diff -ru openssh-3.1p1/CREDITS openssh-3.2.2p1/CREDITS --- openssh-3.1p1/CREDITS 2002-03-05 14:38:35.000000000 +1100 +++ openssh-3.2.2p1/CREDITS 2002-04-13 11:04:40.000000000 +1000 @@ -75,7 +75,7 @@ Phill Camp - login code fix Rip Loomis - Solaris package support, fixes SAKAI Kiyotaka - Multiple bugfixes -Simon Wilkinson - PAM fixes +Simon Wilkinson - PAM fixes, Compat with MIT KrbV Svante Signell - Bugfixes Thomas Neumann - Shadow passwords Tim Rice - Portability & SCO fixes @@ -90,5 +90,5 @@ Damien Miller -$Id: CREDITS,v 1.65 2002/03/05 03:38:35 mouring Exp $ +$Id: CREDITS,v 1.66 2002/04/13 01:04:40 djm Exp $ diff -ru openssh-3.1p1/ChangeLog openssh-3.2.2p1/ChangeLog --- openssh-3.1p1/ChangeLog 2002-03-07 13:04:37.000000000 +1100 +++ openssh-3.2.2p1/ChangeLog 2002-05-16 07:50:14.000000000 +1000 @@ -1,7817 +1,656 @@ -20020307 - - (djm) OpenBSD CVS Sync - - markus@cvs.openbsd.org 2002/03/06 00:20:54 - [compat.c dh.c] - compat.c - - markus@cvs.openbsd.org 2002/03/06 00:23:27 - [compat.c dh.c] - undo - - markus@cvs.openbsd.org 2002/03/06 00:24:39 - [compat.c] - compat.c - - markus@cvs.openbsd.org 2002/03/06 00:25:55 - [version.h] - OpenSSH_3.1 - - (djm) Update RPM spec files with new version number - -20020305 - - stevesk@cvs.openbsd.org 2002/03/02 09:34:42 - [LICENCE] - correct copyright dates for scp license; ok markus@ - -20020304 - - OpenBSD CVS Sync - - deraadt@cvs.openbsd.org 2002/02/26 18:52:32 - [sftp.1] - Ic cannot have that many arguments; spotted by mouring@etoh.eviladmin.org - - mouring@cvs.openbsd.org 2002/02/26 19:04:37 - [sftp.1] - > Ic cannot have that many arguments; spotted by mouring@etoh.eviladmin.org - Last Ic on the first line should not have a space between it and the final - comma. - - deraadt@cvs.openbsd.org 2002/02/26 19:06:43 - [sftp.1] - no, look closely. the comma was highlighted. split .Ic even more - - stevesk@cvs.openbsd.org 2002/02/26 20:03:51 - [misc.c] - use socklen_t - - stevesk@cvs.openbsd.org 2002/02/27 21:23:13 - [canohost.c channels.c packet.c sshd.c] - remove unneeded casts in [gs]etsockopt(); ok markus@ - - markus@cvs.openbsd.org 2002/02/28 15:46:33 - [authfile.c kex.c kexdh.c kexgex.c key.c ssh-dss.c] - add some const EVP_MD for openssl-0.9.7 - - stevesk@cvs.openbsd.org 2002/02/28 19:36:28 - [auth.c match.c match.h] - delay hostname lookup until we see a ``@'' in DenyUsers and AllowUsers - for sshd -u0; ok markus@ - - stevesk@cvs.openbsd.org 2002/02/28 20:36:42 - [sshd.8] - DenyUsers allows user@host pattern also - - stevesk@cvs.openbsd.org 2002/02/28 20:46:10 - [sshd.8] - -u0 DNS for user@host - - stevesk@cvs.openbsd.org 2002/02/28 20:56:00 - [auth.c] - log user not allowed details, from dwd@bell-labs.com; ok markus@ - - markus@cvs.openbsd.org 2002/03/01 13:12:10 - [auth.c match.c match.h] - undo the 'delay hostname lookup' change - match.c must not use compress.c (via canonhost.c/packet.c) - thanks to wilfried@ - - markus@cvs.openbsd.org 2002/03/04 12:43:06 - [auth-passwd.c auth-rh-rsa.c auth-rhosts.c] - - markus@cvs.openbsd.org 2002/03/04 13:10:46 - [misc.c] - error-> debug, because O_NONBLOCK for /dev/null causes too many different - errnos; ok stevesk@, deraadt@ - unused include - - stevesk@cvs.openbsd.org 2002/03/04 17:27:39 - [auth-krb5.c auth-options.h auth.h authfd.h authfile.h bufaux.h buffer.h - channels.h cipher.h compat.h compress.h crc32.h deattack.c getput.h - groupaccess.c misc.c mpaux.h packet.h readconf.h rsa.h scard.h - servconf.h ssh-agent.c ssh.h ssh2.h sshpty.h sshtty.c ttymodes.h - uuencode.c xmalloc.h] - $OpenBSD$ and RCSID() cleanup: don't use RCSID() in .h files; add - missing RCSID() to .c files and remove dup /*$OpenBSD$*/ from .c - files. ok markus@ - - stevesk@cvs.openbsd.org 2002/03/04 18:30:23 - [ssh-keyscan.c] - handle connection close during read of protocol version string. - fixes erroneous "bad greeting". ok markus@ - - markus@cvs.openbsd.org 2002/03/04 19:37:58 - [channels.c] - off by one; thanks to joost@pine.nl - - (bal) Added contrib/aix/ to support BFF package generation provided - by Darren Tucker -20020226 - - (tim) Bug 12 [configure.ac] add sys/bitypes.h to int64_t tests - based on patch by mooney@dogbert.cc.ndsu.nodak.edu (Tim Mooney) - Bug 45 [configure.ac] modify skey test to work around conflict with autoconf - reported by nolan@naic.edu (Michael Nolan) - patch by Pekka Savola - Bug 74 [configure.ac defines.h] add sig_atomic_t test - reported by dwd@bell-labs.com (Dave Dykstra) - Bug 102 [defines.h] UNICOS fixes. patch by wendyp@cray.com - [configure.ac Makefile.in] link libwrap only with sshd - based on patch by Maciej W. Rozycki - Bug 123 link libpam only with sshd - reported by peak@argo.troja.mff.cuni.cz (Pavel Kankovsky) - [configure.ac defines.h] modify previous SCO3 fix to not break Solaris 7 - [acconfig.h] remove unused HAVE_REGCOMP - [configure.ac] put back in search for prngd-socket - - (stevesk) openbsd-compat/base64.h: typo in comment - - (bal) Update sshd_config CVSID +20020515 + - (bal) CVS ID fix up on auth-passwd.c - (bal) OpenBSD CVS Sync - - markus@cvs.openbsd.org 2002/02/15 23:54:10 - [auth-krb5.c] - krb5_get_err_text() does not like context==NULL; he@nordu.net via google; - ok provos@ - - markus@cvs.openbsd.org 2002/02/22 12:20:34 - [log.c log.h ssh-keyscan.c] - overwrite fatal() in ssh-keyscan.c; fixes pr 2354; ok provos@ - - markus@cvs.openbsd.org 2002/02/23 17:59:02 - [kex.c kexdh.c kexgex.c] - don't allow garbage after payload. - - stevesk@cvs.openbsd.org 2002/02/24 16:09:52 - [sshd.c] - use u_char* here; ok markus@ - - markus@cvs.openbsd.org 2002/02/24 16:57:19 - [sftp-client.c] - early close(), missing free; ok stevesk@ - - markus@cvs.openbsd.org 2002/02/24 16:58:32 - [packet.c] - make 'cp' unsigned and merge with 'ucp'; ok stevesk@ - - markus@cvs.openbsd.org 2002/02/24 18:31:09 - [uuencode.c] + - deraadt@cvs.openbsd.org 2002/05/07 19:54:36 + [ssh.h] + use ssh uid + - deraadt@cvs.openbsd.org 2002/05/08 21:06:34 + [ssh.h] + move to sshd.sshd instead + - stevesk@cvs.openbsd.org 2002/05/11 20:24:48 + [ssh.h] typo in comment - - markus@cvs.openbsd.org 2002/02/24 19:14:59 - [auth2.c authfd.c authfd.h authfile.c kexdh.c kexgex.c key.c key.h - ssh-dss.c ssh-dss.h ssh-keygen.c ssh-rsa.c ssh-rsa.h sshconnect2.c] - signed vs. unsigned: make size arguments u_int, ok stevesk@ - - stevesk@cvs.openbsd.org 2002/02/24 19:59:42 - [channels.c misc.c] - disable Nagle in connect_to() and channel_post_port_listener() (port - forwarding endpoints). the intention is to preserve the on-the-wire - appearance to applications at either end; the applications can then - enable TCP_NODELAY according to their requirements. ok markus@ - - markus@cvs.openbsd.org 2002/02/25 16:33:27 - [ssh-keygen.c sshconnect2.c uuencode.c uuencode.h] - more u_* fixes - - (bal) Imported missing fatal.c and fixed up Makefile.in - - (tim) [configure.ac] correction to Bug 123 fix - [configure.ac] correction to sig_atomic_t test - -20020225 - - (bal) Last AIX patch. Moved aix_usrinfo() outside of do_setuserconext() - since we need more session information than provided by that function. - -20020224 - - (bal) Drop Session *s usage in ports-aix.[ch] and pass just what we - need to do the jobs (AIX still does not fully compile, but that is - coming). - - (bal) Part two.. Drop unused AIX header, fix up missing char *cp. All - that is left is handling aix_usrinfo(). - - (tim) [loginrec.c session.c sshlogin.c sshlogin.h] Bug 84 - patch by wknox@mitre.org (William Knox). - [sshlogin.h] declare record_utmp_only for session.c - -20020221 - - (bal) Minor session.c fixup for cygwin. mispelt 'is_winnt' variable. - -20020219 - - (djm) OpenBSD CVS Sync - - mpech@cvs.openbsd.org 2002/02/13 08:33:47 - [ssh-keyscan.1] - When you give command examples and etc., in a manual page prefix them with: $ command - or - # command - - markus@cvs.openbsd.org 2002/02/14 23:27:59 - [channels.c] - increase the SSH v2 window size to 4 packets. comsumes a little - bit more memory for slow receivers but increases througput. - - markus@cvs.openbsd.org 2002/02/14 23:28:00 - [channels.h session.c ssh.c] - increase the SSH v2 window size to 4 packets. comsumes a little - bit more memory for slow receivers but increases througput. - - markus@cvs.openbsd.org 2002/02/14 23:41:01 - [authfile.c cipher.c cipher.h kex.c kex.h packet.c] - hide some more implementation details of cipher.[ch] and prepares for move - to EVP, ok deraadt@ - - stevesk@cvs.openbsd.org 2002/02/16 14:53:37 - [ssh-keygen.1] - -t required now for key generation - - stevesk@cvs.openbsd.org 2002/02/16 20:40:08 - [ssh-keygen.c] - default to rsa keyfile path for non key generation operations where - keyfile not specified. fixes core dump in those cases. ok markus@ - - millert@cvs.openbsd.org 2002/02/16 21:27:53 - [auth.h] - Part one of userland __P removal. Done with a simple regexp with - some minor hand editing to make comments line up correctly. Another - pass is forthcoming that handles the cases that could not be done - automatically. - - millert@cvs.openbsd.org 2002/02/17 19:42:32 - [auth.h] - Manual cleanup of remaining userland __P use (excluding packages - maintained outside the tree) - - markus@cvs.openbsd.org 2002/02/18 13:05:32 - [cipher.c cipher.h] - switch to EVP, ok djm@ deraadt@ - - markus@cvs.openbsd.org 2002/02/18 17:55:20 - [ssh.1] - -q: Fatal errors are _not_ displayed. - - deraadt@cvs.openbsd.org 2002/02/19 02:50:59 - [sshd_config] - stategy is not an english word - - (bal) Migrated IRIX jobs/projects/audit/etc code to - openbsd-compat/port-irix.[ch] to improve readiblity of do_child() - - (bal) Migrated AIX getuserattr and usrinfo code to - openbsd-compat/port-aix.[c] to improve readilbity of do_child() and - simplify our diffs against upstream source. - - (bal) OpenBSD CVS Sync - - markus@cvs.openbsd.org 2002/02/15 23:11:26 - [session.c] - split do_child(), ok mouring@ - - markus@cvs.openbsd.org 2002/02/16 00:51:44 - [session.c] - typo - - (bal) CVS ID sync since the last two patches were merged mistakenly - -20020218 - - (tim) newer config.guess from ftp://ftp.gnu.org/gnu/config/config.guess - -20020213 - - (djm) Don't use system sys/queue.h on AIX. Report from - gert@greenie.muc.de - - (djm) Bug #114 - not starting PAM for SSH protocol 1 invalid users - -20020213 - - (djm) OpenBSD CVS Sync - - markus@cvs.openbsd.org 2002/02/11 16:10:15 - [kex.c] - restore kexinit handler if we reset the dispatcher, this unbreaks - rekeying s/kex_clear_dispatch/kex_reset_dispatch/ - - markus@cvs.openbsd.org 2002/02/11 16:15:46 - [sshconnect1.c] - include md5.h, not evp.h - - markus@cvs.openbsd.org 2002/02/11 16:17:55 - [sshd.c] - do not complain about port > 1024 if rhosts-auth is disabled - - markus@cvs.openbsd.org 2002/02/11 16:19:39 - [sshd.c] - include md5.h not hmac.h - - markus@cvs.openbsd.org 2002/02/11 16:21:42 - [match.c] - support up to 40 algorithms per proposal - - djm@cvs.openbsd.org 2002/02/12 12:32:27 - [sftp.1 sftp.c sftp-client.c sftp-client.h sftp-int.c] - Perform multiple overlapping read/write requests in file transfer. Mostly - done by Tobias Ringstrom ; ok markus@ - - djm@cvs.openbsd.org 2002/02/12 12:44:46 - [sftp-client.c] - Let overlapped upload path handle servers which reorder ACKs. This may be - permitted by the protocol spec; ok markus@ - - markus@cvs.openbsd.org 2002/02/13 00:28:13 - [sftp-server.c] - handle SSH2_FILEXFER_ATTR_SIZE in SSH2_FXP_(F)SETSTAT; ok djm@ - - markus@cvs.openbsd.org 2002/02/13 00:39:15 - [readpass.c] - readpass.c is not longer from UCB, since we now use readpassphrase(3) - - djm@cvs.openbsd.org 2002/02/13 00:59:23 - [sftp-client.c sftp-client.h sftp-glob.c sftp-glob.h sftp.h] - [sftp-int.c sftp-int.h] - API cleanup and backwards compat for filexfer v.0 servers; ok markus@ - - (djm) Sync openbsd-compat with OpenBSD CVS too - - (djm) Bug #106: Add --without-rpath configure option. Patch from - Nicolas.Williams@ubsw.com - - (tim) [configure.ac, defines.h ] add rpc/rpc.h for INADDR_LOOPBACK - on SCO OSR3 - -20020210 - - (djm) OpenBSD CVS Sync - - deraadt@cvs.openbsd.org 2002/02/09 17:37:34 - [pathnames.h session.c ssh.1 sshd.8 sshd_config ssh-keyscan.1] - move ssh config files to /etc/ssh - - (djm) Adjust portable Makefile.in tnd ssh-rand-helper.c o match - - deraadt@cvs.openbsd.org 2002/02/10 01:07:05 - [readconf.h sshd.8] - more /etc/ssh; openbsd@davidkrause.com - -20020208 - - (djm) OpenBSD CVS Sync - - markus@cvs.openbsd.org 2002/02/04 12:15:25 - [sshd.c] - add SYSLOG_FACILITY_NOT_SET = -1, SYSLOG_LEVEL_NOT_SET = -1, - fixes arm/netbsd; based on patch from bjh21@netbsd.org; ok djm@ - - stevesk@cvs.openbsd.org 2002/02/04 20:41:16 - [ssh-agent.1] - more sync for default ssh-add identities; ok markus@ - - djm@cvs.openbsd.org 2002/02/05 00:00:46 - [sftp.1 sftp.c sftp-client.c sftp-client.h sftp-int.c] - Add "-B" option to specify copy buffer length (default 32k); ok markus@ - - markus@cvs.openbsd.org 2002/02/05 14:32:55 - [channels.c channels.h ssh.c] - merge channel_request() into channel_request_start() - - markus@cvs.openbsd.org 2002/02/06 14:22:42 - [sftp.1] - sort options; ok mpech@, stevesk@ - - mpech@cvs.openbsd.org 2002/02/06 14:27:23 - [sftp.c] - sync usage() with manual. - - markus@cvs.openbsd.org 2002/02/06 14:37:22 - [session.c] - minor KNF - - markus@cvs.openbsd.org 2002/02/06 14:55:16 - [channels.c clientloop.c serverloop.c ssh.c] - channel_new never returns NULL, mouring@; ok djm@ - - markus@cvs.openbsd.org 2002/02/07 09:35:39 - [ssh.c] - remove bogus comments - -20020205 - - (djm) Cleanup after sync: - - :%s/reverse_mapping_check/verify_reverse_mapping/g - - (djm) OpenBSD CVS Sync - - stevesk@cvs.openbsd.org 2002/01/24 21:09:25 - [channels.c misc.c misc.h packet.c] - add set_nodelay() to set TCP_NODELAY on a socket (prep for nagle tuning). - no nagle changes just yet; ok djm@ markus@ - - stevesk@cvs.openbsd.org 2002/01/24 21:13:23 - [packet.c] - need misc.h for set_nodelay() - - markus@cvs.openbsd.org 2002/01/25 21:00:24 - [sshconnect2.c] - unused include - - markus@cvs.openbsd.org 2002/01/25 21:42:11 - [ssh-dss.c ssh-rsa.c] - use static EVP_MAX_MD_SIZE buffers for EVP_DigestFinal; ok stevesk@ - don't use evp_md->md_size, it's not public. - - markus@cvs.openbsd.org 2002/01/25 22:07:40 - [kex.c kexdh.c kexgex.c key.c mac.c] - use EVP_MD_size(evp_md) and not evp_md->md_size; ok steveks@ - - stevesk@cvs.openbsd.org 2002/01/26 16:44:22 - [includes.h session.c] - revert code to add x11 localhost display authorization entry for - hostname/unix:d and uts.nodename/unix:d if nodename was different than - hostname. just add entry for unix:d instead. ok markus@ - - stevesk@cvs.openbsd.org 2002/01/27 14:57:46 - [channels.c servconf.c servconf.h session.c sshd.8 sshd_config] - add X11UseLocalhost; ok markus@ - - stevesk@cvs.openbsd.org 2002/01/27 18:08:17 - [ssh.c] - handle simple case to identify FamilyLocal display; ok markus@ - - markus@cvs.openbsd.org 2002/01/29 14:27:57 - [ssh-add.c] - exit 2 if no agent, exit 1 if list fails; debian#61078; ok djm@ - - markus@cvs.openbsd.org 2002/01/29 14:32:03 - [auth2.c auth.c auth-options.c auth-rhosts.c auth-rh-rsa.c canohost.c] - [servconf.c servconf.h session.c sshd.8 sshd_config] - s/ReverseMappingCheck/VerifyReverseMapping/ and avoid confusion; - ok stevesk@ - - stevesk@cvs.openbsd.org 2002/01/29 16:29:02 - [session.c] - limit subsystem length in log; ok markus@ - - markus@cvs.openbsd.org 2002/01/29 16:41:19 - [ssh-add.1] - add DIAGNOSTICS; ok stevesk@ - - markus@cvs.openbsd.org 2002/01/29 22:46:41 - [session.c] - don't depend on servconf.c; ok djm@ - - markus@cvs.openbsd.org 2002/01/29 23:50:37 - [scp.1 ssh.1] - mention exit status; ok stevesk@ - - markus@cvs.openbsd.org 2002/01/31 13:35:11 - [kexdh.c kexgex.c] - cross check announced key type and type from key blob - - markus@cvs.openbsd.org 2002/01/31 15:00:05 - [serverloop.c] - no need for WNOHANG; ok stevesk@ - - markus@cvs.openbsd.org 2002/02/03 17:53:25 - [auth1.c serverloop.c session.c session.h] - don't use channel_input_channel_request and callback - use new server_input_channel_req() instead: - server_input_channel_req does generic request parsing on server side - session_input_channel_req handles just session specific things now - ok djm@ - - markus@cvs.openbsd.org 2002/02/03 17:55:55 - [channels.c channels.h] - remove unused channel_input_channel_request - - markus@cvs.openbsd.org 2002/02/03 17:58:21 - [channels.c channels.h ssh.c] - generic callbacks are not really used, remove and - add a callback for msg of type SSH2_MSG_CHANNEL_OPEN_CONFIRMATION - ok djm@ - - markus@cvs.openbsd.org 2002/02/03 17:59:23 - [sshconnect2.c] - more cross checking if announced vs. used key type; ok stevesk@ - - stevesk@cvs.openbsd.org 2002/02/03 22:35:57 - [ssh.1 sshd.8] - some KeepAlive cleanup/clarify; ok markus@ - - stevesk@cvs.openbsd.org 2002/02/03 23:22:59 - [ssh-agent.1] - ssh-add also adds $HOME/.ssh/id_rsa and $HOME/.ssh/id_dsa now. - - stevesk@cvs.openbsd.org 2002/02/04 00:53:39 - [ssh-agent.c] - unneeded includes - - markus@cvs.openbsd.org 2002/02/04 11:58:10 - [auth2.c] - cross checking of announced vs actual pktype in pubkey/hostbaed auth; - ok stevesk@ - - markus@cvs.openbsd.org 2002/02/04 12:15:25 - [log.c log.h readconf.c servconf.c] - add SYSLOG_FACILITY_NOT_SET = -1, SYSLOG_LEVEL_NOT_SET = -1, - fixes arm/netbsd; based on patch from bjh21@netbsd.org; ok djm@ - - stevesk@cvs.openbsd.org 2002/02/04 20:41:16 - [ssh-add.1] - more sync for default ssh-add identities; ok markus@ - - djm@cvs.openbsd.org 2002/02/04 21:53:12 - [sftp.1 sftp.c] - Add "-P" option to directly connect to a local sftp-server. Should be - useful for regression testing; ok markus@ - - djm@cvs.openbsd.org 2002/02/05 00:00:46 - [sftp.1 sftp.c sftp-client.c sftp-client.h sftp-int.c] - Add "-B" option to specify copy buffer length (default 32k); ok markus@ - -20020130 - - (djm) Delay PRNG seeding until we need it in ssh-keygen, from markus@ - - (tim) [configure.ac] fix logic on when ssh-rand-helper is installed. - [sshd_config] put back in line that tells what PATH was compiled into sshd. - -20020125 - - (djm) Don't grab Xserver or pointer by default. x11-ssh-askpass doesn't - and grabbing can cause deadlocks with kinput2. - -20020124 - - (stevesk) Makefile.in: bug #61; delete commented line for now. - -20020123 - - (djm) Fix non-standard shell syntax in autoconf. Patch from - Dave Dykstra - - (stevesk) fix --with-zlib= - - (djm) Use case statements in autoconf to clean up some tests - - (bal) reverted out of 5/2001 change to atexit(). I assume I - did it to handle SonyOS. If that is the case than we will - do a special case for them. - -20020122 - - (djm) autoconf hacking: - - We don't support --without-zlib currently, so don't allow it. - - Rework cryptographic random number support detection. We now detect - whether OpenSSL seeds itself. If it does, then we don't bother with - the ssh-rand-helper program. You can force the use of ssh-rand-helper - using the --with-rand-helper configure argument - - Simplify and clean up ssh-rand-helper configuration - - Add OpenSSL sanity check: verify that header version matches version - reported by library - - (djm) Fix some bugs I introduced into ssh-rand-helper yesterday - - OpenBSD CVS Sync - - djm@cvs.openbsd.org 2001/12/21 08:52:22 - [ssh-keygen.1 ssh-keygen.c] - Remove default (rsa1) key type; ok markus@ - - djm@cvs.openbsd.org 2001/12/21 08:53:45 - [readpass.c] - Avoid interruptable passphrase read; ok markus@ - - djm@cvs.openbsd.org 2001/12/21 10:06:43 - [ssh-add.1 ssh-add.c] - Try all standard key files (id_rsa, id_dsa, identity) when invoked with - no arguments; ok markus@ - - markus@cvs.openbsd.org 2001/12/21 12:17:33 - [serverloop.c] - remove ifdef for USE_PIPES since fdin != fdout; ok djm@ - - deraadt@cvs.openbsd.org 2001/12/24 07:29:43 - [ssh-add.c] - try all listed keys.. how did this get broken? - - markus@cvs.openbsd.org 2001/12/25 18:49:56 - [key.c] - be more careful on allocation - - markus@cvs.openbsd.org 2001/12/25 18:53:00 - [auth1.c] - be more carefull on allocation - - markus@cvs.openbsd.org 2001/12/27 18:10:29 - [ssh-keygen.c] - -t is only needed for key generation (unbreaks -i, -e, etc). - - markus@cvs.openbsd.org 2001/12/27 18:22:16 - [auth1.c authfile.c auth-rsa.c dh.c kexdh.c kexgex.c key.c rsa.c] - [scard.c ssh-agent.c sshconnect1.c sshd.c ssh-dss.c] - call fatal() for openssl allocation failures - - stevesk@cvs.openbsd.org 2001/12/27 18:22:53 - [sshd.8] - clarify -p; ok markus@ - - markus@cvs.openbsd.org 2001/12/27 18:26:13 - [authfile.c] - missing include - - markus@cvs.openbsd.org 2001/12/27 19:37:23 - [dh.c kexdh.c kexgex.c] - always use BN_clear_free instead of BN_free - - markus@cvs.openbsd.org 2001/12/27 19:54:53 - [auth1.c auth.h auth-rh-rsa.c] - auth_rhosts_rsa now accept generic keys. - - markus@cvs.openbsd.org 2001/12/27 20:39:58 - [auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h] - [serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c] - get rid of packet_integrity_check, use packet_done() instead. - - markus@cvs.openbsd.org 2001/12/28 12:14:27 - [auth1.c auth2.c auth2-chall.c auth-rsa.c channels.c clientloop.c] - [kex.c kexdh.c kexgex.c packet.c packet.h serverloop.c session.c] - [ssh.c sshconnect1.c sshconnect2.c sshd.c] - s/packet_done/packet_check_eom/ (end-of-message); ok djm@ - - markus@cvs.openbsd.org 2001/12/28 13:57:33 - [auth1.c kexdh.c kexgex.c packet.c packet.h sshconnect1.c sshd.c] - packet_get_bignum* no longer returns a size - - markus@cvs.openbsd.org 2001/12/28 14:13:13 - [bufaux.c bufaux.h packet.c] - buffer_get_bignum: int -> void - - markus@cvs.openbsd.org 2001/12/28 14:50:54 - [auth1.c auth-rsa.c channels.c dispatch.c kex.c kexdh.c kexgex.c] - [packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c] - [sshconnect2.c sshd.c] - packet_read* no longer return the packet length, since it's not used. - - markus@cvs.openbsd.org 2001/12/28 15:06:00 - [auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c] - [dispatch.h kex.c kex.h serverloop.c ssh.c sshconnect2.c] - remove plen from the dispatch fn. it's no longer used. - - stevesk@cvs.openbsd.org 2001/12/28 22:37:48 - [ssh.1 sshd.8] - document LogLevel DEBUG[123]; ok markus@ - - stevesk@cvs.openbsd.org 2001/12/29 21:56:01 - [authfile.c channels.c compress.c packet.c sftp-server.c] - [ssh-agent.c ssh-keygen.c] - remove unneeded casts and some char->u_char cleanup; ok markus@ - - stevesk@cvs.openbsd.org 2002/01/03 04:11:08 - [ssh_config] - grammar in comment - - stevesk@cvs.openbsd.org 2002/01/04 17:59:17 - [readconf.c servconf.c] - remove #ifdef _PATH_XAUTH/#endif; ok markus@ - - stevesk@cvs.openbsd.org 2002/01/04 18:14:16 - [servconf.c sshd.8] - protocol 2 HostKey code default is now /etc/ssh_host_rsa_key and - /etc/ssh_host_dsa_key like we have in sshd_config. ok markus@ - - markus@cvs.openbsd.org 2002/01/05 10:43:40 - [channels.c] - fix hanging x11 channels for rejected cookies (e.g. - XAUTHORITY=/dev/null xbiff) bug #36, based on patch from - djast@cs.toronto.edu - - stevesk@cvs.openbsd.org 2002/01/05 21:51:56 - [ssh.1 sshd.8] - some missing and misplaced periods - - markus@cvs.openbsd.org 2002/01/09 13:49:27 - [ssh-keygen.c] - append \n only for public keys - - markus@cvs.openbsd.org 2002/01/09 17:16:00 - [channels.c] - merge channel_pre_open_15/channel_pre_open_20; ok provos@ - - markus@cvs.openbsd.org 2002/01/09 17:26:35 - [channels.c nchan.c] - replace buffer_consume(b, buffer_len(b)) with buffer_clear(b); - ok provos@ - - markus@cvs.openbsd.org 2002/01/10 11:13:29 - [serverloop.c] - skip client_alive_check until there are channels; ok beck@ - - markus@cvs.openbsd.org 2002/01/10 11:24:04 - [clientloop.c] - handle SSH2_MSG_GLOBAL_REQUEST (just reply with failure); ok djm@ - - markus@cvs.openbsd.org 2002/01/10 12:38:26 - [nchan.c] - remove dead code (skip drain) - - markus@cvs.openbsd.org 2002/01/10 12:47:59 - [nchan.c] - more unused code (with channels.c:1.156) - - markus@cvs.openbsd.org 2002/01/11 10:31:05 - [packet.c] - handle received SSH2_MSG_UNIMPLEMENTED messages; ok djm@ - - markus@cvs.openbsd.org 2002/01/11 13:36:43 - [ssh2.h] - add defines for msg type ranges - - markus@cvs.openbsd.org 2002/01/11 13:39:36 - [auth2.c dispatch.c dispatch.h kex.c] - a single dispatch_protocol_error() that sends a message of - type 'UNIMPLEMENTED' - dispatch_range(): set handler for a ranges message types - use dispatch_protocol_ignore() for authentication requests after - successful authentication (the drafts requirement). - serverloop/clientloop now send a 'UNIMPLEMENTED' message instead - of exiting. - - markus@cvs.openbsd.org 2002/01/11 20:14:11 - [auth2-chall.c auth-skey.c] - use strlcpy not strlcat; mouring@ - - markus@cvs.openbsd.org 2002/01/11 23:02:18 - [readpass.c] - use _PATH_TTY - - markus@cvs.openbsd.org 2002/01/11 23:02:51 - [auth2-chall.c] - use snprintf; mouring@ - - markus@cvs.openbsd.org 2002/01/11 23:26:30 - [auth-skey.c] - use snprintf; mouring@ - - markus@cvs.openbsd.org 2002/01/12 13:10:29 - [auth-skey.c] - undo local change - - provos@cvs.openbsd.org 2002/01/13 17:27:07 - [ssh-agent.c] - change to use queue.h macros; okay markus@ - - markus@cvs.openbsd.org 2002/01/13 17:57:37 - [auth2.c auth2-chall.c compat.c sshconnect2.c sshd.c] - use buffer API and avoid static strings of fixed size; - ok provos@/mouring@ - - markus@cvs.openbsd.org 2002/01/13 21:31:20 - [channels.h nchan.c] - add chan_set_[io]state(), order states, state is now an u_int, - simplifies debugging messages; ok provos@ - - markus@cvs.openbsd.org 2002/01/14 13:22:35 - [nchan.c] - chan_send_oclose1() no longer calls chan_shutdown_write(); ok provos@ - - markus@cvs.openbsd.org 2002/01/14 13:34:07 - [nchan.c] - merge chan_[io]buf_empty[12]; ok provos@ - - markus@cvs.openbsd.org 2002/01/14 13:40:10 - [nchan.c] - correct fn names for ssh2, do not switch from closed to closed; + - itojun@cvs.openbsd.org 2002/05/13 02:37:39 + [auth-skey.c auth2.c] + less warnings. skey_{respond,query} are public (in auth.h) + - markus@cvs.openbsd.org 2002/05/13 20:44:58 + [auth-options.c auth.c auth.h] + move the packet_send_debug handling from auth-options.c to auth.c; ok provos@ - - markus@cvs.openbsd.org 2002/01/14 13:41:13 - [nchan.c] - remove duplicated code; ok provos@ - - markus@cvs.openbsd.org 2002/01/14 13:55:55 - [channels.c channels.h nchan.c] - remove function pointers for events, remove chan_init*; ok provos@ - - markus@cvs.openbsd.org 2002/01/14 13:57:03 - [channels.h nchan.c] - (c) 2002 - - markus@cvs.openbsd.org 2002/01/16 13:17:51 - [channels.c channels.h serverloop.c ssh.c] - wrapper for channel_setup_fwd_listener - - stevesk@cvs.openbsd.org 2002/01/16 17:40:23 - [sshd_config] - The stategy now used for options in the default sshd_config shipped - with OpenSSH is to specify options with their default value where - possible, but leave them commented. Uncommented options change a - default value. Subsystem is currently the only default option - changed. ok markus@ - - stevesk@cvs.openbsd.org 2002/01/16 17:42:33 - [ssh.1] - correct defaults for -i/IdentityFile; ok markus@ - - stevesk@cvs.openbsd.org 2002/01/16 17:55:33 - [ssh_config] - correct some commented defaults. add Ciphers default. ok markus@ - - stevesk@cvs.openbsd.org 2002/01/17 04:27:37 - [log.c] - casts to silence enum type warnings for bugzilla bug 37; ok markus@ - - stevesk@cvs.openbsd.org 2002/01/18 17:14:16 - [sshd.8] - correct Ciphers default; paola.mannaro@ubs.com - - stevesk@cvs.openbsd.org 2002/01/18 18:14:17 - [authfd.c bufaux.c buffer.c cipher.c packet.c ssh-agent.c ssh-keygen.c] - unneeded cast cleanup; ok markus@ - - stevesk@cvs.openbsd.org 2002/01/18 20:46:34 - [sshd.8] - clarify Allow(Groups|Users) and Deny(Groups|Users); suggestion from - allard@oceanpark.com; ok markus@ - - markus@cvs.openbsd.org 2002/01/21 15:13:51 - [sshconnect.c] - use read_passphrase+ECHO in confirm(), allows use of ssh-askpass - for hostkey confirm. - - markus@cvs.openbsd.org 2002/01/21 22:30:12 - [cipher.c compat.c myproposal.h] - remove "rijndael-*", just use "aes-" since this how rijndael is called - in the drafts; ok stevesk@ - - markus@cvs.openbsd.org 2002/01/21 23:27:10 - [channels.c nchan.c] - cleanup channels faster if the are empty and we are in drain-state; - ok deraadt@ - - stevesk@cvs.openbsd.org 2002/01/22 02:52:41 - [servconf.c] - typo in error message; from djast@cs.toronto.edu - - (djm) Make auth2-pam.c compile again after dispatch.h and packet.h - changes - - (djm) Recent Glibc includes an incompatible sys/queue.h. Treat it as - bogus in configure - - (djm) Use local sys/queue.h if necessary in ssh-agent.c - -20020121 - - (djm) Rework ssh-rand-helper: - - Reduce quantity of ifdef code, in preparation for ssh_rand_conf - - Always seed from system calls, even when doing PRNGd seeding - - Tidy and comment #define knobs - - Remove unused facility for multiple runs through command list - - KNF, cleanup, update copyright - -20020114 - - (djm) Bug #50 - make autoconf entropy path checks more robust - -20020108 - - (djm) Merge Cygwin copy_environment with do_pam_environment, removing - fixed env var size limit in the process. Report from Corinna Vinschen - - - (stevesk) defines.h: use "/var/spool/sockets/X11/%u" for HP-UX. does - not depend on transition links. from Lutz Jaenicke. - -20020106 - - (stevesk) defines.h: determine _PATH_UNIX_X; currently "/tmp/.X11-unix/X%u" - for all platforms except HP-UX, which is "/usr/spool/sockets/X11/%u". - -20020105 - - (bal) NCR requies use_pipes to operate correctly. - - (stevesk) fix spurious ; from NCR change. - -20020103 - - (djm) Use bigcrypt() on systems with SCO_PROTECTED_PW. Patch from - Roger Cornelius - -20011229 - - (djm) Apply Cygwin pointer deref fix from Corinna Vinschen - Could be abused to guess valid usernames - - (djm) Typo in contrib/cygwin/README Fix from Corinna Vinschen - - -20011228 - - (djm) Remove recommendation to use GNU make, we should support most - make programs. - -20011225 - - (stevesk) [Makefile.in ssh-rand-helper.c] - portable lib and __progname support for ssh-rand-helper; ok djm@ - -20011223 - - (bal) Removed contrib/chroot.diff and noted in contrib/README that it - was not being maintained. - -20011222 - - (djm) Ignore fix & patchlevel in OpenSSL version check. Patch from - solar@openwall.com - - (djm) Rework entropy code. If the OpenSSL PRNG is has not been - internally seeded, execute a subprogram "ssh-rand-helper" to obtain - some entropy for us. Rewrite the old in-process entropy collecter as - an example ssh-rand-helper. - - (djm) Always perform ssh_prng_cmds path lookups in configure, even if - we don't end up using ssh_prng_cmds (so we always get a valid file) - -20011221 - - (djm) Add option to gnome-ssh-askpass to stop it from grabbing the X - server. I have found this necessary to avoid server hangs with X input - extensions (e.g. kinput2). Enable by setting the environment variable - "GNOME_SSH_ASKPASS_NOGRAB" - - OpenBSD CVS Sync - - stevesk@cvs.openbsd.org 2001/12/08 17:49:28 - [channels.c pathnames.h] - use only one path to X11 UNIX domain socket vs. an array of paths - to try. report from djast@cs.toronto.edu. ok markus@ - - markus@cvs.openbsd.org 2001/12/09 18:45:56 - [auth2.c auth2-chall.c auth.h] - add auth2_challenge_stop(), simplifies cleanup of kbd-int sessions, - fixes memleak. - - stevesk@cvs.openbsd.org 2001/12/10 16:45:04 + - millert@cvs.openbsd.org 2002/05/13 15:53:19 [sshd.c] - possible fd leak on error; ok markus@ - - markus@cvs.openbsd.org 2001/12/10 20:34:31 - [ssh-keyscan.c] - check that server supports v1 for -t rsa1, report from wirth@dfki.de - - jakob@cvs.openbsd.org 2001/12/18 10:04:21 - [auth.h hostfile.c hostfile.h] - remove auth_rsa_read_key, make hostfile_ready_key non static; ok markus@ - - jakob@cvs.openbsd.org 2001/12/18 10:05:15 - [auth2.c] - log fingerprint on successful public key authentication; ok markus@ - - jakob@cvs.openbsd.org 2001/12/18 10:06:24 - [auth-rsa.c] - log fingerprint on successful public key authentication, simplify - usage of key structs; ok markus@ - - deraadt@cvs.openbsd.org 2001/12/19 07:18:56 - [auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h] - [auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c] - [cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c] - [match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c] - [servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c] - [sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c] - [sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config] - [ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c] - basic KNF done while i was looking for something else - - markus@cvs.openbsd.org 2001/12/19 16:09:39 - [serverloop.c] - fix race between SIGCHLD and select with an additional pipe. writing - to the pipe on SIGCHLD wakes up select(). using pselect() is not - portable and siglongjmp() ugly. W. R. Stevens suggests similar solution. - initial idea by pmenage@ensim.com; ok deraadt@, djm@ - - stevesk@cvs.openbsd.org 2001/12/19 17:16:13 - [authfile.c bufaux.c bufaux.h buffer.c buffer.h packet.c packet.h ssh.c] - change the buffer/packet interface to use void* vs. char*; ok markus@ - - markus@cvs.openbsd.org 2001/12/20 16:37:29 - [channels.c channels.h session.c] - setup x11 listen socket for just one connect if the client requests so. - (v2 only, but the openssh client does not support this feature). - - djm@cvs.openbsd.org 2001/12/20 22:50:24 - [auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c] - [dispatch.h kex.c kex.h packet.c packet.h serverloop.c ssh.c] - [sshconnect2.c] - Conformance fix: we should send failing packet sequence number when - responding with a SSH_MSG_UNIMPLEMENTED message. Spotted by - yakk@yakk.dot.net; ok markus@ - -20011219 - - (stevesk) OpenBSD CVS sync X11 localhost display - - stevesk@cvs.openbsd.org 2001/11/29 14:10:51 - [channels.h channels.c session.c] - sshd X11 fake server will now listen on localhost by default: - $ echo $DISPLAY - localhost:12.0 - $ netstat -an|grep 6012 - tcp 0 0 127.0.0.1.6012 *.* LISTEN - tcp6 0 0 ::1.6012 *.* LISTEN - sshd_config gatewayports=yes can be used to revert back to the old - behavior. will control this with another option later. ok markus@ - - stevesk@cvs.openbsd.org 2001/12/19 08:43:11 - [includes.h session.c] - handle utsname.nodename case for FamilyLocal X authorization; ok markus@ - -20011207 - - (bal) PCRE no longer required. Banished from the source along with - fake-regex.h - - (bal) OpenBSD CVS Sync - - stevesk@cvs.openbsd.org 2001/12/06 18:02:32 - [channels.c sshconnect.c] - shutdown(sock, SHUT_RDWR) not needed here; ok markus@ - - stevesk@cvs.openbsd.org 2001/12/06 18:09:23 - [channels.c session.c] - strncpy->strlcpy. remaining strncpy's are necessary. ok markus@ - - stevesk@cvs.openbsd.org 2001/12/06 18:20:32 - [channels.c] - disable nagle for X11 fake server and client TCPs. from netbsd. - ok markus@ - -20011206 + Call setsid() in the child after sshd accepts the connection and forks. + This is needed for privsep which calls setlogin() when it changes uids. + Without this, there is a race where the login name of an existing + connection, as returned by getlogin(), may be changed to the privsep + user (sshd). markus@ OK + - markus@cvs.openbsd.org 2002/05/13 21:26:49 + [auth-rhosts.c] + handle debug messages during rhosts-rsa and hostbased authentication; + ok provos@ + - mouring@cvs.openbsd.org 2002/05/15 15:47:49 + [kex.c monitor.c monitor_wrap.c sshd.c] + 'monitor' variable clashes with at least one lame platform (NeXT). i + Renamed to 'pmonitor'. provos@ + - deraadt@cvs.openbsd.org 2002/05/04 02:39:35 + [servconf.c sshd.8 sshd_config] + enable privsep by default; provos ok + - millert@cvs.openbsd.org 2002/05/06 23:34:33 + [ssh.1 sshd.8] + Kill/adjust r(login|exec)d? references now that those are no longer in + the tree. + - markus@cvs.openbsd.org 2002/05/15 21:02:53 + [servconf.c sshd.8 sshd_config] + disable privsep and enable setuid for the 3.2.2 release + - (bal) Fixed up PAM case. I think. + - (bal) Clarified openbsd-compat/*-cray.* Licence provided by Wendy - (bal) OpenBSD CVS Sync - - deraadt@cvs.openbsd.org 2001/11/14 20:45:08 - [sshd.c] - errno saving wrapping in a signal handler - - markus@cvs.openbsd.org 2001/11/16 12:46:13 - [ssh-keyscan.c] - handle empty lines instead of dumping core; report from sha@sha-1.net - - stevesk@cvs.openbsd.org 2001/11/17 19:14:34 - [auth2.c auth.c readconf.c servconf.c ssh-agent.c ssh-keygen.c] - enum/int type cleanup where it made sense to do so; ok markus@ - - markus@cvs.openbsd.org 2001/11/19 11:20:21 - [sshd.c] - fd leak on HUP; ok stevesk@ - - stevesk@cvs.openbsd.org 2001/11/19 18:40:46 - [ssh-agent.1] - clarify/state that private keys are not exposed to clients using the - agent; ok markus@ - - mpech@cvs.openbsd.org 2001/11/19 19:02:16 - [deattack.c radix.c] - kill more registers - millert@ ok - - markus@cvs.openbsd.org 2001/11/21 15:51:24 - [key.c] - mem leak - - stevesk@cvs.openbsd.org 2001/11/21 18:49:14 - [ssh-keygen.1] - more on passphrase construction; ok markus@ - - stevesk@cvs.openbsd.org 2001/11/22 05:27:29 - [ssh-keyscan.c] - don't use "\n" in fatal() - - markus@cvs.openbsd.org 2001/11/22 12:34:22 - [clientloop.c serverloop.c sshd.c] - volatile sig_atomic_t - - stevesk@cvs.openbsd.org 2001/11/29 19:06:39 - [channels.h] - remove dead function prototype; ok markus@ - - markus@cvs.openbsd.org 2001/11/29 22:08:48 - [auth-rsa.c] - fix protocol error: send 'failed' message instead of a 2nd challenge - (happens if the same key is in authorized_keys twice). - reported Ralf_Meister@genua.de; ok djm@ - - stevesk@cvs.openbsd.org 2001/11/30 20:39:28 - [ssh.c] - sscanf() length dependencies are clearer now; can also shrink proto - and data if desired, but i have not done that. ok markus@ - - markus@cvs.openbsd.org 2001/12/01 21:41:48 - [session.c sshd.8] - don't pass user defined variables to /usr/bin/login - - deraadt@cvs.openbsd.org 2001/12/02 02:08:32 - [sftp-common.c] - zap }; - - itojun@cvs.openbsd.org 2001/12/05 03:50:01 - [clientloop.c serverloop.c sshd.c] - deal with LP64 printf issue with sig_atomic_t. from thorpej - - itojun@cvs.openbsd.org 2001/12/05 03:56:39 - [auth1.c auth2.c canohost.c channels.c deattack.c packet.c scp.c - sshconnect2.c] - make it compile with more strict prototype checking - - deraadt@cvs.openbsd.org 2001/12/05 10:06:12 - [authfd.c authfile.c bufaux.c channels.c compat.c kex.c kexgex.c - key.c misc.c packet.c servconf.c ssh-agent.c sshconnect2.c - sshconnect.c sshd.c ssh-dss.c ssh-keygen.c ssh-rsa.c] - minor KNF - - markus@cvs.openbsd.org 2001/12/05 15:04:48 + - markus@cvs.openbsd.org 2002/05/15 21:05:29 [version.h] - post 3.0.2 - - markus@cvs.openbsd.org 2001/12/05 16:54:51 - [compat.c match.c match.h] - make theo and djm happy: bye bye regexp - - markus@cvs.openbsd.org 2001/12/06 13:30:06 - [servconf.c servconf.h sshd.8 sshd.c] - add -o to sshd, too. ok deraadt@ - - (bal) Minor white space fix up in servconf.c - -20011126 - - (tim) [contrib/cygwin/README, openbsd-compat/bsd-cygwin_util.c, - openbsd-compat/bsd-cygwin_util.h, openbsd-compat/daemon.c] - Allow SSHD to install as service under WIndows 9x/Me - [configure.ac] Fix to allow linking against PCRE on Cygwin - Patches by Corinna Vinschen + enter OpenSSH_3.2.2 + - (bal) Caldara, Suse, and Redhat openssh.specs updated. -20011115 - - (djm) Fix IPv4 default in ssh-keyscan. Spotted by Dan Astoorian - Fix from markus@ - - (djm) Release 3.0.1p1 +20020514 + - (stevesk) [README.privsep] PAM+privsep works with Solaris 8. + - (tim) [sshpty.c] set tty modes when allocating old style bsd ptys to + match what newer style ptys have when allocated. Based on a patch by + Roger Cornelius + - (tim) [README.privsep] UnixWare 7 and OpenUNIX 8 work. + - (tim) [README.privsep] remove reference to UnixWare 7 and OpenUNIX 8 + from PAM-enabled pragraph. UnixWare has no PAM. + - (tim) [contrib/caldera/openssh.spec] update version. + +20020513 + - (stevesk) add initial README.privsep + - (stevesk) [configure.ac] nicer message: --with-privsep-user=user + - (djm) Add --with-superuser-path=xxx configure option to specify + what $PATH the superuser receives. + - (djm) Bug #231: UsePrivilegeSeparation turns off Banner. + - (djm) Add --with-privsep-path configure option + - (djm) Update RPM spec file: different superuser path, use + /var/empty/sshd for privsep + - (djm) Bug #234: missing readpassphrase declaration and defines + - (djm) Add INSTALL warning about SSH protocol 1 blowfish w/ + OpenSSL < 0.9.6 + +20020511 + - (tim) [configure.ac] applied a rework of djm's OpenSSL search cleanup patch. + Now only searches system and /usr/local/ssl (OpenSSL's default install path) + Others must use --with-ssl-dir=.... + - (tim) [monitor_fdpass.c] fix for systems that have both + HAVE_ACCRIGHTS_IN_MSGHDR and HAVE_CONTROL_IN_MSGHDR. Ie. sys/socket.h + has #define msg_accrights msg_control + +20020510 + - (stevesk) [auth.c] Shadow account and expiration cleanup. Now + check for root forced expire. Still don't check for inactive. + - (djm) Rework RedHat RPM files. Based on spec from Nalin + Dahyabhai and patches from + Pekka Savola + - (djm) Try to drop supplemental groups at daemon startup. Patch from + RedHat + - (bal) Back all the way out of auth-passwd.c changes. Breaks too many + things that don't set pw->pw_passwd. + +20020509 + - (tim) [Makefile.in] Unbreak make -f Makefile.in distprep + +20020508 + - (tim) [openbsd-compat/bsd-arc4random.c] fix logic on when seed_rng() is + called. Report by Chris Maxwell + - (tim) [Makefile.in configure.ac] set SHELL variable in Makefile + - (djm) Disable PAM kbd-int auth if privsep is turned on (it doesn't work) + +20020507 + - (tim) [configure.ac openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h] + Add truncate() emulation to address Bug 208 + +20020506 + - (djm) Unbreak auth-passwd.c for PAM and SIA + - (djm) Unbreak PAM auth for protocol 1. Report from Pekka Savola + + - (djm) Don't reinitialise PAM credentials before we have started PAM. + Report from Pekka Savola + +20020506 + - (bal) Fixed auth-passwd.c to resolve PermitEmptyPassword issue + +20020501 + - (djm) Import OpenBSD regression tests. Requires BSD make to run + - (djm) Fix readpassphase compilation for systems which have it + +20020429 + - (tim) [contrib/caldera/openssh.spec] update fixUP to reflect changes in + sshd_config. + - (tim) [contrib/cygwin/README] remove reference to regex. + patch from Corinna Vinschen + +20020426 + - (djm) Bug #137, #209: fix make problems for scard/Ssh.bin, do uudecode + during distprep only + - (djm) Disable PAM password expiry until a complete fix for bug #188 + exists + - (djm) Bug #180: Set ToS bits on IPv4-in-IPv6 mapped addresses. Based on + patch from openssh@misc.tecq.org + +20020425 + - (stevesk) [defines.h] remove USE_TIMEVAL; unused + - (stevesk) [acconfig.h auth-passwd.c configure.ac sshd.c] HP-UX 10.26 + support. bug #184. most from dcole@keysoftsys.com. -20011113 - - (djm) Fix early (and double) free of remote user when using Kerberos. - Patch from Simon Wilkinson - - (djm) AIX login{success,failed} changes. Move loginsuccess call to - do_authenticated. Call loginfailed for protocol 2 failures > MAX like - we do for protocol 1. Reports from Ralf Wenk , - K.Wolkersdorfer@fz-juelich.de and others +20020424 - (djm) OpenBSD CVS Sync - - dugsong@cvs.openbsd.org 2001/11/11 18:47:10 - [auth-krb5.c] - fix krb5 authorization check. found by . from - art@, deraadt@ ok - - markus@cvs.openbsd.org 2001/11/12 11:17:07 - [servconf.c] - enable authorized_keys2 again. tested by fries@ - - markus@cvs.openbsd.org 2001/11/13 02:03:57 + - markus@cvs.openbsd.org 2002/04/23 12:54:10 [version.h] - enter 3.0.1 - - (djm) Bump RPM package versions - -20011112 - - (djm) Makefile correctness fix from Mark D. Baushke - - (djm) Cygwin config patch from Corinna Vinschen - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/10/24 08:41:41 - [sshd.c] - mention remote port in debug message - - markus@cvs.openbsd.org 2001/10/24 08:41:20 - [ssh.c] - remove unused - - markus@cvs.openbsd.org 2001/10/24 08:51:35 - [clientloop.c ssh.c] - ignore SIGPIPE early, makes ssh work if agent dies, netbsd-pr via itojun@ - - markus@cvs.openbsd.org 2001/10/24 19:57:40 - [clientloop.c] - make ~& (backgrounding) work again for proto v1; add support ~& for v2, too - - markus@cvs.openbsd.org 2001/10/25 21:14:32 - [ssh-keygen.1 ssh-keygen.c] - better docu for fingerprinting, ok deraadt@ - - markus@cvs.openbsd.org 2001/10/29 19:27:15 - [sshconnect2.c] - hostbased: check for client hostkey before building chost - - markus@cvs.openbsd.org 2001/10/30 20:29:09 - [ssh.1] - ssh.1 - - markus@cvs.openbsd.org 2001/11/07 16:03:17 - [packet.c packet.h sshconnect2.c] - pad using the padding field from the ssh2 packet instead of sending - extra ignore messages. tested against several other ssh servers. - - markus@cvs.openbsd.org 2001/11/07 21:40:21 - [ssh-rsa.c] - ssh_rsa_sign/verify: SSH_BUG_SIGBLOB not supported - - markus@cvs.openbsd.org 2001/11/07 22:10:28 - [ssh-dss.c ssh-rsa.c] - missing free and sync dss/rsa code. - - markus@cvs.openbsd.org 2001/11/07 22:12:01 - [sshd.8] - s/Keepalive/KeepAlive/; from openbsd@davidkrause.com - - markus@cvs.openbsd.org 2001/11/07 22:41:51 - [auth2.c auth-rh-rsa.c] - unused includes - - markus@cvs.openbsd.org 2001/11/07 22:53:21 - [channels.h] - crank c->path to 256 so they can hold a full hostname; dwd@bell-labs.com - - markus@cvs.openbsd.org 2001/11/08 10:51:08 - [readpass.c] - don't strdup too much data; from gotoh@taiyo.co.jp; ok millert. - - markus@cvs.openbsd.org 2001/11/08 17:49:53 - [ssh.1] - mention setuid root requirements; noted by cnorris@csc.UVic.ca; ok stevesk@ - - markus@cvs.openbsd.org 2001/11/08 20:02:24 - [auth.c] - don't print ROOT in CAPS for the authentication messages, i.e. - Accepted publickey for ROOT from 127.0.0.1 port 42734 ssh2 - becomes - Accepted publickey for root from 127.0.0.1 port 42734 ssh2 - - markus@cvs.openbsd.org 2001/11/09 18:59:23 - [clientloop.c serverloop.c] - don't memset too much memory, ok millert@ - original patch from jlk@kamens.brookline.ma.us via nalin@redhat.com - - markus@cvs.openbsd.org 2001/11/10 13:19:45 - [sshd.c] - cleanup libwrap support (remove bogus comment, bogus close(), add - debug, etc). - - markus@cvs.openbsd.org 2001/11/10 13:22:42 - [ssh-rsa.c] - KNF (unexpand) - - markus@cvs.openbsd.org 2001/11/10 13:37:20 - [packet.c] - remove extra debug() - - markus@cvs.openbsd.org 2001/11/11 13:02:31 - [servconf.c] - make AuthorizedKeysFile2 fallback to AuthorizedKeysFile if - AuthorizedKeysFile is specified. - - (djm) Reorder portable-specific server options so that they come first. - This should help reduce diff collisions for new server options (as they - will appear at the end) - -20011109 - - (stevesk) auth-pam.c: use do_pam_authenticate(PAM_DISALLOW_NULL_AUTHTOK) - if permit_empty_passwd == 0 so null password check cannot be bypassed. - jayaraj@amritapuri.com OpenBSD bug 2168 - - markus@cvs.openbsd.org 2001/11/09 19:08:35 + 3.2.1 + - djm@cvs.openbsd.org 2002/04/23 22:16:29 [sshd.c] - remove extra trailing dot from log message; pilot@naughty.monkey.org - -20011103 - - (tim) [ contrib/caldera/openssh.spec contrib/caldera/sshd.init] Updates - from Raymund Will - [acconfig.h configure.in] Clean up login checks. - Problem reported by Jim Knoble - -20011101 - - (djm) Compat define for OpenSSL < 0.9.6 (No OPENSSL_free) - -20011031 - - (djm) Unsmoke drugs: config files should be noreplace. - -20011030 - - (djm) Redhat RPM spec: remove noreplace from config files, allow IPv6 - by default (can force IPv4 using --define "noipv6 1") - -20011029 - - (tim) [TODO defines.h loginrec.c] Change the references to configure.in - to configure.ac - -20011028 - - (djm) Avoid bug in Solaris PAM libs - - (djm) Disconnect if no tty and PAM reports password expired - - (djm) Fix for PAM password changes being echoed (from stevesk) - - (stevesk) Fix compile problem with PAM password change fix - - (stevesk) README: zlib location is http://www.gzip.org/zlib/ - -20011027 - - (tim) [configure.ac] Fixes for ReliantUNIX (don't use libucb) - Patch by Robert Dahlem - -20011026 - - (bal) Set the correct current time in login_utmp_only(). Patch by - Wayne Davison - - (tim) [scard/Makefile.in] Fix install: when building outside of source - tree and using --src=/full_path/to/openssh - Patch by Mark D. Baushke - -20011025 - - (bal) Use VDISABLE if _POSIX_VDISABLE is set in readpassphrase.c. Patch - by todd@ - - (tim) [configure.ac] Give path given in --with-xxx= for pcre,zlib, and - tcp-wrappers precedence over system libraries and includes. - Report from Dave Dykstra - -20011024 - - (bal) Should be 3.0p1 not 3.0p2. Corrected version.h already. - - (tim) configure.in -> configure.ac + Improve error message; ok markus@ stevesk@ -20011023 - - (bal) Updated version to 3.0p1 in preparing for release. - - (bal) Added 'PAM_TTY_KLUDGE' to Solaris platform. - - (tim) [configure.in] Fix test for broken dirname. Based on patch from - Dave Dykstra . Remove un-needed test for zlib.h. - [contrib/caldera/openssh.spec, contrib/redhat/openssh.spec, - contrib/suse/openssh.spec] Update version to match version.h - -20011022 - - (djm) Fix fd leak in loginrec.c (ro fd to lastlog was left open). - Report from Michal Zalewski - -20011021 - - (tim) [configure.in] Clean up library testing. Add optional PATH to - --with-pcre, --with-zlib, and --with-tcp-wrappers. Based on - patch by albert chin (china@thewrittenword.com) - Re-arange AC_CHECK_HEADERS and AC_CHECK_FUNCS for eaiser reading - of patches to configure.in. Replace obsolete AC_STRUCT_ST_BLKSIZE - with AC_CHECK_MEMBERS. Add test for broken dirname() on - Solaris 2.5.1 by Dan Astoorian - [acconfig.h aclocal.m4 defines.h configure.in] Better socklen_t test. - patch by albert chin (china@thewrittenword.com) - [scp.c] Replace obsolete HAVE_ST_BLKSIZE with - HAVE_STRUCT_STAT_ST_BLKSIZE. - [Makefile.in] When running make in top level, always do make - in openbsd-compat. patch by Dave Dykstra - -20011019 - - (bal) Fixed up init.d symlink issue and piddir stuff. Patches by - Zoran Milojevic and j.petersen@msh.de - -20011012 - - (djm) OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/10/10 22:18:47 - [channels.c channels.h clientloop.c nchan.c serverloop.c] - [session.c session.h] - try to keep channels open until an exit-status message is sent. - don't kill the login shells if the shells stdin/out/err is closed. - this should now work: - ssh -2n localhost 'exec > /dev/null 2>&1; sleep 10; exit 5'; echo ? - - markus@cvs.openbsd.org 2001/10/11 13:45:21 - [session.c] - delay detach of session if a channel gets closed but the child is - still alive. however, release pty, since the fd's to the child are - already closed. - - markus@cvs.openbsd.org 2001/10/11 15:24:00 - [clientloop.c] - clear select masks if we return before calling select(). - - (djm) "make veryclean" fix from Tom Holroyd - - (djm) Clean some autoconf-2.52 junk when doing "make distclean" - - (djm) Cleanup sshpty.c a little - - (bal) First wave of contrib/solaris/ package upgrades. Still more - work needs to be done, but it is a 190% better then the stuff we - had before! - - (bal) Minor bug fix in contrib/solaris/opensshd.in .. $etcdir was not - set right. +20020423 + - (stevesk) [acconfig.h configure.ac session.c] LOGIN_NO_ENDOPT for HP-UX + - (stevesk) [acconfig.h] NEED_IN_SYSTM_H unused + - (markus) OpenBSD CVS Sync + - markus@cvs.openbsd.org 2002/04/23 12:58:26 + [radix.c] + send complete ticket; semerad@ss1000.ms.mff.cuni.cz + - (djm) Trim ChangeLog to include only post-3.1 changes + - (djm) Update RPM spec file versions + - (djm) Redhat spec enables KrbV by default + - (djm) Applied OpenSC smartcard updates from Markus & + Antti Tapaninen + - (djm) Define BROKEN_REALPATH for AIX, patch from + Antti Tapaninen + - (djm) Bug #214: Fix utmp for Irix (don't strip "tty"). Patch from + Kevin Taylor (??) via Philipp Grau + + - (djm) Bug #213: Simplify CMSG_ALIGN macros to avoid symbol clashes. + Reported by Doug Manton + - (djm) Bug #222: Fix tests for getaddrinfo on OSF/1. Spotted by + Robert Urban + - (djm) Bug #206 - blibpath isn't always needed for AIX ld, avoid + sizeof(long long int) == 4 breakage. Patch from Matthew Clarke + + - (djm) Make privsep work with PAM (still experimental) + - (djm) OpenBSD CVS Sync + - deraadt@cvs.openbsd.org 2002/04/20 09:02:03 + [servconf.c] + No, afs requires explicit enabling + - markus@cvs.openbsd.org 2002/04/20 09:14:58 + [bufaux.c bufaux.h] + add buffer_{get,put}_short + - markus@cvs.openbsd.org 2002/04/20 09:17:19 + [radix.c] + rewrite using the buffer_* API, fixes overflow; ok deraadt@ + - stevesk@cvs.openbsd.org 2002/04/21 16:19:27 + [sshd.8 sshd_config] + document default AFSTokenPassing no; ok deraadt@ + - stevesk@cvs.openbsd.org 2002/04/21 16:25:06 + [sshconnect1.c] + spelling in error message; ok markus@ + - markus@cvs.openbsd.org 2002/04/22 06:15:47 + [radix.c] + fix check for overflow + - markus@cvs.openbsd.org 2002/04/22 16:16:53 + [servconf.c sshd.8 sshd_config] + do not auto-enable KerberosAuthentication; ok djm@, provos@, deraadt@ + - markus@cvs.openbsd.org 2002/04/22 21:04:52 + [channels.c clientloop.c clientloop.h ssh.c] + request reply (success/failure) for -R style fwd in protocol v2, + depends on ordered replies. + fixes http://bugzilla.mindrot.org/show_bug.cgi?id=215; ok provos@ + +20020421 + - (tim) [entropy.c.] Portability fix for SCO Unix 3.2v4.x (SCO OSR 3.0). + entropy.c needs seteuid(getuid()) for the setuid(original_uid) to + succeed. Patch by gert@greenie.muc.de. This fixes one part of Bug 208 + +20020418 + - (djm) Avoid SIGCHLD breakage when run from rsync. Fix from + Sturle Sunde + +20020417 + - (djm) Tell users to configure /dev/random support into OpenSSL in + INSTALL + - (djm) Fix .Nm in mdoc2man.pl from pspencer@fields.utoronto.ca + - (tim) [configure.ac] Issue warning on --with-default-path=/some_path + if LOGIN_CAP is enabled. Report & testing by Tuc + +20020415 + - (djm) Unbreak "make install". Fix from Darren Tucker + + - (stevesk) bsd-cygwin_util.[ch] BSD license from Corinna Vinschen + - (tim) [configure.ac] add tests for recvmsg and sendmsg. + [monitor_fdpass.c] add checks for HAVE_SENDMSG and HAVE_RECVMSG for + systems that HAVE_ACCRIGHTS_IN_MSGHDR but no recvmsg or sendmsg. + +20020414 + - (djm) ssh-rand-helper improvements + - Add commandline debugging options + - Don't write binary data if stdout is a tty (use hex instead) + - Give it a manpage + - (djm) Random number collection doc fixes from Ben + +20020413 + - (djm) Add KrbV support patch from Simon Wilkinson + +20020412 + - (stevesk) [auth-sia.[ch]] add BSD license from Chris Adams + - (tim) [configure.ac] add to msghdr tests. Change -L + to -h on testing for /bin being symbolic link + - (bal) Mistaken in Cygwin scripts for ssh starting. Patch by + Corinna Vinschen + - (bal) disable privsep if no MAP_ANON. We can re-enable it + after the release when we can do more testing. + +20020411 + - (stevesk) [auth-sia.c] cleanup + - (tim) [acconfig.h defines.h includes.h] put includes in includes.h and + defines in defines.h [rijndael.c openbsd-compat/fake-socket.h + openbsd-compat/inet_aton.c] include "includes.h" instead of "config.h" + ok stevesk@ + +20020410 + - (stevesk) [configure.ac monitor.c] HAVE_SOCKETPAIR + - (stevesk) [auth-sia.c] compile fix Chris Adams + - (bal) OpenBSD CVS Sync + - markus@cvs.openbsd.org 2002/04/10 08:21:47 + [auth1.c compat.c compat.h] + strip '@' from username only for KerbV and known broken clients, + bug #204 + - markus@cvs.openbsd.org 2002/04/10 08:56:01 + [version.h] + OpenSSH_3.2 + - Added p1 to idenify Portable release version. -20011010 - - (djm) OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/10/04 14:34:16 - [key.c] - call OPENSSL_free() for memory allocated by openssl; from chombier@mac.com - - markus@cvs.openbsd.org 2001/10/04 15:05:40 - [channels.c serverloop.c] - comment out bogus conditions for selecting on connection_in - - markus@cvs.openbsd.org 2001/10/04 15:12:37 - [serverloop.c] - client_alive_check cleanup - - markus@cvs.openbsd.org 2001/10/06 00:14:50 - [sshconnect.c] - remove unused argument - - markus@cvs.openbsd.org 2001/10/06 00:36:42 - [session.c] - fix typo in error message, sync with do_exec_nopty - - markus@cvs.openbsd.org 2001/10/06 11:18:19 - [sshconnect1.c sshconnect2.c sshconnect.c] - unify hostkey check error messages, simplify prompt. - - markus@cvs.openbsd.org 2001/10/07 10:29:52 - [authfile.c] - grammer; Matthew_Clarke@mindlink.bc.ca - - markus@cvs.openbsd.org 2001/10/07 17:49:40 - [channels.c channels.h] - avoid possible FD_ISSET overflow for channels established - during channnel_after_select() (used for dynamic channels). - - markus@cvs.openbsd.org 2001/10/08 11:48:57 - [channels.c] - better debug - - markus@cvs.openbsd.org 2001/10/08 16:15:47 - [sshconnect.c] - use correct family for -b option - - markus@cvs.openbsd.org 2001/10/08 19:05:05 - [ssh.c sshconnect.c sshconnect.h ssh-keyscan.c] - some more IPv4or6 cleanup - - markus@cvs.openbsd.org 2001/10/09 10:12:08 - [session.c] - chdir $HOME after krb_afslog(); from bbense@networking.stanford.edu - - markus@cvs.openbsd.org 2001/10/09 19:32:49 +20020408 + - (bal) Minor OpenSC updates. Fix up header locations and update + README.smartcard provided by Juha Yrjölä + +20020407 + - (stevesk) HAVE_CONTROL_IN_MSGHDR; not used right now. + Future: we may want to test if fd passing works correctly. + - (stevesk) [monitor_fdpass.c] fatal() for UsePrivilegeSeparation=yes + and no fd passing support. + - (stevesk) HAVE_MMAP and HAVE_SYS_MMAN_H and use them in + monitor_mm.c + - (stevesk) remove configure support for poll.h; it was removed + from sshd.c a long time ago. + - (stevesk) --with-privsep-user; default sshd + - (stevesk) wrap munmap() with HAVE_MMAP also. + +20020406 + - (djm) Typo in Suse SPEC file. Fix from Carsten Grohmann + + - (bal) Added MAP_FAILED to allow AIX and Trusted HP to compile. + - (bal) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2002/04/06 00:30:08 + [sftp-client.c] + Fix occasional corruption on upload due to bad reuse of request + id, spotted by chombier@mac.com; ok markus@ + - mouring@cvs.openbsd.org 2002/04/06 18:24:09 + [scp.c] + Fixes potental double // within path. + http://bugzilla.mindrot.org/show_bug.cgi?id=76 + - (bal) Slight update to OpenSC support. Better version checking. patch + by Juha Yrjölä + - (bal) Revered out of runtime IRIX detection of joblimits. Code is + incomplete. + - (bal) Quiet down configure.ac if /bin/test does not exist. + - (bal) We no longer use atexit()/xatexit()/on_exit() + +20020405 + - (bal) Patch for OpenSC SmartCard library; ok markus@; patch by + Juha Yrjölä + - (bal) Minor documentation update to reflect smartcard library + support changes. + - (bal) Too many issues. Remove all workarounds and + using internal version only. + - (bal) OpenBSD CVS Sync + - stevesk@cvs.openbsd.org 2002/04/05 20:56:21 + [sshd.8] + clarify sshrc some and handle X11UseLocalhost=yes; ok markus@ + +20020404 + - (stevesk) [auth-pam.c auth-pam.h auth-passwd.c auth-sia.c auth-sia.h + auth1.c auth2.c] PAM, OSF_SIA password auth cleanup; from djm. + - (bal) OpenBSD CVS Sync + - markus@cvs.openbsd.org 2002/04/03 09:26:11 + [cipher.c myproposal.h] + re-add rijndael-cbc@lysator.liu.se for MacSSH; ash@lab.poc.net + +20020402 + - (bal) Hand Sync of scp.c (reverted to upstream code) + - deraadt@cvs.openbsd.org 2002/03/30 17:45:46 + [scp.c] + stretch banners + - (bal) CVS ID sync of uidswap.c + - (bal) OpenBSD CVS Sync (now for the real sync) + - markus@cvs.openbsd.org 2002/03/27 22:21:45 + [ssh-keygen.c] + try to import keys with extra trailing === (seen with ssh.com < + 2.0.12) + - markus@cvs.openbsd.org 2002/03/28 15:34:51 [session.c] - stat subsystem command before calling do_exec, and return error to client. - - markus@cvs.openbsd.org 2001/10/09 19:51:18 - [serverloop.c] - close all channels if the connection to the remote host has been closed, - should fix sshd's hanging with WCHAN==wait - - markus@cvs.openbsd.org 2001/10/09 21:59:41 - [channels.c channels.h serverloop.c session.c session.h] - simplify session close: no more delayed session_close, no more - blocking wait() calls. - - (bal) removed two unsed headers in openbsd-compat/bsd-misc.c - - (bal) seed_init() and seed_rng() required in ssh-keyscan.c - -20011007 - - (bal) ssh-copy-id corrected permissions for .ssh/ and authorized_keys. - Prompted by Matthew Vernon - -20011005 - - (bal) AES works under Cray, no more hack. - -20011004 - - (bal) nchan2.ms resync. BSD License applied. - -20011003 - - (bal) CVS ID fix up in version.h - - (bal) OpenBSD CVS Sync: - - markus@cvs.openbsd.org 2001/09/27 11:58:16 - [compress.c] - mem leak; chombier@mac.com - - markus@cvs.openbsd.org 2001/09/27 11:59:37 - [packet.c] - missing called=1; chombier@mac.com - - markus@cvs.openbsd.org 2001/09/27 15:31:17 - [auth2.c auth2-chall.c sshconnect1.c] - typos; from solar - - camield@cvs.openbsd.org 2001/09/27 17:53:24 - [sshd.8] - don't talk about compile-time options - ok markus@ - - djm@cvs.openbsd.org 2001/09/28 12:07:09 - [ssh-keygen.c] - bzero private key after loading to smartcard; ok markus@ - - markus@cvs.openbsd.org 2001/09/28 15:46:29 - [ssh.c] - bug: read user config first; report kaukasoi@elektroni.ee.tut.fi - - markus@cvs.openbsd.org 2001/10/01 08:06:28 - [scp.c] - skip filenames containing \n; report jdamery@chiark.greenend.org.uk - and matthew@debian.org - - markus@cvs.openbsd.org 2001/10/01 21:38:53 - [channels.c channels.h ssh.c sshd.c] - remove ugliness; vp@drexel.edu via angelos - - markus@cvs.openbsd.org 2001/10/01 21:51:16 - [readconf.c readconf.h ssh.1 sshconnect.c] - add NoHostAuthenticationForLocalhost; note that the hostkey is - now check for localhost, too. - - djm@cvs.openbsd.org 2001/10/02 08:38:50 - [ssh-add.c] - return non-zero exit code on error; ok markus@ - - stevesk@cvs.openbsd.org 2001/10/02 22:56:09 - [sshd.c] - #include "channels.h" for channel_set_af() - - markus@cvs.openbsd.org 2001/10/03 10:01:20 - [auth.c] - use realpath() for homedir, too. from jinmei@isl.rdc.toshiba.co.jp - -20011001 - - (stevesk) loginrec.c: fix type conversion problems exposed when using - 64-bit off_t. - -20010929 - - (bal) move reading 'config.h' up higher. Patch by albert chin - pw' in auth1.c spotted by + kent@lysator.liu.se + - (bal) OpenBSD CVS Sync + - markus@cvs.openbsd.org 2002/03/26 11:34:49 + [ssh.1 sshd.8] + update to recent drafts + - markus@cvs.openbsd.org 2002/03/26 11:37:05 + [ssh.c] + update Copyright + - markus@cvs.openbsd.org 2002/03/26 15:23:40 + [bufaux.c] + do not talk about packets in bufaux + - rees@cvs.openbsd.org 2002/03/26 18:46:59 [scard.c] - Fix segv when smartcard communication error occurs during key load. - ok markus@ - - (djm) Update spec files for new x11-askpass - -20010927 - - (stevesk) session.c: declare do_pre_login() before use - wayned@users.sourceforge.net - -20010925 - - (djm) Pull in auth-krb5.c from OpenBSD CVS. NB. it is not currently used. - - (djm) Sync $sysconfdir/moduli - - (djm) Add AC_SYS_LARGEFILE configure test - - (djm) Avoid bad and unportable sprintf usage in compat code - -20010923 - - (bal) updated ssh.c to mirror minor getopts 'extern int' formating done - by stevesk@ - - (bal) Removed 'extern int optopt;' since it is dead wood. - - (bal) Updated all *.specs for 2.9.9p1 and updated version.h - -20010923 - - (bal) OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/09/23 11:09:13 - [authfile.c] - relax permission check for private key files. - - markus@cvs.openbsd.org 2001/09/23 09:58:13 - [LICENCE] - new rijndael implementation - -20010920 - - (tim) [scard/Makefile.in] Don't strip the Java binary - - (stevesk) sun_len, SUN_LEN() configure stuff no longer required - - (bal) OpenBSD CVS Sync - - stevesk@cvs.openbsd.org 2001/09/20 00:15:54 - [sshd.8] - fix ClientAliveCountMax - - markus@cvs.openbsd.org 2001/09/20 13:46:48 - [auth2.c] - key_read returns now -1 or 1 - - markus@cvs.openbsd.org 2001/09/20 13:50:40 - [compat.c compat.h ssh.c] - bug compat: request a dummy channel for -N (no shell) sessions + - cleanup; vinschen@redhat.com - - mouring@cvs.openbsd.org 2001/09/20 20:57:51 - [sshd_config] - CheckMail removed. OKed stevesk@ - -20010919 - - (bal) OpenBSD Sync - - markus@cvs.openbsd.org 2001/09/19 10:08:51 - [sshd.8] - command=xxx applies to subsystem now, too - - markus@cvs.openbsd.org 2001/09/19 13:23:29 - [key.c] - key_read() now returns -1 on type mismatch, too - - stevesk@cvs.openbsd.org 2001/09/19 19:24:19 - [readconf.c readconf.h scp.c sftp.c ssh.1] - add ClearAllForwardings ssh option and set it in scp and sftp; ok - markus@ - - stevesk@cvs.openbsd.org 2001/09/19 19:35:30 - [authfd.c] - use sizeof addr vs. SUN_LEN(addr) for sockaddr_un. Stevens - blesses this and we do it this way elsewhere. this helps in - portable because not all systems have SUN_LEN() and - sockaddr_un.sun_len. ok markus@ - - stevesk@cvs.openbsd.org 2001/09/19 21:04:53 - [sshd.8] - missing -t in usage - - stevesk@cvs.openbsd.org 2001/09/19 21:41:57 - [sshd.8] - don't advertise -V in usage; ok markus@ - - (bal) openbsd-compat/vis.[ch] is dead wood. Removed. - -20010918 - - (djm) Configure support for smartcards. Based on Ben's work. - - (djm) Revert setgroups call, it causes problems on OS-X - - (djm) Avoid warning on BSDgetopt - - (djm) More makefile infrastructre for smartcard support, also based - on Ben's work - - (djm) Specify --datadir in RPM spec files so smartcard applet gets - put somewhere sane. Add Ssh.bin to manifest. - - (djm) Make smartcard support conditional in Redhat RPM spec - - (bal) LICENCE update. Has not been done in a while. - - (stevesk) nchan.c: we use X/Open Sockets on HP-UX now so shutdown(2) - returns ENOTCONN vs. EINVAL for socket not connected; remove EINVAL - check. ok Lutz Jaenicke - - (bal) OpenBSD CVS Sync - - stevesk@cvs.openbsd.org 2001/09/17 17:57:57 - [scp.1 scp.c sftp.1 sftp.c] - add -Fssh_config option; ok markus@ - - stevesk@cvs.openbsd.org 2001/09/17 19:27:15 - [kexdh.c kexgex.c key.c key.h ssh-dss.c ssh-keygen.c ssh-rsa.c] - u_char*/char* cleanup; ok markus - - markus@cvs.openbsd.org 2001/09/17 20:22:14 + try_AUT0 in read_pubkey too, for those paranoid few who want to + acl 'sh' + - markus@cvs.openbsd.org 2002/03/26 22:50:39 + [channels.h] + CHANNEL_EFD_OUTPUT_ACTIVE is false for CHAN_CLOSE_RCVD, too + - markus@cvs.openbsd.org 2002/03/26 23:13:03 + [auth-rsa.c] + disallow RSA keys < 768 for protocol 1, too (rhosts-rsa and rsa auth) + - markus@cvs.openbsd.org 2002/03/26 23:14:51 + [kex.c] + generate a new cookie for each SSH2_MSG_KEXINIT message we send out + - mouring@cvs.openbsd.org 2002/03/27 11:45:42 + [monitor.c] + monitor_allowed_key() returns int instead of pointer. ok markus@ + +20020325 + - (stevesk) import OpenBSD as "openbsd-compat/tree.h" + - (bal) OpenBSD CVS Sync + - stevesk@cvs.openbsd.org 2002/03/23 20:57:26 + [sshd.c] + setproctitle() after preauth child; ok markus@ + - markus@cvs.openbsd.org 2002/03/24 16:00:27 + [serverloop.c] + remove unused debug + - markus@cvs.openbsd.org 2002/03/24 16:01:13 + [packet.c] + debug->debug3 for extra padding + - stevesk@cvs.openbsd.org 2002/03/24 17:27:03 + [kexgex.c] + typo; ok markus@ + - stevesk@cvs.openbsd.org 2002/03/24 17:53:16 + [monitor_fdpass.c] + minor cleanup and more error checking; ok markus@ + - markus@cvs.openbsd.org 2002/03/24 18:05:29 [scard.c] - never keep a connection to the smartcard open. - allows ssh-keygen -D U while the agent is running; report from - jakob@ - - stevesk@cvs.openbsd.org 2001/09/17 20:38:09 - [sftp.1 sftp.c] - cleanup and document -1, -s and -S; ok markus@ - - markus@cvs.openbsd.org 2001/09/17 20:50:22 - [key.c ssh-keygen.c] - better error handling if you try to export a bad key to ssh.com - - markus@cvs.openbsd.org 2001/09/17 20:52:47 - [channels.c channels.h clientloop.c] - try to fix agent-forwarding-backconnection-bug, as seen on HPUX, - for example; with Lutz.Jaenicke@aet.TU-Cottbus.DE, - - markus@cvs.openbsd.org 2001/09/17 21:04:02 - [channels.c serverloop.c] - don't send fake dummy packets on CR (\r) - bugreport from yyua@cs.sfu.ca via solar@@openwall.com - - markus@cvs.openbsd.org 2001/09/17 21:09:47 - [compat.c] - more versions suffering the SSH_BUG_DEBUG bug; - 3.0.x reported by dbutts@maddog.storability.com - - stevesk@cvs.openbsd.org 2001/09/17 23:56:07 - [scp.1] - missing -B in usage string - -20010917 - - (djm) x11-ssh-askpass-1.2.4 in RPM spec, revert workarounds - - (tim) [includes.h openbsd-compat/getopt.c openbsd-compat/getopt.h] - rename getopt() to BSDgetopt() to keep form conflicting with - system getopt(). - [Makefile.in configure.in] disable filepriv until I can add - missing procpriv calls. - -20010916 - - (djm) Workaround XFree breakage in RPM spec file - - (bal) OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/09/16 14:46:54 - [session.c] - calls krb_afslog() after setting $HOME; mattiasa@e.kth.se; fixes - pr 1943b - -20010915 - - (djm) Make do_pre_login static to avoid prototype #ifdef hell - - (djm) Sync scard/ stuff - - (djm) Redhat spec file cleanups from Pekka Savola and - Redhat - - (djm) Redhat initscript config sanity checking from Pekka Savola - - - (djm) Clear supplemental groups at sshd start to prevent them from - being propogated to random PAM modules. Based on patch from Redhat via - Pekka Savola - - (djm) Make sure rijndael.c picks config.h - - (djm) Ensure that u_char gets defined + we need to figure out AUT0 for sc_private_encrypt, too + - stevesk@cvs.openbsd.org 2002/03/24 23:20:00 + [monitor.c] + remove "\n" from fatal() + - markus@cvs.openbsd.org 2002/03/25 09:21:13 + [auth-rsa.c] + return 0 (not NULL); tomh@po.crl.go.jp + - markus@cvs.openbsd.org 2002/03/25 09:25:06 + [auth-rh-rsa.c] + rm bogus comment + - markus@cvs.openbsd.org 2002/03/25 17:34:27 + [scard.c scard.h ssh-agent.c ssh-keygen.c ssh.c] + change sc_get_key to sc_get_keys and hide smartcard details in scard.c + - stevesk@cvs.openbsd.org 2002/03/25 20:12:10 + [monitor_mm.c monitor_wrap.c] + ssize_t args use "%ld" and cast to (long) + size_t args use "%lu" and cast to (u_long) + ok markus@ and thanks millert@ + - markus@cvs.openbsd.org 2002/03/25 21:04:02 + [ssh.c] + simplify num_identity_files handling + - markus@cvs.openbsd.org 2002/03/25 21:13:51 + [channels.c channels.h compat.c compat.h nchan.c] + don't send stderr data after EOF, accept this from older known + (broken) sshd servers only, fixes + http://bugzilla.mindrot.org/show_bug.cgi?id=179 + - stevesk@cvs.openbsd.org 2002/03/26 03:24:01 + [monitor.h monitor_fdpass.h monitor_mm.h monitor_wrap.h] + $OpenBSD$ -20010914 - - (bal) OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/09/13 - [rijndael.c rijndael.h] - missing $OpenBSD - - markus@cvs.openbsd.org 2001/09/14 - [session.c] - command=xxx overwrites subsystems, too - - markus@cvs.openbsd.org 2001/09/14 - [sshd.c] - typo +20020324 + - (stevesk) [session.c] disable LOGIN_NEEDS_TERM until we are sure + it can be removed. only used on solaris. will no longer compile with + privsep shuffling. + +20020322 + - (stevesk) HAVE_ACCRIGHTS_IN_MSGHDR configure support + - (stevesk) [monitor.c monitor_wrap.c] #ifdef HAVE_PW_CLASS_IN_PASSWD + - (stevesk) configure and cpp __FUNCTION__ gymnastics to handle nielsisms + - (stevesk) [monitor_fdpass.c] support for access rights style file + descriptor passing + - (stevesk) [auth2.c] merge cleanup/sync + - (stevesk) [defines.h] hp-ux 11 has ancillary data style fd passing, but + is missing CMSG_LEN() and CMSG_SPACE() macros. + - (stevesk) [defines.h] #define MAP_ANON MAP_ANONYMOUS for HP-UX; other + platforms may need this--I'm not sure. mmap() issues will need to be + addressed further. + - (tim) [cipher.c] fix problem with OpenBSD sync + - (stevesk) [LICENCE] OpenBSD sync -20010913 +20020321 - (bal) OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/08/23 11:31:59 + - itojun@cvs.openbsd.org 2002/03/08 06:10:16 + [sftp-client.c] + printf type mismatch + - itojun@cvs.openbsd.org 2002/03/11 03:18:49 + [sftp-client.c] + correct type mismatches (u_int64_t != unsigned long long) + - itojun@cvs.openbsd.org 2002/03/11 03:19:53 + [sftp-client.c] + indent + - markus@cvs.openbsd.org 2002/03/14 15:24:27 + [sshconnect1.c] + don't trust size sent by (rogue) server; noted by + s.esser@e-matters.de + - markus@cvs.openbsd.org 2002/03/14 16:38:26 + [sshd.c] + split out ssh1 session key decryption; ok provos@ + - markus@cvs.openbsd.org 2002/03/14 16:56:33 + [auth-rh-rsa.c auth-rsa.c auth.h] + split auth_rsa() for better readability and privsep; ok provos@ + - itojun@cvs.openbsd.org 2002/03/15 11:00:38 + [auth.c] + fix file type checking (use S_ISREG). ok by markus + - markus@cvs.openbsd.org 2002/03/16 11:24:53 + [compress.c] + skip inflateEnd if inflate fails; ok provos@ + - markus@cvs.openbsd.org 2002/03/16 17:22:09 + [auth-rh-rsa.c auth.h] + split auth_rhosts_rsa(), ok provos@ + - stevesk@cvs.openbsd.org 2002/03/16 17:41:25 + [auth-krb5.c] + BSD license. from Daniel Kouril via Dug Song. ok markus@ + - provos@cvs.openbsd.org 2002/03/17 20:25:56 + [auth.c auth.h auth1.c auth2.c] + getpwnamallow returns struct passwd * only if user valid; + okay markus@ + - provos@cvs.openbsd.org 2002/03/18 01:12:14 + [auth.h auth1.c auth2.c sshd.c] + have the authentication functions return the authentication context + and then do_authenticated; okay millert@ + - dugsong@cvs.openbsd.org 2002/03/18 01:30:10 + [auth-krb4.c] + set client to NULL after xfree(), from Rolf Braun + + - provos@cvs.openbsd.org 2002/03/18 03:41:08 + [auth.c session.c] + move auth_approval into getpwnamallow with help from millert@ + - markus@cvs.openbsd.org 2002/03/18 17:13:15 [cipher.c cipher.h] - switch to the optimised AES reference code from - http://www.esat.kuleuven.ac.be/~rijmen/rijndael/rijndael-fst-3.0.zip - -20010912 - - (bal) OpenBSD CVS Sync - - jakob@cvs.openbsd.org 2001/08/16 19:18:34 - [servconf.c servconf.h session.c sshd.8] - deprecate CheckMail. ok markus@ - - stevesk@cvs.openbsd.org 2001/08/16 20:14:57 - [ssh.1 sshd.8] - document case sensitivity for ssh, sshd and key file - options and arguments; ok markus@ - - stevesk@cvs.openbsd.org 2001/08/17 18:59:47 - [servconf.h] - typo in comment - - stevesk@cvs.openbsd.org 2001/08/21 21:47:42 - [ssh.1 sshd.8] - minor typos and cleanup - - stevesk@cvs.openbsd.org 2001/08/22 16:21:21 - [ssh.1] - hostname not optional; ok markus@ - - stevesk@cvs.openbsd.org 2001/08/22 16:30:02 - [sshd.8] - no rexd; ok markus@ - - stevesk@cvs.openbsd.org 2001/08/22 17:45:16 - [ssh.1] - document cipher des for protocol 1; ok deraadt@ - - camield@cvs.openbsd.org 2001/08/23 17:59:31 - [sshd.c] - end request with 0, not NULL - ok markus@ - - stevesk@cvs.openbsd.org 2001/08/23 18:02:48 - [ssh-agent.1] - fix usage; ok markus@ - - stevesk@cvs.openbsd.org 2001/08/23 18:08:59 - [ssh-add.1 ssh-keyscan.1] - minor cleanup - - danh@cvs.openbsd.org 2001/08/27 22:02:13 - [ssh-keyscan.c] - fix memory fault if non-existent filename is given to the -f option - ok markus@ - - markus@cvs.openbsd.org 2001/08/28 09:51:26 - [readconf.c] - don't set DynamicForward unless Host matches - - markus@cvs.openbsd.org 2001/08/28 15:39:48 - [ssh.1 ssh.c] - allow: ssh -F configfile host - - markus@cvs.openbsd.org 2001/08/29 20:44:03 - [scp.c] - clear the malloc'd buffer, otherwise source() will leak malloc'd - memory; ok theo@ - - stevesk@cvs.openbsd.org 2001/08/29 23:02:21 - [sshd.8] - add text about -u0 preventing DNS requests; ok markus@ - - stevesk@cvs.openbsd.org 2001/08/29 23:13:10 - [ssh.1 ssh.c] - document -D and DynamicForward; ok markus@ - - stevesk@cvs.openbsd.org 2001/08/29 23:27:23 - [ssh.c] - validate ports for -L/-R; ok markus@ - - stevesk@cvs.openbsd.org 2001/08/29 23:39:40 - [ssh.1 sshd.8] - additional documentation for GatewayPorts; ok markus@ - - naddy@cvs.openbsd.org 2001/08/30 15:42:36 - [ssh.1] - add -D to synopsis line; ok markus@ - - stevesk@cvs.openbsd.org 2001/08/30 16:04:35 - [readconf.c ssh.1] - validate ports for LocalForward/RemoteForward. - add host/port alternative syntax for IPv6 (like -L/-R). - ok markus@ - - stevesk@cvs.openbsd.org 2001/08/30 20:36:34 - [auth-options.c sshd.8] - validate ports for permitopen key file option. add host/port - alternative syntax for IPv6. ok markus@ - - markus@cvs.openbsd.org 2001/08/30 22:22:32 - [ssh-keyscan.c] - do not pass pointers to longjmp; fix from wayne@blorf.net - - markus@cvs.openbsd.org 2001/08/31 11:46:39 - [sshconnect2.c] - disable kbd-interactive if we don't get SSH2_MSG_USERAUTH_INFO_REQUEST - messages - - stevesk@cvs.openbsd.org 2001/09/03 20:58:33 - [readconf.c readconf.h ssh.c] - fatal() for nonexistent -Fssh_config. ok markus@ - - deraadt@cvs.openbsd.org 2001/09/05 06:23:07 - [scp.1 sftp.1 ssh.1 ssh-agent.1 sshd.8 ssh-keygen.1 ssh-keyscan.1] - avoid first person in manual pages - - stevesk@cvs.openbsd.org 2001/09/12 18:18:25 - [scp.c] - don't forward agent for non third-party copies; ok markus@ - -20010815 - - (bal) Fixed stray code in readconf.c that went in by mistake. - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/08/07 10:37:46 - [authfd.c authfd.h] - extended failure messages from galb@vandyke.com - - deraadt@cvs.openbsd.org 2001/08/08 07:16:58 - [scp.1] - when describing the -o option, give -o Protocol=1 as the specific example - since we are SICK AND TIRED of clueless people who cannot have difficulty - thinking on their own. - - markus@cvs.openbsd.org 2001/08/08 18:20:15 - [uidswap.c] - permanently_set_uid is a noop if user is not privilegued; - fixes bug on solaris; from sbi@uchicago.edu - - markus@cvs.openbsd.org 2001/08/08 21:34:19 - [uidswap.c] - undo last change; does not work for sshd - - jakob@cvs.openbsd.org 2001/08/11 22:51:27 - [ssh.c tildexpand.c] - fix more paths beginning with "//"; . - ok markus@ - - stevesk@cvs.openbsd.org 2001/08/13 23:38:54 - [scp.c] - don't need main prototype (also sync with rcp); ok markus@ - - markus@cvs.openbsd.org 2001/08/14 09:23:02 - [sftp.1 sftp-int.c] - "bye"; hk63a@netscape.net - - stevesk@cvs.openbsd.org 2001/08/14 17:54:29 - [scp.1 sftp.1 ssh.1] - consistent documentation and example of ``-o ssh_option'' for sftp and - scp; document keyword=argument for ssh. - - (bal) QNX resync. OK tim@ - -20010814 - - (stevesk) sshpty.c, cray.[ch]: whitespace, formatting and cleanup - for some #ifdef _CRAY code; ok wendyp@cray.com - - (stevesk) sshpty.c: return 0 on error in cray pty code; - ok wendyp@cray.com - - (stevesk) bsd-cray.c: utmp strings are not C strings - - (stevesk) bsd-cray.c: more cleanup; ok wendyp@cray.com - -20010812 - - (djm) Fix detection of long long int support. Based on patch from - Michael Stone . ok stevesk, tim - -20010808 - - (bal) Minor correction to inet_ntop.h. _BSD_RRESVPORT_H should be - _BSD_INET_NTOP_H. Pointed out by Mark Miller - -20010807 - - (tim) [configure.in sshconnect.c openbsd-compat/Makefile.in - openbsd-compat/openbsd-compat.h ] Add inet_ntop.c inet_ntop.h back - in. Needed for sshconnect.c - [sshconnect.c] fix INET6_ADDRSTRLEN for non IPv6 machines - [configure.in] make tests with missing libraries fail - patch by Wendy Palm - Added openbsd-compat/bsd-cray.h. Selective patches from - William L. Jones - -20010806 - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/07/22 21:32:27 - [sshpty.c] - update comment - - pvalchev@cvs.openbsd.org 2001/07/22 21:32:42 - [ssh.1] - There is no option "Compress", point to "Compression" instead; ok - markus - - markus@cvs.openbsd.org 2001/07/22 22:04:19 - [readconf.c ssh.1] - enable challenge-response auth by default; ok millert@ - - markus@cvs.openbsd.org 2001/07/22 22:24:16 - [sshd.8] - Xr login.conf - - markus@cvs.openbsd.org 2001/07/23 09:06:28 - [sshconnect2.c] - reorder default sequence of userauth methods to match ssh behaviour: - hostbased,publickey,keyboard-interactive,password - - markus@cvs.openbsd.org 2001/07/23 12:47:05 - [ssh.1] - sync PreferredAuthentications - - aaron@cvs.openbsd.org 2001/07/23 14:14:18 - [ssh-keygen.1] - Fix typo. - - stevesk@cvs.openbsd.org 2001/07/23 18:14:58 - [auth2.c auth-rsa.c] - use %lu; ok markus@ - - stevesk@cvs.openbsd.org 2001/07/23 18:21:46 - [xmalloc.c] - no zero size xstrdup() error; ok markus@ - - markus@cvs.openbsd.org 2001/07/25 11:59:35 + export/import cipher states; needed by ssh-privsep + - markus@cvs.openbsd.org 2002/03/18 17:16:38 + [packet.c packet.h] + export/import cipher state, iv and ssh2 seqnr; needed by ssh-privsep + - markus@cvs.openbsd.org 2002/03/18 17:23:31 + [key.c key.h] + add key_demote() for ssh-privsep + - provos@cvs.openbsd.org 2002/03/18 17:25:29 + [bufaux.c bufaux.h] + buffer_skip_string and extra sanity checking; needed by ssh-privsep + - provos@cvs.openbsd.org 2002/03/18 17:31:54 + [compress.c] + export compression streams for ssh-privsep + - provos@cvs.openbsd.org 2002/03/18 17:50:31 + [auth-bsdauth.c auth-options.c auth-rh-rsa.c auth-rsa.c] + [auth-skey.c auth.h auth1.c auth2-chall.c auth2.c kex.c kex.h kexdh.c] + [kexgex.c servconf.c] + [session.h servconf.h serverloop.c session.c sshd.c] + integrate privilege separated openssh; its turned off by default + for now. work done by me and markus@ + - provos@cvs.openbsd.org 2002/03/18 17:53:08 + [sshd.8] + credits for privsep + - provos@cvs.openbsd.org 2002/03/18 17:59:09 + [sshd.8] + document UsePrivilegeSeparation + - stevesk@cvs.openbsd.org 2002/03/18 23:52:51 + [servconf.c] + UnprivUser/UnprivGroup usable now--specify numeric user/group; ok + provos@ + - stevesk@cvs.openbsd.org 2002/03/19 03:03:43 + [pathnames.h servconf.c servconf.h sshd.c] + _PATH_PRIVSEP_CHROOT_DIR; ok provos@ + - stevesk@cvs.openbsd.org 2002/03/19 05:23:08 + [sshd.8] + Banner has no default. + - mpech@cvs.openbsd.org 2002/03/19 06:32:56 + [sftp-int.c] + use xfree() after xstrdup(). + + markus@ ok + - markus@cvs.openbsd.org 2002/03/19 10:35:39 + [auth-options.c auth.h session.c session.h sshd.c] + clean up prototypes + - markus@cvs.openbsd.org 2002/03/19 10:49:35 + [auth-krb5.c auth-rh-rsa.c auth.c cipher.c key.c misc.h] + [packet.c session.c sftp-client.c sftp-glob.h sftp.c ssh-add.c ssh.c] + [sshconnect2.c sshd.c ttymodes.c] + KNF whitespace + - markus@cvs.openbsd.org 2002/03/19 14:27:39 + [auth.c auth1.c auth2.c] + make getpwnamallow() allways call pwcopy() + - markus@cvs.openbsd.org 2002/03/19 15:31:47 + [auth.c] + check for NULL; from provos@ + - stevesk@cvs.openbsd.org 2002/03/20 19:12:25 + [servconf.c servconf.h ssh.h sshd.c] + for unprivileged user, group do: + pw=getpwnam(SSH_PRIVSEP_USER); do_setusercontext(pw). ok provos@ + - stevesk@cvs.openbsd.org 2002/03/20 21:08:08 + [sshd.c] + strerror() on chdir() fail; ok provos@ + - markus@cvs.openbsd.org 2002/03/21 10:21:20 + [ssh-add.c] + ignore errors for nonexisting default keys in ssh-add, + fixes http://bugzilla.mindrot.org/show_bug.cgi?id=158 + - jakob@cvs.openbsd.org 2002/03/21 15:17:26 + [clientloop.c ssh.1] + add built-in command line for adding new port forwardings on the fly. + based on a patch from brian wellington. ok markus@. + - markus@cvs.openbsd.org 2002/03/21 16:38:06 [scard.c] - typo in comment - - markus@cvs.openbsd.org 2001/07/25 14:35:18 - [readconf.c ssh.1 ssh.c sshconnect.c] - cleanup connect(); connection_attempts 4 -> 1; from - eivind@freebsd.org - - stevesk@cvs.openbsd.org 2001/07/26 17:18:22 - [sshd.8 sshd.c] - add -t option to test configuration file and keys; pekkas@netcore.fi - ok markus@ - - rees@cvs.openbsd.org 2001/07/26 20:04:27 - [scard.c ssh-keygen.c] - Inquire Cyberflex class for 0xf0 cards - change aid to conform to 7816-5 - remove gratuitous fid selects - - millert@cvs.openbsd.org 2001/07/27 14:50:45 - [ssh.c] - If smart card support is compiled in and a smart card is being used - for authentication, make it the first method used. markus@ OK - - deraadt@cvs.openbsd.org 2001/07/27 17:26:16 - [scp.c] - shorten lines - - markus@cvs.openbsd.org 2001/07/28 09:21:15 - [sshd.8] - cleanup some RSA vs DSA vs SSH1 vs SSH2 notes - - mouring@cvs.openbsd.org 2001/07/29 17:02:46 - [scp.1] - Clarified -o option in scp.1 OKed by Markus@ - - jakob@cvs.openbsd.org 2001/07/30 16:06:07 - [scard.c scard.h] - better errorcodes from sc_*; ok markus@ - - stevesk@cvs.openbsd.org 2001/07/30 16:23:30 - [rijndael.c rijndael.h] - new BSD-style license: - Brian Gladman : - >I have updated my code at: - >http://fp.gladman.plus.com/cryptography_technology/rijndael/index.htm - >with a copyright notice as follows: - >[...] - >I am not sure which version of my old code you are using but I am - >happy for the notice above to be substituted for my existing copyright - >intent if this meets your purpose. - - jakob@cvs.openbsd.org 2001/07/31 08:41:10 + make compile w/ openssl 0.9.7 + - markus@cvs.openbsd.org 2002/03/21 16:54:53 + [scard.c scard.h ssh-keygen.c] + move key upload to scard.[ch] + - markus@cvs.openbsd.org 2002/03/21 16:57:15 [scard.c] - do not complain about missing smartcards. ok markus@ - - jakob@cvs.openbsd.org 2001/07/31 09:28:44 - [readconf.c readconf.h ssh.1 ssh.c] - add 'SmartcardDevice' client option to specify which smartcard device - is used to access a smartcard used for storing the user's private RSA - key. ok markus@. - - jakob@cvs.openbsd.org 2001/07/31 12:42:50 - [sftp-int.c sftp-server.c] - avoid paths beginning with "//"; - ok markus@ - - jakob@cvs.openbsd.org 2001/07/31 12:53:34 + remove const + - markus@cvs.openbsd.org 2002/03/21 16:58:13 + [clientloop.c] + remove unused + - rees@cvs.openbsd.org 2002/03/21 18:08:15 [scard.c] - close smartcard connection if card is missing - - markus@cvs.openbsd.org 2001/08/01 22:03:33 - [authfd.c authfd.h readconf.c readconf.h scard.c scard.h ssh-add.c - ssh-agent.c ssh.c] - use strings instead of ints for smartcard reader ids - - markus@cvs.openbsd.org 2001/08/01 22:16:45 - [ssh.1 sshd.8] - refer to current ietf drafts for protocol v2 - - markus@cvs.openbsd.org 2001/08/01 23:33:09 - [ssh-keygen.c] - allow uploading RSA keys for non-default AUT0 (sha1 over passphrase - like sectok). - - markus@cvs.openbsd.org 2001/08/01 23:38:45 - [scard.c ssh.c] - support finish rsa keys. - free public keys after login -> call finish -> close smartcard. - - markus@cvs.openbsd.org 2001/08/02 00:10:17 - [ssh-keygen.c] - add -D readerid option (download, i.e. print public RSA key to stdout). - check for card present when uploading keys. - use strings instead of ints for smartcard reader ids, too. - - jakob@cvs.openbsd.org 2001/08/02 08:58:35 - [ssh-keygen.c] - change -u (upload smartcard key) to -U. ok markus@ - - jakob@cvs.openbsd.org 2001/08/02 15:06:52 - [ssh-keygen.c] - more verbose usage(). ok markus@ - - jakob@cvs.openbsd.org 2001/08/02 15:07:23 - [ssh-keygen.1] - document smartcard upload/download. ok markus@ - - jakob@cvs.openbsd.org 2001/08/02 15:32:10 - [ssh.c] - add smartcard to usage(). ok markus@ - - jakob@cvs.openbsd.org 2001/08/02 15:43:57 - [ssh-agent.c ssh.c ssh-keygen.c] - add /* SMARTCARD */ to #else/#endif. ok markus@ - - jakob@cvs.openbsd.org 2001/08/02 16:14:05 - [scard.c ssh-agent.c ssh.c ssh-keygen.c] - clean up some /* SMARTCARD */. ok markus@ - - mpech@cvs.openbsd.org 2001/08/02 18:37:35 - [ssh-keyscan.1] - o) .Sh AUTHOR -> .Sh AUTHORS; - o) .Sh EXAMPLE -> .Sh EXAMPLES; - o) Delete .Sh OPTIONS. Text moved to .Sh DESCRIPTION; - - millert@ ok - - jakob@cvs.openbsd.org 2001/08/03 10:31:19 - [ssh-add.1] - document smartcard options. ok markus@ - - jakob@cvs.openbsd.org 2001/08/03 10:31:30 - [ssh-add.c ssh-agent.c ssh-keyscan.c] - improve usage(). ok markus@ - - markus@cvs.openbsd.org 2001/08/05 23:18:20 - [ssh-keyscan.1 ssh-keyscan.c] - ssh 2 support; from wayned@users.sourceforge.net - - markus@cvs.openbsd.org 2001/08/05 23:29:58 - [ssh-keyscan.c] - make -t dsa work with commercial servers, too - - stevesk@cvs.openbsd.org 2001/08/06 19:47:05 - [scp.c] - use alarm vs. setitimer for portable; ok markus@ - - (bal) ssh-keyscan double -lssh hack due to seed_rng(). - - (bal) Second around of UNICOS patches. A few other things left. - Patches by William L. Jones - -20010803 - - (djm) Fix interrupted read in entropy gatherer. Spotted by markus@ on - a fast UltraSPARC. - -20010726 - - (stevesk) use mysignal() in protocol 1 loop now that the SIGCHLD - handler has converged. - -20010725 - - (bal) Added 'install-nokeys' to Makefile to assist package builders. - -20010724 - - (bal) 4711 not 04711 for ssh binary. - -20010722 - - (bal) Starting the Unicossmk merger. File merged TODO, configure.in, - myproposal.h, ssh_prng_cmds.in, and openbsd-compat/Makefile.in. - Added openbsd-compat/bsd-cray.c. Rest will be merged after - approval. Selective patches from William L. Jones - - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/07/18 21:10:43 - [sshpty.c] - pr #1946, allow sshd if /dev is readonly - - stevesk@cvs.openbsd.org 2001/07/18 21:40:40 - [ssh-agent.c] - chdir("/") from bbraun@synack.net; ok markus@ - - stevesk@cvs.openbsd.org 2001/07/19 00:41:44 - [ssh.1] - escape chars are below now - - markus@cvs.openbsd.org 2001/07/20 14:46:11 - [ssh-agent.c] - do not exit() from signal handlers; ok deraadt@ - - stevesk@cvs.openbsd.org 2001/07/20 18:41:51 - [ssh.1] - "the" command line - -20010719 - - (tim) [configure.in] put inet_aton back in AC_CHECK_FUNCS. - report from Mark Miller - -20010718 - - OpenBSD CVS Sync - - stevesk@cvs.openbsd.org 2001/07/14 15:10:17 - [readpass.c sftp-client.c sftp-common.c sftp-glob.c] - delete spurious #includes; ok deraadt@ markus@ - - markus@cvs.openbsd.org 2001/07/15 16:17:08 - [serverloop.c] - schedule client alive for ssh2 only, greg@cheers.bungi.com - - stevesk@cvs.openbsd.org 2001/07/15 16:57:21 - [ssh-agent.1] - -d will not fork; ok markus@ - - stevesk@cvs.openbsd.org 2001/07/15 16:58:29 - [ssh-agent.c] - typo in usage; ok markus@ - - markus@cvs.openbsd.org 2001/07/17 20:48:42 - [ssh-agent.c] - update maxfd if maxfd is closed; report from jmcelroy@dtgnet.com - - markus@cvs.openbsd.org 2001/07/17 21:04:58 - [channels.c channels.h clientloop.c nchan.c serverloop.c] - keep track of both maxfd and the size of the malloc'ed fdsets. - update maxfd if maxfd gets closed. - - mouring@cvs.openbsd.org 2001/07/18 16:45:52 - [scp.c] - Missing -o in scp usage() - - (bal) Cleaned up trailing spaces in ChangeLog. - - (bal) Allow sshd to switch user context without password for Cygwin. - Patch by Corinna Vinschen - - (bal) Updated cygwin README and ssh-host-config. Patch by - Corinna Vinschen - -20010715 - - (bal) Set "BROKEN_GETADDRINFO" for darwin platform. Reported by - Josh Larios - - (tim) put openssh/openbsd-compat/inet_aton.[ch] back in. - needed by openbsd-compat/fake-getaddrinfo.c - -20010714 - - (stevesk) change getopt() declaration - - (stevesk) configure.in: use ll suffix for long long constant - in snprintf() test - -20010713 - - (djm) Enable /etc/nologin check on PAM systems, as some lack the - pam_nologin module. Report from William Yodlowsky - - - (djm) Revert dirname fix, a better one is on its way. - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/07/04 22:47:19 - [ssh-agent.c] - ignore SIGPIPE when debugging, too - - markus@cvs.openbsd.org 2001/07/04 23:13:10 - [scard.c scard.h ssh-agent.c] - handle card removal more gracefully, add sc_close() to scard.h - - markus@cvs.openbsd.org 2001/07/04 23:39:07 - [ssh-agent.c] - for smartcards remove both RSA1/2 keys - - markus@cvs.openbsd.org 2001/07/04 23:49:27 - [ssh-agent.c] - handle mutiple adds of the same smartcard key - - espie@cvs.openbsd.org 2001/07/05 11:43:33 - [sftp-glob.c] - Directly cast to the right type. Ok markus@ - - stevesk@cvs.openbsd.org 2001/07/05 20:32:47 - [sshconnect1.c] - statement after label; ok dugsong@ - - stevesk@cvs.openbsd.org 2001/07/08 15:23:38 - [servconf.c] - fix ``MaxStartups max''; ok markus@ - - fgsch@cvs.openbsd.org 2001/07/09 05:58:47 - [ssh.c] - Use getopt(3); markus@ ok. - - deraadt@cvs.openbsd.org 2001/07/09 07:04:53 - [session.c sftp-int.c] - correct type on last arg to execl(); nordin@cse.ogi.edu - - markus@cvs.openbsd.org 2001/07/10 21:49:12 - [readpass.c] - don't panic if fork or pipe fail (just return an empty passwd). - - itojun@cvs.openbsd.org 2001/07/11 00:24:53 - [servconf.c] - make it compilable in all 4 combination of KRB4/KRB5 settings. - dugsong ok - XXX isn't it sensitive to the order of -I/usr/include/kerberosIV and - -I/usr/include/kerberosV? - - markus@cvs.openbsd.org 2001/07/11 16:29:59 - [ssh.c] - sort options string, fix -p, add -k - - markus@cvs.openbsd.org 2001/07/11 18:26:15 - [auth.c] - no need to call dirname(pw->pw_dir). - note that dirname(3) modifies its argument on some systems. - - (djm) Reorder Makefile.in so clean targets work a little better when - run directly from Makefile.in - - (djm) Pull in getopt(3) from OpenBSD libc for the optreset extension. - -20010711 - - (djm) dirname(3) may modify its argument on glibc and other systems. - Patch from markus@, spotted by Tom Holroyd - -20010704 - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/06/25 08:25:41 - [channels.c channels.h cipher.c clientloop.c compat.c compat.h - hostfile.c kex.c kex.h key.c key.h nchan.c packet.c serverloop.c - session.c session.h sftp-server.c ssh-add.c ssh-agent.c uuencode.h] - update copyright for 2001 - - markus@cvs.openbsd.org 2001/06/25 17:18:27 - [ssh-keygen.1] - sshd(8) will never read the private keys, but ssh(1) does; - hugh@mimosa.com - - provos@cvs.openbsd.org 2001/06/25 17:54:47 - [auth.c auth.h auth-rsa.c] - terminate secure_filename checking after checking homedir. that way - it works on AFS. okay markus@ - - stevesk@cvs.openbsd.org 2001/06/25 20:26:37 - [auth2.c sshconnect2.c] - prototype cleanup; ok markus@ - - markus@cvs.openbsd.org 2001/06/26 02:47:07 - [ssh-keygen.c] - allow loading a private RSA key to a cyberflex card. - - markus@cvs.openbsd.org 2001/06/26 04:07:06 - [ssh-agent.1 ssh-agent.c] - add debug flag - - markus@cvs.openbsd.org 2001/06/26 04:59:59 - [authfd.c authfd.h ssh-add.c] - initial support for smartcards in the agent - - markus@cvs.openbsd.org 2001/06/26 05:07:43 - [ssh-agent.c] - update usage - - markus@cvs.openbsd.org 2001/06/26 05:33:34 - [ssh-agent.c] - more smartcard support. - - mpech@cvs.openbsd.org 2001/06/26 05:48:07 - [sshd.8] - remove unnecessary .Pp between .It; - millert@ ok - - markus@cvs.openbsd.org 2001/06/26 05:50:11 - [auth2.c] - new interface for secure_filename() - - itojun@cvs.openbsd.org 2001/06/26 06:32:58 - [atomicio.h authfd.h authfile.h auth.h auth-options.h bufaux.h - buffer.h canohost.h channels.h cipher.h clientloop.h compat.h - compress.h crc32.h deattack.h dh.h dispatch.h groupaccess.h - hostfile.h kex.h key.h log.h mac.h match.h misc.h mpaux.h packet.h - radix.h readconf.h readpass.h rsa.h] - prototype pedant. not very creative... - - () -> (void) - - no variable names - - itojun@cvs.openbsd.org 2001/06/26 06:33:07 - [servconf.h serverloop.h session.h sftp-client.h sftp-common.h - sftp-glob.h sftp-int.h sshconnect.h ssh-dss.h sshlogin.h sshpty.h - ssh-rsa.h tildexpand.h uidswap.h uuencode.h xmalloc.h] - prototype pedant. not very creative... - - () -> (void) - - no variable names - - dugsong@cvs.openbsd.org 2001/06/26 16:15:25 - [auth1.c auth.h auth-krb4.c auth-passwd.c readconf.c readconf.h - servconf.c servconf.h session.c sshconnect1.c sshd.c] - Kerberos v5 support for SSH1, mostly from Assar Westerlund - and Bjorn Gronvall . markus@ ok - - markus@cvs.openbsd.org 2001/06/26 17:25:34 - [ssh.1] - document SSH_ASKPASS; fubob@MIT.EDU - - markus@cvs.openbsd.org 2001/06/26 17:27:25 - [authfd.h authfile.h auth.h auth-options.h bufaux.h buffer.h - canohost.h channels.h cipher.h clientloop.h compat.h compress.h - crc32.h deattack.h dh.h dispatch.h groupaccess.c groupaccess.h - hostfile.h kex.h key.h log.c log.h mac.h misc.c misc.h mpaux.h - packet.h radix.h readconf.h readpass.h rsa.h servconf.h serverloop.h - session.h sftp-common.c sftp-common.h sftp-glob.h sftp-int.h - sshconnect.h ssh-dss.h sshlogin.h sshpty.h ssh-rsa.h sshtty.h - tildexpand.h uidswap.h uuencode.h xmalloc.h] - remove comments from .h, since they are cut&paste from the .c files - and out of sync - - dugsong@cvs.openbsd.org 2001/06/26 17:41:49 - [servconf.c] - #include - - markus@cvs.openbsd.org 2001/06/26 20:14:11 - [key.c key.h ssh.c sshconnect1.c sshconnect2.c] - add smartcard support to the client, too (now you can use both - the agent and the client). - - markus@cvs.openbsd.org 2001/06/27 02:12:54 - [serverloop.c serverloop.h session.c session.h] - quick hack to make ssh2 work again. - - markus@cvs.openbsd.org 2001/06/27 04:48:53 - [auth.c match.c sshd.8] - tridge@samba.org - - markus@cvs.openbsd.org 2001/06/27 05:35:42 - [ssh-keygen.c] - use cyberflex_inq_class to inquire class. - - markus@cvs.openbsd.org 2001/06/27 05:42:25 - [rsa.c rsa.h ssh-agent.c ssh-keygen.c] - s/generate_additional_parameters/rsa_generate_additional_parameters/ - http://www.humppa.com/ - - markus@cvs.openbsd.org 2001/06/27 06:26:36 - [ssh-add.c] - convert to getopt(3) - - stevesk@cvs.openbsd.org 2001/06/28 19:57:35 - [ssh-keygen.c] - '\0' terminated data[] is ok; ok markus@ - - markus@cvs.openbsd.org 2001/06/29 07:06:34 - [ssh-keygen.c] - new error handling for cyberflex_* - - markus@cvs.openbsd.org 2001/06/29 07:11:01 - [ssh-keygen.c] - initialize early - - stevesk@cvs.openbsd.org 2001/06/29 18:38:44 - [clientloop.c] - sync function definition with declaration; ok markus@ - - stevesk@cvs.openbsd.org 2001/06/29 18:40:28 - [channels.c] - use socklen_t for getsockopt arg #5; ok markus@ - - stevesk@cvs.openbsd.org 2001/06/30 18:08:40 - [channels.c channels.h clientloop.c] - adress -> address; ok markus@ - - markus@cvs.openbsd.org 2001/07/02 13:59:15 - [serverloop.c session.c session.h] - wait until !session_have_children(); bugreport from - Lutz.Jaenicke@aet.TU-Cottbus.DE - - markus@cvs.openbsd.org 2001/07/02 22:29:20 - [readpass.c] - do not return NULL, use "" instead. - - markus@cvs.openbsd.org 2001/07/02 22:40:18 - [ssh-keygen.c] - update for sectok.h interface changes. - - markus@cvs.openbsd.org 2001/07/02 22:52:57 - [channels.c channels.h serverloop.c] - improve cleanup/exit logic in ssh2: - stop listening to channels, detach channel users (e.g. sessions). - wait for children (i.e. dying sessions), send exit messages, - cleanup all channels. - - (bal) forget a few new files in sync up. - - (bal) Makefile fix up requires scard.c - - (stevesk) sync misc.h - - (stevesk) more sync for session.c - - (stevesk) sync servconf.h (comments) - - (tim) [contrib/caldera/openssh.spec] sync with Caldera - - (tim) [openbsd-compat/dirname.h] Remove ^M causing some compilers to - issue warning (line 1: tokens ignored at end of directive line) - - (tim) [sshconnect1.c] give the compiler something to do for success: - if KRB5 and AFS are not defined - (ERROR: "sshconnect1.c", line 1274: Syntax error before or at: }) - -20010629 - - (bal) Removed net_aton() since we don't use it any more - - (bal) Fixed _DISABLE_VPOSIX in readpassphrase.c. - - (bal) Updated zlib's home. Thanks to David Howe . - - (stevesk) remove _REENTRANT #define - - (stevesk) session.c: use u_int for envsize - - (stevesk) remove cli.[ch] - -20010628 - - (djm) Sync openbsd-compat with -current libc - - (djm) Fix from Lutz Jaenicke for my - broken makefile - - (bal) Removed strtok_r() and inet_ntop() since they are no longer used. - - (bal) Remove getusershell() since it's no longer used. - -20010627 - - (djm) Reintroduce pam_session call for non-pty sessions. - - (djm) Remove redundant and incorrect test for max auth attempts in - PAM kbdint code. Based on fix from Matthew Melvin - - - (djm) Rename sysconfdir/primes => sysconfdir/moduli - - (djm) Oops, forgot make logic for primes=>moduli. Also try to rename - existing primes->moduli if it exists. - - (djm) Sync with -current openbsd-compat/readpassphrase.c: - - djm@cvs.openbsd.org 2001/06/27 13:23:30 - typo, spotted by Tom Holroyd ; ok deraadt@ - - (djm) Turn up warnings if gcc or egcs detected - - (stevesk) for HP-UX 11.X use X/Open socket interface; - pulls in modern socket prototypes and eliminates a number of compiler - warnings. see xopen_networking(7). - - (stevesk) fix x11 forwarding from _PATH_XAUTH change - - (stevesk) use X/Open socket interface for HP-UX 10.X also - -20010625 - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/06/21 21:08:25 - [session.c] - don't reset forced_command (we allow multiple login shells in - ssh2); dwd@bell-labs.com - - mpech@cvs.openbsd.org 2001/06/22 10:17:51 - [ssh.1 sshd.8 ssh-keyscan.1] - o) .Sh AUTHOR -> .Sh AUTHORS; - o) remove unnecessary .Pp; - o) better -mdoc style; - o) typo; - o) sort SEE ALSO; - aaron@ ok - - provos@cvs.openbsd.org 2001/06/22 21:27:08 - [dh.c pathnames.h] - use /etc/moduli instead of /etc/primes, okay markus@ - - provos@cvs.openbsd.org 2001/06/22 21:28:53 - [sshd.8] - document /etc/moduli - - markus@cvs.openbsd.org 2001/06/22 21:55:49 - [auth2.c auth-rsa.c pathnames.h ssh.1 sshd.8 sshd_config - ssh-keygen.1] - merge authorized_keys2 into authorized_keys. - authorized_keys2 is used for backward compat. - (just append authorized_keys2 to authorized_keys). - - provos@cvs.openbsd.org 2001/06/22 21:57:59 - [dh.c] - increase linebuffer to deal with larger moduli; use rewind instead of - close/open - - markus@cvs.openbsd.org 2001/06/22 22:21:20 - [sftp-server.c] - allow long usernames/groups in readdir - - markus@cvs.openbsd.org 2001/06/22 23:35:21 - [ssh.c] - don't overwrite argv (fixes ssh user@host in 'ps'), report by ericj@ - - deraadt@cvs.openbsd.org 2001/06/23 00:16:16 - [scp.c] - slightly better care - - markus@cvs.openbsd.org 2001/06/23 00:20:57 - [auth2.c auth.c auth.h auth-rh-rsa.c] - *known_hosts2 is obsolete for hostbased authentication and - only used for backward compat. merge ssh1/2 hostkey check - and move it to auth.c - - deraadt@cvs.openbsd.org 2001/06/23 02:33:05 - [sftp.1 sftp-server.8 ssh-keygen.1] - join .%A entries; most by bk@rt.fm - - markus@cvs.openbsd.org 2001/06/23 02:34:33 - [kexdh.c kexgex.c kex.h pathnames.h readconf.c servconf.h ssh.1 - sshconnect1.c sshconnect2.c sshconnect.c sshconnect.h sshd.8] - get rid of known_hosts2, use it for hostkey lookup, but do not - modify. - - markus@cvs.openbsd.org 2001/06/23 03:03:59 - [sshd.8] - draft-ietf-secsh-dh-group-exchange-01.txt - - markus@cvs.openbsd.org 2001/06/23 03:04:42 - [auth2.c auth-rh-rsa.c] - restore correct ignore_user_known_hosts logic. - - markus@cvs.openbsd.org 2001/06/23 05:26:02 - [key.c] - handle sigature of size 0 (some broken clients send this). - - deraadt@cvs.openbsd.org 2001/06/23 05:57:09 - [sftp.1 sftp-server.8 ssh-keygen.1] - ok, tmac is now fixed - - markus@cvs.openbsd.org 2001/06/23 06:41:10 - [ssh-keygen.c] - try to decode ssh-3.0.0 private rsa keys - (allow migration to openssh, not vice versa), #910 - - itojun@cvs.openbsd.org 2001/06/23 15:12:20 - [auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c - canohost.c channels.c cipher.c clientloop.c deattack.c dh.c - hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c - readpass.c scp.c servconf.c serverloop.c session.c sftp.c - sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c - ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c - ssh-keygen.c ssh-keyscan.c] - more strict prototypes. raise warning level in Makefile.inc. - markus ok'ed - TODO; cleanup headers - - markus@cvs.openbsd.org 2001/06/23 17:05:22 - [ssh-keygen.c] - fix import for (broken?) ssh.com/f-secure private keys - (i tested > 1000 RSA keys) - - itojun@cvs.openbsd.org 2001/06/23 17:48:18 - [sftp.1 ssh.1 sshd.8 ssh-keyscan.1] - kill whitespace at EOL. - - markus@cvs.openbsd.org 2001/06/23 19:12:43 - [sshd.c] - pidfile/sigterm race; bbraun@synack.net - - markus@cvs.openbsd.org 2001/06/23 22:37:46 - [sshconnect1.c] - consistent with ssh2: skip key if empty passphrase is entered, - retry num_of_passwd_prompt times if passphrase is wrong. ok fgsch@ - - markus@cvs.openbsd.org 2001/06/24 05:25:10 - [auth-options.c match.c match.h] - move ip+hostname check to match.c - - markus@cvs.openbsd.org 2001/06/24 05:35:33 - [readpass.c readpass.h ssh-add.c sshconnect2.c ssh-keygen.c] - switch to readpassphrase(3) - 2.7/8-stable needs readpassphrase.[ch] from libc - - markus@cvs.openbsd.org 2001/06/24 05:47:13 - [sshconnect2.c] - oops, missing format string - - markus@cvs.openbsd.org 2001/06/24 17:18:31 - [ttymodes.c] - passing modes works fine: debug2->3 - - (djm) -Wall fix for session.c - - (djm) Bring in readpassphrase() from OpenBSD libc. Compiles OK on Linux and - Solaris - -20010622 - - (stevesk) handle systems without pw_expire and pw_change. - -20010621 - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/06/16 08:49:38 - [misc.c] - typo; dunlap@apl.washington.edu - - markus@cvs.openbsd.org 2001/06/16 08:50:39 - [channels.h] - bad //-style comment; thx to stevev@darkwing.uoregon.edu - - markus@cvs.openbsd.org 2001/06/16 08:57:35 - [scp.c] - no stdio or exit() in signal handlers. - - markus@cvs.openbsd.org 2001/06/16 08:58:34 - [misc.c] - copy pw_expire and pw_change, too. - - markus@cvs.openbsd.org 2001/06/19 12:34:09 - [session.c] - cleanup forced command handling, from dwd@bell-labs.com - - markus@cvs.openbsd.org 2001/06/19 14:09:45 - [session.c sshd.8] - disable x11-fwd if use_login is enabled; from lukem@wasabisystems.com - - markus@cvs.openbsd.org 2001/06/19 15:40:45 - [session.c] - allocate and free at the same level. - - markus@cvs.openbsd.org 2001/06/20 13:56:39 - [channels.c channels.h clientloop.c packet.c serverloop.c] - move from channel_stop_listening to channel_free_all, - call channel_free_all before calling waitpid() in serverloop. - fixes the utmp handling; report from Lutz.Jaenicke@aet.TU-Cottbus.DE - -20010615 - - (stevesk) don't set SA_RESTART and set SIGCHLD to SIG_DFL - around grantpt(). - - (stevesk) update TODO: STREAMS pty systems don't call vhangup() now - -20010614 - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/06/13 09:10:31 - [session.c] - typo, use pid not s->pid, mstone@cs.loyola.edu - -20010613 - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/06/12 10:58:29 - [session.c] - merge session_free into session_close() - merge pty_cleanup_proc into session_pty_cleanup() - - markus@cvs.openbsd.org 2001/06/12 16:10:38 - [session.c] - merge ssh1/ssh2 tty msg parse and alloc code - - markus@cvs.openbsd.org 2001/06/12 16:11:26 - [packet.c] - do not log() packet_set_maxsize - - markus@cvs.openbsd.org 2001/06/12 21:21:29 - [session.c] - remove xauth-cookie-in-tmp handling. use default $XAUTHORITY, since - we do already trust $HOME/.ssh - you can use .ssh/sshrc and .ssh/environment if you want to customize - the location of the xauth cookies - - markus@cvs.openbsd.org 2001/06/12 21:30:57 - [session.c] - unused - -20010612 - - scp.c ID update (upstream synced vfsprintf() from us) - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/06/10 11:29:20 - [dispatch.c] - we support rekeying - protocol errors are fatal. - - markus@cvs.openbsd.org 2001/06/11 10:18:24 - [session.c] - reset pointer to NULL after xfree(); report from solar@openwall.com - - markus@cvs.openbsd.org 2001/06/11 16:04:38 - [sshd.8] - typo; bdubreuil@crrel.usace.army.mil - -20010611 - - (bal) NeXT/MacOS X lack libgen.h and dirname(). Patch by Mark Miller - - - (bal) Handle broken krb4 issues on Solaris with multiple defined u_*_t - types. Patch by Jan IVEN - - (bal) Fixed Makefile.in so that 'configure; make install' works. - -20010610 - - (bal) Missed two files in major resync. auth-bsdauth.c and auth-skey.c - -20010609 - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/05/30 12:55:13 - [auth-options.c auth2.c channels.c channels.h clientloop.c nchan.c - packet.c serverloop.c session.c ssh.c ssh1.h] - channel layer cleanup: merge header files and split .c files - - markus@cvs.openbsd.org 2001/05/30 15:20:10 - [ssh.c] - merge functions, simplify. - - markus@cvs.openbsd.org 2001/05/31 10:30:17 - [auth-options.c auth2.c channels.c channels.h clientloop.c nchan.c - packet.c serverloop.c session.c ssh.c] - undo the .c file split, just merge the header and keep the cvs - history - - (bal) Channels.c and Channels.h -- "Merge Functions, simplify" (draged - out of ssh Attic) - - (bal) Ooops.. nchan.c (and remove nchan.h) resync from OpenBSD ssh - Attic. - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/05/31 13:08:04 - [sshd_config] - group options and add some more comments - - markus@cvs.openbsd.org 2001/06/03 14:55:39 - [channels.c channels.h session.c] - use fatal_register_cleanup instead of atexit, sync with x11 authdir - handling - - markus@cvs.openbsd.org 2001/06/03 19:36:44 - [ssh-keygen.1] - 1-2 bits of entrophy per character (not per word), ok stevesk@ - - markus@cvs.openbsd.org 2001/06/03 19:38:42 - [scp.c] - pass -v to ssh; from slade@shore.net - - markus@cvs.openbsd.org 2001/06/03 20:06:11 - [auth2-chall.c] - the challenge response device decides how to handle non-existing - users. - -> fake challenges for skey and cryptocard - - markus@cvs.openbsd.org 2001/06/04 21:59:43 - [channels.c channels.h session.c] - switch uid when cleaning up tmp files and sockets; reported by - zen-parse@gmx.net on bugtraq - - markus@cvs.openbsd.org 2001/06/04 23:07:21 - [clientloop.c serverloop.c sshd.c] - set flags in the signal handlers, do real work in the main loop, - ok provos@ - - markus@cvs.openbsd.org 2001/06/04 23:16:16 - [session.c] - merge ssh1/2 x11-fwd setup, create listener after tmp-dir - - pvalchev@cvs.openbsd.org 2001/06/05 05:05:39 - [ssh-keyscan.1 ssh-keyscan.c] - License clarification from David Mazieres, ok deraadt@ - - markus@cvs.openbsd.org 2001/06/05 10:24:32 - [channels.c] - don't delete the auth socket in channel_stop_listening() - auth_sock_cleanup_proc() will take care of this. - - markus@cvs.openbsd.org 2001/06/05 16:46:19 - [session.c] - let session_close() delete the pty. deny x11fwd if xauthfile is set. - - markus@cvs.openbsd.org 2001/06/06 23:13:54 - [ssh-dss.c ssh-rsa.c] - cleanup, remove old code - - markus@cvs.openbsd.org 2001/06/06 23:19:35 - [ssh-add.c] - remove debug message; Darren.Moffat@eng.sun.com - - markus@cvs.openbsd.org 2001/06/07 19:57:53 - [auth2.c] - style is used for bsdauth. - disconnect on user/service change (ietf-drafts) - - markus@cvs.openbsd.org 2001/06/07 20:23:05 - [authfd.c authfile.c channels.c kexdh.c kexgex.c packet.c ssh.c - sshconnect.c sshconnect1.c] - use xxx_put_cstring() - - markus@cvs.openbsd.org 2001/06/07 22:25:02 - [session.c] - don't overwrite errno - delay deletion of the xauth cookie - - markus@cvs.openbsd.org 2001/06/08 15:25:40 - [includes.h pathnames.h readconf.c servconf.c] - move the path for xauth to pathnames.h - - (bal) configure.in fix for Tru64 (forgeting to reset $LIB) - - (bal) ANSIify strmode() - - (bal) --with-catman should be --with-mantype patch by Dave - Dykstra - -20010606 - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/05/17 21:34:15 - [ssh.1] - no spaces in PreferredAuthentications; - meixner@rbg.informatik.tu-darmstadt.de - - markus@cvs.openbsd.org 2001/05/18 14:13:29 - [auth-chall.c auth.h auth1.c auth2-chall.c auth2.c readconf.c - readconf.h servconf.c servconf.h sshconnect1.c sshconnect2.c sshd.c] - improved kbd-interactive support. work by per@appgate.com and me - - djm@cvs.openbsd.org 2001/05/19 00:36:40 - [session.c] - Disable X11 forwarding if xauth binary is not found. Patch from Nalin - Dahyabhai ; ok markus@ - - markus@cvs.openbsd.org 2001/05/19 16:05:41 - [scp.c] - ftruncate() instead of open()+O_TRUNC like rcp.c does - allows scp /path/to/file localhost:/path/to/file - - markus@cvs.openbsd.org 2001/05/19 16:08:43 - [sshd.8] - sort options; Matthew.Stier@fnc.fujitsu.com - - markus@cvs.openbsd.org 2001/05/19 16:32:16 - [ssh.1 sshconnect2.c] - change preferredauthentication order to - publickey,hostbased,password,keyboard-interactive - document that hostbased defaults to no, document order - - markus@cvs.openbsd.org 2001/05/19 16:46:19 - [ssh.1 sshd.8] - document MACs defaults with .Dq - - stevesk@cvs.openbsd.org 2001/05/19 19:43:57 - [misc.c misc.h servconf.c sshd.8 sshd.c] - sshd command-line arguments and configuration file options that - specify time may be expressed using a sequence of the form: - time[qualifier], where time is a positive integer value and qualifier - is one of the following: - ,s,m,h,d,w - Examples: - 600 600 seconds (10 minutes) - 10m 10 minutes - 1h30m 1 hour 30 minutes (90 minutes) - ok markus@ - - stevesk@cvs.openbsd.org 2001/05/19 19:57:09 - [channels.c] - typo in error message - - markus@cvs.openbsd.org 2001/05/20 17:20:36 - [auth-rsa.c auth.c auth.h auth2.c servconf.c servconf.h sshd.8 - sshd_config] - configurable authorized_keys{,2} location; originally from peter@; - ok djm@ - - markus@cvs.openbsd.org 2001/05/24 11:12:42 - [auth.c] - fix comment; from jakob@ - - stevesk@cvs.openbsd.org 2001/05/24 18:57:53 - [clientloop.c readconf.c ssh.c ssh.h] - don't perform escape processing when ``EscapeChar none''; ok markus@ - - markus@cvs.openbsd.org 2001/05/25 14:37:32 - [ssh-keygen.c] - use -P for -e and -y, too. - - markus@cvs.openbsd.org 2001/05/28 08:04:39 - [ssh.c] - fix usage() - - markus@cvs.openbsd.org 2001/05/28 10:08:55 - [authfile.c] - key_load_private: set comment to filename for PEM keys - - markus@cvs.openbsd.org 2001/05/28 22:51:11 - [cipher.c cipher.h] - simpler 3des for ssh1 - - markus@cvs.openbsd.org 2001/05/28 23:14:49 - [channels.c channels.h nchan.c] - undo broken channel fix and try a different one. there - should be still some select errors... - - markus@cvs.openbsd.org 2001/05/28 23:25:24 - [channels.c] - cleanup, typo - - markus@cvs.openbsd.org 2001/05/28 23:58:35 - [packet.c packet.h sshconnect.c sshd.c] - remove some lines, simplify. - - markus@cvs.openbsd.org 2001/05/29 12:31:27 - [authfile.c] - typo - -20010528 - - (tim) [conifgure.in] add setvbuf test needed for sftp-int.c - Patch by Corinna Vinschen - -20010517 - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/05/12 19:53:13 - [sftp-server.c] - readlink does not NULL-terminate; mhe@home.se - - deraadt@cvs.openbsd.org 2001/05/15 22:04:01 - [ssh.1] - X11 forwarding details improved - - markus@cvs.openbsd.org 2001/05/16 20:51:57 - [authfile.c] - return comments for private pem files, too; report from nolan@naic.edu - - markus@cvs.openbsd.org 2001/05/16 21:53:53 - [clientloop.c] - check for open sessions before we call select(); fixes the x11 client - bug reported by bowman@math.ualberta.ca - - markus@cvs.openbsd.org 2001/05/16 22:09:21 - [channels.c nchan.c] - more select() error fixes (don't set rfd/wfd to -1). - - (bal) Enabled USE_PIPES for Cygwin on Corinna Vinschen - - (bal) Corrected on_exit() emulation via atexit(). - -20010512 - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/05/11 14:59:56 - [clientloop.c misc.c misc.h] - add unset_nonblock for stdout/err flushing in client_loop(). - - (bal) Patch to partial sync up contrib/solaris/ packaging software. - Patch by pete - -20010511 - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/05/09 22:51:57 - [channels.c] - fix -R for protocol 2, noticed by greg@nest.cx. - bug was introduced with experimental dynamic forwarding. - - markus@cvs.openbsd.org 2001/05/09 23:01:31 - [rijndael.h] - fix prototype; J.S.Peatfield@damtp.cam.ac.uk - -20010509 - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/05/06 21:23:31 - [cli.c] - cli_read() fails to catch SIGINT + overflow; from obdb@zzlevo.net - - markus@cvs.openbsd.org 2001/05/08 19:17:31 - [channels.c serverloop.c clientloop.c] - adds correct error reporting to async connect()s - fixes the server-discards-data-before-connected-bug found by - onoe@sm.sony.co.jp - - mouring@cvs.openbsd.org 2001/05/08 19:45:25 - [misc.c misc.h scp.c sftp.c] - Use addargs() in sftp plus some clean up of addargs(). OK Markus - - markus@cvs.openbsd.org 2001/05/06 21:45:14 - [clientloop.c] - use atomicio for flushing stdout/stderr bufs. thanks to - jbw@izanami.cee.hw.ac.uk - - markus@cvs.openbsd.org 2001/05/08 22:48:07 - [atomicio.c] - no need for xmalloc.h, thanks to espie@ - - (bal) UseLogin patch for Solaris/UNICOS. Patch by Wayne Davison - - - (bal) ./configure support to disable SIA on OSF1. Patch by - Chris Adams - - (bal) Updates from the Sony NEWS-OS platform by NAKAJI Hiroyuki - - -20010508 - - (bal) Fixed configure test for USE_SIA. - -20010506 - - (djm) Update config.guess and config.sub with latest versions (from - ftp://ftp.gnu.org/gnu/config/) to allow configure on ia64-hpux. - Suggested by Jason Mader - - (bal) White Space and #ifdef sync with OpenBSD - - (bal) Add 'seed_rng()' to ssh-add.c - - (bal) CVS ID updates for readpass.c, readpass.h, cli.c, and cli.h - - OpenBSD CVS Sync - - stevesk@cvs.openbsd.org 2001/05/05 13:42:52 - [sftp.1 ssh-add.1 ssh-keygen.1] - typos, grammar - -20010505 - - OpenBSD CVS Sync - - stevesk@cvs.openbsd.org 2001/05/04 14:21:56 - [ssh.1 sshd.8] - typos - - markus@cvs.openbsd.org 2001/05/04 14:34:34 - [channels.c] - channel_new() reallocs channels[], we cannot use Channel *c after - calling channel_new(), XXX fix this in the future... - - markus@cvs.openbsd.org 2001/05/04 23:47:34 - [channels.c channels.h clientloop.c nchan.c nchan.h serverloop.c ssh.c] - move to Channel **channels (instead of Channel *channels), fixes realloc - problems. channel_new now returns a Channel *, favour Channel * over - channel id. remove old channel_allocate interface. - -20010504 - - OpenBSD CVS Sync - - stevesk@cvs.openbsd.org 2001/05/03 15:07:39 - [channels.c] - typo in debug() string - - markus@cvs.openbsd.org 2001/05/03 15:45:15 - [session.c] - exec shell -c /bin/sh .ssh/sshrc, from abartlet@pcug.org.au - - stevesk@cvs.openbsd.org 2001/05/03 21:43:01 - [servconf.c] - remove "\n" from fatal() - - mouring@cvs.openbsd.org 2001/05/03 23:09:53 - [misc.c misc.h scp.c sftp.c] - Move colon() and cleanhost() to misc.c where I should I have put it in - the first place - - (bal) Updated Cygwin README by Corinna Vinschen - - (bal) Avoid socket file security issues in ssh-agent for Cygwin. - Patch by Egor Duda - -20010503 - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/05/02 16:41:20 - [ssh-add.c] - fix prompt for ssh-add. - -20010502 - - OpenBSD CVS Sync - - mouring@cvs.openbsd.org 2001/05/02 01:25:39 - [readpass.c] - Put the 'const' back into ssh_askpass() function. Pointed out - by Mark Miller . OK Markus - -20010501 - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/04/30 11:18:52 - [readconf.c readconf.h ssh.1 ssh.c sshconnect.c] - implement 'ssh -b bind_address' like 'telnet -b' - - markus@cvs.openbsd.org 2001/04/30 15:50:46 - [compat.c compat.h kex.c] - allow interop with weaker key generation used by ssh-2.0.x, x < 10 - - markus@cvs.openbsd.org 2001/04/30 16:02:49 - [compat.c] - ssh-2.0.10 has the weak-key-bug, too. - - (tim) [contrib/caldera/openssh.spec] add Requires line for Caldera 3.1 - -20010430 - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/04/29 18:32:52 - [serverloop.c] - fix whitespace - - markus@cvs.openbsd.org 2001/04/29 19:16:52 - [channels.c clientloop.c compat.c compat.h serverloop.c] - more ssh.com-2.0.x bug-compat; from per@appgate.com - - (tim) New version of mdoc2man.pl from Mark D. Roth - - (djm) Add .cvsignore files, suggested by Wayne Davison - -20010429 - - (bal) Updated INSTALL. PCRE moved to a new place. - - (djm) Release OpenSSH-2.9p1 - -20010427 - - (bal) Fixed uidswap.c so it should work on non-posix complient systems. - patch based on 2.5.2 version by djm. - - (bal) Build manpages and config files once unless changed. Patch by - Carson Gaspar - - (bal) arpa/nameser.h does not exist on Cygwin. Patch by Corinna - Vinschen - - (bal) Add /etc/sysconfig/sshd support to redhat's sshd.init. Patch by - Pekka Savola - - (bal) Cygwin lacks setgroups() API. Patch by Corinna Vinschen - - - (bal) version.h synced, RPM specs updated for 2.9 - - (tim) update contrib/caldera files with what Caldera is using. - - -20010425 - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/04/23 21:57:07 - [ssh-keygen.1 ssh-keygen.c] - allow public key for -e, too - - markus@cvs.openbsd.org 2001/04/23 22:14:13 - [ssh-keygen.c] - remove debug - - (bal) Whitespace resync w/ OpenBSD for uidswap.c - - (djm) Add new server configuration directive 'PAMAuthenticationViaKbdInt' - (default: off), implies KbdInteractiveAuthentication. Suggestion from - markus@ - - (djm) Include crypt.h if available in auth-passwd.c - - tim@mindrot.org 2001/04/25 21:38:01 [configure.in] - man page detection fixes for SCO - -20010424 - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/04/22 23:58:36 - [ssh-keygen.1 ssh.1 sshd.8] - document hostbased and other cleanup - - (stevesk) start_pam() doesn't use DNS now for sshd -u0. - - (stevesk) auth-pam.c: use PERMIT_NO_PASSWD - - (bal) sys/queue.h is bogus for NCR platform. Patch by Daniel Carroll - - - (bal) Fixed contrib/postinstall.in. Patch by wsanders@wsanders.net - -20010422 - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/04/20 16:32:22 - [uidswap.c] - set non-privileged gid before uid; tholo@ and deraadt@ - - mouring@cvs.openbsd.org 2001/04/21 00:55:57 - [sftp.1] - Spelling - - djm@cvs.openbsd.org 2001/04/22 08:13:30 - [ssh.1] - typos spotted by stevesk@; ok deraadt@ - - markus@cvs.openbsd.org 2001/04/22 12:34:05 - [scp.c] - scp > 2GB; niles@scyld.com; ok deraadt@, djm@ - - markus@cvs.openbsd.org 2001/04/22 13:25:37 - [ssh-keygen.1 ssh-keygen.c] - rename arguments -x -> -e (export key), -X -> -i (import key) - xref draft-ietf-secsh-publickeyfile-01.txt - - markus@cvs.openbsd.org 2001/04/22 13:32:27 - [sftp-server.8 sftp.1 ssh.1 sshd.8] - xref draft-ietf-secsh-* - - markus@cvs.openbsd.org 2001/04/22 13:41:02 - [ssh-keygen.1 ssh-keygen.c] - style, noted by stevesk; sort flags in usage - -20010421 - - OpenBSD CVS Sync - - djm@cvs.openbsd.org 2001/04/20 07:17:51 - [clientloop.c ssh.1] - Split out and improve escape character documentation, mention ~R in - ~? help text; ok markus@ - - Update RPM spec files for CVS version.h - - (stevesk) set the default PAM service name to __progname instead - of the hard-coded value "sshd"; from Mark D. Roth - - (stevesk) document PAM service name change in INSTALL - - tim@mindrot.org 2001/04/21 14:25:57 [Makefile.in configure.in] - fix perl test, fix nroff test, fix Makefile to build outside source tree - -20010420 - - OpenBSD CVS Sync - - ian@cvs.openbsd.org 2001/04/18 16:21:05 - [ssh-keyscan.1] - Fix typo reported in PR/1779 - - markus@cvs.openbsd.org 2001/04/18 21:57:42 - [readpass.c ssh-add.c] - call askpass from ssh, too, based on work by roth@feep.net, ok deraadt - - markus@cvs.openbsd.org 2001/04/18 22:03:45 - [auth2.c sshconnect2.c] - use FDQN with trailing dot in the hostbased auth packets, ok deraadt@ - - markus@cvs.openbsd.org 2001/04/18 22:48:26 - [auth2.c] - no longer const - - markus@cvs.openbsd.org 2001/04/18 23:43:26 - [auth2.c compat.c sshconnect2.c] - more ssh v2 hostbased-auth interop: ssh.com >= 2.1.0 works now - (however the 2.1.0 server seems to work only if debug is enabled...) - - markus@cvs.openbsd.org 2001/04/18 23:44:51 - [authfile.c] - error->debug; noted by fries@ - - markus@cvs.openbsd.org 2001/04/19 00:05:11 - [auth2.c] - use local variable, no function call needed. - (btw, hostbased works now with ssh.com >= 2.0.13) - - (bal) Put scp-common.h back into scp.c (it exists in the upstream - tree) pointed out by Tom Holroyd - -20010418 - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/04/17 19:34:25 - [session.c] - move auth_approval to do_authenticated(). - do_child(): nuke hostkeys from memory - don't source .ssh/rc for subsystems. - - markus@cvs.openbsd.org 2001/04/18 14:15:00 - [canohost.c] - debug->debug3 - - (bal) renabled 'catman-do:' and fixed it. So now catman pages should - be working again. - - (bal) Makfile day... Cleaned up multiple mantype support (Patch by - Mark D. Roth ), and fixed PIDDIR support. - -20010417 - - (bal) Add perl5 check for HP/UX, Removed GNUness from Makefile.in - and temporary commented out 'catman-do:' since it is broken. Patches - for the first two by Lutz Jaenicke - - OpenBSD CVS Sync - - deraadt@cvs.openbsd.org 2001/04/16 08:26:04 - [key.c] - better safe than sorry in later mods; yongari@kt-is.co.kr - - markus@cvs.openbsd.org 2001/04/17 08:14:01 - [sshconnect1.c] - check for key!=NULL, thanks to costa - - markus@cvs.openbsd.org 2001/04/17 09:52:48 - [clientloop.c] - handle EINTR/EAGAIN on read; ok deraadt@ - - markus@cvs.openbsd.org 2001/04/17 10:53:26 - [key.c key.h readconf.c readconf.h ssh.1 sshconnect2.c] - add HostKeyAlgorithms; based on patch from res@shore.net; ok provos@ - - markus@cvs.openbsd.org 2001/04/17 12:55:04 - [channels.c ssh.c] - undo socks5 and https support since they are not really used and - only bloat ssh. remove -D from usage(), since '-D' is experimental. - -20010416 - - OpenBSD CVS Sync - - stevesk@cvs.openbsd.org 2001/04/15 01:35:22 - [ttymodes.c] - fix comments - - markus@cvs.openbsd.org 2001/04/15 08:43:47 - [dh.c sftp-glob.c sftp-glob.h sftp-int.c sshconnect2.c sshd.c] - some unused variable and typos; from tomh@po.crl.go.jp - - markus@cvs.openbsd.org 2001/04/15 16:58:03 - [authfile.c ssh-keygen.c sshd.c] - don't use errno for key_{load,save}_private; discussion w/ solar@openwall - - markus@cvs.openbsd.org 2001/04/15 17:16:00 - [clientloop.c] - set stdin/out/err to nonblocking in SSH proto 1, too. suggested by ho@ - should fix some of the blocking problems for rsync over SSH-1 - - stevesk@cvs.openbsd.org 2001/04/15 19:41:21 - [sshd.8] - some ClientAlive cleanup; ok markus@ - - stevesk@cvs.openbsd.org 2001/04/15 21:28:35 - [readconf.c servconf.c] - use fatal() or error() vs. fprintf(); ok markus@ - - (djm) Convert mandoc manpages to man automatically. Patch from Mark D. - Roth - - (bal) CVS ID fix up and slight manpage fix from OpenBSD tree. - - (djm) OpenBSD CVS Sync - - mouring@cvs.openbsd.org 2001/04/16 02:31:44 - [scp.c sftp.c] - IPv6 support for sftp (which I bungled in my last patch) which is - borrowed from scp.c. Thanks to Markus@ for pointing it out. - - deraadt@cvs.openbsd.org 2001/04/16 08:05:34 - [xmalloc.c] - xrealloc dealing with ptr == nULL; mouring - - djm@cvs.openbsd.org 2001/04/16 08:19:31 - [session.c] - Split motd and hushlogin checks into seperate functions, helps for - portable. From Chris Adams ; ok markus@ - - Fix OSF SIA support displaying too much information for quiet - logins and logins where access was denied by SIA. Patch from Chris Adams - - -20010415 - - OpenBSD CVS Sync - - deraadt@cvs.openbsd.org 2001/04/14 04:31:01 - [ssh-add.c] - do not double free - - markus@cvs.openbsd.org 2001/04/14 16:17:14 - [channels.c] - remove some channels that are not appropriate for keepalive. - - markus@cvs.openbsd.org 2001/04/14 16:27:57 - [ssh-add.c] - use clear_pass instead of xfree() - - stevesk@cvs.openbsd.org 2001/04/14 16:33:20 - [clientloop.c packet.h session.c ssh.c ttymodes.c ttymodes.h] - protocol 2 tty modes support; ok markus@ - - stevesk@cvs.openbsd.org 2001/04/14 17:04:42 - [scp.c] - 'T' handling rcp/scp sync; ok markus@ - - Missed sshtty.[ch] in Sync. - -20010414 - - Sync with OpenBSD glob.c, strlcat.c and vis.c changes - - Cygwin sftp/sftp-server binary mode patch from Corinna Vinschen - - - OpenBSD CVS Sync - - beck@cvs.openbsd.org 2001/04/13 22:46:54 - [channels.c channels.h servconf.c servconf.h serverloop.c sshd.8] - Add options ClientAliveInterval and ClientAliveCountMax to sshd. - This gives the ability to do a "keepalive" via the encrypted channel - which can't be spoofed (unlike TCP keepalives). Useful for when you want - to use ssh connections to authenticate people for something, and know - relatively quickly when they are no longer authenticated. Disabled - by default (of course). ok markus@ - -20010413 - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/04/12 14:29:09 - [ssh.c] - show debug output during option processing, report from - pekkas@netcore.fi - - markus@cvs.openbsd.org 2001/04/12 19:15:26 - [auth-rhosts.c auth.h auth2.c buffer.c canohost.c canohost.h - compat.c compat.h hostfile.c pathnames.h readconf.c readconf.h - servconf.c servconf.h ssh.c sshconnect.c sshconnect.h sshconnect1.c - sshconnect2.c sshd_config] - implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2) - similar to RhostRSAAuthentication unless you enable (the experimental) - HostbasedUsesNameFromPacketOnly option. please test. :) - - markus@cvs.openbsd.org 2001/04/12 19:39:27 - [readconf.c] - typo - - stevesk@cvs.openbsd.org 2001/04/12 20:09:38 - [misc.c misc.h readconf.c servconf.c ssh.c sshd.c] - robust port validation; ok markus@ jakob@ - - mouring@cvs.openbsd.org 2001/04/12 23:17:54 - [sftp-int.c sftp-int.h sftp.1 sftp.c] - Add support for: - sftp [user@]host[:file [file]] - Fetch remote file(s) - sftp [user@]host[:dir[/]] - Start in remote dir/ - OK deraadt@ - - stevesk@cvs.openbsd.org 2001/04/13 01:26:17 - [ssh.c] - missing \n in error message - - (bal) Added openbsd-compat/inet_ntop.[ch] since HP/UX (and others) - lack it. - -20010412 - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/04/10 07:46:58 - [channels.c] - cleanup socks4 handling - - itojun@cvs.openbsd.org 2001/04/10 09:13:22 - [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8] - document id_rsa{.pub,}. markus ok - - markus@cvs.openbsd.org 2001/04/10 12:15:23 - [channels.c] - debug cleanup - - djm@cvs.openbsd.org 2001/04/11 07:06:22 - [sftp-int.c] - 'mget' and 'mput' aliases; ok markus@ - - markus@cvs.openbsd.org 2001/04/11 10:59:01 - [ssh.c] - use strtol() for ports, thanks jakob@ - - markus@cvs.openbsd.org 2001/04/11 13:56:13 - [channels.c ssh.c] - https-connect and socks5 support. i feel so bad. - - lebel@cvs.openbsd.org 2001/04/11 16:25:30 - [sshd.8 sshd.c] - implement the -e option into sshd: - -e When this option is specified, sshd will send the output to the - standard error instead of the system log. - markus@ OK. - -20010410 - - OpenBSD CVS Sync - - deraadt@cvs.openbsd.org 2001/04/08 20:52:55 - [sftp.c] - do not modify an actual argv[] entry - - stevesk@cvs.openbsd.org 2001/04/08 23:28:27 - [sshd.8] - spelling - - stevesk@cvs.openbsd.org 2001/04/09 00:42:05 - [sftp.1] - spelling - - markus@cvs.openbsd.org 2001/04/09 15:12:23 - [ssh-add.c] - passphrase caching: ssh-add tries last passphrase, clears passphrase if - not successful and after last try. - based on discussions with espie@, jakob@, ... and code from jakob@ and - wolfgang@wsrcc.com - - markus@cvs.openbsd.org 2001/04/09 15:19:49 - [ssh-add.1] - ssh-add retries the last passphrase... - - stevesk@cvs.openbsd.org 2001/04/09 18:00:15 - [sshd.8] - ListenAddress mandoc from aaron@ - -20010409 - - (stevesk) use setresgid() for setegid() if needed - - (stevesk) configure.in: typo - - OpenBSD CVS Sync - - stevesk@cvs.openbsd.org 2001/04/08 16:01:36 - [sshd.8] - document ListenAddress addr:port - - markus@cvs.openbsd.org 2001/04/08 13:03:00 - [ssh-add.c] - init pointers with NULL, thanks to danimal@danimal.org - - markus@cvs.openbsd.org 2001/04/08 11:27:33 - [clientloop.c] - leave_raw_mode if ssh2 "session" is closed - - markus@cvs.openbsd.org 2001/04/06 21:00:17 - [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth2.c channels.c session.c - ssh.c sshconnect.c sshconnect.h uidswap.c uidswap.h] - do gid/groups-swap in addition to uid-swap, should help if /home/group - is chmod 750 + chgrp grp /home/group/, work be deraadt and me, thanks - to olar@openwall.com is comments. we had many requests for this. - - markus@cvs.openbsd.org 2001/04/07 08:55:18 - [buffer.c channels.c channels.h readconf.c ssh.c] - allow the ssh client act as a SOCKS4 proxy (dynamic local - portforwarding). work by Dan Kaminsky and me. - thanks to Dan for this great patch: use 'ssh -D 1080 host' and make - netscape use localhost:1080 as a socks proxy. - - markus@cvs.openbsd.org 2001/04/08 11:24:33 - [uidswap.c] - KNF - -20010408 - - OpenBSD CVS Sync - - stevesk@cvs.openbsd.org 2001/04/06 22:12:47 - [hostfile.c] - unused; typo in comment - - stevesk@cvs.openbsd.org 2001/04/06 22:25:25 - [servconf.c] - in addition to: - ListenAddress host|ipv4_addr|ipv6_addr - permit: - ListenAddress [host|ipv4_addr|ipv6_addr]:port - ListenAddress host|ipv4_addr:port - sshd.8 updates coming. ok markus@ - -20010407 - - (bal) CVS ID Resync of version.h - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/04/05 23:39:20 - [serverloop.c] - keep the ssh session even if there is no active channel. - this is more in line with the protocol spec and makes - ssh -N -L 1234:server:110 host - more useful. - based on discussion with long time ago - and recent mail from - - deraadt@cvs.openbsd.org 2001/04/06 16:46:59 - [scp.c] - remove trailing / from source paths; fixes pr#1756 - -20010406 - - (stevesk) logintest.c: fix for systems without __progname - - (stevesk) Makefile.in: log.o is in libssh.a - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/04/05 10:00:06 - [compat.c] - 2.3.x does old GEX, too; report jakob@ - - markus@cvs.openbsd.org 2001/04/05 10:39:03 - [compress.c compress.h packet.c] - reset compress state per direction when rekeying. - - markus@cvs.openbsd.org 2001/04/05 10:39:48 - [version.h] - temporary version 2.5.4 (supports rekeying). - this is not an official release. - - markus@cvs.openbsd.org 2001/04/05 10:42:57 - [auth-chall.c authfd.c channels.c clientloop.c kex.c kexgex.c key.c - mac.c packet.c serverloop.c sftp-client.c sftp-client.h sftp-glob.c - sftp-glob.h sftp-int.c sftp-server.c sftp.c ssh-keygen.c sshconnect.c - sshconnect2.c sshd.c] - fix whitespace: unexpand + trailing spaces. - - markus@cvs.openbsd.org 2001/04/05 11:09:17 - [clientloop.c compat.c compat.h] - add SSH_BUG_NOREKEY and detect broken (=all old) openssh versions. - - markus@cvs.openbsd.org 2001/04/05 15:45:43 - [ssh.1] - ssh defaults to protocol v2; from quisar@quisar.ambre.net - - stevesk@cvs.openbsd.org 2001/04/05 15:48:18 - [canohost.c canohost.h session.c] - move get_remote_name_or_ip() to canohost.[ch]; for portable. ok markus@ - - markus@cvs.openbsd.org 2001/04/05 20:01:10 - [clientloop.c] - for ~R print message if server does not support rekeying. (and fix ~R). - - markus@cvs.openbsd.org 2001/04/05 21:02:46 - [buffer.c] - better error message - - markus@cvs.openbsd.org 2001/04/05 21:05:24 - [clientloop.c ssh.c] - don't request a session for 'ssh -N', pointed out slade@shore.net - -20010405 - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/04/04 09:48:35 - [kex.c kex.h kexdh.c kexgex.c packet.c sshconnect2.c sshd.c] - don't sent multiple kexinit-requests. - send newkeys, block while waiting for newkeys. - fix comments. - - markus@cvs.openbsd.org 2001/04/04 14:34:58 - [clientloop.c kex.c kex.h serverloop.c sshconnect2.c sshd.c] - enable server side rekeying + some rekey related clientup. - todo: we should not send any non-KEX messages after we send KEXINIT - - markus@cvs.openbsd.org 2001/04/04 15:50:55 - [compat.c] - f-secure 1.3.2 does not handle IGNORE; from milliondl@ornl.gov - - markus@cvs.openbsd.org 2001/04/04 20:25:38 - [channels.c channels.h clientloop.c kex.c kex.h serverloop.c - sshconnect2.c sshd.c] - more robust rekeying - don't send channel data after rekeying is started. - - markus@cvs.openbsd.org 2001/04/04 20:32:56 - [auth2.c] - we don't care about missing bannerfiles; from tsoome@ut.ee, ok deraadt@ - - markus@cvs.openbsd.org 2001/04/04 22:04:35 - [kex.c kexgex.c serverloop.c] - parse full kexinit packet. - make server-side more robust, too. - - markus@cvs.openbsd.org 2001/04/04 23:09:18 - [dh.c kex.c packet.c] - clear+free keys,iv for rekeying. - + fix DH mem leaks. ok niels@ - - (stevesk) don't use vhangup() if defined(HAVE_DEV_PTMX); also removes - BROKEN_VHANGUP - -20010404 - - OpenBSD CVS Sync - - deraadt@cvs.openbsd.org 2001/04/02 17:32:23 - [ssh-agent.1] - grammar; slade@shore.net - - stevesk@cvs.openbsd.org 2001/04/03 13:56:11 - [sftp-glob.c ssh-agent.c ssh-keygen.c] - free() -> xfree() - - markus@cvs.openbsd.org 2001/04/03 19:53:29 - [dh.c dh.h kex.c kex.h sshconnect2.c sshd.c] - move kex to kex*.c, used dispatch_set() callbacks for kex. should - make rekeying easier. - - todd@cvs.openbsd.org 2001/04/03 21:19:38 - [ssh_config] - id_rsa1/2 -> id_rsa; ok markus@ - - markus@cvs.openbsd.org 2001/04/03 23:32:12 - [kex.c kex.h packet.c sshconnect2.c sshd.c] - undo parts of recent my changes: main part of keyexchange does not - need dispatch-callbacks, since application data is delayed until - the keyexchange completes (if i understand the drafts correctly). - add some infrastructure for re-keying. - - markus@cvs.openbsd.org 2001/04/04 00:06:54 - [clientloop.c sshconnect2.c] - enable client rekeying - (1) force rekeying with ~R, or - (2) if the server requests rekeying. - works against ssh-2.0.12/2.0.13/2.1.0/2.2.0/2.3.0/2.3.1/2.4.0 - - (bal) Oops.. Missed including kexdh.c and kexgex.c in OpenBSD sync. - -20010403 - - OpenBSD CVS Sync - - stevesk@cvs.openbsd.org 2001/04/02 14:15:31 - [sshd.8] - typo; ok markus@ - - stevesk@cvs.openbsd.org 2001/04/02 14:20:23 - [readconf.c servconf.c] - correct comment; ok markus@ - - (stevesk) nchan.c: remove ostate checks and add EINVAL to - shutdown(SHUT_RD) error() bypass for HP-UX. - -20010402 - - (stevesk) log.c openbsd sync; missing newlines - - (stevesk) sshpty.h openbsd sync; PTY_H -> SSHPTY_H - -20010330 - - (djm) Another openbsd-compat/glob.c sync - - (djm) OpenBSD CVS Sync - - provos@cvs.openbsd.org 2001/03/28 21:59:41 - [kex.c kex.h sshconnect2.c sshd.c] - forgot to include min and max params in hash, okay markus@ - - provos@cvs.openbsd.org 2001/03/28 22:04:57 - [dh.c] - more sanity checking on primes file - - markus@cvs.openbsd.org 2001/03/28 22:43:31 - [auth.h auth2.c auth2-chall.c] - check auth_root_allowed for kbd-int auth, too. - - provos@cvs.openbsd.org 2001/03/29 14:24:59 - [sshconnect2.c] - use recommended defaults - - stevesk@cvs.openbsd.org 2001/03/29 21:06:21 - [sshconnect2.c sshd.c] - need to set both STOC and CTOS for SSH_BUG_BIGENDIANAES; ok markus@ - - markus@cvs.openbsd.org 2001/03/29 21:17:40 - [dh.c dh.h kex.c kex.h] - prepare for rekeying: move DH code to dh.c - - djm@cvs.openbsd.org 2001/03/29 23:42:01 - [sshd.c] - Protocol 1 key regeneration log => verbose, some KNF; ok markus@ - -20010329 - - OpenBSD CVS Sync - - stevesk@cvs.openbsd.org 2001/03/26 15:47:59 - [ssh.1] - document more defaults; misc. cleanup. ok markus@ - - markus@cvs.openbsd.org 2001/03/26 23:12:42 - [authfile.c] - KNF - - markus@cvs.openbsd.org 2001/03/26 23:23:24 - [rsa.c rsa.h ssh-agent.c ssh-keygen.c] - try to read private f-secure ssh v2 rsa keys. - - markus@cvs.openbsd.org 2001/03/27 10:34:08 - [ssh-rsa.c sshd.c] - use EVP_get_digestbynid, reorder some calls and fix missing free. - - markus@cvs.openbsd.org 2001/03/27 10:57:00 - [compat.c compat.h ssh-rsa.c] - some older systems use NID_md5 instead of NID_sha1 for RSASSA-PKCS1-v1_5 - signatures in SSH protocol 2, ok djm@ - - provos@cvs.openbsd.org 2001/03/27 17:46:50 - [compat.c compat.h dh.c dh.h ssh2.h sshconnect2.c sshd.c version.h] - make dh group exchange more flexible, allow min and max group size, - okay markus@, deraadt@ - - stevesk@cvs.openbsd.org 2001/03/28 19:56:23 - [scp.c] - start to sync scp closer to rcp; ok markus@ - - stevesk@cvs.openbsd.org 2001/03/28 20:04:38 - [scp.c] - usage more like rcp and add missing -B to usage; ok markus@ - - markus@cvs.openbsd.org 2001/03/28 20:50:45 - [sshd.c] - call refuse() before close(); from olemx@ans.pl - -20010328 - - (djm) Reorder tests and library inclusion for Krb4/AFS to try to - resolve linking conflicts with libcrypto. Report and suggested fix - from Holger Trapp - - (djm) Work around Solaris' broken struct dirent. Diagnosis and suggested - fix from Philippe Levan - - (djm) Rework krbIV tests to get us closer to building on Redhat. Still - doesn't work because of conflicts between krbIV's and OpenSSL's des.h - - (djm) Sync openbsd-compat/glob.c - -20010327 - - Attempt sync with sshlogin.c w/ OpenBSD (mainly CVS ID) - - Fix pointer issues in waitpid() and wait() replaces. Patch by Lutz - Jaenicke - - OpenBSD CVS Sync - - djm@cvs.openbsd.org 2001/03/25 00:01:34 - [session.c] - shorten; ok markus@ - - stevesk@cvs.openbsd.org 2001/03/25 13:16:11 - [servconf.c servconf.h session.c sshd.8 sshd_config] - PrintLastLog option; from chip@valinux.com with some minor - changes by me. ok markus@ - - markus@cvs.openbsd.org 2001/03/26 08:07:09 - [authfile.c authfile.h ssh-add.c ssh-keygen.c ssh.c sshconnect.c - sshconnect.h sshconnect1.c sshconnect2.c sshd.c] - simpler key load/save interface, see authfile.h - - (djm) Reestablish PAM credentials (which can be supplemental group - memberships) after initgroups() blows them away. Report and suggested - fix from Nalin Dahyabhai - -20010324 - - Fixed permissions ssh-keyscan. Thanks to Christopher Linn . - - OpenBSD CVS Sync - - djm@cvs.openbsd.org 2001/03/23 11:04:07 - [compat.c compat.h sshconnect2.c sshd.c] - Compat for OpenSSH with broken Rijndael/AES. ok markus@ - - markus@cvs.openbsd.org 2001/03/23 12:02:49 - [auth1.c] - authctxt is now passed to do_authenticated - - markus@cvs.openbsd.org 2001/03/23 13:10:57 - [sftp-int.c] - fix put, upload to _absolute_ path, ok djm@ - - markus@cvs.openbsd.org 2001/03/23 14:28:32 - [session.c sshd.c] - ignore SIGPIPE, restore in child, fixes x11-fwd crashes; with djm@ - - (djm) Pull out our own SIGPIPE hacks - -20010323 - - OpenBSD CVS Sync - - deraadt@cvs.openbsd.org 2001/03/22 20:22:55 - [sshd.c] - do not place linefeeds in buffer - -20010322 - - (djm) Better AIX no tty fix, spotted by Gert Doering - - (bal) version.c CVS ID resync - - (bal) auth-chall.c auth-passwd.c auth.h auth1.c auth2.c session.c CVS ID - resync - - (bal) scp.c CVS ID resync - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/03/20 19:10:16 - [readconf.c] - default to SSH protocol version 2 - - markus@cvs.openbsd.org 2001/03/20 19:21:21 - [session.c] - remove unused arg - - markus@cvs.openbsd.org 2001/03/20 19:21:21 - [session.c] - remove unused arg - - markus@cvs.openbsd.org 2001/03/21 11:43:45 - [auth1.c auth2.c session.c session.h] - merge common ssh v1/2 code - - jakob@cvs.openbsd.org 2001/03/21 14:20:45 - [ssh-keygen.c] - add -B flag to usage - - markus@cvs.openbsd.org 2001/03/21 21:06:30 - [session.c] - missing init; from mib@unimelb.edu.au - -20010321 - - (djm) Fix ttyname breakage for AIX and Tru64. Patch from Steve - VanDevender - - (djm) Make sure pam_retval is initialised on call to pam_end. Patch - from Solar Designer - - (djm) Don't loop forever when changing password via PAM. Patch - from Solar Designer - - (djm) Generate config files before build - - (djm) Correctly handle SIA and AIX when no tty present. Spotted and - suggested fix from Mike Battersby - -20010320 - - (bal) glob.c update to added GLOB_LIMITS (OpenBSD CVS). - - (bal) glob.c update to set gl_pathv to NULL (OpenBSD CVS). - - (bal) Oops. Missed globc.h change (OpenBSD CVS). - - (djm) OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/03/19 17:07:23 - [auth.c readconf.c] - undo /etc/shell and proto 2,1 change for openssh-2.5.2 - - markus@cvs.openbsd.org 2001/03/19 17:12:10 - [version.h] - version 2.5.2 - - (djm) Update RPM spec version - - (djm) Release 2.5.2p1 -- tim@mindrot.org 2001/03/19 18:33:47 [defines.h] - change S_ISLNK macro to work for UnixWare 2.03 -- tim@mindrot.org 2001/03/19 20:45:11 [openbsd-compat/glob.c] - add get_arg_max(). Use sysconf() if ARG_MAX is not defined - -20010319 - - (djm) Seed PRNG at startup, rather than waiting for arc4random calls to - do it implicitly. - - (djm) Add getusershell() functions from OpenBSD CVS - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/03/18 12:07:52 - [auth-options.c] - ignore permitopen="host:port" if AllowTcpForwarding==no - - (djm) Make scp work on systems without 64-bit ints - - tim@mindrot.org 2001/03/18 18:28:39 [defines.h] - move HAVE_LONG_LONG_INT where it works - - (bal) Use 'NGROUPS' for NeXT Since 'MAX_NGROUPS' is wrapped up in -lposix - stuff. Change suggested by Mark Miller - - (bal) Small fix to scp. %lu vs %ld - - (bal) NeXTStep lacks S_ISLNK. Plus split up S_IS* - - (djm) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2001/03/19 03:52:51 - [sftp-client.c] - Report ssh connection closing correctly; ok deraadt@ - - deraadt@cvs.openbsd.org 2001/03/18 23:30:55 - [compat.c compat.h sshd.c] - specifically version match on ssh scanners. do not log scan - information to the console - - djm@cvs.openbsd.org 2001/03/19 12:10:17 - [sshd.8] - Document permitopen authorized_keys option; ok markus@ - - djm@cvs.openbsd.org 2001/03/19 05:49:52 - [ssh.1] - document PreferredAuthentications option; ok markus@ - - (bal) Minor NeXT fixed. Forgot to #undef NGROUPS_MAX - -20010318 - - (bal) Fixed scp type casing issue which causes "scp: protocol error: - size not delimited" fatal errors when tranfering. - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/03/17 17:27:59 - [auth.c] - check /etc/shells, too - - tim@mindrot.org 2001/03/17 18:45:25 [compat.c] - openbsd-compat/fake-regex.h - -20010317 - - Support usrinfo() on AIX. Based on patch from Gert Doering - - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/03/15 15:05:59 - [scp.c] - use %lld in printf, ok millert@/deraadt@; report from ssh@client.fi - - markus@cvs.openbsd.org 2001/03/15 22:07:08 - [session.c] - pass Session to do_child + KNF - - djm@cvs.openbsd.org 2001/03/16 08:16:18 - [sftp-client.c sftp-client.h sftp-glob.c sftp-int.c] - Revise globbing for get/put to be more shell-like. In particular, - "get/put file* directory/" now works. ok markus@ - - markus@cvs.openbsd.org 2001/03/16 09:55:53 - [sftp-int.c] - fix memset and whitespace - - markus@cvs.openbsd.org 2001/03/16 13:44:24 - [sftp-int.c] - discourage strcat/strcpy - - markus@cvs.openbsd.org 2001/03/16 19:06:30 - [auth-options.c channels.c channels.h serverloop.c session.c] - implement "permitopen" key option, restricts -L style forwarding to - to specified host:port pairs. based on work by harlan@genua.de - - Check for gl_matchc support in glob_t and fall back to the - openbsd-compat/glob.[ch] support if it does not exist. - -20010315 - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/03/14 08:57:14 - [sftp-client.c] - Wall - - markus@cvs.openbsd.org 2001/03/14 15:15:58 - [sftp-int.c] - add version command - - deraadt@cvs.openbsd.org 2001/03/14 22:50:25 - [sftp-server.c] - note no getopt() - - (stevesk) ssh-keyscan.c: specify "openbsd-compat/fake-queue.h" - - (bal) Cygwin README change by Corinna Vinschen - -20010314 - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/03/13 17:34:42 - [auth-options.c] - missing xfree, deny key on parse error; ok stevesk@ - - djm@cvs.openbsd.org 2001/03/13 22:42:54 - [sftp-client.c sftp-client.h sftp-glob.c sftp-glob.h sftp-int.c] - sftp client filename globbing for get, put, ch{mod,grp,own}. ok markus@ - - (bal) Fix strerror() in bsd-misc.c - - (djm) Add replacement glob() from OpenBSD libc if the system glob is - missing or lacks the GLOB_ALTDIRFUNC extension - - (djm) Remove -I$(srcdir)/openbsd-compat from CFLAGS, refer to headers - relatively. Avoids conflict between glob.h and /usr/include/glob.h - -20010313 - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/03/12 22:02:02 - [key.c key.h ssh-add.c ssh-keygen.c sshconnect.c sshconnect2.c] - remove old key_fingerprint interface, s/_ex// - -20010312 - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/03/11 13:25:36 - [auth2.c key.c] - debug - - jakob@cvs.openbsd.org 2001/03/11 15:03:16 - [key.c key.h] - add improved fingerprint functions. based on work by Carsten - Raskgaard and modified by me. ok markus@. - - jakob@cvs.openbsd.org 2001/03/11 15:04:16 - [ssh-keygen.1 ssh-keygen.c] - print both md5, sha1 and bubblebabble fingerprints when using - ssh-keygen -l -v. ok markus@. - - jakob@cvs.openbsd.org 2001/03/11 15:13:09 - [key.c] - cleanup & shorten some var names key_fingerprint_bubblebabble. - - deraadt@cvs.openbsd.org 2001/03/11 16:39:03 - [ssh-keygen.c] - KNF, and SHA1 binary output is just creeping featurism - - tim@mindrot.org 2001/03/11 17:29:32 [configure.in] - test if snprintf() supports %ll - add /dev to search path for PRNGD/EGD socket - fix my mistake in USER_PATH test program - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/03/11 18:29:51 - [key.c] - style+cleanup - - markus@cvs.openbsd.org 2001/03/11 22:33:24 - [ssh-keygen.1 ssh-keygen.c] - remove -v again. use -B instead for bubblebabble. make -B consistent - with -l and make -B work with /path/to/known_hosts. ok deraadt@ - - (djm) Bump portable version number for generating test RPMs - - (djm) Add "static_openssl" RPM build option, remove rsh build dependency - - (bal) Reorder includes in Makefile. - -20010311 - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/03/10 12:48:27 - [sshconnect2.c] - ignore nonexisting private keys; report rjmooney@mediaone.net - - deraadt@cvs.openbsd.org 2001/03/10 12:53:51 - [readconf.c ssh_config] - default to SSH2, now that m68k runs fast - - stevesk@cvs.openbsd.org 2001/03/10 15:02:05 - [ttymodes.c ttymodes.h] - remove unused sgtty macros; ok markus@ - - deraadt@cvs.openbsd.org 2001/03/10 15:31:00 - [compat.c compat.h sshconnect.c] - all known netscreen ssh versions, and older versions of OSU ssh cannot - handle password padding (newer OSU is fixed) - - tim@mindrot.org 2001/03/10 16:33:42 [configure.in Makefile.in sshd_config] - make sure $bindir is in USER_PATH so scp will work - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2001/03/10 17:51:04 - [kex.c match.c match.h readconf.c readconf.h sshconnect2.c] - add PreferredAuthentications - -20010310 - - OpenBSD CVS Sync - - deraadt@cvs.openbsd.org 2001/03/09 03:14:39 - [ssh-keygen.c] - create *.pub files with umask 0644, so that you can mv them to - authorized_keys - - deraadt@cvs.openbsd.org 2001/03/09 12:30:29 - [sshd.c] - typo; slade@shore.net - - Removed log.o from sftp client. Not needed. - -20010309 - - OpenBSD CVS Sync - - stevesk@cvs.openbsd.org 2001/03/08 18:47:12 - [auth1.c] - unused; ok markus@ - - stevesk@cvs.openbsd.org 2001/03/08 20:44:48 - [sftp.1] - spelling, cleanup; ok deraadt@ - - markus@cvs.openbsd.org 2001/03/08 21:42:33 - [compat.c compat.h readconf.h ssh.c sshconnect1.c sshconnect2.c] - implement client side of SSH2_MSG_USERAUTH_PK_OK (test public key -> - no need to do enter passphrase or do expensive sign operations if the - server does not accept key). - -20010308 - - OpenBSD CVS Sync - - djm@cvs.openbsd.org 2001/03/07 10:11:23 - [sftp-client.c sftp-client.h sftp-int.c sftp-server.c sftp.1 sftp.c sftp.h] - Support for new draft (draft-ietf-secsh-filexfer-01). New symlink handling - functions and small protocol change. - - markus@cvs.openbsd.org 2001/03/08 00:15:48 - [readconf.c ssh.1] - turn off useprivilegedports by default. only rhost-auth needs - this. older sshd's may need this, too. - - (stevesk) Reliant Unix (SNI) needs HAVE_BOGUS_SYS_QUEUE_H; - Dirk Markwardt - -20010307 - - (bal) OpenBSD CVS Sync - - deraadt@cvs.openbsd.org 2001/03/06 06:11:18 - [ssh-keyscan.c] - appease gcc - - deraadt@cvs.openbsd.org 2001/03/06 06:11:44 - [sftp-int.c sftp.1 sftp.c] - sftp -b batchfile; mouring@etoh.eviladmin.org - - deraadt@cvs.openbsd.org 2001/03/06 15:10:42 - [sftp.1] - order things - - deraadt@cvs.openbsd.org 2001/03/07 01:19:06 - [ssh.1 sshd.8] - the name "secure shell" is boring, noone ever uses it - - deraadt@cvs.openbsd.org 2001/03/07 04:05:58 - [ssh.1] - removed dated comment - - Cygwin contrib improvements from Corinna Vinschen - -20010306 - - (bal) OpenBSD CVS Sync - - deraadt@cvs.openbsd.org 2001/03/05 14:28:47 - [sshd.8] - alpha order; jcs@rt.fm - - stevesk@cvs.openbsd.org 2001/03/05 15:44:51 - [servconf.c] - sync error message; ok markus@ - - deraadt@cvs.openbsd.org 2001/03/05 15:56:16 - [myproposal.h ssh.1] - switch to aes128-cbc/hmac-md5 by default in SSH2 -- faster; - provos & markus ok - - deraadt@cvs.openbsd.org 2001/03/05 16:07:15 - [sshd.8] - detail default hmac setup too - - markus@cvs.openbsd.org 2001/03/05 17:17:21 - [kex.c kex.h sshconnect2.c sshd.c] - generate a 2*need size (~300 instead of 1024/2048) random private - exponent during the DH key agreement. according to Niels (the great - german advisor) this is safe since /etc/primes contains strong - primes only. - - References: - P. C. van Oorschot and M. J. Wiener, On Diffie-Hellman key - agreement with short exponents, In Advances in Cryptology - - EUROCRYPT'96, LNCS 1070, Springer-Verlag, 1996, pp.332-343. - - stevesk@cvs.openbsd.org 2001/03/05 17:40:48 - [ssh.1] - more ssh_known_hosts2 documentation; ok markus@ - - stevesk@cvs.openbsd.org 2001/03/05 17:58:22 - [dh.c] - spelling - - deraadt@cvs.openbsd.org 2001/03/06 00:33:04 - [authfd.c cli.c ssh-agent.c] - EINTR/EAGAIN handling is required in more cases - - millert@cvs.openbsd.org 2001/03/06 01:06:03 - [ssh-keyscan.c] - Don't assume we wil get the version string all in one read(). - deraadt@ OK'd - - millert@cvs.openbsd.org 2001/03/06 01:08:27 - [clientloop.c] - If read() fails with EINTR deal with it the same way we treat EAGAIN - -20010305 - - (bal) CVS ID touch up on sshpty.[ch] and sshlogin.[ch] - - (bal) CVS ID touch up on sftp-int.c - - (bal) CVS ID touch up on uuencode.c - - (bal) CVS ID touch up on auth2.c, serverloop.c, session.c & sshd.c - - (bal) OpenBSD CVS Sync - - deraadt@cvs.openbsd.org 2001/02/17 23:48:48 - [sshd.8] - it's the OpenSSH one - - deraadt@cvs.openbsd.org 2001/02/21 07:37:04 - [ssh-keyscan.c] - inline -> __inline__, and some indent - - deraadt@cvs.openbsd.org 2001/02/21 09:05:54 - [authfile.c] - improve fd handling - - deraadt@cvs.openbsd.org 2001/02/21 09:12:56 - [sftp-server.c] - careful with & and &&; markus ok - - stevesk@cvs.openbsd.org 2001/02/21 21:14:04 - [ssh.c] - -i supports DSA identities now; ok markus@ - - deraadt@cvs.openbsd.org 2001/02/22 04:29:37 - [servconf.c] - grammar; slade@shore.net - - deraadt@cvs.openbsd.org 2001/02/22 06:43:55 - [ssh-keygen.1 ssh-keygen.c] - document -d, and -t defaults to rsa1 - - deraadt@cvs.openbsd.org 2001/02/22 08:03:51 - [ssh-keygen.1 ssh-keygen.c] - bye bye -d - - deraadt@cvs.openbsd.org 2001/02/22 18:09:06 - [sshd_config] - activate RSA 2 key - - markus@cvs.openbsd.org 2001/02/22 21:57:27 - [ssh.1 sshd.8] - typos/grammar from matt@anzen.com - - markus@cvs.openbsd.org 2001/02/22 21:59:44 - [auth.c auth.h auth1.c auth2.c misc.c misc.h ssh.c] - use pwcopy in ssh.c, too - - markus@cvs.openbsd.org 2001/02/23 15:34:53 - [serverloop.c] - debug2->3 - - markus@cvs.openbsd.org 2001/02/23 18:15:13 - [sshd.c] - the random session key depends now on the session_key_int - sent by the 'attacker' - dig1 = md5(cookie|session_key_int); - dig2 = md5(dig1|cookie|session_key_int); - fake_session_key = dig1|dig2; - this change is caused by a mail from anakin@pobox.com - patch based on discussions with my german advisor niels@openbsd.org - - deraadt@cvs.openbsd.org 2001/02/24 10:37:55 - [readconf.c] - look for id_rsa by default, before id_dsa - - deraadt@cvs.openbsd.org 2001/02/24 10:37:26 - [sshd_config] - ssh2 rsa key before dsa key - - markus@cvs.openbsd.org 2001/02/27 10:35:27 - [packet.c] - fix random padding - - markus@cvs.openbsd.org 2001/02/27 11:00:11 - [compat.c] - support SSH-2.0-2.1 ; from Christophe_Moret@hp.com - - deraadt@cvs.openbsd.org 2001/02/28 05:34:28 - [misc.c] - pull in protos - - deraadt@cvs.openbsd.org 2001/02/28 05:36:28 - [sftp.c] - do not kill the subprocess on termination (we will see if this helps - things or hurts things) - - markus@cvs.openbsd.org 2001/02/28 08:45:39 - [clientloop.c] - fix byte counts for ssh protocol v1 - - markus@cvs.openbsd.org 2001/02/28 08:54:55 - [channels.c nchan.c nchan.h] - make sure remote stderr does not get truncated. - remove closed fd's from the select mask. - - markus@cvs.openbsd.org 2001/02/28 09:57:07 - [packet.c packet.h sshconnect2.c] - in ssh protocol v2 use ignore messages for padding (instead of - trailing \0). - - markus@cvs.openbsd.org 2001/02/28 12:55:07 - [channels.c] - unify debug messages - - deraadt@cvs.openbsd.org 2001/02/28 17:52:54 - [misc.c] - for completeness, copy pw_gecos too - - markus@cvs.openbsd.org 2001/02/28 21:21:41 - [sshd.c] - generate a fake session id, too - - markus@cvs.openbsd.org 2001/02/28 21:27:48 - [channels.c packet.c packet.h serverloop.c] - use ignore message to simulate a SSH2_MSG_CHANNEL_DATA message - use random content in ignore messages. - - markus@cvs.openbsd.org 2001/02/28 21:31:32 - [channels.c] - typo - - deraadt@cvs.openbsd.org 2001/03/01 02:11:25 - [authfd.c] - split line so that p will have an easier time next time around - - deraadt@cvs.openbsd.org 2001/03/01 02:29:04 - [ssh.c] - shorten usage by a line - - deraadt@cvs.openbsd.org 2001/03/01 02:45:10 - [auth-rsa.c auth2.c deattack.c packet.c] - KNF - - deraadt@cvs.openbsd.org 2001/03/01 03:38:33 - [cli.c cli.h rijndael.h ssh-keyscan.1] - copyright notices on all source files - - markus@cvs.openbsd.org 2001/03/01 22:46:37 - [ssh.c] - don't truncate remote ssh-2 commands; from mkubita@securities.cz - use min, not max for logging, fixes overflow. - - deraadt@cvs.openbsd.org 2001/03/02 06:21:01 - [sshd.8] - explain SIGHUP better - - deraadt@cvs.openbsd.org 2001/03/02 09:42:49 - [sshd.8] - doc the dsa/rsa key pair files - - deraadt@cvs.openbsd.org 2001/03/02 18:54:31 - [atomicio.c atomicio.h auth-chall.c auth.c auth2-chall.c crc32.h - scp.c serverloop.c session.c sftp-server.8 sftp.1 ssh-add.1 ssh-add.c - ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh.1 sshd.8] - make copyright lines the same format - - deraadt@cvs.openbsd.org 2001/03/03 06:53:12 - [ssh-keyscan.c] - standard theo sweep - - millert@cvs.openbsd.org 2001/03/03 21:19:41 - [ssh-keyscan.c] - Dynamically allocate read_wait and its copies. Since maxfd is - based on resource limits it is often (usually?) larger than FD_SETSIZE. - - millert@cvs.openbsd.org 2001/03/03 21:40:30 - [sftp-server.c] - Dynamically allocate fd_set; deraadt@ OK - - millert@cvs.openbsd.org 2001/03/03 21:41:07 - [packet.c] - Dynamically allocate fd_set; deraadt@ OK - - deraadt@cvs.openbsd.org 2001/03/03 22:07:50 - [sftp-server.c] - KNF - - markus@cvs.openbsd.org 2001/03/03 23:52:22 - [sftp.c] - clean up arg processing. based on work by Christophe_Moret@hp.com - - markus@cvs.openbsd.org 2001/03/03 23:59:34 - [log.c ssh.c] - log*.c -> log.c - - markus@cvs.openbsd.org 2001/03/04 00:03:59 - [channels.c] - debug1->2 - - stevesk@cvs.openbsd.org 2001/03/04 10:57:53 - [ssh.c] - add -m to usage; ok markus@ - - stevesk@cvs.openbsd.org 2001/03/04 11:04:41 - [sshd.8] - small cleanup and clarify for PermitRootLogin; ok markus@ - - stevesk@cvs.openbsd.org 2001/03/04 11:16:06 - [servconf.c sshd.8] - kill obsolete RandomSeed; ok markus@ deraadt@ - - stevesk@cvs.openbsd.org 2001/03/04 12:54:04 - [sshd.8] - spelling - - millert@cvs.openbsd.org 2001/03/04 17:42:28 - [authfd.c channels.c dh.c log.c readconf.c servconf.c sftp-int.c - ssh.c sshconnect.c sshd.c] - log functions should not be passed strings that end in newline as they - get passed on to syslog() and when logging to stderr, do_log() appends - its own newline. - - deraadt@cvs.openbsd.org 2001/03/04 18:21:28 - [sshd.8] - list SSH2 ciphers - - (bal) Put HAVE_PW_CLASS_IN_PASSWD back into pwcopy() - - (bal) Fix up logging since it changed. removed log-*.c - - (djm) Fix up LOG_AUTHPRIV for systems that have it - - (stevesk) OpenBSD sync: - - deraadt@cvs.openbsd.org 2001/03/05 08:37:27 - [ssh-keyscan.c] - skip inlining, why bother - - (stevesk) sftp.c: handle __progname - -20010304 - - (bal) Remove make-ssh-known-hosts.1 since it's no longer valid. - - (bal) Updated contrib/README to remove 'make-ssh-known-hosts' and - give Mark Roth credit for mdoc2man.pl - -20010303 - - (djm) Remove make-ssh-known-hosts.pl, ssh-keyscan is better. - - (djm) Document PAM ChallengeResponseAuthentication in sshd.8 - - (djm) Disable and comment ChallengeResponseAuthentication in sshd_config - - (djm) Allow PRNGd entropy collection from localhost TCP socket. Replace - "--with-egd-pool" configure option with "--with-prngd-socket" and - "--with-prngd-port" options. Debugged and improved by Lutz Jaenicke - - -20010301 - - (djm) Properly add -lcrypt if needed. - - (djm) Force standard PAM conversation function in a few more places. - Patch from Redhat 2.5.1p1-2 RPM, probably Nalin Dahyabhai - - - (djm) Cygwin needs pw->pw_gecos copied too. Patch from Corinna Vinschen - - - (djm) Released 2.5.1p2 - -20010228 - - (djm) Detect endianness in configure and use it in rijndael.c. Fixes - "Bad packet length" bugs. - - (djm) Fully revert PAM session patch (again). All PAM session init is - now done before the final fork(). - - (djm) EGD detection patch from Tim Rice - - (djm) Remove /tmp from EGD socket search list - -20010227 - - (bal) Applied shutdown() patch for sftp.c by Corinna Vinschen - - - (bal) OpenBSD Sync - - markus@cvs.openbsd.org 2001/02/23 15:37:45 - [session.c] - handle SSH_PROTOFLAG_SCREEN_NUMBER for buggy clients - - (bal) sshd.init support for all Redhat release. Patch by Jim Knoble - - - (djm) Fix up POSIX saved uid support. Report from Mark Miller - - - (djm) Search for -lcrypt on FreeBSD too - - (djm) fatal() on OpenSSL version mismatch - - (djm) Move PAM init to after fork for non-Solaris derived PAMs - - (djm) Warning fix on entropy.c saved uid stuff. Patch from Mark Miller - - - (djm) Fix PAM fix - - (djm) Remove 'noreplace' flag from sshd_config in RPM spec files. This - change is being made as 2.5.x configfiles are not back-compatible with - 2.3.x. - - (djm) Avoid warnings for missing broken IP_TOS. Patch from Mark Miller - - - (djm) Open Server 5 doesn't need BROKEN_SAVED_UIDS. Patch from Tim Rice - - - (djm) Avoid multiple definition of _PATH_LS. Patch from Tim Rice - - -20010226 - - (bal) Fixed bsd-snprinf.c so it now honors 'BROKEN_SNPRINTF' again. - - (djm) Some systems (SCO3, NeXT) have weird saved uid semantics. - Based on patch from Tim Rice - -20010225 - - (djm) Use %{_libexecdir} rather than hardcoded path in RPM specfile - Patch from Adrian Ho - - (bal) Replace 'unsigned long long' to 'u_int64_t' since not every - platform defines u_int64_t as being that. - -20010224 - - (bal) Missed part of the UNIX sockets patch. Patch by Corinna - Vinschen - - (bal) Reorder where 'strftime' is detected to resolve linking - issues on SCO. Patch by Tim Rice - -20010224 - - (bal) pam_stack fix to correctly detect between RH7 and older RHs. - Patch by Pekka Savola - - (bal) Renamed sigaction.[ch] to sigact.[ch]. Causes problems with - some platforms. - - (bal) Generalize lack of UNIX sockets since this also effects Cray - not just Cygwin. Based on patch by Wendy Palm - -20010223 - - (bal) Fix --define rh7 in openssh.spec file. Patch by Steve Tell - - - (bal) Patch to force OpenSSH rpm to require the same version of OpenSSL - that it was compiled against. Patch by Pekka Savola - - (bal) Double -I for OpenSSL on SCO. Patch by Tim Rice - - -20010222 - - (bal) Corrected SCO luid patch by svaughan - - (bal) Added mdoc2man.pl from Mark Roth - - (bal) Removed reference to liblogin from contrib/README. It was - integrated into OpenSSH a long while ago. - - (stevesk) remove erroneous #ifdef sgi code. - Michael Stone - -20010221 - - (bal) Removed -L/usr/ucblib -R/usr/ucblib for Solaris platform. - - (bal) Fixed OpenSSL rework to use $saved_*. Patch by Tim Rice - - - (bal) Reverted out of 2001/02/15 patch by djm below because it - breaks Solaris. - - (djm) Move PAM session setup back to before setuid to user. - fixes problems on Solaris-drived PAMs. - - (stevesk) session.c: back out to where we were before: - - (djm) Move PAM session initialisation until after fork in sshd. Patch - from Nalin Dahyabhai - -20010220 - - (bal) Fix mixed up params to memmove() from Jan 5th in setenv.c and - getcwd.c. - - (bal) OpenBSD CVS Sync: - - deraadt@cvs.openbsd.org 2001/02/19 23:09:05 - [sshd.c] - clarify message to make it not mention "ident" - -20010219 - - (bal) Markus' blessing to rename login.[ch] -> sshlogin.[ch] and - pty.[ch] -> sshpty.[ch] - - (djm) Rework search for OpenSSL location. Skip directories which don't - exist, don't add -L$ssldir/lib if it doesn't exist. Should help SCO - with its limit of 6 -L options. - - OpenBSD CVS Sync: - - reinhard@cvs.openbsd.org 2001/02/17 08:24:40 - [sftp.1] - typo - - deraadt@cvs.openbsd.org 2001/02/17 16:28:58 - [ssh.c] - cleanup -V output; noted by millert - - deraadt@cvs.openbsd.org 2001/02/17 16:48:48 - [sshd.8] - it's the OpenSSH one - - markus@cvs.openbsd.org 2001/02/18 11:33:54 - [dispatch.c] - typo, SSH2_MSG_KEXINIT, from aspa@kronodoc.fi - - markus@cvs.openbsd.org 2001/02/19 02:53:32 - [compat.c compat.h serverloop.c] - ssh-1.2.{18-22} has broken handling of ignore messages; report from - itojun@ - - markus@cvs.openbsd.org 2001/02/19 03:35:23 - [version.h] - OpenSSH_2.5.1 adds bug compat with 1.2.{18-22} - - deraadt@cvs.openbsd.org 2001/02/19 03:36:25 - [scp.c] - np is changed by recursion; vinschen@redhat.com - - Update versions in RPM spec files - - Release 2.5.1p1 - -20010218 - - (bal) Patch for fix FCHMOD reference in ftp-client.c by Tim Rice - - - (Bal) Patch for lack of RA_RESTART in misc.c for mysignal by - stevesk - - (djm) Fix my breaking of cygwin builds, Patch from Corinna Vinschen - and myself. - - (djm) Close listen_sock on bind() failures. Patch from Arkadiusz - Miskiewicz - - (djm) Robustify EGD/PRNGd code in face of socket closures. Patch from - Todd C. Miller - - (djm) Use ttyname() to determine name of tty returned by openpty() - rather then risking overflow. Patch from Marek Michalkiewicz - - - (djm) Swapped tests for no_libsocket and no_libnsl in configure.in. - Patch from Marek Michalkiewicz - - (djm) Doc fixes from Pekka Savola - - (djm) Use SA_INTERRUPT along SA_RESTART if present (equivalent for - SunOS) - - (djm) SCO needs librpc for libwrap. Patch from Tim Rice - - - (stevesk) misc.c: cpp rework of SA_(INTERRUPT|RESTART) handling. - - (stevesk) scp.c: use mysignal() for updateprogressmeter() handler. - - (djm) SA_INTERRUPT is the converse of SA_RESTART, apply it only for - SIGALRM. - - (djm) Move entropy.c over to mysignal() - - (djm) SunOS 4.x also needs to define HAVE_BOGUS_SYS_QUEUE_H as it has - a that lacks the TAILQ_* macros. Patch from Todd C. - Miller - - (djm) Update RPM spec files for 2.5.0p1 - - (djm) Merge BSD_AUTH support from Markus Friedl and David J. MacKenzie - enable with --with-bsd-auth. - - (stevesk) entropy.c: typo; should be SIGPIPE - -20010217 - - (bal) OpenBSD Sync: - - markus@cvs.openbsd.org 2001/02/16 13:38:18 - [channel.c] - remove debug - - markus@cvs.openbsd.org 2001/02/16 14:03:43 - [session.c] - proper payload-length check for x11 w/o screen-number - -20010216 - - (bal) added '--with-prce' to allow overriding of system regex when - required (tested by David Dulek ) - - (bal) Added DG/UX case and set that they have a broken IPTOS. - - (djm) Mini-configure reorder patch from Tim Rice - Fixes linking on SCO. - - (djm) Make gnome-ssh-askpass handle multi-line prompts. Patch from - Nalin Dahyabhai - - (djm) BSD license for gnome-ssh-askpass (was X11) - - (djm) KNF on gnome-ssh-askpass - - (djm) USE_PIPES for a few more sysv platforms - - (djm) Cleanup configure.in a little - - (djm) Ask users to check config.log when we can't find necessary libs - - (djm) Set "login ID" on systems with setluid. Only enabled for SCO - OpenServer for now. Based on patch from svaughan - - (djm) OpenBSD CVS: - - markus@cvs.openbsd.org 2001/02/15 16:19:59 - [channels.c channels.h serverloop.c sshconnect.c sshconnect.h] - [sshconnect1.c sshconnect2.c] - genericize password padding function for SSH1 and SSH2. - add stylized echo to 2, too. - - (djm) Add roundup() macro to defines.h - - (stevesk) set SA_RESTART flag in mysignal() for SIGCHLD; - needed on Unixware 2.x. - -20010215 - - (djm) Move PAM session setup back to before setuid to user. Fixes - problems on Solaris-derived PAMs. - - (djm) Clean up PAM namespace. Suggested by Darren Moffat - - - (bal) Sync w/ OpenSSH for new release - - markus@cvs.openbsd.org 2001/02/12 12:45:06 - [sshconnect1.c] - fix xmalloc(0), ok dugsong@ - - markus@cvs.openbsd.org 2001/02/11 12:59:25 - [Makefile.in sshd.8 sshconnect2.c readconf.h readconf.c packet.c - sshd.c ssh.c ssh.1 servconf.h servconf.c myproposal.h kex.h kex.c] - 1) clean up the MAC support for SSH-2 - 2) allow you to specify the MAC with 'ssh -m' - 3) or the 'MACs' keyword in ssh(d)_config - 4) add hmac-{md5,sha1}-96 - ok stevesk@, provos@ - - markus@cvs.openbsd.org 2001/02/12 16:16:23 - [auth-passwd.c auth.c auth.h auth1.c auth2.c servconf.c servconf.h - ssh-keygen.c sshd.8] - PermitRootLogin={yes,without-password,forced-commands-only,no} - (before this change, root could login even if PermitRootLogin==no) - - deraadt@cvs.openbsd.org 2001/02/12 22:56:09 - [clientloop.c packet.c ssh-keyscan.c] - deal with EAGAIN/EINTR selects which were skipped - - markus@cvs.openssh.org 2001/02/13 22:49:40 - [auth1.c auth2.c] - setproctitle(user) only if getpwnam succeeds - - markus@cvs.openbsd.org 2001/02/12 23:26:20 - [sshd.c] - missing memset; from solar@openwall.com - - stevesk@cvs.openbsd.org 2001/02/12 20:53:33 - [sftp-int.c] - lumask now works with 1 numeric arg; ok markus@, djm@ - - djm@cvs.openbsd.org 2001/02/14 9:46:03 - [sftp-client.c sftp-int.c sftp.1] - Fix and document 'preserve modes & times' option ('-p' flag in sftp); - ok markus@ - - (bal) replaced PATH_MAX in sftp-int.c w/ MAXPATHLEN. - - (djm) Move to Jim's 1.2.0 X11 askpass program - - (stevesk) OpenBSD sync: - - deraadt@cvs.openbsd.org 2001/02/15 01:38:04 - [serverloop.c] - indent - -20010214 - - (djm) Don't try to close PAM session or delete credentials if the - session has not been open or credentials not set. Based on patch from - Andrew Bartlett - - (djm) Move PAM session initialisation until after fork in sshd. Patch - from Nalin Dahyabhai - - (bal) Missing function prototype in bsd-snprintf.c patch by - Mark Miller - - (djm) Split out and improve OSF SIA auth code. Patch from Chris Adams - with a little modification and KNF. - - (stevesk) fix for SIA patch, misplaced session_setup_sia() - -20010213 - - (djm) Only test -S potential EGD sockets if they exist and are readable. - - (bal) Cleaned out bsd-snprintf.c. VARARGS have been banished and - I did a base KNF over the whe whole file to make it more acceptable. - (backed out of original patch and removed it from ChangeLog) - - (bal) Use chown() if fchown() does not exist in ftp-server.c patch by - Tim Rice - - (stevesk) auth1.c: fix PAM passwordless check. - -20010212 - - (djm) Update Redhat specfile to allow --define "skip_x11_askpass 1", - --define "skip_gnome_askpass 1", --define "rh7 1" and make the - implicit rpm-3.0.5 dependancy explicit. Patch and suggestions from - Pekka Savola - - (djm) Clean up PCRE text in INSTALL - - (djm) Fix OSF SIA auth NULL pointer deref. Report from Mike Battersby - - - (bal) NCR SVR4 compatiblity provide by Don Bragg - - (stevesk) session.c: remove debugging code. - -20010211 - - (bal) OpenBSD Sync - - markus@cvs.openbsd.org 2001/02/07 22:35:46 - [auth1.c auth2.c sshd.c] - move k_setpag() to a central place; ok dugsong@ - - markus@cvs.openbsd.org 2001/02/10 12:52:02 - [auth2.c] - offer passwd before s/key - - markus@cvs.openbsd.org 2001/02/8 22:37:10 - [canohost.c] - remove last call to sprintf; ok deraadt@ - - markus@cvs.openbsd.org 2001/02/10 1:33:32 - [canohost.c] - add debug message, since sshd blocks here if DNS is not available - - markus@cvs.openbsd.org 2001/02/10 12:44:02 - [cli.c] - don't call vis() for \r - - danh@cvs.openbsd.org 2001/02/10 0:12:43 - [scp.c] - revert a small change to allow -r option to work again; ok deraadt@ - - danh@cvs.openbsd.org 2001/02/10 15:14:11 - [scp.c] - fix memory leak; ok markus@ - - djm@cvs.openbsd.org 2001/02/10 0:45:52 - [scp.1] - Mention that you can quote pathnames with spaces in them - - markus@cvs.openbsd.org 2001/02/10 1:46:28 - [ssh.c] - remove mapping of argv[0] -> hostname - - markus@cvs.openbsd.org 2001/02/06 22:26:17 - [sshconnect2.c] - do not ask for passphrase in batch mode; report from ejb@ql.org - - itojun@cvs.opebsd.org 2001/02/08 10:47:05 - [sshconnect.c sshconnect1.c sshconnect2.c] - %.30s is too short for IPv6 numeric address. use %.128s for now. - markus ok - - markus@cvs.openbsd.org 2001/02/09 12:28:35 - [sshconnect2.c] - do not free twice, thanks to /etc/malloc.conf - - markus@cvs.openbsd.org 2001/02/09 17:10:53 - [sshconnect2.c] - partial success: debug->log; "Permission denied" if no more auth methods - - markus@cvs.openbsd.org 2001/02/10 12:09:21 - [sshconnect2.c] - remove some lines - - markus@cvs.openbsd.org 2001/02/09 13:38:07 - [auth-options.c] - reset options if no option is given; from han.holl@prismant.nl - - markus@cvs.openbsd.org 2001/02/08 21:58:28 - [channels.c] - nuke sprintf, ok deraadt@ - - markus@cvs.openbsd.org 2001/02/08 21:58:28 - [channels.c] - nuke sprintf, ok deraadt@ - - markus@cvs.openbsd.org 2001/02/06 22:43:02 - [clientloop.h] - remove confusing callback code - - deraadt@cvs.openbsd.org 2001/02/08 14:39:36 - [readconf.c] - snprintf - - itojun@cvs.openbsd.org 2001/02/08 19:30:52 - sync with netbsd tree changes. - - more strict prototypes, include necessary headers - - use paths.h/pathnames.h decls - - size_t typecase to int -> u_long - - itojun@cvs.openbsd.org 2001/02/07 18:04:50 - [ssh-keyscan.c] - fix size_t -> int cast (use u_long). markus ok - - markus@cvs.openbsd.org 2001/02/07 22:43:16 - [ssh-keyscan.c] - s/getline/Linebuf_getline/; from roumen.petrov@skalasoft.com - - itojun@cvs.openbsd.org 2001/02/09 9:04:59 - [ssh-keyscan.c] - do not assume malloc() returns zero-filled region. found by - malloc.conf=AJ. - - markus@cvs.openbsd.org 2001/02/08 22:35:30 - [sshconnect.c] - don't connect if batch_mode is true and stricthostkeychecking set to - 'ask' - - djm@cvs.openbsd.org 2001/02/04 21:26:07 - [sshd_config] - type: ok markus@ - - deraadt@cvs.openbsd.org 2001/02/06 22:07:50 - [sshd_config] - enable sftp-server by default - - deraadt 2001/02/07 8:57:26 - [xmalloc.c] - deal with new ANSI malloc stuff - - markus@cvs.openbsd.org 2001/02/07 16:46:08 - [xmalloc.c] - typo in fatal() - - itojun@cvs.openbsd.org 2001/02/07 18:04:50 - [xmalloc.c] - fix size_t -> int cast (use u_long). markus ok - - 1.47 Thu Feb 8 23:11:42 GMT 2001 by dugsong - [serverloop.c sshconnect1.c] - mitigate SSH1 traffic analysis - from Solar Designer - , ok provos@ - - (bal) fixed sftp-client.c. Return 'status' instead of '0' - (from the OpenBSD tree) - - (bal) Synced ssh.1, ssh-add.1 and sshd.8 w/ OpenBSD - - (bal) sftp-sever.c '%8lld' to '%8llu' (OpenBSD Sync) - - (bal) uuencode.c resync w/ OpenBSD tree, plus whitespace. - - (bal) A bit more whitespace cleanup - - (djm) Set PAM_RHOST earlier, patch from Andrew Bartlett - - - (stevesk) misc.c: ssh.h not needed. - - (stevesk) compat.c: more friendly cpp error - - (stevesk) OpenBSD sync: - - stevesk@cvs.openbsd.org 2001/02/11 06:15:57 - [LICENSE] - typos and small cleanup; ok deraadt@ - -20010210 - - (djm) Sync sftp and scp stuff from OpenBSD: - - djm@cvs.openbsd.org 2001/02/07 03:55:13 - [sftp-client.c] - Don't free handles before we are done with them. Based on work from - Corinna Vinschen . ok markus@ - - djm@cvs.openbsd.org 2001/02/06 22:32:53 - [sftp.1] - Punctuation fix from Pekka Savola - - deraadt@cvs.openbsd.org 2001/02/07 04:07:29 - [sftp.1] - pretty up significantly - - itojun@cvs.openbsd.org 2001/02/07 06:49:42 - [sftp.1] - .Bl-.El mismatch. markus ok - - djm@cvs.openbsd.org 2001/02/07 06:12:30 - [sftp-int.c] - Check that target is a directory before doing ls; ok markus@ - - itojun@cvs.openbsd.org 2001/02/07 11:01:18 - [scp.c sftp-client.c sftp-server.c] - unsigned long long -> %llu, not %qu. markus ok - - stevesk@cvs.openbsd.org 2001/02/07 11:10:39 - [sftp.1 sftp-int.c] - more man page cleanup and sync of help text with man page; ok markus@ - - markus@cvs.openbsd.org 2001/02/07 14:58:34 - [sftp-client.c] - older servers reply with SSH2_FXP_NAME + count==0 instead of EOF - - djm@cvs.openbsd.org 2001/02/07 15:27:19 - [sftp.c] - Don't forward agent and X11 in sftp. Suggestion from Roumen Petrov - - - stevesk@cvs.openbsd.org 2001/02/07 15:36:04 - [sftp-int.c] - portable; ok markus@ - - stevesk@cvs.openbsd.org 2001/02/07 15:55:47 - [sftp-int.c] - lowercase cmds[].c also; ok markus@ - - markus@cvs.openbsd.org 2001/02/07 17:04:52 - [pathnames.h sftp.c] - allow sftp over ssh protocol 1; ok djm@ - - deraadt@cvs.openbsd.org 2001/02/08 07:38:55 - [scp.c] - memory leak fix, and snprintf throughout - - deraadt@cvs.openbsd.org 2001/02/08 08:02:02 - [sftp-int.c] - plug a memory leak - - stevesk@cvs.openbsd.org 2001/02/08 10:11:23 - [session.c sftp-client.c] - %i -> %d - - stevesk@cvs.openbsd.org 2001/02/08 10:57:59 - [sftp-int.c] - typo - - stevesk@cvs.openbsd.org 2001/02/08 15:28:07 - [sftp-int.c pathnames.h] - _PATH_LS; ok markus@ - - djm@cvs.openbsd.org 2001/02/09 04:46:25 - [sftp-int.c] - Check for NULL attribs for chown, chmod & chgrp operations, only send - relevant attribs back to server; ok markus@ - - djm@cvs.openbsd.org 2001/02/06 15:05:25 - [sftp.c] - Use getopt to process commandline arguments - - djm@cvs.openbsd.org 2001/02/06 15:06:21 - [sftp.c ] - Wait for ssh subprocess at exit - - djm@cvs.openbsd.org 2001/02/06 15:18:16 - [sftp-int.c] - stat target for remote chdir before doing chdir - - djm@cvs.openbsd.org 2001/02/06 15:32:54 - [sftp.1] - Punctuation fix from Pekka Savola - - provos@cvs.openbsd.org 2001/02/05 22:22:02 - [sftp-int.c] - cleanup get_pathname, fix pwd after failed cd. okay djm@ - - (djm) Update makefile.in for _PATH_SFTP_SERVER - - (bal) sftp-client.c replace NULL w/ 0 in do_ls() (pending in OpenBSD tree) - -20010209 - - (bal) patch to vis.c to deal with HAVE_VIS right by Robert Mooney - - - (bal) .c.o rule in openbsd-compat/Makefile.in did not make it to the - main tree while porting forward. Pointed out by Lutz Jaenicke - - - (bal) double entry in configure.in. Pointed out by Lutz Jaenicke - - - (stevesk) OpenBSD sync: - - markus@cvs.openbsd.org 2001/02/08 11:20:01 - [auth2.c] - strict checking - - markus@cvs.openbsd.org 2001/02/08 11:15:22 - [version.h] - update to 2.3.2 - - markus@cvs.openbsd.org 2001/02/08 11:12:30 - [auth2.c] - fix typo - - (djm) Update spec files - - (bal) OpenBSD sync: - - deraadt@cvs.openbsd.org 2001/02/08 14:38:54 - [scp.c] - memory leak fix, and snprintf throughout - - markus@cvs.openbsd.org 2001/02/06 22:43:02 - [clientloop.c] - remove confusing callback code - - (djm) Add CVS Id's to files that we have missed - - (bal) OpenBSD Sync (more): - - itojun@cvs.openbsd.org 2001/02/08 19:30:52 - sync with netbsd tree changes. - - more strict prototypes, include necessary headers - - use paths.h/pathnames.h decls - - size_t typecase to int -> u_long - - markus@cvs.openbsd.org 2001/02/06 22:07:42 - [ssh.c] - fatal() if subsystem fails - - markus@cvs.openbsd.org 2001/02/06 22:43:02 - [ssh.c] - remove confusing callback code - - jakob@cvs.openbsd.org 2001/02/06 23:03:24 - [ssh.c] - add -1 option (force protocol version 1). ok markus@ - - jakob@cvs.openbsd.org 2001/02/06 23:06:21 - [ssh.c] - reorder -{1,2,4,6} options. ok markus@ - - (bal) Missing 'const' in readpass.h - - (bal) OpenBSD Sync (so at least the thing compiles for 2.3.2 =) - - djm@cvs.openbsd.org 2001/02/06 23:30:28 - [sftp-client.c] - replace arc4random with counter for request ids; ok markus@ - - (djm) Define _PATH_TTY for systems that don't. Report from Lutz - Jaenicke - -20010208 - - (djm) Don't delete external askpass program in make uninstall target. - Report and fix from Roumen Petrov - - (djm) Fix linking of sftp, don't need arc4random any more. - - (djm) Try to use shell that supports "test -S" for EGD socket search. - Based on patch from Tim Rice - -20010207 - - (bal) Save the whole path to AR in configure. Some Solaris 2.7 installs - seem lose track of it while in openbsd-compat/ (two confirmed reports) - - (djm) Much KNF on PAM code - - (djm) Revise auth-pam.c conversation function to be a little more - readable. - - (djm) Revise kbd-int PAM conversation function to fold all text messages - to before first prompt. Fixes hangs if last pam_message did not require - a reply. - - (djm) Fix password changing when using PAM kbd-int authentication - -20010205 - - (bal) Disable groupaccess by setting NGROUPS_MAX to 0 for platforms - that don't have NGROUPS_MAX. - - (bal) AIX patch for auth1.c by William L. Jones - - (stevesk) OpenBSD sync: - - stevesk@cvs.openbsd.org 2001/02/04 08:32:27 - [many files; did this manually to our top-level source dir] - unexpand and remove end-of-line whitespace; ok markus@ - - stevesk@cvs.openbsd.org 2001/02/04 15:21:19 - [sftp-server.c] - SSH2_FILEXFER_ATTR_UIDGID support; ok markus@ - - deraadt@cvs.openbsd.org 2001/02/04 17:02:32 - [sftp-int.c] - ? == help - - deraadt@cvs.openbsd.org 2001/02/04 16:47:46 - [sftp-int.c] - sort commands, so that abbreviations work as expected - - stevesk@cvs.openbsd.org 2001/02/04 15:17:52 - [sftp-int.c] - debugging sftp: precedence and missing break. chmod, chown, chgrp - seem to be working now. - - markus@cvs.openbsd.org 2001/02/04 14:41:21 - [sftp-int.c] - use base 8 for umask/chmod - - markus@cvs.openbsd.org 2001/02/04 11:11:54 - [sftp-int.c] - fix LCD - - markus@cvs.openbsd.org 2001/02/04 08:10:44 - [ssh.1] - typo; dpo@club-internet.fr - - stevesk@cvs.openbsd.org 2001/02/04 06:30:12 - [auth2.c authfd.c packet.c] - remove duplicate #include's; ok markus@ - - deraadt@cvs.openbsd.org 2001/02/04 16:56:23 - [scp.c sshd.c] - alpha happiness - - stevesk@cvs.openbsd.org 2001/02/04 15:12:17 - [sshd.c] - precedence; ok markus@ - - deraadt@cvs.openbsd.org 2001/02/04 08:14:15 - [ssh.c sshd.c] - make the alpha happy - - markus@cvs.openbsd.org 2001/01/31 13:37:24 - [channels.c channels.h serverloop.c ssh.c] - do not disconnect if local port forwarding fails, e.g. if port is - already in use - - markus@cvs.openbsd.org 2001/02/01 14:58:09 - [channels.c] - use ipaddr in channel messages, ietf-secsh wants this - - markus@cvs.openbsd.org 2001/01/31 12:26:20 - [channels.c] - ssh.com-2.0.1x does not send additional info in CHANNEL_OPEN_FAILURE - messages; bug report from edmundo@rano.org - - markus@cvs.openbsd.org 2001/01/31 13:48:09 - [sshconnect2.c] - unused - - deraadt@cvs.openbsd.org 2001/02/04 08:23:08 - [sftp-client.c sftp-server.c] - make gcc on the alpha even happier - -20010204 - - (bal) I think this is the last of the bsd-*.h that don't belong. - - (bal) Minor Makefile fix - - (bal) openbsd-compat/Makefile minor fix. Ensure dependancies are done - right. - - (bal) Changed order of LIB="" in -with-skey due to library resolving. - - (bal) next-posix.h changed to bsd-nextstep.h - - (djm) OpenBSD CVS sync: - - markus@cvs.openbsd.org 2001/02/03 03:08:38 - [auth-options.c auth-rh-rsa.c auth-rhosts.c auth.c canohost.c] - [canohost.h servconf.c servconf.h session.c sshconnect1.c sshd.8] - [sshd_config] - make ReverseMappingCheck optional in sshd_config; ok djm@,dugsong@ - - markus@cvs.openbsd.org 2001/02/03 03:19:51 - [ssh.1 sshd.8 sshd_config] - Skey is now called ChallengeResponse - - markus@cvs.openbsd.org 2001/02/03 03:43:09 - [sshd.8] - use no-pty option in .ssh/authorized_keys* if you need a 8-bit clean - channel. note from Erik.Anggard@cygate.se (pr/1659) - - stevesk@cvs.openbsd.org 2001/02/03 10:03:06 - [ssh.1] - typos; ok markus@ - - djm@cvs.openbsd.org 2001/02/04 04:11:56 - [scp.1 sftp-server.c ssh.1 sshd.8 sftp-client.c sftp-client.h] - [sftp-common.c sftp-common.h sftp-int.c sftp-int.h sftp.1 sftp.c] - Basic interactive sftp client; ok theo@ - - (djm) Update RPM specs for new sftp binary - - (djm) Update several bits for new optional reverse lookup stuff. I - think I got them all. - - (djm) Makefile.in fixes - - (stevesk) add mysignal() wrapper and use it for the protocol 2 - SIGCHLD handler. - - (djm) Use setvbuf() instead of setlinebuf(). Suggest from stevesk@ - -20010203 - - (bal) Cygwin clean up by Corinna Vinschen - - (bal) renamed queue.h to fake-queue.h (even if it's an OpenBSD - based file) to ensure #include space does not get confused. - - (bal) Minor Makefile.in tweak. dirname may not exist on some - platforms so builds fail. (NeXT being a well known one) - -20010202 - - (bal) Makefile fix where sourcedir != builddir by Corinna Vinschen - - - (bal) Makefile fix to use $(MAKE) instead of 'make' for platforms - that use 'gmake'. Patch by Tim Rice - -20010201 - - (bal) Minor fix to Makefile to stop rebuilding executables if no - changes have occured to any of the supporting code. Patch by - Roumen Petrov - -20010131 - - (djm) OpenBSD CVS Sync: - - djm@cvs.openbsd.org 2001/01/30 15:48:53 - [sshconnect.c] - Make warning message a little more consistent. ok markus@ - - (djm) Fix autoconf logic for --with-lastlog=no Report and diagnosis from - Philipp Buehler and Kevin Steves - respectively. - - (djm) Don't log SSH2 PAM KbdInt responses to debug, they may contain - passwords. - - (bal) Reorder. Move all bsd-*, fake-*, next-*, and cygwin* stuff to - openbsd-compat/. And resolve all ./configure and Makefile.in issues - assocated. - -20010130 - - (djm) OpenBSD CVS Sync: - - markus@cvs.openbsd.org 2001/01/29 09:55:37 - [channels.c channels.h clientloop.c serverloop.c] - fix select overflow; ok deraadt@ and stevesk@ - - markus@cvs.openbsd.org 2001/01/29 12:42:35 - [canohost.c canohost.h channels.c clientloop.c] - add get_peer_ipaddr(socket), x11-fwd in ssh2 requires ipaddr, not DNS - - markus@cvs.openbsd.org 2001/01/29 12:47:32 - [rsa.c rsa.h ssh-agent.c sshconnect1.c sshd.c] - handle rsa_private_decrypt failures; helps against the Bleichenbacher - pkcs#1 attack - - djm@cvs.openbsd.org 2001/01/29 05:36:11 - [ssh.1 ssh.c] - Allow invocation of sybsystem by commandline (-s); ok markus@ - - (stevesk) configure.in: remove duplicate PROG_LS - -20010129 - - (stevesk) sftp-server.c: use %lld vs. %qd - -20010128 - - (bal) Put USE_PIPES back into sco3.2v5 - - (bal) OpenBSD Sync - - markus@cvs.openbsd.org 2001/01/28 10:15:34 - [dispatch.c] - re-keying is not supported; ok deraadt@ - - markus@cvs.openbsd.org 2001/01/28 10:24:04 - [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8] - cleanup AUTHORS sections - - markus@cvs.openbsd.org 2001/01/28 10:37:26 - [sshd.c sshd.8] - remove -Q, no longer needed - - stevesk@cvs.openbsd.org 2001/01/28 20:36:16 - [readconf.c ssh.1] - ``StrictHostKeyChecking ask'' documentation and small cleanup. - ok markus@ - - stevesk@cvs.openbsd.org 2001/01/28 20:43:25 - [sshd.8] - spelling. ok markus@ - - stevesk@cvs.openbsd.org 2001/01/28 20:53:21 - [xmalloc.c] - use size_t for strlen() return. ok markus@ - - stevesk@cvs.openbsd.org 2001/01/28 22:27:05 - [authfile.c] - spelling. use sizeof vs. strlen(). ok markus@ - - niklas@cvs.openbsd.org 2001/01/29 1:59:14 - [atomicio.h canohost.h clientloop.h deattack.h dh.h dispatch.h - groupaccess.c groupaccess.h hmac.h hostfile.h includes.h kex.h - key.h log.h login.h match.h misc.h myproposal.h nchan.ms pathnames.h - radix.h readpass.h rijndael.h serverloop.h session.h sftp.h ssh-add.1 - ssh-dss.h ssh-keygen.1 ssh-keyscan.1 ssh-rsa.h ssh1.h ssh_config - sshconnect.h sshd_config tildexpand.h uidswap.h uuencode.h] - $OpenBSD$ - - (bal) Minor auth2.c resync. Whitespace and moving of an #include. - -20010126 - - (bal) SSH_PROGRAM vs _PATH_SSH_PROGRAM fix pointed out by Roumen - Petrov - - (bal) OpenBSD Sync - - deraadt@cvs.openbsd.org 2001/01/25 8:06:33 - [ssh-agent.c] - call _exit() in signal handler - -20010125 - - (djm) Sync bsd-* support files: - - deraadt@cvs.openbsd.org 2000/01/26 03:43:20 - [rresvport.c bindresvport.c] - new bindresvport() semantics that itojun, shin, jean-luc and i have - agreed on, which will be happy for the future. bindresvport_sa() for - sockaddr *, too. docs later.. - - deraadt@cvs.openbsd.org 2000/01/24 02:24:21 - [bindresvport.c] - in bindresvport(), if sin is non-NULL, example sin->sin_family for - the actual family being processed - - (djm) Mention PRNGd in documentation, it is nicer than EGD - - (djm) Automatically search for "well-known" EGD/PRNGd sockets in autoconf - - (bal) AC_FUNC_STRFTIME added to autoconf - - (bal) OpenBSD Resync - - stevesk@cvs.openbsd.org 2001/01/24 21:03:50 - [channels.c] - missing freeaddrinfo(); ok markus@ - -20010124 - - (bal) OpenBSD Resync - - markus@cvs.openbsd.org 2001/01/23 10:45:10 - [ssh.h] - nuke comment - - (bal) no 64bit support patch from Tim Rice - - (bal) #ifdef around S_IFSOCK if platform does not support it. - patch by Tim Rice - - (bal) fake-regex.h cleanup based on Tim Rice's patch. - - (stevesk) sftp-server.c: fix chmod() mode mask - -20010123 - - (bal) regexp.h typo in configure.in. Should have been regex.h - - (bal) SSH_USER_DIR to _PATH_SSH_USER_DIR patch by stevesk@ - - (bal) SSH_ASKPASS_DEFAULT to _PATH_SSH_ASKPASS_DEFAULT - - (bal) OpenBSD Resync - - markus@cvs.openbsd.org 2001/01/22 8:15:00 - [auth-krb4.c sshconnect1.c] - only AFS needs radix.[ch] - - markus@cvs.openbsd.org 2001/01/22 8:32:53 - [auth2.c] - no need to include; from mouring@etoh.eviladmin.org - - stevesk@cvs.openbsd.org 2001/01/22 16:55:21 - [key.c] - free() -> xfree(); ok markus@ - - stevesk@cvs.openbsd.org 2001/01/22 17:22:28 - [sshconnect2.c sshd.c] - fix memory leaks in SSH2 key exchange; ok markus@ - - markus@cvs.openbsd.org 2001/01/22 23:06:39 - [auth1.c auth2.c readconf.c readconf.h servconf.c servconf.h - sshconnect1.c sshconnect2.c sshd.c] - rename skey -> challenge response. - auto-enable kbd-interactive for ssh2 if challenge-reponse is enabled. - - -20010122 - - (bal) OpenBSD Resync - - markus@cvs.openbsd.org 2001/01/19 12:45:26 GMT 2001 by markus - [servconf.c ssh.h sshd.c] - only auth-chall.c needs #ifdef SKEY - - markus@cvs.openbsd.org 2001/01/19 15:55:10 GMT 2001 by markus - [auth-krb4.c auth-options.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c - auth1.c auth2.c channels.c clientloop.c dh.c dispatch.c nchan.c - packet.c pathname.h readconf.c scp.c servconf.c serverloop.c - session.c ssh-add.c ssh-keygen.c ssh-keyscan.c ssh.c ssh.h - ssh1.h sshconnect1.c sshd.c ttymodes.c] - move ssh1 definitions to ssh1.h, pathnames to pathnames.h - - markus@cvs.openbsd.org 2001/01/19 16:48:14 - [sshd.8] - fix typo; from stevesk@ - - markus@cvs.openbsd.org 2001/01/19 16:50:58 - [ssh-dss.c] - clear and free digest, make consistent with other code (use dlen); from - stevesk@ - - markus@cvs.openbsd.org 2001/01/20 15:55:20 GMT 2001 by markus - [auth-options.c auth-options.h auth-rsa.c auth2.c] - pass the filename to auth_parse_options() - - markus@cvs.openbsd.org 2001/01/20 17:59:40 GMT 2001 - [readconf.c] - fix SIGSEGV from -o ""; problem noted by jehsom@togetherweb.com - - stevesk@cvs.openbsd.org 2001/01/20 18:20:29 - [sshconnect2.c] - dh_new_group() does not return NULL. ok markus@ - - markus@cvs.openbsd.org 2001/01/20 21:33:42 - [ssh-add.c] - do not loop forever if askpass does not exist; from - andrew@pimlott.ne.mediaone.net - - djm@cvs.openbsd.org 2001/01/20 23:00:56 - [servconf.c] - Check for NULL return from strdelim; ok markus - - djm@cvs.openbsd.org 2001/01/20 23:02:07 - [readconf.c] - KNF; ok markus - - jakob@cvs.openbsd.org 2001/01/21 9:00:33 - [ssh-keygen.1] - remove -R flag; ok markus@ - - markus@cvs.openbsd.org 2001/01/21 19:05:40 - [atomicio.c automicio.h auth-chall.c auth-krb4.c auth-options.c - auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c - auth.c auth.h auth1.c auth2-chall.c auth2.c authfd.c authfile.c - bufaux.c bufaux.h buffer.c canahost.c canahost.h channels.c - cipher.c cli.c clientloop.c clientloop.h compat.c compress.c - deattack.c dh.c dispatch.c groupaccess.c hmac.c hostfile.c kex.c - key.c key.h log-client.c log-server.c log.c log.h login.c login.h - match.c misc.c misc.h nchan.c packet.c pty.c radix.h readconf.c - readpass.c readpass.h rsa.c scp.c servconf.c serverloop.c serverloop.h - session.c sftp-server.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c - ssh-keyscan.c ssh-rsa.c ssh.c ssh.h sshconnect.c sshconnect.h - sshconnect1.c sshconnect2.c sshd.c tildexpand.c tildexpand.h - ttysmodes.c uidswap.c xmalloc.c] - split ssh.h and try to cleanup the #include mess. remove unnecessary - #includes. rename util.[ch] -> misc.[ch] - - (bal) renamed 'PIDDIR' to '_PATH_SSH_PIDDIR' to match OpenBSD tree - - (bal) Moved #ifdef KRB4 in auth-krb4.c above the #include to resolve - conflict when compiling for non-kerb install - - (bal) removed the #ifdef SKEY in auth1.c to match Markus' changes - on 1/19. - -20010120 - - (bal) OpenBSD Resync - - markus@cvs.openbsd.org 2001/01/19 12:45:26 - [ssh-chall.c servconf.c servconf.h ssh.h sshd.c] - only auth-chall.c needs #ifdef SKEY - - (bal) Slight auth2-pam.c clean up. - - (bal) Includes a fake-regexp.h to be only used if regcomp() is found, - but no 'regexp.h' found (SCO OpenServer 3 lacks the header). - -20010119 - - (djm) Update versions in RPM specfiles - - (bal) OpenBSD Resync - - markus@cvs.openbsd.org 2001/01/18 16:20:21 - [log-client.c log-server.c log.c readconf.c servconf.c ssh.1 ssh.h - sshd.8 sshd.c] - log() is at pri=LOG_INFO, since LOG_NOTICE goes to /dev/console on many - systems - - markus@cvs.openbsd.org 2001/01/18 16:59:59 - [auth-passwd.c auth.c auth.h auth1.c auth2.c serverloop.c session.c - session.h sshconnect1.c] - 1) removes fake skey from sshd, since this will be much - harder with /usr/libexec/auth/login_XXX - 2) share/unify code used in ssh-1 and ssh-2 authentication (server side) - 3) make addition of BSD_AUTH and other challenge reponse methods - easier. - - markus@cvs.openbsd.org 2001/01/18 17:12:43 - [auth-chall.c auth2-chall.c] - rename *-skey.c *-chall.c since the files are not skey specific - - (djm) Merge patch from Tim Waugh (via Nalin Dahyabhai ) - to fix NULL pointer deref and fake authloop breakage in PAM code. - - (bal) Updated contrib/cygwin/ by Corinna Vinschen - - (bal) Minor cygwin patch to auth1.c. Suggested by djm. - -20010118 - - (bal) Super Sized OpenBSD Resync - - markus@cvs.openbsd.org 2001/01/11 22:14:20 GMT 2001 by markus - [sshd.c] - maxfd+1 - - markus@cvs.openbsd.org 2001/01/13 17:59:18 - [ssh-keygen.1] - small ssh-keygen manpage cleanup; stevesk@pobox.com - - markus@cvs.openbsd.org 2001/01/13 18:03:07 - [scp.c ssh-keygen.c sshd.c] - getopt() returns -1 not EOF; stevesk@pobox.com - - markus@cvs.openbsd.org 2001/01/13 18:06:54 - [ssh-keyscan.c] - use SSH_DEFAULT_PORT; from stevesk@pobox.com - - markus@cvs.openbsd.org 2001/01/13 18:12:47 - [ssh-keyscan.c] - free() -> xfree(); fix memory leak; from stevesk@pobox.com - - markus@cvs.openbsd.org 2001/01/13 18:14:13 - [ssh-add.c] - typo, from stevesk@sweden.hp.com - - markus@cvs.openbsd.org 2001/01/13 18:32:50 - [packet.c session.c ssh.c sshconnect.c sshd.c] - split out keepalive from packet_interactive (from dale@accentre.com) - set IPTOS_LOWDELAY TCP_NODELAY IPTOS_THROUGHPUT for ssh2, too. - - markus@cvs.openbsd.org 2001/01/13 18:36:45 - [packet.c packet.h] - reorder, typo - - markus@cvs.openbsd.org 2001/01/13 18:38:00 - [auth-options.c] - fix comment - - markus@cvs.openbsd.org 2001/01/13 18:43:31 - [session.c] - Wall - - markus@cvs.openbsd.org 2001/01/13 19:14:08 - [clientloop.h clientloop.c ssh.c] - move callback to headerfile - - markus@cvs.openbsd.org 2001/01/15 21:40:10 - [ssh.c] - use log() instead of stderr - - markus@cvs.openbsd.org 2001/01/15 21:43:51 - [dh.c] - use error() not stderr! - - markus@cvs.openbsd.org 2001/01/15 21:45:29 - [sftp-server.c] - rename must fail if newpath exists, debug off by default - - markus@cvs.openbsd.org 2001/01/15 21:46:38 - [sftp-server.c] - readable long listing for sftp-server, ok deraadt@ - - markus@cvs.openbsd.org 2001/01/16 19:20:06 - [key.c ssh-rsa.c] - make "ssh-rsa" key format for ssh2 confirm to the ietf-drafts; from - galb@vandyke.com. note that you have to delete older ssh2-rsa keys, - since they are in the wrong format, too. they must be removed from - .ssh/authorized_keys2 and .ssh/known_hosts2, etc. - (cd; grep -v ssh-rsa .ssh/authorized_keys2 > TMP && mv TMP - .ssh/authorized_keys2) additionally, we now check that - BN_num_bits(rsa->n) >= 768. - - markus@cvs.openbsd.org 2001/01/16 20:54:27 - [sftp-server.c] - remove some statics. simpler handles; idea from nisse@lysator.liu.se - - deraadt@cvs.openbsd.org 2001/01/16 23:58:08 - [bufaux.c radix.c sshconnect.h sshconnect1.c] - indent - - (bal) Added bsd-strmode.[ch] since some non-OpenBSD platforms may - be missing such feature. - - -20010117 - - (djm) Only write random seed file at exit - - (djm) Make PAM support optional, enable with --with-pam - - (djm) Try to use libcrypt on Linux, but link it after OpenSSL (which - provides a crypt() of its own) - - (djm) Avoid a warning in bsd-bindresvport.c - - (djm) Try to avoid adding -I/usr/include to CPPFLAGS during SSL tests. This - can cause weird segfaults errors on Solaris - - (djm) Avoid warning in PAM code by making read_passphrase arguments const - - (djm) Add --with-pam to RPM spec files - -20010115 - - (bal) sftp-server.c change to use chmod() if fchmod() does not exist. - - (bal) utimes() support via utime() interface on machine that lack utimes(). - -20010114 - - (stevesk) initial work for OpenBSD "support supplementary group in - {Allow,Deny}Groups" patch: - - import getgrouplist.c from OpenBSD (bsd-getgrouplist.c) - - add bsd-getgrouplist.h - - new files groupaccess.[ch] - - build but don't use yet (need to merge auth.c changes) - - (stevesk) complete: - - markus@cvs.openbsd.org 2001/01/13 11:56:48 - [auth.c sshd.8] - support supplementary group in {Allow,Deny}Groups - from stevesk@pobox.com - -20010112 - - (bal) OpenBSD Sync - - markus@cvs.openbsd.org 2001/01/10 22:56:22 - [bufaux.h bufaux.c sftp-server.c sftp.h getput.h] - cleanup sftp-server implementation: - add buffer_get_int64, buffer_put_int64, GET_64BIT, PUT_64BIT - parse SSH2_FILEXFER_ATTR_EXTENDED - send SSH2_FX_EOF if readdir returns no more entries - reply to SSH2_FXP_EXTENDED message - use #defines from the draft - move #definations to sftp.h - more info: - http://www.ietf.org/internet-drafts/draft-ietf-secsh-filexfer-00.txt - - markus@cvs.openbsd.org 2001/01/10 19:43:20 - [sshd.c] - XXX - generate_empheral_server_key() is not safe against races, - because it calls log() - - markus@cvs.openbsd.org 2001/01/09 21:19:50 - [packet.c] - allow TCP_NDELAY for ipv6; from netbsd via itojun@ - -20010110 - - (djm) SNI/Reliant Unix needs USE_PIPES and $DISPLAY hack. Report from - Bladt Norbert - -20010109 - - (bal) Resync CVS ID of cli.c - - (stevesk) auth1.c: free should be after WITH_AIXAUTHENTICATE - code. - - (bal) OpenBSD Sync - - markus@cvs.openbsd.org 2001/01/08 22:29:05 - [auth2.c compat.c compat.h servconf.c servconf.h sshd.8 - sshd_config version.h] - implement option 'Banner /etc/issue.net' for ssh2, move version to - 2.3.1 (needed for bugcompat detection, 2.3.0 would fail if Banner - is enabled). - - markus@cvs.openbsd.org 2001/01/08 22:03:23 - [channels.c ssh-keyscan.c] - O_NDELAY -> O_NONBLOCK; thanks stevesk@pobox.com - - markus@cvs.openbsd.org 2001/01/08 21:55:41 - [sshconnect1.c] - more cleanups and fixes from stevesk@pobox.com: - 1) try_agent_authentication() for loop will overwrite key just - allocated with key_new(); don't alloc - 2) call ssh_close_authentication_connection() before exit - try_agent_authentication() - 3) free mem on bad passphrase in try_rsa_authentication() - - markus@cvs.openbsd.org 2001/01/08 21:48:17 - [kex.c] - missing free; thanks stevesk@pobox.com - - (bal) Detect if clock_t structure exists, if not define it. - - (bal) Detect if O_NONBLOCK exists, if not define it. - - (bal) removed news4-posix.h (now empty) - - (bal) changed bsd-bindresvport.c and bsd-rresvport.c to use 'socklen_t' - instead of 'int' - - (stevesk) sshd_config: sync - - (stevesk) defines.h: remove spurious ``;'' - -20010108 - - (bal) Fixed another typo in cli.c - - (bal) OpenBSD Sync - - markus@cvs.openbsd.org 2001/01/07 21:26:55 - [cli.c] - typo - - markus@cvs.openbsd.org 2001/01/07 21:26:55 - [cli.c] - missing free, stevesk@pobox.com - - markus@cvs.openbsd.org 2001/01/07 19:06:25 - [auth1.c] - missing free, stevesk@pobox.com - - markus@cvs.openbsd.org 2001/01/07 11:28:04 - [log-client.c log-server.c log.c readconf.c servconf.c ssh.1 - ssh.h sshd.8 sshd.c] - rename SYSLOG_LEVEL_INFO->SYSLOG_LEVEL_NOTICE - syslog priority changes: - fatal() LOG_ERR -> LOG_CRIT - log() LOG_INFO -> LOG_NOTICE - - Updated TODO - -20010107 - - (bal) OpenBSD Sync - - markus@cvs.openbsd.org 2001/01/06 11:23:27 - [ssh-rsa.c] - remove unused - - itojun@cvs.openbsd.org 2001/01/05 08:23:29 - [ssh-keyscan.1] - missing .El - - markus@cvs.openbsd.org 2001/01/04 22:41:03 - [session.c sshconnect.c] - consistent use of _PATH_BSHELL; from stevesk@pobox.com - - djm@cvs.openbsd.org 2001/01/04 22:35:32 - [ssh.1 sshd.8] - Mention AES as available SSH2 Cipher; ok markus - - markus@cvs.openbsd.org 2001/01/04 22:25:58 - [sshd.c] - sync usage()/man with defaults; from stevesk@pobox.com - - markus@cvs.openbsd.org 2001/01/04 22:21:26 - [sshconnect2.c] - handle SSH2_MSG_USERAUTH_BANNER; fixes bug when connecting to a server - that prints a banner (e.g. /etc/issue.net) - -20010105 - - (bal) contrib/caldera/ provided by Tim Rice - - (bal) bsd-getcwd.c and bsd-setenv.c changed from bcopy() to memmove() - -20010104 - - (djm) Fix memory leak on systems with BROKEN_GETADDRINFO. Based on - work by Chris Vaughan - -20010103 - - (bal) fixed up sshconnect.c so it was closer inline with the OpenBSD - tree (mainly positioning) - - (bal) OpenSSH CVS Update - - markus@cvs.openbsd.org 2001/01/02 20:41:02 - [packet.c] - log remote ip on disconnect; PR 1600 from jcs@rt.fm - - markus@cvs.openbsd.org 2001/01/02 20:50:56 - [sshconnect.c] - strict_host_key_checking for host_status != HOST_CHANGED && - ip_status == HOST_CHANGED - - (bal) authfile.c: Synced CVS ID tag - - (bal) UnixWare 2.0 fixes by Tim Rice - - (bal) Disable sftp-server if no 64bit int support exists. Based on - patch by Tim Rice - - (bal) Makefile.in changes to uninstall: target to remove sftp-server - and sftp-server.8 manpage. - -20010102 - - (bal) OpenBSD CVS Update - - markus@cvs.openbsd.org 2001/01/01 14:52:49 - [scp.c] - use shared fatal(); from stevesk@pobox.com - -20001231 - - (bal) Reverted out of MAXHOSTNAMELEN. This should be set per OS. - for multiple reasons. - - (bal) Reverted out of a partial NeXT patch. - -20001230 - - (bal) OpenBSD CVS Update - - markus@cvs.openbsd.org 2000/12/28 18:58:30 - [ssh-keygen.c] - enable 'ssh-keygen -l -f ~/.ssh/{authorized_keys,known_hosts}{,2} - - markus@cvs.openbsd.org 2000/12/29 22:19:13 - [channels.c] - missing xfree; from vaughan99@yahoo.com - - (bal) Resynced CVS ID with OpenBSD for channel.c and uidswap.c - - (bal) if no MAXHOSTNAMELEN is defined. Default to 64 character defination. - Suggested by Christian Kurz - - (bal) Add in '.c.o' section to Makefile.in to address make programs that - don't honor CPPFLAGS by default. Suggested by Lutz Jaenicke - - -20001229 - - (bal) Fixed spelling of 'authorized_keys' in ssh-copy-id.1 by Christian - Kurz - - (bal) OpenBSD CVS Update - - markus@cvs.openbsd.org 2000/12/28 14:25:51 - [auth.h auth2.c] - count authentication failures only - - markus@cvs.openbsd.org 2000/12/28 14:25:03 - [sshconnect.c] - fingerprint for MITM attacks, too. - - markus@cvs.openbsd.org 2000/12/28 12:03:57 - [sshd.8 sshd.c] - document -D - - markus@cvs.openbsd.org 2000/12/27 14:19:21 - [serverloop.c] - less chatty - - markus@cvs.openbsd.org 2000/12/27 12:34 - [auth1.c sshconnect2.c sshd.c] - typo - - markus@cvs.openbsd.org 2000/12/27 12:30:19 - [readconf.c readconf.h ssh.1 sshconnect.c] - new option: HostKeyAlias: allow the user to record the host key - under a different name. This is useful for ssh tunneling over - forwarded connections or if you run multiple sshd's on different - ports on the same machine. - - markus@cvs.openbsd.org 2000/12/27 11:51:53 - [ssh.1 ssh.c] - multiple -t force pty allocation, document ORIGINAL_COMMAND - - markus@cvs.openbsd.org 2000/12/27 11:41:31 - [sshd.8] - update for ssh-2 - - (stevesk) compress.[ch] sync with openbsd; missed in prototype - fix merge. - -20001228 - - (bal) Patch to add libutil.h to loginrec.c only if the platform has - libutil.h. Suggested by Pekka Savola - - (djm) Update to new x11-askpass in RPM spec - - (bal) SCO patch to not include since it's unrelated - header. Patch by Tim Rice - - Updated TODO w/ known HP/UX issue - - (bal) removed extra noticed by Kevin Steves and removed the - bad reference to 'NeXT including it else were' on the #ifdef version. - -20001227 - - (bal) Typo in configure.in: entut?ent should be endut?ent. Suggested by - Takumi Yamane - - (bal) Checks for getrlimit(), sysconf(), and setdtablesize(). Patch - by Corinna Vinschen - - (djm) Fix catman-do target for non-bash - - (bal) Typo in configure.in: entut?ent should be endut?ent. Suggested by - Takumi Yamane - - (bal) Checks for getrlimit(), sysconf(), and setdtablesize(). Patch - by Corinna Vinschen - - (djm) Fix catman-do target for non-bash - - (bal) Fixed NeXT's lack of CPPFLAGS honoring. - - (bal) ssh-keyscan.c: NeXT (and older BSDs) don't support getrlimit() w/ - 'RLIMIT_NOFILE' - - (djm) Remove *.Ylonen files. They are no longer in the OpenBSD tree, - the info in COPYING.Ylonen has been moved to the start of each - SSH1-derived file and README.Ylonen is well out of date. - -20001223 - - (bal) Fixed Makefile.in to support recompile of all ssh and sshd objects - if a change to config.h has occurred. Suggested by Gert Doering - - - (bal) OpenBSD CVS Update: - - markus@cvs.openbsd.org 2000/12/22 16:49:40 - [ssh-keygen.c] - fix ssh-keygen -x -t type > file; from Roumen.Petrov@skalasoft.com - -20001222 - - Updated RCSID for pty.c - - (bal) OpenBSD CVS Updates: - - markus@cvs.openbsd.org 2000/12/21 15:10:16 - [auth-rh-rsa.c hostfile.c hostfile.h sshconnect.c] - print keyfile:line for changed hostkeys, for deraadt@, ok deraadt@ - - markus@cvs.openbsd.org 2000/12/20 19:26:56 - [authfile.c] - allow ssh -i userkey for root - - markus@cvs.openbsd.org 2000/12/20 19:37:21 - [authfd.c authfd.h kex.c sshconnect2.c sshd.c uidswap.c uidswap.h] - fix prototypes; from stevesk@pobox.com - - markus@cvs.openbsd.org 2000/12/20 19:32:08 - [sshd.c] - init pointer to NULL; report from Jan.Ivan@cern.ch - - markus@cvs.openbsd.org 2000/12/19 23:17:54 - [auth-krb4.c auth-options.c auth-options.h auth-rhosts.c auth-rsa.c - auth1.c auth2-skey.c auth2.c authfd.c authfd.h authfile.c bufaux.c - bufaux.h buffer.c canohost.c channels.c clientloop.c compress.c - crc32.c deattack.c getput.h hmac.c hmac.h hostfile.c kex.c kex.h - key.c key.h log.c login.c match.c match.h mpaux.c mpaux.h packet.c - packet.h radix.c readconf.c rsa.c scp.c servconf.c servconf.h - serverloop.c session.c sftp-server.c ssh-agent.c ssh-dss.c ssh-dss.h - ssh-keygen.c ssh-keyscan.c ssh-rsa.c ssh-rsa.h ssh.c ssh.h uuencode.c - uuencode.h sshconnect1.c sshconnect2.c sshd.c tildexpand.c] - replace 'unsigned bla' with 'u_bla' everywhere. also replace 'char - unsigned' with u_char. - -20001221 - - (stevesk) OpenBSD CVS updates: - - markus@cvs.openbsd.org 2000/12/19 15:43:45 - [authfile.c channels.c sftp-server.c ssh-agent.c] - remove() -> unlink() for consistency - - markus@cvs.openbsd.org 2000/12/19 15:48:09 - [ssh-keyscan.c] - replace with - - markus@cvs.openbsd.org 2000/12/17 02:33:40 - [uidswap.c] - typo; from wsanchez@apple.com - -20001220 - - (djm) Workaround PAM inconsistencies between Solaris derived PAM code - and Linux-PAM. Based on report and fix from Andrew Morgan - - -20001218 - - (stevesk) rsa.c: entropy.h not needed. - - (bal) split CFLAGS into CFLAGS and CPPFLAGS in configure.in and Makefile. - Suggested by Wilfredo Sanchez - -20001216 - - (stevesk) OpenBSD CVS updates: - - markus@cvs.openbsd.org 2000/12/16 02:53:57 - [scp.c] - allow + in usernames; request from Florian.Weimer@RUS.Uni-Stuttgart.DE - - markus@cvs.openbsd.org 2000/12/16 02:39:57 - [scp.c] - unused; from stevesk@pobox.com - -20001215 - - (stevesk) Old OpenBSD patch wasn't completely applied: - - markus@cvs.openbsd.org 2000/01/24 22:11:20 - [scp.c] - allow '.' in usernames; from jedgar@fxp.org - - (stevesk) OpenBSD CVS updates: - - markus@cvs.openbsd.org 2000/12/13 16:26:53 - [ssh-keyscan.c] - fatal already adds \n; from stevesk@pobox.com - - markus@cvs.openbsd.org 2000/12/13 16:25:44 - [ssh-agent.c] - remove redundant spaces; from stevesk@pobox.com - - ho@cvs.openbsd.org 2000/12/12 15:50:21 - [pty.c] - When failing to set tty owner and mode on a read-only filesystem, don't - abort if the tty already has correct owner and reasonably sane modes. - Example; permit 'root' to login to a firewall with read-only root fs. - (markus@ ok) - - deraadt@cvs.openbsd.org 2000/12/13 06:36:05 - [pty.c] - KNF - - markus@cvs.openbsd.org 2000/12/12 14:45:21 - [sshd.c] - source port < 1024 is no longer required for rhosts-rsa since it - adds no additional security. - - markus@cvs.openbsd.org 2000/12/12 16:11:49 - [ssh.1 ssh.c] - rhosts-rsa is no longer automagically disabled if ssh is not privileged. - UsePrivilegedPort=no disables rhosts-rsa _only_ for old servers. - these changes should not change the visible default behaviour of the ssh client. - - deraadt@cvs.openbsd.org 2000/12/11 10:27:33 - [scp.c] - when copying 0-sized files, do not re-print ETA time at completion - - provos@cvs.openbsd.org 2000/12/15 10:30:15 - [kex.c kex.h sshconnect2.c sshd.c] - compute diffie-hellman in parallel between server and client. okay markus@ - -20001213 - - (djm) Make sure we reset the SIGPIPE disposition after we fork. Report - from Andreas M. Kirchwitz - - (stevesk) OpenBSD CVS update: - - markus@cvs.openbsd.org 2000/12/12 15:30:02 - [ssh-keyscan.c ssh.c sshd.c] - consistently use __progname; from stevesk@pobox.com - -20001211 - - (bal) Applied patch to include ssh-keyscan into Redhat's package, and - patch to install ssh-keyscan manpage. Patch by Pekka Savola - - - (bal) OpenbSD CVS update - - markus@cvs.openbsd.org 2000/12/10 17:01:53 - [sshconnect1.c] - always request new challenge for skey/tis-auth, fixes interop with - other implementations; report from roth@feep.net - -20001210 - - (bal) OpenBSD CVS updates - - markus@cvs.openbsd.org 2000/12/09 13:41:51 - [cipher.c cipher.h rijndael.c rijndael.h rijndael_boxes.h] - undo rijndael changes - - markus@cvs.openbsd.org 2000/12/09 13:48:31 - [rijndael.c] - fix byte order bug w/o introducing new implementation - - markus@cvs.openbsd.org 2000/12/09 14:08:27 - [sftp-server.c] - "" -> "." for realpath; from vinschen@redhat.com - - markus@cvs.openbsd.org 2000/12/09 14:06:54 - [ssh-agent.c] - extern int optind; from stevesk@sweden.hp.com - - provos@cvs.openbsd.org 2000/12/09 23:51:11 - [compat.c] - remove unnecessary '\n' - -20001209 - - (bal) OpenBSD CVS updates: - - djm@cvs.openbsd.org 2000/12/07 4:24:59 - [ssh.1] - Typo fix from Wilfredo Sanchez ; ok theo - -20001207 - - (bal) OpenBSD CVS updates: - - markus@cvs.openbsd.org 2000/12/06 22:58:14 - [compat.c compat.h packet.c] - disable debug messages for ssh.com/f-secure 2.0.1x, 2.1.0 - - markus@cvs.openbsd.org 2000/12/06 23:10:39 - [rijndael.c] - unexpand(1) - - markus@cvs.openbsd.org 2000/12/06 23:05:43 - [cipher.c cipher.h rijndael.c rijndael.h rijndael_boxes.h] - new rijndael implementation. fixes endian bugs - -20001206 - - (bal) OpenBSD CVS updates: - - markus@cvs.openbsd.org 2000/12/05 20:34:09 - [channels.c channels.h clientloop.c serverloop.c] - async connects for -R/-L; ok deraadt@ - - todd@cvs.openssh.org 2000/12/05 16:47:28 - [sshd.c] - tweak comment to reflect real location of pid file; ok provos@ - - (stevesk) Import from OpenBSD for systems that don't - have it (used in ssh-keyscan). - - (stevesk) OpenBSD CVS update: - - markus@cvs.openbsd.org 2000/12/06 19:57:48 - [ssh-keyscan.c] - err(3) -> internal error(), from stevesk@sweden.hp.com - -20001205 - - (bal) OpenBSD CVS updates: - - markus@cvs.openbsd.org 2000/12/04 19:24:02 - [ssh-keyscan.c ssh-keyscan.1] - David Maziere's ssh-keyscan, ok niels@ - - (bal) Updated Makefile.in to include ssh-keyscan that was just added - to the recent OpenBSD source tree. - - (stevesk) fix typos in contrib/hpux/README - -20001204 - - (bal) More C functions defined in NeXT that are unaccessable without - defining -POSIX. - - (bal) OpenBSD CVS updates: - - markus@cvs.openbsd.org 2000/12/03 11:29:04 - [compat.c] - remove fallback to SSH_BUG_HMAC now that the drafts are updated - - markus@cvs.openbsd.org 2000/12/03 11:27:55 - [compat.c] - correctly match "2.1.0.pl2 SSH" etc; from - pekkas@netcore.fi/bugzilla.redhat - - markus@cvs.openbsd.org 2000/12/03 11:15:03 - [auth2.c compat.c compat.h sshconnect2.c] - support f-secure/ssh.com 2.0.12; ok niels@ - -20001203 - - (bal) OpenBSD CVS updates: - - markus@cvs.openbsd.org 2000/11/30 22:54:31 - [channels.c] - debug->warn if tried to do -R style fwd w/o client requesting this; - ok neils@ - - markus@cvs.openbsd.org 2000/11/29 20:39:17 - [cipher.c] - des_cbc_encrypt -> des_ncbc_encrypt since it already updates the IV - - markus@cvs.openbsd.org 2000/11/30 18:33:05 - [ssh-agent.c] - agents must not dump core, ok niels@ - - markus@cvs.openbsd.org 2000/11/30 07:04:02 - [ssh.1] - T is for both protocols - - markus@cvs.openbsd.org 2000/12/01 00:00:51 - [ssh.1] - typo; from green@FreeBSD.org - - markus@cvs.openbsd.org 2000/11/30 07:02:35 - [ssh.c] - check -T before isatty() - - provos@cvs.openbsd.org 2000/11/29 13:51:27 - [sshconnect.c] - show IP address and hostname when new key is encountered. okay markus@ - - markus@cvs.openbsd.org 2000/11/30 22:53:35 - [sshconnect.c] - disable agent/x11/port fwding if hostkey has changed; ok niels@ - - marksu@cvs.openbsd.org 2000/11/29 21:11:59 - [sshd.c] - sshd -D, startup w/o deamon(), for monitoring scripts or inittab; - from handler@sub-rosa.com and eric@urbanrange.com; ok niels@ - - (djm) Added patch from Nalin Dahyabhai to enable - PAM authentication using KbdInteractive. - - (djm) Added another TODO - -20001202 - - (bal) Backed out of part of Alain St-Denis' loginrec.c patch. - - (bal) Irix need some sort of mansubdir, patch by Michael Stone - - -20001129 - - (djm) Back out all the serverloop.c hacks. sshd will now hang again - if there are background children with open fds. - - (djm) bsd-rresvport.c bzero -> memset - - (djm) Don't fail in defines.h on absence of 64 bit types (we will - still fail during compilation of sftp-server). - - (djm) Fail if ar is not found during configure - - (djm) OpenBSD CVS updates: - - provos@cvs.openbsd.org 2000/11/22 08:38:31 - [sshd.8] - talk about /etc/primes, okay markus@ - - markus@cvs.openbsd.org 2000/11/23 14:03:48 - [ssh.c sshconnect1.c sshconnect2.c] - complain about invalid ciphers for ssh1/ssh2, fall back to reasonable - defaults - - markus@cvs.openbsd.org 2000/11/25 09:42:53 - [sshconnect1.c] - reorder check for illegal ciphers, bugreport from espie@ - - markus@cvs.openbsd.org 2000/11/25 10:19:34 - [ssh-keygen.c ssh.h] - print keytype when generating a key. - reasonable defaults for RSA1/RSA/DSA keys. - - (djm) Patch from Pekka Savola to include a few - more manpage paths in fixpaths calls - - (djm) Also add xauth path at Pekka's suggestion. - - (djm) Add Redhat RPM patch for AUTHPRIV SyslogFacility - -20001125 - - (djm) Give up privs when reading seed file - -20001123 - - (bal) Merge OpenBSD changes: - - markus@cvs.openbsd.org 2000/11/15 22:31:36 - [auth-options.c] - case insensitive key options; from stevesk@sweeden.hp.com - - markus@cvs.openbsd.org 2000/11/16 17:55:43 - [dh.c] - do not use perror() in sshd, after child is forked() - - markus@cvs.openbsd.org 2000/11/14 23:42:40 - [auth-rsa.c] - parse option only if key matches; fix some confusing seen by the client - - markus@cvs.openbsd.org 2000/11/14 23:44:19 - [session.c] - check no_agent_forward_flag for ssh-2, too - - markus@cvs.openbsd.org 2000/11/15 - [ssh-agent.1] - reorder SYNOPSIS; typo, use .It - - markus@cvs.openbsd.org 2000/11/14 23:48:55 - [ssh-agent.c] - do not reorder keys if a key is removed - - markus@cvs.openbsd.org 2000/11/15 19:58:08 - [ssh.c] - just ignore non existing user keys - - millert@cvs.openbsd.org 200/11/15 20:24:43 - [ssh-keygen.c] - Add missing \n at end of error message. - -20001122 - - (bal) Minor patch to ensure platforms lacking IRIX job limit supports - are compilable. - - (bal) Updated TODO as of 11/18/2000 with known things to resolve. - -20001117 - - (bal) Changed from 'primes' to 'primes.out' for consistancy sake. It - has no affect the output. Patch by Corinna Vinschen - - (stevesk) Reworked progname support. - - (bal) Misplaced #include "includes.h" in bsd-setproctitle.c. Patch by - Shinichi Maruyama - -20001116 - - (bal) Added in MAXSYMLINK test in bsd-realpath.c. Required for some SCO - releases. - - (bal) Make builds work outside of source tree. Patch by Mark D. Roth - - -20001113 - - (djm) Add pointer to http://www.imasy.or.jp/~gotoh/connect.c to - contrib/README - - (djm) Merge OpenBSD changes: - - markus@cvs.openbsd.org 2000/11/06 16:04:56 - [channels.c channels.h clientloop.c nchan.c serverloop.c] - [session.c ssh.c] - agent forwarding and -R for ssh2, based on work from - jhuuskon@messi.uku.fi - - markus@cvs.openbsd.org 2000/11/06 16:13:27 - [ssh.c sshconnect.c sshd.c] - do not disabled rhosts(rsa) if server port > 1024; from - pekkas@netcore.fi - - markus@cvs.openbsd.org 2000/11/06 16:16:35 - [sshconnect.c] - downgrade client to 1.3 if server is 1.4; help from mdb@juniper.net - - markus@cvs.openbsd.org 2000/11/09 18:04:40 - [auth1.c] - typo; from mouring@pconline.com - - markus@cvs.openbsd.org 2000/11/12 12:03:28 - [ssh-agent.c] - off-by-one when removing a key from the agent - - markus@cvs.openbsd.org 2000/11/12 12:50:39 - [auth-rh-rsa.c auth2.c authfd.c authfd.h] - [authfile.c hostfile.c kex.c kex.h key.c key.h myproposal.h] - [readconf.c readconf.h rsa.c rsa.h servconf.c servconf.h ssh-add.c] - [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config] - [sshconnect1.c sshconnect2.c sshd.8 sshd.c sshd_config ssh-dss.c] - [ssh-dss.h ssh-rsa.c ssh-rsa.h dsa.c dsa.h] - add support for RSA to SSH2. please test. - there are now 3 types of keys: RSA1 is used by ssh-1 only, - RSA and DSA are used by SSH2. - you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA - keys for SSH2 and use the RSA keys for hostkeys or for user keys. - SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before. - - (djm) Fix up Makefile and Redhat init script to create RSA host keys - - (djm) Change to interim version - - (djm) Fix RPM spec file stupidity - - (djm) fixpaths to DSA and RSA keys too - -20001112 - - (bal) SCO Patch to add needed libraries for configure.in. Patch by - Phillips Porch - - (bal) IRIX patch to adding Job Limits. Patch by Denis Parker - - - (stevesk) pty.c: HP-UX 10 and 11 don't define TIOCSCTTY. Add error() to - failed ioctl(TIOCSCTTY) call. - -20001111 - - (djm) Added /etc/primes for kex DH group neg, fixup Makefile.in and - packaging files - - (djm) Fix new Makefile.in warnings - - (djm) Fix vsprintf("%h") in bsd-snprintf.c, short int va_args are - promoted to type int. Report and fix from Dan Astoorian - - - (djm) Hardwire sysconfdir in RPM spec files as some RPM versions get - it wrong. Report from Bennett Todd - -20001110 - - (bal) Fixed dropped answer from skey_keyinfo() in auth1.c - - (bal) Changed from --with-skey to --with-skey=PATH in configure.in - - (bal) Added in check to verify S/Key library is being detected in - configure.in - - (bal) next-posix.h - added another prototype wrapped in POSIX ifdef/endif. - Patch by Mark Miller - - (bal) Added 'util.h' header to loginrec.c only if HAVE_UTIL_H is defined - to remove warnings under MacOS X. Patch by Mark Miller - - (bal) Fixed LDFLAG mispelling in configure.in for --with-afs - -20001107 - - (bal) acconfig.in - removed the double "USE_PIPES" entry. Patch by - Mark Miller - - (bal) sshd.init files corrected to assign $? to RETVAL. Patch by - Jarno Huuskonen - - (bal) fixpaths fixed to stop it from quitely failing. Patch by - Mark D. Roth - -20001106 - - (djm) Use Jim's new 1.0.3 askpass in Redhat RPMs - - (djm) Manually fix up missed diff hunks (mainly RCS idents) - - (djm) Remove UPGRADING document in favour of a link to the better - maintained FAQ on www.openssh.com - - (djm) Fix multiple dependancy on gnome-libs from Pekka Savola - - - (djm) Don't need X11-askpass in RPM spec file if building without it - from Pekka Savola - - (djm) Release 2.3.0p1 - - (bal) typo in configure.in in regards to --with-ldflags from Marko - Asplund - - (bal) fixed next-posix.h. Forgot prototype of getppid(). - -20001105 - - (bal) Sync with OpenBSD: - - markus@cvs.openbsd.org 2000/10/31 9:31:58 - [compat.c] - handle all old openssh versions - - markus@cvs.openbsd.org 2000/10/31 13:1853 - [deattack.c] - so that large packets do not wrap "n"; from netbsd - - (bal) rijndel.c - fix up RCSID to match OpenBSD tree - - (bal) auth2-skey.c - Checked in. Missing from portable tree. - - (bal) Reworked NEWS-OS and NeXT ports to extract waitpid() and - setsid() into more common files - - (stevesk) pty.c: use __hpux to identify HP-UX. - - (bal) Missed auth-skey.o in Makefile.in and minor correction to - bsd-waitpid.c - -20001029 - - (stevesk) Fix typo in auth.c: USE_PAM not PAM - - (stevesk) Create contrib/cygwin/ directory; patch from - Corinna Vinschen - - (bal) Resolved more $xno and $xyes issues in configure.in - - (bal) next-posix.h - spelling and forgot a prototype - -20001028 - - (djm) fix select hack in serverloop.c from Philippe WILLEM - - - (djm) Fix mangled AIXAUTHENTICATE code - - (djm) authctxt->pw may be NULL. Fix from Markus Friedl - - - (djm) Sync with OpenBSD: - - markus@cvs.openbsd.org 2000/10/16 15:46:32 - [ssh.1] - fixes from pekkas@netcore.fi - - markus@cvs.openbsd.org 2000/10/17 14:28:11 - [atomicio.c] - return number of characters processed; ok deraadt@ - - markus@cvs.openbsd.org 2000/10/18 12:04:02 - [atomicio.c] - undo - - markus@cvs.openbsd.org 2000/10/18 12:23:02 - [scp.c] - replace atomicio(read,...) with read(); ok deraadt@ - - markus@cvs.openbsd.org 2000/10/18 12:42:00 - [session.c] - restore old record login behaviour - - deraadt@cvs.openbsd.org 2000/10/19 10:41:13 - [auth-skey.c] - fmt string problem in unused code - - provos@cvs.openbsd.org 2000/10/19 10:45:16 - [sshconnect2.c] - don't reference freed memory. okay deraadt@ - - markus@cvs.openbsd.org 2000/10/21 11:04:23 - [canohost.c] - typo, eramore@era-t.ericsson.se; ok niels@ - - markus@cvs.openbsd.org 2000/10/23 13:31:55 - [cipher.c] - non-alignment dependent swap_bytes(); from - simonb@wasabisystems.com/netbsd - - markus@cvs.openbsd.org 2000/10/26 12:38:28 - [compat.c] - add older vandyke products - - markus@cvs.openbsd.org 2000/10/27 01:32:19 - [channels.c channels.h clientloop.c serverloop.c session.c] - [ssh.c util.c] - enable non-blocking IO on channels, and tty's (except for the - client ttys). - -20001027 - - (djm) Increase REKEY_BYTES to 2^24 for arc4random - -20001025 - - (djm) Added WARNING.RNG file and modified configure to ask users of the - builtin entropy code to read it. - - (djm) Prefer builtin regex to PCRE. - - (bal) Added USE_PIPS defined to NeXT configure.in since scp hangs randomly. - - (bal) Apply fixes to configure.in pointed out by Pavel Roskin - - -20001020 - - (djm) Don't define _REENTRANT for SNI/Reliant Unix - - (bal) Imported NEWS-OS waitpid() macros into NeXT. Since implementation - is more correct then current version. - -20001018 - - (stevesk) Add initial support for setproctitle(). Current - support is for the HP-UX pstat(PSTAT_SETCMD, ...) method. - - (stevesk) Add egd startup scripts to contrib/hpux/ - -20001017 - - (djm) Add -lregex to cywin libs from Corinna Vinschen - - - (djm) Don't rely on atomicio's retval to determine length of askpass - supplied passphrase. Problem report from Lutz Jaenicke - - - (bal) Changed from GNU rx to PCRE on suggestion from djm. - - (bal) Integrated Sony NEWS-OS patches from NAKAJI Hirouyuki - - -20001016 - - (djm) Sync with OpenBSD: - - markus@cvs.openbsd.org 2000/10/14 04:01:15 - [cipher.c] - debug3 - - markus@cvs.openbsd.org 2000/10/14 04:07:23 - [scp.c] - remove spaces from arguments; from djm@mindrot.org - - markus@cvs.openbsd.org 2000/10/14 06:09:46 - [ssh.1] - Cipher is for SSH-1 only - - markus@cvs.openbsd.org 2000/10/14 06:12:09 - [servconf.c servconf.h serverloop.c session.c sshd.8] - AllowTcpForwarding; from naddy@ - - markus@cvs.openbsd.org 2000/10/14 06:16:56 - [auth2.c compat.c compat.h sshconnect2.c version.h] - OpenSSH_2.3; note that is is not complete, but the version number - needs to be changed for interoperability reasons - - markus@cvs.openbsd.org 2000/10/14 06:19:45 - [auth-rsa.c] - do not send RSA challenge if key is not allowed by key-options; from - eivind@ThinkSec.com - - markus@cvs.openbsd.org 2000/10/15 08:14:01 - [rijndael.c session.c] - typos; from stevesk@sweden.hp.com - - markus@cvs.openbsd.org 2000/10/15 08:18:31 - [rijndael.c] - typo - - (djm) Copy manpages back over from OpenBSD - too tedious to wade - through diffs - - (djm) Added condrestart to Redhat init script. Patch from Pekka Savola - - - (djm) Update version in Redhat spec file - - (djm) Merge some of Nalin Dahyabhai changes from the - Redhat 7.0 spec file - - (djm) Make inability to read/write PRNG seedfile non-fatal - - -20001015 - - (djm) Fix ssh2 hang on background processes at logout. - -20001014 - - (bal) Add support for realpath and getcwd for platforms with broken - or missing realpath implementations for sftp-server. - - (bal) Corrected mistake in INSTALL in regards to GNU rx library - - (bal) Add support for GNU rx library for those lacking regexp support - - (djm) Don't accept PAM_PROMPT_ECHO_ON messages during initial auth - - (djm) Revert SSH2 serverloop hack, will find a better way. - - (djm) Add workaround for Linux 2.4's gratuitious errno change. Patch - from Martin Johansson - - (djm) Big OpenBSD sync: - - markus@cvs.openbsd.org 2000/09/30 10:27:44 - [log.c] - allow loglevel debug - - markus@cvs.openbsd.org 2000/10/03 11:59:57 - [packet.c] - hmac->mac - - markus@cvs.openbsd.org 2000/10/03 12:03:03 - [auth-krb4.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth1.c] - move fake-auth from auth1.c to individual auth methods, disables s/key in - debug-msg - - markus@cvs.openbsd.org 2000/10/03 12:16:48 - ssh.c - do not resolve canonname, i have no idea why this was added oin ossh - - markus@cvs.openbsd.org 2000/10/09 15:30:44 - ssh-keygen.1 ssh-keygen.c - -X now reads private ssh.com DSA keys, too. - - markus@cvs.openbsd.org 2000/10/09 15:32:34 - auth-options.c - clear options on every call. - - markus@cvs.openbsd.org 2000/10/09 15:51:00 - authfd.c authfd.h - interop with ssh-agent2, from - - markus@cvs.openbsd.org 2000/10/10 14:20:45 - compat.c - use rexexp for version string matching - - provos@cvs.openbsd.org 2000/10/10 22:02:18 - [kex.c kex.h myproposal.h ssh.h ssh2.h sshconnect2.c sshd.c dh.c dh.h] - First rough implementation of the diffie-hellman group exchange. The - client can ask the server for bigger groups to perform the diffie-hellman - in, thus increasing the attack complexity when using ciphers with longer - keys. University of Windsor provided network, T the company. - - markus@cvs.openbsd.org 2000/10/11 13:59:52 - [auth-rsa.c auth2.c] - clear auth options unless auth sucessfull - - markus@cvs.openbsd.org 2000/10/11 14:00:27 - [auth-options.h] - clear auth options unless auth sucessfull - - markus@cvs.openbsd.org 2000/10/11 14:03:27 - [scp.1 scp.c] - support 'scp -o' with help from mouring@pconline.com - - markus@cvs.openbsd.org 2000/10/11 14:11:35 - [dh.c] - Wall - - markus@cvs.openbsd.org 2000/10/11 14:14:40 - [auth.h auth2.c readconf.c readconf.h readpass.c servconf.c servconf.h] - [ssh.h sshconnect2.c sshd_config auth2-skey.c cli.c cli.h] - add support for s/key (kbd-interactive) to ssh2, based on work by - mkiernan@avantgo.com and me - - markus@cvs.openbsd.org 2000/10/11 14:27:24 - [auth.c auth1.c auth2.c authfile.c cipher.c cipher.h kex.c kex.h] - [myproposal.h packet.c readconf.c session.c ssh.c ssh.h sshconnect1.c] - [sshconnect2.c sshd.c] - new cipher framework - - markus@cvs.openbsd.org 2000/10/11 14:45:21 - [cipher.c] - remove DES - - markus@cvs.openbsd.org 2000/10/12 03:59:20 - [cipher.c cipher.h sshconnect1.c sshconnect2.c sshd.c] - enable DES in SSH-1 clients only - - markus@cvs.openbsd.org 2000/10/12 08:21:13 - [kex.h packet.c] - remove unused - - markus@cvs.openbsd.org 2000/10/13 12:34:46 - [sshd.c] - Kludge for F-Secure Macintosh < 1.0.2; appro@fy.chalmers.se - - markus@cvs.openbsd.org 2000/10/13 12:59:15 - [cipher.c cipher.h myproposal.h rijndael.c rijndael.h] - rijndael/aes support - - markus@cvs.openbsd.org 2000/10/13 13:10:54 - [sshd.8] - more info about -V - - markus@cvs.openbsd.org 2000/10/13 13:12:02 - [myproposal.h] - prefer no compression - - (djm) Fix scp user@host handling - - (djm) Don't clobber ssh_prng_cmds on install - - (stevesk) Include config.h in rijndael.c so we define intXX_t and - u_intXX_t types on all platforms. - - (stevesk) rijndael.c: cleanup missing declaration warnings. - - (stevesk) ~/.hushlogin shouldn't cause required password change to - be bypassed. - - (stevesk) Display correct path to ssh-askpass in configure output. - Report from Lutz Jaenicke. - -20001007 - - (stevesk) Print PAM return value in PAM log messages to aid - with debugging. - - (stevesk) Fix detection of pw_class struct member in configure; - patch from KAMAHARA Junzo - -20001002 - - (djm) Fix USER_PATH, report from Kevin Steves - - (djm) Add host system and CC to end-of-configure report. Suggested by - Lutz Jaenicke - -20000931 - - (djm) Cygwin fixes from Corinna Vinschen - -20000930 - - (djm) Irix ssh_prng_cmds path fix from Pekka Savola - - (djm) Support in bsd-snprintf.c for long long conversions from - Ben Lindstrom - - (djm) Cleanup NeXT support from Ben Lindstrom - - (djm) Ignore SIGPIPEs from serverloop to child. Fixes crashes with - very short lived X connections. Bug report from Tobias Oetiker - . Fix from Markus Friedl - - (djm) Add recent InitScripts as a RPM dependancy for openssh-server - patch from Pekka Savola - - (djm) Forgot to cvs add LICENSE file - - (djm) Add LICENSE to RPM spec files - - (djm) CVS OpenBSD sync: - - markus@cvs.openbsd.org 2000/09/26 13:59:59 - [clientloop.c] - use debug2 - - markus@cvs.openbsd.org 2000/09/27 15:41:34 - [auth2.c sshconnect2.c] - use key_type() - - markus@cvs.openbsd.org 2000/09/28 12:03:18 - [channels.c] - debug -> debug2 cleanup - - (djm) Irix strips "/dev/tty" from [uw]tmp entries (other systems only - strip "/dev/"). Fix loginrec.c based on patch from Alain St-Denis - - - (djm) Fix 9 character passphrase failure with gnome-ssh-askpass. - Problem was caused by interrupted read in ssh-add. Report from Donald - J. Barry - -20000929 - - (djm) Fix SSH2 not terminating until all background tasks done problem. - - (djm) Another off-by-one fix from Pavel Kankovsky - - - (djm) Clean up. Strip some unnecessary differences with OpenBSD's code, - tidy necessary differences. Use Markus' new debugN() in entropy.c - - (djm) Merged big SCO portability patch from Tim Rice - - -20000926 - - (djm) Update X11-askpass to 1.0.2 in RPM spec file - - (djm) Define _REENTRANT to pickup strtok_r() on HP/UX - - (djm) Security: fix off-by-one buffer overrun in fake-getnameinfo.c. - Report and fix from Pavel Kankovsky - -20000924 - - (djm) Merged cleanup patch from Mark Miller - - (djm) A bit more cleanup - created cygwin_util.h - - (djm) Include strtok_r() from OpenBSD libc. Fixes report from Mark Miller - - -20000923 - - (djm) Fix address logging in utmp from Kevin Steves - - - (djm) Redhat spec and manpage fixes from Pekka Savola - - (djm) Seperate tests for int64_t and u_int64_t types - - (djm) Tweak password expiry checking at suggestion of Kevin Steves - - - (djm) NeXT patch from Ben Lindstrom - - (djm) Use printf %lld instead of %qd in sftp-server.c. Fix from - Michael Stone - - (djm) OpenBSD CVS sync: - - markus@cvs.openbsd.org 2000/09/17 09:38:59 - [sshconnect2.c sshd.c] - fix DEBUG_KEXDH - - markus@cvs.openbsd.org 2000/09/17 09:52:51 - [sshconnect.c] - yes no; ok niels@ - - markus@cvs.openbsd.org 2000/09/21 04:55:11 - [sshd.8] - typo - - markus@cvs.openbsd.org 2000/09/21 05:03:54 - [serverloop.c] - typo - - markus@cvs.openbsd.org 2000/09/21 05:11:42 - scp.c - utime() to utimes(); mouring@pconline.com - - markus@cvs.openbsd.org 2000/09/21 05:25:08 - sshconnect2.c - change login logic in ssh2, allows plugin of other auth methods - - markus@cvs.openbsd.org 2000/09/21 05:25:35 - [auth2.c channels.c channels.h clientloop.c dispatch.c dispatch.h] - [serverloop.c] - add context to dispatch_run - - markus@cvs.openbsd.org 2000/09/21 05:07:52 - authfd.c authfd.h ssh-agent.c - bug compat for old ssh.com software - -20000920 - - (djm) Fix bad path substitution. Report from Andrew Miner - - -20000916 - - (djm) Fix SSL search order from Lutz Jaenicke - - - (djm) New SuSE spec from Corinna Vinschen - - (djm) Update CygWin support from Corinna Vinschen - - (djm) Use a real struct sockaddr inside the fake struct sockaddr_storage. - Patch from Larry Jones - - (djm) Add Steve VanDevender's PAM - password change patch. - - (djm) Bring licenses on my stuff in line with OpenBSD's - - (djm) Cleanup auth-passwd.c and unify HP/UX authentication. Patch from - Kevin Steves - - (djm) Shadow expiry check fix from Pavel Troller - - (djm) Re-enable int64_t types - we need them for sftp - - (djm) Use libexecdir from configure , rather than libexecdir/ssh - - (djm) Update Redhat SPEC file accordingly - - (djm) Add Kevin Steves HP/UX contrib files - - (djm) Add Charles Levert getpgrp patch - - (djm) Fix password auth on HP/UX 10.20. Patch from Dirk De Wachter - - - (djm) Fixprogs and entropy list fixes from Larry Jones - - - (djm) Fix for SuSE spec file from Takashi YOSHIDA - - - (djm) Merge OpenBSD changes: - - markus@cvs.openbsd.org 2000/09/05 02:59:57 - [session.c] - print hostname (not hushlogin) - - markus@cvs.openbsd.org 2000/09/05 13:18:48 - [authfile.c ssh-add.c] - enable ssh-add -d for DSA keys - - markus@cvs.openbsd.org 2000/09/05 13:20:49 - [sftp-server.c] - cleanup - - markus@cvs.openbsd.org 2000/09/06 03:46:41 - [authfile.h] - prototype - - deraadt@cvs.openbsd.org 2000/09/07 14:27:56 - [ALL] - cleanup copyright notices on all files. I have attempted to be - accurate with the details. everything is now under Tatu's licence - (which I copied from his readme), and/or the core-sdi bsd-ish thing - for deattack, or various openbsd developers under a 2-term bsd - licence. We're not changing any rules, just being accurate. - - markus@cvs.openbsd.org 2000/09/07 14:40:30 - [channels.c channels.h clientloop.c serverloop.c ssh.c] - cleanup window and packet sizes for ssh2 flow control; ok niels - - markus@cvs.openbsd.org 2000/09/07 14:53:00 - [scp.c] - typo - - markus@cvs.openbsd.org 2000/09/07 15:13:37 - [auth-options.c auth-options.h auth-rh-rsa.c auth-rsa.c auth.c] - [authfile.h canohost.c channels.h compat.c hostfile.h log.c match.h] - [pty.c readconf.c] - some more Copyright fixes - - markus@cvs.openbsd.org 2000/09/08 03:02:51 - [README.openssh2] - bye bye - - deraadt@cvs.openbsd.org 2000/09/11 18:38:33 - [LICENCE cipher.c] - a few more comments about it being ARC4 not RC4 - - markus@cvs.openbsd.org 2000/09/12 14:53:11 - [log-client.c log-server.c log.c ssh.1 ssh.c ssh.h sshd.8 sshd.c] - multiple debug levels - - markus@cvs.openbsd.org 2000/09/14 14:25:15 - [clientloop.c] - typo - - deraadt@cvs.openbsd.org 2000/09/15 01:13:51 - [ssh-agent.c] - check return value for setenv(3) for failure, and deal appropriately - -20000913 - - (djm) Fix server not exiting with jobs in background. - -20000905 - - (djm) Import OpenBSD CVS changes - - markus@cvs.openbsd.org 2000/08/31 15:52:24 - [Makefile sshd.8 sshd_config sftp-server.8 sftp-server.c] - implement a SFTP server. interops with sftp2, scp2 and the windows - client from ssh.com - - markus@cvs.openbsd.org 2000/08/31 15:56:03 - [README.openssh2] - sync - - markus@cvs.openbsd.org 2000/08/31 16:05:42 - [session.c] - Wall - - markus@cvs.openbsd.org 2000/08/31 16:09:34 - [authfd.c ssh-agent.c] - add a flag to SSH2_AGENTC_SIGN_REQUEST for future extensions - - deraadt@cvs.openbsd.org 2000/09/01 09:25:13 - [scp.1 scp.c] - cleanup and fix -S support; stevesk@sweden.hp.com - - markus@cvs.openbsd.org 2000/09/01 16:29:32 - [sftp-server.c] - portability fixes - - markus@cvs.openbsd.org 2000/09/01 16:32:41 - [sftp-server.c] - fix cast; mouring@pconline.com - - itojun@cvs.openbsd.org 2000/09/03 09:23:28 - [ssh-add.1 ssh.1] - add missing .El against .Bl. - - markus@cvs.openbsd.org 2000/09/04 13:03:41 - [session.c] - missing close; ok theo - - markus@cvs.openbsd.org 2000/09/04 13:07:21 - [session.c] - fix get_last_login_time order; from andre@van-veen.de - - markus@cvs.openbsd.org 2000/09/04 13:10:09 - [sftp-server.c] - more cast fixes; from mouring@pconline.com - - markus@cvs.openbsd.org 2000/09/04 13:06:04 - [session.c] - set SSH_ORIGINAL_COMMAND; from Leakin@dfw.nostrum.com, bet@rahul.net - - (djm) Cleanup after import. Fix sftp-server compilation, Makefile - - (djm) Merge cygwin support from Corinna Vinschen - -20000903 - - (djm) Fix Redhat init script - -20000901 - - (djm) Pick up Jim's new X11-askpass - - (djm) Release 2.2.0p1 - -20000831 - - (djm) Workaround SIGPIPE problems on SCO. Fix from Aran Cox - - - (djm) Pick up new version (2.2.0) from OpenBSD CVS - -20000830 - - (djm) Compile warning fixes from Mark Miller - - (djm) Periodically rekey arc4random - - (djm) Clean up diff against OpenBSD. - - (djm) HPUX 11 needs USE_PIPES as well: Kevin Steves - - - (djm) Quieten the pam delete credentials error message - - (djm) Fix printing of $DISPLAY hack if set by system type. Report from - Kevin Steves - - (djm) NeXT patch from Ben Lindstrom - - (djm) Fix doh in bsd-arc4random.c - -20000829 - - (djm) Fix ^C ignored issue on Solaris. Diagnosis from Gert - Doering , John Horne and - Garrick James - - (djm) Check for SCO pty naming style (ptyp%d/ttyp%d). Based on fix from - Bastian Trompetter - - (djm) NeXT tweaks from Ben Lindstrom - - More OpenBSD updates: - - deraadt@cvs.openbsd.org 2000/08/24 15:46:59 - [scp.c] - off_t in sink, to fix files > 2GB, i think, test is still running ;-) - - deraadt@cvs.openbsd.org 2000/08/25 10:10:06 - [session.c] - Wall - - markus@cvs.openbsd.org 2000/08/26 04:33:43 - [compat.c] - ssh.com-2.3.0 - - markus@cvs.openbsd.org 2000/08/27 12:18:05 - [compat.c] - compatibility with future ssh.com versions - - deraadt@cvs.openbsd.org 2000/08/27 21:50:55 - [auth-krb4.c session.c ssh-add.c sshconnect.c uidswap.c] - print uid/gid as unsigned - - markus@cvs.openbsd.org 2000/08/28 13:51:00 - [ssh.c] - enable -n and -f for ssh2 - - markus@cvs.openbsd.org 2000/08/28 14:19:53 - [ssh.c] - allow combination of -N and -f - - markus@cvs.openbsd.org 2000/08/28 14:20:56 - [util.c] - util.c - - markus@cvs.openbsd.org 2000/08/28 14:22:02 - [util.c] - undo - - markus@cvs.openbsd.org 2000/08/28 14:23:38 - [util.c] - don't complain if setting NONBLOCK fails with ENODEV - -20000823 - - (djm) Define USE_PIPES to avoid socketpair problems on HPUX 10 and SunOS 4 - Avoids "scp never exits" problem. Reports from Lutz Jaenicke - and Tamito KAJIYAMA - - - (djm) Pick up LOGIN_PROGRAM from environment or PATH if not set by headers - - (djm) Add local version to version.h - - (djm) Don't reseed arc4random everytime it is used - - (djm) OpenBSD CVS updates: - - deraadt@cvs.openbsd.org 2000/08/18 20:07:23 - [ssh.c] - accept remsh as a valid name as well; roman@buildpoint.com - - deraadt@cvs.openbsd.org 2000/08/18 20:17:13 - [deattack.c crc32.c packet.c] - rename crc32() to ssh_crc32() to avoid zlib name clash. do not move to - libz crc32 function yet, because it has ugly "long"'s in it; - oneill@cs.sfu.ca - - deraadt@cvs.openbsd.org 2000/08/18 20:26:08 - [scp.1 scp.c] - -S prog support; tv@debian.org - - deraadt@cvs.openbsd.org 2000/08/18 20:50:07 - [scp.c] - knf - - deraadt@cvs.openbsd.org 2000/08/18 20:57:33 - [log-client.c] - shorten - - markus@cvs.openbsd.org 2000/08/19 12:48:11 - [channels.c channels.h clientloop.c ssh.c ssh.h] - support for ~. in ssh2 - - deraadt@cvs.openbsd.org 2000/08/19 15:29:40 - [crc32.h] - proper prototype - - markus@cvs.openbsd.org 2000/08/19 15:34:44 - [authfd.c authfd.h key.c key.h ssh-add.1 ssh-add.c ssh-agent.1] - [ssh-agent.c ssh-keygen.c sshconnect1.c sshconnect2.c Makefile] - [fingerprint.c fingerprint.h] - add SSH2/DSA support to the agent and some other DSA related cleanups. - (note that we cannot talk to ssh.com's ssh2 agents) - - markus@cvs.openbsd.org 2000/08/19 15:55:52 - [channels.c channels.h clientloop.c] - more ~ support for ssh2 - - markus@cvs.openbsd.org 2000/08/19 16:21:19 - [clientloop.c] - oops - - millert@cvs.openbsd.org 2000/08/20 12:25:53 - [session.c] - We have to stash the result of get_remote_name_or_ip() before we - close our socket or getpeername() will get EBADF and the process - will exit. Only a problem for "UseLogin yes". - - millert@cvs.openbsd.org 2000/08/20 12:30:59 - [session.c] - Only check /etc/nologin if "UseLogin no" since login(1) may have its - own policy on determining who is allowed to login when /etc/nologin - is present. Also use the _PATH_NOLOGIN define. - - millert@cvs.openbsd.org 2000/08/20 12:42:43 - [auth1.c auth2.c session.c ssh.c] - Add calls to setusercontext() and login_get*(). We basically call - setusercontext() in most places where previously we did a setlogin(). - Add default login.conf file and put root in the "daemon" login class. - - millert@cvs.openbsd.org 2000/08/21 10:23:31 - [session.c] - Fix incorrect PATH setting; noted by Markus. - -20000818 - - (djm) OpenBSD CVS changes: - - markus@cvs.openbsd.org 2000/07/22 03:14:37 - [servconf.c servconf.h sshd.8 sshd.c sshd_config] - random early drop; ok theo, niels - - deraadt@cvs.openbsd.org 2000/07/26 11:46:51 - [ssh.1] - typo - - deraadt@cvs.openbsd.org 2000/08/01 11:46:11 - [sshd.8] - many fixes from pepper@mail.reppep.com - - provos@cvs.openbsd.org 2000/08/01 13:01:42 - [Makefile.in util.c aux.c] - rename aux.c to util.c to help with cygwin port - - deraadt@cvs.openbsd.org 2000/08/02 00:23:31 - [authfd.c] - correct sun_len; Alexander@Leidinger.net - - provos@cvs.openbsd.org 2000/08/02 10:27:17 - [readconf.c sshd.8] - disable kerberos authentication by default - - provos@cvs.openbsd.org 2000/08/02 11:27:05 - [sshd.8 readconf.c auth-krb4.c] - disallow kerberos authentication if we can't verify the TGT; from - dugsong@ - kerberos authentication is on by default only if you have a srvtab. - - markus@cvs.openbsd.org 2000/08/04 14:30:07 - [auth.c] - unused - - markus@cvs.openbsd.org 2000/08/04 14:30:35 + In sc_put_key(), sc_reader_id should be id. + - markus@cvs.openbsd.org 2002/03/21 20:51:12 [sshd_config] - MaxStartups - - markus@cvs.openbsd.org 2000/08/15 13:20:46 - [authfd.c] - cleanup; ok niels@ - - markus@cvs.openbsd.org 2000/08/17 14:05:10 - [session.c] - cleanup login(1)-like jobs, no duplicate utmp entries - - markus@cvs.openbsd.org 2000/08/17 14:06:34 - [session.c sshd.8 sshd.c] - sshd -u len, similar to telnetd - - (djm) Lastlog was not getting closed after writing login entry - - (djm) Add Solaris package support from Rip Loomis - -20000816 - - (djm) Replacement for inet_ntoa for Irix (which breaks on gcc) - - (djm) Fix strerror replacement for old SunOS. Based on patch from - Charles Levert - - (djm) Seperate arc4random into seperate file and use OpenSSL's RC4 - implementation. - - (djm) SUN_LEN macro for systems which lack it - -20000815 - - (djm) More SunOS 4.1.x fixes from Nate Itkin - - (djm) Avoid failures on Irix when ssh is not setuid. Fix from - Michael Stone - - (djm) Don't seek in directory based lastlogs - - (djm) Fix --with-ipaddr-display configure option test. Patch from - Jarno Huuskonen - - (djm) Fix AIX limits from Alexandre Oliva - -20000813 - - (djm) Add $(srcdir) to includes when compiling (for VPATH). Report from - Fabrice bacchella - -20000809 - - (djm) Define AIX hard limits if headers don't. Report from - Bill Painter - - (djm) utmp direct write & SunOS 4 patch from Charles Levert - - -20000808 - - (djm) Cleanup Redhat RPMs. Generate keys at runtime rather than install - time, spec file cleanup. - -20000807 - - (djm) Set 0755 on binaries during install. Report from Lutz Jaenicke - - (djm) Suppress error messages on channel close shutdown() failurs - works around Linux bug. Patch from Zack Weinberg - - (djm) Add some more entropy collection commands from Lutz Jaenicke - -20000725 - - (djm) Fix autoconf typo: HAVE_BINRESVPORT_AF -> HAVE_BINDRESVPORT_AF - -20000721 - - (djm) OpenBSD CVS updates: - - markus@cvs.openbsd.org 2000/07/16 02:27:22 - [authfd.c authfd.h channels.c clientloop.c ssh-add.c ssh-agent.c ssh.c] - [sshconnect1.c sshconnect2.c] - make ssh-add accept dsa keys (the agent does not) - - djm@cvs.openbsd.org 2000/07/17 19:25:02 - [sshd.c] - Another closing of stdin; ok deraadt - - markus@cvs.openbsd.org 2000/07/19 18:33:12 - [dsa.c] - missing free, reorder - - markus@cvs.openbsd.org 2000/07/20 16:23:14 - [ssh-keygen.1] - document input and output files - -20000720 - - (djm) Spec file fix from Petr Novotny - -20000716 - - (djm) Release 2.1.1p4 - -20000715 - - (djm) OpenBSD CVS updates - - provos@cvs.openbsd.org 2000/07/13 16:53:22 - [aux.c readconf.c servconf.c ssh.h] - allow multiple whitespace but only one '=' between tokens, bug report from - Ralf S. Engelschall but different fix. okay deraadt@ - - provos@cvs.openbsd.org 2000/07/13 17:14:09 - [clientloop.c] - typo; todd@fries.net - - provos@cvs.openbsd.org 2000/07/13 17:19:31 - [scp.c] - close can fail on AFS, report error; from Greg Hudson - - markus@cvs.openbsd.org 2000/07/14 16:59:46 - [readconf.c servconf.c] - allow leading whitespace. ok niels - - djm@cvs.openbsd.org 2000/07/14 22:01:38 - [ssh-keygen.c ssh.c] - Always create ~/.ssh with mode 700; ok Markus - - Fixes for SunOS 4.1.4 from Gordon Atwood - - Include floatingpoint.h for entropy.c - - strerror replacement - -20000712 - - (djm) Remove -lresolve for Reliant Unix - - (djm) OpenBSD CVS Updates: - - deraadt@cvs.openbsd.org 2000/07/11 02:11:34 - [session.c sshd.c ] - make MaxStartups code still work with -d; djm - - deraadt@cvs.openbsd.org 2000/07/11 13:17:45 - [readconf.c ssh_config] - disable FallBackToRsh by default - - (djm) Replace in_addr_t with u_int32_t in bsd-inet_aton.c. Report from - Ben Lindstrom - - (djm) Make building of X11-Askpass and GNOME-Askpass optional in RPM - spec file. - - (djm) Released 2.1.1p3 - -20000711 - - (djm) Fixup for AIX getuserattr() support from Tom Bertelson - - - (djm) ReliantUNIX support from Udo Schweigert - - (djm) NeXT: dirent structures to get scp working from Ben Lindstrom - - - (djm) Fix broken inet_ntoa check and ut_user/ut_name confusion, report - from Jim Watt - - (djm) Replaced bsd-snprintf.c with one from Mutt source tree, it is known - to compile on more platforms (incl NeXT). - - (djm) Added bsd-inet_aton and configure support for NeXT - - (djm) Misc NeXT fixes from Ben Lindstrom - - (djm) OpenBSD CVS updates: - - markus@cvs.openbsd.org 2000/06/26 03:22:29 - [authfd.c] - cleanup, less cut&paste - - markus@cvs.openbsd.org 2000/06/26 15:59:19 - [servconf.c servconf.h session.c sshd.8 sshd.c] - MaxStartups: limit number of unauthenticated connections, work by - theo and me - - deraadt@cvs.openbsd.org 2000/07/05 14:18:07 - [session.c] - use no_x11_forwarding_flag correctly; provos ok - - provos@cvs.openbsd.org 2000/07/05 15:35:57 - [sshd.c] - typo - - aaron@cvs.openbsd.org 2000/07/05 22:06:58 - [scp.1 ssh-agent.1 ssh-keygen.1 sshd.8] - Insert more missing .El directives. Our troff really should identify - these and spit out a warning. - - todd@cvs.openbsd.org 2000/07/06 21:55:04 - [auth-rsa.c auth2.c ssh-keygen.c] - clean code is good code - - deraadt@cvs.openbsd.org 2000/07/07 02:14:29 - [serverloop.c] - sense of port forwarding flag test was backwards - - provos@cvs.openbsd.org 2000/07/08 17:17:31 - [compat.c readconf.c] - replace strtok with strsep; from David Young - - deraadt@cvs.openbsd.org 2000/07/08 19:21:15 - [auth.h] - KNF - - ho@cvs.openbsd.org 2000/07/08 19:27:33 - [compat.c readconf.c] - Better conditions for strsep() ending. - - ho@cvs.openbsd.org 2000/07/10 10:27:05 - [readconf.c] - Get the correct message on errors. (niels@ ok) - - ho@cvs.openbsd.org 2000/07/10 10:30:25 - [cipher.c kex.c servconf.c] - strtok() --> strsep(). (niels@ ok) - - (djm) Fix problem with debug mode and MaxStartups - - (djm) Don't generate host keys when $(DESTDIR) is set (e.g. during RPM - builds) - - (djm) Add strsep function from OpenBSD libc for systems that lack it - -20000709 - - (djm) Only enable PAM_TTY kludge for Linux. Problem report from - Kevin Steves - - (djm) Match prototype and function declaration for rresvport_af. - Problem report from Niklas Edmundsson - - (djm) Missing $(DESTDIR) on host-key target causing problems with RPM - builds. Problem report from Gregory Leblanc - - (djm) Replace ut_name with ut_user. Patch from Jim Watt - - - (djm) Fix pam sprintf fix - - (djm) Cleanup entropy collection code a little more. Split initialisation - from seeding, perform intialisation immediatly at start, be careful with - uids. Based on problem report from Jim Watt - - (djm) More NeXT compatibility from Ben Lindstrom - Including sigaction() et al. replacements - - (djm) AIX getuserattr() session initialisation from Tom Bertelson - - -20000708 - - (djm) Fix bad fprintf format handling in auth-pam.c. Patch from - Aaron Hopkins - - (djm) Fix incorrect configure handling of --with-rsh-path option. Fix from - Lutz Jaenicke - - (djm) Fixed undefined variables for OSF SIA. Report from - Baars, Henk - - (djm) Handle EWOULDBLOCK returns from read() and write() in atomicio.c - Fix from Marquess, Steve Mr JMLFDC - - (djm) Don't use inet_addr. - -20000702 - - (djm) Fix brace mismatch from Corinna Vinschen - - (djm) Stop shadow expiry checking from preventing logins with NIS. Based - on fix from HARUYAMA Seigo - - (djm) Use standard OpenSSL functions in auth-skey.c. Patch from - Chris, the Young One - - (djm) Fix scp progress meter on really wide terminals. Based on patch - from James H. Cloos Jr. - -20000701 - - (djm) Fix Tru64 SIA problems reported by John P Speno - - (djm) Login fixes from Tom Bertelson - - (djm) Replace "/bin/sh" with _PATH_BSHELL. Report from Corinna Vinschen - - - (djm) Replace "/usr/bin/login" with LOGIN_PROGRAM - - (djm) Added check for broken snprintf() functions which do not correctly - terminate output string and attempt to use replacement. - - (djm) Released 2.1.1p2 - -20000628 - - (djm) Fixes to lastlog code for Irix - - (djm) Use atomicio in loginrec - - (djm) Patch from Michael Stone to add support for - Irix 6.x array sessions, project id's, and system audit trail id. - - (djm) Added 'distprep' make target to simplify packaging - - (djm) Added patch from Chris Adams to add OSF SIA - support. Enable using "USE_SIA=1 ./configure [options]" - -20000627 - - (djm) Fixes to login code - not setting li->uid, cleanups - - (djm) Formatting - -20000626 - - (djm) Better fix to aclocal tests from Garrick James - - (djm) Account expiry support from Andreas Steinmetz - - (djm) Added password expiry checking (no password change support) - - (djm) Make EGD failures non-fatal if OpenSSL's entropy pool is still OK - based on patch from Lutz Jaenicke - - (djm) Fix fixed EGD code. - - OpenBSD CVS update - - provos@cvs.openbsd.org 2000/06/25 14:17:58 - [channels.c] - correct check for bad channel ids; from Wei Dai - -20000623 - - (djm) Use sa_family_t in prototype for rresvport_af. Patch from - Svante Signell - - (djm) Autoconf logic to define sa_family_t if it is missing - - OpenBSD CVS Updates: - - markus@cvs.openbsd.org 2000/06/22 10:32:27 - [sshd.c] - missing atomicio; report from Steve.Marquess@DET.AMEDD.ARMY.MIL - - djm@cvs.openbsd.org 2000/06/22 17:55:00 - [auth-krb4.c key.c radix.c uuencode.c] - Missing CVS idents; ok markus - -20000622 - - (djm) Automatically generate host key during "make install". Suggested - by Gary E. Miller - - (djm) Paranoia before kill() system call - - OpenBSD CVS Updates: - - markus@cvs.openbsd.org 2000/06/18 18:50:11 - [auth2.c compat.c compat.h sshconnect2.c] - make userauth+pubkey interop with ssh.com-2.2.0 - - markus@cvs.openbsd.org 2000/06/18 20:56:17 - [dsa.c] - mem leak + be more paranoid in dsa_verify. - - markus@cvs.openbsd.org 2000/06/18 21:29:50 - [key.c] - cleanup fingerprinting, less hardcoded sizes - - markus@cvs.openbsd.org 2000/06/19 19:39:45 - [atomicio.c auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c] - [auth-rsa.c auth-skey.c authfd.c authfd.h authfile.c bufaux.c bufaux.h] - [buffer.c buffer.h canohost.c channels.c channels.h cipher.c cipher.h] - [clientloop.c compat.c compat.h compress.c compress.h crc32.c crc32.h] - [deattack.c dispatch.c dsa.c fingerprint.c fingerprint.h getput.h hmac.c] - [kex.c log-client.c log-server.c login.c match.c mpaux.c mpaux.h nchan.c] - [nchan.h packet.c packet.h pty.c pty.h readconf.c readconf.h readpass.c] - [rsa.c rsa.h scp.c servconf.c servconf.h ssh-add.c ssh-keygen.c ssh.c] - [ssh.h tildexpand.c ttymodes.c ttymodes.h uidswap.c xmalloc.c xmalloc.h] - OpenBSD tag - - markus@cvs.openbsd.org 2000/06/21 10:46:10 - sshconnect2.c missing free; nuke old comment - -20000620 - - (djm) Replace use of '-o' and '-a' logical operators in configure tests - with '||' and '&&'. As suggested by Jim Knoble - to fix SCO Unixware problem reported by Gary E. Miller - - (djm) Typo in loginrec.c - -20000618 - - (djm) Add summary of configure options to end of ./configure run - - (djm) Not all systems define RUSAGE_SELF & RUSAGE_CHILDREN. Report from - Michael Stone - - (djm) rusage is a privileged operation on some Unices (incl. - Solaris 2.5.1). Report from Paul D. Smith - - (djm) Avoid PAM failures when running without a TTY. Report from - Martin Petrak - - (djm) Include sys/types.h when including netinet/in.h in configure tests. - Patch from Jun-ichiro itojun Hagino - - (djm) Started merge of Ben Lindstrom's NeXT support - - OpenBSD CVS updates: - - deraadt@cvs.openbsd.org 2000/06/17 09:58:46 - [channels.c] - everyone says "nix it" (remove protocol 2 debugging message) - - markus@cvs.openbsd.org 2000/06/17 13:24:34 - [sshconnect.c] - allow extended server banners - - markus@cvs.openbsd.org 2000/06/17 14:30:10 - [sshconnect.c] - missing atomicio, typo - - jakob@cvs.openbsd.org 2000/06/17 16:52:34 - [servconf.c servconf.h session.c sshd.8 sshd_config] - add support for ssh v2 subsystems. ok markus@. - - deraadt@cvs.openbsd.org 2000/06/17 18:57:48 - [readconf.c servconf.c] - include = in WHITESPACE; markus ok - - markus@cvs.openbsd.org 2000/06/17 19:09:10 - [auth2.c] - implement bug compatibility with ssh-2.0.13 pubkey, server side - - markus@cvs.openbsd.org 2000/06/17 21:00:28 - [compat.c] - initial support for ssh.com's 2.2.0 - - markus@cvs.openbsd.org 2000/06/17 21:16:09 - [scp.c] - typo - - markus@cvs.openbsd.org 2000/06/17 22:05:02 - [auth-rsa.c auth2.c serverloop.c session.c auth-options.c auth-options.h] - split auth-rsa option parsing into auth-options - add options support to authorized_keys2 - - markus@cvs.openbsd.org 2000/06/17 22:42:54 - [session.c] - typo - -20000613 - - (djm) Fixes from Andrew McGill : - - Platform define for SCO 3.x which breaks on /dev/ptmx - - Detect and try to fix missing MAXPATHLEN - - (djm) Fix short copy in loginrec.c (based on patch from Phill Camp - - -20000612 - - (djm) Glob manpages in RPM spec files to catch compressed files - - (djm) Full license in auth-pam.c - - (djm) Configure fixes from SAKAI Kiyotaka - - (andre) AIX, lastlog, configure fixes from Tom Bertelson : - - Don't try to retrieve lastlog from wtmp/wtmpx if DISABLE_LASTLOG is - def'd - - Set AIX to use preformatted manpages - -20000610 - - (djm) Minor doc tweaks - - (djm) Fix for configure on bash2 from Jim Knoble - -20000609 - - (djm) Patch from Kenji Miyake to disable utmp usage - (in favour of utmpx) on Solaris 8 - -20000606 - - (djm) Cleanup of entropy.c. Reorganised code, removed second pass through - list of commands (by default). Removed verbose debugging (by default). - - (djm) Increased command entropy estimates and default entropy collection - timeout - - (djm) Remove duplicate headers from loginrec.c - - (djm) Don't add /usr/local/lib to library search path on Irix - - (djm) Fix rsh path in RPMs. Report from Jason L Tibbitts III - - - (djm) Warn user if grabs fail in GNOME askpass. Patch from Zack Weinberg - - - (djm) OpenBSD CVS updates: - - todd@cvs.openbsd.org - [sshconnect2.c] - teach protocol v2 to count login failures properly and also enable an - explanation of why the password prompt comes up again like v1; this is NOT - crypto - - markus@cvs.openbsd.org - [readconf.c readconf.h servconf.c servconf.h session.c ssh.1 ssh.c sshd.8] - xauth_location support; pr 1234 - [readconf.c sshconnect2.c] - typo, unused - [session.c] - allow use_login only for login sessions, otherwise remote commands are - execed with uid==0 - [sshd.8] - document UseLogin better - [version.h] - OpenSSH 2.1.1 - [auth-rsa.c] - fix match_hostname() logic for auth-rsa: deny access if we have a - negative match or no match at all - [channels.c hostfile.c match.c] - don't panic if mkdtemp fails for authfwd; jkb@yahoo-inc.com via - kris@FreeBSD.org - -20000606 - - (djm) Added --with-cflags, --with-ldflags and --with-libs options to - configure. - -20000604 - - Configure tweaking for new login code on Irix 5.3 - - (andre) login code changes based on djm feedback - -20000603 - - (andre) New login code - - Remove bsd-login.[ch] and all the OpenBSD-derived code in login.c - - Add loginrec.[ch], logintest.c and autoconf code - -20000531 - - Cleanup of auth.c, login.c and fake-* - - Cleanup of auth-pam.c, save and print "account expired" error messages - - Fix EGD read bug by IWAMURO Motonori - - Rewrote bsd-login to use proper utmp API if available. Major cleanup - of fallback DIY code. - -20000530 - - Define atexit for old Solaris - - Fix buffer overrun in login.c for systems which use syslen in utmpx. - patch from YOSHIFUJI Hideaki - - OpenBSD CVS updates: - - markus@cvs.openbsd.org - [session.c] - make x11-fwd work w/ localhost (xauth add host/unix:11) - [cipher.c compat.c readconf.c servconf.c] - check strtok() != NULL; ok niels@ - [key.c] - fix key_read() for uuencoded keys w/o '=' - [serverloop.c] - group ssh1 vs. ssh2 in serverloop - [kex.c kex.h myproposal.h sshconnect2.c sshd.c] - split kexinit/kexdh, factor out common code - [readconf.c ssh.1 ssh.c] - forwardagent defaults to no, add ssh -A - - theo@cvs.openbsd.org - [session.c] - just some line shortening - - Released 2.1.0p3 - -20000520 - - Xauth fix from Markus Friedl - - Don't touch utmp if USE_UTMPX defined - - SunOS 4.x support from Todd C. Miller - - SIGCHLD fix for AIX and HPUX from Tom Bertelson - - HPUX and Configure fixes from Lutz Jaenicke - - - Use mkinstalldirs script to make directories instead of non-portable - "install -d". Suggested by Lutz Jaenicke - - Doc cleanup - -20000518 - - Include Andre Lucas' fixprogs script. Forgot to "cvs add" it yesterday - - OpenBSD CVS updates: - - markus@cvs.openbsd.org - [sshconnect.c] - copy only ai_addrlen bytes; misiek@pld.org.pl - [auth.c] - accept an empty shell in authentication; bug reported by - chris@tinker.ucr.edu - [serverloop.c] - we don't have stderr for interactive terminal sessions (fcntl errors) - -20000517 - - Fix from Andre Lucas - - Fixes command line printing segfaults (spotter: Bladt Norbert) - - Fixes erroneous printing of debug messages to syslog - - Fixes utmp for MacOS X (spotter: Aristedes Maniatis) - - Gives useful error message if PRNG initialisation fails - - Reduced ssh startup delay - - Measures cumulative command time rather than the time between reads - after select() - - 'fixprogs' perl script to eliminate non-working entropy commands, and - optionally run 'ent' to measure command entropy - - Applied Tom Bertelson's AIX authentication fix - - Avoid WCOREDUMP complation errors for systems that lack it - - Avoid SIGCHLD warnings from entropy commands - - Fix HAVE_PAM_GETENVLIST setting from Simon Wilkinson - - OpenBSD CVS update: - - markus@cvs.openbsd.org - [ssh.c] - fix usage() - [ssh2.h] - draft-ietf-secsh-architecture-05.txt - [ssh.1] - document ssh -T -N (ssh2 only) - [channels.c serverloop.c ssh.h sshconnect.c sshd.c aux.c] - enable nonblocking IO for sshd w/ proto 1, too; split out common code - [aux.c] - missing include - - Several patches from SAKAI Kiyotaka - - INSTALL typo and URL fix - - Makefile fix - - Solaris fixes - - Checking for ssize_t and memmove. Based on patch from SAKAI Kiyotaka - - - RSAless operation patch from kevin_oconnor@standardandpoors.com - - Detect OpenSSL seperatly from RSA - - Better test for RSA (more compatible with RSAref). Based on work by - Ed Eden - -20000513 - - Fix for non-recognised DSA keys from Arkadiusz Miskiewicz - - -20000511 - - Fix for prng_seed permissions checking from Lutz Jaenicke - - - "make host-key" fix for Irix - -20000509 - - OpenBSD CVS update - - markus@cvs.openbsd.org - [cipher.h myproposal.h readconf.c readconf.h servconf.c ssh.1 ssh.c] - [ssh.h sshconnect1.c sshconnect2.c sshd.8] - - complain about invalid ciphers in SSH1 (e.g. arcfour is SSH2 only) - - hugh@cvs.openbsd.org - [ssh.1] - - zap typo - [ssh-keygen.1] - - One last nit fix. (markus approved) - [sshd.8] - - some markus certified spelling adjustments - - markus@cvs.openbsd.org - [auth2.c channels.c clientloop.c compat compat.h dsa.c kex.c] - [sshconnect2.c ] - - bug compat w/ ssh-2.0.13 x11, split out bugs - [nchan.c] - - no drain if ibuf_empty, fixes x11fwd problems; tests by fries@ - [ssh-keygen.c] - - handle escapes in real and original key format, ok millert@ - [version.h] - - OpenSSH-2.1 - - Moved all the bsd-* and fake-* stuff into new libopenbsd-compat.a - - Doc updates - - Cleanup of bsd-base64 headers, bugfix definitions of __b64_*. Reported - by Andre Lucas - -20000508 - - Makefile and RPM spec fixes - - Generate DSA host keys during "make key" or RPM installs - - OpenBSD CVS update - - markus@cvs.openbsd.org - [clientloop.c sshconnect2.c] - - make x11-fwd interop w/ ssh-2.0.13 - [README.openssh2] - - interop w/ SecureFX - - Release 2.0.0beta2 - - - Configure caching and cleanup patch from Andre Lucas' - - -20000507 - - Remove references to SSLeay. - - Big OpenBSD CVS update - - markus@cvs.openbsd.org - [clientloop.c] - - typo - [session.c] - - update proctitle on pty alloc/dealloc, e.g. w/ windows client - [session.c] - - update proctitle for proto 1, too - [channels.h nchan.c serverloop.c session.c sshd.c] - - use c-style comments - - deraadt@cvs.openbsd.org - [scp.c] - - more atomicio - - markus@cvs.openbsd.org - [channels.c] - - set O_NONBLOCK - [ssh.1] - - update AUTHOR - [readconf.c ssh-keygen.c ssh.h] - - default DSA key file ~/.ssh/id_dsa - [clientloop.c] - - typo, rm verbose debug - - deraadt@cvs.openbsd.org - [ssh-keygen.1] - - document DSA use of ssh-keygen - [sshd.8] - - a start at describing what i understand of the DSA side - [ssh-keygen.1] - - document -X and -x - [ssh-keygen.c] - - simplify usage - - markus@cvs.openbsd.org - [sshd.8] - - there is no rhosts_dsa - [ssh-keygen.1] - - document -y, update -X,-x - [nchan.c] - - fix close for non-open ssh1 channels - [servconf.c servconf.h ssh.h sshd.8 sshd.c ] - - s/DsaKey/HostDSAKey/, document option - [sshconnect2.c] - - respect number_of_password_prompts - [channels.c channels.h servconf.c servconf.h session.c sshd.8] - - GatewayPorts for sshd, ok deraadt@ - [ssh-add.1 ssh-agent.1 ssh.1] - - more doc on: DSA, id_dsa, known_hosts2, authorized_keys2 - [ssh.1] - - more info on proto 2 - [sshd.8] - - sync AUTHOR w/ ssh.1 - [key.c key.h sshconnect.c] - - print key type when talking about host keys - [packet.c] - - clear padding in ssh2 - [dsa.c key.c radix.c ssh.h sshconnect1.c uuencode.c uuencode.h] - - replace broken uuencode w/ libc b64_ntop - [auth2.c] - - log failure before sending the reply - [key.c radix.c uuencode.c] - - remote trailing comments before calling __b64_pton - [auth2.c readconf.c readconf.h servconf.c servconf.h ssh.1] - [sshconnect2.c sshd.8] - - add DSAAuthetication option to ssh/sshd, document SSH2 in sshd.8 - - Bring in b64_ntop and b64_pton from OpenBSD libc (bsd-base64.[ch]) - -20000502 - - OpenBSD CVS update - [channels.c] - - init all fds, close all fds. - [sshconnect2.c] - - check whether file exists before asking for passphrase - [servconf.c servconf.h sshd.8 sshd.c] - - PidFile, pr 1210 - [channels.c] - - EINTR - [channels.c] - - unbreak, ok niels@ - [sshd.c] - - unlink pid file, ok niels@ - [auth2.c] - - Add missing #ifdefs; ok - markus - - Add Andre Lucas' patch to read entropy - gathering commands from a text file - - Release 2.0.0beta1 - -20000501 - - OpenBSD CVS update - [packet.c] - - send debug messages in SSH2 format - [scp.c] - - fix very rare EAGAIN/EINTR issues; based on work by djm - [packet.c] - - less debug, rm unused - [auth2.c] - - disable kerb,s/key in ssh2 - [sshd.8] - - Minor tweaks and typo fixes. - [ssh-keygen.c] - - Put -d into usage and reorder. markus ok. - - Include missing headers for OpenSSL tests. Fix from Phil Karn - - - Fixed __progname symbol collisions reported by Andre Lucas - - - Merged bsd-login ttyslot and AIX utmp patch from Gert Doering - - - Add some missing ifdefs to auth2.c - - Deprecate perl-tk askpass. - - Irix portability fixes - don't include netinet headers more than once - - Make sure we don't save PRNG seed more than once - -20000430 - - Merge HP-UX fixes and TCB support from Ged Lodder - - Integrate Andre Lucas' entropy collection - patch. - - Adds timeout to entropy collection - - Disables slow entropy sources - - Load and save seed file - - Changed entropy seed code to user per-user seeds only (server seed is - saved in root's .ssh directory) - - Use atexit() and fatal cleanups to save seed on exit - - More OpenBSD updates: - [session.c] - - don't call chan_write_failed() if we are not writing - [auth-rsa.c auth1.c authfd.c hostfile.c ssh-agent.c] - - keysize warnings error() -> log() - -20000429 - - Merge big update to OpenSSH-2.0 from OpenBSD CVS - [README.openssh2] - - interop w/ F-secure windows client - - sync documentation - - ssh_host_dsa_key not ssh_dsa_key - [auth-rsa.c] - - missing fclose - [auth.c authfile.c compat.c dsa.c dsa.h hostfile.c key.c key.h radix.c] - [readconf.c readconf.h ssh-add.c ssh-keygen.c ssh.c ssh.h sshconnect.c] - [sshd.c uuencode.c uuencode.h authfile.h] - - add DSA pubkey auth and other SSH2 fixes. use ssh-keygen -[xX] - for trading keys with the real and the original SSH, directly from the - people who invented the SSH protocol. - [auth.c auth.h authfile.c sshconnect.c auth1.c auth2.c sshconnect.h] - [sshconnect1.c sshconnect2.c] - - split auth/sshconnect in one file per protocol version - [sshconnect2.c] - - remove debug - [uuencode.c] - - add trailing = - [version.h] - - OpenSSH-2.0 - [ssh-keygen.1 ssh-keygen.c] - - add -R flag: exit code indicates if RSA is alive - [sshd.c] - - remove unused - silent if -Q is specified - [ssh.h] - - host key becomes /etc/ssh_host_dsa_key - [readconf.c servconf.c ] - - ssh/sshd default to proto 1 and 2 - [uuencode.c] - - remove debug - [auth2.c ssh-keygen.c sshconnect2.c sshd.c] - - xfree DSA blobs - [auth2.c serverloop.c session.c] - - cleanup logging for sshd/2, respect PasswordAuth no - [sshconnect2.c] - - less debug, respect .ssh/config - [README.openssh2 channels.c channels.h] - - clientloop.c session.c ssh.c - - support for x11-fwding, client+server - -20000421 - - Merge fix from OpenBSD CVS - [ssh-agent.c] - - Fix memory leak per connection. Report from Andy Spiegl - via Debian bug #59926 - - Define __progname in session.c if libc doesn't - - Remove indentation on autoconf #include statements to avoid bug in - DEC Tru64 compiler. Report and fix from David Del Piero - - -20000420 - - Make fixpaths work with perl4, patch from Andre Lucas - - - Sync with OpenBSD CVS: - [clientloop.c login.c serverloop.c ssh-agent.c ssh.h sshconnect.c sshd.c] - - pid_t - [session.c] - - remove bogus chan_read_failed. this could cause data - corruption (missing data) at end of a SSH2 session. - - Merge fixes from Debian patch from Phil Hands - - Allow setting of PAM service name through CFLAGS (SSHD_PAM_SERVICE) - - Use vhangup to clean up Linux ttys - - Force posix getopt processing on GNU libc systems - - Debian bug #55910 - remove references to ssl(8) manpages - - Debian bug #58031 - ssh_config lies about default cipher - -20000419 - - OpenBSD CVS updates - [channels.c] - - fix pr 1196, listen_port and port_to_connect interchanged - [scp.c] - - after completion, replace the progress bar ETA counter with a final - elapsed time; my idea, aaron wrote the patch - [ssh_config sshd_config] - - show 'Protocol' as an example, ok markus@ - [sshd.c] - - missing xfree() - - Add missing header to bsd-misc.c - -20000416 - - Reduce diff against OpenBSD source - - All OpenSSL includes are now unconditionally referenced as - openssl/foo.h - - Pick up formatting changes - - Other minor changed (typecasts, etc) that I missed - -20000415 - - OpenBSD CVS updates. - [ssh.1 ssh.c] - - ssh -2 - [auth.c channels.c clientloop.c packet.c packet.h serverloop.c] - [session.c sshconnect.c] - - check payload for (illegal) extra data - [ALL] - whitespace cleanup - -20000413 - - INSTALL doc updates - - Merged OpenBSD updates to include paths. - -20000412 - - OpenBSD CVS updates: - - [channels.c] - repair x11-fwd - - [sshconnect.c] - fix passwd prompt for ssh2, less debugging output. - - [clientloop.c compat.c dsa.c kex.c sshd.c] - less debugging output - - [kex.c kex.h sshconnect.c sshd.c] - check for reasonable public DH values - - [README.openssh2 cipher.c cipher.h compat.c compat.h readconf.c] - [readconf.h servconf.c servconf.h ssh.c ssh.h sshconnect.c sshd.c] - add Cipher and Protocol options to ssh/sshd, e.g.: - ssh -o 'Protocol 1,2' if you prefer proto 1, ssh -o 'Ciphers - arcfour,3des-cbc' - - [sshd.c] - print 1.99 only if server supports both - -20000408 - - Avoid some compiler warnings in fake-get*.c - - Add IPTOS macros for systems which lack them - - Only set define entropy collection macros if they are found - - More large OpenBSD CVS updates: - - [auth.c auth.h servconf.c servconf.h serverloop.c session.c] - [session.h ssh.h sshd.c README.openssh2] - ssh2 server side, see README.openssh2; enable with 'sshd -2' - - [channels.c] - no adjust after close - - [sshd.c compat.c ] - interop w/ latest ssh.com windows client. - -20000406 - - OpenBSD CVS update: - - [channels.c] - close efd on eof - - [clientloop.c compat.c ssh.c sshconnect.c myproposal.h] - ssh2 client implementation, interops w/ ssh.com and lsh servers. - - [sshconnect.c] - missing free. - - [authfile.c cipher.c cipher.h packet.c sshconnect.c sshd.c] - remove unused argument, split cipher_mask() - - [clientloop.c] - re-order: group ssh1 vs. ssh2 - - Make Redhat spec require openssl >= 0.9.5a - -20000404 - - Add tests for RAND_add function when searching for OpenSSL - - OpenBSD CVS update: - - [packet.h packet.c] - ssh2 packet format - - [packet.h packet.c nchan2.ms nchan.h compat.h compat.c] - [channels.h channels.c] - channel layer support for ssh2 - - [kex.h kex.c hmac.h hmac.c dsa.c dsa.h] - DSA, keyexchange, algorithm agreement for ssh2 - - Generate manpages before make install not at the end of make all - - Don't seed the rng quite so often - - Always reseed rng when requested - -20000403 - - Wrote entropy collection routines for systems that lack /dev/random - and EGD - - Disable tests and typedefs for 64 bit types. They are currently unused. - -20000401 - - Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure) - - [auth.c session.c sshd.c auth.h] - split sshd.c -> auth.c session.c sshd.c plus cleanup and goto-removal - - [bufaux.c bufaux.h] - support ssh2 bignums - - [channels.c channels.h clientloop.c sshd.c nchan.c nchan.h packet.c] - [readconf.c ssh.c ssh.h serverloop.c] - replace big switch() with function tables (prepare for ssh2) - - [ssh2.h] - ssh2 message type codes - - [sshd.8] - reorder Xr to avoid cutting - - [serverloop.c] - close(fdin) if fdin != fdout, shutdown otherwise, ok theo@ - - [channels.c] - missing close - allow bigger packets - - [cipher.c cipher.h] - support ssh2 ciphers - - [compress.c] - cleanup, less code - - [dispatch.c dispatch.h] - function tables for different message types - - [log-server.c] - do not log() if debuggin to stderr - rename a cpp symbol, to avoid param.h collision - - [mpaux.c] - KNF - - [nchan.c] - sync w/ channels.c - -20000326 - - Better tests for OpenSSL w/ RSAref - - Added replacement setenv() function from OpenBSD libc. Suggested by - Ben Lindstrom - - OpenBSD CVS update - - [auth-krb4.c] - -Wall - - [auth-rh-rsa.c auth-rsa.c hostfile.c hostfile.h key.c key.h match.c] - [match.h ssh.c ssh.h sshconnect.c sshd.c] - initial support for DSA keys. ok deraadt@, niels@ - - [cipher.c cipher.h] - remove unused cipher_attack_detected code - - [scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8] - Fix some formatting problems I missed before. - - [ssh.1 sshd.8] - fix spelling errors, From: FreeBSD - - [ssh.c] - switch to raw mode only if he _get_ a pty (not if we _want_ a pty). - -20000324 - - Released 1.2.3 - -20000317 - - Clarified --with-default-path option. - - Added -blibpath handling for AIX to work around stupid runtime linking. - Problem elucidated by gshapiro@SENDMAIL.ORG by way of Jim Knoble - - - Checks for 64 bit int types. Problem report from Mats Fredholm - - - OpenBSD CVS updates: - - [atomicio.c auth-krb4.c bufaux.c channels.c compress.c fingerprint.c] - [packet.h radix.c rsa.c scp.c ssh-agent.c ssh-keygen.c sshconnect.c] + add privsep (off) + - markus@cvs.openbsd.org 2002/03/21 21:23:34 [sshd.c] - pedantic: signed vs. unsigned, void*-arithm, etc - - [ssh.1 sshd.8] - Various cleanups and standardizations. - - Runtime error fix for HPUX from Otmar Stahl - - -20000316 - - Fixed configure not passing LDFLAGS to Solaris. Report from David G. - Hesprich - - Propogate LD through to Makefile - - Doc cleanups - - Added blurb about "scp: command not found" errors to UPGRADING - -20000315 - - Fix broken CFLAGS handling during search for OpenSSL. Fixes va_list - problems with gcc/Solaris. - - Don't free argument to putenv() after use (in setenv() replacement). - Report from Seigo Tanimura - - Created contrib/ subdirectory. Included helpers from Phil Hands' - Debian package, README file and chroot patch from Ricardo Cerqueira - - - Moved gnome-ssh-askpass.c to contrib directory and removed config - option. - - Slight cleanup to doc files - - Configure fix from Bratislav ILICH - -20000314 - - Include macro for IN6_IS_ADDR_V4MAPPED. Report from - peter@frontierflying.com - - Include /usr/local/include and /usr/local/lib for systems that don't - do it themselves - - -R/usr/local/lib for Solaris - - Fix RSAref detection - - Fix IN6_IS_ADDR_V4MAPPED macro - -20000311 - - Detect RSAref - - OpenBSD CVS change - [sshd.c] - - disallow guessing of root password - - More configure fixes - - IPv6 workarounds from Hideaki YOSHIFUJI - -20000309 - - OpenBSD CVS updates to v1.2.3 - [ssh.h atomicio.c] - - int atomicio -> ssize_t (for alpha). ok deraadt@ - [auth-rsa.c] - - delay MD5 computation until client sends response, free() early, cleanup. - [cipher.c] - - void* -> unsigned char*, ok niels@ - [hostfile.c] - - remove unused variable 'len'. fix comments. - - remove unused variable - [log-client.c log-server.c] - - rename a cpp symbol, to avoid param.h collision - [packet.c] - - missing xfree() - - getsockname() requires initialized tolen; andy@guildsoftware.com - - use getpeername() in packet_connection_is_on_socket(), fixes sshd -i; - from Holger.Trapp@Informatik.TU-Chemnitz.DE - [pty.c pty.h] - - register cleanup for pty earlier. move code for pty-owner handling to - pty.c ok provos@, dugsong@ - [readconf.c] - - turn off x11-fwd for the client, too. - [rsa.c] - - PKCS#1 padding - [scp.c] - - allow '.' in usernames; from jedgar@fxp.org - [servconf.c] - - typo: ignore_user_known_hosts int->flag; naddy@mips.rhein-neckar.de - - sync with sshd_config - [ssh-keygen.c] - - enable ssh-keygen -l -f ~/.ssh/known_hosts, ok deraadt@ - [ssh.1] - - Change invalid 'CHAT' loglevel to 'VERBOSE' - [ssh.c] - - suppress AAAA query host when '-4' is used; from shin@nd.net.fujitsu.co.jp - - turn off x11-fwd for the client, too. - [sshconnect.c] - - missing xfree() - - retry rresvport_af(), too. from sumikawa@ebina.hitachi.co.jp. - - read error vs. "Connection closed by remote host" - [sshd.8] - - ie. -> i.e., - - do not link to a commercial page.. - - sync with sshd_config - [sshd.c] - - no need for poll.h; from bright@wintelcom.net - - log with level log() not fatal() if peer behaves badly. - - don't panic if client behaves strange. ok deraadt@ - - make no-port-forwarding for RSA keys deny both -L and -R style fwding - - delay close() of pty until the pty has been chowned back to root - - oops, fix comment, too. - - missing xfree() - - move XAUTHORITY to subdir. ok dugsong@. fixes debian bug #57907, too. - (http://cgi.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=57907) - - register cleanup for pty earlier. move code for pty-owner handling to - pty.c ok provos@, dugsong@ - - create x11 cookie file - - fix pr 1113, fclose() -> pclose(), todo: remote popen() - - version 1.2.3 - - Cleaned up - - Removed warning workaround for Linux and devpts filesystems (no longer - required after OpenBSD updates) - -20000308 - - Configure fix from Hiroshi Takekawa - -20000307 - - Released 1.2.2p1 - -20000305 - - Fix DEC compile fix - - Explicitly seed OpenSSL's PRNG before checking rsa_alive() - - Check for getpagesize in libucb.a if not found in libc. Fix for old - Solaris from Andre Lucas - - Check for libwrap if --with-tcp-wrappers option specified. Suggestion - Mate Wierdl - -20000303 - - Added "make host-key" target, Suggestion from Dominik Brettnacher - - - Don't permanently fail on bind() if getaddrinfo has more choices left for - us. Needed to work around messy IPv6 on Linux. Patch from Arkadiusz - Miskiewicz - - DEC Unix compile fix from David Del Piero - - Manpage fix from David Del Piero - -20000302 - - Big cleanup of autoconf code - - Rearranged to be a little more logical - - Added -R option for Solaris - - Rewrote OpenSSL detection code. Now uses AC_TRY_RUN with a test program - to detect library and header location _and_ ensure library has proper - RSA support built in (this is a problem with OpenSSL 0.9.5). - - Applied pty cleanup patch from markus.friedl@informatik.uni-erlangen.de - - Avoid warning message with Unix98 ptys - - Warning was valid - possible race condition on PTYs. Avoided using - platform-specific code. - - Document some common problems - - Allow root access to any key. Patch from - markus.friedl@informatik.uni-erlangen.de - -20000207 - - Removed SOCKS code. Will support through a ProxyCommand. - -20000203 - - Fixed SEGVs in authloop, fix from vbzoli@hbrt.hu - - Add --with-ssl-dir option - -20000202 - - Fix lastlog code for directory based lastlogs. Fix from Josh Durham - - - Documentation fixes from HARUYAMA Seigo - - Added URLs to Japanese translations of documents by HARUYAMA Seigo - - -20000201 - - Use socket pairs by default (instead of pipes). Prevents race condition - on several (buggy) OSs. Report and fix from tridge@linuxcare.com - -20000127 - - Seed OpenSSL's random number generator before generating RSA keypairs - - Split random collector into seperate file - - Compile fix from Andre Lucas - -20000126 - - Released 1.2.2 stable - - - NeXT keeps it lastlog in /usr/adm. Report from - mouring@newton.pconline.com - - Added note in UPGRADING re interop with commercial SSH using idea. - Report from Jim Knoble - - Fix linking order for Kerberos/AFS. Fix from Holget Trapp - - -20000125 - - Fix NULL pointer dereference in login.c. Fix from Andre Lucas - - - Reorder PAM initialisation so it does not mess up lastlog. Reported - by Andre Lucas - - Use preformatted manpages on SCO, report from Gary E. Miller - - - New URL for x11-ssh-askpass. - - Fixpaths was missing /etc/ssh_known_hosts. Report from Jim Knoble - - - Added 'DESTDIR' option to Makefile to ease package building. Patch from - Jim Knoble - - Updated RPM spec files to use DESTDIR - -20000124 - - Pick up version 1.2.2 from OpenBSD CVS (no changes, just version number - increment) - -20000123 - - OpenBSD CVS: - - [packet.c] - getsockname() requires initialized tolen; andy@guildsoftware.com - - AIX patch from Matt Richards and David Rankin - - - Fix lastlog support, patch from Andre Lucas - -20000122 - - Fix compilation of bsd-snprintf.c on Solaris, fix from Ben Taylor - - - Merge preformatted manpage patch from Andre Lucas - - - Make IPv4 use the default in RPM packages - - Irix uses preformatted manpages - - Missing htons() in bsd-bindresvport.c, fix from Holger Trapp - - - OpenBSD CVS updates: - - [packet.c] - use getpeername() in packet_connection_is_on_socket(), fixes sshd -i; - from Holger.Trapp@Informatik.TU-Chemnitz.DE - - [sshd.c] - log with level log() not fatal() if peer behaves badly. - - [readpass.c] - instead of blocking SIGINT, catch it ourselves, so that we can clean - the tty modes up and kill ourselves -- instead of our process group - leader (scp, cvs, ...) going away and leaving us in noecho mode. - people with cbreak shells never even noticed.. - - [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8] - ie. -> i.e., - -20000120 - - Don't use getaddrinfo on AIX - - Update to latest OpenBSD CVS: - - [auth-rsa.c] - - fix user/1056, sshd keeps restrictions; dbt@meat.net - - [sshconnect.c] - - disable agent fwding for proto 1.3, remove abuse of auth-rsa flags. - - destroy keys earlier - - split key exchange (kex) and user authentication (user-auth), - ok: provos@ - - [sshd.c] - - no need for poll.h; from bright@wintelcom.net - - disable agent fwding for proto 1.3, remove abuse of auth-rsa flags. - - split key exchange (kex) and user authentication (user-auth), - ok: provos@ - - Big manpage and config file cleanup from Andre Lucas - - - Re-added latest (unmodified) OpenBSD manpages - - Doc updates - - NetBSD patch from David Rankin and - Christos Zoulas - -20000119 - - SCO compile fixes from Gary E. Miller - - Compile fix from Darren_Hall@progressive.com - - Linux/glibc-2.1.2 takes a *long* time to look up names for AF_UNSPEC - addresses using getaddrinfo(). Added a configure switch to make the - default lookup mode AF_INET - -20000118 - - Fixed --with-pid-dir option - - Makefile fix from Gary E. Miller - - Compile fix for HPUX and Solaris from Andre Lucas - - -20000117 - - Clean up bsd-bindresvport.c. Use arc4random() for picking initial - port, ignore EINVAL errors (Linux) when searching for free port. - - Revert __snprintf -> snprintf aliasing. Apparently Solaris - __snprintf isn't. Report from Theo de Raadt - - Document location of Redhat PAM file in INSTALL. - - Fixed X11 forwarding bug on Linux. libc advertises AF_INET6 - INADDR_ANY_INIT addresses via getaddrinfo, but may not be able to - deliver (no IPv6 kernel support) - - Released 1.2.1pre27 - - - Fix rresvport_af failure errors (logic error in bsd-bindresvport.c) - - Fix --with-ipaddr-display option test. Fix from Jarno Huuskonen - - - Fix hang on logout if processes are still using the pty. Needs - further testing. - - Patch from Christos Zoulas - - Try $prefix first when looking for OpenSSL. - - Include sys/types.h when including sys/socket.h in test programs - - Substitute PID directory in sshd.8. Suggestion from Andrew - Stribblehill - -20000116 - - Renamed --with-xauth-path to --with-xauth - - Added --with-pid-dir option - - Released 1.2.1pre26 - - - Compilation fix from Kiyokazu SUTO - - Fixed broken bugfix for /dev/ptmx on Linux systems which lack - openpty(). Report from Kiyokazu SUTO - -20000115 - - Add --with-xauth-path configure directive and explicit test for - /usr/openwin/bin/xauth for Solaris systems. Report from Anders - Nordby - - Fix incorrect detection of /dev/ptmx on Linux systems that lack - openpty. Report from John Seifarth - - Look for intXX_t and u_intXX_t in sys/bitypes.h if they are not in - sys/types.h. Fixes problems on SCO, report from Gary E. Miller - - - Use __snprintf and __vnsprintf if they are found where snprintf and - vnsprintf are lacking. Suggested by Ben Taylor - and others. - -20000114 - - Merged OpenBSD IPv6 patch: - - [sshd.c sshd.8 sshconnect.c ssh.h ssh.c servconf.h servconf.c scp.1] - [scp.c packet.h packet.c login.c log.c canohost.c channels.c] - [hostfile.c sshd_config] - ipv6 support: mostly gethostbyname->getaddrinfo/getnameinfo, new - features: sshd allows multiple ListenAddress and Port options. note - that libwrap is not IPv6-ready. (based on patches from - fujiwara@rcac.tdi.co.jp) - - [ssh.c canohost.c] - more hints (hints.ai_socktype=SOCK_STREAM) for getaddrinfo, - from itojun@ - - [channels.c] - listen on _all_ interfaces for X11-Fwd (hints.ai_flags = AI_PASSIVE) - - [packet.h] - allow auth-kerberos for IPv4 only - - [scp.1 sshd.8 servconf.h scp.c] - document -4, -6, and 'ssh -L 2022/::1/22' - - [ssh.c] - 'ssh @host' is illegal (null user name), from - karsten@gedankenpolizei.de - - [sshconnect.c] - better error message - - [sshd.c] - allow auth-kerberos for IPv4 only - - Big IPv6 merge: - - Cleanup overrun in sockaddr copying on RHL 6.1 - - Replacements for getaddrinfo, getnameinfo, etc based on versions - from patch from KIKUCHI Takahiro - - Replacement for missing structures on systems that lack IPv6 - - record_login needed to know about AF_INET6 addresses - - Borrowed more code from OpenBSD: rresvport_af and requisites - -20000110 - - Fixes to auth-skey to enable it to use the standard OpenSSL libraries - -20000107 - - New config.sub and config.guess to fix problems on SCO. Supplied - by Gary E. Miller - - SCO build fix from Gary E. Miller - - Released 1.2.1pre25 - -20000106 - - Documentation update & cleanup - - Better KrbIV / AFS detection, based on patch from: - Holger Trapp - -20000105 - - Fixed annoying DES corruption problem. libcrypt has been - overriding symbols in libcrypto. Removed libcrypt and crypt.h - altogether (libcrypto includes its own crypt(1) replacement) - - Added platform-specific rules for Irix 6.x. Included warning that - they are untested. - -20000103 - - Add explicit make rules for files proccessed by fixpaths. - - Fix "make install" in RPM spec files. Report from Tenkou N. Hattori - - - Removed "nullok" directive from default PAM configuration files. - Added information on enabling EmptyPasswords on openssh+PAM in - UPGRADING file. - - OpenBSD CVS updates - - [ssh-agent.c] - cleanup_exit() for SIGTERM/SIGHUP, too. from fgsch@ and - dgaudet@arctic.org - - [sshconnect.c] - compare correct version for 1.3 compat mode - -20000102 - - Prevent multiple inclusion of config.h and defines.h. Suggested - by Andre Lucas - - Properly clean up on exit of ssh-agent. Patch from Dean Gaudet - - -19991231 - - Fix password support on systems with a mixture of shadowed and - non-shadowed passwords (e.g. NIS). Report and fix from - HARUYAMA Seigo - - Fix broken autoconf typedef detection. Report from Marc G. - Fournier - - Fix occasional crash on LinuxPPC. Patch from Franz Sirl - - - Prevent typedefs from being compiled more than once. Report from - Marc G. Fournier - - Fill in ut_utaddr utmp field. Report from Benjamin Charron - - - Really fix broken default path. Fix from Jim Knoble - - - Remove test for quad_t. No longer needed. - - Released 1.2.1pre24 - - - Added support for directory-based lastlogs - - Really fix typedefs, patch from Ben Taylor - -19991230 - - OpenBSD CVS updates: - - [auth-passwd.c] - check for NULL 1st - - Removed most of the pam code into its own file auth-pam.[ch]. This - cleaned up sshd.c up significantly. - - PAM authentication was incorrectly interpreting - "PermitRootLogin without-password". Report from Matthias Andree - - - Updated documentation with ./configure options - - Released 1.2.1pre23 - -19991229 - - Applied another NetBSD portability patch from David Rankin - - - Fix --with-default-path option. - - Autodetect perl, patch from David Rankin - - - Print whether OpenSSH was compiled with RSARef, patch from - Nalin Dahyabhai - - Calls to pam_setcred, patch from Nalin Dahyabhai - - - Detect missing size_t and typedef it. - - Rename helper.[ch] to (more appropriate) bsd-misc.[ch] - - Minor Makefile cleaning - -19991228 - - Replacement for getpagesize() for systems which lack it - - NetBSD login.c compile fix from David Rankin - - - Fully set ut_tv if present in utmp or utmpx - - Portability fixes for Irix 5.3 (now compiles OK!) - - autoconf and other misc cleanups - - Merged AIX patch from Darren Hall - - Cleaned up defines.h - - Released 1.2.1pre22 - -19991227 - - Automatically correct paths in manpages and configuration files. Patch - and script from Andre Lucas - - Removed credits from README to CREDITS file, updated. - - Added --with-default-path to specify custom path for server - - Removed #ifdef trickery from acconfig.h into defines.h - - PAM bugfix. PermitEmptyPassword was being ignored. - - Fixed PAM config files to allow empty passwords if server does. - - Explained spurious PAM auth warning workaround in UPGRADING - - Use last few chars of tty line as ut_id - - New SuSE RPM spec file from Chris Saia - - OpenBSD CVS updates: - - [packet.h auth-rhosts.c] - check format string for packet_disconnect and packet_send_debug, too - - [channels.c] - use packet_get_maxsize for channels. consistence. - -19991226 - - Enabled utmpx support by default for Solaris - - Cleanup sshd.c PAM a little more - - Revised RPM package to include Jim Knoble's - X11 ssh-askpass program. - - Disable logging of PAM success and failures, PAM is verbose enough. - Unfortunatly there is currently no way to disable auth failure - messages. Mention this in UPGRADING file and sent message to PAM - developers - - OpenBSD CVS update: - - [ssh-keygen.1 ssh.1] - remove ref to .ssh/random_seed, mention .ssh/environment in - .Sh FILES, too - - Released 1.2.1pre21 - - Fixed implicit '.' in default path, report from Jim Knoble - - - Redhat RPM spec fixes from Jim Knoble - -19991225 - - More fixes from Andre Lucas - - Cleanup of auth-passwd.c for shadow and MD5 passwords - - Cleanup and bugfix of PAM authentication code - - Released 1.2.1pre20 - - - Merged fixes from Ben Taylor - - Fixed configure support for PAM. Reported by Naz <96na@eng.cam.ac.uk> - - Disabled logging of PAM password authentication failures when password - is empty. (e.g start of authentication loop). Reported by Naz - <96na@eng.cam.ac.uk>) - -19991223 - - Merged later HPUX patch from Andre Lucas - - - Above patch included better utmpx support from Ben Taylor - - -19991222 - - Fix undefined fd_set type in ssh.h from Povl H. Pedersen - - - Fix login.c breakage on systems which lack ut_host in struct - utmp. Reported by Willard Dawson - -19991221 - - Integration of large HPUX patch from Andre Lucas - . Integrating it had a few other - benefits: - - Ability to disable shadow passwords at configure time - - Ability to disable lastlog support at configure time - - Support for IP address in $DISPLAY - - OpenBSD CVS update: - - [sshconnect.c] - say "REMOTE HOST IDENTIFICATION HAS CHANGED" - - Fix DISABLE_SHADOW support - - Allow MD5 passwords even if shadow passwords are disabled - - Release 1.2.1pre19 - -19991218 - - Redhat init script patch from Chun-Chung Chen - - - Avoid breakage on systems without IPv6 headers - -19991216 - - Makefile changes for Solaris from Peter Kocks - - - Minor updates to docs - - Merged OpenBSD CVS changes: - - [authfd.c ssh-agent.c] - keysize warnings talk about identity files - - [packet.c] - "Connection closed by x.x.x.x": fatal() -> log() - - Correctly handle empty passwords in shadow file. Patch from: - "Chris, the Young One" - - Released 1.2.1pre18 - -19991215 - - Integrated patchs from Juergen Keil - - Avoid void* pointer arithmatic - - Use LDFLAGS correctly - - Fix SIGIO error in scp - - Simplify status line printing in scp - - Added better test for inline functions compiler support from - Darren_Hall@progressive.com - -19991214 - - OpenBSD CVS Changes - - [canohost.c] - fix get_remote_port() and friends for sshd -i; - Holger.Trapp@Informatik.TU-Chemnitz.DE - - [mpaux.c] - make code simpler. no need for memcpy. niels@ ok - - [pty.c] - namebuflen not sizeof namebuflen; bnd@ep-ag.com via djm@mindrot.org - fix proto; markus - - [ssh.1] - typo; mark.baushke@solipsa.com - - [channels.c ssh.c ssh.h sshd.c] - type conflict for 'extern Type *options' in channels.c; dot@dotat.at - - [sshconnect.c] - move checking of hostkey into own function. - - [version.h] - OpenSSH-1.2.1 - - Clean up broken includes in pty.c - - Some older systems don't have poll.h, they use sys/poll.h instead - - Doc updates - -19991211 - - Fix compilation on systems with AFS. Reported by - aloomis@glue.umd.edu - - Fix installation on Solaris. Reported by - Gordon Rowell - - Fix gccisms (__attribute__ and inline). Report by edgy@us.ibm.com, - patch from Markus Friedl - - Auto-locate xauth. Patch from David Agraz - - Compile fix from David Agraz - - Avoid compiler warning in bsd-snprintf.c - - Added pam_limits.so to default PAM config. Suggested by - Jim Knoble - -19991209 - - Import of patch from Ben Taylor : - - Improved PAM support - - "uninstall" rule for Makefile - - utmpx support - - Should fix PAM problems on Solaris - - OpenBSD CVS updates: - - [readpass.c] - avoid stdio; based on work by markus, millert, and I - - [sshd.c] - make sure the client selects a supported cipher - - [sshd.c] - fix sighup handling. accept would just restart and daemon handled - sighup only after the next connection was accepted. use poll on - listen sock now. - - [sshd.c] - make that a fatal - - Applied patch from David Rankin - to fix libwrap support on NetBSD - - Released 1.2pre17 - -19991208 - - Compile fix for Solaris with /dev/ptmx from - David Agraz - -19991207 - - sshd Redhat init script patch from Jim Knoble - fixes compatability with 4.x and 5.x - - Fixed default SSH_ASKPASS - - Fix PAM account and session being called multiple times. Problem - reported by Adrian Baugh - - Merged more OpenBSD changes: - - [atomicio.c authfd.c scp.c serverloop.c ssh.h sshconnect.c sshd.c] - move atomicio into it's own file. wrap all socket write()s which - were doing write(sock, buf, len) != len, with atomicio() calls. - - [auth-skey.c] - fd leak - - [authfile.c] - properly name fd variable - - [channels.c] - display great hatred towards strcpy - - [pty.c pty.h sshd.c] - use openpty() if it exists (it does on BSD4_4) - - [tildexpand.c] - check for ~ expansion past MAXPATHLEN - - Modified helper.c to use new atomicio function. - - Reformat Makefile a little - - Moved RC4 routines from rc4.[ch] into helper.c - - Added autoconf code to detect /dev/ptmx (Solaris) and /dev/ptc (AIX) - - Updated SuSE spec from Chris Saia - - Tweaked Redhat spec - - Clean up bad imports of a few files (forgot -kb) - - Released 1.2pre16 - -19991204 - - Small cleanup of PAM code in sshd.c - - Merged OpenBSD CVS changes: - - [auth-krb4.c auth-passwd.c auth-skey.c ssh.h] - move skey-auth from auth-passwd.c to auth-skey.c, same for krb4 - - [auth-rsa.c] - warn only about mismatch if key is _used_ - warn about keysize-mismatch with log() not error() - channels.c readconf.c readconf.h ssh.c ssh.h sshconnect.c - ports are u_short - - [hostfile.c] - indent, shorter warning - - [nchan.c] - use error() for internal errors - - [packet.c] - set loglevel for SSH_MSG_DISCONNECT to log(), not fatal() - serverloop.c - indent - - [ssh-add.1 ssh-add.c ssh.h] - document $SSH_ASKPASS, reasonable default - - [ssh.1] - CheckHostIP is not available for connects via proxy command - - [sshconnect.c] - typo - easier to read client code for passwd and skey auth - turn of checkhostip for proxy connects, since we don't know the remote ip - -19991126 - - Add definition for __P() - - Added [v]snprintf() replacement for systems that lack it - -19991125 - - More reformatting merged from OpenBSD CVS - - Merged OpenBSD CVS changes: - - [channels.c] - fix packet_integrity_check() for !have_hostname_in_open. - report from mrwizard@psu.edu via djm@ibs.com.au - - [channels.c] - set SO_REUSEADDR and SO_LINGER for forwarded ports. - chip@valinux.com via damien@ibs.com.au - - [nchan.c] - it's not an error() if shutdown_write failes in nchan. - - [readconf.c] - remove dead #ifdef-0-code - - [readconf.c servconf.c] - strcasecmp instead of tolower - - [scp.c] - progress meter overflow fix from damien@ibs.com.au - - [ssh-add.1 ssh-add.c] - SSH_ASKPASS support - - [ssh.1 ssh.c] - postpone fork_after_authentication until command execution, - request/patch from jahakala@cc.jyu.fi via damien@ibs.com.au - plus: use daemon() for backgrounding - - Added BSD compatible install program and autoconf test, thanks to - Niels Kristian Bech Jensen - - Solaris fixing, thanks to Ben Taylor - - Merged beginnings of AIX support from Tor-Ake Fransson - - Release 1.2pre15 - -19991124 - - Merged very large OpenBSD source code reformat - - OpenBSD CVS updates - - [channels.c cipher.c compat.c log-client.c scp.c serverloop.c] - [ssh.h sshd.8 sshd.c] - syslog changes: - * Unified Logmessage for all auth-types, for success and for failed - * Standard connections get only ONE line in the LOG when level==LOG: - Auth-attempts are logged only, if authentication is: - a) successfull or - b) with passwd or - c) we had more than AUTH_FAIL_LOG failues - * many log() became verbose() - * old behaviour with level=VERBOSE - - [readconf.c readconf.h ssh.1 ssh.h sshconnect.c sshd.c] - tranfer s/key challenge/response data in SSH_SMSG_AUTH_TIS_CHALLENGE - messages. allows use of s/key in windows (ttssh, securecrt) and - ssh-1.2.27 clients without 'ssh -v', ok: niels@ - - [sshd.8] - -V, for fallback to openssh in SSH2 compatibility mode - - [sshd.c] - fix sigchld race; cjc5@po.cwru.edu - -19991123 - - Added SuSE package files from Chris Saia - - Restructured package-related files under packages/* - - Added generic PAM config - - Numerous little Solaris fixes - - Add recommendation to use GNU make to INSTALL document - -19991122 - - Make close gnome-ssh-askpass (Debian bug #50299) - - OpenBSD CVS Changes - - [ssh-keygen.c] - don't create ~/.ssh only if the user wants to store the private - key there. show fingerprint instead of public-key after - keygeneration. ok niels@ - - Added OpenBSD bsd-strlcat.c, created bsd-strlcat.h - - Added timersub() macro - - Tidy RCSIDs of bsd-*.c - - Added autoconf test and macro to deal with old PAM libraries - pam_strerror definition (one arg vs two). - - Fix EGD problems (Thanks to Ben Taylor ) - - Retry /dev/urandom reads interrupted by signal (report from - Robert Hardy ) - - Added a setenv replacement for systems which lack it - - Only display public key comment when presenting ssh-askpass dialog - - Released 1.2pre14 - - - Configure, Make and changelog corrections from Tudor Bosman - and Niels Kristian Bech Jensen - -19991121 - - OpenBSD CVS Changes: - - [channels.c] - make this compile, bad markus - - [log.c readconf.c servconf.c ssh.h] - bugfix: loglevels are per host in clientconfig, - factor out common log-level parsing code. - - [servconf.c] - remove unused index (-Wall) - - [ssh-agent.c] - only one 'extern char *__progname' - - [sshd.8] - document SIGHUP, -Q to synopsis - - [sshconnect.c serverloop.c sshd.c packet.c packet.h] - [channels.c clientloop.c] - SSH_CMSG_MAX_PACKET_SIZE, some clients use this, some need this, niels@ - [hope this time my ISP stays alive during commit] - - [OVERVIEW README] typos; green@freebsd - - [ssh-keygen.c] - replace xstrdup+strcat with strlcat+fixed buffer, fixes OF (bad me) - exit if writing the key fails (no infinit loop) - print usage() everytime we get bad options - - [ssh-keygen.c] overflow, djm@mindrot.org - - [sshd.c] fix sigchld race; cjc5@po.cwru.edu - -19991120 - - Merged more Solaris support from Marc G. Fournier - - - Wrote autoconf tests for integer bit-types - - Fixed enabling kerberos support - - Fix segfault in ssh-keygen caused by buffer overrun in filename - handling. - -19991119 - - Merged PAM buffer overrun patch from Chip Salzenberg - - Merged OpenBSD CVS changes - - [auth-rhosts.c auth-rsa.c ssh-agent.c sshconnect.c sshd.c] - more %d vs. %s in fmt-strings - - [authfd.c] - Integers should not be printed with %s - - EGD uses a socket, not a named pipe. Duh. - - Fix includes in fingerprint.c - - Fix scp progress bar bug again. - - Move ssh-askpass from ${libdir}/ssh to ${libexecdir}/ssh at request of - David Rankin - - Added autoconf option to enable Kerberos 4 support (untested) - - Added autoconf option to enable AFS support (untested) - - Added autoconf option to enable S/Key support (untested) - - Added autoconf option to enable TCP wrappers support (compiles OK) - - Renamed BSD helper function files to bsd-* - - Added tests for login and daemon and enable OpenBSD replacements for - when they are absent. - - Added non-PAM MD5 password support patch from Tudor Bosman - -19991118 - - Merged OpenBSD CVS changes - - [scp.c] foregroundproc() in scp - - [sshconnect.h] include fingerprint.h - - [sshd.c] bugfix: the log() for passwd-auth escaped during logging - changes. - - [ssh.1] Spell my name right. - - Added openssh.com info to README - -19991117 - - Merged OpenBSD CVS changes - - [ChangeLog.Ylonen] noone needs this anymore - - [authfd.c] close-on-exec for auth-socket, ok deraadt - - [hostfile.c] - in known_hosts key lookup the entry for the bits does not need - to match, all the information is contained in n and e. This - solves the problem with buggy servers announcing the wrong - modulus length. markus and me. - - [serverloop.c] - bugfix: check for space if child has terminated, from: - iedowse@maths.tcd.ie - - [ssh-add.1 ssh-add.c ssh-keygen.1 ssh-keygen.c sshconnect.c] - [fingerprint.c fingerprint.h] - rsa key fingerprints, idea from Bjoern Groenvall - - [ssh-agent.1] typo - - [ssh.1] add OpenSSH information to AUTHOR section. okay markus@ - - [sshd.c] - force logging to stderr while loading private key file - (lost while converting to new log-levels) - -19991116 - - Fix some Linux libc5 problems reported by Miles Wilson - - Merged OpenBSD CVS changes: - - [auth-rh-rsa.c auth-rsa.c authfd.c authfd.h hostfile.c mpaux.c] - [mpaux.h ssh-add.c ssh-agent.c ssh.h ssh.c sshd.c] - the keysize of rsa-parameter 'n' is passed implizit, - a few more checks and warnings about 'pretended' keysizes. - - [cipher.c cipher.h packet.c packet.h sshd.c] - remove support for cipher RC4 - - [ssh.c] - a note for legay systems about secuity issues with permanently_set_uid(), - the private hostkey and ptrace() - - [sshconnect.c] - more detailed messages about adding and checking hostkeys - -19991115 - - Merged OpenBSD CVS changes: - - [ssh-add.c] change passphrase loop logic and remove ref to - $DISPLAY, ok niels - - Changed to ssh-add.c broke askpass support. Revised it to be a little more - modular. - - Revised autoconf support for enabling/disabling askpass support. - - Merged more OpenBSD CVS changes: - [auth-krb4.c] - - disconnect if getpeername() fails - - missing xfree(*client) - [canohost.c] - - disconnect if getpeername() fails - - fix comment: we _do_ disconnect if ip-options are set - [sshd.c] - - disconnect if getpeername() fails - - move checking of remote port to central place - [auth-rhosts.c] move checking of remote port to central place - [log-server.c] avoid extra fd per sshd, from millert@ - [readconf.c] print _all_ bad config-options in ssh(1), too - [readconf.h] print _all_ bad config-options in ssh(1), too - [ssh.c] print _all_ bad config-options in ssh(1), too - [sshconnect.c] disconnect if getpeername() fails - - OpenBSD's changes to sshd.c broke the PAM stuff, re-merged it. - - Various small cleanups to bring diff (against OpenBSD) size down. - - Merged more Solaris compability from Marc G. Fournier - - - Wrote autoconf tests for __progname symbol - - RPM spec file fixes from Jim Knoble - - Released 1.2pre12 - - - Another OpenBSD CVS update: - - [ssh-keygen.1] fix .Xr - -19991114 - - Solaris compilation fixes (still imcomplete) - -19991113 - - Build patch from Niels Kristian Bech Jensen - - Don't install config files if they already exist - - Fix inclusion of additional preprocessor directives from acconfig.h - - Removed redundant inclusions of config.h - - Added 'Obsoletes' lines to RPM spec file - - Merged OpenBSD CVS changes: - - [bufaux.c] save a view malloc/memcpy/memset/free's, ok niels - - [scp.c] fix overflow reported by damien@ibs.com.au: off_t - totalsize, ok niels,aaron - - Delay fork (-f option) in ssh until after port forwarded connections - have been initialised. Patch from Jani Hakala - - Added shadow password patch from Thomas Neumann - - Added ifdefs to auth-passwd.c to exclude it when PAM is enabled - - Tidied default config file some more - - Revised Redhat initscript to fix bug: sshd (re)start would fail - if executed from inside a ssh login. - -19991112 - - Merged changes from OpenBSD CVS - - [sshd.c] session_key_int may be zero - - [auth-rh-rsa.c servconf.c servconf.h ssh.h sshd.8 sshd.c sshd_config] - IgnoreUserKnownHosts(default=no), used for RhostRSAAuth, ok - deraadt,millert - - Brought default sshd_config more in line with OpenBSD's - - Grab server in gnome-ssh-askpass (Debian bug #49872) - - Released 1.2pre10 - - - Added INSTALL documentation - - Merged yet more changes from OpenBSD CVS - - [auth-rh-rsa.c auth-rhosts.c auth-rsa.c channels.c clientloop.c] - [ssh.c ssh.h sshconnect.c sshd.c] - make all access to options via 'extern Options options' - and 'extern ServerOptions options' respectively; - options are no longer passed as arguments: - * make options handling more consistent - * remove #include "readconf.h" from ssh.h - * readconf.h is only included if necessary - - [mpaux.c] clear temp buffer - - [servconf.c] print _all_ bad options found in configfile - - Make ssh-askpass support optional through autoconf - - Fix nasty division-by-zero error in scp.c - - Released 1.2pre11 - -19991111 - - Added (untested) Entropy Gathering Daemon (EGD) support - - Fixed /dev/urandom fd leak (Debian bug #49722) - - Merged OpenBSD CVS changes: - - [auth-rh-rsa.c] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too - - [ssh.1] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too - - [sshd.8] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too - - Fix integer overflow which was messing up scp's progress bar for large - file transfers. Fix submitted to OpenBSD developers. Report and fix - from Kees Cook - - Merged more OpenBSD CVS changes: - - [auth-krb4.c auth-passwd.c] remove x11- and krb-cleanup from fatal() - + krb-cleanup cleanup - - [clientloop.c log-client.c log-server.c ] - [readconf.c readconf.h servconf.c servconf.h ] - [ssh.1 ssh.c ssh.h sshd.8] - add LogLevel {QUIET, FATAL, ERROR, INFO, CHAT, DEBUG} to ssh/sshd, - obsoletes QuietMode and FascistLogging in sshd. - - [sshd.c] fix fatal/assert() bug reported by damien@ibs.com.au: - allow session_key_int != sizeof(session_key) - [this should fix the pre-assert-removal-core-files] - - Updated default config file to use new LogLevel option and to improve - readability - -19991110 - - Merged several minor fixes: - - ssh-agent commandline parsing - - RPM spec file now installs ssh setuid root - - Makefile creates libdir - - Merged beginnings of Solaris compability from Marc G. Fournier - - -19991109 - - Autodetection of SSL/Crypto library location via autoconf - - Fixed location of ssh-askpass to follow autoconf - - Integrated Makefile patch from Niels Kristian Bech Jensen - - Autodetection of RSAref library for US users - - Minor doc updates - - Merged OpenBSD CVS changes: - - [rsa.c] bugfix: use correct size for memset() - - [sshconnect.c] warn if announced size of modulus 'n' != real size - - Added GNOME passphrase requestor (use --with-gnome-askpass) - - RPM build now creates subpackages - - Released 1.2pre9 - -19991108 - - Removed debian/ directory. This is now being maintained separately. - - Added symlinks for slogin in RPM spec file - - Fixed permissions on manpages in RPM spec file - - Added references to required libraries in README file - - Removed config.h.in from CVS - - Removed pwdb support (better pluggable auth is provided by glibc) - - Made PAM and requisite libdl optional - - Removed lots of unnecessary checks from autoconf - - Added support and autoconf test for openpty() function (Unix98 pty support) - - Fix for scp not finding ssh if not installed as /usr/bin/ssh - - Added TODO file - - Merged parts of Debian patch From Phil Hands : - - Added ssh-askpass program - - Added ssh-askpass support to ssh-add.c - - Create symlinks for slogin on install - - Fix "distclean" target in makefile - - Added example for ssh-agent to manpage - - Added support for PAM_TEXT_INFO messages - - Disable internal /etc/nologin support if PAM enabled - - Merged latest OpenBSD CVS changes: - - [all] replace assert() with error, fatal or packet_disconnect - - [sshd.c] don't send fail-msg but disconnect if too many authentication - failures - - [sshd.c] remove unused argument. ok dugsong - - [sshd.c] typo - - [rsa.c] clear buffers used for encryption. ok: niels - - [rsa.c] replace assert() with error, fatal or packet_disconnect - - [auth-krb4.c] remove unused argument. ok dugsong - - Fixed coredump after merge of OpenBSD rsa.c patch - - Released 1.2pre8 - -19991102 - - Merged change from OpenBSD CVS - - One-line cleanup in sshd.c - -19991030 - - Integrated debian package support from Dan Brosemer - - Merged latest updates for OpenBSD CVS: - - channels.[ch] - remove broken x11 fix and document istate/ostate - - ssh-agent.c - call setsid() regardless of argv[] - - ssh.c - save a few lines when disabling rhosts-{rsa-}auth - - Documentation cleanups - - Renamed README -> README.Ylonen - - Renamed README.openssh ->README - -19991029 - - Renamed openssh* back to ssh* at request of Theo de Raadt - - Incorporated latest changes from OpenBSD's CVS - - Integrated Makefile patch from Niels Kristian Bech Jensen - - Integrated PAM env patch from Nalin Dahyabhai - - Make distclean now removed configure script - - Improved PAM logging - - Added some debug() calls for PAM - - Removed redundant subdirectories - - Integrated part of a patch from Dan Brosemer for - building on Debian. - - Fixed off-by-one error in PAM env patch - - Released 1.2pre6 - -19991028 - - Further PAM enhancements. - - Much cleaner - - Now uses account and session modules for all logins. - - Integrated patch from Dan Brosemer - - Build fixes - - Autoconf - - Change binary names to open* - - Fixed autoconf script to detect PAM on RH6.1 - - Added tests for libpwdb, and OpenBSD functions to autoconf - - Released 1.2pre4 - - - Imported latest OpenBSD CVS code - - Updated README.openssh - - Released 1.2pre5 - -19991027 - - Adapted PAM patch. - - Released 1.0pre2 - - - Excised my buggy replacements for strlcpy and mkdtemp - - Imported correct OpenBSD strlcpy and mkdtemp routines. - - Reduced arc4random_stir entropy read to 32 bytes (256 bits) - - Picked up correct version number from OpenBSD - - Added sshd.pam PAM configuration file - - Added sshd.init Redhat init script - - Added openssh.spec RPM spec file - - Released 1.2pre3 - -19991026 - - Fixed include paths of OpenSSL functions - - Use OpenSSL MD5 routines - - Imported RC4 code from nanocrypt - - Wrote replacements for OpenBSD arc4random* functions - - Wrote replacements for strlcpy and mkdtemp - - Released 1.0pre1 + add privsep_preauth() and remove 1 goto; ok provos@ + - rees@cvs.openbsd.org 2002/03/21 21:54:34 + [scard.c scard.h ssh-keygen.c] + Add PIN-protection for secret key. + - rees@cvs.openbsd.org 2002/03/21 22:44:05 + [authfd.c authfd.h ssh-add.c ssh-agent.c ssh.c] + Add PIN-protection for secret key. + - markus@cvs.openbsd.org 2002/03/21 23:07:37 + [clientloop.c] + remove unused, sync w/ cmdline patch in my tree. + +20020317 + - (tim) [configure.ac] Assume path given with --with-pid-dir=PATH is + wanted, warn if directory does not exist. Put system directories in + front of PATH for finding entorpy commands. + - (tim) [contrib/aix/buildbff.sh contrib/aix/inventory.sh] AIX package + build fixes. Patch by Darren Tucker + [contrib/solaris/buildpkg.sh] add missing dirs to SYSTEM_DIR. Have + postinstall check for $piddir and add if necessary. + +20020311 + - (tim) [contrib/solaris/buildpkg.sh, contrib/solaris/README] Updated to + build on all platforms that support SVR4 style package tools. Now runs + from build dir. Parts are based on patches from Antonio Navarro, and + Darren Tucker. + +20020308 + - (djm) Revert bits of Markus' OpenSSL compat patch which was + accidentally committed. + - (djm) Add Markus' patch for compat wih OpenSSL < 0.9.6. + Known issue: Blowfish for SSH1 does not work + - (stevesk) entropy.c: typo in debug message + - (djm) ssh-keygen -i needs seeded RNG; report from markus@ -$Id: ChangeLog,v 1.1913 2002/03/07 02:04:37 djm Exp $ +$Id: ChangeLog,v 1.2134 2002/05/15 21:50:14 mouring Exp $ diff -ru openssh-3.1p1/INSTALL openssh-3.2.2p1/INSTALL --- openssh-3.1p1/INSTALL 2001-12-28 09:57:34.000000000 +1100 +++ openssh-3.2.2p1/INSTALL 2002-05-13 15:22:21.000000000 +1000 @@ -6,9 +6,12 @@ Zlib: http://www.gzip.org/zlib/ -OpenSSL 0.9.5a or greater: +OpenSSL 0.9.6 or greater: http://www.openssl.org/ +(OpenSSL 0.9.5a is partially supported, but some ciphers (SSH protocol 1 +Blowfish included) do not work correctly.) + RPMs of OpenSSL are available at http://violet.ibs.com.au/openssh/files/support. For Red Hat Linux 6.2, they have been released as errata. RHL7 includes these. @@ -17,6 +20,11 @@ supports it. PAM is standard on Redhat and Debian Linux, Solaris and HP-UX 11. +NB. If you operating system supports /dev/random, you should configure +OpenSSL to use it. OpenSSH relies on OpenSSL's direct support of +/dev/random. If you don't you will have to rely on ssh-rand-helper, which +is inferior to a good kernel-based solution. + PAM: http://www.kernel.org/pub/linux/libs/pam/ @@ -108,10 +116,6 @@ need a working installation of GNOME, including the development headers, for this to work. ---with-random=/some/file allows you to specify an alternate source of -random numbers (the default is /dev/urandom). Unless you are absolutely -sure of what you are doing, it is best to leave this alone. - --with-prngd-socket=/some/file allows you to enable EGD or PRNGD support and to specify a PRNGd socket. Use this if your Unix lacks /dev/random and you don't want to use OpenSSH's builtin entropy @@ -178,6 +182,10 @@ --with-4in6 Check for IPv4 in IPv6 mapped addresses and convert them to real (AF_INET) IPv4 addresses. Works around some quirks on Linux. +--with-opensc=DIR +--with-sectok=DIR allows for OpenSC or sectok smartcard libraries to +be used with OpenSSH. See 'README.smartcard' for more details. + If you need to pass special options to the compiler or linker, you can specify these as environment variables before running ./configure. For example: @@ -218,4 +226,4 @@ http://www.openssh.com/ -$Id: INSTALL,v 1.48 2001/12/27 22:57:34 djm Exp $ +$Id: INSTALL,v 1.53 2002/05/13 05:22:21 djm Exp $ diff -ru openssh-3.1p1/LICENCE openssh-3.2.2p1/LICENCE --- openssh-3.1p1/LICENCE 2002-03-06 05:03:10.000000000 +1100 +++ openssh-3.2.2p1/LICENCE 2002-03-23 13:20:08.000000000 +1100 @@ -190,6 +190,7 @@ Aaron Campbell Damien Miller Kevin Steves + Daniel Kouril * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions diff -ru openssh-3.1p1/Makefile.in openssh-3.2.2p1/Makefile.in --- openssh-3.1p1/Makefile.in 2002-02-27 06:24:22.000000000 +1100 +++ openssh-3.2.2p1/Makefile.in 2002-05-13 14:12:05.000000000 +1000 @@ -1,4 +1,9 @@ -# $Id: Makefile.in,v 1.197 2002/02/26 19:24:22 mouring Exp $ +# $Id: Makefile.in,v 1.208 2002/05/13 04:12:05 djm Exp $ + +# uncomment if you run a non bourne compatable shell. Ie. csh +#SHELL = @SH@ + +AUTORECONF=autoreconf prefix=@prefix@ exec_prefix=@exec_prefix@ @@ -18,12 +23,14 @@ SSH_PROGRAM=@bindir@/ssh ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass SFTP_SERVER=$(libexecdir)/sftp-server +PRIVSEP_PATH=@PRIVSEP_PATH@ PATHS= -DSSHDIR=\"$(sysconfdir)\" \ -D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \ -D_PATH_SSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\" \ -D_PATH_SFTP_SERVER=\"$(SFTP_SERVER)\" \ -D_PATH_SSH_PIDDIR=\"$(piddir)\" \ + -D_PATH_PRIVSEP_CHROOT_DIR=\"$(PRIVSEP_PATH)\" \ -DSSH_RAND_HELPER=\"$(libexecdir)/ssh-rand-helper\" CC=@CC@ @@ -50,20 +57,21 @@ TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-agent$(EXEEXT) scp$(EXEEXT) ssh-rand-helper${EXEEXT} $(SFTP_PROGS) -LIBSSH_OBJS=atomicio.o authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o cipher.o compat.o compress.o crc32.o deattack.o dh.o dispatch.o fatal.o mac.o hostfile.o key.o kex.o kexdh.o kexgex.o log.o match.o misc.o mpaux.o nchan.o packet.o radix.o rijndael.o entropy.o readpass.o rsa.o scard.o ssh-dss.o ssh-rsa.o tildexpand.o ttymodes.o uidswap.o uuencode.o xmalloc.o +LIBSSH_OBJS=atomicio.o authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o cipher.o compat.o compress.o crc32.o deattack.o dh.o dispatch.o fatal.o mac.o hostfile.o key.o kex.o kexdh.o kexgex.o log.o match.o misc.o mpaux.o nchan.o packet.o radix.o rijndael.o entropy.o readpass.o rsa.o scard.o scard-opensc.o ssh-dss.o ssh-rsa.o tildexpand.o ttymodes.o uidswap.o uuencode.o xmalloc.o monitor_wrap.o monitor_fdpass.o SSHOBJS= ssh.o sshconnect.o sshconnect1.o sshconnect2.o sshtty.o readconf.o clientloop.o -SSHDOBJS= sshd.o auth.o auth1.o auth2.o auth-chall.o auth2-chall.o auth-rhosts.o auth-options.o auth-krb4.o auth-pam.o auth2-pam.o auth-passwd.o auth-rsa.o auth-rh-rsa.o auth-sia.o sshpty.o sshlogin.o loginrec.o servconf.o serverloop.o md5crypt.o session.o groupaccess.o auth-skey.o auth-bsdauth.o +SSHDOBJS= sshd.o auth.o auth1.o auth2.o auth-chall.o auth2-chall.o auth-rhosts.o auth-options.o auth-krb4.o auth-krb5.o auth-pam.o auth2-pam.o auth-passwd.o auth-rsa.o auth-rh-rsa.o auth-sia.o sshpty.o sshlogin.o loginrec.o servconf.o serverloop.o md5crypt.o session.o groupaccess.o auth-skey.o auth-bsdauth.o monitor_mm.o monitor.o -MANPAGES = scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out -MANPAGES_IN = scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 +MANPAGES = scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-rand-helper.8.out +MANPAGES_IN = scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-rand-helper.8 MANTYPE = @MANTYPE@ CONFIGFILES=sshd_config.out ssh_config.out moduli.out CONFIGFILES_IN=sshd_config ssh_config moduli PATHSUBS = \ + -D/etc/ssh/ssh_prng_cmds=$(sysconfdir)/ssh_prng_cmds \ -D/etc/ssh/ssh_config=$(sysconfdir)/ssh_config \ -D/etc/ssh/ssh_known_hosts=$(sysconfdir)/ssh_known_hosts \ -D/etc/ssh/sshd_config=$(sysconfdir)/sshd_config \ @@ -76,6 +84,7 @@ -D/etc/ssh/moduli=$(sysconfdir)/moduli \ -D/etc/ssh/sshrc=$(sysconfdir)/sshrc \ -D/usr/X11R6/bin/xauth=$(XAUTH_PATH) \ + -D/var/empty=$(PRIVSEP_PATH) \ -D/usr/bin:/bin:/usr/sbin:/sbin=@user_path@ FIXPATHSCMD = $(PERL) $(srcdir)/fixpaths $(PATHSUBS) @@ -180,7 +189,7 @@ done distprep: catman-do - autoreconf + $(AUTORECONF) (cd scard && $(MAKE) -f Makefile.in distprep) install: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files host-key @@ -216,6 +225,9 @@ $(INSTALL) -m 644 ssh-keygen.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1 $(INSTALL) -m 644 ssh-keyscan.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1 $(INSTALL) -m 644 sshd.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8 + if [ ! -z "$(INSTALL_SSH_PRNG_CMDS)" ]; then \ + $(INSTALL) -m 644 ssh-rand-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-rand-helper.8 ; \ + fi @NO_SFTP@$(INSTALL) -m 644 sftp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1 @NO_SFTP@$(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8 -rm -f $(DESTDIR)$(bindir)/slogin @@ -309,5 +321,6 @@ -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8 + -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-rand-helper.8 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 Only in openssh-3.2.2p1: README.privsep diff -ru openssh-3.1p1/README.smartcard openssh-3.2.2p1/README.smartcard --- openssh-3.1p1/README.smartcard 2001-09-25 10:21:28.000000000 +1000 +++ openssh-3.2.2p1/README.smartcard 2002-04-23 22:48:46.000000000 +1000 @@ -1,25 +1,22 @@ How to use smartcards with OpenSSH? -OpenSSH contains experimental support for authentication using -Cyberflex smartcards and TODOS card readers. +OpenSSH contains experimental support for authentication using Cyberflex +smartcards and TODOS card readers, in addition to the cards with PKCS#15 +structure supported by OpenSC. -WARNING: Smartcard support is still in development. Keyfile formats, etc -are still subject to change. +WARNING: Smartcard support is still in development. +Keyfile formats, etc are still subject to change. -To enable this you need to: +To enable sectok support: -(1) install sectok +(1) install sectok: - Sources are instructions are available from + Sources and instructions are available from http://www.citi.umich.edu/projects/smartcard/sectok.html -(2) enable SMARTCARD support in OpenSSH: +(2) enable sectok support in OpenSSH: - $ ./configure --with-smartcard [options] - - You can also specify a path to libsectok: - - $ ./configure --with-smartcard=/path/to/libsectok [options] + $ ./configure --with-sectok[=/path/to/libsectok] [options] (3) load the Java Cardlet to the Cyberflex card: @@ -30,12 +27,11 @@ (4) load a RSA key to the card: - please don't use your production RSA keys, since + Please don't use your production RSA keys, since with the current version of sectok/ssh-keygen - the private key file is still readable + the private key file is still readable. - $ ssh-keygen -f /path/to/rsakey -U 1 - (where 1 is the reader number, you can also try 0) + $ ssh-keygen -f /path/to/rsakey -U In spite of the name, this does not generate a key. It just loads an already existing key on to the card. @@ -60,13 +56,30 @@ wrong passphrase three times in a row, you will destroy your card. -(6) tell the ssh client to use the card reader: +To enable OpenSC support: + +(1) install OpenSC: + + Sources and instructions are available from + http://www.opensc.org/ + +(2) enable OpenSC support in OpenSSH: + + $ ./configure --with-opensc[=/path/to/opensc] [options] + +(3) load a RSA key to the card: + + Not supported yet. + +Common smartcard options: + +(1) tell the ssh client to use the card reader: - $ ssh -I 1 otherhost + $ ssh -I otherhost -(7) or tell the agent (don't forget to restart) to use the smartcard: +(2) or tell the agent (don't forget to restart) to use the smartcard: - $ ssh-add -s 1 + $ ssh-add -s -markus, -Tue Jul 17 23:54:51 CEST 2001 +Sat Apr 13 13:48:10 EEST 2002 diff -ru openssh-3.1p1/WARNING.RNG openssh-3.2.2p1/WARNING.RNG --- openssh-3.1p1/WARNING.RNG 2001-02-09 12:55:36.000000000 +1100 +++ openssh-3.2.2p1/WARNING.RNG 2002-04-14 23:16:05.000000000 +1000 @@ -28,8 +28,12 @@ The portable OpenSSH contains random number collection support for systems which lack a kernel entropy pool (/dev/random). -This collector operates by executing the programs listed in -($etcdir)/ssh_prng_cmds, reading their output and adding it to the +This collector (as of 3.1 and beyond) comes as an external application +that allows the local admin to decide on how to implement entropy +collection. + +The default entropy collector operates by executing the programs listed +in ($etcdir)/ssh_prng_cmds, reading their output and adding it to the PRNG supplied by OpenSSL (which is hash-based). It also stirs in the output of several system calls and timings from the execution of the programs that it runs. @@ -43,7 +47,7 @@ number generator at startup. The goal here is to maintain as much randomness between sessions as possible. -The entropy collection code has two main problems: +The default entropy collection code has two main problems: 1. It is slow. @@ -51,14 +55,13 @@ especially on slower machines. Additionally some program can take a disproportionate time to execute. -This can be tuned by the administrator. To debug the entropy -collection is great detail, turn on full debugging ("ssh -v -v -v" or -"sshd -d -d -d"). This will list each program as it is executed, how -long it took to execute, its exit status and whether and how much data -it generated. You can the find the culprit programs which are causing -the real slow-downs. +Tuning the default entropy collection code is difficult at this point. +It requires doing 'times ./ssh-rand-helper' and modifying the +($etcdir)/ssh_prng_cmds until you have found the issue. In the next +release we will be looking at support '-v' for verbose output to allow +easier debugging. -The entropy collector will timeout programs which take too long +The default entropy collector will timeout programs which take too long to execute, the actual timeout used can be adjusted with the --with-entropy-timeout configure option. OpenSSH will not try to re-execute programs which have not been found, have had a non-zero @@ -79,5 +82,15 @@ To make matters even more complex, some of the commands are reporting largely the same data as other commands (eg. the various "ps" calls). -$Id: WARNING.RNG,v 1.4 2001/02/09 01:55:36 djm Exp $ +How to avoid the default entropy code? + +The best way is to read the OpenSSL documentation and recompile OpenSSL +to use prngd or egd. Some platforms (like earily solaris) have 3rd +party /dev/random devices that can be also used for this task. + +If you are forced to use ssh-rand-helper consider still downloading +prngd/egd and configure OpenSSH using --with-prngd-port=xx or +--with-prngd-socket=xx (refer to INSTALL for more information). + +$Id: WARNING.RNG,v 1.5 2002/04/14 13:16:05 djm Exp $ diff -ru openssh-3.1p1/acconfig.h openssh-3.2.2p1/acconfig.h --- openssh-3.1p1/acconfig.h 2002-02-27 03:40:49.000000000 +1100 +++ openssh-3.2.2p1/acconfig.h 2002-05-13 13:15:43.000000000 +1000 @@ -1,4 +1,4 @@ -/* $Id: acconfig.h,v 1.122 2002/02/26 16:40:49 tim Exp $ */ +/* $Id: acconfig.h,v 1.137 2002/05/13 03:15:43 djm Exp $ */ #ifndef _CONFIG_H #define _CONFIG_H @@ -14,10 +14,9 @@ /* SCO workaround */ #undef BROKEN_SYS_TERMIO_H -#undef HAVE_BOGUS_SYS_QUEUE_H -/* Define if you have SCO protected password database */ -#undef HAVE_SCO_PROTECTED_PW +/* Define if you have SecureWare-based protected password database */ +#undef HAVE_SECUREWARE /* If your header files don't define LOGIN_PROGRAM, then use this (detected) */ /* from environment and PATH */ @@ -32,6 +31,12 @@ /* Define if your password has a pw_change field */ #undef HAVE_PW_CHANGE_IN_PASSWD +/* Define if your system uses access rights style file descriptor passing */ +#undef HAVE_ACCRIGHTS_IN_MSGHDR + +/* Define if your system uses ancillary data style file descriptor passing */ +#undef HAVE_CONTROL_IN_MSGHDR + /* Define if you system's inet_ntoa is busted (e.g. Irix gcc issue) */ #undef BROKEN_INET_NTOA @@ -95,6 +100,9 @@ /* Builtin PRNG command timeout */ #undef ENTROPY_TIMEOUT_MSEC +/* non-privileged user for privilege separation */ +#undef SSH_PRIVSEP_USER + /* Define if you want to install preformatted manpages.*/ #undef MANTYPE @@ -157,6 +165,9 @@ /* Some versions of /bin/login need the TERM supplied on the commandline */ #undef LOGIN_NEEDS_TERM +/* Define if your login program cannot handle end of options ("--") */ +#undef LOGIN_NO_ENDOPT + /* Define if you want to specify the path to your lastlog file */ #undef CONF_LASTLOG_FILE @@ -178,6 +189,18 @@ /* Define if libc defines __progname */ #undef HAVE___PROGNAME +/* Define if compiler implements __FUNCTION__ */ +#undef HAVE___FUNCTION__ + +/* Define if compiler implements __func__ */ +#undef HAVE___func__ + +/* Define if you want Kerberos 5 support */ +#undef KRB5 + +/* Define this if you are using the Heimdal version of Kerberos V5 */ +#undef HEIMDAL + /* Define if you want Kerberos 4 support */ #undef KRB4 @@ -220,9 +243,6 @@ /* Define if you have getpwanam(3) [SunOS 4.x] */ #undef HAVE_GETPWANAM -/* Defined if in_systm.h needs to be included with netinet/ip.h (HPUX - ) */ -#undef NEED_IN_SYSTM_H - /* Define if you have an old version of PAM which takes only one argument */ /* to pam_strerror */ #undef HAVE_OLD_PAM @@ -275,9 +295,6 @@ /* Use IPv4 for connection by default, IPv6 can still if explicity asked */ #undef IPV4_DEFAULT -/* If you have no atexit() but xatexit(), and want to use xatexit() */ -#undef HAVE_XATEXIT - /* getaddrinfo is broken (if present) */ #undef BROKEN_GETADDRINFO @@ -320,13 +337,26 @@ /* Define if you want smartcard support */ #undef SMARTCARD +/* Define if you want smartcard support using sectok */ +#undef USE_SECTOK + +/* Define if you want smartcard support using OpenSC */ +#undef USE_OPENSC + /* Define if you want to use OpenSSL's internally seeded PRNG only */ #undef OPENSSL_PRNG_ONLY +/* Define if you shouldn't strip 'tty' from your ttyname in [uw]tmp */ +#undef WITH_ABBREV_NO_TTY + +/* Define if you want a different $PATH for the superuser */ +#undef SUPERUSER_PATH + +/* Path that unprivileged child will chroot() to in privep mode */ +#undef PRIVSEP_PATH + @BOTTOM@ /* ******************* Shouldn't need to edit below this line ************** */ -#include "defines.h" - #endif /* _CONFIG_H */ diff -ru openssh-3.1p1/auth-bsdauth.c openssh-3.2.2p1/auth-bsdauth.c --- openssh-3.1p1/auth-bsdauth.c 2001-12-21 14:45:47.000000000 +1100 +++ openssh-3.2.2p1/auth-bsdauth.c 2002-03-22 13:30:43.000000000 +1100 @@ -22,12 +22,13 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: auth-bsdauth.c,v 1.2 2001/12/19 07:18:56 deraadt Exp $"); +RCSID("$OpenBSD: auth-bsdauth.c,v 1.3 2002/03/18 17:50:31 provos Exp $"); #ifdef BSD_AUTH #include "xmalloc.h" #include "auth.h" #include "log.h" +#include "monitor_wrap.h" static void * bsdauth_init_ctx(Authctxt *authctxt) @@ -35,7 +36,7 @@ return authctxt; } -static int +int bsdauth_query(void *ctx, char **name, char **infotxt, u_int *numprompts, char ***prompts, u_int **echo_on) { @@ -76,7 +77,7 @@ return 0; } -static int +int bsdauth_respond(void *ctx, u_int numresponses, char **responses) { Authctxt *authctxt = ctx; @@ -113,4 +114,12 @@ bsdauth_respond, bsdauth_free_ctx }; + +KbdintDevice mm_bsdauth_device = { + "bsdauth", + bsdauth_init_ctx, + mm_bsdauth_query, + mm_bsdauth_respond, + bsdauth_free_ctx +}; #endif diff -ru openssh-3.1p1/auth-krb4.c openssh-3.2.2p1/auth-krb4.c --- openssh-3.1p1/auth-krb4.c 2001-12-21 14:45:47.000000000 +1100 +++ openssh-3.2.2p1/auth-krb4.c 2002-03-22 12:30:41.000000000 +1100 @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-krb4.c,v 1.25 2001/12/19 07:18:56 deraadt Exp $"); +RCSID("$OpenBSD: auth-krb4.c,v 1.26 2002/03/18 01:30:10 dugsong Exp $"); #include "ssh.h" #include "ssh1.h" @@ -253,6 +253,7 @@ log("Kerberos v4 .klogin authorization failed for %s to " "account %s", *client, authctxt->user); xfree(*client); + *client = NULL; return (0); } /* Increment the checksum, and return it encrypted with the diff -ru openssh-3.1p1/auth-krb5.c openssh-3.2.2p1/auth-krb5.c --- openssh-3.1p1/auth-krb5.c 2002-03-05 12:53:04.000000000 +1100 +++ openssh-3.2.2p1/auth-krb5.c 2002-04-13 11:04:41.000000000 +1000 @@ -1,11 +1,34 @@ /* * Kerberos v5 authentication and ticket-passing routines. - * + * * $FreeBSD: src/crypto/openssh/auth-krb5.c,v 1.6 2001/02/13 16:58:04 assar Exp $ */ +/* + * Copyright (c) 2002 Daniel Kouril. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ #include "includes.h" -RCSID("$OpenBSD: auth-krb5.c,v 1.6 2002/03/04 17:27:39 stevesk Exp $"); +RCSID("$OpenBSD: auth-krb5.c,v 1.8 2002/03/19 10:49:35 markus Exp $"); #include "ssh.h" #include "ssh1.h" @@ -18,6 +41,9 @@ #ifdef KRB5 #include +#ifndef HEIMDAL +#define krb5_get_err_text(context,code) error_message(code) +#endif /* !HEIMDAL */ extern ServerOptions options; @@ -70,8 +96,15 @@ goto err; fd = packet_get_connection_in(); +#ifdef HEIMDAL problem = krb5_auth_con_setaddrs_from_fd(authctxt->krb5_ctx, authctxt->krb5_auth_ctx, &fd); +#else + problem = krb5_auth_con_genaddrs(authctxt->krb5_ctx, + authctxt->krb5_auth_ctx,fd, + KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR | + KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR); +#endif if (problem) goto err; @@ -85,8 +118,14 @@ if (problem) goto err; +#ifdef HEIMDAL problem = krb5_copy_principal(authctxt->krb5_ctx, ticket->client, &authctxt->krb5_user); +#else + problem = krb5_copy_principal(authctxt->krb5_ctx, + ticket->enc_part2->client, + &authctxt->krb5_user); +#endif if (problem) goto err; @@ -137,13 +176,37 @@ krb5_error_code problem; krb5_ccache ccache = NULL; char *pname; + krb5_creds **creds; if (authctxt->pw == NULL || authctxt->krb5_user == NULL) return (0); temporarily_use_uid(authctxt->pw); +#ifdef HEIMDAL problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_fcc_ops, &ccache); +#else +{ + char ccname[40]; + int tmpfd; + + snprintf(ccname,sizeof(ccname),"FILE:/tmp/krb5cc_%d_XXXXXX",geteuid()); + + if ((tmpfd = mkstemp(ccname+strlen("FILE:")))==-1) { + log("mkstemp(): %.100s", strerror(errno)); + problem = errno; + goto fail; + } + if (fchmod(tmpfd,S_IRUSR | S_IWUSR) == -1) { + log("fchmod(): %.100s", strerror(errno)); + close(tmpfd); + problem = errno; + goto fail; + } + close(tmpfd); + problem = krb5_cc_resolve(authctxt->krb5_ctx, ccname, &ccache); +} +#endif if (problem) goto fail; @@ -152,10 +215,20 @@ if (problem) goto fail; +#ifdef HEIMDAL problem = krb5_rd_cred2(authctxt->krb5_ctx, authctxt->krb5_auth_ctx, ccache, tgt); if (problem) goto fail; +#else + problem = krb5_rd_cred(authctxt->krb5_ctx, authctxt->krb5_auth_ctx, + tgt, &creds, NULL); + if (problem) + goto fail; + problem = krb5_cc_store_cred(authctxt->krb5_ctx, ccache, *creds); + if (problem) + goto fail; +#endif authctxt->krb5_fwd_ccache = ccache; ccache = NULL; @@ -188,6 +261,12 @@ int auth_krb5_password(Authctxt *authctxt, const char *password) { +#ifndef HEIMDAL + krb5_creds creds; + krb5_principal server; + char ccname[40]; + int tmpfd; +#endif krb5_error_code problem; if (authctxt->pw == NULL) @@ -204,6 +283,7 @@ if (problem) goto out; +#ifdef HEIMDAL problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_mcc_ops, &authctxt->krb5_fwd_ccache); if (problem) @@ -222,13 +302,69 @@ if (problem) goto out; +#else + problem = krb5_get_init_creds_password(authctxt->krb5_ctx, &creds, + authctxt->krb5_user, (char *)password, NULL, NULL, 0, NULL, NULL); + if (problem) + goto out; + + problem = krb5_sname_to_principal(authctxt->krb5_ctx, NULL, NULL, + KRB5_NT_SRV_HST, &server); + if (problem) + goto out; + + restore_uid(); + problem = krb5_verify_init_creds(authctxt->krb5_ctx, &creds, server, + NULL, NULL, NULL); + krb5_free_principal(authctxt->krb5_ctx, server); + temporarily_use_uid(authctxt->pw); + if (problem) + goto out; + + if (!krb5_kuserok(authctxt->krb5_ctx, authctxt->krb5_user, + authctxt->pw->pw_name)) { + problem = -1; + goto out; + } + + snprintf(ccname,sizeof(ccname),"FILE:/tmp/krb5cc_%d_XXXXXX",geteuid()); + + if ((tmpfd = mkstemp(ccname+strlen("FILE:")))==-1) { + log("mkstemp(): %.100s", strerror(errno)); + problem = errno; + goto out; + } + + if (fchmod(tmpfd,S_IRUSR | S_IWUSR) == -1) { + log("fchmod(): %.100s", strerror(errno)); + close(tmpfd); + problem = errno; + goto out; + } + close(tmpfd); + + problem = krb5_cc_resolve(authctxt->krb5_ctx, ccname, &authctxt->krb5_fwd_ccache); + if (problem) + goto out; + + problem = krb5_cc_initialize(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache, + authctxt->krb5_user); + if (problem) + goto out; + + problem= krb5_cc_store_cred(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache, + &creds); + if (problem) + goto out; +#endif + authctxt->krb5_ticket_file = (char *)krb5_cc_get_name(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache); out: restore_uid(); if (problem) { - if (authctxt->krb5_ctx != NULL) + if (authctxt->krb5_ctx != NULL && problem!=-1) debug("Kerberos password authentication failed: %s", krb5_get_err_text(authctxt->krb5_ctx, problem)); else diff -ru openssh-3.1p1/auth-options.c openssh-3.2.2p1/auth-options.c --- openssh-3.1p1/auth-options.c 2002-02-05 12:13:41.000000000 +1100 +++ openssh-3.2.2p1/auth-options.c 2002-05-16 02:16:14.000000000 +1000 @@ -10,7 +10,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-options.c,v 1.21 2002/01/29 14:32:03 markus Exp $"); +RCSID("$OpenBSD: auth-options.c,v 1.24 2002/05/13 20:44:58 markus Exp $"); #include "packet.h" #include "xmalloc.h" @@ -20,7 +20,10 @@ #include "channels.h" #include "auth-options.h" #include "servconf.h" +#include "bufaux.h" #include "misc.h" +#include "monitor_wrap.h" +#include "auth.h" /* Flags set authorized_keys flags */ int no_port_forwarding_flag = 0; @@ -54,6 +57,7 @@ forced_command = NULL; } channel_clear_permitted_opens(); + auth_debug_reset(); } /* @@ -75,28 +79,28 @@ while (*opts && *opts != ' ' && *opts != '\t') { cp = "no-port-forwarding"; if (strncasecmp(opts, cp, strlen(cp)) == 0) { - packet_send_debug("Port forwarding disabled."); + auth_debug_add("Port forwarding disabled."); no_port_forwarding_flag = 1; opts += strlen(cp); goto next_option; } cp = "no-agent-forwarding"; if (strncasecmp(opts, cp, strlen(cp)) == 0) { - packet_send_debug("Agent forwarding disabled."); + auth_debug_add("Agent forwarding disabled."); no_agent_forwarding_flag = 1; opts += strlen(cp); goto next_option; } cp = "no-X11-forwarding"; if (strncasecmp(opts, cp, strlen(cp)) == 0) { - packet_send_debug("X11 forwarding disabled."); + auth_debug_add("X11 forwarding disabled."); no_x11_forwarding_flag = 1; opts += strlen(cp); goto next_option; } cp = "no-pty"; if (strncasecmp(opts, cp, strlen(cp)) == 0) { - packet_send_debug("Pty allocation disabled."); + auth_debug_add("Pty allocation disabled."); no_pty_flag = 1; opts += strlen(cp); goto next_option; @@ -119,14 +123,14 @@ if (!*opts) { debug("%.100s, line %lu: missing end quote", file, linenum); - packet_send_debug("%.100s, line %lu: missing end quote", + auth_debug_add("%.100s, line %lu: missing end quote", file, linenum); xfree(forced_command); forced_command = NULL; goto bad_option; } forced_command[i] = 0; - packet_send_debug("Forced command: %.900s", forced_command); + auth_debug_add("Forced command: %.900s", forced_command); opts++; goto next_option; } @@ -151,13 +155,13 @@ if (!*opts) { debug("%.100s, line %lu: missing end quote", file, linenum); - packet_send_debug("%.100s, line %lu: missing end quote", + auth_debug_add("%.100s, line %lu: missing end quote", file, linenum); xfree(s); goto bad_option; } s[i] = 0; - packet_send_debug("Adding to environment: %.900s", s); + auth_debug_add("Adding to environment: %.900s", s); debug("Adding to environment: %.900s", s); opts++; new_envstring = xmalloc(sizeof(struct envstring)); @@ -188,7 +192,7 @@ if (!*opts) { debug("%.100s, line %lu: missing end quote", file, linenum); - packet_send_debug("%.100s, line %lu: missing end quote", + auth_debug_add("%.100s, line %lu: missing end quote", file, linenum); xfree(patterns); goto bad_option; @@ -202,7 +206,7 @@ "correct key but not from a permitted " "host (host=%.200s, ip=%.200s).", pw->pw_name, remote_host, remote_ip); - packet_send_debug("Your host '%.200s' is not " + auth_debug_add("Your host '%.200s' is not " "permitted to use this key for login.", remote_host); /* deny access */ @@ -233,7 +237,7 @@ if (!*opts) { debug("%.100s, line %lu: missing end quote", file, linenum); - packet_send_debug("%.100s, line %lu: missing end quote", + auth_debug_add("%.100s, line %lu: missing end quote", file, linenum); xfree(patterns); goto bad_option; @@ -244,7 +248,7 @@ sscanf(patterns, "%255[^/]/%5[0-9]", host, sport) != 2) { debug("%.100s, line %lu: Bad permitopen specification " "<%.100s>", file, linenum, patterns); - packet_send_debug("%.100s, line %lu: " + auth_debug_add("%.100s, line %lu: " "Bad permitopen specification", file, linenum); xfree(patterns); goto bad_option; @@ -252,7 +256,7 @@ if ((port = a2port(sport)) == 0) { debug("%.100s, line %lu: Bad permitopen port <%.100s>", file, linenum, sport); - packet_send_debug("%.100s, line %lu: " + auth_debug_add("%.100s, line %lu: " "Bad permitopen port", file, linenum); xfree(patterns); goto bad_option; @@ -276,14 +280,22 @@ opts++; /* Process the next option. */ } + + if (!use_privsep) + auth_debug_send(); + /* grant access */ return 1; bad_option: log("Bad options in %.100s file, line %lu: %.50s", file, linenum, opts); - packet_send_debug("Bad options in %.100s file, line %lu: %.50s", + auth_debug_add("Bad options in %.100s file, line %lu: %.50s", file, linenum, opts); + + if (!use_privsep) + auth_debug_send(); + /* deny access */ return 0; } diff -ru openssh-3.1p1/auth-pam.c openssh-3.2.2p1/auth-pam.c --- openssh-3.1p1/auth-pam.c 2002-02-05 12:40:47.000000000 +1100 +++ openssh-3.2.2p1/auth-pam.c 2002-05-08 12:27:56.000000000 +1000 @@ -28,6 +28,7 @@ #include "ssh.h" #include "xmalloc.h" #include "log.h" +#include "auth.h" #include "auth-pam.h" #include "servconf.h" #include "canohost.h" @@ -35,7 +36,7 @@ extern char *__progname; -RCSID("$Id: auth-pam.c,v 1.42 2002/02/05 01:40:47 djm Exp $"); +RCSID("$Id: auth-pam.c,v 1.46 2002/05/08 02:27:56 djm Exp $"); #define NEW_AUTHTOK_MSG \ "Warning: Your password has expired, please change it now" @@ -199,10 +200,11 @@ } /* Attempt password authentation using PAM */ -int auth_pam_password(struct passwd *pw, const char *password) +int auth_pam_password(Authctxt *authctxt, const char *password) { extern ServerOptions options; int pam_retval; + struct passwd *pw = authctxt->pw; do_pam_set_conv(&conv); @@ -247,15 +249,18 @@ } pam_retval = pam_acct_mgmt(__pamh, 0); + debug2("pam_acct_mgmt() = %d", pam_retval); switch (pam_retval) { case PAM_SUCCESS: /* This is what we want */ break; +#if 0 case PAM_NEW_AUTHTOK_REQD: message_cat(&__pam_msg, NEW_AUTHTOK_MSG); /* flag that password change is necessary */ password_change_required = 1; break; +#endif default: log("PAM rejected by account configuration[%d]: " "%.200s", pam_retval, PAM_STRERROR(__pamh, @@ -294,6 +299,9 @@ { int pam_retval; + if (__pamh == NULL) + return; + do_pam_set_conv(&conv); debug("PAM establishing creds"); diff -ru openssh-3.1p1/auth-pam.h openssh-3.2.2p1/auth-pam.h --- openssh-3.1p1/auth-pam.h 2001-03-27 16:12:24.000000000 +1000 +++ openssh-3.2.2p1/auth-pam.h 2002-04-05 05:02:28.000000000 +1000 @@ -1,4 +1,4 @@ -/* $Id: auth-pam.h,v 1.11 2001/03/27 06:12:24 djm Exp $ */ +/* $Id: auth-pam.h,v 1.12 2002/04/04 19:02:28 stevesk Exp $ */ #include "includes.h" #ifdef USE_PAM @@ -7,7 +7,7 @@ void start_pam(const char *user); void finish_pam(void); -int auth_pam_password(struct passwd *pw, const char *password); +int auth_pam_password(Authctxt *authctxt, const char *password); char **fetch_pam_environment(void); int do_pam_authenticate(int flags); int do_pam_account(char *username, char *remote_user); diff -ru openssh-3.1p1/auth-passwd.c openssh-3.2.2p1/auth-passwd.c --- openssh-3.1p1/auth-passwd.c 2002-03-05 12:45:57.000000000 +1100 +++ openssh-3.2.2p1/auth-passwd.c 2002-05-16 01:59:17.000000000 +1000 @@ -36,49 +36,49 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-passwd.c,v 1.24 2002/03/04 12:43:06 markus Exp $"); - -#if !defined(USE_PAM) && !defined(HAVE_OSF_SIA) +RCSID("$OpenBSD: auth-passwd.c,v 1.26 2002/05/10 02:30:12 mouring Exp $"); #include "packet.h" #include "log.h" #include "servconf.h" #include "auth.h" -#ifdef HAVE_CRYPT_H -# include -#endif -#ifdef WITH_AIXAUTHENTICATE -# include -#endif -#ifdef __hpux -# include -# include -#endif -#ifdef HAVE_SCO_PROTECTED_PW -# include -# include -# include -#endif /* HAVE_SCO_PROTECTED_PW */ -#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) -# include -#endif -#if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) -# include -# include -# include -#endif -#if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) -# include "md5crypt.h" -#endif /* defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) */ - -#ifdef HAVE_CYGWIN -#undef ERROR -#include -#include -#define is_winnt (GetVersion() < 0x80000000) -#endif - +#if !defined(USE_PAM) && !defined(HAVE_OSF_SIA) +/* Don't need any of these headers for the PAM or SIA cases */ +# ifdef HAVE_CRYPT_H +# include +# endif +# ifdef WITH_AIXAUTHENTICATE +# include +# endif +# ifdef __hpux +# include +# include +# endif +# ifdef HAVE_SECUREWARE +# include +# include +# include +# endif /* HAVE_SECUREWARE */ +# if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) +# include +# endif +# if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) +# include +# include +# include +# endif +# if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) +# include "md5crypt.h" +# endif /* defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) */ + +# ifdef HAVE_CYGWIN +# undef ERROR +# include +# include +# define is_winnt (GetVersion() < 0x80000000) +# endif +#endif /* !USE_PAM && !HAVE_OSF_SIA */ extern ServerOptions options; @@ -89,16 +89,22 @@ int auth_password(Authctxt *authctxt, const char *password) { +#if defined(USE_PAM) + if (*password == '\0' && options.permit_empty_passwd == 0) + return 0; + return auth_pam_password(authctxt, password); +#elif defined(HAVE_OSF_SIA) + if (*password == '\0' && options.permit_empty_passwd == 0) + return 0; + return auth_sia_password(authctxt, password); +#else struct passwd * pw = authctxt->pw; char *encrypted_password; char *pw_password; char *salt; -#ifdef __hpux +#if defined(__hpux) || defined(HAVE_SECUREWARE) struct pr_passwd *spw; -#endif -#ifdef HAVE_SCO_PROTECTED_PW - struct pr_passwd *spw; -#endif /* HAVE_SCO_PROTECTED_PW */ +#endif /* __hpux || HAVE_SECUREWARE */ #if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) struct spwd *spw; #endif @@ -174,21 +180,20 @@ pw_password = spw->sp_pwdp; #endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */ -#ifdef HAVE_SCO_PROTECTED_PW - spw = getprpwnam(pw->pw_name); - if (spw != NULL) - pw_password = spw->ufld.fd_encrypt; -#endif /* HAVE_SCO_PROTECTED_PW */ - #if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) if (issecure() && (spw = getpwanam(pw->pw_name)) != NULL) pw_password = spw->pwa_passwd; #endif /* defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) */ -#if defined(__hpux) +#ifdef HAVE_SECUREWARE + if ((spw = getprpwnam(pw->pw_name)) != NULL) + pw_password = spw->ufld.fd_encrypt; +#endif /* HAVE_SECUREWARE */ + +#if defined(__hpux) && !defined(HAVE_SECUREWARE) if (iscomsec() && (spw = getprpwnam(pw->pw_name)) != NULL) pw_password = spw->ufld.fd_encrypt; -#endif /* defined(__hpux) */ +#endif /* defined(__hpux) && !defined(HAVE_SECUREWARE) */ /* Check for users with no password. */ if ((password[0] == '\0') && (pw_password[0] == '\0')) @@ -205,21 +210,21 @@ else encrypted_password = crypt(password, salt); #else /* HAVE_MD5_PASSWORDS */ -# ifdef __hpux +# if defined(__hpux) && !defined(HAVE_SECUREWARE) if (iscomsec()) encrypted_password = bigcrypt(password, salt); else encrypted_password = crypt(password, salt); # else -# ifdef HAVE_SCO_PROTECTED_PW +# ifdef HAVE_SECUREWARE encrypted_password = bigcrypt(password, salt); # else encrypted_password = crypt(password, salt); -# endif /* HAVE_SCO_PROTECTED_PW */ -# endif /* __hpux */ +# endif /* HAVE_SECUREWARE */ +# endif /* __hpux && !defined(HAVE_SECUREWARE) */ #endif /* HAVE_MD5_PASSWORDS */ /* Authentication is accepted if the encrypted passwords are identical. */ return (strcmp(encrypted_password, pw_password) == 0); -} #endif /* !USE_PAM && !HAVE_OSF_SIA */ +} diff -ru openssh-3.1p1/auth-rh-rsa.c openssh-3.2.2p1/auth-rh-rsa.c --- openssh-3.1p1/auth-rh-rsa.c 2002-03-05 12:45:57.000000000 +1100 +++ openssh-3.2.2p1/auth-rh-rsa.c 2002-03-26 14:08:48.000000000 +1100 @@ -13,7 +13,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-rh-rsa.c,v 1.29 2002/03/04 12:43:06 markus Exp $"); +RCSID("$OpenBSD: auth-rh-rsa.c,v 1.34 2002/03/25 09:25:06 markus Exp $"); #include "packet.h" #include "uidswap.h" @@ -25,37 +25,48 @@ #include "auth.h" #include "canohost.h" -/* - * Tries to authenticate the user using the .rhosts file and the host using - * its host key. Returns true if authentication succeeds. - */ +#include "monitor_wrap.h" + +/* import */ +extern ServerOptions options; int -auth_rhosts_rsa(struct passwd *pw, const char *client_user, Key *client_host_key) +auth_rhosts_rsa_key_allowed(struct passwd *pw, char *cuser, char *chost, + Key *client_host_key) { - extern ServerOptions options; - const char *canonical_hostname; HostStatus host_status; - debug("Trying rhosts with RSA host authentication for client user %.100s", client_user); - - if (pw == NULL || client_host_key == NULL || client_host_key->rsa == NULL) - return 0; - /* Check if we would accept it using rhosts authentication. */ - if (!auth_rhosts(pw, client_user)) + if (!auth_rhosts(pw, cuser)) return 0; - canonical_hostname = get_canonical_hostname( - options.verify_reverse_mapping); - - debug("Rhosts RSA authentication: canonical host %.900s", canonical_hostname); - host_status = check_key_in_hostfiles(pw, client_host_key, - canonical_hostname, _PATH_SSH_SYSTEM_HOSTFILE, + chost, _PATH_SSH_SYSTEM_HOSTFILE, options.ignore_user_known_hosts ? NULL : _PATH_SSH_USER_HOSTFILE); - if (host_status != HOST_OK) { + return (host_status == HOST_OK); +} + +/* + * Tries to authenticate the user using the .rhosts file and the host using + * its host key. Returns true if authentication succeeds. + */ +int +auth_rhosts_rsa(struct passwd *pw, char *cuser, Key *client_host_key) +{ + char *chost; + + debug("Trying rhosts with RSA host authentication for client user %.100s", + cuser); + + if (pw == NULL || client_host_key == NULL || + client_host_key->rsa == NULL) + return 0; + + chost = (char *)get_canonical_hostname(options.verify_reverse_mapping); + debug("Rhosts RSA authentication: canonical host %.900s", chost); + + if (!PRIVSEP(auth_rhosts_rsa_key_allowed(pw, cuser, chost, client_host_key))) { debug("Rhosts with RSA host authentication denied: unknown or invalid host key"); packet_send_debug("Your host key cannot be verified: unknown or invalid host key."); return 0; @@ -63,9 +74,9 @@ /* A matching host key was found and is known. */ /* Perform the challenge-response dialog with the client for the host key. */ - if (!auth_rsa_challenge_dialog(client_host_key->rsa)) { + if (!auth_rsa_challenge_dialog(client_host_key)) { log("Client on %.800s failed to respond correctly to host authentication.", - canonical_hostname); + chost); return 0; } /* @@ -74,7 +85,7 @@ */ verbose("Rhosts with RSA host authentication accepted for %.100s, %.100s on %.700s.", - pw->pw_name, client_user, canonical_hostname); + pw->pw_name, cuser, chost); packet_send_debug("Rhosts with RSA host authentication accepted."); return 1; } diff -ru openssh-3.1p1/auth-rhosts.c openssh-3.2.2p1/auth-rhosts.c --- openssh-3.1p1/auth-rhosts.c 2002-03-05 12:45:57.000000000 +1100 +++ openssh-3.2.2p1/auth-rhosts.c 2002-05-16 02:19:37.000000000 +1000 @@ -14,7 +14,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-rhosts.c,v 1.27 2002/03/04 12:43:06 markus Exp $"); +RCSID("$OpenBSD: auth-rhosts.c,v 1.28 2002/05/13 21:26:49 markus Exp $"); #include "packet.h" #include "uidswap.h" @@ -26,6 +26,7 @@ /* import */ extern ServerOptions options; +extern int use_privsep; /* * This function processes an rhosts-style file (.rhosts, .shosts, or @@ -69,7 +70,7 @@ */ switch (sscanf(buf, "%s %s %s", hostbuf, userbuf, dummy)) { case 0: - packet_send_debug("Found empty line in %.100s.", filename); + auth_debug_add("Found empty line in %.100s.", filename); continue; case 1: /* Host name only. */ @@ -79,7 +80,7 @@ /* Got both host and user name. */ break; case 3: - packet_send_debug("Found garbage in %.100s.", filename); + auth_debug_add("Found garbage in %.100s.", filename); continue; default: /* Weird... */ @@ -106,8 +107,8 @@ /* Check for empty host/user names (particularly '+'). */ if (!host[0] || !user[0]) { /* We come here if either was '+' or '-'. */ - packet_send_debug("Ignoring wild host/user names in %.100s.", - filename); + auth_debug_add("Ignoring wild host/user names in %.100s.", + filename); continue; } /* Verify that host name matches. */ @@ -130,8 +131,8 @@ /* If the entry was negated, deny access. */ if (negated) { - packet_send_debug("Matched negative entry in %.100s.", - filename); + auth_debug_add("Matched negative entry in %.100s.", + filename); return 0; } /* Accept authentication. */ @@ -153,16 +154,14 @@ auth_rhosts(struct passwd *pw, const char *client_user) { const char *hostname, *ipaddr; - int ret; hostname = get_canonical_hostname(options.verify_reverse_mapping); ipaddr = get_remote_ipaddr(); - ret = auth_rhosts2(pw, client_user, hostname, ipaddr); - return ret; + return auth_rhosts2(pw, client_user, hostname, ipaddr); } -int -auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname, +static int +auth_rhosts2_raw(struct passwd *pw, const char *client_user, const char *hostname, const char *ipaddr) { char buf[1024]; @@ -205,13 +204,13 @@ if (pw->pw_uid != 0) { if (check_rhosts_file(_PATH_RHOSTS_EQUIV, hostname, ipaddr, client_user, pw->pw_name)) { - packet_send_debug("Accepted for %.100s [%.100s] by /etc/hosts.equiv.", + auth_debug_add("Accepted for %.100s [%.100s] by /etc/hosts.equiv.", hostname, ipaddr); return 1; } if (check_rhosts_file(_PATH_SSH_HOSTS_EQUIV, hostname, ipaddr, client_user, pw->pw_name)) { - packet_send_debug("Accepted for %.100s [%.100s] by %.100s.", + auth_debug_add("Accepted for %.100s [%.100s] by %.100s.", hostname, ipaddr, _PATH_SSH_HOSTS_EQUIV); return 1; } @@ -221,19 +220,19 @@ * not group or world writable. */ if (stat(pw->pw_dir, &st) < 0) { - log("Rhosts authentication refused for %.100s: no home directory %.200s", - pw->pw_name, pw->pw_dir); - packet_send_debug("Rhosts authentication refused for %.100s: no home directory %.200s", - pw->pw_name, pw->pw_dir); + log("Rhosts authentication refused for %.100s: " + "no home directory %.200s", pw->pw_name, pw->pw_dir); + auth_debug_add("Rhosts authentication refused for %.100s: " + "no home directory %.200s", pw->pw_name, pw->pw_dir); return 0; } if (options.strict_modes && ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || (st.st_mode & 022) != 0)) { - log("Rhosts authentication refused for %.100s: bad ownership or modes for home directory.", - pw->pw_name); - packet_send_debug("Rhosts authentication refused for %.100s: bad ownership or modes for home directory.", - pw->pw_name); + log("Rhosts authentication refused for %.100s: " + "bad ownership or modes for home directory.", pw->pw_name); + auth_debug_add("Rhosts authentication refused for %.100s: " + "bad ownership or modes for home directory.", pw->pw_name); return 0; } /* Temporarily use the user's uid. */ @@ -259,21 +258,23 @@ (st.st_mode & 022) != 0)) { log("Rhosts authentication refused for %.100s: bad modes for %.200s", pw->pw_name, buf); - packet_send_debug("Bad file modes for %.200s", buf); + auth_debug_add("Bad file modes for %.200s", buf); continue; } /* Check if we have been configured to ignore .rhosts and .shosts files. */ if (options.ignore_rhosts) { - packet_send_debug("Server has been configured to ignore %.100s.", - rhosts_files[rhosts_file_index]); + auth_debug_add("Server has been configured to ignore %.100s.", + rhosts_files[rhosts_file_index]); continue; } /* Check if authentication is permitted by the file. */ if (check_rhosts_file(buf, hostname, ipaddr, client_user, pw->pw_name)) { - packet_send_debug("Accepted by %.100s.", - rhosts_files[rhosts_file_index]); + auth_debug_add("Accepted by %.100s.", + rhosts_files[rhosts_file_index]); /* Restore the privileged uid. */ restore_uid(); + auth_debug_add("Accepted host %s ip %s client_user %s server_user %s", + hostname, ipaddr, client_user, pw->pw_name); return 1; } } @@ -282,3 +283,16 @@ restore_uid(); return 0; } + +int +auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname, + const char *ipaddr) +{ + int ret; + + auth_debug_reset(); + ret = auth_rhosts2_raw(pw, client_user, hostname, ipaddr); + if (!use_privsep) + auth_debug_send(); + return ret; +} diff -ru openssh-3.1p1/auth-rsa.c openssh-3.2.2p1/auth-rsa.c --- openssh-3.1p1/auth-rsa.c 2002-01-22 23:16:33.000000000 +1100 +++ openssh-3.2.2p1/auth-rsa.c 2002-04-03 06:43:13.000000000 +1000 @@ -14,7 +14,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-rsa.c,v 1.50 2001/12/28 14:50:54 markus Exp $"); +RCSID("$OpenBSD: auth-rsa.c,v 1.55 2002/03/29 19:18:33 stevesk Exp $"); #include #include @@ -32,6 +32,8 @@ #include "servconf.h" #include "auth.h" #include "hostfile.h" +#include "monitor_wrap.h" +#include "ssh.h" /* import */ extern ServerOptions options; @@ -52,6 +54,58 @@ * description of the options. */ +BIGNUM * +auth_rsa_generate_challenge(Key *key) +{ + BIGNUM *challenge; + BN_CTX *ctx; + + if ((challenge = BN_new()) == NULL) + fatal("auth_rsa_generate_challenge: BN_new() failed"); + /* Generate a random challenge. */ + BN_rand(challenge, 256, 0, 0); + if ((ctx = BN_CTX_new()) == NULL) + fatal("auth_rsa_generate_challenge: BN_CTX_new() failed"); + BN_mod(challenge, challenge, key->rsa->n, ctx); + BN_CTX_free(ctx); + + return challenge; +} + +int +auth_rsa_verify_response(Key *key, BIGNUM *challenge, u_char response[16]) +{ + u_char buf[32], mdbuf[16]; + MD5_CTX md; + int len; + + /* don't allow short keys */ + if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) { + error("auth_rsa_verify_response: n too small: %d bits", + BN_num_bits(key->rsa->n)); + return (0); + } + + /* The response is MD5 of decrypted challenge plus session id. */ + len = BN_num_bytes(challenge); + if (len <= 0 || len > 32) + fatal("auth_rsa_verify_response: bad challenge length %d", len); + memset(buf, 0, 32); + BN_bn2bin(challenge, buf + 32 - len); + MD5_Init(&md); + MD5_Update(&md, buf, 32); + MD5_Update(&md, session_id, 16); + MD5_Final(mdbuf, &md); + + /* Verify that the response is the original challenge. */ + if (memcmp(response, mdbuf, 16) != 0) { + /* Wrong answer. */ + return (0); + } + /* Correct answer. */ + return (1); +} + /* * Performs the RSA authentication challenge-response dialog with the client, * and returns true (non-zero) if the client gave the correct answer to @@ -59,29 +113,19 @@ */ int -auth_rsa_challenge_dialog(RSA *pk) +auth_rsa_challenge_dialog(Key *key) { BIGNUM *challenge, *encrypted_challenge; - BN_CTX *ctx; - u_char buf[32], mdbuf[16], response[16]; - MD5_CTX md; - u_int i; - int len; + u_char response[16]; + int i, success; if ((encrypted_challenge = BN_new()) == NULL) fatal("auth_rsa_challenge_dialog: BN_new() failed"); - if ((challenge = BN_new()) == NULL) - fatal("auth_rsa_challenge_dialog: BN_new() failed"); - /* Generate a random challenge. */ - BN_rand(challenge, 256, 0, 0); - if ((ctx = BN_CTX_new()) == NULL) - fatal("auth_rsa_challenge_dialog: BN_CTX_new() failed"); - BN_mod(challenge, challenge, pk->n, ctx); - BN_CTX_free(ctx); + challenge = PRIVSEP(auth_rsa_generate_challenge(key)); /* Encrypt the challenge with the public key. */ - rsa_public_encrypt(encrypted_challenge, challenge, pk); + rsa_public_encrypt(encrypted_challenge, challenge, key->rsa); /* Send the encrypted challenge to the client. */ packet_start(SSH_SMSG_AUTH_RSA_CHALLENGE); @@ -96,48 +140,26 @@ response[i] = packet_get_char(); packet_check_eom(); - /* The response is MD5 of decrypted challenge plus session id. */ - len = BN_num_bytes(challenge); - if (len <= 0 || len > 32) - fatal("auth_rsa_challenge_dialog: bad challenge length %d", len); - memset(buf, 0, 32); - BN_bn2bin(challenge, buf + 32 - len); - MD5_Init(&md); - MD5_Update(&md, buf, 32); - MD5_Update(&md, session_id, 16); - MD5_Final(mdbuf, &md); + success = PRIVSEP(auth_rsa_verify_response(key, challenge, response)); BN_clear_free(challenge); - - /* Verify that the response is the original challenge. */ - if (memcmp(response, mdbuf, 16) != 0) { - /* Wrong answer. */ - return 0; - } - /* Correct answer. */ - return 1; + return (success); } /* - * Performs the RSA authentication dialog with the client. This returns - * 0 if the client could not be authenticated, and 1 if authentication was - * successful. This may exit if there is a serious protocol violation. + * check if there's user key matching client_n, + * return key if login is allowed, NULL otherwise */ int -auth_rsa(struct passwd *pw, BIGNUM *client_n) +auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) { char line[8192], *file; - int authenticated; + int allowed = 0; u_int bits; FILE *f; u_long linenum = 0; struct stat st; Key *key; - char *fp; - - /* no user given */ - if (pw == NULL) - return 0; /* Temporarily use the user's uid. */ temporarily_use_uid(pw); @@ -151,29 +173,27 @@ /* Restore the privileged uid. */ restore_uid(); xfree(file); - return 0; + return (0); } /* Open the file containing the authorized keys. */ f = fopen(file, "r"); if (!f) { /* Restore the privileged uid. */ restore_uid(); - packet_send_debug("Could not open %.900s for reading.", file); - packet_send_debug("If your home is on an NFS volume, it may need to be world-readable."); xfree(file); - return 0; + return (0); } if (options.strict_modes && secure_filename(f, file, pw, line, sizeof(line)) != 0) { xfree(file); fclose(f); log("Authentication refused: %s", line); - packet_send_debug("Authentication refused: %s", line); restore_uid(); - return 0; + return (0); } - /* Flag indicating whether authentication has succeeded. */ - authenticated = 0; + + /* Flag indicating whether the key is allowed. */ + allowed = 0; key = key_new(KEY_RSA1); @@ -238,32 +258,8 @@ if (!auth_parse_options(pw, options, file, linenum)) continue; - /* Perform the challenge-response dialog for this key. */ - if (!auth_rsa_challenge_dialog(key->rsa)) { - /* Wrong response. */ - verbose("Wrong response to RSA authentication challenge."); - packet_send_debug("Wrong response to RSA authentication challenge."); - /* - * Break out of the loop. Otherwise we might send - * another challenge and break the protocol. - */ - break; - } - /* - * Correct response. The client has been successfully - * authenticated. Note that we have not yet processed the - * options; this will be reset if the options cause the - * authentication to be rejected. - * Break out of the loop if authentication was successful; - * otherwise continue searching. - */ - authenticated = 1; - - fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); - verbose("Found matching %s key: %s", - key_type(key), fp); - xfree(fp); - + /* break out, this key is allowed */ + allowed = 1; break; } @@ -274,13 +270,58 @@ xfree(file); fclose(f); - key_free(key); - - if (authenticated) - packet_send_debug("RSA authentication accepted."); + /* return key if allowed */ + if (allowed && rkey != NULL) + *rkey = key; else + key_free(key); + return (allowed); +} + +/* + * Performs the RSA authentication dialog with the client. This returns + * 0 if the client could not be authenticated, and 1 if authentication was + * successful. This may exit if there is a serious protocol violation. + */ +int +auth_rsa(struct passwd *pw, BIGNUM *client_n) +{ + Key *key; + char *fp; + + /* no user given */ + if (pw == NULL) + return 0; + + if (!PRIVSEP(auth_rsa_key_allowed(pw, client_n, &key))) { auth_clear_options(); + return (0); + } + + /* Perform the challenge-response dialog for this key. */ + if (!auth_rsa_challenge_dialog(key)) { + /* Wrong response. */ + verbose("Wrong response to RSA authentication challenge."); + packet_send_debug("Wrong response to RSA authentication challenge."); + /* + * Break out of the loop. Otherwise we might send + * another challenge and break the protocol. + */ + key_free(key); + return (0); + } + /* + * Correct response. The client has been successfully + * authenticated. Note that we have not yet processed the + * options; this will be reset if the options cause the + * authentication to be rejected. + */ + fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); + verbose("Found matching %s key: %s", + key_type(key), fp); + xfree(fp); + key_free(key); - /* Return authentication result. */ - return authenticated; + packet_send_debug("RSA authentication accepted."); + return (1); } diff -ru openssh-3.1p1/auth-sia.c openssh-3.2.2p1/auth-sia.c --- openssh-3.1p1/auth-sia.c 2002-02-05 12:40:47.000000000 +1100 +++ openssh-3.2.2p1/auth-sia.c 2002-04-13 01:36:08.000000000 +1000 @@ -1,7 +1,32 @@ +/* + * Copyright (c) 2002 Chris Adams. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + #include "includes.h" #ifdef HAVE_OSF_SIA #include "ssh.h" +#include "auth.h" #include "auth-sia.h" #include "log.h" #include "servconf.h" @@ -23,15 +48,16 @@ extern int errno; int -auth_sia_password(char *user, char *pass) +auth_sia_password(Authctxt *authctxt, char *pass) { int ret; SIAENTITY *ent = NULL; const char *host; + char *user = authctxt->user; host = get_canonical_hostname(options.verify_reverse_mapping); - if (!user || !pass) + if (!user || !pass || pass[0] == '\0') return(0); if (sia_ses_init(&ent, saved_argc, saved_argv, host, user, NULL, 0, @@ -39,7 +65,7 @@ return(0); if ((ret = sia_ses_authent(NULL, pass, ent)) != SIASUCCESS) { - error("couldn't authenticate %s from %s", user, host); + error("Couldn't authenticate %s from %s", user, host); if (ret & SIASTOP) sia_ses_release(&ent); return(0); @@ -53,7 +79,6 @@ void session_setup_sia(char *user, char *tty) { - int ret; struct passwd *pw; SIAENTITY *ent = NULL; const char *host; @@ -62,46 +87,38 @@ if (sia_ses_init(&ent, saved_argc, saved_argv, host, user, tty, 0, NULL) != SIASUCCESS) { - error("sia_ses_init failed"); - exit(1); + fatal("sia_ses_init failed"); } if ((pw = getpwnam(user)) == NULL) { sia_ses_release(&ent); - error("getpwnam(%s) failed: %s", user, strerror(errno)); - exit(1); + fatal("getpwnam: no user: %s", user); } if (sia_make_entity_pwd(pw, ent) != SIASUCCESS) { sia_ses_release(&ent); - error("sia_make_entity_pwd failed"); - exit(1); + fatal("sia_make_entity_pwd failed"); } ent->authtype = SIA_A_NONE; if (sia_ses_estab(sia_collect_trm, ent) != SIASUCCESS) { - error("couldn't establish session for %s from %s", user, + fatal("Couldn't establish session for %s from %s", user, host); - exit(1); } if (setpriority(PRIO_PROCESS, 0, 0) == -1) { sia_ses_release(&ent); - error("setpriority failed: %s", strerror (errno)); - exit(1); + fatal("setpriority: %s", strerror (errno)); } if (sia_ses_launch(sia_collect_trm, ent) != SIASUCCESS) { - error("couldn't launch session for %s from %s", user, host); - exit(1); + fatal("Couldn't launch session for %s from %s", user, host); } sia_ses_release(&ent); if (setreuid(geteuid(), geteuid()) < 0) { - error("setreuid failed: %s", strerror (errno)); - exit(1); + fatal("setreuid: %s", strerror(errno)); } } #endif /* HAVE_OSF_SIA */ - diff -ru openssh-3.1p1/auth-sia.h openssh-3.2.2p1/auth-sia.h --- openssh-3.1p1/auth-sia.h 2001-02-14 01:25:23.000000000 +1100 +++ openssh-3.2.2p1/auth-sia.h 2002-04-13 01:36:08.000000000 +1000 @@ -1,8 +1,32 @@ +/* + * Copyright (c) 2002 Chris Adams. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + #include "includes.h" #ifdef HAVE_OSF_SIA -int auth_sia_password(char *user, char *pass); +int auth_sia_password(Authctxt *authctxt, char *pass); void session_setup_sia(char *user, char *tty); #endif /* HAVE_OSF_SIA */ diff -ru openssh-3.1p1/auth-skey.c openssh-3.2.2p1/auth-skey.c --- openssh-3.1p1/auth-skey.c 2002-01-22 23:25:48.000000000 +1100 +++ openssh-3.2.2p1/auth-skey.c 2002-05-16 02:14:37.000000000 +1000 @@ -22,7 +22,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: auth-skey.c,v 1.16 2002/01/12 13:10:29 markus Exp $"); +RCSID("$OpenBSD: auth-skey.c,v 1.18 2002/05/13 02:37:39 itojun Exp $"); #ifdef SKEY @@ -30,6 +30,7 @@ #include "xmalloc.h" #include "auth.h" +#include "monitor_wrap.h" static void * skey_init_ctx(Authctxt *authctxt) @@ -37,9 +38,7 @@ return authctxt; } -#define PROMPT "\nS/Key Password: " - -static int +int skey_query(void *ctx, char **name, char **infotxt, u_int* numprompts, char ***prompts, u_int **echo_on) { @@ -58,16 +57,16 @@ *echo_on = xmalloc(*numprompts * sizeof(u_int)); (*echo_on)[0] = 0; - len = strlen(challenge) + strlen(PROMPT) + 1; + len = strlen(challenge) + strlen(SKEY_PROMPT) + 1; p = xmalloc(len); strlcpy(p, challenge, len); - strlcat(p, PROMPT, len); + strlcat(p, SKEY_PROMPT, len); (*prompts)[0] = p; return 0; } -static int +int skey_respond(void *ctx, u_int numresponses, char **responses) { Authctxt *authctxt = ctx; @@ -93,4 +92,12 @@ skey_respond, skey_free_ctx }; + +KbdintDevice mm_skey_device = { + "skey", + skey_init_ctx, + mm_skey_query, + mm_skey_respond, + skey_free_ctx +}; #endif /* SKEY */ diff -ru openssh-3.1p1/auth.c openssh-3.2.2p1/auth.c --- openssh-3.1p1/auth.c 2002-03-05 12:42:43.000000000 +1100 +++ openssh-3.2.2p1/auth.c 2002-05-16 02:16:14.000000000 +1000 @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth.c,v 1.35 2002/03/01 13:12:10 markus Exp $"); +RCSID("$OpenBSD: auth.c,v 1.42 2002/05/13 20:44:58 markus Exp $"); #ifdef HAVE_LOGIN_H #include @@ -48,10 +48,17 @@ #include "bufaux.h" #include "uidswap.h" #include "tildexpand.h" +#include "misc.h" +#include "bufaux.h" +#include "packet.h" /* import */ extern ServerOptions options; +/* Debugging messages */ +Buffer auth_debug; +int auth_debug_init; + /* * Check if the user is allowed to log in via ssh. If user is listed * in DenyUsers or one of user's groups is listed in DenyGroups, false @@ -79,18 +86,35 @@ if (!pw || !pw->pw_name) return 0; +#define DAY (24L * 60 * 60) /* 1 day in seconds */ spw = getspnam(pw->pw_name); if (spw != NULL) { - int days = time(NULL) / 86400; + time_t today = time(NULL) / DAY; + debug3("allowed_user: today %d sp_expire %d sp_lstchg %d" + " sp_max %d", (int)today, (int)spw->sp_expire, + (int)spw->sp_lstchg, (int)spw->sp_max); + + /* + * We assume account and password expiration occurs the + * day after the day specified. + */ + if (spw->sp_expire != -1 && today > spw->sp_expire) { + log("Account %.100s has expired", pw->pw_name); + return 0; + } - /* Check account expiry */ - if ((spw->sp_expire >= 0) && (days > spw->sp_expire)) + if (spw->sp_lstchg == 0) { + log("User %.100s password has expired (root forced)", + pw->pw_name); return 0; + } - /* Check password expiry */ - if ((spw->sp_lstchg >= 0) && (spw->sp_max >= 0) && - (days > (spw->sp_lstchg + spw->sp_max))) + if (spw->sp_max != -1 && + today > spw->sp_lstchg + spw->sp_max) { + log("User %.100s password has expired (password aged)", + pw->pw_name); return 0; + } } #else /* Shouldn't be called if pw is NULL, but better safe than sorry... */ @@ -110,7 +134,8 @@ pw->pw_name, shell); return 0; } - if (!((st.st_mode & S_IFREG) && (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)))) { + if (S_ISREG(st.st_mode) == 0 || + (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)) == 0) { log("User %.100s not allowed because shell %.100s is not executable", pw->pw_name, shell); return 0; @@ -124,17 +149,17 @@ /* Return false if user is listed in DenyUsers */ if (options.num_deny_users > 0) { for (i = 0; i < options.num_deny_users; i++) - if (match_user(pw->pw_name, hostname, ipaddr, + if (match_user(pw->pw_name, hostname, ipaddr, options.deny_users[i])) { - log("User %.100s not allowed because listed in DenyUsers", - pw->pw_name); + log("User %.100s not allowed because listed in DenyUsers", + pw->pw_name); return 0; } } /* Return false if AllowUsers isn't empty and user isn't listed there */ if (options.num_allow_users > 0) { for (i = 0; i < options.num_allow_users; i++) - if (match_user(pw->pw_name, hostname, ipaddr, + if (match_user(pw->pw_name, hostname, ipaddr, options.allow_users[i])) break; /* i < options.num_allow_users iff we break for loop */ @@ -438,3 +463,77 @@ } return 0; } + +struct passwd * +getpwnamallow(const char *user) +{ +#ifdef HAVE_LOGIN_CAP + extern login_cap_t *lc; +#ifdef BSD_AUTH + auth_session_t *as; +#endif +#endif + struct passwd *pw; + + pw = getpwnam(user); + if (pw == NULL || !allowed_user(pw)) + return (NULL); +#ifdef HAVE_LOGIN_CAP + if ((lc = login_getclass(pw->pw_class)) == NULL) { + debug("unable to get login class: %s", user); + return (NULL); + } +#ifdef BSD_AUTH + if ((as = auth_open()) == NULL || auth_setpwd(as, pw) != 0 || + auth_approval(NULL, lc, pw->pw_name, "ssh") <= 0) { + debug("Approval failure for %s", user); + pw = NULL; + } + if (as != NULL) + auth_close(as); +#endif +#endif + if (pw != NULL) + return (pwcopy(pw)); + return (NULL); +} + +void +auth_debug_add(const char *fmt,...) +{ + char buf[1024]; + va_list args; + + if (!auth_debug_init) + return; + + va_start(args, fmt); + vsnprintf(buf, sizeof(buf), fmt, args); + va_end(args); + buffer_put_cstring(&auth_debug, buf); +} + +void +auth_debug_send(void) +{ + char *msg; + + if (!auth_debug_init) + return; + while (buffer_len(&auth_debug)) { + msg = buffer_get_string(&auth_debug, NULL); + packet_send_debug("%s", msg); + xfree(msg); + } +} + +void +auth_debug_reset(void) +{ + if (auth_debug_init) + buffer_clear(&auth_debug); + else { + buffer_init(&auth_debug); + auth_debug_init = 1; + } +} diff -ru openssh-3.1p1/auth.h openssh-3.2.2p1/auth.h --- openssh-3.1p1/auth.h 2002-03-05 12:53:04.000000000 +1100 +++ openssh-3.2.2p1/auth.h 2002-05-16 02:16:15.000000000 +1000 @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.h,v 1.29 2002/03/04 17:27:39 stevesk Exp $ */ +/* $OpenBSD: auth.h,v 1.37 2002/05/13 20:44:58 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -88,14 +88,21 @@ void (*free_ctx)(void *ctx); }; -int auth_rhosts(struct passwd *, const char *); +int auth_rhosts(struct passwd *, const char *); int auth_rhosts2(struct passwd *, const char *, const char *, const char *); -int auth_rhosts_rsa(struct passwd *, const char *, Key *); +int auth_rhosts_rsa(struct passwd *, char *, Key *); int auth_password(Authctxt *, const char *); int auth_rsa(struct passwd *, BIGNUM *); -int auth_rsa_challenge_dialog(RSA *); +int auth_rsa_challenge_dialog(Key *); +BIGNUM *auth_rsa_generate_challenge(Key *); +int auth_rsa_verify_response(Key *, BIGNUM *, u_char[]); +int auth_rsa_key_allowed(struct passwd *, BIGNUM *, Key **); + +int auth_rhosts_rsa_key_allowed(struct passwd *, char *, char *, Key *); +int hostbased_key_allowed(struct passwd *, const char *, char *, Key *); +int user_key_allowed(struct passwd *, Key *); #ifdef KRB4 #include @@ -121,18 +128,27 @@ #include "auth-pam.h" #include "auth2-pam.h" -void do_authentication(void); -void do_authentication2(void); +Authctxt *do_authentication(void); +Authctxt *do_authentication2(void); Authctxt *authctxt_new(void); void auth_log(Authctxt *, int, char *, char *); void userauth_finish(Authctxt *, int, char *); int auth_root_allowed(char *); +char *auth2_read_banner(void); + +void privsep_challenge_enable(void); + int auth2_challenge(Authctxt *, char *); void auth2_challenge_stop(Authctxt *); +int bsdauth_query(void *, char **, char **, u_int *, char ***, u_int **); +int bsdauth_respond(void *, u_int, char **); +int skey_query(void *, char **, char **, u_int *, char ***, u_int **); +int skey_respond(void *, u_int, char **); int allowed_user(struct passwd *); +struct passwd * getpwnamallow(const char *user); char *get_challenge(Authctxt *); int verify_response(Authctxt *, const char *); @@ -150,8 +166,20 @@ check_key_in_hostfiles(struct passwd *, Key *, const char *, const char *, const char *); +/* hostkey handling */ +Key *get_hostkey_by_index(int); +Key *get_hostkey_by_type(int); +int get_hostkey_index(Key *); +int ssh1_session_key(BIGNUM *); + +/* debug messages during authentication */ +void auth_debug_add(const char *fmt,...) __attribute__((format(printf, 1, 2))); +void auth_debug_send(void); +void auth_debug_reset(void); + #define AUTH_FAIL_MAX 6 #define AUTH_FAIL_LOG (AUTH_FAIL_MAX/2) #define AUTH_FAIL_MSG "Too many authentication failures for %.100s" +#define SKEY_PROMPT "\nS/Key Password: " #endif diff -ru openssh-3.1p1/auth1.c openssh-3.2.2p1/auth1.c --- openssh-3.1p1/auth1.c 2002-02-14 20:39:50.000000000 +1100 +++ openssh-3.2.2p1/auth1.c 2002-04-23 20:28:49.000000000 +1000 @@ -10,7 +10,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth1.c,v 1.35 2002/02/03 17:53:25 markus Exp $"); +RCSID("$OpenBSD: auth1.c,v 1.40 2002/04/10 08:21:47 markus Exp $"); #include "xmalloc.h" #include "rsa.h" @@ -24,8 +24,8 @@ #include "auth.h" #include "channels.h" #include "session.h" -#include "misc.h" #include "uidswap.h" +#include "monitor_wrap.h" /* import */ extern ServerOptions options; @@ -84,13 +84,7 @@ #if defined(KRB4) || defined(KRB5) (!options.kerberos_authentication || options.kerberos_or_local_passwd) && #endif -#ifdef USE_PAM - auth_pam_password(pw, "")) { -#elif defined(HAVE_OSF_SIA) - 0) { -#else - auth_password(authctxt, "")) { -#endif + PRIVSEP(auth_password(authctxt, ""))) { auth_log(authctxt, 1, "without authentication", ""); return; } @@ -246,17 +240,8 @@ password = packet_get_string(&dlen); packet_check_eom(); -#ifdef USE_PAM - /* Do PAM auth with password */ - authenticated = auth_pam_password(pw, password); -#elif defined(HAVE_OSF_SIA) - /* Do SIA auth with password */ - authenticated = auth_sia_password(authctxt->user, - password); -#else /* !USE_PAM && !HAVE_OSF_SIA */ /* Try authentication with the password. */ - authenticated = auth_password(authctxt, password); -#endif /* USE_PAM */ + authenticated = PRIVSEP(auth_password(authctxt, password)); memset(password, 0, strlen(password)); xfree(password); @@ -321,7 +306,8 @@ authenticated = 0; #endif #ifdef USE_PAM - if (authenticated && !do_pam_account(pw->pw_name, client_user)) + if (!use_privsep && authenticated && + !do_pam_account(pw->pw_name, client_user)) authenticated = 0; #endif @@ -355,13 +341,12 @@ * Performs authentication of an incoming connection. Session key has already * been exchanged and encryption is enabled. */ -void +Authctxt * do_authentication(void) { Authctxt *authctxt; - struct passwd *pw; u_int ulen; - char *p, *user, *style = NULL; + char *user, *style = NULL; /* Get the name of the user that we wish to log in as. */ packet_read_expect(SSH_CMSG_USER); @@ -373,29 +358,31 @@ if ((style = strchr(user, ':')) != NULL) *style++ = '\0'; +#ifdef KRB5 /* XXX - SSH.com Kerberos v5 braindeath. */ - if ((p = strchr(user, '@')) != NULL) - *p = '\0'; + if ((datafellows & SSH_BUG_K5USER) && + options.kerberos_authentication) { + char *p; + if ((p = strchr(user, '@')) != NULL) + *p = '\0'; + } +#endif authctxt = authctxt_new(); authctxt->user = user; authctxt->style = style; /* Verify that the user is a valid user. */ - pw = getpwnam(user); - if (pw && allowed_user(pw)) { + if ((authctxt->pw = PRIVSEP(getpwnamallow(user))) != NULL) authctxt->valid = 1; - pw = pwcopy(pw); - } else { + else debug("do_authentication: illegal user %s", user); - pw = NULL; - } - authctxt->pw = pw; - setproctitle("%s", pw ? user : "unknown"); + setproctitle("%s%s", authctxt->pw ? user : "unknown", + use_privsep ? " [net]" : ""); #ifdef USE_PAM - start_pam(pw == NULL ? "NOUSER" : user); + PRIVSEP(start_pam(authctxt->pw == NULL ? "NOUSER" : user)); #endif /* @@ -403,7 +390,8 @@ * the server. (Unless you are running Windows) */ #ifndef HAVE_CYGWIN - if (getuid() != 0 && pw && pw->pw_uid != getuid()) + if (!use_privsep && getuid() != 0 && authctxt->pw && + authctxt->pw->pw_uid != getuid()) packet_disconnect("Cannot change user when server not running as root."); #endif @@ -418,6 +406,5 @@ packet_send(); packet_write_wait(); - /* Perform session preparation. */ - do_authenticated(authctxt); + return (authctxt); } diff -ru openssh-3.1p1/auth2-chall.c openssh-3.2.2p1/auth2-chall.c --- openssh-3.1p1/auth2-chall.c 2002-01-22 23:26:40.000000000 +1100 +++ openssh-3.2.2p1/auth2-chall.c 2002-03-22 13:30:43.000000000 +1100 @@ -23,7 +23,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: auth2-chall.c,v 1.16 2002/01/13 17:57:37 markus Exp $"); +RCSID("$OpenBSD: auth2-chall.c,v 1.17 2002/03/18 17:50:31 provos Exp $"); #include "ssh2.h" #include "auth.h" @@ -310,3 +310,22 @@ userauth_finish(authctxt, authenticated, method); xfree(method); } + +void +privsep_challenge_enable(void) +{ +#ifdef BSD_AUTH + extern KbdintDevice mm_bsdauth_device; +#endif +#ifdef SKEY + extern KbdintDevice mm_skey_device; +#endif + /* As long as SSHv1 has devices[0] hard coded this is fine */ +#ifdef BSD_AUTH + devices[0] = &mm_bsdauth_device; +#else +#ifdef SKEY + devices[0] = &mm_skey_device; +#endif +#endif +} diff -ru openssh-3.1p1/auth2.c openssh-3.2.2p1/auth2.c --- openssh-3.1p1/auth2.c 2002-02-27 05:09:43.000000000 +1100 +++ openssh-3.2.2p1/auth2.c 2002-05-16 02:14:37.000000000 +1000 @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth2.c,v 1.85 2002/02/24 19:14:59 markus Exp $"); +RCSID("$OpenBSD: auth2.c,v 1.91 2002/05/13 02:37:39 itojun Exp $"); #include @@ -47,17 +47,18 @@ #include "pathnames.h" #include "uidswap.h" #include "auth-options.h" -#include "misc.h" #include "hostfile.h" #include "canohost.h" #include "match.h" +#include "monitor_wrap.h" +#include "atomicio.h" /* import */ extern ServerOptions options; extern u_char *session_id2; extern int session_id2_len; -static Authctxt *x_authctxt = NULL; +Authctxt *x_authctxt = NULL; static int one = 1; typedef struct Authmethod Authmethod; @@ -75,8 +76,8 @@ /* helper */ static Authmethod *authmethod_lookup(const char *); static char *authmethods_get(void); -static int user_key_allowed(struct passwd *, Key *); -static int hostbased_key_allowed(struct passwd *, const char *, char *, Key *); +int user_key_allowed(struct passwd *, Key *); +int hostbased_key_allowed(struct passwd *, const char *, char *, Key *); /* auth */ static void userauth_banner(void); @@ -109,7 +110,7 @@ * loop until authctxt->success == TRUE */ -void +Authctxt * do_authentication2(void) { Authctxt *authctxt = authctxt_new(); @@ -121,11 +122,14 @@ options.kbd_interactive_authentication = 1; if (options.pam_authentication_via_kbd_int) options.kbd_interactive_authentication = 1; + if (use_privsep) + options.pam_authentication_via_kbd_int = 0; dispatch_init(&dispatch_protocol_error); dispatch_set(SSH2_MSG_SERVICE_REQUEST, &input_service_request); dispatch_run(DISPATCH_BLOCK, &authctxt->success, authctxt); - do_authenticated(authctxt); + + return (authctxt); } static void @@ -183,25 +187,26 @@ if (authctxt->attempt++ == 0) { /* setup auth context */ - struct passwd *pw = NULL; - pw = getpwnam(user); - if (pw && allowed_user(pw) && strcmp(service, "ssh-connection")==0) { - authctxt->pw = pwcopy(pw); + authctxt->pw = PRIVSEP(getpwnamallow(user)); + if (authctxt->pw && strcmp(service, "ssh-connection")==0) { authctxt->valid = 1; debug2("input_userauth_request: setting up authctxt for %s", user); #ifdef USE_PAM - start_pam(pw->pw_name); + PRIVSEP(start_pam(authctxt->pw->pw_name)); #endif } else { log("input_userauth_request: illegal user %s", user); #ifdef USE_PAM - start_pam("NOUSER"); + PRIVSEP(start_pam("NOUSER")); #endif } - setproctitle("%s", pw ? user : "unknown"); + setproctitle("%s%s", authctxt->pw ? user : "unknown", + use_privsep ? " [net]" : ""); authctxt->user = xstrdup(user); authctxt->service = xstrdup(service); authctxt->style = style ? xstrdup(style) : NULL; + if (use_privsep) + mm_inform_authserv(service, style); } else if (strcmp(user, authctxt->user) != 0 || strcmp(service, authctxt->service) != 0) { packet_disconnect("Change of username or service not allowed: " @@ -240,8 +245,8 @@ authenticated = 0; #ifdef USE_PAM - if (authenticated && authctxt->user && !do_pam_account(authctxt->user, - NULL)) + if (!use_privsep && authenticated && authctxt->user && + !do_pam_account(authctxt->user, NULL)) authenticated = 0; #endif /* USE_PAM */ @@ -279,25 +284,45 @@ } } -static void -userauth_banner(void) +char * +auth2_read_banner(void) { struct stat st; char *banner = NULL; off_t len, n; int fd; - if (options.banner == NULL || (datafellows & SSH_BUG_BANNER)) - return; - if ((fd = open(options.banner, O_RDONLY)) < 0) - return; - if (fstat(fd, &st) < 0) - goto done; + if ((fd = open(options.banner, O_RDONLY)) == -1) + return (NULL); + if (fstat(fd, &st) == -1) { + close(fd); + return (NULL); + } len = st.st_size; banner = xmalloc(len + 1); - if ((n = read(fd, banner, len)) < 0) - goto done; + n = atomicio(read, fd, banner, len); + close(fd); + + if (n != len) { + free(banner); + return (NULL); + } banner[n] = '\0'; + + return (banner); +} + +static void +userauth_banner(void) +{ + char *banner = NULL; + + if (options.banner == NULL || (datafellows & SSH_BUG_BANNER)) + return; + + if ((banner = PRIVSEP(auth2_read_banner())) == NULL) + goto done; + packet_start(SSH2_MSG_USERAUTH_BANNER); packet_put_cstring(banner); packet_put_cstring(""); /* language, unused */ @@ -306,7 +331,6 @@ done: if (banner) xfree(banner); - close(fd); return; } @@ -327,13 +351,7 @@ if (check_nt_auth(1, authctxt->pw) == 0) return(0); #endif -#ifdef USE_PAM - return auth_pam_password(authctxt->pw, ""); -#elif defined(HAVE_OSF_SIA) - return 0; -#else /* !HAVE_OSF_SIA && !USE_PAM */ - return auth_password(authctxt, ""); -#endif /* USE_PAM */ + return PRIVSEP(auth_password(authctxt, "")); } static int @@ -352,13 +370,7 @@ #ifdef HAVE_CYGWIN check_nt_auth(1, authctxt->pw) && #endif -#ifdef USE_PAM - auth_pam_password(authctxt->pw, password) == 1) -#elif defined(HAVE_OSF_SIA) - auth_sia_password(authctxt->user, password) == 1) -#else /* !USE_PAM && !HAVE_OSF_SIA */ - auth_password(authctxt, password) == 1) -#endif /* USE_PAM */ + PRIVSEP(auth_password(authctxt, password)) == 1) authenticated = 1; memset(password, 0, len); xfree(password); @@ -467,8 +479,10 @@ buffer_dump(&b); #endif /* test for correct signature */ - if (user_key_allowed(authctxt->pw, key) && - key_verify(key, sig, slen, buffer_ptr(&b), buffer_len(&b)) == 1) + authenticated = 0; + if (PRIVSEP(user_key_allowed(authctxt->pw, key)) && + PRIVSEP(key_verify(key, sig, slen, buffer_ptr(&b), + buffer_len(&b))) == 1) authenticated = 1; buffer_clear(&b); xfree(sig); @@ -484,7 +498,7 @@ * if a user is not allowed to login. is this an * issue? -markus */ - if (user_key_allowed(authctxt->pw, key)) { + if (PRIVSEP(user_key_allowed(authctxt->pw, key))) { packet_start(SSH2_MSG_USERAUTH_PK_OK); packet_put_string(pkalg, alen); packet_put_string(pkblob, blen); @@ -572,8 +586,10 @@ buffer_dump(&b); #endif /* test for allowed key and correct signature */ - if (hostbased_key_allowed(authctxt->pw, cuser, chost, key) && - key_verify(key, sig, slen, buffer_ptr(&b), buffer_len(&b)) == 1) + authenticated = 0; + if (PRIVSEP(hostbased_key_allowed(authctxt->pw, cuser, chost, key)) && + PRIVSEP(key_verify(key, sig, slen, buffer_ptr(&b), + buffer_len(&b))) == 1) authenticated = 1; buffer_clear(&b); @@ -730,7 +746,7 @@ } /* check whether given key is in .ssh/authorized_keys* */ -static int +int user_key_allowed(struct passwd *pw, Key *key) { int success; @@ -750,7 +766,7 @@ } /* return 1 if given hostkey is allowed */ -static int +int hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost, Key *key) { diff -ru openssh-3.1p1/authfd.c openssh-3.2.2p1/authfd.c --- openssh-3.1p1/authfd.c 2002-02-27 05:09:43.000000000 +1100 +++ openssh-3.2.2p1/authfd.c 2002-03-22 14:51:07.000000000 +1100 @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: authfd.c,v 1.48 2002/02/24 19:14:59 markus Exp $"); +RCSID("$OpenBSD: authfd.c,v 1.49 2002/03/21 22:44:05 rees Exp $"); #include @@ -532,7 +532,7 @@ } int -ssh_update_card(AuthenticationConnection *auth, int add, const char *reader_id) +ssh_update_card(AuthenticationConnection *auth, int add, const char *reader_id, const char *pin) { Buffer msg; int type; @@ -541,6 +541,7 @@ buffer_put_char(&msg, add ? SSH_AGENTC_ADD_SMARTCARD_KEY : SSH_AGENTC_REMOVE_SMARTCARD_KEY); buffer_put_cstring(&msg, reader_id); + buffer_put_cstring(&msg, pin); if (ssh_request_reply(auth, &msg, &msg) == 0) { buffer_free(&msg); return 0; diff -ru openssh-3.1p1/authfd.h openssh-3.2.2p1/authfd.h --- openssh-3.1p1/authfd.h 2002-03-05 12:53:04.000000000 +1100 +++ openssh-3.2.2p1/authfd.h 2002-03-22 14:51:07.000000000 +1100 @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.h,v 1.23 2002/03/04 17:27:39 stevesk Exp $ */ +/* $OpenBSD: authfd.h,v 1.24 2002/03/21 22:44:05 rees Exp $ */ /* * Author: Tatu Ylonen @@ -67,7 +67,7 @@ int ssh_add_identity(AuthenticationConnection *, Key *, const char *); int ssh_remove_identity(AuthenticationConnection *, Key *); int ssh_remove_all_identities(AuthenticationConnection *, int); -int ssh_update_card(AuthenticationConnection *, int, const char *); +int ssh_update_card(AuthenticationConnection *, int, const char *, const char *); int ssh_decrypt_challenge(AuthenticationConnection *, Key *, BIGNUM *, u_char[16], Only in openssh-3.2.2p1: autom4te-2.53.cache Only in openssh-3.1p1: autom4te.cache diff -ru openssh-3.1p1/bufaux.c openssh-3.2.2p1/bufaux.c --- openssh-3.1p1/bufaux.c 2002-01-22 23:33:32.000000000 +1100 +++ openssh-3.2.2p1/bufaux.c 2002-04-23 20:42:37.000000000 +1000 @@ -37,7 +37,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: bufaux.c,v 1.22 2002/01/18 18:14:17 stevesk Exp $"); +RCSID("$OpenBSD: bufaux.c,v 1.25 2002/04/20 09:14:58 markus Exp $"); #include #include "bufaux.h" @@ -137,10 +137,18 @@ BN_bin2bn(bin, len, value); xfree(bin); } - /* - * Returns an integer from the buffer (4 bytes, msb first). + * Returns integers from the buffer (msb first). */ + +u_short +buffer_get_short(Buffer *buffer) +{ + u_char buf[2]; + buffer_get(buffer, (char *) buf, 2); + return GET_16BIT(buf); +} + u_int buffer_get_int(Buffer *buffer) { @@ -160,9 +168,17 @@ #endif /* - * Stores an integer in the buffer in 4 bytes, msb first. + * Stores integers in the buffer, msb first. */ void +buffer_put_short(Buffer *buffer, u_short value) +{ + char buf[2]; + PUT_16BIT(buf, value); + buffer_append(buffer, buf, 2); +} + +void buffer_put_int(Buffer *buffer, u_int value) { char buf[4]; @@ -196,7 +212,7 @@ /* Get the length. */ len = buffer_get_int(buffer); if (len > 256 * 1024) - fatal("Received packet with bad string length %d", len); + fatal("buffer_get_string: bad string length %d", len); /* Allocate space for the string. Add one byte for a null character. */ value = xmalloc(len + 1); /* Get the string. */ @@ -221,6 +237,8 @@ void buffer_put_cstring(Buffer *buffer, const char *s) { + if (s == NULL) + fatal("buffer_put_cstring: s == NULL"); buffer_put_string(buffer, s, strlen(s)); } diff -ru openssh-3.1p1/bufaux.h openssh-3.2.2p1/bufaux.h --- openssh-3.1p1/bufaux.h 2002-03-06 05:59:45.000000000 +1100 +++ openssh-3.2.2p1/bufaux.h 2002-04-23 20:42:37.000000000 +1000 @@ -1,4 +1,4 @@ -/* $OpenBSD: bufaux.h,v 1.16 2002/03/04 17:27:39 stevesk Exp $ */ +/* $OpenBSD: bufaux.h,v 1.18 2002/04/20 09:14:58 markus Exp $ */ /* * Author: Tatu Ylonen @@ -23,6 +23,9 @@ void buffer_get_bignum(Buffer *, BIGNUM *); void buffer_get_bignum2(Buffer *, BIGNUM *); +u_short buffer_get_short(Buffer *); +void buffer_put_short(Buffer *, u_short); + u_int buffer_get_int(Buffer *); void buffer_put_int(Buffer *, u_int); @@ -38,4 +41,7 @@ void buffer_put_string(Buffer *, const void *, u_int); void buffer_put_cstring(Buffer *, const char *); +#define buffer_skip_string(b) \ + do { u_int l = buffer_get_int(b); buffer_consume(b, l); } while(0) + #endif /* BUFAUX_H */ diff -ru openssh-3.1p1/channels.c openssh-3.2.2p1/channels.c --- openssh-3.1p1/channels.c 2002-03-05 12:57:45.000000000 +1100 +++ openssh-3.2.2p1/channels.c 2002-04-23 21:09:46.000000000 +1000 @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: channels.c,v 1.171 2002/03/04 19:37:58 markus Exp $"); +RCSID("$OpenBSD: channels.c,v 1.173 2002/04/22 21:04:52 markus Exp $"); #include "ssh.h" #include "ssh1.h" @@ -706,7 +706,11 @@ if (buffer_len(&c->output) > 0) { FD_SET(c->wfd, writeset); } else if (c->ostate == CHAN_OUTPUT_WAIT_DRAIN) { - chan_obuf_empty(c); + if (CHANNEL_EFD_OUTPUT_ACTIVE(c)) + debug2("channel %d: obuf_empty delayed efd %d/(%d)", + c->self, c->efd, buffer_len(&c->extended)); + else + chan_obuf_empty(c); } } /** XXX check close conditions, too */ @@ -714,7 +718,8 @@ if (c->extended_usage == CHAN_EXTENDED_WRITE && buffer_len(&c->extended) > 0) FD_SET(c->efd, writeset); - else if (c->extended_usage == CHAN_EXTENDED_READ && + else if (!(c->flags & CHAN_EOF_SENT) && + c->extended_usage == CHAN_EXTENDED_READ && buffer_len(&c->extended) < c->remote_window) FD_SET(c->efd, readset); } @@ -1632,12 +1637,18 @@ fatal("cannot happen: istate == INPUT_WAIT_DRAIN for proto 1.3"); /* * input-buffer is empty and read-socket shutdown: - * tell peer, that we will not send more data: send IEOF + * tell peer, that we will not send more data: send IEOF. + * hack for extended data: delay EOF if EFD still in use. */ - chan_ibuf_empty(c); + if (CHANNEL_EFD_INPUT_ACTIVE(c)) + debug2("channel %d: ibuf_empty delayed efd %d/(%d)", + c->self, c->efd, buffer_len(&c->extended)); + else + chan_ibuf_empty(c); } /* Send extended data, i.e. stderr */ if (compat20 && + !(c->flags & CHAN_EOF_SENT) && c->remote_window > 0 && (len = buffer_len(&c->extended)) > 0 && c->extended_usage == CHAN_EXTENDED_READ) { @@ -1726,6 +1737,13 @@ log("channel %d: ext data for non open", id); return; } + if (c->flags & CHAN_EOF_RCVD) { + if (datafellows & SSH_BUG_EXTEOF) + debug("channel %d: accepting ext data after eof", id); + else + packet_disconnect("Received extended_data after EOF " + "on channel %d.", id); + } tcode = packet_get_int(); if (c->efd == -1 || c->extended_usage != CHAN_EXTENDED_WRITE || @@ -2112,7 +2130,7 @@ const char *address_to_bind = "0.0.0.0"; packet_start(SSH2_MSG_GLOBAL_REQUEST); packet_put_cstring("tcpip-forward"); - packet_put_char(0); /* boolean: want reply */ + packet_put_char(1); /* boolean: want reply */ packet_put_cstring(address_to_bind); packet_put_int(listen_port); packet_send(); diff -ru openssh-3.1p1/channels.h openssh-3.2.2p1/channels.h --- openssh-3.1p1/channels.h 2002-03-05 12:53:04.000000000 +1100 +++ openssh-3.2.2p1/channels.h 2002-03-28 04:36:42.000000000 +1100 @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.h,v 1.65 2002/03/04 17:27:39 stevesk Exp $ */ +/* $OpenBSD: channels.h,v 1.67 2002/03/26 22:50:39 markus Exp $ */ /* * Author: Tatu Ylonen @@ -135,6 +135,18 @@ #define CHAN_CLOSE_SENT 0x01 #define CHAN_CLOSE_RCVD 0x02 +#define CHAN_EOF_SENT 0x04 +#define CHAN_EOF_RCVD 0x08 + +/* check whether 'efd' is still in use */ +#define CHANNEL_EFD_INPUT_ACTIVE(c) \ + (compat20 && c->extended_usage == CHAN_EXTENDED_READ && \ + (c->efd != -1 || \ + buffer_len(&c->extended) > 0)) +#define CHANNEL_EFD_OUTPUT_ACTIVE(c) \ + (compat20 && c->extended_usage == CHAN_EXTENDED_WRITE && \ + ((c->efd != -1 && !(c->flags & (CHAN_EOF_RCVD|CHAN_CLOSE_RCVD))) || \ + buffer_len(&c->extended) > 0)) /* channel management */ diff -ru openssh-3.1p1/cipher.c openssh-3.2.2p1/cipher.c --- openssh-3.1p1/cipher.c 2002-02-19 15:26:43.000000000 +1100 +++ openssh-3.2.2p1/cipher.c 2002-04-05 08:10:39.000000000 +1000 @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: cipher.c,v 1.52 2002/02/18 13:05:32 markus Exp $"); +RCSID("$OpenBSD: cipher.c,v 1.55 2002/04/03 09:26:11 markus Exp $"); #include "xmalloc.h" #include "log.h" @@ -44,6 +44,11 @@ #include #include "rijndael.h" +#if OPENSSL_VERSION_NUMBER < 0x00906000L +#define SSH_OLD_EVP +#define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data) +#endif + static EVP_CIPHER *evp_ssh1_3des(void); static EVP_CIPHER *evp_ssh1_bf(void); static EVP_CIPHER *evp_rijndael(void); @@ -67,22 +72,29 @@ { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, evp_rijndael }, { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, evp_rijndael }, { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, evp_rijndael }, + { "rijndael-cbc@lysator.liu.se", + SSH_CIPHER_SSH2, 16, 32, evp_rijndael }, { NULL, SSH_CIPHER_ILLEGAL, 0, 0, NULL } }; /*--*/ -u_int +u_int cipher_blocksize(Cipher *c) { return (c->block_size); } -u_int +u_int cipher_keylen(Cipher *c) { return (c->key_len); } +u_int +cipher_get_number(Cipher *c) +{ + return (c->number); +} u_int cipher_mask_ssh1(int client) @@ -171,7 +183,11 @@ int encrypt) { static int dowarn = 1; +#ifdef SSH_OLD_EVP + EVP_CIPHER *type; +#else const EVP_CIPHER *type; +#endif int klen; if (cipher->number == SSH_CIPHER_DES) { @@ -196,6 +212,15 @@ type = (*cipher->evptype)(); EVP_CIPHER_CTX_init(&cc->evp); +#ifdef SSH_OLD_EVP + if (type->key_len > 0 && type->key_len != keylen) { + debug("cipher_init: set keylen (%d -> %d)", + type->key_len, keylen); + type->key_len = keylen; + } + EVP_CipherInit(&cc->evp, type, (u_char *)key, (u_char *)iv, + (encrypt == CIPHER_ENCRYPT)); +#else if (EVP_CipherInit(&cc->evp, type, NULL, (u_char *)iv, (encrypt == CIPHER_ENCRYPT)) == 0) fatal("cipher_init: EVP_CipherInit failed for %s", @@ -210,6 +235,7 @@ if (EVP_CipherInit(&cc->evp, NULL, (u_char *)key, NULL, -1) == 0) fatal("cipher_init: EVP_CipherInit: set key failed for %s", cipher->name); +#endif } void @@ -217,15 +243,23 @@ { if (len % cc->cipher->block_size) fatal("cipher_encrypt: bad plaintext length %d", len); +#ifdef SSH_OLD_EVP + EVP_Cipher(&cc->evp, dest, (u_char *)src, len); +#else if (EVP_Cipher(&cc->evp, dest, (u_char *)src, len) == 0) fatal("evp_crypt: EVP_Cipher failed"); +#endif } void cipher_cleanup(CipherContext *cc) { +#ifdef SSH_OLD_EVP + EVP_CIPHER_CTX_cleanup(&cc->evp); +#else if (EVP_CIPHER_CTX_cleanup(&cc->evp) == 0) error("cipher_cleanup: EVP_CIPHER_CTX_cleanup failed"); +#endif } /* @@ -296,6 +330,11 @@ EVP_CIPHER_CTX_init(&c->k1); EVP_CIPHER_CTX_init(&c->k2); EVP_CIPHER_CTX_init(&c->k3); +#ifdef SSH_OLD_EVP + EVP_CipherInit(&c->k1, EVP_des_cbc(), k1, NULL, enc); + EVP_CipherInit(&c->k2, EVP_des_cbc(), k2, NULL, !enc); + EVP_CipherInit(&c->k3, EVP_des_cbc(), k3, NULL, enc); +#else if (EVP_CipherInit(&c->k1, EVP_des_cbc(), k1, NULL, enc) == 0 || EVP_CipherInit(&c->k2, EVP_des_cbc(), k2, NULL, !enc) == 0 || EVP_CipherInit(&c->k3, EVP_des_cbc(), k3, NULL, enc) == 0) { @@ -304,6 +343,7 @@ EVP_CIPHER_CTX_set_app_data(ctx, NULL); return (0); } +#endif return (1); } static int @@ -315,10 +355,16 @@ error("ssh1_3des_cbc: no context"); return (0); } +#ifdef SSH_OLD_EVP + EVP_Cipher(&c->k1, dest, (u_char *)src, len); + EVP_Cipher(&c->k2, dest, dest, len); + EVP_Cipher(&c->k3, dest, dest, len); +#else if (EVP_Cipher(&c->k1, dest, (u_char *)src, len) == 0 || EVP_Cipher(&c->k2, dest, dest, len) == 0 || EVP_Cipher(&c->k3, dest, dest, len) == 0) return (0); +#endif return (1); } static int @@ -346,7 +392,9 @@ ssh1_3des.init = ssh1_3des_init; ssh1_3des.cleanup = ssh1_3des_cleanup; ssh1_3des.do_cipher = ssh1_3des_cbc; +#ifndef SSH_OLD_EVP ssh1_3des.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH; +#endif return (&ssh1_3des); } @@ -494,7 +542,177 @@ rijndal_cbc.init = ssh_rijndael_init; rijndal_cbc.cleanup = ssh_rijndael_cleanup; rijndal_cbc.do_cipher = ssh_rijndael_cbc; +#ifndef SSH_OLD_EVP rijndal_cbc.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_ALWAYS_CALL_INIT; +#endif return (&rijndal_cbc); } + +/* + * Exports an IV from the CipherContext required to export the key + * state back from the unprivileged child to the privileged parent + * process. + */ + +int +cipher_get_keyiv_len(CipherContext *cc) +{ + Cipher *c = cc->cipher; + int ivlen; + + if (c->number == SSH_CIPHER_3DES) + ivlen = 24; + else + ivlen = EVP_CIPHER_CTX_iv_length(&cc->evp); + return (ivlen); +} + +void +cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len) +{ + Cipher *c = cc->cipher; + u_char *civ = NULL; + int evplen; + + switch (c->number) { + case SSH_CIPHER_SSH2: + case SSH_CIPHER_DES: + case SSH_CIPHER_BLOWFISH: + evplen = EVP_CIPHER_CTX_iv_length(&cc->evp); + if (evplen == 0) + return; + if (evplen != len) + fatal("%s: wrong iv length %d != %d", __FUNCTION__, + evplen, len); + + if (c->evptype == evp_rijndael) { + struct ssh_rijndael_ctx *aesc; + + aesc = EVP_CIPHER_CTX_get_app_data(&cc->evp); + if (aesc == NULL) + fatal("%s: no rijndael context", __FUNCTION__); + civ = aesc->r_iv; + } else { + civ = cc->evp.iv; + } + break; + case SSH_CIPHER_3DES: { + struct ssh1_3des_ctx *desc; + if (len != 24) + fatal("%s: bad 3des iv length: %d", __FUNCTION__, len); + desc = EVP_CIPHER_CTX_get_app_data(&cc->evp); + if (desc == NULL) + fatal("%s: no 3des context", __FUNCTION__); + debug3("%s: Copying 3DES IV", __FUNCTION__); + memcpy(iv, desc->k1.iv, 8); + memcpy(iv + 8, desc->k2.iv, 8); + memcpy(iv + 16, desc->k3.iv, 8); + return; + } + default: + fatal("%s: bad cipher %d", __FUNCTION__, c->number); + } + memcpy(iv, civ, len); +} + +void +cipher_set_keyiv(CipherContext *cc, u_char *iv) +{ + Cipher *c = cc->cipher; + u_char *div = NULL; + int evplen = 0; + + switch (c->number) { + case SSH_CIPHER_SSH2: + case SSH_CIPHER_DES: + case SSH_CIPHER_BLOWFISH: + evplen = EVP_CIPHER_CTX_iv_length(&cc->evp); + if (evplen == 0) + return; + + if (c->evptype == evp_rijndael) { + struct ssh_rijndael_ctx *aesc; + + aesc = EVP_CIPHER_CTX_get_app_data(&cc->evp); + if (aesc == NULL) + fatal("%s: no rijndael context", __FUNCTION__); + div = aesc->r_iv; + }else { + div = cc->evp.iv; + } + break; + case SSH_CIPHER_3DES: { + struct ssh1_3des_ctx *desc; + desc = EVP_CIPHER_CTX_get_app_data(&cc->evp); + if (desc == NULL) + fatal("%s: no 3des context", __FUNCTION__); + debug3("%s: Installed 3DES IV", __FUNCTION__); + memcpy(desc->k1.iv, iv, 8); + memcpy(desc->k2.iv, iv + 8, 8); + memcpy(desc->k3.iv, iv + 16, 8); + return; + } + default: + fatal("%s: bad cipher %d", __FUNCTION__, c->number); + } + memcpy(div, iv, evplen); +} + +#if OPENSSL_VERSION_NUMBER < 0x00907000L +#define EVP_X_STATE(evp) &(evp).c +#define EVP_X_STATE_LEN(evp) sizeof((evp).c) +#else +#define EVP_X_STATE(evp) (evp).cipher_data +#define EVP_X_STATE_LEN(evp) (evp).cipher->ctx_size +#endif + +int +cipher_get_keycontext(CipherContext *cc, u_char *dat) +{ + Cipher *c = cc->cipher; + int plen; + + if (c->number == SSH_CIPHER_3DES) { + struct ssh1_3des_ctx *desc; + desc = EVP_CIPHER_CTX_get_app_data(&cc->evp); + if (desc == NULL) + fatal("%s: no 3des context", __FUNCTION__); + plen = EVP_X_STATE_LEN(desc->k1); + if (dat == NULL) + return (3*plen); + memcpy(dat, EVP_X_STATE(desc->k1), plen); + memcpy(dat + plen, EVP_X_STATE(desc->k2), plen); + memcpy(dat + 2*plen, EVP_X_STATE(desc->k3), plen); + return (3*plen); + } + + /* Generic EVP */ + plen = EVP_X_STATE_LEN(cc->evp); + if (dat == NULL) + return (plen); + + memcpy(dat, EVP_X_STATE(cc->evp), plen); + return (plen); +} + +void +cipher_set_keycontext(CipherContext *cc, u_char *dat) +{ + Cipher *c = cc->cipher; + int plen; + + if (c->number == SSH_CIPHER_3DES) { + struct ssh1_3des_ctx *desc; + desc = EVP_CIPHER_CTX_get_app_data(&cc->evp); + if (desc == NULL) + fatal("%s: no 3des context", __FUNCTION__); + plen = EVP_X_STATE_LEN(desc->k1); + memcpy(EVP_X_STATE(desc->k1), dat, plen); + memcpy(EVP_X_STATE(desc->k2), dat + plen, plen); + memcpy(EVP_X_STATE(desc->k3), dat + 2*plen, plen); + } else { + plen = EVP_X_STATE_LEN(cc->evp); + memcpy(EVP_X_STATE(cc->evp), dat, plen); + } +} diff -ru openssh-3.1p1/cipher.h openssh-3.2.2p1/cipher.h --- openssh-3.1p1/cipher.h 2002-03-05 12:53:04.000000000 +1100 +++ openssh-3.2.2p1/cipher.h 2002-03-22 12:39:45.000000000 +1100 @@ -1,4 +1,4 @@ -/* $OpenBSD: cipher.h,v 1.32 2002/03/04 17:27:39 stevesk Exp $ */ +/* $OpenBSD: cipher.h,v 1.33 2002/03/18 17:13:15 markus Exp $ */ /* * Author: Tatu Ylonen @@ -81,4 +81,11 @@ void cipher_set_key_string(CipherContext *, Cipher *, const char *, int); u_int cipher_blocksize(Cipher *); u_int cipher_keylen(Cipher *); + +u_int cipher_get_number(Cipher *); +void cipher_get_keyiv(CipherContext *, u_char *, u_int); +void cipher_set_keyiv(CipherContext *, u_char *); +int cipher_get_keyiv_len(CipherContext *); +int cipher_get_keycontext(CipherContext *, u_char *); +void cipher_set_keycontext(CipherContext *, u_char *); #endif /* CIPHER_H */ diff -ru openssh-3.1p1/clientloop.c openssh-3.2.2p1/clientloop.c --- openssh-3.1p1/clientloop.c 2002-02-08 22:07:17.000000000 +1100 +++ openssh-3.2.2p1/clientloop.c 2002-04-23 21:09:46.000000000 +1000 @@ -59,7 +59,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: clientloop.c,v 1.96 2002/02/06 14:55:15 markus Exp $"); +RCSID("$OpenBSD: clientloop.c,v 1.100 2002/04/22 21:04:52 markus Exp $"); #include "ssh.h" #include "ssh1.h" @@ -81,6 +81,7 @@ #include "atomicio.h" #include "sshtty.h" #include "misc.h" +#include "readpass.h" /* import options */ extern Options options; @@ -470,6 +471,67 @@ } } +static void +process_cmdline(void) +{ + void (*handler)(int); + char *s, *cmd; + u_short fwd_port, fwd_host_port; + char buf[1024], sfwd_port[6], sfwd_host_port[6]; + int local = 0; + + leave_raw_mode(); + handler = signal(SIGINT, SIG_IGN); + cmd = s = read_passphrase("\r\nssh> ", RP_ECHO); + if (s == NULL) + goto out; + while (*s && isspace(*s)) + s++; + if (*s == 0) + goto out; + if (strlen(s) < 2 || s[0] != '-' || !(s[1] == 'L' || s[1] == 'R')) { + log("Invalid command."); + goto out; + } + if (s[1] == 'L') + local = 1; + if (!local && !compat20) { + log("Not supported for SSH protocol version 1."); + goto out; + } + s += 2; + while (*s && isspace(*s)) + s++; + + if (sscanf(s, "%5[0-9]:%255[^:]:%5[0-9]", + sfwd_port, buf, sfwd_host_port) != 3 && + sscanf(s, "%5[0-9]/%255[^/]/%5[0-9]", + sfwd_port, buf, sfwd_host_port) != 3) { + log("Bad forwarding specification."); + goto out; + } + if ((fwd_port = a2port(sfwd_port)) == 0 || + (fwd_host_port = a2port(sfwd_host_port)) == 0) { + log("Bad forwarding port(s)."); + goto out; + } + if (local) { + if (channel_setup_local_fwd_listener(fwd_port, buf, + fwd_host_port, options.gateway_ports) < 0) { + log("Port forwarding failed."); + goto out; + } + } else + channel_request_remote_forwarding(fwd_port, buf, + fwd_host_port); + log("Forwarding port."); +out: + signal(SIGINT, handler); + enter_raw_mode(); + if (cmd) + xfree(cmd); +} + /* process the characters one by one */ static int process_escapes(Buffer *bin, Buffer *bout, Buffer *berr, char *buf, int len) @@ -574,6 +636,7 @@ "%c?\r\n\ Supported escape sequences:\r\n\ ~. - terminate connection\r\n\ +~C - open a command line\r\n\ ~R - Request rekey (SSH protocol 2 only)\r\n\ ~^Z - suspend ssh\r\n\ ~# - list forwarded connections\r\n\ @@ -593,6 +656,10 @@ xfree(s); continue; + case 'C': + process_cmdline(); + continue; + default: if (ch != escape_char) { buffer_put_char(bin, escape_char); @@ -1247,6 +1314,7 @@ client_init_dispatch_20(void) { dispatch_init(&dispatch_protocol_error); + dispatch_set(SSH2_MSG_CHANNEL_CLOSE, &channel_input_oclose); dispatch_set(SSH2_MSG_CHANNEL_DATA, &channel_input_data); dispatch_set(SSH2_MSG_CHANNEL_EOF, &channel_input_ieof); @@ -1260,6 +1328,10 @@ /* rekeying */ dispatch_set(SSH2_MSG_KEXINIT, &kex_input_kexinit); + + /* global request reply messages */ + dispatch_set(SSH2_MSG_REQUEST_FAILURE, &client_global_request_reply); + dispatch_set(SSH2_MSG_REQUEST_SUCCESS, &client_global_request_reply); } static void client_init_dispatch_13(void) diff -ru openssh-3.1p1/clientloop.h openssh-3.2.2p1/clientloop.h --- openssh-3.1p1/clientloop.h 2001-07-04 14:46:57.000000000 +1000 +++ openssh-3.2.2p1/clientloop.h 2002-04-23 21:09:46.000000000 +1000 @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.h,v 1.6 2001/06/26 17:27:23 markus Exp $ */ +/* $OpenBSD: clientloop.h,v 1.7 2002/04/22 21:04:52 markus Exp $ */ /* * Author: Tatu Ylonen @@ -37,3 +37,4 @@ /* Client side main loop for the interactive session. */ int client_loop(int, int, int); +void client_global_request_reply(int type, u_int32_t seq, void *ctxt); diff -ru openssh-3.1p1/compat.c openssh-3.2.2p1/compat.c --- openssh-3.1p1/compat.c 2002-03-07 12:59:04.000000000 +1100 +++ openssh-3.2.2p1/compat.c 2002-04-11 02:22:10.000000000 +1000 @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: compat.c,v 1.61 2002/03/06 00:24:39 markus Exp $"); +RCSID("$OpenBSD: compat.c,v 1.63 2002/04/10 08:21:47 markus Exp $"); #include "buffer.h" #include "packet.h" @@ -61,20 +61,26 @@ "OpenSSH-2.1*," "OpenSSH_2.1*," "OpenSSH_2.2*", SSH_OLD_SESSIONID|SSH_BUG_BANNER| - SSH_OLD_DHGEX|SSH_BUG_NOREKEY }, + SSH_OLD_DHGEX|SSH_BUG_NOREKEY| + SSH_BUG_EXTEOF}, { "OpenSSH_2.3.0*", SSH_BUG_BANNER|SSH_BUG_BIGENDIANAES| - SSH_OLD_DHGEX|SSH_BUG_NOREKEY}, + SSH_OLD_DHGEX|SSH_BUG_NOREKEY| + SSH_BUG_EXTEOF}, { "OpenSSH_2.3.*", SSH_BUG_BIGENDIANAES|SSH_OLD_DHGEX| - SSH_BUG_NOREKEY}, + SSH_BUG_NOREKEY|SSH_BUG_EXTEOF}, { "OpenSSH_2.5.0p1*," "OpenSSH_2.5.1p1*", SSH_BUG_BIGENDIANAES|SSH_OLD_DHGEX| - SSH_BUG_NOREKEY }, + SSH_BUG_NOREKEY|SSH_BUG_EXTEOF}, { "OpenSSH_2.5.0*," "OpenSSH_2.5.1*," - "OpenSSH_2.5.2*", SSH_OLD_DHGEX|SSH_BUG_NOREKEY }, - { "OpenSSH_2.5.3*", SSH_BUG_NOREKEY }, - { "Sun_SSH_1.0*", SSH_BUG_NOREKEY }, + "OpenSSH_2.5.2*", SSH_OLD_DHGEX|SSH_BUG_NOREKEY| + SSH_BUG_EXTEOF}, + { "OpenSSH_2.5.3*", SSH_BUG_NOREKEY|SSH_BUG_EXTEOF}, + { "OpenSSH_2.*," + "OpenSSH_3.0*," + "OpenSSH_3.1*", SSH_BUG_EXTEOF}, + { "Sun_SSH_1.0*", SSH_BUG_NOREKEY|SSH_BUG_EXTEOF}, { "OpenSSH*", 0 }, { "*MindTerm*", 0 }, { "2.1.0*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| @@ -121,8 +127,12 @@ "1.2.19*," "1.2.20*," "1.2.21*," - "1.2.22*", SSH_BUG_IGNOREMSG }, - { "1.3.2*", SSH_BUG_IGNOREMSG }, /* f-secure */ + "1.2.22*", SSH_BUG_IGNOREMSG|SSH_BUG_K5USER }, + { "1.3.2*", /* F-Secure */ + SSH_BUG_IGNOREMSG|SSH_BUG_K5USER }, + { "1.2.1*," + "1.2.2*," + "1.2.3*", SSH_BUG_K5USER }, { "*SSH Compatible Server*", /* Netscreen */ SSH_BUG_PASSWORDPAD }, { "*OSU_0*," diff -ru openssh-3.1p1/compat.h openssh-3.2.2p1/compat.h --- openssh-3.1p1/compat.h 2002-03-05 12:53:04.000000000 +1100 +++ openssh-3.2.2p1/compat.h 2002-04-11 02:22:10.000000000 +1000 @@ -1,4 +1,4 @@ -/* $OpenBSD: compat.h,v 1.30 2002/03/04 17:27:39 stevesk Exp $ */ +/* $OpenBSD: compat.h,v 1.32 2002/04/10 08:21:47 markus Exp $ */ /* * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved. @@ -52,6 +52,8 @@ #define SSH_BUG_OPENFAILURE 0x00020000 #define SSH_BUG_DERIVEKEY 0x00040000 #define SSH_BUG_DUMMYCHAN 0x00100000 +#define SSH_BUG_EXTEOF 0x00200000 +#define SSH_BUG_K5USER 0x00400000 void enable_compat13(void); void enable_compat20(void); diff -ru openssh-3.1p1/compress.c openssh-3.2.2p1/compress.c --- openssh-3.1p1/compress.c 2002-01-22 23:18:16.000000000 +1100 +++ openssh-3.2.2p1/compress.c 2002-03-22 12:51:25.000000000 +1100 @@ -12,17 +12,19 @@ */ #include "includes.h" -RCSID("$OpenBSD: compress.c,v 1.17 2001/12/29 21:56:01 stevesk Exp $"); +RCSID("$OpenBSD: compress.c,v 1.19 2002/03/18 17:31:54 provos Exp $"); #include "log.h" #include "buffer.h" #include "zlib.h" #include "compress.h" -static z_stream incoming_stream; -static z_stream outgoing_stream; +z_stream incoming_stream; +z_stream outgoing_stream; static int compress_init_send_called = 0; static int compress_init_recv_called = 0; +static int inflate_failed = 0; +static int deflate_failed = 0; /* * Initializes compression; level is compression level from 1 to 9 @@ -62,9 +64,9 @@ incoming_stream.total_out, incoming_stream.total_in, incoming_stream.total_out == 0 ? 0.0 : (double) incoming_stream.total_in / incoming_stream.total_out); - if (compress_init_recv_called == 1) + if (compress_init_recv_called == 1 && inflate_failed == 0) inflateEnd(&incoming_stream); - if (compress_init_send_called == 1) + if (compress_init_send_called == 1 && deflate_failed == 0) deflateEnd(&outgoing_stream); } @@ -106,6 +108,7 @@ sizeof(buf) - outgoing_stream.avail_out); break; default: + deflate_failed = 1; fatal("buffer_compress: deflate returned %d", status); /* NOTREACHED */ } @@ -149,6 +152,7 @@ */ return; default: + inflate_failed = 1; fatal("buffer_uncompress: inflate returned %d", status); /* NOTREACHED */ } diff -ru openssh-3.1p1/config.h.in openssh-3.2.2p1/config.h.in --- openssh-3.1p1/config.h.in 2002-03-07 13:22:30.000000000 +1100 +++ openssh-3.2.2p1/config.h.in 2002-05-16 09:42:52.000000000 +1000 @@ -1,5 +1,5 @@ /* config.h.in. Generated from configure.ac by autoheader. */ -/* $Id: acconfig.h,v 1.122 2002/02/26 16:40:49 tim Exp $ */ +/* $Id: acconfig.h,v 1.137 2002/05/13 03:15:43 djm Exp $ */ #ifndef _CONFIG_H #define _CONFIG_H @@ -14,10 +14,9 @@ /* SCO workaround */ #undef BROKEN_SYS_TERMIO_H -#undef HAVE_BOGUS_SYS_QUEUE_H -/* Define if you have SCO protected password database */ -#undef HAVE_SCO_PROTECTED_PW +/* Define if you have SecureWare-based protected password database */ +#undef HAVE_SECUREWARE /* If your header files don't define LOGIN_PROGRAM, then use this (detected) */ /* from environment and PATH */ @@ -32,6 +31,12 @@ /* Define if your password has a pw_change field */ #undef HAVE_PW_CHANGE_IN_PASSWD +/* Define if your system uses access rights style file descriptor passing */ +#undef HAVE_ACCRIGHTS_IN_MSGHDR + +/* Define if your system uses ancillary data style file descriptor passing */ +#undef HAVE_CONTROL_IN_MSGHDR + /* Define if you system's inet_ntoa is busted (e.g. Irix gcc issue) */ #undef BROKEN_INET_NTOA @@ -95,6 +100,9 @@ /* Builtin PRNG command timeout */ #undef ENTROPY_TIMEOUT_MSEC +/* non-privileged user for privilege separation */ +#undef SSH_PRIVSEP_USER + /* Define if you want to install preformatted manpages.*/ #undef MANTYPE @@ -157,6 +165,9 @@ /* Some versions of /bin/login need the TERM supplied on the commandline */ #undef LOGIN_NEEDS_TERM +/* Define if your login program cannot handle end of options ("--") */ +#undef LOGIN_NO_ENDOPT + /* Define if you want to specify the path to your lastlog file */ #undef CONF_LASTLOG_FILE @@ -178,6 +189,18 @@ /* Define if libc defines __progname */ #undef HAVE___PROGNAME +/* Define if compiler implements __FUNCTION__ */ +#undef HAVE___FUNCTION__ + +/* Define if compiler implements __func__ */ +#undef HAVE___func__ + +/* Define if you want Kerberos 5 support */ +#undef KRB5 + +/* Define this if you are using the Heimdal version of Kerberos V5 */ +#undef HEIMDAL + /* Define if you want Kerberos 4 support */ #undef KRB4 @@ -220,9 +243,6 @@ /* Define if you have getpwanam(3) [SunOS 4.x] */ #undef HAVE_GETPWANAM -/* Defined if in_systm.h needs to be included with netinet/ip.h (HPUX - ) */ -#undef NEED_IN_SYSTM_H - /* Define if you have an old version of PAM which takes only one argument */ /* to pam_strerror */ #undef HAVE_OLD_PAM @@ -275,9 +295,6 @@ /* Use IPv4 for connection by default, IPv6 can still if explicity asked */ #undef IPV4_DEFAULT -/* If you have no atexit() but xatexit(), and want to use xatexit() */ -#undef HAVE_XATEXIT - /* getaddrinfo is broken (if present) */ #undef BROKEN_GETADDRINFO @@ -320,460 +337,502 @@ /* Define if you want smartcard support */ #undef SMARTCARD +/* Define if you want smartcard support using sectok */ +#undef USE_SECTOK + +/* Define if you want smartcard support using OpenSC */ +#undef USE_OPENSC + /* Define if you want to use OpenSSL's internally seeded PRNG only */ #undef OPENSSL_PRNG_ONLY +/* Define if you shouldn't strip 'tty' from your ttyname in [uw]tmp */ +#undef WITH_ABBREV_NO_TTY + +/* Define if you want a different $PATH for the superuser */ +#undef SUPERUSER_PATH -/* Define if the `getpgrp' function takes no argument. */ +/* Path that unprivileged child will chroot() to in privep mode */ +#undef PRIVSEP_PATH + + +/* Define to 1 if the `getpgrp' function requires zero arguments. */ #undef GETPGRP_VOID -/* Define if you have the `arc4random' function. */ +/* Define to 1 if you have the `arc4random' function. */ #undef HAVE_ARC4RANDOM -/* Define if you have the `atexit' function. */ -#undef HAVE_ATEXIT - -/* Define if you have the `b64_ntop' function. */ +/* Define to 1 if you have the `b64_ntop' function. */ #undef HAVE_B64_NTOP -/* Define if you have the `bcopy' function. */ +/* Define to 1 if you have the `bcopy' function. */ #undef HAVE_BCOPY -/* Define if you have the `bindresvport_sa' function. */ +/* Define to 1 if you have the `bindresvport_sa' function. */ #undef HAVE_BINDRESVPORT_SA -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_BSTRING_H -/* Define if you have the `clock' function. */ +/* Define to 1 if you have the `clock' function. */ #undef HAVE_CLOCK -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_CRYPT_H -/* Define if you have the `dirname' function. */ +/* Define to 1 if you have the `dirname' function. */ #undef HAVE_DIRNAME -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_ENDIAN_H -/* Define if you have the `endutent' function. */ +/* Define to 1 if you have the `endutent' function. */ #undef HAVE_ENDUTENT -/* Define if you have the `endutxent' function. */ +/* Define to 1 if you have the `endutxent' function. */ #undef HAVE_ENDUTXENT -/* Define if you have the `fchmod' function. */ +/* Define to 1 if you have the `fchmod' function. */ #undef HAVE_FCHMOD -/* Define if you have the `fchown' function. */ +/* Define to 1 if you have the `fchown' function. */ #undef HAVE_FCHOWN -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_FLOATINGPOINT_H -/* Define if you have the `freeaddrinfo' function. */ +/* Define to 1 if you have the `freeaddrinfo' function. */ #undef HAVE_FREEADDRINFO -/* Define if you have the `futimes' function. */ +/* Define to 1 if you have the `futimes' function. */ #undef HAVE_FUTIMES -/* Define if you have the `gai_strerror' function. */ +/* Define to 1 if you have the `gai_strerror' function. */ #undef HAVE_GAI_STRERROR -/* Define if you have the `getaddrinfo' function. */ +/* Define to 1 if you have the `getaddrinfo' function. */ #undef HAVE_GETADDRINFO -/* Define if you have the `getcwd' function. */ +/* Define to 1 if you have the `getcwd' function. */ #undef HAVE_GETCWD -/* Define if you have the `getgrouplist' function. */ +/* Define to 1 if you have the `getgrouplist' function. */ #undef HAVE_GETGROUPLIST -/* Define if you have the `getluid' function. */ +/* Define to 1 if you have the `getluid' function. */ #undef HAVE_GETLUID -/* Define if you have the `getnameinfo' function. */ +/* Define to 1 if you have the `getnameinfo' function. */ #undef HAVE_GETNAMEINFO -/* Define if you have the `getopt' function. */ +/* Define to 1 if you have the `getopt' function. */ #undef HAVE_GETOPT -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_GETOPT_H -/* Define if you have the `getpwanam' function. */ +/* Define to 1 if you have the `getpwanam' function. */ #undef HAVE_GETPWANAM -/* Define if you have the `getrlimit' function. */ +/* Define to 1 if you have the `getrlimit' function. */ #undef HAVE_GETRLIMIT -/* Define if you have the `getrusage' function. */ +/* Define to 1 if you have the `getrusage' function. */ #undef HAVE_GETRUSAGE -/* Define if you have the `gettimeofday' function. */ +/* Define to 1 if you have the `gettimeofday' function. */ #undef HAVE_GETTIMEOFDAY -/* Define if you have the `getttyent' function. */ +/* Define to 1 if you have the `getttyent' function. */ #undef HAVE_GETTTYENT -/* Define if you have the `getutent' function. */ +/* Define to 1 if you have the `getutent' function. */ #undef HAVE_GETUTENT -/* Define if you have the `getutid' function. */ +/* Define to 1 if you have the `getutid' function. */ #undef HAVE_GETUTID -/* Define if you have the `getutline' function. */ +/* Define to 1 if you have the `getutline' function. */ #undef HAVE_GETUTLINE -/* Define if you have the `getutxent' function. */ +/* Define to 1 if you have the `getutxent' function. */ #undef HAVE_GETUTXENT -/* Define if you have the `getutxid' function. */ +/* Define to 1 if you have the `getutxid' function. */ #undef HAVE_GETUTXID -/* Define if you have the `getutxline' function. */ +/* Define to 1 if you have the `getutxline' function. */ #undef HAVE_GETUTXLINE -/* Define if you have the `glob' function. */ +/* Define to 1 if you have the `glob' function. */ #undef HAVE_GLOB -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_GLOB_H -/* Define if you have the `inet_aton' function. */ +/* Define to 1 if you have the `inet_aton' function. */ #undef HAVE_INET_ATON -/* Define if you have the `inet_ntoa' function. */ +/* Define to 1 if you have the `inet_ntoa' function. */ #undef HAVE_INET_NTOA -/* Define if you have the `inet_ntop' function. */ +/* Define to 1 if you have the `inet_ntop' function. */ #undef HAVE_INET_NTOP -/* Define if you have the `innetgr' function. */ +/* Define to 1 if you have the `innetgr' function. */ #undef HAVE_INNETGR -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_INTTYPES_H -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_KRB_H -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_LASTLOG_H -/* Define if you have the `des' library (-ldes). */ +/* Define to 1 if you have the `des' library (-ldes). */ #undef HAVE_LIBDES -/* Define if you have the `des425' library (-ldes425). */ +/* Define to 1 if you have the `des425' library (-ldes425). */ #undef HAVE_LIBDES425 -/* Define if you have the `dl' library (-ldl). */ +/* Define to 1 if you have the `dl' library (-ldl). */ #undef HAVE_LIBDL -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_LIBGEN_H -/* Define if you have the `krb' library (-lkrb). */ +/* Define to 1 if you have the `krb' library (-lkrb). */ #undef HAVE_LIBKRB -/* Define if you have the `krb4' library (-lkrb4). */ +/* Define to 1 if you have the `krb4' library (-lkrb4). */ #undef HAVE_LIBKRB4 -/* Define if you have the `nsl' library (-lnsl). */ +/* Define to 1 if you have the `nsl' library (-lnsl). */ #undef HAVE_LIBNSL -/* Define if you have the `pam' library (-lpam). */ +/* Define to 1 if you have the `pam' library (-lpam). */ #undef HAVE_LIBPAM -/* Define if you have the `resolv' library (-lresolv). */ +/* Define to 1 if you have the `resolv' library (-lresolv). */ #undef HAVE_LIBRESOLV -/* Define if you have the `sectok' library (-lsectok). */ +/* Define to 1 if you have the `sectok' library (-lsectok). */ #undef HAVE_LIBSECTOK -/* Define if you have the `socket' library (-lsocket). */ +/* Define to 1 if you have the `socket' library (-lsocket). */ #undef HAVE_LIBSOCKET -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_LIBUTIL_H -/* Define if you have the `z' library (-lz). */ +/* Define to 1 if you have the `z' library (-lz). */ #undef HAVE_LIBZ -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_LIMITS_H -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_LOGIN_CAP_H -/* Define if you have the `login_getcapbool' function. */ +/* Define to 1 if you have the `login_getcapbool' function. */ #undef HAVE_LOGIN_GETCAPBOOL -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_LOGIN_H -/* Define if you have the `logout' function. */ +/* Define to 1 if you have the `logout' function. */ #undef HAVE_LOGOUT -/* Define if you have the `logwtmp' function. */ +/* Define to 1 if you have the `logwtmp' function. */ #undef HAVE_LOGWTMP -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_MAILLOCK_H -/* Define if you have the `md5_crypt' function. */ +/* Define to 1 if you have the `md5_crypt' function. */ #undef HAVE_MD5_CRYPT -/* Define if you have the `memmove' function. */ +/* Define to 1 if you have the `memmove' function. */ #undef HAVE_MEMMOVE -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_MEMORY_H -/* Define if you have the `mkdtemp' function. */ +/* Define to 1 if you have the `mkdtemp' function. */ #undef HAVE_MKDTEMP -/* Define if you have the header file. */ +/* Define to 1 if you have the `mmap' function. */ +#undef HAVE_MMAP + +/* Define to 1 if you have the header file. */ #undef HAVE_NETDB_H -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_NETGROUP_H -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_NETINET_IN_SYSTM_H -/* Define if you have the `on_exit' function. */ -#undef HAVE_ON_EXIT +/* Define to 1 if you have the `ngetaddrinfo' function. */ +#undef HAVE_NGETADDRINFO -/* Define if you have the `openpty' function. */ +/* Define to 1 if you have the `ogetaddrinfo' function. */ +#undef HAVE_OGETADDRINFO + +/* Define to 1 if you have the `openpty' function. */ #undef HAVE_OPENPTY -/* Define if you have the `pam_getenvlist' function. */ +/* Define to 1 if you have the `pam_getenvlist' function. */ #undef HAVE_PAM_GETENVLIST -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_PATHS_H -/* Define if you have the header file. */ -#undef HAVE_POLL_H - -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_PTY_H -/* Define if you have the `pututline' function. */ +/* Define to 1 if you have the `pututline' function. */ #undef HAVE_PUTUTLINE -/* Define if you have the `pututxline' function. */ +/* Define to 1 if you have the `pututxline' function. */ #undef HAVE_PUTUTXLINE -/* Define if you have the `readpassphrase' function. */ +/* Define to 1 if you have the `readpassphrase' function. */ #undef HAVE_READPASSPHRASE -/* Define if you have the `realpath' function. */ +/* Define to 1 if you have the header file. */ +#undef HAVE_READPASSPHRASE_H + +/* Define to 1 if you have the `realpath' function. */ #undef HAVE_REALPATH -/* Define if you have the `rresvport_af' function. */ +/* Define to 1 if you have the `recvmsg' function. */ +#undef HAVE_RECVMSG + +/* Define to 1 if you have the header file. */ +#undef HAVE_RPC_TYPES_H + +/* Define to 1 if you have the `rresvport_af' function. */ #undef HAVE_RRESVPORT_AF -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_SECTOK_H -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_SECURITY_PAM_APPL_H -/* Define if you have the `setdtablesize' function. */ +/* Define to 1 if you have the `sendmsg' function. */ +#undef HAVE_SENDMSG + +/* Define to 1 if you have the `setdtablesize' function. */ #undef HAVE_SETDTABLESIZE -/* Define if you have the `setegid' function. */ +/* Define to 1 if you have the `setegid' function. */ #undef HAVE_SETEGID -/* Define if you have the `setenv' function. */ +/* Define to 1 if you have the `setenv' function. */ #undef HAVE_SETENV -/* Define if you have the `seteuid' function. */ +/* Define to 1 if you have the `seteuid' function. */ #undef HAVE_SETEUID -/* Define if you have the `setlogin' function. */ +/* Define to 1 if you have the `setlogin' function. */ #undef HAVE_SETLOGIN -/* Define if you have the `setluid' function. */ +/* Define to 1 if you have the `setluid' function. */ #undef HAVE_SETLUID -/* Define if you have the `setproctitle' function. */ +/* Define to 1 if you have the `setproctitle' function. */ #undef HAVE_SETPROCTITLE -/* Define if you have the `setresgid' function. */ +/* Define to 1 if you have the `setresgid' function. */ #undef HAVE_SETRESGID -/* Define if you have the `setreuid' function. */ +/* Define to 1 if you have the `setreuid' function. */ #undef HAVE_SETREUID -/* Define if you have the `setrlimit' function. */ +/* Define to 1 if you have the `setrlimit' function. */ #undef HAVE_SETRLIMIT -/* Define if you have the `setsid' function. */ +/* Define to 1 if you have the `setsid' function. */ #undef HAVE_SETSID -/* Define if you have the `setutent' function. */ +/* Define to 1 if you have the `setutent' function. */ #undef HAVE_SETUTENT -/* Define if you have the `setutxent' function. */ +/* Define to 1 if you have the `setutxent' function. */ #undef HAVE_SETUTXENT -/* Define if you have the `setvbuf' function. */ +/* Define to 1 if you have the `setvbuf' function. */ #undef HAVE_SETVBUF -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_SHADOW_H -/* Define if you have the `sigaction' function. */ +/* Define to 1 if you have the `sigaction' function. */ #undef HAVE_SIGACTION -/* Define if you have the `sigvec' function. */ +/* Define to 1 if you have the `sigvec' function. */ #undef HAVE_SIGVEC -/* Define if the system has the type `sig_atomic_t'. */ +/* Define to 1 if the system has the type `sig_atomic_t'. */ #undef HAVE_SIG_ATOMIC_T -/* Define if you have the `snprintf' function. */ +/* Define to 1 if you have the `snprintf' function. */ #undef HAVE_SNPRINTF -/* Define if you have the header file. */ +/* Define to 1 if you have the `socketpair' function. */ +#undef HAVE_SOCKETPAIR + +/* Define to 1 if you have the header file. */ #undef HAVE_STDDEF_H -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_STDINT_H -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_STDLIB_H -/* Define if you have the `strerror' function. */ +/* Define to 1 if you have the `strerror' function. */ #undef HAVE_STRERROR -/* Define if you have the `strftime' function. */ +/* Define to 1 if you have the `strftime' function. */ #undef HAVE_STRFTIME -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_STRINGS_H -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_STRING_H -/* Define if you have the `strlcat' function. */ +/* Define to 1 if you have the `strlcat' function. */ #undef HAVE_STRLCAT -/* Define if you have the `strlcpy' function. */ +/* Define to 1 if you have the `strlcpy' function. */ #undef HAVE_STRLCPY -/* Define if you have the `strmode' function. */ +/* Define to 1 if you have the `strmode' function. */ #undef HAVE_STRMODE -/* Define if you have the `strsep' function. */ +/* Define to 1 if you have the `strsep' function. */ #undef HAVE_STRSEP -/* Define if `st_blksize' is member of `struct stat'. */ +/* Define to 1 if `st_blksize' is member of `struct stat'. */ #undef HAVE_STRUCT_STAT_ST_BLKSIZE -/* Define if you have the `sysconf' function. */ +/* Define to 1 if you have the `sysconf' function. */ #undef HAVE_SYSCONF -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_SYS_BITYPES_H -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_SYS_BSDTTY_H -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_SYS_CDEFS_H -/* Define if you have the header file. */ -#undef HAVE_SYS_POLL_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_QUEUE_H +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_MMAN_H -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_SYS_SELECT_H -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_SYS_STAT_H -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_SYS_STROPTS_H -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_SYS_SYSMACROS_H -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_SYS_TIME_H -/* Define if you have the header file. */ -#undef HAVE_SYS_TTCOMPAT_H - -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_SYS_TYPES_H -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_SYS_UN_H -/* Define if you have the `tcgetpgrp' function. */ +/* Define to 1 if you have the `tcgetpgrp' function. */ #undef HAVE_TCGETPGRP -/* Define if you have the `time' function. */ +/* Define to 1 if you have the `time' function. */ #undef HAVE_TIME -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_TIME_H -/* Define if you have the header file. */ +/* Define to 1 if you have the `truncate' function. */ +#undef HAVE_TRUNCATE + +/* Define to 1 if you have the header file. */ #undef HAVE_TTYENT_H -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_UNISTD_H -/* Define if you have the `updwtmp' function. */ +/* Define to 1 if you have the `updwtmp' function. */ #undef HAVE_UPDWTMP -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_USERSEC_H -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_UTIL_H -/* Define if you have the `utimes' function. */ +/* Define to 1 if you have the `utimes' function. */ #undef HAVE_UTIMES -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_UTIME_H -/* Define if you have the `utmpname' function. */ +/* Define to 1 if you have the `utmpname' function. */ #undef HAVE_UTMPNAME -/* Define if you have the `utmpxname' function. */ +/* Define to 1 if you have the `utmpxname' function. */ #undef HAVE_UTMPXNAME -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_UTMPX_H -/* Define if you have the header file. */ +/* Define to 1 if you have the header file. */ #undef HAVE_UTMP_H -/* Define if you have the `vhangup' function. */ +/* Define to 1 if you have the `vhangup' function. */ #undef HAVE_VHANGUP -/* Define if you have the `vsnprintf' function. */ +/* Define to 1 if you have the `vsnprintf' function. */ #undef HAVE_VSNPRINTF -/* Define if you have the `waitpid' function. */ +/* Define to 1 if you have the `waitpid' function. */ #undef HAVE_WAITPID -/* Define if you have the `_getpty' function. */ +/* Define to 1 if you have the `_getpty' function. */ #undef HAVE__GETPTY -/* Define if you have the `__b64_ntop' function. */ +/* Define to 1 if you have the `__b64_ntop' function. */ #undef HAVE___B64_NTOP +/* Define to the address where bug reports for this package should be sent. */ +#undef PACKAGE_BUGREPORT + +/* Define to the full name of this package. */ +#undef PACKAGE_NAME + +/* Define to the full name and version of this package. */ +#undef PACKAGE_STRING + +/* Define to the one symbol short name of this package. */ +#undef PACKAGE_TARNAME + +/* Define to the version of this package. */ +#undef PACKAGE_VERSION + /* The size of a `char', as computed by sizeof. */ #undef SIZEOF_CHAR @@ -789,11 +848,11 @@ /* The size of a `short int', as computed by sizeof. */ #undef SIZEOF_SHORT_INT -/* Define if you have the ANSI C header files. */ +/* Define to 1 if you have the ANSI C header files. */ #undef STDC_HEADERS -/* Define if your processor stores words with the most significant byte first - (like Motorola and SPARC, unlike Intel and VAX). */ +/* Define to 1 if your processor stores words with the most significant byte + first (like Motorola and SPARC, unlike Intel and VAX). */ #undef WORDS_BIGENDIAN /* Number of bits in a file offset, on hosts where this is settable. */ @@ -811,6 +870,4 @@ /* ******************* Shouldn't need to edit below this line ************** */ -#include "defines.h" - #endif /* _CONFIG_H */ diff -ru openssh-3.1p1/configure openssh-3.2.2p1/configure --- openssh-3.1p1/configure 2002-03-07 13:22:29.000000000 +1100 +++ openssh-3.2.2p1/configure 2002-05-16 09:42:51.000000000 +1000 @@ -1,24 +1,18 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by Autoconf 2.52d. +# Generated by GNU Autoconf 2.53. # -# Copyright 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001 +# Copyright 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, 2002 # Free Software Foundation, Inc. # This configure script is free software; the Free Software Foundation # gives unlimited permission to copy, distribute and modify it. -# Avoid depending upon Character Ranges. -as_cr_letters='abcdefghijklmnopqrstuvwxyz' -as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' -as_cr_Letters=$as_cr_letters$as_cr_LETTERS -as_cr_digits='0123456789' -as_cr_alnum=$as_cr_Letters$as_cr_digits - -# Sed expression to map a string onto a valid variable name. -as_tr_sh="sed y%*+%pp%;s%[^_$as_cr_alnum]%_%g" +if expr a : '\(a\)' >/dev/null 2>&1; then + as_expr=expr +else + as_expr=false +fi -# Sed expression to map a string onto a valid CPP name. -as_tr_cpp="sed y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g" ## --------------------- ## ## M4sh Initialization. ## @@ -32,8 +26,165 @@ set -o posix fi +# NLS nuisances. +# Support unset when possible. +if (FOO=FOO; unset FOO) >/dev/null 2>&1; then + as_unset=unset +else + as_unset=false +fi + +(set +x; test -n "`(LANG=C; export LANG) 2>&1`") && + { $as_unset LANG || test "${LANG+set}" != set; } || + { LANG=C; export LANG; } +(set +x; test -n "`(LC_ALL=C; export LC_ALL) 2>&1`") && + { $as_unset LC_ALL || test "${LC_ALL+set}" != set; } || + { LC_ALL=C; export LC_ALL; } +(set +x; test -n "`(LC_TIME=C; export LC_TIME) 2>&1`") && + { $as_unset LC_TIME || test "${LC_TIME+set}" != set; } || + { LC_TIME=C; export LC_TIME; } +(set +x; test -n "`(LC_CTYPE=C; export LC_CTYPE) 2>&1`") && + { $as_unset LC_CTYPE || test "${LC_CTYPE+set}" != set; } || + { LC_CTYPE=C; export LC_CTYPE; } +(set +x; test -n "`(LANGUAGE=C; export LANGUAGE) 2>&1`") && + { $as_unset LANGUAGE || test "${LANGUAGE+set}" != set; } || + { LANGUAGE=C; export LANGUAGE; } +(set +x; test -n "`(LC_COLLATE=C; export LC_COLLATE) 2>&1`") && + { $as_unset LC_COLLATE || test "${LC_COLLATE+set}" != set; } || + { LC_COLLATE=C; export LC_COLLATE; } +(set +x; test -n "`(LC_NUMERIC=C; export LC_NUMERIC) 2>&1`") && + { $as_unset LC_NUMERIC || test "${LC_NUMERIC+set}" != set; } || + { LC_NUMERIC=C; export LC_NUMERIC; } +(set +x; test -n "`(LC_MESSAGES=C; export LC_MESSAGES) 2>&1`") && + { $as_unset LC_MESSAGES || test "${LC_MESSAGES+set}" != set; } || + { LC_MESSAGES=C; export LC_MESSAGES; } + + # Name of the executable. -as_me=`echo "$0" |sed 's,.*[\\/],,'` +as_me=`(basename "$0") 2>/dev/null || +$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ + X"$0" : 'X\(//\)$' \| \ + X"$0" : 'X\(/\)$' \| \ + . : '\(.\)' 2>/dev/null || +echo X/"$0" | + sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/; q; } + /^X\/\(\/\/\)$/{ s//\1/; q; } + /^X\/\(\/\).*/{ s//\1/; q; } + s/.*/./; q'` + +# PATH needs CR, and LINENO needs CR and PATH. +# Avoid depending upon Character Ranges. +as_cr_letters='abcdefghijklmnopqrstuvwxyz' +as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' +as_cr_Letters=$as_cr_letters$as_cr_LETTERS +as_cr_digits='0123456789' +as_cr_alnum=$as_cr_Letters$as_cr_digits + +# The user is always right. +if test "${PATH_SEPARATOR+set}" != set; then + echo "#! /bin/sh" >conftest.sh + echo "exit 0" >>conftest.sh + chmod +x conftest.sh + if (PATH=".;."; conftest.sh) >/dev/null 2>&1; then + PATH_SEPARATOR=';' + else + PATH_SEPARATOR=: + fi + rm -f conftest.sh +fi + + + as_lineno_1=$LINENO + as_lineno_2=$LINENO + as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null` + test "x$as_lineno_1" != "x$as_lineno_2" && + test "x$as_lineno_3" = "x$as_lineno_2" || { + # Find who we are. Look in the path if we contain no path at all + # relative or not. + case $0 in + *[\\/]* ) as_myself=$0 ;; + *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break +done + + ;; + esac + # We did not find ourselves, most probably we were run as `sh COMMAND' + # in which case we are not to be found in the path. + if test "x$as_myself" = x; then + as_myself=$0 + fi + if test ! -f "$as_myself"; then + { echo "$as_me: error: cannot find myself; rerun with an absolute path" >&2 + { (exit 1); exit 1; }; } + fi + case $CONFIG_SHELL in + '') + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for as_base in sh bash ksh sh5; do + case $as_dir in + /*) + if ("$as_dir/$as_base" -c ' + as_lineno_1=$LINENO + as_lineno_2=$LINENO + as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null` + test "x$as_lineno_1" != "x$as_lineno_2" && + test "x$as_lineno_3" = "x$as_lineno_2" ') 2>/dev/null; then + CONFIG_SHELL=$as_dir/$as_base + export CONFIG_SHELL + exec "$CONFIG_SHELL" "$0" ${1+"$@"} + fi;; + esac + done +done +;; + esac + + # Create $as_me.lineno as a copy of $as_myself, but with $LINENO + # uniformly replaced by the line number. The first 'sed' inserts a + # line-number line before each line; the second 'sed' does the real + # work. The second script uses 'N' to pair each line-number line + # with the numbered line, and appends trailing '-' during + # substitution so that $LINENO is not a special case at line end. + # (Raja R Harinath suggested sed '=', and Paul Eggert wrote the + # second 'sed' script. Blame Lee E. McMahon for sed's syntax. :-) + sed '=' <$as_myself | + sed ' + N + s,$,-, + : loop + s,^\(['$as_cr_digits']*\)\(.*\)[$]LINENO\([^'$as_cr_alnum'_]\),\1\2\1\3, + t loop + s,-$,, + s,^['$as_cr_digits']*\n,, + ' >$as_me.lineno && + chmod +x $as_me.lineno || + { echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2 + { (exit 1); exit 1; }; } + + # Don't try to exec as it changes $[0], causing all sort of problems + # (the dirname of $[0] is not the place where we might find the + # original and so on. Autoconf is especially sensible to this). + . ./$as_me.lineno + # Exit status is that of the last command. + exit +} + + +case `echo "testing\c"; echo 1,2,3`,`echo -n testing; echo 1,2,3` in + *c*,-n*) ECHO_N= ECHO_C=' +' ECHO_T=' ' ;; + *c*,* ) ECHO_N=-n ECHO_C= ECHO_T= ;; + *) ECHO_N= ECHO_C='\c' ECHO_T= ;; +esac if expr a : '\(a\)' >/dev/null 2>&1; then as_expr=expr @@ -61,22 +212,12 @@ as_executable_p="test -f" -# Support unset when possible. -if (FOO=FOO; unset FOO) >/dev/null 2>&1; then - as_unset=unset -else - as_unset=false -fi +# Sed expression to map a string onto a valid CPP name. +as_tr_cpp="sed y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g" + +# Sed expression to map a string onto a valid variable name. +as_tr_sh="sed y%*+%pp%;s%[^_$as_cr_alnum]%_%g" -# NLS nuisances. -$as_unset LANG || test "${LANG+set}" != set || { LANG=C; export LANG; } -$as_unset LC_ALL || test "${LC_ALL+set}" != set || { LC_ALL=C; export LC_ALL; } -$as_unset LC_TIME || test "${LC_TIME+set}" != set || { LC_TIME=C; export LC_TIME; } -$as_unset LC_CTYPE || test "${LC_CTYPE+set}" != set || { LC_CTYPE=C; export LC_CTYPE; } -$as_unset LANGUAGE || test "${LANGUAGE+set}" != set || { LANGUAGE=C; export LANGUAGE; } -$as_unset LC_COLLATE || test "${LC_COLLATE+set}" != set || { LC_COLLATE=C; export LC_COLLATE; } -$as_unset LC_NUMERIC || test "${LC_NUMERIC+set}" != set || { LC_NUMERIC=C; export LC_NUMERIC; } -$as_unset LC_MESSAGES || test "${LC_MESSAGES+set}" != set || { LC_MESSAGES=C; export LC_MESSAGES; } # IFS # We need space, tab and new line, in precisely that order. @@ -85,7 +226,8 @@ IFS=" $as_nl" # CDPATH. -$as_unset CDPATH || test "${CDPATH+set}" != set || { CDPATH=:; export CDPATH; } +$as_unset CDPATH || test "${CDPATH+set}" != set || { CDPATH=$PATH_SEPARATOR; export CDPATH; } + # Name of the host. # hostname on some systems (SVR3.2, Linux) returns a bogus exit status, @@ -100,7 +242,8 @@ ac_default_prefix=/usr/local cross_compiling=no subdirs= -MFLAGS= MAKEFLAGS= +MFLAGS= +MAKEFLAGS= SHELL=${CONFIG_SHELL-/bin/sh} # Maximum number of lines to put in a shell here document. @@ -108,6 +251,13 @@ # only ac_max_sed_lines should be used. : ${ac_max_here_lines=38} +# Identity of this package. +PACKAGE_NAME= +PACKAGE_TARNAME= +PACKAGE_VERSION= +PACKAGE_STRING= +PACKAGE_BUGREPORT= + ac_unique_file="ssh.c" # Factoring default headers for most tests. ac_includes_default="\ @@ -146,6 +296,7 @@ # include #endif" + # Initialize some variables set by options. ac_init_help= ac_init_version=false @@ -184,13 +335,6 @@ infodir='${prefix}/info' mandir='${prefix}/man' -# Identity of this package. -PACKAGE_NAME= -PACKAGE_TARNAME= -PACKAGE_VERSION= -PACKAGE_STRING= -PACKAGE_BUGREPORT= - ac_prev= for ac_option do @@ -323,7 +467,7 @@ with_fp=no ;; -no-create | --no-create | --no-creat | --no-crea | --no-cre \ - | --no-cr | --no-c) + | --no-cr | --no-c | -n) no_create=yes ;; -no-recursion | --no-recursion | --no-recursio | --no-recursi \ @@ -502,7 +646,7 @@ eval ac_val=$`echo $ac_var` case $ac_val in [\\/$]* | ?:[\\/]* | NONE | '' ) ;; - *) { echo "$as_me: error: expected an absolute path for --$ac_var: $ac_val" >&2 + *) { echo "$as_me: error: expected an absolute directory name for --$ac_var: $ac_val" >&2 { (exit 1); exit 1; }; };; esac done @@ -514,18 +658,19 @@ eval ac_val=$`echo $ac_var` case $ac_val in [\\/$]* | ?:[\\/]* ) ;; - *) { echo "$as_me: error: expected an absolute path for --$ac_var: $ac_val" >&2 + *) { echo "$as_me: error: expected an absolute directory name for --$ac_var: $ac_val" >&2 { (exit 1); exit 1; }; };; esac done # There might be people who depend on the old broken behavior: `$host' # used to hold the argument of --host etc. +# FIXME: To remove some day. build=$build_alias host=$host_alias target=$target_alias -# FIXME: should be removed in autoconf 3.0. +# FIXME: To remove some day. if test "x$host_alias" != x; then if test "x$build_alias" = x; then cross_compiling=maybe @@ -541,13 +686,23 @@ test "$silent" = yes && exec 6>/dev/null + # Find the source files, if location was not specified. if test -z "$srcdir"; then ac_srcdir_defaulted=yes # Try the directory containing this script, then its parent. - ac_prog=$0 - ac_confdir=`echo "$ac_prog" | sed 's%[\\/][^\\/][^\\/]*$%%'` - test "x$ac_confdir" = "x$ac_prog" && ac_confdir=. + ac_confdir=`(dirname "$0") 2>/dev/null || +$as_expr X"$0" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$0" : 'X\(//\)[^/]' \| \ + X"$0" : 'X\(//\)$' \| \ + X"$0" : 'X\(/\)' \| \ + . : '\(.\)' 2>/dev/null || +echo X"$0" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } + /^X\(\/\/\)[^/].*/{ s//\1/; q; } + /^X\(\/\/\)$/{ s//\1/; q; } + /^X\(\/\).*/{ s//\1/; q; } + s/.*/./; q'` srcdir=$ac_confdir if test ! -r $srcdir/$ac_unique_file; then srcdir=.. @@ -660,7 +815,7 @@ System types: --build=BUILD configure for building on BUILD [guessed] - --host=HOST build programs to run on HOST [BUILD] + --host=HOST cross-compile to build programs to run on HOST [BUILD] _ACEOF fi @@ -703,16 +858,21 @@ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool) --with-entropy-timeout Specify entropy gathering command timeout (msec) - --with-smartcard Enable smartcard support + --with-privsep-user=user Specify non-privileged user for privilege separation + --with-sectok Enable smartcard support using libsectok + --with-opensc=PFX Enable smartcard support using OpenSC + --with-kerberos5=PATH Enable Kerberos 5 support --with-kerberos4=PATH Enable Kerberos 4 support --with-afs=PATH Enable AFS support --with-rsh=PATH Specify path to remote shell program + --with-privsep-path=xxx Path for privilege seperation chroot --with-xauth=PATH Specify path to xauth program --with-mantype=man|cat|doc Set man page type --with-md5-passwords Enable use of MD5 passwords --without-shadow Disable shadow password support --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY - --with-default-path=PATH Specify default \$PATH environment for server + --with-default-path= Specify default \$PATH environment for server + --with-superuser-path= Specify different path for super-user --with-ipv4-default Use IPv4 by connections unless '-6' specified --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses --with-bsd-auth Enable BSD auth support @@ -738,11 +898,13 @@ # If there are subdirs, report their specific --help. ac_popdir=`pwd` for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue - cd $ac_dir - if test "$ac_dir" != .; then - ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\./,,'` + test -d $ac_dir || continue + ac_builddir=. + +if test "$ac_dir" != .; then + ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'` # A "../" for each directory in $ac_dir_suffix. - ac_top_builddir=`echo "$ac_dir_suffix" | sed 's,/[^/]*,../,g'` + ac_top_builddir=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,../,g'` else ac_dir_suffix= ac_top_builddir= fi @@ -762,7 +924,14 @@ ac_srcdir=$ac_top_builddir$srcdir$ac_dir_suffix ac_top_srcdir=$ac_top_builddir$srcdir ;; esac +# Don't blindly perform a `cd "$ac_dir"/$ac_foo && pwd` since $ac_foo can be +# absolute. +ac_abs_builddir=`cd "$ac_dir" && cd $ac_builddir && pwd` +ac_abs_top_builddir=`cd "$ac_dir" && cd $ac_top_builddir && pwd` +ac_abs_srcdir=`cd "$ac_dir" && cd $ac_srcdir && pwd` +ac_abs_top_srcdir=`cd "$ac_dir" && cd $ac_top_srcdir && pwd` + cd $ac_dir # Check for guested configure; otherwise get Cygnus style configure. if test -f $ac_srcdir/configure.gnu; then echo @@ -785,7 +954,7 @@ if $ac_init_version; then cat <<\_ACEOF -Copyright 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001 +Copyright 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. @@ -798,7 +967,7 @@ running configure, to aid debugging if configure makes a mistake. It was created by $as_me, which was -generated by GNU Autoconf 2.52d. Invocation command line was +generated by GNU Autoconf 2.53. Invocation command line was $ $0 $@ @@ -826,18 +995,28 @@ /usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown` /bin/universe = `(/bin/universe) 2>/dev/null || echo unknown` -PATH = $PATH - _ASUNAME + +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + echo "PATH: $as_dir" +done + } >&5 cat >&5 <<_ACEOF + + ## ----------- ## ## Core tests. ## ## ----------- ## _ACEOF + # Keep a trace of the command line. # Strip out --no-create and --no-recursion so they do not pile up. # Also quote any args containing shell meta-characters. @@ -847,15 +1026,17 @@ do case $ac_arg in -no-create | --no-create | --no-creat | --no-crea | --no-cre \ - | --no-cr | --no-c) ;; + | --no-cr | --no-c | -n ) continue ;; -no-recursion | --no-recursion | --no-recursio | --no-recursi \ - | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) ;; + | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) + continue ;; *" "*|*" "*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?\"\']*) - ac_arg=`echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` - ac_configure_args="$ac_configure_args$ac_sep'$ac_arg'" - ac_sep=" " ;; - *) ac_configure_args="$ac_configure_args$ac_sep$ac_arg" - ac_sep=" " ;; + ac_arg=`echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; + esac + case " $ac_configure_args " in + *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy. + *) ac_configure_args="$ac_configure_args$ac_sep'$ac_arg'" + ac_sep=" " ;; esac # Get rid of the leading space. done @@ -905,7 +1086,8 @@ echo "$as_me: caught signal $ac_signal" echo "$as_me: exit $exit_status" } >&5 - rm -rf conftest* confdefs* core core.* *.core conf$$* $ac_clean_files && + rm -f core core.* *.core && + rm -rf conftest* confdefs* conf$$* $ac_clean_files && exit $exit_status ' 0 for ac_signal in 1 2 13 15; do @@ -918,6 +1100,33 @@ # AIX cpp loses on an empty file, so make sure it contains at least a newline. echo >confdefs.h +# Predefined preprocessor variables. + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_NAME "$PACKAGE_NAME" +_ACEOF + + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_TARNAME "$PACKAGE_TARNAME" +_ACEOF + + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_VERSION "$PACKAGE_VERSION" +_ACEOF + + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_STRING "$PACKAGE_STRING" +_ACEOF + + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT" +_ACEOF + + # Let the site file select an alternate cache file if it wants to. # Prefer explicitly selected file to automatically selected ones. if test -z "$CONFIG_SITE"; then @@ -929,7 +1138,7 @@ fi for ac_site_file in $CONFIG_SITE; do if test -r "$ac_site_file"; then - { echo "$as_me:932: loading site script $ac_site_file" >&5 + { echo "$as_me:$LINENO: loading site script $ac_site_file" >&5 echo "$as_me: loading site script $ac_site_file" >&6;} sed 's/^/| /' "$ac_site_file" >&5 . "$ac_site_file" @@ -940,7 +1149,7 @@ # Some versions of bash will fail to source /dev/null (special # files actually), so we avoid doing that. if test -f "$cache_file"; then - { echo "$as_me:943: loading cache $cache_file" >&5 + { echo "$as_me:$LINENO: loading cache $cache_file" >&5 echo "$as_me: loading cache $cache_file" >&6;} case $cache_file in [\\/]* | ?:[\\/]* ) . $cache_file;; @@ -948,7 +1157,7 @@ esac fi else - { echo "$as_me:951: creating cache $cache_file" >&5 + { echo "$as_me:$LINENO: creating cache $cache_file" >&5 echo "$as_me: creating cache $cache_file" >&6;} >$cache_file fi @@ -964,42 +1173,42 @@ eval ac_new_val="\$ac_env_${ac_var}_value" case $ac_old_set,$ac_new_set in set,) - { echo "$as_me:967: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 + { echo "$as_me:$LINENO: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} ac_cache_corrupted=: ;; ,set) - { echo "$as_me:971: error: \`$ac_var' was not set in the previous run" >&5 + { echo "$as_me:$LINENO: error: \`$ac_var' was not set in the previous run" >&5 echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} ac_cache_corrupted=: ;; ,);; *) if test "x$ac_old_val" != "x$ac_new_val"; then - { echo "$as_me:977: error: \`$ac_var' has changed since the previous run:" >&5 + { echo "$as_me:$LINENO: error: \`$ac_var' has changed since the previous run:" >&5 echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} - { echo "$as_me:979: former value: $ac_old_val" >&5 + { echo "$as_me:$LINENO: former value: $ac_old_val" >&5 echo "$as_me: former value: $ac_old_val" >&2;} - { echo "$as_me:981: current value: $ac_new_val" >&5 + { echo "$as_me:$LINENO: current value: $ac_new_val" >&5 echo "$as_me: current value: $ac_new_val" >&2;} ac_cache_corrupted=: fi;; esac - # Pass precious variables to config.status. It doesn't matter if - # we pass some twice (in addition to the command line arguments). + # Pass precious variables to config.status. if test "$ac_new_set" = set; then case $ac_new_val in *" "*|*" "*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?\"\']*) - ac_arg=$ac_var=`echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` - ac_configure_args="$ac_configure_args '$ac_arg'" - ;; - *) ac_configure_args="$ac_configure_args $ac_var=$ac_new_val" - ;; + ac_arg=$ac_var=`echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;; + *) ac_arg=$ac_var=$ac_new_val ;; + esac + case " $ac_configure_args " in + *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy. + *) ac_configure_args="$ac_configure_args '$ac_arg'" ;; esac fi done if $ac_cache_corrupted; then - { echo "$as_me:1000: error: changes in the environment can compromise the build" >&5 + { echo "$as_me:$LINENO: error: changes in the environment can compromise the build" >&5 echo "$as_me: error: changes in the environment can compromise the build" >&2;} - { { echo "$as_me:1002: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&5 + { { echo "$as_me:$LINENO: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&5 echo "$as_me: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&2;} { (exit 1); exit 1; }; } fi @@ -1010,26 +1219,24 @@ ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu -case `echo "testing\c"; echo 1,2,3`,`echo -n testing; echo 1,2,3` in - *c*,-n*) ECHO_N= ECHO_C=' -' ECHO_T=' ' ;; - *c*,* ) ECHO_N=-n ECHO_C= ECHO_T= ;; - *) ECHO_N= ECHO_C='\c' ECHO_T= ;; -esac -echo "#! $SHELL" >conftest.sh -echo "exit 0" >>conftest.sh -chmod +x conftest.sh -if { (echo "$as_me:1022: PATH=\".;.\"; conftest.sh") >&5 - (PATH=".;."; conftest.sh) 2>&5 - ac_status=$? - echo "$as_me:1025: \$? = $ac_status" >&5 - (exit $ac_status); }; then - ac_path_separator=';' -else - ac_path_separator=: -fi -PATH_SEPARATOR="$ac_path_separator" -rm -f conftest.sh + + + + + + + + + + + + + + + + + + ac_config_headers="$ac_config_headers config.h" @@ -1041,7 +1248,7 @@ if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. set dummy ${ac_tool_prefix}gcc; ac_word=$2 -echo "$as_me:1044: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_CC+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -1049,25 +1256,28 @@ if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - $as_executable_p "$ac_dir/$ac_word" || continue -ac_cv_prog_CC="${ac_tool_prefix}gcc" -echo "$as_me:1059: found $ac_dir/$ac_word" >&5 -break +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_CC="${ac_tool_prefix}gcc" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then - echo "$as_me:1067: result: $CC" >&5 + echo "$as_me:$LINENO: result: $CC" >&5 echo "${ECHO_T}$CC" >&6 else - echo "$as_me:1070: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -1076,7 +1286,7 @@ ac_ct_CC=$CC # Extract the first word of "gcc", so it can be a program name with args. set dummy gcc; ac_word=$2 -echo "$as_me:1079: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_ac_ct_CC+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -1084,25 +1294,28 @@ if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - $as_executable_p "$ac_dir/$ac_word" || continue -ac_cv_prog_ac_ct_CC="gcc" -echo "$as_me:1094: found $ac_dir/$ac_word" >&5 -break +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_CC="gcc" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done fi fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then - echo "$as_me:1102: result: $ac_ct_CC" >&5 + echo "$as_me:$LINENO: result: $ac_ct_CC" >&5 echo "${ECHO_T}$ac_ct_CC" >&6 else - echo "$as_me:1105: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -1115,7 +1328,7 @@ if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. set dummy ${ac_tool_prefix}cc; ac_word=$2 -echo "$as_me:1118: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_CC+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -1123,25 +1336,28 @@ if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - $as_executable_p "$ac_dir/$ac_word" || continue -ac_cv_prog_CC="${ac_tool_prefix}cc" -echo "$as_me:1133: found $ac_dir/$ac_word" >&5 -break +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_CC="${ac_tool_prefix}cc" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then - echo "$as_me:1141: result: $CC" >&5 + echo "$as_me:$LINENO: result: $CC" >&5 echo "${ECHO_T}$CC" >&6 else - echo "$as_me:1144: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -1150,7 +1366,7 @@ ac_ct_CC=$CC # Extract the first word of "cc", so it can be a program name with args. set dummy cc; ac_word=$2 -echo "$as_me:1153: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_ac_ct_CC+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -1158,25 +1374,28 @@ if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - $as_executable_p "$ac_dir/$ac_word" || continue -ac_cv_prog_ac_ct_CC="cc" -echo "$as_me:1168: found $ac_dir/$ac_word" >&5 -break +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_CC="cc" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done fi fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then - echo "$as_me:1176: result: $ac_ct_CC" >&5 + echo "$as_me:$LINENO: result: $ac_ct_CC" >&5 echo "${ECHO_T}$ac_ct_CC" >&6 else - echo "$as_me:1179: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -1189,7 +1408,7 @@ if test -z "$CC"; then # Extract the first word of "cc", so it can be a program name with args. set dummy cc; ac_word=$2 -echo "$as_me:1192: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_CC+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -1198,19 +1417,22 @@ ac_cv_prog_CC="$CC" # Let the user override the test. else ac_prog_rejected=no - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - $as_executable_p "$ac_dir/$ac_word" || continue -if test "$ac_dir/$ac_word" = "/usr/ucb/cc"; then - ac_prog_rejected=yes - continue -fi -ac_cv_prog_CC="cc" -echo "$as_me:1212: found $ac_dir/$ac_word" >&5 -break +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then + ac_prog_rejected=yes + continue + fi + ac_cv_prog_CC="cc" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done if test $ac_prog_rejected = yes; then @@ -1222,7 +1444,7 @@ # However, it has the same basename, so the bogon will be chosen # first if we set CC to just the basename; use the full file name. shift - set dummy "$ac_dir/$ac_word" ${1+"$@"} + set dummy "$as_dir/$ac_word" ${1+"$@"} shift ac_cv_prog_CC="$@" fi @@ -1231,10 +1453,10 @@ fi CC=$ac_cv_prog_CC if test -n "$CC"; then - echo "$as_me:1234: result: $CC" >&5 + echo "$as_me:$LINENO: result: $CC" >&5 echo "${ECHO_T}$CC" >&6 else - echo "$as_me:1237: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -1245,7 +1467,7 @@ do # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. set dummy $ac_tool_prefix$ac_prog; ac_word=$2 -echo "$as_me:1248: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_CC+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -1253,25 +1475,28 @@ if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - $as_executable_p "$ac_dir/$ac_word" || continue -ac_cv_prog_CC="$ac_tool_prefix$ac_prog" -echo "$as_me:1263: found $ac_dir/$ac_word" >&5 -break +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_CC="$ac_tool_prefix$ac_prog" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then - echo "$as_me:1271: result: $CC" >&5 + echo "$as_me:$LINENO: result: $CC" >&5 echo "${ECHO_T}$CC" >&6 else - echo "$as_me:1274: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -1284,7 +1509,7 @@ do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 -echo "$as_me:1287: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_ac_ct_CC+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -1292,25 +1517,28 @@ if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - $as_executable_p "$ac_dir/$ac_word" || continue -ac_cv_prog_ac_ct_CC="$ac_prog" -echo "$as_me:1302: found $ac_dir/$ac_word" >&5 -break +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_CC="$ac_prog" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done fi fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then - echo "$as_me:1310: result: $ac_ct_CC" >&5 + echo "$as_me:$LINENO: result: $ac_ct_CC" >&5 echo "${ECHO_T}$ac_ct_CC" >&6 else - echo "$as_me:1313: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -1322,32 +1550,33 @@ fi -test -z "$CC" && { { echo "$as_me:1325: error: no acceptable cc found in \$PATH" >&5 -echo "$as_me: error: no acceptable cc found in \$PATH" >&2;} + +test -z "$CC" && { { echo "$as_me:$LINENO: error: no acceptable C compiler found in \$PATH" >&5 +echo "$as_me: error: no acceptable C compiler found in \$PATH" >&2;} { (exit 1); exit 1; }; } # Provide some information about the compiler. -echo "$as_me:1330:" \ +echo "$as_me:$LINENO:" \ "checking for C compiler version" >&5 ac_compiler=`set X $ac_compile; echo $2` -{ (eval echo "$as_me:1333: \"$ac_compiler --version &5\"") >&5 +{ (eval echo "$as_me:$LINENO: \"$ac_compiler --version &5\"") >&5 (eval $ac_compiler --version &5) 2>&5 ac_status=$? - echo "$as_me:1336: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } -{ (eval echo "$as_me:1338: \"$ac_compiler -v &5\"") >&5 +{ (eval echo "$as_me:$LINENO: \"$ac_compiler -v &5\"") >&5 (eval $ac_compiler -v &5) 2>&5 ac_status=$? - echo "$as_me:1341: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } -{ (eval echo "$as_me:1343: \"$ac_compiler -V &5\"") >&5 +{ (eval echo "$as_me:$LINENO: \"$ac_compiler -V &5\"") >&5 (eval $ac_compiler -V &5) 2>&5 ac_status=$? - echo "$as_me:1346: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } cat >conftest.$ac_ext <<_ACEOF -#line 1350 "configure" +#line $LINENO "configure" #include "confdefs.h" #ifdef F77_DUMMY_MAIN @@ -1369,18 +1598,22 @@ # Try to create an executable without -o first, disregard a.out. # It will help us diagnose broken compilers, and finding out an intuition # of exeext. -echo "$as_me:1372: checking for C compiler default output" >&5 +echo "$as_me:$LINENO: checking for C compiler default output" >&5 echo $ECHO_N "checking for C compiler default output... $ECHO_C" >&6 ac_link_default=`echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'` -if { (eval echo "$as_me:1375: \"$ac_link_default\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link_default\"") >&5 (eval $ac_link_default) 2>&5 ac_status=$? - echo "$as_me:1378: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; then # Find the output, starting from the most likely. This scheme is # not robust to junk in `.', hence go to wildcards (a.*) only as a last # resort. -for ac_file in `ls a.exe conftest.exe 2>/dev/null; + +# Be careful to initialize this variable, since it used to be cached. +# Otherwise an old cache value of `no' led to `EXEEXT = no' in a Makefile. +ac_cv_exeext= +for ac_file in `ls a_out.exe a.exe conftest.exe 2>/dev/null; ls a.out conftest 2>/dev/null; ls a.* conftest.* 2>/dev/null`; do case $ac_file in @@ -1398,34 +1631,34 @@ else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 -{ { echo "$as_me:1401: error: C compiler cannot create executables" >&5 +{ { echo "$as_me:$LINENO: error: C compiler cannot create executables" >&5 echo "$as_me: error: C compiler cannot create executables" >&2;} { (exit 77); exit 77; }; } fi ac_exeext=$ac_cv_exeext -echo "$as_me:1407: result: $ac_file" >&5 +echo "$as_me:$LINENO: result: $ac_file" >&5 echo "${ECHO_T}$ac_file" >&6 # Check the compiler produces executables we can run. If not, either # the compiler is broken, or we cross compile. -echo "$as_me:1412: checking whether the C compiler works" >&5 +echo "$as_me:$LINENO: checking whether the C compiler works" >&5 echo $ECHO_N "checking whether the C compiler works... $ECHO_C" >&6 # FIXME: These cross compiler hacks should be removed for Autoconf 3.0 # If not cross compiling, check that we can run a simple program. if test "$cross_compiling" != yes; then if { ac_try='./$ac_file' - { (eval echo "$as_me:1418: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:1421: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then cross_compiling=no else if test "$cross_compiling" = maybe; then cross_compiling=yes else - { { echo "$as_me:1428: error: cannot run C compiled programs. + { { echo "$as_me:$LINENO: error: cannot run C compiled programs. If you meant to cross compile, use \`--host'." >&5 echo "$as_me: error: cannot run C compiled programs. If you meant to cross compile, use \`--host'." >&2;} @@ -1433,24 +1666,24 @@ fi fi fi -echo "$as_me:1436: result: yes" >&5 +echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 rm -f a.out a.exe conftest$ac_cv_exeext ac_clean_files=$ac_clean_files_save # Check the compiler produces executables we can run. If not, either # the compiler is broken, or we cross compile. -echo "$as_me:1443: checking whether we are cross compiling" >&5 +echo "$as_me:$LINENO: checking whether we are cross compiling" >&5 echo $ECHO_N "checking whether we are cross compiling... $ECHO_C" >&6 -echo "$as_me:1445: result: $cross_compiling" >&5 +echo "$as_me:$LINENO: result: $cross_compiling" >&5 echo "${ECHO_T}$cross_compiling" >&6 -echo "$as_me:1448: checking for executable suffix" >&5 -echo $ECHO_N "checking for executable suffix... $ECHO_C" >&6 -if { (eval echo "$as_me:1450: \"$ac_link\"") >&5 +echo "$as_me:$LINENO: checking for suffix of executables" >&5 +echo $ECHO_N "checking for suffix of executables... $ECHO_C" >&6 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:1453: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; then # If both `conftest.exe' and `conftest' are `present' (well, observable) # catch `conftest.exe'. For instance with Cygwin, `ls conftest' will @@ -1466,25 +1699,25 @@ esac done else - { { echo "$as_me:1469: error: cannot compute EXEEXT: cannot compile and link" >&5 -echo "$as_me: error: cannot compute EXEEXT: cannot compile and link" >&2;} + { { echo "$as_me:$LINENO: error: cannot compute suffix of executables: cannot compile and link" >&5 +echo "$as_me: error: cannot compute suffix of executables: cannot compile and link" >&2;} { (exit 1); exit 1; }; } fi rm -f conftest$ac_cv_exeext -echo "$as_me:1475: result: $ac_cv_exeext" >&5 +echo "$as_me:$LINENO: result: $ac_cv_exeext" >&5 echo "${ECHO_T}$ac_cv_exeext" >&6 rm -f conftest.$ac_ext EXEEXT=$ac_cv_exeext ac_exeext=$EXEEXT -echo "$as_me:1481: checking for object suffix" >&5 -echo $ECHO_N "checking for object suffix... $ECHO_C" >&6 +echo "$as_me:$LINENO: checking for suffix of object files" >&5 +echo $ECHO_N "checking for suffix of object files... $ECHO_C" >&6 if test "${ac_cv_objext+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 1487 "configure" +#line $LINENO "configure" #include "confdefs.h" #ifdef F77_DUMMY_MAIN @@ -1502,10 +1735,10 @@ } _ACEOF rm -f conftest.o conftest.obj -if { (eval echo "$as_me:1505: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:1508: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; then for ac_file in `(ls conftest.o conftest.obj; ls conftest.*) 2>/dev/null`; do case $ac_file in @@ -1517,24 +1750,24 @@ else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 -{ { echo "$as_me:1520: error: cannot compute OBJEXT: cannot compile" >&5 -echo "$as_me: error: cannot compute OBJEXT: cannot compile" >&2;} +{ { echo "$as_me:$LINENO: error: cannot compute suffix of object files: cannot compile" >&5 +echo "$as_me: error: cannot compute suffix of object files: cannot compile" >&2;} { (exit 1); exit 1; }; } fi rm -f conftest.$ac_cv_objext conftest.$ac_ext fi -echo "$as_me:1527: result: $ac_cv_objext" >&5 +echo "$as_me:$LINENO: result: $ac_cv_objext" >&5 echo "${ECHO_T}$ac_cv_objext" >&6 OBJEXT=$ac_cv_objext ac_objext=$OBJEXT -echo "$as_me:1531: checking whether we are using the GNU C compiler" >&5 +echo "$as_me:$LINENO: checking whether we are using the GNU C compiler" >&5 echo $ECHO_N "checking whether we are using the GNU C compiler... $ECHO_C" >&6 if test "${ac_cv_c_compiler_gnu+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 1537 "configure" +#line $LINENO "configure" #include "confdefs.h" #ifdef F77_DUMMY_MAIN @@ -1555,16 +1788,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:1558: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:1561: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:1564: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:1567: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_compiler_gnu=yes else @@ -1576,19 +1809,19 @@ ac_cv_c_compiler_gnu=$ac_compiler_gnu fi -echo "$as_me:1579: result: $ac_cv_c_compiler_gnu" >&5 +echo "$as_me:$LINENO: result: $ac_cv_c_compiler_gnu" >&5 echo "${ECHO_T}$ac_cv_c_compiler_gnu" >&6 GCC=`test $ac_compiler_gnu = yes && echo yes` ac_test_CFLAGS=${CFLAGS+set} ac_save_CFLAGS=$CFLAGS CFLAGS="-g" -echo "$as_me:1585: checking whether $CC accepts -g" >&5 +echo "$as_me:$LINENO: checking whether $CC accepts -g" >&5 echo $ECHO_N "checking whether $CC accepts -g... $ECHO_C" >&6 if test "${ac_cv_prog_cc_g+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 1591 "configure" +#line $LINENO "configure" #include "confdefs.h" #ifdef F77_DUMMY_MAIN @@ -1606,16 +1839,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:1609: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:1612: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:1615: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:1618: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_prog_cc_g=yes else @@ -1625,7 +1858,7 @@ fi rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:1628: result: $ac_cv_prog_cc_g" >&5 +echo "$as_me:$LINENO: result: $ac_cv_prog_cc_g" >&5 echo "${ECHO_T}$ac_cv_prog_cc_g" >&6 if test "$ac_test_CFLAGS" = set; then CFLAGS=$ac_save_CFLAGS @@ -1652,16 +1885,16 @@ #endif _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:1655: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:1658: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:1661: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:1664: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then for ac_declaration in \ ''\ @@ -1673,7 +1906,7 @@ 'void exit (int);' do cat >conftest.$ac_ext <<_ACEOF -#line 1676 "configure" +#line $LINENO "configure" #include "confdefs.h" #include $ac_declaration @@ -1692,16 +1925,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:1695: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:1698: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:1701: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:1704: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then : else @@ -1711,7 +1944,7 @@ fi rm -f conftest.$ac_objext conftest.$ac_ext cat >conftest.$ac_ext <<_ACEOF -#line 1714 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_declaration #ifdef F77_DUMMY_MAIN @@ -1729,16 +1962,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:1732: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:1735: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:1738: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:1741: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then break else @@ -1782,7 +2015,7 @@ fi done if test -z "$ac_aux_dir"; then - { { echo "$as_me:1785: error: cannot find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." >&5 + { { echo "$as_me:$LINENO: error: cannot find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." >&5 echo "$as_me: error: cannot find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." >&2;} { (exit 1); exit 1; }; } fi @@ -1792,11 +2025,11 @@ # Make sure we can run config.sub. $ac_config_sub sun4 >/dev/null 2>&1 || - { { echo "$as_me:1795: error: cannot run $ac_config_sub" >&5 + { { echo "$as_me:$LINENO: error: cannot run $ac_config_sub" >&5 echo "$as_me: error: cannot run $ac_config_sub" >&2;} { (exit 1); exit 1; }; } -echo "$as_me:1799: checking build system type" >&5 +echo "$as_me:$LINENO: checking build system type" >&5 echo $ECHO_N "checking build system type... $ECHO_C" >&6 if test "${ac_cv_build+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -1805,23 +2038,24 @@ test -z "$ac_cv_build_alias" && ac_cv_build_alias=`$ac_config_guess` test -z "$ac_cv_build_alias" && - { { echo "$as_me:1808: error: cannot guess build type; you must specify one" >&5 + { { echo "$as_me:$LINENO: error: cannot guess build type; you must specify one" >&5 echo "$as_me: error: cannot guess build type; you must specify one" >&2;} { (exit 1); exit 1; }; } ac_cv_build=`$ac_config_sub $ac_cv_build_alias` || - { { echo "$as_me:1812: error: $ac_config_sub $ac_cv_build_alias failed." >&5 -echo "$as_me: error: $ac_config_sub $ac_cv_build_alias failed." >&2;} + { { echo "$as_me:$LINENO: error: $ac_config_sub $ac_cv_build_alias failed" >&5 +echo "$as_me: error: $ac_config_sub $ac_cv_build_alias failed" >&2;} { (exit 1); exit 1; }; } fi -echo "$as_me:1817: result: $ac_cv_build" >&5 +echo "$as_me:$LINENO: result: $ac_cv_build" >&5 echo "${ECHO_T}$ac_cv_build" >&6 build=$ac_cv_build build_cpu=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'` build_vendor=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'` build_os=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'` -echo "$as_me:1824: checking host system type" >&5 + +echo "$as_me:$LINENO: checking host system type" >&5 echo $ECHO_N "checking host system type... $ECHO_C" >&6 if test "${ac_cv_host+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -1830,26 +2064,28 @@ test -z "$ac_cv_host_alias" && ac_cv_host_alias=$ac_cv_build_alias ac_cv_host=`$ac_config_sub $ac_cv_host_alias` || - { { echo "$as_me:1833: error: $ac_config_sub $ac_cv_host_alias failed" >&5 + { { echo "$as_me:$LINENO: error: $ac_config_sub $ac_cv_host_alias failed" >&5 echo "$as_me: error: $ac_config_sub $ac_cv_host_alias failed" >&2;} { (exit 1); exit 1; }; } fi -echo "$as_me:1838: result: $ac_cv_host" >&5 +echo "$as_me:$LINENO: result: $ac_cv_host" >&5 echo "${ECHO_T}$ac_cv_host" >&6 host=$ac_cv_host host_cpu=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'` host_vendor=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'` host_os=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'` -echo "$as_me:1845: checking whether byte ordering is bigendian" >&5 + + +echo "$as_me:$LINENO: checking whether byte ordering is bigendian" >&5 echo $ECHO_N "checking whether byte ordering is bigendian... $ECHO_C" >&6 if test "${ac_cv_c_bigendian+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else # See if sys/param.h defines the BYTE_ORDER macro. cat >conftest.$ac_ext <<_ACEOF -#line 1852 "configure" +#line $LINENO "configure" #include "confdefs.h" #include #include @@ -1872,20 +2108,20 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:1875: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:1878: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:1881: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:1884: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then # It does; now see whether it defined to BIG_ENDIAN or not. cat >conftest.$ac_ext <<_ACEOF -#line 1888 "configure" +#line $LINENO "configure" #include "confdefs.h" #include #include @@ -1908,16 +2144,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:1911: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:1914: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:1917: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:1920: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_c_bigendian=yes else @@ -1934,7 +2170,7 @@ # try to guess the endianess by grep'ing values into an object file ac_cv_c_bigendian=unknown cat >conftest.$ac_ext <<_ACEOF -#line 1937 "configure" +#line $LINENO "configure" #include "confdefs.h" short ascii_mm[] = { 0x4249, 0x4765, 0x6E44, 0x6961, 0x6E53, 0x7953, 0 }; short ascii_ii[] = { 0x694C, 0x5454, 0x656C, 0x6E45, 0x6944, 0x6E61, 0 }; @@ -1957,16 +2193,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:1960: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:1963: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:1966: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:1969: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then if fgrep BIGenDianSyS conftest.$ac_objext >/dev/null ; then ac_cv_c_bigendian=yes @@ -1986,7 +2222,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext else cat >conftest.$ac_ext <<_ACEOF -#line 1989 "configure" +#line $LINENO "configure" #include "confdefs.h" int main () @@ -2002,21 +2238,22 @@ } _ACEOF rm -f conftest$ac_exeext -if { (eval echo "$as_me:2005: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:2008: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (eval echo "$as_me:2010: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:2013: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_c_bigendian=no else echo "$as_me: program exited with status $ac_status" >&5 echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 +( exit $ac_status ) ac_cv_c_bigendian=yes fi rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext @@ -2024,7 +2261,7 @@ fi rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:2027: result: $ac_cv_c_bigendian" >&5 +echo "$as_me:$LINENO: result: $ac_cv_c_bigendian" >&5 echo "${ECHO_T}$ac_cv_c_bigendian" >&6 case $ac_cv_c_bigendian in yes) @@ -2036,20 +2273,21 @@ no) ;; *) - { { echo "$as_me:2039: error: unknown endianess + { { echo "$as_me:$LINENO: error: unknown endianess presetting ac_cv_c_bigendian=no (or yes) will help" >&5 echo "$as_me: error: unknown endianess presetting ac_cv_c_bigendian=no (or yes) will help" >&2;} { (exit 1); exit 1; }; } ;; esac + # Checks for programs. ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu -echo "$as_me:2052: checking how to run the C preprocessor" >&5 +echo "$as_me:$LINENO: checking how to run the C preprocessor" >&5 echo $ECHO_N "checking how to run the C preprocessor... $ECHO_C" >&6 # On Suns, sometimes $CPP names a directory. if test -n "$CPP" && test -d "$CPP"; then @@ -2070,18 +2308,18 @@ # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. "Syntax error" is here to catch this case. cat >conftest.$ac_ext <<_ACEOF -#line 2073 "configure" +#line $LINENO "configure" #include "confdefs.h" #include Syntax error _ACEOF -if { (eval echo "$as_me:2078: \"$ac_cpp conftest.$ac_ext\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? egrep -v '^ *\+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 - echo "$as_me:2084: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag @@ -2104,17 +2342,17 @@ # OK, works on sane cases. Now check whether non-existent headers # can be detected and how. cat >conftest.$ac_ext <<_ACEOF -#line 2107 "configure" +#line $LINENO "configure" #include "confdefs.h" #include _ACEOF -if { (eval echo "$as_me:2111: \"$ac_cpp conftest.$ac_ext\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? egrep -v '^ *\+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 - echo "$as_me:2117: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag @@ -2151,7 +2389,7 @@ else ac_cv_prog_CPP=$CPP fi -echo "$as_me:2154: result: $CPP" >&5 +echo "$as_me:$LINENO: result: $CPP" >&5 echo "${ECHO_T}$CPP" >&6 ac_preproc_ok=false for ac_c_preproc_warn_flag in '' yes @@ -2161,18 +2399,18 @@ # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. "Syntax error" is here to catch this case. cat >conftest.$ac_ext <<_ACEOF -#line 2164 "configure" +#line $LINENO "configure" #include "confdefs.h" #include Syntax error _ACEOF -if { (eval echo "$as_me:2169: \"$ac_cpp conftest.$ac_ext\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? egrep -v '^ *\+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 - echo "$as_me:2175: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag @@ -2195,17 +2433,17 @@ # OK, works on sane cases. Now check whether non-existent headers # can be detected and how. cat >conftest.$ac_ext <<_ACEOF -#line 2198 "configure" +#line $LINENO "configure" #include "confdefs.h" #include _ACEOF -if { (eval echo "$as_me:2202: \"$ac_cpp conftest.$ac_ext\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? egrep -v '^ *\+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 - echo "$as_me:2208: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag @@ -2233,7 +2471,7 @@ if $ac_preproc_ok; then : else - { { echo "$as_me:2236: error: C preprocessor \"$CPP\" fails sanity check" >&5 + { { echo "$as_me:$LINENO: error: C preprocessor \"$CPP\" fails sanity check" >&5 echo "$as_me: error: C preprocessor \"$CPP\" fails sanity check" >&2;} { (exit 1); exit 1; }; } fi @@ -2247,7 +2485,7 @@ if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args. set dummy ${ac_tool_prefix}ranlib; ac_word=$2 -echo "$as_me:2250: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_RANLIB+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -2255,25 +2493,28 @@ if test -n "$RANLIB"; then ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test. else - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - $as_executable_p "$ac_dir/$ac_word" || continue -ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" -echo "$as_me:2265: found $ac_dir/$ac_word" >&5 -break +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done fi fi RANLIB=$ac_cv_prog_RANLIB if test -n "$RANLIB"; then - echo "$as_me:2273: result: $RANLIB" >&5 + echo "$as_me:$LINENO: result: $RANLIB" >&5 echo "${ECHO_T}$RANLIB" >&6 else - echo "$as_me:2276: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -2282,7 +2523,7 @@ ac_ct_RANLIB=$RANLIB # Extract the first word of "ranlib", so it can be a program name with args. set dummy ranlib; ac_word=$2 -echo "$as_me:2285: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_ac_ct_RANLIB+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -2290,15 +2531,18 @@ if test -n "$ac_ct_RANLIB"; then ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test. else - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - $as_executable_p "$ac_dir/$ac_word" || continue -ac_cv_prog_ac_ct_RANLIB="ranlib" -echo "$as_me:2300: found $ac_dir/$ac_word" >&5 -break +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_RANLIB="ranlib" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done test -z "$ac_cv_prog_ac_ct_RANLIB" && ac_cv_prog_ac_ct_RANLIB=":" @@ -2306,10 +2550,10 @@ fi ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB if test -n "$ac_ct_RANLIB"; then - echo "$as_me:2309: result: $ac_ct_RANLIB" >&5 + echo "$as_me:$LINENO: result: $ac_ct_RANLIB" >&5 echo "${ECHO_T}$ac_ct_RANLIB" >&6 else - echo "$as_me:2312: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -2330,43 +2574,48 @@ # AFS /usr/afsws/bin/install, which mishandles nonexistent args # SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" # ./install, which can be erroneously created by make from ./install.sh. -echo "$as_me:2333: checking for a BSD compatible install" >&5 -echo $ECHO_N "checking for a BSD compatible install... $ECHO_C" >&6 +echo "$as_me:$LINENO: checking for a BSD-compatible install" >&5 +echo $ECHO_N "checking for a BSD-compatible install... $ECHO_C" >&6 if test -z "$INSTALL"; then if test "${ac_cv_path_install+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else - ac_save_IFS=$IFS; IFS=$ac_path_separator - for ac_dir in $PATH; do - IFS=$ac_save_IFS - # Account for people who put trailing slashes in PATH elements. - case $ac_dir/ in - / | ./ | .// | /cC/* \ - | /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* \ - | /usr/ucb/* ) ;; - *) - # OSF1 and SCO ODT 3.0 have their own names for install. - # Don't use installbsd from OSF since it installs stuff as root - # by default. - for ac_prog in ginstall scoinst install; do - if $as_executable_p "$ac_dir/$ac_prog"; then - if test $ac_prog = install && - grep dspmsg "$ac_dir/$ac_prog" >/dev/null 2>&1; then - # AIX install. It has an incompatible calling convention. - : - elif test $ac_prog = install && - grep pwplus "$ac_dir/$ac_prog" >/dev/null 2>&1; then - # program-specific install script used by HP pwplus--don't use. - : - else - ac_cv_path_install="$ac_dir/$ac_prog -c" - break 2 - fi - fi + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + # Account for people who put trailing slashes in PATH elements. +case $as_dir/ in + ./ | .// | /cC/* | \ + /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \ + /usr/ucb/* ) ;; + *) + # OSF1 and SCO ODT 3.0 have their own names for install. + # Don't use installbsd from OSF since it installs stuff as root + # by default. + for ac_prog in ginstall scoinst install; do + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then + if test $ac_prog = install && + grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then + # AIX install. It has an incompatible calling convention. + : + elif test $ac_prog = install && + grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then + # program-specific install script used by HP pwplus--don't use. + : + else + ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c" + break 3 + fi + fi done - ;; - esac - done + done + ;; +esac +done + fi if test "${ac_cv_path_install+set}" = set; then @@ -2379,7 +2628,7 @@ INSTALL=$ac_install_sh fi fi -echo "$as_me:2382: result: $INSTALL" >&5 +echo "$as_me:$LINENO: result: $INSTALL" >&5 echo "${ECHO_T}$INSTALL" >&6 # Use test -z because SunOS4 sh mishandles braces in ${var-val}. @@ -2392,7 +2641,7 @@ # Extract the first word of "ar", so it can be a program name with args. set dummy ar; ac_word=$2 -echo "$as_me:2395: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_AR+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -2402,16 +2651,18 @@ ac_cv_path_AR="$AR" # Let the user override the test with a path. ;; *) - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - if $as_executable_p "$ac_dir/$ac_word"; then - ac_cv_path_AR="$ac_dir/$ac_word" - echo "$as_me:2412: found $ac_dir/$ac_word" >&5 - break -fi + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_AR="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done ;; @@ -2420,10 +2671,10 @@ AR=$ac_cv_path_AR if test -n "$AR"; then - echo "$as_me:2423: result: $AR" >&5 + echo "$as_me:$LINENO: result: $AR" >&5 echo "${ECHO_T}$AR" >&6 else - echo "$as_me:2426: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -2431,7 +2682,7 @@ do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 -echo "$as_me:2434: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_PERL+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -2441,16 +2692,18 @@ ac_cv_path_PERL="$PERL" # Let the user override the test with a path. ;; *) - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - if $as_executable_p "$ac_dir/$ac_word"; then - ac_cv_path_PERL="$ac_dir/$ac_word" - echo "$as_me:2451: found $ac_dir/$ac_word" >&5 - break -fi + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_PERL="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done ;; @@ -2459,19 +2712,20 @@ PERL=$ac_cv_path_PERL if test -n "$PERL"; then - echo "$as_me:2462: result: $PERL" >&5 + echo "$as_me:$LINENO: result: $PERL" >&5 echo "${ECHO_T}$PERL" >&6 else - echo "$as_me:2465: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi test -n "$PERL" && break done + # Extract the first word of "ent", so it can be a program name with args. set dummy ent; ac_word=$2 -echo "$as_me:2474: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_ENT+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -2481,16 +2735,18 @@ ac_cv_path_ENT="$ENT" # Let the user override the test with a path. ;; *) - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - if $as_executable_p "$ac_dir/$ac_word"; then - ac_cv_path_ENT="$ac_dir/$ac_word" - echo "$as_me:2491: found $ac_dir/$ac_word" >&5 - break -fi + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_ENT="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done ;; @@ -2499,18 +2755,19 @@ ENT=$ac_cv_path_ENT if test -n "$ENT"; then - echo "$as_me:2502: result: $ENT" >&5 + echo "$as_me:$LINENO: result: $ENT" >&5 echo "${ECHO_T}$ENT" >&6 else - echo "$as_me:2505: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi + for ac_prog in filepriv do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 -echo "$as_me:2513: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_FILEPRIV+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -2520,16 +2777,19 @@ ac_cv_path_FILEPRIV="$FILEPRIV" # Let the user override the test with a path. ;; *) - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="/sbin:/usr/sbin" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - if $as_executable_p "$ac_dir/$ac_word"; then - ac_cv_path_FILEPRIV="$ac_dir/$ac_word" - echo "$as_me:2530: found $ac_dir/$ac_word" >&5 - break -fi + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +as_dummy="/sbin:/usr/sbin" +for as_dir in $as_dummy +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_FILEPRIV="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done ;; @@ -2538,10 +2798,10 @@ FILEPRIV=$ac_cv_path_FILEPRIV if test -n "$FILEPRIV"; then - echo "$as_me:2541: result: $FILEPRIV" >&5 + echo "$as_me:$LINENO: result: $FILEPRIV" >&5 echo "${ECHO_T}$FILEPRIV" >&6 else - echo "$as_me:2544: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -2551,7 +2811,7 @@ # Extract the first word of "bash", so it can be a program name with args. set dummy bash; ac_word=$2 -echo "$as_me:2554: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_TEST_MINUS_S_SH+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -2561,16 +2821,18 @@ ac_cv_path_TEST_MINUS_S_SH="$TEST_MINUS_S_SH" # Let the user override the test with a path. ;; *) - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - if $as_executable_p "$ac_dir/$ac_word"; then - ac_cv_path_TEST_MINUS_S_SH="$ac_dir/$ac_word" - echo "$as_me:2571: found $ac_dir/$ac_word" >&5 - break -fi + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_TEST_MINUS_S_SH="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done ;; @@ -2579,16 +2841,16 @@ TEST_MINUS_S_SH=$ac_cv_path_TEST_MINUS_S_SH if test -n "$TEST_MINUS_S_SH"; then - echo "$as_me:2582: result: $TEST_MINUS_S_SH" >&5 + echo "$as_me:$LINENO: result: $TEST_MINUS_S_SH" >&5 echo "${ECHO_T}$TEST_MINUS_S_SH" >&6 else - echo "$as_me:2585: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi # Extract the first word of "ksh", so it can be a program name with args. set dummy ksh; ac_word=$2 -echo "$as_me:2591: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_TEST_MINUS_S_SH+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -2598,16 +2860,18 @@ ac_cv_path_TEST_MINUS_S_SH="$TEST_MINUS_S_SH" # Let the user override the test with a path. ;; *) - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - if $as_executable_p "$ac_dir/$ac_word"; then - ac_cv_path_TEST_MINUS_S_SH="$ac_dir/$ac_word" - echo "$as_me:2608: found $ac_dir/$ac_word" >&5 - break -fi + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_TEST_MINUS_S_SH="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done ;; @@ -2616,16 +2880,16 @@ TEST_MINUS_S_SH=$ac_cv_path_TEST_MINUS_S_SH if test -n "$TEST_MINUS_S_SH"; then - echo "$as_me:2619: result: $TEST_MINUS_S_SH" >&5 + echo "$as_me:$LINENO: result: $TEST_MINUS_S_SH" >&5 echo "${ECHO_T}$TEST_MINUS_S_SH" >&6 else - echo "$as_me:2622: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi # Extract the first word of "sh", so it can be a program name with args. set dummy sh; ac_word=$2 -echo "$as_me:2628: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_TEST_MINUS_S_SH+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -2635,16 +2899,18 @@ ac_cv_path_TEST_MINUS_S_SH="$TEST_MINUS_S_SH" # Let the user override the test with a path. ;; *) - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - if $as_executable_p "$ac_dir/$ac_word"; then - ac_cv_path_TEST_MINUS_S_SH="$ac_dir/$ac_word" - echo "$as_me:2645: found $ac_dir/$ac_word" >&5 - break -fi + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_TEST_MINUS_S_SH="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done ;; @@ -2653,22 +2919,62 @@ TEST_MINUS_S_SH=$ac_cv_path_TEST_MINUS_S_SH if test -n "$TEST_MINUS_S_SH"; then - echo "$as_me:2656: result: $TEST_MINUS_S_SH" >&5 + echo "$as_me:$LINENO: result: $TEST_MINUS_S_SH" >&5 echo "${ECHO_T}$TEST_MINUS_S_SH" >&6 else - echo "$as_me:2659: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi -# System features -# Check whether --enable-largefile or --disable-largefile was given. -if test "${enable_largefile+set}" = set; then - enableval="$enable_largefile" - -fi; -if test "$enable_largefile" != no; then - - echo "$as_me:2671: checking for special C compiler options needed for large files" >&5 +# Extract the first word of "sh", so it can be a program name with args. +set dummy sh; ac_word=$2 +echo "$as_me:$LINENO: checking for $ac_word" >&5 +echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 +if test "${ac_cv_path_SH+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + case $SH in + [\\/]* | ?:[\\/]*) + ac_cv_path_SH="$SH" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_SH="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done +done + + ;; +esac +fi +SH=$ac_cv_path_SH + +if test -n "$SH"; then + echo "$as_me:$LINENO: result: $SH" >&5 +echo "${ECHO_T}$SH" >&6 +else + echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6 +fi + + +# System features +# Check whether --enable-largefile or --disable-largefile was given. +if test "${enable_largefile+set}" = set; then + enableval="$enable_largefile" + +fi; +if test "$enable_largefile" != no; then + + echo "$as_me:$LINENO: checking for special C compiler options needed for large files" >&5 echo $ECHO_N "checking for special C compiler options needed for large files... $ECHO_C" >&6 if test "${ac_cv_sys_largefile_CC+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -2680,7 +2986,7 @@ # IRIX 6.2 and later do not support large files by default, # so use the C compiler's -n32 option if that helps. cat >conftest.$ac_ext <<_ACEOF -#line 2683 "configure" +#line $LINENO "configure" #include "confdefs.h" #include /* Check that off_t can represent 2**63 - 1 correctly. @@ -2706,16 +3012,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:2709: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:2712: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:2715: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:2718: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then break else @@ -2725,16 +3031,16 @@ rm -f conftest.$ac_objext CC="$CC -n32" rm -f conftest.$ac_objext -if { (eval echo "$as_me:2728: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:2731: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:2734: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:2737: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_sys_largefile_CC=' -n32'; break else @@ -2748,13 +3054,13 @@ rm -f conftest.$ac_ext fi fi -echo "$as_me:2751: result: $ac_cv_sys_largefile_CC" >&5 +echo "$as_me:$LINENO: result: $ac_cv_sys_largefile_CC" >&5 echo "${ECHO_T}$ac_cv_sys_largefile_CC" >&6 if test "$ac_cv_sys_largefile_CC" != no; then CC=$CC$ac_cv_sys_largefile_CC fi - echo "$as_me:2757: checking for _FILE_OFFSET_BITS value needed for large files" >&5 + echo "$as_me:$LINENO: checking for _FILE_OFFSET_BITS value needed for large files" >&5 echo $ECHO_N "checking for _FILE_OFFSET_BITS value needed for large files... $ECHO_C" >&6 if test "${ac_cv_sys_file_offset_bits+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -2762,7 +3068,7 @@ while :; do ac_cv_sys_file_offset_bits=no cat >conftest.$ac_ext <<_ACEOF -#line 2765 "configure" +#line $LINENO "configure" #include "confdefs.h" #include /* Check that off_t can represent 2**63 - 1 correctly. @@ -2788,16 +3094,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:2791: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:2794: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:2797: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:2800: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then break else @@ -2806,7 +3112,7 @@ fi rm -f conftest.$ac_objext conftest.$ac_ext cat >conftest.$ac_ext <<_ACEOF -#line 2809 "configure" +#line $LINENO "configure" #include "confdefs.h" #define _FILE_OFFSET_BITS 64 #include @@ -2833,16 +3139,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:2836: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:2839: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:2842: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:2845: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_sys_file_offset_bits=64; break else @@ -2853,7 +3159,7 @@ break done fi -echo "$as_me:2856: result: $ac_cv_sys_file_offset_bits" >&5 +echo "$as_me:$LINENO: result: $ac_cv_sys_file_offset_bits" >&5 echo "${ECHO_T}$ac_cv_sys_file_offset_bits" >&6 if test "$ac_cv_sys_file_offset_bits" != no; then @@ -2863,7 +3169,7 @@ fi rm -f conftest* - echo "$as_me:2866: checking for _LARGE_FILES value needed for large files" >&5 + echo "$as_me:$LINENO: checking for _LARGE_FILES value needed for large files" >&5 echo $ECHO_N "checking for _LARGE_FILES value needed for large files... $ECHO_C" >&6 if test "${ac_cv_sys_large_files+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -2871,7 +3177,7 @@ while :; do ac_cv_sys_large_files=no cat >conftest.$ac_ext <<_ACEOF -#line 2874 "configure" +#line $LINENO "configure" #include "confdefs.h" #include /* Check that off_t can represent 2**63 - 1 correctly. @@ -2897,16 +3203,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:2900: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:2903: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:2906: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:2909: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then break else @@ -2915,7 +3221,7 @@ fi rm -f conftest.$ac_objext conftest.$ac_ext cat >conftest.$ac_ext <<_ACEOF -#line 2918 "configure" +#line $LINENO "configure" #include "confdefs.h" #define _LARGE_FILES 1 #include @@ -2942,16 +3248,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:2945: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:2948: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:2951: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:2954: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_sys_large_files=1; break else @@ -2962,7 +3268,7 @@ break done fi -echo "$as_me:2965: result: $ac_cv_sys_large_files" >&5 +echo "$as_me:$LINENO: result: $ac_cv_sys_large_files" >&5 echo "${ECHO_T}$ac_cv_sys_large_files" >&6 if test "$ac_cv_sys_large_files" != no; then @@ -2974,8 +3280,9 @@ rm -f conftest* fi + if test -z "$AR" ; then - { { echo "$as_me:2978: error: *** 'ar' missing, please install or fix your \$PATH ***" >&5 + { { echo "$as_me:$LINENO: error: *** 'ar' missing, please install or fix your \$PATH ***" >&5 echo "$as_me: error: *** 'ar' missing, please install or fix your \$PATH ***" >&2;} { (exit 1); exit 1; }; } fi @@ -2990,7 +3297,7 @@ # Search for login # Extract the first word of "login", so it can be a program name with args. set dummy login; ac_word=$2 -echo "$as_me:2993: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_LOGIN_PROGRAM_FALLBACK+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -3000,16 +3307,18 @@ ac_cv_path_LOGIN_PROGRAM_FALLBACK="$LOGIN_PROGRAM_FALLBACK" # Let the user override the test with a path. ;; *) - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - if $as_executable_p "$ac_dir/$ac_word"; then - ac_cv_path_LOGIN_PROGRAM_FALLBACK="$ac_dir/$ac_word" - echo "$as_me:3010: found $ac_dir/$ac_word" >&5 - break -fi + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_LOGIN_PROGRAM_FALLBACK="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done ;; @@ -3018,10 +3327,10 @@ LOGIN_PROGRAM_FALLBACK=$ac_cv_path_LOGIN_PROGRAM_FALLBACK if test -n "$LOGIN_PROGRAM_FALLBACK"; then - echo "$as_me:3021: result: $LOGIN_PROGRAM_FALLBACK" >&5 + echo "$as_me:$LINENO: result: $LOGIN_PROGRAM_FALLBACK" >&5 echo "${ECHO_T}$LOGIN_PROGRAM_FALLBACK" >&6 else - echo "$as_me:3024: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -3037,7 +3346,8 @@ LD=$CC fi -echo "$as_me:3040: checking for $CC option to accept ANSI C" >&5 + +echo "$as_me:$LINENO: checking for $CC option to accept ANSI C" >&5 echo $ECHO_N "checking for $CC option to accept ANSI C... $ECHO_C" >&6 if test "${ac_cv_prog_cc_stdc+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -3045,7 +3355,7 @@ ac_cv_prog_cc_stdc=no ac_save_CC=$CC cat >conftest.$ac_ext <<_ACEOF -#line 3048 "configure" +#line $LINENO "configure" #include "confdefs.h" #include #include @@ -3100,16 +3410,16 @@ do CC="$ac_save_CC $ac_arg" rm -f conftest.$ac_objext -if { (eval echo "$as_me:3103: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:3106: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:3109: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:3112: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_prog_cc_stdc=$ac_arg break @@ -3126,15 +3436,15 @@ case "x$ac_cv_prog_cc_stdc" in x|xno) - echo "$as_me:3129: result: none needed" >&5 + echo "$as_me:$LINENO: result: none needed" >&5 echo "${ECHO_T}none needed" >&6 ;; *) - echo "$as_me:3132: result: $ac_cv_prog_cc_stdc" >&5 + echo "$as_me:$LINENO: result: $ac_cv_prog_cc_stdc" >&5 echo "${ECHO_T}$ac_cv_prog_cc_stdc" >&6 CC="$CC $ac_cv_prog_cc_stdc" ;; esac -echo "$as_me:3137: checking for inline" >&5 +echo "$as_me:$LINENO: checking for inline" >&5 echo $ECHO_N "checking for inline... $ECHO_C" >&6 if test "${ac_cv_c_inline+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -3142,7 +3452,7 @@ ac_cv_c_inline=no for ac_kw in inline __inline__ __inline; do cat >conftest.$ac_ext <<_ACEOF -#line 3145 "configure" +#line $LINENO "configure" #include "confdefs.h" #ifndef __cplusplus static $ac_kw int static_foo () {return 0; } @@ -3151,16 +3461,16 @@ _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:3154: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:3157: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:3160: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:3163: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_c_inline=$ac_kw; break else @@ -3171,7 +3481,7 @@ done fi -echo "$as_me:3174: result: $ac_cv_c_inline" >&5 +echo "$as_me:$LINENO: result: $ac_cv_c_inline" >&5 echo "${ECHO_T}$ac_cv_c_inline" >&6 case $ac_cv_c_inline in inline | yes) ;; @@ -3197,15 +3507,62 @@ CPPFLAGS="$CPPFLAGS -I/usr/local/include" LDFLAGS="$LDFLAGS -L/usr/local/lib" if (test "$LD" != "gcc" && test -z "$blibpath"); then - blibpath="/usr/lib:/lib:/usr/local/lib" + echo "$as_me:$LINENO: checking if linkage editor ($LD) accepts -blibpath" >&5 +echo $ECHO_N "checking if linkage editor ($LD) accepts -blibpath... $ECHO_C" >&6 + saved_LDFLAGS="$LDFLAGS" + LDFLAGS="$LDFLAGS -blibpath:/usr/lib:/lib:/usr/local/lib" + cat >conftest.$ac_ext <<_ACEOF +#line $LINENO "configure" +#include "confdefs.h" + +#ifdef F77_DUMMY_MAIN +# ifdef __cplusplus + extern "C" +# endif + int F77_DUMMY_MAIN() { return 1; } +#endif +int +main () +{ + + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + + echo "$as_me:$LINENO: result: yes" >&5 +echo "${ECHO_T}yes" >&6 + blibpath="/usr/lib:/lib:/usr/local/lib" + +else + echo "$as_me: failed program was:" >&5 +cat conftest.$ac_ext >&5 + echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6 + +fi +rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext + LDFLAGS="$saved_LDFLAGS" fi - echo "$as_me:3202: checking for authenticate" >&5 + echo "$as_me:$LINENO: checking for authenticate" >&5 echo $ECHO_N "checking for authenticate... $ECHO_C" >&6 if test "${ac_cv_func_authenticate+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 3208 "configure" +#line $LINENO "configure" #include "confdefs.h" /* System header to define __stub macros and hopefully few prototypes, which can conflict with char authenticate (); below. */ @@ -3242,16 +3599,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:3245: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:3248: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:3251: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:3254: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_func_authenticate=yes else @@ -3261,7 +3618,7 @@ fi rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext fi -echo "$as_me:3264: result: $ac_cv_func_authenticate" >&5 +echo "$as_me:$LINENO: result: $ac_cv_func_authenticate" >&5 echo "${ECHO_T}$ac_cv_func_authenticate" >&6 if test $ac_cv_func_authenticate = yes; then cat >>confdefs.h <<\_ACEOF @@ -3274,12 +3631,12 @@ #define BROKEN_GETADDRINFO 1 _ACEOF - cat >>confdefs.h <<\_ACEOF -#define DISABLE_LASTLOG 1 + cat >>confdefs.h <<\_ACEOF +#define BROKEN_REALPATH 1 _ACEOF - cat >>confdefs.h <<\_ACEOF -#define HAVE_BOGUS_SYS_QUEUE_H 1 + cat >>confdefs.h <<\_ACEOF +#define DISABLE_LASTLOG 1 _ACEOF ;; @@ -3322,6 +3679,43 @@ _ACEOF ;; +*-*-hpux10.26) + if test -z "$GCC"; then + CFLAGS="$CFLAGS -Ae" + fi + CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" + IPADDR_IN_DISPLAY=yes + cat >>confdefs.h <<\_ACEOF +#define HAVE_SECUREWARE 1 +_ACEOF + + cat >>confdefs.h <<\_ACEOF +#define USE_PIPES 1 +_ACEOF + + cat >>confdefs.h <<\_ACEOF +#define LOGIN_NO_ENDOPT 1 +_ACEOF + + cat >>confdefs.h <<\_ACEOF +#define LOGIN_NEEDS_UTMPX 1 +_ACEOF + + cat >>confdefs.h <<\_ACEOF +#define DISABLE_SHADOW 1 +_ACEOF + + cat >>confdefs.h <<\_ACEOF +#define DISABLE_UTMP 1 +_ACEOF + + cat >>confdefs.h <<\_ACEOF +#define SPT_TYPE SPT_PSTAT +_ACEOF + + LIBS="$LIBS -lxnet -lsec -lsecpw" + disable_ptmx_check=yes + ;; *-*-hpux10*) if test -z "$GCC"; then CFLAGS="$CFLAGS -Ae" @@ -3333,6 +3727,14 @@ _ACEOF cat >>confdefs.h <<\_ACEOF +#define LOGIN_NO_ENDOPT 1 +_ACEOF + + cat >>confdefs.h <<\_ACEOF +#define LOGIN_NEEDS_UTMPX 1 +_ACEOF + + cat >>confdefs.h <<\_ACEOF #define DISABLE_SHADOW 1 _ACEOF @@ -3358,6 +3760,14 @@ _ACEOF cat >>confdefs.h <<\_ACEOF +#define LOGIN_NO_ENDOPT 1 +_ACEOF + + cat >>confdefs.h <<\_ACEOF +#define LOGIN_NEEDS_UTMPX 1 +_ACEOF + + cat >>confdefs.h <<\_ACEOF #define DISABLE_SHADOW 1 _ACEOF @@ -3379,6 +3789,10 @@ #define BROKEN_INET_NTOA 1 _ACEOF + cat >>confdefs.h <<\_ACEOF +#define WITH_ABBREV_NO_TTY 1 +_ACEOF + ;; *-*-irix6*) CPPFLAGS="$CPPFLAGS -I/usr/local/include" @@ -3396,13 +3810,13 @@ #define WITH_IRIX_AUDIT 1 _ACEOF - echo "$as_me:3399: checking for jlimit_startjob" >&5 + echo "$as_me:$LINENO: checking for jlimit_startjob" >&5 echo $ECHO_N "checking for jlimit_startjob... $ECHO_C" >&6 if test "${ac_cv_func_jlimit_startjob+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 3405 "configure" +#line $LINENO "configure" #include "confdefs.h" /* System header to define __stub macros and hopefully few prototypes, which can conflict with char jlimit_startjob (); below. */ @@ -3439,16 +3853,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:3442: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:3445: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:3448: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:3451: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_func_jlimit_startjob=yes else @@ -3458,7 +3872,7 @@ fi rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext fi -echo "$as_me:3461: result: $ac_cv_func_jlimit_startjob" >&5 +echo "$as_me:$LINENO: result: $ac_cv_func_jlimit_startjob" >&5 echo "${ECHO_T}$ac_cv_func_jlimit_startjob" >&6 if test $ac_cv_func_jlimit_startjob = yes; then cat >>confdefs.h <<\_ACEOF @@ -3471,6 +3885,10 @@ #define BROKEN_INET_NTOA 1 _ACEOF + cat >>confdefs.h <<\_ACEOF +#define WITH_ABBREV_NO_TTY 1 +_ACEOF + ;; *-*-linux*) no_dev_ptmx=1 @@ -3483,10 +3901,6 @@ #define PAM_TTY_KLUDGE 1 _ACEOF - cat >>confdefs.h <<\_ACEOF -#define HAVE_BOGUS_SYS_QUEUE_H 1 -_ACEOF - inet6_default_4in6=yes ;; mips-sony-bsd|mips-sony-newsos4) @@ -3495,73 +3909,6 @@ _ACEOF SONY=1 - echo "$as_me:3498: checking for xatexit in -liberty" >&5 -echo $ECHO_N "checking for xatexit in -liberty... $ECHO_C" >&6 -if test "${ac_cv_lib_iberty_xatexit+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-liberty $LIBS" -cat >conftest.$ac_ext <<_ACEOF -#line 3506 "configure" -#include "confdefs.h" - -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char xatexit (); -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif -int -main () -{ -xatexit (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:3531: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 - ac_status=$? - echo "$as_me:3534: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:3537: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:3540: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_cv_lib_iberty_xatexit=yes -else - echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 -ac_cv_lib_iberty_xatexit=no -fi -rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -echo "$as_me:3551: result: $ac_cv_lib_iberty_xatexit" >&5 -echo "${ECHO_T}$ac_cv_lib_iberty_xatexit" >&6 -if test $ac_cv_lib_iberty_xatexit = yes; then - cat >>confdefs.h <<\_ACEOF -#define HAVE_XATEXIT 1 -_ACEOF - -else - { { echo "$as_me:3559: error: *** libiberty missing - please install first or check config.log ***" >&5 -echo "$as_me: error: *** libiberty missing - please install first or check config.log ***" >&2;} - { (exit 1); exit 1; }; } - -fi - ;; *-*-netbsd*) need_dash_r=1 @@ -3615,11 +3962,11 @@ # hardwire lastlog location (can't detect it on some versions) conf_lastlog_location="/var/adm/lastlog" - echo "$as_me:3618: checking for obsolete utmp and wtmp in solaris2.x" >&5 + echo "$as_me:$LINENO: checking for obsolete utmp and wtmp in solaris2.x" >&5 echo $ECHO_N "checking for obsolete utmp and wtmp in solaris2.x... $ECHO_C" >&6 sol2ver=`echo "$host"| sed -e 's/.*[0-9]\.//'` if test "$sol2ver" -ge 8; then - echo "$as_me:3622: result: yes" >&5 + echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 cat >>confdefs.h <<\_ACEOF #define DISABLE_UTMP 1 @@ -3630,7 +3977,7 @@ _ACEOF else - echo "$as_me:3633: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi ;; @@ -3640,13 +3987,13 @@ for ac_func in getpwanam do as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -echo "$as_me:3643: checking for $ac_func" >&5 +echo "$as_me:$LINENO: checking for $ac_func" >&5 echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 if eval "test \"\${$as_ac_var+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 3649 "configure" +#line $LINENO "configure" #include "confdefs.h" /* System header to define __stub macros and hopefully few prototypes, which can conflict with char $ac_func (); below. */ @@ -3683,16 +4030,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:3686: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:3689: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:3692: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:3695: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then eval "$as_ac_var=yes" else @@ -3702,7 +4049,7 @@ fi rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext fi -echo "$as_me:3705: result: `eval echo '${'$as_ac_var'}'`" >&5 +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 if test `eval echo '${'$as_ac_var'}'` = yes; then cat >>confdefs.h <<_ACEOF @@ -3716,10 +4063,6 @@ #define PAM_SUN_CODEBASE 1 _ACEOF - cat >>confdefs.h <<\_ACEOF -#define HAVE_BOGUS_SYS_QUEUE_H 1 -_ACEOF - conf_utmp_location=/etc/utmp conf_wtmp_location=/var/adm/wtmp conf_lastlog_location=/var/adm/lastlog @@ -3733,10 +4076,6 @@ LDFLAGS="$LDFLAGS -L/usr/local/lib" LIBS="$LIBS -lc89" cat >>confdefs.h <<\_ACEOF -#define HAVE_BOGUS_SYS_QUEUE_H 1 -_ACEOF - - cat >>confdefs.h <<\_ACEOF #define USE_PIPES 1 _ACEOF @@ -3754,10 +4093,6 @@ #define IP_TOS_IS_BROKEN 1 _ACEOF - cat >>confdefs.h <<\_ACEOF -#define HAVE_BOGUS_SYS_QUEUE_H 1 -_ACEOF - # /usr/ucblib/libucb.a no longer needed on ReliantUNIX # Attention: always take care to bind libsocket and libnsl before libc, # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog @@ -3800,7 +4135,7 @@ _ACEOF cat >>confdefs.h <<\_ACEOF -#define HAVE_SCO_PROTECTED_PW 1 +#define HAVE_SECUREWARE 1 _ACEOF cat >>confdefs.h <<\_ACEOF @@ -3808,23 +4143,21 @@ _ACEOF cat >>confdefs.h <<\_ACEOF -#define HAVE_BOGUS_SYS_QUEUE_H 1 -_ACEOF - - cat >>confdefs.h <<\_ACEOF #define BROKEN_SAVED_UIDS 1 _ACEOF + + for ac_func in getluid setluid do as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -echo "$as_me:3821: checking for $ac_func" >&5 +echo "$as_me:$LINENO: checking for $ac_func" >&5 echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 if eval "test \"\${$as_ac_var+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 3827 "configure" +#line $LINENO "configure" #include "confdefs.h" /* System header to define __stub macros and hopefully few prototypes, which can conflict with char $ac_func (); below. */ @@ -3861,16 +4194,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:3864: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:3867: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:3870: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:3873: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then eval "$as_ac_var=yes" else @@ -3880,7 +4213,7 @@ fi rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext fi -echo "$as_me:3883: result: `eval echo '${'$as_ac_var'}'`" >&5 +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 if test `eval echo '${'$as_ac_var'}'` = yes; then cat >>confdefs.h <<_ACEOF @@ -3904,27 +4237,25 @@ _ACEOF cat >>confdefs.h <<\_ACEOF -#define HAVE_SCO_PROTECTED_PW 1 +#define HAVE_SECUREWARE 1 _ACEOF cat >>confdefs.h <<\_ACEOF #define DISABLE_SHADOW 1 _ACEOF - cat >>confdefs.h <<\_ACEOF -#define HAVE_BOGUS_SYS_QUEUE_H 1 -_ACEOF + for ac_func in getluid setluid do as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -echo "$as_me:3921: checking for $ac_func" >&5 +echo "$as_me:$LINENO: checking for $ac_func" >&5 echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 if eval "test \"\${$as_ac_var+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 3927 "configure" +#line $LINENO "configure" #include "confdefs.h" /* System header to define __stub macros and hopefully few prototypes, which can conflict with char $ac_func (); below. */ @@ -3961,16 +4292,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:3964: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:3967: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:3970: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:3973: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then eval "$as_ac_var=yes" else @@ -3980,7 +4311,7 @@ fi rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext fi -echo "$as_me:3983: result: `eval echo '${'$as_ac_var'}'`" >&5 +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 if test `eval echo '${'$as_ac_var'}'` = yes; then cat >>confdefs.h <<_ACEOF @@ -4003,7 +4334,7 @@ LIBS="$LIBS -lgen -lrsc" ;; *-dec-osf*) - echo "$as_me:4006: checking for Digital Unix SIA" >&5 + echo "$as_me:$LINENO: checking for Digital Unix SIA" >&5 echo $ECHO_N "checking for Digital Unix SIA... $ECHO_C" >&6 no_osfsia="" @@ -4012,7 +4343,7 @@ withval="$with_osfsia" if test "x$withval" = "xno" ; then - echo "$as_me:4015: result: disabled" >&5 + echo "$as_me:$LINENO: result: disabled" >&5 echo "${ECHO_T}disabled" >&6 no_osfsia=1 fi @@ -4020,7 +4351,7 @@ fi; if test -z "$no_osfsia" ; then if test -f /etc/sia/matrix.conf; then - echo "$as_me:4023: result: yes" >&5 + echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 cat >>confdefs.h <<\_ACEOF #define HAVE_OSF_SIA 1 @@ -4032,7 +4363,7 @@ LIBS="$LIBS -lsecurity -ldb -lm -laud" else - echo "$as_me:4035: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi fi @@ -4072,6 +4403,7 @@ CFLAGS="$CFLAGS $withval" fi + fi; # Check whether --with-cppflags or --without-cppflags was given. @@ -4082,6 +4414,7 @@ CPPFLAGS="$CPPFLAGS $withval" fi + fi; # Check whether --with-ldflags or --without-ldflags was given. @@ -4092,6 +4425,7 @@ LDFLAGS="$LDFLAGS $withval" fi + fi; # Check whether --with-libs or --without-libs was given. @@ -4102,17 +4436,18 @@ LIBS="$LIBS $withval" fi + fi; # Checks for header files. -echo "$as_me:4109: checking for ANSI C header files" >&5 +echo "$as_me:$LINENO: checking for ANSI C header files" >&5 echo $ECHO_N "checking for ANSI C header files... $ECHO_C" >&6 if test "${ac_cv_header_stdc+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 4115 "configure" +#line $LINENO "configure" #include "confdefs.h" #include #include @@ -4120,13 +4455,13 @@ #include _ACEOF -if { (eval echo "$as_me:4123: \"$ac_cpp conftest.$ac_ext\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? egrep -v '^ *\+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 - echo "$as_me:4129: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag @@ -4148,7 +4483,7 @@ if test $ac_cv_header_stdc = yes; then # SunOS 4.x string.h does not declare mem*, contrary to ANSI. cat >conftest.$ac_ext <<_ACEOF -#line 4151 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -4166,7 +4501,7 @@ if test $ac_cv_header_stdc = yes; then # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. cat >conftest.$ac_ext <<_ACEOF -#line 4169 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -4187,7 +4522,7 @@ : else cat >conftest.$ac_ext <<_ACEOF -#line 4190 "configure" +#line $LINENO "configure" #include "confdefs.h" #include #if ((' ' & 0x0FF) == 0x020) @@ -4213,28 +4548,29 @@ } _ACEOF rm -f conftest$ac_exeext -if { (eval echo "$as_me:4216: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:4219: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (eval echo "$as_me:4221: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:4224: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then : else echo "$as_me: program exited with status $ac_status" >&5 echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 +( exit $ac_status ) ac_cv_header_stdc=no fi rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext fi fi fi -echo "$as_me:4237: result: $ac_cv_header_stdc" >&5 +echo "$as_me:$LINENO: result: $ac_cv_header_stdc" >&5 echo "${ECHO_T}$ac_cv_header_stdc" >&6 if test $ac_cv_header_stdc = yes; then @@ -4246,33 +4582,41 @@ # On IRIX 5.3, sys/types and inttypes.h are conflicting. + + + + + + + + for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \ inttypes.h stdint.h unistd.h do as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -echo "$as_me:4253: checking for $ac_header" >&5 +echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 4259 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #include <$ac_header> _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:4266: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:4269: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:4272: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:4275: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then eval "$as_ac_Header=yes" else @@ -4282,7 +4626,7 @@ fi rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:4285: result: `eval echo '${'$as_ac_Header'}'`" >&5 +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 if test `eval echo '${'$as_ac_Header'}'` = yes; then cat >>confdefs.h <<_ACEOF @@ -4293,47 +4637,88 @@ done + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + for ac_header in bstring.h crypt.h endian.h floatingpoint.h \ getopt.h glob.h lastlog.h limits.h login.h \ login_cap.h maillock.h netdb.h netgroup.h \ - netinet/in_systm.h paths.h poll.h pty.h \ - security/pam_appl.h shadow.h stddef.h stdint.h \ + netinet/in_systm.h paths.h pty.h readpassphrase.h \ + rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \ strings.h sys/bitypes.h sys/bsdtty.h sys/cdefs.h \ - sys/poll.h sys/queue.h sys/select.h sys/stat.h \ + sys/mman.h sys/select.h sys/stat.h \ sys/stropts.h sys/sysmacros.h sys/time.h \ - sys/ttcompat.h sys/un.h time.h ttyent.h usersec.h \ + sys/un.h time.h ttyent.h usersec.h \ util.h utime.h utmp.h utmpx.h do as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` if eval "test \"\${$as_ac_Header+set}\" = set"; then - echo "$as_me:4309: checking for $ac_header" >&5 + echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 fi -echo "$as_me:4314: result: `eval echo '${'$as_ac_Header'}'`" >&5 +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 else # Is the header compilable? -echo "$as_me:4318: checking $ac_header usability" >&5 +echo "$as_me:$LINENO: checking $ac_header usability" >&5 echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 4321 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #include <$ac_header> _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:4327: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:4330: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:4333: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:4336: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_header_compiler=yes else @@ -4342,24 +4727,24 @@ ac_header_compiler=no fi rm -f conftest.$ac_objext conftest.$ac_ext -echo "$as_me:4345: result: $ac_header_compiler" >&5 +echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6 # Is the header present? -echo "$as_me:4349: checking $ac_header presence" >&5 +echo "$as_me:$LINENO: checking $ac_header presence" >&5 echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 4352 "configure" +#line $LINENO "configure" #include "confdefs.h" #include <$ac_header> _ACEOF -if { (eval echo "$as_me:4356: \"$ac_cpp conftest.$ac_ext\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? egrep -v '^ *\+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 - echo "$as_me:4362: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag @@ -4377,32 +4762,32 @@ ac_header_preproc=no fi rm -f conftest.err conftest.$ac_ext -echo "$as_me:4380: result: $ac_header_preproc" >&5 +echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 echo "${ECHO_T}$ac_header_preproc" >&6 # So? What about this header? case $ac_header_compiler:$ac_header_preproc in yes:no ) - { echo "$as_me:4386: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 + { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:4388: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; no:yes ) - { echo "$as_me:4391: WARNING: $ac_header: present but cannot be compiled." >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled." >&2;} - { echo "$as_me:4393: WARNING: $ac_header: check for missing prerequisite headers?" >&5 + { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 +echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:4395: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; esac -echo "$as_me:4398: checking for $ac_header" >&5 +echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else eval "$as_ac_Header=$ac_header_preproc" fi -echo "$as_me:4405: result: `eval echo '${'$as_ac_Header'}'`" >&5 +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 fi @@ -4415,14 +4800,15 @@ done + # Checks for libraries. -echo "$as_me:4419: checking for yp_match" >&5 +echo "$as_me:$LINENO: checking for yp_match" >&5 echo $ECHO_N "checking for yp_match... $ECHO_C" >&6 if test "${ac_cv_func_yp_match+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 4425 "configure" +#line $LINENO "configure" #include "confdefs.h" /* System header to define __stub macros and hopefully few prototypes, which can conflict with char yp_match (); below. */ @@ -4459,16 +4845,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:4462: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:4465: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:4468: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:4471: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_func_yp_match=yes else @@ -4478,13 +4864,13 @@ fi rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext fi -echo "$as_me:4481: result: $ac_cv_func_yp_match" >&5 +echo "$as_me:$LINENO: result: $ac_cv_func_yp_match" >&5 echo "${ECHO_T}$ac_cv_func_yp_match" >&6 if test $ac_cv_func_yp_match = yes; then : else -echo "$as_me:4487: checking for yp_match in -lnsl" >&5 +echo "$as_me:$LINENO: checking for yp_match in -lnsl" >&5 echo $ECHO_N "checking for yp_match in -lnsl... $ECHO_C" >&6 if test "${ac_cv_lib_nsl_yp_match+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -4492,7 +4878,7 @@ ac_check_lib_save_LIBS=$LIBS LIBS="-lnsl $LIBS" cat >conftest.$ac_ext <<_ACEOF -#line 4495 "configure" +#line $LINENO "configure" #include "confdefs.h" /* Override any gcc2 internal prototype to avoid an error. */ @@ -4517,16 +4903,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:4520: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:4523: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:4526: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:4529: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_nsl_yp_match=yes else @@ -4537,7 +4923,7 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -echo "$as_me:4540: result: $ac_cv_lib_nsl_yp_match" >&5 +echo "$as_me:$LINENO: result: $ac_cv_lib_nsl_yp_match" >&5 echo "${ECHO_T}$ac_cv_lib_nsl_yp_match" >&6 if test $ac_cv_lib_nsl_yp_match = yes; then cat >>confdefs.h <<_ACEOF @@ -4550,13 +4936,13 @@ fi -echo "$as_me:4553: checking for setsockopt" >&5 +echo "$as_me:$LINENO: checking for setsockopt" >&5 echo $ECHO_N "checking for setsockopt... $ECHO_C" >&6 if test "${ac_cv_func_setsockopt+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 4559 "configure" +#line $LINENO "configure" #include "confdefs.h" /* System header to define __stub macros and hopefully few prototypes, which can conflict with char setsockopt (); below. */ @@ -4593,16 +4979,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:4596: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:4599: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:4602: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:4605: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_func_setsockopt=yes else @@ -4612,13 +4998,13 @@ fi rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext fi -echo "$as_me:4615: result: $ac_cv_func_setsockopt" >&5 +echo "$as_me:$LINENO: result: $ac_cv_func_setsockopt" >&5 echo "${ECHO_T}$ac_cv_func_setsockopt" >&6 if test $ac_cv_func_setsockopt = yes; then : else -echo "$as_me:4621: checking for setsockopt in -lsocket" >&5 +echo "$as_me:$LINENO: checking for setsockopt in -lsocket" >&5 echo $ECHO_N "checking for setsockopt in -lsocket... $ECHO_C" >&6 if test "${ac_cv_lib_socket_setsockopt+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -4626,7 +5012,7 @@ ac_check_lib_save_LIBS=$LIBS LIBS="-lsocket $LIBS" cat >conftest.$ac_ext <<_ACEOF -#line 4629 "configure" +#line $LINENO "configure" #include "confdefs.h" /* Override any gcc2 internal prototype to avoid an error. */ @@ -4651,16 +5037,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:4654: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:4657: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:4660: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:4663: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_socket_setsockopt=yes else @@ -4671,7 +5057,7 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -echo "$as_me:4674: result: $ac_cv_lib_socket_setsockopt" >&5 +echo "$as_me:$LINENO: result: $ac_cv_lib_socket_setsockopt" >&5 echo "${ECHO_T}$ac_cv_lib_socket_setsockopt" >&6 if test $ac_cv_lib_socket_setsockopt = yes; then cat >>confdefs.h <<_ACEOF @@ -4684,9 +5070,10 @@ fi + if test "x$with_tcp_wrappers" != "xno" ; then if test "x$do_sco3_extra_lib_check" = "xyes" ; then - echo "$as_me:4689: checking for innetgr in -lrpc" >&5 + echo "$as_me:$LINENO: checking for innetgr in -lrpc" >&5 echo $ECHO_N "checking for innetgr in -lrpc... $ECHO_C" >&6 if test "${ac_cv_lib_rpc_innetgr+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -4694,7 +5081,7 @@ ac_check_lib_save_LIBS=$LIBS LIBS="-lrpc -lyp -lrpc $LIBS" cat >conftest.$ac_ext <<_ACEOF -#line 4697 "configure" +#line $LINENO "configure" #include "confdefs.h" /* Override any gcc2 internal prototype to avoid an error. */ @@ -4719,16 +5106,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:4722: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:4725: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:4728: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:4731: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_rpc_innetgr=yes else @@ -4739,7 +5126,7 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -echo "$as_me:4742: result: $ac_cv_lib_rpc_innetgr" >&5 +echo "$as_me:$LINENO: result: $ac_cv_lib_rpc_innetgr" >&5 echo "${ECHO_T}$ac_cv_lib_rpc_innetgr" >&6 if test $ac_cv_lib_rpc_innetgr = yes; then LIBS="-lrpc -lyp -lrpc $LIBS" @@ -4748,13 +5135,13 @@ fi fi -echo "$as_me:4751: checking for getspnam" >&5 +echo "$as_me:$LINENO: checking for getspnam" >&5 echo $ECHO_N "checking for getspnam... $ECHO_C" >&6 if test "${ac_cv_func_getspnam+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 4757 "configure" +#line $LINENO "configure" #include "confdefs.h" /* System header to define __stub macros and hopefully few prototypes, which can conflict with char getspnam (); below. */ @@ -4791,16 +5178,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:4794: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:4797: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:4800: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:4803: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_func_getspnam=yes else @@ -4810,12 +5197,12 @@ fi rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext fi -echo "$as_me:4813: result: $ac_cv_func_getspnam" >&5 +echo "$as_me:$LINENO: result: $ac_cv_func_getspnam" >&5 echo "${ECHO_T}$ac_cv_func_getspnam" >&6 if test $ac_cv_func_getspnam = yes; then : else - echo "$as_me:4818: checking for getspnam in -lgen" >&5 + echo "$as_me:$LINENO: checking for getspnam in -lgen" >&5 echo $ECHO_N "checking for getspnam in -lgen... $ECHO_C" >&6 if test "${ac_cv_lib_gen_getspnam+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -4823,7 +5210,7 @@ ac_check_lib_save_LIBS=$LIBS LIBS="-lgen $LIBS" cat >conftest.$ac_ext <<_ACEOF -#line 4826 "configure" +#line $LINENO "configure" #include "confdefs.h" /* Override any gcc2 internal prototype to avoid an error. */ @@ -4848,16 +5235,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:4851: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:4854: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:4857: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:4860: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_gen_getspnam=yes else @@ -4868,7 +5255,7 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -echo "$as_me:4871: result: $ac_cv_lib_gen_getspnam" >&5 +echo "$as_me:$LINENO: result: $ac_cv_lib_gen_getspnam" >&5 echo "${ECHO_T}$ac_cv_lib_gen_getspnam" >&6 if test $ac_cv_lib_gen_getspnam = yes; then LIBS="$LIBS -lgen" @@ -4876,6 +5263,8 @@ fi + + # Check whether --with-rpath or --without-rpath was given. if test "${with_rpath+set}" = set; then withval="$with_rpath" @@ -4887,14 +5276,16 @@ need_dash_r=1 fi + fi; + # Check whether --with-zlib or --without-zlib was given. if test "${with_zlib+set}" = set; then withval="$with_zlib" if test "x$withval" = "xno" ; then - { { echo "$as_me:4897: error: *** zlib is required ***" >&5 + { { echo "$as_me:$LINENO: error: *** zlib is required ***" >&5 echo "$as_me: error: *** zlib is required ***" >&2;} { (exit 1); exit 1; }; } fi @@ -4917,9 +5308,11 @@ CPPFLAGS="-I${withval} ${CPPFLAGS}" fi + fi; -echo "$as_me:4922: checking for deflate in -lz" >&5 + +echo "$as_me:$LINENO: checking for deflate in -lz" >&5 echo $ECHO_N "checking for deflate in -lz... $ECHO_C" >&6 if test "${ac_cv_lib_z_deflate+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -4927,7 +5320,7 @@ ac_check_lib_save_LIBS=$LIBS LIBS="-lz $LIBS" cat >conftest.$ac_ext <<_ACEOF -#line 4930 "configure" +#line $LINENO "configure" #include "confdefs.h" /* Override any gcc2 internal prototype to avoid an error. */ @@ -4952,16 +5345,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:4955: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:4958: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:4961: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:4964: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_z_deflate=yes else @@ -4972,7 +5365,7 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -echo "$as_me:4975: result: $ac_cv_lib_z_deflate" >&5 +echo "$as_me:$LINENO: result: $ac_cv_lib_z_deflate" >&5 echo "${ECHO_T}$ac_cv_lib_z_deflate" >&6 if test $ac_cv_lib_z_deflate = yes; then cat >>confdefs.h <<_ACEOF @@ -4982,18 +5375,19 @@ LIBS="-lz $LIBS" else - { { echo "$as_me:4985: error: *** zlib missing - please install first or check config.log ***" >&5 + { { echo "$as_me:$LINENO: error: *** zlib missing - please install first or check config.log ***" >&5 echo "$as_me: error: *** zlib missing - please install first or check config.log ***" >&2;} { (exit 1); exit 1; }; } fi -echo "$as_me:4990: checking for strcasecmp" >&5 + +echo "$as_me:$LINENO: checking for strcasecmp" >&5 echo $ECHO_N "checking for strcasecmp... $ECHO_C" >&6 if test "${ac_cv_func_strcasecmp+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 4996 "configure" +#line $LINENO "configure" #include "confdefs.h" /* System header to define __stub macros and hopefully few prototypes, which can conflict with char strcasecmp (); below. */ @@ -5030,16 +5424,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:5033: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:5036: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:5039: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:5042: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_func_strcasecmp=yes else @@ -5049,12 +5443,12 @@ fi rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext fi -echo "$as_me:5052: result: $ac_cv_func_strcasecmp" >&5 +echo "$as_me:$LINENO: result: $ac_cv_func_strcasecmp" >&5 echo "${ECHO_T}$ac_cv_func_strcasecmp" >&6 if test $ac_cv_func_strcasecmp = yes; then : else - echo "$as_me:5057: checking for strcasecmp in -lresolv" >&5 + echo "$as_me:$LINENO: checking for strcasecmp in -lresolv" >&5 echo $ECHO_N "checking for strcasecmp in -lresolv... $ECHO_C" >&6 if test "${ac_cv_lib_resolv_strcasecmp+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -5062,7 +5456,7 @@ ac_check_lib_save_LIBS=$LIBS LIBS="-lresolv $LIBS" cat >conftest.$ac_ext <<_ACEOF -#line 5065 "configure" +#line $LINENO "configure" #include "confdefs.h" /* Override any gcc2 internal prototype to avoid an error. */ @@ -5087,16 +5481,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:5090: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:5093: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:5096: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:5099: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_resolv_strcasecmp=yes else @@ -5107,21 +5501,22 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -echo "$as_me:5110: result: $ac_cv_lib_resolv_strcasecmp" >&5 +echo "$as_me:$LINENO: result: $ac_cv_lib_resolv_strcasecmp" >&5 echo "${ECHO_T}$ac_cv_lib_resolv_strcasecmp" >&6 if test $ac_cv_lib_resolv_strcasecmp = yes; then LIBS="$LIBS -lresolv" fi + fi -echo "$as_me:5118: checking for utimes" >&5 +echo "$as_me:$LINENO: checking for utimes" >&5 echo $ECHO_N "checking for utimes... $ECHO_C" >&6 if test "${ac_cv_func_utimes+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 5124 "configure" +#line $LINENO "configure" #include "confdefs.h" /* System header to define __stub macros and hopefully few prototypes, which can conflict with char utimes (); below. */ @@ -5158,16 +5553,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:5161: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:5164: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:5167: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:5170: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_func_utimes=yes else @@ -5177,12 +5572,12 @@ fi rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext fi -echo "$as_me:5180: result: $ac_cv_func_utimes" >&5 +echo "$as_me:$LINENO: result: $ac_cv_func_utimes" >&5 echo "${ECHO_T}$ac_cv_func_utimes" >&6 if test $ac_cv_func_utimes = yes; then : else - echo "$as_me:5185: checking for utimes in -lc89" >&5 + echo "$as_me:$LINENO: checking for utimes in -lc89" >&5 echo $ECHO_N "checking for utimes in -lc89... $ECHO_C" >&6 if test "${ac_cv_lib_c89_utimes+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -5190,7 +5585,7 @@ ac_check_lib_save_LIBS=$LIBS LIBS="-lc89 $LIBS" cat >conftest.$ac_ext <<_ACEOF -#line 5193 "configure" +#line $LINENO "configure" #include "confdefs.h" /* Override any gcc2 internal prototype to avoid an error. */ @@ -5215,16 +5610,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:5218: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:5221: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:5224: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:5227: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_c89_utimes=yes else @@ -5235,46 +5630,49 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -echo "$as_me:5238: result: $ac_cv_lib_c89_utimes" >&5 +echo "$as_me:$LINENO: result: $ac_cv_lib_c89_utimes" >&5 echo "${ECHO_T}$ac_cv_lib_c89_utimes" >&6 if test $ac_cv_lib_c89_utimes = yes; then LIBS="$LIBS -lc89" fi + fi + + for ac_header in libutil.h do as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` if eval "test \"\${$as_ac_Header+set}\" = set"; then - echo "$as_me:5250: checking for $ac_header" >&5 + echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 fi -echo "$as_me:5255: result: `eval echo '${'$as_ac_Header'}'`" >&5 +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 else # Is the header compilable? -echo "$as_me:5259: checking $ac_header usability" >&5 +echo "$as_me:$LINENO: checking $ac_header usability" >&5 echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 5262 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #include <$ac_header> _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:5268: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:5271: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:5274: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:5277: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_header_compiler=yes else @@ -5283,24 +5681,24 @@ ac_header_compiler=no fi rm -f conftest.$ac_objext conftest.$ac_ext -echo "$as_me:5286: result: $ac_header_compiler" >&5 +echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6 # Is the header present? -echo "$as_me:5290: checking $ac_header presence" >&5 +echo "$as_me:$LINENO: checking $ac_header presence" >&5 echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 5293 "configure" +#line $LINENO "configure" #include "confdefs.h" #include <$ac_header> _ACEOF -if { (eval echo "$as_me:5297: \"$ac_cpp conftest.$ac_ext\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? egrep -v '^ *\+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 - echo "$as_me:5303: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag @@ -5318,32 +5716,32 @@ ac_header_preproc=no fi rm -f conftest.err conftest.$ac_ext -echo "$as_me:5321: result: $ac_header_preproc" >&5 +echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 echo "${ECHO_T}$ac_header_preproc" >&6 # So? What about this header? case $ac_header_compiler:$ac_header_preproc in yes:no ) - { echo "$as_me:5327: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 + { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:5329: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; no:yes ) - { echo "$as_me:5332: WARNING: $ac_header: present but cannot be compiled." >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled." >&2;} - { echo "$as_me:5334: WARNING: $ac_header: check for missing prerequisite headers?" >&5 + { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 +echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:5336: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; esac -echo "$as_me:5339: checking for $ac_header" >&5 +echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else eval "$as_ac_Header=$ac_header_preproc" fi -echo "$as_me:5346: result: `eval echo '${'$as_ac_Header'}'`" >&5 +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 fi @@ -5356,7 +5754,7 @@ done -echo "$as_me:5359: checking for library containing login" >&5 +echo "$as_me:$LINENO: checking for library containing login" >&5 echo $ECHO_N "checking for library containing login... $ECHO_C" >&6 if test "${ac_cv_search_login+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -5364,7 +5762,7 @@ ac_func_search_save_LIBS=$LIBS ac_cv_search_login=no cat >conftest.$ac_ext <<_ACEOF -#line 5367 "configure" +#line $LINENO "configure" #include "confdefs.h" /* Override any gcc2 internal prototype to avoid an error. */ @@ -5389,16 +5787,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:5392: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:5395: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:5398: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:5401: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_search_login="none required" else @@ -5410,7 +5808,7 @@ for ac_lib in util bsd; do LIBS="-l$ac_lib $ac_func_search_save_LIBS" cat >conftest.$ac_ext <<_ACEOF -#line 5413 "configure" +#line $LINENO "configure" #include "confdefs.h" /* Override any gcc2 internal prototype to avoid an error. */ @@ -5435,16 +5833,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:5438: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:5441: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:5444: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:5447: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_search_login="-l$ac_lib" break @@ -5457,7 +5855,7 @@ fi LIBS=$ac_func_search_save_LIBS fi -echo "$as_me:5460: result: $ac_cv_search_login" >&5 +echo "$as_me:$LINENO: result: $ac_cv_search_login" >&5 echo "${ECHO_T}$ac_cv_search_login" >&6 if test "$ac_cv_search_login" != no; then test "$ac_cv_search_login" = "none required" || LIBS="$ac_cv_search_login $LIBS" @@ -5467,16 +5865,19 @@ fi + + + for ac_func in logout updwtmp logwtmp do as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -echo "$as_me:5473: checking for $ac_func" >&5 +echo "$as_me:$LINENO: checking for $ac_func" >&5 echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 if eval "test \"\${$as_ac_var+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 5479 "configure" +#line $LINENO "configure" #include "confdefs.h" /* System header to define __stub macros and hopefully few prototypes, which can conflict with char $ac_func (); below. */ @@ -5513,16 +5914,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:5516: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:5519: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:5522: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:5525: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then eval "$as_ac_var=yes" else @@ -5532,7 +5933,7 @@ fi rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext fi -echo "$as_me:5535: result: `eval echo '${'$as_ac_var'}'`" >&5 +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 if test `eval echo '${'$as_ac_var'}'` = yes; then cat >>confdefs.h <<_ACEOF @@ -5542,16 +5943,18 @@ fi done + + for ac_func in strftime do as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -echo "$as_me:5548: checking for $ac_func" >&5 +echo "$as_me:$LINENO: checking for $ac_func" >&5 echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 if eval "test \"\${$as_ac_var+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 5554 "configure" +#line $LINENO "configure" #include "confdefs.h" /* System header to define __stub macros and hopefully few prototypes, which can conflict with char $ac_func (); below. */ @@ -5588,16 +5991,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:5591: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:5594: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:5597: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:5600: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then eval "$as_ac_var=yes" else @@ -5607,7 +6010,7 @@ fi rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext fi -echo "$as_me:5610: result: `eval echo '${'$as_ac_var'}'`" >&5 +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 if test `eval echo '${'$as_ac_var'}'` = yes; then cat >>confdefs.h <<_ACEOF @@ -5616,7 +6019,7 @@ else # strftime is in -lintl on SCO UNIX. -echo "$as_me:5619: checking for strftime in -lintl" >&5 +echo "$as_me:$LINENO: checking for strftime in -lintl" >&5 echo $ECHO_N "checking for strftime in -lintl... $ECHO_C" >&6 if test "${ac_cv_lib_intl_strftime+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -5624,7 +6027,7 @@ ac_check_lib_save_LIBS=$LIBS LIBS="-lintl $LIBS" cat >conftest.$ac_ext <<_ACEOF -#line 5627 "configure" +#line $LINENO "configure" #include "confdefs.h" /* Override any gcc2 internal prototype to avoid an error. */ @@ -5649,16 +6052,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:5652: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:5655: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:5658: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:5661: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_intl_strftime=yes else @@ -5669,7 +6072,7 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -echo "$as_me:5672: result: $ac_cv_lib_intl_strftime" >&5 +echo "$as_me:$LINENO: result: $ac_cv_lib_intl_strftime" >&5 echo "${ECHO_T}$ac_cv_lib_intl_strftime" >&6 if test $ac_cv_lib_intl_strftime = yes; then cat >>confdefs.h <<\_ACEOF @@ -5682,11 +6085,12 @@ fi done + # Check for ALTDIRFUNC glob() extension -echo "$as_me:5686: checking for GLOB_ALTDIRFUNC support" >&5 +echo "$as_me:$LINENO: checking for GLOB_ALTDIRFUNC support" >&5 echo $ECHO_N "checking for GLOB_ALTDIRFUNC support... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 5689 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -5702,22 +6106,24 @@ #define GLOB_HAS_ALTDIRFUNC 1 _ACEOF - echo "$as_me:5705: result: yes" >&5 + echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 else - echo "$as_me:5710: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 + fi rm -f conftest* + # Check for g.gl_matchc glob() extension -echo "$as_me:5717: checking for gl_matchc field in glob_t" >&5 +echo "$as_me:$LINENO: checking for gl_matchc field in glob_t" >&5 echo $ECHO_N "checking for gl_matchc field in glob_t... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 5720 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -5731,26 +6137,28 @@ #define GLOB_HAS_GL_MATCHC 1 _ACEOF - echo "$as_me:5734: result: yes" >&5 + echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 else - echo "$as_me:5739: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 + fi rm -f conftest* -echo "$as_me:5745: checking whether struct dirent allocates space for d_name" >&5 + +echo "$as_me:$LINENO: checking whether struct dirent allocates space for d_name" >&5 echo $ECHO_N "checking whether struct dirent allocates space for d_name... $ECHO_C" >&6 if test "$cross_compiling" = yes; then - { { echo "$as_me:5748: error: cannot run test program while cross compiling" >&5 + { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling" >&5 echo "$as_me: error: cannot run test program while cross compiling" >&2;} { (exit 1); exit 1; }; } else cat >conftest.$ac_ext <<_ACEOF -#line 5753 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -5759,29 +6167,32 @@ _ACEOF rm -f conftest$ac_exeext -if { (eval echo "$as_me:5762: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:5765: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (eval echo "$as_me:5767: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:5770: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then - echo "$as_me:5772: result: yes" >&5 + echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 else echo "$as_me: program exited with status $ac_status" >&5 echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 +( exit $ac_status ) - echo "$as_me:5779: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 cat >>confdefs.h <<\_ACEOF #define BROKEN_ONE_BYTE_DIRENT_D_NAME 1 _ACEOF + + fi rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext fi @@ -5807,15 +6218,15 @@ LIBS="-lskey $LIBS" SKEY_MSG="yes" - echo "$as_me:5810: checking for s/key support" >&5 + echo "$as_me:$LINENO: checking for s/key support" >&5 echo $ECHO_N "checking for s/key support... $ECHO_C" >&6 if test "$cross_compiling" = yes; then - { { echo "$as_me:5813: error: cannot run test program while cross compiling" >&5 + { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling" >&5 echo "$as_me: error: cannot run test program while cross compiling" >&2;} { (exit 1); exit 1; }; } else cat >conftest.$ac_ext <<_ACEOF -#line 5818 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -5824,26 +6235,27 @@ _ACEOF rm -f conftest$ac_exeext -if { (eval echo "$as_me:5827: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:5830: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (eval echo "$as_me:5832: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:5835: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then - echo "$as_me:5837: result: yes" >&5 + echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 else echo "$as_me: program exited with status $ac_status" >&5 echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 +( exit $ac_status ) - echo "$as_me:5844: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 - { { echo "$as_me:5846: error: ** Incomplete or missing s/key libraries." >&5 + { { echo "$as_me:$LINENO: error: ** Incomplete or missing s/key libraries." >&5 echo "$as_me: error: ** Incomplete or missing s/key libraries." >&2;} { (exit 1); exit 1; }; } @@ -5852,6 +6264,7 @@ fi fi + fi; # Check whether user wants TCP wrappers support @@ -5887,10 +6300,10 @@ fi LIBWRAP="-lwrap" LIBS="$LIBWRAP $LIBS" - echo "$as_me:5890: checking for libwrap" >&5 + echo "$as_me:$LINENO: checking for libwrap" >&5 echo $ECHO_N "checking for libwrap... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 5893 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -5911,61 +6324,129 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:5914: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:5917: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:5920: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:5923: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then - echo "$as_me:5926: result: yes" >&5 + echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 cat >>confdefs.h <<\_ACEOF #define LIBWRAP 1 _ACEOF + TCPW_MSG="yes" else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 - { { echo "$as_me:5938: error: *** libwrap missing" >&5 + { { echo "$as_me:$LINENO: error: *** libwrap missing" >&5 echo "$as_me: error: *** libwrap missing" >&2;} { (exit 1); exit 1; }; } + fi rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext LIBS="$saved_LIBS" fi + fi; -for ac_func in arc4random atexit b64_ntop bcopy bindresvport_sa \ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +for ac_func in arc4random b64_ntop bcopy bindresvport_sa \ clock fchmod fchown freeaddrinfo futimes gai_strerror \ getaddrinfo getcwd getgrouplist getnameinfo getopt \ getrlimit getrusage getttyent glob inet_aton inet_ntoa \ inet_ntop innetgr login_getcapbool md5_crypt memmove \ - mkdtemp on_exit openpty readpassphrase realpath \ - rresvport_af setdtablesize setegid setenv seteuid \ - setlogin setproctitle setresgid setreuid setrlimit \ - setsid setvbuf sigaction sigvec snprintf strerror \ - strlcat strlcpy strmode strsep sysconf tcgetpgrp utimes \ + mkdtemp mmap ngetaddrinfo openpty ogetaddrinfo readpassphrase \ + realpath recvmsg rresvport_af sendmsg setdtablesize setegid \ + setenv seteuid setlogin setproctitle setresgid setreuid setrlimit \ + setsid setvbuf sigaction sigvec snprintf socketpair strerror \ + strlcat strlcpy strmode strsep sysconf tcgetpgrp truncate utimes \ vhangup vsnprintf waitpid __b64_ntop _getpty do as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -echo "$as_me:5962: checking for $ac_func" >&5 +echo "$as_me:$LINENO: checking for $ac_func" >&5 echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 if eval "test \"\${$as_ac_var+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 5968 "configure" +#line $LINENO "configure" #include "confdefs.h" /* System header to define __stub macros and hopefully few prototypes, which can conflict with char $ac_func (); below. */ @@ -6002,16 +6483,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:6005: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:6008: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:6011: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:6014: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then eval "$as_ac_var=yes" else @@ -6021,7 +6502,7 @@ fi rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext fi -echo "$as_me:6024: result: `eval echo '${'$as_ac_var'}'`" >&5 +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 if test `eval echo '${'$as_ac_var'}'` = yes; then cat >>confdefs.h <<_ACEOF @@ -6031,16 +6512,18 @@ fi done + + for ac_func in dirname do as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -echo "$as_me:6037: checking for $ac_func" >&5 +echo "$as_me:$LINENO: checking for $ac_func" >&5 echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 if eval "test \"\${$as_ac_var+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 6043 "configure" +#line $LINENO "configure" #include "confdefs.h" /* System header to define __stub macros and hopefully few prototypes, which can conflict with char $ac_func (); below. */ @@ -6077,16 +6560,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:6080: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:6083: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:6086: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:6089: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then eval "$as_ac_var=yes" else @@ -6096,7 +6579,7 @@ fi rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext fi -echo "$as_me:6099: result: `eval echo '${'$as_ac_var'}'`" >&5 +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 if test `eval echo '${'$as_ac_var'}'` = yes; then cat >>confdefs.h <<_ACEOF @@ -6107,34 +6590,34 @@ do as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` if eval "test \"\${$as_ac_Header+set}\" = set"; then - echo "$as_me:6110: checking for $ac_header" >&5 + echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 fi -echo "$as_me:6115: result: `eval echo '${'$as_ac_Header'}'`" >&5 +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 else # Is the header compilable? -echo "$as_me:6119: checking $ac_header usability" >&5 +echo "$as_me:$LINENO: checking $ac_header usability" >&5 echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 6122 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #include <$ac_header> _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:6128: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:6131: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:6134: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:6137: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_header_compiler=yes else @@ -6143,24 +6626,24 @@ ac_header_compiler=no fi rm -f conftest.$ac_objext conftest.$ac_ext -echo "$as_me:6146: result: $ac_header_compiler" >&5 +echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6 # Is the header present? -echo "$as_me:6150: checking $ac_header presence" >&5 +echo "$as_me:$LINENO: checking $ac_header presence" >&5 echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 6153 "configure" +#line $LINENO "configure" #include "confdefs.h" #include <$ac_header> _ACEOF -if { (eval echo "$as_me:6157: \"$ac_cpp conftest.$ac_ext\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? egrep -v '^ *\+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 - echo "$as_me:6163: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag @@ -6178,32 +6661,32 @@ ac_header_preproc=no fi rm -f conftest.err conftest.$ac_ext -echo "$as_me:6181: result: $ac_header_preproc" >&5 +echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 echo "${ECHO_T}$ac_header_preproc" >&6 # So? What about this header? case $ac_header_compiler:$ac_header_preproc in yes:no ) - { echo "$as_me:6187: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 + { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:6189: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; no:yes ) - { echo "$as_me:6192: WARNING: $ac_header: present but cannot be compiled." >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled." >&2;} - { echo "$as_me:6194: WARNING: $ac_header: check for missing prerequisite headers?" >&5 + { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 +echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:6196: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; esac -echo "$as_me:6199: checking for $ac_header" >&5 +echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else eval "$as_ac_Header=$ac_header_preproc" fi -echo "$as_me:6206: result: `eval echo '${'$as_ac_Header'}'`" >&5 +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 fi @@ -6218,7 +6701,7 @@ else - echo "$as_me:6221: checking for dirname in -lgen" >&5 + echo "$as_me:$LINENO: checking for dirname in -lgen" >&5 echo $ECHO_N "checking for dirname in -lgen... $ECHO_C" >&6 if test "${ac_cv_lib_gen_dirname+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -6226,7 +6709,7 @@ ac_check_lib_save_LIBS=$LIBS LIBS="-lgen $LIBS" cat >conftest.$ac_ext <<_ACEOF -#line 6229 "configure" +#line $LINENO "configure" #include "confdefs.h" /* Override any gcc2 internal prototype to avoid an error. */ @@ -6251,16 +6734,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:6254: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:6257: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:6260: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:6263: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_gen_dirname=yes else @@ -6271,11 +6754,11 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -echo "$as_me:6274: result: $ac_cv_lib_gen_dirname" >&5 +echo "$as_me:$LINENO: result: $ac_cv_lib_gen_dirname" >&5 echo "${ECHO_T}$ac_cv_lib_gen_dirname" >&6 if test $ac_cv_lib_gen_dirname = yes; then - echo "$as_me:6278: checking for broken dirname" >&5 + echo "$as_me:$LINENO: checking for broken dirname" >&5 echo $ECHO_N "checking for broken dirname... $ECHO_C" >&6 if test "${ac_cv_have_broken_dirname+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -6284,12 +6767,12 @@ save_LIBS="$LIBS" LIBS="$LIBS -lgen" if test "$cross_compiling" = yes; then - { { echo "$as_me:6287: error: cannot run test program while cross compiling" >&5 + { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling" >&5 echo "$as_me: error: cannot run test program while cross compiling" >&2;} { (exit 1); exit 1; }; } else cat >conftest.$ac_ext <<_ACEOF -#line 6292 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -6309,21 +6792,22 @@ _ACEOF rm -f conftest$ac_exeext -if { (eval echo "$as_me:6312: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:6315: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (eval echo "$as_me:6317: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:6320: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_have_broken_dirname="no" else echo "$as_me: program exited with status $ac_status" >&5 echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 +( exit $ac_status ) ac_cv_have_broken_dirname="yes" fi @@ -6332,7 +6816,7 @@ LIBS="$save_LIBS" fi -echo "$as_me:6335: result: $ac_cv_have_broken_dirname" >&5 +echo "$as_me:$LINENO: result: $ac_cv_have_broken_dirname" >&5 echo "${ECHO_T}$ac_cv_have_broken_dirname" >&6 if test "x$ac_cv_have_broken_dirname" = "xno" ; then LIBS="$LIBS -lgen" @@ -6340,38 +6824,39 @@ #define HAVE_DIRNAME 1 _ACEOF + for ac_header in libgen.h do as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` if eval "test \"\${$as_ac_Header+set}\" = set"; then - echo "$as_me:6347: checking for $ac_header" >&5 + echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 fi -echo "$as_me:6352: result: `eval echo '${'$as_ac_Header'}'`" >&5 +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 else # Is the header compilable? -echo "$as_me:6356: checking $ac_header usability" >&5 +echo "$as_me:$LINENO: checking $ac_header usability" >&5 echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 6359 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #include <$ac_header> _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:6365: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:6368: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:6371: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:6374: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_header_compiler=yes else @@ -6380,24 +6865,24 @@ ac_header_compiler=no fi rm -f conftest.$ac_objext conftest.$ac_ext -echo "$as_me:6383: result: $ac_header_compiler" >&5 +echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6 # Is the header present? -echo "$as_me:6387: checking $ac_header presence" >&5 +echo "$as_me:$LINENO: checking $ac_header presence" >&5 echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 6390 "configure" +#line $LINENO "configure" #include "confdefs.h" #include <$ac_header> _ACEOF -if { (eval echo "$as_me:6394: \"$ac_cpp conftest.$ac_ext\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? egrep -v '^ *\+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 - echo "$as_me:6400: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag @@ -6415,32 +6900,32 @@ ac_header_preproc=no fi rm -f conftest.err conftest.$ac_ext -echo "$as_me:6418: result: $ac_header_preproc" >&5 +echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 echo "${ECHO_T}$ac_header_preproc" >&6 # So? What about this header? case $ac_header_compiler:$ac_header_preproc in yes:no ) - { echo "$as_me:6424: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 + { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:6426: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; no:yes ) - { echo "$as_me:6429: WARNING: $ac_header: present but cannot be compiled." >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled." >&2;} - { echo "$as_me:6431: WARNING: $ac_header: check for missing prerequisite headers?" >&5 + { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 +echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:6433: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; esac -echo "$as_me:6436: checking for $ac_header" >&5 +echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else eval "$as_ac_Header=$ac_header_preproc" fi -echo "$as_me:6443: result: `eval echo '${'$as_ac_Header'}'`" >&5 +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 fi @@ -6457,19 +6942,23 @@ fi + fi done + + + for ac_func in gettimeofday time do as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -echo "$as_me:6466: checking for $ac_func" >&5 +echo "$as_me:$LINENO: checking for $ac_func" >&5 echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 if eval "test \"\${$as_ac_var+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 6472 "configure" +#line $LINENO "configure" #include "confdefs.h" /* System header to define __stub macros and hopefully few prototypes, which can conflict with char $ac_func (); below. */ @@ -6506,16 +6995,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:6509: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:6512: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:6515: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:6518: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then eval "$as_ac_var=yes" else @@ -6525,7 +7014,7 @@ fi rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext fi -echo "$as_me:6528: result: `eval echo '${'$as_ac_var'}'`" >&5 +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 if test `eval echo '${'$as_ac_var'}'` = yes; then cat >>confdefs.h <<_ACEOF @@ -6535,16 +7024,22 @@ fi done + + + + + + for ac_func in endutent getutent getutid getutline pututline setutent do as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -echo "$as_me:6541: checking for $ac_func" >&5 +echo "$as_me:$LINENO: checking for $ac_func" >&5 echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 if eval "test \"\${$as_ac_var+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 6547 "configure" +#line $LINENO "configure" #include "confdefs.h" /* System header to define __stub macros and hopefully few prototypes, which can conflict with char $ac_func (); below. */ @@ -6581,16 +7076,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:6584: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:6587: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:6590: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:6593: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then eval "$as_ac_var=yes" else @@ -6600,7 +7095,7 @@ fi rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext fi -echo "$as_me:6603: result: `eval echo '${'$as_ac_var'}'`" >&5 +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 if test `eval echo '${'$as_ac_var'}'` = yes; then cat >>confdefs.h <<_ACEOF @@ -6610,16 +7105,17 @@ fi done + for ac_func in utmpname do as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -echo "$as_me:6616: checking for $ac_func" >&5 +echo "$as_me:$LINENO: checking for $ac_func" >&5 echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 if eval "test \"\${$as_ac_var+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 6622 "configure" +#line $LINENO "configure" #include "confdefs.h" /* System header to define __stub macros and hopefully few prototypes, which can conflict with char $ac_func (); below. */ @@ -6656,16 +7152,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:6659: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:6662: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:6665: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:6668: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then eval "$as_ac_var=yes" else @@ -6675,7 +7171,7 @@ fi rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext fi -echo "$as_me:6678: result: `eval echo '${'$as_ac_var'}'`" >&5 +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 if test `eval echo '${'$as_ac_var'}'` = yes; then cat >>confdefs.h <<_ACEOF @@ -6685,16 +7181,21 @@ fi done + + + + + for ac_func in endutxent getutxent getutxid getutxline pututxline do as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -echo "$as_me:6691: checking for $ac_func" >&5 +echo "$as_me:$LINENO: checking for $ac_func" >&5 echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 if eval "test \"\${$as_ac_var+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 6697 "configure" +#line $LINENO "configure" #include "confdefs.h" /* System header to define __stub macros and hopefully few prototypes, which can conflict with char $ac_func (); below. */ @@ -6731,16 +7232,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:6734: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:6737: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:6740: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:6743: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then eval "$as_ac_var=yes" else @@ -6750,7 +7251,7 @@ fi rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext fi -echo "$as_me:6753: result: `eval echo '${'$as_ac_var'}'`" >&5 +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 if test `eval echo '${'$as_ac_var'}'` = yes; then cat >>confdefs.h <<_ACEOF @@ -6760,16 +7261,18 @@ fi done + + for ac_func in setutxent utmpxname do as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -echo "$as_me:6766: checking for $ac_func" >&5 +echo "$as_me:$LINENO: checking for $ac_func" >&5 echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 if eval "test \"\${$as_ac_var+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 6772 "configure" +#line $LINENO "configure" #include "confdefs.h" /* System header to define __stub macros and hopefully few prototypes, which can conflict with char $ac_func (); below. */ @@ -6806,16 +7309,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:6809: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:6812: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:6815: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:6818: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then eval "$as_ac_var=yes" else @@ -6825,7 +7328,7 @@ fi rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext fi -echo "$as_me:6828: result: `eval echo '${'$as_ac_var'}'`" >&5 +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 if test `eval echo '${'$as_ac_var'}'` = yes; then cat >>confdefs.h <<_ACEOF @@ -6835,13 +7338,14 @@ fi done -echo "$as_me:6838: checking for getuserattr" >&5 + +echo "$as_me:$LINENO: checking for getuserattr" >&5 echo $ECHO_N "checking for getuserattr... $ECHO_C" >&6 if test "${ac_cv_func_getuserattr+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 6844 "configure" +#line $LINENO "configure" #include "confdefs.h" /* System header to define __stub macros and hopefully few prototypes, which can conflict with char getuserattr (); below. */ @@ -6878,16 +7382,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:6881: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:6884: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:6887: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:6890: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_func_getuserattr=yes else @@ -6897,7 +7401,7 @@ fi rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext fi -echo "$as_me:6900: result: $ac_cv_func_getuserattr" >&5 +echo "$as_me:$LINENO: result: $ac_cv_func_getuserattr" >&5 echo "${ECHO_T}$ac_cv_func_getuserattr" >&6 if test $ac_cv_func_getuserattr = yes; then cat >>confdefs.h <<\_ACEOF @@ -6905,7 +7409,7 @@ _ACEOF else - echo "$as_me:6908: checking for getuserattr in -ls" >&5 + echo "$as_me:$LINENO: checking for getuserattr in -ls" >&5 echo $ECHO_N "checking for getuserattr in -ls... $ECHO_C" >&6 if test "${ac_cv_lib_s_getuserattr+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -6913,7 +7417,7 @@ ac_check_lib_save_LIBS=$LIBS LIBS="-ls $LIBS" cat >conftest.$ac_ext <<_ACEOF -#line 6916 "configure" +#line $LINENO "configure" #include "confdefs.h" /* Override any gcc2 internal prototype to avoid an error. */ @@ -6938,16 +7442,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:6941: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:6944: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:6947: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:6950: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_s_getuserattr=yes else @@ -6958,7 +7462,7 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -echo "$as_me:6961: result: $ac_cv_lib_s_getuserattr" >&5 +echo "$as_me:$LINENO: result: $ac_cv_lib_s_getuserattr" >&5 echo "${ECHO_T}$ac_cv_lib_s_getuserattr" >&6 if test $ac_cv_lib_s_getuserattr = yes; then LIBS="$LIBS -ls"; cat >>confdefs.h <<\_ACEOF @@ -6967,15 +7471,17 @@ fi + fi -echo "$as_me:6972: checking for daemon" >&5 + +echo "$as_me:$LINENO: checking for daemon" >&5 echo $ECHO_N "checking for daemon... $ECHO_C" >&6 if test "${ac_cv_func_daemon+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 6978 "configure" +#line $LINENO "configure" #include "confdefs.h" /* System header to define __stub macros and hopefully few prototypes, which can conflict with char daemon (); below. */ @@ -7012,16 +7518,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:7015: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:7018: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:7021: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:7024: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_func_daemon=yes else @@ -7031,7 +7537,7 @@ fi rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext fi -echo "$as_me:7034: result: $ac_cv_func_daemon" >&5 +echo "$as_me:$LINENO: result: $ac_cv_func_daemon" >&5 echo "${ECHO_T}$ac_cv_func_daemon" >&6 if test $ac_cv_func_daemon = yes; then cat >>confdefs.h <<\_ACEOF @@ -7039,7 +7545,7 @@ _ACEOF else - echo "$as_me:7042: checking for daemon in -lbsd" >&5 + echo "$as_me:$LINENO: checking for daemon in -lbsd" >&5 echo $ECHO_N "checking for daemon in -lbsd... $ECHO_C" >&6 if test "${ac_cv_lib_bsd_daemon+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -7047,7 +7553,7 @@ ac_check_lib_save_LIBS=$LIBS LIBS="-lbsd $LIBS" cat >conftest.$ac_ext <<_ACEOF -#line 7050 "configure" +#line $LINENO "configure" #include "confdefs.h" /* Override any gcc2 internal prototype to avoid an error. */ @@ -7072,16 +7578,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:7075: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:7078: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:7081: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:7084: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_bsd_daemon=yes else @@ -7092,7 +7598,7 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -echo "$as_me:7095: result: $ac_cv_lib_bsd_daemon" >&5 +echo "$as_me:$LINENO: result: $ac_cv_lib_bsd_daemon" >&5 echo "${ECHO_T}$ac_cv_lib_bsd_daemon" >&6 if test $ac_cv_lib_bsd_daemon = yes; then LIBS="$LIBS -lbsd"; cat >>confdefs.h <<\_ACEOF @@ -7101,15 +7607,17 @@ fi + fi -echo "$as_me:7106: checking for getpagesize" >&5 + +echo "$as_me:$LINENO: checking for getpagesize" >&5 echo $ECHO_N "checking for getpagesize... $ECHO_C" >&6 if test "${ac_cv_func_getpagesize+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 7112 "configure" +#line $LINENO "configure" #include "confdefs.h" /* System header to define __stub macros and hopefully few prototypes, which can conflict with char getpagesize (); below. */ @@ -7146,16 +7654,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:7149: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:7152: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:7155: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:7158: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_func_getpagesize=yes else @@ -7165,7 +7673,7 @@ fi rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext fi -echo "$as_me:7168: result: $ac_cv_func_getpagesize" >&5 +echo "$as_me:$LINENO: result: $ac_cv_func_getpagesize" >&5 echo "${ECHO_T}$ac_cv_func_getpagesize" >&6 if test $ac_cv_func_getpagesize = yes; then cat >>confdefs.h <<\_ACEOF @@ -7173,7 +7681,7 @@ _ACEOF else - echo "$as_me:7176: checking for getpagesize in -lucb" >&5 + echo "$as_me:$LINENO: checking for getpagesize in -lucb" >&5 echo $ECHO_N "checking for getpagesize in -lucb... $ECHO_C" >&6 if test "${ac_cv_lib_ucb_getpagesize+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -7181,7 +7689,7 @@ ac_check_lib_save_LIBS=$LIBS LIBS="-lucb $LIBS" cat >conftest.$ac_ext <<_ACEOF -#line 7184 "configure" +#line $LINENO "configure" #include "confdefs.h" /* Override any gcc2 internal prototype to avoid an error. */ @@ -7206,16 +7714,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:7209: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:7212: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:7215: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:7218: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_ucb_getpagesize=yes else @@ -7226,7 +7734,7 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -echo "$as_me:7229: result: $ac_cv_lib_ucb_getpagesize" >&5 +echo "$as_me:$LINENO: result: $ac_cv_lib_ucb_getpagesize" >&5 echo "${ECHO_T}$ac_cv_lib_ucb_getpagesize" >&6 if test $ac_cv_lib_ucb_getpagesize = yes; then LIBS="$LIBS -lucb"; cat >>confdefs.h <<\_ACEOF @@ -7235,19 +7743,21 @@ fi + fi + # Check for broken snprintf if test "x$ac_cv_func_snprintf" = "xyes" ; then - echo "$as_me:7242: checking whether snprintf correctly terminates long strings" >&5 + echo "$as_me:$LINENO: checking whether snprintf correctly terminates long strings" >&5 echo $ECHO_N "checking whether snprintf correctly terminates long strings... $ECHO_C" >&6 if test "$cross_compiling" = yes; then - { { echo "$as_me:7245: error: cannot run test program while cross compiling" >&5 + { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling" >&5 echo "$as_me: error: cannot run test program while cross compiling" >&2;} { (exit 1); exit 1; }; } else cat >conftest.$ac_ext <<_ACEOF -#line 7250 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -7255,45 +7765,47 @@ _ACEOF rm -f conftest$ac_exeext -if { (eval echo "$as_me:7258: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:7261: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (eval echo "$as_me:7263: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:7266: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then - echo "$as_me:7268: result: yes" >&5 + echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 else echo "$as_me: program exited with status $ac_status" >&5 echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 +( exit $ac_status ) - echo "$as_me:7275: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 cat >>confdefs.h <<\_ACEOF #define BROKEN_SNPRINTF 1 _ACEOF - { echo "$as_me:7281: WARNING: ****** Your snprintf() function is broken, complain to your vendor" >&5 + { echo "$as_me:$LINENO: WARNING: ****** Your snprintf() function is broken, complain to your vendor" >&5 echo "$as_me: WARNING: ****** Your snprintf() function is broken, complain to your vendor" >&2;} + fi rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext fi fi -echo "$as_me:7289: checking whether getpgrp takes no argument" >&5 -echo $ECHO_N "checking whether getpgrp takes no argument... $ECHO_C" >&6 +echo "$as_me:$LINENO: checking whether getpgrp requires zero arguments" >&5 +echo $ECHO_N "checking whether getpgrp requires zero arguments... $ECHO_C" >&6 if test "${ac_cv_func_getpgrp_void+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else # Use it with a single arg. cat >conftest.$ac_ext <<_ACEOF -#line 7296 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #ifdef F77_DUMMY_MAIN @@ -7311,149 +7823,27 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:7314: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - echo "$as_me:7317: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:7320: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:7323: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_func_getpgrp_1=yes -else - echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 -ac_func_getpgrp_1=no -fi -rm -f conftest.$ac_objext conftest.$ac_ext -# Use it with no arg. -cat >conftest.$ac_ext <<_ACEOF -#line 7334 "configure" -#include "confdefs.h" -$ac_includes_default -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif -int -main () -{ -getpgrp (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (eval echo "$as_me:7352: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:7355: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:7358: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:7361: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then - ac_func_getpgrp_0=yes + ac_cv_func_getpgrp_void=no else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 -ac_func_getpgrp_0=no +ac_cv_func_getpgrp_void=yes fi rm -f conftest.$ac_objext conftest.$ac_ext -# If both static checks agree, we are done. -case $ac_func_getpgrp_0:$ac_func_getpgrp_1 in - yes:no) ac_cv_func_getpgrp_void=yes;; - no:yes) ac_cv_func_getpgrp_void=false;; - *) if test "$cross_compiling" = yes; then - { { echo "$as_me:7375: error: cannot check getpgrp if cross compiling" >&5 -echo "$as_me: error: cannot check getpgrp if cross compiling" >&2;} - { (exit 1); exit 1; }; } -else - cat >conftest.$ac_ext <<_ACEOF -#line 7380 "configure" -#include "confdefs.h" -$ac_includes_default - -/* - * If this system has a BSD-style getpgrp(), - * which takes a pid argument, exit unsuccessfully. - * - * Snarfed from Chet Ramey's bash pgrp.c test program - */ - -int pid; -int pg1, pg2, pg3, pg4; -int ng, np, s, child; - -int -main () -{ - pid = getpid (); - pg1 = getpgrp (0); - pg2 = getpgrp (); - pg3 = getpgrp (pid); - pg4 = getpgrp (1); - - /* If all of these values are the same, it's pretty sure that we're - on a system that ignores getpgrp's first argument. */ - if (pg2 == pg4 && pg1 == pg3 && pg2 == pg3) - exit (0); - child = fork (); - if (child < 0) - exit(1); - else if (child == 0) - { - np = getpid (); - /* If this is Sys V, this will not work; pgrp will be set to np - because setpgrp just changes a pgrp to be the same as the - pid. */ - setpgrp (np, pg1); - ng = getpgrp (0); /* Same result for Sys V and BSD */ - if (ng == pg1) - exit (1); - else - exit (0); - } - else - { - wait (&s); - exit (s>>8); - } -} - -_ACEOF -rm -f conftest$ac_exeext -if { (eval echo "$as_me:7434: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 - ac_status=$? - echo "$as_me:7437: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (eval echo "$as_me:7439: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:7442: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_cv_func_getpgrp_void=yes -else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 -ac_cv_func_getpgrp_void=no fi -rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext -fi;; -esac # $ac_func_getpgrp_0:$ac_func_getpgrp_1 - -fi -echo "$as_me:7456: result: $ac_cv_func_getpgrp_void" >&5 +echo "$as_me:$LINENO: result: $ac_cv_func_getpgrp_void" >&5 echo "${ECHO_T}$ac_cv_func_getpgrp_void" >&6 if test $ac_cv_func_getpgrp_void = yes; then @@ -7463,6 +7853,7 @@ fi + # Check for PAM libs PAM_MSG="no" @@ -7472,12 +7863,13 @@ if test "x$withval" != "xno" ; then if test "x$ac_cv_header_security_pam_appl_h" != "xyes" ; then - { { echo "$as_me:7475: error: PAM headers not found" >&5 + { { echo "$as_me:$LINENO: error: PAM headers not found" >&5 echo "$as_me: error: PAM headers not found" >&2;} { (exit 1); exit 1; }; } fi -echo "$as_me:7480: checking for dlopen in -ldl" >&5 + +echo "$as_me:$LINENO: checking for dlopen in -ldl" >&5 echo $ECHO_N "checking for dlopen in -ldl... $ECHO_C" >&6 if test "${ac_cv_lib_dl_dlopen+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -7485,7 +7877,7 @@ ac_check_lib_save_LIBS=$LIBS LIBS="-ldl $LIBS" cat >conftest.$ac_ext <<_ACEOF -#line 7488 "configure" +#line $LINENO "configure" #include "confdefs.h" /* Override any gcc2 internal prototype to avoid an error. */ @@ -7510,16 +7902,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:7513: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:7516: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:7519: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:7522: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_dl_dlopen=yes else @@ -7530,7 +7922,7 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -echo "$as_me:7533: result: $ac_cv_lib_dl_dlopen" >&5 +echo "$as_me:$LINENO: result: $ac_cv_lib_dl_dlopen" >&5 echo "${ECHO_T}$ac_cv_lib_dl_dlopen" >&6 if test $ac_cv_lib_dl_dlopen = yes; then cat >>confdefs.h <<_ACEOF @@ -7541,7 +7933,8 @@ fi -echo "$as_me:7544: checking for pam_set_item in -lpam" >&5 + +echo "$as_me:$LINENO: checking for pam_set_item in -lpam" >&5 echo $ECHO_N "checking for pam_set_item in -lpam... $ECHO_C" >&6 if test "${ac_cv_lib_pam_pam_set_item+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -7549,7 +7942,7 @@ ac_check_lib_save_LIBS=$LIBS LIBS="-lpam $LIBS" cat >conftest.$ac_ext <<_ACEOF -#line 7552 "configure" +#line $LINENO "configure" #include "confdefs.h" /* Override any gcc2 internal prototype to avoid an error. */ @@ -7574,16 +7967,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:7577: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:7580: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:7583: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:7586: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_pam_pam_set_item=yes else @@ -7594,7 +7987,7 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -echo "$as_me:7597: result: $ac_cv_lib_pam_pam_set_item" >&5 +echo "$as_me:$LINENO: result: $ac_cv_lib_pam_pam_set_item" >&5 echo "${ECHO_T}$ac_cv_lib_pam_pam_set_item" >&6 if test $ac_cv_lib_pam_pam_set_item = yes; then cat >>confdefs.h <<_ACEOF @@ -7604,21 +7997,22 @@ LIBS="-lpam $LIBS" else - { { echo "$as_me:7607: error: *** libpam missing" >&5 + { { echo "$as_me:$LINENO: error: *** libpam missing" >&5 echo "$as_me: error: *** libpam missing" >&2;} { (exit 1); exit 1; }; } fi + for ac_func in pam_getenvlist do as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -echo "$as_me:7615: checking for $ac_func" >&5 +echo "$as_me:$LINENO: checking for $ac_func" >&5 echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 if eval "test \"\${$as_ac_var+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 7621 "configure" +#line $LINENO "configure" #include "confdefs.h" /* System header to define __stub macros and hopefully few prototypes, which can conflict with char $ac_func (); below. */ @@ -7655,16 +8049,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:7658: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:7661: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:7664: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:7667: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then eval "$as_ac_var=yes" else @@ -7674,7 +8068,7 @@ fi rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext fi -echo "$as_me:7677: result: `eval echo '${'$as_ac_var'}'`" >&5 +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 if test `eval echo '${'$as_ac_var'}'` = yes; then cat >>confdefs.h <<_ACEOF @@ -7684,6 +8078,7 @@ fi done + disable_shadow=yes PAM_MSG="yes" @@ -7699,15 +8094,16 @@ fi + fi; # Check for older PAM if test "x$PAM_MSG" = "xyes" ; then # Check PAM strerror arguments (old PAM) - echo "$as_me:7707: checking whether pam_strerror takes only one argument" >&5 + echo "$as_me:$LINENO: checking whether pam_strerror takes only one argument" >&5 echo $ECHO_N "checking whether pam_strerror takes only one argument... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 7710 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -7728,18 +8124,18 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:7731: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:7734: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:7737: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:7740: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then - echo "$as_me:7742: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 else echo "$as_me: failed program was:" >&5 @@ -7749,260 +8145,166 @@ #define HAVE_OLD_PAM 1 _ACEOF - echo "$as_me:7752: result: yes" >&5 + echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 PAM_MSG="yes (old library)" + fi rm -f conftest.$ac_objext conftest.$ac_ext fi -# The big search for OpenSSL +# Search for OpenSSL +saved_CPPFLAGS="$CPPFLAGS" +saved_LDFLAGS="$LDFLAGS" # Check whether --with-ssl-dir or --without-ssl-dir was given. if test "${with_ssl_dir+set}" = set; then withval="$with_ssl_dir" if test "x$withval" != "xno" ; then - tryssldir=$withval - fi - -fi; - -saved_LIBS="$LIBS" -saved_LDFLAGS="$LDFLAGS" -saved_CPPFLAGS="$CPPFLAGS" -if test "x$prefix" != "xNONE" ; then - tryssldir="$tryssldir $prefix" -fi -echo "$as_me:7778: checking for OpenSSL directory" >&5 -echo $ECHO_N "checking for OpenSSL directory... $ECHO_C" >&6 -if test "${ac_cv_openssldir+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - - for ssldir in $tryssldir "" /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl ; do - CPPFLAGS="$saved_CPPFLAGS" - LDFLAGS="$saved_LDFLAGS" - LIBS="$saved_LIBS -lcrypto" - - # Skip directories if they don't exist - if test ! -z "$ssldir" -a ! -d "$ssldir" ; then - continue; - fi - if test ! -z "$ssldir" -a "x$ssldir" != "x/usr"; then - # Try to use $ssldir/lib if it exists, otherwise - # $ssldir - if test -d "$ssldir/lib" ; then - LDFLAGS="-L$ssldir/lib $saved_LDFLAGS" - if test ! -z "$need_dash_r" ; then - LDFLAGS="-R$ssldir/lib $LDFLAGS" + if test -d "$withval/lib"; then + if test -n "${need_dash_r}"; then + LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" + else + LDFLAGS="-L${withval}/lib ${LDFLAGS}" fi else - LDFLAGS="-L$ssldir $saved_LDFLAGS" - if test ! -z "$need_dash_r" ; then - LDFLAGS="-R$ssldir $LDFLAGS" + if test -n "${need_dash_r}"; then + LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" + else + LDFLAGS="-L${withval} ${LDFLAGS}" fi fi - # Try to use $ssldir/include if it exists, otherwise - # $ssldir - if test -d "$ssldir/include" ; then - CPPFLAGS="-I$ssldir/include $saved_CPPFLAGS" + if test -d "$withval/include"; then + CPPFLAGS="-I${withval}/include ${CPPFLAGS}" else - CPPFLAGS="-I$ssldir $saved_CPPFLAGS" + CPPFLAGS="-I${withval} ${CPPFLAGS}" fi fi - # Basic test to check for compatible version and correct linking - # *does not* test for RSA - that comes later. - if test "$cross_compiling" = yes; then - { { echo "$as_me:7819: error: cannot run test program while cross compiling" >&5 -echo "$as_me: error: cannot run test program while cross compiling" >&2;} - { (exit 1); exit 1; }; } -else - cat >conftest.$ac_ext <<_ACEOF -#line 7824 "configure" + +fi; +LIBS="$LIBS -lcrypto" +cat >conftest.$ac_ext <<_ACEOF +#line $LINENO "configure" #include "confdefs.h" -#include -#include -int main(void) +/* Override any gcc2 internal prototype to avoid an error. */ +#ifdef __cplusplus +extern "C" +#endif +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char RAND_add (); +#ifdef F77_DUMMY_MAIN +# ifdef __cplusplus + extern "C" +# endif + int F77_DUMMY_MAIN() { return 1; } +#endif +int +main () { - char a[2048]; - memset(a, 0, sizeof(a)); - RAND_add(a, sizeof(a), sizeof(a)); - return(RAND_status() <= 0); +RAND_add (); + ; + return 0; } - _ACEOF -rm -f conftest$ac_exeext -if { (eval echo "$as_me:7839: \"$ac_link\"") >&5 +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:7842: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (eval echo "$as_me:7844: \"$ac_try\"") >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:7847: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then - - found_crypto=1 - break; + cat >>confdefs.h <<\_ACEOF +#define HAVE_OPENSSL 1 +_ACEOF else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 + echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 -fi -rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext -fi - - if test ! -z "$found_crypto" ; then - break; + if test -n "${need_dash_r}"; then + LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}" + else + LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}" fi - done + CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}" + cat >conftest.$ac_ext <<_ACEOF +#line $LINENO "configure" +#include "confdefs.h" - if test -z "$found_crypto" ; then - { { echo "$as_me:7868: error: Could not find working OpenSSL library, please install or check config.log" >&5 -echo "$as_me: error: Could not find working OpenSSL library, please install or check config.log" >&2;} - { (exit 1); exit 1; }; } - fi - if test -z "$ssldir" ; then - ssldir="(system)" - fi - - ac_cv_openssldir=$ssldir - -fi -echo "$as_me:7879: result: $ac_cv_openssldir" >&5 -echo "${ECHO_T}$ac_cv_openssldir" >&6 - -if (test ! -z "$ac_cv_openssldir" && test "x$ac_cv_openssldir" != "x(system)") ; then - cat >>confdefs.h <<\_ACEOF -#define HAVE_OPENSSL 1 -_ACEOF - - ssldir=$ac_cv_openssldir - if test ! -z "$ssldir" -a "x$ssldir" != "x/usr"; then - # Try to use $ssldir/lib if it exists, otherwise - # $ssldir - if test -d "$ssldir/lib" ; then - LDFLAGS="-L$ssldir/lib $saved_LDFLAGS" - if test ! -z "$need_dash_r" ; then - LDFLAGS="-R$ssldir/lib $LDFLAGS" - fi - else - LDFLAGS="-L$ssldir $saved_LDFLAGS" - if test ! -z "$need_dash_r" ; then - LDFLAGS="-R$ssldir $LDFLAGS" - fi - fi - # Try to use $ssldir/include if it exists, otherwise - # $ssldir - if test -d "$ssldir/include" ; then - CPPFLAGS="-I$ssldir/include $saved_CPPFLAGS" - else - CPPFLAGS="-I$ssldir $saved_CPPFLAGS" - fi - fi -fi -LIBS="$saved_LIBS -lcrypto" - -# Now test RSA support -saved_LIBS="$LIBS" -echo "$as_me:7915: checking for RSA support" >&5 -echo $ECHO_N "checking for RSA support... $ECHO_C" >&6 -for WANTS_RSAREF in "" 1 ; do - if test -z "$WANTS_RSAREF" ; then - LIBS="$saved_LIBS" - else - LIBS="$saved_LIBS -lRSAglue -lrsaref" - fi - if test "$cross_compiling" = yes; then - { { echo "$as_me:7924: error: cannot run test program while cross compiling" >&5 -echo "$as_me: error: cannot run test program while cross compiling" >&2;} - { (exit 1); exit 1; }; } -else - cat >conftest.$ac_ext <<_ACEOF -#line 7929 "configure" -#include "confdefs.h" - -#include -#include -#include -#include -#include -int main(void) -{ - int num; RSA *key; static unsigned char p_in[] = "blahblah"; - unsigned char c[256], p[256]; - memset(c, 0, sizeof(c)); RAND_add(c, sizeof(c), sizeof(c)); - if ((key=RSA_generate_key(512, 3, NULL, NULL))==NULL) return(1); - num = RSA_public_encrypt(sizeof(p_in) - 1, p_in, c, key, RSA_PKCS1_PADDING); - return(-1 == RSA_private_decrypt(num, c, p, key, RSA_PKCS1_PADDING)); +/* Override any gcc2 internal prototype to avoid an error. */ +#ifdef __cplusplus +extern "C" +#endif +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char RAND_add (); +#ifdef F77_DUMMY_MAIN +# ifdef __cplusplus + extern "C" +# endif + int F77_DUMMY_MAIN() { return 1; } +#endif +int +main () +{ +RAND_add (); + ; + return 0; } - _ACEOF -rm -f conftest$ac_exeext -if { (eval echo "$as_me:7949: \"$ac_link\"") >&5 +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:7952: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (eval echo "$as_me:7954: \"$ac_try\"") >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:7957: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then - - rsa_works=1 - break; + cat >>confdefs.h <<\_ACEOF +#define HAVE_OPENSSL 1 +_ACEOF else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 + echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 + + { { echo "$as_me:$LINENO: error: *** Can't find recent OpenSSL libcrypto (see config.log for details) ***" >&5 +echo "$as_me: error: *** Can't find recent OpenSSL libcrypto (see config.log for details) ***" >&2;} + { (exit 1); exit 1; }; } + + fi -rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext -fi -done -LIBS="$saved_LIBS" +rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext + -if test ! -z "$no_rsa" ; then - echo "$as_me:7974: result: disabled" >&5 -echo "${ECHO_T}disabled" >&6 - RSA_MSG="disabled" -else - if test -z "$rsa_works" ; then - { echo "$as_me:7979: WARNING: *** No RSA support found *** " >&5 -echo "$as_me: WARNING: *** No RSA support found *** " >&2;} - RSA_MSG="no" - else - if test -z "$WANTS_RSAREF" ; then - echo "$as_me:7984: result: yes" >&5 -echo "${ECHO_T}yes" >&6 - RSA_MSG="yes" - else - RSA_MSG="yes (using RSAref)" - echo "$as_me:7989: result: using RSAref" >&5 -echo "${ECHO_T}using RSAref" >&6 - LIBS="$LIBS -lcrypto -lRSAglue -lrsaref" - fi - fi fi +rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext + # Sanity check OpenSSL headers -echo "$as_me:7997: checking whether OpenSSL's headers match the library" >&5 +echo "$as_me:$LINENO: checking whether OpenSSL's headers match the library" >&5 echo $ECHO_N "checking whether OpenSSL's headers match the library... $ECHO_C" >&6 if test "$cross_compiling" = yes; then - { { echo "$as_me:8000: error: cannot run test program while cross compiling" >&5 + { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling" >&5 echo "$as_me: error: cannot run test program while cross compiling" >&2;} { (exit 1); exit 1; }; } else cat >conftest.$ac_ext <<_ACEOF -#line 8005 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -8011,31 +8313,33 @@ _ACEOF rm -f conftest$ac_exeext -if { (eval echo "$as_me:8014: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:8017: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (eval echo "$as_me:8019: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:8022: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then - echo "$as_me:8025: result: yes" >&5 + echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 else echo "$as_me: program exited with status $ac_status" >&5 echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 +( exit $ac_status ) - echo "$as_me:8033: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 - { { echo "$as_me:8035: error: Your OpenSSL headers do not match your library" >&5 + { { echo "$as_me:$LINENO: error: Your OpenSSL headers do not match your library" >&5 echo "$as_me: error: Your OpenSSL headers do not match your library" >&2;} { (exit 1); exit 1; }; } + fi rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext fi @@ -8043,7 +8347,7 @@ # Some Linux systems (Slackware) need crypt() from libcrypt, *not* the # version in OpenSSL. Skip this for PAM if test "x$PAM_MSG" = "xno" -a "x$check_for_libcrypt_later" = "x1"; then - echo "$as_me:8046: checking for crypt in -lcrypt" >&5 + echo "$as_me:$LINENO: checking for crypt in -lcrypt" >&5 echo $ECHO_N "checking for crypt in -lcrypt... $ECHO_C" >&6 if test "${ac_cv_lib_crypt_crypt+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -8051,7 +8355,7 @@ ac_check_lib_save_LIBS=$LIBS LIBS="-lcrypt $LIBS" cat >conftest.$ac_ext <<_ACEOF -#line 8054 "configure" +#line $LINENO "configure" #include "confdefs.h" /* Override any gcc2 internal prototype to avoid an error. */ @@ -8076,16 +8380,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:8079: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:8082: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:8085: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:8088: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_crypt_crypt=yes else @@ -8096,7 +8400,7 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -echo "$as_me:8099: result: $ac_cv_lib_crypt_crypt" >&5 +echo "$as_me:$LINENO: result: $ac_cv_lib_crypt_crypt" >&5 echo "${ECHO_T}$ac_cv_lib_crypt_crypt" >&6 if test $ac_cv_lib_crypt_crypt = yes; then LIBS="$LIBS -lcrypt" @@ -8104,18 +8408,19 @@ fi + ### Configure cryptographic random number support # Check wheter OpenSSL seeds itself -echo "$as_me:8110: checking whether OpenSSL's PRNG is internally seeded" >&5 +echo "$as_me:$LINENO: checking whether OpenSSL's PRNG is internally seeded" >&5 echo $ECHO_N "checking whether OpenSSL's PRNG is internally seeded... $ECHO_C" >&6 if test "$cross_compiling" = yes; then - { { echo "$as_me:8113: error: cannot run test program while cross compiling" >&5 + { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling" >&5 echo "$as_me: error: cannot run test program while cross compiling" >&2;} { (exit 1); exit 1; }; } else cat >conftest.$ac_ext <<_ACEOF -#line 8118 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -8124,36 +8429,39 @@ _ACEOF rm -f conftest$ac_exeext -if { (eval echo "$as_me:8127: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:8130: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (eval echo "$as_me:8132: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:8135: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then OPENSSL_SEEDS_ITSELF=yes - echo "$as_me:8139: result: yes" >&5 + echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 else echo "$as_me: program exited with status $ac_status" >&5 echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 +( exit $ac_status ) - echo "$as_me:8147: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 # Default to use of the rand helper if OpenSSL doesn't # seed itself USE_RAND_HELPER=yes + fi rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext fi + # Do we want to force the use of the rand helper? # Check whether --with-rand-helper or --without-rand-helper was given. @@ -8164,7 +8472,7 @@ # Force use of OpenSSL's internal RNG, even if # the previous test showed it to be unseeded. if test -z "$OPENSSL_SEEDS_ITSELF" ; then - { echo "$as_me:8167: WARNING: *** Forcing use of OpenSSL's non-self-seeding PRNG" >&5 + { echo "$as_me:$LINENO: WARNING: *** Forcing use of OpenSSL's non-self-seeding PRNG" >&5 echo "$as_me: WARNING: *** Forcing use of OpenSSL's non-self-seeding PRNG" >&2;} OPENSSL_SEEDS_ITSELF=yes USE_RAND_HELPER="" @@ -8190,6 +8498,7 @@ INSTALL_SSH_RAND_HELPER="yes" fi + ### Configuration of ssh-rand-helper # PRNGD TCP socket @@ -8205,7 +8514,7 @@ [0-9]*) ;; *) - { { echo "$as_me:8208: error: You must specify a numeric port number for --with-prngd-port" >&5 + { { echo "$as_me:$LINENO: error: You must specify a numeric port number for --with-prngd-port" >&5 echo "$as_me: error: You must specify a numeric port number for --with-prngd-port" >&2;} { (exit 1); exit 1; }; } ;; @@ -8218,6 +8527,7 @@ fi + fi; # PRNGD Unix domain socket @@ -8236,7 +8546,7 @@ /*) ;; *) - { { echo "$as_me:8239: error: You must specify an absolute path to the entropy socket" >&5 + { { echo "$as_me:$LINENO: error: You must specify an absolute path to the entropy socket" >&5 echo "$as_me: error: You must specify an absolute path to the entropy socket" >&2;} { (exit 1); exit 1; }; } ;; @@ -8244,12 +8554,12 @@ if test ! -z "$withval" ; then if test ! -z "$PRNGD_PORT" ; then - { { echo "$as_me:8247: error: You may not specify both a PRNGD/EGD port and socket" >&5 + { { echo "$as_me:$LINENO: error: You may not specify both a PRNGD/EGD port and socket" >&5 echo "$as_me: error: You may not specify both a PRNGD/EGD port and socket" >&2;} { (exit 1); exit 1; }; } fi if test ! -r "$withval" ; then - { echo "$as_me:8252: WARNING: Entropy socket is not readable" >&5 + { echo "$as_me:$LINENO: WARNING: Entropy socket is not readable" >&5 echo "$as_me: WARNING: Entropy socket is not readable" >&2;} fi PRNGD_SOCKET="$withval" @@ -8263,7 +8573,7 @@ # Check for existing socket only if we don't have a random device already if test "$USE_RAND_HELPER" = yes ; then - echo "$as_me:8266: checking for PRNGD/EGD socket" >&5 + echo "$as_me:$LINENO: checking for PRNGD/EGD socket" >&5 echo $ECHO_N "checking for PRNGD/EGD socket... $ECHO_C" >&6 # Insert other locations here for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do @@ -8277,14 +8587,15 @@ fi done if test ! -z "$PRNGD_SOCKET" ; then - echo "$as_me:8280: result: $PRNGD_SOCKET" >&5 + echo "$as_me:$LINENO: result: $PRNGD_SOCKET" >&5 echo "${ECHO_T}$PRNGD_SOCKET" >&6 else - echo "$as_me:8283: result: not found" >&5 + echo "$as_me:$LINENO: result: not found" >&5 echo "${ECHO_T}not found" >&6 fi fi + fi; # Change default command timeout for hashing entropy source @@ -8298,17 +8609,49 @@ entropy_timeout=$withval fi -fi; +fi; cat >>confdefs.h <<_ACEOF #define ENTROPY_TIMEOUT_MSEC $entropy_timeout _ACEOF + +ssh_privsep_user=sshd + +# Check whether --with-privsep-user or --without-privsep-user was given. +if test "${with_privsep_user+set}" = set; then + withval="$with_privsep_user" + + if test -n "$withval"; then + ssh_privsep_user=$withval + fi + + +fi; +cat >>confdefs.h <<_ACEOF +#define SSH_PRIVSEP_USER "$ssh_privsep_user" +_ACEOF + + +# We do this little dance with the search path to insure +# that programs that we select for use by installed programs +# (which may be run by the super-user) come from trusted +# locations before they come from the user's private area. +# This should help avoid accidentally configuring some +# random version of a program in someone's personal bin. + +OPATH=$PATH +PATH=/bin:/usr/bin +test -h /bin 2> /dev/null && PATH=/usr/bin +test -d /sbin && PATH=$PATH:/sbin +test -d /usr/sbin && PATH=$PATH:/usr/sbin +PATH=$PATH:/etc:$OPATH + # These programs are used by the command hashing source to gather entropy # Extract the first word of "ls", so it can be a program name with args. set dummy ls; ac_word=$2 -echo "$as_me:8311: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_PROG_LS+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -8318,16 +8661,18 @@ ac_cv_path_PROG_LS="$PROG_LS" # Let the user override the test with a path. ;; *) - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - if $as_executable_p "$ac_dir/$ac_word"; then - ac_cv_path_PROG_LS="$ac_dir/$ac_word" - echo "$as_me:8328: found $ac_dir/$ac_word" >&5 - break -fi + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_PROG_LS="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done ;; @@ -8336,10 +8681,10 @@ PROG_LS=$ac_cv_path_PROG_LS if test -n "$PROG_LS"; then - echo "$as_me:8339: result: $PROG_LS" >&5 + echo "$as_me:$LINENO: result: $PROG_LS" >&5 echo "${ECHO_T}$PROG_LS" >&6 else - echo "$as_me:8342: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -8347,9 +8692,11 @@ PROG_LS="undef" fi + + # Extract the first word of "netstat", so it can be a program name with args. set dummy netstat; ac_word=$2 -echo "$as_me:8352: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_PROG_NETSTAT+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -8359,16 +8706,18 @@ ac_cv_path_PROG_NETSTAT="$PROG_NETSTAT" # Let the user override the test with a path. ;; *) - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - if $as_executable_p "$ac_dir/$ac_word"; then - ac_cv_path_PROG_NETSTAT="$ac_dir/$ac_word" - echo "$as_me:8369: found $ac_dir/$ac_word" >&5 - break -fi + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_PROG_NETSTAT="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done ;; @@ -8377,10 +8726,10 @@ PROG_NETSTAT=$ac_cv_path_PROG_NETSTAT if test -n "$PROG_NETSTAT"; then - echo "$as_me:8380: result: $PROG_NETSTAT" >&5 + echo "$as_me:$LINENO: result: $PROG_NETSTAT" >&5 echo "${ECHO_T}$PROG_NETSTAT" >&6 else - echo "$as_me:8383: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -8388,9 +8737,11 @@ PROG_NETSTAT="undef" fi + + # Extract the first word of "arp", so it can be a program name with args. set dummy arp; ac_word=$2 -echo "$as_me:8393: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_PROG_ARP+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -8400,16 +8751,18 @@ ac_cv_path_PROG_ARP="$PROG_ARP" # Let the user override the test with a path. ;; *) - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - if $as_executable_p "$ac_dir/$ac_word"; then - ac_cv_path_PROG_ARP="$ac_dir/$ac_word" - echo "$as_me:8410: found $ac_dir/$ac_word" >&5 - break -fi + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_PROG_ARP="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done ;; @@ -8418,10 +8771,10 @@ PROG_ARP=$ac_cv_path_PROG_ARP if test -n "$PROG_ARP"; then - echo "$as_me:8421: result: $PROG_ARP" >&5 + echo "$as_me:$LINENO: result: $PROG_ARP" >&5 echo "${ECHO_T}$PROG_ARP" >&6 else - echo "$as_me:8424: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -8429,9 +8782,11 @@ PROG_ARP="undef" fi + + # Extract the first word of "ifconfig", so it can be a program name with args. set dummy ifconfig; ac_word=$2 -echo "$as_me:8434: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_PROG_IFCONFIG+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -8441,16 +8796,18 @@ ac_cv_path_PROG_IFCONFIG="$PROG_IFCONFIG" # Let the user override the test with a path. ;; *) - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - if $as_executable_p "$ac_dir/$ac_word"; then - ac_cv_path_PROG_IFCONFIG="$ac_dir/$ac_word" - echo "$as_me:8451: found $ac_dir/$ac_word" >&5 - break -fi + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_PROG_IFCONFIG="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done ;; @@ -8459,10 +8816,10 @@ PROG_IFCONFIG=$ac_cv_path_PROG_IFCONFIG if test -n "$PROG_IFCONFIG"; then - echo "$as_me:8462: result: $PROG_IFCONFIG" >&5 + echo "$as_me:$LINENO: result: $PROG_IFCONFIG" >&5 echo "${ECHO_T}$PROG_IFCONFIG" >&6 else - echo "$as_me:8465: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -8470,9 +8827,11 @@ PROG_IFCONFIG="undef" fi + + # Extract the first word of "jstat", so it can be a program name with args. set dummy jstat; ac_word=$2 -echo "$as_me:8475: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_PROG_JSTAT+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -8482,16 +8841,18 @@ ac_cv_path_PROG_JSTAT="$PROG_JSTAT" # Let the user override the test with a path. ;; *) - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - if $as_executable_p "$ac_dir/$ac_word"; then - ac_cv_path_PROG_JSTAT="$ac_dir/$ac_word" - echo "$as_me:8492: found $ac_dir/$ac_word" >&5 - break -fi + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_PROG_JSTAT="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done ;; @@ -8500,10 +8861,10 @@ PROG_JSTAT=$ac_cv_path_PROG_JSTAT if test -n "$PROG_JSTAT"; then - echo "$as_me:8503: result: $PROG_JSTAT" >&5 + echo "$as_me:$LINENO: result: $PROG_JSTAT" >&5 echo "${ECHO_T}$PROG_JSTAT" >&6 else - echo "$as_me:8506: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -8511,9 +8872,11 @@ PROG_JSTAT="undef" fi + + # Extract the first word of "ps", so it can be a program name with args. set dummy ps; ac_word=$2 -echo "$as_me:8516: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_PROG_PS+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -8523,16 +8886,18 @@ ac_cv_path_PROG_PS="$PROG_PS" # Let the user override the test with a path. ;; *) - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - if $as_executable_p "$ac_dir/$ac_word"; then - ac_cv_path_PROG_PS="$ac_dir/$ac_word" - echo "$as_me:8533: found $ac_dir/$ac_word" >&5 - break -fi + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_PROG_PS="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done ;; @@ -8541,10 +8906,10 @@ PROG_PS=$ac_cv_path_PROG_PS if test -n "$PROG_PS"; then - echo "$as_me:8544: result: $PROG_PS" >&5 + echo "$as_me:$LINENO: result: $PROG_PS" >&5 echo "${ECHO_T}$PROG_PS" >&6 else - echo "$as_me:8547: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -8552,9 +8917,11 @@ PROG_PS="undef" fi + + # Extract the first word of "sar", so it can be a program name with args. set dummy sar; ac_word=$2 -echo "$as_me:8557: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_PROG_SAR+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -8564,16 +8931,18 @@ ac_cv_path_PROG_SAR="$PROG_SAR" # Let the user override the test with a path. ;; *) - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - if $as_executable_p "$ac_dir/$ac_word"; then - ac_cv_path_PROG_SAR="$ac_dir/$ac_word" - echo "$as_me:8574: found $ac_dir/$ac_word" >&5 - break -fi + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_PROG_SAR="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done ;; @@ -8582,10 +8951,10 @@ PROG_SAR=$ac_cv_path_PROG_SAR if test -n "$PROG_SAR"; then - echo "$as_me:8585: result: $PROG_SAR" >&5 + echo "$as_me:$LINENO: result: $PROG_SAR" >&5 echo "${ECHO_T}$PROG_SAR" >&6 else - echo "$as_me:8588: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -8593,9 +8962,11 @@ PROG_SAR="undef" fi + + # Extract the first word of "w", so it can be a program name with args. set dummy w; ac_word=$2 -echo "$as_me:8598: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_PROG_W+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -8605,16 +8976,18 @@ ac_cv_path_PROG_W="$PROG_W" # Let the user override the test with a path. ;; *) - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - if $as_executable_p "$ac_dir/$ac_word"; then - ac_cv_path_PROG_W="$ac_dir/$ac_word" - echo "$as_me:8615: found $ac_dir/$ac_word" >&5 - break -fi + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_PROG_W="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done ;; @@ -8623,10 +8996,10 @@ PROG_W=$ac_cv_path_PROG_W if test -n "$PROG_W"; then - echo "$as_me:8626: result: $PROG_W" >&5 + echo "$as_me:$LINENO: result: $PROG_W" >&5 echo "${ECHO_T}$PROG_W" >&6 else - echo "$as_me:8629: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -8634,9 +9007,11 @@ PROG_W="undef" fi + + # Extract the first word of "who", so it can be a program name with args. set dummy who; ac_word=$2 -echo "$as_me:8639: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_PROG_WHO+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -8646,16 +9021,18 @@ ac_cv_path_PROG_WHO="$PROG_WHO" # Let the user override the test with a path. ;; *) - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - if $as_executable_p "$ac_dir/$ac_word"; then - ac_cv_path_PROG_WHO="$ac_dir/$ac_word" - echo "$as_me:8656: found $ac_dir/$ac_word" >&5 - break -fi + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_PROG_WHO="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done ;; @@ -8664,10 +9041,10 @@ PROG_WHO=$ac_cv_path_PROG_WHO if test -n "$PROG_WHO"; then - echo "$as_me:8667: result: $PROG_WHO" >&5 + echo "$as_me:$LINENO: result: $PROG_WHO" >&5 echo "${ECHO_T}$PROG_WHO" >&6 else - echo "$as_me:8670: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -8675,9 +9052,11 @@ PROG_WHO="undef" fi + + # Extract the first word of "last", so it can be a program name with args. set dummy last; ac_word=$2 -echo "$as_me:8680: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_PROG_LAST+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -8687,16 +9066,18 @@ ac_cv_path_PROG_LAST="$PROG_LAST" # Let the user override the test with a path. ;; *) - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - if $as_executable_p "$ac_dir/$ac_word"; then - ac_cv_path_PROG_LAST="$ac_dir/$ac_word" - echo "$as_me:8697: found $ac_dir/$ac_word" >&5 - break -fi + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_PROG_LAST="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done ;; @@ -8705,10 +9086,10 @@ PROG_LAST=$ac_cv_path_PROG_LAST if test -n "$PROG_LAST"; then - echo "$as_me:8708: result: $PROG_LAST" >&5 + echo "$as_me:$LINENO: result: $PROG_LAST" >&5 echo "${ECHO_T}$PROG_LAST" >&6 else - echo "$as_me:8711: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -8716,9 +9097,11 @@ PROG_LAST="undef" fi + + # Extract the first word of "lastlog", so it can be a program name with args. set dummy lastlog; ac_word=$2 -echo "$as_me:8721: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_PROG_LASTLOG+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -8728,16 +9111,18 @@ ac_cv_path_PROG_LASTLOG="$PROG_LASTLOG" # Let the user override the test with a path. ;; *) - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - if $as_executable_p "$ac_dir/$ac_word"; then - ac_cv_path_PROG_LASTLOG="$ac_dir/$ac_word" - echo "$as_me:8738: found $ac_dir/$ac_word" >&5 - break -fi + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_PROG_LASTLOG="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done ;; @@ -8746,10 +9131,10 @@ PROG_LASTLOG=$ac_cv_path_PROG_LASTLOG if test -n "$PROG_LASTLOG"; then - echo "$as_me:8749: result: $PROG_LASTLOG" >&5 + echo "$as_me:$LINENO: result: $PROG_LASTLOG" >&5 echo "${ECHO_T}$PROG_LASTLOG" >&6 else - echo "$as_me:8752: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -8757,9 +9142,11 @@ PROG_LASTLOG="undef" fi + + # Extract the first word of "df", so it can be a program name with args. set dummy df; ac_word=$2 -echo "$as_me:8762: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_PROG_DF+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -8769,16 +9156,18 @@ ac_cv_path_PROG_DF="$PROG_DF" # Let the user override the test with a path. ;; *) - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - if $as_executable_p "$ac_dir/$ac_word"; then - ac_cv_path_PROG_DF="$ac_dir/$ac_word" - echo "$as_me:8779: found $ac_dir/$ac_word" >&5 - break -fi + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_PROG_DF="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done ;; @@ -8787,10 +9176,10 @@ PROG_DF=$ac_cv_path_PROG_DF if test -n "$PROG_DF"; then - echo "$as_me:8790: result: $PROG_DF" >&5 + echo "$as_me:$LINENO: result: $PROG_DF" >&5 echo "${ECHO_T}$PROG_DF" >&6 else - echo "$as_me:8793: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -8798,9 +9187,11 @@ PROG_DF="undef" fi + + # Extract the first word of "vmstat", so it can be a program name with args. set dummy vmstat; ac_word=$2 -echo "$as_me:8803: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_PROG_VMSTAT+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -8810,16 +9201,18 @@ ac_cv_path_PROG_VMSTAT="$PROG_VMSTAT" # Let the user override the test with a path. ;; *) - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - if $as_executable_p "$ac_dir/$ac_word"; then - ac_cv_path_PROG_VMSTAT="$ac_dir/$ac_word" - echo "$as_me:8820: found $ac_dir/$ac_word" >&5 - break -fi + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_PROG_VMSTAT="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done ;; @@ -8828,10 +9221,10 @@ PROG_VMSTAT=$ac_cv_path_PROG_VMSTAT if test -n "$PROG_VMSTAT"; then - echo "$as_me:8831: result: $PROG_VMSTAT" >&5 + echo "$as_me:$LINENO: result: $PROG_VMSTAT" >&5 echo "${ECHO_T}$PROG_VMSTAT" >&6 else - echo "$as_me:8834: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -8839,9 +9232,11 @@ PROG_VMSTAT="undef" fi + + # Extract the first word of "uptime", so it can be a program name with args. set dummy uptime; ac_word=$2 -echo "$as_me:8844: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_PROG_UPTIME+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -8851,16 +9246,18 @@ ac_cv_path_PROG_UPTIME="$PROG_UPTIME" # Let the user override the test with a path. ;; *) - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - if $as_executable_p "$ac_dir/$ac_word"; then - ac_cv_path_PROG_UPTIME="$ac_dir/$ac_word" - echo "$as_me:8861: found $ac_dir/$ac_word" >&5 - break -fi + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_PROG_UPTIME="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done ;; @@ -8869,10 +9266,10 @@ PROG_UPTIME=$ac_cv_path_PROG_UPTIME if test -n "$PROG_UPTIME"; then - echo "$as_me:8872: result: $PROG_UPTIME" >&5 + echo "$as_me:$LINENO: result: $PROG_UPTIME" >&5 echo "${ECHO_T}$PROG_UPTIME" >&6 else - echo "$as_me:8875: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -8880,9 +9277,11 @@ PROG_UPTIME="undef" fi + + # Extract the first word of "ipcs", so it can be a program name with args. set dummy ipcs; ac_word=$2 -echo "$as_me:8885: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_PROG_IPCS+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -8892,16 +9291,18 @@ ac_cv_path_PROG_IPCS="$PROG_IPCS" # Let the user override the test with a path. ;; *) - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - if $as_executable_p "$ac_dir/$ac_word"; then - ac_cv_path_PROG_IPCS="$ac_dir/$ac_word" - echo "$as_me:8902: found $ac_dir/$ac_word" >&5 - break -fi + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_PROG_IPCS="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done ;; @@ -8910,10 +9311,10 @@ PROG_IPCS=$ac_cv_path_PROG_IPCS if test -n "$PROG_IPCS"; then - echo "$as_me:8913: result: $PROG_IPCS" >&5 + echo "$as_me:$LINENO: result: $PROG_IPCS" >&5 echo "${ECHO_T}$PROG_IPCS" >&6 else - echo "$as_me:8916: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -8921,9 +9322,11 @@ PROG_IPCS="undef" fi + + # Extract the first word of "tail", so it can be a program name with args. set dummy tail; ac_word=$2 -echo "$as_me:8926: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_PROG_TAIL+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -8933,16 +9336,18 @@ ac_cv_path_PROG_TAIL="$PROG_TAIL" # Let the user override the test with a path. ;; *) - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - if $as_executable_p "$ac_dir/$ac_word"; then - ac_cv_path_PROG_TAIL="$ac_dir/$ac_word" - echo "$as_me:8943: found $ac_dir/$ac_word" >&5 - break -fi + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_PROG_TAIL="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done ;; @@ -8951,10 +9356,10 @@ PROG_TAIL=$ac_cv_path_PROG_TAIL if test -n "$PROG_TAIL"; then - echo "$as_me:8954: result: $PROG_TAIL" >&5 + echo "$as_me:$LINENO: result: $PROG_TAIL" >&5 echo "${ECHO_T}$PROG_TAIL" >&6 else - echo "$as_me:8957: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -8962,6 +9367,10 @@ PROG_TAIL="undef" fi + +# restore PATH +PATH=$OPATH + # Where does ssh-rand-helper get its randomness from? INSTALL_SSH_PRNG_CMDS="" if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then @@ -8976,19 +9385,21 @@ fi fi + + # Cheap hack to ensure NEWS-OS libraries are arranged right. if test ! -z "$SONY" ; then LIBS="$LIBS -liberty"; fi # Checks for data types -echo "$as_me:8985: checking for char" >&5 +echo "$as_me:$LINENO: checking for char" >&5 echo $ECHO_N "checking for char... $ECHO_C" >&6 if test "${ac_cv_type_char+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 8991 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #ifdef F77_DUMMY_MAIN @@ -9009,16 +9420,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:9012: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:9015: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:9018: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:9021: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_type_char=yes else @@ -9028,19 +9439,23 @@ fi rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:9031: result: $ac_cv_type_char" >&5 +echo "$as_me:$LINENO: result: $ac_cv_type_char" >&5 echo "${ECHO_T}$ac_cv_type_char" >&6 -echo "$as_me:9034: checking size of char" >&5 +echo "$as_me:$LINENO: checking size of char" >&5 echo $ECHO_N "checking size of char... $ECHO_C" >&6 if test "${ac_cv_sizeof_char+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if test "$ac_cv_type_char" = yes; then + # The cast to unsigned long works around a bug in the HP C Compiler + # version HP92453-01 B.11.11.23709.GP, which incorrectly rejects + # declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. + # This bug is HP SR number 8606223364. if test "$cross_compiling" = yes; then # Depending upon the size, compute the lo and hi bounds. cat >conftest.$ac_ext <<_ACEOF -#line 9043 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #ifdef F77_DUMMY_MAIN @@ -9052,27 +9467,29 @@ int main () { -int _array_ [1 - 2 * !((sizeof (char)) >= 0)] +static int test_array [1 - 2 * !(((long) (sizeof (char))) >= 0)]; +test_array [0] = 0 + ; return 0; } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:9061: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:9064: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:9067: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:9070: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_lo=0 ac_mid=0 while :; do cat >conftest.$ac_ext <<_ACEOF -#line 9075 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #ifdef F77_DUMMY_MAIN @@ -9084,38 +9501,77 @@ int main () { -int _array_ [1 - 2 * !((sizeof (char)) <= $ac_mid)] +static int test_array [1 - 2 * !(((long) (sizeof (char))) <= $ac_mid)]; +test_array [0] = 0 + ; return 0; } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:9093: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:9096: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:9099: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:9102: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_hi=$ac_mid; break else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 -ac_lo=`expr $ac_mid + 1`; ac_mid=`expr 2 '*' $ac_mid + 1` +ac_lo=`expr $ac_mid + 1` + if test $ac_lo -le $ac_mid; then + ac_lo= ac_hi= + break + fi + ac_mid=`expr 2 '*' $ac_mid + 1` fi rm -f conftest.$ac_objext conftest.$ac_ext done else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 -ac_hi=-1 ac_mid=-1 +cat >conftest.$ac_ext <<_ACEOF +#line $LINENO "configure" +#include "confdefs.h" +$ac_includes_default +#ifdef F77_DUMMY_MAIN +# ifdef __cplusplus + extern "C" +# endif + int F77_DUMMY_MAIN() { return 1; } +#endif +int +main () +{ +static int test_array [1 - 2 * !(((long) (sizeof (char))) < 0)]; +test_array [0] = 0 + + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_hi=-1 ac_mid=-1 while :; do cat >conftest.$ac_ext <<_ACEOF -#line 9118 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #ifdef F77_DUMMY_MAIN @@ -9127,38 +9583,51 @@ int main () { -int _array_ [1 - 2 * !((sizeof (char)) >= $ac_mid)] +static int test_array [1 - 2 * !(((long) (sizeof (char))) >= $ac_mid)]; +test_array [0] = 0 + ; return 0; } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:9136: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:9139: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:9142: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:9145: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_lo=$ac_mid; break else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 -ac_hi=`expr $ac_mid - 1`; ac_mid=`expr 2 '*' $ac_mid` +ac_hi=`expr '(' $ac_mid ')' - 1` + if test $ac_mid -le $ac_hi; then + ac_lo= ac_hi= + break + fi + ac_mid=`expr 2 '*' $ac_mid` fi rm -f conftest.$ac_objext conftest.$ac_ext done +else + echo "$as_me: failed program was:" >&5 +cat conftest.$ac_ext >&5 +ac_lo= ac_hi= +fi +rm -f conftest.$ac_objext conftest.$ac_ext fi rm -f conftest.$ac_objext conftest.$ac_ext # Binary search between lo and hi bounds. while test "x$ac_lo" != "x$ac_hi"; do ac_mid=`expr '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo` cat >conftest.$ac_ext <<_ACEOF -#line 9161 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #ifdef F77_DUMMY_MAIN @@ -9170,42 +9639,53 @@ int main () { -int _array_ [1 - 2 * !((sizeof (char)) <= $ac_mid)] +static int test_array [1 - 2 * !(((long) (sizeof (char))) <= $ac_mid)]; +test_array [0] = 0 + ; return 0; } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:9179: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:9182: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:9185: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:9188: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_hi=$ac_mid else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 -ac_lo=`expr $ac_mid + 1` +ac_lo=`expr '(' $ac_mid ')' + 1` fi rm -f conftest.$ac_objext conftest.$ac_ext done -ac_cv_sizeof_char=$ac_lo +case $ac_lo in +?*) ac_cv_sizeof_char=$ac_lo;; +'') { { echo "$as_me:$LINENO: error: cannot compute sizeof (char), 77" >&5 +echo "$as_me: error: cannot compute sizeof (char), 77" >&2;} + { (exit 1); exit 1; }; } ;; +esac else if test "$cross_compiling" = yes; then - { { echo "$as_me:9201: error: cannot run test program while cross compiling" >&5 + { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling" >&5 echo "$as_me: error: cannot run test program while cross compiling" >&2;} { (exit 1); exit 1; }; } else cat >conftest.$ac_ext <<_ACEOF -#line 9206 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default +long longval () { return (long) (sizeof (char)); } +unsigned long ulongval () { return (long) (sizeof (char)); } +#include +#include #ifdef F77_DUMMY_MAIN # ifdef __cplusplus extern "C" @@ -9215,31 +9695,50 @@ int main () { -FILE *f = fopen ("conftest.val", "w"); -if (!f) - exit (1); -fprintf (f, "%d", (sizeof (char))); -fclose (f); + + FILE *f = fopen ("conftest.val", "w"); + if (! f) + exit (1); + if (((long) (sizeof (char))) < 0) + { + long i = longval (); + if (i != ((long) (sizeof (char)))) + exit (1); + fprintf (f, "%ld\n", i); + } + else + { + unsigned long i = ulongval (); + if (i != ((long) (sizeof (char)))) + exit (1); + fprintf (f, "%lu\n", i); + } + exit (ferror (f) || fclose (f) != 0); + ; return 0; } _ACEOF rm -f conftest$ac_exeext -if { (eval echo "$as_me:9228: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:9231: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (eval echo "$as_me:9233: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:9236: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_sizeof_char=`cat conftest.val` else echo "$as_me: program exited with status $ac_status" >&5 echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 +( exit $ac_status ) +{ { echo "$as_me:$LINENO: error: cannot compute sizeof (char), 77" >&5 +echo "$as_me: error: cannot compute sizeof (char), 77" >&2;} + { (exit 1); exit 1; }; } fi rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext fi @@ -9249,19 +9748,20 @@ ac_cv_sizeof_char=0 fi fi -echo "$as_me:9252: result: $ac_cv_sizeof_char" >&5 +echo "$as_me:$LINENO: result: $ac_cv_sizeof_char" >&5 echo "${ECHO_T}$ac_cv_sizeof_char" >&6 cat >>confdefs.h <<_ACEOF #define SIZEOF_CHAR $ac_cv_sizeof_char _ACEOF -echo "$as_me:9258: checking for short int" >&5 + +echo "$as_me:$LINENO: checking for short int" >&5 echo $ECHO_N "checking for short int... $ECHO_C" >&6 if test "${ac_cv_type_short_int+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 9264 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #ifdef F77_DUMMY_MAIN @@ -9282,16 +9782,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:9285: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:9288: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:9291: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:9294: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_type_short_int=yes else @@ -9301,19 +9801,23 @@ fi rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:9304: result: $ac_cv_type_short_int" >&5 +echo "$as_me:$LINENO: result: $ac_cv_type_short_int" >&5 echo "${ECHO_T}$ac_cv_type_short_int" >&6 -echo "$as_me:9307: checking size of short int" >&5 +echo "$as_me:$LINENO: checking size of short int" >&5 echo $ECHO_N "checking size of short int... $ECHO_C" >&6 if test "${ac_cv_sizeof_short_int+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if test "$ac_cv_type_short_int" = yes; then + # The cast to unsigned long works around a bug in the HP C Compiler + # version HP92453-01 B.11.11.23709.GP, which incorrectly rejects + # declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. + # This bug is HP SR number 8606223364. if test "$cross_compiling" = yes; then # Depending upon the size, compute the lo and hi bounds. cat >conftest.$ac_ext <<_ACEOF -#line 9316 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #ifdef F77_DUMMY_MAIN @@ -9325,27 +9829,29 @@ int main () { -int _array_ [1 - 2 * !((sizeof (short int)) >= 0)] +static int test_array [1 - 2 * !(((long) (sizeof (short int))) >= 0)]; +test_array [0] = 0 + ; return 0; } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:9334: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:9337: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:9340: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:9343: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_lo=0 ac_mid=0 while :; do cat >conftest.$ac_ext <<_ACEOF -#line 9348 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #ifdef F77_DUMMY_MAIN @@ -9357,38 +9863,43 @@ int main () { -int _array_ [1 - 2 * !((sizeof (short int)) <= $ac_mid)] +static int test_array [1 - 2 * !(((long) (sizeof (short int))) <= $ac_mid)]; +test_array [0] = 0 + ; return 0; } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:9366: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:9369: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:9372: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:9375: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_hi=$ac_mid; break else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 -ac_lo=`expr $ac_mid + 1`; ac_mid=`expr 2 '*' $ac_mid + 1` +ac_lo=`expr $ac_mid + 1` + if test $ac_lo -le $ac_mid; then + ac_lo= ac_hi= + break + fi + ac_mid=`expr 2 '*' $ac_mid + 1` fi rm -f conftest.$ac_objext conftest.$ac_ext done else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 -ac_hi=-1 ac_mid=-1 - while :; do - cat >conftest.$ac_ext <<_ACEOF -#line 9391 "configure" +cat >conftest.$ac_ext <<_ACEOF +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #ifdef F77_DUMMY_MAIN @@ -9400,38 +9911,85 @@ int main () { -int _array_ [1 - 2 * !((sizeof (short int)) >= $ac_mid)] +static int test_array [1 - 2 * !(((long) (sizeof (short int))) < 0)]; +test_array [0] = 0 + ; return 0; } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:9409: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:9412: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:9415: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:9418: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then - ac_lo=$ac_mid; break -else - echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 -ac_hi=`expr $ac_mid - 1`; ac_mid=`expr 2 '*' $ac_mid` -fi + ac_hi=-1 ac_mid=-1 + while :; do + cat >conftest.$ac_ext <<_ACEOF +#line $LINENO "configure" +#include "confdefs.h" +$ac_includes_default +#ifdef F77_DUMMY_MAIN +# ifdef __cplusplus + extern "C" +# endif + int F77_DUMMY_MAIN() { return 1; } +#endif +int +main () +{ +static int test_array [1 - 2 * !(((long) (sizeof (short int))) >= $ac_mid)]; +test_array [0] = 0 + + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_lo=$ac_mid; break +else + echo "$as_me: failed program was:" >&5 +cat conftest.$ac_ext >&5 +ac_hi=`expr '(' $ac_mid ')' - 1` + if test $ac_mid -le $ac_hi; then + ac_lo= ac_hi= + break + fi + ac_mid=`expr 2 '*' $ac_mid` +fi rm -f conftest.$ac_objext conftest.$ac_ext done +else + echo "$as_me: failed program was:" >&5 +cat conftest.$ac_ext >&5 +ac_lo= ac_hi= +fi +rm -f conftest.$ac_objext conftest.$ac_ext fi rm -f conftest.$ac_objext conftest.$ac_ext # Binary search between lo and hi bounds. while test "x$ac_lo" != "x$ac_hi"; do ac_mid=`expr '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo` cat >conftest.$ac_ext <<_ACEOF -#line 9434 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #ifdef F77_DUMMY_MAIN @@ -9443,42 +10001,53 @@ int main () { -int _array_ [1 - 2 * !((sizeof (short int)) <= $ac_mid)] +static int test_array [1 - 2 * !(((long) (sizeof (short int))) <= $ac_mid)]; +test_array [0] = 0 + ; return 0; } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:9452: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:9455: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:9458: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:9461: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_hi=$ac_mid else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 -ac_lo=`expr $ac_mid + 1` +ac_lo=`expr '(' $ac_mid ')' + 1` fi rm -f conftest.$ac_objext conftest.$ac_ext done -ac_cv_sizeof_short_int=$ac_lo +case $ac_lo in +?*) ac_cv_sizeof_short_int=$ac_lo;; +'') { { echo "$as_me:$LINENO: error: cannot compute sizeof (short int), 77" >&5 +echo "$as_me: error: cannot compute sizeof (short int), 77" >&2;} + { (exit 1); exit 1; }; } ;; +esac else if test "$cross_compiling" = yes; then - { { echo "$as_me:9474: error: cannot run test program while cross compiling" >&5 + { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling" >&5 echo "$as_me: error: cannot run test program while cross compiling" >&2;} { (exit 1); exit 1; }; } else cat >conftest.$ac_ext <<_ACEOF -#line 9479 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default +long longval () { return (long) (sizeof (short int)); } +unsigned long ulongval () { return (long) (sizeof (short int)); } +#include +#include #ifdef F77_DUMMY_MAIN # ifdef __cplusplus extern "C" @@ -9488,31 +10057,50 @@ int main () { -FILE *f = fopen ("conftest.val", "w"); -if (!f) - exit (1); -fprintf (f, "%d", (sizeof (short int))); -fclose (f); + + FILE *f = fopen ("conftest.val", "w"); + if (! f) + exit (1); + if (((long) (sizeof (short int))) < 0) + { + long i = longval (); + if (i != ((long) (sizeof (short int)))) + exit (1); + fprintf (f, "%ld\n", i); + } + else + { + unsigned long i = ulongval (); + if (i != ((long) (sizeof (short int)))) + exit (1); + fprintf (f, "%lu\n", i); + } + exit (ferror (f) || fclose (f) != 0); + ; return 0; } _ACEOF rm -f conftest$ac_exeext -if { (eval echo "$as_me:9501: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:9504: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (eval echo "$as_me:9506: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:9509: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_sizeof_short_int=`cat conftest.val` else echo "$as_me: program exited with status $ac_status" >&5 echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 +( exit $ac_status ) +{ { echo "$as_me:$LINENO: error: cannot compute sizeof (short int), 77" >&5 +echo "$as_me: error: cannot compute sizeof (short int), 77" >&2;} + { (exit 1); exit 1; }; } fi rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext fi @@ -9522,19 +10110,20 @@ ac_cv_sizeof_short_int=0 fi fi -echo "$as_me:9525: result: $ac_cv_sizeof_short_int" >&5 +echo "$as_me:$LINENO: result: $ac_cv_sizeof_short_int" >&5 echo "${ECHO_T}$ac_cv_sizeof_short_int" >&6 cat >>confdefs.h <<_ACEOF #define SIZEOF_SHORT_INT $ac_cv_sizeof_short_int _ACEOF -echo "$as_me:9531: checking for int" >&5 + +echo "$as_me:$LINENO: checking for int" >&5 echo $ECHO_N "checking for int... $ECHO_C" >&6 if test "${ac_cv_type_int+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 9537 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #ifdef F77_DUMMY_MAIN @@ -9555,16 +10144,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:9558: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:9561: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:9564: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:9567: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_type_int=yes else @@ -9574,19 +10163,23 @@ fi rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:9577: result: $ac_cv_type_int" >&5 +echo "$as_me:$LINENO: result: $ac_cv_type_int" >&5 echo "${ECHO_T}$ac_cv_type_int" >&6 -echo "$as_me:9580: checking size of int" >&5 +echo "$as_me:$LINENO: checking size of int" >&5 echo $ECHO_N "checking size of int... $ECHO_C" >&6 if test "${ac_cv_sizeof_int+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if test "$ac_cv_type_int" = yes; then + # The cast to unsigned long works around a bug in the HP C Compiler + # version HP92453-01 B.11.11.23709.GP, which incorrectly rejects + # declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. + # This bug is HP SR number 8606223364. if test "$cross_compiling" = yes; then # Depending upon the size, compute the lo and hi bounds. cat >conftest.$ac_ext <<_ACEOF -#line 9589 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #ifdef F77_DUMMY_MAIN @@ -9598,27 +10191,29 @@ int main () { -int _array_ [1 - 2 * !((sizeof (int)) >= 0)] +static int test_array [1 - 2 * !(((long) (sizeof (int))) >= 0)]; +test_array [0] = 0 + ; return 0; } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:9607: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:9610: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:9613: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:9616: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_lo=0 ac_mid=0 while :; do cat >conftest.$ac_ext <<_ACEOF -#line 9621 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #ifdef F77_DUMMY_MAIN @@ -9630,38 +10225,77 @@ int main () { -int _array_ [1 - 2 * !((sizeof (int)) <= $ac_mid)] +static int test_array [1 - 2 * !(((long) (sizeof (int))) <= $ac_mid)]; +test_array [0] = 0 + ; return 0; } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:9639: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:9642: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:9645: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:9648: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_hi=$ac_mid; break else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 -ac_lo=`expr $ac_mid + 1`; ac_mid=`expr 2 '*' $ac_mid + 1` +ac_lo=`expr $ac_mid + 1` + if test $ac_lo -le $ac_mid; then + ac_lo= ac_hi= + break + fi + ac_mid=`expr 2 '*' $ac_mid + 1` fi rm -f conftest.$ac_objext conftest.$ac_ext done else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 -ac_hi=-1 ac_mid=-1 +cat >conftest.$ac_ext <<_ACEOF +#line $LINENO "configure" +#include "confdefs.h" +$ac_includes_default +#ifdef F77_DUMMY_MAIN +# ifdef __cplusplus + extern "C" +# endif + int F77_DUMMY_MAIN() { return 1; } +#endif +int +main () +{ +static int test_array [1 - 2 * !(((long) (sizeof (int))) < 0)]; +test_array [0] = 0 + + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_hi=-1 ac_mid=-1 while :; do cat >conftest.$ac_ext <<_ACEOF -#line 9664 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #ifdef F77_DUMMY_MAIN @@ -9673,38 +10307,51 @@ int main () { -int _array_ [1 - 2 * !((sizeof (int)) >= $ac_mid)] +static int test_array [1 - 2 * !(((long) (sizeof (int))) >= $ac_mid)]; +test_array [0] = 0 + ; return 0; } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:9682: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:9685: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:9688: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:9691: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_lo=$ac_mid; break else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 -ac_hi=`expr $ac_mid - 1`; ac_mid=`expr 2 '*' $ac_mid` +ac_hi=`expr '(' $ac_mid ')' - 1` + if test $ac_mid -le $ac_hi; then + ac_lo= ac_hi= + break + fi + ac_mid=`expr 2 '*' $ac_mid` fi rm -f conftest.$ac_objext conftest.$ac_ext done +else + echo "$as_me: failed program was:" >&5 +cat conftest.$ac_ext >&5 +ac_lo= ac_hi= +fi +rm -f conftest.$ac_objext conftest.$ac_ext fi rm -f conftest.$ac_objext conftest.$ac_ext # Binary search between lo and hi bounds. while test "x$ac_lo" != "x$ac_hi"; do ac_mid=`expr '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo` cat >conftest.$ac_ext <<_ACEOF -#line 9707 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #ifdef F77_DUMMY_MAIN @@ -9716,42 +10363,53 @@ int main () { -int _array_ [1 - 2 * !((sizeof (int)) <= $ac_mid)] +static int test_array [1 - 2 * !(((long) (sizeof (int))) <= $ac_mid)]; +test_array [0] = 0 + ; return 0; } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:9725: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:9728: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:9731: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:9734: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_hi=$ac_mid else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 -ac_lo=`expr $ac_mid + 1` +ac_lo=`expr '(' $ac_mid ')' + 1` fi rm -f conftest.$ac_objext conftest.$ac_ext done -ac_cv_sizeof_int=$ac_lo +case $ac_lo in +?*) ac_cv_sizeof_int=$ac_lo;; +'') { { echo "$as_me:$LINENO: error: cannot compute sizeof (int), 77" >&5 +echo "$as_me: error: cannot compute sizeof (int), 77" >&2;} + { (exit 1); exit 1; }; } ;; +esac else if test "$cross_compiling" = yes; then - { { echo "$as_me:9747: error: cannot run test program while cross compiling" >&5 + { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling" >&5 echo "$as_me: error: cannot run test program while cross compiling" >&2;} { (exit 1); exit 1; }; } else cat >conftest.$ac_ext <<_ACEOF -#line 9752 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default +long longval () { return (long) (sizeof (int)); } +unsigned long ulongval () { return (long) (sizeof (int)); } +#include +#include #ifdef F77_DUMMY_MAIN # ifdef __cplusplus extern "C" @@ -9761,31 +10419,50 @@ int main () { -FILE *f = fopen ("conftest.val", "w"); -if (!f) - exit (1); -fprintf (f, "%d", (sizeof (int))); -fclose (f); + + FILE *f = fopen ("conftest.val", "w"); + if (! f) + exit (1); + if (((long) (sizeof (int))) < 0) + { + long i = longval (); + if (i != ((long) (sizeof (int)))) + exit (1); + fprintf (f, "%ld\n", i); + } + else + { + unsigned long i = ulongval (); + if (i != ((long) (sizeof (int)))) + exit (1); + fprintf (f, "%lu\n", i); + } + exit (ferror (f) || fclose (f) != 0); + ; return 0; } _ACEOF rm -f conftest$ac_exeext -if { (eval echo "$as_me:9774: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:9777: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (eval echo "$as_me:9779: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:9782: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_sizeof_int=`cat conftest.val` else echo "$as_me: program exited with status $ac_status" >&5 echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 +( exit $ac_status ) +{ { echo "$as_me:$LINENO: error: cannot compute sizeof (int), 77" >&5 +echo "$as_me: error: cannot compute sizeof (int), 77" >&2;} + { (exit 1); exit 1; }; } fi rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext fi @@ -9795,19 +10472,20 @@ ac_cv_sizeof_int=0 fi fi -echo "$as_me:9798: result: $ac_cv_sizeof_int" >&5 +echo "$as_me:$LINENO: result: $ac_cv_sizeof_int" >&5 echo "${ECHO_T}$ac_cv_sizeof_int" >&6 cat >>confdefs.h <<_ACEOF #define SIZEOF_INT $ac_cv_sizeof_int _ACEOF -echo "$as_me:9804: checking for long int" >&5 + +echo "$as_me:$LINENO: checking for long int" >&5 echo $ECHO_N "checking for long int... $ECHO_C" >&6 if test "${ac_cv_type_long_int+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 9810 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #ifdef F77_DUMMY_MAIN @@ -9828,16 +10506,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:9831: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:9834: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:9837: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:9840: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_type_long_int=yes else @@ -9847,19 +10525,23 @@ fi rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:9850: result: $ac_cv_type_long_int" >&5 +echo "$as_me:$LINENO: result: $ac_cv_type_long_int" >&5 echo "${ECHO_T}$ac_cv_type_long_int" >&6 -echo "$as_me:9853: checking size of long int" >&5 +echo "$as_me:$LINENO: checking size of long int" >&5 echo $ECHO_N "checking size of long int... $ECHO_C" >&6 if test "${ac_cv_sizeof_long_int+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if test "$ac_cv_type_long_int" = yes; then + # The cast to unsigned long works around a bug in the HP C Compiler + # version HP92453-01 B.11.11.23709.GP, which incorrectly rejects + # declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. + # This bug is HP SR number 8606223364. if test "$cross_compiling" = yes; then # Depending upon the size, compute the lo and hi bounds. cat >conftest.$ac_ext <<_ACEOF -#line 9862 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #ifdef F77_DUMMY_MAIN @@ -9871,27 +10553,29 @@ int main () { -int _array_ [1 - 2 * !((sizeof (long int)) >= 0)] +static int test_array [1 - 2 * !(((long) (sizeof (long int))) >= 0)]; +test_array [0] = 0 + ; return 0; } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:9880: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:9883: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:9886: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:9889: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_lo=0 ac_mid=0 while :; do cat >conftest.$ac_ext <<_ACEOF -#line 9894 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #ifdef F77_DUMMY_MAIN @@ -9903,38 +10587,77 @@ int main () { -int _array_ [1 - 2 * !((sizeof (long int)) <= $ac_mid)] +static int test_array [1 - 2 * !(((long) (sizeof (long int))) <= $ac_mid)]; +test_array [0] = 0 + ; return 0; } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:9912: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:9915: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:9918: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:9921: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_hi=$ac_mid; break else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 -ac_lo=`expr $ac_mid + 1`; ac_mid=`expr 2 '*' $ac_mid + 1` +ac_lo=`expr $ac_mid + 1` + if test $ac_lo -le $ac_mid; then + ac_lo= ac_hi= + break + fi + ac_mid=`expr 2 '*' $ac_mid + 1` fi rm -f conftest.$ac_objext conftest.$ac_ext done else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 -ac_hi=-1 ac_mid=-1 +cat >conftest.$ac_ext <<_ACEOF +#line $LINENO "configure" +#include "confdefs.h" +$ac_includes_default +#ifdef F77_DUMMY_MAIN +# ifdef __cplusplus + extern "C" +# endif + int F77_DUMMY_MAIN() { return 1; } +#endif +int +main () +{ +static int test_array [1 - 2 * !(((long) (sizeof (long int))) < 0)]; +test_array [0] = 0 + + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_hi=-1 ac_mid=-1 while :; do cat >conftest.$ac_ext <<_ACEOF -#line 9937 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #ifdef F77_DUMMY_MAIN @@ -9946,38 +10669,51 @@ int main () { -int _array_ [1 - 2 * !((sizeof (long int)) >= $ac_mid)] +static int test_array [1 - 2 * !(((long) (sizeof (long int))) >= $ac_mid)]; +test_array [0] = 0 + ; return 0; } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:9955: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:9958: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:9961: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:9964: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_lo=$ac_mid; break else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 -ac_hi=`expr $ac_mid - 1`; ac_mid=`expr 2 '*' $ac_mid` +ac_hi=`expr '(' $ac_mid ')' - 1` + if test $ac_mid -le $ac_hi; then + ac_lo= ac_hi= + break + fi + ac_mid=`expr 2 '*' $ac_mid` fi rm -f conftest.$ac_objext conftest.$ac_ext done +else + echo "$as_me: failed program was:" >&5 +cat conftest.$ac_ext >&5 +ac_lo= ac_hi= +fi +rm -f conftest.$ac_objext conftest.$ac_ext fi rm -f conftest.$ac_objext conftest.$ac_ext # Binary search between lo and hi bounds. while test "x$ac_lo" != "x$ac_hi"; do ac_mid=`expr '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo` cat >conftest.$ac_ext <<_ACEOF -#line 9980 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #ifdef F77_DUMMY_MAIN @@ -9989,42 +10725,53 @@ int main () { -int _array_ [1 - 2 * !((sizeof (long int)) <= $ac_mid)] +static int test_array [1 - 2 * !(((long) (sizeof (long int))) <= $ac_mid)]; +test_array [0] = 0 + ; return 0; } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:9998: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:10001: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:10004: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:10007: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_hi=$ac_mid else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 -ac_lo=`expr $ac_mid + 1` +ac_lo=`expr '(' $ac_mid ')' + 1` fi rm -f conftest.$ac_objext conftest.$ac_ext done -ac_cv_sizeof_long_int=$ac_lo +case $ac_lo in +?*) ac_cv_sizeof_long_int=$ac_lo;; +'') { { echo "$as_me:$LINENO: error: cannot compute sizeof (long int), 77" >&5 +echo "$as_me: error: cannot compute sizeof (long int), 77" >&2;} + { (exit 1); exit 1; }; } ;; +esac else if test "$cross_compiling" = yes; then - { { echo "$as_me:10020: error: cannot run test program while cross compiling" >&5 + { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling" >&5 echo "$as_me: error: cannot run test program while cross compiling" >&2;} { (exit 1); exit 1; }; } else cat >conftest.$ac_ext <<_ACEOF -#line 10025 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default +long longval () { return (long) (sizeof (long int)); } +unsigned long ulongval () { return (long) (sizeof (long int)); } +#include +#include #ifdef F77_DUMMY_MAIN # ifdef __cplusplus extern "C" @@ -10034,31 +10781,50 @@ int main () { -FILE *f = fopen ("conftest.val", "w"); -if (!f) - exit (1); -fprintf (f, "%d", (sizeof (long int))); -fclose (f); + + FILE *f = fopen ("conftest.val", "w"); + if (! f) + exit (1); + if (((long) (sizeof (long int))) < 0) + { + long i = longval (); + if (i != ((long) (sizeof (long int)))) + exit (1); + fprintf (f, "%ld\n", i); + } + else + { + unsigned long i = ulongval (); + if (i != ((long) (sizeof (long int)))) + exit (1); + fprintf (f, "%lu\n", i); + } + exit (ferror (f) || fclose (f) != 0); + ; return 0; } _ACEOF rm -f conftest$ac_exeext -if { (eval echo "$as_me:10047: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:10050: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (eval echo "$as_me:10052: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:10055: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_sizeof_long_int=`cat conftest.val` else echo "$as_me: program exited with status $ac_status" >&5 echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 +( exit $ac_status ) +{ { echo "$as_me:$LINENO: error: cannot compute sizeof (long int), 77" >&5 +echo "$as_me: error: cannot compute sizeof (long int), 77" >&2;} + { (exit 1); exit 1; }; } fi rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext fi @@ -10068,19 +10834,20 @@ ac_cv_sizeof_long_int=0 fi fi -echo "$as_me:10071: result: $ac_cv_sizeof_long_int" >&5 +echo "$as_me:$LINENO: result: $ac_cv_sizeof_long_int" >&5 echo "${ECHO_T}$ac_cv_sizeof_long_int" >&6 cat >>confdefs.h <<_ACEOF #define SIZEOF_LONG_INT $ac_cv_sizeof_long_int _ACEOF -echo "$as_me:10077: checking for long long int" >&5 + +echo "$as_me:$LINENO: checking for long long int" >&5 echo $ECHO_N "checking for long long int... $ECHO_C" >&6 if test "${ac_cv_type_long_long_int+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 10083 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #ifdef F77_DUMMY_MAIN @@ -10101,16 +10868,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:10104: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:10107: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:10110: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:10113: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_type_long_long_int=yes else @@ -10120,19 +10887,23 @@ fi rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:10123: result: $ac_cv_type_long_long_int" >&5 +echo "$as_me:$LINENO: result: $ac_cv_type_long_long_int" >&5 echo "${ECHO_T}$ac_cv_type_long_long_int" >&6 -echo "$as_me:10126: checking size of long long int" >&5 +echo "$as_me:$LINENO: checking size of long long int" >&5 echo $ECHO_N "checking size of long long int... $ECHO_C" >&6 if test "${ac_cv_sizeof_long_long_int+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if test "$ac_cv_type_long_long_int" = yes; then + # The cast to unsigned long works around a bug in the HP C Compiler + # version HP92453-01 B.11.11.23709.GP, which incorrectly rejects + # declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. + # This bug is HP SR number 8606223364. if test "$cross_compiling" = yes; then # Depending upon the size, compute the lo and hi bounds. cat >conftest.$ac_ext <<_ACEOF -#line 10135 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #ifdef F77_DUMMY_MAIN @@ -10144,27 +10915,29 @@ int main () { -int _array_ [1 - 2 * !((sizeof (long long int)) >= 0)] +static int test_array [1 - 2 * !(((long) (sizeof (long long int))) >= 0)]; +test_array [0] = 0 + ; return 0; } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:10153: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:10156: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:10159: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:10162: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_lo=0 ac_mid=0 while :; do cat >conftest.$ac_ext <<_ACEOF -#line 10167 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #ifdef F77_DUMMY_MAIN @@ -10176,38 +10949,77 @@ int main () { -int _array_ [1 - 2 * !((sizeof (long long int)) <= $ac_mid)] +static int test_array [1 - 2 * !(((long) (sizeof (long long int))) <= $ac_mid)]; +test_array [0] = 0 + ; return 0; } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:10185: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:10188: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:10191: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:10194: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_hi=$ac_mid; break else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 -ac_lo=`expr $ac_mid + 1`; ac_mid=`expr 2 '*' $ac_mid + 1` +ac_lo=`expr $ac_mid + 1` + if test $ac_lo -le $ac_mid; then + ac_lo= ac_hi= + break + fi + ac_mid=`expr 2 '*' $ac_mid + 1` fi rm -f conftest.$ac_objext conftest.$ac_ext done else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 -ac_hi=-1 ac_mid=-1 +cat >conftest.$ac_ext <<_ACEOF +#line $LINENO "configure" +#include "confdefs.h" +$ac_includes_default +#ifdef F77_DUMMY_MAIN +# ifdef __cplusplus + extern "C" +# endif + int F77_DUMMY_MAIN() { return 1; } +#endif +int +main () +{ +static int test_array [1 - 2 * !(((long) (sizeof (long long int))) < 0)]; +test_array [0] = 0 + + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_hi=-1 ac_mid=-1 while :; do cat >conftest.$ac_ext <<_ACEOF -#line 10210 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #ifdef F77_DUMMY_MAIN @@ -10219,38 +11031,51 @@ int main () { -int _array_ [1 - 2 * !((sizeof (long long int)) >= $ac_mid)] +static int test_array [1 - 2 * !(((long) (sizeof (long long int))) >= $ac_mid)]; +test_array [0] = 0 + ; return 0; } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:10228: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:10231: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:10234: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:10237: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_lo=$ac_mid; break else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 -ac_hi=`expr $ac_mid - 1`; ac_mid=`expr 2 '*' $ac_mid` +ac_hi=`expr '(' $ac_mid ')' - 1` + if test $ac_mid -le $ac_hi; then + ac_lo= ac_hi= + break + fi + ac_mid=`expr 2 '*' $ac_mid` fi rm -f conftest.$ac_objext conftest.$ac_ext done +else + echo "$as_me: failed program was:" >&5 +cat conftest.$ac_ext >&5 +ac_lo= ac_hi= +fi +rm -f conftest.$ac_objext conftest.$ac_ext fi rm -f conftest.$ac_objext conftest.$ac_ext # Binary search between lo and hi bounds. while test "x$ac_lo" != "x$ac_hi"; do ac_mid=`expr '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo` cat >conftest.$ac_ext <<_ACEOF -#line 10253 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #ifdef F77_DUMMY_MAIN @@ -10262,42 +11087,53 @@ int main () { -int _array_ [1 - 2 * !((sizeof (long long int)) <= $ac_mid)] +static int test_array [1 - 2 * !(((long) (sizeof (long long int))) <= $ac_mid)]; +test_array [0] = 0 + ; return 0; } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:10271: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:10274: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:10277: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:10280: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_hi=$ac_mid else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 -ac_lo=`expr $ac_mid + 1` +ac_lo=`expr '(' $ac_mid ')' + 1` fi rm -f conftest.$ac_objext conftest.$ac_ext done -ac_cv_sizeof_long_long_int=$ac_lo +case $ac_lo in +?*) ac_cv_sizeof_long_long_int=$ac_lo;; +'') { { echo "$as_me:$LINENO: error: cannot compute sizeof (long long int), 77" >&5 +echo "$as_me: error: cannot compute sizeof (long long int), 77" >&2;} + { (exit 1); exit 1; }; } ;; +esac else if test "$cross_compiling" = yes; then - { { echo "$as_me:10293: error: cannot run test program while cross compiling" >&5 + { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling" >&5 echo "$as_me: error: cannot run test program while cross compiling" >&2;} { (exit 1); exit 1; }; } else cat >conftest.$ac_ext <<_ACEOF -#line 10298 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default +long longval () { return (long) (sizeof (long long int)); } +unsigned long ulongval () { return (long) (sizeof (long long int)); } +#include +#include #ifdef F77_DUMMY_MAIN # ifdef __cplusplus extern "C" @@ -10307,31 +11143,50 @@ int main () { -FILE *f = fopen ("conftest.val", "w"); -if (!f) - exit (1); -fprintf (f, "%d", (sizeof (long long int))); -fclose (f); + + FILE *f = fopen ("conftest.val", "w"); + if (! f) + exit (1); + if (((long) (sizeof (long long int))) < 0) + { + long i = longval (); + if (i != ((long) (sizeof (long long int)))) + exit (1); + fprintf (f, "%ld\n", i); + } + else + { + unsigned long i = ulongval (); + if (i != ((long) (sizeof (long long int)))) + exit (1); + fprintf (f, "%lu\n", i); + } + exit (ferror (f) || fclose (f) != 0); + ; return 0; } _ACEOF rm -f conftest$ac_exeext -if { (eval echo "$as_me:10320: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:10323: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (eval echo "$as_me:10325: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:10328: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_sizeof_long_long_int=`cat conftest.val` else echo "$as_me: program exited with status $ac_status" >&5 echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 +( exit $ac_status ) +{ { echo "$as_me:$LINENO: error: cannot compute sizeof (long long int), 77" >&5 +echo "$as_me: error: cannot compute sizeof (long long int), 77" >&2;} + { (exit 1); exit 1; }; } fi rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext fi @@ -10341,21 +11196,28 @@ ac_cv_sizeof_long_long_int=0 fi fi -echo "$as_me:10344: result: $ac_cv_sizeof_long_long_int" >&5 +echo "$as_me:$LINENO: result: $ac_cv_sizeof_long_long_int" >&5 echo "${ECHO_T}$ac_cv_sizeof_long_long_int" >&6 cat >>confdefs.h <<_ACEOF #define SIZEOF_LONG_LONG_INT $ac_cv_sizeof_long_long_int _ACEOF + + +# Sanity check long long for some platforms (AIX) +if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then + ac_cv_sizeof_long_long_int=0 +fi + # More checks for data types -echo "$as_me:10351: checking for u_int type" >&5 +echo "$as_me:$LINENO: checking for u_int type" >&5 echo $ECHO_N "checking for u_int type... $ECHO_C" >&6 if test "${ac_cv_have_u_int+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 10358 "configure" +#line $LINENO "configure" #include "confdefs.h" #include #ifdef F77_DUMMY_MAIN @@ -10373,16 +11235,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:10376: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:10379: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:10382: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:10385: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_have_u_int="yes" else @@ -10394,7 +11256,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:10397: result: $ac_cv_have_u_int" >&5 +echo "$as_me:$LINENO: result: $ac_cv_have_u_int" >&5 echo "${ECHO_T}$ac_cv_have_u_int" >&6 if test "x$ac_cv_have_u_int" = "xyes" ; then cat >>confdefs.h <<\_ACEOF @@ -10404,14 +11266,14 @@ have_u_int=1 fi -echo "$as_me:10407: checking for intXX_t types" >&5 +echo "$as_me:$LINENO: checking for intXX_t types" >&5 echo $ECHO_N "checking for intXX_t types... $ECHO_C" >&6 if test "${ac_cv_have_intxx_t+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 10414 "configure" +#line $LINENO "configure" #include "confdefs.h" #include #ifdef F77_DUMMY_MAIN @@ -10429,16 +11291,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:10432: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:10435: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:10438: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:10441: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_have_intxx_t="yes" else @@ -10450,7 +11312,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:10453: result: $ac_cv_have_intxx_t" >&5 +echo "$as_me:$LINENO: result: $ac_cv_have_intxx_t" >&5 echo "${ECHO_T}$ac_cv_have_intxx_t" >&6 if test "x$ac_cv_have_intxx_t" = "xyes" ; then cat >>confdefs.h <<\_ACEOF @@ -10463,10 +11325,10 @@ if (test -z "$have_intxx_t" && \ test "x$ac_cv_header_stdint_h" = "xyes") then - echo "$as_me:10466: checking for intXX_t types in stdint.h" >&5 + echo "$as_me:$LINENO: checking for intXX_t types in stdint.h" >&5 echo $ECHO_N "checking for intXX_t types in stdint.h... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 10469 "configure" +#line $LINENO "configure" #include "confdefs.h" #include #ifdef F77_DUMMY_MAIN @@ -10484,43 +11346,43 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:10487: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:10490: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:10493: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:10496: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then cat >>confdefs.h <<\_ACEOF #define HAVE_INTXX_T 1 _ACEOF - echo "$as_me:10503: result: yes" >&5 + echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 - echo "$as_me:10509: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:10516: checking for int64_t type" >&5 +echo "$as_me:$LINENO: checking for int64_t type" >&5 echo $ECHO_N "checking for int64_t type... $ECHO_C" >&6 if test "${ac_cv_have_int64_t+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 10523 "configure" +#line $LINENO "configure" #include "confdefs.h" #include #ifdef F77_DUMMY_MAIN @@ -10538,16 +11400,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:10541: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:10544: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:10547: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:10550: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_have_int64_t="yes" else @@ -10559,7 +11421,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:10562: result: $ac_cv_have_int64_t" >&5 +echo "$as_me:$LINENO: result: $ac_cv_have_int64_t" >&5 echo "${ECHO_T}$ac_cv_have_int64_t" >&6 if test "x$ac_cv_have_int64_t" = "xyes" ; then cat >>confdefs.h <<\_ACEOF @@ -10570,10 +11432,10 @@ fi if test -z "$have_int64_t" ; then - echo "$as_me:10573: checking for int64_t type in sys/socket.h" >&5 + echo "$as_me:$LINENO: checking for int64_t type in sys/socket.h" >&5 echo $ECHO_N "checking for int64_t type in sys/socket.h... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 10576 "configure" +#line $LINENO "configure" #include "confdefs.h" #include #ifdef F77_DUMMY_MAIN @@ -10591,29 +11453,29 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:10594: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:10597: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:10600: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:10603: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then cat >>confdefs.h <<\_ACEOF #define HAVE_INT64_T 1 _ACEOF - echo "$as_me:10610: result: yes" >&5 + echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 - echo "$as_me:10616: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -10621,10 +11483,10 @@ fi if test -z "$have_int64_t" ; then - echo "$as_me:10624: checking for int64_t type in sys/bitypes.h" >&5 + echo "$as_me:$LINENO: checking for int64_t type in sys/bitypes.h" >&5 echo $ECHO_N "checking for int64_t type in sys/bitypes.h... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 10627 "configure" +#line $LINENO "configure" #include "confdefs.h" #include #ifdef F77_DUMMY_MAIN @@ -10642,43 +11504,43 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:10645: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:10648: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:10651: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:10654: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then cat >>confdefs.h <<\_ACEOF #define HAVE_INT64_T 1 _ACEOF - echo "$as_me:10661: result: yes" >&5 + echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 - echo "$as_me:10667: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:10674: checking for u_intXX_t types" >&5 +echo "$as_me:$LINENO: checking for u_intXX_t types" >&5 echo $ECHO_N "checking for u_intXX_t types... $ECHO_C" >&6 if test "${ac_cv_have_u_intxx_t+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 10681 "configure" +#line $LINENO "configure" #include "confdefs.h" #include #ifdef F77_DUMMY_MAIN @@ -10696,16 +11558,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:10699: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:10702: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:10705: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:10708: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_have_u_intxx_t="yes" else @@ -10717,7 +11579,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:10720: result: $ac_cv_have_u_intxx_t" >&5 +echo "$as_me:$LINENO: result: $ac_cv_have_u_intxx_t" >&5 echo "${ECHO_T}$ac_cv_have_u_intxx_t" >&6 if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then cat >>confdefs.h <<\_ACEOF @@ -10728,10 +11590,10 @@ fi if test -z "$have_u_intxx_t" ; then - echo "$as_me:10731: checking for u_intXX_t types in sys/socket.h" >&5 + echo "$as_me:$LINENO: checking for u_intXX_t types in sys/socket.h" >&5 echo $ECHO_N "checking for u_intXX_t types in sys/socket.h... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 10734 "configure" +#line $LINENO "configure" #include "confdefs.h" #include #ifdef F77_DUMMY_MAIN @@ -10749,43 +11611,43 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:10752: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:10755: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:10758: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:10761: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then cat >>confdefs.h <<\_ACEOF #define HAVE_U_INTXX_T 1 _ACEOF - echo "$as_me:10768: result: yes" >&5 + echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 - echo "$as_me:10774: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:10781: checking for u_int64_t types" >&5 +echo "$as_me:$LINENO: checking for u_int64_t types" >&5 echo $ECHO_N "checking for u_int64_t types... $ECHO_C" >&6 if test "${ac_cv_have_u_int64_t+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 10788 "configure" +#line $LINENO "configure" #include "confdefs.h" #include #ifdef F77_DUMMY_MAIN @@ -10803,16 +11665,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:10806: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:10809: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:10812: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:10815: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_have_u_int64_t="yes" else @@ -10824,7 +11686,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:10827: result: $ac_cv_have_u_int64_t" >&5 +echo "$as_me:$LINENO: result: $ac_cv_have_u_int64_t" >&5 echo "${ECHO_T}$ac_cv_have_u_int64_t" >&6 if test "x$ac_cv_have_u_int64_t" = "xyes" ; then cat >>confdefs.h <<\_ACEOF @@ -10835,10 +11697,10 @@ fi if test -z "$have_u_int64_t" ; then - echo "$as_me:10838: checking for u_int64_t type in sys/bitypes.h" >&5 + echo "$as_me:$LINENO: checking for u_int64_t type in sys/bitypes.h" >&5 echo $ECHO_N "checking for u_int64_t type in sys/bitypes.h... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 10841 "configure" +#line $LINENO "configure" #include "confdefs.h" #include #ifdef F77_DUMMY_MAIN @@ -10856,29 +11718,29 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:10859: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:10862: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:10865: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:10868: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then cat >>confdefs.h <<\_ACEOF #define HAVE_U_INT64_T 1 _ACEOF - echo "$as_me:10875: result: yes" >&5 + echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 - echo "$as_me:10881: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -10886,14 +11748,14 @@ fi if test -z "$have_u_intxx_t" ; then - echo "$as_me:10889: checking for uintXX_t types" >&5 + echo "$as_me:$LINENO: checking for uintXX_t types" >&5 echo $ECHO_N "checking for uintXX_t types... $ECHO_C" >&6 if test "${ac_cv_have_uintxx_t+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 10896 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -10913,16 +11775,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:10916: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:10919: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:10922: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:10925: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_have_uintxx_t="yes" else @@ -10934,7 +11796,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:10937: result: $ac_cv_have_uintxx_t" >&5 +echo "$as_me:$LINENO: result: $ac_cv_have_uintxx_t" >&5 echo "${ECHO_T}$ac_cv_have_uintxx_t" >&6 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then cat >>confdefs.h <<\_ACEOF @@ -10945,10 +11807,10 @@ fi if test -z "$have_uintxx_t" ; then - echo "$as_me:10948: checking for uintXX_t types in stdint.h" >&5 + echo "$as_me:$LINENO: checking for uintXX_t types in stdint.h" >&5 echo $ECHO_N "checking for uintXX_t types in stdint.h... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 10951 "configure" +#line $LINENO "configure" #include "confdefs.h" #include #ifdef F77_DUMMY_MAIN @@ -10966,29 +11828,29 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:10969: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:10972: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:10975: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:10978: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then cat >>confdefs.h <<\_ACEOF #define HAVE_UINTXX_T 1 _ACEOF - echo "$as_me:10985: result: yes" >&5 + echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 - echo "$as_me:10991: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -10998,10 +11860,10 @@ if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \ test "x$ac_cv_header_sys_bitypes_h" = "xyes") then - echo "$as_me:11001: checking for intXX_t and u_intXX_t types in sys/bitypes.h" >&5 + echo "$as_me:$LINENO: checking for intXX_t and u_intXX_t types in sys/bitypes.h" >&5 echo $ECHO_N "checking for intXX_t and u_intXX_t types in sys/bitypes.h... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 11004 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -11025,16 +11887,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:11028: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:11031: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:11034: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:11037: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then cat >>confdefs.h <<\_ACEOF @@ -11045,27 +11907,28 @@ #define HAVE_INTXX_T 1 _ACEOF - echo "$as_me:11048: result: yes" >&5 + echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 -echo "$as_me:11054: result: no" >&5 +echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:11061: checking for u_char" >&5 + +echo "$as_me:$LINENO: checking for u_char" >&5 echo $ECHO_N "checking for u_char... $ECHO_C" >&6 if test "${ac_cv_have_u_char+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 11068 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -11085,16 +11948,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:11088: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:11091: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:11094: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:11097: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_have_u_char="yes" else @@ -11106,7 +11969,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:11109: result: $ac_cv_have_u_char" >&5 +echo "$as_me:$LINENO: result: $ac_cv_have_u_char" >&5 echo "${ECHO_T}$ac_cv_have_u_char" >&6 if test "x$ac_cv_have_u_char" = "xyes" ; then cat >>confdefs.h <<\_ACEOF @@ -11115,13 +11978,14 @@ fi - echo "$as_me:11118: checking for socklen_t" >&5 + + echo "$as_me:$LINENO: checking for socklen_t" >&5 echo $ECHO_N "checking for socklen_t... $ECHO_C" >&6 if test "${ac_cv_type_socklen_t+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 11124 "configure" +#line $LINENO "configure" #include "confdefs.h" #include #include @@ -11144,16 +12008,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:11147: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:11150: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:11153: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:11156: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_type_socklen_t=yes else @@ -11163,13 +12027,13 @@ fi rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:11166: result: $ac_cv_type_socklen_t" >&5 +echo "$as_me:$LINENO: result: $ac_cv_type_socklen_t" >&5 echo "${ECHO_T}$ac_cv_type_socklen_t" >&6 if test $ac_cv_type_socklen_t = yes; then : else - echo "$as_me:11172: checking for socklen_t equivalent" >&5 + echo "$as_me:$LINENO: checking for socklen_t equivalent" >&5 echo $ECHO_N "checking for socklen_t equivalent... $ECHO_C" >&6 if test "${curl_cv_socklen_t_equiv+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -11181,7 +12045,7 @@ for arg2 in "struct sockaddr" void; do for t in int size_t unsigned long "unsigned long"; do cat >conftest.$ac_ext <<_ACEOF -#line 11184 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -11207,16 +12071,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:11210: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:11213: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:11216: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:11219: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then curl_cv_socklen_t_equiv="$t" @@ -11231,14 +12095,14 @@ done if test "x$curl_cv_socklen_t_equiv" = x; then - { { echo "$as_me:11234: error: Cannot find a type to use in place of socklen_t" >&5 + { { echo "$as_me:$LINENO: error: Cannot find a type to use in place of socklen_t" >&5 echo "$as_me: error: Cannot find a type to use in place of socklen_t" >&2;} { (exit 1); exit 1; }; } fi fi - echo "$as_me:11241: result: $curl_cv_socklen_t_equiv" >&5 + echo "$as_me:$LINENO: result: $curl_cv_socklen_t_equiv" >&5 echo "${ECHO_T}$curl_cv_socklen_t_equiv" >&6 cat >>confdefs.h <<_ACEOF @@ -11247,13 +12111,15 @@ fi -echo "$as_me:11250: checking for sig_atomic_t" >&5 + + +echo "$as_me:$LINENO: checking for sig_atomic_t" >&5 echo $ECHO_N "checking for sig_atomic_t... $ECHO_C" >&6 if test "${ac_cv_type_sig_atomic_t+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 11256 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -11275,16 +12141,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:11278: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:11281: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:11284: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:11287: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_type_sig_atomic_t=yes else @@ -11294,7 +12160,7 @@ fi rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:11297: result: $ac_cv_type_sig_atomic_t" >&5 +echo "$as_me:$LINENO: result: $ac_cv_type_sig_atomic_t" >&5 echo "${ECHO_T}$ac_cv_type_sig_atomic_t" >&6 if test $ac_cv_type_sig_atomic_t = yes; then @@ -11302,16 +12168,18 @@ #define HAVE_SIG_ATOMIC_T 1 _ACEOF + fi -echo "$as_me:11307: checking for size_t" >&5 + +echo "$as_me:$LINENO: checking for size_t" >&5 echo $ECHO_N "checking for size_t... $ECHO_C" >&6 if test "${ac_cv_have_size_t+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 11314 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -11331,16 +12199,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:11334: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:11337: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:11340: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:11343: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_have_size_t="yes" else @@ -11352,7 +12220,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:11355: result: $ac_cv_have_size_t" >&5 +echo "$as_me:$LINENO: result: $ac_cv_have_size_t" >&5 echo "${ECHO_T}$ac_cv_have_size_t" >&6 if test "x$ac_cv_have_size_t" = "xyes" ; then cat >>confdefs.h <<\_ACEOF @@ -11361,14 +12229,14 @@ fi -echo "$as_me:11364: checking for ssize_t" >&5 +echo "$as_me:$LINENO: checking for ssize_t" >&5 echo $ECHO_N "checking for ssize_t... $ECHO_C" >&6 if test "${ac_cv_have_ssize_t+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 11371 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -11388,16 +12256,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:11391: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:11394: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:11397: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:11400: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_have_ssize_t="yes" else @@ -11409,7 +12277,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:11412: result: $ac_cv_have_ssize_t" >&5 +echo "$as_me:$LINENO: result: $ac_cv_have_ssize_t" >&5 echo "${ECHO_T}$ac_cv_have_ssize_t" >&6 if test "x$ac_cv_have_ssize_t" = "xyes" ; then cat >>confdefs.h <<\_ACEOF @@ -11418,14 +12286,14 @@ fi -echo "$as_me:11421: checking for clock_t" >&5 +echo "$as_me:$LINENO: checking for clock_t" >&5 echo $ECHO_N "checking for clock_t... $ECHO_C" >&6 if test "${ac_cv_have_clock_t+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 11428 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -11445,16 +12313,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:11448: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:11451: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:11454: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:11457: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_have_clock_t="yes" else @@ -11466,7 +12334,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:11469: result: $ac_cv_have_clock_t" >&5 +echo "$as_me:$LINENO: result: $ac_cv_have_clock_t" >&5 echo "${ECHO_T}$ac_cv_have_clock_t" >&6 if test "x$ac_cv_have_clock_t" = "xyes" ; then cat >>confdefs.h <<\_ACEOF @@ -11475,14 +12343,14 @@ fi -echo "$as_me:11478: checking for sa_family_t" >&5 +echo "$as_me:$LINENO: checking for sa_family_t" >&5 echo $ECHO_N "checking for sa_family_t... $ECHO_C" >&6 if test "${ac_cv_have_sa_family_t+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 11485 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -11503,23 +12371,23 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:11506: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:11509: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:11512: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:11515: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_have_sa_family_t="yes" else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 cat >conftest.$ac_ext <<_ACEOF -#line 11522 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -11541,16 +12409,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:11544: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:11547: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:11550: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:11553: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_have_sa_family_t="yes" else @@ -11565,7 +12433,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:11568: result: $ac_cv_have_sa_family_t" >&5 +echo "$as_me:$LINENO: result: $ac_cv_have_sa_family_t" >&5 echo "${ECHO_T}$ac_cv_have_sa_family_t" >&6 if test "x$ac_cv_have_sa_family_t" = "xyes" ; then cat >>confdefs.h <<\_ACEOF @@ -11574,14 +12442,14 @@ fi -echo "$as_me:11577: checking for pid_t" >&5 +echo "$as_me:$LINENO: checking for pid_t" >&5 echo $ECHO_N "checking for pid_t... $ECHO_C" >&6 if test "${ac_cv_have_pid_t+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 11584 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -11601,16 +12469,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:11604: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:11607: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:11610: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:11613: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_have_pid_t="yes" else @@ -11622,7 +12490,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:11625: result: $ac_cv_have_pid_t" >&5 +echo "$as_me:$LINENO: result: $ac_cv_have_pid_t" >&5 echo "${ECHO_T}$ac_cv_have_pid_t" >&6 if test "x$ac_cv_have_pid_t" = "xyes" ; then cat >>confdefs.h <<\_ACEOF @@ -11631,14 +12499,14 @@ fi -echo "$as_me:11634: checking for mode_t" >&5 +echo "$as_me:$LINENO: checking for mode_t" >&5 echo $ECHO_N "checking for mode_t... $ECHO_C" >&6 if test "${ac_cv_have_mode_t+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 11641 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -11658,16 +12526,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:11661: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:11664: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:11667: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:11670: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_have_mode_t="yes" else @@ -11679,7 +12547,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:11682: result: $ac_cv_have_mode_t" >&5 +echo "$as_me:$LINENO: result: $ac_cv_have_mode_t" >&5 echo "${ECHO_T}$ac_cv_have_mode_t" >&6 if test "x$ac_cv_have_mode_t" = "xyes" ; then cat >>confdefs.h <<\_ACEOF @@ -11688,14 +12556,15 @@ fi -echo "$as_me:11691: checking for struct sockaddr_storage" >&5 + +echo "$as_me:$LINENO: checking for struct sockaddr_storage" >&5 echo $ECHO_N "checking for struct sockaddr_storage... $ECHO_C" >&6 if test "${ac_cv_have_struct_sockaddr_storage+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 11698 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -11716,16 +12585,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:11719: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:11722: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:11725: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:11728: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_have_struct_sockaddr_storage="yes" else @@ -11737,7 +12606,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:11740: result: $ac_cv_have_struct_sockaddr_storage" >&5 +echo "$as_me:$LINENO: result: $ac_cv_have_struct_sockaddr_storage" >&5 echo "${ECHO_T}$ac_cv_have_struct_sockaddr_storage" >&6 if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then cat >>confdefs.h <<\_ACEOF @@ -11746,14 +12615,14 @@ fi -echo "$as_me:11749: checking for struct sockaddr_in6" >&5 +echo "$as_me:$LINENO: checking for struct sockaddr_in6" >&5 echo $ECHO_N "checking for struct sockaddr_in6... $ECHO_C" >&6 if test "${ac_cv_have_struct_sockaddr_in6+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 11756 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -11774,16 +12643,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:11777: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:11780: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:11783: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:11786: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_have_struct_sockaddr_in6="yes" else @@ -11795,7 +12664,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:11798: result: $ac_cv_have_struct_sockaddr_in6" >&5 +echo "$as_me:$LINENO: result: $ac_cv_have_struct_sockaddr_in6" >&5 echo "${ECHO_T}$ac_cv_have_struct_sockaddr_in6" >&6 if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then cat >>confdefs.h <<\_ACEOF @@ -11804,14 +12673,14 @@ fi -echo "$as_me:11807: checking for struct in6_addr" >&5 +echo "$as_me:$LINENO: checking for struct in6_addr" >&5 echo $ECHO_N "checking for struct in6_addr... $ECHO_C" >&6 if test "${ac_cv_have_struct_in6_addr+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 11814 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -11832,16 +12701,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:11835: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:11838: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:11841: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:11844: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_have_struct_in6_addr="yes" else @@ -11853,7 +12722,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:11856: result: $ac_cv_have_struct_in6_addr" >&5 +echo "$as_me:$LINENO: result: $ac_cv_have_struct_in6_addr" >&5 echo "${ECHO_T}$ac_cv_have_struct_in6_addr" >&6 if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then cat >>confdefs.h <<\_ACEOF @@ -11862,14 +12731,14 @@ fi -echo "$as_me:11865: checking for struct addrinfo" >&5 +echo "$as_me:$LINENO: checking for struct addrinfo" >&5 echo $ECHO_N "checking for struct addrinfo... $ECHO_C" >&6 if test "${ac_cv_have_struct_addrinfo+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 11872 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -11891,16 +12760,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:11894: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:11897: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:11900: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:11903: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_have_struct_addrinfo="yes" else @@ -11912,7 +12781,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:11915: result: $ac_cv_have_struct_addrinfo" >&5 +echo "$as_me:$LINENO: result: $ac_cv_have_struct_addrinfo" >&5 echo "${ECHO_T}$ac_cv_have_struct_addrinfo" >&6 if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then cat >>confdefs.h <<\_ACEOF @@ -11921,14 +12790,14 @@ fi -echo "$as_me:11924: checking for struct timeval" >&5 +echo "$as_me:$LINENO: checking for struct timeval" >&5 echo $ECHO_N "checking for struct timeval... $ECHO_C" >&6 if test "${ac_cv_have_struct_timeval+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 11931 "configure" +#line $LINENO "configure" #include "confdefs.h" #include #ifdef F77_DUMMY_MAIN @@ -11946,16 +12815,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:11949: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:11952: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:11955: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:11958: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_have_struct_timeval="yes" else @@ -11967,7 +12836,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:11970: result: $ac_cv_have_struct_timeval" >&5 +echo "$as_me:$LINENO: result: $ac_cv_have_struct_timeval" >&5 echo "${ECHO_T}$ac_cv_have_struct_timeval" >&6 if test "x$ac_cv_have_struct_timeval" = "xyes" ; then cat >>confdefs.h <<\_ACEOF @@ -11985,12 +12854,12 @@ NO_SFTP='#' else if test "$cross_compiling" = yes; then - { { echo "$as_me:11988: error: cannot run test program while cross compiling" >&5 + { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling" >&5 echo "$as_me: error: cannot run test program while cross compiling" >&2;} { (exit 1); exit 1; }; } else cat >conftest.$ac_ext <<_ACEOF -#line 11993 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -12018,41 +12887,45 @@ _ACEOF rm -f conftest$ac_exeext -if { (eval echo "$as_me:12021: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:12024: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (eval echo "$as_me:12026: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:12029: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then true else echo "$as_me: program exited with status $ac_status" >&5 echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 +( exit $ac_status ) cat >>confdefs.h <<\_ACEOF #define BROKEN_SNPRINTF 1 _ACEOF + fi rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext fi fi + + # look for field 'ut_host' in header 'utmp.h' ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` ossh_varname="ossh_cv_$ossh_safe""_has_"ut_host - echo "$as_me:12048: checking for ut_host field in utmp.h" >&5 + echo "$as_me:$LINENO: checking for ut_host field in utmp.h" >&5 echo $ECHO_N "checking for ut_host field in utmp.h... $ECHO_C" >&6 if eval "test \"\${$ossh_varname+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 12055 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -12069,7 +12942,7 @@ ossh_result=`eval 'echo $'"$ossh_varname"` if test -n "`echo $ossh_varname`"; then - echo "$as_me:12072: result: $ossh_result" >&5 + echo "$as_me:$LINENO: result: $ossh_result" >&5 echo "${ECHO_T}$ossh_result" >&6 if test "x$ossh_result" = "xyes"; then cat >>confdefs.h <<\_ACEOF @@ -12078,21 +12951,22 @@ fi else - echo "$as_me:12081: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi + # look for field 'ut_host' in header 'utmpx.h' ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` ossh_varname="ossh_cv_$ossh_safe""_has_"ut_host - echo "$as_me:12088: checking for ut_host field in utmpx.h" >&5 + echo "$as_me:$LINENO: checking for ut_host field in utmpx.h" >&5 echo $ECHO_N "checking for ut_host field in utmpx.h... $ECHO_C" >&6 if eval "test \"\${$ossh_varname+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 12095 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -12109,7 +12983,7 @@ ossh_result=`eval 'echo $'"$ossh_varname"` if test -n "`echo $ossh_varname`"; then - echo "$as_me:12112: result: $ossh_result" >&5 + echo "$as_me:$LINENO: result: $ossh_result" >&5 echo "${ECHO_T}$ossh_result" >&6 if test "x$ossh_result" = "xyes"; then cat >>confdefs.h <<\_ACEOF @@ -12118,21 +12992,22 @@ fi else - echo "$as_me:12121: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi + # look for field 'syslen' in header 'utmpx.h' ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` ossh_varname="ossh_cv_$ossh_safe""_has_"syslen - echo "$as_me:12128: checking for syslen field in utmpx.h" >&5 + echo "$as_me:$LINENO: checking for syslen field in utmpx.h" >&5 echo $ECHO_N "checking for syslen field in utmpx.h... $ECHO_C" >&6 if eval "test \"\${$ossh_varname+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 12135 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -12149,7 +13024,7 @@ ossh_result=`eval 'echo $'"$ossh_varname"` if test -n "`echo $ossh_varname`"; then - echo "$as_me:12152: result: $ossh_result" >&5 + echo "$as_me:$LINENO: result: $ossh_result" >&5 echo "${ECHO_T}$ossh_result" >&6 if test "x$ossh_result" = "xyes"; then cat >>confdefs.h <<\_ACEOF @@ -12158,21 +13033,22 @@ fi else - echo "$as_me:12161: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi + # look for field 'ut_pid' in header 'utmp.h' ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` ossh_varname="ossh_cv_$ossh_safe""_has_"ut_pid - echo "$as_me:12168: checking for ut_pid field in utmp.h" >&5 + echo "$as_me:$LINENO: checking for ut_pid field in utmp.h" >&5 echo $ECHO_N "checking for ut_pid field in utmp.h... $ECHO_C" >&6 if eval "test \"\${$ossh_varname+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 12175 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -12189,7 +13065,7 @@ ossh_result=`eval 'echo $'"$ossh_varname"` if test -n "`echo $ossh_varname`"; then - echo "$as_me:12192: result: $ossh_result" >&5 + echo "$as_me:$LINENO: result: $ossh_result" >&5 echo "${ECHO_T}$ossh_result" >&6 if test "x$ossh_result" = "xyes"; then cat >>confdefs.h <<\_ACEOF @@ -12198,21 +13074,22 @@ fi else - echo "$as_me:12201: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi + # look for field 'ut_type' in header 'utmp.h' ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` ossh_varname="ossh_cv_$ossh_safe""_has_"ut_type - echo "$as_me:12208: checking for ut_type field in utmp.h" >&5 + echo "$as_me:$LINENO: checking for ut_type field in utmp.h" >&5 echo $ECHO_N "checking for ut_type field in utmp.h... $ECHO_C" >&6 if eval "test \"\${$ossh_varname+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 12215 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -12229,7 +13106,7 @@ ossh_result=`eval 'echo $'"$ossh_varname"` if test -n "`echo $ossh_varname`"; then - echo "$as_me:12232: result: $ossh_result" >&5 + echo "$as_me:$LINENO: result: $ossh_result" >&5 echo "${ECHO_T}$ossh_result" >&6 if test "x$ossh_result" = "xyes"; then cat >>confdefs.h <<\_ACEOF @@ -12238,21 +13115,22 @@ fi else - echo "$as_me:12241: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi + # look for field 'ut_type' in header 'utmpx.h' ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` ossh_varname="ossh_cv_$ossh_safe""_has_"ut_type - echo "$as_me:12248: checking for ut_type field in utmpx.h" >&5 + echo "$as_me:$LINENO: checking for ut_type field in utmpx.h" >&5 echo $ECHO_N "checking for ut_type field in utmpx.h... $ECHO_C" >&6 if eval "test \"\${$ossh_varname+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 12255 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -12269,7 +13147,7 @@ ossh_result=`eval 'echo $'"$ossh_varname"` if test -n "`echo $ossh_varname`"; then - echo "$as_me:12272: result: $ossh_result" >&5 + echo "$as_me:$LINENO: result: $ossh_result" >&5 echo "${ECHO_T}$ossh_result" >&6 if test "x$ossh_result" = "xyes"; then cat >>confdefs.h <<\_ACEOF @@ -12278,21 +13156,22 @@ fi else - echo "$as_me:12281: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi + # look for field 'ut_tv' in header 'utmp.h' ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` ossh_varname="ossh_cv_$ossh_safe""_has_"ut_tv - echo "$as_me:12288: checking for ut_tv field in utmp.h" >&5 + echo "$as_me:$LINENO: checking for ut_tv field in utmp.h" >&5 echo $ECHO_N "checking for ut_tv field in utmp.h... $ECHO_C" >&6 if eval "test \"\${$ossh_varname+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 12295 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -12309,7 +13188,7 @@ ossh_result=`eval 'echo $'"$ossh_varname"` if test -n "`echo $ossh_varname`"; then - echo "$as_me:12312: result: $ossh_result" >&5 + echo "$as_me:$LINENO: result: $ossh_result" >&5 echo "${ECHO_T}$ossh_result" >&6 if test "x$ossh_result" = "xyes"; then cat >>confdefs.h <<\_ACEOF @@ -12318,21 +13197,22 @@ fi else - echo "$as_me:12321: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi + # look for field 'ut_id' in header 'utmp.h' ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` ossh_varname="ossh_cv_$ossh_safe""_has_"ut_id - echo "$as_me:12328: checking for ut_id field in utmp.h" >&5 + echo "$as_me:$LINENO: checking for ut_id field in utmp.h" >&5 echo $ECHO_N "checking for ut_id field in utmp.h... $ECHO_C" >&6 if eval "test \"\${$ossh_varname+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 12335 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -12349,7 +13229,7 @@ ossh_result=`eval 'echo $'"$ossh_varname"` if test -n "`echo $ossh_varname`"; then - echo "$as_me:12352: result: $ossh_result" >&5 + echo "$as_me:$LINENO: result: $ossh_result" >&5 echo "${ECHO_T}$ossh_result" >&6 if test "x$ossh_result" = "xyes"; then cat >>confdefs.h <<\_ACEOF @@ -12358,21 +13238,22 @@ fi else - echo "$as_me:12361: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi + # look for field 'ut_id' in header 'utmpx.h' ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` ossh_varname="ossh_cv_$ossh_safe""_has_"ut_id - echo "$as_me:12368: checking for ut_id field in utmpx.h" >&5 + echo "$as_me:$LINENO: checking for ut_id field in utmpx.h" >&5 echo $ECHO_N "checking for ut_id field in utmpx.h... $ECHO_C" >&6 if eval "test \"\${$ossh_varname+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 12375 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -12389,7 +13270,7 @@ ossh_result=`eval 'echo $'"$ossh_varname"` if test -n "`echo $ossh_varname`"; then - echo "$as_me:12392: result: $ossh_result" >&5 + echo "$as_me:$LINENO: result: $ossh_result" >&5 echo "${ECHO_T}$ossh_result" >&6 if test "x$ossh_result" = "xyes"; then cat >>confdefs.h <<\_ACEOF @@ -12398,21 +13279,22 @@ fi else - echo "$as_me:12401: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi + # look for field 'ut_addr' in header 'utmp.h' ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` ossh_varname="ossh_cv_$ossh_safe""_has_"ut_addr - echo "$as_me:12408: checking for ut_addr field in utmp.h" >&5 + echo "$as_me:$LINENO: checking for ut_addr field in utmp.h" >&5 echo $ECHO_N "checking for ut_addr field in utmp.h... $ECHO_C" >&6 if eval "test \"\${$ossh_varname+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 12415 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -12429,7 +13311,7 @@ ossh_result=`eval 'echo $'"$ossh_varname"` if test -n "`echo $ossh_varname`"; then - echo "$as_me:12432: result: $ossh_result" >&5 + echo "$as_me:$LINENO: result: $ossh_result" >&5 echo "${ECHO_T}$ossh_result" >&6 if test "x$ossh_result" = "xyes"; then cat >>confdefs.h <<\_ACEOF @@ -12438,21 +13320,22 @@ fi else - echo "$as_me:12441: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi + # look for field 'ut_addr' in header 'utmpx.h' ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` ossh_varname="ossh_cv_$ossh_safe""_has_"ut_addr - echo "$as_me:12448: checking for ut_addr field in utmpx.h" >&5 + echo "$as_me:$LINENO: checking for ut_addr field in utmpx.h" >&5 echo $ECHO_N "checking for ut_addr field in utmpx.h... $ECHO_C" >&6 if eval "test \"\${$ossh_varname+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 12455 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -12469,7 +13352,7 @@ ossh_result=`eval 'echo $'"$ossh_varname"` if test -n "`echo $ossh_varname`"; then - echo "$as_me:12472: result: $ossh_result" >&5 + echo "$as_me:$LINENO: result: $ossh_result" >&5 echo "${ECHO_T}$ossh_result" >&6 if test "x$ossh_result" = "xyes"; then cat >>confdefs.h <<\_ACEOF @@ -12478,21 +13361,22 @@ fi else - echo "$as_me:12481: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi + # look for field 'ut_addr_v6' in header 'utmp.h' ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` ossh_varname="ossh_cv_$ossh_safe""_has_"ut_addr_v6 - echo "$as_me:12488: checking for ut_addr_v6 field in utmp.h" >&5 + echo "$as_me:$LINENO: checking for ut_addr_v6 field in utmp.h" >&5 echo $ECHO_N "checking for ut_addr_v6 field in utmp.h... $ECHO_C" >&6 if eval "test \"\${$ossh_varname+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 12495 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -12509,7 +13393,7 @@ ossh_result=`eval 'echo $'"$ossh_varname"` if test -n "`echo $ossh_varname`"; then - echo "$as_me:12512: result: $ossh_result" >&5 + echo "$as_me:$LINENO: result: $ossh_result" >&5 echo "${ECHO_T}$ossh_result" >&6 if test "x$ossh_result" = "xyes"; then cat >>confdefs.h <<\_ACEOF @@ -12518,21 +13402,22 @@ fi else - echo "$as_me:12521: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi + # look for field 'ut_addr_v6' in header 'utmpx.h' ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` ossh_varname="ossh_cv_$ossh_safe""_has_"ut_addr_v6 - echo "$as_me:12528: checking for ut_addr_v6 field in utmpx.h" >&5 + echo "$as_me:$LINENO: checking for ut_addr_v6 field in utmpx.h" >&5 echo $ECHO_N "checking for ut_addr_v6 field in utmpx.h... $ECHO_C" >&6 if eval "test \"\${$ossh_varname+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 12535 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -12549,7 +13434,7 @@ ossh_result=`eval 'echo $'"$ossh_varname"` if test -n "`echo $ossh_varname`"; then - echo "$as_me:12552: result: $ossh_result" >&5 + echo "$as_me:$LINENO: result: $ossh_result" >&5 echo "${ECHO_T}$ossh_result" >&6 if test "x$ossh_result" = "xyes"; then cat >>confdefs.h <<\_ACEOF @@ -12558,21 +13443,22 @@ fi else - echo "$as_me:12561: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi + # look for field 'ut_exit' in header 'utmp.h' ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` ossh_varname="ossh_cv_$ossh_safe""_has_"ut_exit - echo "$as_me:12568: checking for ut_exit field in utmp.h" >&5 + echo "$as_me:$LINENO: checking for ut_exit field in utmp.h" >&5 echo $ECHO_N "checking for ut_exit field in utmp.h... $ECHO_C" >&6 if eval "test \"\${$ossh_varname+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 12575 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -12589,7 +13475,7 @@ ossh_result=`eval 'echo $'"$ossh_varname"` if test -n "`echo $ossh_varname`"; then - echo "$as_me:12592: result: $ossh_result" >&5 + echo "$as_me:$LINENO: result: $ossh_result" >&5 echo "${ECHO_T}$ossh_result" >&6 if test "x$ossh_result" = "xyes"; then cat >>confdefs.h <<\_ACEOF @@ -12598,21 +13484,22 @@ fi else - echo "$as_me:12601: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi + # look for field 'ut_time' in header 'utmp.h' ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` ossh_varname="ossh_cv_$ossh_safe""_has_"ut_time - echo "$as_me:12608: checking for ut_time field in utmp.h" >&5 + echo "$as_me:$LINENO: checking for ut_time field in utmp.h" >&5 echo $ECHO_N "checking for ut_time field in utmp.h... $ECHO_C" >&6 if eval "test \"\${$ossh_varname+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 12615 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -12629,7 +13516,7 @@ ossh_result=`eval 'echo $'"$ossh_varname"` if test -n "`echo $ossh_varname`"; then - echo "$as_me:12632: result: $ossh_result" >&5 + echo "$as_me:$LINENO: result: $ossh_result" >&5 echo "${ECHO_T}$ossh_result" >&6 if test "x$ossh_result" = "xyes"; then cat >>confdefs.h <<\_ACEOF @@ -12638,21 +13525,22 @@ fi else - echo "$as_me:12641: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi + # look for field 'ut_time' in header 'utmpx.h' ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` ossh_varname="ossh_cv_$ossh_safe""_has_"ut_time - echo "$as_me:12648: checking for ut_time field in utmpx.h" >&5 + echo "$as_me:$LINENO: checking for ut_time field in utmpx.h" >&5 echo $ECHO_N "checking for ut_time field in utmpx.h... $ECHO_C" >&6 if eval "test \"\${$ossh_varname+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 12655 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -12669,7 +13557,7 @@ ossh_result=`eval 'echo $'"$ossh_varname"` if test -n "`echo $ossh_varname`"; then - echo "$as_me:12672: result: $ossh_result" >&5 + echo "$as_me:$LINENO: result: $ossh_result" >&5 echo "${ECHO_T}$ossh_result" >&6 if test "x$ossh_result" = "xyes"; then cat >>confdefs.h <<\_ACEOF @@ -12678,21 +13566,22 @@ fi else - echo "$as_me:12681: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi + # look for field 'ut_tv' in header 'utmpx.h' ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` ossh_varname="ossh_cv_$ossh_safe""_has_"ut_tv - echo "$as_me:12688: checking for ut_tv field in utmpx.h" >&5 + echo "$as_me:$LINENO: checking for ut_tv field in utmpx.h" >&5 echo $ECHO_N "checking for ut_tv field in utmpx.h... $ECHO_C" >&6 if eval "test \"\${$ossh_varname+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 12695 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -12709,7 +13598,7 @@ ossh_result=`eval 'echo $'"$ossh_varname"` if test -n "`echo $ossh_varname`"; then - echo "$as_me:12712: result: $ossh_result" >&5 + echo "$as_me:$LINENO: result: $ossh_result" >&5 echo "${ECHO_T}$ossh_result" >&6 if test "x$ossh_result" = "xyes"; then cat >>confdefs.h <<\_ACEOF @@ -12718,17 +13607,18 @@ fi else - echo "$as_me:12721: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi -echo "$as_me:12725: checking for struct stat.st_blksize" >&5 + +echo "$as_me:$LINENO: checking for struct stat.st_blksize" >&5 echo $ECHO_N "checking for struct stat.st_blksize... $ECHO_C" >&6 if test "${ac_cv_member_struct_stat_st_blksize+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 12731 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #ifdef F77_DUMMY_MAIN @@ -12748,16 +13638,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:12751: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:12754: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:12757: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:12760: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_member_struct_stat_st_blksize=yes else @@ -12767,7 +13657,7 @@ fi rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:12770: result: $ac_cv_member_struct_stat_st_blksize" >&5 +echo "$as_me:$LINENO: result: $ac_cv_member_struct_stat_st_blksize" >&5 echo "${ECHO_T}$ac_cv_member_struct_stat_st_blksize" >&6 if test $ac_cv_member_struct_stat_st_blksize = yes; then @@ -12775,16 +13665,18 @@ #define HAVE_STRUCT_STAT_ST_BLKSIZE 1 _ACEOF + fi -echo "$as_me:12780: checking for ss_family field in struct sockaddr_storage" >&5 + +echo "$as_me:$LINENO: checking for ss_family field in struct sockaddr_storage" >&5 echo $ECHO_N "checking for ss_family field in struct sockaddr_storage... $ECHO_C" >&6 if test "${ac_cv_have_ss_family_in_struct_ss+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 12787 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -12805,16 +13697,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:12808: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:12811: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:12814: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:12817: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_have_ss_family_in_struct_ss="yes" else @@ -12825,7 +13717,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:12828: result: $ac_cv_have_ss_family_in_struct_ss" >&5 +echo "$as_me:$LINENO: result: $ac_cv_have_ss_family_in_struct_ss" >&5 echo "${ECHO_T}$ac_cv_have_ss_family_in_struct_ss" >&6 if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then cat >>confdefs.h <<\_ACEOF @@ -12834,14 +13726,14 @@ fi -echo "$as_me:12837: checking for __ss_family field in struct sockaddr_storage" >&5 +echo "$as_me:$LINENO: checking for __ss_family field in struct sockaddr_storage" >&5 echo $ECHO_N "checking for __ss_family field in struct sockaddr_storage... $ECHO_C" >&6 if test "${ac_cv_have___ss_family_in_struct_ss+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 12844 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -12862,16 +13754,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:12865: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:12868: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:12871: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:12874: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_have___ss_family_in_struct_ss="yes" else @@ -12883,7 +13775,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:12886: result: $ac_cv_have___ss_family_in_struct_ss" >&5 +echo "$as_me:$LINENO: result: $ac_cv_have___ss_family_in_struct_ss" >&5 echo "${ECHO_T}$ac_cv_have___ss_family_in_struct_ss" >&6 if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then cat >>confdefs.h <<\_ACEOF @@ -12892,14 +13784,14 @@ fi -echo "$as_me:12895: checking for pw_class field in struct passwd" >&5 +echo "$as_me:$LINENO: checking for pw_class field in struct passwd" >&5 echo $ECHO_N "checking for pw_class field in struct passwd... $ECHO_C" >&6 if test "${ac_cv_have_pw_class_in_struct_passwd+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 12902 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -12919,16 +13811,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:12922: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:12925: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:12928: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:12931: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_have_pw_class_in_struct_passwd="yes" else @@ -12940,7 +13832,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:12943: result: $ac_cv_have_pw_class_in_struct_passwd" >&5 +echo "$as_me:$LINENO: result: $ac_cv_have_pw_class_in_struct_passwd" >&5 echo "${ECHO_T}$ac_cv_have_pw_class_in_struct_passwd" >&6 if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then cat >>confdefs.h <<\_ACEOF @@ -12949,14 +13841,14 @@ fi -echo "$as_me:12952: checking for pw_expire field in struct passwd" >&5 +echo "$as_me:$LINENO: checking for pw_expire field in struct passwd" >&5 echo $ECHO_N "checking for pw_expire field in struct passwd... $ECHO_C" >&6 if test "${ac_cv_have_pw_expire_in_struct_passwd+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 12959 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -12976,16 +13868,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:12979: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:12982: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:12985: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:12988: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_have_pw_expire_in_struct_passwd="yes" else @@ -12997,7 +13889,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:13000: result: $ac_cv_have_pw_expire_in_struct_passwd" >&5 +echo "$as_me:$LINENO: result: $ac_cv_have_pw_expire_in_struct_passwd" >&5 echo "${ECHO_T}$ac_cv_have_pw_expire_in_struct_passwd" >&6 if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then cat >>confdefs.h <<\_ACEOF @@ -13006,14 +13898,14 @@ fi -echo "$as_me:13009: checking for pw_change field in struct passwd" >&5 +echo "$as_me:$LINENO: checking for pw_change field in struct passwd" >&5 echo $ECHO_N "checking for pw_change field in struct passwd... $ECHO_C" >&6 if test "${ac_cv_have_pw_change_in_struct_passwd+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 13016 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -13033,16 +13925,16 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:13036: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:13039: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:13042: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:13045: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_have_pw_change_in_struct_passwd="yes" else @@ -13054,7 +13946,7 @@ rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:13057: result: $ac_cv_have_pw_change_in_struct_passwd" >&5 +echo "$as_me:$LINENO: result: $ac_cv_have_pw_change_in_struct_passwd" >&5 echo "${ECHO_T}$ac_cv_have_pw_change_in_struct_passwd" >&6 if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then cat >>confdefs.h <<\_ACEOF @@ -13063,16 +13955,20 @@ fi -echo "$as_me:13066: checking if libc defines __progname" >&5 -echo $ECHO_N "checking if libc defines __progname... $ECHO_C" >&6 -if test "${ac_cv_libc_defines___progname+set}" = set; then +echo "$as_me:$LINENO: checking for msg_accrights field in struct msghdr" >&5 +echo $ECHO_N "checking for msg_accrights field in struct msghdr... $ECHO_C" >&6 +if test "${ac_cv_have_accrights_in_msghdr+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 13073 "configure" +#line $LINENO "configure" #include "confdefs.h" +#include +#include +#include + #ifdef F77_DUMMY_MAIN # ifdef __cplusplus extern "C" @@ -13082,53 +13978,55 @@ int main () { - extern char *__progname; printf("%s", __progname); + struct msghdr m; m.msg_accrights = 0; ; return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:13091: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:13094: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:13097: \"$ac_try\"") >&5 + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:13100: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then - ac_cv_libc_defines___progname="yes" + ac_cv_have_accrights_in_msghdr="yes" else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 - ac_cv_libc_defines___progname="no" + ac_cv_have_accrights_in_msghdr="no" fi -rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext +rm -f conftest.$ac_objext conftest.$ac_ext fi -echo "$as_me:13112: result: $ac_cv_libc_defines___progname" >&5 -echo "${ECHO_T}$ac_cv_libc_defines___progname" >&6 -if test "x$ac_cv_libc_defines___progname" = "xyes" ; then +echo "$as_me:$LINENO: result: $ac_cv_have_accrights_in_msghdr" >&5 +echo "${ECHO_T}$ac_cv_have_accrights_in_msghdr" >&6 +if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then cat >>confdefs.h <<\_ACEOF -#define HAVE___PROGNAME 1 +#define HAVE_ACCRIGHTS_IN_MSGHDR 1 _ACEOF fi -echo "$as_me:13121: checking whether getopt has optreset support" >&5 -echo $ECHO_N "checking whether getopt has optreset support... $ECHO_C" >&6 -if test "${ac_cv_have_getopt_optreset+set}" = set; then +echo "$as_me:$LINENO: checking for msg_control field in struct msghdr" >&5 +echo $ECHO_N "checking for msg_control field in struct msghdr... $ECHO_C" >&6 +if test "${ac_cv_have_control_in_msghdr+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 13128 "configure" +#line $LINENO "configure" #include "confdefs.h" -#include +#include +#include +#include #ifdef F77_DUMMY_MAIN # ifdef __cplusplus @@ -13139,22 +14037,248 @@ int main () { - extern int optreset; optreset = 0; + struct msghdr m; m.msg_control = 0; ; return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:13148: \"$ac_link\"") >&5 +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_have_control_in_msghdr="yes" +else + echo "$as_me: failed program was:" >&5 +cat conftest.$ac_ext >&5 + ac_cv_have_control_in_msghdr="no" + +fi +rm -f conftest.$ac_objext conftest.$ac_ext + +fi +echo "$as_me:$LINENO: result: $ac_cv_have_control_in_msghdr" >&5 +echo "${ECHO_T}$ac_cv_have_control_in_msghdr" >&6 +if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then + cat >>confdefs.h <<\_ACEOF +#define HAVE_CONTROL_IN_MSGHDR 1 +_ACEOF + +fi + +echo "$as_me:$LINENO: checking if libc defines __progname" >&5 +echo $ECHO_N "checking if libc defines __progname... $ECHO_C" >&6 +if test "${ac_cv_libc_defines___progname+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + + cat >conftest.$ac_ext <<_ACEOF +#line $LINENO "configure" +#include "confdefs.h" + +#ifdef F77_DUMMY_MAIN +# ifdef __cplusplus + extern "C" +# endif + int F77_DUMMY_MAIN() { return 1; } +#endif +int +main () +{ + extern char *__progname; printf("%s", __progname); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_libc_defines___progname="yes" +else + echo "$as_me: failed program was:" >&5 +cat conftest.$ac_ext >&5 + ac_cv_libc_defines___progname="no" + +fi +rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext + +fi +echo "$as_me:$LINENO: result: $ac_cv_libc_defines___progname" >&5 +echo "${ECHO_T}$ac_cv_libc_defines___progname" >&6 +if test "x$ac_cv_libc_defines___progname" = "xyes" ; then + cat >>confdefs.h <<\_ACEOF +#define HAVE___PROGNAME 1 +_ACEOF + +fi + +echo "$as_me:$LINENO: checking whether $CC implements __FUNCTION__" >&5 +echo $ECHO_N "checking whether $CC implements __FUNCTION__... $ECHO_C" >&6 +if test "${ac_cv_cc_implements___FUNCTION__+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + + cat >conftest.$ac_ext <<_ACEOF +#line $LINENO "configure" +#include "confdefs.h" + +#include + +#ifdef F77_DUMMY_MAIN +# ifdef __cplusplus + extern "C" +# endif + int F77_DUMMY_MAIN() { return 1; } +#endif +int +main () +{ + printf("%s", __FUNCTION__); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_cc_implements___FUNCTION__="yes" +else + echo "$as_me: failed program was:" >&5 +cat conftest.$ac_ext >&5 + ac_cv_cc_implements___FUNCTION__="no" + +fi +rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext + +fi +echo "$as_me:$LINENO: result: $ac_cv_cc_implements___FUNCTION__" >&5 +echo "${ECHO_T}$ac_cv_cc_implements___FUNCTION__" >&6 +if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then + cat >>confdefs.h <<\_ACEOF +#define HAVE___FUNCTION__ 1 +_ACEOF + +fi + +echo "$as_me:$LINENO: checking whether $CC implements __func__" >&5 +echo $ECHO_N "checking whether $CC implements __func__... $ECHO_C" >&6 +if test "${ac_cv_cc_implements___func__+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + + cat >conftest.$ac_ext <<_ACEOF +#line $LINENO "configure" +#include "confdefs.h" + +#include + +#ifdef F77_DUMMY_MAIN +# ifdef __cplusplus + extern "C" +# endif + int F77_DUMMY_MAIN() { return 1; } +#endif +int +main () +{ + printf("%s", __func__); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_cc_implements___func__="yes" +else + echo "$as_me: failed program was:" >&5 +cat conftest.$ac_ext >&5 + ac_cv_cc_implements___func__="no" + +fi +rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext + +fi +echo "$as_me:$LINENO: result: $ac_cv_cc_implements___func__" >&5 +echo "${ECHO_T}$ac_cv_cc_implements___func__" >&6 +if test "x$ac_cv_cc_implements___func__" = "xyes" ; then + cat >>confdefs.h <<\_ACEOF +#define HAVE___func__ 1 +_ACEOF + +fi + +echo "$as_me:$LINENO: checking whether getopt has optreset support" >&5 +echo $ECHO_N "checking whether getopt has optreset support... $ECHO_C" >&6 +if test "${ac_cv_have_getopt_optreset+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + + cat >conftest.$ac_ext <<_ACEOF +#line $LINENO "configure" +#include "confdefs.h" + +#include + +#ifdef F77_DUMMY_MAIN +# ifdef __cplusplus + extern "C" +# endif + int F77_DUMMY_MAIN() { return 1; } +#endif +int +main () +{ + extern int optreset; optreset = 0; + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:13151: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:13154: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:13157: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_have_getopt_optreset="yes" else @@ -13166,7 +14290,7 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext fi -echo "$as_me:13169: result: $ac_cv_have_getopt_optreset" >&5 +echo "$as_me:$LINENO: result: $ac_cv_have_getopt_optreset" >&5 echo "${ECHO_T}$ac_cv_have_getopt_optreset" >&6 if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then cat >>confdefs.h <<\_ACEOF @@ -13175,14 +14299,14 @@ fi -echo "$as_me:13178: checking if libc defines sys_errlist" >&5 +echo "$as_me:$LINENO: checking if libc defines sys_errlist" >&5 echo $ECHO_N "checking if libc defines sys_errlist... $ECHO_C" >&6 if test "${ac_cv_libc_defines_sys_errlist+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 13185 "configure" +#line $LINENO "configure" #include "confdefs.h" #ifdef F77_DUMMY_MAIN @@ -13200,16 +14324,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:13203: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:13206: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:13209: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:13212: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_libc_defines_sys_errlist="yes" else @@ -13221,7 +14345,7 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext fi -echo "$as_me:13224: result: $ac_cv_libc_defines_sys_errlist" >&5 +echo "$as_me:$LINENO: result: $ac_cv_libc_defines_sys_errlist" >&5 echo "${ECHO_T}$ac_cv_libc_defines_sys_errlist" >&6 if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then cat >>confdefs.h <<\_ACEOF @@ -13230,14 +14354,15 @@ fi -echo "$as_me:13233: checking if libc defines sys_nerr" >&5 + +echo "$as_me:$LINENO: checking if libc defines sys_nerr" >&5 echo $ECHO_N "checking if libc defines sys_nerr... $ECHO_C" >&6 if test "${ac_cv_libc_defines_sys_nerr+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line 13240 "configure" +#line $LINENO "configure" #include "confdefs.h" #ifdef F77_DUMMY_MAIN @@ -13255,16 +14380,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:13258: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:13261: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:13264: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:13267: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_libc_defines_sys_nerr="yes" else @@ -13276,7 +14401,7 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext fi -echo "$as_me:13279: result: $ac_cv_libc_defines_sys_nerr" >&5 +echo "$as_me:$LINENO: result: $ac_cv_libc_defines_sys_nerr" >&5 echo "${ECHO_T}$ac_cv_libc_defines_sys_nerr" >&6 if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then cat >>confdefs.h <<\_ACEOF @@ -13285,12 +14410,13 @@ fi -# Check whether user wants Kerberos support SCARD_MSG="no" -# Check whether --with-smartcard or --without-smartcard was given. -if test "${with_smartcard+set}" = set; then - withval="$with_smartcard" +# Check whether user wants sectok support + +# Check whether --with-sectok or --without-sectok was given. +if test "${with_sectok+set}" = set; then + withval="$with_sectok" if test "x$withval" != "xno" ; then if test "x$withval" != "xyes" ; then @@ -13308,34 +14434,34 @@ do as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` if eval "test \"\${$as_ac_Header+set}\" = set"; then - echo "$as_me:13311: checking for $ac_header" >&5 + echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 fi -echo "$as_me:13316: result: `eval echo '${'$as_ac_Header'}'`" >&5 +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 else # Is the header compilable? -echo "$as_me:13320: checking $ac_header usability" >&5 +echo "$as_me:$LINENO: checking $ac_header usability" >&5 echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 13323 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #include <$ac_header> _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:13329: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:13332: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:13335: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:13338: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_header_compiler=yes else @@ -13344,24 +14470,24 @@ ac_header_compiler=no fi rm -f conftest.$ac_objext conftest.$ac_ext -echo "$as_me:13347: result: $ac_header_compiler" >&5 +echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6 # Is the header present? -echo "$as_me:13351: checking $ac_header presence" >&5 +echo "$as_me:$LINENO: checking $ac_header presence" >&5 echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 13354 "configure" +#line $LINENO "configure" #include "confdefs.h" #include <$ac_header> _ACEOF -if { (eval echo "$as_me:13358: \"$ac_cpp conftest.$ac_ext\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? egrep -v '^ *\+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 - echo "$as_me:13364: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag @@ -13379,59 +14505,287 @@ ac_header_preproc=no fi rm -f conftest.err conftest.$ac_ext -echo "$as_me:13382: result: $ac_header_preproc" >&5 +echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 echo "${ECHO_T}$ac_header_preproc" >&6 -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc in - yes:no ) - { echo "$as_me:13388: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:13390: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; - no:yes ) - { echo "$as_me:13393: WARNING: $ac_header: present but cannot be compiled." >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled." >&2;} - { echo "$as_me:13395: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:13397: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; -esac -echo "$as_me:13400: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 -if eval "test \"\${$as_ac_Header+set}\" = set"; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +# So? What about this header? +case $ac_header_compiler:$ac_header_preproc in + yes:no ) + { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 +echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 +echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; + no:yes ) + { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 +echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 +echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 +echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; +esac +echo "$as_me:$LINENO: checking for $ac_header" >&5 +echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 +if eval "test \"\${$as_ac_Header+set}\" = set"; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + eval "$as_ac_Header=$ac_header_preproc" +fi +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 +echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 + +fi +if test `eval echo '${'$as_ac_Header'}'` = yes; then + cat >>confdefs.h <<_ACEOF +#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +_ACEOF + +fi + +done + + if test "$ac_cv_header_sectok_h" != yes; then + { { echo "$as_me:$LINENO: error: Can't find sectok.h" >&5 +echo "$as_me: error: Can't find sectok.h" >&2;} + { (exit 1); exit 1; }; } + fi + +echo "$as_me:$LINENO: checking for sectok_open in -lsectok" >&5 +echo $ECHO_N "checking for sectok_open in -lsectok... $ECHO_C" >&6 +if test "${ac_cv_lib_sectok_sectok_open+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lsectok $LIBS" +cat >conftest.$ac_ext <<_ACEOF +#line $LINENO "configure" +#include "confdefs.h" + +/* Override any gcc2 internal prototype to avoid an error. */ +#ifdef __cplusplus +extern "C" +#endif +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char sectok_open (); +#ifdef F77_DUMMY_MAIN +# ifdef __cplusplus + extern "C" +# endif + int F77_DUMMY_MAIN() { return 1; } +#endif +int +main () +{ +sectok_open (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_lib_sectok_sectok_open=yes +else + echo "$as_me: failed program was:" >&5 +cat conftest.$ac_ext >&5 +ac_cv_lib_sectok_sectok_open=no +fi +rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +echo "$as_me:$LINENO: result: $ac_cv_lib_sectok_sectok_open" >&5 +echo "${ECHO_T}$ac_cv_lib_sectok_sectok_open" >&6 +if test $ac_cv_lib_sectok_sectok_open = yes; then + cat >>confdefs.h <<_ACEOF +#define HAVE_LIBSECTOK 1 +_ACEOF + + LIBS="-lsectok $LIBS" + +fi + + if test "$ac_cv_lib_sectok_sectok_open" != yes; then + { { echo "$as_me:$LINENO: error: Can't find libsectok" >&5 +echo "$as_me: error: Can't find libsectok" >&2;} + { (exit 1); exit 1; }; } + fi + cat >>confdefs.h <<\_ACEOF +#define SMARTCARD 1 +_ACEOF + + cat >>confdefs.h <<\_ACEOF +#define USE_SECTOK 1 +_ACEOF + + SCARD_MSG="yes, using sectok" + fi + + +fi; + +# Check whether user wants OpenSC support + +# Check whether --with-opensc or --without-opensc was given. +if test "${with_opensc+set}" = set; then + withval="$with_opensc" + opensc_config_prefix="$withval" +else + opensc_config_prefix="" +fi; +if test x$opensc_config_prefix != x ; then + OPENSC_CONFIG=$opensc_config_prefix/bin/opensc-config + # Extract the first word of "opensc-config", so it can be a program name with args. +set dummy opensc-config; ac_word=$2 +echo "$as_me:$LINENO: checking for $ac_word" >&5 +echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 +if test "${ac_cv_path_OPENSC_CONFIG+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + case $OPENSC_CONFIG in + [\\/]* | ?:[\\/]*) + ac_cv_path_OPENSC_CONFIG="$OPENSC_CONFIG" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_OPENSC_CONFIG="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done +done + + test -z "$ac_cv_path_OPENSC_CONFIG" && ac_cv_path_OPENSC_CONFIG="no" + ;; +esac +fi +OPENSC_CONFIG=$ac_cv_path_OPENSC_CONFIG + +if test -n "$OPENSC_CONFIG"; then + echo "$as_me:$LINENO: result: $OPENSC_CONFIG" >&5 +echo "${ECHO_T}$OPENSC_CONFIG" >&6 +else + echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6 +fi + + if test "$OPENSC_CONFIG" != "no"; then + LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags` + LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs` + CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS" + LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS" + cat >>confdefs.h <<\_ACEOF +#define SMARTCARD 1 +_ACEOF + + cat >>confdefs.h <<\_ACEOF +#define USE_OPENSC 1 +_ACEOF + + SCARD_MSG="yes, using OpenSC" + fi +fi + +# Check whether user wants Kerberos 5 support +KRB5_MSG="no" + +# Check whether --with-kerberos5 or --without-kerberos5 was given. +if test "${with_kerberos5+set}" = set; then + withval="$with_kerberos5" + + if test "x$withval" != "xno" ; then + if test "x$withval" = "xyes" ; then + KRB5ROOT="/usr/local" + else + KRB5ROOT=${withval} + fi + CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include" + LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib" + cat >>confdefs.h <<\_ACEOF +#define KRB5 1 +_ACEOF + + KRB5_MSG="yes" + echo "$as_me:$LINENO: checking whether we are using Heimdal" >&5 +echo $ECHO_N "checking whether we are using Heimdal... $ECHO_C" >&6 + cat >conftest.$ac_ext <<_ACEOF +#line $LINENO "configure" +#include "confdefs.h" + #include +#ifdef F77_DUMMY_MAIN +# ifdef __cplusplus + extern "C" +# endif + int F77_DUMMY_MAIN() { return 1; } +#endif +int +main () +{ + char *tmp = heimdal_version; + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + echo "$as_me:$LINENO: result: yes" >&5 +echo "${ECHO_T}yes" >&6 + cat >>confdefs.h <<\_ACEOF +#define HEIMDAL 1 +_ACEOF + + K5LIBS="-lkrb5 -ldes -lcom_err -lasn1 -lroken" + else - eval "$as_ac_Header=$ac_header_preproc" -fi -echo "$as_me:13407: result: `eval echo '${'$as_ac_Header'}'`" >&5 -echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 + echo "$as_me: failed program was:" >&5 +cat conftest.$ac_ext >&5 + echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6 + K5LIBS="-lkrb5 -lk5crypto -lcom_err" -fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF fi +rm -f conftest.$ac_objext conftest.$ac_ext + if test ! -z "$need_dash_r" ; then + LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib" + fi + if test ! -z "$blibpath" ; then + blibpath="$blibpath:${KRB5ROOT}/lib" + fi -done - - if test "$ac_cv_header_sectok_h" != yes; then - { { echo "$as_me:13421: error: Can't find sectok.h" >&5 -echo "$as_me: error: Can't find sectok.h" >&2;} - { (exit 1); exit 1; }; } - fi - -echo "$as_me:13426: checking for sectok_open in -lsectok" >&5 -echo $ECHO_N "checking for sectok_open in -lsectok... $ECHO_C" >&6 -if test "${ac_cv_lib_sectok_sectok_open+set}" = set; then +echo "$as_me:$LINENO: checking for dn_expand in -lresolv" >&5 +echo $ECHO_N "checking for dn_expand in -lresolv... $ECHO_C" >&6 +if test "${ac_cv_lib_resolv_dn_expand+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else ac_check_lib_save_LIBS=$LIBS -LIBS="-lsectok $LIBS" +LIBS="-lresolv $LIBS" cat >conftest.$ac_ext <<_ACEOF -#line 13434 "configure" +#line $LINENO "configure" #include "confdefs.h" /* Override any gcc2 internal prototype to avoid an error. */ @@ -13440,7 +14794,7 @@ #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ -char sectok_open (); +char dn_expand (); #ifdef F77_DUMMY_MAIN # ifdef __cplusplus extern "C" @@ -13450,58 +14804,50 @@ int main () { -sectok_open (); +dn_expand (); ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:13459: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:13462: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:13465: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:13468: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then - ac_cv_lib_sectok_sectok_open=yes + ac_cv_lib_resolv_dn_expand=yes else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 -ac_cv_lib_sectok_sectok_open=no +ac_cv_lib_resolv_dn_expand=no fi rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -echo "$as_me:13479: result: $ac_cv_lib_sectok_sectok_open" >&5 -echo "${ECHO_T}$ac_cv_lib_sectok_sectok_open" >&6 -if test $ac_cv_lib_sectok_sectok_open = yes; then +echo "$as_me:$LINENO: result: $ac_cv_lib_resolv_dn_expand" >&5 +echo "${ECHO_T}$ac_cv_lib_resolv_dn_expand" >&6 +if test $ac_cv_lib_resolv_dn_expand = yes; then cat >>confdefs.h <<_ACEOF -#define HAVE_LIBSECTOK 1 +#define HAVE_LIBRESOLV 1 _ACEOF - LIBS="-lsectok $LIBS" + LIBS="-lresolv $LIBS" fi - if test "$ac_cv_lib_sectok_sectok_open" != yes; then - { { echo "$as_me:13491: error: Can't find libsectok" >&5 -echo "$as_me: error: Can't find libsectok" >&2;} - { (exit 1); exit 1; }; } - fi - cat >>confdefs.h <<\_ACEOF -#define SMARTCARD 1 -_ACEOF - SCARD_MSG="yes" - fi + KRB5=yes + fi -fi; -# Check whether user wants Kerberos support +fi; +# Check whether user wants Kerberos 4 support KRB4_MSG="no" # Check whether --with-kerberos4 or --without-kerberos4 was given. @@ -13524,38 +14870,39 @@ fi fi + for ac_header in krb.h do as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` if eval "test \"\${$as_ac_Header+set}\" = set"; then - echo "$as_me:13531: checking for $ac_header" >&5 + echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 fi -echo "$as_me:13536: result: `eval echo '${'$as_ac_Header'}'`" >&5 +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 else # Is the header compilable? -echo "$as_me:13540: checking $ac_header usability" >&5 +echo "$as_me:$LINENO: checking $ac_header usability" >&5 echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 13543 "configure" +#line $LINENO "configure" #include "confdefs.h" $ac_includes_default #include <$ac_header> _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:13549: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:13552: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:13555: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:13558: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_header_compiler=yes else @@ -13564,24 +14911,24 @@ ac_header_compiler=no fi rm -f conftest.$ac_objext conftest.$ac_ext -echo "$as_me:13567: result: $ac_header_compiler" >&5 +echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6 # Is the header present? -echo "$as_me:13571: checking $ac_header presence" >&5 +echo "$as_me:$LINENO: checking $ac_header presence" >&5 echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 13574 "configure" +#line $LINENO "configure" #include "confdefs.h" #include <$ac_header> _ACEOF -if { (eval echo "$as_me:13578: \"$ac_cpp conftest.$ac_ext\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? egrep -v '^ *\+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 - echo "$as_me:13584: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag @@ -13599,32 +14946,32 @@ ac_header_preproc=no fi rm -f conftest.err conftest.$ac_ext -echo "$as_me:13602: result: $ac_header_preproc" >&5 +echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 echo "${ECHO_T}$ac_header_preproc" >&6 # So? What about this header? case $ac_header_compiler:$ac_header_preproc in yes:no ) - { echo "$as_me:13608: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 + { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:13610: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; no:yes ) - { echo "$as_me:13613: WARNING: $ac_header: present but cannot be compiled." >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled." >&2;} - { echo "$as_me:13615: WARNING: $ac_header: check for missing prerequisite headers?" >&5 + { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 +echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:13617: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; esac -echo "$as_me:13620: checking for $ac_header" >&5 +echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else eval "$as_ac_Header=$ac_header_preproc" fi -echo "$as_me:13627: result: `eval echo '${'$as_ac_Header'}'`" >&5 +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 fi @@ -13638,11 +14985,11 @@ done if test "$ac_cv_header_krb_h" != yes; then - { echo "$as_me:13641: WARNING: Cannot find krb.h, build may fail" >&5 + { echo "$as_me:$LINENO: WARNING: Cannot find krb.h, build may fail" >&5 echo "$as_me: WARNING: Cannot find krb.h, build may fail" >&2;} fi -echo "$as_me:13645: checking for main in -lkrb" >&5 +echo "$as_me:$LINENO: checking for main in -lkrb" >&5 echo $ECHO_N "checking for main in -lkrb... $ECHO_C" >&6 if test "${ac_cv_lib_krb_main+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -13650,9 +14997,10 @@ ac_check_lib_save_LIBS=$LIBS LIBS="-lkrb $LIBS" cat >conftest.$ac_ext <<_ACEOF -#line 13653 "configure" +#line $LINENO "configure" #include "confdefs.h" + #ifdef F77_DUMMY_MAIN # ifdef __cplusplus extern "C" @@ -13668,16 +15016,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:13671: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:13674: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:13677: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:13680: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_krb_main=yes else @@ -13688,7 +15036,7 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -echo "$as_me:13691: result: $ac_cv_lib_krb_main" >&5 +echo "$as_me:$LINENO: result: $ac_cv_lib_krb_main" >&5 echo "${ECHO_T}$ac_cv_lib_krb_main" >&6 if test $ac_cv_lib_krb_main = yes; then cat >>confdefs.h <<_ACEOF @@ -13701,7 +15049,7 @@ if test "$ac_cv_lib_krb_main" != yes; then -echo "$as_me:13704: checking for main in -lkrb4" >&5 +echo "$as_me:$LINENO: checking for main in -lkrb4" >&5 echo $ECHO_N "checking for main in -lkrb4... $ECHO_C" >&6 if test "${ac_cv_lib_krb4_main+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -13709,9 +15057,10 @@ ac_check_lib_save_LIBS=$LIBS LIBS="-lkrb4 $LIBS" cat >conftest.$ac_ext <<_ACEOF -#line 13712 "configure" +#line $LINENO "configure" #include "confdefs.h" + #ifdef F77_DUMMY_MAIN # ifdef __cplusplus extern "C" @@ -13727,16 +15076,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:13730: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:13733: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:13736: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:13739: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_krb4_main=yes else @@ -13747,7 +15096,7 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -echo "$as_me:13750: result: $ac_cv_lib_krb4_main" >&5 +echo "$as_me:$LINENO: result: $ac_cv_lib_krb4_main" >&5 echo "${ECHO_T}$ac_cv_lib_krb4_main" >&6 if test $ac_cv_lib_krb4_main = yes; then cat >>confdefs.h <<_ACEOF @@ -13759,7 +15108,7 @@ fi if test "$ac_cv_lib_krb4_main" != yes; then - { echo "$as_me:13762: WARNING: Cannot find libkrb nor libkrb4, build may fail" >&5 + { echo "$as_me:$LINENO: WARNING: Cannot find libkrb nor libkrb4, build may fail" >&5 echo "$as_me: WARNING: Cannot find libkrb nor libkrb4, build may fail" >&2;} else KLIBS="-lkrb4" @@ -13768,7 +15117,7 @@ KLIBS="-lkrb" fi -echo "$as_me:13771: checking for des_cbc_encrypt in -ldes" >&5 +echo "$as_me:$LINENO: checking for des_cbc_encrypt in -ldes" >&5 echo $ECHO_N "checking for des_cbc_encrypt in -ldes... $ECHO_C" >&6 if test "${ac_cv_lib_des_des_cbc_encrypt+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -13776,7 +15125,7 @@ ac_check_lib_save_LIBS=$LIBS LIBS="-ldes $LIBS" cat >conftest.$ac_ext <<_ACEOF -#line 13779 "configure" +#line $LINENO "configure" #include "confdefs.h" /* Override any gcc2 internal prototype to avoid an error. */ @@ -13801,16 +15150,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:13804: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:13807: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:13810: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:13813: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_des_des_cbc_encrypt=yes else @@ -13821,7 +15170,7 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -echo "$as_me:13824: result: $ac_cv_lib_des_des_cbc_encrypt" >&5 +echo "$as_me:$LINENO: result: $ac_cv_lib_des_des_cbc_encrypt" >&5 echo "${ECHO_T}$ac_cv_lib_des_des_cbc_encrypt" >&6 if test $ac_cv_lib_des_des_cbc_encrypt = yes; then cat >>confdefs.h <<_ACEOF @@ -13834,7 +15183,7 @@ if test "$ac_cv_lib_des_des_cbc_encrypt" != yes; then -echo "$as_me:13837: checking for des_cbc_encrypt in -ldes425" >&5 +echo "$as_me:$LINENO: checking for des_cbc_encrypt in -ldes425" >&5 echo $ECHO_N "checking for des_cbc_encrypt in -ldes425... $ECHO_C" >&6 if test "${ac_cv_lib_des425_des_cbc_encrypt+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -13842,7 +15191,7 @@ ac_check_lib_save_LIBS=$LIBS LIBS="-ldes425 $LIBS" cat >conftest.$ac_ext <<_ACEOF -#line 13845 "configure" +#line $LINENO "configure" #include "confdefs.h" /* Override any gcc2 internal prototype to avoid an error. */ @@ -13867,16 +15216,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:13870: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:13873: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:13876: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:13879: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_des425_des_cbc_encrypt=yes else @@ -13887,7 +15236,7 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -echo "$as_me:13890: result: $ac_cv_lib_des425_des_cbc_encrypt" >&5 +echo "$as_me:$LINENO: result: $ac_cv_lib_des425_des_cbc_encrypt" >&5 echo "${ECHO_T}$ac_cv_lib_des425_des_cbc_encrypt" >&6 if test $ac_cv_lib_des425_des_cbc_encrypt = yes; then cat >>confdefs.h <<_ACEOF @@ -13899,7 +15248,7 @@ fi if test "$ac_cv_lib_des425_des_cbc_encrypt" != yes; then - { echo "$as_me:13902: WARNING: Cannot find libdes nor libdes425, build may fail" >&5 + { echo "$as_me:$LINENO: WARNING: Cannot find libdes nor libdes425, build may fail" >&5 echo "$as_me: WARNING: Cannot find libdes nor libdes425, build may fail" >&2;} else KLIBS="-ldes425" @@ -13908,7 +15257,7 @@ KLIBS="-ldes" fi -echo "$as_me:13911: checking for dn_expand in -lresolv" >&5 +echo "$as_me:$LINENO: checking for dn_expand in -lresolv" >&5 echo $ECHO_N "checking for dn_expand in -lresolv... $ECHO_C" >&6 if test "${ac_cv_lib_resolv_dn_expand+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -13916,7 +15265,7 @@ ac_check_lib_save_LIBS=$LIBS LIBS="-lresolv $LIBS" cat >conftest.$ac_ext <<_ACEOF -#line 13919 "configure" +#line $LINENO "configure" #include "confdefs.h" /* Override any gcc2 internal prototype to avoid an error. */ @@ -13941,16 +15290,16 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:13944: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:13947: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:13950: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:13953: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_resolv_dn_expand=yes else @@ -13961,7 +15310,7 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -echo "$as_me:13964: result: $ac_cv_lib_resolv_dn_expand" >&5 +echo "$as_me:$LINENO: result: $ac_cv_lib_resolv_dn_expand" >&5 echo "${ECHO_T}$ac_cv_lib_resolv_dn_expand" >&6 if test $ac_cv_lib_resolv_dn_expand = yes; then cat >>confdefs.h <<_ACEOF @@ -13980,6 +15329,7 @@ fi + fi; # Check whether user wants AFS support @@ -13997,7 +15347,7 @@ fi if test -z "$KRB4" ; then - { echo "$as_me:14000: WARNING: AFS requires Kerberos IV support, build may fail" >&5 + { echo "$as_me:$LINENO: WARNING: AFS requires Kerberos IV support, build may fail" >&5 echo "$as_me: WARNING: AFS requires Kerberos IV support, build may fail" >&2;} fi @@ -14012,8 +15362,9 @@ AFS_MSG="yes" fi + fi; -LIBS="$LIBS $KLIBS" +LIBS="$LIBS $KLIBS $K5LIBS" # Looking for programs, paths and files @@ -14029,7 +15380,7 @@ # Extract the first word of "rsh", so it can be a program name with args. set dummy rsh; ac_word=$2 -echo "$as_me:14032: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_rsh_path+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -14039,16 +15390,18 @@ ac_cv_path_rsh_path="$rsh_path" # Let the user override the test with a path. ;; *) - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - if $as_executable_p "$ac_dir/$ac_word"; then - ac_cv_path_rsh_path="$ac_dir/$ac_word" - echo "$as_me:14049: found $ac_dir/$ac_word" >&5 - break -fi + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_rsh_path="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done ;; @@ -14057,15 +15410,32 @@ rsh_path=$ac_cv_path_rsh_path if test -n "$rsh_path"; then - echo "$as_me:14060: result: $rsh_path" >&5 + echo "$as_me:$LINENO: result: $rsh_path" >&5 echo "${ECHO_T}$rsh_path" >&6 else - echo "$as_me:14063: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi + + +fi; + +PRIVSEP_PATH=/var/empty + +# Check whether --with-privsep-path or --without-privsep-path was given. +if test "${with_privsep_path+set}" = set; then + withval="$with_privsep_path" + + if test "x$withval" != "$no" ; then + PRIVSEP_PATH=$withval + fi + + fi; + + # Check whether --with-xauth or --without-xauth was given. if test "${with_xauth+set}" = set; then withval="$with_xauth" @@ -14078,7 +15448,7 @@ # Extract the first word of "xauth", so it can be a program name with args. set dummy xauth; ac_word=$2 -echo "$as_me:14081: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_xauth_path+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -14088,16 +15458,18 @@ ac_cv_path_xauth_path="$xauth_path" # Let the user override the test with a path. ;; *) - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="$PATH:/usr/X/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/openwin/bin" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - if $as_executable_p "$ac_dir/$ac_word"; then - ac_cv_path_xauth_path="$ac_dir/$ac_word" - echo "$as_me:14098: found $ac_dir/$ac_word" >&5 - break -fi + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH:/usr/X/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/openwin/bin +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_xauth_path="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done ;; @@ -14106,10 +15478,10 @@ xauth_path=$ac_cv_path_xauth_path if test -n "$xauth_path"; then - echo "$as_me:14109: result: $xauth_path" >&5 + echo "$as_me:$LINENO: result: $xauth_path" >&5 echo "${ECHO_T}$xauth_path" >&6 else - echo "$as_me:14112: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -14117,6 +15489,7 @@ xauth_path="/usr/openwin/bin/xauth" fi + fi; if test -z "$xauth_path" ; then @@ -14147,13 +15520,14 @@ fi if test -z "$no_dev_ptmx" ; then - echo "$as_me:14150: checking for \"/dev/ptmx\"" >&5 + if test "x$disable_ptmx_check" != "xyes" ; then + echo "$as_me:$LINENO: checking for \"/dev/ptmx\"" >&5 echo $ECHO_N "checking for \"/dev/ptmx\"... $ECHO_C" >&6 if test "${ac_cv_file___dev_ptmx_+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else test "$cross_compiling" = yes && - { { echo "$as_me:14156: error: cannot check for file existence when cross compiling" >&5 + { { echo "$as_me:$LINENO: error: cannot check for file existence when cross compiling" >&5 echo "$as_me: error: cannot check for file existence when cross compiling" >&2;} { (exit 1); exit 1; }; } if test -r ""/dev/ptmx""; then @@ -14162,26 +15536,28 @@ ac_cv_file___dev_ptmx_=no fi fi -echo "$as_me:14165: result: $ac_cv_file___dev_ptmx_" >&5 +echo "$as_me:$LINENO: result: $ac_cv_file___dev_ptmx_" >&5 echo "${ECHO_T}$ac_cv_file___dev_ptmx_" >&6 if test $ac_cv_file___dev_ptmx_ = yes; then - cat >>confdefs.h <<_ACEOF + cat >>confdefs.h <<_ACEOF #define HAVE_DEV_PTMX 1 _ACEOF - have_dev_ptmx=1 + have_dev_ptmx=1 + fi + fi fi -echo "$as_me:14178: checking for \"/dev/ptc\"" >&5 +echo "$as_me:$LINENO: checking for \"/dev/ptc\"" >&5 echo $ECHO_N "checking for \"/dev/ptc\"... $ECHO_C" >&6 if test "${ac_cv_file___dev_ptc_+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else test "$cross_compiling" = yes && - { { echo "$as_me:14184: error: cannot check for file existence when cross compiling" >&5 + { { echo "$as_me:$LINENO: error: cannot check for file existence when cross compiling" >&5 echo "$as_me: error: cannot check for file existence when cross compiling" >&2;} { (exit 1); exit 1; }; } if test -r ""/dev/ptc""; then @@ -14190,7 +15566,7 @@ ac_cv_file___dev_ptc_=no fi fi -echo "$as_me:14193: result: $ac_cv_file___dev_ptc_" >&5 +echo "$as_me:$LINENO: result: $ac_cv_file___dev_ptc_" >&5 echo "${ECHO_T}$ac_cv_file___dev_ptc_" >&6 if test $ac_cv_file___dev_ptc_ = yes; then @@ -14200,8 +15576,10 @@ have_dev_ptc=1 + fi + # Options from here on. Some of these are preset by platform above # Check whether --with-mantype or --without-mantype was given. @@ -14213,19 +15591,20 @@ MANTYPE=$withval ;; *) - { { echo "$as_me:14216: error: invalid man type: $withval" >&5 + { { echo "$as_me:$LINENO: error: invalid man type: $withval" >&5 echo "$as_me: error: invalid man type: $withval" >&2;} { (exit 1); exit 1; }; } ;; esac + fi; if test -z "$MANTYPE"; then for ac_prog in nroff awf do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 -echo "$as_me:14228: checking for $ac_word" >&5 +echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_NROFF+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -14235,16 +15614,19 @@ ac_cv_path_NROFF="$NROFF" # Let the user override the test with a path. ;; *) - ac_save_IFS=$IFS; IFS=$ac_path_separator -ac_dummy="/usr/bin:/usr/ucb" -for ac_dir in $ac_dummy; do - IFS=$ac_save_IFS - test -z "$ac_dir" && ac_dir=. - if $as_executable_p "$ac_dir/$ac_word"; then - ac_cv_path_NROFF="$ac_dir/$ac_word" - echo "$as_me:14245: found $ac_dir/$ac_word" >&5 - break -fi + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +as_dummy="/usr/bin:/usr/ucb" +for as_dir in $as_dummy +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_NROFF="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done ;; @@ -14253,10 +15635,10 @@ NROFF=$ac_cv_path_NROFF if test -n "$NROFF"; then - echo "$as_me:14256: result: $NROFF" >&5 + echo "$as_me:$LINENO: result: $NROFF" >&5 echo "${ECHO_T}$NROFF" >&6 else - echo "$as_me:14259: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi @@ -14279,6 +15661,7 @@ mansubdir=$MANTYPE; fi + # Check whether to enable MD5 passwords MD5_MSG="no" @@ -14294,6 +15677,7 @@ MD5_MSG="yes" fi + fi; # Whether to disable shadow password support @@ -14310,13 +15694,14 @@ disable_shadow=yes fi + fi; if test -z "$disable_shadow" ; then - echo "$as_me:14316: checking if the systems has expire shadow information" >&5 + echo "$as_me:$LINENO: checking if the systems has expire shadow information" >&5 echo $ECHO_N "checking if the systems has expire shadow information... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 14319 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -14338,34 +15723,35 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:14341: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:14344: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:14347: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:14350: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then sp_expire_available=yes else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 + fi rm -f conftest.$ac_objext conftest.$ac_ext if test "x$sp_expire_available" = "xyes" ; then - echo "$as_me:14361: result: yes" >&5 + echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 cat >>confdefs.h <<\_ACEOF #define HAS_SHADOW_EXPIRE 1 _ACEOF else - echo "$as_me:14368: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi fi @@ -14392,9 +15778,14 @@ DISPLAY_HACK_MSG="yes" fi + fi; fi +if test $ac_cv_func_login_getcapbool = "yes" -a \ + $ac_cv_header_login_cap_h = "yes" ; then + USES_LOGIN_CONF=yes +fi # Whether to mess with the default path SERVER_PATH_MSG="(default)" @@ -14402,19 +15793,29 @@ if test "${with_default_path+set}" = set; then withval="$with_default_path" - if test "x$withval" != "xno" ; then + if test "$USES_LOGIN_CONF" = "yes" ; then + { echo "$as_me:$LINENO: WARNING: +--with-default-path=PATH has no effect on this system. +Edit /etc/login.conf instead." >&5 +echo "$as_me: WARNING: +--with-default-path=PATH has no effect on this system. +Edit /etc/login.conf instead." >&2;} + elif test "x$withval" != "xno" ; then user_path="$withval" SERVER_PATH_MSG="$withval" fi else - + if test "$USES_LOGIN_CONF" = "yes" ; then + { echo "$as_me:$LINENO: WARNING: Make sure the path to scp is in /etc/login.conf" >&5 +echo "$as_me: WARNING: Make sure the path to scp is in /etc/login.conf" >&2;} + else if test "$cross_compiling" = yes; then user_path="/usr/bin:/bin:/usr/sbin:/sbin" else cat >conftest.$ac_ext <<_ACEOF -#line 14417 "configure" +#line $LINENO "configure" #include "confdefs.h" /* find out what STDPATH is */ @@ -14447,21 +15848,22 @@ _ACEOF rm -f conftest$ac_exeext -if { (eval echo "$as_me:14450: \"$ac_link\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:14453: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (eval echo "$as_me:14455: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:14458: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then user_path=`cat conftest.stdpath` else echo "$as_me: program exited with status $ac_status" >&5 echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 +( exit $ac_status ) user_path="/usr/bin:/bin:/usr/sbin:/sbin" fi rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext @@ -14479,16 +15881,40 @@ echo $user_path | grep "^$t_bindir" > /dev/null 2>&1 if test $? -ne 0 ; then user_path=$user_path:$t_bindir - echo "$as_me:14482: result: Adding $t_bindir to USER_PATH so scp will work" >&5 + echo "$as_me:$LINENO: result: Adding $t_bindir to USER_PATH so scp will work" >&5 echo "${ECHO_T}Adding $t_bindir to USER_PATH so scp will work" >&6 fi fi + fi fi; -cat >>confdefs.h <<_ACEOF +if test "$USES_LOGIN_CONF" != "yes" ; then + cat >>confdefs.h <<_ACEOF #define USER_PATH "$user_path" _ACEOF + +fi + +# Set superuser path separately to user path +MD5_MSG="no" + +# Check whether --with-superuser-path or --without-superuser-path was given. +if test "${with_superuser_path+set}" = set; then + withval="$with_superuser_path" + + if test "x$withval" != "xno" ; then + cat >>confdefs.h <<_ACEOF +#define SUPERUSER_PATH "$withval" +_ACEOF + + superuser_path=$withval + fi + + +fi; + + # Whether to force IPv4 by default (needed on broken glibc Linux) IPV4_HACK_MSG="no" @@ -14504,9 +15930,10 @@ IPV4_HACK_MSG="yes" fi + fi; -echo "$as_me:14509: checking if we need to convert IPv4 in IPv6-mapped addresses" >&5 +echo "$as_me:$LINENO: checking if we need to convert IPv4 in IPv6-mapped addresses" >&5 echo $ECHO_N "checking if we need to convert IPv4 in IPv6-mapped addresses... $ECHO_C" >&6 IPV4_IN6_HACK_MSG="no" @@ -14515,7 +15942,7 @@ withval="$with_4in6" if test "x$withval" != "xno" ; then - echo "$as_me:14518: result: yes" >&5 + echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 cat >>confdefs.h <<\_ACEOF #define IPV4_IN_IPV6 1 @@ -14523,14 +15950,14 @@ IPV4_IN6_HACK_MSG="yes" else - echo "$as_me:14526: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi else if test "x$inet6_default_4in6" = "xyes"; then - echo "$as_me:14533: result: yes (default)" >&5 + echo "$as_me:$LINENO: result: yes (default)" >&5 echo "${ECHO_T}yes (default)" >&6 cat >>confdefs.h <<\_ACEOF #define IPV4_IN_IPV6 1 @@ -14538,10 +15965,11 @@ IPV4_IN6_HACK_MSG="yes" else - echo "$as_me:14541: result: no (default)" >&5 + echo "$as_me:$LINENO: result: no (default)" >&5 echo "${ECHO_T}no (default)" >&6 fi + fi; # Whether to enable BSD auth support @@ -14559,33 +15987,44 @@ BSD_AUTH_MSG=yes fi + fi; -echo "$as_me:14564: checking whether to install ssh as suid root" >&5 +echo "$as_me:$LINENO: checking whether to install ssh as suid root" >&5 echo $ECHO_N "checking whether to install ssh as suid root... $ECHO_C" >&6 # Check whether --enable-suid-ssh or --disable-suid-ssh was given. if test "${enable_suid_ssh+set}" = set; then enableval="$enable_suid_ssh" case "$enableval" in no) - echo "$as_me:14571: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 SSHMODE=0711 ;; - *) echo "$as_me:14575: result: yes" >&5 + *) echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 SSHMODE=4711 ;; esac else - echo "$as_me:14581: result: yes" >&5 + echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 SSHMODE=4711 fi; + + # Where to place sshd.pid piddir=/var/run +# make sure the directory exists +if test ! -d $piddir ; then + piddir=`eval echo ${sysconfdir}` + case $piddir in + NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;; + esac +fi + # Check whether --with-pid-dir or --without-pid-dir was given. if test "${with_pid_dir+set}" = set; then @@ -14593,22 +16032,21 @@ if test "x$withval" != "xno" ; then piddir=$withval + if test ! -d $piddir ; then + { echo "$as_me:$LINENO: WARNING: ** no $piddir directory on this system **" >&5 +echo "$as_me: WARNING: ** no $piddir directory on this system **" >&2;} + fi fi -fi; -# make sure the directory exists -if test ! -d $piddir ; then - piddir=`eval echo ${sysconfdir}` - case $piddir in - NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;; - esac -fi +fi; cat >>confdefs.h <<_ACEOF #define _PATH_SSH_PIDDIR "$piddir" _ACEOF + + # Check whether --enable-lastlog or --disable-lastlog was given. if test "${enable_lastlog+set}" = set; then enableval="$enable_lastlog" @@ -14616,6 +16054,7 @@ #define DISABLE_LASTLOG 1 _ACEOF + fi; # Check whether --enable-utmp or --disable-utmp was given. if test "${enable_utmp+set}" = set; then @@ -14624,6 +16063,7 @@ #define DISABLE_UTMP 1 _ACEOF + fi; # Check whether --enable-utmpx or --disable-utmpx was given. if test "${enable_utmpx+set}" = set; then @@ -14632,6 +16072,7 @@ #define DISABLE_UTMPX 1 _ACEOF + fi; # Check whether --enable-wtmp or --disable-wtmp was given. if test "${enable_wtmp+set}" = set; then @@ -14640,6 +16081,7 @@ #define DISABLE_WTMP 1 _ACEOF + fi; # Check whether --enable-wtmpx or --disable-wtmpx was given. if test "${enable_wtmpx+set}" = set; then @@ -14648,6 +16090,7 @@ #define DISABLE_WTMPX 1 _ACEOF + fi; # Check whether --enable-libutil or --disable-libutil was given. if test "${enable_libutil+set}" = set; then @@ -14656,6 +16099,7 @@ #define DISABLE_LOGIN 1 _ACEOF + fi; # Check whether --enable-pututline or --disable-pututline was given. if test "${enable_pututline+set}" = set; then @@ -14664,6 +16108,7 @@ #define DISABLE_PUTUTLINE 1 _ACEOF + fi; # Check whether --enable-pututxline or --disable-pututxline was given. if test "${enable_pututxline+set}" = set; then @@ -14672,6 +16117,7 @@ #define DISABLE_PUTUTXLINE 1 _ACEOF + fi; # Check whether --with-lastlog or --without-lastlog was given. @@ -14687,12 +16133,14 @@ conf_lastlog_location=$withval fi + fi; -echo "$as_me:14692: checking if your system defines LASTLOG_FILE" >&5 + +echo "$as_me:$LINENO: checking if your system defines LASTLOG_FILE" >&5 echo $ECHO_N "checking if your system defines LASTLOG_FILE... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 14695 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -14722,29 +16170,29 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:14725: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:14728: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:14731: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:14734: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then - echo "$as_me:14736: result: yes" >&5 + echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 - echo "$as_me:14742: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 - echo "$as_me:14744: checking if your system defines _PATH_LASTLOG" >&5 + echo "$as_me:$LINENO: checking if your system defines _PATH_LASTLOG" >&5 echo $ECHO_N "checking if your system defines _PATH_LASTLOG... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 14747 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -14771,30 +16219,31 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:14774: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:14777: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:14780: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:14783: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then - echo "$as_me:14785: result: yes" >&5 + echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 - echo "$as_me:14791: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 system_lastlog_path=no fi rm -f conftest.$ac_objext conftest.$ac_ext + fi rm -f conftest.$ac_objext conftest.$ac_ext @@ -14806,7 +16255,7 @@ fi done if test -z "$conf_lastlog_location"; then - { echo "$as_me:14809: WARNING: ** Cannot find lastlog **" >&5 + { echo "$as_me:$LINENO: WARNING: ** Cannot find lastlog **" >&5 echo "$as_me: WARNING: ** Cannot find lastlog **" >&2;} fi fi @@ -14819,10 +16268,10 @@ fi -echo "$as_me:14822: checking if your system defines UTMP_FILE" >&5 +echo "$as_me:$LINENO: checking if your system defines UTMP_FILE" >&5 echo $ECHO_N "checking if your system defines UTMP_FILE... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 14825 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -14846,23 +16295,23 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:14849: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:14852: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:14855: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:14858: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then - echo "$as_me:14860: result: yes" >&5 + echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 - echo "$as_me:14865: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 system_utmp_path=no @@ -14890,10 +16339,10 @@ fi -echo "$as_me:14893: checking if your system defines WTMP_FILE" >&5 +echo "$as_me:$LINENO: checking if your system defines WTMP_FILE" >&5 echo $ECHO_N "checking if your system defines WTMP_FILE... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 14896 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -14917,23 +16366,23 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:14920: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:14923: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:14926: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:14929: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then - echo "$as_me:14931: result: yes" >&5 + echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 - echo "$as_me:14936: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 system_wtmp_path=no @@ -14961,10 +16410,11 @@ fi -echo "$as_me:14964: checking if your system defines UTMPX_FILE" >&5 + +echo "$as_me:$LINENO: checking if your system defines UTMPX_FILE" >&5 echo $ECHO_N "checking if your system defines UTMPX_FILE... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 14967 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -14991,23 +16441,23 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:14994: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:14997: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:15000: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:15003: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then - echo "$as_me:15005: result: yes" >&5 + echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 - echo "$as_me:15010: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 system_utmpx_path=no @@ -15027,10 +16477,10 @@ fi -echo "$as_me:15030: checking if your system defines WTMPX_FILE" >&5 +echo "$as_me:$LINENO: checking if your system defines WTMPX_FILE" >&5 echo $ECHO_N "checking if your system defines WTMPX_FILE... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line 15033 "configure" +#line $LINENO "configure" #include "confdefs.h" #include @@ -15057,23 +16507,23 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:15060: \"$ac_compile\"") >&5 +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:15063: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:15066: \"$ac_try\"") >&5 + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:15069: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then - echo "$as_me:15071: result: yes" >&5 + echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 else echo "$as_me: failed program was:" >&5 cat conftest.$ac_ext >&5 - echo "$as_me:15076: result: no" >&5 + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 system_wtmpx_path=no @@ -15093,9 +16543,10 @@ fi + if test ! -z "$blibpath" ; then LDFLAGS="$LDFLAGS -blibpath:$blibpath" - { echo "$as_me:15098: WARNING: Please check and edit -blibpath in LDFLAGS in Makefile" >&5 + { echo "$as_me:$LINENO: WARNING: Please check and edit -blibpath in LDFLAGS in Makefile" >&5 echo "$as_me: WARNING: Please check and edit -blibpath in LDFLAGS in Makefile" >&2;} fi @@ -15106,6 +16557,7 @@ LIBS=`echo $LIBS | sed 's/-ldl //'` fi + ac_config_files="$ac_config_files Makefile openbsd-compat/Makefile scard/Makefile ssh_prng_cmds" cat >confcache <<\_ACEOF @@ -15184,14 +16636,15 @@ DEFS=-DHAVE_CONFIG_H + : ${CONFIG_STATUS=./config.status} ac_clean_files_save=$ac_clean_files ac_clean_files="$ac_clean_files $CONFIG_STATUS" -{ echo "$as_me:15190: creating $CONFIG_STATUS" >&5 +{ echo "$as_me:$LINENO: creating $CONFIG_STATUS" >&5 echo "$as_me: creating $CONFIG_STATUS" >&6;} cat >$CONFIG_STATUS <<_ACEOF #! $SHELL -# Generated automatically by $as_me. +# Generated by $as_me. # Run this file to recreate the current configuration. # Compiler output produced by configure, useful for debugging # configure, is in config.log if it exists. @@ -15214,8 +16667,167 @@ set -o posix fi +# NLS nuisances. +# Support unset when possible. +if (FOO=FOO; unset FOO) >/dev/null 2>&1; then + as_unset=unset +else + as_unset=false +fi + +(set +x; test -n "`(LANG=C; export LANG) 2>&1`") && + { $as_unset LANG || test "${LANG+set}" != set; } || + { LANG=C; export LANG; } +(set +x; test -n "`(LC_ALL=C; export LC_ALL) 2>&1`") && + { $as_unset LC_ALL || test "${LC_ALL+set}" != set; } || + { LC_ALL=C; export LC_ALL; } +(set +x; test -n "`(LC_TIME=C; export LC_TIME) 2>&1`") && + { $as_unset LC_TIME || test "${LC_TIME+set}" != set; } || + { LC_TIME=C; export LC_TIME; } +(set +x; test -n "`(LC_CTYPE=C; export LC_CTYPE) 2>&1`") && + { $as_unset LC_CTYPE || test "${LC_CTYPE+set}" != set; } || + { LC_CTYPE=C; export LC_CTYPE; } +(set +x; test -n "`(LANGUAGE=C; export LANGUAGE) 2>&1`") && + { $as_unset LANGUAGE || test "${LANGUAGE+set}" != set; } || + { LANGUAGE=C; export LANGUAGE; } +(set +x; test -n "`(LC_COLLATE=C; export LC_COLLATE) 2>&1`") && + { $as_unset LC_COLLATE || test "${LC_COLLATE+set}" != set; } || + { LC_COLLATE=C; export LC_COLLATE; } +(set +x; test -n "`(LC_NUMERIC=C; export LC_NUMERIC) 2>&1`") && + { $as_unset LC_NUMERIC || test "${LC_NUMERIC+set}" != set; } || + { LC_NUMERIC=C; export LC_NUMERIC; } +(set +x; test -n "`(LC_MESSAGES=C; export LC_MESSAGES) 2>&1`") && + { $as_unset LC_MESSAGES || test "${LC_MESSAGES+set}" != set; } || + { LC_MESSAGES=C; export LC_MESSAGES; } + + # Name of the executable. -as_me=`echo "$0" |sed 's,.*[\\/],,'` +as_me=`(basename "$0") 2>/dev/null || +$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ + X"$0" : 'X\(//\)$' \| \ + X"$0" : 'X\(/\)$' \| \ + . : '\(.\)' 2>/dev/null || +echo X/"$0" | + sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/; q; } + /^X\/\(\/\/\)$/{ s//\1/; q; } + /^X\/\(\/\).*/{ s//\1/; q; } + s/.*/./; q'` + +# PATH needs CR, and LINENO needs CR and PATH. +# Avoid depending upon Character Ranges. +as_cr_letters='abcdefghijklmnopqrstuvwxyz' +as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' +as_cr_Letters=$as_cr_letters$as_cr_LETTERS +as_cr_digits='0123456789' +as_cr_alnum=$as_cr_Letters$as_cr_digits + +# The user is always right. +if test "${PATH_SEPARATOR+set}" != set; then + echo "#! /bin/sh" >conftest.sh + echo "exit 0" >>conftest.sh + chmod +x conftest.sh + if (PATH=".;."; conftest.sh) >/dev/null 2>&1; then + PATH_SEPARATOR=';' + else + PATH_SEPARATOR=: + fi + rm -f conftest.sh +fi + + + as_lineno_1=$LINENO + as_lineno_2=$LINENO + as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null` + test "x$as_lineno_1" != "x$as_lineno_2" && + test "x$as_lineno_3" = "x$as_lineno_2" || { + # Find who we are. Look in the path if we contain no path at all + # relative or not. + case $0 in + *[\\/]* ) as_myself=$0 ;; + *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break +done + + ;; + esac + # We did not find ourselves, most probably we were run as `sh COMMAND' + # in which case we are not to be found in the path. + if test "x$as_myself" = x; then + as_myself=$0 + fi + if test ! -f "$as_myself"; then + { { echo "$as_me:$LINENO: error: cannot find myself; rerun with an absolute path" >&5 +echo "$as_me: error: cannot find myself; rerun with an absolute path" >&2;} + { (exit 1); exit 1; }; } + fi + case $CONFIG_SHELL in + '') + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for as_base in sh bash ksh sh5; do + case $as_dir in + /*) + if ("$as_dir/$as_base" -c ' + as_lineno_1=$LINENO + as_lineno_2=$LINENO + as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null` + test "x$as_lineno_1" != "x$as_lineno_2" && + test "x$as_lineno_3" = "x$as_lineno_2" ') 2>/dev/null; then + CONFIG_SHELL=$as_dir/$as_base + export CONFIG_SHELL + exec "$CONFIG_SHELL" "$0" ${1+"$@"} + fi;; + esac + done +done +;; + esac + + # Create $as_me.lineno as a copy of $as_myself, but with $LINENO + # uniformly replaced by the line number. The first 'sed' inserts a + # line-number line before each line; the second 'sed' does the real + # work. The second script uses 'N' to pair each line-number line + # with the numbered line, and appends trailing '-' during + # substitution so that $LINENO is not a special case at line end. + # (Raja R Harinath suggested sed '=', and Paul Eggert wrote the + # second 'sed' script. Blame Lee E. McMahon for sed's syntax. :-) + sed '=' <$as_myself | + sed ' + N + s,$,-, + : loop + s,^\(['$as_cr_digits']*\)\(.*\)[$]LINENO\([^'$as_cr_alnum'_]\),\1\2\1\3, + t loop + s,-$,, + s,^['$as_cr_digits']*\n,, + ' >$as_me.lineno && + chmod +x $as_me.lineno || + { { echo "$as_me:$LINENO: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&5 +echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2;} + { (exit 1); exit 1; }; } + + # Don't try to exec as it changes $[0], causing all sort of problems + # (the dirname of $[0] is not the place where we might find the + # original and so on. Autoconf is especially sensible to this). + . ./$as_me.lineno + # Exit status is that of the last command. + exit +} + + +case `echo "testing\c"; echo 1,2,3`,`echo -n testing; echo 1,2,3` in + *c*,-n*) ECHO_N= ECHO_C=' +' ECHO_T=' ' ;; + *c*,* ) ECHO_N=-n ECHO_C= ECHO_T= ;; + *) ECHO_N= ECHO_C='\c' ECHO_T= ;; +esac if expr a : '\(a\)' >/dev/null 2>&1; then as_expr=expr @@ -15243,22 +16855,12 @@ as_executable_p="test -f" -# Support unset when possible. -if (FOO=FOO; unset FOO) >/dev/null 2>&1; then - as_unset=unset -else - as_unset=false -fi +# Sed expression to map a string onto a valid CPP name. +as_tr_cpp="sed y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g" + +# Sed expression to map a string onto a valid variable name. +as_tr_sh="sed y%*+%pp%;s%[^_$as_cr_alnum]%_%g" -# NLS nuisances. -$as_unset LANG || test "${LANG+set}" != set || { LANG=C; export LANG; } -$as_unset LC_ALL || test "${LC_ALL+set}" != set || { LC_ALL=C; export LC_ALL; } -$as_unset LC_TIME || test "${LC_TIME+set}" != set || { LC_TIME=C; export LC_TIME; } -$as_unset LC_CTYPE || test "${LC_CTYPE+set}" != set || { LC_CTYPE=C; export LC_CTYPE; } -$as_unset LANGUAGE || test "${LANGUAGE+set}" != set || { LANGUAGE=C; export LANGUAGE; } -$as_unset LC_COLLATE || test "${LC_COLLATE+set}" != set || { LC_COLLATE=C; export LC_COLLATE; } -$as_unset LC_NUMERIC || test "${LC_NUMERIC+set}" != set || { LC_NUMERIC=C; export LC_NUMERIC; } -$as_unset LC_MESSAGES || test "${LC_MESSAGES+set}" != set || { LC_MESSAGES=C; export LC_MESSAGES; } # IFS # We need space, tab and new line, in precisely that order. @@ -15267,7 +16869,7 @@ IFS=" $as_nl" # CDPATH. -$as_unset CDPATH || test "${CDPATH+set}" != set || { CDPATH=:; export CDPATH; } +$as_unset CDPATH || test "${CDPATH+set}" != set || { CDPATH=$PATH_SEPARATOR; export CDPATH; } exec 6>&1 @@ -15278,19 +16880,19 @@ { echo sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX -## Running \$as_me. ## +## Running $as_me. ## _ASBOX } >&5 cat >&5 <<_CSEOF This file was extended by $as_me, which was -generated by GNU Autoconf 2.52d. Invocation command line was +generated by GNU Autoconf 2.53. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS CONFIG_LINKS = $CONFIG_LINKS CONFIG_COMMANDS = $CONFIG_COMMANDS - $ $@ + $ $0 $@ _CSEOF echo "on `(hostname || uname -n) 2>/dev/null | sed 1q`" >&5 @@ -15343,7 +16945,7 @@ cat >>$CONFIG_STATUS <<_ACEOF ac_cs_version="\\ config.status -configured by $0, generated by GNU Autoconf 2.52d, +configured by $0, generated by GNU Autoconf 2.53, with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\" Copyright 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001 @@ -15387,7 +16989,7 @@ echo "$ac_cs_version"; exit 0 ;; --he | --h) # Conflict between --help and --header - { { echo "$as_me:15390: error: ambiguous option: $1 + { { echo "$as_me:$LINENO: error: ambiguous option: $1 Try \`$0 --help' for more information." >&5 echo "$as_me: error: ambiguous option: $1 Try \`$0 --help' for more information." >&2;} @@ -15406,7 +17008,7 @@ ac_need_defaults=false;; # This is an error. - -*) { { echo "$as_me:15409: error: unrecognized option: $1 + -*) { { echo "$as_me:$LINENO: error: unrecognized option: $1 Try \`$0 --help' for more information." >&5 echo "$as_me: error: unrecognized option: $1 Try \`$0 --help' for more information." >&2;} @@ -15420,6 +17022,10 @@ _ACEOF + + + + cat >>$CONFIG_STATUS <<\_ACEOF for ac_config_target in $ac_config_targets do @@ -15430,7 +17036,7 @@ "scard/Makefile" ) CONFIG_FILES="$CONFIG_FILES scard/Makefile" ;; "ssh_prng_cmds" ) CONFIG_FILES="$CONFIG_FILES ssh_prng_cmds" ;; "config.h" ) CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;; - *) { { echo "$as_me:15433: error: invalid argument: $ac_config_target" >&5 + *) { { echo "$as_me:$LINENO: error: invalid argument: $ac_config_target" >&5 echo "$as_me: error: invalid argument: $ac_config_target" >&2;} { (exit 1); exit 1; }; };; esac @@ -15482,6 +17088,12 @@ sed 's/,@/@@/; s/@,/@@/; s/,;t t\$/@;t t/; /@;t t\$/s/[\\\\&,]/\\\\&/g; s/@@/,@/; s/@@/@,/; s/@;t t\$/,;t t/' >\$tmp/subs.sed <<\\CEOF s,@SHELL@,$SHELL,;t t +s,@PATH_SEPARATOR@,$PATH_SEPARATOR,;t t +s,@PACKAGE_NAME@,$PACKAGE_NAME,;t t +s,@PACKAGE_TARNAME@,$PACKAGE_TARNAME,;t t +s,@PACKAGE_VERSION@,$PACKAGE_VERSION,;t t +s,@PACKAGE_STRING@,$PACKAGE_STRING,;t t +s,@PACKAGE_BUGREPORT@,$PACKAGE_BUGREPORT,;t t s,@exec_prefix@,$exec_prefix,;t t s,@prefix@,$prefix,;t t s,@program_transform_name@,$program_transform_name,;t t @@ -15497,19 +17109,13 @@ s,@oldincludedir@,$oldincludedir,;t t s,@infodir@,$infodir,;t t s,@mandir@,$mandir,;t t -s,@PACKAGE_NAME@,$PACKAGE_NAME,;t t -s,@PACKAGE_TARNAME@,$PACKAGE_TARNAME,;t t -s,@PACKAGE_VERSION@,$PACKAGE_VERSION,;t t -s,@PACKAGE_STRING@,$PACKAGE_STRING,;t t -s,@PACKAGE_BUGREPORT@,$PACKAGE_BUGREPORT,;t t s,@build_alias@,$build_alias,;t t s,@host_alias@,$host_alias,;t t s,@target_alias@,$target_alias,;t t +s,@DEFS@,$DEFS,;t t s,@ECHO_C@,$ECHO_C,;t t s,@ECHO_N@,$ECHO_N,;t t s,@ECHO_T@,$ECHO_T,;t t -s,@PATH_SEPARATOR@,$PATH_SEPARATOR,;t t -s,@DEFS@,$DEFS,;t t s,@LIBS@,$LIBS,;t t s,@CC@,$CC,;t t s,@CFLAGS@,$CFLAGS,;t t @@ -15537,6 +17143,7 @@ s,@ENT@,$ENT,;t t s,@FILEPRIV@,$FILEPRIV,;t t s,@TEST_MINUS_S_SH@,$TEST_MINUS_S_SH,;t t +s,@SH@,$SH,;t t s,@LOGIN_PROGRAM_FALLBACK@,$LOGIN_PROGRAM_FALLBACK,;t t s,@LD@,$LD,;t t s,@LIBWRAP@,$LIBWRAP,;t t @@ -15560,7 +17167,9 @@ s,@PROG_TAIL@,$PROG_TAIL,;t t s,@INSTALL_SSH_PRNG_CMDS@,$INSTALL_SSH_PRNG_CMDS,;t t s,@NO_SFTP@,$NO_SFTP,;t t +s,@OPENSC_CONFIG@,$OPENSC_CONFIG,;t t s,@rsh_path@,$rsh_path,;t t +s,@PRIVSEP_PATH@,$PRIVSEP_PATH,;t t s,@xauth_path@,$xauth_path,;t t s,@XAUTH_PATH@,$XAUTH_PATH,;t t s,@NROFF@,$NROFF,;t t @@ -15627,7 +17236,8 @@ esac # Compute @srcdir@, @top_srcdir@, and @INSTALL@ for subdirectories. - ac_dir=`$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + ac_dir=`(dirname "$ac_file") 2>/dev/null || +$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$ac_file" : 'X\(//\)[^/]' \| \ X"$ac_file" : 'X\(//\)$' \| \ X"$ac_file" : 'X\(/\)' \| \ @@ -15651,17 +17261,19 @@ as_incr_dir=$as_incr_dir/$as_mkdir_dir test -d "$as_incr_dir" || mkdir "$as_incr_dir" || - { { echo "$as_me:15654: error: cannot create \"$ac_dir\"" >&5 + { { echo "$as_me:$LINENO: error: cannot create \"$ac_dir\"" >&5 echo "$as_me: error: cannot create \"$ac_dir\"" >&2;} { (exit 1); exit 1; }; } ;; esac done; } - if test "$ac_dir" != .; then - ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\./,,'` + ac_builddir=. + +if test "$ac_dir" != .; then + ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'` # A "../" for each directory in $ac_dir_suffix. - ac_top_builddir=`echo "$ac_dir_suffix" | sed 's,/[^/]*,../,g'` + ac_top_builddir=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,../,g'` else ac_dir_suffix= ac_top_builddir= fi @@ -15681,6 +17293,13 @@ ac_srcdir=$ac_top_builddir$srcdir$ac_dir_suffix ac_top_srcdir=$ac_top_builddir$srcdir ;; esac +# Don't blindly perform a `cd "$ac_dir"/$ac_foo && pwd` since $ac_foo can be +# absolute. +ac_abs_builddir=`cd "$ac_dir" && cd $ac_builddir && pwd` +ac_abs_top_builddir=`cd "$ac_dir" && cd $ac_top_builddir && pwd` +ac_abs_srcdir=`cd "$ac_dir" && cd $ac_srcdir && pwd` +ac_abs_top_srcdir=`cd "$ac_dir" && cd $ac_top_srcdir && pwd` + case $INSTALL in [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;; @@ -15688,15 +17307,20 @@ esac if test x"$ac_file" != x-; then - { echo "$as_me:15691: creating $ac_file" >&5 + { echo "$as_me:$LINENO: creating $ac_file" >&5 echo "$as_me: creating $ac_file" >&6;} rm -f "$ac_file" fi # Let's still pretend it is `configure' which instantiates (i.e., don't # use $as_me), people would be surprised to read: - # /* config.h. Generated automatically by config.status. */ - configure_input="Generated automatically from `echo $ac_file_in | - sed 's,.*/,,'` by configure." + # /* config.h. Generated by config.status. */ + if test x"$ac_file" = x-; then + configure_input= + else + configure_input="$ac_file. " + fi + configure_input=$configure_input"Generated from `echo $ac_file_in | + sed 's,.*/,,'` by configure." # First look for the input files in the build tree, otherwise in the # src tree. @@ -15706,7 +17330,7 @@ -) echo $tmp/stdin ;; [\\/$]*) # Absolute (can't be DOS-style, as IFS=:) - test -f "$f" || { { echo "$as_me:15709: error: cannot find input file: $f" >&5 + test -f "$f" || { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5 echo "$as_me: error: cannot find input file: $f" >&2;} { (exit 1); exit 1; }; } echo $f;; @@ -15719,7 +17343,7 @@ echo $srcdir/$f else # /dev/null tree - { { echo "$as_me:15722: error: cannot find input file: $f" >&5 + { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5 echo "$as_me: error: cannot find input file: $f" >&2;} { (exit 1); exit 1; }; } fi;; @@ -15735,7 +17359,13 @@ /@[a-zA-Z_][a-zA-Z_0-9]*@/!b s,@configure_input@,$configure_input,;t t s,@srcdir@,$ac_srcdir,;t t +s,@abs_srcdir@,$ac_abs_srcdir,;t t s,@top_srcdir@,$ac_top_srcdir,;t t +s,@abs_top_srcdir@,$ac_abs_top_srcdir,;t t +s,@builddir@,$ac_builddir,;t t +s,@abs_builddir@,$ac_abs_builddir,;t t +s,@top_builddir@,$ac_top_builddir,;t t +s,@abs_top_builddir@,$ac_abs_top_builddir,;t t s,@INSTALL@,$ac_INSTALL,;t t " $ac_file_inputs | (eval "$ac_sed_cmds") >$tmp/out rm -f $tmp/stdin @@ -15780,7 +17410,7 @@ * ) ac_file_in=$ac_file.in ;; esac - test x"$ac_file" != x- && { echo "$as_me:15783: creating $ac_file" >&5 + test x"$ac_file" != x- && { echo "$as_me:$LINENO: creating $ac_file" >&5 echo "$as_me: creating $ac_file" >&6;} # First look for the input files in the build tree, otherwise in the @@ -15791,7 +17421,7 @@ -) echo $tmp/stdin ;; [\\/$]*) # Absolute (can't be DOS-style, as IFS=:) - test -f "$f" || { { echo "$as_me:15794: error: cannot find input file: $f" >&5 + test -f "$f" || { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5 echo "$as_me: error: cannot find input file: $f" >&2;} { (exit 1); exit 1; }; } echo $f;; @@ -15804,7 +17434,7 @@ echo $srcdir/$f else # /dev/null tree - { { echo "$as_me:15807: error: cannot find input file: $f" >&5 + { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5 echo "$as_me: error: cannot find input file: $f" >&2;} { (exit 1); exit 1; }; } fi;; @@ -15834,7 +17464,7 @@ s,[\\$`],\\&,g t clear : clear -s,^[ ]*#[ ]*define[ ][ ]*\(\([^ (][^ (]*\)([^)]*)\)[ ]*\(.*\)$,${ac_dA}\2${ac_dB}\1${ac_dC}\3${ac_dD},gp +s,^[ ]*#[ ]*define[ ][ ]*\([^ (][^ (]*\)\(([^)]*)\)[ ]*\(.*\)$,${ac_dA}\1${ac_dB}\1\2${ac_dC}\3${ac_dD},gp t end s,^[ ]*#[ ]*define[ ][ ]*\([^ ][^ ]*\)[ ]*\(.*\)$,${ac_dA}\1${ac_dB}\1${ac_dC}\2${ac_dD},gp : end @@ -15911,20 +17541,21 @@ cat >>$CONFIG_STATUS <<\_ACEOF # Let's still pretend it is `configure' which instantiates (i.e., don't # use $as_me), people would be surprised to read: - # /* config.h. Generated automatically by config.status. */ + # /* config.h. Generated by config.status. */ if test x"$ac_file" = x-; then - echo "/* Generated automatically by configure. */" >$tmp/config.h + echo "/* Generated by configure. */" >$tmp/config.h else - echo "/* $ac_file. Generated automatically by configure. */" >$tmp/config.h + echo "/* $ac_file. Generated by configure. */" >$tmp/config.h fi cat $tmp/in >>$tmp/config.h rm -f $tmp/in if test x"$ac_file" != x-; then if cmp -s $ac_file $tmp/config.h 2>/dev/null; then - { echo "$as_me:15924: $ac_file is unchanged" >&5 + { echo "$as_me:$LINENO: $ac_file is unchanged" >&5 echo "$as_me: $ac_file is unchanged" >&6;} else - ac_dir=`$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + ac_dir=`(dirname "$ac_file") 2>/dev/null || +$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$ac_file" : 'X\(//\)[^/]' \| \ X"$ac_file" : 'X\(//\)$' \| \ X"$ac_file" : 'X\(/\)' \| \ @@ -15948,7 +17579,7 @@ as_incr_dir=$as_incr_dir/$as_mkdir_dir test -d "$as_incr_dir" || mkdir "$as_incr_dir" || - { { echo "$as_me:15951: error: cannot create \"$ac_dir\"" >&5 + { { echo "$as_me:$LINENO: error: cannot create \"$ac_dir\"" >&5 echo "$as_me: error: cannot create \"$ac_dir\"" >&2;} { (exit 1); exit 1; }; } ;; @@ -15972,6 +17603,7 @@ chmod +x $CONFIG_STATUS ac_clean_files=$ac_clean_files_save + # configure is writing to config.log, and then calls config.status. # config.status does its own redirection, appending to config.log. # Unfortunately, on DOS this fails, as config.log is still kept open @@ -15990,6 +17622,7 @@ $ac_cs_success || { (exit 1); exit 1; } fi + # Print summary of options # Someone please show me a better way :) @@ -16000,32 +17633,43 @@ E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}` F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}` G=`eval echo ${piddir}` ; G=`eval echo ${G}` -H=`eval echo ${user_path}` ; H=`eval echo ${H}` +H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}` +I=`eval echo ${user_path}` ; I=`eval echo ${I}` +J=`eval echo ${superuser_path}` ; J=`eval echo ${J}` echo "" echo "OpenSSH has been configured with the following options:" -echo " User binaries: $B" -echo " System binaries: $C" -echo " Configuration files: $D" -echo " Askpass program: $E" -echo " Manual pages: $F" -echo " PID file: $G" -echo " sshd default user PATH: $H" -echo " Manpage format: $MANTYPE" -echo " PAM support: ${PAM_MSG}" -echo " KerberosIV support: $KRB4_MSG" -echo " Smartcard support: $SCARD_MSG" -echo " AFS support: $AFS_MSG" -echo " S/KEY support: $SKEY_MSG" -echo " TCP Wrappers support: $TCPW_MSG" -echo " MD5 password support: $MD5_MSG" -echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" -echo " Use IPv4 by default hack: $IPV4_HACK_MSG" -echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" -echo " BSD Auth support: $BSD_AUTH_MSG" -echo " Random number source: $RAND_MSG" +echo " User binaries: $B" +echo " System binaries: $C" +echo " Configuration files: $D" +echo " Askpass program: $E" +echo " Manual pages: $F" +echo " PID file: $G" +echo " Privilege separation chroot path: $H" +if test "$USES_LOGIN_CONF" = "yes" ; then +echo " At runtime, sshd will use the path defined in /etc/login.conf" +else +echo " sshd default user PATH: $I" +fi +if test ! -z "$superuser_path" ; then +echo " sshd superuser user PATH: $J" +fi +echo " Manpage format: $MANTYPE" +echo " PAM support: ${PAM_MSG}" +echo " KerberosIV support: $KRB4_MSG" +echo " KerberosV support: $KRB5_MSG" +echo " Smartcard support: $SCARD_MSG" +echo " AFS support: $AFS_MSG" +echo " S/KEY support: $SKEY_MSG" +echo " TCP Wrappers support: $TCPW_MSG" +echo " MD5 password support: $MD5_MSG" +echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" +echo " Use IPv4 by default hack: $IPV4_HACK_MSG" +echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" +echo " BSD Auth support: $BSD_AUTH_MSG" +echo " Random number source: $RAND_MSG" if test ! -z "$USE_RAND_HELPER" ; then - echo " ssh-rand-helper collects from: $RAND_HELPER_MSG" +echo " ssh-rand-helper collects from: $RAND_HELPER_MSG" fi echo "" @@ -16060,3 +17704,4 @@ echo "future versions of your OS." echo "" fi + diff -ru openssh-3.1p1/configure.ac openssh-3.2.2p1/configure.ac --- openssh-3.1p1/configure.ac 2002-02-27 17:12:35.000000000 +1100 +++ openssh-3.2.2p1/configure.ac 2002-05-13 15:14:08.000000000 +1000 @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.23 2002/02/27 06:12:35 tim Exp $ +# $Id: configure.ac,v 1.61 2002/05/13 05:14:08 djm Exp $ AC_INIT AC_CONFIG_SRCDIR([ssh.c]) @@ -21,6 +21,7 @@ AC_PATH_PROG(TEST_MINUS_S_SH, bash) AC_PATH_PROG(TEST_MINUS_S_SH, ksh) AC_PATH_PROG(TEST_MINUS_S_SH, sh) +AC_PATH_PROG(SH, sh) # System features AC_SYS_LARGEFILE @@ -57,13 +58,24 @@ CPPFLAGS="$CPPFLAGS -I/usr/local/include" LDFLAGS="$LDFLAGS -L/usr/local/lib" if (test "$LD" != "gcc" && test -z "$blibpath"); then - blibpath="/usr/lib:/lib:/usr/local/lib" + AC_MSG_CHECKING([if linkage editor ($LD) accepts -blibpath]) + saved_LDFLAGS="$LDFLAGS" + LDFLAGS="$LDFLAGS -blibpath:/usr/lib:/lib:/usr/local/lib" + AC_TRY_LINK([], + [], + [ + AC_MSG_RESULT(yes) + blibpath="/usr/lib:/lib:/usr/local/lib" + ], + [ AC_MSG_RESULT(no) ] + ) + LDFLAGS="$saved_LDFLAGS" fi AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE)]) AC_DEFINE(BROKEN_GETADDRINFO) + AC_DEFINE(BROKEN_REALPATH) dnl AIX handles lastlog as part of its login message AC_DEFINE(DISABLE_LASTLOG) - AC_DEFINE(HAVE_BOGUS_SYS_QUEUE_H) ;; *-*-cygwin*) LIBS="$LIBS /usr/lib/textmode.o" @@ -80,6 +92,22 @@ *-*-darwin*) AC_DEFINE(BROKEN_GETADDRINFO) ;; +*-*-hpux10.26) + if test -z "$GCC"; then + CFLAGS="$CFLAGS -Ae" + fi + CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" + IPADDR_IN_DISPLAY=yes + AC_DEFINE(HAVE_SECUREWARE) + AC_DEFINE(USE_PIPES) + AC_DEFINE(LOGIN_NO_ENDOPT) + AC_DEFINE(LOGIN_NEEDS_UTMPX) + AC_DEFINE(DISABLE_SHADOW) + AC_DEFINE(DISABLE_UTMP) + AC_DEFINE(SPT_TYPE,SPT_PSTAT) + LIBS="$LIBS -lxnet -lsec -lsecpw" + disable_ptmx_check=yes + ;; *-*-hpux10*) if test -z "$GCC"; then CFLAGS="$CFLAGS -Ae" @@ -87,6 +115,8 @@ CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" IPADDR_IN_DISPLAY=yes AC_DEFINE(USE_PIPES) + AC_DEFINE(LOGIN_NO_ENDOPT) + AC_DEFINE(LOGIN_NEEDS_UTMPX) AC_DEFINE(DISABLE_SHADOW) AC_DEFINE(DISABLE_UTMP) AC_DEFINE(SPT_TYPE,SPT_PSTAT) @@ -97,6 +127,8 @@ IPADDR_IN_DISPLAY=yes AC_DEFINE(PAM_SUN_CODEBASE) AC_DEFINE(USE_PIPES) + AC_DEFINE(LOGIN_NO_ENDOPT) + AC_DEFINE(LOGIN_NEEDS_UTMPX) AC_DEFINE(DISABLE_SHADOW) AC_DEFINE(DISABLE_UTMP) AC_DEFINE(SPT_TYPE,SPT_PSTAT) @@ -107,6 +139,7 @@ LDFLAGS="$LDFLAGS" PATH="$PATH:/usr/etc" AC_DEFINE(BROKEN_INET_NTOA) + AC_DEFINE(WITH_ABBREV_NO_TTY) ;; *-*-irix6*) CPPFLAGS="$CPPFLAGS -I/usr/local/include" @@ -117,21 +150,18 @@ AC_DEFINE(WITH_IRIX_AUDIT) AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS)]) AC_DEFINE(BROKEN_INET_NTOA) + AC_DEFINE(WITH_ABBREV_NO_TTY) ;; *-*-linux*) no_dev_ptmx=1 check_for_libcrypt_later=1 AC_DEFINE(DONT_TRY_OTHER_AF) AC_DEFINE(PAM_TTY_KLUDGE) - AC_DEFINE(HAVE_BOGUS_SYS_QUEUE_H) inet6_default_4in6=yes ;; mips-sony-bsd|mips-sony-newsos4) AC_DEFINE(HAVE_NEWS4) SONY=1 - AC_CHECK_LIB(iberty, xatexit, AC_DEFINE(HAVE_XATEXIT), - AC_MSG_ERROR([*** libiberty missing - please install first or check config.log ***]) - ) ;; *-*-netbsd*) need_dash_r=1 @@ -175,7 +205,6 @@ CPPFLAGS="$CPPFLAGS -DSUNOS4" AC_CHECK_FUNCS(getpwanam) AC_DEFINE(PAM_SUN_CODEBASE) - AC_DEFINE(HAVE_BOGUS_SYS_QUEUE_H) conf_utmp_location=/etc/utmp conf_wtmp_location=/var/adm/wtmp conf_lastlog_location=/var/adm/lastlog @@ -185,7 +214,6 @@ CPPFLAGS="$CPPFLAGS -I/usr/local/include" LDFLAGS="$LDFLAGS -L/usr/local/lib" LIBS="$LIBS -lc89" - AC_DEFINE(HAVE_BOGUS_SYS_QUEUE_H) AC_DEFINE(USE_PIPES) ;; *-sni-sysv*) @@ -195,7 +223,6 @@ IPADDR_IN_DISPLAY=yes AC_DEFINE(USE_PIPES) AC_DEFINE(IP_TOS_IS_BROKEN) - AC_DEFINE(HAVE_BOGUS_SYS_QUEUE_H) # /usr/ucblib/libucb.a no longer needed on ReliantUNIX # Attention: always take care to bind libsocket and libnsl before libc, # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog @@ -225,9 +252,8 @@ no_dev_ptmx=1 AC_DEFINE(BROKEN_SYS_TERMIO_H) AC_DEFINE(USE_PIPES) - AC_DEFINE(HAVE_SCO_PROTECTED_PW) + AC_DEFINE(HAVE_SECUREWARE) AC_DEFINE(DISABLE_SHADOW) - AC_DEFINE(HAVE_BOGUS_SYS_QUEUE_H) AC_DEFINE(BROKEN_SAVED_UIDS) AC_CHECK_FUNCS(getluid setluid) MANTYPE=man @@ -240,9 +266,8 @@ no_dev_ptmx=1 rsh_path="/usr/bin/rcmd" AC_DEFINE(USE_PIPES) - AC_DEFINE(HAVE_SCO_PROTECTED_PW) + AC_DEFINE(HAVE_SECUREWARE) AC_DEFINE(DISABLE_SHADOW) - AC_DEFINE(HAVE_BOGUS_SYS_QUEUE_H) AC_CHECK_FUNCS(getluid setluid) MANTYPE=man ;; @@ -324,12 +349,12 @@ AC_CHECK_HEADERS(bstring.h crypt.h endian.h floatingpoint.h \ getopt.h glob.h lastlog.h limits.h login.h \ login_cap.h maillock.h netdb.h netgroup.h \ - netinet/in_systm.h paths.h poll.h pty.h \ - security/pam_appl.h shadow.h stddef.h stdint.h \ + netinet/in_systm.h paths.h pty.h readpassphrase.h \ + rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \ strings.h sys/bitypes.h sys/bsdtty.h sys/cdefs.h \ - sys/poll.h sys/queue.h sys/select.h sys/stat.h \ + sys/mman.h sys/select.h sys/stat.h \ sys/stropts.h sys/sysmacros.h sys/time.h \ - sys/ttcompat.h sys/un.h time.h ttyent.h usersec.h \ + sys/un.h time.h ttyent.h usersec.h \ util.h utime.h utmp.h utmpx.h) # Checks for libraries. @@ -539,16 +564,16 @@ ) dnl Checks for library functions. -AC_CHECK_FUNCS(arc4random atexit b64_ntop bcopy bindresvport_sa \ +AC_CHECK_FUNCS(arc4random b64_ntop bcopy bindresvport_sa \ clock fchmod fchown freeaddrinfo futimes gai_strerror \ getaddrinfo getcwd getgrouplist getnameinfo getopt \ getrlimit getrusage getttyent glob inet_aton inet_ntoa \ inet_ntop innetgr login_getcapbool md5_crypt memmove \ - mkdtemp on_exit openpty readpassphrase realpath \ - rresvport_af setdtablesize setegid setenv seteuid \ - setlogin setproctitle setresgid setreuid setrlimit \ - setsid setvbuf sigaction sigvec snprintf strerror \ - strlcat strlcpy strmode strsep sysconf tcgetpgrp utimes \ + mkdtemp mmap ngetaddrinfo openpty ogetaddrinfo readpassphrase \ + realpath recvmsg rresvport_af sendmsg setdtablesize setegid \ + setenv seteuid setlogin setproctitle setresgid setreuid setrlimit \ + setsid setvbuf sigaction sigvec snprintf socketpair strerror \ + strlcat strlcpy strmode strsep sysconf tcgetpgrp truncate utimes \ vhangup vsnprintf waitpid __b64_ntop _getpty) dnl IRIX and Solaris 2.5.1 have dirname() in libgen @@ -678,169 +703,52 @@ ) fi -# The big search for OpenSSL +# Search for OpenSSL +saved_CPPFLAGS="$CPPFLAGS" +saved_LDFLAGS="$LDFLAGS" AC_ARG_WITH(ssl-dir, [ --with-ssl-dir=PATH Specify path to OpenSSL installation ], [ if test "x$withval" != "xno" ; then - tryssldir=$withval - fi - ] -) - -saved_LIBS="$LIBS" -saved_LDFLAGS="$LDFLAGS" -saved_CPPFLAGS="$CPPFLAGS" -if test "x$prefix" != "xNONE" ; then - tryssldir="$tryssldir $prefix" -fi -AC_CACHE_CHECK([for OpenSSL directory], ac_cv_openssldir, [ - for ssldir in $tryssldir "" /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl ; do - CPPFLAGS="$saved_CPPFLAGS" - LDFLAGS="$saved_LDFLAGS" - LIBS="$saved_LIBS -lcrypto" - - # Skip directories if they don't exist - if test ! -z "$ssldir" -a ! -d "$ssldir" ; then - continue; - fi - if test ! -z "$ssldir" -a "x$ssldir" != "x/usr"; then - # Try to use $ssldir/lib if it exists, otherwise - # $ssldir - if test -d "$ssldir/lib" ; then - LDFLAGS="-L$ssldir/lib $saved_LDFLAGS" - if test ! -z "$need_dash_r" ; then - LDFLAGS="-R$ssldir/lib $LDFLAGS" + if test -d "$withval/lib"; then + if test -n "${need_dash_r}"; then + LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" + else + LDFLAGS="-L${withval}/lib ${LDFLAGS}" fi else - LDFLAGS="-L$ssldir $saved_LDFLAGS" - if test ! -z "$need_dash_r" ; then - LDFLAGS="-R$ssldir $LDFLAGS" + if test -n "${need_dash_r}"; then + LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" + else + LDFLAGS="-L${withval} ${LDFLAGS}" fi fi - # Try to use $ssldir/include if it exists, otherwise - # $ssldir - if test -d "$ssldir/include" ; then - CPPFLAGS="-I$ssldir/include $saved_CPPFLAGS" + if test -d "$withval/include"; then + CPPFLAGS="-I${withval}/include ${CPPFLAGS}" else - CPPFLAGS="-I$ssldir $saved_CPPFLAGS" - fi - fi - - # Basic test to check for compatible version and correct linking - # *does not* test for RSA - that comes later. - AC_TRY_RUN( - [ -#include -#include -int main(void) -{ - char a[2048]; - memset(a, 0, sizeof(a)); - RAND_add(a, sizeof(a), sizeof(a)); - return(RAND_status() <= 0); -} - ], - [ - found_crypto=1 - break; - ], [] - ) - - if test ! -z "$found_crypto" ; then - break; - fi - done - - if test -z "$found_crypto" ; then - AC_MSG_ERROR([Could not find working OpenSSL library, please install or check config.log]) - fi - if test -z "$ssldir" ; then - ssldir="(system)" - fi - - ac_cv_openssldir=$ssldir -]) - -if (test ! -z "$ac_cv_openssldir" && test "x$ac_cv_openssldir" != "x(system)") ; then - AC_DEFINE(HAVE_OPENSSL) - dnl Need to recover ssldir - test above runs in subshell - ssldir=$ac_cv_openssldir - if test ! -z "$ssldir" -a "x$ssldir" != "x/usr"; then - # Try to use $ssldir/lib if it exists, otherwise - # $ssldir - if test -d "$ssldir/lib" ; then - LDFLAGS="-L$ssldir/lib $saved_LDFLAGS" - if test ! -z "$need_dash_r" ; then - LDFLAGS="-R$ssldir/lib $LDFLAGS" + CPPFLAGS="-I${withval} ${CPPFLAGS}" fi - else - LDFLAGS="-L$ssldir $saved_LDFLAGS" - if test ! -z "$need_dash_r" ; then - LDFLAGS="-R$ssldir $LDFLAGS" - fi - fi - # Try to use $ssldir/include if it exists, otherwise - # $ssldir - if test -d "$ssldir/include" ; then - CPPFLAGS="-I$ssldir/include $saved_CPPFLAGS" - else - CPPFLAGS="-I$ssldir $saved_CPPFLAGS" fi - fi -fi -LIBS="$saved_LIBS -lcrypto" - -# Now test RSA support -saved_LIBS="$LIBS" -AC_MSG_CHECKING([for RSA support]) -for WANTS_RSAREF in "" 1 ; do - if test -z "$WANTS_RSAREF" ; then - LIBS="$saved_LIBS" - else - LIBS="$saved_LIBS -lRSAglue -lrsaref" - fi - AC_TRY_RUN([ -#include -#include -#include -#include -#include -int main(void) -{ - int num; RSA *key; static unsigned char p_in[] = "blahblah"; - unsigned char c[256], p[256]; - memset(c, 0, sizeof(c)); RAND_add(c, sizeof(c), sizeof(c)); - if ((key=RSA_generate_key(512, 3, NULL, NULL))==NULL) return(1); - num = RSA_public_encrypt(sizeof(p_in) - 1, p_in, c, key, RSA_PKCS1_PADDING); - return(-1 == RSA_private_decrypt(num, c, p, key, RSA_PKCS1_PADDING)); -} - ], + ] +) +LIBS="$LIBS -lcrypto" +AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL), [ - rsa_works=1 - break; - ], []) -done -LIBS="$saved_LIBS" - -if test ! -z "$no_rsa" ; then - AC_MSG_RESULT(disabled) - RSA_MSG="disabled" -else - if test -z "$rsa_works" ; then - AC_MSG_WARN([*** No RSA support found *** ]) - RSA_MSG="no" - else - if test -z "$WANTS_RSAREF" ; then - AC_MSG_RESULT(yes) - RSA_MSG="yes" + dnl Check default openssl install dir + if test -n "${need_dash_r}"; then + LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}" else - RSA_MSG="yes (using RSAref)" - AC_MSG_RESULT(using RSAref) - LIBS="$LIBS -lcrypto -lRSAglue -lrsaref" + LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}" fi - fi -fi + CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}" + AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL), + [ + AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***]) + ] + ) + ] +) + # Sanity check OpenSSL headers AC_MSG_CHECKING([whether OpenSSL's headers match the library]) @@ -1003,9 +911,33 @@ fi ] ) - AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout) +ssh_privsep_user=sshd +AC_ARG_WITH(privsep-user, + [ --with-privsep-user=user Specify non-privileged user for privilege separation], + [ + if test -n "$withval"; then + ssh_privsep_user=$withval + fi + ] +) +AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$ssh_privsep_user") + +# We do this little dance with the search path to insure +# that programs that we select for use by installed programs +# (which may be run by the super-user) come from trusted +# locations before they come from the user's private area. +# This should help avoid accidentally configuring some +# random version of a program in someone's personal bin. + +OPATH=$PATH +PATH=/bin:/usr/bin +test -h /bin 2> /dev/null && PATH=/usr/bin +test -d /sbin && PATH=$PATH:/sbin +test -d /usr/sbin && PATH=$PATH:/usr/sbin +PATH=$PATH:/etc:$OPATH + # These programs are used by the command hashing source to gather entropy OSSH_PATH_ENTROPY_PROG(PROG_LS, ls) OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat) @@ -1023,6 +955,8 @@ OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime) OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs) OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail) +# restore PATH +PATH=$OPATH # Where does ssh-rand-helper get its randomness from? INSTALL_SSH_PRNG_CMDS="" @@ -1052,6 +986,11 @@ AC_CHECK_SIZEOF(long int, 4) AC_CHECK_SIZEOF(long long int, 8) +# Sanity check long long for some platforms (AIX) +if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then + ac_cv_sizeof_long_long_int=0 +fi + # More checks for data types AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [ AC_TRY_COMPILE( @@ -1560,6 +1499,40 @@ AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD) fi +AC_CACHE_CHECK([for msg_accrights field in struct msghdr], + ac_cv_have_accrights_in_msghdr, [ + AC_TRY_COMPILE( + [ +#include +#include +#include + ], + [ struct msghdr m; m.msg_accrights = 0; ], + [ ac_cv_have_accrights_in_msghdr="yes" ], + [ ac_cv_have_accrights_in_msghdr="no" ] + ) +]) +if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then + AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR) +fi + +AC_CACHE_CHECK([for msg_control field in struct msghdr], + ac_cv_have_control_in_msghdr, [ + AC_TRY_COMPILE( + [ +#include +#include +#include + ], + [ struct msghdr m; m.msg_control = 0; ], + [ ac_cv_have_control_in_msghdr="yes" ], + [ ac_cv_have_control_in_msghdr="no" ] + ) +]) +if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then + AC_DEFINE(HAVE_CONTROL_IN_MSGHDR) +fi + AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [ AC_TRY_LINK([], [ extern char *__progname; printf("%s", __progname); ], @@ -1571,6 +1544,32 @@ AC_DEFINE(HAVE___PROGNAME) fi +AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [ + AC_TRY_LINK([ +#include +], + [ printf("%s", __FUNCTION__); ], + [ ac_cv_cc_implements___FUNCTION__="yes" ], + [ ac_cv_cc_implements___FUNCTION__="no" ] + ) +]) +if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then + AC_DEFINE(HAVE___FUNCTION__) +fi + +AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [ + AC_TRY_LINK([ +#include +], + [ printf("%s", __func__); ], + [ ac_cv_cc_implements___func__="yes" ], + [ ac_cv_cc_implements___func__="no" ] + ) +]) +if test "x$ac_cv_cc_implements___func__" = "xyes" ; then + AC_DEFINE(HAVE___func__) +fi + AC_CACHE_CHECK([whether getopt has optreset support], ac_cv_have_getopt_optreset, [ AC_TRY_LINK( @@ -1609,11 +1608,11 @@ AC_DEFINE(HAVE_SYS_NERR) fi - -# Check whether user wants Kerberos support SCARD_MSG="no" -AC_ARG_WITH(smartcard, - [ --with-smartcard Enable smartcard support], + +# Check whether user wants sectok support +AC_ARG_WITH(sectok, + [ --with-sectok Enable smartcard support using libsectok], [ if test "x$withval" != "xno" ; then if test "x$withval" != "xyes" ; then @@ -1635,12 +1634,70 @@ AC_MSG_ERROR(Can't find libsectok) fi AC_DEFINE(SMARTCARD) - SCARD_MSG="yes" + AC_DEFINE(USE_SECTOK) + SCARD_MSG="yes, using sectok" fi ] ) -# Check whether user wants Kerberos support +# Check whether user wants OpenSC support +AC_ARG_WITH(opensc, + AC_HELP_STRING([--with-opensc=PFX], + [Enable smartcard support using OpenSC]), + opensc_config_prefix="$withval", opensc_config_prefix="") +if test x$opensc_config_prefix != x ; then + OPENSC_CONFIG=$opensc_config_prefix/bin/opensc-config + AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no) + if test "$OPENSC_CONFIG" != "no"; then + LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags` + LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs` + CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS" + LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS" + AC_DEFINE(SMARTCARD) + AC_DEFINE(USE_OPENSC) + SCARD_MSG="yes, using OpenSC" + fi +fi + +# Check whether user wants Kerberos 5 support +KRB5_MSG="no" +AC_ARG_WITH(kerberos5, + [ --with-kerberos5=PATH Enable Kerberos 5 support], + [ + if test "x$withval" != "xno" ; then + if test "x$withval" = "xyes" ; then + KRB5ROOT="/usr/local" + else + KRB5ROOT=${withval} + fi + CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include" + LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib" + AC_DEFINE(KRB5) + KRB5_MSG="yes" + AC_MSG_CHECKING(whether we are using Heimdal) + AC_TRY_COMPILE([ #include ], + [ char *tmp = heimdal_version; ], + [ AC_MSG_RESULT(yes) + AC_DEFINE(HEIMDAL) + K5LIBS="-lkrb5 -ldes -lcom_err -lasn1 -lroken" + ], + [ AC_MSG_RESULT(no) + K5LIBS="-lkrb5 -lk5crypto -lcom_err" + ] + ) + if test ! -z "$need_dash_r" ; then + LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib" + fi + if test ! -z "$blibpath" ; then + blibpath="$blibpath:${KRB5ROOT}/lib" + fi + AC_CHECK_LIB(resolv, dn_expand, , ) + + KRB5=yes + fi + ] +) +# Check whether user wants Kerberos 4 support KRB4_MSG="no" AC_ARG_WITH(kerberos4, [ --with-kerberos4=PATH Enable Kerberos 4 support], @@ -1720,7 +1777,7 @@ fi ] ) -LIBS="$LIBS $KLIBS" +LIBS="$LIBS $KLIBS $K5LIBS" # Looking for programs, paths and files AC_ARG_WITH(rsh, @@ -1735,6 +1792,17 @@ ] ) +PRIVSEP_PATH=/var/empty +AC_ARG_WITH(privsep-path, + [ --with-privsep-path=xxx Path for privilege seperation chroot ], + [ + if test "x$withval" != "$no" ; then + PRIVSEP_PATH=$withval + fi + ] +) +AC_SUBST(PRIVSEP_PATH) + AC_ARG_WITH(xauth, [ --with-xauth=PATH Specify path to xauth program ], [ @@ -1769,12 +1837,14 @@ fi if test -z "$no_dev_ptmx" ; then - AC_CHECK_FILE("/dev/ptmx", - [ - AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX) - have_dev_ptmx=1 - ] - ) + if test "x$disable_ptmx_check" != "xyes" ; then + AC_CHECK_FILE("/dev/ptmx", + [ + AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX) + have_dev_ptmx=1 + ] + ) + fi fi AC_CHECK_FILE("/dev/ptc", [ @@ -1874,17 +1944,28 @@ ) fi +dnl BSD systems use /etc/login.conf so --with-default-path= has no effect +if test $ac_cv_func_login_getcapbool = "yes" -a \ + $ac_cv_header_login_cap_h = "yes" ; then + USES_LOGIN_CONF=yes +fi # Whether to mess with the default path SERVER_PATH_MSG="(default)" AC_ARG_WITH(default-path, - [ --with-default-path=PATH Specify default \$PATH environment for server], + [ --with-default-path= Specify default \$PATH environment for server], [ - if test "x$withval" != "xno" ; then + if test "$USES_LOGIN_CONF" = "yes" ; then + AC_MSG_WARN([ +--with-default-path=PATH has no effect on this system. +Edit /etc/login.conf instead.]) + elif test "x$withval" != "xno" ; then user_path="$withval" SERVER_PATH_MSG="$withval" fi ], - [ + [ if test "$USES_LOGIN_CONF" = "yes" ; then + AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf]) + else AC_TRY_RUN( [ /* find out what STDPATH is */ @@ -1934,10 +2015,25 @@ AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work) fi fi + fi ] +) +if test "$USES_LOGIN_CONF" != "yes" ; then + AC_DEFINE_UNQUOTED(USER_PATH, "$user_path") + AC_SUBST(user_path) +fi + +# Set superuser path separately to user path +MD5_MSG="no" +AC_ARG_WITH(superuser-path, + [ --with-superuser-path= Specify different path for super-user], + [ + if test "x$withval" != "xno" ; then + AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval") + superuser_path=$withval + fi ] ) -AC_DEFINE_UNQUOTED(USER_PATH, "$user_path") -AC_SUBST(user_path) + # Whether to force IPv4 by default (needed on broken glibc Linux) IPV4_HACK_MSG="no" @@ -2007,23 +2103,26 @@ # Where to place sshd.pid piddir=/var/run +# make sure the directory exists +if test ! -d $piddir ; then + piddir=`eval echo ${sysconfdir}` + case $piddir in + NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;; + esac +fi + AC_ARG_WITH(pid-dir, [ --with-pid-dir=PATH Specify location of ssh.pid file], [ if test "x$withval" != "xno" ; then piddir=$withval + if test ! -d $piddir ; then + AC_MSG_WARN([** no $piddir directory on this system **]) + fi fi ] ) -# make sure the directory exists -if test ! -d $piddir ; then - piddir=`eval echo ${sysconfdir}` - case $piddir in - NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;; - esac -fi - AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir") AC_SUBST(piddir) @@ -2275,32 +2374,43 @@ E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}` F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}` G=`eval echo ${piddir}` ; G=`eval echo ${G}` -H=`eval echo ${user_path}` ; H=`eval echo ${H}` +H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}` +I=`eval echo ${user_path}` ; I=`eval echo ${I}` +J=`eval echo ${superuser_path}` ; J=`eval echo ${J}` echo "" echo "OpenSSH has been configured with the following options:" -echo " User binaries: $B" -echo " System binaries: $C" -echo " Configuration files: $D" -echo " Askpass program: $E" -echo " Manual pages: $F" -echo " PID file: $G" -echo " sshd default user PATH: $H" -echo " Manpage format: $MANTYPE" -echo " PAM support: ${PAM_MSG}" -echo " KerberosIV support: $KRB4_MSG" -echo " Smartcard support: $SCARD_MSG" -echo " AFS support: $AFS_MSG" -echo " S/KEY support: $SKEY_MSG" -echo " TCP Wrappers support: $TCPW_MSG" -echo " MD5 password support: $MD5_MSG" -echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" -echo " Use IPv4 by default hack: $IPV4_HACK_MSG" -echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" -echo " BSD Auth support: $BSD_AUTH_MSG" -echo " Random number source: $RAND_MSG" +echo " User binaries: $B" +echo " System binaries: $C" +echo " Configuration files: $D" +echo " Askpass program: $E" +echo " Manual pages: $F" +echo " PID file: $G" +echo " Privilege separation chroot path: $H" +if test "$USES_LOGIN_CONF" = "yes" ; then +echo " At runtime, sshd will use the path defined in /etc/login.conf" +else +echo " sshd default user PATH: $I" +fi +if test ! -z "$superuser_path" ; then +echo " sshd superuser user PATH: $J" +fi +echo " Manpage format: $MANTYPE" +echo " PAM support: ${PAM_MSG}" +echo " KerberosIV support: $KRB4_MSG" +echo " KerberosV support: $KRB5_MSG" +echo " Smartcard support: $SCARD_MSG" +echo " AFS support: $AFS_MSG" +echo " S/KEY support: $SKEY_MSG" +echo " TCP Wrappers support: $TCPW_MSG" +echo " MD5 password support: $MD5_MSG" +echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" +echo " Use IPv4 by default hack: $IPV4_HACK_MSG" +echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" +echo " BSD Auth support: $BSD_AUTH_MSG" +echo " Random number source: $RAND_MSG" if test ! -z "$USE_RAND_HELPER" ; then - echo " ssh-rand-helper collects from: $RAND_HELPER_MSG" +echo " ssh-rand-helper collects from: $RAND_HELPER_MSG" fi echo "" diff -ru openssh-3.1p1/contrib/aix/buildbff.sh openssh-3.2.2p1/contrib/aix/buildbff.sh --- openssh-3.1p1/contrib/aix/buildbff.sh 2002-03-05 14:38:37.000000000 +1100 +++ openssh-3.2.2p1/contrib/aix/buildbff.sh 2002-03-18 09:05:25.000000000 +1100 @@ -11,21 +11,14 @@ umask 022 PKGNAME=openssh +PKGDIR=package -PATH=$PATH:`pwd` # set path for external tools +PATH=`pwd`:$PATH # set path for external tools export PATH -## Extract common info requires for the 'info' part of the package. -VERSION=`tail -1 ../../version.h | sed -e 's/.*_\([0-9]\)/\1/g' | sed 's/\"$//'` -BFFVERSION=`echo $VERSION | sed 's/p/./g'` - -echo "Building BFF for $PKGNAME $VERSION (package version $BFFVERSION)" -PKGDIR=package - -# Clean build directory and package file +# Clean build directory rm -rf $PKGDIR mkdir $PKGDIR -rm -f $PKGNAME-$VERSION.bff if [ ! -f ../../Makefile ] then @@ -40,6 +33,29 @@ cd ../.. make install-nokeys DESTDIR=$FAKE_ROOT +if [ $? -gt 0 ] +then + echo "Fake root install failed, stopping." + exit 1 +fi + +# +# Extract common info requires for the 'info' part of the package. +# AIX requires 4-part version numbers +# +VERSION=`./ssh -V 2>&1 | sed -e 's/,.*//' | cut -f 2 -d _` +MAJOR=`echo $VERSION | cut -f 1 -d p | cut -f 1 -d .` +MINOR=`echo $VERSION | cut -f 1 -d p | cut -f 2 -d .` +PATCH=`echo $VERSION | cut -f 1 -d p | cut -f 3 -d .` +PORTABLE=`echo $VERSION | cut -f 2 -d p` +if [ "$PATCH" = "" ] +then + PATCH=0 +fi +BFFVERSION=`printf "%d.%d.%d.%d" $MAJOR $MINOR $PATCH $PORTABLE` + +echo "Building BFF for $PKGNAME $VERSION (package version $BFFVERSION)" + # # Fill in some details, like prefix and sysconfdir # the eval also expands variables like sysconfdir=${prefix}/etc @@ -175,6 +191,7 @@ # file list on the fly and feed it to backup using -i # echo Creating $PKGNAME-$VERSION.bff with backup... +rm -f $PKGNAME-$VERSION.bff ( echo "./lpp_name" find . ! -name lpp_name -a ! -name . -print diff -ru openssh-3.1p1/contrib/aix/inventory.sh openssh-3.2.2p1/contrib/aix/inventory.sh --- openssh-3.1p1/contrib/aix/inventory.sh 2002-03-05 14:38:37.000000000 +1100 +++ openssh-3.2.2p1/contrib/aix/inventory.sh 2002-03-18 09:05:25.000000000 +1100 @@ -52,7 +52,7 @@ } elsif ( -f $_ ) { # Entry is File print "\ttype=FILE\n"; - print "\tsize=VOLATILE\n"; + print "\tsize=$sz\n"; print "\tchecksum=VOLATILE\n"; } elsif ( -d $_ ) { # Entry is Directory diff -ru openssh-3.1p1/contrib/caldera/openssh.spec openssh-3.2.2p1/contrib/caldera/openssh.spec --- openssh-3.1p1/contrib/caldera/openssh.spec 2002-03-07 13:04:38.000000000 +1100 +++ openssh-3.2.2p1/contrib/caldera/openssh.spec 2002-05-16 09:26:16.000000000 +1000 @@ -1,11 +1,11 @@ %define use-stable 1 %if %{use-stable} - %define version 3.1p1 + %define version 3.2.2p1 %define cvs %{nil} %define release 1 %else - %define version 3.0p1 - %define cvs cvs20011102 + %define version 3.2.2 + %define cvs cvs20020515 %define release 0r1 %endif %define xsa x11-ssh-askpass @@ -93,7 +93,7 @@ # enabling X11 forwarding on the server is convenient and okay, # on the client side we consider it a potential security risk! %{fixUP} -vT $DESTDIR/etc/ssh/sshd_config -e ' - s/X11Forwarding no/X11Forwarding yes/i' + s/#X11Forwarding no/X11Forwarding yes/i' install -m644 contrib/caldera/sshd.pam $DESTDIR/etc/pam.d/sshd # FIXME: disabled, find out why this doesn't work with NIS @@ -171,7 +171,7 @@ if [ -x %{LSBinit}-install ]; then %{LSBinit}-install sshd else - lisa --SysV-init install sshd S55 3:4:5 K45 0:1:2:6 + lisa --SysV-init install sshd S55 2:3:4:5 K45 0:1:6 fi ! %{SVIdir}/sshd status || %{SVIdir}/sshd restart @@ -224,4 +224,4 @@ %ChangeLog * Mon Jan 01 1998 ... -$Id: openssh.spec,v 1.27 2002/03/07 02:04:38 djm Exp $ +$Id: openssh.spec,v 1.32 2002/05/15 23:26:16 djm Exp $ diff -ru openssh-3.1p1/contrib/cygwin/README openssh-3.2.2p1/contrib/cygwin/README --- openssh-3.1p1/contrib/cygwin/README 2001-12-29 14:10:10.000000000 +1100 +++ openssh-3.2.2p1/contrib/cygwin/README 2002-04-30 13:53:13.000000000 +1000 @@ -172,8 +172,8 @@ --sysconfdir=/etc \ --libexecdir='${exec_prefix}/sbin' -You must have installed the zlib, openssl and regex packages to -be able to build OpenSSH! +You must have installed the zlib and openssl packages to be able to +build OpenSSH! Please send requests, error reports etc. to cygwin@cygwin.com. diff -ru openssh-3.1p1/contrib/cygwin/ssh-host-config openssh-3.2.2p1/contrib/cygwin/ssh-host-config --- openssh-3.1p1/contrib/cygwin/ssh-host-config 2001-11-12 10:36:21.000000000 +1100 +++ openssh-3.2.2p1/contrib/cygwin/ssh-host-config 2002-04-13 03:44:14.000000000 +1000 @@ -434,9 +434,9 @@ then if [ "${with_comment}" -eq 0 ] then - echo 'ssh stream tcp nowait root /usr/sbin/sshd -i' >> "${_inetcnf}" + echo 'ssh stream tcp nowait root /usr/sbin/sshd sshd -i' >> "${_inetcnf}" else - echo '# ssh stream tcp nowait root /usr/sbin/sshd -i' >> "${_inetcnf}" + echo '# ssh stream tcp nowait root /usr/sbin/sshd sshd -i' >> "${_inetcnf}" fi echo "Added ssh to ${_inetcnf}" fi Only in openssh-3.2.2p1/contrib/redhat: gnome-ssh-askpass.csh Only in openssh-3.2.2p1/contrib/redhat: gnome-ssh-askpass.sh diff -ru openssh-3.1p1/contrib/redhat/openssh.spec openssh-3.2.2p1/contrib/redhat/openssh.spec --- openssh-3.1p1/contrib/redhat/openssh.spec 2002-03-07 13:04:38.000000000 +1100 +++ openssh-3.2.2p1/contrib/redhat/openssh.spec 2002-05-16 09:26:17.000000000 +1000 @@ -1,5 +1,9 @@ -# Version of OpenSSH -%define oversion 3.1p1 +%define ver 3.2.2p1 +%define rel 1 + +# OpenSSH privilege separation requires a user & group ID +%define sshd_uid 74 +%define sshd_gid 74 # Version of ssh-askpass %define aversion 1.2.4.1 @@ -16,8 +20,8 @@ # Do we want smartcard support (1=yes 0=no) %define scard 0 -# Use Redhat 7.0 pam control file -%define redhat7 0 +# Is this build for RHL 6.x? +%define build6x 0 # Disable IPv6 (avoids DNS hangs on some glibc versions) %define noip6 0 @@ -27,9 +31,14 @@ %{?skip_x11_askpass:%define no_x11_askpass 1} %{?skip_gnome_askpass:%define no_gnome_askpass 1} -# Options for Redhat version: -# rpm -ba|--rebuild --define "rh7 1" -%{?rh7:%define redhat7 1} +# Is this a build for RHL 6.x or earlier? +%{?build_6x:%define build6x 1} + +# If this is RHL 6.x, the default configuration has sysconfdir in /usr/etc. +%if %{build6x} +%define _sysconfdir /etc +%define noip6 1 +%endif # Options for static OpenSSL link: # rpm -ba|--rebuild --define "static_openssl 1" @@ -43,37 +52,43 @@ # rpm -ba|--rebuild --define "noipv6 1" %{?noipv6:%define noip6 1} -%define exact_openssl_version %(rpm -q openssl | cut -d - -f 2) +# Is this a build for the rescue CD (without PAM, with MD5)? (1=yes 0=no) +%define rescue 0 +%{?build_rescue:%define rescue 1} -Summary: The OpenSSH implementation of SSH protocol versions 1 and 2 +Summary: The OpenSSH implementation of SSH protocol versions 1 and 2. Name: openssh -Version: %{oversion} -Release: 1 -Packager: Damien Miller +Version: %{ver} +%if %{rescue} +Release: %{rel}rescue +%else +Release: %{rel} +%endif URL: http://www.openssh.com/portable.html -Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{oversion}.tar.gz -%if ! %{no_x11_askpass} +Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz Source1: http://www.pobox.com/~jmknoble/software/x11-ssh-askpass/x11-ssh-askpass-%{aversion}.tar.gz -%endif License: BSD Group: Applications/Internet BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot Obsoletes: ssh -BuildPreReq: perl, openssl-devel, tcp_wrappers -BuildPreReq: /bin/login, /usr/include/security/pam_appl.h -BuildPreReq: rpm >= 3.0.5 +%if %{build6x} +PreReq: initscripts >= 5.00 +%else +PreReq: initscripts >= 5.20 +%endif +BuildPreReq: perl, openssl-devel, sharutils, tcp_wrappers +BuildPreReq: /bin/login +%if %{build6x} +BuildPreReq: glibc-devel, pam +%else +BuildPreReq: db1-devel, /usr/include/security/pam_appl.h +%endif %if ! %{no_x11_askpass} BuildPreReq: XFree86-devel %endif %if ! %{no_gnome_askpass} BuildPreReq: gnome-libs-devel %endif -%if ! %{static_libcrypto} -PreReq: openssl >= 0.9.5a -PreReq: openssl = %{exact_openssl_version} -Requires: openssl >= 0.9.5a -%endif -Requires: rpm >= 3.0.5 %package clients Summary: OpenSSH clients. @@ -86,7 +101,7 @@ Group: System Environment/Daemons Obsoletes: ssh-server PreReq: openssh = %{version}-%{release}, chkconfig >= 0.9 -%if %{redhat7} +%if ! %{build6x} Requires: /etc/pam.d/system-auth %endif @@ -103,41 +118,43 @@ Obsoletes: ssh-extras %description -OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. SSH -replaces rlogin and rsh, to provide secure encrypted communications -between two untrusted hosts over an insecure network. X11 connections -and arbitrary TCP/IP ports can also be forwarded over the secure -channel. Public key authentication may be used for "passwordless" -access to servers. +SSH (Secure SHell) is a program for logging into and executing +commands on a remote machine. SSH is intended to replace rlogin and +rsh, and to provide secure encrypted communications between two +untrusted hosts over an insecure network. X11 connections and +arbitrary TCP/IP ports can also be forwarded over the secure channel. + +OpenSSH is OpenBSD's version of the last free version of SSH, bringing +it up to date in terms of security and features, as well as removing +all patented algorithms to separate libraries. This package includes the core files necessary for both the OpenSSH client and server. To make this package useful, you should also install openssh-clients, openssh-server, or both. %description clients -OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. - -This package includes the clients necessary to make encrypted -connections to SSH protocol servers. You'll also need to install the -openssh package on OpenSSH clients. +OpenSSH is a free version of SSH (Secure SHell), a program for logging +into and executing commands on a remote machine. This package includes +the clients necessary to make encrypted connections to SSH servers. +You'll also need to install the openssh package on OpenSSH clients. %description server -OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. - -This package contains the secure shell daemon (sshd). The sshd daemon -allows SSH clients to securely connect to your SSH server. You also -need to have the openssh package installed. +OpenSSH is a free version of SSH (Secure SHell), a program for logging +into and executing commands on a remote machine. This package contains +the secure shell daemon (sshd). The sshd daemon allows SSH clients to +securely connect to your SSH server. You also need to have the openssh +package installed. %description askpass -OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. - -This package contains an X11 passphrase dialog for OpenSSH. +OpenSSH is a free version of SSH (Secure SHell), a program for logging +into and executing commands on a remote machine. This package contains +an X11 passphrase dialog for OpenSSH. %description askpass-gnome -OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. - -This package contains an X11 passphrase dialog for OpenSSH and the -GNOME GUI desktop environment. +OpenSSH is a free version of SSH (Secure SHell), a program for logging +into and executing commands on a remote machine. This package contains +an X11 passphrase dialog for OpenSSH and the GNOME GUI desktop +environment. %prep @@ -148,38 +165,41 @@ %endif %build - -%define _sysconfdir /etc/ssh - -EXTRA_OPTS="" - -%if %{scard} - EXTRA_OPTS="$EXTRA_OPTS --with-smartcard" -%endif - -%if %{noip6} - EXTRA_OPTS="$EXTRA_OPTS --with-ipv4-default " +%if %{rescue} +CFLAGS="$RPM_OPT_FLAGS -Os"; export CFLAGS %endif %configure \ + --sysconfdir=%{_sysconfdir}/ssh \ --libexecdir=%{_libexecdir}/openssh \ --datadir=%{_datadir}/openssh \ - --with-pam \ --with-tcp-wrappers \ - --with-rsh=/usr/bin/rsh \ - --with-default-path=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin \ - $EXTRA_OPTS + --with-rsh=%{_bindir}/rsh \ + --with-default-path=/usr/local/bin:/bin:/usr/bin \ + --with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin \ + --with-privsep-path=%{_var}/empty/sshd \ +%if %{scard} + --with-smartcard \ +%endif +%if %{noip6} + --with-ipv4-default \ +%endif +%if %{rescue} + --without-pam --with-md5-passwords +%else + --with-pam --with-kerberos5=/usr/kerberos +%endif + %if %{static_libcrypto} -perl -pi -e "s|-lcrypto|/usr/lib/libcrypto.a|g" Makefile +perl -pi -e "s|-lcrypto|%{_libdir}/libcrypto.a|g" Makefile %endif make %if ! %{no_x11_askpass} pushd x11-ssh-askpass-%{aversion} -%configure \ - --libexecdir=%{_libexecdir}/openssh +%configure --libexecdir=%{_libexecdir}/openssh xmkmf -a make popd @@ -187,7 +207,7 @@ %if ! %{no_gnome_askpass} pushd contrib -gcc -O -g `gnome-config --cflags gnome gnomeui` \ +gcc $RPM_OPT_FLAGS `gnome-config --cflags gnome gnomeui` \ gnome-ssh-askpass.c -o gnome-ssh-askpass \ `gnome-config --libs gnome gnomeui` popd @@ -195,58 +215,98 @@ %install rm -rf $RPM_BUILD_ROOT -%{makeinstall} \ - libexecdir=$RPM_BUILD_ROOT%{_libexecdir}/openssh \ - datadir=$RPM_BUILD_ROOT%{_datadir}/openssh \ - DESTDIR=/ # Hack to disable key generation +mkdir -p -m755 $RPM_BUILD_ROOT%{_sysconfdir}/ssh +mkdir -p -m755 $RPM_BUILD_ROOT%{_libexecdir}/openssh +mkdir -p -m755 $RPM_BUILD_ROOT%{_var}/empty/sshd +make install DESTDIR=$RPM_BUILD_ROOT install -d $RPM_BUILD_ROOT/etc/pam.d/ install -d $RPM_BUILD_ROOT/etc/rc.d/init.d install -d $RPM_BUILD_ROOT%{_libexecdir}/openssh -%if %{redhat7} -install -m644 contrib/redhat/sshd.pam-7.x $RPM_BUILD_ROOT/etc/pam.d/sshd +%if %{build6x} +install -m644 contrib/redhat/sshd.pam.old $RPM_BUILD_ROOT/etc/pam.d/sshd %else -install -m644 contrib/redhat/sshd.pam $RPM_BUILD_ROOT/etc/pam.d/sshd +install -m644 contrib/redhat/sshd.pam $RPM_BUILD_ROOT/etc/pam.d/sshd %endif install -m755 contrib/redhat/sshd.init $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd %if ! %{no_x11_askpass} install -s x11-ssh-askpass-%{aversion}/x11-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/x11-ssh-askpass -ln -s /usr/libexec/openssh/x11-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/ssh-askpass +ln -s x11-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/ssh-askpass %endif %if ! %{no_gnome_askpass} install -s contrib/gnome-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/gnome-ssh-askpass %endif +install -m 755 -d $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/ +install -m 755 contrib/redhat/gnome-ssh-askpass.csh $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/ +install -m 755 contrib/redhat/gnome-ssh-askpass.sh $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/ + perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT%{_mandir}/man*/* %clean rm -rf $RPM_BUILD_ROOT +%triggerun server -- ssh-server +if [ "$1" != 0 -a -r /var/run/sshd.pid ] ; then + touch /var/run/sshd.restart +fi + +%triggerun server -- openssh-server < 2.5.0p1 +# Count the number of HostKey and HostDsaKey statements we have. +gawk 'BEGIN {IGNORECASE=1} + /^hostkey/ || /^hostdsakey/ {sawhostkey = sawhostkey + 1} + END {exit sawhostkey}' /etc/ssh/sshd_config +# And if we only found one, we know the client was relying on the old default +# behavior, which loaded the the SSH2 DSA host key when HostDsaKey wasn't +# specified. Now that HostKey is used for both SSH1 and SSH2 keys, specifying +# one nullifies the default, which would have loaded both. +if [ $? -eq 1 ] ; then + echo HostKey /etc/ssh/ssh_host_rsa_key >> /etc/ssh/sshd_config + echo HostKey /etc/ssh/ssh_host_dsa_key >> /etc/ssh/sshd_config +fi + +%triggerpostun server -- ssh-server +if [ "$1" != 0 ] ; then + /sbin/chkconfig --add sshd + if test -f /var/run/sshd.restart ; then + rm -f /var/run/sshd.restart + /sbin/service sshd start > /dev/null 2>&1 || : + fi +fi + +%pre server +%{_sbindir}/groupadd -r -g %{sshd_gid} sshd 2>/dev/null || : +%{_sbindir}/useradd -d /var/empty/sshd -s /bin/false -u %{sshd_uid} \ + -g sshd -M -r sshd 2>/dev/null || : + %post server /sbin/chkconfig --add sshd -if test -r /var/run/sshd.pid ; then - /etc/rc.d/init.d/sshd restart >&2 -fi + +%postun server +/sbin/service sshd condrestart > /dev/null 2>&1 || : %preun server -if [ "$1" = 0 ] ; then - /etc/rc.d/init.d/sshd stop >&2 +if [ "$1" = 0 ] +then + /sbin/service sshd stop > /dev/null 2>&1 || : /sbin/chkconfig --del sshd fi %files %defattr(-,root,root) %doc CREDITS ChangeLog INSTALL LICENCE OVERVIEW README* RFC* TODO WARNING* -%attr(0755,root,root) %{_bindir}/ssh-keygen %attr(0755,root,root) %{_bindir}/scp -%attr(0644,root,root) %{_mandir}/man1/ssh-keygen.1* %attr(0644,root,root) %{_mandir}/man1/scp.1* -%attr(0755,root,root) %dir %{_sysconfdir} -%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/moduli +%attr(0755,root,root) %dir %{_sysconfdir}/ssh +%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli +%if ! %{rescue} +%attr(0755,root,root) %{_bindir}/ssh-keygen +%attr(0644,root,root) %{_mandir}/man1/ssh-keygen.1* %attr(0755,root,root) %dir %{_libexecdir}/openssh +%endif %if %{scard} %attr(0755,root,root) %dir %{_datadir}/openssh %attr(0644,root,root) %{_datadir}/openssh/Ssh.bin @@ -255,29 +315,34 @@ %files clients %defattr(-,root,root) %attr(4755,root,root) %{_bindir}/ssh +%attr(0644,root,root) %{_mandir}/man1/ssh.1* +%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config +%attr(-,root,root) %{_bindir}/slogin +%attr(-,root,root) %{_mandir}/man1/slogin.1* +%if ! %{rescue} %attr(0755,root,root) %{_bindir}/ssh-agent %attr(0755,root,root) %{_bindir}/ssh-add %attr(0755,root,root) %{_bindir}/ssh-keyscan %attr(0755,root,root) %{_bindir}/sftp -%attr(0644,root,root) %{_mandir}/man1/ssh.1* %attr(0644,root,root) %{_mandir}/man1/ssh-agent.1* %attr(0644,root,root) %{_mandir}/man1/ssh-add.1* %attr(0644,root,root) %{_mandir}/man1/ssh-keyscan.1* %attr(0644,root,root) %{_mandir}/man1/sftp.1* -%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh_config -%attr(-,root,root) %{_bindir}/slogin -%attr(-,root,root) %{_mandir}/man1/slogin.1* +%endif +%if ! %{rescue} %files server %defattr(-,root,root) +%dir %attr(0111,root,root) %{_var}/empty/sshd %attr(0755,root,root) %{_sbindir}/sshd %attr(0755,root,root) %{_libexecdir}/openssh/sftp-server %attr(0644,root,root) %{_mandir}/man8/sshd.8* %attr(0644,root,root) %{_mandir}/man8/sftp-server.8* -#%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/sshd_config -%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/sshd_config +%attr(0755,root,root) %dir %{_sysconfdir}/ssh +%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config %attr(0600,root,root) %config(noreplace) /etc/pam.d/sshd %attr(0755,root,root) %config /etc/rc.d/init.d/sshd +%endif %if ! %{no_x11_askpass} %files askpass @@ -292,44 +357,389 @@ %if ! %{no_gnome_askpass} %files askpass-gnome %defattr(-,root,root) +%attr(0755,root,root) %config %{_sysconfdir}/profile.d/gnome-ssh-askpass.* %attr(0755,root,root) %{_libexecdir}/openssh/gnome-ssh-askpass %endif %changelog -* Mon Oct 18 2000 Damien Miller -- Merge some of Nalin Dahyabhai changes from the - Redhat 7.0 spec file -* Tue Sep 05 2000 Damien Miller -- Use RPM configure macro -* Tue Aug 08 2000 Damien Miller -- Some surgery to sshd.init (generate keys at runtime) -- Cleanup of groups and removal of keygen calls -* Wed Jul 12 2000 Damien Miller -- Make building of X11-askpass and gnome-askpass optional -* Mon Jun 12 2000 Damien Miller -- Glob manpages to catch compressed files +* Fri May 10 2002 Damien Miller +- Merge in spec changes from RedHat, reorgansie a little +- Add Privsep user, group and directory + +* Thu Mar 7 2002 Nalin Dahyabhai 3.1p1-2 +- bump and grind (through the build system) + +* Thu Mar 7 2002 Nalin Dahyabhai 3.1p1-1 +- require sharutils for building (mindrot #137) +- require db1-devel only when building for 6.x (#55105), which probably won't + work anyway (3.1 requires OpenSSL 0.9.6 to build), but what the heck +- require pam-devel by file (not by package name) again +- add Markus's patch to compile with OpenSSL 0.9.5a (from + http://bugzilla.mindrot.org/show_bug.cgi?id=141) and apply it if we're + building for 6.x + +* Thu Mar 7 2002 Nalin Dahyabhai 3.1p1-0 +- update to 3.1p1 + +* Tue Mar 5 2002 Nalin Dahyabhai SNAP-20020305 +- update to SNAP-20020305 +- drop debug patch, fixed upstream + +* Wed Feb 20 2002 Nalin Dahyabhai SNAP-20020220 +- update to SNAP-20020220 for testing purposes (you've been warned, if there's + anything to be warned about, gss patches won't apply, I don't mind) + +* Wed Feb 13 2002 Nalin Dahyabhai 3.0.2p1-3 +- add patches from Simon Wilkinson and Nicolas Williams for GSSAPI key + exchange, authentication, and named key support + +* Wed Jan 23 2002 Nalin Dahyabhai 3.0.2p1-2 +- remove dependency on db1-devel, which has just been swallowed up whole + by gnome-libs-devel + +* Sun Dec 29 2001 Nalin Dahyabhai +- adjust build dependencies so that build6x actually works right (fix + from Hugo van der Kooij) + +* Tue Dec 4 2001 Nalin Dahyabhai 3.0.2p1-1 +- update to 3.0.2p1 + +* Fri Nov 16 2001 Nalin Dahyabhai 3.0.1p1-1 +- update to 3.0.1p1 + +* Tue Nov 13 2001 Nalin Dahyabhai +- update to current CVS (not for use in distribution) + +* Thu Nov 8 2001 Nalin Dahyabhai 3.0p1-1 +- merge some of Damien Miller changes from the upstream + 3.0p1 spec file and init script + +* Wed Nov 7 2001 Nalin Dahyabhai +- update to 3.0p1 +- update to x11-ssh-askpass 1.2.4.1 +- change build dependency on a file from pam-devel to the pam-devel package +- replace primes with moduli + +* Thu Sep 27 2001 Nalin Dahyabhai 2.9p2-9 +- incorporate fix from Markus Friedl's advisory for IP-based authorization bugs + +* Thu Sep 13 2001 Bernhard Rosenkraenzer 2.9p2-8 +- Merge changes to rescue build from current sysadmin survival cd + +* Thu Sep 6 2001 Nalin Dahyabhai 2.9p2-7 +- fix scp's server's reporting of file sizes, and build with the proper + preprocessor define to get large-file capable open(), stat(), etc. + (sftp has been doing this correctly all along) (#51827) +- configure without --with-ipv4-default on RHL 7.x and newer (#45987,#52247) +- pull cvs patch to fix support for /etc/nologin for non-PAM logins (#47298) +- mark profile.d scriptlets as config files (#42337) +- refer to Jason Stone's mail for zsh workaround for exit-hanging quasi-bug +- change a couple of log() statements to debug() statements (#50751) +- pull cvs patch to add -t flag to sshd (#28611) +- clear fd_sets correctly (one bit per FD, not one byte per FD) (#43221) + +* Mon Aug 20 2001 Nalin Dahyabhai 2.9p2-6 +- add db1-devel as a BuildPrerequisite (noted by Hans Ecke) + +* Thu Aug 16 2001 Nalin Dahyabhai +- pull cvs patch to fix remote port forwarding with protocol 2 + +* Thu Aug 9 2001 Nalin Dahyabhai +- pull cvs patch to add session initialization to no-pty sessions +- pull cvs patch to not cut off challengeresponse auth needlessly +- refuse to do X11 forwarding if xauth isn't there, handy if you enable + it by default on a system that doesn't have X installed (#49263) + +* Wed Aug 8 2001 Nalin Dahyabhai +- don't apply patches to code we don't intend to build (spotted by Matt Galgoci) + +* Mon Aug 6 2001 Nalin Dahyabhai +- pass OPTIONS correctly to initlog (#50151) + +* Wed Jul 25 2001 Nalin Dahyabhai +- switch to x11-ssh-askpass 1.2.2 + +* Wed Jul 11 2001 Nalin Dahyabhai +- rebuild in new environment + +* Mon Jun 25 2001 Nalin Dahyabhai +- disable the gssapi patch + +* Mon Jun 18 2001 Nalin Dahyabhai +- update to 2.9p2 +- refresh to a new version of the gssapi patch + +* Thu Jun 7 2001 Nalin Dahyabhai +- change Copyright: BSD to License: BSD +- add Markus Friedl's unverified patch for the cookie file deletion problem + so that we can verify it +- drop patch to check if xauth is present (was folded into cookie patch) +- don't apply gssapi patches for the errata candidate +- clear supplemental groups list at startup + +* Fri May 25 2001 Nalin Dahyabhai +- fix an error parsing the new default sshd_config +- add a fix from Markus Friedl (via openssh-unix-dev) for ssh-keygen not + dealing with comments right + +* Thu May 24 2001 Nalin Dahyabhai +- add in Simon Wilkinson's GSSAPI patch to give it some testing in-house, + to be removed before the next beta cycle because it's a big departure + from the upstream version + +* Thu May 3 2001 Nalin Dahyabhai +- finish marking strings in the init script for translation +- modify init script to source /etc/sysconfig/sshd and pass $OPTIONS to sshd + at startup (change merged from openssh.com init script, originally by + Pekka Savola) +- refuse to do X11 forwarding if xauth isn't there, handy if you enable + it by default on a system that doesn't have X installed + +* Wed May 2 2001 Nalin Dahyabhai +- update to 2.9 +- drop various patches that came from or went upstream or to or from CVS + +* Wed Apr 18 2001 Nalin Dahyabhai +- only require initscripts 5.00 on 6.2 (reported by Peter Bieringer) + +* Sun Apr 8 2001 Preston Brown +- remove explicit openssl requirement, fixes builddistro issue +- make initscript stop() function wait until sshd really dead to avoid + races in condrestart + +* Mon Apr 2 2001 Nalin Dahyabhai +- mention that challengereponse supports PAM, so disabling password doesn't + limit users to pubkey and rsa auth (#34378) +- bypass the daemon() function in the init script and call initlog directly, + because daemon() won't start a daemon it detects is already running (like + open connections) +- require the version of openssl we had when we were built + +* Fri Mar 23 2001 Nalin Dahyabhai +- make do_pam_setcred() smart enough to know when to establish creds and + when to reinitialize them +- add in a couple of other fixes from Damien for inclusion in the errata + +* Thu Mar 22 2001 Nalin Dahyabhai +- update to 2.5.2p2 +- call setcred() again after initgroups, because the "creds" could actually + be group memberships + +* Tue Mar 20 2001 Nalin Dahyabhai +- update to 2.5.2p1 (includes endianness fixes in the rijndael implementation) +- don't enable challenge-response by default until we find a way to not + have too many userauth requests (we may make up to six pubkey and up to + three password attempts as it is) +- remove build dependency on rsh to match openssh.com's packages more closely + +* Sat Mar 3 2001 Nalin Dahyabhai +- remove dependency on openssl -- would need to be too precise + +* Fri Mar 2 2001 Nalin Dahyabhai +- rebuild in new environment + +* Mon Feb 26 2001 Nalin Dahyabhai +- Revert the patch to move pam_open_session. +- Init script and spec file changes from Pekka Savola. (#28750) +- Patch sftp to recognize '-o protocol' arguments. (#29540) + +* Thu Feb 22 2001 Nalin Dahyabhai +- Chuck the closing patch. +- Add a trigger to add host keys for protocol 2 to the config file, now that + configuration file syntax requires us to specify it with HostKey if we + specify any other HostKey values, which we do. + +* Tue Feb 20 2001 Nalin Dahyabhai +- Redo patch to move pam_open_session after the server setuid()s to the user. +- Rework the nopam patch to use be picked up by autoconf. + +* Mon Feb 19 2001 Nalin Dahyabhai +- Update for 2.5.1p1. +- Add init script mods from Pekka Savola. +- Tweak the init script to match the CVS contrib script more closely. +- Redo patch to ssh-add to try to adding both identity and id_dsa to also try + adding id_rsa. + +* Fri Feb 16 2001 Nalin Dahyabhai +- Update for 2.5.0p1. +- Use $RPM_OPT_FLAGS instead of -O when building gnome-ssh-askpass +- Resync with parts of Damien Miller's openssh.spec from CVS, including + update of x11 askpass to 1.2.0. +- Only require openssl (don't prereq) because we generate keys in the init + script now. + +* Tue Feb 13 2001 Nalin Dahyabhai +- Don't open a PAM session until we've forked and become the user (#25690). +- Apply Andrew Bartlett's patch for letting pam_authenticate() know which + host the user is attempting a login from. +- Resync with parts of Damien Miller's openssh.spec from CVS. +- Don't expose KbdInt responses in debug messages (from CVS). +- Detect and handle errors in rsa_{public,private}_decrypt (from CVS). + +* Wed Feb 7 2001 Trond Eivind Glomsrxd +- i18n-tweak to initscript. + +* Tue Jan 23 2001 Nalin Dahyabhai +- More gettextizing. +- Close all files after going into daemon mode (needs more testing). +- Extract patch from CVS to handle auth banners (in the client). +- Extract patch from CVS to handle compat weirdness. + +* Fri Jan 19 2001 Nalin Dahyabhai +- Finish with the gettextizing. + +* Thu Jan 18 2001 Nalin Dahyabhai +- Fix a bug in auth2-pam.c (#23877) +- Gettextize the init script. + +* Wed Dec 20 2000 Nalin Dahyabhai +- Incorporate a switch for using PAM configs for 6.x, just in case. + +* Tue Dec 5 2000 Nalin Dahyabhai +- Incorporate Bero's changes for a build specifically for rescue CDs. + +* Wed Nov 29 2000 Nalin Dahyabhai +- Don't treat pam_setcred() failure as fatal unless pam_authenticate() has + succeeded, to allow public-key authentication after a failure with "none" + authentication. (#21268) + +* Tue Nov 28 2000 Nalin Dahyabhai +- Update to x11-askpass 1.1.1. (#21301) +- Don't second-guess fixpaths, which causes paths to get fixed twice. (#21290) + +* Mon Nov 27 2000 Nalin Dahyabhai +- Merge multiple PAM text messages into subsequent prompts when possible when + doing keyboard-interactive authentication. + +* Sun Nov 26 2000 Nalin Dahyabhai +- Disable the built-in MD5 password support. We're using PAM. +- Take a crack at doing keyboard-interactive authentication with PAM, and + enable use of it in the default client configuration so that the client + will try it when the server disallows password authentication. +- Build with debugging flags. Build root policies strip all binaries anyway. + +* Tue Nov 21 2000 Nalin Dahyabhai +- Use DESTDIR instead of %%makeinstall. +- Remove /usr/X11R6/bin from the path-fixing patch. + +* Mon Nov 20 2000 Nalin Dahyabhai +- Add the primes file from the latest snapshot to the main package (#20884). +- Add the dev package to the prereq list (#19984). +- Remove the default path and mimic login's behavior in the server itself. + +* Fri Nov 17 2000 Nalin Dahyabhai +- Resync with conditional options in Damien Miller's .spec file for an errata. +- Change libexecdir from %%{_libexecdir}/ssh to %%{_libexecdir}/openssh. + +* Tue Nov 7 2000 Nalin Dahyabhai +- Update to OpenSSH 2.3.0p1. +- Update to x11-askpass 1.1.0. +- Enable keyboard-interactive authentication. + +* Mon Oct 30 2000 Nalin Dahyabhai +- Update to ssh-askpass-x11 1.0.3. +- Change authentication related messages to be private (#19966). + +* Tue Oct 10 2000 Nalin Dahyabhai +- Patch ssh-keygen to be able to list signatures for DSA public key files + it generates. + +* Thu Oct 5 2000 Nalin Dahyabhai +- Add BuildPreReq on /usr/include/security/pam_appl.h to be sure we always + build PAM authentication in. +- Try setting SSH_ASKPASS if gnome-ssh-askpass is installed. +- Clean out no-longer-used patches. +- Patch ssh-add to try to add both identity and id_dsa, and to error only + when neither exists. + +* Mon Oct 2 2000 Nalin Dahyabhai +- Update x11-askpass to 1.0.2. (#17835) +- Add BuildPreReqs for /bin/login and /usr/bin/rsh so that configure will + always find them in the right place. (#17909) +- Set the default path to be the same as the one supplied by /bin/login, but + add /usr/X11R6/bin. (#17909) +- Try to handle obsoletion of ssh-server more cleanly. Package names + are different, but init script name isn't. (#17865) + +* Wed Sep 6 2000 Nalin Dahyabhai +- Update to 2.2.0p1. (#17835) +- Tweak the init script to allow proper restarting. (#18023) + +* Wed Aug 23 2000 Nalin Dahyabhai +- Update to 20000823 snapshot. +- Change subpackage requirements from %%{version} to %%{version}-%%{release} +- Back out the pipe patch. + +* Mon Jul 17 2000 Nalin Dahyabhai +- Update to 2.1.1p4, which includes fixes for config file parsing problems. +- Move the init script back. +- Add Damien's quick fix for wackiness. + +* Wed Jul 12 2000 Nalin Dahyabhai +- Update to 2.1.1p3, which includes fixes for X11 forwarding and strtok(). + +* Thu Jul 6 2000 Nalin Dahyabhai +- Move condrestart to server postun. +- Move key generation to init script. +- Actually use the right patch for moving the key generation to the init script. +- Clean up the init script a bit. + +* Wed Jul 5 2000 Nalin Dahyabhai +- Fix X11 forwarding, from mail post by Chan Shih-Ping Richard. + +* Sun Jul 2 2000 Nalin Dahyabhai +- Update to 2.1.1p2. +- Use of strtok() considered harmful. + +* Sat Jul 1 2000 Nalin Dahyabhai +- Get the build root out of the man pages. + +* Thu Jun 29 2000 Nalin Dahyabhai +- Add and use condrestart support in the init script. +- Add newer initscripts as a prereq. + +* Tue Jun 27 2000 Nalin Dahyabhai +- Build in new environment (release 2) +- Move -clients subpackage to Applications/Internet group + +* Fri Jun 9 2000 Nalin Dahyabhai +- Update to 2.2.1p1 + +* Sat Jun 3 2000 Nalin Dahyabhai +- Patch to build with neither RSA nor RSAref. +- Miscellaneous FHS-compliance tweaks. +- Fix for possibly-compressed man pages. + * Wed Mar 15 2000 Damien Miller - Updated for new location - Updated for new gnome-ssh-askpass build + * Sun Dec 26 1999 Damien Miller - Added Jim Knoble's askpass + * Mon Nov 15 1999 Damien Miller - Split subpackages further based on patch from jim knoble + * Sat Nov 13 1999 Damien Miller - Added 'Obsoletes' directives + * Tue Nov 09 1999 Damien Miller - Use make install - Subpackages + * Mon Nov 08 1999 Damien Miller - Added links for slogin - Fixed perms on manpages + * Sat Oct 30 1999 Damien Miller - Renamed init script + * Fri Oct 29 1999 Damien Miller - Back to old binary names + * Thu Oct 28 1999 Damien Miller - Use autoconf - New binary names + * Wed Oct 27 1999 Damien Miller - Initial RPMification, based on Jan "Yenya" Kasprzak's spec. - diff -ru openssh-3.1p1/contrib/redhat/sshd.init openssh-3.2.2p1/contrib/redhat/sshd.init --- openssh-3.1p1/contrib/redhat/sshd.init 2001-09-15 21:03:11.000000000 +1000 +++ openssh-3.2.2p1/contrib/redhat/sshd.init 2002-05-10 12:19:23.000000000 +1000 @@ -1,5 +1,5 @@ #!/bin/bash - +# # Init file for OpenSSH server daemon # # chkconfig: 2345 55 25 @@ -15,149 +15,140 @@ # source function library . /etc/rc.d/init.d/functions +# pull in sysconfig settings [ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd RETVAL=0 +prog="sshd" # Some functions to make the below more readable KEYGEN=/usr/bin/ssh-keygen +SSHD=/usr/sbin/sshd RSA1_KEY=/etc/ssh/ssh_host_key RSA_KEY=/etc/ssh/ssh_host_rsa_key DSA_KEY=/etc/ssh/ssh_host_dsa_key PID_FILE=/var/run/sshd.pid -my_success() { - local msg - if [ $# -gt 1 ]; then - msg="$2" - else - msg="done" - fi - case "`type -type success`" in - function) - success "$1" - ;; - *) - echo -n "${msg}" - ;; - esac -} -my_failure() { - local msg - if [ $# -gt 1 ]; then - msg="$2" - else - msg="FAILED" - fi - case "`type -type failure`" in - function) - failure "$1" - ;; - *) - echo -n "${msg}" - ;; - esac -} + do_rsa1_keygen() { - if ! test -f $RSA1_KEY ; then - echo -n "Generating SSH1 RSA host key: " + if [ ! -s $RSA1_KEY ]; then + echo -n $"Generating SSH1 RSA host key: " if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then - my_success "RSA1 key generation" + chmod 600 $RSA1_KEY + chmod 644 $RSA1_KEY.pub + success $"RSA1 key generation" echo else - my_failure "RSA1 key generation" + failure $"RSA1 key generation" echo exit 1 fi fi } + do_rsa_keygen() { - if ! test -f $RSA_KEY ; then - echo -n "Generating SSH2 RSA host key: " + if [ ! -s $RSA_KEY ]; then + echo -n $"Generating SSH2 RSA host key: " if $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then - my_success "RSA key generation" + chmod 600 $RSA_KEY + chmod 644 $RSA_KEY.pub + success $"RSA key generation" echo else - my_failure "RSA key generation" + failure $"RSA key generation" echo exit 1 fi fi } + do_dsa_keygen() { - if ! test -f $DSA_KEY ; then - echo -n "Generating SSH2 DSA host key: " + if [ ! -s $DSA_KEY ]; then + echo -n $"Generating SSH2 DSA host key: " if $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then - my_success "DSA key generation" + chmod 600 $DSA_KEY + chmod 644 $DSA_KEY.pub + success $"DSA key generation" echo else - my_failure "DSA key generation" + failure $"DSA key generation" echo exit 1 fi fi } -do_restart_sanity_check() { - sshd -t + +do_restart_sanity_check() +{ + $SSHD -t RETVAL=$? if [ ! "$RETVAL" = 0 ]; then - my_failure "Configuration file or keys" + failure $"Configuration file or keys are invalid" echo - exit $RETVAL fi } +start() +{ + # Create keys if necessary + do_rsa1_keygen + do_rsa_keygen + do_dsa_keygen + + echo -n $"Starting $prog:" + initlog -c "$SSHD $OPTIONS" && success || failure + RETVAL=$? + [ "$RETVAL" = 0 ] && touch /var/lock/subsys/sshd + echo +} + +stop() +{ + echo -n $"Stopping $prog:" + killproc $SSHD -TERM + RETVAL=$? + [ "$RETVAL" = 0 ] && rm -f /var/lock/subsys/sshd + echo +} + +reload() +{ + echo -n $"Reloading $prog:" + killproc $SSHD -HUP + RETVAL=$? + echo +} case "$1" in start) - # Create keys if necessary - do_rsa1_keygen; - do_rsa_keygen; - do_dsa_keygen; - - echo -n "Starting sshd: " - if [ ! -f $PID_FILE ] ; then - sshd $OPTIONS - RETVAL=$? - if [ "$RETVAL" = "0" ] ; then - my_success "sshd startup" "sshd" - touch /var/lock/subsys/sshd - else - my_failure "sshd startup" "" - fi - fi - echo + start ;; stop) - echo -n "Shutting down sshd: " - if [ -f $PID_FILE ] ; then - killproc sshd - RETVAL=$? - [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/sshd - fi - echo + stop ;; restart) - do_restart_sanity_check - $0 stop - $0 start - RETVAL=$? + stop + start + ;; + reload) + reload ;; condrestart) if [ -f /var/lock/subsys/sshd ] ; then do_restart_sanity_check - $0 stop - $0 start - RETVAL=$? + if [ "$RETVAL" = 0 ] ; then + stop + # avoid race + sleep 3 + start + fi fi ;; status) - status sshd + status $SSHD RETVAL=$? ;; *) - echo "Usage: sshd {start|stop|restart|status|condrestart}" - exit 1 - ;; + echo $"Usage: $0 {start|stop|restart|reload|condrestart|status}" + RETVAL=1 esac - exit $RETVAL Only in openssh-3.2.2p1/contrib/redhat: sshd.init.old diff -ru openssh-3.1p1/contrib/redhat/sshd.pam openssh-3.2.2p1/contrib/redhat/sshd.pam --- openssh-3.1p1/contrib/redhat/sshd.pam 2000-03-15 12:25:07.000000000 +1100 +++ openssh-3.2.2p1/contrib/redhat/sshd.pam 2002-05-10 12:19:23.000000000 +1000 @@ -1,8 +1,8 @@ #%PAM-1.0 -auth required /lib/security/pam_pwdb.so shadow nodelay +auth required /lib/security/pam_stack.so service=system-auth auth required /lib/security/pam_nologin.so -account required /lib/security/pam_pwdb.so -password required /lib/security/pam_cracklib.so -password required /lib/security/pam_pwdb.so shadow nullok use_authtok -session required /lib/security/pam_pwdb.so +account required /lib/security/pam_stack.so service=system-auth +password required /lib/security/pam_stack.so service=system-auth +session required /lib/security/pam_stack.so service=system-auth session required /lib/security/pam_limits.so +session optional /lib/security/pam_console.so Only in openssh-3.1p1/contrib/redhat: sshd.pam-7.x Only in openssh-3.2.2p1/contrib/redhat: sshd.pam.old diff -ru openssh-3.1p1/contrib/solaris/README openssh-3.2.2p1/contrib/solaris/README --- openssh-3.1p1/contrib/solaris/README 2001-10-20 06:24:14.000000000 +1000 +++ openssh-3.2.2p1/contrib/solaris/README 2002-03-12 15:55:54.000000000 +1100 @@ -1,6 +1,7 @@ The following is a new package build script for Solaris. This is being introduced into OpenSSH 3.0 and above in hopes of simplifying the build -process. +process. As of 3.1p2 the script should work on all platforms that have +SVR4 style package tools. The build process is called a 'dummy install'.. Which means the software does a "make install-nokeys DESTDIR=[fakeroot]". This way all manpages should @@ -11,7 +12,8 @@ 1. make -F Makefile.in distprep (Only if you are getting from the CVS tree) 2. ./configure --with-pam [..any other options you want..] -3. cd contrib/solaris; ./buildpkg.sh +3. look at the top of contrib/solaris/buildpkg.sh for the configurable options. +4. ./contrib/solaris/buildpkg.sh If all goes well you should have a solaris package ready to be installed. @@ -20,9 +22,3 @@ - Ben Lindstrom -TODO: -- Expand to cover all sysvr4 family of OSes -- Clean things up a bit more. -- Detect if sshd is running and refuse to start. -- SHOULD check for existing sshd_config nor ssh_config (does not currently). - [Post install script? Ugh.. Nasty] diff -ru openssh-3.1p1/contrib/solaris/buildpkg.sh openssh-3.2.2p1/contrib/solaris/buildpkg.sh --- openssh-3.1p1/contrib/solaris/buildpkg.sh 2001-10-20 06:36:24.000000000 +1000 +++ openssh-3.2.2p1/contrib/solaris/buildpkg.sh 2002-03-18 09:05:25.000000000 +1100 @@ -1,52 +1,141 @@ #!/bin/sh # -# Fake Root Solaris Build System - Prototype +# Fake Root Solaris/SVR4/SVR5 Build System - Prototype # # The following code has been provide under Public Domain License. I really # don't care what you use it for. Just as long as you don't complain to me # nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org) # umask 022 +# +# Options for building the package +# You can create a config.local with your customized options +# +# uncommenting TEST_DIR and using configure--prefix=/var/tmp and +# PKGNAME=tOpenSSH should allow testing a package without interfering +# with a real OpenSSH package on a system. +#TEST_DIR=/var/tmp # leave commented out for production build PKGNAME=OpenSSH +SYSVINIT_NAME=opensshd +MAKE=${MAKE:="make"} +# uncomment these next two as needed +#PERMIT_ROOT_LOGIN=no +#X11_FORWARDING=yes +# list of system directories we do NOT want to change owner/group/perms +# when installing our package +SYSTEM_DIR="/etc \ +/etc/init.d \ +/etc/rcS.d \ +/etc/rc0.d \ +/etc/rc1.d \ +/etc/rc2.d \ +/etc/opt \ +/opt \ +/opt/bin \ +/usr \ +/usr/bin \ +/usr/lib \ +/usr/sbin \ +/usr/share \ +/usr/share/man \ +/usr/share/man/man1 \ +/usr/share/man/man8 \ +/usr/local \ +/usr/local/bin \ +/usr/local/etc \ +/usr/local/libexec \ +/usr/local/man \ +/usr/local/man/man1 \ +/usr/local/man/man8 \ +/usr/local/sbin \ +/usr/local/share \ +/var \ +/var/opt \ +/var/run \ +/var/tmp \ +/tmp" + +# We may need to buiild as root so we make sure PATH is set up +# only set the path if it's not set already +[ -d /usr/local/bin ] && { + echo $PATH | grep ":/usr/local/bin" > /dev/null 2>&1 + [ $? -ne 0 ] && PATH=$PATH:/usr/local/bin +} +[ -d /usr/ccs/bin ] && { + echo $PATH | grep ":/usr/ccs/bin" > /dev/null 2>&1 + [ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin +} +export PATH +# -## Extract common info requires for the 'info' part of the package. -VERSION=`tail -1 ../../version.h | sed -e 's/.*_\([0-9]\)/\1/g' | sed 's/\"$//'` -ARCH=`uname -p` +[ -f Makefile ] || { + echo "Please run this script from your build directory" + exit 1 +} + +# we will look for config.local to override the above options +[ -s ./config.local ] && . ./config.local ## Start by faking root install echo "Faking root install..." START=`pwd` +OPENSSHD_IN=`dirname $0`/opensshd.in FAKE_ROOT=$START/package +[ -d $FAKE_ROOT ] && rm -fr $FAKE_ROOT mkdir $FAKE_ROOT -cd ../.. -make install-nokeys DESTDIR=$FAKE_ROOT +${MAKE} install-nokeys DESTDIR=$FAKE_ROOT +if [ $? -gt 0 ] +then + echo "Fake root install failed, stopping." + exit 1 +fi ## Fill in some details, like prefix and sysconfdir -ETCDIR=`grep "^sysconfdir=" Makefile | sed 's/sysconfdir=//'` -PREFIX=`grep "^prefix=" Makefile | cut -d = -f 2` -PIDDIR=`grep "^piddir=" Makefile | cut -d = -f 2` -cd $FAKE_ROOT +for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir +do + eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2` +done -## Setup our run level stuff while we are at it. -mkdir -p $FAKE_ROOT/etc/init.d -mkdir -p $FAKE_ROOT/etc/rcS.d -mkdir -p $FAKE_ROOT/etc/rc0.d -mkdir -p $FAKE_ROOT/etc/rc1.d -mkdir -p $FAKE_ROOT/etc/rc2.d +## Extract common info requires for the 'info' part of the package. +VERSION=`./ssh -V 2>&1 | sed -e 's/,.*//'` + +UNAME_S=`uname -s` +case ${UNAME_S} in + SunOS) UNAME_S=Solaris + ARCH=`uname -p` + RCS_D=yes + DEF_MSG="(default: n)" + ;; + *) ARCH=`uname -m` ;; +esac +## Setup our run level stuff while we are at it. +mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d ## setup our initscript correctly -sed -e "s#%%configDir%%#$ETCDIR#g" \ - -e "s#%%openSSHDir%%#$PREFIX#g" \ - -e "s#%%pidDir%%#$PIDDIR#g" \ - ../opensshd.in > $FAKE_ROOT/etc/init.d/opensshd -chmod 711 $FAKE_ROOT/etc/init.d/opensshd - -ln -s ../init.d/opensshd $FAKE_ROOT/etc/rcS.d/K30opensshd -ln -s ../init.d/opensshd $FAKE_ROOT/etc/rc0.d/K30opensshd -ln -s ../init.d/opensshd $FAKE_ROOT/etc/rc1.d/K30opensshd -ln -s ../init.d/opensshd $FAKE_ROOT/etc/rc2.d/S98opensshd +sed -e "s#%%configDir%%#${sysconfdir}#g" \ + -e "s#%%openSSHDir%%#$prefix#g" \ + -e "s#%%pidDir%%#${piddir}#g" \ + ${OPENSSHD_IN} > $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} +chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} + +[ "${PERMIT_ROOT_LOGIN}" = no ] && \ + perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \ + $FAKE_ROOT/${sysconfdir}/sshd_config +[ "${X11_FORWARDING}" = yes ] && \ + perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \ + $FAKE_ROOT/${sysconfdir}/sshd_config +# fix PrintMotd +perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \ + $FAKE_ROOT/${sysconfdir}/sshd_config + +# We don't want to overwrite config files on multiple installs +mv $FAKE_ROOT/${sysconfdir}/ssh_config $FAKE_ROOT/${sysconfdir}/ssh_config.default +mv $FAKE_ROOT/${sysconfdir}/sshd_config $FAKE_ROOT/${sysconfdir}/sshd_config.default +[ -f $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds ] && \ +mv $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds.default +cd $FAKE_ROOT ## Ok, this is outright wrong, but it will work. I'm tired of pkgmk ## whining. @@ -58,28 +147,159 @@ echo "Building pkginfo file..." cat > pkginfo << _EOF PKG=$PKGNAME -NAME=OpenSSH Portable for Solaris +NAME="OpenSSH Portable for ${UNAME_S}" DESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh." VENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html" -BASEDIR=$FAKE_ROOT ARCH=$ARCH VERSION=$VERSION -CATEGORY=Security +CATEGORY="Security,application" BASEDIR=/ +CLASSES="none" _EOF +## Build preinstall file +echo "Building preinstall file..." +cat > preinstall << _EOF +#! /sbin/sh +# +[ "\${PRE_INS_STOP}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop +exit 0 +_EOF + +## Build postinstall file +echo "Building postinstall file..." +cat > postinstall << _EOF +#! /sbin/sh +# +[ -f ${sysconfdir}/ssh_config ] || \\ + cp -p ${sysconfdir}/ssh_config.default ${sysconfdir}/ssh_config +[ -f ${sysconfdir}/sshd_config ] || \\ + cp -p ${sysconfdir}/sshd_config.default ${sysconfdir}/sshd_config +[ -f ${sysconfdir}/ssh_prng_cmds.default ] && { + [ -f ${sysconfdir}/ssh_prng_cmds ] || \\ + cp -p ${sysconfdir}/ssh_prng_cmds.default ${sysconfdir}/ssh_prng_cmds +} + +# make rc?.d dirs only if we are doing a test install +[ -n "${TEST_DIR}" ] && { + [ "$RCS_D" = yes ] && mkdir -p ${TEST_DIR}/etc/rcS.d + mkdir -p ${TEST_DIR}/etc/rc0.d + mkdir -p ${TEST_DIR}/etc/rc1.d + mkdir -p ${TEST_DIR}/etc/rc2.d +} + +if [ "\${USE_SYM_LINKS}" = yes ] +then + [ "$RCS_D" = yes ] && \ +installf ${PKGNAME} $TEST_DIR/etc/rcS.d/K30${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s + installf ${PKGNAME} $TEST_DIR/etc/rc0.d/K30${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s + installf ${PKGNAME} $TEST_DIR/etc/rc1.d/K30${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s + installf ${PKGNAME} $TEST_DIR/etc/rc2.d/S98${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s +else + [ "$RCS_D" = yes ] && \ +installf ${PKGNAME} $TEST_DIR/etc/rcS.d/K30${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l + installf ${PKGNAME} $TEST_DIR/etc/rc0.d/K30${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l + installf ${PKGNAME} $TEST_DIR/etc/rc1.d/K30${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l + installf ${PKGNAME} $TEST_DIR/etc/rc2.d/S98${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l +fi + +# If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh) +[ -d $piddir ] || installf ${PKGNAME} $TEST_DIR$piddir d 755 root sys + +installf -f ${PKGNAME} + +[ "\${POST_INS_START}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start +exit 0 +_EOF + +## Build preremove file +echo "Building preremove file..." +cat > preremove << _EOF +#! /sbin/sh +# +${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop +exit 0 +_EOF + +## Build request file +echo "Building request file..." +cat > request << _EOF +trap 'exit 3' 15 +USE_SYM_LINKS=no +PRE_INS_STOP=no +POST_INS_START=no +# Use symbolic links? +ans=\`ckyorn -d n \ +-p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` || exit \$? +case \$ans in + [y,Y]*) USE_SYM_LINKS=yes ;; +esac + +# determine if should restart the daemon +if [ -s ${piddir}/sshd.pid -a -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ] +then + ans=\`ckyorn -d n \ +-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$? + case \$ans in + [y,Y]*) PRE_INS_STOP=yes + POST_INS_START=yes + ;; + esac + +else + +# determine if we should start sshd + ans=\`ckyorn -d n \ +-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$? + case \$ans in + [y,Y]*) POST_INS_START=yes ;; + esac +fi + +# make parameters available to installation service, +# and so to any other packaging scripts +cat >\$1 < space << _EOF +# extra space required by start/stop links added by installf in postinstall +$TEST_DIR/etc/rc0.d/K30${SYSVINIT_NAME} 0 1 +$TEST_DIR/etc/rc1.d/K30${SYSVINIT_NAME} 0 1 +$TEST_DIR/etc/rc2.d/S98${SYSVINIT_NAME} 0 1 +_EOF +[ "$RCS_D" = yes ] && \ +echo "$TEST_DIR/etc/rcS.d/K30${SYSVINIT_NAME} 0 1" >> space + ## Next Build our prototype echo "Building prototype file..." -find . | egrep -v "prototype|pkginfo" | sort | pkgproto $PROTO_ARGS | \ - awk ' - BEGIN { print "i pkginfo" } - { $5="root"; $6="sys"; } - { print; }' > prototype +cat >mk-proto.awk << _EOF + BEGIN { print "i pkginfo"; print "i preinstall"; \\ + print "i postinstall"; print "i preremove"; \\ + print "i request"; print "i space"; \\ + split("$SYSTEM_DIR",sys_files); } + { + for (dir in sys_files) { if ( \$3 != sys_files[dir] ) + { \$5="root"; \$6="sys"; } + else + { \$4="?"; \$5="?"; \$6="?"; break;} + } } + { print; } +_EOF +find . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \ + pkgproto $PROTO_ARGS | nawk -f mk-proto.awk > prototype ## Step back a directory and now build the package. echo "Building package.." cd .. -pkgmk -d . -f $FAKE_ROOT/prototype -o +pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o +echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$UNAME_S-$ARCH-$VERSION.pkg rm -rf $FAKE_ROOT -echo | pkgtrans -os . $PKGNAME-$ARCH-$VERSION.pkg -rm -rf $PKGNAME + diff -ru openssh-3.1p1/contrib/suse/openssh.spec openssh-3.2.2p1/contrib/suse/openssh.spec --- openssh-3.1p1/contrib/suse/openssh.spec 2002-03-07 13:04:38.000000000 +1100 +++ openssh-3.2.2p1/contrib/suse/openssh.spec 2002-05-16 09:26:17.000000000 +1000 @@ -1,6 +1,6 @@ Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation Name: openssh -Version: 3.1p1 +Version: 3.2.2p1 URL: http://www.openssh.com/ Release: 1 Source0: openssh-%{version}.tar.gz @@ -168,7 +168,7 @@ %files %defattr(-,root,root) %doc ChangeLog OVERVIEW README* -%doc RFC.nroff TODO CREDITS LICENSE +%doc RFC.nroff TODO CREDITS LICENCE %attr(0755,root,root) %dir /etc/ssh %attr(0644,root,root) %config /etc/ssh/ssh_config %attr(0600,root,root) %config /etc/ssh/sshd_config diff -ru openssh-3.1p1/defines.h openssh-3.2.2p1/defines.h --- openssh-3.1p1/defines.h 2002-02-27 03:40:49.000000000 +1100 +++ openssh-3.2.2p1/defines.h 2002-04-26 03:56:07.000000000 +1000 @@ -1,59 +1,7 @@ #ifndef _DEFINES_H #define _DEFINES_H -/* $Id: defines.h,v 1.80 2002/02/26 16:40:49 tim Exp $ */ - -/* Necessary headers */ - -#include /* For [u]intxx_t */ -#include /* For SHUT_XXXX */ -#include /* For MAXPATHLEN and roundup() */ -#include /* For typedefs */ -#include /* For IPv6 macros */ -#include /* For IPTOS macros */ -#ifdef HAVE_SYS_UN_H -# include /* For sockaddr_un */ -#endif -#ifdef HAVE_SYS_BITYPES_H -# include /* For u_intXX_t */ -#endif -#ifdef HAVE_PATHS_H -# include /* For _PATH_XXX */ -#endif -#ifdef HAVE_LIMITS_H -# include /* For PATH_MAX */ -#endif -#ifdef HAVE_SYS_TIME_H -# include /* For timersub */ -#endif -#ifdef HAVE_MAILLOCK_H -# include /* For _PATH_MAILDIR */ -#endif -#ifdef HAVE_SYS_CDEFS_H -# include /* For __P() */ -#endif -#ifdef HAVE_SYS_SYSMACROS_H -# include /* For MIN, MAX, etc */ -#endif -#ifdef HAVE_SYS_STAT_H -# include /* For S_* constants and macros */ -#endif -#ifdef HAVE_NEXT -# include -#endif - -#include /* For STDIN_FILENO, etc */ -#include /* Struct winsize */ -#include /* For O_NONBLOCK */ -#include /* For OPENSSL_VERSION_NUMBER */ - -/* *-*-nto-qnx needs these headers for strcasecmp and LASTLOG_FILE respectively */ -#ifdef HAVE_STRINGS_H -# include -#endif -#ifdef HAVE_LOGIN_H -# include -#endif +/* $Id: defines.h,v 1.89 2002/04/25 17:56:07 stevesk Exp $ */ /* Constants */ @@ -136,6 +84,14 @@ # define S_IRWXO 0000007 /* read, write, execute */ #endif /* S_IXUSR */ +#if !defined(MAP_ANON) && defined(MAP_ANONYMOUS) +#define MAP_ANON MAP_ANONYMOUS +#endif + +#ifndef MAP_FAILED +# define MAP_FAILED ((void *)-1) +#endif + /* *-*-nto-qnx doesn't define this constant in the system headers */ #ifdef MISSING_NFDBITS # define NFDBITS (8 * sizeof(unsigned long)) @@ -437,8 +393,33 @@ # define howmany(x,y) (((x)+((y)-1))/(y)) #endif +#ifndef OSSH_ALIGNBYTES +#define OSSH_ALIGNBYTES (sizeof(int) - 1) +#endif +#ifndef __CMSG_ALIGN +#define __CMSG_ALIGN(p) (((u_int)(p) + OSSH_ALIGNBYTES) &~ OSSH_ALIGNBYTES) +#endif + +/* Length of the contents of a control message of length len */ +#ifndef CMSG_LEN +#define CMSG_LEN(len) (__CMSG_ALIGN(sizeof(struct cmsghdr)) + (len)) +#endif + +/* Length of the space taken up by a padded control message of length len */ +#ifndef CMSG_SPACE +#define CMSG_SPACE(len) (__CMSG_ALIGN(sizeof(struct cmsghdr)) + __CMSG_ALIGN(len)) +#endif + /* Function replacement / compatibility hacks */ +#if !defined(HAVE_GETADDRINFO) && (defined(HAVE_OGETADDRINFO) || defined(HAVE_NGETADDRINFO)) +# define HAVE_GETADDRINFO +#endif + +#ifndef HAVE_GETOPT_OPTRESET +#define getopt(ac, av, o) BSDgetopt(ac, av, o) +#endif + /* In older versions of libpam, pam_strerror takes a single argument */ #ifdef HAVE_OLD_PAM # define PAM_STRERROR(a,b) pam_strerror((b)) @@ -466,14 +447,6 @@ # define memmove(s1, s2, n) bcopy((s2), (s1), (n)) #endif /* !defined(HAVE_MEMMOVE) && defined(HAVE_BCOPY) */ -#if !defined(HAVE_ATEXIT) && defined(HAVE_ON_EXIT) -# define atexit(a) on_exit(a, NULL) -#else -# if defined(HAVE_XATEXIT) -# define atexit(a) xatexit(a) -# endif /* defined(HAVE_XATEXIT) */ -#endif /* !defined(HAVE_ATEXIT) && defined(HAVE_ON_EXIT) */ - #if defined(HAVE_VHANGUP) && !defined(HAVE_DEV_PTMX) # define USE_VHANGUP #endif /* defined(HAVE_VHANGUP) && !defined(HAVE_DEV_PTMX) */ @@ -487,6 +460,12 @@ # define OPENSSL_free(x) Free(x) #endif +#if defined(HAVE___func__) +# define __FUNCTION__ __func__ +#elif !defined(HAVE___FUNCTION__) +# define __FUNCTION__ "" +#endif + /* * Define this to use pipes instead of socketpairs for communicating with the * client program. Socketpairs do not seem to work on all systems. @@ -500,27 +479,6 @@ ** login recorder definitions **/ -/* preprocess */ - -#ifdef HAVE_UTMP_H -# ifdef HAVE_TIME_IN_UTMP -# include -# endif -# include -#endif -#ifdef HAVE_UTMPX_H -# ifdef HAVE_TV_IN_UTMPX -# include -# endif -# include -#endif -#ifdef HAVE_LASTLOG_H -# include -#endif -#ifdef HAVE_PATHS_H -# include -#endif - /* FIXME: put default paths back in */ #ifndef UTMP_FILE # ifdef _PATH_UTMP @@ -579,11 +537,6 @@ # define USE_LASTLOG #endif -/* which type of time to use? (api.c) */ -#ifdef HAVE_SYS_TIME_H -# define USE_TIMEVAL -#endif - /** end of login recorder definitions */ #endif /* _DEFINES_H */ diff -ru openssh-3.1p1/entropy.c openssh-3.2.2p1/entropy.c --- openssh-3.1p1/entropy.c 2002-01-22 21:57:54.000000000 +1100 +++ openssh-3.2.2p1/entropy.c 2002-04-22 04:26:10.000000000 +1000 @@ -45,7 +45,7 @@ * XXX: we should tell the child how many bytes we need. */ -RCSID("$Id: entropy.c,v 1.40 2002/01/22 10:57:54 djm Exp $"); +RCSID("$Id: entropy.c,v 1.43 2002/04/21 18:26:10 tim Exp $"); #ifndef OPENSSL_PRNG_ONLY #define RANDOM_SEED_SIZE 48 @@ -61,19 +61,21 @@ pid_t pid; int ret; unsigned char buf[RANDOM_SEED_SIZE]; + mysig_t old_sigchld; if (RAND_status() == 1) { debug3("RNG is ready, skipping seeding"); return; } - debug3("Seeing PRNG from %s", SSH_RAND_HELPER); + debug3("Seeding PRNG from %s", SSH_RAND_HELPER); if ((devnull = open("/dev/null", O_RDWR)) == -1) fatal("Couldn't open /dev/null: %s", strerror(errno)); if (pipe(p) == -1) fatal("pipe: %s", strerror(errno)); + old_sigchld = mysignal(SIGCHLD, SIG_DFL); if ((pid = fork()) == -1) fatal("Couldn't fork: %s", strerror(errno)); if (pid == 0) { @@ -85,9 +87,10 @@ close(devnull); if (original_uid != original_euid && - setuid(original_uid) == -1) { - fprintf(stderr, "(rand child) setuid: %s\n", - strerror(errno)); + ( seteuid(getuid()) == -1 || + setuid(original_uid) == -1) ) { + fprintf(stderr, "(rand child) setuid(%d): %s\n", + original_uid, strerror(errno)); _exit(1); } @@ -113,6 +116,7 @@ if (waitpid(pid, &ret, 0) == -1) fatal("Couldn't wait for ssh-rand-helper completion: %s", strerror(errno)); + mysignal(SIGCHLD, old_sigchld); /* We don't mind if the child exits upon a SIGPIPE */ if (!WIFEXITED(ret) && diff -ru openssh-3.1p1/includes.h openssh-3.2.2p1/includes.h --- openssh-3.1p1/includes.h 2002-02-05 12:11:03.000000000 +1100 +++ openssh-3.2.2p1/includes.h 2002-05-13 15:14:09.000000000 +1000 @@ -21,21 +21,10 @@ #include "config.h" -#include "openbsd-compat/bsd-nextstep.h" - -#include -#include -#include -#include -#include - -#include -#include - #include #include #include -#include +#include /* For O_NONBLOCK */ #include #include #include @@ -46,14 +35,11 @@ #include #ifdef HAVE_LIMITS_H -# include +# include /* For PATH_MAX */ #endif #ifdef HAVE_GETOPT_H # include #endif -#ifndef HAVE_GETOPT_OPTRESET -#define getopt(ac, av, o) BSDgetopt(ac, av, o) -#endif #ifdef HAVE_BSTRING_H # include #endif @@ -70,37 +56,105 @@ #ifdef HAVE_ENDIAN_H # include #endif -#ifdef HAVE_SYS_SELECT_H -# include +#ifdef HAVE_TTYENT_H +# include +#endif +#ifdef HAVE_UTIME_H +# include +#endif +#ifdef HAVE_MAILLOCK_H +# include /* For _PATH_MAILDIR */ +#endif +#ifdef HAVE_NEXT +# include +#endif +#include /* For STDIN_FILENO, etc */ +#include /* Struct winsize */ + +/* + *-*-nto-qnx needs these headers for strcasecmp and LASTLOG_FILE respectively + */ +#ifdef HAVE_STRINGS_H +# include +#endif +#ifdef HAVE_LOGIN_H +# include +#endif + +#ifdef HAVE_UTMP_H +# include +#endif +#ifdef HAVE_UTMPX_H +# ifdef HAVE_TV_IN_UTMPX +# include +# endif +# include +#endif +#ifdef HAVE_LASTLOG_H +# include +#endif +#ifdef HAVE_PATHS_H +# include /* For _PATH_XXX */ #endif + +#include +#include +#include +#include #ifdef HAVE_SYS_TIME_H -# include +# include /* For timersub */ +#endif +#include +#ifdef HAVE_SYS_SELECT_H +# include #endif #ifdef HAVE_SYS_BSDTTY_H # include #endif -#ifdef HAVE_TTYENT_H -# include +#include /* For MAXPATHLEN and roundup() */ +#ifdef HAVE_SYS_UN_H +# include /* For sockaddr_un */ #endif -#ifdef USE_PAM -# include +#ifdef HAVE_SYS_BITYPES_H +# include /* For u_intXX_t */ +#endif +#ifdef HAVE_SYS_CDEFS_H +# include /* For __P() */ #endif -#ifdef HAVE_POLL_H -# include -#else -# ifdef HAVE_SYS_POLL_H -# include -# endif +#ifdef HAVE_SYS_STAT_H +# include /* For S_* constants and macros */ #endif #ifdef HAVE_SYS_SYSMACROS_H -# include +# include /* For MIN, MAX, etc */ #endif -#ifdef HAVE_UTIME_H -# include +#ifdef HAVE_SYS_MMAN_H +#include /* for MAP_ANONYMOUS */ +#endif + +#include /* For typedefs */ +#include /* For IPv6 macros */ +#include /* For IPTOS macros */ +#include +#include +#ifdef HAVE_RPC_TYPES_H +# include /* For INADDR_LOOPBACK */ +#endif +#ifdef USE_PAM +# include +#endif +#ifdef HAVE_READPASSPHRASE_H +# include #endif + +#include /* For OPENSSL_VERSION_NUMBER */ + +#include "defines.h" + #include "version.h" #include "openbsd-compat/openbsd-compat.h" #include "openbsd-compat/bsd-cygwin_util.h" +#include "openbsd-compat/bsd-nextstep.h" + #include "entropy.h" #endif /* INCLUDES_H */ diff -ru openssh-3.1p1/kex.c openssh-3.2.2p1/kex.c --- openssh-3.1p1/kex.c 2002-03-05 12:33:38.000000000 +1100 +++ openssh-3.2.2p1/kex.c 2002-05-16 02:25:01.000000000 +1000 @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: kex.c,v 1.47 2002/02/28 15:46:33 markus Exp $"); +RCSID("$OpenBSD: kex.c,v 1.50 2002/05/15 15:47:49 mouring Exp $"); #include @@ -40,9 +40,15 @@ #include "mac.h" #include "match.h" #include "dispatch.h" +#include "monitor.h" #define KEX_COOKIE_LEN 16 +/* Use privilege separation for sshd */ +int use_privsep; +struct monitor *pmonitor; + + /* prototype */ static void kex_kexinit_finish(Kex *); static void kex_choose_conf(Kex *); @@ -51,16 +57,15 @@ static void kex_prop2buf(Buffer *b, char *proposal[PROPOSAL_MAX]) { - u_int32_t rand = 0; int i; buffer_clear(b); - for (i = 0; i < KEX_COOKIE_LEN; i++) { - if (i % 4 == 0) - rand = arc4random(); - buffer_put_char(b, rand & 0xff); - rand >>= 8; - } + /* + * add a dummy cookie, the cookie will be overwritten by + * kex_send_kexinit(), each time a kexinit is set + */ + for (i = 0; i < KEX_COOKIE_LEN; i++) + buffer_put_char(b, 0); for (i = 0; i < PROPOSAL_MAX; i++) buffer_put_cstring(b, proposal[i]); buffer_put_char(b, 0); /* first_kex_packet_follows */ @@ -146,6 +151,10 @@ void kex_send_kexinit(Kex *kex) { + u_int32_t rand = 0; + u_char *cookie; + int i; + if (kex == NULL) { error("kex_send_kexinit: no kex, cannot rekey"); return; @@ -155,6 +164,17 @@ return; } kex->done = 0; + + /* generate a random cookie */ + if (buffer_len(&kex->my) < KEX_COOKIE_LEN) + fatal("kex_send_kexinit: kex proposal too short"); + cookie = buffer_ptr(&kex->my); + for (i = 0; i < KEX_COOKIE_LEN; i++) { + if (i % 4 == 0) + rand = arc4random(); + cookie[i] = rand; + rand >>= 8; + } packet_start(SSH2_MSG_KEXINIT); packet_put_raw(buffer_ptr(&kex->my), buffer_len(&kex->my)); packet_send(); diff -ru openssh-3.1p1/kex.h openssh-3.2.2p1/kex.h --- openssh-3.1p1/kex.h 2002-02-19 15:21:25.000000000 +1100 +++ openssh-3.2.2p1/kex.h 2002-03-22 13:30:43.000000000 +1100 @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.h,v 1.29 2002/02/14 23:41:01 markus Exp $ */ +/* $OpenBSD: kex.h,v 1.30 2002/03/18 17:50:31 provos Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -111,6 +111,7 @@ char *server_version_string; int (*verify_host_key)(Key *); Key *(*load_host_key)(int); + int (*host_key_index)(Key *); }; Kex *kex_setup(char *[PROPOSAL_MAX]); diff -ru openssh-3.1p1/kexdh.c openssh-3.2.2p1/kexdh.c --- openssh-3.1p1/kexdh.c 2002-03-05 12:33:38.000000000 +1100 +++ openssh-3.2.2p1/kexdh.c 2002-03-22 13:30:43.000000000 +1100 @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: kexdh.c,v 1.17 2002/02/28 15:46:33 markus Exp $"); +RCSID("$OpenBSD: kexdh.c,v 1.18 2002/03/18 17:50:31 provos Exp $"); #include #include @@ -37,6 +37,7 @@ #include "packet.h" #include "dh.h" #include "ssh2.h" +#include "monitor_wrap.h" static u_char * kex_dh_hash( @@ -275,7 +276,7 @@ /* sign H */ /* XXX hashlen depends on KEX */ - key_sign(server_host_key, &signature, &slen, hash, 20); + PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, 20)); /* destroy_sensitive_data(); */ diff -ru openssh-3.1p1/kexgex.c openssh-3.2.2p1/kexgex.c --- openssh-3.1p1/kexgex.c 2002-03-05 12:33:38.000000000 +1100 +++ openssh-3.2.2p1/kexgex.c 2002-03-26 13:20:07.000000000 +1100 @@ -24,7 +24,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: kexgex.c,v 1.20 2002/02/28 15:46:33 markus Exp $"); +RCSID("$OpenBSD: kexgex.c,v 1.22 2002/03/24 17:27:03 stevesk Exp $"); #include @@ -38,6 +38,7 @@ #include "dh.h" #include "ssh2.h" #include "compat.h" +#include "monitor_wrap.h" static u_char * kexgex_hash( @@ -259,7 +260,7 @@ { BIGNUM *shared_secret = NULL, *dh_client_pub = NULL; Key *server_host_key; - DH *dh = dh; + DH *dh; u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL; u_int sbloblen, klen, kout, slen; int min = -1, max = -1, nbits = -1, type; @@ -296,7 +297,8 @@ fatal("DH_GEX_REQUEST, bad parameters: %d !< %d !< %d", min, nbits, max); - dh = choose_dh(min, nbits, max); + /* Contact privileged parent */ + dh = PRIVSEP(choose_dh(min, nbits, max)); if (dh == NULL) packet_disconnect("Protocol error: no matching DH grp found"); @@ -379,7 +381,7 @@ /* sign H */ /* XXX hashlen depends on KEX */ - key_sign(server_host_key, &signature, &slen, hash, 20); + PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, 20)); /* destroy_sensitive_data(); */ @@ -390,6 +392,7 @@ packet_put_bignum2(dh->pub_key); /* f */ packet_put_string(signature, slen); packet_send(); + xfree(signature); xfree(server_host_key_blob); /* have keys, free DH */ diff -ru openssh-3.1p1/key.c openssh-3.2.2p1/key.c --- openssh-3.1p1/key.c 2002-03-05 12:33:38.000000000 +1100 +++ openssh-3.2.2p1/key.c 2002-03-22 13:54:25.000000000 +1100 @@ -32,7 +32,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: key.c,v 1.41 2002/02/28 15:46:33 markus Exp $"); +RCSID("$OpenBSD: key.c,v 1.43 2002/03/19 10:49:35 markus Exp $"); #include @@ -801,3 +801,46 @@ break; } } + +/* Converts a private to a public key */ + +Key * +key_demote(Key *k) +{ + Key *pk; + + pk = xmalloc(sizeof(*pk)); + pk->type = k->type; + pk->flags