS " X509: ${MBEDX509_LIBRARY}") + message(STATUS " Crypto: ${MBEDCRYPTO_LIBRARY}") + endif() +elseif(MBEDTLS_FIND_REQUIRED) + message(FATAL_ERROR "Could not find mbedTLS") +endif() -MARK_AS_ADVANCED( - MBEDTLS_INCLUDE_DIR - MBEDTLS_LIBRARY_DIR - MBEDTLS_LIBRARIES - MBEDTLS_LIBRARY - MBEDX509_LIBRARY - MBEDCRYPTO_LIBRARY +mark_as_advanced( + MBEDTLS_INCLUDE_DIR + MBEDTLS_LIBRARY_DIR + MBEDTLS_LIBRARIES + MBEDTLS_LIBRARY + MBEDX509_LIBRARY + MBEDCRYPTO_LIBRARY ) diff --git a/libssh2/cmake/Findwolfssl.cmake b/libssh2/cmake/Findwolfssl.cmake new file mode 100644 index 000000000..47e1bbad3 --- /dev/null +++ b/libssh2/cmake/Findwolfssl.cmake @@ -0,0 +1,41 @@ +# - Try to find wolfssl +# Once done this will define +# WOLFSSL_FOUND - System has wolfssl +# WOLFSSL_INCLUDE_DIR - The wolfssl include directories +# WOLFSSL_LIBRARIES - The libraries needed to use wolfssl + +find_package(PkgConfig QUIET) +pkg_check_modules(PC_WOLFSSL QUIET wolfssl) + +find_path(WOLFSSL_INCLUDE_DIR + NAMES wolfssl/ssl.h + HINTS ${PC_WOLFSSL_INCLUDE_DIRS} +) +find_library(WOLFSSL_LIBRARY + NAMES wolfssl + HINTS ${PC_WOLFSSL_LIBRARY_DIRS} +) + +if(WOLFSSL_INCLUDE_DIR) + set(_version_regex "^#define[ \t]+LIBWOLFSSL_VERSION_STRING[ \t]+\"([^\"]+)\".*") + file(STRINGS "${WOLFSSL_INCLUDE_DIR}/wolfssl/version.h" + WOLFSSL_VERSION REGEX "${_version_regex}") + string(REGEX REPLACE "${_version_regex}" "\\1" + WOLFSSL_VERSION "${WOLFSSL_VERSION}") + unset(_version_regex) +endif() + +include(FindPackageHandleStandardArgs) +# handle the QUIETLY and REQUIRED arguments and set WOLFSSL_FOUND +# to TRUE if all listed variables are TRUE and the requested version +# matches. +find_package_handle_standard_args(wolfssl REQUIRED_VARS + WOLFSSL_LIBRARY WOLFSSL_INCLUDE_DIR + VERSION_VAR WOLFSSL_VERSION) + +if(WOLFSSL_FOUND) + set(WOLFSSL_LIBRARIES ${WOLFSSL_LIBRARY}) + set(WOLFSSL_INCLUDE_DIRS ${WOLFSSL_INCLUDE_DIR}) +endif() + +mark_as_advanced(WOLFSSL_INCLUDE_DIR WOLFSSL_LIBRARY) diff --git a/libssh2/cmake/max_warnings.cmake b/libssh2/cmake/max_warnings.cmake index b176d302d..1d4fe3497 100644 --- a/libssh2/cmake/max_warnings.cmake +++ b/libssh2/cmake/max_warnings.cmake @@ -1,23 +1,211 @@ -if(MSVC) - # Use the highest warning level for visual studio. - if(CMAKE_CXX_FLAGS MATCHES "/W[0-4]") - string(REGEX REPLACE "/W[0-4]" "/W4" CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS}") - else() - set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} /W4") - endif() - if(CMAKE_C_FLAGS MATCHES "/W[0-4]") - string(REGEX REPLACE "/W[0-4]" "/W4" CMAKE_C_FLAGS "${CMAKE_C_FLAGS}") - else() - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W4") - endif() +# Copyright (c) 2023 Viktor Szakats + +include(CheckCCompilerFlag) + +option(ENABLE_WERROR "Turn compiler warnings into errors" OFF) +option(PICKY_COMPILER "Enable picky compiler options" ON) + +if(ENABLE_WERROR) + if(MSVC) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX") + set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} /WX") + else() # llvm/clang and gcc style options + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Werror") + set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Werror") + endif() +endif() + +if(MSVC) + # Use the highest warning level for Visual Studio. + if(PICKY_COMPILER) + if(CMAKE_CXX_FLAGS MATCHES "[/-]W[0-4]") + string(REGEX REPLACE "[/-]W[0-4]" "/W4" CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS}") + else() + set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} /W4") + endif() + if(CMAKE_C_FLAGS MATCHES "[/-]W[0-4]") + string(REGEX REPLACE "[/-]W[0-4]" "/W4" CMAKE_C_FLAGS "${CMAKE_C_FLAGS}") + else() + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W4") + endif() + endif() +elseif(CMAKE_COMPILER_IS_GNUCC OR CMAKE_COMPILER_IS_GNUCXX OR CMAKE_C_COMPILER_ID MATCHES "Clang") + + # https://clang.llvm.org/docs/DiagnosticsReference.html + # https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html - # Disable broken warnings - add_definitions(-D_CRT_SECURE_NO_WARNINGS -D_CRT_NONSTDC_NO_DEPRECATE) -elseif(CMAKE_COMPILER_IS_GNUCC OR CMAKE_COMPILER_IS_GNUCXX) if(NOT CMAKE_CXX_FLAGS MATCHES "-Wall") set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wall") endif() if(NOT CMAKE_C_FLAGS MATCHES "-Wall") set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall") endif() + + if(PICKY_COMPILER) + + # WPICKY_ENABLE = Options we want to enable as-is. + # WPICKY_DETECT = Options we want to test first and enable if available. + + # Prefer the -Wextra alias with clang. + if(CMAKE_C_COMPILER_ID MATCHES "Clang") + set(WPICKY_ENABLE "-Wextra") + else() + set(WPICKY_ENABLE "-W") + endif() + + list(APPEND WPICKY_ENABLE + -pedantic + ) + + # ---------------------------------- + # Add new options here, if in doubt: + # ---------------------------------- + set(WPICKY_DETECT + ) + + # Assume these options always exist with both clang and gcc. + # Require clang 3.0 / gcc 2.95 or later. + list(APPEND WPICKY_ENABLE + -Wbad-function-cast # clang 3.0 gcc 2.95 + -Wconversion # clang 3.0 gcc 2.95 + -Winline # clang 1.0 gcc 1.0 + -Wmissing-declarations # clang 1.0 gcc 2.7 + -Wmissing-prototypes # clang 1.0 gcc 1.0 + -Wnested-externs # clang 1.0 gcc 2.7 + -Wno-long-long # clang 1.0 gcc 2.95 + -Wno-multichar # clang 1.0 gcc 2.95 + -Wpointer-arith # clang 1.0 gcc 1.4 + -Wshadow # clang 1.0 gcc 2.95 + -Wsign-compare # clang 1.0 gcc 2.95 + -Wundef # clang 1.0 gcc 2.95 + -Wunused # clang 1.1 gcc 2.95 + -Wwrite-strings # clang 1.0 gcc 1.4 + ) + + # Always enable with clang, version dependent with gcc + set(WPICKY_COMMON_OLD + -Wcast-align # clang 1.0 gcc 4.2 + -Wdeclaration-after-statement # clang 1.0 gcc 3.4 + -Wempty-body # clang 3.0 gcc 4.3 + -Wendif-labels # clang 1.0 gcc 3.3 + -Wfloat-equal # clang 1.0 gcc 2.96 (3.0) + -Wignored-qualifiers # clang 3.0 gcc 4.3 + -Wno-format-nonliteral # clang 1.0 gcc 2.96 (3.0) + -Wno-sign-conversion # clang 3.0 gcc 4.3 + -Wno-system-headers # clang 1.0 gcc 3.0 + -Wstrict-prototypes # clang 1.0 gcc 3.3 + -Wtype-limits # clang 3.0 gcc 4.3 + -Wvla # clang 2.8 gcc 4.3 + ) + + set(WPICKY_COMMON + -Wdouble-promotion # clang 3.6 gcc 4.6 appleclang 6.3 + -Wenum-conversion # clang 3.2 gcc 10.0 appleclang 4.6 g++ 11.0 + -Wunused-const-variable # clang 3.4 gcc 6.0 appleclang 5.1 + ) + + if(CMAKE_C_COMPILER_ID MATCHES "Clang") + list(APPEND WPICKY_ENABLE + ${WPICKY_COMMON_OLD} + -Wshift-sign-overflow # clang 2.9 + -Wshorten-64-to-32 # clang 1.0 + ) + # Enable based on compiler version + if((CMAKE_C_COMPILER_ID STREQUAL "Clang" AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 3.6) OR + (CMAKE_C_COMPILER_ID STREQUAL "AppleClang" AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 6.3)) + list(APPEND WPICKY_ENABLE + ${WPICKY_COMMON} + ) + endif() + if((CMAKE_C_COMPILER_ID STREQUAL "Clang" AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 3.9) OR + (CMAKE_C_COMPILER_ID STREQUAL "AppleClang" AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 8.3)) + list(APPEND WPICKY_ENABLE + -Wcomma # clang 3.9 appleclang 8.3 + -Wmissing-variable-declarations # clang 3.2 appleclang 4.6 + ) + endif() + if((CMAKE_C_COMPILER_ID STREQUAL "Clang" AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 7.0) OR + (CMAKE_C_COMPILER_ID STREQUAL "AppleClang" AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 10.3)) + list(APPEND WPICKY_ENABLE + -Wassign-enum # clang 7.0 appleclang 10.3 + -Wextra-semi-stmt # clang 7.0 appleclang 10.3 + ) + endif() + else() # gcc + list(APPEND WPICKY_DETECT + ${WPICKY_COMMON} + ) + # Enable based on compiler version + if(NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 4.3) + list(APPEND WPICKY_ENABLE + ${WPICKY_COMMON_OLD} + -Wmissing-parameter-type # gcc 4.3 + -Wold-style-declaration # gcc 4.3 + -Wstrict-aliasing=3 # gcc 4.0 + ) + endif() + if(NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 4.5 AND MINGW) + list(APPEND WPICKY_ENABLE + -Wno-pedantic-ms-format # gcc 4.5 (mingw-only) + ) + endif() + if(NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 4.8) + list(APPEND WPICKY_ENABLE + -Wformat=2 # clang 3.0 gcc 4.8 (clang part-default, enabling it fully causes -Wformat-nonliteral warnings) + ) + endif() + if(NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 5.0) + list(APPEND WPICKY_ENABLE + -Warray-bounds=2 -ftree-vrp # clang 3.0 gcc 5.0 (clang default: -Warray-bounds) + ) + endif() + if(NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 6.0) + list(APPEND WPICKY_ENABLE + -Wduplicated-cond # gcc 6.0 + -Wnull-dereference # clang 3.0 gcc 6.0 (clang default) + -fdelete-null-pointer-checks + -Wshift-negative-value # clang 3.7 gcc 6.0 (clang default) + -Wshift-overflow=2 # clang 3.0 gcc 6.0 (clang default: -Wshift-overflow) + ) + endif() + if(NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 7.0) + list(APPEND WPICKY_ENABLE + -Walloc-zero # gcc 7.0 + -Wduplicated-branches # gcc 7.0 + -Wformat-overflow=2 # gcc 7.0 + -Wformat-truncation=1 # gcc 7.0 + -Wrestrict # gcc 7.0 + ) + endif() + if(NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 10.0) + list(APPEND WPICKY_ENABLE + -Warith-conversion # gcc 10.0 + ) + endif() + endif() + + # + + unset(WPICKY) + + foreach(_CCOPT ${WPICKY_ENABLE}) + set(WPICKY "${WPICKY} ${_CCOPT}") + endforeach() + + foreach(_CCOPT ${WPICKY_DETECT}) + # surprisingly, CHECK_C_COMPILER_FLAG needs a new variable to store each new + # test result in. + string(MAKE_C_IDENTIFIER "OPT${_CCOPT}" _optvarname) + # GCC only warns about unknown -Wno- options if there are also other diagnostic messages, + # so test for the positive form instead + string(REPLACE "-Wno-" "-W" _CCOPT_ON "${_CCOPT}") + check_c_compiler_flag(${_CCOPT_ON} ${_optvarname}) + if(${_optvarname}) + set(WPICKY "${WPICKY} ${_CCOPT}") + endif() + endforeach() + + message(STATUS "Picky compiler options:${WPICKY}") + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${WPICKY}") + endif() endif() diff --git a/libssh2/compile b/libssh2/compile index 23fcba011..df363c8fb 100755 --- a/libssh2/compile +++ b/libssh2/compile @@ -3,7 +3,7 @@ scriptversion=2018-03-07.03; # UTC -# Copyright (C) 1999-2020 Free Software Foundation, Inc. +# Copyright (C) 1999-2021 Free Software Foundation, Inc. # Written by Tom Tromey . # # This program is free software; you can redistribute it and/or modify diff --git a/libssh2/config.guess b/libssh2/config.guess index f50dcdb6d..7f76b6228 100755 --- a/libssh2/config.guess +++ b/libssh2/config.guess @@ -1,12 +1,14 @@ #! /bin/sh # Attempt to guess a canonical system name. -# Copyright 1992-2018 Free Software Foundation, Inc. +# Copyright 1992-2022 Free Software Foundation, Inc. -timestamp='2018-02-24' +# shellcheck disable=SC2006,SC2268 # see below for rationale + +timestamp='2022-01-09' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 3 of the License, or +# the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, but @@ -27,11 +29,19 @@ timestamp='2018-02-24' # Originally written by Per Bothner; maintained since 2000 by Ben Elliston. # # You can get the latest version of this script from: -# https://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess +# https://git.savannah.gnu.org/cgit/config.git/plain/config.guess # # Please send patches to . +# The "shellcheck disable" line above the timestamp inhibits complaints +# about features and limitations of the classic Bourne shell that were +# superseded or lifted in POSIX. However, this script identifies a wide +# variety of pre-POSIX systems that do not have POSIX shells at all, and +# even some reasonably current systems (Solaris 10 as case-in-point) still +# have a pre-POSIX /bin/sh. + + me=`echo "$0" | sed -e 's,.*/,,'` usage="\ @@ -50,7 +60,7 @@ version="\ GNU config.guess ($timestamp) Originally written by Per Bothner. -Copyright 1992-2018 Free Software Foundation, Inc. +Copyright 1992-2022 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." @@ -84,7 +94,8 @@ if test $# != 0; then exit 1 fi -trap 'exit 1' 1 2 15 +# Just in case it came from the environment. +GUESS= # CC_FOR_BUILD -- compiler used by this script. Note that the use of a # compiler to aid in system detection is discouraged as it requires @@ -96,73 +107,90 @@ trap 'exit 1' 1 2 15 # Portable tmp directory creation inspired by the Autoconf team. -set_cc_for_build=' -trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null) && exit \$exitcode" 0 ; -trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 13 15 ; -: ${TMPDIR=/tmp} ; - { tmp=`(umask 077 && mktemp -d "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } || - { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir $tmp) ; } || - { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: creating insecure temp directory" >&2 ; } || - { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } ; -dummy=$tmp/dummy ; -tmpfiles="$dummy.c $dummy.o $dummy.rel $dummy" ; -case $CC_FOR_BUILD,$HOST_CC,$CC in - ,,) echo "int x;" > "$dummy.c" ; - for c in cc gcc c89 c99 ; do - if ($c -c -o "$dummy.o" "$dummy.c") >/dev/null 2>&1 ; then - CC_FOR_BUILD="$c"; break ; - fi ; - done ; - if test x"$CC_FOR_BUILD" = x ; then - CC_FOR_BUILD=no_compiler_found ; - fi - ;; - ,,*) CC_FOR_BUILD=$CC ;; - ,*,*) CC_FOR_BUILD=$HOST_CC ;; -esac ; set_cc_for_build= ;' +tmp= +# shellcheck disable=SC2172 +trap 'test -z "$tmp" || rm -fr "$tmp"' 0 1 2 13 15 + +set_cc_for_build() { + # prevent multiple calls if $tmp is already set + test "$tmp" && return 0 + : "${TMPDIR=/tmp}" + # shellcheck disable=SC2039,SC3028 + { tmp=`(umask 077 && mktemp -d "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } || + { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir "$tmp" 2>/dev/null) ; } || + { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir "$tmp" 2>/dev/null) && echo "Warning: creating insecure temp directory" >&2 ; } || + { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } + dummy=$tmp/dummy + case ${CC_FOR_BUILD-},${HOST_CC-},${CC-} in + ,,) echo "int x;" > "$dummy.c" + for driver in cc gcc c89 c99 ; do + if ($driver -c -o "$dummy.o" "$dummy.c") >/dev/null 2>&1 ; then + CC_FOR_BUILD=$driver + break + fi + done + if test x"$CC_FOR_BUILD" = x ; then + CC_FOR_BUILD=no_compiler_found + fi + ;; + ,,*) CC_FOR_BUILD=$CC ;; + ,*,*) CC_FOR_BUILD=$HOST_CC ;; + esac +} # This is needed to find uname on a Pyramid OSx when run in the BSD universe. # (ghazi@noc.rutgers.edu 1994-08-24) -if (test -f /.attbin/uname) >/dev/null 2>&1 ; then +if test -f /.attbin/uname ; then PATH=$PATH:/.attbin ; export PATH fi UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown -UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown +UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown -case "$UNAME_SYSTEM" in +case $UNAME_SYSTEM in Linux|GNU|GNU/*) - # If the system lacks a compiler, then just pick glibc. - # We could probably try harder. - LIBC=gnu + LIBC=unknown - eval "$set_cc_for_build" + set_cc_for_build cat <<-EOF > "$dummy.c" #include #if defined(__UCLIBC__) LIBC=uclibc #elif defined(__dietlibc__) LIBC=dietlibc - #else + #elif defined(__GLIBC__) LIBC=gnu + #else + #include + /* First heuristic to detect musl libc. */ + #ifdef __DEFINED_va_list + LIBC=musl + #endif #endif EOF - eval "`$CC_FOR_BUILD -E "$dummy.c" 2>/dev/null | grep '^LIBC' | sed 's, ,,g'`" + cc_set_libc=`$CC_FOR_BUILD -E "$dummy.c" 2>/dev/null | grep '^LIBC' | sed 's, ,,g'` + eval "$cc_set_libc" - # If ldd exists, use it to detect musl libc. - if command -v ldd >/dev/null && \ - ldd --version 2>&1 | grep -q ^musl - then - LIBC=musl + # Second heuristic to detect musl libc. + if [ "$LIBC" = unknown ] && + command -v ldd >/dev/null && + ldd --version 2>&1 | grep -q ^musl; then + LIBC=musl + fi + + # If the system lacks a compiler, then just pick glibc. + # We could probably try harder. + if [ "$LIBC" = unknown ]; then + LIBC=gnu fi ;; esac # Note: order is significant - the case branches are not exclusive. -case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in +case $UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION in *:NetBSD:*:*) # NetBSD (nbsd) targets should (where applicable) match one or # more of the tuples: *-*-netbsdelf*, *-*-netbsdaout*, @@ -174,12 +202,12 @@ case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in # # Note: NetBSD doesn't particularly care about the vendor # portion of the name. We always set it to "unknown". - sysctl="sysctl -n hw.machine_arch" UNAME_MACHINE_ARCH=`(uname -p 2>/dev/null || \ - "/sbin/$sysctl" 2>/dev/null || \ - "/usr/sbin/$sysctl" 2>/dev/null || \ + /sbin/sysctl -n hw.machine_arch 2>/dev/null || \ + /usr/sbin/sysctl -n hw.machine_arch 2>/dev/null || \ echo unknown)` - case "$UNAME_MACHINE_ARCH" in + case $UNAME_MACHINE_ARCH in + aarch64eb) machine=aarch64_be-unknown ;; armeb) machine=armeb-unknown ;; arm*) machine=arm-unknown ;; sh3el) machine=shl-unknown ;; @@ -188,18 +216,18 @@ case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in earmv*) arch=`echo "$UNAME_MACHINE_ARCH" | sed -e 's,^e\(armv[0-9]\).*$,\1,'` endian=`echo "$UNAME_MACHINE_ARCH" | sed -ne 's,^.*\(eb\)$,\1,p'` - machine="${arch}${endian}"-unknown + machine=${arch}${endian}-unknown ;; - *) machine="$UNAME_MACHINE_ARCH"-unknown ;; + *) machine=$UNAME_MACHINE_ARCH-unknown ;; esac # The Operating System including object format, if it has switched # to ELF recently (or will in the future) and ABI. - case "$UNAME_MACHINE_ARCH" in + case $UNAME_MACHINE_ARCH in earm*) os=netbsdelf ;; arm*|i386|m68k|ns32k|sh3*|sparc|vax) - eval "$set_cc_for_build" + set_cc_for_build if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \ | grep -q __ELF__ then @@ -215,7 +243,7 @@ case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in ;; esac # Determine ABI tags. - case "$UNAME_MACHINE_ARCH" in + case $UNAME_MACHINE_ARCH in earm*) expr='s/^earmv[0-9]/-eabi/;s/eb$//' abi=`echo "$UNAME_MACHINE_ARCH" | sed -e "$expr"` @@ -226,7 +254,7 @@ case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in # thus, need a distinct triplet. However, they do not need # kernel version information, so it can be replaced with a # suitable tag, in the style of linux-gnu. - case "$UNAME_VERSION" in + case $UNAME_VERSION in Debian*) release='-gnu' ;; @@ -237,45 +265,57 @@ case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in # Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM: # contains redundant information, the shorter form: # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. - echo "$machine-${os}${release}${abi}" - exit ;; + GUESS=$machine-${os}${release}${abi-} + ;; *:Bitrig:*:*) UNAME_MACHINE_ARCH=`arch | sed 's/Bitrig.//'` - echo "$UNAME_MACHINE_ARCH"-unknown-bitrig"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE_ARCH-unknown-bitrig$UNAME_RELEASE + ;; *:OpenBSD:*:*) UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'` - echo "$UNAME_MACHINE_ARCH"-unknown-openbsd"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE_ARCH-unknown-openbsd$UNAME_RELEASE + ;; + *:SecBSD:*:*) + UNAME_MACHINE_ARCH=`arch | sed 's/SecBSD.//'` + GUESS=$UNAME_MACHINE_ARCH-unknown-secbsd$UNAME_RELEASE + ;; *:LibertyBSD:*:*) UNAME_MACHINE_ARCH=`arch | sed 's/^.*BSD\.//'` - echo "$UNAME_MACHINE_ARCH"-unknown-libertybsd"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE_ARCH-unknown-libertybsd$UNAME_RELEASE + ;; *:MidnightBSD:*:*) - echo "$UNAME_MACHINE"-unknown-midnightbsd"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE-unknown-midnightbsd$UNAME_RELEASE + ;; *:ekkoBSD:*:*) - echo "$UNAME_MACHINE"-unknown-ekkobsd"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE-unknown-ekkobsd$UNAME_RELEASE + ;; *:SolidBSD:*:*) - echo "$UNAME_MACHINE"-unknown-solidbsd"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE-unknown-solidbsd$UNAME_RELEASE + ;; + *:OS108:*:*) + GUESS=$UNAME_MACHINE-unknown-os108_$UNAME_RELEASE + ;; macppc:MirBSD:*:*) - echo powerpc-unknown-mirbsd"$UNAME_RELEASE" - exit ;; + GUESS=powerpc-unknown-mirbsd$UNAME_RELEASE + ;; *:MirBSD:*:*) - echo "$UNAME_MACHINE"-unknown-mirbsd"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE-unknown-mirbsd$UNAME_RELEASE + ;; *:Sortix:*:*) - echo "$UNAME_MACHINE"-unknown-sortix - exit ;; + GUESS=$UNAME_MACHINE-unknown-sortix + ;; + *:Twizzler:*:*) + GUESS=$UNAME_MACHINE-unknown-twizzler + ;; *:Redox:*:*) - echo "$UNAME_MACHINE"-unknown-redox - exit ;; + GUESS=$UNAME_MACHINE-unknown-redox + ;; mips:OSF1:*.*) - echo mips-dec-osf1 - exit ;; + GUESS=mips-dec-osf1 + ;; alpha:OSF1:*:*) + # Reset EXIT trap before exiting to avoid spurious non-zero exit code. + trap '' 0 case $UNAME_RELEASE in *4.0) UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'` @@ -289,7 +329,7 @@ case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in # covers most systems running today. This code pipes the CPU # types through head -n 1, so we only detect the type of CPU 0. ALPHA_CPU_TYPE=`/usr/sbin/psrinfo -v | sed -n -e 's/^ The alpha \(.*\) processor.*$/\1/p' | head -n 1` - case "$ALPHA_CPU_TYPE" in + case $ALPHA_CPU_TYPE in "EV4 (21064)") UNAME_MACHINE=alpha ;; "EV4.5 (21064)") @@ -326,117 +366,121 @@ case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in # A Tn.n version is a released field test version. # A Xn.n version is an unreleased experimental baselevel. # 1.2 uses "1.2" for uname -r. - echo "$UNAME_MACHINE"-dec-osf"`echo "$UNAME_RELEASE" | sed -e 's/^[PVTX]//' | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz`" - # Reset EXIT trap before exiting to avoid spurious non-zero exit code. - exitcode=$? - trap '' 0 - exit $exitcode ;; + OSF_REL=`echo "$UNAME_RELEASE" | sed -e 's/^[PVTX]//' | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz` + GUESS=$UNAME_MACHINE-dec-osf$OSF_REL + ;; Amiga*:UNIX_System_V:4.0:*) - echo m68k-unknown-sysv4 - exit ;; + GUESS=m68k-unknown-sysv4 + ;; *:[Aa]miga[Oo][Ss]:*:*) - echo "$UNAME_MACHINE"-unknown-amigaos - exit ;; + GUESS=$UNAME_MACHINE-unknown-amigaos + ;; *:[Mm]orph[Oo][Ss]:*:*) - echo "$UNAME_MACHINE"-unknown-morphos - exit ;; + GUESS=$UNAME_MACHINE-unknown-morphos + ;; *:OS/390:*:*) - echo i370-ibm-openedition - exit ;; + GUESS=i370-ibm-openedition + ;; *:z/VM:*:*) - echo s390-ibm-zvmoe - exit ;; + GUESS=s390-ibm-zvmoe + ;; *:OS400:*:*) - echo powerpc-ibm-os400 - exit ;; + GUESS=powerpc-ibm-os400 + ;; arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) - echo arm-acorn-riscix"$UNAME_RELEASE" - exit ;; + GUESS=arm-acorn-riscix$UNAME_RELEASE + ;; arm*:riscos:*:*|arm*:RISCOS:*:*) - echo arm-unknown-riscos - exit ;; + GUESS=arm-unknown-riscos + ;; SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*) - echo hppa1.1-hitachi-hiuxmpp - exit ;; + GUESS=hppa1.1-hitachi-hiuxmpp + ;; Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*) # akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE. - if test "`(/bin/universe) 2>/dev/null`" = att ; then - echo pyramid-pyramid-sysv3 - else - echo pyramid-pyramid-bsd - fi - exit ;; + case `(/bin/universe) 2>/dev/null` in + att) GUESS=pyramid-pyramid-sysv3 ;; + *) GUESS=pyramid-pyramid-bsd ;; + esac + ;; NILE*:*:*:dcosx) - echo pyramid-pyramid-svr4 - exit ;; + GUESS=pyramid-pyramid-svr4 + ;; DRS?6000:unix:4.0:6*) - echo sparc-icl-nx6 - exit ;; + GUESS=sparc-icl-nx6 + ;; DRS?6000:UNIX_SV:4.2*:7* | DRS?6000:isis:4.2*:7*) case `/usr/bin/uname -p` in - sparc) echo sparc-icl-nx7; exit ;; - esac ;; + sparc) GUESS=sparc-icl-nx7 ;; + esac + ;; s390x:SunOS:*:*) - echo "$UNAME_MACHINE"-ibm-solaris2"`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'`" - exit ;; + SUN_REL=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'` + GUESS=$UNAME_MACHINE-ibm-solaris2$SUN_REL + ;; sun4H:SunOS:5.*:*) - echo sparc-hal-solaris2"`echo "$UNAME_RELEASE"|sed -e 's/[^.]*//'`" - exit ;; + SUN_REL=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'` + GUESS=sparc-hal-solaris2$SUN_REL + ;; sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*) - echo sparc-sun-solaris2"`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'`" - exit ;; + SUN_REL=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'` + GUESS=sparc-sun-solaris2$SUN_REL + ;; i86pc:AuroraUX:5.*:* | i86xen:AuroraUX:5.*:*) - echo i386-pc-auroraux"$UNAME_RELEASE" - exit ;; + GUESS=i386-pc-auroraux$UNAME_RELEASE + ;; i86pc:SunOS:5.*:* | i86xen:SunOS:5.*:*) - eval "$set_cc_for_build" + set_cc_for_build SUN_ARCH=i386 # If there is a compiler, see if it is configured for 64-bit objects. # Note that the Sun cc does not turn __LP64__ into 1 like gcc does. # This test works for both compilers. - if [ "$CC_FOR_BUILD" != no_compiler_found ]; then + if test "$CC_FOR_BUILD" != no_compiler_found; then if (echo '#ifdef __amd64'; echo IS_64BIT_ARCH; echo '#endif') | \ - (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ + (CCOPTS="" $CC_FOR_BUILD -m64 -E - 2>/dev/null) | \ grep IS_64BIT_ARCH >/dev/null then SUN_ARCH=x86_64 fi fi - echo "$SUN_ARCH"-pc-solaris2"`echo "$UNAME_RELEASE"|sed -e 's/[^.]*//'`" - exit ;; + SUN_REL=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'` + GUESS=$SUN_ARCH-pc-solaris2$SUN_REL + ;; sun4*:SunOS:6*:*) # According to config.sub, this is the proper way to canonicalize # SunOS6. Hard to guess exactly what SunOS6 will be like, but # it's likely to be more like Solaris than SunOS4. - echo sparc-sun-solaris3"`echo "$UNAME_RELEASE"|sed -e 's/[^.]*//'`" - exit ;; + SUN_REL=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'` + GUESS=sparc-sun-solaris3$SUN_REL + ;; sun4*:SunOS:*:*) - case "`/usr/bin/arch -k`" in + case `/usr/bin/arch -k` in Series*|S4*) UNAME_RELEASE=`uname -v` ;; esac # Japanese Language versions have a version number like `4.1.3-JL'. - echo sparc-sun-sunos"`echo "$UNAME_RELEASE"|sed -e 's/-/_/'`" - exit ;; + SUN_REL=`echo "$UNAME_RELEASE" | sed -e 's/-/_/'` + GUESS=sparc-sun-sunos$SUN_REL + ;; sun3*:SunOS:*:*) - echo m68k-sun-sunos"$UNAME_RELEASE" - exit ;; + GUESS=m68k-sun-sunos$UNAME_RELEASE + ;; sun*:*:4.2BSD:*) UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null` test "x$UNAME_RELEASE" = x && UNAME_RELEASE=3 - case "`/bin/arch`" in + case `/bin/arch` in sun3) - echo m68k-sun-sunos"$UNAME_RELEASE" + GUESS=m68k-sun-sunos$UNAME_RELEASE ;; sun4) - echo sparc-sun-sunos"$UNAME_RELEASE" + GUESS=sparc-sun-sunos$UNAME_RELEASE ;; esac - exit ;; + ;; aushp:SunOS:*:*) - echo sparc-auspex-sunos"$UNAME_RELEASE" - exit ;; + GUESS=sparc-auspex-sunos$UNAME_RELEASE + ;; # The situation for MiNT is a little confusing. The machine name # can be virtually everything (everything which is not # "atarist" or "atariste" at least should have a processor @@ -446,43 +490,43 @@ case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in # MiNT. But MiNT is downward compatible to TOS, so this should # be no problem. atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) - echo m68k-atari-mint"$UNAME_RELEASE" - exit ;; + GUESS=m68k-atari-mint$UNAME_RELEASE + ;; atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) - echo m68k-atari-mint"$UNAME_RELEASE" - exit ;; + GUESS=m68k-atari-mint$UNAME_RELEASE + ;; *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) - echo m68k-atari-mint"$UNAME_RELEASE" - exit ;; + GUESS=m68k-atari-mint$UNAME_RELEASE + ;; milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) - echo m68k-milan-mint"$UNAME_RELEASE" - exit ;; + GUESS=m68k-milan-mint$UNAME_RELEASE + ;; hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) - echo m68k-hades-mint"$UNAME_RELEASE" - exit ;; + GUESS=m68k-hades-mint$UNAME_RELEASE + ;; *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) - echo m68k-unknown-mint"$UNAME_RELEASE" - exit ;; + GUESS=m68k-unknown-mint$UNAME_RELEASE + ;; m68k:machten:*:*) - echo m68k-apple-machten"$UNAME_RELEASE" - exit ;; + GUESS=m68k-apple-machten$UNAME_RELEASE + ;; powerpc:machten:*:*) - echo powerpc-apple-machten"$UNAME_RELEASE" - exit ;; + GUESS=powerpc-apple-machten$UNAME_RELEASE + ;; RISC*:Mach:*:*) - echo mips-dec-mach_bsd4.3 - exit ;; + GUESS=mips-dec-mach_bsd4.3 + ;; RISC*:ULTRIX:*:*) - echo mips-dec-ultrix"$UNAME_RELEASE" - exit ;; + GUESS=mips-dec-ultrix$UNAME_RELEASE + ;; VAX*:ULTRIX*:*:*) - echo vax-dec-ultrix"$UNAME_RELEASE" - exit ;; + GUESS=vax-dec-ultrix$UNAME_RELEASE + ;; 2020:CLIX:*:* | 2430:CLIX:*:*) - echo clipper-intergraph-clix"$UNAME_RELEASE" - exit ;; + GUESS=clipper-intergraph-clix$UNAME_RELEASE + ;; mips:*:*:UMIPS | mips:*:*:RISCos) - eval "$set_cc_for_build" + set_cc_for_build sed 's/^ //' << EOF > "$dummy.c" #ifdef __cplusplus #include /* for printf() prototype */ @@ -508,78 +552,79 @@ EOF dummyarg=`echo "$UNAME_RELEASE" | sed -n 's/\([0-9]*\).*/\1/p'` && SYSTEM_NAME=`"$dummy" "$dummyarg"` && { echo "$SYSTEM_NAME"; exit; } - echo mips-mips-riscos"$UNAME_RELEASE" - exit ;; + GUESS=mips-mips-riscos$UNAME_RELEASE + ;; Motorola:PowerMAX_OS:*:*) - echo powerpc-motorola-powermax - exit ;; + GUESS=powerpc-motorola-powermax + ;; Motorola:*:4.3:PL8-*) - echo powerpc-harris-powermax - exit ;; + GUESS=powerpc-harris-powermax + ;; Night_Hawk:*:*:PowerMAX_OS | Synergy:PowerMAX_OS:*:*) - echo powerpc-harris-powermax - exit ;; + GUESS=powerpc-harris-powermax + ;; Night_Hawk:Power_UNIX:*:*) - echo powerpc-harris-powerunix - exit ;; + GUESS=powerpc-harris-powerunix + ;; m88k:CX/UX:7*:*) - echo m88k-harris-cxux7 - exit ;; + GUESS=m88k-harris-cxux7 + ;; m88k:*:4*:R4*) - echo m88k-motorola-sysv4 - exit ;; + GUESS=m88k-motorola-sysv4 + ;; m88k:*:3*:R3*) - echo m88k-motorola-sysv3 - exit ;; + GUESS=m88k-motorola-sysv3 + ;; AViiON:dgux:*:*) # DG/UX returns AViiON for all architectures UNAME_PROCESSOR=`/usr/bin/uname -p` - if [ "$UNAME_PROCESSOR" = mc88100 ] || [ "$UNAME_PROCESSOR" = mc88110 ] + if test "$UNAME_PROCESSOR" = mc88100 || test "$UNAME_PROCESSOR" = mc88110 then - if [ "$TARGET_BINARY_INTERFACE"x = m88kdguxelfx ] || \ - [ "$TARGET_BINARY_INTERFACE"x = x ] + if test "$TARGET_BINARY_INTERFACE"x = m88kdguxelfx || \ + test "$TARGET_BINARY_INTERFACE"x = x then - echo m88k-dg-dgux"$UNAME_RELEASE" + GUESS=m88k-dg-dgux$UNAME_RELEASE else - echo m88k-dg-dguxbcs"$UNAME_RELEASE" + GUESS=m88k-dg-dguxbcs$UNAME_RELEASE fi else - echo i586-dg-dgux"$UNAME_RELEASE" + GUESS=i586-dg-dgux$UNAME_RELEASE fi - exit ;; + ;; M88*:DolphinOS:*:*) # DolphinOS (SVR3) - echo m88k-dolphin-sysv3 - exit ;; + GUESS=m88k-dolphin-sysv3 + ;; M88*:*:R3*:*) # Delta 88k system running SVR3 - echo m88k-motorola-sysv3 - exit ;; + GUESS=m88k-motorola-sysv3 + ;; XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3) - echo m88k-tektronix-sysv3 - exit ;; + GUESS=m88k-tektronix-sysv3 + ;; Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD) - echo m68k-tektronix-bsd - exit ;; + GUESS=m68k-tektronix-bsd + ;; *:IRIX*:*:*) - echo mips-sgi-irix"`echo "$UNAME_RELEASE"|sed -e 's/-/_/g'`" - exit ;; + IRIX_REL=`echo "$UNAME_RELEASE" | sed -e 's/-/_/g'` + GUESS=mips-sgi-irix$IRIX_REL + ;; ????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX. - echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id - exit ;; # Note that: echo "'`uname -s`'" gives 'AIX ' + GUESS=romp-ibm-aix # uname -m gives an 8 hex-code CPU id + ;; # Note that: echo "'`uname -s`'" gives 'AIX ' i*86:AIX:*:*) - echo i386-ibm-aix - exit ;; + GUESS=i386-ibm-aix + ;; ia64:AIX:*:*) - if [ -x /usr/bin/oslevel ] ; then + if test -x /usr/bin/oslevel ; then IBM_REV=`/usr/bin/oslevel` else - IBM_REV="$UNAME_VERSION.$UNAME_RELEASE" + IBM_REV=$UNAME_VERSION.$UNAME_RELEASE fi - echo "$UNAME_MACHINE"-ibm-aix"$IBM_REV" - exit ;; + GUESS=$UNAME_MACHINE-ibm-aix$IBM_REV + ;; *:AIX:2:3) if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then - eval "$set_cc_for_build" + set_cc_for_build sed 's/^ //' << EOF > "$dummy.c" #include @@ -593,16 +638,16 @@ EOF EOF if $CC_FOR_BUILD -o "$dummy" "$dummy.c" && SYSTEM_NAME=`"$dummy"` then - echo "$SYSTEM_NAME" + GUESS=$SYSTEM_NAME else - echo rs6000-ibm-aix3.2.5 + GUESS=rs6000-ibm-aix3.2.5 fi elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then - echo rs6000-ibm-aix3.2.4 + GUESS=rs6000-ibm-aix3.2.4 else - echo rs6000-ibm-aix3.2 + GUESS=rs6000-ibm-aix3.2 fi - exit ;; + ;; *:AIX:*:[4567]) IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'` if /usr/sbin/lsattr -El "$IBM_CPU_ID" | grep ' POWER' >/dev/null 2>&1; then @@ -610,57 +655,57 @@ EOF else IBM_ARCH=powerpc fi - if [ -x /usr/bin/lslpp ] ; then - IBM_REV=`/usr/bin/lslpp -Lqc bos.rte.libc | + if test -x /usr/bin/lslpp ; then + IBM_REV=`/usr/bin/lslpp -Lqc bos.rte.libc | \ awk -F: '{ print $3 }' | sed s/[0-9]*$/0/` else - IBM_REV="$UNAME_VERSION.$UNAME_RELEASE" + IBM_REV=$UNAME_VERSION.$UNAME_RELEASE fi - echo "$IBM_ARCH"-ibm-aix"$IBM_REV" - exit ;; + GUESS=$IBM_ARCH-ibm-aix$IBM_REV + ;; *:AIX:*:*) - echo rs6000-ibm-aix - exit ;; + GUESS=rs6000-ibm-aix + ;; ibmrt:4.4BSD:*|romp-ibm:4.4BSD:*) - echo romp-ibm-bsd4.4 - exit ;; + GUESS=romp-ibm-bsd4.4 + ;; ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC BSD and - echo romp-ibm-bsd"$UNAME_RELEASE" # 4.3 with uname added to - exit ;; # report: romp-ibm BSD 4.3 + GUESS=romp-ibm-bsd$UNAME_RELEASE # 4.3 with uname added to + ;; # report: romp-ibm BSD 4.3 *:BOSX:*:*) - echo rs6000-bull-bosx - exit ;; + GUESS=rs6000-bull-bosx + ;; DPX/2?00:B.O.S.:*:*) - echo m68k-bull-sysv3 - exit ;; + GUESS=m68k-bull-sysv3 + ;; 9000/[34]??:4.3bsd:1.*:*) - echo m68k-hp-bsd - exit ;; + GUESS=m68k-hp-bsd + ;; hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*) - echo m68k-hp-bsd4.4 - exit ;; + GUESS=m68k-hp-bsd4.4 + ;; 9000/[34678]??:HP-UX:*:*) - HPUX_REV=`echo "$UNAME_RELEASE"|sed -e 's/[^.]*.[0B]*//'` - case "$UNAME_MACHINE" in + HPUX_REV=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*.[0B]*//'` + case $UNAME_MACHINE in 9000/31?) HP_ARCH=m68000 ;; 9000/[34]??) HP_ARCH=m68k ;; 9000/[678][0-9][0-9]) - if [ -x /usr/bin/getconf ]; then + if test -x /usr/bin/getconf; then sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null` sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` - case "$sc_cpu_version" in + case $sc_cpu_version in 523) HP_ARCH=hppa1.0 ;; # CPU_PA_RISC1_0 528) HP_ARCH=hppa1.1 ;; # CPU_PA_RISC1_1 532) # CPU_PA_RISC2_0 - case "$sc_kernel_bits" in + case $sc_kernel_bits in 32) HP_ARCH=hppa2.0n ;; 64) HP_ARCH=hppa2.0w ;; '') HP_ARCH=hppa2.0 ;; # HP-UX 10.20 esac ;; esac fi - if [ "$HP_ARCH" = "" ]; then - eval "$set_cc_for_build" + if test "$HP_ARCH" = ""; then + set_cc_for_build sed 's/^ //' << EOF > "$dummy.c" #define _HPUX_SOURCE @@ -698,9 +743,9 @@ EOF test -z "$HP_ARCH" && HP_ARCH=hppa fi ;; esac - if [ "$HP_ARCH" = hppa2.0w ] + if test "$HP_ARCH" = hppa2.0w then - eval "$set_cc_for_build" + set_cc_for_build # hppa2.0w-hp-hpux* has a 64-bit kernel and a compiler generating # 32-bit code. hppa64-hp-hpux* has the same kernel and a compiler @@ -719,14 +764,14 @@ EOF HP_ARCH=hppa64 fi fi - echo "$HP_ARCH"-hp-hpux"$HPUX_REV" - exit ;; + GUESS=$HP_ARCH-hp-hpux$HPUX_REV + ;; ia64:HP-UX:*:*) - HPUX_REV=`echo "$UNAME_RELEASE"|sed -e 's/[^.]*.[0B]*//'` - echo ia64-hp-hpux"$HPUX_REV" - exit ;; + HPUX_REV=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*.[0B]*//'` + GUESS=ia64-hp-hpux$HPUX_REV + ;; 3050*:HI-UX:*:*) - eval "$set_cc_for_build" + set_cc_for_build sed 's/^ //' << EOF > "$dummy.c" #include int @@ -754,36 +799,36 @@ EOF EOF $CC_FOR_BUILD -o "$dummy" "$dummy.c" && SYSTEM_NAME=`"$dummy"` && { echo "$SYSTEM_NAME"; exit; } - echo unknown-hitachi-hiuxwe2 - exit ;; + GUESS=unknown-hitachi-hiuxwe2 + ;; 9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:*) - echo hppa1.1-hp-bsd - exit ;; + GUESS=hppa1.1-hp-bsd + ;; 9000/8??:4.3bsd:*:*) - echo hppa1.0-hp-bsd - exit ;; + GUESS=hppa1.0-hp-bsd + ;; *9??*:MPE/iX:*:* | *3000*:MPE/iX:*:*) - echo hppa1.0-hp-mpeix - exit ;; + GUESS=hppa1.0-hp-mpeix + ;; hp7??:OSF1:*:* | hp8?[79]:OSF1:*:*) - echo hppa1.1-hp-osf - exit ;; + GUESS=hppa1.1-hp-osf + ;; hp8??:OSF1:*:*) - echo hppa1.0-hp-osf - exit ;; + GUESS=hppa1.0-hp-osf + ;; i*86:OSF1:*:*) - if [ -x /usr/sbin/sysversion ] ; then - echo "$UNAME_MACHINE"-unknown-osf1mk + if test -x /usr/sbin/sysversion ; then + GUESS=$UNAME_MACHINE-unknown-osf1mk else - echo "$UNAME_MACHINE"-unknown-osf1 + GUESS=$UNAME_MACHINE-unknown-osf1 fi - exit ;; + ;; parisc*:Lites*:*:*) - echo hppa1.1-hp-lites - exit ;; + GUESS=hppa1.1-hp-lites + ;; C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) - echo c1-convex-bsd - exit ;; + GUESS=c1-convex-bsd + ;; C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) if getsysinfo -f scalar_acc then echo c32-convex-bsd @@ -791,17 +836,18 @@ EOF fi exit ;; C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) - echo c34-convex-bsd - exit ;; + GUESS=c34-convex-bsd + ;; C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) - echo c38-convex-bsd - exit ;; + GUESS=c38-convex-bsd + ;; C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) - echo c4-convex-bsd - exit ;; + GUESS=c4-convex-bsd + ;; CRAY*Y-MP:*:*:*) - echo ymp-cray-unicos"$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/' - exit ;; + CRAY_REL=`echo "$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/'` + GUESS=ymp-cray-unicos$CRAY_REL + ;; CRAY*[A-Z]90:*:*:*) echo "$UNAME_MACHINE"-cray-unicos"$UNAME_RELEASE" \ | sed -e 's/CRAY.*\([A-Z]90\)/\1/' \ @@ -809,103 +855,129 @@ EOF -e 's/\.[^.]*$/.X/' exit ;; CRAY*TS:*:*:*) - echo t90-cray-unicos"$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/' - exit ;; + CRAY_REL=`echo "$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/'` + GUESS=t90-cray-unicos$CRAY_REL + ;; CRAY*T3E:*:*:*) - echo alphaev5-cray-unicosmk"$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/' - exit ;; + CRAY_REL=`echo "$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/'` + GUESS=alphaev5-cray-unicosmk$CRAY_REL + ;; CRAY*SV1:*:*:*) - echo sv1-cray-unicos"$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/' - exit ;; + CRAY_REL=`echo "$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/'` + GUESS=sv1-cray-unicos$CRAY_REL + ;; *:UNICOS/mp:*:*) - echo craynv-cray-unicosmp"$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/' - exit ;; + CRAY_REL=`echo "$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/'` + GUESS=craynv-cray-unicosmp$CRAY_REL + ;; F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) FUJITSU_PROC=`uname -m | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz` FUJITSU_SYS=`uname -p | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz | sed -e 's/\///'` FUJITSU_REL=`echo "$UNAME_RELEASE" | sed -e 's/ /_/'` - echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" - exit ;; + GUESS=${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL} + ;; 5000:UNIX_System_V:4.*:*) FUJITSU_SYS=`uname -p | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz | sed -e 's/\///'` FUJITSU_REL=`echo "$UNAME_RELEASE" | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz | sed -e 's/ /_/'` - echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" - exit ;; + GUESS=sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL} + ;; i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) - echo "$UNAME_MACHINE"-pc-bsdi"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE-pc-bsdi$UNAME_RELEASE + ;; sparc*:BSD/OS:*:*) - echo sparc-unknown-bsdi"$UNAME_RELEASE" - exit ;; + GUESS=sparc-unknown-bsdi$UNAME_RELEASE + ;; *:BSD/OS:*:*) - echo "$UNAME_MACHINE"-unknown-bsdi"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE-unknown-bsdi$UNAME_RELEASE + ;; + arm:FreeBSD:*:*) + UNAME_PROCESSOR=`uname -p` + set_cc_for_build + if echo __ARM_PCS_VFP | $CC_FOR_BUILD -E - 2>/dev/null \ + | grep -q __ARM_PCS_VFP + then + FREEBSD_REL=`echo "$UNAME_RELEASE" | sed -e 's/[-(].*//'` + GUESS=$UNAME_PROCESSOR-unknown-freebsd$FREEBSD_REL-gnueabi + else + FREEBSD_REL=`echo "$UNAME_RELEASE" | sed -e 's/[-(].*//'` + GUESS=$UNAME_PROCESSOR-unknown-freebsd$FREEBSD_REL-gnueabihf + fi + ;; *:FreeBSD:*:*) UNAME_PROCESSOR=`/usr/bin/uname -p` - case "$UNAME_PROCESSOR" in + case $UNAME_PROCESSOR in amd64) UNAME_PROCESSOR=x86_64 ;; i386) UNAME_PROCESSOR=i586 ;; esac - echo "$UNAME_PROCESSOR"-unknown-freebsd"`echo "$UNAME_RELEASE"|sed -e 's/[-(].*//'`" - exit ;; + FREEBSD_REL=`echo "$UNAME_RELEASE" | sed -e 's/[-(].*//'` + GUESS=$UNAME_PROCESSOR-unknown-freebsd$FREEBSD_REL + ;; i*:CYGWIN*:*) - echo "$UNAME_MACHINE"-pc-cygwin - exit ;; + GUESS=$UNAME_MACHINE-pc-cygwin + ;; *:MINGW64*:*) - echo "$UNAME_MACHINE"-pc-mingw64 - exit ;; + GUESS=$UNAME_MACHINE-pc-mingw64 + ;; *:MINGW*:*) - echo "$UNAME_MACHINE"-pc-mingw32 - exit ;; + GUESS=$UNAME_MACHINE-pc-mingw32 + ;; *:MSYS*:*) - echo "$UNAME_MACHINE"-pc-msys - exit ;; + GUESS=$UNAME_MACHINE-pc-msys + ;; i*:PW*:*) - echo "$UNAME_MACHINE"-pc-pw32 - exit ;; + GUESS=$UNAME_MACHINE-pc-pw32 + ;; + *:SerenityOS:*:*) + GUESS=$UNAME_MACHINE-pc-serenity + ;; *:Interix*:*) - case "$UNAME_MACHINE" in + case $UNAME_MACHINE in x86) - echo i586-pc-interix"$UNAME_RELEASE" - exit ;; + GUESS=i586-pc-interix$UNAME_RELEASE + ;; authenticamd | genuineintel | EM64T) - echo x86_64-unknown-interix"$UNAME_RELEASE" - exit ;; + GUESS=x86_64-unknown-interix$UNAME_RELEASE + ;; IA64) - echo ia64-unknown-interix"$UNAME_RELEASE" - exit ;; + GUESS=ia64-unknown-interix$UNAME_RELEASE + ;; esac ;; i*:UWIN*:*) - echo "$UNAME_MACHINE"-pc-uwin - exit ;; + GUESS=$UNAME_MACHINE-pc-uwin + ;; amd64:CYGWIN*:*:* | x86_64:CYGWIN*:*:*) - echo x86_64-unknown-cygwin - exit ;; + GUESS=x86_64-pc-cygwin + ;; prep*:SunOS:5.*:*) - echo powerpcle-unknown-solaris2"`echo "$UNAME_RELEASE"|sed -e 's/[^.]*//'`" - exit ;; + SUN_REL=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'` + GUESS=powerpcle-unknown-solaris2$SUN_REL + ;; *:GNU:*:*) # the GNU system - echo "`echo "$UNAME_MACHINE"|sed -e 's,[-/].*$,,'`-unknown-$LIBC`echo "$UNAME_RELEASE"|sed -e 's,/.*$,,'`" - exit ;; + GNU_ARCH=`echo "$UNAME_MACHINE" | sed -e 's,[-/].*$,,'` + GNU_REL=`echo "$UNAME_RELEASE" | sed -e 's,/.*$,,'` + GUESS=$GNU_ARCH-unknown-$LIBC$GNU_REL + ;; *:GNU/*:*:*) # other systems with GNU libc and userland - echo "$UNAME_MACHINE-unknown-`echo "$UNAME_SYSTEM" | sed 's,^[^/]*/,,' | tr "[:upper:]" "[:lower:]"``echo "$UNAME_RELEASE"|sed -e 's/[-(].*//'`-$LIBC" - exit ;; - i*86:Minix:*:*) - echo "$UNAME_MACHINE"-pc-minix - exit ;; + GNU_SYS=`echo "$UNAME_SYSTEM" | sed 's,^[^/]*/,,' | tr "[:upper:]" "[:lower:]"` + GNU_REL=`echo "$UNAME_RELEASE" | sed -e 's/[-(].*//'` + GUESS=$UNAME_MACHINE-unknown-$GNU_SYS$GNU_REL-$LIBC + ;; + *:Minix:*:*) + GUESS=$UNAME_MACHINE-unknown-minix + ;; aarch64:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; aarch64_be:Linux:*:*) UNAME_MACHINE=aarch64_be - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; alpha:Linux:*:*) - case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in + case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' /proc/cpuinfo 2>/dev/null` in EV5) UNAME_MACHINE=alphaev5 ;; EV56) UNAME_MACHINE=alphaev56 ;; PCA56) UNAME_MACHINE=alphapca56 ;; @@ -916,187 +988,225 @@ EOF esac objdump --private-headers /bin/sh | grep -q ld.so.1 if test "$?" = 0 ; then LIBC=gnulibc1 ; fi - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; - arc:Linux:*:* | arceb:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; + arc:Linux:*:* | arceb:Linux:*:* | arc32:Linux:*:* | arc64:Linux:*:*) + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; arm*:Linux:*:*) - eval "$set_cc_for_build" + set_cc_for_build if echo __ARM_EABI__ | $CC_FOR_BUILD -E - 2>/dev/null \ | grep -q __ARM_EABI__ then - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC else if echo __ARM_PCS_VFP | $CC_FOR_BUILD -E - 2>/dev/null \ | grep -q __ARM_PCS_VFP then - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC"eabi + GUESS=$UNAME_MACHINE-unknown-linux-${LIBC}eabi else - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC"eabihf + GUESS=$UNAME_MACHINE-unknown-linux-${LIBC}eabihf fi fi - exit ;; + ;; avr32*:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; cris:Linux:*:*) - echo "$UNAME_MACHINE"-axis-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-axis-linux-$LIBC + ;; crisv32:Linux:*:*) - echo "$UNAME_MACHINE"-axis-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-axis-linux-$LIBC + ;; e2k:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; frv:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; hexagon:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; i*86:Linux:*:*) - echo "$UNAME_MACHINE"-pc-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-pc-linux-$LIBC + ;; ia64:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; k1om:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; + loongarch32:Linux:*:* | loongarch64:Linux:*:* | loongarchx32:Linux:*:*) + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; m32r*:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; m68*:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; mips:Linux:*:* | mips64:Linux:*:*) - eval "$set_cc_for_build" + set_cc_for_build + IS_GLIBC=0 + test x"${LIBC}" = xgnu && IS_GLIBC=1 sed 's/^ //' << EOF > "$dummy.c" #undef CPU - #undef ${UNAME_MACHINE} - #undef ${UNAME_MACHINE}el + #undef mips + #undef mipsel + #undef mips64 + #undef mips64el + #if ${IS_GLIBC} && defined(_ABI64) + LIBCABI=gnuabi64 + #else + #if ${IS_GLIBC} && defined(_ABIN32) + LIBCABI=gnuabin32 + #else + LIBCABI=${LIBC} + #endif + #endif + + #if ${IS_GLIBC} && defined(__mips64) && defined(__mips_isa_rev) && __mips_isa_rev>=6 + CPU=mipsisa64r6 + #else + #if ${IS_GLIBC} && !defined(__mips64) && defined(__mips_isa_rev) && __mips_isa_rev>=6 + CPU=mipsisa32r6 + #else + #if defined(__mips64) + CPU=mips64 + #else + CPU=mips + #endif + #endif + #endif + #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) - CPU=${UNAME_MACHINE}el + MIPS_ENDIAN=el #else #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) - CPU=${UNAME_MACHINE} + MIPS_ENDIAN= #else - CPU= + MIPS_ENDIAN= #endif #endif EOF - eval "`$CC_FOR_BUILD -E "$dummy.c" 2>/dev/null | grep '^CPU'`" - test "x$CPU" != x && { echo "$CPU-unknown-linux-$LIBC"; exit; } + cc_set_vars=`$CC_FOR_BUILD -E "$dummy.c" 2>/dev/null | grep '^CPU\|^MIPS_ENDIAN\|^LIBCABI'` + eval "$cc_set_vars" + test "x$CPU" != x && { echo "$CPU${MIPS_ENDIAN}-unknown-linux-$LIBCABI"; exit; } ;; mips64el:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; openrisc*:Linux:*:*) - echo or1k-unknown-linux-"$LIBC" - exit ;; + GUESS=or1k-unknown-linux-$LIBC + ;; or32:Linux:*:* | or1k*:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; padre:Linux:*:*) - echo sparc-unknown-linux-"$LIBC" - exit ;; + GUESS=sparc-unknown-linux-$LIBC + ;; parisc64:Linux:*:* | hppa64:Linux:*:*) - echo hppa64-unknown-linux-"$LIBC" - exit ;; + GUESS=hppa64-unknown-linux-$LIBC + ;; parisc:Linux:*:* | hppa:Linux:*:*) # Look for CPU level case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in - PA7*) echo hppa1.1-unknown-linux-"$LIBC" ;; - PA8*) echo hppa2.0-unknown-linux-"$LIBC" ;; - *) echo hppa-unknown-linux-"$LIBC" ;; + PA7*) GUESS=hppa1.1-unknown-linux-$LIBC ;; + PA8*) GUESS=hppa2.0-unknown-linux-$LIBC ;; + *) GUESS=hppa-unknown-linux-$LIBC ;; esac - exit ;; + ;; ppc64:Linux:*:*) - echo powerpc64-unknown-linux-"$LIBC" - exit ;; + GUESS=powerpc64-unknown-linux-$LIBC + ;; ppc:Linux:*:*) - echo powerpc-unknown-linux-"$LIBC" - exit ;; + GUESS=powerpc-unknown-linux-$LIBC + ;; ppc64le:Linux:*:*) - echo powerpc64le-unknown-linux-"$LIBC" - exit ;; + GUESS=powerpc64le-unknown-linux-$LIBC + ;; ppcle:Linux:*:*) - echo powerpcle-unknown-linux-"$LIBC" - exit ;; - riscv32:Linux:*:* | riscv64:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=powerpcle-unknown-linux-$LIBC + ;; + riscv32:Linux:*:* | riscv32be:Linux:*:* | riscv64:Linux:*:* | riscv64be:Linux:*:*) + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; s390:Linux:*:* | s390x:Linux:*:*) - echo "$UNAME_MACHINE"-ibm-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-ibm-linux-$LIBC + ;; sh64*:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; sh*:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; sparc:Linux:*:* | sparc64:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; tile*:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; vax:Linux:*:*) - echo "$UNAME_MACHINE"-dec-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-dec-linux-$LIBC + ;; x86_64:Linux:*:*) - if objdump -f /bin/sh | grep -q elf32-x86-64; then - echo "$UNAME_MACHINE"-pc-linux-"$LIBC"x32 - else - echo "$UNAME_MACHINE"-pc-linux-"$LIBC" + set_cc_for_build + LIBCABI=$LIBC + if test "$CC_FOR_BUILD" != no_compiler_found; then + if (echo '#ifdef __ILP32__'; echo IS_X32; echo '#endif') | \ + (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_X32 >/dev/null + then + LIBCABI=${LIBC}x32 + fi fi - exit ;; + GUESS=$UNAME_MACHINE-pc-linux-$LIBCABI + ;; xtensa*:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; i*86:DYNIX/ptx:4*:*) # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. # earlier versions are messed up and put the nodename in both # sysname and nodename. - echo i386-sequent-sysv4 - exit ;; + GUESS=i386-sequent-sysv4 + ;; i*86:UNIX_SV:4.2MP:2.*) # Unixware is an offshoot of SVR4, but it has its own version # number series starting with 2... # I am not positive that other SVR4 systems won't match this, # I just have to hope. -- rms. # Use sysv4.2uw... so that sysv4* matches it. - echo "$UNAME_MACHINE"-pc-sysv4.2uw"$UNAME_VERSION" - exit ;; + GUESS=$UNAME_MACHINE-pc-sysv4.2uw$UNAME_VERSION + ;; i*86:OS/2:*:*) # If we were able to find `uname', then EMX Unix compatibility # is probably installed. - echo "$UNAME_MACHINE"-pc-os2-emx - exit ;; + GUESS=$UNAME_MACHINE-pc-os2-emx + ;; i*86:XTS-300:*:STOP) - echo "$UNAME_MACHINE"-unknown-stop - exit ;; + GUESS=$UNAME_MACHINE-unknown-stop + ;; i*86:atheos:*:*) - echo "$UNAME_MACHINE"-unknown-atheos - exit ;; + GUESS=$UNAME_MACHINE-unknown-atheos + ;; i*86:syllable:*:*) - echo "$UNAME_MACHINE"-pc-syllable - exit ;; + GUESS=$UNAME_MACHINE-pc-syllable + ;; i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.[02]*:*) - echo i386-unknown-lynxos"$UNAME_RELEASE" - exit ;; + GUESS=i386-unknown-lynxos$UNAME_RELEASE + ;; i*86:*DOS:*:*) - echo "$UNAME_MACHINE"-pc-msdosdjgpp - exit ;; + GUESS=$UNAME_MACHINE-pc-msdosdjgpp + ;; i*86:*:4.*:*) UNAME_REL=`echo "$UNAME_RELEASE" | sed 's/\/MP$//'` if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then - echo "$UNAME_MACHINE"-univel-sysv"$UNAME_REL" + GUESS=$UNAME_MACHINE-univel-sysv$UNAME_REL else - echo "$UNAME_MACHINE"-pc-sysv"$UNAME_REL" + GUESS=$UNAME_MACHINE-pc-sysv$UNAME_REL fi - exit ;; + ;; i*86:*:5:[678]*) # UnixWare 7.x, OpenUNIX and OpenServer 6. case `/bin/uname -X | grep "^Machine"` in @@ -1104,12 +1214,12 @@ EOF *Pentium) UNAME_MACHINE=i586 ;; *Pent*|*Celeron) UNAME_MACHINE=i686 ;; esac - echo "$UNAME_MACHINE-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}{$UNAME_VERSION}" - exit ;; + GUESS=$UNAME_MACHINE-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}${UNAME_VERSION} + ;; i*86:*:3.2:*) if test -f /usr/options/cb.name; then UNAME_REL=`sed -n 's/.*Version //p' /dev/null >/dev/null ; then UNAME_REL=`(/bin/uname -X|grep Release|sed -e 's/.*= //')` (/bin/uname -X|grep i80486 >/dev/null) && UNAME_MACHINE=i486 @@ -1119,11 +1229,11 @@ EOF && UNAME_MACHINE=i686 (/bin/uname -X|grep '^Machine.*Pentium Pro' >/dev/null) \ && UNAME_MACHINE=i686 - echo "$UNAME_MACHINE"-pc-sco"$UNAME_REL" + GUESS=$UNAME_MACHINE-pc-sco$UNAME_REL else - echo "$UNAME_MACHINE"-pc-sysv32 + GUESS=$UNAME_MACHINE-pc-sysv32 fi - exit ;; + ;; pc:*:*:*) # Left here for compatibility: # uname -m prints for DJGPP always 'pc', but it prints nothing about @@ -1131,31 +1241,31 @@ EOF # Note: whatever this is, it MUST be the same as what config.sub # prints for the "djgpp" host, or else GDB configure will decide that # this is a cross-build. - echo i586-pc-msdosdjgpp - exit ;; + GUESS=i586-pc-msdosdjgpp + ;; Intel:Mach:3*:*) - echo i386-pc-mach3 - exit ;; + GUESS=i386-pc-mach3 + ;; paragon:*:*:*) - echo i860-intel-osf1 - exit ;; + GUESS=i860-intel-osf1 + ;; i860:*:4.*:*) # i860-SVR4 if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then - echo i860-stardent-sysv"$UNAME_RELEASE" # Stardent Vistra i860-SVR4 + GUESS=i860-stardent-sysv$UNAME_RELEASE # Stardent Vistra i860-SVR4 else # Add other i860-SVR4 vendors below as they are discovered. - echo i860-unknown-sysv"$UNAME_RELEASE" # Unknown i860-SVR4 + GUESS=i860-unknown-sysv$UNAME_RELEASE # Unknown i860-SVR4 fi - exit ;; + ;; mini*:CTIX:SYS*5:*) # "miniframe" - echo m68010-convergent-sysv - exit ;; + GUESS=m68010-convergent-sysv + ;; mc68k:UNIX:SYSTEM5:3.51m) - echo m68k-convergent-sysv - exit ;; + GUESS=m68k-convergent-sysv + ;; M680?0:D-NIX:5.3:*) - echo m68k-diab-dnix - exit ;; + GUESS=m68k-diab-dnix + ;; M68*:*:R3V[5678]*:*) test -r /sysV68 && { echo 'm68k-motorola-sysv'; exit; } ;; 3[345]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0 | S7501*:*:4.0:3.0) @@ -1180,249 +1290,404 @@ EOF /bin/uname -p 2>/dev/null | /bin/grep pteron >/dev/null \ && { echo i586-ncr-sysv4.3"$OS_REL"; exit; } ;; m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*) - echo m68k-unknown-lynxos"$UNAME_RELEASE" - exit ;; + GUESS=m68k-unknown-lynxos$UNAME_RELEASE + ;; mc68030:UNIX_System_V:4.*:*) - echo m68k-atari-sysv4 - exit ;; + GUESS=m68k-atari-sysv4 + ;; TSUNAMI:LynxOS:2.*:*) - echo sparc-unknown-lynxos"$UNAME_RELEASE" - exit ;; + GUESS=sparc-unknown-lynxos$UNAME_RELEASE + ;; rs6000:LynxOS:2.*:*) - echo rs6000-unknown-lynxos"$UNAME_RELEASE" - exit ;; + GUESS=rs6000-unknown-lynxos$UNAME_RELEASE + ;; PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.[02]*:*) - echo powerpc-unknown-lynxos"$UNAME_RELEASE" - exit ;; + GUESS=powerpc-unknown-lynxos$UNAME_RELEASE + ;; SM[BE]S:UNIX_SV:*:*) - echo mips-dde-sysv"$UNAME_RELEASE" - exit ;; + GUESS=mips-dde-sysv$UNAME_RELEASE + ;; RM*:ReliantUNIX-*:*:*) - echo mips-sni-sysv4 - exit ;; + GUESS=mips-sni-sysv4 + ;; RM*:SINIX-*:*:*) - echo mips-sni-sysv4 - exit ;; + GUESS=mips-sni-sysv4 + ;; *:SINIX-*:*:*) if uname -p 2>/dev/null >/dev/null ; then UNAME_MACHINE=`(uname -p) 2>/dev/null` - echo "$UNAME_MACHINE"-sni-sysv4 + GUESS=$UNAME_MACHINE-sni-sysv4 else - echo ns32k-sni-sysv + GUESS=ns32k-sni-sysv fi - exit ;; + ;; PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort # says - echo i586-unisys-sysv4 - exit ;; + GUESS=i586-unisys-sysv4 + ;; *:UNIX_System_V:4*:FTX*) # From Gerald Hewes . # How about differentiating between stratus architectures? -djm - echo hppa1.1-stratus-sysv4 - exit ;; + GUESS=hppa1.1-stratus-sysv4 + ;; *:*:*:FTX*) # From seanf@swdc.stratus.com. - echo i860-stratus-sysv4 - exit ;; + GUESS=i860-stratus-sysv4 + ;; i*86:VOS:*:*) # From Paul.Green@stratus.com. - echo "$UNAME_MACHINE"-stratus-vos - exit ;; + GUESS=$UNAME_MACHINE-stratus-vos + ;; *:VOS:*:*) # From Paul.Green@stratus.com. - echo hppa1.1-stratus-vos - exit ;; + GUESS=hppa1.1-stratus-vos + ;; mc68*:A/UX:*:*) - echo m68k-apple-aux"$UNAME_RELEASE" - exit ;; + GUESS=m68k-apple-aux$UNAME_RELEASE + ;; news*:NEWS-OS:6*:*) - echo mips-sony-newsos6 - exit ;; + GUESS=mips-sony-newsos6 + ;; R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) - if [ -d /usr/nec ]; then - echo mips-nec-sysv"$UNAME_RELEASE" + if test -d /usr/nec; then + GUESS=mips-nec-sysv$UNAME_RELEASE else - echo mips-unknown-sysv"$UNAME_RELEASE" + GUESS=mips-unknown-sysv$UNAME_RELEASE fi - exit ;; + ;; BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. - echo powerpc-be-beos - exit ;; + GUESS=powerpc-be-beos + ;; BeMac:BeOS:*:*) # BeOS running on Mac or Mac clone, PPC only. - echo powerpc-apple-beos - exit ;; + GUESS=powerpc-apple-beos + ;; BePC:BeOS:*:*) # BeOS running on Intel PC compatible. - echo i586-pc-beos - exit ;; + GUESS=i586-pc-beos + ;; BePC:Haiku:*:*) # Haiku running on Intel PC compatible. - echo i586-pc-haiku - exit ;; + GUESS=i586-pc-haiku + ;; x86_64:Haiku:*:*) - echo x86_64-unknown-haiku - exit ;; + GUESS=x86_64-unknown-haiku + ;; SX-4:SUPER-UX:*:*) - echo sx4-nec-superux"$UNAME_RELEASE" - exit ;; + GUESS=sx4-nec-superux$UNAME_RELEASE + ;; SX-5:SUPER-UX:*:*) - echo sx5-nec-superux"$UNAME_RELEASE" - exit ;; + GUESS=sx5-nec-superux$UNAME_RELEASE + ;; SX-6:SUPER-UX:*:*) - echo sx6-nec-superux"$UNAME_RELEASE" - exit ;; + GUESS=sx6-nec-superux$UNAME_RELEASE + ;; SX-7:SUPER-UX:*:*) - echo sx7-nec-superux"$UNAME_RELEASE" - exit ;; + GUESS=sx7-nec-superux$UNAME_RELEASE + ;; SX-8:SUPER-UX:*:*) - echo sx8-nec-superux"$UNAME_RELEASE" - exit ;; + GUESS=sx8-nec-superux$UNAME_RELEASE + ;; SX-8R:SUPER-UX:*:*) - echo sx8r-nec-superux"$UNAME_RELEASE" - exit ;; + GUESS=sx8r-nec-superux$UNAME_RELEASE + ;; SX-ACE:SUPER-UX:*:*) - echo sxace-nec-superux"$UNAME_RELEASE" - exit ;; + GUESS=sxace-nec-superux$UNAME_RELEASE + ;; Power*:Rhapsody:*:*) - echo powerpc-apple-rhapsody"$UNAME_RELEASE" - exit ;; + GUESS=powerpc-apple-rhapsody$UNAME_RELEASE + ;; *:Rhapsody:*:*) - echo "$UNAME_MACHINE"-apple-rhapsody"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE-apple-rhapsody$UNAME_RELEASE + ;; + arm64:Darwin:*:*) + GUESS=aarch64-apple-darwin$UNAME_RELEASE + ;; *:Darwin:*:*) - UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown - eval "$set_cc_for_build" - if test "$UNAME_PROCESSOR" = unknown ; then - UNAME_PROCESSOR=powerpc + UNAME_PROCESSOR=`uname -p` + case $UNAME_PROCESSOR in + unknown) UNAME_PROCESSOR=powerpc ;; + esac + if command -v xcode-select > /dev/null 2> /dev/null && \ + ! xcode-select --print-path > /dev/null 2> /dev/null ; then + # Avoid executing cc if there is no toolchain installed as + # cc will be a stub that puts up a graphical alert + # prompting the user to install developer tools. + CC_FOR_BUILD=no_compiler_found + else + set_cc_for_build fi - if test "`echo "$UNAME_RELEASE" | sed -e 's/\..*//'`" -le 10 ; then - if [ "$CC_FOR_BUILD" != no_compiler_found ]; then - if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ - (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ - grep IS_64BIT_ARCH >/dev/null - then - case $UNAME_PROCESSOR in - i386) UNAME_PROCESSOR=x86_64 ;; - powerpc) UNAME_PROCESSOR=powerpc64 ;; - esac - fi - # On 10.4-10.6 one might compile for PowerPC via gcc -arch ppc - if (echo '#ifdef __POWERPC__'; echo IS_PPC; echo '#endif') | \ - (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ - grep IS_PPC >/dev/null - then - UNAME_PROCESSOR=powerpc - fi + if test "$CC_FOR_BUILD" != no_compiler_found; then + if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ + (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_64BIT_ARCH >/dev/null + then + case $UNAME_PROCESSOR in + i386) UNAME_PROCESSOR=x86_64 ;; + powerpc) UNAME_PROCESSOR=powerpc64 ;; + esac + fi + # On 10.4-10.6 one might compile for PowerPC via gcc -arch ppc + if (echo '#ifdef __POWERPC__'; echo IS_PPC; echo '#endif') | \ + (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_PPC >/dev/null + then + UNAME_PROCESSOR=powerpc fi elif test "$UNAME_PROCESSOR" = i386 ; then - # Avoid executing cc on OS X 10.9, as it ships with a stub - # that puts up a graphical alert prompting to install - # developer tools. Any system running Mac OS X 10.7 or - # later (Darwin 11 and later) is required to have a 64-bit - # processor. This is not true of the ARM version of Darwin - # that Apple uses in portable devices. - UNAME_PROCESSOR=x86_64 + # uname -m returns i386 or x86_64 + UNAME_PROCESSOR=$UNAME_MACHINE fi - echo "$UNAME_PROCESSOR"-apple-darwin"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_PROCESSOR-apple-darwin$UNAME_RELEASE + ;; *:procnto*:*:* | *:QNX:[0123456789]*:*) UNAME_PROCESSOR=`uname -p` if test "$UNAME_PROCESSOR" = x86; then UNAME_PROCESSOR=i386 UNAME_MACHINE=pc fi - echo "$UNAME_PROCESSOR"-"$UNAME_MACHINE"-nto-qnx"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_PROCESSOR-$UNAME_MACHINE-nto-qnx$UNAME_RELEASE + ;; *:QNX:*:4*) - echo i386-pc-qnx - exit ;; + GUESS=i386-pc-qnx + ;; NEO-*:NONSTOP_KERNEL:*:*) - echo neo-tandem-nsk"$UNAME_RELEASE" - exit ;; + GUESS=neo-tandem-nsk$UNAME_RELEASE + ;; NSE-*:NONSTOP_KERNEL:*:*) - echo nse-tandem-nsk"$UNAME_RELEASE" - exit ;; + GUESS=nse-tandem-nsk$UNAME_RELEASE + ;; NSR-*:NONSTOP_KERNEL:*:*) - echo nsr-tandem-nsk"$UNAME_RELEASE" - exit ;; + GUESS=nsr-tandem-nsk$UNAME_RELEASE + ;; NSV-*:NONSTOP_KERNEL:*:*) - echo nsv-tandem-nsk"$UNAME_RELEASE" - exit ;; + GUESS=nsv-tandem-nsk$UNAME_RELEASE + ;; NSX-*:NONSTOP_KERNEL:*:*) - echo nsx-tandem-nsk"$UNAME_RELEASE" - exit ;; + GUESS=nsx-tandem-nsk$UNAME_RELEASE + ;; *:NonStop-UX:*:*) - echo mips-compaq-nonstopux - exit ;; + GUESS=mips-compaq-nonstopux + ;; BS2000:POSIX*:*:*) - echo bs2000-siemens-sysv - exit ;; + GUESS=bs2000-siemens-sysv + ;; DS/*:UNIX_System_V:*:*) - echo "$UNAME_MACHINE"-"$UNAME_SYSTEM"-"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE-$UNAME_SYSTEM-$UNAME_RELEASE + ;; *:Plan9:*:*) # "uname -m" is not consistent, so use $cputype instead. 386 # is converted to i386 for consistency with other x86 # operating systems. - if test "$cputype" = 386; then + if test "${cputype-}" = 386; then UNAME_MACHINE=i386 - else - UNAME_MACHINE="$cputype" + elif test "x${cputype-}" != x; then + UNAME_MACHINE=$cputype fi - echo "$UNAME_MACHINE"-unknown-plan9 - exit ;; + GUESS=$UNAME_MACHINE-unknown-plan9 + ;; *:TOPS-10:*:*) - echo pdp10-unknown-tops10 - exit ;; + GUESS=pdp10-unknown-tops10 + ;; *:TENEX:*:*) - echo pdp10-unknown-tenex - exit ;; + GUESS=pdp10-unknown-tenex + ;; KS10:TOPS-20:*:* | KL10:TOPS-20:*:* | TYPE4:TOPS-20:*:*) - echo pdp10-dec-tops20 - exit ;; + GUESS=pdp10-dec-tops20 + ;; XKL-1:TOPS-20:*:* | TYPE5:TOPS-20:*:*) - echo pdp10-xkl-tops20 - exit ;; + GUESS=pdp10-xkl-tops20 + ;; *:TOPS-20:*:*) - echo pdp10-unknown-tops20 - exit ;; + GUESS=pdp10-unknown-tops20 + ;; *:ITS:*:*) - echo pdp10-unknown-its - exit ;; + GUESS=pdp10-unknown-its + ;; SEI:*:*:SEIUX) - echo mips-sei-seiux"$UNAME_RELEASE" - exit ;; + GUESS=mips-sei-seiux$UNAME_RELEASE + ;; *:DragonFly:*:*) - echo "$UNAME_MACHINE"-unknown-dragonfly"`echo "$UNAME_RELEASE"|sed -e 's/[-(].*//'`" - exit ;; + DRAGONFLY_REL=`echo "$UNAME_RELEASE" | sed -e 's/[-(].*//'` + GUESS=$UNAME_MACHINE-unknown-dragonfly$DRAGONFLY_REL + ;; *:*VMS:*:*) UNAME_MACHINE=`(uname -p) 2>/dev/null` - case "$UNAME_MACHINE" in - A*) echo alpha-dec-vms ; exit ;; - I*) echo ia64-dec-vms ; exit ;; - V*) echo vax-dec-vms ; exit ;; + case $UNAME_MACHINE in + A*) GUESS=alpha-dec-vms ;; + I*) GUESS=ia64-dec-vms ;; + V*) GUESS=vax-dec-vms ;; esac ;; *:XENIX:*:SysV) - echo i386-pc-xenix - exit ;; + GUESS=i386-pc-xenix + ;; i*86:skyos:*:*) - echo "$UNAME_MACHINE"-pc-skyos"`echo "$UNAME_RELEASE" | sed -e 's/ .*$//'`" - exit ;; + SKYOS_REL=`echo "$UNAME_RELEASE" | sed -e 's/ .*$//'` + GUESS=$UNAME_MACHINE-pc-skyos$SKYOS_REL + ;; i*86:rdos:*:*) - echo "$UNAME_MACHINE"-pc-rdos - exit ;; - i*86:AROS:*:*) - echo "$UNAME_MACHINE"-pc-aros - exit ;; + GUESS=$UNAME_MACHINE-pc-rdos + ;; + i*86:Fiwix:*:*) + GUESS=$UNAME_MACHINE-pc-fiwix + ;; + *:AROS:*:*) + GUESS=$UNAME_MACHINE-unknown-aros + ;; x86_64:VMkernel:*:*) - echo "$UNAME_MACHINE"-unknown-esx - exit ;; + GUESS=$UNAME_MACHINE-unknown-esx + ;; amd64:Isilon\ OneFS:*:*) - echo x86_64-unknown-onefs - exit ;; + GUESS=x86_64-unknown-onefs + ;; + *:Unleashed:*:*) + GUESS=$UNAME_MACHINE-unknown-unleashed$UNAME_RELEASE + ;; esac +# Do we have a guess based on uname results? +if test "x$GUESS" != x; then + echo "$GUESS" + exit +fi + +# No uname command or uname output not recognized. +set_cc_for_build +cat > "$dummy.c" < +#include +#endif +#if defined(ultrix) || defined(_ultrix) || defined(__ultrix) || defined(__ultrix__) +#if defined (vax) || defined (__vax) || defined (__vax__) || defined(mips) || defined(__mips) || defined(__mips__) || defined(MIPS) || defined(__MIPS__) +#include +#if defined(_SIZE_T_) || defined(SIGLOST) +#include +#endif +#endif +#endif +main () +{ +#if defined (sony) +#if defined (MIPSEB) + /* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed, + I don't know.... */ + printf ("mips-sony-bsd\n"); exit (0); +#else +#include + printf ("m68k-sony-newsos%s\n", +#ifdef NEWSOS4 + "4" +#else + "" +#endif + ); exit (0); +#endif +#endif + +#if defined (NeXT) +#if !defined (__ARCHITECTURE__) +#define __ARCHITECTURE__ "m68k" +#endif + int version; + version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`; + if (version < 4) + printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version); + else + printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version); + exit (0); +#endif + +#if defined (MULTIMAX) || defined (n16) +#if defined (UMAXV) + printf ("ns32k-encore-sysv\n"); exit (0); +#else +#if defined (CMU) + printf ("ns32k-encore-mach\n"); exit (0); +#else + printf ("ns32k-encore-bsd\n"); exit (0); +#endif +#endif +#endif + +#if defined (__386BSD__) + printf ("i386-pc-bsd\n"); exit (0); +#endif + +#if defined (sequent) +#if defined (i386) + printf ("i386-sequent-dynix\n"); exit (0); +#endif +#if defined (ns32000) + printf ("ns32k-sequent-dynix\n"); exit (0); +#endif +#endif + +#if defined (_SEQUENT_) + struct utsname un; + + uname(&un); + if (strncmp(un.version, "V2", 2) == 0) { + printf ("i386-sequent-ptx2\n"); exit (0); + } + if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */ + printf ("i386-sequent-ptx1\n"); exit (0); + } + printf ("i386-sequent-ptx\n"); exit (0); +#endif + +#if defined (vax) +#if !defined (ultrix) +#include +#if defined (BSD) +#if BSD == 43 + printf ("vax-dec-bsd4.3\n"); exit (0); +#else +#if BSD == 199006 + printf ("vax-dec-bsd4.3reno\n"); exit (0); +#else + printf ("vax-dec-bsd\n"); exit (0); +#endif +#endif +#else + printf ("vax-dec-bsd\n"); exit (0); +#endif +#else +#if defined(_SIZE_T_) || defined(SIGLOST) + struct utsname un; + uname (&un); + printf ("vax-dec-ultrix%s\n", un.release); exit (0); +#else + printf ("vax-dec-ultrix\n"); exit (0); +#endif +#endif +#endif +#if defined(ultrix) || defined(_ultrix) || defined(__ultrix) || defined(__ultrix__) +#if defined(mips) || defined(__mips) || defined(__mips__) || defined(MIPS) || defined(__MIPS__) +#if defined(_SIZE_T_) || defined(SIGLOST) + struct utsname *un; + uname (&un); + printf ("mips-dec-ultrix%s\n", un.release); exit (0); +#else + printf ("mips-dec-ultrix\n"); exit (0); +#endif +#endif +#endif + +#if defined (alliant) && defined (i860) + printf ("i860-alliant-bsd\n"); exit (0); +#endif + + exit (1); +} +EOF + +$CC_FOR_BUILD -o "$dummy" "$dummy.c" 2>/dev/null && SYSTEM_NAME=`"$dummy"` && + { echo "$SYSTEM_NAME"; exit; } + +# Apollos put the system type in the environment. +test -d /usr/apollo && { echo "$ISP-apollo-$SYSTYPE"; exit; } + echo "$0: unable to guess system type" >&2 -case "$UNAME_MACHINE:$UNAME_SYSTEM" in +case $UNAME_MACHINE:$UNAME_SYSTEM in mips:Linux | mips64:Linux) # If we got here on MIPS GNU/Linux, output extra information. cat >&2 <&2 <&2 exit 1 ;; *local*) @@ -110,1223 +119,1186 @@ case $# in exit 1;; esac -# Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any). -# Here we must recognize all the valid KERNEL-OS combinations. -maybe_os=`echo "$1" | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` -case $maybe_os in - nto-qnx* | linux-gnu* | linux-android* | linux-dietlibc | linux-newlib* | \ - linux-musl* | linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | \ - knetbsd*-gnu* | netbsd*-gnu* | netbsd*-eabi* | \ - kopensolaris*-gnu* | cloudabi*-eabi* | \ - storm-chaos* | os2-emx* | rtmk-nova*) - os=-$maybe_os - basic_machine=`echo "$1" | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` - ;; - android-linux) - os=-linux-android - basic_machine=`echo "$1" | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`-unknown - ;; - *) - basic_machine=`echo "$1" | sed 's/-[^-]*$//'` - if [ "$basic_machine" != "$1" ] - then os=`echo "$1" | sed 's/.*-/-/'` - else os=; fi - ;; -esac +# Split fields of configuration type +# shellcheck disable=SC2162 +saved_IFS=$IFS +IFS="-" read field1 field2 field3 field4 <&2 + exit 1 ;; - -dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \ - -att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \ - -unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \ - -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\ - -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \ - -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \ - -apple | -axis | -knuth | -cray | -microblaze*) - os= - basic_machine=$1 + *-*-*-*) + basic_machine=$field1-$field2 + basic_os=$field3-$field4 ;; - -bluegene*) - os=-cnk + *-*-*) + # Ambiguous whether COMPANY is present, or skipped and KERNEL-OS is two + # parts + maybe_os=$field2-$field3 + case $maybe_os in + nto-qnx* | linux-* | uclinux-uclibc* \ + | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* \ + | netbsd*-eabi* | kopensolaris*-gnu* | cloudabi*-eabi* \ + | storm-chaos* | os2-emx* | rtmk-nova*) + basic_machine=$field1 + basic_os=$maybe_os + ;; + android-linux) + basic_machine=$field1-unknown + basic_os=linux-android + ;; + *) + basic_machine=$field1-$field2 + basic_os=$field3 + ;; + esac ;; - -sim | -cisco | -oki | -wec | -winbond) - os= - basic_machine=$1 + *-*) + # A lone config we happen to match not fitting any pattern + case $field1-$field2 in + decstation-3100) + basic_machine=mips-dec + basic_os= + ;; + *-*) + # Second component is usually, but not always the OS + case $field2 in + # Prevent following clause from handling this valid os + sun*os*) + basic_machine=$field1 + basic_os=$field2 + ;; + zephyr*) + basic_machine=$field1-unknown + basic_os=$field2 + ;; + # Manufacturers + dec* | mips* | sequent* | encore* | pc533* | sgi* | sony* \ + | att* | 7300* | 3300* | delta* | motorola* | sun[234]* \ + | unicom* | ibm* | next | hp | isi* | apollo | altos* \ + | convergent* | ncr* | news | 32* | 3600* | 3100* \ + | hitachi* | c[123]* | convex* | sun | crds | omron* | dg \ + | ultra | tti* | harris | dolphin | highlevel | gould \ + | cbm | ns | masscomp | apple | axis | knuth | cray \ + | microblaze* | sim | cisco \ + | oki | wec | wrs | winbond) + basic_machine=$field1-$field2 + basic_os= + ;; + *) + basic_machine=$field1 + basic_os=$field2 + ;; + esac + ;; + esac ;; - -scout) - ;; - -wrs) - os=-vxworks - basic_machine=$1 - ;; - -chorusos*) - os=-chorusos - basic_machine=$1 - ;; - -chorusrdb) - os=-chorusrdb - basic_machine=$1 - ;; - -hiux*) - os=-hiuxwe2 - ;; - -sco6) - os=-sco5v6 - basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'` - ;; - -sco5) - os=-sco3.2v5 - basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'` - ;; - -sco4) - os=-sco3.2v4 - basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'` - ;; - -sco3.2.[4-9]*) - os=`echo $os | sed -e 's/sco3.2./sco3.2v/'` - basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'` - ;; - -sco3.2v[4-9]*) - # Don't forget version if it is 3.2v4 or newer. - basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'` - ;; - -sco5v6*) - # Don't forget version if it is 3.2v4 or newer. - basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'` - ;; - -sco*) - os=-sco3.2v2 - basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'` - ;; - -udk*) - basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'` - ;; - -isc) - os=-isc2.2 - basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'` - ;; - -clix*) - basic_machine=clipper-intergraph - ;; - -isc*) - basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'` - ;; - -lynx*178) - os=-lynxos178 - ;; - -lynx*5) - os=-lynxos5 - ;; - -lynx*) - os=-lynxos - ;; - -ptx*) - basic_machine=`echo "$1" | sed -e 's/86-.*/86-sequent/'` - ;; - -psos*) - os=-psos - ;; - -mint | -mint[0-9]*) - basic_machine=m68k-atari - os=-mint + *) + # Convert single-component short-hands not valid as part of + # multi-component configurations. + case $field1 in + 386bsd) + basic_machine=i386-pc + basic_os=bsd + ;; + a29khif) + basic_machine=a29k-amd + basic_os=udi + ;; + adobe68k) + basic_machine=m68010-adobe + basic_os=scout + ;; + alliant) + basic_machine=fx80-alliant + basic_os= + ;; + altos | altos3068) + basic_machine=m68k-altos + basic_os= + ;; + am29k) + basic_machine=a29k-none + basic_os=bsd + ;; + amdahl) + basic_machine=580-amdahl + basic_os=sysv + ;; + amiga) + basic_machine=m68k-unknown + basic_os= + ;; + amigaos | amigados) + basic_machine=m68k-unknown + basic_os=amigaos + ;; + amigaunix | amix) + basic_machine=m68k-unknown + basic_os=sysv4 + ;; + apollo68) + basic_machine=m68k-apollo + basic_os=sysv + ;; + apollo68bsd) + basic_machine=m68k-apollo + basic_os=bsd + ;; + aros) + basic_machine=i386-pc + basic_os=aros + ;; + aux) + basic_machine=m68k-apple + basic_os=aux + ;; + balance) + basic_machine=ns32k-sequent + basic_os=dynix + ;; + blackfin) + basic_machine=bfin-unknown + basic_os=linux + ;; + cegcc) + basic_machine=arm-unknown + basic_os=cegcc + ;; + convex-c1) + basic_machine=c1-convex + basic_os=bsd + ;; + convex-c2) + basic_machine=c2-convex + basic_os=bsd + ;; + convex-c32) + basic_machine=c32-convex + basic_os=bsd + ;; + convex-c34) + basic_machine=c34-convex + basic_os=bsd + ;; + convex-c38) + basic_machine=c38-convex + basic_os=bsd + ;; + cray) + basic_machine=j90-cray + basic_os=unicos + ;; + crds | unos) + basic_machine=m68k-crds + basic_os= + ;; + da30) + basic_machine=m68k-da30 + basic_os= + ;; + decstation | pmax | pmin | dec3100 | decstatn) + basic_machine=mips-dec + basic_os= + ;; + delta88) + basic_machine=m88k-motorola + basic_os=sysv3 + ;; + dicos) + basic_machine=i686-pc + basic_os=dicos + ;; + djgpp) + basic_machine=i586-pc + basic_os=msdosdjgpp + ;; + ebmon29k) + basic_machine=a29k-amd + basic_os=ebmon + ;; + es1800 | OSE68k | ose68k | ose | OSE) + basic_machine=m68k-ericsson + basic_os=ose + ;; + gmicro) + basic_machine=tron-gmicro + basic_os=sysv + ;; + go32) + basic_machine=i386-pc + basic_os=go32 + ;; + h8300hms) + basic_machine=h8300-hitachi + basic_os=hms + ;; + h8300xray) + basic_machine=h8300-hitachi + basic_os=xray + ;; + h8500hms) + basic_machine=h8500-hitachi + basic_os=hms + ;; + harris) + basic_machine=m88k-harris + basic_os=sysv3 + ;; + hp300 | hp300hpux) + basic_machine=m68k-hp + basic_os=hpux + ;; + hp300bsd) + basic_machine=m68k-hp + basic_os=bsd + ;; + hppaosf) + basic_machine=hppa1.1-hp + basic_os=osf + ;; + hppro) + basic_machine=hppa1.1-hp + basic_os=proelf + ;; + i386mach) + basic_machine=i386-mach + basic_os=mach + ;; + isi68 | isi) + basic_machine=m68k-isi + basic_os=sysv + ;; + m68knommu) + basic_machine=m68k-unknown + basic_os=linux + ;; + magnum | m3230) + basic_machine=mips-mips + basic_os=sysv + ;; + merlin) + basic_machine=ns32k-utek + basic_os=sysv + ;; + mingw64) + basic_machine=x86_64-pc + basic_os=mingw64 + ;; + mingw32) + basic_machine=i686-pc + basic_os=mingw32 + ;; + mingw32ce) + basic_machine=arm-unknown + basic_os=mingw32ce + ;; + monitor) + basic_machine=m68k-rom68k + basic_os=coff + ;; + morphos) + basic_machine=powerpc-unknown + basic_os=morphos + ;; + moxiebox) + basic_machine=moxie-unknown + basic_os=moxiebox + ;; + msdos) + basic_machine=i386-pc + basic_os=msdos + ;; + msys) + basic_machine=i686-pc + basic_os=msys + ;; + mvs) + basic_machine=i370-ibm + basic_os=mvs + ;; + nacl) + basic_machine=le32-unknown + basic_os=nacl + ;; + ncr3000) + basic_machine=i486-ncr + basic_os=sysv4 + ;; + netbsd386) + basic_machine=i386-pc + basic_os=netbsd + ;; + netwinder) + basic_machine=armv4l-rebel + basic_os=linux + ;; + news | news700 | news800 | news900) + basic_machine=m68k-sony + basic_os=newsos + ;; + news1000) + basic_machine=m68030-sony + basic_os=newsos + ;; + necv70) + basic_machine=v70-nec + basic_os=sysv + ;; + nh3000) + basic_machine=m68k-harris + basic_os=cxux + ;; + nh[45]000) + basic_machine=m88k-harris + basic_os=cxux + ;; + nindy960) + basic_machine=i960-intel + basic_os=nindy + ;; + mon960) + basic_machine=i960-intel + basic_os=mon960 + ;; + nonstopux) + basic_machine=mips-compaq + basic_os=nonstopux + ;; + os400) + basic_machine=powerpc-ibm + basic_os=os400 + ;; + OSE68000 | ose68000) + basic_machine=m68000-ericsson + basic_os=ose + ;; + os68k) + basic_machine=m68k-none + basic_os=os68k + ;; + paragon) + basic_machine=i860-intel + basic_os=osf + ;; + parisc) + basic_machine=hppa-unknown + basic_os=linux + ;; + psp) + basic_machine=mipsallegrexel-sony + basic_os=psp + ;; + pw32) + basic_machine=i586-unknown + basic_os=pw32 + ;; + rdos | rdos64) + basic_machine=x86_64-pc + basic_os=rdos + ;; + rdos32) + basic_machine=i386-pc + basic_os=rdos + ;; + rom68k) + basic_machine=m68k-rom68k + basic_os=coff + ;; + sa29200) + basic_machine=a29k-amd + basic_os=udi + ;; + sei) + basic_machine=mips-sei + basic_os=seiux + ;; + sequent) + basic_machine=i386-sequent + basic_os= + ;; + sps7) + basic_machine=m68k-bull + basic_os=sysv2 + ;; + st2000) + basic_machine=m68k-tandem + basic_os= + ;; + stratus) + basic_machine=i860-stratus + basic_os=sysv4 + ;; + sun2) + basic_machine=m68000-sun + basic_os= + ;; + sun2os3) + basic_machine=m68000-sun + basic_os=sunos3 + ;; + sun2os4) + basic_machine=m68000-sun + basic_os=sunos4 + ;; + sun3) + basic_machine=m68k-sun + basic_os= + ;; + sun3os3) + basic_machine=m68k-sun + basic_os=sunos3 + ;; + sun3os4) + basic_machine=m68k-sun + basic_os=sunos4 + ;; + sun4) + basic_machine=sparc-sun + basic_os= + ;; + sun4os3) + basic_machine=sparc-sun + basic_os=sunos3 + ;; + sun4os4) + basic_machine=sparc-sun + basic_os=sunos4 + ;; + sun4sol2) + basic_machine=sparc-sun + basic_os=solaris2 + ;; + sun386 | sun386i | roadrunner) + basic_machine=i386-sun + basic_os= + ;; + sv1) + basic_machine=sv1-cray + basic_os=unicos + ;; + symmetry) + basic_machine=i386-sequent + basic_os=dynix + ;; + t3e) + basic_machine=alphaev5-cray + basic_os=unicos + ;; + t90) + basic_machine=t90-cray + basic_os=unicos + ;; + toad1) + basic_machine=pdp10-xkl + basic_os=tops20 + ;; + tpf) + basic_machine=s390x-ibm + basic_os=tpf + ;; + udi29k) + basic_machine=a29k-amd + basic_os=udi + ;; + ultra3) + basic_machine=a29k-nyu + basic_os=sym1 + ;; + v810 | necv810) + basic_machine=v810-nec + basic_os=none + ;; + vaxv) + basic_machine=vax-dec + basic_os=sysv + ;; + vms) + basic_machine=vax-dec + basic_os=vms + ;; + vsta) + basic_machine=i386-pc + basic_os=vsta + ;; + vxworks960) + basic_machine=i960-wrs + basic_os=vxworks + ;; + vxworks68) + basic_machine=m68k-wrs + basic_os=vxworks + ;; + vxworks29k) + basic_machine=a29k-wrs + basic_os=vxworks + ;; + xbox) + basic_machine=i686-pc + basic_os=mingw32 + ;; + ymp) + basic_machine=ymp-cray + basic_os=unicos + ;; + *) + basic_machine=$1 + basic_os= + ;; + esac ;; esac -# Decode aliases for certain CPU-COMPANY combinations. +# Decode 1-component or ad-hoc basic machines case $basic_machine in - # Recognize the basic CPU types without company name. - # Some are omitted here because they have special meanings below. - 1750a | 580 \ - | a29k \ - | aarch64 | aarch64_be \ - | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \ - | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \ - | am33_2.0 \ - | arc | arceb \ - | arm | arm[bl]e | arme[lb] | armv[2-8] | armv[3-8][lb] | armv7[arm] \ - | avr | avr32 \ - | ba \ - | be32 | be64 \ - | bfin \ - | c4x | c8051 | clipper \ - | d10v | d30v | dlx | dsp16xx \ - | e2k | epiphany \ - | fido | fr30 | frv | ft32 \ - | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ - | hexagon \ - | i370 | i860 | i960 | ia16 | ia64 \ - | ip2k | iq2000 \ - | k1om \ - | le32 | le64 \ - | lm32 \ - | m32c | m32r | m32rle | m68000 | m68k | m88k \ - | maxq | mb | microblaze | microblazeel | mcore | mep | metag \ - | mips | mipsbe | mipseb | mipsel | mipsle \ - | mips16 \ - | mips64 | mips64el \ - | mips64octeon | mips64octeonel \ - | mips64orion | mips64orionel \ - | mips64r5900 | mips64r5900el \ - | mips64vr | mips64vrel \ - | mips64vr4100 | mips64vr4100el \ - | mips64vr4300 | mips64vr4300el \ - | mips64vr5000 | mips64vr5000el \ - | mips64vr5900 | mips64vr5900el \ - | mipsisa32 | mipsisa32el \ - | mipsisa32r2 | mipsisa32r2el \ - | mipsisa32r6 | mipsisa32r6el \ - | mipsisa64 | mipsisa64el \ - | mipsisa64r2 | mipsisa64r2el \ - | mipsisa64r6 | mipsisa64r6el \ - | mipsisa64sb1 | mipsisa64sb1el \ - | mipsisa64sr71k | mipsisa64sr71kel \ - | mipsr5900 | mipsr5900el \ - | mipstx39 | mipstx39el \ - | mn10200 | mn10300 \ - | moxie \ - | mt \ - | msp430 \ - | nds32 | nds32le | nds32be \ - | nios | nios2 | nios2eb | nios2el \ - | ns16k | ns32k \ - | open8 | or1k | or1knd | or32 \ - | pdp10 | pj | pjl \ - | powerpc | powerpc64 | powerpc64le | powerpcle \ - | pru \ - | pyramid \ - | riscv32 | riscv64 \ - | rl78 | rx \ - | score \ - | sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[234]eb | sheb | shbe | shle | sh[1234]le | sh3ele \ - | sh64 | sh64le \ - | sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \ - | sparcv8 | sparcv9 | sparcv9b | sparcv9v \ - | spu \ - | tahoe | tic4x | tic54x | tic55x | tic6x | tic80 | tron \ - | ubicom32 \ - | v850 | v850e | v850e1 | v850e2 | v850es | v850e2v3 \ - | visium \ - | wasm32 \ - | x86 | xc16x | xstormy16 | xtensa \ - | z8k | z80) - basic_machine=$basic_machine-unknown + # Here we handle the default manufacturer of certain CPU types. It is in + # some cases the only manufacturer, in others, it is the most popular. + w89k) + cpu=hppa1.1 + vendor=winbond ;; - c54x) - basic_machine=tic54x-unknown + op50n) + cpu=hppa1.1 + vendor=oki ;; - c55x) - basic_machine=tic55x-unknown + op60c) + cpu=hppa1.1 + vendor=oki ;; - c6x) - basic_machine=tic6x-unknown + ibm*) + cpu=i370 + vendor=ibm + ;; + orion105) + cpu=clipper + vendor=highlevel + ;; + mac | mpw | mac-mpw) + cpu=m68k + vendor=apple + ;; + pmac | pmac-mpw) + cpu=powerpc + vendor=apple + ;; + + # Recognize the various machine names and aliases which stand + # for a CPU type and a company and sometimes even an OS. + 3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc) + cpu=m68000 + vendor=att + ;; + 3b*) + cpu=we32k + vendor=att + ;; + bluegene*) + cpu=powerpc + vendor=ibm + basic_os=cnk + ;; + decsystem10* | dec10*) + cpu=pdp10 + vendor=dec + basic_os=tops10 + ;; + decsystem20* | dec20*) + cpu=pdp10 + vendor=dec + basic_os=tops20 + ;; + delta | 3300 | motorola-3300 | motorola-delta \ + | 3300-motorola | delta-motorola) + cpu=m68k + vendor=motorola + ;; + dpx2*) + cpu=m68k + vendor=bull + basic_os=sysv3 + ;; + encore | umax | mmax) + cpu=ns32k + vendor=encore + ;; + elxsi) + cpu=elxsi + vendor=elxsi + basic_os=${basic_os:-bsd} + ;; + fx2800) + cpu=i860 + vendor=alliant + ;; + genix) + cpu=ns32k + vendor=ns + ;; + h3050r* | hiux*) + cpu=hppa1.1 + vendor=hitachi + basic_os=hiuxwe2 + ;; + hp3k9[0-9][0-9] | hp9[0-9][0-9]) + cpu=hppa1.0 + vendor=hp + ;; + hp9k2[0-9][0-9] | hp9k31[0-9]) + cpu=m68000 + vendor=hp + ;; + hp9k3[2-9][0-9]) + cpu=m68k + vendor=hp + ;; + hp9k6[0-9][0-9] | hp6[0-9][0-9]) + cpu=hppa1.0 + vendor=hp + ;; + hp9k7[0-79][0-9] | hp7[0-79][0-9]) + cpu=hppa1.1 + vendor=hp + ;; + hp9k78[0-9] | hp78[0-9]) + # FIXME: really hppa2.0-hp + cpu=hppa1.1 + vendor=hp + ;; + hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893) + # FIXME: really hppa2.0-hp + cpu=hppa1.1 + vendor=hp + ;; + hp9k8[0-9][13679] | hp8[0-9][13679]) + cpu=hppa1.1 + vendor=hp + ;; + hp9k8[0-9][0-9] | hp8[0-9][0-9]) + cpu=hppa1.0 + vendor=hp + ;; + i*86v32) + cpu=`echo "$1" | sed -e 's/86.*/86/'` + vendor=pc + basic_os=sysv32 + ;; + i*86v4*) + cpu=`echo "$1" | sed -e 's/86.*/86/'` + vendor=pc + basic_os=sysv4 + ;; + i*86v) + cpu=`echo "$1" | sed -e 's/86.*/86/'` + vendor=pc + basic_os=sysv + ;; + i*86sol2) + cpu=`echo "$1" | sed -e 's/86.*/86/'` + vendor=pc + basic_os=solaris2 + ;; + j90 | j90-cray) + cpu=j90 + vendor=cray + basic_os=${basic_os:-unicos} + ;; + iris | iris4d) + cpu=mips + vendor=sgi + case $basic_os in + irix*) + ;; + *) + basic_os=irix4 + ;; + esac + ;; + miniframe) + cpu=m68000 + vendor=convergent + ;; + *mint | mint[0-9]* | *MiNT | *MiNT[0-9]*) + cpu=m68k + vendor=atari + basic_os=mint + ;; + news-3600 | risc-news) + cpu=mips + vendor=sony + basic_os=newsos + ;; + next | m*-next) + cpu=m68k + vendor=next + case $basic_os in + openstep*) + ;; + nextstep*) + ;; + ns2*) + basic_os=nextstep2 + ;; + *) + basic_os=nextstep3 + ;; + esac + ;; + np1) + cpu=np1 + vendor=gould + ;; + op50n-* | op60c-*) + cpu=hppa1.1 + vendor=oki + basic_os=proelf + ;; + pa-hitachi) + cpu=hppa1.1 + vendor=hitachi + basic_os=hiuxwe2 + ;; + pbd) + cpu=sparc + vendor=tti + ;; + pbb) + cpu=m68k + vendor=tti + ;; + pc532) + cpu=ns32k + vendor=pc532 + ;; + pn) + cpu=pn + vendor=gould + ;; + power) + cpu=power + vendor=ibm + ;; + ps2) + cpu=i386 + vendor=ibm + ;; + rm[46]00) + cpu=mips + vendor=siemens + ;; + rtpc | rtpc-*) + cpu=romp + vendor=ibm + ;; + sde) + cpu=mipsisa32 + vendor=sde + basic_os=${basic_os:-elf} + ;; + simso-wrs) + cpu=sparclite + vendor=wrs + basic_os=vxworks + ;; + tower | tower-32) + cpu=m68k + vendor=ncr + ;; + vpp*|vx|vx-*) + cpu=f301 + vendor=fujitsu + ;; + w65) + cpu=w65 + vendor=wdc + ;; + w89k-*) + cpu=hppa1.1 + vendor=winbond + basic_os=proelf + ;; + none) + cpu=none + vendor=none ;; leon|leon[3-9]) - basic_machine=sparc-$basic_machine + cpu=sparc + vendor=$basic_machine ;; - m6811 | m68hc11 | m6812 | m68hc12 | m68hcs12x | nvptx | picochip) - basic_machine=$basic_machine-unknown - os=-none - ;; - m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65) - ;; - ms1) - basic_machine=mt-unknown + leon-*|leon[3-9]-*) + cpu=sparc + vendor=`echo "$basic_machine" | sed 's/-.*//'` ;; - strongarm | thumb | xscale) - basic_machine=arm-unknown + *-*) + # shellcheck disable=SC2162 + saved_IFS=$IFS + IFS="-" read cpu vendor <&2 - exit 1 - ;; - # Recognize the basic CPU types with company name. - 580-* \ - | a29k-* \ - | aarch64-* | aarch64_be-* \ - | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \ - | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \ - | alphapca5[67]-* | alpha64pca5[67]-* | arc-* | arceb-* \ - | arm-* | armbe-* | armle-* | armeb-* | armv*-* \ - | avr-* | avr32-* \ - | ba-* \ - | be32-* | be64-* \ - | bfin-* | bs2000-* \ - | c[123]* | c30-* | [cjt]90-* | c4x-* \ - | c8051-* | clipper-* | craynv-* | cydra-* \ - | d10v-* | d30v-* | dlx-* \ - | e2k-* | elxsi-* \ - | f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \ - | h8300-* | h8500-* \ - | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ - | hexagon-* \ - | i*86-* | i860-* | i960-* | ia16-* | ia64-* \ - | ip2k-* | iq2000-* \ - | k1om-* \ - | le32-* | le64-* \ - | lm32-* \ - | m32c-* | m32r-* | m32rle-* \ - | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ - | m88110-* | m88k-* | maxq-* | mcore-* | metag-* \ - | microblaze-* | microblazeel-* \ - | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \ - | mips16-* \ - | mips64-* | mips64el-* \ - | mips64octeon-* | mips64octeonel-* \ - | mips64orion-* | mips64orionel-* \ - | mips64r5900-* | mips64r5900el-* \ - | mips64vr-* | mips64vrel-* \ - | mips64vr4100-* | mips64vr4100el-* \ - | mips64vr4300-* | mips64vr4300el-* \ - | mips64vr5000-* | mips64vr5000el-* \ - | mips64vr5900-* | mips64vr5900el-* \ - | mipsisa32-* | mipsisa32el-* \ - | mipsisa32r2-* | mipsisa32r2el-* \ - | mipsisa32r6-* | mipsisa32r6el-* \ - | mipsisa64-* | mipsisa64el-* \ - | mipsisa64r2-* | mipsisa64r2el-* \ - | mipsisa64r6-* | mipsisa64r6el-* \ - | mipsisa64sb1-* | mipsisa64sb1el-* \ - | mipsisa64sr71k-* | mipsisa64sr71kel-* \ - | mipsr5900-* | mipsr5900el-* \ - | mipstx39-* | mipstx39el-* \ - | mmix-* \ - | mt-* \ - | msp430-* \ - | nds32-* | nds32le-* | nds32be-* \ - | nios-* | nios2-* | nios2eb-* | nios2el-* \ - | none-* | np1-* | ns16k-* | ns32k-* \ - | open8-* \ - | or1k*-* \ - | orion-* \ - | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ - | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* \ - | pru-* \ - | pyramid-* \ - | riscv32-* | riscv64-* \ - | rl78-* | romp-* | rs6000-* | rx-* \ - | sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \ - | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ - | sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \ - | sparclite-* \ - | sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | sv1-* | sx*-* \ - | tahoe-* \ - | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \ - | tile*-* \ - | tron-* \ - | ubicom32-* \ - | v850-* | v850e-* | v850e1-* | v850es-* | v850e2-* | v850e2v3-* \ - | vax-* \ - | visium-* \ - | wasm32-* \ - | we32k-* \ - | x86-* | x86_64-* | xc16x-* | xps100-* \ - | xstormy16-* | xtensa*-* \ - | ymp-* \ - | z8k-* | z80-*) - ;; - # Recognize the basic CPU types without company name, with glob match. - xtensa*) - basic_machine=$basic_machine-unknown - ;; - # Recognize the various machine names and aliases which stand - # for a CPU type and a company and sometimes even an OS. - 386bsd) - basic_machine=i386-pc - os=-bsd - ;; - 3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc) - basic_machine=m68000-att - ;; - 3b*) - basic_machine=we32k-att - ;; - a29khif) - basic_machine=a29k-amd - os=-udi - ;; - abacus) - basic_machine=abacus-unknown - ;; - adobe68k) - basic_machine=m68010-adobe - os=-scout - ;; - alliant | fx80) - basic_machine=fx80-alliant - ;; - altos | altos3068) - basic_machine=m68k-altos - ;; - am29k) - basic_machine=a29k-none - os=-bsd - ;; - amd64) - basic_machine=x86_64-pc - ;; - amd64-*) - basic_machine=x86_64-`echo "$basic_machine" | sed 's/^[^-]*-//'` - ;; - amdahl) - basic_machine=580-amdahl - os=-sysv - ;; - amiga | amiga-*) - basic_machine=m68k-unknown - ;; - amigaos | amigados) - basic_machine=m68k-unknown - os=-amigaos - ;; - amigaunix | amix) - basic_machine=m68k-unknown - os=-sysv4 - ;; - apollo68) - basic_machine=m68k-apollo - os=-sysv - ;; - apollo68bsd) - basic_machine=m68k-apollo - os=-bsd - ;; - aros) - basic_machine=i386-pc - os=-aros - ;; - asmjs) - basic_machine=asmjs-unknown - ;; - aux) - basic_machine=m68k-apple - os=-aux - ;; - balance) - basic_machine=ns32k-sequent - os=-dynix - ;; - blackfin) - basic_machine=bfin-unknown - os=-linux - ;; - blackfin-*) - basic_machine=bfin-`echo "$basic_machine" | sed 's/^[^-]*-//'` - os=-linux - ;; - bluegene*) - basic_machine=powerpc-ibm - os=-cnk - ;; - c54x-*) - basic_machine=tic54x-`echo "$basic_machine" | sed 's/^[^-]*-//'` - ;; - c55x-*) - basic_machine=tic55x-`echo "$basic_machine" | sed 's/^[^-]*-//'` - ;; - c6x-*) - basic_machine=tic6x-`echo "$basic_machine" | sed 's/^[^-]*-//'` - ;; - c90) - basic_machine=c90-cray - os=-unicos - ;; - cegcc) - basic_machine=arm-unknown - os=-cegcc - ;; - convex-c1) - basic_machine=c1-convex - os=-bsd - ;; - convex-c2) - basic_machine=c2-convex - os=-bsd - ;; - convex-c32) - basic_machine=c32-convex - os=-bsd - ;; - convex-c34) - basic_machine=c34-convex - os=-bsd - ;; - convex-c38) - basic_machine=c38-convex - os=-bsd - ;; - cray | j90) - basic_machine=j90-cray - os=-unicos - ;; - craynv) - basic_machine=craynv-cray - os=-unicosmp - ;; - cr16 | cr16-*) - basic_machine=cr16-unknown - os=-elf - ;; - crds | unos) - basic_machine=m68k-crds - ;; - crisv32 | crisv32-* | etraxfs*) - basic_machine=crisv32-axis - ;; - cris | cris-* | etrax*) - basic_machine=cris-axis - ;; - crx) - basic_machine=crx-unknown - os=-elf - ;; - da30 | da30-*) - basic_machine=m68k-da30 - ;; - decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn) - basic_machine=mips-dec - ;; - decsystem10* | dec10*) - basic_machine=pdp10-dec - os=-tops10 - ;; - decsystem20* | dec20*) - basic_machine=pdp10-dec - os=-tops20 - ;; - delta | 3300 | motorola-3300 | motorola-delta \ - | 3300-motorola | delta-motorola) - basic_machine=m68k-motorola - ;; - delta88) - basic_machine=m88k-motorola - os=-sysv3 - ;; - dicos) - basic_machine=i686-pc - os=-dicos - ;; - djgpp) - basic_machine=i586-pc - os=-msdosdjgpp - ;; - dpx20 | dpx20-*) - basic_machine=rs6000-bull - os=-bosx - ;; - dpx2*) - basic_machine=m68k-bull - os=-sysv3 - ;; - e500v[12]) - basic_machine=powerpc-unknown - os=$os"spe" - ;; - e500v[12]-*) - basic_machine=powerpc-`echo "$basic_machine" | sed 's/^[^-]*-//'` - os=$os"spe" - ;; - ebmon29k) - basic_machine=a29k-amd - os=-ebmon - ;; - elxsi) - basic_machine=elxsi-elxsi - os=-bsd - ;; - encore | umax | mmax) - basic_machine=ns32k-encore - ;; - es1800 | OSE68k | ose68k | ose | OSE) - basic_machine=m68k-ericsson - os=-ose - ;; - fx2800) - basic_machine=i860-alliant - ;; - genix) - basic_machine=ns32k-ns - ;; - gmicro) - basic_machine=tron-gmicro - os=-sysv - ;; - go32) - basic_machine=i386-pc - os=-go32 - ;; - h3050r* | hiux*) - basic_machine=hppa1.1-hitachi - os=-hiuxwe2 - ;; - h8300hms) - basic_machine=h8300-hitachi - os=-hms - ;; - h8300xray) - basic_machine=h8300-hitachi - os=-xray - ;; - h8500hms) - basic_machine=h8500-hitachi - os=-hms - ;; - harris) - basic_machine=m88k-harris - os=-sysv3 - ;; - hp300-*) - basic_machine=m68k-hp - ;; - hp300bsd) - basic_machine=m68k-hp - os=-bsd - ;; - hp300hpux) - basic_machine=m68k-hp - os=-hpux - ;; - hp3k9[0-9][0-9] | hp9[0-9][0-9]) - basic_machine=hppa1.0-hp - ;; - hp9k2[0-9][0-9] | hp9k31[0-9]) - basic_machine=m68000-hp - ;; - hp9k3[2-9][0-9]) - basic_machine=m68k-hp - ;; - hp9k6[0-9][0-9] | hp6[0-9][0-9]) - basic_machine=hppa1.0-hp - ;; - hp9k7[0-79][0-9] | hp7[0-79][0-9]) - basic_machine=hppa1.1-hp - ;; - hp9k78[0-9] | hp78[0-9]) - # FIXME: really hppa2.0-hp - basic_machine=hppa1.1-hp - ;; - hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893) - # FIXME: really hppa2.0-hp - basic_machine=hppa1.1-hp - ;; - hp9k8[0-9][13679] | hp8[0-9][13679]) - basic_machine=hppa1.1-hp - ;; - hp9k8[0-9][0-9] | hp8[0-9][0-9]) - basic_machine=hppa1.0-hp - ;; - hppaosf) - basic_machine=hppa1.1-hp - os=-osf - ;; - hppro) - basic_machine=hppa1.1-hp - os=-proelf - ;; - i370-ibm* | ibm*) - basic_machine=i370-ibm - ;; - i*86v32) - basic_machine=`echo "$1" | sed -e 's/86.*/86-pc/'` - os=-sysv32 - ;; - i*86v4*) - basic_machine=`echo "$1" | sed -e 's/86.*/86-pc/'` - os=-sysv4 - ;; - i*86v) - basic_machine=`echo "$1" | sed -e 's/86.*/86-pc/'` - os=-sysv - ;; - i*86sol2) - basic_machine=`echo "$1" | sed -e 's/86.*/86-pc/'` - os=-solaris2 - ;; - i386mach) - basic_machine=i386-mach - os=-mach - ;; - vsta) - basic_machine=i386-unknown - os=-vsta - ;; - iris | iris4d) - basic_machine=mips-sgi - case $os in - -irix*) - ;; - *) - os=-irix4 - ;; - esac - ;; - isi68 | isi) - basic_machine=m68k-isi - os=-sysv - ;; - leon-*|leon[3-9]-*) - basic_machine=sparc-`echo "$basic_machine" | sed 's/-.*//'` - ;; - m68knommu) - basic_machine=m68k-unknown - os=-linux - ;; - m68knommu-*) - basic_machine=m68k-`echo "$basic_machine" | sed 's/^[^-]*-//'` - os=-linux - ;; - magnum | m3230) - basic_machine=mips-mips - os=-sysv - ;; - merlin) - basic_machine=ns32k-utek - os=-sysv - ;; - microblaze*) - basic_machine=microblaze-xilinx - ;; - mingw64) - basic_machine=x86_64-pc - os=-mingw64 - ;; - mingw32) - basic_machine=i686-pc - os=-mingw32 - ;; - mingw32ce) - basic_machine=arm-unknown - os=-mingw32ce - ;; - miniframe) - basic_machine=m68000-convergent - ;; - *mint | -mint[0-9]* | *MiNT | *MiNT[0-9]*) - basic_machine=m68k-atari - os=-mint - ;; - mips3*-*) - basic_machine=`echo "$basic_machine" | sed -e 's/mips3/mips64/'` - ;; - mips3*) - basic_machine=`echo "$basic_machine" | sed -e 's/mips3/mips64/'`-unknown - ;; - monitor) - basic_machine=m68k-rom68k - os=-coff - ;; - morphos) - basic_machine=powerpc-unknown - os=-morphos - ;; - moxiebox) - basic_machine=moxie-unknown - os=-moxiebox - ;; - msdos) - basic_machine=i386-pc - os=-msdos - ;; - ms1-*) - basic_machine=`echo "$basic_machine" | sed -e 's/ms1-/mt-/'` - ;; - msys) - basic_machine=i686-pc - os=-msys - ;; - mvs) - basic_machine=i370-ibm - os=-mvs - ;; - nacl) - basic_machine=le32-unknown - os=-nacl - ;; - ncr3000) - basic_machine=i486-ncr - os=-sysv4 - ;; - netbsd386) - basic_machine=i386-unknown - os=-netbsd - ;; - netwinder) - basic_machine=armv4l-rebel - os=-linux - ;; - news | news700 | news800 | news900) - basic_machine=m68k-sony - os=-newsos - ;; - news1000) - basic_machine=m68030-sony - os=-newsos - ;; - news-3600 | risc-news) - basic_machine=mips-sony - os=-newsos - ;; - necv70) - basic_machine=v70-nec - os=-sysv - ;; - next | m*-next) - basic_machine=m68k-next - case $os in - -nextstep* ) - ;; - -ns2*) - os=-nextstep2 - ;; - *) - os=-nextstep3 - ;; - esac - ;; - nh3000) - basic_machine=m68k-harris - os=-cxux - ;; - nh[45]000) - basic_machine=m88k-harris - os=-cxux - ;; - nindy960) - basic_machine=i960-intel - os=-nindy - ;; - mon960) - basic_machine=i960-intel - os=-mon960 - ;; - nonstopux) - basic_machine=mips-compaq - os=-nonstopux - ;; - np1) - basic_machine=np1-gould - ;; - neo-tandem) - basic_machine=neo-tandem - ;; - nse-tandem) - basic_machine=nse-tandem - ;; - nsr-tandem) - basic_machine=nsr-tandem - ;; - nsv-tandem) - basic_machine=nsv-tandem - ;; - nsx-tandem) - basic_machine=nsx-tandem - ;; - op50n-* | op60c-*) - basic_machine=hppa1.1-oki - os=-proelf - ;; - openrisc | openrisc-*) - basic_machine=or32-unknown - ;; - os400) - basic_machine=powerpc-ibm - os=-os400 - ;; - OSE68000 | ose68000) - basic_machine=m68000-ericsson - os=-ose - ;; - os68k) - basic_machine=m68k-none - os=-os68k - ;; - pa-hitachi) - basic_machine=hppa1.1-hitachi - os=-hiuxwe2 - ;; - paragon) - basic_machine=i860-intel - os=-osf - ;; - parisc) - basic_machine=hppa-unknown - os=-linux - ;; - parisc-*) - basic_machine=hppa-`echo "$basic_machine" | sed 's/^[^-]*-//'` - os=-linux - ;; - pbd) - basic_machine=sparc-tti - ;; - pbb) - basic_machine=m68k-tti - ;; - pc532 | pc532-*) - basic_machine=ns32k-pc532 + cpu=$basic_machine + vendor=pc ;; + # These rules are duplicated from below for sake of the special case above; + # i.e. things that normalized to x86 arches should also default to "pc" pc98) - basic_machine=i386-pc + cpu=i386 + vendor=pc ;; - pc98-*) - basic_machine=i386-`echo "$basic_machine" | sed 's/^[^-]*-//'` + x64 | amd64) + cpu=x86_64 + vendor=pc ;; - pentium | p5 | k5 | k6 | nexgen | viac3) - basic_machine=i586-pc + # Recognize the basic CPU types without company name. + *) + cpu=$basic_machine + vendor=unknown ;; - pentiumpro | p6 | 6x86 | athlon | athlon_*) - basic_machine=i686-pc +esac + +unset -v basic_machine + +# Decode basic machines in the full and proper CPU-Company form. +case $cpu-$vendor in + # Here we handle the default manufacturer of certain CPU types in canonical form. It is in + # some cases the only manufacturer, in others, it is the most popular. + craynv-unknown) + vendor=cray + basic_os=${basic_os:-unicosmp} ;; - pentiumii | pentium2 | pentiumiii | pentium3) - basic_machine=i686-pc + c90-unknown | c90-cray) + vendor=cray + basic_os=${Basic_os:-unicos} ;; - pentium4) - basic_machine=i786-pc + fx80-unknown) + vendor=alliant ;; - pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*) - basic_machine=i586-`echo "$basic_machine" | sed 's/^[^-]*-//'` + romp-unknown) + vendor=ibm ;; - pentiumpro-* | p6-* | 6x86-* | athlon-*) - basic_machine=i686-`echo "$basic_machine" | sed 's/^[^-]*-//'` + mmix-unknown) + vendor=knuth ;; - pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*) - basic_machine=i686-`echo "$basic_machine" | sed 's/^[^-]*-//'` + microblaze-unknown | microblazeel-unknown) + vendor=xilinx ;; - pentium4-*) - basic_machine=i786-`echo "$basic_machine" | sed 's/^[^-]*-//'` + rs6000-unknown) + vendor=ibm ;; - pn) - basic_machine=pn-gould + vax-unknown) + vendor=dec ;; - power) basic_machine=power-ibm + pdp11-unknown) + vendor=dec ;; - ppc | ppcbe) basic_machine=powerpc-unknown + we32k-unknown) + vendor=att ;; - ppc-* | ppcbe-*) - basic_machine=powerpc-`echo "$basic_machine" | sed 's/^[^-]*-//'` + cydra-unknown) + vendor=cydrome ;; - ppcle | powerpclittle) - basic_machine=powerpcle-unknown + i370-ibm*) + vendor=ibm ;; - ppcle-* | powerpclittle-*) - basic_machine=powerpcle-`echo "$basic_machine" | sed 's/^[^-]*-//'` + orion-unknown) + vendor=highlevel ;; - ppc64) basic_machine=powerpc64-unknown - ;; - ppc64-*) basic_machine=powerpc64-`echo "$basic_machine" | sed 's/^[^-]*-//'` - ;; - ppc64le | powerpc64little) - basic_machine=powerpc64le-unknown - ;; - ppc64le-* | powerpc64little-*) - basic_machine=powerpc64le-`echo "$basic_machine" | sed 's/^[^-]*-//'` - ;; - ps2) - basic_machine=i386-ibm - ;; - pw32) - basic_machine=i586-unknown - os=-pw32 - ;; - rdos | rdos64) - basic_machine=x86_64-pc - os=-rdos - ;; - rdos32) - basic_machine=i386-pc - os=-rdos - ;; - rom68k) - basic_machine=m68k-rom68k - os=-coff - ;; - rm[46]00) - basic_machine=mips-siemens - ;; - rtpc | rtpc-*) - basic_machine=romp-ibm - ;; - s390 | s390-*) - basic_machine=s390-ibm - ;; - s390x | s390x-*) - basic_machine=s390x-ibm - ;; - sa29200) - basic_machine=a29k-amd - os=-udi - ;; - sb1) - basic_machine=mipsisa64sb1-unknown - ;; - sb1el) - basic_machine=mipsisa64sb1el-unknown - ;; - sde) - basic_machine=mipsisa32-sde - os=-elf - ;; - sei) - basic_machine=mips-sei - os=-seiux - ;; - sequent) - basic_machine=i386-sequent - ;; - sh5el) - basic_machine=sh5le-unknown - ;; - simso-wrs) - basic_machine=sparclite-wrs - os=-vxworks - ;; - sps7) - basic_machine=m68k-bull - os=-sysv2 - ;; - spur) - basic_machine=spur-unknown - ;; - st2000) - basic_machine=m68k-tandem - ;; - stratus) - basic_machine=i860-stratus - os=-sysv4 - ;; - strongarm-* | thumb-*) - basic_machine=arm-`echo "$basic_machine" | sed 's/^[^-]*-//'` - ;; - sun2) - basic_machine=m68000-sun - ;; - sun2os3) - basic_machine=m68000-sun - os=-sunos3 - ;; - sun2os4) - basic_machine=m68000-sun - os=-sunos4 - ;; - sun3os3) - basic_machine=m68k-sun - os=-sunos3 - ;; - sun3os4) - basic_machine=m68k-sun - os=-sunos4 - ;; - sun4os3) - basic_machine=sparc-sun - os=-sunos3 - ;; - sun4os4) - basic_machine=sparc-sun - os=-sunos4 - ;; - sun4sol2) - basic_machine=sparc-sun - os=-solaris2 - ;; - sun3 | sun3-*) - basic_machine=m68k-sun - ;; - sun4) - basic_machine=sparc-sun - ;; - sun386 | sun386i | roadrunner) - basic_machine=i386-sun - ;; - sv1) - basic_machine=sv1-cray - os=-unicos - ;; - symmetry) - basic_machine=i386-sequent - os=-dynix - ;; - t3e) - basic_machine=alphaev5-cray - os=-unicos - ;; - t90) - basic_machine=t90-cray - os=-unicos - ;; - tile*) - basic_machine=$basic_machine-unknown - os=-linux-gnu - ;; - tx39) - basic_machine=mipstx39-unknown - ;; - tx39el) - basic_machine=mipstx39el-unknown - ;; - toad1) - basic_machine=pdp10-xkl - os=-tops20 - ;; - tower | tower-32) - basic_machine=m68k-ncr - ;; - tpf) - basic_machine=s390x-ibm - os=-tpf - ;; - udi29k) - basic_machine=a29k-amd - os=-udi - ;; - ultra3) - basic_machine=a29k-nyu - os=-sym1 - ;; - v810 | necv810) - basic_machine=v810-nec - os=-none - ;; - vaxv) - basic_machine=vax-dec - os=-sysv - ;; - vms) - basic_machine=vax-dec - os=-vms - ;; - vpp*|vx|vx-*) - basic_machine=f301-fujitsu - ;; - vxworks960) - basic_machine=i960-wrs - os=-vxworks - ;; - vxworks68) - basic_machine=m68k-wrs - os=-vxworks - ;; - vxworks29k) - basic_machine=a29k-wrs - os=-vxworks - ;; - w65*) - basic_machine=w65-wdc - os=-none - ;; - w89k-*) - basic_machine=hppa1.1-winbond - os=-proelf - ;; - x64) - basic_machine=x86_64-pc - ;; - xbox) - basic_machine=i686-pc - os=-mingw32 - ;; - xps | xps100) - basic_machine=xps100-honeywell - ;; - xscale-* | xscalee[bl]-*) - basic_machine=`echo "$basic_machine" | sed 's/^xscale/arm/'` - ;; - ymp) - basic_machine=ymp-cray - os=-unicos - ;; - none) - basic_machine=none-none - os=-none + xps-unknown | xps100-unknown) + cpu=xps100 + vendor=honeywell ;; -# Here we handle the default manufacturer of certain CPU types. It is in -# some cases the only manufacturer, in others, it is the most popular. - w89k) - basic_machine=hppa1.1-winbond + # Here we normalize CPU types with a missing or matching vendor + armh-unknown | armh-alt) + cpu=armv7l + vendor=alt + basic_os=${basic_os:-linux-gnueabihf} ;; - op50n) - basic_machine=hppa1.1-oki + dpx20-unknown | dpx20-bull) + cpu=rs6000 + vendor=bull + basic_os=${basic_os:-bosx} ;; - op60c) - basic_machine=hppa1.1-oki + + # Here we normalize CPU types irrespective of the vendor + amd64-*) + cpu=x86_64 ;; - romp) - basic_machine=romp-ibm + blackfin-*) + cpu=bfin + basic_os=linux ;; - mmix) - basic_machine=mmix-knuth + c54x-*) + cpu=tic54x ;; - rs6000) - basic_machine=rs6000-ibm + c55x-*) + cpu=tic55x ;; - vax) - basic_machine=vax-dec + c6x-*) + cpu=tic6x ;; - pdp11) - basic_machine=pdp11-dec + e500v[12]-*) + cpu=powerpc + basic_os=${basic_os}"spe" ;; - we32k) - basic_machine=we32k-att + mips3*-*) + cpu=mips64 ;; - sh[1234] | sh[24]a | sh[24]aeb | sh[34]eb | sh[1234]le | sh[23]ele) - basic_machine=sh-unknown + ms1-*) + cpu=mt ;; - cydra) - basic_machine=cydra-cydrome + m68knommu-*) + cpu=m68k + basic_os=linux ;; - orion) - basic_machine=orion-highlevel + m9s12z-* | m68hcs12z-* | hcs12z-* | s12z-*) + cpu=s12z ;; - orion105) - basic_machine=clipper-highlevel + openrisc-*) + cpu=or32 ;; - mac | mpw | mac-mpw) - basic_machine=m68k-apple + parisc-*) + cpu=hppa + basic_os=linux ;; - pmac | pmac-mpw) - basic_machine=powerpc-apple + pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*) + cpu=i586 ;; - *-unknown) - # Make sure to match an already-canonicalized machine name. + pentiumpro-* | p6-* | 6x86-* | athlon-* | athalon_*-*) + cpu=i686 ;; + pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*) + cpu=i686 + ;; + pentium4-*) + cpu=i786 + ;; + pc98-*) + cpu=i386 + ;; + ppc-* | ppcbe-*) + cpu=powerpc + ;; + ppcle-* | powerpclittle-*) + cpu=powerpcle + ;; + ppc64-*) + cpu=powerpc64 + ;; + ppc64le-* | powerpc64little-*) + cpu=powerpc64le + ;; + sb1-*) + cpu=mipsisa64sb1 + ;; + sb1el-*) + cpu=mipsisa64sb1el + ;; + sh5e[lb]-*) + cpu=`echo "$cpu" | sed 's/^\(sh.\)e\(.\)$/\1\2e/'` + ;; + spur-*) + cpu=spur + ;; + strongarm-* | thumb-*) + cpu=arm + ;; + tx39-*) + cpu=mipstx39 + ;; + tx39el-*) + cpu=mipstx39el + ;; + x64-*) + cpu=x86_64 + ;; + xscale-* | xscalee[bl]-*) + cpu=`echo "$cpu" | sed 's/^xscale/arm/'` + ;; + arm64-* | aarch64le-*) + cpu=aarch64 + ;; + + # Recognize the canonical CPU Types that limit and/or modify the + # company names they are paired with. + cr16-*) + basic_os=${basic_os:-elf} + ;; + crisv32-* | etraxfs*-*) + cpu=crisv32 + vendor=axis + ;; + cris-* | etrax*-*) + cpu=cris + vendor=axis + ;; + crx-*) + basic_os=${basic_os:-elf} + ;; + neo-tandem) + cpu=neo + vendor=tandem + ;; + nse-tandem) + cpu=nse + vendor=tandem + ;; + nsr-tandem) + cpu=nsr + vendor=tandem + ;; + nsv-tandem) + cpu=nsv + vendor=tandem + ;; + nsx-tandem) + cpu=nsx + vendor=tandem + ;; + mipsallegrexel-sony) + cpu=mipsallegrexel + vendor=sony + ;; + tile*-*) + basic_os=${basic_os:-linux-gnu} + ;; + *) - echo Invalid configuration \`"$1"\': machine \`"$basic_machine"\' not recognized 1>&2 - exit 1 + # Recognize the canonical CPU types that are allowed with any + # company name. + case $cpu in + 1750a | 580 \ + | a29k \ + | aarch64 | aarch64_be \ + | abacus \ + | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] \ + | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] \ + | alphapca5[67] | alpha64pca5[67] \ + | am33_2.0 \ + | amdgcn \ + | arc | arceb | arc32 | arc64 \ + | arm | arm[lb]e | arme[lb] | armv* \ + | avr | avr32 \ + | asmjs \ + | ba \ + | be32 | be64 \ + | bfin | bpf | bs2000 \ + | c[123]* | c30 | [cjt]90 | c4x \ + | c8051 | clipper | craynv | csky | cydra \ + | d10v | d30v | dlx | dsp16xx \ + | e2k | elxsi | epiphany \ + | f30[01] | f700 | fido | fr30 | frv | ft32 | fx80 \ + | h8300 | h8500 \ + | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ + | hexagon \ + | i370 | i*86 | i860 | i960 | ia16 | ia64 \ + | ip2k | iq2000 \ + | k1om \ + | le32 | le64 \ + | lm32 \ + | loongarch32 | loongarch64 | loongarchx32 \ + | m32c | m32r | m32rle \ + | m5200 | m68000 | m680[012346]0 | m68360 | m683?2 | m68k \ + | m6811 | m68hc11 | m6812 | m68hc12 | m68hcs12x \ + | m88110 | m88k | maxq | mb | mcore | mep | metag \ + | microblaze | microblazeel \ + | mips | mipsbe | mipseb | mipsel | mipsle \ + | mips16 \ + | mips64 | mips64eb | mips64el \ + | mips64octeon | mips64octeonel \ + | mips64orion | mips64orionel \ + | mips64r5900 | mips64r5900el \ + | mips64vr | mips64vrel \ + | mips64vr4100 | mips64vr4100el \ + | mips64vr4300 | mips64vr4300el \ + | mips64vr5000 | mips64vr5000el \ + | mips64vr5900 | mips64vr5900el \ + | mipsisa32 | mipsisa32el \ + | mipsisa32r2 | mipsisa32r2el \ + | mipsisa32r3 | mipsisa32r3el \ + | mipsisa32r5 | mipsisa32r5el \ + | mipsisa32r6 | mipsisa32r6el \ + | mipsisa64 | mipsisa64el \ + | mipsisa64r2 | mipsisa64r2el \ + | mipsisa64r3 | mipsisa64r3el \ + | mipsisa64r5 | mipsisa64r5el \ + | mipsisa64r6 | mipsisa64r6el \ + | mipsisa64sb1 | mipsisa64sb1el \ + | mipsisa64sr71k | mipsisa64sr71kel \ + | mipsr5900 | mipsr5900el \ + | mipstx39 | mipstx39el \ + | mmix \ + | mn10200 | mn10300 \ + | moxie \ + | mt \ + | msp430 \ + | nds32 | nds32le | nds32be \ + | nfp \ + | nios | nios2 | nios2eb | nios2el \ + | none | np1 | ns16k | ns32k | nvptx \ + | open8 \ + | or1k* \ + | or32 \ + | orion \ + | picochip \ + | pdp10 | pdp11 | pj | pjl | pn | power \ + | powerpc | powerpc64 | powerpc64le | powerpcle | powerpcspe \ + | pru \ + | pyramid \ + | riscv | riscv32 | riscv32be | riscv64 | riscv64be \ + | rl78 | romp | rs6000 | rx \ + | s390 | s390x \ + | score \ + | sh | shl \ + | sh[1234] | sh[24]a | sh[24]ae[lb] | sh[23]e | she[lb] | sh[lb]e \ + | sh[1234]e[lb] | sh[12345][lb]e | sh[23]ele | sh64 | sh64le \ + | sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet \ + | sparclite \ + | sparcv8 | sparcv9 | sparcv9b | sparcv9v | sv1 | sx* \ + | spu \ + | tahoe \ + | thumbv7* \ + | tic30 | tic4x | tic54x | tic55x | tic6x | tic80 \ + | tron \ + | ubicom32 \ + | v70 | v850 | v850e | v850e1 | v850es | v850e2 | v850e2v3 \ + | vax \ + | visium \ + | w65 \ + | wasm32 | wasm64 \ + | we32k \ + | x86 | x86_64 | xc16x | xgate | xps100 \ + | xstormy16 | xtensa* \ + | ymp \ + | z8k | z80) + ;; + + *) + echo Invalid configuration \`"$1"\': machine \`"$cpu-$vendor"\' not recognized 1>&2 + exit 1 + ;; + esac ;; esac # Here we canonicalize certain aliases for manufacturers. -case $basic_machine in - *-digital*) - basic_machine=`echo "$basic_machine" | sed 's/digital.*/dec/'` +case $vendor in + digital*) + vendor=dec ;; - *-commodore*) - basic_machine=`echo "$basic_machine" | sed 's/commodore.*/cbm/'` + commodore*) + vendor=cbm ;; *) ;; @@ -1334,203 +1306,215 @@ esac # Decode manufacturer-specific aliases for certain operating systems. -if [ x"$os" != x"" ] +if test x$basic_os != x then + +# First recognize some ad-hoc cases, or perhaps split kernel-os, or else just +# set os. +case $basic_os in + gnu/linux*) + kernel=linux + os=`echo "$basic_os" | sed -e 's|gnu/linux|gnu|'` + ;; + os2-emx) + kernel=os2 + os=`echo "$basic_os" | sed -e 's|os2-emx|emx|'` + ;; + nto-qnx*) + kernel=nto + os=`echo "$basic_os" | sed -e 's|nto-qnx|qnx|'` + ;; + *-*) + # shellcheck disable=SC2162 + saved_IFS=$IFS + IFS="-" read kernel os <&2 - exit 1 + # No normalization, but not necessarily accepted, that comes below. ;; esac + else # Here we handle the default operating systems that come with various machines. @@ -1543,258 +1527,363 @@ else # will signal an error saying that MANUFACTURER isn't an operating # system, and we'll never get to this point. -case $basic_machine in +kernel= +case $cpu-$vendor in score-*) - os=-elf + os=elf ;; spu-*) - os=-elf + os=elf ;; *-acorn) - os=-riscix1.2 + os=riscix1.2 ;; arm*-rebel) - os=-linux + kernel=linux + os=gnu ;; arm*-semi) - os=-aout + os=aout ;; c4x-* | tic4x-*) - os=-coff + os=coff ;; c8051-*) - os=-elf + os=elf + ;; + clipper-intergraph) + os=clix ;; hexagon-*) - os=-elf + os=elf ;; tic54x-*) - os=-coff + os=coff ;; tic55x-*) - os=-coff + os=coff ;; tic6x-*) - os=-coff + os=coff ;; # This must come before the *-dec entry. pdp10-*) - os=-tops20 + os=tops20 ;; pdp11-*) - os=-none + os=none ;; *-dec | vax-*) - os=-ultrix4.2 + os=ultrix4.2 ;; m68*-apollo) - os=-domain + os=domain ;; i386-sun) - os=-sunos4.0.2 + os=sunos4.0.2 ;; m68000-sun) - os=-sunos3 + os=sunos3 ;; m68*-cisco) - os=-aout + os=aout ;; mep-*) - os=-elf + os=elf ;; mips*-cisco) - os=-elf + os=elf ;; mips*-*) - os=-elf + os=elf ;; or32-*) - os=-coff + os=coff ;; *-tti) # must be before sparc entry or we get the wrong os. - os=-sysv3 + os=sysv3 ;; sparc-* | *-sun) - os=-sunos4.1.1 + os=sunos4.1.1 ;; pru-*) - os=-elf + os=elf ;; *-be) - os=-beos + os=beos ;; *-ibm) - os=-aix + os=aix ;; *-knuth) - os=-mmixware + os=mmixware ;; *-wec) - os=-proelf + os=proelf ;; *-winbond) - os=-proelf + os=proelf ;; *-oki) - os=-proelf + os=proelf ;; *-hp) - os=-hpux + os=hpux ;; *-hitachi) - os=-hiux + os=hiux ;; i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent) - os=-sysv + os=sysv ;; *-cbm) - os=-amigaos + os=amigaos ;; *-dg) - os=-dgux + os=dgux ;; *-dolphin) - os=-sysv3 + os=sysv3 ;; m68k-ccur) - os=-rtu + os=rtu ;; m88k-omron*) - os=-luna + os=luna ;; *-next) - os=-nextstep + os=nextstep ;; *-sequent) - os=-ptx + os=ptx ;; *-crds) - os=-unos + os=unos ;; *-ns) - os=-genix + os=genix ;; i370-*) - os=-mvs + os=mvs ;; *-gould) - os=-sysv + os=sysv ;; *-highlevel) - os=-bsd + os=bsd ;; *-encore) - os=-bsd + os=bsd ;; *-sgi) - os=-irix + os=irix ;; *-siemens) - os=-sysv4 + os=sysv4 ;; *-masscomp) - os=-rtu + os=rtu ;; f30[01]-fujitsu | f700-fujitsu) - os=-uxpv + os=uxpv ;; *-rom68k) - os=-coff + os=coff ;; *-*bug) - os=-coff + os=coff ;; *-apple) - os=-macos + os=macos ;; *-atari*) - os=-mint + os=mint + ;; + *-wrs) + os=vxworks ;; *) - os=-none + os=none ;; esac + fi +# Now, validate our (potentially fixed-up) OS. +case $os in + # Sometimes we do "kernel-libc", so those need to count as OSes. + musl* | newlib* | relibc* | uclibc*) + ;; + # Likewise for "kernel-abi" + eabi* | gnueabi*) + ;; + # VxWorks passes extra cpu info in the 4th filed. + simlinux | simwindows | spe) + ;; + # Now accept the basic system types. + # The portable systems comes first. + # Each alternative MUST end in a * to match a version number. + gnu* | android* | bsd* | mach* | minix* | genix* | ultrix* | irix* \ + | *vms* | esix* | aix* | cnk* | sunos | sunos[34]* \ + | hpux* | unos* | osf* | luna* | dgux* | auroraux* | solaris* \ + | sym* | plan9* | psp* | sim* | xray* | os68k* | v88r* \ + | hiux* | abug | nacl* | netware* | windows* \ + | os9* | macos* | osx* | ios* \ + | mpw* | magic* | mmixware* | mon960* | lnews* \ + | amigaos* | amigados* | msdos* | newsos* | unicos* | aof* \ + | aos* | aros* | cloudabi* | sortix* | twizzler* \ + | nindy* | vxsim* | vxworks* | ebmon* | hms* | mvs* \ + | clix* | riscos* | uniplus* | iris* | isc* | rtu* | xenix* \ + | mirbsd* | netbsd* | dicos* | openedition* | ose* \ + | bitrig* | openbsd* | secbsd* | solidbsd* | libertybsd* | os108* \ + | ekkobsd* | freebsd* | riscix* | lynxos* | os400* \ + | bosx* | nextstep* | cxux* | aout* | elf* | oabi* \ + | ptx* | coff* | ecoff* | winnt* | domain* | vsta* \ + | udi* | lites* | ieee* | go32* | aux* | hcos* \ + | chorusrdb* | cegcc* | glidix* | serenity* \ + | cygwin* | msys* | pe* | moss* | proelf* | rtems* \ + | midipix* | mingw32* | mingw64* | mint* \ + | uxpv* | beos* | mpeix* | udk* | moxiebox* \ + | interix* | uwin* | mks* | rhapsody* | darwin* \ + | openstep* | oskit* | conix* | pw32* | nonstopux* \ + | storm-chaos* | tops10* | tenex* | tops20* | its* \ + | os2* | vos* | palmos* | uclinux* | nucleus* | morphos* \ + | scout* | superux* | sysv* | rtmk* | tpf* | windiss* \ + | powermax* | dnix* | nx6 | nx7 | sei* | dragonfly* \ + | skyos* | haiku* | rdos* | toppers* | drops* | es* \ + | onefs* | tirtos* | phoenix* | fuchsia* | redox* | bme* \ + | midnightbsd* | amdhsa* | unleashed* | emscripten* | wasi* \ + | nsk* | powerunix* | genode* | zvmoe* | qnx* | emx* | zephyr* \ + | fiwix* ) + ;; + # This one is extra strict with allowed versions + sco3.2v2 | sco3.2v[4-9]* | sco5v6*) + # Don't forget version if it is 3.2v4 or newer. + ;; + none) + ;; + *) + echo Invalid configuration \`"$1"\': OS \`"$os"\' not recognized 1>&2 + exit 1 + ;; +esac + +# As a final step for OS-related things, validate the OS-kernel combination +# (given a valid OS), if there is a kernel. +case $kernel-$os in + linux-gnu* | linux-dietlibc* | linux-android* | linux-newlib* \ + | linux-musl* | linux-relibc* | linux-uclibc* ) + ;; + uclinux-uclibc* ) + ;; + -dietlibc* | -newlib* | -musl* | -relibc* | -uclibc* ) + # These are just libc implementations, not actual OSes, and thus + # require a kernel. + echo "Invalid configuration \`$1': libc \`$os' needs explicit kernel." 1>&2 + exit 1 + ;; + kfreebsd*-gnu* | kopensolaris*-gnu*) + ;; + vxworks-simlinux | vxworks-simwindows | vxworks-spe) + ;; + nto-qnx*) + ;; + os2-emx) + ;; + *-eabi* | *-gnueabi*) + ;; + -*) + # Blank kernel with real OS is always fine. + ;; + *-*) + echo "Invalid configuration \`$1': Kernel \`$kernel' not known to work with OS \`$os'." 1>&2 + exit 1 + ;; +esac + # Here we handle the case where we know the os, and the CPU type, but not the # manufacturer. We pick the logical manufacturer. -vendor=unknown -case $basic_machine in - *-unknown) - case $os in - -riscix*) +case $vendor in + unknown) + case $cpu-$os in + *-riscix*) vendor=acorn ;; - -sunos*) + *-sunos*) vendor=sun ;; - -cnk*|-aix*) + *-cnk* | *-aix*) vendor=ibm ;; - -beos*) + *-beos*) vendor=be ;; - -hpux*) + *-hpux*) vendor=hp ;; - -mpeix*) + *-mpeix*) vendor=hp ;; - -hiux*) + *-hiux*) vendor=hitachi ;; - -unos*) + *-unos*) vendor=crds ;; - -dgux*) + *-dgux*) vendor=dg ;; - -luna*) + *-luna*) vendor=omron ;; - -genix*) + *-genix*) vendor=ns ;; - -mvs* | -opened*) + *-clix*) + vendor=intergraph + ;; + *-mvs* | *-opened*) vendor=ibm ;; - -os400*) + *-os400*) vendor=ibm ;; - -ptx*) + s390-* | s390x-*) + vendor=ibm + ;; + *-ptx*) vendor=sequent ;; - -tpf*) + *-tpf*) vendor=ibm ;; - -vxsim* | -vxworks* | -windiss*) + *-vxsim* | *-vxworks* | *-windiss*) vendor=wrs ;; - -aux*) + *-aux*) vendor=apple ;; - -hms*) + *-hms*) vendor=hitachi ;; - -mpw* | -macos*) + *-mpw* | *-macos*) vendor=apple ;; - -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) + *-*mint | *-mint[0-9]* | *-*MiNT | *-MiNT[0-9]*) vendor=atari ;; - -vos*) + *-vos*) vendor=stratus ;; esac - basic_machine=`echo "$basic_machine" | sed "s/unknown/$vendor/"` ;; esac -echo "$basic_machine$os" +echo "$cpu-$vendor-${kernel:+$kernel-}$os" exit # Local variables: -# eval: (add-hook 'write-file-functions 'time-stamp) +# eval: (add-hook 'before-save-hook 'time-stamp) # time-stamp-start: "timestamp='" # time-stamp-format: "%:y-%02m-%02d" # time-stamp-end: "'" diff --git a/libssh2/configure b/libssh2/configure index 59b3c1d78..e008784f5 100755 --- a/libssh2/configure +++ b/libssh2/configure @@ -1,11 +1,12 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for libssh2 -. +# Generated by GNU Autoconf 2.71 for libssh2 -. # -# Report bugs to . +# Report bugs to . # # -# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. +# Copyright (C) 1992-1996, 1998-2017, 2020-2021 Free Software Foundation, +# Inc. # # # This configure script is free software; the Free Software Foundation @@ -16,14 +17,16 @@ # Be more Bourne compatible DUALCASE=1; export DUALCASE # for MKS sh -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : +as_nop=: +if test ${ZSH_VERSION+y} && (emulate sh) >/dev/null 2>&1 +then : emulate sh NULLCMD=: # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST -else +else $as_nop case `(set -o) 2>/dev/null` in #( *posix*) : set -o posix ;; #( @@ -33,46 +36,46 @@ esac fi + +# Reset variables that may have inherited troublesome values from +# the environment. + +# IFS needs to be set, to space, tab, and newline, in precisely that order. +# (If _AS_PATH_WALK were called with IFS unset, it would have the +# side effect of setting IFS to empty, thus disabling word splitting.) +# Quoting is to prevent editors from complaining about space-tab. as_nl=' ' export as_nl -# Printing a long string crashes Solaris 7 /usr/bin/printf. -as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' -as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo -as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo -# Prefer a ksh shell builtin over an external printf program on Solaris, -# but without wasting forks for bash or zsh. -if test -z "$BASH_VERSION$ZSH_VERSION" \ - && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then - as_echo='print -r --' - as_echo_n='print -rn --' -elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then - as_echo='printf %s\n' - as_echo_n='printf %s' -else - if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then - as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' - as_echo_n='/usr/ucb/echo -n' - else - as_echo_body='eval expr "X$1" : "X\\(.*\\)"' - as_echo_n_body='eval - arg=$1; - case $arg in #( - *"$as_nl"*) - expr "X$arg" : "X\\(.*\\)$as_nl"; - arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; - esac; - expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" - ' - export as_echo_n_body - as_echo_n='sh -c $as_echo_n_body as_echo' - fi - export as_echo_body - as_echo='sh -c $as_echo_body as_echo' -fi +IFS=" "" $as_nl" + +PS1='$ ' +PS2='> ' +PS4='+ ' + +# Ensure predictable behavior from utilities with locale-dependent output. +LC_ALL=C +export LC_ALL +LANGUAGE=C +export LANGUAGE + +# We cannot yet rely on "unset" to work, but we need these variables +# to be unset--not just set to an empty or harmless value--now, to +# avoid bugs in old shells (e.g. pre-3.0 UWIN ksh). This construct +# also avoids known problems related to "unset" and subshell syntax +# in other old shells (e.g. bash 2.01 and pdksh 5.2.14). +for as_var in BASH_ENV ENV MAIL MAILPATH CDPATH +do eval test \${$as_var+y} \ + && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : +done + +# Ensure that fds 0, 1, and 2 are open. +if (exec 3>&0) 2>/dev/null; then :; else exec 0&1) 2>/dev/null; then :; else exec 1>/dev/null; fi +if (exec 3>&2) ; then :; else exec 2>/dev/null; fi # The user is always right. -if test "${PATH_SEPARATOR+set}" != set; then +if ${PATH_SEPARATOR+false} :; then PATH_SEPARATOR=: (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || @@ -81,13 +84,6 @@ if test "${PATH_SEPARATOR+set}" != set; then fi -# IFS -# We need space, tab and new line, in precisely that order. Quoting is -# there to prevent editors from complaining about space-tab. -# (If _AS_PATH_WALK were called with IFS unset, it would disable word -# splitting by setting IFS to empty value.) -IFS=" "" $as_nl" - # Find who we are. Look in the path if we contain no directory separator. as_myself= case $0 in #(( @@ -96,8 +92,12 @@ case $0 in #(( for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + test -r "$as_dir$0" && as_myself=$as_dir$0 && break done IFS=$as_save_IFS @@ -109,30 +109,10 @@ if test "x$as_myself" = x; then as_myself=$0 fi if test ! -f "$as_myself"; then - $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 + printf "%s\n" "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 exit 1 fi -# Unset variables that we do not need and which cause bugs (e.g. in -# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" -# suppresses any "Segmentation fault" message there. '((' could -# trigger a bug in pdksh 5.2.14. -for as_var in BASH_ENV ENV MAIL MAILPATH -do eval test x\${$as_var+set} = xset \ - && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : -done -PS1='$ ' -PS2='> ' -PS4='+ ' - -# NLS nuisances. -LC_ALL=C -export LC_ALL -LANGUAGE=C -export LANGUAGE - -# CDPATH. -(unset CDPATH) >/dev/null 2>&1 && unset CDPATH # Use a proper internal environment variable to ensure we don't fall # into an infinite loop, continuously re-executing ourselves. @@ -154,20 +134,22 @@ esac exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} # Admittedly, this is quite paranoid, since all the known shells bail # out after a failed `exec'. -$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 -as_fn_exit 255 +printf "%s\n" "$0: could not re-execute with $CONFIG_SHELL" >&2 +exit 255 fi # We don't want this to propagate to other subprocesses. { _as_can_reexec=; unset _as_can_reexec;} if test "x$CONFIG_SHELL" = x; then - as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then : + as_bourne_compatible="as_nop=: +if test \${ZSH_VERSION+y} && (emulate sh) >/dev/null 2>&1 +then : emulate sh NULLCMD=: # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which # is contrary to our usage. Disable this feature. alias -g '\${1+\"\$@\"}'='\"\$@\"' setopt NO_GLOB_SUBST -else +else \$as_nop case \`(set -o) 2>/dev/null\` in #( *posix*) : set -o posix ;; #( @@ -187,18 +169,20 @@ as_fn_success || { exitcode=1; echo as_fn_success failed.; } as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; } as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; } as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; } -if ( set x; as_fn_ret_success y && test x = \"\$1\" ); then : +if ( set x; as_fn_ret_success y && test x = \"\$1\" ) +then : -else +else \$as_nop exitcode=1; echo positional parameters were not saved. fi test x\$exitcode = x0 || exit 1 +blah=\$(echo \$(echo blah)) +test x\"\$blah\" = xblah || exit 1 test -x / || exit 1" as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1 -test \$(( 1 + 1 )) = 2 || exit 1 test -n \"\${ZSH_VERSION+set}\${BASH_VERSION+set}\" || ( ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' @@ -206,31 +190,40 @@ test \$(( 1 + 1 )) = 2 || exit 1 ECHO=\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO PATH=/empty FPATH=/empty; export PATH FPATH test \"X\`printf %s \$ECHO\`\" = \"X\$ECHO\" \\ - || test \"X\`print -r -- \$ECHO\`\" = \"X\$ECHO\" ) || exit 1" - if (eval "$as_required") 2>/dev/null; then : + || test \"X\`print -r -- \$ECHO\`\" = \"X\$ECHO\" ) || exit 1 +test \$(( 1 + 1 )) = 2 || exit 1" + if (eval "$as_required") 2>/dev/null +then : as_have_required=yes -else +else $as_nop as_have_required=no fi - if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null; then : + if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null +then : -else +else $as_nop as_save_IFS=$IFS; IFS=$PATH_SEPARATOR as_found=false for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac as_found=: case $as_dir in #( /*) for as_base in sh bash ksh sh5; do # Try only shells that exist, to save several forks. - as_shell=$as_dir/$as_base + as_shell=$as_dir$as_base if { test -f "$as_shell" || test -f "$as_shell.exe"; } && - { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$as_shell"; } 2>/dev/null; then : + as_run=a "$as_shell" -c "$as_bourne_compatible""$as_required" 2>/dev/null +then : CONFIG_SHELL=$as_shell as_have_required=yes - if { $as_echo "$as_bourne_compatible""$as_suggested" | as_run=a "$as_shell"; } 2>/dev/null; then : + if as_run=a "$as_shell" -c "$as_bourne_compatible""$as_suggested" 2>/dev/null +then : break 2 fi fi @@ -238,14 +231,21 @@ fi esac as_found=false done -$as_found || { if { test -f "$SHELL" || test -f "$SHELL.exe"; } && - { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$SHELL"; } 2>/dev/null; then : - CONFIG_SHELL=$SHELL as_have_required=yes -fi; } IFS=$as_save_IFS +if $as_found +then : + +else $as_nop + if { test -f "$SHELL" || test -f "$SHELL.exe"; } && + as_run=a "$SHELL" -c "$as_bourne_compatible""$as_required" 2>/dev/null +then : + CONFIG_SHELL=$SHELL as_have_required=yes +fi +fi - if test "x$CONFIG_SHELL" != x; then : + if test "x$CONFIG_SHELL" != x +then : export CONFIG_SHELL # We cannot yet assume a decent shell, so we have to provide a # neutralization value for shells without unset; and this also @@ -263,22 +263,23 @@ esac exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} # Admittedly, this is quite paranoid, since all the known shells bail # out after a failed `exec'. -$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 +printf "%s\n" "$0: could not re-execute with $CONFIG_SHELL" >&2 exit 255 fi - if test x$as_have_required = xno; then : - $as_echo "$0: This script requires a shell more modern than all" - $as_echo "$0: the shells that I found on your system." - if test x${ZSH_VERSION+set} = xset ; then - $as_echo "$0: In particular, zsh $ZSH_VERSION has bugs and should" - $as_echo "$0: be upgraded to zsh 4.3.4 or later." + if test x$as_have_required = xno +then : + printf "%s\n" "$0: This script requires a shell more modern than all" + printf "%s\n" "$0: the shells that I found on your system." + if test ${ZSH_VERSION+y} ; then + printf "%s\n" "$0: In particular, zsh $ZSH_VERSION has bugs and should" + printf "%s\n" "$0: be upgraded to zsh 4.3.4 or later." else - $as_echo "$0: Please tell bug-autoconf@gnu.org and -$0: libssh2-devel@cool.haxx.se about your system, including -$0: any error possibly output before this message. Then -$0: install a modern shell, or manually run the script -$0: under such a shell if you do have one." + printf "%s\n" "$0: Please tell bug-autoconf@gnu.org and +$0: libssh2-devel@lists.haxx.se about your system, +$0: including any error possibly output before this +$0: message. Then install a modern shell, or manually run +$0: the script under such a shell if you do have one." fi exit 1 fi @@ -302,6 +303,7 @@ as_fn_unset () } as_unset=as_fn_unset + # as_fn_set_status STATUS # ----------------------- # Set $? to STATUS, without forking. @@ -319,6 +321,14 @@ as_fn_exit () as_fn_set_status $1 exit $1 } # as_fn_exit +# as_fn_nop +# --------- +# Do nothing but, unlike ":", preserve the value of $?. +as_fn_nop () +{ + return $? +} +as_nop=as_fn_nop # as_fn_mkdir_p # ------------- @@ -333,7 +343,7 @@ as_fn_mkdir_p () as_dirs= while :; do case $as_dir in #( - *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( + *\'*) as_qdir=`printf "%s\n" "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( *) as_qdir=$as_dir;; esac as_dirs="'$as_qdir' $as_dirs" @@ -342,7 +352,7 @@ $as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$as_dir" : 'X\(//\)[^/]' \| \ X"$as_dir" : 'X\(//\)$' \| \ X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || -$as_echo X"$as_dir" | +printf "%s\n" X"$as_dir" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q @@ -381,12 +391,13 @@ as_fn_executable_p () # advantage of any shell optimizations that allow amortized linear growth over # repeated appends, instead of the typical quadratic growth present in naive # implementations. -if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : +if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null +then : eval 'as_fn_append () { eval $1+=\$2 }' -else +else $as_nop as_fn_append () { eval $1=\$$1\$2 @@ -398,18 +409,27 @@ fi # as_fn_append # Perform arithmetic evaluation on the ARGs, and store the result in the # global $as_val. Take advantage of shells that can avoid forks. The arguments # must be portable across $(()) and expr. -if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : +if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null +then : eval 'as_fn_arith () { as_val=$(( $* )) }' -else +else $as_nop as_fn_arith () { as_val=`expr "$@" || test $? -eq 1` } fi # as_fn_arith +# as_fn_nop +# --------- +# Do nothing but, unlike ":", preserve the value of $?. +as_fn_nop () +{ + return $? +} +as_nop=as_fn_nop # as_fn_error STATUS ERROR [LINENO LOG_FD] # ---------------------------------------- @@ -421,9 +441,9 @@ as_fn_error () as_status=$1; test $as_status -eq 0 && as_status=1 if test "$4"; then as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 fi - $as_echo "$as_me: error: $2" >&2 + printf "%s\n" "$as_me: error: $2" >&2 as_fn_exit $as_status } # as_fn_error @@ -450,7 +470,7 @@ as_me=`$as_basename -- "$0" || $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ X"$0" : 'X\(//\)$' \| \ X"$0" : 'X\(/\)' \| . 2>/dev/null || -$as_echo X/"$0" | +printf "%s\n" X/"$0" | sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/ q @@ -494,7 +514,7 @@ as_cr_alnum=$as_cr_Letters$as_cr_digits s/-\n.*// ' >$as_me.lineno && chmod +x "$as_me.lineno" || - { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } + { printf "%s\n" "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } # If we had to re-execute with $CONFIG_SHELL, we're ensured to have # already done that, so ensure we don't try to do so again and fall @@ -508,6 +528,10 @@ as_cr_alnum=$as_cr_Letters$as_cr_digits exit } + +# Determine whether it's possible to make 'echo' print without a newline. +# These variables are no longer used directly by Autoconf, but are AC_SUBSTed +# for compatibility with existing Makefiles. ECHO_C= ECHO_N= ECHO_T= case `echo -n x` in #((((( -n*) @@ -521,6 +545,13 @@ case `echo -n x` in #((((( ECHO_N='-n';; esac +# For backward compatibility with old third-party macros, we provide +# the shell variables $as_echo and $as_echo_n. New code should use +# AS_ECHO(["message"]) and AS_ECHO_N(["message"]), respectively. +as_echo='printf %s\n' +as_echo_n='printf %s' + + rm -f conf$$ conf$$.exe conf$$.file if test -d conf$$.dir; then rm -f conf$$.dir/conf$$.file @@ -592,53 +623,49 @@ PACKAGE_NAME='libssh2' PACKAGE_TARNAME='libssh2' PACKAGE_VERSION='-' PACKAGE_STRING='libssh2 -' -PACKAGE_BUGREPORT='libssh2-devel@cool.haxx.se' +PACKAGE_BUGREPORT='libssh2-devel@lists.haxx.se' PACKAGE_URL='' ac_unique_file="src" # Factoring default headers for most tests. ac_includes_default="\ -#include -#ifdef HAVE_SYS_TYPES_H -# include +#include +#ifdef HAVE_STDIO_H +# include #endif -#ifdef HAVE_SYS_STAT_H -# include -#endif -#ifdef STDC_HEADERS +#ifdef HAVE_STDLIB_H # include -# include -#else -# ifdef HAVE_STDLIB_H -# include -# endif #endif #ifdef HAVE_STRING_H -# if !defined STDC_HEADERS && defined HAVE_MEMORY_H -# include -# endif # include #endif -#ifdef HAVE_STRINGS_H -# include -#endif #ifdef HAVE_INTTYPES_H # include #endif #ifdef HAVE_STDINT_H # include #endif +#ifdef HAVE_STRINGS_H +# include +#endif +#ifdef HAVE_SYS_TYPES_H +# include +#endif +#ifdef HAVE_SYS_STAT_H +# include +#endif #ifdef HAVE_UNISTD_H # include #endif" +ac_header_c_list= ac_subst_vars='am__EXEEXT_FALSE am__EXEEXT_TRUE LTLIBOBJS LIBOBJS +HAVE_WINDRES_FALSE +HAVE_WINDRES_TRUE ALLOCA -HAVE_SYS_UN_H_FALSE -HAVE_SYS_UN_H_TRUE USE_OSSFUZZ_STATIC_FALSE USE_OSSFUZZ_STATIC_TRUE USE_OSSFUZZ_FLAG_FALSE @@ -648,27 +675,26 @@ USE_OSSFUZZERS_FALSE USE_OSSFUZZERS_TRUE BUILD_EXAMPLES_FALSE BUILD_EXAMPLES_TRUE +RUN_SSHD_TESTS_FALSE +RUN_SSHD_TESTS_TRUE +RUN_DOCKER_TESTS_FALSE +RUN_DOCKER_TESTS_TRUE +ENABLE_TESTS_FALSE +ENABLE_TESTS_TRUE +CPP LIBSREQUIRED LIBZ_PREFIX LTLIBZ LIBZ HAVE_LIBZ -WINCNG_FALSE -WINCNG_TRUE -MBEDTLS_FALSE -MBEDTLS_TRUE -LIBGCRYPT_FALSE -LIBGCRYPT_TRUE -OPENSSL_FALSE -OPENSSL_TRUE +LIBWOLFSSL_PREFIX +LTLIBWOLFSSL +LIBWOLFSSL +HAVE_LIBWOLFSSL LIBBCRYPT_PREFIX LTLIBBCRYPT LIBBCRYPT HAVE_LIBBCRYPT -LIBCRYPT32_PREFIX -LTLIBCRYPT32 -LIBCRYPT32 -HAVE_LIBCRYPT32 LIBMBEDCRYPTO_PREFIX LTLIBMBEDCRYPTO LIBMBEDCRYPTO @@ -681,6 +707,7 @@ LIBSSL_PREFIX LTLIBSSL LIBSSL HAVE_LIBSSL +RC CXXCPP LT_SYS_LIBRARY_PATH OTOOL64 @@ -692,15 +719,21 @@ MANIFEST_TOOL RANLIB ac_ct_AR AR +FILECMD NM ac_ct_DUMPBIN DUMPBIN LD FGREP +EGREP +GREP LIBTOOL OBJDUMP DLLTOOL AS +SSHD_FALSE +SSHD_TRUE +SSHD LN_S am__fastdepCXX_FALSE am__fastdepCXX_TRUE @@ -708,9 +741,6 @@ CXXDEPMODE ac_ct_CXX CXXFLAGS CXX -EGREP -GREP -CPP am__fastdepCC_FALSE am__fastdepCC_TRUE CCDEPMODE @@ -830,16 +860,16 @@ enable_rpath with_libssl_prefix with_libgcrypt_prefix with_libmbedcrypto_prefix -with_libcrypt32_prefix with_libbcrypt_prefix +with_libwolfssl_prefix with_libz with_libz_prefix -enable_crypt_none -enable_mac_none -enable_gex_new enable_clear_memory enable_debug enable_hidden_symbols +enable_tests +enable_docker_tests +enable_sshd_tests enable_examples_build enable_ossfuzzers enable_werror @@ -852,12 +882,12 @@ CFLAGS LDFLAGS LIBS CPPFLAGS -CPP CXX CXXFLAGS CCC LT_SYS_LIBRARY_PATH -CXXCPP' +CXXCPP +CPP' # Initialize some variables set by options. @@ -926,8 +956,6 @@ do *) ac_optarg=yes ;; esac - # Accept the important Cygnus configure options, so we can diagnose typos. - case $ac_dashdash$ac_option in --) ac_dashdash=yes ;; @@ -968,9 +996,9 @@ do ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && - as_fn_error $? "invalid feature name: $ac_useropt" + as_fn_error $? "invalid feature name: \`$ac_useropt'" ac_useropt_orig=$ac_useropt - ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + ac_useropt=`printf "%s\n" "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "enable_$ac_useropt" @@ -994,9 +1022,9 @@ do ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && - as_fn_error $? "invalid feature name: $ac_useropt" + as_fn_error $? "invalid feature name: \`$ac_useropt'" ac_useropt_orig=$ac_useropt - ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + ac_useropt=`printf "%s\n" "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "enable_$ac_useropt" @@ -1207,9 +1235,9 @@ do ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && - as_fn_error $? "invalid package name: $ac_useropt" + as_fn_error $? "invalid package name: \`$ac_useropt'" ac_useropt_orig=$ac_useropt - ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + ac_useropt=`printf "%s\n" "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "with_$ac_useropt" @@ -1223,9 +1251,9 @@ do ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && - as_fn_error $? "invalid package name: $ac_useropt" + as_fn_error $? "invalid package name: \`$ac_useropt'" ac_useropt_orig=$ac_useropt - ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + ac_useropt=`printf "%s\n" "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "with_$ac_useropt" @@ -1269,9 +1297,9 @@ Try \`$0 --help' for more information" *) # FIXME: should be removed in autoconf 3.0. - $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2 + printf "%s\n" "$as_me: WARNING: you should use --build, --host, --target" >&2 expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null && - $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2 + printf "%s\n" "$as_me: WARNING: invalid host type: $ac_option" >&2 : "${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}" ;; @@ -1287,7 +1315,7 @@ if test -n "$ac_unrecognized_opts"; then case $enable_option_checking in no) ;; fatal) as_fn_error $? "unrecognized options: $ac_unrecognized_opts" ;; - *) $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;; + *) printf "%s\n" "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;; esac fi @@ -1351,7 +1379,7 @@ $as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$as_myself" : 'X\(//\)[^/]' \| \ X"$as_myself" : 'X\(//\)$' \| \ X"$as_myself" : 'X\(/\)' \| . 2>/dev/null || -$as_echo X"$as_myself" | +printf "%s\n" X"$as_myself" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q @@ -1503,16 +1531,15 @@ Optional Features: --disable-libtool-lock avoid locking (might break parallel builds) --disable-largefile omit support for large files --disable-rpath do not hardcode runtime library paths - --enable-crypt-none Permit "none" cipher -- NOT RECOMMENDED - --enable-mac-none Permit "none" MAC -- NOT RECOMMENDED - --disable-gex-new Disable "new" diffie-hellman-group-exchange-sha1 - method --disable-clear-memory Disable clearing of memory before being freed --enable-debug Enable pedantic and debug options --disable-debug Disable debug options --enable-hidden-symbols Hide internal symbols in library --disable-hidden-symbols Leave all symbols with default visibility in library + --disable-tests Disable tests [default=enabled] + --disable-docker-tests Do not run tests requiring Docker + --disable-sshd-tests Do not run tests requiring sshd --enable-examples-build Build example applications (this is the default) --disable-examples-build Do not build example applications @@ -1531,7 +1558,7 @@ Optional Packages: --with-gnu-ld assume the C compiler uses GNU ld [default=no] --with-sysroot[=DIR] Search for dependent libraries within DIR (or the compiler's sysroot if not specified). - --with-crypto=auto|openssl|libgcrypt|mbedtls|wincng + --with-crypto=auto|openssl|libgcrypt|mbedtls|wincng|wolfssl Select crypto backend (default: auto) --with-gnu-ld assume the C compiler uses GNU ld default=no --with-libssl-prefix[=DIR] search for libssl in DIR/include and DIR/lib @@ -1540,10 +1567,10 @@ Optional Packages: --without-libgcrypt-prefix don't search for libgcrypt in includedir and libdir --with-libmbedcrypto-prefix[=DIR] search for libmbedcrypto in DIR/include and DIR/lib --without-libmbedcrypto-prefix don't search for libmbedcrypto in includedir and libdir - --with-libcrypt32-prefix[=DIR] search for libcrypt32 in DIR/include and DIR/lib - --without-libcrypt32-prefix don't search for libcrypt32 in includedir and libdir --with-libbcrypt-prefix[=DIR] search for libbcrypt in DIR/include and DIR/lib --without-libbcrypt-prefix don't search for libbcrypt in includedir and libdir + --with-libwolfssl-prefix[=DIR] search for libwolfssl in DIR/include and DIR/lib + --without-libwolfssl-prefix don't search for libwolfssl in includedir and libdir --with-libz Use libz for compression --with-libz-prefix[=DIR] search for libz in DIR/include and DIR/lib --without-libz-prefix don't search for libz in includedir and libdir @@ -1556,17 +1583,17 @@ Some influential environment variables: LIBS libraries to pass to the linker, e.g. -l CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I if you have headers in a nonstandard directory - CPP C preprocessor CXX C++ compiler command CXXFLAGS C++ compiler flags LT_SYS_LIBRARY_PATH User-defined run-time library search path. CXXCPP C++ preprocessor + CPP C preprocessor Use these variables to override the choices made by `configure' or to help it to find libraries and programs with nonstandard names/locations. -Report bugs to . +Report bugs to . _ACEOF ac_status=$? fi @@ -1582,9 +1609,9 @@ if test "$ac_init_help" = "recursive"; then case "$ac_dir" in .) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; *) - ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` + ac_dir_suffix=/`printf "%s\n" "$ac_dir" | sed 's|^\.[\\/]||'` # A ".." for each directory in $ac_dir_suffix. - ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` + ac_top_builddir_sub=`printf "%s\n" "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` case $ac_top_builddir_sub in "") ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; @@ -1612,7 +1639,8 @@ esac ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix cd "$ac_dir" || { ac_status=$?; continue; } - # Check for guested configure. + # Check for configure.gnu first; this name is used for a wrapper for + # Metaconfig's "Configure" on case-insensitive file systems. if test -f "$ac_srcdir/configure.gnu"; then echo && $SHELL "$ac_srcdir/configure.gnu" --help=recursive @@ -1620,7 +1648,7 @@ ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix echo && $SHELL "$ac_srcdir/configure" --help=recursive else - $as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2 + printf "%s\n" "$as_me: WARNING: no configuration information is in $ac_dir" >&2 fi || ac_status=$? cd "$ac_pwd" || { ac_status=$?; break; } done @@ -1630,9 +1658,9 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF libssh2 configure - -generated by GNU Autoconf 2.69 +generated by GNU Autoconf 2.71 -Copyright (C) 2012 Free Software Foundation, Inc. +Copyright (C) 2021 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. _ACEOF @@ -1649,14 +1677,14 @@ fi ac_fn_c_try_compile () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - rm -f conftest.$ac_objext + rm -f conftest.$ac_objext conftest.beam if { { ac_try="$ac_compile" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 +printf "%s\n" "$ac_try_echo"; } >&5 (eval "$ac_compile") 2>conftest.err ac_status=$? if test -s conftest.err; then @@ -1664,14 +1692,15 @@ $as_echo "$ac_try_echo"; } >&5 cat conftest.er1 >&5 mv -f conftest.er1 conftest.err fi - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } && { test -z "$ac_c_werror_flag" || test ! -s conftest.err - } && test -s conftest.$ac_objext; then : + } && test -s conftest.$ac_objext +then : ac_retval=0 -else - $as_echo "$as_me: failed program was:" >&5 +else $as_nop + printf "%s\n" "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 @@ -1681,184 +1710,20 @@ fi } # ac_fn_c_try_compile -# ac_fn_c_check_type LINENO TYPE VAR INCLUDES -# ------------------------------------------- -# Tests whether TYPE exists after having included INCLUDES, setting cache -# variable VAR accordingly. -ac_fn_c_check_type () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 -$as_echo_n "checking for $2... " >&6; } -if eval \${$3+:} false; then : - $as_echo_n "(cached) " >&6 -else - eval "$3=no" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$4 -int -main () -{ -if (sizeof ($2)) - return 0; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$4 -int -main () -{ -if (sizeof (($2))) - return 0; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - -else - eval "$3=yes" -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -eval ac_res=\$$3 - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - -} # ac_fn_c_check_type - -# ac_fn_c_try_cpp LINENO -# ---------------------- -# Try to preprocess conftest.$ac_ext, and return whether this succeeded. -ac_fn_c_try_cpp () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - if { { ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.err - ac_status=$? - if test -s conftest.err; then - grep -v '^ *+' conftest.err >conftest.er1 - cat conftest.er1 >&5 - mv -f conftest.er1 conftest.err - fi - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; } > conftest.i && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then : - ac_retval=0 -else - $as_echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_retval=1 -fi - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - as_fn_set_status $ac_retval - -} # ac_fn_c_try_cpp - -# ac_fn_c_try_run LINENO -# ---------------------- -# Try to link conftest.$ac_ext, and return whether this succeeded. Assumes -# that executables *can* be run. -ac_fn_c_try_run () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - if { { ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; } && { ac_try='./conftest$ac_exeext' - { { case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; }; }; then : - ac_retval=0 -else - $as_echo "$as_me: program exited with status $ac_status" >&5 - $as_echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_retval=$ac_status -fi - rm -rf conftest.dSYM conftest_ipa8_conftest.oo - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - as_fn_set_status $ac_retval - -} # ac_fn_c_try_run - -# ac_fn_c_check_header_compile LINENO HEADER VAR INCLUDES -# ------------------------------------------------------- -# Tests whether HEADER exists and can be compiled using the include files in -# INCLUDES, setting the cache variable VAR accordingly. -ac_fn_c_check_header_compile () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 -$as_echo_n "checking for $2... " >&6; } -if eval \${$3+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$4 -#include <$2> -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - eval "$3=yes" -else - eval "$3=no" -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -eval ac_res=\$$3 - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - -} # ac_fn_c_check_header_compile - # ac_fn_c_try_link LINENO # ----------------------- # Try to link conftest.$ac_ext, and return whether this succeeded. ac_fn_c_try_link () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - rm -f conftest.$ac_objext conftest$ac_exeext + rm -f conftest.$ac_objext conftest.beam conftest$ac_exeext if { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 +printf "%s\n" "$ac_try_echo"; } >&5 (eval "$ac_link") 2>conftest.err ac_status=$? if test -s conftest.err; then @@ -1866,17 +1731,18 @@ $as_echo "$ac_try_echo"; } >&5 cat conftest.er1 >&5 mv -f conftest.er1 conftest.err fi - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } && { test -z "$ac_c_werror_flag" || test ! -s conftest.err } && test -s conftest$ac_exeext && { test "$cross_compiling" = yes || test -x conftest$ac_exeext - }; then : + } +then : ac_retval=0 -else - $as_echo "$as_me: failed program was:" >&5 +else $as_nop + printf "%s\n" "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 @@ -1897,14 +1763,14 @@ fi ac_fn_cxx_try_compile () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - rm -f conftest.$ac_objext + rm -f conftest.$ac_objext conftest.beam if { { ac_try="$ac_compile" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 +printf "%s\n" "$ac_try_echo"; } >&5 (eval "$ac_compile") 2>conftest.err ac_status=$? if test -s conftest.err; then @@ -1912,14 +1778,15 @@ $as_echo "$ac_try_echo"; } >&5 cat conftest.er1 >&5 mv -f conftest.er1 conftest.err fi - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } && { test -z "$ac_cxx_werror_flag" || test ! -s conftest.err - } && test -s conftest.$ac_objext; then : + } && test -s conftest.$ac_objext +then : ac_retval=0 -else - $as_echo "$as_me: failed program was:" >&5 +else $as_nop + printf "%s\n" "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 @@ -1929,17 +1796,51 @@ fi } # ac_fn_cxx_try_compile +# ac_fn_c_check_header_compile LINENO HEADER VAR INCLUDES +# ------------------------------------------------------- +# Tests whether HEADER exists and can be compiled using the include files in +# INCLUDES, setting the cache variable VAR accordingly. +ac_fn_c_check_header_compile () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +printf %s "checking for $2... " >&6; } +if eval test \${$3+y} +then : + printf %s "(cached) " >&6 +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +#include <$2> +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + eval "$3=yes" +else $as_nop + eval "$3=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +fi +eval ac_res=\$$3 + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + +} # ac_fn_c_check_header_compile + # ac_fn_c_check_func LINENO FUNC VAR # ---------------------------------- # Tests whether FUNC exists, setting the cache variable VAR accordingly ac_fn_c_check_func () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 -$as_echo_n "checking for $2... " >&6; } -if eval \${$3+:} false; then : - $as_echo_n "(cached) " >&6 -else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +printf %s "checking for $2... " >&6; } +if eval test \${$3+y} +then : + printf %s "(cached) " >&6 +else $as_nop cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Define $2 to an innocuous variant, in case declares $2. @@ -1947,16 +1848,9 @@ else #define $2 innocuous_$2 /* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $2 (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif + which can conflict with char $2 (); below. */ +#include #undef $2 /* Override any GCC internal prototype to avoid an error. @@ -1974,24 +1868,25 @@ choke me #endif int -main () +main (void) { return $2 (); ; return 0; } _ACEOF -if ac_fn_c_try_link "$LINENO"; then : +if ac_fn_c_try_link "$LINENO" +then : eval "$3=yes" -else +else $as_nop eval "$3=no" fi -rm -f core conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext fi eval ac_res=\$$3 - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_func @@ -2008,7 +1903,7 @@ case "(($ac_try" in *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 +printf "%s\n" "$ac_try_echo"; } >&5 (eval "$ac_cpp conftest.$ac_ext") 2>conftest.err ac_status=$? if test -s conftest.err; then @@ -2016,14 +1911,15 @@ $as_echo "$ac_try_echo"; } >&5 cat conftest.er1 >&5 mv -f conftest.er1 conftest.err fi - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } > conftest.i && { test -z "$ac_cxx_preproc_warn_flag$ac_cxx_werror_flag" || test ! -s conftest.err - }; then : + } +then : ac_retval=0 -else - $as_echo "$as_me: failed program was:" >&5 +else $as_nop + printf "%s\n" "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 @@ -2039,14 +1935,14 @@ fi ac_fn_cxx_try_link () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - rm -f conftest.$ac_objext conftest$ac_exeext + rm -f conftest.$ac_objext conftest.beam conftest$ac_exeext if { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 +printf "%s\n" "$ac_try_echo"; } >&5 (eval "$ac_link") 2>conftest.err ac_status=$? if test -s conftest.err; then @@ -2054,17 +1950,18 @@ $as_echo "$ac_try_echo"; } >&5 cat conftest.er1 >&5 mv -f conftest.er1 conftest.err fi - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } && { test -z "$ac_cxx_werror_flag" || test ! -s conftest.err } && test -s conftest$ac_exeext && { test "$cross_compiling" = yes || test -x conftest$ac_exeext - }; then : + } +then : ac_retval=0 -else - $as_echo "$as_me: failed program was:" >&5 +else $as_nop + printf "%s\n" "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 @@ -2079,150 +1976,171 @@ fi } # ac_fn_cxx_try_link -# ac_fn_c_check_decl LINENO SYMBOL VAR INCLUDES -# --------------------------------------------- -# Tests whether SYMBOL is declared in INCLUDES, setting cache variable VAR -# accordingly. -ac_fn_c_check_decl () +# ac_fn_c_try_run LINENO +# ---------------------- +# Try to run conftest.$ac_ext, and return whether this succeeded. Assumes that +# executables *can* be run. +ac_fn_c_try_run () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - as_decl_name=`echo $2|sed 's/ *(.*//'` - as_decl_use=`echo $2|sed -e 's/(/((/' -e 's/)/) 0&/' -e 's/,/) 0& (/g'` - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $as_decl_name is declared" >&5 -$as_echo_n "checking whether $as_decl_name is declared... " >&6; } -if eval \${$3+:} false; then : - $as_echo_n "(cached) " >&6 -else + if { { ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +printf "%s\n" "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>&5 + ac_status=$? + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && { ac_try='./conftest$ac_exeext' + { { case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +printf "%s\n" "$ac_try_echo"; } >&5 + (eval "$ac_try") 2>&5 + ac_status=$? + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; } +then : + ac_retval=0 +else $as_nop + printf "%s\n" "$as_me: program exited with status $ac_status" >&5 + printf "%s\n" "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_retval=$ac_status +fi + rm -rf conftest.dSYM conftest_ipa8_conftest.oo + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + as_fn_set_status $ac_retval + +} # ac_fn_c_try_run + +# ac_fn_c_try_cpp LINENO +# ---------------------- +# Try to preprocess conftest.$ac_ext, and return whether this succeeded. +ac_fn_c_try_cpp () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + if { { ac_try="$ac_cpp conftest.$ac_ext" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +printf "%s\n" "$ac_try_echo"; } >&5 + (eval "$ac_cpp conftest.$ac_ext") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + grep -v '^ *+' conftest.err >conftest.er1 + cat conftest.er1 >&5 + mv -f conftest.er1 conftest.err + fi + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } > conftest.i && { + test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || + test ! -s conftest.err + } +then : + ac_retval=0 +else $as_nop + printf "%s\n" "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_retval=1 +fi + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + as_fn_set_status $ac_retval + +} # ac_fn_c_try_cpp + +# ac_fn_c_check_type LINENO TYPE VAR INCLUDES +# ------------------------------------------- +# Tests whether TYPE exists after having included INCLUDES, setting cache +# variable VAR accordingly. +ac_fn_c_check_type () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +printf %s "checking for $2... " >&6; } +if eval test \${$3+y} +then : + printf %s "(cached) " >&6 +else $as_nop + eval "$3=no" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 int -main () +main (void) { -#ifndef $as_decl_name -#ifdef __cplusplus - (void) $as_decl_use; -#else - (void) $as_decl_name; -#endif -#endif - +if (sizeof ($2)) + return 0; ; return 0; } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - eval "$3=yes" -else - eval "$3=no" -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -eval ac_res=\$$3 - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - -} # ac_fn_c_check_decl - -# ac_fn_c_check_header_mongrel LINENO HEADER VAR INCLUDES -# ------------------------------------------------------- -# Tests whether HEADER exists, giving a warning if it cannot be compiled using -# the include files in INCLUDES and setting the cache variable VAR -# accordingly. -ac_fn_c_check_header_mongrel () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - if eval \${$3+:} false; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 -$as_echo_n "checking for $2... " >&6; } -if eval \${$3+:} false; then : - $as_echo_n "(cached) " >&6 -fi -eval ac_res=\$$3 - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } -else - # Is the header compilable? -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 usability" >&5 -$as_echo_n "checking $2 usability... " >&6; } -cat confdefs.h - <<_ACEOF >conftest.$ac_ext +if ac_fn_c_try_compile "$LINENO" +then : + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 -#include <$2> +int +main (void) +{ +if (sizeof (($2))) + return 0; + ; + return 0; +} _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_header_compiler=yes -else - ac_header_compiler=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_compiler" >&5 -$as_echo "$ac_header_compiler" >&6; } +if ac_fn_c_try_compile "$LINENO" +then : -# Is the header present? -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 presence" >&5 -$as_echo_n "checking $2 presence... " >&6; } -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include <$2> -_ACEOF -if ac_fn_c_try_cpp "$LINENO"; then : - ac_header_preproc=yes -else - ac_header_preproc=no +else $as_nop + eval "$3=yes" fi -rm -f conftest.err conftest.i conftest.$ac_ext -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_preproc" >&5 -$as_echo "$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in #(( - yes:no: ) - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&5 -$as_echo "$as_me: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&2;} - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 -$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} - ;; - no:yes:* ) - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: present but cannot be compiled" >&5 -$as_echo "$as_me: WARNING: $2: present but cannot be compiled" >&2;} - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: check for missing prerequisite headers?" >&5 -$as_echo "$as_me: WARNING: $2: check for missing prerequisite headers?" >&2;} - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: see the Autoconf documentation" >&5 -$as_echo "$as_me: WARNING: $2: see the Autoconf documentation" >&2;} - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&5 -$as_echo "$as_me: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&2;} - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 -$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} -( $as_echo "## ----------------------------------------- ## -## Report this to libssh2-devel@cool.haxx.se ## -## ----------------------------------------- ##" - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 -$as_echo_n "checking for $2... " >&6; } -if eval \${$3+:} false; then : - $as_echo_n "(cached) " >&6 -else - eval "$3=\$ac_header_compiler" +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext fi eval ac_res=\$$3 - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } -fi + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno -} # ac_fn_c_check_header_mongrel +} # ac_fn_c_check_type +ac_configure_args_raw= +for ac_arg +do + case $ac_arg in + *\'*) + ac_arg=`printf "%s\n" "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; + esac + as_fn_append ac_configure_args_raw " '$ac_arg'" +done + +case $ac_configure_args_raw in + *$as_nl*) + ac_safe_unquote= ;; + *) + ac_unsafe_z='|&;<>()$`\\"*?[ '' ' # This string ends in space, tab. + ac_unsafe_a="$ac_unsafe_z#~" + ac_safe_unquote="s/ '\\([^$ac_unsafe_a][^$ac_unsafe_z]*\\)'/ \\1/g" + ac_configure_args_raw=` printf "%s\n" "$ac_configure_args_raw" | sed "$ac_safe_unquote"`;; +esac + cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. It was created by libssh2 $as_me -, which was -generated by GNU Autoconf 2.69. Invocation command line was +generated by GNU Autoconf 2.71. Invocation command line was - $ $0 $@ + $ $0$ac_configure_args_raw _ACEOF exec 5>>config.log @@ -2255,8 +2173,12 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - $as_echo "PATH: $as_dir" + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + printf "%s\n" "PATH: $as_dir" done IFS=$as_save_IFS @@ -2291,7 +2213,7 @@ do | -silent | --silent | --silen | --sile | --sil) continue ;; *\'*) - ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; + ac_arg=`printf "%s\n" "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; esac case $ac_pass in 1) as_fn_append ac_configure_args0 " '$ac_arg'" ;; @@ -2326,11 +2248,13 @@ done # WARNING: Use '\'' to represent an apostrophe within the trap. # WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug. trap 'exit_status=$? + # Sanitize IFS. + IFS=" "" $as_nl" # Save into config.log some information that might help in debugging. { echo - $as_echo "## ---------------- ## + printf "%s\n" "## ---------------- ## ## Cache variables. ## ## ---------------- ##" echo @@ -2341,8 +2265,8 @@ trap 'exit_status=$? case $ac_val in #( *${as_nl}*) case $ac_var in #( - *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 -$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; + *_cv_*) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 +printf "%s\n" "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; esac case $ac_var in #( _ | IFS | as_nl) ;; #( @@ -2366,7 +2290,7 @@ $as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; ) echo - $as_echo "## ----------------- ## + printf "%s\n" "## ----------------- ## ## Output variables. ## ## ----------------- ##" echo @@ -2374,14 +2298,14 @@ $as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; do eval ac_val=\$$ac_var case $ac_val in - *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; + *\'\''*) ac_val=`printf "%s\n" "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; esac - $as_echo "$ac_var='\''$ac_val'\''" + printf "%s\n" "$ac_var='\''$ac_val'\''" done | sort echo if test -n "$ac_subst_files"; then - $as_echo "## ------------------- ## + printf "%s\n" "## ------------------- ## ## File substitutions. ## ## ------------------- ##" echo @@ -2389,15 +2313,15 @@ $as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; do eval ac_val=\$$ac_var case $ac_val in - *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; + *\'\''*) ac_val=`printf "%s\n" "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; esac - $as_echo "$ac_var='\''$ac_val'\''" + printf "%s\n" "$ac_var='\''$ac_val'\''" done | sort echo fi if test -s confdefs.h; then - $as_echo "## ----------- ## + printf "%s\n" "## ----------- ## ## confdefs.h. ## ## ----------- ##" echo @@ -2405,8 +2329,8 @@ $as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; echo fi test "$ac_signal" != 0 && - $as_echo "$as_me: caught signal $ac_signal" - $as_echo "$as_me: exit $exit_status" + printf "%s\n" "$as_me: caught signal $ac_signal" + printf "%s\n" "$as_me: exit $exit_status" } >&5 rm -f core *.core core.conftest.* && rm -f -r conftest* confdefs* conf$$* $ac_clean_files && @@ -2420,63 +2344,48 @@ ac_signal=0 # confdefs.h avoids OS command line length limits that DEFS can exceed. rm -f -r conftest* confdefs.h -$as_echo "/* confdefs.h */" > confdefs.h +printf "%s\n" "/* confdefs.h */" > confdefs.h # Predefined preprocessor variables. -cat >>confdefs.h <<_ACEOF -#define PACKAGE_NAME "$PACKAGE_NAME" -_ACEOF +printf "%s\n" "#define PACKAGE_NAME \"$PACKAGE_NAME\"" >>confdefs.h -cat >>confdefs.h <<_ACEOF -#define PACKAGE_TARNAME "$PACKAGE_TARNAME" -_ACEOF +printf "%s\n" "#define PACKAGE_TARNAME \"$PACKAGE_TARNAME\"" >>confdefs.h -cat >>confdefs.h <<_ACEOF -#define PACKAGE_VERSION "$PACKAGE_VERSION" -_ACEOF +printf "%s\n" "#define PACKAGE_VERSION \"$PACKAGE_VERSION\"" >>confdefs.h -cat >>confdefs.h <<_ACEOF -#define PACKAGE_STRING "$PACKAGE_STRING" -_ACEOF +printf "%s\n" "#define PACKAGE_STRING \"$PACKAGE_STRING\"" >>confdefs.h -cat >>confdefs.h <<_ACEOF -#define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT" -_ACEOF +printf "%s\n" "#define PACKAGE_BUGREPORT \"$PACKAGE_BUGREPORT\"" >>confdefs.h -cat >>confdefs.h <<_ACEOF -#define PACKAGE_URL "$PACKAGE_URL" -_ACEOF +printf "%s\n" "#define PACKAGE_URL \"$PACKAGE_URL\"" >>confdefs.h # Let the site file select an alternate cache file if it wants to. # Prefer an explicitly selected file to automatically selected ones. -ac_site_file1=NONE -ac_site_file2=NONE if test -n "$CONFIG_SITE"; then - # We do not want a PATH search for config.site. - case $CONFIG_SITE in #(( - -*) ac_site_file1=./$CONFIG_SITE;; - */*) ac_site_file1=$CONFIG_SITE;; - *) ac_site_file1=./$CONFIG_SITE;; - esac + ac_site_files="$CONFIG_SITE" elif test "x$prefix" != xNONE; then - ac_site_file1=$prefix/share/config.site - ac_site_file2=$prefix/etc/config.site + ac_site_files="$prefix/share/config.site $prefix/etc/config.site" else - ac_site_file1=$ac_default_prefix/share/config.site - ac_site_file2=$ac_default_prefix/etc/config.site + ac_site_files="$ac_default_prefix/share/config.site $ac_default_prefix/etc/config.site" fi -for ac_site_file in "$ac_site_file1" "$ac_site_file2" + +for ac_site_file in $ac_site_files do - test "x$ac_site_file" = xNONE && continue - if test /dev/null != "$ac_site_file" && test -r "$ac_site_file"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5 -$as_echo "$as_me: loading site script $ac_site_file" >&6;} + case $ac_site_file in #( + */*) : + ;; #( + *) : + ac_site_file=./$ac_site_file ;; +esac + if test -f "$ac_site_file" && test -r "$ac_site_file"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5 +printf "%s\n" "$as_me: loading site script $ac_site_file" >&6;} sed 's/^/| /' "$ac_site_file" >&5 . "$ac_site_file" \ - || { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} + || { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "failed to load site script $ac_site_file See \`config.log' for more details" "$LINENO" 5; } fi @@ -2486,19 +2395,650 @@ if test -r "$cache_file"; then # Some versions of bash will fail to source /dev/null (special files # actually), so we avoid doing that. DJGPP emulates it as a regular file. if test /dev/null != "$cache_file" && test -f "$cache_file"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: loading cache $cache_file" >&5 -$as_echo "$as_me: loading cache $cache_file" >&6;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: loading cache $cache_file" >&5 +printf "%s\n" "$as_me: loading cache $cache_file" >&6;} case $cache_file in [\\/]* | ?:[\\/]* ) . "$cache_file";; *) . "./$cache_file";; esac fi else - { $as_echo "$as_me:${as_lineno-$LINENO}: creating cache $cache_file" >&5 -$as_echo "$as_me: creating cache $cache_file" >&6;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: creating cache $cache_file" >&5 +printf "%s\n" "$as_me: creating cache $cache_file" >&6;} >$cache_file fi +# Test code for whether the C compiler supports C89 (global declarations) +ac_c_conftest_c89_globals=' +/* Does the compiler advertise C89 conformance? + Do not test the value of __STDC__, because some compilers set it to 0 + while being otherwise adequately conformant. */ +#if !defined __STDC__ +# error "Compiler does not advertise C89 conformance" +#endif + +#include +#include +struct stat; +/* Most of the following tests are stolen from RCS 5.7 src/conf.sh. */ +struct buf { int x; }; +struct buf * (*rcsopen) (struct buf *, struct stat *, int); +static char *e (p, i) + char **p; + int i; +{ + return p[i]; +} +static char *f (char * (*g) (char **, int), char **p, ...) +{ + char *s; + va_list v; + va_start (v,p); + s = g (p, va_arg (v,int)); + va_end (v); + return s; +} + +/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has + function prototypes and stuff, but not \xHH hex character constants. + These do not provoke an error unfortunately, instead are silently treated + as an "x". The following induces an error, until -std is added to get + proper ANSI mode. Curiously \x00 != x always comes out true, for an + array size at least. It is necessary to write \x00 == 0 to get something + that is true only with -std. */ +int osf4_cc_array ['\''\x00'\'' == 0 ? 1 : -1]; + +/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters + inside strings and character constants. */ +#define FOO(x) '\''x'\'' +int xlc6_cc_array[FOO(a) == '\''x'\'' ? 1 : -1]; + +int test (int i, double x); +struct s1 {int (*f) (int a);}; +struct s2 {int (*f) (double a);}; +int pairnames (int, char **, int *(*)(struct buf *, struct stat *, int), + int, int);' + +# Test code for whether the C compiler supports C89 (body of main). +ac_c_conftest_c89_main=' +ok |= (argc == 0 || f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]); +' + +# Test code for whether the C compiler supports C99 (global declarations) +ac_c_conftest_c99_globals=' +// Does the compiler advertise C99 conformance? +#if !defined __STDC_VERSION__ || __STDC_VERSION__ < 199901L +# error "Compiler does not advertise C99 conformance" +#endif + +#include +extern int puts (const char *); +extern int printf (const char *, ...); +extern int dprintf (int, const char *, ...); +extern void *malloc (size_t); + +// Check varargs macros. These examples are taken from C99 6.10.3.5. +// dprintf is used instead of fprintf to avoid needing to declare +// FILE and stderr. +#define debug(...) dprintf (2, __VA_ARGS__) +#define showlist(...) puts (#__VA_ARGS__) +#define report(test,...) ((test) ? puts (#test) : printf (__VA_ARGS__)) +static void +test_varargs_macros (void) +{ + int x = 1234; + int y = 5678; + debug ("Flag"); + debug ("X = %d\n", x); + showlist (The first, second, and third items.); + report (x>y, "x is %d but y is %d", x, y); +} + +// Check long long types. +#define BIG64 18446744073709551615ull +#define BIG32 4294967295ul +#define BIG_OK (BIG64 / BIG32 == 4294967297ull && BIG64 % BIG32 == 0) +#if !BIG_OK + #error "your preprocessor is broken" +#endif +#if BIG_OK +#else + #error "your preprocessor is broken" +#endif +static long long int bignum = -9223372036854775807LL; +static unsigned long long int ubignum = BIG64; + +struct incomplete_array +{ + int datasize; + double data[]; +}; + +struct named_init { + int number; + const wchar_t *name; + double average; +}; + +typedef const char *ccp; + +static inline int +test_restrict (ccp restrict text) +{ + // See if C++-style comments work. + // Iterate through items via the restricted pointer. + // Also check for declarations in for loops. + for (unsigned int i = 0; *(text+i) != '\''\0'\''; ++i) + continue; + return 0; +} + +// Check varargs and va_copy. +static bool +test_varargs (const char *format, ...) +{ + va_list args; + va_start (args, format); + va_list args_copy; + va_copy (args_copy, args); + + const char *str = ""; + int number = 0; + float fnumber = 0; + + while (*format) + { + switch (*format++) + { + case '\''s'\'': // string + str = va_arg (args_copy, const char *); + break; + case '\''d'\'': // int + number = va_arg (args_copy, int); + break; + case '\''f'\'': // float + fnumber = va_arg (args_copy, double); + break; + default: + break; + } + } + va_end (args_copy); + va_end (args); + + return *str && number && fnumber; +} +' + +# Test code for whether the C compiler supports C99 (body of main). +ac_c_conftest_c99_main=' + // Check bool. + _Bool success = false; + success |= (argc != 0); + + // Check restrict. + if (test_restrict ("String literal") == 0) + success = true; + char *restrict newvar = "Another string"; + + // Check varargs. + success &= test_varargs ("s, d'\'' f .", "string", 65, 34.234); + test_varargs_macros (); + + // Check flexible array members. + struct incomplete_array *ia = + malloc (sizeof (struct incomplete_array) + (sizeof (double) * 10)); + ia->datasize = 10; + for (int i = 0; i < ia->datasize; ++i) + ia->data[i] = i * 1.234; + + // Check named initializers. + struct named_init ni = { + .number = 34, + .name = L"Test wide string", + .average = 543.34343, + }; + + ni.number = 58; + + int dynamic_array[ni.number]; + dynamic_array[0] = argv[0][0]; + dynamic_array[ni.number - 1] = 543; + + // work around unused variable warnings + ok |= (!success || bignum == 0LL || ubignum == 0uLL || newvar[0] == '\''x'\'' + || dynamic_array[ni.number - 1] != 543); +' + +# Test code for whether the C compiler supports C11 (global declarations) +ac_c_conftest_c11_globals=' +// Does the compiler advertise C11 conformance? +#if !defined __STDC_VERSION__ || __STDC_VERSION__ < 201112L +# error "Compiler does not advertise C11 conformance" +#endif + +// Check _Alignas. +char _Alignas (double) aligned_as_double; +char _Alignas (0) no_special_alignment; +extern char aligned_as_int; +char _Alignas (0) _Alignas (int) aligned_as_int; + +// Check _Alignof. +enum +{ + int_alignment = _Alignof (int), + int_array_alignment = _Alignof (int[100]), + char_alignment = _Alignof (char) +}; +_Static_assert (0 < -_Alignof (int), "_Alignof is signed"); + +// Check _Noreturn. +int _Noreturn does_not_return (void) { for (;;) continue; } + +// Check _Static_assert. +struct test_static_assert +{ + int x; + _Static_assert (sizeof (int) <= sizeof (long int), + "_Static_assert does not work in struct"); + long int y; +}; + +// Check UTF-8 literals. +#define u8 syntax error! +char const utf8_literal[] = u8"happens to be ASCII" "another string"; + +// Check duplicate typedefs. +typedef long *long_ptr; +typedef long int *long_ptr; +typedef long_ptr long_ptr; + +// Anonymous structures and unions -- taken from C11 6.7.2.1 Example 1. +struct anonymous +{ + union { + struct { int i; int j; }; + struct { int k; long int l; } w; + }; + int m; +} v1; +' + +# Test code for whether the C compiler supports C11 (body of main). +ac_c_conftest_c11_main=' + _Static_assert ((offsetof (struct anonymous, i) + == offsetof (struct anonymous, w.k)), + "Anonymous union alignment botch"); + v1.i = 2; + v1.w.k = 5; + ok |= v1.i != 5; +' + +# Test code for whether the C compiler supports C11 (complete). +ac_c_conftest_c11_program="${ac_c_conftest_c89_globals} +${ac_c_conftest_c99_globals} +${ac_c_conftest_c11_globals} + +int +main (int argc, char **argv) +{ + int ok = 0; + ${ac_c_conftest_c89_main} + ${ac_c_conftest_c99_main} + ${ac_c_conftest_c11_main} + return ok; +} +" + +# Test code for whether the C compiler supports C99 (complete). +ac_c_conftest_c99_program="${ac_c_conftest_c89_globals} +${ac_c_conftest_c99_globals} + +int +main (int argc, char **argv) +{ + int ok = 0; + ${ac_c_conftest_c89_main} + ${ac_c_conftest_c99_main} + return ok; +} +" + +# Test code for whether the C compiler supports C89 (complete). +ac_c_conftest_c89_program="${ac_c_conftest_c89_globals} + +int +main (int argc, char **argv) +{ + int ok = 0; + ${ac_c_conftest_c89_main} + return ok; +} +" + +# Test code for whether the C++ compiler supports C++98 (global declarations) +ac_cxx_conftest_cxx98_globals=' +// Does the compiler advertise C++98 conformance? +#if !defined __cplusplus || __cplusplus < 199711L +# error "Compiler does not advertise C++98 conformance" +#endif + +// These inclusions are to reject old compilers that +// lack the unsuffixed header files. +#include +#include + +// and are *not* freestanding headers in C++98. +extern void assert (int); +namespace std { + extern int strcmp (const char *, const char *); +} + +// Namespaces, exceptions, and templates were all added after "C++ 2.0". +using std::exception; +using std::strcmp; + +namespace { + +void test_exception_syntax() +{ + try { + throw "test"; + } catch (const char *s) { + // Extra parentheses suppress a warning when building autoconf itself, + // due to lint rules shared with more typical C programs. + assert (!(strcmp) (s, "test")); + } +} + +template struct test_template +{ + T const val; + explicit test_template(T t) : val(t) {} + template T add(U u) { return static_cast(u) + val; } +}; + +} // anonymous namespace +' + +# Test code for whether the C++ compiler supports C++98 (body of main) +ac_cxx_conftest_cxx98_main=' + assert (argc); + assert (! argv[0]); +{ + test_exception_syntax (); + test_template tt (2.0); + assert (tt.add (4) == 6.0); + assert (true && !false); +} +' + +# Test code for whether the C++ compiler supports C++11 (global declarations) +ac_cxx_conftest_cxx11_globals=' +// Does the compiler advertise C++ 2011 conformance? +#if !defined __cplusplus || __cplusplus < 201103L +# error "Compiler does not advertise C++11 conformance" +#endif + +namespace cxx11test +{ + constexpr int get_val() { return 20; } + + struct testinit + { + int i; + double d; + }; + + class delegate + { + public: + delegate(int n) : n(n) {} + delegate(): delegate(2354) {} + + virtual int getval() { return this->n; }; + protected: + int n; + }; + + class overridden : public delegate + { + public: + overridden(int n): delegate(n) {} + virtual int getval() override final { return this->n * 2; } + }; + + class nocopy + { + public: + nocopy(int i): i(i) {} + nocopy() = default; + nocopy(const nocopy&) = delete; + nocopy & operator=(const nocopy&) = delete; + private: + int i; + }; + + // for testing lambda expressions + template Ret eval(Fn f, Ret v) + { + return f(v); + } + + // for testing variadic templates and trailing return types + template auto sum(V first) -> V + { + return first; + } + template auto sum(V first, Args... rest) -> V + { + return first + sum(rest...); + } +} +' + +# Test code for whether the C++ compiler supports C++11 (body of main) +ac_cxx_conftest_cxx11_main=' +{ + // Test auto and decltype + auto a1 = 6538; + auto a2 = 48573953.4; + auto a3 = "String literal"; + + int total = 0; + for (auto i = a3; *i; ++i) { total += *i; } + + decltype(a2) a4 = 34895.034; +} +{ + // Test constexpr + short sa[cxx11test::get_val()] = { 0 }; +} +{ + // Test initializer lists + cxx11test::testinit il = { 4323, 435234.23544 }; +} +{ + // Test range-based for + int array[] = {9, 7, 13, 15, 4, 18, 12, 10, 5, 3, + 14, 19, 17, 8, 6, 20, 16, 2, 11, 1}; + for (auto &x : array) { x += 23; } +} +{ + // Test lambda expressions + using cxx11test::eval; + assert (eval ([](int x) { return x*2; }, 21) == 42); + double d = 2.0; + assert (eval ([&](double x) { return d += x; }, 3.0) == 5.0); + assert (d == 5.0); + assert (eval ([=](double x) mutable { return d += x; }, 4.0) == 9.0); + assert (d == 5.0); +} +{ + // Test use of variadic templates + using cxx11test::sum; + auto a = sum(1); + auto b = sum(1, 2); + auto c = sum(1.0, 2.0, 3.0); +} +{ + // Test constructor delegation + cxx11test::delegate d1; + cxx11test::delegate d2(); + cxx11test::delegate d3(45); +} +{ + // Test override and final + cxx11test::overridden o1(55464); +} +{ + // Test nullptr + char *c = nullptr; +} +{ + // Test template brackets + test_template<::test_template> v(test_template(12)); +} +{ + // Unicode literals + char const *utf8 = u8"UTF-8 string \u2500"; + char16_t const *utf16 = u"UTF-8 string \u2500"; + char32_t const *utf32 = U"UTF-32 string \u2500"; +} +' + +# Test code for whether the C compiler supports C++11 (complete). +ac_cxx_conftest_cxx11_program="${ac_cxx_conftest_cxx98_globals} +${ac_cxx_conftest_cxx11_globals} + +int +main (int argc, char **argv) +{ + int ok = 0; + ${ac_cxx_conftest_cxx98_main} + ${ac_cxx_conftest_cxx11_main} + return ok; +} +" + +# Test code for whether the C compiler supports C++98 (complete). +ac_cxx_conftest_cxx98_program="${ac_cxx_conftest_cxx98_globals} +int +main (int argc, char **argv) +{ + int ok = 0; + ${ac_cxx_conftest_cxx98_main} + return ok; +} +" + +as_fn_append ac_header_c_list " stdio.h stdio_h HAVE_STDIO_H" +as_fn_append ac_header_c_list " stdlib.h stdlib_h HAVE_STDLIB_H" +as_fn_append ac_header_c_list " string.h string_h HAVE_STRING_H" +as_fn_append ac_header_c_list " inttypes.h inttypes_h HAVE_INTTYPES_H" +as_fn_append ac_header_c_list " stdint.h stdint_h HAVE_STDINT_H" +as_fn_append ac_header_c_list " strings.h strings_h HAVE_STRINGS_H" +as_fn_append ac_header_c_list " sys/stat.h sys_stat_h HAVE_SYS_STAT_H" +as_fn_append ac_header_c_list " sys/types.h sys_types_h HAVE_SYS_TYPES_H" +as_fn_append ac_header_c_list " unistd.h unistd_h HAVE_UNISTD_H" + +# Auxiliary files required by this configure script. +ac_aux_files="config.rpath ltmain.sh compile config.guess config.sub missing install-sh tap-driver.sh" + +# Locations in which to look for auxiliary files. +ac_aux_dir_candidates="${srcdir}${PATH_SEPARATOR}${srcdir}/..${PATH_SEPARATOR}${srcdir}/../.." + +# Search for a directory containing all of the required auxiliary files, +# $ac_aux_files, from the $PATH-style list $ac_aux_dir_candidates. +# If we don't find one directory that contains all the files we need, +# we report the set of missing files from the *first* directory in +# $ac_aux_dir_candidates and give up. +ac_missing_aux_files="" +ac_first_candidate=: +printf "%s\n" "$as_me:${as_lineno-$LINENO}: looking for aux files: $ac_aux_files" >&5 +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +as_found=false +for as_dir in $ac_aux_dir_candidates +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + as_found=: + + printf "%s\n" "$as_me:${as_lineno-$LINENO}: trying $as_dir" >&5 + ac_aux_dir_found=yes + ac_install_sh= + for ac_aux in $ac_aux_files + do + # As a special case, if "install-sh" is required, that requirement + # can be satisfied by any of "install-sh", "install.sh", or "shtool", + # and $ac_install_sh is set appropriately for whichever one is found. + if test x"$ac_aux" = x"install-sh" + then + if test -f "${as_dir}install-sh"; then + printf "%s\n" "$as_me:${as_lineno-$LINENO}: ${as_dir}install-sh found" >&5 + ac_install_sh="${as_dir}install-sh -c" + elif test -f "${as_dir}install.sh"; then + printf "%s\n" "$as_me:${as_lineno-$LINENO}: ${as_dir}install.sh found" >&5 + ac_install_sh="${as_dir}install.sh -c" + elif test -f "${as_dir}shtool"; then + printf "%s\n" "$as_me:${as_lineno-$LINENO}: ${as_dir}shtool found" >&5 + ac_install_sh="${as_dir}shtool install -c" + else + ac_aux_dir_found=no + if $ac_first_candidate; then + ac_missing_aux_files="${ac_missing_aux_files} install-sh" + else + break + fi + fi + else + if test -f "${as_dir}${ac_aux}"; then + printf "%s\n" "$as_me:${as_lineno-$LINENO}: ${as_dir}${ac_aux} found" >&5 + else + ac_aux_dir_found=no + if $ac_first_candidate; then + ac_missing_aux_files="${ac_missing_aux_files} ${ac_aux}" + else + break + fi + fi + fi + done + if test "$ac_aux_dir_found" = yes; then + ac_aux_dir="$as_dir" + break + fi + ac_first_candidate=false + + as_found=false +done +IFS=$as_save_IFS +if $as_found +then : + +else $as_nop + as_fn_error $? "cannot find required auxiliary files:$ac_missing_aux_files" "$LINENO" 5 +fi + + +# These three variables are undocumented and unsupported, +# and are intended to be withdrawn in a future Autoconf release. +# They can cause serious problems if a builder's source tree is in a directory +# whose full name contains unusual characters. +if test -f "${ac_aux_dir}config.guess"; then + ac_config_guess="$SHELL ${ac_aux_dir}config.guess" +fi +if test -f "${ac_aux_dir}config.sub"; then + ac_config_sub="$SHELL ${ac_aux_dir}config.sub" +fi +if test -f "$ac_aux_dir/configure"; then + ac_configure="$SHELL ${ac_aux_dir}configure" +fi + # Check that the precious variables saved in the cache have kept the same # value. ac_cache_corrupted=false @@ -2509,12 +3049,12 @@ for ac_var in $ac_precious_vars; do eval ac_new_val=\$ac_env_${ac_var}_value case $ac_old_set,$ac_new_set in set,) - { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 -$as_echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 +printf "%s\n" "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} ac_cache_corrupted=: ;; ,set) - { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was not set in the previous run" >&5 -$as_echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was not set in the previous run" >&5 +printf "%s\n" "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} ac_cache_corrupted=: ;; ,);; *) @@ -2523,24 +3063,24 @@ $as_echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} ac_old_val_w=`echo x $ac_old_val` ac_new_val_w=`echo x $ac_new_val` if test "$ac_old_val_w" != "$ac_new_val_w"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' has changed since the previous run:" >&5 -$as_echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' has changed since the previous run:" >&5 +printf "%s\n" "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} ac_cache_corrupted=: else - { $as_echo "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5 -$as_echo "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5 +printf "%s\n" "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;} eval $ac_var=\$ac_old_val fi - { $as_echo "$as_me:${as_lineno-$LINENO}: former value: \`$ac_old_val'" >&5 -$as_echo "$as_me: former value: \`$ac_old_val'" >&2;} - { $as_echo "$as_me:${as_lineno-$LINENO}: current value: \`$ac_new_val'" >&5 -$as_echo "$as_me: current value: \`$ac_new_val'" >&2;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: former value: \`$ac_old_val'" >&5 +printf "%s\n" "$as_me: former value: \`$ac_old_val'" >&2;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: current value: \`$ac_new_val'" >&5 +printf "%s\n" "$as_me: current value: \`$ac_new_val'" >&2;} fi;; esac # Pass precious variables to config.status. if test "$ac_new_set" = set; then case $ac_new_val in - *\'*) ac_arg=$ac_var=`$as_echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;; + *\'*) ac_arg=$ac_var=`printf "%s\n" "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;; *) ac_arg=$ac_var=$ac_new_val ;; esac case " $ac_configure_args " in @@ -2550,11 +3090,12 @@ $as_echo "$as_me: current value: \`$ac_new_val'" >&2;} fi done if $ac_cache_corrupted; then - { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} - { $as_echo "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5 -$as_echo "$as_me: error: changes in the environment can compromise the build" >&2;} - as_fn_error $? "run \`make distclean' and/or \`rm $cache_file' and start over" "$LINENO" 5 + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5 +printf "%s\n" "$as_me: error: changes in the environment can compromise the build" >&2;} + as_fn_error $? "run \`${MAKE-make} distclean' and/or \`rm $cache_file' + and start over" "$LINENO" 5 fi ## -------------------- ## ## Main body of script. ## @@ -2572,17 +3113,21 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu ac_config_headers="$ac_config_headers src/libssh2_config.h" -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to enable maintainer-specific portions of Makefiles" >&5 -$as_echo_n "checking whether to enable maintainer-specific portions of Makefiles... " >&6; } + + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether to enable maintainer-specific portions of Makefiles" >&5 +printf %s "checking whether to enable maintainer-specific portions of Makefiles... " >&6; } # Check whether --enable-maintainer-mode was given. -if test "${enable_maintainer_mode+set}" = set; then : +if test ${enable_maintainer_mode+y} +then : enableval=$enable_maintainer_mode; USE_MAINTAINER_MODE=$enableval -else +else $as_nop USE_MAINTAINER_MODE=no fi - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $USE_MAINTAINER_MODE" >&5 -$as_echo "$USE_MAINTAINER_MODE" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $USE_MAINTAINER_MODE" >&5 +printf "%s\n" "$USE_MAINTAINER_MODE" >&6; } if test $USE_MAINTAINER_MODE = yes; then MAINTAINER_MODE_TRUE= MAINTAINER_MODE_FALSE='#' @@ -2595,7 +3140,8 @@ fi # Check whether --enable-silent-rules was given. -if test "${enable_silent_rules+set}" = set; then : +if test ${enable_silent_rules+y} +then : enableval=$enable_silent_rules; fi @@ -2605,12 +3151,13 @@ case $enable_silent_rules in # ((( *) AM_DEFAULT_VERBOSITY=0;; esac am_make=${MAKE-make} -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $am_make supports nested variables" >&5 -$as_echo_n "checking whether $am_make supports nested variables... " >&6; } -if ${am_cv_make_support_nested_variables+:} false; then : - $as_echo_n "(cached) " >&6 -else - if $as_echo 'TRUE=$(BAR$(V)) +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether $am_make supports nested variables" >&5 +printf %s "checking whether $am_make supports nested variables... " >&6; } +if test ${am_cv_make_support_nested_variables+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if printf "%s\n" 'TRUE=$(BAR$(V)) BAR0=false BAR1=true V=1 @@ -2622,8 +3169,8 @@ else am_cv_make_support_nested_variables=no fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_make_support_nested_variables" >&5 -$as_echo "$am_cv_make_support_nested_variables" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $am_cv_make_support_nested_variables" >&5 +printf "%s\n" "$am_cv_make_support_nested_variables" >&6; } if test $am_cv_make_support_nested_variables = yes; then AM_V='$(V)' AM_DEFAULT_V='$(AM_DEFAULT_VERBOSITY)' @@ -2636,11 +3183,12 @@ AM_BACKSLASH='\' # Extract the first word of "sed", so it can be a program name with args. set dummy sed; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_SED+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_SED+y} +then : + printf %s "(cached) " >&6 +else $as_nop case $SED in [\\/]* | ?:[\\/]*) ac_cv_path_SED="$SED" # Let the user override the test with a path. @@ -2651,11 +3199,15 @@ as_dummy="$PATH:/usr/bin:/usr/local/bin" for as_dir in $as_dummy do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_SED="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_SED="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -2668,54 +3220,26 @@ esac fi SED=$ac_cv_path_SED if test -n "$SED"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $SED" >&5 -$as_echo "$SED" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $SED" >&5 +printf "%s\n" "$SED" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi if test "x$SED" = "xsed-was-not-found-by-configure"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: sed was not found, this may ruin your chances to build fine" >&5 -$as_echo "$as_me: WARNING: sed was not found, this may ruin your chances to build fine" >&2;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: sed was not found, this may ruin your chances to build fine" >&5 +printf "%s\n" "$as_me: WARNING: sed was not found, this may ruin your chances to build fine" >&2;} fi LIBSSH2VER=`$SED -ne 's/^#define LIBSSH2_VERSION *"\(.*\)"/\1/p' ${srcdir}/include/libssh2.h` am__api_version='1.16' -ac_aux_dir= -for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do - if test -f "$ac_dir/install-sh"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/install-sh -c" - break - elif test -f "$ac_dir/install.sh"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/install.sh -c" - break - elif test -f "$ac_dir/shtool"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/shtool install -c" - break - fi -done -if test -z "$ac_aux_dir"; then - as_fn_error $? "cannot find install-sh, install.sh, or shtool in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" "$LINENO" 5 -fi -# These three variables are undocumented and unsupported, -# and are intended to be withdrawn in a future Autoconf release. -# They can cause serious problems if a builder's source tree is in a directory -# whose full name contains unusual characters. -ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var. -ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var. -ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. - - -# Find a good install program. We prefer a C program (faster), + # Find a good install program. We prefer a C program (faster), # so one script is as good as another. But avoid the broken or # incompatible versions: # SysV /etc/install, /usr/sbin/install @@ -2729,20 +3253,25 @@ ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. # OS/2's system install, which has a completely different semantic # ./install, which can be erroneously created by make from ./install.sh. # Reject install programs that cannot install multiple files. -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a BSD-compatible install" >&5 -$as_echo_n "checking for a BSD-compatible install... " >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for a BSD-compatible install" >&5 +printf %s "checking for a BSD-compatible install... " >&6; } if test -z "$INSTALL"; then -if ${ac_cv_path_install+:} false; then : - $as_echo_n "(cached) " >&6 -else +if test ${ac_cv_path_install+y} +then : + printf %s "(cached) " >&6 +else $as_nop as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - # Account for people who put trailing slashes in PATH elements. -case $as_dir/ in #(( - ./ | .// | /[cC]/* | \ + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + # Account for fact that we put trailing slashes in our PATH walk. +case $as_dir in #(( + ./ | /[cC]/* | \ /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \ ?:[\\/]os2[\\/]install[\\/]* | ?:[\\/]OS2[\\/]INSTALL[\\/]* | \ /usr/ucb/* ) ;; @@ -2752,13 +3281,13 @@ case $as_dir/ in #(( # by default. for ac_prog in ginstall scoinst install; do for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_prog$ac_exec_ext"; then if test $ac_prog = install && - grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then + grep dspmsg "$as_dir$ac_prog$ac_exec_ext" >/dev/null 2>&1; then # AIX install. It has an incompatible calling convention. : elif test $ac_prog = install && - grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then + grep pwplus "$as_dir$ac_prog$ac_exec_ext" >/dev/null 2>&1; then # program-specific install script used by HP pwplus--don't use. : else @@ -2766,12 +3295,12 @@ case $as_dir/ in #(( echo one > conftest.one echo two > conftest.two mkdir conftest.dir - if "$as_dir/$ac_prog$ac_exec_ext" -c conftest.one conftest.two "`pwd`/conftest.dir" && + if "$as_dir$ac_prog$ac_exec_ext" -c conftest.one conftest.two "`pwd`/conftest.dir/" && test -s conftest.one && test -s conftest.two && test -s conftest.dir/conftest.one && test -s conftest.dir/conftest.two then - ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c" + ac_cv_path_install="$as_dir$ac_prog$ac_exec_ext -c" break 3 fi fi @@ -2787,7 +3316,7 @@ IFS=$as_save_IFS rm -rf conftest.one conftest.two conftest.dir fi - if test "${ac_cv_path_install+set}" = set; then + if test ${ac_cv_path_install+y}; then INSTALL=$ac_cv_path_install else # As a last resort, use the slow shell script. Don't cache a @@ -2797,8 +3326,8 @@ fi INSTALL=$ac_install_sh fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $INSTALL" >&5 -$as_echo "$INSTALL" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $INSTALL" >&5 +printf "%s\n" "$INSTALL" >&6; } # Use test -z because SunOS4 sh mishandles braces in ${var-val}. # It thinks the first close brace ends the variable substitution. @@ -2808,8 +3337,8 @@ test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}' test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether build environment is sane" >&5 -$as_echo_n "checking whether build environment is sane... " >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether build environment is sane" >&5 +printf %s "checking whether build environment is sane... " >&6; } # Reject unsafe characters in $srcdir or the absolute working directory # name. Accept space and tab only in the latter. am_lf=' @@ -2863,8 +3392,8 @@ else as_fn_error $? "newly created file is older than distributed files! Check your system clock" "$LINENO" 5 fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } # If we didn't sleep, we still need to ensure time stamps of config.status and # generated files are strictly newer. am_sleep_pid= @@ -2883,12 +3412,14 @@ test "$program_suffix" != NONE && # Double any \ or $. # By default was `s,x,x', remove it if useless. ac_script='s/[\\$]/&&/g;s/;s,x,x,$//' -program_transform_name=`$as_echo "$program_transform_name" | sed "$ac_script"` +program_transform_name=`printf "%s\n" "$program_transform_name" | sed "$ac_script"` + # Expand $ac_aux_dir to an absolute path. am_aux_dir=`cd "$ac_aux_dir" && pwd` -if test x"${MISSING+set}" != xset; then + + if test x"${MISSING+set}" != xset; then MISSING="\${SHELL} '$am_aux_dir/missing'" fi # Use eval to expand $SHELL @@ -2896,8 +3427,8 @@ if eval "$MISSING --is-lightweight"; then am_missing_run="$MISSING " else am_missing_run= - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: 'missing' script is too old or missing" >&5 -$as_echo "$as_me: WARNING: 'missing' script is too old or missing" >&2;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: 'missing' script is too old or missing" >&5 +printf "%s\n" "$as_me: WARNING: 'missing' script is too old or missing" >&2;} fi if test x"${install_sh+set}" != xset; then @@ -2917,11 +3448,12 @@ if test "$cross_compiling" != no; then if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args. set dummy ${ac_tool_prefix}strip; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_STRIP+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_STRIP+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$STRIP"; then ac_cv_prog_STRIP="$STRIP" # Let the user override the test. else @@ -2929,11 +3461,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_STRIP="${ac_tool_prefix}strip" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -2944,11 +3480,11 @@ fi fi STRIP=$ac_cv_prog_STRIP if test -n "$STRIP"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $STRIP" >&5 -$as_echo "$STRIP" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $STRIP" >&5 +printf "%s\n" "$STRIP" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi @@ -2957,11 +3493,12 @@ if test -z "$ac_cv_prog_STRIP"; then ac_ct_STRIP=$STRIP # Extract the first word of "strip", so it can be a program name with args. set dummy strip; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_STRIP+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_STRIP+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$ac_ct_STRIP"; then ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test. else @@ -2969,11 +3506,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_STRIP="strip" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -2984,11 +3525,11 @@ fi fi ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP if test -n "$ac_ct_STRIP"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_STRIP" >&5 -$as_echo "$ac_ct_STRIP" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_STRIP" >&5 +printf "%s\n" "$ac_ct_STRIP" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi if test "x$ac_ct_STRIP" = x; then @@ -2996,8 +3537,8 @@ fi else case $cross_compiling:$ac_tool_warned in yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac STRIP=$ac_ct_STRIP @@ -3009,25 +3550,31 @@ fi fi INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s" -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a thread-safe mkdir -p" >&5 -$as_echo_n "checking for a thread-safe mkdir -p... " >&6; } + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for a race-free mkdir -p" >&5 +printf %s "checking for a race-free mkdir -p... " >&6; } if test -z "$MKDIR_P"; then - if ${ac_cv_path_mkdir+:} false; then : - $as_echo_n "(cached) " >&6 -else + if test ${ac_cv_path_mkdir+y} +then : + printf %s "(cached) " >&6 +else $as_nop as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH$PATH_SEPARATOR/opt/sfw/bin do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_prog in mkdir gmkdir; do for ac_exec_ext in '' $ac_executable_extensions; do - as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext" || continue - case `"$as_dir/$ac_prog$ac_exec_ext" --version 2>&1` in #( - 'mkdir (GNU coreutils) '* | \ - 'mkdir (coreutils) '* | \ + as_fn_executable_p "$as_dir$ac_prog$ac_exec_ext" || continue + case `"$as_dir$ac_prog$ac_exec_ext" --version 2>&1` in #( + 'mkdir ('*'coreutils) '* | \ + 'BusyBox '* | \ 'mkdir (fileutils) '4.1*) - ac_cv_path_mkdir=$as_dir/$ac_prog$ac_exec_ext + ac_cv_path_mkdir=$as_dir$ac_prog$ac_exec_ext break 3;; esac done @@ -3038,7 +3585,7 @@ IFS=$as_save_IFS fi test -d ./--version && rmdir ./--version - if test "${ac_cv_path_mkdir+set}" = set; then + if test ${ac_cv_path_mkdir+y}; then MKDIR_P="$ac_cv_path_mkdir -p" else # As a last resort, use the slow shell script. Don't cache a @@ -3048,18 +3595,19 @@ fi MKDIR_P="$ac_install_sh -d" fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $MKDIR_P" >&5 -$as_echo "$MKDIR_P" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $MKDIR_P" >&5 +printf "%s\n" "$MKDIR_P" >&6; } for ac_prog in gawk mawk nawk awk do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_AWK+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_AWK+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$AWK"; then ac_cv_prog_AWK="$AWK" # Let the user override the test. else @@ -3067,11 +3615,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_AWK="$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -3082,24 +3634,25 @@ fi fi AWK=$ac_cv_prog_AWK if test -n "$AWK"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $AWK" >&5 -$as_echo "$AWK" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $AWK" >&5 +printf "%s\n" "$AWK" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi test -n "$AWK" && break done -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} sets \$(MAKE)" >&5 -$as_echo_n "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} sets \$(MAKE)" >&5 +printf %s "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; } set x ${MAKE-make} -ac_make=`$as_echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'` -if eval \${ac_cv_prog_make_${ac_make}_set+:} false; then : - $as_echo_n "(cached) " >&6 -else +ac_make=`printf "%s\n" "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'` +if eval test \${ac_cv_prog_make_${ac_make}_set+y} +then : + printf %s "(cached) " >&6 +else $as_nop cat >conftest.make <<\_ACEOF SHELL = /bin/sh all: @@ -3115,12 +3668,12 @@ esac rm -f conftest.make fi if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } SET_MAKE= else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } SET_MAKE="MAKE=${MAKE-make}" fi @@ -3158,14 +3711,10 @@ fi VERSION='-' -cat >>confdefs.h <<_ACEOF -#define PACKAGE "$PACKAGE" -_ACEOF +printf "%s\n" "#define PACKAGE \"$PACKAGE\"" >>confdefs.h -cat >>confdefs.h <<_ACEOF -#define VERSION "$VERSION" -_ACEOF +printf "%s\n" "#define VERSION \"$VERSION\"" >>confdefs.h # Some tools Automake needs. @@ -3262,35 +3811,38 @@ END fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking libssh2 version" >&5 -$as_echo_n "checking libssh2 version... " >&6; } -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $LIBSSH2VER" >&5 -$as_echo "$LIBSSH2VER" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking libssh2 version" >&5 +printf %s "checking libssh2 version... " >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $LIBSSH2VER" >&5 +printf "%s\n" "$LIBSSH2VER" >&6; } AB_VERSION=$LIBSSH2VER -# Make sure we can run config.sub. -$SHELL "$ac_aux_dir/config.sub" sun4 >/dev/null 2>&1 || - as_fn_error $? "cannot run $SHELL $ac_aux_dir/config.sub" "$LINENO" 5 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking build system type" >&5 -$as_echo_n "checking build system type... " >&6; } -if ${ac_cv_build+:} false; then : - $as_echo_n "(cached) " >&6 -else + + # Make sure we can run config.sub. +$SHELL "${ac_aux_dir}config.sub" sun4 >/dev/null 2>&1 || + as_fn_error $? "cannot run $SHELL ${ac_aux_dir}config.sub" "$LINENO" 5 + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking build system type" >&5 +printf %s "checking build system type... " >&6; } +if test ${ac_cv_build+y} +then : + printf %s "(cached) " >&6 +else $as_nop ac_build_alias=$build_alias test "x$ac_build_alias" = x && - ac_build_alias=`$SHELL "$ac_aux_dir/config.guess"` + ac_build_alias=`$SHELL "${ac_aux_dir}config.guess"` test "x$ac_build_alias" = x && as_fn_error $? "cannot guess build type; you must specify one" "$LINENO" 5 -ac_cv_build=`$SHELL "$ac_aux_dir/config.sub" $ac_build_alias` || - as_fn_error $? "$SHELL $ac_aux_dir/config.sub $ac_build_alias failed" "$LINENO" 5 +ac_cv_build=`$SHELL "${ac_aux_dir}config.sub" $ac_build_alias` || + as_fn_error $? "$SHELL ${ac_aux_dir}config.sub $ac_build_alias failed" "$LINENO" 5 fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_build" >&5 -$as_echo "$ac_cv_build" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_build" >&5 +printf "%s\n" "$ac_cv_build" >&6; } case $ac_cv_build in *-*-*) ;; *) as_fn_error $? "invalid value of canonical build" "$LINENO" 5;; @@ -3309,21 +3861,22 @@ IFS=$ac_save_IFS case $build_os in *\ *) build_os=`echo "$build_os" | sed 's/ /-/g'`;; esac -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking host system type" >&5 -$as_echo_n "checking host system type... " >&6; } -if ${ac_cv_host+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking host system type" >&5 +printf %s "checking host system type... " >&6; } +if test ${ac_cv_host+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test "x$host_alias" = x; then ac_cv_host=$ac_cv_build else - ac_cv_host=`$SHELL "$ac_aux_dir/config.sub" $host_alias` || - as_fn_error $? "$SHELL $ac_aux_dir/config.sub $host_alias failed" "$LINENO" 5 + ac_cv_host=`$SHELL "${ac_aux_dir}config.sub" $host_alias` || + as_fn_error $? "$SHELL ${ac_aux_dir}config.sub $host_alias failed" "$LINENO" 5 fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_host" >&5 -$as_echo "$ac_cv_host" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_host" >&5 +printf "%s\n" "$ac_cv_host" >&6; } case $ac_cv_host in *-*-*) ;; *) as_fn_error $? "invalid value of canonical host" "$LINENO" 5;; @@ -3346,34 +3899,34 @@ case $host_os in *\ *) host_os=`echo "$host_os" | sed 's/ /-/g'`;; esac - if test -z "$AB_PACKAGE"; then - AB_PACKAGE=${PACKAGE_NAME:-$PACKAGE} - fi - { $as_echo "$as_me:${as_lineno-$LINENO}: autobuild project... $AB_PACKAGE" >&5 -$as_echo "$as_me: autobuild project... $AB_PACKAGE" >&6;} + if test -z "$AB_PACKAGE"; then + AB_PACKAGE=${PACKAGE_NAME:-$PACKAGE} + fi + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: autobuild project... $AB_PACKAGE" >&5 +printf "%s\n" "$as_me: autobuild project... $AB_PACKAGE" >&6;} - if test -z "$AB_VERSION"; then - AB_VERSION=${PACKAGE_VERSION:-$VERSION} - fi - { $as_echo "$as_me:${as_lineno-$LINENO}: autobuild revision... $AB_VERSION" >&5 -$as_echo "$as_me: autobuild revision... $AB_VERSION" >&6;} + if test -z "$AB_VERSION"; then + AB_VERSION=${PACKAGE_VERSION:-$VERSION} + fi + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: autobuild revision... $AB_VERSION" >&5 +printf "%s\n" "$as_me: autobuild revision... $AB_VERSION" >&6;} - hostname=`hostname` - if test "$hostname"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: autobuild hostname... $hostname" >&5 -$as_echo "$as_me: autobuild hostname... $hostname" >&6;} - fi + hostname=`hostname` + if test "$hostname"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: autobuild hostname... $hostname" >&5 +printf "%s\n" "$as_me: autobuild hostname... $hostname" >&6;} + fi - date=`date +%Y%m%d-%H%M%S` - if test "$?" != 0; then - date=`date` - fi - if test "$date"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: autobuild timestamp... $date" >&5 -$as_echo "$as_me: autobuild timestamp... $date" >&6;} - fi + date=`date +%Y%m%d-%H%M%S` + if test "$?" != 0; then + date=`date` + fi + if test "$date"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: autobuild timestamp... $date" >&5 +printf "%s\n" "$as_me: autobuild timestamp... $date" >&6;} + fi # Check for the OS. @@ -3382,11 +3935,9 @@ $as_echo "$as_me: autobuild timestamp... $date" >&6;} case "$host" in *-mingw*) - CFLAGS="$CFLAGS -DLIBSSH2_WIN32" LIBS="$LIBS -lws2_32" ;; *darwin*) - CFLAGS="$CFLAGS -DLIBSSH2_DARWIN" ;; *hpux*) ;; @@ -3397,12 +3948,21 @@ case "$host" in ;; esac + + + + + + + + + DEPDIR="${am__leading_dot}deps" ac_config_commands="$ac_config_commands depfiles" -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} supports the include directive" >&5 -$as_echo_n "checking whether ${MAKE-make} supports the include directive... " >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} supports the include directive" >&5 +printf %s "checking whether ${MAKE-make} supports the include directive... " >&6; } cat > confinc.mk << 'END' am__doit: @echo this is the am__doit target >confinc.out @@ -3438,11 +3998,12 @@ esac fi done rm -f confinc.* confmf.* -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: ${_am_result}" >&5 -$as_echo "${_am_result}" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: ${_am_result}" >&5 +printf "%s\n" "${_am_result}" >&6; } # Check whether --enable-dependency-tracking was given. -if test "${enable_dependency_tracking+set}" = set; then : +if test ${enable_dependency_tracking+y} +then : enableval=$enable_dependency_tracking; fi @@ -3468,11 +4029,12 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. set dummy ${ac_tool_prefix}gcc; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_CC+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else @@ -3480,11 +4042,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}gcc" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -3495,11 +4061,11 @@ fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 -$as_echo "$CC" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +printf "%s\n" "$CC" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi @@ -3508,11 +4074,12 @@ if test -z "$ac_cv_prog_CC"; then ac_ct_CC=$CC # Extract the first word of "gcc", so it can be a program name with args. set dummy gcc; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_CC+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else @@ -3520,11 +4087,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="gcc" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -3535,11 +4106,11 @@ fi fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 -$as_echo "$ac_ct_CC" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 +printf "%s\n" "$ac_ct_CC" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi if test "x$ac_ct_CC" = x; then @@ -3547,8 +4118,8 @@ fi else case $cross_compiling:$ac_tool_warned in yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac CC=$ac_ct_CC @@ -3561,11 +4132,12 @@ if test -z "$CC"; then if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. set dummy ${ac_tool_prefix}cc; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_CC+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else @@ -3573,11 +4145,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}cc" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -3588,11 +4164,11 @@ fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 -$as_echo "$CC" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +printf "%s\n" "$CC" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi @@ -3601,11 +4177,12 @@ fi if test -z "$CC"; then # Extract the first word of "cc", so it can be a program name with args. set dummy cc; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_CC+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else @@ -3614,15 +4191,19 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + if test "$as_dir$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then ac_prog_rejected=yes continue fi ac_cv_prog_CC="cc" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -3638,18 +4219,18 @@ if test $ac_prog_rejected = yes; then # However, it has the same basename, so the bogon will be chosen # first if we set CC to just the basename; use the full file name. shift - ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@" + ac_cv_prog_CC="$as_dir$ac_word${1+' '}$@" fi fi fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 -$as_echo "$CC" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +printf "%s\n" "$CC" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi @@ -3660,11 +4241,12 @@ if test -z "$CC"; then do # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. set dummy $ac_tool_prefix$ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_CC+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else @@ -3672,11 +4254,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_CC="$ac_tool_prefix$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -3687,11 +4273,11 @@ fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 -$as_echo "$CC" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +printf "%s\n" "$CC" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi @@ -3704,11 +4290,12 @@ if test -z "$CC"; then do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_CC+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else @@ -3716,11 +4303,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -3731,11 +4322,11 @@ fi fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 -$as_echo "$ac_ct_CC" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 +printf "%s\n" "$ac_ct_CC" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi @@ -3747,8 +4338,8 @@ done else case $cross_compiling:$ac_tool_warned in yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac CC=$ac_ct_CC @@ -3756,25 +4347,129 @@ esac fi fi +if test -z "$CC"; then + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}clang", so it can be a program name with args. +set dummy ${ac_tool_prefix}clang; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_CC+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_CC="${ac_tool_prefix}clang" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +printf "%s\n" "$CC" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi -test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +fi +if test -z "$ac_cv_prog_CC"; then + ac_ct_CC=$CC + # Extract the first word of "clang", so it can be a program name with args. +set dummy clang; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_CC+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if test -n "$ac_ct_CC"; then + ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_CC="clang" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_CC=$ac_cv_prog_ac_ct_CC +if test -n "$ac_ct_CC"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 +printf "%s\n" "$ac_ct_CC" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + if test "x$ac_ct_CC" = x; then + CC="" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + CC=$ac_ct_CC + fi +else + CC="$ac_cv_prog_CC" +fi + +fi + + +test -z "$CC" && { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "no acceptable C compiler found in \$PATH See \`config.log' for more details" "$LINENO" 5; } # Provide some information about the compiler. -$as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 +printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 set X $ac_compile ac_compiler=$2 -for ac_option in --version -v -V -qversion; do +for ac_option in --version -v -V -qversion -version; do { { ac_try="$ac_compiler $ac_option >&5" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 +printf "%s\n" "$ac_try_echo"; } >&5 (eval "$ac_compiler $ac_option >&5") 2>conftest.err ac_status=$? if test -s conftest.err; then @@ -3784,7 +4479,7 @@ $as_echo "$ac_try_echo"; } >&5 cat conftest.er1 >&5 fi rm -f conftest.er1 conftest.err - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } done @@ -3792,7 +4487,7 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int -main () +main (void) { ; @@ -3804,9 +4499,9 @@ ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out" # Try to create an executable without -o first, disregard a.out. # It will help us diagnose broken compilers, and finding out an intuition # of exeext. -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler works" >&5 -$as_echo_n "checking whether the C compiler works... " >&6; } -ac_link_default=`$as_echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'` +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether the C compiler works" >&5 +printf %s "checking whether the C compiler works... " >&6; } +ac_link_default=`printf "%s\n" "$ac_link" | sed 's/ -o *conftest[^ ]*//'` # The possible output files: ac_files="a.out conftest.exe conftest a.exe a_out.exe b.out conftest.*" @@ -3827,11 +4522,12 @@ case "(($ac_try" in *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 +printf "%s\n" "$ac_try_echo"; } >&5 (eval "$ac_link_default") 2>&5 ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; }; then : + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } +then : # Autoconf-2.13 could set the ac_cv_exeext variable to `no'. # So ignore a value of `no', otherwise this would lead to `EXEEXT = no' # in a Makefile. We should not override ac_cv_exeext if it was cached, @@ -3848,7 +4544,7 @@ do # certainly right. break;; *.* ) - if test "${ac_cv_exeext+set}" = set && test "$ac_cv_exeext" != no; + if test ${ac_cv_exeext+y} && test "$ac_cv_exeext" != no; then :; else ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` fi @@ -3864,44 +4560,46 @@ do done test "$ac_cv_exeext" = no && ac_cv_exeext= -else +else $as_nop ac_file='' fi -if test -z "$ac_file"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -$as_echo "$as_me: failed program was:" >&5 +if test -z "$ac_file" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +printf "%s\n" "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 -{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +{ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error 77 "C compiler cannot create executables See \`config.log' for more details" "$LINENO" 5; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler default output file name" >&5 -$as_echo_n "checking for C compiler default output file name... " >&6; } -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_file" >&5 -$as_echo "$ac_file" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for C compiler default output file name" >&5 +printf %s "checking for C compiler default output file name... " >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_file" >&5 +printf "%s\n" "$ac_file" >&6; } ac_exeext=$ac_cv_exeext rm -f -r a.out a.out.dSYM a.exe conftest$ac_cv_exeext b.out ac_clean_files=$ac_clean_files_save -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of executables" >&5 -$as_echo_n "checking for suffix of executables... " >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for suffix of executables" >&5 +printf %s "checking for suffix of executables... " >&6; } if { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 +printf "%s\n" "$ac_try_echo"; } >&5 (eval "$ac_link") 2>&5 ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; }; then : + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } +then : # If both `conftest.exe' and `conftest' are `present' (well, observable) # catch `conftest.exe'. For instance with Cygwin, `ls conftest' will # work properly (i.e., refer to `conftest.exe'), while it won't with @@ -3915,15 +4613,15 @@ for ac_file in conftest.exe conftest conftest.*; do * ) break;; esac done -else - { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +else $as_nop + { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot compute suffix of executables: cannot compile and link See \`config.log' for more details" "$LINENO" 5; } fi rm -f conftest conftest$ac_cv_exeext -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5 -$as_echo "$ac_cv_exeext" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5 +printf "%s\n" "$ac_cv_exeext" >&6; } rm -f conftest.$ac_ext EXEEXT=$ac_cv_exeext @@ -3932,7 +4630,7 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int -main () +main (void) { FILE *f = fopen ("conftest.out", "w"); return ferror (f) || fclose (f) != 0; @@ -3944,8 +4642,8 @@ _ACEOF ac_clean_files="$ac_clean_files conftest.out" # Check that the compiler produces executables we can run. If not, either # the compiler is broken, or we cross compile. -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are cross compiling" >&5 -$as_echo_n "checking whether we are cross compiling... " >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether we are cross compiling" >&5 +printf %s "checking whether we are cross compiling... " >&6; } if test "$cross_compiling" != yes; then { { ac_try="$ac_link" case "(($ac_try" in @@ -3953,10 +4651,10 @@ case "(($ac_try" in *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 +printf "%s\n" "$ac_try_echo"; } >&5 (eval "$ac_link") 2>&5 ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } if { ac_try='./conftest$ac_cv_exeext' { { case "(($ac_try" in @@ -3964,39 +4662,40 @@ $as_echo "$ac_try_echo"; } >&5 *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 +printf "%s\n" "$ac_try_echo"; } >&5 (eval "$ac_try") 2>&5 ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; }; then cross_compiling=no else if test "$cross_compiling" = maybe; then cross_compiling=yes else - { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error $? "cannot run C compiled programs. + { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error 77 "cannot run C compiled programs. If you meant to cross compile, use \`--host'. See \`config.log' for more details" "$LINENO" 5; } fi fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $cross_compiling" >&5 -$as_echo "$cross_compiling" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $cross_compiling" >&5 +printf "%s\n" "$cross_compiling" >&6; } rm -f conftest.$ac_ext conftest$ac_cv_exeext conftest.out ac_clean_files=$ac_clean_files_save -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5 -$as_echo_n "checking for suffix of object files... " >&6; } -if ${ac_cv_objext+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5 +printf %s "checking for suffix of object files... " >&6; } +if test ${ac_cv_objext+y} +then : + printf %s "(cached) " >&6 +else $as_nop cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int -main () +main (void) { ; @@ -4010,11 +4709,12 @@ case "(($ac_try" in *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 +printf "%s\n" "$ac_try_echo"; } >&5 (eval "$ac_compile") 2>&5 ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; }; then : + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } +then : for ac_file in conftest.o conftest.obj conftest.*; do test -f "$ac_file" || continue; case $ac_file in @@ -4023,31 +4723,32 @@ $as_echo "$ac_try_echo"; } >&5 break;; esac done -else - $as_echo "$as_me: failed program was:" >&5 +else $as_nop + printf "%s\n" "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 -{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +{ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot compute suffix of object files: cannot compile See \`config.log' for more details" "$LINENO" 5; } fi rm -f conftest.$ac_cv_objext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_objext" >&5 -$as_echo "$ac_cv_objext" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_objext" >&5 +printf "%s\n" "$ac_cv_objext" >&6; } OBJEXT=$ac_cv_objext ac_objext=$OBJEXT -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5 -$as_echo_n "checking whether we are using the GNU C compiler... " >&6; } -if ${ac_cv_c_compiler_gnu+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether the compiler supports GNU C" >&5 +printf %s "checking whether the compiler supports GNU C... " >&6; } +if test ${ac_cv_c_compiler_gnu+y} +then : + printf %s "(cached) " >&6 +else $as_nop cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int -main () +main (void) { #ifndef __GNUC__ choke me @@ -4057,29 +4758,33 @@ main () return 0; } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : +if ac_fn_c_try_compile "$LINENO" +then : ac_compiler_gnu=yes -else +else $as_nop ac_compiler_gnu=no fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext ac_cv_c_compiler_gnu=$ac_compiler_gnu fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5 -$as_echo "$ac_cv_c_compiler_gnu" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5 +printf "%s\n" "$ac_cv_c_compiler_gnu" >&6; } +ac_compiler_gnu=$ac_cv_c_compiler_gnu + if test $ac_compiler_gnu = yes; then GCC=yes else GCC= fi -ac_test_CFLAGS=${CFLAGS+set} +ac_test_CFLAGS=${CFLAGS+y} ac_save_CFLAGS=$CFLAGS -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5 -$as_echo_n "checking whether $CC accepts -g... " >&6; } -if ${ac_cv_prog_cc_g+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5 +printf %s "checking whether $CC accepts -g... " >&6; } +if test ${ac_cv_prog_cc_g+y} +then : + printf %s "(cached) " >&6 +else $as_nop ac_save_c_werror_flag=$ac_c_werror_flag ac_c_werror_flag=yes ac_cv_prog_cc_g=no @@ -4088,57 +4793,60 @@ else /* end confdefs.h. */ int -main () +main (void) { ; return 0; } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : +if ac_fn_c_try_compile "$LINENO" +then : ac_cv_prog_cc_g=yes -else +else $as_nop CFLAGS="" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int -main () +main (void) { ; return 0; } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : +if ac_fn_c_try_compile "$LINENO" +then : -else +else $as_nop ac_c_werror_flag=$ac_save_c_werror_flag CFLAGS="-g" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int -main () +main (void) { ; return 0; } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : +if ac_fn_c_try_compile "$LINENO" +then : ac_cv_prog_cc_g=yes fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext ac_c_werror_flag=$ac_save_c_werror_flag fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5 -$as_echo "$ac_cv_prog_cc_g" >&6; } -if test "$ac_test_CFLAGS" = set; then +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5 +printf "%s\n" "$ac_cv_prog_cc_g" >&6; } +if test $ac_test_CFLAGS; then CFLAGS=$ac_save_CFLAGS elif test $ac_cv_prog_cc_g = yes; then if test "$GCC" = yes; then @@ -4153,94 +4861,144 @@ else CFLAGS= fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5 -$as_echo_n "checking for $CC option to accept ISO C89... " >&6; } -if ${ac_cv_prog_cc_c89+:} false; then : - $as_echo_n "(cached) " >&6 -else +ac_prog_cc_stdc=no +if test x$ac_prog_cc_stdc = xno +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $CC option to enable C11 features" >&5 +printf %s "checking for $CC option to enable C11 features... " >&6; } +if test ${ac_cv_prog_cc_c11+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_cv_prog_cc_c11=no +ac_save_CC=$CC +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$ac_c_conftest_c11_program +_ACEOF +for ac_arg in '' -std=gnu11 +do + CC="$ac_save_CC $ac_arg" + if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_prog_cc_c11=$ac_arg +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam + test "x$ac_cv_prog_cc_c11" != "xno" && break +done +rm -f conftest.$ac_ext +CC=$ac_save_CC +fi + +if test "x$ac_cv_prog_cc_c11" = xno +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 +printf "%s\n" "unsupported" >&6; } +else $as_nop + if test "x$ac_cv_prog_cc_c11" = x +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 +printf "%s\n" "none needed" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c11" >&5 +printf "%s\n" "$ac_cv_prog_cc_c11" >&6; } + CC="$CC $ac_cv_prog_cc_c11" +fi + ac_cv_prog_cc_stdc=$ac_cv_prog_cc_c11 + ac_prog_cc_stdc=c11 +fi +fi +if test x$ac_prog_cc_stdc = xno +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $CC option to enable C99 features" >&5 +printf %s "checking for $CC option to enable C99 features... " >&6; } +if test ${ac_cv_prog_cc_c99+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_cv_prog_cc_c99=no +ac_save_CC=$CC +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$ac_c_conftest_c99_program +_ACEOF +for ac_arg in '' -std=gnu99 -std=c99 -c99 -qlanglvl=extc1x -qlanglvl=extc99 -AC99 -D_STDC_C99= +do + CC="$ac_save_CC $ac_arg" + if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_prog_cc_c99=$ac_arg +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam + test "x$ac_cv_prog_cc_c99" != "xno" && break +done +rm -f conftest.$ac_ext +CC=$ac_save_CC +fi + +if test "x$ac_cv_prog_cc_c99" = xno +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 +printf "%s\n" "unsupported" >&6; } +else $as_nop + if test "x$ac_cv_prog_cc_c99" = x +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 +printf "%s\n" "none needed" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c99" >&5 +printf "%s\n" "$ac_cv_prog_cc_c99" >&6; } + CC="$CC $ac_cv_prog_cc_c99" +fi + ac_cv_prog_cc_stdc=$ac_cv_prog_cc_c99 + ac_prog_cc_stdc=c99 +fi +fi +if test x$ac_prog_cc_stdc = xno +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $CC option to enable C89 features" >&5 +printf %s "checking for $CC option to enable C89 features... " >&6; } +if test ${ac_cv_prog_cc_c89+y} +then : + printf %s "(cached) " >&6 +else $as_nop ac_cv_prog_cc_c89=no ac_save_CC=$CC cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include -#include -struct stat; -/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ -struct buf { int x; }; -FILE * (*rcsopen) (struct buf *, struct stat *, int); -static char *e (p, i) - char **p; - int i; -{ - return p[i]; -} -static char *f (char * (*g) (char **, int), char **p, ...) -{ - char *s; - va_list v; - va_start (v,p); - s = g (p, va_arg (v,int)); - va_end (v); - return s; -} - -/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has - function prototypes and stuff, but not '\xHH' hex character constants. - These don't provoke an error unfortunately, instead are silently treated - as 'x'. The following induces an error, until -std is added to get - proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an - array size at least. It's necessary to write '\x00'==0 to get something - that's true only with -std. */ -int osf4_cc_array ['\x00' == 0 ? 1 : -1]; - -/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters - inside strings and character constants. */ -#define FOO(x) 'x' -int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1]; - -int test (int i, double x); -struct s1 {int (*f) (int a);}; -struct s2 {int (*f) (double a);}; -int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); -int argc; -char **argv; -int -main () -{ -return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; - ; - return 0; -} +$ac_c_conftest_c89_program _ACEOF -for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \ - -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" +for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" do CC="$ac_save_CC $ac_arg" - if ac_fn_c_try_compile "$LINENO"; then : + if ac_fn_c_try_compile "$LINENO" +then : ac_cv_prog_cc_c89=$ac_arg fi -rm -f core conftest.err conftest.$ac_objext +rm -f core conftest.err conftest.$ac_objext conftest.beam test "x$ac_cv_prog_cc_c89" != "xno" && break done rm -f conftest.$ac_ext CC=$ac_save_CC - fi -# AC_CACHE_VAL -case "x$ac_cv_prog_cc_c89" in - x) - { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 -$as_echo "none needed" >&6; } ;; - xno) - { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 -$as_echo "unsupported" >&6; } ;; - *) - CC="$CC $ac_cv_prog_cc_c89" - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5 -$as_echo "$ac_cv_prog_cc_c89" >&6; } ;; -esac -if test "x$ac_cv_prog_cc_c89" != xno; then : +if test "x$ac_cv_prog_cc_c89" = xno +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 +printf "%s\n" "unsupported" >&6; } +else $as_nop + if test "x$ac_cv_prog_cc_c89" = x +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 +printf "%s\n" "none needed" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5 +printf "%s\n" "$ac_cv_prog_cc_c89" >&6; } + CC="$CC $ac_cv_prog_cc_c89" +fi + ac_cv_prog_cc_stdc=$ac_cv_prog_cc_c89 + ac_prog_cc_stdc=c89 +fi fi ac_ext=c @@ -4249,21 +5007,23 @@ ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu -ac_ext=c + + ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC understands -c and -o together" >&5 -$as_echo_n "checking whether $CC understands -c and -o together... " >&6; } -if ${am_cv_prog_cc_c_o+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether $CC understands -c and -o together" >&5 +printf %s "checking whether $CC understands -c and -o together... " >&6; } +if test ${am_cv_prog_cc_c_o+y} +then : + printf %s "(cached) " >&6 +else $as_nop cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int -main () +main (void) { ; @@ -4291,8 +5051,8 @@ _ACEOF rm -f core conftest* unset am_i fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_prog_cc_c_o" >&5 -$as_echo "$am_cv_prog_cc_c_o" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $am_cv_prog_cc_c_o" >&5 +printf "%s\n" "$am_cv_prog_cc_c_o" >&6; } if test "$am_cv_prog_cc_c_o" != yes; then # Losing compiler, so override with the script. # FIXME: It is wrong to rewrite CC. @@ -4310,11 +5070,12 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu depcc="$CC" am_compiler_list= -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking dependency style of $depcc" >&5 -$as_echo_n "checking dependency style of $depcc... " >&6; } -if ${am_cv_CC_dependencies_compiler_type+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking dependency style of $depcc" >&5 +printf %s "checking dependency style of $depcc... " >&6; } +if test ${am_cv_CC_dependencies_compiler_type+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then # We make a subdir and do the tests there. Otherwise we can end up # making bogus files that we don't know about and never remove. For @@ -4421,8 +5182,8 @@ else fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_CC_dependencies_compiler_type" >&5 -$as_echo "$am_cv_CC_dependencies_compiler_type" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $am_cv_CC_dependencies_compiler_type" >&5 +printf "%s\n" "$am_cv_CC_dependencies_compiler_type" >&6; } CCDEPMODE=depmode=$am_cv_CC_dependencies_compiler_type if @@ -4437,424 +5198,17 @@ fi -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to run the C preprocessor" >&5 -$as_echo_n "checking how to run the C preprocessor... " >&6; } -# On Suns, sometimes $CPP names a directory. -if test -n "$CPP" && test -d "$CPP"; then - CPP= -fi -if test -z "$CPP"; then - if ${ac_cv_prog_CPP+:} false; then : - $as_echo_n "(cached) " >&6 -else - # Double quotes because CPP needs to be expanded - for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp" - do - ac_preproc_ok=false -for ac_c_preproc_warn_flag in '' yes -do - # Use a header file that comes with gcc, so configuring glibc - # with a fresh cross-compiler works. - # Prefer to if __STDC__ is defined, since - # exists even on freestanding compilers. - # On the NeXT, cc -E runs the code through the compiler's parser, - # not just through cpp. "Syntax error" is here to catch this case. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#ifdef __STDC__ -# include -#else -# include -#endif - Syntax error -_ACEOF -if ac_fn_c_try_cpp "$LINENO"; then : - -else - # Broken: fails on valid input. -continue -fi -rm -f conftest.err conftest.i conftest.$ac_ext - - # OK, works on sane cases. Now check whether nonexistent headers - # can be detected and how. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -_ACEOF -if ac_fn_c_try_cpp "$LINENO"; then : - # Broken: success on invalid input. -continue -else - # Passes both tests. -ac_preproc_ok=: -break -fi -rm -f conftest.err conftest.i conftest.$ac_ext - -done -# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. -rm -f conftest.i conftest.err conftest.$ac_ext -if $ac_preproc_ok; then : - break -fi - - done - ac_cv_prog_CPP=$CPP - -fi - CPP=$ac_cv_prog_CPP -else - ac_cv_prog_CPP=$CPP -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $CPP" >&5 -$as_echo "$CPP" >&6; } -ac_preproc_ok=false -for ac_c_preproc_warn_flag in '' yes -do - # Use a header file that comes with gcc, so configuring glibc - # with a fresh cross-compiler works. - # Prefer to if __STDC__ is defined, since - # exists even on freestanding compilers. - # On the NeXT, cc -E runs the code through the compiler's parser, - # not just through cpp. "Syntax error" is here to catch this case. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#ifdef __STDC__ -# include -#else -# include -#endif - Syntax error -_ACEOF -if ac_fn_c_try_cpp "$LINENO"; then : - -else - # Broken: fails on valid input. -continue -fi -rm -f conftest.err conftest.i conftest.$ac_ext - - # OK, works on sane cases. Now check whether nonexistent headers - # can be detected and how. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -_ACEOF -if ac_fn_c_try_cpp "$LINENO"; then : - # Broken: success on invalid input. -continue -else - # Passes both tests. -ac_preproc_ok=: -break -fi -rm -f conftest.err conftest.i conftest.$ac_ext - -done -# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. -rm -f conftest.i conftest.err conftest.$ac_ext -if $ac_preproc_ok; then : - -else - { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error $? "C preprocessor \"$CPP\" fails sanity check -See \`config.log' for more details" "$LINENO" 5; } -fi - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for grep that handles long lines and -e" >&5 -$as_echo_n "checking for grep that handles long lines and -e... " >&6; } -if ${ac_cv_path_GREP+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -z "$GREP"; then - ac_path_GREP_found=false - # Loop through the user's path and test for each of PROGNAME-LIST - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_prog in grep ggrep; do - for ac_exec_ext in '' $ac_executable_extensions; do - ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext" - as_fn_executable_p "$ac_path_GREP" || continue -# Check for GNU ac_path_GREP and select it if it is found. - # Check for GNU $ac_path_GREP -case `"$ac_path_GREP" --version 2>&1` in -*GNU*) - ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;; -*) - ac_count=0 - $as_echo_n 0123456789 >"conftest.in" - while : - do - cat "conftest.in" "conftest.in" >"conftest.tmp" - mv "conftest.tmp" "conftest.in" - cp "conftest.in" "conftest.nl" - $as_echo 'GREP' >> "conftest.nl" - "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break - diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break - as_fn_arith $ac_count + 1 && ac_count=$as_val - if test $ac_count -gt ${ac_path_GREP_max-0}; then - # Best one so far, save it but keep looking for a better one - ac_cv_path_GREP="$ac_path_GREP" - ac_path_GREP_max=$ac_count - fi - # 10*(2^10) chars as input seems more than enough - test $ac_count -gt 10 && break - done - rm -f conftest.in conftest.tmp conftest.nl conftest.out;; -esac - - $ac_path_GREP_found && break 3 - done - done - done -IFS=$as_save_IFS - if test -z "$ac_cv_path_GREP"; then - as_fn_error $? "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 - fi -else - ac_cv_path_GREP=$GREP -fi - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_GREP" >&5 -$as_echo "$ac_cv_path_GREP" >&6; } - GREP="$ac_cv_path_GREP" - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5 -$as_echo_n "checking for egrep... " >&6; } -if ${ac_cv_path_EGREP+:} false; then : - $as_echo_n "(cached) " >&6 -else - if echo a | $GREP -E '(a|b)' >/dev/null 2>&1 - then ac_cv_path_EGREP="$GREP -E" - else - if test -z "$EGREP"; then - ac_path_EGREP_found=false - # Loop through the user's path and test for each of PROGNAME-LIST - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_prog in egrep; do - for ac_exec_ext in '' $ac_executable_extensions; do - ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext" - as_fn_executable_p "$ac_path_EGREP" || continue -# Check for GNU ac_path_EGREP and select it if it is found. - # Check for GNU $ac_path_EGREP -case `"$ac_path_EGREP" --version 2>&1` in -*GNU*) - ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;; -*) - ac_count=0 - $as_echo_n 0123456789 >"conftest.in" - while : - do - cat "conftest.in" "conftest.in" >"conftest.tmp" - mv "conftest.tmp" "conftest.in" - cp "conftest.in" "conftest.nl" - $as_echo 'EGREP' >> "conftest.nl" - "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break - diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break - as_fn_arith $ac_count + 1 && ac_count=$as_val - if test $ac_count -gt ${ac_path_EGREP_max-0}; then - # Best one so far, save it but keep looking for a better one - ac_cv_path_EGREP="$ac_path_EGREP" - ac_path_EGREP_max=$ac_count - fi - # 10*(2^10) chars as input seems more than enough - test $ac_count -gt 10 && break - done - rm -f conftest.in conftest.tmp conftest.nl conftest.out;; -esac - - $ac_path_EGREP_found && break 3 - done - done - done -IFS=$as_save_IFS - if test -z "$ac_cv_path_EGREP"; then - as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 - fi -else - ac_cv_path_EGREP=$EGREP -fi - - fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP" >&5 -$as_echo "$ac_cv_path_EGREP" >&6; } - EGREP="$ac_cv_path_EGREP" - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5 -$as_echo_n "checking for ANSI C header files... " >&6; } -if ${ac_cv_header_stdc+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -#include -#include -#include - -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_header_stdc=yes -else - ac_cv_header_stdc=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -if test $ac_cv_header_stdc = yes; then - # SunOS 4.x string.h does not declare mem*, contrary to ANSI. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "memchr" >/dev/null 2>&1; then : - -else - ac_cv_header_stdc=no -fi -rm -f conftest* - -fi - -if test $ac_cv_header_stdc = yes; then - # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "free" >/dev/null 2>&1; then : - -else - ac_cv_header_stdc=no -fi -rm -f conftest* - -fi - -if test $ac_cv_header_stdc = yes; then - # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. - if test "$cross_compiling" = yes; then : - : -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -#include -#if ((' ' & 0x0FF) == 0x020) -# define ISLOWER(c) ('a' <= (c) && (c) <= 'z') -# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) -#else -# define ISLOWER(c) \ - (('a' <= (c) && (c) <= 'i') \ - || ('j' <= (c) && (c) <= 'r') \ - || ('s' <= (c) && (c) <= 'z')) -# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c)) -#endif - -#define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) -int -main () -{ - int i; - for (i = 0; i < 256; i++) - if (XOR (islower (i), ISLOWER (i)) - || toupper (i) != TOUPPER (i)) - return 2; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - -else - ac_cv_header_stdc=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - -fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdc" >&5 -$as_echo "$ac_cv_header_stdc" >&6; } -if test $ac_cv_header_stdc = yes; then - -$as_echo "#define STDC_HEADERS 1" >>confdefs.h - -fi - -# On IRIX 5.3, sys/types and inttypes.h are conflicting. -for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \ - inttypes.h stdint.h unistd.h -do : - as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` -ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default -" -if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - -ac_fn_c_check_type "$LINENO" "long long" "ac_cv_type_long_long" "$ac_includes_default" -if test "x$ac_cv_type_long_long" = xyes; then : - -$as_echo "#define HAVE_LONGLONG 1" >>confdefs.h - - longlong="yes" - -fi - - # - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if _REENTRANT is already defined" >&5 -$as_echo_n "checking if _REENTRANT is already defined... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if _REENTRANT is already defined" >&5 +printf %s "checking if _REENTRANT is already defined... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int -main () +main (void) { #ifdef _REENTRANT @@ -4868,24 +5222,25 @@ main () } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : +if ac_fn_c_try_compile "$LINENO" +then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } tmp_reentrant_initially_defined="yes" -else +else $as_nop - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } tmp_reentrant_initially_defined="no" fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext # if test "$tmp_reentrant_initially_defined" = "no"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if _REENTRANT is actually needed" >&5 -$as_echo_n "checking if _REENTRANT is actually needed... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if _REENTRANT is actually needed" >&5 +printf %s "checking if _REENTRANT is actually needed... " >&6; } case $host in *-*-solaris* | *-*-hpux*) @@ -4898,21 +5253,21 @@ $as_echo_n "checking if _REENTRANT is actually needed... " >&6; } if test "$tmp_need_reentrant" = "yes"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi fi # - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if _REENTRANT is onwards defined" >&5 -$as_echo_n "checking if _REENTRANT is onwards defined... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if _REENTRANT is onwards defined" >&5 +printf %s "checking if _REENTRANT is onwards defined... " >&6; } if test "$tmp_reentrant_initially_defined" = "yes" || test "$tmp_need_reentrant" = "yes"; then -$as_echo "#define NEED_REENTRANT 1" >>confdefs.h +printf "%s\n" "#define NEED_REENTRANT 1" >>confdefs.h cat >>confdefs.h <<_EOF #ifndef _REENTRANT @@ -4920,21 +5275,22 @@ cat >>confdefs.h <<_EOF #endif _EOF - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi # # Some systems (Solaris?) have socket() in -lsocket. -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing socket" >&5 -$as_echo_n "checking for library containing socket... " >&6; } -if ${ac_cv_search_socket+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for library containing socket" >&5 +printf %s "checking for library containing socket... " >&6; } +if test ${ac_cv_search_socket+y} +then : + printf %s "(cached) " >&6 +else $as_nop ac_func_search_save_LIBS=$LIBS cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -4942,57 +5298,60 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif char socket (); int -main () +main (void) { return socket (); ; return 0; } _ACEOF -for ac_lib in '' socket; do +for ac_lib in '' socket +do if test -z "$ac_lib"; then ac_res="none required" else ac_res=-l$ac_lib LIBS="-l$ac_lib $ac_func_search_save_LIBS" fi - if ac_fn_c_try_link "$LINENO"; then : + if ac_fn_c_try_link "$LINENO" +then : ac_cv_search_socket=$ac_res fi -rm -f core conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext - if ${ac_cv_search_socket+:} false; then : + if test ${ac_cv_search_socket+y} +then : break fi done -if ${ac_cv_search_socket+:} false; then : +if test ${ac_cv_search_socket+y} +then : -else +else $as_nop ac_cv_search_socket=no fi rm conftest.$ac_ext LIBS=$ac_func_search_save_LIBS fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_socket" >&5 -$as_echo "$ac_cv_search_socket" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_socket" >&5 +printf "%s\n" "$ac_cv_search_socket" >&6; } ac_res=$ac_cv_search_socket -if test "$ac_res" != no; then : +if test "$ac_res" != no +then : test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" fi # Solaris has inet_addr() in -lnsl. -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing inet_addr" >&5 -$as_echo_n "checking for library containing inet_addr... " >&6; } -if ${ac_cv_search_inet_addr+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for library containing inet_addr" >&5 +printf %s "checking for library containing inet_addr... " >&6; } +if test ${ac_cv_search_inet_addr+y} +then : + printf %s "(cached) " >&6 +else $as_nop ac_func_search_save_LIBS=$LIBS cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -5000,46 +5359,48 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif char inet_addr (); int -main () +main (void) { return inet_addr (); ; return 0; } _ACEOF -for ac_lib in '' nsl; do +for ac_lib in '' nsl +do if test -z "$ac_lib"; then ac_res="none required" else ac_res=-l$ac_lib LIBS="-l$ac_lib $ac_func_search_save_LIBS" fi - if ac_fn_c_try_link "$LINENO"; then : + if ac_fn_c_try_link "$LINENO" +then : ac_cv_search_inet_addr=$ac_res fi -rm -f core conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext - if ${ac_cv_search_inet_addr+:} false; then : + if test ${ac_cv_search_inet_addr+y} +then : break fi done -if ${ac_cv_search_inet_addr+:} false; then : +if test ${ac_cv_search_inet_addr+y} +then : -else +else $as_nop ac_cv_search_inet_addr=no fi rm conftest.$ac_ext LIBS=$ac_func_search_save_LIBS fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_inet_addr" >&5 -$as_echo "$ac_cv_search_inet_addr" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_inet_addr" >&5 +printf "%s\n" "$ac_cv_search_inet_addr" >&6; } ac_res=$ac_cv_search_inet_addr -if test "$ac_res" != no; then : +if test "$ac_res" != no +then : test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" fi @@ -5055,11 +5416,12 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. set dummy ${ac_tool_prefix}gcc; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_CC+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else @@ -5067,11 +5429,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}gcc" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -5082,11 +5448,11 @@ fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 -$as_echo "$CC" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +printf "%s\n" "$CC" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi @@ -5095,11 +5461,12 @@ if test -z "$ac_cv_prog_CC"; then ac_ct_CC=$CC # Extract the first word of "gcc", so it can be a program name with args. set dummy gcc; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_CC+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else @@ -5107,11 +5474,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="gcc" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -5122,11 +5493,11 @@ fi fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 -$as_echo "$ac_ct_CC" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 +printf "%s\n" "$ac_ct_CC" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi if test "x$ac_ct_CC" = x; then @@ -5134,8 +5505,8 @@ fi else case $cross_compiling:$ac_tool_warned in yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac CC=$ac_ct_CC @@ -5148,11 +5519,12 @@ if test -z "$CC"; then if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. set dummy ${ac_tool_prefix}cc; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_CC+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else @@ -5160,11 +5532,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}cc" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -5175,11 +5551,11 @@ fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 -$as_echo "$CC" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +printf "%s\n" "$CC" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi @@ -5188,11 +5564,12 @@ fi if test -z "$CC"; then # Extract the first word of "cc", so it can be a program name with args. set dummy cc; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_CC+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else @@ -5201,15 +5578,19 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + if test "$as_dir$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then ac_prog_rejected=yes continue fi ac_cv_prog_CC="cc" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -5225,18 +5606,18 @@ if test $ac_prog_rejected = yes; then # However, it has the same basename, so the bogon will be chosen # first if we set CC to just the basename; use the full file name. shift - ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@" + ac_cv_prog_CC="$as_dir$ac_word${1+' '}$@" fi fi fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 -$as_echo "$CC" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +printf "%s\n" "$CC" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi @@ -5247,11 +5628,12 @@ if test -z "$CC"; then do # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. set dummy $ac_tool_prefix$ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_CC+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else @@ -5259,11 +5641,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_CC="$ac_tool_prefix$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -5274,11 +5660,11 @@ fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 -$as_echo "$CC" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +printf "%s\n" "$CC" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi @@ -5291,11 +5677,12 @@ if test -z "$CC"; then do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_CC+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else @@ -5303,11 +5690,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -5318,11 +5709,11 @@ fi fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 -$as_echo "$ac_ct_CC" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 +printf "%s\n" "$ac_ct_CC" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi @@ -5334,8 +5725,8 @@ done else case $cross_compiling:$ac_tool_warned in yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac CC=$ac_ct_CC @@ -5343,25 +5734,129 @@ esac fi fi +if test -z "$CC"; then + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}clang", so it can be a program name with args. +set dummy ${ac_tool_prefix}clang; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_CC+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_CC="${ac_tool_prefix}clang" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +printf "%s\n" "$CC" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi -test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +fi +if test -z "$ac_cv_prog_CC"; then + ac_ct_CC=$CC + # Extract the first word of "clang", so it can be a program name with args. +set dummy clang; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_CC+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if test -n "$ac_ct_CC"; then + ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_CC="clang" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_CC=$ac_cv_prog_ac_ct_CC +if test -n "$ac_ct_CC"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 +printf "%s\n" "$ac_ct_CC" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + if test "x$ac_ct_CC" = x; then + CC="" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + CC=$ac_ct_CC + fi +else + CC="$ac_cv_prog_CC" +fi + +fi + + +test -z "$CC" && { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "no acceptable C compiler found in \$PATH See \`config.log' for more details" "$LINENO" 5; } # Provide some information about the compiler. -$as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 +printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 set X $ac_compile ac_compiler=$2 -for ac_option in --version -v -V -qversion; do +for ac_option in --version -v -V -qversion -version; do { { ac_try="$ac_compiler $ac_option >&5" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 +printf "%s\n" "$ac_try_echo"; } >&5 (eval "$ac_compiler $ac_option >&5") 2>conftest.err ac_status=$? if test -s conftest.err; then @@ -5371,20 +5866,21 @@ $as_echo "$ac_try_echo"; } >&5 cat conftest.er1 >&5 fi rm -f conftest.er1 conftest.err - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } done -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5 -$as_echo_n "checking whether we are using the GNU C compiler... " >&6; } -if ${ac_cv_c_compiler_gnu+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether the compiler supports GNU C" >&5 +printf %s "checking whether the compiler supports GNU C... " >&6; } +if test ${ac_cv_c_compiler_gnu+y} +then : + printf %s "(cached) " >&6 +else $as_nop cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int -main () +main (void) { #ifndef __GNUC__ choke me @@ -5394,29 +5890,33 @@ main () return 0; } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : +if ac_fn_c_try_compile "$LINENO" +then : ac_compiler_gnu=yes -else +else $as_nop ac_compiler_gnu=no fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext ac_cv_c_compiler_gnu=$ac_compiler_gnu fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5 -$as_echo "$ac_cv_c_compiler_gnu" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5 +printf "%s\n" "$ac_cv_c_compiler_gnu" >&6; } +ac_compiler_gnu=$ac_cv_c_compiler_gnu + if test $ac_compiler_gnu = yes; then GCC=yes else GCC= fi -ac_test_CFLAGS=${CFLAGS+set} +ac_test_CFLAGS=${CFLAGS+y} ac_save_CFLAGS=$CFLAGS -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5 -$as_echo_n "checking whether $CC accepts -g... " >&6; } -if ${ac_cv_prog_cc_g+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5 +printf %s "checking whether $CC accepts -g... " >&6; } +if test ${ac_cv_prog_cc_g+y} +then : + printf %s "(cached) " >&6 +else $as_nop ac_save_c_werror_flag=$ac_c_werror_flag ac_c_werror_flag=yes ac_cv_prog_cc_g=no @@ -5425,57 +5925,60 @@ else /* end confdefs.h. */ int -main () +main (void) { ; return 0; } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : +if ac_fn_c_try_compile "$LINENO" +then : ac_cv_prog_cc_g=yes -else +else $as_nop CFLAGS="" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int -main () +main (void) { ; return 0; } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : +if ac_fn_c_try_compile "$LINENO" +then : -else +else $as_nop ac_c_werror_flag=$ac_save_c_werror_flag CFLAGS="-g" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int -main () +main (void) { ; return 0; } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : +if ac_fn_c_try_compile "$LINENO" +then : ac_cv_prog_cc_g=yes fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext ac_c_werror_flag=$ac_save_c_werror_flag fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5 -$as_echo "$ac_cv_prog_cc_g" >&6; } -if test "$ac_test_CFLAGS" = set; then +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5 +printf "%s\n" "$ac_cv_prog_cc_g" >&6; } +if test $ac_test_CFLAGS; then CFLAGS=$ac_save_CFLAGS elif test $ac_cv_prog_cc_g = yes; then if test "$GCC" = yes; then @@ -5490,94 +5993,144 @@ else CFLAGS= fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5 -$as_echo_n "checking for $CC option to accept ISO C89... " >&6; } -if ${ac_cv_prog_cc_c89+:} false; then : - $as_echo_n "(cached) " >&6 -else +ac_prog_cc_stdc=no +if test x$ac_prog_cc_stdc = xno +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $CC option to enable C11 features" >&5 +printf %s "checking for $CC option to enable C11 features... " >&6; } +if test ${ac_cv_prog_cc_c11+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_cv_prog_cc_c11=no +ac_save_CC=$CC +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$ac_c_conftest_c11_program +_ACEOF +for ac_arg in '' -std=gnu11 +do + CC="$ac_save_CC $ac_arg" + if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_prog_cc_c11=$ac_arg +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam + test "x$ac_cv_prog_cc_c11" != "xno" && break +done +rm -f conftest.$ac_ext +CC=$ac_save_CC +fi + +if test "x$ac_cv_prog_cc_c11" = xno +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 +printf "%s\n" "unsupported" >&6; } +else $as_nop + if test "x$ac_cv_prog_cc_c11" = x +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 +printf "%s\n" "none needed" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c11" >&5 +printf "%s\n" "$ac_cv_prog_cc_c11" >&6; } + CC="$CC $ac_cv_prog_cc_c11" +fi + ac_cv_prog_cc_stdc=$ac_cv_prog_cc_c11 + ac_prog_cc_stdc=c11 +fi +fi +if test x$ac_prog_cc_stdc = xno +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $CC option to enable C99 features" >&5 +printf %s "checking for $CC option to enable C99 features... " >&6; } +if test ${ac_cv_prog_cc_c99+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_cv_prog_cc_c99=no +ac_save_CC=$CC +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$ac_c_conftest_c99_program +_ACEOF +for ac_arg in '' -std=gnu99 -std=c99 -c99 -qlanglvl=extc1x -qlanglvl=extc99 -AC99 -D_STDC_C99= +do + CC="$ac_save_CC $ac_arg" + if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_prog_cc_c99=$ac_arg +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam + test "x$ac_cv_prog_cc_c99" != "xno" && break +done +rm -f conftest.$ac_ext +CC=$ac_save_CC +fi + +if test "x$ac_cv_prog_cc_c99" = xno +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 +printf "%s\n" "unsupported" >&6; } +else $as_nop + if test "x$ac_cv_prog_cc_c99" = x +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 +printf "%s\n" "none needed" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c99" >&5 +printf "%s\n" "$ac_cv_prog_cc_c99" >&6; } + CC="$CC $ac_cv_prog_cc_c99" +fi + ac_cv_prog_cc_stdc=$ac_cv_prog_cc_c99 + ac_prog_cc_stdc=c99 +fi +fi +if test x$ac_prog_cc_stdc = xno +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $CC option to enable C89 features" >&5 +printf %s "checking for $CC option to enable C89 features... " >&6; } +if test ${ac_cv_prog_cc_c89+y} +then : + printf %s "(cached) " >&6 +else $as_nop ac_cv_prog_cc_c89=no ac_save_CC=$CC cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include -#include -struct stat; -/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ -struct buf { int x; }; -FILE * (*rcsopen) (struct buf *, struct stat *, int); -static char *e (p, i) - char **p; - int i; -{ - return p[i]; -} -static char *f (char * (*g) (char **, int), char **p, ...) -{ - char *s; - va_list v; - va_start (v,p); - s = g (p, va_arg (v,int)); - va_end (v); - return s; -} - -/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has - function prototypes and stuff, but not '\xHH' hex character constants. - These don't provoke an error unfortunately, instead are silently treated - as 'x'. The following induces an error, until -std is added to get - proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an - array size at least. It's necessary to write '\x00'==0 to get something - that's true only with -std. */ -int osf4_cc_array ['\x00' == 0 ? 1 : -1]; - -/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters - inside strings and character constants. */ -#define FOO(x) 'x' -int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1]; - -int test (int i, double x); -struct s1 {int (*f) (int a);}; -struct s2 {int (*f) (double a);}; -int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); -int argc; -char **argv; -int -main () -{ -return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; - ; - return 0; -} +$ac_c_conftest_c89_program _ACEOF -for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \ - -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" +for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" do CC="$ac_save_CC $ac_arg" - if ac_fn_c_try_compile "$LINENO"; then : + if ac_fn_c_try_compile "$LINENO" +then : ac_cv_prog_cc_c89=$ac_arg fi -rm -f core conftest.err conftest.$ac_objext +rm -f core conftest.err conftest.$ac_objext conftest.beam test "x$ac_cv_prog_cc_c89" != "xno" && break done rm -f conftest.$ac_ext CC=$ac_save_CC - fi -# AC_CACHE_VAL -case "x$ac_cv_prog_cc_c89" in - x) - { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 -$as_echo "none needed" >&6; } ;; - xno) - { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 -$as_echo "unsupported" >&6; } ;; - *) - CC="$CC $ac_cv_prog_cc_c89" - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5 -$as_echo "$ac_cv_prog_cc_c89" >&6; } ;; -esac -if test "x$ac_cv_prog_cc_c89" != xno; then : +if test "x$ac_cv_prog_cc_c89" = xno +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 +printf "%s\n" "unsupported" >&6; } +else $as_nop + if test "x$ac_cv_prog_cc_c89" = x +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 +printf "%s\n" "none needed" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5 +printf "%s\n" "$ac_cv_prog_cc_c89" >&6; } + CC="$CC $ac_cv_prog_cc_c89" +fi + ac_cv_prog_cc_stdc=$ac_cv_prog_cc_c89 + ac_prog_cc_stdc=c89 +fi fi ac_ext=c @@ -5586,21 +6139,23 @@ ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu -ac_ext=c + + ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC understands -c and -o together" >&5 -$as_echo_n "checking whether $CC understands -c and -o together... " >&6; } -if ${am_cv_prog_cc_c_o+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether $CC understands -c and -o together" >&5 +printf %s "checking whether $CC understands -c and -o together... " >&6; } +if test ${am_cv_prog_cc_c_o+y} +then : + printf %s "(cached) " >&6 +else $as_nop cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int -main () +main (void) { ; @@ -5628,8 +6183,8 @@ _ACEOF rm -f core conftest* unset am_i fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_prog_cc_c_o" >&5 -$as_echo "$am_cv_prog_cc_c_o" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $am_cv_prog_cc_c_o" >&5 +printf "%s\n" "$am_cv_prog_cc_c_o" >&6; } if test "$am_cv_prog_cc_c_o" != yes; then # Losing compiler, so override with the script. # FIXME: It is wrong to rewrite CC. @@ -5647,11 +6202,12 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu depcc="$CC" am_compiler_list= -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking dependency style of $depcc" >&5 -$as_echo_n "checking dependency style of $depcc... " >&6; } -if ${am_cv_CC_dependencies_compiler_type+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking dependency style of $depcc" >&5 +printf %s "checking dependency style of $depcc... " >&6; } +if test ${am_cv_CC_dependencies_compiler_type+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then # We make a subdir and do the tests there. Otherwise we can end up # making bogus files that we don't know about and never remove. For @@ -5758,8 +6314,8 @@ else fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_CC_dependencies_compiler_type" >&5 -$as_echo "$am_cv_CC_dependencies_compiler_type" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $am_cv_CC_dependencies_compiler_type" >&5 +printf "%s\n" "$am_cv_CC_dependencies_compiler_type" >&6; } CCDEPMODE=depmode=$am_cv_CC_dependencies_compiler_type if @@ -5773,6 +6329,12 @@ else fi + + + + + + ac_ext=cpp ac_cpp='$CXXCPP $CPPFLAGS' ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' @@ -5783,15 +6345,16 @@ if test -z "$CXX"; then CXX=$CCC else if test -n "$ac_tool_prefix"; then - for ac_prog in g++ c++ gpp aCC CC cxx cc++ cl.exe FCC KCC RCC xlC_r xlC + for ac_prog in g++ c++ gpp aCC CC cxx cc++ cl.exe FCC KCC RCC xlC_r xlC clang++ do # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. set dummy $ac_tool_prefix$ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_CXX+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_CXX+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$CXX"; then ac_cv_prog_CXX="$CXX" # Let the user override the test. else @@ -5799,11 +6362,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_CXX="$ac_tool_prefix$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -5814,11 +6381,11 @@ fi fi CXX=$ac_cv_prog_CXX if test -n "$CXX"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CXX" >&5 -$as_echo "$CXX" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CXX" >&5 +printf "%s\n" "$CXX" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi @@ -5827,15 +6394,16 @@ fi fi if test -z "$CXX"; then ac_ct_CXX=$CXX - for ac_prog in g++ c++ gpp aCC CC cxx cc++ cl.exe FCC KCC RCC xlC_r xlC + for ac_prog in g++ c++ gpp aCC CC cxx cc++ cl.exe FCC KCC RCC xlC_r xlC clang++ do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_CXX+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_CXX+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$ac_ct_CXX"; then ac_cv_prog_ac_ct_CXX="$ac_ct_CXX" # Let the user override the test. else @@ -5843,11 +6411,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CXX="$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -5858,11 +6430,11 @@ fi fi ac_ct_CXX=$ac_cv_prog_ac_ct_CXX if test -n "$ac_ct_CXX"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CXX" >&5 -$as_echo "$ac_ct_CXX" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CXX" >&5 +printf "%s\n" "$ac_ct_CXX" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi @@ -5874,8 +6446,8 @@ done else case $cross_compiling:$ac_tool_warned in yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac CXX=$ac_ct_CXX @@ -5885,7 +6457,7 @@ fi fi fi # Provide some information about the compiler. -$as_echo "$as_me:${as_lineno-$LINENO}: checking for C++ compiler version" >&5 +printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for C++ compiler version" >&5 set X $ac_compile ac_compiler=$2 for ac_option in --version -v -V -qversion; do @@ -5895,7 +6467,7 @@ case "(($ac_try" in *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 +printf "%s\n" "$ac_try_echo"; } >&5 (eval "$ac_compiler $ac_option >&5") 2>conftest.err ac_status=$? if test -s conftest.err; then @@ -5905,20 +6477,21 @@ $as_echo "$ac_try_echo"; } >&5 cat conftest.er1 >&5 fi rm -f conftest.er1 conftest.err - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } done -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C++ compiler" >&5 -$as_echo_n "checking whether we are using the GNU C++ compiler... " >&6; } -if ${ac_cv_cxx_compiler_gnu+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether the compiler supports GNU C++" >&5 +printf %s "checking whether the compiler supports GNU C++... " >&6; } +if test ${ac_cv_cxx_compiler_gnu+y} +then : + printf %s "(cached) " >&6 +else $as_nop cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int -main () +main (void) { #ifndef __GNUC__ choke me @@ -5928,29 +6501,33 @@ main () return 0; } _ACEOF -if ac_fn_cxx_try_compile "$LINENO"; then : +if ac_fn_cxx_try_compile "$LINENO" +then : ac_compiler_gnu=yes -else +else $as_nop ac_compiler_gnu=no fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext ac_cv_cxx_compiler_gnu=$ac_compiler_gnu fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_cxx_compiler_gnu" >&5 -$as_echo "$ac_cv_cxx_compiler_gnu" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_cxx_compiler_gnu" >&5 +printf "%s\n" "$ac_cv_cxx_compiler_gnu" >&6; } +ac_compiler_gnu=$ac_cv_cxx_compiler_gnu + if test $ac_compiler_gnu = yes; then GXX=yes else GXX= fi -ac_test_CXXFLAGS=${CXXFLAGS+set} +ac_test_CXXFLAGS=${CXXFLAGS+y} ac_save_CXXFLAGS=$CXXFLAGS -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CXX accepts -g" >&5 -$as_echo_n "checking whether $CXX accepts -g... " >&6; } -if ${ac_cv_prog_cxx_g+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether $CXX accepts -g" >&5 +printf %s "checking whether $CXX accepts -g... " >&6; } +if test ${ac_cv_prog_cxx_g+y} +then : + printf %s "(cached) " >&6 +else $as_nop ac_save_cxx_werror_flag=$ac_cxx_werror_flag ac_cxx_werror_flag=yes ac_cv_prog_cxx_g=no @@ -5959,57 +6536,60 @@ else /* end confdefs.h. */ int -main () +main (void) { ; return 0; } _ACEOF -if ac_fn_cxx_try_compile "$LINENO"; then : +if ac_fn_cxx_try_compile "$LINENO" +then : ac_cv_prog_cxx_g=yes -else +else $as_nop CXXFLAGS="" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int -main () +main (void) { ; return 0; } _ACEOF -if ac_fn_cxx_try_compile "$LINENO"; then : +if ac_fn_cxx_try_compile "$LINENO" +then : -else +else $as_nop ac_cxx_werror_flag=$ac_save_cxx_werror_flag CXXFLAGS="-g" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int -main () +main (void) { ; return 0; } _ACEOF -if ac_fn_cxx_try_compile "$LINENO"; then : +if ac_fn_cxx_try_compile "$LINENO" +then : ac_cv_prog_cxx_g=yes fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext ac_cxx_werror_flag=$ac_save_cxx_werror_flag fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cxx_g" >&5 -$as_echo "$ac_cv_prog_cxx_g" >&6; } -if test "$ac_test_CXXFLAGS" = set; then +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cxx_g" >&5 +printf "%s\n" "$ac_cv_prog_cxx_g" >&6; } +if test $ac_test_CXXFLAGS; then CXXFLAGS=$ac_save_CXXFLAGS elif test $ac_cv_prog_cxx_g = yes; then if test "$GXX" = yes; then @@ -6024,6 +6604,100 @@ else CXXFLAGS= fi fi +ac_prog_cxx_stdcxx=no +if test x$ac_prog_cxx_stdcxx = xno +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $CXX option to enable C++11 features" >&5 +printf %s "checking for $CXX option to enable C++11 features... " >&6; } +if test ${ac_cv_prog_cxx_11+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_cv_prog_cxx_11=no +ac_save_CXX=$CXX +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$ac_cxx_conftest_cxx11_program +_ACEOF +for ac_arg in '' -std=gnu++11 -std=gnu++0x -std=c++11 -std=c++0x -qlanglvl=extended0x -AA +do + CXX="$ac_save_CXX $ac_arg" + if ac_fn_cxx_try_compile "$LINENO" +then : + ac_cv_prog_cxx_cxx11=$ac_arg +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam + test "x$ac_cv_prog_cxx_cxx11" != "xno" && break +done +rm -f conftest.$ac_ext +CXX=$ac_save_CXX +fi + +if test "x$ac_cv_prog_cxx_cxx11" = xno +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 +printf "%s\n" "unsupported" >&6; } +else $as_nop + if test "x$ac_cv_prog_cxx_cxx11" = x +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 +printf "%s\n" "none needed" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cxx_cxx11" >&5 +printf "%s\n" "$ac_cv_prog_cxx_cxx11" >&6; } + CXX="$CXX $ac_cv_prog_cxx_cxx11" +fi + ac_cv_prog_cxx_stdcxx=$ac_cv_prog_cxx_cxx11 + ac_prog_cxx_stdcxx=cxx11 +fi +fi +if test x$ac_prog_cxx_stdcxx = xno +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $CXX option to enable C++98 features" >&5 +printf %s "checking for $CXX option to enable C++98 features... " >&6; } +if test ${ac_cv_prog_cxx_98+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_cv_prog_cxx_98=no +ac_save_CXX=$CXX +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$ac_cxx_conftest_cxx98_program +_ACEOF +for ac_arg in '' -std=gnu++98 -std=c++98 -qlanglvl=extended -AA +do + CXX="$ac_save_CXX $ac_arg" + if ac_fn_cxx_try_compile "$LINENO" +then : + ac_cv_prog_cxx_cxx98=$ac_arg +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam + test "x$ac_cv_prog_cxx_cxx98" != "xno" && break +done +rm -f conftest.$ac_ext +CXX=$ac_save_CXX +fi + +if test "x$ac_cv_prog_cxx_cxx98" = xno +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 +printf "%s\n" "unsupported" >&6; } +else $as_nop + if test "x$ac_cv_prog_cxx_cxx98" = x +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 +printf "%s\n" "none needed" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cxx_cxx98" >&5 +printf "%s\n" "$ac_cv_prog_cxx_cxx98" >&6; } + CXX="$CXX $ac_cv_prog_cxx_cxx98" +fi + ac_cv_prog_cxx_stdcxx=$ac_cv_prog_cxx_cxx98 + ac_prog_cxx_stdcxx=cxx98 +fi +fi + ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' @@ -6032,11 +6706,12 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu depcc="$CXX" am_compiler_list= -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking dependency style of $depcc" >&5 -$as_echo_n "checking dependency style of $depcc... " >&6; } -if ${am_cv_CXX_dependencies_compiler_type+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking dependency style of $depcc" >&5 +printf %s "checking dependency style of $depcc... " >&6; } +if test ${am_cv_CXX_dependencies_compiler_type+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then # We make a subdir and do the tests there. Otherwise we can end up # making bogus files that we don't know about and never remove. For @@ -6143,8 +6818,8 @@ else fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_CXX_dependencies_compiler_type" >&5 -$as_echo "$am_cv_CXX_dependencies_compiler_type" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $am_cv_CXX_dependencies_compiler_type" >&5 +printf "%s\n" "$am_cv_CXX_dependencies_compiler_type" >&6; } CXXDEPMODE=depmode=$am_cv_CXX_dependencies_compiler_type if @@ -6159,24 +6834,25 @@ fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ln -s works" >&5 -$as_echo_n "checking whether ln -s works... " >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether ln -s works" >&5 +printf %s "checking whether ln -s works... " >&6; } LN_S=$as_ln_s if test "$LN_S" = "ln -s"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no, using $LN_S" >&5 -$as_echo "no, using $LN_S" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no, using $LN_S" >&5 +printf "%s\n" "no, using $LN_S" >&6; } fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} sets \$(MAKE)" >&5 -$as_echo_n "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} sets \$(MAKE)" >&5 +printf %s "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; } set x ${MAKE-make} -ac_make=`$as_echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'` -if eval \${ac_cv_prog_make_${ac_make}_set+:} false; then : - $as_echo_n "(cached) " >&6 -else +ac_make=`printf "%s\n" "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'` +if eval test \${ac_cv_prog_make_${ac_make}_set+y} +then : + printf %s "(cached) " >&6 +else $as_nop cat >conftest.make <<\_ACEOF SHELL = /bin/sh all: @@ -6192,328 +6868,84 @@ esac rm -f conftest.make fi if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } SET_MAKE= else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } SET_MAKE="MAKE=${MAKE-make}" fi -enable_win32_dll=yes - -case $host in -*-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-cegcc*) - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}as", so it can be a program name with args. -set dummy ${ac_tool_prefix}as; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_AS+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$AS"; then - ac_cv_prog_AS="$AS" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH +for ac_prog in sshd +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_SSHD+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $SSHD in + [\\/]* | ?:[\\/]*) + ac_cv_path_SSHD="$SSHD" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH$PATH_SEPARATOR/usr/libexec$PATH_SEPARATOR /usr/sbin$PATH_SEPARATOR/usr/etc$PATH_SEPARATOR/etc do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_AS="${ac_tool_prefix}as" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_SSHD="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS -fi -fi -AS=$ac_cv_prog_AS -if test -n "$AS"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $AS" >&5 -$as_echo "$AS" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_AS"; then - ac_ct_AS=$AS - # Extract the first word of "as", so it can be a program name with args. -set dummy as; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_AS+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$ac_ct_AS"; then - ac_cv_prog_ac_ct_AS="$ac_ct_AS" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_AS="as" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -ac_ct_AS=$ac_cv_prog_ac_ct_AS -if test -n "$ac_ct_AS"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_AS" >&5 -$as_echo "$ac_ct_AS" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - if test "x$ac_ct_AS" = x; then - AS="false" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - AS=$ac_ct_AS - fi -else - AS="$ac_cv_prog_AS" -fi - - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}dlltool", so it can be a program name with args. -set dummy ${ac_tool_prefix}dlltool; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_DLLTOOL+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$DLLTOOL"; then - ac_cv_prog_DLLTOOL="$DLLTOOL" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_DLLTOOL="${ac_tool_prefix}dlltool" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -DLLTOOL=$ac_cv_prog_DLLTOOL -if test -n "$DLLTOOL"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $DLLTOOL" >&5 -$as_echo "$DLLTOOL" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_DLLTOOL"; then - ac_ct_DLLTOOL=$DLLTOOL - # Extract the first word of "dlltool", so it can be a program name with args. -set dummy dlltool; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_DLLTOOL+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$ac_ct_DLLTOOL"; then - ac_cv_prog_ac_ct_DLLTOOL="$ac_ct_DLLTOOL" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_DLLTOOL="dlltool" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -ac_ct_DLLTOOL=$ac_cv_prog_ac_ct_DLLTOOL -if test -n "$ac_ct_DLLTOOL"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DLLTOOL" >&5 -$as_echo "$ac_ct_DLLTOOL" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - if test "x$ac_ct_DLLTOOL" = x; then - DLLTOOL="false" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - DLLTOOL=$ac_ct_DLLTOOL - fi -else - DLLTOOL="$ac_cv_prog_DLLTOOL" -fi - - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}objdump", so it can be a program name with args. -set dummy ${ac_tool_prefix}objdump; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_OBJDUMP+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$OBJDUMP"; then - ac_cv_prog_OBJDUMP="$OBJDUMP" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_OBJDUMP="${ac_tool_prefix}objdump" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -OBJDUMP=$ac_cv_prog_OBJDUMP -if test -n "$OBJDUMP"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $OBJDUMP" >&5 -$as_echo "$OBJDUMP" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_OBJDUMP"; then - ac_ct_OBJDUMP=$OBJDUMP - # Extract the first word of "objdump", so it can be a program name with args. -set dummy objdump; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_OBJDUMP+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$ac_ct_OBJDUMP"; then - ac_cv_prog_ac_ct_OBJDUMP="$ac_ct_OBJDUMP" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_OBJDUMP="objdump" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -ac_ct_OBJDUMP=$ac_cv_prog_ac_ct_OBJDUMP -if test -n "$ac_ct_OBJDUMP"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OBJDUMP" >&5 -$as_echo "$ac_ct_OBJDUMP" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - if test "x$ac_ct_OBJDUMP" = x; then - OBJDUMP="false" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - OBJDUMP=$ac_ct_OBJDUMP - fi -else - OBJDUMP="$ac_cv_prog_OBJDUMP" -fi - ;; esac - -test -z "$AS" && AS=as - - - - - -test -z "$DLLTOOL" && DLLTOOL=dlltool - - - - - -test -z "$OBJDUMP" && OBJDUMP=objdump - - - +fi +SSHD=$ac_cv_path_SSHD +if test -n "$SSHD"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $SSHD" >&5 +printf "%s\n" "$SSHD" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + test -n "$SSHD" && break +done + if test -n "$SSHD"; then + SSHD_TRUE= + SSHD_FALSE='#' +else + SSHD_TRUE='#' + SSHD_FALSE= +fi case `pwd` in *\ * | *\ *) - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Libtool does not cope well with whitespace in \`pwd\`" >&5 -$as_echo "$as_me: WARNING: Libtool does not cope well with whitespace in \`pwd\`" >&2;} ;; + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: Libtool does not cope well with whitespace in \`pwd\`" >&5 +printf "%s\n" "$as_me: WARNING: Libtool does not cope well with whitespace in \`pwd\`" >&2;} ;; esac -macro_version='2.4.6' -macro_revision='2.4.6' +macro_version='2.4.7' +macro_revision='2.4.7' + @@ -6550,8 +6982,8 @@ ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to print strings" >&5 -$as_echo_n "checking how to print strings... " >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to print strings" >&5 +printf %s "checking how to print strings... " >&6; } # Test print first, because it will be a builtin if present. if test "X`( print -r -- -n ) 2>/dev/null`" = X-n && \ test "X`print -r -- $ECHO 2>/dev/null`" = "X$ECHO"; then @@ -6577,12 +7009,12 @@ func_echo_all () } case $ECHO in - printf*) { $as_echo "$as_me:${as_lineno-$LINENO}: result: printf" >&5 -$as_echo "printf" >&6; } ;; - print*) { $as_echo "$as_me:${as_lineno-$LINENO}: result: print -r" >&5 -$as_echo "print -r" >&6; } ;; - *) { $as_echo "$as_me:${as_lineno-$LINENO}: result: cat" >&5 -$as_echo "cat" >&6; } ;; + printf*) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: printf" >&5 +printf "%s\n" "printf" >&6; } ;; + print*) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: print -r" >&5 +printf "%s\n" "print -r" >&6; } ;; + *) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: cat" >&5 +printf "%s\n" "cat" >&6; } ;; esac @@ -6598,11 +7030,12 @@ esac -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a sed that does not truncate output" >&5 -$as_echo_n "checking for a sed that does not truncate output... " >&6; } -if ${ac_cv_path_SED+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for a sed that does not truncate output" >&5 +printf %s "checking for a sed that does not truncate output... " >&6; } +if test ${ac_cv_path_SED+y} +then : + printf %s "(cached) " >&6 +else $as_nop ac_script=s/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb/ for ac_i in 1 2 3 4 5 6 7; do ac_script="$ac_script$as_nl$ac_script" @@ -6616,10 +7049,15 @@ else for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_prog in sed gsed; do + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_prog in sed gsed + do for ac_exec_ext in '' $ac_executable_extensions; do - ac_path_SED="$as_dir/$ac_prog$ac_exec_ext" + ac_path_SED="$as_dir$ac_prog$ac_exec_ext" as_fn_executable_p "$ac_path_SED" || continue # Check for GNU ac_path_SED and select it if it is found. # Check for GNU $ac_path_SED @@ -6628,13 +7066,13 @@ case `"$ac_path_SED" --version 2>&1` in ac_cv_path_SED="$ac_path_SED" ac_path_SED_found=:;; *) ac_count=0 - $as_echo_n 0123456789 >"conftest.in" + printf %s 0123456789 >"conftest.in" while : do cat "conftest.in" "conftest.in" >"conftest.tmp" mv "conftest.tmp" "conftest.in" cp "conftest.in" "conftest.nl" - $as_echo '' >> "conftest.nl" + printf "%s\n" '' >> "conftest.nl" "$ac_path_SED" -f conftest.sed < "conftest.nl" >"conftest.out" 2>/dev/null || break diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break as_fn_arith $ac_count + 1 && ac_count=$as_val @@ -6662,8 +7100,8 @@ else fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_SED" >&5 -$as_echo "$ac_cv_path_SED" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_SED" >&5 +printf "%s\n" "$ac_cv_path_SED" >&6; } SED="$ac_cv_path_SED" rm -f conftest.sed @@ -6680,11 +7118,154 @@ Xsed="$SED -e 1s/^X//" -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for fgrep" >&5 -$as_echo_n "checking for fgrep... " >&6; } -if ${ac_cv_path_FGREP+:} false; then : - $as_echo_n "(cached) " >&6 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for grep that handles long lines and -e" >&5 +printf %s "checking for grep that handles long lines and -e... " >&6; } +if test ${ac_cv_path_GREP+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if test -z "$GREP"; then + ac_path_GREP_found=false + # Loop through the user's path and test for each of PROGNAME-LIST + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_prog in grep ggrep + do + for ac_exec_ext in '' $ac_executable_extensions; do + ac_path_GREP="$as_dir$ac_prog$ac_exec_ext" + as_fn_executable_p "$ac_path_GREP" || continue +# Check for GNU ac_path_GREP and select it if it is found. + # Check for GNU $ac_path_GREP +case `"$ac_path_GREP" --version 2>&1` in +*GNU*) + ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;; +*) + ac_count=0 + printf %s 0123456789 >"conftest.in" + while : + do + cat "conftest.in" "conftest.in" >"conftest.tmp" + mv "conftest.tmp" "conftest.in" + cp "conftest.in" "conftest.nl" + printf "%s\n" 'GREP' >> "conftest.nl" + "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break + diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break + as_fn_arith $ac_count + 1 && ac_count=$as_val + if test $ac_count -gt ${ac_path_GREP_max-0}; then + # Best one so far, save it but keep looking for a better one + ac_cv_path_GREP="$ac_path_GREP" + ac_path_GREP_max=$ac_count + fi + # 10*(2^10) chars as input seems more than enough + test $ac_count -gt 10 && break + done + rm -f conftest.in conftest.tmp conftest.nl conftest.out;; +esac + + $ac_path_GREP_found && break 3 + done + done + done +IFS=$as_save_IFS + if test -z "$ac_cv_path_GREP"; then + as_fn_error $? "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 + fi else + ac_cv_path_GREP=$GREP +fi + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_GREP" >&5 +printf "%s\n" "$ac_cv_path_GREP" >&6; } + GREP="$ac_cv_path_GREP" + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5 +printf %s "checking for egrep... " >&6; } +if test ${ac_cv_path_EGREP+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if echo a | $GREP -E '(a|b)' >/dev/null 2>&1 + then ac_cv_path_EGREP="$GREP -E" + else + if test -z "$EGREP"; then + ac_path_EGREP_found=false + # Loop through the user's path and test for each of PROGNAME-LIST + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_prog in egrep + do + for ac_exec_ext in '' $ac_executable_extensions; do + ac_path_EGREP="$as_dir$ac_prog$ac_exec_ext" + as_fn_executable_p "$ac_path_EGREP" || continue +# Check for GNU ac_path_EGREP and select it if it is found. + # Check for GNU $ac_path_EGREP +case `"$ac_path_EGREP" --version 2>&1` in +*GNU*) + ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;; +*) + ac_count=0 + printf %s 0123456789 >"conftest.in" + while : + do + cat "conftest.in" "conftest.in" >"conftest.tmp" + mv "conftest.tmp" "conftest.in" + cp "conftest.in" "conftest.nl" + printf "%s\n" 'EGREP' >> "conftest.nl" + "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break + diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break + as_fn_arith $ac_count + 1 && ac_count=$as_val + if test $ac_count -gt ${ac_path_EGREP_max-0}; then + # Best one so far, save it but keep looking for a better one + ac_cv_path_EGREP="$ac_path_EGREP" + ac_path_EGREP_max=$ac_count + fi + # 10*(2^10) chars as input seems more than enough + test $ac_count -gt 10 && break + done + rm -f conftest.in conftest.tmp conftest.nl conftest.out;; +esac + + $ac_path_EGREP_found && break 3 + done + done + done +IFS=$as_save_IFS + if test -z "$ac_cv_path_EGREP"; then + as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 + fi +else + ac_cv_path_EGREP=$EGREP +fi + + fi +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP" >&5 +printf "%s\n" "$ac_cv_path_EGREP" >&6; } + EGREP="$ac_cv_path_EGREP" + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for fgrep" >&5 +printf %s "checking for fgrep... " >&6; } +if test ${ac_cv_path_FGREP+y} +then : + printf %s "(cached) " >&6 +else $as_nop if echo 'ab*c' | $GREP -F 'ab*c' >/dev/null 2>&1 then ac_cv_path_FGREP="$GREP -F" else @@ -6695,10 +7276,15 @@ else for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_prog in fgrep; do + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_prog in fgrep + do for ac_exec_ext in '' $ac_executable_extensions; do - ac_path_FGREP="$as_dir/$ac_prog$ac_exec_ext" + ac_path_FGREP="$as_dir$ac_prog$ac_exec_ext" as_fn_executable_p "$ac_path_FGREP" || continue # Check for GNU ac_path_FGREP and select it if it is found. # Check for GNU $ac_path_FGREP @@ -6707,13 +7293,13 @@ case `"$ac_path_FGREP" --version 2>&1` in ac_cv_path_FGREP="$ac_path_FGREP" ac_path_FGREP_found=:;; *) ac_count=0 - $as_echo_n 0123456789 >"conftest.in" + printf %s 0123456789 >"conftest.in" while : do cat "conftest.in" "conftest.in" >"conftest.tmp" mv "conftest.tmp" "conftest.in" cp "conftest.in" "conftest.nl" - $as_echo 'FGREP' >> "conftest.nl" + printf "%s\n" 'FGREP' >> "conftest.nl" "$ac_path_FGREP" FGREP < "conftest.nl" >"conftest.out" 2>/dev/null || break diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break as_fn_arith $ac_count + 1 && ac_count=$as_val @@ -6742,8 +7328,8 @@ fi fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_FGREP" >&5 -$as_echo "$ac_cv_path_FGREP" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_FGREP" >&5 +printf "%s\n" "$ac_cv_path_FGREP" >&6; } FGREP="$ac_cv_path_FGREP" @@ -6768,17 +7354,18 @@ test -z "$GREP" && GREP=grep # Check whether --with-gnu-ld was given. -if test "${with_gnu_ld+set}" = set; then : +if test ${with_gnu_ld+y} +then : withval=$with_gnu_ld; test no = "$withval" || with_gnu_ld=yes -else +else $as_nop with_gnu_ld=no fi ac_prog=ld if test yes = "$GCC"; then # Check if gcc -print-prog-name=ld gives a path. - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ld used by $CC" >&5 -$as_echo_n "checking for ld used by $CC... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ld used by $CC" >&5 +printf %s "checking for ld used by $CC... " >&6; } case $host in *-*-mingw*) # gcc leaves a trailing carriage return, which upsets mingw @@ -6807,15 +7394,16 @@ $as_echo_n "checking for ld used by $CC... " >&6; } ;; esac elif test yes = "$with_gnu_ld"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for GNU ld" >&5 -$as_echo_n "checking for GNU ld... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for GNU ld" >&5 +printf %s "checking for GNU ld... " >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for non-GNU ld" >&5 -$as_echo_n "checking for non-GNU ld... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for non-GNU ld" >&5 +printf %s "checking for non-GNU ld... " >&6; } fi -if ${lt_cv_path_LD+:} false; then : - $as_echo_n "(cached) " >&6 -else +if test ${lt_cv_path_LD+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -z "$LD"; then lt_save_ifs=$IFS; IFS=$PATH_SEPARATOR for ac_dir in $PATH; do @@ -6844,18 +7432,19 @@ fi LD=$lt_cv_path_LD if test -n "$LD"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LD" >&5 -$as_echo "$LD" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $LD" >&5 +printf "%s\n" "$LD" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi test -z "$LD" && as_fn_error $? "no acceptable ld found in \$PATH" "$LINENO" 5 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if the linker ($LD) is GNU ld" >&5 -$as_echo_n "checking if the linker ($LD) is GNU ld... " >&6; } -if ${lt_cv_prog_gnu_ld+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if the linker ($LD) is GNU ld" >&5 +printf %s "checking if the linker ($LD) is GNU ld... " >&6; } +if test ${lt_cv_prog_gnu_ld+y} +then : + printf %s "(cached) " >&6 +else $as_nop # I'd rather use --version here, but apparently some GNU lds only accept -v. case `$LD -v 2>&1 &1 &5 -$as_echo "$lt_cv_prog_gnu_ld" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_gnu_ld" >&5 +printf "%s\n" "$lt_cv_prog_gnu_ld" >&6; } with_gnu_ld=$lt_cv_prog_gnu_ld @@ -6878,11 +7467,12 @@ with_gnu_ld=$lt_cv_prog_gnu_ld -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for BSD- or MS-compatible name lister (nm)" >&5 -$as_echo_n "checking for BSD- or MS-compatible name lister (nm)... " >&6; } -if ${lt_cv_path_NM+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for BSD- or MS-compatible name lister (nm)" >&5 +printf %s "checking for BSD- or MS-compatible name lister (nm)... " >&6; } +if test ${lt_cv_path_NM+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$NM"; then # Let the user override the test. lt_cv_path_NM=$NM @@ -6907,13 +7497,13 @@ else mingw*) lt_bad_file=conftest.nm/nofile ;; *) lt_bad_file=/dev/null ;; esac - case `"$tmp_nm" -B $lt_bad_file 2>&1 | sed '1q'` in + case `"$tmp_nm" -B $lt_bad_file 2>&1 | $SED '1q'` in *$lt_bad_file* | *'Invalid file or object type'*) lt_cv_path_NM="$tmp_nm -B" break 2 ;; *) - case `"$tmp_nm" -p /dev/null 2>&1 | sed '1q'` in + case `"$tmp_nm" -p /dev/null 2>&1 | $SED '1q'` in */dev/null*) lt_cv_path_NM="$tmp_nm -p" break 2 @@ -6932,8 +7522,8 @@ else : ${lt_cv_path_NM=no} fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_path_NM" >&5 -$as_echo "$lt_cv_path_NM" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_path_NM" >&5 +printf "%s\n" "$lt_cv_path_NM" >&6; } if test no != "$lt_cv_path_NM"; then NM=$lt_cv_path_NM else @@ -6946,11 +7536,12 @@ else do # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. set dummy $ac_tool_prefix$ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_DUMPBIN+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_DUMPBIN+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$DUMPBIN"; then ac_cv_prog_DUMPBIN="$DUMPBIN" # Let the user override the test. else @@ -6958,11 +7549,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_DUMPBIN="$ac_tool_prefix$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -6973,11 +7568,11 @@ fi fi DUMPBIN=$ac_cv_prog_DUMPBIN if test -n "$DUMPBIN"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $DUMPBIN" >&5 -$as_echo "$DUMPBIN" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $DUMPBIN" >&5 +printf "%s\n" "$DUMPBIN" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi @@ -6990,11 +7585,12 @@ if test -z "$DUMPBIN"; then do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_DUMPBIN+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_DUMPBIN+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$ac_ct_DUMPBIN"; then ac_cv_prog_ac_ct_DUMPBIN="$ac_ct_DUMPBIN" # Let the user override the test. else @@ -7002,11 +7598,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_DUMPBIN="$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -7017,11 +7617,11 @@ fi fi ac_ct_DUMPBIN=$ac_cv_prog_ac_ct_DUMPBIN if test -n "$ac_ct_DUMPBIN"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DUMPBIN" >&5 -$as_echo "$ac_ct_DUMPBIN" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DUMPBIN" >&5 +printf "%s\n" "$ac_ct_DUMPBIN" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi @@ -7033,15 +7633,15 @@ done else case $cross_compiling:$ac_tool_warned in yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac DUMPBIN=$ac_ct_DUMPBIN fi fi - case `$DUMPBIN -symbols -headers /dev/null 2>&1 | sed '1q'` in + case `$DUMPBIN -symbols -headers /dev/null 2>&1 | $SED '1q'` in *COFF*) DUMPBIN="$DUMPBIN -symbols -headers" ;; @@ -7062,11 +7662,12 @@ test -z "$NM" && NM=nm -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking the name lister ($NM) interface" >&5 -$as_echo_n "checking the name lister ($NM) interface... " >&6; } -if ${lt_cv_nm_interface+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking the name lister ($NM) interface" >&5 +printf %s "checking the name lister ($NM) interface... " >&6; } +if test ${lt_cv_nm_interface+y} +then : + printf %s "(cached) " >&6 +else $as_nop lt_cv_nm_interface="BSD nm" echo "int some_variable = 0;" > conftest.$ac_ext (eval echo "\"\$as_me:$LINENO: $ac_compile\"" >&5) @@ -7082,15 +7683,16 @@ else fi rm -f conftest* fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_nm_interface" >&5 -$as_echo "$lt_cv_nm_interface" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_nm_interface" >&5 +printf "%s\n" "$lt_cv_nm_interface" >&6; } # find the maximum length of command line arguments -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking the maximum length of command line arguments" >&5 -$as_echo_n "checking the maximum length of command line arguments... " >&6; } -if ${lt_cv_sys_max_cmd_len+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking the maximum length of command line arguments" >&5 +printf %s "checking the maximum length of command line arguments... " >&6; } +if test ${lt_cv_sys_max_cmd_len+y} +then : + printf %s "(cached) " >&6 +else $as_nop i=0 teststring=ABCD @@ -7132,7 +7734,7 @@ else lt_cv_sys_max_cmd_len=8192; ;; - bitrig* | darwin* | dragonfly* | freebsd* | netbsd* | openbsd*) + bitrig* | darwin* | dragonfly* | freebsd* | midnightbsd* | netbsd* | openbsd*) # This has been around since 386BSD, at least. Likely further. if test -x /sbin/sysctl; then lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax` @@ -7175,7 +7777,7 @@ else sysv5* | sco5v6* | sysv4.2uw2*) kargmax=`grep ARG_MAX /etc/conf/cf.d/stune 2>/dev/null` if test -n "$kargmax"; then - lt_cv_sys_max_cmd_len=`echo $kargmax | sed 's/.*[ ]//'` + lt_cv_sys_max_cmd_len=`echo $kargmax | $SED 's/.*[ ]//'` else lt_cv_sys_max_cmd_len=32768 fi @@ -7217,11 +7819,11 @@ else fi if test -n "$lt_cv_sys_max_cmd_len"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_sys_max_cmd_len" >&5 -$as_echo "$lt_cv_sys_max_cmd_len" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_sys_max_cmd_len" >&5 +printf "%s\n" "$lt_cv_sys_max_cmd_len" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: none" >&5 -$as_echo "none" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: none" >&5 +printf "%s\n" "none" >&6; } fi max_cmd_len=$lt_cv_sys_max_cmd_len @@ -7265,11 +7867,12 @@ esac -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to convert $build file names to $host format" >&5 -$as_echo_n "checking how to convert $build file names to $host format... " >&6; } -if ${lt_cv_to_host_file_cmd+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to convert $build file names to $host format" >&5 +printf %s "checking how to convert $build file names to $host format... " >&6; } +if test ${lt_cv_to_host_file_cmd+y} +then : + printf %s "(cached) " >&6 +else $as_nop case $host in *-*-mingw* ) case $build in @@ -7305,18 +7908,19 @@ esac fi to_host_file_cmd=$lt_cv_to_host_file_cmd -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_to_host_file_cmd" >&5 -$as_echo "$lt_cv_to_host_file_cmd" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_to_host_file_cmd" >&5 +printf "%s\n" "$lt_cv_to_host_file_cmd" >&6; } -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to convert $build file names to toolchain format" >&5 -$as_echo_n "checking how to convert $build file names to toolchain format... " >&6; } -if ${lt_cv_to_tool_file_cmd+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to convert $build file names to toolchain format" >&5 +printf %s "checking how to convert $build file names to toolchain format... " >&6; } +if test ${lt_cv_to_tool_file_cmd+y} +then : + printf %s "(cached) " >&6 +else $as_nop #assume ordinary cross tools, or native build. lt_cv_to_tool_file_cmd=func_convert_file_noop case $host in @@ -7332,22 +7936,23 @@ esac fi to_tool_file_cmd=$lt_cv_to_tool_file_cmd -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_to_tool_file_cmd" >&5 -$as_echo "$lt_cv_to_tool_file_cmd" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_to_tool_file_cmd" >&5 +printf "%s\n" "$lt_cv_to_tool_file_cmd" >&6; } -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $LD option to reload object files" >&5 -$as_echo_n "checking for $LD option to reload object files... " >&6; } -if ${lt_cv_ld_reload_flag+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $LD option to reload object files" >&5 +printf %s "checking for $LD option to reload object files... " >&6; } +if test ${lt_cv_ld_reload_flag+y} +then : + printf %s "(cached) " >&6 +else $as_nop lt_cv_ld_reload_flag='-r' fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_reload_flag" >&5 -$as_echo "$lt_cv_ld_reload_flag" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_reload_flag" >&5 +printf "%s\n" "$lt_cv_ld_reload_flag" >&6; } reload_flag=$lt_cv_ld_reload_flag case $reload_flag in "" | " "*) ;; @@ -7377,14 +7982,123 @@ esac +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}file", so it can be a program name with args. +set dummy ${ac_tool_prefix}file; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_FILECMD+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if test -n "$FILECMD"; then + ac_cv_prog_FILECMD="$FILECMD" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_FILECMD="${ac_tool_prefix}file" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +FILECMD=$ac_cv_prog_FILECMD +if test -n "$FILECMD"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $FILECMD" >&5 +printf "%s\n" "$FILECMD" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_FILECMD"; then + ac_ct_FILECMD=$FILECMD + # Extract the first word of "file", so it can be a program name with args. +set dummy file; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_FILECMD+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if test -n "$ac_ct_FILECMD"; then + ac_cv_prog_ac_ct_FILECMD="$ac_ct_FILECMD" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_FILECMD="file" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_FILECMD=$ac_cv_prog_ac_ct_FILECMD +if test -n "$ac_ct_FILECMD"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_FILECMD" >&5 +printf "%s\n" "$ac_ct_FILECMD" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + if test "x$ac_ct_FILECMD" = x; then + FILECMD=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + FILECMD=$ac_ct_FILECMD + fi +else + FILECMD="$ac_cv_prog_FILECMD" +fi + + + + + + + if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}objdump", so it can be a program name with args. set dummy ${ac_tool_prefix}objdump; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_OBJDUMP+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_OBJDUMP+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$OBJDUMP"; then ac_cv_prog_OBJDUMP="$OBJDUMP" # Let the user override the test. else @@ -7392,11 +8106,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_OBJDUMP="${ac_tool_prefix}objdump" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -7407,11 +8125,11 @@ fi fi OBJDUMP=$ac_cv_prog_OBJDUMP if test -n "$OBJDUMP"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $OBJDUMP" >&5 -$as_echo "$OBJDUMP" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $OBJDUMP" >&5 +printf "%s\n" "$OBJDUMP" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi @@ -7420,11 +8138,12 @@ if test -z "$ac_cv_prog_OBJDUMP"; then ac_ct_OBJDUMP=$OBJDUMP # Extract the first word of "objdump", so it can be a program name with args. set dummy objdump; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_OBJDUMP+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_OBJDUMP+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$ac_ct_OBJDUMP"; then ac_cv_prog_ac_ct_OBJDUMP="$ac_ct_OBJDUMP" # Let the user override the test. else @@ -7432,11 +8151,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_OBJDUMP="objdump" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -7447,11 +8170,11 @@ fi fi ac_ct_OBJDUMP=$ac_cv_prog_ac_ct_OBJDUMP if test -n "$ac_ct_OBJDUMP"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OBJDUMP" >&5 -$as_echo "$ac_ct_OBJDUMP" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OBJDUMP" >&5 +printf "%s\n" "$ac_ct_OBJDUMP" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi if test "x$ac_ct_OBJDUMP" = x; then @@ -7459,8 +8182,8 @@ fi else case $cross_compiling:$ac_tool_warned in yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac OBJDUMP=$ac_ct_OBJDUMP @@ -7476,11 +8199,12 @@ test -z "$OBJDUMP" && OBJDUMP=objdump -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to recognize dependent libraries" >&5 -$as_echo_n "checking how to recognize dependent libraries... " >&6; } -if ${lt_cv_deplibs_check_method+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to recognize dependent libraries" >&5 +printf %s "checking how to recognize dependent libraries... " >&6; } +if test ${lt_cv_deplibs_check_method+y} +then : + printf %s "(cached) " >&6 +else $as_nop lt_cv_file_magic_cmd='$MAGIC_CMD' lt_cv_file_magic_test_file= lt_cv_deplibs_check_method='unknown' @@ -7506,7 +8230,7 @@ beos*) bsdi[45]*) lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (shared object|dynamic lib)' - lt_cv_file_magic_cmd='/usr/bin/file -L' + lt_cv_file_magic_cmd='$FILECMD -L' lt_cv_file_magic_test_file=/shlib/libc.so ;; @@ -7540,14 +8264,14 @@ darwin* | rhapsody*) lt_cv_deplibs_check_method=pass_all ;; -freebsd* | dragonfly*) +freebsd* | dragonfly* | midnightbsd*) if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then case $host_cpu in i*86 ) # Not sure whether the presence of OpenBSD here was a mistake. # Let's accept both of them until this is cleared up. lt_cv_deplibs_check_method='file_magic (FreeBSD|OpenBSD|DragonFly)/i[3-9]86 (compact )?demand paged shared library' - lt_cv_file_magic_cmd=/usr/bin/file + lt_cv_file_magic_cmd=$FILECMD lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*` ;; esac @@ -7561,7 +8285,7 @@ haiku*) ;; hpux10.20* | hpux11*) - lt_cv_file_magic_cmd=/usr/bin/file + lt_cv_file_magic_cmd=$FILECMD case $host_cpu in ia64*) lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF-[0-9][0-9]) shared object file - IA64' @@ -7608,7 +8332,7 @@ netbsd* | netbsdelf*-gnu) newos6*) lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (executable|dynamic lib)' - lt_cv_file_magic_cmd=/usr/bin/file + lt_cv_file_magic_cmd=$FILECMD lt_cv_file_magic_test_file=/usr/lib/libnls.so ;; @@ -7676,8 +8400,8 @@ os2*) esac fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_deplibs_check_method" >&5 -$as_echo "$lt_cv_deplibs_check_method" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_deplibs_check_method" >&5 +printf "%s\n" "$lt_cv_deplibs_check_method" >&6; } file_magic_glob= want_nocaseglob=no @@ -7721,11 +8445,12 @@ test -z "$deplibs_check_method" && deplibs_check_method=unknown if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}dlltool", so it can be a program name with args. set dummy ${ac_tool_prefix}dlltool; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_DLLTOOL+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_DLLTOOL+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$DLLTOOL"; then ac_cv_prog_DLLTOOL="$DLLTOOL" # Let the user override the test. else @@ -7733,11 +8458,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_DLLTOOL="${ac_tool_prefix}dlltool" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -7748,11 +8477,11 @@ fi fi DLLTOOL=$ac_cv_prog_DLLTOOL if test -n "$DLLTOOL"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $DLLTOOL" >&5 -$as_echo "$DLLTOOL" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $DLLTOOL" >&5 +printf "%s\n" "$DLLTOOL" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi @@ -7761,11 +8490,12 @@ if test -z "$ac_cv_prog_DLLTOOL"; then ac_ct_DLLTOOL=$DLLTOOL # Extract the first word of "dlltool", so it can be a program name with args. set dummy dlltool; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_DLLTOOL+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_DLLTOOL+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$ac_ct_DLLTOOL"; then ac_cv_prog_ac_ct_DLLTOOL="$ac_ct_DLLTOOL" # Let the user override the test. else @@ -7773,11 +8503,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_DLLTOOL="dlltool" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -7788,11 +8522,11 @@ fi fi ac_ct_DLLTOOL=$ac_cv_prog_ac_ct_DLLTOOL if test -n "$ac_ct_DLLTOOL"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DLLTOOL" >&5 -$as_echo "$ac_ct_DLLTOOL" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DLLTOOL" >&5 +printf "%s\n" "$ac_ct_DLLTOOL" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi if test "x$ac_ct_DLLTOOL" = x; then @@ -7800,8 +8534,8 @@ fi else case $cross_compiling:$ac_tool_warned in yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac DLLTOOL=$ac_ct_DLLTOOL @@ -7818,11 +8552,12 @@ test -z "$DLLTOOL" && DLLTOOL=dlltool -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to associate runtime and link libraries" >&5 -$as_echo_n "checking how to associate runtime and link libraries... " >&6; } -if ${lt_cv_sharedlib_from_linklib_cmd+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to associate runtime and link libraries" >&5 +printf %s "checking how to associate runtime and link libraries... " >&6; } +if test ${lt_cv_sharedlib_from_linklib_cmd+y} +then : + printf %s "(cached) " >&6 +else $as_nop lt_cv_sharedlib_from_linklib_cmd='unknown' case $host_os in @@ -7845,8 +8580,8 @@ cygwin* | mingw* | pw32* | cegcc*) esac fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_sharedlib_from_linklib_cmd" >&5 -$as_echo "$lt_cv_sharedlib_from_linklib_cmd" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_sharedlib_from_linklib_cmd" >&5 +printf "%s\n" "$lt_cv_sharedlib_from_linklib_cmd" >&6; } sharedlib_from_linklib_cmd=$lt_cv_sharedlib_from_linklib_cmd test -z "$sharedlib_from_linklib_cmd" && sharedlib_from_linklib_cmd=$ECHO @@ -7861,11 +8596,12 @@ if test -n "$ac_tool_prefix"; then do # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. set dummy $ac_tool_prefix$ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_AR+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_AR+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$AR"; then ac_cv_prog_AR="$AR" # Let the user override the test. else @@ -7873,11 +8609,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_AR="$ac_tool_prefix$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -7888,11 +8628,11 @@ fi fi AR=$ac_cv_prog_AR if test -n "$AR"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $AR" >&5 -$as_echo "$AR" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $AR" >&5 +printf "%s\n" "$AR" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi @@ -7905,11 +8645,12 @@ if test -z "$AR"; then do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_AR+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_AR+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$ac_ct_AR"; then ac_cv_prog_ac_ct_AR="$ac_ct_AR" # Let the user override the test. else @@ -7917,11 +8658,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_AR="$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -7932,11 +8677,11 @@ fi fi ac_ct_AR=$ac_cv_prog_ac_ct_AR if test -n "$ac_ct_AR"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_AR" >&5 -$as_echo "$ac_ct_AR" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_AR" >&5 +printf "%s\n" "$ac_ct_AR" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi @@ -7948,8 +8693,8 @@ done else case $cross_compiling:$ac_tool_warned in yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac AR=$ac_ct_AR @@ -7957,42 +8702,60 @@ esac fi : ${AR=ar} -: ${AR_FLAGS=cr} +# Use ARFLAGS variable as AR's operation code to sync the variable naming with +# Automake. If both AR_FLAGS and ARFLAGS are specified, AR_FLAGS should have +# higher priority because thats what people were doing historically (setting +# ARFLAGS for automake and AR_FLAGS for libtool). FIXME: Make the AR_FLAGS +# variable obsoleted/removed. + +test ${AR_FLAGS+y} || AR_FLAGS=${ARFLAGS-cr} +lt_ar_flags=$AR_FLAGS -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for archiver @FILE support" >&5 -$as_echo_n "checking for archiver @FILE support... " >&6; } -if ${lt_cv_ar_at_file+:} false; then : - $as_echo_n "(cached) " >&6 -else + +# Make AR_FLAGS overridable by 'make ARFLAGS='. Don't try to run-time override +# by AR_FLAGS because that was never working and AR_FLAGS is about to die. + + + + + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for archiver @FILE support" >&5 +printf %s "checking for archiver @FILE support... " >&6; } +if test ${lt_cv_ar_at_file+y} +then : + printf %s "(cached) " >&6 +else $as_nop lt_cv_ar_at_file=no cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int -main () +main (void) { ; return 0; } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : +if ac_fn_c_try_compile "$LINENO" +then : echo conftest.$ac_objext > conftest.lst lt_ar_try='$AR $AR_FLAGS libconftest.a @conftest.lst >&5' { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$lt_ar_try\""; } >&5 (eval $lt_ar_try) 2>&5 ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } if test 0 -eq "$ac_status"; then # Ensure the archiver fails upon bogus file names. @@ -8000,7 +8763,7 @@ if ac_fn_c_try_compile "$LINENO"; then : { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$lt_ar_try\""; } >&5 (eval $lt_ar_try) 2>&5 ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } if test 0 -ne "$ac_status"; then lt_cv_ar_at_file=@ @@ -8009,11 +8772,11 @@ if ac_fn_c_try_compile "$LINENO"; then : rm -f conftest.* libconftest.a fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ar_at_file" >&5 -$as_echo "$lt_cv_ar_at_file" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ar_at_file" >&5 +printf "%s\n" "$lt_cv_ar_at_file" >&6; } if test no = "$lt_cv_ar_at_file"; then archiver_list_spec= @@ -8030,11 +8793,12 @@ fi if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args. set dummy ${ac_tool_prefix}strip; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_STRIP+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_STRIP+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$STRIP"; then ac_cv_prog_STRIP="$STRIP" # Let the user override the test. else @@ -8042,11 +8806,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_STRIP="${ac_tool_prefix}strip" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -8057,11 +8825,11 @@ fi fi STRIP=$ac_cv_prog_STRIP if test -n "$STRIP"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $STRIP" >&5 -$as_echo "$STRIP" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $STRIP" >&5 +printf "%s\n" "$STRIP" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi @@ -8070,11 +8838,12 @@ if test -z "$ac_cv_prog_STRIP"; then ac_ct_STRIP=$STRIP # Extract the first word of "strip", so it can be a program name with args. set dummy strip; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_STRIP+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_STRIP+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$ac_ct_STRIP"; then ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test. else @@ -8082,11 +8851,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_STRIP="strip" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -8097,11 +8870,11 @@ fi fi ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP if test -n "$ac_ct_STRIP"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_STRIP" >&5 -$as_echo "$ac_ct_STRIP" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_STRIP" >&5 +printf "%s\n" "$ac_ct_STRIP" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi if test "x$ac_ct_STRIP" = x; then @@ -8109,8 +8882,8 @@ fi else case $cross_compiling:$ac_tool_warned in yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac STRIP=$ac_ct_STRIP @@ -8129,11 +8902,12 @@ test -z "$STRIP" && STRIP=: if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args. set dummy ${ac_tool_prefix}ranlib; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_RANLIB+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_RANLIB+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$RANLIB"; then ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test. else @@ -8141,11 +8915,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -8156,11 +8934,11 @@ fi fi RANLIB=$ac_cv_prog_RANLIB if test -n "$RANLIB"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $RANLIB" >&5 -$as_echo "$RANLIB" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $RANLIB" >&5 +printf "%s\n" "$RANLIB" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi @@ -8169,11 +8947,12 @@ if test -z "$ac_cv_prog_RANLIB"; then ac_ct_RANLIB=$RANLIB # Extract the first word of "ranlib", so it can be a program name with args. set dummy ranlib; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_RANLIB+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_RANLIB+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$ac_ct_RANLIB"; then ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test. else @@ -8181,11 +8960,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_RANLIB="ranlib" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -8196,11 +8979,11 @@ fi fi ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB if test -n "$ac_ct_RANLIB"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_RANLIB" >&5 -$as_echo "$ac_ct_RANLIB" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_RANLIB" >&5 +printf "%s\n" "$ac_ct_RANLIB" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi if test "x$ac_ct_RANLIB" = x; then @@ -8208,8 +8991,8 @@ fi else case $cross_compiling:$ac_tool_warned in yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac RANLIB=$ac_ct_RANLIB @@ -8298,11 +9081,12 @@ compiler=$CC # Check for command to grab the raw symbol name followed by C symbol from nm. -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking command to parse $NM output from $compiler object" >&5 -$as_echo_n "checking command to parse $NM output from $compiler object... " >&6; } -if ${lt_cv_sys_global_symbol_pipe+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking command to parse $NM output from $compiler object" >&5 +printf %s "checking command to parse $NM output from $compiler object... " >&6; } +if test ${lt_cv_sys_global_symbol_pipe+y} +then : + printf %s "(cached) " >&6 +else $as_nop # These are sane defaults that work on at least a few old systems. # [They come from Ultrix. What could be older than Ultrix?!! ;)] @@ -8357,7 +9141,7 @@ esac if test "$lt_cv_nm_interface" = "MS dumpbin"; then # Gets list of data symbols to import. - lt_cv_sys_global_symbol_to_import="sed -n -e 's/^I .* \(.*\)$/\1/p'" + lt_cv_sys_global_symbol_to_import="$SED -n -e 's/^I .* \(.*\)$/\1/p'" # Adjust the below global symbol transforms to fixup imported variables. lt_cdecl_hook=" -e 's/^I .* \(.*\)$/extern __declspec(dllimport) char \1;/p'" lt_c_name_hook=" -e 's/^I .* \(.*\)$/ {\"\1\", (void *) 0},/p'" @@ -8375,20 +9159,20 @@ fi # Transform an extracted symbol line into a proper C declaration. # Some systems (esp. on ia64) link data and code symbols differently, # so use this general approach. -lt_cv_sys_global_symbol_to_cdecl="sed -n"\ +lt_cv_sys_global_symbol_to_cdecl="$SED -n"\ $lt_cdecl_hook\ " -e 's/^T .* \(.*\)$/extern int \1();/p'"\ " -e 's/^$symcode$symcode* .* \(.*\)$/extern char \1;/p'" # Transform an extracted symbol line into symbol name and symbol address -lt_cv_sys_global_symbol_to_c_name_address="sed -n"\ +lt_cv_sys_global_symbol_to_c_name_address="$SED -n"\ $lt_c_name_hook\ " -e 's/^: \(.*\) .*$/ {\"\1\", (void *) 0},/p'"\ " -e 's/^$symcode$symcode* .* \(.*\)$/ {\"\1\", (void *) \&\1},/p'" # Transform an extracted symbol line into symbol name with lib prefix and # symbol address. -lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="sed -n"\ +lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="$SED -n"\ $lt_c_name_lib_hook\ " -e 's/^: \(.*\) .*$/ {\"\1\", (void *) 0},/p'"\ " -e 's/^$symcode$symcode* .* \(lib.*\)$/ {\"\1\", (void *) \&\1},/p'"\ @@ -8412,7 +9196,7 @@ for ac_symprfx in "" "_"; do if test "$lt_cv_nm_interface" = "MS dumpbin"; then # Fake it for dumpbin and say T for any non-static function, # D for any global variable and I for any imported variable. - # Also find C++ and __fastcall symbols from MSVC++, + # Also find C++ and __fastcall symbols from MSVC++ or ICC, # which start with @ or ?. lt_cv_sys_global_symbol_pipe="$AWK '"\ " {last_section=section; section=\$ 3};"\ @@ -8430,9 +9214,9 @@ for ac_symprfx in "" "_"; do " s[1]~prfx {split(s[1],t,\"@\"); print f,t[1],substr(t[1],length(prfx))}"\ " ' prfx=^$ac_symprfx" else - lt_cv_sys_global_symbol_pipe="sed -n -e 's/^.*[ ]\($symcode$symcode*\)[ ][ ]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'" + lt_cv_sys_global_symbol_pipe="$SED -n -e 's/^.*[ ]\($symcode$symcode*\)[ ][ ]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'" fi - lt_cv_sys_global_symbol_pipe="$lt_cv_sys_global_symbol_pipe | sed '/ __gnu_lto/d'" + lt_cv_sys_global_symbol_pipe="$lt_cv_sys_global_symbol_pipe | $SED '/ __gnu_lto/d'" # Check to see that the pipe works correctly. pipe_works=no @@ -8454,7 +9238,7 @@ _LT_EOF if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 (eval $ac_compile) 2>&5 ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then # Now try to grab the symbols. nlist=conftest.nm @@ -8527,7 +9311,7 @@ _LT_EOF if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_link\""; } >&5 (eval $ac_link) 2>&5 ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } && test -s conftest$ac_exeext; then pipe_works=yes fi @@ -8562,11 +9346,11 @@ if test -z "$lt_cv_sys_global_symbol_pipe"; then lt_cv_sys_global_symbol_to_cdecl= fi if test -z "$lt_cv_sys_global_symbol_pipe$lt_cv_sys_global_symbol_to_cdecl"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: failed" >&5 -$as_echo "failed" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: failed" >&5 +printf "%s\n" "failed" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: ok" >&5 -$as_echo "ok" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: ok" >&5 +printf "%s\n" "ok" >&6; } fi # Response file support. @@ -8612,13 +9396,14 @@ fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for sysroot" >&5 -$as_echo_n "checking for sysroot... " >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for sysroot" >&5 +printf %s "checking for sysroot... " >&6; } # Check whether --with-sysroot was given. -if test "${with_sysroot+set}" = set; then : +if test ${with_sysroot+y} +then : withval=$with_sysroot; -else +else $as_nop with_sysroot=no fi @@ -8631,29 +9416,30 @@ case $with_sysroot in #( fi ;; #( /*) - lt_sysroot=`echo "$with_sysroot" | sed -e "$sed_quote_subst"` + lt_sysroot=`echo "$with_sysroot" | $SED -e "$sed_quote_subst"` ;; #( no|'') ;; #( *) - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $with_sysroot" >&5 -$as_echo "$with_sysroot" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $with_sysroot" >&5 +printf "%s\n" "$with_sysroot" >&6; } as_fn_error $? "The sysroot must be an absolute path." "$LINENO" 5 ;; esac - { $as_echo "$as_me:${as_lineno-$LINENO}: result: ${lt_sysroot:-no}" >&5 -$as_echo "${lt_sysroot:-no}" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: ${lt_sysroot:-no}" >&5 +printf "%s\n" "${lt_sysroot:-no}" >&6; } -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a working dd" >&5 -$as_echo_n "checking for a working dd... " >&6; } -if ${ac_cv_path_lt_DD+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for a working dd" >&5 +printf %s "checking for a working dd... " >&6; } +if test ${ac_cv_path_lt_DD+y} +then : + printf %s "(cached) " >&6 +else $as_nop printf 0123456789abcdef0123456789abcdef >conftest.i cat conftest.i conftest.i >conftest2.i : ${lt_DD:=$DD} @@ -8664,10 +9450,15 @@ if test -z "$lt_DD"; then for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_prog in dd; do + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_prog in dd + do for ac_exec_ext in '' $ac_executable_extensions; do - ac_path_lt_DD="$as_dir/$ac_prog$ac_exec_ext" + ac_path_lt_DD="$as_dir$ac_prog$ac_exec_ext" as_fn_executable_p "$ac_path_lt_DD" || continue if "$ac_path_lt_DD" bs=32 count=1 conftest.out 2>/dev/null; then cmp -s conftest.i conftest.out \ @@ -8687,15 +9478,16 @@ fi rm -f conftest.i conftest2.i conftest.out fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_lt_DD" >&5 -$as_echo "$ac_cv_path_lt_DD" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_lt_DD" >&5 +printf "%s\n" "$ac_cv_path_lt_DD" >&6; } -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to truncate binary pipes" >&5 -$as_echo_n "checking how to truncate binary pipes... " >&6; } -if ${lt_cv_truncate_bin+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to truncate binary pipes" >&5 +printf %s "checking how to truncate binary pipes... " >&6; } +if test ${lt_cv_truncate_bin+y} +then : + printf %s "(cached) " >&6 +else $as_nop printf 0123456789abcdef0123456789abcdef >conftest.i cat conftest.i conftest.i >conftest2.i lt_cv_truncate_bin= @@ -8706,8 +9498,8 @@ fi rm -f conftest.i conftest2.i conftest.out test -z "$lt_cv_truncate_bin" && lt_cv_truncate_bin="$SED -e 4q" fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_truncate_bin" >&5 -$as_echo "$lt_cv_truncate_bin" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_truncate_bin" >&5 +printf "%s\n" "$lt_cv_truncate_bin" >&6; } @@ -8730,7 +9522,8 @@ func_cc_basename () } # Check whether --enable-libtool-lock was given. -if test "${enable_libtool_lock+set}" = set; then : +if test ${enable_libtool_lock+y} +then : enableval=$enable_libtool_lock; fi @@ -8746,9 +9539,9 @@ ia64-*-hpux*) if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 (eval $ac_compile) 2>&5 ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then - case `/usr/bin/file conftest.$ac_objext` in + case `$FILECMD conftest.$ac_objext` in *ELF-32*) HPUX_IA64_MODE=32 ;; @@ -8766,10 +9559,10 @@ ia64-*-hpux*) if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 (eval $ac_compile) 2>&5 ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then if test yes = "$lt_cv_prog_gnu_ld"; then - case `/usr/bin/file conftest.$ac_objext` in + case `$FILECMD conftest.$ac_objext` in *32-bit*) LD="${LD-ld} -melf32bsmip" ;; @@ -8781,7 +9574,7 @@ ia64-*-hpux*) ;; esac else - case `/usr/bin/file conftest.$ac_objext` in + case `$FILECMD conftest.$ac_objext` in *32-bit*) LD="${LD-ld} -32" ;; @@ -8804,10 +9597,10 @@ mips64*-*linux*) if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 (eval $ac_compile) 2>&5 ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then emul=elf - case `/usr/bin/file conftest.$ac_objext` in + case `$FILECMD conftest.$ac_objext` in *32-bit*) emul="${emul}32" ;; @@ -8815,7 +9608,7 @@ mips64*-*linux*) emul="${emul}64" ;; esac - case `/usr/bin/file conftest.$ac_objext` in + case `$FILECMD conftest.$ac_objext` in *MSB*) emul="${emul}btsmip" ;; @@ -8823,7 +9616,7 @@ mips64*-*linux*) emul="${emul}ltsmip" ;; esac - case `/usr/bin/file conftest.$ac_objext` in + case `$FILECMD conftest.$ac_objext` in *N32*) emul="${emul}n32" ;; @@ -8845,16 +9638,16 @@ s390*-*linux*|s390*-*tpf*|sparc*-*linux*) if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 (eval $ac_compile) 2>&5 ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then - case `/usr/bin/file conftest.o` in + case `$FILECMD conftest.o` in *32-bit*) case $host in x86_64-*kfreebsd*-gnu) LD="${LD-ld} -m elf_i386_fbsd" ;; x86_64-*linux*) - case `/usr/bin/file conftest.o` in + case `$FILECMD conftest.o` in *x86-64*) LD="${LD-ld} -m elf32_x86_64" ;; @@ -8908,11 +9701,12 @@ s390*-*linux*|s390*-*tpf*|sparc*-*linux*) # On SCO OpenServer 5, we need -belf to get full-featured binaries. SAVE_CFLAGS=$CFLAGS CFLAGS="$CFLAGS -belf" - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler needs -belf" >&5 -$as_echo_n "checking whether the C compiler needs -belf... " >&6; } -if ${lt_cv_cc_needs_belf+:} false; then : - $as_echo_n "(cached) " >&6 -else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether the C compiler needs -belf" >&5 +printf %s "checking whether the C compiler needs -belf... " >&6; } +if test ${lt_cv_cc_needs_belf+y} +then : + printf %s "(cached) " >&6 +else $as_nop ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' @@ -8923,19 +9717,20 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu /* end confdefs.h. */ int -main () +main (void) { ; return 0; } _ACEOF -if ac_fn_c_try_link "$LINENO"; then : +if ac_fn_c_try_link "$LINENO" +then : lt_cv_cc_needs_belf=yes -else +else $as_nop lt_cv_cc_needs_belf=no fi -rm -f core conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext ac_ext=c ac_cpp='$CPP $CPPFLAGS' @@ -8944,8 +9739,8 @@ ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $ ac_compiler_gnu=$ac_cv_c_compiler_gnu fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_cc_needs_belf" >&5 -$as_echo "$lt_cv_cc_needs_belf" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_cc_needs_belf" >&5 +printf "%s\n" "$lt_cv_cc_needs_belf" >&6; } if test yes != "$lt_cv_cc_needs_belf"; then # this is probably gcc 2.8.0, egcs 1.0 or newer; no need for -belf CFLAGS=$SAVE_CFLAGS @@ -8958,9 +9753,9 @@ $as_echo "$lt_cv_cc_needs_belf" >&6; } if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 (eval $ac_compile) 2>&5 ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then - case `/usr/bin/file conftest.o` in + case `$FILECMD conftest.o` in *64-bit*) case $lt_cv_prog_gnu_ld in yes*) @@ -8995,11 +9790,12 @@ need_locks=$enable_libtool_lock if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}mt", so it can be a program name with args. set dummy ${ac_tool_prefix}mt; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_MANIFEST_TOOL+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_MANIFEST_TOOL+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$MANIFEST_TOOL"; then ac_cv_prog_MANIFEST_TOOL="$MANIFEST_TOOL" # Let the user override the test. else @@ -9007,11 +9803,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_MANIFEST_TOOL="${ac_tool_prefix}mt" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -9022,11 +9822,11 @@ fi fi MANIFEST_TOOL=$ac_cv_prog_MANIFEST_TOOL if test -n "$MANIFEST_TOOL"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MANIFEST_TOOL" >&5 -$as_echo "$MANIFEST_TOOL" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $MANIFEST_TOOL" >&5 +printf "%s\n" "$MANIFEST_TOOL" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi @@ -9035,11 +9835,12 @@ if test -z "$ac_cv_prog_MANIFEST_TOOL"; then ac_ct_MANIFEST_TOOL=$MANIFEST_TOOL # Extract the first word of "mt", so it can be a program name with args. set dummy mt; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_MANIFEST_TOOL+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_MANIFEST_TOOL+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$ac_ct_MANIFEST_TOOL"; then ac_cv_prog_ac_ct_MANIFEST_TOOL="$ac_ct_MANIFEST_TOOL" # Let the user override the test. else @@ -9047,11 +9848,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_MANIFEST_TOOL="mt" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -9062,11 +9867,11 @@ fi fi ac_ct_MANIFEST_TOOL=$ac_cv_prog_ac_ct_MANIFEST_TOOL if test -n "$ac_ct_MANIFEST_TOOL"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_MANIFEST_TOOL" >&5 -$as_echo "$ac_ct_MANIFEST_TOOL" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_MANIFEST_TOOL" >&5 +printf "%s\n" "$ac_ct_MANIFEST_TOOL" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi if test "x$ac_ct_MANIFEST_TOOL" = x; then @@ -9074,8 +9879,8 @@ fi else case $cross_compiling:$ac_tool_warned in yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac MANIFEST_TOOL=$ac_ct_MANIFEST_TOOL @@ -9085,11 +9890,12 @@ else fi test -z "$MANIFEST_TOOL" && MANIFEST_TOOL=mt -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $MANIFEST_TOOL is a manifest tool" >&5 -$as_echo_n "checking if $MANIFEST_TOOL is a manifest tool... " >&6; } -if ${lt_cv_path_mainfest_tool+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $MANIFEST_TOOL is a manifest tool" >&5 +printf %s "checking if $MANIFEST_TOOL is a manifest tool... " >&6; } +if test ${lt_cv_path_mainfest_tool+y} +then : + printf %s "(cached) " >&6 +else $as_nop lt_cv_path_mainfest_tool=no echo "$as_me:$LINENO: $MANIFEST_TOOL '-?'" >&5 $MANIFEST_TOOL '-?' 2>conftest.err > conftest.out @@ -9099,8 +9905,8 @@ else fi rm -f conftest* fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_path_mainfest_tool" >&5 -$as_echo "$lt_cv_path_mainfest_tool" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_path_mainfest_tool" >&5 +printf "%s\n" "$lt_cv_path_mainfest_tool" >&6; } if test yes != "$lt_cv_path_mainfest_tool"; then MANIFEST_TOOL=: fi @@ -9115,11 +9921,12 @@ fi if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}dsymutil", so it can be a program name with args. set dummy ${ac_tool_prefix}dsymutil; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_DSYMUTIL+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_DSYMUTIL+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$DSYMUTIL"; then ac_cv_prog_DSYMUTIL="$DSYMUTIL" # Let the user override the test. else @@ -9127,11 +9934,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_DSYMUTIL="${ac_tool_prefix}dsymutil" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -9142,11 +9953,11 @@ fi fi DSYMUTIL=$ac_cv_prog_DSYMUTIL if test -n "$DSYMUTIL"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $DSYMUTIL" >&5 -$as_echo "$DSYMUTIL" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $DSYMUTIL" >&5 +printf "%s\n" "$DSYMUTIL" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi @@ -9155,11 +9966,12 @@ if test -z "$ac_cv_prog_DSYMUTIL"; then ac_ct_DSYMUTIL=$DSYMUTIL # Extract the first word of "dsymutil", so it can be a program name with args. set dummy dsymutil; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_DSYMUTIL+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_DSYMUTIL+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$ac_ct_DSYMUTIL"; then ac_cv_prog_ac_ct_DSYMUTIL="$ac_ct_DSYMUTIL" # Let the user override the test. else @@ -9167,11 +9979,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_DSYMUTIL="dsymutil" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -9182,11 +9998,11 @@ fi fi ac_ct_DSYMUTIL=$ac_cv_prog_ac_ct_DSYMUTIL if test -n "$ac_ct_DSYMUTIL"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DSYMUTIL" >&5 -$as_echo "$ac_ct_DSYMUTIL" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DSYMUTIL" >&5 +printf "%s\n" "$ac_ct_DSYMUTIL" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi if test "x$ac_ct_DSYMUTIL" = x; then @@ -9194,8 +10010,8 @@ fi else case $cross_compiling:$ac_tool_warned in yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac DSYMUTIL=$ac_ct_DSYMUTIL @@ -9207,11 +10023,12 @@ fi if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}nmedit", so it can be a program name with args. set dummy ${ac_tool_prefix}nmedit; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_NMEDIT+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_NMEDIT+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$NMEDIT"; then ac_cv_prog_NMEDIT="$NMEDIT" # Let the user override the test. else @@ -9219,11 +10036,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_NMEDIT="${ac_tool_prefix}nmedit" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -9234,11 +10055,11 @@ fi fi NMEDIT=$ac_cv_prog_NMEDIT if test -n "$NMEDIT"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $NMEDIT" >&5 -$as_echo "$NMEDIT" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $NMEDIT" >&5 +printf "%s\n" "$NMEDIT" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi @@ -9247,11 +10068,12 @@ if test -z "$ac_cv_prog_NMEDIT"; then ac_ct_NMEDIT=$NMEDIT # Extract the first word of "nmedit", so it can be a program name with args. set dummy nmedit; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_NMEDIT+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_NMEDIT+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$ac_ct_NMEDIT"; then ac_cv_prog_ac_ct_NMEDIT="$ac_ct_NMEDIT" # Let the user override the test. else @@ -9259,11 +10081,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_NMEDIT="nmedit" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -9274,11 +10100,11 @@ fi fi ac_ct_NMEDIT=$ac_cv_prog_ac_ct_NMEDIT if test -n "$ac_ct_NMEDIT"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_NMEDIT" >&5 -$as_echo "$ac_ct_NMEDIT" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_NMEDIT" >&5 +printf "%s\n" "$ac_ct_NMEDIT" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi if test "x$ac_ct_NMEDIT" = x; then @@ -9286,8 +10112,8 @@ fi else case $cross_compiling:$ac_tool_warned in yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac NMEDIT=$ac_ct_NMEDIT @@ -9299,11 +10125,12 @@ fi if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}lipo", so it can be a program name with args. set dummy ${ac_tool_prefix}lipo; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_LIPO+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_LIPO+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$LIPO"; then ac_cv_prog_LIPO="$LIPO" # Let the user override the test. else @@ -9311,11 +10138,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_LIPO="${ac_tool_prefix}lipo" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -9326,11 +10157,11 @@ fi fi LIPO=$ac_cv_prog_LIPO if test -n "$LIPO"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LIPO" >&5 -$as_echo "$LIPO" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $LIPO" >&5 +printf "%s\n" "$LIPO" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi @@ -9339,11 +10170,12 @@ if test -z "$ac_cv_prog_LIPO"; then ac_ct_LIPO=$LIPO # Extract the first word of "lipo", so it can be a program name with args. set dummy lipo; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_LIPO+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_LIPO+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$ac_ct_LIPO"; then ac_cv_prog_ac_ct_LIPO="$ac_ct_LIPO" # Let the user override the test. else @@ -9351,11 +10183,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_LIPO="lipo" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -9366,11 +10202,11 @@ fi fi ac_ct_LIPO=$ac_cv_prog_ac_ct_LIPO if test -n "$ac_ct_LIPO"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_LIPO" >&5 -$as_echo "$ac_ct_LIPO" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_LIPO" >&5 +printf "%s\n" "$ac_ct_LIPO" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi if test "x$ac_ct_LIPO" = x; then @@ -9378,8 +10214,8 @@ fi else case $cross_compiling:$ac_tool_warned in yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac LIPO=$ac_ct_LIPO @@ -9391,11 +10227,12 @@ fi if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}otool", so it can be a program name with args. set dummy ${ac_tool_prefix}otool; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_OTOOL+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_OTOOL+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$OTOOL"; then ac_cv_prog_OTOOL="$OTOOL" # Let the user override the test. else @@ -9403,11 +10240,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_OTOOL="${ac_tool_prefix}otool" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -9418,11 +10259,11 @@ fi fi OTOOL=$ac_cv_prog_OTOOL if test -n "$OTOOL"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $OTOOL" >&5 -$as_echo "$OTOOL" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $OTOOL" >&5 +printf "%s\n" "$OTOOL" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi @@ -9431,11 +10272,12 @@ if test -z "$ac_cv_prog_OTOOL"; then ac_ct_OTOOL=$OTOOL # Extract the first word of "otool", so it can be a program name with args. set dummy otool; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_OTOOL+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_OTOOL+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$ac_ct_OTOOL"; then ac_cv_prog_ac_ct_OTOOL="$ac_ct_OTOOL" # Let the user override the test. else @@ -9443,11 +10285,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_OTOOL="otool" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -9458,11 +10304,11 @@ fi fi ac_ct_OTOOL=$ac_cv_prog_ac_ct_OTOOL if test -n "$ac_ct_OTOOL"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OTOOL" >&5 -$as_echo "$ac_ct_OTOOL" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OTOOL" >&5 +printf "%s\n" "$ac_ct_OTOOL" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi if test "x$ac_ct_OTOOL" = x; then @@ -9470,8 +10316,8 @@ fi else case $cross_compiling:$ac_tool_warned in yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac OTOOL=$ac_ct_OTOOL @@ -9483,11 +10329,12 @@ fi if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}otool64", so it can be a program name with args. set dummy ${ac_tool_prefix}otool64; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_OTOOL64+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_OTOOL64+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$OTOOL64"; then ac_cv_prog_OTOOL64="$OTOOL64" # Let the user override the test. else @@ -9495,11 +10342,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_OTOOL64="${ac_tool_prefix}otool64" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -9510,11 +10361,11 @@ fi fi OTOOL64=$ac_cv_prog_OTOOL64 if test -n "$OTOOL64"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $OTOOL64" >&5 -$as_echo "$OTOOL64" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $OTOOL64" >&5 +printf "%s\n" "$OTOOL64" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi @@ -9523,11 +10374,12 @@ if test -z "$ac_cv_prog_OTOOL64"; then ac_ct_OTOOL64=$OTOOL64 # Extract the first word of "otool64", so it can be a program name with args. set dummy otool64; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_OTOOL64+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_OTOOL64+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -n "$ac_ct_OTOOL64"; then ac_cv_prog_ac_ct_OTOOL64="$ac_ct_OTOOL64" # Let the user override the test. else @@ -9535,11 +10387,15 @@ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_OTOOL64="otool64" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done @@ -9550,11 +10406,11 @@ fi fi ac_ct_OTOOL64=$ac_cv_prog_ac_ct_OTOOL64 if test -n "$ac_ct_OTOOL64"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OTOOL64" >&5 -$as_echo "$ac_ct_OTOOL64" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OTOOL64" >&5 +printf "%s\n" "$ac_ct_OTOOL64" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi if test "x$ac_ct_OTOOL64" = x; then @@ -9562,8 +10418,8 @@ fi else case $cross_compiling:$ac_tool_warned in yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac OTOOL64=$ac_ct_OTOOL64 @@ -9598,11 +10454,12 @@ fi - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for -single_module linker flag" >&5 -$as_echo_n "checking for -single_module linker flag... " >&6; } -if ${lt_cv_apple_cc_single_mod+:} false; then : - $as_echo_n "(cached) " >&6 -else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for -single_module linker flag" >&5 +printf %s "checking for -single_module linker flag... " >&6; } +if test ${lt_cv_apple_cc_single_mod+y} +then : + printf %s "(cached) " >&6 +else $as_nop lt_cv_apple_cc_single_mod=no if test -z "$LT_MULTI_MODULE"; then # By default we will add the -single_module flag. You can override @@ -9631,14 +10488,15 @@ else rm -f conftest.* fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_apple_cc_single_mod" >&5 -$as_echo "$lt_cv_apple_cc_single_mod" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_apple_cc_single_mod" >&5 +printf "%s\n" "$lt_cv_apple_cc_single_mod" >&6; } - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for -exported_symbols_list linker flag" >&5 -$as_echo_n "checking for -exported_symbols_list linker flag... " >&6; } -if ${lt_cv_ld_exported_symbols_list+:} false; then : - $as_echo_n "(cached) " >&6 -else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for -exported_symbols_list linker flag" >&5 +printf %s "checking for -exported_symbols_list linker flag... " >&6; } +if test ${lt_cv_ld_exported_symbols_list+y} +then : + printf %s "(cached) " >&6 +else $as_nop lt_cv_ld_exported_symbols_list=no save_LDFLAGS=$LDFLAGS echo "_main" > conftest.sym @@ -9647,39 +10505,41 @@ else /* end confdefs.h. */ int -main () +main (void) { ; return 0; } _ACEOF -if ac_fn_c_try_link "$LINENO"; then : +if ac_fn_c_try_link "$LINENO" +then : lt_cv_ld_exported_symbols_list=yes -else +else $as_nop lt_cv_ld_exported_symbols_list=no fi -rm -f core conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LDFLAGS=$save_LDFLAGS fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_exported_symbols_list" >&5 -$as_echo "$lt_cv_ld_exported_symbols_list" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_exported_symbols_list" >&5 +printf "%s\n" "$lt_cv_ld_exported_symbols_list" >&6; } - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for -force_load linker flag" >&5 -$as_echo_n "checking for -force_load linker flag... " >&6; } -if ${lt_cv_ld_force_load+:} false; then : - $as_echo_n "(cached) " >&6 -else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for -force_load linker flag" >&5 +printf %s "checking for -force_load linker flag... " >&6; } +if test ${lt_cv_ld_force_load+y} +then : + printf %s "(cached) " >&6 +else $as_nop lt_cv_ld_force_load=no cat > conftest.c << _LT_EOF int forced_loaded() { return 2;} _LT_EOF echo "$LTCC $LTCFLAGS -c -o conftest.o conftest.c" >&5 $LTCC $LTCFLAGS -c -o conftest.o conftest.c 2>&5 - echo "$AR cr libconftest.a conftest.o" >&5 - $AR cr libconftest.a conftest.o 2>&5 + echo "$AR $AR_FLAGS libconftest.a conftest.o" >&5 + $AR $AR_FLAGS libconftest.a conftest.o 2>&5 echo "$RANLIB libconftest.a" >&5 $RANLIB libconftest.a 2>&5 cat > conftest.c << _LT_EOF @@ -9699,24 +10559,19 @@ _LT_EOF rm -rf conftest.dSYM fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_force_load" >&5 -$as_echo "$lt_cv_ld_force_load" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_force_load" >&5 +printf "%s\n" "$lt_cv_ld_force_load" >&6; } case $host_os in rhapsody* | darwin1.[012]) _lt_dar_allow_undefined='$wl-undefined ${wl}suppress' ;; darwin1.*) _lt_dar_allow_undefined='$wl-flat_namespace $wl-undefined ${wl}suppress' ;; - darwin*) # darwin 5.x on - # if running on 10.5 or later, the deployment target defaults - # to the OS version, if on x86, and 10.4, the deployment - # target defaults to 10.4. Don't you love it? - case ${MACOSX_DEPLOYMENT_TARGET-10.0},$host in - 10.0,*86*-darwin8*|10.0,*-darwin[912]*) - _lt_dar_allow_undefined='$wl-undefined ${wl}dynamic_lookup' ;; - 10.[012][,.]*) - _lt_dar_allow_undefined='$wl-flat_namespace $wl-undefined ${wl}suppress' ;; - 10.*|11.*) - _lt_dar_allow_undefined='$wl-undefined ${wl}dynamic_lookup' ;; + darwin*) + case $MACOSX_DEPLOYMENT_TARGET,$host in + 10.[012],*|,*powerpc*-darwin[5-8]*) + _lt_dar_allow_undefined='$wl-flat_namespace $wl-undefined ${wl}suppress' ;; + *) + _lt_dar_allow_undefined='$wl-undefined ${wl}dynamic_lookup' ;; esac ;; esac @@ -9771,18 +10626,42 @@ func_munge_path_list () esac } -for ac_header in dlfcn.h -do : - ac_fn_c_check_header_compile "$LINENO" "dlfcn.h" "ac_cv_header_dlfcn_h" "$ac_includes_default -" -if test "x$ac_cv_header_dlfcn_h" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_DLFCN_H 1 -_ACEOF +ac_header= ac_cache= +for ac_item in $ac_header_c_list +do + if test $ac_cache; then + ac_fn_c_check_header_compile "$LINENO" $ac_header ac_cv_header_$ac_cache "$ac_includes_default" + if eval test \"x\$ac_cv_header_$ac_cache\" = xyes; then + printf "%s\n" "#define $ac_item 1" >> confdefs.h + fi + ac_header= ac_cache= + elif test $ac_header; then + ac_cache=$ac_item + else + ac_header=$ac_item + fi +done + + + + + + + + +if test $ac_cv_header_stdlib_h = yes && test $ac_cv_header_string_h = yes +then : + +printf "%s\n" "#define STDC_HEADERS 1" >>confdefs.h fi +ac_fn_c_check_header_compile "$LINENO" "dlfcn.h" "ac_cv_header_dlfcn_h" "$ac_includes_default +" +if test "x$ac_cv_header_dlfcn_h" = xyes +then : + printf "%s\n" "#define HAVE_DLFCN_H 1" >>confdefs.h -done +fi @@ -9800,6 +10679,336 @@ func_stripname_cnf () # Set options +enable_win32_dll=yes + +case $host in +*-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-cegcc*) + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}as", so it can be a program name with args. +set dummy ${ac_tool_prefix}as; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_AS+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if test -n "$AS"; then + ac_cv_prog_AS="$AS" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_AS="${ac_tool_prefix}as" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +AS=$ac_cv_prog_AS +if test -n "$AS"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $AS" >&5 +printf "%s\n" "$AS" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_AS"; then + ac_ct_AS=$AS + # Extract the first word of "as", so it can be a program name with args. +set dummy as; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_AS+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if test -n "$ac_ct_AS"; then + ac_cv_prog_ac_ct_AS="$ac_ct_AS" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_AS="as" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_AS=$ac_cv_prog_ac_ct_AS +if test -n "$ac_ct_AS"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_AS" >&5 +printf "%s\n" "$ac_ct_AS" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + if test "x$ac_ct_AS" = x; then + AS="false" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + AS=$ac_ct_AS + fi +else + AS="$ac_cv_prog_AS" +fi + + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}dlltool", so it can be a program name with args. +set dummy ${ac_tool_prefix}dlltool; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_DLLTOOL+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if test -n "$DLLTOOL"; then + ac_cv_prog_DLLTOOL="$DLLTOOL" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_DLLTOOL="${ac_tool_prefix}dlltool" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +DLLTOOL=$ac_cv_prog_DLLTOOL +if test -n "$DLLTOOL"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $DLLTOOL" >&5 +printf "%s\n" "$DLLTOOL" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_DLLTOOL"; then + ac_ct_DLLTOOL=$DLLTOOL + # Extract the first word of "dlltool", so it can be a program name with args. +set dummy dlltool; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_DLLTOOL+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if test -n "$ac_ct_DLLTOOL"; then + ac_cv_prog_ac_ct_DLLTOOL="$ac_ct_DLLTOOL" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_DLLTOOL="dlltool" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_DLLTOOL=$ac_cv_prog_ac_ct_DLLTOOL +if test -n "$ac_ct_DLLTOOL"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DLLTOOL" >&5 +printf "%s\n" "$ac_ct_DLLTOOL" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + if test "x$ac_ct_DLLTOOL" = x; then + DLLTOOL="false" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + DLLTOOL=$ac_ct_DLLTOOL + fi +else + DLLTOOL="$ac_cv_prog_DLLTOOL" +fi + + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}objdump", so it can be a program name with args. +set dummy ${ac_tool_prefix}objdump; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_OBJDUMP+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if test -n "$OBJDUMP"; then + ac_cv_prog_OBJDUMP="$OBJDUMP" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_OBJDUMP="${ac_tool_prefix}objdump" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +OBJDUMP=$ac_cv_prog_OBJDUMP +if test -n "$OBJDUMP"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $OBJDUMP" >&5 +printf "%s\n" "$OBJDUMP" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_OBJDUMP"; then + ac_ct_OBJDUMP=$OBJDUMP + # Extract the first word of "objdump", so it can be a program name with args. +set dummy objdump; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_OBJDUMP+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if test -n "$ac_ct_OBJDUMP"; then + ac_cv_prog_ac_ct_OBJDUMP="$ac_ct_OBJDUMP" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_OBJDUMP="objdump" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_OBJDUMP=$ac_cv_prog_ac_ct_OBJDUMP +if test -n "$ac_ct_OBJDUMP"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OBJDUMP" >&5 +printf "%s\n" "$ac_ct_OBJDUMP" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + if test "x$ac_ct_OBJDUMP" = x; then + OBJDUMP="false" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + OBJDUMP=$ac_ct_OBJDUMP + fi +else + OBJDUMP="$ac_cv_prog_OBJDUMP" +fi + + ;; +esac + +test -z "$AS" && AS=as + + + + + +test -z "$DLLTOOL" && DLLTOOL=dlltool + + + + + +test -z "$OBJDUMP" && OBJDUMP=objdump + + + + @@ -9808,7 +11017,8 @@ func_stripname_cnf () # Check whether --enable-shared was given. -if test "${enable_shared+set}" = set; then : +if test ${enable_shared+y} +then : enableval=$enable_shared; p=${PACKAGE-default} case $enableval in yes) enable_shared=yes ;; @@ -9826,7 +11036,7 @@ if test "${enable_shared+set}" = set; then : IFS=$lt_save_ifs ;; esac -else +else $as_nop enable_shared=yes fi @@ -9839,7 +11049,8 @@ fi # Check whether --enable-static was given. -if test "${enable_static+set}" = set; then : +if test ${enable_static+y} +then : enableval=$enable_static; p=${PACKAGE-default} case $enableval in yes) enable_static=yes ;; @@ -9857,7 +11068,7 @@ if test "${enable_static+set}" = set; then : IFS=$lt_save_ifs ;; esac -else +else $as_nop enable_static=yes fi @@ -9871,7 +11082,8 @@ fi # Check whether --with-pic was given. -if test "${with_pic+set}" = set; then : +if test ${with_pic+y} +then : withval=$with_pic; lt_p=${PACKAGE-default} case $withval in yes|no) pic_mode=$withval ;; @@ -9888,7 +11100,7 @@ if test "${with_pic+set}" = set; then : IFS=$lt_save_ifs ;; esac -else +else $as_nop pic_mode=default fi @@ -9900,7 +11112,8 @@ fi # Check whether --enable-fast-install was given. -if test "${enable_fast_install+set}" = set; then : +if test ${enable_fast_install+y} +then : enableval=$enable_fast_install; p=${PACKAGE-default} case $enableval in yes) enable_fast_install=yes ;; @@ -9918,7 +11131,7 @@ if test "${enable_fast_install+set}" = set; then : IFS=$lt_save_ifs ;; esac -else +else $as_nop enable_fast_install=yes fi @@ -9932,11 +11145,12 @@ fi shared_archive_member_spec= case $host,$enable_shared in power*-*-aix[5-9]*,yes) - { $as_echo "$as_me:${as_lineno-$LINENO}: checking which variant of shared library versioning to provide" >&5 -$as_echo_n "checking which variant of shared library versioning to provide... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking which variant of shared library versioning to provide" >&5 +printf %s "checking which variant of shared library versioning to provide... " >&6; } # Check whether --with-aix-soname was given. -if test "${with_aix_soname+set}" = set; then : +if test ${with_aix_soname+y} +then : withval=$with_aix_soname; case $withval in aix|svr4|both) ;; @@ -9945,18 +11159,19 @@ if test "${with_aix_soname+set}" = set; then : ;; esac lt_cv_with_aix_soname=$with_aix_soname -else - if ${lt_cv_with_aix_soname+:} false; then : - $as_echo_n "(cached) " >&6 -else +else $as_nop + if test ${lt_cv_with_aix_soname+y} +then : + printf %s "(cached) " >&6 +else $as_nop lt_cv_with_aix_soname=aix fi with_aix_soname=$lt_cv_with_aix_soname fi - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $with_aix_soname" >&5 -$as_echo "$with_aix_soname" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $with_aix_soname" >&5 +printf "%s\n" "$with_aix_soname" >&6; } if test aix != "$with_aix_soname"; then # For the AIX way of multilib, we name the shared archive member # based on the bitwidth used, traditionally 'shr.o' or 'shr_64.o', @@ -10038,11 +11253,12 @@ if test -n "${ZSH_VERSION+set}"; then setopt NO_GLOB_SUBST fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for objdir" >&5 -$as_echo_n "checking for objdir... " >&6; } -if ${lt_cv_objdir+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for objdir" >&5 +printf %s "checking for objdir... " >&6; } +if test ${lt_cv_objdir+y} +then : + printf %s "(cached) " >&6 +else $as_nop rm -f .libs 2>/dev/null mkdir .libs 2>/dev/null if test -d .libs; then @@ -10053,17 +11269,15 @@ else fi rmdir .libs 2>/dev/null fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_objdir" >&5 -$as_echo "$lt_cv_objdir" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_objdir" >&5 +printf "%s\n" "$lt_cv_objdir" >&6; } objdir=$lt_cv_objdir -cat >>confdefs.h <<_ACEOF -#define LT_OBJDIR "$lt_cv_objdir/" -_ACEOF +printf "%s\n" "#define LT_OBJDIR \"$lt_cv_objdir/\"" >>confdefs.h @@ -10084,8 +11298,8 @@ esac ofile=libtool can_build_shared=yes -# All known linkers require a '.a' archive for static linking (except MSVC, -# which needs '.lib'). +# All known linkers require a '.a' archive for static linking (except MSVC and +# ICC, which need '.lib'). libext=a with_gnu_ld=$lt_cv_prog_gnu_ld @@ -10109,11 +11323,12 @@ test -z "$MAGIC_CMD" && MAGIC_CMD=file case $deplibs_check_method in file_magic*) if test "$file_magic_cmd" = '$MAGIC_CMD'; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ${ac_tool_prefix}file" >&5 -$as_echo_n "checking for ${ac_tool_prefix}file... " >&6; } -if ${lt_cv_path_MAGIC_CMD+:} false; then : - $as_echo_n "(cached) " >&6 -else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ${ac_tool_prefix}file" >&5 +printf %s "checking for ${ac_tool_prefix}file... " >&6; } +if test ${lt_cv_path_MAGIC_CMD+y} +then : + printf %s "(cached) " >&6 +else $as_nop case $MAGIC_CMD in [\\/*] | ?:[\\/]*) lt_cv_path_MAGIC_CMD=$MAGIC_CMD # Let the user override the test with a path. @@ -10162,11 +11377,11 @@ fi MAGIC_CMD=$lt_cv_path_MAGIC_CMD if test -n "$MAGIC_CMD"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MAGIC_CMD" >&5 -$as_echo "$MAGIC_CMD" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $MAGIC_CMD" >&5 +printf "%s\n" "$MAGIC_CMD" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi @@ -10175,11 +11390,12 @@ fi if test -z "$lt_cv_path_MAGIC_CMD"; then if test -n "$ac_tool_prefix"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for file" >&5 -$as_echo_n "checking for file... " >&6; } -if ${lt_cv_path_MAGIC_CMD+:} false; then : - $as_echo_n "(cached) " >&6 -else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for file" >&5 +printf %s "checking for file... " >&6; } +if test ${lt_cv_path_MAGIC_CMD+y} +then : + printf %s "(cached) " >&6 +else $as_nop case $MAGIC_CMD in [\\/*] | ?:[\\/]*) lt_cv_path_MAGIC_CMD=$MAGIC_CMD # Let the user override the test with a path. @@ -10228,11 +11444,11 @@ fi MAGIC_CMD=$lt_cv_path_MAGIC_CMD if test -n "$MAGIC_CMD"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MAGIC_CMD" >&5 -$as_echo "$MAGIC_CMD" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $MAGIC_CMD" >&5 +printf "%s\n" "$MAGIC_CMD" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi @@ -10317,11 +11533,12 @@ if test yes = "$GCC"; then lt_prog_compiler_no_builtin_flag=' -fno-builtin' ;; esac - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -fno-rtti -fno-exceptions" >&5 -$as_echo_n "checking if $compiler supports -fno-rtti -fno-exceptions... " >&6; } -if ${lt_cv_prog_compiler_rtti_exceptions+:} false; then : - $as_echo_n "(cached) " >&6 -else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -fno-rtti -fno-exceptions" >&5 +printf %s "checking if $compiler supports -fno-rtti -fno-exceptions... " >&6; } +if test ${lt_cv_prog_compiler_rtti_exceptions+y} +then : + printf %s "(cached) " >&6 +else $as_nop lt_cv_prog_compiler_rtti_exceptions=no ac_outfile=conftest.$ac_objext echo "$lt_simple_compile_test_code" > conftest.$ac_ext @@ -10352,8 +11569,8 @@ else $RM conftest* fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_rtti_exceptions" >&5 -$as_echo "$lt_cv_prog_compiler_rtti_exceptions" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_rtti_exceptions" >&5 +printf "%s\n" "$lt_cv_prog_compiler_rtti_exceptions" >&6; } if test yes = "$lt_cv_prog_compiler_rtti_exceptions"; then lt_prog_compiler_no_builtin_flag="$lt_prog_compiler_no_builtin_flag -fno-rtti -fno-exceptions" @@ -10600,7 +11817,7 @@ lt_prog_compiler_static= lt_prog_compiler_static='-qstaticlink' ;; *) - case `$CC -V 2>&1 | sed 5q` in + case `$CC -V 2>&1 | $SED 5q` in *Sun\ Ceres\ Fortran* | *Sun*Fortran*\ [1-7].* | *Sun*Fortran*\ 8.[0-3]*) # Sun Fortran 8.3 passes all unrecognized flags to the linker lt_prog_compiler_pic='-KPIC' @@ -10716,26 +11933,28 @@ case $host_os in ;; esac -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $compiler option to produce PIC" >&5 -$as_echo_n "checking for $compiler option to produce PIC... " >&6; } -if ${lt_cv_prog_compiler_pic+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $compiler option to produce PIC" >&5 +printf %s "checking for $compiler option to produce PIC... " >&6; } +if test ${lt_cv_prog_compiler_pic+y} +then : + printf %s "(cached) " >&6 +else $as_nop lt_cv_prog_compiler_pic=$lt_prog_compiler_pic fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_pic" >&5 -$as_echo "$lt_cv_prog_compiler_pic" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_pic" >&5 +printf "%s\n" "$lt_cv_prog_compiler_pic" >&6; } lt_prog_compiler_pic=$lt_cv_prog_compiler_pic # # Check to make sure the PIC flag actually works. # if test -n "$lt_prog_compiler_pic"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler PIC flag $lt_prog_compiler_pic works" >&5 -$as_echo_n "checking if $compiler PIC flag $lt_prog_compiler_pic works... " >&6; } -if ${lt_cv_prog_compiler_pic_works+:} false; then : - $as_echo_n "(cached) " >&6 -else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $compiler PIC flag $lt_prog_compiler_pic works" >&5 +printf %s "checking if $compiler PIC flag $lt_prog_compiler_pic works... " >&6; } +if test ${lt_cv_prog_compiler_pic_works+y} +then : + printf %s "(cached) " >&6 +else $as_nop lt_cv_prog_compiler_pic_works=no ac_outfile=conftest.$ac_objext echo "$lt_simple_compile_test_code" > conftest.$ac_ext @@ -10766,8 +11985,8 @@ else $RM conftest* fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_pic_works" >&5 -$as_echo "$lt_cv_prog_compiler_pic_works" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_pic_works" >&5 +printf "%s\n" "$lt_cv_prog_compiler_pic_works" >&6; } if test yes = "$lt_cv_prog_compiler_pic_works"; then case $lt_prog_compiler_pic in @@ -10795,11 +12014,12 @@ fi # Check to make sure the static flag actually works. # wl=$lt_prog_compiler_wl eval lt_tmp_static_flag=\"$lt_prog_compiler_static\" -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler static flag $lt_tmp_static_flag works" >&5 -$as_echo_n "checking if $compiler static flag $lt_tmp_static_flag works... " >&6; } -if ${lt_cv_prog_compiler_static_works+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $compiler static flag $lt_tmp_static_flag works" >&5 +printf %s "checking if $compiler static flag $lt_tmp_static_flag works... " >&6; } +if test ${lt_cv_prog_compiler_static_works+y} +then : + printf %s "(cached) " >&6 +else $as_nop lt_cv_prog_compiler_static_works=no save_LDFLAGS=$LDFLAGS LDFLAGS="$LDFLAGS $lt_tmp_static_flag" @@ -10823,8 +12043,8 @@ else LDFLAGS=$save_LDFLAGS fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_static_works" >&5 -$as_echo "$lt_cv_prog_compiler_static_works" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_static_works" >&5 +printf "%s\n" "$lt_cv_prog_compiler_static_works" >&6; } if test yes = "$lt_cv_prog_compiler_static_works"; then : @@ -10838,11 +12058,12 @@ fi - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -c -o file.$ac_objext" >&5 -$as_echo_n "checking if $compiler supports -c -o file.$ac_objext... " >&6; } -if ${lt_cv_prog_compiler_c_o+:} false; then : - $as_echo_n "(cached) " >&6 -else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -c -o file.$ac_objext" >&5 +printf %s "checking if $compiler supports -c -o file.$ac_objext... " >&6; } +if test ${lt_cv_prog_compiler_c_o+y} +then : + printf %s "(cached) " >&6 +else $as_nop lt_cv_prog_compiler_c_o=no $RM -r conftest 2>/dev/null mkdir conftest @@ -10885,19 +12106,20 @@ else $RM conftest* fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_c_o" >&5 -$as_echo "$lt_cv_prog_compiler_c_o" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_c_o" >&5 +printf "%s\n" "$lt_cv_prog_compiler_c_o" >&6; } - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -c -o file.$ac_objext" >&5 -$as_echo_n "checking if $compiler supports -c -o file.$ac_objext... " >&6; } -if ${lt_cv_prog_compiler_c_o+:} false; then : - $as_echo_n "(cached) " >&6 -else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -c -o file.$ac_objext" >&5 +printf %s "checking if $compiler supports -c -o file.$ac_objext... " >&6; } +if test ${lt_cv_prog_compiler_c_o+y} +then : + printf %s "(cached) " >&6 +else $as_nop lt_cv_prog_compiler_c_o=no $RM -r conftest 2>/dev/null mkdir conftest @@ -10940,8 +12162,8 @@ else $RM conftest* fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_c_o" >&5 -$as_echo "$lt_cv_prog_compiler_c_o" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_c_o" >&5 +printf "%s\n" "$lt_cv_prog_compiler_c_o" >&6; } @@ -10949,19 +12171,19 @@ $as_echo "$lt_cv_prog_compiler_c_o" >&6; } hard_links=nottested if test no = "$lt_cv_prog_compiler_c_o" && test no != "$need_locks"; then # do not overwrite the value of need_locks provided by the user - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if we can lock with hard links" >&5 -$as_echo_n "checking if we can lock with hard links... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if we can lock with hard links" >&5 +printf %s "checking if we can lock with hard links... " >&6; } hard_links=yes $RM conftest* ln conftest.a conftest.b 2>/dev/null && hard_links=no touch conftest.a ln conftest.a conftest.b 2>&5 || hard_links=no ln conftest.a conftest.b 2>/dev/null && hard_links=no - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $hard_links" >&5 -$as_echo "$hard_links" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $hard_links" >&5 +printf "%s\n" "$hard_links" >&6; } if test no = "$hard_links"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: '$CC' does not support '-c -o', so 'make -j' may be unsafe" >&5 -$as_echo "$as_me: WARNING: '$CC' does not support '-c -o', so 'make -j' may be unsafe" >&2;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: '$CC' does not support '-c -o', so 'make -j' may be unsafe" >&5 +printf "%s\n" "$as_me: WARNING: '$CC' does not support '-c -o', so 'make -j' may be unsafe" >&2;} need_locks=warn fi else @@ -10973,8 +12195,8 @@ fi - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the $compiler linker ($LD) supports shared libraries" >&5 -$as_echo_n "checking whether the $compiler linker ($LD) supports shared libraries... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether the $compiler linker ($LD) supports shared libraries" >&5 +printf %s "checking whether the $compiler linker ($LD) supports shared libraries... " >&6; } runpath_var= allow_undefined_flag= @@ -11018,15 +12240,15 @@ $as_echo_n "checking whether the $compiler linker ($LD) supports shared librarie case $host_os in cygwin* | mingw* | pw32* | cegcc*) - # FIXME: the MSVC++ port hasn't been tested in a loooong time + # FIXME: the MSVC++ and ICC port hasn't been tested in a loooong time # When not using gcc, we currently assume that we are using - # Microsoft Visual C++. + # Microsoft Visual C++ or Intel C++ Compiler. if test yes != "$GCC"; then with_gnu_ld=no fi ;; interix*) - # we just hope/assume this is gcc and not c89 (= MSVC++) + # we just hope/assume this is gcc and not c89 (= MSVC++ or ICC) with_gnu_ld=yes ;; openbsd* | bitrig*) @@ -11081,7 +12303,7 @@ $as_echo_n "checking whether the $compiler linker ($LD) supports shared librarie whole_archive_flag_spec= fi supports_anon_versioning=no - case `$LD -v | $SED -e 's/(^)\+)\s\+//' 2>&1` in + case `$LD -v | $SED -e 's/([^)]\+)\s\+//' 2>&1` in *GNU\ gold*) supports_anon_versioning=yes ;; *\ [01].* | *\ 2.[0-9].* | *\ 2.10.*) ;; # catch versions < 2.11 *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ... @@ -11193,6 +12415,7 @@ _LT_EOF emximp -o $lib $output_objdir/$libname.def' old_archive_From_new_cmds='emximp -o $output_objdir/${libname}_dll.a $output_objdir/$libname.def' enable_shared_with_static_runtimes=yes + file_list_spec='@' ;; interix[3-9]*) @@ -11207,7 +12430,7 @@ _LT_EOF # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link # time. Moving up from 0x10000000 also allows more sbrk(2) space. archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - archive_expsym_cmds='sed "s|^|_|" $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--retain-symbols-file,$output_objdir/$soname.expsym $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' + archive_expsym_cmds='$SED "s|^|_|" $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--retain-symbols-file,$output_objdir/$soname.expsym $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' ;; gnu* | linux* | tpf* | k*bsd*-gnu | kopensolaris*-gnu) @@ -11250,7 +12473,7 @@ _LT_EOF compiler_needs_object=yes ;; esac - case `$CC -V 2>&1 | sed 5q` in + case `$CC -V 2>&1 | $SED 5q` in *Sun\ C*) # Sun C 5.9 whole_archive_flag_spec='$wl--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` $wl--no-whole-archive' compiler_needs_object=yes @@ -11262,13 +12485,14 @@ _LT_EOF if test yes = "$supports_anon_versioning"; then archive_expsym_cmds='echo "{ global:" > $output_objdir/$libname.ver~ - cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ + cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ echo "local: *; };" >> $output_objdir/$libname.ver~ $CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags $wl-soname $wl$soname $wl-version-script $wl$output_objdir/$libname.ver -o $lib' fi case $cc_basename in tcc*) + hardcode_libdir_flag_spec='$wl-rpath $wl$libdir' export_dynamic_flag_spec='-rdynamic' ;; xlf* | bgf* | bgxlf* | mpixlf*) @@ -11278,7 +12502,7 @@ _LT_EOF archive_cmds='$LD -shared $libobjs $deplibs $linker_flags -soname $soname -o $lib' if test yes = "$supports_anon_versioning"; then archive_expsym_cmds='echo "{ global:" > $output_objdir/$libname.ver~ - cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ + cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ echo "local: *; };" >> $output_objdir/$libname.ver~ $LD -shared $libobjs $deplibs $linker_flags -soname $soname -version-script $output_objdir/$libname.ver -o $lib' fi @@ -11410,7 +12634,7 @@ _LT_EOF if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then export_symbols_cmds='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && (substr(\$ 3,1,1) != ".")) { if (\$ 2 == "W") { print \$ 3 " weak" } else { print \$ 3 } } }'\'' | sort -u > $export_symbols' else - export_symbols_cmds='`func_echo_all $NM | $SED -e '\''s/B\([^B]*\)$/P\1/'\''` -PCpgl $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) && (substr(\$ 1,1,1) != ".")) { if ((\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) { print \$ 1 " weak" } else { print \$ 1 } } }'\'' | sort -u > $export_symbols' + export_symbols_cmds='`func_echo_all $NM | $SED -e '\''s/B\([^B]*\)$/P\1/'\''` -PCpgl $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "L") || (\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) && (substr(\$ 1,1,1) != ".")) { if ((\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) { print \$ 1 " weak" } else { print \$ 1 } } }'\'' | sort -u > $export_symbols' fi aix_use_runtimelinking=no @@ -11532,21 +12756,23 @@ _LT_EOF if test set = "${lt_cv_aix_libpath+set}"; then aix_libpath=$lt_cv_aix_libpath else - if ${lt_cv_aix_libpath_+:} false; then : - $as_echo_n "(cached) " >&6 -else + if test ${lt_cv_aix_libpath_+y} +then : + printf %s "(cached) " >&6 +else $as_nop cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int -main () +main (void) { ; return 0; } _ACEOF -if ac_fn_c_try_link "$LINENO"; then : +if ac_fn_c_try_link "$LINENO" +then : lt_aix_libpath_sed=' /Import File Strings/,/^$/ { @@ -11561,7 +12787,7 @@ if ac_fn_c_try_link "$LINENO"; then : lt_cv_aix_libpath_=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` fi fi -rm -f core conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext if test -z "$lt_cv_aix_libpath_"; then lt_cv_aix_libpath_=/usr/lib:/lib @@ -11585,21 +12811,23 @@ fi if test set = "${lt_cv_aix_libpath+set}"; then aix_libpath=$lt_cv_aix_libpath else - if ${lt_cv_aix_libpath_+:} false; then : - $as_echo_n "(cached) " >&6 -else + if test ${lt_cv_aix_libpath_+y} +then : + printf %s "(cached) " >&6 +else $as_nop cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int -main () +main (void) { ; return 0; } _ACEOF -if ac_fn_c_try_link "$LINENO"; then : +if ac_fn_c_try_link "$LINENO" +then : lt_aix_libpath_sed=' /Import File Strings/,/^$/ { @@ -11614,7 +12842,7 @@ if ac_fn_c_try_link "$LINENO"; then : lt_cv_aix_libpath_=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` fi fi -rm -f core conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext if test -z "$lt_cv_aix_libpath_"; then lt_cv_aix_libpath_=/usr/lib:/lib @@ -11677,12 +12905,12 @@ fi cygwin* | mingw* | pw32* | cegcc*) # When not using gcc, we currently assume that we are using - # Microsoft Visual C++. + # Microsoft Visual C++ or Intel C++ Compiler. # hardcode_libdir_flag_spec is actually meaningless, as there is # no search path for DLLs. case $cc_basename in - cl*) - # Native MSVC + cl* | icl*) + # Native MSVC or ICC hardcode_libdir_flag_spec=' ' allow_undefined_flag=unsupported always_export_symbols=yes @@ -11723,7 +12951,7 @@ fi fi' ;; *) - # Assume MSVC wrapper + # Assume MSVC and ICC wrapper hardcode_libdir_flag_spec=' ' allow_undefined_flag=unsupported # Tell ltmain to make .lib files, not .a files. @@ -11764,8 +12992,8 @@ fi output_verbose_link_cmd=func_echo_all archive_cmds="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod$_lt_dsymutil" module_cmds="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags$_lt_dsymutil" - archive_expsym_cmds="sed 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod$_lt_dar_export_syms$_lt_dsymutil" - module_expsym_cmds="sed -e 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags$_lt_dar_export_syms$_lt_dsymutil" + archive_expsym_cmds="$SED 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod$_lt_dar_export_syms$_lt_dsymutil" + module_expsym_cmds="$SED -e 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags$_lt_dar_export_syms$_lt_dsymutil" else ld_shlibs=no @@ -11799,7 +13027,7 @@ fi ;; # FreeBSD 3 and greater uses gcc -shared to do shared libraries. - freebsd* | dragonfly*) + freebsd* | dragonfly* | midnightbsd*) archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' hardcode_libdir_flag_spec='-R$libdir' hardcode_direct=yes @@ -11865,11 +13093,12 @@ fi # Older versions of the 11.00 compiler do not understand -b yet # (HP92453-01 A.11.01.20 doesn't, HP92453-01 B.11.X.35175-35176.GP does) - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC understands -b" >&5 -$as_echo_n "checking if $CC understands -b... " >&6; } -if ${lt_cv_prog_compiler__b+:} false; then : - $as_echo_n "(cached) " >&6 -else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC understands -b" >&5 +printf %s "checking if $CC understands -b... " >&6; } +if test ${lt_cv_prog_compiler__b+y} +then : + printf %s "(cached) " >&6 +else $as_nop lt_cv_prog_compiler__b=no save_LDFLAGS=$LDFLAGS LDFLAGS="$LDFLAGS -b" @@ -11893,8 +13122,8 @@ else LDFLAGS=$save_LDFLAGS fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler__b" >&5 -$as_echo "$lt_cv_prog_compiler__b" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler__b" >&5 +printf "%s\n" "$lt_cv_prog_compiler__b" >&6; } if test yes = "$lt_cv_prog_compiler__b"; then archive_cmds='$CC -b $wl+h $wl$soname $wl+b $wl$install_libdir -o $lib $libobjs $deplibs $compiler_flags' @@ -11934,28 +13163,30 @@ fi # work, assume that -exports_file does not work either and # implicitly export all symbols. # This should be the same for all languages, so no per-tag cache variable. - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the $host_os linker accepts -exported_symbol" >&5 -$as_echo_n "checking whether the $host_os linker accepts -exported_symbol... " >&6; } -if ${lt_cv_irix_exported_symbol+:} false; then : - $as_echo_n "(cached) " >&6 -else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether the $host_os linker accepts -exported_symbol" >&5 +printf %s "checking whether the $host_os linker accepts -exported_symbol... " >&6; } +if test ${lt_cv_irix_exported_symbol+y} +then : + printf %s "(cached) " >&6 +else $as_nop save_LDFLAGS=$LDFLAGS LDFLAGS="$LDFLAGS -shared $wl-exported_symbol ${wl}foo $wl-update_registry $wl/dev/null" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int foo (void) { return 0; } _ACEOF -if ac_fn_c_try_link "$LINENO"; then : +if ac_fn_c_try_link "$LINENO" +then : lt_cv_irix_exported_symbol=yes -else +else $as_nop lt_cv_irix_exported_symbol=no fi -rm -f core conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LDFLAGS=$save_LDFLAGS fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_irix_exported_symbol" >&5 -$as_echo "$lt_cv_irix_exported_symbol" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_irix_exported_symbol" >&5 +printf "%s\n" "$lt_cv_irix_exported_symbol" >&6; } if test yes = "$lt_cv_irix_exported_symbol"; then archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname `test -n "$verstring" && func_echo_all "$wl-set_version $wl$verstring"` $wl-update_registry $wl$output_objdir/so_locations $wl-exports_file $wl$export_symbols -o $lib' fi @@ -11977,6 +13208,7 @@ $as_echo "$lt_cv_irix_exported_symbol" >&6; } # Fabrice Bellard et al's Tiny C Compiler ld_shlibs=yes archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' + hardcode_libdir_flag_spec='$wl-rpath $wl$libdir' ;; esac ;; @@ -12048,6 +13280,7 @@ $as_echo "$lt_cv_irix_exported_symbol" >&6; } emximp -o $lib $output_objdir/$libname.def' old_archive_From_new_cmds='emximp -o $output_objdir/${libname}_dll.a $output_objdir/$libname.def' enable_shared_with_static_runtimes=yes + file_list_spec='@' ;; osf3*) @@ -12236,8 +13469,8 @@ $as_echo "$lt_cv_irix_exported_symbol" >&6; } fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ld_shlibs" >&5 -$as_echo "$ld_shlibs" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ld_shlibs" >&5 +printf "%s\n" "$ld_shlibs" >&6; } test no = "$ld_shlibs" && can_build_shared=no with_gnu_ld=$with_gnu_ld @@ -12273,18 +13506,19 @@ x|xyes) # Test whether the compiler implicitly links with -lc since on some # systems, -lgcc has to come before -lc. If gcc already passes -lc # to ld, don't add -lc before -lgcc. - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether -lc should be explicitly linked in" >&5 -$as_echo_n "checking whether -lc should be explicitly linked in... " >&6; } -if ${lt_cv_archive_cmds_need_lc+:} false; then : - $as_echo_n "(cached) " >&6 -else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether -lc should be explicitly linked in" >&5 +printf %s "checking whether -lc should be explicitly linked in... " >&6; } +if test ${lt_cv_archive_cmds_need_lc+y} +then : + printf %s "(cached) " >&6 +else $as_nop $RM conftest* echo "$lt_simple_compile_test_code" > conftest.$ac_ext if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 (eval $ac_compile) 2>&5 ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } 2>conftest.err; then soname=conftest lib=conftest @@ -12302,7 +13536,7 @@ else if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$archive_cmds 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1\""; } >&5 (eval $archive_cmds 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1) 2>&5 ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } then lt_cv_archive_cmds_need_lc=no @@ -12316,8 +13550,8 @@ else $RM conftest* fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_archive_cmds_need_lc" >&5 -$as_echo "$lt_cv_archive_cmds_need_lc" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_archive_cmds_need_lc" >&5 +printf "%s\n" "$lt_cv_archive_cmds_need_lc" >&6; } archive_cmds_need_lc=$lt_cv_archive_cmds_need_lc ;; esac @@ -12476,8 +13710,8 @@ esac - { $as_echo "$as_me:${as_lineno-$LINENO}: checking dynamic linker characteristics" >&5 -$as_echo_n "checking dynamic linker characteristics... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking dynamic linker characteristics" >&5 +printf %s "checking dynamic linker characteristics... " >&6; } if test yes = "$GCC"; then case $host_os in @@ -12739,7 +13973,7 @@ cygwin* | mingw* | pw32* | cegcc*) case $host_os in cygwin*) # Cygwin DLLs use 'cyg' prefix rather than 'lib' - soname_spec='`echo $libname | sed -e 's/^lib/cyg/'``echo $release | $SED -e 's/[.]/-/g'`$versuffix$shared_ext' + soname_spec='`echo $libname | $SED -e 's/^lib/cyg/'``echo $release | $SED -e 's/[.]/-/g'`$versuffix$shared_ext' sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/lib/w32api" ;; @@ -12749,14 +13983,14 @@ cygwin* | mingw* | pw32* | cegcc*) ;; pw32*) # pw32 DLLs use 'pw' prefix rather than 'lib' - library_names_spec='`echo $libname | sed -e 's/^lib/pw/'``echo $release | $SED -e 's/[.]/-/g'`$versuffix$shared_ext' + library_names_spec='`echo $libname | $SED -e 's/^lib/pw/'``echo $release | $SED -e 's/[.]/-/g'`$versuffix$shared_ext' ;; esac dynamic_linker='Win32 ld.exe' ;; - *,cl*) - # Native MSVC + *,cl* | *,icl*) + # Native MSVC or ICC libname_spec='$name' soname_spec='$libname`echo $release | $SED -e 's/[.]/-/g'`$versuffix$shared_ext' library_names_spec='$libname.dll.lib' @@ -12775,7 +14009,7 @@ cygwin* | mingw* | pw32* | cegcc*) done IFS=$lt_save_ifs # Convert to MSYS style. - sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | sed -e 's|\\\\|/|g' -e 's| \\([a-zA-Z]\\):| /\\1|g' -e 's|^ ||'` + sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's|\\\\|/|g' -e 's| \\([a-zA-Z]\\):| /\\1|g' -e 's|^ ||'` ;; cygwin*) # Convert to unix form, then to dos form, then back to unix form @@ -12812,7 +14046,7 @@ cygwin* | mingw* | pw32* | cegcc*) ;; *) - # Assume MSVC wrapper + # Assume MSVC and ICC wrapper library_names_spec='$libname`echo $release | $SED -e 's/[.]/-/g'`$versuffix$shared_ext $libname.lib' dynamic_linker='Win32 ld.exe' ;; @@ -12845,7 +14079,7 @@ dgux*) shlibpath_var=LD_LIBRARY_PATH ;; -freebsd* | dragonfly*) +freebsd* | dragonfly* | midnightbsd*) # DragonFly does not have aout. When/if they implement a new # versioning mechanism, adjust this. if test -x /usr/bin/objformat; then @@ -13038,9 +14272,10 @@ linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) shlibpath_overrides_runpath=no # Some binutils ld are patched to set DT_RUNPATH - if ${lt_cv_shlibpath_overrides_runpath+:} false; then : - $as_echo_n "(cached) " >&6 -else + if test ${lt_cv_shlibpath_overrides_runpath+y} +then : + printf %s "(cached) " >&6 +else $as_nop lt_cv_shlibpath_overrides_runpath=no save_LDFLAGS=$LDFLAGS save_libdir=$libdir @@ -13050,19 +14285,21 @@ else /* end confdefs.h. */ int -main () +main (void) { ; return 0; } _ACEOF -if ac_fn_c_try_link "$LINENO"; then : - if ($OBJDUMP -p conftest$ac_exeext) 2>/dev/null | grep "RUNPATH.*$libdir" >/dev/null; then : +if ac_fn_c_try_link "$LINENO" +then : + if ($OBJDUMP -p conftest$ac_exeext) 2>/dev/null | grep "RUNPATH.*$libdir" >/dev/null +then : lt_cv_shlibpath_overrides_runpath=yes fi fi -rm -f core conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LDFLAGS=$save_LDFLAGS libdir=$save_libdir @@ -13306,8 +14543,8 @@ uts4*) dynamic_linker=no ;; esac -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $dynamic_linker" >&5 -$as_echo "$dynamic_linker" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $dynamic_linker" >&5 +printf "%s\n" "$dynamic_linker" >&6; } test no = "$dynamic_linker" && can_build_shared=no variables_saved_for_relink="PATH $shlibpath_var $runpath_var" @@ -13428,8 +14665,8 @@ configure_time_lt_sys_library_path=$LT_SYS_LIBRARY_PATH - { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to hardcode library paths into programs" >&5 -$as_echo_n "checking how to hardcode library paths into programs... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to hardcode library paths into programs" >&5 +printf %s "checking how to hardcode library paths into programs... " >&6; } hardcode_action= if test -n "$hardcode_libdir_flag_spec" || test -n "$runpath_var" || @@ -13453,8 +14690,8 @@ else # directories. hardcode_action=unsupported fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $hardcode_action" >&5 -$as_echo "$hardcode_action" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $hardcode_action" >&5 +printf "%s\n" "$hardcode_action" >&6; } if test relink = "$hardcode_action" || test yes = "$inherit_rpath"; then @@ -13498,11 +14735,12 @@ else darwin*) # if libdl is installed we need to link against it - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dlopen in -ldl" >&5 -$as_echo_n "checking for dlopen in -ldl... " >&6; } -if ${ac_cv_lib_dl_dlopen+:} false; then : - $as_echo_n "(cached) " >&6 -else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for dlopen in -ldl" >&5 +printf %s "checking for dlopen in -ldl... " >&6; } +if test ${ac_cv_lib_dl_dlopen+y} +then : + printf %s "(cached) " >&6 +else $as_nop ac_check_lib_save_LIBS=$LIBS LIBS="-ldl $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -13511,32 +14749,31 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif char dlopen (); int -main () +main (void) { return dlopen (); ; return 0; } _ACEOF -if ac_fn_c_try_link "$LINENO"; then : +if ac_fn_c_try_link "$LINENO" +then : ac_cv_lib_dl_dlopen=yes -else +else $as_nop ac_cv_lib_dl_dlopen=no fi -rm -f core conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dl_dlopen" >&5 -$as_echo "$ac_cv_lib_dl_dlopen" >&6; } -if test "x$ac_cv_lib_dl_dlopen" = xyes; then : +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dl_dlopen" >&5 +printf "%s\n" "$ac_cv_lib_dl_dlopen" >&6; } +if test "x$ac_cv_lib_dl_dlopen" = xyes +then : lt_cv_dlopen=dlopen lt_cv_dlopen_libs=-ldl -else +else $as_nop lt_cv_dlopen=dyld lt_cv_dlopen_libs= @@ -13556,14 +14793,16 @@ fi *) ac_fn_c_check_func "$LINENO" "shl_load" "ac_cv_func_shl_load" -if test "x$ac_cv_func_shl_load" = xyes; then : +if test "x$ac_cv_func_shl_load" = xyes +then : lt_cv_dlopen=shl_load -else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for shl_load in -ldld" >&5 -$as_echo_n "checking for shl_load in -ldld... " >&6; } -if ${ac_cv_lib_dld_shl_load+:} false; then : - $as_echo_n "(cached) " >&6 -else +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for shl_load in -ldld" >&5 +printf %s "checking for shl_load in -ldld... " >&6; } +if test ${ac_cv_lib_dld_shl_load+y} +then : + printf %s "(cached) " >&6 +else $as_nop ac_check_lib_save_LIBS=$LIBS LIBS="-ldld $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -13572,41 +14811,42 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif char shl_load (); int -main () +main (void) { return shl_load (); ; return 0; } _ACEOF -if ac_fn_c_try_link "$LINENO"; then : +if ac_fn_c_try_link "$LINENO" +then : ac_cv_lib_dld_shl_load=yes -else +else $as_nop ac_cv_lib_dld_shl_load=no fi -rm -f core conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dld_shl_load" >&5 -$as_echo "$ac_cv_lib_dld_shl_load" >&6; } -if test "x$ac_cv_lib_dld_shl_load" = xyes; then : +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dld_shl_load" >&5 +printf "%s\n" "$ac_cv_lib_dld_shl_load" >&6; } +if test "x$ac_cv_lib_dld_shl_load" = xyes +then : lt_cv_dlopen=shl_load lt_cv_dlopen_libs=-ldld -else +else $as_nop ac_fn_c_check_func "$LINENO" "dlopen" "ac_cv_func_dlopen" -if test "x$ac_cv_func_dlopen" = xyes; then : +if test "x$ac_cv_func_dlopen" = xyes +then : lt_cv_dlopen=dlopen -else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dlopen in -ldl" >&5 -$as_echo_n "checking for dlopen in -ldl... " >&6; } -if ${ac_cv_lib_dl_dlopen+:} false; then : - $as_echo_n "(cached) " >&6 -else +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for dlopen in -ldl" >&5 +printf %s "checking for dlopen in -ldl... " >&6; } +if test ${ac_cv_lib_dl_dlopen+y} +then : + printf %s "(cached) " >&6 +else $as_nop ac_check_lib_save_LIBS=$LIBS LIBS="-ldl $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -13615,37 +14855,37 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif char dlopen (); int -main () +main (void) { return dlopen (); ; return 0; } _ACEOF -if ac_fn_c_try_link "$LINENO"; then : +if ac_fn_c_try_link "$LINENO" +then : ac_cv_lib_dl_dlopen=yes -else +else $as_nop ac_cv_lib_dl_dlopen=no fi -rm -f core conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dl_dlopen" >&5 -$as_echo "$ac_cv_lib_dl_dlopen" >&6; } -if test "x$ac_cv_lib_dl_dlopen" = xyes; then : +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dl_dlopen" >&5 +printf "%s\n" "$ac_cv_lib_dl_dlopen" >&6; } +if test "x$ac_cv_lib_dl_dlopen" = xyes +then : lt_cv_dlopen=dlopen lt_cv_dlopen_libs=-ldl -else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dlopen in -lsvld" >&5 -$as_echo_n "checking for dlopen in -lsvld... " >&6; } -if ${ac_cv_lib_svld_dlopen+:} false; then : - $as_echo_n "(cached) " >&6 -else +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for dlopen in -lsvld" >&5 +printf %s "checking for dlopen in -lsvld... " >&6; } +if test ${ac_cv_lib_svld_dlopen+y} +then : + printf %s "(cached) " >&6 +else $as_nop ac_check_lib_save_LIBS=$LIBS LIBS="-lsvld $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -13654,37 +14894,37 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif char dlopen (); int -main () +main (void) { return dlopen (); ; return 0; } _ACEOF -if ac_fn_c_try_link "$LINENO"; then : +if ac_fn_c_try_link "$LINENO" +then : ac_cv_lib_svld_dlopen=yes -else +else $as_nop ac_cv_lib_svld_dlopen=no fi -rm -f core conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_svld_dlopen" >&5 -$as_echo "$ac_cv_lib_svld_dlopen" >&6; } -if test "x$ac_cv_lib_svld_dlopen" = xyes; then : +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_svld_dlopen" >&5 +printf "%s\n" "$ac_cv_lib_svld_dlopen" >&6; } +if test "x$ac_cv_lib_svld_dlopen" = xyes +then : lt_cv_dlopen=dlopen lt_cv_dlopen_libs=-lsvld -else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dld_link in -ldld" >&5 -$as_echo_n "checking for dld_link in -ldld... " >&6; } -if ${ac_cv_lib_dld_dld_link+:} false; then : - $as_echo_n "(cached) " >&6 -else +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for dld_link in -ldld" >&5 +printf %s "checking for dld_link in -ldld... " >&6; } +if test ${ac_cv_lib_dld_dld_link+y} +then : + printf %s "(cached) " >&6 +else $as_nop ac_check_lib_save_LIBS=$LIBS LIBS="-ldld $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -13693,30 +14933,29 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif char dld_link (); int -main () +main (void) { return dld_link (); ; return 0; } _ACEOF -if ac_fn_c_try_link "$LINENO"; then : +if ac_fn_c_try_link "$LINENO" +then : ac_cv_lib_dld_dld_link=yes -else +else $as_nop ac_cv_lib_dld_dld_link=no fi -rm -f core conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dld_dld_link" >&5 -$as_echo "$ac_cv_lib_dld_dld_link" >&6; } -if test "x$ac_cv_lib_dld_dld_link" = xyes; then : +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dld_dld_link" >&5 +printf "%s\n" "$ac_cv_lib_dld_dld_link" >&6; } +if test "x$ac_cv_lib_dld_dld_link" = xyes +then : lt_cv_dlopen=dld_link lt_cv_dlopen_libs=-ldld fi @@ -13755,11 +14994,12 @@ fi save_LIBS=$LIBS LIBS="$lt_cv_dlopen_libs $LIBS" - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether a program can dlopen itself" >&5 -$as_echo_n "checking whether a program can dlopen itself... " >&6; } -if ${lt_cv_dlopen_self+:} false; then : - $as_echo_n "(cached) " >&6 -else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether a program can dlopen itself" >&5 +printf %s "checking whether a program can dlopen itself... " >&6; } +if test ${lt_cv_dlopen_self+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test yes = "$cross_compiling"; then : lt_cv_dlopen_self=cross else @@ -13838,7 +15078,7 @@ _LT_EOF if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_link\""; } >&5 (eval $ac_link) 2>&5 ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } && test -s "conftest$ac_exeext" 2>/dev/null; then (./conftest; exit; ) >&5 2>/dev/null lt_status=$? @@ -13856,16 +15096,17 @@ rm -fr conftest* fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_dlopen_self" >&5 -$as_echo "$lt_cv_dlopen_self" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_dlopen_self" >&5 +printf "%s\n" "$lt_cv_dlopen_self" >&6; } if test yes = "$lt_cv_dlopen_self"; then wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $lt_prog_compiler_static\" - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether a statically linked program can dlopen itself" >&5 -$as_echo_n "checking whether a statically linked program can dlopen itself... " >&6; } -if ${lt_cv_dlopen_self_static+:} false; then : - $as_echo_n "(cached) " >&6 -else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether a statically linked program can dlopen itself" >&5 +printf %s "checking whether a statically linked program can dlopen itself... " >&6; } +if test ${lt_cv_dlopen_self_static+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test yes = "$cross_compiling"; then : lt_cv_dlopen_self_static=cross else @@ -13944,7 +15185,7 @@ _LT_EOF if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_link\""; } >&5 (eval $ac_link) 2>&5 ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } && test -s "conftest$ac_exeext" 2>/dev/null; then (./conftest; exit; ) >&5 2>/dev/null lt_status=$? @@ -13962,8 +15203,8 @@ rm -fr conftest* fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_dlopen_self_static" >&5 -$as_echo "$lt_cv_dlopen_self_static" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_dlopen_self_static" >&5 +printf "%s\n" "$lt_cv_dlopen_self_static" >&6; } fi CPPFLAGS=$save_CPPFLAGS @@ -14001,32 +15242,43 @@ fi striplib= old_striplib= -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether stripping libraries is possible" >&5 -$as_echo_n "checking whether stripping libraries is possible... " >&6; } -if test -n "$STRIP" && $STRIP -V 2>&1 | $GREP "GNU strip" >/dev/null; then - test -z "$old_striplib" && old_striplib="$STRIP --strip-debug" - test -z "$striplib" && striplib="$STRIP --strip-unneeded" - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether stripping libraries is possible" >&5 +printf %s "checking whether stripping libraries is possible... " >&6; } +if test -z "$STRIP"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } else -# FIXME - insert some real tests, host_os isn't really good enough - case $host_os in - darwin*) - if test -n "$STRIP"; then + if $STRIP -V 2>&1 | $GREP "GNU strip" >/dev/null; then + old_striplib="$STRIP --strip-debug" + striplib="$STRIP --strip-unneeded" + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + else + case $host_os in + darwin*) + # FIXME - insert some real tests, host_os isn't really good enough striplib="$STRIP -x" old_striplib="$STRIP -S" - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - fi - ;; - *) - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - ;; - esac + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + ;; + freebsd*) + if $STRIP -V 2>&1 | $GREP "elftoolchain" >/dev/null; then + old_striplib="$STRIP --strip-debug" + striplib="$STRIP --strip-unneeded" + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + ;; + *) + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + ;; + esac + fi fi @@ -14041,13 +15293,13 @@ fi # Report what library types will actually be built - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if libtool supports shared libraries" >&5 -$as_echo_n "checking if libtool supports shared libraries... " >&6; } - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $can_build_shared" >&5 -$as_echo "$can_build_shared" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if libtool supports shared libraries" >&5 +printf %s "checking if libtool supports shared libraries... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $can_build_shared" >&5 +printf "%s\n" "$can_build_shared" >&6; } - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to build shared libraries" >&5 -$as_echo_n "checking whether to build shared libraries... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether to build shared libraries" >&5 +printf %s "checking whether to build shared libraries... " >&6; } test no = "$can_build_shared" && enable_shared=no # On AIX, shared libraries and static libraries use the same namespace, and @@ -14071,15 +15323,15 @@ $as_echo_n "checking whether to build shared libraries... " >&6; } fi ;; esac - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $enable_shared" >&5 -$as_echo "$enable_shared" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $enable_shared" >&5 +printf "%s\n" "$enable_shared" >&6; } - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to build static libraries" >&5 -$as_echo_n "checking whether to build static libraries... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether to build static libraries" >&5 +printf %s "checking whether to build static libraries... " >&6; } # Make sure either enable_shared or enable_static is yes. test yes = "$enable_shared" || enable_static=yes - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $enable_static" >&5 -$as_echo "$enable_static" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $enable_static" >&5 +printf "%s\n" "$enable_static" >&6; } @@ -14101,36 +15353,32 @@ ac_cpp='$CXXCPP $CPPFLAGS' ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_cxx_compiler_gnu -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to run the C++ preprocessor" >&5 -$as_echo_n "checking how to run the C++ preprocessor... " >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to run the C++ preprocessor" >&5 +printf %s "checking how to run the C++ preprocessor... " >&6; } if test -z "$CXXCPP"; then - if ${ac_cv_prog_CXXCPP+:} false; then : - $as_echo_n "(cached) " >&6 -else - # Double quotes because CXXCPP needs to be expanded - for CXXCPP in "$CXX -E" "/lib/cpp" + if test ${ac_cv_prog_CXXCPP+y} +then : + printf %s "(cached) " >&6 +else $as_nop + # Double quotes because $CXX needs to be expanded + for CXXCPP in "$CXX -E" cpp /lib/cpp do ac_preproc_ok=false for ac_cxx_preproc_warn_flag in '' yes do # Use a header file that comes with gcc, so configuring glibc # with a fresh cross-compiler works. - # Prefer to if __STDC__ is defined, since - # exists even on freestanding compilers. # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. "Syntax error" is here to catch this case. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#ifdef __STDC__ -# include -#else -# include -#endif +#include Syntax error _ACEOF -if ac_fn_cxx_try_cpp "$LINENO"; then : +if ac_fn_cxx_try_cpp "$LINENO" +then : -else +else $as_nop # Broken: fails on valid input. continue fi @@ -14142,10 +15390,11 @@ rm -f conftest.err conftest.i conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF -if ac_fn_cxx_try_cpp "$LINENO"; then : +if ac_fn_cxx_try_cpp "$LINENO" +then : # Broken: success on invalid input. continue -else +else $as_nop # Passes both tests. ac_preproc_ok=: break @@ -14155,7 +15404,8 @@ rm -f conftest.err conftest.i conftest.$ac_ext done # Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. rm -f conftest.i conftest.err conftest.$ac_ext -if $ac_preproc_ok; then : +if $ac_preproc_ok +then : break fi @@ -14167,29 +15417,24 @@ fi else ac_cv_prog_CXXCPP=$CXXCPP fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $CXXCPP" >&5 -$as_echo "$CXXCPP" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CXXCPP" >&5 +printf "%s\n" "$CXXCPP" >&6; } ac_preproc_ok=false for ac_cxx_preproc_warn_flag in '' yes do # Use a header file that comes with gcc, so configuring glibc # with a fresh cross-compiler works. - # Prefer to if __STDC__ is defined, since - # exists even on freestanding compilers. # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. "Syntax error" is here to catch this case. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#ifdef __STDC__ -# include -#else -# include -#endif +#include Syntax error _ACEOF -if ac_fn_cxx_try_cpp "$LINENO"; then : +if ac_fn_cxx_try_cpp "$LINENO" +then : -else +else $as_nop # Broken: fails on valid input. continue fi @@ -14201,10 +15446,11 @@ rm -f conftest.err conftest.i conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF -if ac_fn_cxx_try_cpp "$LINENO"; then : +if ac_fn_cxx_try_cpp "$LINENO" +then : # Broken: success on invalid input. continue -else +else $as_nop # Passes both tests. ac_preproc_ok=: break @@ -14214,11 +15460,12 @@ rm -f conftest.err conftest.i conftest.$ac_ext done # Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. rm -f conftest.i conftest.err conftest.$ac_ext -if $ac_preproc_ok; then : +if $ac_preproc_ok +then : -else - { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +else $as_nop + { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "C++ preprocessor \"$CXXCPP\" fails sanity check See \`config.log' for more details" "$LINENO" 5; } fi @@ -14354,17 +15601,18 @@ cc_basename=$func_cc_basename_result # Check whether --with-gnu-ld was given. -if test "${with_gnu_ld+set}" = set; then : +if test ${with_gnu_ld+y} +then : withval=$with_gnu_ld; test no = "$withval" || with_gnu_ld=yes -else +else $as_nop with_gnu_ld=no fi ac_prog=ld if test yes = "$GCC"; then # Check if gcc -print-prog-name=ld gives a path. - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ld used by $CC" >&5 -$as_echo_n "checking for ld used by $CC... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ld used by $CC" >&5 +printf %s "checking for ld used by $CC... " >&6; } case $host in *-*-mingw*) # gcc leaves a trailing carriage return, which upsets mingw @@ -14393,15 +15641,16 @@ $as_echo_n "checking for ld used by $CC... " >&6; } ;; esac elif test yes = "$with_gnu_ld"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for GNU ld" >&5 -$as_echo_n "checking for GNU ld... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for GNU ld" >&5 +printf %s "checking for GNU ld... " >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for non-GNU ld" >&5 -$as_echo_n "checking for non-GNU ld... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for non-GNU ld" >&5 +printf %s "checking for non-GNU ld... " >&6; } fi -if ${lt_cv_path_LD+:} false; then : - $as_echo_n "(cached) " >&6 -else +if test ${lt_cv_path_LD+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -z "$LD"; then lt_save_ifs=$IFS; IFS=$PATH_SEPARATOR for ac_dir in $PATH; do @@ -14430,18 +15679,19 @@ fi LD=$lt_cv_path_LD if test -n "$LD"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LD" >&5 -$as_echo "$LD" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $LD" >&5 +printf "%s\n" "$LD" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi test -z "$LD" && as_fn_error $? "no acceptable ld found in \$PATH" "$LINENO" 5 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if the linker ($LD) is GNU ld" >&5 -$as_echo_n "checking if the linker ($LD) is GNU ld... " >&6; } -if ${lt_cv_prog_gnu_ld+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if the linker ($LD) is GNU ld" >&5 +printf %s "checking if the linker ($LD) is GNU ld... " >&6; } +if test ${lt_cv_prog_gnu_ld+y} +then : + printf %s "(cached) " >&6 +else $as_nop # I'd rather use --version here, but apparently some GNU lds only accept -v. case `$LD -v 2>&1 &1 &5 -$as_echo "$lt_cv_prog_gnu_ld" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_gnu_ld" >&5 +printf "%s\n" "$lt_cv_prog_gnu_ld" >&6; } with_gnu_ld=$lt_cv_prog_gnu_ld @@ -14507,8 +15757,8 @@ with_gnu_ld=$lt_cv_prog_gnu_ld fi # PORTME: fill in a description of your system's C++ link characteristics - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the $compiler linker ($LD) supports shared libraries" >&5 -$as_echo_n "checking whether the $compiler linker ($LD) supports shared libraries... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether the $compiler linker ($LD) supports shared libraries" >&5 +printf %s "checking whether the $compiler linker ($LD) supports shared libraries... " >&6; } ld_shlibs_CXX=yes case $host_os in aix3*) @@ -14646,21 +15896,23 @@ $as_echo_n "checking whether the $compiler linker ($LD) supports shared librarie if test set = "${lt_cv_aix_libpath+set}"; then aix_libpath=$lt_cv_aix_libpath else - if ${lt_cv_aix_libpath__CXX+:} false; then : - $as_echo_n "(cached) " >&6 -else + if test ${lt_cv_aix_libpath__CXX+y} +then : + printf %s "(cached) " >&6 +else $as_nop cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int -main () +main (void) { ; return 0; } _ACEOF -if ac_fn_cxx_try_link "$LINENO"; then : +if ac_fn_cxx_try_link "$LINENO" +then : lt_aix_libpath_sed=' /Import File Strings/,/^$/ { @@ -14675,7 +15927,7 @@ if ac_fn_cxx_try_link "$LINENO"; then : lt_cv_aix_libpath__CXX=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` fi fi -rm -f core conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext if test -z "$lt_cv_aix_libpath__CXX"; then lt_cv_aix_libpath__CXX=/usr/lib:/lib @@ -14700,21 +15952,23 @@ fi if test set = "${lt_cv_aix_libpath+set}"; then aix_libpath=$lt_cv_aix_libpath else - if ${lt_cv_aix_libpath__CXX+:} false; then : - $as_echo_n "(cached) " >&6 -else + if test ${lt_cv_aix_libpath__CXX+y} +then : + printf %s "(cached) " >&6 +else $as_nop cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int -main () +main (void) { ; return 0; } _ACEOF -if ac_fn_cxx_try_link "$LINENO"; then : +if ac_fn_cxx_try_link "$LINENO" +then : lt_aix_libpath_sed=' /Import File Strings/,/^$/ { @@ -14729,7 +15983,7 @@ if ac_fn_cxx_try_link "$LINENO"; then : lt_cv_aix_libpath__CXX=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` fi fi -rm -f core conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext if test -z "$lt_cv_aix_libpath__CXX"; then lt_cv_aix_libpath__CXX=/usr/lib:/lib @@ -14794,8 +16048,8 @@ fi cygwin* | mingw* | pw32* | cegcc*) case $GXX,$cc_basename in - ,cl* | no,cl*) - # Native MSVC + ,cl* | no,cl* | ,icl* | no,icl*) + # Native MSVC or ICC # hardcode_libdir_flag_spec is actually meaningless, as there is # no search path for DLLs. hardcode_libdir_flag_spec_CXX=' ' @@ -14886,11 +16140,11 @@ fi output_verbose_link_cmd=func_echo_all archive_cmds_CXX="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod$_lt_dsymutil" module_cmds_CXX="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags$_lt_dsymutil" - archive_expsym_cmds_CXX="sed 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod$_lt_dar_export_syms$_lt_dsymutil" - module_expsym_cmds_CXX="sed -e 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags$_lt_dar_export_syms$_lt_dsymutil" + archive_expsym_cmds_CXX="$SED 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod$_lt_dar_export_syms$_lt_dsymutil" + module_expsym_cmds_CXX="$SED -e 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags$_lt_dar_export_syms$_lt_dsymutil" if test yes != "$lt_cv_apple_cc_single_mod"; then archive_cmds_CXX="\$CC -r -keep_private_externs -nostdlib -o \$lib-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$lib-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring$_lt_dsymutil" - archive_expsym_cmds_CXX="sed 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC -r -keep_private_externs -nostdlib -o \$lib-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$lib-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring$_lt_dar_export_syms$_lt_dsymutil" + archive_expsym_cmds_CXX="$SED 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC -r -keep_private_externs -nostdlib -o \$lib-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$lib-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring$_lt_dar_export_syms$_lt_dsymutil" fi else @@ -14925,6 +16179,7 @@ fi emximp -o $lib $output_objdir/$libname.def' old_archive_From_new_cmds_CXX='emximp -o $output_objdir/${libname}_dll.a $output_objdir/$libname.def' enable_shared_with_static_runtimes_CXX=yes + file_list_spec_CXX='@' ;; dgux*) @@ -14955,7 +16210,7 @@ fi archive_cmds_need_lc_CXX=no ;; - freebsd* | dragonfly*) + freebsd* | dragonfly* | midnightbsd*) # FreeBSD 3 and later use GNU C++ and GNU ld with standard ELF # conventions ld_shlibs_CXX=yes @@ -15092,7 +16347,7 @@ fi # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link # time. Moving up from 0x10000000 also allows more sbrk(2) space. archive_cmds_CXX='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - archive_expsym_cmds_CXX='sed "s|^|_|" $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--retain-symbols-file,$output_objdir/$soname.expsym $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' + archive_expsym_cmds_CXX='$SED "s|^|_|" $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--retain-symbols-file,$output_objdir/$soname.expsym $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' ;; irix5* | irix6*) case $cc_basename in @@ -15232,13 +16487,13 @@ fi archive_cmds_CXX='$CC -qmkshrobj $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib' if test yes = "$supports_anon_versioning"; then archive_expsym_cmds_CXX='echo "{ global:" > $output_objdir/$libname.ver~ - cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ + cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ echo "local: *; };" >> $output_objdir/$libname.ver~ $CC -qmkshrobj $libobjs $deplibs $compiler_flags $wl-soname $wl$soname $wl-version-script $wl$output_objdir/$libname.ver -o $lib' fi ;; *) - case `$CC -V 2>&1 | sed 5q` in + case `$CC -V 2>&1 | $SED 5q` in *Sun\ C*) # Sun C++ 5.9 no_undefined_flag_CXX=' -zdefs' @@ -15580,8 +16835,8 @@ fi ;; esac - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ld_shlibs_CXX" >&5 -$as_echo "$ld_shlibs_CXX" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ld_shlibs_CXX" >&5 +printf "%s\n" "$ld_shlibs_CXX" >&6; } test no = "$ld_shlibs_CXX" && can_build_shared=no GCC_CXX=$GXX @@ -15619,7 +16874,7 @@ esac if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 (eval $ac_compile) 2>&5 ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then # Parse the compiler output and extract the necessary # objects, libraries and library flags. @@ -15895,7 +17150,7 @@ lt_prog_compiler_static_CXX= ;; esac ;; - freebsd* | dragonfly*) + freebsd* | dragonfly* | midnightbsd*) # FreeBSD uses GNU C++ ;; hpux9* | hpux10* | hpux11*) @@ -15978,7 +17233,7 @@ lt_prog_compiler_static_CXX= lt_prog_compiler_static_CXX='-qstaticlink' ;; *) - case `$CC -V 2>&1 | sed 5q` in + case `$CC -V 2>&1 | $SED 5q` in *Sun\ C*) # Sun C++ 5.9 lt_prog_compiler_pic_CXX='-KPIC' @@ -16100,26 +17355,28 @@ case $host_os in ;; esac -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $compiler option to produce PIC" >&5 -$as_echo_n "checking for $compiler option to produce PIC... " >&6; } -if ${lt_cv_prog_compiler_pic_CXX+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $compiler option to produce PIC" >&5 +printf %s "checking for $compiler option to produce PIC... " >&6; } +if test ${lt_cv_prog_compiler_pic_CXX+y} +then : + printf %s "(cached) " >&6 +else $as_nop lt_cv_prog_compiler_pic_CXX=$lt_prog_compiler_pic_CXX fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_pic_CXX" >&5 -$as_echo "$lt_cv_prog_compiler_pic_CXX" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_pic_CXX" >&5 +printf "%s\n" "$lt_cv_prog_compiler_pic_CXX" >&6; } lt_prog_compiler_pic_CXX=$lt_cv_prog_compiler_pic_CXX # # Check to make sure the PIC flag actually works. # if test -n "$lt_prog_compiler_pic_CXX"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler PIC flag $lt_prog_compiler_pic_CXX works" >&5 -$as_echo_n "checking if $compiler PIC flag $lt_prog_compiler_pic_CXX works... " >&6; } -if ${lt_cv_prog_compiler_pic_works_CXX+:} false; then : - $as_echo_n "(cached) " >&6 -else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $compiler PIC flag $lt_prog_compiler_pic_CXX works" >&5 +printf %s "checking if $compiler PIC flag $lt_prog_compiler_pic_CXX works... " >&6; } +if test ${lt_cv_prog_compiler_pic_works_CXX+y} +then : + printf %s "(cached) " >&6 +else $as_nop lt_cv_prog_compiler_pic_works_CXX=no ac_outfile=conftest.$ac_objext echo "$lt_simple_compile_test_code" > conftest.$ac_ext @@ -16150,8 +17407,8 @@ else $RM conftest* fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_pic_works_CXX" >&5 -$as_echo "$lt_cv_prog_compiler_pic_works_CXX" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_pic_works_CXX" >&5 +printf "%s\n" "$lt_cv_prog_compiler_pic_works_CXX" >&6; } if test yes = "$lt_cv_prog_compiler_pic_works_CXX"; then case $lt_prog_compiler_pic_CXX in @@ -16173,11 +17430,12 @@ fi # Check to make sure the static flag actually works. # wl=$lt_prog_compiler_wl_CXX eval lt_tmp_static_flag=\"$lt_prog_compiler_static_CXX\" -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler static flag $lt_tmp_static_flag works" >&5 -$as_echo_n "checking if $compiler static flag $lt_tmp_static_flag works... " >&6; } -if ${lt_cv_prog_compiler_static_works_CXX+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $compiler static flag $lt_tmp_static_flag works" >&5 +printf %s "checking if $compiler static flag $lt_tmp_static_flag works... " >&6; } +if test ${lt_cv_prog_compiler_static_works_CXX+y} +then : + printf %s "(cached) " >&6 +else $as_nop lt_cv_prog_compiler_static_works_CXX=no save_LDFLAGS=$LDFLAGS LDFLAGS="$LDFLAGS $lt_tmp_static_flag" @@ -16201,8 +17459,8 @@ else LDFLAGS=$save_LDFLAGS fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_static_works_CXX" >&5 -$as_echo "$lt_cv_prog_compiler_static_works_CXX" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_static_works_CXX" >&5 +printf "%s\n" "$lt_cv_prog_compiler_static_works_CXX" >&6; } if test yes = "$lt_cv_prog_compiler_static_works_CXX"; then : @@ -16213,11 +17471,12 @@ fi - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -c -o file.$ac_objext" >&5 -$as_echo_n "checking if $compiler supports -c -o file.$ac_objext... " >&6; } -if ${lt_cv_prog_compiler_c_o_CXX+:} false; then : - $as_echo_n "(cached) " >&6 -else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -c -o file.$ac_objext" >&5 +printf %s "checking if $compiler supports -c -o file.$ac_objext... " >&6; } +if test ${lt_cv_prog_compiler_c_o_CXX+y} +then : + printf %s "(cached) " >&6 +else $as_nop lt_cv_prog_compiler_c_o_CXX=no $RM -r conftest 2>/dev/null mkdir conftest @@ -16260,16 +17519,17 @@ else $RM conftest* fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_c_o_CXX" >&5 -$as_echo "$lt_cv_prog_compiler_c_o_CXX" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_c_o_CXX" >&5 +printf "%s\n" "$lt_cv_prog_compiler_c_o_CXX" >&6; } - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -c -o file.$ac_objext" >&5 -$as_echo_n "checking if $compiler supports -c -o file.$ac_objext... " >&6; } -if ${lt_cv_prog_compiler_c_o_CXX+:} false; then : - $as_echo_n "(cached) " >&6 -else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -c -o file.$ac_objext" >&5 +printf %s "checking if $compiler supports -c -o file.$ac_objext... " >&6; } +if test ${lt_cv_prog_compiler_c_o_CXX+y} +then : + printf %s "(cached) " >&6 +else $as_nop lt_cv_prog_compiler_c_o_CXX=no $RM -r conftest 2>/dev/null mkdir conftest @@ -16312,8 +17572,8 @@ else $RM conftest* fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_c_o_CXX" >&5 -$as_echo "$lt_cv_prog_compiler_c_o_CXX" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_c_o_CXX" >&5 +printf "%s\n" "$lt_cv_prog_compiler_c_o_CXX" >&6; } @@ -16321,19 +17581,19 @@ $as_echo "$lt_cv_prog_compiler_c_o_CXX" >&6; } hard_links=nottested if test no = "$lt_cv_prog_compiler_c_o_CXX" && test no != "$need_locks"; then # do not overwrite the value of need_locks provided by the user - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if we can lock with hard links" >&5 -$as_echo_n "checking if we can lock with hard links... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if we can lock with hard links" >&5 +printf %s "checking if we can lock with hard links... " >&6; } hard_links=yes $RM conftest* ln conftest.a conftest.b 2>/dev/null && hard_links=no touch conftest.a ln conftest.a conftest.b 2>&5 || hard_links=no ln conftest.a conftest.b 2>/dev/null && hard_links=no - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $hard_links" >&5 -$as_echo "$hard_links" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $hard_links" >&5 +printf "%s\n" "$hard_links" >&6; } if test no = "$hard_links"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: '$CC' does not support '-c -o', so 'make -j' may be unsafe" >&5 -$as_echo "$as_me: WARNING: '$CC' does not support '-c -o', so 'make -j' may be unsafe" >&2;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: '$CC' does not support '-c -o', so 'make -j' may be unsafe" >&5 +printf "%s\n" "$as_me: WARNING: '$CC' does not support '-c -o', so 'make -j' may be unsafe" >&2;} need_locks=warn fi else @@ -16342,8 +17602,8 @@ fi - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the $compiler linker ($LD) supports shared libraries" >&5 -$as_echo_n "checking whether the $compiler linker ($LD) supports shared libraries... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether the $compiler linker ($LD) supports shared libraries" >&5 +printf %s "checking whether the $compiler linker ($LD) supports shared libraries... " >&6; } export_symbols_cmds_CXX='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' exclude_expsyms_CXX='_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*' @@ -16360,7 +17620,7 @@ $as_echo_n "checking whether the $compiler linker ($LD) supports shared librarie if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then export_symbols_cmds_CXX='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && (substr(\$ 3,1,1) != ".")) { if (\$ 2 == "W") { print \$ 3 " weak" } else { print \$ 3 } } }'\'' | sort -u > $export_symbols' else - export_symbols_cmds_CXX='`func_echo_all $NM | $SED -e '\''s/B\([^B]*\)$/P\1/'\''` -PCpgl $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) && (substr(\$ 1,1,1) != ".")) { if ((\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) { print \$ 1 " weak" } else { print \$ 1 } } }'\'' | sort -u > $export_symbols' + export_symbols_cmds_CXX='`func_echo_all $NM | $SED -e '\''s/B\([^B]*\)$/P\1/'\''` -PCpgl $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "L") || (\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) && (substr(\$ 1,1,1) != ".")) { if ((\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) { print \$ 1 " weak" } else { print \$ 1 } } }'\'' | sort -u > $export_symbols' fi ;; pw32*) @@ -16368,7 +17628,7 @@ $as_echo_n "checking whether the $compiler linker ($LD) supports shared librarie ;; cygwin* | mingw* | cegcc*) case $cc_basename in - cl*) + cl* | icl*) exclude_expsyms_CXX='_NULL_IMPORT_DESCRIPTOR|_IMPORT_DESCRIPTOR_.*' ;; *) @@ -16385,8 +17645,8 @@ $as_echo_n "checking whether the $compiler linker ($LD) supports shared librarie ;; esac -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ld_shlibs_CXX" >&5 -$as_echo "$ld_shlibs_CXX" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ld_shlibs_CXX" >&5 +printf "%s\n" "$ld_shlibs_CXX" >&6; } test no = "$ld_shlibs_CXX" && can_build_shared=no with_gnu_ld_CXX=$with_gnu_ld @@ -16413,18 +17673,19 @@ x|xyes) # Test whether the compiler implicitly links with -lc since on some # systems, -lgcc has to come before -lc. If gcc already passes -lc # to ld, don't add -lc before -lgcc. - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether -lc should be explicitly linked in" >&5 -$as_echo_n "checking whether -lc should be explicitly linked in... " >&6; } -if ${lt_cv_archive_cmds_need_lc_CXX+:} false; then : - $as_echo_n "(cached) " >&6 -else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether -lc should be explicitly linked in" >&5 +printf %s "checking whether -lc should be explicitly linked in... " >&6; } +if test ${lt_cv_archive_cmds_need_lc_CXX+y} +then : + printf %s "(cached) " >&6 +else $as_nop $RM conftest* echo "$lt_simple_compile_test_code" > conftest.$ac_ext if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 (eval $ac_compile) 2>&5 ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } 2>conftest.err; then soname=conftest lib=conftest @@ -16442,7 +17703,7 @@ else if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$archive_cmds_CXX 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1\""; } >&5 (eval $archive_cmds_CXX 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1) 2>&5 ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } then lt_cv_archive_cmds_need_lc_CXX=no @@ -16456,8 +17717,8 @@ else $RM conftest* fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_archive_cmds_need_lc_CXX" >&5 -$as_echo "$lt_cv_archive_cmds_need_lc_CXX" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_archive_cmds_need_lc_CXX" >&5 +printf "%s\n" "$lt_cv_archive_cmds_need_lc_CXX" >&6; } archive_cmds_need_lc_CXX=$lt_cv_archive_cmds_need_lc_CXX ;; esac @@ -16526,8 +17787,8 @@ esac - { $as_echo "$as_me:${as_lineno-$LINENO}: checking dynamic linker characteristics" >&5 -$as_echo_n "checking dynamic linker characteristics... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking dynamic linker characteristics" >&5 +printf %s "checking dynamic linker characteristics... " >&6; } library_names_spec= libname_spec='lib$name' @@ -16718,7 +17979,7 @@ cygwin* | mingw* | pw32* | cegcc*) case $host_os in cygwin*) # Cygwin DLLs use 'cyg' prefix rather than 'lib' - soname_spec='`echo $libname | sed -e 's/^lib/cyg/'``echo $release | $SED -e 's/[.]/-/g'`$versuffix$shared_ext' + soname_spec='`echo $libname | $SED -e 's/^lib/cyg/'``echo $release | $SED -e 's/[.]/-/g'`$versuffix$shared_ext' ;; mingw* | cegcc*) @@ -16727,14 +17988,14 @@ cygwin* | mingw* | pw32* | cegcc*) ;; pw32*) # pw32 DLLs use 'pw' prefix rather than 'lib' - library_names_spec='`echo $libname | sed -e 's/^lib/pw/'``echo $release | $SED -e 's/[.]/-/g'`$versuffix$shared_ext' + library_names_spec='`echo $libname | $SED -e 's/^lib/pw/'``echo $release | $SED -e 's/[.]/-/g'`$versuffix$shared_ext' ;; esac dynamic_linker='Win32 ld.exe' ;; - *,cl*) - # Native MSVC + *,cl* | *,icl*) + # Native MSVC or ICC libname_spec='$name' soname_spec='$libname`echo $release | $SED -e 's/[.]/-/g'`$versuffix$shared_ext' library_names_spec='$libname.dll.lib' @@ -16753,7 +18014,7 @@ cygwin* | mingw* | pw32* | cegcc*) done IFS=$lt_save_ifs # Convert to MSYS style. - sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | sed -e 's|\\\\|/|g' -e 's| \\([a-zA-Z]\\):| /\\1|g' -e 's|^ ||'` + sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's|\\\\|/|g' -e 's| \\([a-zA-Z]\\):| /\\1|g' -e 's|^ ||'` ;; cygwin*) # Convert to unix form, then to dos form, then back to unix form @@ -16790,7 +18051,7 @@ cygwin* | mingw* | pw32* | cegcc*) ;; *) - # Assume MSVC wrapper + # Assume MSVC and ICC wrapper library_names_spec='$libname`echo $release | $SED -e 's/[.]/-/g'`$versuffix$shared_ext $libname.lib' dynamic_linker='Win32 ld.exe' ;; @@ -16822,7 +18083,7 @@ dgux*) shlibpath_var=LD_LIBRARY_PATH ;; -freebsd* | dragonfly*) +freebsd* | dragonfly* | midnightbsd*) # DragonFly does not have aout. When/if they implement a new # versioning mechanism, adjust this. if test -x /usr/bin/objformat; then @@ -17015,9 +18276,10 @@ linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) shlibpath_overrides_runpath=no # Some binutils ld are patched to set DT_RUNPATH - if ${lt_cv_shlibpath_overrides_runpath+:} false; then : - $as_echo_n "(cached) " >&6 -else + if test ${lt_cv_shlibpath_overrides_runpath+y} +then : + printf %s "(cached) " >&6 +else $as_nop lt_cv_shlibpath_overrides_runpath=no save_LDFLAGS=$LDFLAGS save_libdir=$libdir @@ -17027,19 +18289,21 @@ else /* end confdefs.h. */ int -main () +main (void) { ; return 0; } _ACEOF -if ac_fn_cxx_try_link "$LINENO"; then : - if ($OBJDUMP -p conftest$ac_exeext) 2>/dev/null | grep "RUNPATH.*$libdir" >/dev/null; then : +if ac_fn_cxx_try_link "$LINENO" +then : + if ($OBJDUMP -p conftest$ac_exeext) 2>/dev/null | grep "RUNPATH.*$libdir" >/dev/null +then : lt_cv_shlibpath_overrides_runpath=yes fi fi -rm -f core conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LDFLAGS=$save_LDFLAGS libdir=$save_libdir @@ -17283,8 +18547,8 @@ uts4*) dynamic_linker=no ;; esac -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $dynamic_linker" >&5 -$as_echo "$dynamic_linker" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $dynamic_linker" >&5 +printf "%s\n" "$dynamic_linker" >&6; } test no = "$dynamic_linker" && can_build_shared=no variables_saved_for_relink="PATH $shlibpath_var $runpath_var" @@ -17348,8 +18612,8 @@ configure_time_lt_sys_library_path=$LT_SYS_LIBRARY_PATH - { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to hardcode library paths into programs" >&5 -$as_echo_n "checking how to hardcode library paths into programs... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to hardcode library paths into programs" >&5 +printf %s "checking how to hardcode library paths into programs... " >&6; } hardcode_action_CXX= if test -n "$hardcode_libdir_flag_spec_CXX" || test -n "$runpath_var_CXX" || @@ -17373,8 +18637,8 @@ else # directories. hardcode_action_CXX=unsupported fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $hardcode_action_CXX" >&5 -$as_echo "$hardcode_action_CXX" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $hardcode_action_CXX" >&5 +printf "%s\n" "$hardcode_action_CXX" >&6; } if test relink = "$hardcode_action_CXX" || test yes = "$inherit_rpath_CXX"; then @@ -17434,11 +18698,13 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu # Only expand once: - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether byte ordering is bigendian" >&5 -$as_echo_n "checking whether byte ordering is bigendian... " >&6; } -if ${ac_cv_c_bigendian+:} false; then : - $as_echo_n "(cached) " >&6 -else + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether byte ordering is bigendian" >&5 +printf %s "checking whether byte ordering is bigendian... " >&6; } +if test ${ac_cv_c_bigendian+y} +then : + printf %s "(cached) " >&6 +else $as_nop ac_cv_c_bigendian=unknown # See if we're dealing with a universal compiler. cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -17449,7 +18715,8 @@ else typedef int dummy; _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : +if ac_fn_c_try_compile "$LINENO" +then : # Check for potential -arch flags. It is not universal unless # there are at least two -arch flags with different values. @@ -17473,7 +18740,7 @@ if ac_fn_c_try_compile "$LINENO"; then : fi done fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext if test $ac_cv_c_bigendian = unknown; then # See if sys/param.h defines the BYTE_ORDER macro. cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -17482,7 +18749,7 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext #include int -main () +main (void) { #if ! (defined BYTE_ORDER && defined BIG_ENDIAN \ && defined LITTLE_ENDIAN && BYTE_ORDER && BIG_ENDIAN \ @@ -17494,7 +18761,8 @@ main () return 0; } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : +if ac_fn_c_try_compile "$LINENO" +then : # It does; now see whether it defined to BIG_ENDIAN or not. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -17502,7 +18770,7 @@ if ac_fn_c_try_compile "$LINENO"; then : #include int -main () +main (void) { #if BYTE_ORDER != BIG_ENDIAN not big endian @@ -17512,14 +18780,15 @@ main () return 0; } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : +if ac_fn_c_try_compile "$LINENO" +then : ac_cv_c_bigendian=yes -else +else $as_nop ac_cv_c_bigendian=no fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext fi if test $ac_cv_c_bigendian = unknown; then # See if defines _LITTLE_ENDIAN or _BIG_ENDIAN (e.g., Solaris). @@ -17528,7 +18797,7 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext #include int -main () +main (void) { #if ! (defined _LITTLE_ENDIAN || defined _BIG_ENDIAN) bogus endian macros @@ -17538,14 +18807,15 @@ main () return 0; } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : +if ac_fn_c_try_compile "$LINENO" +then : # It does; now see whether it defined to _BIG_ENDIAN or not. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int -main () +main (void) { #ifndef _BIG_ENDIAN not big endian @@ -17555,31 +18825,33 @@ main () return 0; } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : +if ac_fn_c_try_compile "$LINENO" +then : ac_cv_c_bigendian=yes -else +else $as_nop ac_cv_c_bigendian=no fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext fi if test $ac_cv_c_bigendian = unknown; then # Compile a test program. - if test "$cross_compiling" = yes; then : + if test "$cross_compiling" = yes +then : # Try to guess by grepping values from an object file. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -short int ascii_mm[] = +unsigned short int ascii_mm[] = { 0x4249, 0x4765, 0x6E44, 0x6961, 0x6E53, 0x7953, 0 }; - short int ascii_ii[] = + unsigned short int ascii_ii[] = { 0x694C, 0x5454, 0x656C, 0x6E45, 0x6944, 0x6E61, 0 }; int use_ascii (int i) { return ascii_mm[i] + ascii_ii[i]; } - short int ebcdic_ii[] = + unsigned short int ebcdic_ii[] = { 0x89D3, 0xE3E3, 0x8593, 0x95C5, 0x89C4, 0x9581, 0 }; - short int ebcdic_mm[] = + unsigned short int ebcdic_mm[] = { 0xC2C9, 0xC785, 0x95C4, 0x8981, 0x95E2, 0xA8E2, 0 }; int use_ebcdic (int i) { return ebcdic_mm[i] + ebcdic_ii[i]; @@ -17587,14 +18859,15 @@ short int ascii_mm[] = extern int foo; int -main () +main (void) { return use_ascii (foo) == use_ebcdic (foo); ; return 0; } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : +if ac_fn_c_try_compile "$LINENO" +then : if grep BIGenDianSyS conftest.$ac_objext >/dev/null; then ac_cv_c_bigendian=yes fi @@ -17607,13 +18880,13 @@ if ac_fn_c_try_compile "$LINENO"; then : fi fi fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -else +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +else $as_nop cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $ac_includes_default int -main () +main (void) { /* Are we little or big endian? From Harbison&Steele. */ @@ -17629,9 +18902,10 @@ main () return 0; } _ACEOF -if ac_fn_c_try_run "$LINENO"; then : +if ac_fn_c_try_run "$LINENO" +then : ac_cv_c_bigendian=no -else +else $as_nop ac_cv_c_bigendian=yes fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ @@ -17640,17 +18914,17 @@ fi fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_bigendian" >&5 -$as_echo "$ac_cv_c_bigendian" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_bigendian" >&5 +printf "%s\n" "$ac_cv_c_bigendian" >&6; } case $ac_cv_c_bigendian in #( yes) - $as_echo "#define WORDS_BIGENDIAN 1" >>confdefs.h + printf "%s\n" "#define WORDS_BIGENDIAN 1" >>confdefs.h ;; #( no) ;; #( universal) -$as_echo "#define AC_APPLE_UNIVERSAL_BUILD 1" >>confdefs.h +printf "%s\n" "#define AC_APPLE_UNIVERSAL_BUILD 1" >>confdefs.h ;; #( *) @@ -17659,18 +18933,201 @@ $as_echo "#define AC_APPLE_UNIVERSAL_BUILD 1" >>confdefs.h esac +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}windres", so it can be a program name with args. +set dummy ${ac_tool_prefix}windres; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_RC+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if test -n "$RC"; then + ac_cv_prog_RC="$RC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_RC="${ac_tool_prefix}windres" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +RC=$ac_cv_prog_RC +if test -n "$RC"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $RC" >&5 +printf "%s\n" "$RC" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_RC"; then + ac_ct_RC=$RC + # Extract the first word of "windres", so it can be a program name with args. +set dummy windres; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_RC+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if test -n "$ac_ct_RC"; then + ac_cv_prog_ac_ct_RC="$ac_ct_RC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_RC="windres" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_RC=$ac_cv_prog_ac_ct_RC +if test -n "$ac_ct_RC"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_RC" >&5 +printf "%s\n" "$ac_ct_RC" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + if test "x$ac_ct_RC" = x; then + RC="" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + RC=$ac_ct_RC + fi +else + RC="$ac_cv_prog_RC" +fi + + + + +# Source file extension for RC test sources. +ac_ext=rc + +# Object file extension for compiled RC test sources. +objext=o +objext_RC=$objext + +# Code to be used in simple compile tests +lt_simple_compile_test_code='sample MENU { MENUITEM "&Soup", 100, CHECKED }' + +# Code to be used in simple link tests +lt_simple_link_test_code=$lt_simple_compile_test_code + +# ltmain only uses $CC for tagged configurations so make sure $CC is set. + + + + + + +# If no C compiler was specified, use CC. +LTCC=${LTCC-"$CC"} + +# If no C compiler flags were specified, use CFLAGS. +LTCFLAGS=${LTCFLAGS-"$CFLAGS"} + +# Allow CC to be a program name with arguments. +compiler=$CC + + +# save warnings/boilerplate of simple test code +ac_outfile=conftest.$ac_objext +echo "$lt_simple_compile_test_code" >conftest.$ac_ext +eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err +_lt_compiler_boilerplate=`cat conftest.err` +$RM conftest* + +ac_outfile=conftest.$ac_objext +echo "$lt_simple_link_test_code" >conftest.$ac_ext +eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err +_lt_linker_boilerplate=`cat conftest.err` +$RM -r conftest* + + +# Allow CC to be a program name with arguments. +lt_save_CC=$CC +lt_save_CFLAGS=$CFLAGS +lt_save_GCC=$GCC +GCC= +CC=${RC-"windres"} +CFLAGS= +compiler=$CC +compiler_RC=$CC +func_cc_basename $compiler +cc_basename=$func_cc_basename_result + +lt_cv_prog_compiler_c_o_RC=yes + +if test -n "$compiler"; then + : + + + +fi + +GCC=$lt_save_GCC +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + +CC=$lt_save_CC +CFLAGS=$lt_save_CFLAGS + + # Check whether --enable-largefile was given. -if test "${enable_largefile+set}" = set; then : +if test ${enable_largefile+y} +then : enableval=$enable_largefile; fi if test "$enable_largefile" != no; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for special C compiler options needed for large files" >&5 -$as_echo_n "checking for special C compiler options needed for large files... " >&6; } -if ${ac_cv_sys_largefile_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for special C compiler options needed for large files" >&5 +printf %s "checking for special C compiler options needed for large files... " >&6; } +if test ${ac_cv_sys_largefile_CC+y} +then : + printf %s "(cached) " >&6 +else $as_nop ac_cv_sys_largefile_CC=no if test "$GCC" != yes; then ac_save_CC=$CC @@ -17684,44 +19141,47 @@ else We can't simply define LARGE_OFF_T to be 9223372036854775807, since some C++ compilers masquerading as C compilers incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31)) +#define LARGE_OFF_T (((off_t) 1 << 31 << 31) - 1 + ((off_t) 1 << 31 << 31)) int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 && LARGE_OFF_T % 2147483647 == 1) ? 1 : -1]; int -main () +main (void) { ; return 0; } _ACEOF - if ac_fn_c_try_compile "$LINENO"; then : + if ac_fn_c_try_compile "$LINENO" +then : break fi -rm -f core conftest.err conftest.$ac_objext +rm -f core conftest.err conftest.$ac_objext conftest.beam CC="$CC -n32" - if ac_fn_c_try_compile "$LINENO"; then : + if ac_fn_c_try_compile "$LINENO" +then : ac_cv_sys_largefile_CC=' -n32'; break fi -rm -f core conftest.err conftest.$ac_objext +rm -f core conftest.err conftest.$ac_objext conftest.beam break done CC=$ac_save_CC rm -f conftest.$ac_ext fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_largefile_CC" >&5 -$as_echo "$ac_cv_sys_largefile_CC" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_largefile_CC" >&5 +printf "%s\n" "$ac_cv_sys_largefile_CC" >&6; } if test "$ac_cv_sys_largefile_CC" != no; then CC=$CC$ac_cv_sys_largefile_CC fi - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for _FILE_OFFSET_BITS value needed for large files" >&5 -$as_echo_n "checking for _FILE_OFFSET_BITS value needed for large files... " >&6; } -if ${ac_cv_sys_file_offset_bits+:} false; then : - $as_echo_n "(cached) " >&6 -else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for _FILE_OFFSET_BITS value needed for large files" >&5 +printf %s "checking for _FILE_OFFSET_BITS value needed for large files... " >&6; } +if test ${ac_cv_sys_file_offset_bits+y} +then : + printf %s "(cached) " >&6 +else $as_nop while :; do cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -17730,22 +19190,23 @@ else We can't simply define LARGE_OFF_T to be 9223372036854775807, since some C++ compilers masquerading as C compilers incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31)) +#define LARGE_OFF_T (((off_t) 1 << 31 << 31) - 1 + ((off_t) 1 << 31 << 31)) int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 && LARGE_OFF_T % 2147483647 == 1) ? 1 : -1]; int -main () +main (void) { ; return 0; } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : +if ac_fn_c_try_compile "$LINENO" +then : ac_cv_sys_file_offset_bits=no; break fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #define _FILE_OFFSET_BITS 64 @@ -17754,43 +19215,43 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext We can't simply define LARGE_OFF_T to be 9223372036854775807, since some C++ compilers masquerading as C compilers incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31)) +#define LARGE_OFF_T (((off_t) 1 << 31 << 31) - 1 + ((off_t) 1 << 31 << 31)) int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 && LARGE_OFF_T % 2147483647 == 1) ? 1 : -1]; int -main () +main (void) { ; return 0; } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : +if ac_fn_c_try_compile "$LINENO" +then : ac_cv_sys_file_offset_bits=64; break fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext ac_cv_sys_file_offset_bits=unknown break done fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_file_offset_bits" >&5 -$as_echo "$ac_cv_sys_file_offset_bits" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_file_offset_bits" >&5 +printf "%s\n" "$ac_cv_sys_file_offset_bits" >&6; } case $ac_cv_sys_file_offset_bits in #( no | unknown) ;; *) -cat >>confdefs.h <<_ACEOF -#define _FILE_OFFSET_BITS $ac_cv_sys_file_offset_bits -_ACEOF +printf "%s\n" "#define _FILE_OFFSET_BITS $ac_cv_sys_file_offset_bits" >>confdefs.h ;; esac rm -rf conftest* if test $ac_cv_sys_file_offset_bits = unknown; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for _LARGE_FILES value needed for large files" >&5 -$as_echo_n "checking for _LARGE_FILES value needed for large files... " >&6; } -if ${ac_cv_sys_large_files+:} false; then : - $as_echo_n "(cached) " >&6 -else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for _LARGE_FILES value needed for large files" >&5 +printf %s "checking for _LARGE_FILES value needed for large files... " >&6; } +if test ${ac_cv_sys_large_files+y} +then : + printf %s "(cached) " >&6 +else $as_nop while :; do cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -17799,22 +19260,23 @@ else We can't simply define LARGE_OFF_T to be 9223372036854775807, since some C++ compilers masquerading as C compilers incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31)) +#define LARGE_OFF_T (((off_t) 1 << 31 << 31) - 1 + ((off_t) 1 << 31 << 31)) int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 && LARGE_OFF_T % 2147483647 == 1) ? 1 : -1]; int -main () +main (void) { ; return 0; } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : +if ac_fn_c_try_compile "$LINENO" +then : ac_cv_sys_large_files=no; break fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #define _LARGE_FILES 1 @@ -17823,40 +19285,37 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext We can't simply define LARGE_OFF_T to be 9223372036854775807, since some C++ compilers masquerading as C compilers incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31)) +#define LARGE_OFF_T (((off_t) 1 << 31 << 31) - 1 + ((off_t) 1 << 31 << 31)) int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 && LARGE_OFF_T % 2147483647 == 1) ? 1 : -1]; int -main () +main (void) { ; return 0; } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : +if ac_fn_c_try_compile "$LINENO" +then : ac_cv_sys_large_files=1; break fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext ac_cv_sys_large_files=unknown break done fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_large_files" >&5 -$as_echo "$ac_cv_sys_large_files" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_large_files" >&5 +printf "%s\n" "$ac_cv_sys_large_files" >&6; } case $ac_cv_sys_large_files in #( no | unknown) ;; *) -cat >>confdefs.h <<_ACEOF -#define _LARGE_FILES $ac_cv_sys_large_files -_ACEOF +printf "%s\n" "#define _LARGE_FILES $ac_cv_sys_large_files" >>confdefs.h ;; esac rm -rf conftest* fi - - fi @@ -17864,7 +19323,6 @@ fi found_crypto=none found_crypto_str="" -support_clear_memory=no crypto_errors="" @@ -17873,17 +19331,19 @@ crypto_errors="" + # Check whether --with-crypto was given. -if test "${with_crypto+set}" = set; then : +if test ${with_crypto+y} +then : withval=$with_crypto; use_crypto=$withval -else +else $as_nop use_crypto=auto fi case "${use_crypto}" in - auto|openssl|libgcrypt|mbedtls|wincng) + auto|openssl|libgcrypt|mbedtls|wincng|wolfssl) if test "X$prefix" = "XNONE"; then acl_final_prefix="$ac_default_prefix" @@ -17902,9 +19362,10 @@ case "${use_crypto}" in # Check whether --with-gnu-ld was given. -if test "${with_gnu_ld+set}" = set; then : +if test ${with_gnu_ld+y} +then : withval=$with_gnu_ld; test "$withval" = no || with_gnu_ld=yes -else +else $as_nop with_gnu_ld=no fi @@ -17924,8 +19385,8 @@ fi ac_prog=ld if test "$GCC" = yes; then # Check if gcc -print-prog-name=ld gives a path. - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ld used by GCC" >&5 -$as_echo_n "checking for ld used by GCC... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ld used by GCC" >&5 +printf %s "checking for ld used by GCC... " >&6; } case $host in *-*-mingw*) # gcc leaves a trailing carriage return which upsets mingw @@ -17940,7 +19401,7 @@ $as_echo_n "checking for ld used by GCC... " >&6; } # Canonicalize the path of ld ac_prog=`echo $ac_prog| sed 's%\\\\%/%g'` while echo $ac_prog | grep "$re_direlt" > /dev/null 2>&1; do - ac_prog=`echo $ac_prog| sed "s%$re_direlt%/%"` + ac_prog=`echo $ac_prog| sed "s%$re_direlt%/%"` done test -z "$LD" && LD="$ac_prog" ;; @@ -17954,15 +19415,16 @@ $as_echo_n "checking for ld used by GCC... " >&6; } ;; esac elif test "$with_gnu_ld" = yes; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for GNU ld" >&5 -$as_echo_n "checking for GNU ld... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for GNU ld" >&5 +printf %s "checking for GNU ld... " >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for non-GNU ld" >&5 -$as_echo_n "checking for non-GNU ld... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for non-GNU ld" >&5 +printf %s "checking for non-GNU ld... " >&6; } fi -if ${acl_cv_path_LD+:} false; then : - $as_echo_n "(cached) " >&6 -else +if test ${acl_cv_path_LD+y} +then : + printf %s "(cached) " >&6 +else $as_nop if test -z "$LD"; then IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS="${IFS}${PATH_SEPARATOR-:}" for ac_dir in $PATH; do @@ -17974,9 +19436,9 @@ else # Break only if it was the GNU/non-GNU ld that we prefer. case `"$acl_cv_path_LD" -v 2>&1 < /dev/null` in *GNU* | *'with BFD'*) - test "$with_gnu_ld" != no && break ;; + test "$with_gnu_ld" != no && break ;; *) - test "$with_gnu_ld" != yes && break ;; + test "$with_gnu_ld" != yes && break ;; esac fi done @@ -17988,18 +19450,19 @@ fi LD="$acl_cv_path_LD" if test -n "$LD"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LD" >&5 -$as_echo "$LD" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $LD" >&5 +printf "%s\n" "$LD" >&6; } else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi test -z "$LD" && as_fn_error $? "no acceptable ld found in \$PATH" "$LINENO" 5 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if the linker ($LD) is GNU ld" >&5 -$as_echo_n "checking if the linker ($LD) is GNU ld... " >&6; } -if ${acl_cv_prog_gnu_ld+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if the linker ($LD) is GNU ld" >&5 +printf %s "checking if the linker ($LD) is GNU ld... " >&6; } +if test ${acl_cv_prog_gnu_ld+y} +then : + printf %s "(cached) " >&6 +else $as_nop # I'd rather use --version here, but apparently some GNU ld's only accept -v. case `$LD -v 2>&1 &1 &5 -$as_echo "$acl_cv_prog_gnu_ld" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $acl_cv_prog_gnu_ld" >&5 +printf "%s\n" "$acl_cv_prog_gnu_ld" >&6; } with_gnu_ld=$acl_cv_prog_gnu_ld - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for shared library run path origin" >&5 -$as_echo_n "checking for shared library run path origin... " >&6; } -if ${acl_cv_rpath+:} false; then : - $as_echo_n "(cached) " >&6 -else + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for shared library run path origin" >&5 +printf %s "checking for shared library run path origin... " >&6; } +if test ${acl_cv_rpath+y} +then : + printf %s "(cached) " >&6 +else $as_nop CC="$CC" GCC="$GCC" LDFLAGS="$LDFLAGS" LD="$LD" with_gnu_ld="$with_gnu_ld" \ ${CONFIG_SHELL-/bin/sh} "$ac_aux_dir/config.rpath" "$host" > conftest.sh @@ -18028,8 +19493,8 @@ else acl_cv_rpath=done fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $acl_cv_rpath" >&5 -$as_echo "$acl_cv_rpath" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $acl_cv_rpath" >&5 +printf "%s\n" "$acl_cv_rpath" >&6; } wl="$acl_cv_wl" acl_libext="$acl_cv_libext" acl_shlibext="$acl_cv_shlibext" @@ -18040,9 +19505,10 @@ $as_echo "$acl_cv_rpath" >&6; } acl_hardcode_direct="$acl_cv_hardcode_direct" acl_hardcode_minus_L="$acl_cv_hardcode_minus_L" # Check whether --enable-rpath was given. -if test "${enable_rpath+set}" = set; then : +if test ${enable_rpath+y} +then : enableval=$enable_rpath; : -else +else $as_nop enable_rpath=yes fi @@ -18103,7 +19569,8 @@ if test "$use_crypto" = "auto" && test "$found_crypto" = "none" || test "$use_cr # Check whether --with-libssl-prefix was given. -if test "${with_libssl_prefix+set}" = set; then : +if test ${with_libssl_prefix+y} +then : withval=$with_libssl_prefix; if test "X$withval" = "Xno"; then use_additional=no @@ -18545,11 +20012,12 @@ fi done - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for libssl" >&5 -$as_echo_n "checking for libssl... " >&6; } -if ${ac_cv_libssl+:} false; then : - $as_echo_n "(cached) " >&6 -else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libssl" >&5 +printf %s "checking for libssl... " >&6; } +if test ${ac_cv_libssl+y} +then : + printf %s "(cached) " >&6 +else $as_nop ac_save_LIBS="$LIBS" LIBS="$LIBS $LIBSSL" @@ -18557,34 +20025,35 @@ else /* end confdefs.h. */ #include int -main () +main (void) { ; return 0; } _ACEOF -if ac_fn_c_try_link "$LINENO"; then : +if ac_fn_c_try_link "$LINENO" +then : ac_cv_libssl=yes -else +else $as_nop ac_cv_libssl=no fi -rm -f core conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS="$ac_save_LIBS" fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libssl" >&5 -$as_echo "$ac_cv_libssl" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libssl" >&5 +printf "%s\n" "$ac_cv_libssl" >&6; } if test "$ac_cv_libssl" = yes; then HAVE_LIBSSL=yes -$as_echo "#define HAVE_LIBSSL 1" >>confdefs.h +printf "%s\n" "#define HAVE_LIBSSL 1" >>confdefs.h - { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to link with libssl" >&5 -$as_echo_n "checking how to link with libssl... " >&6; } - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LIBSSL" >&5 -$as_echo "$LIBSSL" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to link with libssl" >&5 +printf %s "checking how to link with libssl... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $LIBSSL" >&5 +printf "%s\n" "$LIBSSL" >&6; } else HAVE_LIBSSL=no CPPFLAGS="$ac_save_CPPFLAGS" @@ -18605,28 +20074,11 @@ $as_echo "$LIBSSL" >&6; } if test "$ac_cv_libssl" = "yes"; then : -$as_echo "#define LIBSSH2_OPENSSL 1" >>confdefs.h +printf "%s\n" "#define LIBSSH2_OPENSSL 1" >>confdefs.h LIBSREQUIRED="$LIBSREQUIRED${LIBSREQUIRED:+ }libssl libcrypto" - - # Not all OpenSSL have AES-CTR functions. - libssh2_save_LIBS="$LIBS" - LIBS="$LIBS $LIBSSL" - for ac_func in EVP_aes_128_ctr -do : - ac_fn_c_check_func "$LINENO" "EVP_aes_128_ctr" "ac_cv_func_EVP_aes_128_ctr" -if test "x$ac_cv_func_EVP_aes_128_ctr" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_EVP_AES_128_CTR 1 -_ACEOF - -fi -done - - LIBS="$libssh2_save_LIBS" - found_crypto="openssl" - found_crypto_str="OpenSSL (AES-CTR: ${ac_cv_func_EVP_aes_128_ctr:-N/A})" + found_crypto_str="OpenSSL" else CPPFLAGS="$libssh2_save_CPPFLAGS" @@ -18674,7 +20126,8 @@ if test "$use_crypto" = "auto" && test "$found_crypto" = "none" || test "$use_cr # Check whether --with-libgcrypt-prefix was given. -if test "${with_libgcrypt_prefix+set}" = set; then : +if test ${with_libgcrypt_prefix+y} +then : withval=$with_libgcrypt_prefix; if test "X$withval" = "Xno"; then use_additional=no @@ -19116,11 +20569,12 @@ fi done - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for libgcrypt" >&5 -$as_echo_n "checking for libgcrypt... " >&6; } -if ${ac_cv_libgcrypt+:} false; then : - $as_echo_n "(cached) " >&6 -else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libgcrypt" >&5 +printf %s "checking for libgcrypt... " >&6; } +if test ${ac_cv_libgcrypt+y} +then : + printf %s "(cached) " >&6 +else $as_nop ac_save_LIBS="$LIBS" LIBS="$LIBS $LIBGCRYPT" @@ -19128,34 +20582,35 @@ else /* end confdefs.h. */ #include int -main () +main (void) { ; return 0; } _ACEOF -if ac_fn_c_try_link "$LINENO"; then : +if ac_fn_c_try_link "$LINENO" +then : ac_cv_libgcrypt=yes -else +else $as_nop ac_cv_libgcrypt=no fi -rm -f core conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS="$ac_save_LIBS" fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libgcrypt" >&5 -$as_echo "$ac_cv_libgcrypt" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libgcrypt" >&5 +printf "%s\n" "$ac_cv_libgcrypt" >&6; } if test "$ac_cv_libgcrypt" = yes; then HAVE_LIBGCRYPT=yes -$as_echo "#define HAVE_LIBGCRYPT 1" >>confdefs.h +printf "%s\n" "#define HAVE_LIBGCRYPT 1" >>confdefs.h - { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to link with libgcrypt" >&5 -$as_echo_n "checking how to link with libgcrypt... " >&6; } - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LIBGCRYPT" >&5 -$as_echo "$LIBGCRYPT" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to link with libgcrypt" >&5 +printf %s "checking how to link with libgcrypt... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $LIBGCRYPT" >&5 +printf "%s\n" "$LIBGCRYPT" >&6; } else HAVE_LIBGCRYPT=no CPPFLAGS="$ac_save_CPPFLAGS" @@ -19176,7 +20631,7 @@ $as_echo "$LIBGCRYPT" >&6; } if test "$ac_cv_libgcrypt" = "yes"; then : -$as_echo "#define LIBSSH2_LIBGCRYPT 1" >>confdefs.h +printf "%s\n" "#define LIBSSH2_LIBGCRYPT 1" >>confdefs.h found_crypto="libgcrypt" @@ -19226,7 +20681,8 @@ if test "$use_crypto" = "auto" && test "$found_crypto" = "none" || test "$use_cr # Check whether --with-libmbedcrypto-prefix was given. -if test "${with_libmbedcrypto_prefix+set}" = set; then : +if test ${with_libmbedcrypto_prefix+y} +then : withval=$with_libmbedcrypto_prefix; if test "X$withval" = "Xno"; then use_additional=no @@ -19668,11 +21124,12 @@ fi done - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for libmbedcrypto" >&5 -$as_echo_n "checking for libmbedcrypto... " >&6; } -if ${ac_cv_libmbedcrypto+:} false; then : - $as_echo_n "(cached) " >&6 -else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libmbedcrypto" >&5 +printf %s "checking for libmbedcrypto... " >&6; } +if test ${ac_cv_libmbedcrypto+y} +then : + printf %s "(cached) " >&6 +else $as_nop ac_save_LIBS="$LIBS" LIBS="$LIBS $LIBMBEDCRYPTO" @@ -19680,34 +21137,35 @@ else /* end confdefs.h. */ #include int -main () +main (void) { ; return 0; } _ACEOF -if ac_fn_c_try_link "$LINENO"; then : +if ac_fn_c_try_link "$LINENO" +then : ac_cv_libmbedcrypto=yes -else +else $as_nop ac_cv_libmbedcrypto=no fi -rm -f core conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS="$ac_save_LIBS" fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libmbedcrypto" >&5 -$as_echo "$ac_cv_libmbedcrypto" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libmbedcrypto" >&5 +printf "%s\n" "$ac_cv_libmbedcrypto" >&6; } if test "$ac_cv_libmbedcrypto" = yes; then HAVE_LIBMBEDCRYPTO=yes -$as_echo "#define HAVE_LIBMBEDCRYPTO 1" >>confdefs.h +printf "%s\n" "#define HAVE_LIBMBEDCRYPTO 1" >>confdefs.h - { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to link with libmbedcrypto" >&5 -$as_echo_n "checking how to link with libmbedcrypto... " >&6; } - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LIBMBEDCRYPTO" >&5 -$as_echo "$LIBMBEDCRYPTO" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to link with libmbedcrypto" >&5 +printf %s "checking how to link with libmbedcrypto... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $LIBMBEDCRYPTO" >&5 +printf "%s\n" "$LIBMBEDCRYPTO" >&6; } else HAVE_LIBMBEDCRYPTO=no CPPFLAGS="$ac_save_CPPFLAGS" @@ -19728,11 +21186,10 @@ $as_echo "$LIBMBEDCRYPTO" >&6; } if test "$ac_cv_libmbedcrypto" = "yes"; then : -$as_echo "#define LIBSSH2_MBEDTLS 1" >>confdefs.h +printf "%s\n" "#define LIBSSH2_MBEDTLS 1" >>confdefs.h LIBS="$LIBS -lmbedcrypto" found_crypto="mbedtls" - support_clear_memory=yes else CPPFLAGS="$libssh2_save_CPPFLAGS" @@ -19748,575 +21205,9 @@ if test "$use_crypto" = "auto" && test "$found_crypto" = "none" || test "$use_cr # Look for Windows Cryptography API: Next Generation - for ac_header in ntdef.h ntstatus.h -do : - as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` -ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "#include -" -if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - ac_fn_c_check_decl "$LINENO" "SecureZeroMemory" "ac_cv_have_decl_SecureZeroMemory" "#include -" -if test "x$ac_cv_have_decl_SecureZeroMemory" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_SECUREZEROMEMORY $ac_have_decl -_ACEOF - - - - libssh2_save_CPPFLAGS="$CPPFLAGS" - libssh2_save_LDFLAGS="$LDFLAGS" - - if test "${with_libcrypt32_prefix+set}" = set; then - CPPFLAGS="$CPPFLAGS${CPPFLAGS:+ }-I${with_libcrypt32_prefix}/include" - LDFLAGS="$LDFLAGS${LDFLAGS:+ }-L${with_libcrypt32_prefix}/lib" - fi - - - - - - - - - - - - use_additional=yes - - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - - eval additional_includedir=\"$includedir\" - eval additional_libdir=\"$libdir\" - - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - - -# Check whether --with-libcrypt32-prefix was given. -if test "${with_libcrypt32_prefix+set}" = set; then : - withval=$with_libcrypt32_prefix; - if test "X$withval" = "Xno"; then - use_additional=no - else - if test "X$withval" = "X"; then - - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - - eval additional_includedir=\"$includedir\" - eval additional_libdir=\"$libdir\" - - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - - else - additional_includedir="$withval/include" - additional_libdir="$withval/$acl_libdirstem" - fi - fi - -fi - - LIBCRYPT32= - LTLIBCRYPT32= - INCCRYPT32= - LIBCRYPT32_PREFIX= - rpathdirs= - ltrpathdirs= - names_already_handled= - names_next_round='crypt32 ' - while test -n "$names_next_round"; do - names_this_round="$names_next_round" - names_next_round= - for name in $names_this_round; do - already_handled= - for n in $names_already_handled; do - if test "$n" = "$name"; then - already_handled=yes - break - fi - done - if test -z "$already_handled"; then - names_already_handled="$names_already_handled $name" - uppername=`echo "$name" | sed -e 'y|abcdefghijklmnopqrstuvwxyz./-|ABCDEFGHIJKLMNOPQRSTUVWXYZ___|'` - eval value=\"\$HAVE_LIB$uppername\" - if test -n "$value"; then - if test "$value" = yes; then - eval value=\"\$LIB$uppername\" - test -z "$value" || LIBCRYPT32="${LIBCRYPT32}${LIBCRYPT32:+ }$value" - eval value=\"\$LTLIB$uppername\" - test -z "$value" || LTLIBCRYPT32="${LTLIBCRYPT32}${LTLIBCRYPT32:+ }$value" - else - : - fi - else - found_dir= - found_la= - found_so= - found_a= - eval libname=\"$acl_libname_spec\" # typically: libname=lib$name - if test -n "$acl_shlibext"; then - shrext=".$acl_shlibext" # typically: shrext=.so - else - shrext= - fi - if test $use_additional = yes; then - dir="$additional_libdir" - if test -n "$acl_shlibext"; then - if test -f "$dir/$libname$shrext"; then - found_dir="$dir" - found_so="$dir/$libname$shrext" - else - if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then - ver=`(cd "$dir" && \ - for f in "$libname$shrext".*; do echo "$f"; done \ - | sed -e "s,^$libname$shrext\\\\.,," \ - | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ - | sed 1q ) 2>/dev/null` - if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then - found_dir="$dir" - found_so="$dir/$libname$shrext.$ver" - fi - else - eval library_names=\"$acl_library_names_spec\" - for f in $library_names; do - if test -f "$dir/$f"; then - found_dir="$dir" - found_so="$dir/$f" - break - fi - done - fi - fi - fi - if test "X$found_dir" = "X"; then - if test -f "$dir/$libname.$acl_libext"; then - found_dir="$dir" - found_a="$dir/$libname.$acl_libext" - fi - fi - if test "X$found_dir" != "X"; then - if test -f "$dir/$libname.la"; then - found_la="$dir/$libname.la" - fi - fi - fi - if test "X$found_dir" = "X"; then - for x in $LDFLAGS $LTLIBCRYPT32; do - - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - eval x=\"$x\" - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - - case "$x" in - -L*) - dir=`echo "X$x" | sed -e 's/^X-L//'` - if test -n "$acl_shlibext"; then - if test -f "$dir/$libname$shrext"; then - found_dir="$dir" - found_so="$dir/$libname$shrext" - else - if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then - ver=`(cd "$dir" && \ - for f in "$libname$shrext".*; do echo "$f"; done \ - | sed -e "s,^$libname$shrext\\\\.,," \ - | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ - | sed 1q ) 2>/dev/null` - if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then - found_dir="$dir" - found_so="$dir/$libname$shrext.$ver" - fi - else - eval library_names=\"$acl_library_names_spec\" - for f in $library_names; do - if test -f "$dir/$f"; then - found_dir="$dir" - found_so="$dir/$f" - break - fi - done - fi - fi - fi - if test "X$found_dir" = "X"; then - if test -f "$dir/$libname.$acl_libext"; then - found_dir="$dir" - found_a="$dir/$libname.$acl_libext" - fi - fi - if test "X$found_dir" != "X"; then - if test -f "$dir/$libname.la"; then - found_la="$dir/$libname.la" - fi - fi - ;; - esac - if test "X$found_dir" != "X"; then - break - fi - done - fi - if test "X$found_dir" != "X"; then - LTLIBCRYPT32="${LTLIBCRYPT32}${LTLIBCRYPT32:+ }-L$found_dir -l$name" - if test "X$found_so" != "X"; then - if test "$enable_rpath" = no || test "X$found_dir" = "X/usr/$acl_libdirstem"; then - LIBCRYPT32="${LIBCRYPT32}${LIBCRYPT32:+ }$found_so" - else - haveit= - for x in $ltrpathdirs; do - if test "X$x" = "X$found_dir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - ltrpathdirs="$ltrpathdirs $found_dir" - fi - if test "$acl_hardcode_direct" = yes; then - LIBCRYPT32="${LIBCRYPT32}${LIBCRYPT32:+ }$found_so" - else - if test -n "$acl_hardcode_libdir_flag_spec" && test "$acl_hardcode_minus_L" = no; then - LIBCRYPT32="${LIBCRYPT32}${LIBCRYPT32:+ }$found_so" - haveit= - for x in $rpathdirs; do - if test "X$x" = "X$found_dir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - rpathdirs="$rpathdirs $found_dir" - fi - else - haveit= - for x in $LDFLAGS $LIBCRYPT32; do - - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - eval x=\"$x\" - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - - if test "X$x" = "X-L$found_dir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - LIBCRYPT32="${LIBCRYPT32}${LIBCRYPT32:+ }-L$found_dir" - fi - if test "$acl_hardcode_minus_L" != no; then - LIBCRYPT32="${LIBCRYPT32}${LIBCRYPT32:+ }$found_so" - else - LIBCRYPT32="${LIBCRYPT32}${LIBCRYPT32:+ }-l$name" - fi - fi - fi - fi - else - if test "X$found_a" != "X"; then - LIBCRYPT32="${LIBCRYPT32}${LIBCRYPT32:+ }$found_a" - else - LIBCRYPT32="${LIBCRYPT32}${LIBCRYPT32:+ }-L$found_dir -l$name" - fi - fi - additional_includedir= - case "$found_dir" in - */$acl_libdirstem | */$acl_libdirstem/) - basedir=`echo "X$found_dir" | sed -e 's,^X,,' -e "s,/$acl_libdirstem/"'*$,,'` - LIBCRYPT32_PREFIX="$basedir" - additional_includedir="$basedir/include" - ;; - esac - if test "X$additional_includedir" != "X"; then - if test "X$additional_includedir" != "X/usr/include"; then - haveit= - if test "X$additional_includedir" = "X/usr/local/include"; then - if test -n "$GCC"; then - case $host_os in - linux* | gnu* | k*bsd*-gnu) haveit=yes;; - esac - fi - fi - if test -z "$haveit"; then - for x in $CPPFLAGS $INCCRYPT32; do - - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - eval x=\"$x\" - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - - if test "X$x" = "X-I$additional_includedir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - if test -d "$additional_includedir"; then - INCCRYPT32="${INCCRYPT32}${INCCRYPT32:+ }-I$additional_includedir" - fi - fi - fi - fi - fi - if test -n "$found_la"; then - save_libdir="$libdir" - case "$found_la" in - */* | *\\*) . "$found_la" ;; - *) . "./$found_la" ;; - esac - libdir="$save_libdir" - for dep in $dependency_libs; do - case "$dep" in - -L*) - additional_libdir=`echo "X$dep" | sed -e 's/^X-L//'` - if test "X$additional_libdir" != "X/usr/$acl_libdirstem"; then - haveit= - if test "X$additional_libdir" = "X/usr/local/$acl_libdirstem"; then - if test -n "$GCC"; then - case $host_os in - linux* | gnu* | k*bsd*-gnu) haveit=yes;; - esac - fi - fi - if test -z "$haveit"; then - haveit= - for x in $LDFLAGS $LIBCRYPT32; do - - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - eval x=\"$x\" - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - - if test "X$x" = "X-L$additional_libdir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - if test -d "$additional_libdir"; then - LIBCRYPT32="${LIBCRYPT32}${LIBCRYPT32:+ }-L$additional_libdir" - fi - fi - haveit= - for x in $LDFLAGS $LTLIBCRYPT32; do - - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - eval x=\"$x\" - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - - if test "X$x" = "X-L$additional_libdir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - if test -d "$additional_libdir"; then - LTLIBCRYPT32="${LTLIBCRYPT32}${LTLIBCRYPT32:+ }-L$additional_libdir" - fi - fi - fi - fi - ;; - -R*) - dir=`echo "X$dep" | sed -e 's/^X-R//'` - if test "$enable_rpath" != no; then - haveit= - for x in $rpathdirs; do - if test "X$x" = "X$dir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - rpathdirs="$rpathdirs $dir" - fi - haveit= - for x in $ltrpathdirs; do - if test "X$x" = "X$dir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - ltrpathdirs="$ltrpathdirs $dir" - fi - fi - ;; - -l*) - names_next_round="$names_next_round "`echo "X$dep" | sed -e 's/^X-l//'` - ;; - *.la) - names_next_round="$names_next_round "`echo "X$dep" | sed -e 's,^X.*/,,' -e 's,^lib,,' -e 's,\.la$,,'` - ;; - *) - LIBCRYPT32="${LIBCRYPT32}${LIBCRYPT32:+ }$dep" - LTLIBCRYPT32="${LTLIBCRYPT32}${LTLIBCRYPT32:+ }$dep" - ;; - esac - done - fi - else - LIBCRYPT32="${LIBCRYPT32}${LIBCRYPT32:+ }-l$name" - LTLIBCRYPT32="${LTLIBCRYPT32}${LTLIBCRYPT32:+ }-l$name" - fi - fi - fi - done - done - if test "X$rpathdirs" != "X"; then - if test -n "$acl_hardcode_libdir_separator"; then - alldirs= - for found_dir in $rpathdirs; do - alldirs="${alldirs}${alldirs:+$acl_hardcode_libdir_separator}$found_dir" - done - acl_save_libdir="$libdir" - libdir="$alldirs" - eval flag=\"$acl_hardcode_libdir_flag_spec\" - libdir="$acl_save_libdir" - LIBCRYPT32="${LIBCRYPT32}${LIBCRYPT32:+ }$flag" - else - for found_dir in $rpathdirs; do - acl_save_libdir="$libdir" - libdir="$found_dir" - eval flag=\"$acl_hardcode_libdir_flag_spec\" - libdir="$acl_save_libdir" - LIBCRYPT32="${LIBCRYPT32}${LIBCRYPT32:+ }$flag" - done - fi - fi - if test "X$ltrpathdirs" != "X"; then - for found_dir in $ltrpathdirs; do - LTLIBCRYPT32="${LTLIBCRYPT32}${LTLIBCRYPT32:+ }-R$found_dir" - done - fi - - - ac_save_CPPFLAGS="$CPPFLAGS" - - for element in $INCCRYPT32; do - haveit= - for x in $CPPFLAGS; do - - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - eval x=\"$x\" - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - - if test "X$x" = "X$element"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - CPPFLAGS="${CPPFLAGS}${CPPFLAGS:+ }$element" - fi - done - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for libcrypt32" >&5 -$as_echo_n "checking for libcrypt32... " >&6; } -if ${ac_cv_libcrypt32+:} false; then : - $as_echo_n "(cached) " >&6 -else - - ac_save_LIBS="$LIBS" - LIBS="$LIBS $LIBCRYPT32" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - #include - #include - -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_libcrypt32=yes -else - ac_cv_libcrypt32=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - LIBS="$ac_save_LIBS" - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libcrypt32" >&5 -$as_echo "$ac_cv_libcrypt32" >&6; } - if test "$ac_cv_libcrypt32" = yes; then - HAVE_LIBCRYPT32=yes - -$as_echo "#define HAVE_LIBCRYPT32 1" >>confdefs.h - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to link with libcrypt32" >&5 -$as_echo_n "checking how to link with libcrypt32... " >&6; } - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LIBCRYPT32" >&5 -$as_echo "$LIBCRYPT32" >&6; } - else - HAVE_LIBCRYPT32=no - CPPFLAGS="$ac_save_CPPFLAGS" - LIBCRYPT32= - LTLIBCRYPT32= - LIBCRYPT32_PREFIX= - fi - - - - - - - - - LDFLAGS="$libssh2_save_LDFLAGS" - - if test "$ac_cv_libcrypt32" = "yes"; then : - - else - CPPFLAGS="$libssh2_save_CPPFLAGS" - fi + LIBS="$LIBS -lcrypt32" + # Check necessary for old-MinGW libssh2_save_CPPFLAGS="$CPPFLAGS" libssh2_save_LDFLAGS="$LDFLAGS" @@ -20351,7 +21242,8 @@ $as_echo "$LIBCRYPT32" >&6; } # Check whether --with-libbcrypt-prefix was given. -if test "${with_libbcrypt_prefix+set}" = set; then : +if test ${with_libbcrypt_prefix+y} +then : withval=$with_libbcrypt_prefix; if test "X$withval" = "Xno"; then use_additional=no @@ -20793,11 +21685,12 @@ fi done - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for libbcrypt" >&5 -$as_echo_n "checking for libbcrypt... " >&6; } -if ${ac_cv_libbcrypt+:} false; then : - $as_echo_n "(cached) " >&6 -else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libbcrypt" >&5 +printf %s "checking for libbcrypt... " >&6; } +if test ${ac_cv_libbcrypt+y} +then : + printf %s "(cached) " >&6 +else $as_nop ac_save_LIBS="$LIBS" LIBS="$LIBS $LIBBCRYPT" @@ -20808,34 +21701,35 @@ else #include int -main () +main (void) { ; return 0; } _ACEOF -if ac_fn_c_try_link "$LINENO"; then : +if ac_fn_c_try_link "$LINENO" +then : ac_cv_libbcrypt=yes -else +else $as_nop ac_cv_libbcrypt=no fi -rm -f core conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS="$ac_save_LIBS" fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libbcrypt" >&5 -$as_echo "$ac_cv_libbcrypt" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libbcrypt" >&5 +printf "%s\n" "$ac_cv_libbcrypt" >&6; } if test "$ac_cv_libbcrypt" = yes; then HAVE_LIBBCRYPT=yes -$as_echo "#define HAVE_LIBBCRYPT 1" >>confdefs.h +printf "%s\n" "#define HAVE_LIBBCRYPT 1" >>confdefs.h - { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to link with libbcrypt" >&5 -$as_echo_n "checking how to link with libbcrypt... " >&6; } - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LIBBCRYPT" >&5 -$as_echo "$LIBBCRYPT" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to link with libbcrypt" >&5 +printf %s "checking how to link with libbcrypt... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $LIBBCRYPT" >&5 +printf "%s\n" "$LIBBCRYPT" >&6; } else HAVE_LIBBCRYPT=no CPPFLAGS="$ac_save_CPPFLAGS" @@ -20856,11 +21750,10 @@ $as_echo "$LIBBCRYPT" >&6; } if test "$ac_cv_libbcrypt" = "yes"; then : -$as_echo "#define LIBSSH2_WINCNG 1" >>confdefs.h +printf "%s\n" "#define LIBSSH2_WINCNG 1" >>confdefs.h found_crypto="wincng" found_crypto_str="Windows Cryptography API: Next Generation" - support_clear_memory="$ac_cv_have_decl_SecureZeroMemory" else CPPFLAGS="$libssh2_save_CPPFLAGS" @@ -20870,6 +21763,567 @@ $as_echo "#define LIBSSH2_WINCNG 1" >>confdefs.h test "$found_crypto" = "none" && crypto_errors="${crypto_errors}No wincng crypto library found! " +fi + +if test "$use_crypto" = "auto" && test "$found_crypto" = "none" || test "$use_crypto" = "wolfssl"; then + + if test "${with_libwolfssl_prefix+set}" = set; then + CPPFLAGS="$CPPFLAGS${CPPFLAGS:+ }-I${with_libwolfssl_prefix}/include/wolfssl" + else + as_fn_error $? "When using wolfSSL, must specify prefix with --with-libwolfssl-prefix in order to find OpenSSL compatibility headers." "$LINENO" 5 + fi + + libssh2_save_CPPFLAGS="$CPPFLAGS" + libssh2_save_LDFLAGS="$LDFLAGS" + + if test "${with_libwolfssl_prefix+set}" = set; then + CPPFLAGS="$CPPFLAGS${CPPFLAGS:+ }-I${with_libwolfssl_prefix}/include" + LDFLAGS="$LDFLAGS${LDFLAGS:+ }-L${with_libwolfssl_prefix}/lib" + fi + + + + + + + + + + + + use_additional=yes + + acl_save_prefix="$prefix" + prefix="$acl_final_prefix" + acl_save_exec_prefix="$exec_prefix" + exec_prefix="$acl_final_exec_prefix" + + eval additional_includedir=\"$includedir\" + eval additional_libdir=\"$libdir\" + + exec_prefix="$acl_save_exec_prefix" + prefix="$acl_save_prefix" + + +# Check whether --with-libwolfssl-prefix was given. +if test ${with_libwolfssl_prefix+y} +then : + withval=$with_libwolfssl_prefix; + if test "X$withval" = "Xno"; then + use_additional=no + else + if test "X$withval" = "X"; then + + acl_save_prefix="$prefix" + prefix="$acl_final_prefix" + acl_save_exec_prefix="$exec_prefix" + exec_prefix="$acl_final_exec_prefix" + + eval additional_includedir=\"$includedir\" + eval additional_libdir=\"$libdir\" + + exec_prefix="$acl_save_exec_prefix" + prefix="$acl_save_prefix" + + else + additional_includedir="$withval/include" + additional_libdir="$withval/$acl_libdirstem" + fi + fi + +fi + + LIBWOLFSSL= + LTLIBWOLFSSL= + INCWOLFSSL= + LIBWOLFSSL_PREFIX= + rpathdirs= + ltrpathdirs= + names_already_handled= + names_next_round='wolfssl ' + while test -n "$names_next_round"; do + names_this_round="$names_next_round" + names_next_round= + for name in $names_this_round; do + already_handled= + for n in $names_already_handled; do + if test "$n" = "$name"; then + already_handled=yes + break + fi + done + if test -z "$already_handled"; then + names_already_handled="$names_already_handled $name" + uppername=`echo "$name" | sed -e 'y|abcdefghijklmnopqrstuvwxyz./-|ABCDEFGHIJKLMNOPQRSTUVWXYZ___|'` + eval value=\"\$HAVE_LIB$uppername\" + if test -n "$value"; then + if test "$value" = yes; then + eval value=\"\$LIB$uppername\" + test -z "$value" || LIBWOLFSSL="${LIBWOLFSSL}${LIBWOLFSSL:+ }$value" + eval value=\"\$LTLIB$uppername\" + test -z "$value" || LTLIBWOLFSSL="${LTLIBWOLFSSL}${LTLIBWOLFSSL:+ }$value" + else + : + fi + else + found_dir= + found_la= + found_so= + found_a= + eval libname=\"$acl_libname_spec\" # typically: libname=lib$name + if test -n "$acl_shlibext"; then + shrext=".$acl_shlibext" # typically: shrext=.so + else + shrext= + fi + if test $use_additional = yes; then + dir="$additional_libdir" + if test -n "$acl_shlibext"; then + if test -f "$dir/$libname$shrext"; then + found_dir="$dir" + found_so="$dir/$libname$shrext" + else + if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then + ver=`(cd "$dir" && \ + for f in "$libname$shrext".*; do echo "$f"; done \ + | sed -e "s,^$libname$shrext\\\\.,," \ + | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ + | sed 1q ) 2>/dev/null` + if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then + found_dir="$dir" + found_so="$dir/$libname$shrext.$ver" + fi + else + eval library_names=\"$acl_library_names_spec\" + for f in $library_names; do + if test -f "$dir/$f"; then + found_dir="$dir" + found_so="$dir/$f" + break + fi + done + fi + fi + fi + if test "X$found_dir" = "X"; then + if test -f "$dir/$libname.$acl_libext"; then + found_dir="$dir" + found_a="$dir/$libname.$acl_libext" + fi + fi + if test "X$found_dir" != "X"; then + if test -f "$dir/$libname.la"; then + found_la="$dir/$libname.la" + fi + fi + fi + if test "X$found_dir" = "X"; then + for x in $LDFLAGS $LTLIBWOLFSSL; do + + acl_save_prefix="$prefix" + prefix="$acl_final_prefix" + acl_save_exec_prefix="$exec_prefix" + exec_prefix="$acl_final_exec_prefix" + eval x=\"$x\" + exec_prefix="$acl_save_exec_prefix" + prefix="$acl_save_prefix" + + case "$x" in + -L*) + dir=`echo "X$x" | sed -e 's/^X-L//'` + if test -n "$acl_shlibext"; then + if test -f "$dir/$libname$shrext"; then + found_dir="$dir" + found_so="$dir/$libname$shrext" + else + if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then + ver=`(cd "$dir" && \ + for f in "$libname$shrext".*; do echo "$f"; done \ + | sed -e "s,^$libname$shrext\\\\.,," \ + | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ + | sed 1q ) 2>/dev/null` + if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then + found_dir="$dir" + found_so="$dir/$libname$shrext.$ver" + fi + else + eval library_names=\"$acl_library_names_spec\" + for f in $library_names; do + if test -f "$dir/$f"; then + found_dir="$dir" + found_so="$dir/$f" + break + fi + done + fi + fi + fi + if test "X$found_dir" = "X"; then + if test -f "$dir/$libname.$acl_libext"; then + found_dir="$dir" + found_a="$dir/$libname.$acl_libext" + fi + fi + if test "X$found_dir" != "X"; then + if test -f "$dir/$libname.la"; then + found_la="$dir/$libname.la" + fi + fi + ;; + esac + if test "X$found_dir" != "X"; then + break + fi + done + fi + if test "X$found_dir" != "X"; then + LTLIBWOLFSSL="${LTLIBWOLFSSL}${LTLIBWOLFSSL:+ }-L$found_dir -l$name" + if test "X$found_so" != "X"; then + if test "$enable_rpath" = no || test "X$found_dir" = "X/usr/$acl_libdirstem"; then + LIBWOLFSSL="${LIBWOLFSSL}${LIBWOLFSSL:+ }$found_so" + else + haveit= + for x in $ltrpathdirs; do + if test "X$x" = "X$found_dir"; then + haveit=yes + break + fi + done + if test -z "$haveit"; then + ltrpathdirs="$ltrpathdirs $found_dir" + fi + if test "$acl_hardcode_direct" = yes; then + LIBWOLFSSL="${LIBWOLFSSL}${LIBWOLFSSL:+ }$found_so" + else + if test -n "$acl_hardcode_libdir_flag_spec" && test "$acl_hardcode_minus_L" = no; then + LIBWOLFSSL="${LIBWOLFSSL}${LIBWOLFSSL:+ }$found_so" + haveit= + for x in $rpathdirs; do + if test "X$x" = "X$found_dir"; then + haveit=yes + break + fi + done + if test -z "$haveit"; then + rpathdirs="$rpathdirs $found_dir" + fi + else + haveit= + for x in $LDFLAGS $LIBWOLFSSL; do + + acl_save_prefix="$prefix" + prefix="$acl_final_prefix" + acl_save_exec_prefix="$exec_prefix" + exec_prefix="$acl_final_exec_prefix" + eval x=\"$x\" + exec_prefix="$acl_save_exec_prefix" + prefix="$acl_save_prefix" + + if test "X$x" = "X-L$found_dir"; then + haveit=yes + break + fi + done + if test -z "$haveit"; then + LIBWOLFSSL="${LIBWOLFSSL}${LIBWOLFSSL:+ }-L$found_dir" + fi + if test "$acl_hardcode_minus_L" != no; then + LIBWOLFSSL="${LIBWOLFSSL}${LIBWOLFSSL:+ }$found_so" + else + LIBWOLFSSL="${LIBWOLFSSL}${LIBWOLFSSL:+ }-l$name" + fi + fi + fi + fi + else + if test "X$found_a" != "X"; then + LIBWOLFSSL="${LIBWOLFSSL}${LIBWOLFSSL:+ }$found_a" + else + LIBWOLFSSL="${LIBWOLFSSL}${LIBWOLFSSL:+ }-L$found_dir -l$name" + fi + fi + additional_includedir= + case "$found_dir" in + */$acl_libdirstem | */$acl_libdirstem/) + basedir=`echo "X$found_dir" | sed -e 's,^X,,' -e "s,/$acl_libdirstem/"'*$,,'` + LIBWOLFSSL_PREFIX="$basedir" + additional_includedir="$basedir/include" + ;; + esac + if test "X$additional_includedir" != "X"; then + if test "X$additional_includedir" != "X/usr/include"; then + haveit= + if test "X$additional_includedir" = "X/usr/local/include"; then + if test -n "$GCC"; then + case $host_os in + linux* | gnu* | k*bsd*-gnu) haveit=yes;; + esac + fi + fi + if test -z "$haveit"; then + for x in $CPPFLAGS $INCWOLFSSL; do + + acl_save_prefix="$prefix" + prefix="$acl_final_prefix" + acl_save_exec_prefix="$exec_prefix" + exec_prefix="$acl_final_exec_prefix" + eval x=\"$x\" + exec_prefix="$acl_save_exec_prefix" + prefix="$acl_save_prefix" + + if test "X$x" = "X-I$additional_includedir"; then + haveit=yes + break + fi + done + if test -z "$haveit"; then + if test -d "$additional_includedir"; then + INCWOLFSSL="${INCWOLFSSL}${INCWOLFSSL:+ }-I$additional_includedir" + fi + fi + fi + fi + fi + if test -n "$found_la"; then + save_libdir="$libdir" + case "$found_la" in + */* | *\\*) . "$found_la" ;; + *) . "./$found_la" ;; + esac + libdir="$save_libdir" + for dep in $dependency_libs; do + case "$dep" in + -L*) + additional_libdir=`echo "X$dep" | sed -e 's/^X-L//'` + if test "X$additional_libdir" != "X/usr/$acl_libdirstem"; then + haveit= + if test "X$additional_libdir" = "X/usr/local/$acl_libdirstem"; then + if test -n "$GCC"; then + case $host_os in + linux* | gnu* | k*bsd*-gnu) haveit=yes;; + esac + fi + fi + if test -z "$haveit"; then + haveit= + for x in $LDFLAGS $LIBWOLFSSL; do + + acl_save_prefix="$prefix" + prefix="$acl_final_prefix" + acl_save_exec_prefix="$exec_prefix" + exec_prefix="$acl_final_exec_prefix" + eval x=\"$x\" + exec_prefix="$acl_save_exec_prefix" + prefix="$acl_save_prefix" + + if test "X$x" = "X-L$additional_libdir"; then + haveit=yes + break + fi + done + if test -z "$haveit"; then + if test -d "$additional_libdir"; then + LIBWOLFSSL="${LIBWOLFSSL}${LIBWOLFSSL:+ }-L$additional_libdir" + fi + fi + haveit= + for x in $LDFLAGS $LTLIBWOLFSSL; do + + acl_save_prefix="$prefix" + prefix="$acl_final_prefix" + acl_save_exec_prefix="$exec_prefix" + exec_prefix="$acl_final_exec_prefix" + eval x=\"$x\" + exec_prefix="$acl_save_exec_prefix" + prefix="$acl_save_prefix" + + if test "X$x" = "X-L$additional_libdir"; then + haveit=yes + break + fi + done + if test -z "$haveit"; then + if test -d "$additional_libdir"; then + LTLIBWOLFSSL="${LTLIBWOLFSSL}${LTLIBWOLFSSL:+ }-L$additional_libdir" + fi + fi + fi + fi + ;; + -R*) + dir=`echo "X$dep" | sed -e 's/^X-R//'` + if test "$enable_rpath" != no; then + haveit= + for x in $rpathdirs; do + if test "X$x" = "X$dir"; then + haveit=yes + break + fi + done + if test -z "$haveit"; then + rpathdirs="$rpathdirs $dir" + fi + haveit= + for x in $ltrpathdirs; do + if test "X$x" = "X$dir"; then + haveit=yes + break + fi + done + if test -z "$haveit"; then + ltrpathdirs="$ltrpathdirs $dir" + fi + fi + ;; + -l*) + names_next_round="$names_next_round "`echo "X$dep" | sed -e 's/^X-l//'` + ;; + *.la) + names_next_round="$names_next_round "`echo "X$dep" | sed -e 's,^X.*/,,' -e 's,^lib,,' -e 's,\.la$,,'` + ;; + *) + LIBWOLFSSL="${LIBWOLFSSL}${LIBWOLFSSL:+ }$dep" + LTLIBWOLFSSL="${LTLIBWOLFSSL}${LTLIBWOLFSSL:+ }$dep" + ;; + esac + done + fi + else + LIBWOLFSSL="${LIBWOLFSSL}${LIBWOLFSSL:+ }-l$name" + LTLIBWOLFSSL="${LTLIBWOLFSSL}${LTLIBWOLFSSL:+ }-l$name" + fi + fi + fi + done + done + if test "X$rpathdirs" != "X"; then + if test -n "$acl_hardcode_libdir_separator"; then + alldirs= + for found_dir in $rpathdirs; do + alldirs="${alldirs}${alldirs:+$acl_hardcode_libdir_separator}$found_dir" + done + acl_save_libdir="$libdir" + libdir="$alldirs" + eval flag=\"$acl_hardcode_libdir_flag_spec\" + libdir="$acl_save_libdir" + LIBWOLFSSL="${LIBWOLFSSL}${LIBWOLFSSL:+ }$flag" + else + for found_dir in $rpathdirs; do + acl_save_libdir="$libdir" + libdir="$found_dir" + eval flag=\"$acl_hardcode_libdir_flag_spec\" + libdir="$acl_save_libdir" + LIBWOLFSSL="${LIBWOLFSSL}${LIBWOLFSSL:+ }$flag" + done + fi + fi + if test "X$ltrpathdirs" != "X"; then + for found_dir in $ltrpathdirs; do + LTLIBWOLFSSL="${LTLIBWOLFSSL}${LTLIBWOLFSSL:+ }-R$found_dir" + done + fi + + + ac_save_CPPFLAGS="$CPPFLAGS" + + for element in $INCWOLFSSL; do + haveit= + for x in $CPPFLAGS; do + + acl_save_prefix="$prefix" + prefix="$acl_final_prefix" + acl_save_exec_prefix="$exec_prefix" + exec_prefix="$acl_final_exec_prefix" + eval x=\"$x\" + exec_prefix="$acl_save_exec_prefix" + prefix="$acl_save_prefix" + + if test "X$x" = "X$element"; then + haveit=yes + break + fi + done + if test -z "$haveit"; then + CPPFLAGS="${CPPFLAGS}${CPPFLAGS:+ }$element" + fi + done + + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libwolfssl" >&5 +printf %s "checking for libwolfssl... " >&6; } +if test ${ac_cv_libwolfssl+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + ac_save_LIBS="$LIBS" + LIBS="$LIBS $LIBWOLFSSL" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main (void) +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_libwolfssl=yes +else $as_nop + ac_cv_libwolfssl=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + LIBS="$ac_save_LIBS" + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libwolfssl" >&5 +printf "%s\n" "$ac_cv_libwolfssl" >&6; } + if test "$ac_cv_libwolfssl" = yes; then + HAVE_LIBWOLFSSL=yes + +printf "%s\n" "#define HAVE_LIBWOLFSSL 1" >>confdefs.h + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to link with libwolfssl" >&5 +printf %s "checking how to link with libwolfssl... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $LIBWOLFSSL" >&5 +printf "%s\n" "$LIBWOLFSSL" >&6; } + else + HAVE_LIBWOLFSSL=no + CPPFLAGS="$ac_save_CPPFLAGS" + LIBWOLFSSL= + LTLIBWOLFSSL= + LIBWOLFSSL_PREFIX= + fi + + + + + + + + + LDFLAGS="$libssh2_save_LDFLAGS" + + if test "$ac_cv_libwolfssl" = "yes"; then : + + +printf "%s\n" "#define LIBSSH2_WOLFSSL 1" >>confdefs.h + + LIBSREQUIRED="$LIBSREQUIRED${LIBSREQUIRED:+ }libwolfssl" + found_crypto="wolfssl" + + else + CPPFLAGS="$libssh2_save_CPPFLAGS" + fi + + + test "$found_crypto" = "none" && + crypto_errors="${crypto_errors}No wolfssl crypto library found! +" fi ;; @@ -20883,56 +22337,23 @@ esac if test "$found_crypto" = "none"; then crypto_errors="${crypto_errors} -Specify --with-crypto=\$backend and/or the neccessary library search prefix. +Specify --with-crypto=\$backend and/or the necessary library search prefix. -Known crypto backends: auto, openssl, libgcrypt, mbedtls, wincng" - { $as_echo "$as_me:${as_lineno-$LINENO}: ERROR: ${crypto_errors}" >&5 -$as_echo "$as_me: ERROR: ${crypto_errors}" >&6;} +Known crypto backends: auto, openssl, libgcrypt, mbedtls, wincng, wolfssl" + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: ERROR: ${crypto_errors}" >&5 +printf "%s\n" "$as_me: ERROR: ${crypto_errors}" >&6;} else test "$found_crypto_str" = "" && found_crypto_str="$found_crypto" fi - if test "$found_crypto" = "openssl"; then - OPENSSL_TRUE= - OPENSSL_FALSE='#' -else - OPENSSL_TRUE='#' - OPENSSL_FALSE= -fi - - if test "$found_crypto" = "libgcrypt"; then - LIBGCRYPT_TRUE= - LIBGCRYPT_FALSE='#' -else - LIBGCRYPT_TRUE='#' - LIBGCRYPT_FALSE= -fi - - if test "$found_crypto" = "mbedtls"; then - MBEDTLS_TRUE= - MBEDTLS_FALSE='#' -else - MBEDTLS_TRUE='#' - MBEDTLS_FALSE= -fi - - if test "$found_crypto" = "wincng"; then - WINCNG_TRUE= - WINCNG_FALSE='#' -else - WINCNG_TRUE='#' - WINCNG_FALSE= -fi - - - # libz # Check whether --with-libz was given. -if test "${with_libz+set}" = set; then : +if test ${with_libz+y} +then : withval=$with_libz; use_libz=$withval -else +else $as_nop use_libz=auto fi @@ -20966,7 +22387,8 @@ if test "$use_libz" != no; then # Check whether --with-libz-prefix was given. -if test "${with_libz_prefix+set}" = set; then : +if test ${with_libz_prefix+y} +then : withval=$with_libz_prefix; if test "X$withval" = "Xno"; then use_additional=no @@ -21408,11 +22830,12 @@ fi done - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for libz" >&5 -$as_echo_n "checking for libz... " >&6; } -if ${ac_cv_libz+:} false; then : - $as_echo_n "(cached) " >&6 -else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libz" >&5 +printf %s "checking for libz... " >&6; } +if test ${ac_cv_libz+y} +then : + printf %s "(cached) " >&6 +else $as_nop ac_save_LIBS="$LIBS" LIBS="$LIBS $LIBZ" @@ -21420,34 +22843,35 @@ else /* end confdefs.h. */ #include int -main () +main (void) { ; return 0; } _ACEOF -if ac_fn_c_try_link "$LINENO"; then : +if ac_fn_c_try_link "$LINENO" +then : ac_cv_libz=yes -else +else $as_nop ac_cv_libz=no fi -rm -f core conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS="$ac_save_LIBS" fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libz" >&5 -$as_echo "$ac_cv_libz" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libz" >&5 +printf "%s\n" "$ac_cv_libz" >&6; } if test "$ac_cv_libz" = yes; then HAVE_LIBZ=yes -$as_echo "#define HAVE_LIBZ 1" >>confdefs.h +printf "%s\n" "#define HAVE_LIBZ 1" >>confdefs.h - { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to link with libz" >&5 -$as_echo_n "checking how to link with libz... " >&6; } - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LIBZ" >&5 -$as_echo "$LIBZ" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to link with libz" >&5 +printf %s "checking how to link with libz... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $LIBZ" >&5 +printf "%s\n" "$LIBZ" >&6; } else HAVE_LIBZ=no CPPFLAGS="$ac_save_CPPFLAGS" @@ -21464,18 +22888,18 @@ $as_echo "$LIBZ" >&6; } if test "$ac_cv_libz" != yes; then if test "$use_libz" = auto; then - { $as_echo "$as_me:${as_lineno-$LINENO}: Cannot find libz, disabling compression" >&5 -$as_echo "$as_me: Cannot find libz, disabling compression" >&6;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: Cannot find libz, disabling compression" >&5 +printf "%s\n" "$as_me: Cannot find libz, disabling compression" >&6;} found_libz="disabled; no libz found" else libz_errors="No libz found! Try --with-libz-prefix=PATH if you know that you have it." - { $as_echo "$as_me:${as_lineno-$LINENO}: ERROR: $libz_errors" >&5 -$as_echo "$as_me: ERROR: $libz_errors" >&6;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: ERROR: $libz_errors" >&5 +printf "%s\n" "$as_me: ERROR: $libz_errors" >&6;} fi else -$as_echo "#define LIBSSH2_HAVE_ZLIB 1" >>confdefs.h +printf "%s\n" "#define LIBSSH2_HAVE_ZLIB 1" >>confdefs.h LIBSREQUIRED="$LIBSREQUIRED${LIBSREQUIRED:+ }zlib" found_libz="yes" @@ -21487,157 +22911,1493 @@ fi # # Optional Settings # -# Check whether --enable-crypt-none was given. -if test "${enable_crypt_none+set}" = set; then : - enableval=$enable_crypt_none; -$as_echo "#define LIBSSH2_CRYPT_NONE 1" >>confdefs.h - -fi - - -# Check whether --enable-mac-none was given. -if test "${enable_mac_none+set}" = set; then : - enableval=$enable_mac_none; -$as_echo "#define LIBSSH2_MAC_NONE 1" >>confdefs.h - -fi - - -# Check whether --enable-gex-new was given. -if test "${enable_gex_new+set}" = set; then : - enableval=$enable_gex_new; GEX_NEW=$enableval -fi - -if test "$GEX_NEW" != "no"; then - -$as_echo "#define LIBSSH2_DH_GEX_NEW 1" >>confdefs.h - -fi - # Check whether --enable-clear-memory was given. -if test "${enable_clear_memory+set}" = set; then : +if test ${enable_clear_memory+y} +then : enableval=$enable_clear_memory; CLEAR_MEMORY=$enableval fi -if test "$CLEAR_MEMORY" != "no"; then - if test "$support_clear_memory" = "yes"; then +if test "$CLEAR_MEMORY" = "no"; then -$as_echo "#define LIBSSH2_CLEAR_MEMORY 1" >>confdefs.h +printf "%s\n" "#define LIBSSH2_NO_CLEAR_MEMORY 1" >>confdefs.h - enable_clear_memory=yes - else - if test "$CLEAR_MEMORY" = "yes"; then - as_fn_error $? "secure clearing/zeroing of memory is not supported by the selected crypto wincng" "$LINENO" 5 - else - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: secure clearing/zeroing of memory is not supported by the selected crypto wincng" >&5 -$as_echo "$as_me: WARNING: secure clearing/zeroing of memory is not supported by the selected crypto wincng" >&2;} - fi - enable_clear_memory=unsupported - fi + enable_clear_memory=no else - if test "$support_clear_memory" = "yes"; then - enable_clear_memory=no - else - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: secure clearing/zeroing of memory is not supported by the selected crypto wincng" >&5 -$as_echo "$as_me: WARNING: secure clearing/zeroing of memory is not supported by the selected crypto wincng" >&2;} - enable_clear_memory=unsupported - fi + enable_clear_memory=yes fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to enable pedantic and debug compiler options" >&5 -$as_echo_n "checking whether to enable pedantic and debug compiler options... " >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether to enable pedantic and debug compiler options" >&5 +printf %s "checking whether to enable pedantic and debug compiler options... " >&6; } +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to run the C preprocessor" >&5 +printf %s "checking how to run the C preprocessor... " >&6; } +# On Suns, sometimes $CPP names a directory. +if test -n "$CPP" && test -d "$CPP"; then + CPP= +fi +if test -z "$CPP"; then + if test ${ac_cv_prog_CPP+y} +then : + printf %s "(cached) " >&6 +else $as_nop + # Double quotes because $CC needs to be expanded + for CPP in "$CC -E" "$CC -E -traditional-cpp" cpp /lib/cpp + do + ac_preproc_ok=false +for ac_c_preproc_warn_flag in '' yes +do + # Use a header file that comes with gcc, so configuring glibc + # with a fresh cross-compiler works. + # On the NeXT, cc -E runs the code through the compiler's parser, + # not just through cpp. "Syntax error" is here to catch this case. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + Syntax error +_ACEOF +if ac_fn_c_try_cpp "$LINENO" +then : + +else $as_nop + # Broken: fails on valid input. +continue +fi +rm -f conftest.err conftest.i conftest.$ac_ext + + # OK, works on sane cases. Now check whether nonexistent headers + # can be detected and how. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +_ACEOF +if ac_fn_c_try_cpp "$LINENO" +then : + # Broken: success on invalid input. +continue +else $as_nop + # Passes both tests. +ac_preproc_ok=: +break +fi +rm -f conftest.err conftest.i conftest.$ac_ext + +done +# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. +rm -f conftest.i conftest.err conftest.$ac_ext +if $ac_preproc_ok +then : + break +fi + + done + ac_cv_prog_CPP=$CPP + +fi + CPP=$ac_cv_prog_CPP +else + ac_cv_prog_CPP=$CPP +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CPP" >&5 +printf "%s\n" "$CPP" >&6; } +ac_preproc_ok=false +for ac_c_preproc_warn_flag in '' yes +do + # Use a header file that comes with gcc, so configuring glibc + # with a fresh cross-compiler works. + # On the NeXT, cc -E runs the code through the compiler's parser, + # not just through cpp. "Syntax error" is here to catch this case. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + Syntax error +_ACEOF +if ac_fn_c_try_cpp "$LINENO" +then : + +else $as_nop + # Broken: fails on valid input. +continue +fi +rm -f conftest.err conftest.i conftest.$ac_ext + + # OK, works on sane cases. Now check whether nonexistent headers + # can be detected and how. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +_ACEOF +if ac_fn_c_try_cpp "$LINENO" +then : + # Broken: success on invalid input. +continue +else $as_nop + # Passes both tests. +ac_preproc_ok=: +break +fi +rm -f conftest.err conftest.i conftest.$ac_ext + +done +# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. +rm -f conftest.i conftest.err conftest.$ac_ext +if $ac_preproc_ok +then : + +else $as_nop + { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "C preprocessor \"$CPP\" fails sanity check +See \`config.log' for more details" "$LINENO" 5; } +fi + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if cpp -P is needed" >&5 +printf %s "checking if cpp -P is needed... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include +TEST EINVAL TEST + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "TEST.*TEST" >/dev/null 2>&1 +then : + cpp=no +else $as_nop + cpp=yes +fi +rm -rf conftest* + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $cpp" >&5 +printf "%s\n" "$cpp" >&6; } + + if test "x$cpp" = "xyes"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if cpp -P works" >&5 +printf %s "checking if cpp -P works... " >&6; } + OLDCPPFLAGS=$CPPFLAGS + CPPFLAGS="$CPPFLAGS -P" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include +TEST EINVAL TEST + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "TEST.*TEST" >/dev/null 2>&1 +then : + cpp_p=yes +else $as_nop + cpp_p=no +fi +rm -rf conftest* + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $cpp_p" >&5 +printf "%s\n" "$cpp_p" >&6; } + + if test "x$cpp_p" = "xno"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: failed to figure out cpp -P alternative" >&5 +printf "%s\n" "$as_me: WARNING: failed to figure out cpp -P alternative" >&2;} + # without -P + CPPPFLAG="" + else + # with -P + CPPPFLAG="-P" + fi + CPPFLAGS=$OLDCPPFLAGS + else + # without -P + CPPPFLAG="" + fi + + +squeeze() { + _sqz_result="" + eval _sqz_input=\$$1 + for _sqz_token in $_sqz_input; do + if test -z "$_sqz_result"; then + _sqz_result="$_sqz_token" + else + _sqz_result="$_sqz_result $_sqz_token" + fi + done + eval $1=\$_sqz_result + return 0 +} + # Check whether --enable-debug was given. -if test "${enable_debug+set}" = set; then : +if test ${enable_debug+y} +then : enableval=$enable_debug; case "$enable_debug" in no) - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } CPPFLAGS="$CPPFLAGS -DNDEBUG" ;; - *) { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } + *) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } enable_debug=yes CPPFLAGS="$CPPFLAGS -DLIBSSH2DEBUG" CFLAGS="$CFLAGS -g" + if test "z$CLANG" = "z"; then + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if compiler is clang" >&5 +printf %s "checking if compiler is clang... " >&6; } + + OLDCPPFLAGS=$CPPFLAGS + # CPPPFLAG comes from CURL_CPP_P + CPPFLAGS="$CPPFLAGS $CPPPFLAG" + if test -z "$SED"; then + as_fn_error $? "SED not set. Cannot continue without SED being set." "$LINENO" 5 + fi + if test -z "$GREP"; then + as_fn_error $? "GREP not set. Cannot continue without GREP being set." "$LINENO" 5 + fi + + tmp_exp="" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + +#ifdef __clang__ +CURL_DEF_TOKEN __clang__ +#endif + + +_ACEOF +if ac_fn_c_try_cpp "$LINENO" +then : + + tmp_exp=`eval "$ac_cpp conftest.$ac_ext" 2>/dev/null | \ + "$GREP" CURL_DEF_TOKEN 2>/dev/null | \ + "$SED" 's/.*CURL_DEF_TOKEN[ ][ ]*//' 2>/dev/null | \ + "$SED" 's/["][ ]*["]//g' 2>/dev/null` + if test -z "$tmp_exp" || test "$tmp_exp" = "__clang__"; then + tmp_exp="" + fi + +fi +rm -f conftest.err conftest.i conftest.$ac_ext + if test -z "$tmp_exp"; then + curl_cv_have_def___clang__=no + + else + curl_cv_have_def___clang__=yes + curl_cv_def___clang__=$tmp_exp + + fi + CPPFLAGS=$OLDCPPFLAGS + + if test "$curl_cv_have_def___clang__" = "yes"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if compiler is xlclang" >&5 +printf %s "checking if compiler is xlclang... " >&6; } + + OLDCPPFLAGS=$CPPFLAGS + # CPPPFLAG comes from CURL_CPP_P + CPPFLAGS="$CPPFLAGS $CPPPFLAG" + if test -z "$SED"; then + as_fn_error $? "SED not set. Cannot continue without SED being set." "$LINENO" 5 + fi + if test -z "$GREP"; then + as_fn_error $? "GREP not set. Cannot continue without GREP being set." "$LINENO" 5 + fi + + tmp_exp="" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + +#ifdef __ibmxl__ +CURL_DEF_TOKEN __ibmxl__ +#endif + + +_ACEOF +if ac_fn_c_try_cpp "$LINENO" +then : + + tmp_exp=`eval "$ac_cpp conftest.$ac_ext" 2>/dev/null | \ + "$GREP" CURL_DEF_TOKEN 2>/dev/null | \ + "$SED" 's/.*CURL_DEF_TOKEN[ ][ ]*//' 2>/dev/null | \ + "$SED" 's/["][ ]*["]//g' 2>/dev/null` + if test -z "$tmp_exp" || test "$tmp_exp" = "__ibmxl__"; then + tmp_exp="" + fi + +fi +rm -f conftest.err conftest.i conftest.$ac_ext + if test -z "$tmp_exp"; then + curl_cv_have_def___ibmxl__=no + + else + curl_cv_have_def___ibmxl__=yes + curl_cv_def___ibmxl__=$tmp_exp + + fi + CPPFLAGS=$OLDCPPFLAGS + + if test "$curl_cv_have_def___ibmxl__" = "yes" ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + compiler_id="XLCLANG" + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + compiler_id="CLANG" + fi + fullclangver=`$CC -v 2>&1 | grep version` + clangver=`echo $fullclangver | grep "based on LLVM " | "$SED" 's/.*(based on LLVM \([0-9]*\.[0-9]*\).*)/\1/'` + if test -z "$clangver"; then + if echo $fullclangver | grep "Apple LLVM version " >/dev/null; then + clangver="3.7" + else + clangver=`echo $fullclangver | "$SED" 's/.*version \([0-9]*\.[0-9]*\).*/\1/'` + fi + fi + clangvhi=`echo $clangver | cut -d . -f1` + clangvlo=`echo $clangver | cut -d . -f2` + compiler_num=`(expr $clangvhi "*" 100 + $clangvlo) 2>/dev/null` + flags_dbg_yes="-g" + flags_opt_all="-O -O0 -O1 -O2 -Os -O3 -O4" + flags_opt_yes="-O2" + flags_opt_off="-O0" + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + + if test "z$compiler_id" = "zCLANG"; then + CLANG="yes" + else + CLANG="no" + fi + fi if test "z$ICC" = "z"; then ICC="no" - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for icc in use" >&5 -$as_echo_n "checking for icc in use... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for icc in use" >&5 +printf %s "checking for icc in use... " >&6; } if test "$GCC" = "yes"; then cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ __INTEL_COMPILER _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "^__INTEL_COMPILER" >/dev/null 2>&1; then : + $EGREP "^__INTEL_COMPILER" >/dev/null 2>&1 +then : ICC="no" -else +else $as_nop ICC="yes" - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } fi -rm -f conftest* +rm -rf conftest* fi if test "$ICC" = "no"; then # this is not ICC - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi fi - if test "$GCC" = "yes"; then + if test "$CLANG" = "yes"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking gcc version" >&5 -$as_echo_n "checking gcc version... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking clang version" >&5 +printf %s "checking clang version... " >&6; } + fullclangver=`$CC -v 2>&1 | grep version` + clangver=`echo $fullclangver | grep "based on LLVM " | "$SED" 's/.*(based on LLVM \([0-9]*\.[0-9]*\).*)/\1/'` + if test -z "$clangver"; then + if echo $fullclangver | grep "Apple LLVM version " >/dev/null; then + clangver="3.7" + else + clangver=`echo $fullclangver | "$SED" 's/.*version \([0-9]*\.[0-9]*\).*/\1/'` + fi + fi + clangvhi=`echo $clangver | cut -d . -f1` + clangvlo=`echo $clangver | cut -d . -f2` + compiler_num=`(expr $clangvhi "*" 100 + $clangvlo) 2>/dev/null` + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $compiler_num" >&5 +printf "%s\n" "$compiler_num" >&6; } + + WARN="-pedantic" + + ac_var_added_warnings="" + for warning in all extra; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + + ac_var_added_warnings="" + for warning in pointer-arith write-strings; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + + ac_var_added_warnings="" + for warning in shadow; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + + ac_var_added_warnings="" + for warning in inline nested-externs; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + + ac_var_added_warnings="" + for warning in missing-declarations; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + + ac_var_added_warnings="" + for warning in missing-prototypes; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + WARN="$WARN -Wno-long-long" + + ac_var_added_warnings="" + for warning in float-equal; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + + ac_var_added_warnings="" + for warning in no-multichar sign-compare; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + + ac_var_added_warnings="" + for warning in undef; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + WARN="$WARN -Wno-format-nonliteral" + + ac_var_added_warnings="" + for warning in endif-labels strict-prototypes; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + + ac_var_added_warnings="" + for warning in declaration-after-statement; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + + ac_var_added_warnings="" + for warning in cast-align; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + WARN="$WARN -Wno-system-headers" + + ac_var_added_warnings="" + for warning in shorten-64-to-32; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + # + if test "$compiler_num" -ge "101"; then + + ac_var_added_warnings="" + for warning in unused; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + fi + # + if test "$compiler_num" -ge "208"; then + + ac_var_added_warnings="" + for warning in vla; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + fi + # + if test "$compiler_num" -ge "209"; then + + ac_var_added_warnings="" + for warning in shift-sign-overflow; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + fi + # + if test "$compiler_num" -ge "300"; then + + ac_var_added_warnings="" + for warning in bad-function-cast; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + + ac_var_added_warnings="" + for warning in conversion; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + + ac_var_added_warnings="" + for warning in empty-body; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + + ac_var_added_warnings="" + for warning in ignored-qualifiers; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + + ac_var_added_warnings="" + for warning in type-limits; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + + ac_var_added_warnings="" + for warning in no-sign-conversion; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + fi + # + if test "$compiler_num" -ge "302"; then + + ac_var_added_warnings="" + for warning in enum-conversion; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + case $host_os in + cygwin* | mingw*) + ;; + *) + + ac_var_added_warnings="" + for warning in missing-variable-declarations; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + ;; + esac + fi + # + if test "$compiler_num" -ge "304"; then + + ac_var_added_warnings="" + for warning in unused-const-variable; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + fi + # + if test "$compiler_num" -ge "306"; then + + ac_var_added_warnings="" + for warning in double-promotion; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + fi + # + if test "$compiler_num" -ge "309"; then + + ac_var_added_warnings="" + for warning in comma; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + # avoid the varargs warning, fixed in 4.0 + # https://bugs.llvm.org/show_bug.cgi?id=29140 + if test "$compiler_num" -lt "400"; then + WARN="$WARN -Wno-varargs" + fi + fi + if test "$compiler_num" -ge "700"; then + + ac_var_added_warnings="" + for warning in assign-enum; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + + ac_var_added_warnings="" + for warning in extra-semi-stmt; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + fi + + CFLAGS="$CFLAGS $WARN" + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: Added this set of compiler options: $WARN" >&5 +printf "%s\n" "$as_me: Added this set of compiler options: $WARN" >&6;} + + elif test "$GCC" = "yes"; then + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking gcc version" >&5 +printf %s "checking gcc version... " >&6; } gccver=`$CC -dumpversion` num1=`echo $gccver | cut -d . -f1` num2=`echo $gccver | cut -d . -f2` - gccnum=`(expr $num1 "*" 100 + $num2) 2>/dev/null` - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $gccver" >&5 -$as_echo "$gccver" >&6; } + compiler_num=`(expr $num1 "*" 100 + $num2) 2>/dev/null` + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $gccver" >&5 +printf "%s\n" "$gccver" >&6; } if test "$ICC" = "yes"; then WARN="-wd279,269,981,1418,1419" - if test "$gccnum" -gt "600"; then + if test "$compiler_num" -gt "600"; then WARN="-Wall $WARN" fi else WARN="-W -Wall -Wwrite-strings -pedantic -Wpointer-arith -Wnested-externs -Winline -Wmissing-prototypes" - - if test "$gccnum" -ge "207"; then + if test "$compiler_num" -ge "207"; then WARN="$WARN -Wmissing-declarations" fi - if test "$gccnum" -gt "295"; then - WARN="$WARN -Wundef -Wno-long-long -Wsign-compare" + if test "$compiler_num" -gt "295"; then + WARN="$WARN -Wbad-function-cast -Wundef -Wno-long-long -Wno-multichar -Wshadow -Wsign-compare -Wunused" fi - if test "$gccnum" -ge "296"; then + if test "$compiler_num" -ge "296"; then WARN="$WARN -Wfloat-equal" fi - if test "$gccnum" -gt "296"; then + if test "$compiler_num" -gt "296"; then WARN="$WARN -Wno-format-nonliteral" fi - if test "$gccnum" -ge "303"; then + if test "$compiler_num" -ge "303"; then WARN="$WARN -Wendif-labels -Wstrict-prototypes" fi - if test "$gccnum" -ge "304"; then + if test "$compiler_num" -ge "304"; then # try these on gcc 3.4 WARN="$WARN -Wdeclaration-after-statement" + fi + + if test "$compiler_num" -ge "400"; then + WARN="$WARN -Wstrict-aliasing=3" + fi + # + if test "$compiler_num" -ge "401"; then + + ac_var_added_warnings="" + for warning in no-system-headers; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + fi + # + if test "$compiler_num" -ge "402"; then + + ac_var_added_warnings="" + for warning in cast-align; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + fi + # + if test "$compiler_num" -ge "403"; then + + ac_var_added_warnings="" + for warning in type-limits old-style-declaration; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + + ac_var_added_warnings="" + for warning in missing-parameter-type empty-body; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + + ac_var_added_warnings="" + for warning in ignored-qualifiers; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + + ac_var_added_warnings="" + for warning in conversion; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + WARN="$WARN -Wno-sign-conversion" + + ac_var_added_warnings="" + for warning in vla; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + WARN="$WARN -ftree-vrp" + fi + # + if test "$compiler_num" -ge "405"; then + case $host_os in + mingw*) + WARN="$WARN -Wno-pedantic-ms-format" + ;; + esac + fi + # + if test "$compiler_num" -ge "406"; then + + ac_var_added_warnings="" + for warning in double-promotion; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + fi + # + if test "$compiler_num" -ge "408"; then + WARN="$WARN -Wformat=2" + fi + # + if test "$compiler_num" -ge "500"; then + WARN="$WARN -Warray-bounds=2" + fi + # + if test "$compiler_num" -ge "600"; then + + ac_var_added_warnings="" + for warning in shift-negative-value; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + WARN="$WARN -Wshift-overflow=2" + + ac_var_added_warnings="" + for warning in null-dereference; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + WARN="$WARN -fdelete-null-pointer-checks" + + ac_var_added_warnings="" + for warning in duplicated-cond; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + + ac_var_added_warnings="" + for warning in unused-const-variable; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + fi + # + if test "$compiler_num" -ge "700"; then + + ac_var_added_warnings="" + for warning in duplicated-branches; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + + ac_var_added_warnings="" + for warning in restrict; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + + ac_var_added_warnings="" + for warning in alloc-zero; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + WARN="$WARN -Wformat-overflow=2" + WARN="$WARN -Wformat-truncation=1" + fi + # + if test "$compiler_num" -ge "1000"; then + + ac_var_added_warnings="" + for warning in arith-conversion; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + + + ac_var_added_warnings="" + for warning in enum-conversion; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + WARN="$WARN $ac_var_added_warnings" + squeeze WARN + fi for flag in $CPPFLAGS; do @@ -21652,12 +24412,12 @@ $as_echo "$gccver" >&6; } fi CFLAGS="$CFLAGS $WARN" - { $as_echo "$as_me:${as_lineno-$LINENO}: Added this set of compiler options: $WARN" >&5 -$as_echo "$as_me: Added this set of compiler options: $WARN" >&6;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: Added this set of compiler options: $WARN" >&5 +printf "%s\n" "$as_me: Added this set of compiler options: $WARN" >&6;} else - { $as_echo "$as_me:${as_lineno-$LINENO}: Added no extra compiler options" >&5 -$as_echo "$as_me: Added no extra compiler options" >&6;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: Added no extra compiler options" >&5 +printf "%s\n" "$as_me: Added no extra compiler options" >&6;} fi NEWFLAGS="" @@ -21676,66 +24436,126 @@ $as_echo "$as_me: Added no extra compiler options" >&6;} ;; esac -else +else $as_nop enable_debug=no - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to enable hidden symbols in the library" >&5 -$as_echo_n "checking whether to enable hidden symbols in the library... " >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether to enable hidden symbols in the library" >&5 +printf %s "checking whether to enable hidden symbols in the library... " >&6; } # Check whether --enable-hidden-symbols was given. -if test "${enable_hidden_symbols+set}" = set; then : +if test ${enable_hidden_symbols+y} +then : enableval=$enable_hidden_symbols; case "$enableval" in no) - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } ;; *) - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC supports it" >&5 -$as_echo_n "checking whether $CC supports it... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether $CC supports it" >&5 +printf %s "checking whether $CC supports it... " >&6; } if test "$GCC" = yes ; then if $CC --help --verbose 2>&1 | grep fvisibility= > /dev/null ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } -$as_echo "#define LIBSSH2_API __attribute__ ((visibility (\"default\")))" >>confdefs.h +printf "%s\n" "#define LIBSSH2_API __attribute__ ((visibility (\"default\")))" >>confdefs.h CFLAGS="$CFLAGS -fvisibility=hidden" else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi else if $CC 2>&1 | grep flags >/dev/null && $CC -flags | grep xldscope= >/dev/null ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } -$as_echo "#define LIBSSH2_API __global" >>confdefs.h +printf "%s\n" "#define LIBSSH2_API __global" >>confdefs.h CFLAGS="$CFLAGS -xldscope=hidden" else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi fi ;; esac -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi +# Build tests? +# Check whether --enable-tests was given. +if test ${enable_tests+y} +then : + enableval=$enable_tests; + if ! test "x${enable_tests}" = "xyes"; then + enable_tests="no" + fi + +else $as_nop + enable_tests="yes" +fi + + if test "x$enable_tests" = xyes; then + ENABLE_TESTS_TRUE= + ENABLE_TESTS_FALSE='#' +else + ENABLE_TESTS_TRUE='#' + ENABLE_TESTS_FALSE= +fi + + +# Run Docker tests? +# Check whether --enable-docker-tests was given. +if test ${enable_docker_tests+y} +then : + enableval=$enable_docker_tests; run_docker_tests=no +else $as_nop + run_docker_tests=yes +fi + + if test "x$run_docker_tests" != "xno"; then + RUN_DOCKER_TESTS_TRUE= + RUN_DOCKER_TESTS_FALSE='#' +else + RUN_DOCKER_TESTS_TRUE='#' + RUN_DOCKER_TESTS_FALSE= +fi + + +# Run sshd tests? +# Check whether --enable-sshd-tests was given. +if test ${enable_sshd_tests+y} +then : + enableval=$enable_sshd_tests; run_sshd_tests=no +else $as_nop + run_sshd_tests=yes +fi + + if test "x$run_sshd_tests" != "xno"; then + RUN_SSHD_TESTS_TRUE= + RUN_SSHD_TESTS_FALSE='#' +else + RUN_SSHD_TESTS_TRUE='#' + RUN_SSHD_TESTS_FALSE= +fi + + # Build example applications? -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to build example applications" >&5 -$as_echo_n "checking whether to build example applications... " >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether to build example applications" >&5 +printf %s "checking whether to build example applications... " >&6; } # Check whether --enable-examples-build was given. -if test "${enable_examples_build+set}" = set; then : +if test ${enable_examples_build+y} +then : enableval=$enable_examples_build; case "$enableval" in no | false) build_examples='no' @@ -21744,12 +24564,12 @@ if test "${enable_examples_build+set}" = set; then : build_examples='yes' ;; esac -else +else $as_nop build_examples='yes' fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $build_examples" >&5 -$as_echo "$build_examples" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $build_examples" >&5 +printf "%s\n" "$build_examples" >&6; } if test "x$build_examples" != "xno"; then BUILD_EXAMPLES_TRUE= BUILD_EXAMPLES_FALSE='#' @@ -21762,9 +24582,10 @@ fi # Build OSS fuzzing targets? # Check whether --enable-ossfuzzers was given. -if test "${enable_ossfuzzers+set}" = set; then : +if test ${enable_ossfuzzers+y} +then : enableval=$enable_ossfuzzers; have_ossfuzzers=yes -else +else $as_nop have_ossfuzzers=no fi @@ -21799,66 +24620,86 @@ fi # Checks for header files. -# AC_HEADER_STDC -for ac_header in errno.h fcntl.h stdio.h stdlib.h unistd.h sys/uio.h -do : - as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` -ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" -if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF +ac_fn_c_check_header_compile "$LINENO" "errno.h" "ac_cv_header_errno_h" "$ac_includes_default" +if test "x$ac_cv_header_errno_h" = xyes +then : + printf "%s\n" "#define HAVE_ERRNO_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "fcntl.h" "ac_cv_header_fcntl_h" "$ac_includes_default" +if test "x$ac_cv_header_fcntl_h" = xyes +then : + printf "%s\n" "#define HAVE_FCNTL_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "stdio.h" "ac_cv_header_stdio_h" "$ac_includes_default" +if test "x$ac_cv_header_stdio_h" = xyes +then : + printf "%s\n" "#define HAVE_STDIO_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "unistd.h" "ac_cv_header_unistd_h" "$ac_includes_default" +if test "x$ac_cv_header_unistd_h" = xyes +then : + printf "%s\n" "#define HAVE_UNISTD_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sys/param.h" "ac_cv_header_sys_param_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_param_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_PARAM_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sys/uio.h" "ac_cv_header_sys_uio_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_uio_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_UIO_H 1" >>confdefs.h fi -done +ac_fn_c_check_header_compile "$LINENO" "sys/select.h" "ac_cv_header_sys_select_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_select_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_SELECT_H 1" >>confdefs.h -for ac_header in sys/select.h sys/socket.h sys/ioctl.h sys/time.h -do : - as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` -ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" -if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF +fi +ac_fn_c_check_header_compile "$LINENO" "sys/socket.h" "ac_cv_header_sys_socket_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_socket_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_SOCKET_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sys/ioctl.h" "ac_cv_header_sys_ioctl_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_ioctl_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_IOCTL_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sys/time.h" "ac_cv_header_sys_time_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_time_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_TIME_H 1" >>confdefs.h fi -done +ac_fn_c_check_header_compile "$LINENO" "arpa/inet.h" "ac_cv_header_arpa_inet_h" "$ac_includes_default" +if test "x$ac_cv_header_arpa_inet_h" = xyes +then : + printf "%s\n" "#define HAVE_ARPA_INET_H 1" >>confdefs.h -for ac_header in arpa/inet.h netinet/in.h -do : - as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` -ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" -if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF +fi +ac_fn_c_check_header_compile "$LINENO" "netinet/in.h" "ac_cv_header_netinet_in_h" "$ac_includes_default" +if test "x$ac_cv_header_netinet_in_h" = xyes +then : + printf "%s\n" "#define HAVE_NETINET_IN_H 1" >>confdefs.h fi -done +ac_fn_c_check_header_compile "$LINENO" "sys/un.h" "ac_cv_header_sys_un_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_un_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_UN_H 1" >>confdefs.h -for ac_header in sys/un.h -do : - ac_fn_c_check_header_mongrel "$LINENO" "sys/un.h" "ac_cv_header_sys_un_h" "$ac_includes_default" -if test "x$ac_cv_header_sys_un_h" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_SYS_UN_H 1 -_ACEOF - have_sys_un_h=yes -else - have_sys_un_h=no -fi - -done - - if test "x$have_sys_un_h" = xyes; then - HAVE_SYS_UN_H_TRUE= - HAVE_SYS_UN_H_FALSE='#' -else - HAVE_SYS_UN_H_TRUE='#' - HAVE_SYS_UN_H_FALSE= fi @@ -21867,62 +24708,88 @@ case $host in # These are POSIX-like systems using BSD-like sockets API. ;; *) - for ac_header in windows.h winsock2.h ws2tcpip.h + for ac_header in windows.h do : - as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` -ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" -if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - + ac_fn_c_check_header_compile "$LINENO" "windows.h" "ac_cv_header_windows_h" "$ac_includes_default" +if test "x$ac_cv_header_windows_h" = xyes +then : + printf "%s\n" "#define HAVE_WINDOWS_H 1" >>confdefs.h + have_windows_h=yes +else $as_nop + have_windows_h=no fi done - ;; esac case $host in *darwin*|*interix*) - { $as_echo "$as_me:${as_lineno-$LINENO}: poll use is disabled on this platform" >&5 -$as_echo "$as_me: poll use is disabled on this platform" >&6;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: poll use is disabled on this platform" >&5 +printf "%s\n" "$as_me: poll use is disabled on this platform" >&6;} ;; *) - for ac_func in poll -do : - ac_fn_c_check_func "$LINENO" "poll" "ac_cv_func_poll" -if test "x$ac_cv_func_poll" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_POLL 1 -_ACEOF + ac_fn_c_check_func "$LINENO" "poll" "ac_cv_func_poll" +if test "x$ac_cv_func_poll" = xyes +then : + printf "%s\n" "#define HAVE_POLL 1" >>confdefs.h fi -done ;; esac -for ac_func in gettimeofday select strtoll memset_s -do : - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` -ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -if eval test \"x\$"$as_ac_var"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF +ac_fn_c_check_func "$LINENO" "gettimeofday" "ac_cv_func_gettimeofday" +if test "x$ac_cv_func_gettimeofday" = xyes +then : + printf "%s\n" "#define HAVE_GETTIMEOFDAY 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "select" "ac_cv_func_select" +if test "x$ac_cv_func_select" = xyes +then : + printf "%s\n" "#define HAVE_SELECT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "strtoll" "ac_cv_func_strtoll" +if test "x$ac_cv_func_strtoll" = xyes +then : + printf "%s\n" "#define HAVE_STRTOLL 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "explicit_bzero" "ac_cv_func_explicit_bzero" +if test "x$ac_cv_func_explicit_bzero" = xyes +then : + printf "%s\n" "#define HAVE_EXPLICIT_BZERO 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "explicit_memset" "ac_cv_func_explicit_memset" +if test "x$ac_cv_func_explicit_memset" = xyes +then : + printf "%s\n" "#define HAVE_EXPLICIT_MEMSET 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "memset_s" "ac_cv_func_memset_s" +if test "x$ac_cv_func_memset_s" = xyes +then : + printf "%s\n" "#define HAVE_MEMSET_S 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "snprintf" "ac_cv_func_snprintf" +if test "x$ac_cv_func_snprintf" = xyes +then : + printf "%s\n" "#define HAVE_SNPRINTF 1" >>confdefs.h fi -done if test "$ac_cv_func_select" != "yes"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for select in ws2_32" >&5 -$as_echo_n "checking for select in ws2_32... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for select in ws2_32" >&5 +printf %s "checking for select in ws2_32... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#ifdef HAVE_WINSOCK2_H +#ifdef HAVE_WINDOWS_H #ifndef WIN32_LEAN_AND_MEAN #define WIN32_LEAN_AND_MEAN #endif @@ -21930,7 +24797,7 @@ $as_echo_n "checking for select in ws2_32... " >&6; } #endif int -main () +main (void) { select(0,(fd_set *)NULL,(fd_set *)NULL,(fd_set *)NULL,(struct timeval *)NULL); @@ -21939,50 +24806,49 @@ main () return 0; } _ACEOF -if ac_fn_c_try_link "$LINENO"; then : +if ac_fn_c_try_link "$LINENO" +then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } HAVE_SELECT="1" -cat >>confdefs.h <<_ACEOF -#define HAVE_SELECT 1 -_ACEOF +printf "%s\n" "#define HAVE_SELECT 1" >>confdefs.h -else +else $as_nop - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi -rm -f core conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext fi ac_fn_c_check_type "$LINENO" "size_t" "ac_cv_type_size_t" "$ac_includes_default" -if test "x$ac_cv_type_size_t" = xyes; then : +if test "x$ac_cv_type_size_t" = xyes +then : -else +else $as_nop -cat >>confdefs.h <<_ACEOF -#define size_t unsigned int -_ACEOF +printf "%s\n" "#define size_t unsigned int" >>confdefs.h fi # The Ultrix 4.2 mips builtin alloca declared by alloca.h only works # for constant arguments. Useless! -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for working alloca.h" >&5 -$as_echo_n "checking for working alloca.h... " >&6; } -if ${ac_cv_working_alloca_h+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for working alloca.h" >&5 +printf %s "checking for working alloca.h... " >&6; } +if test ${ac_cv_working_alloca_h+y} +then : + printf %s "(cached) " >&6 +else $as_nop cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int -main () +main (void) { char *p = (char *) alloca (2 * sizeof (int)); if (p) return 0; @@ -21990,52 +24856,52 @@ char *p = (char *) alloca (2 * sizeof (int)); return 0; } _ACEOF -if ac_fn_c_try_link "$LINENO"; then : +if ac_fn_c_try_link "$LINENO" +then : ac_cv_working_alloca_h=yes -else +else $as_nop ac_cv_working_alloca_h=no fi -rm -f core conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_working_alloca_h" >&5 -$as_echo "$ac_cv_working_alloca_h" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_working_alloca_h" >&5 +printf "%s\n" "$ac_cv_working_alloca_h" >&6; } if test $ac_cv_working_alloca_h = yes; then -$as_echo "#define HAVE_ALLOCA_H 1" >>confdefs.h +printf "%s\n" "#define HAVE_ALLOCA_H 1" >>confdefs.h fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for alloca" >&5 -$as_echo_n "checking for alloca... " >&6; } -if ${ac_cv_func_alloca_works+:} false; then : - $as_echo_n "(cached) " >&6 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for alloca" >&5 +printf %s "checking for alloca... " >&6; } +if test ${ac_cv_func_alloca_works+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if test $ac_cv_working_alloca_h = yes; then + ac_cv_func_alloca_works=yes else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#ifdef __GNUC__ -# define alloca __builtin_alloca -#else -# ifdef _MSC_VER +#include +#include +#ifndef alloca +# ifdef __GNUC__ +# define alloca __builtin_alloca +# elif defined _MSC_VER # include # define alloca _alloca # else -# ifdef HAVE_ALLOCA_H -# include -# else -# ifdef _AIX - #pragma alloca -# else -# ifndef alloca /* predefined by HP cc +Olibcalls */ -void *alloca (size_t); -# endif -# endif +# ifdef __cplusplus +extern "C" # endif +void *alloca (size_t); # endif #endif int -main () +main (void) { char *p = (char *) alloca (1); if (p) return 0; @@ -22043,20 +24909,22 @@ char *p = (char *) alloca (1); return 0; } _ACEOF -if ac_fn_c_try_link "$LINENO"; then : +if ac_fn_c_try_link "$LINENO" +then : ac_cv_func_alloca_works=yes -else +else $as_nop ac_cv_func_alloca_works=no fi -rm -f core conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_alloca_works" >&5 -$as_echo "$ac_cv_func_alloca_works" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_alloca_works" >&5 +printf "%s\n" "$ac_cv_func_alloca_works" >&6; } +fi if test $ac_cv_func_alloca_works = yes; then -$as_echo "#define HAVE_ALLOCA 1" >>confdefs.h +printf "%s\n" "#define HAVE_ALLOCA 1" >>confdefs.h else # The SVR3 libPW and SVR4 libucb both contain incompatible functions @@ -22066,58 +24934,19 @@ else ALLOCA=\${LIBOBJDIR}alloca.$ac_objext -$as_echo "#define C_ALLOCA 1" >>confdefs.h +printf "%s\n" "#define C_ALLOCA 1" >>confdefs.h -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether \`alloca.c' needs Cray hooks" >&5 -$as_echo_n "checking whether \`alloca.c' needs Cray hooks... " >&6; } -if ${ac_cv_os_cray+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#if defined CRAY && ! defined CRAY2 -webecray -#else -wenotbecray -#endif - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "webecray" >/dev/null 2>&1; then : - ac_cv_os_cray=yes -else - ac_cv_os_cray=no -fi -rm -f conftest* - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_os_cray" >&5 -$as_echo "$ac_cv_os_cray" >&6; } -if test $ac_cv_os_cray = yes; then - for ac_func in _getb67 GETB67 getb67; do - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` -ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -if eval test \"x\$"$as_ac_var"\" = x"yes"; then : - -cat >>confdefs.h <<_ACEOF -#define CRAY_STACKSEG_END $ac_func -_ACEOF - - break -fi - - done -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking stack direction for C alloca" >&5 -$as_echo_n "checking stack direction for C alloca... " >&6; } -if ${ac_cv_c_stack_direction+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test "$cross_compiling" = yes; then : +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking stack direction for C alloca" >&5 +printf %s "checking stack direction for C alloca... " >&6; } +if test ${ac_cv_c_stack_direction+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if test "$cross_compiling" = yes +then : ac_cv_c_stack_direction=0 -else +else $as_nop cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $ac_includes_default @@ -22138,9 +24967,10 @@ main (int argc, char **argv) return find_stack_direction (0, argc + !argv + 20) < 0; } _ACEOF -if ac_fn_c_try_run "$LINENO"; then : +if ac_fn_c_try_run "$LINENO" +then : ac_cv_c_stack_direction=1 -else +else $as_nop ac_cv_c_stack_direction=-1 fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ @@ -22148,27 +24978,26 @@ rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_stack_direction" >&5 -$as_echo "$ac_cv_c_stack_direction" >&6; } -cat >>confdefs.h <<_ACEOF -#define STACK_DIRECTION $ac_cv_c_stack_direction -_ACEOF +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_stack_direction" >&5 +printf "%s\n" "$ac_cv_c_stack_direction" >&6; } +printf "%s\n" "#define STACK_DIRECTION $ac_cv_c_stack_direction" >>confdefs.h fi # Checks for typedefs, structures, and compiler characteristics. -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for an ANSI C-conforming const" >&5 -$as_echo_n "checking for an ANSI C-conforming const... " >&6; } -if ${ac_cv_c_const+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for an ANSI C-conforming const" >&5 +printf %s "checking for an ANSI C-conforming const... " >&6; } +if test ${ac_cv_c_const+y} +then : + printf %s "(cached) " >&6 +else $as_nop cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int -main () +main (void) { #ifndef __cplusplus @@ -22181,7 +25010,7 @@ main () /* NEC SVR4.0.2 mips cc rejects this. */ struct point {int x, y;}; static struct point const zero = {0,0}; - /* AIX XL C 1.02.0.0 rejects this. + /* IBM XL C 1.02.0.0 rejects this. It does not let you subtract one const X* pointer from another in an arm of an if-expression whose if-part is not a constant expression */ @@ -22209,7 +25038,7 @@ main () iptr p = 0; ++p; } - { /* AIX XL C 1.02.0.0 rejects this sort of thing, saying + { /* IBM XL C 1.02.0.0 rejects this sort of thing, saying "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */ struct s { int j; const int *ap[3]; } bx; struct s *b = &bx; b->j = 5; @@ -22225,47 +25054,50 @@ main () return 0; } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : +if ac_fn_c_try_compile "$LINENO" +then : ac_cv_c_const=yes -else +else $as_nop ac_cv_c_const=no fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_const" >&5 -$as_echo "$ac_cv_c_const" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_const" >&5 +printf "%s\n" "$ac_cv_c_const" >&6; } if test $ac_cv_c_const = no; then -$as_echo "#define const /**/" >>confdefs.h +printf "%s\n" "#define const /**/" >>confdefs.h fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for inline" >&5 -$as_echo_n "checking for inline... " >&6; } -if ${ac_cv_c_inline+:} false; then : - $as_echo_n "(cached) " >&6 -else +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for inline" >&5 +printf %s "checking for inline... " >&6; } +if test ${ac_cv_c_inline+y} +then : + printf %s "(cached) " >&6 +else $as_nop ac_cv_c_inline=no for ac_kw in inline __inline__ __inline; do cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifndef __cplusplus typedef int foo_t; -static $ac_kw foo_t static_foo () {return 0; } -$ac_kw foo_t foo () {return 0; } +static $ac_kw foo_t static_foo (void) {return 0; } +$ac_kw foo_t foo (void) {return 0; } #endif _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : +if ac_fn_c_try_compile "$LINENO" +then : ac_cv_c_inline=$ac_kw fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext test "$ac_cv_c_inline" != no && break done fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_inline" >&5 -$as_echo "$ac_cv_c_inline" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_inline" >&5 +printf "%s\n" "$ac_cv_c_inline" >&6; } case $ac_cv_c_inline in inline | yes) ;; @@ -22284,8 +25116,8 @@ esac - { $as_echo "$as_me:${as_lineno-$LINENO}: checking non-blocking sockets style" >&5 -$as_echo_n "checking non-blocking sockets style... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking non-blocking sockets style" >&5 +printf %s "checking non-blocking sockets style... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -22296,7 +25128,7 @@ $as_echo_n "checking non-blocking sockets style... " >&6; } #include int -main () +main (void) { /* try to compile O_NONBLOCK */ @@ -22322,14 +25154,15 @@ main () return 0; } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : +if ac_fn_c_try_compile "$LINENO" +then : nonblock="O_NONBLOCK" -$as_echo "#define HAVE_O_NONBLOCK 1" >>confdefs.h +printf "%s\n" "#define HAVE_O_NONBLOCK 1" >>confdefs.h -else +else $as_nop cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -22340,7 +25173,7 @@ else #include int -main () +main (void) { /* FIONBIO source test (old-style unix) */ @@ -22351,57 +25184,15 @@ main () return 0; } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : +if ac_fn_c_try_compile "$LINENO" +then : nonblock="FIONBIO" -$as_echo "#define HAVE_FIONBIO 1" >>confdefs.h +printf "%s\n" "#define HAVE_FIONBIO 1" >>confdefs.h -else - - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* headers for ioctlsocket test (Windows) */ -#undef inline -#ifdef HAVE_WINDOWS_H -#ifndef WIN32_LEAN_AND_MEAN -#define WIN32_LEAN_AND_MEAN -#endif -#include -#ifdef HAVE_WINSOCK2_H -#include -#else -#ifdef HAVE_WINSOCK_H -#include -#endif -#endif -#endif - -int -main () -{ - -/* ioctlsocket source code */ - SOCKET sd; - unsigned long flags = 0; - sd = socket(0, 0, 0); - ioctlsocket(sd, FIONBIO, &flags); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - -nonblock="ioctlsocket" - -$as_echo "#define HAVE_IOCTLSOCKET 1" >>confdefs.h - - -else +else $as_nop cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -22411,7 +25202,7 @@ else #include int -main () +main (void) { /* IoctlSocket source code */ @@ -22422,14 +25213,15 @@ main () return 0; } _ACEOF -if ac_fn_c_try_link "$LINENO"; then : +if ac_fn_c_try_link "$LINENO" +then : nonblock="IoctlSocket" -$as_echo "#define HAVE_IOCTLSOCKET_CASE 1" >>confdefs.h +printf "%s\n" "#define HAVE_IOCTLSOCKET_CASE 1" >>confdefs.h -else +else $as_nop cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -22438,7 +25230,7 @@ else #include int -main () +main (void) { /* SO_NONBLOCK source code */ @@ -22450,59 +25242,53 @@ main () return 0; } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : +if ac_fn_c_try_compile "$LINENO" +then : nonblock="SO_NONBLOCK" -$as_echo "#define HAVE_SO_NONBLOCK 1" >>confdefs.h +printf "%s\n" "#define HAVE_SO_NONBLOCK 1" >>confdefs.h -else +else $as_nop nonblock="nada" -$as_echo "#define HAVE_DISABLED_NONBLOCKING 1" >>confdefs.h +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - - -fi -rm -f core conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $nonblock" >&5 -$as_echo "$nonblock" >&6; } +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $nonblock" >&5 +printf "%s\n" "$nonblock" >&6; } if test "$nonblock" = "nada"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: non-block sockets disabled" >&5 -$as_echo "$as_me: WARNING: non-block sockets disabled" >&2;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: non-block sockets disabled" >&5 +printf "%s\n" "$as_me: WARNING: non-block sockets disabled" >&2;} fi missing_required_deps=0 if test "${libz_errors}" != ""; then - { $as_echo "$as_me:${as_lineno-$LINENO}: ERROR: ${libz_errors}" >&5 -$as_echo "$as_me: ERROR: ${libz_errors}" >&6;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: ERROR: ${libz_errors}" >&5 +printf "%s\n" "$as_me: ERROR: ${libz_errors}" >&6;} missing_required_deps=1 fi if test "$found_crypto" = "none"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: ERROR: ${crypto_errors}" >&5 -$as_echo "$as_me: ERROR: ${crypto_errors}" >&6;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: ERROR: ${crypto_errors}" >&5 +printf "%s\n" "$as_me: ERROR: ${crypto_errors}" >&6;} missing_required_deps=1 fi @@ -22510,13 +25296,23 @@ if test $missing_required_deps = 1; then as_fn_error $? "Required dependencies are missing!" "$LINENO" 5 fi + if test "x$have_windows_h" = "xyes" && test "x${enable_shared}" = "xyes" && test -n "${RC}"; then + HAVE_WINDRES_TRUE= + HAVE_WINDRES_FALSE='#' +else + HAVE_WINDRES_TRUE='#' + HAVE_WINDRES_FALSE= +fi + + # Configure parameters - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to enable compiler warnings as errors" >&5 -$as_echo_n "checking whether to enable compiler warnings as errors... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether to enable compiler warnings as errors" >&5 +printf %s "checking whether to enable compiler warnings as errors... " >&6; } OPT_COMPILER_WERROR="default" # Check whether --enable-werror was given. -if test "${enable_werror+set}" = set; then : +if test ${enable_werror+y} +then : enableval=$enable_werror; OPT_COMPILER_WERROR=$enableval fi @@ -22531,14 +25327,27 @@ fi want_werror="yes" ;; esac - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $want_werror" >&5 -$as_echo "$want_werror" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $want_werror" >&5 +printf "%s\n" "$want_werror" >&6; } if test X"$want_werror" = Xyes; then CFLAGS="$CFLAGS -Werror" fi +# Append crypto lib +if test "$found_crypto" = "openssl"; then + LIBS="${LIBS} ${LTLIBSSL}" +elif test "$found_crypto" = "wolfssl"; then + LIBS="${LIBS} ${LTLIBWOLFSSL}" +elif test "$found_crypto" = "libgcrypt"; then + LIBS="${LIBS} ${LTLIBGCRYPT}" +elif test "$found_crypto" = "wincng"; then + LIBS="${LIBS} ${LTLIBBCRYPT}" +elif test "$found_crypto" = "mbedtls"; then + LIBS="${LIBS} ${LTLIBMBEDCRYPTO}" +fi + ac_config_files="$ac_config_files Makefile src/Makefile libssh2.pc" cat >confcache <<\_ACEOF @@ -22568,8 +25377,8 @@ _ACEOF case $ac_val in #( *${as_nl}*) case $ac_var in #( - *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 -$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; + *_cv_*) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 +printf "%s\n" "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; esac case $ac_var in #( _ | IFS | as_nl) ;; #( @@ -22599,15 +25408,15 @@ $as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; /^ac_cv_env_/b end t clear :clear - s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/ + s/^\([^=]*\)=\(.*[{}].*\)$/test ${\1+y} || &/ t end s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/ :end' >>confcache if diff "$cache_file" confcache >/dev/null 2>&1; then :; else if test -w "$cache_file"; then if test "x$cache_file" != "x/dev/null"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5 -$as_echo "$as_me: updating cache $cache_file" >&6;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5 +printf "%s\n" "$as_me: updating cache $cache_file" >&6;} if test ! -f "$cache_file" || test -h "$cache_file"; then cat confcache >"$cache_file" else @@ -22621,8 +25430,8 @@ $as_echo "$as_me: updating cache $cache_file" >&6;} fi fi else - { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5 -$as_echo "$as_me: not updating unwritable cache $cache_file" >&6;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5 +printf "%s\n" "$as_me: not updating unwritable cache $cache_file" >&6;} fi fi rm -f confcache @@ -22639,7 +25448,7 @@ U= for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue # 1. Remove the extension, and $U if already installed. ac_script='s/\$U\././;s/\.o$//;s/\.obj$//' - ac_i=`$as_echo "$ac_i" | sed "$ac_script"` + ac_i=`printf "%s\n" "$ac_i" | sed "$ac_script"` # 2. Prepend LIBOBJDIR. When used with automake>=1.10 LIBOBJDIR # will be set to the directory where LIBOBJS objects are built. as_fn_append ac_libobjs " \${LIBOBJDIR}$ac_i\$U.$ac_objext" @@ -22654,14 +25463,14 @@ if test -z "${MAINTAINER_MODE_TRUE}" && test -z "${MAINTAINER_MODE_FALSE}"; then as_fn_error $? "conditional \"MAINTAINER_MODE\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking that generated files are newer than configure" >&5 -$as_echo_n "checking that generated files are newer than configure... " >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking that generated files are newer than configure" >&5 +printf %s "checking that generated files are newer than configure... " >&6; } if test -n "$am_sleep_pid"; then # Hide warnings about reused PIDs. wait $am_sleep_pid 2>/dev/null fi - { $as_echo "$as_me:${as_lineno-$LINENO}: result: done" >&5 -$as_echo "done" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: done" >&5 +printf "%s\n" "done" >&6; } if test -n "$EXEEXT"; then am__EXEEXT_TRUE= am__EXEEXT_FALSE='#' @@ -22686,21 +25495,21 @@ if test -z "${am__fastdepCXX_TRUE}" && test -z "${am__fastdepCXX_FALSE}"; then as_fn_error $? "conditional \"am__fastdepCXX\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi +if test -z "${SSHD_TRUE}" && test -z "${SSHD_FALSE}"; then + as_fn_error $? "conditional \"SSHD\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi -if test -z "${OPENSSL_TRUE}" && test -z "${OPENSSL_FALSE}"; then - as_fn_error $? "conditional \"OPENSSL\" was never defined. +if test -z "${ENABLE_TESTS_TRUE}" && test -z "${ENABLE_TESTS_FALSE}"; then + as_fn_error $? "conditional \"ENABLE_TESTS\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi -if test -z "${LIBGCRYPT_TRUE}" && test -z "${LIBGCRYPT_FALSE}"; then - as_fn_error $? "conditional \"LIBGCRYPT\" was never defined. +if test -z "${RUN_DOCKER_TESTS_TRUE}" && test -z "${RUN_DOCKER_TESTS_FALSE}"; then + as_fn_error $? "conditional \"RUN_DOCKER_TESTS\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi -if test -z "${MBEDTLS_TRUE}" && test -z "${MBEDTLS_FALSE}"; then - as_fn_error $? "conditional \"MBEDTLS\" was never defined. -Usually this means the macro was only invoked conditionally." "$LINENO" 5 -fi -if test -z "${WINCNG_TRUE}" && test -z "${WINCNG_FALSE}"; then - as_fn_error $? "conditional \"WINCNG\" was never defined. +if test -z "${RUN_SSHD_TESTS_TRUE}" && test -z "${RUN_SSHD_TESTS_FALSE}"; then + as_fn_error $? "conditional \"RUN_SSHD_TESTS\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${BUILD_EXAMPLES_TRUE}" && test -z "${BUILD_EXAMPLES_FALSE}"; then @@ -22719,8 +25528,8 @@ if test -z "${USE_OSSFUZZ_STATIC_TRUE}" && test -z "${USE_OSSFUZZ_STATIC_FALSE}" as_fn_error $? "conditional \"USE_OSSFUZZ_STATIC\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi -if test -z "${HAVE_SYS_UN_H_TRUE}" && test -z "${HAVE_SYS_UN_H_FALSE}"; then - as_fn_error $? "conditional \"HAVE_SYS_UN_H\" was never defined. +if test -z "${HAVE_WINDRES_TRUE}" && test -z "${HAVE_WINDRES_FALSE}"; then + as_fn_error $? "conditional \"HAVE_WINDRES\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi @@ -22728,8 +25537,8 @@ fi ac_write_fail=0 ac_clean_files_save=$ac_clean_files ac_clean_files="$ac_clean_files $CONFIG_STATUS" -{ $as_echo "$as_me:${as_lineno-$LINENO}: creating $CONFIG_STATUS" >&5 -$as_echo "$as_me: creating $CONFIG_STATUS" >&6;} +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: creating $CONFIG_STATUS" >&5 +printf "%s\n" "$as_me: creating $CONFIG_STATUS" >&6;} as_write_fail=0 cat >$CONFIG_STATUS <<_ASEOF || as_write_fail=1 #! $SHELL @@ -22752,14 +25561,16 @@ cat >>$CONFIG_STATUS <<\_ASEOF || as_write_fail=1 # Be more Bourne compatible DUALCASE=1; export DUALCASE # for MKS sh -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : +as_nop=: +if test ${ZSH_VERSION+y} && (emulate sh) >/dev/null 2>&1 +then : emulate sh NULLCMD=: # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST -else +else $as_nop case `(set -o) 2>/dev/null` in #( *posix*) : set -o posix ;; #( @@ -22769,46 +25580,46 @@ esac fi + +# Reset variables that may have inherited troublesome values from +# the environment. + +# IFS needs to be set, to space, tab, and newline, in precisely that order. +# (If _AS_PATH_WALK were called with IFS unset, it would have the +# side effect of setting IFS to empty, thus disabling word splitting.) +# Quoting is to prevent editors from complaining about space-tab. as_nl=' ' export as_nl -# Printing a long string crashes Solaris 7 /usr/bin/printf. -as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' -as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo -as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo -# Prefer a ksh shell builtin over an external printf program on Solaris, -# but without wasting forks for bash or zsh. -if test -z "$BASH_VERSION$ZSH_VERSION" \ - && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then - as_echo='print -r --' - as_echo_n='print -rn --' -elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then - as_echo='printf %s\n' - as_echo_n='printf %s' -else - if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then - as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' - as_echo_n='/usr/ucb/echo -n' - else - as_echo_body='eval expr "X$1" : "X\\(.*\\)"' - as_echo_n_body='eval - arg=$1; - case $arg in #( - *"$as_nl"*) - expr "X$arg" : "X\\(.*\\)$as_nl"; - arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; - esac; - expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" - ' - export as_echo_n_body - as_echo_n='sh -c $as_echo_n_body as_echo' - fi - export as_echo_body - as_echo='sh -c $as_echo_body as_echo' -fi +IFS=" "" $as_nl" + +PS1='$ ' +PS2='> ' +PS4='+ ' + +# Ensure predictable behavior from utilities with locale-dependent output. +LC_ALL=C +export LC_ALL +LANGUAGE=C +export LANGUAGE + +# We cannot yet rely on "unset" to work, but we need these variables +# to be unset--not just set to an empty or harmless value--now, to +# avoid bugs in old shells (e.g. pre-3.0 UWIN ksh). This construct +# also avoids known problems related to "unset" and subshell syntax +# in other old shells (e.g. bash 2.01 and pdksh 5.2.14). +for as_var in BASH_ENV ENV MAIL MAILPATH CDPATH +do eval test \${$as_var+y} \ + && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : +done + +# Ensure that fds 0, 1, and 2 are open. +if (exec 3>&0) 2>/dev/null; then :; else exec 0&1) 2>/dev/null; then :; else exec 1>/dev/null; fi +if (exec 3>&2) ; then :; else exec 2>/dev/null; fi # The user is always right. -if test "${PATH_SEPARATOR+set}" != set; then +if ${PATH_SEPARATOR+false} :; then PATH_SEPARATOR=: (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || @@ -22817,13 +25628,6 @@ if test "${PATH_SEPARATOR+set}" != set; then fi -# IFS -# We need space, tab and new line, in precisely that order. Quoting is -# there to prevent editors from complaining about space-tab. -# (If _AS_PATH_WALK were called with IFS unset, it would disable word -# splitting by setting IFS to empty value.) -IFS=" "" $as_nl" - # Find who we are. Look in the path if we contain no directory separator. as_myself= case $0 in #(( @@ -22832,8 +25636,12 @@ case $0 in #(( for as_dir in $PATH do IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + test -r "$as_dir$0" && as_myself=$as_dir$0 && break done IFS=$as_save_IFS @@ -22845,30 +25653,10 @@ if test "x$as_myself" = x; then as_myself=$0 fi if test ! -f "$as_myself"; then - $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 + printf "%s\n" "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 exit 1 fi -# Unset variables that we do not need and which cause bugs (e.g. in -# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" -# suppresses any "Segmentation fault" message there. '((' could -# trigger a bug in pdksh 5.2.14. -for as_var in BASH_ENV ENV MAIL MAILPATH -do eval test x\${$as_var+set} = xset \ - && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : -done -PS1='$ ' -PS2='> ' -PS4='+ ' - -# NLS nuisances. -LC_ALL=C -export LC_ALL -LANGUAGE=C -export LANGUAGE - -# CDPATH. -(unset CDPATH) >/dev/null 2>&1 && unset CDPATH # as_fn_error STATUS ERROR [LINENO LOG_FD] @@ -22881,13 +25669,14 @@ as_fn_error () as_status=$1; test $as_status -eq 0 && as_status=1 if test "$4"; then as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 + printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 fi - $as_echo "$as_me: error: $2" >&2 + printf "%s\n" "$as_me: error: $2" >&2 as_fn_exit $as_status } # as_fn_error + # as_fn_set_status STATUS # ----------------------- # Set $? to STATUS, without forking. @@ -22914,18 +25703,20 @@ as_fn_unset () { eval $1=; unset $1;} } as_unset=as_fn_unset + # as_fn_append VAR VALUE # ---------------------- # Append the text in VALUE to the end of the definition contained in VAR. Take # advantage of any shell optimizations that allow amortized linear growth over # repeated appends, instead of the typical quadratic growth present in naive # implementations. -if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : +if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null +then : eval 'as_fn_append () { eval $1+=\$2 }' -else +else $as_nop as_fn_append () { eval $1=\$$1\$2 @@ -22937,12 +25728,13 @@ fi # as_fn_append # Perform arithmetic evaluation on the ARGs, and store the result in the # global $as_val. Take advantage of shells that can avoid forks. The arguments # must be portable across $(()) and expr. -if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : +if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null +then : eval 'as_fn_arith () { as_val=$(( $* )) }' -else +else $as_nop as_fn_arith () { as_val=`expr "$@" || test $? -eq 1` @@ -22973,7 +25765,7 @@ as_me=`$as_basename -- "$0" || $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ X"$0" : 'X\(//\)$' \| \ X"$0" : 'X\(/\)' \| . 2>/dev/null || -$as_echo X/"$0" | +printf "%s\n" X/"$0" | sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/ q @@ -22995,6 +25787,10 @@ as_cr_Letters=$as_cr_letters$as_cr_LETTERS as_cr_digits='0123456789' as_cr_alnum=$as_cr_Letters$as_cr_digits + +# Determine whether it's possible to make 'echo' print without a newline. +# These variables are no longer used directly by Autoconf, but are AC_SUBSTed +# for compatibility with existing Makefiles. ECHO_C= ECHO_N= ECHO_T= case `echo -n x` in #((((( -n*) @@ -23008,6 +25804,12 @@ case `echo -n x` in #((((( ECHO_N='-n';; esac +# For backward compatibility with old third-party macros, we provide +# the shell variables $as_echo and $as_echo_n. New code should use +# AS_ECHO(["message"]) and AS_ECHO_N(["message"]), respectively. +as_echo='printf %s\n' +as_echo_n='printf %s' + rm -f conf$$ conf$$.exe conf$$.file if test -d conf$$.dir; then rm -f conf$$.dir/conf$$.file @@ -23049,7 +25851,7 @@ as_fn_mkdir_p () as_dirs= while :; do case $as_dir in #( - *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( + *\'*) as_qdir=`printf "%s\n" "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( *) as_qdir=$as_dir;; esac as_dirs="'$as_qdir' $as_dirs" @@ -23058,7 +25860,7 @@ $as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$as_dir" : 'X\(//\)[^/]' \| \ X"$as_dir" : 'X\(//\)$' \| \ X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || -$as_echo X"$as_dir" | +printf "%s\n" X"$as_dir" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q @@ -23121,7 +25923,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # values after options handling. ac_log=" This file was extended by libssh2 $as_me -, which was -generated by GNU Autoconf 2.69. Invocation command line was +generated by GNU Autoconf 2.71. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS @@ -23180,17 +25982,19 @@ $config_headers Configuration commands: $config_commands -Report bugs to ." +Report bugs to ." _ACEOF +ac_cs_config=`printf "%s\n" "$ac_configure_args" | sed "$ac_safe_unquote"` +ac_cs_config_escaped=`printf "%s\n" "$ac_cs_config" | sed "s/^ //; s/'/'\\\\\\\\''/g"` cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 -ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" +ac_cs_config='$ac_cs_config_escaped' ac_cs_version="\\ libssh2 config.status - -configured by $0, generated by GNU Autoconf 2.69, +configured by $0, generated by GNU Autoconf 2.71, with options \\"\$ac_cs_config\\" -Copyright (C) 2012 Free Software Foundation, Inc. +Copyright (C) 2021 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it." @@ -23230,15 +26034,15 @@ do -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) ac_cs_recheck=: ;; --version | --versio | --versi | --vers | --ver | --ve | --v | -V ) - $as_echo "$ac_cs_version"; exit ;; + printf "%s\n" "$ac_cs_version"; exit ;; --config | --confi | --conf | --con | --co | --c ) - $as_echo "$ac_cs_config"; exit ;; + printf "%s\n" "$ac_cs_config"; exit ;; --debug | --debu | --deb | --de | --d | -d ) debug=: ;; --file | --fil | --fi | --f ) $ac_shift case $ac_optarg in - *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; + *\'*) ac_optarg=`printf "%s\n" "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; '') as_fn_error $? "missing file argument" ;; esac as_fn_append CONFIG_FILES " '$ac_optarg'" @@ -23246,7 +26050,7 @@ do --header | --heade | --head | --hea ) $ac_shift case $ac_optarg in - *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; + *\'*) ac_optarg=`printf "%s\n" "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; esac as_fn_append CONFIG_HEADERS " '$ac_optarg'" ac_need_defaults=false;; @@ -23255,7 +26059,7 @@ do as_fn_error $? "ambiguous option: \`$1' Try \`$0 --help' for more information.";; --help | --hel | -h ) - $as_echo "$ac_cs_usage"; exit ;; + printf "%s\n" "$ac_cs_usage"; exit ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil | --si | --s) ac_cs_silent=: ;; @@ -23283,7 +26087,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 if \$ac_cs_recheck; then set X $SHELL '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion shift - \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6 + \printf "%s\n" "running CONFIG_SHELL=$SHELL \$*" >&6 CONFIG_SHELL='$SHELL' export CONFIG_SHELL exec "\$@" @@ -23297,7 +26101,7 @@ exec 5>>config.log sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX ## Running $as_me. ## _ASBOX - $as_echo "$ac_log" + printf "%s\n" "$ac_log" } >&5 _ACEOF @@ -23315,11 +26119,11 @@ AMDEP_TRUE="$AMDEP_TRUE" MAKE="${MAKE-make}" sed_quote_subst='$sed_quote_subst' double_quote_subst='$double_quote_subst' delay_variable_subst='$delay_variable_subst' +macro_version='`$ECHO "$macro_version" | $SED "$delay_single_quote_subst"`' +macro_revision='`$ECHO "$macro_revision" | $SED "$delay_single_quote_subst"`' AS='`$ECHO "$AS" | $SED "$delay_single_quote_subst"`' DLLTOOL='`$ECHO "$DLLTOOL" | $SED "$delay_single_quote_subst"`' OBJDUMP='`$ECHO "$OBJDUMP" | $SED "$delay_single_quote_subst"`' -macro_version='`$ECHO "$macro_version" | $SED "$delay_single_quote_subst"`' -macro_revision='`$ECHO "$macro_revision" | $SED "$delay_single_quote_subst"`' enable_shared='`$ECHO "$enable_shared" | $SED "$delay_single_quote_subst"`' enable_static='`$ECHO "$enable_static" | $SED "$delay_single_quote_subst"`' pic_mode='`$ECHO "$pic_mode" | $SED "$delay_single_quote_subst"`' @@ -23352,12 +26156,14 @@ lt_cv_to_host_file_cmd='`$ECHO "$lt_cv_to_host_file_cmd" | $SED "$delay_single_q lt_cv_to_tool_file_cmd='`$ECHO "$lt_cv_to_tool_file_cmd" | $SED "$delay_single_quote_subst"`' reload_flag='`$ECHO "$reload_flag" | $SED "$delay_single_quote_subst"`' reload_cmds='`$ECHO "$reload_cmds" | $SED "$delay_single_quote_subst"`' +FILECMD='`$ECHO "$FILECMD" | $SED "$delay_single_quote_subst"`' deplibs_check_method='`$ECHO "$deplibs_check_method" | $SED "$delay_single_quote_subst"`' file_magic_cmd='`$ECHO "$file_magic_cmd" | $SED "$delay_single_quote_subst"`' file_magic_glob='`$ECHO "$file_magic_glob" | $SED "$delay_single_quote_subst"`' want_nocaseglob='`$ECHO "$want_nocaseglob" | $SED "$delay_single_quote_subst"`' sharedlib_from_linklib_cmd='`$ECHO "$sharedlib_from_linklib_cmd" | $SED "$delay_single_quote_subst"`' AR='`$ECHO "$AR" | $SED "$delay_single_quote_subst"`' +lt_ar_flags='`$ECHO "$lt_ar_flags" | $SED "$delay_single_quote_subst"`' AR_FLAGS='`$ECHO "$AR_FLAGS" | $SED "$delay_single_quote_subst"`' archiver_list_spec='`$ECHO "$archiver_list_spec" | $SED "$delay_single_quote_subst"`' STRIP='`$ECHO "$STRIP" | $SED "$delay_single_quote_subst"`' @@ -23458,53 +26264,101 @@ predeps='`$ECHO "$predeps" | $SED "$delay_single_quote_subst"`' postdeps='`$ECHO "$postdeps" | $SED "$delay_single_quote_subst"`' compiler_lib_search_path='`$ECHO "$compiler_lib_search_path" | $SED "$delay_single_quote_subst"`' LD_CXX='`$ECHO "$LD_CXX" | $SED "$delay_single_quote_subst"`' +LD_RC='`$ECHO "$LD_RC" | $SED "$delay_single_quote_subst"`' reload_flag_CXX='`$ECHO "$reload_flag_CXX" | $SED "$delay_single_quote_subst"`' +reload_flag_RC='`$ECHO "$reload_flag_RC" | $SED "$delay_single_quote_subst"`' reload_cmds_CXX='`$ECHO "$reload_cmds_CXX" | $SED "$delay_single_quote_subst"`' +reload_cmds_RC='`$ECHO "$reload_cmds_RC" | $SED "$delay_single_quote_subst"`' old_archive_cmds_CXX='`$ECHO "$old_archive_cmds_CXX" | $SED "$delay_single_quote_subst"`' +old_archive_cmds_RC='`$ECHO "$old_archive_cmds_RC" | $SED "$delay_single_quote_subst"`' compiler_CXX='`$ECHO "$compiler_CXX" | $SED "$delay_single_quote_subst"`' +compiler_RC='`$ECHO "$compiler_RC" | $SED "$delay_single_quote_subst"`' GCC_CXX='`$ECHO "$GCC_CXX" | $SED "$delay_single_quote_subst"`' +GCC_RC='`$ECHO "$GCC_RC" | $SED "$delay_single_quote_subst"`' lt_prog_compiler_no_builtin_flag_CXX='`$ECHO "$lt_prog_compiler_no_builtin_flag_CXX" | $SED "$delay_single_quote_subst"`' +lt_prog_compiler_no_builtin_flag_RC='`$ECHO "$lt_prog_compiler_no_builtin_flag_RC" | $SED "$delay_single_quote_subst"`' lt_prog_compiler_pic_CXX='`$ECHO "$lt_prog_compiler_pic_CXX" | $SED "$delay_single_quote_subst"`' +lt_prog_compiler_pic_RC='`$ECHO "$lt_prog_compiler_pic_RC" | $SED "$delay_single_quote_subst"`' lt_prog_compiler_wl_CXX='`$ECHO "$lt_prog_compiler_wl_CXX" | $SED "$delay_single_quote_subst"`' +lt_prog_compiler_wl_RC='`$ECHO "$lt_prog_compiler_wl_RC" | $SED "$delay_single_quote_subst"`' lt_prog_compiler_static_CXX='`$ECHO "$lt_prog_compiler_static_CXX" | $SED "$delay_single_quote_subst"`' +lt_prog_compiler_static_RC='`$ECHO "$lt_prog_compiler_static_RC" | $SED "$delay_single_quote_subst"`' lt_cv_prog_compiler_c_o_CXX='`$ECHO "$lt_cv_prog_compiler_c_o_CXX" | $SED "$delay_single_quote_subst"`' +lt_cv_prog_compiler_c_o_RC='`$ECHO "$lt_cv_prog_compiler_c_o_RC" | $SED "$delay_single_quote_subst"`' archive_cmds_need_lc_CXX='`$ECHO "$archive_cmds_need_lc_CXX" | $SED "$delay_single_quote_subst"`' +archive_cmds_need_lc_RC='`$ECHO "$archive_cmds_need_lc_RC" | $SED "$delay_single_quote_subst"`' enable_shared_with_static_runtimes_CXX='`$ECHO "$enable_shared_with_static_runtimes_CXX" | $SED "$delay_single_quote_subst"`' +enable_shared_with_static_runtimes_RC='`$ECHO "$enable_shared_with_static_runtimes_RC" | $SED "$delay_single_quote_subst"`' export_dynamic_flag_spec_CXX='`$ECHO "$export_dynamic_flag_spec_CXX" | $SED "$delay_single_quote_subst"`' +export_dynamic_flag_spec_RC='`$ECHO "$export_dynamic_flag_spec_RC" | $SED "$delay_single_quote_subst"`' whole_archive_flag_spec_CXX='`$ECHO "$whole_archive_flag_spec_CXX" | $SED "$delay_single_quote_subst"`' +whole_archive_flag_spec_RC='`$ECHO "$whole_archive_flag_spec_RC" | $SED "$delay_single_quote_subst"`' compiler_needs_object_CXX='`$ECHO "$compiler_needs_object_CXX" | $SED "$delay_single_quote_subst"`' +compiler_needs_object_RC='`$ECHO "$compiler_needs_object_RC" | $SED "$delay_single_quote_subst"`' old_archive_from_new_cmds_CXX='`$ECHO "$old_archive_from_new_cmds_CXX" | $SED "$delay_single_quote_subst"`' +old_archive_from_new_cmds_RC='`$ECHO "$old_archive_from_new_cmds_RC" | $SED "$delay_single_quote_subst"`' old_archive_from_expsyms_cmds_CXX='`$ECHO "$old_archive_from_expsyms_cmds_CXX" | $SED "$delay_single_quote_subst"`' +old_archive_from_expsyms_cmds_RC='`$ECHO "$old_archive_from_expsyms_cmds_RC" | $SED "$delay_single_quote_subst"`' archive_cmds_CXX='`$ECHO "$archive_cmds_CXX" | $SED "$delay_single_quote_subst"`' +archive_cmds_RC='`$ECHO "$archive_cmds_RC" | $SED "$delay_single_quote_subst"`' archive_expsym_cmds_CXX='`$ECHO "$archive_expsym_cmds_CXX" | $SED "$delay_single_quote_subst"`' +archive_expsym_cmds_RC='`$ECHO "$archive_expsym_cmds_RC" | $SED "$delay_single_quote_subst"`' module_cmds_CXX='`$ECHO "$module_cmds_CXX" | $SED "$delay_single_quote_subst"`' +module_cmds_RC='`$ECHO "$module_cmds_RC" | $SED "$delay_single_quote_subst"`' module_expsym_cmds_CXX='`$ECHO "$module_expsym_cmds_CXX" | $SED "$delay_single_quote_subst"`' +module_expsym_cmds_RC='`$ECHO "$module_expsym_cmds_RC" | $SED "$delay_single_quote_subst"`' with_gnu_ld_CXX='`$ECHO "$with_gnu_ld_CXX" | $SED "$delay_single_quote_subst"`' +with_gnu_ld_RC='`$ECHO "$with_gnu_ld_RC" | $SED "$delay_single_quote_subst"`' allow_undefined_flag_CXX='`$ECHO "$allow_undefined_flag_CXX" | $SED "$delay_single_quote_subst"`' +allow_undefined_flag_RC='`$ECHO "$allow_undefined_flag_RC" | $SED "$delay_single_quote_subst"`' no_undefined_flag_CXX='`$ECHO "$no_undefined_flag_CXX" | $SED "$delay_single_quote_subst"`' +no_undefined_flag_RC='`$ECHO "$no_undefined_flag_RC" | $SED "$delay_single_quote_subst"`' hardcode_libdir_flag_spec_CXX='`$ECHO "$hardcode_libdir_flag_spec_CXX" | $SED "$delay_single_quote_subst"`' +hardcode_libdir_flag_spec_RC='`$ECHO "$hardcode_libdir_flag_spec_RC" | $SED "$delay_single_quote_subst"`' hardcode_libdir_separator_CXX='`$ECHO "$hardcode_libdir_separator_CXX" | $SED "$delay_single_quote_subst"`' +hardcode_libdir_separator_RC='`$ECHO "$hardcode_libdir_separator_RC" | $SED "$delay_single_quote_subst"`' hardcode_direct_CXX='`$ECHO "$hardcode_direct_CXX" | $SED "$delay_single_quote_subst"`' +hardcode_direct_RC='`$ECHO "$hardcode_direct_RC" | $SED "$delay_single_quote_subst"`' hardcode_direct_absolute_CXX='`$ECHO "$hardcode_direct_absolute_CXX" | $SED "$delay_single_quote_subst"`' +hardcode_direct_absolute_RC='`$ECHO "$hardcode_direct_absolute_RC" | $SED "$delay_single_quote_subst"`' hardcode_minus_L_CXX='`$ECHO "$hardcode_minus_L_CXX" | $SED "$delay_single_quote_subst"`' +hardcode_minus_L_RC='`$ECHO "$hardcode_minus_L_RC" | $SED "$delay_single_quote_subst"`' hardcode_shlibpath_var_CXX='`$ECHO "$hardcode_shlibpath_var_CXX" | $SED "$delay_single_quote_subst"`' +hardcode_shlibpath_var_RC='`$ECHO "$hardcode_shlibpath_var_RC" | $SED "$delay_single_quote_subst"`' hardcode_automatic_CXX='`$ECHO "$hardcode_automatic_CXX" | $SED "$delay_single_quote_subst"`' +hardcode_automatic_RC='`$ECHO "$hardcode_automatic_RC" | $SED "$delay_single_quote_subst"`' inherit_rpath_CXX='`$ECHO "$inherit_rpath_CXX" | $SED "$delay_single_quote_subst"`' +inherit_rpath_RC='`$ECHO "$inherit_rpath_RC" | $SED "$delay_single_quote_subst"`' link_all_deplibs_CXX='`$ECHO "$link_all_deplibs_CXX" | $SED "$delay_single_quote_subst"`' +link_all_deplibs_RC='`$ECHO "$link_all_deplibs_RC" | $SED "$delay_single_quote_subst"`' always_export_symbols_CXX='`$ECHO "$always_export_symbols_CXX" | $SED "$delay_single_quote_subst"`' +always_export_symbols_RC='`$ECHO "$always_export_symbols_RC" | $SED "$delay_single_quote_subst"`' export_symbols_cmds_CXX='`$ECHO "$export_symbols_cmds_CXX" | $SED "$delay_single_quote_subst"`' +export_symbols_cmds_RC='`$ECHO "$export_symbols_cmds_RC" | $SED "$delay_single_quote_subst"`' exclude_expsyms_CXX='`$ECHO "$exclude_expsyms_CXX" | $SED "$delay_single_quote_subst"`' +exclude_expsyms_RC='`$ECHO "$exclude_expsyms_RC" | $SED "$delay_single_quote_subst"`' include_expsyms_CXX='`$ECHO "$include_expsyms_CXX" | $SED "$delay_single_quote_subst"`' +include_expsyms_RC='`$ECHO "$include_expsyms_RC" | $SED "$delay_single_quote_subst"`' prelink_cmds_CXX='`$ECHO "$prelink_cmds_CXX" | $SED "$delay_single_quote_subst"`' +prelink_cmds_RC='`$ECHO "$prelink_cmds_RC" | $SED "$delay_single_quote_subst"`' postlink_cmds_CXX='`$ECHO "$postlink_cmds_CXX" | $SED "$delay_single_quote_subst"`' +postlink_cmds_RC='`$ECHO "$postlink_cmds_RC" | $SED "$delay_single_quote_subst"`' file_list_spec_CXX='`$ECHO "$file_list_spec_CXX" | $SED "$delay_single_quote_subst"`' +file_list_spec_RC='`$ECHO "$file_list_spec_RC" | $SED "$delay_single_quote_subst"`' hardcode_action_CXX='`$ECHO "$hardcode_action_CXX" | $SED "$delay_single_quote_subst"`' +hardcode_action_RC='`$ECHO "$hardcode_action_RC" | $SED "$delay_single_quote_subst"`' compiler_lib_search_dirs_CXX='`$ECHO "$compiler_lib_search_dirs_CXX" | $SED "$delay_single_quote_subst"`' +compiler_lib_search_dirs_RC='`$ECHO "$compiler_lib_search_dirs_RC" | $SED "$delay_single_quote_subst"`' predep_objects_CXX='`$ECHO "$predep_objects_CXX" | $SED "$delay_single_quote_subst"`' +predep_objects_RC='`$ECHO "$predep_objects_RC" | $SED "$delay_single_quote_subst"`' postdep_objects_CXX='`$ECHO "$postdep_objects_CXX" | $SED "$delay_single_quote_subst"`' +postdep_objects_RC='`$ECHO "$postdep_objects_RC" | $SED "$delay_single_quote_subst"`' predeps_CXX='`$ECHO "$predeps_CXX" | $SED "$delay_single_quote_subst"`' +predeps_RC='`$ECHO "$predeps_RC" | $SED "$delay_single_quote_subst"`' postdeps_CXX='`$ECHO "$postdeps_CXX" | $SED "$delay_single_quote_subst"`' +postdeps_RC='`$ECHO "$postdeps_RC" | $SED "$delay_single_quote_subst"`' compiler_lib_search_path_CXX='`$ECHO "$compiler_lib_search_path_CXX" | $SED "$delay_single_quote_subst"`' +compiler_lib_search_path_RC='`$ECHO "$compiler_lib_search_path_RC" | $SED "$delay_single_quote_subst"`' LTCC='$LTCC' LTCFLAGS='$LTCFLAGS' @@ -23535,13 +26389,13 @@ LN_S \ lt_SP2NL \ lt_NL2SP \ reload_flag \ +FILECMD \ deplibs_check_method \ file_magic_cmd \ file_magic_glob \ want_nocaseglob \ sharedlib_from_linklib_cmd \ AR \ -AR_FLAGS \ archiver_list_spec \ STRIP \ RANLIB \ @@ -23595,30 +26449,55 @@ predeps \ postdeps \ compiler_lib_search_path \ LD_CXX \ +LD_RC \ reload_flag_CXX \ +reload_flag_RC \ compiler_CXX \ +compiler_RC \ lt_prog_compiler_no_builtin_flag_CXX \ +lt_prog_compiler_no_builtin_flag_RC \ lt_prog_compiler_pic_CXX \ +lt_prog_compiler_pic_RC \ lt_prog_compiler_wl_CXX \ +lt_prog_compiler_wl_RC \ lt_prog_compiler_static_CXX \ +lt_prog_compiler_static_RC \ lt_cv_prog_compiler_c_o_CXX \ +lt_cv_prog_compiler_c_o_RC \ export_dynamic_flag_spec_CXX \ +export_dynamic_flag_spec_RC \ whole_archive_flag_spec_CXX \ +whole_archive_flag_spec_RC \ compiler_needs_object_CXX \ +compiler_needs_object_RC \ with_gnu_ld_CXX \ +with_gnu_ld_RC \ allow_undefined_flag_CXX \ +allow_undefined_flag_RC \ no_undefined_flag_CXX \ +no_undefined_flag_RC \ hardcode_libdir_flag_spec_CXX \ +hardcode_libdir_flag_spec_RC \ hardcode_libdir_separator_CXX \ +hardcode_libdir_separator_RC \ exclude_expsyms_CXX \ +exclude_expsyms_RC \ include_expsyms_CXX \ +include_expsyms_RC \ file_list_spec_CXX \ +file_list_spec_RC \ compiler_lib_search_dirs_CXX \ +compiler_lib_search_dirs_RC \ predep_objects_CXX \ +predep_objects_RC \ postdep_objects_CXX \ +postdep_objects_RC \ predeps_CXX \ +predeps_RC \ postdeps_CXX \ -compiler_lib_search_path_CXX; do +postdeps_RC \ +compiler_lib_search_path_CXX \ +compiler_lib_search_path_RC; do case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in *[\\\\\\\`\\"\\\$]*) eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED \\"\\\$sed_quote_subst\\"\\\`\\\\\\"" ## exclude from sc_prohibit_nested_quotes @@ -23651,16 +26530,27 @@ sys_lib_search_path_spec \ configure_time_dlsearch_path \ configure_time_lt_sys_library_path \ reload_cmds_CXX \ +reload_cmds_RC \ old_archive_cmds_CXX \ +old_archive_cmds_RC \ old_archive_from_new_cmds_CXX \ +old_archive_from_new_cmds_RC \ old_archive_from_expsyms_cmds_CXX \ +old_archive_from_expsyms_cmds_RC \ archive_cmds_CXX \ +archive_cmds_RC \ archive_expsym_cmds_CXX \ +archive_expsym_cmds_RC \ module_cmds_CXX \ +module_cmds_RC \ module_expsym_cmds_CXX \ +module_expsym_cmds_RC \ export_symbols_cmds_CXX \ +export_symbols_cmds_RC \ prelink_cmds_CXX \ -postlink_cmds_CXX; do +prelink_cmds_RC \ +postlink_cmds_CXX \ +postlink_cmds_RC; do case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in *[\\\\\\\`\\"\\\$]*) eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED -e \\"\\\$double_quote_subst\\" -e \\"\\\$sed_quote_subst\\" -e \\"\\\$delay_variable_subst\\"\\\`\\\\\\"" ## exclude from sc_prohibit_nested_quotes @@ -23690,6 +26580,8 @@ fi + + _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 @@ -23715,9 +26607,9 @@ done # We use the long form for the default assignment because of an extremely # bizarre bug on SunOS 4.1.3. if $ac_need_defaults; then - test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files - test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers - test "${CONFIG_COMMANDS+set}" = set || CONFIG_COMMANDS=$config_commands + test ${CONFIG_FILES+y} || CONFIG_FILES=$config_files + test ${CONFIG_HEADERS+y} || CONFIG_HEADERS=$config_headers + test ${CONFIG_COMMANDS+y} || CONFIG_COMMANDS=$config_commands fi # Have a temporary directory for convenience. Make it in the build tree @@ -24053,7 +26945,7 @@ do esac || as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5;; esac - case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac + case $ac_f in *\'*) ac_f=`printf "%s\n" "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac as_fn_append ac_file_inputs " '$ac_f'" done @@ -24061,17 +26953,17 @@ do # use $as_me), people would be surprised to read: # /* config.h. Generated by config.status. */ configure_input='Generated from '` - $as_echo "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g' + printf "%s\n" "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g' `' by configure.' if test x"$ac_file" != x-; then configure_input="$ac_file. $configure_input" - { $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_file" >&5 -$as_echo "$as_me: creating $ac_file" >&6;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: creating $ac_file" >&5 +printf "%s\n" "$as_me: creating $ac_file" >&6;} fi # Neutralize special characters interpreted by sed in replacement strings. case $configure_input in #( *\&* | *\|* | *\\* ) - ac_sed_conf_input=`$as_echo "$configure_input" | + ac_sed_conf_input=`printf "%s\n" "$configure_input" | sed 's/[\\\\&|]/\\\\&/g'`;; #( *) ac_sed_conf_input=$configure_input;; esac @@ -24088,7 +26980,7 @@ $as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$ac_file" : 'X\(//\)[^/]' \| \ X"$ac_file" : 'X\(//\)$' \| \ X"$ac_file" : 'X\(/\)' \| . 2>/dev/null || -$as_echo X"$ac_file" | +printf "%s\n" X"$ac_file" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q @@ -24112,9 +27004,9 @@ $as_echo X"$ac_file" | case "$ac_dir" in .) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; *) - ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` + ac_dir_suffix=/`printf "%s\n" "$ac_dir" | sed 's|^\.[\\/]||'` # A ".." for each directory in $ac_dir_suffix. - ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` + ac_top_builddir_sub=`printf "%s\n" "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` case $ac_top_builddir_sub in "") ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; @@ -24176,8 +27068,8 @@ ac_sed_dataroot=' case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in *datarootdir*) ac_datarootdir_seen=yes;; *@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*) - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5 -$as_echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5 +printf "%s\n" "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;} _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_datarootdir_hack=' @@ -24221,9 +27113,9 @@ test -z "$ac_datarootdir_hack$ac_datarootdir_seen" && { ac_out=`sed -n '/\${datarootdir}/p' "$ac_tmp/out"`; test -n "$ac_out"; } && { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' \ "$ac_tmp/out"`; test -z "$ac_out"; } && - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir' + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir' which seems to be undefined. Please make sure it is defined" >&5 -$as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir' +printf "%s\n" "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir' which seems to be undefined. Please make sure it is defined" >&2;} rm -f "$ac_tmp/stdin" @@ -24239,20 +27131,20 @@ which seems to be undefined. Please make sure it is defined" >&2;} # if test x"$ac_file" != x-; then { - $as_echo "/* $configure_input */" \ + printf "%s\n" "/* $configure_input */" >&1 \ && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" } >"$ac_tmp/config.h" \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 if diff "$ac_file" "$ac_tmp/config.h" >/dev/null 2>&1; then - { $as_echo "$as_me:${as_lineno-$LINENO}: $ac_file is unchanged" >&5 -$as_echo "$as_me: $ac_file is unchanged" >&6;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: $ac_file is unchanged" >&5 +printf "%s\n" "$as_me: $ac_file is unchanged" >&6;} else rm -f "$ac_file" mv "$ac_tmp/config.h" "$ac_file" \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 fi else - $as_echo "/* $configure_input */" \ + printf "%s\n" "/* $configure_input */" >&1 \ && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" \ || as_fn_error $? "could not create -" "$LINENO" 5 fi @@ -24272,7 +27164,7 @@ $as_expr X"$_am_arg" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$_am_arg" : 'X\(//\)[^/]' \| \ X"$_am_arg" : 'X\(//\)$' \| \ X"$_am_arg" : 'X\(/\)' \| . 2>/dev/null || -$as_echo X"$_am_arg" | +printf "%s\n" X"$_am_arg" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q @@ -24292,8 +27184,8 @@ $as_echo X"$_am_arg" | s/.*/./; q'`/stamp-h$_am_stamp_count ;; - :C) { $as_echo "$as_me:${as_lineno-$LINENO}: executing $ac_file commands" >&5 -$as_echo "$as_me: executing $ac_file commands" >&6;} + :C) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: executing $ac_file commands" >&5 +printf "%s\n" "$as_me: executing $ac_file commands" >&6;} ;; esac @@ -24319,7 +27211,7 @@ esac for am_mf do # Strip MF so we end up with the name of the file. - am_mf=`$as_echo "$am_mf" | sed -e 's/:.*$//'` + am_mf=`printf "%s\n" "$am_mf" | sed -e 's/:.*$//'` # Check whether this is an Automake generated Makefile which includes # dependency-tracking related rules and includes. # Grep'ing the whole file directly is not great: AIX grep has a line @@ -24331,7 +27223,7 @@ $as_expr X"$am_mf" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$am_mf" : 'X\(//\)[^/]' \| \ X"$am_mf" : 'X\(//\)$' \| \ X"$am_mf" : 'X\(/\)' \| . 2>/dev/null || -$as_echo X"$am_mf" | +printf "%s\n" X"$am_mf" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q @@ -24353,7 +27245,7 @@ $as_echo X"$am_mf" | $as_expr X/"$am_mf" : '.*/\([^/][^/]*\)/*$' \| \ X"$am_mf" : 'X\(//\)$' \| \ X"$am_mf" : 'X\(/\)' \| . 2>/dev/null || -$as_echo X/"$am_mf" | +printf "%s\n" X/"$am_mf" | sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/ q @@ -24378,8 +27270,8 @@ $as_echo X/"$am_mf" | (exit $ac_status); } || am_rc=$? done if test $am_rc -ne 0; then - { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} + { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "Something went wrong bootstrapping makefile fragments for automatic dependency tracking. If GNU make was not used, consider re-running the configure script with MAKE=\"gmake\" (or whatever is @@ -24439,13 +27331,17 @@ See \`config.log' for more details" "$LINENO" 5; } # The names of the tagged configurations supported by this script. -available_tags='CXX ' +available_tags='CXX RC ' # Configured defaults for sys_lib_dlsearch_path munging. : \${LT_SYS_LIBRARY_PATH="$configure_time_lt_sys_library_path"} # ### BEGIN LIBTOOL CONFIG +# Which release of libtool.m4 was used? +macro_version=$macro_version +macro_revision=$macro_revision + # Assembler program. AS=$lt_AS @@ -24455,10 +27351,6 @@ DLLTOOL=$lt_DLLTOOL # Object dumper program. OBJDUMP=$lt_OBJDUMP -# Which release of libtool.m4 was used? -macro_version=$macro_version -macro_revision=$macro_revision - # Whether or not to build shared libraries. build_libtool_libs=$enable_shared @@ -24538,6 +27430,9 @@ to_host_file_cmd=$lt_cv_to_host_file_cmd # convert \$build files to toolchain format. to_tool_file_cmd=$lt_cv_to_tool_file_cmd +# A file(cmd) program that detects file types. +FILECMD=$lt_FILECMD + # Method to check whether dependent libraries are shared objects. deplibs_check_method=$lt_deplibs_check_method @@ -24556,8 +27451,11 @@ sharedlib_from_linklib_cmd=$lt_sharedlib_from_linklib_cmd # The archiver. AR=$lt_AR +# Flags to create an archive (by configure). +lt_ar_flags=$lt_ar_flags + # Flags to create an archive. -AR_FLAGS=$lt_AR_FLAGS +AR_FLAGS=\${ARFLAGS-"\$lt_ar_flags"} # How to feed a file listing to the archiver. archiver_list_spec=$lt_archiver_list_spec @@ -24939,6 +27837,7 @@ _LT_EOF esac + ltmain=$ac_aux_dir/ltmain.sh @@ -24946,7 +27845,7 @@ ltmain=$ac_aux_dir/ltmain.sh # if finds mixed CR/LF and LF-only lines. Since sed operates in # text mode, it properly converts lines to CR/LF. This bash problem # is reportedly fixed, but why not run on old versions too? - sed '$q' "$ltmain" >> "$cfgfile" \ + $SED '$q' "$ltmain" >> "$cfgfile" \ || (rm -f "$cfgfile"; exit 1) mv -f "$cfgfile" "$ofile" || @@ -25106,6 +28005,159 @@ compiler_lib_search_path=$lt_compiler_lib_search_path_CXX # ### END LIBTOOL TAG CONFIG: CXX _LT_EOF + + cat <<_LT_EOF >> "$ofile" + +# ### BEGIN LIBTOOL TAG CONFIG: RC + +# The linker used to build libraries. +LD=$lt_LD_RC + +# How to create reloadable object files. +reload_flag=$lt_reload_flag_RC +reload_cmds=$lt_reload_cmds_RC + +# Commands used to build an old-style archive. +old_archive_cmds=$lt_old_archive_cmds_RC + +# A language specific compiler. +CC=$lt_compiler_RC + +# Is the compiler the GNU compiler? +with_gcc=$GCC_RC + +# Compiler flag to turn off builtin functions. +no_builtin_flag=$lt_lt_prog_compiler_no_builtin_flag_RC + +# Additional compiler flags for building library objects. +pic_flag=$lt_lt_prog_compiler_pic_RC + +# How to pass a linker flag through the compiler. +wl=$lt_lt_prog_compiler_wl_RC + +# Compiler flag to prevent dynamic linking. +link_static_flag=$lt_lt_prog_compiler_static_RC + +# Does compiler simultaneously support -c and -o options? +compiler_c_o=$lt_lt_cv_prog_compiler_c_o_RC + +# Whether or not to add -lc for building shared libraries. +build_libtool_need_lc=$archive_cmds_need_lc_RC + +# Whether or not to disallow shared libs when runtime libs are static. +allow_libtool_libs_with_static_runtimes=$enable_shared_with_static_runtimes_RC + +# Compiler flag to allow reflexive dlopens. +export_dynamic_flag_spec=$lt_export_dynamic_flag_spec_RC + +# Compiler flag to generate shared objects directly from archives. +whole_archive_flag_spec=$lt_whole_archive_flag_spec_RC + +# Whether the compiler copes with passing no objects directly. +compiler_needs_object=$lt_compiler_needs_object_RC + +# Create an old-style archive from a shared archive. +old_archive_from_new_cmds=$lt_old_archive_from_new_cmds_RC + +# Create a temporary old-style archive to link instead of a shared archive. +old_archive_from_expsyms_cmds=$lt_old_archive_from_expsyms_cmds_RC + +# Commands used to build a shared archive. +archive_cmds=$lt_archive_cmds_RC +archive_expsym_cmds=$lt_archive_expsym_cmds_RC + +# Commands used to build a loadable module if different from building +# a shared archive. +module_cmds=$lt_module_cmds_RC +module_expsym_cmds=$lt_module_expsym_cmds_RC + +# Whether we are building with GNU ld or not. +with_gnu_ld=$lt_with_gnu_ld_RC + +# Flag that allows shared libraries with undefined symbols to be built. +allow_undefined_flag=$lt_allow_undefined_flag_RC + +# Flag that enforces no undefined symbols. +no_undefined_flag=$lt_no_undefined_flag_RC + +# Flag to hardcode \$libdir into a binary during linking. +# This must work even if \$libdir does not exist +hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec_RC + +# Whether we need a single "-rpath" flag with a separated argument. +hardcode_libdir_separator=$lt_hardcode_libdir_separator_RC + +# Set to "yes" if using DIR/libNAME\$shared_ext during linking hardcodes +# DIR into the resulting binary. +hardcode_direct=$hardcode_direct_RC + +# Set to "yes" if using DIR/libNAME\$shared_ext during linking hardcodes +# DIR into the resulting binary and the resulting library dependency is +# "absolute",i.e impossible to change by setting \$shlibpath_var if the +# library is relocated. +hardcode_direct_absolute=$hardcode_direct_absolute_RC + +# Set to "yes" if using the -LDIR flag during linking hardcodes DIR +# into the resulting binary. +hardcode_minus_L=$hardcode_minus_L_RC + +# Set to "yes" if using SHLIBPATH_VAR=DIR during linking hardcodes DIR +# into the resulting binary. +hardcode_shlibpath_var=$hardcode_shlibpath_var_RC + +# Set to "yes" if building a shared library automatically hardcodes DIR +# into the library and all subsequent libraries and executables linked +# against it. +hardcode_automatic=$hardcode_automatic_RC + +# Set to yes if linker adds runtime paths of dependent libraries +# to runtime path list. +inherit_rpath=$inherit_rpath_RC + +# Whether libtool must link a program against all its dependency libraries. +link_all_deplibs=$link_all_deplibs_RC + +# Set to "yes" if exported symbols are required. +always_export_symbols=$always_export_symbols_RC + +# The commands to list exported symbols. +export_symbols_cmds=$lt_export_symbols_cmds_RC + +# Symbols that should not be listed in the preloaded symbols. +exclude_expsyms=$lt_exclude_expsyms_RC + +# Symbols that must always be exported. +include_expsyms=$lt_include_expsyms_RC + +# Commands necessary for linking programs (against libraries) with templates. +prelink_cmds=$lt_prelink_cmds_RC + +# Commands necessary for finishing linking programs. +postlink_cmds=$lt_postlink_cmds_RC + +# Specify filename containing input files. +file_list_spec=$lt_file_list_spec_RC + +# How to hardcode a shared library path into an executable. +hardcode_action=$hardcode_action_RC + +# The directories searched by this compiler when creating a shared library. +compiler_lib_search_dirs=$lt_compiler_lib_search_dirs_RC + +# Dependencies to place before and after the objects being linked to +# create a shared library. +predep_objects=$lt_predep_objects_RC +postdep_objects=$lt_postdep_objects_RC +predeps=$lt_predeps_RC +postdeps=$lt_postdeps_RC + +# The library search path used internally by the compiler when linking +# a shared library. +compiler_lib_search_path=$lt_compiler_lib_search_path_RC + +# ### END LIBTOOL TAG CONFIG: RC +_LT_EOF + ;; esac @@ -25141,12 +28193,12 @@ if test "$no_create" != yes; then $ac_cs_success || as_fn_exit 1 fi if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5 -$as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5 +printf "%s\n" "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;} fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: summary of build options: +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: summary of build options: version: ${LIBSSH2VER} Host type: ${host} @@ -25155,12 +28207,15 @@ fi Compiler flags: ${CFLAGS} Library types: Shared=${enable_shared}, Static=${enable_static} Crypto library: ${found_crypto_str} + zlib compression: ${found_libz} Clear memory: $enable_clear_memory Debug build: $enable_debug Build examples: $build_examples - zlib compression: ${found_libz} + Run Docker tests: $run_docker_tests + Run sshd tests: $run_sshd_tests + Path to sshd: $ac_cv_path_SSHD (only for self-tests) " >&5 -$as_echo "$as_me: summary of build options: +printf "%s\n" "$as_me: summary of build options: version: ${LIBSSH2VER} Host type: ${host} @@ -25169,8 +28224,12 @@ $as_echo "$as_me: summary of build options: Compiler flags: ${CFLAGS} Library types: Shared=${enable_shared}, Static=${enable_static} Crypto library: ${found_crypto_str} + zlib compression: ${found_libz} Clear memory: $enable_clear_memory Debug build: $enable_debug Build examples: $build_examples - zlib compression: ${found_libz} + Run Docker tests: $run_docker_tests + Run sshd tests: $run_sshd_tests + Path to sshd: $ac_cv_path_SSHD (only for self-tests) " >&6;} + diff --git a/libssh2/configure.ac b/libssh2/configure.ac index cf06a5cf4..b34757f00 100644 --- a/libssh2/configure.ac +++ b/libssh2/configure.ac @@ -1,8 +1,9 @@ -# AC_PREREQ(2.57) -AC_INIT(libssh2, [-], libssh2-devel@cool.haxx.se) +# AC_PREREQ(2.59) +AC_INIT([libssh2],[-],[libssh2-devel@lists.haxx.se]) AC_CONFIG_MACRO_DIR([m4]) AC_CONFIG_SRCDIR([src]) AC_CONFIG_HEADERS([src/libssh2_config.h]) +AC_REQUIRE_AUX_FILE([tap-driver.sh]) AM_MAINTAINER_MODE m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])]) @@ -33,11 +34,9 @@ AB_INIT AC_CANONICAL_HOST case "$host" in *-mingw*) - CFLAGS="$CFLAGS -DLIBSSH2_WIN32" LIBS="$LIBS -lws2_32" ;; *darwin*) - CFLAGS="$CFLAGS -DLIBSSH2_DARWIN" ;; *hpux*) ;; @@ -48,12 +47,6 @@ case "$host" in ;; esac -AC_CHECK_TYPE(long long, - [AC_DEFINE(HAVE_LONGLONG, 1, - [Define to 1 if the compiler supports the 'long long' data type.])] - longlong="yes" -) - dnl Our configure and build reentrant settings CURL_CONFIGURE_REENTRANT @@ -70,10 +63,21 @@ AC_PROG_CXX AC_PROG_INSTALL AC_PROG_LN_S AC_PROG_MAKE_SET +AC_PATH_PROGS(SSHD, [sshd], [], + [$PATH$PATH_SEPARATOR/usr/libexec$PATH_SEPARATOR]dnl + [/usr/sbin$PATH_SEPARATOR/usr/etc$PATH_SEPARATOR/etc]) +AM_CONDITIONAL(SSHD, test -n "$SSHD") +m4_ifdef([LT_INIT], +[dnl +LT_INIT([win32-dll]) +],[dnl AC_LIBTOOL_WIN32_DLL AC_PROG_LIBTOOL +]) AC_C_BIGENDIAN +LT_LANG([Windows Resource]) + dnl check for how to do large files AC_SYS_LARGEFILE @@ -81,16 +85,16 @@ AC_SYS_LARGEFILE found_crypto=none found_crypto_str="" -support_clear_memory=no crypto_errors="" m4_set_add([crypto_backends], [openssl]) m4_set_add([crypto_backends], [libgcrypt]) m4_set_add([crypto_backends], [mbedtls]) m4_set_add([crypto_backends], [wincng]) +m4_set_add([crypto_backends], [wolfssl]) AC_ARG_WITH([crypto], - AC_HELP_STRING([--with-crypto=auto|]m4_set_contents([crypto_backends], [|]), + AS_HELP_STRING([--with-crypto=auto|]m4_set_contents([crypto_backends], [|]), [Select crypto backend (default: auto)]), use_crypto=$withval, use_crypto=auto @@ -110,7 +114,7 @@ esac if test "$found_crypto" = "none"; then crypto_errors="${crypto_errors} -Specify --with-crypto=\$backend and/or the neccessary library search prefix. +Specify --with-crypto=\$backend and/or the necessary library search prefix. Known crypto backends: auto, m4_set_contents([crypto_backends], [, ])" AS_MESSAGE([ERROR: ${crypto_errors}]) @@ -118,14 +122,10 @@ else test "$found_crypto_str" = "" && found_crypto_str="$found_crypto" fi -m4_set_foreach([crypto_backends], [backend], - [AM_CONDITIONAL(m4_toupper(backend), test "$found_crypto" = "backend")] -) - # libz AC_ARG_WITH([libz], - AC_HELP_STRING([--with-libz],[Use libz for compression]), + AS_HELP_STRING([--with-libz],[Use libz for compression]), use_libz=$withval, use_libz=auto) @@ -155,43 +155,14 @@ AC_SUBST(LIBSREQUIRED) # # Optional Settings # -AC_ARG_ENABLE(crypt-none, - AC_HELP_STRING([--enable-crypt-none],[Permit "none" cipher -- NOT RECOMMENDED]), - [AC_DEFINE(LIBSSH2_CRYPT_NONE, 1, [Enable "none" cipher -- NOT RECOMMENDED])]) - -AC_ARG_ENABLE(mac-none, - AC_HELP_STRING([--enable-mac-none],[Permit "none" MAC -- NOT RECOMMENDED]), - [AC_DEFINE(LIBSSH2_MAC_NONE, 1, [Enable "none" MAC -- NOT RECOMMENDED])]) - -AC_ARG_ENABLE(gex-new, - AC_HELP_STRING([--disable-gex-new],[Disable "new" diffie-hellman-group-exchange-sha1 method]), - [GEX_NEW=$enableval]) -if test "$GEX_NEW" != "no"; then - AC_DEFINE(LIBSSH2_DH_GEX_NEW, 1, [Enable newer diffie-hellman-group-exchange-sha1 syntax]) -fi - AC_ARG_ENABLE(clear-memory, - AC_HELP_STRING([--disable-clear-memory],[Disable clearing of memory before being freed]), + AS_HELP_STRING([--disable-clear-memory],[Disable clearing of memory before being freed]), [CLEAR_MEMORY=$enableval]) -if test "$CLEAR_MEMORY" != "no"; then - if test "$support_clear_memory" = "yes"; then - AC_DEFINE(LIBSSH2_CLEAR_MEMORY, 1, [Enable clearing of memory before being freed]) - enable_clear_memory=yes - else - if test "$CLEAR_MEMORY" = "yes"; then - AC_MSG_ERROR([secure clearing/zeroing of memory is not supported by the selected crypto backend]) - else - AC_MSG_WARN([secure clearing/zeroing of memory is not supported by the selected crypto backend]) - fi - enable_clear_memory=unsupported - fi +if test "$CLEAR_MEMORY" = "no"; then + AC_DEFINE(LIBSSH2_NO_CLEAR_MEMORY, 1, [Disable clearing of memory before being freed]) + enable_clear_memory=no else - if test "$support_clear_memory" = "yes"; then - enable_clear_memory=no - else - AC_MSG_WARN([secure clearing/zeroing of memory is not supported by the selected crypto backend]) - enable_clear_memory=unsupported - fi + enable_clear_memory=yes fi dnl ************************************************************ @@ -199,8 +170,8 @@ dnl option to switch on compiler debug options dnl AC_MSG_CHECKING([whether to enable pedantic and debug compiler options]) AC_ARG_ENABLE(debug, -AC_HELP_STRING([--enable-debug],[Enable pedantic and debug options]) -AC_HELP_STRING([--disable-debug],[Disable debug options]), +AS_HELP_STRING([--enable-debug],[Enable pedantic and debug options]) +AS_HELP_STRING([--disable-debug],[Disable debug options]), [ case "$enable_debug" in no) AC_MSG_RESULT(no) @@ -228,8 +199,8 @@ dnl on gcc >= 4.0 and SunPro C. dnl AC_MSG_CHECKING([whether to enable hidden symbols in the library]) AC_ARG_ENABLE(hidden-symbols, -AC_HELP_STRING([--enable-hidden-symbols],[Hide internal symbols in library]) -AC_HELP_STRING([--disable-hidden-symbols],[Leave all symbols with default visibility in library]), +AS_HELP_STRING([--enable-hidden-symbols],[Hide internal symbols in library]) +AS_HELP_STRING([--disable-hidden-symbols],[Leave all symbols with default visibility in library]), [ case "$enableval" in no) AC_MSG_RESULT(no) @@ -260,11 +231,36 @@ AC_HELP_STRING([--disable-hidden-symbols],[Leave all symbols with default visibi AC_MSG_RESULT(no) ) +# Build tests? +AC_ARG_ENABLE([tests], + [AS_HELP_STRING([--disable-tests], [Disable tests @<:@default=enabled@:>@])], + [ + if ! test "x${enable_tests}" = "xyes"; then + enable_tests="no" + fi + ], + [enable_tests="yes"]) +AM_CONDITIONAL([ENABLE_TESTS], [test "x$enable_tests" = xyes]) + +# Run Docker tests? +AC_ARG_ENABLE([docker-tests], + [AS_HELP_STRING([--disable-docker-tests], + [Do not run tests requiring Docker])], + [run_docker_tests=no], [run_docker_tests=yes]) +AM_CONDITIONAL([RUN_DOCKER_TESTS], [test "x$run_docker_tests" != "xno"]) + +# Run sshd tests? +AC_ARG_ENABLE([sshd-tests], + [AS_HELP_STRING([--disable-sshd-tests], + [Do not run tests requiring sshd])], + [run_sshd_tests=no], [run_sshd_tests=yes]) +AM_CONDITIONAL([RUN_SSHD_TESTS], [test "x$run_sshd_tests" != "xno"]) + # Build example applications? AC_MSG_CHECKING([whether to build example applications]) AC_ARG_ENABLE([examples-build], -AC_HELP_STRING([--enable-examples-build], [Build example applications (this is the default)]) -AC_HELP_STRING([--disable-examples-build], [Do not build example applications]), +AS_HELP_STRING([--enable-examples-build], [Build example applications (this is the default)]) +AS_HELP_STRING([--disable-examples-build], [Do not build example applications]), [case "$enableval" in no | false) build_examples='no' @@ -292,19 +288,17 @@ AM_CONDITIONAL([USE_OSSFUZZ_STATIC], [test -f "$LIB_FUZZING_ENGINE"]) # Checks for header files. -# AC_HEADER_STDC -AC_CHECK_HEADERS([errno.h fcntl.h stdio.h stdlib.h unistd.h sys/uio.h]) +AC_CHECK_HEADERS([errno.h fcntl.h stdio.h unistd.h sys/param.h sys/uio.h]) AC_CHECK_HEADERS([sys/select.h sys/socket.h sys/ioctl.h sys/time.h]) AC_CHECK_HEADERS([arpa/inet.h netinet/in.h]) -AC_CHECK_HEADERS([sys/un.h], [have_sys_un_h=yes], [have_sys_un_h=no]) -AM_CONDITIONAL([HAVE_SYS_UN_H], test "x$have_sys_un_h" = xyes) +AC_CHECK_HEADERS([sys/un.h]) case $host in *-*-cygwin* | *-*-cegcc*) # These are POSIX-like systems using BSD-like sockets API. ;; *) - AC_CHECK_HEADERS([windows.h winsock2.h ws2tcpip.h]) + AC_CHECK_HEADERS([windows.h], [have_windows_h=yes], [have_windows_h=no]) ;; esac @@ -314,7 +308,7 @@ case $host in dnl Interix: "does provide poll(), but the implementing developer must dnl have been in a bad mood, because poll() only works on the /proc dnl filesystem here" - dnl Mac OS X's poll has funny behaviors, like: + dnl macOS poll() has funny behaviors, like: dnl not being able to do poll on no fildescriptors (10.3?) dnl not being able to poll on some files (like anything in /dev) dnl not having reliable timeout support @@ -326,21 +320,21 @@ case $host in ;; esac -AC_CHECK_FUNCS(gettimeofday select strtoll memset_s) +AC_CHECK_FUNCS(gettimeofday select strtoll explicit_bzero explicit_memset memset_s snprintf) dnl Check for select() into ws2_32 for Msys/Mingw if test "$ac_cv_func_select" != "yes"; then AC_MSG_CHECKING([for select in ws2_32]) - AC_TRY_LINK([ -#ifdef HAVE_WINSOCK2_H + AC_LINK_IFELSE([AC_LANG_PROGRAM([[ +#ifdef HAVE_WINDOWS_H #ifndef WIN32_LEAN_AND_MEAN #define WIN32_LEAN_AND_MEAN #endif #include #endif - ],[ + ]], [[ select(0,(fd_set *)NULL,(fd_set *)NULL,(fd_set *)NULL,(struct timeval *)NULL); - ],[ + ]])],[ AC_MSG_RESULT([yes]) HAVE_SELECT="1" AC_DEFINE_UNQUOTED(HAVE_SELECT, 1, @@ -374,9 +368,25 @@ if test $missing_required_deps = 1; then AC_MSG_ERROR([Required dependencies are missing!]) fi +AM_CONDITIONAL([HAVE_WINDRES], + [test "x$have_windows_h" = "xyes" && test "x${enable_shared}" = "xyes" && test -n "${RC}"]) + # Configure parameters LIBSSH2_CHECK_OPTION_WERROR +# Append crypto lib +if test "$found_crypto" = "openssl"; then + LIBS="${LIBS} ${LTLIBSSL}" +elif test "$found_crypto" = "wolfssl"; then + LIBS="${LIBS} ${LTLIBWOLFSSL}" +elif test "$found_crypto" = "libgcrypt"; then + LIBS="${LIBS} ${LTLIBGCRYPT}" +elif test "$found_crypto" = "wincng"; then + LIBS="${LIBS} ${LTLIBBCRYPT}" +elif test "$found_crypto" = "mbedtls"; then + LIBS="${LIBS} ${LTLIBMBEDCRYPTO}" +fi + AC_CONFIG_FILES([Makefile src/Makefile libssh2.pc]) @@ -391,8 +401,11 @@ AC_MSG_NOTICE([summary of build options: Compiler flags: ${CFLAGS} Library types: Shared=${enable_shared}, Static=${enable_static} Crypto library: ${found_crypto_str} + zlib compression: ${found_libz} Clear memory: $enable_clear_memory Debug build: $enable_debug Build examples: $build_examples - zlib compression: ${found_libz} + Run Docker tests: $run_docker_tests + Run sshd tests: $run_sshd_tests + Path to sshd: $ac_cv_path_SSHD (only for self-tests) ]) diff --git a/libssh2/depcomp b/libssh2/depcomp index 6b391623c..715e34311 100755 --- a/libssh2/depcomp +++ b/libssh2/depcomp @@ -3,7 +3,7 @@ scriptversion=2018-03-07.03; # UTC -# Copyright (C) 1999-2020 Free Software Foundation, Inc. +# Copyright (C) 1999-2021 Free Software Foundation, Inc. # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by diff --git a/libssh2/git2news.pl b/libssh2/git2news.pl new file mode 100755 index 000000000..63dd38267 --- /dev/null +++ b/libssh2/git2news.pl @@ -0,0 +1,76 @@ +#!/usr/bin/env perl + +# git log --pretty=fuller --no-color --date=short --decorate=full + +my @mname = ('Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', + 'Jul', 'Aug', 'Sep', 'Oct', 'Nov', 'Dec' ); + +sub nicedate { + my ($date)=$_; + + if($date =~ /(\d\d\d\d)-(\d\d)-(\d\d)/) { + return sprintf("%d %s %4d", $3, $mname[$2-1], $1); + } + return $date; +} + +print +' Changelog for the libssh2 project. Generated with git2news.pl +'; + +my $line; +my $tag; +while() { + my $l = $_; + + if($l =~/^commit ([[:xdigit:]]*) ?(.*)/) { + $co = $1; + my $ref = $2; + if ($ref =~ /refs\/tags\/(libssh2-|VERSION\.)([0-9._]*)/) { + $tag = $2; + } else { + $tag = ''; + } + } + elsif($l =~ /^Author: *(.*) + - * Copyright (c) 2009-2015 Daniel Stenberg + * Copyright (c) 2009-2021 Daniel Stenberg * Copyright (c) 2010 Simon Josefsson * All rights reserved. * @@ -40,22 +40,22 @@ #ifndef LIBSSH2_H #define LIBSSH2_H 1 -#define LIBSSH2_COPYRIGHT "2004-2019 The libssh2 project and its contributors." +#define LIBSSH2_COPYRIGHT "2004-2023 The libssh2 project and its contributors." /* We use underscore instead of dash when appending DEV in dev versions just to make the BANNER define (used by src/session.c) be a valid SSH banner. Release versions have no appended strings and may of course not have dashes either. */ -#define LIBSSH2_VERSION "1.10.0" +#define LIBSSH2_VERSION "1.11.0" /* The numeric version number is also available "in parts" by using these defines: */ #define LIBSSH2_VERSION_MAJOR 1 -#define LIBSSH2_VERSION_MINOR 10 +#define LIBSSH2_VERSION_MINOR 11 #define LIBSSH2_VERSION_PATCH 0 /* This is the numeric version of the libssh2 version number, meant for easier - parsing and comparions by programs. The LIBSSH2_VERSION_NUM define will + parsing and comparisons by programs. The LIBSSH2_VERSION_NUM define will always follow this syntax: 0xXXYYZZ @@ -69,7 +69,7 @@ and it is always a greater number in a more recent release. It makes comparisons with greater than and less than work. */ -#define LIBSSH2_VERSION_NUM 0x010a00 +#define LIBSSH2_VERSION_NUM 0x010b00 /* * This is the date and time when the full source package was created. The @@ -80,14 +80,19 @@ * * "Mon Feb 12 11:35:33 UTC 2007" */ -#define LIBSSH2_TIMESTAMP "Sun 29 Aug 2021 08:37:50 PM UTC" +#define LIBSSH2_TIMESTAMP "Tue May 30 03:58:58 PM UTC 2023" #ifndef RC_INVOKED #ifdef __cplusplus extern "C" { #endif -#ifdef _WIN32 + +#if defined(_WIN32) || defined(WIN32) +#define LIBSSH2_WIN32 +#endif + +#ifdef LIBSSH2_WIN32 # include # include #endif @@ -100,7 +105,7 @@ extern "C" { /* Allow alternate API prefix from CFLAGS or calling app */ #ifndef LIBSSH2_API # ifdef LIBSSH2_WIN32 -# ifdef _WINDLL +# if defined(LIBSSH2_EXPORTS) || defined(DLL_EXPORT) || defined(_WINDLL) # ifdef LIBSSH2_LIBRARY # define LIBSSH2_API __declspec(dllexport) # else @@ -118,16 +123,6 @@ extern "C" { # include #endif -#if (defined(NETWARE) && !defined(__NOVELL_LIBC__)) -# include -typedef unsigned char uint8_t; -typedef unsigned short int uint16_t; -typedef unsigned int uint32_t; -typedef int int32_t; -typedef unsigned long long uint64_t; -typedef long long int64_t; -#endif - #ifdef _MSC_VER typedef unsigned char uint8_t; typedef unsigned short int uint16_t; @@ -147,13 +142,13 @@ typedef unsigned long long libssh2_uint64_t; typedef long long libssh2_int64_t; #endif -#ifdef WIN32 +#ifdef LIBSSH2_WIN32 typedef SOCKET libssh2_socket_t; #define LIBSSH2_INVALID_SOCKET INVALID_SOCKET -#else /* !WIN32 */ +#else /* !LIBSSH2_WIN32 */ typedef int libssh2_socket_t; #define LIBSSH2_INVALID_SOCKET -1 -#endif /* WIN32 */ +#endif /* LIBSSH2_WIN32 */ /* * Determine whether there is small or large file support on windows. @@ -179,7 +174,7 @@ typedef int libssh2_socket_t; # undef LIBSSH2_USE_WIN32_LARGE_FILES #endif -#if defined(_WIN32) && !defined(LIBSSH2_USE_WIN32_LARGE_FILES) && \ +#if defined(LIBSSH2_WIN32) && !defined(LIBSSH2_USE_WIN32_LARGE_FILES) && \ !defined(LIBSSH2_USE_WIN32_SMALL_FILES) # define LIBSSH2_USE_WIN32_SMALL_FILES #endif @@ -190,8 +185,6 @@ typedef int libssh2_socket_t; #ifdef LIBSSH2_USE_WIN32_LARGE_FILES # include -# include -# include # define LIBSSH2_STRUCT_STAT_SIZE_FORMAT "%I64d" typedef struct _stati64 libssh2_struct_stat; typedef __int64 libssh2_struct_stat_size; @@ -202,8 +195,6 @@ typedef __int64 libssh2_struct_stat_size; */ #ifdef LIBSSH2_USE_WIN32_SMALL_FILES -# include -# include # ifndef _WIN32_WCE # define LIBSSH2_STRUCT_STAT_SIZE_FORMAT "%d" typedef struct _stat libssh2_struct_stat; @@ -233,14 +224,6 @@ typedef off_t libssh2_struct_stat_size; #define LIBSSH2_SSH_DEFAULT_BANNER LIBSSH2_SSH_BANNER #define LIBSSH2_SSH_DEFAULT_BANNER_WITH_CRLF LIBSSH2_SSH_DEFAULT_BANNER "\r\n" -/* Default generate and safe prime sizes for - diffie-hellman-group-exchange-sha1 */ -#define LIBSSH2_DH_GEX_MINGROUP 2048 -#define LIBSSH2_DH_GEX_OPTGROUP 4096 -#define LIBSSH2_DH_GEX_MAXGROUP 8192 - -#define LIBSSH2_DH_MAX_MODULUS_BITS 16384 - /* Defaults for pty requests */ #define LIBSSH2_TERM_WIDTH 80 #define LIBSSH2_TERM_HEIGHT 24 @@ -272,8 +255,8 @@ typedef off_t libssh2_struct_stat_size; typedef struct _LIBSSH2_USERAUTH_KBDINT_PROMPT { - char *text; - unsigned int length; + unsigned char *text; + size_t length; unsigned char echo; } LIBSSH2_USERAUTH_KBDINT_PROMPT; @@ -283,48 +266,88 @@ typedef struct _LIBSSH2_USERAUTH_KBDINT_RESPONSE unsigned int length; } LIBSSH2_USERAUTH_KBDINT_RESPONSE; +typedef struct _LIBSSH2_SK_SIG_INFO { + uint8_t flags; + uint32_t counter; + unsigned char *sig_r; + size_t sig_r_len; + unsigned char *sig_s; + size_t sig_s_len; +} LIBSSH2_SK_SIG_INFO; + /* 'publickey' authentication callback */ #define LIBSSH2_USERAUTH_PUBLICKEY_SIGN_FUNC(name) \ - int name(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len, \ - const unsigned char *data, size_t data_len, void **abstract) + int name(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len, \ + const unsigned char *data, size_t data_len, void **abstract) /* 'keyboard-interactive' authentication callback */ #define LIBSSH2_USERAUTH_KBDINT_RESPONSE_FUNC(name_) \ - void name_(const char *name, int name_len, const char *instruction, \ - int instruction_len, int num_prompts, \ - const LIBSSH2_USERAUTH_KBDINT_PROMPT *prompts, \ - LIBSSH2_USERAUTH_KBDINT_RESPONSE *responses, void **abstract) + void name_(const char *name, int name_len, const char *instruction, \ + int instruction_len, int num_prompts, \ + const LIBSSH2_USERAUTH_KBDINT_PROMPT *prompts, \ + LIBSSH2_USERAUTH_KBDINT_RESPONSE *responses, void **abstract) + +/* SK authentication callback */ +#define LIBSSH2_USERAUTH_SK_SIGN_FUNC(name) \ + int name(LIBSSH2_SESSION *session, LIBSSH2_SK_SIG_INFO *sig_info, \ + const unsigned char *data, size_t data_len, \ + int algorithm, uint8_t flags, \ + const char *application, const unsigned char *key_handle, \ + size_t handle_len, \ + void **abstract) + +/* Flags for SK authentication */ +#define LIBSSH2_SK_PRESENCE_REQUIRED 0x01 +#define LIBSSH2_SK_VERIFICATION_REQUIRED 0x04 /* Callbacks for special SSH packets */ #define LIBSSH2_IGNORE_FUNC(name) \ - void name(LIBSSH2_SESSION *session, const char *message, int message_len, \ - void **abstract) + void name(LIBSSH2_SESSION *session, const char *message, int message_len, \ + void **abstract) #define LIBSSH2_DEBUG_FUNC(name) \ - void name(LIBSSH2_SESSION *session, int always_display, const char *message, \ - int message_len, const char *language, int language_len, \ - void **abstract) + void name(LIBSSH2_SESSION *session, int always_display, \ + const char *message, int message_len, \ + const char *language, int language_len, \ + void **abstract) #define LIBSSH2_DISCONNECT_FUNC(name) \ - void name(LIBSSH2_SESSION *session, int reason, const char *message, \ - int message_len, const char *language, int language_len, \ - void **abstract) + void name(LIBSSH2_SESSION *session, int reason, \ + const char *message, int message_len, \ + const char *language, int language_len, \ + void **abstract) #define LIBSSH2_PASSWD_CHANGEREQ_FUNC(name) \ - void name(LIBSSH2_SESSION *session, char **newpw, int *newpw_len, \ - void **abstract) + void name(LIBSSH2_SESSION *session, char **newpw, int *newpw_len, \ + void **abstract) #define LIBSSH2_MACERROR_FUNC(name) \ - int name(LIBSSH2_SESSION *session, const char *packet, int packet_len, \ - void **abstract) + int name(LIBSSH2_SESSION *session, const char *packet, int packet_len, \ + void **abstract) #define LIBSSH2_X11_OPEN_FUNC(name) \ - void name(LIBSSH2_SESSION *session, LIBSSH2_CHANNEL *channel, \ - const char *shost, int sport, void **abstract) + void name(LIBSSH2_SESSION *session, LIBSSH2_CHANNEL *channel, \ + const char *shost, int sport, void **abstract) + +#define LIBSSH2_AUTHAGENT_FUNC(name) \ + void name(LIBSSH2_SESSION *session, LIBSSH2_CHANNEL *channel, \ + void **abstract) + +#define LIBSSH2_ADD_IDENTITIES_FUNC(name) \ + void name(LIBSSH2_SESSION *session, void *buffer, \ + const char *agent_path, void **abstract) + +#define LIBSSH2_AUTHAGENT_SIGN_FUNC(name) \ + int name(LIBSSH2_SESSION* session, \ + unsigned char *blob, unsigned int blen, \ + const unsigned char *data, unsigned int dlen, \ + unsigned char **signature, unsigned int *sigLen, \ + const char *agentPath, \ + void **abstract) #define LIBSSH2_CHANNEL_CLOSE_FUNC(name) \ - void name(LIBSSH2_SESSION *session, void **session_abstract, \ - LIBSSH2_CHANNEL *channel, void **channel_abstract) + void name(LIBSSH2_SESSION *session, void **session_abstract, \ + LIBSSH2_CHANNEL *channel, void **channel_abstract) /* I/O callbacks */ #define LIBSSH2_RECV_FUNC(name) \ @@ -337,13 +360,16 @@ typedef struct _LIBSSH2_USERAUTH_KBDINT_RESPONSE int flags, void **abstract) /* libssh2_session_callback_set() constants */ -#define LIBSSH2_CALLBACK_IGNORE 0 -#define LIBSSH2_CALLBACK_DEBUG 1 -#define LIBSSH2_CALLBACK_DISCONNECT 2 -#define LIBSSH2_CALLBACK_MACERROR 3 -#define LIBSSH2_CALLBACK_X11 4 -#define LIBSSH2_CALLBACK_SEND 5 -#define LIBSSH2_CALLBACK_RECV 6 +#define LIBSSH2_CALLBACK_IGNORE 0 +#define LIBSSH2_CALLBACK_DEBUG 1 +#define LIBSSH2_CALLBACK_DISCONNECT 2 +#define LIBSSH2_CALLBACK_MACERROR 3 +#define LIBSSH2_CALLBACK_X11 4 +#define LIBSSH2_CALLBACK_SEND 5 +#define LIBSSH2_CALLBACK_RECV 6 +#define LIBSSH2_CALLBACK_AUTHAGENT 7 +#define LIBSSH2_CALLBACK_AUTHAGENT_IDENTITIES 8 +#define LIBSSH2_CALLBACK_AUTHAGENT_SIGN 9 /* libssh2_session_method_pref() constants */ #define LIBSSH2_METHOD_KEX 0 @@ -356,10 +382,12 @@ typedef struct _LIBSSH2_USERAUTH_KBDINT_RESPONSE #define LIBSSH2_METHOD_COMP_SC 7 #define LIBSSH2_METHOD_LANG_CS 8 #define LIBSSH2_METHOD_LANG_SC 9 +#define LIBSSH2_METHOD_SIGN_ALGO 10 /* flags */ #define LIBSSH2_FLAG_SIGPIPE 1 #define LIBSSH2_FLAG_COMPRESS 2 +#define LIBSSH2_FLAG_QUOTE_PATHS 3 typedef struct _LIBSSH2_SESSION LIBSSH2_SESSION; typedef struct _LIBSSH2_CHANNEL LIBSSH2_CHANNEL; @@ -367,6 +395,25 @@ typedef struct _LIBSSH2_LISTENER LIBSSH2_LISTENER; typedef struct _LIBSSH2_KNOWNHOSTS LIBSSH2_KNOWNHOSTS; typedef struct _LIBSSH2_AGENT LIBSSH2_AGENT; +/* SK signature callback */ +typedef struct _LIBSSH2_PRIVKEY_SK { + int algorithm; + uint8_t flags; + const char *application; + const unsigned char *key_handle; + size_t handle_len; + LIBSSH2_USERAUTH_SK_SIGN_FUNC((*sign_callback)); + void **orig_abstract; +} LIBSSH2_PRIVKEY_SK; + +int +libssh2_sign_sk(LIBSSH2_SESSION *session, + unsigned char **sig, + size_t *sig_len, + const unsigned char *data, + size_t data_len, + void **abstract); + typedef struct _LIBSSH2_POLLFD { unsigned char type; /* LIBSSH2_POLLFD_* below */ @@ -506,6 +553,8 @@ typedef struct _LIBSSH2_POLLFD { #define LIBSSH2_ERROR_CHANNEL_WINDOW_FULL -47 #define LIBSSH2_ERROR_KEYFILE_AUTH_FAILED -48 #define LIBSSH2_ERROR_RANDGEN -49 +#define LIBSSH2_ERROR_MISSING_USERAUTH_BANNER -50 +#define LIBSSH2_ERROR_ALGO_UNSUPPORTED -51 /* this is a define to provide the old (<= 1.2.7) name */ #define LIBSSH2_ERROR_BANNER_NONE LIBSSH2_ERROR_BANNER_RECV @@ -581,8 +630,8 @@ LIBSSH2_API int libssh2_session_disconnect_ex(LIBSSH2_SESSION *session, const char *description, const char *lang); #define libssh2_session_disconnect(session, description) \ - libssh2_session_disconnect_ex((session), SSH_DISCONNECT_BY_APPLICATION, \ - (description), "") + libssh2_session_disconnect_ex((session), SSH_DISCONNECT_BY_APPLICATION, \ + (description), "") LIBSSH2_API int libssh2_session_free(LIBSSH2_SESSION *session); @@ -614,6 +663,8 @@ LIBSSH2_API const char *libssh2_session_banner_get(LIBSSH2_SESSION *session); LIBSSH2_API char *libssh2_userauth_list(LIBSSH2_SESSION *session, const char *username, unsigned int username_len); +LIBSSH2_API int libssh2_userauth_banner(LIBSSH2_SESSION *session, + char **banner); LIBSSH2_API int libssh2_userauth_authenticated(LIBSSH2_SESSION *session); LIBSSH2_API int @@ -623,12 +674,13 @@ libssh2_userauth_password_ex(LIBSSH2_SESSION *session, const char *password, unsigned int password_len, LIBSSH2_PASSWD_CHANGEREQ_FUNC - ((*passwd_change_cb))); + ((*passwd_change_cb))); #define libssh2_userauth_password(session, username, password) \ - libssh2_userauth_password_ex((session), (username), \ - (unsigned int)strlen(username), \ - (password), (unsigned int)strlen(password), NULL) + libssh2_userauth_password_ex((session), (username), \ + (unsigned int)strlen(username), \ + (password), (unsigned int)strlen(password), \ + NULL) LIBSSH2_API int libssh2_userauth_publickey_fromfile_ex(LIBSSH2_SESSION *session, @@ -638,11 +690,11 @@ libssh2_userauth_publickey_fromfile_ex(LIBSSH2_SESSION *session, const char *privatekey, const char *passphrase); -#define libssh2_userauth_publickey_fromfile(session, username, publickey, \ - privatekey, passphrase) \ - libssh2_userauth_publickey_fromfile_ex((session), (username), \ +#define libssh2_userauth_publickey_fromfile(session, username, publickey, \ + privatekey, passphrase) \ + libssh2_userauth_publickey_fromfile_ex((session), (username), \ (unsigned int)strlen(username), \ - (publickey), \ + (publickey), \ (privatekey), (passphrase)) LIBSSH2_API int @@ -651,7 +703,7 @@ libssh2_userauth_publickey(LIBSSH2_SESSION *session, const unsigned char *pubkeydata, size_t pubkeydata_len, LIBSSH2_USERAUTH_PUBLICKEY_SIGN_FUNC - ((*sign_callback)), + ((*sign_callback)), void **abstract); LIBSSH2_API int @@ -666,16 +718,16 @@ libssh2_userauth_hostbased_fromfile_ex(LIBSSH2_SESSION *session, const char *local_username, unsigned int local_username_len); -#define libssh2_userauth_hostbased_fromfile(session, username, publickey, \ +#define libssh2_userauth_hostbased_fromfile(session, username, publickey, \ privatekey, passphrase, hostname) \ - libssh2_userauth_hostbased_fromfile_ex((session), (username), \ - (unsigned int)strlen(username), \ - (publickey), \ - (privatekey), (passphrase), \ - (hostname), \ - (unsigned int)strlen(hostname), \ - (username), \ - (unsigned int)strlen(username)) + libssh2_userauth_hostbased_fromfile_ex((session), (username), \ + (unsigned int)strlen(username), \ + (publickey), \ + (privatekey), (passphrase), \ + (hostname), \ + (unsigned int)strlen(hostname), \ + (username), \ + (unsigned int)strlen(username)) LIBSSH2_API int libssh2_userauth_publickey_frommemory(LIBSSH2_SESSION *session, @@ -697,15 +749,28 @@ LIBSSH2_API int libssh2_userauth_keyboard_interactive_ex(LIBSSH2_SESSION* session, const char *username, unsigned int username_len, - LIBSSH2_USERAUTH_KBDINT_RESPONSE_FUNC( - (*response_callback))); + LIBSSH2_USERAUTH_KBDINT_RESPONSE_FUNC + ((*response_callback))); -#define libssh2_userauth_keyboard_interactive(session, username, \ - response_callback) \ - libssh2_userauth_keyboard_interactive_ex((session), (username), \ +#define libssh2_userauth_keyboard_interactive(session, username, \ + response_callback) \ + libssh2_userauth_keyboard_interactive_ex((session), (username), \ (unsigned int)strlen(username), \ (response_callback)) +LIBSSH2_API int +libssh2_userauth_publickey_sk(LIBSSH2_SESSION *session, + const char *username, + size_t username_len, + const unsigned char *pubkeydata, + size_t pubkeydata_len, + const char *privatekeydata, + size_t privatekeydata_len, + const char *passphrase, + LIBSSH2_USERAUTH_SK_SIGN_FUNC + ((*sign_callback)), + void **abstract); + LIBSSH2_API int libssh2_poll(LIBSSH2_POLLFD *fds, unsigned int nfds, long timeout); @@ -731,22 +796,27 @@ libssh2_channel_open_ex(LIBSSH2_SESSION *session, const char *channel_type, const char *message, unsigned int message_len); #define libssh2_channel_open_session(session) \ - libssh2_channel_open_ex((session), "session", sizeof("session") - 1, \ - LIBSSH2_CHANNEL_WINDOW_DEFAULT, \ - LIBSSH2_CHANNEL_PACKET_DEFAULT, NULL, 0) + libssh2_channel_open_ex((session), "session", sizeof("session") - 1, \ + LIBSSH2_CHANNEL_WINDOW_DEFAULT, \ + LIBSSH2_CHANNEL_PACKET_DEFAULT, NULL, 0) LIBSSH2_API LIBSSH2_CHANNEL * libssh2_channel_direct_tcpip_ex(LIBSSH2_SESSION *session, const char *host, int port, const char *shost, int sport); #define libssh2_channel_direct_tcpip(session, host, port) \ - libssh2_channel_direct_tcpip_ex((session), (host), (port), "127.0.0.1", 22) + libssh2_channel_direct_tcpip_ex((session), (host), (port), "127.0.0.1", 22) + +LIBSSH2_API LIBSSH2_CHANNEL * +libssh2_channel_direct_streamlocal_ex(LIBSSH2_SESSION * session, + const char *socket_path, + const char *shost, int sport); LIBSSH2_API LIBSSH2_LISTENER * libssh2_channel_forward_listen_ex(LIBSSH2_SESSION *session, const char *host, int port, int *bound_port, int queue_maxsize); #define libssh2_channel_forward_listen(session, port) \ - libssh2_channel_forward_listen_ex((session), NULL, (port), NULL, 16) + libssh2_channel_forward_listen_ex((session), NULL, (port), NULL, 16) LIBSSH2_API int libssh2_channel_forward_cancel(LIBSSH2_LISTENER *listener); @@ -787,7 +857,7 @@ LIBSSH2_API int libssh2_channel_request_pty_size_ex(LIBSSH2_CHANNEL *channel, int width_px, int height_px); #define libssh2_channel_request_pty_size(channel, width, height) \ - libssh2_channel_request_pty_size_ex((channel), (width), (height), 0, 0) + libssh2_channel_request_pty_size_ex((channel), (width), (height), 0, 0) LIBSSH2_API int libssh2_channel_x11_req_ex(LIBSSH2_CHANNEL *channel, int single_connection, @@ -795,7 +865,13 @@ LIBSSH2_API int libssh2_channel_x11_req_ex(LIBSSH2_CHANNEL *channel, const char *auth_cookie, int screen_number); #define libssh2_channel_x11_req(channel, screen_number) \ - libssh2_channel_x11_req_ex((channel), 0, NULL, NULL, (screen_number)) + libssh2_channel_x11_req_ex((channel), 0, NULL, NULL, (screen_number)) + +LIBSSH2_API int libssh2_channel_signal_ex(LIBSSH2_CHANNEL *channel, + const char *signame, + size_t signame_len); +#define libssh2_channel_signal(channel, signame) \ + libssh2_channel_signal_ex((channel), signame, strlen(signame)) LIBSSH2_API int libssh2_channel_process_startup(LIBSSH2_CHANNEL *channel, const char *request, @@ -803,23 +879,25 @@ LIBSSH2_API int libssh2_channel_process_startup(LIBSSH2_CHANNEL *channel, const char *message, unsigned int message_len); #define libssh2_channel_shell(channel) \ - libssh2_channel_process_startup((channel), "shell", sizeof("shell") - 1, \ - NULL, 0) + libssh2_channel_process_startup((channel), "shell", sizeof("shell") - 1, \ + NULL, 0) #define libssh2_channel_exec(channel, command) \ - libssh2_channel_process_startup((channel), "exec", sizeof("exec") - 1, \ - (command), (unsigned int)strlen(command)) + libssh2_channel_process_startup((channel), "exec", sizeof("exec") - 1, \ + (command), (unsigned int)strlen(command)) #define libssh2_channel_subsystem(channel, subsystem) \ - libssh2_channel_process_startup((channel), "subsystem", \ - sizeof("subsystem") - 1, (subsystem), \ - (unsigned int)strlen(subsystem)) + libssh2_channel_process_startup((channel), "subsystem", \ + sizeof("subsystem") - 1, (subsystem), \ + (unsigned int)strlen(subsystem)) LIBSSH2_API ssize_t libssh2_channel_read_ex(LIBSSH2_CHANNEL *channel, int stream_id, char *buf, size_t buflen); #define libssh2_channel_read(channel, buf, buflen) \ - libssh2_channel_read_ex((channel), 0, (buf), (buflen)) + libssh2_channel_read_ex((channel), 0, \ + (buf), (buflen)) #define libssh2_channel_read_stderr(channel, buf, buflen) \ - libssh2_channel_read_ex((channel), SSH_EXTENDED_DATA_STDERR, (buf), (buflen)) + libssh2_channel_read_ex((channel), SSH_EXTENDED_DATA_STDERR, \ + (buf), (buflen)) LIBSSH2_API int libssh2_poll_channel_read(LIBSSH2_CHANNEL *channel, int extended); @@ -829,9 +907,9 @@ libssh2_channel_window_read_ex(LIBSSH2_CHANNEL *channel, unsigned long *read_avail, unsigned long *window_size_initial); #define libssh2_channel_window_read(channel) \ - libssh2_channel_window_read_ex((channel), NULL, NULL) + libssh2_channel_window_read_ex((channel), NULL, NULL) -/* libssh2_channel_receive_window_adjust is DEPRECATED, do not use! */ +/* libssh2_channel_receive_window_adjust() is DEPRECATED, do not use! */ LIBSSH2_API unsigned long libssh2_channel_receive_window_adjust(LIBSSH2_CHANNEL *channel, unsigned long adjustment, @@ -848,16 +926,17 @@ LIBSSH2_API ssize_t libssh2_channel_write_ex(LIBSSH2_CHANNEL *channel, size_t buflen); #define libssh2_channel_write(channel, buf, buflen) \ - libssh2_channel_write_ex((channel), 0, (buf), (buflen)) -#define libssh2_channel_write_stderr(channel, buf, buflen) \ - libssh2_channel_write_ex((channel), SSH_EXTENDED_DATA_STDERR, \ + libssh2_channel_write_ex((channel), 0, \ + (buf), (buflen)) +#define libssh2_channel_write_stderr(channel, buf, buflen) \ + libssh2_channel_write_ex((channel), SSH_EXTENDED_DATA_STDERR, \ (buf), (buflen)) LIBSSH2_API unsigned long libssh2_channel_window_write_ex(LIBSSH2_CHANNEL *channel, unsigned long *window_size_initial); #define libssh2_channel_window_write(channel) \ - libssh2_channel_window_write_ex((channel), NULL) + libssh2_channel_window_write_ex((channel), NULL) LIBSSH2_API void libssh2_session_set_blocking(LIBSSH2_SESSION* session, int blocking); @@ -870,7 +949,11 @@ LIBSSH2_API void libssh2_session_set_timeout(LIBSSH2_SESSION* session, long timeout); LIBSSH2_API long libssh2_session_get_timeout(LIBSSH2_SESSION* session); -/* libssh2_channel_handle_extended_data is DEPRECATED, do not use! */ +LIBSSH2_API void libssh2_session_set_read_timeout(LIBSSH2_SESSION* session, + long timeout); +LIBSSH2_API long libssh2_session_get_read_timeout(LIBSSH2_SESSION* session); + +/* libssh2_channel_handle_extended_data() is DEPRECATED, do not use! */ LIBSSH2_API void libssh2_channel_handle_extended_data(LIBSSH2_CHANNEL *channel, int ignore_mode); LIBSSH2_API int libssh2_channel_handle_extended_data2(LIBSSH2_CHANNEL *channel, @@ -884,9 +967,8 @@ LIBSSH2_API int libssh2_channel_handle_extended_data2(LIBSSH2_CHANNEL *channel, * (FIFO) from the standard data channel */ /* DEPRECATED */ -#define libssh2_channel_ignore_extended_data(channel, ignore) \ - libssh2_channel_handle_extended_data((channel), \ - (ignore) ? \ +#define libssh2_channel_ignore_extended_data(channel, ignore) \ + libssh2_channel_handle_extended_data((channel), (ignore) ? \ LIBSSH2_CHANNEL_EXTENDED_DATA_IGNORE : \ LIBSSH2_CHANNEL_EXTENDED_DATA_NORMAL) @@ -896,7 +978,7 @@ LIBSSH2_API int libssh2_channel_flush_ex(LIBSSH2_CHANNEL *channel, int streamid); #define libssh2_channel_flush(channel) libssh2_channel_flush_ex((channel), 0) #define libssh2_channel_flush_stderr(channel) \ - libssh2_channel_flush_ex((channel), SSH_EXTENDED_DATA_STDERR) + libssh2_channel_flush_ex((channel), SSH_EXTENDED_DATA_STDERR) LIBSSH2_API int libssh2_channel_get_exit_status(LIBSSH2_CHANNEL* channel); LIBSSH2_API int libssh2_channel_get_exit_signal(LIBSSH2_CHANNEL* channel, @@ -917,7 +999,7 @@ LIBSSH2_API int libssh2_channel_free(LIBSSH2_CHANNEL *channel); LIBSSH2_API LIBSSH2_CHANNEL *libssh2_scp_recv(LIBSSH2_SESSION *session, const char *path, struct stat *sb); -/* Use libssh2_scp_recv2 for large (> 2GB) file support on windows */ +/* Use libssh2_scp_recv2() for large (> 2GB) file support on windows */ LIBSSH2_API LIBSSH2_CHANNEL *libssh2_scp_recv2(LIBSSH2_SESSION *session, const char *path, libssh2_struct_stat *sb); @@ -930,8 +1012,9 @@ libssh2_scp_send64(LIBSSH2_SESSION *session, const char *path, int mode, libssh2_int64_t size, time_t mtime, time_t atime); #define libssh2_scp_send(session, path, mode, size) \ - libssh2_scp_send_ex((session), (path), (mode), (size), 0, 0) + libssh2_scp_send_ex((session), (path), (mode), (size), 0, 0) +/* DEPRECATED */ LIBSSH2_API int libssh2_base64_decode(LIBSSH2_SESSION *session, char **dest, unsigned int *dest_len, const char *src, unsigned int src_len); @@ -939,8 +1022,22 @@ LIBSSH2_API int libssh2_base64_decode(LIBSSH2_SESSION *session, char **dest, LIBSSH2_API const char *libssh2_version(int req_version_num); +typedef enum { + libssh2_no_crypto = 0, + libssh2_openssl, + libssh2_gcrypt, + libssh2_mbedtls, + libssh2_wincng, + libssh2_os400qc3 +} libssh2_crypto_engine_t; + +LIBSSH2_API +libssh2_crypto_engine_t libssh2_crypto_engine(void); + #define HAVE_LIBSSH2_KNOWNHOST_API 0x010101 /* since 1.1.1 */ #define HAVE_LIBSSH2_VERSION_API 0x010100 /* libssh2_version since 1.1 */ +#define HAVE_LIBSSH2_CRYPTOENGINE_API 0x011100 /* libssh2_crypto_engine + since 1.11 */ struct libssh2_knownhost { unsigned int magic; /* magic stored by the library */ @@ -951,7 +1048,7 @@ struct libssh2_knownhost { }; /* - * libssh2_knownhost_init + * libssh2_knownhost_init() * * Init a collection of known hosts. Returns the pointer to a collection. * @@ -960,7 +1057,7 @@ LIBSSH2_API LIBSSH2_KNOWNHOSTS * libssh2_knownhost_init(LIBSSH2_SESSION *session); /* - * libssh2_knownhost_add + * libssh2_knownhost_add() * * Add a host and its associated key to the collection of known hosts. * @@ -1012,7 +1109,7 @@ libssh2_knownhost_add(LIBSSH2_KNOWNHOSTS *hosts, struct libssh2_knownhost **store); /* - * libssh2_knownhost_addc + * libssh2_knownhost_addc() * * Add a host and its associated key to the collection of known hosts. * @@ -1030,8 +1127,8 @@ libssh2_knownhost_add(LIBSSH2_KNOWNHOSTS *hosts, * If 'sha1' is selected as type, the salt must be provided to the salt * argument. This too base64 encoded. * - * The SHA-1 hash is what OpenSSH can be told to use in known_hosts files. If - * a custom type is used, salt is ignored and you must provide the host + * The SHA-1 hash is what OpenSSH can be told to use in known_hosts files. + * If a custom type is used, salt is ignored and you must provide the host * pre-hashed when checking for it in the libssh2_knownhost_check() function. * * The keylen parameter may be omitted (zero) if the key is provided as a @@ -1047,7 +1144,7 @@ libssh2_knownhost_addc(LIBSSH2_KNOWNHOSTS *hosts, struct libssh2_knownhost **store); /* - * libssh2_knownhost_check + * libssh2_knownhost_check() * * Check a host and its associated key against the collection of known hosts. * @@ -1086,7 +1183,7 @@ libssh2_knownhost_checkp(LIBSSH2_KNOWNHOSTS *hosts, struct libssh2_knownhost **knownhost); /* - * libssh2_knownhost_del + * libssh2_knownhost_del() * * Remove a host from the collection of known hosts. The 'entry' struct is * retrieved by a call to libssh2_knownhost_check(). @@ -1097,7 +1194,7 @@ libssh2_knownhost_del(LIBSSH2_KNOWNHOSTS *hosts, struct libssh2_knownhost *entry); /* - * libssh2_knownhost_free + * libssh2_knownhost_free() * * Free an entire collection of known hosts. * @@ -1118,7 +1215,7 @@ libssh2_knownhost_readline(LIBSSH2_KNOWNHOSTS *hosts, const char *line, size_t len, int type); /* - * libssh2_knownhost_readfile + * libssh2_knownhost_readfile() * * Add hosts+key pairs from a given file. * @@ -1154,7 +1251,7 @@ libssh2_knownhost_writeline(LIBSSH2_KNOWNHOSTS *hosts, int type); /* - * libssh2_knownhost_writefile + * libssh2_knownhost_writefile() * * Write hosts+key pairs to a given file. * @@ -1194,7 +1291,7 @@ struct libssh2_agent_publickey { }; /* - * libssh2_agent_init + * libssh2_agent_init() * * Init an ssh-agent handle. Returns the pointer to the handle. * @@ -1236,8 +1333,8 @@ libssh2_agent_list_identities(LIBSSH2_AGENT *agent); */ LIBSSH2_API int libssh2_agent_get_identity(LIBSSH2_AGENT *agent, - struct libssh2_agent_publickey **store, - struct libssh2_agent_publickey *prev); + struct libssh2_agent_publickey **store, + struct libssh2_agent_publickey *prev); /* * libssh2_agent_userauth() @@ -1248,8 +1345,25 @@ libssh2_agent_get_identity(LIBSSH2_AGENT *agent, */ LIBSSH2_API int libssh2_agent_userauth(LIBSSH2_AGENT *agent, - const char *username, - struct libssh2_agent_publickey *identity); + const char *username, + struct libssh2_agent_publickey *identity); + +/* + * libssh2_agent_sign() + * + * Sign a payload using a system-installed ssh-agent. + * + * Returns 0 if succeeded, or a negative value for error. + */ +LIBSSH2_API int +libssh2_agent_sign(LIBSSH2_AGENT *agent, + struct libssh2_agent_publickey *identity, + unsigned char **sig, + size_t *s_len, + const unsigned char *data, + size_t d_len, + const char *method, + unsigned int method_len); /* * libssh2_agent_disconnect() @@ -1322,15 +1436,15 @@ LIBSSH2_API int libssh2_keepalive_send(LIBSSH2_SESSION *session, enabled */ LIBSSH2_API int libssh2_trace(LIBSSH2_SESSION *session, int bitmask); -#define LIBSSH2_TRACE_TRANS (1<<1) -#define LIBSSH2_TRACE_KEX (1<<2) -#define LIBSSH2_TRACE_AUTH (1<<3) -#define LIBSSH2_TRACE_CONN (1<<4) -#define LIBSSH2_TRACE_SCP (1<<5) -#define LIBSSH2_TRACE_SFTP (1<<6) -#define LIBSSH2_TRACE_ERROR (1<<7) -#define LIBSSH2_TRACE_PUBLICKEY (1<<8) -#define LIBSSH2_TRACE_SOCKET (1<<9) +#define LIBSSH2_TRACE_TRANS (1<<1) +#define LIBSSH2_TRACE_KEX (1<<2) +#define LIBSSH2_TRACE_AUTH (1<<3) +#define LIBSSH2_TRACE_CONN (1<<4) +#define LIBSSH2_TRACE_SCP (1<<5) +#define LIBSSH2_TRACE_SFTP (1<<6) +#define LIBSSH2_TRACE_ERROR (1<<7) +#define LIBSSH2_TRACE_PUBLICKEY (1<<8) +#define LIBSSH2_TRACE_SOCKET (1<<9) typedef void (*libssh2_trace_handler_func)(LIBSSH2_SESSION*, void *, diff --git a/libssh2/include/libssh2_publickey.h b/libssh2/include/libssh2_publickey.h index 5dbdcf925..00ea5ffdc 100644 --- a/libssh2/include/libssh2_publickey.h +++ b/libssh2/include/libssh2_publickey.h @@ -72,9 +72,9 @@ typedef struct _libssh2_publickey_list { /* Generally use the first macro here, but if both name and value are string literals, you can use _fast() to take advantage of preprocessing */ #define libssh2_publickey_attribute(name, value, mandatory) \ - { (name), strlen(name), (value), strlen(value), (mandatory) }, + { (name), strlen(name), (value), strlen(value), (mandatory) }, #define libssh2_publickey_attribute_fast(name, value, mandatory) \ - { (name), sizeof(name) - 1, (value), sizeof(value) - 1, (mandatory) }, + { (name), sizeof(name) - 1, (value), sizeof(value) - 1, (mandatory) }, #ifdef __cplusplus extern "C" { @@ -92,10 +92,12 @@ libssh2_publickey_add_ex(LIBSSH2_PUBLICKEY *pkey, unsigned long blob_len, char overwrite, unsigned long num_attrs, const libssh2_publickey_attribute attrs[]); -#define libssh2_publickey_add(pkey, name, blob, blob_len, overwrite, \ - num_attrs, attrs) \ - libssh2_publickey_add_ex((pkey), (name), strlen(name), (blob), (blob_len), \ - (overwrite), (num_attrs), (attrs)) +#define libssh2_publickey_add(pkey, name, blob, blob_len, overwrite, \ + num_attrs, attrs) \ + libssh2_publickey_add_ex((pkey), \ + (name), strlen(name), \ + (blob), (blob_len), \ + (overwrite), (num_attrs), (attrs)) LIBSSH2_API int libssh2_publickey_remove_ex(LIBSSH2_PUBLICKEY *pkey, const unsigned char *name, @@ -103,7 +105,9 @@ LIBSSH2_API int libssh2_publickey_remove_ex(LIBSSH2_PUBLICKEY *pkey, const unsigned char *blob, unsigned long blob_len); #define libssh2_publickey_remove(pkey, name, blob, blob_len) \ - libssh2_publickey_remove_ex((pkey), (name), strlen(name), (blob), (blob_len)) + libssh2_publickey_remove_ex((pkey), \ + (name), strlen(name), \ + (blob), (blob_len)) LIBSSH2_API int libssh2_publickey_list_fetch(LIBSSH2_PUBLICKEY *pkey, @@ -119,4 +123,4 @@ LIBSSH2_API int libssh2_publickey_shutdown(LIBSSH2_PUBLICKEY *pkey); } /* extern "C" */ #endif -#endif /* ifndef: LIBSSH2_PUBLICKEY_H */ +#endif /* LIBSSH2_PUBLICKEY_H */ diff --git a/libssh2/include/libssh2_sftp.h b/libssh2/include/libssh2_sftp.h index 476ea8704..74f619fcc 100644 --- a/libssh2/include/libssh2_sftp.h +++ b/libssh2/include/libssh2_sftp.h @@ -40,7 +40,7 @@ #include "libssh2.h" -#ifndef WIN32 +#ifndef LIBSSH2_WIN32 #include #endif @@ -165,19 +165,19 @@ struct _LIBSSH2_SFTP_STATVFS { /* macros to check for specific file types, added in 1.2.5 */ #define LIBSSH2_SFTP_S_ISLNK(m) \ - (((m) & LIBSSH2_SFTP_S_IFMT) == LIBSSH2_SFTP_S_IFLNK) + (((m) & LIBSSH2_SFTP_S_IFMT) == LIBSSH2_SFTP_S_IFLNK) #define LIBSSH2_SFTP_S_ISREG(m) \ - (((m) & LIBSSH2_SFTP_S_IFMT) == LIBSSH2_SFTP_S_IFREG) + (((m) & LIBSSH2_SFTP_S_IFMT) == LIBSSH2_SFTP_S_IFREG) #define LIBSSH2_SFTP_S_ISDIR(m) \ - (((m) & LIBSSH2_SFTP_S_IFMT) == LIBSSH2_SFTP_S_IFDIR) + (((m) & LIBSSH2_SFTP_S_IFMT) == LIBSSH2_SFTP_S_IFDIR) #define LIBSSH2_SFTP_S_ISCHR(m) \ - (((m) & LIBSSH2_SFTP_S_IFMT) == LIBSSH2_SFTP_S_IFCHR) + (((m) & LIBSSH2_SFTP_S_IFMT) == LIBSSH2_SFTP_S_IFCHR) #define LIBSSH2_SFTP_S_ISBLK(m) \ - (((m) & LIBSSH2_SFTP_S_IFMT) == LIBSSH2_SFTP_S_IFBLK) + (((m) & LIBSSH2_SFTP_S_IFMT) == LIBSSH2_SFTP_S_IFBLK) #define LIBSSH2_SFTP_S_ISFIFO(m) \ - (((m) & LIBSSH2_SFTP_S_IFMT) == LIBSSH2_SFTP_S_IFIFO) + (((m) & LIBSSH2_SFTP_S_IFMT) == LIBSSH2_SFTP_S_IFIFO) #define LIBSSH2_SFTP_S_ISSOCK(m) \ - (((m) & LIBSSH2_SFTP_S_IFMT) == LIBSSH2_SFTP_S_IFSOCK) + (((m) & LIBSSH2_SFTP_S_IFMT) == LIBSSH2_SFTP_S_IFSOCK) /* SFTP File Transfer Flags -- (e.g. flags parameter to sftp_open()) * Danger will robinson... APPEND doesn't have any effect on OpenSSH servers */ @@ -230,12 +230,25 @@ libssh2_sftp_open_ex(LIBSSH2_SFTP *sftp, unsigned int filename_len, unsigned long flags, long mode, int open_type); -#define libssh2_sftp_open(sftp, filename, flags, mode) \ - libssh2_sftp_open_ex((sftp), (filename), strlen(filename), (flags), \ - (mode), LIBSSH2_SFTP_OPENFILE) +#define libssh2_sftp_open(sftp, filename, flags, mode) \ + libssh2_sftp_open_ex((sftp), \ + (filename), (unsigned int)strlen(filename), \ + (flags), (mode), LIBSSH2_SFTP_OPENFILE) #define libssh2_sftp_opendir(sftp, path) \ - libssh2_sftp_open_ex((sftp), (path), strlen(path), 0, 0, \ - LIBSSH2_SFTP_OPENDIR) + libssh2_sftp_open_ex((sftp), \ + (path), (unsigned int)strlen(path), \ + 0, 0, LIBSSH2_SFTP_OPENDIR) +LIBSSH2_API LIBSSH2_SFTP_HANDLE * +libssh2_sftp_open_ex_r(LIBSSH2_SFTP *sftp, + const char *filename, + size_t filename_len, + unsigned long flags, + long mode, int open_type, + LIBSSH2_SFTP_ATTRIBUTES *attrs); +#define libssh2_sftp_open_r(sftp, filename, flags, mode, attrs) \ + libssh2_sftp_open_ex_r((sftp), (filename), strlen(filename), \ + (flags), (mode), LIBSSH2_SFTP_OPENFILE, \ + (attrs)) LIBSSH2_API ssize_t libssh2_sftp_read(LIBSSH2_SFTP_HANDLE *handle, char *buffer, size_t buffer_maxlen); @@ -245,7 +258,7 @@ LIBSSH2_API int libssh2_sftp_readdir_ex(LIBSSH2_SFTP_HANDLE *handle, \ char *longentry, size_t longentry_maxlen, LIBSSH2_SFTP_ATTRIBUTES *attrs); -#define libssh2_sftp_readdir(handle, buffer, buffer_maxlen, attrs) \ +#define libssh2_sftp_readdir(handle, buffer, buffer_maxlen, attrs) \ libssh2_sftp_readdir_ex((handle), (buffer), (buffer_maxlen), NULL, 0, \ (attrs)) @@ -281,8 +294,9 @@ LIBSSH2_API int libssh2_sftp_rename_ex(LIBSSH2_SFTP *sftp, unsigned int dest_filename_len, long flags); #define libssh2_sftp_rename(sftp, sourcefile, destfile) \ - libssh2_sftp_rename_ex((sftp), (sourcefile), strlen(sourcefile), \ - (destfile), strlen(destfile), \ + libssh2_sftp_rename_ex((sftp), \ + (sourcefile), (unsigned int)strlen(sourcefile), \ + (destfile), (unsigned int)strlen(destfile), \ LIBSSH2_SFTP_RENAME_OVERWRITE | \ LIBSSH2_SFTP_RENAME_ATOMIC | \ LIBSSH2_SFTP_RENAME_NATIVE) @@ -305,13 +319,13 @@ LIBSSH2_API int libssh2_sftp_mkdir_ex(LIBSSH2_SFTP *sftp, const char *path, unsigned int path_len, long mode); #define libssh2_sftp_mkdir(sftp, path, mode) \ - libssh2_sftp_mkdir_ex((sftp), (path), strlen(path), (mode)) + libssh2_sftp_mkdir_ex((sftp), (path), (unsigned int)strlen(path), (mode)) LIBSSH2_API int libssh2_sftp_rmdir_ex(LIBSSH2_SFTP *sftp, const char *path, unsigned int path_len); #define libssh2_sftp_rmdir(sftp, path) \ - libssh2_sftp_rmdir_ex((sftp), (path), strlen(path)) + libssh2_sftp_rmdir_ex((sftp), (path), (unsigned int)strlen(path)) LIBSSH2_API int libssh2_sftp_stat_ex(LIBSSH2_SFTP *sftp, const char *path, @@ -319,14 +333,14 @@ LIBSSH2_API int libssh2_sftp_stat_ex(LIBSSH2_SFTP *sftp, int stat_type, LIBSSH2_SFTP_ATTRIBUTES *attrs); #define libssh2_sftp_stat(sftp, path, attrs) \ - libssh2_sftp_stat_ex((sftp), (path), strlen(path), LIBSSH2_SFTP_STAT, \ - (attrs)) + libssh2_sftp_stat_ex((sftp), (path), (unsigned int)strlen(path), \ + LIBSSH2_SFTP_STAT, (attrs)) #define libssh2_sftp_lstat(sftp, path, attrs) \ - libssh2_sftp_stat_ex((sftp), (path), strlen(path), LIBSSH2_SFTP_LSTAT, \ - (attrs)) + libssh2_sftp_stat_ex((sftp), (path), (unsigned int)strlen(path), \ + LIBSSH2_SFTP_LSTAT, (attrs)) #define libssh2_sftp_setstat(sftp, path, attrs) \ - libssh2_sftp_stat_ex((sftp), (path), strlen(path), LIBSSH2_SFTP_SETSTAT, \ - (attrs)) + libssh2_sftp_stat_ex((sftp), (path), (unsigned int)strlen(path), \ + LIBSSH2_SFTP_SETSTAT, (attrs)) LIBSSH2_API int libssh2_sftp_symlink_ex(LIBSSH2_SFTP *sftp, const char *path, @@ -335,13 +349,19 @@ LIBSSH2_API int libssh2_sftp_symlink_ex(LIBSSH2_SFTP *sftp, unsigned int target_len, int link_type); #define libssh2_sftp_symlink(sftp, orig, linkpath) \ - libssh2_sftp_symlink_ex((sftp), (orig), strlen(orig), (linkpath), \ - strlen(linkpath), LIBSSH2_SFTP_SYMLINK) + libssh2_sftp_symlink_ex((sftp), \ + (orig), (unsigned int)strlen(orig), \ + (linkpath), (unsigned int)strlen(linkpath), \ + LIBSSH2_SFTP_SYMLINK) #define libssh2_sftp_readlink(sftp, path, target, maxlen) \ - libssh2_sftp_symlink_ex((sftp), (path), strlen(path), (target), (maxlen), \ - LIBSSH2_SFTP_READLINK) + libssh2_sftp_symlink_ex((sftp), \ + (path), (unsigned int)strlen(path), \ + (target), (maxlen), \ + LIBSSH2_SFTP_READLINK) #define libssh2_sftp_realpath(sftp, path, target, maxlen) \ - libssh2_sftp_symlink_ex((sftp), (path), strlen(path), (target), (maxlen), \ + libssh2_sftp_symlink_ex((sftp), \ + (path), (unsigned int)strlen(path), \ + (target), (maxlen), \ LIBSSH2_SFTP_REALPATH) #ifdef __cplusplus diff --git a/libssh2/libssh2-style.el b/libssh2/libssh2-style.el new file mode 100644 index 000000000..4437f88ac --- /dev/null +++ b/libssh2/libssh2-style.el @@ -0,0 +1,50 @@ +;;;; Emacs Lisp help for writing libssh2 code. ;;;; + +;;; The libssh2 hacker's C conventions. +;;; See the sample.emacs file on how this file can be made to take +;;; effect automatically when editing libssh2 source files. + +(defconst libssh2-c-style + '((c-basic-offset . 4) + (c-comment-only-line-offset . 0) + (c-hanging-braces-alist . ((substatement-open before after))) + (c-offsets-alist . ((topmost-intro . 0) + (topmost-intro-cont . 0) + (substatement . +) + (substatement-open . 0) + (statement-case-intro . +) + (statement-case-open . 0) + (case-label . 0) + )) + ) + "Libssh2 C Programming Style") + +(defun libssh2-code-cleanup () + "tabify and delete trailing whitespace" + (interactive) + (untabify (point-min) (point-max)) + (delete-trailing-whitespace) +) + +;; Customizations for all of c-mode, c++-mode, and objc-mode +(defun libssh2-c-mode-common-hook () + "Libssh2 C mode hook" + ;; add libssh2 style and set it for the current buffer + (c-add-style "libssh2" libssh2-c-style t) + (setq tab-width 8 + indent-tabs-mode nil ; Use spaces, not tabs. + comment-column 40 + c-font-lock-extra-types (append '("libssh2_int64_t" "LIBSSH2_USERAUTH_KBDINT_PROMPT" "LIBSSH2_SESSION" "LIBSSH2_CHANNEL" "ssize_t" "size_t" "uint32_t" "LIBSSH2_LISTENER" "LIBSSH2_POLLFD")) + ) + ;; keybindings for C, C++, and Objective-C. We can put these in + ;; c-mode-base-map because of inheritance ... + (define-key c-mode-base-map "\M-q" 'c-fill-paragraph) + (define-key c-mode-base-map "\M-m" 'libssh2-code-cleanup) + (setq c-recognize-knr-p nil) + ;;; (add-hook 'write-file-hooks 'delete-trailing-whitespace t) + (setq show-trailing-whitespace t) + ) + +;; Set this is in your .emacs if you want to use the c-mode-hook as +;; defined here right out of the box. +; (add-hook 'c-mode-common-hook 'libssh2-c-mode-common-hook) diff --git a/libssh2/ltmain.sh b/libssh2/ltmain.sh index 21e5e0784..9b12fbb7f 100755 --- a/libssh2/ltmain.sh +++ b/libssh2/ltmain.sh @@ -1,12 +1,12 @@ -#! /bin/sh +#! /usr/bin/env sh ## DO NOT EDIT - This file generated from ./build-aux/ltmain.in -## by inline-source v2014-01-03.01 +## by inline-source v2019-02-19.15 -# libtool (GNU libtool) 2.4.6 +# libtool (GNU libtool) 2.4.7 # Provide generalized library-building support services. # Written by Gordon Matzigkeit , 1996 -# Copyright (C) 1996-2015 Free Software Foundation, Inc. +# Copyright (C) 1996-2019, 2021-2022 Free Software Foundation, Inc. # This is free software; see the source for copying conditions. There is NO # warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. @@ -31,8 +31,8 @@ PROGRAM=libtool PACKAGE=libtool -VERSION="2.4.6 Debian-2.4.6-15" -package_revision=2.4.6 +VERSION="2.4.7 Debian-2.4.7-5" +package_revision=2.4.7 ## ------ ## @@ -64,34 +64,25 @@ package_revision=2.4.6 # libraries, which are installed to $pkgauxdir. # Set a version string for this script. -scriptversion=2015-01-20.17; # UTC +scriptversion=2019-02-19.15; # UTC # General shell script boiler plate, and helper functions. # Written by Gary V. Vaughan, 2004 -# Copyright (C) 2004-2015 Free Software Foundation, Inc. -# This is free software; see the source for copying conditions. There is NO -# warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +# This is free software. There is NO warranty; not even for +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +# +# Copyright (C) 2004-2019, 2021 Bootstrap Authors +# +# This file is dual licensed under the terms of the MIT license +# , and GPL version 2 or later +# . You must apply one of +# these licenses when using or redistributing this software or any of +# the files within it. See the URLs above, or the file `LICENSE` +# included in the Bootstrap distribution for the full license texts. -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 3 of the License, or -# (at your option) any later version. - -# As a special exception to the GNU General Public License, if you distribute -# this file as part of a program or library that is built using GNU Libtool, -# you may include this file under the same distribution terms that you use -# for the rest of that program. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNES FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. - -# You should have received a copy of the GNU General Public License -# along with this program. If not, see . - -# Please report bugs or propose patches to gary@gnu.org. +# Please report bugs or propose patches to: +# ## ------ ## @@ -139,9 +130,12 @@ do _G_safe_locale=\"$_G_var=C; \$_G_safe_locale\" fi" done - -# CDPATH. -(unset CDPATH) >/dev/null 2>&1 && unset CDPATH +# These NLS vars are set unconditionally (bootstrap issue #24). Unset those +# in case the environment reset is needed later and the $save_* variant is not +# defined (see the code above). +LC_ALL=C +LANGUAGE=C +export LANGUAGE LC_ALL # Make sure IFS has a sensible default sp=' ' @@ -159,6 +153,26 @@ if test "${PATH_SEPARATOR+set}" != set; then fi +# func_unset VAR +# -------------- +# Portably unset VAR. +# In some shells, an 'unset VAR' statement leaves a non-zero return +# status if VAR is already unset, which might be problematic if the +# statement is used at the end of a function (thus poisoning its return +# value) or when 'set -e' is active (causing even a spurious abort of +# the script in this case). +func_unset () +{ + { eval $1=; (eval unset $1) >/dev/null 2>&1 && eval unset $1 || : ; } +} + + +# Make sure CDPATH doesn't cause `cd` commands to output the target dir. +func_unset CDPATH + +# Make sure ${,E,F}GREP behave sanely. +func_unset GREP_OPTIONS + ## ------------------------- ## ## Locate command utilities. ## @@ -259,7 +273,7 @@ test -z "$SED" && { rm -f conftest.in conftest.tmp conftest.nl conftest.out } - func_path_progs "sed gsed" func_check_prog_sed $PATH:/usr/xpg4/bin + func_path_progs "sed gsed" func_check_prog_sed "$PATH:/usr/xpg4/bin" rm -f conftest.sed SED=$func_path_progs_result } @@ -295,7 +309,7 @@ test -z "$GREP" && { rm -f conftest.in conftest.tmp conftest.nl conftest.out } - func_path_progs "grep ggrep" func_check_prog_grep $PATH:/usr/xpg4/bin + func_path_progs "grep ggrep" func_check_prog_grep "$PATH:/usr/xpg4/bin" GREP=$func_path_progs_result } @@ -360,6 +374,35 @@ sed_double_backslash="\ s/\\([^$_G_bs]\\)$_G_bs2$_G_dollar/\\1$_G_bs2$_G_bs$_G_dollar/g s/\n//g" +# require_check_ifs_backslash +# --------------------------- +# Check if we can use backslash as IFS='\' separator, and set +# $check_ifs_backshlash_broken to ':' or 'false'. +require_check_ifs_backslash=func_require_check_ifs_backslash +func_require_check_ifs_backslash () +{ + _G_save_IFS=$IFS + IFS='\' + _G_check_ifs_backshlash='a\\b' + for _G_i in $_G_check_ifs_backshlash + do + case $_G_i in + a) + check_ifs_backshlash_broken=false + ;; + '') + break + ;; + *) + check_ifs_backshlash_broken=: + break + ;; + esac + done + IFS=$_G_save_IFS + require_check_ifs_backslash=: +} + ## ----------------- ## ## Global variables. ## @@ -580,16 +623,16 @@ if test yes = "$_G_HAVE_PLUSEQ_OP"; then { $debug_cmd - func_quote_for_eval "$2" - eval "$1+=\\ \$func_quote_for_eval_result" + func_quote_arg pretty "$2" + eval "$1+=\\ \$func_quote_arg_result" }' else func_append_quoted () { $debug_cmd - func_quote_for_eval "$2" - eval "$1=\$$1\\ \$func_quote_for_eval_result" + func_quote_arg pretty "$2" + eval "$1=\$$1\\ \$func_quote_arg_result" } fi @@ -1091,85 +1134,203 @@ func_relative_path () } -# func_quote_for_eval ARG... -# -------------------------- -# Aesthetically quote ARGs to be evaled later. -# This function returns two values: -# i) func_quote_for_eval_result -# double-quoted, suitable for a subsequent eval -# ii) func_quote_for_eval_unquoted_result -# has all characters that are still active within double -# quotes backslashified. -func_quote_for_eval () +# func_quote_portable EVAL ARG +# ---------------------------- +# Internal function to portably implement func_quote_arg. Note that we still +# keep attention to performance here so we as much as possible try to avoid +# calling sed binary (so far O(N) complexity as long as func_append is O(1)). +func_quote_portable () { $debug_cmd - func_quote_for_eval_unquoted_result= - func_quote_for_eval_result= - while test 0 -lt $#; do - case $1 in + $require_check_ifs_backslash + + func_quote_portable_result=$2 + + # one-time-loop (easy break) + while true + do + if $1; then + func_quote_portable_result=`$ECHO "$2" | $SED \ + -e "$sed_double_quote_subst" -e "$sed_double_backslash"` + break + fi + + # Quote for eval. + case $func_quote_portable_result in *[\\\`\"\$]*) - _G_unquoted_arg=`printf '%s\n' "$1" |$SED "$sed_quote_subst"` ;; - *) - _G_unquoted_arg=$1 ;; - esac - if test -n "$func_quote_for_eval_unquoted_result"; then - func_append func_quote_for_eval_unquoted_result " $_G_unquoted_arg" - else - func_append func_quote_for_eval_unquoted_result "$_G_unquoted_arg" - fi + # Fallback to sed for $func_check_bs_ifs_broken=:, or when the string + # contains the shell wildcard characters. + case $check_ifs_backshlash_broken$func_quote_portable_result in + :*|*[\[\*\?]*) + func_quote_portable_result=`$ECHO "$func_quote_portable_result" \ + | $SED "$sed_quote_subst"` + break + ;; + esac - case $_G_unquoted_arg in - # Double-quote args containing shell metacharacters to delay - # word splitting, command substitution and variable expansion - # for a subsequent eval. - # Many Bourne shells cannot handle close brackets correctly - # in scan sets, so we specify it separately. - *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") - _G_quoted_arg=\"$_G_unquoted_arg\" + func_quote_portable_old_IFS=$IFS + for _G_char in '\' '`' '"' '$' + do + # STATE($1) PREV($2) SEPARATOR($3) + set start "" "" + func_quote_portable_result=dummy"$_G_char$func_quote_portable_result$_G_char"dummy + IFS=$_G_char + for _G_part in $func_quote_portable_result + do + case $1 in + quote) + func_append func_quote_portable_result "$3$2" + set quote "$_G_part" "\\$_G_char" + ;; + start) + set first "" "" + func_quote_portable_result= + ;; + first) + set quote "$_G_part" "" + ;; + esac + done + done + IFS=$func_quote_portable_old_IFS ;; - *) - _G_quoted_arg=$_G_unquoted_arg - ;; + *) ;; esac - - if test -n "$func_quote_for_eval_result"; then - func_append func_quote_for_eval_result " $_G_quoted_arg" - else - func_append func_quote_for_eval_result "$_G_quoted_arg" - fi - shift + break done + + func_quote_portable_unquoted_result=$func_quote_portable_result + case $func_quote_portable_result in + # double-quote args containing shell metacharacters to delay + # word splitting, command substitution and variable expansion + # for a subsequent eval. + # many bourne shells cannot handle close brackets correctly + # in scan sets, so we specify it separately. + *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") + func_quote_portable_result=\"$func_quote_portable_result\" + ;; + esac } -# func_quote_for_expand ARG -# ------------------------- -# Aesthetically quote ARG to be evaled later; same as above, -# but do not quote variable references. -func_quote_for_expand () +# func_quotefast_eval ARG +# ----------------------- +# Quote one ARG (internal). This is equivalent to 'func_quote_arg eval ARG', +# but optimized for speed. Result is stored in $func_quotefast_eval. +if test xyes = `(x=; printf -v x %q yes; echo x"$x") 2>/dev/null`; then + printf -v _GL_test_printf_tilde %q '~' + if test '\~' = "$_GL_test_printf_tilde"; then + func_quotefast_eval () + { + printf -v func_quotefast_eval_result %q "$1" + } + else + # Broken older Bash implementations. Make those faster too if possible. + func_quotefast_eval () + { + case $1 in + '~'*) + func_quote_portable false "$1" + func_quotefast_eval_result=$func_quote_portable_result + ;; + *) + printf -v func_quotefast_eval_result %q "$1" + ;; + esac + } + fi +else + func_quotefast_eval () + { + func_quote_portable false "$1" + func_quotefast_eval_result=$func_quote_portable_result + } +fi + + +# func_quote_arg MODEs ARG +# ------------------------ +# Quote one ARG to be evaled later. MODEs argument may contain zero or more +# specifiers listed below separated by ',' character. This function returns two +# values: +# i) func_quote_arg_result +# double-quoted (when needed), suitable for a subsequent eval +# ii) func_quote_arg_unquoted_result +# has all characters that are still active within double +# quotes backslashified. Available only if 'unquoted' is specified. +# +# Available modes: +# ---------------- +# 'eval' (default) +# - escape shell special characters +# 'expand' +# - the same as 'eval'; but do not quote variable references +# 'pretty' +# - request aesthetic output, i.e. '"a b"' instead of 'a\ b'. This might +# be used later in func_quote to get output like: 'echo "a b"' instead +# of 'echo a\ b'. This is slower than default on some shells. +# 'unquoted' +# - produce also $func_quote_arg_unquoted_result which does not contain +# wrapping double-quotes. +# +# Examples for 'func_quote_arg pretty,unquoted string': +# +# string | *_result | *_unquoted_result +# ------------+-----------------------+------------------- +# " | \" | \" +# a b | "a b" | a b +# "a b" | "\"a b\"" | \"a b\" +# * | "*" | * +# z="${x-$y}" | "z=\"\${x-\$y}\"" | z=\"\${x-\$y}\" +# +# Examples for 'func_quote_arg pretty,unquoted,expand string': +# +# string | *_result | *_unquoted_result +# --------------+---------------------+-------------------- +# z="${x-$y}" | "z=\"${x-$y}\"" | z=\"${x-$y}\" +func_quote_arg () { - $debug_cmd - - case $1 in - *[\\\`\"]*) - _G_arg=`$ECHO "$1" | $SED \ - -e "$sed_double_quote_subst" -e "$sed_double_backslash"` ;; - *) - _G_arg=$1 ;; - esac - - case $_G_arg in - # Double-quote args containing shell metacharacters to delay - # word splitting and command substitution for a subsequent eval. - # Many Bourne shells cannot handle close brackets correctly - # in scan sets, so we specify it separately. - *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") - _G_arg=\"$_G_arg\" + _G_quote_expand=false + case ,$1, in + *,expand,*) + _G_quote_expand=: ;; esac - func_quote_for_expand_result=$_G_arg + case ,$1, in + *,pretty,*|*,expand,*|*,unquoted,*) + func_quote_portable $_G_quote_expand "$2" + func_quote_arg_result=$func_quote_portable_result + func_quote_arg_unquoted_result=$func_quote_portable_unquoted_result + ;; + *) + # Faster quote-for-eval for some shells. + func_quotefast_eval "$2" + func_quote_arg_result=$func_quotefast_eval_result + ;; + esac +} + + +# func_quote MODEs ARGs... +# ------------------------ +# Quote all ARGs to be evaled later and join them into single command. See +# func_quote_arg's description for more info. +func_quote () +{ + $debug_cmd + _G_func_quote_mode=$1 ; shift + func_quote_result= + while test 0 -lt $#; do + func_quote_arg "$_G_func_quote_mode" "$1" + if test -n "$func_quote_result"; then + func_append func_quote_result " $func_quote_arg_result" + else + func_append func_quote_result "$func_quote_arg_result" + fi + shift + done } @@ -1215,8 +1376,8 @@ func_show_eval () _G_cmd=$1 _G_fail_exp=${2-':'} - func_quote_for_expand "$_G_cmd" - eval "func_notquiet $func_quote_for_expand_result" + func_quote_arg pretty,expand "$_G_cmd" + eval "func_notquiet $func_quote_arg_result" $opt_dry_run || { eval "$_G_cmd" @@ -1241,8 +1402,8 @@ func_show_eval_locale () _G_fail_exp=${2-':'} $opt_quiet || { - func_quote_for_expand "$_G_cmd" - eval "func_echo $func_quote_for_expand_result" + func_quote_arg expand,pretty "$_G_cmd" + eval "func_echo $func_quote_arg_result" } $opt_dry_run || { @@ -1369,30 +1530,26 @@ func_lt_ver () # End: #! /bin/sh -# Set a version string for this script. -scriptversion=2015-10-07.11; # UTC - # A portable, pluggable option parser for Bourne shell. # Written by Gary V. Vaughan, 2010 -# Copyright (C) 2010-2015 Free Software Foundation, Inc. -# This is free software; see the source for copying conditions. There is NO -# warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +# This is free software. There is NO warranty; not even for +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +# +# Copyright (C) 2010-2019, 2021 Bootstrap Authors +# +# This file is dual licensed under the terms of the MIT license +# , and GPL version 2 or later +# . You must apply one of +# these licenses when using or redistributing this software or any of +# the files within it. See the URLs above, or the file `LICENSE` +# included in the Bootstrap distribution for the full license texts. -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. +# Please report bugs or propose patches to: +# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. - -# You should have received a copy of the GNU General Public License -# along with this program. If not, see . - -# Please report bugs or propose patches to gary@gnu.org. +# Set a version string for this script. +scriptversion=2019-02-19.15; # UTC ## ------ ## @@ -1415,7 +1572,7 @@ scriptversion=2015-10-07.11; # UTC # # In order for the '--version' option to work, you will need to have a # suitably formatted comment like the one at the top of this file -# starting with '# Written by ' and ending with '# warranty; '. +# starting with '# Written by ' and ending with '# Copyright'. # # For '-h' and '--help' to work, you will also need a one line # description of your script's purpose in a comment directly above the @@ -1427,7 +1584,7 @@ scriptversion=2015-10-07.11; # UTC # to display verbose messages only when your user has specified # '--verbose'. # -# After sourcing this file, you can plug processing for additional +# After sourcing this file, you can plug in processing for additional # options by amending the variables from the 'Configuration' section # below, and following the instructions in the 'Option parsing' # section further down. @@ -1476,8 +1633,8 @@ fatal_help="Try '\$progname --help' for more information." ## ------------------------- ## # This section contains functions for adding, removing, and running hooks -# to the main code. A hook is just a named list of of function, that can -# be run in order later on. +# in the main code. A hook is just a list of function names that can be +# run in order later on. # func_hookable FUNC_NAME # ----------------------- @@ -1510,7 +1667,8 @@ func_add_hook () # func_remove_hook FUNC_NAME HOOK_FUNC # ------------------------------------ -# Remove HOOK_FUNC from the list of functions called by FUNC_NAME. +# Remove HOOK_FUNC from the list of hook functions to be called by +# FUNC_NAME. func_remove_hook () { $debug_cmd @@ -1519,10 +1677,28 @@ func_remove_hook () } +# func_propagate_result FUNC_NAME_A FUNC_NAME_B +# --------------------------------------------- +# If the *_result variable of FUNC_NAME_A _is set_, assign its value to +# *_result variable of FUNC_NAME_B. +func_propagate_result () +{ + $debug_cmd + + func_propagate_result_result=: + if eval "test \"\${${1}_result+set}\" = set" + then + eval "${2}_result=\$${1}_result" + else + func_propagate_result_result=false + fi +} + + # func_run_hooks FUNC_NAME [ARG]... # --------------------------------- # Run all hook functions registered to FUNC_NAME. -# It is assumed that the list of hook functions contains nothing more +# It's assumed that the list of hook functions contains nothing more # than a whitespace-delimited list of legal shell function names, and # no effort is wasted trying to catch shell meta-characters or preserve # whitespace. @@ -1534,22 +1710,19 @@ func_run_hooks () case " $hookable_fns " in *" $1 "*) ;; - *) func_fatal_error "'$1' does not support hook funcions.n" ;; + *) func_fatal_error "'$1' does not support hook functions." ;; esac eval _G_hook_fns=\$$1_hooks; shift for _G_hook in $_G_hook_fns; do - if eval $_G_hook '"$@"'; then - # store returned options list back into positional - # parameters for next 'cmd' execution. - eval _G_hook_result=\$${_G_hook}_result - eval set dummy "$_G_hook_result"; shift - _G_rc_run_hooks=: + func_unset "${_G_hook}_result" + eval $_G_hook '${1+"$@"}' + func_propagate_result $_G_hook func_run_hooks + if $func_propagate_result_result; then + eval set dummy "$func_run_hooks_result"; shift fi done - - $_G_rc_run_hooks && func_run_hooks_result=$_G_hook_result } @@ -1559,14 +1732,16 @@ func_run_hooks () ## --------------- ## # In order to add your own option parsing hooks, you must accept the -# full positional parameter list in your hook function, you may remove/edit -# any options that you action, and then pass back the remaining unprocessed -# options in '_result', escaped suitably for -# 'eval'. In this case you also must return $EXIT_SUCCESS to let the -# hook's caller know that it should pay attention to -# '_result'. Returning $EXIT_FAILURE signalizes that -# arguments are left untouched by the hook and therefore caller will ignore the -# result variable. +# full positional parameter list from your hook function. You may remove +# or edit any options that you action, and then pass back the remaining +# unprocessed options in '_result', escaped +# suitably for 'eval'. +# +# The '_result' variable is automatically unset +# before your hook gets called; for best performance, only set the +# *_result variable when necessary (i.e. don't call the 'func_quote' +# function unnecessarily because it can be an expensive operation on some +# machines). # # Like this: # @@ -1578,11 +1753,8 @@ func_run_hooks () # usage_message=$usage_message' # -s, --silent don'\''t print informational messages # ' -# # No change in '$@' (ignored completely by this hook). There is -# # no need to do the equivalent (but slower) action: -# # func_quote_for_eval ${1+"$@"} -# # my_options_prep_result=$func_quote_for_eval_result -# false +# # No change in '$@' (ignored completely by this hook). Leave +# # my_options_prep_result variable intact. # } # func_add_hook func_options_prep my_options_prep # @@ -1593,7 +1765,7 @@ func_run_hooks () # # args_changed=false # -# # Note that for efficiency, we parse as many options as we can +# # Note that, for efficiency, we parse as many options as we can # # recognise in a loop before passing the remainder back to the # # caller on the first unrecognised argument we encounter. # while test $# -gt 0; do @@ -1610,18 +1782,17 @@ func_run_hooks () # args_changed=: # ;; # *) # Make sure the first unrecognised option "$_G_opt" -# # is added back to "$@", we could need that later -# # if $args_changed is true. +# # is added back to "$@" in case we need it later, +# # if $args_changed was set to 'true'. # set dummy "$_G_opt" ${1+"$@"}; shift; break ;; # esac # done # +# # Only call 'func_quote' here if we processed at least one argument. # if $args_changed; then -# func_quote_for_eval ${1+"$@"} -# my_silent_option_result=$func_quote_for_eval_result +# func_quote eval ${1+"$@"} +# my_silent_option_result=$func_quote_result # fi -# -# $args_changed # } # func_add_hook func_parse_options my_silent_option # @@ -1632,8 +1803,6 @@ func_run_hooks () # # $opt_silent && $opt_verbose && func_fatal_help "\ # '--silent' and '--verbose' options are mutually exclusive." -# -# false # } # func_add_hook func_validate_options my_option_validation # @@ -1649,13 +1818,8 @@ func_options_finish () { $debug_cmd - _G_func_options_finish_exit=false - if func_run_hooks func_options ${1+"$@"}; then - func_options_finish_result=$func_run_hooks_result - _G_func_options_finish_exit=: - fi - - $_G_func_options_finish_exit + func_run_hooks func_options ${1+"$@"} + func_propagate_result func_run_hooks func_options_finish } @@ -1668,28 +1832,27 @@ func_options () { $debug_cmd - _G_rc_options=false + _G_options_quoted=false for my_func in options_prep parse_options validate_options options_finish do - if eval func_$my_func '${1+"$@"}'; then - eval _G_res_var='$'"func_${my_func}_result" - eval set dummy "$_G_res_var" ; shift - _G_rc_options=: + func_unset func_${my_func}_result + func_unset func_run_hooks_result + eval func_$my_func '${1+"$@"}' + func_propagate_result func_$my_func func_options + if $func_propagate_result_result; then + eval set dummy "$func_options_result"; shift + _G_options_quoted=: fi done - # Save modified positional parameters for caller. As a top-level - # options-parser function we always need to set the 'func_options_result' - # variable (regardless the $_G_rc_options value). - if $_G_rc_options; then - func_options_result=$_G_res_var - else - func_quote_for_eval ${1+"$@"} - func_options_result=$func_quote_for_eval_result - fi - - $_G_rc_options + $_G_options_quoted || { + # As we (func_options) are top-level options-parser function and + # nobody quoted "$@" for us yet, we need to do it explicitly for + # caller. + func_quote eval ${1+"$@"} + func_options_result=$func_quote_result + } } @@ -1699,8 +1862,7 @@ func_options () # Note that when calling hook functions, we pass through the list of # positional parameters. If a hook function modifies that list, and # needs to propagate that back to rest of this script, then the complete -# modified list must be put in 'func_run_hooks_result' before -# returning $EXIT_SUCCESS (otherwise $EXIT_FAILURE is returned). +# modified list must be put in 'func_run_hooks_result' before returning. func_hookable func_options_prep func_options_prep () { @@ -1710,14 +1872,8 @@ func_options_prep () opt_verbose=false opt_warning_types= - _G_rc_options_prep=false - if func_run_hooks func_options_prep ${1+"$@"}; then - _G_rc_options_prep=: - # save modified positional parameters for caller - func_options_prep_result=$func_run_hooks_result - fi - - $_G_rc_options_prep + func_run_hooks func_options_prep ${1+"$@"} + func_propagate_result func_run_hooks func_options_prep } @@ -1729,27 +1885,32 @@ func_parse_options () { $debug_cmd - func_parse_options_result= - - _G_rc_parse_options=false + _G_parse_options_requote=false # this just eases exit handling while test $# -gt 0; do # Defer to hook functions for initial option parsing, so they # get priority in the event of reusing an option name. - if func_run_hooks func_parse_options ${1+"$@"}; then - eval set dummy "$func_run_hooks_result"; shift - _G_rc_parse_options=: + func_run_hooks func_parse_options ${1+"$@"} + func_propagate_result func_run_hooks func_parse_options + if $func_propagate_result_result; then + eval set dummy "$func_parse_options_result"; shift + # Even though we may have changed "$@", we passed the "$@" array + # down into the hook and it quoted it for us (because we are in + # this if-branch). No need to quote it again. + _G_parse_options_requote=false fi # Break out of the loop if we already parsed every option. test $# -gt 0 || break + # We expect that one of the options parsed in this function matches + # and thus we remove _G_opt from "$@" and need to re-quote. _G_match_parse_options=: _G_opt=$1 shift case $_G_opt in --debug|-x) debug_cmd='set -x' - func_echo "enabling shell trace mode" + func_echo "enabling shell trace mode" >&2 $debug_cmd ;; @@ -1760,7 +1921,7 @@ func_parse_options () --warnings|--warning|-W) if test $# = 0 && func_missing_arg $_G_opt; then - _G_rc_parse_options=: + _G_parse_options_requote=: break fi case " $warning_categories $1" in @@ -1815,7 +1976,7 @@ func_parse_options () shift ;; - --) _G_rc_parse_options=: ; break ;; + --) _G_parse_options_requote=: ; break ;; -*) func_fatal_help "unrecognised option: '$_G_opt'" ;; *) set dummy "$_G_opt" ${1+"$@"}; shift _G_match_parse_options=false @@ -1823,17 +1984,16 @@ func_parse_options () ;; esac - $_G_match_parse_options && _G_rc_parse_options=: + if $_G_match_parse_options; then + _G_parse_options_requote=: + fi done - - if $_G_rc_parse_options; then + if $_G_parse_options_requote; then # save modified positional parameters for caller - func_quote_for_eval ${1+"$@"} - func_parse_options_result=$func_quote_for_eval_result + func_quote eval ${1+"$@"} + func_parse_options_result=$func_quote_result fi - - $_G_rc_parse_options } @@ -1846,21 +2006,14 @@ func_validate_options () { $debug_cmd - _G_rc_validate_options=false - # Display all warnings if -W was not given. test -n "$opt_warning_types" || opt_warning_types=" $warning_categories" - if func_run_hooks func_validate_options ${1+"$@"}; then - # save modified positional parameters for caller - func_validate_options_result=$func_run_hooks_result - _G_rc_validate_options=: - fi + func_run_hooks func_validate_options ${1+"$@"} + func_propagate_result func_run_hooks func_validate_options # Bail if the options were screwed! $exit_cmd $EXIT_FAILURE - - $_G_rc_validate_options } @@ -1916,8 +2069,8 @@ func_missing_arg () # func_split_equals STRING # ------------------------ -# Set func_split_equals_lhs and func_split_equals_rhs shell variables after -# splitting STRING at the '=' sign. +# Set func_split_equals_lhs and func_split_equals_rhs shell variables +# after splitting STRING at the '=' sign. test -z "$_G_HAVE_XSI_OPS" \ && (eval 'x=a/b/c; test 5aa/bb/cc = "${#x}${x%%/*}${x%/*}${x#*/}${x##*/}"') 2>/dev/null \ @@ -1932,8 +2085,9 @@ then func_split_equals_lhs=${1%%=*} func_split_equals_rhs=${1#*=} - test "x$func_split_equals_lhs" = "x$1" \ - && func_split_equals_rhs= + if test "x$func_split_equals_lhs" = "x$1"; then + func_split_equals_rhs= + fi }' else # ...otherwise fall back to using expr, which is often a shell builtin. @@ -1943,7 +2097,7 @@ else func_split_equals_lhs=`expr "x$1" : 'x\([^=]*\)'` func_split_equals_rhs= - test "x$func_split_equals_lhs" = "x$1" \ + test "x$func_split_equals_lhs=" = "x$1" \ || func_split_equals_rhs=`expr "x$1" : 'x[^=]*=\(.*\)$'` } fi #func_split_equals @@ -1969,7 +2123,7 @@ else { $debug_cmd - func_split_short_opt_name=`expr "x$1" : 'x-\(.\)'` + func_split_short_opt_name=`expr "x$1" : 'x\(-.\)'` func_split_short_opt_arg=`expr "x$1" : 'x-.\(.*\)$'` } fi #func_split_short_opt @@ -2011,31 +2165,44 @@ func_usage_message () # func_version # ------------ # Echo version message to standard output and exit. +# The version message is extracted from the calling file's header +# comments, with leading '# ' stripped: +# 1. First display the progname and version +# 2. Followed by the header comment line matching /^# Written by / +# 3. Then a blank line followed by the first following line matching +# /^# Copyright / +# 4. Immediately followed by any lines between the previous matches, +# except lines preceding the intervening completely blank line. +# For example, see the header comments of this file. func_version () { $debug_cmd printf '%s\n' "$progname $scriptversion" $SED -n ' - /(C)/!b go - :more - /\./!{ - N - s|\n# | | - b more + /^# Written by /!b + s|^# ||; p; n + + :fwd2blnk + /./ { + n + b fwd2blnk } - :go - /^# Written by /,/# warranty; / { - s|^# || - s|^# *$|| - s|\((C)\)[ 0-9,-]*[ ,-]\([1-9][0-9]* \)|\1 \2| - p + p; n + + :holdwrnt + s|^# || + s|^# *$|| + /^Copyright /!{ + /./H + n + b holdwrnt } - /^# Written by / { - s|^# || - p - } - /^warranty; /q' < "$progpath" + + s|\((C)\)[ 0-9,-]*[ ,-]\([1-9][0-9]* \)|\1 \2| + G + s|\(\n\)\n*|\1|g + p; q' < "$progpath" exit $? } @@ -2045,12 +2212,12 @@ func_version () # mode: shell-script # sh-indentation: 2 # eval: (add-hook 'before-save-hook 'time-stamp) -# time-stamp-pattern: "10/scriptversion=%:y-%02m-%02d.%02H; # UTC" +# time-stamp-pattern: "30/scriptversion=%:y-%02m-%02d.%02H; # UTC" # time-stamp-time-zone: "UTC" # End: # Set a version string. -scriptversion='(GNU libtool) 2.4.6' +scriptversion='(GNU libtool) 2.4.7' # func_echo ARG... @@ -2141,7 +2308,7 @@ include the following information: compiler: $LTCC compiler flags: $LTCFLAGS linker: $LD (gnu? $with_gnu_ld) - version: $progname $scriptversion Debian-2.4.6-15 + version: $progname $scriptversion Debian-2.4.7-5 automake: `($AUTOMAKE --version) 2>/dev/null |$SED 1q` autoconf: `($AUTOCONF --version) 2>/dev/null |$SED 1q` @@ -2197,7 +2364,7 @@ fi # a configuration failure hint, and exit. func_fatal_configuration () { - func__fatal_error ${1+"$@"} \ + func_fatal_error ${1+"$@"} \ "See the $PACKAGE documentation for more information." \ "Fatal configuration error." } @@ -2345,6 +2512,8 @@ libtool_options_prep () _G_rc_lt_options_prep=: + _G_rc_lt_options_prep=: + # Shorthand for --mode=foo, only valid as the first argument case $1 in clean|clea|cle|cl) @@ -2375,11 +2544,9 @@ libtool_options_prep () if $_G_rc_lt_options_prep; then # Pass back the list of options. - func_quote_for_eval ${1+"$@"} - libtool_options_prep_result=$func_quote_for_eval_result + func_quote eval ${1+"$@"} + libtool_options_prep_result=$func_quote_result fi - - $_G_rc_lt_options_prep } func_add_hook func_options_prep libtool_options_prep @@ -2482,11 +2649,9 @@ libtool_parse_options () if $_G_rc_lt_parse_options; then # save modified positional parameters for caller - func_quote_for_eval ${1+"$@"} - libtool_parse_options_result=$func_quote_for_eval_result + func_quote eval ${1+"$@"} + libtool_parse_options_result=$func_quote_result fi - - $_G_rc_lt_parse_options } func_add_hook func_parse_options libtool_parse_options @@ -2543,8 +2708,8 @@ libtool_validate_options () } # Pass back the unparsed argument list - func_quote_for_eval ${1+"$@"} - libtool_validate_options_result=$func_quote_for_eval_result + func_quote eval ${1+"$@"} + libtool_validate_options_result=$func_quote_result } func_add_hook func_validate_options libtool_validate_options @@ -3510,8 +3675,8 @@ func_mode_compile () esac done - func_quote_for_eval "$libobj" - test "X$libobj" != "X$func_quote_for_eval_result" \ + func_quote_arg pretty "$libobj" + test "X$libobj" != "X$func_quote_arg_result" \ && $ECHO "X$libobj" | $GREP '[]~#^*{};<>?"'"'"' &()|`$[]' \ && func_warning "libobj name '$libobj' may not contain shell special characters." func_dirname_and_basename "$obj" "/" "" @@ -3584,8 +3749,8 @@ compiler." func_to_tool_file "$srcfile" func_convert_file_msys_to_w32 srcfile=$func_to_tool_file_result - func_quote_for_eval "$srcfile" - qsrcfile=$func_quote_for_eval_result + func_quote_arg pretty "$srcfile" + qsrcfile=$func_quote_arg_result # Only build a PIC object if we are building libtool libraries. if test yes = "$build_libtool_libs"; then @@ -3740,7 +3905,8 @@ This mode accepts the following additional options: -prefer-non-pic try to build non-PIC objects only -shared do not build a '.o' file suitable for static linking -static only build a '.o' file suitable for static linking - -Wc,FLAG pass FLAG directly to the compiler + -Wc,FLAG + -Xcompiler FLAG pass FLAG directly to the compiler COMPILE-COMMAND is a command to be used in creating a 'standard' object file from the given SOURCEFILE. @@ -3846,6 +4012,8 @@ The following components of LINK-COMMAND are treated specially: -weak LIBNAME declare that the target provides the LIBNAME interface -Wc,FLAG -Xcompiler FLAG pass linker-specific FLAG directly to the compiler + -Wa,FLAG + -Xassembler FLAG pass linker-specific FLAG directly to the assembler -Wl,FLAG -Xlinker FLAG pass linker-specific FLAG directly to the linker -XCClinker FLAG pass link-specific FLAG to the compiler driver (CC) @@ -4188,8 +4356,8 @@ func_mode_install () case $nonopt in *shtool*) :;; *) false;; esac then # Aesthetically quote it. - func_quote_for_eval "$nonopt" - install_prog="$func_quote_for_eval_result " + func_quote_arg pretty "$nonopt" + install_prog="$func_quote_arg_result " arg=$1 shift else @@ -4199,8 +4367,8 @@ func_mode_install () # The real first argument should be the name of the installation program. # Aesthetically quote it. - func_quote_for_eval "$arg" - func_append install_prog "$func_quote_for_eval_result" + func_quote_arg pretty "$arg" + func_append install_prog "$func_quote_arg_result" install_shared_prog=$install_prog case " $install_prog " in *[\\\ /]cp\ *) install_cp=: ;; @@ -4257,12 +4425,12 @@ func_mode_install () esac # Aesthetically quote the argument. - func_quote_for_eval "$arg" - func_append install_prog " $func_quote_for_eval_result" + func_quote_arg pretty "$arg" + func_append install_prog " $func_quote_arg_result" if test -n "$arg2"; then - func_quote_for_eval "$arg2" + func_quote_arg pretty "$arg2" fi - func_append install_shared_prog " $func_quote_for_eval_result" + func_append install_shared_prog " $func_quote_arg_result" done test -z "$install_prog" && \ @@ -4273,8 +4441,8 @@ func_mode_install () if test -n "$install_override_mode" && $no_mode; then if $install_cp; then :; else - func_quote_for_eval "$install_override_mode" - func_append install_shared_prog " -m $func_quote_for_eval_result" + func_quote_arg pretty "$install_override_mode" + func_append install_shared_prog " -m $func_quote_arg_result" fi fi @@ -4570,8 +4738,8 @@ func_mode_install () relink_command=`$ECHO "$relink_command" | $SED 's%@OUTPUT@%'"$outputname"'%g'` $opt_quiet || { - func_quote_for_expand "$relink_command" - eval "func_echo $func_quote_for_expand_result" + func_quote_arg expand,pretty "$relink_command" + eval "func_echo $func_quote_arg_result" } if eval "$relink_command"; then : else @@ -5350,7 +5518,8 @@ else if test \"\$libtool_execute_magic\" != \"$magic\"; then file=\"\$0\"" - qECHO=`$ECHO "$ECHO" | $SED "$sed_quote_subst"` + func_quote_arg pretty "$ECHO" + qECHO=$func_quote_arg_result $ECHO "\ # A function that is used when there is no print builtin or printf. @@ -5360,7 +5529,7 @@ func_fallback_echo () \$1 _LTECHO_EOF' } - ECHO=\"$qECHO\" + ECHO=$qECHO fi # Very basic option parsing. These options are (a) specific to @@ -6703,9 +6872,9 @@ func_mode_link () while test "$#" -gt 0; do arg=$1 shift - func_quote_for_eval "$arg" - qarg=$func_quote_for_eval_unquoted_result - func_append libtool_args " $func_quote_for_eval_result" + func_quote_arg pretty,unquoted "$arg" + qarg=$func_quote_arg_unquoted_result + func_append libtool_args " $func_quote_arg_result" # If the previous option needs an argument, assign it. if test -n "$prev"; then @@ -6941,6 +7110,13 @@ func_mode_link () prev= continue ;; + xassembler) + func_append compiler_flags " -Xassembler $qarg" + prev= + func_append compile_command " -Xassembler $qarg" + func_append finalize_command " -Xassembler $qarg" + continue + ;; xcclinker) func_append linker_flags " $qarg" func_append compiler_flags " $qarg" @@ -7111,7 +7287,7 @@ func_mode_link () # These systems don't actually have a C library (as such) test X-lc = "X$arg" && continue ;; - *-*-openbsd* | *-*-freebsd* | *-*-dragonfly* | *-*-bitrig*) + *-*-openbsd* | *-*-freebsd* | *-*-dragonfly* | *-*-bitrig* | *-*-midnightbsd*) # Do not include libc due to us having libc/libc_r. test X-lc = "X$arg" && continue ;; @@ -7131,7 +7307,7 @@ func_mode_link () esac elif test X-lc_r = "X$arg"; then case $host in - *-*-openbsd* | *-*-freebsd* | *-*-dragonfly* | *-*-bitrig*) + *-*-openbsd* | *-*-freebsd* | *-*-dragonfly* | *-*-bitrig* | *-*-midnightbsd*) # Do not include libc_r directly, use -pthread flag. continue ;; @@ -7161,8 +7337,20 @@ func_mode_link () prev=xcompiler continue ;; - - -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe \ + # Solaris ld rejects as of 11.4. Refer to Oracle bug 22985199. + -pthread) + case $host in + *solaris2*) ;; + *) + case "$new_inherited_linker_flags " in + *" $arg "*) ;; + * ) func_append new_inherited_linker_flags " $arg" ;; + esac + ;; + esac + continue + ;; + -mt|-mthreads|-kthread|-Kthread|-pthreads|--thread-safe \ |-threads|-fopenmp|-openmp|-mp|-xopenmp|-omp|-qsmp=*) func_append compiler_flags " $arg" func_append compile_command " $arg" @@ -7303,9 +7491,9 @@ func_mode_link () save_ifs=$IFS; IFS=, for flag in $args; do IFS=$save_ifs - func_quote_for_eval "$flag" - func_append arg " $func_quote_for_eval_result" - func_append compiler_flags " $func_quote_for_eval_result" + func_quote_arg pretty "$flag" + func_append arg " $func_quote_arg_result" + func_append compiler_flags " $func_quote_arg_result" done IFS=$save_ifs func_stripname ' ' '' "$arg" @@ -7319,16 +7507,21 @@ func_mode_link () save_ifs=$IFS; IFS=, for flag in $args; do IFS=$save_ifs - func_quote_for_eval "$flag" - func_append arg " $wl$func_quote_for_eval_result" - func_append compiler_flags " $wl$func_quote_for_eval_result" - func_append linker_flags " $func_quote_for_eval_result" + func_quote_arg pretty "$flag" + func_append arg " $wl$func_quote_arg_result" + func_append compiler_flags " $wl$func_quote_arg_result" + func_append linker_flags " $func_quote_arg_result" done IFS=$save_ifs func_stripname ' ' '' "$arg" arg=$func_stripname_result ;; + -Xassembler) + prev=xassembler + continue + ;; + -Xcompiler) prev=xcompiler continue @@ -7346,8 +7539,8 @@ func_mode_link () # -msg_* for osf cc -msg_*) - func_quote_for_eval "$arg" - arg=$func_quote_for_eval_result + func_quote_arg pretty "$arg" + arg=$func_quote_arg_result ;; # Flags to be passed through unchanged, with rationale: @@ -7370,12 +7563,13 @@ func_mode_link () # -fuse-ld=* Linker select flags for GCC # -static-* direct GCC to link specific libraries statically # -fcilkplus Cilk Plus language extension features for C/C++ + # -Wa,* Pass flags directly to the assembler -64|-mips[0-9]|-r[0-9][0-9]*|-xarch=*|-xtarget=*|+DA*|+DD*|-q*|-m*| \ -t[45]*|-txscale*|-p|-pg|--coverage|-fprofile-*|-F*|@*|-tp=*|--sysroot=*| \ -O*|-g*|-flto*|-fwhopr*|-fuse-linker-plugin|-fstack-protector*|-stdlib=*| \ - -specs=*|-fsanitize=*|-fuse-ld=*|-static-*|-fcilkplus) - func_quote_for_eval "$arg" - arg=$func_quote_for_eval_result + -specs=*|-fsanitize=*|-fuse-ld=*|-static-*|-fcilkplus|-Wa,*) + func_quote_arg pretty "$arg" + arg=$func_quote_arg_result func_append compile_command " $arg" func_append finalize_command " $arg" func_append compiler_flags " $arg" @@ -7396,15 +7590,15 @@ func_mode_link () continue else # Otherwise treat like 'Some other compiler flag' below - func_quote_for_eval "$arg" - arg=$func_quote_for_eval_result + func_quote_arg pretty "$arg" + arg=$func_quote_arg_result fi ;; # Some other compiler flag. -* | +*) - func_quote_for_eval "$arg" - arg=$func_quote_for_eval_result + func_quote_arg pretty "$arg" + arg=$func_quote_arg_result ;; *.$objext) @@ -7524,8 +7718,8 @@ func_mode_link () *) # Unknown arguments in both finalize_command and compile_command need # to be aesthetically quoted because they are evaled later. - func_quote_for_eval "$arg" - arg=$func_quote_for_eval_result + func_quote_arg pretty "$arg" + arg=$func_quote_arg_result ;; esac # arg @@ -8733,7 +8927,7 @@ func_mode_link () test CXX = "$tagname" && { case $host_os in linux*) - case `$CC -V 2>&1 | sed 5q` in + case `$CC -V 2>&1 | $SED 5q` in *Sun\ C*) # Sun C++ 5.9 func_suncc_cstd_abi @@ -8906,7 +9100,7 @@ func_mode_link () # case $version_type in # correct linux to gnu/linux during the next big refactor - darwin|freebsd-elf|linux|osf|windows|none) + darwin|freebsd-elf|linux|midnightbsd-elf|osf|windows|none) func_arith $number_major + $number_minor current=$func_arith_result age=$number_minor @@ -9000,7 +9194,7 @@ func_mode_link () versuffix=.$current.$revision ;; - freebsd-elf) + freebsd-elf | midnightbsd-elf) func_arith $current - $age major=.$func_arith_result versuffix=$major.$age.$revision @@ -9226,7 +9420,7 @@ func_mode_link () *-*-netbsd*) # Don't link with libc until the a.out ld.so is fixed. ;; - *-*-openbsd* | *-*-freebsd* | *-*-dragonfly*) + *-*-openbsd* | *-*-freebsd* | *-*-dragonfly* | *-*-midnightbsd*) # Do not include libc due to us having libc/libc_r. ;; *-*-sco3.2v5* | *-*-sco5v6*) @@ -10037,8 +10231,8 @@ EOF for cmd in $concat_cmds; do IFS=$save_ifs $opt_quiet || { - func_quote_for_expand "$cmd" - eval "func_echo $func_quote_for_expand_result" + func_quote_arg expand,pretty "$cmd" + eval "func_echo $func_quote_arg_result" } $opt_dry_run || eval "$cmd" || { lt_exit=$? @@ -10131,8 +10325,8 @@ EOF eval cmd=\"$cmd\" IFS=$save_ifs $opt_quiet || { - func_quote_for_expand "$cmd" - eval "func_echo $func_quote_for_expand_result" + func_quote_arg expand,pretty "$cmd" + eval "func_echo $func_quote_arg_result" } $opt_dry_run || eval "$cmd" || { lt_exit=$? @@ -10606,12 +10800,13 @@ EOF elif eval var_value=\$$var; test -z "$var_value"; then relink_command="$var=; export $var; $relink_command" else - func_quote_for_eval "$var_value" - relink_command="$var=$func_quote_for_eval_result; export $var; $relink_command" + func_quote_arg pretty "$var_value" + relink_command="$var=$func_quote_arg_result; export $var; $relink_command" fi done - relink_command="(cd `pwd`; $relink_command)" - relink_command=`$ECHO "$relink_command" | $SED "$sed_quote_subst"` + func_quote eval cd "`pwd`" + func_quote_arg pretty,unquoted "($func_quote_result; $relink_command)" + relink_command=$func_quote_arg_unquoted_result fi # Only actually do things if not in dry run mode. @@ -10851,13 +11046,15 @@ EOF elif eval var_value=\$$var; test -z "$var_value"; then relink_command="$var=; export $var; $relink_command" else - func_quote_for_eval "$var_value" - relink_command="$var=$func_quote_for_eval_result; export $var; $relink_command" + func_quote_arg pretty,unquoted "$var_value" + relink_command="$var=$func_quote_arg_unquoted_result; export $var; $relink_command" fi done # Quote the link command for shipping. - relink_command="(cd `pwd`; $SHELL \"$progpath\" $preserve_args --mode=relink $libtool_args @inst_prefix_dir@)" - relink_command=`$ECHO "$relink_command" | $SED "$sed_quote_subst"` + func_quote eval cd "`pwd`" + relink_command="($func_quote_result; $SHELL \"$progpath\" $preserve_args --mode=relink $libtool_args @inst_prefix_dir@)" + func_quote_arg pretty,unquoted "$relink_command" + relink_command=$func_quote_arg_unquoted_result if test yes = "$hardcode_automatic"; then relink_command= fi diff --git a/libssh2/m4/autobuild.m4 b/libssh2/m4/autobuild.m4 index 2f94844e9..78b216774 100644 --- a/libssh2/m4/autobuild.m4 +++ b/libssh2/m4/autobuild.m4 @@ -14,31 +14,31 @@ # Usage: AB_INIT([MODE]). AC_DEFUN([AB_INIT], [ - AC_REQUIRE([AC_CANONICAL_BUILD]) - AC_REQUIRE([AC_CANONICAL_HOST]) + AC_REQUIRE([AC_CANONICAL_BUILD]) + AC_REQUIRE([AC_CANONICAL_HOST]) - if test -z "$AB_PACKAGE"; then - AB_PACKAGE=${PACKAGE_NAME:-$PACKAGE} - fi - AC_MSG_NOTICE([autobuild project... $AB_PACKAGE]) + if test -z "$AB_PACKAGE"; then + AB_PACKAGE=${PACKAGE_NAME:-$PACKAGE} + fi + AC_MSG_NOTICE([autobuild project... $AB_PACKAGE]) - if test -z "$AB_VERSION"; then - AB_VERSION=${PACKAGE_VERSION:-$VERSION} - fi - AC_MSG_NOTICE([autobuild revision... $AB_VERSION]) + if test -z "$AB_VERSION"; then + AB_VERSION=${PACKAGE_VERSION:-$VERSION} + fi + AC_MSG_NOTICE([autobuild revision... $AB_VERSION]) - hostname=`hostname` - if test "$hostname"; then - AC_MSG_NOTICE([autobuild hostname... $hostname]) - fi + hostname=`hostname` + if test "$hostname"; then + AC_MSG_NOTICE([autobuild hostname... $hostname]) + fi - ifelse([$1],[],,[AC_MSG_NOTICE([autobuild mode... $1])]) + ifelse([$1],[],,[AC_MSG_NOTICE([autobuild mode... $1])]) - date=`date +%Y%m%d-%H%M%S` - if test "$?" != 0; then - date=`date` - fi - if test "$date"; then - AC_MSG_NOTICE([autobuild timestamp... $date]) - fi + date=`date +%Y%m%d-%H%M%S` + if test "$?" != 0; then + date=`date` + fi + if test "$date"; then + AC_MSG_NOTICE([autobuild timestamp... $date]) + fi ]) diff --git a/libssh2/m4/lib-ld.m4 b/libssh2/m4/lib-ld.m4 index 96c4e2c33..db76f6bcf 100644 --- a/libssh2/m4/lib-ld.m4 +++ b/libssh2/m4/lib-ld.m4 @@ -59,7 +59,7 @@ if test "$GCC" = yes; then # Canonicalize the path of ld ac_prog=`echo $ac_prog| sed 's%\\\\%/%g'` while echo $ac_prog | grep "$re_direlt" > /dev/null 2>&1; do - ac_prog=`echo $ac_prog| sed "s%$re_direlt%/%"` + ac_prog=`echo $ac_prog| sed "s%$re_direlt%/%"` done test -z "$LD" && LD="$ac_prog" ;; @@ -89,9 +89,9 @@ AC_CACHE_VAL(acl_cv_path_LD, # Break only if it was the GNU/non-GNU ld that we prefer. case `"$acl_cv_path_LD" -v 2>&1 < /dev/null` in *GNU* | *'with BFD'*) - test "$with_gnu_ld" != no && break ;; + test "$with_gnu_ld" != no && break ;; *) - test "$with_gnu_ld" != yes && break ;; + test "$with_gnu_ld" != yes && break ;; esac fi done diff --git a/libssh2/m4/lib-link.m4 b/libssh2/m4/lib-link.m4 index f157d983d..7a41234bf 100644 --- a/libssh2/m4/lib-link.m4 +++ b/libssh2/m4/lib-link.m4 @@ -6,7 +6,7 @@ dnl with or without modifications, as long as this notice is preserved. dnl From Bruno Haible. -AC_PREREQ(2.54) +AC_PREREQ([2.54]) dnl AC_LIB_LINKFLAGS(name [, dependencies]) searches for libname and dnl the libraries corresponding to explicit and implicit dependencies. @@ -74,7 +74,7 @@ AC_DEFUN([AC_LIB_HAVE_LINKFLAGS], AC_CACHE_CHECK([for lib[]$1], [ac_cv_lib[]Name], [ ac_save_LIBS="$LIBS" LIBS="$LIBS $LIB[]NAME" - AC_TRY_LINK([$3], [$4], [ac_cv_lib[]Name=yes], [ac_cv_lib[]Name=no]) + AC_LINK_IFELSE([AC_LANG_PROGRAM([[$3]], [[$4]])],[ac_cv_lib[]Name=yes],[ac_cv_lib[]Name=no]) LIBS="$ac_save_LIBS" ]) if test "$ac_cv_lib[]Name" = yes; then diff --git a/libssh2/m4/libtool.m4 b/libssh2/m4/libtool.m4 index c4c02946d..e7b683345 100644 --- a/libssh2/m4/libtool.m4 +++ b/libssh2/m4/libtool.m4 @@ -1,6 +1,7 @@ # libtool.m4 - Configure libtool for the host system. -*-Autoconf-*- # -# Copyright (C) 1996-2001, 2003-2015 Free Software Foundation, Inc. +# Copyright (C) 1996-2001, 2003-2019, 2021-2022 Free Software +# Foundation, Inc. # Written by Gordon Matzigkeit, 1996 # # This file is free software; the Free Software Foundation gives @@ -31,7 +32,7 @@ m4_define([_LT_COPYING], [dnl # along with this program. If not, see . ]) -# serial 58 LT_INIT +# serial 59 LT_INIT # LT_PREREQ(VERSION) @@ -181,6 +182,7 @@ m4_require([_LT_FILEUTILS_DEFAULTS])dnl m4_require([_LT_CHECK_SHELL_FEATURES])dnl m4_require([_LT_PATH_CONVERSION_FUNCTIONS])dnl m4_require([_LT_CMD_RELOAD])dnl +m4_require([_LT_DECL_FILECMD])dnl m4_require([_LT_CHECK_MAGIC_METHOD])dnl m4_require([_LT_CHECK_SHAREDLIB_FROM_LINKLIB])dnl m4_require([_LT_CMD_OLD_ARCHIVE])dnl @@ -219,8 +221,8 @@ esac ofile=libtool can_build_shared=yes -# All known linkers require a '.a' archive for static linking (except MSVC, -# which needs '.lib'). +# All known linkers require a '.a' archive for static linking (except MSVC and +# ICC, which need '.lib'). libext=a with_gnu_ld=$lt_cv_prog_gnu_ld @@ -777,7 +779,7 @@ _LT_EOF # if finds mixed CR/LF and LF-only lines. Since sed operates in # text mode, it properly converts lines to CR/LF. This bash problem # is reportedly fixed, but why not run on old versions too? - sed '$q' "$ltmain" >> "$cfgfile" \ + $SED '$q' "$ltmain" >> "$cfgfile" \ || (rm -f "$cfgfile"; exit 1) mv -f "$cfgfile" "$ofile" || @@ -1041,8 +1043,8 @@ int forced_loaded() { return 2;} _LT_EOF echo "$LTCC $LTCFLAGS -c -o conftest.o conftest.c" >&AS_MESSAGE_LOG_FD $LTCC $LTCFLAGS -c -o conftest.o conftest.c 2>&AS_MESSAGE_LOG_FD - echo "$AR cr libconftest.a conftest.o" >&AS_MESSAGE_LOG_FD - $AR cr libconftest.a conftest.o 2>&AS_MESSAGE_LOG_FD + echo "$AR $AR_FLAGS libconftest.a conftest.o" >&AS_MESSAGE_LOG_FD + $AR $AR_FLAGS libconftest.a conftest.o 2>&AS_MESSAGE_LOG_FD echo "$RANLIB libconftest.a" >&AS_MESSAGE_LOG_FD $RANLIB libconftest.a 2>&AS_MESSAGE_LOG_FD cat > conftest.c << _LT_EOF @@ -1066,17 +1068,12 @@ _LT_EOF _lt_dar_allow_undefined='$wl-undefined ${wl}suppress' ;; darwin1.*) _lt_dar_allow_undefined='$wl-flat_namespace $wl-undefined ${wl}suppress' ;; - darwin*) # darwin 5.x on - # if running on 10.5 or later, the deployment target defaults - # to the OS version, if on x86, and 10.4, the deployment - # target defaults to 10.4. Don't you love it? - case ${MACOSX_DEPLOYMENT_TARGET-10.0},$host in - 10.0,*86*-darwin8*|10.0,*-darwin[[912]]*) - _lt_dar_allow_undefined='$wl-undefined ${wl}dynamic_lookup' ;; - 10.[[012]][[,.]]*) - _lt_dar_allow_undefined='$wl-flat_namespace $wl-undefined ${wl}suppress' ;; - 10.*|11.*) - _lt_dar_allow_undefined='$wl-undefined ${wl}dynamic_lookup' ;; + darwin*) + case $MACOSX_DEPLOYMENT_TARGET,$host in + 10.[[012]],*|,*powerpc*-darwin[[5-8]]*) + _lt_dar_allow_undefined='$wl-flat_namespace $wl-undefined ${wl}suppress' ;; + *) + _lt_dar_allow_undefined='$wl-undefined ${wl}dynamic_lookup' ;; esac ;; esac @@ -1125,12 +1122,12 @@ m4_defun([_LT_DARWIN_LINKER_FEATURES], output_verbose_link_cmd=func_echo_all _LT_TAGVAR(archive_cmds, $1)="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod$_lt_dsymutil" _LT_TAGVAR(module_cmds, $1)="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags$_lt_dsymutil" - _LT_TAGVAR(archive_expsym_cmds, $1)="sed 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod$_lt_dar_export_syms$_lt_dsymutil" - _LT_TAGVAR(module_expsym_cmds, $1)="sed -e 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags$_lt_dar_export_syms$_lt_dsymutil" + _LT_TAGVAR(archive_expsym_cmds, $1)="$SED 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod$_lt_dar_export_syms$_lt_dsymutil" + _LT_TAGVAR(module_expsym_cmds, $1)="$SED -e 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags$_lt_dar_export_syms$_lt_dsymutil" m4_if([$1], [CXX], [ if test yes != "$lt_cv_apple_cc_single_mod"; then _LT_TAGVAR(archive_cmds, $1)="\$CC -r -keep_private_externs -nostdlib -o \$lib-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$lib-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring$_lt_dsymutil" - _LT_TAGVAR(archive_expsym_cmds, $1)="sed 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC -r -keep_private_externs -nostdlib -o \$lib-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$lib-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring$_lt_dar_export_syms$_lt_dsymutil" + _LT_TAGVAR(archive_expsym_cmds, $1)="$SED 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC -r -keep_private_externs -nostdlib -o \$lib-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$lib-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring$_lt_dar_export_syms$_lt_dsymutil" fi ],[]) else @@ -1244,7 +1241,8 @@ _LT_DECL([], [ECHO], [1], [An echo program that protects backslashes]) # _LT_WITH_SYSROOT # ---------------- AC_DEFUN([_LT_WITH_SYSROOT], -[AC_MSG_CHECKING([for sysroot]) +[m4_require([_LT_DECL_SED])dnl +AC_MSG_CHECKING([for sysroot]) AC_ARG_WITH([sysroot], [AS_HELP_STRING([--with-sysroot@<:@=DIR@:>@], [Search for dependent libraries within DIR (or the compiler's sysroot @@ -1261,7 +1259,7 @@ case $with_sysroot in #( fi ;; #( /*) - lt_sysroot=`echo "$with_sysroot" | sed -e "$sed_quote_subst"` + lt_sysroot=`echo "$with_sysroot" | $SED -e "$sed_quote_subst"` ;; #( no|'') ;; #( @@ -1291,7 +1289,7 @@ ia64-*-hpux*) # options accordingly. echo 'int i;' > conftest.$ac_ext if AC_TRY_EVAL(ac_compile); then - case `/usr/bin/file conftest.$ac_objext` in + case `$FILECMD conftest.$ac_objext` in *ELF-32*) HPUX_IA64_MODE=32 ;; @@ -1308,7 +1306,7 @@ ia64-*-hpux*) echo '[#]line '$LINENO' "configure"' > conftest.$ac_ext if AC_TRY_EVAL(ac_compile); then if test yes = "$lt_cv_prog_gnu_ld"; then - case `/usr/bin/file conftest.$ac_objext` in + case `$FILECMD conftest.$ac_objext` in *32-bit*) LD="${LD-ld} -melf32bsmip" ;; @@ -1320,7 +1318,7 @@ ia64-*-hpux*) ;; esac else - case `/usr/bin/file conftest.$ac_objext` in + case `$FILECMD conftest.$ac_objext` in *32-bit*) LD="${LD-ld} -32" ;; @@ -1342,7 +1340,7 @@ mips64*-*linux*) echo '[#]line '$LINENO' "configure"' > conftest.$ac_ext if AC_TRY_EVAL(ac_compile); then emul=elf - case `/usr/bin/file conftest.$ac_objext` in + case `$FILECMD conftest.$ac_objext` in *32-bit*) emul="${emul}32" ;; @@ -1350,7 +1348,7 @@ mips64*-*linux*) emul="${emul}64" ;; esac - case `/usr/bin/file conftest.$ac_objext` in + case `$FILECMD conftest.$ac_objext` in *MSB*) emul="${emul}btsmip" ;; @@ -1358,7 +1356,7 @@ mips64*-*linux*) emul="${emul}ltsmip" ;; esac - case `/usr/bin/file conftest.$ac_objext` in + case `$FILECMD conftest.$ac_objext` in *N32*) emul="${emul}n32" ;; @@ -1378,14 +1376,14 @@ s390*-*linux*|s390*-*tpf*|sparc*-*linux*) # not appear in the list. echo 'int i;' > conftest.$ac_ext if AC_TRY_EVAL(ac_compile); then - case `/usr/bin/file conftest.o` in + case `$FILECMD conftest.o` in *32-bit*) case $host in x86_64-*kfreebsd*-gnu) LD="${LD-ld} -m elf_i386_fbsd" ;; x86_64-*linux*) - case `/usr/bin/file conftest.o` in + case `$FILECMD conftest.o` in *x86-64*) LD="${LD-ld} -m elf32_x86_64" ;; @@ -1453,7 +1451,7 @@ s390*-*linux*|s390*-*tpf*|sparc*-*linux*) # options accordingly. echo 'int i;' > conftest.$ac_ext if AC_TRY_EVAL(ac_compile); then - case `/usr/bin/file conftest.o` in + case `$FILECMD conftest.o` in *64-bit*) case $lt_cv_prog_gnu_ld in yes*) @@ -1492,9 +1490,22 @@ need_locks=$enable_libtool_lock m4_defun([_LT_PROG_AR], [AC_CHECK_TOOLS(AR, [ar], false) : ${AR=ar} -: ${AR_FLAGS=cr} _LT_DECL([], [AR], [1], [The archiver]) -_LT_DECL([], [AR_FLAGS], [1], [Flags to create an archive]) + +# Use ARFLAGS variable as AR's operation code to sync the variable naming with +# Automake. If both AR_FLAGS and ARFLAGS are specified, AR_FLAGS should have +# higher priority because thats what people were doing historically (setting +# ARFLAGS for automake and AR_FLAGS for libtool). FIXME: Make the AR_FLAGS +# variable obsoleted/removed. + +test ${AR_FLAGS+y} || AR_FLAGS=${ARFLAGS-cr} +lt_ar_flags=$AR_FLAGS +_LT_DECL([], [lt_ar_flags], [0], [Flags to create an archive (by configure)]) + +# Make AR_FLAGS overridable by 'make ARFLAGS='. Don't try to run-time override +# by AR_FLAGS because that was never working and AR_FLAGS is about to die. +_LT_DECL([], [AR_FLAGS], [\@S|@{ARFLAGS-"\@S|@lt_ar_flags"}], + [Flags to create an archive]) AC_CACHE_CHECK([for archiver @FILE support], [lt_cv_ar_at_file], [lt_cv_ar_at_file=no @@ -1713,7 +1724,7 @@ AC_CACHE_VAL([lt_cv_sys_max_cmd_len], [dnl lt_cv_sys_max_cmd_len=8192; ;; - bitrig* | darwin* | dragonfly* | freebsd* | netbsd* | openbsd*) + bitrig* | darwin* | dragonfly* | freebsd* | midnightbsd* | netbsd* | openbsd*) # This has been around since 386BSD, at least. Likely further. if test -x /sbin/sysctl; then lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax` @@ -1756,7 +1767,7 @@ AC_CACHE_VAL([lt_cv_sys_max_cmd_len], [dnl sysv5* | sco5v6* | sysv4.2uw2*) kargmax=`grep ARG_MAX /etc/conf/cf.d/stune 2>/dev/null` if test -n "$kargmax"; then - lt_cv_sys_max_cmd_len=`echo $kargmax | sed 's/.*[[ ]]//'` + lt_cv_sys_max_cmd_len=`echo $kargmax | $SED 's/.*[[ ]]//'` else lt_cv_sys_max_cmd_len=32768 fi @@ -2206,26 +2217,35 @@ m4_defun([_LT_CMD_STRIPLIB], striplib= old_striplib= AC_MSG_CHECKING([whether stripping libraries is possible]) -if test -n "$STRIP" && $STRIP -V 2>&1 | $GREP "GNU strip" >/dev/null; then - test -z "$old_striplib" && old_striplib="$STRIP --strip-debug" - test -z "$striplib" && striplib="$STRIP --strip-unneeded" - AC_MSG_RESULT([yes]) +if test -z "$STRIP"; then + AC_MSG_RESULT([no]) else -# FIXME - insert some real tests, host_os isn't really good enough - case $host_os in - darwin*) - if test -n "$STRIP"; then + if $STRIP -V 2>&1 | $GREP "GNU strip" >/dev/null; then + old_striplib="$STRIP --strip-debug" + striplib="$STRIP --strip-unneeded" + AC_MSG_RESULT([yes]) + else + case $host_os in + darwin*) + # FIXME - insert some real tests, host_os isn't really good enough striplib="$STRIP -x" old_striplib="$STRIP -S" AC_MSG_RESULT([yes]) - else + ;; + freebsd*) + if $STRIP -V 2>&1 | $GREP "elftoolchain" >/dev/null; then + old_striplib="$STRIP --strip-debug" + striplib="$STRIP --strip-unneeded" + AC_MSG_RESULT([yes]) + else + AC_MSG_RESULT([no]) + fi + ;; + *) AC_MSG_RESULT([no]) - fi - ;; - *) - AC_MSG_RESULT([no]) - ;; - esac + ;; + esac + fi fi _LT_DECL([], [old_striplib], [1], [Commands to strip libraries]) _LT_DECL([], [striplib], [1]) @@ -2548,7 +2568,7 @@ cygwin* | mingw* | pw32* | cegcc*) case $host_os in cygwin*) # Cygwin DLLs use 'cyg' prefix rather than 'lib' - soname_spec='`echo $libname | sed -e 's/^lib/cyg/'``echo $release | $SED -e 's/[[.]]/-/g'`$versuffix$shared_ext' + soname_spec='`echo $libname | $SED -e 's/^lib/cyg/'``echo $release | $SED -e 's/[[.]]/-/g'`$versuffix$shared_ext' m4_if([$1], [],[ sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/lib/w32api"]) ;; @@ -2558,14 +2578,14 @@ m4_if([$1], [],[ ;; pw32*) # pw32 DLLs use 'pw' prefix rather than 'lib' - library_names_spec='`echo $libname | sed -e 's/^lib/pw/'``echo $release | $SED -e 's/[[.]]/-/g'`$versuffix$shared_ext' + library_names_spec='`echo $libname | $SED -e 's/^lib/pw/'``echo $release | $SED -e 's/[[.]]/-/g'`$versuffix$shared_ext' ;; esac dynamic_linker='Win32 ld.exe' ;; - *,cl*) - # Native MSVC + *,cl* | *,icl*) + # Native MSVC or ICC libname_spec='$name' soname_spec='$libname`echo $release | $SED -e 's/[[.]]/-/g'`$versuffix$shared_ext' library_names_spec='$libname.dll.lib' @@ -2584,7 +2604,7 @@ m4_if([$1], [],[ done IFS=$lt_save_ifs # Convert to MSYS style. - sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | sed -e 's|\\\\|/|g' -e 's| \\([[a-zA-Z]]\\):| /\\1|g' -e 's|^ ||'` + sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's|\\\\|/|g' -e 's| \\([[a-zA-Z]]\\):| /\\1|g' -e 's|^ ||'` ;; cygwin*) # Convert to unix form, then to dos form, then back to unix form @@ -2621,7 +2641,7 @@ m4_if([$1], [],[ ;; *) - # Assume MSVC wrapper + # Assume MSVC and ICC wrapper library_names_spec='$libname`echo $release | $SED -e 's/[[.]]/-/g'`$versuffix$shared_ext $libname.lib' dynamic_linker='Win32 ld.exe' ;; @@ -2654,7 +2674,7 @@ dgux*) shlibpath_var=LD_LIBRARY_PATH ;; -freebsd* | dragonfly*) +freebsd* | dragonfly* | midnightbsd*) # DragonFly does not have aout. When/if they implement a new # versioning mechanism, adjust this. if test -x /usr/bin/objformat; then @@ -3465,7 +3485,7 @@ beos*) bsdi[[45]]*) lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (shared object|dynamic lib)' - lt_cv_file_magic_cmd='/usr/bin/file -L' + lt_cv_file_magic_cmd='$FILECMD -L' lt_cv_file_magic_test_file=/shlib/libc.so ;; @@ -3499,14 +3519,14 @@ darwin* | rhapsody*) lt_cv_deplibs_check_method=pass_all ;; -freebsd* | dragonfly*) +freebsd* | dragonfly* | midnightbsd*) if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then case $host_cpu in i*86 ) # Not sure whether the presence of OpenBSD here was a mistake. # Let's accept both of them until this is cleared up. lt_cv_deplibs_check_method='file_magic (FreeBSD|OpenBSD|DragonFly)/i[[3-9]]86 (compact )?demand paged shared library' - lt_cv_file_magic_cmd=/usr/bin/file + lt_cv_file_magic_cmd=$FILECMD lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*` ;; esac @@ -3520,7 +3540,7 @@ haiku*) ;; hpux10.20* | hpux11*) - lt_cv_file_magic_cmd=/usr/bin/file + lt_cv_file_magic_cmd=$FILECMD case $host_cpu in ia64*) lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|ELF-[[0-9]][[0-9]]) shared object file - IA64' @@ -3567,7 +3587,7 @@ netbsd* | netbsdelf*-gnu) newos6*) lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (executable|dynamic lib)' - lt_cv_file_magic_cmd=/usr/bin/file + lt_cv_file_magic_cmd=$FILECMD lt_cv_file_magic_test_file=/usr/lib/libnls.so ;; @@ -3694,13 +3714,13 @@ else mingw*) lt_bad_file=conftest.nm/nofile ;; *) lt_bad_file=/dev/null ;; esac - case `"$tmp_nm" -B $lt_bad_file 2>&1 | sed '1q'` in + case `"$tmp_nm" -B $lt_bad_file 2>&1 | $SED '1q'` in *$lt_bad_file* | *'Invalid file or object type'*) lt_cv_path_NM="$tmp_nm -B" break 2 ;; *) - case `"$tmp_nm" -p /dev/null 2>&1 | sed '1q'` in + case `"$tmp_nm" -p /dev/null 2>&1 | $SED '1q'` in */dev/null*) lt_cv_path_NM="$tmp_nm -p" break 2 @@ -3726,7 +3746,7 @@ else # Let the user override the test. else AC_CHECK_TOOLS(DUMPBIN, [dumpbin "link -dump"], :) - case `$DUMPBIN -symbols -headers /dev/null 2>&1 | sed '1q'` in + case `$DUMPBIN -symbols -headers /dev/null 2>&1 | $SED '1q'` in *COFF*) DUMPBIN="$DUMPBIN -symbols -headers" ;; @@ -3966,7 +3986,7 @@ esac if test "$lt_cv_nm_interface" = "MS dumpbin"; then # Gets list of data symbols to import. - lt_cv_sys_global_symbol_to_import="sed -n -e 's/^I .* \(.*\)$/\1/p'" + lt_cv_sys_global_symbol_to_import="$SED -n -e 's/^I .* \(.*\)$/\1/p'" # Adjust the below global symbol transforms to fixup imported variables. lt_cdecl_hook=" -e 's/^I .* \(.*\)$/extern __declspec(dllimport) char \1;/p'" lt_c_name_hook=" -e 's/^I .* \(.*\)$/ {\"\1\", (void *) 0},/p'" @@ -3984,20 +4004,20 @@ fi # Transform an extracted symbol line into a proper C declaration. # Some systems (esp. on ia64) link data and code symbols differently, # so use this general approach. -lt_cv_sys_global_symbol_to_cdecl="sed -n"\ +lt_cv_sys_global_symbol_to_cdecl="$SED -n"\ $lt_cdecl_hook\ " -e 's/^T .* \(.*\)$/extern int \1();/p'"\ " -e 's/^$symcode$symcode* .* \(.*\)$/extern char \1;/p'" # Transform an extracted symbol line into symbol name and symbol address -lt_cv_sys_global_symbol_to_c_name_address="sed -n"\ +lt_cv_sys_global_symbol_to_c_name_address="$SED -n"\ $lt_c_name_hook\ " -e 's/^: \(.*\) .*$/ {\"\1\", (void *) 0},/p'"\ " -e 's/^$symcode$symcode* .* \(.*\)$/ {\"\1\", (void *) \&\1},/p'" # Transform an extracted symbol line into symbol name with lib prefix and # symbol address. -lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="sed -n"\ +lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="$SED -n"\ $lt_c_name_lib_hook\ " -e 's/^: \(.*\) .*$/ {\"\1\", (void *) 0},/p'"\ " -e 's/^$symcode$symcode* .* \(lib.*\)$/ {\"\1\", (void *) \&\1},/p'"\ @@ -4021,7 +4041,7 @@ for ac_symprfx in "" "_"; do if test "$lt_cv_nm_interface" = "MS dumpbin"; then # Fake it for dumpbin and say T for any non-static function, # D for any global variable and I for any imported variable. - # Also find C++ and __fastcall symbols from MSVC++, + # Also find C++ and __fastcall symbols from MSVC++ or ICC, # which start with @ or ?. lt_cv_sys_global_symbol_pipe="$AWK ['"\ " {last_section=section; section=\$ 3};"\ @@ -4039,9 +4059,9 @@ for ac_symprfx in "" "_"; do " s[1]~prfx {split(s[1],t,\"@\"); print f,t[1],substr(t[1],length(prfx))}"\ " ' prfx=^$ac_symprfx]" else - lt_cv_sys_global_symbol_pipe="sed -n -e 's/^.*[[ ]]\($symcode$symcode*\)[[ ]][[ ]]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'" + lt_cv_sys_global_symbol_pipe="$SED -n -e 's/^.*[[ ]]\($symcode$symcode*\)[[ ]][[ ]]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'" fi - lt_cv_sys_global_symbol_pipe="$lt_cv_sys_global_symbol_pipe | sed '/ __gnu_lto/d'" + lt_cv_sys_global_symbol_pipe="$lt_cv_sys_global_symbol_pipe | $SED '/ __gnu_lto/d'" # Check to see that the pipe works correctly. pipe_works=no @@ -4329,7 +4349,7 @@ m4_if([$1], [CXX], [ ;; esac ;; - freebsd* | dragonfly*) + freebsd* | dragonfly* | midnightbsd*) # FreeBSD uses GNU C++ ;; hpux9* | hpux10* | hpux11*) @@ -4412,7 +4432,7 @@ m4_if([$1], [CXX], [ _LT_TAGVAR(lt_prog_compiler_static, $1)='-qstaticlink' ;; *) - case `$CC -V 2>&1 | sed 5q` in + case `$CC -V 2>&1 | $SED 5q` in *Sun\ C*) # Sun C++ 5.9 _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' @@ -4754,7 +4774,7 @@ m4_if([$1], [CXX], [ _LT_TAGVAR(lt_prog_compiler_static, $1)='-qstaticlink' ;; *) - case `$CC -V 2>&1 | sed 5q` in + case `$CC -V 2>&1 | $SED 5q` in *Sun\ Ceres\ Fortran* | *Sun*Fortran*\ [[1-7]].* | *Sun*Fortran*\ 8.[[0-3]]*) # Sun Fortran 8.3 passes all unrecognized flags to the linker _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' @@ -4937,7 +4957,7 @@ m4_if([$1], [CXX], [ if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then _LT_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && ([substr](\$ 3,1,1) != ".")) { if (\$ 2 == "W") { print \$ 3 " weak" } else { print \$ 3 } } }'\'' | sort -u > $export_symbols' else - _LT_TAGVAR(export_symbols_cmds, $1)='`func_echo_all $NM | $SED -e '\''s/B\([[^B]]*\)$/P\1/'\''` -PCpgl $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) && ([substr](\$ 1,1,1) != ".")) { if ((\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) { print \$ 1 " weak" } else { print \$ 1 } } }'\'' | sort -u > $export_symbols' + _LT_TAGVAR(export_symbols_cmds, $1)='`func_echo_all $NM | $SED -e '\''s/B\([[^B]]*\)$/P\1/'\''` -PCpgl $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "L") || (\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) && ([substr](\$ 1,1,1) != ".")) { if ((\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) { print \$ 1 " weak" } else { print \$ 1 } } }'\'' | sort -u > $export_symbols' fi ;; pw32*) @@ -4945,7 +4965,7 @@ m4_if([$1], [CXX], [ ;; cygwin* | mingw* | cegcc*) case $cc_basename in - cl*) + cl* | icl*) _LT_TAGVAR(exclude_expsyms, $1)='_NULL_IMPORT_DESCRIPTOR|_IMPORT_DESCRIPTOR_.*' ;; *) @@ -5005,15 +5025,15 @@ dnl Note also adjust exclude_expsyms for C++ above. case $host_os in cygwin* | mingw* | pw32* | cegcc*) - # FIXME: the MSVC++ port hasn't been tested in a loooong time + # FIXME: the MSVC++ and ICC port hasn't been tested in a loooong time # When not using gcc, we currently assume that we are using - # Microsoft Visual C++. + # Microsoft Visual C++ or Intel C++ Compiler. if test yes != "$GCC"; then with_gnu_ld=no fi ;; interix*) - # we just hope/assume this is gcc and not c89 (= MSVC++) + # we just hope/assume this is gcc and not c89 (= MSVC++ or ICC) with_gnu_ld=yes ;; openbsd* | bitrig*) @@ -5068,7 +5088,7 @@ dnl Note also adjust exclude_expsyms for C++ above. _LT_TAGVAR(whole_archive_flag_spec, $1)= fi supports_anon_versioning=no - case `$LD -v | $SED -e 's/([^)]\+)\s\+//' 2>&1` in + case `$LD -v | $SED -e 's/([[^)]]\+)\s\+//' 2>&1` in *GNU\ gold*) supports_anon_versioning=yes ;; *\ [[01]].* | *\ 2.[[0-9]].* | *\ 2.10.*) ;; # catch versions < 2.11 *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ... @@ -5180,6 +5200,7 @@ _LT_EOF emximp -o $lib $output_objdir/$libname.def' _LT_TAGVAR(old_archive_From_new_cmds, $1)='emximp -o $output_objdir/${libname}_dll.a $output_objdir/$libname.def' _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes + _LT_TAGVAR(file_list_spec, $1)='@' ;; interix[[3-9]]*) @@ -5194,7 +5215,7 @@ _LT_EOF # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link # time. Moving up from 0x10000000 also allows more sbrk(2) space. _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - _LT_TAGVAR(archive_expsym_cmds, $1)='sed "s|^|_|" $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--retain-symbols-file,$output_objdir/$soname.expsym $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='$SED "s|^|_|" $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--retain-symbols-file,$output_objdir/$soname.expsym $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' ;; gnu* | linux* | tpf* | k*bsd*-gnu | kopensolaris*-gnu) @@ -5237,7 +5258,7 @@ _LT_EOF _LT_TAGVAR(compiler_needs_object, $1)=yes ;; esac - case `$CC -V 2>&1 | sed 5q` in + case `$CC -V 2>&1 | $SED 5q` in *Sun\ C*) # Sun C 5.9 _LT_TAGVAR(whole_archive_flag_spec, $1)='$wl--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` $wl--no-whole-archive' _LT_TAGVAR(compiler_needs_object, $1)=yes @@ -5249,13 +5270,14 @@ _LT_EOF if test yes = "$supports_anon_versioning"; then _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~ - cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ + cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ echo "local: *; };" >> $output_objdir/$libname.ver~ $CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags $wl-soname $wl$soname $wl-version-script $wl$output_objdir/$libname.ver -o $lib' fi case $cc_basename in tcc*) + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir' _LT_TAGVAR(export_dynamic_flag_spec, $1)='-rdynamic' ;; xlf* | bgf* | bgxlf* | mpixlf*) @@ -5265,7 +5287,7 @@ _LT_EOF _LT_TAGVAR(archive_cmds, $1)='$LD -shared $libobjs $deplibs $linker_flags -soname $soname -o $lib' if test yes = "$supports_anon_versioning"; then _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~ - cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ + cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ echo "local: *; };" >> $output_objdir/$libname.ver~ $LD -shared $libobjs $deplibs $linker_flags -soname $soname -version-script $output_objdir/$libname.ver -o $lib' fi @@ -5397,7 +5419,7 @@ _LT_EOF if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then _LT_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && ([substr](\$ 3,1,1) != ".")) { if (\$ 2 == "W") { print \$ 3 " weak" } else { print \$ 3 } } }'\'' | sort -u > $export_symbols' else - _LT_TAGVAR(export_symbols_cmds, $1)='`func_echo_all $NM | $SED -e '\''s/B\([[^B]]*\)$/P\1/'\''` -PCpgl $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) && ([substr](\$ 1,1,1) != ".")) { if ((\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) { print \$ 1 " weak" } else { print \$ 1 } } }'\'' | sort -u > $export_symbols' + _LT_TAGVAR(export_symbols_cmds, $1)='`func_echo_all $NM | $SED -e '\''s/B\([[^B]]*\)$/P\1/'\''` -PCpgl $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "L") || (\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) && ([substr](\$ 1,1,1) != ".")) { if ((\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) { print \$ 1 " weak" } else { print \$ 1 } } }'\'' | sort -u > $export_symbols' fi aix_use_runtimelinking=no @@ -5580,12 +5602,12 @@ _LT_EOF cygwin* | mingw* | pw32* | cegcc*) # When not using gcc, we currently assume that we are using - # Microsoft Visual C++. + # Microsoft Visual C++ or Intel C++ Compiler. # hardcode_libdir_flag_spec is actually meaningless, as there is # no search path for DLLs. case $cc_basename in - cl*) - # Native MSVC + cl* | icl*) + # Native MSVC or ICC _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' ' _LT_TAGVAR(allow_undefined_flag, $1)=unsupported _LT_TAGVAR(always_export_symbols, $1)=yes @@ -5626,7 +5648,7 @@ _LT_EOF fi' ;; *) - # Assume MSVC wrapper + # Assume MSVC and ICC wrapper _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' ' _LT_TAGVAR(allow_undefined_flag, $1)=unsupported # Tell ltmain to make .lib files, not .a files. @@ -5674,7 +5696,7 @@ _LT_EOF ;; # FreeBSD 3 and greater uses gcc -shared to do shared libraries. - freebsd* | dragonfly*) + freebsd* | dragonfly* | midnightbsd*) _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' _LT_TAGVAR(hardcode_direct, $1)=yes @@ -5815,6 +5837,7 @@ _LT_EOF # Fabrice Bellard et al's Tiny C Compiler _LT_TAGVAR(ld_shlibs, $1)=yes _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir' ;; esac ;; @@ -5886,6 +5909,7 @@ _LT_EOF emximp -o $lib $output_objdir/$libname.def' _LT_TAGVAR(old_archive_From_new_cmds, $1)='emximp -o $output_objdir/${libname}_dll.a $output_objdir/$libname.def' _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes + _LT_TAGVAR(file_list_spec, $1)='@' ;; osf3*) @@ -6656,8 +6680,8 @@ if test yes != "$_lt_caught_CXX_error"; then cygwin* | mingw* | pw32* | cegcc*) case $GXX,$cc_basename in - ,cl* | no,cl*) - # Native MSVC + ,cl* | no,cl* | ,icl* | no,icl*) + # Native MSVC or ICC # hardcode_libdir_flag_spec is actually meaningless, as there is # no search path for DLLs. _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' ' @@ -6755,6 +6779,7 @@ if test yes != "$_lt_caught_CXX_error"; then emximp -o $lib $output_objdir/$libname.def' _LT_TAGVAR(old_archive_From_new_cmds, $1)='emximp -o $output_objdir/${libname}_dll.a $output_objdir/$libname.def' _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes + _LT_TAGVAR(file_list_spec, $1)='@' ;; dgux*) @@ -6785,7 +6810,7 @@ if test yes != "$_lt_caught_CXX_error"; then _LT_TAGVAR(archive_cmds_need_lc, $1)=no ;; - freebsd* | dragonfly*) + freebsd* | dragonfly* | midnightbsd*) # FreeBSD 3 and later use GNU C++ and GNU ld with standard ELF # conventions _LT_TAGVAR(ld_shlibs, $1)=yes @@ -6922,7 +6947,7 @@ if test yes != "$_lt_caught_CXX_error"; then # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link # time. Moving up from 0x10000000 also allows more sbrk(2) space. _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - _LT_TAGVAR(archive_expsym_cmds, $1)='sed "s|^|_|" $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--retain-symbols-file,$output_objdir/$soname.expsym $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='$SED "s|^|_|" $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--retain-symbols-file,$output_objdir/$soname.expsym $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' ;; irix5* | irix6*) case $cc_basename in @@ -7062,13 +7087,13 @@ if test yes != "$_lt_caught_CXX_error"; then _LT_TAGVAR(archive_cmds, $1)='$CC -qmkshrobj $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib' if test yes = "$supports_anon_versioning"; then _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~ - cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ + cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ echo "local: *; };" >> $output_objdir/$libname.ver~ $CC -qmkshrobj $libobjs $deplibs $compiler_flags $wl-soname $wl$soname $wl-version-script $wl$output_objdir/$libname.ver -o $lib' fi ;; *) - case `$CC -V 2>&1 | sed 5q` in + case `$CC -V 2>&1 | $SED 5q` in *Sun\ C*) # Sun C++ 5.9 _LT_TAGVAR(no_undefined_flag, $1)=' -zdefs' @@ -8214,6 +8239,14 @@ _LT_DECL([], [DLLTOOL], [1], [DLL creation program]) AC_SUBST([DLLTOOL]) ]) +# _LT_DECL_FILECMD +# ---------------- +# Check for a file(cmd) program that can be used to detect file type and magic +m4_defun([_LT_DECL_FILECMD], +[AC_CHECK_TOOL([FILECMD], [file], [:]) +_LT_DECL([], [FILECMD], [1], [A file(cmd) program that detects file types]) +])# _LD_DECL_FILECMD + # _LT_DECL_SED # ------------ # Check for a fully-functional sed program, that truncates diff --git a/libssh2/m4/ltoptions.m4 b/libssh2/m4/ltoptions.m4 index 94b082976..b0b5e9c21 100644 --- a/libssh2/m4/ltoptions.m4 +++ b/libssh2/m4/ltoptions.m4 @@ -1,7 +1,7 @@ # Helper functions for option handling. -*- Autoconf -*- # -# Copyright (C) 2004-2005, 2007-2009, 2011-2015 Free Software -# Foundation, Inc. +# Copyright (C) 2004-2005, 2007-2009, 2011-2019, 2021-2022 Free +# Software Foundation, Inc. # Written by Gary V. Vaughan, 2004 # # This file is free software; the Free Software Foundation gives diff --git a/libssh2/m4/ltsugar.m4 b/libssh2/m4/ltsugar.m4 index 48bc9344a..902508bd9 100644 --- a/libssh2/m4/ltsugar.m4 +++ b/libssh2/m4/ltsugar.m4 @@ -1,6 +1,6 @@ # ltsugar.m4 -- libtool m4 base layer. -*-Autoconf-*- # -# Copyright (C) 2004-2005, 2007-2008, 2011-2015 Free Software +# Copyright (C) 2004-2005, 2007-2008, 2011-2019, 2021-2022 Free Software # Foundation, Inc. # Written by Gary V. Vaughan, 2004 # diff --git a/libssh2/m4/ltversion.m4 b/libssh2/m4/ltversion.m4 index fa04b52a3..b155d0ace 100644 --- a/libssh2/m4/ltversion.m4 +++ b/libssh2/m4/ltversion.m4 @@ -1,6 +1,7 @@ # ltversion.m4 -- version numbers -*- Autoconf -*- # -# Copyright (C) 2004, 2011-2015 Free Software Foundation, Inc. +# Copyright (C) 2004, 2011-2019, 2021-2022 Free Software Foundation, +# Inc. # Written by Scott James Remnant, 2004 # # This file is free software; the Free Software Foundation gives @@ -9,15 +10,15 @@ # @configure_input@ -# serial 4179 ltversion.m4 +# serial 4245 ltversion.m4 # This file is part of GNU Libtool -m4_define([LT_PACKAGE_VERSION], [2.4.6]) -m4_define([LT_PACKAGE_REVISION], [2.4.6]) +m4_define([LT_PACKAGE_VERSION], [2.4.7]) +m4_define([LT_PACKAGE_REVISION], [2.4.7]) AC_DEFUN([LTVERSION_VERSION], -[macro_version='2.4.6' -macro_revision='2.4.6' +[macro_version='2.4.7' +macro_revision='2.4.7' _LT_DECL(, macro_version, 0, [Which release of libtool.m4 was used?]) _LT_DECL(, macro_revision, 0) ]) diff --git a/libssh2/m4/lt~obsolete.m4 b/libssh2/m4/lt~obsolete.m4 index c6b26f88f..0f7a8759d 100644 --- a/libssh2/m4/lt~obsolete.m4 +++ b/libssh2/m4/lt~obsolete.m4 @@ -1,7 +1,7 @@ # lt~obsolete.m4 -- aclocal satisfying obsolete definitions. -*-Autoconf-*- # -# Copyright (C) 2004-2005, 2007, 2009, 2011-2015 Free Software -# Foundation, Inc. +# Copyright (C) 2004-2005, 2007, 2009, 2011-2019, 2021-2022 Free +# Software Foundation, Inc. # Written by Scott James Remnant, 2004. # # This file is free software; the Free Software Foundation gives diff --git a/libssh2/maketgz b/libssh2/maketgz index b88d9608e..3f5a1932f 100755 --- a/libssh2/maketgz +++ b/libssh2/maketgz @@ -1,63 +1,66 @@ -#! /bin/sh -# Script to build release-archives with +#!/bin/sh +# Script to build release-archives with. Note that this requires a checkout +# from git and you should first run 'autoreconf -fi' and './configure'. # -version=$1 +version="$1" if [ -z "$version" ]; then echo "Specify a version number!" exit fi -if [ "xonly" = "x$2" ]; then - echo "Setup version number only!" - only=1 +if [ "only" = "$2" ]; then + echo "Setup version number only!" + only=1 fi libversion="$version" -major=`echo $libversion |cut -d. -f1 | sed -e "s/[^0-9]//g"` -minor=`echo $libversion |cut -d. -f2 | sed -e "s/[^0-9]//g"` -patch=`echo $libversion |cut -d. -f3 | cut -d- -f1 | sed -e "s/[^0-9]//g"` +major="$(echo "$libversion" | cut -d. -f1 | sed -e "s/[^0-9]//g")" +minor="$(echo "$libversion" | cut -d. -f2 | sed -e "s/[^0-9]//g")" +patch="$(echo "$libversion" | cut -d. -f3 | cut -d- -f1 | sed -e "s/[^0-9]//g")" -numeric=`perl -e 'printf("%02x%02x%02x\n", '"$major, $minor, $patch);"` +numeric="$(printf "%02x%02x%02x\n" "$major" "$minor" "$patch")" HEADER=include/libssh2.h if test -z "$only"; then - ext=".dist" - # when not setting up version numbers locally - for a in $HEADER; do - cp $a "$a$ext" - done - HEADER="$HEADER$ext" + ext=".dist" + # when not setting up version numbers locally + for a in $HEADER; do + cp "$a" "$a$ext" + done + HEADER="$HEADER$ext" fi # requires a date command that knows -u for UTC time zone -datestamp=`LC_TIME=C date -u` +datestamp="$(LC_TIME=C date -u)" # Replace in-place version number in header file: -sed -i -e 's/^#define LIBSSH2_VERSION .*/#define LIBSSH2_VERSION "'$libversion'"/g' \ - -e 's/^#define LIBSSH2_VERSION_NUM .*/#define LIBSSH2_VERSION_NUM 0x'$numeric'/g' \ - -e 's/^#define LIBSSH2_VERSION_MAJOR .*/#define LIBSSH2_VERSION_MAJOR '$major'/g' \ - -e 's/^#define LIBSSH2_VERSION_MINOR .*/#define LIBSSH2_VERSION_MINOR '$minor'/g' \ - -e 's/^#define LIBSSH2_VERSION_PATCH .*/#define LIBSSH2_VERSION_PATCH '$patch'/g' \ - -e "s/^#define LIBSSH2_TIMESTAMP .*/#define LIBSSH2_TIMESTAMP \"$datestamp\"/g" \ - $HEADER +sed -i.bak \ + -e "s/^#define LIBSSH2_VERSION .*/#define LIBSSH2_VERSION \"$libversion\"/g" \ + -e "s/^#define LIBSSH2_VERSION_NUM .*/#define LIBSSH2_VERSION_NUM 0x$numeric/g" \ + -e "s/^#define LIBSSH2_VERSION_MAJOR .*/#define LIBSSH2_VERSION_MAJOR $major/g" \ + -e "s/^#define LIBSSH2_VERSION_MINOR .*/#define LIBSSH2_VERSION_MINOR $minor/g" \ + -e "s/^#define LIBSSH2_VERSION_PATCH .*/#define LIBSSH2_VERSION_PATCH $patch/g" \ + -e "s/^#define LIBSSH2_TIMESTAMP .*/#define LIBSSH2_TIMESTAMP \"$datestamp\"/g" \ + "$HEADER" + +rm -f "$HEADER.bak" echo "libssh2 version $libversion" echo "libssh2 numerical $numeric" echo "datestamp $datestamp" if test -n "$only"; then - # done! - exit; + # done! + exit fi -findprog() -{ +findprog() { file="$1" - for part in `echo $PATH| tr ':' ' '`; do + for part in $(echo "$PATH" | tr ':' ' '); do path="$part/$file" if [ -x "$path" ]; then # there it is! @@ -76,7 +79,7 @@ findprog() # if { findprog automake >/dev/null 2>/dev/null; } then - echo "- Could not find or run automake, I hope you know what you're doing!" + echo "- Could not find or run automake, I hope you know what you are doing!" else echo "Runs automake --include-deps" automake --include-deps Makefile >/dev/null @@ -96,4 +99,53 @@ git log --pretty=fuller --no-color --date=short --decorate=full -1000 | ./git2ne echo "make dist" targz="libssh2-$version.tar.gz" -make -s dist VERSION=$version +make -s dist "VERSION=$version" +res=$? + +if test "$res" != 0; then + echo "make dist failed" + exit 2 +fi + +############################################################################ +# +# Now make a bz2 archive from the tar.gz original +# + +bzip2="libssh2-$version.tar.bz2" +echo "Generating $bzip2" +gzip -dc "$targz" | bzip2 --best > "$bzip2" + +############################################################################ +# +# Now make an xz archive from the tar.gz original +# + +xz="libssh2-$version.tar.xz" +echo "Generating $xz" +gzip -dc "$targz" | xz -6e - > "$xz" + +############################################################################ +# +# Now make a zip archive from the tar.gz original +# +makezip() { + rm -rf "$tempdir" + mkdir "$tempdir" + cd "$tempdir" || exit 1 + gzip -dc "../$targz" | tar -xf - + find . | zip "$zip" -@ >/dev/null + mv "$zip" ../ + cd .. || exit 1 + rm -rf "$tempdir" +} + +zip="libssh2-$version.zip" +echo "Generating $zip" +tempdir=".builddir" +makezip + +echo "------------------" +echo "maketgz report:" +echo "" +ls -l "$targz" "$bzip2" "$zip" "$xz" diff --git a/libssh2/missing b/libssh2/missing index 8d0eaad25..1fe1611f1 100755 --- a/libssh2/missing +++ b/libssh2/missing @@ -3,7 +3,7 @@ scriptversion=2018-03-07.03; # UTC -# Copyright (C) 1996-2020 Free Software Foundation, Inc. +# Copyright (C) 1996-2021 Free Software Foundation, Inc. # Originally written by Fran,cois Pinard , 1996. # This program is free software; you can redistribute it and/or modify diff --git a/libssh2/os400/README400 b/libssh2/os400/README400 index fdac7da5b..e14bcf364 100644 --- a/libssh2/os400/README400 +++ b/libssh2/os400/README400 @@ -38,7 +38,8 @@ familiar with. _ As a prerequisite, QADRT development environment must be installed. _ Install the libssh2 sources directory in IFS. -_ Enter shell (QSH) +_ Enter shell (QSH). You may need to change the LANG environment variable + to be in phase with the libssh2 source files CCSID. _ Change current directory to the libssh2 sources installation directory _ Change current directory to os400 _ Edit file iniscript.sh. You may want to change tunable configuration @@ -96,9 +97,9 @@ String transcoding support: values from/to the libssh2 API, three non-standard additional procedures are provided. They use a session pointer and a "string cache" pointer. Each time a string is transcoded, it is cached in the given cache. It is -the responsibility of the caller to release the cache when its associted strings -are no longer needed. These procedures and the string cache type are defined -in a new libssh2_ccsid.h header file. +the responsibility of the caller to release the cache when its associated +strings are no longer needed. These procedures and the string cache type are +defined in a new libssh2_ccsid.h header file. To create a string cache, use: #include diff --git a/libssh2/os400/ccsid.c b/libssh2/os400/ccsid.c index ef02f1d30..fdad8a652 100644 --- a/libssh2/os400/ccsid.c +++ b/libssh2/os400/ccsid.c @@ -138,7 +138,7 @@ convert_ccsid(LIBSSH2_SESSION *session, libssh2_string_cache **cache, termsize = terminator_size(outccsid); if (termsize < 0) return NULL; - + /* Prepare conversion parameters. */ memset((void *) &incode, 0, sizeof incode); memset((void *) &outcode, 0, sizeof outcode); diff --git a/libssh2/os400/include/assert.h b/libssh2/os400/include/assert.h new file mode 100644 index 000000000..33ea34776 --- /dev/null +++ b/libssh2/os400/include/assert.h @@ -0,0 +1,58 @@ +/* + * Copyright (C) 2023 Patrick Monnerat + * All rights reserved. + * + * Redistribution and use in source and binary forms, + * with or without modification, are permitted provided + * that the following conditions are met: + * + * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * + * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * Neither the name of the copyright holder nor the names + * of any other contributors may be used to endorse or + * promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND + * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE + * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY + * OF SUCH DAMAGE. + */ + +#ifndef LIBSSH2_ASSERT_H +#define LIBSSH2_ASSERT_H + +#include +#include + +/* Ascii assert() macro. */ + +#ifndef NDEBUG +#pragma convert(819) + +#define assert(expr) ((expr)? ((void) 0): (fprintf(stderr, \ + "Assertion failed: %s in file %s line %u. Aborting\n", \ + #expr, __FILE__, __LINE__), abort())) +#else +#define assert(expr) ((void) 0) +#endif +#endif + +/* vim: set expandtab ts=4 sw=4: */ diff --git a/libssh2/os400/initscript.sh b/libssh2/os400/initscript.sh index a18e24cfe..931c8cd88 100644 --- a/libssh2/os400/initscript.sh +++ b/libssh2/os400/initscript.sh @@ -49,8 +49,9 @@ setenv TGTCCSID '500' # Target CCSID of objects. setenv DEBUG '*ALL' # Debug level. setenv OPTIMIZE '10' # Optimisation level setenv OUTPUT '*NONE' # Compilation output option. -setenv TGTRLS 'V6R1M0' # Target OS release. +setenv TGTRLS 'V7R3M0' # Target OS release. setenv IFSDIR '/libssh2' # Installation IFS directory. +setenv QADRTDIR '/QIBM/ProdData/qadrt' # QADRT IFS directory. # Define ZLIB availability and locations. @@ -182,7 +183,7 @@ make_module() CMD="${CMD} SYSIFCOPT(*IFS64IO) OPTION(*INCDIRFIRST)" CMD="${CMD} LOCALETYPE(*LOCALE) FLAG(10)" CMD="${CMD} INCDIR('${TOPDIR}/os400/include'" - CMD="${CMD} '/QIBM/ProdData/qadrt/include' '${TOPDIR}/include'" + CMD="${CMD} '${QADRTDIR}/include' '${TOPDIR}/include'" CMD="${CMD} '${TOPDIR}/os400' '${SRCDIR}'" if [ "${WITH_ZLIB}" != "0" ] @@ -198,7 +199,7 @@ make_module() DEFINES="${3}" if [ "${WITH_ZLIB}" != "0" ] - then DEFINES="${DEFINES} HAVE_LIBZ LIBSSH2_HAVE_ZLIB" + then DEFINES="${DEFINES} LIBSSH2_HAVE_ZLIB" fi if [ "${DEFINES}" ] diff --git a/libssh2/os400/libssh2_config.h b/libssh2/os400/libssh2_config.h index 2e34c4c37..d137b41a9 100644 --- a/libssh2/os400/libssh2_config.h +++ b/libssh2/os400/libssh2_config.h @@ -59,25 +59,6 @@ /* Define to 1 if you have the header file. */ #define HAVE_ARPA_INET_H 1 -/* Define to 1 if you have the declaration of `SecureZeroMemory', and to 0 if - you don't. */ -#undef HAVE_DECL_SECUREZEROMEMORY - -/* disabled non-blocking sockets */ -#undef HAVE_DISABLED_NONBLOCKING - -/* Define to 1 if you have the header file. */ -#undef HAVE_DLFCN_H - -/* Define to 1 if you have the header file. */ -#define HAVE_ERRNO_H 1 - -/* Define to 1 if you have the `EVP_aes_128_ctr' function. */ -#undef HAVE_EVP_AES_128_CTR - -/* Define to 1 if you have the header file. */ -#define HAVE_FCNTL_H 1 - /* use FIONBIO for non-blocking sockets */ #undef HAVE_FIONBIO @@ -87,42 +68,15 @@ /* Define to 1 if you have the header file. */ #define HAVE_INTTYPES_H 1 -/* use ioctlsocket() for non-blocking sockets */ -#undef HAVE_IOCTLSOCKET - /* use Ioctlsocket() for non-blocking sockets */ #undef HAVE_IOCTLSOCKET_CASE -/* Define if you have the bcrypt library. */ -#undef HAVE_LIBBCRYPT - -/* Define if you have the crypt32 library. */ -#undef HAVE_LIBCRYPT32 - /* Define if you have the gcrypt library. */ #undef HAVE_LIBGCRYPT -/* Define if you have the ssl library. */ -#undef HAVE_LIBSSL - -/* Define if you have the z library. */ -/* #undef HAVE_LIBZ */ - -/* Define to 1 if the compiler supports the 'long long' data type. */ -#define HAVE_LONGLONG 1 - -/* Define to 1 if you have the header file. */ -#undef HAVE_MEMORY_H - /* Define to 1 if you have the header file. */ #define HAVE_NETINET_IN_H 1 -/* Define to 1 if you have the header file. */ -#undef HAVE_NTDEF_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_NTSTATUS_H - /* use O_NONBLOCK for non-blocking sockets */ #define HAVE_O_NONBLOCK 1 @@ -141,15 +95,6 @@ /* Define to 1 if you have the header file. */ #define HAVE_STDIO_H 1 -/* Define to 1 if you have the header file. */ -#define HAVE_STDLIB_H 1 - -/* Define to 1 if you have the header file. */ -#define HAVE_STRINGS_H 1 - -/* Define to 1 if you have the header file. */ -#define HAVE_STRING_H 1 - /* Define to 1 if you have the `strtoll' function. */ #define HAVE_STRTOLL 1 @@ -162,15 +107,9 @@ /* Define to 1 if you have the header file. */ #define HAVE_SYS_SOCKET_H 1 -/* Define to 1 if you have the header file. */ -#define HAVE_SYS_STAT_H 1 - /* Define to 1 if you have the header file. */ #define HAVE_SYS_TIME_H 1 -/* Define to 1 if you have the header file. */ -#define HAVE_SYS_TYPES_H 1 - /* Define to 1 if you have the header file. */ #define HAVE_SYS_UIO_H 1 @@ -180,36 +119,15 @@ /* Define to 1 if you have the header file. */ #define HAVE_UNISTD_H 1 -/* Define to 1 if you have the header file. */ -#undef HAVE_WINDOWS_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_WINSOCK2_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_WS2TCPIP_H - /* to make a symbol visible */ #undef LIBSSH2_API -/* Enable clearing of memory before being freed */ -#define LIBSSH2_CLEAR_MEMORY 1 - -/* Enable "none" cipher -- NOT RECOMMENDED */ -#undef LIBSSH2_CRYPT_NONE - -/* Enable newer diffie-hellman-group-exchange-sha1 syntax */ -#define LIBSSH2_DH_GEX_NEW 1 - /* Compile in zlib support */ /* #undef LIBSSH2_HAVE_ZLIB */ /* Use libgcrypt */ #undef LIBSSH2_LIBGCRYPT -/* Enable "none" MAC -- NOT RECOMMENDED */ -#undef LIBSSH2_MAC_NONE - /* Use OpenSSL */ #undef LIBSSH2_OPENSSL @@ -219,6 +137,10 @@ /* Use OS/400 Qc3 */ #define LIBSSH2_OS400QC3 +/* Use our platform-specific local implementation: + _libssh2_os400_snprintf */ +#define HAVE_SNPRINTF 1 + /* Define to the sub-directory in which libtool stores uninstalled libraries. */ #define LT_OBJDIR ".libs/" @@ -230,7 +152,7 @@ #define PACKAGE "libssh2" /* Define to the address where bug reports for this package should be sent. */ -#define PACKAGE_BUGREPORT "libssh2-devel@cool.haxx.se" +#define PACKAGE_BUGREPORT "libssh2-devel@lists.haxx.se" /* Define to the full name of this package. */ #define PACKAGE_NAME "libssh2" @@ -250,9 +172,9 @@ /* If using the C implementation of alloca, define if you know the direction of stack growth for your system; otherwise it will be automatically deduced at runtime. - STACK_DIRECTION > 0 => grows toward higher addresses - STACK_DIRECTION < 0 => grows toward lower addresses - STACK_DIRECTION = 0 => direction of growth unknown */ + STACK_DIRECTION > 0 => grows toward higher addresses + STACK_DIRECTION < 0 => grows toward lower addresses + STACK_DIRECTION = 0 => direction of growth unknown */ #undef STACK_DIRECTION /* Define to 1 if you have the ANSI C header files. */ @@ -265,11 +187,6 @@ significant byte first (like Motorola and SPARC, unlike Intel). */ #define WORDS_BIGENDIAN 1 -/* Enable large inode numbers on Mac OS X 10.5. */ -#ifndef _DARWIN_USE_64_BIT_INODE -# define _DARWIN_USE_64_BIT_INODE 1 -#endif - /* Number of bits in a file offset, on hosts where this is settable. */ #undef _FILE_OFFSET_BITS diff --git a/libssh2/os400/libssh2rpg/libssh2.rpgle.in b/libssh2/os400/libssh2rpg/libssh2.rpgle.in index 7b7fdd946..ea1db892d 100644 --- a/libssh2/os400/libssh2rpg/libssh2.rpgle.in +++ b/libssh2/os400/libssh2rpg/libssh2.rpgle.in @@ -58,7 +58,7 @@ d c @LIBSSH2_VERSION_PATCH@ * This is the numeric version of the libssh2 version number, meant for - * easier parsing and comparions by programs. The LIBSSH2_VERSION_NUM + * easier parsing and comparisons by programs. The LIBSSH2_VERSION_NUM * define will always follow this syntax: * * X'XXYYZZ' @@ -511,7 +511,7 @@ * * Fills algs with a list of supported cryptographic algorithms. Returns a * non-negative number (number of supported algorithms) on success or a - * negative number (an eror code) on failure. + * negative number (an error code) on failure. * * NOTE: on success, algs must be deallocated (by calling libssh2_free) * when not needed anymore @@ -772,7 +772,7 @@ * response_callback is provided with filled by library prompts array, * but client must allocate and fill individual responses. Responses * array is already allocated. Responses data will be freed by libssh2 - * after callback return, but before subsequent callback invokation. + * after callback return, but before subsequent callback invocation. d libssh2_userauth_keyboard_interactive_ex... d pr extproc('libssh2_userauth_keyboard_i- @@ -1519,7 +1519,7 @@ * libssh2_knownhost_get() * * Traverse the internal list of known hosts. Pass NULL to 'prev' to get - * the first one. Or pass a poiner to the previously returned one to + * the first one. Or pass a pointer to the previously returned one to * get the next. * * Returns: @@ -1580,7 +1580,7 @@ * libssh2_agent_get_identity() * * Traverse the internal list of public keys. Pass NULL to 'prev' to get - * the first one. Or pass a poiner to the previously returned one to + * the first one. Or pass a pointer to the previously returned one to * get the next. * * Returns: diff --git a/libssh2/os400/macros.h b/libssh2/os400/macros.h index 408b98d01..1e809e17c 100644 --- a/libssh2/os400/macros.h +++ b/libssh2/os400/macros.h @@ -116,9 +116,9 @@ libssh2_scp_send(LIBSSH2_SESSION *session, LIBSSH2_API int libssh2_publickey_add(LIBSSH2_PUBLICKEY *pkey, const unsigned char *name, - const unsigned char *blob, unsigned long blob_len, + const unsigned char *blob, unsigned long blob_len, char overwrite, unsigned long num_attrs, - const libssh2_publickey_attribute attrs[]); + const libssh2_publickey_attribute attrs[]); LIBSSH2_API int libssh2_publickey_remove(LIBSSH2_PUBLICKEY *pkey, const unsigned char *name, const unsigned char *blob, unsigned long blob_len); diff --git a/libssh2/os400/make-src.sh b/libssh2/os400/make-src.sh index 2e9a3c430..3d352cbe9 100644 --- a/libssh2/os400/make-src.sh +++ b/libssh2/os400/make-src.sh @@ -78,7 +78,7 @@ fi # Get source list. -cat ../Makefile.inc ../Makefile.os400qc3.inc | +cat Makefile.inc | sed -e ':begin' \ -e '/\\$/{' \ -e 's/\\$/ /' \ @@ -98,7 +98,7 @@ cat ../Makefile.inc ../Makefile.os400qc3.inc | INCLUDES="'`pwd`'" for SRC in "${TOPDIR}/os400/os400sys.c" "${TOPDIR}/os400/ccsid.c" \ - ${CSOURCES} ${CRYPTO_CSOURCES} macros.c + ${CSOURCES} macros.c do MODULE=`db2_name "${SRC}"` make_module "${MODULE}" "${SRC}" done diff --git a/libssh2/os400/make.sh b/libssh2/os400/make.sh index 0c9e3decd..0cfa7ec61 100644 --- a/libssh2/os400/make.sh +++ b/libssh2/os400/make.sh @@ -31,7 +31,7 @@ fi for TEXT in "${TOPDIR}/COPYING" "${SCRIPTDIR}/README400" \ "${TOPDIR}/NEWS" "${TOPDIR}/README" "${TOPDIR}/docs/AUTHORS" \ - "${TOPDIR}/docs/BINDINGS" + "${TOPDIR}/docs/BINDINGS.md" do MEMBER="${LIBIFSNAME}/DOCS.FILE/`db2_name \"${TEXT}\"`.MBR" if action_needed "${MEMBER}" "${TEXT}" diff --git a/libssh2/src/CMakeLists.txt b/libssh2/src/CMakeLists.txt index eee1a80d4..5bbed5e51 100644 --- a/libssh2/src/CMakeLists.txt +++ b/libssh2/src/CMakeLists.txt @@ -1,4 +1,5 @@ # Copyright (c) 2014 Alexander Lamaison +# Copyright (c) 2023 Viktor Szakats # # Redistribution and use in source and binary forms, # with or without modification, are permitted provided @@ -33,208 +34,19 @@ # USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY # OF SUCH DAMAGE. -include(CheckFunctionExists) -include(CheckSymbolExists) -include(CheckFunctionExistsMayNeedLibrary) -include(CheckIncludeFiles) -include(CheckTypeSize) -include(CheckSymbolExists) -include(CheckNonblockingSocketSupport) -include(SocketLibraries) - -## Cryptography backend choice - -set(CRYPTO_BACKEND - "" - CACHE - STRING - "The backend to use for cryptography: OpenSSL, Libgcrypt or WinCNG, mbedTLS -or empty to try any available") - -# If the crypto backend was given, rather than searching for the first -# we are able to find, the find_package commands must abort configuration -# and report to the user. if(CRYPTO_BACKEND) - set(SPECIFIC_CRYPTO_REQUIREMENT REQUIRED) -endif() - -if(CRYPTO_BACKEND STREQUAL "OpenSSL" OR NOT CRYPTO_BACKEND) - - find_package(OpenSSL ${SPECIFIC_CRYPTO_REQUIREMENT}) - - if(OPENSSL_FOUND) - set(CRYPTO_BACKEND "OpenSSL") - set(CRYPTO_SOURCES openssl.c openssl.h) - list(APPEND PRIVATE_COMPILE_DEFINITIONS LIBSSH2_OPENSSL) - list(APPEND PRIVATE_INCLUDE_DIRECTORIES ${OPENSSL_INCLUDE_DIR}) - list(APPEND LIBRARIES ${OPENSSL_LIBRARIES}) - list(APPEND PC_REQUIRES_PRIVATE libssl libcrypto) - - if (WIN32) - # Statically linking to OpenSSL requires crypt32 for some Windows APIs. - # This should really be handled by FindOpenSSL.cmake. - list(APPEND LIBRARIES crypt32) - list(APPEND PC_LIBS -lcrypt32) - - find_file(DLL_LIBEAY32 - NAMES libeay32.dll crypto.dll libcrypto-1_1.dll libcrypto-1_1-x64.dll - HINTS ${_OPENSSL_ROOT_HINTS} PATHS ${_OPENSSL_ROOT_PATHS} - PATH_SUFFIXES bin) - if (NOT DLL_LIBEAY32) - message(WARNING - "Unable to find OpenSSL crypto (aka libeay32) DLL, executables may not run") - endif() - - find_file(DLL_SSLEAY32 - NAMES ssleay32.dll ssl.dll libssl-1_1.dll libssl-1_1-x64.dll - HINTS ${_OPENSSL_ROOT_HINTS} PATHS ${_OPENSSL_ROOT_PATHS} - PATH_SUFFIXES bin) - if (NOT DLL_SSLEAY32) - message(WARNING - "Unable to find OpenSSL ssl (aka ssleay32) DLL, executables may not run") - endif() - - if(DLL_LIBEAY32 AND DLL_SSLEAY32) - list(APPEND _RUNTIME_DEPENDENCIES ${DLL_LIBEAY32} ${DLL_SSLEAY32}) - endif() - endif() - - # Not all OpenSSL have AES-CTR functions. - set(SAVE_CMAKE_REQUIRED_LIBRARIES ${CMAKE_REQUIRED_LIBRARIES}) - set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_LIBRARIES}) - check_function_exists(EVP_aes_128_ctr HAVE_EVP_AES_128_CTR) - set(CMAKE_REQUIRED_LIBRARIES ${SAVE_CMAKE_REQUIRED_LIBRARIES}) - endif() -endif() - -if(CRYPTO_BACKEND STREQUAL "Libgcrypt" OR NOT CRYPTO_BACKEND) - - find_package(Libgcrypt ${SPECIFIC_CRYPTO_REQUIREMENT}) - - if(LIBGCRYPT_FOUND) - set(CRYPTO_BACKEND "Libgcrypt") - set(CRYPTO_SOURCES libgcrypt.c libgcrypt.h) - list(APPEND PRIVATE_COMPILE_DEFINITIONS LIBSSH2_LIBGCRYPT) - list(APPEND PRIVATE_INCLUDE_DIRECTORIES ${LIBGCRYPT_INCLUDE_DIRS}) - list(APPEND LIBRARIES ${LIBGCRYPT_LIBRARIES}) - list(APPEND PC_LIBS -lgcrypt) - endif() -endif() - -if(CRYPTO_BACKEND STREQUAL "WinCNG" OR NOT CRYPTO_BACKEND) - - # The check actually compiles the header. This requires windows.h. - check_include_files("windows.h;bcrypt.h" HAVE_BCRYPT_H) - - if(HAVE_BCRYPT_H) - set(CRYPTO_BACKEND "WinCNG") - set(CRYPTO_SOURCES wincng.c wincng.h) - list(APPEND PRIVATE_COMPILE_DEFINITIONS LIBSSH2_WINCNG) - - set(HAVE_LIBCRYPT32 TRUE) - list(APPEND LIBRARIES bcrypt) - list(APPEND PC_LIBS -lbcrypt) - - check_include_files(ntdef.h HAVE_NTDEF_H) - check_include_files(ntstatus.h HAVE_NTSTATUS_H) - - # Reading keys from files is optional and depends on Wincrypt - check_include_files("windows.h;wincrypt.h" HAVE_WINCRYPT_H) - - if(HAVE_WINCRYPT_H) - list(APPEND LIBRARIES crypt32) - list(APPEND PC_LIBS -lcrypt32) - endif() - - elseif(${SPECIFIC_CRYPTO_REQUIREMENT} STREQUAL ${REQUIRED}) - message(FATAL_ERROR "WinCNG not available") - endif() -endif() - -if(CRYPTO_BACKEND STREQUAL "mbedTLS" OR NOT CRYPTO_BACKEND) - - find_package(mbedTLS ${SPECIFIC_CRYPTO_REQUIREMENT}) - - if(MBEDTLS_FOUND) - set(CRYPTO_BACKEND "mbedTLS") - set(CRYPTO_SOURCES mbedtls.c mbedtls.h) - list(APPEND PRIVATE_COMPILE_DEFINITIONS LIBSSH2_MBEDTLS) - list(APPEND PRIVATE_INCLUDE_DIRECTORIES ${MBEDTLS_INCLUDE_DIR}) - list(APPEND LIBRARIES ${MBEDTLS_LIBRARIES}) - list(APPEND PC_LIBS -lmbedcrypto) - link_directories(${MBEDTLS_LIBRARY_DIR}) - endif() -endif() - -if(NOT CRYPTO_BACKEND) + list(APPEND PRIVATE_COMPILE_DEFINITIONS ${CRYPTO_BACKEND_DEFINE}) + list(APPEND PRIVATE_INCLUDE_DIRECTORIES ${CRYPTO_BACKEND_INCLUDE_DIR}) +else() message(FATAL_ERROR "No suitable cryptography backend found.") endif() -## Library definition - -include(GNUInstallDirs) -set(SOURCES - ${CRYPTO_SOURCES} - agent.c - agent_win.c - blf.h - bcrypt_pbkdf.c - blowfish.c - channel.c - channel.h - comp.c - comp.h - crypt.c - crypto.h - global.c - hostkey.c - keepalive.c - kex.c - knownhost.c - libssh2_priv.h - mac.c - mac.h - misc.c - misc.h - packet.c - packet.h - pem.c - publickey.c - scp.c - session.c - session.h - sftp.c - sftp.h - transport.c - transport.h - userauth.c - userauth.h - version.c) - -if(WIN32) - list(APPEND SOURCES ${PROJECT_SOURCE_DIR}/win32/libssh2.rc) -endif() - -add_library(libssh2 ${SOURCES}) -# we want it to be called libssh2 on all platforms -set_target_properties(libssh2 PROPERTIES PREFIX "") - -target_compile_definitions(libssh2 PRIVATE ${PRIVATE_COMPILE_DEFINITIONS}) -target_include_directories(libssh2 - PRIVATE "${PROJECT_SOURCE_DIR}/include/" ${PRIVATE_INCLUDE_DIRECTORIES} - PUBLIC - $ - $/${CMAKE_INSTALL_INCLUDEDIR}>) - ## Options option(CLEAR_MEMORY "Enable clearing of memory before being freed" ON) -if(CLEAR_MEMORY) - add_definitions(-DLIBSSH2_CLEAR_MEMORY) -endif(CLEAR_MEMORY) - -add_feature_info("Shared library" BUILD_SHARED_LIBS - "creating libssh2 as a shared library (.so/.dll)") +if(NOT CLEAR_MEMORY) + list(APPEND libssh2_DEFINITIONS LIBSSH2_NO_CLEAR_MEMORY) +endif() option(ENABLE_ZLIB_COMPRESSION "Use zlib for compression") add_feature_info(Compression ENABLE_ZLIB_COMPRESSION @@ -242,134 +54,81 @@ add_feature_info(Compression ENABLE_ZLIB_COMPRESSION if(ENABLE_ZLIB_COMPRESSION) find_package(ZLIB REQUIRED) - target_include_directories(libssh2 PRIVATE ${ZLIB_INCLUDE_DIRS}) + list(APPEND libssh2_INCLUDE_DIRS ${ZLIB_INCLUDE_DIRS}) list(APPEND LIBRARIES ${ZLIB_LIBRARIES}) list(APPEND PC_REQUIRES_PRIVATE zlib) if(ZLIB_FOUND) - target_compile_definitions(libssh2 PRIVATE LIBSSH2_HAVE_ZLIB=1) + list(APPEND libssh2_DEFINITIONS LIBSSH2_HAVE_ZLIB) endif() endif() -option(ENABLE_CRYPT_NONE "Permit \"none\" cipher -- NOT RECOMMENDED") -add_feature_info("\"none\" cipher" ENABLE_CRYPT_NONE "") -if(ENABLE_CRYPT_NONE) - target_compile_definitions(libssh2 PRIVATE LIBSSH2_CRYPT_NONE=1) +list(APPEND LIBRARIES ${SOCKET_LIBRARIES}) + +if(WIN32) + list(APPEND PC_LIBS -lws2_32) endif() -option(ENABLE_MAC_NONE "Permit \"none\" MAC -- NOT RECOMMMENDED") -add_feature_info("\"none\" MAC" ENABLE_MAC_NONE "") -if(ENABLE_MAC_NONE) - target_compile_definitions(libssh2 PRIVATE LIBSSH2_MAC_NONE=1) -endif() - -option(ENABLE_GEX_NEW - "Enable diffie-hellman-group-exchange-sha1 method" ON) -add_feature_info("diffie-hellman-group-exchange-sha1" ENABLE_GEX_NEW - "\"new\" diffie-hellman-group-exchange-sha1 method") -if(ENABLE_GEX_NEW) - target_compile_definitions(libssh2 PRIVATE LIBSSH2_DH_GEX_NEW=1) -endif() - -# Enable debugging logging by default if the user configured a debug build -if(CMAKE_BUILD_TYPE STREQUAL "Debug") - set(DEBUG_LOGGING_DEFAULT ON) -else() - set(DEBUG_LOGGING_DEFAULT OFF) -endif() -option(ENABLE_DEBUG_LOGGING "log execution with debug trace" - ${DEBUG_LOGGING_DEFAULT}) -add_feature_info(Logging ENABLE_DEBUG_LOGGING - "Logging of execution with debug trace") -if(ENABLE_DEBUG_LOGGING) - target_compile_definitions(libssh2 PRIVATE LIBSSH2DEBUG) -endif() - -## Platform checks -check_include_files(unistd.h HAVE_UNISTD_H) -check_include_files(inttypes.h HAVE_INTTYPES_H) -check_include_files(stdlib.h HAVE_STDLIB_H) -check_include_files(sys/select.h HAVE_SYS_SELECT_H) - -check_include_files(sys/uio.h HAVE_SYS_UIO_H) -check_include_files(sys/socket.h HAVE_SYS_SOCKET_H) -check_include_files(sys/ioctl.h HAVE_SYS_IOCTL_H) -check_include_files(sys/time.h HAVE_SYS_TIME_H) -check_include_files(sys/un.h HAVE_SYS_UN_H) -check_include_files(windows.h HAVE_WINDOWS_H) -check_include_files(ws2tcpip.h HAVE_WS2TCPIP_H) -check_include_files(winsock2.h HAVE_WINSOCK2_H) - -check_type_size("long long" LONGLONG) - -if(HAVE_SYS_TIME_H) - check_symbol_exists(gettimeofday sys/time.h HAVE_GETTIMEOFDAY) -else() - check_function_exists(gettimeofday HAVE_GETTIMEOFDAY) -endif() -if(HAVE_STDLIB_H) - check_symbol_exists(strtoll stdlib.h HAVE_STRTOLL) -else() - check_function_exists(strtoll HAVE_STRTOLL) -endif() -if (NOT HAVE_STRTOLL) - # Try _strtoi64 if strtoll isn't available - check_symbol_exists(_strtoi64 stdlib.h HAVE_STRTOI64) -endif() -check_symbol_exists(snprintf stdio.h HAVE_SNPRINTF) -check_symbol_exists(memset_s string.h HAVE_MEMSET_S) - -if(${CMAKE_SYSTEM_NAME} STREQUAL "Darwin" OR - ${CMAKE_SYSTEM_NAME} STREQUAL "Interix") - # poll() does not work on these platforms - # - # Interix: "does provide poll(), but the implementing developer must - # have been in a bad mood, because poll() only works on the /proc - # filesystem here" - # - # Mac OS X's poll has funny behaviors, like: - # not being able to do poll on no filedescriptors (10.3?) - # not being able to poll on some files (like anything in /dev) - # not having reliable timeout support - # inconsistent return of POLLHUP where other implementations give POLLIN - message("poll use is disabled on this platform") -else() - check_function_exists(poll HAVE_POLL) -endif() - -append_needed_socket_libraries(LIBRARIES) - -# Non-blocking socket support tests. Must be after library tests to -# link correctly -set(SAVE_CMAKE_REQUIRED_LIBRARIES ${CMAKE_REQUIRED_LIBRARIES}) -set(CMAKE_REQUIRED_LIBRARIES ${LIBRARIES}) -check_nonblocking_socket_support() -set(CMAKE_REQUIRED_LIBRARIES ${SAVE_CMAKE_REQUIRED_LIBRARIES}) - -configure_file( - ${CMAKE_CURRENT_SOURCE_DIR}/libssh2_config_cmake.h.in - ${CMAKE_CURRENT_BINARY_DIR}/libssh2_config.h) # to find generated header -target_include_directories(libssh2 PRIVATE ${CMAKE_CURRENT_BINARY_DIR}) - -# Check for the OS. -# Daniel's note: this should not be necessary and we need to work to -# get this removed. -if(${CMAKE_SYSTEM_NAME} STREQUAL "Windows") - target_compile_definitions(libssh2 PRIVATE LIBSSH2_WIN32) -elseif(${CMAKE_SYSTEM_NAME} STREQUAL "Darwin") - target_compile_definitions(libssh2 PRIVATE LIBSSH2_DARWIN) -endif() +list(APPEND libssh2_INCLUDE_DIRS ${CMAKE_CURRENT_BINARY_DIR}) if(MSVC) set(CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} /Zi /Od") set(CMAKE_SHARED_LINKER_FLAGS_DEBUG "${CMAKE_SHARED_LINKER_FLAGS_DEBUG} /DEBUG") endif() -if(CMAKE_VERSION VERSION_LESS "2.8.12") - # Fall back to over-linking dependencies - target_link_libraries(libssh2 ${LIBRARIES}) -else() - target_link_libraries(libssh2 PRIVATE ${LIBRARIES}) +## Sources + +include(GNUInstallDirs) +transform_makefile_inc("Makefile.inc" "${CMAKE_CURRENT_BINARY_DIR}/Makefile.inc.cmake") +# Get 'CSOURCES' and 'HHEADERS' variables +include(${CMAKE_CURRENT_BINARY_DIR}/Makefile.inc.cmake) +set(SOURCES ${CSOURCES} ${HHEADERS}) + +## Library definition + +# Ensure that the static library and import library filenames are different, +# when building both static and shared library. On Windows, with certain +# toolchains (e.g. MSVC) these libraries get the same by default, overwriting +# each other. MinGW is not affected. +if(WIN32 AND BUILD_STATIC_LIBS AND BUILD_SHARED_LIBS AND + NOT STATIC_LIB_SUFFIX AND NOT IMPORT_LIB_SUFFIX AND + CMAKE_STATIC_LIBRARY_SUFFIX STREQUAL CMAKE_IMPORT_LIBRARY_SUFFIX) + set(STATIC_LIB_SUFFIX "_static") +endif() + +# we want it to be called libssh2 on all platforms +if(BUILD_STATIC_LIBS) + list(APPEND libssh2_export ${LIB_STATIC}) + add_library(${LIB_STATIC} STATIC ${SOURCES}) + target_compile_definitions(${LIB_STATIC} PRIVATE ${PRIVATE_COMPILE_DEFINITIONS} ${libssh2_DEFINITIONS}) + target_link_libraries(${LIB_STATIC} PRIVATE ${LIBRARIES}) + set_target_properties(${LIB_STATIC} PROPERTIES PREFIX "" OUTPUT_NAME "libssh2") + set_target_properties(${LIB_STATIC} PROPERTIES SUFFIX "${STATIC_LIB_SUFFIX}${CMAKE_STATIC_LIBRARY_SUFFIX}") + + target_include_directories(${LIB_STATIC} + PRIVATE "${PROJECT_SOURCE_DIR}/include/" ${libssh2_INCLUDE_DIRS} ${PRIVATE_INCLUDE_DIRECTORIES} + PUBLIC + $ + $/${CMAKE_INSTALL_INCLUDEDIR}>) +endif() +if(BUILD_SHARED_LIBS) + list(APPEND libssh2_export ${LIB_SHARED}) + add_library(${LIB_SHARED} SHARED ${SOURCES}) + if(WIN32) + set_property(TARGET ${LIB_SHARED} APPEND PROPERTY SOURCES libssh2.rc) + endif() + target_compile_definitions(${LIB_SHARED} PRIVATE ${PRIVATE_COMPILE_DEFINITIONS} ${libssh2_DEFINITIONS} ${LIB_SHARED_DEFINITIONS}) + target_compile_options(${LIB_SHARED} PRIVATE ${LIB_SHARED_C_FLAGS}) + target_link_libraries(${LIB_SHARED} PRIVATE ${LIBRARIES}) + set_target_properties(${LIB_SHARED} PROPERTIES PREFIX "" IMPORT_PREFIX "" OUTPUT_NAME "libssh2") + set_target_properties(${LIB_SHARED} PROPERTIES IMPORT_SUFFIX "${IMPORT_LIB_SUFFIX}${CMAKE_IMPORT_LIBRARY_SUFFIX}") + set_target_properties(${LIB_SHARED} PROPERTIES POSITION_INDEPENDENT_CODE ON) + + target_include_directories(${LIB_SHARED} + PRIVATE "${PROJECT_SOURCE_DIR}/include/" ${libssh2_INCLUDE_DIRS} ${PRIVATE_INCLUDE_DIRECTORIES} + PUBLIC + $ + $/${CMAKE_INSTALL_INCLUDEDIR}>) endif() ## Installation @@ -380,14 +139,21 @@ install(FILES ${PROJECT_SOURCE_DIR}/include/libssh2_sftp.h DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}) -install(TARGETS libssh2 - EXPORT Libssh2Config - RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR} - LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR} - ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR}) - +if(BUILD_STATIC_LIBS) + install(TARGETS ${LIB_STATIC} + EXPORT Libssh2Config + RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR} + LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR} + ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR}) +endif() if(BUILD_SHARED_LIBS) - list(APPEND _RUNTIME_DEPENDENCIES $) + install(TARGETS ${LIB_SHARED} + EXPORT Libssh2Config + RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR} + LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR} + ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR}) + + list(APPEND _RUNTIME_DEPENDENCIES $) endif() set(RUNTIME_DEPENDENCIES ${_RUNTIME_DEPENDENCIES} CACHE INTERNAL @@ -402,7 +168,7 @@ install(EXPORT Libssh2Config ## During build, register directly from build tree # create Libssh2Config.cmake -export(TARGETS libssh2 NAMESPACE Libssh2:: FILE Libssh2Config.cmake) +export(TARGETS ${libssh2_export} NAMESPACE Libssh2:: FILE Libssh2Config.cmake) export(PACKAGE Libssh2) # register it ## Export a .pc file for client projects not using CMaek @@ -412,16 +178,32 @@ endif() if(PC_LIBS) string(REPLACE ";" " " PC_LIBS "${PC_LIBS}") endif() -configure_file(libssh2.pc.in libssh2.pc @ONLY) +set(LIBSSH2VER ${LIBSSH2_VERSION}) +set(LIBSREQUIRED ${PC_REQUIRES_PRIVATE}) +set(LIBS ${PC_LIBS}) +set(prefix ${CMAKE_INSTALL_PREFIX}) +set(exec_prefix "\${prefix}") +set(libdir "\${prefix}/${CMAKE_INSTALL_LIBDIR}") +set(includedir "\${prefix}/${CMAKE_INSTALL_INCLUDEDIR}") +configure_file(${CMAKE_SOURCE_DIR}/libssh2.pc.in libssh2.pc @ONLY) install( FILES ${CMAKE_CURRENT_BINARY_DIR}/libssh2.pc DESTINATION ${CMAKE_INSTALL_LIBDIR}/pkgconfig) ## Versioning -set_target_properties(libssh2 PROPERTIES - SOVERSION 1 - VERSION 1.0.1) +set(LIBSSH2_SOVERSION 1) +set(LIBSSH2_VERSION 1.0.1) +if(BUILD_STATIC_LIBS) + set_target_properties(${LIB_STATIC} PROPERTIES + SOVERSION ${LIBSSH2_SOVERSION} + VERSION ${LIBSSH2_VERSION}) +endif() +if(BUILD_SHARED_LIBS) + set_target_properties(${LIB_SHARED} PROPERTIES + SOVERSION ${LIBSSH2_SOVERSION} + VERSION ${LIBSSH2_VERSION}) +endif() include(CMakePackageConfigHelpers) write_basic_package_version_file( diff --git a/libssh2/src/Makefile.am b/libssh2/src/Makefile.am index 31d58ed57..91222d54c 100644 --- a/libssh2/src/Makefile.am +++ b/libssh2/src/Makefile.am @@ -1,34 +1,21 @@ -# $Id: Makefile.am,v 1.21 2009/05/07 17:21:56 bagder Exp $ AUTOMAKE_OPTIONS = foreign nostdinc -# Get the CRYPTO_CSOURCES, CRYPTO_HHEADERS and CRYPTO_LTLIBS defines -if OPENSSL -include ../Makefile.OpenSSL.inc -endif -if LIBGCRYPT -include ../Makefile.libgcrypt.inc -endif -if WINCNG -include ../Makefile.WinCNG.inc -endif -if MBEDTLS -include ../Makefile.mbedTLS.inc -endif - -# Makefile.inc provides the CSOURCES and HHEADERS defines -include ../Makefile.inc +# Get the CSOURCES, HHEADERS and EXTRA_DIST defines +include Makefile.inc libssh2_la_SOURCES = $(CSOURCES) $(HHEADERS) +if HAVE_WINDRES +libssh2_la_SOURCES += libssh2.rc +endif -EXTRA_DIST = libssh2_config.h.in libssh2_config_cmake.h.in libssh2.pc.in -EXTRA_DIST += CMakeLists.txt NMakefile +EXTRA_DIST += libssh2_config.h.in libssh2_config_cmake.h.in CMakeLists.txt lib_LTLIBRARIES = libssh2.la # srcdir/include for the shipped headers # builddir/src for the generated config header when building out of the source # tree -AM_CPPFLAGS = -I$(top_srcdir)/include -I$(top_builddir)/src +AM_CPPFLAGS = -I$(top_builddir)/src -I$(top_srcdir)/include VERSION=-version-info 1:1:0 @@ -61,5 +48,10 @@ VERSION=-version-info 1:1:0 # libssh2_la_LDFLAGS = $(VERSION) -no-undefined \ - -export-symbols-regex '^libssh2_.*' \ - $(CRYPTO_LTLIBS) $(LTLIBZ) + -export-symbols-regex '^libssh2_.*' \ + $(LTLIBZ) + +if HAVE_WINDRES +.rc.lo: + $(LIBTOOL) --tag=RC --mode=compile $(RC) -I$(top_srcdir)/include $(RCFLAGS) -i $< -o $@ +endif diff --git a/libssh2/src/Makefile.in b/libssh2/src/Makefile.in index d76490ab6..4e4917c7b 100644 --- a/libssh2/src/Makefile.in +++ b/libssh2/src/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.16.4 from Makefile.am. +# Makefile.in generated by automake 1.16.5 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2021 Free Software Foundation, Inc. @@ -88,6 +88,7 @@ PRE_UNINSTALL = : POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ +@HAVE_WINDRES_TRUE@am__append_1 = libssh2.rc subdir = src ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/autobuild.m4 \ @@ -133,27 +134,23 @@ am__uninstall_files_from_dir = { \ am__installdirs = "$(DESTDIR)$(libdir)" LTLIBRARIES = $(lib_LTLIBRARIES) libssh2_la_LIBADD = -am__libssh2_la_SOURCES_DIST = channel.c comp.c crypt.c hostkey.c kex.c \ - mac.c misc.c packet.c publickey.c scp.c session.c sftp.c \ - userauth.c transport.c version.c knownhost.c agent.c \ - libgcrypt.c mbedtls.c openssl.c wincng.c pem.c keepalive.c \ - global.c blowfish.c bcrypt_pbkdf.c agent_win.c libssh2_priv.h \ - libgcrypt.h mbedtls.h openssl.h wincng.h transport.h channel.h \ - comp.h mac.h misc.h packet.h userauth.h session.h sftp.h \ - crypto.h blf.h agent.h -@LIBGCRYPT_FALSE@@MBEDTLS_FALSE@@OPENSSL_FALSE@@WINCNG_TRUE@am__objects_1 = wincng.lo -@LIBGCRYPT_FALSE@@MBEDTLS_FALSE@@OPENSSL_TRUE@am__objects_1 = \ -@LIBGCRYPT_FALSE@@MBEDTLS_FALSE@@OPENSSL_TRUE@ openssl.lo -@LIBGCRYPT_FALSE@@MBEDTLS_TRUE@am__objects_1 = mbedtls.lo -@LIBGCRYPT_TRUE@am__objects_1 = libgcrypt.lo -am__objects_2 = channel.lo comp.lo crypt.lo hostkey.lo kex.lo mac.lo \ - misc.lo packet.lo publickey.lo scp.lo session.lo sftp.lo \ - userauth.lo transport.lo version.lo knownhost.lo agent.lo \ - $(am__objects_1) pem.lo keepalive.lo global.lo blowfish.lo \ - bcrypt_pbkdf.lo agent_win.lo -am__objects_3 = -am__objects_4 = $(am__objects_3) -am_libssh2_la_OBJECTS = $(am__objects_2) $(am__objects_4) +am__libssh2_la_SOURCES_DIST = agent.c bcrypt_pbkdf.c channel.c comp.c \ + crypt.c crypto.c global.c hostkey.c keepalive.c kex.c \ + knownhost.c mac.c misc.c packet.c pem.c publickey.c scp.c \ + session.c sftp.c transport.c userauth.c userauth_kbd_packet.c \ + version.c channel.h comp.h crypto.h libgcrypt.h libssh2_priv.h \ + libssh2_setup.h mac.h mbedtls.h misc.h openssl.h os400qc3.h \ + packet.h session.h sftp.h transport.h userauth.h \ + userauth_kbd_packet.h wincng.h libssh2.rc +am__objects_1 = agent.lo bcrypt_pbkdf.lo channel.lo comp.lo crypt.lo \ + crypto.lo global.lo hostkey.lo keepalive.lo kex.lo \ + knownhost.lo mac.lo misc.lo packet.lo pem.lo publickey.lo \ + scp.lo session.lo sftp.lo transport.lo userauth.lo \ + userauth_kbd_packet.lo version.lo +am__objects_2 = +@HAVE_WINDRES_TRUE@am__objects_3 = libssh2.lo +am_libssh2_la_OBJECTS = $(am__objects_1) $(am__objects_2) \ + $(am__objects_3) libssh2_la_OBJECTS = $(am_libssh2_la_OBJECTS) AM_V_lt = $(am__v_lt_@AM_V@) am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) @@ -177,20 +174,18 @@ am__v_at_1 = DEFAULT_INCLUDES = depcomp = $(SHELL) $(top_srcdir)/depcomp am__maybe_remake_depfiles = depfiles -am__depfiles_remade = ./$(DEPDIR)/agent.Plo ./$(DEPDIR)/agent_win.Plo \ - ./$(DEPDIR)/bcrypt_pbkdf.Plo ./$(DEPDIR)/blowfish.Plo \ - ./$(DEPDIR)/channel.Plo ./$(DEPDIR)/comp.Plo \ - ./$(DEPDIR)/crypt.Plo ./$(DEPDIR)/global.Plo \ +am__depfiles_remade = ./$(DEPDIR)/agent.Plo \ + ./$(DEPDIR)/bcrypt_pbkdf.Plo ./$(DEPDIR)/channel.Plo \ + ./$(DEPDIR)/comp.Plo ./$(DEPDIR)/crypt.Plo \ + ./$(DEPDIR)/crypto.Plo ./$(DEPDIR)/global.Plo \ ./$(DEPDIR)/hostkey.Plo ./$(DEPDIR)/keepalive.Plo \ ./$(DEPDIR)/kex.Plo ./$(DEPDIR)/knownhost.Plo \ - ./$(DEPDIR)/libgcrypt.Plo ./$(DEPDIR)/mac.Plo \ - ./$(DEPDIR)/mbedtls.Plo ./$(DEPDIR)/misc.Plo \ - ./$(DEPDIR)/openssl.Plo ./$(DEPDIR)/packet.Plo \ - ./$(DEPDIR)/pem.Plo ./$(DEPDIR)/publickey.Plo \ - ./$(DEPDIR)/scp.Plo ./$(DEPDIR)/session.Plo \ - ./$(DEPDIR)/sftp.Plo ./$(DEPDIR)/transport.Plo \ - ./$(DEPDIR)/userauth.Plo ./$(DEPDIR)/version.Plo \ - ./$(DEPDIR)/wincng.Plo + ./$(DEPDIR)/mac.Plo ./$(DEPDIR)/misc.Plo \ + ./$(DEPDIR)/packet.Plo ./$(DEPDIR)/pem.Plo \ + ./$(DEPDIR)/publickey.Plo ./$(DEPDIR)/scp.Plo \ + ./$(DEPDIR)/session.Plo ./$(DEPDIR)/sftp.Plo \ + ./$(DEPDIR)/transport.Plo ./$(DEPDIR)/userauth.Plo \ + ./$(DEPDIR)/userauth_kbd_packet.Plo ./$(DEPDIR)/version.Plo am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) @@ -235,10 +230,7 @@ am__define_uniq_tagged_files = \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | $(am__uniquify_input)` -am__DIST_COMMON = $(srcdir)/../Makefile.OpenSSL.inc \ - $(srcdir)/../Makefile.WinCNG.inc $(srcdir)/../Makefile.inc \ - $(srcdir)/../Makefile.libgcrypt.inc \ - $(srcdir)/../Makefile.mbedTLS.inc $(srcdir)/Makefile.in \ +am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.inc \ $(srcdir)/libssh2_config.h.in $(top_srcdir)/depcomp DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ @@ -275,12 +267,13 @@ EGREP = @EGREP@ ETAGS = @ETAGS@ EXEEXT = @EXEEXT@ FGREP = @FGREP@ +FILECMD = @FILECMD@ GREP = @GREP@ HAVE_LIBBCRYPT = @HAVE_LIBBCRYPT@ -HAVE_LIBCRYPT32 = @HAVE_LIBCRYPT32@ HAVE_LIBGCRYPT = @HAVE_LIBGCRYPT@ HAVE_LIBMBEDCRYPTO = @HAVE_LIBMBEDCRYPTO@ HAVE_LIBSSL = @HAVE_LIBSSL@ +HAVE_LIBWOLFSSL = @HAVE_LIBWOLFSSL@ HAVE_LIBZ = @HAVE_LIBZ@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ @@ -291,8 +284,6 @@ LD = @LD@ LDFLAGS = @LDFLAGS@ LIBBCRYPT = @LIBBCRYPT@ LIBBCRYPT_PREFIX = @LIBBCRYPT_PREFIX@ -LIBCRYPT32 = @LIBCRYPT32@ -LIBCRYPT32_PREFIX = @LIBCRYPT32_PREFIX@ LIBGCRYPT = @LIBGCRYPT@ LIBGCRYPT_PREFIX = @LIBGCRYPT_PREFIX@ LIBMBEDCRYPTO = @LIBMBEDCRYPTO@ @@ -304,17 +295,19 @@ LIBSSH2VER = @LIBSSH2VER@ LIBSSL = @LIBSSL@ LIBSSL_PREFIX = @LIBSSL_PREFIX@ LIBTOOL = @LIBTOOL@ +LIBWOLFSSL = @LIBWOLFSSL@ +LIBWOLFSSL_PREFIX = @LIBWOLFSSL_PREFIX@ LIBZ = @LIBZ@ LIBZ_PREFIX = @LIBZ_PREFIX@ LIB_FUZZING_ENGINE = @LIB_FUZZING_ENGINE@ LIPO = @LIPO@ LN_S = @LN_S@ LTLIBBCRYPT = @LTLIBBCRYPT@ -LTLIBCRYPT32 = @LTLIBCRYPT32@ LTLIBGCRYPT = @LTLIBGCRYPT@ LTLIBMBEDCRYPTO = @LTLIBMBEDCRYPTO@ LTLIBOBJS = @LTLIBOBJS@ LTLIBSSL = @LTLIBSSL@ +LTLIBWOLFSSL = @LTLIBWOLFSSL@ LTLIBZ = @LTLIBZ@ LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@ MAINT = @MAINT@ @@ -336,6 +329,7 @@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +RC = @RC@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ @@ -396,42 +390,64 @@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ - -# $Id: Makefile.am,v 1.21 2009/05/07 17:21:56 bagder Exp $ AUTOMAKE_OPTIONS = foreign nostdinc -@LIBGCRYPT_TRUE@CRYPTO_CSOURCES = libgcrypt.c -@MBEDTLS_TRUE@CRYPTO_CSOURCES = mbedtls.c -@OPENSSL_TRUE@CRYPTO_CSOURCES = openssl.c -@WINCNG_TRUE@CRYPTO_CSOURCES = wincng.c -@LIBGCRYPT_TRUE@CRYPTO_HHEADERS = libgcrypt.h -@MBEDTLS_TRUE@CRYPTO_HHEADERS = mbedtls.h -@OPENSSL_TRUE@CRYPTO_HHEADERS = openssl.h -@WINCNG_TRUE@CRYPTO_HHEADERS = wincng.h -@LIBGCRYPT_TRUE@CRYPTO_LTLIBS = $(LTLIBGCRYPT) -@MBEDTLS_TRUE@CRYPTO_LTLIBS = $(LTLIBMBEDCRYPTO) -@OPENSSL_TRUE@CRYPTO_LTLIBS = $(LTLIBSSL) -@WINCNG_TRUE@CRYPTO_LTLIBS = $(LTLIBBCRYPT) $(LTLIBCRYPT32) -CSOURCES = channel.c comp.c crypt.c hostkey.c kex.c mac.c misc.c \ - packet.c publickey.c scp.c session.c sftp.c userauth.c transport.c \ - version.c knownhost.c agent.c $(CRYPTO_CSOURCES) pem.c keepalive.c global.c \ - blowfish.c bcrypt_pbkdf.c agent_win.c +CSOURCES = \ + agent.c \ + bcrypt_pbkdf.c \ + channel.c \ + comp.c \ + crypt.c \ + crypto.c \ + global.c \ + hostkey.c \ + keepalive.c \ + kex.c \ + knownhost.c \ + mac.c \ + misc.c \ + packet.c \ + pem.c \ + publickey.c \ + scp.c \ + session.c \ + sftp.c \ + transport.c \ + userauth.c \ + userauth_kbd_packet.c \ + version.c -HHEADERS = libssh2_priv.h $(CRYPTO_HHEADERS) transport.h channel.h comp.h \ - mac.h misc.h packet.h userauth.h session.h sftp.h crypto.h blf.h agent.h +HHEADERS = \ + channel.h \ + comp.h \ + crypto.h \ + libgcrypt.h \ + libssh2_priv.h \ + libssh2_setup.h \ + mac.h \ + mbedtls.h \ + misc.h \ + openssl.h \ + os400qc3.h \ + packet.h \ + session.h \ + sftp.h \ + transport.h \ + userauth.h \ + userauth_kbd_packet.h \ + wincng.h +EXTRA_DIST = agent_win.c blowfish.c libgcrypt.c mbedtls.c openssl.c \ + os400qc3.c wincng.c libssh2_config.h.in \ + libssh2_config_cmake.h.in CMakeLists.txt -# Get the CRYPTO_CSOURCES, CRYPTO_HHEADERS and CRYPTO_LTLIBS defines - -# Makefile.inc provides the CSOURCES and HHEADERS defines -libssh2_la_SOURCES = $(CSOURCES) $(HHEADERS) -EXTRA_DIST = libssh2_config.h.in libssh2_config_cmake.h.in \ - libssh2.pc.in CMakeLists.txt NMakefile +# Get the CSOURCES, HHEADERS and EXTRA_DIST defines +libssh2_la_SOURCES = $(CSOURCES) $(HHEADERS) $(am__append_1) lib_LTLIBRARIES = libssh2.la # srcdir/include for the shipped headers # builddir/src for the generated config header when building out of the source # tree -AM_CPPFLAGS = -I$(top_srcdir)/include -I$(top_builddir)/src +AM_CPPFLAGS = -I$(top_builddir)/src -I$(top_srcdir)/include # This flag accepts an argument of the form current[:revision[:age]]. So, # passing -version-info 3:12:1 sets current to 3, revision to 12, and age to @@ -461,15 +477,15 @@ AM_CPPFLAGS = -I$(top_srcdir)/include -I$(top_builddir)/src # set age to 0. (c:r:a=0) # libssh2_la_LDFLAGS = $(VERSION) -no-undefined \ - -export-symbols-regex '^libssh2_.*' \ - $(CRYPTO_LTLIBS) $(LTLIBZ) + -export-symbols-regex '^libssh2_.*' \ + $(LTLIBZ) all: libssh2_config.h $(MAKE) $(AM_MAKEFLAGS) all-am .SUFFIXES: -.SUFFIXES: .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(srcdir)/../Makefile.OpenSSL.inc $(srcdir)/../Makefile.libgcrypt.inc $(srcdir)/../Makefile.WinCNG.inc $(srcdir)/../Makefile.mbedTLS.inc $(srcdir)/../Makefile.inc $(am__configure_deps) +.SUFFIXES: .c .lo .o .obj .rc +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(srcdir)/Makefile.inc $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ @@ -489,7 +505,7 @@ Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \ esac; -$(srcdir)/../Makefile.OpenSSL.inc $(srcdir)/../Makefile.libgcrypt.inc $(srcdir)/../Makefile.WinCNG.inc $(srcdir)/../Makefile.mbedTLS.inc $(srcdir)/../Makefile.inc $(am__empty): +$(srcdir)/Makefile.inc $(am__empty): $(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh @@ -560,22 +576,18 @@ distclean-compile: -rm -f *.tab.c @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/agent.Plo@am__quote@ # am--include-marker -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/agent_win.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bcrypt_pbkdf.Plo@am__quote@ # am--include-marker -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/blowfish.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/channel.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/comp.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/crypt.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/crypto.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/global.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hostkey.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/keepalive.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kex.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/knownhost.Plo@am__quote@ # am--include-marker -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libgcrypt.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mac.Plo@am__quote@ # am--include-marker -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mbedtls.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/misc.Plo@am__quote@ # am--include-marker -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/packet.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pem.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/publickey.Plo@am__quote@ # am--include-marker @@ -584,8 +596,8 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sftp.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/transport.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/userauth.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/userauth_kbd_packet.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/version.Plo@am__quote@ # am--include-marker -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/wincng.Plo@am__quote@ # am--include-marker $(am__depfiles_remade): @$(MKDIR_P) $(@D) @@ -748,22 +760,18 @@ clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \ distclean: distclean-am -rm -f ./$(DEPDIR)/agent.Plo - -rm -f ./$(DEPDIR)/agent_win.Plo -rm -f ./$(DEPDIR)/bcrypt_pbkdf.Plo - -rm -f ./$(DEPDIR)/blowfish.Plo -rm -f ./$(DEPDIR)/channel.Plo -rm -f ./$(DEPDIR)/comp.Plo -rm -f ./$(DEPDIR)/crypt.Plo + -rm -f ./$(DEPDIR)/crypto.Plo -rm -f ./$(DEPDIR)/global.Plo -rm -f ./$(DEPDIR)/hostkey.Plo -rm -f ./$(DEPDIR)/keepalive.Plo -rm -f ./$(DEPDIR)/kex.Plo -rm -f ./$(DEPDIR)/knownhost.Plo - -rm -f ./$(DEPDIR)/libgcrypt.Plo -rm -f ./$(DEPDIR)/mac.Plo - -rm -f ./$(DEPDIR)/mbedtls.Plo -rm -f ./$(DEPDIR)/misc.Plo - -rm -f ./$(DEPDIR)/openssl.Plo -rm -f ./$(DEPDIR)/packet.Plo -rm -f ./$(DEPDIR)/pem.Plo -rm -f ./$(DEPDIR)/publickey.Plo @@ -772,8 +780,8 @@ distclean: distclean-am -rm -f ./$(DEPDIR)/sftp.Plo -rm -f ./$(DEPDIR)/transport.Plo -rm -f ./$(DEPDIR)/userauth.Plo + -rm -f ./$(DEPDIR)/userauth_kbd_packet.Plo -rm -f ./$(DEPDIR)/version.Plo - -rm -f ./$(DEPDIR)/wincng.Plo -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-hdr distclean-tags @@ -820,22 +828,18 @@ installcheck-am: maintainer-clean: maintainer-clean-am -rm -f ./$(DEPDIR)/agent.Plo - -rm -f ./$(DEPDIR)/agent_win.Plo -rm -f ./$(DEPDIR)/bcrypt_pbkdf.Plo - -rm -f ./$(DEPDIR)/blowfish.Plo -rm -f ./$(DEPDIR)/channel.Plo -rm -f ./$(DEPDIR)/comp.Plo -rm -f ./$(DEPDIR)/crypt.Plo + -rm -f ./$(DEPDIR)/crypto.Plo -rm -f ./$(DEPDIR)/global.Plo -rm -f ./$(DEPDIR)/hostkey.Plo -rm -f ./$(DEPDIR)/keepalive.Plo -rm -f ./$(DEPDIR)/kex.Plo -rm -f ./$(DEPDIR)/knownhost.Plo - -rm -f ./$(DEPDIR)/libgcrypt.Plo -rm -f ./$(DEPDIR)/mac.Plo - -rm -f ./$(DEPDIR)/mbedtls.Plo -rm -f ./$(DEPDIR)/misc.Plo - -rm -f ./$(DEPDIR)/openssl.Plo -rm -f ./$(DEPDIR)/packet.Plo -rm -f ./$(DEPDIR)/pem.Plo -rm -f ./$(DEPDIR)/publickey.Plo @@ -844,8 +848,8 @@ maintainer-clean: maintainer-clean-am -rm -f ./$(DEPDIR)/sftp.Plo -rm -f ./$(DEPDIR)/transport.Plo -rm -f ./$(DEPDIR)/userauth.Plo + -rm -f ./$(DEPDIR)/userauth_kbd_packet.Plo -rm -f ./$(DEPDIR)/version.Plo - -rm -f ./$(DEPDIR)/wincng.Plo -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -884,6 +888,9 @@ uninstall-am: uninstall-libLTLIBRARIES .PRECIOUS: Makefile +@HAVE_WINDRES_TRUE@.rc.lo: +@HAVE_WINDRES_TRUE@ $(LIBTOOL) --tag=RC --mode=compile $(RC) -I$(top_srcdir)/include $(RCFLAGS) -i $< -o $@ + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/libssh2/src/Makefile.inc b/libssh2/src/Makefile.inc new file mode 100644 index 000000000..2928ba2b2 --- /dev/null +++ b/libssh2/src/Makefile.inc @@ -0,0 +1,53 @@ +CSOURCES = \ + agent.c \ + bcrypt_pbkdf.c \ + channel.c \ + comp.c \ + crypt.c \ + crypto.c \ + global.c \ + hostkey.c \ + keepalive.c \ + kex.c \ + knownhost.c \ + mac.c \ + misc.c \ + packet.c \ + pem.c \ + publickey.c \ + scp.c \ + session.c \ + sftp.c \ + transport.c \ + userauth.c \ + userauth_kbd_packet.c \ + version.c + +HHEADERS = \ + channel.h \ + comp.h \ + crypto.h \ + libgcrypt.h \ + libssh2_priv.h \ + libssh2_setup.h \ + mac.h \ + mbedtls.h \ + misc.h \ + openssl.h \ + os400qc3.h \ + packet.h \ + session.h \ + sftp.h \ + transport.h \ + userauth.h \ + userauth_kbd_packet.h \ + wincng.h + +EXTRA_DIST = \ + agent_win.c \ + blowfish.c \ + libgcrypt.c \ + mbedtls.c \ + openssl.c \ + os400qc3.c \ + wincng.c diff --git a/libssh2/src/agent.c b/libssh2/src/agent.c index 85c3e34af..450581ce5 100644 --- a/libssh2/src/agent.c +++ b/libssh2/src/agent.c @@ -1,6 +1,6 @@ /* * Copyright (c) 2009 by Daiki Ueno - * Copyright (C) 2010-2014 by Daniel Stenberg + * Copyright (C) 2010-2021 by Daniel Stenberg * All rights reserved. * * Redistribution and use in source and binary forms, @@ -38,9 +38,10 @@ */ #include "libssh2_priv.h" -#include "agent.h" -#include "misc.h" + #include +#include /* for getenv() */ + #ifdef HAVE_SYS_UN_H #include #else @@ -49,11 +50,13 @@ support them. */ #undef PF_UNIX #endif + +#if defined(WIN32) && !defined(LIBSSH2_WINDOWS_UWP) +#define HAVE_WIN32_AGENTS +#endif + #include "userauth.h" #include "session.h" -#ifdef WIN32 -#include -#endif /* Requests from client to agent for protocol 1 key operations */ #define SSH_AGENTC_REQUEST_RSA_IDENTITIES 1 @@ -94,6 +97,71 @@ #define SSH_AGENT_CONSTRAIN_LIFETIME 1 #define SSH_AGENT_CONSTRAIN_CONFIRM 2 +/* Signature request methods */ +#define SSH_AGENT_RSA_SHA2_256 2 +#define SSH_AGENT_RSA_SHA2_512 4 + +/* non-blocking mode on agent connection is not yet implemented, but + for future use. */ +typedef enum { + agent_NB_state_init = 0, + agent_NB_state_request_created, + agent_NB_state_request_length_sent, + agent_NB_state_request_sent, + agent_NB_state_response_length_received, + agent_NB_state_response_received +} agent_nonblocking_states; + +typedef struct agent_transaction_ctx { + unsigned char *request; + size_t request_len; + unsigned char *response; + size_t response_len; + agent_nonblocking_states state; + size_t send_recv_total; +} *agent_transaction_ctx_t; + +typedef int (*agent_connect_func)(LIBSSH2_AGENT *agent); +typedef int (*agent_transact_func)(LIBSSH2_AGENT *agent, + agent_transaction_ctx_t transctx); +typedef int (*agent_disconnect_func)(LIBSSH2_AGENT *agent); + +struct agent_publickey { + struct list_node node; + + /* this is the struct we expose externally */ + struct libssh2_agent_publickey external; +}; + +struct agent_ops { + const agent_connect_func connect; + const agent_transact_func transact; + const agent_disconnect_func disconnect; +}; + +struct _LIBSSH2_AGENT +{ + LIBSSH2_SESSION *session; /* the session this "belongs to" */ + + libssh2_socket_t fd; + + struct agent_ops *ops; + + struct agent_transaction_ctx transctx; + struct agent_publickey *identity; + struct list_head head; /* list of public keys */ + + char *identity_agent_path; /* Path to a custom identity agent socket */ + +#ifdef HAVE_WIN32_AGENTS + OVERLAPPED overlapped; + HANDLE pipe; + BOOL pending_io; +#endif +}; + +#include "agent_win.c" + #ifdef PF_UNIX static int agent_connect_unix(LIBSSH2_AGENT *agent) @@ -115,10 +183,10 @@ agent_connect_unix(LIBSSH2_AGENT *agent) "failed creating socket"); s_un.sun_family = AF_UNIX; - strncpy(s_un.sun_path, path, sizeof s_un.sun_path); + strncpy(s_un.sun_path, path, sizeof(s_un.sun_path)); s_un.sun_path[sizeof(s_un.sun_path)-1] = 0; /* make sure there's a trailing zero */ - if(connect(agent->fd, (struct sockaddr*)(&s_un), sizeof s_un) != 0) { + if(connect(agent->fd, (struct sockaddr*)(&s_un), sizeof(s_un)) != 0) { close(agent->fd); return _libssh2_error(agent->session, LIBSSH2_ERROR_AGENT_PROTOCOL, "failed connecting with agent"); @@ -128,20 +196,22 @@ agent_connect_unix(LIBSSH2_AGENT *agent) } #define RECV_SEND_ALL(func, socket, buffer, length, flags, abstract) \ - int rc; \ - size_t finished = 0; \ + do { \ + size_t finished = 0; \ \ - while(finished < length) { \ - rc = func(socket, \ - (char *)buffer + finished, length - finished, \ - flags, abstract); \ - if(rc < 0) \ - return rc; \ + while(finished < length) { \ + ssize_t rc; \ + rc = func(socket, \ + (char *)buffer + finished, length - finished, \ + flags, abstract); \ + if(rc < 0) \ + return rc; \ \ - finished += rc; \ - } \ + finished += rc; \ + } \ \ - return finished; + return finished; \ + } while(0) static ssize_t _send_all(LIBSSH2_SEND_FUNC(func), libssh2_socket_t socket, const void *buffer, size_t length, @@ -167,9 +237,10 @@ agent_transact_unix(LIBSSH2_AGENT *agent, agent_transaction_ctx_t transctx) /* Send the length of the request */ if(transctx->state == agent_NB_state_request_created) { - _libssh2_htonu32(buf, transctx->request_len); - rc = _send_all(agent->session->send, agent->fd, - buf, sizeof buf, 0, &agent->session->abstract); + _libssh2_htonu32(buf, (uint32_t)transctx->request_len); + rc = (int)_send_all(agent->session->send, agent->fd, + buf, sizeof(buf), 0, + &agent->session->abstract); if(rc == -EAGAIN) return LIBSSH2_ERROR_EAGAIN; else if(rc < 0) @@ -180,8 +251,9 @@ agent_transact_unix(LIBSSH2_AGENT *agent, agent_transaction_ctx_t transctx) /* Send the request body */ if(transctx->state == agent_NB_state_request_length_sent) { - rc = _send_all(agent->session->send, agent->fd, transctx->request, - transctx->request_len, 0, &agent->session->abstract); + rc = (int)_send_all(agent->session->send, agent->fd, + transctx->request, transctx->request_len, 0, + &agent->session->abstract); if(rc == -EAGAIN) return LIBSSH2_ERROR_EAGAIN; else if(rc < 0) @@ -192,8 +264,9 @@ agent_transact_unix(LIBSSH2_AGENT *agent, agent_transaction_ctx_t transctx) /* Receive the length of a response */ if(transctx->state == agent_NB_state_request_sent) { - rc = _recv_all(agent->session->recv, agent->fd, - buf, sizeof buf, 0, &agent->session->abstract); + rc = (int)_recv_all(agent->session->recv, agent->fd, + buf, sizeof(buf), 0, + &agent->session->abstract); if(rc < 0) { if(rc == -EAGAIN) return LIBSSH2_ERROR_EAGAIN; @@ -211,8 +284,9 @@ agent_transact_unix(LIBSSH2_AGENT *agent, agent_transaction_ctx_t transctx) /* Receive the response body */ if(transctx->state == agent_NB_state_response_length_received) { - rc = _recv_all(agent->session->recv, agent->fd, transctx->response, - transctx->response_len, 0, &agent->session->abstract); + rc = (int)_recv_all(agent->session->recv, agent->fd, + transctx->response, transctx->response_len, 0, + &agent->session->abstract); if(rc < 0) { if(rc == -EAGAIN) return LIBSSH2_ERROR_EAGAIN; @@ -238,14 +312,14 @@ agent_disconnect_unix(LIBSSH2_AGENT *agent) return LIBSSH2_ERROR_NONE; } -struct agent_ops agent_ops_unix = { +static struct agent_ops agent_ops_unix = { agent_connect_unix, agent_transact_unix, agent_disconnect_unix }; #endif /* PF_UNIX */ -#ifdef WIN32 +#ifdef HAVE_WIN32_AGENTS /* Code to talk to Pageant was taken from PuTTY. * * Portions copyright Robert de Bath, Joris van Rantwijk, Delian @@ -276,7 +350,7 @@ agent_transact_pageant(LIBSSH2_AGENT *agent, agent_transaction_ctx_t transctx) HANDLE filemap; unsigned char *p; unsigned char *p2; - int id; + LRESULT id; COPYDATASTRUCT cds; if(!transctx || 4 + transctx->request_len > PAGEANT_MAX_MSGLEN) @@ -289,16 +363,16 @@ agent_transact_pageant(LIBSSH2_AGENT *agent, agent_transaction_ctx_t transctx) "found no pageant"); snprintf(mapname, sizeof(mapname), - "PageantRequest%08x%c", (unsigned)GetCurrentThreadId(), '\0'); + "PageantRequest%08x", (unsigned)GetCurrentThreadId()); filemap = CreateFileMappingA(INVALID_HANDLE_VALUE, NULL, PAGE_READWRITE, 0, PAGEANT_MAX_MSGLEN, mapname); - if(filemap == NULL || filemap == INVALID_HANDLE_VALUE) + if(!filemap || filemap == INVALID_HANDLE_VALUE) return _libssh2_error(agent->session, LIBSSH2_ERROR_AGENT_PROTOCOL, "failed setting up pageant filemap"); p2 = p = MapViewOfFile(filemap, FILE_MAP_WRITE, 0, 0, 0); - if(p == NULL || p2 == NULL) { + if(!p || !p2) { CloseHandle(filemap); return _libssh2_error(agent->session, LIBSSH2_ERROR_AGENT_PROTOCOL, "failed to open pageant filemap for writing"); @@ -308,7 +382,7 @@ agent_transact_pageant(LIBSSH2_AGENT *agent, agent_transaction_ctx_t transctx) transctx->request_len); cds.dwData = PAGEANT_COPYDATA_ID; - cds.cbData = 1 + strlen(mapname); + cds.cbData = (DWORD)(1 + strlen(mapname)); cds.lpData = mapname; id = SendMessage(hwnd, WM_COPYDATA, (WPARAM) NULL, (LPARAM) &cds); @@ -343,21 +417,21 @@ agent_disconnect_pageant(LIBSSH2_AGENT *agent) return 0; } -struct agent_ops agent_ops_pageant = { +static struct agent_ops agent_ops_pageant = { agent_connect_pageant, agent_transact_pageant, agent_disconnect_pageant }; -#endif /* WIN32 */ +#endif /* HAVE_WIN32_AGENTS */ static struct { const char *name; struct agent_ops *ops; } supported_backends[] = { -#ifdef WIN32 +#ifdef HAVE_WIN32_AGENTS {"Pageant", &agent_ops_pageant}, {"OpenSSH", &agent_ops_openssh}, -#endif /* WIN32 */ +#endif /* HAVE_WIN32_AGENTS */ #ifdef PF_UNIX {"Unix", &agent_ops_unix}, #endif /* PF_UNIX */ @@ -375,6 +449,9 @@ agent_sign(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len, ssize_t method_len; unsigned char *s; int rc; + unsigned char *method_name = NULL; + uint32_t sign_flags = 0; + ssize_t plain_len; /* Create a request to sign the data */ if(transctx->state == agent_NB_state_init) { @@ -391,7 +468,18 @@ agent_sign(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len, _libssh2_store_str(&s, (const char *)data, data_len); /* flags */ - _libssh2_store_u32(&s, 0); + if(session->userauth_pblc_method_len > 0 && + session->userauth_pblc_method) { + if(session->userauth_pblc_method_len == 12 && + !memcmp(session->userauth_pblc_method, "rsa-sha2-512", 12)) { + sign_flags = SSH_AGENT_RSA_SHA2_512; + } + else if(session->userauth_pblc_method_len == 12 && + !memcmp(session->userauth_pblc_method, "rsa-sha2-256", 12)) { + sign_flags = SSH_AGENT_RSA_SHA2_256; + } + } + _libssh2_store_u32(&s, sign_flags); transctx->request_len = s - transctx->request; transctx->send_recv_total = 0; @@ -449,8 +537,32 @@ agent_sign(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len, rc = LIBSSH2_ERROR_AGENT_PROTOCOL; goto error; } + + /* method name */ + method_name = LIBSSH2_ALLOC(session, method_len); + if(!method_name) { + rc = LIBSSH2_ERROR_ALLOC; + goto error; + } + memcpy(method_name, s, method_len); s += method_len; + plain_len = plain_method((char *)session->userauth_pblc_method, + session->userauth_pblc_method_len); + + /* check to see if we match requested */ + if(((size_t)method_len != session->userauth_pblc_method_len && + method_len != plain_len) || + memcmp(method_name, session->userauth_pblc_method, method_len)) { + _libssh2_debug((session, + LIBSSH2_TRACE_KEX, + "Agent sign method %.*s", + method_len, method_name)); + + rc = LIBSSH2_ERROR_ALGO_UNSUPPORTED; + goto error; + } + /* Read the signature */ len -= 4; if(len < 0) { @@ -472,13 +584,19 @@ agent_sign(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len, } memcpy(*sig, s, *sig_len); - error: +error: + + if(method_name) + LIBSSH2_FREE(session, method_name); + LIBSSH2_FREE(session, transctx->request); transctx->request = NULL; LIBSSH2_FREE(session, transctx->response); transctx->response = NULL; + transctx->state = agent_NB_state_init; + return _libssh2_error(session, rc, "agent sign failure"); } @@ -541,7 +659,7 @@ agent_list_identities(LIBSSH2_AGENT *agent) while(num_identities--) { struct agent_publickey *identity; - ssize_t comment_len; + size_t comment_len; /* Read the length of the blob */ len -= 4; @@ -549,7 +667,7 @@ agent_list_identities(LIBSSH2_AGENT *agent) rc = LIBSSH2_ERROR_AGENT_PROTOCOL; goto error; } - identity = LIBSSH2_ALLOC(agent->session, sizeof *identity); + identity = LIBSSH2_ALLOC(agent->session, sizeof(*identity)); if(!identity) { rc = LIBSSH2_ERROR_ALLOC; goto error; @@ -586,14 +704,14 @@ agent_list_identities(LIBSSH2_AGENT *agent) comment_len = _libssh2_ntohu32(s); s += 4; - /* Read the comment */ - len -= comment_len; - if(len < 0) { + if(comment_len > (size_t)len) { rc = LIBSSH2_ERROR_AGENT_PROTOCOL; LIBSSH2_FREE(agent->session, identity->external.blob); LIBSSH2_FREE(agent->session, identity); goto error; } + /* Read the comment */ + len -= comment_len; identity->external.comment = LIBSSH2_ALLOC(agent->session, comment_len + 1); @@ -609,7 +727,7 @@ agent_list_identities(LIBSSH2_AGENT *agent) _libssh2_list_add(&agent->head, &identity->node); } - error: +error: LIBSSH2_FREE(agent->session, transctx->response); transctx->response = NULL; @@ -634,7 +752,7 @@ agent_free_identities(LIBSSH2_AGENT *agent) #define AGENT_PUBLICKEY_MAGIC 0x3bdefed2 /* - * agent_publickey_to_external() + * agent_publickey_to_external * * Copies data from the internal to the external representation struct. * @@ -661,7 +779,7 @@ libssh2_agent_init(LIBSSH2_SESSION *session) { LIBSSH2_AGENT *agent; - agent = LIBSSH2_CALLOC(session, sizeof *agent); + agent = LIBSSH2_CALLOC(session, sizeof(*agent)); if(!agent) { _libssh2_error(session, LIBSSH2_ERROR_ALLOC, "Unable to allocate space for agent connection"); @@ -672,7 +790,7 @@ libssh2_agent_init(LIBSSH2_SESSION *session) agent->identity_agent_path = NULL; _libssh2_list_init(&agent->head); -#ifdef WIN32 +#ifdef HAVE_WIN32_AGENTS agent->pipe = INVALID_HANDLE_VALUE; memset(&agent->overlapped, 0, sizeof(OVERLAPPED)); agent->pending_io = FALSE; @@ -682,7 +800,7 @@ libssh2_agent_init(LIBSSH2_SESSION *session) } /* - * libssh2_agent_connect() + * libssh2_agent_connect * * Connect to an ssh-agent. * @@ -702,7 +820,7 @@ libssh2_agent_connect(LIBSSH2_AGENT *agent) } /* - * libssh2_agent_list_identities() + * libssh2_agent_list_identities * * Request ssh-agent to list identities. * @@ -711,14 +829,14 @@ libssh2_agent_connect(LIBSSH2_AGENT *agent) LIBSSH2_API int libssh2_agent_list_identities(LIBSSH2_AGENT *agent) { - memset(&agent->transctx, 0, sizeof agent->transctx); + memset(&agent->transctx, 0, sizeof(agent->transctx)); /* Abandon the last fetched identities */ agent_free_identities(agent); return agent_list_identities(agent); } /* - * libssh2_agent_get_identity() + * libssh2_agent_get_identity * * Traverse the internal list of public keys. Pass NULL to 'prev' to get * the first one. Or pass a pointer to the previously returned one to get the @@ -755,7 +873,7 @@ libssh2_agent_get_identity(LIBSSH2_AGENT *agent, } /* - * libssh2_agent_userauth() + * libssh2_agent_userauth * * Do publickey user authentication with the help of ssh-agent. * @@ -770,7 +888,7 @@ libssh2_agent_userauth(LIBSSH2_AGENT *agent, int rc; if(agent->session->userauth_pblc_state == libssh2_NB_state_idle) { - memset(&agent->transctx, 0, sizeof agent->transctx); + memset(&agent->transctx, 0, sizeof(agent->transctx)); agent->identity = identity->node; } @@ -785,7 +903,58 @@ libssh2_agent_userauth(LIBSSH2_AGENT *agent, } /* - * libssh2_agent_disconnect() + * libssh2_agent_sign + * + * Sign a payload using a system-installed ssh-agent. + * + * Returns 0 if succeeded, or a negative value for error. + */ +LIBSSH2_API int +libssh2_agent_sign(LIBSSH2_AGENT *agent, + struct libssh2_agent_publickey *identity, + unsigned char **sig, + size_t *s_len, + const unsigned char *data, + size_t d_len, + const char *method, + unsigned int method_len) +{ + void *abstract = agent; + int rc; + uint32_t methodLen; + + if(agent->session->userauth_pblc_state == libssh2_NB_state_idle) { + memset(&agent->transctx, 0, sizeof(agent->transctx)); + agent->identity = identity->node; + } + + if(identity->blob_len < sizeof(uint32_t)) { + return LIBSSH2_ERROR_BUFFER_TOO_SMALL; + } + + methodLen = _libssh2_ntohu32(identity->blob); + + if(identity->blob_len < sizeof(uint32_t) + methodLen) { + return LIBSSH2_ERROR_BUFFER_TOO_SMALL; + } + + agent->session->userauth_pblc_method_len = method_len; + agent->session->userauth_pblc_method = LIBSSH2_ALLOC(agent->session, + method_len); + + memcpy(agent->session->userauth_pblc_method, method, methodLen); + + rc = agent_sign(agent->session, sig, s_len, data, d_len, &abstract); + + LIBSSH2_FREE(agent->session, agent->session->userauth_pblc_method); + agent->session->userauth_pblc_method = NULL; + agent->session->userauth_pblc_method_len = 0; + + return rc; +} + +/* + * libssh2_agent_disconnect * * Close a connection to an ssh-agent. * @@ -800,7 +969,7 @@ libssh2_agent_disconnect(LIBSSH2_AGENT *agent) } /* - * libssh2_agent_free() + * libssh2_agent_free * * Free an ssh-agent handle. This function also frees the internal * collection of public keys. @@ -813,7 +982,7 @@ libssh2_agent_free(LIBSSH2_AGENT *agent) libssh2_agent_disconnect(agent); } - if(agent->identity_agent_path != NULL) + if(agent->identity_agent_path) LIBSSH2_FREE(agent->session, agent->identity_agent_path); agent_free_identities(agent); @@ -821,7 +990,7 @@ libssh2_agent_free(LIBSSH2_AGENT *agent) } /* - * libssh2_agent_set_identity_path() + * libssh2_agent_set_identity_path * * Allows a custom agent socket path beyond SSH_AUTH_SOCK env * @@ -846,7 +1015,7 @@ libssh2_agent_set_identity_path(LIBSSH2_AGENT *agent, const char *path) } /* - * libssh2_agent_get_identity_path() + * libssh2_agent_get_identity_path * * Returns the custom agent socket path if set * diff --git a/libssh2/src/agent_win.c b/libssh2/src/agent_win.c index a1605a95f..723dc0e13 100644 --- a/libssh2/src/agent_win.c +++ b/libssh2/src/agent_win.c @@ -37,30 +37,15 @@ * OF SUCH DAMAGE. */ -#include "libssh2_priv.h" -#include "agent.h" -#include "misc.h" -#include -#ifdef HAVE_SYS_UN_H -#include -#else -/* Use the existence of sys/un.h as a test if Unix domain socket is - supported. winsock*.h define PF_UNIX/AF_UNIX but do not actually - support them. */ -#undef PF_UNIX -#endif -#include "userauth.h" -#include "session.h" -#ifdef WIN32 -#include -#endif +#ifdef HAVE_WIN32_AGENTS /* Compile this via agent.c */ + +#include /* for getenv() */ -#ifdef WIN32 /* Code to talk to OpenSSH was taken and modified from the Win32 port of * Portable OpenSSH by the PowerShell team. Commit * 8ab565c53f3619d6a1f5ac229e212cad8a52852c of * https://github.com/PowerShell/openssh-portable.git was used as the base, - * specificaly the following files: + * specifically the following files: * * - contrib\win32\win32compat\fileio.c * - Structure of agent_connect_openssh from ssh_get_authentication_socket @@ -195,7 +180,7 @@ agent_connect_openssh(LIBSSH2_AGENT *agent) } event = CreateEventA(NULL, TRUE, FALSE, NULL); - if(event == NULL) { + if(!event) { ret = _libssh2_error(agent->session, LIBSSH2_ERROR_AGENT_PROTOCOL, "unable to create async I/O event"); goto cleanup; @@ -208,7 +193,7 @@ agent_connect_openssh(LIBSSH2_AGENT *agent) agent->fd = 0; /* Mark as the connection has been established */ cleanup: - if(event != NULL) + if(event) CloseHandle(event); if(pipe != INVALID_HANDLE_VALUE) CloseHandle(pipe); @@ -273,7 +258,7 @@ agent_transact_openssh(LIBSSH2_AGENT *agent, agent_transaction_ctx_t transctx) /* Send the length of the request */ if(transctx->state == agent_NB_state_request_created) { _libssh2_htonu32(buf, (uint32_t)transctx->request_len); - rc = win32_openssh_send_all(agent, buf, sizeof buf, + rc = win32_openssh_send_all(agent, buf, sizeof(buf), &transctx->send_recv_total); if(rc == LIBSSH2_ERROR_EAGAIN) return LIBSSH2_ERROR_EAGAIN; @@ -298,7 +283,7 @@ agent_transact_openssh(LIBSSH2_AGENT *agent, agent_transaction_ctx_t transctx) /* Receive the length of the body */ if(transctx->state == agent_NB_state_request_sent) { - rc = win32_openssh_recv_all(agent, buf, sizeof buf, + rc = win32_openssh_recv_all(agent, buf, sizeof(buf), &transctx->send_recv_total); if(rc == LIBSSH2_ERROR_EAGAIN) return LIBSSH2_ERROR_EAGAIN; @@ -353,9 +338,10 @@ agent_disconnect_openssh(LIBSSH2_AGENT *agent) return LIBSSH2_ERROR_NONE; } -struct agent_ops agent_ops_openssh = { +static struct agent_ops agent_ops_openssh = { agent_connect_openssh, agent_transact_openssh, agent_disconnect_openssh }; -#endif /* WIN32 */ + +#endif /* HAVE_WIN32_AGENTS */ diff --git a/libssh2/src/bcrypt_pbkdf.c b/libssh2/src/bcrypt_pbkdf.c index f782bcac5..91be901cd 100644 --- a/libssh2/src/bcrypt_pbkdf.c +++ b/libssh2/src/bcrypt_pbkdf.c @@ -15,19 +15,14 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ +#include "libssh2_priv.h" #ifndef HAVE_BCRYPT_PBKDF -#include "libssh2_priv.h" #include -#include -#ifdef HAVE_SYS_PARAM_H -#include -#endif -#include "blf.h" - -#define MINIMUM(a,b) (((a) < (b)) ? (a) : (b)) +#define LIBSSH2_BCRYPT_PBKDF_C +#include "blowfish.c" /* * pkcs #5 pbkdf2 implementation using the "bcrypt" hash @@ -60,12 +55,15 @@ static void bcrypt_hash(uint8_t *sha2pass, uint8_t *sha2salt, uint8_t *out) { blf_ctx state; - uint8_t ciphertext[BCRYPT_HASHSIZE] = - "OxychromaticBlowfishSwatDynamite"; + uint8_t ciphertext[BCRYPT_HASHSIZE] = { + 'O', 'x', 'y', 'c', 'h', 'r', 'o', 'm', 'a', 't', 'i', 'c', + 'B', 'l', 'o', 'w', 'f', 'i', 's', 'h', + 'S', 'w', 'a', 't', + 'D', 'y', 'n', 'a', 'm', 'i', 't', 'e' }; uint32_t cdata[BCRYPT_BLOCKS]; int i; uint16_t j; - size_t shalen = SHA512_DIGEST_LENGTH; + uint16_t shalen = SHA512_DIGEST_LENGTH; /* key expansion */ Blowfish_initstate(&state); @@ -85,7 +83,7 @@ bcrypt_hash(uint8_t *sha2pass, uint8_t *sha2salt, uint8_t *out) /* copy out */ for(i = 0; i < BCRYPT_BLOCKS; i++) { - out[4 * i + 3] = (cdata[i] >> 24) & 0xff; + out[4 * i + 3] = (uint8_t)((cdata[i] >> 24) & 0xff); out[4 * i + 2] = (cdata[i] >> 16) & 0xff; out[4 * i + 1] = (cdata[i] >> 8) & 0xff; out[4 * i + 0] = cdata[i] & 0xff; @@ -97,7 +95,7 @@ bcrypt_hash(uint8_t *sha2pass, uint8_t *sha2salt, uint8_t *out) _libssh2_explicit_zero(&state, sizeof(state)); } -int +static int bcrypt_pbkdf(const char *pass, size_t passlen, const uint8_t *salt, size_t saltlen, uint8_t *key, size_t keylen, unsigned int rounds) @@ -119,7 +117,7 @@ bcrypt_pbkdf(const char *pass, size_t passlen, const uint8_t *salt, keylen > sizeof(out) * sizeof(out) || saltlen > 1<<20) return -1; countsalt = calloc(1, saltlen + 4); - if(countsalt == NULL) + if(!countsalt) return -1; stride = (keylen + sizeof(out) - 1) / sizeof(out); amt = (keylen + stride - 1) / stride; @@ -127,19 +125,19 @@ bcrypt_pbkdf(const char *pass, size_t passlen, const uint8_t *salt, memcpy(countsalt, salt, saltlen); /* collapse password */ - libssh2_sha512_init(&ctx); + (void)libssh2_sha512_init(&ctx); libssh2_sha512_update(ctx, pass, passlen); libssh2_sha512_final(ctx, sha2pass); /* generate key, sizeof(out) at a time */ for(count = 1; keylen > 0; count++) { - countsalt[saltlen + 0] = (count >> 24) & 0xff; + countsalt[saltlen + 0] = (uint8_t)((count >> 24) & 0xff); countsalt[saltlen + 1] = (count >> 16) & 0xff; countsalt[saltlen + 2] = (count >> 8) & 0xff; countsalt[saltlen + 3] = count & 0xff; /* first round, salt is salt */ - libssh2_sha512_init(&ctx); + (void)libssh2_sha512_init(&ctx); libssh2_sha512_update(ctx, countsalt, saltlen + 4); libssh2_sha512_final(ctx, sha2salt); @@ -148,7 +146,7 @@ bcrypt_pbkdf(const char *pass, size_t passlen, const uint8_t *salt, for(i = 1; i < rounds; i++) { /* subsequent rounds, salt is previous output */ - libssh2_sha512_init(&ctx); + (void)libssh2_sha512_init(&ctx); libssh2_sha512_update(ctx, tmpout, sizeof(tmpout)); libssh2_sha512_final(ctx, sha2salt); @@ -160,7 +158,7 @@ bcrypt_pbkdf(const char *pass, size_t passlen, const uint8_t *salt, /* * pbkdf2 deviation: output the key material non-linearly. */ - amt = MINIMUM(amt, keylen); + amt = LIBSSH2_MIN(amt, keylen); for(i = 0; i < amt; i++) { size_t dest = i * stride + (count - 1); if(dest >= origkeylen) { @@ -178,3 +176,22 @@ bcrypt_pbkdf(const char *pass, size_t passlen, const uint8_t *salt, return 0; } #endif /* HAVE_BCRYPT_PBKDF */ + +/* Wrapper */ + +int _libssh2_bcrypt_pbkdf(const char *pass, + size_t passlen, + const uint8_t *salt, + size_t saltlen, + uint8_t *key, + size_t keylen, + unsigned int rounds) +{ + return bcrypt_pbkdf(pass, + passlen, + salt, + saltlen, + key, + keylen, + rounds); +} diff --git a/libssh2/src/blowfish.c b/libssh2/src/blowfish.c index 4aefc66ac..b580b7171 100644 --- a/libssh2/src/blowfish.c +++ b/libssh2/src/blowfish.c @@ -1,6 +1,7 @@ /* $OpenBSD: blowfish.c,v 1.18 2004/11/02 17:23:26 hshoexer Exp $ */ /* - * Blowfish block cipher for OpenBSD + * Blowfish for OpenBSD - a fast block cipher designed by Bruce Schneier + * * Copyright 1997 Niels Provos * All rights reserved. * @@ -14,10 +15,7 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Niels Provos. - * 4. The name of the author may not be used to endorse or promote products + * 3. The name of the author may not be used to endorse or promote products * derived from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR @@ -39,38 +37,81 @@ * Bruce Schneier. */ +#if defined(LIBSSH2_BCRYPT_PBKDF_C) || defined(_DEBUG_BLOWFISH) #if !defined(HAVE_BCRYPT_PBKDF) && (!defined(HAVE_BLOWFISH_INITSTATE) || \ !defined(HAVE_BLOWFISH_EXPAND0STATE) || \ !defined(HAVE_BLF_ENC)) -#if 0 -#include /* used for debugging */ +#ifdef _DEBUG_BLOWFISH +#include #include +#include #endif -#include +/* Schneier specifies a maximum key length of 56 bytes. + * This ensures that every key bit affects every cipher + * bit. However, the subkeys can hold up to 72 bytes. + * Warning: For normal blowfish encryption only 56 bytes + * of the key affect all cipherbits. + */ -#include "libssh2.h" -#include "blf.h" +#define BLF_N 16 /* Number of Subkeys */ +#define BLF_MAXKEYLEN ((BLF_N-2)*4) /* 448 bits */ +#define BLF_MAXUTILIZED ((BLF_N + 2)*4) /* 576 bits */ -#undef inline -#ifdef __GNUC__ -#define inline __inline -#else /* !__GNUC__ */ -#define inline -#endif /* !__GNUC__ */ +/* Blowfish context */ +typedef struct BlowfishContext { + uint32_t S[4][256]; /* S-Boxes */ + uint32_t P[BLF_N + 2]; /* Subkeys */ +} blf_ctx; + +/* Raw access to customized Blowfish + * blf_key is just: + * Blowfish_initstate( state ) + * Blowfish_expand0state( state, key, keylen ) + */ + +static void Blowfish_encipher(blf_ctx *, uint32_t *, uint32_t *); +#ifdef _DEBUG_BLOWFISH +static void Blowfish_decipher(blf_ctx *, uint32_t *, uint32_t *); +#endif +static void Blowfish_initstate(blf_ctx *); +static void Blowfish_expand0state(blf_ctx *, const uint8_t *, uint16_t); +static void Blowfish_expandstate +(blf_ctx *, const uint8_t *, uint16_t, const uint8_t *, uint16_t); + +/* Standard Blowfish */ + +#ifdef _DEBUG_BLOWFISH +static void blf_key(blf_ctx *, const uint8_t *, uint16_t); +#endif +static void blf_enc(blf_ctx *, uint32_t *, uint16_t); +#ifdef _DEBUG_BLOWFISH +static void blf_dec(blf_ctx *, uint32_t *, uint16_t); +#endif + +#if 0 +static void blf_ecb_encrypt(blf_ctx *, uint8_t *, uint32_t); +static void blf_ecb_decrypt(blf_ctx *, uint8_t *, uint32_t); + +static void blf_cbc_encrypt(blf_ctx *, uint8_t *, uint8_t *, uint32_t); +static void blf_cbc_decrypt(blf_ctx *, uint8_t *, uint8_t *, uint32_t); +#endif + +/* Converts uint8_t to uint32_t */ +static uint32_t Blowfish_stream2word(const uint8_t *, uint16_t, uint16_t *); /* Function for Feistel Networks */ -#define F(s, x) ((((s)[ (((x)>>24)&0xFF)] \ - + (s)[0x100 + (((x)>>16)&0xFF)]) \ - ^ (s)[0x200 + (((x)>> 8)&0xFF)]) \ - + (s)[0x300 + ( (x) &0xFF)]) +#define F(s, x) ((((s)[ (((x) >> 24) & 0xFF)] \ + + (s)[0x100 + (((x) >> 16) & 0xFF)]) \ + ^ (s)[0x200 + (((x) >> 8) & 0xFF)]) \ + + (s)[0x300 + ( (x) & 0xFF)]) #define BLFRND(s,p,i,j,n) (i ^= F(s,j) ^ (p)[n]) -void +static void Blowfish_encipher(blf_ctx *c, uint32_t *xl, uint32_t *xr) { uint32_t Xl; @@ -95,7 +136,8 @@ Blowfish_encipher(blf_ctx *c, uint32_t *xl, uint32_t *xr) *xr = Xl; } -void +#ifdef _DEBUG_BLOWFISH +static void Blowfish_decipher(blf_ctx *c, uint32_t *xl, uint32_t *xr) { uint32_t Xl; @@ -119,8 +161,9 @@ Blowfish_decipher(blf_ctx *c, uint32_t *xl, uint32_t *xr) *xl = Xr ^ p[0]; *xr = Xl; } +#endif -void +static void Blowfish_initstate(blf_ctx *c) { /* P-box and S-box tables initialized with digits of Pi */ @@ -399,7 +442,7 @@ Blowfish_initstate(blf_ctx *c) *c = initstate; } -uint32_t +static uint32_t Blowfish_stream2word(const uint8_t *data, uint16_t databytes, uint16_t *current) { @@ -420,12 +463,12 @@ Blowfish_stream2word(const uint8_t *data, uint16_t databytes, return temp; } -void +static void Blowfish_expand0state(blf_ctx *c, const uint8_t *key, uint16_t keybytes) { - uint16_t i; + int i; + int k; uint16_t j; - uint16_t k; uint32_t temp; uint32_t datal; uint32_t datar; @@ -457,14 +500,13 @@ Blowfish_expand0state(blf_ctx *c, const uint8_t *key, uint16_t keybytes) } } - -void +static void Blowfish_expandstate(blf_ctx *c, const uint8_t *data, uint16_t databytes, const uint8_t *key, uint16_t keybytes) { - uint16_t i; + int i; + int k; uint16_t j; - uint16_t k; uint32_t temp; uint32_t datal; uint32_t datar; @@ -501,7 +543,8 @@ Blowfish_expandstate(blf_ctx *c, const uint8_t *data, uint16_t databytes, } -void +#ifdef _DEBUG_BLOWFISH +static void blf_key(blf_ctx *c, const uint8_t *k, uint16_t len) { /* Initialize S-boxes and subkeys with Pi */ @@ -510,8 +553,9 @@ blf_key(blf_ctx *c, const uint8_t *k, uint16_t len) /* Transform S-boxes and subkeys with key */ Blowfish_expand0state(c, k, len); } +#endif -void +static void blf_enc(blf_ctx *c, uint32_t *data, uint16_t blocks) { uint32_t *d; @@ -524,7 +568,8 @@ blf_enc(blf_ctx *c, uint32_t *data, uint16_t blocks) } } -void +#ifdef _DEBUG_BLOWFISH +static void blf_dec(blf_ctx *c, uint32_t *data, uint16_t blocks) { uint32_t *d; @@ -536,8 +581,10 @@ blf_dec(blf_ctx *c, uint32_t *data, uint16_t blocks) d += 2; } } +#endif -void +#if 0 +static void blf_ecb_encrypt(blf_ctx *c, uint8_t *data, uint32_t len) { uint32_t l, r; @@ -547,11 +594,11 @@ blf_ecb_encrypt(blf_ctx *c, uint8_t *data, uint32_t len) l = data[0] << 24 | data[1] << 16 | data[2] << 8 | data[3]; r = data[4] << 24 | data[5] << 16 | data[6] << 8 | data[7]; Blowfish_encipher(c, &l, &r); - data[0] = l >> 24 & 0xff; + data[0] = (uint8_t)(l >> 24 & 0xff); data[1] = l >> 16 & 0xff; data[2] = l >> 8 & 0xff; data[3] = l & 0xff; - data[4] = r >> 24 & 0xff; + data[4] = (uint8_t)(r >> 24 & 0xff); data[5] = r >> 16 & 0xff; data[6] = r >> 8 & 0xff; data[7] = r & 0xff; @@ -559,7 +606,7 @@ blf_ecb_encrypt(blf_ctx *c, uint8_t *data, uint32_t len) } } -void +static void blf_ecb_decrypt(blf_ctx *c, uint8_t *data, uint32_t len) { uint32_t l, r; @@ -569,11 +616,11 @@ blf_ecb_decrypt(blf_ctx *c, uint8_t *data, uint32_t len) l = data[0] << 24 | data[1] << 16 | data[2] << 8 | data[3]; r = data[4] << 24 | data[5] << 16 | data[6] << 8 | data[7]; Blowfish_decipher(c, &l, &r); - data[0] = l >> 24 & 0xff; + data[0] = (uint8_t)(l >> 24 & 0xff); data[1] = l >> 16 & 0xff; data[2] = l >> 8 & 0xff; data[3] = l & 0xff; - data[4] = r >> 24 & 0xff; + data[4] = (uint8_t)(r >> 24 & 0xff); data[5] = r >> 16 & 0xff; data[6] = r >> 8 & 0xff; data[7] = r & 0xff; @@ -581,7 +628,7 @@ blf_ecb_decrypt(blf_ctx *c, uint8_t *data, uint32_t len) } } -void +static void blf_cbc_encrypt(blf_ctx *c, uint8_t *iv, uint8_t *data, uint32_t len) { uint32_t l, r; @@ -593,11 +640,11 @@ blf_cbc_encrypt(blf_ctx *c, uint8_t *iv, uint8_t *data, uint32_t len) l = data[0] << 24 | data[1] << 16 | data[2] << 8 | data[3]; r = data[4] << 24 | data[5] << 16 | data[6] << 8 | data[7]; Blowfish_encipher(c, &l, &r); - data[0] = l >> 24 & 0xff; + data[0] = (uint8_t)(l >> 24 & 0xff); data[1] = l >> 16 & 0xff; data[2] = l >> 8 & 0xff; data[3] = l & 0xff; - data[4] = r >> 24 & 0xff; + data[4] = (uint8_t)(r >> 24 & 0xff); data[5] = r >> 16 & 0xff; data[6] = r >> 8 & 0xff; data[7] = r & 0xff; @@ -606,7 +653,7 @@ blf_cbc_encrypt(blf_ctx *c, uint8_t *iv, uint8_t *data, uint32_t len) } } -void +static void blf_cbc_decrypt(blf_ctx *c, uint8_t *iva, uint8_t *data, uint32_t len) { uint32_t l, r; @@ -619,11 +666,11 @@ blf_cbc_decrypt(blf_ctx *c, uint8_t *iva, uint8_t *data, uint32_t len) l = data[0] << 24 | data[1] << 16 | data[2] << 8 | data[3]; r = data[4] << 24 | data[5] << 16 | data[6] << 8 | data[7]; Blowfish_decipher(c, &l, &r); - data[0] = l >> 24 & 0xff; + data[0] = (uint8_t)(l >> 24 & 0xff); data[1] = l >> 16 & 0xff; data[2] = l >> 8 & 0xff; data[3] = l & 0xff; - data[4] = r >> 24 & 0xff; + data[4] = (uint8_t)(r >> 24 & 0xff); data[5] = r >> 16 & 0xff; data[6] = r >> 8 & 0xff; data[7] = r & 0xff; @@ -635,31 +682,31 @@ blf_cbc_decrypt(blf_ctx *c, uint8_t *iva, uint8_t *data, uint32_t len) l = data[0] << 24 | data[1] << 16 | data[2] << 8 | data[3]; r = data[4] << 24 | data[5] << 16 | data[6] << 8 | data[7]; Blowfish_decipher(c, &l, &r); - data[0] = l >> 24 & 0xff; + data[0] = (uint8_t)(l >> 24 & 0xff); data[1] = l >> 16 & 0xff; data[2] = l >> 8 & 0xff; data[3] = l & 0xff; - data[4] = r >> 24 & 0xff; + data[4] = (uint8_t)(r >> 24 & 0xff); data[5] = r >> 16 & 0xff; data[6] = r >> 8 & 0xff; data[7] = r & 0xff; for(j = 0; j < 8; j++) data[j] ^= iva[j]; } +#endif -#if 0 -void +#ifdef _DEBUG_BLOWFISH +static void report(uint32_t data[], uint16_t len) { - uint16_t i; + int i; for(i = 0; i < len; i += 2) - printf("Block %0hd: %08lx %08lx.\n", - i / 2, data[i], data[i + 1]); + printf("Block %d: 0x%08lx 0x%08lx.\n", + i / 2, (unsigned long)data[i], (unsigned long)data[i + 1]); } -void +int main(void) { - blf_ctx c; char key[] = "AAAAA"; char key2[] = "abcdefghijklmnopqrstuvwxyz"; @@ -682,12 +729,15 @@ main(void) report(data, 10); /* Second test */ - blf_key(&c, (uint8_t *) key2, strlen(key2)); + blf_key(&c, (uint8_t *) key2, (uint16_t)strlen(key2)); blf_enc(&c, data2, 1); printf("\nShould read as: 0x324ed0fe 0xf413a203.\n"); report(data2, 2); blf_dec(&c, data2, 1); + printf("\nShould read as: 0x424c4f57 0x46495348.\n"); report(data2, 2); + + return 0; } #endif @@ -695,3 +745,5 @@ main(void) (!defined(HAVE_BLOWFISH_INITSTATE) || \ !defined(HAVE_BLOWFISH_EXPAND0STATE) || \ '!defined(HAVE_BLF_ENC)) */ + +#endif /* defined(LIBSSH2_BCRYPT_PBKDF_C) || defined(_DEBUG_BLOWFISH) */ diff --git a/libssh2/src/channel.c b/libssh2/src/channel.c index 78ed40e87..2091d60d6 100644 --- a/libssh2/src/channel.c +++ b/libssh2/src/channel.c @@ -39,13 +39,14 @@ */ #include "libssh2_priv.h" + #ifdef HAVE_UNISTD_H #include #endif -#include #ifdef HAVE_INTTYPES_H #include #endif + #include #include "channel.h" @@ -81,8 +82,8 @@ _libssh2_channel_nextid(LIBSSH2_SESSION * session) * told... */ session->next_channel = id + 1; - _libssh2_debug(session, LIBSSH2_TRACE_CONN, "Allocated new channel ID#%lu", - id); + _libssh2_debug((session, LIBSSH2_TRACE_CONN, + "Allocated new channel ID#%lu", id)); return id; } @@ -154,9 +155,9 @@ _libssh2_channel_open(LIBSSH2_SESSION * session, const char *channel_type, memset(&session->open_packet_requirev_state, 0, sizeof(session->open_packet_requirev_state)); - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "Opening Channel - win %d pack %d", window_size, - packet_size); + packet_size)); session->open_channel = LIBSSH2_CALLOC(session, sizeof(LIBSSH2_CHANNEL)); if(!session->open_channel) { @@ -262,7 +263,7 @@ _libssh2_channel_open(LIBSSH2_SESSION * session, const char *channel_type, _libssh2_ntohu32(session->open_data + 9); session->open_channel->local.packet_size = _libssh2_ntohu32(session->open_data + 13); - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "Connection Established - ID: %lu/%lu win: %lu/%lu" " pack: %lu/%lu", session->open_channel->local.id, @@ -270,7 +271,7 @@ _libssh2_channel_open(LIBSSH2_SESSION * session, const char *channel_type, session->open_channel->local.window_size, session->open_channel->remote.window_size, session->open_channel->local.packet_size, - session->open_channel->remote.packet_size); + session->open_channel->remote.packet_size)); LIBSSH2_FREE(session, session->open_packet); session->open_packet = NULL; LIBSSH2_FREE(session, session->open_data); @@ -308,7 +309,7 @@ _libssh2_channel_open(LIBSSH2_SESSION * session, const char *channel_type, } } - channel_error: +channel_error: if(session->open_data) { LIBSSH2_FREE(session, session->open_data); @@ -327,14 +328,14 @@ _libssh2_channel_open(LIBSSH2_SESSION * session, const char *channel_type, /* Clear out packets meant for this channel */ _libssh2_htonu32(channel_id, session->open_channel->local.id); while((_libssh2_packet_ask(session, SSH_MSG_CHANNEL_DATA, - &session->open_data, - &session->open_data_len, 1, - channel_id, 4) >= 0) - || - (_libssh2_packet_ask(session, SSH_MSG_CHANNEL_EXTENDED_DATA, - &session->open_data, - &session->open_data_len, 1, - channel_id, 4) >= 0)) { + &session->open_data, + &session->open_data_len, 1, + channel_id, 4) >= 0) + || + (_libssh2_packet_ask(session, SSH_MSG_CHANNEL_EXTENDED_DATA, + &session->open_data, + &session->open_data_len, 1, + channel_id, 4) >= 0)) { LIBSSH2_FREE(session, session->open_data); session->open_data = NULL; } @@ -390,9 +391,9 @@ channel_direct_tcpip(LIBSSH2_SESSION * session, const char *host, session->direct_message_len = session->direct_host_len + session->direct_shost_len + 16; - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "Requesting direct-tcpip session from %s:%d to %s:%d", - shost, sport, host, port); + shost, sport, host, port)); s = session->direct_message = LIBSSH2_ALLOC(session, session->direct_message_len); @@ -452,6 +453,85 @@ libssh2_channel_direct_tcpip_ex(LIBSSH2_SESSION *session, const char *host, return ptr; } +/* + * libssh2_channel_direct_streamlocal_ex + * + * Tunnel TCP/IP connect through the SSH session to direct UNIX socket + */ +static LIBSSH2_CHANNEL * +channel_direct_streamlocal(LIBSSH2_SESSION * session, const char *socket_path, + const char *shost, int sport) +{ + LIBSSH2_CHANNEL *channel; + unsigned char *s; + + if(session->direct_state == libssh2_NB_state_idle) { + session->direct_host_len = strlen(socket_path); + session->direct_shost_len = strlen(shost); + session->direct_message_len = + session->direct_host_len + session->direct_shost_len + 12; + + _libssh2_debug((session, LIBSSH2_TRACE_CONN, + "Requesting direct-streamlocal session to %s", + socket_path)); + + s = session->direct_message = + LIBSSH2_ALLOC(session, session->direct_message_len); + if(!session->direct_message) { + _libssh2_error(session, LIBSSH2_ERROR_ALLOC, + "Unable to allocate memory for direct-streamlocal connection"); + return NULL; + } + _libssh2_store_str(&s, socket_path, session->direct_host_len); + _libssh2_store_str(&s, shost, session->direct_shost_len); + _libssh2_store_u32(&s, sport); + } + + channel = + _libssh2_channel_open(session, "direct-streamlocal@openssh.com", + sizeof("direct-streamlocal@openssh.com") - 1, + LIBSSH2_CHANNEL_WINDOW_DEFAULT, + LIBSSH2_CHANNEL_PACKET_DEFAULT, + session->direct_message, + session->direct_message_len); + + if(!channel && + libssh2_session_last_errno(session) == LIBSSH2_ERROR_EAGAIN) { + /* The error code is still set to LIBSSH2_ERROR_EAGAIN, set our state + to created to avoid re-creating the package on next invoke */ + session->direct_state = libssh2_NB_state_created; + return NULL; + } + /* by default we set (keep?) idle state... */ + session->direct_state = libssh2_NB_state_idle; + + LIBSSH2_FREE(session, session->direct_message); + session->direct_message = NULL; + + return channel; +} + +/* + * libssh2_channel_direct_streamlocal_ex + * + * Tunnel TCP/IP connect through the SSH session to direct UNIX socket + */ +LIBSSH2_API LIBSSH2_CHANNEL * +libssh2_channel_direct_streamlocal_ex(LIBSSH2_SESSION * session, + const char *socket_path, + const char *shost, int sport) +{ + LIBSSH2_CHANNEL *ptr; + + if(!session) + return NULL; + + BLOCK_ADJUST_ERRNO(ptr, session, + channel_direct_streamlocal(session, + socket_path, shost, sport)); + return ptr; +} + /* * channel_forward_listen * @@ -470,19 +550,20 @@ channel_forward_listen(LIBSSH2_SESSION * session, const char *host, host = "0.0.0.0"; if(session->fwdLstn_state == libssh2_NB_state_idle) { - session->fwdLstn_host_len = strlen(host); + session->fwdLstn_host_len = (uint32_t)strlen(host); /* 14 = packet_type(1) + request_len(4) + want_replay(1) + host_len(4) + port(4) */ session->fwdLstn_packet_len = - session->fwdLstn_host_len + (sizeof("tcpip-forward") - 1) + 14; + session->fwdLstn_host_len + + (uint32_t)(sizeof("tcpip-forward") - 1) + 14; /* Zero the whole thing out */ memset(&session->fwdLstn_packet_requirev_state, 0, sizeof(session->fwdLstn_packet_requirev_state)); - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "Requesting tcpip-forward session for %s:%d", host, - port); + port)); s = session->fwdLstn_packet = LIBSSH2_ALLOC(session, session->fwdLstn_packet_len); @@ -567,10 +648,10 @@ channel_forward_listen(LIBSSH2_SESSION * session, const char *host, listener->host[session->fwdLstn_host_len] = 0; if(data_len >= 5 && !port) { listener->port = _libssh2_ntohu32(data + 1); - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "Dynamic tcpip-forward port " "allocated: %d", - listener->port); + listener->port)); } else listener->port = port; @@ -647,9 +728,9 @@ int _libssh2_channel_forward_cancel(LIBSSH2_LISTENER *listener) int retcode = 0; if(listener->chanFwdCncl_state == libssh2_NB_state_idle) { - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "Cancelling tcpip-forward session for %s:%d", - listener->host, listener->port); + listener->host, listener->port)); s = packet = LIBSSH2_ALLOC(session, packet_len); if(!packet) { @@ -818,10 +899,10 @@ static int channel_setenv(LIBSSH2_CHANNEL *channel, memset(&channel->setenv_packet_requirev_state, 0, sizeof(channel->setenv_packet_requirev_state)); - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "Setting remote environment variable: %s=%s on " "channel %lu/%lu", - varname, value, channel->local.id, channel->remote.id); + varname, value, channel->local.id, channel->remote.id)); s = channel->setenv_packet = LIBSSH2_ALLOC(session, channel->setenv_packet_len); @@ -877,7 +958,9 @@ static int channel_setenv(LIBSSH2_CHANNEL *channel, } if(rc) { channel->setenv_state = libssh2_NB_state_idle; - return rc; + return _libssh2_error(session, rc, + "Failed getting response for " + "channel-setenv"); } else if(data_len < 1) { channel->setenv_state = libssh2_NB_state_idle; @@ -951,9 +1034,9 @@ static int channel_request_pty(LIBSSH2_CHANNEL *channel, memset(&channel->reqPTY_packet_requirev_state, 0, sizeof(channel->reqPTY_packet_requirev_state)); - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "Allocating tty on channel %lu/%lu", channel->local.id, - channel->remote.id); + channel->remote.id)); s = channel->reqPTY_packet; @@ -1054,9 +1137,9 @@ static int channel_request_auth_agent(LIBSSH2_CHANNEL *channel, memset(&channel->req_auth_agent_requirev_state, 0, sizeof(channel->req_auth_agent_requirev_state)); - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "Requesting auth agent on channel %lu/%lu", - channel->local.id, channel->remote.id); + channel->local.id, channel->remote.id)); /* * byte SSH_MSG_CHANNEL_REQUEST @@ -1083,6 +1166,7 @@ static int channel_request_auth_agent(LIBSSH2_CHANNEL *channel, if(rc == LIBSSH2_ERROR_EAGAIN) { _libssh2_error(session, rc, "Would block sending auth-agent request"); + return rc; } else if(rc) { channel->req_auth_agent_state = libssh2_NB_state_idle; @@ -1099,10 +1183,10 @@ static int channel_request_auth_agent(LIBSSH2_CHANNEL *channel, size_t data_len; unsigned char code; - rc = _libssh2_packet_requirev( - session, reply_codes, &data, &data_len, 1, - channel->req_auth_agent_local_channel, - 4, &channel->req_auth_agent_requirev_state); + rc = _libssh2_packet_requirev(session, reply_codes, &data, &data_len, + 1, channel->req_auth_agent_local_channel, + 4, + &channel->req_auth_agent_requirev_state); if(rc == LIBSSH2_ERROR_EAGAIN) { return rc; } @@ -1125,13 +1209,14 @@ static int channel_request_auth_agent(LIBSSH2_CHANNEL *channel, "Unable to complete request for auth-agent"); } -/** +/* * libssh2_channel_request_auth_agent + * * Requests that agent forwarding be enabled for the session. The * request must be sent over a specific channel, which starts the agent * listener on the remote side. Once the channel is closed, the agent * listener continues to exist. - * */ + */ LIBSSH2_API int libssh2_channel_request_auth_agent(LIBSSH2_CHANNEL *channel) { @@ -1140,6 +1225,8 @@ libssh2_channel_request_auth_agent(LIBSSH2_CHANNEL *channel) if(!channel) return LIBSSH2_ERROR_BAD_USE; + rc = LIBSSH2_ERROR_CHANNEL_UNKNOWN; + /* The current RFC draft for agent forwarding says you're supposed to * send "auth-agent-req," but most SSH servers out there right now * actually expect "auth-agent-req@openssh.com", so we try that @@ -1152,7 +1239,8 @@ libssh2_channel_request_auth_agent(LIBSSH2_CHANNEL *channel) /* If we failed (but not with EAGAIN), then we move onto * the next step to try another request type. */ - if(rc != 0 && rc != LIBSSH2_ERROR_EAGAIN) + if(rc != LIBSSH2_ERROR_NONE && + rc != LIBSSH2_ERROR_EAGAIN) channel->req_auth_agent_try_state = libssh2_NB_state_sent; } @@ -1163,12 +1251,13 @@ libssh2_channel_request_auth_agent(LIBSSH2_CHANNEL *channel) /* If we failed without an EAGAIN, then move on with this * state machine. */ - if(rc != 0 && rc != LIBSSH2_ERROR_EAGAIN) + if(rc != LIBSSH2_ERROR_NONE && + rc != LIBSSH2_ERROR_EAGAIN) channel->req_auth_agent_try_state = libssh2_NB_state_sent1; } /* If things are good, reset the try state. */ - if(rc == 0) + if(rc == LIBSSH2_ERROR_NONE) channel->req_auth_agent_try_state = libssh2_NB_state_idle; return rc; @@ -1212,10 +1301,10 @@ channel_request_pty_size(LIBSSH2_CHANNEL * channel, int width, memset(&channel->reqPTY_packet_requirev_state, 0, sizeof(channel->reqPTY_packet_requirev_state)); - _libssh2_debug(session, LIBSSH2_TRACE_CONN, - "changing tty size on channel %lu/%lu", - channel->local.id, - channel->remote.id); + _libssh2_debug((session, LIBSSH2_TRACE_CONN, + "changing tty size on channel %lu/%lu", + channel->local.id, + channel->remote.id)); s = channel->reqPTY_packet; @@ -1301,13 +1390,13 @@ channel_x11_req(LIBSSH2_CHANNEL *channel, int single_connection, memset(&channel->reqX11_packet_requirev_state, 0, sizeof(channel->reqX11_packet_requirev_state)); - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "Requesting x11-req for channel %lu/%lu: single=%d " "proto=%s cookie=%s screen=%d", channel->local.id, channel->remote.id, single_connection, auth_proto ? auth_proto : "MIT-MAGIC-COOKIE-1", - auth_cookie ? auth_cookie : "", screen_number); + auth_cookie ? auth_cookie : "", screen_number)); s = channel->reqX11_packet = LIBSSH2_ALLOC(session, channel->reqX11_packet_len); @@ -1326,7 +1415,7 @@ channel_x11_req(LIBSSH2_CHANNEL *channel, int single_connection, _libssh2_store_str(&s, auth_proto ? auth_proto : "MIT-MAGIC-COOKIE-1", proto_len); - _libssh2_store_u32(&s, cookie_len); + _libssh2_store_u32(&s, (uint32_t)cookie_len); if(auth_cookie) { memcpy(s, auth_cookie, cookie_len); } @@ -1459,10 +1548,10 @@ _libssh2_channel_process_startup(LIBSSH2_CHANNEL *channel, if(message) channel->process_packet_len += + 4; - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "starting request(%s) on channel %lu/%lu, message=%s", request, channel->local.id, channel->remote.id, - message ? message : ""); + message ? message : "")); s = channel->process_packet = LIBSSH2_ALLOC(session, channel->process_packet_len); if(!channel->process_packet) @@ -1476,7 +1565,7 @@ _libssh2_channel_process_startup(LIBSSH2_CHANNEL *channel, *(s++) = 0x01; if(message) - _libssh2_store_u32(&s, message_len); + _libssh2_store_u32(&s, (uint32_t)message_len); channel->process_state = libssh2_NB_state_created; } @@ -1567,7 +1656,7 @@ LIBSSH2_API void libssh2_channel_set_blocking(LIBSSH2_CHANNEL * channel, int blocking) { if(channel) - (void) _libssh2_session_set_blocking(channel->session, blocking); + (void)_libssh2_session_set_blocking(channel->session, blocking); } /* @@ -1591,8 +1680,8 @@ _libssh2_channel_flush(LIBSSH2_CHANNEL *channel, int streamid) if(packet->data_len < 1) { packet = next; - _libssh2_debug(channel->session, LIBSSH2_TRACE_ERROR, - "Unexpected packet length"); + _libssh2_debug((channel->session, LIBSSH2_TRACE_ERROR, + "Unexpected packet length")); continue; } @@ -1628,11 +1717,11 @@ _libssh2_channel_flush(LIBSSH2_CHANNEL *channel, int streamid) size_t bytes_to_flush = packet->data_len - packet->data_head; - _libssh2_debug(channel->session, LIBSSH2_TRACE_CONN, + _libssh2_debug((channel->session, LIBSSH2_TRACE_CONN, "Flushing %d bytes of data from stream " "%lu on channel %lu/%lu", bytes_to_flush, packet_stream_id, - channel->local.id, channel->remote.id); + channel->local.id, channel->remote.id)); /* It's one of the streams we wanted to flush */ channel->flush_refund_bytes += packet->data_len - 13; @@ -1652,20 +1741,20 @@ _libssh2_channel_flush(LIBSSH2_CHANNEL *channel, int streamid) } channel->read_avail -= channel->flush_flush_bytes; - channel->remote.window_size -= channel->flush_flush_bytes; + channel->remote.window_size -= (uint32_t)channel->flush_flush_bytes; if(channel->flush_refund_bytes) { int rc = _libssh2_channel_receive_window_adjust(channel, - channel->flush_refund_bytes, - 1, NULL); + (uint32_t)channel->flush_refund_bytes, + 1, NULL); if(rc == LIBSSH2_ERROR_EAGAIN) return rc; } channel->flush_state = libssh2_NB_state_idle; - return channel->flush_flush_bytes; + return (int)channel->flush_flush_bytes; } /* @@ -1734,7 +1823,7 @@ libssh2_channel_get_exit_signal(LIBSSH2_CHANNEL *channel, *exitsignal = LIBSSH2_ALLOC(session, namelen + 1); if(!*exitsignal) { return _libssh2_error(session, LIBSSH2_ERROR_ALLOC, - "Unable to allocate memory for signal name"); + "Unable to allocate memory for signal name"); } memcpy(*exitsignal, channel->exit_signal, namelen); (*exitsignal)[namelen] = '\0'; @@ -1791,10 +1880,10 @@ _libssh2_channel_receive_window_adjust(LIBSSH2_CHANNEL * channel, if(!force && (adjustment + channel->adjust_queue < LIBSSH2_CHANNEL_MINADJUST)) { - _libssh2_debug(channel->session, LIBSSH2_TRACE_CONN, + _libssh2_debug((channel->session, LIBSSH2_TRACE_CONN, "Queueing %lu bytes for receive window adjustment " "for channel %lu/%lu", - adjustment, channel->local.id, channel->remote.id); + adjustment, channel->local.id, channel->remote.id)); channel->adjust_queue += adjustment; return 0; } @@ -1810,10 +1899,10 @@ _libssh2_channel_receive_window_adjust(LIBSSH2_CHANNEL * channel, channel->adjust_adjust[0] = SSH_MSG_CHANNEL_WINDOW_ADJUST; _libssh2_htonu32(&channel->adjust_adjust[1], channel->remote.id); _libssh2_htonu32(&channel->adjust_adjust[5], adjustment); - _libssh2_debug(channel->session, LIBSSH2_TRACE_CONN, + _libssh2_debug((channel->session, LIBSSH2_TRACE_CONN, "Adjusting window %lu bytes for data on " "channel %lu/%lu", - adjustment, channel->local.id, channel->remote.id); + adjustment, channel->local.id, channel->remote.id)); channel->adjust_state = libssh2_NB_state_created; } @@ -1865,7 +1954,8 @@ libssh2_channel_receive_window_adjust(LIBSSH2_CHANNEL *channel, return (unsigned long)LIBSSH2_ERROR_BAD_USE; BLOCK_ADJUST(rc, channel->session, - _libssh2_channel_receive_window_adjust(channel, adj, + _libssh2_channel_receive_window_adjust(channel, + (uint32_t)adj, force, &window)); /* stupid - but this is how it was made to work before and this is just @@ -1896,8 +1986,9 @@ libssh2_channel_receive_window_adjust2(LIBSSH2_CHANNEL *channel, return LIBSSH2_ERROR_BAD_USE; BLOCK_ADJUST(rc, channel->session, - _libssh2_channel_receive_window_adjust(channel, adj, force, - window)); + _libssh2_channel_receive_window_adjust(channel, + (uint32_t)adj, + force, window)); return rc; } @@ -1905,10 +1996,10 @@ int _libssh2_channel_extended_data(LIBSSH2_CHANNEL *channel, int ignore_mode) { if(channel->extData2_state == libssh2_NB_state_idle) { - _libssh2_debug(channel->session, LIBSSH2_TRACE_CONN, + _libssh2_debug((channel->session, LIBSSH2_TRACE_CONN, "Setting channel %lu/%lu handle_extended_data" " mode to %d", - channel->local.id, channel->remote.id, ignore_mode); + channel->local.id, channel->remote.id, ignore_mode)); channel->remote.extended_data_ignore_mode = (char)ignore_mode; channel->extData2_state = libssh2_NB_state_created; @@ -1929,7 +2020,7 @@ _libssh2_channel_extended_data(LIBSSH2_CHANNEL *channel, int ignore_mode) } /* - * libssh2_channel_handle_extended_data2() + * libssh2_channel_handle_extended_data2 * */ LIBSSH2_API int @@ -1988,19 +2079,19 @@ ssize_t _libssh2_channel_read(LIBSSH2_CHANNEL *channel, int stream_id, LIBSSH2_PACKET *read_packet; LIBSSH2_PACKET *read_next; - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "channel_read() wants %d bytes from channel %lu/%lu " "stream #%d", (int) buflen, channel->local.id, channel->remote.id, - stream_id); + stream_id)); /* expand the receiving window first if it has become too narrow */ if((channel->read_state == libssh2_NB_state_jump1) || (channel->remote.window_size < - channel->remote.window_size_initial / 4 * 3 + buflen) ) { + channel->remote.window_size_initial / 4 * 3 + buflen)) { - uint32_t adjustment = channel->remote.window_size_initial + buflen - - channel->remote.window_size; + uint32_t adjustment = (uint32_t)(channel->remote.window_size_initial + + buflen - channel->remote.window_size); if(adjustment < LIBSSH2_CHANNEL_MINADJUST) adjustment = LIBSSH2_CHANNEL_MINADJUST; @@ -2041,8 +2132,13 @@ ssize_t _libssh2_channel_read(LIBSSH2_CHANNEL *channel, int stream_id, if(readpkt->data_len < 5) { read_packet = read_next; - _libssh2_debug(channel->session, LIBSSH2_TRACE_ERROR, - "Unexpected packet length"); + + if(readpkt->data_len != 1 || + readpkt->data[0] != SSH_MSG_REQUEST_FAILURE) { + _libssh2_debug((channel->session, LIBSSH2_TRACE_ERROR, + "Unexpected packet length")); + } + continue; } @@ -2080,11 +2176,11 @@ ssize_t _libssh2_channel_read(LIBSSH2_CHANNEL *channel, int stream_id, unlink_packet = TRUE; } - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "channel_read() got %d of data from %lu/%lu/%d%s", bytes_want, channel->local.id, channel->remote.id, stream_id, - unlink_packet?" [ul]":""); + unlink_packet?" [ul]":"")); /* copy data from this struct to the target buffer */ memcpy(&buf[bytes_read], @@ -2123,7 +2219,7 @@ ssize_t _libssh2_channel_read(LIBSSH2_CHANNEL *channel, int stream_id, } channel->read_avail -= bytes_read; - channel->remote.window_size -= bytes_read; + channel->remote.window_size -= (uint32_t)bytes_read; return bytes_read; } @@ -2146,7 +2242,7 @@ LIBSSH2_API ssize_t libssh2_channel_read_ex(LIBSSH2_CHANNEL *channel, int stream_id, char *buf, size_t buflen) { - int rc; + ssize_t rc; unsigned long recv_window; if(!channel) @@ -2156,8 +2252,8 @@ libssh2_channel_read_ex(LIBSSH2_CHANNEL *channel, int stream_id, char *buf, if(buflen > recv_window) { BLOCK_ADJUST(rc, channel->session, - _libssh2_channel_receive_window_adjust(channel, buflen, - 1, NULL)); + _libssh2_channel_receive_window_adjust(channel, + (uint32_t)buflen, 1, NULL)); } BLOCK_ADJUST(rc, channel->session, @@ -2180,7 +2276,7 @@ _libssh2_channel_packet_data_len(LIBSSH2_CHANNEL * channel, int stream_id) uint32_t read_local_id; read_packet = _libssh2_list_first(&session->packets); - if(read_packet == NULL) + if(!read_packet) return 0; while(read_packet) { @@ -2189,8 +2285,8 @@ _libssh2_channel_packet_data_len(LIBSSH2_CHANNEL * channel, int stream_id) if(read_packet->data_len < 5) { read_packet = next_packet; - _libssh2_debug(channel->session, LIBSSH2_TRACE_ERROR, - "Unexpected packet length"); + _libssh2_debug((channel->session, LIBSSH2_TRACE_ERROR, + "Unexpected packet length")); continue; } @@ -2218,7 +2314,7 @@ _libssh2_channel_packet_data_len(LIBSSH2_CHANNEL * channel, int stream_id) && (channel->local.id == read_local_id) && (channel->remote.extended_data_ignore_mode == LIBSSH2_CHANNEL_EXTENDED_DATA_MERGE))) { - return (read_packet->data_len - read_packet->data_head); + return read_packet->data_len - read_packet->data_head; } read_packet = next_packet; @@ -2258,15 +2354,15 @@ _libssh2_channel_write(LIBSSH2_CHANNEL *channel, int stream_id, if(channel->write_state == libssh2_NB_state_idle) { unsigned char *s = channel->write_packet; - _libssh2_debug(channel->session, LIBSSH2_TRACE_CONN, + _libssh2_debug((channel->session, LIBSSH2_TRACE_CONN, "Writing %d bytes on channel %lu/%lu, stream #%d", (int) buflen, channel->local.id, channel->remote.id, - stream_id); + stream_id)); if(channel->local.close) return _libssh2_error(channel->session, LIBSSH2_ERROR_CHANNEL_CLOSED, - "We've already closed this channel"); + "We have already closed this channel"); else if(channel->local.eof) return _libssh2_error(channel->session, LIBSSH2_ERROR_CHANNEL_EOF_SENT, @@ -2293,7 +2389,7 @@ _libssh2_channel_write(LIBSSH2_CHANNEL *channel, int stream_id, */ session->socket_block_directions = LIBSSH2_SESSION_BLOCK_INBOUND; - return (rc == LIBSSH2_ERROR_EAGAIN?rc:0); + return rc == LIBSSH2_ERROR_EAGAIN ? rc : 0; } channel->write_bufwrite = buflen; @@ -2307,30 +2403,30 @@ _libssh2_channel_write(LIBSSH2_CHANNEL *channel, int stream_id, /* Don't exceed the remote end's limits */ /* REMEMBER local means local as the SOURCE of the data */ if(channel->write_bufwrite > channel->local.window_size) { - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "Splitting write block due to %lu byte " "window_size on %lu/%lu/%d", channel->local.window_size, channel->local.id, - channel->remote.id, stream_id); + channel->remote.id, stream_id)); channel->write_bufwrite = channel->local.window_size; } if(channel->write_bufwrite > channel->local.packet_size) { - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "Splitting write block due to %lu byte " "packet_size on %lu/%lu/%d", channel->local.packet_size, channel->local.id, - channel->remote.id, stream_id); + channel->remote.id, stream_id)); channel->write_bufwrite = channel->local.packet_size; } /* store the size here only, the buffer is passed in as-is to _libssh2_transport_send() */ - _libssh2_store_u32(&s, channel->write_bufwrite); + _libssh2_store_u32(&s, (uint32_t)channel->write_bufwrite); channel->write_packet_len = s - channel->write_packet; - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "Sending %d bytes on channel %lu/%lu, stream_id=%d", (int) channel->write_bufwrite, channel->local.id, - channel->remote.id, stream_id); + channel->remote.id, stream_id)); channel->write_state = libssh2_NB_state_created; } @@ -2349,7 +2445,7 @@ _libssh2_channel_write(LIBSSH2_CHANNEL *channel, int stream_id, "Unable to send channel data"); } /* Shrink local window size */ - channel->local.window_size -= channel->write_bufwrite; + channel->local.window_size -= (uint32_t)channel->write_bufwrite; wrote += channel->write_bufwrite; @@ -2402,9 +2498,9 @@ static int channel_send_eof(LIBSSH2_CHANNEL *channel) unsigned char packet[5]; /* packet_type(1) + channelno(4) */ int rc; - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "Sending EOF on channel %lu/%lu", - channel->local.id, channel->remote.id); + channel->local.id, channel->remote.id)); packet[0] = SSH_MSG_CHANNEL_EOF; _libssh2_htonu32(packet + 1, channel->remote.id); rc = _libssh2_transport_send(session, packet, 5, NULL, 0); @@ -2463,8 +2559,8 @@ libssh2_channel_eof(LIBSSH2_CHANNEL * channel) if(packet->data_len < 1) { packet = next_packet; - _libssh2_debug(channel->session, LIBSSH2_TRACE_ERROR, - "Unexpected packet length"); + _libssh2_debug((channel->session, LIBSSH2_TRACE_ERROR, + "Unexpected packet length")); continue; } @@ -2492,9 +2588,9 @@ static int channel_wait_eof(LIBSSH2_CHANNEL *channel) int rc; if(channel->wait_eof_state == libssh2_NB_state_idle) { - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "Awaiting EOF for channel %lu/%lu", channel->local.id, - channel->remote.id); + channel->remote.id)); channel->wait_eof_state = libssh2_NB_state_created; } @@ -2566,7 +2662,7 @@ int _libssh2_channel_close(LIBSSH2_CHANNEL * channel) return rc; } _libssh2_error(session, rc, - "Unable to send EOF, but closing channel anyway"); + "Unable to send EOF, but closing channel anyway"); } } @@ -2574,8 +2670,8 @@ int _libssh2_channel_close(LIBSSH2_CHANNEL * channel) late for us to wait for it. Continue closing! */ if(channel->close_state == libssh2_NB_state_idle) { - _libssh2_debug(session, LIBSSH2_TRACE_CONN, "Closing channel %lu/%lu", - channel->local.id, channel->remote.id); + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "Closing channel %lu/%lu", + channel->local.id, channel->remote.id)); channel->close_packet[0] = SSH_MSG_CHANNEL_CLOSE; _libssh2_htonu32(channel->close_packet + 1, channel->remote.id); @@ -2643,7 +2739,7 @@ libssh2_channel_close(LIBSSH2_CHANNEL *channel) if(!channel) return LIBSSH2_ERROR_BAD_USE; - BLOCK_ADJUST(rc, channel->session, _libssh2_channel_close(channel) ); + BLOCK_ADJUST(rc, channel->session, _libssh2_channel_close(channel)); return rc; } @@ -2664,9 +2760,9 @@ static int channel_wait_closed(LIBSSH2_CHANNEL *channel) } if(channel->wait_closed_state == libssh2_NB_state_idle) { - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "Awaiting close of channel %lu/%lu", channel->local.id, - channel->remote.id); + channel->remote.id)); channel->wait_closed_state = libssh2_NB_state_created; } @@ -2727,9 +2823,9 @@ int _libssh2_channel_free(LIBSSH2_CHANNEL *channel) assert(session); if(channel->free_state == libssh2_NB_state_idle) { - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "Freeing channel %lu/%lu resources", channel->local.id, - channel->remote.id); + channel->remote.id)); channel->free_state = libssh2_NB_state_created; } @@ -2761,10 +2857,10 @@ int _libssh2_channel_free(LIBSSH2_CHANNEL *channel) /* Clear out packets meant for this channel */ _libssh2_htonu32(channel_id, channel->local.id); while((_libssh2_packet_ask(session, SSH_MSG_CHANNEL_DATA, &data, - &data_len, 1, channel_id, 4) >= 0) - || - (_libssh2_packet_ask(session, SSH_MSG_CHANNEL_EXTENDED_DATA, &data, - &data_len, 1, channel_id, 4) >= 0)) { + &data_len, 1, channel_id, 4) >= 0) + || + (_libssh2_packet_ask(session, SSH_MSG_CHANNEL_EXTENDED_DATA, &data, + &data_len, 1, channel_id, 4) >= 0)) { LIBSSH2_FREE(session, data); } @@ -2824,7 +2920,7 @@ libssh2_channel_free(LIBSSH2_CHANNEL *channel) */ LIBSSH2_API unsigned long libssh2_channel_window_read_ex(LIBSSH2_CHANNEL *channel, - unsigned long *read_avail, + /* FIXME: -> size_t */ unsigned long *read_avail, unsigned long *window_size_initial) { if(!channel) @@ -2846,8 +2942,8 @@ libssh2_channel_window_read_ex(LIBSSH2_CHANNEL *channel, if(packet->data_len < 1) { packet = next_packet; - _libssh2_debug(channel->session, LIBSSH2_TRACE_ERROR, - "Unexpected packet length"); + _libssh2_debug((channel->session, LIBSSH2_TRACE_ERROR, + "Unexpected packet length")); continue; } @@ -2864,7 +2960,7 @@ libssh2_channel_window_read_ex(LIBSSH2_CHANNEL *channel, packet = next_packet; } - *read_avail = bytes_queued; + *read_avail = (unsigned long)bytes_queued; } return channel->remote.window_size; @@ -2893,3 +2989,87 @@ libssh2_channel_window_write_ex(LIBSSH2_CHANNEL *channel, return channel->local.window_size; } + +/* A signal can be delivered to the remote process/service using the + following message. Some systems may not implement signals, in which + case they SHOULD ignore this message. + + byte SSH_MSG_CHANNEL_REQUEST + uint32 recipient channel + string "signal" + boolean FALSE + string signal name (without the "SIG" prefix) + + 'signal name' values will be encoded as discussed in the passage + describing SSH_MSG_CHANNEL_REQUEST messages using "exit-signal" in + this section. + */ +static int channel_signal(LIBSSH2_CHANNEL *channel, + const char *signame, + size_t signame_len) +{ + LIBSSH2_SESSION *session = channel->session; + int retcode = LIBSSH2_ERROR_PROTO; + + if(channel->sendsignal_state == libssh2_NB_state_idle) { + unsigned char *s; + + /* 20 = packet_type(1) + channel(4) + + signal_len + sizeof(signal) - 1 + want_reply(1) + + signame_len_len(4) */ + channel->sendsignal_packet_len = 20 + signame_len; + + s = channel->sendsignal_packet = + LIBSSH2_ALLOC(session, channel->sendsignal_packet_len); + if(!channel->sendsignal_packet) + return _libssh2_error(session, LIBSSH2_ERROR_ALLOC, + "Unable to allocate memory for " + "signal request"); + + *(s++) = SSH_MSG_CHANNEL_REQUEST; + _libssh2_store_u32(&s, channel->remote.id); + _libssh2_store_str(&s, "signal", sizeof("signal") - 1); + *(s++) = 0x00; /* Don't reply */ + _libssh2_store_str(&s, signame, signame_len); + + channel->sendsignal_state = libssh2_NB_state_created; + } + + if(channel->sendsignal_state == libssh2_NB_state_created) { + int rc; + + rc = _libssh2_transport_send(session, channel->sendsignal_packet, + channel->sendsignal_packet_len, + NULL, 0); + if(rc == LIBSSH2_ERROR_EAGAIN) { + _libssh2_error(session, rc, "Would block sending signal request"); + return rc; + } + else if(rc) { + LIBSSH2_FREE(session, channel->sendsignal_packet); + channel->sendsignal_state = libssh2_NB_state_idle; + return _libssh2_error(session, rc, "Unable to send signal packet"); + } + LIBSSH2_FREE(session, channel->sendsignal_packet); + retcode = LIBSSH2_ERROR_NONE; + } + + channel->sendsignal_state = libssh2_NB_state_idle; + + return retcode; +} + +LIBSSH2_API int +libssh2_channel_signal_ex(LIBSSH2_CHANNEL *channel, + const char *signame, + size_t signame_len) +{ + int rc; + + if(!channel) + return LIBSSH2_ERROR_BAD_USE; + + BLOCK_ADJUST(rc, channel->session, + channel_signal(channel, signame, signame_len)); + return rc; +} diff --git a/libssh2/src/channel.h b/libssh2/src/channel.h index dc0ee3764..4466c4fc7 100644 --- a/libssh2/src/channel.h +++ b/libssh2/src/channel.h @@ -138,4 +138,3 @@ int _libssh2_channel_close(LIBSSH2_CHANNEL * channel); int _libssh2_channel_forward_cancel(LIBSSH2_LISTENER *listener); #endif /* __LIBSSH2_CHANNEL_H */ - diff --git a/libssh2/src/comp.c b/libssh2/src/comp.c index 90ab30c89..f35650560 100644 --- a/libssh2/src/comp.c +++ b/libssh2/src/comp.c @@ -37,6 +37,7 @@ */ #include "libssh2_priv.h" + #ifdef LIBSSH2_HAVE_ZLIB #include #undef compress /* dodge name clash with ZLIB macro */ @@ -61,12 +62,12 @@ comp_method_none_comp(LIBSSH2_SESSION *session, size_t src_len, void **abstract) { - (void) session; - (void) abstract; - (void) dest; - (void) dest_len; - (void) src; - (void) src_len; + (void)session; + (void)abstract; + (void)dest; + (void)dest_len; + (void)src; + (void)src_len; return 0; } @@ -84,9 +85,9 @@ comp_method_none_decomp(LIBSSH2_SESSION * session, const unsigned char *src, size_t src_len, void **abstract) { - (void) session; - (void) payload_limit; - (void) abstract; + (void)session; + (void)payload_limit; + (void)abstract; *dest = (unsigned char *) src; *dest_len = src_len; return 0; @@ -163,8 +164,8 @@ comp_method_zlib_init(LIBSSH2_SESSION * session, int compr, if(status != Z_OK) { LIBSSH2_FREE(session, strm); - _libssh2_debug(session, LIBSSH2_TRACE_TRANS, - "unhandled zlib error %d", status); + _libssh2_debug((session, LIBSSH2_TRACE_TRANS, + "unhandled zlib error %d", status)); return LIBSSH2_ERROR_COMPRESS; } *abstract = strm; @@ -189,11 +190,11 @@ comp_method_zlib_comp(LIBSSH2_SESSION *session, void **abstract) { z_stream *strm = *abstract; - int out_maxlen = *dest_len; + uInt out_maxlen = (uInt)*dest_len; int status; strm->next_in = (unsigned char *) src; - strm->avail_in = src_len; + strm->avail_in = (uInt)src_len; strm->next_out = dest; strm->avail_out = out_maxlen; @@ -204,9 +205,9 @@ comp_method_zlib_comp(LIBSSH2_SESSION *session, return 0; } - _libssh2_debug(session, LIBSSH2_TRACE_TRANS, + _libssh2_debug((session, LIBSSH2_TRACE_TRANS, "unhandled zlib compression error %d, avail_out", - status, strm->avail_out); + status, strm->avail_out)); return _libssh2_error(session, LIBSSH2_ERROR_ZLIB, "compression failure"); } @@ -227,17 +228,17 @@ comp_method_zlib_decomp(LIBSSH2_SESSION * session, /* A short-term alloc of a full data chunk is better than a series of reallocs */ char *out; - size_t out_maxlen = src_len; + size_t out_maxlen; if(src_len <= SIZE_MAX / 4) - out_maxlen = src_len * 4; + out_maxlen = (uInt)src_len * 4; else out_maxlen = payload_limit; /* If strm is null, then we have not yet been initialized. */ - if(strm == NULL) + if(!strm) return _libssh2_error(session, LIBSSH2_ERROR_COMPRESS, - "decompression uninitialized");; + "decompression uninitialized"); /* In practice they never come smaller than this */ if(out_maxlen < 25) @@ -247,10 +248,11 @@ comp_method_zlib_decomp(LIBSSH2_SESSION * session, out_maxlen = payload_limit; strm->next_in = (unsigned char *) src; - strm->avail_in = src_len; - strm->next_out = (unsigned char *) LIBSSH2_ALLOC(session, out_maxlen); + strm->avail_in = (uInt)src_len; + strm->next_out = (unsigned char *) LIBSSH2_ALLOC(session, + (uInt)out_maxlen); out = (char *) strm->next_out; - strm->avail_out = out_maxlen; + strm->avail_out = (uInt)out_maxlen; if(!strm->next_out) return _libssh2_error(session, LIBSSH2_ERROR_ALLOC, "Unable to allocate decompression buffer"); @@ -276,8 +278,8 @@ comp_method_zlib_decomp(LIBSSH2_SESSION * session, else { /* error state */ LIBSSH2_FREE(session, out); - _libssh2_debug(session, LIBSSH2_TRACE_TRANS, - "unhandled zlib error %d", status); + _libssh2_debug((session, LIBSSH2_TRACE_TRANS, + "unhandled zlib error %d", status)); return _libssh2_error(session, LIBSSH2_ERROR_ZLIB, "decompression failure"); } @@ -299,7 +301,7 @@ comp_method_zlib_decomp(LIBSSH2_SESSION * session, } out = newout; strm->next_out = (unsigned char *) out + out_ofs; - strm->avail_out = out_maxlen - out_ofs; + strm->avail_out = (uInt)(out_maxlen - out_ofs); } *dest = (unsigned char *) out; diff --git a/libssh2/src/crypt.c b/libssh2/src/crypt.c index 8d493b484..9652e6cd4 100644 --- a/libssh2/src/crypt.c +++ b/libssh2/src/crypt.c @@ -38,14 +38,23 @@ #include "libssh2_priv.h" -#ifdef LIBSSH2_CRYPT_NONE - +#if defined(LIBSSH2DEBUG) && defined(LIBSSH2_CRYPT_NONE_INSECURE) /* crypt_none_crypt - * Minimalist cipher: VERY secure *wink* + * Minimalist cipher: no encryption. DO NOT USE. + * + * The SSH2 Transport allows for unencrypted data transmission using + * the "none" cipher. Because this is such a huge security hole, it is + * typically disabled on SSH2 implementations and is disabled in libssh2 + * by default as well. + * + * Enabling this option will allow for "none" as a negotiable method, + * however it still requires that the method be advertised by the remote + * end and that no more-preferable methods are available. + * */ static int crypt_none_crypt(LIBSSH2_SESSION * session, unsigned char *buf, - void **abstract) + void **abstract, int firstlast) { /* Do nothing to the data! */ return 0; @@ -62,7 +71,7 @@ static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_none = { crypt_none_crypt, NULL }; -#endif /* LIBSSH2_CRYPT_NONE */ +#endif /* defined(LIBSSH2DEBUG) && defined(LIBSSH2_CRYPT_NONE_INSECURE) */ struct crypt_ctx { @@ -97,12 +106,12 @@ crypt_init(LIBSSH2_SESSION * session, static int crypt_encrypt(LIBSSH2_SESSION * session, unsigned char *block, - size_t blocksize, void **abstract) + size_t blocksize, void **abstract, int firstlast) { struct crypt_ctx *cctx = *(struct crypt_ctx **) abstract; (void) session; return _libssh2_cipher_crypt(&cctx->h, cctx->algo, cctx->encrypt, block, - blocksize); + blocksize, firstlast); } static int @@ -117,6 +126,34 @@ crypt_dtor(LIBSSH2_SESSION * session, void **abstract) return 0; } +#if LIBSSH2_AES_GCM +static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_aes256_gcm = { + "aes256-gcm@openssh.com", + "", + 16, /* blocksize */ + 12, /* initial value length */ + 32, /* secret length -- 32*8 == 256bit */ + LIBSSH2_CRYPT_FLAG_INTEGRATED_MAC | LIBSSH2_CRYPT_FLAG_PKTLEN_AAD, + &crypt_init, + &crypt_encrypt, + &crypt_dtor, + _libssh2_cipher_aes256gcm +}; + +static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_aes128_gcm = { + "aes128-gcm@openssh.com", + "", + 16, /* blocksize */ + 12, /* initial value length */ + 16, /* secret length -- 16*8 == 128bit */ + LIBSSH2_CRYPT_FLAG_INTEGRATED_MAC | LIBSSH2_CRYPT_FLAG_PKTLEN_AAD, + &crypt_init, + &crypt_encrypt, + &crypt_dtor, + _libssh2_cipher_aes128gcm +}; +#endif + #if LIBSSH2_AES_CTR static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_aes128_ctr = { "aes128-ctr", @@ -158,7 +195,7 @@ static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_aes256_ctr = { }; #endif -#if LIBSSH2_AES +#if LIBSSH2_AES_CBC static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_aes128_cbc = { "aes128-cbc", "DEK-Info: AES-128-CBC", @@ -212,7 +249,7 @@ static const LIBSSH2_CRYPT_METHOD &crypt_dtor, _libssh2_cipher_aes256 }; -#endif /* LIBSSH2_AES */ +#endif /* LIBSSH2_AES_CBC */ #if LIBSSH2_BLOWFISH static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_blowfish_cbc = { @@ -260,7 +297,8 @@ crypt_init_arcfour128(LIBSSH2_SESSION * session, size_t discard = 1536; for(; discard; discard -= 8) _libssh2_cipher_crypt(&cctx->h, cctx->algo, cctx->encrypt, block, - method->blocksize); + method->blocksize, MIDDLE_BLOCK); + /* Not all middle, but here it doesn't matter */ } return rc; @@ -310,18 +348,24 @@ static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_3des_cbc = { }; #endif +/* These are the crypt methods that are available to be negotiated. Methods + towards the start are chosen in preference to ones further down the list. */ static const LIBSSH2_CRYPT_METHOD *_libssh2_crypt_methods[] = { +#if LIBSSH2_AES_GCM + &libssh2_crypt_method_aes256_gcm, + &libssh2_crypt_method_aes128_gcm, +#endif /* LIBSSH2_AES_GCM */ #if LIBSSH2_AES_CTR - &libssh2_crypt_method_aes128_ctr, - &libssh2_crypt_method_aes192_ctr, - &libssh2_crypt_method_aes256_ctr, -#endif /* LIBSSH2_AES */ -#if LIBSSH2_AES + &libssh2_crypt_method_aes256_ctr, + &libssh2_crypt_method_aes192_ctr, + &libssh2_crypt_method_aes128_ctr, +#endif /* LIBSSH2_AES_CTR */ +#if LIBSSH2_AES_CBC &libssh2_crypt_method_aes256_cbc, &libssh2_crypt_method_rijndael_cbc_lysator_liu_se, /* == aes256-cbc */ &libssh2_crypt_method_aes192_cbc, &libssh2_crypt_method_aes128_cbc, -#endif /* LIBSSH2_AES */ +#endif /* LIBSSH2_AES_CBC */ #if LIBSSH2_BLOWFISH &libssh2_crypt_method_blowfish_cbc, #endif /* LIBSSH2_BLOWFISH */ @@ -335,7 +379,7 @@ static const LIBSSH2_CRYPT_METHOD *_libssh2_crypt_methods[] = { #if LIBSSH2_3DES &libssh2_crypt_method_3des_cbc, #endif /* LIBSSH2_DES */ -#ifdef LIBSSH2_CRYPT_NONE +#if defined(LIBSSH2DEBUG) && defined(LIBSSH2_CRYPT_NONE_INSECURE) &libssh2_crypt_method_none, #endif NULL diff --git a/libssh2/src/crypto.c b/libssh2/src/crypto.c new file mode 100644 index 000000000..b91dc37a7 --- /dev/null +++ b/libssh2/src/crypto.c @@ -0,0 +1,14 @@ +#define LIBSSH2_CRYPTO_C +#include "libssh2_priv.h" + +#if defined(LIBSSH2_OPENSSL) || defined(LIBSSH2_WOLFSSL) +#include "openssl.c" +#elif defined(LIBSSH2_LIBGCRYPT) +#include "libgcrypt.c" +#elif defined(LIBSSH2_MBEDTLS) +#include "mbedtls.c" +#elif defined(LIBSSH2_OS400QC3) +#include "os400qc3.c" +#elif defined(LIBSSH2_WINCNG) +#include "wincng.c" +#endif diff --git a/libssh2/src/crypto.h b/libssh2/src/crypto.h index f512d6039..4d3d49ccd 100644 --- a/libssh2/src/crypto.h +++ b/libssh2/src/crypto.h @@ -38,24 +38,83 @@ * OF SUCH DAMAGE. */ -#ifdef LIBSSH2_OPENSSL +#if defined(LIBSSH2_OPENSSL) || defined(LIBSSH2_WOLFSSL) #include "openssl.h" -#endif - -#ifdef LIBSSH2_LIBGCRYPT +#elif defined(LIBSSH2_LIBGCRYPT) #include "libgcrypt.h" -#endif - -#ifdef LIBSSH2_WINCNG -#include "wincng.h" -#endif - -#ifdef LIBSSH2_OS400QC3 -#include "os400qc3.h" -#endif - -#ifdef LIBSSH2_MBEDTLS +#elif defined(LIBSSH2_MBEDTLS) #include "mbedtls.h" +#elif defined(LIBSSH2_OS400QC3) +#include "os400qc3.h" +#elif defined(LIBSSH2_WINCNG) +#include "wincng.h" +#else +#error "no cryptography backend selected" +#endif + +#ifdef LIBSSH2_NO_MD5 +#undef LIBSSH2_MD5 +#define LIBSSH2_MD5 0 +#endif + +#ifdef LIBSSH2_NO_HMAC_RIPEMD +#undef LIBSSH2_HMAC_RIPEMD +#define LIBSSH2_HMAC_RIPEMD 0 +#endif + +#ifdef LIBSSH2_NO_DSA +#undef LIBSSH2_DSA +#define LIBSSH2_DSA 0 +#endif + +#ifdef LIBSSH2_NO_RSA +#undef LIBSSH2_RSA +#define LIBSSH2_RSA 0 +#endif + +#ifdef LIBSSH2_NO_RSA_SHA1 +#undef LIBSSH2_RSA_SHA1 +#define LIBSSH2_RSA_SHA1 0 +#endif + +#ifdef LIBSSH2_NO_ECDSA +#undef LIBSSH2_ECDSA +#define LIBSSH2_ECDSA 0 +#endif + +#ifdef LIBSSH2_NO_ED25519 +#undef LIBSSH2_ED25519 +#define LIBSSH2_ED25519 0 +#endif + +#ifdef LIBSSH2_NO_AES_CTR +#undef LIBSSH2_AES_CTR +#define LIBSSH2_AES_CTR 0 +#endif + +#ifdef LIBSSH2_NO_AES_CBC +#undef LIBSSH2_AES_CBC +#define LIBSSH2_AES_CBC 0 +#endif + +#ifdef LIBSSH2_NO_BLOWFISH +#undef LIBSSH2_BLOWFISH +#define LIBSSH2_BLOWFISH 0 +#endif + +#ifdef LIBSSH2_NO_RC4 +#undef LIBSSH2_RC4 +#define LIBSSH2_RC4 0 +#endif + +#ifdef LIBSSH2_NO_CAST +#undef LIBSSH2_CAST +#define LIBSSH2_CAST 0 +#endif + +#ifdef LIBSSH2_NO_3DES +#undef LIBSSH2_3DES +#define LIBSSH2_3DES 0 #endif #define LIBSSH2_ED25519_KEY_LEN 32 @@ -83,16 +142,31 @@ int _libssh2_rsa_new_private(libssh2_rsa_ctx ** rsa, LIBSSH2_SESSION * session, const char *filename, unsigned const char *passphrase); +#if LIBSSH2_RSA_SHA1 int _libssh2_rsa_sha1_verify(libssh2_rsa_ctx * rsa, const unsigned char *sig, - unsigned long sig_len, - const unsigned char *m, unsigned long m_len); + size_t sig_len, + const unsigned char *m, size_t m_len); int _libssh2_rsa_sha1_sign(LIBSSH2_SESSION * session, libssh2_rsa_ctx * rsactx, const unsigned char *hash, size_t hash_len, unsigned char **signature, size_t *signature_len); +#endif +#if LIBSSH2_RSA_SHA2 +int _libssh2_rsa_sha2_sign(LIBSSH2_SESSION * session, + libssh2_rsa_ctx * rsactx, + const unsigned char *hash, + size_t hash_len, + unsigned char **signature, + size_t *signature_len); +int _libssh2_rsa_sha2_verify(libssh2_rsa_ctx * rsa, + size_t hash_len, + const unsigned char *sig, + size_t sig_len, + const unsigned char *m, size_t m_len); +#endif int _libssh2_rsa_new_private_frommemory(libssh2_rsa_ctx ** rsa, LIBSSH2_SESSION * session, const char *filedata, @@ -117,7 +191,7 @@ int _libssh2_dsa_new_private(libssh2_dsa_ctx ** dsa, unsigned const char *passphrase); int _libssh2_dsa_sha1_verify(libssh2_dsa_ctx * dsactx, const unsigned char *sig, - const unsigned char *m, unsigned long m_len); + const unsigned char *m, size_t m_len); int _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx, const unsigned char *hash, unsigned long hash_len, unsigned char *sig); @@ -134,12 +208,23 @@ _libssh2_ecdsa_curve_name_with_octal_new(libssh2_ecdsa_ctx ** ecdsactx, const unsigned char *k, size_t k_len, libssh2_curve_type type); + int _libssh2_ecdsa_new_private(libssh2_ecdsa_ctx ** ec_ctx, LIBSSH2_SESSION * session, const char *filename, unsigned const char *passphrase); +int +_libssh2_ecdsa_new_private_sk(libssh2_ecdsa_ctx ** ec_ctx, + unsigned char *flags, + const char **application, + const unsigned char **key_handle, + size_t *handle_len, + LIBSSH2_SESSION * session, + const char *filename, + unsigned const char *passphrase); + int _libssh2_ecdsa_verify(libssh2_ecdsa_ctx * ctx, const unsigned char *r, size_t r_len, @@ -169,6 +254,16 @@ int _libssh2_ecdsa_new_private_frommemory(libssh2_ecdsa_ctx ** ec_ctx, size_t filedata_len, unsigned const char *passphrase); +int _libssh2_ecdsa_new_private_frommemory_sk(libssh2_ecdsa_ctx ** ec_ctx, + unsigned char *flags, + const char **application, + const unsigned char **key_handle, + size_t *handle_len, + LIBSSH2_SESSION * session, + const char *filedata, + size_t filedata_len, + unsigned const char *passphrase); + libssh2_curve_type _libssh2_ecdsa_get_curve_type(libssh2_ecdsa_ctx *ec_ctx); @@ -198,11 +293,21 @@ _libssh2_ed25519_new_private(libssh2_ed25519_ctx **ed_ctx, LIBSSH2_SESSION *session, const char *filename, const uint8_t *passphrase); +int +_libssh2_ed25519_new_private_sk(libssh2_ed25519_ctx **ed_ctx, + unsigned char *flags, + const char **application, + const unsigned char **key_handle, + size_t *handle_len, + LIBSSH2_SESSION *session, + const char *filename, + const uint8_t *passphrase); + int _libssh2_ed25519_new_public(libssh2_ed25519_ctx **ed_ctx, LIBSSH2_SESSION *session, const unsigned char *raw_pub_key, - const uint8_t key_len); + const size_t key_len); int _libssh2_ed25519_sign(libssh2_ed25519_ctx *ctx, LIBSSH2_SESSION *session, @@ -216,6 +321,17 @@ _libssh2_ed25519_new_private_frommemory(libssh2_ed25519_ctx **ed_ctx, size_t filedata_len, unsigned const char *passphrase); +int +_libssh2_ed25519_new_private_frommemory_sk(libssh2_ed25519_ctx **ed_ctx, + unsigned char *flags, + const char **application, + const unsigned char **key_handle, + size_t *handle_len, + LIBSSH2_SESSION *session, + const char *filedata, + size_t filedata_len, + unsigned const char *passphrase); + #endif /* LIBSSH2_ED25519 */ @@ -226,7 +342,8 @@ int _libssh2_cipher_init(_libssh2_cipher_ctx * h, int _libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx, _libssh2_cipher_type(algo), - int encrypt, unsigned char *block, size_t blocksize); + int encrypt, unsigned char *block, size_t blocksize, + int firstlast); int _libssh2_pub_priv_keyfile(LIBSSH2_SESSION *session, unsigned char **method, @@ -245,4 +362,37 @@ int _libssh2_pub_priv_keyfilememory(LIBSSH2_SESSION *session, size_t privatekeydata_len, const char *passphrase); + +int _libssh2_sk_pub_keyfilememory(LIBSSH2_SESSION *session, + unsigned char **method, + size_t *method_len, + unsigned char **pubkeydata, + size_t *pubkeydata_len, + int *algorithm, + unsigned char *flags, + const char **application, + const unsigned char **key_handle, + size_t *handle_len, + const char *privatekeydata, + size_t privatekeydata_len, + const char *passphrase); + +/** + * @function _libssh2_supported_key_sign_algorithms + * @abstract Returns supported algorithms used for upgrading public + * key signing RFC 8332 + * @discussion Based on the incoming key_method value, this function + * will return supported algorithms that can upgrade the key method + * @related _libssh2_key_sign_algorithm() + * @param key_method current key method, usually the default key sig method + * @param key_method_len length of the key method buffer + * @result comma separated list of supported upgrade options per RFC 8332, if + * there is no upgrade option return NULL + */ + +const char * +_libssh2_supported_key_sign_algorithms(LIBSSH2_SESSION *session, + unsigned char *key_method, + size_t key_method_len); + #endif /* __LIBSSH2_CRYPTO_H */ diff --git a/libssh2/src/global.c b/libssh2/src/global.c index 68289845f..c5894364e 100644 --- a/libssh2/src/global.c +++ b/libssh2/src/global.c @@ -74,5 +74,5 @@ void _libssh2_init_if_needed(void) { if(_libssh2_initialized == 0) - (void)libssh2_init (0); + (void)libssh2_init(0); } diff --git a/libssh2/src/hostkey.c b/libssh2/src/hostkey.c index d87a4c744..f38236768 100644 --- a/libssh2/src/hostkey.c +++ b/libssh2/src/hostkey.c @@ -37,7 +37,6 @@ */ #include "libssh2_priv.h" -#include "misc.h" /* Needed for struct iovec on some platforms */ #ifdef HAVE_SYS_UIO_H @@ -64,8 +63,8 @@ hostkey_method_ssh_rsa_init(LIBSSH2_SESSION * session, void **abstract) { libssh2_rsa_ctx *rsactx; - unsigned char *e, *n; - size_t e_len, n_len; + unsigned char *e, *n, *type; + size_t e_len, n_len, type_len; struct string_buf buf; if(*abstract) { @@ -74,8 +73,8 @@ hostkey_method_ssh_rsa_init(LIBSSH2_SESSION * session, } if(hostkey_data_len < 19) { - _libssh2_debug(session, LIBSSH2_TRACE_ERROR, - "host key length too short"); + _libssh2_debug((session, LIBSSH2_TRACE_ERROR, + "host key length too short")); return -1; } @@ -83,8 +82,31 @@ hostkey_method_ssh_rsa_init(LIBSSH2_SESSION * session, buf.dataptr = buf.data; buf.len = hostkey_data_len; - if(_libssh2_match_string(&buf, "ssh-rsa")) + if(_libssh2_get_string(&buf, &type, &type_len)) { return -1; + } + + /* we accept one of 3 header types */ +#if LIBSSH2_RSA_SHA1 + if(type_len == 7 && strncmp("ssh-rsa", (char *)type, 7) == 0) { + /* ssh-rsa */ + } + else +#endif +#if LIBSSH2_RSA_SHA2 + if(type_len == 12 && strncmp("rsa-sha2-256", (char *)type, 12) == 0) { + /* rsa-sha2-256 */ + } + else if(type_len == 12 && strncmp("rsa-sha2-512", (char *)type, 12) == 0) { + /* rsa-sha2-512 */ + } + else +#endif + { + _libssh2_debug((session, LIBSSH2_TRACE_ERROR, + "unexpected rsa type: %.*s", type_len, type)); + return -1; + } if(_libssh2_get_string(&buf, &e, &e_len)) return -1; @@ -92,8 +114,14 @@ hostkey_method_ssh_rsa_init(LIBSSH2_SESSION * session, if(_libssh2_get_string(&buf, &n, &n_len)) return -1; - if(_libssh2_rsa_new(&rsactx, e, e_len, n, n_len, NULL, 0, - NULL, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0)) { + if(!_libssh2_eob(&buf)) + return -1; + + if(_libssh2_rsa_new(&rsactx, + e, (unsigned long)e_len, + n, (unsigned long)n_len, + NULL, 0, NULL, 0, NULL, 0, + NULL, 0, NULL, 0, NULL, 0)) { return -1; } @@ -163,6 +191,7 @@ hostkey_method_ssh_rsa_initPEMFromMemory(LIBSSH2_SESSION * session, return 0; } +#if LIBSSH2_RSA_SHA1 /* * hostkey_method_ssh_rsa_sign * @@ -176,7 +205,7 @@ hostkey_method_ssh_rsa_sig_verify(LIBSSH2_SESSION * session, size_t m_len, void **abstract) { libssh2_rsa_ctx *rsactx = (libssh2_rsa_ctx *) (*abstract); - (void) session; + (void)session; /* Skip past keyname_len(4) + keyname(7){"ssh-rsa"} + signature_len(4) */ if(sig_len < 15) @@ -211,7 +240,7 @@ hostkey_method_ssh_rsa_signv(LIBSSH2_SESSION * session, unsigned char hash[SHA_DIGEST_LENGTH]; libssh2_sha1_ctx ctx; - libssh2_sha1_init(&ctx); + (void)libssh2_sha1_init(&ctx); for(i = 0; i < veccount; i++) { libssh2_sha1_update(ctx, datavec[i].iov_base, datavec[i].iov_len); } @@ -226,6 +255,151 @@ hostkey_method_ssh_rsa_signv(LIBSSH2_SESSION * session, return 0; #endif } +#endif + +/* + * hostkey_method_ssh_rsa_sha2_256_sig_verify + * + * Verify signature created by remote + */ +#if LIBSSH2_RSA_SHA2 + +static int +hostkey_method_ssh_rsa_sha2_256_sig_verify(LIBSSH2_SESSION * session, + const unsigned char *sig, + size_t sig_len, + const unsigned char *m, + size_t m_len, void **abstract) +{ + libssh2_rsa_ctx *rsactx = (libssh2_rsa_ctx *) (*abstract); + (void)session; + + /* Skip past keyname_len(4) + keyname(12){"rsa-sha2-256"} + + signature_len(4) */ + if(sig_len < 20) + return -1; + + sig += 20; + sig_len -= 20; + return _libssh2_rsa_sha2_verify(rsactx, SHA256_DIGEST_LENGTH, sig, sig_len, + m, m_len); +} + +/* + * hostkey_method_ssh_rsa_sha2_256_signv + * + * Construct a signature from an array of vectors + */ + +static int +hostkey_method_ssh_rsa_sha2_256_signv(LIBSSH2_SESSION * session, + unsigned char **signature, + size_t *signature_len, + int veccount, + const struct iovec datavec[], + void **abstract) +{ + libssh2_rsa_ctx *rsactx = (libssh2_rsa_ctx *) (*abstract); + +#ifdef _libssh2_rsa_sha2_256_signv + return _libssh2_rsa_sha2_256_signv(session, signature, signature_len, + veccount, datavec, rsactx); +#else + int ret; + int i; + unsigned char hash[SHA256_DIGEST_LENGTH]; + libssh2_sha256_ctx ctx; + + if(!libssh2_sha256_init(&ctx)) { + return -1; + } + for(i = 0; i < veccount; i++) { + libssh2_sha256_update(ctx, datavec[i].iov_base, datavec[i].iov_len); + } + libssh2_sha256_final(ctx, hash); + + ret = _libssh2_rsa_sha2_sign(session, rsactx, hash, SHA256_DIGEST_LENGTH, + signature, signature_len); + if(ret) { + return -1; + } + + return 0; +#endif +} + +/* + * hostkey_method_ssh_rsa_sha2_512_sig_verify + * + * Verify signature created by remote + */ + +static int +hostkey_method_ssh_rsa_sha2_512_sig_verify(LIBSSH2_SESSION * session, + const unsigned char *sig, + size_t sig_len, + const unsigned char *m, + size_t m_len, void **abstract) +{ + libssh2_rsa_ctx *rsactx = (libssh2_rsa_ctx *) (*abstract); + (void)session; + + /* Skip past keyname_len(4) + keyname(12){"rsa-sha2-512"} + + signature_len(4) */ + if(sig_len < 20) + return -1; + + sig += 20; + sig_len -= 20; + return _libssh2_rsa_sha2_verify(rsactx, SHA512_DIGEST_LENGTH, sig, + sig_len, m, m_len); +} + + +/* + * hostkey_method_ssh_rsa_sha2_512_signv + * + * Construct a signature from an array of vectors + */ +static int +hostkey_method_ssh_rsa_sha2_512_signv(LIBSSH2_SESSION * session, + unsigned char **signature, + size_t *signature_len, + int veccount, + const struct iovec datavec[], + void **abstract) +{ + libssh2_rsa_ctx *rsactx = (libssh2_rsa_ctx *) (*abstract); + +#ifdef _libssh2_rsa_sha2_512_signv + return _libssh2_rsa_sha2_512_signv(session, signature, signature_len, + veccount, datavec, rsactx); +#else + int ret; + int i; + unsigned char hash[SHA512_DIGEST_LENGTH]; + libssh2_sha512_ctx ctx; + + if(!libssh2_sha512_init(&ctx)) { + return -1; + } + for(i = 0; i < veccount; i++) { + libssh2_sha512_update(ctx, datavec[i].iov_base, datavec[i].iov_len); + } + libssh2_sha512_final(ctx, hash); + + ret = _libssh2_rsa_sha2_sign(session, rsactx, hash, SHA512_DIGEST_LENGTH, + signature, signature_len); + if(ret) { + return -1; + } + + return 0; +#endif +} + +#endif /* LIBSSH2_RSA_SHA2 */ + /* * hostkey_method_ssh_rsa_dtor @@ -236,7 +410,7 @@ static int hostkey_method_ssh_rsa_dtor(LIBSSH2_SESSION * session, void **abstract) { libssh2_rsa_ctx *rsactx = (libssh2_rsa_ctx *) (*abstract); - (void) session; + (void)session; _libssh2_rsa_free(rsactx); @@ -245,13 +419,11 @@ hostkey_method_ssh_rsa_dtor(LIBSSH2_SESSION * session, void **abstract) return 0; } -#ifdef OPENSSL_NO_MD5 -#define MD5_DIGEST_LENGTH 16 -#endif +#if LIBSSH2_RSA_SHA1 static const LIBSSH2_HOSTKEY_METHOD hostkey_method_ssh_rsa = { "ssh-rsa", - MD5_DIGEST_LENGTH, + SHA_DIGEST_LENGTH, hostkey_method_ssh_rsa_init, hostkey_method_ssh_rsa_initPEM, hostkey_method_ssh_rsa_initPEMFromMemory, @@ -260,6 +432,53 @@ static const LIBSSH2_HOSTKEY_METHOD hostkey_method_ssh_rsa = { NULL, /* encrypt */ hostkey_method_ssh_rsa_dtor, }; + +#endif /* LIBSSH2_RSA_SHA1 */ + +#if LIBSSH2_RSA_SHA2 + +static const LIBSSH2_HOSTKEY_METHOD hostkey_method_ssh_rsa_sha2_256 = { + "rsa-sha2-256", + SHA256_DIGEST_LENGTH, + hostkey_method_ssh_rsa_init, + hostkey_method_ssh_rsa_initPEM, + hostkey_method_ssh_rsa_initPEMFromMemory, + hostkey_method_ssh_rsa_sha2_256_sig_verify, + hostkey_method_ssh_rsa_sha2_256_signv, + NULL, /* encrypt */ + hostkey_method_ssh_rsa_dtor, +}; + +static const LIBSSH2_HOSTKEY_METHOD hostkey_method_ssh_rsa_sha2_512 = { + "rsa-sha2-512", + SHA512_DIGEST_LENGTH, + hostkey_method_ssh_rsa_init, + hostkey_method_ssh_rsa_initPEM, + hostkey_method_ssh_rsa_initPEMFromMemory, + hostkey_method_ssh_rsa_sha2_512_sig_verify, + hostkey_method_ssh_rsa_sha2_512_signv, + NULL, /* encrypt */ + hostkey_method_ssh_rsa_dtor, +}; + +#endif /* LIBSSH2_RSA_SHA2 */ + +#if LIBSSH2_RSA_SHA1 + +static const LIBSSH2_HOSTKEY_METHOD hostkey_method_ssh_rsa_cert = { + "ssh-rsa-cert-v01@openssh.com", + SHA_DIGEST_LENGTH, + NULL, + hostkey_method_ssh_rsa_initPEM, + hostkey_method_ssh_rsa_initPEMFromMemory, + NULL, + hostkey_method_ssh_rsa_signv, + NULL, /* encrypt */ + hostkey_method_ssh_rsa_dtor, +}; + +#endif /* LIBSSH2_RSA_SHA1 */ + #endif /* LIBSSH2_RSA */ #if LIBSSH2_DSA @@ -292,8 +511,8 @@ hostkey_method_ssh_dss_init(LIBSSH2_SESSION * session, } if(hostkey_data_len < 27) { - _libssh2_debug(session, LIBSSH2_TRACE_ERROR, - "host key length too short"); + _libssh2_debug((session, LIBSSH2_TRACE_ERROR, + "host key length too short")); return -1; } @@ -305,7 +524,7 @@ hostkey_method_ssh_dss_init(LIBSSH2_SESSION * session, return -1; if(_libssh2_get_string(&buf, &p, &p_len)) - return -1; + return -1; if(_libssh2_get_string(&buf, &q, &q_len)) return -1; @@ -316,8 +535,15 @@ hostkey_method_ssh_dss_init(LIBSSH2_SESSION * session, if(_libssh2_get_string(&buf, &y, &y_len)) return -1; - if(_libssh2_dsa_new(&dsactx, p, p_len, q, q_len, - g, g_len, y, y_len, NULL, 0)) { + if(!_libssh2_eob(&buf)) + return -1; + + if(_libssh2_dsa_new(&dsactx, + p, (unsigned long)p_len, + q, (unsigned long)q_len, + g, (unsigned long)g_len, + y, (unsigned long)y_len, + NULL, 0)) { return -1; } @@ -438,7 +664,7 @@ hostkey_method_ssh_dss_signv(LIBSSH2_SESSION * session, *signature_len = 2 * SHA_DIGEST_LENGTH; - libssh2_sha1_init(&ctx); + (void)libssh2_sha1_init(&ctx); for(i = 0; i < veccount; i++) { libssh2_sha1_update(ctx, datavec[i].iov_base, datavec[i].iov_len); } @@ -461,7 +687,7 @@ static int hostkey_method_ssh_dss_dtor(LIBSSH2_SESSION * session, void **abstract) { libssh2_dsa_ctx *dsactx = (libssh2_dsa_ctx *) (*abstract); - (void) session; + (void)session; _libssh2_dsa_free(dsactx); @@ -472,7 +698,7 @@ hostkey_method_ssh_dss_dtor(LIBSSH2_SESSION * session, void **abstract) static const LIBSSH2_HOSTKEY_METHOD hostkey_method_ssh_dss = { "ssh-dss", - MD5_DIGEST_LENGTH, + SHA_DIGEST_LENGTH, hostkey_method_ssh_dss_init, hostkey_method_ssh_dss_initPEM, hostkey_method_ssh_dss_initPEMFromMemory, @@ -500,9 +726,9 @@ hostkey_method_ssh_ecdsa_dtor(LIBSSH2_SESSION * session, */ static int hostkey_method_ssh_ecdsa_init(LIBSSH2_SESSION * session, - const unsigned char *hostkey_data, - size_t hostkey_data_len, - void **abstract) + const unsigned char *hostkey_data, + size_t hostkey_data_len, + void **abstract) { libssh2_ecdsa_ctx *ecdsactx = NULL; unsigned char *type_str, *domain, *public_key; @@ -510,14 +736,14 @@ hostkey_method_ssh_ecdsa_init(LIBSSH2_SESSION * session, libssh2_curve_type type; struct string_buf buf; - if(abstract != NULL && *abstract) { + if(abstract && *abstract) { hostkey_method_ssh_ecdsa_dtor(session, abstract); *abstract = NULL; } if(hostkey_data_len < 39) { - _libssh2_debug(session, LIBSSH2_TRACE_ERROR, - "host key length too short"); + _libssh2_debug((session, LIBSSH2_TRACE_ERROR, + "host key length too short")); return -1; } @@ -561,11 +787,14 @@ hostkey_method_ssh_ecdsa_init(LIBSSH2_SESSION * session, if(_libssh2_get_string(&buf, &public_key, &key_len)) return -1; + if(!_libssh2_eob(&buf)) + return -1; + if(_libssh2_ecdsa_curve_name_with_octal_new(&ecdsactx, public_key, key_len, type)) return -1; - if(abstract != NULL) + if(abstract) *abstract = ecdsactx; return 0; @@ -578,14 +807,14 @@ hostkey_method_ssh_ecdsa_init(LIBSSH2_SESSION * session, */ static int hostkey_method_ssh_ecdsa_initPEM(LIBSSH2_SESSION * session, - const char *privkeyfile, - unsigned const char *passphrase, - void **abstract) + const char *privkeyfile, + unsigned const char *passphrase, + void **abstract) { libssh2_ecdsa_ctx *ec_ctx = NULL; int ret; - if(abstract != NULL && *abstract) { + if(abstract && *abstract) { hostkey_method_ssh_ecdsa_dtor(session, abstract); *abstract = NULL; } @@ -593,7 +822,7 @@ hostkey_method_ssh_ecdsa_initPEM(LIBSSH2_SESSION * session, ret = _libssh2_ecdsa_new_private(&ec_ctx, session, privkeyfile, passphrase); - if(abstract != NULL) + if(abstract) *abstract = ec_ctx; return ret; @@ -606,15 +835,15 @@ hostkey_method_ssh_ecdsa_initPEM(LIBSSH2_SESSION * session, */ static int hostkey_method_ssh_ecdsa_initPEMFromMemory(LIBSSH2_SESSION * session, - const char *privkeyfiledata, - size_t privkeyfiledata_len, - unsigned const char *passphrase, - void **abstract) + const char *privkeyfiledata, + size_t privkeyfiledata_len, + unsigned const char *passphrase, + void **abstract) { libssh2_ecdsa_ctx *ec_ctx = NULL; int ret; - if(abstract != NULL && *abstract) { + if(abstract && *abstract) { hostkey_method_ssh_ecdsa_dtor(session, abstract); *abstract = NULL; } @@ -627,7 +856,7 @@ hostkey_method_ssh_ecdsa_initPEMFromMemory(LIBSSH2_SESSION * session, return -1; } - if(abstract != NULL) + if(abstract) *abstract = ec_ctx; return 0; @@ -651,7 +880,7 @@ hostkey_method_ssh_ecdsa_sig_verify(LIBSSH2_SESSION * session, struct string_buf buf; libssh2_ecdsa_ctx *ctx = (libssh2_ecdsa_ctx *) (*abstract); - (void) session; + (void)session; if(sig_len < 35) return -1; @@ -662,14 +891,14 @@ hostkey_method_ssh_ecdsa_sig_verify(LIBSSH2_SESSION * session, buf.dataptr = buf.data; buf.len = sig_len; - if(_libssh2_get_string(&buf, &name, &name_len) || name_len != 19) + if(_libssh2_get_string(&buf, &name, &name_len) || name_len != 19) return -1; if(_libssh2_get_u32(&buf, &len) != 0 || len < 8) return -1; if(_libssh2_get_string(&buf, &r, &r_len)) - return -1; + return -1; if(_libssh2_get_string(&buf, &s, &s_len)) return -1; @@ -679,11 +908,11 @@ hostkey_method_ssh_ecdsa_sig_verify(LIBSSH2_SESSION * session, #define LIBSSH2_HOSTKEY_METHOD_EC_SIGNV_HASH(digest_type) \ - { \ + do { \ unsigned char hash[SHA##digest_type##_DIGEST_LENGTH]; \ libssh2_sha##digest_type##_ctx ctx; \ int i; \ - libssh2_sha##digest_type##_init(&ctx); \ + (void)libssh2_sha##digest_type##_init(&ctx); \ for(i = 0; i < veccount; i++) { \ libssh2_sha##digest_type##_update(ctx, datavec[i].iov_base, \ datavec[i].iov_len); \ @@ -692,7 +921,7 @@ hostkey_method_ssh_ecdsa_sig_verify(LIBSSH2_SESSION * session, ret = _libssh2_ecdsa_sign(session, ec_ctx, hash, \ SHA##digest_type##_DIGEST_LENGTH, \ signature, signature_len); \ - } + } while(0) /* @@ -737,9 +966,9 @@ static int hostkey_method_ssh_ecdsa_dtor(LIBSSH2_SESSION * session, void **abstract) { libssh2_ecdsa_ctx *keyctx = (libssh2_ecdsa_ctx *) (*abstract); - (void) session; + (void)session; - if(keyctx != NULL) + if(keyctx) _libssh2_ecdsa_free(keyctx); *abstract = NULL; @@ -841,9 +1070,10 @@ hostkey_method_ssh_ed25519_init(LIBSSH2_SESSION * session, size_t hostkey_data_len, void **abstract) { - const unsigned char *s; - unsigned long len, key_len; + size_t key_len; + unsigned char *key; libssh2_ed25519_ctx *ctx = NULL; + struct string_buf buf; if(*abstract) { hostkey_method_ssh_ed25519_dtor(session, abstract); @@ -851,26 +1081,26 @@ hostkey_method_ssh_ed25519_init(LIBSSH2_SESSION * session, } if(hostkey_data_len < 19) { - _libssh2_debug(session, LIBSSH2_TRACE_ERROR, - "host key length too short"); + _libssh2_debug((session, LIBSSH2_TRACE_ERROR, + "host key length too short")); return -1; } - s = hostkey_data; - len = _libssh2_ntohu32(s); - s += 4; + buf.data = (unsigned char *)hostkey_data; + buf.dataptr = buf.data; + buf.len = hostkey_data_len; - if(len != 11 || strncmp((char *) s, "ssh-ed25519", 11) != 0) { + if(_libssh2_match_string(&buf, "ssh-ed25519")) return -1; - } - - s += 11; /* public key */ - key_len = _libssh2_ntohu32(s); - s += 4; + if(_libssh2_get_string(&buf, &key, &key_len)) + return -1; - if(_libssh2_ed25519_new_public(&ctx, session, s, key_len) != 0) { + if(!_libssh2_eob(&buf)) + return -1; + + if(_libssh2_ed25519_new_public(&ctx, session, key, key_len) != 0) { return -1; } @@ -886,9 +1116,9 @@ hostkey_method_ssh_ed25519_init(LIBSSH2_SESSION * session, */ static int hostkey_method_ssh_ed25519_initPEM(LIBSSH2_SESSION * session, - const char *privkeyfile, - unsigned const char *passphrase, - void **abstract) + const char *privkeyfile, + unsigned const char *passphrase, + void **abstract) { libssh2_ed25519_ctx *ec_ctx = NULL; int ret; @@ -924,7 +1154,7 @@ hostkey_method_ssh_ed25519_initPEMFromMemory(LIBSSH2_SESSION * session, libssh2_ed25519_ctx *ed_ctx = NULL; int ret; - if(abstract != NULL && *abstract) { + if(abstract && *abstract) { hostkey_method_ssh_ed25519_dtor(session, abstract); *abstract = NULL; } @@ -937,7 +1167,7 @@ hostkey_method_ssh_ed25519_initPEMFromMemory(LIBSSH2_SESSION * session, return -1; } - if(abstract != NULL) + if(abstract) *abstract = ed_ctx; return 0; @@ -956,7 +1186,7 @@ hostkey_method_ssh_ed25519_sig_verify(LIBSSH2_SESSION * session, size_t m_len, void **abstract) { libssh2_ed25519_ctx *ctx = (libssh2_ed25519_ctx *) (*abstract); - (void) session; + (void)session; if(sig_len < 19) return -1; @@ -979,11 +1209,11 @@ hostkey_method_ssh_ed25519_sig_verify(LIBSSH2_SESSION * session, */ static int hostkey_method_ssh_ed25519_signv(LIBSSH2_SESSION * session, - unsigned char **signature, - size_t *signature_len, - int veccount, - const struct iovec datavec[], - void **abstract) + unsigned char **signature, + size_t *signature_len, + int veccount, + const struct iovec datavec[], + void **abstract) { libssh2_ed25519_ctx *ctx = (libssh2_ed25519_ctx *) (*abstract); @@ -1005,7 +1235,7 @@ static int hostkey_method_ssh_ed25519_dtor(LIBSSH2_SESSION * session, void **abstract) { libssh2_ed25519_ctx *keyctx = (libssh2_ed25519_ctx*) (*abstract); - (void) session; + (void)session; if(keyctx) _libssh2_ed25519_free(keyctx); @@ -1027,7 +1257,19 @@ static const LIBSSH2_HOSTKEY_METHOD hostkey_method_ssh_ed25519 = { hostkey_method_ssh_ed25519_dtor, }; -#endif /*LIBSSH2_ED25519*/ +static const LIBSSH2_HOSTKEY_METHOD hostkey_method_ssh_ed25519_cert = { + "ssh-ed25519-cert-v01@openssh.com", + SHA256_DIGEST_LENGTH, + hostkey_method_ssh_ed25519_init, + hostkey_method_ssh_ed25519_initPEM, + hostkey_method_ssh_ed25519_initPEMFromMemory, + hostkey_method_ssh_ed25519_sig_verify, + hostkey_method_ssh_ed25519_signv, + NULL, /* encrypt */ + hostkey_method_ssh_ed25519_dtor, +}; + +#endif /* LIBSSH2_ED25519 */ static const LIBSSH2_HOSTKEY_METHOD *hostkey_methods[] = { @@ -1041,9 +1283,17 @@ static const LIBSSH2_HOSTKEY_METHOD *hostkey_methods[] = { #endif #if LIBSSH2_ED25519 &hostkey_method_ssh_ed25519, + &hostkey_method_ssh_ed25519_cert, #endif #if LIBSSH2_RSA +#if LIBSSH2_RSA_SHA2 + &hostkey_method_ssh_rsa_sha2_512, + &hostkey_method_ssh_rsa_sha2_256, +#endif /* LIBSSH2_RSA_SHA2 */ +#if LIBSSH2_RSA_SHA1 &hostkey_method_ssh_rsa, + &hostkey_method_ssh_rsa_cert, +#endif /* LIBSSH2_RSA_SHA1 */ #endif /* LIBSSH2_RSA */ #if LIBSSH2_DSA &hostkey_method_ssh_dss, @@ -1146,7 +1396,7 @@ static int hostkey_type(const unsigned char *hostkey, size_t len) } /* - * libssh2_session_hostkey() + * libssh2_session_hostkey * * Returns the server key and length. * diff --git a/libssh2/src/keepalive.c b/libssh2/src/keepalive.c index 2151b1710..f34255d76 100644 --- a/libssh2/src/keepalive.c +++ b/libssh2/src/keepalive.c @@ -42,9 +42,9 @@ /* Keep-alive stuff. */ LIBSSH2_API void -libssh2_keepalive_config (LIBSSH2_SESSION *session, - int want_reply, - unsigned interval) +libssh2_keepalive_config(LIBSSH2_SESSION *session, + int want_reply, + unsigned interval) { if(interval == 1) session->keepalive_interval = 2; @@ -54,8 +54,8 @@ libssh2_keepalive_config (LIBSSH2_SESSION *session, } LIBSSH2_API int -libssh2_keepalive_send (LIBSSH2_SESSION *session, - int *seconds_to_next) +libssh2_keepalive_send(LIBSSH2_SESSION *session, + int *seconds_to_next) { time_t now; diff --git a/libssh2/src/kex.c b/libssh2/src/kex.c index 9f3ef7992..d4034a0a9 100644 --- a/libssh2/src/kex.c +++ b/libssh2/src/kex.c @@ -54,7 +54,7 @@ kex_method_diffie_hellman_group1_sha1_key_exchange */ #define LIBSSH2_KEX_METHOD_EC_SHA_VALUE_HASH(value, reqlen, version) \ - { \ + do { \ if(type == LIBSSH2_EC_CURVE_NISTP256) { \ LIBSSH2_KEX_METHOD_SHA_VALUE_HASH(256, value, reqlen, version); \ } \ @@ -64,21 +64,20 @@ else if(type == LIBSSH2_EC_CURVE_NISTP521) { \ LIBSSH2_KEX_METHOD_SHA_VALUE_HASH(512, value, reqlen, version); \ } \ - } \ - + } while(0) #define LIBSSH2_KEX_METHOD_SHA_VALUE_HASH(digest_type, value, \ reqlen, version) \ -{ \ +do { \ libssh2_sha##digest_type##_ctx hash; \ - unsigned long len = 0; \ + size_t len = 0; \ if(!(value)) { \ value = LIBSSH2_ALLOC(session, \ reqlen + SHA##digest_type##_DIGEST_LENGTH); \ } \ if(value) \ - while(len < (unsigned long)reqlen) { \ - libssh2_sha##digest_type##_init(&hash); \ + while(len < (size_t)reqlen) { \ + (void)libssh2_sha##digest_type##_init(&hash); \ libssh2_sha##digest_type##_update(hash, \ exchange_state->k_value, \ exchange_state->k_value_len); \ @@ -96,7 +95,7 @@ libssh2_sha##digest_type##_final(hash, (value) + len); \ len += SHA##digest_type##_DIGEST_LENGTH; \ } \ -} +} while(0) /*! * @note The following are wrapper functions used by diffie_hellman_sha_algo(). @@ -108,16 +107,16 @@ static void _libssh2_sha_algo_ctx_init(int sha_algo, void *ctx) { if(sha_algo == 512) { - libssh2_sha512_init((libssh2_sha512_ctx*)ctx); + (void)libssh2_sha512_init((libssh2_sha512_ctx*)ctx); } else if(sha_algo == 384) { - libssh2_sha384_init((libssh2_sha384_ctx*)ctx); + (void)libssh2_sha384_init((libssh2_sha384_ctx*)ctx); } else if(sha_algo == 256) { - libssh2_sha256_init((libssh2_sha256_ctx*)ctx); + (void)libssh2_sha256_init((libssh2_sha256_ctx*)ctx); } else if(sha_algo == 1) { - libssh2_sha1_init((libssh2_sha1_ctx*)ctx); + (void)libssh2_sha1_init((libssh2_sha1_ctx*)ctx); } else { assert(0); @@ -144,7 +143,7 @@ static void _libssh2_sha_algo_ctx_update(int sha_algo, void *ctx, libssh2_sha1_update(*_ctx, data, len); } else { -#if LIBSSH2DEBUG +#ifdef LIBSSH2DEBUG assert(0); #endif } @@ -170,17 +169,17 @@ static void _libssh2_sha_algo_ctx_final(int sha_algo, void *ctx, libssh2_sha1_final(*_ctx, hash); } else { -#if LIBSSH2DEBUG +#ifdef LIBSSH2DEBUG assert(0); #endif } } static void _libssh2_sha_algo_value_hash(int sha_algo, - LIBSSH2_SESSION *session, - kmdhgGPshakex_state_t *exchange_state, - unsigned char **data, size_t data_len, - const unsigned char *version) + LIBSSH2_SESSION *session, + kmdhgGPshakex_state_t *exchange_state, + unsigned char **data, size_t data_len, + const unsigned char *version) { if(sha_algo == 512) { LIBSSH2_KEX_METHOD_SHA_VALUE_HASH(512, *data, data_len, version); @@ -195,7 +194,7 @@ static void _libssh2_sha_algo_value_hash(int sha_algo, LIBSSH2_KEX_METHOD_SHA_VALUE_HASH(1, *data, data_len, version); } else { -#if LIBSSH2DEBUG +#ifdef LIBSSH2DEBUG assert(0); #endif } @@ -217,7 +216,7 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, unsigned char packet_type_init, unsigned char packet_type_reply, unsigned char *midhash, - unsigned long midhash_len, + size_t midhash_len, kmdhgGPshakex_state_t *exchange_state) { int ret = 0; @@ -235,7 +234,7 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, digest_len = SHA1_DIGEST_LENGTH; else { ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, - "sha algo value is unimplemented"); + "sha algo value is unimplemented"); goto clean_exit; } @@ -264,8 +263,11 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, rc = libssh2_dh_key_pair(&exchange_state->x, exchange_state->e, g, p, group_order, exchange_state->ctx); - if(rc) + if(rc) { + ret = _libssh2_error(session, LIBSSH2_ERROR_KEX_FAILURE, + "dh key pair generation failed"); goto clean_exit; + } /* Send KEX init */ /* packet_type(1) + String Length(4) + leading 0(1) */ @@ -285,7 +287,7 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, } exchange_state->e_packet[0] = packet_type_init; _libssh2_htonu32(exchange_state->e_packet + 1, - exchange_state->e_packet_len - 5); + (uint32_t)(exchange_state->e_packet_len - 5)); if(_libssh2_bn_bits(exchange_state->e) % 8) { _libssh2_bn_to_bin(exchange_state->e, exchange_state->e_packet + 5); @@ -296,8 +298,8 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, exchange_state->e_packet + 6); } - _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Sending KEX packet %d", - (int) packet_type_init); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, "Sending KEX packet %d", + (int) packet_type_init)); exchange_state->state = libssh2_NB_state_created; } @@ -323,9 +325,9 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, * need to silently ignore it */ int burn_type; - _libssh2_debug(session, LIBSSH2_TRACE_KEX, + _libssh2_debug((session, LIBSSH2_TRACE_KEX, "Waiting for badly guessed KEX packet " - "(to be ignored)"); + "(to be ignored)")); burn_type = _libssh2_packet_burn(session, &exchange_state->burn_state); if(burn_type == LIBSSH2_ERROR_EAGAIN) { @@ -338,9 +340,9 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, } session->burn_optimistic_kexinit = 0; - _libssh2_debug(session, LIBSSH2_TRACE_KEX, + _libssh2_debug((session, LIBSSH2_TRACE_KEX, "Burnt packet of type: %02x", - (unsigned int) burn_type); + (unsigned int) burn_type)); } exchange_state->state = libssh2_NB_state_sent1; @@ -350,6 +352,7 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, /* Wait for KEX reply */ struct string_buf buf; size_t host_key_len; + int err; rc = _libssh2_packet_require(session, packet_type_reply, &exchange_state->s_packet, @@ -367,7 +370,7 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, /* Parse KEXDH_REPLY */ if(exchange_state->s_packet_len < 5) { ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, - "Unexpected packet length"); + "Unexpected packet length DH-SHA"); goto clean_exit; } @@ -411,8 +414,8 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, snprintf(fprint, 4, "%02x:", session->server_hostkey_md5[i]); } *(--fprint) = '\0'; - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Server's MD5 Fingerprint: %s", fingerprint); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Server's MD5 Fingerprint: %s", fingerprint)); } #endif /* LIBSSH2DEBUG */ #endif /* ! LIBSSH2_MD5 */ @@ -435,13 +438,12 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, { char fingerprint[64], *fprint = fingerprint; int i; - for(i = 0; i < 20; i++, fprint += 3) { snprintf(fprint, 4, "%02x:", session->server_hostkey_sha1[i]); } *(--fprint) = '\0'; - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Server's SHA1 Fingerprint: %s", fingerprint); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Server's SHA1 Fingerprint: %s", fingerprint)); } #endif /* LIBSSH2DEBUG */ @@ -466,10 +468,10 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, (const char *) session->server_hostkey_sha256, SHA256_DIGEST_LENGTH, &base64Fingerprint); - if(base64Fingerprint != NULL) { - _libssh2_debug(session, LIBSSH2_TRACE_KEX, + if(base64Fingerprint) { + _libssh2_debug((session, LIBSSH2_TRACE_KEX, "Server's SHA256 Fingerprint: %s", - base64Fingerprint); + base64Fingerprint)); LIBSSH2_FREE(session, base64Fingerprint); } } @@ -477,17 +479,18 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, if(session->hostkey->init(session, session->server_hostkey, - session->server_hostkey_len, - &session->server_hostkey_abstract)) { + session->server_hostkey_len, + &session->server_hostkey_abstract)) { ret = _libssh2_error(session, LIBSSH2_ERROR_HOSTKEY_INIT, - "Unable to initialize hostkey importer"); + "Unable to initialize hostkey importer " + "DH-SHA"); goto clean_exit; } if(_libssh2_get_string(&buf, &(exchange_state->f_value), &(exchange_state->f_value_len))) { ret = _libssh2_error(session, LIBSSH2_ERROR_HOSTKEY_INIT, - "Unable to get f value"); + "Unable to get DH-SHA f value"); goto clean_exit; } @@ -497,7 +500,7 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, if(_libssh2_get_string(&buf, &(exchange_state->h_sig), &(exchange_state->h_sig_len))) { ret = _libssh2_error(session, LIBSSH2_ERROR_HOSTKEY_INIT, - "Unable to get h sig"); + "Unable to get DH-SHA h sig"); goto clean_exit; } @@ -513,11 +516,11 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, LIBSSH2_ALLOC(session, exchange_state->k_value_len); if(!exchange_state->k_value) { ret = _libssh2_error(session, LIBSSH2_ERROR_ALLOC, - "Unable to allocate buffer for K"); + "Unable to allocate buffer for DH-SHA K"); goto clean_exit; } _libssh2_htonu32(exchange_state->k_value, - exchange_state->k_value_len - 4); + (uint32_t)(exchange_state->k_value_len - 4)); if(_libssh2_bn_bits(exchange_state->k) % 8) { _libssh2_bn_to_bin(exchange_state->k, exchange_state->k_value + 4); } @@ -531,12 +534,12 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, if(session->local.banner) { _libssh2_htonu32(exchange_state->h_sig_comp, - strlen((char *) session->local.banner) - 2); + (uint32_t)(strlen((char *) session->local.banner) - 2)); _libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, exchange_state->h_sig_comp, 4); _libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, - session->local.banner, - strlen((char *) session->local.banner) - 2); + session->local.banner, + strlen((char *) session->local.banner) - 2); } else { _libssh2_htonu32(exchange_state->h_sig_comp, @@ -544,13 +547,13 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, _libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, exchange_state->h_sig_comp, 4); _libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, - (unsigned char *) - LIBSSH2_SSH_DEFAULT_BANNER, - sizeof(LIBSSH2_SSH_DEFAULT_BANNER) - 1); + (unsigned char *) + LIBSSH2_SSH_DEFAULT_BANNER, + sizeof(LIBSSH2_SSH_DEFAULT_BANNER) - 1); } _libssh2_htonu32(exchange_state->h_sig_comp, - strlen((char *) session->remote.banner)); + (uint32_t)strlen((char *) session->remote.banner)); _libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, exchange_state->h_sig_comp, 4); _libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, @@ -558,7 +561,7 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, strlen((char *) session->remote.banner)); _libssh2_htonu32(exchange_state->h_sig_comp, - session->local.kexinit_len); + (uint32_t)session->local.kexinit_len); _libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, exchange_state->h_sig_comp, 4); _libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, @@ -566,7 +569,7 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, session->local.kexinit_len); _libssh2_htonu32(exchange_state->h_sig_comp, - session->remote.kexinit_len); + (uint32_t)session->remote.kexinit_len); _libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, exchange_state->h_sig_comp, 4); _libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, @@ -583,7 +586,6 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, if(packet_type_init == SSH_MSG_KEX_DH_GEX_INIT) { /* diffie-hellman-group-exchange hashes additional fields */ -#ifdef LIBSSH2_DH_GEX_NEW _libssh2_htonu32(exchange_state->h_sig_comp, LIBSSH2_DH_GEX_MINGROUP); _libssh2_htonu32(exchange_state->h_sig_comp + 4, @@ -592,12 +594,6 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, LIBSSH2_DH_GEX_MAXGROUP); _libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, exchange_state->h_sig_comp, 12); -#else - _libssh2_htonu32(exchange_state->h_sig_comp, - LIBSSH2_DH_GEX_OPTGROUP); - _libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, - exchange_state->h_sig_comp, 4); -#endif } if(midhash) { @@ -610,7 +606,7 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, exchange_state->e_packet_len - 1); _libssh2_htonu32(exchange_state->h_sig_comp, - exchange_state->f_value_len); + (uint32_t)exchange_state->f_value_len); _libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, exchange_state->h_sig_comp, 4); _libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, @@ -624,16 +620,25 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, _libssh2_sha_algo_ctx_final(sha_algo_value, exchange_hash_ctx, exchange_state->h_sig_comp); - if(session->hostkey-> - sig_verify(session, exchange_state->h_sig, - exchange_state->h_sig_len, exchange_state->h_sig_comp, - digest_len, &session->server_hostkey_abstract)) { + err = session->hostkey->sig_verify(session, + exchange_state->h_sig, + exchange_state->h_sig_len, + exchange_state->h_sig_comp, + digest_len, + &session->server_hostkey_abstract); + + if(err) { + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Failed hostkey sig_verify(): %s: %d", + session->hostkey->name, err)); ret = _libssh2_error(session, LIBSSH2_ERROR_HOSTKEY_SIGN, - "Unable to verify hostkey signature"); + "Unable to verify hostkey signature " + "DH-SHA"); goto clean_exit; } - _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Sending NEWKEYS message"); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Sending NEWKEYS message")); exchange_state->c = SSH_MSG_NEWKEYS; exchange_state->state = libssh2_NB_state_sent2; @@ -646,7 +651,7 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, } else if(rc) { ret = _libssh2_error(session, rc, - "Unable to send NEWKEYS message"); + "Unable to send NEWKEYS message DH-SHA"); goto clean_exit; } @@ -662,13 +667,16 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, return rc; } else if(rc) { - ret = _libssh2_error(session, rc, "Timed out waiting for NEWKEYS"); + ret = _libssh2_error(session, rc, + "Timed out waiting for NEWKEYS DH-SHA"); goto clean_exit; } + /* The first key exchange has been performed, switch to active crypt/comp/mac mode */ session->state |= LIBSSH2_STATE_NEWKEYS; - _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Received NEWKEYS message"); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Received NEWKEYS message DH-SHA")); /* This will actually end up being just packet_type(1) for this packet type anyway */ @@ -685,8 +693,8 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, memcpy(session->session_id, exchange_state->h_sig_comp, digest_len); session->session_id_len = digest_len; - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "session_id calculated"); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "session_id calculated")); } /* Cleanup any existing cipher */ @@ -739,8 +747,8 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, LIBSSH2_FREE(session, secret); } } - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Client to Server IV and Key calculated"); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Client to Server IV and Key calculated")); if(session->remote.crypt->dtor) { /* Cleanup any existing cipher */ @@ -789,8 +797,8 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, LIBSSH2_FREE(session, secret); } } - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Server to Client IV and Key calculated"); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Server to Client IV and Key calculated")); if(session->local.mac->dtor) { session->local.mac->dtor(session, &session->local.mac_abstract); @@ -816,8 +824,8 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, LIBSSH2_FREE(session, key); } } - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Client to Server HMAC Key calculated"); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Client to Server HMAC Key calculated")); if(session->remote.mac->dtor) { session->remote.mac->dtor(session, &session->remote.mac_abstract); @@ -843,8 +851,8 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, LIBSSH2_FREE(session, key); } } - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Server to Client HMAC Key calculated"); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Server to Client HMAC Key calculated")); /* Initialize compression for each direction */ @@ -856,13 +864,13 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, if(session->local.comp && session->local.comp->init) { if(session->local.comp->init(session, 1, - &session->local.comp_abstract)) { + &session->local.comp_abstract)) { ret = LIBSSH2_ERROR_KEX_FAILURE; goto clean_exit; } } - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Client to Server compression initialized"); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Client to Server compression initialized")); if(session->remote.comp && session->remote.comp->dtor) { session->remote.comp->dtor(session, 0, @@ -871,17 +879,17 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, if(session->remote.comp && session->remote.comp->init) { if(session->remote.comp->init(session, 0, - &session->remote.comp_abstract)) { + &session->remote.comp_abstract)) { ret = LIBSSH2_ERROR_KEX_FAILURE; goto clean_exit; } } - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Server to Client compression initialized"); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Server to Client compression initialized")); } - clean_exit: +clean_exit: libssh2_dh_dtor(&exchange_state->x); _libssh2_bn_free(exchange_state->e); exchange_state->e = NULL; @@ -954,8 +962,8 @@ kex_method_diffie_hellman_group1_sha1_key_exchange(LIBSSH2_SESSION *session, _libssh2_bn_set_word(key_state->g, 2); _libssh2_bn_from_bin(key_state->p, 128, p_value); - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Initiating Diffie-Hellman Group1 Key Exchange"); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Initiating Diffie-Hellman Group1 Key Exchange")); key_state->state = libssh2_NB_state_created; } @@ -990,7 +998,7 @@ typedef int (*diffie_hellman_hash_func_t)(LIBSSH2_SESSION *, unsigned char, unsigned char, unsigned char *, - unsigned long, + size_t, kmdhgGPshakex_state_t *); static int kex_method_diffie_hellman_group14_key_exchange(LIBSSH2_SESSION *session, @@ -1047,14 +1055,14 @@ kex_method_diffie_hellman_group14_key_exchange(LIBSSH2_SESSION *session, _libssh2_bn_set_word(key_state->g, 2); _libssh2_bn_from_bin(key_state->p, 256, p_value); - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Initiating Diffie-Hellman Group14 Key Exchange"); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Initiating Diffie-Hellman Group14 Key Exchange")); key_state->state = libssh2_NB_state_created; } ret = hashfunc(session, key_state->g, key_state->p, - 256, sha_algo_value, exchange_hash_ctx, SSH_MSG_KEXDH_INIT, - SSH_MSG_KEXDH_REPLY, NULL, 0, &key_state->exchange_state); + 256, sha_algo_value, exchange_hash_ctx, SSH_MSG_KEXDH_INIT, + SSH_MSG_KEXDH_REPLY, NULL, 0, &key_state->exchange_state); if(ret == LIBSSH2_ERROR_EAGAIN) { return ret; } @@ -1080,9 +1088,9 @@ kex_method_diffie_hellman_group14_sha1_key_exchange(LIBSSH2_SESSION *session, { libssh2_sha1_ctx ctx; return kex_method_diffie_hellman_group14_key_exchange(session, - key_state, 1, - &ctx, - diffie_hellman_sha_algo); + key_state, 1, + &ctx, + diffie_hellman_sha_algo); } @@ -1097,9 +1105,9 @@ kex_method_diffie_hellman_group14_sha256_key_exchange(LIBSSH2_SESSION *session, { libssh2_sha256_ctx ctx; return kex_method_diffie_hellman_group14_key_exchange(session, - key_state, 256, - &ctx, - diffie_hellman_sha_algo); + key_state, 256, + &ctx, + diffie_hellman_sha_algo); } /* kex_method_diffie_hellman_group16_sha512_key_exchange @@ -1109,7 +1117,6 @@ static int kex_method_diffie_hellman_group16_sha512_key_exchange(LIBSSH2_SESSION *session, key_exchange_state_low_t * key_state) - { static const unsigned char p_value[512] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, @@ -1169,8 +1176,8 @@ kex_method_diffie_hellman_group16_sha512_key_exchange(LIBSSH2_SESSION *session, _libssh2_bn_set_word(key_state->g, 2); _libssh2_bn_from_bin(key_state->p, 512, p_value); - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Initiating Diffie-Hellman Group16 Key Exchange"); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Initiating Diffie-Hellman Group16 Key Exchange")); key_state->state = libssh2_NB_state_created; } @@ -1199,7 +1206,6 @@ static int kex_method_diffie_hellman_group18_sha512_key_exchange(LIBSSH2_SESSION *session, key_exchange_state_low_t * key_state) - { static const unsigned char p_value[1024] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, @@ -1302,8 +1308,8 @@ kex_method_diffie_hellman_group18_sha512_key_exchange(LIBSSH2_SESSION *session, _libssh2_bn_set_word(key_state->g, 2); _libssh2_bn_from_bin(key_state->p, 1024, p_value); - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Initiating Diffie-Hellman Group18 Key Exchange"); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Initiating Diffie-Hellman Group18 Key Exchange")); key_state->state = libssh2_NB_state_created; } @@ -1330,8 +1336,9 @@ kex_method_diffie_hellman_group18_sha512_key_exchange(LIBSSH2_SESSION *session, * Negotiates random(ish) group for secret derivation */ static int -kex_method_diffie_hellman_group_exchange_sha1_key_exchange -(LIBSSH2_SESSION * session, key_exchange_state_low_t * key_state) +kex_method_diffie_hellman_group_exchange_sha1_key_exchange( + LIBSSH2_SESSION * session, + key_exchange_state_low_t * key_state) { int ret = 0; int rc; @@ -1340,23 +1347,13 @@ kex_method_diffie_hellman_group_exchange_sha1_key_exchange key_state->p = _libssh2_bn_init_from_bin(); key_state->g = _libssh2_bn_init_from_bin(); /* Ask for a P and G pair */ -#ifdef LIBSSH2_DH_GEX_NEW key_state->request[0] = SSH_MSG_KEX_DH_GEX_REQUEST; _libssh2_htonu32(key_state->request + 1, LIBSSH2_DH_GEX_MINGROUP); _libssh2_htonu32(key_state->request + 5, LIBSSH2_DH_GEX_OPTGROUP); _libssh2_htonu32(key_state->request + 9, LIBSSH2_DH_GEX_MAXGROUP); key_state->request_len = 13; - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Initiating Diffie-Hellman Group-Exchange " - "(New Method)"); -#else - key_state->request[0] = SSH_MSG_KEX_DH_GEX_REQUEST_OLD; - _libssh2_htonu32(key_state->request + 1, LIBSSH2_DH_GEX_OPTGROUP); - key_state->request_len = 5; - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Initiating Diffie-Hellman Group-Exchange " - "(Old Method)"); -#endif + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Initiating Diffie-Hellman Group-Exchange SHA1")); key_state->state = libssh2_NB_state_created; } @@ -1400,7 +1397,7 @@ kex_method_diffie_hellman_group_exchange_sha1_key_exchange if(key_state->data_len < 9) { ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, - "Unexpected key length"); + "Unexpected key length DH-SHA1"); goto dh_gex_clean_exit; } @@ -1412,13 +1409,13 @@ kex_method_diffie_hellman_group_exchange_sha1_key_exchange if(_libssh2_get_bignum_bytes(&buf, &p, &p_len)) { ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, - "Unexpected value"); + "Unexpected value DH-SHA1 p"); goto dh_gex_clean_exit; } if(_libssh2_get_bignum_bytes(&buf, &g, &g_len)) { ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, - "Unexpected value"); + "Unexpected value DH-SHA1 g"); goto dh_gex_clean_exit; } @@ -1426,7 +1423,7 @@ kex_method_diffie_hellman_group_exchange_sha1_key_exchange _libssh2_bn_from_bin(key_state->g, g_len, g); ret = diffie_hellman_sha_algo(session, key_state->g, key_state->p, - p_len, 1, + (int)p_len, 1, (void *)&exchange_hash_ctx, SSH_MSG_KEX_DH_GEX_INIT, SSH_MSG_KEX_DH_GEX_REPLY, @@ -1440,7 +1437,7 @@ kex_method_diffie_hellman_group_exchange_sha1_key_exchange LIBSSH2_FREE(session, key_state->data); } - dh_gex_clean_exit: +dh_gex_clean_exit: key_state->state = libssh2_NB_state_idle; _libssh2_bn_free(key_state->g); key_state->g = NULL; @@ -1457,8 +1454,9 @@ kex_method_diffie_hellman_group_exchange_sha1_key_exchange * Negotiates random(ish) group for secret derivation */ static int -kex_method_diffie_hellman_group_exchange_sha256_key_exchange -(LIBSSH2_SESSION * session, key_exchange_state_low_t * key_state) +kex_method_diffie_hellman_group_exchange_sha256_key_exchange( + LIBSSH2_SESSION * session, + key_exchange_state_low_t * key_state) { int ret = 0; int rc; @@ -1467,23 +1465,13 @@ kex_method_diffie_hellman_group_exchange_sha256_key_exchange key_state->p = _libssh2_bn_init(); key_state->g = _libssh2_bn_init(); /* Ask for a P and G pair */ -#ifdef LIBSSH2_DH_GEX_NEW key_state->request[0] = SSH_MSG_KEX_DH_GEX_REQUEST; _libssh2_htonu32(key_state->request + 1, LIBSSH2_DH_GEX_MINGROUP); _libssh2_htonu32(key_state->request + 5, LIBSSH2_DH_GEX_OPTGROUP); _libssh2_htonu32(key_state->request + 9, LIBSSH2_DH_GEX_MAXGROUP); key_state->request_len = 13; - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Initiating Diffie-Hellman Group-Exchange " - "(New Method SHA256)"); -#else - key_state->request[0] = SSH_MSG_KEX_DH_GEX_REQUEST_OLD; - _libssh2_htonu32(key_state->request + 1, LIBSSH2_DH_GEX_OPTGROUP); - key_state->request_len = 5; - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Initiating Diffie-Hellman Group-Exchange " - "(Old Method SHA256)"); -#endif + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Initiating Diffie-Hellman Group-Exchange SHA256")); key_state->state = libssh2_NB_state_created; } @@ -1528,7 +1516,7 @@ kex_method_diffie_hellman_group_exchange_sha256_key_exchange if(key_state->data_len < 9) { ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, - "Unexpected key length"); + "Unexpected key length DH-SHA256"); goto dh_gex_clean_exit; } @@ -1540,13 +1528,13 @@ kex_method_diffie_hellman_group_exchange_sha256_key_exchange if(_libssh2_get_bignum_bytes(&buf, &p, &p_len)) { ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, - "Unexpected value"); + "Unexpected value DH-SHA256 p"); goto dh_gex_clean_exit; } if(_libssh2_get_bignum_bytes(&buf, &g, &g_len)) { ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, - "Unexpected value"); + "Unexpected value DH-SHA256 g"); goto dh_gex_clean_exit; } @@ -1554,7 +1542,7 @@ kex_method_diffie_hellman_group_exchange_sha256_key_exchange _libssh2_bn_from_bin(key_state->g, g_len, g); ret = diffie_hellman_sha_algo(session, key_state->g, key_state->p, - p_len, 256, + (int)p_len, 256, (void *)&exchange_hash_ctx, SSH_MSG_KEX_DH_GEX_INIT, SSH_MSG_KEX_DH_GEX_REPLY, @@ -1568,7 +1556,7 @@ kex_method_diffie_hellman_group_exchange_sha256_key_exchange LIBSSH2_FREE(session, key_state->data); } - dh_gex_clean_exit: +dh_gex_clean_exit: key_state->state = libssh2_NB_state_idle; _libssh2_bn_free(key_state->g); key_state->g = NULL; @@ -1596,96 +1584,96 @@ kex_method_diffie_hellman_group_exchange_sha256_key_exchange * */ -#define LIBSSH2_KEX_METHOD_EC_SHA_HASH_CREATE_VERIFY(digest_type) \ -{ \ - libssh2_sha##digest_type##_ctx ctx; \ - exchange_state->exchange_hash = (void *)&ctx; \ - libssh2_sha##digest_type##_init(&ctx); \ - if(session->local.banner) { \ - _libssh2_htonu32(exchange_state->h_sig_comp, \ - strlen((char *) session->local.banner) - 2); \ - libssh2_sha##digest_type##_update(ctx, \ - exchange_state->h_sig_comp, 4); \ - libssh2_sha##digest_type##_update(ctx, \ - (char *) session->local.banner, \ - strlen((char *) \ - session->local.banner) \ - - 2); \ - } \ - else { \ - _libssh2_htonu32(exchange_state->h_sig_comp, \ - sizeof(LIBSSH2_SSH_DEFAULT_BANNER) - 1); \ - libssh2_sha##digest_type##_update(ctx, \ - exchange_state->h_sig_comp, 4); \ - libssh2_sha##digest_type##_update(ctx, \ - LIBSSH2_SSH_DEFAULT_BANNER, \ +#define LIBSSH2_KEX_METHOD_EC_SHA_HASH_CREATE_VERIFY(digest_type) \ +do { \ + libssh2_sha##digest_type##_ctx ctx; \ + exchange_state->exchange_hash = (void *)&ctx; \ + (void)libssh2_sha##digest_type##_init(&ctx); \ + if(session->local.banner) { \ + _libssh2_htonu32(exchange_state->h_sig_comp, \ + (uint32_t)(strlen((char *) session->local.banner) - 2)); \ + libssh2_sha##digest_type##_update(ctx, \ + exchange_state->h_sig_comp, 4); \ + libssh2_sha##digest_type##_update(ctx, \ + (char *) session->local.banner, \ + strlen((char *) \ + session->local.banner) \ + - 2); \ + } \ + else { \ + _libssh2_htonu32(exchange_state->h_sig_comp, \ + sizeof(LIBSSH2_SSH_DEFAULT_BANNER) - 1); \ + libssh2_sha##digest_type##_update(ctx, \ + exchange_state->h_sig_comp, 4); \ + libssh2_sha##digest_type##_update(ctx, \ + LIBSSH2_SSH_DEFAULT_BANNER, \ sizeof(LIBSSH2_SSH_DEFAULT_BANNER) \ - - 1); \ - } \ - \ - _libssh2_htonu32(exchange_state->h_sig_comp, \ - strlen((char *) session->remote.banner)); \ - libssh2_sha##digest_type##_update(ctx, \ - exchange_state->h_sig_comp, 4); \ - libssh2_sha##digest_type##_update(ctx, \ - session->remote.banner, \ - strlen((char *) \ - session->remote.banner)); \ - \ - _libssh2_htonu32(exchange_state->h_sig_comp, \ - session->local.kexinit_len); \ - libssh2_sha##digest_type##_update(ctx, \ - exchange_state->h_sig_comp, 4); \ - libssh2_sha##digest_type##_update(ctx, \ - session->local.kexinit, \ - session->local.kexinit_len); \ - \ - _libssh2_htonu32(exchange_state->h_sig_comp, \ - session->remote.kexinit_len); \ - libssh2_sha##digest_type##_update(ctx, \ - exchange_state->h_sig_comp, 4); \ - libssh2_sha##digest_type##_update(ctx, \ - session->remote.kexinit, \ - session->remote.kexinit_len); \ - \ - _libssh2_htonu32(exchange_state->h_sig_comp, \ - session->server_hostkey_len); \ - libssh2_sha##digest_type##_update(ctx, \ - exchange_state->h_sig_comp, 4); \ - libssh2_sha##digest_type##_update(ctx, \ - session->server_hostkey, \ - session->server_hostkey_len); \ - \ - _libssh2_htonu32(exchange_state->h_sig_comp, \ - public_key_len); \ - libssh2_sha##digest_type##_update(ctx, \ - exchange_state->h_sig_comp, 4); \ - libssh2_sha##digest_type##_update(ctx, \ - public_key, \ - public_key_len); \ - \ - _libssh2_htonu32(exchange_state->h_sig_comp, \ - server_public_key_len); \ - libssh2_sha##digest_type##_update(ctx, \ - exchange_state->h_sig_comp, 4); \ - libssh2_sha##digest_type##_update(ctx, \ - server_public_key, \ - server_public_key_len); \ - \ - libssh2_sha##digest_type##_update(ctx, \ - exchange_state->k_value, \ - exchange_state->k_value_len); \ - \ - libssh2_sha##digest_type##_final(ctx, exchange_state->h_sig_comp); \ - \ - if(session->hostkey-> \ - sig_verify(session, exchange_state->h_sig, \ - exchange_state->h_sig_len, exchange_state->h_sig_comp, \ - SHA##digest_type##_DIGEST_LENGTH, \ - &session->server_hostkey_abstract)) { \ - rc = -1; \ - } \ -} \ + - 1); \ + } \ + \ + _libssh2_htonu32(exchange_state->h_sig_comp, \ + (uint32_t)strlen((char *) session->remote.banner)); \ + libssh2_sha##digest_type##_update(ctx, \ + exchange_state->h_sig_comp, 4); \ + libssh2_sha##digest_type##_update(ctx, \ + session->remote.banner, \ + strlen((char *) \ + session->remote.banner)); \ + \ + _libssh2_htonu32(exchange_state->h_sig_comp, \ + (uint32_t)session->local.kexinit_len); \ + libssh2_sha##digest_type##_update(ctx, \ + exchange_state->h_sig_comp, 4); \ + libssh2_sha##digest_type##_update(ctx, \ + session->local.kexinit, \ + session->local.kexinit_len); \ + \ + _libssh2_htonu32(exchange_state->h_sig_comp, \ + (uint32_t)session->remote.kexinit_len); \ + libssh2_sha##digest_type##_update(ctx, \ + exchange_state->h_sig_comp, 4); \ + libssh2_sha##digest_type##_update(ctx, \ + session->remote.kexinit, \ + session->remote.kexinit_len); \ + \ + _libssh2_htonu32(exchange_state->h_sig_comp, \ + session->server_hostkey_len); \ + libssh2_sha##digest_type##_update(ctx, \ + exchange_state->h_sig_comp, 4); \ + libssh2_sha##digest_type##_update(ctx, \ + session->server_hostkey, \ + session->server_hostkey_len); \ + \ + _libssh2_htonu32(exchange_state->h_sig_comp, \ + (uint32_t)public_key_len); \ + libssh2_sha##digest_type##_update(ctx, \ + exchange_state->h_sig_comp, 4); \ + libssh2_sha##digest_type##_update(ctx, \ + public_key, \ + public_key_len); \ + \ + _libssh2_htonu32(exchange_state->h_sig_comp, \ + (uint32_t)server_public_key_len); \ + libssh2_sha##digest_type##_update(ctx, \ + exchange_state->h_sig_comp, 4); \ + libssh2_sha##digest_type##_update(ctx, \ + server_public_key, \ + server_public_key_len); \ + \ + libssh2_sha##digest_type##_update(ctx, \ + exchange_state->k_value, \ + exchange_state->k_value_len); \ + \ + libssh2_sha##digest_type##_final(ctx, exchange_state->h_sig_comp); \ + \ + if(session->hostkey-> \ + sig_verify(session, exchange_state->h_sig, \ + exchange_state->h_sig_len, exchange_state->h_sig_comp, \ + SHA##digest_type##_DIGEST_LENGTH, \ + &session->server_hostkey_abstract)) { \ + rc = -1; \ + } \ +} while(0) #if LIBSSH2_ECDSA @@ -1700,7 +1688,7 @@ kex_session_ecdh_curve_type(const char *name, libssh2_curve_type *out_type) int ret = 0; libssh2_curve_type type; - if(name == NULL) + if(!name) return -1; if(strcmp(name, "ecdh-sha2-nistp256") == 0) @@ -1710,6 +1698,11 @@ kex_session_ecdh_curve_type(const char *name, libssh2_curve_type *out_type) else if(strcmp(name, "ecdh-sha2-nistp521") == 0) type = LIBSSH2_EC_CURVE_NISTP521; else { +/* silence: + warning C4701: potentially uninitialized local variable 'type' used */ +#if defined(_MSC_VER) + type = (libssh2_curve_type)0; +#endif ret = -1; } @@ -1736,7 +1729,7 @@ static int ecdh_sha2_nistp(LIBSSH2_SESSION *session, libssh2_curve_type type, if(data_len < 5) { ret = _libssh2_error(session, LIBSSH2_ERROR_HOSTKEY_INIT, - "Host key data is too short"); + "Host key data is too short"); return ret; } @@ -1761,11 +1754,11 @@ static int ecdh_sha2_nistp(LIBSSH2_SESSION *session, libssh2_curve_type type, buf.dataptr = buf.data; buf.dataptr++; /* Advance past packet type */ - if(_libssh2_copy_string(session, &buf, &(session->server_hostkey), + if(_libssh2_copy_string(session, &buf, &(session->server_hostkey), &server_public_key_len)) { - ret = _libssh2_error(session, LIBSSH2_ERROR_ALLOC, - "Unable to allocate memory for a copy " - "of the host key"); + ret = _libssh2_error(session, LIBSSH2_ERROR_ALLOC, + "Unable to allocate memory for a copy " + "of the host ECDH key"); goto clean_exit; } @@ -1794,8 +1787,8 @@ static int ecdh_sha2_nistp(LIBSSH2_SESSION *session, libssh2_curve_type type, snprintf(fprint, 4, "%02x:", session->server_hostkey_md5[i]); } *(--fprint) = '\0'; - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Server's MD5 Fingerprint: %s", fingerprint); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Server's MD5 Fingerprint: %s", fingerprint)); } #endif /* LIBSSH2DEBUG */ #endif /* ! LIBSSH2_MD5 */ @@ -1818,13 +1811,12 @@ static int ecdh_sha2_nistp(LIBSSH2_SESSION *session, libssh2_curve_type type, { char fingerprint[64], *fprint = fingerprint; int i; - for(i = 0; i < 20; i++, fprint += 3) { snprintf(fprint, 4, "%02x:", session->server_hostkey_sha1[i]); } *(--fprint) = '\0'; - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Server's SHA1 Fingerprint: %s", fingerprint); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Server's SHA1 Fingerprint: %s", fingerprint)); } #endif /* LIBSSH2DEBUG */ @@ -1850,20 +1842,21 @@ static int ecdh_sha2_nistp(LIBSSH2_SESSION *session, libssh2_curve_type type, (const char *) session->server_hostkey_sha256, SHA256_DIGEST_LENGTH, &base64Fingerprint); - if(base64Fingerprint != NULL) { - _libssh2_debug(session, LIBSSH2_TRACE_KEX, + if(base64Fingerprint) { + _libssh2_debug((session, LIBSSH2_TRACE_KEX, "Server's SHA256 Fingerprint: %s", - base64Fingerprint); + base64Fingerprint)); LIBSSH2_FREE(session, base64Fingerprint); } } #endif /* LIBSSH2DEBUG */ if(session->hostkey->init(session, session->server_hostkey, - session->server_hostkey_len, - &session->server_hostkey_abstract)) { + session->server_hostkey_len, + &session->server_hostkey_abstract)) { ret = _libssh2_error(session, LIBSSH2_ERROR_HOSTKEY_INIT, - "Unable to initialize hostkey importer"); + "Unable to initialize hostkey importer " + "ECDH"); goto clean_exit; } @@ -1871,7 +1864,7 @@ static int ecdh_sha2_nistp(LIBSSH2_SESSION *session, libssh2_curve_type type, if(_libssh2_get_string(&buf, &server_public_key, &server_public_key_len)) { ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, - "Unexpected key length"); + "Unexpected key length ECDH"); goto clean_exit; } @@ -1879,14 +1872,14 @@ static int ecdh_sha2_nistp(LIBSSH2_SESSION *session, libssh2_curve_type type, if(_libssh2_get_string(&buf, &exchange_state->h_sig, &(exchange_state->h_sig_len))) { ret = _libssh2_error(session, LIBSSH2_ERROR_HOSTKEY_INIT, - "Unexpected ecdh server sig length"); + "Unexpected ECDH server sig length"); goto clean_exit; } /* Compute the shared secret K */ rc = _libssh2_ecdh_gen_k(&exchange_state->k, private_key, server_public_key, server_public_key_len); - if(rc != 0) { + if(rc) { ret = _libssh2_error(session, LIBSSH2_ERROR_KEX_FAILURE, "Unable to create ECDH shared secret"); goto clean_exit; @@ -1901,11 +1894,11 @@ static int ecdh_sha2_nistp(LIBSSH2_SESSION *session, libssh2_curve_type type, LIBSSH2_ALLOC(session, exchange_state->k_value_len); if(!exchange_state->k_value) { ret = _libssh2_error(session, LIBSSH2_ERROR_ALLOC, - "Unable to allocate buffer for K"); + "Unable to allocate buffer for ECDH K"); goto clean_exit; } _libssh2_htonu32(exchange_state->k_value, - exchange_state->k_value_len - 4); + (uint32_t)(exchange_state->k_value_len - 4)); if(_libssh2_bn_bits(exchange_state->k) % 8) { _libssh2_bn_to_bin(exchange_state->k, exchange_state->k_value + 4); } @@ -1929,9 +1922,10 @@ static int ecdh_sha2_nistp(LIBSSH2_SESSION *session, libssh2_curve_type type, break; } - if(rc != 0) { + if(rc) { ret = _libssh2_error(session, LIBSSH2_ERROR_HOSTKEY_SIGN, - "Unable to verify hostkey signature"); + "Unable to verify hostkey signature " + "ECDH"); goto clean_exit; } @@ -1946,7 +1940,7 @@ static int ecdh_sha2_nistp(LIBSSH2_SESSION *session, libssh2_curve_type type, } else if(rc) { ret = _libssh2_error(session, rc, - "Unable to send NEWKEYS message"); + "Unable to send NEWKEYS message ECDH"); goto clean_exit; } @@ -1962,17 +1956,19 @@ static int ecdh_sha2_nistp(LIBSSH2_SESSION *session, libssh2_curve_type type, return rc; } else if(rc) { - ret = _libssh2_error(session, rc, "Timed out waiting for NEWKEYS"); + ret = _libssh2_error(session, rc, + "Timed out waiting for NEWKEYS ECDH"); goto clean_exit; } /* The first key exchange has been performed, - switch to active crypt/comp/mac mode */ + switch to active crypt/comp/mac mode */ session->state |= LIBSSH2_STATE_NEWKEYS; - _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Received NEWKEYS message"); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Received NEWKEYS message ECDH")); /* This will actually end up being just packet_type(1) - for this packet type anyway */ + for this packet type anyway */ LIBSSH2_FREE(session, exchange_state->tmp); if(!session->session_id) { @@ -2000,9 +1996,9 @@ static int ecdh_sha2_nistp(LIBSSH2_SESSION *session, libssh2_curve_type type, } memcpy(session->session_id, exchange_state->h_sig_comp, digest_length); - session->session_id_len = digest_length; - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "session_id calculated"); + session->session_id_len = (uint32_t)digest_length; + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "session_id calculated")); } /* Cleanup any existing cipher */ @@ -2025,8 +2021,8 @@ static int ecdh_sha2_nistp(LIBSSH2_SESSION *session, libssh2_curve_type type, } LIBSSH2_KEX_METHOD_EC_SHA_VALUE_HASH(secret, - session->local.crypt-> - secret_len, "C"); + session->local.crypt-> + secret_len, "C"); if(!secret) { LIBSSH2_FREE(session, iv); @@ -2053,8 +2049,8 @@ static int ecdh_sha2_nistp(LIBSSH2_SESSION *session, libssh2_curve_type type, LIBSSH2_FREE(session, secret); } } - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Client to Server IV and Key calculated"); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Client to Server IV and Key calculated")); if(session->remote.crypt->dtor) { /* Cleanup any existing cipher */ @@ -2103,8 +2099,8 @@ static int ecdh_sha2_nistp(LIBSSH2_SESSION *session, libssh2_curve_type type, LIBSSH2_FREE(session, secret); } } - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Server to Client IV and Key calculated"); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Server to Client IV and Key calculated")); if(session->local.mac->dtor) { session->local.mac->dtor(session, &session->local.mac_abstract); @@ -2130,8 +2126,8 @@ static int ecdh_sha2_nistp(LIBSSH2_SESSION *session, libssh2_curve_type type, LIBSSH2_FREE(session, key); } } - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Client to Server HMAC Key calculated"); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Client to Server HMAC Key calculated")); if(session->remote.mac->dtor) { session->remote.mac->dtor(session, &session->remote.mac_abstract); @@ -2157,8 +2153,8 @@ static int ecdh_sha2_nistp(LIBSSH2_SESSION *session, libssh2_curve_type type, LIBSSH2_FREE(session, key); } } - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Server to Client HMAC Key calculated"); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Server to Client HMAC Key calculated")); /* Initialize compression for each direction */ @@ -2170,13 +2166,13 @@ static int ecdh_sha2_nistp(LIBSSH2_SESSION *session, libssh2_curve_type type, if(session->local.comp && session->local.comp->init) { if(session->local.comp->init(session, 1, - &session->local.comp_abstract)) { + &session->local.comp_abstract)) { ret = LIBSSH2_ERROR_KEX_FAILURE; goto clean_exit; } } - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Client to Server compression initialized"); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Client to Server compression initialized")); if(session->remote.comp && session->remote.comp->dtor) { session->remote.comp->dtor(session, 0, @@ -2185,14 +2181,13 @@ static int ecdh_sha2_nistp(LIBSSH2_SESSION *session, libssh2_curve_type type, if(session->remote.comp && session->remote.comp->init) { if(session->remote.comp->init(session, 0, - &session->remote.comp_abstract)) { + &session->remote.comp_abstract)) { ret = LIBSSH2_ERROR_KEX_FAILURE; goto clean_exit; } } - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Server to Client compression initialized"); - + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Server to Client compression initialized")); } clean_exit: @@ -2212,10 +2207,9 @@ clean_exit: /* kex_method_ecdh_key_exchange * * Elliptic Curve Diffie Hellman Key Exchange - * supports SHA256/384/512 hashes based on negotated ecdh method + * supports SHA256/384/512 hashes based on negotiated ecdh method * */ - static int kex_method_ecdh_key_exchange (LIBSSH2_SESSION * session, key_exchange_state_low_t * key_state) @@ -2234,7 +2228,7 @@ kex_method_ecdh_key_exchange if(key_state->state == libssh2_NB_state_created) { rc = kex_session_ecdh_curve_type(session->kex->name, &type); - if(rc != 0) { + if(rc) { ret = _libssh2_error(session, -1, "Unknown KEX nistp curve type"); goto ecdh_clean_exit; @@ -2244,7 +2238,7 @@ kex_method_ecdh_key_exchange &key_state->public_key_oct, &key_state->public_key_oct_len, type); - if(rc != 0) { + if(rc) { ret = _libssh2_error(session, rc, "Unable to create private key"); goto ecdh_clean_exit; @@ -2256,8 +2250,8 @@ kex_method_ecdh_key_exchange key_state->public_key_oct_len); key_state->request_len = key_state->public_key_oct_len + 5; - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Initiating ECDH SHA2 NISTP256"); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Initiating ECDH SHA2 NISTP256")); key_state->state = libssh2_NB_state_sent; } @@ -2295,7 +2289,13 @@ kex_method_ecdh_key_exchange if(key_state->state == libssh2_NB_state_sent2) { - (void)kex_session_ecdh_curve_type(session->kex->name, &type); + rc = kex_session_ecdh_curve_type(session->kex->name, &type); + + if(rc) { + ret = _libssh2_error(session, -1, + "Unknown KEX nistp curve type"); + goto ecdh_clean_exit; + } ret = ecdh_sha2_nistp(session, type, key_state->data, key_state->data_len, @@ -2328,7 +2328,7 @@ ecdh_clean_exit: return ret; } -#endif /*LIBSSH2_ECDSA*/ +#endif /* LIBSSH2_ECDSA */ #if LIBSSH2_ED25519 @@ -2336,7 +2336,6 @@ ecdh_clean_exit: /* curve25519_sha256 * Elliptic Curve Key Exchange */ - static int curve25519_sha256(LIBSSH2_SESSION *session, unsigned char *data, size_t data_len, @@ -2369,7 +2368,7 @@ curve25519_sha256(LIBSSH2_SESSION *session, unsigned char *data, if(data_len < 5) { ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, - "Unexpected key length"); + "Unexpected curve25519 key length 1"); goto clean_exit; } @@ -2380,7 +2379,7 @@ curve25519_sha256(LIBSSH2_SESSION *session, unsigned char *data, if(_libssh2_get_string(&buf, &server_host_key, &hostkey_len)) { ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, - "Unexpected key length"); + "Unexpected curve25519 key length 2"); goto clean_exit; } @@ -2390,7 +2389,7 @@ curve25519_sha256(LIBSSH2_SESSION *session, unsigned char *data, if(!session->server_hostkey) { ret = _libssh2_error(session, LIBSSH2_ERROR_ALLOC, "Unable to allocate memory for a copy " - "of the host key"); + "of the host curve25519 key"); goto clean_exit; } @@ -2420,8 +2419,8 @@ curve25519_sha256(LIBSSH2_SESSION *session, unsigned char *data, snprintf(fprint, 4, "%02x:", session->server_hostkey_md5[i]); } *(--fprint) = '\0'; - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Server's MD5 Fingerprint: %s", fingerprint); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Server's MD5 Fingerprint: %s", fingerprint)); } #endif /* LIBSSH2DEBUG */ #endif /* ! LIBSSH2_MD5 */ @@ -2444,13 +2443,12 @@ curve25519_sha256(LIBSSH2_SESSION *session, unsigned char *data, { char fingerprint[64], *fprint = fingerprint; int i; - for(i = 0; i < 20; i++, fprint += 3) { snprintf(fprint, 4, "%02x:", session->server_hostkey_sha1[i]); } *(--fprint) = '\0'; - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Server's SHA1 Fingerprint: %s", fingerprint); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Server's SHA1 Fingerprint: %s", fingerprint)); } #endif /* LIBSSH2DEBUG */ @@ -2476,20 +2474,21 @@ curve25519_sha256(LIBSSH2_SESSION *session, unsigned char *data, (const char *) session->server_hostkey_sha256, SHA256_DIGEST_LENGTH, &base64Fingerprint); - if(base64Fingerprint != NULL) { - _libssh2_debug(session, LIBSSH2_TRACE_KEX, + if(base64Fingerprint) { + _libssh2_debug((session, LIBSSH2_TRACE_KEX, "Server's SHA256 Fingerprint: %s", - base64Fingerprint); + base64Fingerprint)); LIBSSH2_FREE(session, base64Fingerprint); } } #endif /* LIBSSH2DEBUG */ if(session->hostkey->init(session, session->server_hostkey, - session->server_hostkey_len, - &session->server_hostkey_abstract)) { + session->server_hostkey_len, + &session->server_hostkey_abstract)) { ret = _libssh2_error(session, LIBSSH2_ERROR_HOSTKEY_INIT, - "Unable to initialize hostkey importer"); + "Unable to initialize hostkey importer " + "curve25519"); goto clean_exit; } @@ -2497,7 +2496,7 @@ curve25519_sha256(LIBSSH2_SESSION *session, unsigned char *data, if(_libssh2_get_string(&buf, &server_public_key, &server_public_key_len)) { ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, - "Unexpected key length"); + "Unexpected curve25519 key length"); goto clean_exit; } @@ -2519,9 +2518,9 @@ curve25519_sha256(LIBSSH2_SESSION *session, unsigned char *data, /* Compute the shared secret K */ rc = _libssh2_curve25519_gen_k(&exchange_state->k, private_key, server_public_key); - if(rc != 0) { + if(rc) { ret = _libssh2_error(session, LIBSSH2_ERROR_KEX_FAILURE, - "Unable to create ECDH shared secret"); + "Unable to create curve25519 shared secret"); goto clean_exit; } @@ -2538,7 +2537,7 @@ curve25519_sha256(LIBSSH2_SESSION *session, unsigned char *data, goto clean_exit; } _libssh2_htonu32(exchange_state->k_value, - exchange_state->k_value_len - 4); + (uint32_t)(exchange_state->k_value_len - 4)); if(_libssh2_bn_bits(exchange_state->k) % 8) { _libssh2_bn_to_bin(exchange_state->k, exchange_state->k_value + 4); } @@ -2550,9 +2549,10 @@ curve25519_sha256(LIBSSH2_SESSION *session, unsigned char *data, /*/ verify hash */ LIBSSH2_KEX_METHOD_EC_SHA_HASH_CREATE_VERIFY(256); - if(rc != 0) { + if(rc) { ret = _libssh2_error(session, LIBSSH2_ERROR_HOSTKEY_SIGN, - "Unable to verify hostkey signature"); + "Unable to verify hostkey signature " + "curve25519"); goto clean_exit; } @@ -2567,7 +2567,7 @@ curve25519_sha256(LIBSSH2_SESSION *session, unsigned char *data, } else if(rc) { ret = _libssh2_error(session, rc, - "Unable to send NEWKEYS message"); + "Unable to send NEWKEYS message curve25519"); goto clean_exit; } @@ -2583,18 +2583,19 @@ curve25519_sha256(LIBSSH2_SESSION *session, unsigned char *data, return rc; } else if(rc) { - ret = _libssh2_error(session, rc, "Timed out waiting for NEWKEYS"); + ret = _libssh2_error(session, rc, + "Timed out waiting for NEWKEYS curve25519"); goto clean_exit; } - /* The first key exchange has been performed, switch to active - crypt/comp/mac mode */ - + /* The first key exchange has been performed, + switch to active crypt/comp/mac mode */ session->state |= LIBSSH2_STATE_NEWKEYS; - _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Received NEWKEYS message"); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Received NEWKEYS message curve25519")); - /* This will actually end up being just packet_type(1) for this packet - type anyway */ + /* This will actually end up being just packet_type(1) + for this packet type anyway */ LIBSSH2_FREE(session, exchange_state->tmp); if(!session->session_id) { @@ -2603,21 +2604,21 @@ curve25519_sha256(LIBSSH2_SESSION *session, unsigned char *data, session->session_id = LIBSSH2_ALLOC(session, digest_length); if(!session->session_id) { ret = _libssh2_error(session, LIBSSH2_ERROR_ALLOC, - "Unable to allxcocate buffer for " + "Unable to allocate buffer for " "SHA digest"); goto clean_exit; } memcpy(session->session_id, exchange_state->h_sig_comp, digest_length); - session->session_id_len = digest_length; - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "session_id calculated"); + session->session_id_len = (uint32_t)digest_length; + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "session_id calculated")); } /* Cleanup any existing cipher */ if(session->local.crypt->dtor) { session->local.crypt->dtor(session, - &session->local.crypt_abstract); + &session->local.crypt_abstract); } /* Calculate IV/Secret/Key for each direction */ @@ -2662,8 +2663,8 @@ curve25519_sha256(LIBSSH2_SESSION *session, unsigned char *data, LIBSSH2_FREE(session, secret); } } - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Client to Server IV and Key calculated"); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Client to Server IV and Key calculated")); if(session->remote.crypt->dtor) { /* Cleanup any existing cipher */ @@ -2712,8 +2713,8 @@ curve25519_sha256(LIBSSH2_SESSION *session, unsigned char *data, LIBSSH2_FREE(session, secret); } } - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Server to Client IV and Key calculated"); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Server to Client IV and Key calculated")); if(session->local.mac->dtor) { session->local.mac->dtor(session, &session->local.mac_abstract); @@ -2739,8 +2740,8 @@ curve25519_sha256(LIBSSH2_SESSION *session, unsigned char *data, LIBSSH2_FREE(session, key); } } - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Client to Server HMAC Key calculated"); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Client to Server HMAC Key calculated")); if(session->remote.mac->dtor) { session->remote.mac->dtor(session, &session->remote.mac_abstract); @@ -2766,8 +2767,8 @@ curve25519_sha256(LIBSSH2_SESSION *session, unsigned char *data, LIBSSH2_FREE(session, key); } } - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Server to Client HMAC Key calculated"); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Server to Client HMAC Key calculated")); /* Initialize compression for each direction */ @@ -2779,28 +2780,28 @@ curve25519_sha256(LIBSSH2_SESSION *session, unsigned char *data, if(session->local.comp && session->local.comp->init) { if(session->local.comp->init(session, 1, - &session->local.comp_abstract)) { + &session->local.comp_abstract)) { ret = LIBSSH2_ERROR_KEX_FAILURE; goto clean_exit; } } - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Client to Server compression initialized"); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Client to Server compression initialized")); if(session->remote.comp && session->remote.comp->dtor) { session->remote.comp->dtor(session, 0, - &session->remote.comp_abstract); + &session->remote.comp_abstract); } if(session->remote.comp && session->remote.comp->init) { if(session->remote.comp->init(session, 0, - &session->remote.comp_abstract)) { + &session->remote.comp_abstract)) { ret = LIBSSH2_ERROR_KEX_FAILURE; goto clean_exit; } } - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Server to Client compression initialized"); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Server to Client compression initialized")); } clean_exit: @@ -2822,7 +2823,6 @@ clean_exit: * Elliptic Curve X25519 Key Exchange with SHA256 hash * */ - static int kex_method_curve25519_key_exchange (LIBSSH2_SESSION * session, key_exchange_state_low_t * key_state) @@ -2840,10 +2840,10 @@ kex_method_curve25519_key_exchange unsigned char *s = NULL; rc = strcmp(session->kex->name, "curve25519-sha256@libssh.org"); - if(rc != 0) + if(rc) rc = strcmp(session->kex->name, "curve25519-sha256"); - if(rc != 0) { + if(rc) { ret = _libssh2_error(session, -1, "Unknown KEX curve25519 curve type"); goto clean_exit; @@ -2853,7 +2853,7 @@ kex_method_curve25519_key_exchange &key_state->curve25519_public_key, &key_state->curve25519_private_key); - if(rc != 0) { + if(rc) { ret = _libssh2_error(session, rc, "Unable to create private key"); goto clean_exit; @@ -2865,8 +2865,8 @@ kex_method_curve25519_key_exchange LIBSSH2_ED25519_KEY_LEN); key_state->request_len = LIBSSH2_ED25519_KEY_LEN + 5; - _libssh2_debug(session, LIBSSH2_TRACE_KEX, - "Initiating curve25519 SHA2"); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Initiating curve25519 SHA2")); key_state->state = libssh2_NB_state_sent; } @@ -2938,7 +2938,7 @@ clean_exit: } -#endif /*LIBSSH2_ED25519*/ +#endif /* LIBSSH2_ED25519 */ #define LIBSSH2_KEX_METHOD_FLAG_REQ_ENC_HOSTKEY 0x0001 @@ -3026,6 +3026,17 @@ kex_method_ssh_curve25519_sha256 = { }; #endif +/* this kex method signals that client can receive extensions + * as described in https://datatracker.ietf.org/doc/html/rfc8308 +*/ + +static const LIBSSH2_KEX_METHOD +kex_method_extension_negotiation = { + "ext-info-c", + NULL, + 0, +}; + static const LIBSSH2_KEX_METHOD *libssh2_kex_methods[] = { #if LIBSSH2_ED25519 &kex_method_ssh_curve25519_sha256, @@ -3043,7 +3054,8 @@ static const LIBSSH2_KEX_METHOD *libssh2_kex_methods[] = { &kex_method_diffie_helman_group14_sha1, &kex_method_diffie_helman_group1_sha1, &kex_method_diffie_helman_group_exchange_sha1, - NULL + &kex_method_extension_negotiation, + NULL }; typedef struct _LIBSSH2_COMMON_METHOD @@ -3052,6 +3064,7 @@ typedef struct _LIBSSH2_COMMON_METHOD } LIBSSH2_COMMON_METHOD; /* kex_method_strlen + * * Calculate the length of a particular method list's resulting string * Includes SUM(strlen() of each individual method plus 1 (for coma)) - 1 * (because the last coma isn't used) @@ -3079,8 +3092,8 @@ kex_method_strlen(LIBSSH2_COMMON_METHOD ** method) /* kex_method_list * Generate formatted preference list in buf */ -static size_t -kex_method_list(unsigned char *buf, size_t list_strlen, +static uint32_t +kex_method_list(unsigned char *buf, uint32_t list_strlen, LIBSSH2_COMMON_METHOD ** method) { _libssh2_htonu32(buf, list_strlen); @@ -3091,7 +3104,7 @@ kex_method_list(unsigned char *buf, size_t list_strlen, } while(*method && (*method)->name) { - int mlen = strlen((*method)->name); + uint32_t mlen = (uint32_t)strlen((*method)->name); memcpy(buf, (*method)->name, mlen); buf += mlen; *(buf++) = ','; @@ -3104,20 +3117,22 @@ kex_method_list(unsigned char *buf, size_t list_strlen, #define LIBSSH2_METHOD_PREFS_LEN(prefvar, defaultvar) \ - ((prefvar) ? strlen(prefvar) : \ - kex_method_strlen((LIBSSH2_COMMON_METHOD**)(defaultvar))) + (uint32_t)((prefvar) ? strlen(prefvar) : \ + kex_method_strlen((LIBSSH2_COMMON_METHOD**)(defaultvar))) -#define LIBSSH2_METHOD_PREFS_STR(buf, prefvarlen, prefvar, defaultvar) \ - if(prefvar) { \ - _libssh2_htonu32((buf), (prefvarlen)); \ - buf += 4; \ - memcpy((buf), (prefvar), (prefvarlen)); \ - buf += (prefvarlen); \ - } \ - else { \ - buf += kex_method_list((buf), (prefvarlen), \ - (LIBSSH2_COMMON_METHOD**)(defaultvar)); \ - } +#define LIBSSH2_METHOD_PREFS_STR(buf, prefvarlen, prefvar, defaultvar) \ + do { \ + if(prefvar) { \ + _libssh2_htonu32((buf), (prefvarlen)); \ + buf += 4; \ + memcpy((buf), (prefvar), (prefvarlen)); \ + buf += (prefvarlen); \ + } \ + else { \ + buf += kex_method_list((buf), (prefvarlen), \ + (LIBSSH2_COMMON_METHOD**)(defaultvar)); \ + } \ + } while(0) /* kexinit * Send SSH_MSG_KEXINIT packet @@ -3127,15 +3142,16 @@ static int kexinit(LIBSSH2_SESSION * session) /* 62 = packet_type(1) + cookie(16) + first_packet_follows(1) + reserved(4) + length longs(40) */ size_t data_len = 62; - size_t kex_len, hostkey_len = 0; - size_t crypt_cs_len, crypt_sc_len; - size_t comp_cs_len, comp_sc_len; - size_t mac_cs_len, mac_sc_len; - size_t lang_cs_len, lang_sc_len; unsigned char *data, *s; int rc; if(session->kexinit_state == libssh2_NB_state_idle) { + uint32_t kex_len, hostkey_len; + uint32_t crypt_cs_len, crypt_sc_len; + uint32_t comp_cs_len, comp_sc_len; + uint32_t mac_cs_len, mac_sc_len; + uint32_t lang_cs_len, lang_sc_len; + kex_len = LIBSSH2_METHOD_PREFS_LEN(session->kex_prefs, libssh2_kex_methods); hostkey_len = @@ -3165,8 +3181,8 @@ static int kexinit(LIBSSH2_SESSION * session) LIBSSH2_METHOD_PREFS_LEN(session->remote.lang_prefs, NULL); data_len += kex_len + hostkey_len + crypt_cs_len + crypt_sc_len + - comp_cs_len + comp_sc_len + mac_cs_len + mac_sc_len + - lang_cs_len + lang_sc_len; + comp_cs_len + comp_sc_len + mac_cs_len + mac_sc_len + + lang_cs_len + lang_sc_len; s = data = LIBSSH2_ALLOC(session, data_len); if(!data) { @@ -3222,25 +3238,35 @@ static int kexinit(LIBSSH2_SESSION * session) /* Funnily enough, they'll all "appear" to be '\0' terminated */ unsigned char *p = data + 21; /* type(1) + cookie(16) + len(4) */ - _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Sent KEX: %s", p); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Sent KEX: %s", p)); p += kex_len + 4; - _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Sent HOSTKEY: %s", p); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Sent HOSTKEY: %s", p)); p += hostkey_len + 4; - _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Sent CRYPT_CS: %s", p); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Sent CRYPT_CS: %s", p)); p += crypt_cs_len + 4; - _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Sent CRYPT_SC: %s", p); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Sent CRYPT_SC: %s", p)); p += crypt_sc_len + 4; - _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Sent MAC_CS: %s", p); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Sent MAC_CS: %s", p)); p += mac_cs_len + 4; - _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Sent MAC_SC: %s", p); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Sent MAC_SC: %s", p)); p += mac_sc_len + 4; - _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Sent COMP_CS: %s", p); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Sent COMP_CS: %s", p)); p += comp_cs_len + 4; - _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Sent COMP_SC: %s", p); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Sent COMP_SC: %s", p)); p += comp_sc_len + 4; - _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Sent LANG_CS: %s", p); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Sent LANG_CS: %s", p)); p += lang_cs_len + 4; - _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Sent LANG_SC: %s", p); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Sent LANG_SC: %s", p)); p += lang_sc_len + 4; } #endif /* LIBSSH2DEBUG */ @@ -3283,17 +3309,17 @@ static int kexinit(LIBSSH2_SESSION * session) /* kex_agree_instr * Kex specific variant of strstr() - * Needle must be precede by BOL or ',', and followed by ',' or EOL + * Needle must be preceded by BOL or ',', and followed by ',' or EOL */ static unsigned char * -kex_agree_instr(unsigned char *haystack, unsigned long haystack_len, - const unsigned char *needle, unsigned long needle_len) +kex_agree_instr(unsigned char *haystack, size_t haystack_len, + const unsigned char *needle, size_t needle_len) { unsigned char *s; unsigned char *end_haystack; - unsigned long left; + size_t left; - if(haystack == NULL || needle == NULL) { + if(!haystack || !needle) { return NULL; } @@ -3314,7 +3340,8 @@ kex_agree_instr(unsigned char *haystack, unsigned long haystack_len, /* Search until we run out of comas or we run out of haystack, whichever comes first */ - while((s = (unsigned char *) memchr((char *) s, ',', left))) { + /* !checksrc! disable EQUALSNULL 1 */ + while((s = (unsigned char *) memchr((char *) s, ',', left)) != NULL) { /* Advance buffer past coma if we can */ left = end_haystack - s; if((left >= 1) && (left <= haystack_len) && (left > needle_len)) { @@ -3359,8 +3386,8 @@ kex_get_method_by_name(const char *name, size_t name_len, * Agree on a Hostkey which works with this kex */ static int kex_agree_hostkey(LIBSSH2_SESSION * session, - unsigned long kex_flags, - unsigned char *hostkey, unsigned long hostkey_len) + size_t kex_flags, + unsigned char *hostkey, size_t hostkey_len) { const LIBSSH2_HOSTKEY_METHOD **hostkeyp = libssh2_hostkey_methods(); unsigned char *s; @@ -3436,8 +3463,8 @@ static int kex_agree_hostkey(LIBSSH2_SESSION * session, * Agree on a Key Exchange method and a hostkey encoding type */ static int kex_agree_kex_hostkey(LIBSSH2_SESSION * session, unsigned char *kex, - unsigned long kex_len, unsigned char *hostkey, - unsigned long hostkey_len) + size_t kex_len, unsigned char *hostkey, + size_t hostkey_len) { const LIBSSH2_KEX_METHOD **kexp = libssh2_kex_methods; unsigned char *s; @@ -3464,7 +3491,7 @@ static int kex_agree_kex_hostkey(LIBSSH2_SESSION * session, unsigned char *kex, * Can we agree on a hostkey that works with this kex? */ if(kex_agree_hostkey(session, method->flags, hostkey, - hostkey_len) == 0) { + hostkey_len) == 0) { session->kex = method; if(session->burn_optimistic_kexinit && (kex == q)) { /* Server sent an optimistic packet, and client agrees @@ -3490,7 +3517,7 @@ static int kex_agree_kex_hostkey(LIBSSH2_SESSION * session, unsigned char *kex, * Can we agree on a hostkey that works with this kex? */ if(kex_agree_hostkey(session, (*kexp)->flags, hostkey, - hostkey_len) == 0) { + hostkey_len) == 0) { session->kex = *kexp; if(session->burn_optimistic_kexinit && (kex == s)) { /* Server sent an optimistic packet, and client agrees @@ -3514,12 +3541,12 @@ static int kex_agree_kex_hostkey(LIBSSH2_SESSION * session, unsigned char *kex, static int kex_agree_crypt(LIBSSH2_SESSION * session, libssh2_endpoint_data *endpoint, unsigned char *crypt, - unsigned long crypt_len) + size_t crypt_len) { const LIBSSH2_CRYPT_METHOD **cryptp = libssh2_crypt_methods(); unsigned char *s; - (void) session; + (void)session; if(endpoint->crypt_prefs) { s = (unsigned char *) endpoint->crypt_prefs; @@ -3570,11 +3597,20 @@ static int kex_agree_crypt(LIBSSH2_SESSION * session, */ static int kex_agree_mac(LIBSSH2_SESSION * session, libssh2_endpoint_data * endpoint, unsigned char *mac, - unsigned long mac_len) + size_t mac_len) { const LIBSSH2_MAC_METHOD **macp = _libssh2_mac_methods(); + const LIBSSH2_MAC_METHOD *override; unsigned char *s; - (void) session; + (void)session; + + override = _libssh2_mac_override(endpoint->crypt); + if(override) { + /* This crypto method has its own hmac method built-in, so a separate + * negotiation (and use) of a separate hmac method is unnecessary */ + endpoint->mac = override; + return 0; + } if(endpoint->mac_prefs) { s = (unsigned char *) endpoint->mac_prefs; @@ -3623,11 +3659,11 @@ static int kex_agree_mac(LIBSSH2_SESSION * session, */ static int kex_agree_comp(LIBSSH2_SESSION *session, libssh2_endpoint_data *endpoint, unsigned char *comp, - unsigned long comp_len) + size_t comp_len) { const LIBSSH2_COMP_METHOD **compp = _libssh2_comp_methods(session); unsigned char *s; - (void) session; + (void)session; if(endpoint->comp_prefs) { s = (unsigned char *) endpoint->comp_prefs; @@ -3679,7 +3715,7 @@ static int kex_agree_comp(LIBSSH2_SESSION *session, * Decide which specific method to use of the methods offered by each party */ static int kex_agree_methods(LIBSSH2_SESSION * session, unsigned char *data, - unsigned data_len) + size_t data_len) { unsigned char *kex, *hostkey, *crypt_cs, *crypt_sc, *comp_cs, *comp_sc, *mac_cs, *mac_sc; @@ -3733,45 +3769,54 @@ static int kex_agree_methods(LIBSSH2_SESSION * session, unsigned char *data, } if(kex_agree_crypt(session, &session->local, crypt_cs, crypt_cs_len) - || kex_agree_crypt(session, &session->remote, crypt_sc, - crypt_sc_len)) { + || kex_agree_crypt(session, &session->remote, crypt_sc, crypt_sc_len)) { return -1; } - if(kex_agree_mac(session, &session->local, mac_cs, mac_cs_len) || - kex_agree_mac(session, &session->remote, mac_sc, mac_sc_len)) { + /* This must happen after kex_agree_crypt since some MACs depend on the + negotiated crypto method */ + if(kex_agree_mac(session, &session->local, mac_cs, mac_cs_len) + || kex_agree_mac(session, &session->remote, mac_sc, mac_sc_len)) { return -1; } - if(kex_agree_comp(session, &session->local, comp_cs, comp_cs_len) || - kex_agree_comp(session, &session->remote, comp_sc, comp_sc_len)) { + if(kex_agree_comp(session, &session->local, comp_cs, comp_cs_len) + || kex_agree_comp(session, &session->remote, comp_sc, comp_sc_len)) { return -1; } #if 0 if(libssh2_kex_agree_lang(session, &session->local, lang_cs, lang_cs_len) - || libssh2_kex_agree_lang(session, &session->remote, lang_sc, - lang_sc_len)) { + || libssh2_kex_agree_lang(session, &session->remote, lang_sc, + lang_sc_len)) { return -1; } #endif - _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Agreed on KEX method: %s", - session->kex->name); - _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Agreed on HOSTKEY method: %s", - session->hostkey->name); - _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Agreed on CRYPT_CS method: %s", - session->local.crypt->name); - _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Agreed on CRYPT_SC method: %s", - session->remote.crypt->name); - _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Agreed on MAC_CS method: %s", - session->local.mac->name); - _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Agreed on MAC_SC method: %s", - session->remote.mac->name); - _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Agreed on COMP_CS method: %s", - session->local.comp->name); - _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Agreed on COMP_SC method: %s", - session->remote.comp->name); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Agreed on KEX method: %s", + session->kex->name)); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Agreed on HOSTKEY method: %s", + session->hostkey->name)); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Agreed on CRYPT_CS method: %s", + session->local.crypt->name)); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Agreed on CRYPT_SC method: %s", + session->remote.crypt->name)); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Agreed on MAC_CS method: %s", + session->local.mac->name)); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Agreed on MAC_SC method: %s", + session->remote.mac->name)); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Agreed on COMP_CS method: %s", + session->local.comp->name)); + _libssh2_debug((session, LIBSSH2_TRACE_KEX, + "Agreed on COMP_SC method: %s", + session->remote.comp->name)); return 0; } @@ -3868,7 +3913,7 @@ _libssh2_kex_exchange(LIBSSH2_SESSION * session, int reexchange, session->remote.kexinit_len = key_state->data_len; if(kex_agree_methods(session, key_state->data, - key_state->data_len)) + key_state->data_len)) rc = LIBSSH2_ERROR_KEX_FAILURE; key_state->state = libssh2_NB_state_sent2; @@ -3922,50 +3967,48 @@ libssh2_session_method_pref(LIBSSH2_SESSION * session, int method_type, const char *prefs) { char **prefvar, *s, *newprefs; - int prefs_len = strlen(prefs); + size_t prefs_len = strlen(prefs); const LIBSSH2_COMMON_METHOD **mlist; switch(method_type) { case LIBSSH2_METHOD_KEX: prefvar = &session->kex_prefs; - mlist = (const LIBSSH2_COMMON_METHOD **) libssh2_kex_methods; + mlist = (const LIBSSH2_COMMON_METHOD **)libssh2_kex_methods; break; case LIBSSH2_METHOD_HOSTKEY: prefvar = &session->hostkey_prefs; - mlist = (const LIBSSH2_COMMON_METHOD **) libssh2_hostkey_methods(); + mlist = (const LIBSSH2_COMMON_METHOD **)libssh2_hostkey_methods(); break; case LIBSSH2_METHOD_CRYPT_CS: prefvar = &session->local.crypt_prefs; - mlist = (const LIBSSH2_COMMON_METHOD **) libssh2_crypt_methods(); + mlist = (const LIBSSH2_COMMON_METHOD **)libssh2_crypt_methods(); break; case LIBSSH2_METHOD_CRYPT_SC: prefvar = &session->remote.crypt_prefs; - mlist = (const LIBSSH2_COMMON_METHOD **) libssh2_crypt_methods(); + mlist = (const LIBSSH2_COMMON_METHOD **)libssh2_crypt_methods(); break; case LIBSSH2_METHOD_MAC_CS: prefvar = &session->local.mac_prefs; - mlist = (const LIBSSH2_COMMON_METHOD **) _libssh2_mac_methods(); + mlist = (const LIBSSH2_COMMON_METHOD **)_libssh2_mac_methods(); break; case LIBSSH2_METHOD_MAC_SC: prefvar = &session->remote.mac_prefs; - mlist = (const LIBSSH2_COMMON_METHOD **) _libssh2_mac_methods(); + mlist = (const LIBSSH2_COMMON_METHOD **)_libssh2_mac_methods(); break; case LIBSSH2_METHOD_COMP_CS: prefvar = &session->local.comp_prefs; - mlist = (const LIBSSH2_COMMON_METHOD **) - _libssh2_comp_methods(session); + mlist = (const LIBSSH2_COMMON_METHOD **)_libssh2_comp_methods(session); break; case LIBSSH2_METHOD_COMP_SC: prefvar = &session->remote.comp_prefs; - mlist = (const LIBSSH2_COMMON_METHOD **) - _libssh2_comp_methods(session); + mlist = (const LIBSSH2_COMMON_METHOD **)_libssh2_comp_methods(session); break; case LIBSSH2_METHOD_LANG_CS: @@ -3978,6 +4021,11 @@ libssh2_session_method_pref(LIBSSH2_SESSION * session, int method_type, mlist = NULL; break; + case LIBSSH2_METHOD_SIGN_ALGO: + prefvar = &session->sign_algo_prefs; + mlist = NULL; + break; + default: return _libssh2_error(session, LIBSSH2_ERROR_INVAL, "Invalid parameter specified for method_type"); @@ -3992,12 +4040,12 @@ libssh2_session_method_pref(LIBSSH2_SESSION * session, int method_type, while(s && *s && mlist) { char *p = strchr(s, ','); - int method_len = p ? (p - s) : (int) strlen(s); + size_t method_len = (p ? (size_t)(p - s) : strlen(s)); if(!kex_get_method_by_name(s, method_len, mlist)) { /* Strip out unsupported method */ if(p) { - memcpy(s, p + 1, strlen(s) - method_len); + memmove(s, p + 1, strlen(s) - method_len); } else { if(s > newprefs) { @@ -4029,7 +4077,7 @@ libssh2_session_method_pref(LIBSSH2_SESSION * session, int method_type, } /* - * libssh2_session_supported_algs() + * libssh2_session_supported_algs * returns a number of returned algorithms (a positive number) on success, * a negative number on failure */ @@ -4044,33 +4092,37 @@ LIBSSH2_API int libssh2_session_supported_algs(LIBSSH2_SESSION* session, const LIBSSH2_COMMON_METHOD **mlist; /* to prevent coredumps due to dereferencing of NULL */ - if(NULL == algs) + if(!algs) return _libssh2_error(session, LIBSSH2_ERROR_BAD_USE, "algs must not be NULL"); switch(method_type) { case LIBSSH2_METHOD_KEX: - mlist = (const LIBSSH2_COMMON_METHOD **) libssh2_kex_methods; + mlist = (const LIBSSH2_COMMON_METHOD **)libssh2_kex_methods; break; case LIBSSH2_METHOD_HOSTKEY: - mlist = (const LIBSSH2_COMMON_METHOD **) libssh2_hostkey_methods(); + mlist = (const LIBSSH2_COMMON_METHOD **)libssh2_hostkey_methods(); break; case LIBSSH2_METHOD_CRYPT_CS: case LIBSSH2_METHOD_CRYPT_SC: - mlist = (const LIBSSH2_COMMON_METHOD **) libssh2_crypt_methods(); + mlist = (const LIBSSH2_COMMON_METHOD **)libssh2_crypt_methods(); break; case LIBSSH2_METHOD_MAC_CS: case LIBSSH2_METHOD_MAC_SC: - mlist = (const LIBSSH2_COMMON_METHOD **) _libssh2_mac_methods(); + mlist = (const LIBSSH2_COMMON_METHOD **)_libssh2_mac_methods(); break; case LIBSSH2_METHOD_COMP_CS: case LIBSSH2_METHOD_COMP_SC: - mlist = (const LIBSSH2_COMMON_METHOD **) - _libssh2_comp_methods(session); + mlist = (const LIBSSH2_COMMON_METHOD **)_libssh2_comp_methods(session); + break; + + case LIBSSH2_METHOD_SIGN_ALGO: + /* no built-in supported list due to backend support */ + mlist = NULL; break; default: @@ -4079,7 +4131,7 @@ LIBSSH2_API int libssh2_session_supported_algs(LIBSSH2_SESSION* session, } /* switch */ /* weird situation */ - if(NULL == mlist) + if(!mlist) return _libssh2_error(session, LIBSSH2_ERROR_INVAL, "No algorithm found"); @@ -4096,28 +4148,28 @@ LIBSSH2_API int libssh2_session_supported_algs(LIBSSH2_SESSION* session, */ /* count the number of supported algorithms */ - for(i = 0, ialg = 0; NULL != mlist[i]; i++) { + for(i = 0, ialg = 0; mlist[i]; i++) { /* do not count fields with NULL name */ if(mlist[i]->name) ialg++; } /* weird situation, no algorithm found */ - if(0 == ialg) + if(ialg == 0) return _libssh2_error(session, LIBSSH2_ERROR_INVAL, "No algorithm found"); /* allocate buffer */ *algs = (const char **) LIBSSH2_ALLOC(session, ialg*sizeof(const char *)); - if(NULL == *algs) { + if(!*algs) { return _libssh2_error(session, LIBSSH2_ERROR_ALLOC, "Memory allocation failed"); } /* Past this point *algs must be deallocated in case of an error!! */ /* copy non-NULL pointers only */ - for(i = 0, j = 0; NULL != mlist[i] && j < ialg; i++) { - if(NULL == mlist[i]->name) { + for(i = 0, j = 0; mlist[i] && j < ialg; i++) { + if(!mlist[i]->name) { /* maybe a weird situation but if it occurs, do not include NULL pointers */ continue; diff --git a/libssh2/src/knownhost.c b/libssh2/src/knownhost.c index 77798fbfd..c22311809 100644 --- a/libssh2/src/knownhost.c +++ b/libssh2/src/knownhost.c @@ -37,7 +37,6 @@ */ #include "libssh2_priv.h" -#include "misc.h" struct known_host { struct list_node node; @@ -111,7 +110,7 @@ libssh2_knownhost_init(LIBSSH2_SESSION *session) #define KNOWNHOST_MAGIC 0xdeadcafe /* - * knownhost_to_external() + * knownhost_to_external * * Copies data from the internal to the external representation struct. * @@ -123,7 +122,7 @@ static struct libssh2_knownhost *knownhost_to_external(struct known_host *node) ext->magic = KNOWNHOST_MAGIC; ext->node = node; ext->name = ((node->typemask & LIBSSH2_KNOWNHOST_TYPE_MASK) == - LIBSSH2_KNOWNHOST_TYPE_PLAIN)? node->name:NULL; + LIBSSH2_KNOWNHOST_TYPE_PLAIN) ? node->name : NULL; ext->key = node->key; ext->typemask = node->typemask; @@ -142,7 +141,7 @@ knownhost_add(LIBSSH2_KNOWNHOSTS *hosts, size_t hostlen = strlen(host); int rc; char *ptr; - unsigned int ptrlen; + size_t ptrlen; /* make sure we have a key type set */ if(!(typemask & LIBSSH2_KNOWNHOST_KEY_MASK)) @@ -170,15 +169,15 @@ knownhost_add(LIBSSH2_KNOWNHOSTS *hosts, entry->name_len = hostlen; break; case LIBSSH2_KNOWNHOST_TYPE_SHA1: - rc = libssh2_base64_decode(hosts->session, &ptr, &ptrlen, - host, hostlen); + rc = _libssh2_base64_decode(hosts->session, &ptr, &ptrlen, + host, hostlen); if(rc) goto error; entry->name = ptr; entry->name_len = ptrlen; - rc = libssh2_base64_decode(hosts->session, &ptr, &ptrlen, - salt, strlen(salt)); + rc = _libssh2_base64_decode(hosts->session, &ptr, &ptrlen, + salt, strlen(salt)); if(rc) goto error; entry->salt = ptr; @@ -252,7 +251,7 @@ knownhost_add(LIBSSH2_KNOWNHOSTS *hosts, *store = knownhost_to_external(entry); return LIBSSH2_ERROR_NONE; - error: +error: free_host(hosts->session, entry); return rc; } @@ -727,7 +726,7 @@ static int hashed_hostline(LIBSSH2_KNOWNHOSTS *hosts, } /* - * hostline() + * hostline * * Parse a single known_host line pre-split into host and key. * @@ -822,7 +821,7 @@ static int hostline(LIBSSH2_KNOWNHOSTS *hosts, } /* Figure out host format */ - if((hostlen >2) && memcmp(host, "|1|", 3)) { + if((hostlen > 2) && memcmp(host, "|1|", 3)) { /* old style plain text: [name]([,][name])* for the sake of simplicity, we add them as separate hosts with the @@ -841,7 +840,7 @@ static int hostline(LIBSSH2_KNOWNHOSTS *hosts, } /* - * libssh2_knownhost_readline() + * libssh2_knownhost_readline * * Pass in a line of a file of 'type'. * @@ -983,7 +982,7 @@ libssh2_knownhost_readfile(LIBSSH2_KNOWNHOSTS *hosts, } /* - * knownhost_writeline() + * knownhost_writeline * * Ask libssh2 to convert a known host to an output line for storage. * @@ -1157,7 +1156,7 @@ knownhost_writeline(LIBSSH2_KNOWNHOSTS *hosts, } /* - * libssh2_knownhost_writeline() + * libssh2_knownhost_writeline * * Ask libssh2 to convert a known host to an output line for storage. * @@ -1183,7 +1182,7 @@ libssh2_knownhost_writeline(LIBSSH2_KNOWNHOSTS *hosts, } /* - * libssh2_knownhost_writefile() + * libssh2_knownhost_writefile * * Write hosts+key pairs to the given file. */ @@ -1234,7 +1233,7 @@ libssh2_knownhost_writefile(LIBSSH2_KNOWNHOSTS *hosts, /* - * libssh2_knownhost_get() + * libssh2_knownhost_get * * Traverse the internal list of known hosts. Pass NULL to 'prev' to get * the first one. diff --git a/libssh2/src/libgcrypt.c b/libssh2/src/libgcrypt.c index 0aff176a6..d1e177621 100644 --- a/libssh2/src/libgcrypt.c +++ b/libssh2/src/libgcrypt.c @@ -36,12 +36,9 @@ * OF SUCH DAMAGE. */ -#include "libssh2_priv.h" - -#ifdef LIBSSH2_LIBGCRYPT /* compile only if we build with libgcrypt */ - -#include +#ifdef LIBSSH2_CRYPTO_C /* Compile this via crypto.c */ +#if LIBSSH2_RSA int _libssh2_rsa_new(libssh2_rsa_ctx ** rsa, const unsigned char *edata, @@ -61,17 +58,17 @@ _libssh2_rsa_new(libssh2_rsa_ctx ** rsa, const unsigned char *coeffdata, unsigned long coefflen) { int rc; - (void) e1data; - (void) e1len; - (void) e2data; - (void) e2len; + + (void)e1data; + (void)e1len; + (void)e2data; + (void)e2len; if(ddata) { - rc = gcry_sexp_build - (rsa, NULL, - "(private-key(rsa(n%b)(e%b)(d%b)(q%b)(p%b)(u%b)))", - nlen, ndata, elen, edata, dlen, ddata, plen, pdata, - qlen, qdata, coefflen, coeffdata); + rc = gcry_sexp_build(rsa, NULL, + "(private-key(rsa(n%b)(e%b)(d%b)(q%b)(p%b)(u%b)))", + nlen, ndata, elen, edata, dlen, ddata, plen, pdata, + qlen, qdata, coefflen, coeffdata); } else { rc = gcry_sexp_build(rsa, NULL, "(public-key(rsa(n%b)(e%b)))", @@ -85,11 +82,12 @@ _libssh2_rsa_new(libssh2_rsa_ctx ** rsa, return 0; } +#if LIBSSH2_RSA_SHA1 int _libssh2_rsa_sha1_verify(libssh2_rsa_ctx * rsa, const unsigned char *sig, - unsigned long sig_len, - const unsigned char *m, unsigned long m_len) + size_t sig_len, + const unsigned char *m, size_t m_len) { unsigned char hash[SHA_DIGEST_LENGTH]; gcry_sexp_t s_sig, s_hash; @@ -100,12 +98,12 @@ _libssh2_rsa_sha1_verify(libssh2_rsa_ctx * rsa, rc = gcry_sexp_build(&s_hash, NULL, "(data (flags pkcs1) (hash sha1 %b))", SHA_DIGEST_LENGTH, hash); - if(rc != 0) { + if(rc) { return -1; } rc = gcry_sexp_build(&s_sig, NULL, "(sig-val(rsa(s %b)))", sig_len, sig); - if(rc != 0) { + if(rc) { gcry_sexp_release(s_hash); return -1; } @@ -116,7 +114,10 @@ _libssh2_rsa_sha1_verify(libssh2_rsa_ctx * rsa, return (rc == 0) ? 0 : -1; } +#endif +#endif +#if LIBSSH2_DSA int _libssh2_dsa_new(libssh2_dsa_ctx ** dsactx, const unsigned char *p, @@ -132,10 +133,9 @@ _libssh2_dsa_new(libssh2_dsa_ctx ** dsactx, int rc; if(x_len) { - rc = gcry_sexp_build - (dsactx, NULL, - "(private-key(dsa(p%b)(q%b)(g%b)(y%b)(x%b)))", - p_len, p, q_len, q, g_len, g, y_len, y, x_len, x); + rc = gcry_sexp_build(dsactx, NULL, + "(private-key(dsa(p%b)(q%b)(g%b)(y%b)(x%b)))", + p_len, p, q_len, q, g_len, g, y_len, y, x_len, x); } else { rc = gcry_sexp_build(dsactx, NULL, @@ -150,16 +150,23 @@ _libssh2_dsa_new(libssh2_dsa_ctx ** dsactx, return 0; } +#endif +#if LIBSSH2_RSA int _libssh2_rsa_new_private_frommemory(libssh2_rsa_ctx ** rsa, LIBSSH2_SESSION * session, const char *filedata, size_t filedata_len, unsigned const char *passphrase) { + (void)rsa; + (void)filedata; + (void)filedata_len; + (void)passphrase; + return _libssh2_error(session, LIBSSH2_ERROR_METHOD_NOT_SUPPORTED, - "Unable to extract private key from memory: " - "Method unimplemented in libgcrypt backend"); + "Unable to extract private key from memory: " + "Method unimplemented in libgcrypt backend"); } int @@ -169,7 +176,7 @@ _libssh2_rsa_new_private(libssh2_rsa_ctx ** rsa, { FILE *fp; unsigned char *data, *save_data; - unsigned int datalen; + size_t datalen; int ret; unsigned char *n, *e, *d, *p, *q, *e1, *e2, *coeff; unsigned int nlen, elen, dlen, plen, qlen, e1len, e2len, coefflen; @@ -195,83 +202,91 @@ _libssh2_rsa_new_private(libssh2_rsa_ctx ** rsa, ret = -1; goto fail; } -/* First read Version field (should be 0). */ + + /* First read Version field (should be 0). */ ret = _libssh2_pem_decode_integer(&data, &datalen, &n, &nlen); - if(ret != 0 || (nlen != 1 && *n != '\0')) { + if(ret || (nlen != 1 && *n != '\0')) { ret = -1; goto fail; } ret = _libssh2_pem_decode_integer(&data, &datalen, &n, &nlen); - if(ret != 0) { + if(ret) { ret = -1; goto fail; } ret = _libssh2_pem_decode_integer(&data, &datalen, &e, &elen); - if(ret != 0) { + if(ret) { ret = -1; goto fail; } ret = _libssh2_pem_decode_integer(&data, &datalen, &d, &dlen); - if(ret != 0) { + if(ret) { ret = -1; goto fail; } ret = _libssh2_pem_decode_integer(&data, &datalen, &p, &plen); - if(ret != 0) { + if(ret) { ret = -1; goto fail; } ret = _libssh2_pem_decode_integer(&data, &datalen, &q, &qlen); - if(ret != 0) { + if(ret) { ret = -1; goto fail; } ret = _libssh2_pem_decode_integer(&data, &datalen, &e1, &e1len); - if(ret != 0) { + if(ret) { ret = -1; goto fail; } ret = _libssh2_pem_decode_integer(&data, &datalen, &e2, &e2len); - if(ret != 0) { + if(ret) { ret = -1; goto fail; } ret = _libssh2_pem_decode_integer(&data, &datalen, &coeff, &coefflen); - if(ret != 0) { + if(ret) { ret = -1; goto fail; } if(_libssh2_rsa_new(rsa, e, elen, n, nlen, d, dlen, p, plen, - q, qlen, e1, e1len, e2, e2len, coeff, coefflen)) { + q, qlen, e1, e1len, e2, e2len, coeff, coefflen)) { ret = -1; goto fail; } ret = 0; - fail: +fail: LIBSSH2_FREE(session, save_data); return ret; } +#endif +#if LIBSSH2_DSA int _libssh2_dsa_new_private_frommemory(libssh2_dsa_ctx ** dsa, LIBSSH2_SESSION * session, const char *filedata, size_t filedata_len, unsigned const char *passphrase) { + (void)dsa; + (void)filedata; + (void)filedata_len; + (void)passphrase; + return _libssh2_error(session, LIBSSH2_ERROR_METHOD_NOT_SUPPORTED, - "Unable to extract private key from memory: " - "Method unimplemented in libgcrypt backend"); + "Unable to extract private key from memory: " + "Method unimplemented in libgcrypt backend"); } int @@ -281,7 +296,7 @@ _libssh2_dsa_new_private(libssh2_dsa_ctx ** dsa, { FILE *fp; unsigned char *data, *save_data; - unsigned int datalen; + size_t datalen; int ret; unsigned char *p, *q, *g, *y, *x; unsigned int plen, qlen, glen, ylen, xlen; @@ -308,44 +323,44 @@ _libssh2_dsa_new_private(libssh2_dsa_ctx ** dsa, goto fail; } -/* First read Version field (should be 0). */ + /* First read Version field (should be 0). */ ret = _libssh2_pem_decode_integer(&data, &datalen, &p, &plen); - if(ret != 0 || (plen != 1 && *p != '\0')) { + if(ret || (plen != 1 && *p != '\0')) { ret = -1; goto fail; } ret = _libssh2_pem_decode_integer(&data, &datalen, &p, &plen); - if(ret != 0) { + if(ret) { ret = -1; goto fail; } ret = _libssh2_pem_decode_integer(&data, &datalen, &q, &qlen); - if(ret != 0) { + if(ret) { ret = -1; goto fail; } ret = _libssh2_pem_decode_integer(&data, &datalen, &g, &glen); - if(ret != 0) { + if(ret) { ret = -1; goto fail; } ret = _libssh2_pem_decode_integer(&data, &datalen, &y, &ylen); - if(ret != 0) { + if(ret) { ret = -1; goto fail; } ret = _libssh2_pem_decode_integer(&data, &datalen, &x, &xlen); - if(ret != 0) { + if(ret) { ret = -1; goto fail; } - if(datalen != 0) { + if(datalen) { ret = -1; goto fail; } @@ -357,11 +372,14 @@ _libssh2_dsa_new_private(libssh2_dsa_ctx ** dsa, ret = 0; - fail: +fail: LIBSSH2_FREE(session, save_data); return ret; } +#endif +#if LIBSSH2_RSA +#if LIBSSH2_RSA_SHA1 int _libssh2_rsa_sha1_sign(LIBSSH2_SESSION * session, libssh2_rsa_ctx * rsactx, @@ -380,8 +398,8 @@ _libssh2_rsa_sha1_sign(LIBSSH2_SESSION * session, } if(gcry_sexp_build(&data, NULL, - "(data (flags pkcs1) (hash sha1 %b))", - hash_len, hash)) { + "(data (flags pkcs1) (hash sha1 %b))", + hash_len, hash)) { return -1; } @@ -389,7 +407,7 @@ _libssh2_rsa_sha1_sign(LIBSSH2_SESSION * session, gcry_sexp_release(data); - if(rc != 0) { + if(rc) { return -1; } @@ -421,7 +439,10 @@ _libssh2_rsa_sha1_sign(LIBSSH2_SESSION * session, return rc; } +#endif +#endif +#if LIBSSH2_DSA int _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx, const unsigned char *hash, @@ -450,13 +471,13 @@ _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx, gcry_sexp_release(data); - if(ret != 0) { + if(ret) { return -1; } memset(sig, 0, 40); -/* Extract R. */ + /* Extract R. */ data = gcry_sexp_find_token(sig_sexp, "r", 0); if(!data) @@ -478,7 +499,7 @@ _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx, gcry_sexp_release(data); -/* Extract S. */ + /* Extract S. */ data = gcry_sexp_find_token(sig_sexp, "s", 0); if(!data) @@ -499,10 +520,10 @@ _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx, memcpy(sig + 20 + (20 - size), tmp, size); goto out; - err: +err: ret = -1; - out: +out: if(sig_sexp) { gcry_sexp_release(sig_sexp); } @@ -515,7 +536,7 @@ _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx, int _libssh2_dsa_sha1_verify(libssh2_dsa_ctx * dsactx, const unsigned char *sig, - const unsigned char *m, unsigned long m_len) + const unsigned char *m, size_t m_len) { unsigned char hash[SHA_DIGEST_LENGTH + 1]; gcry_sexp_t s_sig, s_hash; @@ -525,12 +546,12 @@ _libssh2_dsa_sha1_verify(libssh2_dsa_ctx * dsactx, hash[0] = 0; if(gcry_sexp_build(&s_hash, NULL, "(data(flags raw)(value %b))", - SHA_DIGEST_LENGTH + 1, hash)) { + SHA_DIGEST_LENGTH + 1, hash)) { return -1; } if(gcry_sexp_build(&s_sig, NULL, "(sig-val(dsa(r %b)(s %b)))", - 20, sig, 20, sig + 20)) { + 20, sig, 20, sig + 20)) { gcry_sexp_release(s_hash); return -1; } @@ -541,6 +562,7 @@ _libssh2_dsa_sha1_verify(libssh2_dsa_ctx * dsactx, return (rc == 0) ? 0 : -1; } +#endif int _libssh2_cipher_init(_libssh2_cipher_ctx * h, @@ -550,9 +572,9 @@ _libssh2_cipher_init(_libssh2_cipher_ctx * h, int ret; int cipher = _libssh2_gcry_cipher(algo); int mode = _libssh2_gcry_mode(algo); - int keylen = gcry_cipher_get_algo_keylen(cipher); + size_t keylen = gcry_cipher_get_algo_keylen(cipher); - (void) encrypt; + (void)encrypt; ret = gcry_cipher_open(h, cipher, mode, 0); if(ret) { @@ -566,7 +588,7 @@ _libssh2_cipher_init(_libssh2_cipher_ctx * h, } if(mode != GCRY_CIPHER_MODE_STREAM) { - int blklen = gcry_cipher_get_algo_blklen(cipher); + size_t blklen = gcry_cipher_get_algo_blklen(cipher); if(mode == GCRY_CIPHER_MODE_CTR) ret = gcry_cipher_setctr(*h, iv, blklen); else @@ -583,11 +605,14 @@ _libssh2_cipher_init(_libssh2_cipher_ctx * h, int _libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx, _libssh2_cipher_type(algo), - int encrypt, unsigned char *block, size_t blklen) + int encrypt, unsigned char *block, size_t blklen, + int firstlast) { - int cipher = _libssh2_gcry_cipher(algo); int ret; + (void)algo; + (void)firstlast; + if(encrypt) { ret = gcry_cipher_encrypt(*ctx, block, blklen, block, blklen); } @@ -607,6 +632,14 @@ _libssh2_pub_priv_keyfilememory(LIBSSH2_SESSION *session, size_t privatekeydata_len, const char *passphrase) { + (void)method; + (void)method_len; + (void)pubkeydata; + (void)pubkeydata_len; + (void)privatekeydata; + (void)privatekeydata_len; + (void)passphrase; + return _libssh2_error(session, LIBSSH2_ERROR_METHOD_NOT_SUPPORTED, "Unable to extract public key from private " "key in memory: " @@ -622,9 +655,49 @@ _libssh2_pub_priv_keyfile(LIBSSH2_SESSION *session, const char *privatekey, const char *passphrase) { + (void)method; + (void)method_len; + (void)pubkeydata; + (void)pubkeydata_len; + (void)privatekey; + (void)passphrase; + return _libssh2_error(session, LIBSSH2_ERROR_FILE, - "Unable to extract public key from private key file: " - "Method unimplemented in libgcrypt backend"); + "Unable to extract public key from private key file: " + "Method unimplemented in libgcrypt backend"); +} + +int +_libssh2_sk_pub_keyfilememory(LIBSSH2_SESSION *session, + unsigned char **method, + size_t *method_len, + unsigned char **pubkeydata, + size_t *pubkeydata_len, + int *algorithm, + unsigned char *flags, + const char **application, + const unsigned char **key_handle, + size_t *handle_len, + const char *privatekeydata, + size_t privatekeydata_len, + const char *passphrase) +{ + (void)method; + (void)method_len; + (void)pubkeydata; + (void)pubkeydata_len; + (void)algorithm; + (void)flags; + (void)application; + (void)key_handle; + (void)handle_len; + (void)privatekeydata; + (void)privatekeydata_len; + (void)passphrase; + + return _libssh2_error(session, LIBSSH2_ERROR_FILE, + "Unable to extract public SK key from private key file: " + "Method unimplemented in libgcrypt backend"); } void _libssh2_init_aes_ctr(void) @@ -664,4 +737,22 @@ _libssh2_dh_dtor(_libssh2_dh_ctx *dhctx) *dhctx = NULL; } -#endif /* LIBSSH2_LIBGCRYPT */ +/* _libssh2_supported_key_sign_algorithms + * + * Return supported key hash algo upgrades, see crypto.h + * + */ + +const char * +_libssh2_supported_key_sign_algorithms(LIBSSH2_SESSION *session, + unsigned char *key_method, + size_t key_method_len) +{ + (void)session; + (void)key_method; + (void)key_method_len; + + return NULL; +} + +#endif /* LIBSSH2_CRYPTO_C */ diff --git a/libssh2/src/libgcrypt.h b/libssh2/src/libgcrypt.h index 298c65ed0..761f446c1 100644 --- a/libssh2/src/libgcrypt.h +++ b/libssh2/src/libgcrypt.h @@ -39,6 +39,8 @@ * OF SUCH DAMAGE. */ +#define LIBSSH2_CRYPTO_ENGINE libssh2_gcrypt + #include #define LIBSSH2_MD5 1 @@ -47,14 +49,17 @@ #define LIBSSH2_HMAC_SHA256 1 #define LIBSSH2_HMAC_SHA512 1 -#define LIBSSH2_AES 1 +#define LIBSSH2_AES_CBC 1 #define LIBSSH2_AES_CTR 1 +#define LIBSSH2_AES_GCM 0 #define LIBSSH2_BLOWFISH 1 #define LIBSSH2_RC4 1 #define LIBSSH2_CAST 1 #define LIBSSH2_3DES 1 #define LIBSSH2_RSA 1 +#define LIBSSH2_RSA_SHA1 1 +#define LIBSSH2_RSA_SHA2 0 #define LIBSSH2_DSA 1 #define LIBSSH2_ECDSA 0 #define LIBSSH2_ED25519 0 @@ -67,8 +72,8 @@ #define EC_MAX_POINT_LEN ((528 * 2 / 8) + 1) -#define _libssh2_random(buf, len) \ - (gcry_randomize ((buf), (len), GCRY_STRONG_RANDOM), 0) +#define _libssh2_random(buf, len) \ + (gcry_randomize((buf), (len), GCRY_STRONG_RANDOM), 0) #define libssh2_prepare_iovec(vec, len) /* Empty. */ @@ -76,94 +81,94 @@ /* returns 0 in case of failure */ #define libssh2_sha1_init(ctx) \ - (GPG_ERR_NO_ERROR == gcry_md_open(ctx, GCRY_MD_SHA1, 0)) + (GPG_ERR_NO_ERROR == gcry_md_open(ctx, GCRY_MD_SHA1, 0)) #define libssh2_sha1_update(ctx, data, len) \ - gcry_md_write(ctx, (unsigned char *) data, len) + gcry_md_write(ctx, (unsigned char *) data, len) #define libssh2_sha1_final(ctx, out) \ - memcpy(out, gcry_md_read(ctx, 0), SHA_DIGEST_LENGTH), gcry_md_close(ctx) + memcpy(out, gcry_md_read(ctx, 0), SHA_DIGEST_LENGTH), gcry_md_close(ctx) #define libssh2_sha1(message, len, out) \ - gcry_md_hash_buffer(GCRY_MD_SHA1, out, message, len) + gcry_md_hash_buffer(GCRY_MD_SHA1, out, message, len) #define libssh2_sha256_ctx gcry_md_hd_t #define libssh2_sha256_init(ctx) \ - (GPG_ERR_NO_ERROR == gcry_md_open(ctx, GCRY_MD_SHA256, 0)) + (GPG_ERR_NO_ERROR == gcry_md_open(ctx, GCRY_MD_SHA256, 0)) #define libssh2_sha256_update(ctx, data, len) \ - gcry_md_write(ctx, (unsigned char *) data, len) + gcry_md_write(ctx, (unsigned char *) data, len) #define libssh2_sha256_final(ctx, out) \ - memcpy(out, gcry_md_read(ctx, 0), SHA256_DIGEST_LENGTH), gcry_md_close(ctx) + memcpy(out, gcry_md_read(ctx, 0), SHA256_DIGEST_LENGTH), gcry_md_close(ctx) #define libssh2_sha256(message, len, out) \ - gcry_md_hash_buffer(GCRY_MD_SHA256, out, message, len) + gcry_md_hash_buffer(GCRY_MD_SHA256, out, message, len) #define libssh2_sha384_ctx gcry_md_hd_t #define libssh2_sha384_init(ctx) \ - (GPG_ERR_NO_ERROR == gcry_md_open(ctx, GCRY_MD_SHA384, 0)) + (GPG_ERR_NO_ERROR == gcry_md_open(ctx, GCRY_MD_SHA384, 0)) #define libssh2_sha384_update(ctx, data, len) \ - gcry_md_write(ctx, (unsigned char *) data, len) + gcry_md_write(ctx, (unsigned char *) data, len) #define libssh2_sha384_final(ctx, out) \ - memcpy(out, gcry_md_read(ctx, 0), SHA384_DIGEST_LENGTH), gcry_md_close(ctx) + memcpy(out, gcry_md_read(ctx, 0), SHA384_DIGEST_LENGTH), gcry_md_close(ctx) #define libssh2_sha384(message, len, out) \ - gcry_md_hash_buffer(GCRY_MD_SHA384, out, message, len) + gcry_md_hash_buffer(GCRY_MD_SHA384, out, message, len) #define libssh2_sha512_ctx gcry_md_hd_t #define libssh2_sha512_init(ctx) \ - (GPG_ERR_NO_ERROR == gcry_md_open(ctx, GCRY_MD_SHA512, 0)) + (GPG_ERR_NO_ERROR == gcry_md_open(ctx, GCRY_MD_SHA512, 0)) #define libssh2_sha512_update(ctx, data, len) \ - gcry_md_write(ctx, (unsigned char *) data, len) + gcry_md_write(ctx, (unsigned char *) data, len) #define libssh2_sha512_final(ctx, out) \ - memcpy(out, gcry_md_read(ctx, 0), SHA512_DIGEST_LENGTH), gcry_md_close(ctx) + memcpy(out, gcry_md_read(ctx, 0), SHA512_DIGEST_LENGTH), gcry_md_close(ctx) #define libssh2_sha512(message, len, out) \ - gcry_md_hash_buffer(GCRY_MD_SHA512, out, message, len) + gcry_md_hash_buffer(GCRY_MD_SHA512, out, message, len) #define libssh2_md5_ctx gcry_md_hd_t /* returns 0 in case of failure */ #define libssh2_md5_init(ctx) \ - (GPG_ERR_NO_ERROR == gcry_md_open(ctx, GCRY_MD_MD5, 0)) + (GPG_ERR_NO_ERROR == gcry_md_open(ctx, GCRY_MD_MD5, 0)) #define libssh2_md5_update(ctx, data, len) \ - gcry_md_write(ctx, (unsigned char *) data, len) + gcry_md_write(ctx, (unsigned char *) data, len) #define libssh2_md5_final(ctx, out) \ - memcpy(out, gcry_md_read(ctx, 0), MD5_DIGEST_LENGTH), gcry_md_close(ctx) + memcpy(out, gcry_md_read(ctx, 0), MD5_DIGEST_LENGTH), gcry_md_close(ctx) #define libssh2_md5(message, len, out) \ - gcry_md_hash_buffer(GCRY_MD_MD5, out, message, len) + gcry_md_hash_buffer(GCRY_MD_MD5, out, message, len) #define libssh2_hmac_ctx gcry_md_hd_t #define libssh2_hmac_ctx_init(ctx) #define libssh2_hmac_sha1_init(ctx, key, keylen) \ - gcry_md_open(ctx, GCRY_MD_SHA1, GCRY_MD_FLAG_HMAC), \ + gcry_md_open(ctx, GCRY_MD_SHA1, GCRY_MD_FLAG_HMAC), \ gcry_md_setkey(*ctx, key, keylen) #define libssh2_hmac_md5_init(ctx, key, keylen) \ - gcry_md_open(ctx, GCRY_MD_MD5, GCRY_MD_FLAG_HMAC), \ + gcry_md_open(ctx, GCRY_MD_MD5, GCRY_MD_FLAG_HMAC), \ gcry_md_setkey(*ctx, key, keylen) #define libssh2_hmac_ripemd160_init(ctx, key, keylen) \ - gcry_md_open(ctx, GCRY_MD_RMD160, GCRY_MD_FLAG_HMAC), \ + gcry_md_open(ctx, GCRY_MD_RMD160, GCRY_MD_FLAG_HMAC), \ gcry_md_setkey(*ctx, key, keylen) #define libssh2_hmac_sha256_init(ctx, key, keylen) \ - gcry_md_open(ctx, GCRY_MD_SHA256, GCRY_MD_FLAG_HMAC), \ + gcry_md_open(ctx, GCRY_MD_SHA256, GCRY_MD_FLAG_HMAC), \ gcry_md_setkey(*ctx, key, keylen) #define libssh2_hmac_sha512_init(ctx, key, keylen) \ - gcry_md_open(ctx, GCRY_MD_SHA512, GCRY_MD_FLAG_HMAC), \ + gcry_md_open(ctx, GCRY_MD_SHA512, GCRY_MD_FLAG_HMAC), \ gcry_md_setkey(*ctx, key, keylen) #define libssh2_hmac_update(ctx, data, datalen) \ - gcry_md_write(ctx, (unsigned char *) data, datalen) + gcry_md_write(ctx, (unsigned char *) data, datalen) #define libssh2_hmac_final(ctx, data) \ - memcpy(data, gcry_md_read(ctx, 0), \ - gcry_md_get_algo_dlen(gcry_md_get_algo(ctx))) -#define libssh2_hmac_cleanup(ctx) gcry_md_close (*ctx); + memcpy(data, gcry_md_read(ctx, 0), \ + gcry_md_get_algo_dlen(gcry_md_get_algo(ctx))) +#define libssh2_hmac_cleanup(ctx) gcry_md_close(*ctx) -#define libssh2_crypto_init() gcry_control (GCRYCTL_DISABLE_SECMEM) +#define libssh2_crypto_init() gcry_control(GCRYCTL_DISABLE_SECMEM) #define libssh2_crypto_exit() #define libssh2_rsa_ctx struct gcry_sexp -#define _libssh2_rsa_free(rsactx) gcry_sexp_release (rsactx) +#define _libssh2_rsa_free(rsactx) gcry_sexp_release(rsactx) #define libssh2_dsa_ctx struct gcry_sexp -#define _libssh2_dsa_free(dsactx) gcry_sexp_release (dsactx) +#define _libssh2_dsa_free(dsactx) gcry_sexp_release(dsactx) #if LIBSSH2_ECDSA #else @@ -178,25 +183,25 @@ #define _libssh2_gcry_mode(m) (m & 0xFF) #define _libssh2_cipher_aes256ctr \ - _libssh2_gcry_ciphermode(GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CTR) + _libssh2_gcry_ciphermode(GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CTR) #define _libssh2_cipher_aes192ctr \ - _libssh2_gcry_ciphermode(GCRY_CIPHER_AES192, GCRY_CIPHER_MODE_CTR) + _libssh2_gcry_ciphermode(GCRY_CIPHER_AES192, GCRY_CIPHER_MODE_CTR) #define _libssh2_cipher_aes128ctr \ - _libssh2_gcry_ciphermode(GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CTR) + _libssh2_gcry_ciphermode(GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CTR) #define _libssh2_cipher_aes256 \ - _libssh2_gcry_ciphermode(GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC) + _libssh2_gcry_ciphermode(GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC) #define _libssh2_cipher_aes192 \ - _libssh2_gcry_ciphermode(GCRY_CIPHER_AES192, GCRY_CIPHER_MODE_CBC) + _libssh2_gcry_ciphermode(GCRY_CIPHER_AES192, GCRY_CIPHER_MODE_CBC) #define _libssh2_cipher_aes128 \ - _libssh2_gcry_ciphermode(GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC) + _libssh2_gcry_ciphermode(GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC) #define _libssh2_cipher_blowfish \ - _libssh2_gcry_ciphermode(GCRY_CIPHER_BLOWFISH, GCRY_CIPHER_MODE_CBC) + _libssh2_gcry_ciphermode(GCRY_CIPHER_BLOWFISH, GCRY_CIPHER_MODE_CBC) #define _libssh2_cipher_arcfour \ - _libssh2_gcry_ciphermode(GCRY_CIPHER_ARCFOUR, GCRY_CIPHER_MODE_STREAM) + _libssh2_gcry_ciphermode(GCRY_CIPHER_ARCFOUR, GCRY_CIPHER_MODE_STREAM) #define _libssh2_cipher_cast5 \ - _libssh2_gcry_ciphermode(GCRY_CIPHER_CAST5, GCRY_CIPHER_MODE_CBC) + _libssh2_gcry_ciphermode(GCRY_CIPHER_CAST5, GCRY_CIPHER_MODE_CBC) #define _libssh2_cipher_3des \ - _libssh2_gcry_ciphermode(GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC) + _libssh2_gcry_ciphermode(GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC) #define _libssh2_cipher_dtor(ctx) gcry_cipher_close(*(ctx)) @@ -206,26 +211,35 @@ #define _libssh2_bn_ctx_new() 0 #define _libssh2_bn_ctx_free(bnctx) ((void)0) #define _libssh2_bn_init() gcry_mpi_new(0) -#define _libssh2_bn_init_from_bin() NULL /* because gcry_mpi_scan() creates a - new bignum */ +#define _libssh2_bn_init_from_bin() NULL /* because gcry_mpi_scan() creates a + new bignum */ #define _libssh2_bn_set_word(bn, val) gcry_mpi_set_ui(bn, val) -#define _libssh2_bn_from_bin(bn, len, val) \ +#define _libssh2_bn_from_bin(bn, len, val) \ gcry_mpi_scan(&((bn)), GCRYMPI_FMT_USG, val, len, NULL) -#define _libssh2_bn_to_bin(bn, val) \ +#define _libssh2_bn_to_bin(bn, val) \ gcry_mpi_print(GCRYMPI_FMT_USG, val, _libssh2_bn_bytes(bn), NULL, bn) -#define _libssh2_bn_bytes(bn) \ - (gcry_mpi_get_nbits (bn) / 8 + \ - ((gcry_mpi_get_nbits (bn) % 8 == 0) ? 0 : 1)) -#define _libssh2_bn_bits(bn) gcry_mpi_get_nbits (bn) +#define _libssh2_bn_bytes(bn) \ + (gcry_mpi_get_nbits(bn) / 8 + \ + ((gcry_mpi_get_nbits(bn) % 8 == 0) ? 0 : 1)) +#define _libssh2_bn_bits(bn) gcry_mpi_get_nbits(bn) #define _libssh2_bn_free(bn) gcry_mpi_release(bn) +/* Default generate and safe prime sizes for + diffie-hellman-group-exchange-sha1 */ +#define LIBSSH2_DH_GEX_MINGROUP 2048 +#define LIBSSH2_DH_GEX_OPTGROUP 4096 +#define LIBSSH2_DH_GEX_MAXGROUP 8192 + +#define LIBSSH2_DH_MAX_MODULUS_BITS 16384 + #define _libssh2_dh_ctx struct gcry_mpi * #define libssh2_dh_init(dhctx) _libssh2_dh_init(dhctx) #define libssh2_dh_key_pair(dhctx, public, g, p, group_order, bnctx) \ - _libssh2_dh_key_pair(dhctx, public, g, p, group_order) + _libssh2_dh_key_pair(dhctx, public, g, p, group_order) #define libssh2_dh_secret(dhctx, secret, f, p, bnctx) \ - _libssh2_dh_secret(dhctx, secret, f, p) + _libssh2_dh_secret(dhctx, secret, f, p) #define libssh2_dh_dtor(dhctx) _libssh2_dh_dtor(dhctx) +extern void _libssh2_init_aes_ctr(void); extern void _libssh2_dh_init(_libssh2_dh_ctx *dhctx); extern int _libssh2_dh_key_pair(_libssh2_dh_ctx *dhctx, _libssh2_bn *public, _libssh2_bn *g, _libssh2_bn *p, diff --git a/libssh2/src/libssh2.rc b/libssh2/src/libssh2.rc new file mode 100644 index 000000000..c154951d9 --- /dev/null +++ b/libssh2/src/libssh2.rc @@ -0,0 +1,45 @@ +/*************************************************************************** +* libssh2 Windows resource file * +***************************************************************************/ +#include +#include "libssh2.h" + +LANGUAGE 0, 0 + +#define RC_VERSION LIBSSH2_VERSION_MAJOR, LIBSSH2_VERSION_MINOR, LIBSSH2_VERSION_PATCH, 0 + +VS_VERSION_INFO VERSIONINFO + FILEVERSION RC_VERSION + PRODUCTVERSION RC_VERSION + FILEFLAGSMASK VS_FFI_FILEFLAGSMASK +#if defined(LIBSSH2DEBUG) || defined(_DEBUG) + FILEFLAGS VS_FF_DEBUG +#else + FILEFLAGS 0 +#endif + FILEOS VOS__WINDOWS32 + FILETYPE VFT_DLL + FILESUBTYPE 0 + +BEGIN + BLOCK "StringFileInfo" + BEGIN + BLOCK "040904b0" /* 0x0409: en-US, 1200/0x04b0: UTF-16LE */ + BEGIN + VALUE "CompanyName", "The libssh2 library, https://www.libssh2.org/\0" + VALUE "FileDescription", "libssh2 Shared Library\0" + VALUE "FileVersion", LIBSSH2_VERSION "\0" + VALUE "InternalName", "libssh2\0" + VALUE "OriginalFilename", "libssh2.dll\0" + VALUE "ProductName", "The libssh2 library\0" + VALUE "ProductVersion", LIBSSH2_VERSION "\0" + VALUE "LegalCopyright", "Copyright (C) " LIBSSH2_COPYRIGHT "\0" + VALUE "License", "https://www.libssh2.org/license.html\0" + END + END + + BLOCK "VarFileInfo" + BEGIN + VALUE "Translation", 0x0409, 0x04b0 /* 0x0409: en-US, 1200/0x04b0: UTF-16LE */ + END +END diff --git a/libssh2/src/libssh2_config.h.in b/libssh2/src/libssh2_config.h.in index 94adf4283..990c2cf95 100644 --- a/libssh2/src/libssh2_config.h.in +++ b/libssh2/src/libssh2_config.h.in @@ -15,21 +15,17 @@ /* Define to 1 if you have the header file. */ #undef HAVE_ARPA_INET_H -/* Define to 1 if you have the declaration of `SecureZeroMemory', and to 0 if - you don't. */ -#undef HAVE_DECL_SECUREZEROMEMORY - -/* disabled non-blocking sockets */ -#undef HAVE_DISABLED_NONBLOCKING - /* Define to 1 if you have the header file. */ #undef HAVE_DLFCN_H /* Define to 1 if you have the header file. */ #undef HAVE_ERRNO_H -/* Define to 1 if you have the `EVP_aes_128_ctr' function. */ -#undef HAVE_EVP_AES_128_CTR +/* Define to 1 if you have the `explicit_bzero' function. */ +#undef HAVE_EXPLICIT_BZERO + +/* Define to 1 if you have the `explicit_memset' function. */ +#undef HAVE_EXPLICIT_MEMSET /* Define to 1 if you have the header file. */ #undef HAVE_FCNTL_H @@ -43,18 +39,12 @@ /* Define to 1 if you have the header file. */ #undef HAVE_INTTYPES_H -/* use ioctlsocket() for non-blocking sockets */ -#undef HAVE_IOCTLSOCKET - /* use Ioctlsocket() for non-blocking sockets */ #undef HAVE_IOCTLSOCKET_CASE /* Define if you have the bcrypt library. */ #undef HAVE_LIBBCRYPT -/* Define if you have the crypt32 library. */ -#undef HAVE_LIBCRYPT32 - /* Define if you have the gcrypt library. */ #undef HAVE_LIBGCRYPT @@ -64,24 +54,18 @@ /* Define if you have the ssl library. */ #undef HAVE_LIBSSL +/* Define if you have the wolfssl library. */ +#undef HAVE_LIBWOLFSSL + /* Define if you have the z library. */ #undef HAVE_LIBZ -/* Define to 1 if the compiler supports the 'long long' data type. */ -#undef HAVE_LONGLONG - /* Define to 1 if you have the `memset_s' function. */ #undef HAVE_MEMSET_S /* Define to 1 if you have the header file. */ #undef HAVE_NETINET_IN_H -/* Define to 1 if you have the header file. */ -#undef HAVE_NTDEF_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_NTSTATUS_H - /* use O_NONBLOCK for non-blocking sockets */ #undef HAVE_O_NONBLOCK @@ -91,6 +75,9 @@ /* Define to 1 if you have the select function. */ #undef HAVE_SELECT +/* Define to 1 if you have the `snprintf' function. */ +#undef HAVE_SNPRINTF + /* use SO_NONBLOCK for non-blocking sockets */ #undef HAVE_SO_NONBLOCK @@ -115,6 +102,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_SYS_IOCTL_H +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_PARAM_H + /* Define to 1 if you have the header file. */ #undef HAVE_SYS_SELECT_H @@ -142,42 +132,30 @@ /* Define to 1 if you have the header file. */ #undef HAVE_WINDOWS_H -/* Define to 1 if you have the header file. */ -#undef HAVE_WINSOCK2_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_WS2TCPIP_H - /* to make a symbol visible */ #undef LIBSSH2_API -/* Enable clearing of memory before being freed */ -#undef LIBSSH2_CLEAR_MEMORY - -/* Enable "none" cipher -- NOT RECOMMENDED */ -#undef LIBSSH2_CRYPT_NONE - -/* Enable newer diffie-hellman-group-exchange-sha1 syntax */ -#undef LIBSSH2_DH_GEX_NEW - /* Compile in zlib support */ #undef LIBSSH2_HAVE_ZLIB /* Use libgcrypt */ #undef LIBSSH2_LIBGCRYPT -/* Enable "none" MAC -- NOT RECOMMENDED */ -#undef LIBSSH2_MAC_NONE - /* Use mbedtls */ #undef LIBSSH2_MBEDTLS +/* Disable clearing of memory before being freed */ +#undef LIBSSH2_NO_CLEAR_MEMORY + /* Use openssl */ #undef LIBSSH2_OPENSSL /* Use wincng */ #undef LIBSSH2_WINCNG +/* Use wolfssl */ +#undef LIBSSH2_WOLFSSL + /* Define to the sub-directory where libtool stores uninstalled libraries. */ #undef LT_OBJDIR diff --git a/libssh2/src/libssh2_config_cmake.h.in b/libssh2/src/libssh2_config_cmake.h.in index 62723ede8..5de5c58c3 100644 --- a/libssh2/src/libssh2_config_cmake.h.in +++ b/libssh2/src/libssh2_config_cmake.h.in @@ -38,68 +38,37 @@ /* Headers */ #cmakedefine HAVE_UNISTD_H #cmakedefine HAVE_INTTYPES_H -#cmakedefine HAVE_STDLIB_H #cmakedefine HAVE_SYS_SELECT_H #cmakedefine HAVE_SYS_UIO_H #cmakedefine HAVE_SYS_SOCKET_H #cmakedefine HAVE_SYS_IOCTL_H #cmakedefine HAVE_SYS_TIME_H #cmakedefine HAVE_SYS_UN_H -#cmakedefine HAVE_WINDOWS_H -#cmakedefine HAVE_WS2TCPIP_H -#cmakedefine HAVE_WINSOCK2_H -#cmakedefine HAVE_NTDEF_H -#cmakedefine HAVE_NTSTATUS_H -/* Libraries */ -#cmakedefine HAVE_LIBCRYPT32 - -/* Types */ -#cmakedefine HAVE_LONGLONG +/* for example and tests */ +#cmakedefine HAVE_SYS_PARAM_H +#cmakedefine HAVE_ARPA_INET_H +#cmakedefine HAVE_NETINET_IN_H /* Functions */ #cmakedefine HAVE_GETTIMEOFDAY -#cmakedefine HAVE_INET_ADDR -#cmakedefine HAVE_POLL -#cmakedefine HAVE_SELECT -#cmakedefine HAVE_SOCKET #cmakedefine HAVE_STRTOLL #cmakedefine HAVE_STRTOI64 #cmakedefine HAVE_SNPRINTF +#cmakedefine HAVE_EXPLICIT_BZERO +#cmakedefine HAVE_EXPLICIT_MEMSET +#cmakedefine HAVE_MEMSET_S -/* OpenSSL functions */ -#cmakedefine HAVE_EVP_AES_128_CTR +#cmakedefine HAVE_POLL +#cmakedefine HAVE_SELECT /* Socket non-blocking support */ #cmakedefine HAVE_O_NONBLOCK #cmakedefine HAVE_FIONBIO -#cmakedefine HAVE_IOCTLSOCKET #cmakedefine HAVE_IOCTLSOCKET_CASE #cmakedefine HAVE_SO_NONBLOCK -#cmakedefine HAVE_DISABLED_NONBLOCKING -/* snprintf not in Visual Studio CRT and _snprintf dangerously incompatible. - We provide a safe wrapper if snprintf not found */ -#ifndef HAVE_SNPRINTF -#include -#include -/* Want safe, 'n += snprintf(b + n ...)' like function. If cp_max_len is 1 -* then assume cp is pointing to a null char and do nothing. Returns number -* number of chars placed in cp excluding the trailing null char. So for -* cp_max_len > 0 the return value is always < cp_max_len; for cp_max_len -* <= 0 the return value is 0 (and no chars are written to cp). */ -static int snprintf(char * cp, int cp_max_len, const char * fmt, ...) -{ - va_list args; - int n; - - if (cp_max_len < 2) - return 0; - va_start(args, fmt); - n = vsnprintf(cp, cp_max_len, fmt, args); - va_end(args); - return (n < cp_max_len) ? n : (cp_max_len - 1); -} - -#define HAVE_SNPRINTF +/* attribute to export symbol */ +#if defined(LIBSSH2_EXPORTS) && defined(LIBSSH2_LIBRARY) +#cmakedefine LIBSSH2_API ${LIBSSH2_API} #endif diff --git a/libssh2/src/libssh2_priv.h b/libssh2/src/libssh2_priv.h index da488b744..82c3afe25 100644 --- a/libssh2/src/libssh2_priv.h +++ b/libssh2/src/libssh2_priv.h @@ -39,23 +39,17 @@ * OF SUCH DAMAGE. */ +/* Header used by 'src' */ + #define LIBSSH2_LIBRARY -#include "libssh2_config.h" -#ifdef HAVE_WINDOWS_H -#ifndef WIN32_LEAN_AND_MEAN -#define WIN32_LEAN_AND_MEAN -#endif -#include -#undef WIN32_LEAN_AND_MEAN -#endif - -#ifdef HAVE_WS2TCPIP_H -#include -#endif +/* platform/compiler-specific setup */ +#include "libssh2_setup.h" #include +#include #include +#include /* The following CPP block should really only be in session.c and packet.c. However, AIX have #define's for 'events' and 'revents' and we are using @@ -66,15 +60,8 @@ */ #ifdef HAVE_POLL # include -#else -# if defined(HAVE_SELECT) && !defined(WIN32) -# ifdef HAVE_SYS_SELECT_H +#elif defined(HAVE_SELECT) && defined(HAVE_SYS_SELECT_H) # include -# else -# include -# include -# endif -# endif #endif /* Needed for struct iovec on some platforms */ @@ -83,10 +70,10 @@ #endif #ifdef HAVE_SYS_SOCKET_H -# include +#include #endif #ifdef HAVE_SYS_IOCTL_H -# include +#include #endif #ifdef HAVE_INTTYPES_H #include @@ -95,7 +82,20 @@ #include "libssh2.h" #include "libssh2_publickey.h" #include "libssh2_sftp.h" -#include "misc.h" /* for the linked list stuff */ +#include "misc.h" + +#ifdef WIN32 +/* Detect Windows App environment which has a restricted access + to the Win32 APIs. */ +# if (defined(_WIN32_WINNT) && (_WIN32_WINNT >= 0x0602)) || \ + defined(WINAPI_FAMILY) +# include +# if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP) && \ + !WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP) +# define LIBSSH2_WINDOWS_UWP +# endif +# endif +#endif #ifndef FALSE #define FALSE 0 @@ -104,8 +104,30 @@ #define TRUE 1 #endif -#ifdef _MSC_VER +/* Use local implementation when not available */ +#if !defined(HAVE_SNPRINTF) +#undef snprintf +#define snprintf _libssh2_snprintf +#define LIBSSH2_SNPRINTF +int _libssh2_snprintf(char *cp, size_t cp_max_len, const char *fmt, ...); +#endif + +#if !defined(HAVE_GETTIMEOFDAY) +#define HAVE_GETTIMEOFDAY +#undef gettimeofday +#define gettimeofday _libssh2_gettimeofday +#define LIBSSH2_GETTIMEOFDAY +int _libssh2_gettimeofday(struct timeval *tp, void *tzp); +#elif defined(HAVE_SYS_TIME_H) +#include +#endif + /* "inline" keyword is valid only with C++ engine! */ +#ifdef __GNUC__ +#undef inline +#define inline __inline__ +#elif defined(_MSC_VER) +#undef inline #define inline __inline #endif @@ -119,20 +141,6 @@ struct iovec { #endif -/* Provide iovec / writev on WIN32 platform. */ -#ifdef WIN32 - -static inline int writev(int sock, struct iovec *iov, int nvecs) -{ - DWORD ret; - if(WSASend(sock, (LPWSABUF)iov, nvecs, &ret, 0, NULL, NULL) == 0) { - return ret; - } - return -1; -} - -#endif /* WIN32 */ - #ifdef __OS400__ /* Force parameter type. */ #define send(s, b, l, f) send((s), (unsigned char *) (b), (l), (f)) @@ -140,13 +148,6 @@ static inline int writev(int sock, struct iovec *iov, int nvecs) #include "crypto.h" -#ifdef HAVE_WINSOCK2_H - -#include -#include - -#endif - #ifndef SIZE_MAX #if _WIN64 #define SIZE_MAX 0xFFFFFFFFFFFFFFFF @@ -159,6 +160,9 @@ static inline int writev(int sock, struct iovec *iov, int nvecs) #define UINT_MAX 0xFFFFFFFF #endif +#define LIBSSH2_MAX(x, y) ((x) > (y) ? (x) : (y)) +#define LIBSSH2_MIN(x, y) ((x) < (y) ? (x) : (y)) + /* RFC4253 section 6.1 Maximum Packet Length says: * * "All implementations MUST be able to process packets with @@ -170,33 +174,51 @@ static inline int writev(int sock, struct iovec *iov, int nvecs) #define MAX_SHA_DIGEST_LEN SHA512_DIGEST_LENGTH #define LIBSSH2_ALLOC(session, count) \ - session->alloc((count), &(session)->abstract) + session->alloc((count), &(session)->abstract) #define LIBSSH2_CALLOC(session, count) _libssh2_calloc(session, count) #define LIBSSH2_REALLOC(session, ptr, count) \ - ((ptr) ? session->realloc((ptr), (count), &(session)->abstract) : \ - session->alloc((count), &(session)->abstract)) + ((ptr) ? session->realloc((ptr), (count), &(session)->abstract) : \ + session->alloc((count), &(session)->abstract)) #define LIBSSH2_FREE(session, ptr) \ - session->free((ptr), &(session)->abstract) + session->free((ptr), &(session)->abstract) #define LIBSSH2_IGNORE(session, data, datalen) \ - session->ssh_msg_ignore((session), (data), (datalen), &(session)->abstract) + session->ssh_msg_ignore((session), (data), (int)(datalen), \ + &(session)->abstract) #define LIBSSH2_DEBUG(session, always_display, message, message_len, \ - language, language_len) \ - session->ssh_msg_debug((session), (always_display), (message), \ - (message_len), (language), (language_len), \ + language, language_len) \ + session->ssh_msg_debug((session), (always_display), \ + (message), (int)(message_len), \ + (language), (int)(language_len), \ &(session)->abstract) #define LIBSSH2_DISCONNECT(session, reason, message, message_len, \ - language, language_len) \ - session->ssh_msg_disconnect((session), (reason), (message), \ - (message_len), (language), (language_len), \ + language, language_len) \ + session->ssh_msg_disconnect((session), (reason), \ + (message), (int)(message_len), \ + (language), (int)(language_len), \ &(session)->abstract) -#define LIBSSH2_MACERROR(session, data, datalen) \ - session->macerror((session), (data), (datalen), &(session)->abstract) -#define LIBSSH2_X11_OPEN(channel, shost, sport) \ +#define LIBSSH2_MACERROR(session, data, datalen) \ + session->macerror((session), (data), (int)(datalen), &(session)->abstract) +#define LIBSSH2_X11_OPEN(channel, shost, sport) \ channel->session->x11(((channel)->session), (channel), \ (shost), (sport), (&(channel)->session->abstract)) -#define LIBSSH2_CHANNEL_CLOSE(session, channel) \ +#define LIBSSH2_AUTHAGENT(channel) \ + channel->session->authagent(((channel)->session), (channel), \ + (&(channel)->session->abstract)) + +#define LIBSSH2_ADD_IDENTITIES(session, buffer, agentPath) \ + session->addLocalIdentities((session), (buffer), \ + (agentPath), (&(session->abstract))) + +#define LIBSSH2_AUTHAGENT_SIGN(session, blob, blen, \ + data, dlen, sig, sigLen, \ + agentPath) \ + session->agentSignCallback((session), (blob), (blen), \ + (data), (dlen), (sig), (sigLen), \ + (agentPath), (&(session->abstract))) + +#define LIBSSH2_CHANNEL_CLOSE(session, channel) \ channel->close_cb((session), &(session)->abstract, \ (channel), &(channel)->abstract) @@ -205,9 +227,9 @@ static inline int writev(int sock, struct iovec *iov, int nvecs) #define LIBSSH2_RECV_FD(session, fd, buffer, length, flags) \ (session->recv)(fd, buffer, length, flags, &session->abstract) -#define LIBSSH2_SEND(session, buffer, length, flags) \ +#define LIBSSH2_SEND(session, buffer, length, flags) \ LIBSSH2_SEND_FD(session, session->socket_fd, buffer, length, flags) -#define LIBSSH2_RECV(session, buffer, length, flags) \ +#define LIBSSH2_RECV(session, buffer, length, flags) \ LIBSSH2_RECV_FD(session, session->socket_fd, buffer, length, flags) typedef struct _LIBSSH2_KEX_METHOD LIBSSH2_KEX_METHOD; @@ -235,7 +257,9 @@ typedef enum libssh2_NB_state_jump3, libssh2_NB_state_jump4, libssh2_NB_state_jump5, - libssh2_NB_state_end + libssh2_NB_state_error_closing, + libssh2_NB_state_end, + libssh2_NB_state_jumpauthagent } libssh2_nonblocking_states; typedef struct packet_require_state_t @@ -341,6 +365,24 @@ typedef struct packet_x11_open_state_t LIBSSH2_CHANNEL *channel; } packet_x11_open_state_t; +#define AuthAgentUnavail "Auth Agent unavailable" + +typedef struct packet_authagent_state_t +{ + libssh2_nonblocking_states state; + unsigned char packet[17 + (sizeof(AuthAgentUnavail) - 1)]; + uint32_t sender_channel; + uint32_t initial_window_size; + uint32_t packet_size; + LIBSSH2_CHANNEL *channel; +} packet_authagent_state_t; + +typedef enum +{ + libssh2_requires_size_decryption = (1 << 0), + libssh2_requires_size_field_in_packet = (1 << 1) +} libssh2_crypt_flags; + struct _LIBSSH2_PACKET { struct list_node node; /* linked list header */ @@ -383,7 +425,7 @@ struct _LIBSSH2_CHANNEL /* Amount of bytes to be refunded to receive window (but not yet sent) */ uint32_t adjust_queue; /* Data immediately available for reading */ - uint32_t read_avail; + size_t read_avail; LIBSSH2_SESSION *session; @@ -463,6 +505,11 @@ struct _LIBSSH2_CHANNEL size_t req_auth_agent_packet_len; unsigned char req_auth_agent_local_channel[4]; packet_requirev_state_t req_auth_agent_requirev_state; + + /* State variables used in libssh2_channel_signal_ex() */ + libssh2_nonblocking_states sendsignal_state; + unsigned char *sendsignal_packet; + size_t sendsignal_packet_len; }; struct _LIBSSH2_LISTENER @@ -510,7 +557,7 @@ typedef struct _libssh2_endpoint_data char *lang_prefs; } libssh2_endpoint_data; -#define PACKETBUFSIZE (1024*16) +#define PACKETBUFSIZE MAX_SSH_PACKET_LEN struct transportpacket { @@ -533,14 +580,15 @@ struct transportpacket packet_length + padding_length + 4 + mac_length. */ unsigned char *payload; /* this is a pointer to a LIBSSH2_ALLOC() - area to which we write decrypted data */ + area to which we write incoming packet data + which is not yet decrypted in etm mode. */ unsigned char *wptr; /* write pointer into the payload to where we are currently writing decrypted data */ /* ------------- for outgoing data --------------- */ unsigned char outbuf[MAX_SSH_PACKET_LEN]; /* area for the outgoing data */ - int ototal_num; /* size of outbuf in number of bytes */ + ssize_t ototal_num; /* size of outbuf in number of bytes */ const unsigned char *odata; /* original pointer to the data */ size_t olen; /* original size of the data we stored in outbuf */ @@ -578,26 +626,31 @@ struct _LIBSSH2_PUBLICKEY #define LIBSSH2_SCP_RESPONSE_BUFLEN 256 struct flags { - int sigpipe; /* LIBSSH2_FLAG_SIGPIPE */ - int compress; /* LIBSSH2_FLAG_COMPRESS */ + int sigpipe; /* LIBSSH2_FLAG_SIGPIPE */ + int compress; /* LIBSSH2_FLAG_COMPRESS */ + int quote_paths; /* LIBSSH2_FLAG_QUOTE_PATHS */ }; struct _LIBSSH2_SESSION { /* Memory management callbacks */ void *abstract; - LIBSSH2_ALLOC_FUNC((*alloc)); - LIBSSH2_REALLOC_FUNC((*realloc)); - LIBSSH2_FREE_FUNC((*free)); + + LIBSSH2_ALLOC_FUNC((*alloc)); + LIBSSH2_REALLOC_FUNC((*realloc)); + LIBSSH2_FREE_FUNC((*free)); /* Other callbacks */ - LIBSSH2_IGNORE_FUNC((*ssh_msg_ignore)); - LIBSSH2_DEBUG_FUNC((*ssh_msg_debug)); - LIBSSH2_DISCONNECT_FUNC((*ssh_msg_disconnect)); - LIBSSH2_MACERROR_FUNC((*macerror)); - LIBSSH2_X11_OPEN_FUNC((*x11)); - LIBSSH2_SEND_FUNC((*send)); - LIBSSH2_RECV_FUNC((*recv)); + LIBSSH2_IGNORE_FUNC((*ssh_msg_ignore)); + LIBSSH2_DEBUG_FUNC((*ssh_msg_debug)); + LIBSSH2_DISCONNECT_FUNC((*ssh_msg_disconnect)); + LIBSSH2_MACERROR_FUNC((*macerror)); + LIBSSH2_X11_OPEN_FUNC((*x11)); + LIBSSH2_AUTHAGENT_FUNC((*authagent)); + LIBSSH2_ADD_IDENTITIES_FUNC((*addLocalIdentities)); + LIBSSH2_AUTHAGENT_SIGN_FUNC((*agentSignCallback)); + LIBSSH2_SEND_FUNC((*send)); + LIBSSH2_RECV_FUNC((*recv)); /* Method preferences -- NULL yields "load order" */ char *kex_prefs; @@ -610,7 +663,7 @@ struct _LIBSSH2_SESSION /* Agreed Key Exchange Method */ const LIBSSH2_KEX_METHOD *kex; - unsigned int burn_optimistic_kexinit:1; + unsigned int burn_optimistic_kexinit; unsigned char *session_id; uint32_t session_id_len; @@ -633,13 +686,19 @@ struct _LIBSSH2_SESSION #if LIBSSH2_MD5 unsigned char server_hostkey_md5[MD5_DIGEST_LENGTH]; int server_hostkey_md5_valid; -#endif /* ! LIBSSH2_MD5 */ +#endif /* ! LIBSSH2_MD5 */ unsigned char server_hostkey_sha1[SHA_DIGEST_LENGTH]; int server_hostkey_sha1_valid; unsigned char server_hostkey_sha256[SHA256_DIGEST_LENGTH]; int server_hostkey_sha256_valid; + /* public key algorithms accepted as comma separated list */ + char *server_sign_algorithms; + + /* key signing algorithm preferences -- NULL yields server order */ + char *sign_algo_prefs; + /* (remote as source of data -- packet_read ) */ libssh2_endpoint_data remote; @@ -713,6 +772,7 @@ struct _LIBSSH2_SESSION libssh2_nonblocking_states userauth_list_state; unsigned char *userauth_list_data; size_t userauth_list_data_len; + char *userauth_banner; packet_requirev_state_t userauth_list_packet_requirev_state; /* State variables used in libssh2_userauth_password_ex() */ @@ -753,10 +813,10 @@ struct _LIBSSH2_SESSION size_t userauth_kybd_data_len; unsigned char *userauth_kybd_packet; size_t userauth_kybd_packet_len; - unsigned int userauth_kybd_auth_name_len; - char *userauth_kybd_auth_name; - unsigned userauth_kybd_auth_instruction_len; - char *userauth_kybd_auth_instruction; + size_t userauth_kybd_auth_name_len; + unsigned char *userauth_kybd_auth_name; + size_t userauth_kybd_auth_instruction_len; + unsigned char *userauth_kybd_auth_instruction; unsigned int userauth_kybd_num_prompts; int userauth_kybd_auth_failure; LIBSSH2_USERAUTH_KBDINT_PROMPT *userauth_kybd_prompts; @@ -803,6 +863,7 @@ struct _LIBSSH2_SESSION states */ packet_queue_listener_state_t packAdd_Qlstn_state; packet_x11_open_state_t packAdd_x11open_state; + packet_authagent_state_t packAdd_authagent_state; /* State variables used in fullpacket() */ libssh2_nonblocking_states fullpacket_state; @@ -816,8 +877,8 @@ struct _LIBSSH2_SESSION LIBSSH2_CHANNEL *sftpInit_channel; unsigned char sftpInit_buffer[9]; /* sftp_header(5){excludes request_id} + version_id(4) */ - int sftpInit_sent; /* number of bytes from the buffer that have been - sent */ + size_t sftpInit_sent; /* number of bytes from the buffer that have been + sent */ /* State variables used in libssh2_scp_recv() / libssh_scp_recv2() */ libssh2_nonblocking_states scpRecv_state; @@ -826,17 +887,7 @@ struct _LIBSSH2_SESSION unsigned char scpRecv_response[LIBSSH2_SCP_RESPONSE_BUFLEN]; size_t scpRecv_response_len; long scpRecv_mode; -#if defined(HAVE_LONGLONG) && defined(HAVE_STRTOLL) - /* we have the type and we can parse such numbers */ - long long scpRecv_size; -#define scpsize_strtol strtoll -#elif defined(HAVE_STRTOI64) - __int64 scpRecv_size; -#define scpsize_strtol _strtoi64 -#else - long scpRecv_size; -#define scpsize_strtol strtol -#endif + libssh2_int64_t scpRecv_size; long scpRecv_mtime; long scpRecv_atime; LIBSSH2_CHANNEL *scpRecv_channel; @@ -853,6 +904,9 @@ struct _LIBSSH2_SESSION int keepalive_interval; int keepalive_want_reply; time_t keepalive_last_sent; + + /* Configurable timeout for packets. Replaces LIBSSH2_READ_TIMEOUT */ + long packet_read_timeout; }; /* session.state bits */ @@ -863,9 +917,9 @@ struct _LIBSSH2_SESSION /* session.flag helpers */ #ifdef MSG_NOSIGNAL -#define LIBSSH2_SOCKET_SEND_FLAGS(session) \ +#define LIBSSH2_SOCKET_SEND_FLAGS(session) \ (((session)->flag.sigpipe) ? 0 : MSG_NOSIGNAL) -#define LIBSSH2_SOCKET_RECV_FLAGS(session) \ +#define LIBSSH2_SOCKET_RECV_FLAGS(session) \ (((session)->flag.sigpipe) ? 0 : MSG_NOSIGNAL) #else /* If MSG_NOSIGNAL isn't defined we're SOL on blocking SIGPIPE */ @@ -934,12 +988,36 @@ struct _LIBSSH2_CRYPT_METHOD int *free_iv, unsigned char *secret, int *free_secret, int encrypt, void **abstract); int (*crypt) (LIBSSH2_SESSION * session, unsigned char *block, - size_t blocksize, void **abstract); + size_t blocksize, void **abstract, int firstlast); int (*dtor) (LIBSSH2_SESSION * session, void **abstract); - _libssh2_cipher_type(algo); + _libssh2_cipher_type(algo); }; +/* Bit flags for _LIBSSH2_CRYPT_METHOD */ + +/* Crypto method has integrated message authentication */ +#define LIBSSH2_CRYPT_FLAG_INTEGRATED_MAC 1 +/* Crypto method does not encrypt the packet length */ +#define LIBSSH2_CRYPT_FLAG_PKTLEN_AAD 2 + +/* Convenience macros for accessing crypt flags */ +/* Local crypto flags */ +#define CRYPT_FLAG_L(session, flag) ((session)->local.crypt && \ + ((session)->local.crypt->flags & LIBSSH2_CRYPT_FLAG_##flag)) +/* Remote crypto flags */ +#define CRYPT_FLAG_R(session, flag) ((session)->remote.crypt && \ + ((session)->remote.crypt->flags & LIBSSH2_CRYPT_FLAG_##flag)) + +/* Values for firstlast */ +#define FIRST_BLOCK 1 +#define MIDDLE_BLOCK 0 +#define LAST_BLOCK 2 + +/* Convenience macros for accessing firstlast */ +#define IS_FIRST(firstlast) (firstlast & FIRST_BLOCK) +#define IS_LAST(firstlast) (firstlast & LAST_BLOCK) + struct _LIBSSH2_COMP_METHOD { const char *name; @@ -963,23 +1041,12 @@ struct _LIBSSH2_COMP_METHOD }; #ifdef LIBSSH2DEBUG -void _libssh2_debug(LIBSSH2_SESSION * session, int context, const char *format, - ...); +void +_libssh2_debug_low(LIBSSH2_SESSION * session, int context, const char *format, + ...); +#define _libssh2_debug(x) _libssh2_debug_low x #else -#if (defined(__STDC_VERSION__) && (__STDC_VERSION__ >= 199901L)) || \ - defined(__GNUC__) -/* C99 supported and also by older GCC */ -#define _libssh2_debug(x,y,z,...) do {} while (0) -#else -/* no gcc and not C99, do static and hopefully inline */ -static inline void -_libssh2_debug(LIBSSH2_SESSION * session, int context, const char *format, ...) -{ - (void)session; - (void)context; - (void)format; -} -#endif +#define _libssh2_debug(x) do {} while(0) #endif #define LIBSSH2_SOCKET_UNKNOWN 1 @@ -1006,6 +1073,7 @@ _libssh2_debug(LIBSSH2_SESSION * session, int context, const char *format, ...) #define SSH_MSG_DEBUG 4 #define SSH_MSG_SERVICE_REQUEST 5 #define SSH_MSG_SERVICE_ACCEPT 6 +#define SSH_MSG_EXT_INFO 7 #define SSH_MSG_KEXINIT 20 #define SSH_MSG_NEWKEYS 21 @@ -1069,8 +1137,8 @@ ssize_t _libssh2_recv(libssh2_socket_t socket, void *buffer, ssize_t _libssh2_send(libssh2_socket_t socket, const void *buffer, size_t length, int flags, void **abstract); -#define LIBSSH2_READ_TIMEOUT 60 /* generic timeout in seconds used when - waiting for more data to arrive */ +#define LIBSSH2_DEFAULT_READ_TIMEOUT 60 /* generic timeout in seconds used when + waiting for more data to arrive */ int _libssh2_kex_exchange(LIBSSH2_SESSION * session, int reexchange, @@ -1080,7 +1148,6 @@ int _libssh2_kex_exchange(LIBSSH2_SESSION * session, int reexchange, const LIBSSH2_CRYPT_METHOD **libssh2_crypt_methods(void); const LIBSSH2_HOSTKEY_METHOD **libssh2_hostkey_methods(void); -/* misc.c */ int _libssh2_bcrypt_pbkdf(const char *pass, size_t passlen, const uint8_t *salt, @@ -1094,12 +1161,12 @@ int _libssh2_pem_parse(LIBSSH2_SESSION * session, const char *headerbegin, const char *headerend, const unsigned char *passphrase, - FILE * fp, unsigned char **data, unsigned int *datalen); + FILE * fp, unsigned char **data, size_t *datalen); int _libssh2_pem_parse_memory(LIBSSH2_SESSION * session, const char *headerbegin, const char *headerend, const char *filedata, size_t filedata_len, - unsigned char **data, unsigned int *datalen); + unsigned char **data, size_t *datalen); /* OpenSSL keys */ int _libssh2_openssh_pem_parse(LIBSSH2_SESSION * session, @@ -1111,37 +1178,39 @@ _libssh2_openssh_pem_parse_memory(LIBSSH2_SESSION * session, const char *filedata, size_t filedata_len, struct string_buf **decrypted_buf); -int _libssh2_pem_decode_sequence(unsigned char **data, unsigned int *datalen); -int _libssh2_pem_decode_integer(unsigned char **data, unsigned int *datalen, +int _libssh2_pem_decode_sequence(unsigned char **data, size_t *datalen); +int _libssh2_pem_decode_integer(unsigned char **data, size_t *datalen, unsigned char **i, unsigned int *ilen); /* global.c */ void _libssh2_init_if_needed(void); +/* Utility function for certificate auth */ +size_t plain_method(char *method, size_t method_len); #define ARRAY_SIZE(a) (sizeof ((a)) / sizeof ((a)[0])) /* define to output the libssh2_int64_t type in a *printf() */ -#if defined(__BORLANDC__) || defined(_MSC_VER) || defined(__MINGW32__) +#if defined(__BORLANDC__) || defined(_MSC_VER) #define LIBSSH2_INT64_T_FORMAT "I64d" #else #define LIBSSH2_INT64_T_FORMAT "lld" #endif /* In Windows the default file mode is text but an application can override it. -Therefore we specify it explicitly. https://github.com/curl/curl/pull/258 -*/ + Therefore we specify it explicitly. https://github.com/curl/curl/pull/258 + */ #if defined(WIN32) || defined(MSDOS) #define FOPEN_READTEXT "rt" #define FOPEN_WRITETEXT "wt" #define FOPEN_APPENDTEXT "at" #elif defined(__CYGWIN__) /* Cygwin has specific behavior we need to address when WIN32 is not defined. -https://cygwin.com/cygwin-ug-net/using-textbinary.html -For write we want our output to have line endings of LF and be compatible with -other Cygwin utilities. For read we want to handle input that may have line -endings either CRLF or LF so 't' is appropriate. -*/ + https://cygwin.com/cygwin-ug-net/using-textbinary.html + For write we want our output to have line endings of LF and be compatible + with other Cygwin utilities. For read we want to handle input that may have + line endings either CRLF or LF so 't' is appropriate. + */ #define FOPEN_READTEXT "rt" #define FOPEN_WRITETEXT "w" #define FOPEN_APPENDTEXT "a" diff --git a/libssh2/src/libssh2_setup.h b/libssh2/src/libssh2_setup.h new file mode 100644 index 000000000..87fed1c58 --- /dev/null +++ b/libssh2/src/libssh2_setup.h @@ -0,0 +1,105 @@ +/* Copyright (c) 2023 Viktor Szakats */ + +#ifndef LIBSSH2_SETUP_H +#define LIBSSH2_SETUP_H + +/* Header for platform/compiler-specific initialization. + Used by 'src', 'example', 'tests' */ + +#if defined(_WIN32) && !defined(WIN32) +#define WIN32 +#endif + +/* Define mingw-w64 version macros, eg __MINGW{32,64}_{MINOR,MAJOR}_VERSION */ +#ifdef __MINGW32__ +#include <_mingw.h> +#endif + +/* Configuration provided by build tools (autotools and CMake), + and via platform-specific directories for os400 and vms */ +#if defined(HAVE_CONFIG_H) || defined(__OS400__) || defined(__VMS) + +#include "libssh2_config.h" + +/* Hand-crafted configuration for platforms which lack config tool. + Keep this synced with root CMakeLists.txt */ +#elif defined(WIN32) + +#define HAVE_SELECT +#define HAVE_SNPRINTF + +#ifdef __MINGW32__ +# define HAVE_UNISTD_H +# define HAVE_INTTYPES_H +# define HAVE_SYS_TIME_H +# define HAVE_SYS_PARAM_H +# define HAVE_GETTIMEOFDAY +# define HAVE_STRTOLL +#elif defined(_MSC_VER) +# if _MSC_VER >= 1800 +# define HAVE_INTTYPES_H +# define HAVE_STRTOLL +# else +# define HAVE_STRTOI64 +# endif +# if _MSC_VER < 1900 +# undef HAVE_SNPRINTF +# endif +#endif + +#endif /* defined(HAVE_CONFIG_H) */ + +/* Below applies to both auto-detected and hand-crafted configs */ + +#ifdef WIN32 + +#ifndef WIN32_LEAN_AND_MEAN +#define WIN32_LEAN_AND_MEAN +#endif +#ifndef NOGDI +#define NOGDI +#endif +#ifndef NONLS +#define NONLS +#endif + +#ifdef __MINGW32__ +# ifdef __MINGW64_VERSION_MAJOR +/* Number of bits in a file offset, on hosts where this is settable. */ +# ifndef _FILE_OFFSET_BITS +# define _FILE_OFFSET_BITS 64 +# endif +# endif +#elif defined(_MSC_VER) +# ifndef _CRT_SECURE_NO_WARNINGS +# define _CRT_SECURE_NO_WARNINGS /* for fopen(), getenv() */ +# endif +# if !defined(LIBSSH2_LIBRARY) || defined(LIBSSH2_TESTS) + /* apply to examples and tests only */ +# ifndef _CRT_NONSTDC_NO_DEPRECATE +# define _CRT_NONSTDC_NO_DEPRECATE /* for strdup(), write() */ +# endif +# ifndef _WINSOCK_DEPRECATED_NO_WARNINGS +# define _WINSOCK_DEPRECATED_NO_WARNINGS /* for inet_addr() */ +# endif + /* we cannot access our internal snprintf() implementation in examples and + tests when linking to a shared libssh2. */ +# if _MSC_VER < 1900 +# undef HAVE_SNPRINTF +# define HAVE_SNPRINTF +# define snprintf _snprintf +# endif +# endif +# if _MSC_VER < 1500 +# define vsnprintf _vsnprintf +# endif +# if _MSC_VER < 1900 +# define strdup _strdup +/* Silence bogus warning C4127: conditional expression is constant */ +# pragma warning(disable:4127) +# endif +#endif + +#endif /* WIN32 */ + +#endif /* LIBSSH2_SETUP_H */ diff --git a/libssh2/src/mac.c b/libssh2/src/mac.c index 5ac71df4c..01c5faa26 100644 --- a/libssh2/src/mac.c +++ b/libssh2/src/mac.c @@ -38,15 +38,26 @@ #include "libssh2_priv.h" #include "mac.h" -#ifdef LIBSSH2_MAC_NONE +#if defined(LIBSSH2DEBUG) && defined(LIBSSH2_MAC_NONE_INSECURE) /* mac_none_MAC - * Minimalist MAC: No MAC + * + * Minimalist MAC: No MAC. DO NOT USE. + * + * The SSH2 Transport allows implementations to forego a message + * authentication code. While this is less of a security risk than using + * a "none" cipher, it is still not recommended as disabling MAC hashes + * removes a layer of security. + * + * Enabling this option will allow for "none" as a negotiable method, + * however it still requires that the method be advertised by the remote + * end and that no more-preferable methods are available. + * */ static int mac_none_MAC(LIBSSH2_SESSION * session, unsigned char *buf, uint32_t seqno, const unsigned char *packet, - uint32_t packet_len, const unsigned char *addtl, - uint32_t addtl_len, void **abstract) + size_t packet_len, const unsigned char *addtl, + size_t addtl_len, void **abstract) { return 0; } @@ -60,9 +71,10 @@ static LIBSSH2_MAC_METHOD mac_method_none = { 0, NULL, mac_none_MAC, - NULL + NULL, + 0 }; -#endif /* LIBSSH2_MAC_NONE */ +#endif /* defined(LIBSSH2DEBUG) && defined(LIBSSH2_MAC_NONE_INSECURE) */ /* mac_method_common_init * Initialize simple mac methods @@ -73,7 +85,7 @@ mac_method_common_init(LIBSSH2_SESSION * session, unsigned char *key, { *abstract = key; *free_key = 0; - (void) session; + (void)session; return 0; } @@ -102,15 +114,15 @@ mac_method_common_dtor(LIBSSH2_SESSION * session, void **abstract) */ static int mac_method_hmac_sha2_512_hash(LIBSSH2_SESSION * session, - unsigned char *buf, uint32_t seqno, - const unsigned char *packet, - uint32_t packet_len, - const unsigned char *addtl, - uint32_t addtl_len, void **abstract) + unsigned char *buf, uint32_t seqno, + const unsigned char *packet, + size_t packet_len, + const unsigned char *addtl, + size_t addtl_len, void **abstract) { libssh2_hmac_ctx ctx; unsigned char seqno_buf[4]; - (void) session; + (void)session; _libssh2_htonu32(seqno_buf, seqno); @@ -127,8 +139,6 @@ mac_method_hmac_sha2_512_hash(LIBSSH2_SESSION * session, return 0; } - - static const LIBSSH2_MAC_METHOD mac_method_hmac_sha2_512 = { "hmac-sha2-512", 64, @@ -136,7 +146,19 @@ static const LIBSSH2_MAC_METHOD mac_method_hmac_sha2_512 = { mac_method_common_init, mac_method_hmac_sha2_512_hash, mac_method_common_dtor, + 0 }; + +static const LIBSSH2_MAC_METHOD mac_method_hmac_sha2_512_etm = { + "hmac-sha2-512-etm@openssh.com", + 64, + 64, + mac_method_common_init, + mac_method_hmac_sha2_512_hash, + mac_method_common_dtor, + 1 +}; + #endif @@ -147,15 +169,15 @@ static const LIBSSH2_MAC_METHOD mac_method_hmac_sha2_512 = { */ static int mac_method_hmac_sha2_256_hash(LIBSSH2_SESSION * session, - unsigned char *buf, uint32_t seqno, - const unsigned char *packet, - uint32_t packet_len, - const unsigned char *addtl, - uint32_t addtl_len, void **abstract) + unsigned char *buf, uint32_t seqno, + const unsigned char *packet, + size_t packet_len, + const unsigned char *addtl, + size_t addtl_len, void **abstract) { libssh2_hmac_ctx ctx; unsigned char seqno_buf[4]; - (void) session; + (void)session; _libssh2_htonu32(seqno_buf, seqno); @@ -181,7 +203,19 @@ static const LIBSSH2_MAC_METHOD mac_method_hmac_sha2_256 = { mac_method_common_init, mac_method_hmac_sha2_256_hash, mac_method_common_dtor, + 0 }; + +static const LIBSSH2_MAC_METHOD mac_method_hmac_sha2_256_etm = { + "hmac-sha2-256-etm@openssh.com", + 32, + 32, + mac_method_common_init, + mac_method_hmac_sha2_256_hash, + mac_method_common_dtor, + 1 +}; + #endif @@ -194,13 +228,13 @@ static int mac_method_hmac_sha1_hash(LIBSSH2_SESSION * session, unsigned char *buf, uint32_t seqno, const unsigned char *packet, - uint32_t packet_len, + size_t packet_len, const unsigned char *addtl, - uint32_t addtl_len, void **abstract) + size_t addtl_len, void **abstract) { libssh2_hmac_ctx ctx; unsigned char seqno_buf[4]; - (void) session; + (void)session; _libssh2_htonu32(seqno_buf, seqno); @@ -226,6 +260,17 @@ static const LIBSSH2_MAC_METHOD mac_method_hmac_sha1 = { mac_method_common_init, mac_method_hmac_sha1_hash, mac_method_common_dtor, + 0 +}; + +static const LIBSSH2_MAC_METHOD mac_method_hmac_sha1_etm = { + "hmac-sha1-etm@openssh.com", + 20, + 20, + mac_method_common_init, + mac_method_hmac_sha1_hash, + mac_method_common_dtor, + 1 }; /* mac_method_hmac_sha1_96_hash @@ -235,9 +280,9 @@ static int mac_method_hmac_sha1_96_hash(LIBSSH2_SESSION * session, unsigned char *buf, uint32_t seqno, const unsigned char *packet, - uint32_t packet_len, + size_t packet_len, const unsigned char *addtl, - uint32_t addtl_len, void **abstract) + size_t addtl_len, void **abstract) { unsigned char temp[SHA_DIGEST_LENGTH]; @@ -257,6 +302,7 @@ static const LIBSSH2_MAC_METHOD mac_method_hmac_sha1_96 = { mac_method_common_init, mac_method_hmac_sha1_96_hash, mac_method_common_dtor, + 0 }; #if LIBSSH2_MD5 @@ -267,13 +313,13 @@ static int mac_method_hmac_md5_hash(LIBSSH2_SESSION * session, unsigned char *buf, uint32_t seqno, const unsigned char *packet, - uint32_t packet_len, + size_t packet_len, const unsigned char *addtl, - uint32_t addtl_len, void **abstract) + size_t addtl_len, void **abstract) { libssh2_hmac_ctx ctx; unsigned char seqno_buf[4]; - (void) session; + (void)session; _libssh2_htonu32(seqno_buf, seqno); @@ -299,6 +345,7 @@ static const LIBSSH2_MAC_METHOD mac_method_hmac_md5 = { mac_method_common_init, mac_method_hmac_md5_hash, mac_method_common_dtor, + 0 }; /* mac_method_hmac_md5_96_hash @@ -308,9 +355,9 @@ static int mac_method_hmac_md5_96_hash(LIBSSH2_SESSION * session, unsigned char *buf, uint32_t seqno, const unsigned char *packet, - uint32_t packet_len, + size_t packet_len, const unsigned char *addtl, - uint32_t addtl_len, void **abstract) + size_t addtl_len, void **abstract) { unsigned char temp[MD5_DIGEST_LENGTH]; mac_method_hmac_md5_hash(session, temp, seqno, packet, packet_len, @@ -328,6 +375,7 @@ static const LIBSSH2_MAC_METHOD mac_method_hmac_md5_96 = { mac_method_common_init, mac_method_hmac_md5_96_hash, mac_method_common_dtor, + 0 }; #endif /* LIBSSH2_MD5 */ @@ -339,14 +387,14 @@ static int mac_method_hmac_ripemd160_hash(LIBSSH2_SESSION * session, unsigned char *buf, uint32_t seqno, const unsigned char *packet, - uint32_t packet_len, + size_t packet_len, const unsigned char *addtl, - uint32_t addtl_len, + size_t addtl_len, void **abstract) { libssh2_hmac_ctx ctx; unsigned char seqno_buf[4]; - (void) session; + (void)session; _libssh2_htonu32(seqno_buf, seqno); @@ -372,6 +420,7 @@ static const LIBSSH2_MAC_METHOD mac_method_hmac_ripemd160 = { mac_method_common_init, mac_method_hmac_ripemd160_hash, mac_method_common_dtor, + 0 }; static const LIBSSH2_MAC_METHOD mac_method_hmac_ripemd160_openssh_com = { @@ -381,17 +430,21 @@ static const LIBSSH2_MAC_METHOD mac_method_hmac_ripemd160_openssh_com = { mac_method_common_init, mac_method_hmac_ripemd160_hash, mac_method_common_dtor, + 0 }; #endif /* LIBSSH2_HMAC_RIPEMD */ static const LIBSSH2_MAC_METHOD *mac_methods[] = { #if LIBSSH2_HMAC_SHA256 &mac_method_hmac_sha2_256, + &mac_method_hmac_sha2_256_etm, #endif #if LIBSSH2_HMAC_SHA512 &mac_method_hmac_sha2_512, + &mac_method_hmac_sha2_512_etm, #endif &mac_method_hmac_sha1, + &mac_method_hmac_sha1_etm, &mac_method_hmac_sha1_96, #if LIBSSH2_MD5 &mac_method_hmac_md5, @@ -401,9 +454,9 @@ static const LIBSSH2_MAC_METHOD *mac_methods[] = { &mac_method_hmac_ripemd160, &mac_method_hmac_ripemd160_openssh_com, #endif /* LIBSSH2_HMAC_RIPEMD */ -#ifdef LIBSSH2_MAC_NONE +#if defined(LIBSSH2DEBUG) && defined(LIBSSH2_MAC_NONE_INSECURE) &mac_method_none, -#endif /* LIBSSH2_MAC_NONE */ +#endif NULL }; @@ -412,3 +465,33 @@ _libssh2_mac_methods(void) { return mac_methods; } + +#if LIBSSH2_AES_GCM +/* Stub for aes256-gcm@openssh.com crypto type, which has an integrated + HMAC method. This must not be added to mac_methods[] since it cannot be + negotiated separately. */ +static const LIBSSH2_MAC_METHOD mac_method_hmac_aesgcm = { + "INTEGRATED-AES-GCM", /* made up name for display only */ + 16, + 16, + NULL, + NULL, + NULL, + 0 +}; +#endif /* LIBSSH2_AES_GCM */ + +/* See if the negotiated crypto method has its own authentication scheme that + * obviates the need for a separate negotiated hmac method */ +const LIBSSH2_MAC_METHOD * +_libssh2_mac_override(const LIBSSH2_CRYPT_METHOD *crypt) +{ +#if LIBSSH2_AES_GCM + if(!strcmp(crypt->name, "aes256-gcm@openssh.com") || + !strcmp(crypt->name, "aes128-gcm@openssh.com")) + return &mac_method_hmac_aesgcm; +#else + (void) crypt; +#endif /* LIBSSH2_AES_GCM */ + return NULL; +} diff --git a/libssh2/src/mac.h b/libssh2/src/mac.h index 46fce5424..82379b91c 100644 --- a/libssh2/src/mac.h +++ b/libssh2/src/mac.h @@ -54,13 +54,17 @@ struct _LIBSSH2_MAC_METHOD void **abstract); int (*hash) (LIBSSH2_SESSION * session, unsigned char *buf, uint32_t seqno, const unsigned char *packet, - uint32_t packet_len, const unsigned char *addtl, - uint32_t addtl_len, void **abstract); + size_t packet_len, const unsigned char *addtl, + size_t addtl_len, void **abstract); int (*dtor) (LIBSSH2_SESSION * session, void **abstract); + + int etm; /* encrypt-then-mac */ }; typedef struct _LIBSSH2_MAC_METHOD LIBSSH2_MAC_METHOD; const LIBSSH2_MAC_METHOD **_libssh2_mac_methods(void); +const LIBSSH2_MAC_METHOD *_libssh2_mac_override( + const LIBSSH2_CRYPT_METHOD *crypt); #endif /* __LIBSSH2_MAC_H */ diff --git a/libssh2/src/mbedtls.c b/libssh2/src/mbedtls.c index 4629ce4a9..e387cdb19 100644 --- a/libssh2/src/mbedtls.c +++ b/libssh2/src/mbedtls.c @@ -35,9 +35,17 @@ * OF SUCH DAMAGE. */ -#include "libssh2_priv.h" +#ifdef LIBSSH2_CRYPTO_C /* Compile this via crypto.c */ -#ifdef LIBSSH2_MBEDTLS /* compile only if we build with mbedtls */ +#include + +#if MBEDTLS_VERSION_NUMBER < 0x03000000 +#define mbedtls_cipher_info_get_key_bitlen(c) (c->key_bitlen) +#define mbedtls_cipher_info_get_iv_size(c) (c->iv_size) +#define mbedtls_rsa_get_len(rsa) (rsa->len) + +#define MBEDTLS_PRIVATE(m) m +#endif /*******************************************************************/ /* @@ -63,7 +71,7 @@ _libssh2_mbedtls_init(void) ret = mbedtls_ctr_drbg_seed(&_libssh2_mbedtls_ctr_drbg, mbedtls_entropy_func, &_libssh2_mbedtls_entropy, NULL, 0); - if(ret != 0) + if(ret) mbedtls_ctr_drbg_free(&_libssh2_mbedtls_ctr_drbg); } @@ -75,7 +83,7 @@ _libssh2_mbedtls_free(void) } int -_libssh2_mbedtls_random(unsigned char *buf, int len) +_libssh2_mbedtls_random(unsigned char *buf, size_t len) { int ret; ret = mbedtls_ctr_drbg_random(&_libssh2_mbedtls_ctr_drbg, buf, len); @@ -83,19 +91,13 @@ _libssh2_mbedtls_random(unsigned char *buf, int len) } static void -_libssh2_mbedtls_safe_free(void *buf, int len) +_libssh2_mbedtls_safe_free(void *buf, size_t len) { -#ifndef LIBSSH2_CLEAR_MEMORY - (void)len; -#endif - if(!buf) return; -#ifdef LIBSSH2_CLEAR_MEMORY if(len > 0) _libssh2_explicit_zero(buf, len); -#endif mbedtls_free(buf); } @@ -122,10 +124,14 @@ _libssh2_mbedtls_cipher_init(_libssh2_cipher_ctx *ctx, mbedtls_cipher_init(ctx); ret = mbedtls_cipher_setup(ctx, cipher_info); if(!ret) - ret = mbedtls_cipher_setkey(ctx, secret, cipher_info->key_bitlen, op); + ret = mbedtls_cipher_setkey(ctx, + secret, + (int)mbedtls_cipher_info_get_key_bitlen(cipher_info), + op); if(!ret) - ret = mbedtls_cipher_set_iv(ctx, iv, cipher_info->iv_size); + ret = mbedtls_cipher_set_iv(ctx, iv, + mbedtls_cipher_info_get_iv_size(cipher_info)); return ret == 0 ? 0 : -1; } @@ -135,14 +141,15 @@ _libssh2_mbedtls_cipher_crypt(_libssh2_cipher_ctx *ctx, _libssh2_cipher_type(algo), int encrypt, unsigned char *block, - size_t blocklen) + size_t blocklen, int firstlast) { int ret; unsigned char *output; size_t osize, olen, finish_olen; - (void) encrypt; - (void) algo; + (void)encrypt; + (void)algo; + (void)firstlast; osize = blocklen + mbedtls_cipher_get_block_size(ctx); @@ -178,8 +185,8 @@ _libssh2_mbedtls_cipher_dtor(_libssh2_cipher_ctx *ctx) int _libssh2_mbedtls_hash_init(mbedtls_md_context_t *ctx, - mbedtls_md_type_t mdtype, - const unsigned char *key, unsigned long keylen) + mbedtls_md_type_t mdtype, + const unsigned char *key, unsigned long keylen) { const mbedtls_md_info_t *md_info; int ret, hmac; @@ -188,7 +195,7 @@ _libssh2_mbedtls_hash_init(mbedtls_md_context_t *ctx, if(!md_info) return 0; - hmac = key == NULL ? 0 : 1; + hmac = key ? 1 : 0; mbedtls_md_init(ctx); ret = mbedtls_md_setup(ctx, md_info, hmac); @@ -261,7 +268,7 @@ _libssh2_mbedtls_bignum_random(_libssh2_bn *bn, int bits, int top, int bottom) { size_t len; int err; - int i; + size_t i; if(!bn || bits <= 0) return -1; @@ -272,8 +279,8 @@ _libssh2_mbedtls_bignum_random(_libssh2_bn *bn, int bits, int top, int bottom) if(err) return -1; - /* Zero unused bits above the most significant bit*/ - for(i = len*8 - 1; bits <= i; --i) { + /* Zero unused bits above the most significant bit */ + for(i = len*8 - 1; (size_t)bits <= i; --i) { err = mbedtls_mpi_set_bit(bn, i, 0); if(err) return -1; @@ -285,10 +292,12 @@ _libssh2_mbedtls_bignum_random(_libssh2_bn *bn, int bits, int top, int bottom) will be set to 1, so that the product of two such random numbers will always have 2*bits length. */ - for(i = 0; i <= top; ++i) { - err = mbedtls_mpi_set_bit(bn, bits-i-1, 1); - if(err) - return -1; + if(top >= 0) { + for(i = 0; i <= (size_t)top; ++i) { + err = mbedtls_mpi_set_bit(bn, bits-i-1, 1); + if(err) + return -1; + } } /* make odd by setting first bit in least significant byte */ @@ -309,52 +318,64 @@ _libssh2_mbedtls_bignum_random(_libssh2_bn *bn, int bits, int top, int bottom) int _libssh2_mbedtls_rsa_new(libssh2_rsa_ctx **rsa, - const unsigned char *edata, - unsigned long elen, - const unsigned char *ndata, - unsigned long nlen, - const unsigned char *ddata, - unsigned long dlen, - const unsigned char *pdata, - unsigned long plen, - const unsigned char *qdata, - unsigned long qlen, - const unsigned char *e1data, - unsigned long e1len, - const unsigned char *e2data, - unsigned long e2len, - const unsigned char *coeffdata, - unsigned long coefflen) + const unsigned char *edata, + unsigned long elen, + const unsigned char *ndata, + unsigned long nlen, + const unsigned char *ddata, + unsigned long dlen, + const unsigned char *pdata, + unsigned long plen, + const unsigned char *qdata, + unsigned long qlen, + const unsigned char *e1data, + unsigned long e1len, + const unsigned char *e2data, + unsigned long e2len, + const unsigned char *coeffdata, + unsigned long coefflen) { int ret; libssh2_rsa_ctx *ctx; ctx = (libssh2_rsa_ctx *) mbedtls_calloc(1, sizeof(libssh2_rsa_ctx)); - if(ctx != NULL) { + if(ctx) { +#if MBEDTLS_VERSION_NUMBER >= 0x03000000 + mbedtls_rsa_init(ctx); +#else mbedtls_rsa_init(ctx, MBEDTLS_RSA_PKCS_V15, 0); +#endif } else return -1; /* !checksrc! disable ASSIGNWITHINCONDITION 1 */ - if((ret = mbedtls_mpi_read_binary(&(ctx->E), edata, elen) ) != 0 || - (ret = mbedtls_mpi_read_binary(&(ctx->N), ndata, nlen) ) != 0) { + if((ret = mbedtls_mpi_read_binary(&(ctx->MBEDTLS_PRIVATE(E)), + edata, elen)) || + (ret = mbedtls_mpi_read_binary(&(ctx->MBEDTLS_PRIVATE(N)), + ndata, nlen))) { ret = -1; } if(!ret) { - ctx->len = mbedtls_mpi_size(&(ctx->N)); + ctx->MBEDTLS_PRIVATE(len) = + mbedtls_mpi_size(&(ctx->MBEDTLS_PRIVATE(N))); } if(!ret && ddata) { /* !checksrc! disable ASSIGNWITHINCONDITION 1 */ - if((ret = mbedtls_mpi_read_binary(&(ctx->D), ddata, dlen) ) != 0 || - (ret = mbedtls_mpi_read_binary(&(ctx->P), pdata, plen) ) != 0 || - (ret = mbedtls_mpi_read_binary(&(ctx->Q), qdata, qlen) ) != 0 || - (ret = mbedtls_mpi_read_binary(&(ctx->DP), e1data, e1len) ) != 0 || - (ret = mbedtls_mpi_read_binary(&(ctx->DQ), e2data, e2len) ) != 0 || - (ret = mbedtls_mpi_read_binary(&(ctx->QP), coeffdata, coefflen) ) - != 0) { + if((ret = mbedtls_mpi_read_binary(&(ctx->MBEDTLS_PRIVATE(D)), + ddata, dlen)) || + (ret = mbedtls_mpi_read_binary(&(ctx->MBEDTLS_PRIVATE(P)), + pdata, plen)) || + (ret = mbedtls_mpi_read_binary(&(ctx->MBEDTLS_PRIVATE(Q)), + qdata, qlen)) || + (ret = mbedtls_mpi_read_binary(&(ctx->MBEDTLS_PRIVATE(DP)), + e1data, e1len)) || + (ret = mbedtls_mpi_read_binary(&(ctx->MBEDTLS_PRIVATE(DQ)), + e2data, e2len)) || + (ret = mbedtls_mpi_read_binary(&(ctx->MBEDTLS_PRIVATE(QP)), + coeffdata, coefflen))) { ret = -1; } ret = mbedtls_rsa_check_privkey(ctx); @@ -373,23 +394,33 @@ _libssh2_mbedtls_rsa_new(libssh2_rsa_ctx **rsa, int _libssh2_mbedtls_rsa_new_private(libssh2_rsa_ctx **rsa, - LIBSSH2_SESSION *session, - const char *filename, - const unsigned char *passphrase) + LIBSSH2_SESSION *session, + const char *filename, + const unsigned char *passphrase) { int ret; mbedtls_pk_context pkey; mbedtls_rsa_context *pk_rsa; *rsa = (libssh2_rsa_ctx *) LIBSSH2_ALLOC(session, sizeof(libssh2_rsa_ctx)); - if(*rsa == NULL) + if(!*rsa) return -1; +#if MBEDTLS_VERSION_NUMBER >= 0x03000000 + mbedtls_rsa_init(*rsa); +#else mbedtls_rsa_init(*rsa, MBEDTLS_RSA_PKCS_V15, 0); +#endif mbedtls_pk_init(&pkey); +#if MBEDTLS_VERSION_NUMBER >= 0x03000000 + ret = mbedtls_pk_parse_keyfile(&pkey, filename, (char *)passphrase, + mbedtls_ctr_drbg_random, + &_libssh2_mbedtls_ctr_drbg); +#else ret = mbedtls_pk_parse_keyfile(&pkey, filename, (char *)passphrase); - if(ret != 0 || mbedtls_pk_get_type(&pkey) != MBEDTLS_PK_RSA) { +#endif + if(ret || mbedtls_pk_get_type(&pkey) != MBEDTLS_PK_RSA) { mbedtls_pk_free(&pkey); mbedtls_rsa_free(*rsa); LIBSSH2_FREE(session, *rsa); @@ -406,10 +437,10 @@ _libssh2_mbedtls_rsa_new_private(libssh2_rsa_ctx **rsa, int _libssh2_mbedtls_rsa_new_private_frommemory(libssh2_rsa_ctx **rsa, - LIBSSH2_SESSION *session, - const char *filedata, - size_t filedata_len, - unsigned const char *passphrase) + LIBSSH2_SESSION *session, + const char *filedata, + size_t filedata_len, + unsigned const char *passphrase) { int ret; mbedtls_pk_context pkey; @@ -418,7 +449,7 @@ _libssh2_mbedtls_rsa_new_private_frommemory(libssh2_rsa_ctx **rsa, size_t pwd_len; *rsa = (libssh2_rsa_ctx *) mbedtls_calloc(1, sizeof(libssh2_rsa_ctx)); - if(*rsa == NULL) + if(!*rsa) return -1; /* @@ -426,20 +457,28 @@ _libssh2_mbedtls_rsa_new_private_frommemory(libssh2_rsa_ctx **rsa, private-key from memory will fail if the last byte is not a null byte */ filedata_nullterm = mbedtls_calloc(filedata_len + 1, 1); - if(filedata_nullterm == NULL) { + if(!filedata_nullterm) { return -1; } memcpy(filedata_nullterm, filedata, filedata_len); mbedtls_pk_init(&pkey); - pwd_len = passphrase != NULL ? strlen((const char *)passphrase) : 0; + pwd_len = passphrase ? strlen((const char *)passphrase) : 0; +#if MBEDTLS_VERSION_NUMBER >= 0x03000000 + ret = mbedtls_pk_parse_key(&pkey, (unsigned char *)filedata_nullterm, + filedata_len + 1, + passphrase, pwd_len, + mbedtls_ctr_drbg_random, + &_libssh2_mbedtls_ctr_drbg); +#else ret = mbedtls_pk_parse_key(&pkey, (unsigned char *)filedata_nullterm, filedata_len + 1, passphrase, pwd_len); +#endif _libssh2_mbedtls_safe_free(filedata_nullterm, filedata_len); - if(ret != 0 || mbedtls_pk_get_type(&pkey) != MBEDTLS_PK_RSA) { + if(ret || mbedtls_pk_get_type(&pkey) != MBEDTLS_PK_RSA) { mbedtls_pk_free(&pkey); mbedtls_rsa_free(*rsa); LIBSSH2_FREE(session, *rsa); @@ -455,49 +494,113 @@ _libssh2_mbedtls_rsa_new_private_frommemory(libssh2_rsa_ctx **rsa, } int -_libssh2_mbedtls_rsa_sha1_verify(libssh2_rsa_ctx *rsa, - const unsigned char *sig, - unsigned long sig_len, - const unsigned char *m, - unsigned long m_len) +_libssh2_mbedtls_rsa_sha2_verify(libssh2_rsa_ctx * rsactx, + size_t hash_len, + const unsigned char *sig, + unsigned long sig_len, + const unsigned char *m, unsigned long m_len) { - unsigned char hash[SHA_DIGEST_LENGTH]; int ret; + int md_type; + unsigned char *hash; - ret = _libssh2_mbedtls_hash(m, m_len, MBEDTLS_MD_SHA1, hash); - if(ret) + if(sig_len < mbedtls_rsa_get_len(rsactx)) + return -1; + + hash = malloc(hash_len); + if(!hash) + return -1; + + if(hash_len == SHA_DIGEST_LENGTH) { + md_type = MBEDTLS_MD_SHA1; + } + else if(hash_len == SHA256_DIGEST_LENGTH) { + md_type = MBEDTLS_MD_SHA256; + } + else if(hash_len == SHA512_DIGEST_LENGTH) { + md_type = MBEDTLS_MD_SHA512; + } + else{ + free(hash); + return -1; /* unsupported digest */ + } + ret = _libssh2_mbedtls_hash(m, m_len, md_type, hash); + + if(ret) { + free(hash); return -1; /* failure */ + } - ret = mbedtls_rsa_pkcs1_verify(rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC, - MBEDTLS_MD_SHA1, SHA_DIGEST_LENGTH, +#if MBEDTLS_VERSION_NUMBER >= 0x03000000 + ret = mbedtls_rsa_pkcs1_verify(rsactx, + md_type, (unsigned int)hash_len, hash, sig); +#else + ret = mbedtls_rsa_pkcs1_verify(rsactx, NULL, NULL, MBEDTLS_RSA_PUBLIC, + md_type, (unsigned int)hash_len, + hash, sig); +#endif + free(hash); return (ret == 0) ? 0 : -1; } int -_libssh2_mbedtls_rsa_sha1_sign(LIBSSH2_SESSION *session, - libssh2_rsa_ctx *rsa, - const unsigned char *hash, - size_t hash_len, - unsigned char **signature, - size_t *signature_len) +_libssh2_mbedtls_rsa_sha1_verify(libssh2_rsa_ctx * rsactx, + const unsigned char *sig, + unsigned long sig_len, + const unsigned char *m, unsigned long m_len) +{ + return _libssh2_mbedtls_rsa_sha2_verify(rsactx, SHA_DIGEST_LENGTH, + sig, sig_len, m, m_len); +} + +int +_libssh2_mbedtls_rsa_sha2_sign(LIBSSH2_SESSION *session, + libssh2_rsa_ctx *rsa, + const unsigned char *hash, + size_t hash_len, + unsigned char **signature, + size_t *signature_len) { int ret; unsigned char *sig; - unsigned int sig_len; + size_t sig_len; + int md_type; - (void)hash_len; - - sig_len = rsa->len; + sig_len = mbedtls_rsa_get_len(rsa); sig = LIBSSH2_ALLOC(session, sig_len); if(!sig) { return -1; } - - ret = mbedtls_rsa_pkcs1_sign(rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, - MBEDTLS_MD_SHA1, SHA_DIGEST_LENGTH, - hash, sig); + ret = 0; + if(hash_len == SHA_DIGEST_LENGTH) { + md_type = MBEDTLS_MD_SHA1; + } + else if(hash_len == SHA256_DIGEST_LENGTH) { + md_type = MBEDTLS_MD_SHA256; + } + else if(hash_len == SHA512_DIGEST_LENGTH) { + md_type = MBEDTLS_MD_SHA512; + } + else { + _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "Unsupported hash digest length"); + ret = -1; + } + if(ret == 0) { +#if MBEDTLS_VERSION_NUMBER >= 0x03000000 + ret = mbedtls_rsa_pkcs1_sign(rsa, + mbedtls_ctr_drbg_random, + &_libssh2_mbedtls_ctr_drbg, + md_type, (unsigned int)hash_len, + hash, sig); +#else + ret = mbedtls_rsa_pkcs1_sign(rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, + md_type, (unsigned int)hash_len, + hash, sig); +#endif + } if(ret) { LIBSSH2_FREE(session, sig); return -1; @@ -509,6 +612,18 @@ _libssh2_mbedtls_rsa_sha1_sign(LIBSSH2_SESSION *session, return (ret == 0) ? 0 : -1; } +int +_libssh2_mbedtls_rsa_sha1_sign(LIBSSH2_SESSION * session, + libssh2_rsa_ctx * rsactx, + const unsigned char *hash, + size_t hash_len, + unsigned char **signature, + size_t *signature_len) +{ + return _libssh2_mbedtls_rsa_sha2_sign(session, rsactx, hash, hash_len, + signature, signature_len); +} + void _libssh2_mbedtls_rsa_free(libssh2_rsa_ctx *ctx) { @@ -518,16 +633,16 @@ _libssh2_mbedtls_rsa_free(libssh2_rsa_ctx *ctx) static unsigned char * gen_publickey_from_rsa(LIBSSH2_SESSION *session, - mbedtls_rsa_context *rsa, - size_t *keylen) + mbedtls_rsa_context *rsa, + size_t *keylen) { - int e_bytes, n_bytes; - unsigned long len; + uint32_t e_bytes, n_bytes; + uint32_t len; unsigned char *key; unsigned char *p; - e_bytes = mbedtls_mpi_size(&rsa->E); - n_bytes = mbedtls_mpi_size(&rsa->N); + e_bytes = (uint32_t)mbedtls_mpi_size(&rsa->MBEDTLS_PRIVATE(E)); + n_bytes = (uint32_t)mbedtls_mpi_size(&rsa->MBEDTLS_PRIVATE(N)); /* Key form is "ssh-rsa" + e + n. */ len = 4 + 7 + 4 + e_bytes + 4 + n_bytes; @@ -547,11 +662,11 @@ gen_publickey_from_rsa(LIBSSH2_SESSION *session, _libssh2_htonu32(p, e_bytes); p += 4; - mbedtls_mpi_write_binary(&rsa->E, p, e_bytes); + mbedtls_mpi_write_binary(&rsa->MBEDTLS_PRIVATE(E), p, e_bytes); _libssh2_htonu32(p, n_bytes); p += 4; - mbedtls_mpi_write_binary(&rsa->N, p, n_bytes); + mbedtls_mpi_write_binary(&rsa->MBEDTLS_PRIVATE(N), p, n_bytes); *keylen = (size_t)(p - key); return key; @@ -559,11 +674,11 @@ gen_publickey_from_rsa(LIBSSH2_SESSION *session, static int _libssh2_mbedtls_pub_priv_key(LIBSSH2_SESSION *session, - unsigned char **method, - size_t *method_len, - unsigned char **pubkeydata, - size_t *pubkeydata_len, - mbedtls_pk_context *pkey) + unsigned char **method, + size_t *method_len, + unsigned char **pubkeydata, + size_t *pubkeydata_len, + mbedtls_pk_context *pkey) { unsigned char *key = NULL, *mth = NULL; size_t keylen = 0, mthlen = 0; @@ -588,7 +703,7 @@ _libssh2_mbedtls_pub_priv_key(LIBSSH2_SESSION *session, rsa = mbedtls_pk_rsa(*pkey); key = gen_publickey_from_rsa(session, rsa, &keylen); - if(key == NULL) { + if(!key) { ret = -1; } @@ -611,27 +726,33 @@ _libssh2_mbedtls_pub_priv_key(LIBSSH2_SESSION *session, int _libssh2_mbedtls_pub_priv_keyfile(LIBSSH2_SESSION *session, - unsigned char **method, - size_t *method_len, - unsigned char **pubkeydata, - size_t *pubkeydata_len, - const char *privatekey, - const char *passphrase) + unsigned char **method, + size_t *method_len, + unsigned char **pubkeydata, + size_t *pubkeydata_len, + const char *privatekey, + const char *passphrase) { mbedtls_pk_context pkey; char buf[1024]; int ret; mbedtls_pk_init(&pkey); +#if MBEDTLS_VERSION_NUMBER >= 0x03000000 + ret = mbedtls_pk_parse_keyfile(&pkey, privatekey, passphrase, + mbedtls_ctr_drbg_random, + &_libssh2_mbedtls_ctr_drbg); +#else ret = mbedtls_pk_parse_keyfile(&pkey, privatekey, passphrase); - if(ret != 0) { +#endif + if(ret) { mbedtls_strerror(ret, (char *)buf, sizeof(buf)); mbedtls_pk_free(&pkey); return _libssh2_error(session, LIBSSH2_ERROR_FILE, buf); } ret = _libssh2_mbedtls_pub_priv_key(session, method, method_len, - pubkeydata, pubkeydata_len, &pkey); + pubkeydata, pubkeydata_len, &pkey); mbedtls_pk_free(&pkey); @@ -640,13 +761,13 @@ _libssh2_mbedtls_pub_priv_keyfile(LIBSSH2_SESSION *session, int _libssh2_mbedtls_pub_priv_keyfilememory(LIBSSH2_SESSION *session, - unsigned char **method, - size_t *method_len, - unsigned char **pubkeydata, - size_t *pubkeydata_len, - const char *privatekeydata, - size_t privatekeydata_len, - const char *passphrase) + unsigned char **method, + size_t *method_len, + unsigned char **pubkeydata, + size_t *pubkeydata_len, + const char *privatekeydata, + size_t privatekeydata_len, + const char *passphrase) { mbedtls_pk_context pkey; char buf[1024]; @@ -659,34 +780,76 @@ _libssh2_mbedtls_pub_priv_keyfilememory(LIBSSH2_SESSION *session, private-key from memory will fail if the last byte is not a null byte */ privatekeydata_nullterm = mbedtls_calloc(privatekeydata_len + 1, 1); - if(privatekeydata_nullterm == NULL) { + if(!privatekeydata_nullterm) { return -1; } memcpy(privatekeydata_nullterm, privatekeydata, privatekeydata_len); mbedtls_pk_init(&pkey); - pwd_len = passphrase != NULL ? strlen((const char *)passphrase) : 0; + pwd_len = passphrase ? strlen((const char *)passphrase) : 0; +#if MBEDTLS_VERSION_NUMBER >= 0x03000000 + ret = mbedtls_pk_parse_key(&pkey, + (unsigned char *)privatekeydata_nullterm, + privatekeydata_len + 1, + (const unsigned char *)passphrase, pwd_len, + mbedtls_ctr_drbg_random, + &_libssh2_mbedtls_ctr_drbg); +#else ret = mbedtls_pk_parse_key(&pkey, (unsigned char *)privatekeydata_nullterm, privatekeydata_len + 1, (const unsigned char *)passphrase, pwd_len); +#endif _libssh2_mbedtls_safe_free(privatekeydata_nullterm, privatekeydata_len); - if(ret != 0) { + if(ret) { mbedtls_strerror(ret, (char *)buf, sizeof(buf)); mbedtls_pk_free(&pkey); return _libssh2_error(session, LIBSSH2_ERROR_FILE, buf); } ret = _libssh2_mbedtls_pub_priv_key(session, method, method_len, - pubkeydata, pubkeydata_len, &pkey); + pubkeydata, pubkeydata_len, &pkey); mbedtls_pk_free(&pkey); return ret; } +int +_libssh2_mbedtls_sk_pub_keyfilememory(LIBSSH2_SESSION *session, + unsigned char **method, + size_t *method_len, + unsigned char **pubkeydata, + size_t *pubkeydata_len, + int *algorithm, + unsigned char *flags, + const char **application, + const unsigned char **key_handle, + size_t *handle_len, + const char *privatekeydata, + size_t privatekeydata_len, + const char *passphrase) +{ + (void)method; + (void)method_len; + (void)pubkeydata; + (void)pubkeydata_len; + (void)algorithm; + (void)flags; + (void)application; + (void)key_handle; + (void)handle_len; + (void)privatekeydata; + (void)privatekeydata_len; + (void)passphrase; + + return _libssh2_error(session, LIBSSH2_ERROR_FILE, + "Unable to extract public SK key from private key file: " + "Method unimplemented in mbedTLS backend"); +} + void _libssh2_init_aes_ctr(void) { /* no implementation */ @@ -756,23 +919,24 @@ _libssh2_mbedtls_ecdsa_create_key(LIBSSH2_SESSION *session, *privkey = LIBSSH2_ALLOC(session, sizeof(mbedtls_ecp_keypair)); - if(*privkey == NULL) + if(!*privkey) goto failed; mbedtls_ecdsa_init(*privkey); if(mbedtls_ecdsa_genkey(*privkey, (mbedtls_ecp_group_id)curve, mbedtls_ctr_drbg_random, - &_libssh2_mbedtls_ctr_drbg) != 0) + &_libssh2_mbedtls_ctr_drbg)) goto failed; - plen = 2 * mbedtls_mpi_size(&(*privkey)->grp.P) + 1; + plen = 2 * mbedtls_mpi_size(&(*privkey)->MBEDTLS_PRIVATE(grp).P) + 1; *pubkey_oct = LIBSSH2_ALLOC(session, plen); - if(*pubkey_oct == NULL) + if(!*pubkey_oct) goto failed; - if(mbedtls_ecp_point_write_binary(&(*privkey)->grp, &(*privkey)->Q, + if(mbedtls_ecp_point_write_binary(&(*privkey)->MBEDTLS_PRIVATE(grp), + &(*privkey)->MBEDTLS_PRIVATE(Q), MBEDTLS_ECP_PF_UNCOMPRESSED, pubkey_oct_len, *pubkey_oct, plen) == 0) return 0; @@ -800,18 +964,22 @@ _libssh2_mbedtls_ecdsa_curve_name_with_octal_new(libssh2_ecdsa_ctx **ctx, { *ctx = mbedtls_calloc(1, sizeof(mbedtls_ecp_keypair)); - if(*ctx == NULL) + if(!*ctx) goto failed; mbedtls_ecdsa_init(*ctx); - if(mbedtls_ecp_group_load(&(*ctx)->grp, (mbedtls_ecp_group_id)curve) != 0) + if(mbedtls_ecp_group_load(&(*ctx)->MBEDTLS_PRIVATE(grp), + (mbedtls_ecp_group_id)curve)) goto failed; - if(mbedtls_ecp_point_read_binary(&(*ctx)->grp, &(*ctx)->Q, k, k_len) != 0) + if(mbedtls_ecp_point_read_binary(&(*ctx)->MBEDTLS_PRIVATE(grp), + &(*ctx)->MBEDTLS_PRIVATE(Q), + k, k_len)) goto failed; - if(mbedtls_ecp_check_pubkey(&(*ctx)->grp, &(*ctx)->Q) == 0) + if(mbedtls_ecp_check_pubkey(&(*ctx)->MBEDTLS_PRIVATE(grp), + &(*ctx)->MBEDTLS_PRIVATE(Q)) == 0) return 0; failed: @@ -837,26 +1005,28 @@ _libssh2_mbedtls_ecdh_gen_k(_libssh2_bn **k, mbedtls_ecp_point pubkey; int rc = 0; - if(*k == NULL) + if(!*k) return -1; mbedtls_ecp_point_init(&pubkey); - if(mbedtls_ecp_point_read_binary(&privkey->grp, &pubkey, - server_pubkey, server_pubkey_len) != 0) { + if(mbedtls_ecp_point_read_binary(&privkey->MBEDTLS_PRIVATE(grp), + &pubkey, + server_pubkey, server_pubkey_len)) { rc = -1; goto cleanup; } - if(mbedtls_ecdh_compute_shared(&privkey->grp, *k, - &pubkey, &privkey->d, + if(mbedtls_ecdh_compute_shared(&privkey->MBEDTLS_PRIVATE(grp), *k, + &pubkey, + &privkey->MBEDTLS_PRIVATE(d), mbedtls_ctr_drbg_random, - &_libssh2_mbedtls_ctr_drbg) != 0) { + &_libssh2_mbedtls_ctr_drbg)) { rc = -1; goto cleanup; } - if(mbedtls_ecp_check_privkey(&privkey->grp, *k) != 0) + if(mbedtls_ecp_check_privkey(&privkey->MBEDTLS_PRIVATE(grp), *k)) rc = -1; cleanup: @@ -866,17 +1036,16 @@ cleanup: return rc; } -#define LIBSSH2_MBEDTLS_ECDSA_VERIFY(digest_type) \ -{ \ - unsigned char hsh[SHA##digest_type##_DIGEST_LENGTH]; \ - \ - if(libssh2_sha##digest_type(m, m_len, hsh) == 0) { \ - rc = mbedtls_ecdsa_verify(&ctx->grp, hsh, \ - SHA##digest_type##_DIGEST_LENGTH, \ - &ctx->Q, &pr, &ps); \ - } \ - \ -} +#define LIBSSH2_MBEDTLS_ECDSA_VERIFY(digest_type) \ + do { \ + unsigned char hsh[SHA##digest_type##_DIGEST_LENGTH]; \ + \ + if(libssh2_sha##digest_type(m, m_len, hsh) == 0) { \ + rc = mbedtls_ecdsa_verify(&ctx->MBEDTLS_PRIVATE(grp), hsh, \ + SHA##digest_type##_DIGEST_LENGTH, \ + &ctx->MBEDTLS_PRIVATE(Q), &pr, &ps); \ + } \ + } while(0) /* _libssh2_ecdsa_sign * @@ -896,10 +1065,10 @@ _libssh2_mbedtls_ecdsa_verify(libssh2_ecdsa_ctx *ctx, mbedtls_mpi_init(&pr); mbedtls_mpi_init(&ps); - if(mbedtls_mpi_read_binary(&pr, r, r_len) != 0) + if(mbedtls_mpi_read_binary(&pr, r, r_len)) goto cleanup; - if(mbedtls_mpi_read_binary(&ps, s, s_len) != 0) + if(mbedtls_mpi_read_binary(&ps, s, s_len)) goto cleanup; switch(_libssh2_ecdsa_get_curve_type(ctx)) { @@ -936,15 +1105,23 @@ _libssh2_mbedtls_parse_eckey(libssh2_ecdsa_ctx **ctx, pwd_len = pwd ? strlen((const char *) pwd) : 0; - if(mbedtls_pk_parse_key(pkey, data, data_len, pwd, pwd_len) != 0) +#if MBEDTLS_VERSION_NUMBER >= 0x03000000 + if(mbedtls_pk_parse_key(pkey, data, data_len, pwd, pwd_len, + mbedtls_ctr_drbg_random, + &_libssh2_mbedtls_ctr_drbg)) + goto failed; +#else + if(mbedtls_pk_parse_key(pkey, data, data_len, pwd, pwd_len)) + goto failed; +#endif if(mbedtls_pk_get_type(pkey) != MBEDTLS_PK_ECKEY) goto failed; *ctx = LIBSSH2_ALLOC(session, sizeof(libssh2_ecdsa_ctx)); - if(*ctx == NULL) + if(!*ctx) goto failed; mbedtls_ecdsa_init(*ctx); @@ -975,45 +1152,50 @@ _libssh2_mbedtls_parse_openssh_key(libssh2_ecdsa_ctx **ctx, if(_libssh2_openssh_pem_parse_memory(session, pwd, (const char *)data, data_len, - &decrypted) != 0) + &decrypted)) goto failed; - if(_libssh2_get_string(decrypted, &name, NULL) != 0) + if(_libssh2_get_string(decrypted, &name, NULL)) goto failed; if(_libssh2_mbedtls_ecdsa_curve_type_from_name((const char *)name, - &type) != 0) + &type)) goto failed; - if(_libssh2_get_string(decrypted, &curve, &curvelen) != 0) + if(_libssh2_get_string(decrypted, &curve, &curvelen)) goto failed; - if(_libssh2_get_string(decrypted, &point_buf, &pointlen) != 0) + if(_libssh2_get_string(decrypted, &point_buf, &pointlen)) goto failed; - if(_libssh2_get_bignum_bytes(decrypted, &exponent, &exponentlen) != 0) + if(_libssh2_get_bignum_bytes(decrypted, &exponent, &exponentlen)) goto failed; *ctx = LIBSSH2_ALLOC(session, sizeof(libssh2_ecdsa_ctx)); - if(*ctx == NULL) + if(!*ctx) goto failed; mbedtls_ecdsa_init(*ctx); - if(mbedtls_ecp_group_load(&(*ctx)->grp, (mbedtls_ecp_group_id)type) != 0) + if(mbedtls_ecp_group_load(&(*ctx)->MBEDTLS_PRIVATE(grp), + (mbedtls_ecp_group_id)type)) goto failed; - if(mbedtls_mpi_read_binary(&(*ctx)->d, exponent, exponentlen) != 0) + if(mbedtls_mpi_read_binary(&(*ctx)->MBEDTLS_PRIVATE(d), + exponent, exponentlen)) goto failed; - if(mbedtls_ecp_mul(&(*ctx)->grp, &(*ctx)->Q, - &(*ctx)->d, &(*ctx)->grp.G, + if(mbedtls_ecp_mul(&(*ctx)->MBEDTLS_PRIVATE(grp), + &(*ctx)->MBEDTLS_PRIVATE(Q), + &(*ctx)->MBEDTLS_PRIVATE(d), + &(*ctx)->MBEDTLS_PRIVATE(grp).G, mbedtls_ctr_drbg_random, - &_libssh2_mbedtls_ctr_drbg) != 0) + &_libssh2_mbedtls_ctr_drbg)) goto failed; - if(mbedtls_ecp_check_privkey(&(*ctx)->grp, &(*ctx)->d) == 0) + if(mbedtls_ecp_check_privkey(&(*ctx)->MBEDTLS_PRIVATE(grp), + &(*ctx)->MBEDTLS_PRIVATE(d)) == 0) goto cleanup; failed: @@ -1027,7 +1209,7 @@ cleanup: _libssh2_string_buf_free(session, decrypted); } - return (*ctx == NULL) ? -1 : 0; + return *ctx ? 0 : -1; } /* _libssh2_ecdsa_new_private @@ -1046,7 +1228,7 @@ _libssh2_mbedtls_ecdsa_new_private(libssh2_ecdsa_ctx **ctx, unsigned char *data; size_t data_len; - if(mbedtls_pk_load_file(filename, &data, &data_len) != 0) + if(mbedtls_pk_load_file(filename, &data, &data_len)) goto cleanup; mbedtls_pk_init(&pkey); @@ -1063,7 +1245,7 @@ cleanup: _libssh2_mbedtls_safe_free(data, data_len); - return (*ctx == NULL) ? -1 : 0; + return *ctx ? 0 : -1; } /* _libssh2_ecdsa_new_private @@ -1086,7 +1268,7 @@ _libssh2_mbedtls_ecdsa_new_private_frommemory(libssh2_ecdsa_ctx **ctx, ntdata = LIBSSH2_ALLOC(session, data_len + 1); - if(ntdata == NULL) + if(!ntdata) goto cleanup; memcpy(ntdata, data, data_len); @@ -1104,7 +1286,7 @@ cleanup: _libssh2_mbedtls_safe_free(ntdata, data_len); - return (*ctx == NULL) ? -1 : 0; + return *ctx ? 0 : -1; } static unsigned char * @@ -1113,6 +1295,7 @@ _libssh2_mbedtls_mpi_write_binary(unsigned char *buf, size_t bytes) { unsigned char *p = buf; + uint32_t size = (uint32_t)bytes; if(sizeof(&p) / sizeof(p[0]) < 4) { goto done; @@ -1121,19 +1304,19 @@ _libssh2_mbedtls_mpi_write_binary(unsigned char *buf, p += 4; *p = 0; - if(bytes > 0) { - mbedtls_mpi_write_binary(mpi, p + 1, bytes - 1); + if(size > 0) { + mbedtls_mpi_write_binary(mpi, p + 1, size - 1); } - if(bytes > 0 && !(*(p + 1) & 0x80)) { - memmove(p, p + 1, --bytes); + if(size > 0 && !(*(p + 1) & 0x80)) { + memmove(p, p + 1, --size); } - _libssh2_htonu32(p - 4, bytes); + _libssh2_htonu32(p - 4, size); done: - return p + bytes; + return p + size; } /* _libssh2_ecdsa_sign @@ -1157,10 +1340,11 @@ _libssh2_mbedtls_ecdsa_sign(LIBSSH2_SESSION *session, mbedtls_mpi_init(&pr); mbedtls_mpi_init(&ps); - if(mbedtls_ecdsa_sign(&ctx->grp, &pr, &ps, &ctx->d, + if(mbedtls_ecdsa_sign(&ctx->MBEDTLS_PRIVATE(grp), &pr, &ps, + &ctx->MBEDTLS_PRIVATE(d), hash, hash_len, mbedtls_ctr_drbg_random, - &_libssh2_mbedtls_ctr_drbg) != 0) + &_libssh2_mbedtls_ctr_drbg)) goto cleanup; r_len = mbedtls_mpi_size(&pr) + 1; @@ -1169,7 +1353,7 @@ _libssh2_mbedtls_ecdsa_sign(LIBSSH2_SESSION *session, tmp_sign = LIBSSH2_CALLOC(session, tmp_sign_len); - if(tmp_sign == NULL) + if(!tmp_sign) goto cleanup; sp = tmp_sign; @@ -1180,7 +1364,7 @@ _libssh2_mbedtls_ecdsa_sign(LIBSSH2_SESSION *session, *sign = LIBSSH2_CALLOC(session, *sign_len); - if(*sign == NULL) + if(!*sign) goto cleanup; memcpy(*sign, tmp_sign, *sign_len); @@ -1192,7 +1376,7 @@ cleanup: _libssh2_mbedtls_safe_free(tmp_sign, tmp_sign_len); - return (*sign == NULL) ? -1 : 0; + return *sign ? 0 : -1; } /* _libssh2_ecdsa_get_curve_type @@ -1204,7 +1388,7 @@ cleanup: libssh2_curve_type _libssh2_mbedtls_ecdsa_get_curve_type(libssh2_ecdsa_ctx *ctx) { - return (libssh2_curve_type) ctx->grp.id; + return (libssh2_curve_type) ctx->MBEDTLS_PRIVATE(grp).id; } /* _libssh2_ecdsa_curve_type_from_name @@ -1220,7 +1404,7 @@ _libssh2_mbedtls_ecdsa_curve_type_from_name(const char *name, int ret = 0; libssh2_curve_type type; - if(name == NULL || strlen(name) != 19) + if(!name || strlen(name) != 19) return -1; if(strcmp(name, "ecdsa-sha2-nistp256") == 0) @@ -1246,6 +1430,30 @@ _libssh2_mbedtls_ecdsa_free(libssh2_ecdsa_ctx *ctx) mbedtls_ecdsa_free(ctx); mbedtls_free(ctx); } - #endif /* LIBSSH2_ECDSA */ -#endif /* LIBSSH2_MBEDTLS */ + + +/* _libssh2_supported_key_sign_algorithms + * + * Return supported key hash algo upgrades, see crypto.h + * + */ + +const char * +_libssh2_supported_key_sign_algorithms(LIBSSH2_SESSION *session, + unsigned char *key_method, + size_t key_method_len) +{ + (void)session; + +#if LIBSSH2_RSA_SHA2 + if(key_method_len == 7 && + memcmp(key_method, "ssh-rsa", key_method_len) == 0) { + return "rsa-sha2-512,rsa-sha2-256,ssh-rsa"; + } +#endif + + return NULL; +} + +#endif /* LIBSSH2_CRYPTO_C */ diff --git a/libssh2/src/mbedtls.h b/libssh2/src/mbedtls.h index 671932c58..d9592f721 100644 --- a/libssh2/src/mbedtls.h +++ b/libssh2/src/mbedtls.h @@ -37,8 +37,7 @@ * OF SUCH DAMAGE. */ -#include -#include +#define LIBSSH2_CRYPTO_ENGINE libssh2_mbedtls #include #include @@ -63,14 +62,25 @@ #define LIBSSH2_HMAC_SHA256 1 #define LIBSSH2_HMAC_SHA512 1 -#define LIBSSH2_AES 1 +#define LIBSSH2_AES_CBC 1 #define LIBSSH2_AES_CTR 1 -#define LIBSSH2_BLOWFISH 1 -#define LIBSSH2_RC4 1 +#define LIBSSH2_AES_GCM 0 +#ifdef MBEDTLS_CIPHER_BLOWFISH_CBC +# define LIBSSH2_BLOWFISH 1 +#else +# define LIBSSH2_BLOWFISH 0 +#endif +#ifdef MBEDTLS_CIPHER_ARC4_128 +# define LIBSSH2_RC4 1 +#else +# define LIBSSH2_RC4 0 +#endif #define LIBSSH2_CAST 0 #define LIBSSH2_3DES 1 #define LIBSSH2_RSA 1 +#define LIBSSH2_RSA_SHA1 1 +#define LIBSSH2_RSA_SHA2 1 #define LIBSSH2_DSA 0 #ifdef MBEDTLS_ECDSA_C # define LIBSSH2_ECDSA 1 @@ -94,12 +104,12 @@ */ #define libssh2_crypto_init() \ - _libssh2_mbedtls_init() + _libssh2_mbedtls_init() #define libssh2_crypto_exit() \ - _libssh2_mbedtls_free() + _libssh2_mbedtls_free() #define _libssh2_random(buf, len) \ - _libssh2_mbedtls_random(buf, len) + _libssh2_mbedtls_random(buf, len) #define libssh2_prepare_iovec(vec, len) /* Empty. */ @@ -113,24 +123,24 @@ #define libssh2_hmac_ctx_init(ctx) #define libssh2_hmac_cleanup(pctx) \ - mbedtls_md_free(pctx) + mbedtls_md_free(pctx) #define libssh2_hmac_update(ctx, data, datalen) \ - mbedtls_md_hmac_update(&ctx, (unsigned char *) data, datalen) + mbedtls_md_hmac_update(&ctx, (const unsigned char *) data, datalen) #define libssh2_hmac_final(ctx, hash) \ - mbedtls_md_hmac_finish(&ctx, hash) + mbedtls_md_hmac_finish(&ctx, hash) #define libssh2_hmac_sha1_init(pctx, key, keylen) \ - _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA1, key, keylen) + _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA1, key, keylen) #define libssh2_hmac_md5_init(pctx, key, keylen) \ - _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_MD5, key, keylen) + _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_MD5, key, keylen) #define libssh2_hmac_ripemd160_init(pctx, key, keylen) \ - _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_RIPEMD160, key, keylen) + _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_RIPEMD160, key, keylen) #define libssh2_hmac_sha256_init(pctx, key, keylen) \ - _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA256, key, keylen) + _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA256, key, keylen) #define libssh2_hmac_sha384_init(pctx, key, keylen) \ - _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA384, key, keylen) + _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA384, key, keylen) #define libssh2_hmac_sha512_init(pctx, key, keylen) \ - _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA512, key, keylen) + _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA512, key, keylen) /*******************************************************************/ @@ -141,13 +151,14 @@ #define libssh2_sha1_ctx mbedtls_md_context_t #define libssh2_sha1_init(pctx) \ - _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA1, NULL, 0) + _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA1, NULL, 0) #define libssh2_sha1_update(ctx, data, datalen) \ - mbedtls_md_update(&ctx, (unsigned char *) data, datalen) + mbedtls_md_update(&ctx, (const unsigned char *) data, datalen) #define libssh2_sha1_final(ctx, hash) \ - _libssh2_mbedtls_hash_final(&ctx, hash) + _libssh2_mbedtls_hash_final(&ctx, hash) #define libssh2_sha1(data, datalen, hash) \ - _libssh2_mbedtls_hash(data, datalen, MBEDTLS_MD_SHA1, hash) + _libssh2_mbedtls_hash(data, datalen, MBEDTLS_MD_SHA1, hash) + /*******************************************************************/ /* @@ -157,13 +168,13 @@ #define libssh2_sha256_ctx mbedtls_md_context_t #define libssh2_sha256_init(pctx) \ - _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA256, NULL, 0) + _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA256, NULL, 0) #define libssh2_sha256_update(ctx, data, datalen) \ - mbedtls_md_update(&ctx, (unsigned char *) data, datalen) + mbedtls_md_update(&ctx, (const unsigned char *) data, datalen) #define libssh2_sha256_final(ctx, hash) \ - _libssh2_mbedtls_hash_final(&ctx, hash) + _libssh2_mbedtls_hash_final(&ctx, hash) #define libssh2_sha256(data, datalen, hash) \ - _libssh2_mbedtls_hash(data, datalen, MBEDTLS_MD_SHA256, hash) + _libssh2_mbedtls_hash(data, datalen, MBEDTLS_MD_SHA256, hash) /*******************************************************************/ @@ -174,13 +185,13 @@ #define libssh2_sha384_ctx mbedtls_md_context_t #define libssh2_sha384_init(pctx) \ - _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA384, NULL, 0) + _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA384, NULL, 0) #define libssh2_sha384_update(ctx, data, datalen) \ - mbedtls_md_update(&ctx, (unsigned char *) data, datalen) + mbedtls_md_update(&ctx, (const unsigned char *) data, datalen) #define libssh2_sha384_final(ctx, hash) \ - _libssh2_mbedtls_hash_final(&ctx, hash) + _libssh2_mbedtls_hash_final(&ctx, hash) #define libssh2_sha384(data, datalen, hash) \ - _libssh2_mbedtls_hash(data, datalen, MBEDTLS_MD_SHA384, hash) + _libssh2_mbedtls_hash(data, datalen, MBEDTLS_MD_SHA384, hash) /*******************************************************************/ @@ -191,13 +202,13 @@ #define libssh2_sha512_ctx mbedtls_md_context_t #define libssh2_sha512_init(pctx) \ - _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA512, NULL, 0) + _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA512, NULL, 0) #define libssh2_sha512_update(ctx, data, datalen) \ - mbedtls_md_update(&ctx, (unsigned char *) data, datalen) + mbedtls_md_update(&ctx, (const unsigned char *) data, datalen) #define libssh2_sha512_final(ctx, hash) \ - _libssh2_mbedtls_hash_final(&ctx, hash) + _libssh2_mbedtls_hash_final(&ctx, hash) #define libssh2_sha512(data, datalen, hash) \ - _libssh2_mbedtls_hash(data, datalen, MBEDTLS_MD_SHA512, hash) + _libssh2_mbedtls_hash(data, datalen, MBEDTLS_MD_SHA512, hash) /*******************************************************************/ @@ -208,13 +219,13 @@ #define libssh2_md5_ctx mbedtls_md_context_t #define libssh2_md5_init(pctx) \ - _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_MD5, NULL, 0) + _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_MD5, NULL, 0) #define libssh2_md5_update(ctx, data, datalen) \ - mbedtls_md_update(&ctx, (unsigned char *) data, datalen) + mbedtls_md_update(&ctx, (const unsigned char *) data, datalen) #define libssh2_md5_final(ctx, hash) \ - _libssh2_mbedtls_hash_final(&ctx, hash) + _libssh2_mbedtls_hash_final(&ctx, hash) #define libssh2_md5(data, datalen, hash) \ - _libssh2_mbedtls_hash(data, datalen, MBEDTLS_MD_MD5, hash) + _libssh2_mbedtls_hash(data, datalen, MBEDTLS_MD_MD5, hash) /*******************************************************************/ @@ -227,26 +238,33 @@ #define _libssh2_rsa_new(rsactx, e, e_len, n, n_len, \ d, d_len, p, p_len, q, q_len, \ e1, e1_len, e2, e2_len, c, c_len) \ - _libssh2_mbedtls_rsa_new(rsactx, e, e_len, n, n_len, \ - d, d_len, p, p_len, q, q_len, \ - e1, e1_len, e2, e2_len, c, c_len) + _libssh2_mbedtls_rsa_new(rsactx, e, e_len, n, n_len, \ + d, d_len, p, p_len, q, q_len, \ + e1, e1_len, e2, e2_len, c, c_len) #define _libssh2_rsa_new_private(rsactx, s, filename, passphrase) \ - _libssh2_mbedtls_rsa_new_private(rsactx, s, filename, passphrase) + _libssh2_mbedtls_rsa_new_private(rsactx, s, filename, passphrase) #define _libssh2_rsa_new_private_frommemory(rsactx, s, filedata, \ filedata_len, passphrase) \ - _libssh2_mbedtls_rsa_new_private_frommemory(rsactx, s, filedata, \ - filedata_len, passphrase) + _libssh2_mbedtls_rsa_new_private_frommemory(rsactx, s, filedata, \ + filedata_len, passphrase) #define _libssh2_rsa_sha1_sign(s, rsactx, hash, hash_len, sig, sig_len) \ - _libssh2_mbedtls_rsa_sha1_sign(s, rsactx, hash, hash_len, sig, sig_len) + _libssh2_mbedtls_rsa_sha1_sign(s, rsactx, hash, hash_len, sig, sig_len) + +#define _libssh2_rsa_sha2_sign(s, rsactx, hash, hash_len, sig, sig_len) \ + _libssh2_mbedtls_rsa_sha2_sign(s, rsactx, hash, hash_len, sig, sig_len) + #define _libssh2_rsa_sha1_verify(rsactx, sig, sig_len, m, m_len) \ - _libssh2_mbedtls_rsa_sha1_verify(rsactx, sig, sig_len, m, m_len) + _libssh2_mbedtls_rsa_sha1_verify(rsactx, sig, sig_len, m, m_len) + +#define _libssh2_rsa_sha2_verify(rsactx, hash_len, sig, sig_len, m, m_len) \ + _libssh2_mbedtls_rsa_sha2_verify(rsactx, hash_len, sig, sig_len, m, m_len) #define _libssh2_rsa_free(rsactx) \ - _libssh2_mbedtls_rsa_free(rsactx) + _libssh2_mbedtls_rsa_free(rsactx) /*******************************************************************/ @@ -291,34 +309,34 @@ typedef enum { #define _libssh2_ecdsa_create_key(session, privkey, pubkey_octal, \ pubkey_octal_len, curve) \ - _libssh2_mbedtls_ecdsa_create_key(session, privkey, pubkey_octal, \ - pubkey_octal_len, curve) + _libssh2_mbedtls_ecdsa_create_key(session, privkey, pubkey_octal, \ + pubkey_octal_len, curve) #define _libssh2_ecdsa_curve_name_with_octal_new(ctx, k, k_len, curve) \ - _libssh2_mbedtls_ecdsa_curve_name_with_octal_new(ctx, k, k_len, curve) + _libssh2_mbedtls_ecdsa_curve_name_with_octal_new(ctx, k, k_len, curve) #define _libssh2_ecdh_gen_k(k, privkey, server_pubkey, server_pubkey_len) \ - _libssh2_mbedtls_ecdh_gen_k(k, privkey, server_pubkey, server_pubkey_len) + _libssh2_mbedtls_ecdh_gen_k(k, privkey, server_pubkey, server_pubkey_len) #define _libssh2_ecdsa_verify(ctx, r, r_len, s, s_len, m, m_len) \ - _libssh2_mbedtls_ecdsa_verify(ctx, r, r_len, s, s_len, m, m_len) + _libssh2_mbedtls_ecdsa_verify(ctx, r, r_len, s, s_len, m, m_len) #define _libssh2_ecdsa_new_private(ctx, session, filename, passphrase) \ - _libssh2_mbedtls_ecdsa_new_private(ctx, session, filename, passphrase) + _libssh2_mbedtls_ecdsa_new_private(ctx, session, filename, passphrase) #define _libssh2_ecdsa_new_private_frommemory(ctx, session, filedata, \ filedata_len, passphrase) \ - _libssh2_mbedtls_ecdsa_new_private_frommemory(ctx, session, filedata, \ - filedata_len, passphrase) + _libssh2_mbedtls_ecdsa_new_private_frommemory(ctx, session, filedata, \ + filedata_len, passphrase) #define _libssh2_ecdsa_sign(session, ctx, hash, hash_len, sign, sign_len) \ - _libssh2_mbedtls_ecdsa_sign(session, ctx, hash, hash_len, sign, sign_len) + _libssh2_mbedtls_ecdsa_sign(session, ctx, hash, hash_len, sign, sign_len) #define _libssh2_ecdsa_get_curve_type(ctx) \ - _libssh2_mbedtls_ecdsa_get_curve_type(ctx) + _libssh2_mbedtls_ecdsa_get_curve_type(ctx) #define _libssh2_ecdsa_free(ctx) \ - _libssh2_mbedtls_ecdsa_free(ctx) + _libssh2_mbedtls_ecdsa_free(ctx) #endif /* LIBSSH2_ECDSA */ @@ -329,11 +347,15 @@ typedef enum { */ #define _libssh2_pub_priv_keyfile(s, m, m_len, p, p_len, pk, pw) \ - _libssh2_mbedtls_pub_priv_keyfile(s, m, m_len, p, p_len, pk, pw) + _libssh2_mbedtls_pub_priv_keyfile(s, m, m_len, p, p_len, pk, pw) #define _libssh2_pub_priv_keyfilememory(s, m, m_len, p, p_len, \ - pk, pk_len, pw) \ - _libssh2_mbedtls_pub_priv_keyfilememory(s, m, m_len, p, p_len, \ - pk, pk_len, pw) + pk, pk_len, pw) \ + _libssh2_mbedtls_pub_priv_keyfilememory(s, m, m_len, p, p_len, \ + pk, pk_len, pw) +#define _libssh2_sk_pub_keyfilememory(s, m, m_len, p, p_len, alg, app, \ + f, kh, kh_len, pk, pk_len, pw) \ + _libssh2_mbedtls_sk_pub_keyfilememory(s, m, m_len, p, p_len, alg, app, \ + f, kh, kh_len, pk, pk_len, pw) /*******************************************************************/ @@ -351,9 +373,12 @@ typedef enum { #define _libssh2_cipher_aes256 MBEDTLS_CIPHER_AES_256_CBC #define _libssh2_cipher_aes192 MBEDTLS_CIPHER_AES_192_CBC #define _libssh2_cipher_aes128 MBEDTLS_CIPHER_AES_128_CBC +#ifdef MBEDTLS_CIPHER_BLOWFISH_CBC #define _libssh2_cipher_blowfish MBEDTLS_CIPHER_BLOWFISH_CBC +#endif +#ifdef MBEDTLS_CIPHER_ARC4_128 #define _libssh2_cipher_arcfour MBEDTLS_CIPHER_ARC4_128 -#define _libssh2_cipher_cast5 MBEDTLS_CIPHER_NULL +#endif #define _libssh2_cipher_3des MBEDTLS_CIPHER_DES_EDE3_CBC @@ -363,11 +388,11 @@ typedef enum { */ #define _libssh2_cipher_init(ctx, type, iv, secret, encrypt) \ - _libssh2_mbedtls_cipher_init(ctx, type, iv, secret, encrypt) -#define _libssh2_cipher_crypt(ctx, type, encrypt, block, blocklen) \ - _libssh2_mbedtls_cipher_crypt(ctx, type, encrypt, block, blocklen) + _libssh2_mbedtls_cipher_init(ctx, type, iv, secret, encrypt) +#define _libssh2_cipher_crypt(ctx, type, encrypt, block, blocklen, fl) \ + _libssh2_mbedtls_cipher_crypt(ctx, type, encrypt, block, blocklen, fl) #define _libssh2_cipher_dtor(ctx) \ - _libssh2_mbedtls_cipher_dtor(ctx) + _libssh2_mbedtls_cipher_dtor(ctx) /*******************************************************************/ @@ -382,21 +407,21 @@ typedef enum { #define _libssh2_bn mbedtls_mpi #define _libssh2_bn_init() \ - _libssh2_mbedtls_bignum_init() + _libssh2_mbedtls_bignum_init() #define _libssh2_bn_init_from_bin() \ - _libssh2_mbedtls_bignum_init() + _libssh2_mbedtls_bignum_init() #define _libssh2_bn_set_word(bn, word) \ - mbedtls_mpi_lset(bn, word) + mbedtls_mpi_lset(bn, word) #define _libssh2_bn_from_bin(bn, len, bin) \ - mbedtls_mpi_read_binary(bn, bin, len) + mbedtls_mpi_read_binary(bn, bin, len) #define _libssh2_bn_to_bin(bn, bin) \ - mbedtls_mpi_write_binary(bn, bin, mbedtls_mpi_size(bn)) + mbedtls_mpi_write_binary(bn, bin, mbedtls_mpi_size(bn)) #define _libssh2_bn_bytes(bn) \ - mbedtls_mpi_size(bn) + mbedtls_mpi_size(bn) #define _libssh2_bn_bits(bn) \ - mbedtls_mpi_bitlen(bn) + mbedtls_mpi_bitlen(bn) #define _libssh2_bn_free(bn) \ - _libssh2_mbedtls_bignum_free(bn) + _libssh2_mbedtls_bignum_free(bn) /*******************************************************************/ @@ -404,12 +429,20 @@ typedef enum { * mbedTLS backend: Diffie-Hellman support. */ +/* Default generate and safe prime sizes for + diffie-hellman-group-exchange-sha1 */ +#define LIBSSH2_DH_GEX_MINGROUP 2048 +#define LIBSSH2_DH_GEX_OPTGROUP 4096 +#define LIBSSH2_DH_GEX_MAXGROUP 8192 + +#define LIBSSH2_DH_MAX_MODULUS_BITS 16384 + #define _libssh2_dh_ctx mbedtls_mpi * #define libssh2_dh_init(dhctx) _libssh2_dh_init(dhctx) #define libssh2_dh_key_pair(dhctx, public, g, p, group_order, bnctx) \ - _libssh2_dh_key_pair(dhctx, public, g, p, group_order) + _libssh2_dh_key_pair(dhctx, public, g, p, group_order) #define libssh2_dh_secret(dhctx, secret, f, p, bnctx) \ - _libssh2_dh_secret(dhctx, secret, f, p) + _libssh2_dh_secret(dhctx, secret, f, p) #define libssh2_dh_dtor(dhctx) _libssh2_dh_dtor(dhctx) @@ -425,27 +458,27 @@ void _libssh2_mbedtls_free(void); int -_libssh2_mbedtls_random(unsigned char *buf, int len); +_libssh2_mbedtls_random(unsigned char *buf, size_t len); int _libssh2_mbedtls_cipher_init(_libssh2_cipher_ctx *ctx, - _libssh2_cipher_type(type), - unsigned char *iv, - unsigned char *secret, - int encrypt); + _libssh2_cipher_type(type), + unsigned char *iv, + unsigned char *secret, + int encrypt); int _libssh2_mbedtls_cipher_crypt(_libssh2_cipher_ctx *ctx, - _libssh2_cipher_type(type), - int encrypt, - unsigned char *block, - size_t blocklen); + _libssh2_cipher_type(type), + int encrypt, + unsigned char *block, + size_t blocklen, int firstlast); void _libssh2_mbedtls_cipher_dtor(_libssh2_cipher_ctx *ctx); int _libssh2_mbedtls_hash_init(mbedtls_md_context_t *ctx, - mbedtls_md_type_t mdtype, - const unsigned char *key, unsigned long keylen); + mbedtls_md_type_t mdtype, + const unsigned char *key, unsigned long keylen); int _libssh2_mbedtls_hash_final(mbedtls_md_context_t *ctx, unsigned char *hash); @@ -461,68 +494,81 @@ _libssh2_mbedtls_bignum_free(_libssh2_bn *bn); int _libssh2_mbedtls_rsa_new(libssh2_rsa_ctx **rsa, - const unsigned char *edata, - unsigned long elen, - const unsigned char *ndata, - unsigned long nlen, - const unsigned char *ddata, - unsigned long dlen, - const unsigned char *pdata, - unsigned long plen, - const unsigned char *qdata, - unsigned long qlen, - const unsigned char *e1data, - unsigned long e1len, - const unsigned char *e2data, - unsigned long e2len, - const unsigned char *coeffdata, - unsigned long coefflen); + const unsigned char *edata, + unsigned long elen, + const unsigned char *ndata, + unsigned long nlen, + const unsigned char *ddata, + unsigned long dlen, + const unsigned char *pdata, + unsigned long plen, + const unsigned char *qdata, + unsigned long qlen, + const unsigned char *e1data, + unsigned long e1len, + const unsigned char *e2data, + unsigned long e2len, + const unsigned char *coeffdata, + unsigned long coefflen); int _libssh2_mbedtls_rsa_new_private(libssh2_rsa_ctx **rsa, - LIBSSH2_SESSION *session, - const char *filename, - const unsigned char *passphrase); + LIBSSH2_SESSION *session, + const char *filename, + const unsigned char *passphrase); int _libssh2_mbedtls_rsa_new_private_frommemory(libssh2_rsa_ctx **rsa, - LIBSSH2_SESSION *session, - const char *filedata, - size_t filedata_len, - unsigned const char *passphrase); + LIBSSH2_SESSION *session, + const char *filedata, + size_t filedata_len, + unsigned const char *passphrase); int _libssh2_mbedtls_rsa_sha1_verify(libssh2_rsa_ctx *rsa, - const unsigned char *sig, - unsigned long sig_len, - const unsigned char *m, - unsigned long m_len); + const unsigned char *sig, + unsigned long sig_len, + const unsigned char *m, + unsigned long m_len); int _libssh2_mbedtls_rsa_sha1_sign(LIBSSH2_SESSION *session, - libssh2_rsa_ctx *rsa, - const unsigned char *hash, - size_t hash_len, - unsigned char **signature, - size_t *signature_len); + libssh2_rsa_ctx *rsa, + const unsigned char *hash, + size_t hash_len, + unsigned char **signature, + size_t *signature_len); +int +_libssh2_mbedtls_rsa_sha2_verify(libssh2_rsa_ctx * rsactx, + size_t hash_len, + const unsigned char *sig, + unsigned long sig_len, + const unsigned char *m, unsigned long m_len); +int +_libssh2_mbedtls_rsa_sha2_sign(LIBSSH2_SESSION *session, + libssh2_rsa_ctx *rsa, + const unsigned char *hash, + size_t hash_len, + unsigned char **signature, + size_t *signature_len); void _libssh2_mbedtls_rsa_free(libssh2_rsa_ctx *rsa); int _libssh2_mbedtls_pub_priv_keyfile(LIBSSH2_SESSION *session, - unsigned char **method, - size_t *method_len, - unsigned char **pubkeydata, - size_t *pubkeydata_len, - const char *privatekey, - const char *passphrase); + unsigned char **method, + size_t *method_len, + unsigned char **pubkeydata, + size_t *pubkeydata_len, + const char *privatekey, + const char *passphrase); int _libssh2_mbedtls_pub_priv_keyfilememory(LIBSSH2_SESSION *session, - unsigned char **method, - size_t *method_len, - unsigned char **pubkeydata, - size_t *pubkeydata_len, - const char *privatekeydata, - size_t privatekeydata_len, - const char *passphrase); + unsigned char **method, + size_t *method_len, + unsigned char **pubkeydata, + size_t *pubkeydata_len, + const char *privatekeydata, + size_t privatekeydata_len, + const char *passphrase); #if LIBSSH2_ECDSA int _libssh2_mbedtls_ecdsa_create_key(LIBSSH2_SESSION *session, @@ -547,9 +593,9 @@ _libssh2_mbedtls_ecdsa_verify(libssh2_ecdsa_ctx *ctx, const unsigned char *m, size_t m_len); int _libssh2_mbedtls_ecdsa_new_private(libssh2_ecdsa_ctx **ctx, - LIBSSH2_SESSION *session, - const char *filename, - const unsigned char *passphrase); + LIBSSH2_SESSION *session, + const char *filename, + const unsigned char *passphrase); int _libssh2_mbedtls_ecdsa_new_private_frommemory(libssh2_ecdsa_ctx **ctx, LIBSSH2_SESSION *session, @@ -572,14 +618,16 @@ void _libssh2_mbedtls_ecdsa_free(libssh2_ecdsa_ctx *ctx); #endif /* LIBSSH2_ECDSA */ +extern void +_libssh2_init_aes_ctr(void); extern void _libssh2_dh_init(_libssh2_dh_ctx *dhctx); extern int _libssh2_dh_key_pair(_libssh2_dh_ctx *dhctx, _libssh2_bn *public, - _libssh2_bn *g, _libssh2_bn *p, int group_order); + _libssh2_bn *g, _libssh2_bn *p, int group_order); extern int _libssh2_dh_secret(_libssh2_dh_ctx *dhctx, _libssh2_bn *secret, - _libssh2_bn *f, _libssh2_bn *p); + _libssh2_bn *f, _libssh2_bn *p); extern void _libssh2_dh_dtor(_libssh2_dh_ctx *dhctx); diff --git a/libssh2/src/misc.c b/libssh2/src/misc.c index 594b2d1f7..7de6511b5 100644 --- a/libssh2/src/misc.c +++ b/libssh2/src/misc.c @@ -39,39 +39,60 @@ #include "libssh2_priv.h" #include "misc.h" -#include "blf.h" - -#ifdef HAVE_STDLIB_H -#include -#endif #ifdef HAVE_UNISTD_H #include #endif -#ifdef HAVE_SYS_TIME_H -#include -#endif - -#if defined(HAVE_DECL_SECUREZEROMEMORY) && HAVE_DECL_SECUREZEROMEMORY -#ifdef HAVE_WINDOWS_H -#include -#endif -#endif - -#include #include +#include + +#ifdef WIN32 +/* Force parameter type. */ +#define recv(s, b, l, f) recv((s), (b), (int)(l), (f)) +#define send(s, b, l, f) send((s), (b), (int)(l), (f)) +#endif + +/* snprintf not in Visual Studio CRT and _snprintf dangerously incompatible. + We provide a safe wrapper if snprintf not found */ +#ifdef LIBSSH2_SNPRINTF +#include + +/* Want safe, 'n += snprintf(b + n ...)' like function. If cp_max_len is 1 +* then assume cp is pointing to a null char and do nothing. Returns number +* number of chars placed in cp excluding the trailing null char. So for +* cp_max_len > 0 the return value is always < cp_max_len; for cp_max_len +* <= 0 the return value is 0 (and no chars are written to cp). */ +int _libssh2_snprintf(char *cp, size_t cp_max_len, const char *fmt, ...) +{ + va_list args; + int n; + + if(cp_max_len < 2) + return 0; + va_start(args, fmt); + n = vsnprintf(cp, cp_max_len, fmt, args); + va_end(args); + return (n < (int)cp_max_len) ? n : (int)(cp_max_len - 1); +} +#endif int _libssh2_error_flags(LIBSSH2_SESSION* session, int errcode, const char *errmsg, int errflags) { + if(!session) { + if(errmsg) + fprintf(stderr, "Session is NULL, error: %s\n", errmsg); + return errcode; + } + if(session->err_flags & LIBSSH2_ERR_FLAG_DUP) LIBSSH2_FREE(session, (char *)session->err_msg); session->err_code = errcode; session->err_flags = 0; - if((errmsg != NULL) && ((errflags & LIBSSH2_ERR_FLAG_DUP) != 0)) { + if(errmsg && ((errflags & LIBSSH2_ERR_FLAG_DUP) != 0)) { size_t len = strlen(errmsg); char *copy = LIBSSH2_ALLOC(session, len + 1); if(copy) { @@ -91,8 +112,8 @@ int _libssh2_error_flags(LIBSSH2_SESSION* session, int errcode, /* if this is EAGAIN and we're in non-blocking mode, don't generate a debug output for this */ return errcode; - _libssh2_debug(session, LIBSSH2_TRACE_ERROR, "%d - %s", session->err_code, - session->err_msg); + _libssh2_debug((session, LIBSSH2_TRACE_ERROR, "%d - %s", session->err_code, + session->err_msg)); #endif return errcode; @@ -135,7 +156,7 @@ _libssh2_recv(libssh2_socket_t sock, void *buffer, size_t length, { ssize_t rc; - (void) abstract; + (void)abstract; rc = recv(sock, buffer, length, flags); #ifdef WIN32 @@ -168,7 +189,7 @@ _libssh2_send(libssh2_socket_t sock, const void *buffer, size_t length, { ssize_t rc; - (void) abstract; + (void)abstract; rc = send(sock, buffer, length, flags); #ifdef WIN32 @@ -177,10 +198,10 @@ _libssh2_send(libssh2_socket_t sock, const void *buffer, size_t length, #else if(rc < 0) { #ifdef EWOULDBLOCK /* For VMS and other special unixes */ - if(errno == EWOULDBLOCK) - return -EAGAIN; + if(errno == EWOULDBLOCK) + return -EAGAIN; #endif - return -errno; + return -errno; } #endif return rc; @@ -188,13 +209,13 @@ _libssh2_send(libssh2_socket_t sock, const void *buffer, size_t length, /* libssh2_ntohu32 */ -unsigned int +uint32_t _libssh2_ntohu32(const unsigned char *buf) { - return (((unsigned int)buf[0] << 24) - | ((unsigned int)buf[1] << 16) - | ((unsigned int)buf[2] << 8) - | ((unsigned int)buf[3])); + return ((uint32_t)buf[0] << 24) + | ((uint32_t)buf[1] << 16) + | ((uint32_t)buf[2] << 8) + | ((uint32_t)buf[3]); } @@ -203,14 +224,14 @@ _libssh2_ntohu32(const unsigned char *buf) libssh2_uint64_t _libssh2_ntohu64(const unsigned char *buf) { - unsigned long msl, lsl; - - msl = ((libssh2_uint64_t)buf[0] << 24) | ((libssh2_uint64_t)buf[1] << 16) - | ((libssh2_uint64_t)buf[2] << 8) | (libssh2_uint64_t)buf[3]; - lsl = ((libssh2_uint64_t)buf[4] << 24) | ((libssh2_uint64_t)buf[5] << 16) - | ((libssh2_uint64_t)buf[6] << 8) | (libssh2_uint64_t)buf[7]; - - return ((libssh2_uint64_t)msl <<32) | lsl; + return ((libssh2_uint64_t)buf[0] << 56) + | ((libssh2_uint64_t)buf[1] << 48) + | ((libssh2_uint64_t)buf[2] << 40) + | ((libssh2_uint64_t)buf[3] << 32) + | ((libssh2_uint64_t)buf[4] << 24) + | ((libssh2_uint64_t)buf[5] << 16) + | ((libssh2_uint64_t)buf[6] << 8) + | ((libssh2_uint64_t)buf[7]); } /* _libssh2_htonu32 @@ -218,7 +239,7 @@ _libssh2_ntohu64(const unsigned char *buf) void _libssh2_htonu32(unsigned char *buf, uint32_t value) { - buf[0] = (value >> 24) & 0xFF; + buf[0] = (unsigned char)((value >> 24) & 0xFF); buf[1] = (value >> 16) & 0xFF; buf[2] = (value >> 8) & 0xFF; buf[3] = value & 0xFF; @@ -234,13 +255,50 @@ void _libssh2_store_u32(unsigned char **buf, uint32_t value) /* _libssh2_store_str */ -void _libssh2_store_str(unsigned char **buf, const char *str, size_t len) +int _libssh2_store_str(unsigned char **buf, const char *str, size_t len) { - _libssh2_store_u32(buf, (uint32_t)len); - if(len) { - memcpy(*buf, str, len); - *buf += len; + uint32_t len_stored = (uint32_t)len; + + _libssh2_store_u32(buf, len_stored); + if(len_stored) { + memcpy(*buf, str, len_stored); + *buf += len_stored; } + + assert(len_stored == len); + return len_stored == len; +} + +/* _libssh2_store_bignum2_bytes + */ +int _libssh2_store_bignum2_bytes(unsigned char **buf, + const unsigned char *bytes, + size_t len) +{ + uint32_t len_stored; + uint32_t extraByte; + const unsigned char *p; + + for(p = bytes; len > 0 && *p == 0; --len, ++p) {} + + extraByte = (len > 0 && (p[0] & 0x80) != 0); + len_stored = (uint32_t)len; + if(extraByte && len_stored == 0xffffffff) + len_stored--; + _libssh2_store_u32(buf, len_stored + extraByte); + + if(extraByte) { + *buf[0] = 0; + *buf += 1; + } + + if(len_stored) { + memcpy(*buf, p, len_stored); + *buf += len_stored; + } + + assert(len_stored == len); + return len_stored == len; } /* Base64 Conversion */ @@ -266,26 +324,46 @@ static const short base64_reverse_table[256] = { /* libssh2_base64_decode * - * Decode a base64 chunk and store it into a newly alloc'd buffer + * Legacy public function. DEPRECATED. */ LIBSSH2_API int libssh2_base64_decode(LIBSSH2_SESSION *session, char **data, unsigned int *datalen, const char *src, unsigned int src_len) { - unsigned char *s, *d; - short v; - int i = 0, len = 0; + int rc; + size_t dlen; - *data = LIBSSH2_ALLOC(session, (3 * src_len / 4) + 1); + rc = _libssh2_base64_decode(session, data, &dlen, src, src_len); + + if(datalen) + *datalen = (unsigned int)dlen; + + return rc; +} + +/* _libssh2_base64_decode + * + * Decode a base64 chunk and store it into a newly alloc'd buffer + */ +int _libssh2_base64_decode(LIBSSH2_SESSION *session, + char **data, size_t *datalen, + const char *src, size_t src_len) +{ + unsigned char *d; + const char *s; + short v; + ssize_t i = 0, len = 0; + + *data = LIBSSH2_ALLOC(session, ((src_len / 4) * 3) + 1); d = (unsigned char *) *data; if(!d) { return _libssh2_error(session, LIBSSH2_ERROR_ALLOC, "Unable to allocate memory for base64 decoding"); } - for(s = (unsigned char *) src; ((char *) s) < (src + src_len); s++) { - v = base64_reverse_table[*s]; + for(s = src; s < (src + src_len); s++) { + v = base64_reverse_table[(unsigned char)*s]; if(v < 0) continue; switch(i % 4) { @@ -293,15 +371,15 @@ libssh2_base64_decode(LIBSSH2_SESSION *session, char **data, d[len] = (unsigned char)(v << 2); break; case 1: - d[len++] |= v >> 4; + d[len++] |= (unsigned char)(v >> 4); d[len] = (unsigned char)(v << 4); break; case 2: - d[len++] |= v >> 2; + d[len++] |= (unsigned char)(v >> 2); d[len] = (unsigned char)(v << 6); break; case 3: - d[len++] |= v; + d[len++] |= (unsigned char)v; break; } i++; @@ -320,10 +398,10 @@ libssh2_base64_decode(LIBSSH2_SESSION *session, char **data, /* ---- Base64 Encoding/Decoding Table --- */ static const char table64[]= - "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; + "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; /* - * _libssh2_base64_encode() + * _libssh2_base64_encode * * Returns the length of the newly created base64 string. The third argument * is a pointer to an allocated area holding the base64 data. If something @@ -344,11 +422,11 @@ size_t _libssh2_base64_encode(LIBSSH2_SESSION *session, *outptr = NULL; /* set to NULL in case of failure before we reach the end */ - if(0 == insize) + if(insize == 0) insize = strlen(indata); base64data = output = LIBSSH2_ALLOC(session, insize * 4 / 3 + 4); - if(NULL == output) + if(!output) return 0; while(insize > 0) { @@ -372,22 +450,22 @@ size_t _libssh2_base64_encode(LIBSSH2_SESSION *session, switch(inputparts) { case 1: /* only one byte read */ - snprintf(output, 5, "%c%c==", - table64[obuf[0]], - table64[obuf[1]]); + output[0] = table64[obuf[0]]; + output[1] = table64[obuf[1]]; + output[2] = '='; + output[3] = '='; break; case 2: /* two bytes read */ - snprintf(output, 5, "%c%c%c=", - table64[obuf[0]], - table64[obuf[1]], - table64[obuf[2]]); + output[0] = table64[obuf[0]]; + output[1] = table64[obuf[1]]; + output[2] = table64[obuf[2]]; + output[3] = '='; break; default: - snprintf(output, 5, "%c%c%c%c", - table64[obuf[0]], - table64[obuf[1]], - table64[obuf[2]], - table64[obuf[3]]); + output[0] = table64[obuf[0]]; + output[1] = table64[obuf[1]]; + output[2] = table64[obuf[2]]; + output[3] = table64[obuf[3]]; break; } output += 4; @@ -425,13 +503,14 @@ libssh2_trace_sethandler(LIBSSH2_SESSION *session, void *handler_context, } void -_libssh2_debug(LIBSSH2_SESSION * session, int context, const char *format, ...) +_libssh2_debug_low(LIBSSH2_SESSION * session, int context, const char *format, + ...) { char buffer[1536]; int len, msglen, buflen = sizeof(buffer); va_list vargs; struct timeval now; - static int firstsec; + static long firstsec; static const char *const contexts[] = { "Unknown", "Transport", @@ -461,7 +540,7 @@ _libssh2_debug(LIBSSH2_SESSION * session, int context, const char *format, ...) } } - _libssh2_gettimeofday(&now, NULL); + gettimeofday(&now, NULL); if(!firstsec) { firstsec = now.tv_sec; } @@ -492,8 +571,8 @@ _libssh2_debug(LIBSSH2_SESSION * session, int context, const char *format, ...) LIBSSH2_API int libssh2_trace(LIBSSH2_SESSION * session, int bitmask) { - (void) session; - (void) bitmask; + (void)session; + (void)bitmask; return 0; } @@ -501,9 +580,9 @@ LIBSSH2_API int libssh2_trace_sethandler(LIBSSH2_SESSION *session, void *handler_context, libssh2_trace_handler_func callback) { - (void) session; - (void) handler_context; - (void) callback; + (void)session; + (void)handler_context; + (void)callback; return 0; } #endif @@ -600,10 +679,10 @@ void _libssh2_list_insert(struct list_node *after, /* insert before this */ #endif -/* this define is defined in misc.h for the correct platforms */ -#ifdef LIBSSH2_GETTIMEOFDAY_WIN32 +/* Defined in libssh2_priv.h for the correct platforms */ +#ifdef LIBSSH2_GETTIMEOFDAY /* - * gettimeofday + * _libssh2_gettimeofday * Implementation according to: * The Open Group Base Specifications Issue 6 * IEEE Std 1003.1, 2004 Edition @@ -624,27 +703,31 @@ void _libssh2_list_insert(struct list_node *after, /* insert before this */ * Danny Smith */ -/* Offset between 1/1/1601 and 1/1/1970 in 100 nanosec units */ -#define _W32_FT_OFFSET (116444736000000000) - -int __cdecl _libssh2_gettimeofday(struct timeval *tp, void *tzp) +int _libssh2_gettimeofday(struct timeval *tp, void *tzp) { - union { - unsigned __int64 ns100; /*time since 1 Jan 1601 in 100ns units */ - FILETIME ft; - } _now; (void)tzp; if(tp) { +#ifdef WIN32 + /* Offset between 1601-01-01 and 1970-01-01 in 100 nanosec units */ + #define _WIN32_FT_OFFSET (116444736000000000) + + union { + libssh2_uint64_t ns100; /* time since 1 Jan 1601 in 100ns units */ + FILETIME ft; + } _now; GetSystemTimeAsFileTime(&_now.ft); tp->tv_usec = (long)((_now.ns100 / 10) % 1000000); - tp->tv_sec = (long)((_now.ns100 - _W32_FT_OFFSET) / 10000000); + tp->tv_sec = (long)((_now.ns100 - _WIN32_FT_OFFSET) / 10000000); +#else + /* Platforms without a native implementation or local replacement */ + tp->tv_usec = 0; + tp->tv_sec = 0; +#endif } /* Always return 0 as per Open Group Base Specifications Issue 6. Do not set errno on error. */ return 0; } - - #endif void *_libssh2_calloc(LIBSSH2_SESSION* session, size_t size) @@ -687,34 +770,23 @@ void _libssh2_aes_ctr_increment(unsigned char *ctr, } } -#ifdef WIN32 -static void * (__cdecl * const volatile memset_libssh)(void *, int, size_t) = - memset; -#else +#ifdef LIBSSH2_MEMZERO static void * (* const volatile memset_libssh)(void *, int, size_t) = memset; -#endif -void _libssh2_explicit_zero(void *buf, size_t size) +void _libssh2_memzero(void *buf, size_t size) { -#if defined(HAVE_DECL_SECUREZEROMEMORY) && HAVE_DECL_SECUREZEROMEMORY - SecureZeroMemory(buf, size); - (void)memset_libssh; /* Silence unused variable warning */ -#elif defined(HAVE_MEMSET_S) - (void)memset_s(buf, size, 0, size); - (void)memset_libssh; /* Silence unused variable warning */ -#else memset_libssh(buf, 0, size); -#endif } +#endif /* String buffer */ -struct string_buf* _libssh2_string_buf_new(LIBSSH2_SESSION *session) +struct string_buf *_libssh2_string_buf_new(LIBSSH2_SESSION *session) { struct string_buf *ret; ret = _libssh2_calloc(session, sizeof(*ret)); - if(ret == NULL) + if(!ret) return NULL; return ret; @@ -722,16 +794,39 @@ struct string_buf* _libssh2_string_buf_new(LIBSSH2_SESSION *session) void _libssh2_string_buf_free(LIBSSH2_SESSION *session, struct string_buf *buf) { - if(buf == NULL) + if(!buf) return; - if(buf->data != NULL) + if(buf->data) LIBSSH2_FREE(session, buf->data); LIBSSH2_FREE(session, buf); buf = NULL; } +int _libssh2_get_byte(struct string_buf *buf, unsigned char *out) +{ + if(!_libssh2_check_length(buf, 1)) { + return -1; + } + + *out = buf->dataptr[0]; + buf->dataptr += 1; + return 0; +} + +int _libssh2_get_boolean(struct string_buf *buf, unsigned char *out) +{ + if(!_libssh2_check_length(buf, 1)) { + return -1; + } + + + *out = buf->dataptr[0] == 0 ? 0 : 1; + buf->dataptr += 1; + return 0; +} + int _libssh2_get_u32(struct string_buf *buf, uint32_t *out) { if(!_libssh2_check_length(buf, 4)) { @@ -769,7 +864,7 @@ int _libssh2_get_string(struct string_buf *buf, unsigned char **outbuf, size_t *outlen) { uint32_t data_len; - if(_libssh2_get_u32(buf, &data_len) != 0) { + if(!buf || _libssh2_get_u32(buf, &data_len) != 0) { return -1; } if(!_libssh2_check_length(buf, data_len)) { @@ -794,12 +889,18 @@ int _libssh2_copy_string(LIBSSH2_SESSION *session, struct string_buf *buf, return -1; } - *outbuf = LIBSSH2_ALLOC(session, str_len); - if(*outbuf) { - memcpy(*outbuf, str, str_len); + if(str_len) { + *outbuf = LIBSSH2_ALLOC(session, str_len); + if(*outbuf) { + memcpy(*outbuf, str, str_len); + } + else { + return -1; + } } else { - return -1; + *outlen = 0; + *outbuf = NULL; } if(outlen) @@ -848,25 +949,11 @@ int _libssh2_check_length(struct string_buf *buf, size_t len) { unsigned char *endp = &buf->data[buf->len]; size_t left = endp - buf->dataptr; - return ((len <= left) && (left <= buf->len)); + return (len <= left) && (left <= buf->len); } -/* Wrappers */ - -int _libssh2_bcrypt_pbkdf(const char *pass, - size_t passlen, - const uint8_t *salt, - size_t saltlen, - uint8_t *key, - size_t keylen, - unsigned int rounds) +int _libssh2_eob(struct string_buf *buf) { - /* defined in bcrypt_pbkdf.c */ - return bcrypt_pbkdf(pass, - passlen, - salt, - saltlen, - key, - keylen, - rounds); + unsigned char *endp = &buf->data[buf->len]; + return buf->dataptr >= endp; } diff --git a/libssh2/src/misc.h b/libssh2/src/misc.h index 5481e666c..95db71425 100644 --- a/libssh2/src/misc.h +++ b/libssh2/src/misc.h @@ -38,6 +38,27 @@ * OF SUCH DAMAGE. */ +#ifdef LIBSSH2_NO_CLEAR_MEMORY +#define _libssh2_explicit_zero(buf, size) do { \ + (void)(buf); \ + (void)(size); \ + } while(0) +#else +#ifdef WIN32 +#define _libssh2_explicit_zero(buf, size) SecureZeroMemory(buf, size) +#elif defined(HAVE_EXPLICIT_BZERO) +#define _libssh2_explicit_zero(buf, size) explicit_bzero(buf, size) +#elif defined(HAVE_EXPLICIT_MEMSET) +#define _libssh2_explicit_zero(buf, size) (void)explicit_memset(buf, 0, size) +#elif defined(HAVE_MEMSET_S) +#define _libssh2_explicit_zero(buf, size) (void)memset_s(buf, size, 0, size) +#else +#define LIBSSH2_MEMZERO +void _libssh2_memzero(void *buf, size_t size); +#define _libssh2_explicit_zero(buf, size) _libssh2_memzero(buf, size) +#endif +#endif + struct list_head { struct list_node *last; struct list_node *first; @@ -77,20 +98,27 @@ void *_libssh2_list_prev(struct list_node *node); /* remove this node from the list */ void _libssh2_list_remove(struct list_node *entry); +int _libssh2_base64_decode(LIBSSH2_SESSION *session, + char **data, size_t *datalen, + const char *src, size_t src_len); size_t _libssh2_base64_encode(LIBSSH2_SESSION *session, const char *inp, size_t insize, char **outptr); -unsigned int _libssh2_ntohu32(const unsigned char *buf); +uint32_t _libssh2_ntohu32(const unsigned char *buf); libssh2_uint64_t _libssh2_ntohu64(const unsigned char *buf); void _libssh2_htonu32(unsigned char *buf, uint32_t val); void _libssh2_store_u32(unsigned char **buf, uint32_t value); -void _libssh2_store_str(unsigned char **buf, const char *str, size_t len); +int _libssh2_store_str(unsigned char **buf, const char *str, size_t len); +int _libssh2_store_bignum2_bytes(unsigned char **buf, + const unsigned char *bytes, + size_t len); void *_libssh2_calloc(LIBSSH2_SESSION *session, size_t size); -void _libssh2_explicit_zero(void *buf, size_t size); -struct string_buf* _libssh2_string_buf_new(LIBSSH2_SESSION *session); +struct string_buf *_libssh2_string_buf_new(LIBSSH2_SESSION *session); void _libssh2_string_buf_free(LIBSSH2_SESSION *session, struct string_buf *buf); +int _libssh2_get_boolean(struct string_buf *buf, unsigned char *out); +int _libssh2_get_byte(struct string_buf *buf, unsigned char *out); int _libssh2_get_u32(struct string_buf *buf, uint32_t *out); int _libssh2_get_u64(struct string_buf *buf, libssh2_uint64_t *out); int _libssh2_match_string(struct string_buf *buf, const char *match); @@ -101,19 +129,7 @@ int _libssh2_copy_string(LIBSSH2_SESSION* session, struct string_buf *buf, int _libssh2_get_bignum_bytes(struct string_buf *buf, unsigned char **outbuf, size_t *outlen); int _libssh2_check_length(struct string_buf *buf, size_t requested_len); - -#if defined(LIBSSH2_WIN32) && !defined(__MINGW32__) && !defined(__CYGWIN__) -/* provide a private one */ -#undef HAVE_GETTIMEOFDAY -int __cdecl _libssh2_gettimeofday(struct timeval *tp, void *tzp); -#define HAVE_LIBSSH2_GETTIMEOFDAY -#define LIBSSH2_GETTIMEOFDAY_WIN32 /* enable the win32 implementation */ -#else -#ifdef HAVE_GETTIMEOFDAY -#define _libssh2_gettimeofday(x,y) gettimeofday(x,y) -#define HAVE_LIBSSH2_GETTIMEOFDAY -#endif -#endif +int _libssh2_eob(struct string_buf *buf); void _libssh2_xor_data(unsigned char *output, const unsigned char *input1, diff --git a/libssh2/src/openssl.c b/libssh2/src/openssl.c index 7a6810f13..919a8d9b1 100644 --- a/libssh2/src/openssl.c +++ b/libssh2/src/openssl.c @@ -38,12 +38,10 @@ * OF SUCH DAMAGE. */ -#include "libssh2_priv.h" +#ifdef LIBSSH2_CRYPTO_C /* Compile this via crypto.c */ -#ifdef LIBSSH2_OPENSSL /* compile only if we build with openssl */ - -#include -#include "misc.h" +#include +#include #ifndef EVP_MAX_BLOCK_LENGTH #define EVP_MAX_BLOCK_LENGTH 32 @@ -56,6 +54,24 @@ read_openssh_private_key_from_memory(void **key_ctx, LIBSSH2_SESSION *session, size_t filedata_len, unsigned const char *passphrase); +static int +_libssh2_sk_pub_openssh_keyfilememory(LIBSSH2_SESSION *session, + void **key_ctx, + const char *key_type, + unsigned char **method, + size_t *method_len, + unsigned char **pubkeydata, + size_t *pubkeydata_len, + int *algorithm, + unsigned char *flags, + const char **application, + const unsigned char **key_handle, + size_t *handle_len, + const char *privatekeydata, + size_t privatekeydata_len, + unsigned const char *passphrase); + +#if LIBSSH2_RSA || LIBSSH2_DSA || LIBSSH2_ECDSA static unsigned char * write_bn(unsigned char *buf, const BIGNUM *bn, int bn_bytes) { @@ -73,7 +89,19 @@ write_bn(unsigned char *buf, const BIGNUM *bn, int bn_bytes) return p + bn_bytes; } +#endif +int +_libssh2_openssl_random(void *buf, size_t len) +{ + if(len > INT_MAX) { + return -1; + } + + return RAND_bytes(buf, (int)len) == 1 ? 0 : -1; +} + +#if LIBSSH2_RSA int _libssh2_rsa_new(libssh2_rsa_ctx ** rsa, const unsigned char *edata, @@ -102,29 +130,29 @@ _libssh2_rsa_new(libssh2_rsa_ctx ** rsa, BIGNUM * iqmp = 0; e = BN_new(); - BN_bin2bn(edata, elen, e); + BN_bin2bn(edata, (int) elen, e); n = BN_new(); - BN_bin2bn(ndata, nlen, n); + BN_bin2bn(ndata, (int) nlen, n); if(ddata) { d = BN_new(); - BN_bin2bn(ddata, dlen, d); + BN_bin2bn(ddata, (int) dlen, d); p = BN_new(); - BN_bin2bn(pdata, plen, p); + BN_bin2bn(pdata, (int) plen, p); q = BN_new(); - BN_bin2bn(qdata, qlen, q); + BN_bin2bn(qdata, (int) qlen, q); dmp1 = BN_new(); - BN_bin2bn(e1data, e1len, dmp1); + BN_bin2bn(e1data, (int) e1len, dmp1); dmq1 = BN_new(); - BN_bin2bn(e2data, e2len, dmq1); + BN_bin2bn(e2data, (int) e2len, dmq1); iqmp = BN_new(); - BN_bin2bn(coeffdata, coefflen, iqmp); + BN_bin2bn(coeffdata, (int) coefflen, iqmp); } *rsa = RSA_new(); @@ -154,21 +182,67 @@ _libssh2_rsa_new(libssh2_rsa_ctx ** rsa, } int -_libssh2_rsa_sha1_verify(libssh2_rsa_ctx * rsactx, +_libssh2_rsa_sha2_verify(libssh2_rsa_ctx * rsactx, + size_t hash_len, const unsigned char *sig, - unsigned long sig_len, - const unsigned char *m, unsigned long m_len) + size_t sig_len, + const unsigned char *m, size_t m_len) { - unsigned char hash[SHA_DIGEST_LENGTH]; int ret; + int nid_type; + unsigned char *hash = malloc(hash_len); + if(!hash) + return -1; - if(_libssh2_sha1(m, m_len, hash)) + if(hash_len == SHA_DIGEST_LENGTH) { + nid_type = NID_sha1; + ret = _libssh2_sha1(m, m_len, hash); + } + else if(hash_len == SHA256_DIGEST_LENGTH) { + nid_type = NID_sha256; + ret = _libssh2_sha256(m, m_len, hash); + + } + else if(hash_len == SHA512_DIGEST_LENGTH) { + nid_type = NID_sha512; + ret = _libssh2_sha512(m, m_len, hash); + } + else { +/* silence: + warning C4701: potentially uninitialized local variable 'nid_type' used */ +#if defined(_MSC_VER) + nid_type = 0; +#endif + ret = -1; /* unsupported digest */ + } + + if(ret) { + free(hash); return -1; /* failure */ - ret = RSA_verify(NID_sha1, hash, SHA_DIGEST_LENGTH, - (unsigned char *) sig, sig_len, rsactx); + } + + ret = RSA_verify(nid_type, hash, (unsigned int) hash_len, + (unsigned char *) sig, + (unsigned int) sig_len, rsactx); + + free(hash); + return (ret == 1) ? 0 : -1; } +#if LIBSSH2_RSA_SHA1 +int +_libssh2_rsa_sha1_verify(libssh2_rsa_ctx * rsactx, + const unsigned char *sig, + size_t sig_len, + const unsigned char *m, size_t m_len) +{ + return _libssh2_rsa_sha2_verify(rsactx, SHA_DIGEST_LENGTH, sig, sig_len, m, + m_len); +} +#endif +#endif + #if LIBSSH2_DSA int _libssh2_dsa_new(libssh2_dsa_ctx ** dsactx, @@ -189,20 +263,20 @@ _libssh2_dsa_new(libssh2_dsa_ctx ** dsactx, BIGNUM * priv_key = NULL; p_bn = BN_new(); - BN_bin2bn(p, p_len, p_bn); + BN_bin2bn(p, (int) p_len, p_bn); q_bn = BN_new(); - BN_bin2bn(q, q_len, q_bn); + BN_bin2bn(q, (int) q_len, q_bn); g_bn = BN_new(); - BN_bin2bn(g, g_len, g_bn); + BN_bin2bn(g, (int) g_len, g_bn); pub_key = BN_new(); - BN_bin2bn(y, y_len, pub_key); + BN_bin2bn(y, (int) y_len, pub_key); if(x_len) { priv_key = BN_new(); - BN_bin2bn(x, x_len, priv_key); + BN_bin2bn(x, (int) x_len, priv_key); } *dsactx = DSA_new(); @@ -227,7 +301,7 @@ _libssh2_dsa_new(libssh2_dsa_ctx ** dsactx, int _libssh2_dsa_sha1_verify(libssh2_dsa_ctx * dsactx, const unsigned char *sig, - const unsigned char *m, unsigned long m_len) + const unsigned char *m, size_t m_len) { unsigned char hash[SHA_DIGEST_LENGTH]; DSA_SIG * dsasig; @@ -285,7 +359,7 @@ _libssh2_ecdsa_curve_type_from_name(const char *name, int ret = 0; libssh2_curve_type type; - if(name == NULL || strlen(name) != 19) + if(!name || strlen(name) != 19) return -1; if(strcmp(name, "ecdsa-sha2-nistp256") == 0) @@ -295,6 +369,11 @@ _libssh2_ecdsa_curve_type_from_name(const char *name, else if(strcmp(name, "ecdsa-sha2-nistp521") == 0) type = LIBSSH2_EC_CURVE_NISTP521; else { +/* silence: + warning C4701: potentially uninitialized local variable 'type' used */ +#if defined(_MSC_VER) + type = (libssh2_curve_type)0; +#endif ret = -1; } @@ -328,30 +407,29 @@ _libssh2_ecdsa_curve_name_with_octal_new(libssh2_ecdsa_ctx ** ec_ctx, ret = EC_POINT_oct2point(ec_group, point, k, k_len, NULL); ret = EC_KEY_set_public_key(ec_key, point); - if(point != NULL) + if(point) EC_POINT_free(point); - if(ec_ctx != NULL) + if(ec_ctx) *ec_ctx = ec_key; } return (ret == 1) ? 0 : -1; } -#define LIBSSH2_ECDSA_VERIFY(digest_type) \ -{ \ - unsigned char hash[SHA##digest_type##_DIGEST_LENGTH]; \ - libssh2_sha##digest_type(m, m_len, hash); \ - ret = ECDSA_do_verify(hash, SHA##digest_type##_DIGEST_LENGTH, \ - ecdsa_sig, ec_key); \ - \ -} +#define LIBSSH2_ECDSA_VERIFY(digest_type) \ + do { \ + unsigned char hash[SHA##digest_type##_DIGEST_LENGTH]; \ + libssh2_sha##digest_type(m, m_len, hash); \ + ret = ECDSA_do_verify(hash, SHA##digest_type##_DIGEST_LENGTH, \ + ecdsa_sig, ec_key); \ + } while(0) int _libssh2_ecdsa_verify(libssh2_ecdsa_ctx * ctx, - const unsigned char *r, size_t r_len, - const unsigned char *s, size_t s_len, - const unsigned char *m, size_t m_len) + const unsigned char *r, size_t r_len, + const unsigned char *s, size_t s_len, + const unsigned char *m, size_t m_len) { int ret = 0; EC_KEY *ec_key = (EC_KEY*)ctx; @@ -362,17 +440,17 @@ _libssh2_ecdsa_verify(libssh2_ecdsa_ctx * ctx, BIGNUM *pr = BN_new(); BIGNUM *ps = BN_new(); - BN_bin2bn(r, r_len, pr); - BN_bin2bn(s, s_len, ps); + BN_bin2bn(r, (int) r_len, pr); + BN_bin2bn(s, (int) s_len, ps); ECDSA_SIG_set0(ecdsa_sig, pr, ps); #else ECDSA_SIG ecdsa_sig_; ECDSA_SIG *ecdsa_sig = &ecdsa_sig_; ecdsa_sig_.r = BN_new(); - BN_bin2bn(r, r_len, ecdsa_sig_.r); + BN_bin2bn(r, (int) r_len, ecdsa_sig_.r); ecdsa_sig_.s = BN_new(); - BN_bin2bn(s, s_len, ecdsa_sig_.s); + BN_bin2bn(s, (int) s_len, ecdsa_sig_.s); #endif if(type == LIBSSH2_EC_CURVE_NISTP256) { @@ -404,9 +482,26 @@ _libssh2_cipher_init(_libssh2_cipher_ctx * h, unsigned char *iv, unsigned char *secret, int encrypt) { #ifdef HAVE_OPAQUE_STRUCTS +#if LIBSSH2_AES_GCM + const int is_aesgcm = (algo == EVP_aes_128_gcm) || + (algo == EVP_aes_256_gcm); +#endif /* LIBSSH2_AES_GCM */ + int rc; + *h = EVP_CIPHER_CTX_new(); - return !EVP_CipherInit(*h, algo(), secret, iv, encrypt); + rc = !EVP_CipherInit(*h, algo(), secret, iv, encrypt); +#if LIBSSH2_AES_GCM + if(is_aesgcm) { + /* Sets both fixed and invocation_counter parts of IV */ + rc |= !EVP_CIPHER_CTX_ctrl(*h, EVP_CTRL_AEAD_SET_IV_FIXED, -1, iv); + } +#endif /* LIBSSH2_AES_GCM */ + + return rc; #else +# if LIBSSH2_AES_GCM +# error AES-GCM is only supported with opaque structs in use +# endif /* LIBSSH2_AES_GCM */ EVP_CIPHER_CTX_init(h); return !EVP_CipherInit(h, algo(), secret, iv, encrypt); #endif @@ -415,242 +510,116 @@ _libssh2_cipher_init(_libssh2_cipher_ctx * h, int _libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx, _libssh2_cipher_type(algo), - int encrypt, unsigned char *block, size_t blocksize) + int encrypt, unsigned char *block, size_t blocksize, + int firstlast) { unsigned char buf[EVP_MAX_BLOCK_LENGTH]; - int ret; - (void) algo; - (void) encrypt; + int ret = 1; + int rc = 1; +#if LIBSSH2_AES_GCM + const int is_aesgcm = (algo == EVP_aes_128_gcm) || + (algo == EVP_aes_256_gcm); + char lastiv[1]; +#else + const int is_aesgcm = 0; +#endif /* LIBSSH2_AES_GCM */ + /* length of AES-GCM Authentication Tag */ + const int authlen = is_aesgcm ? 16 : 0; + /* length of AAD, only on the first block */ + const int aadlen = (is_aesgcm && IS_FIRST(firstlast)) ? 4 : 0; + /* size of AT, if present */ + const int authenticationtag = IS_LAST(firstlast) ? authlen : 0; + /* length to encrypt */ + const int cryptlen = (unsigned int)blocksize - aadlen - authenticationtag; + + (void)algo; + + assert(blocksize <= sizeof(buf)); + assert(cryptlen >= 0); + +#if LIBSSH2_AES_GCM + /* First block */ + if(IS_FIRST(firstlast)) { + /* Increments invocation_counter portion of IV */ + if(is_aesgcm) { + ret = EVP_CIPHER_CTX_ctrl(*ctx, EVP_CTRL_GCM_IV_GEN, 1, lastiv); + } + + if(aadlen) { + /* Include the 4 byte packet length as AAD */ + ret = EVP_Cipher(*ctx, NULL, block, aadlen); + } + } + + /* Last portion of block to encrypt/decrypt */ + if(IS_LAST(firstlast)) { + if(is_aesgcm && !encrypt) { + /* set tag on decryption */ + ret = EVP_CIPHER_CTX_ctrl(*ctx, EVP_CTRL_GCM_SET_TAG, authlen, + block + blocksize - authlen); + } + } +#else + (void)encrypt; + (void)firstlast; +#endif /* LIBSSH2_AES_GCM */ + + if(cryptlen > 0) { #ifdef HAVE_OPAQUE_STRUCTS - ret = EVP_Cipher(*ctx, buf, block, blocksize); + ret = EVP_Cipher(*ctx, buf + aadlen, block + aadlen, cryptlen); #else - ret = EVP_Cipher(ctx, buf, block, blocksize); + ret = EVP_Cipher(ctx, buf + aadlen, block + aadlen, cryptlen); #endif -#if defined(OPENSSL_VERSION_MAJOR) && OPENSSL_VERSION_MAJOR >= 3 - if(ret != -1) { -#else - if(ret == 1) { -#endif - memcpy(block, buf, blocksize); } -#if defined(OPENSSL_VERSION_MAJOR) && OPENSSL_VERSION_MAJOR >= 3 - return ret != -1 ? 0 : 1; +#if (defined(OPENSSL_VERSION_MAJOR) && OPENSSL_VERSION_MAJOR >= 3) || \ + defined(LIBSSH2_WOLFSSL) + if(ret != -1) #else - return ret == 1 ? 0 : 1; + if(ret >= 1) #endif -} - -#if LIBSSH2_AES_CTR && !defined(HAVE_EVP_AES_128_CTR) - -#include -#include - -typedef struct -{ - AES_KEY key; - EVP_CIPHER_CTX *aes_ctx; - unsigned char ctr[AES_BLOCK_SIZE]; -} aes_ctr_ctx; - -static EVP_CIPHER * aes_128_ctr_cipher = NULL; -static EVP_CIPHER * aes_192_ctr_cipher = NULL; -static EVP_CIPHER * aes_256_ctr_cipher = NULL; - -static int -aes_ctr_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) /* init key */ -{ - /* - * variable "c" is leaked from this scope, but is later freed - * in aes_ctr_cleanup - */ - aes_ctr_ctx *c; - const EVP_CIPHER *aes_cipher; - (void) enc; - - switch(EVP_CIPHER_CTX_key_length(ctx)) { - case 16: - aes_cipher = EVP_aes_128_ecb(); - break; - case 24: - aes_cipher = EVP_aes_192_ecb(); - break; - case 32: - aes_cipher = EVP_aes_256_ecb(); - break; - default: - return 0; - } - - c = malloc(sizeof(*c)); - if(c == NULL) - return 0; - + { + rc = 0; + if(IS_LAST(firstlast)) { + /* This is the last block. + encrypt: compute tag, if applicable + decrypt: verify tag, if applicable + in!=NULL is equivalent to EVP_CipherUpdate + in==NULL is equivalent to EVP_CipherFinal */ #ifdef HAVE_OPAQUE_STRUCTS - c->aes_ctx = EVP_CIPHER_CTX_new(); + ret = EVP_Cipher(*ctx, NULL, NULL, 0); /* final */ #else - c->aes_ctx = malloc(sizeof(EVP_CIPHER_CTX)); + ret = EVP_Cipher(ctx, NULL, NULL, 0); /* final */ #endif - if(c->aes_ctx == NULL) { - free(c); - return 0; + if(ret < 0) { + ret = 0; + } + else { + ret = 1; +#if LIBSSH2_AES_GCM + if(is_aesgcm && encrypt) { + /* write the Authentication Tag a.k.a. MAC at the end + of the block */ + assert(authenticationtag == authlen); + ret = EVP_CIPHER_CTX_ctrl(*ctx, EVP_CTRL_GCM_GET_TAG, + authlen, block + blocksize - authenticationtag); + } +#endif /* LIBSSH2_AES_GCM */ + } + } + /* Copy en/decrypted data back to the caller. + The first aadlen should not be touched because they weren't + encrypted and are unmodified. */ + memcpy(block + aadlen, buf + aadlen, cryptlen); + rc = !ret; } - if(EVP_EncryptInit(c->aes_ctx, aes_cipher, key, NULL) != 1) { -#ifdef HAVE_OPAQUE_STRUCTS - EVP_CIPHER_CTX_free(c->aes_ctx); -#else - free(c->aes_ctx); -#endif - free(c); - return 0; - } - - EVP_CIPHER_CTX_set_padding(c->aes_ctx, 0); - - memcpy(c->ctr, iv, AES_BLOCK_SIZE); - - EVP_CIPHER_CTX_set_app_data(ctx, c); - - return 1; + /* TODO: the return code should distinguish between decryption errors and + invalid MACs */ + return rc; } -static int -aes_ctr_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, - size_t inl) /* encrypt/decrypt data */ -{ - aes_ctr_ctx *c = EVP_CIPHER_CTX_get_app_data(ctx); - unsigned char b1[AES_BLOCK_SIZE]; - int outlen = 0; - - if(inl != 16) /* libssh2 only ever encrypt one block */ - return 0; - - if(c == NULL) { - return 0; - } - -/* - To encrypt a packet P=P1||P2||...||Pn (where P1, P2, ..., Pn are each - blocks of length L), the encryptor first encrypts with - to obtain a block B1. The block B1 is then XORed with P1 to generate - the ciphertext block C1. The counter X is then incremented -*/ - - if(EVP_EncryptUpdate(c->aes_ctx, b1, &outlen, - c->ctr, AES_BLOCK_SIZE) != 1) { - return 0; - } - - _libssh2_xor_data(out, in, b1, AES_BLOCK_SIZE); - _libssh2_aes_ctr_increment(c->ctr, AES_BLOCK_SIZE); - - return 1; -} - -static int -aes_ctr_cleanup(EVP_CIPHER_CTX *ctx) /* cleanup ctx */ -{ - aes_ctr_ctx *c = EVP_CIPHER_CTX_get_app_data(ctx); - - if(c == NULL) { - return 1; - } - - if(c->aes_ctx != NULL) { -#ifdef HAVE_OPAQUE_STRUCTS - EVP_CIPHER_CTX_free(c->aes_ctx); -#else - _libssh2_cipher_dtor(c->aes_ctx); - free(c->aes_ctx); -#endif - } - - free(c); - - return 1; -} - -static const EVP_CIPHER * -make_ctr_evp (size_t keylen, EVP_CIPHER **aes_ctr_cipher, int type) -{ -#ifdef HAVE_OPAQUE_STRUCTS - *aes_ctr_cipher = EVP_CIPHER_meth_new(type, 16, keylen); - if(*aes_ctr_cipher) { - EVP_CIPHER_meth_set_iv_length(*aes_ctr_cipher, 16); - EVP_CIPHER_meth_set_init(*aes_ctr_cipher, aes_ctr_init); - EVP_CIPHER_meth_set_do_cipher(*aes_ctr_cipher, aes_ctr_do_cipher); - EVP_CIPHER_meth_set_cleanup(*aes_ctr_cipher, aes_ctr_cleanup); - } -#else - (*aes_ctr_cipher)->nid = type; - (*aes_ctr_cipher)->block_size = 16; - (*aes_ctr_cipher)->key_len = keylen; - (*aes_ctr_cipher)->iv_len = 16; - (*aes_ctr_cipher)->init = aes_ctr_init; - (*aes_ctr_cipher)->do_cipher = aes_ctr_do_cipher; - (*aes_ctr_cipher)->cleanup = aes_ctr_cleanup; -#endif - - return *aes_ctr_cipher; -} - -const EVP_CIPHER * -_libssh2_EVP_aes_128_ctr(void) -{ -#ifdef HAVE_OPAQUE_STRUCTS - return !aes_128_ctr_cipher ? - make_ctr_evp(16, &aes_128_ctr_cipher, NID_aes_128_ctr) : - aes_128_ctr_cipher; -#else - static EVP_CIPHER aes_ctr_cipher; - if(!aes_128_ctr_cipher) { - aes_128_ctr_cipher = &aes_ctr_cipher; - make_ctr_evp(16, &aes_128_ctr_cipher, 0); - } - return aes_128_ctr_cipher; -#endif -} - -const EVP_CIPHER * -_libssh2_EVP_aes_192_ctr(void) -{ -#ifdef HAVE_OPAQUE_STRUCTS - return !aes_192_ctr_cipher ? - make_ctr_evp(24, &aes_192_ctr_cipher, NID_aes_192_ctr) : - aes_192_ctr_cipher; -#else - static EVP_CIPHER aes_ctr_cipher; - if(!aes_192_ctr_cipher) { - aes_192_ctr_cipher = &aes_ctr_cipher; - make_ctr_evp(24, &aes_192_ctr_cipher, 0); - } - return aes_192_ctr_cipher; -#endif -} - -const EVP_CIPHER * -_libssh2_EVP_aes_256_ctr(void) -{ -#ifdef HAVE_OPAQUE_STRUCTS - return !aes_256_ctr_cipher ? - make_ctr_evp(32, &aes_256_ctr_cipher, NID_aes_256_ctr) : - aes_256_ctr_cipher; -#else - static EVP_CIPHER aes_ctr_cipher; - if(!aes_256_ctr_cipher) { - aes_256_ctr_cipher = &aes_ctr_cipher; - make_ctr_evp(32, &aes_256_ctr_cipher, 0); - } - return aes_256_ctr_cipher; -#endif -} - -#endif /* LIBSSH2_AES_CTR && !defined(HAVE_EVP_AES_128_CTR) */ - void _libssh2_openssl_crypto_init(void) { #if OPENSSL_VERSION_NUMBER >= 0x10100000L && \ @@ -668,44 +637,22 @@ void _libssh2_openssl_crypto_init(void) ENGINE_register_all_complete(); #endif #endif -#if LIBSSH2_AES_CTR && !defined(HAVE_EVP_AES_128_CTR) - aes_128_ctr_cipher = (EVP_CIPHER *) _libssh2_EVP_aes_128_ctr(); - aes_192_ctr_cipher = (EVP_CIPHER *) _libssh2_EVP_aes_192_ctr(); - aes_256_ctr_cipher = (EVP_CIPHER *) _libssh2_EVP_aes_256_ctr(); -#endif } void _libssh2_openssl_crypto_exit(void) { -#if LIBSSH2_AES_CTR && !defined(HAVE_EVP_AES_128_CTR) -#ifdef HAVE_OPAQUE_STRUCTS - if(aes_128_ctr_cipher) { - EVP_CIPHER_meth_free(aes_128_ctr_cipher); - } - - if(aes_192_ctr_cipher) { - EVP_CIPHER_meth_free(aes_192_ctr_cipher); - } - - if(aes_256_ctr_cipher) { - EVP_CIPHER_meth_free(aes_256_ctr_cipher); - } -#endif - - aes_128_ctr_cipher = NULL; - aes_192_ctr_cipher = NULL; - aes_256_ctr_cipher = NULL; -#endif } +#if LIBSSH2_RSA || LIBSSH2_DSA || LIBSSH2_ECDSA || LIBSSH2_ED25519 /* TODO: Optionally call a passphrase callback specified by the * calling program */ static int passphrase_cb(char *buf, int size, int rwflag, char *passphrase) { - int passphrase_len = strlen(passphrase); - (void) rwflag; + int passphrase_len = (int) strlen(passphrase); + + (void)rwflag; if(passphrase_len > (size - 1)) { passphrase_len = size - 1; @@ -730,19 +677,24 @@ read_private_key_from_memory(void **key_ctx, *key_ctx = NULL; - bp = BIO_new_mem_buf((char *)filedata, filedata_len); +#if OPENSSL_VERSION_NUMBER >= 0x1000200fL + bp = BIO_new_mem_buf(filedata, (int)filedata_len); +#else + bp = BIO_new_mem_buf((char *)filedata, (int)filedata_len); +#endif if(!bp) { return -1; } + *key_ctx = read_private_key(bp, NULL, (pem_password_cb *) passphrase_cb, (void *) passphrase); BIO_free(bp); return (*key_ctx) ? 0 : -1; } +#endif - - +#if LIBSSH2_RSA || LIBSSH2_DSA || LIBSSH2_ECDSA static int read_private_key_from_file(void **key_ctx, pem_read_bio_func read_private_key, @@ -764,7 +716,9 @@ read_private_key_from_file(void **key_ctx, BIO_free(bp); return (*key_ctx) ? 0 : -1; } +#endif +#if LIBSSH2_RSA int _libssh2_rsa_new_private_frommemory(libssh2_rsa_ctx ** rsa, LIBSSH2_SESSION * session, @@ -786,7 +740,7 @@ _libssh2_rsa_new_private_frommemory(libssh2_rsa_ctx ** rsa, "ssh-rsa", filedata, filedata_len, passphrase); } -return rc; + return rc; } static unsigned char * @@ -812,7 +766,7 @@ gen_publickey_from_rsa(LIBSSH2_SESSION *session, RSA *rsa, len = 4 + 7 + 4 + e_bytes + 4 + n_bytes; key = LIBSSH2_ALLOC(session, len); - if(key == NULL) { + if(!key) { return NULL; } @@ -844,23 +798,23 @@ gen_publickey_from_rsa_evp(LIBSSH2_SESSION *session, unsigned char *method_buf = NULL; size_t key_len; - _libssh2_debug(session, + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, - "Computing public key from RSA private key envelope"); + "Computing public key from RSA private key envelope")); rsa = EVP_PKEY_get1_RSA(pk); - if(rsa == NULL) { + if(!rsa) { /* Assume memory allocation error... what else could it be ? */ goto __alloc_error; } method_buf = LIBSSH2_ALLOC(session, 7); /* ssh-rsa. */ - if(method_buf == NULL) { + if(!method_buf) { goto __alloc_error; } key = gen_publickey_from_rsa(session, rsa, &key_len); - if(key == NULL) { + if(!key) { goto __alloc_error; } RSA_free(rsa); @@ -872,11 +826,11 @@ gen_publickey_from_rsa_evp(LIBSSH2_SESSION *session, *pubkeydata_len = key_len; return 0; - __alloc_error: - if(rsa != NULL) { +__alloc_error: + if(rsa) { RSA_free(rsa); } - if(method_buf != NULL) { + if(method_buf) { LIBSSH2_FREE(session, method_buf); } @@ -906,23 +860,23 @@ static int _libssh2_rsa_new_additional_parameters(RSA *rsa) #endif ctx = BN_CTX_new(); - if(ctx == NULL) + if(!ctx) return -1; aux = BN_new(); - if(aux == NULL) { + if(!aux) { rc = -1; goto out; } dmp1 = BN_new(); - if(dmp1 == NULL) { + if(!dmp1) { rc = -1; goto out; } dmq1 = BN_new(); - if(dmq1 == NULL) { + if(!dmq1) { rc = -1; goto out; } @@ -947,7 +901,7 @@ out: BN_clear_free(aux); BN_CTX_free(ctx); - if(rc != 0) { + if(rc) { if(dmp1) BN_clear_free(dmp1); if(dmq1) @@ -971,9 +925,9 @@ gen_publickey_from_rsa_openssh_priv_data(LIBSSH2_SESSION *session, unsigned char *n, *e, *d, *p, *q, *coeff, *comment; RSA *rsa = NULL; - _libssh2_debug(session, + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, - "Computing RSA keys from private key data"); + "Computing RSA keys from private key data")); /* public key data */ if(_libssh2_get_bignum_bytes(decrypted, &n, &nlen)) { @@ -1019,19 +973,25 @@ gen_publickey_from_rsa_openssh_priv_data(LIBSSH2_SESSION *session, return -1; } - if((rc = _libssh2_rsa_new(&rsa, e, elen, n, nlen, d, dlen, p, plen, - q, qlen, NULL, 0, NULL, 0, - coeff, coefflen)) != 0) { - _libssh2_debug(session, + rc = _libssh2_rsa_new(&rsa, + e, (unsigned long)elen, + n, (unsigned long)nlen, + d, (unsigned long)dlen, + p, (unsigned long)plen, + q, (unsigned long)qlen, + NULL, 0, NULL, 0, + coeff, (unsigned long)coefflen); + if(rc) { + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, - "Could not create RSA private key"); + "Could not create RSA private key")); goto fail; } - if(rsa != NULL) + if(rsa) rc = _libssh2_rsa_new_additional_parameters(rsa); - if(rsa != NULL && pubkeydata != NULL && method != NULL) { + if(rsa && pubkeydata && method) { EVP_PKEY *pk = EVP_PKEY_new(); EVP_PKEY_set1_RSA(pk, rsa); @@ -1043,7 +1003,7 @@ gen_publickey_from_rsa_openssh_priv_data(LIBSSH2_SESSION *session, EVP_PKEY_free(pk); } - if(rsa_ctx != NULL) + if(rsa_ctx) *rsa_ctx = rsa; else RSA_free(rsa); @@ -1052,7 +1012,7 @@ gen_publickey_from_rsa_openssh_priv_data(LIBSSH2_SESSION *session, fail: - if(rsa != NULL) + if(rsa) RSA_free(rsa); return _libssh2_error(session, @@ -1071,7 +1031,7 @@ _libssh2_rsa_new_openssh_private(libssh2_rsa_ctx ** rsa, unsigned char *buf = NULL; struct string_buf *decrypted = NULL; - if(session == NULL) { + if(!session) { _libssh2_error(session, LIBSSH2_ERROR_PROTO, "Session is required"); return -1; @@ -1095,7 +1055,7 @@ _libssh2_rsa_new_openssh_private(libssh2_rsa_ctx ** rsa, /* We have a new key file, now try and parse it using supported types */ rc = _libssh2_get_string(decrypted, &buf, NULL); - if(rc != 0 || buf == NULL) { + if(rc || !buf) { _libssh2_error(session, LIBSSH2_ERROR_PROTO, "Public key type in decrypted key data not found"); return -1; @@ -1138,6 +1098,7 @@ _libssh2_rsa_new_private(libssh2_rsa_ctx ** rsa, return rc; } +#endif #if LIBSSH2_DSA int @@ -1154,11 +1115,14 @@ _libssh2_dsa_new_private_frommemory(libssh2_dsa_ctx ** dsa, _libssh2_init_if_needed(); rc = read_private_key_from_memory((void **)dsa, read_dsa, - filedata, filedata_len, passphrase); + filedata, filedata_len, + passphrase); if(rc) { rc = read_openssh_private_key_from_memory((void **)dsa, session, - "ssh-dsa", filedata, filedata_len, passphrase); + "ssh-dsa", + filedata, filedata_len, + passphrase); } return rc; @@ -1199,7 +1163,7 @@ gen_publickey_from_dsa(LIBSSH2_SESSION* session, DSA *dsa, len = 4 + 7 + 4 + p_bytes + 4 + q_bytes + 4 + g_bytes + 4 + k_bytes; key = LIBSSH2_ALLOC(session, len); - if(key == NULL) { + if(!key) { return NULL; } @@ -1233,23 +1197,23 @@ gen_publickey_from_dsa_evp(LIBSSH2_SESSION *session, unsigned char *method_buf = NULL; size_t key_len; - _libssh2_debug(session, + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, - "Computing public key from DSA private key envelope"); + "Computing public key from DSA private key envelope")); dsa = EVP_PKEY_get1_DSA(pk); - if(dsa == NULL) { + if(!dsa) { /* Assume memory allocation error... what else could it be ? */ goto __alloc_error; } method_buf = LIBSSH2_ALLOC(session, 7); /* ssh-dss. */ - if(method_buf == NULL) { + if(!method_buf) { goto __alloc_error; } key = gen_publickey_from_dsa(session, dsa, &key_len); - if(key == NULL) { + if(!key) { goto __alloc_error; } DSA_free(dsa); @@ -1261,11 +1225,11 @@ gen_publickey_from_dsa_evp(LIBSSH2_SESSION *session, *pubkeydata_len = key_len; return 0; - __alloc_error: - if(dsa != NULL) { +__alloc_error: + if(dsa) { DSA_free(dsa); } - if(method_buf != NULL) { + if(method_buf) { LIBSSH2_FREE(session, method_buf); } @@ -1288,9 +1252,9 @@ gen_publickey_from_dsa_openssh_priv_data(LIBSSH2_SESSION *session, unsigned char *p, *q, *g, *pub_key, *priv_key; DSA *dsa = NULL; - _libssh2_debug(session, + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, - "Computing DSA keys from private key data"); + "Computing DSA keys from private key data")); if(_libssh2_get_bignum_bytes(decrypted, &p, &plen)) { _libssh2_error(session, LIBSSH2_ERROR_PROTO, @@ -1322,16 +1286,20 @@ gen_publickey_from_dsa_openssh_priv_data(LIBSSH2_SESSION *session, return -1; } - rc = _libssh2_dsa_new(&dsa, p, plen, q, qlen, g, glen, pub_key, pub_len, - priv_key, priv_len); - if(rc != 0) { - _libssh2_debug(session, + rc = _libssh2_dsa_new(&dsa, + p, (unsigned long)plen, + q, (unsigned long)qlen, + g, (unsigned long)glen, + pub_key, (unsigned long)pub_len, + priv_key, (unsigned long)priv_len); + if(rc) { + _libssh2_debug((session, LIBSSH2_ERROR_PROTO, - "Could not create DSA private key"); + "Could not create DSA private key")); goto fail; } - if(dsa != NULL && pubkeydata != NULL && method != NULL) { + if(dsa && pubkeydata && method) { EVP_PKEY *pk = EVP_PKEY_new(); EVP_PKEY_set1_DSA(pk, dsa); @@ -1343,7 +1311,7 @@ gen_publickey_from_dsa_openssh_priv_data(LIBSSH2_SESSION *session, EVP_PKEY_free(pk); } - if(dsa_ctx != NULL) + if(dsa_ctx) *dsa_ctx = dsa; else DSA_free(dsa); @@ -1352,7 +1320,7 @@ gen_publickey_from_dsa_openssh_priv_data(LIBSSH2_SESSION *session, fail: - if(dsa != NULL) + if(dsa) DSA_free(dsa); return _libssh2_error(session, @@ -1371,7 +1339,7 @@ _libssh2_dsa_new_openssh_private(libssh2_dsa_ctx ** dsa, unsigned char *buf = NULL; struct string_buf *decrypted = NULL; - if(session == NULL) { + if(!session) { _libssh2_error(session, LIBSSH2_ERROR_PROTO, "Session is required"); return -1; @@ -1395,7 +1363,7 @@ _libssh2_dsa_new_openssh_private(libssh2_dsa_ctx ** dsa, /* We have a new key file, now try and parse it using supported types */ rc = _libssh2_get_string(decrypted, &buf, NULL); - if(rc != 0 || buf == NULL) { + if(rc || !buf) { _libssh2_error(session, LIBSSH2_ERROR_PROTO, "Public key type in decrypted key data not found"); return -1; @@ -1438,16 +1406,16 @@ _libssh2_dsa_new_private(libssh2_dsa_ctx ** dsa, return rc; } - #endif /* LIBSSH_DSA */ #if LIBSSH2_ECDSA int _libssh2_ecdsa_new_private_frommemory(libssh2_ecdsa_ctx ** ec_ctx, - LIBSSH2_SESSION * session, - const char *filedata, size_t filedata_len, - unsigned const char *passphrase) + LIBSSH2_SESSION * session, + const char *filedata, + size_t filedata_len, + unsigned const char *passphrase) { int rc; @@ -1457,17 +1425,47 @@ _libssh2_ecdsa_new_private_frommemory(libssh2_ecdsa_ctx ** ec_ctx, _libssh2_init_if_needed(); rc = read_private_key_from_memory((void **) ec_ctx, read_ec, - filedata, filedata_len, passphrase); + filedata, filedata_len, + passphrase); if(rc) { rc = read_openssh_private_key_from_memory((void **)ec_ctx, session, - "ssh-ecdsa", filedata, - filedata_len, passphrase); + "ssh-ecdsa", + filedata, filedata_len, + passphrase); } return rc; } +int _libssh2_ecdsa_new_private_frommemory_sk(libssh2_ecdsa_ctx ** ec_ctx, + unsigned char *flags, + const char **application, + const unsigned char **key_handle, + size_t *handle_len, + LIBSSH2_SESSION * session, + const char *filedata, + size_t filedata_len, + unsigned const char *passphrase) +{ + int algorithm; + return _libssh2_sk_pub_openssh_keyfilememory(session, + (void **)ec_ctx, + "sk-ecdsa-sha2-nistp256@openssh.com", + NULL, + NULL, + NULL, + NULL, + &algorithm, + flags, + application, + key_handle, + handle_len, + filedata, + filedata_len, + passphrase); +} + #endif /* LIBSSH2_ECDSA */ @@ -1485,38 +1483,38 @@ _libssh2_curve25519_new(LIBSSH2_SESSION *session, int rc = -1; pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_X25519, NULL); - if(pctx == NULL) + if(!pctx) return -1; if(EVP_PKEY_keygen_init(pctx) != 1 || EVP_PKEY_keygen(pctx, &key) != 1) { - goto cleanExit; + goto clean_exit; } - if(out_private_key != NULL) { + if(out_private_key) { privLen = LIBSSH2_ED25519_KEY_LEN; priv = LIBSSH2_ALLOC(session, privLen); - if(priv == NULL) - goto cleanExit; + if(!priv) + goto clean_exit; if(EVP_PKEY_get_raw_private_key(key, priv, &privLen) != 1 || privLen != LIBSSH2_ED25519_KEY_LEN) { - goto cleanExit; + goto clean_exit; } *out_private_key = priv; priv = NULL; } - if(out_public_key != NULL) { + if(out_public_key) { pubLen = LIBSSH2_ED25519_KEY_LEN; pub = LIBSSH2_ALLOC(session, pubLen); - if(pub == NULL) - goto cleanExit; + if(!pub) + goto clean_exit; if(EVP_PKEY_get_raw_public_key(key, pub, &pubLen) != 1 || pubLen != LIBSSH2_ED25519_KEY_LEN) { - goto cleanExit; + goto clean_exit; } *out_public_key = pub; @@ -1526,7 +1524,7 @@ _libssh2_curve25519_new(LIBSSH2_SESSION *session, /* success */ rc = 0; -cleanExit: +clean_exit: if(pctx) EVP_PKEY_CTX_free(pctx); @@ -1556,8 +1554,8 @@ gen_publickey_from_ed_evp(LIBSSH2_SESSION *session, size_t bufLen = 0; unsigned char *bufPos = NULL; - _libssh2_debug(session, LIBSSH2_TRACE_AUTH, - "Computing public key from ED private key envelope"); + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, + "Computing public key from ED private key envelope")); methodBuf = LIBSSH2_ALLOC(session, sizeof(methodName) - 1); if(!methodBuf) { @@ -1583,7 +1581,7 @@ gen_publickey_from_ed_evp(LIBSSH2_SESSION *session, } _libssh2_store_str(&bufPos, methodName, sizeof(methodName) - 1); - _libssh2_store_u32(&bufPos, rawKeyLen); + _libssh2_store_u32(&bufPos, (uint32_t) rawKeyLen); if(EVP_PKEY_get_raw_public_key(pk, bufPos, &rawKeyLen) != 1) { _libssh2_error(session, LIBSSH2_ERROR_PROTO, @@ -1623,9 +1621,9 @@ gen_publickey_from_ed25519_openssh_priv_data(LIBSSH2_SESSION *session, size_t key_len = 0, tmp_len = 0; unsigned char *p; - _libssh2_debug(session, + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, - "Computing ED25519 keys from private key data"); + "Computing ED25519 keys from private key data")); if(_libssh2_get_string(decrypted, &pub_key, &tmp_len) || tmp_len != LIBSSH2_ED25519_KEY_LEN) { @@ -1658,12 +1656,12 @@ gen_publickey_from_ed25519_openssh_priv_data(LIBSSH2_SESSION *session, if(tmp_len > 0) { unsigned char *comment = LIBSSH2_CALLOC(session, tmp_len + 1); - if(comment != NULL) { + if(comment) { memcpy(comment, buf, tmp_len); memcpy(comment + tmp_len, "\0", 1); - _libssh2_debug(session, LIBSSH2_TRACE_AUTH, "Key comment: %s", - comment); + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, "Key comment: %s", + comment)); LIBSSH2_FREE(session, comment); } @@ -1683,13 +1681,13 @@ gen_publickey_from_ed25519_openssh_priv_data(LIBSSH2_SESSION *session, } if(ret == 0) { - _libssh2_debug(session, + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, "Computing public key from ED25519 " - "private key envelope"); + "private key envelope")); method_buf = LIBSSH2_ALLOC(session, 11); /* ssh-ed25519. */ - if(method_buf == NULL) { + if(!method_buf) { _libssh2_error(session, LIBSSH2_ERROR_ALLOC, "Unable to allocate memory for ED25519 key"); goto clean_exit; @@ -1699,7 +1697,7 @@ gen_publickey_from_ed25519_openssh_priv_data(LIBSSH2_SESSION *session, pub_key(32). */ key_len = LIBSSH2_ED25519_KEY_LEN + 19; key = LIBSSH2_CALLOC(session, key_len); - if(key == NULL) { + if(!key) { _libssh2_error(session, LIBSSH2_ERROR_ALLOC, "Unable to allocate memory for ED25519 key"); goto clean_exit; @@ -1712,25 +1710,25 @@ gen_publickey_from_ed25519_openssh_priv_data(LIBSSH2_SESSION *session, memcpy(method_buf, "ssh-ed25519", 11); - if(method != NULL) + if(method) *method = method_buf; else LIBSSH2_FREE(session, method_buf); - if(method_len != NULL) + if(method_len) *method_len = 11; - if(pubkeydata != NULL) + if(pubkeydata) *pubkeydata = key; else LIBSSH2_FREE(session, key); - if(pubkeydata_len != NULL) + if(pubkeydata_len) *pubkeydata_len = key_len; - if(out_ctx != NULL) + if(out_ctx) *out_ctx = ctx; - else if(ctx != NULL) + else if(ctx) _libssh2_ed25519_free(ctx); return 0; @@ -1750,6 +1748,160 @@ clean_exit: return -1; } +static int +gen_publickey_from_sk_ed25519_openssh_priv_data(LIBSSH2_SESSION *session, + struct string_buf *decrypted, + unsigned char **method, + size_t *method_len, + unsigned char **pubkeydata, + size_t *pubkeydata_len, + unsigned char *flags, + const char **application, + const unsigned char **key_handle, + size_t *handle_len, + libssh2_ed25519_ctx **out_ctx) +{ + const char *key_type = "sk-ssh-ed25519@openssh.com"; + + libssh2_ed25519_ctx *ctx = NULL; + unsigned char *method_buf = NULL; + unsigned char *key = NULL; + int ret = 0; + unsigned char *pub_key, *app; + size_t key_len = 0, app_len = 0, tmp_len = 0; + unsigned char *p; + + _libssh2_debug((session, + LIBSSH2_TRACE_AUTH, + "Computing sk-ED25519 keys from private key data")); + + if(_libssh2_get_string(decrypted, &pub_key, &tmp_len) || + tmp_len != LIBSSH2_ED25519_KEY_LEN) { + _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "Wrong public key length"); + return -1; + } + + if(_libssh2_get_string(decrypted, &app, &app_len)) { + _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "No SK application."); + return -1; + } + + if(flags && _libssh2_get_byte(decrypted, flags)) { + _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "No SK flags."); + return -1; + } + + if(key_handle && handle_len) { + unsigned char *handle = NULL; + if(_libssh2_get_string(decrypted, &handle, handle_len)) { + _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "No SK key_handle."); + return -1; + } + + if(*handle_len > 0) { + *key_handle = LIBSSH2_ALLOC(session, *handle_len); + + if(key_handle) { + memcpy((void *)*key_handle, handle, *handle_len); + } + } + } + + ctx = EVP_PKEY_new_raw_public_key(EVP_PKEY_ED25519, NULL, + (const unsigned char *)pub_key, + LIBSSH2_ED25519_KEY_LEN); + + if(ret == 0) { + _libssh2_debug((session, + LIBSSH2_TRACE_AUTH, + "Computing public key from ED25519 " + "private key envelope")); + + /* sk-ssh-ed25519@openssh.com. */ + method_buf = LIBSSH2_ALLOC(session, strlen(key_type)); + if(!method_buf) { + _libssh2_error(session, LIBSSH2_ERROR_ALLOC, + "Unable to allocate memory for ED25519 key"); + goto clean_exit; + } + + /* Key form is: type_len(4) + type(26) + pub_key_len(4) + + pub_key(32) + application_len(4) + application(X). */ + key_len = LIBSSH2_ED25519_KEY_LEN + 38 + app_len; + key = LIBSSH2_CALLOC(session, key_len); + if(!key) { + _libssh2_error(session, LIBSSH2_ERROR_ALLOC, + "Unable to allocate memory for ED25519 key"); + goto clean_exit; + } + + p = key; + + _libssh2_store_str(&p, key_type, strlen(key_type)); + _libssh2_store_str(&p, (const char *)pub_key, LIBSSH2_ED25519_KEY_LEN); + _libssh2_store_str(&p, (const char *)app, app_len); + + if(application && app_len > 0) { + *application = (const char *)LIBSSH2_ALLOC(session, app_len + 1); + _libssh2_explicit_zero((void *)*application, app_len + 1); + memcpy((void *)*application, app, app_len); + } + + memcpy(method_buf, key_type, strlen(key_type)); + + if(method) + *method = method_buf; + else + LIBSSH2_FREE(session, method_buf); + + if(method_len) + *method_len = strlen(key_type); + + if(pubkeydata) + *pubkeydata = key; + else if(key) + LIBSSH2_FREE(session, key); + + if(pubkeydata_len) + *pubkeydata_len = key_len; + + if(out_ctx) + *out_ctx = ctx; + else if(ctx) + _libssh2_ed25519_free(ctx); + + return 0; + } + +clean_exit: + + if(ctx) + _libssh2_ed25519_free(ctx); + + if(method_buf) + LIBSSH2_FREE(session, method_buf); + + if(key) + LIBSSH2_FREE(session, key); + + if(application && *application) { + LIBSSH2_FREE(session, (void *)application); + *application = NULL; + } + + if(key_handle && *key_handle) { + LIBSSH2_FREE(session, (void *)key_handle); + *key_handle = NULL; + } + + return -1; +} + + int _libssh2_ed25519_new_private(libssh2_ed25519_ctx ** ed_ctx, LIBSSH2_SESSION * session, @@ -1761,7 +1913,7 @@ _libssh2_ed25519_new_private(libssh2_ed25519_ctx ** ed_ctx, struct string_buf *decrypted = NULL; libssh2_ed25519_ctx *ctx = NULL; - if(session == NULL) { + if(!session) { _libssh2_error(session, LIBSSH2_ERROR_PROTO, "Session is required"); return -1; @@ -1785,7 +1937,7 @@ _libssh2_ed25519_new_private(libssh2_ed25519_ctx ** ed_ctx, /* We have a new key file, now try and parse it using supported types */ rc = _libssh2_get_string(decrypted, &buf, NULL); - if(rc != 0 || buf == NULL) { + if(rc || !buf) { _libssh2_error(session, LIBSSH2_ERROR_PROTO, "Public key type in decrypted key data not found"); return -1; @@ -1808,9 +1960,85 @@ _libssh2_ed25519_new_private(libssh2_ed25519_ctx ** ed_ctx, _libssh2_string_buf_free(session, decrypted); if(rc == 0) { - if(ed_ctx != NULL) + if(ed_ctx) *ed_ctx = ctx; - else if(ctx != NULL) + else if(ctx) + _libssh2_ed25519_free(ctx); + } + + return rc; +} + +int +_libssh2_ed25519_new_private_sk(libssh2_ed25519_ctx **ed_ctx, + unsigned char *flags, + const char **application, + const unsigned char **key_handle, + size_t *handle_len, + LIBSSH2_SESSION *session, + const char *filename, + const uint8_t *passphrase) +{ + int rc; + FILE *fp; + unsigned char *buf; + struct string_buf *decrypted = NULL; + libssh2_ed25519_ctx *ctx = NULL; + + if(!session) { + _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "Session is required"); + return -1; + } + + _libssh2_init_if_needed(); + + fp = fopen(filename, "r"); + if(!fp) { + _libssh2_error(session, LIBSSH2_ERROR_FILE, + "Unable to open ED25519 SK private key file"); + return -1; + } + + rc = _libssh2_openssh_pem_parse(session, passphrase, fp, &decrypted); + fclose(fp); + if(rc) { + return rc; + } + + /* We have a new key file, now try and parse it using supported types */ + rc = _libssh2_get_string(decrypted, &buf, NULL); + + if(rc || !buf) { + _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "Public key type in decrypted key data not found"); + return -1; + } + + if(strcmp("sk-ssh-ed25519@openssh.com", (const char *)buf) == 0) { + rc = gen_publickey_from_sk_ed25519_openssh_priv_data(session, + decrypted, + NULL, + NULL, + NULL, + NULL, + flags, + application, + key_handle, + handle_len, + &ctx); + } + else { + rc = -1; + } + + if(decrypted) + _libssh2_string_buf_free(session, decrypted); + + if(rc == 0) { + if(ed_ctx) + *ed_ctx = ctx; + else if(ctx) _libssh2_ed25519_free(ctx); } @@ -1831,7 +2059,8 @@ _libssh2_ed25519_new_private_frommemory(libssh2_ed25519_ctx ** ed_ctx, if(read_private_key_from_memory((void **)&ctx, (pem_read_bio_func) &PEM_read_bio_PrivateKey, - filedata, filedata_len, passphrase) == 0) { + filedata, filedata_len, + passphrase) == 0) { if(EVP_PKEY_id(ctx) != EVP_PKEY_ED25519) { _libssh2_ed25519_free(ctx); return _libssh2_error(session, LIBSSH2_ERROR_PROTO, @@ -1848,15 +2077,44 @@ _libssh2_ed25519_new_private_frommemory(libssh2_ed25519_ctx ** ed_ctx, passphrase); } +int +_libssh2_ed25519_new_private_frommemory_sk(libssh2_ed25519_ctx **ed_ctx, + unsigned char *flags, + const char **application, + const unsigned char **key_handle, + size_t *handle_len, + LIBSSH2_SESSION *session, + const char *filedata, + size_t filedata_len, + unsigned const char *passphrase) +{ + int algorithm; + return _libssh2_sk_pub_openssh_keyfilememory(session, + (void **)ed_ctx, + "sk-ssh-ed25519@openssh.com", + NULL, + NULL, + NULL, + NULL, + &algorithm, + flags, + application, + key_handle, + handle_len, + filedata, + filedata_len, + passphrase); +} + int _libssh2_ed25519_new_public(libssh2_ed25519_ctx ** ed_ctx, LIBSSH2_SESSION * session, const unsigned char *raw_pub_key, - const uint8_t key_len) + const size_t key_len) { libssh2_ed25519_ctx *ctx = NULL; - if(ed_ctx == NULL) + if(!ed_ctx) return -1; ctx = EVP_PKEY_new_raw_public_key(EVP_PKEY_ED25519, NULL, @@ -1865,7 +2123,7 @@ _libssh2_ed25519_new_public(libssh2_ed25519_ctx ** ed_ctx, return _libssh2_error(session, LIBSSH2_ERROR_PROTO, "could not create ED25519 public key"); - if(ed_ctx != NULL) + if(ed_ctx) *ed_ctx = ctx; else if(ctx) _libssh2_ed25519_free(ctx); @@ -1875,8 +2133,9 @@ _libssh2_ed25519_new_public(libssh2_ed25519_ctx ** ed_ctx, #endif /* LIBSSH2_ED25519 */ +#if LIBSSH2_RSA int -_libssh2_rsa_sha1_sign(LIBSSH2_SESSION * session, +_libssh2_rsa_sha2_sign(LIBSSH2_SESSION * session, libssh2_rsa_ctx * rsactx, const unsigned char *hash, size_t hash_len, @@ -1893,7 +2152,20 @@ _libssh2_rsa_sha1_sign(LIBSSH2_SESSION * session, return -1; } - ret = RSA_sign(NID_sha1, hash, hash_len, sig, &sig_len, rsactx); + if(hash_len == SHA_DIGEST_LENGTH) + ret = RSA_sign(NID_sha1, + hash, (unsigned int) hash_len, sig, &sig_len, rsactx); + else if(hash_len == SHA256_DIGEST_LENGTH) + ret = RSA_sign(NID_sha256, + hash, (unsigned int) hash_len, sig, &sig_len, rsactx); + else if(hash_len == SHA512_DIGEST_LENGTH) + ret = RSA_sign(NID_sha512, + hash, (unsigned int) hash_len, sig, &sig_len, rsactx); + else { + _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "Unsupported hash digest length"); + ret = -1; + } if(!ret) { LIBSSH2_FREE(session, sig); @@ -1906,6 +2178,20 @@ _libssh2_rsa_sha1_sign(LIBSSH2_SESSION * session, return 0; } +#if LIBSSH2_RSA_SHA1 +int +_libssh2_rsa_sha1_sign(LIBSSH2_SESSION * session, + libssh2_rsa_ctx * rsactx, + const unsigned char *hash, + size_t hash_len, + unsigned char **signature, size_t *signature_len) +{ + return _libssh2_rsa_sha2_sign(session, rsactx, hash, hash_len, + signature, signature_len); +} +#endif +#endif + #if LIBSSH2_DSA int _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx, @@ -1916,7 +2202,8 @@ _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx, const BIGNUM * r; const BIGNUM * s; int r_len, s_len; - (void) hash_len; + + (void)hash_len; sig = DSA_do_sign(hash, SHA_DIGEST_LENGTH, dsactx); if(!sig) { @@ -1955,8 +2242,8 @@ _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx, int _libssh2_ecdsa_sign(LIBSSH2_SESSION * session, libssh2_ecdsa_ctx * ec_ctx, - const unsigned char *hash, unsigned long hash_len, - unsigned char **signature, size_t *signature_len) + const unsigned char *hash, unsigned long hash_len, + unsigned char **signature, size_t *signature_len) { int r_len, s_len; int rc = 0; @@ -1966,8 +2253,8 @@ _libssh2_ecdsa_sign(LIBSSH2_SESSION * session, libssh2_ecdsa_ctx * ec_ctx, unsigned char *temp_buffer = NULL; unsigned char *out_buffer = NULL; - ECDSA_SIG *sig = ECDSA_do_sign(hash, hash_len, ec_ctx); - if(sig == NULL) + ECDSA_SIG *sig = ECDSA_do_sign(hash, (int) hash_len, ec_ctx); + if(!sig) return -1; #ifdef HAVE_OPAQUE_STRUCTS ECDSA_SIG_get0(sig, &pr, &ps); @@ -1980,7 +2267,7 @@ _libssh2_ecdsa_sign(LIBSSH2_SESSION * session, libssh2_ecdsa_ctx * ec_ctx, s_len = BN_num_bytes(ps) + 1; temp_buffer = malloc(r_len + s_len + 8); - if(temp_buffer == NULL) { + if(!temp_buffer) { rc = -1; goto clean_exit; } @@ -1992,7 +2279,7 @@ _libssh2_ecdsa_sign(LIBSSH2_SESSION * session, libssh2_ecdsa_ctx * ec_ctx, out_buffer_len = (size_t)(sp - temp_buffer); out_buffer = LIBSSH2_CALLOC(session, out_buffer_len); - if(out_buffer == NULL) { + if(!out_buffer) { rc = -1; goto clean_exit; } @@ -2004,7 +2291,7 @@ _libssh2_ecdsa_sign(LIBSSH2_SESSION * session, libssh2_ecdsa_ctx * ec_ctx, clean_exit: - if(temp_buffer != NULL) + if(temp_buffer) free(temp_buffer); if(sig) @@ -2020,7 +2307,7 @@ _libssh2_sha1_init(libssh2_sha1_ctx *ctx) #ifdef HAVE_OPAQUE_STRUCTS *ctx = EVP_MD_CTX_new(); - if(*ctx == NULL) + if(!*ctx) return 0; if(EVP_DigestInit(*ctx, EVP_get_digestbyname("sha1"))) @@ -2037,13 +2324,13 @@ _libssh2_sha1_init(libssh2_sha1_ctx *ctx) } int -_libssh2_sha1(const unsigned char *message, unsigned long len, +_libssh2_sha1(const unsigned char *message, size_t len, unsigned char *out) { #ifdef HAVE_OPAQUE_STRUCTS EVP_MD_CTX * ctx = EVP_MD_CTX_new(); - if(ctx == NULL) + if(!ctx) return 1; /* error */ if(EVP_DigestInit(ctx, EVP_get_digestbyname("sha1"))) { @@ -2072,7 +2359,7 @@ _libssh2_sha256_init(libssh2_sha256_ctx *ctx) #ifdef HAVE_OPAQUE_STRUCTS *ctx = EVP_MD_CTX_new(); - if(*ctx == NULL) + if(!*ctx) return 0; if(EVP_DigestInit(*ctx, EVP_get_digestbyname("sha256"))) @@ -2089,13 +2376,13 @@ _libssh2_sha256_init(libssh2_sha256_ctx *ctx) } int -_libssh2_sha256(const unsigned char *message, unsigned long len, +_libssh2_sha256(const unsigned char *message, size_t len, unsigned char *out) { #ifdef HAVE_OPAQUE_STRUCTS EVP_MD_CTX * ctx = EVP_MD_CTX_new(); - if(ctx == NULL) + if(!ctx) return 1; /* error */ if(EVP_DigestInit(ctx, EVP_get_digestbyname("sha256"))) { @@ -2124,7 +2411,7 @@ _libssh2_sha384_init(libssh2_sha384_ctx *ctx) #ifdef HAVE_OPAQUE_STRUCTS *ctx = EVP_MD_CTX_new(); - if(*ctx == NULL) + if(!*ctx) return 0; if(EVP_DigestInit(*ctx, EVP_get_digestbyname("sha384"))) @@ -2141,13 +2428,13 @@ _libssh2_sha384_init(libssh2_sha384_ctx *ctx) } int -_libssh2_sha384(const unsigned char *message, unsigned long len, - unsigned char *out) +_libssh2_sha384(const unsigned char *message, size_t len, + unsigned char *out) { #ifdef HAVE_OPAQUE_STRUCTS EVP_MD_CTX * ctx = EVP_MD_CTX_new(); - if(ctx == NULL) + if(!ctx) return 1; /* error */ if(EVP_DigestInit(ctx, EVP_get_digestbyname("sha384"))) { @@ -2176,7 +2463,7 @@ _libssh2_sha512_init(libssh2_sha512_ctx *ctx) #ifdef HAVE_OPAQUE_STRUCTS *ctx = EVP_MD_CTX_new(); - if(*ctx == NULL) + if(!*ctx) return 0; if(EVP_DigestInit(*ctx, EVP_get_digestbyname("sha512"))) @@ -2193,13 +2480,13 @@ _libssh2_sha512_init(libssh2_sha512_ctx *ctx) } int -_libssh2_sha512(const unsigned char *message, unsigned long len, - unsigned char *out) +_libssh2_sha512(const unsigned char *message, size_t len, + unsigned char *out) { #ifdef HAVE_OPAQUE_STRUCTS EVP_MD_CTX * ctx = EVP_MD_CTX_new(); - if(ctx == NULL) + if(!ctx) return 1; /* error */ if(EVP_DigestInit(ctx, EVP_get_digestbyname("sha512"))) { @@ -2234,14 +2521,15 @@ _libssh2_md5_init(libssh2_md5_ctx *ctx) defined(OPENSSL_VERSION_MAJOR) && \ OPENSSL_VERSION_MAJOR < 3 && \ !defined(LIBRESSL_VERSION_NUMBER) - if(FIPS_mode() != 0) - return 0; + + if(FIPS_mode()) + return 0; #endif #ifdef HAVE_OPAQUE_STRUCTS *ctx = EVP_MD_CTX_new(); - if(*ctx == NULL) + if(!*ctx) return 0; if(EVP_DigestInit(*ctx, EVP_get_digestbyname("md5"))) @@ -2265,6 +2553,7 @@ gen_publickey_from_ec_evp(LIBSSH2_SESSION *session, size_t *method_len, unsigned char **pubkeydata, size_t *pubkeydata_len, + int is_sk, EVP_PKEY *pk) { int rc = 0; @@ -2280,16 +2569,16 @@ gen_publickey_from_ec_evp(LIBSSH2_SESSION *session, BN_CTX *bn_ctx; libssh2_curve_type type; - _libssh2_debug(session, - LIBSSH2_TRACE_AUTH, - "Computing public key from EC private key envelope"); + _libssh2_debug((session, + LIBSSH2_TRACE_AUTH, + "Computing public key from EC private key envelope")); bn_ctx = BN_CTX_new(); - if(bn_ctx == NULL) + if(!bn_ctx) return -1; ec = EVP_PKEY_get1_EC_KEY(pk); - if(ec == NULL) { + if(!ec) { rc = -1; goto clean_exit; } @@ -2298,22 +2587,29 @@ gen_publickey_from_ec_evp(LIBSSH2_SESSION *session, group = EC_KEY_get0_group(ec); type = _libssh2_ecdsa_get_curve_type(ec); - method_buf = LIBSSH2_ALLOC(session, 19); - if(method_buf == NULL) { + if(is_sk) + *method_len = 34; + else + *method_len = 19; + + method_buf = LIBSSH2_ALLOC(session, *method_len); + if(!method_buf) { return _libssh2_error(session, LIBSSH2_ERROR_ALLOC, - "out of memory"); + "out of memory"); } - if(type == LIBSSH2_EC_CURVE_NISTP256) - memcpy(method_buf, "ecdsa-sha2-nistp256", 19); + if(is_sk) + memcpy(method_buf, "sk-ecdsa-sha2-nistp256@openssh.com", *method_len); + else if(type == LIBSSH2_EC_CURVE_NISTP256) + memcpy(method_buf, "ecdsa-sha2-nistp256", *method_len); else if(type == LIBSSH2_EC_CURVE_NISTP384) - memcpy(method_buf, "ecdsa-sha2-nistp384", 19); + memcpy(method_buf, "ecdsa-sha2-nistp384", *method_len); else if(type == LIBSSH2_EC_CURVE_NISTP521) - memcpy(method_buf, "ecdsa-sha2-nistp521", 19); + memcpy(method_buf, "ecdsa-sha2-nistp521", *method_len); else { - _libssh2_debug(session, - LIBSSH2_TRACE_ERROR, - "Unsupported EC private key type"); + _libssh2_debug((session, + LIBSSH2_TRACE_ERROR, + "Unsupported EC private key type")); rc = -1; goto clean_exit; } @@ -2328,7 +2624,7 @@ gen_publickey_from_ec_evp(LIBSSH2_SESSION *session, } octal_value = malloc(octal_len); - if(octal_value == NULL) { + if(!octal_value) { rc = -1; goto clean_exit; } @@ -2336,52 +2632,56 @@ gen_publickey_from_ec_evp(LIBSSH2_SESSION *session, /* convert to octal */ if(EC_POINT_point2oct(group, public_key, POINT_CONVERSION_UNCOMPRESSED, octal_value, octal_len, bn_ctx) != octal_len) { - rc = -1; - goto clean_exit; + rc = -1; + goto clean_exit; } - /* Key form is: type_len(4) + type(19) + domain_len(4) + domain(8) + - pub_key_len(4) + pub_key(~65). */ - key_len = 4 + 19 + 4 + 8 + 4 + octal_len; + /* Key form is: type_len(4) + type(method_len) + domain_len(4) + domain(8) + + pub_key_len(4) + pub_key(~65). */ + key_len = 4 + *method_len + 4 + 8 + 4 + octal_len; key = LIBSSH2_ALLOC(session, key_len); - if(key == NULL) { + if(!key) { rc = -1; - goto clean_exit; + goto clean_exit; } /* Process key encoding. */ p = key; /* Key type */ - _libssh2_store_str(&p, (const char *)method_buf, 19); + _libssh2_store_str(&p, (const char *)method_buf, *method_len); /* Name domain */ - _libssh2_store_str(&p, (const char *)method_buf + 11, 8); + if(is_sk) { + _libssh2_store_str(&p, "nistp256", 8); + } + else { + _libssh2_store_str(&p, (const char *)method_buf + 11, 8); + } /* Public key */ _libssh2_store_str(&p, (const char *)octal_value, octal_len); *method = method_buf; - *method_len = 19; *pubkeydata = key; *pubkeydata_len = key_len; clean_exit: - if(ec != NULL) + if(ec) EC_KEY_free(ec); - if(bn_ctx != NULL) { + if(bn_ctx) { BN_CTX_free(bn_ctx); } - if(octal_value != NULL) + if(octal_value) free(octal_value); if(rc == 0) return 0; - if(method_buf != NULL) + if(method_buf) LIBSSH2_FREE(session, method_buf); return -1; @@ -2403,9 +2703,9 @@ gen_publickey_from_ecdsa_openssh_priv_data(LIBSSH2_SESSION *session, EC_KEY *ec_key = NULL; BIGNUM *bn_exponent; - _libssh2_debug(session, + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, - "Computing ECDSA keys from private key data"); + "Computing ECDSA keys from private key data")); if(_libssh2_get_string(decrypted, &curve, &curvelen) || curvelen == 0) { @@ -2426,8 +2726,10 @@ gen_publickey_from_ecdsa_openssh_priv_data(LIBSSH2_SESSION *session, return -1; } - if((rc = _libssh2_ecdsa_curve_name_with_octal_new(&ec_key, point_buf, - pointlen, curve_type)) != 0) { + rc = _libssh2_ecdsa_curve_name_with_octal_new(&ec_key, + point_buf, pointlen, + curve_type); + if(rc) { rc = -1; _libssh2_error(session, LIBSSH2_ERROR_PROTO, "ECDSA could not create key"); @@ -2435,29 +2737,29 @@ gen_publickey_from_ecdsa_openssh_priv_data(LIBSSH2_SESSION *session, } bn_exponent = BN_new(); - if(bn_exponent == NULL) { + if(!bn_exponent) { rc = -1; _libssh2_error(session, LIBSSH2_ERROR_ALLOC, "Unable to allocate memory for private key data"); goto fail; } - BN_bin2bn(exponent, exponentlen, bn_exponent); + BN_bin2bn(exponent, (int) exponentlen, bn_exponent); rc = (EC_KEY_set_private_key(ec_key, bn_exponent) != 1); - if(rc == 0 && ec_key != NULL && pubkeydata != NULL && method != NULL) { + if(rc == 0 && ec_key && pubkeydata && method) { EVP_PKEY *pk = EVP_PKEY_new(); EVP_PKEY_set1_EC_KEY(pk, ec_key); rc = gen_publickey_from_ec_evp(session, method, method_len, pubkeydata, pubkeydata_len, - pk); + 0, pk); if(pk) EVP_PKEY_free(pk); } - if(ec_ctx != NULL) + if(ec_ctx) *ec_ctx = ec_key; else EC_KEY_free(ec_key); @@ -2465,12 +2767,152 @@ gen_publickey_from_ecdsa_openssh_priv_data(LIBSSH2_SESSION *session, return rc; fail: - if(ec_key != NULL) + if(ec_key) EC_KEY_free(ec_key); return rc; } +static int +gen_publickey_from_sk_ecdsa_openssh_priv_data(LIBSSH2_SESSION *session, + struct string_buf *decrypted, + unsigned char **method, + size_t *method_len, + unsigned char **pubkeydata, + size_t *pubkeydata_len, + uint8_t *flags, + const char **application, + const unsigned char **key_handle, + size_t *handle_len, + libssh2_ecdsa_ctx **ec_ctx) +{ + int rc = 0; + size_t curvelen, pointlen, key_len, app_len; + unsigned char *curve, *point_buf, *p, *key, *app; + EC_KEY *ec_key = NULL; + + _libssh2_debug((session, + LIBSSH2_TRACE_AUTH, + "Extracting ECDSA-SK public key")); + + if(_libssh2_get_string(decrypted, &curve, &curvelen) || + curvelen == 0) { + _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "ECDSA no curve"); + return -1; + } + + if(_libssh2_get_string(decrypted, &point_buf, &pointlen)) { + _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "ECDSA no point"); + return -1; + } + + rc = _libssh2_ecdsa_curve_name_with_octal_new(&ec_key, + point_buf, pointlen, + LIBSSH2_EC_CURVE_NISTP256); + if(rc) { + rc = -1; + _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "ECDSA could not create key"); + goto fail; + } + + if(_libssh2_get_string(decrypted, &app, &app_len)) { + _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "No SK application."); + goto fail; + } + + if(flags && _libssh2_get_byte(decrypted, flags)) { + _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "No SK flags."); + goto fail; + } + + if(key_handle && handle_len) { + unsigned char *handle = NULL; + if(_libssh2_get_string(decrypted, &handle, handle_len)) { + _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "No SK key_handle."); + goto fail; + } + + if(*handle_len > 0) { + *key_handle = LIBSSH2_ALLOC(session, *handle_len); + + if(*key_handle) { + memcpy((void *)*key_handle, handle, *handle_len); + } + } + } + + if(rc == 0 && ec_key && pubkeydata && method) { + EVP_PKEY *pk = EVP_PKEY_new(); + EVP_PKEY_set1_EC_KEY(pk, ec_key); + + rc = gen_publickey_from_ec_evp(session, method, method_len, + pubkeydata, pubkeydata_len, + 1, pk); + + if(pk) + EVP_PKEY_free(pk); + } + + if(rc == 0 && pubkeydata) { + key_len = *pubkeydata_len + app_len + 4; + key = LIBSSH2_ALLOC(session, key_len); + + if(!key) { + rc = -1; + goto fail; + } + + p = key + *pubkeydata_len; + + memcpy(key, *pubkeydata, *pubkeydata_len); + _libssh2_store_str(&p, (const char *)app, app_len); + + if(application && app_len > 0) { + *application = (const char *)LIBSSH2_ALLOC(session, app_len + 1); + _libssh2_explicit_zero((void *)*application, app_len + 1); + memcpy((void *)*application, app, app_len); + } + + LIBSSH2_FREE(session, *pubkeydata); + *pubkeydata_len = key_len; + + if(pubkeydata) + *pubkeydata = key; + else if(key) + LIBSSH2_FREE(session, key); + } + + if(ec_ctx) + *ec_ctx = ec_key; + else + EC_KEY_free(ec_key); + + return rc; + +fail: + if(ec_key) + EC_KEY_free(ec_key); + + if(application && *application) { + LIBSSH2_FREE(session, (void *)application); + *application = NULL; + } + + if(key_handle && *key_handle) { + LIBSSH2_FREE(session, (void *)key_handle); + *key_handle = NULL; + } + + return rc; +} + + static int _libssh2_ecdsa_new_openssh_private(libssh2_ecdsa_ctx ** ec_ctx, LIBSSH2_SESSION * session, @@ -2483,9 +2925,9 @@ _libssh2_ecdsa_new_openssh_private(libssh2_ecdsa_ctx ** ec_ctx, libssh2_curve_type type; struct string_buf *decrypted = NULL; - if(session == NULL) { + if(!session) { _libssh2_error(session, LIBSSH2_ERROR_PROTO, - "Session is required"); + "Session is required"); return -1; } @@ -2507,7 +2949,7 @@ _libssh2_ecdsa_new_openssh_private(libssh2_ecdsa_ctx ** ec_ctx, /* We have a new key file, now try and parse it using supported types */ rc = _libssh2_get_string(decrypted, &buf, NULL); - if(rc != 0 || buf == NULL) { + if(rc || !buf) { _libssh2_error(session, LIBSSH2_ERROR_PROTO, "Public key type in decrypted key data not found"); return -1; @@ -2530,6 +2972,72 @@ _libssh2_ecdsa_new_openssh_private(libssh2_ecdsa_ctx ** ec_ctx, return rc; } +static int +_libssh2_ecdsa_new_openssh_private_sk(libssh2_ecdsa_ctx ** ec_ctx, + uint8_t *flags, + const char **application, + const unsigned char **key_handle, + size_t *handle_len, + LIBSSH2_SESSION * session, + const char *filename, + unsigned const char *passphrase) +{ + FILE *fp; + int rc; + unsigned char *buf = NULL; + struct string_buf *decrypted = NULL; + + if(!session) { + _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "Session is required"); + return -1; + } + + _libssh2_init_if_needed(); + + fp = fopen(filename, "r"); + if(!fp) { + _libssh2_error(session, LIBSSH2_ERROR_FILE, + "Unable to open OpenSSH ECDSA private key file"); + return -1; + } + + rc = _libssh2_openssh_pem_parse(session, passphrase, fp, &decrypted); + fclose(fp); + if(rc) { + return rc; + } + + /* We have a new key file, now try and parse it using supported types */ + rc = _libssh2_get_string(decrypted, &buf, NULL); + + if(rc || !buf) { + _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "Public key type in decrypted key data not found"); + return -1; + } + + if(strcmp("sk-ecdsa-sha2-nistp256@openssh.com", (const char *)buf) == 0) { + rc = gen_publickey_from_sk_ecdsa_openssh_priv_data(session, + decrypted, + NULL, 0, + NULL, 0, + flags, + application, + key_handle, + handle_len, + ec_ctx); + } + else { + rc = -1; + } + + if(decrypted) + _libssh2_string_buf_free(session, decrypted); + + return rc; +} + int _libssh2_ecdsa_new_private(libssh2_ecdsa_ctx ** ec_ctx, LIBSSH2_SESSION * session, @@ -2552,6 +3060,40 @@ _libssh2_ecdsa_new_private(libssh2_ecdsa_ctx ** ec_ctx, return rc; } +int +_libssh2_ecdsa_new_private_sk(libssh2_ecdsa_ctx ** ec_ctx, + unsigned char *flags, + const char **application, + const unsigned char **key_handle, + size_t *handle_len, + LIBSSH2_SESSION * session, + const char *filename, + unsigned const char *passphrase) +{ + int rc; + + pem_read_bio_func read_ec = (pem_read_bio_func) &PEM_read_bio_ECPrivateKey; + + _libssh2_init_if_needed(); + + rc = read_private_key_from_file((void **) ec_ctx, read_ec, + filename, passphrase); + + if(rc) { + return _libssh2_ecdsa_new_openssh_private_sk(ec_ctx, + flags, + application, + key_handle, + handle_len, + session, + filename, + passphrase); + } + + return rc; +} + + /* * _libssh2_ecdsa_create_key * @@ -2597,16 +3139,16 @@ _libssh2_ecdsa_create_key(LIBSSH2_SESSION *session, /* convert to octal */ if(EC_POINT_point2oct(group, public_key, POINT_CONVERSION_UNCOMPRESSED, octal_value, octal_len, bn_ctx) != octal_len) { - ret = -1; - goto clean_exit; + ret = -1; + goto clean_exit; } - if(out_private_key != NULL) + if(out_private_key) *out_private_key = private_key; if(out_public_key_octal) { *out_public_key_octal = LIBSSH2_ALLOC(session, octal_len); - if(*out_public_key_octal == NULL) { + if(!*out_public_key_octal) { ret = -1; goto clean_exit; } @@ -2614,7 +3156,7 @@ _libssh2_ecdsa_create_key(LIBSSH2_SESSION *session, memcpy(*out_public_key_octal, octal_value, octal_len); } - if(out_public_key_octal_len != NULL) + if(out_public_key_octal_len) *out_public_key_octal_len = octal_len; clean_exit: @@ -2647,13 +3189,13 @@ _libssh2_ecdh_gen_k(_libssh2_bn **k, _libssh2_ec_key *private_key, if(!bn_ctx) return -1; - if(k == NULL) + if(!k) return -1; private_key_group = EC_KEY_get0_group(private_key); server_public_key_point = EC_POINT_new(private_key_group); - if(server_public_key_point == NULL) + if(!server_public_key_point) return -1; rc = EC_POINT_oct2point(private_key_group, server_public_key_point, @@ -2678,17 +3220,17 @@ _libssh2_ecdh_gen_k(_libssh2_bn **k, _libssh2_ec_key *private_key, goto clean_exit; } - BN_bin2bn(secret, secret_len, *k); + BN_bin2bn(secret, (int) secret_len, *k); clean_exit: - if(server_public_key_point != NULL) + if(server_public_key_point) EC_POINT_free(server_public_key_point); - if(bn_ctx != NULL) + if(bn_ctx) BN_CTX_free(bn_ctx); - if(secret != NULL) + if(secret) free(secret); return ret; @@ -2709,7 +3251,7 @@ _libssh2_ed25519_sign(libssh2_ed25519_ctx *ctx, LIBSSH2_SESSION *session, size_t sig_len = 0; unsigned char *sig = NULL; - if(md_ctx != NULL) { + if(md_ctx) { if(EVP_DigestSignInit(md_ctx, NULL, NULL, NULL, ctx) != 1) goto clean_exit; if(EVP_DigestSign(md_ctx, NULL, &sig_len, message, message_len) != 1) @@ -2719,7 +3261,7 @@ _libssh2_ed25519_sign(libssh2_ed25519_ctx *ctx, LIBSSH2_SESSION *session, goto clean_exit; sig = LIBSSH2_CALLOC(session, sig_len); - if(sig == NULL) + if(!sig) goto clean_exit; rc = EVP_DigestSign(md_ctx, sig, &sig_len, message, message_len); @@ -2740,7 +3282,7 @@ clean_exit: if(md_ctx) EVP_MD_CTX_free(md_ctx); - return (rc == 1 ? 0 : -1); + return (rc == 1) ? 0 : -1; } int @@ -2755,11 +3297,11 @@ _libssh2_curve25519_gen_k(_libssh2_bn **k, BN_CTX *bn_ctx = NULL; size_t out_len = 0; - if(k == NULL || *k == NULL) + if(!k || !*k) return -1; bn_ctx = BN_CTX_new(); - if(bn_ctx == NULL) + if(!bn_ctx) return -1; peer_key = EVP_PKEY_new_raw_public_key(EVP_PKEY_X25519, NULL, @@ -2770,27 +3312,33 @@ _libssh2_curve25519_gen_k(_libssh2_bn **k, private_key, LIBSSH2_ED25519_KEY_LEN); - if(peer_key == NULL || server_key == NULL) { - goto cleanExit; + if(!peer_key || !server_key) { + goto clean_exit; } server_key_ctx = EVP_PKEY_CTX_new(server_key, NULL); - if(server_key_ctx == NULL) { - goto cleanExit; + if(!server_key_ctx) { + goto clean_exit; } rc = EVP_PKEY_derive_init(server_key_ctx); - if(rc <= 0) goto cleanExit; + if(rc <= 0) { + goto clean_exit; + } rc = EVP_PKEY_derive_set_peer(server_key_ctx, peer_key); - if(rc <= 0) goto cleanExit; + if(rc <= 0) { + goto clean_exit; + } rc = EVP_PKEY_derive(server_key_ctx, NULL, &out_len); - if(rc <= 0) goto cleanExit; + if(rc <= 0) { + goto clean_exit; + } if(out_len != LIBSSH2_ED25519_KEY_LEN) { rc = -1; - goto cleanExit; + goto clean_exit; } rc = EVP_PKEY_derive(server_key_ctx, out_shared_key, &out_len); @@ -2802,7 +3350,7 @@ _libssh2_curve25519_gen_k(_libssh2_bn **k, rc = -1; } -cleanExit: +clean_exit: if(server_key_ctx) EVP_PKEY_CTX_free(server_key_ctx); @@ -2810,7 +3358,7 @@ cleanExit: EVP_PKEY_free(peer_key); if(server_key) EVP_PKEY_free(server_key); - if(bn_ctx != NULL) + if(bn_ctx) BN_CTX_free(bn_ctx); return (rc == 1) ? 0 : -1; @@ -2824,7 +3372,7 @@ _libssh2_ed25519_verify(libssh2_ed25519_ctx *ctx, const uint8_t *s, int ret = -1; EVP_MD_CTX *md_ctx = EVP_MD_CTX_new(); - if(NULL == md_ctx) + if(!md_ctx) return -1; ret = EVP_DigestVerifyInit(md_ctx, NULL, NULL, NULL, ctx); @@ -2833,7 +3381,7 @@ _libssh2_ed25519_verify(libssh2_ed25519_ctx *ctx, const uint8_t *s, ret = EVP_DigestVerify(md_ctx, s, s_len, m, m_len); - clean_exit: +clean_exit: EVP_MD_CTX_free(md_ctx); @@ -2856,7 +3404,7 @@ _libssh2_pub_priv_openssh_keyfile(LIBSSH2_SESSION *session, struct string_buf *decrypted = NULL; int rc = 0; - if(session == NULL) { + if(!session) { _libssh2_error(session, LIBSSH2_ERROR_PROTO, "Session is required"); return -1; @@ -2883,7 +3431,7 @@ _libssh2_pub_priv_openssh_keyfile(LIBSSH2_SESSION *session, /* We have a new key file, now try and parse it using supported types */ rc = _libssh2_get_string(decrypted, &buf, NULL); - if(rc != 0 || buf == NULL) { + if(rc || !buf) { _libssh2_error(session, LIBSSH2_ERROR_PROTO, "Public key type in decrypted key data not found"); return -1; @@ -2891,6 +3439,12 @@ _libssh2_pub_priv_openssh_keyfile(LIBSSH2_SESSION *session, rc = -1; + /* Avoid unused variable warnings when all branches below are disabled */ + (void)method; + (void)method_len; + (void)pubkeydata; + (void)pubkeydata_len; + #if LIBSSH2_ED25519 if(strcmp("ssh-ed25519", (const char *)buf) == 0) { rc = gen_publickey_from_ed25519_openssh_priv_data(session, decrypted, @@ -2937,7 +3491,7 @@ _libssh2_pub_priv_openssh_keyfile(LIBSSH2_SESSION *session, if(decrypted) _libssh2_string_buf_free(session, decrypted); - if(rc != 0) { + if(rc) { _libssh2_error(session, LIBSSH2_ERROR_FILE, "Unsupported OpenSSH key type"); } @@ -2960,13 +3514,13 @@ _libssh2_pub_priv_keyfile(LIBSSH2_SESSION *session, int pktype; int rc; - _libssh2_debug(session, + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, "Computing public key from private key file: %s", - privatekey); + privatekey)); bp = BIO_new_file(privatekey, "r"); - if(bp == NULL) { + if(!bp) { return _libssh2_error(session, LIBSSH2_ERROR_FILE, "Unable to extract public key from private key " @@ -2977,7 +3531,7 @@ _libssh2_pub_priv_keyfile(LIBSSH2_SESSION *session, pk = PEM_read_bio_PrivateKey(bp, NULL, NULL, (void *)passphrase); BIO_free(bp); - if(pk == NULL) { + if(!pk) { /* Try OpenSSH format */ rc = _libssh2_pub_priv_openssh_keyfile(session, @@ -2985,7 +3539,7 @@ _libssh2_pub_priv_keyfile(LIBSSH2_SESSION *session, method_len, pubkeydata, pubkeydata_len, privatekey, passphrase); - if(rc != 0) { + if(rc) { return _libssh2_error(session, LIBSSH2_ERROR_FILE, "Unable to extract public key " @@ -3005,31 +3559,30 @@ _libssh2_pub_priv_keyfile(LIBSSH2_SESSION *session, switch(pktype) { #if LIBSSH2_ED25519 - case EVP_PKEY_ED25519 : + case EVP_PKEY_ED25519: st = gen_publickey_from_ed_evp( session, method, method_len, pubkeydata, pubkeydata_len, pk); break; #endif /* LIBSSH2_ED25519 */ - case EVP_PKEY_RSA : +#if LIBSSH2_RSA + case EVP_PKEY_RSA: st = gen_publickey_from_rsa_evp( session, method, method_len, pubkeydata, pubkeydata_len, pk); break; - +#endif /* LIBSSH2_RSA */ #if LIBSSH2_DSA - case EVP_PKEY_DSA : + case EVP_PKEY_DSA: st = gen_publickey_from_dsa_evp( session, method, method_len, pubkeydata, pubkeydata_len, pk); break; -#endif /* LIBSSH_DSA */ - +#endif /* LIBSSH2_DSA */ #if LIBSSH2_ECDSA - case EVP_PKEY_EC : + case EVP_PKEY_EC: st = gen_publickey_from_ec_evp( - session, method, method_len, pubkeydata, pubkeydata_len, pk); + session, method, method_len, pubkeydata, pubkeydata_len, 0, pk); break; -#endif - - default : +#endif /* LIBSSH2_ECDSA */ + default: st = _libssh2_error(session, LIBSSH2_ERROR_FILE, "Unable to extract public key " @@ -3058,14 +3611,14 @@ _libssh2_pub_priv_openssh_keyfilememory(LIBSSH2_SESSION *session, unsigned char *buf = NULL; struct string_buf *decrypted = NULL; - if(key_ctx != NULL) + if(key_ctx) *key_ctx = NULL; - if(session == NULL) + if(!session) return _libssh2_error(session, LIBSSH2_ERROR_PROTO, "Session is required"); - if(key_type != NULL && (strlen(key_type) > 11 || strlen(key_type) < 7)) + if(key_type && (strlen(key_type) > 11 || strlen(key_type) < 7)) return _libssh2_error(session, LIBSSH2_ERROR_PROTO, "type is invalid"); @@ -3078,19 +3631,25 @@ _libssh2_pub_priv_openssh_keyfilememory(LIBSSH2_SESSION *session, if(rc) return rc; - /* We have a new key file, now try and parse it using supported types */ - rc = _libssh2_get_string(decrypted, &buf, NULL); + /* We have a new key file, now try and parse it using supported types */ + rc = _libssh2_get_string(decrypted, &buf, NULL); - if(rc != 0 || buf == NULL) - return _libssh2_error(session, LIBSSH2_ERROR_PROTO, - "Public key type in decrypted " - "key data not found"); + if(rc || !buf) + return _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "Public key type in decrypted " + "key data not found"); - rc = LIBSSH2_ERROR_FILE; + rc = LIBSSH2_ERROR_FILE; + + /* Avoid unused variable warnings when all branches below are disabled */ + (void)method; + (void)method_len; + (void)pubkeydata; + (void)pubkeydata_len; #if LIBSSH2_ED25519 if(strcmp("ssh-ed25519", (const char *)buf) == 0) { - if(key_type == NULL || strcmp("ssh-ed25519", key_type) == 0) { + if(!key_type || strcmp("ssh-ed25519", key_type) == 0) { rc = gen_publickey_from_ed25519_openssh_priv_data(session, decrypted, method, @@ -3099,42 +3658,70 @@ _libssh2_pub_priv_openssh_keyfilememory(LIBSSH2_SESSION *session, pubkeydata_len, (libssh2_ed25519_ctx**)key_ctx); } - } + } + + if(strcmp("sk-ssh-ed25519@openssh.com", (const char *)buf) == 0) { + if(!key_type || + strcmp("sk-ssh-ed25519@openssh.com", key_type) == 0) { + rc = gen_publickey_from_sk_ed25519_openssh_priv_data(session, + decrypted, + method, + method_len, + pubkeydata, + pubkeydata_len, + NULL, + NULL, + NULL, + NULL, + (libssh2_ed25519_ctx**)key_ctx); + } + } #endif #if LIBSSH2_RSA if(strcmp("ssh-rsa", (const char *)buf) == 0) { - if(key_type == NULL || strcmp("ssh-rsa", key_type) == 0) { + if(!key_type || strcmp("ssh-rsa", key_type) == 0) { rc = gen_publickey_from_rsa_openssh_priv_data(session, decrypted, method, method_len, pubkeydata, pubkeydata_len, - (libssh2_rsa_ctx**)key_ctx); + (libssh2_rsa_ctx**)key_ctx); } - } + } #endif #if LIBSSH2_DSA if(strcmp("ssh-dss", (const char *)buf) == 0) { - if(key_type == NULL || strcmp("ssh-dss", key_type) == 0) { + if(!key_type || strcmp("ssh-dss", key_type) == 0) { rc = gen_publickey_from_dsa_openssh_priv_data(session, decrypted, - method, method_len, + method, method_len, pubkeydata, pubkeydata_len, - (libssh2_dsa_ctx**)key_ctx); + (libssh2_dsa_ctx**)key_ctx); } - } + } #endif #if LIBSSH2_ECDSA { libssh2_curve_type type; - if(_libssh2_ecdsa_curve_type_from_name((const char *)buf, &type) == 0) { - if(key_type == NULL || strcmp("ssh-ecdsa", key_type) == 0) { - rc = gen_publickey_from_ecdsa_openssh_priv_data(session, type, - decrypted, + if(strcmp("sk-ecdsa-sha2-nistp256@openssh.com", (const char *)buf) == 0) { + rc = gen_publickey_from_sk_ecdsa_openssh_priv_data(session, decrypted, method, method_len, pubkeydata, pubkeydata_len, - (libssh2_ecdsa_ctx**)key_ctx); + NULL, + NULL, NULL, + NULL, + (libssh2_ecdsa_ctx**)key_ctx); + } + else if(_libssh2_ecdsa_curve_type_from_name((const char *)buf, &type) + == 0) { + if(!key_type || strcmp("ssh-ecdsa", key_type) == 0) { + rc = gen_publickey_from_ecdsa_openssh_priv_data(session, type, + decrypted, + method, method_len, + pubkeydata, + pubkeydata_len, + (libssh2_ecdsa_ctx**)key_ctx); } } } @@ -3151,6 +3738,113 @@ _libssh2_pub_priv_openssh_keyfilememory(LIBSSH2_SESSION *session, return rc; } +static int +_libssh2_sk_pub_openssh_keyfilememory(LIBSSH2_SESSION *session, + void **key_ctx, + const char *key_type, + unsigned char **method, + size_t *method_len, + unsigned char **pubkeydata, + size_t *pubkeydata_len, + int *algorithm, + unsigned char *flags, + const char **application, + const unsigned char **key_handle, + size_t *handle_len, + const char *privatekeydata, + size_t privatekeydata_len, + unsigned const char *passphrase) +{ + int rc; + unsigned char *buf = NULL; + struct string_buf *decrypted = NULL; + + if(key_ctx) + *key_ctx = NULL; + + if(!session) + return _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "Session is required"); + + if(key_type && strlen(key_type) < 7) + return _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "type is invalid"); + + _libssh2_init_if_needed(); + + rc = _libssh2_openssh_pem_parse_memory(session, passphrase, + privatekeydata, + privatekeydata_len, &decrypted); + + if(rc) + return rc; + + /* We have a new key file, now try and parse it using supported types */ + rc = _libssh2_get_string(decrypted, &buf, NULL); + + if(rc || !buf) + return _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "Public key type in decrypted " + "key data not found"); + + rc = LIBSSH2_ERROR_FILE; + + /* Avoid unused variable warnings when all branches below are disabled */ + (void)method; + (void)method_len; + (void)pubkeydata; + (void)pubkeydata_len; + (void)algorithm; + (void)flags; + (void)application; + (void)key_handle; + (void)handle_len; + +#if LIBSSH2_ED25519 + if(strcmp("sk-ssh-ed25519@openssh.com", (const char *)buf) == 0) { + *algorithm = LIBSSH2_HOSTKEY_TYPE_ED25519; + if(!key_type || + strcmp("sk-ssh-ed25519@openssh.com", key_type) == 0) { + rc = gen_publickey_from_sk_ed25519_openssh_priv_data(session, + decrypted, + method, + method_len, + pubkeydata, + pubkeydata_len, + flags, + application, + key_handle, + handle_len, + (libssh2_ed25519_ctx**)key_ctx); + } + } +#endif +#if LIBSSH2_ECDSA + if(strcmp("sk-ecdsa-sha2-nistp256@openssh.com", (const char *)buf) == 0) { + *algorithm = LIBSSH2_HOSTKEY_TYPE_ECDSA_256; + rc = gen_publickey_from_sk_ecdsa_openssh_priv_data(session, decrypted, + method, method_len, + pubkeydata, + pubkeydata_len, + flags, + application, + key_handle, + handle_len, + (libssh2_ecdsa_ctx**)key_ctx); + } +#endif + + if(rc == LIBSSH2_ERROR_FILE) + rc = _libssh2_error(session, LIBSSH2_ERROR_FILE, + "Unable to extract public key from private key file: " + "invalid/unrecognized private key file format"); + + if(decrypted) + _libssh2_string_buf_free(session, decrypted); + + return rc; +} + int read_openssh_private_key_from_memory(void **key_ctx, LIBSSH2_SESSION *session, const char *key_type, @@ -3164,6 +3858,10 @@ read_openssh_private_key_from_memory(void **key_ctx, LIBSSH2_SESSION *session, passphrase); } +#if OPENSSL_VERSION_NUMBER >= 0x30000000L +#define HAVE_SSLERROR_BAD_DECRYPT +#endif + int _libssh2_pub_priv_keyfilememory(LIBSSH2_SESSION *session, unsigned char **method, @@ -3178,21 +3876,31 @@ _libssh2_pub_priv_keyfilememory(LIBSSH2_SESSION *session, BIO* bp; EVP_PKEY* pk; int pktype; +#ifdef HAVE_SSLERROR_BAD_DECRYPT + unsigned long sslError; +#endif - _libssh2_debug(session, + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, - "Computing public key from private key."); + "Computing public key from private key.")); - bp = BIO_new_mem_buf((char *)privatekeydata, privatekeydata_len); +#if OPENSSL_VERSION_NUMBER >= 0x1000200fL + bp = BIO_new_mem_buf(privatekeydata, (int)privatekeydata_len); +#else + bp = BIO_new_mem_buf((char *)privatekeydata, (int)privatekeydata_len); +#endif if(!bp) return _libssh2_error(session, LIBSSH2_ERROR_ALLOC, "Unable to allocate memory when" "computing public key"); BIO_reset(bp); pk = PEM_read_bio_PrivateKey(bp, NULL, NULL, (void *)passphrase); +#ifdef HAVE_SSLERROR_BAD_DECRYPT + sslError = ERR_get_error(); +#endif BIO_free(bp); - if(pk == NULL) { + if(!pk) { /* Try OpenSSH format */ st = _libssh2_pub_priv_openssh_keyfilememory(session, NULL, NULL, method, @@ -3201,10 +3909,23 @@ _libssh2_pub_priv_keyfilememory(LIBSSH2_SESSION *session, pubkeydata_len, privatekeydata, privatekeydata_len, - (unsigned const char *)passphrase); - if(st != 0) - return st; - return 0; + (unsigned const char *)passphrase); + if(st == 0) + return 0; + +#ifdef HAVE_SSLERROR_BAD_DECRYPT + if((ERR_GET_LIB(sslError) == ERR_LIB_PEM && + ERR_GET_REASON(sslError) == PEM_R_BAD_DECRYPT) || + (ERR_GET_LIB(sslError) == ERR_LIB_PROV && + ERR_GET_REASON(sslError) == EVP_R_BAD_DECRYPT)) + return _libssh2_error(session, LIBSSH2_ERROR_KEYFILE_AUTH_FAILED, + "Wrong passphrase for private key"); +#endif + return _libssh2_error(session, + LIBSSH2_ERROR_FILE, + "Unable to extract public key " + "from private key file: " + "Unsupported private key file format"); } #ifdef HAVE_OPAQUE_STRUCTS @@ -3215,28 +3936,31 @@ _libssh2_pub_priv_keyfilememory(LIBSSH2_SESSION *session, switch(pktype) { #if LIBSSH2_ED25519 - case EVP_PKEY_ED25519 : + case EVP_PKEY_ED25519: st = gen_publickey_from_ed_evp( session, method, method_len, pubkeydata, pubkeydata_len, pk); break; #endif /* LIBSSH2_ED25519 */ - case EVP_PKEY_RSA : +#if LIBSSH2_RSA + case EVP_PKEY_RSA: st = gen_publickey_from_rsa_evp(session, method, method_len, pubkeydata, pubkeydata_len, pk); break; +#endif /* LIBSSH2_RSA */ #if LIBSSH2_DSA - case EVP_PKEY_DSA : + case EVP_PKEY_DSA: st = gen_publickey_from_dsa_evp(session, method, method_len, pubkeydata, pubkeydata_len, pk); break; -#endif /* LIBSSH_DSA */ +#endif /* LIBSSH2_DSA */ #if LIBSSH2_ECDSA - case EVP_PKEY_EC : + case EVP_PKEY_EC: st = gen_publickey_from_ec_evp(session, method, method_len, - pubkeydata, pubkeydata_len, pk); + pubkeydata, pubkeydata_len, + 0, pk); break; #endif /* LIBSSH2_ECDSA */ - default : + default: st = _libssh2_error(session, LIBSSH2_ERROR_FILE, "Unable to extract public key " @@ -3249,6 +3973,62 @@ _libssh2_pub_priv_keyfilememory(LIBSSH2_SESSION *session, return st; } +int +_libssh2_sk_pub_keyfilememory(LIBSSH2_SESSION *session, + unsigned char **method, + size_t *method_len, + unsigned char **pubkeydata, + size_t *pubkeydata_len, + int *algorithm, + unsigned char *flags, + const char **application, + const unsigned char **key_handle, + size_t *handle_len, + const char *privatekeydata, + size_t privatekeydata_len, + const char *passphrase) +{ + int st = -1; + BIO* bp; + EVP_PKEY* pk; + + _libssh2_debug((session, + LIBSSH2_TRACE_AUTH, + "Computing public key from private key.")); + +#if OPENSSL_VERSION_NUMBER >= 0x1000200fL + bp = BIO_new_mem_buf(privatekeydata, (int)privatekeydata_len); +#else + bp = BIO_new_mem_buf((char *)privatekeydata, (int)privatekeydata_len); +#endif + if(!bp) + return _libssh2_error(session, LIBSSH2_ERROR_ALLOC, + "Unable to allocate memory when" + "computing public key"); + BIO_reset(bp); + pk = PEM_read_bio_PrivateKey(bp, NULL, NULL, (void *)passphrase); + BIO_free(bp); + + if(!pk) { + /* Try OpenSSH format */ + st = _libssh2_sk_pub_openssh_keyfilememory(session, NULL, NULL, + method, + method_len, + pubkeydata, + pubkeydata_len, + algorithm, + flags, + application, + key_handle, + handle_len, + privatekeydata, + privatekeydata_len, + (unsigned const char *)passphrase); + } + + return st; +} + void _libssh2_dh_init(_libssh2_dh_ctx *dhctx) { @@ -3283,4 +4063,27 @@ _libssh2_dh_dtor(_libssh2_dh_ctx *dhctx) *dhctx = NULL; } -#endif /* LIBSSH2_OPENSSL */ +/* _libssh2_supported_key_sign_algorithms + * + * Return supported key hash algo upgrades, see crypto.h + * + */ + +const char * +_libssh2_supported_key_sign_algorithms(LIBSSH2_SESSION *session, + unsigned char *key_method, + size_t key_method_len) +{ + (void)session; + +#if LIBSSH2_RSA_SHA2 + if(key_method_len == 7 && + memcmp(key_method, "ssh-rsa", key_method_len) == 0) { + return "rsa-sha2-512,rsa-sha2-256,ssh-rsa"; + } +#endif + + return NULL; +} + +#endif /* LIBSSH2_CRYPTO_C */ diff --git a/libssh2/src/openssl.h b/libssh2/src/openssl.h index 658b040d6..b7652c0e6 100644 --- a/libssh2/src/openssl.h +++ b/libssh2/src/openssl.h @@ -39,6 +39,44 @@ * OF SUCH DAMAGE. */ +#define LIBSSH2_CRYPTO_ENGINE libssh2_openssl + +/* disable deprecated warnings in OpenSSL 3 */ +#define OPENSSL_SUPPRESS_DEPRECATED + +#ifdef LIBSSH2_WOLFSSL + +#include +#include + +#if defined(NO_DSA) || defined(HAVE_FIPS) +#define OPENSSL_NO_DSA +#endif + +#if defined(NO_MD5) || defined(HAVE_FIPS) +#define OPENSSL_NO_MD5 +#endif + +#if !defined(WOLFSSL_RIPEMD) || defined(HAVE_FIPS) +#define OPENSSL_NO_RIPEMD +#endif + +#if defined(NO_RC4) || defined(HAVE_FIPS) +#define OPENSSL_NO_RC4 +#endif + +#ifdef NO_DES3 +#define OPENSSL_NO_DES +#endif + +/* wolfSSL doesn't support Blowfish or CAST. */ +#define OPENSSL_NO_BF +#define OPENSSL_NO_CAST +/* wolfSSL has no engine framework. */ +#define OPENSSL_NO_ENGINE + +#endif /* LIBSSH2_WOLFSSL */ + #include #include #include @@ -51,21 +89,29 @@ #ifndef OPENSSL_NO_MD5 #include #endif +#include #include #include #include #include #include -#if OPENSSL_VERSION_NUMBER >= 0x10100000L && \ - !defined(LIBRESSL_VERSION_NUMBER) +#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && \ + !defined(LIBRESSL_VERSION_NUMBER)) || defined(LIBSSH2_WOLFSSL) || \ + LIBRESSL_VERSION_NUMBER >= 0x3050000fL +/* For wolfSSL, whether the structs are truly opaque or not, it's best to not + * rely on their internal data members being exposed publicly. */ # define HAVE_OPAQUE_STRUCTS 1 #endif #ifdef OPENSSL_NO_RSA # define LIBSSH2_RSA 0 +# define LIBSSH2_RSA_SHA1 0 +# define LIBSSH2_RSA_SHA2 0 #else # define LIBSSH2_RSA 1 +# define LIBSSH2_RSA_SHA1 1 +# define LIBSSH2_RSA_SHA2 1 #endif #ifdef OPENSSL_NO_DSA @@ -74,14 +120,16 @@ # define LIBSSH2_DSA 1 #endif -#ifdef OPENSSL_NO_ECDSA +#if defined(OPENSSL_NO_ECDSA) || defined(OPENSSL_NO_EC) # define LIBSSH2_ECDSA 0 #else # define LIBSSH2_ECDSA 1 #endif -#if OPENSSL_VERSION_NUMBER >= 0x10101000L && \ -!defined(LIBRESSL_VERSION_NUMBER) +#if (OPENSSL_VERSION_NUMBER >= 0x10101000L && \ + !defined(LIBRESSL_VERSION_NUMBER)) || \ + (defined(LIBRESSL_VERSION_NUMBER) && \ + LIBRESSL_VERSION_NUMBER >= 0x3070000fL) # define LIBSSH2_ED25519 1 #else # define LIBSSH2_ED25519 0 @@ -94,7 +142,7 @@ # define LIBSSH2_MD5 1 #endif -#ifdef OPENSSL_NO_RIPEMD +#if defined(OPENSSL_NO_RIPEMD) || defined(OPENSSL_NO_RMD160) # define LIBSSH2_HMAC_RIPEMD 0 #else # define LIBSSH2_HMAC_RIPEMD 1 @@ -103,12 +151,21 @@ #define LIBSSH2_HMAC_SHA256 1 #define LIBSSH2_HMAC_SHA512 1 -#if OPENSSL_VERSION_NUMBER >= 0x00907000L && !defined(OPENSSL_NO_AES) +#if (OPENSSL_VERSION_NUMBER >= 0x00907000L && !defined(OPENSSL_NO_AES)) || \ + (defined(LIBSSH2_WOLFSSL) && defined(WOLFSSL_AES_COUNTER)) # define LIBSSH2_AES_CTR 1 -# define LIBSSH2_AES 1 +# define LIBSSH2_AES_CBC 1 #else # define LIBSSH2_AES_CTR 0 -# define LIBSSH2_AES 0 +# define LIBSSH2_AES_CBC 0 +#endif + +#if (OPENSSL_VERSION_NUMBER >= 0x01010100fL && !defined(OPENSSL_NO_AES)) || \ + (defined(LIBSSH2_WOLFSSL) && \ + defined(HAVE_AESGCM) && defined(WOLFSSL_AESGCM_STREAM)) +# define LIBSSH2_AES_GCM 1 +#else +# define LIBSSH2_AES_GCM 0 #endif #ifdef OPENSSL_NO_BF @@ -137,7 +194,8 @@ #define EC_MAX_POINT_LEN ((528 * 2 / 8) + 1) -#define _libssh2_random(buf, len) (RAND_bytes((buf), (len)) == 1 ? 0 : -1) +#define _libssh2_random(buf, len) \ + _libssh2_openssl_random((buf), (len)) #define libssh2_prepare_iovec(vec, len) /* Empty. */ @@ -160,7 +218,7 @@ int _libssh2_sha1_init(libssh2_sha1_ctx *ctx); #define libssh2_sha1_update(ctx, data, len) EVP_DigestUpdate(&(ctx), data, len) #define libssh2_sha1_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL) #endif -int _libssh2_sha1(const unsigned char *message, unsigned long len, +int _libssh2_sha1(const unsigned char *message, size_t len, unsigned char *out); #define libssh2_sha1(x,y,z) _libssh2_sha1(x,y,z) @@ -184,8 +242,8 @@ int _libssh2_sha256_init(libssh2_sha256_ctx *ctx); EVP_DigestUpdate(&(ctx), data, len) #define libssh2_sha256_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL) #endif -int _libssh2_sha256(const unsigned char *message, unsigned long len, - unsigned char *out); +int _libssh2_sha256(const unsigned char *message, size_t len, + unsigned char *out); #define libssh2_sha256(x,y,z) _libssh2_sha256(x,y,z) #ifdef HAVE_OPAQUE_STRUCTS @@ -208,7 +266,7 @@ int _libssh2_sha384_init(libssh2_sha384_ctx *ctx); EVP_DigestUpdate(&(ctx), data, len) #define libssh2_sha384_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL) #endif -int _libssh2_sha384(const unsigned char *message, unsigned long len, +int _libssh2_sha384(const unsigned char *message, size_t len, unsigned char *out); #define libssh2_sha384(x,y,z) _libssh2_sha384(x,y,z) @@ -232,7 +290,7 @@ int _libssh2_sha512_init(libssh2_sha512_ctx *ctx); EVP_DigestUpdate(&(ctx), data, len) #define libssh2_sha512_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL) #endif -int _libssh2_sha512(const unsigned char *message, unsigned long len, +int _libssh2_sha512(const unsigned char *message, size_t len, unsigned char *out); #define libssh2_sha512(x,y,z) _libssh2_sha512(x,y,z) @@ -260,37 +318,43 @@ int _libssh2_md5_init(libssh2_md5_ctx *ctx); #define libssh2_hmac_ctx HMAC_CTX * #define libssh2_hmac_ctx_init(ctx) ctx = HMAC_CTX_new() #define libssh2_hmac_sha1_init(ctx, key, keylen) \ - HMAC_Init_ex(*(ctx), key, keylen, EVP_sha1(), NULL) + HMAC_Init_ex(*(ctx), key, (int)keylen, EVP_sha1(), NULL) #define libssh2_hmac_md5_init(ctx, key, keylen) \ - HMAC_Init_ex(*(ctx), key, keylen, EVP_md5(), NULL) + HMAC_Init_ex(*(ctx), key, (int)keylen, EVP_md5(), NULL) #define libssh2_hmac_ripemd160_init(ctx, key, keylen) \ - HMAC_Init_ex(*(ctx), key, keylen, EVP_ripemd160(), NULL) + HMAC_Init_ex(*(ctx), key, (int)keylen, EVP_ripemd160(), NULL) #define libssh2_hmac_sha256_init(ctx, key, keylen) \ - HMAC_Init_ex(*(ctx), key, keylen, EVP_sha256(), NULL) + HMAC_Init_ex(*(ctx), key, (int)keylen, EVP_sha256(), NULL) #define libssh2_hmac_sha512_init(ctx, key, keylen) \ - HMAC_Init_ex(*(ctx), key, keylen, EVP_sha512(), NULL) + HMAC_Init_ex(*(ctx), key, (int)keylen, EVP_sha512(), NULL) +#ifdef LIBSSH2_WOLFSSL +/* FIXME: upstream bug as of v5.6.0: datalen is int instead of size_t */ #define libssh2_hmac_update(ctx, data, datalen) \ - HMAC_Update(ctx, data, datalen) + HMAC_Update(ctx, data, (int)datalen) +#else +#define libssh2_hmac_update(ctx, data, datalen) \ + HMAC_Update(ctx, data, datalen) +#endif /* LIBSSH2_WOLFSSL */ #define libssh2_hmac_final(ctx, data) HMAC_Final(ctx, data, NULL) #define libssh2_hmac_cleanup(ctx) HMAC_CTX_free(*(ctx)) #else #define libssh2_hmac_ctx HMAC_CTX #define libssh2_hmac_ctx_init(ctx) \ - HMAC_CTX_init(&ctx) + HMAC_CTX_init(&ctx) #define libssh2_hmac_sha1_init(ctx, key, keylen) \ - HMAC_Init_ex(ctx, key, keylen, EVP_sha1(), NULL) + HMAC_Init_ex(ctx, key, (int)keylen, EVP_sha1(), NULL) #define libssh2_hmac_md5_init(ctx, key, keylen) \ - HMAC_Init_ex(ctx, key, keylen, EVP_md5(), NULL) + HMAC_Init_ex(ctx, key, (int)keylen, EVP_md5(), NULL) #define libssh2_hmac_ripemd160_init(ctx, key, keylen) \ - HMAC_Init_ex(ctx, key, keylen, EVP_ripemd160(), NULL) + HMAC_Init_ex(ctx, key, (int)keylen, EVP_ripemd160(), NULL) #define libssh2_hmac_sha256_init(ctx, key, keylen) \ - HMAC_Init_ex(ctx, key, keylen, EVP_sha256(), NULL) + HMAC_Init_ex(ctx, key, (int)keylen, EVP_sha256(), NULL) #define libssh2_hmac_sha512_init(ctx, key, keylen) \ - HMAC_Init_ex(ctx, key, keylen, EVP_sha512(), NULL) + HMAC_Init_ex(ctx, key, (int)keylen, EVP_sha512(), NULL) #define libssh2_hmac_update(ctx, data, datalen) \ - HMAC_Update(&(ctx), data, datalen) + HMAC_Update(&(ctx), data, datalen) #define libssh2_hmac_final(ctx, data) HMAC_Final(&(ctx), data, NULL) #define libssh2_hmac_cleanup(ctx) HMAC_cleanup(ctx) #endif @@ -300,13 +364,17 @@ extern void _libssh2_openssl_crypto_exit(void); #define libssh2_crypto_init() _libssh2_openssl_crypto_init() #define libssh2_crypto_exit() _libssh2_openssl_crypto_exit() +#if LIBSSH2_RSA #define libssh2_rsa_ctx RSA #define _libssh2_rsa_free(rsactx) RSA_free(rsactx) +#endif +#if LIBSSH2_DSA #define libssh2_dsa_ctx DSA #define _libssh2_dsa_free(dsactx) DSA_free(dsactx) +#endif #if LIBSSH2_ECDSA #define libssh2_ecdsa_ctx EC_KEY @@ -336,18 +404,15 @@ libssh2_curve_type; #define _libssh2_cipher_ctx EVP_CIPHER_CTX #endif +#define _libssh2_cipher_aes256gcm EVP_aes_256_gcm +#define _libssh2_cipher_aes128gcm EVP_aes_128_gcm + #define _libssh2_cipher_aes256 EVP_aes_256_cbc #define _libssh2_cipher_aes192 EVP_aes_192_cbc #define _libssh2_cipher_aes128 EVP_aes_128_cbc -#ifdef HAVE_EVP_AES_128_CTR #define _libssh2_cipher_aes128ctr EVP_aes_128_ctr #define _libssh2_cipher_aes192ctr EVP_aes_192_ctr #define _libssh2_cipher_aes256ctr EVP_aes_256_ctr -#else -#define _libssh2_cipher_aes128ctr _libssh2_EVP_aes_128_ctr -#define _libssh2_cipher_aes192ctr _libssh2_EVP_aes_192_ctr -#define _libssh2_cipher_aes256ctr _libssh2_EVP_aes_256_ctr -#endif #define _libssh2_cipher_blowfish EVP_bf_cbc #define _libssh2_cipher_arcfour EVP_rc4 #define _libssh2_cipher_cast5 EVP_cast5_cbc @@ -366,18 +431,26 @@ libssh2_curve_type; #define _libssh2_bn_init() BN_new() #define _libssh2_bn_init_from_bin() _libssh2_bn_init() #define _libssh2_bn_set_word(bn, val) BN_set_word(bn, val) -#define _libssh2_bn_from_bin(bn, len, val) BN_bin2bn(val, len, bn) +#define _libssh2_bn_from_bin(bn, len, val) BN_bin2bn(val, (int)len, bn) #define _libssh2_bn_to_bin(bn, val) BN_bn2bin(bn, val) #define _libssh2_bn_bytes(bn) BN_num_bytes(bn) #define _libssh2_bn_bits(bn) BN_num_bits(bn) #define _libssh2_bn_free(bn) BN_clear_free(bn) +/* Default generate and safe prime sizes for + diffie-hellman-group-exchange-sha1 */ +#define LIBSSH2_DH_GEX_MINGROUP 2048 +#define LIBSSH2_DH_GEX_OPTGROUP 4096 +#define LIBSSH2_DH_GEX_MAXGROUP 8192 + +#define LIBSSH2_DH_MAX_MODULUS_BITS 16384 + #define _libssh2_dh_ctx BIGNUM * #define libssh2_dh_init(dhctx) _libssh2_dh_init(dhctx) #define libssh2_dh_key_pair(dhctx, public, g, p, group_order, bnctx) \ - _libssh2_dh_key_pair(dhctx, public, g, p, group_order, bnctx) + _libssh2_dh_key_pair(dhctx, public, g, p, group_order, bnctx) #define libssh2_dh_secret(dhctx, secret, f, p, bnctx) \ - _libssh2_dh_secret(dhctx, secret, f, p, bnctx) + _libssh2_dh_secret(dhctx, secret, f, p, bnctx) #define libssh2_dh_dtor(dhctx) _libssh2_dh_dtor(dhctx) extern void _libssh2_dh_init(_libssh2_dh_ctx *dhctx); extern int _libssh2_dh_key_pair(_libssh2_dh_ctx *dhctx, _libssh2_bn *public, @@ -389,6 +462,8 @@ extern int _libssh2_dh_secret(_libssh2_dh_ctx *dhctx, _libssh2_bn *secret, _libssh2_bn_ctx *bnctx); extern void _libssh2_dh_dtor(_libssh2_dh_ctx *dhctx); +extern int _libssh2_openssl_random(void *buf, size_t len); + const EVP_CIPHER *_libssh2_EVP_aes_128_ctr(void); const EVP_CIPHER *_libssh2_EVP_aes_192_ctr(void); const EVP_CIPHER *_libssh2_EVP_aes_256_ctr(void); diff --git a/libssh2/src/os400qc3.c b/libssh2/src/os400qc3.c new file mode 100644 index 000000000..ed7e8f6e3 --- /dev/null +++ b/libssh2/src/os400qc3.c @@ -0,0 +1,2440 @@ +/* + * Copyright (C) 2015-2016 Patrick Monnerat, D+H + * Copyright (C) 2020-2023 Patrick Monnerat . + * All rights reserved. + * + * Redistribution and use in source and binary forms, + * with or without modification, are permitted provided + * that the following conditions are met: + * + * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * + * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * Neither the name of the copyright holder nor the names + * of any other contributors may be used to endorse or + * promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND + * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE + * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY + * OF SUCH DAMAGE. + */ + +#ifdef LIBSSH2_CRYPTO_C /* Compile this via crypto.c */ + +#include + +#include +#include +#include + +#include + + +#ifdef OS400_DEBUG +/* In debug mode, all system library errors cause an exception. */ +#define set_EC_length(ec, length) ((ec).Bytes_Provided = \ + (ec).Bytes_Available = 0) +#else +#define set_EC_length(ec, length) ((ec).Bytes_Provided = (length)) +#endif + + +/* Ensure va_list operations are not on an array. */ +typedef struct { + va_list list; +} valiststr; + + +typedef int (*loadkeyproc)(LIBSSH2_SESSION *session, + const unsigned char *data, unsigned int datalen, + const unsigned char *passphrase, void *loadkeydata); + +/* Public key extraction data. */ +typedef struct { + const char * method; + const unsigned char * data; + unsigned int length; +} loadpubkeydata; + + +/* Support for ASN.1 elements. */ + +typedef struct { + char * header; /* Pointer to header byte. */ + char * beg; /* Pointer to element data. */ + char * end; /* Pointer to 1st byte after element. */ + unsigned char class; /* ASN.1 element class. */ + unsigned char tag; /* ASN.1 element tag. */ + unsigned char constructed; /* Element is constructed. */ +} asn1Element; + +#define ASN1_INTEGER 2 +#define ASN1_BIT_STRING 3 +#define ASN1_OCTET_STRING 4 +#define ASN1_NULL 5 +#define ASN1_OBJ_ID 6 +#define ASN1_SEQ 16 + +#define ASN1_CONSTRUCTED 0x20 + +/* rsaEncryption OID: 1.2.840.113549.1.1.1 */ +static unsigned char OID_rsaEncryption[] = + {9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 1, 1, 1}; +static int sshrsapubkey(LIBSSH2_SESSION *session, char **sshpubkey, + asn1Element *params, asn1Element *key, + const char *method); + +#if LIBSSH2_DSA != 0 +/* dsaEncryption OID: 1.2.840.10040.4.1 */ +static unsigned char OID_dsaEncryption[] = + {7, 40 + 2, 0x86, 0x48, 0xCE, 0x38, 4, 1}; +static int sshdsapubkey(LIBSSH2_SESSION *session, char **sshpubkey, + asn1Element *params, asn1Element *key, + const char *method); +#endif + +static unsigned char OID_dhKeyAgreement[] = + {9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 1, 3, 1}; + + +/* PKCS#5 support. */ + +typedef struct pkcs5params pkcs5params; +struct pkcs5params { + int cipher; /* Encryption cipher. */ + int blocksize; /* Cipher block size. */ + char mode; /* Block encryption mode. */ + char padopt; /* Pad option. */ + char padchar; /* Pad character. */ + int (*kdf)(LIBSSH2_SESSION *session, char **dk, + const unsigned char *passphrase, pkcs5params *pkcs5); + int hash; /* KDF hash algorithm. */ + size_t hashlen; /* KDF hash digest length. */ + char * salt; /* Salt. */ + size_t saltlen; /* Salt length. */ + char * iv; /* Initialization vector. */ + size_t ivlen; /* Initialization vector length. */ + int itercount; /* KDF iteration count. */ + int dklen; /* Derived key length (#bytes). */ + int effkeysize; /* RC2 effective key size (#bits) or 0. */ +}; + +typedef struct pkcs5algo pkcs5algo; +struct pkcs5algo { + const unsigned char * oid; + int (*parse)(LIBSSH2_SESSION *session, pkcs5params *pkcs5, + pkcs5algo *algo, asn1Element *param); + int cipher; /* Encryption cipher. */ + size_t blocksize; /* Cipher block size. */ + char mode; /* Block encryption mode. */ + char padopt; /* Pad option. */ + char padchar; /* Pad character. */ + size_t keylen; /* Key length (#bytes). */ + int hash; /* Hash algorithm. */ + size_t hashlen; /* Hash digest length. */ + size_t saltlen; /* Salt length. */ + size_t ivlen; /* Initialisation vector length. */ + int effkeysize; /* RC2 effective key size (#bits) or 0. */ +}; + +/* id-PBES2 OID: 1.2.840.113549.1.5.13 */ +static const unsigned char OID_id_PBES2[] = { + 9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0D +}; +static int parse_pbes2(LIBSSH2_SESSION *session, pkcs5params *pkcs5, + pkcs5algo *algo, asn1Element *param); +static const pkcs5algo PBES2 = { + OID_id_PBES2, parse_pbes2, 0, 0, '\0', '\0', '\0', 0, + 0, 0, 0, 0, 0 +}; + +/* id-PBKDF2 OID: 1.2.840.113549.1.5.12 */ +static const unsigned char OID_id_PBKDF2[] = { + 9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0C +}; +static int parse_pbkdf2(LIBSSH2_SESSION *session, pkcs5params *pkcs5, + pkcs5algo *algo, asn1Element *param); +static const pkcs5algo PBKDF2 = { + OID_id_PBKDF2, parse_pbkdf2, 0, 0, '\0', '\0', '\0', + SHA_DIGEST_LENGTH, Qc3_SHA1, SHA_DIGEST_LENGTH, 8, 8, 0 +}; + +/* id-hmacWithSHA1 OID: 1.2.840.113549.2.7 */ +static const unsigned char OID_id_hmacWithSHA1[] = { + 8, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x07 +}; +static int parse_hmacWithSHA1(LIBSSH2_SESSION *session, pkcs5params *pkcs5, + pkcs5algo *algo, asn1Element *param); +static const pkcs5algo hmacWithSHA1 = { + OID_id_hmacWithSHA1, parse_hmacWithSHA1, 0, 0, '\0', '\0', '\0', + SHA_DIGEST_LENGTH, Qc3_SHA1, SHA_DIGEST_LENGTH, 8, 8, 0 +}; + +/* desCBC OID: 1.3.14.3.2.7 */ +static const unsigned char OID_desCBC[] = {5, 40 + 3, 0x0E, 0x03, 0x02, 0x07}; +static int parse_iv(LIBSSH2_SESSION *session, pkcs5params *pkcs5, + pkcs5algo *algo, asn1Element *param); +static const pkcs5algo desCBC = { + OID_desCBC, parse_iv, Qc3_DES, 8, Qc3_CBC, Qc3_Pad_Counter, + '\0', 8, 0, 0, 8, 8, 0 +}; + +/* des-EDE3-CBC OID: 1.2.840.113549.3.7 */ +static const unsigned char OID_des_EDE3_CBC[] = { + 8, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x03, 0x07 +}; +static const pkcs5algo des_EDE3_CBC = { + OID_des_EDE3_CBC, parse_iv, Qc3_TDES, 8, Qc3_CBC, Qc3_Pad_Counter, + '\0', 24, 0, 0, 8, 8, 0 +}; + +/* rc2CBC OID: 1.2.840.113549.3.2 */ +static const unsigned char OID_rc2CBC[] = { + 8, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x03, 0x02 +}; +static int parse_rc2(LIBSSH2_SESSION *session, pkcs5params *pkcs5, + pkcs5algo *algo, asn1Element *param); +static const pkcs5algo rc2CBC = { + OID_rc2CBC, parse_rc2, Qc3_RC2, 8, Qc3_CBC, Qc3_Pad_Counter, + '\0', 0, 0, 0, 8, 0, 32 +}; + +/* pbeWithMD5AndDES-CBC OID: 1.2.840.113549.1.5.3 */ +static const unsigned char OID_pbeWithMD5AndDES_CBC[] = { + 9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x03 +}; +static int parse_pbes1(LIBSSH2_SESSION *session, pkcs5params *pkcs5, + pkcs5algo *algo, asn1Element *param); +static const pkcs5algo pbeWithMD5AndDES_CBC = { + OID_pbeWithMD5AndDES_CBC, parse_pbes1, Qc3_DES, 8, Qc3_CBC, + Qc3_Pad_Counter, '\0', 8, Qc3_MD5, MD5_DIGEST_LENGTH, 8, 0, 0 +}; + +/* pbeWithMD5AndRC2-CBC OID: 1.2.840.113549.1.5.6 */ +static const unsigned char OID_pbeWithMD5AndRC2_CBC[] = { + 9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x06 +}; +static const pkcs5algo pbeWithMD5AndRC2_CBC = { + OID_pbeWithMD5AndRC2_CBC, parse_pbes1, Qc3_RC2, 8, Qc3_CBC, + Qc3_Pad_Counter, '\0', 0, Qc3_MD5, MD5_DIGEST_LENGTH, 8, 0, 64 +}; + +/* pbeWithSHA1AndDES-CBC OID: 1.2.840.113549.1.5.10 */ +static const unsigned char OID_pbeWithSHA1AndDES_CBC[] = { + 9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0A +}; +static const pkcs5algo pbeWithSHA1AndDES_CBC = { + OID_pbeWithSHA1AndDES_CBC, parse_pbes1, Qc3_DES, 8, Qc3_CBC, + Qc3_Pad_Counter, '\0', 8, Qc3_SHA1, SHA_DIGEST_LENGTH, 8, 0, 0 +}; + +/* pbeWithSHA1AndRC2-CBC OID: 1.2.840.113549.1.5.11 */ +static const unsigned char OID_pbeWithSHA1AndRC2_CBC[] = { + 9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0B +}; +static const pkcs5algo pbeWithSHA1AndRC2_CBC = { + OID_pbeWithSHA1AndRC2_CBC, parse_pbes1, Qc3_RC2, 8, Qc3_CBC, + Qc3_Pad_Counter, '\0', 0, Qc3_SHA1, SHA_DIGEST_LENGTH, 8, 0, 64 +}; + +/* rc5-CBC-PAD OID: 1.2.840.113549.3.9: RC5 not implemented in Qc3. */ +/* pbeWithMD2AndDES-CBC OID: 1.2.840.113549.1.5.1: MD2 not implemented. */ +/* pbeWithMD2AndRC2-CBC OID: 1.2.840.113549.1.5.4: MD2 not implemented. */ + +static const pkcs5algo * pbestable[] = { + &pbeWithMD5AndDES_CBC, + &pbeWithMD5AndRC2_CBC, + &pbeWithSHA1AndDES_CBC, + &pbeWithSHA1AndRC2_CBC, + &PBES2, + NULL +}; + +static const pkcs5algo * pbkdf2table[] = { + &PBKDF2, + NULL +}; + +static const pkcs5algo * pbes2enctable[] = { + &desCBC, + &des_EDE3_CBC, + &rc2CBC, + NULL +}; + +static const pkcs5algo * kdf2prftable[] = { + &hmacWithSHA1, + NULL +}; + + +/* Public key extraction support. */ +static struct { + unsigned char *oid; + int (*sshpubkey)(LIBSSH2_SESSION *session, char **pubkey, + asn1Element *params, asn1Element *key, + const char *method); + const char * method; +} pka[] = { +#if LIBSSH2_RSA != 0 + { OID_rsaEncryption, sshrsapubkey, "ssh-rsa" }, +#endif +#if LIBSSH2_DSA != 0 + { OID_dsaEncryption, sshdsapubkey, "ssh-dss" }, +#endif + { NULL, NULL, NULL } +}; + +/* Define ASCII strings. */ +static const char beginencprivkeyhdr[] = + "-----BEGIN ENCRYPTED PRIVATE KEY-----"; +static const char endencprivkeyhdr[] = "-----END ENCRYPTED PRIVATE KEY-----"; +static const char beginprivkeyhdr[] = "-----BEGIN PRIVATE KEY-----"; +static const char endprivkeyhdr[] = "-----END PRIVATE KEY-----"; +static const char beginrsaprivkeyhdr[] = "-----BEGIN RSA PRIVATE KEY-----"; +static const char endrsaprivkeyhdr[] = "-----END RSA PRIVATE KEY-----"; +static const char fopenrmode[] = "r"; +static const char fopenrbmode[] = "rb"; + + +/* The rest of character literals in this module are in EBCDIC. */ +#pragma convert(37) + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +static Qc3_Format_KEYD0100_T nulltoken = {""}; + +static int zero = 0; +static int rsaprivate[] = { Qc3_RSA_Private }; +static char anycsp[] = { Qc3_Any_CSP }; +static char binstring[] = { Qc3_Bin_String }; +static char berstring[] = { Qc3_BER_String }; +static char qc3clear[] = { Qc3_Clear }; + +static const Qus_EC_t ecnull = {0}; /* Error causes an exception. */ + +static asn1Element lastbytebitcount = { + (char *) &zero, NULL, (char *) &zero + 1 +}; + + +/******************************************************************* + * + * OS/400 QC3 crypto-library backend: big numbers support. + * + *******************************************************************/ + +int +_libssh2_random(unsigned char *buf, size_t len) +{ + Qus_EC_t errcode; + + set_EC_length(errcode, sizeof(errcode)); + Qc3GenPRNs(buf, len, + Qc3PRN_TYPE_NORMAL, Qc3PRN_NO_PARITY, (char *) &errcode); + return errcode.Bytes_Available? -1: 0; +} + +_libssh2_bn * +_libssh2_bn_init(void) +{ + _libssh2_bn *bignum; + + bignum = (_libssh2_bn *) malloc(sizeof(*bignum)); + if(bignum) { + bignum->bignum = NULL; + bignum->length = 0; + } + + return bignum; +} + +void +_libssh2_bn_free(_libssh2_bn *bn) +{ + if(bn) { + if(bn->bignum) { + if(bn->length) + _libssh2_explicit_zero(bn->bignum, bn->length); + + free(bn->bignum); + } + + free((char *) bn); + } +} + +static int +_libssh2_bn_resize(_libssh2_bn *bn, size_t newlen) +{ + unsigned char *bignum; + + if(!bn) + return -1; + if(newlen == bn->length) + return 0; + + if(!bn->bignum) + bignum = (unsigned char *) malloc(newlen); + else { + if(newlen < bn->length) + _libssh2_explicit_zero(bn->bignum + newlen, bn->length - newlen); + + if(!newlen) { + free((char *) bn->bignum); + bn->bignum = NULL; + bn->length = 0; + return 0; + } + bignum = (unsigned char *) realloc((char *) bn->bignum, newlen); + } + + if(!bignum) + return -1; + + if(newlen > bn->length) + memset((char *) bignum + bn->length, 0, newlen - bn->length); + + bn->bignum = bignum; + bn->length = newlen; + return 0; +} + +unsigned long +_libssh2_bn_bits(_libssh2_bn *bn) +{ + unsigned int i; + unsigned char b; + + if(bn && bn->bignum) { + for(i = bn->length; i--;) { + b = bn->bignum[i]; + if(b) { + i *= 8; + do { + i++; + } while(b >>= 1); + return i; + } + } + } + + return 0; +} + +int +_libssh2_bn_from_bin(_libssh2_bn *bn, int len, const unsigned char *val) +{ + int i; + + if(!bn || (len && !val)) + return -1; + + for(; len && !*val; len--) + val++; + + if(_libssh2_bn_resize(bn, len)) + return -1; + + for(i = len; i--;) + bn->bignum[i] = *val++; + + return 0; +} + +int +_libssh2_bn_set_word(_libssh2_bn *bn, unsigned long val) +{ + val = htonl(val); + return _libssh2_bn_from_bin(bn, sizeof(val), (unsigned char *) &val); +} + +int +_libssh2_bn_to_bin(_libssh2_bn *bn, unsigned char *val) +{ + int i; + + if(!bn || !val) + return -1; + + for(i = bn->length; i--;) + *val++ = bn->bignum[i]; + + return 0; +} + +static int +_libssh2_bn_from_bn(_libssh2_bn *to, _libssh2_bn *from) +{ + int i; + + if(!to || !from) + return -1; + + if(_libssh2_bn_resize(to, from->length)) + return -1; + + for(i = to->length; i--;) + to->bignum[i] = from->bignum[i]; + + return 0; +} + + +/******************************************************************* + * + * OS/400 QC3 crypto-library backend: ASN.1 support. + * + *******************************************************************/ + +static char * +getASN1Element(asn1Element *elem, char *beg, char *end) +{ + unsigned char b; + unsigned long len; + asn1Element lelem; + + /* Get a single ASN.1 element into `elem', parse ASN.1 string at `beg' + * ending at `end'. + * Returns a pointer in source string after the parsed element, or NULL + * if an error occurs. + */ + + if(beg >= end || !*beg) + return NULL; + + /* Process header byte. */ + elem->header = beg; + b = (unsigned char) *beg++; + elem->constructed = (b & 0x20) != 0; + elem->class = (b >> 6) & 3; + b &= 0x1F; + if(b == 0x1F) + return NULL; /* Long tag values not supported here. */ + elem->tag = b; + + /* Process length. */ + if(beg >= end) + return NULL; + b = (unsigned char) *beg++; + if(!(b & 0x80)) + len = b; + else if(!(b &= 0x7F)) { + /* Unspecified length. Since we have all the data, we can determine the + * effective length by skipping element until an end element is + * found. + */ + if(!elem->constructed) + return NULL; + elem->beg = beg; + while(beg < end && *beg) { + beg = getASN1Element(&lelem, beg, end); + if(!beg) + return NULL; + } + if(beg >= end) + return NULL; + elem->end = beg; + return beg + 1; + } + else if(beg + b > end) + return NULL; /* Does not fit in source. */ + else { + /* Get long length. */ + len = 0; + do { + if(len & 0xFF000000L) + return NULL; /* Lengths > 32 bits are not supported. */ + len = (len << 8) | (unsigned char) *beg++; + } while(--b); + } + if((unsigned long) (end - beg) < len) + return NULL; /* Element data does not fit in source. */ + elem->beg = beg; + elem->end = beg + len; + return elem->end; +} + +static asn1Element * +asn1_new(unsigned int type, unsigned int length) +{ + asn1Element *e; + unsigned int hdrl = 2; + unsigned int i; + unsigned char *buf; + + e = (asn1Element *) malloc(sizeof(*e)); + + if(e) { + if(length >= 0x80) + for(i = length; i; i >>= 8) + hdrl++; + + buf = (unsigned char *) malloc(hdrl + length); + + if(buf) { + e->header = buf; + e->beg = buf + hdrl; + e->end = e->beg + length; + e->class = (type >> 6) & 0x03; + e->tag = type & 0x1F; + e->constructed = (type >> 5) & 0x01; + e->header[0] = type; + + if(length < 0x80) + e->header[1] = length; + else { + e->header[1] = (hdrl - 2) | 0x80; + do { + e->header[--hdrl] = length; + length >>= 8; + } while(length); + } + } + else { + free((char *) e); + e = NULL; + } + } + + return e; +} + +static asn1Element * +asn1_new_from_bytes(const unsigned char *data, unsigned int length) +{ + asn1Element *e; + asn1Element te; + + getASN1Element(&te, + (unsigned char *) data, (unsigned char *) data + length); + e = asn1_new(te.tag, te.end - te.beg); + + if(e) + memcpy(e->header, data, e->end - e->header); + + return e; +} + +static void +asn1delete(asn1Element *e) +{ + if(e) { + if(e->header) + free((char *) e->header); + free((char *) e); + } +} + +static asn1Element * +asn1uint(_libssh2_bn *bn) +{ + asn1Element *e; + int bits; + int length; + unsigned char *p; + + if(!bn) + return NULL; + + bits = _libssh2_bn_bits(bn); + length = (bits + 8) >> 3; + e = asn1_new(ASN1_INTEGER, length); + + if(e) { + p = e->beg; + if(!(bits & 0x07)) + *p++ = 0; + _libssh2_bn_to_bin(bn, p); + } + + return e; +} + +static asn1Element * +asn1containerv(unsigned int type, valiststr args) +{ + valiststr va; + asn1Element *e; + asn1Element *p; + unsigned char *bp; + unsigned int length = 0; + + memcpy((char *) &va, (char *) &args, sizeof(args)); + while((p = va_arg(va.list, asn1Element *))) + length += p->end - p->header; + va_end(va.list); + e = asn1_new(type, length); + if(e) { + bp = e->beg; + while((p = va_arg(args.list, asn1Element *))) { + memcpy(bp, p->header, p->end - p->header); + bp += p->end - p->header; + } + } + return e; +} + +/* VARARGS1 */ +static asn1Element * +asn1container(unsigned int type, ...) +{ + valiststr va; + asn1Element *e; + + va_start(va.list, type); + e = asn1containerv(type, va); + va_end(va.list); + return e; +} + +static asn1Element * +asn1bytes(unsigned int type, const unsigned char *bytes, unsigned int length) +{ + asn1Element *e; + + e = asn1_new(type, length); + if(e && length) + memcpy(e->beg, bytes, length); + return e; +} + +static asn1Element * +rsapublickey(_libssh2_bn *e, _libssh2_bn *m) +{ + asn1Element *publicexponent; + asn1Element *modulus; + asn1Element *rsapubkey; + + /* Build a PKCS#1 RSAPublicKey. */ + + modulus = asn1uint(m); + publicexponent = asn1uint(e); + rsapubkey = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED, + modulus, publicexponent, NULL); + asn1delete(modulus); + asn1delete(publicexponent); + + if(!modulus || !publicexponent) { + asn1delete(rsapubkey); + rsapubkey = NULL; + } + + return rsapubkey; +} + +static asn1Element * +rsaprivatekey(_libssh2_bn *e, _libssh2_bn *m, _libssh2_bn *d, + _libssh2_bn *p, _libssh2_bn *q, + _libssh2_bn *exp1, _libssh2_bn *exp2, _libssh2_bn *coeff) +{ + asn1Element *version; + asn1Element *modulus; + asn1Element *publicexponent; + asn1Element *privateexponent; + asn1Element *prime1; + asn1Element *prime2; + asn1Element *exponent1; + asn1Element *exponent2; + asn1Element *coefficient; + asn1Element *rsaprivkey; + + /* Build a PKCS#1 RSAPrivateKey. */ + version = asn1bytes(ASN1_INTEGER, "\0", 1); + modulus = asn1uint(m); + publicexponent = asn1uint(e); + privateexponent = asn1uint(d); + prime1 = asn1uint(p); + prime2 = asn1uint(q); + exponent1 = asn1uint(exp1); + exponent2 = asn1uint(exp2); + coefficient = asn1uint(coeff); + rsaprivkey = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED, version, modulus, + publicexponent, privateexponent, prime1, prime2, + exponent1, exponent2, coefficient, NULL); + asn1delete(version); + asn1delete(modulus); + asn1delete(publicexponent); + asn1delete(privateexponent); + asn1delete(prime1); + asn1delete(prime2); + asn1delete(exponent1); + asn1delete(exponent2); + asn1delete(coefficient); + + if(!version || !modulus || !publicexponent || !privateexponent || + !prime1 || !prime2 || !exponent1 || !exponent2 || !coefficient) { + asn1delete(rsaprivkey); + rsaprivkey = NULL; + } + + return rsaprivkey; +} + +static asn1Element * +subjectpublickeyinfo(asn1Element *pubkey, const unsigned char *algo, + asn1Element *parameters) +{ + asn1Element *subjpubkey; + asn1Element *algorithm; + asn1Element *algorithmid; + asn1Element *subjpubkeyinfo; + unsigned int algosize = *algo++; + + algorithm = asn1bytes(ASN1_OBJ_ID, algo, algosize); + algorithmid = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED, + algorithm, parameters, NULL); + subjpubkey = asn1container(ASN1_BIT_STRING, &lastbytebitcount, + pubkey, NULL); + subjpubkeyinfo = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED, + algorithmid, subjpubkey, NULL); + asn1delete(algorithm); + asn1delete(algorithmid); + asn1delete(subjpubkey); + if(!algorithm || !algorithmid || !subjpubkey) { + asn1delete(subjpubkeyinfo); + subjpubkeyinfo = NULL; + } + return subjpubkeyinfo; +} + +static asn1Element * +rsasubjectpublickeyinfo(asn1Element *pubkey) +{ + asn1Element *parameters; + asn1Element *subjpubkeyinfo; + + parameters = asn1bytes(ASN1_NULL, NULL, 0); + subjpubkeyinfo = subjectpublickeyinfo(pubkey, + OID_rsaEncryption, parameters); + asn1delete(parameters); + if(!parameters) { + asn1delete(subjpubkeyinfo); + subjpubkeyinfo = NULL; + } + return subjpubkeyinfo; +} + +static asn1Element * +privatekeyinfo(asn1Element *privkey, const unsigned char *algo, + asn1Element *parameters) +{ + asn1Element *version; + asn1Element *privatekey; + asn1Element *algorithm; + asn1Element *privatekeyalgorithm; + asn1Element *privkeyinfo; + unsigned int algosize = *algo++; + + /* Build a PKCS#8 PrivateKeyInfo. */ + version = asn1bytes(ASN1_INTEGER, "\0", 1); + algorithm = asn1bytes(ASN1_OBJ_ID, algo, algosize); + privatekeyalgorithm = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED, + algorithm, parameters, NULL); + privatekey = asn1container(ASN1_OCTET_STRING, privkey, NULL); + privkeyinfo = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED, version, + privatekeyalgorithm, privatekey, NULL); + asn1delete(version); + asn1delete(algorithm); + asn1delete(privatekeyalgorithm); + if(!version || !algorithm || !privatekeyalgorithm) { + asn1delete(privkeyinfo); + privkeyinfo = NULL; + } + return privkeyinfo; +} + +static asn1Element * +rsaprivatekeyinfo(asn1Element *privkey) +{ + asn1Element *parameters; + asn1Element *privkeyinfo; + + parameters = asn1bytes(ASN1_NULL, NULL, 0); + privkeyinfo = privatekeyinfo(privkey, OID_rsaEncryption, parameters); + asn1delete(parameters); + if(!parameters) { + asn1delete(privkeyinfo); + privkeyinfo = NULL; + } + return privkeyinfo; +} + + +/******************************************************************* + * + * OS/400 QC3 crypto-library backend: crypto context support. + * + *******************************************************************/ + +static _libssh2_os400qc3_crypto_ctx * +libssh2_init_crypto_ctx(_libssh2_os400qc3_crypto_ctx *ctx) +{ + if(!ctx) + ctx = (_libssh2_os400qc3_crypto_ctx *) malloc(sizeof(*ctx)); + + if(ctx) { + memset((char *) ctx, 0, sizeof(*ctx)); + ctx->hash.Final_Op_Flag = Qc3_Continue; + } + + return ctx; +} + +static int +null_token(const char *token) +{ + return !memcmp(token, nulltoken.Key_Context_Token, + sizeof(nulltoken.Key_Context_Token)); +} + +void +_libssh2_os400qc3_crypto_dtor(_libssh2_os400qc3_crypto_ctx *x) +{ + if(!x) + return; + if(!null_token(x->hash.Alg_Context_Token)) { + Qc3DestroyAlgorithmContext(x->hash.Alg_Context_Token, + (char *) &ecnull); + memset(x->hash.Alg_Context_Token, 0, + sizeof(x->hash.Alg_Context_Token)); + } + if(!null_token(x->key.Key_Context_Token)) { + Qc3DestroyKeyContext(x->key.Key_Context_Token, (char *) &ecnull); + memset(x->key.Key_Context_Token, 0, + sizeof(x->key.Key_Context_Token)); + } + if(x->kek) { + _libssh2_os400qc3_crypto_dtor(x->kek); + free((char *) x->kek); + x->kek = NULL; + } +} + +/******************************************************************* + * + * OS/400 QC3 crypto-library backend: hash algorithms support. + * + *******************************************************************/ + +int +libssh2_os400qc3_hash_init(Qc3_Format_ALGD0100_T *x, unsigned int algorithm) +{ + Qc3_Format_ALGD0500_T algd; + Qus_EC_t errcode; + + if(!x) + return 0; + + memset((char *) x, 0, sizeof(*x)); + x->Final_Op_Flag = Qc3_Continue; + algd.Hash_Alg = algorithm; + set_EC_length(errcode, sizeof(errcode)); + Qc3CreateAlgorithmContext((char *) &algd, Qc3_Alg_Hash, + x->Alg_Context_Token, &errcode); + return errcode.Bytes_Available? 0: 1; +} + +void +libssh2_os400qc3_hash_update(Qc3_Format_ALGD0100_T *ctx, + const unsigned char *data, int len) +{ + char dummy[64]; + + ctx->Final_Op_Flag = Qc3_Continue; + Qc3CalculateHash((char *) data, &len, Qc3_Data, (char *) ctx, + Qc3_Alg_Token, anycsp, NULL, dummy, (char *) &ecnull); +} + +void +libssh2_os400qc3_hash_final(Qc3_Format_ALGD0100_T *ctx, unsigned char *out) +{ + char data; + + ctx->Final_Op_Flag = Qc3_Final; + Qc3CalculateHash(&data, &zero, Qc3_Data, (char *) ctx, Qc3_Alg_Token, + anycsp, NULL, (char *) out, (char *) &ecnull); + Qc3DestroyAlgorithmContext(ctx->Alg_Context_Token, (char *) &ecnull); + memset(ctx->Alg_Context_Token, 0, sizeof(ctx->Alg_Context_Token)); +} + +int +libssh2_os400qc3_hash(const unsigned char *message, unsigned long len, + unsigned char *out, unsigned int algo) +{ + Qc3_Format_ALGD0100_T ctx; + + if(!libssh2_os400qc3_hash_init(&ctx, algo)) + return 1; + + libssh2_os400qc3_hash_update(&ctx, message, len); + libssh2_os400qc3_hash_final(&ctx, out); + return 0; +} + +void +libssh2_os400qc3_hmac_init(_libssh2_os400qc3_crypto_ctx *ctx, + int algo, size_t minkeylen, void *key, int keylen) +{ + if(keylen < minkeylen) { + char *lkey = alloca(minkeylen); + + /* Pad key with zeroes if too short. */ + if(!lkey) + return; + memcpy(lkey, (char *) key, keylen); + memset(lkey + keylen, 0, minkeylen - keylen); + key = (void *) lkey; + keylen = minkeylen; + } + libssh2_os400qc3_hash_init(&ctx->hash, algo); + Qc3CreateKeyContext((char *) key, &keylen, binstring, &algo, qc3clear, + NULL, NULL, ctx->key.Key_Context_Token, + (char *) &ecnull); +} + +void +libssh2_os400qc3_hmac_update(_libssh2_os400qc3_crypto_ctx *ctx, + unsigned char *data, int len) +{ + char dummy[64]; + + ctx->hash.Final_Op_Flag = Qc3_Continue; + Qc3CalculateHMAC((char *) data, &len, Qc3_Data, (char *) &ctx->hash, + Qc3_Alg_Token, ctx->key.Key_Context_Token, Qc3_Key_Token, + anycsp, NULL, dummy, (char *) &ecnull); +} + +void +libssh2_os400qc3_hmac_final(_libssh2_os400qc3_crypto_ctx *ctx, + unsigned char *out) +{ + char data; + + ctx->hash.Final_Op_Flag = Qc3_Final; + Qc3CalculateHMAC((char *) data, &zero, Qc3_Data, (char *) &ctx->hash, + Qc3_Alg_Token, ctx->key.Key_Context_Token, Qc3_Key_Token, + anycsp, NULL, (char *) out, (char *) &ecnull); +} + + +/******************************************************************* + * + * OS/400 QC3 crypto-library backend: cipher algorithms support. + * + *******************************************************************/ + +int +_libssh2_cipher_init(_libssh2_cipher_ctx *h, _libssh2_cipher_type(algo), + unsigned char *iv, unsigned char *secret, int encrypt) +{ + Qc3_Format_ALGD0200_T algd; + Qus_EC_t errcode; + + (void) encrypt; + + if(!h) + return -1; + + libssh2_init_crypto_ctx(h); + algd.Block_Cipher_Alg = algo.algo; + algd.Block_Length = algo.size; + algd.Mode = algo.mode; + algd.Pad_Option = Qc3_No_Pad; + algd.Pad_Character = 0; + algd.Reserved = 0; + algd.MAC_Length = 0; + algd.Effective_Key_Size = 0; + memset(algd.Init_Vector, 0, sizeof(algd.Init_Vector)); + if(algo.mode != Qc3_ECB && algo.size) + memcpy(algd.Init_Vector, iv, algo.size); + set_EC_length(errcode, sizeof(errcode)); + Qc3CreateAlgorithmContext((char *) &algd, algo.fmt, + h->hash.Alg_Context_Token, &errcode); + if(errcode.Bytes_Available) + return -1; + Qc3CreateKeyContext((char *) secret, &algo.keylen, binstring, + &algo.algo, qc3clear, NULL, NULL, + h->key.Key_Context_Token, (char *) &errcode); + if(errcode.Bytes_Available) { + _libssh2_os400qc3_crypto_dtor(h); + return -1; + } + + return 0; +} + +int +_libssh2_cipher_crypt(_libssh2_cipher_ctx *ctx, + _libssh2_cipher_type(algo), + int encrypt, unsigned char *block, size_t blocksize, + int firstlast) +{ + Qus_EC_t errcode; + int outlen; + int blksize = blocksize; + + (void) algo; + + set_EC_length(errcode, sizeof(errcode)); + if(encrypt) + Qc3EncryptData((char *) block, &blksize, Qc3_Data, + ctx->hash.Alg_Context_Token, Qc3_Alg_Token, + ctx->key.Key_Context_Token, Qc3_Key_Token, anycsp, NULL, + (char *) block, &blksize, &outlen, (char *) &errcode); + else + Qc3DecryptData((char *) block, &blksize, + ctx->hash.Alg_Context_Token, Qc3_Alg_Token, + ctx->key.Key_Context_Token, Qc3_Key_Token, anycsp, NULL, + (char *) block, &blksize, &outlen, (char *) &errcode); + + return errcode.Bytes_Available? -1: 0; +} + + +/******************************************************************* + * + * OS/400 QC3 crypto-library backend: RSA support. + * + *******************************************************************/ + +int +_libssh2_rsa_new(libssh2_rsa_ctx **rsa, + const unsigned char *edata, unsigned long elen, + const unsigned char *ndata, unsigned long nlen, + const unsigned char *ddata, unsigned long dlen, + const unsigned char *pdata, unsigned long plen, + const unsigned char *qdata, unsigned long qlen, + const unsigned char *e1data, unsigned long e1len, + const unsigned char *e2data, unsigned long e2len, + const unsigned char *coeffdata, unsigned long coefflen) +{ + libssh2_rsa_ctx *ctx; + _libssh2_bn *e = _libssh2_bn_init_from_bin(); + _libssh2_bn *n = _libssh2_bn_init_from_bin(); + _libssh2_bn *d = NULL; + _libssh2_bn *p = NULL; + _libssh2_bn *q = NULL; + _libssh2_bn *e1 = NULL; + _libssh2_bn *e2 = NULL; + _libssh2_bn *coeff = NULL; + asn1Element *key = NULL; + asn1Element *structkey = NULL; + int keytype; + int ret = 0; + int i; + + ctx = libssh2_init_crypto_ctx(NULL); + if(!ctx) + ret = -1; + if(!ret) { + _libssh2_bn_from_bin(e, elen, edata); + _libssh2_bn_from_bin(n, nlen, ndata); + if(!e || !n) + ret = -1; + } + if(!ret && ddata) { + /* Private key. */ + d = _libssh2_bn_init_from_bin(); + _libssh2_bn_from_bin(d, dlen, ddata); + p = _libssh2_bn_init_from_bin(); + _libssh2_bn_from_bin(p, plen, pdata); + q = _libssh2_bn_init_from_bin(); + _libssh2_bn_from_bin(q, qlen, qdata); + e1 = _libssh2_bn_init_from_bin(); + _libssh2_bn_from_bin(e1, e1len, e1data); + e2 = _libssh2_bn_init_from_bin(); + _libssh2_bn_from_bin(e2, e2len, e2data); + coeff = _libssh2_bn_init_from_bin(); + _libssh2_bn_from_bin(coeff, coefflen, coeffdata); + if(!d || !p || !q ||!e1 || !e2 || !coeff) + ret = -1; + + if(!ret) { + /* Build a PKCS#8 private key. */ + key = rsaprivatekey(e, n, d, p, q, e1, e2, coeff); + structkey = rsaprivatekeyinfo(key); + } + keytype = Qc3_RSA_Private; + } + else if(!ret) { + key = rsapublickey(e, n); + structkey = rsasubjectpublickeyinfo(key); + keytype = Qc3_RSA_Public; + } + if(!key || !structkey) + ret = -1; + + /* Create the key context. */ + if(!ret) { + Qus_EC_t errcode; + + set_EC_length(errcode, sizeof(errcode)); + i = structkey->end - structkey->header; + Qc3CreateKeyContext(structkey->header, &i, berstring, &keytype, + qc3clear, NULL, NULL, ctx->key.Key_Context_Token, + (char *) &errcode); + if(errcode.Bytes_Available) + ret = -1; + } + + _libssh2_bn_free(e); + _libssh2_bn_free(n); + _libssh2_bn_free(d); + _libssh2_bn_free(p); + _libssh2_bn_free(q); + _libssh2_bn_free(e1); + _libssh2_bn_free(e2); + _libssh2_bn_free(coeff); + asn1delete(key); + asn1delete(structkey); + if(ret && ctx) { + _libssh2_rsa_free(ctx); + ctx = NULL; + } + *rsa = ctx; + return ret; +} + + +/******************************************************************* + * + * OS/400 QC3 crypto-library backend: Diffie-Hellman support. + * + *******************************************************************/ + +void +_libssh2_os400qc3_dh_init(_libssh2_dh_ctx *dhctx) +{ + memset((char *) dhctx, 0, sizeof(*dhctx)); +} + +int +_libssh2_os400qc3_dh_key_pair(_libssh2_dh_ctx *dhctx, _libssh2_bn *public, + _libssh2_bn *g, _libssh2_bn *p, int group_order) +{ + asn1Element *prime; + asn1Element *base; + asn1Element *dhparameter; + asn1Element *dhkeyagreement; + asn1Element *pkcs3; + int pkcs3len; + char *pubkey; + int pubkeysize; + int pubkeylen; + Qus_EC_t errcode; + + (void) group_order; + + /* Build the PKCS#3 structure. */ + + base = asn1uint(g); + prime = asn1uint(p); + dhparameter = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED, + prime, base, NULL); + asn1delete(base); + asn1delete(prime); + dhkeyagreement = asn1bytes(ASN1_OBJ_ID, + OID_dhKeyAgreement + 1, OID_dhKeyAgreement[0]); + pkcs3 = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED, + dhkeyagreement, dhparameter, NULL); + asn1delete(dhkeyagreement); + asn1delete(dhparameter); + if(!base || !prime || !dhparameter || + !dhkeyagreement || !dhparameter || !pkcs3) { + asn1delete(pkcs3); + return -1; + } + pkcs3len = pkcs3->end - pkcs3->header; + pubkeysize = (_libssh2_bn_bits(p) + 7) >> 3; + pubkey = alloca(pubkeysize); + set_EC_length(errcode, sizeof(errcode)); + Qc3GenDHKeyPair((char *) pkcs3->header, &pkcs3len, anycsp, NULL, + dhctx->token, pubkey, &pubkeysize, &pubkeylen, &errcode); + asn1delete(pkcs3); + if(errcode.Bytes_Available) + return -1; + return _libssh2_bn_from_bin(public, pubkeylen, (unsigned char *) pubkey); +} + +int +_libssh2_os400qc3_dh_secret(_libssh2_dh_ctx *dhctx, _libssh2_bn *secret, + _libssh2_bn *f, _libssh2_bn *p) +{ + char *pubkey; + int pubkeysize; + char *secretbuf; + int secretbufsize; + int secretbuflen; + Qus_EC_t errcode; + + pubkeysize = (_libssh2_bn_bits(f) + 7) >> 3; + pubkey = alloca(pubkeysize); + _libssh2_bn_to_bin(f, pubkey); + secretbufsize = (_libssh2_bn_bits(p) + 7) >> 3; + secretbuf = alloca(pubkeysize); + set_EC_length(errcode, sizeof(errcode)); + Qc3CalculateDHSecretKey(dhctx->token, pubkey, &pubkeysize, + secretbuf, &secretbufsize, &secretbuflen, + &errcode); + if(errcode.Bytes_Available) + return -1; + return _libssh2_bn_from_bin(secret, + secretbuflen, (unsigned char *) secretbuf); +} + +void +_libssh2_os400qc3_dh_dtor(_libssh2_dh_ctx *dhctx) +{ + if(!null_token(dhctx->token)) { + Qc3DestroyAlgorithmContext(dhctx->token, (char *) &ecnull); + memset((char *) dhctx, 0, sizeof(*dhctx)); + } +} + + +/******************************************************************* + * + * OS/400 QC3 crypto-library backend: PKCS#5 supplement. + * + *******************************************************************/ + +static int +oidcmp(const asn1Element *e, const unsigned char *oid) +{ + int i = e->end - e->beg - *oid++; + + if(*e->header != ASN1_OBJ_ID) + return -2; + if(!i) + i = memcmp(e->beg, oid, oid[-1]); + return i; +} + +static int +asn1getword(asn1Element *e, unsigned long *v) +{ + unsigned long a; + const unsigned char *cp; + + if(*e->header != ASN1_INTEGER) + return -1; + for(cp = e->beg; cp < e->end && !*cp; cp++) + ; + if(e->end - cp > sizeof(a)) + return -1; + for(a = 0; cp < e->end; cp++) + a = (a << 8) | *cp; + *v = a; + return 0; +} + +static int +pbkdf1(LIBSSH2_SESSION *session, char **dk, const unsigned char *passphrase, + pkcs5params *pkcs5) +{ + int i; + Qc3_Format_ALGD0100_T hctx; + int len = pkcs5->saltlen; + char *data = (char *) pkcs5->salt; + + *dk = NULL; + if(pkcs5->dklen > pkcs5->hashlen) + return -1; + + /* Allocate the derived key buffer. */ + *dk = LIBSSH2_ALLOC(session, pkcs5->hashlen); + if(!*dk) + return -1; + + /* Initial hash. */ + libssh2_os400qc3_hash_init(&hctx, pkcs5->hash); + libssh2_os400qc3_hash_update(&hctx, passphrase, strlen(passphrase)); + hctx.Final_Op_Flag = Qc3_Final; + Qc3CalculateHash((char *) pkcs5->salt, &len, Qc3_Data, (char *) &hctx, + Qc3_Alg_Token, anycsp, NULL, *dk, (char *) &ecnull); + + /* Iterate. */ + len = pkcs5->hashlen; + for(i = 1; i < pkcs5->itercount; i++) + Qc3CalculateHash((char *) *dk, &len, Qc3_Data, (char *) &hctx, + Qc3_Alg_Token, anycsp, NULL, *dk, (char *) &ecnull); + + /* Special stuff for PBES1: split derived key into 8-byte key and 8-byte + initialization vector. */ + pkcs5->dklen = 8; + pkcs5->ivlen = 8; + pkcs5->iv = *dk + 8; + + /* Clean-up and exit. */ + Qc3DestroyAlgorithmContext(hctx.Alg_Context_Token, (char *) &ecnull); + return 0; +} + +static int +pbkdf2(LIBSSH2_SESSION *session, char **dk, const unsigned char *passphrase, + pkcs5params *pkcs5) +{ + size_t i; + size_t k; + int j; + int l; + uint32_t ni; + unsigned long long t; + char *mac; + char *buf; + _libssh2_os400qc3_crypto_ctx hctx; + + *dk = NULL; + t = ((unsigned long long) pkcs5->dklen + pkcs5->hashlen - 1) / + pkcs5->hashlen; + if(t > 0xFFFFFFFF) + return -1; + mac = alloca(pkcs5->hashlen); + if(!mac) + return -1; + + /* Allocate the derived key buffer. */ + l = t; + buf = LIBSSH2_ALLOC(session, l * pkcs5->hashlen); + if(!buf) + return -1; + *dk = buf; + + /* Create an HMAC context for our computations. */ + libssh2_os400qc3_hmac_init(&hctx, pkcs5->hash, pkcs5->hashlen, + (void *) passphrase, strlen(passphrase)); + + /* Process each hLen-size blocks. */ + for(i = 1; i <= l; i++) { + ni = htonl(i); + libssh2_os400qc3_hmac_update(&hctx, pkcs5->salt, pkcs5->saltlen); + libssh2_os400qc3_hmac_update(&hctx, (char *) &ni, sizeof(ni)); + libssh2_os400qc3_hmac_final(&hctx, mac); + memcpy(buf, mac, pkcs5->hashlen); + for(j = 1; j < pkcs5->itercount; j++) { + libssh2_os400qc3_hmac_update(&hctx, mac, pkcs5->hashlen); + libssh2_os400qc3_hmac_final(&hctx, mac); + for(k = 0; k < pkcs5->hashlen; k++) + buf[k] ^= mac[k]; + } + buf += pkcs5->hashlen; + } + + /* Computation done. Release HMAC context. */ + _libssh2_os400qc3_crypto_dtor(&hctx); + return 0; +} + +static int +parse_pkcs5_algorithm(LIBSSH2_SESSION *session, pkcs5params *pkcs5, + asn1Element *algid, pkcs5algo **algotable) +{ + asn1Element oid; + asn1Element param; + char *cp; + + cp = getASN1Element(&oid, algid->beg, algid->end); + if(!cp || *oid.header != ASN1_OBJ_ID) + return -1; + param.header = NULL; + if(cp < algid->end) + cp = getASN1Element(¶m, cp, algid->end); + if(cp != algid->end) + return -1; + for(; *algotable; algotable++) + if(!oidcmp(&oid, (*algotable)->oid)) + return (*(*algotable)->parse)(session, pkcs5, *algotable, + param.header? ¶m: NULL); + return -1; +} + +static int +parse_pbes2(LIBSSH2_SESSION *session, pkcs5params *pkcs5, + pkcs5algo *algo, asn1Element *param) +{ + asn1Element keyDerivationFunc; + asn1Element encryptionScheme; + char *cp; + + if(!param || *param->header != (ASN1_SEQ | ASN1_CONSTRUCTED)) + return -1; + cp = getASN1Element(&keyDerivationFunc, param->beg, param->end); + if(!cp || *keyDerivationFunc.header != (ASN1_SEQ | ASN1_CONSTRUCTED)) + return -1; + if(getASN1Element(&encryptionScheme, cp, param->end) != param->end || + *encryptionScheme.header != (ASN1_SEQ | ASN1_CONSTRUCTED)) + return -1; + if(parse_pkcs5_algorithm(session, pkcs5, &encryptionScheme, pbes2enctable)) + return -1; + if(parse_pkcs5_algorithm(session, pkcs5, &keyDerivationFunc, pbkdf2table)) + return -1; + return 0; +} + +static int +parse_pbkdf2(LIBSSH2_SESSION *session, pkcs5params *pkcs5, + pkcs5algo *algo, asn1Element *param) +{ + asn1Element salt; + asn1Element iterationCount; + asn1Element keyLength; + asn1Element prf; + unsigned long itercount; + char *cp; + + if(!param || *param->header != (ASN1_SEQ | ASN1_CONSTRUCTED)) + return -1; + cp = getASN1Element(&salt, param->beg, param->end); + /* otherSource not supported. */ + if(!cp || *salt.header != ASN1_OCTET_STRING) + return -1; + cp = getASN1Element(&iterationCount, cp, param->end); + if(!cp || *iterationCount.header != ASN1_INTEGER) + return -1; + keyLength.header = prf.header = NULL; + if(cp < param->end) { + cp = getASN1Element(&prf, cp, param->end); + if(!cp) + return -1; + if(*prf.header == ASN1_INTEGER) { + keyLength = prf; + prf.header = NULL; + if(cp < param->end) + cp = getASN1Element(&prf, cp, param->end); + } + if(cp != param->end) + return -1; + } + pkcs5->hash = algo->hash; + pkcs5->hashlen = algo->hashlen; + if(prf.header) { + if(*prf.header != (ASN1_SEQ | ASN1_CONSTRUCTED)) + return -1; + if(parse_pkcs5_algorithm(session, pkcs5, &prf, kdf2prftable)) + return -1; + } + pkcs5->saltlen = salt.end - salt.beg; + pkcs5->salt = salt.beg; + if(asn1getword(&iterationCount, &itercount) || + !itercount || itercount > 100000) + return -1; + pkcs5->itercount = itercount; + pkcs5->kdf = pbkdf2; + return 0; +} + +static int +parse_hmacWithSHA1(LIBSSH2_SESSION *session, pkcs5params *pkcs5, + pkcs5algo *algo, asn1Element *param) +{ + if(!param || *param->header != ASN1_NULL) + return -1; + pkcs5->hash = algo->hash; + pkcs5->hashlen = algo->hashlen; + return 0; +} + +static int +parse_iv(LIBSSH2_SESSION *session, pkcs5params *pkcs5, + pkcs5algo *algo, asn1Element *param) +{ + if(!param || *param->header != ASN1_OCTET_STRING || + param->end - param->beg != algo->ivlen) + return -1; + pkcs5->cipher = algo->cipher; + pkcs5->blocksize = algo->blocksize; + pkcs5->mode = algo->mode; + pkcs5->padopt = algo->padopt; + pkcs5->padchar = algo->padchar; + pkcs5->dklen = algo->keylen; + pkcs5->ivlen = algo->ivlen; + pkcs5->iv = param->beg; + return 0; +} + +static int +parse_rc2(LIBSSH2_SESSION *session, pkcs5params *pkcs5, + pkcs5algo *algo, asn1Element *param) +{ + asn1Element iv; + unsigned long effkeysize; + char *cp; + + if(!param || *param->header != (ASN1_SEQ | ASN1_CONSTRUCTED)) + return -1; + cp = getASN1Element(&iv, param->beg, param->end); + if(!cp) + return -1; + effkeysize = algo->effkeysize; + if(*iv.header == ASN1_INTEGER) { + if(asn1getword(&iv, &effkeysize) || effkeysize > 1024) + return -1; + + cp = getASN1Element(&iv, cp, param->end); + if(effkeysize < 256) + switch(effkeysize) { + case 160: + effkeysize = 40; + case 120: + effkeysize = 64; + case 58: + effkeysize = 128; + break; + default: + return -1; + } + } + if(effkeysize > 1024 || cp != param->end || + *iv.header != ASN1_OCTET_STRING || iv.end - iv.beg != algo->ivlen) + return -1; + pkcs5->cipher = algo->cipher; + pkcs5->blocksize = algo->blocksize; + pkcs5->mode = algo->mode; + pkcs5->padopt = algo->padopt; + pkcs5->padchar = algo->padchar; + pkcs5->ivlen = algo->ivlen; + pkcs5->iv = iv.beg; + pkcs5->effkeysize = effkeysize; + pkcs5->dklen = (effkeysize + 8 - 1) / 8; + return 0; +} + +static int +parse_pbes1(LIBSSH2_SESSION *session, pkcs5params *pkcs5, + pkcs5algo *algo, asn1Element *param) +{ + asn1Element salt; + asn1Element iterationCount; + unsigned long itercount; + char *cp; + + if(!param || *param->header != (ASN1_SEQ | ASN1_CONSTRUCTED)) + return -1; + + cp = getASN1Element(&salt, param->beg, param->end); + if(!cp || *salt.header != ASN1_OCTET_STRING || + salt.end - salt.beg != algo->saltlen) + return -1; + if(getASN1Element(&iterationCount, cp, param->end) != param->end || + *iterationCount.header != ASN1_INTEGER) + return -1; + if(asn1getword(&iterationCount, &itercount) || + !itercount || itercount > 100000) + return -1; + pkcs5->cipher = algo->cipher; + pkcs5->blocksize = algo->blocksize; + pkcs5->mode = algo->mode; + pkcs5->padopt = algo->padopt; + pkcs5->padchar = algo->padchar; + pkcs5->hash = algo->hash; + pkcs5->hashlen = algo->hashlen; + pkcs5->dklen = 16; + pkcs5->saltlen = algo->saltlen; + pkcs5->effkeysize = algo->effkeysize; + pkcs5->salt = salt.beg; + pkcs5->kdf = pbkdf1; + pkcs5->itercount = itercount; + return 0; +} + +static int +pkcs8kek(LIBSSH2_SESSION *session, _libssh2_os400qc3_crypto_ctx **ctx, + const unsigned char *data, unsigned int datalen, + const unsigned char *passphrase, asn1Element *privkeyinfo) +{ + asn1Element encprivkeyinfo; + asn1Element pkcs5alg; + pkcs5params pkcs5; + size_t pplen; + char *cp; + unsigned long t; + int i; + char *dk = NULL; + Qc3_Format_ALGD0200_T algd; + Qus_EC_t errcode; + + /* Determine if the PKCS#8 data is encrypted and, if so, set-up a + key encryption key and algorithm in context. + Return 1 if encrypted, 0, if not, -1 if error. */ + + *ctx = NULL; + privkeyinfo->beg = (char *) data; + privkeyinfo->end = privkeyinfo->beg + datalen; + + /* If no passphrase is given, it cannot be an encrypted key. */ + if(!passphrase || !*passphrase) + return 0; + + /* Parse PKCS#8 data, checking if ASN.1 format is PrivateKeyInfo or + EncryptedPrivateKeyInfo. */ + if(getASN1Element(&encprivkeyinfo, privkeyinfo->beg, privkeyinfo->end) != + (char *) data + datalen || + *encprivkeyinfo.header != (ASN1_SEQ | ASN1_CONSTRUCTED)) + return -1; + cp = getASN1Element(&pkcs5alg, encprivkeyinfo.beg, encprivkeyinfo.end); + if(!cp) + return -1; + + switch(*pkcs5alg.header) { + case ASN1_INTEGER: /* Version. */ + return 0; /* This is a PrivateKeyInfo --> not encrypted. */ + case ASN1_SEQ | ASN1_CONSTRUCTED: /* AlgorithIdentifier. */ + break; /* This is an EncryptedPrivateKeyInfo --> encrypted. */ + default: + return -1; /* Unrecognized: error. */ + } + + /* Get the encrypted key data. */ + if(getASN1Element(privkeyinfo, cp, encprivkeyinfo.end) != + encprivkeyinfo.end || *privkeyinfo->header != ASN1_OCTET_STRING) + return -1; + + /* PKCS#5: parse the PBES AlgorithmIdentifier and recursively get all + encryption parameters. */ + memset((char *) &pkcs5, 0, sizeof(pkcs5)); + if(parse_pkcs5_algorithm(session, &pkcs5, &pkcs5alg, pbestable)) + return -1; + + /* Compute the derived key. */ + if((*pkcs5.kdf)(session, &dk, passphrase, &pkcs5)) + return -1; + + /* Prepare the algorithm descriptor. */ + memset((char *) &algd, 0, sizeof(algd)); + algd.Block_Cipher_Alg = pkcs5.cipher; + algd.Block_Length = pkcs5.blocksize; + algd.Mode = pkcs5.mode; + algd.Pad_Option = pkcs5.padopt; + algd.Pad_Character = pkcs5.padchar; + algd.Effective_Key_Size = pkcs5.effkeysize; + memcpy(algd.Init_Vector, pkcs5.iv, pkcs5.ivlen); + + /* Create the key and algorithm context tokens. */ + *ctx = libssh2_init_crypto_ctx(NULL); + if(!*ctx) { + LIBSSH2_FREE(session, dk); + return -1; + } + libssh2_init_crypto_ctx(*ctx); + set_EC_length(errcode, sizeof(errcode)); + Qc3CreateKeyContext(dk, &pkcs5.dklen, binstring, &algd.Block_Cipher_Alg, + qc3clear, NULL, NULL, (*ctx)->key.Key_Context_Token, + (char *) &errcode); + LIBSSH2_FREE(session, dk); + if(errcode.Bytes_Available) { + free((char *) *ctx); + *ctx = NULL; + return -1; + } + + Qc3CreateAlgorithmContext((char *) &algd, Qc3_Alg_Block_Cipher, + (*ctx)->hash.Alg_Context_Token, &errcode); + if(errcode.Bytes_Available) { + Qc3DestroyKeyContext((*ctx)->key.Key_Context_Token, (char *) &ecnull); + free((char *) *ctx); + *ctx = NULL; + return -1; + } + return 1; /* Tell it's encrypted. */ +} + +static int +rsapkcs8privkey(LIBSSH2_SESSION *session, + const unsigned char *data, unsigned int datalen, + const unsigned char *passphrase, void *loadkeydata) +{ + libssh2_rsa_ctx *ctx = (libssh2_rsa_ctx *) loadkeydata; + char keyform = Qc3_Clear; + char *kek = NULL; + char *kea = NULL; + _libssh2_os400qc3_crypto_ctx *kekctx; + asn1Element pki; + int pkilen; + Qus_EC_t errcode; + + switch(pkcs8kek(session, &kekctx, data, datalen, passphrase, &pki)) { + case 1: + keyform = Qc3_Encrypted; + kek = kekctx->key.Key_Context_Token; + kea = kekctx->hash.Alg_Context_Token; + case 0: + break; + default: + return -1; + } + + set_EC_length(errcode, sizeof(errcode)); + pkilen = pki.end - pki.beg; + Qc3CreateKeyContext((unsigned char *) pki.beg, &pkilen, berstring, + rsaprivate, &keyform, kek, kea, + ctx->key.Key_Context_Token, (char *) &errcode); + if(errcode.Bytes_Available) { + if(kekctx) + _libssh2_os400qc3_crypto_dtor(kekctx); + return -1; + } + ctx->kek = kekctx; + return 0; +} + +static char * +storewithlength(char *p, const char *data, int length) +{ + _libssh2_htonu32(p, length); + if(length) + memcpy(p + 4, data, length); + return p + 4 + length; +} + +static int +sshrsapubkey(LIBSSH2_SESSION *session, char **sshpubkey, + asn1Element *params, asn1Element *key, const char *method) +{ + int methlen = strlen(method); + asn1Element keyseq; + asn1Element m; + asn1Element e; + int len; + char *cp; + + if(getASN1Element(&keyseq, key->beg + 1, key->end) != key->end || + *keyseq.header != (ASN1_SEQ | ASN1_CONSTRUCTED)) + return -1; + if(!getASN1Element(&m, keyseq.beg, keyseq.end) || + *m.header != ASN1_INTEGER) + return -1; + if(getASN1Element(&e, m.end, keyseq.end) != keyseq.end || + *e.header != ASN1_INTEGER) + return -1; + len = 4 + methlen + 4 + (e.end - e.beg) + 4 + (m.end - m.beg); + cp = LIBSSH2_ALLOC(session, len); + if(!cp) + return -1; + *sshpubkey = cp; + cp = storewithlength(cp, method, methlen); + cp = storewithlength(cp, e.beg, e.end - e.beg); + cp = storewithlength(cp, m.beg, m.end - m.beg); + return len; +} + +static int +rsapkcs8pubkey(LIBSSH2_SESSION *session, + const unsigned char *data, unsigned int datalen, + const unsigned char *passphrase, void *loadkeydata) +{ + loadpubkeydata *p = (loadpubkeydata *) loadkeydata; + char *buf; + int len; + char *cp; + int i; + char keyform = Qc3_Clear; + char *kek = NULL; + char *kea = NULL; + _libssh2_os400qc3_crypto_ctx *kekctx; + asn1Element subjpubkeyinfo; + asn1Element algorithmid; + asn1Element algorithm; + asn1Element subjpubkey; + asn1Element parameters; + asn1Element pki; + int pkilen; + Qus_EC_t errcode; + + buf = alloca(datalen); + if(!buf) + return -1; + + switch(pkcs8kek(session, &kekctx, data, datalen, passphrase, &pki)) { + case 1: + keyform = Qc3_Encrypted; + kek = kekctx->key.Key_Context_Token; + kea = kekctx->hash.Alg_Context_Token; + case 0: + break; + default: + return -1; + } + + set_EC_length(errcode, sizeof(errcode)); + pkilen = pki.end - pki.beg; + Qc3ExtractPublicKey(pki.beg, &pkilen, berstring, &keyform, + kek, kea, buf, (int *) &datalen, &len, &errcode); + _libssh2_os400qc3_crypto_dtor(kekctx); + if(errcode.Bytes_Available) + return -1; + /* Get the algorithm OID and key data from SubjectPublicKeyInfo. */ + if(getASN1Element(&subjpubkeyinfo, buf, buf + len) != buf + len || + *subjpubkeyinfo.header != (ASN1_SEQ | ASN1_CONSTRUCTED)) + return -1; + cp = getASN1Element(&algorithmid, subjpubkeyinfo.beg, subjpubkeyinfo.end); + if(!cp || *algorithmid.header != (ASN1_SEQ | ASN1_CONSTRUCTED)) + return -1; + if(!getASN1Element(&algorithm, algorithmid.beg, algorithmid.end) || + *algorithm.header != ASN1_OBJ_ID) + return -1; + if(getASN1Element(&subjpubkey, cp, subjpubkeyinfo.end) != + subjpubkeyinfo.end || *subjpubkey.header != ASN1_BIT_STRING) + return -1; + /* Check for supported algorithm. */ + for(i = 0; pka[i].oid; i++) + if(!oidcmp(&algorithm, pka[i].oid)) { + len = (*pka[i].sshpubkey)(session, &p->data, &algorithmid, + &subjpubkey, pka[i].method); + if(len < 0) + return -1; + p->length = len; + p->method = pka[i].method; + return 0; + } + return -1; /* Algorithm not supported. */ +} + +static int +pkcs1topkcs8(LIBSSH2_SESSION *session, + const unsigned char **data8, unsigned int *datalen8, + const unsigned char *data1, unsigned int datalen1) +{ + asn1Element *prvk; + asn1Element *pkcs8; + unsigned char *data; + + *data8 = NULL; + *datalen8 = 0; + if(datalen1 < 2) + return -1; + prvk = asn1_new_from_bytes(data1, datalen1); + if(!prvk) + return -1; + pkcs8 = rsaprivatekeyinfo(prvk); + asn1delete(prvk); + if(!prvk) { + asn1delete(pkcs8); + pkcs8 = NULL; + } + if(!pkcs8) + return -1; + data = (unsigned char *) LIBSSH2_ALLOC(session, + pkcs8->end - pkcs8->header); + if(!data) { + asn1delete(pkcs8); + return -1; + } + *data8 = data; + *datalen8 = pkcs8->end - pkcs8->header; + memcpy((char *) data, (char *) pkcs8->header, *datalen8); + asn1delete(pkcs8); + return 0; +} + +static int +rsapkcs1privkey(LIBSSH2_SESSION *session, + const unsigned char *data, unsigned int datalen, + const unsigned char *passphrase, void *loadkeydata) +{ + const unsigned char *data8; + unsigned int datalen8; + int ret; + + if(pkcs1topkcs8(session, &data8, &datalen8, data, datalen)) + return -1; + ret = rsapkcs8privkey(session, data8, datalen8, passphrase, loadkeydata); + LIBSSH2_FREE(session, (char *) data8); + return ret; +} + +static int +rsapkcs1pubkey(LIBSSH2_SESSION *session, + const unsigned char *data, unsigned int datalen, + const unsigned char *passphrase, void *loadkeydata) +{ + const unsigned char *data8; + unsigned int datalen8; + int ret; + + if(pkcs1topkcs8(session, &data8, &datalen8, data, datalen)) + return -1; + ret = rsapkcs8pubkey(session, data8, datalen8, passphrase, loadkeydata); + LIBSSH2_FREE(session, (char *) data8); + return ret; +} + +static int +try_pem_load(LIBSSH2_SESSION *session, FILE *fp, + const unsigned char *passphrase, + const char *header, const char *trailer, + loadkeyproc proc, void *loadkeydata) +{ + unsigned char *data = NULL; + size_t datalen = 0; + int c; + int ret; + + fseek(fp, 0L, SEEK_SET); + for(;;) { + ret = _libssh2_pem_parse(session, header, trailer, + passphrase, + fp, &data, &datalen); + + if(!ret) { + ret = (*proc)(session, data, datalen, passphrase, loadkeydata); + if(!ret) + return 0; + } + + if(data) { + LIBSSH2_FREE(session, data); + data = NULL; + } + c = getc(fp); + + if(c == EOF) + break; + + ungetc(c, fp); + } + + return -1; +} + +static int +load_rsa_private_file(LIBSSH2_SESSION *session, const char *filename, + unsigned const char *passphrase, + loadkeyproc proc1, loadkeyproc proc8, void *loadkeydata) +{ + FILE *fp = fopen(filename, fopenrmode); + unsigned char *data = NULL; + size_t datalen = 0; + int ret; + long filesize; + + if(!fp) + return -1; + + /* Try with "ENCRYPTED PRIVATE KEY" PEM armor. + --> PKCS#8 EncryptedPrivateKeyInfo */ + ret = try_pem_load(session, fp, passphrase, beginencprivkeyhdr, + endencprivkeyhdr, proc8, loadkeydata); + + /* Try with "PRIVATE KEY" PEM armor. + --> PKCS#8 PrivateKeyInfo or EncryptedPrivateKeyInfo */ + if(ret) + ret = try_pem_load(session, fp, passphrase, beginprivkeyhdr, + endprivkeyhdr, proc8, loadkeydata); + + /* Try with "RSA PRIVATE KEY" PEM armor. + --> PKCS#1 RSAPrivateKey */ + if(ret) + ret = try_pem_load(session, fp, passphrase, beginrsaprivkeyhdr, + endrsaprivkeyhdr, proc1, loadkeydata); + fclose(fp); + + if(ret) { + /* Try DER encoding. */ + fp = fopen(filename, fopenrbmode); + fseek(fp, 0L, SEEK_END); + filesize = ftell(fp); + + if(filesize <= 32768) { /* Limit to a reasonable size. */ + datalen = filesize; + data = (unsigned char *) alloca(datalen); + if(data) { + fseek(fp, 0L, SEEK_SET); + fread(data, datalen, 1, fp); + + /* Try as PKCS#8 DER data. + --> PKCS#8 PrivateKeyInfo or EncryptedPrivateKeyInfo */ + ret = (*proc8)(session, data, datalen, passphrase, + loadkeydata); + + /* Try as PKCS#1 DER data. + --> PKCS#1 RSAPrivateKey */ + if(ret) + ret = (*proc1)(session, data, datalen, passphrase, + loadkeydata); + } + } + fclose(fp); + } + + return ret; +} + +int +_libssh2_rsa_new_private(libssh2_rsa_ctx **rsa, LIBSSH2_SESSION *session, + const char *filename, unsigned const char *passphrase) +{ + libssh2_rsa_ctx *ctx = libssh2_init_crypto_ctx(NULL); + int ret; + + if(!ctx) + return -1; + ret = load_rsa_private_file(session, filename, passphrase, + rsapkcs1privkey, rsapkcs8privkey, + (void *) ctx); + if(ret) { + _libssh2_os400qc3_crypto_dtor(ctx); + ctx = NULL; + } + *rsa = ctx; + return ret; +} + +int +_libssh2_pub_priv_keyfile(LIBSSH2_SESSION *session, + unsigned char **method, size_t *method_len, + unsigned char **pubkeydata, size_t *pubkeydata_len, + const char *privatekey, const char *passphrase) +{ + loadpubkeydata p; + int ret; + + *method = NULL; + *method_len = 0; + *pubkeydata = NULL; + *pubkeydata_len = 0; + + ret = load_rsa_private_file(session, privatekey, passphrase, + rsapkcs1pubkey, rsapkcs8pubkey, (void *) &p); + if(!ret) { + *method_len = strlen(p.method); + *method = LIBSSH2_ALLOC(session, *method_len); + if(*method) + memcpy((char *) *method, p.method, *method_len); + else + ret = -1; + } + + if(ret) { + if(*method) + LIBSSH2_FREE(session, *method); + if(p.data) + LIBSSH2_FREE(session, (void *) p.data); + *method = NULL; + *method_len = 0; + } + else { + *pubkeydata = (unsigned char *) p.data; + *pubkeydata_len = p.length; + } + + return ret; +} + +int +_libssh2_rsa_new_private_frommemory(libssh2_rsa_ctx **rsa, + LIBSSH2_SESSION *session, + const char *filedata, + size_t filedata_len, + unsigned const char *passphrase) +{ + libssh2_rsa_ctx *ctx = libssh2_init_crypto_ctx(NULL); + unsigned char *data = NULL; + size_t datalen = 0; + int ret; + + if(!ctx) + return -1; + + /* Try with "ENCRYPTED PRIVATE KEY" PEM armor. + --> PKCS#8 EncryptedPrivateKeyInfo */ + ret = _libssh2_pem_parse_memory(session, + beginencprivkeyhdr, endencprivkeyhdr, + filedata, filedata_len, &data, &datalen); + + /* Try with "PRIVATE KEY" PEM armor. + --> PKCS#8 PrivateKeyInfo or EncryptedPrivateKeyInfo */ + if(ret) + ret = _libssh2_pem_parse_memory(session, + beginprivkeyhdr, endprivkeyhdr, + filedata, filedata_len, + &data, &datalen); + + if(!ret) { + /* Process PKCS#8. */ + ret = rsapkcs8privkey(session, + data, datalen, passphrase, (void *) &ctx); + } + else { + /* Try with "RSA PRIVATE KEY" PEM armor. + --> PKCS#1 RSAPrivateKey */ + ret = _libssh2_pem_parse_memory(session, + beginrsaprivkeyhdr, endrsaprivkeyhdr, + filedata, filedata_len, + &data, &datalen); + if(!ret) + ret = rsapkcs1privkey(session, + data, datalen, passphrase, (void *) &ctx); + } + + if(ret) { + /* Try as PKCS#8 DER data. + --> PKCS#8 PrivateKeyInfo or EncryptedPrivateKeyInfo */ + ret = rsapkcs8privkey(session, filedata, filedata_len, + passphrase, (void *) &ctx); + + /* Try as PKCS#1 DER data. + --> PKCS#1 RSAPrivateKey */ + if(ret) + ret = rsapkcs1privkey(session, filedata, filedata_len, + passphrase, (void *) &ctx); + } + + if(data) + LIBSSH2_FREE(session, data); + + if(ret) { + _libssh2_os400qc3_crypto_dtor(ctx); + ctx = NULL; + } + + *rsa = ctx; + return ret; +} + +int +_libssh2_pub_priv_keyfilememory(LIBSSH2_SESSION *session, + unsigned char **method, size_t *method_len, + unsigned char **pubkeydata, + size_t *pubkeydata_len, + const char *privatekeydata, + size_t privatekeydata_len, + const char *passphrase) +{ + loadpubkeydata p; + unsigned char *data = NULL; + size_t datalen = 0; + const char *meth; + int ret; + + *method = NULL; + *method_len = 0; + *pubkeydata = NULL; + *pubkeydata_len = 0; + + /* Try with "ENCRYPTED PRIVATE KEY" PEM armor. + --> PKCS#8 EncryptedPrivateKeyInfo */ + ret = _libssh2_pem_parse_memory(session, + beginencprivkeyhdr, endencprivkeyhdr, + privatekeydata, privatekeydata_len, + &data, &datalen); + + /* Try with "PRIVATE KEY" PEM armor. + --> PKCS#8 PrivateKeyInfo or EncryptedPrivateKeyInfo */ + if(ret) + ret = _libssh2_pem_parse_memory(session, + beginprivkeyhdr, endprivkeyhdr, + privatekeydata, privatekeydata_len, + &data, &datalen); + + if(!ret) { + /* Process PKCS#8. */ + ret = rsapkcs8pubkey(session, + data, datalen, passphrase, (void *) &p); + } + else { + /* Try with "RSA PRIVATE KEY" PEM armor. + --> PKCS#1 RSAPrivateKey */ + ret = _libssh2_pem_parse_memory(session, + beginrsaprivkeyhdr, endrsaprivkeyhdr, + privatekeydata, privatekeydata_len, + &data, &datalen); + if(!ret) + ret = rsapkcs1pubkey(session, + data, datalen, passphrase, (void *) &p); + } + + if(ret) { + /* Try as PKCS#8 DER data. + --> PKCS#8 PrivateKeyInfo or EncryptedPrivateKeyInfo */ + ret = rsapkcs8pubkey(session, privatekeydata, privatekeydata_len, + passphrase, (void *) &p); + + /* Try as PKCS#1 DER data. + --> PKCS#1 RSAPrivateKey */ + if(ret) + ret = rsapkcs1pubkey(session, privatekeydata, privatekeydata_len, + passphrase, (void *) &p); + } + + if(data) + LIBSSH2_FREE(session, data); + + if(!ret) { + *method_len = strlen(p.method); + *method = LIBSSH2_ALLOC(session, *method_len); + if(*method) + memcpy((char *) *method, p.method, *method_len); + else + ret = -1; + } + if(ret) { + if(*method) + LIBSSH2_FREE(session, *method); + if(p.data) + LIBSSH2_FREE(session, (void *) p.data); + *method = NULL; + *method_len = 0; + } + else { + *pubkeydata = (unsigned char *) p.data; + *pubkeydata_len = p.length; + } + + return ret; +} + +int +_libssh2_sk_pub_keyfilememory(LIBSSH2_SESSION *session, + unsigned char **method, + size_t *method_len, + unsigned char **pubkeydata, + size_t *pubkeydata_len, + int *algorithm, + unsigned char *flags, + const char **application, + const unsigned char **key_handle, + size_t *handle_len, + const char *privatekeydata, + size_t privatekeydata_len, + const char *passphrase) +{ + return _libssh2_error(session, LIBSSH2_ERROR_FILE, + "Unable to extract public SK key from private key file: " + "Method unimplemented in OS/400 QC3 backend"); +} + +int +_libssh2_rsa_sha2_verify(libssh2_rsa_ctx *rsa, size_t hash_len, + const unsigned char *sig, size_t sig_len, + const unsigned char *m, size_t m_len) +{ + Qus_EC_t errcode; + Qc3_Format_ALGD0400_T algd; + int slen = (int)sig_len; + int mlen = (int)m_len; + + memset(&algd, 0, sizeof(algd)); + algd.Public_Key_Alg = Qc3_RSA; + algd.PKA_Block_Format = Qc3_PKCS1_01; + switch(hash_len) { + case SHA_DIGEST_LENGTH: + algd.Signing_Hash_Alg = Qc3_SHA1; + break; + case SHA256_DIGEST_LENGTH: + algd.Signing_Hash_Alg = Qc3_SHA256; + break; + case SHA512_DIGEST_LENGTH: + algd.Signing_Hash_Alg = Qc3_SHA512; + break; + default: + return -1; + } + + set_EC_length(errcode, sizeof(errcode)); + Qc3VerifySignature((char *) sig, &slen, (char *) m, &mlen, Qc3_Data, + (char *) &algd, Qc3_Alg_Public_Key, + (char *) &rsa->key, Qc3_Key_Token, anycsp, + NULL, (char *) &errcode); + return errcode.Bytes_Available? -1: 0; +} + +int +_libssh2_rsa_sha1_verify(libssh2_rsa_ctx *rsa, + const unsigned char *sig, size_t sig_len, + const unsigned char *m, size_t m_len) +{ + return _libssh2_rsa_sha2_verify(rsa, SHA_DIGEST_LENGTH, + sig, sig_len, m, m_len); +} + +int +_libssh2_os400qc3_rsa_signv(LIBSSH2_SESSION *session, + int algo, + unsigned char **signature, + size_t *signature_len, + int veccount, + const struct iovec vector[], + libssh2_rsa_ctx *ctx) +{ + Qus_EC_t errcode; + Qc3_Format_ALGD0400_T algd; + int siglen; + unsigned char *sig; + char sigbuf[8192]; + int sigbufsize = sizeof(sigbuf); + + algd.Public_Key_Alg = Qc3_RSA; + algd.PKA_Block_Format = Qc3_PKCS1_01; + memset(algd.Reserved, 0, sizeof(algd.Reserved)); + algd.Signing_Hash_Alg = algo; + set_EC_length(errcode, sizeof(errcode)); + Qc3CalculateSignature((char *) vector, &veccount, Qc3_Array, + (char *) &algd, Qc3_Alg_Public_Key, + (char *) &ctx->key, Qc3_Key_Token, + anycsp, NULL, sigbuf, &sigbufsize, &siglen, + (char *) &errcode); + if(errcode.Bytes_Available) + return -1; + sig = LIBSSH2_ALLOC(session, siglen); + if(!sig) + return -1; + memcpy((char *) sig, sigbuf, siglen); + *signature = sig; + *signature_len = siglen; + return 0; +} + +/* _libssh2_supported_key_sign_algorithms + * + * Return supported key hash algo upgrades, see crypto.h + * + */ + +const char * +_libssh2_supported_key_sign_algorithms(LIBSSH2_SESSION *session, + unsigned char *key_method, + size_t key_method_len) +{ + (void)session; + + if(key_method_len == 7 && + memcmp(key_method, "ssh-rsa", key_method_len) == 0) { + return "rsa-sha2-512,rsa-sha2-256,ssh-rsa"; + } + + return NULL; +} + +#endif /* LIBSSH2_CRYPTO_C */ + +/* vim: set expandtab ts=4 sw=4: */ diff --git a/libssh2/src/os400qc3.h b/libssh2/src/os400qc3.h new file mode 100644 index 000000000..5d1ba48a0 --- /dev/null +++ b/libssh2/src/os400qc3.h @@ -0,0 +1,420 @@ +#ifndef __LIBSSH2_OS400QC3_H +#define __LIBSSH2_OS400QC3_H +/* + * Copyright (C) 2015-2016 Patrick Monnerat, D+H + * Copyright (C) 2020-2023 Patrick Monnerat . + * All rights reserved. + * + * Redistribution and use in source and binary forms, + * with or without modification, are permitted provided + * that the following conditions are met: + * + * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * + * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * Neither the name of the copyright holder nor the names + * of any other contributors may be used to endorse or + * promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND + * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE + * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY + * OF SUCH DAMAGE. + */ + +#define LIBSSH2_CRYPTO_ENGINE libssh2_os400qc3 + +#include +#include + +#include + + +/* Redefine character/string literals as always EBCDIC. */ +#undef Qc3_Alg_Token +#define Qc3_Alg_Token "\xC1\xD3\xC7\xC4\xF0\xF1\xF0\xF0" /* ALGD0100 */ +#undef Qc3_Alg_Block_Cipher +#define Qc3_Alg_Block_Cipher "\xC1\xD3\xC7\xC4\xF0\xF2\xF0\xF0" /* ALGD0200 */ +#undef Qc3_Alg_Block_CipherAuth +#define Qc3_Alg_Block_CipherAuth \ + "\xC1\xD3\xC7\xC4\xF0\xF2\xF1\xF0" /* ALGD0210 */ +#undef Qc3_Alg_Stream_Cipher +#define Qc3_Alg_Stream_Cipher \ + "\xC1\xD3\xC7\xC4\xF0\xF3\xF0\xF0" /* ALGD0300 */ +#undef Qc3_Alg_Public_Key +#define Qc3_Alg_Public_Key "\xC1\xD3\xC7\xC4\xF0\xF4\xF0\xF0" /* ALGD0400 */ +#undef Qc3_Alg_Hash +#define Qc3_Alg_Hash "\xC1\xD3\xC7\xC4\xF0\xF5\xF0\xF0" /* ALGD0500 */ +#undef Qc3_Data +#define Qc3_Data "\xC4\xC1\xE3\xC1\xF0\xF1\xF0\xF0" /* DATA0100 */ +#undef Qc3_Array +#define Qc3_Array "\xC4\xC1\xE3\xC1\xF0\xF2\xF0\xF0" /* DATA0200 */ +#undef Qc3_Key_Token +#define Qc3_Key_Token "\xD2\xC5\xE8\xC4\xF0\xF1\xF0\xF0" /* KEYD0100 */ +#undef Qc3_Key_Parms +#define Qc3_Key_Parms "\xD2\xC5\xE8\xC4\xF0\xF2\xF0\xF0" /* KEYD0200 */ +#undef Qc3_Key_KSLabel +#define Qc3_Key_KSLabel "\xD2\xC5\xE8\xC4\xF0\xF4\xF0\xF0" /* KEYD0400 */ +#undef Qc3_Key_PKCS5 +#define Qc3_Key_PKCS5 "\xD2\xC5\xE8\xC4\xF0\xF5\xF0\xF0" /* KEYD0500 */ +#undef Qc3_Key_PEMCert +#define Qc3_Key_PEMCert "\xD2\xC5\xE8\xC4\xF0\xF6\xF0\xF0" /* KEYD0600 */ +#undef Qc3_Key_CSLabel +#define Qc3_Key_CSLabel "\xD2\xC5\xE8\xC4\xF0\xF7\xF0\xF0" /* KEYD0700 */ +#undef Qc3_Key_CSDN +#define Qc3_Key_CSDN "\xD2\xC5\xE8\xC4\xF0\xF8\xF0\xF0" /* KEYD0800 */ +#undef Qc3_Key_AppID +#define Qc3_Key_AppID "\xD2\xC5\xE8\xC4\xF0\xF9\xF0\xF0" /* KEYD0900 */ + +#undef Qc3_ECB +#define Qc3_ECB '\xF0' /* '0' */ +#undef Qc3_CBC +#define Qc3_CBC '\xF1' /* '1' */ +#undef Qc3_OFB +#define Qc3_OFB '\xF2' /* '2' */ +#undef Qc3_CFB1Bit +#define Qc3_CFB1Bit '\xF3' /* '3' */ +#undef Qc3_CFB8Bit +#define Qc3_CFB8Bit '\xF4' /* '4' */ +#undef Qc3_CFB64Bit +#define Qc3_CFB64Bit '\xF5' /* '5' */ +#undef Qc3_CUSP +#define Qc3_CUSP '\xF6' /* '6' */ +#undef Qc3_CTR +#define Qc3_CTR '\xF7' /* '7' */ +#undef Qc3_CCM +#define Qc3_CCM '\xF8' /* '8' */ +#undef Qc3_No_Pad +#define Qc3_No_Pad '\xF0' /* '0' */ +#undef Qc3_Pad_Char +#define Qc3_Pad_Char '\xF1' /* '1' */ +#undef Qc3_Pad_Counter +#define Qc3_Pad_Counter '\xF2' /* '2' */ +#undef Qc3_PKCS1_00 +#define Qc3_PKCS1_00 '\xF0' /* '0' */ +#undef Qc3_PKCS1_01 +#define Qc3_PKCS1_01 '\xF1' /* '1' */ +#undef Qc3_PKCS1_02 +#define Qc3_PKCS1_02 '\xF2' /* '2' */ +#undef Qc3_ISO9796 +#define Qc3_ISO9796 '\xF3' /* '3' */ +#undef Qc3_Zero_Pad +#define Qc3_Zero_Pad '\xF4' /* '4' */ +#undef Qc3_ANSI_X931 +#define Qc3_ANSI_X931 '\xF5' /* '5' */ +#undef Qc3_OAEP +#define Qc3_OAEP '\xF6' /* '6' */ +#undef Qc3_Bin_String +#define Qc3_Bin_String '\xF0' /* '0' */ +#undef Qc3_BER_String +#define Qc3_BER_String '\xF1' /* '1' */ +#undef Qc3_MK_Struct +#define Qc3_MK_Struct '\xF3' /* '3' */ +#undef Qc3_KSLabel_Struct +#define Qc3_KSLabel_Struct '\xF4' /* '4' */ +#undef Qc3_PKCS5_Struct +#define Qc3_PKCS5_Struct '\xF5' /* '5' */ +#undef Qc3_PEMCert_String +#define Qc3_PEMCert_String '\xF6' /* '6' */ +#undef Qc3_CSLabel_String +#define Qc3_CSLabel_String '\xF7' /* '7' */ +#undef Qc3_CSDN_String +#define Qc3_CSDN_String '\xF8' /* '8' */ +#undef Qc3_Clear +#define Qc3_Clear '\xF0' /* '0' */ +#undef Qc3_Encrypted +#define Qc3_Encrypted '\xF1' /* '1' */ +#undef Qc3_MK_Encrypted +#define Qc3_MK_Encrypted '\xF2' /* '2' */ +#undef Qc3_Any_CSP +#define Qc3_Any_CSP '\xF0' /* '0' */ +#undef Qc3_Sfw_CSP +#define Qc3_Sfw_CSP '\xF1' /* '1' */ +#undef Qc3_Hdw_CSP +#define Qc3_Hdw_CSP '\xF2' /* '2' */ +#undef Qc3_Continue +#define Qc3_Continue '\xF0' /* '0' */ +#undef Qc3_Final +#define Qc3_Final '\xF1' /* '1' */ +#undef Qc3_MK_New +#define Qc3_MK_New '\xF0' /* '0' */ +#undef Qc3_MK_Current +#define Qc3_MK_Current '\xF1' /* '1' */ +#undef Qc3_MK_Old +#define Qc3_MK_Old '\xF2' /* '2' */ +#undef Qc3_MK_Pending +#define Qc3_MK_Pending '\xF3' /* '3' */ + + +/* Define which features are supported. */ +#define LIBSSH2_MD5 1 +#define LIBSSH2_HMAC_RIPEMD 0 +#define LIBSSH2_HMAC_SHA256 1 +#define LIBSSH2_HMAC_SHA512 1 + +#define LIBSSH2_AES_CBC 1 +#define LIBSSH2_AES_CTR 1 +#define LIBSSH2_AES_GCM 0 +#define LIBSSH2_BLOWFISH 0 +#define LIBSSH2_RC4 1 +#define LIBSSH2_CAST 0 +#define LIBSSH2_3DES 1 + +#define LIBSSH2_RSA 1 +#define LIBSSH2_RSA_SHA1 1 +#define LIBSSH2_RSA_SHA2 1 +#define LIBSSH2_DSA 0 +#define LIBSSH2_ECDSA 0 +#define LIBSSH2_ED25519 0 + +#define MD5_DIGEST_LENGTH 16 +#define SHA_DIGEST_LENGTH 20 +#define SHA256_DIGEST_LENGTH 32 +#define SHA384_DIGEST_LENGTH 48 +#define SHA512_DIGEST_LENGTH 64 + +#define EC_MAX_POINT_LEN ((528 * 2 / 8) + 1) + +#if LIBSSH2_ECDSA +#else +#define _libssh2_ec_key void +#endif + +/******************************************************************* + * + * OS/400 QC3 crypto-library backend: global handles structures. + * + *******************************************************************/ + +/* HMAC & private key algorithms support structure. */ +typedef struct _libssh2_os400qc3_crypto_ctx _libssh2_os400qc3_crypto_ctx; +struct _libssh2_os400qc3_crypto_ctx { + Qc3_Format_ALGD0100_T hash; /* Hash algorithm. */ + Qc3_Format_KEYD0100_T key; /* Key. */ + _libssh2_os400qc3_crypto_ctx * kek; /* Key encryption. */ +}; + +typedef struct { /* Big number. */ + unsigned char * bignum; /* Number bits, little-endian. */ + unsigned int length; /* Length of bignum (# bytes). */ +} _libssh2_bn; + +typedef struct { /* Algorithm description. */ + char * fmt; /* Format of Qc3 structure. */ + int algo; /* Algorithm identifier. */ + unsigned char size; /* Block length. */ + unsigned char mode; /* Block mode. */ + int keylen; /* Key length. */ +} _libssh2_os400qc3_cipher_t; + +typedef struct { /* Diffie-Hellman context. */ + char token[8]; /* Context token. */ +} _libssh2_os400qc3_dh_ctx; + +/******************************************************************* + * + * OS/400 QC3 crypto-library backend: Define global types/codes. + * + *******************************************************************/ + +#define libssh2_crypto_init() +#define libssh2_crypto_exit() + +#define libssh2_sha1_ctx Qc3_Format_ALGD0100_T +#define libssh2_sha256_ctx Qc3_Format_ALGD0100_T +#define libssh2_sha384_ctx Qc3_Format_ALGD0100_T +#define libssh2_sha512_ctx Qc3_Format_ALGD0100_T +#define libssh2_md5_ctx Qc3_Format_ALGD0100_T +#define libssh2_hmac_ctx _libssh2_os400qc3_crypto_ctx +#define _libssh2_cipher_ctx _libssh2_os400qc3_crypto_ctx + +#define libssh2_sha1_init(x) libssh2_os400qc3_hash_init(x, Qc3_SHA1) +#define libssh2_sha1_update(ctx, data, len) \ + libssh2_os400qc3_hash_update(&(ctx), data, len) +#define libssh2_sha1_final(ctx, out) \ + libssh2_os400qc3_hash_final(&(ctx), out) +#define libssh2_sha256_init(x) libssh2_os400qc3_hash_init(x, Qc3_SHA256) +#define libssh2_sha256_update(ctx, data, len) \ + libssh2_os400qc3_hash_update(&(ctx), data, len) +#define libssh2_sha256_final(ctx, out) \ + libssh2_os400qc3_hash_final(&(ctx), out) +#define libssh2_sha256(message, len, out) \ + libssh2_os400qc3_hash(message, len, out, \ + Qc3_SHA256) +#define libssh2_sha384_init(x) libssh2_os400qc3_hash_init(x, Qc3_SHA384) +#define libssh2_sha384_update(ctx, data, len) \ + libssh2_os400qc3_hash_update(&(ctx), data, len) +#define libssh2_sha384_final(ctx, out) \ + libssh2_os400qc3_hash_final(&(ctx), out) +#define libssh2_sha384(message, len, out) \ + libssh2_os400qc3_hash(message, len, out, \ + Qc3_SHA384) +#define libssh2_sha512_init(x) libssh2_os400qc3_hash_init(x, Qc3_SHA512) +#define libssh2_sha512_update(ctx, data, len) \ + libssh2_os400qc3_hash_update(&(ctx), data, len) +#define libssh2_sha512_final(ctx, out) \ + libssh2_os400qc3_hash_final(&(ctx), out) +#define libssh2_sha512(message, len, out) \ + libssh2_os400qc3_hash(message, len, out, \ + Qc3_SHA512) +#define libssh2_md5_init(x) libssh2_os400qc3_hash_init(x, Qc3_MD5) +#define libssh2_md5_update(ctx, data, len) \ + libssh2_os400qc3_hash_update(&(ctx), data, len) +#define libssh2_md5_final(ctx, out) \ + libssh2_os400qc3_hash_final(&(ctx), out) +#define libssh2_hmac_ctx_init(ctx) \ + memset((char *) &(ctx), 0, \ + sizeof(libssh2_hmac_ctx)) +#define libssh2_hmac_md5_init(ctx, key, keylen) \ + libssh2_os400qc3_hmac_init(ctx, Qc3_MD5, \ + MD5_DIGEST_LENGTH, \ + key, keylen) +#define libssh2_hmac_sha1_init(ctx, key, keylen) \ + libssh2_os400qc3_hmac_init(ctx, Qc3_SHA1, \ + SHA_DIGEST_LENGTH, \ + key, keylen) +#define libssh2_hmac_sha256_init(ctx, key, keylen) \ + libssh2_os400qc3_hmac_init(ctx, Qc3_SHA256, \ + SHA256_DIGEST_LENGTH, \ + key, keylen) +#define libssh2_hmac_sha512_init(ctx, key, keylen) \ + libssh2_os400qc3_hmac_init(ctx, Qc3_SHA512, \ + SHA512_DIGEST_LENGTH, \ + key, keylen) +#define libssh2_hmac_update(ctx, data, datalen) \ + libssh2_os400qc3_hmac_update(&(ctx), \ + data, datalen) +#define libssh2_hmac_final(ctx, data) \ + libssh2_os400qc3_hmac_final(&(ctx), data) +#define libssh2_hmac_cleanup(ctx) \ + _libssh2_os400qc3_crypto_dtor(ctx) + + +#define _libssh2_bn_ctx int /* Not used. */ + +#define _libssh2_bn_ctx_new() 0 +#define _libssh2_bn_ctx_free(bnctx) ((void) 0) + +#define _libssh2_bn_init_from_bin() _libssh2_bn_init() +#define _libssh2_bn_bytes(bn) ((bn)->length) + +#define _libssh2_cipher_type(name) _libssh2_os400qc3_cipher_t name +#define _libssh2_cipher_aes128 {Qc3_Alg_Block_Cipher, Qc3_AES, 16, \ + Qc3_CBC, 16} +#define _libssh2_cipher_aes192 {Qc3_Alg_Block_Cipher, Qc3_AES, 16, \ + Qc3_CBC, 24} +#define _libssh2_cipher_aes256 {Qc3_Alg_Block_Cipher, Qc3_AES, 16, \ + Qc3_CBC, 32} +#define _libssh2_cipher_aes128ctr {Qc3_Alg_Block_Cipher, Qc3_AES, 16, \ + Qc3_CTR, 16} +#define _libssh2_cipher_aes192ctr {Qc3_Alg_Block_Cipher, Qc3_AES, 16, \ + Qc3_CTR, 24} +#define _libssh2_cipher_aes256ctr {Qc3_Alg_Block_Cipher, Qc3_AES, 16, \ + Qc3_CTR, 32} +#define _libssh2_cipher_3des {Qc3_Alg_Block_Cipher, Qc3_TDES, 8, \ + Qc3_CBC, 24} +#define _libssh2_cipher_arcfour {Qc3_Alg_Stream_Cipher, Qc3_RC4, 8, 0, 16} + +#define _libssh2_cipher_dtor(ctx) _libssh2_os400qc3_crypto_dtor(ctx) + +#define libssh2_rsa_ctx _libssh2_os400qc3_crypto_ctx +#define _libssh2_rsa_free(ctx) (_libssh2_os400qc3_crypto_dtor(ctx), \ + free((char *) ctx)) +#define libssh2_prepare_iovec(vec, len) memset((char *) (vec), 0, \ + (len) * sizeof(struct iovec)) +#define _libssh2_rsa_sha1_signv(session, sig, siglen, count, vector, ctx) \ + _libssh2_os400qc3_rsa_signv(session, Qc3_SHA1, sig, siglen, \ + count, vector, ctx) +#define _libssh2_rsa_sha2_256_signv(session, sig, siglen, cnt, vector, ctx) \ + _libssh2_os400qc3_rsa_signv(session, Qc3_SHA256, sig, siglen, \ + cnt, vector, ctx) +#define _libssh2_rsa_sha2_512_signv(session, sig, siglen, cnt, vector, ctx) \ + _libssh2_os400qc3_rsa_signv(session, Qc3_SHA512, sig, siglen, \ + cnt, vector, ctx) + +/* Default generate and safe prime sizes for diffie-hellman-group-exchange-sha1 + Qc3 is limited to a maximum 2048-bit modulus/key size. */ +#define LIBSSH2_DH_GEX_MINGROUP 1024 +#define LIBSSH2_DH_GEX_OPTGROUP 1536 +#define LIBSSH2_DH_GEX_MAXGROUP 2048 + +#define LIBSSH2_DH_MAX_MODULUS_BITS 2048 + +#define _libssh2_dh_ctx _libssh2_os400qc3_dh_ctx +#define libssh2_dh_init(dhctx) _libssh2_os400qc3_dh_init(dhctx) +#define libssh2_dh_key_pair(dhctx, public, g, p, group_order, bnctx) \ + _libssh2_os400qc3_dh_key_pair(dhctx, public, g, p, group_order) +#define libssh2_dh_secret(dhctx, secret, f, p, bnctx) \ + _libssh2_os400qc3_dh_secret(dhctx, secret, f, p) +#define libssh2_dh_dtor(dhctx) _libssh2_os400qc3_dh_dtor(dhctx) + + +/******************************************************************* + * + * OS/400 QC3 crypto-library backend: Support procedure prototypes. + * + *******************************************************************/ + +extern _libssh2_bn * _libssh2_bn_init(void); +extern void _libssh2_bn_free(_libssh2_bn *bn); +extern unsigned long _libssh2_bn_bits(_libssh2_bn *bn); +extern int _libssh2_bn_from_bin(_libssh2_bn *bn, int len, + const unsigned char *v); +extern int _libssh2_bn_set_word(_libssh2_bn *bn, unsigned long val); +extern int _libssh2_bn_to_bin(_libssh2_bn *bn, unsigned char *val); +extern int _libssh2_random(unsigned char *buf, size_t len); +extern void _libssh2_os400qc3_crypto_dtor(_libssh2_os400qc3_crypto_ctx *x); +extern int libssh2_os400qc3_hash_init(Qc3_Format_ALGD0100_T *x, + unsigned int algo); +extern void libssh2_os400qc3_hash_update(Qc3_Format_ALGD0100_T *ctx, + const unsigned char *data, + int len); +extern void libssh2_os400qc3_hash_final(Qc3_Format_ALGD0100_T *ctx, + unsigned char *out); +extern int libssh2_os400qc3_hash(const unsigned char *message, + unsigned long len, unsigned char *out, + unsigned int algo); +extern void libssh2_os400qc3_hmac_init(_libssh2_os400qc3_crypto_ctx *x, + int algo, size_t minkeylen, + void *key, int keylen); +extern void libssh2_os400qc3_hmac_update(_libssh2_os400qc3_crypto_ctx *ctx, + const unsigned char *data, + int len); +extern void libssh2_os400qc3_hmac_final(_libssh2_os400qc3_crypto_ctx *ctx, + unsigned char *out); +extern int _libssh2_os400qc3_rsa_signv(LIBSSH2_SESSION *session, int algo, + unsigned char **signature, + size_t *signature_len, + int veccount, + const struct iovec vector[], + libssh2_rsa_ctx *ctx); +extern void _libssh2_os400qc3_dh_init(_libssh2_dh_ctx *dhctx); +extern int _libssh2_os400qc3_dh_key_pair(_libssh2_dh_ctx *dhctx, + _libssh2_bn *public, + _libssh2_bn *g, + _libssh2_bn *p, int group_order); +extern int _libssh2_os400qc3_dh_secret(_libssh2_dh_ctx *dhctx, + _libssh2_bn *secret, + _libssh2_bn *f, _libssh2_bn *p); +extern void _libssh2_os400qc3_dh_dtor(_libssh2_dh_ctx *dhctx); + +#endif /* __LIBSSH2_OS400QC3_H */ + +/* vim: set expandtab ts=4 sw=4: */ diff --git a/libssh2/src/packet.c b/libssh2/src/packet.c index 04937d62a..b5b41981a 100644 --- a/libssh2/src/packet.c +++ b/libssh2/src/packet.c @@ -39,28 +39,18 @@ */ #include "libssh2_priv.h" -#include -#include #ifdef HAVE_UNISTD_H #include #endif - -#ifdef HAVE_SYS_TIME_H -#include -#endif - #ifdef HAVE_INTTYPES_H #include #endif - /* Needed for struct iovec on some platforms */ #ifdef HAVE_SYS_UIO_H #include #endif -#include - #include "transport.h" #include "channel.h" #include "packet.h" @@ -72,21 +62,21 @@ */ static inline int packet_queue_listener(LIBSSH2_SESSION * session, unsigned char *data, - unsigned long datalen, + size_t datalen, packet_queue_listener_state_t *listen_state) { /* * Look for a matching listener */ /* 17 = packet_type(1) + channel(4) + reason(4) + descr(4) + lang(4) */ - unsigned long packet_len = 17 + (sizeof(FwdNotReq) - 1); + size_t packet_len = 17 + (sizeof(FwdNotReq) - 1); unsigned char *p; LIBSSH2_LISTENER *listn = _libssh2_list_first(&session->listeners); char failure_code = SSH_OPEN_ADMINISTRATIVELY_PROHIBITED; int rc; if(listen_state->state == libssh2_NB_state_idle) { - unsigned long offset = (sizeof("forwarded-tcpip") - 1) + 5; + size_t offset = (sizeof("forwarded-tcpip") - 1) + 5; size_t temp_len = 0; struct string_buf buf; buf.data = data; @@ -133,10 +123,10 @@ packet_queue_listener(LIBSSH2_SESSION * session, unsigned char *data, "Data too short extracting sport"); } - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "Remote received connection from %s:%ld to %s:%ld", listen_state->shost, listen_state->sport, - listen_state->host, listen_state->port); + listen_state->host, listen_state->port)); listen_state->state = libssh2_NB_state_allocated; } @@ -156,8 +146,8 @@ packet_queue_listener(LIBSSH2_SESSION * session, unsigned char *data, (listn->queue_maxsize <= listn->queue_size)) { /* Queue is full */ failure_code = SSH_OPEN_RESOURCE_SHORTAGE; - _libssh2_debug(session, LIBSSH2_TRACE_CONN, - "Listener queue full, ignoring"); + _libssh2_debug((session, LIBSSH2_TRACE_CONN, + "Listener queue full, ignoring")); listen_state->state = libssh2_NB_state_sent; break; } @@ -206,14 +196,14 @@ packet_queue_listener(LIBSSH2_SESSION * session, unsigned char *data, listen_state->initial_window_size; channel->local.packet_size = listen_state->packet_size; - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "Connection queued: channel %lu/%lu " "win %lu/%lu packet %lu/%lu", channel->local.id, channel->remote.id, channel->local.window_size, channel->remote.window_size, channel->local.packet_size, - channel->remote.packet_size); + channel->remote.packet_size)); p = listen_state->packet; *(p++) = SSH_MSG_CHANNEL_OPEN_CONFIRMATION; @@ -285,19 +275,19 @@ packet_queue_listener(LIBSSH2_SESSION * session, unsigned char *data, */ static inline int packet_x11_open(LIBSSH2_SESSION * session, unsigned char *data, - unsigned long datalen, + size_t datalen, packet_x11_open_state_t *x11open_state) { int failure_code = SSH_OPEN_CONNECT_FAILED; /* 17 = packet_type(1) + channel(4) + reason(4) + descr(4) + lang(4) */ - unsigned long packet_len = 17 + (sizeof(X11FwdUnAvil) - 1); + size_t packet_len = 17 + (sizeof(X11FwdUnAvil) - 1); unsigned char *p; LIBSSH2_CHANNEL *channel = x11open_state->channel; int rc; if(x11open_state->state == libssh2_NB_state_idle) { - unsigned long offset = (sizeof("x11") - 1) + 5; + size_t offset = (sizeof("x11") - 1) + 5; size_t temp_len = 0; struct string_buf buf; buf.data = data; @@ -346,10 +336,10 @@ packet_x11_open(LIBSSH2_SESSION * session, unsigned char *data, goto x11_exit; } - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "X11 Connection Received from %s:%ld on channel %lu", x11open_state->shost, x11open_state->sport, - x11open_state->sender_channel); + x11open_state->sender_channel)); x11open_state->state = libssh2_NB_state_allocated; } @@ -391,14 +381,14 @@ packet_x11_open(LIBSSH2_SESSION * session, unsigned char *data, channel->local.window_size = x11open_state->initial_window_size; channel->local.packet_size = x11open_state->packet_size; - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "X11 Connection established: channel %lu/%lu " "win %lu/%lu packet %lu/%lu", channel->local.id, channel->remote.id, channel->local.window_size, channel->remote.window_size, channel->local.packet_size, - channel->remote.packet_size); + channel->remote.packet_size)); p = x11open_state->packet; *(p++) = SSH_MSG_CHANNEL_OPEN_CONFIRMATION; _libssh2_store_u32(&p, channel->remote.id); @@ -439,7 +429,7 @@ packet_x11_open(LIBSSH2_SESSION * session, unsigned char *data, else failure_code = SSH_OPEN_RESOURCE_SHORTAGE; /* fall-trough */ - x11_exit: +x11_exit: p = x11open_state->packet; *(p++) = SSH_MSG_CHANNEL_OPEN_FAILURE; _libssh2_store_u32(&p, x11open_state->sender_channel); @@ -460,6 +450,154 @@ packet_x11_open(LIBSSH2_SESSION * session, unsigned char *data, return 0; } +/* + * packet_authagent_open + * + * Open a connection to authentication agent + */ +static inline int +packet_authagent_open(LIBSSH2_SESSION * session, + unsigned char *data, size_t datalen, + packet_authagent_state_t *authagent_state) +{ + int failure_code = SSH_OPEN_CONNECT_FAILED; + /* 17 = packet_type(1) + channel(4) + reason(4) + descr(4) + lang(4) */ + size_t packet_len = 17 + (sizeof(X11FwdUnAvil) - 1); + unsigned char *p; + LIBSSH2_CHANNEL *channel = authagent_state->channel; + int rc; + + (void)datalen; + + if(authagent_state->state == libssh2_NB_state_idle) { + unsigned char *s = data + (sizeof("auth-agent@openssh.org") - 1) + 5; + authagent_state->sender_channel = _libssh2_ntohu32(s); + s += 4; + authagent_state->initial_window_size = _libssh2_ntohu32(s); + s += 4; + authagent_state->packet_size = _libssh2_ntohu32(s); + + _libssh2_debug((session, LIBSSH2_TRACE_CONN, + "Auth Agent Connection Received on channel %lu", + authagent_state->sender_channel)); + + authagent_state->state = libssh2_NB_state_allocated; + } + + if(session->authagent) { + if(authagent_state->state == libssh2_NB_state_allocated) { + channel = LIBSSH2_ALLOC(session, sizeof(LIBSSH2_CHANNEL)); + authagent_state->channel = channel; + + if(!channel) { + _libssh2_error(session, LIBSSH2_ERROR_ALLOC, + "allocate a channel for new connection"); + failure_code = SSH_OPEN_RESOURCE_SHORTAGE; + goto authagent_exit; + } + memset(channel, 0, sizeof(LIBSSH2_CHANNEL)); + + channel->session = session; + channel->channel_type_len = sizeof("auth agent") - 1; + channel->channel_type = LIBSSH2_ALLOC(session, + channel->channel_type_len + + 1); + if(!channel->channel_type) { + _libssh2_error(session, LIBSSH2_ERROR_ALLOC, + "allocate a channel for new connection"); + LIBSSH2_FREE(session, channel); + failure_code = SSH_OPEN_RESOURCE_SHORTAGE; + goto authagent_exit; + } + memcpy(channel->channel_type, "auth agent", + channel->channel_type_len + 1); + + channel->remote.id = authagent_state->sender_channel; + channel->remote.window_size_initial = + LIBSSH2_CHANNEL_WINDOW_DEFAULT; + channel->remote.window_size = LIBSSH2_CHANNEL_WINDOW_DEFAULT; + channel->remote.packet_size = LIBSSH2_CHANNEL_PACKET_DEFAULT; + + channel->local.id = _libssh2_channel_nextid(session); + channel->local.window_size_initial = + authagent_state->initial_window_size; + channel->local.window_size = authagent_state->initial_window_size; + channel->local.packet_size = authagent_state->packet_size; + + _libssh2_debug((session, LIBSSH2_TRACE_CONN, + "Auth Agent Connection established: channel " + "%lu/%lu win %lu/%lu packet %lu/%lu", + channel->local.id, channel->remote.id, + channel->local.window_size, + channel->remote.window_size, + channel->local.packet_size, + channel->remote.packet_size)); + + p = authagent_state->packet; + *(p++) = SSH_MSG_CHANNEL_OPEN_CONFIRMATION; + _libssh2_store_u32(&p, channel->remote.id); + _libssh2_store_u32(&p, channel->local.id); + _libssh2_store_u32(&p, channel->remote.window_size_initial); + _libssh2_store_u32(&p, channel->remote.packet_size); + + authagent_state->state = libssh2_NB_state_created; + } + + if(authagent_state->state == libssh2_NB_state_created) { + rc = _libssh2_transport_send(session, authagent_state->packet, 17, + NULL, 0); + if(rc == LIBSSH2_ERROR_EAGAIN) { + return rc; + } + else if(rc) { + authagent_state->state = libssh2_NB_state_idle; + return _libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND, + "Unable to send channel open " + "confirmation"); + } + + /* Link the channel into the session */ + _libssh2_list_add(&session->channels, &channel->node); + + /* mess with stuff so we don't keep reading the same packet + over and over */ + session->packet.total_num = 0; + session->fullpacket_state = libssh2_NB_state_idle; + + /* Pass control to the callback, they may turn right around and + and free the channel, or actually use it */ + + LIBSSH2_AUTHAGENT(channel); + + authagent_state->state = libssh2_NB_state_idle; + return 0; + } + } + else + failure_code = SSH_OPEN_RESOURCE_SHORTAGE; + + /* fall-through */ +authagent_exit: + p = authagent_state->packet; + *(p++) = SSH_MSG_CHANNEL_OPEN_FAILURE; + _libssh2_store_u32(&p, authagent_state->sender_channel); + _libssh2_store_u32(&p, failure_code); + _libssh2_store_str(&p, AuthAgentUnavail, sizeof(AuthAgentUnavail) - 1); + _libssh2_htonu32(p, 0); + + rc = _libssh2_transport_send(session, authagent_state->packet, packet_len, + NULL, 0); + if(rc == LIBSSH2_ERROR_EAGAIN) { + return rc; + } + else if(rc) { + authagent_state->state = libssh2_NB_state_idle; + return _libssh2_error(session, rc, "Unable to send open failure"); + } + authagent_state->state = libssh2_NB_state_idle; + return 0; +} + /* * _libssh2_packet_add * @@ -487,9 +625,9 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data, switch(session->packAdd_state) { case libssh2_NB_state_idle: - _libssh2_debug(session, LIBSSH2_TRACE_TRANS, + _libssh2_debug((session, LIBSSH2_TRACE_TRANS, "Packet type %d received, length=%d", - (int) msg, (int) datalen); + (int) msg, (int) datalen)); if((macstate == LIBSSH2_MAC_INVALID) && (!session->macerror || @@ -513,6 +651,8 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data, goto libssh2_packet_add_jump_point4; case libssh2_NB_state_jump5: goto libssh2_packet_add_jump_point5; + case libssh2_NB_state_jumpauthagent: + goto libssh2_packet_add_jump_authagent; default: /* nothing to do */ break; } @@ -547,9 +687,9 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data, language_len); } - _libssh2_debug(session, LIBSSH2_TRACE_TRANS, + _libssh2_debug((session, LIBSSH2_TRACE_TRANS, "Disconnect(%d): %s(%s)", reason, - message, language); + message, language)); } LIBSSH2_FREE(session, data); @@ -606,15 +746,84 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data, } /* - * _libssh2_debug will actually truncate this for us so + * _libssh2_debug() will actually truncate this for us so * that it's not an inordinate about of data */ - _libssh2_debug(session, LIBSSH2_TRACE_TRANS, - "Debug Packet: %s", message); + _libssh2_debug((session, LIBSSH2_TRACE_TRANS, + "Debug Packet: %s", message)); LIBSSH2_FREE(session, data); session->packAdd_state = libssh2_NB_state_idle; return 0; + /* + byte SSH_MSG_EXT_INFO + uint32 nr-extensions + [repeat "nr-extensions" times] + string extension-name [RFC8308] + string extension-value (binary) + */ + + case SSH_MSG_EXT_INFO: + if(datalen >= 5) { + uint32_t nr_extensions = 0; + struct string_buf buf; + buf.data = (unsigned char *)data; + buf.dataptr = buf.data; + buf.len = datalen; + buf.dataptr += 1; /* advance past type */ + + if(_libssh2_get_u32(&buf, &nr_extensions) != 0) { + rc = _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "Invalid extension info received"); + } + + while(rc == 0 && nr_extensions > 0) { + + size_t name_len = 0; + size_t value_len = 0; + unsigned char *name = NULL; + unsigned char *value = NULL; + + nr_extensions -= 1; + + _libssh2_get_string(&buf, &name, &name_len); + _libssh2_get_string(&buf, &value, &value_len); + + if(name && value) { + _libssh2_debug((session, + LIBSSH2_TRACE_KEX, + "Server to Client extension %.*s: %.*s", + name_len, name, value_len, value)); + } + + if(name_len == 15 && + memcmp(name, "server-sig-algs", 15) == 0) { + if(session->server_sign_algorithms) { + LIBSSH2_FREE(session, + session->server_sign_algorithms); + } + + session->server_sign_algorithms = + LIBSSH2_ALLOC(session, + value_len + 1); + + if(session->server_sign_algorithms) { + memcpy(session->server_sign_algorithms, + value, value_len); + session->server_sign_algorithms[value_len] = '\0'; + } + else { + rc = _libssh2_error(session, LIBSSH2_ERROR_ALLOC, + "memory for server sign algo"); + } + } + } + } + + LIBSSH2_FREE(session, data); + session->packAdd_state = libssh2_NB_state_idle; + return rc; + /* byte SSH_MSG_GLOBAL_REQUEST string request name in US-ASCII only @@ -629,17 +838,17 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data, len = _libssh2_ntohu32(data + 1); if((len <= (UINT_MAX - 6)) && (datalen >= (6 + len))) { want_reply = data[5 + len]; - _libssh2_debug(session, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "Received global request type %.*s (wr %X)", - len, data + 5, want_reply); + len, data + 5, want_reply)); } if(want_reply) { static const unsigned char packet = SSH_MSG_REQUEST_FAILURE; - libssh2_packet_add_jump_point5: +libssh2_packet_add_jump_point5: session->packAdd_state = libssh2_NB_state_jump5; rc = _libssh2_transport_send(session, &packet, 1, NULL, 0); if(rc == LIBSSH2_ERROR_EAGAIN) @@ -691,12 +900,12 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data, if(msg == SSH_MSG_CHANNEL_EXTENDED_DATA) stream_id = _libssh2_ntohu32(data + 5); - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "%d bytes packet_add() for %lu/%lu/%lu", (int) (datalen - data_head), channelp->local.id, channelp->remote.id, - stream_id); + stream_id)); } #endif if((channelp->remote.extended_data_ignore_mode == @@ -705,30 +914,31 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data, /* Pretend we didn't receive this */ LIBSSH2_FREE(session, data); - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "Ignoring extended data and refunding %d bytes", - (int) (datalen - 13)); + (int) (datalen - 13))); if(channelp->read_avail + datalen - data_head >= channelp->remote.window_size) datalen = channelp->remote.window_size - channelp->read_avail + data_head; - channelp->remote.window_size -= datalen - data_head; - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + channelp->remote.window_size -= (uint32_t)(datalen - + data_head); + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "shrinking window size by %lu bytes to %lu, " "read_avail %lu", datalen - data_head, channelp->remote.window_size, - channelp->read_avail); + channelp->read_avail)); session->packAdd_channelp = channelp; /* Adjust the window based on the block we just freed */ - libssh2_packet_add_jump_point1: +libssh2_packet_add_jump_point1: session->packAdd_state = libssh2_NB_state_jump1; rc = _libssh2_channel_receive_window_adjust(session-> packAdd_channelp, - datalen - 13, + (uint32_t)(datalen - 13), 1, NULL); if(rc == LIBSSH2_ERROR_EAGAIN) return rc; @@ -746,8 +956,7 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data, * Spec says we MAY ignore bytes sent beyond * packet_size */ - _libssh2_error(session, - LIBSSH2_ERROR_CHANNEL_PACKET_EXCEEDED, + _libssh2_error(session, LIBSSH2_ERROR_CHANNEL_PACKET_EXCEEDED, "Packet contains more data than we offered" " to receive, truncating"); datalen = channelp->remote.packet_size + data_head; @@ -757,8 +966,7 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data, * Spec says we MAY ignore bytes sent beyond * window_size */ - _libssh2_error(session, - LIBSSH2_ERROR_CHANNEL_WINDOW_EXCEEDED, + _libssh2_error(session, LIBSSH2_ERROR_CHANNEL_WINDOW_EXCEEDED, "The current receive window is full," " data ignored"); LIBSSH2_FREE(session, data); @@ -770,8 +978,7 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data, if(channelp->read_avail + datalen - data_head > channelp->remote.window_size) { - _libssh2_error(session, - LIBSSH2_ERROR_CHANNEL_WINDOW_EXCEEDED, + _libssh2_error(session, LIBSSH2_ERROR_CHANNEL_WINDOW_EXCEEDED, "Remote sent more data than current " "window allows, truncating"); datalen = channelp->remote.window_size - @@ -783,11 +990,11 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data, * from an upper layer */ channelp->read_avail += datalen - data_head; - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "increasing read_avail by %lu bytes to %lu/%lu", (long)(datalen - data_head), (long)channelp->read_avail, - (long)channelp->remote.window_size); + (long)channelp->remote.window_size)); break; @@ -805,11 +1012,11 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data, /* We may have freed already, just quietly ignore this... */ ; else { - _libssh2_debug(session, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "EOF received for channel %lu/%lu", channelp->local.id, - channelp->remote.id); + channelp->remote.id)); channelp->remote.eof = 1; } LIBSSH2_FREE(session, data); @@ -833,10 +1040,10 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data, if((len + 9) < datalen) want_reply = data[len + 9]; - _libssh2_debug(session, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "Channel %d received request type %.*s (wr %X)", - channel, len, data + 9, want_reply); + channel, len, data + 9, want_reply)); if(len == sizeof("exit-status") - 1 && (sizeof("exit-status") - 1 + 9) <= datalen @@ -851,12 +1058,12 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data, if(channelp && (sizeof("exit-status") + 13) <= datalen) { channelp->exit_status = _libssh2_ntohu32(data + 9 + sizeof("exit-status")); - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "Exit status %lu received for " "channel %lu/%lu", channelp->exit_status, channelp->local.id, - channelp->remote.id); + channelp->remote.id)); } } @@ -890,12 +1097,12 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data, data + 13 + sizeof("exit-signal"), namelen); channelp->exit_signal[namelen] = '\0'; /* TODO: save error message and language tag */ - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "Exit signal %s received for " "channel %lu/%lu", channelp->exit_signal, channelp->local.id, - channelp->remote.id); + channelp->remote.id)); } } } @@ -903,7 +1110,7 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data, if(want_reply) { unsigned char packet[5]; - libssh2_packet_add_jump_point4: +libssh2_packet_add_jump_point4: session->packAdd_state = libssh2_NB_state_jump4; packet[0] = SSH_MSG_CHANNEL_FAILURE; memcpy(&packet[1], data + 1, 4); @@ -932,10 +1139,10 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data, session->packAdd_state = libssh2_NB_state_idle; return 0; } - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "Close received for channel %lu/%lu", channelp->local.id, - channelp->remote.id); + channelp->remote.id)); channelp->remote.close = 1; channelp->remote.eof = 1; @@ -966,7 +1173,7 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data, memset(&session->packAdd_Qlstn_state, 0, sizeof(session->packAdd_Qlstn_state)); - libssh2_packet_add_jump_point2: +libssh2_packet_add_jump_point2: session->packAdd_state = libssh2_NB_state_jump2; rc = packet_queue_listener(session, data, datalen, &session->packAdd_Qlstn_state); @@ -979,11 +1186,26 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data, memset(&session->packAdd_x11open_state, 0, sizeof(session->packAdd_x11open_state)); - libssh2_packet_add_jump_point3: +libssh2_packet_add_jump_point3: session->packAdd_state = libssh2_NB_state_jump3; rc = packet_x11_open(session, data, datalen, &session->packAdd_x11open_state); } + else if((datalen >= (sizeof("auth-agent@openssh.com") + 4)) && + ((sizeof("auth-agent@openssh.com") - 1) == + _libssh2_ntohu32(data + 1)) && + (memcmp(data + 5, "auth-agent@openssh.com", + sizeof("auth-agent@openssh.com") - 1) == 0)) { + + /* init the state struct */ + memset(&session->packAdd_authagent_state, 0, + sizeof(session->packAdd_authagent_state)); + +libssh2_packet_add_jump_authagent: + session->packAdd_state = libssh2_NB_state_jumpauthagent; + rc = packet_authagent_open(session, data, datalen, + &session->packAdd_authagent_state); + } if(rc == LIBSSH2_ERROR_EAGAIN) return rc; @@ -1007,13 +1229,13 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data, if(channelp) { channelp->local.window_size += bytestoadd; - _libssh2_debug(session, LIBSSH2_TRACE_CONN, + _libssh2_debug((session, LIBSSH2_TRACE_CONN, "Window adjust for channel %lu/%lu, " "adding %lu bytes, new window_size=%lu", channelp->local.id, channelp->remote.id, bytestoadd, - channelp->local.window_size); + channelp->local.window_size)); } } LIBSSH2_FREE(session, data); @@ -1030,8 +1252,8 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data, LIBSSH2_PACKET *packetp = LIBSSH2_ALLOC(session, sizeof(LIBSSH2_PACKET)); if(!packetp) { - _libssh2_debug(session, LIBSSH2_ERROR_ALLOC, - "memory for packet"); + _libssh2_debug((session, LIBSSH2_ERROR_ALLOC, + "memory for packet")); LIBSSH2_FREE(session, data); session->packAdd_state = libssh2_NB_state_idle; return LIBSSH2_ERROR_ALLOC; @@ -1054,7 +1276,8 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data, * Well, it's already in the brigade, * let's just call back into ourselves */ - _libssh2_debug(session, LIBSSH2_TRACE_TRANS, "Renegotiating Keys"); + _libssh2_debug((session, LIBSSH2_TRACE_TRANS, + "Renegotiating Keys")); session->packAdd_state = libssh2_NB_state_sent2; } @@ -1099,8 +1322,8 @@ _libssh2_packet_ask(LIBSSH2_SESSION * session, unsigned char packet_type, { LIBSSH2_PACKET *packet = _libssh2_list_first(&session->packets); - _libssh2_debug(session, LIBSSH2_TRACE_TRANS, - "Looking for packet of type: %d", (int) packet_type); + _libssh2_debug((session, LIBSSH2_TRACE_TRANS, + "Looking for packet of type: %d", (int) packet_type)); while(packet) { if(packet->data[0] == packet_type @@ -1137,12 +1360,12 @@ _libssh2_packet_askv(LIBSSH2_SESSION * session, const unsigned char *match_buf, size_t match_len) { - int i, packet_types_len = strlen((char *) packet_types); + size_t i, packet_types_len = strlen((const char *) packet_types); for(i = 0; i < packet_types_len; i++) { - if(0 == _libssh2_packet_ask(session, packet_types[i], data, - data_len, match_ofs, - match_buf, match_len)) { + if(_libssh2_packet_ask(session, packet_types[i], data, + data_len, match_ofs, + match_buf, match_len) == 0) { return 0; } } @@ -1169,8 +1392,8 @@ _libssh2_packet_require(LIBSSH2_SESSION * session, unsigned char packet_type, { if(state->start == 0) { if(_libssh2_packet_ask(session, packet_type, data, data_len, - match_ofs, match_buf, - match_len) == 0) { + match_ofs, match_buf, + match_len) == 0) { /* A packet was available in the packet brigade */ return 0; } @@ -1196,8 +1419,8 @@ _libssh2_packet_require(LIBSSH2_SESSION * session, unsigned char packet_type, } else if(ret == 0) { /* nothing available, wait until data arrives or we time out */ - long left = LIBSSH2_READ_TIMEOUT - (long)(time(NULL) - - state->start); + long left = session->packet_read_timeout - (long)(time(NULL) - + state->start); if(left <= 0) { state->start = 0; @@ -1234,15 +1457,15 @@ _libssh2_packet_burn(LIBSSH2_SESSION * session, all_packets[254] = 0; if(_libssh2_packet_askv(session, all_packets, &data, &data_len, 0, - NULL, 0) == 0) { + NULL, 0) == 0) { i = data[0]; /* A packet was available in the packet brigade, burn it */ LIBSSH2_FREE(session, data); return i; } - _libssh2_debug(session, LIBSSH2_TRACE_TRANS, - "Blocking until packet becomes available to burn"); + _libssh2_debug((session, LIBSSH2_TRACE_TRANS, + "Blocking until packet becomes available to burn")); *state = libssh2_NB_state_created; } @@ -1263,7 +1486,7 @@ _libssh2_packet_burn(LIBSSH2_SESSION * session, /* Be lazy, let packet_ask pull it out of the brigade */ if(0 == _libssh2_packet_ask(session, (unsigned char)ret, - &data, &data_len, 0, NULL, 0)) { + &data, &data_len, 0, NULL, 0)) { /* Smoke 'em if you got 'em */ LIBSSH2_FREE(session, data); *state = libssh2_NB_state_idle; @@ -1292,7 +1515,7 @@ _libssh2_packet_requirev(LIBSSH2_SESSION *session, packet_requirev_state_t * state) { if(_libssh2_packet_askv(session, packet_types, data, data_len, match_ofs, - match_buf, match_len) == 0) { + match_buf, match_len) == 0) { /* One of the packets listed was available in the packet brigade */ state->start = 0; return 0; @@ -1309,7 +1532,7 @@ _libssh2_packet_requirev(LIBSSH2_SESSION *session, return ret; } if(ret <= 0) { - long left = LIBSSH2_READ_TIMEOUT - + long left = session->packet_read_timeout - (long)(time(NULL) - state->start); if(left <= 0) { @@ -1323,9 +1546,9 @@ _libssh2_packet_requirev(LIBSSH2_SESSION *session, if(strchr((char *) packet_types, ret)) { /* Be lazy, let packet_ask pull it out of the brigade */ - int ret = _libssh2_packet_askv(session, packet_types, data, - data_len, match_ofs, match_buf, - match_len); + ret = _libssh2_packet_askv(session, packet_types, data, + data_len, match_ofs, match_buf, + match_len); state->start = 0; return ret; } @@ -1335,4 +1558,3 @@ _libssh2_packet_requirev(LIBSSH2_SESSION *session, state->start = 0; return LIBSSH2_ERROR_SOCKET_DISCONNECT; } - diff --git a/libssh2/src/pem.c b/libssh2/src/pem.c index 3416bd528..8b3659e3b 100644 --- a/libssh2/src/pem.c +++ b/libssh2/src/pem.c @@ -100,20 +100,27 @@ static const char *crypt_annotation = "Proc-Type: 4,ENCRYPTED"; static unsigned char hex_decode(char digit) { - return (digit >= 'A') ? 0xA + (digit - 'A') : (digit - '0'); + return (unsigned char) + ((digit >= 'A') ? (0xA + (digit - 'A')) : (digit - '0')); } +/* Hack to fix builds with crypto backends with MD5 support disabled. + FIXME: Honor our LIBSSH2_MD5 macro for MD5-dependent logic. */ +#ifdef OPENSSL_NO_MD5 +#define MD5_DIGEST_LENGTH 16 +#endif + int _libssh2_pem_parse(LIBSSH2_SESSION * session, const char *headerbegin, const char *headerend, const unsigned char *passphrase, - FILE * fp, unsigned char **data, unsigned int *datalen) + FILE * fp, unsigned char **data, size_t *datalen) { char line[LINE_SIZE]; unsigned char iv[LINE_SIZE]; char *b64data = NULL; - unsigned int b64datalen = 0; + size_t b64datalen = 0; int ret; const LIBSSH2_CRYPT_METHOD *method = NULL; @@ -141,7 +148,8 @@ _libssh2_pem_parse(LIBSSH2_SESSION * session, } all_methods = libssh2_crypt_methods(); - while((cur_method = *all_methods++)) { + /* !checksrc! disable EQUALSNULL 1 */ + while((cur_method = *all_methods++) != NULL) { if(*cur_method->pem_annotation && memcmp(line, cur_method->pem_annotation, strlen(cur_method->pem_annotation)) == 0) { @@ -152,12 +160,12 @@ _libssh2_pem_parse(LIBSSH2_SESSION * session, } /* None of the available crypt methods were able to decrypt the key */ - if(method == NULL) + if(!method) return -1; /* Decode IV from hex */ for(i = 0; i < method->iv_len; ++i) { - iv[i] = hex_decode(iv[2*i]) << 4; + iv[i] = (unsigned char)(hex_decode(iv[2*i]) << 4); iv[i] |= hex_decode(iv[2*i + 1]); } @@ -198,7 +206,7 @@ _libssh2_pem_parse(LIBSSH2_SESSION * session, return -1; } - if(libssh2_base64_decode(session, (char **) data, datalen, + if(_libssh2_base64_decode(session, (char **) data, datalen, b64data, b64datalen)) { ret = -1; goto out; @@ -258,7 +266,11 @@ _libssh2_pem_parse(LIBSSH2_SESSION * session, while(len_decrypted <= (int)*datalen - blocksize) { if(method->crypt(session, *data + len_decrypted, blocksize, - &abstract)) { + &abstract, + len_decrypted == 0 ? FIRST_BLOCK : + ((len_decrypted == (int)*datalen - blocksize) ? + LAST_BLOCK : MIDDLE_BLOCK) + )) { ret = LIBSSH2_ERROR_DECRYPT; _libssh2_explicit_zero((char *)secret, sizeof(secret)); method->dtor(session, &abstract); @@ -281,7 +293,7 @@ _libssh2_pem_parse(LIBSSH2_SESSION * session, } ret = 0; - out: +out: if(b64data) { _libssh2_explicit_zero(b64data, b64datalen); LIBSSH2_FREE(session, b64data); @@ -294,11 +306,11 @@ _libssh2_pem_parse_memory(LIBSSH2_SESSION * session, const char *headerbegin, const char *headerend, const char *filedata, size_t filedata_len, - unsigned char **data, unsigned int *datalen) + unsigned char **data, size_t *datalen) { char line[LINE_SIZE]; char *b64data = NULL; - unsigned int b64datalen = 0; + size_t b64datalen = 0; size_t off = 0; int ret; @@ -343,14 +355,14 @@ _libssh2_pem_parse_memory(LIBSSH2_SESSION * session, return -1; } - if(libssh2_base64_decode(session, (char **) data, datalen, + if(_libssh2_base64_decode(session, (char **) data, datalen, b64data, b64datalen)) { ret = -1; goto out; } ret = 0; - out: +out: if(b64data) { _libssh2_explicit_zero(b64data, b64datalen); LIBSSH2_FREE(session, b64data); @@ -382,7 +394,7 @@ _libssh2_openssh_pem_parse_data(LIBSSH2_SESSION * session, unsigned char *key_part = NULL; unsigned char *iv_part = NULL; unsigned char *f = NULL; - unsigned int f_len = 0; + size_t f_len = 0; int ret = 0, keylen = 0, ivlen = 0, total_len = 0; size_t kdf_len = 0, tmp_len = 0, salt_len = 0; @@ -390,10 +402,10 @@ _libssh2_openssh_pem_parse_data(LIBSSH2_SESSION * session, *decrypted_buf = NULL; /* decode file */ - if(libssh2_base64_decode(session, (char **)&f, &f_len, - b64data, b64datalen)) { - ret = -1; - goto out; + if(_libssh2_base64_decode(session, (char **)&f, &f_len, + b64data, b64datalen)) { + ret = -1; + goto out; } /* Parse the file */ @@ -425,7 +437,7 @@ _libssh2_openssh_pem_parse_data(LIBSSH2_SESSION * session, if(_libssh2_get_string(&decoded, &kdfname, &tmp_len) || tmp_len == 0) { ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, - "kdfname is missing"); + "kdfname is missing"); goto out; } @@ -440,7 +452,7 @@ _libssh2_openssh_pem_parse_data(LIBSSH2_SESSION * session, kdf_buf.len = kdf_len; } - if((passphrase == NULL || strlen((const char *)passphrase) == 0) && + if((!passphrase || strlen((const char *)passphrase) == 0) && strcmp((const char *)ciphername, "none") != 0) { /* passphrase required */ ret = LIBSSH2_ERROR_KEYFILE_AUTH_FAILED; @@ -456,8 +468,8 @@ _libssh2_openssh_pem_parse_data(LIBSSH2_SESSION * session, if(!strcmp((const char *)kdfname, "none") && strcmp((const char *)ciphername, "none") != 0) { - ret =_libssh2_error(session, LIBSSH2_ERROR_PROTO, - "invalid format"); + ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "invalid format"); goto out; } @@ -478,7 +490,7 @@ _libssh2_openssh_pem_parse_data(LIBSSH2_SESSION * session, if(_libssh2_get_string(&decoded, &buf, &tmp_len) || tmp_len == 0) { ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, - "Private key data not found"); + "Private key data not found"); goto out; } @@ -490,7 +502,8 @@ _libssh2_openssh_pem_parse_data(LIBSSH2_SESSION * session, const LIBSSH2_CRYPT_METHOD **all_methods, *cur_method; all_methods = libssh2_crypt_methods(); - while((cur_method = *all_methods++)) { + /* !checksrc! disable EQUALSNULL 1 */ + while((cur_method = *all_methods++) != NULL) { if(*cur_method->name && memcmp(ciphername, cur_method->name, strlen(cur_method->name)) == 0) { @@ -500,9 +513,9 @@ _libssh2_openssh_pem_parse_data(LIBSSH2_SESSION * session, /* None of the available crypt methods were able to decrypt the key */ - if(method == NULL) { + if(!method) { ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, - "No supported cipher found"); + "No supported cipher found"); goto out; } } @@ -517,16 +530,15 @@ _libssh2_openssh_pem_parse_data(LIBSSH2_SESSION * session, total_len = keylen + ivlen; key = LIBSSH2_CALLOC(session, total_len); - if(key == NULL) { + if(!key) { ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, - "Could not alloc key"); + "Could not alloc key"); goto out; } - if(strcmp((const char *)kdfname, "bcrypt") == 0 && - passphrase != NULL) { + if(strcmp((const char *)kdfname, "bcrypt") == 0 && passphrase) { if((_libssh2_get_string(&kdf_buf, &salt, &salt_len)) || - (_libssh2_get_u32(&kdf_buf, &rounds) != 0) ) { + (_libssh2_get_u32(&kdf_buf, &rounds) != 0)) { ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, "kdf contains unexpected values"); LIBSSH2_FREE(session, key); @@ -545,7 +557,7 @@ _libssh2_openssh_pem_parse_data(LIBSSH2_SESSION * session, } else { ret = _libssh2_error(session, LIBSSH2_ERROR_KEYFILE_AUTH_FAILED, - "bcrypted without passphrase"); + "bcrypted without passphrase"); LIBSSH2_FREE(session, key); goto out; } @@ -554,14 +566,14 @@ _libssh2_openssh_pem_parse_data(LIBSSH2_SESSION * session, blocksize = method->blocksize; key_part = LIBSSH2_CALLOC(session, keylen); - if(key_part == NULL) { + if(!key_part) { ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, "Could not alloc key part"); goto out; } iv_part = LIBSSH2_CALLOC(session, ivlen); - if(iv_part == NULL) { + if(!iv_part) { ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, "Could not alloc iv part"); goto out; @@ -572,7 +584,7 @@ _libssh2_openssh_pem_parse_data(LIBSSH2_SESSION * session, /* Initialize the decryption */ if(method->init(session, method, iv_part, &free_iv, key_part, - &free_secret, 0, &abstract)) { + &free_secret, 0, &abstract)) { ret = LIBSSH2_ERROR_DECRYPT; goto out; } @@ -587,7 +599,11 @@ _libssh2_openssh_pem_parse_data(LIBSSH2_SESSION * session, while((size_t)len_decrypted <= decrypted.len - blocksize) { if(method->crypt(session, decrypted.data + len_decrypted, blocksize, - &abstract)) { + &abstract, + len_decrypted == 0 ? FIRST_BLOCK : ( + ((size_t)len_decrypted == decrypted.len - blocksize) ? + LAST_BLOCK : MIDDLE_BLOCK) + )) { ret = LIBSSH2_ERROR_DECRYPT; method->dtor(session, &abstract); goto out; @@ -606,13 +622,13 @@ _libssh2_openssh_pem_parse_data(LIBSSH2_SESSION * session, if(_libssh2_get_u32(&decrypted, &check1) != 0 || _libssh2_get_u32(&decrypted, &check2) != 0 || check1 != check2) { - _libssh2_error(session, LIBSSH2_ERROR_PROTO, - "Private key unpack failed (correct password?)"); - ret = LIBSSH2_ERROR_KEYFILE_AUTH_FAILED; - goto out; + _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "Private key unpack failed (correct password?)"); + ret = LIBSSH2_ERROR_KEYFILE_AUTH_FAILED; + goto out; } - if(decrypted_buf != NULL) { + if(decrypted_buf) { /* copy data to out-going buffer */ struct string_buf *out_buf = _libssh2_string_buf_new(session); if(!out_buf) { @@ -623,7 +639,7 @@ _libssh2_openssh_pem_parse_data(LIBSSH2_SESSION * session, } out_buf->data = LIBSSH2_CALLOC(session, decrypted.len); - if(out_buf->data == NULL) { + if(!out_buf->data) { ret = _libssh2_error(session, LIBSSH2_ERROR_ALLOC, "Unable to allocate memory for " "decrypted struct"); @@ -668,7 +684,7 @@ _libssh2_openssh_pem_parse(LIBSSH2_SESSION * session, { char line[LINE_SIZE]; char *b64data = NULL; - unsigned int b64datalen = 0; + size_t b64datalen = 0; int ret = 0; /* read file */ @@ -719,7 +735,7 @@ _libssh2_openssh_pem_parse(LIBSSH2_SESSION * session, ret = _libssh2_openssh_pem_parse_data(session, passphrase, (const char *)b64data, - (size_t)b64datalen, + b64datalen, decrypted_buf); if(b64data) { @@ -740,11 +756,11 @@ _libssh2_openssh_pem_parse_memory(LIBSSH2_SESSION * session, { char line[LINE_SIZE]; char *b64data = NULL; - unsigned int b64datalen = 0; + size_t b64datalen = 0; size_t off = 0; int ret; - if(filedata == NULL || filedata_len <= 0) + if(!filedata || filedata_len <= 0) return _libssh2_error(session, LIBSSH2_ERROR_PROTO, "Error parsing PEM: filedata missing"); @@ -754,7 +770,8 @@ _libssh2_openssh_pem_parse_memory(LIBSSH2_SESSION * session, if(off >= filedata_len) return _libssh2_error(session, LIBSSH2_ERROR_PROTO, - "Error parsing PEM: offset out of bounds"); + "Error parsing PEM: " + "OpenSSH header not found"); if(readline_memory(line, LINE_SIZE, filedata, filedata_len, &off)) { return -1; @@ -765,7 +782,7 @@ _libssh2_openssh_pem_parse_memory(LIBSSH2_SESSION * session, *line = '\0'; do { - if (*line) { + if(*line) { char *tmp; size_t linelen; @@ -814,7 +831,7 @@ out: static int read_asn1_length(const unsigned char *data, - unsigned int datalen, unsigned int *len) + size_t datalen, size_t *len) { unsigned int lenlen; int nextpos; @@ -848,9 +865,9 @@ read_asn1_length(const unsigned char *data, } int -_libssh2_pem_decode_sequence(unsigned char **data, unsigned int *datalen) +_libssh2_pem_decode_sequence(unsigned char **data, size_t *datalen) { - unsigned int len; + size_t len; int lenlen; if(*datalen < 1) { @@ -876,10 +893,10 @@ _libssh2_pem_decode_sequence(unsigned char **data, unsigned int *datalen) } int -_libssh2_pem_decode_integer(unsigned char **data, unsigned int *datalen, +_libssh2_pem_decode_integer(unsigned char **data, size_t *datalen, unsigned char **i, unsigned int *ilen) { - unsigned int len; + size_t len; int lenlen; if(*datalen < 1) { @@ -902,7 +919,7 @@ _libssh2_pem_decode_integer(unsigned char **data, unsigned int *datalen, *datalen -= lenlen; *i = *data; - *ilen = len; + *ilen = (unsigned int)len; *data += len; *datalen -= len; diff --git a/libssh2/src/publickey.c b/libssh2/src/publickey.c index f26c6327d..ddc0e8a3b 100644 --- a/libssh2/src/publickey.c +++ b/libssh2/src/publickey.c @@ -105,7 +105,7 @@ static const LIBSSH2_PUBLICKEY_CODE_LIST publickey_status_codes[] = { */ static void publickey_status_error(const LIBSSH2_PUBLICKEY *pkey, - LIBSSH2_SESSION *session, int status) + LIBSSH2_SESSION *session, unsigned long status) { const char *msg; @@ -114,7 +114,7 @@ publickey_status_error(const LIBSSH2_PUBLICKEY *pkey, status = 7; } - if(status < 0 || status > LIBSSH2_PUBLICKEY_STATUS_CODE_MAX) { + if(status > LIBSSH2_PUBLICKEY_STATUS_CODE_MAX) { msg = "unknown"; } else { @@ -136,14 +136,14 @@ publickey_packet_receive(LIBSSH2_PUBLICKEY * pkey, LIBSSH2_CHANNEL *channel = pkey->channel; LIBSSH2_SESSION *session = channel->session; unsigned char buffer[4]; - int rc; + ssize_t rc; *data = NULL; /* default to nothing returned */ *data_len = 0; if(pkey->receive_state == libssh2_NB_state_idle) { rc = _libssh2_channel_read(channel, 0, (char *) buffer, 4); if(rc == LIBSSH2_ERROR_EAGAIN) { - return rc; + return (int)rc; } else if(rc != 4) { return _libssh2_error(session, LIBSSH2_ERROR_PUBLICKEY_PROTOCOL, @@ -166,9 +166,9 @@ publickey_packet_receive(LIBSSH2_PUBLICKEY * pkey, rc = _libssh2_channel_read(channel, 0, (char *) pkey->receive_packet, pkey->receive_packet_len); if(rc == LIBSSH2_ERROR_EAGAIN) { - return rc; + return (int)rc; } - else if(rc != (int)pkey->receive_packet_len) { + else if(rc != (ssize_t)pkey->receive_packet_len) { LIBSSH2_FREE(session, pkey->receive_packet); pkey->receive_packet = NULL; pkey->receive_state = libssh2_NB_state_idle; @@ -234,7 +234,7 @@ publickey_response_success(LIBSSH2_PUBLICKEY * pkey) size_t data_len; int response; - while(1) { + for(;;) { int rc = publickey_packet_receive(pkey, &data, &data_len); if(rc == LIBSSH2_ERROR_EAGAIN) { return rc; @@ -272,7 +272,7 @@ publickey_response_success(LIBSSH2_PUBLICKEY * pkey) return 0; publickey_status_error(pkey, session, status); - return -1; + goto err_exit; } default: LIBSSH2_FREE(session, data); @@ -287,7 +287,7 @@ publickey_response_success(LIBSSH2_PUBLICKEY * pkey) data = NULL; } } - /* never reached, but include `return` to silence compiler warnings */ +err_exit: return -1; } @@ -310,8 +310,8 @@ static LIBSSH2_PUBLICKEY *publickey_init(LIBSSH2_SESSION *session) session->pkeyInit_pkey = NULL; session->pkeyInit_channel = NULL; - _libssh2_debug(session, LIBSSH2_TRACE_PUBLICKEY, - "Initializing publickey subsystem"); + _libssh2_debug((session, LIBSSH2_TRACE_PUBLICKEY, + "Initializing publickey subsystem")); session->pkeyInit_state = libssh2_NB_state_allocated; } @@ -387,28 +387,29 @@ static LIBSSH2_PUBLICKEY *publickey_init(LIBSSH2_SESSION *session) session->pkeyInit_buffer_sent = 0; - _libssh2_debug(session, LIBSSH2_TRACE_PUBLICKEY, + _libssh2_debug((session, LIBSSH2_TRACE_PUBLICKEY, "Sending publickey advertising version %d support", - (int) LIBSSH2_PUBLICKEY_VERSION); + (int) LIBSSH2_PUBLICKEY_VERSION)); session->pkeyInit_state = libssh2_NB_state_sent2; } if(session->pkeyInit_state == libssh2_NB_state_sent2) { - rc = _libssh2_channel_write(session->pkeyInit_channel, 0, - session->pkeyInit_buffer, - 19 - session->pkeyInit_buffer_sent); - if(rc == LIBSSH2_ERROR_EAGAIN) { + ssize_t nwritten; + nwritten = _libssh2_channel_write(session->pkeyInit_channel, 0, + session->pkeyInit_buffer, + 19 - session->pkeyInit_buffer_sent); + if(nwritten == LIBSSH2_ERROR_EAGAIN) { _libssh2_error(session, LIBSSH2_ERROR_EAGAIN, "Would block sending publickey version packet"); return NULL; } - else if(rc < 0) { - _libssh2_error(session, rc, + else if(nwritten < 0) { + _libssh2_error(session, (int)nwritten, "Unable to send publickey version packet"); goto err_exit; } - session->pkeyInit_buffer_sent += rc; + session->pkeyInit_buffer_sent += nwritten; if(session->pkeyInit_buffer_sent < 19) { _libssh2_error(session, LIBSSH2_ERROR_EAGAIN, "Need to be called again to complete this"); @@ -419,7 +420,7 @@ static LIBSSH2_PUBLICKEY *publickey_init(LIBSSH2_SESSION *session) } if(session->pkeyInit_state == libssh2_NB_state_sent3) { - while(1) { + for(;;) { unsigned char *s; rc = publickey_packet_receive(session->pkeyInit_pkey, &session->pkeyInit_data, @@ -511,16 +512,16 @@ static LIBSSH2_PUBLICKEY *publickey_init(LIBSSH2_SESSION *session) session->pkeyInit_pkey->version = _libssh2_ntohu32(s); if(session->pkeyInit_pkey->version > LIBSSH2_PUBLICKEY_VERSION) { - _libssh2_debug(session, LIBSSH2_TRACE_PUBLICKEY, + _libssh2_debug((session, LIBSSH2_TRACE_PUBLICKEY, "Truncate remote publickey version " "from %lu", - session->pkeyInit_pkey->version); + session->pkeyInit_pkey->version)); session->pkeyInit_pkey->version = LIBSSH2_PUBLICKEY_VERSION; } - _libssh2_debug(session, LIBSSH2_TRACE_PUBLICKEY, + _libssh2_debug((session, LIBSSH2_TRACE_PUBLICKEY, "Enabling publickey subsystem version %lu", - session->pkeyInit_pkey->version); + session->pkeyInit_pkey->version)); LIBSSH2_FREE(session, session->pkeyInit_data); session->pkeyInit_data = NULL; session->pkeyInit_state = libssh2_NB_state_idle; @@ -538,7 +539,7 @@ static LIBSSH2_PUBLICKEY *publickey_init(LIBSSH2_SESSION *session) } /* Never reached except by direct goto */ - err_exit: +err_exit: session->pkeyInit_state = libssh2_NB_state_sent4; if(session->pkeyInit_channel) { rc = _libssh2_channel_close(session->pkeyInit_channel); @@ -607,8 +608,8 @@ libssh2_publickey_add_ex(LIBSSH2_PUBLICKEY *pkey, const unsigned char *name, if(pkey->add_state == libssh2_NB_state_idle) { pkey->add_packet = NULL; - _libssh2_debug(session, LIBSSH2_TRACE_PUBLICKEY, "Adding %s publickey", - name); + _libssh2_debug((session, LIBSSH2_TRACE_PUBLICKEY, + "Adding %s publickey", name)); if(pkey->version == 1) { for(i = 0; i < num_attrs; i++) { @@ -639,25 +640,25 @@ libssh2_publickey_add_ex(LIBSSH2_PUBLICKEY *pkey, const unsigned char *name, } pkey->add_s = pkey->add_packet; - _libssh2_htonu32(pkey->add_s, packet_len - 4); + _libssh2_htonu32(pkey->add_s, (uint32_t)(packet_len - 4)); pkey->add_s += 4; _libssh2_htonu32(pkey->add_s, sizeof("add") - 1); pkey->add_s += 4; memcpy(pkey->add_s, "add", sizeof("add") - 1); pkey->add_s += sizeof("add") - 1; if(pkey->version == 1) { - _libssh2_htonu32(pkey->add_s, comment_len); + _libssh2_htonu32(pkey->add_s, (uint32_t)comment_len); pkey->add_s += 4; if(comment) { memcpy(pkey->add_s, comment, comment_len); pkey->add_s += comment_len; } - _libssh2_htonu32(pkey->add_s, name_len); + _libssh2_htonu32(pkey->add_s, (uint32_t)name_len); pkey->add_s += 4; memcpy(pkey->add_s, name, name_len); pkey->add_s += name_len; - _libssh2_htonu32(pkey->add_s, blob_len); + _libssh2_htonu32(pkey->add_s, (uint32_t)blob_len); pkey->add_s += 4; memcpy(pkey->add_s, blob, blob_len); pkey->add_s += blob_len; @@ -665,23 +666,23 @@ libssh2_publickey_add_ex(LIBSSH2_PUBLICKEY *pkey, const unsigned char *name, else { /* Version == 2 */ - _libssh2_htonu32(pkey->add_s, name_len); + _libssh2_htonu32(pkey->add_s, (uint32_t)name_len); pkey->add_s += 4; memcpy(pkey->add_s, name, name_len); pkey->add_s += name_len; - _libssh2_htonu32(pkey->add_s, blob_len); + _libssh2_htonu32(pkey->add_s, (uint32_t)blob_len); pkey->add_s += 4; memcpy(pkey->add_s, blob, blob_len); pkey->add_s += blob_len; *(pkey->add_s++) = overwrite ? 0x01 : 0; - _libssh2_htonu32(pkey->add_s, num_attrs); + _libssh2_htonu32(pkey->add_s, (uint32_t)num_attrs); pkey->add_s += 4; for(i = 0; i < num_attrs; i++) { - _libssh2_htonu32(pkey->add_s, attrs[i].name_len); + _libssh2_htonu32(pkey->add_s, (uint32_t)attrs[i].name_len); pkey->add_s += 4; memcpy(pkey->add_s, attrs[i].name, attrs[i].name_len); pkey->add_s += attrs[i].name_len; - _libssh2_htonu32(pkey->add_s, attrs[i].value_len); + _libssh2_htonu32(pkey->add_s, (uint32_t)attrs[i].value_len); pkey->add_s += 4; memcpy(pkey->add_s, attrs[i].value, attrs[i].value_len); pkey->add_s += attrs[i].value_len; @@ -689,21 +690,22 @@ libssh2_publickey_add_ex(LIBSSH2_PUBLICKEY *pkey, const unsigned char *name, } } - _libssh2_debug(session, LIBSSH2_TRACE_PUBLICKEY, + _libssh2_debug((session, LIBSSH2_TRACE_PUBLICKEY, "Sending publickey \"add\" packet: " "type=%s blob_len=%ld num_attrs=%ld", - name, blob_len, num_attrs); + name, blob_len, num_attrs)); pkey->add_state = libssh2_NB_state_created; } if(pkey->add_state == libssh2_NB_state_created) { - rc = _libssh2_channel_write(channel, 0, pkey->add_packet, - (pkey->add_s - pkey->add_packet)); - if(rc == LIBSSH2_ERROR_EAGAIN) { - return rc; + ssize_t nwritten; + nwritten = _libssh2_channel_write(channel, 0, pkey->add_packet, + (pkey->add_s - pkey->add_packet)); + if(nwritten == LIBSSH2_ERROR_EAGAIN) { + return (int)nwritten; } - else if((pkey->add_s - pkey->add_packet) != rc) { + else if((pkey->add_s - pkey->add_packet) != nwritten) { LIBSSH2_FREE(session, pkey->add_packet); pkey->add_packet = NULL; return _libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND, @@ -758,36 +760,37 @@ libssh2_publickey_remove_ex(LIBSSH2_PUBLICKEY * pkey, } pkey->remove_s = pkey->remove_packet; - _libssh2_htonu32(pkey->remove_s, packet_len - 4); + _libssh2_htonu32(pkey->remove_s, (uint32_t)(packet_len - 4)); pkey->remove_s += 4; _libssh2_htonu32(pkey->remove_s, sizeof("remove") - 1); pkey->remove_s += 4; memcpy(pkey->remove_s, "remove", sizeof("remove") - 1); pkey->remove_s += sizeof("remove") - 1; - _libssh2_htonu32(pkey->remove_s, name_len); + _libssh2_htonu32(pkey->remove_s, (uint32_t)name_len); pkey->remove_s += 4; memcpy(pkey->remove_s, name, name_len); pkey->remove_s += name_len; - _libssh2_htonu32(pkey->remove_s, blob_len); + _libssh2_htonu32(pkey->remove_s, (uint32_t)blob_len); pkey->remove_s += 4; memcpy(pkey->remove_s, blob, blob_len); pkey->remove_s += blob_len; - _libssh2_debug(session, LIBSSH2_TRACE_PUBLICKEY, + _libssh2_debug((session, LIBSSH2_TRACE_PUBLICKEY, "Sending publickey \"remove\" packet: " "type=%s blob_len=%ld", - name, blob_len); + name, blob_len)); pkey->remove_state = libssh2_NB_state_created; } if(pkey->remove_state == libssh2_NB_state_created) { - rc = _libssh2_channel_write(channel, 0, pkey->remove_packet, - (pkey->remove_s - pkey->remove_packet)); - if(rc == LIBSSH2_ERROR_EAGAIN) { - return rc; + ssize_t nwritten; + nwritten = _libssh2_channel_write(channel, 0, pkey->remove_packet, + (pkey->remove_s - pkey->remove_packet)); + if(nwritten == LIBSSH2_ERROR_EAGAIN) { + return (int)nwritten; } - else if((pkey->remove_s - pkey->remove_packet) != rc) { + else if((pkey->remove_s - pkey->remove_packet) != nwritten) { LIBSSH2_FREE(session, pkey->remove_packet); pkey->remove_packet = NULL; pkey->remove_state = libssh2_NB_state_idle; @@ -835,28 +838,29 @@ libssh2_publickey_list_fetch(LIBSSH2_PUBLICKEY * pkey, unsigned long *num_keys, pkey->listFetch_data = NULL; pkey->listFetch_s = pkey->listFetch_buffer; - _libssh2_htonu32(pkey->listFetch_s, buffer_len - 4); + _libssh2_htonu32(pkey->listFetch_s, (uint32_t)(buffer_len - 4)); pkey->listFetch_s += 4; _libssh2_htonu32(pkey->listFetch_s, sizeof("list") - 1); pkey->listFetch_s += 4; memcpy(pkey->listFetch_s, "list", sizeof("list") - 1); pkey->listFetch_s += sizeof("list") - 1; - _libssh2_debug(session, LIBSSH2_TRACE_PUBLICKEY, - "Sending publickey \"list\" packet"); + _libssh2_debug((session, LIBSSH2_TRACE_PUBLICKEY, + "Sending publickey \"list\" packet")); pkey->listFetch_state = libssh2_NB_state_created; } if(pkey->listFetch_state == libssh2_NB_state_created) { - rc = _libssh2_channel_write(channel, 0, - pkey->listFetch_buffer, - (pkey->listFetch_s - - pkey->listFetch_buffer)); - if(rc == LIBSSH2_ERROR_EAGAIN) { - return rc; + ssize_t nwritten; + nwritten = _libssh2_channel_write(channel, 0, + pkey->listFetch_buffer, + (pkey->listFetch_s - + pkey->listFetch_buffer)); + if(nwritten == LIBSSH2_ERROR_EAGAIN) { + return (int)nwritten; } - else if((pkey->listFetch_s - pkey->listFetch_buffer) != rc) { + else if((pkey->listFetch_s - pkey->listFetch_buffer) != nwritten) { pkey->listFetch_state = libssh2_NB_state_idle; return _libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND, "Unable to send publickey list packet"); @@ -865,7 +869,7 @@ libssh2_publickey_list_fetch(LIBSSH2_PUBLICKEY * pkey, unsigned long *num_keys, pkey->listFetch_state = libssh2_NB_state_sent; } - while(1) { + for(;;) { rc = publickey_packet_receive(pkey, &pkey->listFetch_data, &pkey->listFetch_data_len); if(rc == LIBSSH2_ERROR_EAGAIN) { @@ -1197,7 +1201,7 @@ libssh2_publickey_list_fetch(LIBSSH2_PUBLICKEY * pkey, unsigned long *num_keys, } /* Only reached via explicit goto */ - err_exit: +err_exit: if(pkey->listFetch_data) { LIBSSH2_FREE(session, pkey->listFetch_data); pkey->listFetch_data = NULL; diff --git a/libssh2/src/scp.c b/libssh2/src/scp.c index 8cb3d65c3..ede0b88c9 100644 --- a/libssh2/src/scp.c +++ b/libssh2/src/scp.c @@ -37,12 +37,19 @@ */ #include "libssh2_priv.h" -#include -#include #include "channel.h" #include "session.h" +#include /* strtoll(), _strtoi64(), strtol() */ + +#if defined(HAVE_STRTOLL) +#define scpsize_strtol strtoll +#elif defined(HAVE_STRTOI64) +#define scpsize_strtol _strtoi64 +#else +#define scpsize_strtol strtol +#endif /* Max. length of a quoted string after libssh2_shell_quotearg() processing */ #define _libssh2_shell_quotedsize(s) (3 * strlen(s) + 2) @@ -112,7 +119,7 @@ References: o csh-compatible quotation (special handling for '!' etc.), see - http://www.grymoire.com/Unix/Csh.html#toc-uh-10 + https://www.grymoire.com/Unix/Csh.html#toc-uh-10 Return value: Length of the resulting string (not counting the terminating '\0'), @@ -122,9 +129,9 @@ until then it is kept static and in this source file. */ -static unsigned +static size_t shell_quotearg(const char *path, unsigned char *buf, - unsigned bufsize) + size_t bufsize) { const char *src; unsigned char *dst, *endp; @@ -270,7 +277,7 @@ shell_quotearg(const char *path, unsigned char *buf, static LIBSSH2_CHANNEL * scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb) { - int cmd_len; + size_t cmd_len; int rc; int tmp_err_code; const char *tmp_err_msg; @@ -282,7 +289,7 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb) session->scpRecv_atime = 0; session->scpRecv_command_len = - _libssh2_shell_quotedsize(path) + sizeof("scp -f ") + (sb?1:0); + _libssh2_shell_quotedsize(path) + sizeof("scp -f ") + (sb ? 1 : 0); session->scpRecv_command = LIBSSH2_ALLOC(session, session->scpRecv_command_len); @@ -296,18 +303,30 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb) snprintf((char *)session->scpRecv_command, session->scpRecv_command_len, - "scp -%sf ", sb?"p":""); + "scp -%sf ", sb ? "p" : ""); cmd_len = strlen((char *)session->scpRecv_command); - cmd_len += shell_quotearg(path, - &session->scpRecv_command[cmd_len], - session->scpRecv_command_len - cmd_len); + + if(!session->flag.quote_paths) { + size_t path_len; + + path_len = strlen(path); + + /* no NUL-termination needed, so memcpy will do */ + memcpy(&session->scpRecv_command[cmd_len], path, path_len); + cmd_len += path_len; + } + else { + cmd_len += shell_quotearg(path, + &session->scpRecv_command[cmd_len], + session->scpRecv_command_len - cmd_len); + } /* the command to exec should _not_ be NUL-terminated */ session->scpRecv_command_len = cmd_len; - _libssh2_debug(session, LIBSSH2_TRACE_SCP, - "Opening channel for SCP receive"); + _libssh2_debug((session, LIBSSH2_TRACE_SCP, + "Opening channel for SCP receive")); session->scpRecv_state = libssh2_NB_state_created; } @@ -356,7 +375,7 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb) LIBSSH2_FREE(session, session->scpRecv_command); session->scpRecv_command = NULL; - _libssh2_debug(session, LIBSSH2_TRACE_SCP, "Sending initial wakeup"); + _libssh2_debug((session, LIBSSH2_TRACE_SCP, "Sending initial wakeup")); /* SCP ACK */ session->scpRecv_response[0] = '\0'; @@ -364,8 +383,8 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb) } if(session->scpRecv_state == libssh2_NB_state_sent1) { - rc = _libssh2_channel_write(session->scpRecv_channel, 0, - session->scpRecv_response, 1); + rc = (int)_libssh2_channel_write(session->scpRecv_channel, 0, + session->scpRecv_response, 1); if(rc == LIBSSH2_ERROR_EAGAIN) { _libssh2_error(session, LIBSSH2_ERROR_EAGAIN, "Would block sending initial wakeup"); @@ -384,14 +403,15 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb) if((session->scpRecv_state == libssh2_NB_state_sent2) || (session->scpRecv_state == libssh2_NB_state_sent3)) { while(sb && (session->scpRecv_response_len < - LIBSSH2_SCP_RESPONSE_BUFLEN)) { + LIBSSH2_SCP_RESPONSE_BUFLEN)) { unsigned char *s, *p; if(session->scpRecv_state == libssh2_NB_state_sent2) { - rc = _libssh2_channel_read(session->scpRecv_channel, 0, - (char *) session-> - scpRecv_response + - session->scpRecv_response_len, 1); + rc = (int)_libssh2_channel_read(session->scpRecv_channel, 0, + (char *) session-> + scpRecv_response + + session->scpRecv_response_len, + 1); if(rc == LIBSSH2_ERROR_EAGAIN) { _libssh2_error(session, LIBSSH2_ERROR_EAGAIN, "Would block waiting for SCP response"); @@ -435,9 +455,9 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb) /* zero terminate the error */ err_msg[err_len] = 0; - _libssh2_debug(session, LIBSSH2_TRACE_SCP, + _libssh2_debug((session, LIBSSH2_TRACE_SCP, "got %02x %s", session->scpRecv_response[0], - err_msg); + err_msg)); _libssh2_error(session, LIBSSH2_ERROR_SCP_PROTOCOL, "Failed to recv file"); @@ -550,8 +570,8 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb) } if(session->scpRecv_state == libssh2_NB_state_sent3) { - rc = _libssh2_channel_write(session->scpRecv_channel, 0, - session->scpRecv_response, 1); + rc = (int)_libssh2_channel_write(session->scpRecv_channel, 0, + session->scpRecv_response, 1); if(rc == LIBSSH2_ERROR_EAGAIN) { _libssh2_error(session, LIBSSH2_ERROR_EAGAIN, "Would block waiting to send SCP ACK"); @@ -561,9 +581,10 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb) goto scp_recv_error; } - _libssh2_debug(session, LIBSSH2_TRACE_SCP, + _libssh2_debug((session, LIBSSH2_TRACE_SCP, "mtime = %ld, atime = %ld", - session->scpRecv_mtime, session->scpRecv_atime); + session->scpRecv_mtime, + session->scpRecv_atime)); /* We *should* check that atime.usec is valid, but why let that stop use? */ @@ -586,17 +607,18 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb) char *s, *p, *e = NULL; if(session->scpRecv_state == libssh2_NB_state_sent5) { - rc = _libssh2_channel_read(session->scpRecv_channel, 0, - (char *) session-> - scpRecv_response + - session->scpRecv_response_len, 1); + rc = (int)_libssh2_channel_read(session->scpRecv_channel, 0, + (char *) session-> + scpRecv_response + + session->scpRecv_response_len, + 1); if(rc == LIBSSH2_ERROR_EAGAIN) { _libssh2_error(session, LIBSSH2_ERROR_EAGAIN, "Would block waiting for SCP response"); return NULL; } else if(rc < 0) { - /* error, bail out*/ + /* error, bail out */ _libssh2_error(session, rc, "Failed reading SCP response"); goto scp_recv_error; } @@ -678,7 +700,6 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb) *(p++) = '\0'; /* Make sure we don't get fooled by leftover values */ - session->scpRecv_mode = strtol(s, &e, 8); if(e && *e) { _libssh2_error(session, LIBSSH2_ERROR_SCP_PROTOCOL, @@ -713,8 +734,8 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb) } if(session->scpRecv_state == libssh2_NB_state_sent6) { - rc = _libssh2_channel_write(session->scpRecv_channel, 0, - session->scpRecv_response, 1); + rc = (int)_libssh2_channel_write(session->scpRecv_channel, 0, + session->scpRecv_response, 1); if(rc == LIBSSH2_ERROR_EAGAIN) { _libssh2_error(session, LIBSSH2_ERROR_EAGAIN, "Would block sending SCP ACK"); @@ -723,9 +744,9 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb) else if(rc != 1) { goto scp_recv_error; } - _libssh2_debug(session, LIBSSH2_TRACE_SCP, + _libssh2_debug((session, LIBSSH2_TRACE_SCP, "mode = 0%lo size = %ld", session->scpRecv_mode, - session->scpRecv_size); + session->scpRecv_size)); /* We *should* check that basename is valid, but why let that stop us? */ @@ -748,7 +769,7 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb) session->scpRecv_state = libssh2_NB_state_idle; return session->scpRecv_channel; - scp_recv_empty_channel: +scp_recv_empty_channel: /* the code only jumps here as a result of a zero read from channel_read() so we check EOF status to avoid getting stuck in a loop */ if(libssh2_channel_eof(session->scpRecv_channel)) @@ -757,7 +778,7 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb) else return session->scpRecv_channel; /* fall-through */ - scp_recv_error: +scp_recv_error: tmp_err_code = session->err_code; tmp_err_msg = session->err_msg; while(libssh2_channel_free(session->scpRecv_channel) == @@ -780,7 +801,7 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb) * */ LIBSSH2_API LIBSSH2_CHANNEL * -libssh2_scp_recv(LIBSSH2_SESSION *session, const char *path, struct stat * sb) +libssh2_scp_recv(LIBSSH2_SESSION *session, const char *path, struct stat *sb) { LIBSSH2_CHANNEL *ptr; @@ -823,7 +844,7 @@ libssh2_scp_recv2(LIBSSH2_SESSION *session, const char *path, } /* - * scp_send() + * scp_send * * Send a file using SCP * @@ -832,7 +853,7 @@ static LIBSSH2_CHANNEL * scp_send(LIBSSH2_SESSION * session, const char *path, int mode, libssh2_int64_t size, time_t mtime, time_t atime) { - int cmd_len; + size_t cmd_len; int rc; int tmp_err_code; const char *tmp_err_msg; @@ -840,7 +861,7 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode, if(session->scpSend_state == libssh2_NB_state_idle) { session->scpSend_command_len = _libssh2_shell_quotedsize(path) + sizeof("scp -t ") + - ((mtime || atime)?1:0); + ((mtime || atime) ? 1 : 0); session->scpSend_command = LIBSSH2_ALLOC(session, session->scpSend_command_len); @@ -854,18 +875,31 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode, snprintf((char *)session->scpSend_command, session->scpSend_command_len, - "scp -%st ", (mtime || atime)?"p":""); + "scp -%st ", (mtime || atime) ? "p" : ""); cmd_len = strlen((char *)session->scpSend_command); - cmd_len += shell_quotearg(path, - &session->scpSend_command[cmd_len], - session->scpSend_command_len - cmd_len); + + if(!session->flag.quote_paths) { + size_t path_len; + + path_len = strlen(path); + + /* no NUL-termination needed, so memcpy will do */ + memcpy(&session->scpSend_command[cmd_len], path, path_len); + cmd_len += path_len; + + } + else { + cmd_len += shell_quotearg(path, + &session->scpSend_command[cmd_len], + session->scpSend_command_len - cmd_len); + } /* the command to exec should _not_ be NUL-terminated */ session->scpSend_command_len = cmd_len; - _libssh2_debug(session, LIBSSH2_TRACE_SCP, - "Opening channel for SCP send"); + _libssh2_debug((session, LIBSSH2_TRACE_SCP, + "Opening channel for SCP send")); /* Allocate a channel */ session->scpSend_state = libssh2_NB_state_created; @@ -922,8 +956,8 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode, if(session->scpSend_state == libssh2_NB_state_sent1) { /* Wait for ACK */ - rc = _libssh2_channel_read(session->scpSend_channel, 0, - (char *) session->scpSend_response, 1); + rc = (int)_libssh2_channel_read(session->scpSend_channel, 0, + (char *) session->scpSend_response, 1); if(rc == LIBSSH2_ERROR_EAGAIN) { _libssh2_error(session, LIBSSH2_ERROR_EAGAIN, "Would block waiting for response from remote"); @@ -936,7 +970,7 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode, else if(!rc) /* remain in the same state */ goto scp_send_empty_channel; - else if(session->scpSend_response[0] != 0) { + else if(session->scpSend_response[0]) { _libssh2_error(session, LIBSSH2_ERROR_SCP_PROTOCOL, "Invalid ACK response from remote"); goto scp_send_error; @@ -947,8 +981,8 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode, snprintf((char *) session->scpSend_response, LIBSSH2_SCP_RESPONSE_BUFLEN, "T%ld 0 %ld 0\n", (long)mtime, (long)atime); - _libssh2_debug(session, LIBSSH2_TRACE_SCP, "Sent %s", - session->scpSend_response); + _libssh2_debug((session, LIBSSH2_TRACE_SCP, "Sent %s", + session->scpSend_response)); } session->scpSend_state = libssh2_NB_state_sent2; @@ -957,9 +991,9 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode, /* Send mtime and atime to be used for file */ if(mtime || atime) { if(session->scpSend_state == libssh2_NB_state_sent2) { - rc = _libssh2_channel_write(session->scpSend_channel, 0, - session->scpSend_response, - session->scpSend_response_len); + rc = (int)_libssh2_channel_write(session->scpSend_channel, 0, + session->scpSend_response, + session->scpSend_response_len); if(rc == LIBSSH2_ERROR_EAGAIN) { _libssh2_error(session, LIBSSH2_ERROR_EAGAIN, "Would block sending time data for SCP file"); @@ -976,8 +1010,9 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode, if(session->scpSend_state == libssh2_NB_state_sent3) { /* Wait for ACK */ - rc = _libssh2_channel_read(session->scpSend_channel, 0, - (char *) session->scpSend_response, 1); + rc = (int)_libssh2_channel_read(session->scpSend_channel, 0, + (char *) session->scpSend_response, + 1); if(rc == LIBSSH2_ERROR_EAGAIN) { _libssh2_error(session, LIBSSH2_ERROR_EAGAIN, "Would block waiting for response"); @@ -990,7 +1025,7 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode, else if(!rc) /* remain in the same state */ goto scp_send_empty_channel; - else if(session->scpSend_response[0] != 0) { + else if(session->scpSend_response[0]) { _libssh2_error(session, LIBSSH2_ERROR_SCP_PROTOCOL, "Invalid SCP ACK response"); goto scp_send_error; @@ -1018,16 +1053,16 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode, LIBSSH2_SCP_RESPONSE_BUFLEN, "C0%o %" LIBSSH2_INT64_T_FORMAT " %s\n", mode, size, base); - _libssh2_debug(session, LIBSSH2_TRACE_SCP, "Sent %s", - session->scpSend_response); + _libssh2_debug((session, LIBSSH2_TRACE_SCP, "Sent %s", + session->scpSend_response)); session->scpSend_state = libssh2_NB_state_sent5; } if(session->scpSend_state == libssh2_NB_state_sent5) { - rc = _libssh2_channel_write(session->scpSend_channel, 0, - session->scpSend_response, - session->scpSend_response_len); + rc = (int)_libssh2_channel_write(session->scpSend_channel, 0, + session->scpSend_response, + session->scpSend_response_len); if(rc == LIBSSH2_ERROR_EAGAIN) { _libssh2_error(session, LIBSSH2_ERROR_EAGAIN, "Would block send core file data for SCP file"); @@ -1044,8 +1079,9 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode, if(session->scpSend_state == libssh2_NB_state_sent6) { /* Wait for ACK */ - rc = _libssh2_channel_read(session->scpSend_channel, 0, - (char *) session->scpSend_response, 1); + rc = (int)_libssh2_channel_read(session->scpSend_channel, 0, + (char *) session->scpSend_response, + 1); if(rc == LIBSSH2_ERROR_EAGAIN) { _libssh2_error(session, LIBSSH2_ERROR_EAGAIN, "Would block waiting for response"); @@ -1059,7 +1095,7 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode, else if(rc == 0) goto scp_send_empty_channel; - else if(session->scpSend_response[0] != 0) { + else if(session->scpSend_response[0]) { size_t err_len; char *err_msg; @@ -1073,13 +1109,13 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode, } /* Read the remote error message */ - rc = _libssh2_channel_read(session->scpSend_channel, 0, - err_msg, err_len); + rc = (int)_libssh2_channel_read(session->scpSend_channel, 0, + err_msg, err_len); if(rc > 0) { err_msg[err_len] = 0; - _libssh2_debug(session, LIBSSH2_TRACE_SCP, + _libssh2_debug((session, LIBSSH2_TRACE_SCP, "got %02x %s", session->scpSend_response[0], - err_msg); + err_msg)); } LIBSSH2_FREE(session, err_msg); _libssh2_error(session, LIBSSH2_ERROR_SCP_PROTOCOL, @@ -1091,7 +1127,7 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode, session->scpSend_state = libssh2_NB_state_idle; return session->scpSend_channel; - scp_send_empty_channel: +scp_send_empty_channel: /* the code only jumps here as a result of a zero read from channel_read() so we check EOF status to avoid getting stuck in a loop */ if(libssh2_channel_eof(session->scpSend_channel)) { @@ -1101,7 +1137,7 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode, else return session->scpSend_channel; /* fall-through */ - scp_send_error: +scp_send_error: tmp_err_code = session->err_code; tmp_err_msg = session->err_msg; while(libssh2_channel_free(session->scpSend_channel) == diff --git a/libssh2/src/session.c b/libssh2/src/session.c index 212560b88..a4d602bad 100644 --- a/libssh2/src/session.c +++ b/libssh2/src/session.c @@ -38,32 +38,40 @@ */ #include "libssh2_priv.h" -#include + +#ifdef WIN32 +#include /* for socklen_t */ +#endif #ifdef HAVE_UNISTD_H #include #endif -#include -#include - -#ifdef HAVE_GETTIMEOFDAY -#include -#endif #ifdef HAVE_ALLOCA_H #include #endif +#include +#include +#include + #include "transport.h" #include "session.h" #include "channel.h" #include "mac.h" -#include "misc.h" + +#if defined(WIN32) +#define libssh2_usec_t long +#elif defined(__APPLE__) +#define libssh2_usec_t suseconds_t +#else +#undef libssh2_usec_t +#endif /* libssh2_default_alloc */ static LIBSSH2_ALLOC_FUNC(libssh2_default_alloc) { - (void) abstract; + (void)abstract; return malloc(count); } @@ -72,7 +80,7 @@ LIBSSH2_ALLOC_FUNC(libssh2_default_alloc) static LIBSSH2_FREE_FUNC(libssh2_default_free) { - (void) abstract; + (void)abstract; free(ptr); } @@ -81,7 +89,7 @@ LIBSSH2_FREE_FUNC(libssh2_default_free) static LIBSSH2_REALLOC_FUNC(libssh2_default_realloc) { - (void) abstract; + (void)abstract; return realloc(ptr, count); } @@ -96,8 +104,8 @@ LIBSSH2_REALLOC_FUNC(libssh2_default_realloc) static int banner_receive(LIBSSH2_SESSION * session) { - int ret; - int banner_len; + ssize_t ret; + size_t banner_len; if(session->banner_TxRx_state == libssh2_NB_state_idle) { banner_len = 0; @@ -108,25 +116,25 @@ banner_receive(LIBSSH2_SESSION * session) banner_len = session->banner_TxRx_total_send; } - while((banner_len < (int) sizeof(session->banner_TxRx_banner)) && - ((banner_len == 0) - || (session->banner_TxRx_banner[banner_len - 1] != '\n'))) { + while((banner_len < sizeof(session->banner_TxRx_banner)) && + ((banner_len == 0) + || (session->banner_TxRx_banner[banner_len - 1] != '\n'))) { char c = '\0'; /* no incoming block yet! */ session->socket_block_directions &= ~LIBSSH2_SESSION_BLOCK_INBOUND; ret = LIBSSH2_RECV(session, &c, 1, - LIBSSH2_SOCKET_RECV_FLAGS(session)); + LIBSSH2_SOCKET_RECV_FLAGS(session)); if(ret < 0) { if(session->api_block_mode || (ret != -EAGAIN)) /* ignore EAGAIN when non-blocking */ - _libssh2_debug(session, LIBSSH2_TRACE_SOCKET, - "Error recving %d bytes: %d", 1, -ret); + _libssh2_debug((session, LIBSSH2_TRACE_SOCKET, + "Error recving %d bytes: %d", 1, (int)-ret)); } else - _libssh2_debug(session, LIBSSH2_TRACE_SOCKET, - "Recved %d bytes banner", ret); + _libssh2_debug((session, LIBSSH2_TRACE_SOCKET, + "Recved %d bytes banner", (int)ret)); if(ret < 0) { if(ret == -EAGAIN) { @@ -147,6 +155,10 @@ banner_receive(LIBSSH2_SESSION * session) return LIBSSH2_ERROR_SOCKET_DISCONNECT; } + if((c == '\r' || c == '\n') && banner_len == 0) { + continue; + } + if(c == '\0') { /* NULLs are not allowed in SSH banners */ session->banner_TxRx_state = libssh2_NB_state_idle; @@ -158,8 +170,8 @@ banner_receive(LIBSSH2_SESSION * session) } while(banner_len && - ((session->banner_TxRx_banner[banner_len - 1] == '\n') || - (session->banner_TxRx_banner[banner_len - 1] == '\r'))) { + ((session->banner_TxRx_banner[banner_len - 1] == '\n') || + (session->banner_TxRx_banner[banner_len - 1] == '\r'))) { banner_len--; } @@ -180,8 +192,8 @@ banner_receive(LIBSSH2_SESSION * session) } memcpy(session->remote.banner, session->banner_TxRx_banner, banner_len); session->remote.banner[banner_len] = '\0'; - _libssh2_debug(session, LIBSSH2_TRACE_TRANS, "Received Banner: %s", - session->remote.banner); + _libssh2_debug((session, LIBSSH2_TRACE_TRANS, "Received Banner: %s", + session->remote.banner)); return LIBSSH2_ERROR_NONE; } @@ -199,11 +211,8 @@ static int banner_send(LIBSSH2_SESSION * session) { char *banner = (char *) LIBSSH2_SSH_DEFAULT_BANNER_WITH_CRLF; - int banner_len = sizeof(LIBSSH2_SSH_DEFAULT_BANNER_WITH_CRLF) - 1; + size_t banner_len = sizeof(LIBSSH2_SSH_DEFAULT_BANNER_WITH_CRLF) - 1; ssize_t ret; -#ifdef LIBSSH2DEBUG - char banner_dup[256]; -#endif if(session->banner_TxRx_state == libssh2_NB_state_idle) { if(session->local.banner) { @@ -212,18 +221,22 @@ banner_send(LIBSSH2_SESSION * session) banner = (char *) session->local.banner; } #ifdef LIBSSH2DEBUG - /* Hack and slash to avoid sending CRLF in debug output */ - if(banner_len < 256) { - memcpy(banner_dup, banner, banner_len - 2); - banner_dup[banner_len - 2] = '\0'; - } - else { - memcpy(banner_dup, banner, 255); - banner_dup[255] = '\0'; - } + { + char banner_dup[256]; - _libssh2_debug(session, LIBSSH2_TRACE_TRANS, "Sending Banner: %s", - banner_dup); + /* Hack and slash to avoid sending CRLF in debug output */ + if(banner_len < 256) { + memcpy(banner_dup, banner, banner_len - 2); + banner_dup[banner_len - 2] = '\0'; + } + else { + memcpy(banner_dup, banner, 255); + banner_dup[255] = '\0'; + } + + _libssh2_debug((session, LIBSSH2_TRACE_TRANS, + "Sending Banner: %s", banner_dup)); + } #endif session->banner_TxRx_state = libssh2_NB_state_created; @@ -233,20 +246,20 @@ banner_send(LIBSSH2_SESSION * session) session->socket_block_directions &= ~LIBSSH2_SESSION_BLOCK_OUTBOUND; ret = LIBSSH2_SEND(session, - banner + session->banner_TxRx_total_send, - banner_len - session->banner_TxRx_total_send, - LIBSSH2_SOCKET_SEND_FLAGS(session)); + banner + session->banner_TxRx_total_send, + banner_len - session->banner_TxRx_total_send, + LIBSSH2_SOCKET_SEND_FLAGS(session)); if(ret < 0) - _libssh2_debug(session, LIBSSH2_TRACE_SOCKET, + _libssh2_debug((session, LIBSSH2_TRACE_SOCKET, "Error sending %d bytes: %d", - banner_len - session->banner_TxRx_total_send, -ret); + banner_len - session->banner_TxRx_total_send, -ret)); else - _libssh2_debug(session, LIBSSH2_TRACE_SOCKET, + _libssh2_debug((session, LIBSSH2_TRACE_SOCKET, "Sent %d/%d bytes at %p+%d", ret, banner_len - session->banner_TxRx_total_send, - banner, session->banner_TxRx_total_send); + banner, session->banner_TxRx_total_send)); - if(ret != (banner_len - session->banner_TxRx_total_send)) { + if(ret != (ssize_t)(banner_len - session->banner_TxRx_total_send)) { if(ret >= 0 || ret == -EAGAIN) { /* the whole packet could not be sent, save the what was */ session->socket_block_directions = @@ -276,8 +289,6 @@ static int session_nonblock(libssh2_socket_t sockfd, /* operate on this */ int nonblock /* TRUE or FALSE */ ) { -#undef SETBLOCK -#define SETBLOCK 0 #ifdef HAVE_O_NONBLOCK /* most recent unix versions */ int flags; @@ -287,66 +298,39 @@ session_nonblock(libssh2_socket_t sockfd, /* operate on this */ return fcntl(sockfd, F_SETFL, flags | O_NONBLOCK); else return fcntl(sockfd, F_SETFL, flags & (~O_NONBLOCK)); -#undef SETBLOCK -#define SETBLOCK 1 -#endif - -#if defined(HAVE_FIONBIO) && (SETBLOCK == 0) - /* older unix versions and VMS*/ +#elif defined(HAVE_FIONBIO) + /* older unix versions and VMS */ int flags; flags = nonblock; return ioctl(sockfd, FIONBIO, &flags); -#undef SETBLOCK -#define SETBLOCK 2 -#endif - -#if defined(HAVE_IOCTLSOCKET) && (SETBLOCK == 0) - /* Windows? */ - unsigned long flags; - flags = nonblock; - - return ioctlsocket(sockfd, FIONBIO, &flags); -#undef SETBLOCK -#define SETBLOCK 3 -#endif - -#if defined(HAVE_IOCTLSOCKET_CASE) && (SETBLOCK == 0) +#elif defined(HAVE_IOCTLSOCKET_CASE) /* presumably for Amiga */ return IoctlSocket(sockfd, FIONBIO, (long) nonblock); -#undef SETBLOCK -#define SETBLOCK 4 -#endif - -#if defined(HAVE_SO_NONBLOCK) && (SETBLOCK == 0) +#elif defined(HAVE_SO_NONBLOCK) /* BeOS */ long b = nonblock ? 1 : 0; return setsockopt(sockfd, SOL_SOCKET, SO_NONBLOCK, &b, sizeof(b)); -#undef SETBLOCK -#define SETBLOCK 5 -#endif +#elif defined(WIN32) + unsigned long flags; -#ifdef HAVE_DISABLED_NONBLOCKING + flags = nonblock; + return ioctlsocket(sockfd, FIONBIO, &flags); +#else + (void)sockfd; + (void)nonblock; return 0; /* returns success */ -#undef SETBLOCK -#define SETBLOCK 6 -#endif - -#if(SETBLOCK == 0) -#error "no non-blocking method was found/used/set" #endif } /* - * get_socket_nonblocking() + * get_socket_nonblocking * * gets the given blocking or non-blocking state of the socket. */ static int -get_socket_nonblocking(int sockfd) +get_socket_nonblocking(libssh2_socket_t sockfd) { /* operate on this */ -#undef GETBLOCK -#define GETBLOCK 0 #ifdef HAVE_O_NONBLOCK /* most recent unix versions */ int flags = fcntl(sockfd, F_GETFL, 0); @@ -356,26 +340,7 @@ get_socket_nonblocking(int sockfd) return 1; } return (flags & O_NONBLOCK); -#undef GETBLOCK -#define GETBLOCK 1 -#endif - -#if defined(WSAEWOULDBLOCK) && (GETBLOCK == 0) - /* Windows? */ - unsigned int option_value; - socklen_t option_len = sizeof(option_value); - - if(getsockopt - (sockfd, SOL_SOCKET, SO_ERROR, (void *) &option_value, &option_len)) { - /* Assume blocking on error */ - return 1; - } - return (int) option_value; -#undef GETBLOCK -#define GETBLOCK 2 -#endif - -#if defined(HAVE_SO_NONBLOCK) && (GETBLOCK == 0) +#elif defined(HAVE_SO_NONBLOCK) /* BeOS */ long b; if(getsockopt(sockfd, SOL_SOCKET, SO_NONBLOCK, &b, sizeof(b))) { @@ -383,12 +348,7 @@ get_socket_nonblocking(int sockfd) return 1; } return (int) b; -#undef GETBLOCK -#define GETBLOCK 5 -#endif - -#if defined(SO_STATE) && defined(__VMS) && (GETBLOCK == 0) - +#elif defined(SO_STATE) && defined(__VMS) /* VMS TCP/IP Services */ size_t sockstat = 0; @@ -396,23 +356,27 @@ get_socket_nonblocking(int sockfd) size_t size = sizeof(int); callstat = getsockopt(sockfd, SOL_SOCKET, SO_STATE, - (char *)&sockstat, &size); - if(callstat == -1) return 0; - if((sockstat&SS_NBIO) != 0) return 1; + (char *)&sockstat, &size); + if(callstat == -1) { + return 0; + } + if((sockstat&SS_NBIO) != 0) { + return 1; + } return 0; +#elif defined(WIN32) + unsigned int option_value; + socklen_t option_len = sizeof(option_value); -#undef GETBLOCK -#define GETBLOCK 6 -#endif - -#ifdef HAVE_DISABLED_NONBLOCKING + if(getsockopt(sockfd, SOL_SOCKET, SO_ERROR, + (void *) &option_value, &option_len)) { + /* Assume blocking on error */ + return 1; + } + return (int) option_value; +#else + (void)sockfd; return 1; /* returns blocking */ -#undef GETBLOCK -#define GETBLOCK 7 -#endif - -#if(GETBLOCK == 0) -#error "no non-blocking method was found/used/get" #endif } @@ -442,8 +406,8 @@ libssh2_session_banner_set(LIBSSH2_SESSION * session, const char *banner) /* first zero terminate like this so that the debug output is nice */ session->local.banner[banner_len] = '\0'; - _libssh2_debug(session, LIBSSH2_TRACE_TRANS, "Setting local Banner: %s", - session->local.banner); + _libssh2_debug((session, LIBSSH2_TRACE_TRANS, "Setting local Banner: %s", + session->local.banner)); session->local.banner[banner_len++] = '\r'; session->local.banner[banner_len++] = '\n'; session->local.banner[banner_len] = '\0'; @@ -500,8 +464,11 @@ libssh2_session_init_ex(LIBSSH2_ALLOC_FUNC((*my_alloc)), session->abstract = abstract; session->api_timeout = 0; /* timeout-free API by default */ session->api_block_mode = 1; /* blocking API by default */ - _libssh2_debug(session, LIBSSH2_TRACE_TRANS, - "New session resource allocated"); + session->packet_read_timeout = LIBSSH2_DEFAULT_READ_TIMEOUT; + session->flag.quote_paths = 1; /* default behavior is to quote paths + for the scp subsystem */ + _libssh2_debug((session, LIBSSH2_TRACE_TRANS, + "New session resource allocated")); _libssh2_init_if_needed(); } return session; @@ -516,8 +483,14 @@ libssh2_session_init_ex(LIBSSH2_ALLOC_FUNC((*my_alloc)), * ALERT: this function relies on that we can typecast function pointers * to void pointers, which isn't allowed in ISO C! */ +#ifdef _MSC_VER +#pragma warning(push) +/* nonstandard extension, function/data pointer conversion in expression */ +#pragma warning(disable:4152) +#else #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wpedantic" +#endif LIBSSH2_API void * libssh2_session_callback_set(LIBSSH2_SESSION * session, int cbtype, void *callback) @@ -559,16 +532,35 @@ libssh2_session_callback_set(LIBSSH2_SESSION * session, oldcb = session->recv; session->recv = callback; return oldcb; + + case LIBSSH2_CALLBACK_AUTHAGENT: + oldcb = session->authagent; + session->authagent = callback; + return oldcb; + + case LIBSSH2_CALLBACK_AUTHAGENT_IDENTITIES: + oldcb = session->addLocalIdentities; + session->addLocalIdentities = callback; + return oldcb; + + case LIBSSH2_CALLBACK_AUTHAGENT_SIGN: + oldcb = session->agentSignCallback; + session->agentSignCallback = callback; + return oldcb; } - _libssh2_debug(session, LIBSSH2_TRACE_TRANS, "Setting Callback %d", - cbtype); + _libssh2_debug((session, LIBSSH2_TRACE_TRANS, "Setting Callback %d", + cbtype)); return NULL; } +#ifdef _MSC_VER +#pragma warning(pop) +#else #pragma GCC diagnostic pop +#endif /* - * _libssh2_wait_socket() + * _libssh2_wait_socket * * Utility function that waits for action on the socket. Returns 0 when ready * to run again or error on timeout. @@ -598,8 +590,8 @@ int _libssh2_wait_socket(LIBSSH2_SESSION *session, time_t start_time) dir = libssh2_session_block_directions(session); if(!dir) { - _libssh2_debug(session, LIBSSH2_TRACE_SOCKET, - "Nothing to wait for in wait_socket"); + _libssh2_debug((session, LIBSSH2_TRACE_SOCKET, + "Nothing to wait for in wait_socket")); /* To avoid that we hang below just because there's nothing set to wait for, we timeout on 1 second to also avoid busy-looping during this condition */ @@ -638,7 +630,7 @@ int _libssh2_wait_socket(LIBSSH2_SESSION *session, time_t start_time) if(dir & LIBSSH2_SESSION_BLOCK_OUTBOUND) sockets[0].events |= POLLOUT; - rc = poll(sockets, 1, has_timeout?ms_to_next: -1); + rc = poll(sockets, 1, has_timeout ? (int)ms_to_next : -1); } #else { @@ -649,7 +641,11 @@ int _libssh2_wait_socket(LIBSSH2_SESSION *session, time_t start_time) struct timeval tv; tv.tv_sec = ms_to_next / 1000; +#ifdef libssh2_usec_t + tv.tv_usec = (libssh2_usec_t)((ms_to_next - tv.tv_sec*1000) * 1000); +#else tv.tv_usec = (ms_to_next - tv.tv_sec*1000) * 1000; +#endif if(dir & LIBSSH2_SESSION_BLOCK_INBOUND) { FD_ZERO(&rfd); @@ -663,7 +659,7 @@ int _libssh2_wait_socket(LIBSSH2_SESSION *session, time_t start_time) writefd = &wfd; } - rc = select(session->socket_fd + 1, readfd, writefd, NULL, + rc = select((int)(session->socket_fd + 1), readfd, writefd, NULL, has_timeout ? &tv : NULL); } #endif @@ -685,8 +681,8 @@ session_startup(LIBSSH2_SESSION *session, libssh2_socket_t sock) int rc; if(session->startup_state == libssh2_NB_state_idle) { - _libssh2_debug(session, LIBSSH2_TRACE_TRANS, - "session_startup for socket %d", sock); + _libssh2_debug((session, LIBSSH2_TRACE_TRANS, + "session_startup for socket %d", sock)); if(LIBSSH2_INVALID_SOCKET == sock) { /* Did we forget something? */ return _libssh2_error(session, LIBSSH2_ERROR_BAD_SOCKET, @@ -730,7 +726,7 @@ session_startup(LIBSSH2_SESSION *session, libssh2_socket_t sock) else if(rc) return _libssh2_error(session, rc, "Failed getting banner"); - } while(strncmp("SSH-", (char *)session->remote.banner, 4)); + } while(strncmp("SSH-", (const char *)session->remote.banner, 4)); session->startup_state = libssh2_NB_state_sent1; } @@ -747,8 +743,8 @@ session_startup(LIBSSH2_SESSION *session, libssh2_socket_t sock) } if(session->startup_state == libssh2_NB_state_sent2) { - _libssh2_debug(session, LIBSSH2_TRACE_TRANS, - "Requesting userauth service"); + _libssh2_debug((session, LIBSSH2_TRACE_TRANS, + "Requesting userauth service")); /* Request the userauth service */ session->startup_service[0] = SSH_MSG_SERVICE_REQUEST; @@ -780,7 +776,9 @@ session_startup(LIBSSH2_SESSION *session, libssh2_socket_t sock) &session->startup_data_len, 0, NULL, 0, &session->startup_req_state); if(rc) - return rc; + return _libssh2_error(session, rc, + "Failed to get response to " + "ssh-userauth request"); if(session->startup_data_len < 5) { return _libssh2_error(session, LIBSSH2_ERROR_PROTO, @@ -792,7 +790,8 @@ session_startup(LIBSSH2_SESSION *session, libssh2_socket_t sock) if((session->startup_service_length != (sizeof("ssh-userauth") - 1)) - || strncmp("ssh-userauth", (char *) session->startup_data + 5, + || strncmp("ssh-userauth", + (const char *) session->startup_data + 5, session->startup_service_length)) { LIBSSH2_FREE(session, session->startup_data); session->startup_data = NULL; @@ -812,7 +811,7 @@ session_startup(LIBSSH2_SESSION *session, libssh2_socket_t sock) } /* - * libssh2_session_handshake() + * libssh2_session_handshake * * session: LIBSSH2_SESSION struct allocated and owned by the calling program * sock: *must* be populated with an opened and connected socket. @@ -824,13 +823,13 @@ libssh2_session_handshake(LIBSSH2_SESSION *session, libssh2_socket_t sock) { int rc; - BLOCK_ADJUST(rc, session, session_startup(session, sock) ); + BLOCK_ADJUST(rc, session, session_startup(session, sock)); return rc; } /* - * libssh2_session_startup() + * libssh2_session_startup * * DEPRECATED. Use libssh2_session_handshake() instead! This function is not * portable enough. @@ -847,7 +846,7 @@ libssh2_session_startup(LIBSSH2_SESSION *session, int sock) } /* - * libssh2_session_free + * session_free * * Frees the memory allocated to the session * Also closes and frees any channels attached to this session @@ -862,16 +861,16 @@ session_free(LIBSSH2_SESSION *session) int packets_left = 0; if(session->free_state == libssh2_NB_state_idle) { - _libssh2_debug(session, LIBSSH2_TRACE_TRANS, + _libssh2_debug((session, LIBSSH2_TRACE_TRANS, "Freeing session resource", - session->remote.banner); + session->remote.banner)); session->free_state = libssh2_NB_state_created; } if(session->free_state == libssh2_NB_state_created) { - while((ch = _libssh2_list_first(&session->channels))) { - + /* !checksrc! disable EQUALSNULL 1 */ + while((ch = _libssh2_list_first(&session->channels)) != NULL) { rc = _libssh2_channel_free(ch); if(rc == LIBSSH2_ERROR_EAGAIN) return rc; @@ -881,7 +880,8 @@ session_free(LIBSSH2_SESSION *session) } if(session->free_state == libssh2_NB_state_sent) { - while((l = _libssh2_list_first(&session->listeners))) { + /* !checksrc! disable EQUALSNULL 1 */ + while((l = _libssh2_list_first(&session->listeners)) != NULL) { rc = _libssh2_channel_forward_cancel(l); if(rc == LIBSSH2_ERROR_EAGAIN) return rc; @@ -981,6 +981,12 @@ session_free(LIBSSH2_SESSION *session) if(session->remote.lang_prefs) { LIBSSH2_FREE(session, session->remote.lang_prefs); } + if(session->server_sign_algorithms) { + LIBSSH2_FREE(session, session->server_sign_algorithms); + } + if(session->sign_algo_prefs) { + LIBSSH2_FREE(session, session->sign_algo_prefs); + } /* * Make sure all memory used in the state variables are free @@ -994,6 +1000,9 @@ session_free(LIBSSH2_SESSION *session) if(session->userauth_list_data) { LIBSSH2_FREE(session, session->userauth_list_data); } + if(session->userauth_banner) { + LIBSSH2_FREE(session, session->userauth_banner); + } if(session->userauth_pswd_data) { LIBSSH2_FREE(session, session->userauth_pswd_data); } @@ -1058,10 +1067,11 @@ session_free(LIBSSH2_SESSION *session) } /* Cleanup all remaining packets */ - while((pkg = _libssh2_list_first(&session->packets))) { + /* !checksrc! disable EQUALSNULL 1 */ + while((pkg = _libssh2_list_first(&session->packets)) != NULL) { packets_left++; - _libssh2_debug(session, LIBSSH2_TRACE_TRANS, - "packet left with id %d", pkg->data[0]); + _libssh2_debug((session, LIBSSH2_TRACE_TRANS, + "packet left with id %d", pkg->data[0])); /* unlink the node */ _libssh2_list_remove(&pkg->node); @@ -1069,15 +1079,16 @@ session_free(LIBSSH2_SESSION *session) LIBSSH2_FREE(session, pkg->data); LIBSSH2_FREE(session, pkg); } - _libssh2_debug(session, LIBSSH2_TRACE_TRANS, - "Extra packets left %d", packets_left); + (void)packets_left; + _libssh2_debug((session, LIBSSH2_TRACE_TRANS, + "Extra packets left %d", packets_left)); if(session->socket_prev_blockstate) { /* if the socket was previously blocking, put it back so */ rc = session_nonblock(session->socket_fd, 0); if(rc) { - _libssh2_debug(session, LIBSSH2_TRACE_TRANS, - "unable to reset socket's blocking state"); + _libssh2_debug((session, LIBSSH2_TRACE_TRANS, + "unable to reset socket's blocking state")); } } @@ -1107,13 +1118,13 @@ libssh2_session_free(LIBSSH2_SESSION * session) { int rc; - BLOCK_ADJUST(rc, session, session_free(session) ); + BLOCK_ADJUST(rc, session, session_free(session)); return rc; } /* - * libssh2_session_disconnect_ex + * session_disconnect */ static int session_disconnect(LIBSSH2_SESSION *session, int reason, @@ -1121,13 +1132,13 @@ session_disconnect(LIBSSH2_SESSION *session, int reason, const char *lang) { unsigned char *s; - unsigned long descr_len = 0, lang_len = 0; + size_t descr_len = 0, lang_len = 0; int rc; if(session->disconnect_state == libssh2_NB_state_idle) { - _libssh2_debug(session, LIBSSH2_TRACE_TRANS, + _libssh2_debug((session, LIBSSH2_TRACE_TRANS, "Disconnecting: reason=%d, desc=%s, lang=%s", reason, - description, lang); + description, lang)); if(description) descr_len = strlen(description); @@ -1138,6 +1149,10 @@ session_disconnect(LIBSSH2_SESSION *session, int reason, return _libssh2_error(session, LIBSSH2_ERROR_INVAL, "too long description"); + if(lang_len > 256) + return _libssh2_error(session, LIBSSH2_ERROR_INVAL, + "too long language string"); + /* 13 = packet_type(1) + reason code(4) + descr_len(4) + lang_len(4) */ session->disconnect_data_len = descr_len + lang_len + 13; @@ -1147,14 +1162,14 @@ session_disconnect(LIBSSH2_SESSION *session, int reason, _libssh2_store_u32(&s, reason); _libssh2_store_str(&s, description, descr_len); /* store length only, lang is sent separately */ - _libssh2_store_u32(&s, lang_len); + _libssh2_store_u32(&s, (uint32_t)lang_len); session->disconnect_state = libssh2_NB_state_created; } rc = _libssh2_transport_send(session, session->disconnect_data, session->disconnect_data_len, - (unsigned char *)lang, lang_len); + (const unsigned char *)lang, lang_len); if(rc == LIBSSH2_ERROR_EAGAIN) return rc; @@ -1303,7 +1318,7 @@ libssh2_session_last_error(LIBSSH2_SESSION * session, char **errmsg, } if(errmsg_len) { - *errmsg_len = msglen; + *errmsg_len = (int)msglen; } return session->err_code; @@ -1336,7 +1351,7 @@ libssh2_session_set_last_error(LIBSSH2_SESSION* session, LIBSSH2_ERR_FLAG_DUP); } -/* Libssh2_session_flag +/* libssh2_session_flag * * Set/Get session flags * @@ -1352,6 +1367,9 @@ libssh2_session_flag(LIBSSH2_SESSION * session, int flag, int value) case LIBSSH2_FLAG_COMPRESS: session->flag.compress = value; break; + case LIBSSH2_FLAG_QUOTE_PATHS: + session->flag.quote_paths = value; + break; default: /* unknown flag */ return LIBSSH2_ERROR_INVAL; @@ -1370,8 +1388,8 @@ int _libssh2_session_set_blocking(LIBSSH2_SESSION *session, int blocking) { int bl = session->api_block_mode; - _libssh2_debug(session, LIBSSH2_TRACE_CONN, - "Setting blocking mode %s", blocking?"ON":"OFF"); + _libssh2_debug((session, LIBSSH2_TRACE_CONN, + "Setting blocking mode %s", blocking ? "ON" : "OFF")); session->api_block_mode = blocking; return bl; @@ -1385,7 +1403,7 @@ _libssh2_session_set_blocking(LIBSSH2_SESSION *session, int blocking) LIBSSH2_API void libssh2_session_set_blocking(LIBSSH2_SESSION * session, int blocking) { - (void) _libssh2_session_set_blocking(session, blocking); + (void)_libssh2_session_set_blocking(session, blocking); } /* libssh2_session_get_blocking @@ -1420,6 +1438,30 @@ libssh2_session_get_timeout(LIBSSH2_SESSION * session) return session->api_timeout; } +/* libssh2_session_set_read_timeout + * + * Set a session's timeout (in sec) when reading packets, + * or 0 to use default of 60 seconds. + */ +LIBSSH2_API void +libssh2_session_set_read_timeout(LIBSSH2_SESSION * session, long timeout) +{ + if(timeout <= 0) { + timeout = LIBSSH2_DEFAULT_READ_TIMEOUT; + } + session->packet_read_timeout = timeout; +} + +/* libssh2_session_get_read_timeout + * + * Returns a session's timeout. Default is 60 seconds. + */ +LIBSSH2_API long +libssh2_session_get_read_timeout(LIBSSH2_SESSION * session) +{ + return session->packet_read_timeout; +} + /* * libssh2_poll_channel_read * @@ -1513,7 +1555,7 @@ libssh2_poll(LIBSSH2_POLLFD * fds, unsigned int nfds, long timeout) switch(fds[i].type) { case LIBSSH2_POLLFD_SOCKET: sockets[i].fd = fds[i].fd.socket; - sockets[i].events = fds[i].events; + sockets[i].events = (short)fds[i].events; sockets[i].revents = 0; break; @@ -1675,23 +1717,15 @@ libssh2_poll(LIBSSH2_POLLFD * fds, unsigned int nfds, long timeout) } #ifdef HAVE_POLL -#ifdef HAVE_LIBSSH2_GETTIMEOFDAY { struct timeval tv_begin, tv_end; - _libssh2_gettimeofday((struct timeval *) &tv_begin, NULL); - sysret = poll(sockets, nfds, timeout_remaining); - _libssh2_gettimeofday((struct timeval *) &tv_end, NULL); + gettimeofday(&tv_begin, NULL); + sysret = poll(sockets, nfds, (int)timeout_remaining); + gettimeofday(&tv_end, NULL); timeout_remaining -= (tv_end.tv_sec - tv_begin.tv_sec) * 1000; timeout_remaining -= (tv_end.tv_usec - tv_begin.tv_usec) / 1000; } -#else - /* If the platform doesn't support gettimeofday, - * then just make the call non-blocking and walk away - */ - sysret = poll(sockets, nfds, timeout_remaining); - timeout_remaining = 0; -#endif /* HAVE_GETTIMEOFDAY */ if(sysret > 0) { for(i = 0; i < nfds; i++) { @@ -1738,24 +1772,17 @@ libssh2_poll(LIBSSH2_POLLFD * fds, unsigned int nfds, long timeout) #elif defined(HAVE_SELECT) tv.tv_sec = timeout_remaining / 1000; tv.tv_usec = (timeout_remaining % 1000) * 1000; -#ifdef HAVE_LIBSSH2_GETTIMEOFDAY + { struct timeval tv_begin, tv_end; - _libssh2_gettimeofday((struct timeval *) &tv_begin, NULL); - sysret = select(maxfd + 1, &rfds, &wfds, NULL, &tv); - _libssh2_gettimeofday((struct timeval *) &tv_end, NULL); + gettimeofday(&tv_begin, NULL); + sysret = select((int)(maxfd + 1), &rfds, &wfds, NULL, &tv); + gettimeofday(&tv_end, NULL); timeout_remaining -= (tv_end.tv_sec - tv_begin.tv_sec) * 1000; timeout_remaining -= (tv_end.tv_usec - tv_begin.tv_usec) / 1000; } -#else - /* If the platform doesn't support gettimeofday, - * then just make the call non-blocking and walk away - */ - sysret = select(maxfd + 1, &rfds, &wfds, NULL, &tv); - timeout_remaining = 0; -#endif if(sysret > 0) { for(i = 0; i < nfds; i++) { @@ -1822,10 +1849,10 @@ LIBSSH2_API const char * libssh2_session_banner_get(LIBSSH2_SESSION *session) { /* to avoid a coredump when session is NULL */ - if(NULL == session) + if(!session) return NULL; - if(NULL == session->remote.banner) + if(!session->remote.banner) return NULL; return (const char *) session->remote.banner; diff --git a/libssh2/src/session.h b/libssh2/src/session.h index 9f8f2c706..6492ec001 100644 --- a/libssh2/src/session.h +++ b/libssh2/src/session.h @@ -41,27 +41,26 @@ /* Conveniance-macros to allow code like this; - int rc = BLOCK_ADJUST(rc, session, session_startup(session, sock) ); + int rc = BLOCK_ADJUST(rc, session, session_startup(session, sock)); - int rc = BLOCK_ADJUST_ERRNO(ptr, session, session_startup(session, sock) ); + int rc = BLOCK_ADJUST_ERRNO(ptr, session, session_startup(session, sock)); - The point of course being to make sure that while in non-blocking mode - these always return no matter what the return code is, but in blocking mode - it blocks if EAGAIN is the reason for the return from the underlying - function. + The point being to make sure that while in non-blocking mode these always + return no matter what the return code is, but in blocking mode it blocks + if EAGAIN is the reason for the return from the underlying function. */ #define BLOCK_ADJUST(rc, sess, x) \ do { \ - time_t entry_time = time(NULL); \ - do { \ - rc = x; \ - /* the order of the check below is important to properly deal with \ - the case when the 'sess' is freed */ \ - if((rc != LIBSSH2_ERROR_EAGAIN) || !sess->api_block_mode) \ - break; \ - rc = _libssh2_wait_socket(sess, entry_time); \ - } while(!rc); \ + time_t entry_time = time(NULL); \ + do { \ + rc = x; \ + /* the order of the check below is important to properly \ + deal with the case when the 'sess' is freed */ \ + if((rc != LIBSSH2_ERROR_EAGAIN) || !sess->api_block_mode) \ + break; \ + rc = _libssh2_wait_socket(sess, entry_time); \ + } while(!rc); \ } while(0) /* @@ -72,15 +71,15 @@ */ #define BLOCK_ADJUST_ERRNO(ptr, sess, x) \ do { \ - time_t entry_time = time(NULL); \ - int rc; \ - do { \ - ptr = x; \ - if(!sess->api_block_mode || \ - (ptr != NULL) || \ - (libssh2_session_last_errno(sess) != LIBSSH2_ERROR_EAGAIN) ) \ - break; \ - rc = _libssh2_wait_socket(sess, entry_time); \ + time_t entry_time = time(NULL); \ + int rc; \ + do { \ + ptr = x; \ + if(!sess->api_block_mode || \ + (ptr != NULL) || \ + (libssh2_session_last_errno(sess) != LIBSSH2_ERROR_EAGAIN)) \ + break; \ + rc = _libssh2_wait_socket(sess, entry_time); \ } while(!rc); \ } while(0) diff --git a/libssh2/src/sftp.c b/libssh2/src/sftp.c index ac7ee0162..46164ea36 100644 --- a/libssh2/src/sftp.c +++ b/libssh2/src/sftp.c @@ -37,19 +37,21 @@ * OF SUCH DAMAGE. */ -#include - #include "libssh2_priv.h" #include "libssh2_sftp.h" + #include "channel.h" #include "session.h" #include "sftp.h" -/* Note: Version 6 was documented at the time of writing - * However it was marked as "DO NOT IMPLEMENT" due to pending changes - * - * This release of libssh2 implements Version 5 with automatic downgrade +#include + +/* This release of libssh2 implements Version 5 with automatic downgrade * based on server's declaration + * https://www.ietf.org/archive/id/draft-ietf-secsh-filexfer-05.txt + * + * Version 6: + * https://www.ietf.org/archive/id/draft-ietf-secsh-filexfer-13.txt */ /* SFTP packet types */ @@ -98,19 +100,6 @@ static int sftp_packet_ask(LIBSSH2_SFTP *sftp, unsigned char packet_type, size_t *data_len); static void sftp_packet_flush(LIBSSH2_SFTP *sftp); -/* sftp_attrsize - * Size that attr with this flagset will occupy when turned into a bin struct - */ -static int sftp_attrsize(unsigned long flags) -{ - return (4 + /* flags(4) */ - ((flags & LIBSSH2_SFTP_ATTR_SIZE) ? 8 : 0) + - ((flags & LIBSSH2_SFTP_ATTR_UIDGID) ? 8 : 0) + - ((flags & LIBSSH2_SFTP_ATTR_PERMISSIONS) ? 4 : 0) + - ((flags & LIBSSH2_SFTP_ATTR_ACMODTIME) ? 8 : 0)); - /* atime + mtime as u32 */ -} - /* _libssh2_store_u64 */ static void _libssh2_store_u64(unsigned char **ptr, libssh2_uint64_t value) @@ -120,12 +109,12 @@ static void _libssh2_store_u64(unsigned char **ptr, libssh2_uint64_t value) buf[0] = (unsigned char)((msl >> 24) & 0xFF); buf[1] = (unsigned char)((msl >> 16) & 0xFF); - buf[2] = (unsigned char)((msl >> 8) & 0xFF); + buf[2] = (unsigned char)((msl >> 8) & 0xFF); buf[3] = (unsigned char)( msl & 0xFF); buf[4] = (unsigned char)((value >> 24) & 0xFF); buf[5] = (unsigned char)((value >> 16) & 0xFF); - buf[6] = (unsigned char)((value >> 8) & 0xFF); + buf[6] = (unsigned char)((value >> 8) & 0xFF); buf[7] = (unsigned char)( value & 0xFF); *ptr += 8; @@ -160,10 +149,10 @@ remove_zombie_request(LIBSSH2_SFTP *sftp, uint32_t request_id) struct sftp_zombie_requests *zombie = find_zombie_request(sftp, request_id); if(zombie) { - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, "Removing request ID %ld from the list of " "zombie requests", - request_id); + request_id)); _libssh2_list_remove(&zombie->node); LIBSSH2_FREE(session, zombie); @@ -177,8 +166,8 @@ add_zombie_request(LIBSSH2_SFTP *sftp, uint32_t request_id) struct sftp_zombie_requests *zombie; - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, - "Marking request ID %ld as a zombie request", request_id); + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, + "Marking request ID %ld as a zombie request", request_id)); zombie = LIBSSH2_ALLOC(sftp->channel->session, sizeof(struct sftp_zombie_requests)); @@ -192,9 +181,7 @@ add_zombie_request(LIBSSH2_SFTP *sftp, uint32_t request_id) } } -/* - * sftp_packet_add - * +/* sftp_packet_add * Add a packet to the SFTP packet brigade */ static int @@ -209,9 +196,9 @@ sftp_packet_add(LIBSSH2_SFTP *sftp, unsigned char *data, return LIBSSH2_ERROR_OUT_OF_BOUNDARY; } - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, "Received packet type %d (len %d)", - (int) data[0], data_len); + (int) data[0], data_len)); /* * Experience shows that if we mess up EAGAIN handling somewhere or @@ -250,14 +237,15 @@ sftp_packet_add(LIBSSH2_SFTP *sftp, unsigned char *data, case SSH_FXP_EXTENDED_REPLY: break; default: + sftp->last_errno = LIBSSH2_FX_OK; return _libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL, "Out of sync with the world"); } request_id = _libssh2_ntohu32(&data[1]); - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, "Received packet id %d", - request_id); + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, "Received packet id %d", + request_id)); /* Don't add the packet if it answers a request we've given up on. */ if((data[0] == SSH_FXP_STATUS || data[0] == SSH_FXP_DATA) @@ -287,9 +275,7 @@ sftp_packet_add(LIBSSH2_SFTP *sftp, unsigned char *data, return LIBSSH2_ERROR_NONE; } -/* - * sftp_packet_read - * +/* sftp_packet_read * Frame an SFTP packet off the channel */ static int @@ -301,8 +287,9 @@ sftp_packet_read(LIBSSH2_SFTP *sftp) ssize_t rc; unsigned long recv_window; int packet_type; + uint32_t request_id; - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, "recv packet"); + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, "recv packet")); switch(sftp->packet_state) { case libssh2_NB_state_sent: /* EAGAIN from window adjusting */ @@ -316,11 +303,11 @@ sftp_packet_read(LIBSSH2_SFTP *sftp) packet = sftp->partial_packet; - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, - "partial read cont, len: %lu", sftp->partial_len); - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, + "partial read cont, len: %lu", sftp->partial_len)); + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, "partial read cont, already recvd: %lu", - sftp->partial_received); + sftp->partial_received)); /* fall-through */ default: if(!packet) { @@ -329,49 +316,59 @@ sftp_packet_read(LIBSSH2_SFTP *sftp) /* each packet starts with a 32 bit length field */ rc = _libssh2_channel_read(channel, 0, - (char *)&sftp->partial_size[ - sftp->partial_size_len], - 4 - sftp->partial_size_len); + (char *)&sftp->packet_header[ + sftp->packet_header_len], + sizeof(sftp->packet_header) - + sftp->packet_header_len); if(rc == LIBSSH2_ERROR_EAGAIN) - return rc; + return (int)rc; else if(rc < 0) - return _libssh2_error(session, rc, "channel read"); + return _libssh2_error(session, (int)rc, "channel read"); - sftp->partial_size_len += rc; + sftp->packet_header_len += rc; - if(4 != sftp->partial_size_len) - /* we got a short read for the length part */ + if(sftp->packet_header_len != sizeof(sftp->packet_header)) + /* we got a short read for the header part */ return LIBSSH2_ERROR_EAGAIN; - sftp->partial_len = _libssh2_ntohu32(sftp->partial_size); + /* parse SFTP packet header */ + sftp->partial_len = _libssh2_ntohu32(sftp->packet_header); + packet_type = sftp->packet_header[4]; + request_id = _libssh2_ntohu32(sftp->packet_header + 5); + /* make sure we don't proceed if the packet size is unreasonably large */ - if(sftp->partial_len > LIBSSH2_SFTP_PACKET_MAXLEN) { + if(sftp->partial_len > LIBSSH2_SFTP_PACKET_MAXLEN && + /* exception: response to SSH_FXP_READDIR request */ + !(sftp->readdir_state != libssh2_NB_state_idle && + sftp->readdir_request_id == request_id && + packet_type == SSH_FXP_NAME)) { libssh2_channel_flush(channel); - sftp->partial_size_len = 0; + sftp->packet_header_len = 0; return _libssh2_error(session, LIBSSH2_ERROR_CHANNEL_PACKET_EXCEEDED, "SFTP packet too large"); } - if(sftp->partial_len == 0) + if(sftp->partial_len < 5) return _libssh2_error(session, LIBSSH2_ERROR_ALLOC, - "Unable to allocate empty SFTP packet"); + "Invalid SFTP packet size"); - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, "Data begin - Packet Length: %lu", - sftp->partial_len); + sftp->partial_len)); packet = LIBSSH2_ALLOC(session, sftp->partial_len); if(!packet) return _libssh2_error(session, LIBSSH2_ERROR_ALLOC, "Unable to allocate SFTP packet"); - sftp->partial_size_len = 0; - sftp->partial_received = 0; /* how much of the packet already - received */ + sftp->packet_header_len = 0; sftp->partial_packet = packet; + /* copy over packet type(4) and request id(1) */ + sftp->partial_received = 5; + memcpy(packet, sftp->packet_header + 4, 5); - window_adjust: +window_adjust: recv_window = libssh2_channel_window_read_ex(channel, NULL, NULL); if(sftp->partial_len > recv_window) { @@ -387,7 +384,7 @@ sftp_packet_read(LIBSSH2_SFTP *sftp) libssh2_NB_state_idle; if(rc == LIBSSH2_ERROR_EAGAIN) - return rc; + return (int)rc; } } @@ -405,12 +402,12 @@ sftp_packet_read(LIBSSH2_SFTP *sftp) * knows how to continue on the next invoke. */ sftp->packet_state = libssh2_NB_state_sent1; - return rc; + return (int)rc; } else if(rc < 0) { LIBSSH2_FREE(session, packet); sftp->partial_packet = NULL; - return _libssh2_error(session, rc, + return _libssh2_error(session, (int)rc, "Error waiting for SFTP packet"); } sftp->partial_received += rc; @@ -424,7 +421,7 @@ sftp_packet_read(LIBSSH2_SFTP *sftp) rc = sftp_packet_add(sftp, packet, sftp->partial_len); if(rc) { LIBSSH2_FREE(session, packet); - return rc; + return (int)rc; } else { return packet_type; @@ -432,8 +429,8 @@ sftp_packet_read(LIBSSH2_SFTP *sftp) } /* WON'T REACH */ } -/* - * sftp_packetlist_flush + +/* sftp_packetlist_flush * * Remove all pending packets in the packet_list and the corresponding one(s) * in the SFTP packet brigade. @@ -474,7 +471,7 @@ static void sftp_packetlist_flush(LIBSSH2_SFTP_HANDLE *handle) /* - * sftp_packet_ask() + * sftp_packet_ask * * Checks if there's a matching SFTP packet available. */ @@ -523,19 +520,19 @@ sftp_packet_require(LIBSSH2_SFTP *sftp, unsigned char packet_type, LIBSSH2_SESSION *session = sftp->channel->session; int rc; - if(data == NULL || data_len == NULL || required_size == 0) { + if(!data || !data_len || required_size == 0) { return LIBSSH2_ERROR_BAD_USE; } - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, "Requiring packet %d id %ld", - (int) packet_type, request_id); + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, "Requiring packet %d id %ld", + (int) packet_type, request_id)); if(sftp_packet_ask(sftp, packet_type, request_id, data, data_len) == 0) { /* The right packet was available in the packet brigade */ - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, "Got %d", - (int) packet_type); + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, "Got %d", + (int) packet_type)); - if (*data_len < required_size) { + if(*data_len < required_size) { return LIBSSH2_ERROR_BUFFER_TOO_SMALL; } @@ -550,10 +547,10 @@ sftp_packet_require(LIBSSH2_SFTP *sftp, unsigned char packet_type, /* data was read, check the queue again */ if(!sftp_packet_ask(sftp, packet_type, request_id, data, data_len)) { /* The right packet was available in the packet brigade */ - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, "Got %d", - (int) packet_type); + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, "Got %d", + (int) packet_type)); - if (*data_len < required_size) { + if(*data_len < required_size) { return LIBSSH2_ERROR_BUFFER_TOO_SMALL; } @@ -577,7 +574,7 @@ sftp_packet_requirev(LIBSSH2_SFTP *sftp, int num_valid_responses, int i; int rc; - if(data == NULL || data_len == NULL || required_size == 0) { + if(!data || !data_len || required_size == 0) { return LIBSSH2_ERROR_BAD_USE; } @@ -588,14 +585,14 @@ sftp_packet_requirev(LIBSSH2_SFTP *sftp, int num_valid_responses, while(sftp->channel->session->socket_state == LIBSSH2_SOCKET_CONNECTED) { for(i = 0; i < num_valid_responses; i++) { if(sftp_packet_ask(sftp, valid_responses[i], request_id, - data, data_len) == 0) { + data, data_len) == 0) { /* * Set to zero before all returns to say * the timeout is not active */ sftp->requirev_start = 0; - if (*data_len < required_size) { + if(*data_len < required_size) { return LIBSSH2_ERROR_BUFFER_TOO_SMALL; } @@ -611,7 +608,7 @@ sftp_packet_requirev(LIBSSH2_SFTP *sftp, int num_valid_responses, else if(rc <= 0) { /* prevent busy-looping */ long left = - LIBSSH2_READ_TIMEOUT - + sftp->channel->session->packet_read_timeout - (long)(time(NULL) - sftp->requirev_start); if(left <= 0) { @@ -630,6 +627,19 @@ sftp_packet_requirev(LIBSSH2_SFTP *sftp, int num_valid_responses, return LIBSSH2_ERROR_SOCKET_DISCONNECT; } +/* sftp_attrsize + * Size that attr with this flagset will occupy when turned into a bin struct + */ +static int sftp_attrsize(unsigned long flags) +{ + return 4 + /* flags(4) */ + ((flags & LIBSSH2_SFTP_ATTR_SIZE) ? 8 : 0) + + ((flags & LIBSSH2_SFTP_ATTR_UIDGID) ? 8 : 0) + + ((flags & LIBSSH2_SFTP_ATTR_PERMISSIONS) ? 4 : 0) + + ((flags & LIBSSH2_SFTP_ATTR_ACMODTIME) ? 8 : 0); + /* atime + mtime as u32 */ +} + /* sftp_attr2bin * Populate attributes into an SFTP block */ @@ -638,8 +648,10 @@ sftp_attr2bin(unsigned char *p, const LIBSSH2_SFTP_ATTRIBUTES * attrs) { unsigned char *s = p; uint32_t flag_mask = - LIBSSH2_SFTP_ATTR_SIZE | LIBSSH2_SFTP_ATTR_UIDGID | - LIBSSH2_SFTP_ATTR_PERMISSIONS | LIBSSH2_SFTP_ATTR_ACMODTIME; + LIBSSH2_SFTP_ATTR_SIZE | + LIBSSH2_SFTP_ATTR_UIDGID | + LIBSSH2_SFTP_ATTR_PERMISSIONS | + LIBSSH2_SFTP_ATTR_ACMODTIME; /* TODO: When we add SFTP4+ functionality flag_mask can get additional bits */ @@ -649,32 +661,32 @@ sftp_attr2bin(unsigned char *p, const LIBSSH2_SFTP_ATTRIBUTES * attrs) return 4; } - _libssh2_store_u32(&s, attrs->flags & flag_mask); + _libssh2_store_u32(&s, (uint32_t)(attrs->flags & flag_mask)); if(attrs->flags & LIBSSH2_SFTP_ATTR_SIZE) { _libssh2_store_u64(&s, attrs->filesize); } if(attrs->flags & LIBSSH2_SFTP_ATTR_UIDGID) { - _libssh2_store_u32(&s, attrs->uid); - _libssh2_store_u32(&s, attrs->gid); + _libssh2_store_u32(&s, (uint32_t)attrs->uid); + _libssh2_store_u32(&s, (uint32_t)attrs->gid); } if(attrs->flags & LIBSSH2_SFTP_ATTR_PERMISSIONS) { - _libssh2_store_u32(&s, attrs->permissions); + _libssh2_store_u32(&s, (uint32_t)attrs->permissions); } if(attrs->flags & LIBSSH2_SFTP_ATTR_ACMODTIME) { - _libssh2_store_u32(&s, attrs->atime); - _libssh2_store_u32(&s, attrs->mtime); + _libssh2_store_u32(&s, (uint32_t)attrs->atime); + _libssh2_store_u32(&s, (uint32_t)attrs->mtime); } - return (s - p); + return s - p; } /* sftp_bin2attr */ -static int +static ssize_t sftp_bin2attr(LIBSSH2_SFTP_ATTRIBUTES *attrs, const unsigned char *p, size_t data_len) { @@ -684,13 +696,13 @@ sftp_bin2attr(LIBSSH2_SFTP_ATTRIBUTES *attrs, const unsigned char *p, buf.dataptr = buf.data; buf.len = data_len; - if(_libssh2_get_u32(&buf, &flags) != 0) { + if(_libssh2_get_u32(&buf, &flags)) { return LIBSSH2_ERROR_BUFFER_TOO_SMALL; } attrs->flags = flags; if(attrs->flags & LIBSSH2_SFTP_ATTR_SIZE) { - if(_libssh2_get_u64(&buf, &(attrs->filesize)) != 0) { + if(_libssh2_get_u64(&buf, &(attrs->filesize))) { return LIBSSH2_ERROR_BUFFER_TOO_SMALL; } } @@ -698,8 +710,8 @@ sftp_bin2attr(LIBSSH2_SFTP_ATTRIBUTES *attrs, const unsigned char *p, if(attrs->flags & LIBSSH2_SFTP_ATTR_UIDGID) { uint32_t uid = 0; uint32_t gid = 0; - if(_libssh2_get_u32(&buf, &uid) != 0 || - _libssh2_get_u32(&buf, &gid) != 0) { + if(_libssh2_get_u32(&buf, &uid) || + _libssh2_get_u32(&buf, &gid)) { return LIBSSH2_ERROR_BUFFER_TOO_SMALL; } attrs->uid = uid; @@ -708,7 +720,7 @@ sftp_bin2attr(LIBSSH2_SFTP_ATTRIBUTES *attrs, const unsigned char *p, if(attrs->flags & LIBSSH2_SFTP_ATTR_PERMISSIONS) { uint32_t permissions; - if(_libssh2_get_u32(&buf, &permissions) != 0) { + if(_libssh2_get_u32(&buf, &permissions)) { return LIBSSH2_ERROR_BUFFER_TOO_SMALL; } attrs->permissions = permissions; @@ -717,15 +729,36 @@ sftp_bin2attr(LIBSSH2_SFTP_ATTRIBUTES *attrs, const unsigned char *p, if(attrs->flags & LIBSSH2_SFTP_ATTR_ACMODTIME) { uint32_t atime; uint32_t mtime; - if(_libssh2_get_u32(&buf, &atime) != 0 || - _libssh2_get_u32(&buf, &mtime) != 0) { + if(_libssh2_get_u32(&buf, &atime) || + _libssh2_get_u32(&buf, &mtime)) { return LIBSSH2_ERROR_BUFFER_TOO_SMALL; } attrs->atime = atime; attrs->mtime = mtime; } - return (buf.dataptr - buf.data); + /* Parse extended data, if present, to avoid stream parsing errors */ + if(attrs->flags & LIBSSH2_SFTP_ATTR_EXTENDED) { + uint32_t extended_count; + uint32_t i; + size_t etype_len; + unsigned char *etype; + size_t edata_len; + unsigned char *edata; + + if(_libssh2_get_u32(&buf, &extended_count)) { + return LIBSSH2_ERROR_BUFFER_TOO_SMALL; + } + + for(i = 0; i < extended_count; ++i) { + if(_libssh2_get_string(&buf, &etype, &etype_len) || + _libssh2_get_string(&buf, &edata, &edata_len)) { + return LIBSSH2_ERROR_BUFFER_TOO_SMALL; + } + } + } + + return buf.dataptr - buf.data; } /* ************ @@ -741,8 +774,8 @@ LIBSSH2_CHANNEL_CLOSE_FUNC(libssh2_sftp_dtor) { LIBSSH2_SFTP *sftp = (LIBSSH2_SFTP *) (*channel_abstract); - (void) session_abstract; - (void) channel; + (void)session_abstract; + (void)channel; /* Free the partial packet storage for sftp_packet_read */ if(sftp->partial_packet) { @@ -757,23 +790,21 @@ LIBSSH2_CHANNEL_CLOSE_FUNC(libssh2_sftp_dtor) LIBSSH2_FREE(session, sftp); } -/* - * sftp_init - * +/* sftp_init * Startup an SFTP session */ static LIBSSH2_SFTP *sftp_init(LIBSSH2_SESSION *session) { unsigned char *data; - size_t data_len; + size_t data_len = 0; ssize_t rc; LIBSSH2_SFTP *sftp_handle; struct string_buf buf; unsigned char *endp; if(session->sftpInit_state == libssh2_NB_state_idle) { - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, - "Initializing SFTP subsystem"); + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, + "Initializing SFTP subsystem")); /* * The 'sftpInit_sftp' and 'sftpInit_channel' struct fields within the @@ -787,7 +818,7 @@ static LIBSSH2_SFTP *sftp_init(LIBSSH2_SESSION *session) * including *EAGAIN). */ - assert(session->sftpInit_sftp == NULL); + assert(!session->sftpInit_sftp); session->sftpInit_sftp = NULL; session->sftpInit_state = libssh2_NB_state_created; } @@ -860,10 +891,10 @@ static LIBSSH2_SFTP *sftp_init(LIBSSH2_SESSION *session) _libssh2_htonu32(session->sftpInit_buffer + 5, LIBSSH2_SFTP_VERSION); session->sftpInit_sent = 0; /* nothing's sent yet */ - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, "Sending FXP_INIT packet advertising " "version %d support", - (int) LIBSSH2_SFTP_VERSION); + (int) LIBSSH2_SFTP_VERSION)); session->sftpInit_state = libssh2_NB_state_sent2; } @@ -896,6 +927,22 @@ static LIBSSH2_SFTP *sftp_init(LIBSSH2_SESSION *session) } } + if(session->sftpInit_state == libssh2_NB_state_error_closing) { + rc = _libssh2_channel_free(session->sftpInit_channel); + if(rc == LIBSSH2_ERROR_EAGAIN) { + _libssh2_error(session, LIBSSH2_ERROR_EAGAIN, + "Would block closing channel"); + return NULL; + } + session->sftpInit_channel = NULL; + if(session->sftpInit_sftp) { + LIBSSH2_FREE(session, session->sftpInit_sftp); + session->sftpInit_sftp = NULL; + } + session->sftpInit_state = libssh2_NB_state_idle; + return NULL; + } + rc = sftp_packet_require(sftp_handle, SSH_FXP_VERSION, 0, &data, &data_len, 5); if(rc == LIBSSH2_ERROR_EAGAIN) { @@ -912,7 +959,7 @@ static LIBSSH2_SFTP *sftp_init(LIBSSH2_SESSION *session) goto sftp_init_error; } else if(rc) { - _libssh2_error(session, rc, + _libssh2_error(session, (int)rc, "Timeout waiting for response from SFTP subsystem"); goto sftp_init_error; } @@ -922,21 +969,21 @@ static LIBSSH2_SFTP *sftp_init(LIBSSH2_SESSION *session) buf.len = data_len; endp = &buf.data[data_len]; - if(_libssh2_get_u32(&buf, &(sftp_handle->version)) != 0) { + if(_libssh2_get_u32(&buf, &(sftp_handle->version))) { LIBSSH2_FREE(session, data); rc = LIBSSH2_ERROR_BUFFER_TOO_SMALL; goto sftp_init_error; } if(sftp_handle->version > LIBSSH2_SFTP_VERSION) { - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, "Truncating remote SFTP version from %lu", - sftp_handle->version); + sftp_handle->version)); sftp_handle->version = LIBSSH2_SFTP_VERSION; } - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, "Enabling SFTP version %lu compatibility", - sftp_handle->version); + sftp_handle->version)); while(buf.dataptr < endp) { unsigned char *extname, *extdata; @@ -971,21 +1018,12 @@ static LIBSSH2_SFTP *sftp_init(LIBSSH2_SESSION *session) return sftp_handle; - sftp_init_error: - while(_libssh2_channel_free(session->sftpInit_channel) == - LIBSSH2_ERROR_EAGAIN); - session->sftpInit_channel = NULL; - if(session->sftpInit_sftp) { - LIBSSH2_FREE(session, session->sftpInit_sftp); - session->sftpInit_sftp = NULL; - } - session->sftpInit_state = libssh2_NB_state_idle; +sftp_init_error: + session->sftpInit_state = libssh2_NB_state_error_closing; return NULL; } -/* - * libssh2_sftp_init - * +/* libssh2_sftp_init * Startup an SFTP session */ LIBSSH2_API LIBSSH2_SFTP *libssh2_sftp_init(LIBSSH2_SESSION *session) @@ -1005,9 +1043,7 @@ LIBSSH2_API LIBSSH2_SFTP *libssh2_sftp_init(LIBSSH2_SESSION *session) return ptr; } -/* - * sftp_shutdown - * +/* sftp_shutdown * Shuts down the SFTP subsystem */ static int @@ -1103,7 +1139,7 @@ libssh2_sftp_shutdown(LIBSSH2_SFTP *sftp) static LIBSSH2_SFTP_HANDLE * sftp_open(LIBSSH2_SFTP *sftp, const char *filename, size_t filename_len, uint32_t flags, long mode, - int open_type) + int open_type, LIBSSH2_SFTP_ATTRIBUTES *attrs_in) { LIBSSH2_CHANNEL *channel = sftp->channel; LIBSSH2_SESSION *session = channel->session; @@ -1113,14 +1149,19 @@ sftp_open(LIBSSH2_SFTP *sftp, const char *filename, }; unsigned char *s; ssize_t rc; - int open_file = (open_type == LIBSSH2_SFTP_OPENFILE)?1:0; + int open_file = (open_type == LIBSSH2_SFTP_OPENFILE) ? 1 : 0; if(sftp->open_state == libssh2_NB_state_idle) { + sftp->last_errno = LIBSSH2_FX_OK; + + if(attrs_in) { + memcpy(&attrs, attrs_in, sizeof(LIBSSH2_SFTP_ATTRIBUTES)); + } + /* packet_len(4) + packet_type(1) + request_id(4) + filename_len(4) + flags(4) */ - sftp->open_packet_len = filename_len + 13 + - (open_file? (4 + - sftp_attrsize(LIBSSH2_SFTP_ATTR_PERMISSIONS)) : 0); + sftp->open_packet_len = (uint32_t)(filename_len + 13 + + (open_file? (4 + sftp_attrsize(attrs.flags)) : 0)); /* surprise! this starts out with nothing sent */ sftp->open_packet_sent = 0; @@ -1147,8 +1188,8 @@ sftp_open(LIBSSH2_SFTP *sftp, const char *filename, s += sftp_attr2bin(s, &attrs); } - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, "Sending %s open request", - open_file? "file" : "directory"); + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, "Sending %s open request", + open_file? "file" : "directory")); sftp->open_state = libssh2_NB_state_created; } @@ -1165,7 +1206,7 @@ sftp_open(LIBSSH2_SFTP *sftp, const char *filename, return NULL; } else if(rc < 0) { - _libssh2_error(session, rc, "Unable to send FXP_OPEN*"); + _libssh2_error(session, (int)rc, "Unable to send FXP_OPEN*"); LIBSSH2_FREE(session, sftp->open_packet); sftp->open_packet = NULL; sftp->open_state = libssh2_NB_state_idle; @@ -1185,7 +1226,7 @@ sftp_open(LIBSSH2_SFTP *sftp, const char *filename, } if(sftp->open_state == libssh2_NB_state_sent) { - size_t data_len; + size_t data_len = 0; unsigned char *data; static const unsigned char fopen_responses[2] = { SSH_FXP_HANDLE, SSH_FXP_STATUS }; @@ -1207,7 +1248,8 @@ sftp_open(LIBSSH2_SFTP *sftp, const char *filename, } sftp->open_state = libssh2_NB_state_idle; if(rc) { - _libssh2_error(session, rc, "Timeout waiting for status message"); + _libssh2_error(session, (int)rc, + "Timeout waiting for status message"); return NULL; } @@ -1228,8 +1270,8 @@ sftp_open(LIBSSH2_SFTP *sftp, const char *filename, sftp->last_errno = _libssh2_ntohu32(data + 5); if(LIBSSH2_FX_OK == sftp->last_errno) { - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, - "got HANDLE FXOK!"); + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, + "got HANDLE FXOK!")); LIBSSH2_FREE(session, data); @@ -1258,9 +1300,9 @@ sftp_open(LIBSSH2_SFTP *sftp, const char *filename, if(badness) { _libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL, "Failed opening remote file"); - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, "got FXP_STATUS %d", - sftp->last_errno); + sftp->last_errno)); LIBSSH2_FREE(session, data); return NULL; } @@ -1304,7 +1346,8 @@ sftp_open(LIBSSH2_SFTP *sftp, const char *filename, fp->u.file.offset = 0; fp->u.file.offset_sent = 0; - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, "Open command successful"); + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, + "Open command successful")); return fp; } return NULL; @@ -1323,16 +1366,31 @@ libssh2_sftp_open_ex(LIBSSH2_SFTP *sftp, const char *filename, return NULL; BLOCK_ADJUST_ERRNO(hnd, sftp->channel->session, - sftp_open(sftp, filename, filename_len, flags, mode, - open_type)); + sftp_open(sftp, filename, filename_len, (uint32_t)flags, + mode, open_type, NULL)); return hnd; } -/* - * sftp_read - * +/* libssh2_sftp_open_ex_r + */ +LIBSSH2_API LIBSSH2_SFTP_HANDLE * +libssh2_sftp_open_ex_r(LIBSSH2_SFTP *sftp, const char *filename, + size_t filename_len, unsigned long flags, long mode, + int open_type, LIBSSH2_SFTP_ATTRIBUTES *attrs) +{ + LIBSSH2_SFTP_HANDLE *hnd; + + if(!sftp) + return NULL; + + BLOCK_ADJUST_ERRNO(hnd, sftp->channel->session, + sftp_open(sftp, filename, filename_len, (uint32_t)flags, + mode, open_type, attrs)); + return hnd; +} + +/* sftp_read * Read from an SFTP file handle - * */ static ssize_t sftp_read(LIBSSH2_SFTP_HANDLE * handle, char *buffer, size_t buffer_size) @@ -1382,13 +1440,14 @@ static ssize_t sftp_read(LIBSSH2_SFTP_HANDLE * handle, char *buffer, switch(sftp->read_state) { case libssh2_NB_state_idle: + sftp->last_errno = LIBSSH2_FX_OK; /* Some data may already have been read from the server in the previous call but didn't fit in the buffer at the time. If so, we return that now as we can't risk being interrupted later with data partially written to the buffer. */ if(filep->data_left) { - size_t copy = MIN(buffer_size, filep->data_left); + size_t copy = LIBSSH2_MIN(buffer_size, filep->data_left); memcpy(buffer, &filep->data[ filep->data_len - filep->data_left], copy); @@ -1452,8 +1511,8 @@ static ssize_t sftp_read(LIBSSH2_SFTP_HANDLE * handle, char *buffer, allows, expand it! */ rc = _libssh2_channel_receive_window_adjust(sftp->channel, - max_read_ahead*8, - 1, NULL); + (uint32_t)(max_read_ahead * 8), + 1, NULL); /* if this returns EAGAIN, we will get back to this function at next call */ assert(rc != LIBSSH2_ERROR_EAGAIN || !filep->data_left); @@ -1468,12 +1527,12 @@ static ssize_t sftp_read(LIBSSH2_SFTP_HANDLE * handle, char *buffer, /* 25 = packet_len(4) + packet_type(1) + request_id(4) + handle_len(4) + offset(8) + count(4) */ - uint32_t packet_len = (uint32_t)handle->handle_len + 25; + uint32_t packet_len = (uint32_t)(handle->handle_len + 25); uint32_t request_id; - uint32_t size = count; + uint32_t size = (uint32_t)count; if(size < buffer_size) - size = buffer_size; + size = (uint32_t)buffer_size; if(size > MAX_SFTP_READ_SIZE) size = MAX_SFTP_READ_SIZE; @@ -1502,11 +1561,12 @@ static ssize_t sftp_read(LIBSSH2_SFTP_HANDLE * handle, char *buffer, /* add this new entry LAST in the list */ _libssh2_list_add(&handle->packet_list, &chunk->node); - count -= MIN(size, count); /* deduct the size we used, as we might - * have to create more packets */ - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, + /* deduct the size we used, as we might have to create + more packets */ + count -= LIBSSH2_MIN(size, count); + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, "read request id %d sent (offset: %d, size: %d)", - request_id, (int)chunk->offset, (int)chunk->len); + request_id, (int)chunk->offset, (int)chunk->len)); } /* FALL-THROUGH */ case libssh2_NB_state_sent: @@ -1561,7 +1621,7 @@ static ssize_t sftp_read(LIBSSH2_SFTP_HANDLE * handle, char *buffer, while(chunk) { unsigned char *data; - size_t data_len; + size_t data_len = 0; uint32_t rc32; static const unsigned char read_responses[2] = { SSH_FXP_DATA, SSH_FXP_STATUS @@ -1582,7 +1642,7 @@ static ssize_t sftp_read(LIBSSH2_SFTP_HANDLE * handle, char *buffer, rc = sftp_packet_requirev(sftp, 2, read_responses, chunk->request_id, &data, &data_len, 9); - if(rc == LIBSSH2_ERROR_EAGAIN && bytes_in_buffer != 0) { + if(rc == LIBSSH2_ERROR_EAGAIN && bytes_in_buffer) { /* do not return EAGAIN if we have already * written data into the buffer */ return bytes_in_buffer; @@ -1636,7 +1696,7 @@ static ssize_t sftp_read(LIBSSH2_SFTP_HANDLE * handle, char *buffer, requested, which shouldn't happen for normal files. See: https://tools.ietf.org/html/draft-ietf-secsh-filexfer-02 #section-6.4 - */ + */ return _libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL, "Read Packet At Unexpected Offset"); } @@ -1667,7 +1727,7 @@ static ssize_t sftp_read(LIBSSH2_SFTP_HANDLE * handle, char *buffer, /* getting the full packet would overflow the buffer, so only get the correct amount and keep the remainder */ - rc32 = (uint32_t)buffer_size - bytes_in_buffer; + rc32 = (uint32_t)(buffer_size - bytes_in_buffer); /* store data to keep for next call */ filep->data = data; @@ -1717,7 +1777,7 @@ static ssize_t sftp_read(LIBSSH2_SFTP_HANDLE * handle, char *buffer, break; default: - assert(!"State machine error; unrecognised read state"); + assert(0); /* State machine error; unrecognised read state */ } /* we should never reach this point */ @@ -1751,16 +1811,18 @@ static ssize_t sftp_readdir(LIBSSH2_SFTP_HANDLE *handle, char *buffer, LIBSSH2_SFTP *sftp = handle->sftp; LIBSSH2_CHANNEL *channel = sftp->channel; LIBSSH2_SESSION *session = channel->session; - size_t data_len; + size_t data_len = 0; uint32_t num_names; /* 13 = packet_len(4) + packet_type(1) + request_id(4) + handle_len(4) */ - uint32_t packet_len = handle->handle_len + 13; + uint32_t packet_len = (uint32_t)(handle->handle_len + 13); unsigned char *s, *data; static const unsigned char read_responses[2] = { SSH_FXP_NAME, SSH_FXP_STATUS }; ssize_t retcode; if(sftp->readdir_state == libssh2_NB_state_idle) { + sftp->last_errno = LIBSSH2_FX_OK; + if(handle->u.dir.names_left) { /* * A prior request returned more than one directory entry, @@ -1772,7 +1834,7 @@ static ssize_t sftp_readdir(LIBSSH2_SFTP_HANDLE *handle, char *buffer, size_t filename_len; size_t longentry_len; size_t names_packet_len = handle->u.dir.names_packet_len; - int attr_len = 0; + ssize_t attr_len = 0; if(names_packet_len >= 4) { s = (unsigned char *) handle->u.dir.next_name; @@ -1813,7 +1875,7 @@ static ssize_t sftp_readdir(LIBSSH2_SFTP_HANDLE *handle, char *buffer, goto end; } - if(longentry && (longentry_maxlen>1)) { + if(longentry && (longentry_maxlen > 1)) { longentry_len = real_longentry_len; if(longentry_len >= longentry_maxlen || @@ -1852,14 +1914,14 @@ static ssize_t sftp_readdir(LIBSSH2_SFTP_HANDLE *handle, char *buffer, handle->u.dir.next_name = (char *) s; handle->u.dir.names_packet_len = names_packet_len; - end: if((--handle->u.dir.names_left) == 0) LIBSSH2_FREE(session, handle->u.dir.names_packet); - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, +end: + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, "libssh2_sftp_readdir_ex() return %d", - filename_len); + filename_len)); return (ssize_t)filename_len; } @@ -1881,8 +1943,8 @@ static ssize_t sftp_readdir(LIBSSH2_SFTP_HANDLE *handle, char *buffer, } if(sftp->readdir_state == libssh2_NB_state_created) { - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, - "Reading entries from directory handle"); + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, + "Reading entries from directory handle")); retcode = _libssh2_channel_write(channel, 0, sftp->readdir_packet, packet_len); if(retcode == LIBSSH2_ERROR_EAGAIN) { @@ -1916,19 +1978,20 @@ static ssize_t sftp_readdir(LIBSSH2_SFTP_HANDLE *handle, char *buffer, } else if(retcode) { sftp->readdir_state = libssh2_NB_state_idle; - return _libssh2_error(session, retcode, + return _libssh2_error(session, (int)retcode, "Timeout waiting for status message"); } if(data[0] == SSH_FXP_STATUS) { - retcode = _libssh2_ntohu32(data + 5); + unsigned int rerrno; + rerrno = _libssh2_ntohu32(data + 5); LIBSSH2_FREE(session, data); - if(retcode == LIBSSH2_FX_EOF) { + if(rerrno == LIBSSH2_FX_EOF) { sftp->readdir_state = libssh2_NB_state_idle; return 0; } else { - sftp->last_errno = retcode; + sftp->last_errno = rerrno; sftp->readdir_state = libssh2_NB_state_idle; return _libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL, "SFTP Protocol Error"); @@ -1938,8 +2001,8 @@ static ssize_t sftp_readdir(LIBSSH2_SFTP_HANDLE *handle, char *buffer, sftp->readdir_state = libssh2_NB_state_idle; num_names = _libssh2_ntohu32(data + 5); - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, "%lu entries returned", - num_names); + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, "%lu entries returned", + num_names)); if(!num_names) { LIBSSH2_FREE(session, data); return 0; @@ -1964,17 +2027,16 @@ libssh2_sftp_readdir_ex(LIBSSH2_SFTP_HANDLE *hnd, char *buffer, size_t longentry_maxlen, LIBSSH2_SFTP_ATTRIBUTES *attrs) { - int rc; + ssize_t rc; if(!hnd) return LIBSSH2_ERROR_BAD_USE; BLOCK_ADJUST(rc, hnd->sftp->channel->session, sftp_readdir(hnd, buffer, buffer_maxlen, longentry, longentry_maxlen, attrs)); - return rc; + return (int)rc; /* FIXME: -> ssize_t */ } -/* - * sftp_write +/* sftp_write * * Write data to an SFTP handle. Returns the number of bytes written, or * a negative error code. @@ -2017,10 +2079,10 @@ static ssize_t sftp_write(LIBSSH2_SFTP_HANDLE *handle, const char *buffer, LIBSSH2_SFTP *sftp = handle->sftp; LIBSSH2_CHANNEL *channel = sftp->channel; LIBSSH2_SESSION *session = channel->session; - size_t data_len; + size_t data_len = 0; uint32_t retcode; uint32_t packet_len; - unsigned char *s, *data; + unsigned char *s, *data = NULL; ssize_t rc; struct sftp_pipeline_chunk *chunk; struct sftp_pipeline_chunk *next; @@ -2031,6 +2093,7 @@ static ssize_t sftp_write(LIBSSH2_SFTP_HANDLE *handle, const char *buffer, switch(sftp->write_state) { default: case libssh2_NB_state_idle: + sftp->last_errno = LIBSSH2_FX_OK; /* Number of bytes sent off that haven't been acked and therefore we will get passed in here again. @@ -2039,8 +2102,8 @@ static ssize_t sftp_write(LIBSSH2_SFTP_HANDLE *handle, const char *buffer, acked but we haven't been able to return as such yet, so we will get that data as well passed in here again. */ - already = (size_t) (handle->u.file.offset_sent - - handle->u.file.offset)+ + already = (size_t)(handle->u.file.offset_sent - + handle->u.file.offset)+ handle->u.file.acked; if(count >= already) { @@ -2056,12 +2119,13 @@ static ssize_t sftp_write(LIBSSH2_SFTP_HANDLE *handle, const char *buffer, while(count) { /* TODO: Possibly this should have some logic to prevent a very very small fraction to be left but lets ignore that for now */ - uint32_t size = MIN(MAX_SFTP_OUTGOING_SIZE, count); + uint32_t size = + (uint32_t)(LIBSSH2_MIN(MAX_SFTP_OUTGOING_SIZE, count)); uint32_t request_id; /* 25 = packet_len(4) + packet_type(1) + request_id(4) + handle_len(4) + offset(8) + count(4) */ - packet_len = handle->handle_len + size + 25; + packet_len = (uint32_t)(handle->handle_len + size + 25); chunk = LIBSSH2_ALLOC(session, packet_len + sizeof(struct sftp_pipeline_chunk)); @@ -2206,7 +2270,7 @@ static ssize_t sftp_write(LIBSSH2_SFTP_HANDLE *handle, const char *buffer, acked += handle->u.file.acked; if(acked) { - ssize_t ret = MIN(acked, org_count); + ssize_t ret = LIBSSH2_MIN(acked, org_count); /* we got data acked so return that amount, but no more than what was asked to get sent! */ @@ -2244,15 +2308,17 @@ static int sftp_fsync(LIBSSH2_SFTP_HANDLE *handle) LIBSSH2_SESSION *session = channel->session; /* 34 = packet_len(4) + packet_type(1) + request_id(4) + string_len(4) + strlen("fsync@openssh.com")(17) + handle_len(4) */ - uint32_t packet_len = handle->handle_len + 34; - size_t data_len; - unsigned char *packet, *s, *data; + uint32_t packet_len = (uint32_t)(handle->handle_len + 34); + size_t data_len = 0; + unsigned char *packet, *s, *data = NULL; ssize_t rc; uint32_t retcode; if(sftp->fsync_state == libssh2_NB_state_idle) { - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, - "Issuing fsync command"); + sftp->last_errno = LIBSSH2_FX_OK; + + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, + "Issuing fsync command")); s = packet = LIBSSH2_ALLOC(session, packet_len); if(!packet) { return _libssh2_error(session, LIBSSH2_ERROR_ALLOC, @@ -2295,7 +2361,7 @@ static int sftp_fsync(LIBSSH2_SFTP_HANDLE *handle) rc = sftp_packet_require(sftp, SSH_FXP_STATUS, sftp->fsync_request_id, &data, &data_len, 9); if(rc == LIBSSH2_ERROR_EAGAIN) { - return rc; + return (int)rc; } else if(rc == LIBSSH2_ERROR_BUFFER_TOO_SMALL) { if(data_len > 0) { @@ -2306,7 +2372,7 @@ static int sftp_fsync(LIBSSH2_SFTP_HANDLE *handle) } else if(rc) { sftp->fsync_state = libssh2_NB_state_idle; - return _libssh2_error(session, rc, + return _libssh2_error(session, (int)rc, "Error waiting for FXP EXTENDED REPLY"); } @@ -2339,9 +2405,7 @@ libssh2_sftp_fsync(LIBSSH2_SFTP_HANDLE *hnd) } -/* - * sftp_fstat - * +/* sftp_fstat * Get or Set stat on a file */ static int sftp_fstat(LIBSSH2_SFTP_HANDLE *handle, @@ -2350,18 +2414,20 @@ static int sftp_fstat(LIBSSH2_SFTP_HANDLE *handle, LIBSSH2_SFTP *sftp = handle->sftp; LIBSSH2_CHANNEL *channel = sftp->channel; LIBSSH2_SESSION *session = channel->session; - size_t data_len; + size_t data_len = 0; /* 13 = packet_len(4) + packet_type(1) + request_id(4) + handle_len(4) */ - uint32_t packet_len = - handle->handle_len + 13 + (setstat ? sftp_attrsize(attrs->flags) : 0); - unsigned char *s, *data; + uint32_t packet_len = (uint32_t)(handle->handle_len + 13 + + (setstat ? sftp_attrsize(attrs->flags) : 0)); + unsigned char *s, *data = NULL; static const unsigned char fstat_responses[2] = { SSH_FXP_ATTRS, SSH_FXP_STATUS }; ssize_t rc; if(sftp->fstat_state == libssh2_NB_state_idle) { - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, "Issuing %s command", - setstat ? "set-stat" : "stat"); + sftp->last_errno = LIBSSH2_FX_OK; + + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, "Issuing %s command", + setstat ? "set-stat" : "stat")); s = sftp->fstat_packet = LIBSSH2_ALLOC(session, packet_len); if(!sftp->fstat_packet) { return _libssh2_error(session, LIBSSH2_ERROR_ALLOC, @@ -2386,7 +2452,7 @@ static int sftp_fstat(LIBSSH2_SFTP_HANDLE *handle, rc = _libssh2_channel_write(channel, 0, sftp->fstat_packet, packet_len); if(rc == LIBSSH2_ERROR_EAGAIN) { - return rc; + return (int)rc; } else if((ssize_t)packet_len != rc) { LIBSSH2_FREE(session, sftp->fstat_packet); @@ -2406,7 +2472,7 @@ static int sftp_fstat(LIBSSH2_SFTP_HANDLE *handle, sftp->fstat_request_id, &data, &data_len, 9); if(rc == LIBSSH2_ERROR_EAGAIN) - return rc; + return (int)rc; else if(rc == LIBSSH2_ERROR_BUFFER_TOO_SMALL) { if(data_len > 0) { LIBSSH2_FREE(session, data); @@ -2416,7 +2482,7 @@ static int sftp_fstat(LIBSSH2_SFTP_HANDLE *handle, } else if(rc) { sftp->fstat_state = libssh2_NB_state_idle; - return _libssh2_error(session, rc, + return _libssh2_error(session, (int)rc, "Timeout waiting for status message"); } @@ -2575,14 +2641,16 @@ sftp_close_handle(LIBSSH2_SFTP_HANDLE *handle) LIBSSH2_SFTP *sftp = handle->sftp; LIBSSH2_CHANNEL *channel = sftp->channel; LIBSSH2_SESSION *session = channel->session; - size_t data_len; + size_t data_len = 0; /* 13 = packet_len(4) + packet_type(1) + request_id(4) + handle_len(4) */ - uint32_t packet_len = handle->handle_len + 13; + uint32_t packet_len = (uint32_t)(handle->handle_len + 13); unsigned char *s, *data = NULL; int rc = 0; if(handle->close_state == libssh2_NB_state_idle) { - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, "Closing handle"); + sftp->last_errno = LIBSSH2_FX_OK; + + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, "Closing handle")); s = handle->close_packet = LIBSSH2_ALLOC(session, packet_len); if(!handle->close_packet) { handle->close_state = libssh2_NB_state_idle; @@ -2602,12 +2670,13 @@ sftp_close_handle(LIBSSH2_SFTP_HANDLE *handle) } if(handle->close_state == libssh2_NB_state_created) { - rc = _libssh2_channel_write(channel, 0, handle->close_packet, - packet_len); - if(rc == LIBSSH2_ERROR_EAGAIN) { - return rc; + ssize_t nwritten; + nwritten = _libssh2_channel_write(channel, 0, handle->close_packet, + packet_len); + if(nwritten == LIBSSH2_ERROR_EAGAIN) { + return (int)nwritten; } - else if((ssize_t)packet_len != rc) { + else if((ssize_t)packet_len != nwritten) { handle->close_state = libssh2_NB_state_idle; rc = _libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND, "Unable to send FXP_CLOSE command"); @@ -2649,7 +2718,7 @@ sftp_close_handle(LIBSSH2_SFTP_HANDLE *handle) } else { - int retcode = _libssh2_ntohu32(data + 5); + uint32_t retcode = _libssh2_ntohu32(data + 5); LIBSSH2_FREE(session, data); if(retcode != LIBSSH2_FX_OK) { @@ -2705,15 +2774,18 @@ static int sftp_unlink(LIBSSH2_SFTP *sftp, const char *filename, { LIBSSH2_CHANNEL *channel = sftp->channel; LIBSSH2_SESSION *session = channel->session; - size_t data_len; - int retcode; + size_t data_len = 0; + uint32_t retcode; /* 13 = packet_len(4) + packet_type(1) + request_id(4) + filename_len(4) */ - uint32_t packet_len = filename_len + 13; - unsigned char *s, *data; + uint32_t packet_len = (uint32_t)(filename_len + 13); + unsigned char *s, *data = NULL; int rc; if(sftp->unlink_state == libssh2_NB_state_idle) { - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, "Unlinking %s", filename); + sftp->last_errno = LIBSSH2_FX_OK; + + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, + "Unlinking %s", filename)); s = sftp->unlink_packet = LIBSSH2_ALLOC(session, packet_len); if(!sftp->unlink_packet) { return _libssh2_error(session, LIBSSH2_ERROR_ALLOC, @@ -2730,12 +2802,13 @@ static int sftp_unlink(LIBSSH2_SFTP *sftp, const char *filename, } if(sftp->unlink_state == libssh2_NB_state_created) { - rc = _libssh2_channel_write(channel, 0, sftp->unlink_packet, - packet_len); - if(rc == LIBSSH2_ERROR_EAGAIN) { - return rc; + ssize_t nwritten; + nwritten = _libssh2_channel_write(channel, 0, sftp->unlink_packet, + packet_len); + if(nwritten == LIBSSH2_ERROR_EAGAIN) { + return (int)nwritten; } - else if((ssize_t)packet_len != rc) { + else if((ssize_t)packet_len != nwritten) { LIBSSH2_FREE(session, sftp->unlink_packet); sftp->unlink_packet = NULL; sftp->unlink_state = libssh2_NB_state_idle; @@ -2797,9 +2870,7 @@ libssh2_sftp_unlink_ex(LIBSSH2_SFTP *sftp, const char *filename, return rc; } -/* - * sftp_rename - * +/* sftp_rename * Rename a file on the remote server */ static int sftp_rename(LIBSSH2_SFTP *sftp, const char *source_filename, @@ -2809,24 +2880,26 @@ static int sftp_rename(LIBSSH2_SFTP *sftp, const char *source_filename, { LIBSSH2_CHANNEL *channel = sftp->channel; LIBSSH2_SESSION *session = channel->session; - size_t data_len; + size_t data_len = 0; int retcode; uint32_t packet_len = - source_filename_len + dest_filename_len + 17 + (sftp->version >= - 5 ? 4 : 0); + source_filename_len + dest_filename_len + 17 + + (sftp->version >= 5 ? 4 : 0); /* packet_len(4) + packet_type(1) + request_id(4) + source_filename_len(4) + dest_filename_len(4) + flags(4){SFTP5+) */ - unsigned char *data; + unsigned char *data = NULL; ssize_t rc; - if(sftp->version < 2) { - return _libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL, - "Server does not support RENAME"); - } - if(sftp->rename_state == libssh2_NB_state_idle) { - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, "Renaming %s to %s", - source_filename, dest_filename); + sftp->last_errno = LIBSSH2_FX_OK; + + if(sftp->version < 2) { + return _libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL, + "Server does not support RENAME"); + } + + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, "Renaming %s to %s", + source_filename, dest_filename)); sftp->rename_s = sftp->rename_packet = LIBSSH2_ALLOC(session, packet_len); if(!sftp->rename_packet) { @@ -2844,7 +2917,7 @@ static int sftp_rename(LIBSSH2_SFTP *sftp, const char *source_filename, _libssh2_store_str(&sftp->rename_s, dest_filename, dest_filename_len); if(sftp->version >= 5) - _libssh2_store_u32(&sftp->rename_s, flags); + _libssh2_store_u32(&sftp->rename_s, (uint32_t)flags); sftp->rename_state = libssh2_NB_state_created; } @@ -2853,7 +2926,7 @@ static int sftp_rename(LIBSSH2_SFTP *sftp, const char *source_filename, rc = _libssh2_channel_write(channel, 0, sftp->rename_packet, sftp->rename_s - sftp->rename_packet); if(rc == LIBSSH2_ERROR_EAGAIN) { - return rc; + return (int)rc; } else if((ssize_t)packet_len != rc) { LIBSSH2_FREE(session, sftp->rename_packet); @@ -2872,7 +2945,7 @@ static int sftp_rename(LIBSSH2_SFTP *sftp, const char *source_filename, sftp->rename_request_id, &data, &data_len, 9); if(rc == LIBSSH2_ERROR_EAGAIN) { - return rc; + return (int)rc; } else if(rc == LIBSSH2_ERROR_BUFFER_TOO_SMALL) { if(data_len > 0) { @@ -2883,7 +2956,7 @@ static int sftp_rename(LIBSSH2_SFTP *sftp, const char *source_filename, } else if(rc) { sftp->rename_state = libssh2_NB_state_idle; - return _libssh2_error(session, rc, + return _libssh2_error(session, (int)rc, "Error waiting for FXP STATUS"); } @@ -2939,9 +3012,7 @@ libssh2_sftp_rename_ex(LIBSSH2_SFTP *sftp, const char *source_filename, return rc; } -/* - * sftp_fstatvfs - * +/* sftp_fstatvfs * Get file system statistics */ static int sftp_fstatvfs(LIBSSH2_SFTP_HANDLE *handle, LIBSSH2_SFTP_STATVFS *st) @@ -2949,20 +3020,22 @@ static int sftp_fstatvfs(LIBSSH2_SFTP_HANDLE *handle, LIBSSH2_SFTP_STATVFS *st) LIBSSH2_SFTP *sftp = handle->sftp; LIBSSH2_CHANNEL *channel = sftp->channel; LIBSSH2_SESSION *session = channel->session; - size_t data_len; + size_t data_len = 0; /* 17 = packet_len(4) + packet_type(1) + request_id(4) + ext_len(4) + handle_len (4) */ /* 20 = strlen ("fstatvfs@openssh.com") */ - uint32_t packet_len = handle->handle_len + 20 + 17; - unsigned char *packet, *s, *data; + uint32_t packet_len = (uint32_t)(handle->handle_len + 20 + 17); + unsigned char *packet, *s, *data = NULL; ssize_t rc; unsigned int flag; static const unsigned char responses[2] = { SSH_FXP_EXTENDED_REPLY, SSH_FXP_STATUS }; if(sftp->fstatvfs_state == libssh2_NB_state_idle) { - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, - "Getting file system statistics"); + sftp->last_errno = LIBSSH2_FX_OK; + + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, + "Getting file system statistics")); s = packet = LIBSSH2_ALLOC(session, packet_len); if(!packet) { return _libssh2_error(session, LIBSSH2_ERROR_ALLOC, @@ -3006,7 +3079,7 @@ static int sftp_fstatvfs(LIBSSH2_SFTP_HANDLE *handle, LIBSSH2_SFTP_STATVFS *st) &data, &data_len, 9); if(rc == LIBSSH2_ERROR_EAGAIN) { - return rc; + return (int)rc; } else if(rc == LIBSSH2_ERROR_BUFFER_TOO_SMALL) { if(data_len > 0) { @@ -3017,12 +3090,12 @@ static int sftp_fstatvfs(LIBSSH2_SFTP_HANDLE *handle, LIBSSH2_SFTP_STATVFS *st) } else if(rc) { sftp->fstatvfs_state = libssh2_NB_state_idle; - return _libssh2_error(session, rc, + return _libssh2_error(session, (int)rc, "Error waiting for FXP EXTENDED REPLY"); } if(data[0] == SSH_FXP_STATUS) { - int retcode = _libssh2_ntohu32(data + 5); + uint32_t retcode = _libssh2_ntohu32(data + 5); sftp->fstatvfs_state = libssh2_NB_state_idle; LIBSSH2_FREE(session, data); sftp->last_errno = retcode; @@ -3075,9 +3148,7 @@ libssh2_sftp_fstatvfs(LIBSSH2_SFTP_HANDLE *handle, LIBSSH2_SFTP_STATVFS *st) return rc; } -/* - * sftp_statvfs - * +/* sftp_statvfs * Get file system statistics */ static int sftp_statvfs(LIBSSH2_SFTP *sftp, const char *path, @@ -3085,20 +3156,22 @@ static int sftp_statvfs(LIBSSH2_SFTP *sftp, const char *path, { LIBSSH2_CHANNEL *channel = sftp->channel; LIBSSH2_SESSION *session = channel->session; - size_t data_len; + size_t data_len = 0; /* 17 = packet_len(4) + packet_type(1) + request_id(4) + ext_len(4) + path_len (4) */ /* 19 = strlen ("statvfs@openssh.com") */ uint32_t packet_len = path_len + 19 + 17; - unsigned char *packet, *s, *data; + unsigned char *packet, *s, *data = NULL; ssize_t rc; unsigned int flag; static const unsigned char responses[2] = { SSH_FXP_EXTENDED_REPLY, SSH_FXP_STATUS }; if(sftp->statvfs_state == libssh2_NB_state_idle) { - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, - "Getting file system statistics of %s", path); + sftp->last_errno = LIBSSH2_FX_OK; + + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, + "Getting file system statistics of %s", path)); s = packet = LIBSSH2_ALLOC(session, packet_len); if(!packet) { return _libssh2_error(session, LIBSSH2_ERROR_ALLOC, @@ -3141,7 +3214,7 @@ static int sftp_statvfs(LIBSSH2_SFTP *sftp, const char *path, rc = sftp_packet_requirev(sftp, 2, responses, sftp->statvfs_request_id, &data, &data_len, 9); if(rc == LIBSSH2_ERROR_EAGAIN) { - return rc; + return (int)rc; } else if(rc == LIBSSH2_ERROR_BUFFER_TOO_SMALL) { if(data_len > 0) { @@ -3152,12 +3225,12 @@ static int sftp_statvfs(LIBSSH2_SFTP *sftp, const char *path, } else if(rc) { sftp->statvfs_state = libssh2_NB_state_idle; - return _libssh2_error(session, rc, + return _libssh2_error(session, (int)rc, "Error waiting for FXP EXTENDED REPLY"); } if(data[0] == SSH_FXP_STATUS) { - int retcode = _libssh2_ntohu32(data + 5); + uint32_t retcode = _libssh2_ntohu32(data + 5); sftp->statvfs_state = libssh2_NB_state_idle; LIBSSH2_FREE(session, data); sftp->last_errno = retcode; @@ -3206,15 +3279,13 @@ libssh2_sftp_statvfs(LIBSSH2_SFTP *sftp, const char *path, int rc; if(!sftp || !st) return LIBSSH2_ERROR_BAD_USE; - BLOCK_ADJUST(rc, sftp->channel->session, sftp_statvfs(sftp, path, path_len, - st)); + BLOCK_ADJUST(rc, sftp->channel->session, + sftp_statvfs(sftp, path, (unsigned int)path_len, st)); return rc; } -/* - * sftp_mkdir - * +/* sftp_mkdir * Create an SFTP directory */ static int sftp_mkdir(LIBSSH2_SFTP *sftp, const char *path, @@ -3225,10 +3296,10 @@ static int sftp_mkdir(LIBSSH2_SFTP *sftp, const char *path, LIBSSH2_SFTP_ATTRIBUTES attrs = { 0, 0, 0, 0, 0, 0, 0 }; - size_t data_len; - int retcode; + size_t data_len = 0; + uint32_t retcode; ssize_t packet_len; - unsigned char *packet, *s, *data; + unsigned char *packet, *s, *data = NULL; int rc; if(mode != LIBSSH2_SFTP_DEFAULT_MODE) { @@ -3241,8 +3312,10 @@ static int sftp_mkdir(LIBSSH2_SFTP *sftp, const char *path, packet_len = path_len + 13 + sftp_attrsize(attrs.flags); if(sftp->mkdir_state == libssh2_NB_state_idle) { - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, - "Creating directory %s with mode 0%lo", path, mode); + sftp->last_errno = LIBSSH2_FX_OK; + + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, + "Creating directory %s with mode 0%lo", path, mode)); s = packet = LIBSSH2_ALLOC(session, packet_len); if(!packet) { return _libssh2_error(session, LIBSSH2_ERROR_ALLOC, @@ -3250,7 +3323,7 @@ static int sftp_mkdir(LIBSSH2_SFTP *sftp, const char *path, "packet"); } - _libssh2_store_u32(&s, packet_len - 4); + _libssh2_store_u32(&s, (uint32_t)(packet_len - 4)); *(s++) = SSH_FXP_MKDIR; sftp->mkdir_request_id = sftp->request_id++; _libssh2_store_u32(&s, sftp->mkdir_request_id); @@ -3265,12 +3338,13 @@ static int sftp_mkdir(LIBSSH2_SFTP *sftp, const char *path, } if(sftp->mkdir_state == libssh2_NB_state_created) { - rc = _libssh2_channel_write(channel, 0, packet, packet_len); - if(rc == LIBSSH2_ERROR_EAGAIN) { + ssize_t nwritten; + nwritten = _libssh2_channel_write(channel, 0, packet, packet_len); + if(nwritten == LIBSSH2_ERROR_EAGAIN) { sftp->mkdir_packet = packet; - return rc; + return (int)nwritten; } - if(packet_len != rc) { + if(packet_len != nwritten) { LIBSSH2_FREE(session, packet); sftp->mkdir_state = libssh2_NB_state_idle; return _libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND, @@ -3305,7 +3379,7 @@ static int sftp_mkdir(LIBSSH2_SFTP *sftp, const char *path, LIBSSH2_FREE(session, data); if(retcode == LIBSSH2_FX_OK) { - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, "OK!"); + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, "OK!")); return 0; } else { @@ -3315,9 +3389,7 @@ static int sftp_mkdir(LIBSSH2_SFTP *sftp, const char *path, } } -/* - * libssh2_sftp_mkdir_ex - * +/* libssh2_sftp_mkdir_ex * Create an SFTP directory */ LIBSSH2_API int @@ -3340,16 +3412,18 @@ static int sftp_rmdir(LIBSSH2_SFTP *sftp, const char *path, { LIBSSH2_CHANNEL *channel = sftp->channel; LIBSSH2_SESSION *session = channel->session; - size_t data_len; - int retcode; + size_t data_len = 0; + uint32_t retcode; /* 13 = packet_len(4) + packet_type(1) + request_id(4) + path_len(4) */ ssize_t packet_len = path_len + 13; - unsigned char *s, *data; + unsigned char *s, *data = NULL; int rc; if(sftp->rmdir_state == libssh2_NB_state_idle) { - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, "Removing directory: %s", - path); + sftp->last_errno = LIBSSH2_FX_OK; + + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, "Removing directory: %s", + path)); s = sftp->rmdir_packet = LIBSSH2_ALLOC(session, packet_len); if(!sftp->rmdir_packet) { return _libssh2_error(session, LIBSSH2_ERROR_ALLOC, @@ -3357,7 +3431,7 @@ static int sftp_rmdir(LIBSSH2_SFTP *sftp, const char *path, "packet"); } - _libssh2_store_u32(&s, packet_len - 4); + _libssh2_store_u32(&s, (uint32_t)(packet_len - 4)); *(s++) = SSH_FXP_RMDIR; sftp->rmdir_request_id = sftp->request_id++; _libssh2_store_u32(&s, sftp->rmdir_request_id); @@ -3367,12 +3441,13 @@ static int sftp_rmdir(LIBSSH2_SFTP *sftp, const char *path, } if(sftp->rmdir_state == libssh2_NB_state_created) { - rc = _libssh2_channel_write(channel, 0, sftp->rmdir_packet, - packet_len); - if(rc == LIBSSH2_ERROR_EAGAIN) { - return rc; + ssize_t nwritten; + nwritten = _libssh2_channel_write(channel, 0, sftp->rmdir_packet, + packet_len); + if(nwritten == LIBSSH2_ERROR_EAGAIN) { + return (int)nwritten; } - else if(packet_len != rc) { + else if(packet_len != nwritten) { LIBSSH2_FREE(session, sftp->rmdir_packet); sftp->rmdir_packet = NULL; sftp->rmdir_state = libssh2_NB_state_idle; @@ -3442,22 +3517,24 @@ static int sftp_stat(LIBSSH2_SFTP *sftp, const char *path, { LIBSSH2_CHANNEL *channel = sftp->channel; LIBSSH2_SESSION *session = channel->session; - size_t data_len; + size_t data_len = 0; /* 13 = packet_len(4) + packet_type(1) + request_id(4) + path_len(4) */ ssize_t packet_len = path_len + 13 + ((stat_type == LIBSSH2_SFTP_SETSTAT) ? sftp_attrsize(attrs->flags) : 0); - unsigned char *s, *data; + unsigned char *s, *data = NULL; static const unsigned char stat_responses[2] = { SSH_FXP_ATTRS, SSH_FXP_STATUS }; int rc; if(sftp->stat_state == libssh2_NB_state_idle) { - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, "%s %s", + sftp->last_errno = LIBSSH2_FX_OK; + + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, "%s %s", (stat_type == LIBSSH2_SFTP_SETSTAT) ? "Set-statting" : (stat_type == - LIBSSH2_SFTP_LSTAT ? "LStatting" : "Statting"), path); + LIBSSH2_SFTP_LSTAT ? "LStatting" : "Statting"), path)); s = sftp->stat_packet = LIBSSH2_ALLOC(session, packet_len); if(!sftp->stat_packet) { return _libssh2_error(session, LIBSSH2_ERROR_ALLOC, @@ -3465,7 +3542,7 @@ static int sftp_stat(LIBSSH2_SFTP *sftp, const char *path, "packet"); } - _libssh2_store_u32(&s, packet_len - 4); + _libssh2_store_u32(&s, (uint32_t)(packet_len - 4)); switch(stat_type) { case LIBSSH2_SFTP_SETSTAT: @@ -3491,11 +3568,13 @@ static int sftp_stat(LIBSSH2_SFTP *sftp, const char *path, } if(sftp->stat_state == libssh2_NB_state_created) { - rc = _libssh2_channel_write(channel, 0, sftp->stat_packet, packet_len); - if(rc == LIBSSH2_ERROR_EAGAIN) { - return rc; + ssize_t nwritten; + nwritten = _libssh2_channel_write(channel, 0, + sftp->stat_packet, packet_len); + if(nwritten == LIBSSH2_ERROR_EAGAIN) { + return (int)nwritten; } - else if(packet_len != rc) { + else if(packet_len != nwritten) { LIBSSH2_FREE(session, sftp->stat_packet); sftp->stat_packet = NULL; sftp->stat_state = libssh2_NB_state_idle; @@ -3528,7 +3607,7 @@ static int sftp_stat(LIBSSH2_SFTP *sftp, const char *path, sftp->stat_state = libssh2_NB_state_idle; if(data[0] == SSH_FXP_STATUS) { - int retcode; + uint32_t retcode; retcode = _libssh2_ntohu32(data + 5); LIBSSH2_FREE(session, data); @@ -3580,22 +3659,25 @@ static int sftp_symlink(LIBSSH2_SFTP *sftp, const char *path, { LIBSSH2_CHANNEL *channel = sftp->channel; LIBSSH2_SESSION *session = channel->session; - size_t data_len, link_len; + size_t data_len = 0, link_len; /* 13 = packet_len(4) + packet_type(1) + request_id(4) + path_len(4) */ ssize_t packet_len = path_len + 13 + ((link_type == LIBSSH2_SFTP_SYMLINK) ? (4 + target_len) : 0); - unsigned char *s, *data; + unsigned char *s, *data = NULL; static const unsigned char link_responses[2] = { SSH_FXP_NAME, SSH_FXP_STATUS }; int retcode; - if((sftp->version < 3) && (link_type != LIBSSH2_SFTP_REALPATH)) { - return _libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL, - "Server does not support SYMLINK or READLINK"); - } - if(sftp->symlink_state == libssh2_NB_state_idle) { + sftp->last_errno = LIBSSH2_FX_OK; + + if((sftp->version < 3) && (link_type != LIBSSH2_SFTP_REALPATH)) { + return _libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL, + "Server does not support SYMLINK or" + " READLINK"); + } + s = sftp->symlink_packet = LIBSSH2_ALLOC(session, packet_len); if(!sftp->symlink_packet) { return _libssh2_error(session, LIBSSH2_ERROR_ALLOC, @@ -3603,13 +3685,14 @@ static int sftp_symlink(LIBSSH2_SFTP *sftp, const char *path, "SYMLINK/READLINK/REALPATH packet"); } - _libssh2_debug(session, LIBSSH2_TRACE_SFTP, "%s %s on %s", + _libssh2_debug((session, LIBSSH2_TRACE_SFTP, "%s %s on %s", (link_type == LIBSSH2_SFTP_SYMLINK) ? "Creating" : "Reading", (link_type == - LIBSSH2_SFTP_REALPATH) ? "realpath" : "symlink", path); + LIBSSH2_SFTP_REALPATH) ? "realpath" : "symlink", + path)); - _libssh2_store_u32(&s, packet_len - 4); + _libssh2_store_u32(&s, (uint32_t)(packet_len - 4)); switch(link_type) { case LIBSSH2_SFTP_REALPATH: @@ -3638,7 +3721,7 @@ static int sftp_symlink(LIBSSH2_SFTP *sftp, const char *path, ssize_t rc = _libssh2_channel_write(channel, 0, sftp->symlink_packet, packet_len); if(rc == LIBSSH2_ERROR_EAGAIN) - return rc; + return (int)rc; else if(packet_len != rc) { LIBSSH2_FREE(session, sftp->symlink_packet); sftp->symlink_packet = NULL; diff --git a/libssh2/src/sftp.h b/libssh2/src/sftp.h index 129b8f085..267301f1b 100644 --- a/libssh2/src/sftp.h +++ b/libssh2/src/sftp.h @@ -67,10 +67,6 @@ struct sftp_zombie_requests { uint32_t request_id; }; -#ifndef MIN -#define MIN(x,y) ((x)<(y)?(x):(y)) -#endif - struct _LIBSSH2_SFTP_PACKET { struct list_node node; /* linked list header */ @@ -153,9 +149,10 @@ struct _LIBSSH2_SFTP uint32_t last_errno; /* Holder for partial packet, use in libssh2_sftp_packet_read() */ - unsigned char partial_size[4]; /* buffer for size field */ - size_t partial_size_len; /* size field length */ - unsigned char *partial_packet; /* The data */ + unsigned char packet_header[9]; + /* packet size (4) packet type (1) request id (4) */ + size_t packet_header_len; /* packet_header length */ + unsigned char *partial_packet; /* The data, with header */ uint32_t partial_len; /* Desired number of bytes */ size_t partial_received; /* Bytes received so far */ diff --git a/libssh2/src/transport.c b/libssh2/src/transport.c index 17af3e4da..6d902d337 100644 --- a/libssh2/src/transport.c +++ b/libssh2/src/transport.c @@ -34,18 +34,16 @@ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY * OF SUCH DAMAGE. - * + */ + +/* * This file handles reading and writing to the SECSH transport layer. RFC4253. */ #include "libssh2_priv.h" -#include -#include -#include -#ifdef LIBSSH2DEBUG -#include -#endif +#include +#include #include #include "transport.h" @@ -118,29 +116,50 @@ debugdump(LIBSSH2_SESSION * session, } } #else -#define debugdump(a,x,y,z) +#define debugdump(a,x,y,z) do {} while(0) #endif -/* decrypt() decrypts 'len' bytes from 'source' to 'dest'. +/* decrypt() decrypts 'len' bytes from 'source' to 'dest' in units of + * blocksize. * * returns 0 on success and negative on failure */ static int decrypt(LIBSSH2_SESSION * session, unsigned char *source, - unsigned char *dest, int len) + unsigned char *dest, ssize_t len, int firstlast) { struct transportpacket *p = &session->packet; int blocksize = session->remote.crypt->blocksize; /* if we get called with a len that isn't an even number of blocksizes - we risk losing those extra bytes */ - assert((len % blocksize) == 0); + we risk losing those extra bytes. AAD is an exception, since those first + few bytes aren't encrypted so it throws off the rest of the count. */ + if(!CRYPT_FLAG_L(session, PKTLEN_AAD)) + assert((len % blocksize) == 0); - while(len >= blocksize) { - if(session->remote.crypt->crypt(session, source, blocksize, - &session->remote.crypt_abstract)) { + while(len > 0) { + /* normally decrypt up to blocksize bytes at a time */ + ssize_t decryptlen = LIBSSH2_MIN(blocksize, len); + /* The first block is special (since it needs to be decoded to get the + length of the remainder of the block) and takes priority. When the + length finally gets to the last blocksize bytes, and there's no + more data to come, it's the end. */ + int lowerfirstlast = IS_FIRST(firstlast) ? FIRST_BLOCK : + ((len <= blocksize) ? firstlast : MIDDLE_BLOCK); + /* If the last block would be less than a whole blocksize, combine it + with the previous block to make it larger. This ensures that the + whole MAC is included in a single decrypt call. */ + if(CRYPT_FLAG_L(session, PKTLEN_AAD) && IS_LAST(firstlast) + && (len < blocksize*2)) { + decryptlen = len; + lowerfirstlast = LAST_BLOCK; + } + + if(session->remote.crypt->crypt(session, source, decryptlen, + &session->remote.crypt_abstract, + lowerfirstlast)) { LIBSSH2_FREE(session, p->payload); return LIBSSH2_ERROR_DECRYPT; } @@ -148,11 +167,11 @@ decrypt(LIBSSH2_SESSION * session, unsigned char *source, /* if the crypt() function would write to a given address it wouldn't have to memcpy() and we could avoid this memcpy() too */ - memcpy(dest, source, blocksize); + memcpy(dest, source, decryptlen); - len -= blocksize; /* less bytes left */ - dest += blocksize; /* advance write pointer */ - source += blocksize; /* advance read pointer */ + len -= decryptlen; /* less bytes left */ + dest += decryptlen; /* advance write pointer */ + source += decryptlen; /* advance read pointer */ } return LIBSSH2_ERROR_NONE; /* all is fine */ } @@ -173,24 +192,84 @@ fullpacket(LIBSSH2_SESSION * session, int encrypted /* 1 or 0 */ ) session->fullpacket_macstate = LIBSSH2_MAC_CONFIRMED; session->fullpacket_payload_len = p->packet_length - 1; - if(encrypted) { + if(encrypted && !CRYPT_FLAG_L(session, INTEGRATED_MAC)) { /* Calculate MAC hash */ - session->remote.mac->hash(session, macbuf, /* store hash here */ - session->remote.seqno, - p->init, 5, - p->payload, - session->fullpacket_payload_len, - &session->remote.mac_abstract); + int etm = session->remote.mac->etm; + size_t mac_len = session->remote.mac->mac_len; + if(etm) { + /* store hash here */ + session->remote.mac->hash(session, macbuf, + session->remote.seqno, + p->payload, p->total_num - mac_len, + NULL, 0, + &session->remote.mac_abstract); + } + else { + /* store hash here */ + session->remote.mac->hash(session, macbuf, + session->remote.seqno, + p->init, 5, + p->payload, + session->fullpacket_payload_len, + &session->remote.mac_abstract); + } /* Compare the calculated hash with the MAC we just read from * the network. The read one is at the very end of the payload * buffer. Note that 'payload_len' here is the packet_length * field which includes the padding but not the MAC. */ - if(memcmp(macbuf, p->payload + session->fullpacket_payload_len, - session->remote.mac->mac_len)) { + if(memcmp(macbuf, p->payload + p->total_num - mac_len, mac_len)) { + _libssh2_debug((session, LIBSSH2_TRACE_SOCKET, + "Failed MAC check")); session->fullpacket_macstate = LIBSSH2_MAC_INVALID; + + } + else if(etm) { + /* MAC was ok and we start by decrypting the first block that + contains padding length since this allows us to decrypt + all other blocks to the right location in memory + avoiding moving a larger block of memory one byte. */ + unsigned char first_block[MAX_BLOCKSIZE]; + ssize_t decrypt_size; + unsigned char *decrypt_buffer; + int blocksize = session->remote.crypt->blocksize; + + rc = decrypt(session, p->payload + 4, + first_block, blocksize, FIRST_BLOCK); + if(rc) { + return rc; + } + + /* we need buffer for decrypt */ + decrypt_size = p->total_num - mac_len - 4; + decrypt_buffer = LIBSSH2_ALLOC(session, decrypt_size); + if(!decrypt_buffer) { + return LIBSSH2_ERROR_ALLOC; + } + + /* grab padding length and copy anything else + into target buffer */ + p->padding_length = first_block[0]; + if(blocksize > 1) { + memcpy(decrypt_buffer, first_block + 1, blocksize - 1); + } + + /* decrypt all other blocks packet */ + if(blocksize < decrypt_size) { + rc = decrypt(session, p->payload + blocksize + 4, + decrypt_buffer + blocksize - 1, + decrypt_size - blocksize, LAST_BLOCK); + if(rc) { + LIBSSH2_FREE(session, decrypt_buffer); + return rc; + } + } + + /* replace encrypted payload with plain text payload */ + LIBSSH2_FREE(session, p->payload); + p->payload = decrypt_buffer; } } @@ -200,11 +279,10 @@ fullpacket(LIBSSH2_SESSION * session, int encrypted /* 1 or 0 */ ) session->fullpacket_payload_len -= p->padding_length; /* Check for and deal with decompression */ - compressed = - session->local.comp != NULL && - session->local.comp->compress && - ((session->state & LIBSSH2_STATE_AUTHENTICATED) || - session->local.comp->use_in_auth); + compressed = session->local.comp && + session->local.comp->compress && + ((session->state & LIBSSH2_STATE_AUTHENTICATED) || + session->local.comp->use_in_auth); if(compressed && session->remote.comp_abstract) { /* @@ -274,13 +352,19 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session) { int rc; struct transportpacket *p = &session->packet; - int remainbuf; - int remainpack; - int numbytes; - int numdecrypt; - unsigned char block[MAX_BLOCKSIZE]; - int blocksize; - int encrypted = 1; + ssize_t remainpack; /* how much there is left to add to the current payload + package */ + ssize_t remainbuf; /* how much data there is remaining in the buffer to + deal with before we should read more from the + network */ + ssize_t numbytes; /* how much data to deal with from the buffer on this + iteration through the loop */ + ssize_t numdecrypt; /* number of bytes to decrypt this iteration */ + unsigned char block[MAX_BLOCKSIZE]; /* working block buffer */ + int blocksize; /* minimum number of bytes we need before we can + use them */ + int encrypted = 1; /* whether the packet is encrypted or not */ + int firstlast = FIRST_BLOCK; /* if the first or last block to decrypt */ /* default clear the bit */ session->socket_block_directions &= ~LIBSSH2_SESSION_BLOCK_INBOUND; @@ -303,8 +387,8 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session) /* Whoever wants a packet won't get anything until the key re-exchange * is done! */ - _libssh2_debug(session, LIBSSH2_TRACE_TRANS, "Redirecting into the" - " key re-exchange from _libssh2_transport_read"); + _libssh2_debug((session, LIBSSH2_TRACE_TRANS, "Redirecting into the" + " key re-exchange from _libssh2_transport_read")); rc = _libssh2_kex_exchange(session, 1, &session->startup_key_state); if(rc) return rc; @@ -322,6 +406,7 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session) } do { + int etm; if(session->socket_state == LIBSSH2_SOCKET_DISCONNECTED) { return LIBSSH2_ERROR_SOCKET_DISCONNECT; } @@ -335,6 +420,8 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session) make the checks below work fine still */ } + etm = encrypted && session->local.mac ? session->local.mac->etm : 0; + /* read/use a whole big chunk into a temporary area stored in the LIBSSH2_SESSION struct. We will decrypt data from that buffer into the packet buffer so this temp one doesn't have @@ -366,10 +453,9 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session) } /* now read a big chunk from the network into the temp buffer */ - nread = - LIBSSH2_RECV(session, &p->buf[remainbuf], - PACKETBUFSIZE - remainbuf, - LIBSSH2_SOCKET_RECV_FLAGS(session)); + nread = LIBSSH2_RECV(session, &p->buf[remainbuf], + PACKETBUFSIZE - remainbuf, + LIBSSH2_SOCKET_RECV_FLAGS(session)); if(nread <= 0) { /* check if this is due to EAGAIN and return the special return code if so, error out normally otherwise */ @@ -378,14 +464,14 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session) LIBSSH2_SESSION_BLOCK_INBOUND; return LIBSSH2_ERROR_EAGAIN; } - _libssh2_debug(session, LIBSSH2_TRACE_SOCKET, + _libssh2_debug((session, LIBSSH2_TRACE_SOCKET, "Error recving %d bytes (got %d)", - PACKETBUFSIZE - remainbuf, -nread); + PACKETBUFSIZE - remainbuf, -nread)); return LIBSSH2_ERROR_SOCKET_RECV; } - _libssh2_debug(session, LIBSSH2_TRACE_SOCKET, + _libssh2_debug((session, LIBSSH2_TRACE_SOCKET, "Recved %d/%d bytes to %p+%d", nread, - PACKETBUFSIZE - remainbuf, p->buf, remainbuf); + PACKETBUFSIZE - remainbuf, p->buf, remainbuf)); debugdump(session, "libssh2_transport_read() raw", &p->buf[remainbuf], nread); @@ -400,13 +486,19 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session) numbytes = remainbuf; if(!p->total_num) { - size_t total_num; + size_t total_num; /* the number of bytes following the initial + (5 bytes) packet length and padding length + fields */ + + /* packet length is not encrypted in encode-then-mac mode + and we donøt need to decrypt first block */ + ssize_t required_size = etm ? 4 : blocksize; /* No payload package area allocated yet. To know the - size of this payload, we need to decrypt the first + size of this payload, we need enough to decrypt the first blocksize data. */ - if(numbytes < blocksize) { + if(numbytes < required_size) { /* we can't act on anything less than blocksize, but this check is only done for the initial block since once we have got the start of a block we can in fact deal with fractions @@ -416,28 +508,37 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session) return LIBSSH2_ERROR_EAGAIN; } - if(encrypted) { - rc = decrypt(session, &p->buf[p->readidx], block, blocksize); - if(rc != LIBSSH2_ERROR_NONE) { - return rc; - } - /* save the first 5 bytes of the decrypted package, to be - used in the hash calculation later down. */ - memcpy(p->init, block, 5); + if(etm) { + p->packet_length = _libssh2_ntohu32(&p->buf[p->readidx]); } else { - /* the data is plain, just copy it verbatim to - the working block buffer */ - memcpy(block, &p->buf[p->readidx], blocksize); + if(encrypted) { + /* first decrypted block */ + rc = decrypt(session, &p->buf[p->readidx], + block, blocksize, FIRST_BLOCK); + if(rc != LIBSSH2_ERROR_NONE) { + return rc; + } + /* Save the first 5 bytes of the decrypted package, to be + used in the hash calculation later down. + This is ignored in the INTEGRATED_MAC case. */ + memcpy(p->init, block, 5); + } + else { + /* the data is plain, just copy it verbatim to + the working block buffer */ + memcpy(block, &p->buf[p->readidx], blocksize); + } + + /* advance the read pointer */ + p->readidx += blocksize; + + /* we now have the initial blocksize bytes decrypted, + * and we can extract packet and padding length from it + */ + p->packet_length = _libssh2_ntohu32(block); } - /* advance the read pointer */ - p->readidx += blocksize; - - /* we now have the initial blocksize bytes decrypted, - * and we can extract packet and padding length from it - */ - p->packet_length = _libssh2_ntohu32(block); if(p->packet_length < 1) { return LIBSSH2_ERROR_DECRYPT; } @@ -445,17 +546,27 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session) return LIBSSH2_ERROR_OUT_OF_BOUNDARY; } - p->padding_length = block[4]; - if(p->padding_length > p->packet_length - 1) { - return LIBSSH2_ERROR_DECRYPT; + if(etm) { + /* we collect entire undecrypted packet including the + packet length field that we run MAC over */ + total_num = 4 + p->packet_length + + session->remote.mac->mac_len; } + else { + /* padding_length has not been authenticated yet, but it won't + actually be used (except for the sanity check immediately + following) until after the entire packet is authenticated, + so this is safe. */ + p->padding_length = block[4]; + if(p->padding_length > p->packet_length - 1) { + return LIBSSH2_ERROR_DECRYPT; + } - - /* total_num is the number of bytes following the initial - (5 bytes) packet length and padding length fields */ - total_num = - p->packet_length - 1 + - (encrypted ? session->remote.mac->mac_len : 0); + /* total_num is the number of bytes following the initial + (5 bytes) packet length and padding length fields */ + total_num = p->packet_length - 1 + + (encrypted ? session->remote.mac->mac_len : 0); + } /* RFC4253 section 6.1 Maximum Packet Length says: * @@ -479,13 +590,17 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session) /* init write pointer to start of payload buffer */ p->wptr = p->payload; - if(blocksize > 5) { + if(!etm && blocksize > 5) { /* copy the data from index 5 to the end of the blocksize from the temporary buffer to the start of the decrypted buffer */ if(blocksize - 5 <= (int) total_num) { memcpy(p->wptr, &block[5], blocksize - 5); p->wptr += blocksize - 5; /* advance write pointer */ + if(etm) { + /* advance past unencrypted packet length */ + p->wptr += 4; + } } else { if(p->payload) @@ -499,7 +614,8 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session) p->data_num = p->wptr - p->payload; /* we already dealt with a blocksize worth of data */ - numbytes -= blocksize; + if(!etm) + numbytes -= blocksize; } /* how much there is left to add to the current payload @@ -512,42 +628,60 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session) numbytes = remainpack; } - if(encrypted) { + if(encrypted && !etm) { /* At the end of the incoming stream, there is a MAC, and we don't want to decrypt that since we need it "raw". We MUST however decrypt the padding data since it is used for the hash later on. */ int skip = session->remote.mac->mac_len; + if(CRYPT_FLAG_R(session, INTEGRATED_MAC)) + /* This crypto method DOES need the MAC to go through + decryption so it can be authenticated. */ + skip = 0; + /* if what we have plus numbytes is bigger than the total minus the skip margin, we should lower the amount to decrypt even more */ - if((p->data_num + numbytes) > (p->total_num - skip)) { - numdecrypt = (p->total_num - skip) - p->data_num; + if((p->data_num + numbytes) >= (p->total_num - skip)) { + /* decrypt the entire rest of the package */ + numdecrypt = LIBSSH2_MAX(0, + (int)(p->total_num - skip) - (int)p->data_num); + firstlast = LAST_BLOCK; } else { - int frac; + ssize_t frac; numdecrypt = numbytes; frac = numdecrypt % blocksize; if(frac) { - /* not an aligned amount of blocks, - align it */ + /* not an aligned amount of blocks, align it by reducing + the number of bytes processed this loop */ numdecrypt -= frac; /* and make it no unencrypted data after it */ numbytes = 0; } + if(CRYPT_FLAG_R(session, INTEGRATED_MAC)) { + /* Make sure that we save enough bytes to make the last + * block large enough to hold the entire integrated MAC */ + numdecrypt = LIBSSH2_MIN(numdecrypt, + (int)(p->total_num - skip - blocksize - p->data_num)); + numbytes = 0; + } + firstlast = MIDDLE_BLOCK; } } else { /* unencrypted data should not be decrypted at all */ numdecrypt = 0; } + assert(numdecrypt >= 0); /* if there are bytes to decrypt, do that */ if(numdecrypt > 0) { /* now decrypt the lot */ - rc = decrypt(session, &p->buf[p->readidx], p->wptr, numdecrypt); + rc = decrypt(session, &p->buf[p->readidx], p->wptr, numdecrypt, + firstlast); if(rc != LIBSSH2_ERROR_NONE) { p->total_num = 0; /* no packet buffer available */ return rc; @@ -564,11 +698,11 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session) numbytes -= numdecrypt; } - /* if there are bytes to copy that aren't decrypted, simply + /* if there are bytes to copy that aren't decrypted, copy them as-is to the target buffer */ if(numbytes > 0) { - if(numbytes <= (int)(p->total_num - (p->wptr - p->payload))) { + if((size_t)numbytes <= (p->total_num - (p->wptr - p->payload))) { memcpy(p->wptr, &p->buf[p->readidx], numbytes); } else { @@ -591,13 +725,13 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session) if(!remainpack) { /* we have a full packet */ - libssh2_transport_read_point1: +libssh2_transport_read_point1: rc = fullpacket(session, encrypted); if(rc == LIBSSH2_ERROR_EAGAIN) { if(session->packAdd_state != libssh2_NB_state_idle) { /* fullpacket only returns LIBSSH2_ERROR_EAGAIN if - * libssh2_packet_add returns LIBSSH2_ERROR_EAGAIN. If + * libssh2_packet_add() returns LIBSSH2_ERROR_EAGAIN. If * that returns LIBSSH2_ERROR_EAGAIN but the packAdd_state * is idle, then the packet has been added to the brigade, * but some immediate action that was taken based on the @@ -641,7 +775,8 @@ send_existing(LIBSSH2_SESSION *session, const unsigned char *data, we don't add this one up until the previous one has been sent. To make the caller really notice his/hers flaw, we return error for this case */ - return LIBSSH2_ERROR_BAD_USE; + _libssh2_debug((session, LIBSSH2_TRACE_SOCKET, + "Address is different, but will resume nonetheless")); } *ret = 1; /* set to make our parent return */ @@ -650,14 +785,14 @@ send_existing(LIBSSH2_SESSION *session, const unsigned char *data, length = p->ototal_num - p->osent; rc = LIBSSH2_SEND(session, &p->outbuf[p->osent], length, - LIBSSH2_SOCKET_SEND_FLAGS(session)); + LIBSSH2_SOCKET_SEND_FLAGS(session)); if(rc < 0) - _libssh2_debug(session, LIBSSH2_TRACE_SOCKET, - "Error sending %d bytes: %d", length, -rc); + _libssh2_debug((session, LIBSSH2_TRACE_SOCKET, + "Error sending %d bytes: %d", length, -rc)); else { - _libssh2_debug(session, LIBSSH2_TRACE_SOCKET, + _libssh2_debug((session, LIBSSH2_TRACE_SOCKET, "Sent %d/%d bytes at %p+%d", rc, length, p->outbuf, - p->osent); + p->osent)); debugdump(session, "libssh2_transport_write send()", &p->outbuf[p->osent], rc); } @@ -712,20 +847,22 @@ int _libssh2_transport_send(LIBSSH2_SESSION *session, int blocksize = (session->state & LIBSSH2_STATE_NEWKEYS) ? session->local.crypt->blocksize : 8; - int padding_length; + ssize_t padding_length; size_t packet_length; - int total_length; -#ifdef RANDOM_PADDING + ssize_t total_length; +#ifdef LIBSSH2_RANDOM_PADDING int rand_max; int seed = data[0]; /* FIXME: make this random */ #endif struct transportpacket *p = &session->packet; int encrypted; int compressed; + int etm; ssize_t ret; int rc; const unsigned char *orgdata = data; size_t orgdata_len = data_len; + size_t crypt_offset, etm_crypt_offset; /* * If the last read operation was interrupted in the middle of a key @@ -738,8 +875,8 @@ int _libssh2_transport_send(LIBSSH2_SESSION *session, !(session->state & LIBSSH2_STATE_KEX_ACTIVE)) { /* Don't write any new packets if we're still in the middle of a key * exchange. */ - _libssh2_debug(session, LIBSSH2_TRACE_TRANS, "Redirecting into the" - " key re-exchange from _libssh2_transport_send"); + _libssh2_debug((session, LIBSSH2_TRACE_TRANS, "Redirecting into the" + " key re-exchange from _libssh2_transport_send")); rc = _libssh2_kex_exchange(session, 1, &session->startup_key_state); if(rc) return rc; @@ -763,11 +900,12 @@ int _libssh2_transport_send(LIBSSH2_SESSION *session, encrypted = (session->state & LIBSSH2_STATE_NEWKEYS) ? 1 : 0; - compressed = - session->local.comp != NULL && - session->local.comp->compress && - ((session->state & LIBSSH2_STATE_AUTHENTICATED) || - session->local.comp->use_in_auth); + etm = encrypted && session->local.mac ? session->local.mac->etm : 0; + + compressed = session->local.comp && + session->local.comp->compress && + ((session->state & LIBSSH2_STATE_AUTHENTICATED) || + session->local.comp->use_in_auth); if(encrypted && compressed && session->local.comp_abstract) { /* the idea here is that these function must fail if the output gets @@ -825,12 +963,17 @@ int _libssh2_transport_send(LIBSSH2_SESSION *session, packet_length = data_len + 1 + 4; /* 1 is for padding_length field 4 for the packet_length field */ + /* subtract 4 bytes of the packet_length field when padding AES-GCM + or with ETM */ + crypt_offset = (etm || (encrypted && CRYPT_FLAG_R(session, PKTLEN_AAD))) + ? 4 : 0; + etm_crypt_offset = etm ? 4 : 0; /* at this point we have it all except the padding */ /* first figure out our minimum padding amount to make it an even block size */ - padding_length = blocksize - (packet_length % blocksize); + padding_length = blocksize - ((packet_length - crypt_offset) % blocksize); /* if the padding becomes too small we add another blocksize worth of it (taken from the original libssh2 where it didn't have any @@ -838,7 +981,7 @@ int _libssh2_transport_send(LIBSSH2_SESSION *session, if(padding_length < 4) { padding_length += blocksize; } -#ifdef RANDOM_PADDING +#ifdef LIBSSH2_RANDOM_PADDING /* FIXME: we can add padding here, but that also makes the packets bigger etc */ @@ -857,7 +1000,7 @@ int _libssh2_transport_send(LIBSSH2_SESSION *session, /* store packet_length, which is the size of the whole packet except the MAC and the packet_length field itself */ - _libssh2_htonu32(p->outbuf, packet_length - 4); + _libssh2_htonu32(p->outbuf, (uint32_t)(packet_length - 4)); /* store padding_length */ p->outbuf[4] = (unsigned char)padding_length; @@ -873,33 +1016,90 @@ int _libssh2_transport_send(LIBSSH2_SESSION *session, /* Calculate MAC hash. Put the output at index packet_length, since that size includes the whole packet. The MAC is calculated on the entire unencrypted packet, including all - fields except the MAC field itself. */ - session->local.mac->hash(session, p->outbuf + packet_length, - session->local.seqno, p->outbuf, - packet_length, NULL, 0, - &session->local.mac_abstract); + fields except the MAC field itself. This is skipped in the + INTEGRATED_MAC case, where the crypto algorithm also does its + own hash. */ + if(!etm && !CRYPT_FLAG_R(session, INTEGRATED_MAC)) { + session->local.mac->hash(session, p->outbuf + packet_length, + session->local.seqno, p->outbuf, + packet_length, NULL, 0, + &session->local.mac_abstract); + } /* Encrypt the whole packet data, one block size at a time. - The MAC field is not encrypted. */ - for(i = 0; i < packet_length; i += session->local.crypt->blocksize) { + The MAC field is not encrypted unless INTEGRATED_MAC. */ + /* Some crypto back-ends could handle a single crypt() call for + encryption, but (presumably) others cannot, so break it up + into blocksize-sized chunks to satisfy them all. */ + for(i = etm_crypt_offset; i < packet_length; + i += session->local.crypt->blocksize) { unsigned char *ptr = &p->outbuf[i]; + size_t bsize = LIBSSH2_MIN(session->local.crypt->blocksize, + (int)(packet_length-i)); + /* The INTEGRATED_MAC case always has an extra call below, so it + will never be LAST_BLOCK up here. */ + int firstlast = i == 0 ? FIRST_BLOCK : + (!CRYPT_FLAG_L(session, INTEGRATED_MAC) + && (i == packet_length - session->local.crypt->blocksize) + ? LAST_BLOCK: MIDDLE_BLOCK); + /* In the AAD case, the last block would be only 4 bytes because + everything is offset by 4 since the initial packet_length isn't + encrypted. In this case, combine that last short packet with the + previous one since AES-GCM crypt() assumes that the entire MAC + is available in that packet so it can set that to the + authentication tag. */ + if(!CRYPT_FLAG_L(session, INTEGRATED_MAC)) + if(i > packet_length - 2*bsize) { + /* increase the final block size */ + bsize = packet_length - i; + /* advance the loop counter by the extra amount */ + i += bsize - session->local.crypt->blocksize; + } + _libssh2_debug((session, LIBSSH2_TRACE_SOCKET, + "crypting bytes %d-%d", i, + i + session->local.crypt->blocksize - 1)); if(session->local.crypt->crypt(session, ptr, - session->local.crypt->blocksize, - &session->local.crypt_abstract)) + bsize, + &session->local.crypt_abstract, + firstlast)) return LIBSSH2_ERROR_ENCRYPT; /* encryption failure */ } + /* Call crypt() one last time so it can be filled in with the MAC */ + if(CRYPT_FLAG_L(session, INTEGRATED_MAC)) { + int authlen = session->local.mac->mac_len; + assert((size_t)total_length <= + packet_length + session->local.crypt->blocksize); + if(session->local.crypt->crypt(session, &p->outbuf[packet_length], + authlen, + &session->local.crypt_abstract, + LAST_BLOCK)) + return LIBSSH2_ERROR_ENCRYPT; /* encryption failure */ + } + + if(etm) { + /* Calculate MAC hash. Put the output at index packet_length, + since that size includes the whole packet. The MAC is + calculated on the entire packet (length plain the rest + encrypted), including all fields except the MAC field + itself. */ + session->local.mac->hash(session, p->outbuf + packet_length, + session->local.seqno, p->outbuf, + packet_length, NULL, 0, + &session->local.mac_abstract); + } } session->local.seqno++; ret = LIBSSH2_SEND(session, p->outbuf, total_length, - LIBSSH2_SOCKET_SEND_FLAGS(session)); + LIBSSH2_SOCKET_SEND_FLAGS(session)); if(ret < 0) - _libssh2_debug(session, LIBSSH2_TRACE_SOCKET, - "Error sending %d bytes: %d", total_length, -ret); + _libssh2_debug((session, LIBSSH2_TRACE_SOCKET, + "Error sending %d bytes: %d", total_length, -ret)); else { - _libssh2_debug(session, LIBSSH2_TRACE_SOCKET, "Sent %d/%d bytes at %p", - ret, total_length, p->outbuf); + _libssh2_debug((session, LIBSSH2_TRACE_SOCKET, + "Sent %d/%d bytes at %p", + ret, total_length, p->outbuf)); debugdump(session, "libssh2_transport_write send()", p->outbuf, ret); } diff --git a/libssh2/src/transport.h b/libssh2/src/transport.h index 7d395d0e7..7128bda7a 100644 --- a/libssh2/src/transport.h +++ b/libssh2/src/transport.h @@ -43,7 +43,6 @@ #include "libssh2_priv.h" #include "packet.h" - /* * libssh2_transport_send * diff --git a/libssh2/src/userauth.c b/libssh2/src/userauth.c index 40ef9153a..7745199bc 100644 --- a/libssh2/src/userauth.c +++ b/libssh2/src/userauth.c @@ -40,9 +40,6 @@ #include "libssh2_priv.h" #include -#include - -#include /* Needed for struct iovec on some platforms */ #ifdef HAVE_SYS_UIO_H @@ -52,8 +49,9 @@ #include "transport.h" #include "session.h" #include "userauth.h" +#include "userauth_kbd_packet.h" -/* libssh2_userauth_list +/* userauth_list * * List authentication methods * Will yield successful login if "none" happens to be allowable for this user @@ -63,11 +61,13 @@ static char *userauth_list(LIBSSH2_SESSION *session, const char *username, unsigned int username_len) { - static const unsigned char reply_codes[3] = - { SSH_MSG_USERAUTH_SUCCESS, SSH_MSG_USERAUTH_FAILURE, 0 }; + unsigned char reply_codes[4] = + { SSH_MSG_USERAUTH_SUCCESS, SSH_MSG_USERAUTH_FAILURE, + SSH_MSG_USERAUTH_BANNER, 0 }; /* packet_type(1) + username_len(4) + service_len(4) + service(14)"ssh-connection" + method_len(4) = 27 */ unsigned long methods_len; + unsigned int banner_len; unsigned char *s; int rc; @@ -134,6 +134,57 @@ static char *userauth_list(LIBSSH2_SESSION *session, const char *username, return NULL; } + if(session->userauth_list_data[0] == SSH_MSG_USERAUTH_BANNER) { + if(session->userauth_list_data_len < 5) { + LIBSSH2_FREE(session, session->userauth_list_data); + session->userauth_list_data = NULL; + _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "Unexpected packet size"); + return NULL; + } + banner_len = _libssh2_ntohu32(session->userauth_list_data + 1); + if(banner_len > session->userauth_list_data_len - 5) { + LIBSSH2_FREE(session, session->userauth_list_data); + session->userauth_list_data = NULL; + _libssh2_error(session, LIBSSH2_ERROR_OUT_OF_BOUNDARY, + "Unexpected userauth banner size"); + return NULL; + } + session->userauth_banner = LIBSSH2_ALLOC(session, banner_len + 1); + if(!session->userauth_banner) { + LIBSSH2_FREE(session, session->userauth_list_data); + session->userauth_list_data = NULL; + _libssh2_error(session, LIBSSH2_ERROR_ALLOC, + "Unable to allocate memory for userauth_banner"); + return NULL; + } + memcpy(session->userauth_banner, session->userauth_list_data + 5, + banner_len); + session->userauth_banner[banner_len] = '\0'; + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, + "Banner: %s", + session->userauth_banner)); + LIBSSH2_FREE(session, session->userauth_list_data); + session->userauth_list_data = NULL; + /* SSH_MSG_USERAUTH_BANNER has been handled */ + reply_codes[2] = 0; + rc = _libssh2_packet_requirev(session, reply_codes, + &session->userauth_list_data, + &session->userauth_list_data_len, 0, + NULL, 0, + &session->userauth_list_packet_requirev_state); + if(rc == LIBSSH2_ERROR_EAGAIN) { + _libssh2_error(session, LIBSSH2_ERROR_EAGAIN, + "Would block requesting userauth list"); + return NULL; + } + else if(rc || (session->userauth_list_data_len < 1)) { + _libssh2_error(session, rc, "Failed getting response"); + session->userauth_list_state = libssh2_NB_state_idle; + return NULL; + } + } + if(session->userauth_list_data[0] == SSH_MSG_USERAUTH_SUCCESS) { /* Wow, who'dve thought... */ _libssh2_error(session, LIBSSH2_ERROR_NONE, "No error"); @@ -163,13 +214,13 @@ static char *userauth_list(LIBSSH2_SESSION *session, const char *username, memmove(session->userauth_list_data, session->userauth_list_data + 5, methods_len); session->userauth_list_data[methods_len] = '\0'; - _libssh2_debug(session, LIBSSH2_TRACE_AUTH, + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, "Permitted auth methods: %s", - session->userauth_list_data); + session->userauth_list_data)); } session->userauth_list_state = libssh2_NB_state_idle; - return (char *) session->userauth_list_data; + return (char *)session->userauth_list_data; } /* libssh2_userauth_list @@ -189,6 +240,30 @@ libssh2_userauth_list(LIBSSH2_SESSION * session, const char *user, return ptr; } +/* libssh2_userauth_banner + * + * Retrieve banner message from server, if available. + * When no such message is sent by server or if no authentication attempt has + * been made, this function returns LIBSSH2_ERROR_MISSING_AUTH_BANNER. + */ +LIBSSH2_API int +libssh2_userauth_banner(LIBSSH2_SESSION *session, char **banner) +{ + if(!session) + return LIBSSH2_ERROR_MISSING_USERAUTH_BANNER; + + if(!session->userauth_banner) { + return _libssh2_error(session, + LIBSSH2_ERROR_MISSING_USERAUTH_BANNER, + "Missing userauth banner"); + } + + if(banner) + *banner = session->userauth_banner; + + return LIBSSH2_ERROR_NONE; +} + /* * libssh2_userauth_authenticated * @@ -198,7 +273,7 @@ libssh2_userauth_list(LIBSSH2_SESSION * session, const char *user, LIBSSH2_API int libssh2_userauth_authenticated(LIBSSH2_SESSION * session) { - return (session->state & LIBSSH2_STATE_AUTHENTICATED)?1:0; + return (session->state & LIBSSH2_STATE_AUTHENTICATED) ? 1 : 0; } @@ -251,8 +326,8 @@ userauth_password(LIBSSH2_SESSION *session, _libssh2_store_u32(&s, password_len); /* 'password' is sent separately */ - _libssh2_debug(session, LIBSSH2_TRACE_AUTH, - "Attempting to login using password authentication"); + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, + "Attempting to login using password authentication")); session->userauth_pswd_state = libssh2_NB_state_created; } @@ -279,7 +354,7 @@ userauth_password(LIBSSH2_SESSION *session, session->userauth_pswd_state = libssh2_NB_state_sent; } - password_response: +password_response: if((session->userauth_pswd_state == libssh2_NB_state_sent) || (session->userauth_pswd_state == libssh2_NB_state_sent1) @@ -306,8 +381,8 @@ userauth_password(LIBSSH2_SESSION *session, } if(session->userauth_pswd_data[0] == SSH_MSG_USERAUTH_SUCCESS) { - _libssh2_debug(session, LIBSSH2_TRACE_AUTH, - "Password authentication successful"); + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, + "Password authentication successful")); LIBSSH2_FREE(session, session->userauth_pswd_data); session->userauth_pswd_data = NULL; session->state |= LIBSSH2_STATE_AUTHENTICATED; @@ -316,8 +391,8 @@ userauth_password(LIBSSH2_SESSION *session, } else if(session->userauth_pswd_data[0] == SSH_MSG_USERAUTH_FAILURE) { - _libssh2_debug(session, LIBSSH2_TRACE_AUTH, - "Password authentication failed"); + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, + "Password authentication failed")); LIBSSH2_FREE(session, session->userauth_pswd_data); session->userauth_pswd_data = NULL; session->userauth_pswd_state = libssh2_NB_state_idle; @@ -348,8 +423,8 @@ userauth_password(LIBSSH2_SESSION *session, if((session->userauth_pswd_state == libssh2_NB_state_sent1) || (session->userauth_pswd_state == libssh2_NB_state_sent2)) { if(session->userauth_pswd_state == libssh2_NB_state_sent1) { - _libssh2_debug(session, LIBSSH2_TRACE_AUTH, - "Password change required"); + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, + "Password change required")); LIBSSH2_FREE(session, session->userauth_pswd_data); session->userauth_pswd_data = NULL; } @@ -490,7 +565,7 @@ memory_read_publickey(LIBSSH2_SESSION * session, unsigned char **method, { unsigned char *pubkey = NULL, *sp1, *sp2, *tmp; size_t pubkey_len = pubkeyfiledata_len; - unsigned int tmp_len; + size_t tmp_len; if(pubkeyfiledata_len <= 1) { return _libssh2_error(session, LIBSSH2_ERROR_FILE, @@ -518,7 +593,7 @@ memory_read_publickey(LIBSSH2_SESSION * session, unsigned char **method, } sp1 = memchr(pubkey, ' ', pubkey_len); - if(sp1 == NULL) { + if(!sp1) { LIBSSH2_FREE(session, pubkey); return _libssh2_error(session, LIBSSH2_ERROR_FILE, "Invalid public key data"); @@ -527,16 +602,17 @@ memory_read_publickey(LIBSSH2_SESSION * session, unsigned char **method, sp1++; sp2 = memchr(sp1, ' ', pubkey_len - (sp1 - pubkey)); - if(sp2 == NULL) { + if(!sp2) { /* Assume that the id string is missing, but that it's okay */ sp2 = pubkey + pubkey_len; } - if(libssh2_base64_decode(session, (char **) &tmp, &tmp_len, - (char *) sp1, sp2 - sp1)) { + if(_libssh2_base64_decode(session, (char **)&tmp, &tmp_len, + (const char *)sp1, + sp2 - sp1)) { LIBSSH2_FREE(session, pubkey); return _libssh2_error(session, LIBSSH2_ERROR_FILE, - "Invalid key data, not base64 encoded"); + "Invalid key data, not base64 encoded"); } /* Wasting some bytes here (okay, more than some), but since it's likely @@ -573,10 +649,10 @@ file_read_publickey(LIBSSH2_SESSION * session, unsigned char **method, char c; unsigned char *pubkey = NULL, *sp1, *sp2, *tmp; size_t pubkey_len = 0, sp_len; - unsigned int tmp_len; + size_t tmp_len; - _libssh2_debug(session, LIBSSH2_TRACE_AUTH, "Loading public key file: %s", - pubkeyfile); + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, "Loading public key file: %s", + pubkeyfile)); /* Read Public Key */ fd = fopen(pubkeyfile, FOPEN_READTEXT); if(!fd) { @@ -621,7 +697,7 @@ file_read_publickey(LIBSSH2_SESSION * session, unsigned char **method, } sp1 = memchr(pubkey, ' ', pubkey_len); - if(sp1 == NULL) { + if(!sp1) { LIBSSH2_FREE(session, pubkey); return _libssh2_error(session, LIBSSH2_ERROR_FILE, "Invalid public key data"); @@ -631,13 +707,14 @@ file_read_publickey(LIBSSH2_SESSION * session, unsigned char **method, sp_len = sp1 > pubkey ? (sp1 - pubkey) : 0; sp2 = memchr(sp1, ' ', pubkey_len - sp_len); - if(sp2 == NULL) { + if(!sp2) { /* Assume that the id string is missing, but that it's okay */ sp2 = pubkey + pubkey_len; } - if(libssh2_base64_decode(session, (char **) &tmp, &tmp_len, - (char *) sp1, sp2 - sp1)) { + if(_libssh2_base64_decode(session, (char **)&tmp, &tmp_len, + (const char *)sp1, + sp2 - sp1)) { LIBSSH2_FREE(session, pubkey); return _libssh2_error(session, LIBSSH2_ERROR_FILE, "Invalid key data, not base64 encoded"); @@ -659,7 +736,7 @@ static int memory_read_privatekey(LIBSSH2_SESSION * session, const LIBSSH2_HOSTKEY_METHOD ** hostkey_method, void **hostkey_abstract, - const unsigned char *method, int method_len, + const unsigned char *method, size_t method_len, const char *privkeyfiledata, size_t privkeyfiledata_len, const char *passphrase) { @@ -687,7 +764,7 @@ memory_read_privatekey(LIBSSH2_SESSION * session, (unsigned char *) passphrase, hostkey_abstract)) { return _libssh2_error(session, LIBSSH2_ERROR_FILE, - "Unable to initialize private key from file"); + "Unable to initialize private key from memory"); } return 0; @@ -700,14 +777,14 @@ static int file_read_privatekey(LIBSSH2_SESSION * session, const LIBSSH2_HOSTKEY_METHOD ** hostkey_method, void **hostkey_abstract, - const unsigned char *method, int method_len, + const unsigned char *method, size_t method_len, const char *privkeyfile, const char *passphrase) { const LIBSSH2_HOSTKEY_METHOD **hostkey_methods_avail = libssh2_hostkey_methods(); - _libssh2_debug(session, LIBSSH2_TRACE_AUTH, "Loading private key file: %s", - privkeyfile); + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, + "Loading private key file: %s", privkeyfile)); *hostkey_method = NULL; *hostkey_abstract = NULL; while(*hostkey_methods_avail && (*hostkey_methods_avail)->name) { @@ -763,7 +840,7 @@ sign_frommemory(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len, datavec.iov_len = data_len; if(privkeyobj->signv(session, sig, sig_len, 1, &datavec, - &hostkey_abstract)) { + &hostkey_abstract)) { if(privkeyobj->dtor) { privkeyobj->dtor(session, &hostkey_abstract); } @@ -799,7 +876,7 @@ sign_fromfile(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len, datavec.iov_len = data_len; if(privkeyobj->signv(session, sig, sig_len, 1, &datavec, - &hostkey_abstract)) { + &hostkey_abstract)) { if(privkeyobj->dtor) { privkeyobj->dtor(session, &hostkey_abstract); } @@ -812,7 +889,106 @@ sign_fromfile(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len, return 0; } +int +libssh2_sign_sk(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len, + const unsigned char *data, size_t data_len, void **abstract) +{ + int rc = LIBSSH2_ERROR_DECRYPT; + LIBSSH2_PRIVKEY_SK *sk_info = (LIBSSH2_PRIVKEY_SK *) (*abstract); + LIBSSH2_SK_SIG_INFO sig_info = { 0 }; + if(sk_info->handle_len <= 0) { + return LIBSSH2_ERROR_DECRYPT; + } + + rc = sk_info->sign_callback(session, + &sig_info, + data, + data_len, + sk_info->algorithm, + sk_info->flags, + sk_info->application, + sk_info->key_handle, + sk_info->handle_len, + sk_info->orig_abstract); + + if(rc == 0 && sig_info.sig_r_len > 0 && sig_info.sig_r) { + unsigned char *p = NULL; + + if(sig_info.sig_s_len > 0 && sig_info.sig_s) { + /* sig length, sig_r, sig_s, flags, counter, plus 4 bytes for each + component's length, and up to 1 extra byte for each component */ + *sig_len = 4 + 5 + sig_info.sig_r_len + 5 + sig_info.sig_s_len + 5; + *sig = LIBSSH2_ALLOC(session, *sig_len); + + if(*sig) { + unsigned char *x = *sig; + p = *sig; + + _libssh2_store_u32(&p, 0); + + _libssh2_store_bignum2_bytes(&p, + sig_info.sig_r, + sig_info.sig_r_len); + + _libssh2_store_bignum2_bytes(&p, + sig_info.sig_s, + sig_info.sig_s_len); + + *sig_len = p - *sig; + + _libssh2_store_u32(&x, (uint32_t)(*sig_len - 4)); + } + else { + _libssh2_debug((session, + LIBSSH2_ERROR_ALLOC, + "Unable to allocate ecdsa-sk signature.")); + rc = LIBSSH2_ERROR_ALLOC; + } + } + else { + /* sig, flags, counter, plus 4 bytes for sig length. */ + *sig_len = 4 + sig_info.sig_r_len + 1 + 4; + *sig = LIBSSH2_ALLOC(session, *sig_len); + + if(*sig) { + p = *sig; + + _libssh2_store_str(&p, + (const char *)sig_info.sig_r, + sig_info.sig_r_len); + } + else { + _libssh2_debug((session, + LIBSSH2_ERROR_ALLOC, + "Unable to allocate ed25519-sk signature.")); + rc = LIBSSH2_ERROR_ALLOC; + } + } + + if(p) { + *p = sig_info.flags; + ++p; + _libssh2_store_u32(&p, sig_info.counter); + + *sig_len = p - *sig; + } + + LIBSSH2_FREE(session, sig_info.sig_r); + + if(sig_info.sig_s) { + LIBSSH2_FREE(session, sig_info.sig_s); + } + } + else { + _libssh2_debug((session, + LIBSSH2_ERROR_DECRYPT, + "sign_callback failed or returned invalid signature.")); + *sig_len = 0; + } + + return rc; +} /* userauth_hostbased_fromfile * Authenticate using a keypair found in the named files @@ -858,7 +1034,7 @@ userauth_hostbased_fromfile(LIBSSH2_SESSION *session, &pubkeydata, &pubkeydata_len, privatekey, passphrase); if(rc) - /* libssh2_pub_priv_keyfile calls _libssh2_error() */ + /* libssh2_pub_priv_keyfile() calls _libssh2_error() */ return rc; } @@ -927,8 +1103,8 @@ userauth_hostbased_fromfile(LIBSSH2_SESSION *session, datavec[2].iov_len = session->userauth_host_packet_len; if(privkeyobj && privkeyobj->signv && - privkeyobj->signv(session, &sig, &sig_len, 3, - datavec, &abstract)) { + privkeyobj->signv(session, &sig, &sig_len, 3, + datavec, &abstract)) { LIBSSH2_FREE(session, session->userauth_host_method); session->userauth_host_method = NULL; LIBSSH2_FREE(session, session->userauth_host_packet); @@ -967,8 +1143,8 @@ userauth_hostbased_fromfile(LIBSSH2_SESSION *session, session->userauth_host_packet + session->userauth_host_packet_len; _libssh2_store_u32(&session->userauth_host_s, - 4 + session->userauth_host_method_len + - 4 + sig_len); + (uint32_t)(4 + session->userauth_host_method_len + + 4 + sig_len)); _libssh2_store_str(&session->userauth_host_s, (const char *)session->userauth_host_method, session->userauth_host_method_len); @@ -979,8 +1155,8 @@ userauth_hostbased_fromfile(LIBSSH2_SESSION *session, sig_len); LIBSSH2_FREE(session, sig); - _libssh2_debug(session, LIBSSH2_TRACE_AUTH, - "Attempting hostbased authentication"); + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, + "Attempting hostbased authentication")); session->userauth_host_state = libssh2_NB_state_created; } @@ -1028,8 +1204,8 @@ userauth_hostbased_fromfile(LIBSSH2_SESSION *session, } if(session->userauth_host_data[0] == SSH_MSG_USERAUTH_SUCCESS) { - _libssh2_debug(session, LIBSSH2_TRACE_AUTH, - "Hostbased authentication successful"); + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, + "Hostbased authentication successful")); /* We are us and we've proved it. */ LIBSSH2_FREE(session, session->userauth_host_data); session->userauth_host_data = NULL; @@ -1070,8 +1246,14 @@ libssh2_userauth_hostbased_fromfile_ex(LIBSSH2_SESSION *session, return rc; } -static int plain_method_len(const char *method, size_t method_len) +size_t plain_method(char *method, size_t method_len) { + if(!strncmp("ssh-rsa-cert-v01@openssh.com", + method, + method_len)) { + return 7; + } + if(!strncmp("ecdsa-sha2-nistp256-cert-v01@openssh.com", method, method_len) || @@ -1083,15 +1265,177 @@ static int plain_method_len(const char *method, size_t method_len) method_len)) { return 19; } + + if(!strncmp("ssh-ed25519-cert-v01@openssh.com", + method, + method_len)) { + return 11; + } + + if(!strncmp("sk-ecdsa-sha2-nistp256-cert-v01@openssh.com", + method, + method_len)) { + const char *new_method = "sk-ecdsa-sha2-nistp256@openssh.com"; + memcpy(method, new_method, strlen(new_method)); + return strlen(new_method); + } + + if(!strncmp("sk-ssh-ed25519-cert-v01@openssh.com", + method, + method_len)) { + const char *new_method = "sk-ssh-ed25519@openssh.com"; + memcpy(method, new_method, strlen(new_method)); + return strlen(new_method); + } + return method_len; } +/** + * @function _libssh2_key_sign_algorithm + * @abstract Upgrades the algorithm used for public key signing RFC 8332 + * @discussion Based on the incoming key_method value, this function + * will upgrade the key method input based on user preferences, + * server support algos and crypto backend support + * @related _libssh2_supported_key_sign_algorithms() + * @param key_method current key method, usually the default key sig method + * @param key_method_len length of the key method buffer + * @result error code or zero on success + */ + +static int +_libssh2_key_sign_algorithm(LIBSSH2_SESSION *session, + unsigned char **key_method, + size_t *key_method_len) +{ + const char *s = NULL; + const char *a = NULL; + const char *match = NULL; + const char *p = NULL; + const char *f = NULL; + char *i = NULL; + size_t p_len = 0; + size_t f_len = 0; + int rc = 0; + size_t match_len = 0; + char *filtered_algs = NULL; + + const char *supported_algs = + _libssh2_supported_key_sign_algorithms(session, + *key_method, + *key_method_len); + + if(!supported_algs || !session->server_sign_algorithms) { + /* no upgrading key algorithm supported, do nothing */ + return LIBSSH2_ERROR_NONE; + } + + filtered_algs = LIBSSH2_ALLOC(session, strlen(supported_algs) + 1); + if(!filtered_algs) { + rc = _libssh2_error(session, LIBSSH2_ERROR_ALLOC, + "Unable to allocate filtered algs"); + return rc; + } + + s = session->server_sign_algorithms; + i = filtered_algs; + + /* this walks the server algo list and the supported algo list and creates + a filtered list that includes matches */ + + while(s && *s) { + p = strchr(s, ','); + p_len = (p ? (size_t)(p - s) : strlen(s)); + a = supported_algs; + + while(a && *a) { + f = strchr(a, ','); + f_len = (f ? (size_t)(f - a) : strlen(a)); + + if(f_len == p_len && memcmp(a, s, p_len) == 0) { + + if(i != filtered_algs) { + memcpy(i, ",", 1); + i += 1; + } + + memcpy(i, s, p_len); + i += p_len; + } + + a = f ? (f + 1) : NULL; + } + + s = p ? (p + 1) : NULL; + } + + filtered_algs[i - filtered_algs] = '\0'; + + if(session->sign_algo_prefs) { + s = session->sign_algo_prefs; + } + else { + s = supported_algs; + } + + /* now that we have the possible supported algos, match based on the prefs + or what is supported by the crypto backend, look for a match */ + + while(s && *s && !match) { + p = strchr(s, ','); + p_len = (p ? (size_t)(p - s) : strlen(s)); + a = filtered_algs; + + while(a && *a && !match) { + f = strchr(a, ','); + f_len = (f ? (size_t)(f - a) : strlen(a)); + + if(f_len == p_len && memcmp(a, s, p_len) == 0) { + /* found a match, upgrade key method */ + match = s; + match_len = p_len; + } + else { + a = f ? (f + 1) : NULL; + } + } + + s = p ? (p + 1) : NULL; + } + + if(match) { + if(*key_method) + LIBSSH2_FREE(session, *key_method); + + *key_method = LIBSSH2_ALLOC(session, match_len); + if(key_method) { + memcpy(*key_method, match, match_len); + *key_method_len = match_len; + } + else { + *key_method_len = 0; + rc = _libssh2_error(session, LIBSSH2_ERROR_ALLOC, + "Unable to allocate key method upgrade"); + } + } + else { + /* no match was found */ + rc = _libssh2_error(session, LIBSSH2_ERROR_METHOD_NONE, + "No signing signature matched"); + } + + if(filtered_algs) + LIBSSH2_FREE(session, filtered_algs); + + return rc; +} + int _libssh2_userauth_publickey(LIBSSH2_SESSION *session, const char *username, - unsigned int username_len, + size_t username_len, const unsigned char *pubkeydata, - unsigned long pubkeydata_len, + size_t pubkeydata_len, LIBSSH2_USERAUTH_PUBLICKEY_SIGN_FUNC ((*sign_callback)), void *abstract) @@ -1102,6 +1446,10 @@ _libssh2_userauth_publickey(LIBSSH2_SESSION *session, }; int rc; unsigned char *s; + int auth_attempts = 0; + +retry_auth: + auth_attempts++; if(session->userauth_pblc_state == libssh2_NB_state_idle) { @@ -1127,9 +1475,8 @@ _libssh2_userauth_publickey(LIBSSH2_SESSION *session, session->userauth_pblc_method_len = _libssh2_ntohu32(pubkeydata); if(session->userauth_pblc_method_len > pubkeydata_len - 4) - /* the method length simply cannot be longer than the entire - passed in data, so we use this to detect crazy input - data */ + /* the method length cannot be longer than the entire passed + in data, so we use this to detect crazy input data */ return _libssh2_error(session, LIBSSH2_ERROR_PUBLICKEY_UNVERIFIED, "Invalid public key"); @@ -1144,15 +1491,27 @@ _libssh2_userauth_publickey(LIBSSH2_SESSION *session, memcpy(session->userauth_pblc_method, pubkeydata + 4, session->userauth_pblc_method_len); } - /* - * The length of the method name read from plaintext prefix in the - * file must match length embedded in the key. - * TODO: The data should match too but we don't check that. Should we? - */ - else if(session->userauth_pblc_method_len != - _libssh2_ntohu32(pubkeydata)) - return _libssh2_error(session, LIBSSH2_ERROR_PUBLICKEY_UNVERIFIED, - "Invalid public key"); + + /* upgrade key signing algo if it is supported and + * it is our first auth attempt, otherwise fallback to + * the key default algo */ + if(auth_attempts == 1) { + rc = _libssh2_key_sign_algorithm(session, + &session->userauth_pblc_method, + &session->userauth_pblc_method_len); + + if(rc) + return rc; + } + + if(session->userauth_pblc_method_len && + session->userauth_pblc_method) { + _libssh2_debug((session, + LIBSSH2_TRACE_KEX, + "Signing using %.*s", + session->userauth_pblc_method_len, + session->userauth_pblc_method)); + } /* * 45 = packet_type(1) + username_len(4) + servicename_len(4) + @@ -1198,8 +1557,8 @@ _libssh2_userauth_publickey(LIBSSH2_SESSION *session, session->userauth_pblc_method_len); _libssh2_store_str(&s, (const char *)pubkeydata, pubkeydata_len); - _libssh2_debug(session, LIBSSH2_TRACE_AUTH, - "Attempting publickey authentication"); + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, + "Attempting publickey authentication")); session->userauth_pblc_state = libssh2_NB_state_created; } @@ -1246,8 +1605,8 @@ _libssh2_userauth_publickey(LIBSSH2_SESSION *session, } if(session->userauth_pblc_data[0] == SSH_MSG_USERAUTH_SUCCESS) { - _libssh2_debug(session, LIBSSH2_TRACE_AUTH, - "Pubkey authentication prematurely successful"); + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, + "Pubkey authentication prematurely successful")); /* * God help any SSH server that allows an UNVERIFIED * public key to validate the user @@ -1310,6 +1669,17 @@ _libssh2_userauth_publickey(LIBSSH2_SESSION *session, return _libssh2_error(session, LIBSSH2_ERROR_EAGAIN, "Would block"); } + else if(rc == LIBSSH2_ERROR_ALGO_UNSUPPORTED && auth_attempts == 1) { + /* try again with the default key algo */ + LIBSSH2_FREE(session, session->userauth_pblc_method); + session->userauth_pblc_method = NULL; + LIBSSH2_FREE(session, session->userauth_pblc_packet); + session->userauth_pblc_packet = NULL; + session->userauth_pblc_state = libssh2_NB_state_idle; + + rc = LIBSSH2_ERROR_NONE; + goto retry_auth; + } else if(rc) { LIBSSH2_FREE(session, session->userauth_pblc_method); session->userauth_pblc_method = NULL; @@ -1350,23 +1720,39 @@ _libssh2_userauth_publickey(LIBSSH2_SESSION *session, session->userauth_pblc_b = NULL; session->userauth_pblc_method_len = - plain_method_len((const char *)session->userauth_pblc_method, - session->userauth_pblc_method_len); + plain_method((char *)session->userauth_pblc_method, + session->userauth_pblc_method_len); - _libssh2_store_u32(&s, - 4 + session->userauth_pblc_method_len + 4 + - sig_len); - _libssh2_store_str(&s, (const char *)session->userauth_pblc_method, - session->userauth_pblc_method_len); + if(strncmp((const char *)session->userauth_pblc_method, + "sk-ecdsa-sha2-nistp256@openssh.com", + session->userauth_pblc_method_len) == 0 || + strncmp((const char *)session->userauth_pblc_method, + "sk-ssh-ed25519@openssh.com", + session->userauth_pblc_method_len) == 0) { + _libssh2_store_u32(&s, + (uint32_t)(4 + session->userauth_pblc_method_len + + sig_len)); + _libssh2_store_str(&s, (const char *)session->userauth_pblc_method, + session->userauth_pblc_method_len); + memcpy(s, sig, sig_len); + s += sig_len; + } + else { + _libssh2_store_u32(&s, + (uint32_t)(4 + session->userauth_pblc_method_len + + 4 + sig_len)); + _libssh2_store_str(&s, (const char *)session->userauth_pblc_method, + session->userauth_pblc_method_len); + _libssh2_store_str(&s, (const char *)sig, sig_len); + } LIBSSH2_FREE(session, session->userauth_pblc_method); session->userauth_pblc_method = NULL; - _libssh2_store_str(&s, (const char *)sig, sig_len); LIBSSH2_FREE(session, sig); - _libssh2_debug(session, LIBSSH2_TRACE_AUTH, - "Attempting publickey authentication -- phase 2"); + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, + "Attempting publickey authentication -- phase 2")); session->userauth_pblc_s = s; session->userauth_pblc_state = libssh2_NB_state_sent2; @@ -1412,8 +1798,8 @@ _libssh2_userauth_publickey(LIBSSH2_SESSION *session, } if(session->userauth_pblc_data[0] == SSH_MSG_USERAUTH_SUCCESS) { - _libssh2_debug(session, LIBSSH2_TRACE_AUTH, - "Publickey authentication successful"); + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, + "Publickey authentication successful")); /* We are us and we've proved it. */ LIBSSH2_FREE(session, session->userauth_pblc_data); session->userauth_pblc_data = NULL; @@ -1431,10 +1817,10 @@ _libssh2_userauth_publickey(LIBSSH2_SESSION *session, "username/public key combination"); } - /* - * userauth_publickey_frommemory - * Authenticate using a keypair from memory - */ +/* + * userauth_publickey_frommemory + * Authenticate using a keypair from memory + */ static int userauth_publickey_frommemory(LIBSSH2_SESSION *session, const char *username, @@ -1556,7 +1942,7 @@ libssh2_userauth_publickey_frommemory(LIBSSH2_SESSION *session, { int rc; - if(NULL == passphrase) + if(!passphrase) /* if given a NULL pointer, make it point to a zero-length string to save us from having to check this all over */ passphrase = ""; @@ -1584,7 +1970,7 @@ libssh2_userauth_publickey_fromfile_ex(LIBSSH2_SESSION *session, { int rc; - if(NULL == passphrase) + if(!passphrase) /* if given a NULL pointer, make it point to a zero-length string to save us from having to check this all over */ passphrase = ""; @@ -1605,7 +1991,7 @@ libssh2_userauth_publickey(LIBSSH2_SESSION *session, const unsigned char *pubkeydata, size_t pubkeydata_len, LIBSSH2_USERAUTH_PUBLICKEY_SIGN_FUNC - ((*sign_callback)), + ((*sign_callback)), void **abstract) { int rc; @@ -1632,16 +2018,16 @@ userauth_keyboard_interactive(LIBSSH2_SESSION * session, const char *username, unsigned int username_len, LIBSSH2_USERAUTH_KBDINT_RESPONSE_FUNC - ((*response_callback))) + ((*response_callback))) { unsigned char *s; + int rc; static const unsigned char reply_codes[4] = { SSH_MSG_USERAUTH_SUCCESS, SSH_MSG_USERAUTH_FAILURE, SSH_MSG_USERAUTH_INFO_REQUEST, 0 }; - unsigned int language_tag_len; unsigned int i; if(session->userauth_kybd_state == libssh2_NB_state_idle) { @@ -1692,8 +2078,8 @@ userauth_keyboard_interactive(LIBSSH2_SESSION * session, /* submethods */ _libssh2_store_u32(&s, 0); - _libssh2_debug(session, LIBSSH2_TRACE_AUTH, - "Attempting keyboard-interactive authentication"); + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, + "Attempting keyboard-interactive authentication")); session->userauth_kybd_state = libssh2_NB_state_created; } @@ -1741,9 +2127,9 @@ userauth_keyboard_interactive(LIBSSH2_SESSION * session, } if(session->userauth_kybd_data[0] == SSH_MSG_USERAUTH_SUCCESS) { - _libssh2_debug(session, LIBSSH2_TRACE_AUTH, + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, "Keyboard-interactive " - "authentication successful"); + "authentication successful")); LIBSSH2_FREE(session, session->userauth_kybd_data); session->userauth_kybd_data = NULL; session->state |= LIBSSH2_STATE_AUTHENTICATED; @@ -1752,8 +2138,8 @@ userauth_keyboard_interactive(LIBSSH2_SESSION * session, } if(session->userauth_kybd_data[0] == SSH_MSG_USERAUTH_FAILURE) { - _libssh2_debug(session, LIBSSH2_TRACE_AUTH, - "Keyboard-interactive authentication failed"); + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, + "Keyboard-interactive authentication failed")); LIBSSH2_FREE(session, session->userauth_kybd_data); session->userauth_kybd_data = NULL; session->userauth_kybd_state = libssh2_NB_state_idle; @@ -1764,230 +2150,34 @@ userauth_keyboard_interactive(LIBSSH2_SESSION * session, } /* server requested PAM-like conversation */ - s = session->userauth_kybd_data + 1; - - if(session->userauth_kybd_data_len >= 5) { - /* string name (ISO-10646 UTF-8) */ - session->userauth_kybd_auth_name_len = _libssh2_ntohu32(s); - s += 4; - } - else { - _libssh2_error(session, LIBSSH2_ERROR_BUFFER_TOO_SMALL, - "userauth keyboard data buffer too small" - "to get length"); + if(userauth_keyboard_interactive_decode_info_request(session) + < 0) { goto cleanup; } - if(session->userauth_kybd_auth_name_len) { - session->userauth_kybd_auth_name = - LIBSSH2_ALLOC(session, - session->userauth_kybd_auth_name_len); - if(!session->userauth_kybd_auth_name) { - _libssh2_error(session, LIBSSH2_ERROR_ALLOC, - "Unable to allocate memory for " - "keyboard-interactive 'name' " - "request field"); - goto cleanup; - } - if(s + session->userauth_list_data_len <= - session->userauth_kybd_data + - session->userauth_kybd_data_len) { - memcpy(session->userauth_kybd_auth_name, s, - session->userauth_kybd_auth_name_len); - s += session->userauth_kybd_auth_name_len; - } - else { - _libssh2_error(session, LIBSSH2_ERROR_BUFFER_TOO_SMALL, - "userauth keyboard data buffer too small" - "for auth name"); - goto cleanup; - } - } - - if(s + 4 <= session->userauth_kybd_data + - session->userauth_kybd_data_len) { - /* string instruction (ISO-10646 UTF-8) */ - session->userauth_kybd_auth_instruction_len = - _libssh2_ntohu32(s); - s += 4; - } - else { - _libssh2_error(session, LIBSSH2_ERROR_BUFFER_TOO_SMALL, - "userauth keyboard data buffer too small" - "for auth instruction length"); - goto cleanup; - } - - if(session->userauth_kybd_auth_instruction_len) { - session->userauth_kybd_auth_instruction = - LIBSSH2_ALLOC(session, - session->userauth_kybd_auth_instruction_len); - if(!session->userauth_kybd_auth_instruction) { - _libssh2_error(session, LIBSSH2_ERROR_ALLOC, - "Unable to allocate memory for " - "keyboard-interactive 'instruction' " - "request field"); - goto cleanup; - } - if(s + session->userauth_kybd_auth_instruction_len <= - session->userauth_kybd_data + - session->userauth_kybd_data_len) { - memcpy(session->userauth_kybd_auth_instruction, s, - session->userauth_kybd_auth_instruction_len); - s += session->userauth_kybd_auth_instruction_len; - } - else { - _libssh2_error(session, LIBSSH2_ERROR_BUFFER_TOO_SMALL, - "userauth keyboard data buffer too small" - "for auth instruction"); - goto cleanup; - } - } - - if(s + 4 <= session->userauth_kybd_data + - session->userauth_kybd_data_len) { - /* string language tag (as defined in [RFC-3066]) */ - language_tag_len = _libssh2_ntohu32(s); - s += 4; - } - else { - _libssh2_error(session, LIBSSH2_ERROR_BUFFER_TOO_SMALL, - "userauth keyboard data buffer too small" - "for auth language tag length"); - goto cleanup; - } - - if(s + language_tag_len <= session->userauth_kybd_data + - session->userauth_kybd_data_len) { - /* ignoring this field as deprecated */ - s += language_tag_len; - } - else { - _libssh2_error(session, LIBSSH2_ERROR_BUFFER_TOO_SMALL, - "userauth keyboard data buffer too small" - "for auth language tag"); - goto cleanup; - } - - if(s + 4 <= session->userauth_kybd_data + - session->userauth_kybd_data_len) { - /* int num-prompts */ - session->userauth_kybd_num_prompts = _libssh2_ntohu32(s); - s += 4; - } - else { - _libssh2_error(session, LIBSSH2_ERROR_BUFFER_TOO_SMALL, - "userauth keyboard data buffer too small" - "for auth num keyboard prompts"); - goto cleanup; - } - - if(session->userauth_kybd_num_prompts > 100) { - _libssh2_error(session, LIBSSH2_ERROR_OUT_OF_BOUNDARY, - "Too many replies for " - "keyboard-interactive prompts"); - goto cleanup; - } - - if(session->userauth_kybd_num_prompts) { - session->userauth_kybd_prompts = - LIBSSH2_CALLOC(session, - sizeof(LIBSSH2_USERAUTH_KBDINT_PROMPT) * - session->userauth_kybd_num_prompts); - if(!session->userauth_kybd_prompts) { - _libssh2_error(session, LIBSSH2_ERROR_ALLOC, - "Unable to allocate memory for " - "keyboard-interactive prompts array"); - goto cleanup; - } - - session->userauth_kybd_responses = - LIBSSH2_CALLOC(session, - sizeof(LIBSSH2_USERAUTH_KBDINT_RESPONSE) * - session->userauth_kybd_num_prompts); - if(!session->userauth_kybd_responses) { - _libssh2_error(session, LIBSSH2_ERROR_ALLOC, - "Unable to allocate memory for " - "keyboard-interactive responses array"); - goto cleanup; - } - - for(i = 0; i < session->userauth_kybd_num_prompts; i++) { - if(s + 4 <= session->userauth_kybd_data + - session->userauth_kybd_data_len) { - /* string prompt[1] (ISO-10646 UTF-8) */ - session->userauth_kybd_prompts[i].length = - _libssh2_ntohu32(s); - s += 4; - } - else { - _libssh2_error(session, LIBSSH2_ERROR_BUFFER_TOO_SMALL, - "userauth keyboard data buffer too " - "small for auth keyboard " - "prompt length"); - goto cleanup; - } - - session->userauth_kybd_prompts[i].text = - LIBSSH2_CALLOC(session, - session->userauth_kybd_prompts[i]. - length); - if(!session->userauth_kybd_prompts[i].text) { - _libssh2_error(session, LIBSSH2_ERROR_ALLOC, - "Unable to allocate memory for " - "keyboard-interactive prompt message"); - goto cleanup; - } - - if(s + session->userauth_kybd_prompts[i].length <= - session->userauth_kybd_data + - session->userauth_kybd_data_len) { - memcpy(session->userauth_kybd_prompts[i].text, s, - session->userauth_kybd_prompts[i].length); - s += session->userauth_kybd_prompts[i].length; - } - else { - _libssh2_error(session, LIBSSH2_ERROR_BUFFER_TOO_SMALL, - "userauth keyboard data buffer too " - "small for auth keyboard prompt"); - goto cleanup; - } - if(s < session->userauth_kybd_data + - session->userauth_kybd_data_len) { - /* boolean echo[1] */ - session->userauth_kybd_prompts[i].echo = *s++; - } - else { - _libssh2_error(session, LIBSSH2_ERROR_BUFFER_TOO_SMALL, - "userauth keyboard data buffer too " - "small for auth keyboard prompt echo"); - goto cleanup; - } - } - } - - response_callback(session->userauth_kybd_auth_name, - session->userauth_kybd_auth_name_len, + response_callback((const char *)session->userauth_kybd_auth_name, + (int)session->userauth_kybd_auth_name_len, + (const char *) session->userauth_kybd_auth_instruction, - session->userauth_kybd_auth_instruction_len, + (int)session->userauth_kybd_auth_instruction_len, session->userauth_kybd_num_prompts, session->userauth_kybd_prompts, session->userauth_kybd_responses, &session->abstract); - _libssh2_debug(session, LIBSSH2_TRACE_AUTH, + _libssh2_debug((session, LIBSSH2_TRACE_AUTH, "Keyboard-interactive response callback function" - " invoked"); + " invoked")); session->userauth_kybd_packet_len = - 1 /* byte SSH_MSG_USERAUTH_INFO_RESPONSE */ - + 4 /* int num-responses */ + 1 /* byte SSH_MSG_USERAUTH_INFO_RESPONSE */ + + 4 /* int num-responses */ ; for(i = 0; i < session->userauth_kybd_num_prompts; i++) { /* string response[1] (ISO-10646 UTF-8) */ if(session->userauth_kybd_responses[i].length <= - (SIZE_MAX - 4 - session->userauth_kybd_packet_len) ) { + (SIZE_MAX - 4 - session->userauth_kybd_packet_len)) { session->userauth_kybd_packet_len += 4 + session->userauth_kybd_responses[i].length; } @@ -2042,7 +2232,7 @@ userauth_keyboard_interactive(LIBSSH2_SESSION * session, session->userauth_kybd_auth_failure = 0; } - cleanup: +cleanup: /* * It's safe to clean all the data here, because unallocated pointers * are filled by zeroes @@ -2102,7 +2292,7 @@ libssh2_userauth_keyboard_interactive_ex(LIBSSH2_SESSION *session, const char *user, unsigned int user_len, LIBSSH2_USERAUTH_KBDINT_RESPONSE_FUNC - ((*response_callback))) + ((*response_callback))) { int rc; BLOCK_ADJUST(rc, session, @@ -2110,3 +2300,124 @@ libssh2_userauth_keyboard_interactive_ex(LIBSSH2_SESSION *session, response_callback)); return rc; } + +/* + * libssh2_userauth_publickey_sk + * + * Authenticate using an external callback function + */ +LIBSSH2_API int +libssh2_userauth_publickey_sk(LIBSSH2_SESSION *session, + const char *username, + size_t username_len, + const unsigned char *publickeydata, + size_t publickeydata_len, + const char *privatekeydata, + size_t privatekeydata_len, + const char *passphrase, + LIBSSH2_USERAUTH_SK_SIGN_FUNC + ((*sign_callback)), + void **abstract) +{ + int rc = LIBSSH2_ERROR_NONE; + + unsigned char *tmp_method = NULL; + size_t tmp_method_len = 0; + + unsigned char *tmp_publickeydata = NULL; + size_t tmp_publickeydata_len = 0; + + unsigned char *pubkeydata = NULL; + size_t pubkeydata_len = 0; + + LIBSSH2_PRIVKEY_SK sk_info = { 0 }; + void *sign_abstract = &sk_info; + + sk_info.sign_callback = sign_callback; + sk_info.orig_abstract = abstract; + + if(privatekeydata_len && privatekeydata) { + + if(_libssh2_sk_pub_keyfilememory(session, + &tmp_method, + &tmp_method_len, + &tmp_publickeydata, + &tmp_publickeydata_len, + &(sk_info.algorithm), + &(sk_info.flags), + &(sk_info.application), + &(sk_info.key_handle), + &(sk_info.handle_len), + privatekeydata, privatekeydata_len, + passphrase)) { + return _libssh2_error(session, LIBSSH2_ERROR_FILE, + "Unable to extract public key " + "from private key."); + } + else if(publickeydata_len == 0 || !publickeydata) { + session->userauth_pblc_method = tmp_method; + session->userauth_pblc_method_len = tmp_method_len; + + pubkeydata_len = tmp_publickeydata_len; + pubkeydata = tmp_publickeydata; + } + else { + const char *ecdsa = "sk-ecdsa-sha2-nistp256-cert-v01@openssh.com"; + const char *ed25519 = "sk-ssh-ed25519-cert-v01@openssh.com"; + + if(tmp_method) { + LIBSSH2_FREE(session, tmp_method); + } + + if(!strncmp((char *)publickeydata, ecdsa, strlen(ecdsa))) { + session->userauth_pblc_method_len = strlen(ecdsa); + session->userauth_pblc_method = + LIBSSH2_ALLOC(session, session->userauth_pblc_method_len); + + memcpy(session->userauth_pblc_method, ecdsa, + session->userauth_pblc_method_len); + } + else if(!strncmp((char *)publickeydata, ed25519, + strlen(ed25519))) { + session->userauth_pblc_method_len = strlen(ed25519); + session->userauth_pblc_method = + LIBSSH2_ALLOC(session, session->userauth_pblc_method_len); + + memcpy(session->userauth_pblc_method, ed25519, + session->userauth_pblc_method_len); + } + + rc = memory_read_publickey(session, + &session->userauth_pblc_method, + &session->userauth_pblc_method_len, + &pubkeydata, &pubkeydata_len, + (char *)publickeydata, + publickeydata_len); + } + } + else { + return _libssh2_error(session, LIBSSH2_ERROR_FILE, + "Invalid data in public and private key."); + } + + if(rc == LIBSSH2_ERROR_NONE) { + rc = _libssh2_userauth_publickey(session, username, username_len, + pubkeydata, pubkeydata_len, + libssh2_sign_sk, &sign_abstract); + + while(rc == LIBSSH2_ERROR_EAGAIN) { + rc = _libssh2_userauth_publickey(session, username, username_len, + pubkeydata, pubkeydata_len, + libssh2_sign_sk, &sign_abstract); + } + } + + if(tmp_publickeydata) + LIBSSH2_FREE(session, tmp_publickeydata); + + if(sk_info.application) { + LIBSSH2_FREE(session, (void *)sk_info.application); + } + + return rc; +} diff --git a/libssh2/src/userauth.h b/libssh2/src/userauth.h index 6b402ddbf..10ec5a0f0 100644 --- a/libssh2/src/userauth.h +++ b/libssh2/src/userauth.h @@ -41,11 +41,11 @@ int _libssh2_userauth_publickey(LIBSSH2_SESSION *session, const char *username, - unsigned int username_len, + size_t username_len, const unsigned char *pubkeydata, - unsigned long pubkeydata_len, + size_t pubkeydata_len, LIBSSH2_USERAUTH_PUBLICKEY_SIGN_FUNC - ((*sign_callback)), + ((*sign_callback)), void *abstract); #endif /* __LIBSSH2_USERAUTH_H */ diff --git a/libssh2/src/userauth_kbd_packet.c b/libssh2/src/userauth_kbd_packet.c new file mode 100644 index 000000000..298683879 --- /dev/null +++ b/libssh2/src/userauth_kbd_packet.c @@ -0,0 +1,164 @@ +/* Copyright (c) 2022, Xaver Loppenstedt + * All rights reserved. + * + * Redistribution and use in source and binary forms, + * with or without modification, are permitted provided + * that the following conditions are met: + * + * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * + * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * Neither the name of the copyright holder nor the names + * of any other contributors may be used to endorse or + * promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND + * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE + * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY + * OF SUCH DAMAGE. + */ + +#include "libssh2_priv.h" +#include "userauth_kbd_packet.h" + +int userauth_keyboard_interactive_decode_info_request(LIBSSH2_SESSION *session) +{ + unsigned char *language_tag; + size_t language_tag_len; + unsigned int i; + unsigned char packet_type; + uint32_t tmp_u32; + + struct string_buf decoded; + + decoded.data = session->userauth_kybd_data; + decoded.dataptr = session->userauth_kybd_data; + decoded.len = session->userauth_kybd_data_len; + + if(session->userauth_kybd_data_len < 17) { + _libssh2_error(session, LIBSSH2_ERROR_BUFFER_TOO_SMALL, + "userauth keyboard data buffer too small " + "to get length"); + return -1; + } + + /* byte SSH_MSG_USERAUTH_INFO_REQUEST */ + _libssh2_get_byte(&decoded, &packet_type); + + /* string name (ISO-10646 UTF-8) */ + if(_libssh2_copy_string(session, &decoded, + &session->userauth_kybd_auth_name, + &session->userauth_kybd_auth_name_len) == -1) { + _libssh2_error(session, LIBSSH2_ERROR_ALLOC, + "Unable to decode " + "keyboard-interactive 'name' " + "request field"); + return -1; + } + + /* string instruction (ISO-10646 UTF-8) */ + if(_libssh2_copy_string(session, &decoded, + &session->userauth_kybd_auth_instruction, + &session->userauth_kybd_auth_instruction_len) + == -1) { + _libssh2_error(session, LIBSSH2_ERROR_ALLOC, + "Unable to decode " + "keyboard-interactive 'instruction' " + "request field"); + return -1; + } + + /* string language tag (as defined in [RFC-3066]) */ + if(_libssh2_get_string(&decoded, &language_tag, + &language_tag_len) == -1) { + _libssh2_error(session, LIBSSH2_ERROR_ALLOC, + "Unable to decode " + "keyboard-interactive 'language tag' " + "request field"); + return -1; + } + + /* int num-prompts */ + if(_libssh2_get_u32(&decoded, &tmp_u32) == -1 || + (session->userauth_kybd_num_prompts = tmp_u32) != tmp_u32) { + _libssh2_error(session, LIBSSH2_ERROR_BUFFER_TOO_SMALL, + "Unable to decode " + "keyboard-interactive number of keyboard prompts"); + return -1; + } + + if(session->userauth_kybd_num_prompts > 100) { + _libssh2_error(session, LIBSSH2_ERROR_OUT_OF_BOUNDARY, + "Too many replies for " + "keyboard-interactive prompts"); + return -1; + } + + if(session->userauth_kybd_num_prompts == 0) { + return 0; + } + + session->userauth_kybd_prompts = + LIBSSH2_CALLOC(session, + sizeof(LIBSSH2_USERAUTH_KBDINT_PROMPT) * + session->userauth_kybd_num_prompts); + if(!session->userauth_kybd_prompts) { + _libssh2_error(session, LIBSSH2_ERROR_ALLOC, + "Unable to allocate memory for " + "keyboard-interactive prompts array"); + return -1; + } + + session->userauth_kybd_responses = + LIBSSH2_CALLOC(session, + sizeof(LIBSSH2_USERAUTH_KBDINT_RESPONSE) * + session->userauth_kybd_num_prompts); + if(!session->userauth_kybd_responses) { + _libssh2_error(session, LIBSSH2_ERROR_ALLOC, + "Unable to allocate memory for " + "keyboard-interactive responses array"); + return -1; + } + + for(i = 0; i < session->userauth_kybd_num_prompts; i++) { + /* string prompt[1] (ISO-10646 UTF-8) */ + if(_libssh2_copy_string(session, &decoded, + &session->userauth_kybd_prompts[i].text, + &session->userauth_kybd_prompts[i].length) + == -1) { + _libssh2_error(session, LIBSSH2_ERROR_ALLOC, + "Unable to decode " + "keyboard-interactive prompt message"); + return -1; + } + + /* boolean echo[1] */ + if(_libssh2_get_boolean(&decoded, + &session->userauth_kybd_prompts[i].echo) + == -1) { + _libssh2_error(session, LIBSSH2_ERROR_BUFFER_TOO_SMALL, + "Unable to decode " + "user auth keyboard prompt echo"); + return -1; + } + } + + return 0; +} diff --git a/libssh2/src/userauth_kbd_packet.h b/libssh2/src/userauth_kbd_packet.h new file mode 100644 index 000000000..cce0a7316 --- /dev/null +++ b/libssh2/src/userauth_kbd_packet.h @@ -0,0 +1,43 @@ +/* Copyright (c) 2022, Xaver Loppenstedt + * All rights reserved. + * + * Redistribution and use in source and binary forms, + * with or without modification, are permitted provided + * that the following conditions are met: + * + * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * + * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * Neither the name of the copyright holder nor the names + * of any other contributors may be used to endorse or + * promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND + * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE + * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY + * OF SUCH DAMAGE. + */ + +#ifndef __LIBSSH2_USERAUTH_KBD_PARSE_H +#define __LIBSSH2_USERAUTH_KBD_PARSE_H + +int userauth_keyboard_interactive_decode_info_request(LIBSSH2_SESSION *); + +#endif /* __LIBSSH2_USERAUTH_KBD_PARSE_H */ diff --git a/libssh2/src/version.c b/libssh2/src/version.c index 408f83a39..404b31979 100644 --- a/libssh2/src/version.c +++ b/libssh2/src/version.c @@ -37,14 +37,6 @@ #include "libssh2_priv.h" -/* - libssh2_version() can be used like this: - - if (!libssh2_version(LIBSSH2_VERSION_NUM)) { - fprintf (stderr, "Runtime libssh2 version too old!\n"); - exit(1); - } -*/ LIBSSH2_API const char *libssh2_version(int req_version_num) { @@ -52,3 +44,9 @@ const char *libssh2_version(int req_version_num) return LIBSSH2_VERSION; return NULL; /* this is not a suitable library! */ } + +LIBSSH2_API +libssh2_crypto_engine_t libssh2_crypto_engine(void) +{ + return LIBSSH2_CRYPTO_ENGINE; +} diff --git a/libssh2/src/wincng.c b/libssh2/src/wincng.c index cbb2b61cb..ae3c18894 100644 --- a/libssh2/src/wincng.c +++ b/libssh2/src/wincng.c @@ -36,9 +36,7 @@ * OF SUCH DAMAGE. */ -#include "libssh2_priv.h" - -#ifdef LIBSSH2_WINCNG /* compile only if we build with wincng */ +#ifdef LIBSSH2_CRYPTO_C /* Compile this via crypto.c */ /* required for cross-compilation against the w64 mingw-runtime package */ #if defined(_WIN32_WINNT) && (_WIN32_WINNT < 0x0600) @@ -48,6 +46,10 @@ #define _WIN32_WINNT 0x0600 #endif +#if !defined(LIBSSH2_WINCNG_DISABLE_WINCRYPT) && !defined(HAVE_LIBCRYPT32) +#define HAVE_LIBCRYPT32 +#endif + /* specify the required libraries for dependencies using MSVC */ #ifdef _MSC_VER #pragma comment(lib, "bcrypt.lib") @@ -58,15 +60,12 @@ #include #include -#include #include -#include "misc.h" -#ifdef HAVE_STDLIB_H #include -#endif + #ifdef HAVE_LIBCRYPT32 -#include +#include /* for CryptDecodeObjectEx() */ #endif #define PEM_RSA_HEADER "-----BEGIN RSA PRIVATE KEY-----" @@ -75,6 +74,12 @@ #define PEM_DSA_FOOTER "-----END DSA PRIVATE KEY-----" +/* Define this manually to avoid including and thus + clashing with symbols. */ +#ifndef STATUS_NOT_SUPPORTED +#define STATUS_NOT_SUPPORTED ((NTSTATUS)0xC00000BB) +#endif + /*******************************************************************/ /* * Windows CNG backend: Missing definitions (for MinGW[-w64]) @@ -216,6 +221,16 @@ #define PKCS_RSA_PRIVATE_KEY (LPCSTR)43 #endif +#if defined(_MSC_VER) && _MSC_VER < 1700 +/* Workaround for warning C4306: + 'type cast' : conversion from 'int' to 'LPCSTR' of greater size */ +#undef X509_SEQUENCE_OF_ANY +#undef X509_MULTI_BYTE_UINT +#undef PKCS_RSA_PRIVATE_KEY +#define X509_SEQUENCE_OF_ANY ((LPCSTR)(size_t)34) +#define X509_MULTI_BYTE_UINT ((LPCSTR)(size_t)38) +#define PKCS_RSA_PRIVATE_KEY ((LPCSTR)(size_t)43) +#endif /*******************************************************************/ /* @@ -415,29 +430,27 @@ _libssh2_wincng_free(void) } int -_libssh2_wincng_random(void *buf, int len) +_libssh2_wincng_random(void *buf, size_t len) { int ret; - ret = BCryptGenRandom(_libssh2_wincng.hAlgRNG, buf, len, 0); + if(len > ULONG_MAX) { + return -1; + } + + ret = BCryptGenRandom(_libssh2_wincng.hAlgRNG, buf, (ULONG)len, 0); return BCRYPT_SUCCESS(ret) ? 0 : -1; } static void -_libssh2_wincng_safe_free(void *buf, int len) +_libssh2_wincng_safe_free(void *buf, size_t len) { -#ifndef LIBSSH2_CLEAR_MEMORY - (void)len; -#endif - if(!buf) return; -#ifdef LIBSSH2_CLEAR_MEMORY if(len > 0) - SecureZeroMemory(buf, len); -#endif + _libssh2_explicit_zero(buf, len); free(buf); } @@ -455,12 +468,6 @@ memcpy_with_be_padding(unsigned char *dest, unsigned long dest_len, memcpy((dest + dest_len) - src_len, src, src_len); } -static int -round_down(int number, int multiple) -{ - return (number / multiple) * multiple; -} - /*******************************************************************/ /* * Windows CNG backend: Hash functions @@ -545,7 +552,7 @@ _libssh2_wincng_hash_final(_libssh2_wincng_hash_ctx *ctx, } int -_libssh2_wincng_hash(unsigned char *data, unsigned long datalen, +_libssh2_wincng_hash(const unsigned char *data, unsigned long datalen, BCRYPT_ALG_HANDLE hAlg, unsigned char *hash, unsigned long hashlen) { @@ -596,38 +603,57 @@ _libssh2_wincng_hmac_cleanup(_libssh2_wincng_hash_ctx *ctx) */ int -_libssh2_wincng_key_sha1_verify(_libssh2_wincng_key_ctx *ctx, - const unsigned char *sig, - unsigned long sig_len, - const unsigned char *m, - unsigned long m_len, - unsigned long flags) +_libssh2_wincng_key_sha_verify(_libssh2_wincng_key_ctx *ctx, + unsigned long hashlen, + const unsigned char *sig, + unsigned long sig_len, + const unsigned char *m, + unsigned long m_len, + unsigned long flags) { BCRYPT_PKCS1_PADDING_INFO paddingInfoPKCS1; + BCRYPT_ALG_HANDLE hAlgHash; void *pPaddingInfo; unsigned char *data, *hash; - unsigned long datalen, hashlen; + unsigned long datalen; int ret; + if(hashlen == SHA_DIGEST_LENGTH) { + hAlgHash = _libssh2_wincng.hAlgHashSHA1; + paddingInfoPKCS1.pszAlgId = BCRYPT_SHA1_ALGORITHM; + } + else if(hashlen == SHA256_DIGEST_LENGTH) { + hAlgHash = _libssh2_wincng.hAlgHashSHA256; + paddingInfoPKCS1.pszAlgId = BCRYPT_SHA256_ALGORITHM; + } + else if(hashlen == SHA384_DIGEST_LENGTH) { + hAlgHash = _libssh2_wincng.hAlgHashSHA384; + paddingInfoPKCS1.pszAlgId = BCRYPT_SHA384_ALGORITHM; + } + else if(hashlen == SHA512_DIGEST_LENGTH) { + hAlgHash = _libssh2_wincng.hAlgHashSHA512; + paddingInfoPKCS1.pszAlgId = BCRYPT_SHA512_ALGORITHM; + } + else { + return -1; + } + datalen = m_len; data = malloc(datalen); if(!data) { return -1; } - hashlen = SHA_DIGEST_LENGTH; hash = malloc(hashlen); if(!hash) { free(data); return -1; } - memcpy(data, m, datalen); ret = _libssh2_wincng_hash(data, datalen, - _libssh2_wincng.hAlgHashSHA1, + hAlgHash, hash, hashlen); - _libssh2_wincng_safe_free(data, datalen); if(ret) { @@ -643,7 +669,6 @@ _libssh2_wincng_key_sha1_verify(_libssh2_wincng_key_ctx *ctx, } if(flags & BCRYPT_PAD_PKCS1) { - paddingInfoPKCS1.pszAlgId = BCRYPT_SHA1_ALGORITHM; pPaddingInfo = &paddingInfoPKCS1; } else @@ -664,11 +689,11 @@ _libssh2_wincng_key_sha1_verify(_libssh2_wincng_key_ctx *ctx, static int _libssh2_wincng_load_pem(LIBSSH2_SESSION *session, const char *filename, - const char *passphrase, + const unsigned char *passphrase, const char *headerbegin, const char *headerend, unsigned char **data, - unsigned int *datalen) + size_t *datalen) { FILE *fp; int ret; @@ -690,13 +715,13 @@ _libssh2_wincng_load_pem(LIBSSH2_SESSION *session, static int _libssh2_wincng_load_private(LIBSSH2_SESSION *session, const char *filename, - const char *passphrase, + const unsigned char *passphrase, unsigned char **ppbEncoded, - unsigned long *pcbEncoded, + size_t *pcbEncoded, int tryLoadRSA, int tryLoadDSA) { unsigned char *data = NULL; - unsigned int datalen = 0; + size_t datalen = 0; int ret = -1; if(ret && tryLoadRSA) { @@ -723,13 +748,13 @@ static int _libssh2_wincng_load_private_memory(LIBSSH2_SESSION *session, const char *privatekeydata, size_t privatekeydata_len, - const char *passphrase, + const unsigned char *passphrase, unsigned char **ppbEncoded, - unsigned long *pcbEncoded, + size_t *pcbEncoded, int tryLoadRSA, int tryLoadDSA) { unsigned char *data = NULL; - unsigned int datalen = 0; + size_t datalen = 0; int ret = -1; (void)passphrase; @@ -837,20 +862,21 @@ _libssh2_wincng_bn_ltob(unsigned char *pbInput, static int _libssh2_wincng_asn_decode_bn(unsigned char *pbEncoded, - unsigned long cbEncoded, + size_t cbEncoded, unsigned char **ppbDecoded, unsigned long *pcbDecoded) { - unsigned char *pbDecoded = NULL, *pbInteger; + unsigned char *pbDecoded = NULL; + PCRYPT_DATA_BLOB pbInteger; unsigned long cbDecoded = 0, cbInteger; int ret; - ret = _libssh2_wincng_asn_decode(pbEncoded, cbEncoded, + ret = _libssh2_wincng_asn_decode(pbEncoded, (unsigned long)cbEncoded, X509_MULTI_BYTE_UINT, - &pbInteger, &cbInteger); + (void *)&pbInteger, &cbInteger); if(!ret) { - ret = _libssh2_wincng_bn_ltob(((PCRYPT_DATA_BLOB)pbInteger)->pbData, - ((PCRYPT_DATA_BLOB)pbInteger)->cbData, + ret = _libssh2_wincng_bn_ltob(pbInteger->pbData, + pbInteger->cbData, &pbDecoded, &cbDecoded); if(!ret) { *ppbDecoded = pbDecoded; @@ -864,29 +890,29 @@ _libssh2_wincng_asn_decode_bn(unsigned char *pbEncoded, static int _libssh2_wincng_asn_decode_bns(unsigned char *pbEncoded, - unsigned long cbEncoded, + size_t cbEncoded, unsigned char ***prpbDecoded, unsigned long **prcbDecoded, unsigned long *pcbCount) { PCRYPT_DER_BLOB pBlob; - unsigned char *pbDecoded, **rpbDecoded; + unsigned char **rpbDecoded; + PCRYPT_SEQUENCE_OF_ANY pbDecoded; unsigned long cbDecoded, *rcbDecoded, index, length; int ret; - ret = _libssh2_wincng_asn_decode(pbEncoded, cbEncoded, + ret = _libssh2_wincng_asn_decode(pbEncoded, (unsigned long)cbEncoded, X509_SEQUENCE_OF_ANY, - &pbDecoded, &cbDecoded); + (void *)&pbDecoded, &cbDecoded); if(!ret) { - length = ((PCRYPT_DATA_BLOB)pbDecoded)->cbData; + length = pbDecoded->cValue; rpbDecoded = malloc(sizeof(PBYTE) * length); if(rpbDecoded) { rcbDecoded = malloc(sizeof(DWORD) * length); if(rcbDecoded) { for(index = 0; index < length; index++) { - pBlob = &((PCRYPT_DER_BLOB) - ((PCRYPT_DATA_BLOB)pbDecoded)->pbData)[index]; + pBlob = &pbDecoded->rgValue[index]; ret = _libssh2_wincng_asn_decode_bn(pBlob->pbData, pBlob->cbData, &rpbDecoded[index], @@ -927,6 +953,7 @@ _libssh2_wincng_asn_decode_bns(unsigned char *pbEncoded, } #endif /* HAVE_LIBCRYPT32 */ +#if LIBSSH2_RSA || LIBSSH2_DSA static unsigned long _libssh2_wincng_bn_size(const unsigned char *bignum, unsigned long length) @@ -946,8 +973,10 @@ _libssh2_wincng_bn_size(const unsigned char *bignum, return length - offset; } +#endif +#if LIBSSH2_RSA /*******************************************************************/ /* * Windows CNG backend: RSA functions @@ -975,7 +1004,6 @@ _libssh2_wincng_rsa_new(libssh2_rsa_ctx **rsa, BCRYPT_KEY_HANDLE hKey; BCRYPT_RSAKEY_BLOB *rsakey; LPCWSTR lpszBlobType; - unsigned char *key; unsigned long keylen, offset, mlen, p1len = 0, p2len = 0; int ret; @@ -991,65 +1019,76 @@ _libssh2_wincng_rsa_new(libssh2_rsa_ctx **rsa, keylen += p1len * 3 + p2len * 2 + mlen; } - key = malloc(keylen); - if(!key) { + rsakey = (BCRYPT_RSAKEY_BLOB *)malloc(keylen); + if(!rsakey) { return -1; } - memset(key, 0, keylen); + memset(rsakey, 0, keylen); /* https://msdn.microsoft.com/library/windows/desktop/aa375531.aspx */ - rsakey = (BCRYPT_RSAKEY_BLOB *)key; rsakey->BitLength = mlen * 8; rsakey->cbPublicExp = elen; rsakey->cbModulus = mlen; - memcpy(key + offset, edata, elen); + memcpy((unsigned char *)rsakey + offset, edata, elen); offset += elen; if(nlen < mlen) - memcpy(key + offset + mlen - nlen, ndata, nlen); + memcpy((unsigned char *)rsakey + offset + mlen - nlen, ndata, nlen); else - memcpy(key + offset, ndata + nlen - mlen, mlen); + memcpy((unsigned char *)rsakey + offset, ndata + nlen - mlen, mlen); if(ddata && dlen > 0) { offset += mlen; if(plen < p1len) - memcpy(key + offset + p1len - plen, pdata, plen); + memcpy((unsigned char *)rsakey + offset + p1len - plen, + pdata, plen); else - memcpy(key + offset, pdata + plen - p1len, p1len); + memcpy((unsigned char *)rsakey + offset, + pdata + plen - p1len, p1len); offset += p1len; if(qlen < p2len) - memcpy(key + offset + p2len - qlen, qdata, qlen); + memcpy((unsigned char *)rsakey + offset + p2len - qlen, + qdata, qlen); else - memcpy(key + offset, qdata + qlen - p2len, p2len); + memcpy((unsigned char *)rsakey + offset, + qdata + qlen - p2len, p2len); offset += p2len; if(e1len < p1len) - memcpy(key + offset + p1len - e1len, e1data, e1len); + memcpy((unsigned char *)rsakey + offset + p1len - e1len, + e1data, e1len); else - memcpy(key + offset, e1data + e1len - p1len, p1len); + memcpy((unsigned char *)rsakey + offset, + e1data + e1len - p1len, p1len); offset += p1len; if(e2len < p2len) - memcpy(key + offset + p2len - e2len, e2data, e2len); + memcpy((unsigned char *)rsakey + offset + p2len - e2len, + e2data, e2len); else - memcpy(key + offset, e2data + e2len - p2len, p2len); + memcpy((unsigned char *)rsakey + offset, + e2data + e2len - p2len, p2len); offset += p2len; if(coefflen < p1len) - memcpy(key + offset + p1len - coefflen, coeffdata, coefflen); + memcpy((unsigned char *)rsakey + offset + p1len - coefflen, + coeffdata, coefflen); else - memcpy(key + offset, coeffdata + coefflen - p1len, p1len); + memcpy((unsigned char *)rsakey + offset, + coeffdata + coefflen - p1len, p1len); offset += p1len; if(dlen < mlen) - memcpy(key + offset + mlen - dlen, ddata, dlen); + memcpy((unsigned char *)rsakey + offset + mlen - dlen, + ddata, dlen); else - memcpy(key + offset, ddata + dlen - mlen, mlen); + memcpy((unsigned char *)rsakey + offset, + ddata + dlen - mlen, mlen); lpszBlobType = BCRYPT_RSAFULLPRIVATE_BLOB; rsakey->Magic = BCRYPT_RSAFULLPRIVATE_MAGIC; @@ -1065,9 +1104,9 @@ _libssh2_wincng_rsa_new(libssh2_rsa_ctx **rsa, ret = BCryptImportKeyPair(_libssh2_wincng.hAlgRSA, NULL, lpszBlobType, - &hKey, key, keylen, 0); + &hKey, (PUCHAR)rsakey, keylen, 0); if(!BCRYPT_SUCCESS(ret)) { - _libssh2_wincng_safe_free(key, keylen); + _libssh2_wincng_safe_free(rsakey, keylen); return -1; } @@ -1075,12 +1114,12 @@ _libssh2_wincng_rsa_new(libssh2_rsa_ctx **rsa, *rsa = malloc(sizeof(libssh2_rsa_ctx)); if(!(*rsa)) { BCryptDestroyKey(hKey); - _libssh2_wincng_safe_free(key, keylen); + _libssh2_wincng_safe_free(rsakey, keylen); return -1; } (*rsa)->hKey = hKey; - (*rsa)->pbKeyObject = key; + (*rsa)->pbKeyObject = rsakey; (*rsa)->cbKeyObject = keylen; return 0; @@ -1091,7 +1130,7 @@ static int _libssh2_wincng_rsa_new_private_parse(libssh2_rsa_ctx **rsa, LIBSSH2_SESSION *session, unsigned char *pbEncoded, - unsigned long cbEncoded) + size_t cbEncoded) { BCRYPT_KEY_HANDLE hKey; unsigned char *pbStructInfo; @@ -1100,7 +1139,7 @@ _libssh2_wincng_rsa_new_private_parse(libssh2_rsa_ctx **rsa, (void)session; - ret = _libssh2_wincng_asn_decode(pbEncoded, cbEncoded, + ret = _libssh2_wincng_asn_decode(pbEncoded, (unsigned long)cbEncoded, PKCS_RSA_PRIVATE_KEY, &pbStructInfo, &cbStructInfo); @@ -1143,13 +1182,12 @@ _libssh2_wincng_rsa_new_private(libssh2_rsa_ctx **rsa, { #ifdef HAVE_LIBCRYPT32 unsigned char *pbEncoded; - unsigned long cbEncoded; + size_t cbEncoded; int ret; (void)session; - ret = _libssh2_wincng_load_private(session, filename, - (const char *)passphrase, + ret = _libssh2_wincng_load_private(session, filename, passphrase, &pbEncoded, &cbEncoded, 1, 0); if(ret) { return -1; @@ -1173,17 +1211,17 @@ _libssh2_wincng_rsa_new_private_frommemory(libssh2_rsa_ctx **rsa, LIBSSH2_SESSION *session, const char *filedata, size_t filedata_len, - unsigned const char *passphrase) + const unsigned char *passphrase) { #ifdef HAVE_LIBCRYPT32 unsigned char *pbEncoded; - unsigned long cbEncoded; + size_t cbEncoded; int ret; (void)session; ret = _libssh2_wincng_load_private_memory(session, filedata, filedata_len, - (const char *)passphrase, + passphrase, &pbEncoded, &cbEncoded, 1, 0); if(ret) { return -1; @@ -1203,38 +1241,69 @@ _libssh2_wincng_rsa_new_private_frommemory(libssh2_rsa_ctx **rsa, #endif /* HAVE_LIBCRYPT32 */ } +#if LIBSSH2_RSA_SHA1 int _libssh2_wincng_rsa_sha1_verify(libssh2_rsa_ctx *rsa, const unsigned char *sig, - unsigned long sig_len, + size_t sig_len, const unsigned char *m, - unsigned long m_len) + size_t m_len) { - return _libssh2_wincng_key_sha1_verify(rsa, sig, sig_len, m, m_len, - BCRYPT_PAD_PKCS1); + return _libssh2_wincng_key_sha_verify(rsa, SHA_DIGEST_LENGTH, + sig, (unsigned long)sig_len, + m, (unsigned long)m_len, + BCRYPT_PAD_PKCS1); } +#endif + +#if LIBSSH2_RSA_SHA2 +int +_libssh2_wincng_rsa_sha2_verify(libssh2_rsa_ctx *rsa, + size_t hash_len, + const unsigned char *sig, + size_t sig_len, + const unsigned char *m, + size_t m_len) +{ + return _libssh2_wincng_key_sha_verify(rsa, (unsigned long)hash_len, + sig, (unsigned long)sig_len, + m, (unsigned long)m_len, + BCRYPT_PAD_PKCS1); +} +#endif int -_libssh2_wincng_rsa_sha1_sign(LIBSSH2_SESSION *session, - libssh2_rsa_ctx *rsa, - const unsigned char *hash, - size_t hash_len, - unsigned char **signature, - size_t *signature_len) +_libssh2_wincng_rsa_sha_sign(LIBSSH2_SESSION *session, + libssh2_rsa_ctx *rsa, + const unsigned char *hash, + size_t hash_len, + unsigned char **signature, + size_t *signature_len) { BCRYPT_PKCS1_PADDING_INFO paddingInfo; unsigned char *data, *sig; unsigned long cbData, datalen, siglen; int ret; + if(hash_len == SHA_DIGEST_LENGTH) + paddingInfo.pszAlgId = BCRYPT_SHA1_ALGORITHM; + else if(hash_len == SHA256_DIGEST_LENGTH) + paddingInfo.pszAlgId = BCRYPT_SHA256_ALGORITHM; + else if(hash_len == SHA384_DIGEST_LENGTH) + paddingInfo.pszAlgId = BCRYPT_SHA384_ALGORITHM; + else if(hash_len == SHA512_DIGEST_LENGTH) + paddingInfo.pszAlgId = BCRYPT_SHA512_ALGORITHM; + else { + _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "Unsupported hash digest length"); + return -1; + } + datalen = (unsigned long)hash_len; data = malloc(datalen); if(!data) { return -1; } - - paddingInfo.pszAlgId = BCRYPT_SHA1_ALGORITHM; - memcpy(data, hash, datalen); ret = BCryptSignHash(rsa->hKey, &paddingInfo, @@ -1276,7 +1345,7 @@ _libssh2_wincng_rsa_free(libssh2_rsa_ctx *rsa) _libssh2_wincng_safe_free(rsa->pbKeyObject, rsa->cbKeyObject); _libssh2_wincng_safe_free(rsa, sizeof(libssh2_rsa_ctx)); } - +#endif /*******************************************************************/ /* @@ -1300,7 +1369,6 @@ _libssh2_wincng_dsa_new(libssh2_dsa_ctx **dsa, BCRYPT_KEY_HANDLE hKey; BCRYPT_DSA_KEY_BLOB *dsakey; LPCWSTR lpszBlobType; - unsigned char *key; unsigned long keylen, offset, length; int ret; @@ -1312,16 +1380,15 @@ _libssh2_wincng_dsa_new(libssh2_dsa_ctx **dsa, if(xdata && xlen > 0) keylen += 20; - key = malloc(keylen); - if(!key) { + dsakey = (BCRYPT_DSA_KEY_BLOB *)malloc(keylen); + if(!dsakey) { return -1; } - memset(key, 0, keylen); + memset(dsakey, 0, keylen); /* https://msdn.microsoft.com/library/windows/desktop/aa833126.aspx */ - dsakey = (BCRYPT_DSA_KEY_BLOB *)key; dsakey->cbKey = length; memset(dsakey->Count, -1, sizeof(dsakey->Count)); @@ -1333,29 +1400,35 @@ _libssh2_wincng_dsa_new(libssh2_dsa_ctx **dsa, memcpy(dsakey->q, qdata + qlen - 20, 20); if(plen < length) - memcpy(key + offset + length - plen, pdata, plen); + memcpy((unsigned char *)dsakey + offset + length - plen, + pdata, plen); else - memcpy(key + offset, pdata + plen - length, length); + memcpy((unsigned char *)dsakey + offset, + pdata + plen - length, length); offset += length; if(glen < length) - memcpy(key + offset + length - glen, gdata, glen); + memcpy((unsigned char *)dsakey + offset + length - glen, + gdata, glen); else - memcpy(key + offset, gdata + glen - length, length); + memcpy((unsigned char *)dsakey + offset, + gdata + glen - length, length); offset += length; if(ylen < length) - memcpy(key + offset + length - ylen, ydata, ylen); + memcpy((unsigned char *)dsakey + offset + length - ylen, + ydata, ylen); else - memcpy(key + offset, ydata + ylen - length, length); + memcpy((unsigned char *)dsakey + offset, + ydata + ylen - length, length); if(xdata && xlen > 0) { offset += length; if(xlen < 20) - memcpy(key + offset + 20 - xlen, xdata, xlen); + memcpy((unsigned char *)dsakey + offset + 20 - xlen, xdata, xlen); else - memcpy(key + offset, xdata + xlen - 20, 20); + memcpy((unsigned char *)dsakey + offset, xdata + xlen - 20, 20); lpszBlobType = BCRYPT_DSA_PRIVATE_BLOB; dsakey->dwMagic = BCRYPT_DSA_PRIVATE_MAGIC; @@ -1367,9 +1440,9 @@ _libssh2_wincng_dsa_new(libssh2_dsa_ctx **dsa, ret = BCryptImportKeyPair(_libssh2_wincng.hAlgDSA, NULL, lpszBlobType, - &hKey, key, keylen, 0); + &hKey, (PUCHAR)dsakey, keylen, 0); if(!BCRYPT_SUCCESS(ret)) { - _libssh2_wincng_safe_free(key, keylen); + _libssh2_wincng_safe_free(dsakey, keylen); return -1; } @@ -1377,12 +1450,12 @@ _libssh2_wincng_dsa_new(libssh2_dsa_ctx **dsa, *dsa = malloc(sizeof(libssh2_dsa_ctx)); if(!(*dsa)) { BCryptDestroyKey(hKey); - _libssh2_wincng_safe_free(key, keylen); + _libssh2_wincng_safe_free(dsakey, keylen); return -1; } (*dsa)->hKey = hKey; - (*dsa)->pbKeyObject = key; + (*dsa)->pbKeyObject = dsakey; (*dsa)->cbKeyObject = keylen; return 0; @@ -1393,7 +1466,7 @@ static int _libssh2_wincng_dsa_new_private_parse(libssh2_dsa_ctx **dsa, LIBSSH2_SESSION *session, unsigned char *pbEncoded, - unsigned long cbEncoded) + size_t cbEncoded) { unsigned char **rpbDecoded; unsigned long *rcbDecoded, index, length; @@ -1444,11 +1517,10 @@ _libssh2_wincng_dsa_new_private(libssh2_dsa_ctx **dsa, { #ifdef HAVE_LIBCRYPT32 unsigned char *pbEncoded; - unsigned long cbEncoded; + size_t cbEncoded; int ret; - ret = _libssh2_wincng_load_private(session, filename, - (const char *)passphrase, + ret = _libssh2_wincng_load_private(session, filename, passphrase, &pbEncoded, &cbEncoded, 0, 1); if(ret) { return -1; @@ -1472,15 +1544,15 @@ _libssh2_wincng_dsa_new_private_frommemory(libssh2_dsa_ctx **dsa, LIBSSH2_SESSION *session, const char *filedata, size_t filedata_len, - unsigned const char *passphrase) + const unsigned char *passphrase) { #ifdef HAVE_LIBCRYPT32 unsigned char *pbEncoded; - unsigned long cbEncoded; + size_t cbEncoded; int ret; ret = _libssh2_wincng_load_private_memory(session, filedata, filedata_len, - (const char *)passphrase, + passphrase, &pbEncoded, &cbEncoded, 0, 1); if(ret) { return -1; @@ -1504,9 +1576,10 @@ int _libssh2_wincng_dsa_sha1_verify(libssh2_dsa_ctx *dsa, const unsigned char *sig_fixed, const unsigned char *m, - unsigned long m_len) + size_t m_len) { - return _libssh2_wincng_key_sha1_verify(dsa, sig_fixed, 40, m, m_len, 0); + return _libssh2_wincng_key_sha_verify(dsa, SHA_DIGEST_LENGTH, sig_fixed, + 40, m, (unsigned long)m_len, 0); } int @@ -1597,13 +1670,13 @@ _libssh2_wincng_pub_priv_keyfile_parse(LIBSSH2_SESSION *session, unsigned char **pubkeydata, size_t *pubkeydata_len, unsigned char *pbEncoded, - unsigned long cbEncoded) + size_t cbEncoded) { - unsigned char **rpbDecoded; - unsigned long *rcbDecoded; + unsigned char **rpbDecoded = NULL; + unsigned long *rcbDecoded = NULL; unsigned char *key = NULL, *mth = NULL; unsigned long keylen = 0, mthlen = 0; - unsigned long index, offset, length; + unsigned long index, offset, length = 0; int ret; ret = _libssh2_wincng_asn_decode_bns(pbEncoded, cbEncoded, @@ -1725,10 +1798,11 @@ _libssh2_wincng_pub_priv_keyfile(LIBSSH2_SESSION *session, { #ifdef HAVE_LIBCRYPT32 unsigned char *pbEncoded; - unsigned long cbEncoded; + size_t cbEncoded; int ret; - ret = _libssh2_wincng_load_private(session, privatekey, passphrase, + ret = _libssh2_wincng_load_private(session, privatekey, + (const unsigned char *)passphrase, &pbEncoded, &cbEncoded, 1, 1); if(ret) { return -1; @@ -1763,11 +1837,13 @@ _libssh2_wincng_pub_priv_keyfilememory(LIBSSH2_SESSION *session, { #ifdef HAVE_LIBCRYPT32 unsigned char *pbEncoded; - unsigned long cbEncoded; + size_t cbEncoded; int ret; ret = _libssh2_wincng_load_private_memory(session, privatekeydata, - privatekeydata_len, passphrase, + privatekeydata_len, + (const unsigned char *) + passphrase, &pbEncoded, &cbEncoded, 1, 1); if(ret) { return -1; @@ -1786,11 +1862,44 @@ _libssh2_wincng_pub_priv_keyfilememory(LIBSSH2_SESSION *session, (void)passphrase; return _libssh2_error(session, LIBSSH2_ERROR_METHOD_NOT_SUPPORTED, - "Unable to extract public key from private key in memory: " - "Method unsupported in Windows CNG backend"); + "Unable to extract public key from private key in memory: " + "Method unsupported in Windows CNG backend"); #endif /* HAVE_LIBCRYPT32 */ } +int +_libssh2_wincng_sk_pub_keyfilememory(LIBSSH2_SESSION *session, + unsigned char **method, + size_t *method_len, + unsigned char **pubkeydata, + size_t *pubkeydata_len, + int *algorithm, + unsigned char *flags, + const char **application, + const unsigned char **key_handle, + size_t *handle_len, + const char *privatekeydata, + size_t privatekeydata_len, + const char *passphrase) +{ + (void)method; + (void)method_len; + (void)pubkeydata; + (void)pubkeydata_len; + (void)algorithm; + (void)flags; + (void)application; + (void)key_handle; + (void)handle_len; + (void)privatekeydata; + (void)privatekeydata_len; + (void)passphrase; + + return _libssh2_error(session, LIBSSH2_ERROR_FILE, + "Unable to extract public SK key from private key file: " + "Method unimplemented in Windows CNG backend"); +} + /*******************************************************************/ /* * Windows CNG backend: Cipher functions @@ -1805,7 +1914,7 @@ _libssh2_wincng_cipher_init(_libssh2_cipher_ctx *ctx, { BCRYPT_KEY_HANDLE hKey; BCRYPT_KEY_DATA_BLOB_HEADER *header; - unsigned char *pbKeyObject, *pbIV, *key, *pbCtr, *pbIVCopy; + unsigned char *pbKeyObject, *pbIV, *pbCtr, *pbIVCopy; unsigned long dwKeyObject, dwIV, dwCtrLength, dwBlockLength, cbData, keylen; int ret; @@ -1834,26 +1943,27 @@ _libssh2_wincng_cipher_init(_libssh2_cipher_ctx *ctx, } - keylen = sizeof(BCRYPT_KEY_DATA_BLOB_HEADER) + type.dwKeyLength; - key = malloc(keylen); - if(!key) { + keylen = (unsigned long)sizeof(BCRYPT_KEY_DATA_BLOB_HEADER) + + type.dwKeyLength; + header = (BCRYPT_KEY_DATA_BLOB_HEADER *)malloc(keylen); + if(!header) { free(pbKeyObject); return -1; } - header = (BCRYPT_KEY_DATA_BLOB_HEADER *)key; header->dwMagic = BCRYPT_KEY_DATA_BLOB_MAGIC; header->dwVersion = BCRYPT_KEY_DATA_BLOB_VERSION1; header->cbKeyData = type.dwKeyLength; - memcpy(key + sizeof(BCRYPT_KEY_DATA_BLOB_HEADER), + memcpy((unsigned char *)header + sizeof(BCRYPT_KEY_DATA_BLOB_HEADER), secret, type.dwKeyLength); ret = BCryptImportKey(*type.phAlg, NULL, BCRYPT_KEY_DATA_BLOB, &hKey, - pbKeyObject, dwKeyObject, key, keylen, 0); + pbKeyObject, dwKeyObject, + (PUCHAR)header, keylen, 0); - _libssh2_wincng_safe_free(key, keylen); + _libssh2_wincng_safe_free(header, keylen); if(!BCRYPT_SUCCESS(ret)) { _libssh2_wincng_safe_free(pbKeyObject, dwKeyObject); @@ -1900,13 +2010,14 @@ _libssh2_wincng_cipher_crypt(_libssh2_cipher_ctx *ctx, _libssh2_cipher_type(type), int encrypt, unsigned char *block, - size_t blocklen) + size_t blocklen, int firstlast) { unsigned char *pbOutput, *pbInput; unsigned long cbOutput, cbInput; int ret; (void)type; + (void)firstlast; cbInput = (unsigned long)blocklen; @@ -2007,11 +2118,9 @@ _libssh2_wincng_bignum_resize(_libssh2_bn *bn, unsigned long length) if(length == bn->length) return 0; -#ifdef LIBSSH2_CLEAR_MEMORY if(bn->bignum && bn->length > 0 && length < bn->length) { - SecureZeroMemory(bn->bignum + length, bn->length - length); + _libssh2_explicit_zero(bn->bignum + length, bn->length - length); } -#endif bignum = realloc(bn->bignum, length); if(!bignum) @@ -2048,13 +2157,13 @@ _libssh2_wincng_bignum_rand(_libssh2_bn *rnd, int bits, int top, int bottom) bits = 8; /* fill most significant byte with zero padding */ - bignum[0] &= ((1 << bits) - 1); + bignum[0] &= (unsigned char)((1 << bits) - 1); /* set most significant bits in most significant byte */ if(top == 0) - bignum[0] |= (1 << (bits - 1)); + bignum[0] |= (unsigned char)(1 << (bits - 1)); else if(top == 1) - bignum[0] |= (3 << (bits - 2)); + bignum[0] |= (unsigned char)(3 << (bits - 2)); /* make odd by setting first bit in least significant byte */ if(bottom) @@ -2071,7 +2180,7 @@ _libssh2_wincng_bignum_mod_exp(_libssh2_bn *r, { BCRYPT_KEY_HANDLE hKey; BCRYPT_RSAKEY_BLOB *rsakey; - unsigned char *key, *bignum; + unsigned char *bignum; unsigned long keylen, offset, length; int ret; @@ -2081,13 +2190,12 @@ _libssh2_wincng_bignum_mod_exp(_libssh2_bn *r, offset = sizeof(BCRYPT_RSAKEY_BLOB); keylen = offset + p->length + m->length; - key = malloc(keylen); - if(!key) + rsakey = (BCRYPT_RSAKEY_BLOB *)malloc(keylen); + if(!rsakey) return -1; /* https://msdn.microsoft.com/library/windows/desktop/aa375531.aspx */ - rsakey = (BCRYPT_RSAKEY_BLOB *)key; rsakey->Magic = BCRYPT_RSAPUBLIC_MAGIC; rsakey->BitLength = m->length * 8; rsakey->cbPublicExp = p->length; @@ -2095,14 +2203,15 @@ _libssh2_wincng_bignum_mod_exp(_libssh2_bn *r, rsakey->cbPrime1 = 0; rsakey->cbPrime2 = 0; - memcpy(key + offset, p->bignum, p->length); + memcpy((unsigned char *)rsakey + offset, p->bignum, p->length); offset += p->length; - memcpy(key + offset, m->bignum, m->length); + memcpy((unsigned char *)rsakey + offset, m->bignum, m->length); offset = 0; ret = BCryptImportKeyPair(_libssh2_wincng.hAlgRSA, NULL, - BCRYPT_RSAPUBLIC_BLOB, &hKey, key, keylen, 0); + BCRYPT_RSAPUBLIC_BLOB, &hKey, + (PUCHAR)rsakey, keylen, 0); if(BCRYPT_SUCCESS(ret)) { ret = BCryptEncrypt(hKey, a->bignum, a->length, NULL, NULL, 0, NULL, 0, &length, BCRYPT_PAD_NONE); @@ -2134,7 +2243,7 @@ _libssh2_wincng_bignum_mod_exp(_libssh2_bn *r, BCryptDestroyKey(hKey); } - _libssh2_wincng_safe_free(key, keylen); + _libssh2_wincng_safe_free(rsakey, keylen); return BCRYPT_SUCCESS(ret) ? 0 : -1; } @@ -2210,9 +2319,7 @@ _libssh2_wincng_bignum_from_bin(_libssh2_bn *bn, unsigned long len, if(offset > 0) { memmove(bn->bignum, bn->bignum + offset, length); -#ifdef LIBSSH2_CLEAR_MEMORY - SecureZeroMemory(bn->bignum + length, offset); -#endif + _libssh2_explicit_zero(bn->bignum + length, offset); bignum = realloc(bn->bignum, length); if(bignum) { @@ -2253,9 +2360,9 @@ void _libssh2_dh_init(_libssh2_dh_ctx *dhctx) { /* Random from client */ - dhctx->bn = NULL; dhctx->dh_handle = NULL; dhctx->dh_params = NULL; + dhctx->dh_privbn = NULL; } void @@ -2271,12 +2378,18 @@ _libssh2_dh_dtor(_libssh2_dh_ctx *dhctx) free(dhctx->dh_params); dhctx->dh_params = NULL; } - if(dhctx->bn) { - _libssh2_wincng_bignum_free(dhctx->bn); - dhctx->bn = NULL; + if(dhctx->dh_privbn) { + _libssh2_wincng_bignum_free(dhctx->dh_privbn); + dhctx->dh_privbn = NULL; } } +static int +round_down(int number, int multiple) +{ + return (number / multiple) * multiple; +} + /* Generates a Diffie-Hellman key pair using base `g', prime `p' and the given * `group_order'. Can use the given big number context `bnctx' if needed. The * private key is stored as opaque in the Diffie-Hellman context `*dhctx' and @@ -2287,16 +2400,19 @@ _libssh2_dh_key_pair(_libssh2_dh_ctx *dhctx, _libssh2_bn *public, _libssh2_bn *g, _libssh2_bn *p, int group_order) { const int hasAlgDHwithKDF = _libssh2_wincng.hasAlgDHwithKDF; + + if(group_order < 0) + return -1; + while(_libssh2_wincng.hAlgDH && hasAlgDHwithKDF != -1) { - BCRYPT_DH_PARAMETER_HEADER *dh_params = NULL; + BCRYPT_DH_PARAMETER_HEADER *dh_params; unsigned long dh_params_len; - unsigned char *blob = NULL; int status; /* Note that the DH provider requires that keys be multiples of 64 bits * in length. At the time of writing a practical observed group_order * value is 257, so we need to round down to 8 bytes of length (64/8) * in order for kex to succeed */ - DWORD key_length_bytes = max(round_down(group_order, 8), + DWORD key_length_bytes = max((unsigned long)round_down(group_order, 8), max(g->length, p->length)); BCRYPT_DH_KEY_BLOB *dh_key_blob; LPCWSTR key_type; @@ -2310,38 +2426,39 @@ _libssh2_dh_key_pair(_libssh2_dh_ctx *dhctx, _libssh2_bn *public, return -1; } - dh_params_len = sizeof(*dh_params) + 2 * key_length_bytes; - blob = malloc(dh_params_len); - if(!blob) { + dh_params_len = (unsigned long)sizeof(*dh_params) + + 2 * key_length_bytes; + dh_params = (BCRYPT_DH_PARAMETER_HEADER *)malloc(dh_params_len); + if(!dh_params) { return -1; } /* Populate DH parameters blob; after the header follows the `p` * value and the `g` value. */ - dh_params = (BCRYPT_DH_PARAMETER_HEADER*)blob; dh_params->cbLength = dh_params_len; dh_params->dwMagic = BCRYPT_DH_PARAMETERS_MAGIC; dh_params->cbKeyLength = key_length_bytes; - memcpy_with_be_padding(blob + sizeof(*dh_params), key_length_bytes, - p->bignum, p->length); - memcpy_with_be_padding(blob + sizeof(*dh_params) + key_length_bytes, + memcpy_with_be_padding((unsigned char *)dh_params + + sizeof(*dh_params), + key_length_bytes, p->bignum, p->length); + memcpy_with_be_padding((unsigned char *)dh_params + + sizeof(*dh_params) + key_length_bytes, key_length_bytes, g->bignum, g->length); status = BCryptSetProperty(dhctx->dh_handle, BCRYPT_DH_PARAMETERS, - blob, dh_params_len, 0); + (PUCHAR)dh_params, dh_params_len, 0); if(hasAlgDHwithKDF == -1) { /* We know that the raw KDF is not supported, so discard this. */ - free(blob); + free(dh_params); } else { /* Pass ownership to dhctx; these parameters will be freed when * the context is destroyed. We need to keep the parameters more * easily available so that we have access to the `g` value when - * _libssh2_dh_secret is called later. */ + * _libssh2_dh_secret() is called later. */ dhctx->dh_params = dh_params; } dh_params = NULL; - blob = NULL; if(!BCRYPT_SUCCESS(status)) { return -1; @@ -2371,21 +2488,21 @@ _libssh2_dh_key_pair(_libssh2_dh_ctx *dhctx, _libssh2_bn *public, return -1; } - blob = malloc(key_length_bytes); - if(!blob) { + dh_key_blob = (BCRYPT_DH_KEY_BLOB *)malloc(key_length_bytes); + if(!dh_key_blob) { return -1; } status = BCryptExportKey(dhctx->dh_handle, NULL, key_type, - blob, key_length_bytes, + (PUCHAR)dh_key_blob, key_length_bytes, &key_length_bytes, 0); if(!BCRYPT_SUCCESS(status)) { if(hasAlgDHwithKDF == 1) { /* We have no private data, because raw KDF is supported */ - free(blob); + free(dh_key_blob); } else { /* we may have potentially private data, use secure free */ - _libssh2_wincng_safe_free(blob, key_length_bytes); + _libssh2_wincng_safe_free(dh_key_blob, key_length_bytes); } return -1; } @@ -2399,45 +2516,47 @@ _libssh2_dh_key_pair(_libssh2_dh_ctx *dhctx, _libssh2_bn *public, /* BCRYPT_DH_PUBLIC_BLOB corresponds to a BCRYPT_DH_KEY_BLOB header * followed by the Modulus, Generator and Public data. Those components * each have equal size, specified by dh_key_blob->cbKey. */ - dh_key_blob = (BCRYPT_DH_KEY_BLOB*)blob; if(_libssh2_wincng_bignum_resize(public, dh_key_blob->cbKey)) { if(hasAlgDHwithKDF == 1) { /* We have no private data, because raw KDF is supported */ - free(blob); + free(dh_key_blob); } else { /* we may have potentially private data, use secure free */ - _libssh2_wincng_safe_free(blob, key_length_bytes); + _libssh2_wincng_safe_free(dh_key_blob, key_length_bytes); } return -1; } /* Copy the public key data into the public bignum data buffer */ - memcpy(public->bignum, - blob + sizeof(*dh_key_blob) + 2 * dh_key_blob->cbKey, + memcpy(public->bignum, (unsigned char *)dh_key_blob + + sizeof(*dh_key_blob) + + 2 * dh_key_blob->cbKey, dh_key_blob->cbKey); if(dh_key_blob->dwMagic == BCRYPT_DH_PRIVATE_MAGIC) { /* BCRYPT_DH_PRIVATE_BLOB additionally contains the Private data */ - dhctx->bn = _libssh2_wincng_bignum_init(); - if(!dhctx->bn) { - _libssh2_wincng_safe_free(blob, key_length_bytes); + dhctx->dh_privbn = _libssh2_wincng_bignum_init(); + if(!dhctx->dh_privbn) { + _libssh2_wincng_safe_free(dh_key_blob, key_length_bytes); return -1; } - if(_libssh2_wincng_bignum_resize(dhctx->bn, dh_key_blob->cbKey)) { - _libssh2_wincng_safe_free(blob, key_length_bytes); + if(_libssh2_wincng_bignum_resize(dhctx->dh_privbn, + dh_key_blob->cbKey)) { + _libssh2_wincng_safe_free(dh_key_blob, key_length_bytes); return -1; } /* Copy the private key data into the dhctx bignum data buffer */ - memcpy(dhctx->bn->bignum, - blob + sizeof(*dh_key_blob) + 3 * dh_key_blob->cbKey, + memcpy(dhctx->dh_privbn->bignum, (unsigned char *)dh_key_blob + + sizeof(*dh_key_blob) + + 3 * dh_key_blob->cbKey, dh_key_blob->cbKey); /* Make sure the private key is an odd number, because only * odd primes can be used with the RSA-based fallback while * DH itself does not seem to care about it being odd or not. */ - if(!(dhctx->bn->bignum[dhctx->bn->length-1] % 2)) { - _libssh2_wincng_safe_free(blob, key_length_bytes); + if(!(dhctx->dh_privbn->bignum[dhctx->dh_privbn->length-1] % 2)) { + _libssh2_wincng_safe_free(dh_key_blob, key_length_bytes); /* discard everything first, then try again */ _libssh2_dh_dtor(dhctx); _libssh2_dh_init(dhctx); @@ -2445,16 +2564,18 @@ _libssh2_dh_key_pair(_libssh2_dh_ctx *dhctx, _libssh2_bn *public, } } + _libssh2_wincng_safe_free(dh_key_blob, key_length_bytes); + return 0; } /* Generate x and e */ - dhctx->bn = _libssh2_wincng_bignum_init(); - if(!dhctx->bn) + dhctx->dh_privbn = _libssh2_wincng_bignum_init(); + if(!dhctx->dh_privbn) return -1; - if(_libssh2_wincng_bignum_rand(dhctx->bn, group_order * 8 - 1, 0, -1)) + if(_libssh2_wincng_bignum_rand(dhctx->dh_privbn, (group_order*8)-1, 0, -1)) return -1; - if(_libssh2_wincng_bignum_mod_exp(public, g, dhctx->bn, p)) + if(_libssh2_wincng_bignum_mod_exp(public, g, dhctx->dh_privbn, p)) return -1; return 0; @@ -2473,12 +2594,12 @@ _libssh2_dh_secret(_libssh2_dh_ctx *dhctx, _libssh2_bn *secret, BCRYPT_KEY_HANDLE peer_public = NULL; BCRYPT_SECRET_HANDLE agreement = NULL; ULONG secret_len_bytes = 0; - unsigned char *blob; int status; unsigned char *start, *end; - BCRYPT_DH_KEY_BLOB *public_blob = NULL; + BCRYPT_DH_KEY_BLOB *public_blob; DWORD key_length_bytes = max(f->length, dhctx->dh_params->cbKeyLength); - DWORD public_blob_len = sizeof(*public_blob) + 3 * key_length_bytes; + DWORD public_blob_len = (DWORD)(sizeof(*public_blob) + + 3 * key_length_bytes); { /* Populate a BCRYPT_DH_KEY_BLOB; after the header follows the @@ -2487,11 +2608,10 @@ _libssh2_dh_secret(_libssh2_dh_ctx *dhctx, _libssh2_bn *secret, unsigned char *dest; unsigned char *src; - blob = malloc(public_blob_len); - if(!blob) { + public_blob = (BCRYPT_DH_KEY_BLOB *)malloc(public_blob_len); + if(!public_blob) { return -1; } - public_blob = (BCRYPT_DH_KEY_BLOB*)blob; public_blob->dwMagic = BCRYPT_DH_PUBLIC_MAGIC; public_blob->cbKey = key_length_bytes; @@ -2512,8 +2632,8 @@ _libssh2_dh_secret(_libssh2_dh_ctx *dhctx, _libssh2_bn *secret, /* Import the peer public key information */ status = BCryptImportKeyPair(_libssh2_wincng.hAlgDH, NULL, - BCRYPT_DH_PUBLIC_BLOB, &peer_public, blob, - public_blob_len, 0); + BCRYPT_DH_PUBLIC_BLOB, &peer_public, + (PUCHAR)public_blob, public_blob_len, 0); if(!BCRYPT_SUCCESS(status)) { goto out; } @@ -2578,6 +2698,9 @@ out: if(agreement) { BCryptDestroySecret(agreement); } + + free(public_blob); + if(status == STATUS_NOT_SUPPORTED && _libssh2_wincng.hasAlgDHwithKDF == -1) { goto fb; /* fallback to RSA-based implementation */ @@ -2587,7 +2710,33 @@ out: fb: /* Compute the shared secret */ - return _libssh2_wincng_bignum_mod_exp(secret, f, dhctx->bn, p); + return _libssh2_wincng_bignum_mod_exp(secret, f, dhctx->dh_privbn, p); } -#endif /* LIBSSH2_WINCNG */ +/* _libssh2_supported_key_sign_algorithms + * + * Return supported key hash algo upgrades, see crypto.h + * + */ + +const char * +_libssh2_supported_key_sign_algorithms(LIBSSH2_SESSION *session, + unsigned char *key_method, + size_t key_method_len) +{ + (void)session; + +#if LIBSSH2_RSA_SHA2 + if(key_method_len == 7 && + memcmp(key_method, "ssh-rsa", key_method_len) == 0) { + return "rsa-sha2-512,rsa-sha2-256,ssh-rsa"; + } +#else + (void)key_method; + (void)key_method_len; +#endif + + return NULL; +} + +#endif /* LIBSSH2_CRYPTO_C */ diff --git a/libssh2/src/wincng.h b/libssh2/src/wincng.h old mode 100755 new mode 100644 index eaf6f9051..21b25605e --- a/libssh2/src/wincng.h +++ b/libssh2/src/wincng.h @@ -38,6 +38,8 @@ * OF SUCH DAMAGE. */ +#define LIBSSH2_CRYPTO_ENGINE libssh2_wincng + /* required for cross-compilation against the w64 mingw-runtime package */ #if defined(_WIN32_WINNT) && (_WIN32_WINNT < 0x0600) #undef _WIN32_WINNT @@ -55,14 +57,17 @@ #define LIBSSH2_HMAC_SHA256 1 #define LIBSSH2_HMAC_SHA512 1 -#define LIBSSH2_AES 1 +#define LIBSSH2_AES_CBC 1 #define LIBSSH2_AES_CTR 1 +#define LIBSSH2_AES_GCM 0 #define LIBSSH2_BLOWFISH 0 #define LIBSSH2_RC4 1 #define LIBSSH2_CAST 0 #define LIBSSH2_3DES 1 #define LIBSSH2_RSA 1 +#define LIBSSH2_RSA_SHA1 1 +#define LIBSSH2_RSA_SHA2 1 #define LIBSSH2_DSA 1 #define LIBSSH2_ECDSA 0 #define LIBSSH2_ED25519 0 @@ -119,12 +124,12 @@ void _libssh2_wincng_init(void); void _libssh2_wincng_free(void); #define libssh2_crypto_init() \ - _libssh2_wincng_init() + _libssh2_wincng_init() #define libssh2_crypto_exit() \ - _libssh2_wincng_free() + _libssh2_wincng_free() #define _libssh2_random(buf, len) \ - _libssh2_wincng_random(buf, len) + _libssh2_wincng_random(buf, len) #define libssh2_prepare_iovec(vec, len) /* Empty. */ @@ -147,61 +152,73 @@ typedef struct __libssh2_wincng_hash_ctx { #define libssh2_sha1_ctx _libssh2_wincng_hash_ctx #define libssh2_sha1_init(ctx) \ - (_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHashSHA1, \ - SHA_DIGEST_LENGTH, NULL, 0) == 0) + (_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHashSHA1, \ + SHA_DIGEST_LENGTH, NULL, 0) == 0) #define libssh2_sha1_update(ctx, data, datalen) \ - _libssh2_wincng_hash_update(&ctx, (unsigned char *) data, datalen) + _libssh2_wincng_hash_update(&ctx, \ + (const unsigned char *) data, \ + (unsigned long) datalen) #define libssh2_sha1_final(ctx, hash) \ - _libssh2_wincng_hash_final(&ctx, hash) + _libssh2_wincng_hash_final(&ctx, hash) #define libssh2_sha1(data, datalen, hash) \ - _libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashSHA1, \ - hash, SHA_DIGEST_LENGTH) + _libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashSHA1, \ + hash, SHA_DIGEST_LENGTH) #define libssh2_sha256_ctx _libssh2_wincng_hash_ctx #define libssh2_sha256_init(ctx) \ - (_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHashSHA256, \ - SHA256_DIGEST_LENGTH, NULL, 0) == 0) + (_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHashSHA256, \ + SHA256_DIGEST_LENGTH, NULL, 0) == 0) #define libssh2_sha256_update(ctx, data, datalen) \ - _libssh2_wincng_hash_update(&ctx, (unsigned char *) data, datalen) + _libssh2_wincng_hash_update(&ctx, \ + (const unsigned char *) data, \ + (unsigned long) datalen) #define libssh2_sha256_final(ctx, hash) \ - _libssh2_wincng_hash_final(&ctx, hash) + _libssh2_wincng_hash_final(&ctx, hash) #define libssh2_sha256(data, datalen, hash) \ - _libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashSHA256, \ - hash, SHA256_DIGEST_LENGTH) + _libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashSHA256, \ + hash, SHA256_DIGEST_LENGTH) + #define libssh2_sha384_ctx _libssh2_wincng_hash_ctx #define libssh2_sha384_init(ctx) \ - (_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHashSHA384, \ - SHA384_DIGEST_LENGTH, NULL, 0) == 0) + (_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHashSHA384, \ + SHA384_DIGEST_LENGTH, NULL, 0) == 0) #define libssh2_sha384_update(ctx, data, datalen) \ - _libssh2_wincng_hash_update(&ctx, (unsigned char *) data, datalen) + _libssh2_wincng_hash_update(&ctx, \ + (const unsigned char *) data, \ + (unsigned long) datalen) #define libssh2_sha384_final(ctx, hash) \ - _libssh2_wincng_hash_final(&ctx, hash) + _libssh2_wincng_hash_final(&ctx, hash) #define libssh2_sha384(data, datalen, hash) \ -_libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashSHA384, \ - hash, SHA384_DIGEST_LENGTH) + _libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashSHA384, \ + hash, SHA384_DIGEST_LENGTH) + #define libssh2_sha512_ctx _libssh2_wincng_hash_ctx #define libssh2_sha512_init(ctx) \ - (_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHashSHA512, \ - SHA512_DIGEST_LENGTH, NULL, 0) == 0) + (_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHashSHA512, \ + SHA512_DIGEST_LENGTH, NULL, 0) == 0) #define libssh2_sha512_update(ctx, data, datalen) \ - _libssh2_wincng_hash_update(&ctx, (unsigned char *) data, datalen) + _libssh2_wincng_hash_update(&ctx, \ + (const unsigned char *) data, \ + (unsigned long) datalen) #define libssh2_sha512_final(ctx, hash) \ - _libssh2_wincng_hash_final(&ctx, hash) + _libssh2_wincng_hash_final(&ctx, hash) #define libssh2_sha512(data, datalen, hash) \ - _libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashSHA512, \ - hash, SHA512_DIGEST_LENGTH) + _libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashSHA512, \ + hash, SHA512_DIGEST_LENGTH) #define libssh2_md5_ctx _libssh2_wincng_hash_ctx #define libssh2_md5_init(ctx) \ - (_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHashMD5, \ - MD5_DIGEST_LENGTH, NULL, 0) == 0) + (_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHashMD5, \ + MD5_DIGEST_LENGTH, NULL, 0) == 0) #define libssh2_md5_update(ctx, data, datalen) \ - _libssh2_wincng_hash_update(&ctx, (unsigned char *) data, datalen) + _libssh2_wincng_hash_update(&ctx, \ + (const unsigned char *) data, \ + (unsigned long) datalen) #define libssh2_md5_final(ctx, hash) \ - _libssh2_wincng_hash_final(&ctx, hash) + _libssh2_wincng_hash_final(&ctx, hash) #define libssh2_md5(data, datalen, hash) \ - _libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashMD5, \ - hash, MD5_DIGEST_LENGTH) + _libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashMD5, \ + hash, MD5_DIGEST_LENGTH) /* * Windows CNG backend: HMAC functions @@ -210,25 +227,31 @@ _libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashSHA384, \ #define libssh2_hmac_ctx _libssh2_wincng_hash_ctx #define libssh2_hmac_ctx_init(ctx) #define libssh2_hmac_sha1_init(ctx, key, keylen) \ - _libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHmacSHA1, \ - SHA_DIGEST_LENGTH, key, keylen) + _libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHmacSHA1, \ + SHA_DIGEST_LENGTH, \ + key, (unsigned long) keylen) #define libssh2_hmac_md5_init(ctx, key, keylen) \ - _libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHmacMD5, \ - MD5_DIGEST_LENGTH, key, keylen) + _libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHmacMD5, \ + MD5_DIGEST_LENGTH, \ + key, (unsigned long) keylen) #define libssh2_hmac_ripemd160_init(ctx, key, keylen) - /* not implemented */ + /* not implemented */ #define libssh2_hmac_sha256_init(ctx, key, keylen) \ - _libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHmacSHA256, \ - SHA256_DIGEST_LENGTH, key, keylen) + _libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHmacSHA256, \ + SHA256_DIGEST_LENGTH, \ + key, (unsigned long) keylen) #define libssh2_hmac_sha512_init(ctx, key, keylen) \ - _libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHmacSHA512, \ - SHA512_DIGEST_LENGTH, key, keylen) + _libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHmacSHA512, \ + SHA512_DIGEST_LENGTH, \ + key, (unsigned long) keylen) #define libssh2_hmac_update(ctx, data, datalen) \ - _libssh2_wincng_hash_update(&ctx, (unsigned char *) data, datalen) + _libssh2_wincng_hash_update(&ctx, \ + (const unsigned char *) data, \ + (unsigned long) datalen) #define libssh2_hmac_final(ctx, hash) \ - _libssh2_wincng_hmac_final(&ctx, hash) + _libssh2_wincng_hmac_final(&ctx, hash) #define libssh2_hmac_cleanup(ctx) \ - _libssh2_wincng_hmac_cleanup(ctx) + _libssh2_wincng_hmac_cleanup(ctx) /*******************************************************************/ @@ -238,7 +261,7 @@ _libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashSHA384, \ typedef struct __libssh2_wincng_key_ctx { BCRYPT_KEY_HANDLE hKey; - unsigned char *pbKeyObject; + void *pbKeyObject; unsigned long cbKeyObject; } _libssh2_wincng_key_ctx; @@ -251,21 +274,25 @@ typedef struct __libssh2_wincng_key_ctx { #define _libssh2_rsa_new(rsactx, e, e_len, n, n_len, \ d, d_len, p, p_len, q, q_len, \ e1, e1_len, e2, e2_len, c, c_len) \ - _libssh2_wincng_rsa_new(rsactx, e, e_len, n, n_len, \ - d, d_len, p, p_len, q, q_len, \ - e1, e1_len, e2, e2_len, c, c_len) + _libssh2_wincng_rsa_new(rsactx, e, e_len, n, n_len, \ + d, d_len, p, p_len, q, q_len, \ + e1, e1_len, e2, e2_len, c, c_len) #define _libssh2_rsa_new_private(rsactx, s, filename, passphrase) \ - _libssh2_wincng_rsa_new_private(rsactx, s, filename, passphrase) + _libssh2_wincng_rsa_new_private(rsactx, s, filename, passphrase) #define _libssh2_rsa_new_private_frommemory(rsactx, s, filedata, \ filedata_len, passphrase) \ - _libssh2_wincng_rsa_new_private_frommemory(rsactx, s, filedata, \ - filedata_len, passphrase) + _libssh2_wincng_rsa_new_private_frommemory(rsactx, s, filedata, \ + filedata_len, passphrase) #define _libssh2_rsa_sha1_sign(s, rsactx, hash, hash_len, sig, sig_len) \ - _libssh2_wincng_rsa_sha1_sign(s, rsactx, hash, hash_len, sig, sig_len) + _libssh2_wincng_rsa_sha_sign(s, rsactx, hash, hash_len, sig, sig_len) +#define _libssh2_rsa_sha2_sign(s, rsactx, hash, hash_len, sig, sig_len) \ + _libssh2_wincng_rsa_sha_sign(s, rsactx, hash, hash_len, sig, sig_len) #define _libssh2_rsa_sha1_verify(rsactx, sig, sig_len, m, m_len) \ - _libssh2_wincng_rsa_sha1_verify(rsactx, sig, sig_len, m, m_len) + _libssh2_wincng_rsa_sha1_verify(rsactx, sig, sig_len, m, m_len) +#define _libssh2_rsa_sha2_verify(rsactx, hash_len, sig, sig_len, m, m_len) \ + _libssh2_wincng_rsa_sha2_verify(rsactx, hash_len, sig, sig_len, m, m_len) #define _libssh2_rsa_free(rsactx) \ - _libssh2_wincng_rsa_free(rsactx) + _libssh2_wincng_rsa_free(rsactx) /* * Windows CNG backend: DSA functions @@ -274,32 +301,35 @@ typedef struct __libssh2_wincng_key_ctx { #define libssh2_dsa_ctx _libssh2_wincng_key_ctx #define _libssh2_dsa_new(dsactx, p, p_len, q, q_len, \ g, g_len, y, y_len, x, x_len) \ - _libssh2_wincng_dsa_new(dsactx, p, p_len, q, q_len, \ - g, g_len, y, y_len, x, x_len) + _libssh2_wincng_dsa_new(dsactx, p, p_len, q, q_len, \ + g, g_len, y, y_len, x, x_len) #define _libssh2_dsa_new_private(dsactx, s, filename, passphrase) \ - _libssh2_wincng_dsa_new_private(dsactx, s, filename, passphrase) + _libssh2_wincng_dsa_new_private(dsactx, s, filename, passphrase) #define _libssh2_dsa_new_private_frommemory(dsactx, s, filedata, \ filedata_len, passphrase) \ - _libssh2_wincng_dsa_new_private_frommemory(dsactx, s, filedata, \ - filedata_len, passphrase) + _libssh2_wincng_dsa_new_private_frommemory(dsactx, s, filedata, \ + filedata_len, passphrase) #define _libssh2_dsa_sha1_sign(dsactx, hash, hash_len, sig) \ - _libssh2_wincng_dsa_sha1_sign(dsactx, hash, hash_len, sig) + _libssh2_wincng_dsa_sha1_sign(dsactx, hash, hash_len, sig) #define _libssh2_dsa_sha1_verify(dsactx, sig, m, m_len) \ - _libssh2_wincng_dsa_sha1_verify(dsactx, sig, m, m_len) + _libssh2_wincng_dsa_sha1_verify(dsactx, sig, m, m_len) #define _libssh2_dsa_free(dsactx) \ - _libssh2_wincng_dsa_free(dsactx) + _libssh2_wincng_dsa_free(dsactx) /* * Windows CNG backend: Key functions */ #define _libssh2_pub_priv_keyfile(s, m, m_len, p, p_len, pk, pw) \ - _libssh2_wincng_pub_priv_keyfile(s, m, m_len, p, p_len, pk, pw) + _libssh2_wincng_pub_priv_keyfile(s, m, m_len, p, p_len, pk, pw) #define _libssh2_pub_priv_keyfilememory(s, m, m_len, p, p_len, \ - pk, pk_len, pw) \ - _libssh2_wincng_pub_priv_keyfilememory(s, m, m_len, p, p_len, \ - pk, pk_len, pw) - + pk, pk_len, pw) \ + _libssh2_wincng_pub_priv_keyfilememory(s, m, m_len, p, p_len, \ + pk, pk_len, pw) +#define _libssh2_sk_pub_keyfilememory(s, m, m_len, p, p_len, alg, app, \ + f, kh, kh_len, pk, pk_len, pw) \ + _libssh2_wincng_sk_pub_keyfilememory(s, m, m_len, p, p_len, alg, app, \ + f, kh, kh_len, pk, pk_len, pw) /*******************************************************************/ /* @@ -336,22 +366,22 @@ struct _libssh2_wincng_cipher_type { #define _libssh2_cipher_aes256ctr { &_libssh2_wincng.hAlgAES_ECB, 32, 0, 1 } #define _libssh2_cipher_aes192ctr { &_libssh2_wincng.hAlgAES_ECB, 24, 0, 1 } #define _libssh2_cipher_aes128ctr { &_libssh2_wincng.hAlgAES_ECB, 16, 0, 1 } -#define _libssh2_cipher_aes256 { &_libssh2_wincng.hAlgAES_CBC, 32, 1, 0 } -#define _libssh2_cipher_aes192 { &_libssh2_wincng.hAlgAES_CBC, 24, 1, 0 } -#define _libssh2_cipher_aes128 { &_libssh2_wincng.hAlgAES_CBC, 16, 1, 0 } -#define _libssh2_cipher_arcfour { &_libssh2_wincng.hAlgRC4_NA, 16, 0, 0 } -#define _libssh2_cipher_3des { &_libssh2_wincng.hAlg3DES_CBC, 24, 1, 0 } +#define _libssh2_cipher_aes256 { &_libssh2_wincng.hAlgAES_CBC, 32, 1, 0 } +#define _libssh2_cipher_aes192 { &_libssh2_wincng.hAlgAES_CBC, 24, 1, 0 } +#define _libssh2_cipher_aes128 { &_libssh2_wincng.hAlgAES_CBC, 16, 1, 0 } +#define _libssh2_cipher_arcfour { &_libssh2_wincng.hAlgRC4_NA, 16, 0, 0 } +#define _libssh2_cipher_3des { &_libssh2_wincng.hAlg3DES_CBC, 24, 1, 0 } /* * Windows CNG backend: Cipher functions */ #define _libssh2_cipher_init(ctx, type, iv, secret, encrypt) \ - _libssh2_wincng_cipher_init(ctx, type, iv, secret, encrypt) -#define _libssh2_cipher_crypt(ctx, type, encrypt, block, blocklen) \ - _libssh2_wincng_cipher_crypt(ctx, type, encrypt, block, blocklen) + _libssh2_wincng_cipher_init(ctx, type, iv, secret, encrypt) +#define _libssh2_cipher_crypt(ctx, type, encrypt, block, blocklen, fl) \ + _libssh2_wincng_cipher_crypt(ctx, type, encrypt, block, blocklen, fl) #define _libssh2_cipher_dtor(ctx) \ - _libssh2_wincng_cipher_dtor(ctx) + _libssh2_wincng_cipher_dtor(ctx) /*******************************************************************/ /* @@ -382,25 +412,33 @@ struct _libssh2_wincng_bignum { _libssh2_bn *_libssh2_wincng_bignum_init(void); #define _libssh2_bn_init() \ - _libssh2_wincng_bignum_init() + _libssh2_wincng_bignum_init() #define _libssh2_bn_init_from_bin() \ - _libssh2_bn_init() + _libssh2_bn_init() #define _libssh2_bn_set_word(bn, word) \ - _libssh2_wincng_bignum_set_word(bn, word) + _libssh2_wincng_bignum_set_word(bn, word) #define _libssh2_bn_from_bin(bn, len, bin) \ - _libssh2_wincng_bignum_from_bin(bn, len, bin) + _libssh2_wincng_bignum_from_bin(bn, (unsigned long) len, bin) #define _libssh2_bn_to_bin(bn, bin) \ - _libssh2_wincng_bignum_to_bin(bn, bin) + _libssh2_wincng_bignum_to_bin(bn, bin) #define _libssh2_bn_bytes(bn) bn->length #define _libssh2_bn_bits(bn) \ - _libssh2_wincng_bignum_bits(bn) + _libssh2_wincng_bignum_bits(bn) #define _libssh2_bn_free(bn) \ - _libssh2_wincng_bignum_free(bn) + _libssh2_wincng_bignum_free(bn) /* * Windows CNG backend: Diffie-Hellman support */ +/* Default generate and safe prime sizes for + diffie-hellman-group-exchange-sha1 */ +#define LIBSSH2_DH_GEX_MINGROUP 2048 +#define LIBSSH2_DH_GEX_OPTGROUP 4096 +#define LIBSSH2_DH_GEX_MAXGROUP 8192 + +#define LIBSSH2_DH_MAX_MODULUS_BITS 16384 + typedef struct { /* holds our private and public key components */ BCRYPT_KEY_HANDLE dh_handle; @@ -409,14 +447,14 @@ typedef struct { BCRYPT_DH_PARAMETER_HEADER *dh_params; /* records the parsed out private key component for * fallback if the DH API raw KDF is not supported */ - struct _libssh2_wincng_bignum *bn; + struct _libssh2_wincng_bignum *dh_privbn; } _libssh2_dh_ctx; #define libssh2_dh_init(dhctx) _libssh2_dh_init(dhctx) #define libssh2_dh_key_pair(dhctx, public, g, p, group_order, bnctx) \ - _libssh2_dh_key_pair(dhctx, public, g, p, group_order) + _libssh2_dh_key_pair(dhctx, public, g, p, group_order) #define libssh2_dh_secret(dhctx, secret, f, p, bnctx) \ - _libssh2_dh_secret(dhctx, secret, f, p) + _libssh2_dh_secret(dhctx, secret, f, p) #define libssh2_dh_dtor(dhctx) _libssh2_dh_dtor(dhctx) /*******************************************************************/ @@ -425,7 +463,7 @@ typedef struct { */ void _libssh2_wincng_init(void); void _libssh2_wincng_free(void); -int _libssh2_wincng_random(void *buf, int len); +int _libssh2_wincng_random(void *buf, size_t len); int _libssh2_wincng_hash_init(_libssh2_wincng_hash_ctx *ctx, @@ -438,7 +476,7 @@ int _libssh2_wincng_hash_final(_libssh2_wincng_hash_ctx *ctx, unsigned char *hash); int -_libssh2_wincng_hash(unsigned char *data, unsigned long datalen, +_libssh2_wincng_hash(const unsigned char *data, unsigned long datalen, BCRYPT_ALG_HANDLE hAlg, unsigned char *hash, unsigned long hashlen); @@ -449,12 +487,13 @@ void _libssh2_wincng_hmac_cleanup(_libssh2_wincng_hash_ctx *ctx); int -_libssh2_wincng_key_sha1_verify(_libssh2_wincng_key_ctx *ctx, - const unsigned char *sig, - unsigned long sig_len, - const unsigned char *m, - unsigned long m_len, - unsigned long flags); +_libssh2_wincng_key_sha_verify(_libssh2_wincng_key_ctx *ctx, + unsigned long hashlen, + const unsigned char *sig, + unsigned long sig_len, + const unsigned char *m, + unsigned long m_len, + unsigned long flags); int _libssh2_wincng_rsa_new(libssh2_rsa_ctx **rsa, @@ -488,16 +527,16 @@ _libssh2_wincng_rsa_new_private_frommemory(libssh2_rsa_ctx **rsa, int _libssh2_wincng_rsa_sha1_verify(libssh2_rsa_ctx *rsa, const unsigned char *sig, - unsigned long sig_len, + size_t sig_len, const unsigned char *m, - unsigned long m_len); + size_t m_len); int -_libssh2_wincng_rsa_sha1_sign(LIBSSH2_SESSION *session, - libssh2_rsa_ctx *rsa, - const unsigned char *hash, - size_t hash_len, - unsigned char **signature, - size_t *signature_len); +_libssh2_wincng_rsa_sha_sign(LIBSSH2_SESSION *session, + libssh2_rsa_ctx *rsa, + const unsigned char *hash, + size_t hash_len, + unsigned char **signature, + size_t *signature_len); void _libssh2_wincng_rsa_free(libssh2_rsa_ctx *rsa); @@ -529,7 +568,7 @@ int _libssh2_wincng_dsa_sha1_verify(libssh2_dsa_ctx *dsa, const unsigned char *sig_fixed, const unsigned char *m, - unsigned long m_len); + size_t m_len); int _libssh2_wincng_dsa_sha1_sign(libssh2_dsa_ctx *dsa, const unsigned char *hash, @@ -568,7 +607,7 @@ _libssh2_wincng_cipher_crypt(_libssh2_cipher_ctx *ctx, _libssh2_cipher_type(type), int encrypt, unsigned char *block, - size_t blocklen); + size_t blocklen, int firstlast); void _libssh2_wincng_cipher_dtor(_libssh2_cipher_ctx *ctx); diff --git a/libssh2/tap-driver.sh b/libssh2/tap-driver.sh new file mode 100755 index 000000000..fea066f56 --- /dev/null +++ b/libssh2/tap-driver.sh @@ -0,0 +1,651 @@ +#! /bin/sh +# Copyright (C) 2011-2021 Free Software Foundation, Inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + +# This file is maintained in Automake, please report +# bugs to or send patches to +# . + +scriptversion=2013-12-23.17; # UTC + +# Make unconditional expansion of undefined variables an error. This +# helps a lot in preventing typo-related bugs. +set -u + +me=tap-driver.sh + +fatal () +{ + echo "$me: fatal: $*" >&2 + exit 1 +} + +usage_error () +{ + echo "$me: $*" >&2 + print_usage >&2 + exit 2 +} + +print_usage () +{ + cat < + # + trap : 1 3 2 13 15 + if test $merge -gt 0; then + exec 2>&1 + else + exec 2>&3 + fi + "$@" + echo $? + ) | LC_ALL=C ${AM_TAP_AWK-awk} \ + -v me="$me" \ + -v test_script_name="$test_name" \ + -v log_file="$log_file" \ + -v trs_file="$trs_file" \ + -v expect_failure="$expect_failure" \ + -v merge="$merge" \ + -v ignore_exit="$ignore_exit" \ + -v comments="$comments" \ + -v diag_string="$diag_string" \ +' +# TODO: the usages of "cat >&3" below could be optimized when using +# GNU awk, and/on on systems that supports /dev/fd/. + +# Implementation note: in what follows, `result_obj` will be an +# associative array that (partly) simulates a TAP result object +# from the `TAP::Parser` perl module. + +## ----------- ## +## FUNCTIONS ## +## ----------- ## + +function fatal(msg) +{ + print me ": " msg | "cat >&2" + exit 1 +} + +function abort(where) +{ + fatal("internal error " where) +} + +# Convert a boolean to a "yes"/"no" string. +function yn(bool) +{ + return bool ? "yes" : "no"; +} + +function add_test_result(result) +{ + if (!test_results_index) + test_results_index = 0 + test_results_list[test_results_index] = result + test_results_index += 1 + test_results_seen[result] = 1; +} + +# Whether the test script should be re-run by "make recheck". +function must_recheck() +{ + for (k in test_results_seen) + if (k != "XFAIL" && k != "PASS" && k != "SKIP") + return 1 + return 0 +} + +# Whether the content of the log file associated to this test should +# be copied into the "global" test-suite.log. +function copy_in_global_log() +{ + for (k in test_results_seen) + if (k != "PASS") + return 1 + return 0 +} + +function get_global_test_result() +{ + if ("ERROR" in test_results_seen) + return "ERROR" + if ("FAIL" in test_results_seen || "XPASS" in test_results_seen) + return "FAIL" + all_skipped = 1 + for (k in test_results_seen) + if (k != "SKIP") + all_skipped = 0 + if (all_skipped) + return "SKIP" + return "PASS"; +} + +function stringify_result_obj(result_obj) +{ + if (result_obj["is_unplanned"] || result_obj["number"] != testno) + return "ERROR" + + if (plan_seen == LATE_PLAN) + return "ERROR" + + if (result_obj["directive"] == "TODO") + return result_obj["is_ok"] ? "XPASS" : "XFAIL" + + if (result_obj["directive"] == "SKIP") + return result_obj["is_ok"] ? "SKIP" : COOKED_FAIL; + + if (length(result_obj["directive"])) + abort("in function stringify_result_obj()") + + return result_obj["is_ok"] ? COOKED_PASS : COOKED_FAIL +} + +function decorate_result(result) +{ + color_name = color_for_result[result] + if (color_name) + return color_map[color_name] "" result "" color_map["std"] + # If we are not using colorized output, or if we do not know how + # to colorize the given result, we should return it unchanged. + return result +} + +function report(result, details) +{ + if (result ~ /^(X?(PASS|FAIL)|SKIP|ERROR)/) + { + msg = ": " test_script_name + add_test_result(result) + } + else if (result == "#") + { + msg = " " test_script_name ":" + } + else + { + abort("in function report()") + } + if (length(details)) + msg = msg " " details + # Output on console might be colorized. + print decorate_result(result) msg + # Log the result in the log file too, to help debugging (this is + # especially true when said result is a TAP error or "Bail out!"). + print result msg | "cat >&3"; +} + +function testsuite_error(error_message) +{ + report("ERROR", "- " error_message) +} + +function handle_tap_result() +{ + details = result_obj["number"]; + if (length(result_obj["description"])) + details = details " " result_obj["description"] + + if (plan_seen == LATE_PLAN) + { + details = details " # AFTER LATE PLAN"; + } + else if (result_obj["is_unplanned"]) + { + details = details " # UNPLANNED"; + } + else if (result_obj["number"] != testno) + { + details = sprintf("%s # OUT-OF-ORDER (expecting %d)", + details, testno); + } + else if (result_obj["directive"]) + { + details = details " # " result_obj["directive"]; + if (length(result_obj["explanation"])) + details = details " " result_obj["explanation"] + } + + report(stringify_result_obj(result_obj), details) +} + +# `skip_reason` should be empty whenever planned > 0. +function handle_tap_plan(planned, skip_reason) +{ + planned += 0 # Avoid getting confused if, say, `planned` is "00" + if (length(skip_reason) && planned > 0) + abort("in function handle_tap_plan()") + if (plan_seen) + { + # Error, only one plan per stream is acceptable. + testsuite_error("multiple test plans") + return; + } + planned_tests = planned + # The TAP plan can come before or after *all* the TAP results; we speak + # respectively of an "early" or a "late" plan. If we see the plan line + # after at least one TAP result has been seen, assume we have a late + # plan; in this case, any further test result seen after the plan will + # be flagged as an error. + plan_seen = (testno >= 1 ? LATE_PLAN : EARLY_PLAN) + # If testno > 0, we have an error ("too many tests run") that will be + # automatically dealt with later, so do not worry about it here. If + # $plan_seen is true, we have an error due to a repeated plan, and that + # has already been dealt with above. Otherwise, we have a valid "plan + # with SKIP" specification, and should report it as a particular kind + # of SKIP result. + if (planned == 0 && testno == 0) + { + if (length(skip_reason)) + skip_reason = "- " skip_reason; + report("SKIP", skip_reason); + } +} + +function extract_tap_comment(line) +{ + if (index(line, diag_string) == 1) + { + # Strip leading `diag_string` from `line`. + line = substr(line, length(diag_string) + 1) + # And strip any leading and trailing whitespace left. + sub("^[ \t]*", "", line) + sub("[ \t]*$", "", line) + # Return what is left (if any). + return line; + } + return ""; +} + +# When this function is called, we know that line is a TAP result line, +# so that it matches the (perl) RE "^(not )?ok\b". +function setup_result_obj(line) +{ + # Get the result, and remove it from the line. + result_obj["is_ok"] = (substr(line, 1, 2) == "ok" ? 1 : 0) + sub("^(not )?ok[ \t]*", "", line) + + # If the result has an explicit number, get it and strip it; otherwise, + # automatically assign the next test number to it. + if (line ~ /^[0-9]+$/ || line ~ /^[0-9]+[^a-zA-Z0-9_]/) + { + match(line, "^[0-9]+") + # The final `+ 0` is to normalize numbers with leading zeros. + result_obj["number"] = substr(line, 1, RLENGTH) + 0 + line = substr(line, RLENGTH + 1) + } + else + { + result_obj["number"] = testno + } + + if (plan_seen == LATE_PLAN) + # No further test results are acceptable after a "late" TAP plan + # has been seen. + result_obj["is_unplanned"] = 1 + else if (plan_seen && testno > planned_tests) + result_obj["is_unplanned"] = 1 + else + result_obj["is_unplanned"] = 0 + + # Strip trailing and leading whitespace. + sub("^[ \t]*", "", line) + sub("[ \t]*$", "", line) + + # This will have to be corrected if we have a "TODO"/"SKIP" directive. + result_obj["description"] = line + result_obj["directive"] = "" + result_obj["explanation"] = "" + + if (index(line, "#") == 0) + return # No possible directive, nothing more to do. + + # Directives are case-insensitive. + rx = "[ \t]*#[ \t]*([tT][oO][dD][oO]|[sS][kK][iI][pP])[ \t]*" + + # See whether we have the directive, and if yes, where. + pos = match(line, rx "$") + if (!pos) + pos = match(line, rx "[^a-zA-Z0-9_]") + + # If there was no TAP directive, we have nothing more to do. + if (!pos) + return + + # Let`s now see if the TAP directive has been escaped. For example: + # escaped: ok \# SKIP + # not escaped: ok \\# SKIP + # escaped: ok \\\\\# SKIP + # not escaped: ok \ # SKIP + if (substr(line, pos, 1) == "#") + { + bslash_count = 0 + for (i = pos; i > 1 && substr(line, i - 1, 1) == "\\"; i--) + bslash_count += 1 + if (bslash_count % 2) + return # Directive was escaped. + } + + # Strip the directive and its explanation (if any) from the test + # description. + result_obj["description"] = substr(line, 1, pos - 1) + # Now remove the test description from the line, that has been dealt + # with already. + line = substr(line, pos) + # Strip the directive, and save its value (normalized to upper case). + sub("^[ \t]*#[ \t]*", "", line) + result_obj["directive"] = toupper(substr(line, 1, 4)) + line = substr(line, 5) + # Now get the explanation for the directive (if any), with leading + # and trailing whitespace removed. + sub("^[ \t]*", "", line) + sub("[ \t]*$", "", line) + result_obj["explanation"] = line +} + +function get_test_exit_message(status) +{ + if (status == 0) + return "" + if (status !~ /^[1-9][0-9]*$/) + abort("getting exit status") + if (status < 127) + exit_details = "" + else if (status == 127) + exit_details = " (command not found?)" + else if (status >= 128 && status <= 255) + exit_details = sprintf(" (terminated by signal %d?)", status - 128) + else if (status > 256 && status <= 384) + # We used to report an "abnormal termination" here, but some Korn + # shells, when a child process die due to signal number n, can leave + # in $? an exit status of 256+n instead of the more standard 128+n. + # Apparently, both behaviours are allowed by POSIX (2008), so be + # prepared to handle them both. See also Austing Group report ID + # 0000051 + exit_details = sprintf(" (terminated by signal %d?)", status - 256) + else + # Never seen in practice. + exit_details = " (abnormal termination)" + return sprintf("exited with status %d%s", status, exit_details) +} + +function write_test_results() +{ + print ":global-test-result: " get_global_test_result() > trs_file + print ":recheck: " yn(must_recheck()) > trs_file + print ":copy-in-global-log: " yn(copy_in_global_log()) > trs_file + for (i = 0; i < test_results_index; i += 1) + print ":test-result: " test_results_list[i] > trs_file + close(trs_file); +} + +BEGIN { + +## ------- ## +## SETUP ## +## ------- ## + +'"$init_colors"' + +# Properly initialized once the TAP plan is seen. +planned_tests = 0 + +COOKED_PASS = expect_failure ? "XPASS": "PASS"; +COOKED_FAIL = expect_failure ? "XFAIL": "FAIL"; + +# Enumeration-like constants to remember which kind of plan (if any) +# has been seen. It is important that NO_PLAN evaluates "false" as +# a boolean. +NO_PLAN = 0 +EARLY_PLAN = 1 +LATE_PLAN = 2 + +testno = 0 # Number of test results seen so far. +bailed_out = 0 # Whether a "Bail out!" directive has been seen. + +# Whether the TAP plan has been seen or not, and if yes, which kind +# it is ("early" is seen before any test result, "late" otherwise). +plan_seen = NO_PLAN + +## --------- ## +## PARSING ## +## --------- ## + +is_first_read = 1 + +while (1) + { + # Involutions required so that we are able to read the exit status + # from the last input line. + st = getline + if (st < 0) # I/O error. + fatal("I/O error while reading from input stream") + else if (st == 0) # End-of-input + { + if (is_first_read) + abort("in input loop: only one input line") + break + } + if (is_first_read) + { + is_first_read = 0 + nextline = $0 + continue + } + else + { + curline = nextline + nextline = $0 + $0 = curline + } + # Copy any input line verbatim into the log file. + print | "cat >&3" + # Parsing of TAP input should stop after a "Bail out!" directive. + if (bailed_out) + continue + + # TAP test result. + if ($0 ~ /^(not )?ok$/ || $0 ~ /^(not )?ok[^a-zA-Z0-9_]/) + { + testno += 1 + setup_result_obj($0) + handle_tap_result() + } + # TAP plan (normal or "SKIP" without explanation). + else if ($0 ~ /^1\.\.[0-9]+[ \t]*$/) + { + # The next two lines will put the number of planned tests in $0. + sub("^1\\.\\.", "") + sub("[^0-9]*$", "") + handle_tap_plan($0, "") + continue + } + # TAP "SKIP" plan, with an explanation. + else if ($0 ~ /^1\.\.0+[ \t]*#/) + { + # The next lines will put the skip explanation in $0, stripping + # any leading and trailing whitespace. This is a little more + # tricky in truth, since we want to also strip a potential leading + # "SKIP" string from the message. + sub("^[^#]*#[ \t]*(SKIP[: \t][ \t]*)?", "") + sub("[ \t]*$", ""); + handle_tap_plan(0, $0) + } + # "Bail out!" magic. + # Older versions of prove and TAP::Harness (e.g., 3.17) did not + # recognize a "Bail out!" directive when preceded by leading + # whitespace, but more modern versions (e.g., 3.23) do. So we + # emulate the latter, "more modern" behaviour. + else if ($0 ~ /^[ \t]*Bail out!/) + { + bailed_out = 1 + # Get the bailout message (if any), with leading and trailing + # whitespace stripped. The message remains stored in `$0`. + sub("^[ \t]*Bail out![ \t]*", ""); + sub("[ \t]*$", ""); + # Format the error message for the + bailout_message = "Bail out!" + if (length($0)) + bailout_message = bailout_message " " $0 + testsuite_error(bailout_message) + } + # Maybe we have too look for dianogtic comments too. + else if (comments != 0) + { + comment = extract_tap_comment($0); + if (length(comment)) + report("#", comment); + } + } + +## -------- ## +## FINISH ## +## -------- ## + +# A "Bail out!" directive should cause us to ignore any following TAP +# error, as well as a non-zero exit status from the TAP producer. +if (!bailed_out) + { + if (!plan_seen) + { + testsuite_error("missing test plan") + } + else if (planned_tests != testno) + { + bad_amount = testno > planned_tests ? "many" : "few" + testsuite_error(sprintf("too %s tests run (expected %d, got %d)", + bad_amount, planned_tests, testno)) + } + if (!ignore_exit) + { + # Fetch exit status from the last line. + exit_message = get_test_exit_message(nextline) + if (exit_message) + testsuite_error(exit_message) + } + } + +write_test_results() + +exit 0 + +} # End of "BEGIN" block. +' + +# TODO: document that we consume the file descriptor 3 :-( +} 3>"$log_file" + +test $? -eq 0 || fatal "I/O or internal error" + +# Local Variables: +# mode: shell-script +# sh-indentation: 2 +# eval: (add-hook 'before-save-hook 'time-stamp) +# time-stamp-start: "scriptversion=" +# time-stamp-format: "%:y-%02m-%02d.%02H" +# time-stamp-time-zone: "UTC0" +# time-stamp-end: "; # UTC" +# End: diff --git a/libssh2/test-driver b/libssh2/test-driver index 9759384aa..be73b80ad 100755 --- a/libssh2/test-driver +++ b/libssh2/test-driver @@ -3,7 +3,7 @@ scriptversion=2018-03-07.03; # UTC -# Copyright (C) 2011-2020 Free Software Foundation, Inc. +# Copyright (C) 2011-2021 Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -105,8 +105,11 @@ trap "st=130; $do_exit" 2 trap "st=141; $do_exit" 13 trap "st=143; $do_exit" 15 -# Test script is run here. -"$@" >$log_file 2>&1 +# Test script is run here. We create the file first, then append to it, +# to ameliorate tests themselves also writing to the log file. Our tests +# don't, but others can (automake bug#35762). +: >"$log_file" +"$@" >>"$log_file" 2>&1 estatus=$? if test $enable_hard_errors = no && test $estatus -eq 99; then @@ -128,7 +131,7 @@ esac # know whether the test passed or failed simply by looking at the '.log' # file, without the need of also peaking into the corresponding '.trs' # file (automake bug#11814). -echo "$res $test_name (exit status: $estatus)" >>$log_file +echo "$res $test_name (exit status: $estatus)" >>"$log_file" # Report outcome to console. echo "${col}${res}${std}: $test_name" diff --git a/libssh2/vms/libssh2_config.h b/libssh2/vms/libssh2_config.h index b8f73e272..34d66c3b4 100644 --- a/libssh2/vms/libssh2_config.h +++ b/libssh2/vms/libssh2_config.h @@ -8,28 +8,28 @@ #define ssize_t SSIZE_T -typedef unsigned int uint32_t ; +typedef unsigned int uint32_t; typedef unsigned int socklen_t; /* missing in headers on VMS */ /* Have's */ #define HAVE_UNISTD_H -#define HAVE_STDLIB_H #define HAVE_INTTYPES_H #define HAVE_SYS_TIME_H #define HAVE_SELECT #define HAVE_UIO -#define HAVE_SYS_SOCKET.H +#define HAVE_SYS_SOCKET_H #define HAVE_NETINET_IN_H #define HAVE_ARPA_INET_H #define HAVE_GETTIMEOFDAY 1 +#define HAVE_SNPRINTF 1 #define POSIX_C_SOURCE /* Enable the possibility of using tracing */ - + #define LIBSSH2DEBUG 1 /* For selection of proper block/unblock function in session.c */ @@ -38,23 +38,23 @@ typedef unsigned int socklen_t; /* missing in headers on VMS */ #include -/* In VMS TCP/IP Services and some BSD variants SO_STATE retrieves - * a bitmask revealing amongst others the blocking state of the +/* In VMS TCP/IP Services and some BSD variants SO_STATE retrieves + * a bitmask revealing amongst others the blocking state of the * socket. On VMS the bits are undocumented, but SS_NBIO - * works, I did not test the other bits. Below bitdefs are - * from Berkely source socketvar.h at + * works, I did not test the other bits. Below bitdefs are + * from Berkely source socketvar.h at * http://ftp.fibranet.cat/UnixArchive/PDP-11/Trees/2.11BSD/sys/h/socketvar.h * Socket state bits. - * #define SS_NOFDREF 0x001 no file table ref any more - * #define SS_ISCONNECTED 0x002 socket connected to a peer - * #define SS_ISCONNECTING 0x004 in process of connecting to peer - * #define SS_ISDISCONNECTING 0x008 in process of disconnecting - * #define SS_CANTSENDMORE 0x010 can't send more data to peer - * #define SS_CANTRCVMORE 0x020 can't receive more data from peer - * #define SS_RCVATMARK 0x040 at mark on input - * #define SS_PRIV 0x080 privileged for broadcast, raw... - * #define SS_NBIO 0x100 non-blocking ops - * #define SS_ASYNC 0x200 async i/o notify + * #define SS_NOFDREF 0x001 no file table ref any more + * #define SS_ISCONNECTED 0x002 socket connected to a peer + * #define SS_ISCONNECTING 0x004 in process of connecting to peer + * #define SS_ISDISCONNECTING 0x008 in process of disconnecting + * #define SS_CANTSENDMORE 0x010 can't send more data to peer + * #define SS_CANTRCVMORE 0x020 can't receive more data from peer + * #define SS_RCVATMARK 0x040 at mark on input + * #define SS_PRIV 0x080 privileged for broadcast, raw... + * #define SS_NBIO 0x100 non-blocking ops + * #define SS_ASYNC 0x200 async i/o notify * */ @@ -64,10 +64,10 @@ typedef unsigned int socklen_t; /* missing in headers on VMS */ * When running on Multinet, SO_STATE renders a protocol * not started error. Functionally this has no impact, * apart from libssh2 not being able to restore the socket - * to the proper blocking/non-blocking state. + * to the proper blocking/non-blocking state. */ -#define SS_NBIO 0x100 +#define SS_NBIO 0x100 #endif @@ -80,9 +80,5 @@ typedef unsigned int socklen_t; /* missing in headers on VMS */ #define LIBSSH2_HAVE_ZLIB -/* Enable newer diffie-hellman-group-exchange-sha1 syntax */ - -#define LIBSSH2_DH_GEX_NEW 1 - #endif /* __VMS */ -#endif /* LIBSSH2_CONFIG_H */ +#endif /* LIBSSH2_CONFIG_H */ diff --git a/libssh2/vms/libssh2_make_example.dcl b/libssh2/vms/libssh2_make_example.dcl index af4116dd5..17e719620 100644 --- a/libssh2/vms/libssh2_make_example.dcl +++ b/libssh2/vms/libssh2_make_example.dcl @@ -8,9 +8,9 @@ $ if .not. init_status then goto YExit $! $ if what .eqs. "ALL" $ then -$ call MakeAll +$ call MakeAll $ else -$ call Make +$ call Make $endif $! $YExit: @@ -19,7 +19,7 @@ $! deassign exadir $! deassign objdir $ delete 'link_opts';* $ set default 'olddir' -$exit +$exit $MakeAll: subroutine $! @@ -45,14 +45,14 @@ $ set noon $! $ cc 'cc_include' 'cc_flags'/object=objdir:'what' exadir:'what' $ sev = $severity -$ if sev .and. 2 +$ if sev .and. 2 $ then -$ say "Error compiling ''what', not linked." +$ say "Error compiling ''what', not linked." $ else -$ if .not. (sev .and. 1) -$ then -$ say "Compile warnings in ''what'" -$ endif +$ if .not. (sev .and. 1) +$ then +$ say "Compile warnings in ''what'" +$ endif $ link/exe='what'.exe objdir:'what'.obj, 'link_opts'/opt $ endif $! @@ -60,15 +60,15 @@ $! $End: $ delete objdir:'what'.obj;* $exit -$endsubroutine +$endsubroutine -$Init: +$Init: $! $! $ init_status = 1 $ thisid = f$integer( %x'f$getjpi(0,"pid")') + "''f$cvtime(,,"second")'" -$ mdir = f$environment("procedure") +$ mdir = f$environment("procedure") $ mdir = mdir - f$parse(mdir,,,"name") - f$parse(mdir,,,"type") - f$parse(mdir,,,"version") $ set default 'mdir' $! @@ -78,7 +78,7 @@ $! $ objdirfile = objdir - "[." - "]" + ".dir" $ if f$search( objdirfile ) .eqs. "" $ then -$ create/directory 'objdir' +$ create/directory 'objdir' $ endif $! $ define objdir 'objdir' @@ -89,17 +89,17 @@ $ cc_flags = "/name=shortened/show=all/define=(_USE_STD_STAT=1)" $ link_opts = "objdir:libssh2_''thisid'.opt" $! $! -$ what = "''p1'" -$ if what .eqs. "" .or. f$edit(p1,"trim,collapse,upcase") .eqs. "ALL" -$ then -$ what = "ALL" +$ what = "''p1'" +$ if what .eqs. "" .or. f$edit(p1,"trim,collapse,upcase") .eqs. "ALL" +$ then +$ what = "ALL" $ else -$ what = f$parse(what,,,"name") -$ if f$search("exadir:''what'.c") .eqs. "" -$ then -$ write sys$output "Can't make ''what'" -$ init_status = 0 -$ endif +$ what = f$parse(what,,,"name") +$ if f$search("exadir:''what'.c") .eqs. "" +$ then +$ write sys$output "Can't make ''what'" +$ init_status = 0 +$ endif $ endif $! $ currentlib = f$search("libssh2*.exe") @@ -107,19 +107,19 @@ $! $ define libssh2 'currentlib' $! $ how = "''p2'" -$ if how .eqs. "" .or. f$edit(p2,"trim,collapse,upcase") .eqs. "STATIC" +$ if how .eqs. "" .or. f$edit(p2,"trim,collapse,upcase") .eqs. "STATIC" $ then -$ open/write lout 'link_opts' -$ write lout "libssh2.olb/lib" -$ write lout "sys$share:ssl$libcrypto_shr32.exe/share" -$ write lout "sys$share:ssl$libssl_shr32.exe/share" -$ write lout "gnv$libzshr/share" -$ close lout +$ open/write lout 'link_opts' +$ write lout "libssh2.olb/lib" +$ write lout "sys$share:ssl$libcrypto_shr32.exe/share" +$ write lout "sys$share:ssl$libssl_shr32.exe/share" +$ write lout "gnv$libzshr/share" +$ close lout $ else -$ how = "SHARED" -$ open/write lout 'link_opts' -$ write lout "libssh2/share" -$ close lout -$ endif +$ how = "SHARED" +$ open/write lout 'link_opts' +$ write lout "libssh2/share" +$ close lout +$ endif $! $return diff --git a/libssh2/vms/libssh2_make_help.dcl b/libssh2/vms/libssh2_make_help.dcl index 652671da3..34bbb0522 100644 --- a/libssh2/vms/libssh2_make_help.dcl +++ b/libssh2/vms/libssh2_make_help.dcl @@ -26,8 +26,8 @@ $ man2help -a [-]COPYING.; libssh2.hlp -b 2 $ man2help -a [-]NEWS.; libssh2.hlp -b 2 $ man2help -a [-]RELEASE-NOTES.; libssh2.hlp -b 2 $ man2help -a [-.docs]AUTHORS.; libssh2.hlp -b 2 -$ man2help -a [-.docs]BINDINGS.; libssh2.hlp -b 2 -$ man2help -a [-.docs]HACKING.; libssh2.hlp -b 2 +$ copy [-.docs]BINDINGS.md; []BINDINGS.md +$ copy [-.docs]HACKING.md; []HACKING.md $ if f$search("[]HACKING_CRYPTO.") .nes. "" then delete []HACKING_CRYPTO.;* $ copy [-.docs]HACKING-CRYPTO; []HACKING_CRYPTO. $ man2help -a []HACKING_CRYPTO.; libssh2.hlp -b 2 diff --git a/libssh2/vms/libssh2_make_kit.dcl b/libssh2/vms/libssh2_make_kit.dcl index 6a1495880..738187e1b 100644 --- a/libssh2/vms/libssh2_make_kit.dcl +++ b/libssh2/vms/libssh2_make_kit.dcl @@ -22,24 +22,24 @@ $! $ set default [-] $! $ defdir = f$environment( "default" ) -$ thisdev = f$parse(defdir,,,"device","no_conceal") +$ thisdev = f$parse(defdir,,,"device","no_conceal") $ thisdir = f$parse(defdir,,,"directory","no_conceal") - "][" - "][" - "][" - "][" $! -$ libssh2_kf = thisdev + thisdir +$ libssh2_kf = thisdev + thisdir $ libssh2_kf = libssh2_kf - "]" + ".]" $! $ set default 'mdir' $! $ define/translation_attributes=concealed libssh2_kf 'libssh2_kf' $! -$ product package libssh2 - - /base='arch' - +$ product package libssh2 - + /base='arch' - /producer=jcb - - /source=[] - ! where to find PDF and PTF - /destination=[] - ! where to put .PCSI file - /material=libssh2_kf:[000000...] - ! where to find product material + /source=[] - ! where to find PDF and PTF + /destination=[] - ! where to put .PCSI file + /material=libssh2_kf:[000000...] - ! where to find product material /version="''vms_majorv'.''minorv'-''patchv'''datename'" - - /format=sequential + /format=sequential $! $End: $! @@ -52,7 +52,7 @@ $! $ if f$trnlnm("libssh2_kf") .nes. "" then deassign libssh2_kf $ set default 'olddir' $! -$exit +$exit $! $!-------------------------------------------------------------------------------- $! @@ -61,20 +61,20 @@ $ set process/parse=extended $! $ say = "write sys$output" $! -$ mdir = f$environment("procedure") +$ mdir = f$environment("procedure") $ mdir = mdir - f$parse(mdir,,,"name") - f$parse(mdir,,,"type") - f$parse(mdir,,,"version") $! $ set default 'mdir' $! -$ pipe search [-.include]*.h libssh2_version_major/nohead | (read sys$input l ; l = f$element(2," ",f$edit(l,"trim,compress")) ; - +$ pipe search [-.include]*.h libssh2_version_major/nohead | (read sys$input l ; l = f$element(2," ",f$edit(l,"trim,compress")) ; - define/job majorv &l ) -$ pipe search [-.include]*.h libssh2_version_minor/nohead | (read sys$input l ; l = f$element(2," ",f$edit(l,"trim,compress")) ; - +$ pipe search [-.include]*.h libssh2_version_minor/nohead | (read sys$input l ; l = f$element(2," ",f$edit(l,"trim,compress")) ; - define/job minorv &l ) -$ pipe search [-.include]*.h libssh2_version_patch/nohead | (read sys$input l ; l = f$element(2," ",f$edit(l,"trim,compress")) ; - +$ pipe search [-.include]*.h libssh2_version_patch/nohead | (read sys$input l ; l = f$element(2," ",f$edit(l,"trim,compress")) ; - define/job patchv &l ) $! $ majorv = f$trnlnm("majorv") -$ minorv = f$integer(f$trnlnm("minorv")) +$ minorv = f$integer(f$trnlnm("minorv")) $ patchv = f$integer( f$trnlnm("patchv")) $! $ deassign/job majorv @@ -106,10 +106,10 @@ $ then $ daily = "FALSE" $ datename = "Final" $ else -$ datename = "D" + f$extract(seconddash+1,8,restdir) +$ datename = "D" + f$extract(seconddash+1,8,restdir) $ endif $! -$ if daily +$ if daily $ then $ productname = "JCB ''arch' LIBSSH2 V''vms_majorv'.''minorv'-''patchv'''datename'" $ else @@ -176,7 +176,7 @@ $ write pd " file ""[gnv.usr.share.doc.libssh2]libssh2-''versionname'.release $ write pd " file ""[gnv.usr.lib]gnv$libssh2_''versionname'.exe"" source ""[vms]libssh2_''versionname'.exe"";" $ write pd "end product ;" $ close pd -$exit +$exit $endsubroutine $! $!-------------------------------------------------------------------------------- @@ -219,4 +219,3 @@ $ write pt "[gnv.common_src]libssh2_''versionname'''datename'_src.bck" $close pt $exit $ endsubroutine - diff --git a/libssh2/vms/libssh2_make_lib.dcl b/libssh2/vms/libssh2_make_lib.dcl index 56d168f21..a763445e5 100644 --- a/libssh2/vms/libssh2_make_lib.dcl +++ b/libssh2/vms/libssh2_make_lib.dcl @@ -21,16 +21,16 @@ $ deassign objdir $ delete library_objects.dir;* $! $ set default 'olddir' -$exit +$exit $! $!--------------------------------------------------------------------- $! -$Init: +$Init: $! $! $ init_status = 1 -$ thisid = f$integer( %x'f$getjpi(0,"pid")') -$ mdir = f$environment("procedure") +$ thisid = f$integer( %x'f$getjpi(0,"pid")') +$ mdir = f$environment("procedure") $ mdir = mdir - f$parse(mdir,,,"name") - f$parse(mdir,,,"type") - f$parse(mdir,,,"version") $ set default 'mdir' $! @@ -50,15 +50,15 @@ $ cc_include = "/include=([],[-.include],""/gnv$zlib_include"")" $ cc_define = "/DEFINE=(_USE_STD_STAT=1)" $ link_opts = "objdir:libssh2_''thisid'.opt" $! -$ pipe search [-.include]libssh2.h libssh2_version_major/nohead | (read sys$input l ; l = f$element(2," ",f$edit(l,"trim,compress")) ; - +$ pipe search [-.include]libssh2.h libssh2_version_major/nohead | (read sys$input l ; l = f$element(2," ",f$edit(l,"trim,compress")) ; - define/job majorv &l ) -$ pipe search [-.include]libssh2.h libssh2_version_minor/nohead | (read sys$input l ; l = f$element(2," ",f$edit(l,"trim,compress")) ; - +$ pipe search [-.include]libssh2.h libssh2_version_minor/nohead | (read sys$input l ; l = f$element(2," ",f$edit(l,"trim,compress")) ; - define/job minorv &l ) -$ pipe search [-.include]libssh2.h libssh2_version_patch/nohead | (read sys$input l ; l = f$element(2," ",f$edit(l,"trim,compress")) ; - +$ pipe search [-.include]libssh2.h libssh2_version_patch/nohead | (read sys$input l ; l = f$element(2," ",f$edit(l,"trim,compress")) ; - define/job patchv &l ) $! $ majorv = f$trnlnm("majorv") -$ minorv = f$integer(f$trnlnm("minorv")) +$ minorv = f$integer(f$trnlnm("minorv")) $ patchv = f$integer( f$trnlnm("patchv")) $! $ OLBONLY = "FALSE" @@ -81,7 +81,7 @@ $ set noon $ purge *.opt $ purge *.olb $ purge *.exe -$! +$! $exit 1 $endsubroutine $! @@ -103,7 +103,7 @@ $ write uitv "sys$share:ssl$libcrypto_shr32.exe/share" $ write uitv "sys$share:ssl$libssl_shr32.exe/share" $ write uitv "gnv$libzshr/share" $ close uitv -$! +$! $ link/shared/exe=libssh2_'majorv'_'minorv'_'patchv'.exe - libssh2.olb/lib, - link_libssh2_version_'majorv'_'minorv'_'patchv'.opt/opt, - @@ -118,12 +118,12 @@ $CompileAll: subroutine $! $ set noon $! -$ if f$search("objdir:*.obj;*") .nes "" -$ then +$ if f$search("objdir:*.obj;*") .nes "" +$ then $ delete objdir:*.obj;* $ endif -$ if f$search("[.cxx_repository]cxx$demangler_db.;") .nes "" -$ then +$ if f$search("[.cxx_repository]cxx$demangler_db.;") .nes "" +$ then $ delete [.cxx_repository]cxx$demangler_db.;* $ endif $! @@ -136,16 +136,16 @@ $ case = 0 $ if OLBONLY then case = 1 $CaseLoop: $! -$ if case .eq. 0 -$ then!camel case names +$ if case .eq. 0 +$ then!camel case names $ cc_flags = "/names=(shortened,as_is)''cc_define'" $ objlib = "libssh2_asis.olb" $ endif $! -$ if case .eq. 1 -$ then!uppercase names -$ if f$search("[.cxx_repository]cxx$demangler_db.;") .nes "" -$ then +$ if case .eq. 1 +$ then!uppercase names +$ if f$search("[.cxx_repository]cxx$demangler_db.;") .nes "" +$ then $ rename [.cxx_repository]cxx$demangler_db.; *.lowercase $ purge [.cxx_repository]cxx$demangler_db.lowercase $ endif @@ -172,8 +172,8 @@ $ delete objdir:*.obj;* $ if case .lt 2 then goto CaseLoop $! $ rename libssh2_up.olb libssh2.olb -$ if f$search("[.cxx_repository]cxx$demangler_db.;") .nes "" -$ then +$ if f$search("[.cxx_repository]cxx$demangler_db.;") .nes "" +$ then $ rename [.cxx_repository]cxx$demangler_db.; *.uppercase $ purge [.cxx_repository]cxx$demangler_db.uppercase $ endif @@ -182,10 +182,10 @@ $ if OLBONLY then exit 4 $! $! For each function that is too long, create a global symbol $! low$'shortened-uppercase-name' with as value lowercase shortened -$! name in it, so we can add the proper lower or mixed case -$! shortened name later when building the transfer vectors +$! name in it, so we can add the proper lower or mixed case +$! shortened name later when building the transfer vectors $! for the shared image. -$! This is to prevent two very long similar function names +$! This is to prevent two very long similar function names $! that are shortened getting mixed up when sorted alphabetically. $! $ inputfile = "[.cxx_repository]cxx$demangler_db.lowercase" @@ -211,7 +211,7 @@ $ symvalue = "" $! $ if shortname .eqs. f$edit(shortname,"upcase") $ then -$! this is an uppercase shortname, add it +$! this is an uppercase shortname, add it $ symname = "u$''longname'" $ symvalue = "''shortname'" $ low$'shortname' == l$'longname' @@ -246,7 +246,7 @@ $ library/insert 'objlib' objdir:'what'.obj $! $End: $exit -$endsubroutine +$endsubroutine $! $!--------------------------------------------------------------------- $! @@ -254,7 +254,7 @@ $BuildTransferVectors: subroutine $! $! Do a balanced read of the uppercase library names $! and the mixed case library names, and build the -$! transfer vectors with uppercase entry points +$! transfer vectors with uppercase entry points $! with an alternative in mixed case. $! For shortened names, use the low$* symbols $! to avoid being fooled by the sort. @@ -267,9 +267,9 @@ $! case blind sort of all modules in both the uppercase $! as the case sensitive object library. $! $ sort libu.'thisid' lib.'thisid'/spec=sys$input -/COLLATING_SEQUENCE=(SEQUENCE= ("A" - "Z","0"-"9","_"), FOLD) +/COLLATING_SEQUENCE=(SEQUENCE= ("A" - "Z","0"-"9","_"), FOLD) $ sort lib_asisu.'thisid' lib_asis.'thisid'/spec=sys$input -/COLLATING_SEQUENCE=(SEQUENCE= ("A" - "Z","0"-"9","_"), FOLD) +/COLLATING_SEQUENCE=(SEQUENCE= ("A" - "Z","0"-"9","_"), FOLD) $! $ open/read in lib.'thisid' $ open/read inasis lib_asis.'thisid' @@ -300,12 +300,12 @@ $ endif $! $ if uitregel .nes. "" .and. mode .eq. 1 $ then -$ write uit "''uitregel'=PROCEDURE, -" -$ write uit "''uitasis'/''uitregel'=PROCEDURE, -" +$ write uit "''uitregel'=PROCEDURE, -" +$ write uit "''uitasis'/''uitregel'=PROCEDURE, -" $! $ uitregel = "" $ uitasis = "" -$ endif +$ endif $! $ uitregel = regel $ if f$type( low$'uitregel' ) .nes. "" @@ -320,14 +320,14 @@ $ mode = 1 $! $ goto ReadLoop $EndreadLoop: -$! +$! $! To get the closing brace after the last procedure $! keyword. $! $ if uitregel .nes. "" -$ then -$ write uit "''uitregel'=PROCEDURE, -" -$ write uit "''uitasis'/''uitregel'=PROCEDURE)" +$ then +$ write uit "''uitregel'=PROCEDURE, -" +$ write uit "''uitasis'/''uitregel'=PROCEDURE)" $ endif $! $ write uit "CASE_SENSITIVE=NO" diff --git a/libssh2/vms/man2help.c b/libssh2/vms/man2help.c index 92e5f2b94..49ef10d2b 100644 --- a/libssh2/vms/man2help.c +++ b/libssh2/vms/man2help.c @@ -14,12 +14,12 @@ typedef struct manl{ struct manl *next; char *filename; }man, *manPtr; - + typedef struct pf_fabnam{ struct FAB dfab; struct RAB drab; struct namldef dnam; - char expanded_filename[NAM$C_MAXRSS + 1]; + char expanded_filename[NAM$C_MAXRSS + 1]; } pfn, *pfnPtr; /*----------------------------------------------------------*/ @@ -37,13 +37,13 @@ if ( len ){ }else{ output[0] = 0; } -} +} /*----------------------------------------------------------*/ /* give part of ilename in partname. See code for proper value of i ( 0 = node, 1 = dev, 2 = dir,3 = name etc. -*/ +*/ int fnamepart( char *inputfile, char *part, int whatpart ) { @@ -59,8 +59,8 @@ pf->dnam = cc$rms_naml; pf->dfab.fab$l_naml = &pf->dnam; -pf->dfab.fab$l_fna = (char *) -1; -pf->dfab.fab$l_dna = (char *) -1; +pf->dfab.fab$l_fna = (char *) -1; +pf->dfab.fab$l_dna = (char *) -1; pf->dfab.fab$b_fns = 0; pf->dfab.fab$w_ifi = 0; @@ -68,14 +68,14 @@ pf->dnam.naml$l_long_defname = NULL; //inputfile; pf->dnam.naml$l_long_defname_size = 0;//strlen( inputfile ); pf->dnam.naml$l_long_filename = inputfile; -pf->dnam.naml$l_long_filename_size = strlen( inputfile); +pf->dnam.naml$l_long_filename_size = strlen( inputfile ); pf->dnam.naml$l_long_expand = pf->expanded_filename; pf->dnam.naml$l_long_expand_alloc = NAM$C_MAXRSS ; pf->dnam.naml$b_nop |= NAML$M_SYNCHK | NAML$M_PWD; -status = sys$parse( &pf->dfab, 0,0); +status = sys$parse( &pf->dfab, 0, 0 ); if ( !(status&1) ){ free( pf ); return( status ); @@ -85,7 +85,7 @@ fpcopy ( ipart[0], pf->dnam.naml$l_long_node , pf->dnam.naml$l_long_node_size); fpcopy ( ipart[1], pf->dnam.naml$l_long_dev , pf->dnam.naml$l_long_dev_size); fpcopy ( ipart[2], pf->dnam.naml$l_long_dir , pf->dnam.naml$l_long_dir_size); fpcopy ( ipart[3], pf->dnam.naml$l_long_name , pf->dnam.naml$l_long_name_size); -fpcopy ( ipart[4], pf->dnam.naml$l_long_type , pf->dnam.naml$l_long_type_size); +fpcopy ( ipart[4], pf->dnam.naml$l_long_type , pf->dnam.naml$l_long_type_size); fpcopy ( ipart[5], pf->dnam.naml$l_long_ver , pf->dnam.naml$l_long_ver_size); for( i = ipart[ whatpart ], p = part; *i; ++i, ++p){ @@ -93,7 +93,7 @@ for( i = ipart[ whatpart ], p = part; *i; ++i, ++p){ *p = toupper( *i ); }else{ *p = tolower( *i ); - } + } } *p = 0; @@ -111,16 +111,16 @@ char gevonden_file[NAM$C_MAXRSS + 1]; filespec.dsc$w_length = strlen(filename); filespec.dsc$b_dtype = DSC$K_DTYPE_T; -filespec.dsc$b_class = DSC$K_CLASS_S; +filespec.dsc$b_class = DSC$K_CLASS_S; filespec.dsc$a_pointer = filename; gevondend.dsc$w_length = NAM$C_MAXRSS; gevondend.dsc$b_dtype = DSC$K_DTYPE_T; -gevondend.dsc$b_class = DSC$K_CLASS_S; +gevondend.dsc$b_class = DSC$K_CLASS_S; gevondend.dsc$a_pointer = gevonden_file; status=lib$find_file(&filespec,&gevondend,findex,0,0,0,0); - + if ( (status & 1) == 1 ){ strcpy(gevonden,strtok(gevonden_file," ")); }else{ @@ -137,13 +137,13 @@ manPtr addman( manPtr *manroot,char *filename ) { manPtr m,f; -m = calloc( 1, sizeof( man) ); +m = calloc( 1, sizeof( man ) ); if ( !m ) return( NULL ); m->filename = strdup( filename ); if ( *manroot == NULL ){ - *manroot = m; + *manroot = m; }else{ for( f = *manroot; f->next ; f = f->next ); f->next = m; @@ -159,7 +159,7 @@ manPtr m,n; for( m = *manroot; m ; m = n ){ free( m->filename ); n = m->next; - free ( m ); + free( m ); } *manroot = NULL; } @@ -180,11 +180,11 @@ while(1){ r = addman( manroot, gevonden ); if ( r == NULL ) return(2); }else{ - if ( !( status&1)) break; + if ( !( status&1 ) ) break; } } -lib$find_file_end( &ffindex); +lib$find_file_end( &ffindex ); if ( status == RMS$_NMF) status = 1; @@ -207,14 +207,14 @@ uit = calloc( 1, maxlen + 1 ); if ( in == NULL || uit == NULL ) return(2); -man = fopen( filespec, "r"); +man = fopen( filespec, "r" ); if ( man == NULL ) return(vaxc$errno); for( len = 0; !feof( man ) && len < maxlen ; len += thislen ){ thislen = fread( in + len, 1, maxlen - len, man ); } -fclose (man); +fclose(man); m = in; h = uit; @@ -259,10 +259,10 @@ for ( mode = 0, bol = 1 ; *m; ++m ){ mode = 0; break; case 'B': - ++m; + ++m; *h = ' ';++h; mode = 0; - break; + break; case 'I': /* remove preceding eol */ if ( *(m+1) != 'P' ){ @@ -272,7 +272,7 @@ for ( mode = 0, bol = 1 ; *m; ++m ){ } /* skip .Ix */ - for(;*m != ' ' && *m != '\n' && *m != '\r'; ++m); + for(;*m != ' ' && *m != '\n' && *m != '\r'; ++m); /* copy line up to EOL */ @@ -281,7 +281,7 @@ for ( mode = 0, bol = 1 ; *m; ++m ){ /* if line ends in ., this is an EOL */ if ( *(h-1) == '.'){ - --h; + --h; --m; }else{ /* if line does not end in ., skip EOL in source */ @@ -293,7 +293,7 @@ for ( mode = 0, bol = 1 ; *m; ++m ){ case 'S': if ( *(m+1) == 'H' ){ *h = '\n';++h; - if ( strncmp( m+3 ,"NAME",4) == 0 || + if ( strncmp( m+3 ,"NAME",4) == 0 || strncmp( m+3 ,"SYNOPSIS",8) == 0 || strncmp( m+3 ,"DESCRIPTION",11) == 0 ){ while( *m != '\n' && *m != '\r')++m; @@ -306,7 +306,7 @@ for ( mode = 0, bol = 1 ; *m; ++m ){ *h = '0' + base_level + 1;++h; return_status |= 2; - *h = ' ';++h; + *h = ' ';++h; /* skip H (or whatever after S) and blank */ ++m;++m; @@ -318,11 +318,11 @@ for ( mode = 0, bol = 1 ; *m; ++m ){ if ( *m != '\"' ){ *h = tolower( *m ); - if (*h == ' ') *h = '_'; + if (*h == ' ') *h = '_'; }else{ --h; - } - } + } + } /* Add a linefeed or two */ @@ -330,7 +330,7 @@ for ( mode = 0, bol = 1 ; *m; ++m ){ *h = *m;++h; mode = 0; - } + } } break; case 'T': @@ -341,10 +341,10 @@ for ( mode = 0, bol = 1 ; *m; ++m ){ for ( m = m + 3; *m != ' ' && *m ; ++m, ++h ){ *h = *m; } - if ( add_parentheses ){ - *h = '(';++h; - *h = ')';++h; - } + if ( add_parentheses ){ + *h = '(';++h; + *h = ')';++h; + } while( *m != '\n' && *m != '\r' && *m )++m; mode = 0; } @@ -355,7 +355,7 @@ for ( mode = 0, bol = 1 ; *m; ++m ){ break; } break; - case 2: /* after \ skip two characters or print the backslash */ + case 2: /* after \ skip two characters or print the backslash */ switch(*m){ case '\\': *h = *m; @@ -367,7 +367,7 @@ for ( mode = 0, bol = 1 ; *m; ++m ){ mode = 0; break; } - break; + break; } /*end switch mode */ bol = 0; @@ -401,10 +401,10 @@ if ( (return_status&2) ){ len, filespec, strlen(uit), return_status ); */ -free( m ); -free( h ); +free( m ); +free( h ); -return ( 1); +return ( 1 ); } /*--------------------------------------------*/ @@ -474,7 +474,7 @@ for ( i = 1; i < argc; ++i){ case 'a': append = 1; break; - case 'b': + case 'b': if ( (i+1) < argc ){ base_level = atoi( argv[ i + 1 ] ); basechange = 1; @@ -512,5 +512,3 @@ free( helpfile ); return( status ); } - - diff --git a/libssh2/vms/readme.vms b/libssh2/vms/readme.vms index 978da1974..c3d10d2a2 100644 --- a/libssh2/vms/readme.vms +++ b/libssh2/vms/readme.vms @@ -1,13 +1,13 @@ *These are the porting notes to OpenVMS, as of 7 April 2010 -by Jose Baars. This file will be installed as +by Jose Baars. This file will be installed as libssh2*.release_notes by the product install kit. -LIBSSH2 +LIBSSH2 ------- -LIBSSH2 is a client-side library written in C that aims to -implement the SSH2 protocol. It is an open source project, +LIBSSH2 is a client-side library written in C that aims to +implement the SSH2 protocol. It is an open source project, to be found at https://libssh2.org. GNV @@ -19,44 +19,44 @@ of the GNV project, John Malmberg. Installing the PCSI kit ======================= -Prerequisites +Prerequisites ------------- -- VMS version 8.3 minimal. +- VMS version 8.3 minimal. See the remarks at prerequisites for building the kit -- TCP/IP stack, both TCP/IP services and Multinet should work. +- TCP/IP stack, both TCP/IP services and Multinet should work. See the remarks at prerequisites for building the kit -- HP OPENSSL V1.3 minimal. +- HP OPENSSL V1.3 minimal. See the remarks at prerequisites for building the kit -- JEM ZLIB V1.2-3E1 minimal. +- JEM ZLIB V1.2-3E1 minimal. See the remarks at prerequisites for building the kit - -The first three dependencies are tested at installation time, and + +The first three dependencies are tested at installation time, and installation will fail if any these products are not installed. The ZLIB dependency is not tested by the product installation -procedure, as libssh2 will probably be installed as part of +procedure, as libssh2 will probably be installed as part of multiple libraries including zlib. Install ------- -The kit will install gnv$libssh2.exe in a directory tree that might -already be available on your system if you have installed other gnv* -libraries or utilities. +The kit will install gnv$libssh2.exe in a directory tree that might +already be available on your system if you have installed other gnv* +libraries or utilities. The directory tree for gnv$libssh2.exe will be like this: [gnv] -- [usr] -- [include] -- [libssh2] include files for libssh2 [lib] gnv$libssh2_x_y_z.exe - [share] -- [doc] -- [libssh2] libssh2.hlb, - release notes (this file), - libssh2 release notes + [share] -- [doc] -- [libssh2] libssh2.hlb, + release notes (this file), + libssh2 release notes optional: - [example] libssh2_examples-x_y_z.bck + [example] libssh2_examples-x_y_z.bck [common_src] libssh2-x_y_z_src.bck -By default, it will install the shared image and include files to +By default, it will install the shared image and include files to SYS$COMMON:[GNV...]. You can override this destination by specifying the destination @@ -71,9 +71,9 @@ Please ignore the following warnings, as the kit is not signed : Optionally, you can install a backup saveset with some programming examples, or a backupo saveset with the complete libssh2 source tree. - -you will need to answer 'NO' to the question -'Do you want the default for all options'. + +you will need to answer 'NO' to the question +'Do you want the default for all options'. and 'YES' to either or both the following questions: @@ -95,38 +95,38 @@ define this logical in your systartup like so: $ define/system/executive gnv$libssh2 dev:[dir..]gnv$libssh2_x_y_z.exe -Optionally, you can install the executbale like so: +Optionally, you can install the executable like so: $ mc sysgen install dev:[dir..]gnv$libssh2_x_y_z.exe/open/share/header -Link your programs against gnv$libssh2, and when upgrading libssh2 +Link your programs against gnv$libssh2, and when upgrading libssh2 test thoroughly. If you want to be extra cautious define a system logical like this: $ define/system/executive gnv$libssh2_x_y_z dev:[dir..]gnv$libssh2_x_y_z.exe -Link programs against gnv$libssh2_x_y_z, and when upgrading libssh2 -link against new versions. +Link programs against gnv$libssh2_x_y_z, and when upgrading libssh2 +link against new versions. -It is probably more convenient in the last case to link against the object +It is probably more convenient in the last case to link against the object library provided in the source backup saveset. Both an uppercase and a -mixed case object library, called libssh2.olb and libssh2_asis.olb +mixed case object library, called libssh2.olb and libssh2_asis.olb are provided. Compiling and linking against libssh2 ------------------------------------- -The shared image library has a vector table with both uppercase and -mixed case entry points, allowing to link directly against the shared -image wether you need the /NAMES=AS_IS or not. +The shared image library has a vector table with both uppercase and +mixed case entry points, allowing to link directly against the shared +image whether you need the /NAMES=AS_IS or not. To link successfully, you MUST use /NAMES=shortened, as some function names in libssh2 are longer than the VMS maximum of 32 characters. If you chose to install the examples, you can unpack the backup -saveset by +saveset by backup/sel=*.c device:[gnv.usr.share.doc.libssh2.examples]libssh2_examples-x_y_z.bck - [] @@ -147,7 +147,7 @@ Building gnv$libssh2 You can build gnv$libssh2 yourself, which may have advantages, as the library is in full development, very regularly new features are added. -For production use, it is probably advisable to use a stable version, and +For production use, it is probably advisable to use a stable version, and link against that. To check out new features, statically linking against the object library is probably more practical, to avoid compatibility issues. @@ -161,21 +161,21 @@ You will need to have the following available: - An Alpha or Itanium VMS system. Due to dependencies on zlib, ssl and ODS-5, support on VAXen would be cumbersome at least. -- VMS version 8.3 minimal. This is a requirement of gnv$zlibshr.exe against +- VMS version 8.3 minimal. This is a requirement of gnv$zlibshr.exe against which shared image library libssh2 is linked. If you use another zlib to link against, you can make it work under lower versions of VMS. I have made it work on VMS 7.3-2 with not a lot of difficulty. Also, if you are not interested in compression, you can choose not - to link against zlib at all; in that case comment out the + to link against zlib at all; in that case comment out the #define LIBSSH2_HAVE_ZLIB in libssh2_config.h. - TCP/IP services or Multinet for OpenVMS. TCPWare has not been tested. -- The HP OpenSSL product. Of course, with tweaking, you can probably link +- The HP OpenSSL product. Of course, with tweaking, you can probably link it against the OpenSSL library, but that is not what I have used. - -- A C compiler. I don't know any other working C compilers than + +- A C compiler. I don't know any other working C compilers than the DEC/Compac/HP-C compiler on VMS. - An ODS-5 disk. With tweaking you'll get it to work on an ODS-2 @@ -199,7 +199,7 @@ Downloading libssh2 ------------------- At the website of libssh2, you can find stable and daily gzipped -tarballs. if you have a computer connected to internet you can +tarballs. if you have a computer connected to internet you can download a daily build yourself by a procedure that looks a lot like this ( fill out your own proxy user/password, set up right symbols to gunzip, vmstar and curl and set up the libssh2 build version): @@ -212,8 +212,8 @@ $ currentday = f$cvtime(,,"date") - "-" - "-" $! $ set def mydev:[mydir.libssh2] $! -$ if f$search("libssh2-''libssh2_version'-''currentday'.tar.gz") .nes. "" -$ then +$ if f$search("libssh2-''libssh2_version'-''currentday'.tar.gz") .nes. "" +$ then $ delete libssh2-'libssh2_version'-'currentday'.tar.gz;* $ endif $! @@ -221,15 +221,15 @@ $ curl 'proxy_line' "https://libssh2.org/snapshots/libssh2-''libssh2_version'-'' -o libssh2-'libssh2_version'-'currentday'.tar.gz $! $! -$ if f$search("libssh2-''libssh2_version'-''currentday'.tar.;") .nes. "" -$ then +$ if f$search("libssh2-''libssh2_version'-''currentday'.tar.;") .nes. "" +$ then $ delete libssh2-'libssh2_version'-'currentday'.tar.;* $ endif $! $ gunzip libssh2-'libssh2_version'-'currentday'.tar.gz $! $ tarfile = f$search("libssh2-''libssh2_version'-''currentday'.tar.;") -$ vmstar xf 'tarfile' +$ vmstar xf 'tarfile' Downloading a stable build will need you to get rid of the currentday. @@ -241,8 +241,8 @@ Getting the libssh2 sources from the source backup in the binary kit -------------------------------------------------------------------- During installation of the binary kit, you are given the option -of installing the sources. If chosen, a backup saveset with -the complete libssh2 directory is made available in +of installing the sources. If chosen, a backup saveset with +the complete libssh2 directory is made available in [gnv.common_src]. By restoring this backup saveset, you end up with the same @@ -262,7 +262,7 @@ command: @libssh2_make_lib.dcl This should produce libssh2_x_y_z.exe in this same vms directory. - + Building the examples @@ -274,16 +274,16 @@ produced when building the shared image, or against the shared image produced in the step before. You can compile only one of the examples by giving only the -name part of the filename of the example as p1 to the +name part of the filename of the example as p1 to the build procedure: -@libssh2_make_example.dcl +@libssh2_make_example.dcl or for instance -@libssh2_make_example.dcl sftp +@libssh2_make_example.dcl sftp -By default, libssh2_make_example.dcl links to the object libraries +By default, libssh2_make_example.dcl links to the object libraries produced by the libssh2_make_lib.dcl procedure. If you want to link against the shared image library made in the same procedure, invoke the procedure like so: @@ -291,7 +291,7 @@ the procedure like so: @libssh2_make_example.dcl sftp "SHARED" The procdure defines a process logical gnv$libssh2 pointing to the shared -image library in the directory, which obviously will not survive a logout. +image library in the directory, which obviously will not survive a logout. Building the help library @@ -309,11 +309,6 @@ Building a PCSI kit ------------------- When you have built the shared library and the help library, -you can build a PCSI kit by issueing this command: +you can build a PCSI kit by issuing this command: @libssh2_make_kit.dcl - - - - -