[Midnightbsd-cvs] src [6803] trunk/contrib/sudo: sudo 1.7.5
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Wed Oct 1 23:20:50 EDT 2014
Revision: 6803
http://svnweb.midnightbsd.org/src/?rev=6803
Author: laffer1
Date: 2014-10-01 23:20:49 -0400 (Wed, 01 Oct 2014)
Log Message:
-----------
sudo 1.7.5
Modified Paths:
--------------
trunk/contrib/sudo/ChangeLog
trunk/contrib/sudo/INSTALL
trunk/contrib/sudo/LICENSE
trunk/contrib/sudo/Makefile.in
trunk/contrib/sudo/NEWS
trunk/contrib/sudo/README
trunk/contrib/sudo/README.LDAP
trunk/contrib/sudo/TROUBLESHOOTING
trunk/contrib/sudo/UPGRADE
trunk/contrib/sudo/aclocal.m4
trunk/contrib/sudo/aix.c
trunk/contrib/sudo/alias.c
trunk/contrib/sudo/alloc.c
trunk/contrib/sudo/audit.c
trunk/contrib/sudo/auth/afs.c
trunk/contrib/sudo/auth/aix_auth.c
trunk/contrib/sudo/auth/bsdauth.c
trunk/contrib/sudo/auth/dce.c
trunk/contrib/sudo/auth/fwtk.c
trunk/contrib/sudo/auth/kerb4.c
trunk/contrib/sudo/auth/kerb5.c
trunk/contrib/sudo/auth/pam.c
trunk/contrib/sudo/auth/passwd.c
trunk/contrib/sudo/auth/rfc1938.c
trunk/contrib/sudo/auth/secureware.c
trunk/contrib/sudo/auth/securid.c
trunk/contrib/sudo/auth/securid5.c
trunk/contrib/sudo/auth/sia.c
trunk/contrib/sudo/auth/sudo_auth.c
trunk/contrib/sudo/auth/sudo_auth.h
trunk/contrib/sudo/boottime.c
trunk/contrib/sudo/bsm_audit.c
trunk/contrib/sudo/check.c
trunk/contrib/sudo/closefrom.c
trunk/contrib/sudo/config.h.in
trunk/contrib/sudo/configure
trunk/contrib/sudo/configure.in
trunk/contrib/sudo/def_data.c
trunk/contrib/sudo/def_data.h
trunk/contrib/sudo/def_data.in
trunk/contrib/sudo/defaults.c
trunk/contrib/sudo/env.c
trunk/contrib/sudo/error.c
trunk/contrib/sudo/exec.c
trunk/contrib/sudo/exec_pty.c
trunk/contrib/sudo/fileops.c
trunk/contrib/sudo/find_path.c
trunk/contrib/sudo/fnmatch.c
trunk/contrib/sudo/get_pty.c
trunk/contrib/sudo/getcwd.c
trunk/contrib/sudo/getdate.c
trunk/contrib/sudo/getdate.y
trunk/contrib/sudo/getline.c
trunk/contrib/sudo/getprogname.c
trunk/contrib/sudo/getspwuid.c
trunk/contrib/sudo/gettime.c
trunk/contrib/sudo/glob.c
trunk/contrib/sudo/goodpath.c
trunk/contrib/sudo/gram.c
trunk/contrib/sudo/gram.y
trunk/contrib/sudo/install-sh
trunk/contrib/sudo/iolog.c
trunk/contrib/sudo/isblank.c
trunk/contrib/sudo/lbuf.c
trunk/contrib/sudo/ldap.c
trunk/contrib/sudo/linux_audit.c
trunk/contrib/sudo/list.c
trunk/contrib/sudo/list.h
trunk/contrib/sudo/logging.c
trunk/contrib/sudo/match.c
trunk/contrib/sudo/memrchr.c
trunk/contrib/sudo/missing.h
trunk/contrib/sudo/mkpkg
trunk/contrib/sudo/mksiglist.c
trunk/contrib/sudo/mkstemps.c
trunk/contrib/sudo/nanosleep.c
trunk/contrib/sudo/parse.c
trunk/contrib/sudo/parse_args.c
trunk/contrib/sudo/pp
trunk/contrib/sudo/pwutil.c
trunk/contrib/sudo/redblack.c
trunk/contrib/sudo/schema.ActiveDirectory
trunk/contrib/sudo/schema.OpenLDAP
trunk/contrib/sudo/schema.iPlanet
trunk/contrib/sudo/sesh.c
trunk/contrib/sudo/set_perms.c
trunk/contrib/sudo/setsid.c
trunk/contrib/sudo/sigaction.c
trunk/contrib/sudo/snprintf.c
trunk/contrib/sudo/strcasecmp.c
trunk/contrib/sudo/strerror.c
trunk/contrib/sudo/strlcat.c
trunk/contrib/sudo/strlcpy.c
trunk/contrib/sudo/strsignal.c
trunk/contrib/sudo/sudo.c
trunk/contrib/sudo/sudo.cat
trunk/contrib/sudo/sudo.h
trunk/contrib/sudo/sudo.man.in
trunk/contrib/sudo/sudo.pp
trunk/contrib/sudo/sudo_exec.h
trunk/contrib/sudo/sudo_noexec.c
trunk/contrib/sudo/sudo_nss.c
trunk/contrib/sudo/sudo_usage.h.in
trunk/contrib/sudo/sudoers.cat
trunk/contrib/sudo/sudoers.ldap.cat
trunk/contrib/sudo/sudoers.ldap.man.in
trunk/contrib/sudo/sudoers.man.in
trunk/contrib/sudo/sudoers2ldif
trunk/contrib/sudo/sudoreplay.c
trunk/contrib/sudo/sudoreplay.cat
trunk/contrib/sudo/sudoreplay.man.in
trunk/contrib/sudo/term.c
trunk/contrib/sudo/testsudoers.c
trunk/contrib/sudo/tgetpass.c
trunk/contrib/sudo/timestr.c
trunk/contrib/sudo/toke.c
trunk/contrib/sudo/toke.l
trunk/contrib/sudo/tsgetgrpw.c
trunk/contrib/sudo/utimes.c
trunk/contrib/sudo/vasgroups.c
trunk/contrib/sudo/visudo.c
trunk/contrib/sudo/visudo.cat
trunk/contrib/sudo/visudo.man.in
trunk/contrib/sudo/zero_bytes.c
Added Paths:
-----------
trunk/contrib/sudo/m4/
trunk/contrib/sudo/m4/libtool.m4
trunk/contrib/sudo/m4/ltoptions.m4
trunk/contrib/sudo/m4/ltsugar.m4
trunk/contrib/sudo/m4/ltversion.m4
trunk/contrib/sudo/m4/lt~obsolete.m4
trunk/contrib/sudo/toke.h
trunk/contrib/sudo/toke_util.c
trunk/contrib/sudo/zlib/
trunk/contrib/sudo/zlib/adler32.c
trunk/contrib/sudo/zlib/compress.c
trunk/contrib/sudo/zlib/crc32.c
trunk/contrib/sudo/zlib/crc32.h
trunk/contrib/sudo/zlib/deflate.c
trunk/contrib/sudo/zlib/deflate.h
trunk/contrib/sudo/zlib/gzclose.c
trunk/contrib/sudo/zlib/gzguts.h
trunk/contrib/sudo/zlib/gzlib.c
trunk/contrib/sudo/zlib/gzread.c
trunk/contrib/sudo/zlib/gzwrite.c
trunk/contrib/sudo/zlib/infback.c
trunk/contrib/sudo/zlib/inffast.c
trunk/contrib/sudo/zlib/inffast.h
trunk/contrib/sudo/zlib/inffixed.h
trunk/contrib/sudo/zlib/inflate.c
trunk/contrib/sudo/zlib/inflate.h
trunk/contrib/sudo/zlib/inftrees.c
trunk/contrib/sudo/zlib/inftrees.h
trunk/contrib/sudo/zlib/trees.c
trunk/contrib/sudo/zlib/trees.h
trunk/contrib/sudo/zlib/uncompr.c
trunk/contrib/sudo/zlib/zconf.h.in
trunk/contrib/sudo/zlib/zlib.h
trunk/contrib/sudo/zlib/zutil.c
trunk/contrib/sudo/zlib/zutil.h
Removed Paths:
-------------
trunk/contrib/sudo/BUGS
trunk/contrib/sudo/CHANGES
trunk/contrib/sudo/Makefile
trunk/contrib/sudo/Makefile.inc
trunk/contrib/sudo/RUNSON
trunk/contrib/sudo/TODO
trunk/contrib/sudo/WHATSNEW
trunk/contrib/sudo/acsite.m4
trunk/contrib/sudo/closeform.c
trunk/contrib/sudo/compat.h
trunk/contrib/sudo/config.h
trunk/contrib/sudo/lib/
trunk/contrib/sudo/libtool
trunk/contrib/sudo/mkstemp.c
trunk/contrib/sudo/noexec/
trunk/contrib/sudo/parse.lex
trunk/contrib/sudo/parse.yacc
trunk/contrib/sudo/pathnames.h
trunk/contrib/sudo/sudo/
trunk/contrib/sudo/sudo.8
trunk/contrib/sudo/sudo.man
trunk/contrib/sudo/sudo.pod
trunk/contrib/sudo/sudo.psf
trunk/contrib/sudo/sudo_usage.h
trunk/contrib/sudo/sudoers
trunk/contrib/sudo/sudoers.5
trunk/contrib/sudo/sudoers.ldap.man
trunk/contrib/sudo/sudoers.ldap.pod
trunk/contrib/sudo/sudoers.man
trunk/contrib/sudo/sudoers.pod
trunk/contrib/sudo/sudoreplay.man
trunk/contrib/sudo/sudoreplay.pod
trunk/contrib/sudo/varsub
trunk/contrib/sudo/version.h
trunk/contrib/sudo/visudo/
trunk/contrib/sudo/visudo.8
trunk/contrib/sudo/visudo.man
trunk/contrib/sudo/visudo.pod
Property Changed:
----------------
trunk/contrib/sudo/mkpkg
trunk/contrib/sudo/pp
Deleted: trunk/contrib/sudo/BUGS
===================================================================
--- trunk/contrib/sudo/BUGS 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/BUGS 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,25 +0,0 @@
-Known bugs in sudo version 1.6.9
-================================
-
-1) Sudo should have an option to log when removing "dangerous"
- environment variables.
-
-2) On DUNIX in sia mode, hitting return at the prompt does not quit.
-
-3) In parse.lex, '@' should not need to be a special character.
- However, because lex does greedy matching, {WORD} will match
- instead of the "^Defaults[:@]?" line.
-
-4) In list mode (sudo -l), characters escaped with a backslash
- are shown verbatim with the backslash.
-
-5) Because the parser only does a single pass it is possible to
- make a sudoers file where the "defaults" options are set after
- a user's entry has been validated, changing the permissions for
- the user. The work-around is to put all 'defaults' entries
- before the "User privilege specification" section but after all
- the "alias specifications". In the future the parser will
- converted to a two-pass parser.
-
-6) For the same reason as #5, changing the value of "ignore_dot" has
- no effect (find_path() is called before sudoers is parsed).
Deleted: trunk/contrib/sudo/CHANGES
===================================================================
--- trunk/contrib/sudo/CHANGES 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/CHANGES 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,2158 +0,0 @@
-CHANGES since sudo 1.2
-
-01) sudo now works under hpux, aix, sunos, bsd43, ultrix, linux, osf and irix.
-
-02) Files w/o the executable bit will be ignored if they are in your PATH.
-
-03) If execv() fails, perror is called (which prints out an error based on
- errno) and sudo exits with -1.
-
-04) Included in this shar should also be a version of getpass() derived from
- the bsd net-2 source which works on bsd, ultrix, hpux, aix, and irix
- at least. The latter three unixes have what i consider to be a broken
- getpass() in that if /dev/tty can't be opened it doesn't just use stdin
- like bsd getpass(). This means you cannot do: rsh host "sudo command"
- and have it work if your ticket has expired.
-
-05) The Makefile has changed significantly. It now has defines for all
- supported architectures.
-
-06) Changed MAXCOMMANDLENGTH from 48 bytes to MAXPATHLEN and included
- sys/param.h where appropriate.
-
-07) Rewrote the code that expands links & paths. It now works correctly.
- (rewrote find_path.c)
-
-08) Added a define NEED_STRDUP so we don't conflict with the system's strdup(3)
-
-09) Now does *not* pass LD_* environmental vars on to programs that get
- exec'd. Also removes SHLIB_PATH for hpux and _RLD_* for dec osf.
-
-10) Now searches current dir last if '.' or '' are in PATH. Misses braindeath
- like './' but if that's in your path you deserve all the trojans you get.
-
-11) Added in linux patches from drew + flex support.
-
-12) Added insults back in from original sudo(8) (define USE_INSULTS).
-
-13) visudo now uses EDITOR envar (from John_Rouillard at dl5000.bc.edu)
-
-14) you can now specify a dir containing commands that a sudoer can do.
- (from John_Rouillard at dl5000.bc.edu)
-
-15) Ported to Solaris 2.x (based on a port of sudo 1.1 done by UnixOps).
-
-16) Took out setuid(0); setruid(uid); pairs that bracketed calls to
- update_timestamp() since they are unnecessary and setruid() is
- broken on systems without a setreuid(2) or setresuid(2) system call.
- (Ie: AIX and Solaris 2.x).
-
-17) The bulk of sudo now runs with the caller's real uid. Grep for
- be_root() to find the exceptions.
-
-CHANGES from sudo 1.3
-
-18) Added SECURE_PATH as suggested by russells at ccu1.auckland.ac.nz.
-
-19) Reworked clean_envp() to modify environ (not envp) so we can use
- execvp() safely.
-
-20) Now use execvp() instead of execve() so sudo /bin/kill works under
- broken solaris. This also fixed sudo /etc/fastboot under stock
- 4.3 BSD. Basically, this means that any executable shell script that
- lacks a '#!/bin/sh' magic number will now work with sudo. Personally
- I think that the broken scripts should be fixed rather than changing
- sudo, but vendors will be broken. Sigh.
-
-21) Added USE_EXECV define so you can make sudo use execv() if you
- want. Using execvp() shouldn't be a problem since it is always
- handed a non-relative path that begins with '/' but some people
- may not trust execvp().
-
-22) Log file lines will no longer get truncated. Syslog entries that
- would overrun the syslog(3) line limit are continued on another entry.
-
-23) When logging to a log file, long entries are indented to improve
- readability.
-
-24) Whenever the umask is changed, it is changed back to what it was
- before.
-
-25) Log file is written as mode 600 instead of 644
-
-26) Umask that sudo runs with may now be specified.
-
-27) There is now a "configure" script.
-
-28) Sudo will use ultra fast crypt (ufc) if it finds it for systems w/o
- a real crypt(3) (non-US ConvexOS/Secure for instance).
-
-29) _BSD_COMPAT is now defined for Irix.
-
-30) The global variable uid is now initialized to -2 because I'm paranoid.
-
-31) Native Solaris 2 port from Matthew.Stier at aisg.com
-
-32) Now use sysconf(2) instead of getdtablesize(2) if it is available
- (see change #31). Because of the the getdtablesize() emulation for
- hpux is no longer necessary.
-
-33) Now only do a getcwd(3) or getwd(3) once and do it as the real user.
- Sudo should no longer complain that it can't get the cwd unless
- there is a real problem.
-
-34) Changed some malloc'd globals of fixed length to be allocated from
- the stack instead as there was no win in allocating them from the
- heap.
-
-35) Fixed AIX STATIC_FLAGS as per the AIX faq.
-
-36) Added -V flag to sudo and visudo (for version)
-
-37) Now treat EACCESS like EPERM when doing stat(2) in find_path.c
-
-38) Added prototypes for sudo functions (via __P macro)
-
-39) configure now uses uname(1) if it exists
-
-40) gethostbyname(3) is now only called if you define FQDN. There's really
- no reason to not trust gethostname(2) and this way if name service is
- hosed sudo isn't...
-
-41) added -v (validate) flag to sudo to update a timestamp w/o running
- a command
-
-42) now use tgetpass() (getpass with a timeout)
-
-43) find_path() now uses realpath(3)
-
-44) wrote versions of realpath(3) and getcwd(3) for those without
-
-45) wrote tgetpass()--a getpass() that times out via select(2)
-
-46) sudo now uses posix signals if available
-
-47) Finally added ConvexOS C2 security support from
- "Peter A. Nikitser, Systems Software Support, QUT" <P.NIKITSER at qut.edu.au>
-
-48) You can now #undef MAILER if you don't run sendmail or the equivalent.
-
-49) AFS support from adamh at austin.ibm.com
-
-50) If you define BOTH_LOGS in sudo.h you can log both via syslog(3) *ans*
- to a log file.
-
-51) Added ultrix /etc/auth (enhanced security) support.
-
-52) Sudo now will work with a 4.2BSD syslog (SunOS < 4 && ultrix).
- Personally, I'd say you are better off logging to a file if
- your syslog is this ancient.
-
-53) Changed realpath(3) to sudo_realpath() since we need to do the
- chdir(2) with the invoking uid. sudo_realpath() should be
- faster than vendor-supplied realpath(3)'s anyway...
-
-54) No longer create a static binary on AIX since it reportedly
- causes problem on newer versions on AIX 3.x.
-
-55) If sudo_realpath cannot chdir() back to cwd sudo will print
- and error and exit. Previously it would either fail silently
- or print an incorrect error message.
-
-56) Moved code to send error mail to be after the log message.
- From rouilj at cs.umb.edu.
-
-57) Added SUDO_USER and SUDO_UID envars. Suggested by John P. Rouillard
- (<rouilj at cs.umb.edu).
-
-58) Added -k and -h options and rearranged some of the code to be
- more modular and less braindamaged. This introduces the concept
- of "run modes" to sudo.
-
-59) Fixed visudo and flex. visudo now calls yyrestart() if you are using
- flex instead of lex. From bostley at cs.colorado.edu.
-
-60) Added a "cat page" for systems w/o nroff.
-
-61) Fixed a bug whereby only the last directory specified in a Cmnd_Alias
- was checked. Reported by "James R. Hendrick" <hendrick at ctron.com>.
-
-62) All .{c,lex,yacc} files now include both sys/types.h and unistd.h so
- we are sure to get the typedef of uid_t.
-
-CHANGES from sudo 1.3.1
-
-63) Added preliminary support for DEC OSF/1 protected passwords
- (shadow passwords).
-
-CHANGES from sudo 1.3.1pl1
-
-64) More support for DEC OSF/1 protected passwords (shadow passwords).
-
-CHANGES from sudo 1.3.1pl2
-
-65) Fixed mail logging to include the username as it should have.
-
-66) Added hostname to log message in error mail.
-
-67) Added -l flag to sudo to list the allowed/forbidden commands.
- Suggested by matthew at gateway.bsis.com (Matthew Stier)
-
-68) Fixed bison warnings for parse.yacc and visudo.yacc.
- Pointed out by alfie at dcs.warwick.ac.uk (Nick Holloway).
-
-CHANGES from sudo 1.3.1pl3
-
-69) Sudo will now exit with an error if the command to be run is > MAXPATHLEN.
-
-70) Test in configure for termios support was insufficient. It thought
- Nextstep 3.2 had termios just because it as termios.h (need to link
- with -posix for termios on NeXT's)
-
-CHANGES from sudo 1.3.1pl4
-
-71) First stab at Skey support.
-
-72) Sudo now sets IFS to be SPACE, TAB, NEWLINE.
-
-73) Sudo now sets the real and effective gid to root's group
- (based on passwd file).
-
-74) Sudo now checks that the sudoers file is owned by a certain user
- and not readable or writable by anyone else.
- (based on a suggestion by Joerg Schumacher <schuma at ips.cs.tu-bs.de>)
-
-75) Visudo now sets the owner on the new sudoers file based on #74
-
-76) Sudo and visudo will now compile with byacc (Berkeley yacc).
-
-77) If the rename(2) of stmp -> sudoers fails /bin/mv is executed before
- bailing. Based on code from Case Larsen <clarsen at mh1.lbl.gov>.
-
-78) User-level configuration is now done in options.h.
-
-79) Moved all compatibility #defines to compat.h
-
-80) Incorporated new parsing code from Chris Jepeway <jepeway at cs.utk.edu>.
- This is much better than the previous parser.
-
-81) Rewrote visudo.c and tickled parse.yacc to work with it. Visudo
- now gives you options if a parse error occurs rather than blindly
- dumping you back in the editor.
-
-82) Took out all references to realpath since we are now checking based
- in inode and device (with Chris' new parser). The upshot of this
- is that path matches are done safely and the symlink problem has
- gone away.
-
-83) Fixed bison warnings from new parse.yacc.
-
-84) Added a default case to parse.lex to error on unmatched tokens as Chris
- suggested.
-
-85) Converted configure.in and acsite.m4 to autoconf 2.1.
-
-86) Added lsearch.c and search.h for os's w/o lsearch()/lfind().
-
-87) Sudo now checks to see that the file it is executing is a regular file
- (was just checking the execute bit so dirs slipped through).
- Pointed out by Barb Dijker <barb at labyrinth.com>.
-
-88) Fixed a problem on HP-UX trusted systems with getpwuid() returning "*"
- unless the real uid is 0. Reported by Brian Cunnie (cunnie at nyc.hp.com).
-
-89) configure now checks for size_t and ssize_t in unistd.h as well
- as sys/types.h.
-
-90) configure now checks for egrep before actually using it.
-
-91) configure now checks for a working void implementation (ie: void * as
- a generic pointer) and sets VOID to void or char accordingly.
-
-92) Added support for SunOS 4.x C2 security (shadow passwords) from
- Kendall Libby (fubar at shore.net)
-
-93) Changed all occurrences of bzero() to memset() and bcopy() to
- memmove().
-
-94) Fixed a bug in sudo.c. If a user has no passwd entry sudo would
- dump core (writing to a garbage pointer). Pointed out by
- Stephen Schaefer <sps at gateway.bsis.com>.
-
-95) Worked around a bug in AIX's lex in parse.c. AIX lex doesn't seem
- to handle {x,y} range notation correctly. Bleah.
-
-96) Sudo would not report a failed attempt if the user entered return
- at the 2nd password: prompt so someone trying to guess a password
- could just invoked sudo multiple times and try one passwd at a time.
- Reported by Jonathan Adams <jonathan at smada.com>.
-
-97) Added User_Alias facility.
-
-98) Rewrote most of the ip address / network support. Now works on all
- systems sudo has currently been tested on.
-
-99) Sudo now sets SUDO_COMMAND and SUDO_GID envariables in addition to
- SUDO_USER and SUDO_UID.
-
-100) Added changes to configure.in for UnixWare.
- (from John Warburton <jwarb at SACBH.com.au>)
-
-101) Merged in changes for Interactive Unix and RISCos.
- (from Andy Smith <abs at maunsell.co.uk>)
-
-102) Added testsudoers (from Chris Jepeway <jepeway at cs.utk.edu>).
-
-103) Added fix for parse.yacc to avoid the kludge I was doing.
- (from Chris Jepeway <jepeway at cs.utk.edu>)
-
-104) Now remove the IFS envar if set instead of setting it to a "safe"
- value to avoid problems with make and others.
-
-105) Added FAST_MATCH option to check basenames of sudo command and
- paths listed in sudoers file. If the basename doesn't match
- then it is not a match. If the basename matches, then do
- a stat to make sure it is a valid match.
-
-106) Now only stat(2) cmnd once in path_matches() (in parse.c). Sudo
- was stating cmnd for *every* attempted match. Now the stat struct
- is cached (ie: the var is a static).
-
-107) Signal handlers in visudo are now only installed after the stmp
- file is opened. Previously, it was possible to erase an open
- stmp file by sending visudo a signal within a small window.
-
-108) Added Goon Show insults from Russell Street <r.street at auckland.ac.nz>.
-
-109) Broke out the insults into separate include files (insults.h
- is the master and includes the appropriate one).
-
-110) Now use getwd() instead of getcwd() and provide emulation for
- OS's w/o it. This was done since some OS's with getwd()
- implement getcwd() via a pipe to pwd(1). By emulating getwd()
- by calling getcwd() on OS's w/o getwd() we lose nothing since
- the compiler should optimize away the extra function call.
-
-111) Added crypt() for DEC OSF/1 3.x enhanced security.
- From "Richard L Jackson Jr" <rjackson at osf1.gmu.edu>.
-
-112) Added an option to run the command in the background (-b) as
- suggested by Jonathan Adams <jonathan at smada.com>
-
-113) First stab at kerberos support. I'm not really sure it is
- possible to do this in a sane manor. Sigh.
-
-114) Better kerberos support. Had to use setreuid(2) but falls
- back on a kludge if that does not exist or is broken.
-
-115) Added -p (password prompt) support.
- Suggested by "David W. Cooley" <dwcooley at COLBY.EDU>
-
-116) Added partial implementation of -l (list) flag.
- This is probably as good as it will get until sudo:tng.
-
-117) Added anti-spoofing code to tighten up a race condition
- where a user could run sudo some_link and then change
- where the link pointed after the old link had been
- validated but before the exec().
-
-118) Now update timestamp file via utime() (and emulate via utimes()
- if necessary) to eliminate a small race. Works with
- both POSIX utime() as well as old utime() in BSD <= 4.3.
-
-119) Kerberos ticket file now lives in same dirs as sudo timestamp
- files (to avoid trouncing on normal ticket file) and is removed
- after validation.
-
-120) Now log tty user is on as well as pwd in sudo logs.
-
-CHANGES from sudo 1.3.2 BETA
-
-121) Fixed a bug in the anti-spoofing check.
-
-122) Fixed up ISC support so that it works and looks like non-streams
- stuff in interfaces.c.
-
-123) Now deal correctly with ip implementations that has an sa_len
- field in struct sockaddr.
-
-124) Check ownership and permissions on timestamp dir and ignore if
- not owned by root and mode 0700. Problem pointed out by Larry Auton
- <lda at research.AT&T.com> and Navjot Singh <singh at research.AT&T.com>.
-
-125) Ignore timestamp files with preposterous dates to keep people from
- faking out sudo on OS's that allow you to give away files to root.
- Problem pointed out by Larry Auton <lda at research.AT&T.com> and
- Navjot Singh <singh at research.AT&T.com>.
-
-126) A timeout of 0 will now cause a password to be entered every
- time. Based on a suggestion by Larry Auton <lda at research.AT&T.com>
- and Navjot Singh <singh at research.AT&T.com>.
-
-CHANGES from sudo 1.3.3 BETA
-
-127) Cleaned up interfaces.c so that it is more readable.
-
-128) Added support for syslog()'s that don't guarantee delivery
- of a message. HP-UX is the only known offender.
-
-129) No longer use memmove() since memcpy() does what we need and
- configure doesn't always catch memmove() even when it is
- there (may be a library problem).
-
-130) Updated man page to reflect two more security issues.
-
-131) Cleaned up shadow password support in check.c. It should now
- be readable.
-
-132) Added SCO support.
-
-133) Added check to configure to find the max length of a uid_t
- in characters.
-
-134) Removed uid2str() since we now know how big a uid_t/gid_t
- can be. This elminates a few malloc()'s.
-
-135) Added support for multiple insult types. Based on code and
- a suggestion from Dieter Dworkin Muller <dworkin at village.org>.
-
-136) Replaced clean_env() and rmenv() with a rewritten clean_env()
- that should be a little faster. This also makes it easier to
- add to the list of "dangerous" envariables.
-
-137) Added netgroup support. Netgroups must start with a leading
- "+" to that sudo knows it is a netgroup.
-
-138) Split out sudoers file format into its own man page.
- As suggested by Andy Smith <abs at maunsell.co.uk>.
-
-139) Updated testsudoers.c to grok netgroups.
-
-CHANGES from sudo 1.3.4 BETA
-
-140) Added SecurID support from Giles Todd <giles at gt.demon.co.uk>.
-
-141) Added -s flag to start a root shell and -- to signify end of args.
-
-142) Sped up logging routines by replacing strncpy()'s with strcat()'s.
- This is safe because we dyanically allocate logline to be big enough.
-
-143) Now support command line arguments in the sudoers file.
-
-144) Sped up the loading on command line arguments. This fixes the
- "commands with large argc's take forever to run" bug.
-
-145) Expanded MAXCOMMANDLEN to 8K since we now have to deal with
- command line arguments. Added bounds checking in fill() and
- append() so we don't drop core.
- XXX - 8k makes sudo *SLOW*
-
-146) Added support in the lexer for "termination characters" to be
- escaped. Ie: you can now use [\,:=] in command line args
- as long as you escape with a \.
-
-147) Testsudoers can now deal with commands that have arguments.
-
-148) If a file is not executable or not a regular file sudo will
- now give the appropriate error message instead of just
- "command not found" which is misleading.
-
-149) Fixed a bug where if FQDN is set, load_interfaces() was never
- called.
-
-150) tty is now a global so it can be used in the ticket file
- at a later date.
-
-151) Strings in the parser are now allocated dynamically. This results
- in a large speedup as compared to a 1K array on the stack. I
- have freed the strings in the parser where appropriate but that
- may not catch all instances. Even so, the average sudo now
- takes up less memory than the 1K array version.
-
-152) Fixed a bug in tgetpass() and configure that broke termio/termios
- support for some OS's.
-
-153) Added cheapo implementation of tty-based timestamps. The correct
- way is to have username be a directory with the tty tickets
- inside. However, the current code does not take to that very
- well, and it does not allow the two systems to coexist. Therefore,
- instead of timestampdir/user/tty it is timestampdir/user.tty.
-
-154) Added support for building in other than the source directory.
- Based on changes from "Simon J. Gerraty" <sjg at frodo.dn.itg.telecom.com.au>
-
-155) options.h and pathnames.h are now included via angle brackets
- (<>) so as to use the -I include path. This way, those using
- a shadow build tree may have local copies of these headers
- w/o clobbering the distribution ones.
-
-156) EXEMPTGROUP is now a string (group name) and user_is_exempt()
- is now less of a hack. It uses getgrnam(EXEMPTGROUP) to
- get a list of users in the exempted group.
-
-157) --prefix and --exe_prefix are now honored in the Makefile.
-
-158) Sudo will now behave reasonably in the case where the sudoers
- file location is mounted via NFS and the client does not
- have "root" NFS privs.
-
-159) _PATH_SUDO_SUDOERS, _PATH_SUDO_STMP, and SUDOERS_OWNER are
- now set via the Makefile since that appears to be what
- most people expect...
-
-160) Now include a pre-generated version of parse.lex since so many
- versions of lex are brain damaged. If parse.lex is changed
- a new lex.yy.c will be generated. The distribution copy is
- sudo-lex.yy.c.
-
-161) Upgraded to GNU autoconf version 1.5. There are now even
- *more* options.
-
-CHANGES from sudo 1.3.5 BETA
-
-162) Fixed S/Key support.
-
-163) Cleaned up shadow password support further by moving much of
- it to getspwuid.c.
-
-164) First cut at DCE support. [needs work to be functional]
-
-165) New Digital UNIX C2 support based on code from
- "Randy M. Hayman" <haymanr at icefog.sois.alaska.edu>
-
-166) S/key support now works with the generic bellcore s/key
- as well as the s/key from Wietse Venema's logdaemon.
- (Previously only worked with the logdaemon s/key).
- As an added bonus the s/key challenge is now embedded
- in the password prompt for a cleaner look.
-
-167) lsearch.c will now compile on a strict ANSI C compiler.
- ANSI doesn't allow pointer arithmetic on a "void *"
- but gcc does.
-
-168) Bought back latest HP-UX DCE support from Jeff Earickson
- <jaearick at colby.edu>.
-
-169) configure now comletely groks $SUDO_LIBS and $VISUDO_LIBS.
- Plain old $LIBS is no longer used. LDFLAGS has also been
- split up into $SUDO_LDFLAGS and $VISUDO_LDFLAGS.
- The reason for this is that sudo often needs extra libs
- for alternate authentication schemes but visudo rarely does.
-
-170) The code to copy command arguments flaied for large values of
- argc due to realloc() lossage. We now cheat and treat argv[]
- as a flat string (since that's what it is) and use pointer
- arithmetic to compute the length. Kind of sneaky but it
- works (and is relatively fast).
-
-CHANGES from sudo 1.3.6 BETA
-
-171) Added support for UN*X groups in sudoers based on code from
- Dougal Scott <dwagon at aaii.oz.au>.
-
-172) interfaces.c should work on ISC UN*X again.
-
-173) All source files are <= 14 characters for old SYSV file systems.
-
-CHANGES from sudo 1.3.7 GAMMA
-
-174) Minor configure[.in] fixes.
-
-175) tgetpass.c now compiles on OS's that put the definition of
- fd_set in <sys/bsdtypes.h>
-
-CHANGES from sudo 1.4
-
-176) Command args in sudoers are now stored in an argument vector
- instead of a flat string to make wildcard matching simpler.
-
-177) Added NewArgv and NewArgc that describe the command to be
- executed. The copy of args in cmnd_args is no longer necessary
- and has been removed.
-
-178) Using strcmp(3) for argument matching in command_matches()
- (was path_matches()) is no longer sufficient since we don't
- have a flat string. compare_args() is used instead which
- calls either strcmp(3) or wildmat(3l) depending on whether
- there are shell-style meta chars (wildcards) present.
-
-179) Shell-style wildcard matches are now available in the sudoers
- file. Matches are done via Rich $alz's wildmat(3).
- This required the tweaks described in #176-178 as well as
- other, more minor, changes.
-
-180) Commented out rule to build lex.yy.c from parse.lex since
- we ship with a pre-flex'd parser and can't rely on file
- dates being set correctly.
-
-181) Fixed visudo and testsudoers to deal with new argument
- vector handling.
-
-182) A null string ("") as shell in passwd file (or $SHELL) is
- now treated as the bourne shell.
-
-183) Converted *.man to pod format for easy conversion to man,
- html, latex, and just plain text. Tried to make the
- sudoers manual easier to read in the process.
-
-184) Updated sample.sudoers and sudoers.pod to include info
- on wildcards.
-
-CHANGES from sudo 1.4.1
-
-185) compat.h now defines _PASSWD_LEN based on PASS_MAX if it
- is defined (from limits.h on SYSV).
-
-186) Both short and long hostnames may now be used in the sudoers
- file if FQDN is defined. From patches submitted by
- Michael Meskes <meskes at Informatik.RWTH-Aachen.DE>.
-
-187) Now use skeylookup() instead of skeychallenge(). Hopefully
- this will work around a problem some people have reported
- on Solaris 2.5 with sudo and logdaemon 5.0's skey.
-
-188) Now uses /var/run to hold timestamp files if it exists. This
- is more secure.
-
-189) configure now puts the timestamp dir in /var/run if it exists.
- Sugestion by Michael Meskes <meskes at Informatik.RWTH-Aachen.DE>.
-
-190) Both short and long hostnames now exist even if FQDN is not set.
- This allows machines with fully qualified hostnames set via
- hostname(1) to use them in the sudoers file.
-
-191) sudo was not honoring "." in $PATH due to a bug in find_path().
-
-192) Added IGNORE_DOT_PATH option to ignore "." in $PATH.
-
-193) tgetpass() now uses raw read(2) and write(2) instead of stdio.
- This should make it work on more OS's. Previously, it used
- stdio (buffered) fgets(3) and fputs(3) with select(2) which
- may not be legal. Also got rid of the nasty goto's and
- generally simplified the code.
-
-194) Parser now supports hostnames like UPPERCASE.foo.com. Previously,
- `UPPERCASE' was interpreted as an Alias. This means that
- the `fqdn' stuff has been moved to the lexer (FQHOST is used
- to avoid collision with FQDN option).
-
-195) Reworked --with-FOO in configure.in to support --without-FOO.
- Made shadow passwords the default for appropriate OS's. They
- can be turned off with --without-C2.
-
-196) Added NO_PASSWD option for those who don't want to be bothered
- by a password prompt from sudo. This is really just a hack.
-
-197) Added support for double quotes to mean "treat these words as one
- argument". This is similar to what most shells do.
-
-198) Added mkinstalldirs to make install destination dirs if
- they do not already exist.
-
-CHANGES from sudo 1.4.2
-
-199) Added support for --with-CC (which C compiler to use).
-
-200) Added support for NOPASSWD token and running commands a
- specified users (sudo -u) from Keith Garry Boyce
- <garp at opustel.com>
-
-201) Only link with -lshadow for Linux if libc lacks getspnam(). Problem
- pointed out by Michael Meskes <meskes at Informatik.RWTH-Aachen.DE>.
-
-202) Replaced SUDOERS_OWNER with SUDOERS_UID and SUDOERS_GID. Added
- SUDOERS_MODE and changed the default to 0440 (from 0400).
- It is now possible to NFS-mount sudoers without doing anything fancy.
-
-202) If a runas list is specified, a user may only run commands as
- "root" if "root" is a member of the runas list. The old behavior
- was to always allow commands to be run as root, even if a runas
- list was specified. Now you can give someone "sudo -u operator"
- and not have the equivalent of "sudo -u root" as well.
-
-203) Added "USER=%s" to logging functions.
-
-204) configure will now add -lPW to (VI)?SUDO_LIBS if using bison
- or DCE and alloca(3) is not in libc (or provided by gcc) but
- is in libPW.a.
-
-205) sudo would give an incorrect error message if the sudoers file
- didn't exist due to close() stomping errno if the open() failed.
-
-206) Fixed "shell" mode (sudo -s). When building NewArgv sudo was
- not allocating space for the NULL.
-
-207) Added support for wildcards in the pathname. Ie: /bin/*.
-
-208) 'command ""' in sudoers now means no args allowed.
-
-209) Added command line args to SUDO_COMMAND envariable.
-
-210) HP-UX 10.x with C2 now uses bigcrypt().
- Changes from david_dill at Merck.Com (David Dill).
-
-211) lsearch.c will now compile w/o compiler warnings.
- (Updated from NetBSD lsearch.c)
-
-212) Now uses POSIX fnmatch(3) (which uses ! instead of ^ in ranges)
-
-CHANGES from sudo 1.4.3
-
-213) Now allows network/netmask in sudoers to override per-interface
- netmask.
-
-214) Fixed -u support with multiple user lists on a line.
-
-215) Fixed a core dump problem when built with -DSHELL_IF_NO_ARGS.
-
-216) Fixed 2 typos in parse.yacc and removed some unnecessary if's.
-
-217) Now always use install-sh since SunOS install can't do uid/gid's.
- Other BSD installs are probably similarly afflicted.
-
-218) Fixed NFS-mounted sudoers file under solaris both uid *and* gid
- were being set to -2. Now set uid to 1 to avoid group being
- remapped.
-
-219) Now includes alloca.c (from gcc) for those w/o it. Linking
- against -lPW breaks visudo on HP-UX and probably others.
-
-220) Added --with-libpath, --with-libraries, --with-incpath options
- to configure.
-
-221) configure now uses shicc instead of gcc on BSD/OS >= 2.0 to
- generate binaries linked with shared libs.
-
-222) The parser was setting no_passwd even if there wasn't a
- runas match. I reordered some things in parse.yacc
- to fix this.
-
-223) `sudo -v' (validate) wasn't paying attention to NOPASSWD.
- Now it does.
-
-224) testsudoers now groks "-u user".
-
-225) Updated AFS support based on what tcsh 6.06 does.
-
-226) Fixed a typo/thinko that broke BSD > 4.3reno wrt interfaces.c.
-
-227) HPUX 10.X shadow password stuff now uses SecureWare routines.
-
-228) SecureWare passwd checking now uses bigcrypt() if available.
- Now uses AUTH_MAX_PASSWD_LENGTH if defined.
-
-229) configure now makes sure you don't have a config.cache file
- from another OS.
-
-230) Added better shadow password detection.
- BSD >= 4.3reno -> /etc/master.passwd
- hpux9: getspwnam() -> /.secure/etc/passwd
- hpux10: getspnam() or getprpwnam() -> /tcb/files/auth/*/* (link with -lsec)
- SVR4: getspnam() -> /etc/shadow
- solaris: getspnam() -> /etc/shadow
- irix[56].x: getspnam() -> /etc/shadow
- sunos 4.x: getpwanam() -> /etc/security/passwd.adjunct
- DUNIX: getprpwnam() -> /tcb/files/auth/*/* (link with -lsecurity)
- SecureWare: getprpwnam() -> /tcb/files/auth/*/*
- ultrix 4.x: getauthuid() -> /etc/auth.{pag,dir}
-
-231) '(' in command args no longer are a syntax error.
-
-232) '!command' now works in the presence of a runas or NOPASSWD token.
- Simplified parse rules wrt runas and NOPASSWD (more consistent).
-
-233) Command args and now compared as a flat string again. This makes
- wildcard matches more consistent.
-
-234) DUNIX C2 support now groks AUTH_CRYPT_OLDCRYPT and AUTH_CRYPT_C1CRYPT.
-
-235) configure now uses config.{sub,guess} to guess OS type.
- Sudo should work out of the box on more OS's now.
-
-236) Got rid of HAVE_C2_SECURITY, now just use SHADOW_TYPE.
-
-237) Fixed race in tgetpass() where echo can be turned off and
- left off if sudo is used in a pipeline and a password is
- required.
-
-CHANGES from sudo 1.4.4
-
-238) `sudo -l' output now includes runas and NOPASSWD info and
- asks for a password unless NOPASSWD for ALL is set.
-
-239) Sudo can now deal with all-caps user and host names.
-
-240) Sudo will now remove the "ENV" and "BASH_ENV" envariables.
- From Michael Meskes <meskes at Informatik.RWTH-Aachen.DE>.
-
-241) `sudo -l' will now expand Cmnd_Alias's (could be prettier).
-
-242) `sudo -s' will now set $HOME to root's homedir (or that of
- the user specified -u) so dot files get sourced.
-
-CHANGES from sudo 1.4.5
-
-243) $HOME was always being set, not just with `-s'.
-
-244) In visudo, the owner and group of the sudoers file were
- being set too early; an editor could change them and change
- the owner/group of the resulting sudoers file.
-
-CHANGES from sudo 1.5
-
-245) Added SHELL_SETS_HOME option.
-
-246) Added NO_MESSAGE option.
-
-247) Added %u and %h escapes in PASSPROMPT to expand to user's name
- and host.
-
-248) Added "SUDO_PROMPT" envariable.
-
-249) Usernames may now begin with a digit. Gross, but people do it.
-
-Sudo 1.5.1 released.
-
-250) Added `opie' support.
-
-251) Added check to make sure fnmatch() really works.
-
-252) Now use the prompt S/Key gives us instead of rolling our own.
-
-253) Added -H flag from Danny Barron <dcbarro at nppd.com>.
-
-254) Add SUDO_PS1 envariable support.
-
-255) Attempt at sequent support.
-
-Sudo 1.5.2 released.
-
-256) visudo acts sanely when there is no sudoers file.
-
-257) Added Runas_Alias support.
-
-258) Sudo will now work with SUDOERS_MODE == 400 and SUDO_UID = 0.
-
-259) Alias's in a runas list are now expanded.
-
-260) Fixed bug with > 32 saved aliases. Reported by BHH at capgroup.com.
-
-261) Code that uses sprintf() is now more paranoid about buffer
- overflows.
-
-262) Whitespace is now allowed after a line continuation character before
- a newline in sudoers.
-
-263) %h in MAILSUBJECT expands to local hostname.
-
-Sudo 1.5.3 released.
-
-264) Don't pass getdtablesize() as first arg to select(2). No need
- to do this since we only select on one fd--use (fd+1) as nfds
- and the old way caused problems on some systems (arguably
- a bug in those OS's). From Marc Slemko marcs at znep.com.
-
-265) Fixed coredump when passwd file is missing or unavailable.
- Reported by Jason Downs <downsj at teeny.org> and
- Klee Dienes <klee at mit.edu> (via a Debian Linux bug report).
-
-266) Fixed bug wrt exclusion lists and relative pathnames.
- Reported by osiris at COURIER.CB.LUCENT.COM.
-
-267) exit(1) if user doesn't enter a passwd.
- Noted by Alex Parchkov <alexp at ind.tansu.com.au>.
-
-Sudo 1.5.4 released.
-
-268) Newer versions of Irix use _RLDN32_* envariables for 32-bit binaries
- so ignore _RLD* instead of _RLD_*. From tarrall at bamboo.Colorado.EDU.
-
-269) Only open sudoers file once as opposed to once for sanity checks and
- once for the parser. Also try to open ten times if we get EAGAIN.
-
-Sudo 1.5.5 released.
-
-270) Initialize group vector if we are becoming a user other than root.
- For root, it is often more useful to hang on to our existing group
- vector.
-
-271) Fix usage of select(2) to deal correctly with a high-numbered fd.
-
-272) Fixed a bug where sudo sometime didn't give the user a chance to
- enter a password at the prompt.
-
-273) Use a dynamically sized buffer when reading ether interfaces.
-
-274) Fixed configure problems with identification of HP-UX > 10.x and
- with cc being identified as a cross compiler on some platforms.
-
-275) Fixed a problem with HP-UX 10.x and alloca. Bison does not
- include alloca.h on HP-UX 10.x even though it uses alloca()
- (and thus needs the #define of alloca(x) to __builtin_alloca(x)).
- To fix this we include alloca.h ourselves if using bison and not gcc.
-
-276) Included support for the AIX 4.x authenticate() function from
- Matt Richards <v2matt at btv.ibm.com>.
-
-277) Fixed an off by one error in the parser. Found by
- Piete Brooks <Piete.Brooks at cl.cam.ac.uk>
-
-278) Change NewArgv size computation to work on UNICOS.
- From Mike Kienenberger <mkienenb at arsc.edu>
-
-279) Added --with-logfile and --with-timedir configure options.
-
-280) Use getcwd(3), not getwd(3) to avoid possible buffer overflow.
- Use BSD getcwd(3) if system lacks one or is SunOS 4.x.
-
-281) Fix 'fprintf' argument mismatches in 'visudo.c'.
- From ariel at oz.engr.sgi.com (Ariel Faigon)
-
-282) Use waitpid or wait3 to reap children in logging.c.
- Pointed out by Theo de Raadt <deraadt at theos.com>
-
-283) Sudo should prompt for a password before telling the user that
- a command could not be found. Noted by rhodie at NAC.NET.
-
-284) Fix OTP_ONLY for opie; "Deven T. Corzine" <deven at fuse.net>.
-
-285) Include pre-yacc'd parse.yacc as sudo.tab.[ch] since more and
- more vendors are charging for yacc (bad vendor, no cookie).
-
-286) Use MAX*, not MAX*+1
-
-287) Add support for Hitachi SR2201, from b-edgington at hpcc.hitachi-eu.co.uk
-
-288) Added RUNAS_DEFAULT option to allow one to compile sudo with a
- default runas user other than root.
-
-289) Add options to log the hostname in the file-based log and to not
- do word wrap in file-based log. From Theo Van Dinter <tvd at chrysalis.com>
-
-290) RedHat Linux pam support, from Gary Calvin <GCalvin at kenwoodusa.com>.
- pam.sudo goes in /etc/pam.d/sudo on RedHat 5.0 and above.
-
-291) With sudo -s, set command the full path of the shell, not the basename.
- Noted by Peter W. Osel <pwo at guug.de>
-
-Sudo 1.5.6 released.
-
-292) Pam auth now runs as root; necessary for shadow passwords.
-
-293) Shadow password support is now compiled in by default. You can disable
- it via --disable-shadow.
-
-294) We now remove a timestamp file with a bogus date when it is detected.
- From Steve Fobes <sfobes at uswest.com>.
-
-295) In tgetpass(), restart select if it is interrupted. This really fixes a
- problem where a user sometimes is not given a change to enter a password.
-
-296) All options have moved from options.h -> configure.
-
-297) visudo is now installed in /usr/local/sbin where it belongs.
-
-298) Lots of configure changes. Instead of checking for the existence
- of -lsocket, -lnsl, or -linet, we instead check them for the
- functions we need only if they are not already in libc.
-
-299) Added DUNIX SIA (Security Integration Architecture) support from
- Spider Boardman <spider at Orb.Nashua.NH.US>.
-
-300) Added test for broken Digital UNIX 4.0 prot.h.
-
-301) Better support for C2 security on Digital UNIX.
-
-302) Hacked autoconf so that you have have single quotes in
- --with-passprompt.
-
-303) For SecureWare-style shadow passwords use getprpwnam() instead
- of getprpwuid() since getprpwuid is broken in HP-UX 10.20 at
- least (it sleeps for 2 minutes if the shadow files don't exist).
-
-304) We can't really trust UID_MAX or MAXUID since they may only exist for
- backwards compatibility; spider-both at Orb.Nashua.NH.US
-
-305) Make %groups work as RunAs specifiers; Ray Bellis <rpb at community.net.uk>.
-
-306) Set USER environment variable to target user.
- Suggested by Ray Bellis <rpb at community.net.uk>.
-
-307) Go back to printing "command not found" unless --disable-path-info
- specified. Also, tell user when we ignore '.' in their path and it
- would have been used but for --with-ignore-dot.
-
-308) When using tty tickets make it user:tty not user.tty as a username
- could have a '.' in it.
-
-309) Define BSD_COMP for svr4 to get BSD ioctl defs. Also, if we have
- sys/sockio.h but SIOCGIFCONF is not defined by including sys/ioctl.h
- include sys/sockio.h directly.
-
-310) Fixed a bug that could cause "sudo -l" to segfault or complain
- about non-existent syntax errors.
-
-Sudo 1.5.7 released.
-
-311) Fixed square bracket quoting in configure and moved check for -lnsl
- to be before -lsocket.
-
-312) In load_interfaces(), close sock after bwe are done with it. Leak
- noticed by Mike Kienenberger <mkienenb at arsc.edu>.
-
-313) Missing pieces from change #308; from Mike Kienenberger.
-
-314) Real Kerberos 5 support from Frank Cusack <fcusack at iconnet.net>.
-
-315) FWTK 'authsrv' support from Kevin Kadow <kadow at MSG.NET>.
-
-316) Fixed handling and documentation of -with-umask.
-
-317) If the check for socket() or inet_addr() fails, retry, this time
- linking with both -lsocket and -lnsl for those systems that
- have interlibrary dependencies.
-
-Sudo 1.5.8 released.
-
-318) Add dirfd() macro for systems without it.
-
-319) Better check for socket() in -lsocket -lnsl in configure.
-
-320) Minor configure fixes.
-
-Sudo 1.5.8p1 released.
-
-321) Fixed a bug wrt quoting characters in command args.
-
-322) Make --without-sendmail work.
-
-Sudo 1.5.8p2 released.
-
-323) Fixed a segv if HOST_IN_LOG defined and gethostbyname() fails.
- Reported by Gero Treuner <gero at faveve.uni-stuttgart.de>.
-
-324) Fixed a parse bug wrt the ! operator and runas specs. Noted by
- David A Beck <BKD at payserv.telekurs.com>.
-
-325) Use new emalloc/erealloc/estrdup functions (catch errors and exit).
-
-326) New PAM code that should work on both Solaris and Linux.
-
-327) Make sudo's usage info better when mutually exclusive args are given
- and don't rely on argument order to detect this. From Nick Andrew.
-
-328) In visudo, shift return value of system() by 8 to get the real exit value.
-
-Sudo 1.5.9 released.
-
-329) The runas user and NOPASSWD tags are now persistent across entries
- in a command list (ie: cmnd1,cmnd2,cmnd3). A PASSWD tag has been
- added to reverse NOPASSWD. The runas user and *PASSWD tags can be
- overridden on a per-command basis at which point they become the
- new default for the rest of the list.
-
-330) It is now possible to use the '!' operator in a runas list as
- well as in a Cmnd_Alias, Host_Alias and User_Alias.
-
-331) In estrdup(), do the malloc ourselves so we don't need to rely on the
- system strdup(3) which may or may not exist. There is now no need to
- provide strdup() for those w/o it.
-
-332) You can now specify a host list instead of just a host or alias
- in a privilege list. Ie: user=host1,host2,ALIAS,!host3 /bin/ls
-
-333) Stash the "safe" path to the command instead of stashing the struct
- stat. Should be safer.
-
-334) Now set $LOGNAME in addition to $USER.
-
-335) No longer use stdio in tgetpass()
-
-336) Don't use _PASSWD_LEN or PASS_MAX as we can't rely on them corresponding
- to anything real. Instead, we just use a max password size of 256
- everywhere.
-
-337) Block keyboard-generated signals during startup and restore signal
- mask before exec'ing the program. We don't want the user to be
- able to simply kill us and avoid logging.
-
-338) Rewrote timestamp handling. For the default case, a directory is used
- instead of a file. For the tty-based case, the timestamp is just a
- file in that directory (eg. /var/run/sudo/username/tty). You now only
- get the lecture once, even in the tty case. The goal here is to allow
- the tty and non-tty schemes to coexist, though it is worth noting that
- when you update a tty file, the mtime of the dir gets updated too.
-
-339) The meaning of -k has changed to mean "invalidate the timestamp".
- There is a new -K option to really remove the timestamp file/dir.
-
-340) New modular authentication API. This fixes the rat's nest of
- #ifdefs that was the old auth code.
-
-341) New logging functions. log_error() now takes a variable number of
- args ala printf() and log_auth() reacts to the return value of validate().
-
-342) If a user is not in the sudoers file they are still asked for a password.
- This keeps someone who finds a user logged in to a terminal from being
- able to tell whether or not the user is allowed to use sudo.
-
-343) New PAM code again, this time it should be correct.
-
-344) tgetpass() now has a flag to specify whether or not to turn
- off echo while reading the password. Used by the new PAM and
- fwtk code.
-
-345) Fixed shadow password dectection on SCO.
-
-346) Sudo is now available under a BSD/Apache style license. This is
- possible because it no longer contains any of the original 1.1 code.
-
-347) Added configuration info when sudo is run with the -V flag by root.
-
-348) Change visudo tmp file from /etc/stmp -> /etc/sudoers.tmp since
- Solaris uses stmp for shadow temp file. Also rename _PATH_SUDO_SUDOERS
- to _PATH_SUDOERS and _PATH_SUDO_STMP to _PATH_SUDOERS_TMP.
-
-349) Added configure option to set syslog priorities.
-
-350) Sudo now locks its log file to prevent mangled entries.
-
-351) Visudo now locks the sudoers temp file instead of bailing when
- the temp file already exists. This fixes the problem of stale
- temp files but it does *require* that you not try to put the
- temp file in a world-writable directory. This shoud not be
- an issue as the temp file should live in the same dir as sudoers.
-
-352) Fixed crypt() check in libufc.
-
-353) It is now possible to put a list of users as the first thing in a
- user specification. I don't suggest this but it makes the grammar
- more uniform.
-
-354) Visudo will now warn about what it thinks are undefined aliases.
- Since it can't be 100% sure these are just warnings, not errors.
-
-355) Add a --without-passwd option to configure that turns off
- passwd/shadow file authentication. Only usable with an alternate
- authentication scheme.
-
-356) Add a --disable-authentication option to configure that causes sudo
- to not require authentication by default. The PASSWD tag can be
- used to require authentication for an entry.
-
-357) Add a --with-devel option to add -Wall and uncomment yacc/lex
- generation in Makefile.
-
-358) Zero out plaintext password after use (should do encrypted as well).
-
-359) Added real dependencies in Makefile.
-
-360) Deprecated --with-otp-only in favor of --without-passwd.
-
-361) Add --with-mail-if-no-host to send mail if a user tries to run sudo on
- a host for which he/she is not authorized.
-
-362) Most of sudo now runs as root instead of the invoking user to
- minimize the possibility of user control via signals or tracing.
-
-363) Now Support CIDR-style netmasks (ie: 128.138.0.0/16).
-
-364) In "sudo -l" mode, the type of the stored (expanded) alias was not
- stored with the contents. This could lead to incorrect output
- if the sudoers file had different alias types with the same name.
- Normal parsing (ie: not in '-l' mode) is unaffected.
-
-365) Now include strcasecmp() for those without it.
-
-366) Most compile-time options are now changable at runtime via
- the 'Defaults' specification in the sudoers file.
-
-367) Added a -L flag to printout all the possible 'Defaults' parameters.
-
-368) It is now possible to escape "special" characters in usernames, hostnames,
- etc with a backslash.
-
-369) Sudo will now accept a hostname/username/netgroupname that contains
- almost any character in it. It seems many people want to use '.'
- and other non-alphanumerics in usernames.
-
-370) Fixed the root_sudo option. Sudo was always complaining that root
- was not allowed to run sudo if the root_sudo flag was turned off.
-
-371) tgetpass() now uses a function to read up until the end of line.
- Fixes problems in a pipeline when a program sets the tty mode
- to be character at a time.
-
-372) sudo now turns off core dumps via setrlimit (probably paranoia).
-
-Sudo 1.6 released.
-
-373) Better diagnostics on PAM failure.
-
-374) Killed shell_noargs option, it cannot work since the command needs to
- be set before sudoers is parsed.
-
-375) Fixed the following Defaults options: set_home, fqdn, syslog, tty_tickets,
- ticket_dir, insults.
-
-376) When using select() in tgetpass(), do a separate select before
- each read to be sure we can timeout correctly.
-
-377) SecurID support compiles and works again.
-
-378) Fixed a bug parsing runas modifiers. If a user spec contained multiple
- runas specs, the latter ones may not be applied.
-
-379) #uid now works in a RunasAlias
-
-380) Don't ask the user for a password if the user is not allowed to run
- the command and the authenticate flag (in sudoers) is false.
-
-381) Added configure check for initgroups(3).
-
-382) Use our own fnmatch() if there is no fnmatch.h, even if there is an
- fnmatch() in libc.
-
-Sudo 1.6.1 released.
-
-383) Better behavior for -l and -v flags in conjunction with NOPASSWD and
- added "verifypw" and "listpw" options.
-
-384) For HP-UX with cc, add the -Aa flag along with -D_HPUX_SOURCE.
-
-385) Fix compilation with K&R compilers.
-
-386) For netgroup host matching, match against the short version of the
- hostname as well as the long one if they are different.
-
-387) Terminate passwd reading on '\r' in addition to '\n'
-
-388) Visudo used to loop endlessly if a user entered ^D at the whatnow
- prompt. EOF is now treaded as 'x' (exit w/o saving changes).
-
-389) The 'shell_noargs' runtime option is back based on a patch from
- bguillory at email.com.
-
-390) Systems that return RLIM_INFINITY for RLIMIT_NOFILE (like AIX)
- would loop for a very loing time during sudo startup. A value of
- RLIM_INFINITY is now ignored (getdtablesize/sysconf is used instead).
-
-391) Locking in visudo was broken. We now lock the sudoers file, not the
- sudoers temp file, which should be safe.
-
-392) PAM fixups: custom prompts now work correctly and errors are
- dealt with more sanely. Patches from Cloyce D. Spradling.
-
-Sudo 1.6.2 released.
-
-393) Users in the 'exempt' group shouldn't get their $PATH overridden
- by 'secure-path'. Patch from jmknoble at pobox.com.
-
-394) Pam now works on HP-UX 11.0, thanks to Jeff A. Earickson.
-
-395) Fixed a bug that caused an infinite loop when the password
- timeout was disabled.
-
-396) It is now possible to set the path to the editor for visudo as well
- as the flag that determines whether or not visudo will look at
- $EDITOR in the sudoers file.
-
-397) configure now pulls in the values of LIBS, LDFLAGS, CPPFLAGS, etc
- as the documentation says it ought to.
-
-398) Added rootpw, runaspw, and targetpw to prompt for the root, runas_default
- and target user's passwords respectively (instead of the invoking user's
- password).
-
-399) Added -S flag to force password read from stdin.
-
-400) Restore coredumpsize resource limit before exec'ing the child
- process (sudo sets it to 0 internally).
-
-401) Truncate unencrypted password to 8 chars if encrypted password is exactly
- 13 characters (indicateing standard a DES password). Many versions
- of crypt() do this for you, but not all (like HP-UX's).
-
-402) Fixed a typo/thinko that broke secureware support for long passwords.
-
-403) Added a new command line switch '-c' to support BSD login classes.
- The '-c' option can be used to sudo a command with specific resource
- limits in the login.conf database. This feature is optionally enabled
- via the --with-logincap configure switch. Based on a patch from
- Michael D. Marchionna.
-
-404) Fixed a bug where sudo would hang around and consume CPU if we spawn
- a long-running process.
-
-405) Deal with HP-UX password aging info tacked on to the end of the
- encrypted password.
-
-406) Added set_logname run-time option. When unset, sudo will not set
- the USER and LOGNAME environment variables.
-
-407) Wildcards are now allowed in the hostnames specified in sudoers.
- The 'fqdn' option is often required for this to be useful.
-
-408) Fixed a bug where host and user qualifiers in a Defaults entry were
- not being used correctly and the entry was being applied globally.
-
-Sudo 1.6.3 released.
-
-409) Fixed targetpw, rootpw, and runaspw options when used with non-passwd
- authentication (pam, etc).
-
-Sudo 1.6.3p1 released.
-
-410) When the targetpw flag is set, use the target username as part
- of the timestamp path.
-
-Sudo 1.6.3p2 released.
-
-411) Fixed a bug that prevented the -H option from being useful.
-
-Sudo 1.6.3p3 released.
-
-412) Fixed a case where a string was used after it had been freed.
-
-Sudo 1.6.3p4 released.
-
-413) Fixed listpw and verifypw sudoers options.
-
-414) Do not write NUL when writing passwd prompt; hag at linnaean.org.
-
-Sudo 1.6.3p5 released.
-
-415) Fix word splitting bug that caused a segv for very long command line args.
-
-Sudo 1.6.3p6 released.
-
-416) Fix negation of path-type Defaults entries in a boolean context.
-
-Sudo 1.6.3p7 released.
-
-417) Visudo now checks for the existence of an editor and gives a sensible
- error if it does not exist.
-
-418) The path to the editor for visudo is now a colon-separated list of
- allowable editors. If the user has $EDITOR set and it matches
- one of the allowed editors that editor will be used. If not,
- the first editor that actually exists is used.
-
-419) Visudo now does its own fork/exec instead of calling system(3).
-
-420) Allow special characters (including '#') to be embedded in pathnames
- if quoted by a '\\'. The quoted chars will be dealt with by fnmatch().
- Unfortunately, 'sudo -l' still prints the '\\'.
-
-421) Added the always_set_home option.
-
-422) Strip NLSPATH and PATH_LOCALE out from the environment to prevent
- reading of protected files by a less privileged user.
-
-423) Added support for BSD authentication and associated -a flag.
-
-424) Added check for _innetgr(3) since NCR systems have this instead
- of innetgr(3).
-
-425) Added stay_setuid option for systems that have libraries that perform
- extra paranoia checks in system libraries for setuid programs.
-
-426) Environment munging is now done by hand. The environment is zeroed
- upon sudo startup and a new environment is built before the command
- is executed. This means we don't rely on getenv(3), putenv(3),
- or setenv(3).
-
-427) Added a class of environment variables that are only cleared if they
- contain '/' or '%' characters.
-
-428) Use stashed user_gid when checking against exempt gid since sudo
- sets its gid to SUDOERS_GID, making getgid() return that, not the
- real gid. Fixes problem with setting exempt group == SUDOERS_GID.
- Fix from Paul Kranenburg.
-
-429) Fixed file locking in visudo on NeXT which has a broken lockf().
- Patch from twetzel at gwdg.de.
-
-430) Regenerated configure script with autoconf-2.52 (required some
- tweaking of configure.in and friends).
-
-431) Added mail_badpass option to send mail when the user does not
- authenticate successfully.
-
-432) Added env_reset Defaults option to reset the environment to
- a clean slate. Also implemented env_keep Defaults option
- to specify variables to be preserved when resetting the
- environment.
-
-433) Added env_check and env_delete Defaults options to allow the admin
- to modify the built-in list of environment variables to remove.
-
-434) If timestamp_timeout < 0 then the timestamp never expires. This
- allows users to manage their own timestamps and create or delete
- them via 'sudo -v' and 'sudo -k' respectively.
-
-435) Authentication routines that use sudo's tgetpass() now accept
- ^C or ^Z at the password prompt and sudo will act appropriately.
-
-436) Added a check-only mode to visudo to check an existing sudoers
- file for sanity.
-
-437) Visudo can now edit an alternate sudoers file.
-
-438) If sudo is configured with S/Key support and the system has
- skeyaccess(3) use that to determine whether or not to allow
- a normal Unix password or just S/Key.
-
-439) Fixed CIDR handling in sudoers.
-
-440) Fixed a segv if the local hostname is not resolvable and
- the 'fqdn' option is set.
-
-441) "listpw=never" was not having an effect for users who did not
- appear in sudoers--now it does.
-
-442) The --without-sendmail option now works on systems with
- a /usr/include/paths.h file that defines _PATH_SENDMAIL.
-
-443) Removed the "secure_path" Defaults option as it does not work and
- cannot work until the parser is overhauled.
-
-444) Added new -P flag and "preserve_groups" sudoers option to cause
- sudo to preserve the group vector instead of setting it to that
- of the target user. Previously, if the target user was root
- the group vector was not changed. Now it is always changed unless
- the -P flag or "preserve_groups" option was given.
-
-445) If find_path() fails as root, try again as the invoking user (useful
- for NFS). Idea from Chip Capelik.
-
-446) Use setpwent()/endpwent() and its shadow equivalents to be sure
- the passwd/shadow file gets closed.
-
-447) Use getifaddrs(3) to get the list of network interfaces if it is
- available.
-
-448) Dump list of local IP addresses and environment variables to clear
- when 'sudo -V' is run as root.
-
-449) Reorganized the lexer a bit and added more states. Sudo now does a
- better job of parsing command arguments in the sudoers file.
-
-450) Wrap each call to syslog() with openlog()/closelog() since some
- things (such as PAM) may call closelog(3) behind sudo's back.
-
-451) The LOGNAME and USER environment variables are now set if the user
- specified a target uid and that uid exists in the password database.
-
-452) configure will no longer add the -g flag to CFLAGS by default.
-
-453) Now call pam_setcreds() to setup creds for the target user when
- PAM is in use. On Linux this often sets resource limits.
-
-454) If "make install" is run by non-root and the destination dir
- is writable, install things normally but don't set owner and mode.
-
-455) The Makefile now supports installing in a shadow hierarchy
- specified via the DESTDIR variable.
-
-456) config.h.in is now generated by autoheader.
-
-Sudo 1.6.4 released.
-
-457) Move the call to rebuild_env() until after MODE_RESET_HOME is set.
- Otherwise, the set_home option has no effect.
-
-458) Fix use of freed memory when the "fqdn" flag is set. This was
- introduced by the fix for the "segv when gethostbynam() fails" bug.
-
-459) Add 'continue' statements to optimize the switch statement.
- From Solar Designer.
-
-Sudo 1.6.4p1 released.
-
-460) Some special characters were not being escaped properly (e.g. '\,')
- in command line arguments and would cause a syntax error instead.
-
-461) "sudo -l" would not work if the always_set_home option was set.
-
-462) Added a configure option to disable use of POSIX saved IDs for
- operating systems where these are broken.
-
-463) The SHELL environment variable was preserved from the user's environment
- instead of being reset based on the passwd database even when the
- "env_reset" option was set.
-
-Sudo 1.6.4p2 released.
-
-464) Added a configure option to cause mail sent by sudo to be run as
- the invoking user instead of root. Some people consider this to
- be safer.
-
-465) If the mailer is being run as root, use a hard-coded environment
- that is not influenced in any way by the invoking user's environment.
-
-466) Fixed the call to skeyaccess(). Patch from Phillip E. Lobbes.
-
-Sudo 1.6.5 released.
-
-467) Visudo could access memory that was already freed.
-
-468) If the skey.access file denied use of plaintext passwords sudo
- would exit instead of allowing the user to enter an S/Key.
-
-Sudo 1.6.5p1 released.
-
-469) Older versions of BSDi have getifaddrs() but no freeifaddrs().
-
-470) BSDi has a fake setreuid() as do certain versions of FreeBSD and NetBSD.
-
-471) Ignore the return value of pam_setcred(). In Linux-PAM 0.75,
- pam_setcred() will return PAM_PERM_DENIED even if the setcred function
- of the module succeeds when pam_authenticate() has not been called.
-
-472) Avoid giving PAM a NULL password response, use the empty string instead.
- This avoids a log warning when the user hits ^C at the password prompt
- when Linux-PAM is in use. This also prevents older versions of
- Linux-PAM from dereferencing the NULL pointer.
-
-473) The user's password was not zeroed after use when AIX authentication,
- BSD authentication, FWTK or PAM was in use.
-
-Sudo 1.6.5p2 released.
-
-474) Fixed compilation problem on HP-UX 9.x.
-
-475) Moved call to endpwent() and added a call to endgrent().
-
-476) Fixed a warning conflicting declaration of VOID with AFS.
-
-477) Fixed a security hole in prompt rewriting found by Global InterSec.
-
-Sudo 1.6.6 released.
-
-478) Wildcards now work correctly in the env_keep Defaults directive.
-
-479) Added support for non-root timestamp dirs. This allows the timestamp
- dir to be shared via NFS (though this is not recommended).
-
-480) Removed double printing of bad environment variable table in -V mode.
-
-481) configure script has been regenerated with autoconf 2.5.7.
- This required some changes to configure.in.
-
-482) Fixed a compilation problem on SunOS; thanks to Alek O. Komarnitsky.
-
-483) SecurID 5.0 API support from Michael Stroucken.
-
-484) Restore state of signal handlers to what we had upon startup.
- Fixes a problem when using sudo with nohup; thanks to Paul Markham.
-
-485) Revamp set_perms() to use setresuid() or setreuid() when available
- in preference to POSIX stuff since they allow us to properly
- implement "stay_setuid" whereas POSIX does not really.
-
-486) In strict mode sudo did not throw an error for undefined User_Aliases.
-
-487) Fixed a Makefile bug on IRIX.
-
-488) Write the prompt *after* turning off echo to avoid some password
- characters being echoed on heavily-loaded machines with fast typists.
-
-489) Added %U and %H escapes in the prompt and fixed treatment of %%.
-
-490) Visudo will now add a final newline to sudoers if the user's editor
- not add one before EOF.
-
-491) The lexer state is now reset to its initial value on EOF.
- Previously, the state was not reset between parser invocations
- which could cause problems for visudo in rare cases.
-
-492) Added support for Defaults that apply based on the RunasUser.
-
-493) Sudo now includes copies of strlc{at,py} and uses them throughout.
-
-494) Sudo is now careful to avoid interger overflow when allocating
- memory. This is one of those "should not happen" situations.
-
-495) Added a configure option (--with-stow) to make sudo compatible
- with GNU stow.
-
-496) auth/kerb5.c now compiles under Heimdal.
-
-497) The volatile prefix is used in the hopes of preventing compilers
- from optimizing away memory zeroing. Unfortunately, this results
- in some warnings from gcc.
-
-498) Better Kerberos IV/V support in the configure script.
-
-499) Fixed a logic thinko in the SIGCHLD handler that caused problems
- with rlogin on HP-UX.
-
-500) configure now adds -R to LDFLAGS when it adds -L for Solaris and
- SVR4. There is a configure option, --with-rpath, to control this.
-
-501) On AIX, configure will pass extra directory paths to the linker
- via the -blibpath ld option. This is only active when additional
- library paths are used. It may be disabled via the
- --without-blibpath configure option.
-
-502) The --with-skey and --with-opie configure options now take
- an optional directory argument that should have an include and
- lib dir for the skey/opie include file and library respectively.
-
-Sudo 1.6.7 released.
-
-503) Fixed false positives in the overflow detection of expand_prompt().
-
-Sudo 1.6.7p1 released.
-
-504) An unterminated comment broke Kerberos V authentication.
-
-505) The krb5-config script is used to determine Kerberos V CPPFLAGS
- and LDFLAGS/LIBS if it exists.
-
-506) Backed out changes to mkinstalldirs from autoconf 2.57 that
- caused problems on Tru64 Unix.
-
-Sudo 1.6.7p2 released.
-
-507) Kerberos V support should work on latest MIT Kerberos V and Heimdal.
-
-Sudo 1.6.7p3 released.
-
-508) Fixed remaining Kerberos V issues with MIT Kerberos V and old Heimdal.
-
-Sudo 1.6.7p4 released.
-
-509) Fixed a typo that caused a compilation error on Heimdal.
-
-510) Darwin (MacOS X) doesn't have a real setreuid() system call.
-
-511) Fixed a problem with large numbers of environment variables.
-
-Sudo 1.6.7p5 released.
-
-512) Fixed a problem on FreeBSD when the user is only listed in NIS (not
- master.passwd) and netgroups are used in the master.passwd file.
-
-513) BSD-style warn/err functions are now used throughout.
-
-514) Fixed the --with-stow configure option
-
-515) Added a "sudo_lecture" option that points to a file containing a custom
- lecture.
-
-516) The username in a log entry is no longer truncated at 8 characters.
-
-517) A new tag, NOEXEC, will prevent a dynamically-linked program being run
- by sudo from executing another program (think shell escapes).
- Because this uses LD_PRELOAD it has no effect on static binaries.
- Idea from Reznic Valery.
-
-518) TIS fwtk authentication now supports fwtk 2.0 and higher.
-
-519) Sudo will now try to stat the command to be run as the user
- specified by the -u flag if the stat fails as root. Fixes
- an NFS issue.
-
-520) Added Stan Lee / Uncle Ben quote to the lecture (from RedHat).
-
-521) Added a -i option to simulate an initial login similar to "su -".
- Originally based on a patch from David J. MacKenzie.
-
-522) Added a -e option to edit files the with uid of the invoking user.
- This prevents the user from editing other files or running commands
- as the target user. If sudo is run as "sudoedit" the -e flag is implied.
-
-523) If sudo is used to run as root shell, further sudo commands will
- be logged as run by the user specified by the SUDO_USER environment
- variable. In -e mode (sudoedit), SUDO_USER is used to determine
- what user to run the editor when the real uid is 0.
-
-524) Merged in LDAP support from Aaron Spangler.
-
-525) Added the --with-pc-insults configure to replace politically
- incorrect insults with ones from Alek O. Komarnitsky.
-
-526) Added start_tls support from Gudleik Rasch <gudleik at rastamatra.org>.
-
-527) A uid specified in sudoers now matches the user specified by the
- -u flag even if the -u flag specified a name, not a uid.
-
-528) /tmp/.odus is no longer used for timestamps by default. One of
- /var/run/sudo, /var/adm/sudo or /usr/adm/sudo is used depending
- on what directories exist.
-
-529) Quoting globbing characters with a backslash now works as documented.
-
-530) A negated user/uid in a runas list was not treated the same as a
- negated command (it did not override a previously allowed entry).
- Now it does.
-
-531) Added support for Tandem NSK and other systems w/o seteuid().
-
-532) The timeout on password reading is now done via alarm(), not select().
-
-533) Fixed several issues when closing all open descriptors. Sudo now uses
- closefrom() if it exists, using /proc/$$/fd if possible.
-
-534) Use PATH_MAX, not MAXPATHLEN since the former is standardized.
-
-535) Added a check in visudo for runas_default being used before it
- was set.
-
-536) If the target user == invoking user a password is no longer required.
-
-537) PAM support now uses Use pam_acct_mgmt() to check for disabled accounts
- (from Brian Farrell).
-
-538) The sudoers file is now parsed as the runas user in all cases instead
- of root. This fixes some issues with running NFS-mounted commands.
-
-539) Sudo now produces a sensible error message when the targetpw
- Defaults option is set and a non-existent uid is specified via -u.
-
-Sudo 1.6.8 released.
-
-540) Now find the command base and fill in struct stat earlier.
-
-541) sudoedit now re-opens the temp file as the invoking user.
-
-542) struct timespec is used throughout the code base.
-
-543) Added --with-ldap-conf-file option to override /etc/ldap.conf
-
-544) Added SSL tls_* certificate checking options when using LDAP.
-
-545) Sudoedit will now only attempt to edit regular files or links.
-
-546) Sudo now uses futime() or futimes() where possible.
-
-547) Updated sample.pam to a current version.
-
-548) Better detection of unchanged files in sudoedit.
-
-Sudo 1.6.8p1 released.
-
-549) Bash exported functions are now stripped from the environment passed
- to the program to be executed.
-
-Sudo 1.6.8p2 released.
-
-550) The CDPATH variable is now stripped from the environment passed
- to the program to be executed.
-
-551) Fix temp file generation on systems where the _PATH_VARTMP macro
- lacks a trailing slash.
-
-Sudo 1.6.8p3 released.
-
-552) The KRB5CCNAME environment variable is preserved during sudo
- execution for password lookups that use GSSAPI.
-
-Sudo 1.6.8p4 released.
-
-553) Added a configure check for systems with a 2-argument version of
- timespecsub (like BSD/OS).
-
-554) Added stub struct defintions to sudo.h to quiet compiler warnings
- on some systems.
-
-555) In sudoers Defaults lines, tuples like "lecture" may now be used
- without a value, restoring their old boolean-like nature.
-
-556) Invalid values for a tuple are now handled correctly.
-
-Sudo 1.6.8p5 released.
-
-557) Added a set of missing braces needed for MacOS X / Darwin.
-
-558) Define LDAP_OPT_SUCCESS for those without it.
-
-Sudo 1.6.8p6 released.
-
-559) Warn if the user tries to use the -u option when not running a command.
-
-560) Better PAM error handling and messages.
-
-561) Fixed setting of $USER when env_reset is enabled.
-
-Sudo 1.6.8p7 released.
-
-562) Fixed noexec functionality on Linux.
-
-563) Fixed minor format string mismatches in some error cases.
-
-564) Fixed a bug that prevented Heimdal authentication from working.
-
-Sudo 1.6.8p8 released.
-
-565) Updated config.guess and config.sub entries for OpenBSD.
-
-566) A sudoers entry with sudo ALL no longer overwrites the value of
- safe_cmnd.
-
-Sudo 1.6.8p9 released.
-
-567) Added PS4 and SHELLOPTS to the list of variables to remove from
- the environment.
-
-Sudo 1.6.8p10 released.
-
-567) Added JAVA_TOOL_OPTIONS to the list of variables to remove from
- the environment.
-
-Sudo 1.6.8p11 released.
-
-567) Added PERLLIB, PERL5LIB and PERL5OPT to the list of variables to
- remove from the environment.
-
-Sudo 1.6.8p12 released.
-
-568) Fixed a file descriptor leak when the lecture file option is enabled.
-
-569) Added to the list of variables to remove from the environment.
-
-570) Fixed a Kerberos V security issue that could allow a
- user to authenticate using a fake KDC.
-
-571) Pulled in updated configure and libtool from sudo 1.7.
-
-572) PAM is now the default on systems where it is supported.
-
-573) Removed POSIX saved uid use; the stay_setuid option now
- requires the setreuid() or setresuid() functions to work.
-
-574) Regenerated configure with up to date autoconf and libtool.
-
-575) Fixed fd leak when lecture file option is enabled.
-
-576) Removed used of POSIX saved uids. The stay_setuid
- option now requires setreuid() or setresuid().
-
-577) PAM fixes. If the user enters ^C at the password prompt,
- abort instead of trying to authenticate with an empty password
- (which causes an annoying delay). Also Call pam_open_session()
- and pam_close_session() to give pam_limits a chance to run.
-
-578) Security fix for Kerberos5. If we cannot get a valid service
- key using the default keytab it is a fatal error. Now uses
- krb5_verify_user() and krb5_init_secure_context() if they
- are available.
-
-579) Fixed securid5 authentication.
-
-580) Added fcntl F_CLOSEM support to closefrom().
-
-581) Added NOEXEC support for AIX 5.3.
-
-582) Sudo now uses the supplemental group vector for matching.
- This fixes problems with split group lines in /etc/group
- as well as multiple group sources in nsswitch.conf.
-
-583) Added more environment variables to remove by default.
-
-584) Mail from sudo now includes an Auto-Submitted: auto-generated
- header ala rfc 3834.
-
-585) Reworked the environment handling code.
-
-586) Remove the --with-execv option, it was not useful.
-
-587) Use TCSADRAIN instead of TCSAFLUSH in tgetpass() since
- some OSes have issues with TCSAFLUSH.
-
-588) Use glob(3) instead of fnmatch(3) for matching pathnames
- and stat() each result that matches the basename of the user's
- command. This makes "cd /usr/bin ; sudo ./blah" work when
- sudoers allows /usr/bin/blah.
-
-589) Reworked the syslog long line splitting code based on changes
- from Eygene Ryabinkin.
-
-590) Sudo can now with deal more than 32 network interfaces on
- Solaris.
-
-591) Visudo will now honor command line arguments in the EDITOR or
- VISUAL environment variables if env_editor is enabled.
-
-592) LDAP now honors rootbinddn, timelimit and bind_timelimit in
- /etc/ldap.conf.
-
-593) For LDAP, do a sub tree search instead of a base search (one
- level in the tree only) for sudo right objects. This allows
- system administrators to categorize the rights in a tree to
- make them easier to manage.
-
-594) The env_reset option is now enabled by default. Commands run
- through sudo now receive a minimal environment with certain
- variables passed through and/or checked. The list of variables
- allowed is configurable via the env_keep and env_check options
- in sudoers.
-
-595) Added support for Solaris 10 resource control limits using
- the "project" interface.
-
-596) Moved LDAP schema data into separate files.
-
-597) Sudo no longer assumes that gr_mem in struct group is non-NULL.
-
-598) Added support for setting environment variables on the command
- line if the command has the SETENV attribute set in sudoers.
-
-599) Added a -E flag to preserve the environment if the SETENV attribute
- has been set.
-
-600) The sudoers2ldif script now parses Runas users.
-
-601) The -- flag now behaves as documented.
-
-602) sudo -k/-K no longer cares if the timestamp is in the future.
-
-603) When searching for the command, sudo now uses the effective gid
- of the runas user.
-
-604) Sudo no longer updates the timestamp if not validated by sudoers.
-
-605) Now rebuild environment regardless of how sudo was invoked.
-
-606) More accurate usage() when called as sudoedit.
-
-607) Command line environment variables are now treated like
- normal environment variables unless the SETENV tag is set.
-
-608) Better explanation of environment handling in the sudo man page.
-
-Sudo 1.6.9 released.
-
-609) Worked around a bug ins some PAM implementations that caused a crash
- when no tty was present.
-
-610) Fixed a crash on some platforms in the error logging function.
-
-611) Documentation improvements.
-
-Sudo 1.6.9p1 released.
-
-612) Fixed updating of the saved environment when the environ pointer
- gets changed out from underneath us.
-
-Sudo 1.6.9p2 released.
-
-613) Fixed a bug related to supplemental group matching introduced
- in 1.6.9.
-
-Sudo 1.6.9p3 released.
-
-614) Added IPv6 support from YOSHIFUJI Hideaki.
-
-615) Fixed sudo_noexec installation path.
-
-616) Fixed a K&R compilation error.
-
-Sudo 1.6.9p4 released.
-
-617) Fixed a bug in the IP address matching introduced by the IPV6 merge.
-
-618) For "visudo -f file" we now use the permissions of the original file
- and not the hard-coded sudoers owner/group/mode. This makes
- it possible to use visudo with a revision control system.
-
-619) Fixed sudoedit when used on a non-existent file.
-
-620) Regenerated configure using autoconf 2.6.1 and libtool 1.5.24.
-
-621) Groups and netgroups are now valid in an LDAP sudoRunas statement.
-
-Sudo 1.6.9p5 released.
-
-622) Worked around bugs in the session support of some PAM implementations.
- The full tty path is now passed to PAM as well.
-
-623) Sudo now only prints the password prompt if the process is in the
- foreground.
-
-624) inttypes.h is now included when appropriate if it is present.
-
-625) Simplified alias allocation in the parser.
-
-Sudo 1.6.9p6 released.
-
-626) Go back to using TCSAFLUSH instead of TCSADRAIN when turning
- off echo in tgetpass().
-
-627) Fixed addition of -lutil for logincap on FreeBSD and NetBSD.
-
-628) Add configure check for struct in6_addr since some systems define
- AF_INET6 but have no real IPv6 support.
-
-Sudo 1.6.9p7 released.
-
-629) Fixed a bug where a sudoers entry with no runas user specified
- was treated differently from a line with the default runas
- user specified.
-
-Sudo 1.6.9p8 released.
-
-630) The ALL command in sudoers now implies SETENV permissions.
-
-631) The command search is now performed using the target user's
- auxiliary group vector too.
-
-632) When determining if the PAM prompt is the default "Password: ",
- compare the localized version if possible.
-
-633) Added passprompt_override flag to sudoers to cause sudo's prompt
- to be used in all cases. Also set when the -p flag is used.
-
-Sudo 1.6.9p9 released.
-
-634) Moved LDAP options into a table for simplified parsing/setting.
-
-635) Fixed a problem with how some LDAP options were being applied.
-
-636) Added support for connecting directly to LDAP servers via SSL
- in addition to the existing start_tls support.
-
-Sudo 1.6.9p10 released.
-
-637) Fixed a compilation problem on SCO related to how they
- store the high resolution timestamps in struct stat.
-
-638) Avoid checking the passwd file group multiple times
- in the LDAP query when the user's passwd group is also
- listed in the supplemental group vector.
-
-639) The URI specifier can now be used in ldap.conf even when
- the LDAP SDK doesn't support ldap_initialize().
-
-640) New %p prompt escape that expands to the user whose password
- is being prompted, as specified by the rootpw, targetpw and
- runaspw sudoers flags. Based on a diff from Patrick Schoenfeld.
-
-Sudo 1.6.9p11 released.
-
-641) Added a configure check for the ber_set_option() function.
-
-642) Fixed a compilation problem with the HP-UX K&R C compiler.
-
-643) Revamped the Kerberos 5 ticket verification code.
-
-644) Added support for the checkpeer ldap.conf variable for
- netscape-based LDAP SDKs.
-
-645) Fixed a problem where an incomplete password could be echoed
- to the screen if there was a read timeout.
-
-Sudo 1.6.9p12 released.
-
-646) Sudo will now set the nproc resource limit to unlimited on Linux
- systems to work around Linux's setuid() resource limit semantics.
- On PAM systems the resource limits will be reset by pam_limits.so
- before the command is executed.
-
-647) SELinux support that can be used to implement role based access
- control (RBAC). A role and (optional) type may be specified
- in sudoers or on the command line. These are then used in the
- security context that the command is run as.
-
-648) Fixed a Kerberos 5 compilation problem with MIT Kerberos.
-
-Sudo 1.6.9p13 released.
-
-649) Fixed an invalid assumption in the PAM conversation function
- introduced in version 1.6.9p9. The conversation function may
- be called for non-password reading purposes as well.
-
-650) Fixed freeing an uninitialized pointer in -l mode, introduced in
- version 1.6.9p13.
-
-651) Check /etc/sudoers after LDAP even if the user was found in LDAP.
- This allows Defaults options in /etc/sudoers to take effect.
-
-652) Add missing checks for enforcing mode in SELinux RBAC mode.
-
-Sudo 1.6.9p14 released.
-
-653) Fixed installation of sudo_noexec.so on AIX.
-
-654) Updated libtool to version 1.5.26.
-
-655) Fixed printing of default SELinux role and type in -V mode.
-
-656) The HOME environment variable is once again preserved by default,
- as per the documentation.
-
-Sudo 1.6.9p15 released.
-
-657) There was a missing space before the ldap libraries in the Makefile
- for some configurations.
-
-658) LDAPS_PORT may not be defined on older Solaris LDAP SDKs.
-
-659) If the LDAP server could not be contacted and the user was not present
- in sudoers, a syntax error in sudoers was incorrectly reported.
-
-Sudo 1.6.9p16 released.
-
-660) The -i flag should imply resetting the environment, as it did in
- sudo version prior to 1.6.9. Also, the -i and -E flags are
- mutually exclusive.
-
-661) Fixed the configure test for dirfd() under Linux.
-
-662) Fixed test for whether -lintl is required to link.
-
-663) Changed how sudo handles the child process when sending mail.
- This fixes a problem on Linux with the mail_always option.
-
-664) Fixed a problem with line continuation characters inside of
- quoted strings.
-
-Sudo 1.6.9p17 released.
-
-665) Fixed a crash when the -i flag was used with a uid not in the password
- database.
-
-666) Regenerated parser to pull in a yacc skeleton fix.
-
-667) Sudo now operates in the C locale again when doing a match against
- sudoers.
-
-668) Fixed a potential crash when a glob matches a large number of files.
-
-669) Fixed compilation problem with certain versions of Heimdal krb5 related
- to krb5_get_init_creds_opt_free().
-
-670) When setting the umask, use the union of the user's umask and the
- default value set in sudoers so that we never lower the user's
- umask when running a command.
-
-671) Sudo now supports 64-character host names.
-
-672) Fixed a problem with the SELinux support for "sudo -l".
-
-673) When doing a wildcard match against a filename, sudo will now only
- check the filesystem if the basename of the path matches, or if
- the basename itself contains wildcards.
-
-674) Sudo will now unset the AUTHSTATE environment variable on AIX after
- authenticating.
-
-Sudo 1.6.9p18 released.
-
-675) Fixed configuration of SIA authentication on Digital UNIX.
-
-676) Standardize on "option" instead of "flag" when referring to command
- line options in the documentation.
-
-677) Fixed behavior when ^C it entered at the password prompt on MacOS.
-
-Sudo 1.6.9p19 released.
-
-678) Only use the cached supplementory group vector when matching groups
- for the invoking user.
-
-679) Fixed a compilation problem on AIX.
-
-Sudo 1.6.9p20 released.
Modified: trunk/contrib/sudo/ChangeLog
===================================================================
--- trunk/contrib/sudo/ChangeLog 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/ChangeLog 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,29 +1,467 @@
+2011-02-25 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * configure, configure.in:
+ version 1.7.5
+ [9314212577c3] [tip] <1.7>
+
+2011-02-21 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * configure, configure.in, sudo.cat, sudo.man.in, sudoers.cat,
+ sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.man.in,
+ sudoreplay.cat, sudoreplay.man.in, visudo.cat, visudo.man.in:
+ 1.7.5rc1
+ [216ab95b5de0] <1.7>
+
+ * parse_args.c, sudo.c, sudo.pod, sudo_usage.h.in, sudoreplay.c,
+ sudoreplay.pod, visudo.c, visudo.pod:
+ add help text to sudo, visudo and sudoreplay for the -h option
+ [141d348c660b] <1.7>
+
+2011-02-19 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * snprintf.c:
+ avoid using "howmany" for a parameter name since it is a select-
+ related macro
+ [6b6c2d504103] <1.7>
+
+ * Makefile.in:
+ add localstatedir; closes bug 471
+ [a4778228ae54] <1.7>
+
+ * config.h.in, configure, configure.in, exec.c, exec_pty.c,
+ sudoreplay.c:
+ The howmany macro lives in sys/sysmacros.h on SVR5 systems Closes
+ Bug 470
+ [be5dff63ff5d] <1.7>
+
+ * exec.c:
+ SVR5 systems return non-zero for success on socketpair(), check for
+ -1 instead. Closes Bug 469
+ [13ac9d0e0934] <1.7>
+
+2011-02-17 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * auth/afs.c:
+ Move afs includes to be before sudo ones
+ [fbe0bdcf5798] <1.7>
+
+ * config.h.in, configure, configure.in:
+ No longer use vhangup
+ [9fce94512df9] <1.7>
+
+2011-02-14 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * sudo_nss.c:
+ Avoid printing empty "Runas and Command-specific defaults for user"
+ line.
+ [3df2925f9982] <1.7>
+
+ * lbuf.c:
+ Truncate the buffer at buf.len before printing in the non-wordwrap
+ case.
+ [23a31b8d95b8] <1.7>
+
+ * lbuf.c:
+ Remove extra newline when the tty width is very small or unavailable
+ [32fa0b3ea47a] <1.7>
+
+2011-02-13 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * configure, configure.in, sudo.cat, sudo.man.in, sudoers.cat,
+ sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.man.in,
+ sudoreplay.cat, sudoreplay.man.in, visudo.cat, visudo.man.in:
+ 1.7.5b5
+ [0937b9bff020] <1.7>
+
+ * pp:
+ don't remap numeric uids/gids to names; if the user specified and id
+ instead of a name, they probably mean it
+ [2b81d57de4a4] <1.7>
+
+2011-02-11 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * alias.c:
+ Remove unneeded variable.
+ [23329353f964] <1.7>
+
+2011-02-09 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * configure, configure.in:
+ Prefer getutxid over getutid
+ [e89811f0e4da] <1.7>
+
+ * boottime.c:
+ Include utmp.h / utmpx.h before missing.h as apparently including it
+ afterwards causes a compilation problem on GNU Hurd.
+ [d62781e31b27] <1.7>
+
+2011-02-07 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * configure, configure.in, sudo.cat, sudo.man.in, sudoers.cat,
+ sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.man.in,
+ sudoreplay.cat, sudoreplay.man.in, visudo.cat, visudo.man.in:
+ 1.7.5b4
+ [4b8a9632fe59] <1.7>
+
+ * exec.c, missing.h, sudo.c, toke.h:
+ fix K&R compilation
+ [23ebea9c2183] <1.7>
+
+ * mksiglist.c:
+ Fix typo
+ [1587615a186f] <1.7>
+
+ * Makefile.in, toke.h, toke.l, toke_util.c:
+ Split tokenizer utility functions out into toke_util.c
+ [88148d0b9338] <1.7>
+
+ * alloc.c, bsm_audit.c, check.c, closefrom.c, sudo_nss.c, visudo.c:
+ Cosmetic changes to make diffing against trunk easier.
+ [95bdfcc29a22] <1.7>
+
+ * exec.c, exec_pty.c, mon_systrace.c, sudo.h, sudo_exec.h,
+ sudoreplay.c, tgetpass.c:
+ Use RETSIGTYPE for signal handlers.
+ [5ea1f34d1aab] <1.7>
+
+ * sudo_exec.h:
+ Use special values SIGCONT_FG and SIGCONT_BG instead of SIGUSR1 and
+ SIGUSR2 to indicate whether the child should be continued in the
+ foreground or background.
+ [9fec5a258d57] <1.7>
+
+2011-02-06 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * getspwuid.c:
+ Merge trunk version
+ [cd44ef67e57d] <1.7>
+
+ * exec_pty.c:
+ Use special values SIGCONT_FG and SIGCONT_BG instead of SIGUSR1 and
+ SIGUSR2 to indicate whether the child should be continued in the
+ foreground or background.
+ [6305babcf6bd] <1.7>
+
+ * exec.c:
+ If perform_io() fails, kill the child before exiting so it doesn't
+ complain about connection reset. We can get an I/O error if, for
+ example, and we get EIO reading from stdin.
+ [ca28e0a25698] <1.7>
+
+2011-02-05 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * error.c, fileops.c, fnmatch.c, getcwd.c, getprogname.c, gettime.c,
+ glob.c, isblank.c, memrchr.c, mksiglist.c, mkstemps.c, nanosleep.c,
+ setsid.c, sigaction.c, snprintf.c, strcasecmp.c, strerror.c,
+ strlcat.c, strlcpy.c, strsignal.c, sudo_noexec.c, sudoreplay.c,
+ utimes.c, vasgroups.c, zero_bytes.c:
+ Make local includes consistent; use double quotes for local includes
+ [ec9d52fff4b3] <1.7>
+
+2011-02-04 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * error.c, getprogname.c, memrchr.c, sigaction.c, strcasecmp.c,
+ strerror.c, strlcat.c, strlcpy.c, strsignal.c, zero_bytes.c:
+ Must include config.h before any other headers.
+ [3c23ec625df0] <1.7>
+
+ * aclocal.m4, configure:
+ fix --with-iologdir=no
+ [ef60ca8b3789] <1.7>
+
+ * aclocal.m4, configure:
+ fix typo that broke --with-iologdir
+ [fca175fdfd81] <1.7>
+
+2011-02-03 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * NEWS:
+ sync for 1.7.5b3
+ [744e2e78ef5a] <1.7>
+
+ * configure, configure.in, sudo.cat, sudo.man.in, sudoers.cat,
+ sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.man.in,
+ sudoreplay.cat, sudoreplay.man.in, visudo.cat, visudo.man.in:
+ 1.7.5b3
+ [7a24576e35ac] <1.7>
+
+ * sudoers.cat, sudoers.man.in, sudoers.pod:
+ Attempt to clarify how users and groups interact in Runas_Specs
+ [9e8c2fb328d0] <1.7>
+
+ * exec.c, exec_pty.c:
+ Do not handle SIGARLM specially, just pass it through.
+ [944978b640b5] <1.7>
+
+ * exec.c, exec_pty.c:
+ Pass SIGUSR1/SIGUSR2 through to the child.
+ [774506c977df] <1.7>
+
+ * exec.c:
+ Made tcsetpgrp() bits conditional on HAVE_TCSETPGRP
+ [386f69132ad4] <1.7>
+
+ * exec.c:
+ Use pid_t not int and check the return value of kill()
+ [5f15c3304a1d] <1.7>
+
+2011-02-02 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * exec.c:
+ In non-pty mode before continuing the child, make it the foreground
+ pgrp if possible. Fixes resuming a shell.
+ [dfaadefcc6c6] <1.7>
+
+ * exec_pty.c:
+ If we get a signal other than SIGCHLD in the monitor, pass it
+ directly to the child.
+ [7e638105bfaf] <1.7>
+
+ * exec.c, exec_pty.c, sudo.h:
+ Save signal state before changing handlers and restore before we
+ execute the command.
+ [83278957e630] <1.7>
+
+2011-02-01 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * toke.c, toke.l:
+ match quoted strings the same way whether in a Defaults line or as a
+ user/group/netgroup name. Fixes escaped double quotes in quoted
+ user/group/netgroup names.
+ [c2b486b12951] <1.7>
+
+ * iolog.c:
+ Use a char array to map a number to a base36 digit.
+ [d626ded3312d] <1.7>
+
+ * sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.ldap.pod:
+ Be clear about what versions of sudo support new LDAP attributes.
+ Fix up some formatting of attribute names. Minor other tweaks.
+ [f7bd586ec755] <1.7>
+
+2011-01-31 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * sudoers2ldif:
+ Add sudoOrder attribute to each entry Parse LOG_{INPUT,OUTPUT} tags
+ [05a0d25b0f8d] <1.7>
+
+2011-01-30 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * UPGRADE:
+ Mention LDAP attribute compatibility status.
+ [adb74ad2331b] <1.7>
+
+2011-01-28 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * README.LDAP:
+ Mention phpQLAdmin
+ [5d80d6291142] <1.7>
+
+ * INSTALL, NEWS, config.h.in, configure, configure.in, defaults.c,
+ sudoers.man.in, sudoers.pod:
+ Add --disable-env-reset configure option.
+ [803ce2f4d85c] <1.7>
+
+ * sudoers.cat, sudoers.man.in, sudoers.pod:
+ Document that sudoers_locale also affects logging and email.
+ [080dd4338374] <1.7>
+
+ * NEWS, config.h.in, configure, configure.in, logging.c:
+ Do logging and email sending in the locale specified by the
+ "sudoers_locale" setting ("C" by default). Email send by sudo
+ includes MIME headers when the sudoers locale is not "C".
+ [592e5b2a3d10] <1.7>
+
+2011-01-25 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * NEWS, sudo.c:
+ Perform command escaping for "sudo -s" and "sudo -i" after
+ validating sudoers so the sudoers entries don't need to have all the
+ backslashes.
+ [7d39ea9924e4] <1.7>
+
+2011-01-24 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * logging.c:
+ Prepend "list " to the command logged when "sudo -l command" is used
+ to make it clear that the command was listed, not run.
+ [9bcd40c1bfe9] <1.7>
+
+ * parse.c:
+ cosmetic change
+ [8ce3d60d910d] <1.7>
+
+ * aix.c, alias.c, alloc.c, auth/afs.c, auth/aix_auth.c,
+ auth/bsdauth.c, auth/dce.c, auth/fwtk.c, auth/kerb4.c, auth/kerb5.c,
+ auth/pam.c, auth/passwd.c, auth/rfc1938.c, auth/secureware.c,
+ auth/securid.c, auth/securid5.c, auth/sia.c, bsm_audit.c, check.c,
+ defaults.c, env.c, exec.c, exec_pty.c, fileops.c, find_path.c,
+ fnmatch.c, get_pty.c, getcwd.c, getline.c, getprogname.c,
+ getspwuid.c, gettime.c, glob.c, goodpath.c, gram.c, gram.y, iolog.c,
+ isblank.c, lbuf.c, ldap.c, list.c, logging.c, match.c, memrchr.c,
+ mkstemps.c, mon_systrace.c, nanosleep.c, parse.c, parse_args.c,
+ pwutil.c, redblack.c, set_perms.c, sigaction.c, snprintf.c,
+ strerror.c, strlcat.c, strlcpy.c, strsignal.c, sudo.c,
+ sudo_noexec.c, sudo_nss.c, sudoreplay.c, term.c, testsudoers.c,
+ tgetpass.c, timestr.c, toke.c, toke.l, tsgetgrpw.c, utimes.c,
+ vasgroups.c, visudo.c:
+ standardize on "return foo;" rather than "return(foo);" or "return
+ (foo);"
+ [e05dd17dcec4] <1.7>
+
+ * NEWS:
+ sync
+ [bedc1e1bc7f8] <1.7>
+
+ * sudo.c:
+ Do not reject sudoers file just because it is root-writable.
+ [26634f322b04] <1.7>
+
+2011-01-21 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * NEWS:
+ sync
+ [c69b7537a020] <1.7>
+
+ * defaults.c:
+ When setting default iolog_dir, dynamically allocate the string.
+ [7ad2c0cbe865] <1.7>
+
+ * sudo_nss.c:
+ For "sudo -U user -l" if user is not authorized on the host, say so.
+ [9eb5673f2f22] <1.7>
+
+ * ldap.c:
+ In sudo_ldap_lookup(), always do the initial sudoers check as the
+ invoking user. If we are listing another user's privs we will do a
+ separate lookup using list_pw later.
+ [9b3ab41de717] <1.7>
+
+2011-01-20 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * sudoreplay.c:
+ change an error() to errorx()
+ [5a0409f6c52b] <1.7>
+
+ * sudoers.ldap.man.in, sudoers.ldap.pod:
+ Update copyright year to 2011
+ [8959c05dc270] <1.7>
+
+ * LICENSE, Makefile.in, aclocal.m4, check.c, configure.in, ldap.c,
+ match.c, pwutil.c, sudo_nss.c, sudoers.man.in, sudoers.pod, term.c:
+ Update copyright year to 2011
+ [6367fb76120e] <1.7>
+
+ * ldap.c:
+ Stash pointer to user group vector in LDAP handle and only reuse the
+ query if it has not changed. We always allocate a new buffer when
+ we reset the group vector so a simple pointer check is sufficient.
+ [c129d1acf7d6] <1.7>
+
+ * sudo_nss.c:
+ When listing, use separate lbufs for the defaults and the privileges
+ and only print something if the number of privileges is non-zero.
+ Fixes extraneous Defaults output for "sudo -U unauthorized_user -l".
+ [66aaa54f2865] <1.7>
+
+ * sudo_nss.c:
+ Check initgroups() return value.
+ [973a67304e3b] <1.7>
+
+2011-01-19 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * NEWS:
+ sync
+ [deb822cce3dd] <1.7>
+
2011-01-18 Todd C. Miller <Todd.Miller at courtesan.com>
* term.c:
Clear, don't set, OPOST in c_oflag as was intended in e26055d17b72.
- [eacd774c37c0]
+ [eacd774c37c0] <1.7>
+2011-01-15 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * sudo.c:
+ delref list_pw before exit
+ [0df5a53f3484] <1.7>
+
+2011-01-14 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * mkpkg, sudo.pp:
+ Add Requires line for audit-libs >= 1.4 for RHEL5+
+ [a1b544018f5b] <1.7>
+
+ * pp:
+ sync with git version
+ [eb187023bb73] <1.7>
+
+2011-01-13 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * sudoers.cat, sudoers.man.in, sudoers.pod:
+ fix typo
+ [075e92a756a1] <1.7>
+
+2011-01-12 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * NEWS:
+ Update for sudo 1.7.4p5
+ [11cb87598478] <1.7>
+
+ * schema.OpenLDAP, schema.iPlanet:
+ Add sudoNotBefore and sudoNotAfter attributes as optional attributes
+ to the sudoRole object class. From Andreas Mueller
+ [73357eb1b269] <1.7>
+
2011-01-11 Todd C. Miller <Todd.Miller at courtesan.com>
+ * NEWS:
+ Mention "sudo -g group" password check fix.
+ [8299a2d939e8] <1.7>
+
* check.c:
If the user is running sudo as himself but as a different group we
need to prompt for a password.
- [fe8a94f96542]
+ [fe8a94f96542] <1.7>
2011-01-10 Todd C. Miller <Todd.Miller at courtesan.com>
+ * NEWS, config.h.in, configure, configure.in, ldap.c,
+ sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.ldap.pod:
+ Add support for TIMEOUT in ldap.conf, mapping to the OpenLDAP
+ LDAP_OPT_TIMEOUT. There is no corresponding option for mozilla-
+ derived LDAP SDKs but we can pass the timeout parameter to
+ ldap_search_ext_s() or ldap_search_st() when possible.
+ [8f9303326db7] <1.7>
+
+ * sudoers.cat, sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.man.in:
+ regen
+ [d56ad7169e67] <1.7>
+
+ * NEWS, ldap.c, sudoers.ldap.pod:
+ Add NETWORK_TIMEOUT as an alias for BIND_TIMELIMIT for compatibility
+ with OpenLDAP ldap.conf files.
+ [85e33e42c008] <1.7>
+
* pwutil.c:
If user has no supplementary groups, fall back on checking the group
file explicitly.
- [c536ddb16bb6]
+ [c536ddb16bb6] <1.7>
2011-01-04 Todd C. Miller <Todd.Miller at courtesan.com>
+ * NEWS:
+ update
+ [9f6e0ec3142a] <1.7>
+
+ * Makefile.in:
+ Use "mv -f" when regenerating ChangeLog
+ [b322b5995e7f] <1.7>
+
* match.c:
Fix NULL dereference with "sudo -g group" when the sudoers rule has
no runas user or group listed. Fixes RedHat bug Bug 667103.
- [c51e2be737b2]
+ [c51e2be737b2] <1.7>
2010-12-21 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -30,51 +468,388 @@
* term.c:
Clear OPOST from c_oflag like we used to. Fixes screen-based
editors such as vi.
- [e26055d17b72]
+ [e26055d17b72] <1.7>
* sudoers.pod:
Clarify umask option description. From Reuben Thomas.
- [fb8bdcb54feb]
+ [fb8bdcb54feb] <1.7>
+2010-12-18 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * ldap.c, sudoers.ldap.pod:
+ Pick last match in LDAP sudoers too
+ [607801b83e25] <1.7>
+
+2010-12-10 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * aclocal.m4, configure, configure.in, def_data.c, def_data.h,
+ def_data.in, defaults.c, iolog.c, sudoers.pod:
+ Make the iolog dir configurable in sudoers
+ [2630b2dba1b5] <1.7>
+
+2010-12-07 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * pp:
+ Add missing '*' that prevented the generic ELF case from matching.
+ [b35bbb42736f] <1.7>
+
+ * pp:
+ If file(1) can't identify the ELF binary type, try readelf(1).
+ [8a73092d8898] <1.7>
+
+2010-11-30 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * auth/kerb4.c, check.c, env.c, pwutil.c, sudo.c:
+ Use %u to print uid/gid, not %lu and adjust casts to match.
+ [e4eb94705a54] <1.7>
+
+ * NEWS:
+ Update with latest changes
+ [2c4209b20e3d] <1.7>
+
+ * sudoers.ldap.pod:
+ Clarify ordering of entries and attributes
+ [598748ec3804] <1.7>
+
+ * sudoers.ldap.pod:
+ Fix typo and editing goof.
+ [197a2fe65be5] <1.7>
+
+ * ldap.c:
+ Make sure we don't dereference a NULL handle.
+ [b0026541de1e] <1.7>
+
2010-11-24 Todd C. Miller <Todd.Miller at courtesan.com>
* pp:
Add support for RHEL 6 file modes that include a trailing dot on
files with an SELinux security context
- [fcc1daaf4df0]
+ [fcc1daaf4df0] <1.7>
2010-11-22 Todd C. Miller <Todd.Miller at courtesan.com>
* sudoers.pod:
fix typo; from Michael T Hunter
- [46e70e2063af]
+ [46e70e2063af] <1.7>
+ * match.c:
+ In sudoedit mode, assume command line arguments are paths and pass
+ FNM_PATHNAME to fnmatch().
+ [6087ba0064ff] <1.7>
+
+2010-11-20 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * configure, configure.in:
+ Add workaround for an error in sys/types.h on HP-UX 11.23 when large
+ file support is enabled. Defining _XOPEN_SOURCE_EXTENDED avoids the
+ broken bits of the header file.
+ [12da5b3249a3] <1.7>
+
+ * aclocal.m4:
+ Fix SUDO_MAILDIR usage of AC_LANG_PROGRAM
+ [c0105d26574a] <1.7>
+
+ * testsudoers.c, tsgetgrpw.c, tsgetgrpw.h:
+ Avoid conflicts with system definitions in grp.h and pwd.h
+ [a152522c9f13] <1.7>
+
+ * sudo.pp:
+ For Tru64, strip off beta version.
+ [a16213ec9c27] <1.7>
+
+ * zlib/gzguts.h:
+ Include stdio.h after zlib.h, not before. We need the large file
+ defines to come first.
+ [389ea592d6c2] <1.7>
+
+2010-11-17 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * ldap.c:
+ Enlarge the array of entry wrappers int blocks of 100 entries to
+ save on allocation time. From Andreas Mueller
+ [db8da143e803] <1.7>
+
+ * ldap.c:
+ Add back call to sudo_ldap_timefilter() in sudo_ldap_build_pass2()
+ that was mistakenly dropped.
+ [f6f1103f9971] <1.7>
+
+2010-11-16 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * TROUBLESHOOTING:
+ Mention that sudo needs "ar" to build.
+ [eef95d0abfbe] <1.7>
+
+ * configure, configure.in:
+ Fail with a more useful error if "ar" is not found.
+ [1ef3c8501bf5] <1.7>
+
+2010-11-14 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * ldap.c:
+ Reorder things to avoid most of the extra prototypes.
+ [0541a55deb86] <1.7>
+
+ * ldap.c:
+ Inline sudo_ldap_result_get_entry(), it is always called in
+ situations where the bounds are already checked.
+ [fa65cf4eaf5e] <1.7>
+
+ * ldap.c:
+ Add user_matches and host_matches to struct ldap_result and set them
+ in sudo_ldap_result_get() which is where the user and host checks
+ live. When iterating through the ordered results, take the first
+ match. Remove allowed flag from struct ldap_entry_wrapper, we just
+ use first match.
+ [9a008cd81685] <1.7>
+
+2010-11-13 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * configure, configure.in, sudo.cat, sudo.man.in, sudoers.cat,
+ sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.man.in,
+ sudoreplay.cat, sudoreplay.man.in, visudo.cat, visudo.man.in:
+ Bump version and regen man pages
+ [918433185f26] <1.7>
+
+ * ldap.c, schema.ActiveDirectory, schema.OpenLDAP, schema.iPlanet,
+ sudoers.ldap.pod:
+ Merge in ordered LDAP entry support from Andreas Mueller.
+ [21b8071c2f28] <1.7>
+
+2010-11-11 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * ldap.c, schema.ActiveDirectory, schema.OpenLDAP, schema.iPlanet,
+ sudoers.ldap.pod:
+ Add timed entry support from Andreas Mueller.
+ [10b121c46a1c] <1.7>
+
+ * ldap.c:
+ Use efree() not free() and remove malloc.h include since we never
+ directly call malloc() or free().
+ [f2184b2a0646] <1.7>
+
+2010-11-10 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * Makefile.in, getdate.c, gram.c, toke.c:
+ Include config.h before any other includes to make sure we get the
+ right value for _FILE_OFFSET_BITS.
+ [5a8c12426942] <1.7>
+
+2010-11-09 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * sudo.pp:
+ set PSTAMP for Solaris and move the backend-specific bits to their
+ own %if [xxx] %endif blocks in %set.
+ [0d93cb5d009a] <1.7>
+
+ * pp:
+ sync with git repo
+ [e052d78dde35] <1.7>
+
+2010-11-03 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * Makefile.in:
+ remove zlib/zconf.h for distclean
+ [5cf14594d014] <1.7>
+
+ * sudo.cat, sudo.man.in, sudoers.cat, sudoers.ldap.cat,
+ sudoers.ldap.man.in, sudoers.man.in, visudo.cat, visudo.man.in:
+ regen man pages for 1.7.5
+ [29253a721cfd] <1.7>
+
+ * configure:
+ regen
+ [5b09c0dd9279] <1.7>
+
+ * NEWS:
+ Update 1.7.5 entries.
+ [73a7b2c01db4] <1.7>
+
+2010-11-02 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * Makefile.in:
+ Include zlib in the tar file.
+ [3b7900c3f2af] <1.7>
+
+2010-10-28 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * INSTALL:
+ Better --enable-zlib description
+ [0ca9936a7271] <1.7>
+
+ * mkpkg:
+ Use system zlib on Linux Let configure decide on Solaris For all
+ others, use builtin zlib
+ [58e1b4383b58] <1.7>
+
+ * LICENSE, Makefile.in, config.h.in, configure, configure.in,
+ license.pod, zlib/adler32.c, zlib/compress.c, zlib/crc32.c,
+ zlib/crc32.h, zlib/deflate.c, zlib/deflate.h, zlib/gzclose.c,
+ zlib/gzguts.h, zlib/gzlib.c, zlib/gzread.c, zlib/gzwrite.c,
+ zlib/infback.c, zlib/inffast.c, zlib/inffast.h, zlib/inffixed.h,
+ zlib/inflate.c, zlib/inflate.h, zlib/inftrees.c, zlib/inftrees.h,
+ zlib/trees.c, zlib/trees.h, zlib/uncompr.c, zlib/zconf.h.in,
+ zlib/zlib.h, zlib/zutil.c, zlib/zutil.h:
+ Add local copy of zlib for systems that lack it.
+ [060627a4a413] <1.7>
+
+2010-10-12 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * Makefile.in:
+ Don't overwrite ChangeLog if we can't run hg
+ [8cad8bfce9ee] <1.7>
+
+ * configure, configure.in:
+ HP-UX 10.20 libc has an incompatible getline()
+ [6ae1631c6993] <1.7>
+
+ * visudo.c:
+ Quiet an HP-UX compiler warning.
+ [b8eb3006d68b] <1.7>
+
+2010-10-11 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * pp:
+ Don't use run_as_superuser=false on HP-UX
+ [2a9ec2750082] <1.7>
+
+ * pp:
+ Update from git repo. Debian: version numbers now compliant with
+ policy section 5.6.12 HP-UX: minimal changes needed to work on HP-UX
+ 10.20
+ [cfe38672e358] <1.7>
+
+ * configure, configure.in:
+ Go back to checking whether the compiler is ANSI C when detecting
+ the HP-UX bundled C compiler.
+ [563ef7333662] <1.7>
+
+ * configure, configure.in:
+ Fix syntax error
+ [96048f77d772] <1.7>
+
+ * auth/pam.c:
+ If pam_acct_mgmt() returns PAM_AUTH_ERR print a (hopefully) more
+ useful message and return AUTH_FATAL so sudo does not keep trying to
+ validate the user.
+ [fffa5e51ac47] <1.7>
+
2010-10-07 Todd C. Miller <Todd.Miller at courtesan.com>
+ * exec_pty.c:
+ don't need ws_col here
+ [049b4ef9c9ce] <1.7>
+
* check.c:
Having a timestamp file defined is no longer indicative of tty
tickets being enabled. Check def_tty_tickets directly.
- [6c3803c239d9]
+ [6c3803c239d9] <1.7>
+ * exec_pty.c, lbuf.c:
+ Fix TCGETWINSZ compat.
+ [62233ba46ec7] <1.7>
+
+2010-10-02 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * exec_pty.c, lbuf.c:
+ Prefer newer TIOCGWINSZ ioctl to old TIOCGSIZE
+ [0813e3030b1a] <1.7>
+
2010-10-01 Todd C. Miller <Todd.Miller at courtesan.com>
* set_perms.c:
Sync set_project() with trunk.
- [646fd9bc0537]
+ [646fd9bc0537] <1.7>
+ * ldap.c:
+ When iterating over returned LDAP entries, keep looking at remaining
+ matches even if we have a positive match. This catches negative
+ matches that may exist in other entries and more closely match the
+ sudoers file behavior.
+ [8dce1dedb967] <1.7>
+
+ * pp:
+ Add support for multiple package instances on Solaris.
+ [5bcc048375db] <1.7>
+
* set_perms.c, sudo.c:
Move set_project() into runas_setup(). Fixes a NULL deref when
project support is enabled and sudo's -g flag is used without the
-u flag.
- [6ffd892243ab]
+ [6ffd892243ab] <1.7>
+ * exec.c:
+ Add missing signal_pipe[0] to fdsr for the non-pty case.
+ [3398af88db51] <1.7>
+
+ * mkpkg:
+ Add --with-project for Solaris
+ [25bd2aa83884] <1.7>
+
+ * README:
+ Need ar and ranlib too
+ [d09e632d0a93] <1.7>
+
+2010-09-27 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * env.c:
+ Preserve ODMDIR environment variable by default on AIX.
+ [75266d18e4a7] <1.7>
+
2010-09-21 Todd C. Miller <Todd.Miller at courtesan.com>
* linux_audit.c:
Ignore ECONNREFUSED from audit_log_user_command() which will occur
if auditd is not running.
- [a686884684ca]
+ [a686884684ca] <1.7>
+2010-09-17 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * pp:
+ Sync with git version
+ [9a328aa25c53] <1.7>
+
+2010-09-16 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * defaults.c, fileops.c:
+ Cast isblank argument to unsigned char.
+ [64b9f3bed954] <1.7>
+
+2010-09-14 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * INSTALL, config.h.in, configure, configure.in, defaults.c,
+ sudoers.cat, sudoers.man.in, sudoers.pod:
+ Implement --with-umask-override configure flag.
+ [5065008079df] <1.7>
+
+ * env.c:
+ Take MODE_LOGIN_SHELL into account when initially setting reset_home
+ instead of special-casing it later.
+ [25e6b8419dea] <1.7>
+
+ * sudo.c:
+ In login mode, make a copy of the runas user's pw_shell for
+ NewArgv[0] because 1) we modify it and 2) it will runas_pw gets
+ freed before exec.
+ [4a0851a7688a] <1.7>
+
+ * env.c:
+ Reset HOME for "sudo -i" even if HOME was listed in env_keep.
+ [8dc31006a428] <1.7>
+
+ * sudo.c:
+ Use SIG_SETMASK when resetting signal mask instead of SIG_UNBLOCK.
+ [8751ef94b18d] <1.7>
+
+ * sudo.c:
+ Reset signal mask at sudo startup time; we need to be able to rely
+ on normal signal delivery to control the child process.
+ [c986a4b6a942] <1.7>
+
+ * sigaction.c:
+ Fix SIG_UNBLOCK emulation
+ [f14264f8a0da] <1.7>
+
2010-09-13 Todd C. Miller <Todd.Miller at courtesan.com>
* install-sh:
@@ -81,20 +856,89 @@
Use sed instead of expr to split a flag from its argument. Fixes a
problem with expr interpreting its arguments as a flag when they
start with a dash.
- [16372da8a286]
+ [16372da8a286] <1.7>
+ * lbuf.c:
+ Back out rev e165f67d3127
+ [e9b70079698d] <1.7>
+
+ * lbuf.c:
+ Include sys/time.h for utimes() and struct timeval.
+ [e165f67d3127] <1.7>
+
+ * snprintf.c:
+ Quiet bogus compiler warnings.
+ [176fceb8db3c] <1.7>
+
+ * missing.h:
+ Declare innetgr() for HP-UX which is missing a declaration. Declare
+ domainname() for HP-UX and Solaris which are missing a declaration.
+ [0b4c1296d4da] <1.7>
+
+ * bsm_audit.c:
+ Use __sun for consistency with the rest of the sources.
+ [8f0db6350b3a] <1.7>
+
+ * pwutil.c:
+ Don't try to delref a NULL group.
+ [57e94fc5df3e] <1.7>
+
+ * alloc.c, lbuf.c:
+ Include memory.h on systems that need it.
+ [e43d8d8a0008] <1.7>
+
+2010-09-11 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * exec.c:
+ Quiet gcc warnings on glibc systems that use warn_unused_result for
+ write(2).
+ [f22696affc78] <1.7>
+
+2010-09-10 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * NEWS, README, configure, configure.in:
+ Update for sudo 1.7.5
+ [62ed8c6cb7c2] <1.7>
+
+ * exec.c, exec_pty.c, list.c, list.h, sudo_exec.h:
+ Instead of using a array to store received signals, open a pipe and
+ have the signal handler write the signal number to one end and
+ select() on the other end. This makes it possible to handle signals
+ similar to I/O without race conditions.
+ [2d9dd09a9fce] <1.7>
+
+ * INSTALL:
+ --with-iologdir not --enable-iologdir
+ [457471aaeda6] <1.7>
+
+2010-09-09 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * visudo.c, visudo.pod:
+ Make "visudo -c -f -" check the standard input.
+ [8ed46ff3141a] <1.7>
+
+ * sudoers.pod:
+ set_home and always_set_home have an effect if HOME is present in
+ the env_keep list.
+ [a2b26d62176d] <1.7>
+
+ * env.c:
+ Make -H flag work when HOME is listed in env_keep. Also makes
+ "set_home" and "always_set_home" override override HOME in env_keep.
+ [91d842b6adc6] <1.7>
+
2010-09-08 Todd C. Miller <Todd.Miller at courtesan.com>
* bsm_audit.c:
Solaris BSM audit return EINVAL when auditing is not enabled,
whereas OpenBSM returns ENOSYS.
- [bb9c94a8fa7d]
+ [bb9c94a8fa7d] <1.7>
2010-09-07 Todd C. Miller <Todd.Miller at courtesan.com>
* toke.c, toke.l:
Add missing LOG_INPUT/LOG_OUTPUT support in the lexer.
- [0a5519756bf1]
+ [0a5519756bf1] <1.7>
* sudo.c:
Set NewArgv[0] to the name of the pseudo-command we are running.
@@ -101,8 +945,16 @@
Fixes a problem with "sudo -l" when auditing is enabled and the user
is not allowed to run any commands on the host. Adapted from a patch
from Daniel Kopecek.
- [694ed1a75a4a]
+ [694ed1a75a4a] <1.7>
+ * sudo.c:
+ Update comment to reality.
+ [de302f39566b] <1.7>
+
+ * missing.h:
+ Need stdio.h for FILE *, not just NULL.
+ [77cf303f5696] <1.7>
+
2010-09-06 Todd C. Miller <Todd.Miller at courtesan.com>
* match.c:
@@ -110,7 +962,7 @@
options), keep track of runas group and runas user matches
separately. Only return a positive match if we have a match for
both runas user and runas group (if specified).
- [68d30216c13a]
+ [68d30216c13a] <1.7>
2010-09-04 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -117,24 +969,35 @@
* ldap.c, parse.c:
Do not return -1 on error from the display functions; the call
expects a return value >= 0.
- [e50e6ae4d06d]
+ [e50e6ae4d06d] <1.7>
* ldap.c:
display_bound_defaults now returns a count so make the stub return
0, not 1.
- [97293ced4908]
+ [97293ced4908] <1.7>
+ * fnmatch.c:
+ Add #include of sys/types.h for .c files that include missing.h to
+ be sure that size_t and ssize_t are defined.
+ [a4f3070d0a2b] <1.7>
+
2010-09-03 Todd C. Miller <Todd.Miller at courtesan.com>
* get_pty.c:
It looks like AIX doesn't need to push STREAMS modules for ptys.
- [62c281fcd4ad]
+ [62c281fcd4ad] <1.7>
2010-08-30 Todd C. Miller <Todd.Miller at courtesan.com>
+ * error.c, getprogname.c, isblank.c, missing.h, mksiglist.c,
+ sigaction.c, strerror.c, strsignal.c, sudo_noexec.c:
+ Add #include of sys/types.h for .c files that include missing.h to
+ be sure that size_t and ssize_t are defined.
+ [2ffbbb12f322] <1.7>
+
* Makefile.in:
Install sudoers file from the build dir not hte src dir.
- [a26afd8db531]
+ [a26afd8db531] <1.7>
2010-08-26 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -143,12 +1006,12 @@
Otherwise, if runas_default is set in a per-command Defaults
statement, the command runs with root's aux group vector (i.e. the
one that was used when locating the command).
- [24a695707b67]
+ [24a695707b67] <1.7>
* Makefile.in:
Add target to generate sudoers file Remove generated sudoers file as
part of distclean
- [448627fc35b6]
+ [448627fc35b6] <1.7>
2010-08-23 millert <millert at rh4-x86.home.courtesan.com>
@@ -155,43 +1018,63 @@
* exec.c:
When not logging I/O install a handler for SIGCONT and deliver it to
the command upon resume. Fixes bugzilla #431
- [e84690aa67bd]
+ [e84690aa67bd] <1.7>
2010-08-21 Todd C. Miller <Todd.Miller at courtesan.com>
+ * sudo.c, sudo.h:
+ g/c unused auth_pw global
+ [e30778d73c0b] <1.7>
+
+ * check.c, sudo.c:
+ Move get_auth() into check.c where it is actually used.
+ [3130e37787af] <1.7>
+
* sudo.c:
Don't need to fork and wait when compiled with --disable-pam-session
- [2ae1bbe4437a]
+ [2ae1bbe4437a] <1.7>
2010-08-20 Todd C. Miller <Todd.Miller at courtesan.com>
* lbuf.c:
Convert a remaining puts() and putchar() to use the output function.
- [d68c213feb0f]
+ [d68c213feb0f] <1.7>
2010-08-18 Todd C. Miller <Todd.Miller at courtesan.com>
* Makefile.in:
Replace sudoers with sudoers.in in DISTFILES
- [616509f85d6c]
+ [616509f85d6c] <1.7>
* env.c:
Set dupcheck to TRUE when setting new HOME value if !env_reset but
always_set_home is true. Prevents a duplicate HOME in the
environment (old value plus the new one) introduced in 9f97e4b43a4b.
- [2672ae047984]
+ [2672ae047984] <1.7>
* configure, configure.in, sudoers, sudoers.in:
Substitute sysconfdir in the installed sudoers file to get the
correct path for sudoers.d.
- [ab14a68e546f]
+ [ab14a68e546f] <1.7>
2010-08-17 Todd C. Miller <Todd.Miller at courtesan.com>
* boottime.c, get_pty.c:
Fix typos that prevented compilation on Irix; Friedrich Haubensak
- [a3e6c5a66890]
+ [a3e6c5a66890] <1.7>
+2010-08-16 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * Makefile.in, aix.c, audit.c, boottime.c, compat.h, error.c,
+ fnmatch.c, getcwd.c, getdate.c, getdate.y, getline.c, getprogname.c,
+ gettime.c, glob.c, isblank.c, linux_audit.c, memrchr.c, missing.h,
+ mksiglist.c, nanosleep.c, sesh.c, setsid.c, sigaction.c, snprintf.c,
+ strcasecmp.c, strerror.c, strlcat.c, strlcpy.c, strsignal.c, sudo.h,
+ sudo_noexec.c, sudoreplay.c, timestr.c, utimes.c, vasgroups.c,
+ zero_bytes.c:
+ Merge compat.h and missing.h into missing.h
+ [905905c7a8f0] <1.7>
+
2010-08-14 Todd C. Miller <Todd.Miller at courtesan.com>
* auth/pam.c:
@@ -199,23 +1082,23 @@
reading any further passwords in the pam conversation function.
Otherwise, if multiple PAM auth methods are required, the user will
have to hit ^C for each one.
- [c8f6bc58fd86]
+ [c8f6bc58fd86] <1.7>
2010-08-09 Todd C. Miller <Todd.Miller at courtesan.com>
* exec.c:
Fix waitpid() loop termination condition.
- [97719b3259f2]
+ [97719b3259f2] <1.7>
* exec_pty.c:
Use sudo_waitpid() instead of bare waitpid()
- [624a40269189]
+ [624a40269189] <1.7>
2010-08-07 Todd C. Miller <Todd.Miller at courtesan.com>
* sudo.pp:
Set pp_kit_version and strip off patchlevel
- [814c87778567]
+ [814c87778567] <1.7>
* sudo.pp:
Better handling of versions with a patchlevel. For rpm and deb, use
@@ -222,7 +1105,7 @@
the patchlevel+1 as the release. For AIX, use the patchlevel as the
4th version number. For the rest, just leave the patchlevel in the
version string.
- [d18ef30f0a72]
+ [d18ef30f0a72] <1.7>
2010-08-06 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -229,18 +1112,65 @@
* auth/sudo_auth.c:
For non-standalone auth methods, stop reading the password if the
user enters ^C at the prompt.
- [59d2b1328d1e]
+ [59d2b1328d1e] <1.7>
+ * configure, configure.in:
+ Don't print getspwuid as an auth method.
+ [d35cf4628d9a] <1.7>
+
+ * Makefile.in, auth/passwd.c, auth/secureware.c, auth/sudo_auth.c,
+ auth/sudo_auth.h, configure, configure.in, pwutil.c:
+ No need to look up shadow password unless we are doing password-
+ style authentication. This moves the shadow password lookup to the
+ auth functions that need it.
+ [10a85eebbf4c] <1.7>
+
* check.c:
When removing/resetting the timestamp file ignore the tty ticket
contents.
- [8b285f601ec0]
+ [8b285f601ec0] <1.7>
+2010-08-05 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * sudo.c:
+ delref sudo_user.pw, runas_pw and runas_gr immediately before we
+ exec.
+ [220be2de2f31] <1.7>
+
+ * sudo.c:
+ Move calls to sudo_endgrent() and sudo_endpwent() to be after
+ set_perms(), which may do passwd or group lookups.
+ [883f0db94fd4] <1.7>
+
2010-08-04 Todd C. Miller <Todd.Miller at courtesan.com>
+ * check.c:
+ Make sure we don't try to delref NULL.
+ [19bc5a47db06] <1.7>
+
+ * pwutil.c:
+ Add missing delref in user_in_group()
+ [fafb278f47a6] <1.7>
+
+ * sudo.c:
+ delref the old runas group in set_runasgr()
+ [0a7dd113cb1f] <1.7>
+
+ * match.c:
+ Repair usergr_matches() return value broken in last checkin.
+ [460b7b6ca2ce] <1.7>
+
+ * check.c, get_pty.c, glob.c, ldap.c, match.c, pwutil.c, sudo.c,
+ sudo.h:
+ Reference count cached passwd and group structs. The cache holds
+ one reference itself and another is added by sudo_getgr{gid,nam} and
+ sudo_getpw{uid,nam}. The final ref on the runas and user passwd and
+ group structs are persistent for now.
+ [e414c67e11fd] <1.7>
+
* UPGRADE:
Fix typo
- [0f443aa22e96]
+ [0f443aa22e96] <1.7>
2010-08-03 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -247,13 +1177,37 @@
* check.c:
Do not produce a warning for "sudo -k" if the ticket file does not
exist.
- [eeaaa73d7f5b]
+ [eeaaa73d7f5b] <1.7>
+ * pwutil.c:
+ Instead of caching struct passwd and struct group in the red-black
+ tree, store a struct cache_item which includes both the key and
+ datum. This allows us to user the actual name that was looked up as
+ the key instead of the contents of struct passwd or struct group.
+ This matters because the name in the database may not match what we
+ looked up, due either to case folding or truncation (historically at
+ 8 characters). Also mark the disabled calls to sudo_freepwcache()
+ and sudo_freegrcache() as broken since we use cached data for things
+ like set_perms() and the logging functions. Fixing this would
+ require making a copy of the structs for user and runas or adding a
+ reference count (better).
+ [2c1d8ec4fa5f] <1.7>
+
+ * check.c, exec_pty.c, get_pty.c, logging.c, sudoreplay.c, tgetpass.c,
+ visudo.c:
+ Quiet gcc warnings on glibc systems that use warn_unused_result for
+ write(2) and others.
+ [5faf88695c66] <1.7>
+
2010-08-02 Todd C. Miller <Todd.Miller at courtesan.com>
+ * toke.c, toke.l:
+ Add %option noinput
+ [8a5e05d6f71f] <1.7>
+
* aclocal.m4, configure:
Add cross-compile defaults for remaining AC_TRY_RUN usage.
- [fb88d22eabc6]
+ [fb88d22eabc6] <1.7>
2010-07-31 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -260,57 +1214,57 @@
* aclocal.m4, config.h.in, configure, configure.in, snprintf.c:
Use AC_CHECK_MEMBER in SUDO_SOCK_SA_LEN Use AC_TYPE_LONG_LONG_INT
and AC_CHECK_SIZEOF([long int]) instead of rolling our own.
- [5e7cc557a46e]
+ [5e7cc557a46e] <1.7>
2010-07-30 Todd C. Miller <Todd.Miller at courtesan.com>
* .hgtags:
Added tag SUDO_1_7_4 for changeset 2920a3b9d568
- [e929004d5102]
+ [e929004d5102] <1.7>
* pp:
Debian: Remove dots from decoded release number AIX: looser matching
of file command output for AIX 5.1
- [2920a3b9d568] [SUDO_1_7_4]
+ [2920a3b9d568] [SUDO_1_7_4] <1.7>
* .hgtags:
Added tag SUDO_1_7_4 for changeset 0d844aa34c1d
- [cf65ddcec602]
+ [cf65ddcec602] <1.7>
2010-07-29 Todd C. Miller <Todd.Miller at courtesan.com>
* exec_pty.c:
exec_monitor is static
- [0d844aa34c1d]
+ [0d844aa34c1d] <1.7>
* pp:
Update to latest version
- [7b8a00defbd6]
+ [7b8a00defbd6] <1.7>
2010-07-28 Todd C. Miller <Todd.Miller at courtesan.com>
* sudo.pp:
Let pp determine pp_aix_version itself.
- [c5ee7944af03]
+ [c5ee7944af03] <1.7>
* INSTALL, config.h.in, configure, configure.in, mkpkg, sudo.c:
Add support for Ubuntu admin flag file and enable it when building
Ubuntu packages.
- [2d97501cda0c]
+ [2d97501cda0c] <1.7>
* sudo.pp, sudoers:
Add commented out SuSE-like targetpw settings
- [f4ad331ace46]
+ [f4ad331ace46] <1.7>
* configure, configure.in:
Only try to use +DAportable for non-GCC on hppa Check the value of
$pic_flag insteaf of whether the compiler is ANSI C when detecting
the HP-UX bundled C compiler.
- [654da0091c16]
+ [654da0091c16] <1.7>
* configure, configure.in:
Prevent configure from adding the -g flag unless in devel mode
- [e3c11f228c56]
+ [e3c11f228c56] <1.7>
2010-07-27 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -317,41 +1271,41 @@
* sudo.pp:
Go back to sudo-flavor to match existing packages and only use an
underscore for those that need it.
- [1f78ecf3b990]
+ [1f78ecf3b990] <1.7>
* sudo.pp:
Use sudo_$flavor instead of sudo-$flavor since that causes the least
amount of trouble for the various package managers.
- [7e1e07115788]
+ [7e1e07115788] <1.7>
* mkpkg:
Fix handling of the ldap flavor Remove destdir unless --debug was
specified Make distclean before running configure if there is a
Makefile present
- [2bde3925346d]
+ [2bde3925346d] <1.7>
* configure, configure.in:
Back out version change in 5baf2187a138
- [bbc3a81afbba]
+ [bbc3a81afbba] <1.7>
* mkpkg:
Pass extra args on to configure on HP-UX, if we don't have the HP C
compiler, disable zlib to prevent gcc from finding it in
/usr/local/lib.
- [87201c7f1116]
+ [87201c7f1116] <1.7>
* configure, configure.in, mkpkg:
Use the HP ANSI C compiler on HP-UX if possible
- [5baf2187a138]
+ [5baf2187a138] <1.7>
* sudoreplay.c:
Some getline() implementations (FreeBSD 8.0) do not ignore the
length pointer when the line pointer is NULL as they should.
- [8652300785ed]
+ [8652300785ed] <1.7>
* sudoreplay.c:
Don't need to check for *cp being non-zero, isdigit() will do that.
- [107301a99b6a]
+ [107301a99b6a] <1.7>
* sudoreplay.c:
Add setlocale() so the command line arguments that use floating
@@ -360,62 +1314,62 @@
manually instead of using strtod(). Furthermore, sudo 1.7.3 logged
the number of seconds with the user's locale so if the decimal point
is not '.' try using the locale-specific version.
- [2b8ed181e37c]
+ [2b8ed181e37c] <1.7>
* exec.c:
Do I/O logging in the C locale so the floating point numbers in the
timing file are not locale-dependent.
- [18abbca14078]
+ [18abbca14078] <1.7>
* sudoreplay.c:
Use errorx() not error() for thingsthat don't set errno.
- [a2e7c6793d26]
+ [a2e7c6793d26] <1.7>
2010-07-26 Todd C. Miller <Todd.Miller at courtesan.com>
* sudo.pp:
Add Tru64 kit support
- [40e2d21aa17f]
+ [40e2d21aa17f] <1.7>
* pp:
Better support for 1.2.3 style versions in Tru64 kits
- [f7133199a711]
+ [f7133199a711] <1.7>
* pp:
Remove apparently unnecessary use of sudo
- [a667a69eeab0]
+ [a667a69eeab0] <1.7>
* Makefile.in:
Create timedir as part of install-dirs target.
- [a2e394d694dd]
+ [a2e394d694dd] <1.7>
* exec_pty.c:
Handle ENXIO from read/write which can occur when reading/writing a
pty that has gone away. Fixes bugzilla 422
- [142f4c2efa17]
+ [142f4c2efa17] <1.7>
* pwutil.c:
sudo_pwdup() was not expanding an empty pw_shell to _PATH_BSHELL
- [82e5e46bf458]
+ [82e5e46bf458] <1.7>
* mkpkg:
platform is a pp flag not a variable
- [9d0ab9b9bf0c]
+ [9d0ab9b9bf0c] <1.7>
* Makefile.in, mkpkg, sudo.pp:
Add simple arg parsing for mkpkg so we can set debug, flavor or
platform.
- [8142ab01ccd9]
+ [8142ab01ccd9] <1.7>
* pp:
Make rpm backend work on AIX 5.x
- [2467a79d0b4d]
+ [2467a79d0b4d] <1.7>
2010-07-25 Todd C. Miller <Todd.Miller at courtesan.com>
* sudoers:
Add commented out Defaults entry for log_output
- [b3fe97e59ae0]
+ [b3fe97e59ae0] <1.7>
2010-07-23 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -422,34 +1376,34 @@
* Makefile.in:
Install binary files with -b~ to make a backup. Fixes "text file
busy" error on HP-UX during install.
- [3563e3e0163a]
+ [3563e3e0163a] <1.7>
* install-sh:
"mv -f" on HP-UX doesn't unlink the destination first so add an
explicit rm before moving the temporary into place.
- [3994af813c88]
+ [3994af813c88] <1.7>
* configure, configure.in:
Some more ${foo} -> $(foo) conversion for consistent Makefiles.
- [c214d50c32ec]
+ [c214d50c32ec] <1.7>
2010-07-22 Todd C. Miller <Todd.Miller at courtesan.com>
* pathnames.h.in:
Add missing include of maillock.h for Solaris
- [343f04b7a581]
+ [343f04b7a581] <1.7>
* NEWS, TROUBLESHOOTING, UPGRADE, configure, configure.in,
sample.syslog.conf, sudoers.cat:
Change the default syslog facility from local2 to authpriv (or auth
if the operating system doesn't support authpriv).
- [949f39cf4a59]
+ [949f39cf4a59] <1.7>
* Makefile.in, configure, configure.in, sudo.pp:
Install sudoers as /etc/sudoers on RPM and debian systems where the
package manager will not replace a user-modified configuration file.
This fixes upgrades from the vendor sudo packages.
- [74c7ff01e880]
+ [74c7ff01e880] <1.7>
* pp:
RPM: use %config(noreplace) instead of %config for volatile This
@@ -456,74 +1410,74 @@
results in the new file being installed with a .rpmnew suffix
instead of the file being replaced and the old one renamed with a
.rpmsave suffix.
- [166133a4fb9e]
+ [166133a4fb9e] <1.7>
2010-07-21 Todd C. Miller <Todd.Miller at courtesan.com>
* boottime.c, mkstemps.c:
Include time.h for struct timeval.
- [50446e0b8398]
+ [50446e0b8398] <1.7>
* exec_pty.c:
The return value of strsignal() may be const and should be treated
as const regardless.
- [c035b17b50e3]
+ [c035b17b50e3] <1.7>
* sudoers.cat, sudoers.man.in, sudoers.pod:
Mention that 127.0.0.1 will not match, nor will localhost unless
that is the actual host name.
- [e9977ec7ac4f]
+ [e9977ec7ac4f] <1.7>
* Makefile.in:
fix typo
- [f216d653404d]
+ [f216d653404d] <1.7>
* Makefile.in, NEWS, README, UPGRADE, WHATSNEW:
Rename WHATSNEW -> NEWS
- [f3ce0a462ca0]
+ [f3ce0a462ca0] <1.7>
* pp:
Updated pp with latest patches
- [cded68af5ba0]
+ [cded68af5ba0] <1.7>
* WHATSNEW, exec.c, exec_pty.c, set_perms.c, sudo.c, sudo.h:
If pam is in use, wait until the process has finished before calling
pam_close_session().
- [fb3d7de50a05]
+ [fb3d7de50a05] <1.7>
* sudoers.cat, sudoers.man.in:
regen sudoers manual
- [7498a058eeb1]
+ [7498a058eeb1] <1.7>
* UPGRADE, sudoers, sudoers.pod:
Add commented out line to add HOME to env_keep and add a warning to
the note about the HOME change in UPGRADE.
- [0f7e08f09b9f]
+ [0f7e08f09b9f] <1.7>
2010-07-20 Todd C. Miller <Todd.Miller at courtesan.com>
* sudoreplay.c:
Add LINE_MAX define for those without it.
- [6248dd44573c]
+ [6248dd44573c] <1.7>
* WHATSNEW:
Mention that tty_tickets is now the default.
- [4cf26eaee5ba]
+ [4cf26eaee5ba] <1.7>
* INSTALL, UPGRADE, config.h.in, configure, configure.in, defaults.c,
sudoers.cat, sudoers.man.in, sudoers.pod:
The tty_tickets option is now on by default.
- [73dd2b82a3a9]
+ [73dd2b82a3a9] <1.7>
* WHATSNEW:
Mention that AIX authdb support has been fixed.
- [9331829dc276]
+ [9331829dc276] <1.7>
* aix.c:
setauthdb() only sets the "old" registry if it was set by a previous
call to setauthdb(). To restore the original value, passing NULL
(or an empty string) to setauthdb() is sufficient.
- [d956fd763521]
+ [d956fd763521] <1.7>
2010-07-19 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -530,77 +1484,77 @@
* sudoers.cat, sudoers.man.in, sudoers.pod:
Mention new handling of HOME in always_set_home and set_home
descriptions.
- [a69c9bed3164]
+ [a69c9bed3164] <1.7>
* sudo.cat, sudo.man.in, sudo.pod:
fix typo
- [9b90bb3e9187]
+ [9b90bb3e9187] <1.7>
* UPGRADE, WHATSNEW, env.c, sudo.cat, sudo.man.in, sudo.pod:
Reset HOME when env_reset is enabled unless it is in env_keep
- [18223dfd1ac3]
+ [18223dfd1ac3] <1.7>
* sudoers.cat, sudoers.man.in, sudoers.pod:
The default for set_logname has been "true" for some time now.
- [9f97e4b43a4b]
+ [9f97e4b43a4b] <1.7>
* sudoers.cat, sudoers.man.in, sudoers.pod:
Document that MAIL it set in env_reset mode.
- [dcf9ad98079e]
+ [dcf9ad98079e] <1.7>
* boottime.c:
Add missing include of time.h
- [57bee414982d]
+ [57bee414982d] <1.7>
* defaults.c, sudo.c:
Check return value of setdefs() but don't stop setting defaults if
we hit an unknown one.
- [a42cb2d6b7ed]
+ [a42cb2d6b7ed] <1.7>
* logging.c:
Fix check for dup2() return value.
- [916cd7fdeba7]
+ [916cd7fdeba7] <1.7>
* visudo.c:
Treat an unknown defaults entry as a parse error.
- [1f94675835d9]
+ [1f94675835d9] <1.7>
* env.c:
Check KEPT_MAIL not DID_MAIL when determining whether to set MAIL in
-i and env_reset mode.
- [aa6657ccfe01]
+ [aa6657ccfe01] <1.7>
* env.c:
Add PYTHONUSERBASE to initial_badenv_table
- [93058374f0d9]
+ [93058374f0d9] <1.7>
* WHATSNEW, aclocal.m4, config.h.in, configure, configure.in, env.c,
pathnames.h.in, sudo.cat, sudo.man.in, sudo.pod:
If env_reset is enabled, set the MAIL environment variable based on
the target user unless MAIL is explicitly preserved in sudoers.
- [d903c904dcd4]
+ [d903c904dcd4] <1.7>
2010-07-17 Todd C. Miller <Todd.Miller at courtesan.com>
* pp:
decode debian code names
- [2df0ecbc23b4]
+ [2df0ecbc23b4] <1.7>
* WHATSNEW:
fix typo
- [b66a95fa1869]
+ [b66a95fa1869] <1.7>
2010-07-16 Todd C. Miller <Todd.Miller at courtesan.com>
* WHATSNEW:
Add entry about SuSE bash script fix.
- [04af78fa281c]
+ [04af78fa281c] <1.7>
* sudo.c:
Restore RLIMIT_NPROC after the uid switch if it appears that
runas_setup() did not do it for us. Fixes a bash script problem on
SuSE with RLIMIT_NPROC set to RLIM_INFINITY.
- [bb14802d48b1]
+ [bb14802d48b1] <1.7>
2010-07-15 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -607,54 +1561,54 @@
* mkpkg, pp, sudo.pp:
Restore the dot removal in the os version reported by polypkg. Adapt
mkpkg and sudo.pp to the change.
- [83c7870130fe]
+ [83c7870130fe] <1.7>
2010-07-16 Todd C. Miller <Todd.Miller at courtesan.com>
* WHATSNEW:
Mention polypkg
- [c5f6e40bbb58]
+ [c5f6e40bbb58] <1.7>
* README, WHATSNEW:
Update for sudo 1.7.4
- [0c688f1f8160]
+ [0c688f1f8160] <1.7>
* INSTALL:
document --with-pam-login
- [33ca3f6308ae]
+ [33ca3f6308ae] <1.7>
* sudoers.cat, sudoers.man.in, sudoers.pod:
The tag is NOSETENV, not UNSETENV. From Petr Uzel.
- [95f37e63ca15]
+ [95f37e63ca15] <1.7>
2010-07-15 Todd C. Miller <Todd.Miller at courtesan.com>
* sudo.pp:
Include flavor in solaris package name
- [b6d56ccf367e]
+ [b6d56ccf367e] <1.7>
* mkpkg:
Older shells don't support IFS= so set explictly to space, tab,
newline.
- [336925525e17]
+ [336925525e17] <1.7>
* mkpkg:
Use '=' not '==' in test
- [98c692271cfd]
+ [98c692271cfd] <1.7>
* mkpkg:
Fix typo that prevented debian from matching
- [af4deec35e37]
+ [af4deec35e37] <1.7>
* mkpkg:
Add missing prefix setting for debian
- [d0c1941cb6ec]
+ [d0c1941cb6ec] <1.7>
* sudo.pp:
Use tab indents to reduce the chance of problem with <<- Uncomment
some env_keep lines for RHEL, SLES and Debian to more closely match
the vendor sudoers files.
- [74ba26566cdc]
+ [74ba26566cdc] <1.7>
* sudo.pp:
Fix indentation Fix the debian %set section, pp does not set
@@ -661,141 +1615,141 @@
pp_deb_distro Uncomment %sudo line in sudoers for debian Add pam.d
to %files for debian Remove the /etc/sudo-ldap.conf symlink on
debian for ldap flavor
- [f15ff41b5afd]
+ [f15ff41b5afd] <1.7>
* sudoers:
Add commented out env_keep entries, sample Aliases and a %sudo line
for debian.
- [8264e4ed42dc]
+ [8264e4ed42dc] <1.7>
* configure, configure.in:
Remove check for egrep; configure has its own
- [27b3d85ebf4f]
+ [27b3d85ebf4f] <1.7>
* configure.in:
Use enable_zlib instead of enableval for consistency
- [4a15cfd43d3e]
+ [4a15cfd43d3e] <1.7>
2010-07-14 Todd C. Miller <Todd.Miller at courtesan.com>
* mkpkg:
Enable zlib for linux distros
- [fcab91448bb0]
+ [fcab91448bb0] <1.7>
* mkpkg:
Add ldap flavor to default build
- [e35a577c8994]
+ [e35a577c8994] <1.7>
* mkpkg, sudo.pp:
Simplify rpm linux distro settings
- [f30547765636]
+ [f30547765636] <1.7>
* UPGRADE, aclocal.m4, configure, configure.in, sudo.cat, sudo.man.in,
sudoers.cat:
Move time stamp files from /var/run/sudo to /var/{db,lib,adm}/sudo.
- [8c9440423d98]
+ [8c9440423d98] <1.7>
* Makefile.in, mkpkg, sudo.pp:
Add ldap "flavor" for debian, controlled by the SUDO_FLAVOR
environment variable.
- [9f418defc08a]
+ [9f418defc08a] <1.7>
* sudo.pp:
Create sudo group on debian
- [4b0cc7b8b0b5]
+ [4b0cc7b8b0b5] <1.7>
* mkpkg, sudo.pp:
Add debian 4/5/6 and use the dot when doing version matches
- [d5184f0a1efc]
+ [d5184f0a1efc] <1.7>
* sudoers.cat, sudoers.man.in, sudoers.pod:
Remove spurious "and"; from debian
- [8b9f2a5937bc]
+ [8b9f2a5937bc] <1.7>
* aclocal.m4, configure:
Use a loop when searching for mv, sendmail and sh
- [a1c7d19721a4]
+ [a1c7d19721a4] <1.7>
* aclocal.m4, configure, configure.in, sudoers.cat, sudoers.man.in,
sudoers.pod, visudo.cat, visudo.man.in, visudo.pod:
Substitute the value of EDITOR into the sudoers and visudo manuals.
- [f00dc9343f94]
+ [f00dc9343f94] <1.7>
2010-07-13 Todd C. Miller <Todd.Miller at courtesan.com>
* mkpkg, pp, sudo.pp:
Initial debian 4.0 support
- [6d73c000723f]
+ [6d73c000723f] <1.7>
* mkpkg:
Some platforms need -fPIE instead of -fpie
- [8533a29633e8]
+ [8533a29633e8] <1.7>
* Makefile.in:
Add packaging bits to DISTFILES
- [dea9f374f28b]
+ [dea9f374f28b] <1.7>
* auth/pam.c:
Only set PAM_RHOST for Solaris, where it is needed to avoid a bug.
On Linux it causes a DNS lookup via libaudit.
- [22e04d2f5f0f]
+ [22e04d2f5f0f] <1.7>
* sudo.psf:
We now use pp to generate HP-UX packages
- [6c9f8ae6bc11]
+ [6c9f8ae6bc11] <1.7>
2010-07-12 Todd C. Miller <Todd.Miller at courtesan.com>
* auth/pam.c:
Fix indentation
- [e52e9e6338d5]
+ [e52e9e6338d5] <1.7>
* INSTALL, Makefile.in:
isntall-man -> install-doc
- [02cc8198ea7a]
+ [02cc8198ea7a] <1.7>
* configure, configure.in, sudo.cat, sudo.man.in, sudoers.cat,
sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.man.in,
sudoreplay.cat, sudoreplay.man.in, visudo.cat, visudo.man.in:
Bump version to 1.7.4
- [df6ce4ea908a]
+ [df6ce4ea908a] <1.7>
* INSTALL.binary, Makefile.binary.in, Makefile.in:
Remove remaining bits of the old binary package
- [8d4f82c23c22]
+ [8d4f82c23c22] <1.7>
* sudo.pp:
Use http://rc.quest.com/topics/polypkg/ for packaging
- [d71793085629]
+ [d71793085629] <1.7>
* Makefile.in, mkpkg, pp:
Use http://rc.quest.com/topics/polypkg/ for packaging
- [675e505758c5]
+ [675e505758c5] <1.7>
* install-sh:
Just ignore the -c option, it is the default Add support for -d
option
- [2adfb3a63231]
+ [2adfb3a63231] <1.7>
* env.c, logging.c, pathnames.h.in:
Use _PATH_STDPATH instead of _PATH_DEFPATH
- [2c22d54a1f02]
+ [2c22d54a1f02] <1.7>
* Makefile.in:
Do not strip binaries.
- [bc84682b372c]
+ [bc84682b372c] <1.7>
* INSTALL, configure, configure.in:
Add --insults=disabled configure option to allow people to build in
insult support but have the insults disabled unless explicitly
enabled in sudoers.
- [6d9f40db9cca]
+ [6d9f40db9cca] <1.7>
2010-07-10 Todd C. Miller <Todd.Miller at courtesan.com>
* env.c, sudoreplay.c:
Fix K&R compilation
- [e44d3be7ab85]
+ [e44d3be7ab85] <1.7>
2010-07-09 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -803,11 +1757,11 @@
sudo.h:
Add support for a sudo-i pam.d file to be used for "sudo -i".
Adapted from a RedHat patch.
- [2984c3831d88]
+ [2984c3831d88] <1.7>
* Makefile.in:
Fix installation of sudo_noexec.so
- [d1f7ca8331b6]
+ [d1f7ca8331b6] <1.7>
* Makefile.in, config.h.in, configure, configure.in, missing.h,
mkstemp.c, mkstemps.c, sudo_edit.c:
@@ -814,7 +1768,7 @@
Use mkstemps() instead of mkstemp() in sudoedit. This allows
sudoedit to preserve the file extension (if any) which may be used
by the editor (like emacs) to choose the editing mode.
- [46399679d9ae]
+ [46399679d9ae] <1.7>
2010-07-08 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -823,7 +1777,7 @@
TLS_CACERT, not TLS_CACERTFILE in its ldap.conf. Other LDAP client
code, such as nss_ldap, uses TLS_CACERTFILE. Also document why you
should avoid disabling TLS_CHECKPEER is possible.
- [1d626a5cf8c0]
+ [1d626a5cf8c0] <1.7>
2010-07-07 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -830,25 +1784,25 @@
* toke.c, toke.l:
Add suport for negated user/host/command lists in a Defaults entry.
E.g. Defaults:!baduser noexec
- [24f07a805dce]
+ [24f07a805dce] <1.7>
2010-07-01 Todd C. Miller <Todd.Miller at courtesan.com>
* sudoers.ldap.pod:
fix typo.
- [d5f2922cecf2]
+ [d5f2922cecf2] <1.7>
2010-06-29 Todd C. Miller <Todd.Miller at courtesan.com>
* .hgtags:
Added tag SUDO_1_7_3 for changeset 72fd1f510a08
- [cc8b2277e17e]
+ [cc8b2277e17e] <1.7>
* configure, configure.in, sudo.cat, sudo.man.in, sudoers.cat,
sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.man.in,
sudoreplay.cat, sudoreplay.man.in, visudo.cat, visudo.man.in:
Sudo 1.7.3 GA
- [72fd1f510a08] [SUDO_1_7_3]
+ [72fd1f510a08] [SUDO_1_7_3] <1.7>
* alias.c, alloc.c, auth/afs.c, auth/aix_auth.c, auth/bsdauth.c,
auth/dce.c, auth/fwtk.c, auth/kerb4.c, auth/kerb5.c, auth/pam.c,
@@ -863,32 +1817,32 @@
tsgetgrpw.c, visudo.c:
Include strings.h even if string.h exists since they may define
different things. Fixes warnings on AIX and others.
- [7c6de7fb5dba]
+ [7c6de7fb5dba] <1.7>
* env.c:
Do not rely on env.env_len when unsetting a variable, just use the
NULL terminator.
- [faf088613ce5]
+ [faf088613ce5] <1.7>
* env.c:
In unsetenv() check for NULL or empty name as per POSIX 1003.1-2008
- [47f8dfcc7a48]
+ [47f8dfcc7a48] <1.7>
2010-06-28 Todd C. Miller <Todd.Miller at courtesan.com>
* sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.ldap.pod:
Mention that multiple URI lines are merged into a single one.
- [1dc0ac5929bf]
+ [1dc0ac5929bf] <1.7>
* WHATSNEW:
Document AIX fixes
- [be36e8a6dddd]
+ [be36e8a6dddd] <1.7>
2010-06-26 Todd C. Miller <Todd.Miller at courtesan.com>
* env.c, sudo.c, sudo.h:
For env_init() just use environ not the envp from main().
- [d4f3e374caeb]
+ [d4f3e374caeb] <1.7>
2010-06-25 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -896,11 +1850,11 @@
sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.man.in,
sudoreplay.cat, sudoreplay.man.in, visudo.cat, visudo.man.in:
Update version to 1.7.3rc1
- [fe43fe79070d]
+ [fe43fe79070d] <1.7>
* TODO:
fqdn issue is resolved
- [f35cb63eb74b]
+ [f35cb63eb74b] <1.7>
* env.c:
In unsetenv(), assign ep in the for loop instead of doing it
@@ -907,7 +1861,7 @@
earlier. This version of the code does not change env.envp in
between when ep is assigned and when it is used but older versions
(e.g. 1.7.2) do.
- [a4cd29c862c9]
+ [a4cd29c862c9] <1.7>
* aix.c:
Use S_REGISTRY instead of S_AUTHSYSTEM as the argument to
@@ -914,38 +1868,38 @@
getuserattr() when fetching the administrative domain to be used by
setauthdb(). This was suggested by AIX support and is consistent
with what OpenSSH does.
- [d3109706ec85]
+ [d3109706ec85] <1.7>
* vasgroups.c:
Use warningx() instead of log_error() since the latter is not
available to visudo or testsudoers. This does mean that they don't
end up in syslog.
- [0174e89f983b]
+ [0174e89f983b] <1.7>
* sudo.c:
Defer call to sudo_nonunix_groupcheck_cleanup() until after we have
closed the sudoers sources. From Quest sudo.
- [c1b33e3e0f9e]
+ [c1b33e3e0f9e] <1.7>
* pwutil.c:
Ignore case when matching user/group names in the cache. From Quest
sudo.
- [72df368a8a0e]
+ [72df368a8a0e] <1.7>
2010-06-24 Todd C. Miller <Todd.Miller at courtesan.com>
* config.h.in, configure, configure.in, selinux.c:
Add check for setkeycreatecon() when --with-selinux is specified.
- [24144c52c0cc]
+ [24144c52c0cc] <1.7>
* configure, configure.in:
Bump version to 1.7.3b5 Error out if libaudit.h is missing or
ununable when --with-linux-audit was specified
- [215c7653d9bc]
+ [215c7653d9bc] <1.7>
* aix.c:
K&R function declaration for aix_setauthdb()
- [82da12d222a6]
+ [82da12d222a6] <1.7>
* env.c, sudo.c, sudo.h:
If env_init() was called implicitly via getenv(), setenv() or
@@ -952,12 +1906,12 @@
putenv() just use the specified envp instead of mallocing a new
copy. This prevents an infinite loop on OpenBSD which calls
getenv() from malloc() to get MALLOC_OPTIONS.
- [8e82ce63f774]
+ [8e82ce63f774] <1.7>
* ldap.c:
Add support for multiple URI lines by joining the contents and
passing the result to ldap_initialize.
- [b4e10b2ffdb1]
+ [b4e10b2ffdb1] <1.7>
2010-06-23 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -964,25 +1918,25 @@
* pwutil.c, set_perms.c, sudo_nss.c:
Bracket initgroups with calls to aix_setauthdb() and
aix_restoreauthdb()
- [363dbe449f1c]
+ [363dbe449f1c] <1.7>
* aix.c:
Include compat.h before alloc.h to get __P
- [819a2667ffd7]
+ [819a2667ffd7] <1.7>
* auth/aix_auth.c:
Include usersec.h for authenticate() prototype
- [2b8dd2b67131]
+ [2b8dd2b67131] <1.7>
* aix.c:
Add missing includes Add missing trailing NUL in userinfo string
- [8deaedf44943]
+ [8deaedf44943] <1.7>
2010-06-22 Todd C. Miller <Todd.Miller at courtesan.com>
* HISTORY, history.pod:
Mention when LDAP was incorporated.
- [4e6c8ec4f67c]
+ [4e6c8ec4f67c] <1.7>
2010-06-21 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -989,145 +1943,145 @@
* configure:
Define _LINUX_SOURCE_COMPAT on AIX for strsignal() prototype, it is
not covered by _ALL_SOURCE.
- [3657f1b181b9]
+ [3657f1b181b9] <1.7>
* pwutil.c:
Include usersec.h on AIX to get IDtouser() prototype.
- [11483bbe15c7]
+ [11483bbe15c7] <1.7>
* configure.in:
Define _LINUX_SOURCE_COMPAT on AIX for strsignal() prototype, it is
not covered by _ALL_SOURCE.
- [fd48e6e2136b]
+ [fd48e6e2136b] <1.7>
2010-06-18 Todd C. Miller <Todd.Miller at courtesan.com>
* iolog.c:
Add a cast to quiet a compiler warning.
- [51e9d419bd83]
+ [51e9d419bd83] <1.7>
* boottime.c:
Use memset() instead of zero_bytes() since we don't include sudo.h
- [f310b2123ba9]
+ [f310b2123ba9] <1.7>
* Makefile.in:
getline.o is already in LIB_OBJS, do not need it in COMMON_OBJS
- [c8750c2d75ab]
+ [c8750c2d75ab] <1.7>
* getdate.c, getdate.y:
Quiet a compiler warning.
- [9f231be15958]
+ [9f231be15958] <1.7>
* defaults.c, sudo.c:
Call set_fqdn() after sudoers has parsed instead of inline as a
callback.
- [26d413ddb6dd]
+ [26d413ddb6dd] <1.7>
* WHATSNEW:
Do not call set_fqdn() until sudoers parses (where is gets run as a
callback).
- [582453a993a1]
+ [582453a993a1] <1.7>
* sudo.c:
Do not call set_fqdn() until sudoers parses (where is gets run as a
callback). Otherwise, if sudo is built --with-fqdn the fqdn will be
set even if !fqdn is set in sudoers.
- [aa01e867d1bb]
+ [aa01e867d1bb] <1.7>
* configure, configure.in, sudo.cat, sudo.man.in, sudoers.cat,
sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.man.in,
sudoreplay.cat, sudoreplay.man.in, visudo.cat, visudo.man.in:
Bump version to 1.7.3b4
- [c1c5a73766b6]
+ [c1c5a73766b6] <1.7>
* WHATSNEW:
mention the change in tty ticket behavior when there is no tty
- [93ddde63e453]
+ [93ddde63e453] <1.7>
* TODO:
remove done items
- [9601b2e8dcef]
+ [9601b2e8dcef] <1.7>
* aix.c:
Remove comment; NAME in usrinfo should be user name.
- [eb46f1e8ea08]
+ [eb46f1e8ea08] <1.7>
* check.c:
Do not update tty ticket if there is no tty.
- [e64e8c8f2286]
+ [e64e8c8f2286] <1.7>
* sudo.cat, sudo.man.in, sudo.pod:
No longer need to use -- with the -s flag
- [e45c18dd79dc]
+ [e45c18dd79dc] <1.7>
* Makefile.in:
Add missing $(srcdir) to sudo.man.in target
- [2bd89f6ca9f3]
+ [2bd89f6ca9f3] <1.7>
* Makefile.in:
Do not rely on BSD make's $>
- [cb328b82cb92]
+ [cb328b82cb92] <1.7>
* configure, configure.in:
Set timedir to /var/db/sudo for darwin to match Apple sudo's
location
- [860c7f1b001f]
+ [860c7f1b001f] <1.7>
2010-06-16 Todd C. Miller <Todd.Miller at courtesan.com>
* Makefile.in, configure, configure.in:
Move aix.o from SUDO_OBJS to COMMON_OBJS
- [f8a9bdf346c1]
+ [f8a9bdf346c1] <1.7>
* config.h.in, configure, configure.in, defaults.c, iolog.c,
sudoreplay.c:
Check for zlib.h in addition to libz.
- [fb77e44d5196]
+ [fb77e44d5196] <1.7>
* Makefile.in, exec.c, exec_pty.c, sudo.h, sudo_exec.h:
Move functions and symbols shared between exec.c and exec_pty.c into
sudo_exec.h.
- [e798d945424e]
+ [e798d945424e] <1.7>
* sudo.h:
Add missing prototypes for aix_setauthdb and aix_restoreauthdb
- [8bc2af6d4e17]
+ [8bc2af6d4e17] <1.7>
* Makefile.in:
Comment out rules to build .man.in and .cat files unless --with-
devel
- [81d6726a19ab]
+ [81d6726a19ab] <1.7>
* aix.c, pwutil.c, set_perms.c, sudo.h:
Fix AIX compilation problems.
- [7d95f73eca42]
+ [7d95f73eca42] <1.7>
* sudo.c:
Cast isalnum() arg to unsigned char.
- [5fff9a81af00]
+ [5fff9a81af00] <1.7>
* WHATSNEW:
Add Linux audit support.
- [e59e0670ba79]
+ [e59e0670ba79] <1.7>
* sudo.c:
Quote any non-alphanumeric characters other than '_' or '-' when
passing a command to be run via the shell for the -s and -i options.
- [d35a3f4cb3c0]
+ [d35a3f4cb3c0] <1.7>
* sudo.c:
Add missing braces that broke -i mode.
- [7fe124b078ec]
+ [7fe124b078ec] <1.7>
* linux_audit.c:
Fix linux_audit_command() return value
- [0c582476181c]
+ [0c582476181c] <1.7>
2010-06-15 Todd C. Miller <Todd.Miller at courtesan.com>
* Makefile.in, linux_audit.c, linux_audit.h:
Add Linux audit support.
- [b207dc9960de]
+ [b207dc9960de] <1.7>
2010-06-16 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -1134,86 +2088,86 @@
* INSTALL, audit.c, bsm_audit.c, config.h.in, configure, configure.in,
logging.h, selinux.c:
Add Linux audit support.
- [26ae31d7ff93]
+ [26ae31d7ff93] <1.7>
2010-06-15 Todd C. Miller <Todd.Miller at courtesan.com>
* sudoreplay.c, sudoreplay.cat, sudoreplay.man.in, sudoreplay.pod:
Sync sudoreplay with trunk
- [65b780cccfa5]
+ [65b780cccfa5] <1.7>
* exec_pty.c:
Remove an XXX
- [8304ac649241]
+ [8304ac649241] <1.7>
* aix.c, configure, configure.in, pwutil.c, set_perms.c, sudo.h:
Set usrinfo for AIX Set adminstrative domain for the process when
looking up user's password info and when preparing for execve().
- [52b48cbe97fd]
+ [52b48cbe97fd] <1.7>
* ldap.c, parse.c:
Better prefix determination now that we can't rely on len==0 to tell
the beginning on an entry.
- [32f1875d9605]
+ [32f1875d9605] <1.7>
* WHATSNEW, ldap.c, sudoers.ldap.cat, sudoers.ldap.man.in,
sudoers.ldap.pod:
Add support for multiple sudoers_base entries in ldap.conf. From
Joachim Henke
- [3c0b59fce7b4]
+ [3c0b59fce7b4] <1.7>
* configure, configure.in:
Remove duplicate setsid check
- [7712d6d52da1]
+ [7712d6d52da1] <1.7>
* Makefile.in, config.h.in, configure, configure.in, exec_pty.c,
logging.c, missing.h, setsid.c:
Move setsid emulation into setsid.c
- [f24743c9e4e9]
+ [f24743c9e4e9] <1.7>
* exec_pty.c, logging.c, selinux.c, sudo.c, tgetpass.c:
Check for dup2() failure.
- [b1b6ba761b61]
+ [b1b6ba761b61] <1.7>
* config.h.in, configure, configure.in:
Remove dup2 check, it is not optional.
- [cfbe5f3b5956]
+ [cfbe5f3b5956] <1.7>
2010-06-14 Todd C. Miller <Todd.Miller at courtesan.com>
* WHATSNEW:
Add mbr_check_membership support and SELinux fixes
- [af1936a7cf2f]
+ [af1936a7cf2f] <1.7>
* Makefile.in:
Sync SRCS and DISTFILES with reality
- [0971b5dcb1be]
+ [0971b5dcb1be] <1.7>
* INSTALL:
Update OS specific notes. Delete some really ancient ones and move
older ones to the end of the list.
- [872dd8b437a8]
+ [872dd8b437a8] <1.7>
* README:
Bump for sudo 1.7.3 Merge some changes from trunk
- [a3088c75bf22]
+ [a3088c75bf22] <1.7>
* selinux.c, sudo.c:
Call selinux_restore_tty() as part of cleanup() so it gets called
from error()/errorx()
- [0197c07d4c1e]
+ [0197c07d4c1e] <1.7>
* compat.h:
No longer use SA_NOCLDSTOP
- [73ca654cd3f8]
+ [73ca654cd3f8] <1.7>
* interfaces.h, match.c:
Move union sudo_in_addr_un into interfaces.h
- [c84bda7c332a]
+ [c84bda7c332a] <1.7>
* pathnames.h.in:
Update copyright year
- [94871f44206b]
+ [94871f44206b] <1.7>
* HISTORY, LICENSE, aix.c, alias.c, alloc.h, boottime.c, bsm_audit.h,
compat.h, defaults.c, defaults.h, env.c, fileops.c, find_path.c,
@@ -1223,33 +2177,33 @@
sudoreplay.c, term.c, tgetpass.c, toke.l, visudo.c, visudo.cat,
visudo.man.in, visudo.pod:
Update copyright year
- [4cfb47c799b8]
+ [4cfb47c799b8] <1.7>
* Makefile.in:
Remove varsub as part of clean
- [61f04a21b0bb]
+ [61f04a21b0bb] <1.7>
* match.c:
Quiet a compiler warning.
- [06d8cfe916c8]
+ [06d8cfe916c8] <1.7>
* getdate.c, getdate.y:
Quiet a compiler warning.
- [473d2b7d44a1]
+ [473d2b7d44a1] <1.7>
* ldap.c, sudo.h:
Make the remaining functions in ldap.c static
- [ba555565b30a]
+ [ba555565b30a] <1.7>
* ldap.c:
Make private functions static. Diff from Joachim Henke
- [1603035b1863]
+ [1603035b1863] <1.7>
* schema.ActiveDirectory:
Updates from Alain Roy to provide better examples for importing the
schema and to fix problems caused by Windows validating attributes
which have not yet been added before committing the changes.
- [83f11ae00f19]
+ [83f11ae00f19] <1.7>
2010-06-12 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -1256,62 +2210,62 @@
* Makefile.in, configure, configure.in, sudo.cat, sudoers.cat:
Generate .cat files directly from .man.in instead of .man using
default values in configure.in
- [0a92b41c5ce5]
+ [0a92b41c5ce5] <1.7>
2010-06-11 Todd C. Miller <Todd.Miller at courtesan.com>
* configure, configure.in, sudo.c, sudo_usage.h.in:
Print configure args with verbose version information.
- [ca4a5fcf0af8]
+ [ca4a5fcf0af8] <1.7>
* visudo.c:
Remove tfd from struct sudoersfile; it is not used. Add prev pointer
to struct sudoersfile. Declare list of sudoersfile using TQ_DECLARE.
Use tq_append to append sudoers entries to the tail queue.
- [344c631d0d43]
+ [344c631d0d43] <1.7>
2010-06-10 Todd C. Miller <Todd.Miller at courtesan.com>
* WHATSNEW:
Describe tty timestamp improvements
- [136b0f832903]
+ [136b0f832903] <1.7>
* toke.c, toke.l:
A comment character may not be part of a command line argument
unless it is quoted with a backslash. Fixes parsing of:
testuser ALL=NOPASSWD: /usr/bin/wl #comment foo bar closes bz #441
- [2a0c82ffedde]
+ [2a0c82ffedde] <1.7>
* sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in:
regen
- [c9fddd23c7e1]
+ [c9fddd23c7e1] <1.7>
* sudoers.pod:
Make this read a little bit better when passwd_timeout is 0.
- [51644950823f]
+ [51644950823f] <1.7>
* Makefile.in:
Use the --file argument to config.status instead of setting
CONFIG_FILES
- [fc2b42c60b5d]
+ [fc2b42c60b5d] <1.7>
* sudo.man.pl, sudo.pod:
Attempt to handle a default password prompt timeout of zero more
gracefully.
- [478b8e720993]
+ [478b8e720993] <1.7>
* toke.c, toke.l:
Do not override value of keepopen global, instead restore it to the
value we pushed onto the stack when popping.
- [dc370d57a668]
+ [dc370d57a668] <1.7>
* exec.c, exec_pty.c, logging.c, mon_systrace.c, tgetpass.c:
Use SA_INTERRUPT in sa_flags
- [3845c6637361]
+ [3845c6637361] <1.7>
* getdate.c, getdate.y, ldap.c, sudoreplay.c:
Silence some compiler warnings
- [112ac65afd0c]
+ [112ac65afd0c] <1.7>
2010-06-09 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -1318,24 +2272,24 @@
* exec.c, exec_pty.c, sudo.c, sudo.h:
Implement background mode. If I/O logging we use pipes instead of a
pty.
- [8d448eaf2aaa]
+ [8d448eaf2aaa] <1.7>
* compat.h, exec.c, exec_pty.c, mksiglist.c, strsignal.c, tgetpass.c:
Move compat definition of NSIG to compat.h
- [cae72a4c9dec]
+ [cae72a4c9dec] <1.7>
* tgetpass.c:
Ignore SIGPIPE for "sudo -S"
- [c6595c8527c4]
+ [c6595c8527c4] <1.7>
* tgetpass.c:
Properly handle TGP_ECHO again. Print a newline if the user
interrupted password input.
- [15acbe4fb535]
+ [15acbe4fb535] <1.7>
* exec_pty.c:
Use POSIX tcgetpgrp() instead of BSD TIOCGPGRP ioctl
- [dd041fc9554c]
+ [dd041fc9554c] <1.7>
2010-06-08 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -1342,19 +2296,19 @@
* exec.c, exec_pty.c, selinux.c, sudo.c, sudo.h:
Return an error from selinux_setup() instead of exiting. Call
selinux_setup() from exec_setup().
- [b518225cafba]
+ [b518225cafba] <1.7>
* compat.h:
Add definition of WCOREDUMP for systems without it. This is known
to work on AIX and SunOS 4, but may be incorrect on other systems
that lack WCOREDUMP.
- [365e56db7cd5]
+ [365e56db7cd5] <1.7>
* check.c, compat.h, config.h.in, configure, configure.in, iolog.c,
nanosleep.c, sudo_edit.c, visudo.c:
Replace timerfoo macros with timevalfoo since the timer macros are
known to be busted on some systems.
- [4bb5228606c5]
+ [4bb5228606c5] <1.7>
* toke.c, toke.l:
If a file in a #includedir has improper permissions or owner just
@@ -1361,18 +2315,18 @@
skip it. This prevents packages that incorrectly install a file
into /etc/sudoers.d from breaking sudo so easily. Syntax errors in
#includedir files still result in a parse error (for now).
- [b7fb75eddb77]
+ [b7fb75eddb77] <1.7>
* TODO, auth/pam.c, exec.c, exec_pty.c, set_perms.c, sudo.c, sudo.h:
Defer call to pam_close_session() until after the command finishes
if there is a monitor process.
- [0a39c8e6a81b]
+ [0a39c8e6a81b] <1.7>
* WHATSNEW, def_data.c, def_data.h, def_data.in, exec.c, sudoers.cat,
sudoers.man.in, sudoers.pod:
Add use_pty sudoers option to force use of a pty even when not
logging I/O.
- [aea971f1456a]
+ [aea971f1456a] <1.7>
* env.c, sudo.c, sudo.h:
Instead of trying to keep the global environment in sync with our
@@ -1379,21 +2333,21 @@
private copy, provide our own getenv() that returns values from the
private environment and use env_get() to pass the environment in to
run_command().
- [58c85c5695dc]
+ [58c85c5695dc] <1.7>
* set_perms.c:
Fix typo
- [0f677fcdde04]
+ [0f677fcdde04] <1.7>
2010-06-07 Todd C. Miller <Todd.Miller at courtesan.com>
* sudo.h:
Rename pty.c -> get_pty.c
- [39137dcc4420]
+ [39137dcc4420] <1.7>
* iolog.c:
Add #define for maximum session id
- [2a487437f013]
+ [2a487437f013] <1.7>
* Makefile.in, configure, configure.in, exec.c, exec_pty.c, iolog.c,
selinux.c, sudo.c, sudo.h, sudo_edit.c:
@@ -1400,15 +2354,15 @@
Split exec.c into exec.c and exec_pty.c Pass a flag in to
sudo_execve to indicate whether we need to wait for the command
to finish (fork + execve vs. execve).
- [b197515585db]
+ [b197515585db] <1.7>
* Makefile.in, configure, configure.in, get_pty.c, pty.c:
Rename pty.c -> get_pty.c
- [c0e5270bb28a]
+ [c0e5270bb28a] <1.7>
* aclocal.m4, configure, configure.in:
Fix --without-iologdir
- [dcd6c5907b10]
+ [dcd6c5907b10] <1.7>
2010-06-06 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -1415,7 +2369,7 @@
* iolog.c:
Only use I/O input log file if def_log_input is set and output file
if def_log_output is set.
- [96cdd49be996]
+ [96cdd49be996] <1.7>
2010-06-05 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -1422,7 +2376,7 @@
* parse_args.c, sudo.c:
Include sudo_usage.h after sudo.h now that it has function
prototypes to guarantee that __P is defined.
- [c67b77f8d6b1]
+ [c67b77f8d6b1] <1.7>
2010-06-04 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -1432,32 +2386,32 @@
we want the default action to be taken (suspend process). Use an
array for signals received instead of a single variable so we don't
lose any when there are multiple different signals.
- [de356064ea01]
+ [de356064ea01] <1.7>
* defaults.h, lbuf.h, sudo.h:
Reorg function prototypes a bit
- [5c40f58bb28e]
+ [5c40f58bb28e] <1.7>
* Makefile.in, parse_args.c, sudo.c, sudo.h, sudo_usage.h.in:
Move argument parsing into parse_args.c
- [fad7b8737c12]
+ [fad7b8737c12] <1.7>
* Makefile.in, config.h.in, configure, configure.in, missing.h,
mksiglist.c, mksiglist.h, siglist.in, strsignal.c:
Build our own sys_siglist for systems that lack it.
- [3b5f671936dc]
+ [3b5f671936dc] <1.7>
* exec.c, iolog.c, missing.h, sudo_edit.c:
K&R fixes
- [dad62986f2fe]
+ [dad62986f2fe] <1.7>
* exec.c, pty.c, sudo.c, sudo.h, sudo_edit.c:
Log sudoedit sessions as well; adapted from trunk
- [2c5d9695022b]
+ [2c5d9695022b] <1.7>
* configure:
regen
- [9b319e89a6c4]
+ [9b319e89a6c4] <1.7>
* INSTALL, Makefile.in, WHATSNEW, aclocal.m4, configure, configure.in,
def_data.c, def_data.h, def_data.in, defaults.c, exec.c, gram.c,
@@ -1468,17 +2422,17 @@
Merge I/O logging changes from trunk. Disabling I/O log support at
compile time does not currently work. Sudoedit is not yet hooked up
to I/O logging.
- [968c2c74c69b]
+ [968c2c74c69b] <1.7>
2010-06-03 Todd C. Miller <Todd.Miller at courtesan.com>
* INSTALL, configure, configure.in:
Add --enable-warnings configure option
- [19cf967c36d1]
+ [19cf967c36d1] <1.7>
* check.c, lbuf.h, script.c, sudo.c, sudo_nss.c:
Fix K&R compilation issues on HP-UX.
- [c01a547cdcf8]
+ [c01a547cdcf8] <1.7>
* lbuf.c, lbuf.h, ldap.c, parse.c, sudo.c, sudo_nss.c:
Pass in output function to lbuf_init() instead of writing to stdout.
@@ -1485,29 +2439,29 @@
A side effect is that the usage info can now go to stderr as it
should. Add support for embedded newlines in lbuf and use that
instead of multiple calls to lbuf_print.
- [596a427ff873]
+ [596a427ff873] <1.7>
* configure, configure.in, sudo.man.pl, sudoers.man.pl:
Use numeric registers to handle conditionals instead of trying to do
it all with text processing.
- [31570c372e0e]
+ [31570c372e0e] <1.7>
* sudoers.pod:
Document per-command SELinux settings
- [bbce5acad1be]
+ [bbce5acad1be] <1.7>
* sudo.pod:
timestamp -> time stamp
- [d7335ce6286f]
+ [d7335ce6286f] <1.7>
* tsgetgrpw.c:
Set close on exec flag in private versions of setpwent() and
setgrent().
- [954814bdbd56]
+ [954814bdbd56] <1.7>
* logging.c:
Make send_mail() take a printf-style argument list
- [0783ad585062]
+ [0783ad585062] <1.7>
* Makefile.binary.in, Makefile.in, aclocal.m4, acsite.m4,
config.guess, config.h.in, config.sub, configure, configure.in,
@@ -1514,21 +2468,21 @@
ltmain.sh, m4/libtool.m4, m4/ltoptions.m4, m4/ltsugar.m4,
m4/ltversion.m4, m4/lt~obsolete.m4:
Update to autoconf 2.65 and libtool 2.2.6b
- [3544dd2f1a94]
+ [3544dd2f1a94] <1.7>
* boottime.c:
Don't use TRUE/FALSE which may not be defined.
- [8649bf22b3b2]
+ [8649bf22b3b2] <1.7>
* sudo.cat, sudo.man.in, sudo.pod:
Document new tty_ticket behavior
- [0663e0390338]
+ [0663e0390338] <1.7>
* find_path.c, sudo.c, sudo.h, visudo.c:
Make find_path() a little more generic by not checking def_foo
variables inside it. Instead, pass in ignore_dot as a function
argument.
- [16c3f27cd9b9]
+ [16c3f27cd9b9] <1.7>
* check.c:
Store info from stat(2)ing the tty in the tty ticket when tty
@@ -1537,11 +2491,11 @@
is not updated when the tty is written to. This helps us determine
when a tty has been reused without the user authenticating again
with sudo.
- [f9aec9ab9054]
+ [f9aec9ab9054] <1.7>
* boottime.c, check.c, sudo.h:
get_boottime() now fills in a timeval struct
- [dbd2003659c0]
+ [dbd2003659c0] <1.7>
2010-06-02 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -1549,29 +2503,29 @@
gettime.c, sudo.h, sudo_edit.c, visudo.c:
Use timeval directly instead of converting to timespec when dealing
with file times and time of day.
- [c85bf3e41839]
+ [c85bf3e41839] <1.7>
* auth/pam.c:
Fix OpenPAM detection for newer versions.
- [67f29a0703d0]
+ [67f29a0703d0] <1.7>
* vasgroups.c:
Sync with Quest sudo git repo
- [2680ad9762c2]
+ [2680ad9762c2] <1.7>
* aclocal.m4, configure, configure.in:
HP-UX ld uses +b instead or -R or -rpath Fix typo in libvas check
libvas may need libdl for dlopen() Add missing template for
ENV_DEBUG Adapted from Quest sudo
- [6c886eb9070a]
+ [6c886eb9070a] <1.7>
* README.LDAP:
Fix typos; from Quest Sudo
- [cf258fc69f1a]
+ [cf258fc69f1a] <1.7>
* Makefile.in, configure.in:
Use value of SHELL from configure in Makefile
- [08aaf12221d6]
+ [08aaf12221d6] <1.7>
2010-05-28 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -1579,7 +2533,7 @@
Handle duplicate variables in the environment. For unsetenv(), keep
looking even after remove the first instance. For sudo_putenv(),
check for and remove dupes after we replace an existing value.
- [086c6397d8cd]
+ [086c6397d8cd] <1.7>
2010-04-29 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -1586,13 +2540,13 @@
* visudo.c:
Fix a crash when checking a sudoers file that has aliases that
reference themselves. Based on a diff from David Wood.
- [5efc702a3b35]
+ [5efc702a3b35] <1.7>
2010-04-15 Todd C. Miller <Todd.Miller at courtesan.com>
* alias.c:
Fix use after free in error message when a duplicate alias exists.
- [9eaac49bd22b]
+ [9eaac49bd22b] <1.7>
2010-04-14 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -1600,13 +2554,13 @@
Set errorfile to the sudoers path if we set parse_error manually.
This prevents a NULL dereference in printf() when checking a sudoers
file in strict mode when alias errors are present.
- [b4eed2f0615d]
+ [b4eed2f0615d] <1.7>
2010-04-12 Todd C. Miller <Todd.Miller at courtesan.com>
* TODO, sudoers.cat, sudoers.man.in, sudoers.pod:
Fix typo
- [57198cae9cf5]
+ [57198cae9cf5] <1.7>
2010-04-09 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -1615,17 +2569,17 @@
e.g. "./foo" instead of just returning "foo". This removes an
ambiguity between real commands and possible pseudo-commands in
command matching.
- [fb4d571495fa]
+ [fb4d571495fa] <1.7>
2010-04-07 Todd C. Miller <Todd.Miller at courtesan.com>
* sudoers.cat, sudoers.man.in, sudoers.pod:
Add a note about the security implications of the fast_glob option.
- [84f8097553d9]
+ [84f8097553d9] <1.7>
* memrchr.c:
Remove duplicate includes
- [3e8d90f4c30f]
+ [3e8d90f4c30f] <1.7>
2010-03-22 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -1632,7 +2586,7 @@
* configure, configure.in:
Fix installation of sudoers.ldap in "make install" when --with-ldap
was specified without a directory. From Prof. Dr. Andreas Mueller
- [5177a284b9ff]
+ [5177a284b9ff] <1.7>
2010-03-09 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -1639,7 +2593,7 @@
* match.c:
When doing a glob match, short circuit if gl.gl_pathc is 0. From
Mark Kettenis.
- [549f8f7c2463]
+ [549f8f7c2463] <1.7>
2010-03-08 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -1647,12 +2601,12 @@
Use parent process group id instead of parent process id when
checking foreground status and suspending parent. Fixes an issue
when running commands under /usr/bin/time and others.
- [eac86126e335]
+ [eac86126e335] <1.7>
* env.c:
In setenv(), if the var is empty, return 1 and set errno to EINVAL
instead of returning EINVAL directly.
- [d202091ec15e]
+ [d202091ec15e] <1.7>
2010-02-22 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -1660,17 +2614,17 @@
Check for pseudo-command by looking at the first character of the
command in sudoers instead of checking the user-supplied command for
a slash.
- [88f3181692fe]
+ [88f3181692fe] <1.7>
2010-02-09 Todd C. Miller <Todd.Miller at courtesan.com>
* toke.l:
Avoid a duplicate fclose() of the sudoers file.
- [164d39108dde]
+ [164d39108dde] <1.7>
* toke.l:
Fix size arg when realloc()ing include stack. From Daniel Kopecek
- [8900bccef219]
+ [8900bccef219] <1.7>
2010-02-06 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -1677,12 +2631,12 @@
* aix.c, config.h.in, configure, configure.in:
Use setrlimit64(), if available, instead of setrlimit() when setting
AIX resource limits since rlim_t is 32bits.
- [2cbb14d98fc1]
+ [2cbb14d98fc1] <1.7>
* logging.c:
Fix use after free when sending error messages. From Timo Juhani
Lindfors
- [caf183fd9d94]
+ [caf183fd9d94] <1.7>
2010-01-18 Todd C. Miller <Todd.Miller at courtesan.com>
@@ -1689,13 +2643,13 @@
* ChangeLog, Makefile.in:
Generate the ChangeLog as part of "make dist" instead of having it
in the repo.
- [836c31615859]
+ [836c31615859] <1.7>
2010-01-17 Todd C. Miller <Todd.Miller at courtesan.com>
* Makefile.in:
Generate correct ChangeLog for 1.7 branch.
- [586dd90b8878]
+ [586dd90b8878] <1.7>
2010-01-17 Todd C. Miller <Todd.Miller at courtesan.com>
Modified: trunk/contrib/sudo/INSTALL
===================================================================
--- trunk/contrib/sudo/INSTALL 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/INSTALL 2014-10-02 03:20:49 UTC (rev 6803)
@@ -463,6 +463,11 @@
--without-umask
Preserves the umask of the user invoking sudo.
+ --with-umask-override
+ Use the umask specified in sudoers even if it is less restrictive
+ than the user's. The default is to use the intersection of the
+ user's umask and the umask specified in sudoers.
+
--with-runas-default=USER
The default user to run commands as if the -u flag is not specified
on the command line. This defaults to "root".
@@ -562,6 +567,16 @@
prompt as an argument and print the received password to
the standard output.
+ --without-iologdir
+ Disable sudo's I/O logging support. This can be used to allow sudo
+ to be compiled on systems without pseudo-tty support.
+
+ --with-iologdir[=DIR]
+ By default, sudo stores I/O log files in either /var/log/sudo-io,
+ /var/adm/sudo-sudo-io or /usr/log/sudo-io. If DIR is
+ specified, I/O logs will be stored in the indicated directory
+ instead.
+
--disable-authentication
By default, sudo requires the user to authenticate via a
password or similar means. This options causes sudo to
@@ -603,23 +618,17 @@
if the executable is simply not in the user's path, sudo will tell
the user that they are not allowed to run it, which can be confusing.
- --disable-iologdir
- Disable sudo's I/O logging support. This can be used to allow sudo
- to be compiled on systems without pseudo-tty support.
+ --enable-zlib[=location]
+ Enable the use of the zlib compress library when storing
+ I/O log files. If specified, location is the base directory
+ containing the zlib include and lib directories. The special
+ values "system" and "builtin" can be used to indicate that
+ the system version of zlib should be used or that the version
+ of zlib shipped with sudo should be used instead.
+ If this option is not specified, configure will use the
+ system zlib if it is present and I/O logging support has
+ not been disabled.
- --enable-iologdir[=DIR]
- By default, sudo stores I/O log files in either /var/log/sudo-io,
- /var/adm/sudo-sudo-io or /usr/log/sudo-io. If DIR is
- specified, I/O logs will be stored in the indicated directory
- instead.
-
- --enable-zlib[=DIR]
- Enable the use of the zlib compress library when storing
- I/O log files. If specified, DIR is the base directory
- containing the zlib include and lib directories. By default
- zlib is used if it is found on the system and I/O logging
- support is not disabled.
-
--disable-zlib
Disable the use of the zlib compress library when storing
I/O log files.
@@ -631,6 +640,10 @@
Enable the creation of an Ubuntu-style admin flag file
the first time sudo is run.
+ --disable-env-reset
+ Disable environment resetting. This sets the default value
+ of the "env_reset" Defaults option in sudoers to false.
+
Shadow password and C2 support
==============================
Modified: trunk/contrib/sudo/LICENSE
===================================================================
--- trunk/contrib/sudo/LICENSE 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/LICENSE 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,6 +1,6 @@
Sudo is distributed under the following ISC-style license:
- Copyright (c) 1994-1996, 1998-2010
+ Copyright (c) 1994-1996, 1998-2011
Todd C. Miller <Todd.Miller at courtesan.com>
Permission to use, copy, modify, and distribute this software for any
@@ -19,7 +19,7 @@
Agency (DARPA) and Air Force Research Laboratory, Air Force
Materiel Command, USAF, under agreement number F39502-99-1-0512.
-Additionally, fnmatch.c, fnmatch.h, getcwd.c, glob.c, glob.h and snprintf.c
+The files fnmatch.c, fnmatch.h, getcwd.c, glob.c, glob.h and snprintf.c
bear the following UCB license:
Copyright (c) 1987, 1989, 1990, 1991, 1992, 1993, 1994
@@ -49,7 +49,7 @@
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
SUCH DAMAGE.
-nonunix.h and vasgroups.c bear the following license:
+The files nonunix.h and vasgroups.c bear the following license:
Copyright (c) 2006 Quest Software, Inc. All rights reserved.
@@ -76,3 +76,26 @@
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
+
+The embedded copy of zlib bears the following license:
+
+ Copyright (C) 1995-2010 Jean-loup Gailly and Mark Adler
+
+ This software is provided 'as-is', without any express or implied
+ warranty. In no event will the authors be held liable for any damages
+ arising from the use of this software.
+
+ Permission is granted to anyone to use this software for any purpose,
+ including commercial applications, and to alter it and redistribute it
+ freely, subject to the following restrictions:
+
+ 1. The origin of this software must not be misrepresented; you must not
+ claim that you wrote the original software. If you use this software
+ in a product, an acknowledgment in the product documentation would be
+ appreciated but is not required.
+ 2. Altered source versions must be plainly marked as such, and must not be
+ misrepresented as being the original software.
+ 3. This notice may not be removed or altered from any source distribution.
+
+ Jean-loup Gailly Mark Adler
+ jloup at gzip.org madler at alumni.caltech.edu
Deleted: trunk/contrib/sudo/Makefile
===================================================================
--- trunk/contrib/sudo/Makefile 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/Makefile 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,563 +0,0 @@
-#
-# Copyright (c) 1996, 1998-2005, 2007-2010
-# Todd C. Miller <Todd.Miller at courtesan.com>
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-#
-# Sponsored in part by the Defense Advanced Research Projects
-# Agency (DARPA) and Air Force Research Laboratory, Air Force
-# Materiel Command, USAF, under agreement number F39502-99-1-0512.
-#
-# Makefile. Generated from Makefile.in by configure.
-#
-
-#### Start of system configuration section. ####
-
-srcdir = .
-devdir = $(srcdir)
-authdir = $(srcdir)/auth
-top_builddir = .
-
-# Compiler & tools to use
-CC = gcc
-FLEX = /usr/bin/flex
-YACC = bison -y
-NROFF = nroff -Tascii
-LIBTOOL = $(SHELL) $(top_builddir)/libtool
-AR=ar
-RANLIB=ranlib
-
-# Our install program supports extra flags...
-INSTALL = $(SHELL) $(srcdir)/install-sh -c
-
-# Libraries
-LIBS =
-NET_LIBS =
-SUDO_LIBS = -lutil -lutil -lpam $(LIBS) $(NET_LIBS)
-
-# C preprocessor flags
-CPPFLAGS = -I. -I$(srcdir)
-
-# Usually -O and/or -g
-CFLAGS = -O2
-
-# Flags to pass to the link stage
-LDFLAGS = -L.
-SUDO_LDFLAGS = $(LDFLAGS)
-
-# Where to install things...
-prefix = /usr/local
-exec_prefix = $(prefix)
-bindir = $(exec_prefix)/bin
-sbindir = $(exec_prefix)/sbin
-sysconfdir = /etc
-libexecdir = $(exec_prefix)/libexec
-datarootdir = $(prefix)/share
-docdir = $(datarootdir)/doc/$(PACKAGE_TARNAME)
-mandir = $(prefix)/man
-timedir = /var/db/sudo
-noexecfile = sudo_noexec.so
-noexecdir = ${exec_prefix}/libexec
-
-# Directory in which to install sudo.
-sudodir = $(bindir)
-
-# Directory in which to install visudo
-visudodir = $(sbindir)
-
-# Directory in which to install the sudoers file
-sudoersdir = $(sysconfdir)
-
-# Directory in which to install the man page
-mantype = man
-mansectsu = 8
-mansectform = 5
-mandirsu = $(mandir)/$(mantype)$(mansectsu)
-mandirform = $(mandir)/$(mantype)$(mansectform)
-
-# User and group ids the installed files should be "owned" by
-install_uid = 0
-install_gid = 0
-
-# User, group, and mode the sudoers file should be "owned" by (configure)
-sudoers_uid = 0
-sudoers_gid = 0
-sudoers_mode = 0440
-
-# Pass in paths and uid/gid + OS dependent defined
-DEFS = -D_PATH_SUDOERS=\"$(sudoersdir)/sudoers\" -DSUDOERS_UID=$(sudoers_uid) -DSUDOERS_GID=$(sudoers_gid) -DSUDOERS_MODE=$(sudoers_mode)
-
-#### End of system configuration section. ####
-
-SHELL = /bin/sh
-
-PROGS = sudo visudo sudoreplay libsudo_noexec.la
-
-SRCS = aix.c alias.c alloc.c audit.c boottime.c bsm_audit.c check.c \
- closefrom.c def_data.c defaults.c env.c error.c exec.c exec_pty.c \
- fileops.c find_path.c fnmatch.c get_pty.c getcwd.c getprogname.c \
- getspwuid.c gettime.c glob.c goodpath.c gram.c gram.y interfaces.c \
- iolog.c isblank.c lbuf.c ldap.c linux_audit.c list.c logging.c match.c \
- mksiglist.c mkstemps.c memrchr.c nanosleep.c parse.c parse_args.c \
- pwutil.c set_perms.c setsid.c sigaction.c snprintf.c strcasecmp.c \
- strerror.c strlcat.c strlcpy.c strsignal.c sudo.c sudo_noexec.c \
- sudo_edit.c sudo_nss.c term.c testsudoers.c tgetpass.c toke.c toke.l \
- tsgetgrpw.c utimes.c vasgroups.c visudo.c zero_bytes.c redblack.c \
- selinux.c sesh.c sudoreplay.c getdate.c getdate.y getline.c \
- timestr.c $(AUTH_SRCS)
-
-AUTH_SRCS = auth/afs.c auth/aix_auth.c auth/bsdauth.c auth/dce.c auth/fwtk.c \
- auth/kerb4.c auth/kerb5.c auth/pam.c auth/passwd.c auth/rfc1938.c \
- auth/secureware.c auth/securid.c auth/securid5.c auth/sia.c \
- auth/sudo_auth.c
-
-HDRS = alloc.h bsm_audit.h compat.h def_data.h defaults.h error.h ins_2001.h \
- ins_classic.h ins_csops.h ins_goons.h insults.h interfaces.h lbuf.h \
- linux_audit.h list.h logging.h missing.h mksiglist.h nonunix.h \
- redblack.h parse.h sudo.h sudo_exec.h sudo_nss.h gram.h \
- auth/sudo_auth.h emul/charclass.h emul/fnmatch.h emul/glob.h \
- emul/timespec.h emul/utime.h
-
-AUTH_OBJS = sudo_auth.o pam.o
-
-COMMON_OBJS = alias.o alloc.o defaults.o error.o gram.o \
- list.o match.o pwutil.o timestr.o toke.o redblack.o \
- term.o zero_bytes.o
-
-SUDO_OBJS = $(AUTH_OBJS) exec_pty.o get_pty.o iolog.o audit.o boottime.o check.o env.o \
- exec.o getspwuid.o gettime.o goodpath.o fileops.o find_path.o \
- interfaces.o lbuf.o logging.o parse.o parse_args.o set_perms.o \
- sudo.o sudo_edit.o sudo_nss.o tgetpass.o
-
-VISUDO_OBJS = visudo.o fileops.o gettime.o goodpath.o find_path.o
-
-REPLAY_OBJS = getdate.o sudoreplay.o
-
-TEST_OBJS = interfaces.o testsudoers.o tsgetgrpw.o
-
-LIB_OBJS = ${LIBOBJDIR}getline$U.o ${LIBOBJDIR}memrchr$U.o ${LIBOBJDIR}closefrom$U.o
-
-VERSION = 1.7.4p6
-PACKAGE_TARNAME = sudo
-
-DISTFILES = $(SRCS) $(HDRS) ChangeLog HISTORY INSTALL INSTALL.configure \
- LICENSE Makefile.in NEWS PORTING README README.LDAP \
- TROUBLESHOOTING UPGRADE aclocal.m4 aixcrypt.exp config.guess \
- config.h.in config.sub configure configure.in def_data.in \
- indent.pro install-sh ltmain.sh m4 mkdefaults mkinstalldirs \
- mkpkg pathnames.h.in pp sample.pam sample.syslog.conf \
- sample.sudoers schema.ActiveDirectory schema.OpenLDAP \
- schema.iPlanet siglist.in sudo.cat sudo.man.in sudo.pod sudo.pp \
- sudo_usage.h.in sudoers.in sudoers.cat sudoers.man.in sudoers.pod \
- sudoers.ldap.cat sudoers.ldap.man.in sudoers.ldap.pod \
- sudoers2ldif sudoreplay.cat sudoreplay.man.in sudoreplay.pod \
- visudo.cat visudo.man.in visudo.pod auth/API sudo.man.pl \
- sudoers.man.pl
-
-SUDODEP = $(srcdir)/sudo.h $(srcdir)/alloc.h $(srcdir)/compat.h \
- $(srcdir)/defaults.h $(srcdir)/error.h $(srcdir)/list.h \
- $(srcdir)/logging.h $(srcdir)/missing.h $(srcdir)/sudo_nss.h \
- $(devdir)/def_data.h pathnames.h config.h
-
-AUTHDEP = $(SUDODEP) $(authdir)/sudo_auth.h
-
-INSDEP = $(srcdir)/ins_2001.h $(srcdir)/ins_classic.h $(srcdir)/ins_csops.h \
- $(srcdir)/ins_goons.h $(srcdir)/insults.h
-
-all: $(PROGS)
-
-.SUFFIXES: .o .c .h .l .y .lo
-
-.c.o:
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $<
-
-.c.lo:
- $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $<
-
-libsudo.a: $(LIB_OBJS) $(COMMON_OBJS)
- $(AR) rv $@ $(LIB_OBJS) $(COMMON_OBJS)
- $(RANLIB) $@
-
-sudo: libsudo.a $(SUDO_OBJS)
- $(CC) -o $@ $(SUDO_OBJS) $(SUDO_LDFLAGS) -lsudo $(SUDO_LIBS) -lz
-
-visudo: libsudo.a $(VISUDO_OBJS)
- $(CC) -o $@ $(VISUDO_OBJS) $(LDFLAGS) -lsudo $(LIBS) $(NET_LIBS)
-
-sudoreplay: libsudo.a $(REPLAY_OBJS)
- $(CC) -o $@ $(REPLAY_OBJS) $(LDFLAGS) -lsudo $(LIBS) -lz
-
-testsudoers: $(TEST_OBJS)
- $(CC) -o $@ $(TEST_OBJS) $(LDFLAGS) -lsudo $(LIBS) $(NET_LIBS)
-
-sudo_noexec.lo: $(srcdir)/sudo_noexec.c
- $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudo_noexec.c
-
-libsudo_noexec.la: sudo_noexec.lo
- $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) -o $@ sudo_noexec.lo -avoid-version -rpath $(noexecdir)
-
-# Uncomment the following if you want "make distclean" to clean the parser
-#GENERATED = gram.h gram.c toke.c def_data.c def_data.h getdate
-
-# Uncomment the lines before - at true if you intend to modify gram.y
-$(devdir)/gram.c $(devdir)/gram.h: $(srcdir)/gram.y
-# $(YACC) -d $(srcdir)/gram.y
-# mv -f y.tab.c gram.c
-# if cmp -s y.tab.h gram.h; then rm -f y.tab.h; else mv -f y.tab.h gram.h; fi
- - at true
-
-# Uncomment the lines before - at true if you intend to modify toke.l
-$(devdir)/toke.c: $(srcdir)/toke.l
-# $(FLEX) $(srcdir)/toke.l
-# mv -f lex.yy.c toke.c
- - at true
-
-# Uncomment the lines before - at true if you intend to modify getdate.y
-$(devdir)/getdate.c: $(srcdir)/getdate.y
-# echo "expect 10 shift/reduce conflicts"
-# $(YACC) $(srcdir)/getdate.y
-# mv -f y.tab.c getdate.c
- - at true
-
-# Uncomment the following if you intend to modify def_data.in
-#$(devdir)/def_data.h $(devdir)/def_data.c: $(srcdir)/def_data.in
-# perl $(srcdir)/mkdefaults -o def_data $(srcdir)/def_data.in
-
-siglist.c: mksiglist
- ./mksiglist > $@
-
-mksiglist: $(srcdir)/mksiglist.c $(srcdir)/mksiglist.h $(srcdir)/compat.h $(top_builddir)/config.h
- $(CC) $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/mksiglist.c -o $@
-
-#$(srcdir)/mksiglist.h: $(srcdir)/siglist.in
-# awk 'BEGIN {print "/* public domain */\n"} /^ [A-Z]/ {printf("#ifdef SIG%s\n if (my_sys_siglist[SIG%s] == NULL)\n\tmy_sys_siglist[SIG%s] = \"%s\";\n#endif\n", $$1, $$1, $$1, substr($$0, 13))}' < $(srcdir)/siglist.in > $@
-
-# Dependencies (not counting auth functions)
-aix.o: $(srcdir)/aix.c
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/aix.c
-alias.o: $(srcdir)/alias.c $(SUDODEP) $(srcdir)/parse.h $(srcdir)/list.h $(srcdir)/redblack.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/alias.c
-alloc.o: $(srcdir)/alloc.c $(SUDODEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/alloc.c
-audit.o: $(srcdir)/audit.c $(SUDODEP) $(srcdir)/bsm_audit.h $(srcdir)/linux_audit.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/audit.c
-boottime.o: $(srcdir)/boottime.c config.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/boottime.c
-bsm_audit.o: $(srcdir)/bsm_audit.c $(SUDODEP) $(srcdir)/bsm_audit.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/bsm_audit.c
-check.o: $(srcdir)/check.c $(SUDODEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/check.c
-closefrom.o: $(srcdir)/closefrom.c config.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/closefrom.c
-defaults.o: $(srcdir)/defaults.c $(SUDODEP) $(srcdir)/def_data.c $(authdir)/sudo_auth.h $(devdir)/gram.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/defaults.c
-env.o: $(srcdir)/env.c $(SUDODEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/env.c
-error.o: $(srcdir)/error.c $(srcdir)/compat.h $(srcdir)/error.h config.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/error.c
-exec.o: $(srcdir)/exec.c $(SUDODEP) $(srcdir)/sudo_exec.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/exec.c
-exec_pty.o: $(srcdir)/exec.c $(SUDODEP) $(srcdir)/sudo_exec.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/exec_pty.c
-fileops.o: $(srcdir)/fileops.c $(SUDODEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/fileops.c
-find_path.o: $(srcdir)/find_path.c $(SUDODEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/find_path.c
-fnmatch.o: $(srcdir)/fnmatch.c $(srcdir)/emul/fnmatch.h $(srcdir)/compat.h config.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/fnmatch.c
-get_pty.o: $(srcdir)/get_pty.c $(SUDODEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/get_pty.c
-getcwd.o: $(srcdir)/getcwd.c $(srcdir)/compat.h config.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/getcwd.c
-getdate.o: $(srcdir)/getdate.c $(srcdir)/compat.h config.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/getdate.c
-getline.o: $(srcdir)/getline.c config.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/getline.c
-getprogname.o: $(srcdir)/getprogname.c config.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/getprogname.c
-getspwuid.o: $(srcdir)/getspwuid.c $(SUDODEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/getspwuid.c
-gettime.o: $(srcdir)/gettime.c $(SUDODEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/gettime.c
-glob.o: $(srcdir)/glob.c $(srcdir)/emul/glob.h $(srcdir)/compat.h config.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/glob.c
-goodpath.o: $(srcdir)/goodpath.c $(SUDODEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/goodpath.c
-gram.o: $(devdir)/gram.c $(SUDODEP) $(srcdir)/parse.h $(srcdir)/list.h $(devdir)/gram.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(devdir)/gram.c
-interfaces.o: $(srcdir)/interfaces.c $(SUDODEP) $(srcdir)/interfaces.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/interfaces.c
-iolog.o: $(srcdir)/iolog.c $(SUDODEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/iolog.c
-isblank.o: $(srcdir)/isblank.c $(srcdir)/compat.h config.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/isblank.c
-lbuf.o: $(srcdir)/lbuf.c $(SUDODEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/lbuf.c
-ldap.o: $(srcdir)/ldap.c $(SUDODEP) $(srcdir)/parse.h $(srcdir)/list.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/ldap.c
-linux_audit.o: $(srcdir)/linux_audit.c $(SUDODEP) $(srcdir)/linux_audit.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/linux_audit.c
-list.o: $(srcdir)/list.c $(SUDODEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/list.c
-logging.o: $(srcdir)/logging.c $(SUDODEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/logging.c
-match.o: $(srcdir)/match.c $(SUDODEP) $(srcdir)/parse.h $(srcdir)/list.h $(srcdir)/interfaces.h $(devdir)/gram.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/match.c
-memrchr.o: $(srcdir)/memrchr.c $(SUDODEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/memrchr.c
-mkstemps.o: $(srcdir)/mkstemps.c $(SUDODEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/mkstemps.c
-nanosleep.o: $(srcdir)/nanosleep.c $(srcdir)/compat.h config.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/nanosleep.c
-parse.o: $(srcdir)/parse.c $(SUDODEP) $(srcdir)/parse.h $(srcdir)/list.h $(devdir)/gram.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/parse.c
-parse_args.o: $(srcdir)/parse_args.c $(SUDODEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/parse_args.c
-pwutil.o: $(srcdir)/pwutil.c $(SUDODEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/pwutil.c
-redblack.o: $(srcdir)/redblack.c $(SUDODEP) $(srcdir)/redblack.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/redblack.c
-set_perms.o: $(srcdir)/set_perms.c $(SUDODEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/set_perms.c
-setsid.o: $(srcdir)/setsid.c $(srcdir)/compat.h config.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/setsid.c
-sigaction.o: $(srcdir)/sigaction.c $(srcdir)/compat.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sigaction.c
-siglist.o: siglist.c $(srcdir)/compat.h config.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/siglist.c
-snprintf.o: $(srcdir)/snprintf.c $(srcdir)/compat.h config.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/snprintf.c
-strcasecmp.o: $(srcdir)/strcasecmp.c $(srcdir)/compat.h config.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/strcasecmp.c
-strerror.o: $(srcdir)/strerror.c $(srcdir)/compat.h config.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/strerror.c
-strlcat.o: $(srcdir)/strlcat.c $(srcdir)/compat.h config.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/strlcat.c
-strlcpy.o: $(srcdir)/strlcpy.c $(srcdir)/compat.h config.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/strlcpy.c
-strsignal.o: $(srcdir)/strsignal.c $(srcdir)/compat.h config.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/strsignal.c
-selinux.o: $(srcdir)/selinux.c $(SUDODEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/selinux.c
-sudo.o: $(srcdir)/sudo.c $(SUDODEP) sudo_usage.h $(srcdir)/interfaces.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudo.c
-sudoreplay.o: $(srcdir)/sudoreplay.c $(srcdir)/alloc.h $(srcdir)/compat.h $(srcdir)/error.h $(srcdir)/missing.h config.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudoreplay.c
-sudo_edit.o: $(srcdir)/sudo_edit.c $(SUDODEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudo_edit.c
-sudo_noexec.o: $(srcdir)/sudo_noexec.c $(srcdir)/compat.h config.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudo_noexec.c
-sudo_nss.o: $(srcdir)/sudo_nss.c $(SUDODEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudo_nss.c
-term.o: $(srcdir)/term.c $(SUDODEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/term.c
-testsudoers.o: $(srcdir)/testsudoers.c $(SUDODEP) $(srcdir)/parse.h $(srcdir)/list.h $(srcdir)/interfaces.h $(devdir)/gram.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/testsudoers.c
-tgetpass.o: $(srcdir)/tgetpass.c $(SUDODEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/tgetpass.c
-timestr.o: $(srcdir)/timestr.c $(srcdir)/compat.h config.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/timestr.c
-toke.o: $(devdir)/toke.c $(SUDODEP) $(srcdir)/parse.h $(srcdir)/list.h $(devdir)/gram.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(devdir)/toke.c
-tsgetgrpw.o: $(srcdir)/tsgetgrpw.c $(SUDODEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/tsgetgrpw.c
-utimes.o: $(srcdir)/utimes.c $(srcdir)/compat.h $(srcdir)/emul/utime.h config.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/utimes.c
-vasgroups.o: $(srcdir)/vasgroups.c $(srcdir)/nonunix.h $(SUDODEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/vasgroups.c
-visudo.o: $(srcdir)/visudo.c $(SUDODEP) $(devdir)/gram.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/visudo.c
-zero_bytes.o: $(srcdir)/zero_bytes.c $(srcdir)/compat.h config.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/zero_bytes.c
-sudo_auth.o: $(authdir)/sudo_auth.c $(AUTHDEP) $(INSDEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(authdir)/sudo_auth.c
-afs.o: $(authdir)/afs.c $(AUTHDEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(authdir)/afs.c
-aix_auth.o: $(authdir)/aix_auth.c $(AUTHDEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(authdir)/aix_auth.c
-bsdauth.o: $(authdir)/bsdauth.c $(AUTHDEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(authdir)/bsdauth.c
-dce.o: $(authdir)/dce.c $(AUTHDEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(authdir)/dce.c
-fwtk.o: $(authdir)/fwtk.c $(AUTHDEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(authdir)/fwtk.c
-kerb4.o: $(authdir)/kerb4.c $(AUTHDEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(authdir)/kerb4.c
-kerb5.o: $(authdir)/kerb5.c $(AUTHDEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(authdir)/kerb5.c
-pam.o: $(authdir)/pam.c $(AUTHDEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(authdir)/pam.c
-passwd.o: $(authdir)/passwd.c $(AUTHDEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(authdir)/passwd.c
-rfc1938.o: $(authdir)/rfc1938.c $(AUTHDEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(authdir)/rfc1938.c
-secureware.o: $(authdir)/secureware.c $(AUTHDEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(authdir)/secureware.c
-securid.o: $(authdir)/securid.c $(AUTHDEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(authdir)/securid.c
-securid5.o: $(authdir)/securid5.c $(AUTHDEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(authdir)/securid5.c
-sia.o: $(authdir)/sia.c $(AUTHDEP)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(authdir)/sia.c
-
-#varsub: $(srcdir)/configure.in
-# printf 's#@%s@#1#\ns#@%s@#1#\ns#@%s@#1#\ns#@%s@#/etc#g\ns#@%s@#/usr/local#g\ns#@%s@#4#g\ns#@%s@#1m#g\n' SEMAN BAMAN LCMAN sysconfdir prefix mansectform mansectsu > $@; sed -n '/Begin initial values for man page substitution/,/End initial values for man page substitution/{;p;}' $(srcdir)/configure.in | sed -e '/^#/d' -e 's/^/s#@/' -e 's/=[\\"]*/@#/' -e 's/[\\"]*$$/#g/' >> $@
-
-#$(srcdir)/sudo.man.in: $(srcdir)/sudo.pod
-# mansectsu=`echo @MANSECTSU@|tr A-Z a-z`; mansectform=`echo @MANSECTFORM@|tr A-Z a-z`; sed -n -e '/^=pod/q' -e 's/^/.\\" /p' $(srcdir)/sudo.pod > $@; pod2man --quotes=none --date="`date '+%B %e, %Y'`" --section=$$mansectsu --release=$(VERSION) --center="MAINTENANCE COMMANDS" $(srcdir)/sudo.pod | sed -e "s/(5)/($$mansectform)/" -e "s/(8)/($$mansectsu)/" | perl -p $(srcdir)/sudo.man.pl >> $@
-
-sudo.man: $(srcdir)/sudo.man.in
- $(SHELL) config.status --file=$@
-
-#$(srcdir)/sudo.cat: varsub $(srcdir)/sudo.man.in
-# sed -f varsub $(srcdir)/sudo.man.in | $(NROFF) -man > $@
-
-#$(srcdir)/visudo.man.in: $(srcdir)/visudo.pod
-# mansectsu=`echo @MANSECTSU@|tr A-Z a-z`; mansectform=`echo @MANSECTFORM@|tr A-Z a-z`; sed -n -e '/^=pod/q' -e 's/^/.\\" /p' $(srcdir)/visudo.pod > $@; pod2man --quotes=none --date="`date '+%B %e, %Y'`" --section=$$mansectsu --release=$(VERSION) --center="MAINTENANCE COMMANDS" $(srcdir)/visudo.pod | sed -e "s/(5)/($$mansectform)/" -e "s/(8)/($$mansectsu)/" -e 's|\\fI\\f\((CW*\)*I@\([^@]*\)\\fI@|\\fI@\2@|g' >> $@
-
-visudo.man: $(srcdir)/visudo.man.in
- $(SHELL) config.status --file=$@
-
-#$(srcdir)/visudo.cat: varsub $(srcdir)/visudo.man.in
-# sed -f varsub $(srcdir)/visudo.man.in | $(NROFF) -man > $@
-
-#$(srcdir)/sudoers.man.in: $(srcdir)/sudoers.pod
-# mansectsu=`echo @MANSECTSU@|tr A-Z a-z`; mansectform=`echo @MANSECTFORM@|tr A-Z a-z`; sed -n -e '/^=pod/q' -e 's/^/.\\" /p' $(srcdir)/sudoers.pod > $@; pod2man --quotes=none --date="`date '+%B %e, %Y'`" --section=$$mansectform --release=$(VERSION) --center="MAINTENANCE COMMANDS" $(srcdir)/sudoers.pod | sed -e "s/(5)/($$mansectform)/" -e "s/(8)/($$mansectsu)/" | perl -p $(srcdir)/sudoers.man.pl >> $@
-
-sudoers.man: $(srcdir)/sudoers.man.in
- $(SHELL) config.status --file=$@
-
-#$(srcdir)/sudoers.cat: varsub $(srcdir)/sudoers.man.in
-# sed -f varsub $(srcdir)/sudoers.man.in | $(NROFF) -man > $@
-
-#$(srcdir)/sudoers.ldap.man.in: $(srcdir)/sudoers.ldap.pod
-# mansectsu=`echo @MANSECTSU@|tr A-Z a-z`; mansectform=`echo @MANSECTFORM@|tr A-Z a-z`; sed -n -e '/^=pod/q' -e 's/^/.\\" /p' $(srcdir)/sudoers.ldap.pod > $@; pod2man --quotes=none --date="`date '+%B %e, %Y'`" --section=$$mansectform --release=$(VERSION) --center="MAINTENANCE COMMANDS" $(srcdir)/sudoers.ldap.pod | sed -e "s/(5)/($$mansectform)/" -e "s/(8)/($$mansectsu)/" -e 's|\\fI\\f\((CW*\)*I@\([^@]*\)\\fI@|\\fI@\2@|g' >> $@
-
-sudoers.ldap.man: $(srcdir)/sudoers.ldap.man.in
- $(SHELL) config.status --file=$@
-
-#$(srcdir)/sudoers.ldap.cat: varsub $(srcdir)/sudoers.ldap.man.in
-# sed -f varsub $(srcdir)/sudoers.ldap.man.in | $(NROFF) -man > $@
-
-#$(srcdir)/sudoreplay.man.in: $(srcdir)/sudoreplay.pod
-# mansectsu=`echo @MANSECTSU@|tr A-Z a-z`; mansectform=`echo @MANSECTFORM@|tr A-Z a-z`; sed -n -e '/^=pod/q' -e 's/^/.\\" /p' $(srcdir)/sudoreplay.pod > $@; pod2man --quotes=none --date="`date '+%B %e, %Y'`" --section=$$mansectsu --release=$(VERSION) --center="MAINTENANCE COMMANDS" $(srcdir)/sudoreplay.pod | sed -e "s/(5)/($$mansectform)/" -e "s/(8)/($$mansectsu)/" -e 's|\\fI\\f\((CW*\)*I@\([^@]*\)\\fI@|\\fI@\2@|g' >> $@
-
-sudoreplay.man: $(srcdir)/sudoreplay.man.in
- $(SHELL) config.status --file=$@
-
-#$(srcdir)/sudoreplay.cat: varsub $(srcdir)/sudoreplay.man.in
-# sed -f varsub $(srcdir)/sudoreplay.man.in | $(NROFF) -man > $@
-
-#HISTORY: $(srcdir)/history.pod
-# pod2text -l -i0 $(srcdir)/history.pod > $@
-#
-#LICENSE: $(srcdir)/license.pod
-# pod2text -l -i0 $(srcdir)/license.pod | sed '1,2d' > $@
-
-sudoers: $(srcdir)/sudoers.in
- (cd $(top_builddir) && $(SHELL) config.status --file=plugins/sudoers/$@)
-
-# The 1.7 branch started Jan 18, 2010
-ChangeLog:
- if test -d $(srcdir)/.hg; then \
- hg log --style=changelog -b 1.7 > $@; \
- hg log --style=changelog -b default --date '<2010-01-18 00:00:00' >> $@; \
- fi
-
-install: install-dirs install-binaries install-noexec install-sudoers install-doc
-
-install-dirs:
- $(SHELL) $(srcdir)/mkinstalldirs $(DESTDIR)$(sudodir) \
- $(DESTDIR)$(visudodir) $(DESTDIR)$(noexecdir) \
- $(DESTDIR)$(sudoersdir) $(DESTDIR)$(docdir) \
- $(DESTDIR)$(mandirsu) $(DESTDIR)$(mandirform)
- $(SHELL) $(srcdir)/mkinstalldirs -m 0700 $(DESTDIR)$(timedir)
-
-install-binaries: install-dirs $(PROGS)
- $(INSTALL) -b~ -O $(install_uid) -G $(install_gid) -M 04111 sudo $(DESTDIR)$(sudodir)/sudo
- rm -f $(DESTDIR)$(sudodir)/sudoedit
- ln $(DESTDIR)$(sudodir)/sudo $(DESTDIR)$(sudodir)/sudoedit
- if [ -f sudoreplay ]; then $(INSTALL) -b~ -O $(install_uid) -G $(install_gid) -M 0111 sudoreplay $(DESTDIR)$(sudodir)/sudoreplay; fi
- $(INSTALL) -b~ -O $(install_uid) -G $(install_gid) -M 0111 visudo $(DESTDIR)$(visudodir)/visudo
- if [ -f sesh ]; then $(INSTALL) -b~ -O $(install_uid) -G $(install_gid) -M 0111 sesh $(DESTDIR)$(libexecdir)/sesh; fi
-
-install-noexec: install-dirs libsudo_noexec.la
- if [ -f .libs/lib$(noexecfile) ]; then $(INSTALL) -b~ -O $(install_uid) -G $(install_gid) -M 0755 .libs/lib$(noexecfile) $(DESTDIR)$(noexecdir)/$(noexecfile); fi
-
-install-sudoers: install-dirs
- $(INSTALL) -d -O $(sudoers_uid) -G $(sudoers_gid) -M 0750 \
- $(DESTDIR)$(sudoersdir)/sudoers.d
- test -f $(DESTDIR)$(sudoersdir)/sudoers || \
- $(INSTALL) -O $(sudoers_uid) -G $(sudoers_gid) -M $(sudoers_mode) \
- sudoers $(DESTDIR)$(sudoersdir)/sudoers
-
-install-doc: install-dirs ChangeLog
- (cd $(srcdir) && for f in ChangeLog HISTORY LICENSE NEWS README TROUBLESHOOTING UPGRADE sample.*; do $(INSTALL) -O $(install_uid) -G $(install_gid) -M 0444 $$f $(DESTDIR)$(docdir); done)
- #(cd $(srcdir) && for f in README.LDAP schema.* sudoers2ldif; do $(INSTALL) -O $(install_uid) -G $(install_gid) -M 0444 $$f $(DESTDIR)$(docdir); done)
- $(INSTALL) -O $(install_uid) -G $(install_gid) -M 0444 ./sudo.$(mantype) $(DESTDIR)$(mandirsu)/sudo.$(mansectsu)
- @rm -f $(DESTDIR)$(mandirsu)/sudoedit.$(mansectsu)
- ln $(DESTDIR)$(mandirsu)/sudo.$(mansectsu) $(DESTDIR)$(mandirsu)/sudoedit.$(mansectsu)
- $(INSTALL) -O $(install_uid) -G $(install_gid) -M 0444 ./sudoreplay.$(mantype) $(DESTDIR)$(mandirsu)/sudoreplay.$(mansectsu)
- $(INSTALL) -O $(install_uid) -G $(install_gid) -M 0444 ./visudo.$(mantype) $(DESTDIR)$(mandirsu)/visudo.$(mansectsu)
- $(INSTALL) -O $(install_uid) -G $(install_gid) -M 0444 ./sudoers.$(mantype) $(DESTDIR)$(mandirform)/sudoers.$(mansectform)
- #$(INSTALL) -O $(install_uid) -G $(install_gid) -M 0444 ./sudoers.ldap.$(mantype) $(DESTDIR)$(mandirform)/sudoers.ldap.$(mansectform)
-
-
-check:
- @echo nothing to check
-
-clean:
- -rm -f *.a *.o *.lo stamp-* varsub $(PROGS) testsudoers core *.core core.*
-
-mostlyclean: clean
-
-distclean: clean
- -rm -rf Makefile pathnames.h config.h config.status config.cache \
- config.log libtool sudoers sudo_noexec.lo .libs $(GENERATED) \
- sudo.man sudoers.man sudoers.ldap.man sudoreplay.man \
- visudo.man sudo_usage.h Makefile.binary
-
-clobber: distclean
-
-realclean: distclean
- rm -f TAGS tags
-
-cleandir: realclean
-
-dist: ChangeLog
- pax -w -x ustar -s '/^/$(PACKAGE_TARNAME)-$(VERSION)\//' \
- -f ../$(PACKAGE_TARNAME)-$(VERSION).tar $(DISTFILES)
- gzip -9f ../$(PACKAGE_TARNAME)-$(VERSION).tar
- ls -l ../$(PACKAGE_TARNAME)-$(VERSION).tar.gz
-
-package: sudo.pp
- DESTDIR=`cd $(top_builddir) && pwd`/destdir; rm -rf $$DESTDIR; \
- $(MAKE) install DESTDIR=$$DESTDIR && \
- $(SHELL) $(srcdir)/pp $(PPFLAGS) \
- --destdir=$$DESTDIR \
- $(srcdir)/sudo.pp \
- bindir=$(bindir) \
- sbindir=$(sbindir) \
- libexecdir=$(libexecdir) \
- timedir=$(timedir) \
- mandir=$(mandir) \
- docdir=$(docdir) \
- sysconfdir=$(sysconfdir) \
- sudoersdir=$(sudoersdir) \
- sudoers_uid=$(sudoers_uid) \
- sudoers_gid=$(sudoers_gid) \
- sudoers_mode=$(sudoers_mode) \
- version=$(VERSION) $(PPVARS)
-
-.PHONY: ChangeLog
Modified: trunk/contrib/sudo/Makefile.in
===================================================================
--- trunk/contrib/sudo/Makefile.in 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/Makefile.in 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,5 +1,5 @@
#
-# Copyright (c) 1996, 1998-2005, 2007-2010
+# Copyright (c) 1996, 1998-2005, 2007-2011
# Todd C. Miller <Todd.Miller at courtesan.com>
#
# Permission to use, copy, modify, and distribute this software for any
@@ -64,6 +64,7 @@
sysconfdir = @sysconfdir@
libexecdir = @libexecdir@
datarootdir = @datarootdir@
+localstatedir = @localstatedir@
docdir = @docdir@
mandir = @mandir@
timedir = @timedir@
@@ -113,8 +114,8 @@
pwutil.c set_perms.c setsid.c sigaction.c snprintf.c strcasecmp.c \
strerror.c strlcat.c strlcpy.c strsignal.c sudo.c sudo_noexec.c \
sudo_edit.c sudo_nss.c term.c testsudoers.c tgetpass.c toke.c toke.l \
- tsgetgrpw.c utimes.c vasgroups.c visudo.c zero_bytes.c redblack.c \
- selinux.c sesh.c sudoreplay.c getdate.c getdate.y getline.c \
+ toke_util.c tsgetgrpw.c utimes.c vasgroups.c visudo.c zero_bytes.c \
+ redblack.c selinux.c sesh.c sudoreplay.c getdate.c getdate.y getline.c \
timestr.c $(AUTH_SRCS)
AUTH_SRCS = auth/afs.c auth/aix_auth.c auth/bsdauth.c auth/dce.c auth/fwtk.c \
@@ -122,10 +123,10 @@
auth/secureware.c auth/securid.c auth/securid5.c auth/sia.c \
auth/sudo_auth.c
-HDRS = alloc.h bsm_audit.h compat.h def_data.h defaults.h error.h ins_2001.h \
+HDRS = alloc.h bsm_audit.h def_data.h defaults.h error.h ins_2001.h \
ins_classic.h ins_csops.h ins_goons.h insults.h interfaces.h lbuf.h \
linux_audit.h list.h logging.h missing.h mksiglist.h nonunix.h \
- redblack.h parse.h sudo.h sudo_exec.h sudo_nss.h gram.h \
+ redblack.h parse.h sudo.h sudo_exec.h sudo_nss.h gram.h toke.h \
auth/sudo_auth.h emul/charclass.h emul/fnmatch.h emul/glob.h \
emul/timespec.h emul/utime.h
@@ -132,11 +133,11 @@
AUTH_OBJS = sudo_auth.o @AUTH_OBJS@
COMMON_OBJS = alias.o alloc.o defaults.o error.o gram.o \
- list.o match.o pwutil.o timestr.o toke.o redblack.o \
+ list.o match.o pwutil.o timestr.o toke.o toke_util.o redblack.o \
term.o zero_bytes.o @COMMON_OBJS@
SUDO_OBJS = $(AUTH_OBJS) @SUDO_OBJS@ audit.o boottime.o check.o env.o \
- exec.o getspwuid.o gettime.o goodpath.o fileops.o find_path.o \
+ exec.o gettime.o goodpath.o fileops.o find_path.o \
interfaces.o lbuf.o logging.o parse.o parse_args.o set_perms.o \
sudo.o sudo_edit.o sudo_nss.o tgetpass.o
@@ -148,6 +149,10 @@
LIB_OBJS = @LIBOBJS@
+ZLIB_OBJS = adler32.o compress.o crc32.o deflate.o gzclose.o gzlib.o \
+ gzread.o gzwrite.o infback.o inffast.o inflate.o inftrees.o \
+ trees.o uncompr.o zutil.o
+
VERSION = @PACKAGE_VERSION@
PACKAGE_TARNAME = @PACKAGE_TARNAME@
@@ -163,13 +168,21 @@
sudoers.ldap.cat sudoers.ldap.man.in sudoers.ldap.pod \
sudoers2ldif sudoreplay.cat sudoreplay.man.in sudoreplay.pod \
visudo.cat visudo.man.in visudo.pod auth/API sudo.man.pl \
- sudoers.man.pl
+ sudoers.man.pl $(ZLIB_FILES)
-SUDODEP = $(srcdir)/sudo.h $(srcdir)/alloc.h $(srcdir)/compat.h \
- $(srcdir)/defaults.h $(srcdir)/error.h $(srcdir)/list.h \
- $(srcdir)/logging.h $(srcdir)/missing.h $(srcdir)/sudo_nss.h \
- $(devdir)/def_data.h pathnames.h config.h
+ZLIB_FILES = zlib/adler32.c zlib/compress.c zlib/crc32.c zlib/crc32.h \
+ zlib/deflate.c zlib/deflate.h zlib/gzclose.c zlib/gzguts.h \
+ zlib/gzlib.c zlib/gzread.c zlib/gzwrite.c zlib/infback.c \
+ zlib/inffast.c zlib/inffast.h zlib/inffixed.h zlib/inflate.c \
+ zlib/inflate.h zlib/inftrees.c zlib/inftrees.h zlib/trees.c \
+ zlib/trees.h zlib/uncompr.c zlib/zconf.h.in zlib/zlib.h \
+ zlib/zutil.c zlib/zutil.h
+SUDODEP = $(srcdir)/sudo.h $(srcdir)/alloc.h $(srcdir)/defaults.h \
+ $(srcdir)/error.h $(srcdir)/list.h $(srcdir)/logging.h \
+ $(srcdir)/missing.h $(srcdir)/sudo_nss.h $(devdir)/def_data.h \
+ pathnames.h config.h
+
AUTHDEP = $(SUDODEP) $(authdir)/sudo_auth.h
INSDEP = $(srcdir)/ins_2001.h $(srcdir)/ins_classic.h $(srcdir)/ins_csops.h \
@@ -189,13 +202,17 @@
$(AR) rv $@ $(LIB_OBJS) $(COMMON_OBJS)
$(RANLIB) $@
-sudo: libsudo.a $(SUDO_OBJS)
+libz.a: $(ZLIB_OBJS)
+ $(AR) rv $@ $(ZLIB_OBJS)
+ $(RANLIB) $@
+
+sudo: libsudo.a @ZLIB_DEP@ $(SUDO_OBJS)
$(CC) -o $@ $(SUDO_OBJS) $(SUDO_LDFLAGS) -lsudo $(SUDO_LIBS) @ZLIB@
visudo: libsudo.a $(VISUDO_OBJS)
$(CC) -o $@ $(VISUDO_OBJS) $(LDFLAGS) -lsudo $(LIBS) $(NET_LIBS)
-sudoreplay: libsudo.a $(REPLAY_OBJS)
+sudoreplay: libsudo.a @ZLIB_DEP@ $(REPLAY_OBJS)
$(CC) -o $@ $(REPLAY_OBJS) $(LDFLAGS) -lsudo $(LIBS) @ZLIB@
testsudoers: $(TEST_OBJS)
@@ -213,14 +230,18 @@
# Uncomment the lines before - at true if you intend to modify gram.y
$(devdir)/gram.c $(devdir)/gram.h: $(srcdir)/gram.y
@DEV@ $(YACC) -d $(srcdir)/gram.y
- at DEV@ mv -f y.tab.c gram.c
- at DEV@ if cmp -s y.tab.h gram.h; then rm -f y.tab.h; else mv -f y.tab.h gram.h; fi
+ at DEV@ echo "#include <config.h>" > $(devdir)/gram.c
+ at DEV@ cat y.tab.c >> $(devdir)/gram.c
+ at DEV@ rm -f y.tab.c
+ at DEV@ mv -f y.tab.h $(devdir)/gram.h
- at true
# Uncomment the lines before - at true if you intend to modify toke.l
$(devdir)/toke.c: $(srcdir)/toke.l
@DEV@ $(FLEX) $(srcdir)/toke.l
- at DEV@ mv -f lex.yy.c toke.c
+ at DEV@ echo "#include <config.h>" > $(devdir)/toke.c
+ at DEV@ cat lex.yy.c >> $(devdir)/toke.c
+ at DEV@ rm -f lex.yy.c
- at true
# Uncomment the lines before - at true if you intend to modify getdate.y
@@ -227,7 +248,9 @@
$(devdir)/getdate.c: $(srcdir)/getdate.y
@DEV@ echo "expect 10 shift/reduce conflicts"
@DEV@ $(YACC) $(srcdir)/getdate.y
- at DEV@ mv -f y.tab.c getdate.c
+ at DEV@ echo "#include <config.h>" > $(devdir)/getdate.c
+ at DEV@ cat y.tab.c >> $(devdir)/getdate.c
+ at DEV@ rm -f y.tab.c
- at true
# Uncomment the following if you intend to modify def_data.in
@@ -237,7 +260,7 @@
siglist.c: mksiglist
./mksiglist > $@
-mksiglist: $(srcdir)/mksiglist.c $(srcdir)/mksiglist.h $(srcdir)/compat.h $(top_builddir)/config.h
+mksiglist: $(srcdir)/mksiglist.c $(srcdir)/mksiglist.h $(srcdir)/missing.h config.h
$(CC) $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/mksiglist.c -o $@
@DEV@$(srcdir)/mksiglist.h: $(srcdir)/siglist.in
@@ -264,7 +287,7 @@
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/defaults.c
env.o: $(srcdir)/env.c $(SUDODEP)
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/env.c
-error.o: $(srcdir)/error.c $(srcdir)/compat.h $(srcdir)/error.h config.h
+error.o: $(srcdir)/error.c $(srcdir)/missing.h $(srcdir)/error.h config.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/error.c
exec.o: $(srcdir)/exec.c $(SUDODEP) $(srcdir)/sudo_exec.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/exec.c
@@ -274,13 +297,13 @@
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/fileops.c
find_path.o: $(srcdir)/find_path.c $(SUDODEP)
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/find_path.c
-fnmatch.o: $(srcdir)/fnmatch.c $(srcdir)/emul/fnmatch.h $(srcdir)/compat.h config.h
+fnmatch.o: $(srcdir)/fnmatch.c $(srcdir)/emul/fnmatch.h $(srcdir)/missing.h config.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/fnmatch.c
get_pty.o: $(srcdir)/get_pty.c $(SUDODEP)
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/get_pty.c
-getcwd.o: $(srcdir)/getcwd.c $(srcdir)/compat.h config.h
+getcwd.o: $(srcdir)/getcwd.c $(srcdir)/missing.h config.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/getcwd.c
-getdate.o: $(srcdir)/getdate.c $(srcdir)/compat.h config.h
+getdate.o: $(srcdir)/getdate.c $(srcdir)/missing.h config.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/getdate.c
getline.o: $(srcdir)/getline.c config.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/getline.c
@@ -290,7 +313,7 @@
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/getspwuid.c
gettime.o: $(srcdir)/gettime.c $(SUDODEP)
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/gettime.c
-glob.o: $(srcdir)/glob.c $(srcdir)/emul/glob.h $(srcdir)/compat.h config.h
+glob.o: $(srcdir)/glob.c $(srcdir)/emul/glob.h $(srcdir)/missing.h config.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/glob.c
goodpath.o: $(srcdir)/goodpath.c $(SUDODEP)
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/goodpath.c
@@ -300,7 +323,7 @@
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/interfaces.c
iolog.o: $(srcdir)/iolog.c $(SUDODEP)
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/iolog.c
-isblank.o: $(srcdir)/isblank.c $(srcdir)/compat.h config.h
+isblank.o: $(srcdir)/isblank.c $(srcdir)/missing.h config.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/isblank.c
lbuf.o: $(srcdir)/lbuf.c $(SUDODEP)
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/lbuf.c
@@ -318,7 +341,7 @@
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/memrchr.c
mkstemps.o: $(srcdir)/mkstemps.c $(SUDODEP)
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/mkstemps.c
-nanosleep.o: $(srcdir)/nanosleep.c $(srcdir)/compat.h config.h
+nanosleep.o: $(srcdir)/nanosleep.c $(srcdir)/missing.h config.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/nanosleep.c
parse.o: $(srcdir)/parse.c $(SUDODEP) $(srcdir)/parse.h $(srcdir)/list.h $(devdir)/gram.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/parse.c
@@ -330,33 +353,33 @@
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/redblack.c
set_perms.o: $(srcdir)/set_perms.c $(SUDODEP)
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/set_perms.c
-setsid.o: $(srcdir)/setsid.c $(srcdir)/compat.h config.h
+setsid.o: $(srcdir)/setsid.c $(srcdir)/missing.h config.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/setsid.c
-sigaction.o: $(srcdir)/sigaction.c $(srcdir)/compat.h
+sigaction.o: $(srcdir)/sigaction.c $(srcdir)/missing.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sigaction.c
-siglist.o: siglist.c $(srcdir)/compat.h config.h
+siglist.o: siglist.c $(srcdir)/missing.h config.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/siglist.c
-snprintf.o: $(srcdir)/snprintf.c $(srcdir)/compat.h config.h
+snprintf.o: $(srcdir)/snprintf.c $(srcdir)/missing.h config.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/snprintf.c
-strcasecmp.o: $(srcdir)/strcasecmp.c $(srcdir)/compat.h config.h
+strcasecmp.o: $(srcdir)/strcasecmp.c $(srcdir)/missing.h config.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/strcasecmp.c
-strerror.o: $(srcdir)/strerror.c $(srcdir)/compat.h config.h
+strerror.o: $(srcdir)/strerror.c $(srcdir)/missing.h config.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/strerror.c
-strlcat.o: $(srcdir)/strlcat.c $(srcdir)/compat.h config.h
+strlcat.o: $(srcdir)/strlcat.c $(srcdir)/missing.h config.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/strlcat.c
-strlcpy.o: $(srcdir)/strlcpy.c $(srcdir)/compat.h config.h
+strlcpy.o: $(srcdir)/strlcpy.c $(srcdir)/missing.h config.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/strlcpy.c
-strsignal.o: $(srcdir)/strsignal.c $(srcdir)/compat.h config.h
+strsignal.o: $(srcdir)/strsignal.c $(srcdir)/missing.h config.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/strsignal.c
selinux.o: $(srcdir)/selinux.c $(SUDODEP)
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/selinux.c
sudo.o: $(srcdir)/sudo.c $(SUDODEP) sudo_usage.h $(srcdir)/interfaces.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudo.c
-sudoreplay.o: $(srcdir)/sudoreplay.c $(srcdir)/alloc.h $(srcdir)/compat.h $(srcdir)/error.h $(srcdir)/missing.h config.h
+sudoreplay.o: $(srcdir)/sudoreplay.c $(srcdir)/alloc.h $(srcdir)/missing.h $(srcdir)/error.h $(srcdir)/missing.h config.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudoreplay.c
sudo_edit.o: $(srcdir)/sudo_edit.c $(SUDODEP)
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudo_edit.c
-sudo_noexec.o: $(srcdir)/sudo_noexec.c $(srcdir)/compat.h config.h
+sudo_noexec.o: $(srcdir)/sudo_noexec.c $(srcdir)/missing.h config.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudo_noexec.c
sudo_nss.o: $(srcdir)/sudo_nss.c $(SUDODEP)
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudo_nss.c
@@ -366,19 +389,21 @@
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/testsudoers.c
tgetpass.o: $(srcdir)/tgetpass.c $(SUDODEP)
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/tgetpass.c
-timestr.o: $(srcdir)/timestr.c $(srcdir)/compat.h config.h
+timestr.o: $(srcdir)/timestr.c $(srcdir)/missing.h config.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/timestr.c
-toke.o: $(devdir)/toke.c $(SUDODEP) $(srcdir)/parse.h $(srcdir)/list.h $(devdir)/gram.h
+toke.o: $(devdir)/toke.c $(SUDODEP) $(srcdir)/parse.h $(srcdir)/list.h $(srcdir)/toke.h $(devdir)/gram.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(devdir)/toke.c
+toke_util.o: $(devdir)/toke_util.c $(SUDODEP) $(srcdir)/parse.h $(srcdir)/list.h $(srcdir)/toke.h $(devdir)/gram.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(devdir)/toke_util.c
tsgetgrpw.o: $(srcdir)/tsgetgrpw.c $(SUDODEP)
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/tsgetgrpw.c
-utimes.o: $(srcdir)/utimes.c $(srcdir)/compat.h $(srcdir)/emul/utime.h config.h
+utimes.o: $(srcdir)/utimes.c $(srcdir)/missing.h $(srcdir)/emul/utime.h config.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/utimes.c
vasgroups.o: $(srcdir)/vasgroups.c $(srcdir)/nonunix.h $(SUDODEP)
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/vasgroups.c
visudo.o: $(srcdir)/visudo.c $(SUDODEP) $(devdir)/gram.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/visudo.c
-zero_bytes.o: $(srcdir)/zero_bytes.c $(srcdir)/compat.h config.h
+zero_bytes.o: $(srcdir)/zero_bytes.c $(srcdir)/missing.h config.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/zero_bytes.c
sudo_auth.o: $(authdir)/sudo_auth.c $(AUTHDEP) $(INSDEP)
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(authdir)/sudo_auth.c
@@ -411,6 +436,38 @@
sia.o: $(authdir)/sia.c $(AUTHDEP)
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(authdir)/sia.c
+# Zlib dependencies
+adler32.o: $(srcdir)/zlib/zutil.h $(srcdir)/zlib/zlib.h zlib/zconf.h
+ $(CC) -c -I. -I$(srcdir)/zlib $(CFLAGS) $(srcdir)/zlib/adler32.c
+compress.o: $(srcdir)/zlib/zlib.h zlib/zconf.h
+ $(CC) -c -I. -I$(srcdir)/zlib $(CFLAGS) $(srcdir)/zlib/compress.c
+crc32.o: $(srcdir)/zlib/zutil.h $(srcdir)/zlib/zlib.h zlib/zconf.h $(srcdir)/zlib/crc32.h
+ $(CC) -c -I. -I$(srcdir)/zlib $(CFLAGS) $(srcdir)/zlib/crc32.c
+deflate.o: $(srcdir)/zlib/deflate.h $(srcdir)/zlib/zutil.h $(srcdir)/zlib/zlib.h zlib/zconf.h
+ $(CC) -c -I. -I$(srcdir)/zlib $(CFLAGS) $(srcdir)/zlib/deflate.c
+gzclose.o: $(srcdir)/zlib/zlib.h zlib/zconf.h $(srcdir)/zlib/gzguts.h
+ $(CC) -c -I. -I$(srcdir)/zlib $(CFLAGS) $(srcdir)/zlib/gzclose.c
+gzlib.o: $(srcdir)/zlib/zlib.h zlib/zconf.h $(srcdir)/zlib/gzguts.h
+ $(CC) -c -I. -I$(srcdir)/zlib $(CFLAGS) $(srcdir)/zlib/gzlib.c
+gzread.o: $(srcdir)/zlib/zlib.h zlib/zconf.h $(srcdir)/zlib/gzguts.h
+ $(CC) -c -I. -I$(srcdir)/zlib $(CFLAGS) $(srcdir)/zlib/gzread.c
+gzwrite.o: $(srcdir)/zlib/zlib.h zlib/zconf.h $(srcdir)/zlib/gzguts.h
+ $(CC) -c -I. -I$(srcdir)/zlib $(CFLAGS) $(srcdir)/zlib/gzwrite.c
+infback.o: $(srcdir)/zlib/zutil.h $(srcdir)/zlib/zlib.h zlib/zconf.h $(srcdir)/zlib/inftrees.h $(srcdir)/zlib/inflate.h $(srcdir)/zlib/inffast.h $(srcdir)/zlib/inffixed.h
+ $(CC) -c -I. -I$(srcdir)/zlib $(CFLAGS) $(srcdir)/zlib/infback.c
+inffast.o: $(srcdir)/zlib/zutil.h $(srcdir)/zlib/zlib.h zlib/zconf.h $(srcdir)/zlib/inftrees.h $(srcdir)/zlib/inflate.h $(srcdir)/zlib/inffast.h
+ $(CC) -c -I. -I$(srcdir)/zlib $(CFLAGS) $(srcdir)/zlib/inffast.c
+inflate.o: $(srcdir)/zlib/zutil.h $(srcdir)/zlib/zlib.h zlib/zconf.h $(srcdir)/zlib/inftrees.h $(srcdir)/zlib/inflate.h $(srcdir)/zlib/inffast.h $(srcdir)/zlib/inffixed.h
+ $(CC) -c -I. -I$(srcdir)/zlib $(CFLAGS) $(srcdir)/zlib/inflate.c
+inftrees.o: $(srcdir)/zlib/zutil.h $(srcdir)/zlib/zlib.h zlib/zconf.h $(srcdir)/zlib/inftrees.h
+ $(CC) -c -I. -I$(srcdir)/zlib $(CFLAGS) $(srcdir)/zlib/inftrees.c
+trees.o: $(srcdir)/zlib/deflate.h $(srcdir)/zlib/zutil.h $(srcdir)/zlib/zlib.h zlib/zconf.h $(srcdir)/zlib/trees.h
+ $(CC) -c -I. -I$(srcdir)/zlib $(CFLAGS) $(srcdir)/zlib/trees.c
+uncompr.o: $(srcdir)/zlib/zlib.h zlib/zconf.h
+ $(CC) -c -I. -I$(srcdir)/zlib $(CFLAGS) $(srcdir)/zlib/uncompr.c
+zutil.o: $(srcdir)/zlib/zutil.h $(srcdir)/zlib/zlib.h zlib/zconf.h
+ $(CC) -c -I. -I$(srcdir)/zlib $(CFLAGS) $(srcdir)/zlib/zutil.c
+
@DEV at varsub: $(srcdir)/configure.in
@DEV@ printf 's#@%s@#1#\ns#@%s@#1#\ns#@%s@#1#\ns#@%s@#/etc#g\ns#@%s@#/usr/local#g\ns#@%s@#4#g\ns#@%s@#1m#g\n' SEMAN BAMAN LCMAN sysconfdir prefix mansectform mansectsu > $@; sed -n '/Begin initial values for man page substitution/,/End initial values for man page substitution/{;p;}' $(srcdir)/configure.in | sed -e '/^#/d' -e 's/^/s#@/' -e 's/=[\\"]*/@#/' -e 's/[\\"]*$$/#g/' >> $@
@@ -470,9 +527,12 @@
# The 1.7 branch started Jan 18, 2010
ChangeLog:
- if test -d $(srcdir)/.hg; then \
- hg log --style=changelog -b 1.7 > $@; \
- hg log --style=changelog -b default --date '<2010-01-18 00:00:00' >> $@; \
+ if test -d $(srcdir)/.hg && cd $(srcdir); then \
+ if hg log --style=changelog -b 1.7 > $@.tmp && hg log --style=changelog -b default --date '<2010-01-18 00:00:00' >> $@.tmp; then \
+ mv -f $@.tmp $@; \
+ else \
+ rm -f $@.tmp; \
+ fi; \
fi
install: install-dirs install-binaries @INSTALL_NOEXEC@ install-sudoers install-doc
@@ -526,7 +586,7 @@
-rm -rf Makefile pathnames.h config.h config.status config.cache \
config.log libtool sudoers sudo_noexec.lo .libs $(GENERATED) \
sudo.man sudoers.man sudoers.ldap.man sudoreplay.man \
- visudo.man sudo_usage.h Makefile.binary
+ visudo.man sudo_usage.h Makefile.binary zlib/zconf.h
clobber: distclean
Deleted: trunk/contrib/sudo/Makefile.inc
===================================================================
--- trunk/contrib/sudo/Makefile.inc 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/Makefile.inc 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,14 +0,0 @@
-# $OpenBSD: Makefile.inc,v 1.1 2004/01/15 21:32:03 millert Exp $
-
-CPPFLAGS+= -I${.CURDIR}/..
-CFLAGS+= -Wall
-
-.include <bsd.obj.mk>
-
-.if exists(${.CURDIR}/../lib/${__objdir})
-LDADD+= -L${.CURDIR}/../lib/${__objdir} -lsudo
-DPADD+= ${.CURDIR}/../lib/${__objdir}/libsudo.a
-.else
-LDADD+= -L${.CURDIR}/../lib -lsudo
-DPADD+= ${.CURDIR}/../lib/libsudo.a
-.endif
Modified: trunk/contrib/sudo/NEWS
===================================================================
--- trunk/contrib/sudo/NEWS 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/NEWS 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,3 +1,90 @@
+What's new in Sudo 1.7.5?
+
+ * When using visudo in check mode, a file named "-" may be used to
+ check sudoers data on the standard input.
+
+ * Sudo now only fetches shadow password entries when using the
+ password database directly for authentication.
+
+ * Password and group entries are now cached using the same key
+ that was used to look them up. This fixes a problem when looking
+ up entries by name if the name in the retrieved entry does not
+ match the name used to look it up. This may happen on some systems
+ that do case insensitive lookups or that truncate long names.
+
+ * GCC will no longer display warnings on glibc systems that use
+ the warn_unused_result attribute for write(2) and other system calls.
+
+ * If a PAM account management module denies access, sudo now prints
+ a more useful error message and stops trying to validate the user.
+
+ * Fixed a potential hang on idle systems when the sudo-run process
+ exits immediately.
+
+ * Sudo now includes a copy of zlib that will be used on systems
+ that do not have zlib installed.
+
+ * The --with-umask-override configure flag has been added to enable
+ the "umask_override" sudoers Defaults option at build time.
+
+ * Sudo now unblocks all signals on startup to avoid problems caused
+ by the parent process changing the default signal mask.
+
+ * LDAP Sudoers entries may now specify a time period for which
+ the entry is valid. This requires an updated sudoers schema
+ that includes the sudoNotBefore and sudoNotAfter attributes.
+ Support for timed entries must be explicitly enabled in the
+ ldap.conf file. Based on changes from Andreas Mueller.
+
+ * LDAP Sudoers entries may now specify a sudoOrder attribute that
+ determines the order in which matching entries are applied. The
+ last matching entry is used, just like file-based sudoers. This
+ requires an updated sudoers schema that includes the sudOrder
+ attribute. Based on changes from Andreas Mueller.
+
+ * When run as sudoedit, or when given the -e flag, sudo now treats
+ command line arguments as pathnames. This means that slashes
+ in the sudoers file entry must explicitly match slashes in
+ the command line arguments. As a result, and entry such as:
+ user ALL = sudoedit /etc/*
+ will allow editing of /etc/motd but not /etc/security/default.
+
+ * NETWORK_TIMEOUT is now an alias for BIND_TIMELIMIT in ldap.conf for
+ compatibility with OpenLDAP configuration files.
+
+ * The LDAP API TIMEOUT parameter is now honored in ldap.conf.
+
+ * The I/O log directory may now be specified in the sudoers file.
+
+ * Sudo will no longer refuse to run if the sudoers file is writable
+ by root.
+
+ * Sudo now performs command line escaping for "sudo -s" and "sudo -i"
+ after validating the command so the sudoers entries do not need
+ to include the backslashes.
+
+ * Logging and email sending are now done in the locale specified
+ by the "sudoers_locale" setting ("C" by default). Email send by
+ sudo now includes MIME headers when "sudoers_locale" is not "C".
+
+ * The configure script has a new option, --disable-env-reset, to
+ allow one to change the default for the sudoers Default setting
+ "env_reset" at compile time.
+
+ * When logging "sudo -l command", sudo will now prepend "list "
+ to the command in the log line to distinguish between an
+ actual command invocation in the logs.
+
+ * Double-quoted group and user names may now include escaped double
+ quotes as part of the name. Previously this was a parse error.
+
+ * Sudo once again restores the state of the signal handlers it
+ modifies before executing the command. This allows sudo to be
+ used with the nohup command.
+
+ * Resuming a suspended shell now works properly when I/O logging
+ is not enabled (the I/O logging case was already correct).
+
What's new in Sudo 1.7.4p6?
* A bug has been fixed in the I/O logging support that could cause
Modified: trunk/contrib/sudo/README
===================================================================
--- trunk/contrib/sudo/README 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/README 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,4 +1,4 @@
-This is Sudo version 1.7.4
+This is Sudo version 1.7.5
The sudo philosophy
===================
@@ -35,7 +35,7 @@
===================
To build sudo from the source distribution you need a machine running
Unix (most flavors of BSD, SYSV, or POSIX will do), a working C
-compiler, and the make utility.
+compiler, and the ar, make and ranlib utilities.
If you wish to modify the parser then you will need flex version
2.5.2 or later and either bison or byacc (sudo comes with a pre-flex'd
Modified: trunk/contrib/sudo/README.LDAP
===================================================================
--- trunk/contrib/sudo/README.LDAP 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/README.LDAP 2014-10-02 03:20:49 UTC (rev 6803)
@@ -133,6 +133,11 @@
and since it is Schema aware, I don't need to create a sudoRole template.
http://biot.com/gq/
+ * phpQLAdmin - Open Source - phpQLAdmin is an administration tool,
+ originally for QmailLDAP, that supports editing sudoRole objects
+ in version 2.3.2 and higher.
+ http://phpqladmin.com/
+
* LDAP Browser/Editor - by Jarek Gawor - I use this a lot on Windows
and Solaris. It runs anywhere in a Java Virtual Machine including
web pages. You have to make a template from an existing sudoRole entry.
Deleted: trunk/contrib/sudo/RUNSON
===================================================================
--- trunk/contrib/sudo/RUNSON 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/RUNSON 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,173 +0,0 @@
-Systems that Sudo has been reported to run on.
-
-Just because a specific version of your OS is not listed with the
-current version of Sudo does not mean it won't work. If an older
-version of Sudo ran on your OS, chances are that the latest version
-does as well.
-
- Op. System CPU Compilers Sudo Reported Special
-Name Rev Arch Used Version By Options
-======= ======= ======= =============== ======= =============== ===============
-Auspex 1.6.1 sun4 bundled cc 1.3.4 Alek Komarnitsky none
-SunOS 4.1.3 sun4 bundled cc 1.6.8p1 Todd Miller none
-SunOS 4.1.3 sun4 gcc2.9.5.2 1.6.8p1 Todd Miller none
-SunOS 4.1.3 sun4 gcc2.7.2.1 1.5.3 Todd Miller --with-kerb4
-SunOS 4.1.3 sun4 gcc2.9.5.2 1.6.8p1 Todd Miller --with-skey
-Solaris 2.5.1 sparc SC4.0 1.5.6p1 Brian Jackson none
-Solaris 2.5.1 sun4u gcc2.7.2.3 1.5.4 Leon von Stauber none
-Solaris 2.5.1 i386 gcc2.7.2 1.5.4 Leon von Stauber none
-Solaris 2.6 sparc gcc2.9.5.2 1.6.3 Todd Miller none
-Solaris 2.6 sparc gcc2.9.5.2 1.6.3 Todd Miller --with-pam
-Solaris 2.6 i386 gcc2.9.5.2 1.6.3 Todd Miller none
-Solaris 2.6 i386 gcc2.9.5.2 1.6.3 Todd Miller --with-pam
-Solaris 2.6 sun4u Workshop 6.2 1.6.3p7 Donna Dickerson none
-Solaris 2.6 i386 unbundled cc 1.5.8p2 Udo Keller none
-Solaris 7 i386 gcc 2.8.1 1.6.1 Ido Dubrawsky none
-Solaris 7 i386 Workshop 5.0 1.6 Brian Jackson none
-Solaris 7 sun4u egcs 1.1.2 1.5.9p4 Scott Kinnane none
-Solaris 7 sparc SC4.2 1.6.6 Todd Miller none
-Solaris 7 sun4u Workshop 6.2 1.6.3p7 Donna Dickerson none
-Solaris 7 sparc gcc2.95.2 1.6.6 Todd Miller --with-skey
-Solaris 2.6 sun4u egcs 1.1.2 1.5.9p4 Scott Kinnane none
-Solaris 8 sun4u gcc2.95.2 1.6.8p1 Todd Miller --with-pam
-Solaris 8 sun4u SC4.2 1.6.8p1 Todd Miller --with-pam
-Solaris 8 sun4u Workshop 6.2 1.6.3p7 Donna Dickerson none
-Solaris 8 sun4u gcc2.95.3 1.6.6 Banu Yobas none
-Solaris 9 sun4u gcc3.3.2 1.6.8p1 Todd Miller --with-pam
-ISC 4.0 i386 bundled cc 1.4 Andy Smith none
-ISC 4.0 i386 gcc2.7.0 1.4 Andy Smith none
-ISC 4.1 i386 bundled cc 1.4 Andy Smith none
-ISC 4.1 i386 gcc2.7.0 1.4 Andy Smith none
-RISCos 4_52 mips bundled cc 1.3.7 Andy Smith --with-getpass
-SCO 3.2.2 i386 bundled cc 1.3.4 David Meleedy --with-getpass
-SCO 5.0.5 i386 gcc 98q2 1.6.3p7 Alan Pittman none
-HP-UX 9.05 hp700 gcc2.7.2.1 1.5.3 Todd Miller none
-HP-UX 9.05 hp700 gcc2.7.2.1 1.5.3 Todd Miller --with-kerb4
-HP-UX 9.07 hp700 unbundled cc 1.5 Alek Komarnitsky --with-C2
-HP-UX 9.05 hp700 unbundled cc 1.4 Todd Miller none
-HP-UX 10.20 hp700 gcc3.3.4 1.6.8p1 Todd Miller none
-HP-UX 10.20 hp700 bundled cc 1.6.8p1 Todd Miller none
-HP-UX 10.20 hp700 unbundled cc 1.6.8p1 Todd Miller none
-HP-UX 10.20 hp700 gcc 2.95.2 1.6.2 Jeff Earickson --with-DCE
-HP-UX 11.00 hp700 bundled cc 1.6.8p1 Todd Miller none
-HP-UX 11.00 hp700 bundled cc 1.6.8p1 Todd Miller --with-pam
-HP-UX 11.00 hp700 gcc 3.2 1.6.8p1 Todd Miller none
-HP-UX 11.00 hp700 gcc 3.2 1.6.8p1 Todd Miller --with-pam
-HP-UX 11.11 hp700 gcc 3.3.2 1.6.8p1 Todd Miller --with-pam
-HP-UX 11.11 hp700 unbundled cc 1.6.8p1 Todd Miller --with-pam
-Ultrix 4.3 mips bundled cc 1.6.3b2 Todd Miller none
-Ultrix 4.3 mips gcc2.7.2.1 1.5.9 Todd Miller --with-skey
-IRIX 4.05H mips gcc2.6.3 1.5.3 Todd Miller none
-IRIX 4.05H mips unbundled cc 1.4 Todd Miller none
-IRIX 5.2 mips MipsPro C 1.5.6p1 Brian Jackson none
-IRIX 5.3 mips MipsPro C 1.5.6p1 Brian Jackson none
-IRIX 6.2 mips MipsPro C 1.5.6p1 Brian Jackson none
-IRIX 6.5 mips MipsPro C 1.5.6p1 Brian Jackson none
-IRIX 5.3 mips unbundled cc 1.6.6 Todd Miller none
-IRIX 5.3 mips gcc2.9.5.2 1.6.6 Todd Miller --with-skey
-IRIX 5.3 mips gcc2.7.2.1 1.5.3 Todd Miller --with-kerb4
-IRIX 5.3 mips unbundled cc 1.4 Wallace Winfrey --with-C2
-IRIX 6.2 mips unbundled cc 1.5 Alek Komarnitsky --with-C2
-IRIX 6.2 mips MipsPro C 1.6 Brian Jackson none
-IRIX 6.3 mips MipsPro C 1.6 Brian Jackson none
-IRIX 6.4 mips MipsPro C 1.58p2 Brian Jackson none
-IRIX 6.4 mips egcs 1.1.2 1.5.9p4 Scott Kinnane none
-IRIX 6.5 mips unbundled cc 1.5.4 Brian Jackson --with-C2
-IRIX 6.5 mips MipsPro 7.2.1 1.6 Brian Jackson none
-IRIX 6.5 mips gcc 2.8.1 1.6rc1 Jordan Baker none
-IRIX 6.5 mips egcs 1.1.2 1.5.9p4 Scott Kinnane none
-IRIX 6.5 mips MipsPRO 7.3.1 1.6.5p2 David Kaelbling --with-pam
-IRIX 6.5 mips MipsPRO 7.3.1 1.6.5p2 David Kaelbling --with-C2
-NEXTSTEP 2.1 m68k bundled cc 1.3.7 Todd Miller none
-NEXTSTEP 3.2 m68k bundled cc 1.5.5b4 Todd Miller --with-skey
-NEXTSTEP 3.2 i386 bundled cc 1.3.2 Jonathan Adams none
-NEXTSTEP 3.3 i386 bundled cc 1.4 Jonathan Adams none
-NEXTSTEP 3.3 sparc bundled cc 1.5.3 Mike Kienenberger none
-DEC UNIX 3.2c alpha bundled cc 1.5.3 Todd Miller none
-DEC UNIX 4.0D alpha bundled cc 1.6.8p1 Todd Miller none
-DEC UNIX 4.0D alpha gcc-2.95.2 1.6.8p1 Todd Miller none
-DEC UNIX 4.0 alpha gcc-2.7.2.1 1.5.3 Todd Miller --with-kerb4
-DEC UNIX 4.0D alpha bundled cc 1.5.3 Randall R. Cable --with-C2
-DEC UNIX 4.0E alpha bundled cc 1.5.9p2 Vangelis Haniotakis none
-Tru64 5.1 alpha bundled cc 1.6.7 Todd Miller none
-AIX 3.2.X rs6000 bundled cc 1.4 Todd Miller none
-AIX 4.1.3 PowerPC gcc-2.7.0 1.4 Bob Shair none
-AIX 4.1.4 rs6000 gcc-2.8.1 1.6.2p2 Todd Miller none
-AIX 4.1.4 rs6000 gcc-2.8.1 1.6.2p2 Todd Miller --with-authenticate
-AIX 4.1.5 rs6000 gcc-2.7.2.3 1.4.4 Daniel Robitaille none
-AIX 4.1.X rs6000 bundled cc 1.5.3 Robin Jackson --with-AFS
-AIX 4.1.X PowerPC bundled cc 1.5.3 Robin Jackson --with-AFS
-AIX 4.2.1 rs6000 bundled cc 1.5.7p4 Sam Mabjish none
-AIX 4.2.1 rs6000 egcs 1.1.2 1.5.9p4 Scott Kinnane none
-AIX 4.3 rs6000 bundled cc 1.5.4 Leon von Stauber none
-AIX 4.3.2 rs6000 egcs 1.1.2 1.5.9p4 Scott Kinnane none
-AIX 5.0.1.0 rs6000 bundled cc 1.6.6 David Littlewood none
-AIX 5.1 PowerPC gcc-3.2.1 1.6.6 Neil MacGregor none
-ConvexOS 9.1 convex bundled cc 1.3.6 Todd Miller none
-ConvexOS 9.1 convex gcc2.4.5 1.3.6 Todd Miller none
-BSD/OS 4.1 i386 cc 1.6.3 Todd Miller --with-skey
-OpenBSD 3.X all gcc-2.95.3 1.6.8p1 Todd Miller none
-OpenBSD 3.X all gcc-3.3.2 1.6.8p1 Todd Miller --with-bsdauth
-FreeBSD 1.1 i386 gcc 1.3.2 Dworkin Muller none
-FreeBSD 2.0.5 i386 gcc 1.3.4 Dworkin Muller none
-FreeBSD 3.2 i386 gcc 2.7.2.1 1.6 Brian Jackson none
-Linux 1.2.13 i486 gcc-2.7.0 1.4 Michael Forman none
-Linux 1.2.8 i486 gcc-2.5.8 1.3.5 Ted Coady --with-C2
-Linux 2.0.15 i586 gcc-2.7.2.1 1.5 Danny Barron none
-Linux 2.0.34 i586 egcs-2.91.57 1.5.6p2 Darrin Chandler none
-Linux 2.0.36 i586 gcc-2.7.2.3 1.5.7p4 Nathan Haney none
-Linux 2.0.33pl1 m68k gcc 2.7.2.3 1.5.6 James Troup none
-Linux 2.0.34 mips gcc-2.7.2 1.6 Tristan Roddis none
-Linux 2.2.0 i386 gcc-2.91.66 1.6.6 Maximilian Incani --disable-saved-ids
-Linux 2.2.12 i586 gcc-2.95.2 1.6.3 Todd Miller --with-pam
-Linux 2.2.13 alpha egcs-2.91.66 1.6.3 Todd Miller --with-pam
-Linux 2.2.6-15 ppc egcs-1.1.2 1.5.9p4 Barbara Schelkle none
-Linux 2.4.18 i686 gcc-3.2 1.6.7 Todd Miller --with-pam
-Linux 2.4.20 i686 gcc-3.2.1 1.6.6 Vasily Korytov none
-Linux 2.4.20 i686 gcc-3.2.2 1.6.8p1 Todd Miller --with-pam
-Linux 2.4.20 ppc gcc-3.2.3 1.6.7p5 Nicolas Kaiser --with-pam
-UnixWare 1.1.4 i386 gcc-2.7.2 1.4 Michael Hancock none
-UnixWare 7.1.1 i686 cc 1.6.5p1 Mike Petkau none
-UnixWare 7.1.3 i686 cc 1.6.7p4 Rodolfo Martin none
-Pyramid DC/OSx 1.1 bundled cc 1.4 Les Schuettpelz none
-ATT SVR4.x i486 Metaware CC 1.4 Chris Ellington none
-SINIX 5.42 R4000 bundled cc 1.4 Paul Tuininga none
-SINIX 5.43 mips PyrC 5.0A00 1.5.6p2 Brian Jackson none
-SINIX 5.43 mips CDS++ V1 1.58p2 Brian Jackson none
-SINIX 5.44 mips PyrC 5.0A00 1.5.6p2 Brian Jackson none
-ReliantUNIX 5.43 mips CDS++ V1 1.6 Brian Jackson none
-ReliantUNIX 5.44 mips CDS++ V1 1.6 Brian Jackson none
-ReliantUNIX 5.45 mips CDS++ V1 1.6 Brian Jackson none
-NCR 2.03 3400 bundled cc 1.4 Mark Rauschkolb --with-getpass
-NCR 3.00 5100 bundled cc 1.4 Mark Rauschkolb --with-getpass
-Unicos/mk 2.0.2.19 T3E bundled cc 1.5.3 Mike Kienenberger none
-Unicos 9.0.2.2 YMP bundled cc 1.5.4 Mike Kienenberger none
-Unicos 10.0.0.1 J90 bundled cc 1.5.4 Mike Kienenberger none
-DG/UX R4.11MU03 i686 gcc 1.5.3 Ramesh Vasudevan none
-DG/UX R4.20MU02 x86 cc v1.5.6p5 Jared Crapo none
-DG/UX R4.20MU07 x86 gcc 1.6.3p7 Rob Tocher none
-NetBSD 1.2[A-G] x86 gcc-2.7.2.{1,2} 1.5.3 Jason R. Thorpe none
-NetBSD 1.2[A-G] m68k gcc-2.7.2.{1,2} 1.5.3 Jason R. Thorpe none
-NetBSD 1.2[A-G] sparc gcc-2.7.2.{1,2} 1.5.3 Jason R. Thorpe none
-NetBSD 1.3.2 alpha gcc-2.7.2.2 1.5.4p1 Ted Spradley none
-MacOSX Server ppc cc 1.5.9p4 Matt Warner --with-password-timeout=0
-Dynix/ptx 4.1.5 i386 gcc2.7.2 1.5.4 Leon von Stauber none
-Dynix/ptx 4.4.2 Sequent bundled cc 1.5.4p1 Larry Mascarenhas none
-Dynix/ptx 4.4.3 Sequent bundled cc 1.5.6p2 Sandra Birgerson none
-Dynix/ptx 4.4.4 Sequent bundled cc 1.5.9p2 Jason Merritt none
-Dynix/ptx 4.4.6 Sequent bundled cc 1.6 Larry Mascarenhase none
-Dynix/ptx 4.4.7 Sequent bundled cc 1.6.2p1 Dana Kaempen --with-CC=cc
-DC-OSx 1.1-9x mips PyrC 4.0A20 1.5.6p2 Brian Jackson none
-HI-UX/MPP 02-03 sr2201 bundled cc 1.5.4 Ben Edgington none
-SVR4 4.4 m88k bundled gcc 1.6.7 Gerry Belanger none
-NonStop-UX B32 CO-1475 cc 1.5.9p3 Andrei Panfilenko none
-MacOS X ppc bundled cc 1.6.3p7 Gary Danko none
-
-Systems on which Sudo is expected to run on but hasn't been tested.
-If you can verify any of these, please send mail to sudo at courtesan.com
-
- Op. System CPU Compilers Sudo Reported Special
-Name Rev Arch Used Version By Options
-======= ======= ======= =============== ======= =============== ===============
-ConvexOS 9.1 convex cc or gcc 1.5.6 YOUR NAME HERE --with-C2
-Ultrix 4.x mips cc or gcc 1.5.6 YOUR NAME HERE --with-C2
Deleted: trunk/contrib/sudo/TODO
===================================================================
--- trunk/contrib/sudo/TODO 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/TODO 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,143 +0,0 @@
-TODO list (most will be addressed in sudo 2.0)
-
-01) Redo parsing to be more like op(8) with true command aliases where
- can specify uid, gid(s) and part/all of the environment.
-
-02) Add a SHELLS reserved word that checks against /etc/shells.
-
-03) Make the sudoers file accessible via NIS, Hesiod, and maybe NetInfo.
-
-04) Add a -h (?) flag to sudo for a history mechanism.
-
-05) Add an option to set LD_LIBRARY_PATH?
-
-06) Add Prog_Alias facility (Prog_Alias VI = /usr/secure/bin/vi +args).
-
-07) check for <net/errno.h> in configure and include it in sudo.c if it exists.
-
-08) Add generic STREAMS support for getting interfaces and netmasks.
-
-09) Add support for "safe scripts" by checking for shell script
- cookie (first two bytes are "#!") and execing the shell outselves
- after doing the stat to guard against spoofing. This should avoid
- the race condition caused by going through namei() twice...
-
-10) Overhaul testsudoers to use things from parse.o so we don't reimplement
- things.
-
-11) Make runas_user a struct "runas" with user and group components.
- (maybe uid and gid too???)
-
-12) Add -g group/gid option.
-
-13) Should be able to mix Cmnd_Alias's and command args. Ie:
- pete ALL=PASSWD [A-z]*,!PASSWD root
- where PASSWD was defined to be /usr/bin/passwd.
- This requires the arg parsing to happen in the yacc grammer.
- At the very least, commands and args have to become separate
- tokens in the lexer.
-
-14) Add a per-tty restriction? Ie: only can run foo from /dev/console.
-
-15) Add test for how to read ether interfaces in configure script
-
-16) Add configure option to enable old behavior of visudo (O_EXCL)?
- --without-sudoers-lock?
-
-17) Profile sudo again (is the yacc grammar optimal?)
-
-18) Zero out encrypted passwords after use. Use an Exit function or
- some such (have to hook in to emalloc() and friends).
- Hard (impossible?) to be thorough w/ atexit/on_exit.
-
-19) Make 'sudo -l user' if run as root do a "sudo -l" output for the specified
- user.
-
-20) Use strtol() and strtoul(), not atoi()
-
-21) Look into %e, %p, %k in parse.lex
-
-22) Make syslog stuff work on vanilla ultrix
-
-23) Implement date_format and log_format options.
-
-24) Add support for: Default:user at host
-
-25) Make visudo rcs-aware
-
-26) Add support for parsing multiple sudoers files. Basically make
- _PATH_SUDOERS be a colon-separated list of pathname like EDITOR.
- Requires _PATH_SUDOERS_TMP chages (perhaps "%s.tmp").
-
-27) Some people want to be able to specify a special password in sudoers
- in addition or instead of the normal one. The best argument for
- this so far is to be able to use separate passwords for the
- target users that are not the passwd file ones.
-
-28) Add support for trusted users. E.g. allow user to run a certain
- command regardless of what dir it is in if it is owned by the
- trusted user.
-
-28) Split the parser into two stages. The first parse checks for
- syntax and sets the Defaults options and sets up the
- data structures to check a user. The second stage does
- the actual user check.
-
-30) Add a flag similar to '-l' but that spits out sudo commands in
- a format suitable for cut & paste (requires parser overhaul first).
-
-31) Someone wants a recursive version of the dir specifier. Ie:
- SOME_MODIFIER:/usr/local/ to allow anything under /usr/local to be run.
-
-31) An option to set the shell to the target user would make sense.
- See other target user-related issues above.
-
-33) Add an option (-D) to dump the defaults after the sudoers file
- has been parsed. Should only be available to root and should
- allow a -u user modifier.
-
-34) For sudo 1.7 wipe out the environment by default.
-
-35) Allow /etc/sudoers to be a symlink but require the parent dir to
- be root-owned and not writable by anything else. Should really
- traverse the tree to the root doing this.
-
-36) Improve interfaces.c STREAMS code (see ntpd's ntp_io.c for hints)
-
-37) Wildcard support for user and group names? (netgroup too?)
-
-38) If root_sudo is off, still allow sudo -u to non-root users?
-
-39) Add configure option to id user based on euid not ruid?
-
-40) Split $EDITOR/$VISUAL in visudo into an argument vector based on whitespace
-
-41) Use proper links in .pod files
-
-42) Parse gids like %#0
-
-43) Add support for systrace (requires that sudo fork and be persistent)
-
-44) For AIX, call getuserattr() to get resource limits and set them
- as appropriate, see:
- http://nscp.upenn.edu/aix4.3html/libs/basetrf1/getuserattr.htm#A16691a89
-
-45) Add an insult_path variable that is intialized to "builtin" but that
- can point to other files containing an insult count as the first
- line and that have a constant record length (sparse files) for
- easy seeking.
-
-46) Investigate using glob(3) instead of fnmatch(3) for path matching. That
- way we can stat each potential match like we normally would. Patterns
- ending in '/*' can be replaced with '/basename' as an optimization.
-
-47) Some way of using a new pty for the program run via sudo would prevent
- access to the caller's /dev/tty (but probably makes job control tricky).
-
-48) Maybe have a database of checksums that commands are verified against.
- Basically replace the st_ino/st_dev check with a checksum lookup.
-
-49) Look into testing writability of a file via sudoedit *before* doing
- the edit; e.g., try opening with O_APPEND.
-
-50) Add Makefile.in bits to autogenerate Solaris and HP-UX packages
Modified: trunk/contrib/sudo/TROUBLESHOOTING
===================================================================
--- trunk/contrib/sudo/TROUBLESHOOTING 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/TROUBLESHOOTING 2014-10-02 03:20:49 UTC (rev 6803)
@@ -8,6 +8,14 @@
to why this is happening. On many systems, compiler components live
in /usr/ccs/bin which may not be in your PATH environment variable.
+Q) When I run configure, it says "sudo requires the 'ar' utility to build".
+A) As part of the build process, sudo creates a temporary library containing
+ objects that are shared amongst the different sudo executables.
+ On Unix systems, the "ar" utility is used to do this. This error
+ indicates that "ar" is missing on your system. On Solaris systems,
+ you may need to install the SUNWbtool package. On other systems
+ "ar" may be included in the GNU binutils package.
+
Q) Sudo compiles but when I run it I get "Sorry, sudo must be setuid root."
and sudo quits.
A) Sudo must be setuid root to do its work. You need to do something like
Modified: trunk/contrib/sudo/UPGRADE
===================================================================
--- trunk/contrib/sudo/UPGRADE 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/UPGRADE 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,6 +1,28 @@
Notes on upgrading from an older release
========================================
+o Upgrading from a version prior to 1.7.5:
+
+ Sudo 1.7.5 includes an updated LDAP schema with support for
+ the sudoNotBefore, sudoNotAfter and sudoOrder attributes.
+
+ The sudoNotBefore and sudoNotAfter attribute support is only
+ used when the SUDOERS_TIMED setting is enabled in ldap.conf.
+ If enabled, those attributes are used directly when constructing
+ an LDAP filter. As a result, your LDAP server must have the
+ updated schema if you want to use sudoNotBefore and sudoNotAfter.
+
+ The sudoOrder support does not affect the LDAP filter sudo
+ constructs and so there is no need to explicitly enable it in
+ ldap.conf. If the sudoOrder attribute is not present in an
+ entry, a value of 0 is used. If no entries contain sudoOrder
+ attributes, the results are in whatever order the LDAP server
+ returns them, as in past versions of sudo.
+
+ Older versions of sudo will simply ignore the new attributes
+ if they are present in an entry. There are no compatibility
+ problems using the updated schema with older versions of sudo.
+
o Upgrading from a version prior to 1.7.4:
Starting with sudo 1.7.4, the time stamp files have moved from
Deleted: trunk/contrib/sudo/WHATSNEW
===================================================================
--- trunk/contrib/sudo/WHATSNEW 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/WHATSNEW 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,153 +0,0 @@
-What's new in Sudo 1.7.2?
-
- * A new #includedir directive is available in sudoers. This can be
- used to implement an /etc/sudo.d directory. Files in an includedir
- are not edited by visudo unless they contain a syntax error.
-
- * The -g option did not work properly when only setting the group
- (and not the user). Also, in -l mode the wrong user was displayed
- for sudoers entries where only the group was allowed to be set.
-
- * Fixed a problem with the alias checking in visudo which
- could prevent visudo from exiting.
-
- * Sudo will now correctly parse the shell-style /etc/environment
- file format used by pam_env on Linux.
-
- * When doing password and group database lookups, sudo will only
- cache an entry by name or by id, depending on how the entry was
- looked up. Previously, sudo would cache by both name and id
- from a single lookup, but this breaks sites that have multiple
- password or group database names that map to the same uid or
- gid.
-
- * User and group names in sudoers may now be enclosed in double
- quotes to avoid having to escape special characters.
-
- * BSM audit fixes when changing to a non-root uid.
-
- * Experimental non-Unix group support. Currently only works with
- Quest Authorization Services and allows Active Directory groups
- fixes for Minix-3.
-
- * For Netscape/Mozilla-derived LDAP SDKs the certificate and key
- paths may be specified as a directory or a file. However, version
- 5.0 of the SDK only appears to support using a directory (despite
- documentation to the contrary). If SSL client initialization
- fails and the certificate or key paths look like they could be
- default file name, strip off the last path element and try again.
-
- * A setenv() compatibility fix for Linux systems, where a NULL
- value is treated the same as an empty string and the variable
- name is checked against the NULL pointer.
-
-What's new in Sudo 1.7.1?
-
- * A new Defaults option "pwfeedback" will cause sudo to provide visual
- feedback when the user is entering a password.
-
- * A new Defaults option "fast_glob" will cause sudo to use the fnmatch()
- function for file name globbing instead of glob(). When this option
- is enabled, sudo will not check the file system when expanding wildcards.
- This is faster but a side effect is that relative paths with wildcard
- will no longer work.
-
- * New BSM audit support for systems that support it such as FreeBSD
- and Mac OS X.
-
- * The file name specified with the #include directive may now include
- a %h escape which is expanded to the short form of hostname.
-
- * The -k flag may now be specified along with a command, causing the
- user's timestamp file to be ignored.
-
- * New support for Tivoli-based LDAP START_TLS, present in AIX.
-
- * New support for /etc/netsvc.conf on AIX.
-
- * The unused alias checks in visudo now handle the case of an alias
- referring to another alias.
-
-What's new in Sudo 1.7.0?
-
- * Rewritten parser that converts sudoers into a set of data structures.
- This eliminates a number of ordering issues and makes it possible to
- apply sudoers Defaults entries before searching for the command.
- It also adds support for per-command Defaults specifications.
-
- * Sudoers now supports a #include facility to allow the inclusion of other
- sudoers-format files.
-
- * Sudo's -l (list) flag has been enhanced:
- o applicable Defaults options are now listed
- o a command argument can be specified for testing whether a user
- may run a specific command.
- o a new -U flag can be used in conjunction with "sudo -l" to allow
- root (or a user with "sudo ALL") list another user's privileges.
-
- * A new -g flag has been added to allow the user to specify a
- primary group to run the command as. The sudoers syntax has been
- extended to include a group section in the Runas specification.
-
- * A uid may now be used anywhere a username is valid.
-
- * The "secure_path" run-time Defaults option has been restored.
-
- * Password and group data is now cached for fast lookups.
-
- * The file descriptor at which sudo starts closing all open files is now
- configurable via sudoers and, optionally, the command line.
-
- * Visudo will now warn about aliases that are defined but not used.
-
- * The -i and -s command line flags now take an optional command
- to be run via the shell. Previously, the argument was passed
- to the shell as a script to run.
-
- * Improved LDAP support. SASL authentication may now be used in
- conjunction when connecting to an LDAP server. The krb5_ccname
- parameter in ldap.conf may be used to enable Kerberos.
-
- * Support for /etc/nsswitch.conf. LDAP users may now use nsswitch.conf
- to specify the sudoers order. E.g.:
- sudoers: ldap files
- to check LDAP, then /etc/sudoers. The default is "files", even
- when LDAP support is compiled in. This differs from sudo 1.6
- where LDAP was always consulted first.
-
- * Support for /etc/environment on AIX and Linux. If sudo is run
- with the -i flag, the contents of /etc/environment are used to
- populate the new environment that is passed to the command being
- run.
-
- * If no terminal is available or if the new -A flag is specified,
- sudo will use a helper program to read the password if one is
- configured. Typically, this is a graphical password prompter
- such as ssh-askpass.
-
- * A new Defaults option, "mailfrom" that sets the value of the
- "From:" field in the warning/error mail. If unspecified, the
- login name of the invoking user is used.
-
- * A new Defaults option, "env_file" that refers to a file containing
- environment variables to be set in the command being run.
-
- * A new flag, -n, may be used to indicate that sudo should not
- prompt the user for a password and, instead, exit with an error
- if authentication is required.
-
- * If sudo needs to prompt for a password and it is unable to disable
- echo (and no askpass program is defined), it will refuse to run
- unless the "visiblepw" Defaults option has been specified.
-
- * Prior to version 1.7.0, hitting enter/return at the Password: prompt
- would exit sudo. In sudo 1.7.0 and beyond, this is treated as
- an empty password. To exit sudo, the user must press ^C or ^D
- at the prompt.
-
- * visudo will now check the sudoers file owner and mode in -c (check)
- mode when the -s (strict) flag is specified.
-
- * A new Defaults option "umask_override" will cause sudo to set the
- umask specified in sudoers even if it is more permissive than the
- invoking user's umask.
Modified: trunk/contrib/sudo/aclocal.m4
===================================================================
--- trunk/contrib/sudo/aclocal.m4 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/aclocal.m4 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,6 +1,6 @@
dnl Local m4 macros for autoconf (used by sudo)
dnl
-dnl Copyright (c) 1994-1996, 1998-2005, 2007-2009
+dnl Copyright (c) 1994-1996, 1998-2005, 2007-2011
dnl Todd C. Miller <Todd.Miller at courtesan.com>
dnl
dnl XXX - should cache values in all cases!!!
@@ -124,18 +124,18 @@
AC_DEFUN(SUDO_IO_LOGDIR, [
AC_MSG_CHECKING(for I/O log dir location)
if test "${with_iologdir-yes}" != "yes"; then
- :
+ iolog_dir="$with_iologdir"
elif test -d "/var/log"; then
- with_iologdir="/var/log/sudo-io"
+ iolog_dir="/var/log/sudo-io"
elif test -d "/var/adm"; then
- with_iologdir="/var/adm/sudo-io"
+ iolog_dir="/var/adm/sudo-io"
else
- with_iologdir="/usr/adm/sudo-io"
+ iolog_dir="/usr/adm/sudo-io"
fi
- if test "${with_iologdir-yes}" != "no"; then
- SUDO_DEFINE_UNQUOTED(_PATH_SUDO_IO_LOGDIR, "$with_iologdir")
+ if test "${with_iologdir}" != "no"; then
+ SUDO_DEFINE_UNQUOTED(_PATH_SUDO_IO_LOGDIR, "$iolog_dir")
fi
- AC_MSG_RESULT($with_iologdir)
+ AC_MSG_RESULT($iolog_dir)
])dnl
dnl
@@ -323,8 +323,8 @@
maildir=no
if test X"$ac_cv_header_paths_h" = X"yes"; then
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([AC_INCLUDES_DEFAULT
-#include <paths.h>
-int main() {char *p = _PATH_MAILDIR;}], [])], [maildir=yes], [])
+#include <paths.h>],
+[char *p = _PATH_MAILDIR;])], [maildir=yes], [])
fi
if test $maildir = no; then
# Solaris has maillock.h which defines MAILDIR
Deleted: trunk/contrib/sudo/acsite.m4
===================================================================
--- trunk/contrib/sudo/acsite.m4 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/acsite.m4 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,7518 +0,0 @@
-# libtool.m4 - Configure libtool for the host system. -*-Autoconf-*-
-## Copyright 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, 2006, 2007,
-## 2008 Free Software Foundation, Inc.
-## Originally by Gordon Matzigkeit <gord at gnu.ai.mit.edu>, 1996
-##
-## This file is free software; the Free Software Foundation gives
-## unlimited permission to copy and/or distribute it, with or without
-## modifications, as long as this notice is preserved.
-
-# serial 52 AC_PROG_LIBTOOL
-
-
-# AC_PROVIDE_IFELSE(MACRO-NAME, IF-PROVIDED, IF-NOT-PROVIDED)
-# -----------------------------------------------------------
-# If this macro is not defined by Autoconf, define it here.
-m4_ifdef([AC_PROVIDE_IFELSE],
- [],
- [m4_define([AC_PROVIDE_IFELSE],
- [m4_ifdef([AC_PROVIDE_$1],
- [$2], [$3])])])
-
-
-# AC_PROG_LIBTOOL
-# ---------------
-AC_DEFUN([AC_PROG_LIBTOOL],
-[AC_REQUIRE([_AC_PROG_LIBTOOL])dnl
-dnl If AC_PROG_CXX has already been expanded, run AC_LIBTOOL_CXX
-dnl immediately, otherwise, hook it in at the end of AC_PROG_CXX.
- AC_PROVIDE_IFELSE([AC_PROG_CXX],
- [AC_LIBTOOL_CXX],
- [define([AC_PROG_CXX], defn([AC_PROG_CXX])[AC_LIBTOOL_CXX
- ])])
-dnl And a similar setup for Fortran 77 support
- AC_PROVIDE_IFELSE([AC_PROG_F77],
- [AC_LIBTOOL_F77],
- [define([AC_PROG_F77], defn([AC_PROG_F77])[AC_LIBTOOL_F77
-])])
-
-dnl Quote A][M_PROG_GCJ so that aclocal doesn't bring it in needlessly.
-dnl If either AC_PROG_GCJ or A][M_PROG_GCJ have already been expanded, run
-dnl AC_LIBTOOL_GCJ immediately, otherwise, hook it in at the end of both.
- AC_PROVIDE_IFELSE([AC_PROG_GCJ],
- [AC_LIBTOOL_GCJ],
- [AC_PROVIDE_IFELSE([A][M_PROG_GCJ],
- [AC_LIBTOOL_GCJ],
- [AC_PROVIDE_IFELSE([LT_AC_PROG_GCJ],
- [AC_LIBTOOL_GCJ],
- [ifdef([AC_PROG_GCJ],
- [define([AC_PROG_GCJ], defn([AC_PROG_GCJ])[AC_LIBTOOL_GCJ])])
- ifdef([A][M_PROG_GCJ],
- [define([A][M_PROG_GCJ], defn([A][M_PROG_GCJ])[AC_LIBTOOL_GCJ])])
- ifdef([LT_AC_PROG_GCJ],
- [define([LT_AC_PROG_GCJ],
- defn([LT_AC_PROG_GCJ])[AC_LIBTOOL_GCJ])])])])
-])])# AC_PROG_LIBTOOL
-
-
-# _AC_PROG_LIBTOOL
-# ----------------
-AC_DEFUN([_AC_PROG_LIBTOOL],
-[AC_REQUIRE([AC_LIBTOOL_SETUP])dnl
-AC_BEFORE([$0],[AC_LIBTOOL_CXX])dnl
-AC_BEFORE([$0],[AC_LIBTOOL_F77])dnl
-AC_BEFORE([$0],[AC_LIBTOOL_GCJ])dnl
-
-# This can be used to rebuild libtool when needed
-LIBTOOL_DEPS="$ac_aux_dir/ltmain.sh"
-
-# Always use our own libtool.
-LIBTOOL='$(SHELL) $(top_builddir)/libtool'
-AC_SUBST(LIBTOOL)dnl
-
-# Prevent multiple expansion
-define([AC_PROG_LIBTOOL], [])
-])# _AC_PROG_LIBTOOL
-
-
-# AC_LIBTOOL_SETUP
-# ----------------
-AC_DEFUN([AC_LIBTOOL_SETUP],
-[AC_PREREQ(2.50)dnl
-AC_REQUIRE([AC_ENABLE_SHARED])dnl
-AC_REQUIRE([AC_ENABLE_STATIC])dnl
-AC_REQUIRE([AC_ENABLE_FAST_INSTALL])dnl
-AC_REQUIRE([AC_CANONICAL_HOST])dnl
-AC_REQUIRE([AC_CANONICAL_BUILD])dnl
-AC_REQUIRE([AC_PROG_CC])dnl
-AC_REQUIRE([AC_PROG_LD])dnl
-AC_REQUIRE([AC_PROG_LD_RELOAD_FLAG])dnl
-AC_REQUIRE([AC_PROG_NM])dnl
-
-AC_REQUIRE([AC_PROG_LN_S])dnl
-AC_REQUIRE([AC_DEPLIBS_CHECK_METHOD])dnl
-# Autoconf 2.13's AC_OBJEXT and AC_EXEEXT macros only works for C compilers!
-AC_REQUIRE([AC_OBJEXT])dnl
-AC_REQUIRE([AC_EXEEXT])dnl
-dnl
-AC_LIBTOOL_SYS_MAX_CMD_LEN
-AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE
-AC_LIBTOOL_OBJDIR
-
-AC_REQUIRE([_LT_AC_SYS_COMPILER])dnl
-_LT_AC_PROG_ECHO_BACKSLASH
-
-case $host_os in
-aix3*)
- # AIX sometimes has problems with the GCC collect2 program. For some
- # reason, if we set the COLLECT_NAMES environment variable, the problems
- # vanish in a puff of smoke.
- if test "X${COLLECT_NAMES+set}" != Xset; then
- COLLECT_NAMES=
- export COLLECT_NAMES
- fi
- ;;
-esac
-
-# Sed substitution that helps us do robust quoting. It backslashifies
-# metacharacters that are still active within double-quoted strings.
-Xsed='sed -e 1s/^X//'
-[sed_quote_subst='s/\([\\"\\`$\\\\]\)/\\\1/g']
-
-# Same as above, but do not quote variable references.
-[double_quote_subst='s/\([\\"\\`\\\\]\)/\\\1/g']
-
-# Sed substitution to delay expansion of an escaped shell variable in a
-# double_quote_subst'ed string.
-delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g'
-
-# Sed substitution to avoid accidental globbing in evaled expressions
-no_glob_subst='s/\*/\\\*/g'
-
-# Constants:
-rm="rm -f"
-
-# Global variables:
-default_ofile=libtool
-can_build_shared=yes
-
-# All known linkers require a `.a' archive for static linking (except MSVC,
-# which needs '.lib').
-libext=a
-ltmain="$ac_aux_dir/ltmain.sh"
-ofile="$default_ofile"
-with_gnu_ld="$lt_cv_prog_gnu_ld"
-
-AC_CHECK_TOOL(AR, ar, false)
-AC_CHECK_TOOL(RANLIB, ranlib, :)
-AC_CHECK_TOOL(STRIP, strip, :)
-
-old_CC="$CC"
-old_CFLAGS="$CFLAGS"
-
-# Set sane defaults for various variables
-test -z "$AR" && AR=ar
-test -z "$AR_FLAGS" && AR_FLAGS=cru
-test -z "$AS" && AS=as
-test -z "$CC" && CC=cc
-test -z "$LTCC" && LTCC=$CC
-test -z "$LTCFLAGS" && LTCFLAGS=$CFLAGS
-test -z "$DLLTOOL" && DLLTOOL=dlltool
-test -z "$LD" && LD=ld
-test -z "$LN_S" && LN_S="ln -s"
-test -z "$MAGIC_CMD" && MAGIC_CMD=file
-test -z "$NM" && NM=nm
-test -z "$SED" && SED=sed
-test -z "$OBJDUMP" && OBJDUMP=objdump
-test -z "$RANLIB" && RANLIB=:
-test -z "$STRIP" && STRIP=:
-test -z "$ac_objext" && ac_objext=o
-
-# Determine commands to create old-style static archives.
-old_archive_cmds='$AR $AR_FLAGS $oldlib$oldobjs'
-old_postinstall_cmds='chmod 644 $oldlib'
-old_postuninstall_cmds=
-
-if test -n "$RANLIB"; then
- case $host_os in
- openbsd*)
- old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$oldlib"
- ;;
- *)
- old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$oldlib"
- ;;
- esac
- old_archive_cmds="$old_archive_cmds~\$RANLIB \$oldlib"
-fi
-
-_LT_CC_BASENAME([$compiler])
-
-# Only perform the check for file, if the check method requires it
-case $deplibs_check_method in
-file_magic*)
- if test "$file_magic_cmd" = '$MAGIC_CMD'; then
- AC_PATH_MAGIC
- fi
- ;;
-esac
-
-_LT_REQUIRED_DARWIN_CHECKS
-
-AC_PROVIDE_IFELSE([AC_LIBTOOL_DLOPEN], enable_dlopen=yes, enable_dlopen=no)
-AC_PROVIDE_IFELSE([AC_LIBTOOL_WIN32_DLL],
-enable_win32_dll=yes, enable_win32_dll=no)
-
-AC_ARG_ENABLE([libtool-lock],
- [AC_HELP_STRING([--disable-libtool-lock],
- [avoid locking (might break parallel builds)])])
-test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes
-
-AC_ARG_WITH([pic],
- [AC_HELP_STRING([--with-pic],
- [try to use only PIC/non-PIC objects @<:@default=use both@:>@])],
- [pic_mode="$withval"],
- [pic_mode=default])
-test -z "$pic_mode" && pic_mode=default
-
-# Use C for the default configuration in the libtool script
-tagname=
-AC_LIBTOOL_LANG_C_CONFIG
-])# AC_LIBTOOL_SETUP
-
-
-# _LT_AC_SYS_COMPILER
-# -------------------
-AC_DEFUN([_LT_AC_SYS_COMPILER],
-[AC_REQUIRE([AC_PROG_CC])dnl
-
-# If no C compiler was specified, use CC.
-LTCC=${LTCC-"$CC"}
-
-# If no C compiler flags were specified, use CFLAGS.
-LTCFLAGS=${LTCFLAGS-"$CFLAGS"}
-
-# Allow CC to be a program name with arguments.
-compiler=$CC
-])# _LT_AC_SYS_COMPILER
-
-
-# _LT_CC_BASENAME(CC)
-# -------------------
-# Calculate cc_basename. Skip known compiler wrappers and cross-prefix.
-AC_DEFUN([_LT_CC_BASENAME],
-[for cc_temp in $1""; do
- case $cc_temp in
- compile | *[[\\/]]compile | ccache | *[[\\/]]ccache ) ;;
- distcc | *[[\\/]]distcc | purify | *[[\\/]]purify ) ;;
- \-*) ;;
- *) break;;
- esac
-done
-cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"`
-])
-
-
-# _LT_COMPILER_BOILERPLATE
-# ------------------------
-# Check for compiler boilerplate output or warnings with
-# the simple compiler test code.
-AC_DEFUN([_LT_COMPILER_BOILERPLATE],
-[AC_REQUIRE([LT_AC_PROG_SED])dnl
-ac_outfile=conftest.$ac_objext
-echo "$lt_simple_compile_test_code" >conftest.$ac_ext
-eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
-_lt_compiler_boilerplate=`cat conftest.err`
-$rm conftest*
-])# _LT_COMPILER_BOILERPLATE
-
-
-# _LT_LINKER_BOILERPLATE
-# ----------------------
-# Check for linker boilerplate output or warnings with
-# the simple link test code.
-AC_DEFUN([_LT_LINKER_BOILERPLATE],
-[AC_REQUIRE([LT_AC_PROG_SED])dnl
-ac_outfile=conftest.$ac_objext
-echo "$lt_simple_link_test_code" >conftest.$ac_ext
-eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
-_lt_linker_boilerplate=`cat conftest.err`
-$rm -r conftest*
-])# _LT_LINKER_BOILERPLATE
-
-# _LT_REQUIRED_DARWIN_CHECKS
-# --------------------------
-# Check for some things on darwin
-AC_DEFUN([_LT_REQUIRED_DARWIN_CHECKS],[
- case $host_os in
- rhapsody* | darwin*)
- AC_CHECK_TOOL([DSYMUTIL], [dsymutil], [:])
- AC_CHECK_TOOL([NMEDIT], [nmedit], [:])
-
- AC_CACHE_CHECK([for -single_module linker flag],[lt_cv_apple_cc_single_mod],
- [lt_cv_apple_cc_single_mod=no
- if test -z "${LT_MULTI_MODULE}"; then
- # By default we will add the -single_module flag. You can override
- # by either setting the environment variable LT_MULTI_MODULE
- # non-empty at configure time, or by adding -multi_module to the
- # link flags.
- echo "int foo(void){return 1;}" > conftest.c
- $LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \
- -dynamiclib ${wl}-single_module conftest.c
- if test -f libconftest.dylib; then
- lt_cv_apple_cc_single_mod=yes
- rm -rf libconftest.dylib*
- fi
- rm conftest.c
- fi])
- AC_CACHE_CHECK([for -exported_symbols_list linker flag],
- [lt_cv_ld_exported_symbols_list],
- [lt_cv_ld_exported_symbols_list=no
- save_LDFLAGS=$LDFLAGS
- echo "_main" > conftest.sym
- LDFLAGS="$LDFLAGS -Wl,-exported_symbols_list,conftest.sym"
- AC_LINK_IFELSE([AC_LANG_PROGRAM([],[])],
- [lt_cv_ld_exported_symbols_list=yes],
- [lt_cv_ld_exported_symbols_list=no])
- LDFLAGS="$save_LDFLAGS"
- ])
- case $host_os in
- rhapsody* | darwin1.[[0123]])
- _lt_dar_allow_undefined='${wl}-undefined ${wl}suppress' ;;
- darwin1.*)
- _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;;
- darwin*)
- # if running on 10.5 or later, the deployment target defaults
- # to the OS version, if on x86, and 10.4, the deployment
- # target defaults to 10.4. Don't you love it?
- case ${MACOSX_DEPLOYMENT_TARGET-10.0},$host in
- 10.0,*86*-darwin8*|10.0,*-darwin[[91]]*)
- _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;;
- 10.[[012]]*)
- _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;;
- 10.*)
- _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;;
- esac
- ;;
- esac
- if test "$lt_cv_apple_cc_single_mod" = "yes"; then
- _lt_dar_single_mod='$single_module'
- fi
- if test "$lt_cv_ld_exported_symbols_list" = "yes"; then
- _lt_dar_export_syms=' ${wl}-exported_symbols_list,$output_objdir/${libname}-symbols.expsym'
- else
- _lt_dar_export_syms="~$NMEDIT -s \$output_objdir/\${libname}-symbols.expsym \${lib}"
- fi
- if test "$DSYMUTIL" != ":"; then
- _lt_dsymutil="~$DSYMUTIL \$lib || :"
- else
- _lt_dsymutil=
- fi
- ;;
- esac
-])
-
-# _LT_AC_SYS_LIBPATH_AIX
-# ----------------------
-# Links a minimal program and checks the executable
-# for the system default hardcoded library path. In most cases,
-# this is /usr/lib:/lib, but when the MPI compilers are used
-# the location of the communication and MPI libs are included too.
-# If we don't find anything, use the default library path according
-# to the aix ld manual.
-AC_DEFUN([_LT_AC_SYS_LIBPATH_AIX],
-[AC_REQUIRE([LT_AC_PROG_SED])dnl
-AC_LINK_IFELSE(AC_LANG_PROGRAM,[
-lt_aix_libpath_sed='
- /Import File Strings/,/^$/ {
- /^0/ {
- s/^0 *\(.*\)$/\1/
- p
- }
- }'
-aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
-# Check for a 64-bit object if we didn't find anything.
-if test -z "$aix_libpath"; then
- aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
-fi],[])
-if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi
-])# _LT_AC_SYS_LIBPATH_AIX
-
-
-# _LT_AC_SHELL_INIT(ARG)
-# ----------------------
-AC_DEFUN([_LT_AC_SHELL_INIT],
-[ifdef([AC_DIVERSION_NOTICE],
- [AC_DIVERT_PUSH(AC_DIVERSION_NOTICE)],
- [AC_DIVERT_PUSH(NOTICE)])
-$1
-AC_DIVERT_POP
-])# _LT_AC_SHELL_INIT
-
-
-# _LT_AC_PROG_ECHO_BACKSLASH
-# --------------------------
-# Add some code to the start of the generated configure script which
-# will find an echo command which doesn't interpret backslashes.
-AC_DEFUN([_LT_AC_PROG_ECHO_BACKSLASH],
-[_LT_AC_SHELL_INIT([
-# Check that we are running under the correct shell.
-SHELL=${CONFIG_SHELL-/bin/sh}
-
-case X$ECHO in
-X*--fallback-echo)
- # Remove one level of quotation (which was required for Make).
- ECHO=`echo "$ECHO" | sed 's,\\\\\[$]\\[$]0,'[$]0','`
- ;;
-esac
-
-echo=${ECHO-echo}
-if test "X[$]1" = X--no-reexec; then
- # Discard the --no-reexec flag, and continue.
- shift
-elif test "X[$]1" = X--fallback-echo; then
- # Avoid inline document here, it may be left over
- :
-elif test "X`($echo '\t') 2>/dev/null`" = 'X\t' ; then
- # Yippee, $echo works!
- :
-else
- # Restart under the correct shell.
- exec $SHELL "[$]0" --no-reexec ${1+"[$]@"}
-fi
-
-if test "X[$]1" = X--fallback-echo; then
- # used as fallback echo
- shift
- cat <<EOF
-[$]*
-EOF
- exit 0
-fi
-
-# The HP-UX ksh and POSIX shell print the target directory to stdout
-# if CDPATH is set.
-(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
-
-if test -z "$ECHO"; then
-if test "X${echo_test_string+set}" != Xset; then
-# find a string as large as possible, as long as the shell can cope with it
- for cmd in 'sed 50q "[$]0"' 'sed 20q "[$]0"' 'sed 10q "[$]0"' 'sed 2q "[$]0"' 'echo test'; do
- # expected sizes: less than 2Kb, 1Kb, 512 bytes, 16 bytes, ...
- if (echo_test_string=`eval $cmd`) 2>/dev/null &&
- echo_test_string=`eval $cmd` &&
- (test "X$echo_test_string" = "X$echo_test_string") 2>/dev/null
- then
- break
- fi
- done
-fi
-
-if test "X`($echo '\t') 2>/dev/null`" = 'X\t' &&
- echo_testing_string=`($echo "$echo_test_string") 2>/dev/null` &&
- test "X$echo_testing_string" = "X$echo_test_string"; then
- :
-else
- # The Solaris, AIX, and Digital Unix default echo programs unquote
- # backslashes. This makes it impossible to quote backslashes using
- # echo "$something" | sed 's/\\/\\\\/g'
- #
- # So, first we look for a working echo in the user's PATH.
-
- lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
- for dir in $PATH /usr/ucb; do
- IFS="$lt_save_ifs"
- if (test -f $dir/echo || test -f $dir/echo$ac_exeext) &&
- test "X`($dir/echo '\t') 2>/dev/null`" = 'X\t' &&
- echo_testing_string=`($dir/echo "$echo_test_string") 2>/dev/null` &&
- test "X$echo_testing_string" = "X$echo_test_string"; then
- echo="$dir/echo"
- break
- fi
- done
- IFS="$lt_save_ifs"
-
- if test "X$echo" = Xecho; then
- # We didn't find a better echo, so look for alternatives.
- if test "X`(print -r '\t') 2>/dev/null`" = 'X\t' &&
- echo_testing_string=`(print -r "$echo_test_string") 2>/dev/null` &&
- test "X$echo_testing_string" = "X$echo_test_string"; then
- # This shell has a builtin print -r that does the trick.
- echo='print -r'
- elif (test -f /bin/ksh || test -f /bin/ksh$ac_exeext) &&
- test "X$CONFIG_SHELL" != X/bin/ksh; then
- # If we have ksh, try running configure again with it.
- ORIGINAL_CONFIG_SHELL=${CONFIG_SHELL-/bin/sh}
- export ORIGINAL_CONFIG_SHELL
- CONFIG_SHELL=/bin/ksh
- export CONFIG_SHELL
- exec $CONFIG_SHELL "[$]0" --no-reexec ${1+"[$]@"}
- else
- # Try using printf.
- echo='printf %s\n'
- if test "X`($echo '\t') 2>/dev/null`" = 'X\t' &&
- echo_testing_string=`($echo "$echo_test_string") 2>/dev/null` &&
- test "X$echo_testing_string" = "X$echo_test_string"; then
- # Cool, printf works
- :
- elif echo_testing_string=`($ORIGINAL_CONFIG_SHELL "[$]0" --fallback-echo '\t') 2>/dev/null` &&
- test "X$echo_testing_string" = 'X\t' &&
- echo_testing_string=`($ORIGINAL_CONFIG_SHELL "[$]0" --fallback-echo "$echo_test_string") 2>/dev/null` &&
- test "X$echo_testing_string" = "X$echo_test_string"; then
- CONFIG_SHELL=$ORIGINAL_CONFIG_SHELL
- export CONFIG_SHELL
- SHELL="$CONFIG_SHELL"
- export SHELL
- echo="$CONFIG_SHELL [$]0 --fallback-echo"
- elif echo_testing_string=`($CONFIG_SHELL "[$]0" --fallback-echo '\t') 2>/dev/null` &&
- test "X$echo_testing_string" = 'X\t' &&
- echo_testing_string=`($CONFIG_SHELL "[$]0" --fallback-echo "$echo_test_string") 2>/dev/null` &&
- test "X$echo_testing_string" = "X$echo_test_string"; then
- echo="$CONFIG_SHELL [$]0 --fallback-echo"
- else
- # maybe with a smaller string...
- prev=:
-
- for cmd in 'echo test' 'sed 2q "[$]0"' 'sed 10q "[$]0"' 'sed 20q "[$]0"' 'sed 50q "[$]0"'; do
- if (test "X$echo_test_string" = "X`eval $cmd`") 2>/dev/null
- then
- break
- fi
- prev="$cmd"
- done
-
- if test "$prev" != 'sed 50q "[$]0"'; then
- echo_test_string=`eval $prev`
- export echo_test_string
- exec ${ORIGINAL_CONFIG_SHELL-${CONFIG_SHELL-/bin/sh}} "[$]0" ${1+"[$]@"}
- else
- # Oops. We lost completely, so just stick with echo.
- echo=echo
- fi
- fi
- fi
- fi
-fi
-fi
-
-# Copy echo and quote the copy suitably for passing to libtool from
-# the Makefile, instead of quoting the original, which is used later.
-ECHO=$echo
-if test "X$ECHO" = "X$CONFIG_SHELL [$]0 --fallback-echo"; then
- ECHO="$CONFIG_SHELL \\\$\[$]0 --fallback-echo"
-fi
-
-AC_SUBST(ECHO)
-])])# _LT_AC_PROG_ECHO_BACKSLASH
-
-
-# _LT_AC_LOCK
-# -----------
-AC_DEFUN([_LT_AC_LOCK],
-[AC_ARG_ENABLE([libtool-lock],
- [AC_HELP_STRING([--disable-libtool-lock],
- [avoid locking (might break parallel builds)])])
-test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes
-
-# Some flags need to be propagated to the compiler or linker for good
-# libtool support.
-case $host in
-ia64-*-hpux*)
- # Find out which ABI we are using.
- echo 'int i;' > conftest.$ac_ext
- if AC_TRY_EVAL(ac_compile); then
- case `/usr/bin/file conftest.$ac_objext` in
- *ELF-32*)
- HPUX_IA64_MODE="32"
- ;;
- *ELF-64*)
- HPUX_IA64_MODE="64"
- ;;
- esac
- fi
- rm -rf conftest*
- ;;
-*-*-irix6*)
- # Find out which ABI we are using.
- echo '[#]line __oline__ "configure"' > conftest.$ac_ext
- if AC_TRY_EVAL(ac_compile); then
- if test "$lt_cv_prog_gnu_ld" = yes; then
- case `/usr/bin/file conftest.$ac_objext` in
- *32-bit*)
- LD="${LD-ld} -melf32bsmip"
- ;;
- *N32*)
- LD="${LD-ld} -melf32bmipn32"
- ;;
- *64-bit*)
- LD="${LD-ld} -melf64bmip"
- ;;
- esac
- else
- case `/usr/bin/file conftest.$ac_objext` in
- *32-bit*)
- LD="${LD-ld} -32"
- ;;
- *N32*)
- LD="${LD-ld} -n32"
- ;;
- *64-bit*)
- LD="${LD-ld} -64"
- ;;
- esac
- fi
- fi
- rm -rf conftest*
- ;;
-
-x86_64-*kfreebsd*-gnu|x86_64-*linux*|ppc*-*linux*|powerpc*-*linux*| \
-s390*-*linux*|sparc*-*linux*)
- # Find out which ABI we are using.
- echo 'int i;' > conftest.$ac_ext
- if AC_TRY_EVAL(ac_compile); then
- case `/usr/bin/file conftest.o` in
- *32-bit*)
- case $host in
- x86_64-*kfreebsd*-gnu)
- LD="${LD-ld} -m elf_i386_fbsd"
- ;;
- x86_64-*linux*)
- LD="${LD-ld} -m elf_i386"
- ;;
- ppc64-*linux*|powerpc64-*linux*)
- LD="${LD-ld} -m elf32ppclinux"
- ;;
- s390x-*linux*)
- LD="${LD-ld} -m elf_s390"
- ;;
- sparc64-*linux*)
- LD="${LD-ld} -m elf32_sparc"
- ;;
- esac
- ;;
- *64-bit*)
- case $host in
- x86_64-*kfreebsd*-gnu)
- LD="${LD-ld} -m elf_x86_64_fbsd"
- ;;
- x86_64-*linux*)
- LD="${LD-ld} -m elf_x86_64"
- ;;
- ppc*-*linux*|powerpc*-*linux*)
- LD="${LD-ld} -m elf64ppc"
- ;;
- s390*-*linux*)
- LD="${LD-ld} -m elf64_s390"
- ;;
- sparc*-*linux*)
- LD="${LD-ld} -m elf64_sparc"
- ;;
- esac
- ;;
- esac
- fi
- rm -rf conftest*
- ;;
-
-*-*-sco3.2v5*)
- # On SCO OpenServer 5, we need -belf to get full-featured binaries.
- SAVE_CFLAGS="$CFLAGS"
- CFLAGS="$CFLAGS -belf"
- AC_CACHE_CHECK([whether the C compiler needs -belf], lt_cv_cc_needs_belf,
- [AC_LANG_PUSH(C)
- AC_TRY_LINK([],[],[lt_cv_cc_needs_belf=yes],[lt_cv_cc_needs_belf=no])
- AC_LANG_POP])
- if test x"$lt_cv_cc_needs_belf" != x"yes"; then
- # this is probably gcc 2.8.0, egcs 1.0 or newer; no need for -belf
- CFLAGS="$SAVE_CFLAGS"
- fi
- ;;
-sparc*-*solaris*)
- # Find out which ABI we are using.
- echo 'int i;' > conftest.$ac_ext
- if AC_TRY_EVAL(ac_compile); then
- case `/usr/bin/file conftest.o` in
- *64-bit*)
- case $lt_cv_prog_gnu_ld in
- yes*) LD="${LD-ld} -m elf64_sparc" ;;
- *)
- if ${LD-ld} -64 -r -o conftest2.o conftest.o >/dev/null 2>&1; then
- LD="${LD-ld} -64"
- fi
- ;;
- esac
- ;;
- esac
- fi
- rm -rf conftest*
- ;;
-
-AC_PROVIDE_IFELSE([AC_LIBTOOL_WIN32_DLL],
-[*-*-cygwin* | *-*-mingw* | *-*-pw32*)
- AC_CHECK_TOOL(DLLTOOL, dlltool, false)
- AC_CHECK_TOOL(AS, as, false)
- AC_CHECK_TOOL(OBJDUMP, objdump, false)
- ;;
- ])
-esac
-
-need_locks="$enable_libtool_lock"
-
-])# _LT_AC_LOCK
-
-
-# AC_LIBTOOL_COMPILER_OPTION(MESSAGE, VARIABLE-NAME, FLAGS,
-# [OUTPUT-FILE], [ACTION-SUCCESS], [ACTION-FAILURE])
-# ----------------------------------------------------------------
-# Check whether the given compiler option works
-AC_DEFUN([AC_LIBTOOL_COMPILER_OPTION],
-[AC_REQUIRE([LT_AC_PROG_SED])
-AC_CACHE_CHECK([$1], [$2],
- [$2=no
- ifelse([$4], , [ac_outfile=conftest.$ac_objext], [ac_outfile=$4])
- echo "$lt_simple_compile_test_code" > conftest.$ac_ext
- lt_compiler_flag="$3"
- # Insert the option either (1) after the last *FLAGS variable, or
- # (2) before a word containing "conftest.", or (3) at the end.
- # Note that $ac_compile itself does not contain backslashes and begins
- # with a dollar sign (not a hyphen), so the echo should work correctly.
- # The option is referenced via a variable to avoid confusing sed.
- lt_compile=`echo "$ac_compile" | $SED \
- -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
- -e 's: [[^ ]]*conftest\.: $lt_compiler_flag&:; t' \
- -e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:__oline__: $lt_compile\"" >&AS_MESSAGE_LOG_FD)
- (eval "$lt_compile" 2>conftest.err)
- ac_status=$?
- cat conftest.err >&AS_MESSAGE_LOG_FD
- echo "$as_me:__oline__: \$? = $ac_status" >&AS_MESSAGE_LOG_FD
- if (exit $ac_status) && test -s "$ac_outfile"; then
- # The compiler can only warn and ignore the option if not recognized
- # So say no if there are warnings other than the usual output.
- $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp
- $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
- if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then
- $2=yes
- fi
- fi
- $rm conftest*
-])
-
-if test x"[$]$2" = xyes; then
- ifelse([$5], , :, [$5])
-else
- ifelse([$6], , :, [$6])
-fi
-])# AC_LIBTOOL_COMPILER_OPTION
-
-
-# AC_LIBTOOL_LINKER_OPTION(MESSAGE, VARIABLE-NAME, FLAGS,
-# [ACTION-SUCCESS], [ACTION-FAILURE])
-# ------------------------------------------------------------
-# Check whether the given compiler option works
-AC_DEFUN([AC_LIBTOOL_LINKER_OPTION],
-[AC_REQUIRE([LT_AC_PROG_SED])dnl
-AC_CACHE_CHECK([$1], [$2],
- [$2=no
- save_LDFLAGS="$LDFLAGS"
- LDFLAGS="$LDFLAGS $3"
- echo "$lt_simple_link_test_code" > conftest.$ac_ext
- if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then
- # The linker can only warn and ignore the option if not recognized
- # So say no if there are warnings
- if test -s conftest.err; then
- # Append any errors to the config.log.
- cat conftest.err 1>&AS_MESSAGE_LOG_FD
- $echo "X$_lt_linker_boilerplate" | $Xsed -e '/^$/d' > conftest.exp
- $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
- if diff conftest.exp conftest.er2 >/dev/null; then
- $2=yes
- fi
- else
- $2=yes
- fi
- fi
- $rm -r conftest*
- LDFLAGS="$save_LDFLAGS"
-])
-
-if test x"[$]$2" = xyes; then
- ifelse([$4], , :, [$4])
-else
- ifelse([$5], , :, [$5])
-fi
-])# AC_LIBTOOL_LINKER_OPTION
-
-
-# AC_LIBTOOL_SYS_MAX_CMD_LEN
-# --------------------------
-AC_DEFUN([AC_LIBTOOL_SYS_MAX_CMD_LEN],
-[# find the maximum length of command line arguments
-AC_MSG_CHECKING([the maximum length of command line arguments])
-AC_CACHE_VAL([lt_cv_sys_max_cmd_len], [dnl
- i=0
- teststring="ABCD"
-
- case $build_os in
- msdosdjgpp*)
- # On DJGPP, this test can blow up pretty badly due to problems in libc
- # (any single argument exceeding 2000 bytes causes a buffer overrun
- # during glob expansion). Even if it were fixed, the result of this
- # check would be larger than it should be.
- lt_cv_sys_max_cmd_len=12288; # 12K is about right
- ;;
-
- gnu*)
- # Under GNU Hurd, this test is not required because there is
- # no limit to the length of command line arguments.
- # Libtool will interpret -1 as no limit whatsoever
- lt_cv_sys_max_cmd_len=-1;
- ;;
-
- cygwin* | mingw*)
- # On Win9x/ME, this test blows up -- it succeeds, but takes
- # about 5 minutes as the teststring grows exponentially.
- # Worse, since 9x/ME are not pre-emptively multitasking,
- # you end up with a "frozen" computer, even though with patience
- # the test eventually succeeds (with a max line length of 256k).
- # Instead, let's just punt: use the minimum linelength reported by
- # all of the supported platforms: 8192 (on NT/2K/XP).
- lt_cv_sys_max_cmd_len=8192;
- ;;
-
- amigaos*)
- # On AmigaOS with pdksh, this test takes hours, literally.
- # So we just punt and use a minimum line length of 8192.
- lt_cv_sys_max_cmd_len=8192;
- ;;
-
- netbsd* | freebsd* | openbsd* | darwin* | dragonfly*)
- # This has been around since 386BSD, at least. Likely further.
- if test -x /sbin/sysctl; then
- lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax`
- elif test -x /usr/sbin/sysctl; then
- lt_cv_sys_max_cmd_len=`/usr/sbin/sysctl -n kern.argmax`
- else
- lt_cv_sys_max_cmd_len=65536 # usable default for all BSDs
- fi
- # And add a safety zone
- lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4`
- lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3`
- ;;
-
- interix*)
- # We know the value 262144 and hardcode it with a safety zone (like BSD)
- lt_cv_sys_max_cmd_len=196608
- ;;
-
- osf*)
- # Dr. Hans Ekkehard Plesser reports seeing a kernel panic running configure
- # due to this test when exec_disable_arg_limit is 1 on Tru64. It is not
- # nice to cause kernel panics so lets avoid the loop below.
- # First set a reasonable default.
- lt_cv_sys_max_cmd_len=16384
- #
- if test -x /sbin/sysconfig; then
- case `/sbin/sysconfig -q proc exec_disable_arg_limit` in
- *1*) lt_cv_sys_max_cmd_len=-1 ;;
- esac
- fi
- ;;
- sco3.2v5*)
- lt_cv_sys_max_cmd_len=102400
- ;;
- sysv5* | sco5v6* | sysv4.2uw2*)
- kargmax=`grep ARG_MAX /etc/conf/cf.d/stune 2>/dev/null`
- if test -n "$kargmax"; then
- lt_cv_sys_max_cmd_len=`echo $kargmax | sed 's/.*[[ ]]//'`
- else
- lt_cv_sys_max_cmd_len=32768
- fi
- ;;
- *)
- lt_cv_sys_max_cmd_len=`(getconf ARG_MAX) 2> /dev/null`
- if test -n "$lt_cv_sys_max_cmd_len"; then
- lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4`
- lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3`
- else
- SHELL=${SHELL-${CONFIG_SHELL-/bin/sh}}
- while (test "X"`$SHELL [$]0 --fallback-echo "X$teststring" 2>/dev/null` \
- = "XX$teststring") >/dev/null 2>&1 &&
- new_result=`expr "X$teststring" : ".*" 2>&1` &&
- lt_cv_sys_max_cmd_len=$new_result &&
- test $i != 17 # 1/2 MB should be enough
- do
- i=`expr $i + 1`
- teststring=$teststring$teststring
- done
- teststring=
- # Add a significant safety factor because C++ compilers can tack on massive
- # amounts of additional arguments before passing them to the linker.
- # It appears as though 1/2 is a usable value.
- lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 2`
- fi
- ;;
- esac
-])
-if test -n $lt_cv_sys_max_cmd_len ; then
- AC_MSG_RESULT($lt_cv_sys_max_cmd_len)
-else
- AC_MSG_RESULT(none)
-fi
-])# AC_LIBTOOL_SYS_MAX_CMD_LEN
-
-
-# _LT_AC_CHECK_DLFCN
-# ------------------
-AC_DEFUN([_LT_AC_CHECK_DLFCN],
-[AC_CHECK_HEADERS(dlfcn.h)dnl
-])# _LT_AC_CHECK_DLFCN
-
-
-# _LT_AC_TRY_DLOPEN_SELF (ACTION-IF-TRUE, ACTION-IF-TRUE-W-USCORE,
-# ACTION-IF-FALSE, ACTION-IF-CROSS-COMPILING)
-# ---------------------------------------------------------------------
-AC_DEFUN([_LT_AC_TRY_DLOPEN_SELF],
-[AC_REQUIRE([_LT_AC_CHECK_DLFCN])dnl
-if test "$cross_compiling" = yes; then :
- [$4]
-else
- lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
- lt_status=$lt_dlunknown
- cat > conftest.$ac_ext <<EOF
-[#line __oline__ "configure"
-#include "confdefs.h"
-
-#if HAVE_DLFCN_H
-#include <dlfcn.h>
-#endif
-
-#include <stdio.h>
-
-#ifdef RTLD_GLOBAL
-# define LT_DLGLOBAL RTLD_GLOBAL
-#else
-# ifdef DL_GLOBAL
-# define LT_DLGLOBAL DL_GLOBAL
-# else
-# define LT_DLGLOBAL 0
-# endif
-#endif
-
-/* We may have to define LT_DLLAZY_OR_NOW in the command line if we
- find out it does not work in some platform. */
-#ifndef LT_DLLAZY_OR_NOW
-# ifdef RTLD_LAZY
-# define LT_DLLAZY_OR_NOW RTLD_LAZY
-# else
-# ifdef DL_LAZY
-# define LT_DLLAZY_OR_NOW DL_LAZY
-# else
-# ifdef RTLD_NOW
-# define LT_DLLAZY_OR_NOW RTLD_NOW
-# else
-# ifdef DL_NOW
-# define LT_DLLAZY_OR_NOW DL_NOW
-# else
-# define LT_DLLAZY_OR_NOW 0
-# endif
-# endif
-# endif
-# endif
-#endif
-
-#ifdef __cplusplus
-extern "C" void exit (int);
-#endif
-
-void fnord() { int i=42;}
-int main ()
-{
- void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW);
- int status = $lt_dlunknown;
-
- if (self)
- {
- if (dlsym (self,"fnord")) status = $lt_dlno_uscore;
- else if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore;
- /* dlclose (self); */
- }
- else
- puts (dlerror ());
-
- exit (status);
-}]
-EOF
- if AC_TRY_EVAL(ac_link) && test -s conftest${ac_exeext} 2>/dev/null; then
- (./conftest; exit; ) >&AS_MESSAGE_LOG_FD 2>/dev/null
- lt_status=$?
- case x$lt_status in
- x$lt_dlno_uscore) $1 ;;
- x$lt_dlneed_uscore) $2 ;;
- x$lt_dlunknown|x*) $3 ;;
- esac
- else :
- # compilation failed
- $3
- fi
-fi
-rm -fr conftest*
-])# _LT_AC_TRY_DLOPEN_SELF
-
-
-# AC_LIBTOOL_DLOPEN_SELF
-# ----------------------
-AC_DEFUN([AC_LIBTOOL_DLOPEN_SELF],
-[AC_REQUIRE([_LT_AC_CHECK_DLFCN])dnl
-if test "x$enable_dlopen" != xyes; then
- enable_dlopen=unknown
- enable_dlopen_self=unknown
- enable_dlopen_self_static=unknown
-else
- lt_cv_dlopen=no
- lt_cv_dlopen_libs=
-
- case $host_os in
- beos*)
- lt_cv_dlopen="load_add_on"
- lt_cv_dlopen_libs=
- lt_cv_dlopen_self=yes
- ;;
-
- mingw* | pw32*)
- lt_cv_dlopen="LoadLibrary"
- lt_cv_dlopen_libs=
- ;;
-
- cygwin*)
- lt_cv_dlopen="dlopen"
- lt_cv_dlopen_libs=
- ;;
-
- darwin*)
- # if libdl is installed we need to link against it
- AC_CHECK_LIB([dl], [dlopen],
- [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"],[
- lt_cv_dlopen="dyld"
- lt_cv_dlopen_libs=
- lt_cv_dlopen_self=yes
- ])
- ;;
-
- *)
- AC_CHECK_FUNC([shl_load],
- [lt_cv_dlopen="shl_load"],
- [AC_CHECK_LIB([dld], [shl_load],
- [lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-ldld"],
- [AC_CHECK_FUNC([dlopen],
- [lt_cv_dlopen="dlopen"],
- [AC_CHECK_LIB([dl], [dlopen],
- [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"],
- [AC_CHECK_LIB([svld], [dlopen],
- [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-lsvld"],
- [AC_CHECK_LIB([dld], [dld_link],
- [lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-ldld"])
- ])
- ])
- ])
- ])
- ])
- ;;
- esac
-
- if test "x$lt_cv_dlopen" != xno; then
- enable_dlopen=yes
- else
- enable_dlopen=no
- fi
-
- case $lt_cv_dlopen in
- dlopen)
- save_CPPFLAGS="$CPPFLAGS"
- test "x$ac_cv_header_dlfcn_h" = xyes && CPPFLAGS="$CPPFLAGS -DHAVE_DLFCN_H"
-
- save_LDFLAGS="$LDFLAGS"
- wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $export_dynamic_flag_spec\"
-
- save_LIBS="$LIBS"
- LIBS="$lt_cv_dlopen_libs $LIBS"
-
- AC_CACHE_CHECK([whether a program can dlopen itself],
- lt_cv_dlopen_self, [dnl
- _LT_AC_TRY_DLOPEN_SELF(
- lt_cv_dlopen_self=yes, lt_cv_dlopen_self=yes,
- lt_cv_dlopen_self=no, lt_cv_dlopen_self=cross)
- ])
-
- if test "x$lt_cv_dlopen_self" = xyes; then
- wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $lt_prog_compiler_static\"
- AC_CACHE_CHECK([whether a statically linked program can dlopen itself],
- lt_cv_dlopen_self_static, [dnl
- _LT_AC_TRY_DLOPEN_SELF(
- lt_cv_dlopen_self_static=yes, lt_cv_dlopen_self_static=yes,
- lt_cv_dlopen_self_static=no, lt_cv_dlopen_self_static=cross)
- ])
- fi
-
- CPPFLAGS="$save_CPPFLAGS"
- LDFLAGS="$save_LDFLAGS"
- LIBS="$save_LIBS"
- ;;
- esac
-
- case $lt_cv_dlopen_self in
- yes|no) enable_dlopen_self=$lt_cv_dlopen_self ;;
- *) enable_dlopen_self=unknown ;;
- esac
-
- case $lt_cv_dlopen_self_static in
- yes|no) enable_dlopen_self_static=$lt_cv_dlopen_self_static ;;
- *) enable_dlopen_self_static=unknown ;;
- esac
-fi
-])# AC_LIBTOOL_DLOPEN_SELF
-
-
-# AC_LIBTOOL_PROG_CC_C_O([TAGNAME])
-# ---------------------------------
-# Check to see if options -c and -o are simultaneously supported by compiler
-AC_DEFUN([AC_LIBTOOL_PROG_CC_C_O],
-[AC_REQUIRE([LT_AC_PROG_SED])dnl
-AC_REQUIRE([_LT_AC_SYS_COMPILER])dnl
-AC_CACHE_CHECK([if $compiler supports -c -o file.$ac_objext],
- [_LT_AC_TAGVAR(lt_cv_prog_compiler_c_o, $1)],
- [_LT_AC_TAGVAR(lt_cv_prog_compiler_c_o, $1)=no
- $rm -r conftest 2>/dev/null
- mkdir conftest
- cd conftest
- mkdir out
- echo "$lt_simple_compile_test_code" > conftest.$ac_ext
-
- lt_compiler_flag="-o out/conftest2.$ac_objext"
- # Insert the option either (1) after the last *FLAGS variable, or
- # (2) before a word containing "conftest.", or (3) at the end.
- # Note that $ac_compile itself does not contain backslashes and begins
- # with a dollar sign (not a hyphen), so the echo should work correctly.
- lt_compile=`echo "$ac_compile" | $SED \
- -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
- -e 's: [[^ ]]*conftest\.: $lt_compiler_flag&:; t' \
- -e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:__oline__: $lt_compile\"" >&AS_MESSAGE_LOG_FD)
- (eval "$lt_compile" 2>out/conftest.err)
- ac_status=$?
- cat out/conftest.err >&AS_MESSAGE_LOG_FD
- echo "$as_me:__oline__: \$? = $ac_status" >&AS_MESSAGE_LOG_FD
- if (exit $ac_status) && test -s out/conftest2.$ac_objext
- then
- # The compiler can only warn and ignore the option if not recognized
- # So say no if there are warnings
- $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' > out/conftest.exp
- $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2
- if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then
- _LT_AC_TAGVAR(lt_cv_prog_compiler_c_o, $1)=yes
- fi
- fi
- chmod u+w . 2>&AS_MESSAGE_LOG_FD
- $rm conftest*
- # SGI C++ compiler will create directory out/ii_files/ for
- # template instantiation
- test -d out/ii_files && $rm out/ii_files/* && rmdir out/ii_files
- $rm out/* && rmdir out
- cd ..
- rmdir conftest
- $rm conftest*
-])
-])# AC_LIBTOOL_PROG_CC_C_O
-
-
-# AC_LIBTOOL_SYS_HARD_LINK_LOCKS([TAGNAME])
-# -----------------------------------------
-# Check to see if we can do hard links to lock some files if needed
-AC_DEFUN([AC_LIBTOOL_SYS_HARD_LINK_LOCKS],
-[AC_REQUIRE([_LT_AC_LOCK])dnl
-
-hard_links="nottested"
-if test "$_LT_AC_TAGVAR(lt_cv_prog_compiler_c_o, $1)" = no && test "$need_locks" != no; then
- # do not overwrite the value of need_locks provided by the user
- AC_MSG_CHECKING([if we can lock with hard links])
- hard_links=yes
- $rm conftest*
- ln conftest.a conftest.b 2>/dev/null && hard_links=no
- touch conftest.a
- ln conftest.a conftest.b 2>&5 || hard_links=no
- ln conftest.a conftest.b 2>/dev/null && hard_links=no
- AC_MSG_RESULT([$hard_links])
- if test "$hard_links" = no; then
- AC_MSG_WARN([`$CC' does not support `-c -o', so `make -j' may be unsafe])
- need_locks=warn
- fi
-else
- need_locks=no
-fi
-])# AC_LIBTOOL_SYS_HARD_LINK_LOCKS
-
-
-# AC_LIBTOOL_OBJDIR
-# -----------------
-AC_DEFUN([AC_LIBTOOL_OBJDIR],
-[AC_CACHE_CHECK([for objdir], [lt_cv_objdir],
-[rm -f .libs 2>/dev/null
-mkdir .libs 2>/dev/null
-if test -d .libs; then
- lt_cv_objdir=.libs
-else
- # MS-DOS does not allow filenames that begin with a dot.
- lt_cv_objdir=_libs
-fi
-rmdir .libs 2>/dev/null])
-objdir=$lt_cv_objdir
-])# AC_LIBTOOL_OBJDIR
-
-
-# AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH([TAGNAME])
-# ----------------------------------------------
-# Check hardcoding attributes.
-AC_DEFUN([AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH],
-[AC_MSG_CHECKING([how to hardcode library paths into programs])
-_LT_AC_TAGVAR(hardcode_action, $1)=
-if test -n "$_LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)" || \
- test -n "$_LT_AC_TAGVAR(runpath_var, $1)" || \
- test "X$_LT_AC_TAGVAR(hardcode_automatic, $1)" = "Xyes" ; then
-
- # We can hardcode non-existent directories.
- if test "$_LT_AC_TAGVAR(hardcode_direct, $1)" != no &&
- # If the only mechanism to avoid hardcoding is shlibpath_var, we
- # have to relink, otherwise we might link with an installed library
- # when we should be linking with a yet-to-be-installed one
- ## test "$_LT_AC_TAGVAR(hardcode_shlibpath_var, $1)" != no &&
- test "$_LT_AC_TAGVAR(hardcode_minus_L, $1)" != no; then
- # Linking always hardcodes the temporary library directory.
- _LT_AC_TAGVAR(hardcode_action, $1)=relink
- else
- # We can link without hardcoding, and we can hardcode nonexisting dirs.
- _LT_AC_TAGVAR(hardcode_action, $1)=immediate
- fi
-else
- # We cannot hardcode anything, or else we can only hardcode existing
- # directories.
- _LT_AC_TAGVAR(hardcode_action, $1)=unsupported
-fi
-AC_MSG_RESULT([$_LT_AC_TAGVAR(hardcode_action, $1)])
-
-if test "$_LT_AC_TAGVAR(hardcode_action, $1)" = relink; then
- # Fast installation is not supported
- enable_fast_install=no
-elif test "$shlibpath_overrides_runpath" = yes ||
- test "$enable_shared" = no; then
- # Fast installation is not necessary
- enable_fast_install=needless
-fi
-])# AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH
-
-
-# AC_LIBTOOL_SYS_LIB_STRIP
-# ------------------------
-AC_DEFUN([AC_LIBTOOL_SYS_LIB_STRIP],
-[striplib=
-old_striplib=
-AC_MSG_CHECKING([whether stripping libraries is possible])
-if test -n "$STRIP" && $STRIP -V 2>&1 | grep "GNU strip" >/dev/null; then
- test -z "$old_striplib" && old_striplib="$STRIP --strip-debug"
- test -z "$striplib" && striplib="$STRIP --strip-unneeded"
- AC_MSG_RESULT([yes])
-else
-# FIXME - insert some real tests, host_os isn't really good enough
- case $host_os in
- darwin*)
- if test -n "$STRIP" ; then
- striplib="$STRIP -x"
- old_striplib="$STRIP -S"
- AC_MSG_RESULT([yes])
- else
- AC_MSG_RESULT([no])
-fi
- ;;
- *)
- AC_MSG_RESULT([no])
- ;;
- esac
-fi
-])# AC_LIBTOOL_SYS_LIB_STRIP
-
-
-# AC_LIBTOOL_SYS_DYNAMIC_LINKER
-# -----------------------------
-# PORTME Fill in your ld.so characteristics
-AC_DEFUN([AC_LIBTOOL_SYS_DYNAMIC_LINKER],
-[AC_REQUIRE([LT_AC_PROG_SED])dnl
-AC_MSG_CHECKING([dynamic linker characteristics])
-library_names_spec=
-libname_spec='lib$name'
-soname_spec=
-shrext_cmds=".so"
-postinstall_cmds=
-postuninstall_cmds=
-finish_cmds=
-finish_eval=
-shlibpath_var=
-shlibpath_overrides_runpath=unknown
-version_type=none
-dynamic_linker="$host_os ld.so"
-sys_lib_dlsearch_path_spec="/lib /usr/lib"
-m4_if($1,[],[
-if test "$GCC" = yes; then
- case $host_os in
- darwin*) lt_awk_arg="/^libraries:/,/LR/" ;;
- *) lt_awk_arg="/^libraries:/" ;;
- esac
- lt_search_path_spec=`$CC -print-search-dirs | awk $lt_awk_arg | $SED -e "s/^libraries://" -e "s,=/,/,g"`
- if echo "$lt_search_path_spec" | grep ';' >/dev/null ; then
- # if the path contains ";" then we assume it to be the separator
- # otherwise default to the standard path separator (i.e. ":") - it is
- # assumed that no part of a normal pathname contains ";" but that should
- # okay in the real world where ";" in dirpaths is itself problematic.
- lt_search_path_spec=`echo "$lt_search_path_spec" | $SED -e 's/;/ /g'`
- else
- lt_search_path_spec=`echo "$lt_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
- fi
- # Ok, now we have the path, separated by spaces, we can step through it
- # and add multilib dir if necessary.
- lt_tmp_lt_search_path_spec=
- lt_multi_os_dir=`$CC $CPPFLAGS $CFLAGS $LDFLAGS -print-multi-os-directory 2>/dev/null`
- for lt_sys_path in $lt_search_path_spec; do
- if test -d "$lt_sys_path/$lt_multi_os_dir"; then
- lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path/$lt_multi_os_dir"
- else
- test -d "$lt_sys_path" && \
- lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path"
- fi
- done
- lt_search_path_spec=`echo $lt_tmp_lt_search_path_spec | awk '
-BEGIN {RS=" "; FS="/|\n";} {
- lt_foo="";
- lt_count=0;
- for (lt_i = NF; lt_i > 0; lt_i--) {
- if ($lt_i != "" && $lt_i != ".") {
- if ($lt_i == "..") {
- lt_count++;
- } else {
- if (lt_count == 0) {
- lt_foo="/" $lt_i lt_foo;
- } else {
- lt_count--;
- }
- }
- }
- }
- if (lt_foo != "") { lt_freq[[lt_foo]]++; }
- if (lt_freq[[lt_foo]] == 1) { print lt_foo; }
-}'`
- sys_lib_search_path_spec=`echo $lt_search_path_spec`
-else
- sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib"
-fi])
-need_lib_prefix=no
-hardcode_into_libs=no
-
-# when you set need_version to no, make sure it does not cause -set_version
-# flags to be left without arguments
-need_version=no
-
-case $host_os in
-aix3*)
- version_type=linux
- library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a'
- shlibpath_var=LIBPATH
-
- # AIX 3 has no versioning support, so we append a major version to the name.
- soname_spec='${libname}${release}${shared_ext}$major'
- ;;
-
-aix[[4-9]]*)
- version_type=linux
- need_lib_prefix=no
- need_version=no
- hardcode_into_libs=yes
- if test "$host_cpu" = ia64; then
- # AIX 5 supports IA64
- library_names_spec='${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext}$versuffix $libname${shared_ext}'
- shlibpath_var=LD_LIBRARY_PATH
- else
- # With GCC up to 2.95.x, collect2 would create an import file
- # for dependence libraries. The import file would start with
- # the line `#! .'. This would cause the generated library to
- # depend on `.', always an invalid library. This was fixed in
- # development snapshots of GCC prior to 3.0.
- case $host_os in
- aix4 | aix4.[[01]] | aix4.[[01]].*)
- if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)'
- echo ' yes '
- echo '#endif'; } | ${CC} -E - | grep yes > /dev/null; then
- :
- else
- can_build_shared=no
- fi
- ;;
- esac
- # AIX (on Power*) has no versioning support, so currently we can not hardcode correct
- # soname into executable. Probably we can add versioning support to
- # collect2, so additional links can be useful in future.
- if test "$aix_use_runtimelinking" = yes; then
- # If using run time linking (on AIX 4.2 or later) use lib<name>.so
- # instead of lib<name>.a to let people know that these are not
- # typical AIX shared libraries.
- library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
- else
- # We preserve .a as extension for shared libraries through AIX4.2
- # and later when we are not doing run time linking.
- library_names_spec='${libname}${release}.a $libname.a'
- soname_spec='${libname}${release}${shared_ext}$major'
- fi
- shlibpath_var=LIBPATH
- fi
- ;;
-
-amigaos*)
- library_names_spec='$libname.ixlibrary $libname.a'
- # Create ${libname}_ixlibrary.a entries in /sys/libs.
- finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`$echo "X$lib" | $Xsed -e '\''s%^.*/\([[^/]]*\)\.ixlibrary$%\1%'\''`; test $rm /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done'
- ;;
-
-beos*)
- library_names_spec='${libname}${shared_ext}'
- dynamic_linker="$host_os ld.so"
- shlibpath_var=LIBRARY_PATH
- ;;
-
-bsdi[[45]]*)
- version_type=linux
- need_version=no
- library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
- soname_spec='${libname}${release}${shared_ext}$major'
- finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir'
- shlibpath_var=LD_LIBRARY_PATH
- sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib"
- sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib"
- # the default ld.so.conf also contains /usr/contrib/lib and
- # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow
- # libtool to hard-code these into programs
- ;;
-
-cygwin* | mingw* | pw32*)
- version_type=windows
- shrext_cmds=".dll"
- need_version=no
- need_lib_prefix=no
-
- case $GCC,$host_os in
- yes,cygwin* | yes,mingw* | yes,pw32*)
- library_names_spec='$libname.dll.a'
- # DLL is installed to $(libdir)/../bin by postinstall_cmds
- postinstall_cmds='base_file=`basename \${file}`~
- dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i;echo \$dlname'\''`~
- dldir=$destdir/`dirname \$dlpath`~
- test -d \$dldir || mkdir -p \$dldir~
- $install_prog $dir/$dlname \$dldir/$dlname~
- chmod a+x \$dldir/$dlname'
- postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~
- dlpath=$dir/\$dldll~
- $rm \$dlpath'
- shlibpath_overrides_runpath=yes
-
- case $host_os in
- cygwin*)
- # Cygwin DLLs use 'cyg' prefix rather than 'lib'
- soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}'
- sys_lib_search_path_spec="/usr/lib /lib/w32api /lib /usr/local/lib"
- ;;
- mingw*)
- # MinGW DLLs use traditional 'lib' prefix
- soname_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}'
- sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"`
- if echo "$sys_lib_search_path_spec" | [grep ';[c-zC-Z]:/' >/dev/null]; then
- # It is most probably a Windows format PATH printed by
- # mingw gcc, but we are running on Cygwin. Gcc prints its search
- # path with ; separators, and with drive letters. We can handle the
- # drive letters (cygwin fileutils understands them), so leave them,
- # especially as we might pass files found there to a mingw objdump,
- # which wouldn't understand a cygwinified path. Ahh.
- sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'`
- else
- sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
- fi
- ;;
- pw32*)
- # pw32 DLLs use 'pw' prefix rather than 'lib'
- library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}'
- ;;
- esac
- ;;
-
- *)
- library_names_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext} $libname.lib'
- ;;
- esac
- dynamic_linker='Win32 ld.exe'
- # FIXME: first we should search . and the directory the executable is in
- shlibpath_var=PATH
- ;;
-
-darwin* | rhapsody*)
- dynamic_linker="$host_os dyld"
- version_type=darwin
- need_lib_prefix=no
- need_version=no
- library_names_spec='${libname}${release}${versuffix}$shared_ext ${libname}${release}${major}$shared_ext ${libname}$shared_ext'
- soname_spec='${libname}${release}${major}$shared_ext'
- shlibpath_overrides_runpath=yes
- shlibpath_var=DYLD_LIBRARY_PATH
- shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`'
- m4_if([$1], [],[
- sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/local/lib"])
- sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib'
- ;;
-
-dgux*)
- version_type=linux
- need_lib_prefix=no
- need_version=no
- library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext'
- soname_spec='${libname}${release}${shared_ext}$major'
- shlibpath_var=LD_LIBRARY_PATH
- ;;
-
-freebsd1*)
- dynamic_linker=no
- ;;
-
-freebsd* | dragonfly*)
- # DragonFly does not have aout. When/if they implement a new
- # versioning mechanism, adjust this.
- if test -x /usr/bin/objformat; then
- objformat=`/usr/bin/objformat`
- else
- case $host_os in
- freebsd[[123]]*) objformat=aout ;;
- *) objformat=elf ;;
- esac
- fi
- version_type=freebsd-$objformat
- case $version_type in
- freebsd-elf*)
- library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}'
- need_version=no
- need_lib_prefix=no
- ;;
- freebsd-*)
- library_names_spec='${libname}${release}${shared_ext}$versuffix $libname${shared_ext}$versuffix'
- need_version=no
- ;;
- esac
- shlibpath_var=LD_LIBRARY_PATH
- case $host_os in
- freebsd2*)
- shlibpath_overrides_runpath=yes
- ;;
- freebsd3.[[01]]* | freebsdelf3.[[01]]*)
- shlibpath_overrides_runpath=yes
- hardcode_into_libs=yes
- ;;
- freebsd3.[[2-9]]* | freebsdelf3.[[2-9]]* | \
- freebsd4.[[0-5]] | freebsdelf4.[[0-5]] | freebsd4.1.1 | freebsdelf4.1.1)
- shlibpath_overrides_runpath=no
- hardcode_into_libs=yes
- ;;
- *) # from 4.6 on, and DragonFly
- shlibpath_overrides_runpath=yes
- hardcode_into_libs=yes
- ;;
- esac
- ;;
-
-gnu*)
- version_type=linux
- need_lib_prefix=no
- need_version=no
- library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}'
- soname_spec='${libname}${release}${shared_ext}$major'
- shlibpath_var=LD_LIBRARY_PATH
- hardcode_into_libs=yes
- ;;
-
-hpux9* | hpux10* | hpux11*)
- # Give a soname corresponding to the major version so that dld.sl refuses to
- # link against other versions.
- version_type=sunos
- need_lib_prefix=no
- need_version=no
- case $host_cpu in
- ia64*)
- shrext_cmds='.so'
- hardcode_into_libs=yes
- dynamic_linker="$host_os dld.so"
- shlibpath_var=LD_LIBRARY_PATH
- shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
- library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
- soname_spec='${libname}${release}${shared_ext}$major'
- if test "X$HPUX_IA64_MODE" = X32; then
- sys_lib_search_path_spec="/usr/lib/hpux32 /usr/local/lib/hpux32 /usr/local/lib"
- else
- sys_lib_search_path_spec="/usr/lib/hpux64 /usr/local/lib/hpux64"
- fi
- sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
- ;;
- hppa*64*)
- shrext_cmds='.sl'
- hardcode_into_libs=yes
- dynamic_linker="$host_os dld.sl"
- shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH
- shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
- library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
- soname_spec='${libname}${release}${shared_ext}$major'
- sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64"
- sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
- ;;
- *)
- shrext_cmds='.sl'
- dynamic_linker="$host_os dld.sl"
- shlibpath_var=SHLIB_PATH
- shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH
- library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
- soname_spec='${libname}${release}${shared_ext}$major'
- ;;
- esac
- # HP-UX runs *really* slowly unless shared libraries are mode 555.
- postinstall_cmds='chmod 555 $lib'
- ;;
-
-interix[[3-9]]*)
- version_type=linux
- need_lib_prefix=no
- need_version=no
- library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
- soname_spec='${libname}${release}${shared_ext}$major'
- dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)'
- shlibpath_var=LD_LIBRARY_PATH
- shlibpath_overrides_runpath=no
- hardcode_into_libs=yes
- ;;
-
-irix5* | irix6* | nonstopux*)
- case $host_os in
- nonstopux*) version_type=nonstopux ;;
- *)
- if test "$lt_cv_prog_gnu_ld" = yes; then
- version_type=linux
- else
- version_type=irix
- fi ;;
- esac
- need_lib_prefix=no
- need_version=no
- soname_spec='${libname}${release}${shared_ext}$major'
- library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext} $libname${shared_ext}'
- case $host_os in
- irix5* | nonstopux*)
- libsuff= shlibsuff=
- ;;
- *)
- case $LD in # libtool.m4 will add one of these switches to LD
- *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ")
- libsuff= shlibsuff= libmagic=32-bit;;
- *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ")
- libsuff=32 shlibsuff=N32 libmagic=N32;;
- *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ")
- libsuff=64 shlibsuff=64 libmagic=64-bit;;
- *) libsuff= shlibsuff= libmagic=never-match;;
- esac
- ;;
- esac
- shlibpath_var=LD_LIBRARY${shlibsuff}_PATH
- shlibpath_overrides_runpath=no
- sys_lib_search_path_spec="/usr/lib${libsuff} /lib${libsuff} /usr/local/lib${libsuff}"
- sys_lib_dlsearch_path_spec="/usr/lib${libsuff} /lib${libsuff}"
- hardcode_into_libs=yes
- ;;
-
-# No shared lib support for Linux oldld, aout, or coff.
-linux*oldld* | linux*aout* | linux*coff*)
- dynamic_linker=no
- ;;
-
-# This must be Linux ELF.
-linux* | k*bsd*-gnu)
- version_type=linux
- need_lib_prefix=no
- need_version=no
- library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
- soname_spec='${libname}${release}${shared_ext}$major'
- finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir'
- shlibpath_var=LD_LIBRARY_PATH
- shlibpath_overrides_runpath=no
- # This implies no fast_install, which is unacceptable.
- # Some rework will be needed to allow for fast_install
- # before this can be enabled.
- hardcode_into_libs=yes
-
- # Append ld.so.conf contents to the search path
- if test -f /etc/ld.so.conf; then
- lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \[$]2)); skip = 1; } { if (!skip) print \[$]0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
- sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra"
- fi
-
- # We used to test for /lib/ld.so.1 and disable shared libraries on
- # powerpc, because MkLinux only supported shared libraries with the
- # GNU dynamic linker. Since this was broken with cross compilers,
- # most powerpc-linux boxes support dynamic linking these days and
- # people can always --disable-shared, the test was removed, and we
- # assume the GNU/Linux dynamic linker is in use.
- dynamic_linker='GNU/Linux ld.so'
- ;;
-
-netbsd*)
- version_type=sunos
- need_lib_prefix=no
- need_version=no
- if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then
- library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
- finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
- dynamic_linker='NetBSD (a.out) ld.so'
- else
- library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
- soname_spec='${libname}${release}${shared_ext}$major'
- dynamic_linker='NetBSD ld.elf_so'
- fi
- shlibpath_var=LD_LIBRARY_PATH
- shlibpath_overrides_runpath=yes
- hardcode_into_libs=yes
- ;;
-
-newsos6)
- version_type=linux
- library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
- shlibpath_var=LD_LIBRARY_PATH
- shlibpath_overrides_runpath=yes
- ;;
-
-nto-qnx*)
- version_type=linux
- need_lib_prefix=no
- need_version=no
- library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
- soname_spec='${libname}${release}${shared_ext}$major'
- shlibpath_var=LD_LIBRARY_PATH
- shlibpath_overrides_runpath=yes
- ;;
-
-openbsd*)
- version_type=sunos
- sys_lib_dlsearch_path_spec="/usr/lib"
- need_lib_prefix=no
- need_version=no
- library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
- finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
- shlibpath_var=LD_LIBRARY_PATH
- if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
- case $host_os in
- openbsd2.[[89]] | openbsd2.[[89]].*)
- shlibpath_overrides_runpath=no
- ;;
- *)
- shlibpath_overrides_runpath=yes
- ;;
- esac
- else
- shlibpath_overrides_runpath=yes
- fi
- ;;
-
-os2*)
- libname_spec='$name'
- shrext_cmds=".dll"
- need_lib_prefix=no
- library_names_spec='$libname${shared_ext} $libname.a'
- dynamic_linker='OS/2 ld.exe'
- shlibpath_var=LIBPATH
- ;;
-
-osf3* | osf4* | osf5*)
- version_type=osf
- need_lib_prefix=no
- need_version=no
- soname_spec='${libname}${release}${shared_ext}$major'
- library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
- shlibpath_var=LD_LIBRARY_PATH
- sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib"
- sys_lib_dlsearch_path_spec="$sys_lib_search_path_spec"
- ;;
-
-rdos*)
- dynamic_linker=no
- ;;
-
-solaris*)
- version_type=linux
- need_lib_prefix=no
- need_version=no
- library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
- soname_spec='${libname}${release}${shared_ext}$major'
- shlibpath_var=LD_LIBRARY_PATH
- shlibpath_overrides_runpath=yes
- hardcode_into_libs=yes
- # ldd complains unless libraries are executable
- postinstall_cmds='chmod +x $lib'
- ;;
-
-sunos4*)
- version_type=sunos
- library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
- finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir'
- shlibpath_var=LD_LIBRARY_PATH
- shlibpath_overrides_runpath=yes
- if test "$with_gnu_ld" = yes; then
- need_lib_prefix=no
- fi
- need_version=no
- ;;
-
-sysv4 | sysv4.3*)
- version_type=linux
- library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
- soname_spec='${libname}${release}${shared_ext}$major'
- shlibpath_var=LD_LIBRARY_PATH
- case $host_vendor in
- sni)
- shlibpath_overrides_runpath=no
- need_lib_prefix=no
- export_dynamic_flag_spec='${wl}-Blargedynsym'
- runpath_var=LD_RUN_PATH
- ;;
- siemens)
- need_lib_prefix=no
- ;;
- motorola)
- need_lib_prefix=no
- need_version=no
- shlibpath_overrides_runpath=no
- sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib'
- ;;
- esac
- ;;
-
-sysv4*MP*)
- if test -d /usr/nec ;then
- version_type=linux
- library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}'
- soname_spec='$libname${shared_ext}.$major'
- shlibpath_var=LD_LIBRARY_PATH
- fi
- ;;
-
-sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*)
- version_type=freebsd-elf
- need_lib_prefix=no
- need_version=no
- library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}'
- soname_spec='${libname}${release}${shared_ext}$major'
- shlibpath_var=LD_LIBRARY_PATH
- hardcode_into_libs=yes
- if test "$with_gnu_ld" = yes; then
- sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib'
- shlibpath_overrides_runpath=no
- else
- sys_lib_search_path_spec='/usr/ccs/lib /usr/lib'
- shlibpath_overrides_runpath=yes
- case $host_os in
- sco3.2v5*)
- sys_lib_search_path_spec="$sys_lib_search_path_spec /lib"
- ;;
- esac
- fi
- sys_lib_dlsearch_path_spec='/usr/lib'
- ;;
-
-uts4*)
- version_type=linux
- library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
- soname_spec='${libname}${release}${shared_ext}$major'
- shlibpath_var=LD_LIBRARY_PATH
- ;;
-
-*)
- dynamic_linker=no
- ;;
-esac
-AC_MSG_RESULT([$dynamic_linker])
-test "$dynamic_linker" = no && can_build_shared=no
-
-AC_CACHE_VAL([lt_cv_sys_lib_search_path_spec],
-[lt_cv_sys_lib_search_path_spec="$sys_lib_search_path_spec"])
-sys_lib_search_path_spec="$lt_cv_sys_lib_search_path_spec"
-AC_CACHE_VAL([lt_cv_sys_lib_dlsearch_path_spec],
-[lt_cv_sys_lib_dlsearch_path_spec="$sys_lib_dlsearch_path_spec"])
-sys_lib_dlsearch_path_spec="$lt_cv_sys_lib_dlsearch_path_spec"
-
-variables_saved_for_relink="PATH $shlibpath_var $runpath_var"
-if test "$GCC" = yes; then
- variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH"
-fi
-])# AC_LIBTOOL_SYS_DYNAMIC_LINKER
-
-
-# _LT_AC_TAGCONFIG
-# ----------------
-AC_DEFUN([_LT_AC_TAGCONFIG],
-[AC_REQUIRE([LT_AC_PROG_SED])dnl
-AC_ARG_WITH([tags],
- [AC_HELP_STRING([--with-tags@<:@=TAGS@:>@],
- [include additional configurations @<:@automatic@:>@])],
- [tagnames="$withval"])
-
-if test -f "$ltmain" && test -n "$tagnames"; then
- if test ! -f "${ofile}"; then
- AC_MSG_WARN([output file `$ofile' does not exist])
- fi
-
- if test -z "$LTCC"; then
- eval "`$SHELL ${ofile} --config | grep '^LTCC='`"
- if test -z "$LTCC"; then
- AC_MSG_WARN([output file `$ofile' does not look like a libtool script])
- else
- AC_MSG_WARN([using `LTCC=$LTCC', extracted from `$ofile'])
- fi
- fi
- if test -z "$LTCFLAGS"; then
- eval "`$SHELL ${ofile} --config | grep '^LTCFLAGS='`"
- fi
-
- # Extract list of available tagged configurations in $ofile.
- # Note that this assumes the entire list is on one line.
- available_tags=`grep "^available_tags=" "${ofile}" | $SED -e 's/available_tags=\(.*$\)/\1/' -e 's/\"//g'`
-
- lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
- for tagname in $tagnames; do
- IFS="$lt_save_ifs"
- # Check whether tagname contains only valid characters
- case `$echo "X$tagname" | $Xsed -e 's:[[-_ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890,/]]::g'` in
- "") ;;
- *) AC_MSG_ERROR([invalid tag name: $tagname])
- ;;
- esac
-
- if grep "^# ### BEGIN LIBTOOL TAG CONFIG: $tagname$" < "${ofile}" > /dev/null
- then
- AC_MSG_ERROR([tag name \"$tagname\" already exists])
- fi
-
- # Update the list of available tags.
- if test -n "$tagname"; then
- echo appending configuration tag \"$tagname\" to $ofile
-
- case $tagname in
- CXX)
- if test -n "$CXX" && ( test "X$CXX" != "Xno" &&
- ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) ||
- (test "X$CXX" != "Xg++"))) ; then
- AC_LIBTOOL_LANG_CXX_CONFIG
- else
- tagname=""
- fi
- ;;
-
- F77)
- if test -n "$F77" && test "X$F77" != "Xno"; then
- AC_LIBTOOL_LANG_F77_CONFIG
- else
- tagname=""
- fi
- ;;
-
- GCJ)
- if test -n "$GCJ" && test "X$GCJ" != "Xno"; then
- AC_LIBTOOL_LANG_GCJ_CONFIG
- else
- tagname=""
- fi
- ;;
-
- RC)
- AC_LIBTOOL_LANG_RC_CONFIG
- ;;
-
- *)
- AC_MSG_ERROR([Unsupported tag name: $tagname])
- ;;
- esac
-
- # Append the new tag name to the list of available tags.
- if test -n "$tagname" ; then
- available_tags="$available_tags $tagname"
- fi
- fi
- done
- IFS="$lt_save_ifs"
-
- # Now substitute the updated list of available tags.
- if eval "sed -e 's/^available_tags=.*\$/available_tags=\"$available_tags\"/' \"$ofile\" > \"${ofile}T\""; then
- mv "${ofile}T" "$ofile"
- chmod +x "$ofile"
- else
- rm -f "${ofile}T"
- AC_MSG_ERROR([unable to update list of available tagged configurations.])
- fi
-fi
-])# _LT_AC_TAGCONFIG
-
-
-# AC_LIBTOOL_DLOPEN
-# -----------------
-# enable checks for dlopen support
-AC_DEFUN([AC_LIBTOOL_DLOPEN],
- [AC_BEFORE([$0],[AC_LIBTOOL_SETUP])
-])# AC_LIBTOOL_DLOPEN
-
-
-# AC_LIBTOOL_WIN32_DLL
-# --------------------
-# declare package support for building win32 DLLs
-AC_DEFUN([AC_LIBTOOL_WIN32_DLL],
-[AC_BEFORE([$0], [AC_LIBTOOL_SETUP])
-])# AC_LIBTOOL_WIN32_DLL
-
-
-# AC_ENABLE_SHARED([DEFAULT])
-# ---------------------------
-# implement the --enable-shared flag
-# DEFAULT is either `yes' or `no'. If omitted, it defaults to `yes'.
-AC_DEFUN([AC_ENABLE_SHARED],
-[define([AC_ENABLE_SHARED_DEFAULT], ifelse($1, no, no, yes))dnl
-AC_ARG_ENABLE([shared],
- [AC_HELP_STRING([--enable-shared@<:@=PKGS@:>@],
- [build shared libraries @<:@default=]AC_ENABLE_SHARED_DEFAULT[@:>@])],
- [p=${PACKAGE-default}
- case $enableval in
- yes) enable_shared=yes ;;
- no) enable_shared=no ;;
- *)
- enable_shared=no
- # Look at the argument we got. We use all the common list separators.
- lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
- for pkg in $enableval; do
- IFS="$lt_save_ifs"
- if test "X$pkg" = "X$p"; then
- enable_shared=yes
- fi
- done
- IFS="$lt_save_ifs"
- ;;
- esac],
- [enable_shared=]AC_ENABLE_SHARED_DEFAULT)
-])# AC_ENABLE_SHARED
-
-
-# AC_DISABLE_SHARED
-# -----------------
-# set the default shared flag to --disable-shared
-AC_DEFUN([AC_DISABLE_SHARED],
-[AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl
-AC_ENABLE_SHARED(no)
-])# AC_DISABLE_SHARED
-
-
-# AC_ENABLE_STATIC([DEFAULT])
-# ---------------------------
-# implement the --enable-static flag
-# DEFAULT is either `yes' or `no'. If omitted, it defaults to `yes'.
-AC_DEFUN([AC_ENABLE_STATIC],
-[define([AC_ENABLE_STATIC_DEFAULT], ifelse($1, no, no, yes))dnl
-AC_ARG_ENABLE([static],
- [AC_HELP_STRING([--enable-static@<:@=PKGS@:>@],
- [build static libraries @<:@default=]AC_ENABLE_STATIC_DEFAULT[@:>@])],
- [p=${PACKAGE-default}
- case $enableval in
- yes) enable_static=yes ;;
- no) enable_static=no ;;
- *)
- enable_static=no
- # Look at the argument we got. We use all the common list separators.
- lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
- for pkg in $enableval; do
- IFS="$lt_save_ifs"
- if test "X$pkg" = "X$p"; then
- enable_static=yes
- fi
- done
- IFS="$lt_save_ifs"
- ;;
- esac],
- [enable_static=]AC_ENABLE_STATIC_DEFAULT)
-])# AC_ENABLE_STATIC
-
-
-# AC_DISABLE_STATIC
-# -----------------
-# set the default static flag to --disable-static
-AC_DEFUN([AC_DISABLE_STATIC],
-[AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl
-AC_ENABLE_STATIC(no)
-])# AC_DISABLE_STATIC
-
-
-# AC_ENABLE_FAST_INSTALL([DEFAULT])
-# ---------------------------------
-# implement the --enable-fast-install flag
-# DEFAULT is either `yes' or `no'. If omitted, it defaults to `yes'.
-AC_DEFUN([AC_ENABLE_FAST_INSTALL],
-[define([AC_ENABLE_FAST_INSTALL_DEFAULT], ifelse($1, no, no, yes))dnl
-AC_ARG_ENABLE([fast-install],
- [AC_HELP_STRING([--enable-fast-install@<:@=PKGS@:>@],
- [optimize for fast installation @<:@default=]AC_ENABLE_FAST_INSTALL_DEFAULT[@:>@])],
- [p=${PACKAGE-default}
- case $enableval in
- yes) enable_fast_install=yes ;;
- no) enable_fast_install=no ;;
- *)
- enable_fast_install=no
- # Look at the argument we got. We use all the common list separators.
- lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
- for pkg in $enableval; do
- IFS="$lt_save_ifs"
- if test "X$pkg" = "X$p"; then
- enable_fast_install=yes
- fi
- done
- IFS="$lt_save_ifs"
- ;;
- esac],
- [enable_fast_install=]AC_ENABLE_FAST_INSTALL_DEFAULT)
-])# AC_ENABLE_FAST_INSTALL
-
-
-# AC_DISABLE_FAST_INSTALL
-# -----------------------
-# set the default to --disable-fast-install
-AC_DEFUN([AC_DISABLE_FAST_INSTALL],
-[AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl
-AC_ENABLE_FAST_INSTALL(no)
-])# AC_DISABLE_FAST_INSTALL
-
-
-# AC_LIBTOOL_PICMODE([MODE])
-# --------------------------
-# implement the --with-pic flag
-# MODE is either `yes' or `no'. If omitted, it defaults to `both'.
-AC_DEFUN([AC_LIBTOOL_PICMODE],
-[AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl
-pic_mode=ifelse($#,1,$1,default)
-])# AC_LIBTOOL_PICMODE
-
-
-# AC_PROG_EGREP
-# -------------
-# This is predefined starting with Autoconf 2.54, so this conditional
-# definition can be removed once we require Autoconf 2.54 or later.
-m4_ifndef([AC_PROG_EGREP], [AC_DEFUN([AC_PROG_EGREP],
-[AC_CACHE_CHECK([for egrep], [ac_cv_prog_egrep],
- [if echo a | (grep -E '(a|b)') >/dev/null 2>&1
- then ac_cv_prog_egrep='grep -E'
- else ac_cv_prog_egrep='egrep'
- fi])
- EGREP=$ac_cv_prog_egrep
- AC_SUBST([EGREP])
-])])
-
-
-# AC_PATH_TOOL_PREFIX
-# -------------------
-# find a file program which can recognize shared library
-AC_DEFUN([AC_PATH_TOOL_PREFIX],
-[AC_REQUIRE([AC_PROG_EGREP])dnl
-AC_MSG_CHECKING([for $1])
-AC_CACHE_VAL(lt_cv_path_MAGIC_CMD,
-[case $MAGIC_CMD in
-[[\\/*] | ?:[\\/]*])
- lt_cv_path_MAGIC_CMD="$MAGIC_CMD" # Let the user override the test with a path.
- ;;
-*)
- lt_save_MAGIC_CMD="$MAGIC_CMD"
- lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
-dnl $ac_dummy forces splitting on constant user-supplied paths.
-dnl POSIX.2 word splitting is done only on the output of word expansions,
-dnl not every word. This closes a longstanding sh security hole.
- ac_dummy="ifelse([$2], , $PATH, [$2])"
- for ac_dir in $ac_dummy; do
- IFS="$lt_save_ifs"
- test -z "$ac_dir" && ac_dir=.
- if test -f $ac_dir/$1; then
- lt_cv_path_MAGIC_CMD="$ac_dir/$1"
- if test -n "$file_magic_test_file"; then
- case $deplibs_check_method in
- "file_magic "*)
- file_magic_regex=`expr "$deplibs_check_method" : "file_magic \(.*\)"`
- MAGIC_CMD="$lt_cv_path_MAGIC_CMD"
- if eval $file_magic_cmd \$file_magic_test_file 2> /dev/null |
- $EGREP "$file_magic_regex" > /dev/null; then
- :
- else
- cat <<EOF 1>&2
-
-*** Warning: the command libtool uses to detect shared libraries,
-*** $file_magic_cmd, produces output that libtool cannot recognize.
-*** The result is that libtool may fail to recognize shared libraries
-*** as such. This will affect the creation of libtool libraries that
-*** depend on shared libraries, but programs linked with such libtool
-*** libraries will work regardless of this problem. Nevertheless, you
-*** may want to report the problem to your system manager and/or to
-*** bug-libtool at gnu.org
-
-EOF
- fi ;;
- esac
- fi
- break
- fi
- done
- IFS="$lt_save_ifs"
- MAGIC_CMD="$lt_save_MAGIC_CMD"
- ;;
-esac])
-MAGIC_CMD="$lt_cv_path_MAGIC_CMD"
-if test -n "$MAGIC_CMD"; then
- AC_MSG_RESULT($MAGIC_CMD)
-else
- AC_MSG_RESULT(no)
-fi
-])# AC_PATH_TOOL_PREFIX
-
-
-# AC_PATH_MAGIC
-# -------------
-# find a file program which can recognize a shared library
-AC_DEFUN([AC_PATH_MAGIC],
-[AC_PATH_TOOL_PREFIX(${ac_tool_prefix}file, /usr/bin$PATH_SEPARATOR$PATH)
-if test -z "$lt_cv_path_MAGIC_CMD"; then
- if test -n "$ac_tool_prefix"; then
- AC_PATH_TOOL_PREFIX(file, /usr/bin$PATH_SEPARATOR$PATH)
- else
- MAGIC_CMD=:
- fi
-fi
-])# AC_PATH_MAGIC
-
-
-# AC_PROG_LD
-# ----------
-# find the pathname to the GNU or non-GNU linker
-AC_DEFUN([AC_PROG_LD],
-[AC_ARG_WITH([gnu-ld],
- [AC_HELP_STRING([--with-gnu-ld],
- [assume the C compiler uses GNU ld @<:@default=no@:>@])],
- [test "$withval" = no || with_gnu_ld=yes],
- [with_gnu_ld=no])
-AC_REQUIRE([LT_AC_PROG_SED])dnl
-AC_REQUIRE([AC_PROG_CC])dnl
-AC_REQUIRE([AC_CANONICAL_HOST])dnl
-AC_REQUIRE([AC_CANONICAL_BUILD])dnl
-ac_prog=ld
-if test "$GCC" = yes; then
- # Check if gcc -print-prog-name=ld gives a path.
- AC_MSG_CHECKING([for ld used by $CC])
- case $host in
- *-*-mingw*)
- # gcc leaves a trailing carriage return which upsets mingw
- ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;;
- *)
- ac_prog=`($CC -print-prog-name=ld) 2>&5` ;;
- esac
- case $ac_prog in
- # Accept absolute paths.
- [[\\/]]* | ?:[[\\/]]*)
- re_direlt='/[[^/]][[^/]]*/\.\./'
- # Canonicalize the pathname of ld
- ac_prog=`echo $ac_prog| $SED 's%\\\\%/%g'`
- while echo $ac_prog | grep "$re_direlt" > /dev/null 2>&1; do
- ac_prog=`echo $ac_prog| $SED "s%$re_direlt%/%"`
- done
- test -z "$LD" && LD="$ac_prog"
- ;;
- "")
- # If it fails, then pretend we aren't using GCC.
- ac_prog=ld
- ;;
- *)
- # If it is relative, then search for the first ld in PATH.
- with_gnu_ld=unknown
- ;;
- esac
-elif test "$with_gnu_ld" = yes; then
- AC_MSG_CHECKING([for GNU ld])
-else
- AC_MSG_CHECKING([for non-GNU ld])
-fi
-AC_CACHE_VAL(lt_cv_path_LD,
-[if test -z "$LD"; then
- lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
- for ac_dir in $PATH; do
- IFS="$lt_save_ifs"
- test -z "$ac_dir" && ac_dir=.
- if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then
- lt_cv_path_LD="$ac_dir/$ac_prog"
- # Check to see if the program is GNU ld. I'd rather use --version,
- # but apparently some variants of GNU ld only accept -v.
- # Break only if it was the GNU/non-GNU ld that we prefer.
- case `"$lt_cv_path_LD" -v 2>&1 </dev/null` in
- *GNU* | *'with BFD'*)
- test "$with_gnu_ld" != no && break
- ;;
- *)
- test "$with_gnu_ld" != yes && break
- ;;
- esac
- fi
- done
- IFS="$lt_save_ifs"
-else
- lt_cv_path_LD="$LD" # Let the user override the test with a path.
-fi])
-LD="$lt_cv_path_LD"
-if test -n "$LD"; then
- AC_MSG_RESULT($LD)
-else
- AC_MSG_RESULT(no)
-fi
-test -z "$LD" && AC_MSG_ERROR([no acceptable ld found in \$PATH])
-AC_PROG_LD_GNU
-])# AC_PROG_LD
-
-
-# AC_PROG_LD_GNU
-# --------------
-AC_DEFUN([AC_PROG_LD_GNU],
-[AC_REQUIRE([AC_PROG_EGREP])dnl
-AC_CACHE_CHECK([if the linker ($LD) is GNU ld], lt_cv_prog_gnu_ld,
-[# I'd rather use --version here, but apparently some GNU lds only accept -v.
-case `$LD -v 2>&1 </dev/null` in
-*GNU* | *'with BFD'*)
- lt_cv_prog_gnu_ld=yes
- ;;
-*)
- lt_cv_prog_gnu_ld=no
- ;;
-esac])
-with_gnu_ld=$lt_cv_prog_gnu_ld
-])# AC_PROG_LD_GNU
-
-
-# AC_PROG_LD_RELOAD_FLAG
-# ----------------------
-# find reload flag for linker
-# -- PORTME Some linkers may need a different reload flag.
-AC_DEFUN([AC_PROG_LD_RELOAD_FLAG],
-[AC_CACHE_CHECK([for $LD option to reload object files],
- lt_cv_ld_reload_flag,
- [lt_cv_ld_reload_flag='-r'])
-reload_flag=$lt_cv_ld_reload_flag
-case $reload_flag in
-"" | " "*) ;;
-*) reload_flag=" $reload_flag" ;;
-esac
-reload_cmds='$LD$reload_flag -o $output$reload_objs'
-case $host_os in
- darwin*)
- if test "$GCC" = yes; then
- reload_cmds='$LTCC $LTCFLAGS -nostdlib ${wl}-r -o $output$reload_objs'
- else
- reload_cmds='$LD$reload_flag -o $output$reload_objs'
- fi
- ;;
-esac
-])# AC_PROG_LD_RELOAD_FLAG
-
-
-# AC_DEPLIBS_CHECK_METHOD
-# -----------------------
-# how to check for library dependencies
-# -- PORTME fill in with the dynamic library characteristics
-AC_DEFUN([AC_DEPLIBS_CHECK_METHOD],
-[AC_CACHE_CHECK([how to recognize dependent libraries],
-lt_cv_deplibs_check_method,
-[lt_cv_file_magic_cmd='$MAGIC_CMD'
-lt_cv_file_magic_test_file=
-lt_cv_deplibs_check_method='unknown'
-# Need to set the preceding variable on all platforms that support
-# interlibrary dependencies.
-# 'none' -- dependencies not supported.
-# `unknown' -- same as none, but documents that we really don't know.
-# 'pass_all' -- all dependencies passed with no checks.
-# 'test_compile' -- check by making test program.
-# 'file_magic [[regex]]' -- check by looking for files in library path
-# which responds to the $file_magic_cmd with a given extended regex.
-# If you have `file' or equivalent on your system and you're not sure
-# whether `pass_all' will *always* work, you probably want this one.
-
-case $host_os in
-aix[[4-9]]*)
- lt_cv_deplibs_check_method=pass_all
- ;;
-
-beos*)
- lt_cv_deplibs_check_method=pass_all
- ;;
-
-bsdi[[45]]*)
- lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (shared object|dynamic lib)'
- lt_cv_file_magic_cmd='/usr/bin/file -L'
- lt_cv_file_magic_test_file=/shlib/libc.so
- ;;
-
-cygwin*)
- # func_win32_libid is a shell function defined in ltmain.sh
- lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL'
- lt_cv_file_magic_cmd='func_win32_libid'
- ;;
-
-mingw* | pw32*)
- # Base MSYS/MinGW do not provide the 'file' command needed by
- # func_win32_libid shell function, so use a weaker test based on 'objdump',
- # unless we find 'file', for example because we are cross-compiling.
- if ( file / ) >/dev/null 2>&1; then
- lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL'
- lt_cv_file_magic_cmd='func_win32_libid'
- else
- lt_cv_deplibs_check_method='file_magic file format pei*-i386(.*architecture: i386)?'
- lt_cv_file_magic_cmd='$OBJDUMP -f'
- fi
- ;;
-
-darwin* | rhapsody*)
- lt_cv_deplibs_check_method=pass_all
- ;;
-
-freebsd* | dragonfly*)
- if echo __ELF__ | $CC -E - | grep __ELF__ > /dev/null; then
- case $host_cpu in
- i*86 )
- # Not sure whether the presence of OpenBSD here was a mistake.
- # Let's accept both of them until this is cleared up.
- lt_cv_deplibs_check_method='file_magic (FreeBSD|OpenBSD|DragonFly)/i[[3-9]]86 (compact )?demand paged shared library'
- lt_cv_file_magic_cmd=/usr/bin/file
- lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*`
- ;;
- esac
- else
- lt_cv_deplibs_check_method=pass_all
- fi
- ;;
-
-gnu*)
- lt_cv_deplibs_check_method=pass_all
- ;;
-
-hpux10.20* | hpux11*)
- lt_cv_file_magic_cmd=/usr/bin/file
- case $host_cpu in
- ia64*)
- lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|ELF-[[0-9]][[0-9]]) shared object file - IA64'
- lt_cv_file_magic_test_file=/usr/lib/hpux32/libc.so
- ;;
- hppa*64*)
- [lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF-[0-9][0-9]) shared object file - PA-RISC [0-9].[0-9]']
- lt_cv_file_magic_test_file=/usr/lib/pa20_64/libc.sl
- ;;
- *)
- lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|PA-RISC[[0-9]].[[0-9]]) shared library'
- lt_cv_file_magic_test_file=/usr/lib/libc.sl
- ;;
- esac
- ;;
-
-interix[[3-9]]*)
- # PIC code is broken on Interix 3.x, that's why |\.a not |_pic\.a here
- lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so|\.a)$'
- ;;
-
-irix5* | irix6* | nonstopux*)
- case $LD in
- *-32|*"-32 ") libmagic=32-bit;;
- *-n32|*"-n32 ") libmagic=N32;;
- *-64|*"-64 ") libmagic=64-bit;;
- *) libmagic=never-match;;
- esac
- lt_cv_deplibs_check_method=pass_all
- ;;
-
-# This must be Linux ELF.
-linux* | k*bsd*-gnu)
- lt_cv_deplibs_check_method=pass_all
- ;;
-
-netbsd*)
- if echo __ELF__ | $CC -E - | grep __ELF__ > /dev/null; then
- lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|_pic\.a)$'
- else
- lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so|_pic\.a)$'
- fi
- ;;
-
-newos6*)
- lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (executable|dynamic lib)'
- lt_cv_file_magic_cmd=/usr/bin/file
- lt_cv_file_magic_test_file=/usr/lib/libnls.so
- ;;
-
-nto-qnx*)
- lt_cv_deplibs_check_method=unknown
- ;;
-
-openbsd*)
- if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
- lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|\.so|_pic\.a)$'
- else
- lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|_pic\.a)$'
- fi
- ;;
-
-osf3* | osf4* | osf5*)
- lt_cv_deplibs_check_method=pass_all
- ;;
-
-rdos*)
- lt_cv_deplibs_check_method=pass_all
- ;;
-
-solaris*)
- lt_cv_deplibs_check_method=pass_all
- ;;
-
-sysv4 | sysv4.3*)
- case $host_vendor in
- motorola)
- lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (shared object|dynamic lib) M[[0-9]][[0-9]]* Version [[0-9]]'
- lt_cv_file_magic_test_file=`echo /usr/lib/libc.so*`
- ;;
- ncr)
- lt_cv_deplibs_check_method=pass_all
- ;;
- sequent)
- lt_cv_file_magic_cmd='/bin/file'
- lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[LM]]SB (shared object|dynamic lib )'
- ;;
- sni)
- lt_cv_file_magic_cmd='/bin/file'
- lt_cv_deplibs_check_method="file_magic ELF [[0-9]][[0-9]]*-bit [[LM]]SB dynamic lib"
- lt_cv_file_magic_test_file=/lib/libc.so
- ;;
- siemens)
- lt_cv_deplibs_check_method=pass_all
- ;;
- pc)
- lt_cv_deplibs_check_method=pass_all
- ;;
- esac
- ;;
-
-sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*)
- lt_cv_deplibs_check_method=pass_all
- ;;
-esac
-])
-file_magic_cmd=$lt_cv_file_magic_cmd
-deplibs_check_method=$lt_cv_deplibs_check_method
-test -z "$deplibs_check_method" && deplibs_check_method=unknown
-])# AC_DEPLIBS_CHECK_METHOD
-
-
-# AC_PROG_NM
-# ----------
-# find the pathname to a BSD-compatible name lister
-AC_DEFUN([AC_PROG_NM],
-[AC_CACHE_CHECK([for BSD-compatible nm], lt_cv_path_NM,
-[if test -n "$NM"; then
- # Let the user override the test.
- lt_cv_path_NM="$NM"
-else
- lt_nm_to_check="${ac_tool_prefix}nm"
- if test -n "$ac_tool_prefix" && test "$build" = "$host"; then
- lt_nm_to_check="$lt_nm_to_check nm"
- fi
- for lt_tmp_nm in $lt_nm_to_check; do
- lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
- for ac_dir in $PATH /usr/ccs/bin/elf /usr/ccs/bin /usr/ucb /bin; do
- IFS="$lt_save_ifs"
- test -z "$ac_dir" && ac_dir=.
- tmp_nm="$ac_dir/$lt_tmp_nm"
- if test -f "$tmp_nm" || test -f "$tmp_nm$ac_exeext" ; then
- # Check to see if the nm accepts a BSD-compat flag.
- # Adding the `sed 1q' prevents false positives on HP-UX, which says:
- # nm: unknown option "B" ignored
- # Tru64's nm complains that /dev/null is an invalid object file
- case `"$tmp_nm" -B /dev/null 2>&1 | sed '1q'` in
- */dev/null* | *'Invalid file or object type'*)
- lt_cv_path_NM="$tmp_nm -B"
- break
- ;;
- *)
- case `"$tmp_nm" -p /dev/null 2>&1 | sed '1q'` in
- */dev/null*)
- lt_cv_path_NM="$tmp_nm -p"
- break
- ;;
- *)
- lt_cv_path_NM=${lt_cv_path_NM="$tmp_nm"} # keep the first match, but
- continue # so that we can try to find one that supports BSD flags
- ;;
- esac
- ;;
- esac
- fi
- done
- IFS="$lt_save_ifs"
- done
- test -z "$lt_cv_path_NM" && lt_cv_path_NM=nm
-fi])
-NM="$lt_cv_path_NM"
-])# AC_PROG_NM
-
-
-# AC_CHECK_LIBM
-# -------------
-# check for math library
-AC_DEFUN([AC_CHECK_LIBM],
-[AC_REQUIRE([AC_CANONICAL_HOST])dnl
-LIBM=
-case $host in
-*-*-beos* | *-*-cygwin* | *-*-pw32* | *-*-darwin*)
- # These system don't have libm, or don't need it
- ;;
-*-ncr-sysv4.3*)
- AC_CHECK_LIB(mw, _mwvalidcheckl, LIBM="-lmw")
- AC_CHECK_LIB(m, cos, LIBM="$LIBM -lm")
- ;;
-*)
- AC_CHECK_LIB(m, cos, LIBM="-lm")
- ;;
-esac
-])# AC_CHECK_LIBM
-
-
-# AC_LIBLTDL_CONVENIENCE([DIRECTORY])
-# -----------------------------------
-# sets LIBLTDL to the link flags for the libltdl convenience library and
-# LTDLINCL to the include flags for the libltdl header and adds
-# --enable-ltdl-convenience to the configure arguments. Note that
-# AC_CONFIG_SUBDIRS is not called here. If DIRECTORY is not provided,
-# it is assumed to be `libltdl'. LIBLTDL will be prefixed with
-# '${top_builddir}/' and LTDLINCL will be prefixed with '${top_srcdir}/'
-# (note the single quotes!). If your package is not flat and you're not
-# using automake, define top_builddir and top_srcdir appropriately in
-# the Makefiles.
-AC_DEFUN([AC_LIBLTDL_CONVENIENCE],
-[AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl
- case $enable_ltdl_convenience in
- no) AC_MSG_ERROR([this package needs a convenience libltdl]) ;;
- "") enable_ltdl_convenience=yes
- ac_configure_args="$ac_configure_args --enable-ltdl-convenience" ;;
- esac
- LIBLTDL='${top_builddir}/'ifelse($#,1,[$1],['libltdl'])/libltdlc.la
- LTDLINCL='-I${top_srcdir}/'ifelse($#,1,[$1],['libltdl'])
- # For backwards non-gettext consistent compatibility...
- INCLTDL="$LTDLINCL"
-])# AC_LIBLTDL_CONVENIENCE
-
-
-# AC_LIBLTDL_INSTALLABLE([DIRECTORY])
-# -----------------------------------
-# sets LIBLTDL to the link flags for the libltdl installable library and
-# LTDLINCL to the include flags for the libltdl header and adds
-# --enable-ltdl-install to the configure arguments. Note that
-# AC_CONFIG_SUBDIRS is not called here. If DIRECTORY is not provided,
-# and an installed libltdl is not found, it is assumed to be `libltdl'.
-# LIBLTDL will be prefixed with '${top_builddir}/'# and LTDLINCL with
-# '${top_srcdir}/' (note the single quotes!). If your package is not
-# flat and you're not using automake, define top_builddir and top_srcdir
-# appropriately in the Makefiles.
-# In the future, this macro may have to be called after AC_PROG_LIBTOOL.
-AC_DEFUN([AC_LIBLTDL_INSTALLABLE],
-[AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl
- AC_CHECK_LIB(ltdl, lt_dlinit,
- [test x"$enable_ltdl_install" != xyes && enable_ltdl_install=no],
- [if test x"$enable_ltdl_install" = xno; then
- AC_MSG_WARN([libltdl not installed, but installation disabled])
- else
- enable_ltdl_install=yes
- fi
- ])
- if test x"$enable_ltdl_install" = x"yes"; then
- ac_configure_args="$ac_configure_args --enable-ltdl-install"
- LIBLTDL='${top_builddir}/'ifelse($#,1,[$1],['libltdl'])/libltdl.la
- LTDLINCL='-I${top_srcdir}/'ifelse($#,1,[$1],['libltdl'])
- else
- ac_configure_args="$ac_configure_args --enable-ltdl-install=no"
- LIBLTDL="-lltdl"
- LTDLINCL=
- fi
- # For backwards non-gettext consistent compatibility...
- INCLTDL="$LTDLINCL"
-])# AC_LIBLTDL_INSTALLABLE
-
-
-# AC_LIBTOOL_CXX
-# --------------
-# enable support for C++ libraries
-AC_DEFUN([AC_LIBTOOL_CXX],
-[AC_REQUIRE([_LT_AC_LANG_CXX])
-])# AC_LIBTOOL_CXX
-
-
-# _LT_AC_LANG_CXX
-# ---------------
-AC_DEFUN([_LT_AC_LANG_CXX],
-[AC_REQUIRE([AC_PROG_CXX])
-AC_REQUIRE([_LT_AC_PROG_CXXCPP])
-_LT_AC_SHELL_INIT([tagnames=${tagnames+${tagnames},}CXX])
-])# _LT_AC_LANG_CXX
-
-# _LT_AC_PROG_CXXCPP
-# ------------------
-AC_DEFUN([_LT_AC_PROG_CXXCPP],
-[
-AC_REQUIRE([AC_PROG_CXX])
-if test -n "$CXX" && ( test "X$CXX" != "Xno" &&
- ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) ||
- (test "X$CXX" != "Xg++"))) ; then
- AC_PROG_CXXCPP
-fi
-])# _LT_AC_PROG_CXXCPP
-
-# AC_LIBTOOL_F77
-# --------------
-# enable support for Fortran 77 libraries
-AC_DEFUN([AC_LIBTOOL_F77],
-[AC_REQUIRE([_LT_AC_LANG_F77])
-])# AC_LIBTOOL_F77
-
-
-# _LT_AC_LANG_F77
-# ---------------
-AC_DEFUN([_LT_AC_LANG_F77],
-[AC_REQUIRE([AC_PROG_F77])
-_LT_AC_SHELL_INIT([tagnames=${tagnames+${tagnames},}F77])
-])# _LT_AC_LANG_F77
-
-
-# AC_LIBTOOL_GCJ
-# --------------
-# enable support for GCJ libraries
-AC_DEFUN([AC_LIBTOOL_GCJ],
-[AC_REQUIRE([_LT_AC_LANG_GCJ])
-])# AC_LIBTOOL_GCJ
-
-
-# _LT_AC_LANG_GCJ
-# ---------------
-AC_DEFUN([_LT_AC_LANG_GCJ],
-[AC_PROVIDE_IFELSE([AC_PROG_GCJ],[],
- [AC_PROVIDE_IFELSE([A][M_PROG_GCJ],[],
- [AC_PROVIDE_IFELSE([LT_AC_PROG_GCJ],[],
- [ifdef([AC_PROG_GCJ],[AC_REQUIRE([AC_PROG_GCJ])],
- [ifdef([A][M_PROG_GCJ],[AC_REQUIRE([A][M_PROG_GCJ])],
- [AC_REQUIRE([A][C_PROG_GCJ_OR_A][M_PROG_GCJ])])])])])])
-_LT_AC_SHELL_INIT([tagnames=${tagnames+${tagnames},}GCJ])
-])# _LT_AC_LANG_GCJ
-
-
-# AC_LIBTOOL_RC
-# -------------
-# enable support for Windows resource files
-AC_DEFUN([AC_LIBTOOL_RC],
-[AC_REQUIRE([LT_AC_PROG_RC])
-_LT_AC_SHELL_INIT([tagnames=${tagnames+${tagnames},}RC])
-])# AC_LIBTOOL_RC
-
-
-# AC_LIBTOOL_LANG_C_CONFIG
-# ------------------------
-# Ensure that the configuration vars for the C compiler are
-# suitably defined. Those variables are subsequently used by
-# AC_LIBTOOL_CONFIG to write the compiler configuration to `libtool'.
-AC_DEFUN([AC_LIBTOOL_LANG_C_CONFIG], [_LT_AC_LANG_C_CONFIG])
-AC_DEFUN([_LT_AC_LANG_C_CONFIG],
-[lt_save_CC="$CC"
-AC_LANG_PUSH(C)
-
-# Source file extension for C test sources.
-ac_ext=c
-
-# Object file extension for compiled C test sources.
-objext=o
-_LT_AC_TAGVAR(objext, $1)=$objext
-
-# Code to be used in simple compile tests
-lt_simple_compile_test_code="int some_variable = 0;"
-
-# Code to be used in simple link tests
-lt_simple_link_test_code='int main(){return(0);}'
-
-_LT_AC_SYS_COMPILER
-
-# save warnings/boilerplate of simple test code
-_LT_COMPILER_BOILERPLATE
-_LT_LINKER_BOILERPLATE
-
-## CAVEAT EMPTOR:
-## There is no encapsulation within the following macros, do not change
-## the running order or otherwise move them around unless you know exactly
-## what you are doing...
-AC_LIBTOOL_PROG_COMPILER_NO_RTTI($1)
-AC_LIBTOOL_PROG_COMPILER_PIC($1)
-AC_LIBTOOL_PROG_CC_C_O($1)
-AC_LIBTOOL_SYS_HARD_LINK_LOCKS($1)
-AC_LIBTOOL_PROG_LD_SHLIBS($1)
-AC_LIBTOOL_SYS_DYNAMIC_LINKER($1)
-AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH($1)
-AC_LIBTOOL_SYS_LIB_STRIP
-AC_LIBTOOL_DLOPEN_SELF
-
-# Report which library types will actually be built
-AC_MSG_CHECKING([if libtool supports shared libraries])
-AC_MSG_RESULT([$can_build_shared])
-
-AC_MSG_CHECKING([whether to build shared libraries])
-test "$can_build_shared" = "no" && enable_shared=no
-
-# On AIX, shared libraries and static libraries use the same namespace, and
-# are all built from PIC.
-case $host_os in
-aix3*)
- test "$enable_shared" = yes && enable_static=no
- if test -n "$RANLIB"; then
- archive_cmds="$archive_cmds~\$RANLIB \$lib"
- postinstall_cmds='$RANLIB $lib'
- fi
- ;;
-
-aix[[4-9]]*)
- if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then
- test "$enable_shared" = yes && enable_static=no
- fi
- ;;
-esac
-AC_MSG_RESULT([$enable_shared])
-
-AC_MSG_CHECKING([whether to build static libraries])
-# Make sure either enable_shared or enable_static is yes.
-test "$enable_shared" = yes || enable_static=yes
-AC_MSG_RESULT([$enable_static])
-
-AC_LIBTOOL_CONFIG($1)
-
-AC_LANG_POP
-CC="$lt_save_CC"
-])# AC_LIBTOOL_LANG_C_CONFIG
-
-
-# AC_LIBTOOL_LANG_CXX_CONFIG
-# --------------------------
-# Ensure that the configuration vars for the C compiler are
-# suitably defined. Those variables are subsequently used by
-# AC_LIBTOOL_CONFIG to write the compiler configuration to `libtool'.
-AC_DEFUN([AC_LIBTOOL_LANG_CXX_CONFIG], [_LT_AC_LANG_CXX_CONFIG(CXX)])
-AC_DEFUN([_LT_AC_LANG_CXX_CONFIG],
-[AC_LANG_PUSH(C++)
-AC_REQUIRE([AC_PROG_CXX])
-AC_REQUIRE([_LT_AC_PROG_CXXCPP])
-
-_LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no
-_LT_AC_TAGVAR(allow_undefined_flag, $1)=
-_LT_AC_TAGVAR(always_export_symbols, $1)=no
-_LT_AC_TAGVAR(archive_expsym_cmds, $1)=
-_LT_AC_TAGVAR(export_dynamic_flag_spec, $1)=
-_LT_AC_TAGVAR(hardcode_direct, $1)=no
-_LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)=
-_LT_AC_TAGVAR(hardcode_libdir_flag_spec_ld, $1)=
-_LT_AC_TAGVAR(hardcode_libdir_separator, $1)=
-_LT_AC_TAGVAR(hardcode_minus_L, $1)=no
-_LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=unsupported
-_LT_AC_TAGVAR(hardcode_automatic, $1)=no
-_LT_AC_TAGVAR(module_cmds, $1)=
-_LT_AC_TAGVAR(module_expsym_cmds, $1)=
-_LT_AC_TAGVAR(link_all_deplibs, $1)=unknown
-_LT_AC_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
-_LT_AC_TAGVAR(no_undefined_flag, $1)=
-_LT_AC_TAGVAR(whole_archive_flag_spec, $1)=
-_LT_AC_TAGVAR(enable_shared_with_static_runtimes, $1)=no
-
-# Dependencies to place before and after the object being linked:
-_LT_AC_TAGVAR(predep_objects, $1)=
-_LT_AC_TAGVAR(postdep_objects, $1)=
-_LT_AC_TAGVAR(predeps, $1)=
-_LT_AC_TAGVAR(postdeps, $1)=
-_LT_AC_TAGVAR(compiler_lib_search_path, $1)=
-_LT_AC_TAGVAR(compiler_lib_search_dirs, $1)=
-
-# Source file extension for C++ test sources.
-ac_ext=cpp
-
-# Object file extension for compiled C++ test sources.
-objext=o
-_LT_AC_TAGVAR(objext, $1)=$objext
-
-# Code to be used in simple compile tests
-lt_simple_compile_test_code="int some_variable = 0;"
-
-# Code to be used in simple link tests
-lt_simple_link_test_code='int main(int, char *[[]]) { return(0); }'
-
-# ltmain only uses $CC for tagged configurations so make sure $CC is set.
-_LT_AC_SYS_COMPILER
-
-# save warnings/boilerplate of simple test code
-_LT_COMPILER_BOILERPLATE
-_LT_LINKER_BOILERPLATE
-
-# Allow CC to be a program name with arguments.
-lt_save_CC=$CC
-lt_save_LD=$LD
-lt_save_GCC=$GCC
-GCC=$GXX
-lt_save_with_gnu_ld=$with_gnu_ld
-lt_save_path_LD=$lt_cv_path_LD
-if test -n "${lt_cv_prog_gnu_ldcxx+set}"; then
- lt_cv_prog_gnu_ld=$lt_cv_prog_gnu_ldcxx
-else
- $as_unset lt_cv_prog_gnu_ld
-fi
-if test -n "${lt_cv_path_LDCXX+set}"; then
- lt_cv_path_LD=$lt_cv_path_LDCXX
-else
- $as_unset lt_cv_path_LD
-fi
-test -z "${LDCXX+set}" || LD=$LDCXX
-CC=${CXX-"c++"}
-compiler=$CC
-_LT_AC_TAGVAR(compiler, $1)=$CC
-_LT_CC_BASENAME([$compiler])
-
-# We don't want -fno-exception wen compiling C++ code, so set the
-# no_builtin_flag separately
-if test "$GXX" = yes; then
- _LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -fno-builtin'
-else
- _LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=
-fi
-
-if test "$GXX" = yes; then
- # Set up default GNU C++ configuration
-
- AC_PROG_LD
-
- # Check if GNU C++ uses GNU ld as the underlying linker, since the
- # archiving commands below assume that GNU ld is being used.
- if test "$with_gnu_ld" = yes; then
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib'
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
-
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}--rpath ${wl}$libdir'
- _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
-
- # If archive_cmds runs LD, not CC, wlarc should be empty
- # XXX I think wlarc can be eliminated in ltcf-cxx, but I need to
- # investigate it a little bit more. (MM)
- wlarc='${wl}'
-
- # ancient GNU ld didn't support --whole-archive et. al.
- if eval "`$CC -print-prog-name=ld` --help 2>&1" | \
- grep 'no-whole-archive' > /dev/null; then
- _LT_AC_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive'
- else
- _LT_AC_TAGVAR(whole_archive_flag_spec, $1)=
- fi
- else
- with_gnu_ld=no
- wlarc=
-
- # A generic and very simple default shared library creation
- # command for GNU C++ for the case where it uses the native
- # linker, instead of GNU ld. If possible, this setting should
- # overridden to take advantage of the native linker features on
- # the platform it is being used on.
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib'
- fi
-
- # Commands to make compiler produce verbose output that lists
- # what "hidden" libraries, object files and flags are used when
- # linking a shared library.
- output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "\-L"'
-
-else
- GXX=no
- with_gnu_ld=no
- wlarc=
-fi
-
-# PORTME: fill in a description of your system's C++ link characteristics
-AC_MSG_CHECKING([whether the $compiler linker ($LD) supports shared libraries])
-_LT_AC_TAGVAR(ld_shlibs, $1)=yes
-case $host_os in
- aix3*)
- # FIXME: insert proper C++ library support
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- ;;
- aix[[4-9]]*)
- if test "$host_cpu" = ia64; then
- # On IA64, the linker does run time linking by default, so we don't
- # have to do anything special.
- aix_use_runtimelinking=no
- exp_sym_flag='-Bexport'
- no_entry_flag=""
- else
- aix_use_runtimelinking=no
-
- # Test if we are trying to use run time linking or normal
- # AIX style linking. If -brtl is somewhere in LDFLAGS, we
- # need to do runtime linking.
- case $host_os in aix4.[[23]]|aix4.[[23]].*|aix[[5-9]]*)
- for ld_flag in $LDFLAGS; do
- case $ld_flag in
- *-brtl*)
- aix_use_runtimelinking=yes
- break
- ;;
- esac
- done
- ;;
- esac
-
- exp_sym_flag='-bexport'
- no_entry_flag='-bnoentry'
- fi
-
- # When large executables or shared objects are built, AIX ld can
- # have problems creating the table of contents. If linking a library
- # or program results in "error TOC overflow" add -mminimal-toc to
- # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not
- # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS.
-
- _LT_AC_TAGVAR(archive_cmds, $1)=''
- _LT_AC_TAGVAR(hardcode_direct, $1)=yes
- _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=':'
- _LT_AC_TAGVAR(link_all_deplibs, $1)=yes
-
- if test "$GXX" = yes; then
- case $host_os in aix4.[[012]]|aix4.[[012]].*)
- # We only want to do this on AIX 4.2 and lower, the check
- # below for broken collect2 doesn't work under 4.3+
- collect2name=`${CC} -print-prog-name=collect2`
- if test -f "$collect2name" && \
- strings "$collect2name" | grep resolve_lib_name >/dev/null
- then
- # We have reworked collect2
- :
- else
- # We have old collect2
- _LT_AC_TAGVAR(hardcode_direct, $1)=unsupported
- # It fails to find uninstalled libraries when the uninstalled
- # path is not listed in the libpath. Setting hardcode_minus_L
- # to unsupported forces relinking
- _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
- _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=
- fi
- ;;
- esac
- shared_flag='-shared'
- if test "$aix_use_runtimelinking" = yes; then
- shared_flag="$shared_flag "'${wl}-G'
- fi
- else
- # not using gcc
- if test "$host_cpu" = ia64; then
- # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release
- # chokes on -Wl,-G. The following line is correct:
- shared_flag='-G'
- else
- if test "$aix_use_runtimelinking" = yes; then
- shared_flag='${wl}-G'
- else
- shared_flag='${wl}-bM:SRE'
- fi
- fi
- fi
-
- # It seems that -bexpall does not export symbols beginning with
- # underscore (_), so it is better to generate a list of symbols to export.
- _LT_AC_TAGVAR(always_export_symbols, $1)=yes
- if test "$aix_use_runtimelinking" = yes; then
- # Warning - without using the other runtime loading flags (-brtl),
- # -berok will link without error, but may produce a broken library.
- _LT_AC_TAGVAR(allow_undefined_flag, $1)='-berok'
- # Determine the default libpath from the value encoded in an empty executable.
- _LT_AC_SYS_LIBPATH_AIX
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath"
-
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)="\$CC"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then echo "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag"
- else
- if test "$host_cpu" = ia64; then
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $libdir:/usr/lib:/lib'
- _LT_AC_TAGVAR(allow_undefined_flag, $1)="-z nodefs"
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols"
- else
- # Determine the default libpath from the value encoded in an empty executable.
- _LT_AC_SYS_LIBPATH_AIX
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath"
- # Warning - without using the other run time loading flags,
- # -berok will link without error, but may produce a broken library.
- _LT_AC_TAGVAR(no_undefined_flag, $1)=' ${wl}-bernotok'
- _LT_AC_TAGVAR(allow_undefined_flag, $1)=' ${wl}-berok'
- # Exported symbols can be pulled into shared objects from archives
- _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='$convenience'
- _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=yes
- # This is similar to how AIX traditionally builds its shared libraries.
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname'
- fi
- fi
- ;;
-
- beos*)
- if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
- _LT_AC_TAGVAR(allow_undefined_flag, $1)=unsupported
- # Joseph Beckenbach <jrb3 at best.com> says some releases of gcc
- # support --undefined. This deserves some investigation. FIXME
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
- else
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- fi
- ;;
-
- chorus*)
- case $cc_basename in
- *)
- # FIXME: insert proper C++ library support
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- ;;
- esac
- ;;
-
- cygwin* | mingw* | pw32*)
- # _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless,
- # as there is no search path for DLLs.
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
- _LT_AC_TAGVAR(allow_undefined_flag, $1)=unsupported
- _LT_AC_TAGVAR(always_export_symbols, $1)=no
- _LT_AC_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
-
- if $LD --help 2>&1 | grep 'auto-import' > /dev/null; then
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
- # If the export-symbols file already is a .def file (1st line
- # is EXPORTS), use it as is; otherwise, prepend...
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then
- cp $export_symbols $output_objdir/$soname.def;
- else
- echo EXPORTS > $output_objdir/$soname.def;
- cat $export_symbols >> $output_objdir/$soname.def;
- fi~
- $CC -shared -nostdlib $output_objdir/$soname.def $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
- else
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- fi
- ;;
- darwin* | rhapsody*)
- _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no
- _LT_AC_TAGVAR(hardcode_direct, $1)=no
- _LT_AC_TAGVAR(hardcode_automatic, $1)=yes
- _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=unsupported
- _LT_AC_TAGVAR(whole_archive_flag_spec, $1)=''
- _LT_AC_TAGVAR(link_all_deplibs, $1)=yes
- _LT_AC_TAGVAR(allow_undefined_flag, $1)="$_lt_dar_allow_undefined"
- if test "$GXX" = yes ; then
- output_verbose_link_cmd='echo'
- _LT_AC_TAGVAR(archive_cmds, $1)="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod${_lt_dsymutil}"
- _LT_AC_TAGVAR(module_cmds, $1)="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dsymutil}"
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring ${_lt_dar_single_mod}${_lt_dar_export_syms}${_lt_dsymutil}"
- _LT_AC_TAGVAR(module_expsym_cmds, $1)="sed -e 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dar_export_syms}${_lt_dsymutil}"
- if test "$lt_cv_apple_cc_single_mod" != "yes"; then
- _LT_AC_TAGVAR(archive_cmds, $1)="\$CC -r -keep_private_externs -nostdlib -o \${lib}-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \${lib}-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring${_lt_dsymutil}"
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -r -keep_private_externs -nostdlib -o \${lib}-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \${lib}-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring${_lt_dar_export_syms}${_lt_dsymutil}"
- fi
- else
- case $cc_basename in
- xlc*)
- output_verbose_link_cmd='echo'
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -qmkshrobj ${wl}-single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}`echo $rpath/$soname` $xlcverstring'
- _LT_AC_TAGVAR(module_cmds, $1)='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags'
- # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -qmkshrobj ${wl}-single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}$rpath/$soname $xlcverstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
- _LT_AC_TAGVAR(module_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
- ;;
- *)
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- ;;
- esac
- fi
- ;;
-
- dgux*)
- case $cc_basename in
- ec++*)
- # FIXME: insert proper C++ library support
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- ;;
- ghcx*)
- # Green Hills C++ Compiler
- # FIXME: insert proper C++ library support
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- ;;
- *)
- # FIXME: insert proper C++ library support
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- ;;
- esac
- ;;
- freebsd[[12]]*)
- # C++ shared libraries reported to be fairly broken before switch to ELF
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- ;;
- freebsd-elf*)
- _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no
- ;;
- freebsd* | dragonfly*)
- # FreeBSD 3 and later use GNU C++ and GNU ld with standard ELF
- # conventions
- _LT_AC_TAGVAR(ld_shlibs, $1)=yes
- ;;
- gnu*)
- ;;
- hpux9*)
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir'
- _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
- _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
- _LT_AC_TAGVAR(hardcode_direct, $1)=yes
- _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes # Not in the search PATH,
- # but as the default
- # location of the library.
-
- case $cc_basename in
- CC*)
- # FIXME: insert proper C++ library support
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- ;;
- aCC*)
- _LT_AC_TAGVAR(archive_cmds, $1)='$rm $output_objdir/$soname~$CC -b ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
- # Commands to make compiler produce verbose output that lists
- # what "hidden" libraries, object files and flags are used when
- # linking a shared library.
- #
- # There doesn't appear to be a way to prevent this compiler from
- # explicitly linking system object files so we need to strip them
- # from the output so that they don't get included in the library
- # dependencies.
- output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | grep "[[-]]L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list'
- ;;
- *)
- if test "$GXX" = yes; then
- _LT_AC_TAGVAR(archive_cmds, $1)='$rm $output_objdir/$soname~$CC -shared -nostdlib -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
- else
- # FIXME: insert proper C++ library support
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- fi
- ;;
- esac
- ;;
- hpux10*|hpux11*)
- if test $with_gnu_ld = no; then
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir'
- _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
-
- case $host_cpu in
- hppa*64*|ia64*) ;;
- *)
- _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
- ;;
- esac
- fi
- case $host_cpu in
- hppa*64*|ia64*)
- _LT_AC_TAGVAR(hardcode_direct, $1)=no
- _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
- ;;
- *)
- _LT_AC_TAGVAR(hardcode_direct, $1)=yes
- _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes # Not in the search PATH,
- # but as the default
- # location of the library.
- ;;
- esac
-
- case $cc_basename in
- CC*)
- # FIXME: insert proper C++ library support
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- ;;
- aCC*)
- case $host_cpu in
- hppa*64*)
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
- ;;
- ia64*)
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
- ;;
- *)
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
- ;;
- esac
- # Commands to make compiler produce verbose output that lists
- # what "hidden" libraries, object files and flags are used when
- # linking a shared library.
- #
- # There doesn't appear to be a way to prevent this compiler from
- # explicitly linking system object files so we need to strip them
- # from the output so that they don't get included in the library
- # dependencies.
- output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | grep "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list'
- ;;
- *)
- if test "$GXX" = yes; then
- if test $with_gnu_ld = no; then
- case $host_cpu in
- hppa*64*)
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
- ;;
- ia64*)
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
- ;;
- *)
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
- ;;
- esac
- fi
- else
- # FIXME: insert proper C++ library support
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- fi
- ;;
- esac
- ;;
- interix[[3-9]]*)
- _LT_AC_TAGVAR(hardcode_direct, $1)=no
- _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
- _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
- # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc.
- # Instead, shared libraries are loaded at an image base (0x10000000 by
- # default) and relocated if they conflict, which is a slow very memory
- # consuming and fragmenting process. To avoid this, we pick a random,
- # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link
- # time. Moving up from 0x10000000 also allows more sbrk(2) space.
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
- ;;
- irix5* | irix6*)
- case $cc_basename in
- CC*)
- # SGI C++
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -all -multigot $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib'
-
- # Archives containing C++ object files must be created using
- # "CC -ar", where "CC" is the IRIX C++ compiler. This is
- # necessary to make sure instantiated templates are included
- # in the archive.
- _LT_AC_TAGVAR(old_archive_cmds, $1)='$CC -ar -WR,-u -o $oldlib $oldobjs'
- ;;
- *)
- if test "$GXX" = yes; then
- if test "$with_gnu_ld" = no; then
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
- else
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` -o $lib'
- fi
- fi
- _LT_AC_TAGVAR(link_all_deplibs, $1)=yes
- ;;
- esac
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
- _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
- ;;
- linux* | k*bsd*-gnu)
- case $cc_basename in
- KCC*)
- # Kuck and Associates, Inc. (KAI) C++ Compiler
-
- # KCC will only create a shared library if the output file
- # ends with ".so" (or ".sl" for HP-UX), so rename the library
- # to its proper name (with version) after linking.
- _LT_AC_TAGVAR(archive_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib'
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib ${wl}-retain-symbols-file,$export_symbols; mv \$templib $lib'
- # Commands to make compiler produce verbose output that lists
- # what "hidden" libraries, object files and flags are used when
- # linking a shared library.
- #
- # There doesn't appear to be a way to prevent this compiler from
- # explicitly linking system object files so we need to strip them
- # from the output so that they don't get included in the library
- # dependencies.
- output_verbose_link_cmd='templist=`$CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1 | grep "ld"`; rm -f libconftest$shared_ext; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list'
-
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}--rpath,$libdir'
- _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
-
- # Archives containing C++ object files must be created using
- # "CC -Bstatic", where "CC" is the KAI C++ compiler.
- _LT_AC_TAGVAR(old_archive_cmds, $1)='$CC -Bstatic -o $oldlib $oldobjs'
- ;;
- icpc*)
- # Intel C++
- with_gnu_ld=yes
- # version 8.0 and above of icpc choke on multiply defined symbols
- # if we add $predep_objects and $postdep_objects, however 7.1 and
- # earlier do not add the objects themselves.
- case `$CC -V 2>&1` in
- *"Version 7."*)
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib'
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
- ;;
- *) # Version 8.0 or newer
- tmp_idyn=
- case $host_cpu in
- ia64*) tmp_idyn=' -i_dynamic';;
- esac
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
- ;;
- esac
- _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
- _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
- _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive$convenience ${wl}--no-whole-archive'
- ;;
- pgCC* | pgcpp*)
- # Portland Group C++ compiler
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib'
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib'
-
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}--rpath ${wl}$libdir'
- _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
- _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive'
- ;;
- cxx*)
- # Compaq C++
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib'
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib ${wl}-retain-symbols-file $wl$export_symbols'
-
- runpath_var=LD_RUN_PATH
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir'
- _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
-
- # Commands to make compiler produce verbose output that lists
- # what "hidden" libraries, object files and flags are used when
- # linking a shared library.
- #
- # There doesn't appear to be a way to prevent this compiler from
- # explicitly linking system object files so we need to strip them
- # from the output so that they don't get included in the library
- # dependencies.
- output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "ld"`; templist=`echo $templist | $SED "s/\(^.*ld.*\)\( .*ld .*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list'
- ;;
- *)
- case `$CC -V 2>&1 | sed 5q` in
- *Sun\ C*)
- # Sun C++ 5.9
- _LT_AC_TAGVAR(no_undefined_flag, $1)=' -zdefs'
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-retain-symbols-file ${wl}$export_symbols'
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
- _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive'
-
- # Not sure whether something based on
- # $CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1
- # would be better.
- output_verbose_link_cmd='echo'
-
- # Archives containing C++ object files must be created using
- # "CC -xar", where "CC" is the Sun C++ compiler. This is
- # necessary to make sure instantiated templates are included
- # in the archive.
- _LT_AC_TAGVAR(old_archive_cmds, $1)='$CC -xar -o $oldlib $oldobjs'
- ;;
- esac
- ;;
- esac
- ;;
- lynxos*)
- # FIXME: insert proper C++ library support
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- ;;
- m88k*)
- # FIXME: insert proper C++ library support
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- ;;
- mvs*)
- case $cc_basename in
- cxx*)
- # FIXME: insert proper C++ library support
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- ;;
- *)
- # FIXME: insert proper C++ library support
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- ;;
- esac
- ;;
- netbsd*)
- if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then
- _LT_AC_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $predep_objects $libobjs $deplibs $postdep_objects $linker_flags'
- wlarc=
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
- _LT_AC_TAGVAR(hardcode_direct, $1)=yes
- _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
- fi
- # Workaround some broken pre-1.5 toolchains
- output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep conftest.$objext | $SED -e "s:-lgcc -lc -lgcc::"'
- ;;
- openbsd2*)
- # C++ shared libraries are fairly broken
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- ;;
- openbsd*)
- if test -f /usr/libexec/ld.so; then
- _LT_AC_TAGVAR(hardcode_direct, $1)=yes
- _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib'
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
- if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-retain-symbols-file,$export_symbols -o $lib'
- _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
- _LT_AC_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive'
- fi
- output_verbose_link_cmd='echo'
- else
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- fi
- ;;
- osf3*)
- case $cc_basename in
- KCC*)
- # Kuck and Associates, Inc. (KAI) C++ Compiler
-
- # KCC will only create a shared library if the output file
- # ends with ".so" (or ".sl" for HP-UX), so rename the library
- # to its proper name (with version) after linking.
- _LT_AC_TAGVAR(archive_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib'
-
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
- _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
-
- # Archives containing C++ object files must be created using
- # "CC -Bstatic", where "CC" is the KAI C++ compiler.
- _LT_AC_TAGVAR(old_archive_cmds, $1)='$CC -Bstatic -o $oldlib $oldobjs'
-
- ;;
- RCC*)
- # Rational C++ 2.4.1
- # FIXME: insert proper C++ library support
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- ;;
- cxx*)
- _LT_AC_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $soname `test -n "$verstring" && echo ${wl}-set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib'
-
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
- _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
-
- # Commands to make compiler produce verbose output that lists
- # what "hidden" libraries, object files and flags are used when
- # linking a shared library.
- #
- # There doesn't appear to be a way to prevent this compiler from
- # explicitly linking system object files so we need to strip them
- # from the output so that they don't get included in the library
- # dependencies.
- output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "ld" | grep -v "ld:"`; templist=`echo $templist | $SED "s/\(^.*ld.*\)\( .*ld.*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list'
- ;;
- *)
- if test "$GXX" = yes && test "$with_gnu_ld" = no; then
- _LT_AC_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
-
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
- _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
-
- # Commands to make compiler produce verbose output that lists
- # what "hidden" libraries, object files and flags are used when
- # linking a shared library.
- output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "\-L"'
-
- else
- # FIXME: insert proper C++ library support
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- fi
- ;;
- esac
- ;;
- osf4* | osf5*)
- case $cc_basename in
- KCC*)
- # Kuck and Associates, Inc. (KAI) C++ Compiler
-
- # KCC will only create a shared library if the output file
- # ends with ".so" (or ".sl" for HP-UX), so rename the library
- # to its proper name (with version) after linking.
- _LT_AC_TAGVAR(archive_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib'
-
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
- _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
-
- # Archives containing C++ object files must be created using
- # the KAI C++ compiler.
- _LT_AC_TAGVAR(old_archive_cmds, $1)='$CC -o $oldlib $oldobjs'
- ;;
- RCC*)
- # Rational C++ 2.4.1
- # FIXME: insert proper C++ library support
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- ;;
- cxx*)
- _LT_AC_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*'
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib'
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done~
- echo "-hidden">> $lib.exp~
- $CC -shared$allow_undefined_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname -Wl,-input -Wl,$lib.exp `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib~
- $rm $lib.exp'
-
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir'
- _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
-
- # Commands to make compiler produce verbose output that lists
- # what "hidden" libraries, object files and flags are used when
- # linking a shared library.
- #
- # There doesn't appear to be a way to prevent this compiler from
- # explicitly linking system object files so we need to strip them
- # from the output so that they don't get included in the library
- # dependencies.
- output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "ld" | grep -v "ld:"`; templist=`echo $templist | $SED "s/\(^.*ld.*\)\( .*ld.*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list'
- ;;
- *)
- if test "$GXX" = yes && test "$with_gnu_ld" = no; then
- _LT_AC_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
-
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
- _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
-
- # Commands to make compiler produce verbose output that lists
- # what "hidden" libraries, object files and flags are used when
- # linking a shared library.
- output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "\-L"'
-
- else
- # FIXME: insert proper C++ library support
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- fi
- ;;
- esac
- ;;
- psos*)
- # FIXME: insert proper C++ library support
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- ;;
- sunos4*)
- case $cc_basename in
- CC*)
- # Sun C++ 4.x
- # FIXME: insert proper C++ library support
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- ;;
- lcc*)
- # Lucid
- # FIXME: insert proper C++ library support
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- ;;
- *)
- # FIXME: insert proper C++ library support
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- ;;
- esac
- ;;
- solaris*)
- case $cc_basename in
- CC*)
- # Sun C++ 4.2, 5.x and Centerline C++
- _LT_AC_TAGVAR(archive_cmds_need_lc,$1)=yes
- _LT_AC_TAGVAR(no_undefined_flag, $1)=' -zdefs'
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~
- $CC -G${allow_undefined_flag} ${wl}-M ${wl}$lib.exp -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$rm $lib.exp'
-
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
- _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
- case $host_os in
- solaris2.[[0-5]] | solaris2.[[0-5]].*) ;;
- *)
- # The compiler driver will combine and reorder linker options,
- # but understands `-z linker_flag'.
- # Supported since Solaris 2.6 (maybe 2.5.1?)
- _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='-z allextract$convenience -z defaultextract'
- ;;
- esac
- _LT_AC_TAGVAR(link_all_deplibs, $1)=yes
-
- output_verbose_link_cmd='echo'
-
- # Archives containing C++ object files must be created using
- # "CC -xar", where "CC" is the Sun C++ compiler. This is
- # necessary to make sure instantiated templates are included
- # in the archive.
- _LT_AC_TAGVAR(old_archive_cmds, $1)='$CC -xar -o $oldlib $oldobjs'
- ;;
- gcx*)
- # Green Hills C++ Compiler
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib'
-
- # The C++ compiler must be used to create the archive.
- _LT_AC_TAGVAR(old_archive_cmds, $1)='$CC $LDFLAGS -archive -o $oldlib $oldobjs'
- ;;
- *)
- # GNU C++ compiler with Solaris linker
- if test "$GXX" = yes && test "$with_gnu_ld" = no; then
- _LT_AC_TAGVAR(no_undefined_flag, $1)=' ${wl}-z ${wl}defs'
- if $CC --version | grep -v '^2\.7' > /dev/null; then
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib'
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~
- $CC -shared -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$rm $lib.exp'
-
- # Commands to make compiler produce verbose output that lists
- # what "hidden" libraries, object files and flags are used when
- # linking a shared library.
- output_verbose_link_cmd="$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep \"\-L\""
- else
- # g++ 2.7 appears to require `-G' NOT `-shared' on this
- # platform.
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -G -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib'
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~
- $CC -G -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$rm $lib.exp'
-
- # Commands to make compiler produce verbose output that lists
- # what "hidden" libraries, object files and flags are used when
- # linking a shared library.
- output_verbose_link_cmd="$CC -G $CFLAGS -v conftest.$objext 2>&1 | grep \"\-L\""
- fi
-
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $wl$libdir'
- case $host_os in
- solaris2.[[0-5]] | solaris2.[[0-5]].*) ;;
- *)
- _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='${wl}-z ${wl}allextract$convenience ${wl}-z ${wl}defaultextract'
- ;;
- esac
- fi
- ;;
- esac
- ;;
- sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[[01]].[[10]]* | unixware7* | sco3.2v5.0.[[024]]*)
- _LT_AC_TAGVAR(no_undefined_flag, $1)='${wl}-z,text'
- _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no
- _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
- runpath_var='LD_RUN_PATH'
-
- case $cc_basename in
- CC*)
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
- ;;
- *)
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
- ;;
- esac
- ;;
- sysv5* | sco3.2v5* | sco5v6*)
- # Note: We can NOT use -z defs as we might desire, because we do not
- # link with -lc, and that would cause any symbols used from libc to
- # always be unresolved, which means just about no library would
- # ever link correctly. If we're not using GNU ld we use -z text
- # though, which does catch some bad symbols but isn't as heavy-handed
- # as -z defs.
- # For security reasons, it is highly recommended that you always
- # use absolute paths for naming shared libraries, and exclude the
- # DT_RUNPATH tag from executables and libraries. But doing so
- # requires that you compile everything twice, which is a pain.
- # So that behaviour is only enabled if SCOABSPATH is set to a
- # non-empty value in the environment. Most likely only useful for
- # creating official distributions of packages.
- # This is a hack until libtool officially supports absolute path
- # names for shared libraries.
- _LT_AC_TAGVAR(no_undefined_flag, $1)='${wl}-z,text'
- _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-z,nodefs'
- _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no
- _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='`test -z "$SCOABSPATH" && echo ${wl}-R,$libdir`'
- _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=':'
- _LT_AC_TAGVAR(link_all_deplibs, $1)=yes
- _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-Bexport'
- runpath_var='LD_RUN_PATH'
-
- case $cc_basename in
- CC*)
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
- ;;
- *)
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
- ;;
- esac
- ;;
- tandem*)
- case $cc_basename in
- NCC*)
- # NonStop-UX NCC 3.20
- # FIXME: insert proper C++ library support
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- ;;
- *)
- # FIXME: insert proper C++ library support
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- ;;
- esac
- ;;
- vxworks*)
- # FIXME: insert proper C++ library support
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- ;;
- *)
- # FIXME: insert proper C++ library support
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- ;;
-esac
-AC_MSG_RESULT([$_LT_AC_TAGVAR(ld_shlibs, $1)])
-test "$_LT_AC_TAGVAR(ld_shlibs, $1)" = no && can_build_shared=no
-
-_LT_AC_TAGVAR(GCC, $1)="$GXX"
-_LT_AC_TAGVAR(LD, $1)="$LD"
-
-## CAVEAT EMPTOR:
-## There is no encapsulation within the following macros, do not change
-## the running order or otherwise move them around unless you know exactly
-## what you are doing...
-AC_LIBTOOL_POSTDEP_PREDEP($1)
-AC_LIBTOOL_PROG_COMPILER_PIC($1)
-AC_LIBTOOL_PROG_CC_C_O($1)
-AC_LIBTOOL_SYS_HARD_LINK_LOCKS($1)
-AC_LIBTOOL_PROG_LD_SHLIBS($1)
-AC_LIBTOOL_SYS_DYNAMIC_LINKER($1)
-AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH($1)
-
-AC_LIBTOOL_CONFIG($1)
-
-AC_LANG_POP
-CC=$lt_save_CC
-LDCXX=$LD
-LD=$lt_save_LD
-GCC=$lt_save_GCC
-with_gnu_ldcxx=$with_gnu_ld
-with_gnu_ld=$lt_save_with_gnu_ld
-lt_cv_path_LDCXX=$lt_cv_path_LD
-lt_cv_path_LD=$lt_save_path_LD
-lt_cv_prog_gnu_ldcxx=$lt_cv_prog_gnu_ld
-lt_cv_prog_gnu_ld=$lt_save_with_gnu_ld
-])# AC_LIBTOOL_LANG_CXX_CONFIG
-
-# AC_LIBTOOL_POSTDEP_PREDEP([TAGNAME])
-# ------------------------------------
-# Figure out "hidden" library dependencies from verbose
-# compiler output when linking a shared library.
-# Parse the compiler output and extract the necessary
-# objects, libraries and library flags.
-AC_DEFUN([AC_LIBTOOL_POSTDEP_PREDEP],
-[AC_REQUIRE([LT_AC_PROG_SED])dnl
-dnl we can't use the lt_simple_compile_test_code here,
-dnl because it contains code intended for an executable,
-dnl not a library. It's possible we should let each
-dnl tag define a new lt_????_link_test_code variable,
-dnl but it's only used here...
-ifelse([$1],[],[cat > conftest.$ac_ext <<EOF
-int a;
-void foo (void) { a = 0; }
-EOF
-],[$1],[CXX],[cat > conftest.$ac_ext <<EOF
-class Foo
-{
-public:
- Foo (void) { a = 0; }
-private:
- int a;
-};
-EOF
-],[$1],[F77],[cat > conftest.$ac_ext <<EOF
- subroutine foo
- implicit none
- integer*4 a
- a=0
- return
- end
-EOF
-],[$1],[GCJ],[cat > conftest.$ac_ext <<EOF
-public class foo {
- private int a;
- public void bar (void) {
- a = 0;
- }
-};
-EOF
-])
-dnl Parse the compiler output and extract the necessary
-dnl objects, libraries and library flags.
-if AC_TRY_EVAL(ac_compile); then
- # Parse the compiler output and extract the necessary
- # objects, libraries and library flags.
-
- # Sentinel used to keep track of whether or not we are before
- # the conftest object file.
- pre_test_object_deps_done=no
-
- # The `*' in the case matches for architectures that use `case' in
- # $output_verbose_cmd can trigger glob expansion during the loop
- # eval without this substitution.
- output_verbose_link_cmd=`$echo "X$output_verbose_link_cmd" | $Xsed -e "$no_glob_subst"`
-
- for p in `eval $output_verbose_link_cmd`; do
- case $p in
-
- -L* | -R* | -l*)
- # Some compilers place space between "-{L,R}" and the path.
- # Remove the space.
- if test $p = "-L" \
- || test $p = "-R"; then
- prev=$p
- continue
- else
- prev=
- fi
-
- if test "$pre_test_object_deps_done" = no; then
- case $p in
- -L* | -R*)
- # Internal compiler library paths should come after those
- # provided the user. The postdeps already come after the
- # user supplied libs so there is no need to process them.
- if test -z "$_LT_AC_TAGVAR(compiler_lib_search_path, $1)"; then
- _LT_AC_TAGVAR(compiler_lib_search_path, $1)="${prev}${p}"
- else
- _LT_AC_TAGVAR(compiler_lib_search_path, $1)="${_LT_AC_TAGVAR(compiler_lib_search_path, $1)} ${prev}${p}"
- fi
- ;;
- # The "-l" case would never come before the object being
- # linked, so don't bother handling this case.
- esac
- else
- if test -z "$_LT_AC_TAGVAR(postdeps, $1)"; then
- _LT_AC_TAGVAR(postdeps, $1)="${prev}${p}"
- else
- _LT_AC_TAGVAR(postdeps, $1)="${_LT_AC_TAGVAR(postdeps, $1)} ${prev}${p}"
- fi
- fi
- ;;
-
- *.$objext)
- # This assumes that the test object file only shows up
- # once in the compiler output.
- if test "$p" = "conftest.$objext"; then
- pre_test_object_deps_done=yes
- continue
- fi
-
- if test "$pre_test_object_deps_done" = no; then
- if test -z "$_LT_AC_TAGVAR(predep_objects, $1)"; then
- _LT_AC_TAGVAR(predep_objects, $1)="$p"
- else
- _LT_AC_TAGVAR(predep_objects, $1)="$_LT_AC_TAGVAR(predep_objects, $1) $p"
- fi
- else
- if test -z "$_LT_AC_TAGVAR(postdep_objects, $1)"; then
- _LT_AC_TAGVAR(postdep_objects, $1)="$p"
- else
- _LT_AC_TAGVAR(postdep_objects, $1)="$_LT_AC_TAGVAR(postdep_objects, $1) $p"
- fi
- fi
- ;;
-
- *) ;; # Ignore the rest.
-
- esac
- done
-
- # Clean up.
- rm -f a.out a.exe
-else
- echo "libtool.m4: error: problem compiling $1 test program"
-fi
-
-$rm -f confest.$objext
-
-_LT_AC_TAGVAR(compiler_lib_search_dirs, $1)=
-if test -n "$_LT_AC_TAGVAR(compiler_lib_search_path, $1)"; then
- _LT_AC_TAGVAR(compiler_lib_search_dirs, $1)=`echo " ${_LT_AC_TAGVAR(compiler_lib_search_path, $1)}" | ${SED} -e 's! -L! !g' -e 's!^ !!'`
-fi
-
-# PORTME: override above test on systems where it is broken
-ifelse([$1],[CXX],
-[case $host_os in
-interix[[3-9]]*)
- # Interix 3.5 installs completely hosed .la files for C++, so rather than
- # hack all around it, let's just trust "g++" to DTRT.
- _LT_AC_TAGVAR(predep_objects,$1)=
- _LT_AC_TAGVAR(postdep_objects,$1)=
- _LT_AC_TAGVAR(postdeps,$1)=
- ;;
-
-linux*)
- case `$CC -V 2>&1 | sed 5q` in
- *Sun\ C*)
- # Sun C++ 5.9
- #
- # The more standards-conforming stlport4 library is
- # incompatible with the Cstd library. Avoid specifying
- # it if it's in CXXFLAGS. Ignore libCrun as
- # -library=stlport4 depends on it.
- case " $CXX $CXXFLAGS " in
- *" -library=stlport4 "*)
- solaris_use_stlport4=yes
- ;;
- esac
- if test "$solaris_use_stlport4" != yes; then
- _LT_AC_TAGVAR(postdeps,$1)='-library=Cstd -library=Crun'
- fi
- ;;
- esac
- ;;
-
-solaris*)
- case $cc_basename in
- CC*)
- # The more standards-conforming stlport4 library is
- # incompatible with the Cstd library. Avoid specifying
- # it if it's in CXXFLAGS. Ignore libCrun as
- # -library=stlport4 depends on it.
- case " $CXX $CXXFLAGS " in
- *" -library=stlport4 "*)
- solaris_use_stlport4=yes
- ;;
- esac
-
- # Adding this requires a known-good setup of shared libraries for
- # Sun compiler versions before 5.6, else PIC objects from an old
- # archive will be linked into the output, leading to subtle bugs.
- if test "$solaris_use_stlport4" != yes; then
- _LT_AC_TAGVAR(postdeps,$1)='-library=Cstd -library=Crun'
- fi
- ;;
- esac
- ;;
-esac
-])
-case " $_LT_AC_TAGVAR(postdeps, $1) " in
-*" -lc "*) _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no ;;
-esac
-])# AC_LIBTOOL_POSTDEP_PREDEP
-
-# AC_LIBTOOL_LANG_F77_CONFIG
-# --------------------------
-# Ensure that the configuration vars for the C compiler are
-# suitably defined. Those variables are subsequently used by
-# AC_LIBTOOL_CONFIG to write the compiler configuration to `libtool'.
-AC_DEFUN([AC_LIBTOOL_LANG_F77_CONFIG], [_LT_AC_LANG_F77_CONFIG(F77)])
-AC_DEFUN([_LT_AC_LANG_F77_CONFIG],
-[AC_REQUIRE([AC_PROG_F77])
-AC_LANG_PUSH(Fortran 77)
-
-_LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no
-_LT_AC_TAGVAR(allow_undefined_flag, $1)=
-_LT_AC_TAGVAR(always_export_symbols, $1)=no
-_LT_AC_TAGVAR(archive_expsym_cmds, $1)=
-_LT_AC_TAGVAR(export_dynamic_flag_spec, $1)=
-_LT_AC_TAGVAR(hardcode_direct, $1)=no
-_LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)=
-_LT_AC_TAGVAR(hardcode_libdir_flag_spec_ld, $1)=
-_LT_AC_TAGVAR(hardcode_libdir_separator, $1)=
-_LT_AC_TAGVAR(hardcode_minus_L, $1)=no
-_LT_AC_TAGVAR(hardcode_automatic, $1)=no
-_LT_AC_TAGVAR(module_cmds, $1)=
-_LT_AC_TAGVAR(module_expsym_cmds, $1)=
-_LT_AC_TAGVAR(link_all_deplibs, $1)=unknown
-_LT_AC_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
-_LT_AC_TAGVAR(no_undefined_flag, $1)=
-_LT_AC_TAGVAR(whole_archive_flag_spec, $1)=
-_LT_AC_TAGVAR(enable_shared_with_static_runtimes, $1)=no
-
-# Source file extension for f77 test sources.
-ac_ext=f
-
-# Object file extension for compiled f77 test sources.
-objext=o
-_LT_AC_TAGVAR(objext, $1)=$objext
-
-# Code to be used in simple compile tests
-lt_simple_compile_test_code="\
- subroutine t
- return
- end
-"
-
-# Code to be used in simple link tests
-lt_simple_link_test_code="\
- program t
- end
-"
-
-# ltmain only uses $CC for tagged configurations so make sure $CC is set.
-_LT_AC_SYS_COMPILER
-
-# save warnings/boilerplate of simple test code
-_LT_COMPILER_BOILERPLATE
-_LT_LINKER_BOILERPLATE
-
-# Allow CC to be a program name with arguments.
-lt_save_CC="$CC"
-CC=${F77-"f77"}
-compiler=$CC
-_LT_AC_TAGVAR(compiler, $1)=$CC
-_LT_CC_BASENAME([$compiler])
-
-AC_MSG_CHECKING([if libtool supports shared libraries])
-AC_MSG_RESULT([$can_build_shared])
-
-AC_MSG_CHECKING([whether to build shared libraries])
-test "$can_build_shared" = "no" && enable_shared=no
-
-# On AIX, shared libraries and static libraries use the same namespace, and
-# are all built from PIC.
-case $host_os in
-aix3*)
- test "$enable_shared" = yes && enable_static=no
- if test -n "$RANLIB"; then
- archive_cmds="$archive_cmds~\$RANLIB \$lib"
- postinstall_cmds='$RANLIB $lib'
- fi
- ;;
-aix[[4-9]]*)
- if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then
- test "$enable_shared" = yes && enable_static=no
- fi
- ;;
-esac
-AC_MSG_RESULT([$enable_shared])
-
-AC_MSG_CHECKING([whether to build static libraries])
-# Make sure either enable_shared or enable_static is yes.
-test "$enable_shared" = yes || enable_static=yes
-AC_MSG_RESULT([$enable_static])
-
-_LT_AC_TAGVAR(GCC, $1)="$G77"
-_LT_AC_TAGVAR(LD, $1)="$LD"
-
-AC_LIBTOOL_PROG_COMPILER_PIC($1)
-AC_LIBTOOL_PROG_CC_C_O($1)
-AC_LIBTOOL_SYS_HARD_LINK_LOCKS($1)
-AC_LIBTOOL_PROG_LD_SHLIBS($1)
-AC_LIBTOOL_SYS_DYNAMIC_LINKER($1)
-AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH($1)
-
-AC_LIBTOOL_CONFIG($1)
-
-AC_LANG_POP
-CC="$lt_save_CC"
-])# AC_LIBTOOL_LANG_F77_CONFIG
-
-
-# AC_LIBTOOL_LANG_GCJ_CONFIG
-# --------------------------
-# Ensure that the configuration vars for the C compiler are
-# suitably defined. Those variables are subsequently used by
-# AC_LIBTOOL_CONFIG to write the compiler configuration to `libtool'.
-AC_DEFUN([AC_LIBTOOL_LANG_GCJ_CONFIG], [_LT_AC_LANG_GCJ_CONFIG(GCJ)])
-AC_DEFUN([_LT_AC_LANG_GCJ_CONFIG],
-[AC_LANG_SAVE
-
-# Source file extension for Java test sources.
-ac_ext=java
-
-# Object file extension for compiled Java test sources.
-objext=o
-_LT_AC_TAGVAR(objext, $1)=$objext
-
-# Code to be used in simple compile tests
-lt_simple_compile_test_code="class foo {}"
-
-# Code to be used in simple link tests
-lt_simple_link_test_code='public class conftest { public static void main(String[[]] argv) {}; }'
-
-# ltmain only uses $CC for tagged configurations so make sure $CC is set.
-_LT_AC_SYS_COMPILER
-
-# save warnings/boilerplate of simple test code
-_LT_COMPILER_BOILERPLATE
-_LT_LINKER_BOILERPLATE
-
-# Allow CC to be a program name with arguments.
-lt_save_CC="$CC"
-CC=${GCJ-"gcj"}
-compiler=$CC
-_LT_AC_TAGVAR(compiler, $1)=$CC
-_LT_CC_BASENAME([$compiler])
-
-# GCJ did not exist at the time GCC didn't implicitly link libc in.
-_LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no
-
-_LT_AC_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
-
-## CAVEAT EMPTOR:
-## There is no encapsulation within the following macros, do not change
-## the running order or otherwise move them around unless you know exactly
-## what you are doing...
-AC_LIBTOOL_PROG_COMPILER_NO_RTTI($1)
-AC_LIBTOOL_PROG_COMPILER_PIC($1)
-AC_LIBTOOL_PROG_CC_C_O($1)
-AC_LIBTOOL_SYS_HARD_LINK_LOCKS($1)
-AC_LIBTOOL_PROG_LD_SHLIBS($1)
-AC_LIBTOOL_SYS_DYNAMIC_LINKER($1)
-AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH($1)
-
-AC_LIBTOOL_CONFIG($1)
-
-AC_LANG_RESTORE
-CC="$lt_save_CC"
-])# AC_LIBTOOL_LANG_GCJ_CONFIG
-
-
-# AC_LIBTOOL_LANG_RC_CONFIG
-# -------------------------
-# Ensure that the configuration vars for the Windows resource compiler are
-# suitably defined. Those variables are subsequently used by
-# AC_LIBTOOL_CONFIG to write the compiler configuration to `libtool'.
-AC_DEFUN([AC_LIBTOOL_LANG_RC_CONFIG], [_LT_AC_LANG_RC_CONFIG(RC)])
-AC_DEFUN([_LT_AC_LANG_RC_CONFIG],
-[AC_LANG_SAVE
-
-# Source file extension for RC test sources.
-ac_ext=rc
-
-# Object file extension for compiled RC test sources.
-objext=o
-_LT_AC_TAGVAR(objext, $1)=$objext
-
-# Code to be used in simple compile tests
-lt_simple_compile_test_code='sample MENU { MENUITEM "&Soup", 100, CHECKED }'
-
-# Code to be used in simple link tests
-lt_simple_link_test_code="$lt_simple_compile_test_code"
-
-# ltmain only uses $CC for tagged configurations so make sure $CC is set.
-_LT_AC_SYS_COMPILER
-
-# save warnings/boilerplate of simple test code
-_LT_COMPILER_BOILERPLATE
-_LT_LINKER_BOILERPLATE
-
-# Allow CC to be a program name with arguments.
-lt_save_CC="$CC"
-CC=${RC-"windres"}
-compiler=$CC
-_LT_AC_TAGVAR(compiler, $1)=$CC
-_LT_CC_BASENAME([$compiler])
-_LT_AC_TAGVAR(lt_cv_prog_compiler_c_o, $1)=yes
-
-AC_LIBTOOL_CONFIG($1)
-
-AC_LANG_RESTORE
-CC="$lt_save_CC"
-])# AC_LIBTOOL_LANG_RC_CONFIG
-
-
-# AC_LIBTOOL_CONFIG([TAGNAME])
-# ----------------------------
-# If TAGNAME is not passed, then create an initial libtool script
-# with a default configuration from the untagged config vars. Otherwise
-# add code to config.status for appending the configuration named by
-# TAGNAME from the matching tagged config vars.
-AC_DEFUN([AC_LIBTOOL_CONFIG],
-[# The else clause should only fire when bootstrapping the
-# libtool distribution, otherwise you forgot to ship ltmain.sh
-# with your package, and you will get complaints that there are
-# no rules to generate ltmain.sh.
-if test -f "$ltmain"; then
- # See if we are running on zsh, and set the options which allow our commands through
- # without removal of \ escapes.
- if test -n "${ZSH_VERSION+set}" ; then
- setopt NO_GLOB_SUBST
- fi
- # Now quote all the things that may contain metacharacters while being
- # careful not to overquote the AC_SUBSTed values. We take copies of the
- # variables and quote the copies for generation of the libtool script.
- for var in echo old_CC old_CFLAGS AR AR_FLAGS EGREP RANLIB LN_S LTCC LTCFLAGS NM \
- SED SHELL STRIP \
- libname_spec library_names_spec soname_spec extract_expsyms_cmds \
- old_striplib striplib file_magic_cmd finish_cmds finish_eval \
- deplibs_check_method reload_flag reload_cmds need_locks \
- lt_cv_sys_global_symbol_pipe lt_cv_sys_global_symbol_to_cdecl \
- lt_cv_sys_global_symbol_to_c_name_address \
- sys_lib_search_path_spec sys_lib_dlsearch_path_spec \
- old_postinstall_cmds old_postuninstall_cmds \
- _LT_AC_TAGVAR(compiler, $1) \
- _LT_AC_TAGVAR(CC, $1) \
- _LT_AC_TAGVAR(LD, $1) \
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1) \
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1) \
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1) \
- _LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1) \
- _LT_AC_TAGVAR(export_dynamic_flag_spec, $1) \
- _LT_AC_TAGVAR(thread_safe_flag_spec, $1) \
- _LT_AC_TAGVAR(whole_archive_flag_spec, $1) \
- _LT_AC_TAGVAR(enable_shared_with_static_runtimes, $1) \
- _LT_AC_TAGVAR(old_archive_cmds, $1) \
- _LT_AC_TAGVAR(old_archive_from_new_cmds, $1) \
- _LT_AC_TAGVAR(predep_objects, $1) \
- _LT_AC_TAGVAR(postdep_objects, $1) \
- _LT_AC_TAGVAR(predeps, $1) \
- _LT_AC_TAGVAR(postdeps, $1) \
- _LT_AC_TAGVAR(compiler_lib_search_path, $1) \
- _LT_AC_TAGVAR(compiler_lib_search_dirs, $1) \
- _LT_AC_TAGVAR(archive_cmds, $1) \
- _LT_AC_TAGVAR(archive_expsym_cmds, $1) \
- _LT_AC_TAGVAR(postinstall_cmds, $1) \
- _LT_AC_TAGVAR(postuninstall_cmds, $1) \
- _LT_AC_TAGVAR(old_archive_from_expsyms_cmds, $1) \
- _LT_AC_TAGVAR(allow_undefined_flag, $1) \
- _LT_AC_TAGVAR(no_undefined_flag, $1) \
- _LT_AC_TAGVAR(export_symbols_cmds, $1) \
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1) \
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec_ld, $1) \
- _LT_AC_TAGVAR(hardcode_libdir_separator, $1) \
- _LT_AC_TAGVAR(hardcode_automatic, $1) \
- _LT_AC_TAGVAR(module_cmds, $1) \
- _LT_AC_TAGVAR(module_expsym_cmds, $1) \
- _LT_AC_TAGVAR(lt_cv_prog_compiler_c_o, $1) \
- _LT_AC_TAGVAR(fix_srcfile_path, $1) \
- _LT_AC_TAGVAR(exclude_expsyms, $1) \
- _LT_AC_TAGVAR(include_expsyms, $1); do
-
- case $var in
- _LT_AC_TAGVAR(old_archive_cmds, $1) | \
- _LT_AC_TAGVAR(old_archive_from_new_cmds, $1) | \
- _LT_AC_TAGVAR(archive_cmds, $1) | \
- _LT_AC_TAGVAR(archive_expsym_cmds, $1) | \
- _LT_AC_TAGVAR(module_cmds, $1) | \
- _LT_AC_TAGVAR(module_expsym_cmds, $1) | \
- _LT_AC_TAGVAR(old_archive_from_expsyms_cmds, $1) | \
- _LT_AC_TAGVAR(export_symbols_cmds, $1) | \
- extract_expsyms_cmds | reload_cmds | finish_cmds | \
- postinstall_cmds | postuninstall_cmds | \
- old_postinstall_cmds | old_postuninstall_cmds | \
- sys_lib_search_path_spec | sys_lib_dlsearch_path_spec)
- # Double-quote double-evaled strings.
- eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$double_quote_subst\" -e \"\$sed_quote_subst\" -e \"\$delay_variable_subst\"\`\\\""
- ;;
- *)
- eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$sed_quote_subst\"\`\\\""
- ;;
- esac
- done
-
- case $lt_echo in
- *'\[$]0 --fallback-echo"')
- lt_echo=`$echo "X$lt_echo" | $Xsed -e 's/\\\\\\\[$]0 --fallback-echo"[$]/[$]0 --fallback-echo"/'`
- ;;
- esac
-
-ifelse([$1], [],
- [cfgfile="${ofile}T"
- trap "$rm \"$cfgfile\"; exit 1" 1 2 15
- $rm -f "$cfgfile"
- AC_MSG_NOTICE([creating $ofile])],
- [cfgfile="$ofile"])
-
- cat <<__EOF__ >> "$cfgfile"
-ifelse([$1], [],
-[#! $SHELL
-
-# `$echo "$cfgfile" | sed 's%^.*/%%'` - Provide generalized library-building support services.
-# Generated automatically by $PROGRAM (GNU $PACKAGE $VERSION$TIMESTAMP)
-# NOTE: Changes made to this file will be lost: look at ltmain.sh.
-#
-# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008
-# Free Software Foundation, Inc.
-#
-# This file is part of GNU Libtool:
-# Originally by Gordon Matzigkeit <gord at gnu.ai.mit.edu>, 1996
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-#
-# As a special exception to the GNU General Public License, if you
-# distribute this file as part of a program that contains a
-# configuration script generated by Autoconf, you may include it under
-# the same distribution terms that you use for the rest of that program.
-
-# A sed program that does not truncate output.
-SED=$lt_SED
-
-# Sed that helps us avoid accidentally triggering echo(1) options like -n.
-Xsed="$SED -e 1s/^X//"
-
-# The HP-UX ksh and POSIX shell print the target directory to stdout
-# if CDPATH is set.
-(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
-
-# The names of the tagged configurations supported by this script.
-available_tags=
-
-# ### BEGIN LIBTOOL CONFIG],
-[# ### BEGIN LIBTOOL TAG CONFIG: $tagname])
-
-# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`:
-
-# Shell to use when invoking shell scripts.
-SHELL=$lt_SHELL
-
-# Whether or not to build shared libraries.
-build_libtool_libs=$enable_shared
-
-# Whether or not to build static libraries.
-build_old_libs=$enable_static
-
-# Whether or not to add -lc for building shared libraries.
-build_libtool_need_lc=$_LT_AC_TAGVAR(archive_cmds_need_lc, $1)
-
-# Whether or not to disallow shared libs when runtime libs are static
-allow_libtool_libs_with_static_runtimes=$_LT_AC_TAGVAR(enable_shared_with_static_runtimes, $1)
-
-# Whether or not to optimize for fast installation.
-fast_install=$enable_fast_install
-
-# The host system.
-host_alias=$host_alias
-host=$host
-host_os=$host_os
-
-# The build system.
-build_alias=$build_alias
-build=$build
-build_os=$build_os
-
-# An echo program that does not interpret backslashes.
-echo=$lt_echo
-
-# The archiver.
-AR=$lt_AR
-AR_FLAGS=$lt_AR_FLAGS
-
-# A C compiler.
-LTCC=$lt_LTCC
-
-# LTCC compiler flags.
-LTCFLAGS=$lt_LTCFLAGS
-
-# A language-specific compiler.
-CC=$lt_[]_LT_AC_TAGVAR(compiler, $1)
-
-# Is the compiler the GNU C compiler?
-with_gcc=$_LT_AC_TAGVAR(GCC, $1)
-
-# An ERE matcher.
-EGREP=$lt_EGREP
-
-# The linker used to build libraries.
-LD=$lt_[]_LT_AC_TAGVAR(LD, $1)
-
-# Whether we need hard or soft links.
-LN_S=$lt_LN_S
-
-# A BSD-compatible nm program.
-NM=$lt_NM
-
-# A symbol stripping program
-STRIP=$lt_STRIP
-
-# Used to examine libraries when file_magic_cmd begins "file"
-MAGIC_CMD=$MAGIC_CMD
-
-# Used on cygwin: DLL creation program.
-DLLTOOL="$DLLTOOL"
-
-# Used on cygwin: object dumper.
-OBJDUMP="$OBJDUMP"
-
-# Used on cygwin: assembler.
-AS="$AS"
-
-# The name of the directory that contains temporary libtool files.
-objdir=$objdir
-
-# How to create reloadable object files.
-reload_flag=$lt_reload_flag
-reload_cmds=$lt_reload_cmds
-
-# How to pass a linker flag through the compiler.
-wl=$lt_[]_LT_AC_TAGVAR(lt_prog_compiler_wl, $1)
-
-# Object file suffix (normally "o").
-objext="$ac_objext"
-
-# Old archive suffix (normally "a").
-libext="$libext"
-
-# Shared library suffix (normally ".so").
-shrext_cmds='$shrext_cmds'
-
-# Executable file suffix (normally "").
-exeext="$exeext"
-
-# Additional compiler flags for building library objects.
-pic_flag=$lt_[]_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)
-pic_mode=$pic_mode
-
-# What is the maximum length of a command?
-max_cmd_len=$lt_cv_sys_max_cmd_len
-
-# Does compiler simultaneously support -c and -o options?
-compiler_c_o=$lt_[]_LT_AC_TAGVAR(lt_cv_prog_compiler_c_o, $1)
-
-# Must we lock files when doing compilation?
-need_locks=$lt_need_locks
-
-# Do we need the lib prefix for modules?
-need_lib_prefix=$need_lib_prefix
-
-# Do we need a version for libraries?
-need_version=$need_version
-
-# Whether dlopen is supported.
-dlopen_support=$enable_dlopen
-
-# Whether dlopen of programs is supported.
-dlopen_self=$enable_dlopen_self
-
-# Whether dlopen of statically linked programs is supported.
-dlopen_self_static=$enable_dlopen_self_static
-
-# Compiler flag to prevent dynamic linking.
-link_static_flag=$lt_[]_LT_AC_TAGVAR(lt_prog_compiler_static, $1)
-
-# Compiler flag to turn off builtin functions.
-no_builtin_flag=$lt_[]_LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)
-
-# Compiler flag to allow reflexive dlopens.
-export_dynamic_flag_spec=$lt_[]_LT_AC_TAGVAR(export_dynamic_flag_spec, $1)
-
-# Compiler flag to generate shared objects directly from archives.
-whole_archive_flag_spec=$lt_[]_LT_AC_TAGVAR(whole_archive_flag_spec, $1)
-
-# Compiler flag to generate thread-safe objects.
-thread_safe_flag_spec=$lt_[]_LT_AC_TAGVAR(thread_safe_flag_spec, $1)
-
-# Library versioning type.
-version_type=$version_type
-
-# Format of library name prefix.
-libname_spec=$lt_libname_spec
-
-# List of archive names. First name is the real one, the rest are links.
-# The last name is the one that the linker finds with -lNAME.
-library_names_spec=$lt_library_names_spec
-
-# The coded name of the library, if different from the real name.
-soname_spec=$lt_soname_spec
-
-# Commands used to build and install an old-style archive.
-RANLIB=$lt_RANLIB
-old_archive_cmds=$lt_[]_LT_AC_TAGVAR(old_archive_cmds, $1)
-old_postinstall_cmds=$lt_old_postinstall_cmds
-old_postuninstall_cmds=$lt_old_postuninstall_cmds
-
-# Create an old-style archive from a shared archive.
-old_archive_from_new_cmds=$lt_[]_LT_AC_TAGVAR(old_archive_from_new_cmds, $1)
-
-# Create a temporary old-style archive to link instead of a shared archive.
-old_archive_from_expsyms_cmds=$lt_[]_LT_AC_TAGVAR(old_archive_from_expsyms_cmds, $1)
-
-# Commands used to build and install a shared archive.
-archive_cmds=$lt_[]_LT_AC_TAGVAR(archive_cmds, $1)
-archive_expsym_cmds=$lt_[]_LT_AC_TAGVAR(archive_expsym_cmds, $1)
-postinstall_cmds=$lt_postinstall_cmds
-postuninstall_cmds=$lt_postuninstall_cmds
-
-# Commands used to build a loadable module (assumed same as above if empty)
-module_cmds=$lt_[]_LT_AC_TAGVAR(module_cmds, $1)
-module_expsym_cmds=$lt_[]_LT_AC_TAGVAR(module_expsym_cmds, $1)
-
-# Commands to strip libraries.
-old_striplib=$lt_old_striplib
-striplib=$lt_striplib
-
-# Dependencies to place before the objects being linked to create a
-# shared library.
-predep_objects=$lt_[]_LT_AC_TAGVAR(predep_objects, $1)
-
-# Dependencies to place after the objects being linked to create a
-# shared library.
-postdep_objects=$lt_[]_LT_AC_TAGVAR(postdep_objects, $1)
-
-# Dependencies to place before the objects being linked to create a
-# shared library.
-predeps=$lt_[]_LT_AC_TAGVAR(predeps, $1)
-
-# Dependencies to place after the objects being linked to create a
-# shared library.
-postdeps=$lt_[]_LT_AC_TAGVAR(postdeps, $1)
-
-# The directories searched by this compiler when creating a shared
-# library
-compiler_lib_search_dirs=$lt_[]_LT_AC_TAGVAR(compiler_lib_search_dirs, $1)
-
-# The library search path used internally by the compiler when linking
-# a shared library.
-compiler_lib_search_path=$lt_[]_LT_AC_TAGVAR(compiler_lib_search_path, $1)
-
-# Method to check whether dependent libraries are shared objects.
-deplibs_check_method=$lt_deplibs_check_method
-
-# Command to use when deplibs_check_method == file_magic.
-file_magic_cmd=$lt_file_magic_cmd
-
-# Flag that allows shared libraries with undefined symbols to be built.
-allow_undefined_flag=$lt_[]_LT_AC_TAGVAR(allow_undefined_flag, $1)
-
-# Flag that forces no undefined symbols.
-no_undefined_flag=$lt_[]_LT_AC_TAGVAR(no_undefined_flag, $1)
-
-# Commands used to finish a libtool library installation in a directory.
-finish_cmds=$lt_finish_cmds
-
-# Same as above, but a single script fragment to be evaled but not shown.
-finish_eval=$lt_finish_eval
-
-# Take the output of nm and produce a listing of raw symbols and C names.
-global_symbol_pipe=$lt_lt_cv_sys_global_symbol_pipe
-
-# Transform the output of nm in a proper C declaration
-global_symbol_to_cdecl=$lt_lt_cv_sys_global_symbol_to_cdecl
-
-# Transform the output of nm in a C name address pair
-global_symbol_to_c_name_address=$lt_lt_cv_sys_global_symbol_to_c_name_address
-
-# This is the shared library runtime path variable.
-runpath_var=$runpath_var
-
-# This is the shared library path variable.
-shlibpath_var=$shlibpath_var
-
-# Is shlibpath searched before the hard-coded library search path?
-shlibpath_overrides_runpath=$shlibpath_overrides_runpath
-
-# How to hardcode a shared library path into an executable.
-hardcode_action=$_LT_AC_TAGVAR(hardcode_action, $1)
-
-# Whether we should hardcode library paths into libraries.
-hardcode_into_libs=$hardcode_into_libs
-
-# Flag to hardcode \$libdir into a binary during linking.
-# This must work even if \$libdir does not exist.
-hardcode_libdir_flag_spec=$lt_[]_LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)
-
-# If ld is used when linking, flag to hardcode \$libdir into
-# a binary during linking. This must work even if \$libdir does
-# not exist.
-hardcode_libdir_flag_spec_ld=$lt_[]_LT_AC_TAGVAR(hardcode_libdir_flag_spec_ld, $1)
-
-# Whether we need a single -rpath flag with a separated argument.
-hardcode_libdir_separator=$lt_[]_LT_AC_TAGVAR(hardcode_libdir_separator, $1)
-
-# Set to yes if using DIR/libNAME${shared_ext} during linking hardcodes DIR into the
-# resulting binary.
-hardcode_direct=$_LT_AC_TAGVAR(hardcode_direct, $1)
-
-# Set to yes if using the -LDIR flag during linking hardcodes DIR into the
-# resulting binary.
-hardcode_minus_L=$_LT_AC_TAGVAR(hardcode_minus_L, $1)
-
-# Set to yes if using SHLIBPATH_VAR=DIR during linking hardcodes DIR into
-# the resulting binary.
-hardcode_shlibpath_var=$_LT_AC_TAGVAR(hardcode_shlibpath_var, $1)
-
-# Set to yes if building a shared library automatically hardcodes DIR into the library
-# and all subsequent libraries and executables linked against it.
-hardcode_automatic=$_LT_AC_TAGVAR(hardcode_automatic, $1)
-
-# Variables whose values should be saved in libtool wrapper scripts and
-# restored at relink time.
-variables_saved_for_relink="$variables_saved_for_relink"
-
-# Whether libtool must link a program against all its dependency libraries.
-link_all_deplibs=$_LT_AC_TAGVAR(link_all_deplibs, $1)
-
-# Compile-time system search path for libraries
-sys_lib_search_path_spec=$lt_sys_lib_search_path_spec
-
-# Run-time system search path for libraries
-sys_lib_dlsearch_path_spec=$lt_sys_lib_dlsearch_path_spec
-
-# Fix the shell variable \$srcfile for the compiler.
-fix_srcfile_path=$lt_fix_srcfile_path
-
-# Set to yes if exported symbols are required.
-always_export_symbols=$_LT_AC_TAGVAR(always_export_symbols, $1)
-
-# The commands to list exported symbols.
-export_symbols_cmds=$lt_[]_LT_AC_TAGVAR(export_symbols_cmds, $1)
-
-# The commands to extract the exported symbol list from a shared archive.
-extract_expsyms_cmds=$lt_extract_expsyms_cmds
-
-# Symbols that should not be listed in the preloaded symbols.
-exclude_expsyms=$lt_[]_LT_AC_TAGVAR(exclude_expsyms, $1)
-
-# Symbols that must always be exported.
-include_expsyms=$lt_[]_LT_AC_TAGVAR(include_expsyms, $1)
-
-ifelse([$1],[],
-[# ### END LIBTOOL CONFIG],
-[# ### END LIBTOOL TAG CONFIG: $tagname])
-
-__EOF__
-
-ifelse([$1],[], [
- case $host_os in
- aix3*)
- cat <<\EOF >> "$cfgfile"
-
-# AIX sometimes has problems with the GCC collect2 program. For some
-# reason, if we set the COLLECT_NAMES environment variable, the problems
-# vanish in a puff of smoke.
-if test "X${COLLECT_NAMES+set}" != Xset; then
- COLLECT_NAMES=
- export COLLECT_NAMES
-fi
-EOF
- ;;
- esac
-
- # We use sed instead of cat because bash on DJGPP gets confused if
- # if finds mixed CR/LF and LF-only lines. Since sed operates in
- # text mode, it properly converts lines to CR/LF. This bash problem
- # is reportedly fixed, but why not run on old versions too?
- sed '$q' "$ltmain" >> "$cfgfile" || (rm -f "$cfgfile"; exit 1)
-
- mv -f "$cfgfile" "$ofile" || \
- (rm -f "$ofile" && cp "$cfgfile" "$ofile" && rm -f "$cfgfile")
- chmod +x "$ofile"
-])
-else
- # If there is no Makefile yet, we rely on a make rule to execute
- # `config.status --recheck' to rerun these tests and create the
- # libtool script then.
- ltmain_in=`echo $ltmain | sed -e 's/\.sh$/.in/'`
- if test -f "$ltmain_in"; then
- test -f Makefile && make "$ltmain"
- fi
-fi
-])# AC_LIBTOOL_CONFIG
-
-
-# AC_LIBTOOL_PROG_COMPILER_NO_RTTI([TAGNAME])
-# -------------------------------------------
-AC_DEFUN([AC_LIBTOOL_PROG_COMPILER_NO_RTTI],
-[AC_REQUIRE([_LT_AC_SYS_COMPILER])dnl
-
-_LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=
-
-if test "$GCC" = yes; then
- _LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -fno-builtin'
-
- AC_LIBTOOL_COMPILER_OPTION([if $compiler supports -fno-rtti -fno-exceptions],
- lt_cv_prog_compiler_rtti_exceptions,
- [-fno-rtti -fno-exceptions], [],
- [_LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)="$_LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1) -fno-rtti -fno-exceptions"])
-fi
-])# AC_LIBTOOL_PROG_COMPILER_NO_RTTI
-
-
-# AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE
-# ---------------------------------
-AC_DEFUN([AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE],
-[AC_REQUIRE([AC_CANONICAL_HOST])
-AC_REQUIRE([LT_AC_PROG_SED])
-AC_REQUIRE([AC_PROG_NM])
-AC_REQUIRE([AC_OBJEXT])
-# Check for command to grab the raw symbol name followed by C symbol from nm.
-AC_MSG_CHECKING([command to parse $NM output from $compiler object])
-AC_CACHE_VAL([lt_cv_sys_global_symbol_pipe],
-[
-# These are sane defaults that work on at least a few old systems.
-# [They come from Ultrix. What could be older than Ultrix?!! ;)]
-
-# Character class describing NM global symbol codes.
-symcode='[[BCDEGRST]]'
-
-# Regexp to match symbols that can be accessed directly from C.
-sympat='\([[_A-Za-z]][[_A-Za-z0-9]]*\)'
-
-# Transform an extracted symbol line into a proper C declaration
-lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^. .* \(.*\)$/extern int \1;/p'"
-
-# Transform an extracted symbol line into symbol name and symbol address
-lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([[^ ]]*\) $/ {\\\"\1\\\", (lt_ptr) 0},/p' -e 's/^$symcode \([[^ ]]*\) \([[^ ]]*\)$/ {\"\2\", (lt_ptr) \&\2},/p'"
-
-# Define system-specific variables.
-case $host_os in
-aix*)
- symcode='[[BCDT]]'
- ;;
-cygwin* | mingw* | pw32*)
- symcode='[[ABCDGISTW]]'
- ;;
-hpux*) # Its linker distinguishes data from code symbols
- if test "$host_cpu" = ia64; then
- symcode='[[ABCDEGRST]]'
- fi
- lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'"
- lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([[^ ]]*\) $/ {\\\"\1\\\", (lt_ptr) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/ {\"\2\", (lt_ptr) \&\2},/p'"
- ;;
-linux* | k*bsd*-gnu)
- if test "$host_cpu" = ia64; then
- symcode='[[ABCDGIRSTW]]'
- lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'"
- lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([[^ ]]*\) $/ {\\\"\1\\\", (lt_ptr) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/ {\"\2\", (lt_ptr) \&\2},/p'"
- fi
- ;;
-irix* | nonstopux*)
- symcode='[[BCDEGRST]]'
- ;;
-osf*)
- symcode='[[BCDEGQRST]]'
- ;;
-solaris*)
- symcode='[[BDRT]]'
- ;;
-sco3.2v5*)
- symcode='[[DT]]'
- ;;
-sysv4.2uw2*)
- symcode='[[DT]]'
- ;;
-sysv5* | sco5v6* | unixware* | OpenUNIX*)
- symcode='[[ABDT]]'
- ;;
-sysv4)
- symcode='[[DFNSTU]]'
- ;;
-esac
-
-# Handle CRLF in mingw tool chain
-opt_cr=
-case $build_os in
-mingw*)
- opt_cr=`echo 'x\{0,1\}' | tr x '\015'` # option cr in regexp
- ;;
-esac
-
-# If we're using GNU nm, then use its standard symbol codes.
-case `$NM -V 2>&1` in
-*GNU* | *'with BFD'*)
- symcode='[[ABCDGIRSTW]]' ;;
-esac
-
-# Try without a prefix undercore, then with it.
-for ac_symprfx in "" "_"; do
-
- # Transform symcode, sympat, and symprfx into a raw symbol and a C symbol.
- symxfrm="\\1 $ac_symprfx\\2 \\2"
-
- # Write the raw and C identifiers.
- lt_cv_sys_global_symbol_pipe="sed -n -e 's/^.*[[ ]]\($symcode$symcode*\)[[ ]][[ ]]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'"
-
- # Check to see that the pipe works correctly.
- pipe_works=no
-
- rm -f conftest*
- cat > conftest.$ac_ext <<EOF
-#ifdef __cplusplus
-extern "C" {
-#endif
-char nm_test_var;
-void nm_test_func(){}
-#ifdef __cplusplus
-}
-#endif
-int main(){nm_test_var='a';nm_test_func();return(0);}
-EOF
-
- if AC_TRY_EVAL(ac_compile); then
- # Now try to grab the symbols.
- nlist=conftest.nm
- if AC_TRY_EVAL(NM conftest.$ac_objext \| $lt_cv_sys_global_symbol_pipe \> $nlist) && test -s "$nlist"; then
- # Try sorting and uniquifying the output.
- if sort "$nlist" | uniq > "$nlist"T; then
- mv -f "$nlist"T "$nlist"
- else
- rm -f "$nlist"T
- fi
-
- # Make sure that we snagged all the symbols we need.
- if grep ' nm_test_var$' "$nlist" >/dev/null; then
- if grep ' nm_test_func$' "$nlist" >/dev/null; then
- cat <<EOF > conftest.$ac_ext
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-EOF
- # Now generate the symbol file.
- eval "$lt_cv_sys_global_symbol_to_cdecl"' < "$nlist" | grep -v main >> conftest.$ac_ext'
-
- cat <<EOF >> conftest.$ac_ext
-#if defined (__STDC__) && __STDC__
-# define lt_ptr_t void *
-#else
-# define lt_ptr_t char *
-# define const
-#endif
-
-/* The mapping between symbol names and symbols. */
-const struct {
- const char *name;
- lt_ptr_t address;
-}
-lt_preloaded_symbols[[]] =
-{
-EOF
- $SED "s/^$symcode$symcode* \(.*\) \(.*\)$/ {\"\2\", (lt_ptr_t) \&\2},/" < "$nlist" | grep -v main >> conftest.$ac_ext
- cat <<\EOF >> conftest.$ac_ext
- {0, (lt_ptr_t) 0}
-};
-
-#ifdef __cplusplus
-}
-#endif
-EOF
- # Now try linking the two files.
- mv conftest.$ac_objext conftstm.$ac_objext
- lt_save_LIBS="$LIBS"
- lt_save_CFLAGS="$CFLAGS"
- LIBS="conftstm.$ac_objext"
- CFLAGS="$CFLAGS$_LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)"
- if AC_TRY_EVAL(ac_link) && test -s conftest${ac_exeext}; then
- pipe_works=yes
- fi
- LIBS="$lt_save_LIBS"
- CFLAGS="$lt_save_CFLAGS"
- else
- echo "cannot find nm_test_func in $nlist" >&AS_MESSAGE_LOG_FD
- fi
- else
- echo "cannot find nm_test_var in $nlist" >&AS_MESSAGE_LOG_FD
- fi
- else
- echo "cannot run $lt_cv_sys_global_symbol_pipe" >&AS_MESSAGE_LOG_FD
- fi
- else
- echo "$progname: failed program was:" >&AS_MESSAGE_LOG_FD
- cat conftest.$ac_ext >&5
- fi
- rm -rf conftest* conftst*
-
- # Do not use the global_symbol_pipe unless it works.
- if test "$pipe_works" = yes; then
- break
- else
- lt_cv_sys_global_symbol_pipe=
- fi
-done
-])
-if test -z "$lt_cv_sys_global_symbol_pipe"; then
- lt_cv_sys_global_symbol_to_cdecl=
-fi
-if test -z "$lt_cv_sys_global_symbol_pipe$lt_cv_sys_global_symbol_to_cdecl"; then
- AC_MSG_RESULT(failed)
-else
- AC_MSG_RESULT(ok)
-fi
-]) # AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE
-
-
-# AC_LIBTOOL_PROG_COMPILER_PIC([TAGNAME])
-# ---------------------------------------
-AC_DEFUN([AC_LIBTOOL_PROG_COMPILER_PIC],
-[_LT_AC_TAGVAR(lt_prog_compiler_wl, $1)=
-_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)=
-_LT_AC_TAGVAR(lt_prog_compiler_static, $1)=
-
-AC_MSG_CHECKING([for $compiler option to produce PIC])
- ifelse([$1],[CXX],[
- # C++ specific cases for pic, static, wl, etc.
- if test "$GXX" = yes; then
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-static'
-
- case $host_os in
- aix*)
- # All AIX code is PIC.
- if test "$host_cpu" = ia64; then
- # AIX 5 now supports IA64 processor
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
- fi
- ;;
- amigaos*)
- # FIXME: we need at least 68020 code to build shared libraries, but
- # adding the `-m68020' flag to GCC prevents building anything better,
- # like `-m68040'.
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-m68020 -resident32 -malways-restore-a4'
- ;;
- beos* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*)
- # PIC is the default for these OSes.
- ;;
- mingw* | cygwin* | os2* | pw32*)
- # This hack is so that the source file can tell whether it is being
- # built for inclusion in a dll (and should export symbols for example).
- # Although the cygwin gcc ignores -fPIC, still need this for old-style
- # (--disable-auto-import) libraries
- m4_if([$1], [GCJ], [],
- [_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT'])
- ;;
- darwin* | rhapsody*)
- # PIC is the default on this platform
- # Common symbols not allowed in MH_DYLIB files
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fno-common'
- ;;
- *djgpp*)
- # DJGPP does not support shared libraries at all
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)=
- ;;
- interix[[3-9]]*)
- # Interix 3.x gcc -fpic/-fPIC options generate broken code.
- # Instead, we relocate shared libraries at runtime.
- ;;
- sysv4*MP*)
- if test -d /usr/nec; then
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)=-Kconform_pic
- fi
- ;;
- hpux*)
- # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but
- # not for PA HP-UX.
- case $host_cpu in
- hppa*64*|ia64*)
- ;;
- *)
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
- ;;
- esac
- ;;
- *)
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
- ;;
- esac
- else
- case $host_os in
- aix[[4-9]]*)
- # All AIX code is PIC.
- if test "$host_cpu" = ia64; then
- # AIX 5 now supports IA64 processor
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
- else
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-bnso -bI:/lib/syscalls.exp'
- fi
- ;;
- chorus*)
- case $cc_basename in
- cxch68*)
- # Green Hills C++ Compiler
- # _LT_AC_TAGVAR(lt_prog_compiler_static, $1)="--no_auto_instantiation -u __main -u __premain -u _abort -r $COOL_DIR/lib/libOrb.a $MVME_DIR/lib/CC/libC.a $MVME_DIR/lib/classix/libcx.s.a"
- ;;
- esac
- ;;
- darwin*)
- # PIC is the default on this platform
- # Common symbols not allowed in MH_DYLIB files
- case $cc_basename in
- xlc*)
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-qnocommon'
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
- ;;
- esac
- ;;
- dgux*)
- case $cc_basename in
- ec++*)
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
- ;;
- ghcx*)
- # Green Hills C++ Compiler
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
- ;;
- *)
- ;;
- esac
- ;;
- freebsd* | dragonfly*)
- # FreeBSD uses GNU C++
- ;;
- hpux9* | hpux10* | hpux11*)
- case $cc_basename in
- CC*)
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive'
- if test "$host_cpu" != ia64; then
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='+Z'
- fi
- ;;
- aCC*)
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive'
- case $host_cpu in
- hppa*64*|ia64*)
- # +Z the default
- ;;
- *)
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='+Z'
- ;;
- esac
- ;;
- *)
- ;;
- esac
- ;;
- interix*)
- # This is c89, which is MS Visual C++ (no shared libs)
- # Anyone wants to do a port?
- ;;
- irix5* | irix6* | nonstopux*)
- case $cc_basename in
- CC*)
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
- # CC pic flag -KPIC is the default.
- ;;
- *)
- ;;
- esac
- ;;
- linux* | k*bsd*-gnu)
- case $cc_basename in
- KCC*)
- # KAI C++ Compiler
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='--backend -Wl,'
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
- ;;
- icpc* | ecpc*)
- # Intel C++
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-static'
- ;;
- pgCC* | pgcpp*)
- # Portland Group C++ compiler.
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fpic'
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
- ;;
- cxx*)
- # Compaq C++
- # Make sure the PIC flag is empty. It appears that all Alpha
- # Linux and Compaq Tru64 Unix objects are PIC.
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)=
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
- ;;
- *)
- case `$CC -V 2>&1 | sed 5q` in
- *Sun\ C*)
- # Sun C++ 5.9
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld '
- ;;
- esac
- ;;
- esac
- ;;
- lynxos*)
- ;;
- m88k*)
- ;;
- mvs*)
- case $cc_basename in
- cxx*)
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-W c,exportall'
- ;;
- *)
- ;;
- esac
- ;;
- netbsd*)
- ;;
- osf3* | osf4* | osf5*)
- case $cc_basename in
- KCC*)
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='--backend -Wl,'
- ;;
- RCC*)
- # Rational C++ 2.4.1
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
- ;;
- cxx*)
- # Digital/Compaq C++
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
- # Make sure the PIC flag is empty. It appears that all Alpha
- # Linux and Compaq Tru64 Unix objects are PIC.
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)=
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
- ;;
- *)
- ;;
- esac
- ;;
- psos*)
- ;;
- solaris*)
- case $cc_basename in
- CC*)
- # Sun C++ 4.2, 5.x and Centerline C++
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld '
- ;;
- gcx*)
- # Green Hills C++ Compiler
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-PIC'
- ;;
- *)
- ;;
- esac
- ;;
- sunos4*)
- case $cc_basename in
- CC*)
- # Sun C++ 4.x
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
- ;;
- lcc*)
- # Lucid
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
- ;;
- *)
- ;;
- esac
- ;;
- tandem*)
- case $cc_basename in
- NCC*)
- # NonStop-UX NCC 3.20
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
- ;;
- *)
- ;;
- esac
- ;;
- sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*)
- case $cc_basename in
- CC*)
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
- ;;
- esac
- ;;
- vxworks*)
- ;;
- *)
- _LT_AC_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no
- ;;
- esac
- fi
-],
-[
- if test "$GCC" = yes; then
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-static'
-
- case $host_os in
- aix*)
- # All AIX code is PIC.
- if test "$host_cpu" = ia64; then
- # AIX 5 now supports IA64 processor
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
- fi
- ;;
-
- amigaos*)
- # FIXME: we need at least 68020 code to build shared libraries, but
- # adding the `-m68020' flag to GCC prevents building anything better,
- # like `-m68040'.
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-m68020 -resident32 -malways-restore-a4'
- ;;
-
- beos* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*)
- # PIC is the default for these OSes.
- ;;
-
- mingw* | cygwin* | pw32* | os2*)
- # This hack is so that the source file can tell whether it is being
- # built for inclusion in a dll (and should export symbols for example).
- # Although the cygwin gcc ignores -fPIC, still need this for old-style
- # (--disable-auto-import) libraries
- m4_if([$1], [GCJ], [],
- [_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT'])
- ;;
-
- darwin* | rhapsody*)
- # PIC is the default on this platform
- # Common symbols not allowed in MH_DYLIB files
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fno-common'
- ;;
-
- interix[[3-9]]*)
- # Interix 3.x gcc -fpic/-fPIC options generate broken code.
- # Instead, we relocate shared libraries at runtime.
- ;;
-
- msdosdjgpp*)
- # Just because we use GCC doesn't mean we suddenly get shared libraries
- # on systems that don't support them.
- _LT_AC_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no
- enable_shared=no
- ;;
-
- sysv4*MP*)
- if test -d /usr/nec; then
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)=-Kconform_pic
- fi
- ;;
-
- hpux*)
- # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but
- # not for PA HP-UX.
- case $host_cpu in
- hppa*64*|ia64*)
- # +Z the default
- ;;
- *)
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
- ;;
- esac
- ;;
-
- *)
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
- ;;
- esac
- else
- # PORTME Check for flag to pass linker flags through the system compiler.
- case $host_os in
- aix*)
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
- if test "$host_cpu" = ia64; then
- # AIX 5 now supports IA64 processor
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
- else
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-bnso -bI:/lib/syscalls.exp'
- fi
- ;;
- darwin*)
- # PIC is the default on this platform
- # Common symbols not allowed in MH_DYLIB files
- case $cc_basename in
- xlc*)
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-qnocommon'
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
- ;;
- esac
- ;;
-
- mingw* | cygwin* | pw32* | os2*)
- # This hack is so that the source file can tell whether it is being
- # built for inclusion in a dll (and should export symbols for example).
- m4_if([$1], [GCJ], [],
- [_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT'])
- ;;
-
- hpux9* | hpux10* | hpux11*)
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
- # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but
- # not for PA HP-UX.
- case $host_cpu in
- hppa*64*|ia64*)
- # +Z the default
- ;;
- *)
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='+Z'
- ;;
- esac
- # Is there a better lt_prog_compiler_static that works with the bundled CC?
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive'
- ;;
-
- irix5* | irix6* | nonstopux*)
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
- # PIC (with -KPIC) is the default.
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
- ;;
-
- newsos6)
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
- ;;
-
- linux* | k*bsd*-gnu)
- case $cc_basename in
- icc* | ecc*)
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-static'
- ;;
- pgcc* | pgf77* | pgf90* | pgf95*)
- # Portland Group compilers (*not* the Pentium gcc compiler,
- # which looks to be a dead project)
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fpic'
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
- ;;
- ccc*)
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
- # All Alpha code is PIC.
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
- ;;
- *)
- case `$CC -V 2>&1 | sed 5q` in
- *Sun\ C*)
- # Sun C 5.9
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
- ;;
- *Sun\ F*)
- # Sun Fortran 8.3 passes all unrecognized flags to the linker
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)=''
- ;;
- esac
- ;;
- esac
- ;;
-
- osf3* | osf4* | osf5*)
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
- # All OSF/1 code is PIC.
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
- ;;
-
- rdos*)
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
- ;;
-
- solaris*)
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
- case $cc_basename in
- f77* | f90* | f95*)
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ';;
- *)
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,';;
- esac
- ;;
-
- sunos4*)
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld '
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-PIC'
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
- ;;
-
- sysv4 | sysv4.2uw2* | sysv4.3*)
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
- ;;
-
- sysv4*MP*)
- if test -d /usr/nec ;then
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-Kconform_pic'
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
- fi
- ;;
-
- sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*)
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
- ;;
-
- unicos*)
- _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
- _LT_AC_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no
- ;;
-
- uts4*)
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
- _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
- ;;
-
- *)
- _LT_AC_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no
- ;;
- esac
- fi
-])
-AC_MSG_RESULT([$_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)])
-
-#
-# Check to make sure the PIC flag actually works.
-#
-if test -n "$_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)"; then
- AC_LIBTOOL_COMPILER_OPTION([if $compiler PIC flag $_LT_AC_TAGVAR(lt_prog_compiler_pic, $1) works],
- _LT_AC_TAGVAR(lt_cv_prog_compiler_pic_works, $1),
- [$_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)ifelse([$1],[],[ -DPIC],[ifelse([$1],[CXX],[ -DPIC],[])])], [],
- [case $_LT_AC_TAGVAR(lt_prog_compiler_pic, $1) in
- "" | " "*) ;;
- *) _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)=" $_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)" ;;
- esac],
- [_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)=
- _LT_AC_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no])
-fi
-case $host_os in
- # For platforms which do not support PIC, -DPIC is meaningless:
- *djgpp*)
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)=
- ;;
- *)
- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)="$_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)ifelse([$1],[],[ -DPIC],[ifelse([$1],[CXX],[ -DPIC],[])])"
- ;;
-esac
-
-#
-# Check to make sure the static flag actually works.
-#
-wl=$_LT_AC_TAGVAR(lt_prog_compiler_wl, $1) eval lt_tmp_static_flag=\"$_LT_AC_TAGVAR(lt_prog_compiler_static, $1)\"
-AC_LIBTOOL_LINKER_OPTION([if $compiler static flag $lt_tmp_static_flag works],
- _LT_AC_TAGVAR(lt_cv_prog_compiler_static_works, $1),
- $lt_tmp_static_flag,
- [],
- [_LT_AC_TAGVAR(lt_prog_compiler_static, $1)=])
-])
-
-
-# AC_LIBTOOL_PROG_LD_SHLIBS([TAGNAME])
-# ------------------------------------
-# See if the linker supports building shared libraries.
-AC_DEFUN([AC_LIBTOOL_PROG_LD_SHLIBS],
-[AC_REQUIRE([LT_AC_PROG_SED])dnl
-AC_MSG_CHECKING([whether the $compiler linker ($LD) supports shared libraries])
-ifelse([$1],[CXX],[
- _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
- case $host_os in
- aix[[4-9]]*)
- # If we're using GNU nm, then we don't want the "-C" option.
- # -C means demangle to AIX nm, but means don't demangle with GNU nm
- if $NM -V 2>&1 | grep 'GNU' > /dev/null; then
- _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\[$]2 == "T") || (\[$]2 == "D") || (\[$]2 == "B")) && ([substr](\[$]3,1,1) != ".")) { print \[$]3 } }'\'' | sort -u > $export_symbols'
- else
- _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\[$]2 == "T") || (\[$]2 == "D") || (\[$]2 == "B")) && ([substr](\[$]3,1,1) != ".")) { print \[$]3 } }'\'' | sort -u > $export_symbols'
- fi
- ;;
- pw32*)
- _LT_AC_TAGVAR(export_symbols_cmds, $1)="$ltdll_cmds"
- ;;
- cygwin* | mingw*)
- _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/;/^.*[[ ]]__nm__/s/^.*[[ ]]__nm__\([[^ ]]*\)[[ ]][[^ ]]*/\1 DATA/;/^I[[ ]]/d;/^[[AITW]][[ ]]/s/.*[[ ]]//'\'' | sort | uniq > $export_symbols'
- ;;
- *)
- _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
- ;;
- esac
- _LT_AC_TAGVAR(exclude_expsyms, $1)=['_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*']
-],[
- runpath_var=
- _LT_AC_TAGVAR(allow_undefined_flag, $1)=
- _LT_AC_TAGVAR(enable_shared_with_static_runtimes, $1)=no
- _LT_AC_TAGVAR(archive_cmds, $1)=
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)=
- _LT_AC_TAGVAR(old_archive_From_new_cmds, $1)=
- _LT_AC_TAGVAR(old_archive_from_expsyms_cmds, $1)=
- _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)=
- _LT_AC_TAGVAR(whole_archive_flag_spec, $1)=
- _LT_AC_TAGVAR(thread_safe_flag_spec, $1)=
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)=
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec_ld, $1)=
- _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=
- _LT_AC_TAGVAR(hardcode_direct, $1)=no
- _LT_AC_TAGVAR(hardcode_minus_L, $1)=no
- _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=unsupported
- _LT_AC_TAGVAR(link_all_deplibs, $1)=unknown
- _LT_AC_TAGVAR(hardcode_automatic, $1)=no
- _LT_AC_TAGVAR(module_cmds, $1)=
- _LT_AC_TAGVAR(module_expsym_cmds, $1)=
- _LT_AC_TAGVAR(always_export_symbols, $1)=no
- _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
- # include_expsyms should be a list of space-separated symbols to be *always*
- # included in the symbol list
- _LT_AC_TAGVAR(include_expsyms, $1)=
- # exclude_expsyms can be an extended regexp of symbols to exclude
- # it will be wrapped by ` (' and `)$', so one must not match beginning or
- # end of line. Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc',
- # as well as any symbol that contains `d'.
- _LT_AC_TAGVAR(exclude_expsyms, $1)=['_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*']
- # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out
- # platforms (ab)use it in PIC code, but their linkers get confused if
- # the symbol is explicitly referenced. Since portable code cannot
- # rely on this symbol name, it's probably fine to never include it in
- # preloaded symbol tables.
- # Exclude shared library initialization/finalization symbols.
-dnl Note also adjust exclude_expsyms for C++ above.
- extract_expsyms_cmds=
- # Just being paranoid about ensuring that cc_basename is set.
- _LT_CC_BASENAME([$compiler])
- case $host_os in
- cygwin* | mingw* | pw32*)
- # FIXME: the MSVC++ port hasn't been tested in a loooong time
- # When not using gcc, we currently assume that we are using
- # Microsoft Visual C++.
- if test "$GCC" != yes; then
- with_gnu_ld=no
- fi
- ;;
- interix*)
- # we just hope/assume this is gcc and not c89 (= MSVC++)
- with_gnu_ld=yes
- ;;
- openbsd*)
- with_gnu_ld=no
- ;;
- esac
-
- _LT_AC_TAGVAR(ld_shlibs, $1)=yes
- if test "$with_gnu_ld" = yes; then
- # If archive_cmds runs LD, not CC, wlarc should be empty
- wlarc='${wl}'
-
- # Set some defaults for GNU ld with shared library support. These
- # are reset later if shared libraries are not supported. Putting them
- # here allows them to be overridden if necessary.
- runpath_var=LD_RUN_PATH
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}--rpath ${wl}$libdir'
- _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
- # ancient GNU ld didn't support --whole-archive et. al.
- if $LD --help 2>&1 | grep 'no-whole-archive' > /dev/null; then
- _LT_AC_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive'
- else
- _LT_AC_TAGVAR(whole_archive_flag_spec, $1)=
- fi
- supports_anon_versioning=no
- case `$LD -v 2>/dev/null` in
- *\ [[01]].* | *\ 2.[[0-9]].* | *\ 2.10.*) ;; # catch versions < 2.11
- *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ...
- *\ 2.11.92.0.12\ *) supports_anon_versioning=yes ;; # Mandrake 8.2 ...
- *\ 2.11.*) ;; # other 2.11 versions
- *) supports_anon_versioning=yes ;;
- esac
-
- # See if GNU ld supports shared libraries.
- case $host_os in
- aix[[3-9]]*)
- # On AIX/PPC, the GNU linker is very broken
- if test "$host_cpu" != ia64; then
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- cat <<EOF 1>&2
-
-*** Warning: the GNU linker, at least up to release 2.9.1, is reported
-*** to be unable to reliably create shared libraries on AIX.
-*** Therefore, libtool is disabling shared libraries support. If you
-*** really care for shared libraries, you may want to modify your PATH
-*** so that a non-GNU linker is found, and then restart.
-
-EOF
- fi
- ;;
-
- amigaos*)
- _LT_AC_TAGVAR(archive_cmds, $1)='$rm $output_objdir/a2ixlibrary.data~$echo "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$echo "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$echo "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$echo "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)'
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
- _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes
-
- # Samuel A. Falvo II <kc5tja at dolphin.openprojects.net> reports
- # that the semantics of dynamic libraries on AmigaOS, at least up
- # to version 4, is to share data among multiple programs linked
- # with the same dynamic library. Since this doesn't match the
- # behavior of shared libraries on other platforms, we can't use
- # them.
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- ;;
-
- beos*)
- if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
- _LT_AC_TAGVAR(allow_undefined_flag, $1)=unsupported
- # Joseph Beckenbach <jrb3 at best.com> says some releases of gcc
- # support --undefined. This deserves some investigation. FIXME
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
- else
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- fi
- ;;
-
- cygwin* | mingw* | pw32*)
- # _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless,
- # as there is no search path for DLLs.
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
- _LT_AC_TAGVAR(allow_undefined_flag, $1)=unsupported
- _LT_AC_TAGVAR(always_export_symbols, $1)=no
- _LT_AC_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
- _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/'\'' -e '\''/^[[AITW]][[ ]]/s/.*[[ ]]//'\'' | sort | uniq > $export_symbols'
-
- if $LD --help 2>&1 | grep 'auto-import' > /dev/null; then
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
- # If the export-symbols file already is a .def file (1st line
- # is EXPORTS), use it as is; otherwise, prepend...
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then
- cp $export_symbols $output_objdir/$soname.def;
- else
- echo EXPORTS > $output_objdir/$soname.def;
- cat $export_symbols >> $output_objdir/$soname.def;
- fi~
- $CC -shared $output_objdir/$soname.def $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
- else
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- fi
- ;;
-
- interix[[3-9]]*)
- _LT_AC_TAGVAR(hardcode_direct, $1)=no
- _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
- _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
- # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc.
- # Instead, shared libraries are loaded at an image base (0x10000000 by
- # default) and relocated if they conflict, which is a slow very memory
- # consuming and fragmenting process. To avoid this, we pick a random,
- # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link
- # time. Moving up from 0x10000000 also allows more sbrk(2) space.
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
- ;;
-
- gnu* | linux* | k*bsd*-gnu)
- if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
- tmp_addflag=
- case $cc_basename,$host_cpu in
- pgcc*) # Portland Group C compiler
- _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive'
- tmp_addflag=' $pic_flag'
- ;;
- pgf77* | pgf90* | pgf95*) # Portland Group f77 and f90 compilers
- _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive'
- tmp_addflag=' $pic_flag -Mnomain' ;;
- ecc*,ia64* | icc*,ia64*) # Intel C compiler on ia64
- tmp_addflag=' -i_dynamic' ;;
- efc*,ia64* | ifort*,ia64*) # Intel Fortran compiler on ia64
- tmp_addflag=' -i_dynamic -nofor_main' ;;
- ifc* | ifort*) # Intel Fortran compiler
- tmp_addflag=' -nofor_main' ;;
- esac
- case `$CC -V 2>&1 | sed 5q` in
- *Sun\ C*) # Sun C 5.9
- _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive'
- tmp_sharedflag='-G' ;;
- *Sun\ F*) # Sun Fortran 8.3
- tmp_sharedflag='-G' ;;
- *)
- tmp_sharedflag='-shared' ;;
- esac
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
-
- if test $supports_anon_versioning = yes; then
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$echo "{ global:" > $output_objdir/$libname.ver~
- cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
- $echo "local: *; };" >> $output_objdir/$libname.ver~
- $CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib'
- fi
- else
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- fi
- ;;
-
- netbsd*)
- if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then
- _LT_AC_TAGVAR(archive_cmds, $1)='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib'
- wlarc=
- else
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
- fi
- ;;
-
- solaris*)
- if $LD -v 2>&1 | grep 'BFD 2\.8' > /dev/null; then
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- cat <<EOF 1>&2
-
-*** Warning: The releases 2.8.* of the GNU linker cannot reliably
-*** create shared libraries on Solaris systems. Therefore, libtool
-*** is disabling shared libraries support. We urge you to upgrade GNU
-*** binutils to release 2.9.1 or newer. Another option is to modify
-*** your PATH or compiler configuration so that the native linker is
-*** used, and then restart.
-
-EOF
- elif $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
- else
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- fi
- ;;
-
- sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*)
- case `$LD -v 2>&1` in
- *\ [[01]].* | *\ 2.[[0-9]].* | *\ 2.1[[0-5]].*)
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- cat <<_LT_EOF 1>&2
-
-*** Warning: Releases of the GNU linker prior to 2.16.91.0.3 can not
-*** reliably create shared libraries on SCO systems. Therefore, libtool
-*** is disabling shared libraries support. We urge you to upgrade GNU
-*** binutils to release 2.16.91.0.3 or newer. Another option is to modify
-*** your PATH or compiler configuration so that the native linker is
-*** used, and then restart.
-
-_LT_EOF
- ;;
- *)
- if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='`test -z "$SCOABSPATH" && echo ${wl}-rpath,$libdir`'
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib'
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname,\${SCOABSPATH:+${install_libdir}/}$soname,-retain-symbols-file,$export_symbols -o $lib'
- else
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- fi
- ;;
- esac
- ;;
-
- sunos4*)
- _LT_AC_TAGVAR(archive_cmds, $1)='$LD -assert pure-text -Bshareable -o $lib $libobjs $deplibs $linker_flags'
- wlarc=
- _LT_AC_TAGVAR(hardcode_direct, $1)=yes
- _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
- ;;
-
- *)
- if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
- else
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- fi
- ;;
- esac
-
- if test "$_LT_AC_TAGVAR(ld_shlibs, $1)" = no; then
- runpath_var=
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)=
- _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)=
- _LT_AC_TAGVAR(whole_archive_flag_spec, $1)=
- fi
- else
- # PORTME fill in a description of your system's linker (not GNU ld)
- case $host_os in
- aix3*)
- _LT_AC_TAGVAR(allow_undefined_flag, $1)=unsupported
- _LT_AC_TAGVAR(always_export_symbols, $1)=yes
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$LD -o $output_objdir/$soname $libobjs $deplibs $linker_flags -bE:$export_symbols -T512 -H512 -bM:SRE~$AR $AR_FLAGS $lib $output_objdir/$soname'
- # Note: this linker hardcodes the directories in LIBPATH if there
- # are no directories specified by -L.
- _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes
- if test "$GCC" = yes && test -z "$lt_prog_compiler_static"; then
- # Neither direct hardcoding nor static linking is supported with a
- # broken collect2.
- _LT_AC_TAGVAR(hardcode_direct, $1)=unsupported
- fi
- ;;
-
- aix[[4-9]]*)
- if test "$host_cpu" = ia64; then
- # On IA64, the linker does run time linking by default, so we don't
- # have to do anything special.
- aix_use_runtimelinking=no
- exp_sym_flag='-Bexport'
- no_entry_flag=""
- else
- # If we're using GNU nm, then we don't want the "-C" option.
- # -C means demangle to AIX nm, but means don't demangle with GNU nm
- if $NM -V 2>&1 | grep 'GNU' > /dev/null; then
- _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\[$]2 == "T") || (\[$]2 == "D") || (\[$]2 == "B")) && ([substr](\[$]3,1,1) != ".")) { print \[$]3 } }'\'' | sort -u > $export_symbols'
- else
- _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\[$]2 == "T") || (\[$]2 == "D") || (\[$]2 == "B")) && ([substr](\[$]3,1,1) != ".")) { print \[$]3 } }'\'' | sort -u > $export_symbols'
- fi
- aix_use_runtimelinking=no
-
- # Test if we are trying to use run time linking or normal
- # AIX style linking. If -brtl is somewhere in LDFLAGS, we
- # need to do runtime linking.
- case $host_os in aix4.[[23]]|aix4.[[23]].*|aix[[5-9]]*)
- for ld_flag in $LDFLAGS; do
- if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then
- aix_use_runtimelinking=yes
- break
- fi
- done
- ;;
- esac
-
- exp_sym_flag='-bexport'
- no_entry_flag='-bnoentry'
- fi
-
- # When large executables or shared objects are built, AIX ld can
- # have problems creating the table of contents. If linking a library
- # or program results in "error TOC overflow" add -mminimal-toc to
- # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not
- # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS.
-
- _LT_AC_TAGVAR(archive_cmds, $1)=''
- _LT_AC_TAGVAR(hardcode_direct, $1)=yes
- _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=':'
- _LT_AC_TAGVAR(link_all_deplibs, $1)=yes
-
- if test "$GCC" = yes; then
- case $host_os in aix4.[[012]]|aix4.[[012]].*)
- # We only want to do this on AIX 4.2 and lower, the check
- # below for broken collect2 doesn't work under 4.3+
- collect2name=`${CC} -print-prog-name=collect2`
- if test -f "$collect2name" && \
- strings "$collect2name" | grep resolve_lib_name >/dev/null
- then
- # We have reworked collect2
- :
- else
- # We have old collect2
- _LT_AC_TAGVAR(hardcode_direct, $1)=unsupported
- # It fails to find uninstalled libraries when the uninstalled
- # path is not listed in the libpath. Setting hardcode_minus_L
- # to unsupported forces relinking
- _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
- _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=
- fi
- ;;
- esac
- shared_flag='-shared'
- if test "$aix_use_runtimelinking" = yes; then
- shared_flag="$shared_flag "'${wl}-G'
- fi
- else
- # not using gcc
- if test "$host_cpu" = ia64; then
- # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release
- # chokes on -Wl,-G. The following line is correct:
- shared_flag='-G'
- else
- if test "$aix_use_runtimelinking" = yes; then
- shared_flag='${wl}-G'
- else
- shared_flag='${wl}-bM:SRE'
- fi
- fi
- fi
-
- # It seems that -bexpall does not export symbols beginning with
- # underscore (_), so it is better to generate a list of symbols to export.
- _LT_AC_TAGVAR(always_export_symbols, $1)=yes
- if test "$aix_use_runtimelinking" = yes; then
- # Warning - without using the other runtime loading flags (-brtl),
- # -berok will link without error, but may produce a broken library.
- _LT_AC_TAGVAR(allow_undefined_flag, $1)='-berok'
- # Determine the default libpath from the value encoded in an empty executable.
- _LT_AC_SYS_LIBPATH_AIX
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath"
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)="\$CC"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then echo "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag"
- else
- if test "$host_cpu" = ia64; then
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $libdir:/usr/lib:/lib'
- _LT_AC_TAGVAR(allow_undefined_flag, $1)="-z nodefs"
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols"
- else
- # Determine the default libpath from the value encoded in an empty executable.
- _LT_AC_SYS_LIBPATH_AIX
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath"
- # Warning - without using the other run time loading flags,
- # -berok will link without error, but may produce a broken library.
- _LT_AC_TAGVAR(no_undefined_flag, $1)=' ${wl}-bernotok'
- _LT_AC_TAGVAR(allow_undefined_flag, $1)=' ${wl}-berok'
- # Exported symbols can be pulled into shared objects from archives
- _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='$convenience'
- _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=yes
- # This is similar to how AIX traditionally builds its shared libraries.
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname'
- fi
- fi
- ;;
-
- amigaos*)
- _LT_AC_TAGVAR(archive_cmds, $1)='$rm $output_objdir/a2ixlibrary.data~$echo "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$echo "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$echo "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$echo "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)'
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
- _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes
- # see comment about different semantics on the GNU ld section
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- ;;
-
- bsdi[[45]]*)
- _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)=-rdynamic
- ;;
-
- cygwin* | mingw* | pw32*)
- # When not using gcc, we currently assume that we are using
- # Microsoft Visual C++.
- # hardcode_libdir_flag_spec is actually meaningless, as there is
- # no search path for DLLs.
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)=' '
- _LT_AC_TAGVAR(allow_undefined_flag, $1)=unsupported
- # Tell ltmain to make .lib files, not .a files.
- libext=lib
- # Tell ltmain to make .dll files, not .so files.
- shrext_cmds=".dll"
- # FIXME: Setting linknames here is a bad hack.
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -o $lib $libobjs $compiler_flags `echo "$deplibs" | $SED -e '\''s/ -lc$//'\''` -link -dll~linknames='
- # The linker will automatically build a .lib file if we build a DLL.
- _LT_AC_TAGVAR(old_archive_From_new_cmds, $1)='true'
- # FIXME: Should let the user specify the lib program.
- _LT_AC_TAGVAR(old_archive_cmds, $1)='lib -OUT:$oldlib$oldobjs$old_deplibs'
- _LT_AC_TAGVAR(fix_srcfile_path, $1)='`cygpath -w "$srcfile"`'
- _LT_AC_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
- ;;
-
- darwin* | rhapsody*)
- case $host_os in
- rhapsody* | darwin1.[[012]])
- _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-undefined ${wl}suppress'
- ;;
- *) # Darwin 1.3 on
- if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then
- _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-flat_namespace ${wl}-undefined ${wl}suppress'
- else
- case ${MACOSX_DEPLOYMENT_TARGET} in
- 10.[[012]])
- _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-flat_namespace ${wl}-undefined ${wl}suppress'
- ;;
- 10.*)
- _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-undefined ${wl}dynamic_lookup'
- ;;
- esac
- fi
- ;;
- esac
- _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no
- _LT_AC_TAGVAR(hardcode_direct, $1)=no
- _LT_AC_TAGVAR(hardcode_automatic, $1)=yes
- _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=unsupported
- _LT_AC_TAGVAR(whole_archive_flag_spec, $1)=''
- _LT_AC_TAGVAR(link_all_deplibs, $1)=yes
- if test "$GCC" = yes ; then
- output_verbose_link_cmd='echo'
- _LT_AC_TAGVAR(archive_cmds, $1)="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod${_lt_dsymutil}"
- _LT_AC_TAGVAR(module_cmds, $1)="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dsymutil}"
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring ${_lt_dar_single_mod}${_lt_dar_export_syms}${_lt_dsymutil}"
- _LT_AC_TAGVAR(module_expsym_cmds, $1)="sed -e 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dar_export_syms}${_lt_dsymutil}"
- else
- case $cc_basename in
- xlc*)
- output_verbose_link_cmd='echo'
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}`echo $rpath/$soname` $xlcverstring'
- _LT_AC_TAGVAR(module_cmds, $1)='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags'
- # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}$rpath/$soname $xlcverstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
- _LT_AC_TAGVAR(module_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
- ;;
- *)
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- ;;
- esac
- fi
- ;;
-
- dgux*)
- _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
- _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
- ;;
-
- freebsd1*)
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- ;;
-
- # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor
- # support. Future versions do this automatically, but an explicit c++rt0.o
- # does not break anything, and helps significantly (at the cost of a little
- # extra space).
- freebsd2.2*)
- _LT_AC_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags /usr/lib/c++rt0.o'
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
- _LT_AC_TAGVAR(hardcode_direct, $1)=yes
- _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
- ;;
-
- # Unfortunately, older versions of FreeBSD 2 do not have this feature.
- freebsd2*)
- _LT_AC_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags'
- _LT_AC_TAGVAR(hardcode_direct, $1)=yes
- _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes
- _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
- ;;
-
- # FreeBSD 3 and greater uses gcc -shared to do shared libraries.
- freebsd* | dragonfly*)
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -o $lib $libobjs $deplibs $compiler_flags'
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
- _LT_AC_TAGVAR(hardcode_direct, $1)=yes
- _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
- ;;
-
- hpux9*)
- if test "$GCC" = yes; then
- _LT_AC_TAGVAR(archive_cmds, $1)='$rm $output_objdir/$soname~$CC -shared -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
- else
- _LT_AC_TAGVAR(archive_cmds, $1)='$rm $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
- fi
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir'
- _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
- _LT_AC_TAGVAR(hardcode_direct, $1)=yes
-
- # hardcode_minus_L: Not really in the search PATH,
- # but as the default location of the library.
- _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes
- _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
- ;;
-
- hpux10*)
- if test "$GCC" = yes -a "$with_gnu_ld" = no; then
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
- else
- _LT_AC_TAGVAR(archive_cmds, $1)='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags'
- fi
- if test "$with_gnu_ld" = no; then
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir'
- _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
-
- _LT_AC_TAGVAR(hardcode_direct, $1)=yes
- _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
-
- # hardcode_minus_L: Not really in the search PATH,
- # but as the default location of the library.
- _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes
- fi
- ;;
-
- hpux11*)
- if test "$GCC" = yes -a "$with_gnu_ld" = no; then
- case $host_cpu in
- hppa*64*)
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
- ;;
- ia64*)
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
- ;;
- *)
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
- ;;
- esac
- else
- case $host_cpu in
- hppa*64*)
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
- ;;
- ia64*)
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
- ;;
- *)
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
- ;;
- esac
- fi
- if test "$with_gnu_ld" = no; then
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir'
- _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
-
- case $host_cpu in
- hppa*64*|ia64*)
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec_ld, $1)='+b $libdir'
- _LT_AC_TAGVAR(hardcode_direct, $1)=no
- _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
- ;;
- *)
- _LT_AC_TAGVAR(hardcode_direct, $1)=yes
- _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
-
- # hardcode_minus_L: Not really in the search PATH,
- # but as the default location of the library.
- _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes
- ;;
- esac
- fi
- ;;
-
- irix5* | irix6* | nonstopux*)
- if test "$GCC" = yes; then
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
- else
- _LT_AC_TAGVAR(archive_cmds, $1)='$LD -shared $libobjs $deplibs $linker_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib'
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec_ld, $1)='-rpath $libdir'
- fi
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
- _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
- _LT_AC_TAGVAR(link_all_deplibs, $1)=yes
- ;;
-
- netbsd*)
- if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then
- _LT_AC_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out
- else
- _LT_AC_TAGVAR(archive_cmds, $1)='$LD -shared -o $lib $libobjs $deplibs $linker_flags' # ELF
- fi
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
- _LT_AC_TAGVAR(hardcode_direct, $1)=yes
- _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
- ;;
-
- newsos6)
- _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
- _LT_AC_TAGVAR(hardcode_direct, $1)=yes
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
- _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
- _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
- ;;
-
- openbsd*)
- if test -f /usr/libexec/ld.so; then
- _LT_AC_TAGVAR(hardcode_direct, $1)=yes
- _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
- if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-retain-symbols-file,$export_symbols'
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
- _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
- else
- case $host_os in
- openbsd[[01]].* | openbsd2.[[0-7]] | openbsd2.[[0-7]].*)
- _LT_AC_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags'
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
- ;;
- *)
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
- ;;
- esac
- fi
- else
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- fi
- ;;
-
- os2*)
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
- _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes
- _LT_AC_TAGVAR(allow_undefined_flag, $1)=unsupported
- _LT_AC_TAGVAR(archive_cmds, $1)='$echo "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$echo "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~$echo DATA >> $output_objdir/$libname.def~$echo " SINGLE NONSHARED" >> $output_objdir/$libname.def~$echo EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def'
- _LT_AC_TAGVAR(old_archive_From_new_cmds, $1)='emximp -o $output_objdir/$libname.a $output_objdir/$libname.def'
- ;;
-
- osf3*)
- if test "$GCC" = yes; then
- _LT_AC_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
- else
- _LT_AC_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*'
- _LT_AC_TAGVAR(archive_cmds, $1)='$LD -shared${allow_undefined_flag} $libobjs $deplibs $linker_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib'
- fi
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
- _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
- ;;
-
- osf4* | osf5*) # as osf3* with the addition of -msym flag
- if test "$GCC" = yes; then
- _LT_AC_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
- else
- _LT_AC_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*'
- _LT_AC_TAGVAR(archive_cmds, $1)='$LD -shared${allow_undefined_flag} $libobjs $deplibs $linker_flags -msym -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib'
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; echo "-hidden">> $lib.exp~
- $LD -shared${allow_undefined_flag} -input $lib.exp $linker_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib~$rm $lib.exp'
-
- # Both c and cxx compiler support -rpath directly
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir'
- fi
- _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
- ;;
-
- solaris*)
- _LT_AC_TAGVAR(no_undefined_flag, $1)=' -z text'
- if test "$GCC" = yes; then
- wlarc='${wl}'
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~
- $CC -shared ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$rm $lib.exp'
- else
- wlarc=''
- _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $linker_flags'
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~
- $LD -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $linker_flags~$rm $lib.exp'
- fi
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
- _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
- case $host_os in
- solaris2.[[0-5]] | solaris2.[[0-5]].*) ;;
- *)
- # The compiler driver will combine and reorder linker options,
- # but understands `-z linker_flag'. GCC discards it without `$wl',
- # but is careful enough not to reorder.
- # Supported since Solaris 2.6 (maybe 2.5.1?)
- if test "$GCC" = yes; then
- _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='${wl}-z ${wl}allextract$convenience ${wl}-z ${wl}defaultextract'
- else
- _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='-z allextract$convenience -z defaultextract'
- fi
- ;;
- esac
- _LT_AC_TAGVAR(link_all_deplibs, $1)=yes
- ;;
-
- sunos4*)
- if test "x$host_vendor" = xsequent; then
- # Use $CC to link under sequent, because it throws in some extra .o
- # files that make .init and .fini sections work.
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h $soname -o $lib $libobjs $deplibs $compiler_flags'
- else
- _LT_AC_TAGVAR(archive_cmds, $1)='$LD -assert pure-text -Bstatic -o $lib $libobjs $deplibs $linker_flags'
- fi
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
- _LT_AC_TAGVAR(hardcode_direct, $1)=yes
- _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes
- _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
- ;;
-
- sysv4)
- case $host_vendor in
- sni)
- _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
- _LT_AC_TAGVAR(hardcode_direct, $1)=yes # is this really true???
- ;;
- siemens)
- ## LD is ld it makes a PLAMLIB
- ## CC just makes a GrossModule.
- _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -o $lib $libobjs $deplibs $linker_flags'
- _LT_AC_TAGVAR(reload_cmds, $1)='$CC -r -o $output$reload_objs'
- _LT_AC_TAGVAR(hardcode_direct, $1)=no
- ;;
- motorola)
- _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
- _LT_AC_TAGVAR(hardcode_direct, $1)=no #Motorola manual says yes, but my tests say they lie
- ;;
- esac
- runpath_var='LD_RUN_PATH'
- _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
- ;;
-
- sysv4.3*)
- _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
- _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
- _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='-Bexport'
- ;;
-
- sysv4*MP*)
- if test -d /usr/nec; then
- _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
- _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
- runpath_var=LD_RUN_PATH
- hardcode_runpath_var=yes
- _LT_AC_TAGVAR(ld_shlibs, $1)=yes
- fi
- ;;
-
- sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[[01]].[[10]]* | unixware7* | sco3.2v5.0.[[024]]*)
- _LT_AC_TAGVAR(no_undefined_flag, $1)='${wl}-z,text'
- _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no
- _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
- runpath_var='LD_RUN_PATH'
-
- if test "$GCC" = yes; then
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
- else
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
- fi
- ;;
-
- sysv5* | sco3.2v5* | sco5v6*)
- # Note: We can NOT use -z defs as we might desire, because we do not
- # link with -lc, and that would cause any symbols used from libc to
- # always be unresolved, which means just about no library would
- # ever link correctly. If we're not using GNU ld we use -z text
- # though, which does catch some bad symbols but isn't as heavy-handed
- # as -z defs.
- _LT_AC_TAGVAR(no_undefined_flag, $1)='${wl}-z,text'
- _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-z,nodefs'
- _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no
- _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='`test -z "$SCOABSPATH" && echo ${wl}-R,$libdir`'
- _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=':'
- _LT_AC_TAGVAR(link_all_deplibs, $1)=yes
- _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-Bexport'
- runpath_var='LD_RUN_PATH'
-
- if test "$GCC" = yes; then
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
- else
- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
- fi
- ;;
-
- uts4*)
- _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
- _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
- _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
- ;;
-
- *)
- _LT_AC_TAGVAR(ld_shlibs, $1)=no
- ;;
- esac
- fi
-])
-AC_MSG_RESULT([$_LT_AC_TAGVAR(ld_shlibs, $1)])
-test "$_LT_AC_TAGVAR(ld_shlibs, $1)" = no && can_build_shared=no
-
-#
-# Do we need to explicitly link libc?
-#
-case "x$_LT_AC_TAGVAR(archive_cmds_need_lc, $1)" in
-x|xyes)
- # Assume -lc should be added
- _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=yes
-
- if test "$enable_shared" = yes && test "$GCC" = yes; then
- case $_LT_AC_TAGVAR(archive_cmds, $1) in
- *'~'*)
- # FIXME: we may have to deal with multi-command sequences.
- ;;
- '$CC '*)
- # Test whether the compiler implicitly links with -lc since on some
- # systems, -lgcc has to come before -lc. If gcc already passes -lc
- # to ld, don't add -lc before -lgcc.
- AC_MSG_CHECKING([whether -lc should be explicitly linked in])
- $rm conftest*
- echo "$lt_simple_compile_test_code" > conftest.$ac_ext
-
- if AC_TRY_EVAL(ac_compile) 2>conftest.err; then
- soname=conftest
- lib=conftest
- libobjs=conftest.$ac_objext
- deplibs=
- wl=$_LT_AC_TAGVAR(lt_prog_compiler_wl, $1)
- pic_flag=$_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)
- compiler_flags=-v
- linker_flags=-v
- verstring=
- output_objdir=.
- libname=conftest
- lt_save_allow_undefined_flag=$_LT_AC_TAGVAR(allow_undefined_flag, $1)
- _LT_AC_TAGVAR(allow_undefined_flag, $1)=
- if AC_TRY_EVAL(_LT_AC_TAGVAR(archive_cmds, $1) 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1)
- then
- _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no
- else
- _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=yes
- fi
- _LT_AC_TAGVAR(allow_undefined_flag, $1)=$lt_save_allow_undefined_flag
- else
- cat conftest.err 1>&5
- fi
- $rm conftest*
- AC_MSG_RESULT([$_LT_AC_TAGVAR(archive_cmds_need_lc, $1)])
- ;;
- esac
- fi
- ;;
-esac
-])# AC_LIBTOOL_PROG_LD_SHLIBS
-
-
-# _LT_AC_FILE_LTDLL_C
-# -------------------
-# Be careful that the start marker always follows a newline.
-AC_DEFUN([_LT_AC_FILE_LTDLL_C], [
-# /* ltdll.c starts here */
-# #define WIN32_LEAN_AND_MEAN
-# #include <windows.h>
-# #undef WIN32_LEAN_AND_MEAN
-# #include <stdio.h>
-#
-# #ifndef __CYGWIN__
-# # ifdef __CYGWIN32__
-# # define __CYGWIN__ __CYGWIN32__
-# # endif
-# #endif
-#
-# #ifdef __cplusplus
-# extern "C" {
-# #endif
-# BOOL APIENTRY DllMain (HINSTANCE hInst, DWORD reason, LPVOID reserved);
-# #ifdef __cplusplus
-# }
-# #endif
-#
-# #ifdef __CYGWIN__
-# #include <cygwin/cygwin_dll.h>
-# DECLARE_CYGWIN_DLL( DllMain );
-# #endif
-# HINSTANCE __hDllInstance_base;
-#
-# BOOL APIENTRY
-# DllMain (HINSTANCE hInst, DWORD reason, LPVOID reserved)
-# {
-# __hDllInstance_base = hInst;
-# return TRUE;
-# }
-# /* ltdll.c ends here */
-])# _LT_AC_FILE_LTDLL_C
-
-
-# _LT_AC_TAGVAR(VARNAME, [TAGNAME])
-# ---------------------------------
-AC_DEFUN([_LT_AC_TAGVAR], [ifelse([$2], [], [$1], [$1_$2])])
-
-
-# old names
-AC_DEFUN([AM_PROG_LIBTOOL], [AC_PROG_LIBTOOL])
-AC_DEFUN([AM_ENABLE_SHARED], [AC_ENABLE_SHARED($@)])
-AC_DEFUN([AM_ENABLE_STATIC], [AC_ENABLE_STATIC($@)])
-AC_DEFUN([AM_DISABLE_SHARED], [AC_DISABLE_SHARED($@)])
-AC_DEFUN([AM_DISABLE_STATIC], [AC_DISABLE_STATIC($@)])
-AC_DEFUN([AM_PROG_LD], [AC_PROG_LD])
-AC_DEFUN([AM_PROG_NM], [AC_PROG_NM])
-
-# This is just to silence aclocal about the macro not being used
-ifelse([AC_DISABLE_FAST_INSTALL])
-
-AC_DEFUN([LT_AC_PROG_GCJ],
-[AC_CHECK_TOOL(GCJ, gcj, no)
- test "x${GCJFLAGS+set}" = xset || GCJFLAGS="-g -O2"
- AC_SUBST(GCJFLAGS)
-])
-
-AC_DEFUN([LT_AC_PROG_RC],
-[AC_CHECK_TOOL(RC, windres, no)
-])
-
-
-# Cheap backport of AS_EXECUTABLE_P and required macros
-# from Autoconf 2.59; we should not use $as_executable_p directly.
-
-# _AS_TEST_PREPARE
-# ----------------
-m4_ifndef([_AS_TEST_PREPARE],
-[m4_defun([_AS_TEST_PREPARE],
-[if test -x / >/dev/null 2>&1; then
- as_executable_p='test -x'
-else
- as_executable_p='test -f'
-fi
-])])# _AS_TEST_PREPARE
-
-# AS_EXECUTABLE_P
-# ---------------
-# Check whether a file is executable.
-m4_ifndef([AS_EXECUTABLE_P],
-[m4_defun([AS_EXECUTABLE_P],
-[AS_REQUIRE([_AS_TEST_PREPARE])dnl
-$as_executable_p $1[]dnl
-])])# AS_EXECUTABLE_P
-
-############################################################
-# NOTE: This macro has been submitted for inclusion into #
-# GNU Autoconf as AC_PROG_SED. When it is available in #
-# a released version of Autoconf we should remove this #
-# macro and use it instead. #
-############################################################
-# LT_AC_PROG_SED
-# --------------
-# Check for a fully-functional sed program, that truncates
-# as few characters as possible. Prefer GNU sed if found.
-AC_DEFUN([LT_AC_PROG_SED],
-[AC_MSG_CHECKING([for a sed that does not truncate output])
-AC_CACHE_VAL(lt_cv_path_SED,
-[# Loop through the user's path and test for sed and gsed.
-# Then use that list of sed's as ones to test for truncation.
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for lt_ac_prog in sed gsed; do
- for ac_exec_ext in '' $ac_executable_extensions; do
- if AS_EXECUTABLE_P(["$as_dir/$lt_ac_prog$ac_exec_ext"]); then
- lt_ac_sed_list="$lt_ac_sed_list $as_dir/$lt_ac_prog$ac_exec_ext"
- fi
- done
- done
-done
-IFS=$as_save_IFS
-lt_ac_max=0
-lt_ac_count=0
-# Add /usr/xpg4/bin/sed as it is typically found on Solaris
-# along with /bin/sed that truncates output.
-for lt_ac_sed in $lt_ac_sed_list /usr/xpg4/bin/sed; do
- test ! -f $lt_ac_sed && continue
- cat /dev/null > conftest.in
- lt_ac_count=0
- echo $ECHO_N "0123456789$ECHO_C" >conftest.in
- # Check for GNU sed and select it if it is found.
- if "$lt_ac_sed" --version 2>&1 < /dev/null | grep 'GNU' > /dev/null; then
- lt_cv_path_SED=$lt_ac_sed
- break
- fi
- while true; do
- cat conftest.in conftest.in >conftest.tmp
- mv conftest.tmp conftest.in
- cp conftest.in conftest.nl
- echo >>conftest.nl
- $lt_ac_sed -e 's/a$//' < conftest.nl >conftest.out || break
- cmp -s conftest.out conftest.nl || break
- # 10000 chars as input seems more than enough
- test $lt_ac_count -gt 10 && break
- lt_ac_count=`expr $lt_ac_count + 1`
- if test $lt_ac_count -gt $lt_ac_max; then
- lt_ac_max=$lt_ac_count
- lt_cv_path_SED=$lt_ac_sed
- fi
- done
-done
-])
-SED=$lt_cv_path_SED
-AC_SUBST([SED])
-AC_MSG_RESULT([$SED])
-])
-# generated automatically by aclocal 1.10.1 -*- Autoconf -*-
-
-# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004,
-# 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
-# This file is free software; the Free Software Foundation
-# gives unlimited permission to copy and/or distribute it,
-# with or without modifications, as long as this notice is preserved.
-
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
-# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
-# PARTICULAR PURPOSE.
-
-m4_ifndef([AC_AUTOCONF_VERSION],
- [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl
-m4_if(AC_AUTOCONF_VERSION, [2.61],,
-[m4_warning([this file was generated for autoconf 2.61.
-You have another version of autoconf. It may work, but is not guaranteed to.
-If you have problems, you may need to regenerate the build system entirely.
-To do so, use the procedure documented by the package, typically `autoreconf'.])])
-
-# Copyright (C) 2002, 2003, 2005, 2006, 2007 Free Software Foundation, Inc.
-#
-# This file is free software; the Free Software Foundation
-# gives unlimited permission to copy and/or distribute it,
-# with or without modifications, as long as this notice is preserved.
-
-# AM_AUTOMAKE_VERSION(VERSION)
-# ----------------------------
-# Automake X.Y traces this macro to ensure aclocal.m4 has been
-# generated from the m4 files accompanying Automake X.Y.
-# (This private macro should not be called outside this file.)
-AC_DEFUN([AM_AUTOMAKE_VERSION],
-[am__api_version='1.10'
-dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to
-dnl require some minimum version. Point them to the right macro.
-m4_if([$1], [1.10.1], [],
- [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl
-])
-
-# _AM_AUTOCONF_VERSION(VERSION)
-# -----------------------------
-# aclocal traces this macro to find the Autoconf version.
-# This is a private macro too. Using m4_define simplifies
-# the logic in aclocal, which can simply ignore this definition.
-m4_define([_AM_AUTOCONF_VERSION], [])
-
-# AM_SET_CURRENT_AUTOMAKE_VERSION
-# -------------------------------
-# Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced.
-# This function is AC_REQUIREd by AC_INIT_AUTOMAKE.
-AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION],
-[AM_AUTOMAKE_VERSION([1.10.1])dnl
-m4_ifndef([AC_AUTOCONF_VERSION],
- [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl
-_AM_AUTOCONF_VERSION(AC_AUTOCONF_VERSION)])
-
-# AM_AUX_DIR_EXPAND -*- Autoconf -*-
-
-# Copyright (C) 2001, 2003, 2005 Free Software Foundation, Inc.
-#
-# This file is free software; the Free Software Foundation
-# gives unlimited permission to copy and/or distribute it,
-# with or without modifications, as long as this notice is preserved.
-
-# For projects using AC_CONFIG_AUX_DIR([foo]), Autoconf sets
-# $ac_aux_dir to `$srcdir/foo'. In other projects, it is set to
-# `$srcdir', `$srcdir/..', or `$srcdir/../..'.
-#
-# Of course, Automake must honor this variable whenever it calls a
-# tool from the auxiliary directory. The problem is that $srcdir (and
-# therefore $ac_aux_dir as well) can be either absolute or relative,
-# depending on how configure is run. This is pretty annoying, since
-# it makes $ac_aux_dir quite unusable in subdirectories: in the top
-# source directory, any form will work fine, but in subdirectories a
-# relative path needs to be adjusted first.
-#
-# $ac_aux_dir/missing
-# fails when called from a subdirectory if $ac_aux_dir is relative
-# $top_srcdir/$ac_aux_dir/missing
-# fails if $ac_aux_dir is absolute,
-# fails when called from a subdirectory in a VPATH build with
-# a relative $ac_aux_dir
-#
-# The reason of the latter failure is that $top_srcdir and $ac_aux_dir
-# are both prefixed by $srcdir. In an in-source build this is usually
-# harmless because $srcdir is `.', but things will broke when you
-# start a VPATH build or use an absolute $srcdir.
-#
-# So we could use something similar to $top_srcdir/$ac_aux_dir/missing,
-# iff we strip the leading $srcdir from $ac_aux_dir. That would be:
-# am_aux_dir='\$(top_srcdir)/'`expr "$ac_aux_dir" : "$srcdir//*\(.*\)"`
-# and then we would define $MISSING as
-# MISSING="\${SHELL} $am_aux_dir/missing"
-# This will work as long as MISSING is not called from configure, because
-# unfortunately $(top_srcdir) has no meaning in configure.
-# However there are other variables, like CC, which are often used in
-# configure, and could therefore not use this "fixed" $ac_aux_dir.
-#
-# Another solution, used here, is to always expand $ac_aux_dir to an
-# absolute PATH. The drawback is that using absolute paths prevent a
-# configured tree to be moved without reconfiguration.
-
-AC_DEFUN([AM_AUX_DIR_EXPAND],
-[dnl Rely on autoconf to set up CDPATH properly.
-AC_PREREQ([2.50])dnl
-# expand $ac_aux_dir to an absolute path
-am_aux_dir=`cd $ac_aux_dir && pwd`
-])
-
-# AM_CONDITIONAL -*- Autoconf -*-
-
-# Copyright (C) 1997, 2000, 2001, 2003, 2004, 2005, 2006
-# Free Software Foundation, Inc.
-#
-# This file is free software; the Free Software Foundation
-# gives unlimited permission to copy and/or distribute it,
-# with or without modifications, as long as this notice is preserved.
-
-# serial 8
-
-# AM_CONDITIONAL(NAME, SHELL-CONDITION)
-# -------------------------------------
-# Define a conditional.
-AC_DEFUN([AM_CONDITIONAL],
-[AC_PREREQ(2.52)dnl
- ifelse([$1], [TRUE], [AC_FATAL([$0: invalid condition: $1])],
- [$1], [FALSE], [AC_FATAL([$0: invalid condition: $1])])dnl
-AC_SUBST([$1_TRUE])dnl
-AC_SUBST([$1_FALSE])dnl
-_AM_SUBST_NOTMAKE([$1_TRUE])dnl
-_AM_SUBST_NOTMAKE([$1_FALSE])dnl
-if $2; then
- $1_TRUE=
- $1_FALSE='#'
-else
- $1_TRUE='#'
- $1_FALSE=
-fi
-AC_CONFIG_COMMANDS_PRE(
-[if test -z "${$1_TRUE}" && test -z "${$1_FALSE}"; then
- AC_MSG_ERROR([[conditional "$1" was never defined.
-Usually this means the macro was only invoked conditionally.]])
-fi])])
-
-# Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006
-# Free Software Foundation, Inc.
-#
-# This file is free software; the Free Software Foundation
-# gives unlimited permission to copy and/or distribute it,
-# with or without modifications, as long as this notice is preserved.
-
-# serial 9
-
-# There are a few dirty hacks below to avoid letting `AC_PROG_CC' be
-# written in clear, in which case automake, when reading aclocal.m4,
-# will think it sees a *use*, and therefore will trigger all it's
-# C support machinery. Also note that it means that autoscan, seeing
-# CC etc. in the Makefile, will ask for an AC_PROG_CC use...
-
-
-# _AM_DEPENDENCIES(NAME)
-# ----------------------
-# See how the compiler implements dependency checking.
-# NAME is "CC", "CXX", "GCJ", or "OBJC".
-# We try a few techniques and use that to set a single cache variable.
-#
-# We don't AC_REQUIRE the corresponding AC_PROG_CC since the latter was
-# modified to invoke _AM_DEPENDENCIES(CC); we would have a circular
-# dependency, and given that the user is not expected to run this macro,
-# just rely on AC_PROG_CC.
-AC_DEFUN([_AM_DEPENDENCIES],
-[AC_REQUIRE([AM_SET_DEPDIR])dnl
-AC_REQUIRE([AM_OUTPUT_DEPENDENCY_COMMANDS])dnl
-AC_REQUIRE([AM_MAKE_INCLUDE])dnl
-AC_REQUIRE([AM_DEP_TRACK])dnl
-
-ifelse([$1], CC, [depcc="$CC" am_compiler_list=],
- [$1], CXX, [depcc="$CXX" am_compiler_list=],
- [$1], OBJC, [depcc="$OBJC" am_compiler_list='gcc3 gcc'],
- [$1], UPC, [depcc="$UPC" am_compiler_list=],
- [$1], GCJ, [depcc="$GCJ" am_compiler_list='gcc3 gcc'],
- [depcc="$$1" am_compiler_list=])
-
-AC_CACHE_CHECK([dependency style of $depcc],
- [am_cv_$1_dependencies_compiler_type],
-[if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then
- # We make a subdir and do the tests there. Otherwise we can end up
- # making bogus files that we don't know about and never remove. For
- # instance it was reported that on HP-UX the gcc test will end up
- # making a dummy file named `D' -- because `-MD' means `put the output
- # in D'.
- mkdir conftest.dir
- # Copy depcomp to subdir because otherwise we won't find it if we're
- # using a relative directory.
- cp "$am_depcomp" conftest.dir
- cd conftest.dir
- # We will build objects and dependencies in a subdirectory because
- # it helps to detect inapplicable dependency modes. For instance
- # both Tru64's cc and ICC support -MD to output dependencies as a
- # side effect of compilation, but ICC will put the dependencies in
- # the current directory while Tru64 will put them in the object
- # directory.
- mkdir sub
-
- am_cv_$1_dependencies_compiler_type=none
- if test "$am_compiler_list" = ""; then
- am_compiler_list=`sed -n ['s/^#*\([a-zA-Z0-9]*\))$/\1/p'] < ./depcomp`
- fi
- for depmode in $am_compiler_list; do
- # Setup a source with many dependencies, because some compilers
- # like to wrap large dependency lists on column 80 (with \), and
- # we should not choose a depcomp mode which is confused by this.
- #
- # We need to recreate these files for each test, as the compiler may
- # overwrite some of them when testing with obscure command lines.
- # This happens at least with the AIX C compiler.
- : > sub/conftest.c
- for i in 1 2 3 4 5 6; do
- echo '#include "conftst'$i'.h"' >> sub/conftest.c
- # Using `: > sub/conftst$i.h' creates only sub/conftst1.h with
- # Solaris 8's {/usr,}/bin/sh.
- touch sub/conftst$i.h
- done
- echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf
-
- case $depmode in
- nosideeffect)
- # after this tag, mechanisms are not by side-effect, so they'll
- # only be used when explicitly requested
- if test "x$enable_dependency_tracking" = xyes; then
- continue
- else
- break
- fi
- ;;
- none) break ;;
- esac
- # We check with `-c' and `-o' for the sake of the "dashmstdout"
- # mode. It turns out that the SunPro C++ compiler does not properly
- # handle `-M -o', and we need to detect this.
- if depmode=$depmode \
- source=sub/conftest.c object=sub/conftest.${OBJEXT-o} \
- depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \
- $SHELL ./depcomp $depcc -c -o sub/conftest.${OBJEXT-o} sub/conftest.c \
- >/dev/null 2>conftest.err &&
- grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 &&
- grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 &&
- grep sub/conftest.${OBJEXT-o} sub/conftest.Po > /dev/null 2>&1 &&
- ${MAKE-make} -s -f confmf > /dev/null 2>&1; then
- # icc doesn't choke on unknown options, it will just issue warnings
- # or remarks (even with -Werror). So we grep stderr for any message
- # that says an option was ignored or not supported.
- # When given -MP, icc 7.0 and 7.1 complain thusly:
- # icc: Command line warning: ignoring option '-M'; no argument required
- # The diagnosis changed in icc 8.0:
- # icc: Command line remark: option '-MP' not supported
- if (grep 'ignoring option' conftest.err ||
- grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else
- am_cv_$1_dependencies_compiler_type=$depmode
- break
- fi
- fi
- done
-
- cd ..
- rm -rf conftest.dir
-else
- am_cv_$1_dependencies_compiler_type=none
-fi
-])
-AC_SUBST([$1DEPMODE], [depmode=$am_cv_$1_dependencies_compiler_type])
-AM_CONDITIONAL([am__fastdep$1], [
- test "x$enable_dependency_tracking" != xno \
- && test "$am_cv_$1_dependencies_compiler_type" = gcc3])
-])
-
-
-# AM_SET_DEPDIR
-# -------------
-# Choose a directory name for dependency files.
-# This macro is AC_REQUIREd in _AM_DEPENDENCIES
-AC_DEFUN([AM_SET_DEPDIR],
-[AC_REQUIRE([AM_SET_LEADING_DOT])dnl
-AC_SUBST([DEPDIR], ["${am__leading_dot}deps"])dnl
-])
-
-
-# AM_DEP_TRACK
-# ------------
-AC_DEFUN([AM_DEP_TRACK],
-[AC_ARG_ENABLE(dependency-tracking,
-[ --disable-dependency-tracking speeds up one-time build
- --enable-dependency-tracking do not reject slow dependency extractors])
-if test "x$enable_dependency_tracking" != xno; then
- am_depcomp="$ac_aux_dir/depcomp"
- AMDEPBACKSLASH='\'
-fi
-AM_CONDITIONAL([AMDEP], [test "x$enable_dependency_tracking" != xno])
-AC_SUBST([AMDEPBACKSLASH])dnl
-_AM_SUBST_NOTMAKE([AMDEPBACKSLASH])dnl
-])
-
-# Generate code to set up dependency tracking. -*- Autoconf -*-
-
-# Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005
-# Free Software Foundation, Inc.
-#
-# This file is free software; the Free Software Foundation
-# gives unlimited permission to copy and/or distribute it,
-# with or without modifications, as long as this notice is preserved.
-
-#serial 3
-
-# _AM_OUTPUT_DEPENDENCY_COMMANDS
-# ------------------------------
-AC_DEFUN([_AM_OUTPUT_DEPENDENCY_COMMANDS],
-[for mf in $CONFIG_FILES; do
- # Strip MF so we end up with the name of the file.
- mf=`echo "$mf" | sed -e 's/:.*$//'`
- # Check whether this is an Automake generated Makefile or not.
- # We used to match only the files named `Makefile.in', but
- # some people rename them; so instead we look at the file content.
- # Grep'ing the first line is not enough: some people post-process
- # each Makefile.in and add a new line on top of each file to say so.
- # Grep'ing the whole file is not good either: AIX grep has a line
- # limit of 2048, but all sed's we know have understand at least 4000.
- if sed -n 's,^#.*generated by automake.*,X,p' "$mf" | grep X >/dev/null 2>&1; then
- dirpart=`AS_DIRNAME("$mf")`
- else
- continue
- fi
- # Extract the definition of DEPDIR, am__include, and am__quote
- # from the Makefile without running `make'.
- DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"`
- test -z "$DEPDIR" && continue
- am__include=`sed -n 's/^am__include = //p' < "$mf"`
- test -z "am__include" && continue
- am__quote=`sed -n 's/^am__quote = //p' < "$mf"`
- # When using ansi2knr, U may be empty or an underscore; expand it
- U=`sed -n 's/^U = //p' < "$mf"`
- # Find all dependency output files, they are included files with
- # $(DEPDIR) in their names. We invoke sed twice because it is the
- # simplest approach to changing $(DEPDIR) to its actual value in the
- # expansion.
- for file in `sed -n "
- s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \
- sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g' -e 's/\$U/'"$U"'/g'`; do
- # Make sure the directory exists.
- test -f "$dirpart/$file" && continue
- fdir=`AS_DIRNAME(["$file"])`
- AS_MKDIR_P([$dirpart/$fdir])
- # echo "creating $dirpart/$file"
- echo '# dummy' > "$dirpart/$file"
- done
-done
-])# _AM_OUTPUT_DEPENDENCY_COMMANDS
-
-
-# AM_OUTPUT_DEPENDENCY_COMMANDS
-# -----------------------------
-# This macro should only be invoked once -- use via AC_REQUIRE.
-#
-# This code is only required when automatic dependency tracking
-# is enabled. FIXME. This creates each `.P' file that we will
-# need in order to bootstrap the dependency handling code.
-AC_DEFUN([AM_OUTPUT_DEPENDENCY_COMMANDS],
-[AC_CONFIG_COMMANDS([depfiles],
- [test x"$AMDEP_TRUE" != x"" || _AM_OUTPUT_DEPENDENCY_COMMANDS],
- [AMDEP_TRUE="$AMDEP_TRUE" ac_aux_dir="$ac_aux_dir"])
-])
-
-# Do all the work for Automake. -*- Autoconf -*-
-
-# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004,
-# 2005, 2006, 2008 Free Software Foundation, Inc.
-#
-# This file is free software; the Free Software Foundation
-# gives unlimited permission to copy and/or distribute it,
-# with or without modifications, as long as this notice is preserved.
-
-# serial 13
-
-# This macro actually does too much. Some checks are only needed if
-# your package does certain things. But this isn't really a big deal.
-
-# AM_INIT_AUTOMAKE(PACKAGE, VERSION, [NO-DEFINE])
-# AM_INIT_AUTOMAKE([OPTIONS])
-# -----------------------------------------------
-# The call with PACKAGE and VERSION arguments is the old style
-# call (pre autoconf-2.50), which is being phased out. PACKAGE
-# and VERSION should now be passed to AC_INIT and removed from
-# the call to AM_INIT_AUTOMAKE.
-# We support both call styles for the transition. After
-# the next Automake release, Autoconf can make the AC_INIT
-# arguments mandatory, and then we can depend on a new Autoconf
-# release and drop the old call support.
-AC_DEFUN([AM_INIT_AUTOMAKE],
-[AC_PREREQ([2.60])dnl
-dnl Autoconf wants to disallow AM_ names. We explicitly allow
-dnl the ones we care about.
-m4_pattern_allow([^AM_[A-Z]+FLAGS$])dnl
-AC_REQUIRE([AM_SET_CURRENT_AUTOMAKE_VERSION])dnl
-AC_REQUIRE([AC_PROG_INSTALL])dnl
-if test "`cd $srcdir && pwd`" != "`pwd`"; then
- # Use -I$(srcdir) only when $(srcdir) != ., so that make's output
- # is not polluted with repeated "-I."
- AC_SUBST([am__isrc], [' -I$(srcdir)'])_AM_SUBST_NOTMAKE([am__isrc])dnl
- # test to see if srcdir already configured
- if test -f $srcdir/config.status; then
- AC_MSG_ERROR([source directory already configured; run "make distclean" there first])
- fi
-fi
-
-# test whether we have cygpath
-if test -z "$CYGPATH_W"; then
- if (cygpath --version) >/dev/null 2>/dev/null; then
- CYGPATH_W='cygpath -w'
- else
- CYGPATH_W=echo
- fi
-fi
-AC_SUBST([CYGPATH_W])
-
-# Define the identity of the package.
-dnl Distinguish between old-style and new-style calls.
-m4_ifval([$2],
-[m4_ifval([$3], [_AM_SET_OPTION([no-define])])dnl
- AC_SUBST([PACKAGE], [$1])dnl
- AC_SUBST([VERSION], [$2])],
-[_AM_SET_OPTIONS([$1])dnl
-dnl Diagnose old-style AC_INIT with new-style AM_AUTOMAKE_INIT.
-m4_if(m4_ifdef([AC_PACKAGE_NAME], 1)m4_ifdef([AC_PACKAGE_VERSION], 1), 11,,
- [m4_fatal([AC_INIT should be called with package and version arguments])])dnl
- AC_SUBST([PACKAGE], ['AC_PACKAGE_TARNAME'])dnl
- AC_SUBST([VERSION], ['AC_PACKAGE_VERSION'])])dnl
-
-_AM_IF_OPTION([no-define],,
-[AC_DEFINE_UNQUOTED(PACKAGE, "$PACKAGE", [Name of package])
- AC_DEFINE_UNQUOTED(VERSION, "$VERSION", [Version number of package])])dnl
-
-# Some tools Automake needs.
-AC_REQUIRE([AM_SANITY_CHECK])dnl
-AC_REQUIRE([AC_ARG_PROGRAM])dnl
-AM_MISSING_PROG(ACLOCAL, aclocal-${am__api_version})
-AM_MISSING_PROG(AUTOCONF, autoconf)
-AM_MISSING_PROG(AUTOMAKE, automake-${am__api_version})
-AM_MISSING_PROG(AUTOHEADER, autoheader)
-AM_MISSING_PROG(MAKEINFO, makeinfo)
-AM_PROG_INSTALL_SH
-AM_PROG_INSTALL_STRIP
-AC_REQUIRE([AM_PROG_MKDIR_P])dnl
-# We need awk for the "check" target. The system "awk" is bad on
-# some platforms.
-AC_REQUIRE([AC_PROG_AWK])dnl
-AC_REQUIRE([AC_PROG_MAKE_SET])dnl
-AC_REQUIRE([AM_SET_LEADING_DOT])dnl
-_AM_IF_OPTION([tar-ustar], [_AM_PROG_TAR([ustar])],
- [_AM_IF_OPTION([tar-pax], [_AM_PROG_TAR([pax])],
- [_AM_PROG_TAR([v7])])])
-_AM_IF_OPTION([no-dependencies],,
-[AC_PROVIDE_IFELSE([AC_PROG_CC],
- [_AM_DEPENDENCIES(CC)],
- [define([AC_PROG_CC],
- defn([AC_PROG_CC])[_AM_DEPENDENCIES(CC)])])dnl
-AC_PROVIDE_IFELSE([AC_PROG_CXX],
- [_AM_DEPENDENCIES(CXX)],
- [define([AC_PROG_CXX],
- defn([AC_PROG_CXX])[_AM_DEPENDENCIES(CXX)])])dnl
-AC_PROVIDE_IFELSE([AC_PROG_OBJC],
- [_AM_DEPENDENCIES(OBJC)],
- [define([AC_PROG_OBJC],
- defn([AC_PROG_OBJC])[_AM_DEPENDENCIES(OBJC)])])dnl
-])
-])
-
-
-# When config.status generates a header, we must update the stamp-h file.
-# This file resides in the same directory as the config header
-# that is generated. The stamp files are numbered to have different names.
-
-# Autoconf calls _AC_AM_CONFIG_HEADER_HOOK (when defined) in the
-# loop where config.status creates the headers, so we can generate
-# our stamp files there.
-AC_DEFUN([_AC_AM_CONFIG_HEADER_HOOK],
-[# Compute $1's index in $config_headers.
-_am_arg=$1
-_am_stamp_count=1
-for _am_header in $config_headers :; do
- case $_am_header in
- $_am_arg | $_am_arg:* )
- break ;;
- * )
- _am_stamp_count=`expr $_am_stamp_count + 1` ;;
- esac
-done
-echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_count])
-
-# Copyright (C) 2001, 2003, 2005 Free Software Foundation, Inc.
-#
-# This file is free software; the Free Software Foundation
-# gives unlimited permission to copy and/or distribute it,
-# with or without modifications, as long as this notice is preserved.
-
-# AM_PROG_INSTALL_SH
-# ------------------
-# Define $install_sh.
-AC_DEFUN([AM_PROG_INSTALL_SH],
-[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl
-install_sh=${install_sh-"\$(SHELL) $am_aux_dir/install-sh"}
-AC_SUBST(install_sh)])
-
-# Copyright (C) 2003, 2005 Free Software Foundation, Inc.
-#
-# This file is free software; the Free Software Foundation
-# gives unlimited permission to copy and/or distribute it,
-# with or without modifications, as long as this notice is preserved.
-
-# serial 2
-
-# Check whether the underlying file-system supports filenames
-# with a leading dot. For instance MS-DOS doesn't.
-AC_DEFUN([AM_SET_LEADING_DOT],
-[rm -rf .tst 2>/dev/null
-mkdir .tst 2>/dev/null
-if test -d .tst; then
- am__leading_dot=.
-else
- am__leading_dot=_
-fi
-rmdir .tst 2>/dev/null
-AC_SUBST([am__leading_dot])])
-
-# Check to see how 'make' treats includes. -*- Autoconf -*-
-
-# Copyright (C) 2001, 2002, 2003, 2005 Free Software Foundation, Inc.
-#
-# This file is free software; the Free Software Foundation
-# gives unlimited permission to copy and/or distribute it,
-# with or without modifications, as long as this notice is preserved.
-
-# serial 3
-
-# AM_MAKE_INCLUDE()
-# -----------------
-# Check to see how make treats includes.
-AC_DEFUN([AM_MAKE_INCLUDE],
-[am_make=${MAKE-make}
-cat > confinc << 'END'
-am__doit:
- @echo done
-.PHONY: am__doit
-END
-# If we don't find an include directive, just comment out the code.
-AC_MSG_CHECKING([for style of include used by $am_make])
-am__include="#"
-am__quote=
-_am_result=none
-# First try GNU make style include.
-echo "include confinc" > confmf
-# We grep out `Entering directory' and `Leaving directory'
-# messages which can occur if `w' ends up in MAKEFLAGS.
-# In particular we don't look at `^make:' because GNU make might
-# be invoked under some other name (usually "gmake"), in which
-# case it prints its new name instead of `make'.
-if test "`$am_make -s -f confmf 2> /dev/null | grep -v 'ing directory'`" = "done"; then
- am__include=include
- am__quote=
- _am_result=GNU
-fi
-# Now try BSD make style include.
-if test "$am__include" = "#"; then
- echo '.include "confinc"' > confmf
- if test "`$am_make -s -f confmf 2> /dev/null`" = "done"; then
- am__include=.include
- am__quote="\""
- _am_result=BSD
- fi
-fi
-AC_SUBST([am__include])
-AC_SUBST([am__quote])
-AC_MSG_RESULT([$_am_result])
-rm -f confinc confmf
-])
-
-# Fake the existence of programs that GNU maintainers use. -*- Autoconf -*-
-
-# Copyright (C) 1997, 1999, 2000, 2001, 2003, 2004, 2005
-# Free Software Foundation, Inc.
-#
-# This file is free software; the Free Software Foundation
-# gives unlimited permission to copy and/or distribute it,
-# with or without modifications, as long as this notice is preserved.
-
-# serial 5
-
-# AM_MISSING_PROG(NAME, PROGRAM)
-# ------------------------------
-AC_DEFUN([AM_MISSING_PROG],
-[AC_REQUIRE([AM_MISSING_HAS_RUN])
-$1=${$1-"${am_missing_run}$2"}
-AC_SUBST($1)])
-
-
-# AM_MISSING_HAS_RUN
-# ------------------
-# Define MISSING if not defined so far and test if it supports --run.
-# If it does, set am_missing_run to use it, otherwise, to nothing.
-AC_DEFUN([AM_MISSING_HAS_RUN],
-[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl
-AC_REQUIRE_AUX_FILE([missing])dnl
-test x"${MISSING+set}" = xset || MISSING="\${SHELL} $am_aux_dir/missing"
-# Use eval to expand $SHELL
-if eval "$MISSING --run true"; then
- am_missing_run="$MISSING --run "
-else
- am_missing_run=
- AC_MSG_WARN([`missing' script is too old or missing])
-fi
-])
-
-# Copyright (C) 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
-#
-# This file is free software; the Free Software Foundation
-# gives unlimited permission to copy and/or distribute it,
-# with or without modifications, as long as this notice is preserved.
-
-# AM_PROG_MKDIR_P
-# ---------------
-# Check for `mkdir -p'.
-AC_DEFUN([AM_PROG_MKDIR_P],
-[AC_PREREQ([2.60])dnl
-AC_REQUIRE([AC_PROG_MKDIR_P])dnl
-dnl Automake 1.8 to 1.9.6 used to define mkdir_p. We now use MKDIR_P,
-dnl while keeping a definition of mkdir_p for backward compatibility.
-dnl @MKDIR_P@ is magic: AC_OUTPUT adjusts its value for each Makefile.
-dnl However we cannot define mkdir_p as $(MKDIR_P) for the sake of
-dnl Makefile.ins that do not define MKDIR_P, so we do our own
-dnl adjustment using top_builddir (which is defined more often than
-dnl MKDIR_P).
-AC_SUBST([mkdir_p], ["$MKDIR_P"])dnl
-case $mkdir_p in
- [[\\/$]]* | ?:[[\\/]]*) ;;
- */*) mkdir_p="\$(top_builddir)/$mkdir_p" ;;
-esac
-])
-
-# Helper functions for option handling. -*- Autoconf -*-
-
-# Copyright (C) 2001, 2002, 2003, 2005 Free Software Foundation, Inc.
-#
-# This file is free software; the Free Software Foundation
-# gives unlimited permission to copy and/or distribute it,
-# with or without modifications, as long as this notice is preserved.
-
-# serial 3
-
-# _AM_MANGLE_OPTION(NAME)
-# -----------------------
-AC_DEFUN([_AM_MANGLE_OPTION],
-[[_AM_OPTION_]m4_bpatsubst($1, [[^a-zA-Z0-9_]], [_])])
-
-# _AM_SET_OPTION(NAME)
-# ------------------------------
-# Set option NAME. Presently that only means defining a flag for this option.
-AC_DEFUN([_AM_SET_OPTION],
-[m4_define(_AM_MANGLE_OPTION([$1]), 1)])
-
-# _AM_SET_OPTIONS(OPTIONS)
-# ----------------------------------
-# OPTIONS is a space-separated list of Automake options.
-AC_DEFUN([_AM_SET_OPTIONS],
-[AC_FOREACH([_AM_Option], [$1], [_AM_SET_OPTION(_AM_Option)])])
-
-# _AM_IF_OPTION(OPTION, IF-SET, [IF-NOT-SET])
-# -------------------------------------------
-# Execute IF-SET if OPTION is set, IF-NOT-SET otherwise.
-AC_DEFUN([_AM_IF_OPTION],
-[m4_ifset(_AM_MANGLE_OPTION([$1]), [$2], [$3])])
-
-# Check to make sure that the build environment is sane. -*- Autoconf -*-
-
-# Copyright (C) 1996, 1997, 2000, 2001, 2003, 2005
-# Free Software Foundation, Inc.
-#
-# This file is free software; the Free Software Foundation
-# gives unlimited permission to copy and/or distribute it,
-# with or without modifications, as long as this notice is preserved.
-
-# serial 4
-
-# AM_SANITY_CHECK
-# ---------------
-AC_DEFUN([AM_SANITY_CHECK],
-[AC_MSG_CHECKING([whether build environment is sane])
-# Just in case
-sleep 1
-echo timestamp > conftest.file
-# Do `set' in a subshell so we don't clobber the current shell's
-# arguments. Must try -L first in case configure is actually a
-# symlink; some systems play weird games with the mod time of symlinks
-# (eg FreeBSD returns the mod time of the symlink's containing
-# directory).
-if (
- set X `ls -Lt $srcdir/configure conftest.file 2> /dev/null`
- if test "$[*]" = "X"; then
- # -L didn't work.
- set X `ls -t $srcdir/configure conftest.file`
- fi
- rm -f conftest.file
- if test "$[*]" != "X $srcdir/configure conftest.file" \
- && test "$[*]" != "X conftest.file $srcdir/configure"; then
-
- # If neither matched, then we have a broken ls. This can happen
- # if, for instance, CONFIG_SHELL is bash and it inherits a
- # broken ls alias from the environment. This has actually
- # happened. Such a system could not be considered "sane".
- AC_MSG_ERROR([ls -t appears to fail. Make sure there is not a broken
-alias in your environment])
- fi
-
- test "$[2]" = conftest.file
- )
-then
- # Ok.
- :
-else
- AC_MSG_ERROR([newly created file is older than distributed files!
-Check your system clock])
-fi
-AC_MSG_RESULT(yes)])
-
-# Copyright (C) 2001, 2003, 2005 Free Software Foundation, Inc.
-#
-# This file is free software; the Free Software Foundation
-# gives unlimited permission to copy and/or distribute it,
-# with or without modifications, as long as this notice is preserved.
-
-# AM_PROG_INSTALL_STRIP
-# ---------------------
-# One issue with vendor `install' (even GNU) is that you can't
-# specify the program used to strip binaries. This is especially
-# annoying in cross-compiling environments, where the build's strip
-# is unlikely to handle the host's binaries.
-# Fortunately install-sh will honor a STRIPPROG variable, so we
-# always use install-sh in `make install-strip', and initialize
-# STRIPPROG with the value of the STRIP variable (set by the user).
-AC_DEFUN([AM_PROG_INSTALL_STRIP],
-[AC_REQUIRE([AM_PROG_INSTALL_SH])dnl
-# Installed binaries are usually stripped using `strip' when the user
-# run `make install-strip'. However `strip' might not be the right
-# tool to use in cross-compilation environments, therefore Automake
-# will honor the `STRIP' environment variable to overrule this program.
-dnl Don't test for $cross_compiling = yes, because it might be `maybe'.
-if test "$cross_compiling" != no; then
- AC_CHECK_TOOL([STRIP], [strip], :)
-fi
-INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s"
-AC_SUBST([INSTALL_STRIP_PROGRAM])])
-
-# Copyright (C) 2006 Free Software Foundation, Inc.
-#
-# This file is free software; the Free Software Foundation
-# gives unlimited permission to copy and/or distribute it,
-# with or without modifications, as long as this notice is preserved.
-
-# _AM_SUBST_NOTMAKE(VARIABLE)
-# ---------------------------
-# Prevent Automake from outputting VARIABLE = @VARIABLE@ in Makefile.in.
-# This macro is traced by Automake.
-AC_DEFUN([_AM_SUBST_NOTMAKE])
-
-# Check how to create a tarball. -*- Autoconf -*-
-
-# Copyright (C) 2004, 2005 Free Software Foundation, Inc.
-#
-# This file is free software; the Free Software Foundation
-# gives unlimited permission to copy and/or distribute it,
-# with or without modifications, as long as this notice is preserved.
-
-# serial 2
-
-# _AM_PROG_TAR(FORMAT)
-# --------------------
-# Check how to create a tarball in format FORMAT.
-# FORMAT should be one of `v7', `ustar', or `pax'.
-#
-# Substitute a variable $(am__tar) that is a command
-# writing to stdout a FORMAT-tarball containing the directory
-# $tardir.
-# tardir=directory && $(am__tar) > result.tar
-#
-# Substitute a variable $(am__untar) that extract such
-# a tarball read from stdin.
-# $(am__untar) < result.tar
-AC_DEFUN([_AM_PROG_TAR],
-[# Always define AMTAR for backward compatibility.
-AM_MISSING_PROG([AMTAR], [tar])
-m4_if([$1], [v7],
- [am__tar='${AMTAR} chof - "$$tardir"'; am__untar='${AMTAR} xf -'],
- [m4_case([$1], [ustar],, [pax],,
- [m4_fatal([Unknown tar format])])
-AC_MSG_CHECKING([how to create a $1 tar archive])
-# Loop over all known methods to create a tar archive until one works.
-_am_tools='gnutar m4_if([$1], [ustar], [plaintar]) pax cpio none'
-_am_tools=${am_cv_prog_tar_$1-$_am_tools}
-# Do not fold the above two line into one, because Tru64 sh and
-# Solaris sh will not grok spaces in the rhs of `-'.
-for _am_tool in $_am_tools
-do
- case $_am_tool in
- gnutar)
- for _am_tar in tar gnutar gtar;
- do
- AM_RUN_LOG([$_am_tar --version]) && break
- done
- am__tar="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$$tardir"'
- am__tar_="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$tardir"'
- am__untar="$_am_tar -xf -"
- ;;
- plaintar)
- # Must skip GNU tar: if it does not support --format= it doesn't create
- # ustar tarball either.
- (tar --version) >/dev/null 2>&1 && continue
- am__tar='tar chf - "$$tardir"'
- am__tar_='tar chf - "$tardir"'
- am__untar='tar xf -'
- ;;
- pax)
- am__tar='pax -L -x $1 -w "$$tardir"'
- am__tar_='pax -L -x $1 -w "$tardir"'
- am__untar='pax -r'
- ;;
- cpio)
- am__tar='find "$$tardir" -print | cpio -o -H $1 -L'
- am__tar_='find "$tardir" -print | cpio -o -H $1 -L'
- am__untar='cpio -i -H $1 -d'
- ;;
- none)
- am__tar=false
- am__tar_=false
- am__untar=false
- ;;
- esac
-
- # If the value was cached, stop now. We just wanted to have am__tar
- # and am__untar set.
- test -n "${am_cv_prog_tar_$1}" && break
-
- # tar/untar a dummy directory, and stop if the command works
- rm -rf conftest.dir
- mkdir conftest.dir
- echo GrepMe > conftest.dir/file
- AM_RUN_LOG([tardir=conftest.dir && eval $am__tar_ >conftest.tar])
- rm -rf conftest.dir
- if test -s conftest.tar; then
- AM_RUN_LOG([$am__untar <conftest.tar])
- grep GrepMe conftest.dir/file >/dev/null 2>&1 && break
- fi
-done
-rm -rf conftest.dir
-
-AC_CACHE_VAL([am_cv_prog_tar_$1], [am_cv_prog_tar_$1=$_am_tool])
-AC_MSG_RESULT([$am_cv_prog_tar_$1])])
-AC_SUBST([am__tar])
-AC_SUBST([am__untar])
-]) # _AM_PROG_TAR
Modified: trunk/contrib/sudo/aix.c
===================================================================
--- trunk/contrib/sudo/aix.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/aix.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -31,7 +31,7 @@
#include <usersec.h>
#include <uinfo.h>
-#include "compat.h"
+#include "missing.h"
#include "alloc.h"
#include "error.h"
@@ -75,10 +75,10 @@
if (getuserattr(user, lim, &val, SEC_INT) != 0 &&
getuserattr("default", lim, &val, SEC_INT) != 0) {
- return(-1);
+ return -1;
}
*valp = val;
- return(0);
+ return 0;
}
static void
Modified: trunk/contrib/sudo/alias.c
===================================================================
--- trunk/contrib/sudo/alias.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/alias.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -69,7 +69,7 @@
res = 1;
else if ((res = strcmp(a1->name, a2->name)) == 0)
res = a1->type - a2->type;
- return(res);
+ return res;
}
/*
@@ -95,10 +95,10 @@
*/
a = node->data;
if (a->seqno == alias_seqno)
- return(NULL);
+ return NULL;
a->seqno = alias_seqno;
}
- return(a);
+ return a;
}
/*
@@ -122,9 +122,9 @@
if (rbinsert(aliases, a)) {
snprintf(errbuf, sizeof(errbuf), "Alias `%s' already defined", name);
alias_free(a);
- return(errbuf);
+ return errbuf;
}
- return(NULL);
+ return NULL;
}
/*
@@ -144,7 +144,7 @@
int
no_aliases()
{
- return(rbisempty(aliases));
+ return rbisempty(aliases);
}
/*
@@ -182,14 +182,13 @@
int type;
{
struct rbnode *node;
- struct alias key, *a;
+ struct alias key;
key.name = name;
key.type = type;
if ((node = rbfind(aliases, &key)) == NULL)
- return(NULL);
- a = rbdelete(aliases, node);
- return(a);
+ return NULL;
+ return rbdelete(aliases, node);
}
void
Modified: trunk/contrib/sudo/alloc.c
===================================================================
--- trunk/contrib/sudo/alloc.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/alloc.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -33,6 +33,9 @@
# endif
#endif /* STDC_HEADERS */
#ifdef HAVE_STRING_H
+# if defined(HAVE_MEMORY_H) && !defined(STDC_HEADERS)
+# include <memory.h>
+# endif
# include <string.h>
#endif /* HAVE_STRING_H */
#ifdef HAVE_STRINGS_H
@@ -45,7 +48,9 @@
# include <inttypes.h>
#endif
-#include "sudo.h"
+#include "missing.h"
+#include "alloc.h"
+#include "error.h"
/*
* If there is no SIZE_MAX or SIZE_T_MAX we have to assume that size_t
@@ -76,7 +81,7 @@
if ((ptr = malloc(size)) == NULL)
errorx(1, "unable to allocate memory");
- return(ptr);
+ return ptr;
}
/*
@@ -98,7 +103,7 @@
size *= nmemb;
if ((ptr = malloc(size)) == NULL)
errorx(1, "unable to allocate memory");
- return(ptr);
+ return ptr;
}
/*
@@ -118,7 +123,7 @@
ptr = ptr ? realloc(ptr, size) : malloc(size);
if (ptr == NULL)
errorx(1, "unable to allocate memory");
- return(ptr);
+ return ptr;
}
/*
@@ -143,7 +148,7 @@
ptr = ptr ? realloc(ptr, size) : malloc(size);
if (ptr == NULL)
errorx(1, "unable to allocate memory");
- return(ptr);
+ return ptr;
}
/*
@@ -155,14 +160,15 @@
const char *src;
{
char *dst = NULL;
- size_t size;
+ size_t len;
if (src != NULL) {
- size = strlen(src) + 1;
- dst = (char *) emalloc(size);
- (void) memcpy(dst, src, size);
+ len = strlen(src);
+ dst = (char *) emalloc(len + 1);
+ (void) memcpy(dst, src, len);
+ dst[len] = '\0';
}
- return(dst);
+ return dst;
}
/*
@@ -191,7 +197,7 @@
if (len == -1)
errorx(1, "unable to allocate memory");
- return(len);
+ return len;
}
/*
@@ -208,7 +214,7 @@
if ((len = vasprintf(ret, format, args)) == -1)
errorx(1, "unable to allocate memory");
- return(len);
+ return len;
}
/*
Modified: trunk/contrib/sudo/audit.c
===================================================================
--- trunk/contrib/sudo/audit.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/audit.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -32,7 +32,7 @@
# include <varargs.h>
#endif
-#include "compat.h"
+#include "missing.h"
#include "logging.h"
#ifdef HAVE_BSM_AUDIT
Modified: trunk/contrib/sudo/auth/afs.c
===================================================================
--- trunk/contrib/sudo/auth/afs.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/auth/afs.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -43,12 +43,12 @@
#endif /* HAVE_UNISTD_H */
#include <pwd.h>
+#include <afs/stds.h>
+#include <afs/kautils.h>
+
#include "sudo.h"
#include "sudo_auth.h"
-#include <afs/stds.h>
-#include <afs/kautils.h>
-
int
afs_verify(pw, pass, auth)
struct passwd *pw;
@@ -67,7 +67,7 @@
0, /* lifetime */
&afs_token, /* token */
0) == 0) /* new */
- return(AUTH_SUCCESS);
+ return AUTH_SUCCESS;
/* Fall back on old method XXX - needed? */
setpag();
@@ -80,7 +80,7 @@
NULL, /* expiration ptr (unused) */
0, /* spare */
NULL) == 0) /* reason */
- return(AUTH_SUCCESS);
+ return AUTH_SUCCESS;
- return(AUTH_FAILURE);
+ return AUTH_FAILURE;
}
Modified: trunk/contrib/sudo/auth/aix_auth.c
===================================================================
--- trunk/contrib/sudo/auth/aix_auth.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/auth/aix_auth.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -69,7 +69,7 @@
free(message);
zero_bytes(pass, strlen(pass));
}
- return(rval);
+ return rval;
}
int
@@ -80,5 +80,5 @@
/* Unset AUTHSTATE as it may not be correct for the runas user. */
unsetenv("AUTHSTATE");
- return(AUTH_SUCCESS);
+ return AUTH_SUCCESS;
}
Modified: trunk/contrib/sudo/auth/bsdauth.c
===================================================================
--- trunk/contrib/sudo/auth/bsdauth.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/auth/bsdauth.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -65,7 +65,7 @@
if ((as = auth_open()) == NULL) {
log_error(USE_ERRNO|NO_EXIT|NO_MAIL,
"unable to begin bsd authentication");
- return(AUTH_FATAL);
+ return AUTH_FATAL;
}
/* XXX - maybe sanity check the auth style earlier? */
@@ -73,7 +73,7 @@
if (login_style == NULL) {
log_error(NO_EXIT|NO_MAIL, "invalid authentication type");
auth_close(as);
- return(AUTH_FATAL);
+ return AUTH_FATAL;
}
if (auth_setitem(as, AUTHV_STYLE, login_style) < 0 ||
@@ -81,11 +81,11 @@
auth_setitem(as, AUTHV_CLASS, login_class) < 0) {
log_error(NO_EXIT|NO_MAIL, "unable to setup authentication");
auth_close(as);
- return(AUTH_FATAL);
+ return AUTH_FATAL;
}
auth->data = (void *) as;
- return(AUTH_SUCCESS);
+ return AUTH_SUCCESS;
}
int
@@ -146,14 +146,14 @@
(void) sigaction(SIGCHLD, &osa, NULL);
if (authok)
- return(AUTH_SUCCESS);
+ return AUTH_SUCCESS;
if (!pass)
- return(AUTH_INTR);
+ return AUTH_INTR;
if ((s = auth_getvalue(as, "errormsg")) != NULL)
log_error(NO_EXIT|NO_MAIL, "%s", s);
- return(AUTH_FAILURE);
+ return AUTH_FAILURE;
}
int
@@ -165,5 +165,5 @@
auth_close(as);
- return(AUTH_SUCCESS);
+ return AUTH_SUCCESS;
}
Modified: trunk/contrib/sudo/auth/dce.c
===================================================================
--- trunk/contrib/sudo/auth/dce.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/auth/dce.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -89,7 +89,7 @@
sec_login_no_flags, &login_context, &status)) {
if (check_dce_status(status, "sec_login_setup_identity(1):"))
- return(AUTH_FAILURE);
+ return AUTH_FAILURE;
password_rec.key.key_type = sec_passwd_plain;
password_rec.key.tagged_union.plain = (idl_char *) plain_pw;
@@ -101,7 +101,7 @@
&reset_passwd, &auth_src, &status)) {
if (check_dce_status(status, "sec_login_validate_identity(1):"))
- return(AUTH_FAILURE);
+ return AUTH_FAILURE;
/*
* Certify that the DCE Security Server used to set
@@ -111,10 +111,10 @@
if (!sec_login_certify_identity(login_context, &status)) {
(void) fprintf(stderr, "Whoa! Bogus authentication server!\n");
(void) check_dce_status(status,"sec_login_certify_identity(1):");
- return(AUTH_FAILURE);
+ return AUTH_FAILURE;
}
if (check_dce_status(status, "sec_login_certify_identity(2):"))
- return(AUTH_FAILURE);
+ return AUTH_FAILURE;
/*
* Sets the network credentials to those specified
@@ -122,7 +122,7 @@
*/
sec_login_set_context(login_context, &status);
if (check_dce_status(status, "sec_login_set_context:"))
- return(AUTH_FAILURE);
+ return AUTH_FAILURE;
/*
* Oops, your credentials were no good. Possibly
@@ -132,13 +132,13 @@
if (auth_src != sec_login_auth_src_network) {
(void) fprintf(stderr,
"You have no network credentials.\n");
- return(AUTH_FAILURE);
+ return AUTH_FAILURE;
}
/* Check if the password has aged and is thus no good */
if (reset_passwd) {
(void) fprintf(stderr,
"Your DCE password needs resetting.\n");
- return(AUTH_FAILURE);
+ return AUTH_FAILURE;
}
/*
@@ -150,7 +150,7 @@
sec_login_get_pwent(login_context, (sec_login_passwd_t) &temp_pw,
&status);
if (check_dce_status(status, "sec_login_get_pwent:"))
- return(AUTH_FAILURE);
+ return AUTH_FAILURE;
/*
* If we get to here, then the pwent above properly fetched
@@ -172,17 +172,17 @@
* somewhere later in the program.
*/
sec_login_purge_context(&login_context, &status);
- return(AUTH_SUCCESS);
+ return AUTH_SUCCESS;
} else {
if(check_dce_status(status, "sec_login_validate_identity(2):"))
- return(AUTH_FAILURE);
+ return AUTH_FAILURE;
sec_login_purge_context(&login_context, &status);
if(check_dce_status(status, "sec_login_purge_context:"))
- return(AUTH_FAILURE);
+ return AUTH_FAILURE;
}
}
(void) check_dce_status(status, "sec_login_setup_identity(2):");
- return(AUTH_FAILURE);
+ return AUTH_FAILURE;
}
/* Returns 0 for DCE "ok" status, 1 otherwise */
@@ -195,8 +195,8 @@
unsigned char error_string[dce_c_error_string_len];
if (input_status == rpc_s_ok)
- return(0);
+ return 0;
dce_error_inq_text(input_status, error_string, &error_stat);
(void) fprintf(stderr, "%s %s\n", comment, error_string);
- return(1);
+ return 1;
}
Modified: trunk/contrib/sudo/auth/fwtk.c
===================================================================
--- trunk/contrib/sudo/auth/fwtk.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/auth/fwtk.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -60,25 +60,25 @@
if ((confp = cfg_read("sudo")) == (Cfg *)-1) {
warningx("cannot read fwtk config");
- return(AUTH_FATAL);
+ return AUTH_FATAL;
}
if (auth_open(confp)) {
warningx("cannot connect to authentication server");
- return(AUTH_FATAL);
+ return AUTH_FATAL;
}
/* Get welcome message from auth server */
if (auth_recv(resp, sizeof(resp))) {
warningx("lost connection to authentication server");
- return(AUTH_FATAL);
+ return AUTH_FATAL;
}
if (strncmp(resp, "Authsrv ready", 13) != 0) {
warningx("authentication server error:\n%s", resp);
- return(AUTH_FATAL);
+ return AUTH_FATAL;
}
- return(AUTH_SUCCESS);
+ return AUTH_SUCCESS;
}
int
@@ -97,7 +97,7 @@
restart:
if (auth_send(buf) || auth_recv(resp, sizeof(resp))) {
warningx("lost connection to authentication server");
- return(AUTH_FATAL);
+ return AUTH_FATAL;
}
/* Get the password/response from the user. */
@@ -119,10 +119,10 @@
goto restart;
} else {
warningx("%s", resp);
- return(AUTH_FATAL);
+ return AUTH_FATAL;
}
if (!pass) { /* ^C or error */
- return(AUTH_INTR);
+ return AUTH_INTR;
}
/* Send the user's response to the server */
@@ -145,7 +145,7 @@
done:
zero_bytes(pass, strlen(pass));
zero_bytes(buf, strlen(buf));
- return(error);
+ return error;
}
int
@@ -155,5 +155,5 @@
{
auth_close();
- return(AUTH_SUCCESS);
+ return AUTH_SUCCESS;
}
Modified: trunk/contrib/sudo/auth/kerb4.c
===================================================================
--- trunk/contrib/sudo/auth/kerb4.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/auth/kerb4.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -57,16 +57,16 @@
/* Don't try to verify root */
if (pw->pw_uid == 0)
- return(AUTH_FAILURE);
+ return AUTH_FAILURE;
/* Get the local realm, or retrun failure (no krb.conf) */
if (krb_get_lrealm(realm, 1) != KSUCCESS)
- return(AUTH_FAILURE);
+ return AUTH_FAILURE;
/* Stash a pointer to the realm (used in kerb4_verify) */
auth->data = (void *) realm;
- return(AUTH_SUCCESS);
+ return AUTH_SUCCESS;
}
int
@@ -83,8 +83,8 @@
* Set the ticket file to be in sudo sudo timedir so we don't
* wipe out other (real) kerberos tickets.
*/
- (void) snprintf(tkfile, sizeof(tkfile), "%s/tkt%lu",
- _PATH_SUDO_TIMEDIR, (unsigned long) pw->pw_uid);
+ (void) snprintf(tkfile, sizeof(tkfile), "%s/tkt%u",
+ _PATH_SUDO_TIMEDIR, (unsigned int) pw->pw_uid);
(void) krb_set_tkt_string(tkfile);
/* Convert the password to a ticket given. */
@@ -94,7 +94,7 @@
switch (error) {
case INTK_OK:
dest_tkt(); /* we are done with the temp ticket */
- return(AUTH_SUCCESS);
+ return AUTH_SUCCESS;
break;
case INTK_BADPW:
case KDC_PR_UNKNOWN:
@@ -104,5 +104,5 @@
krb_err_txt[error]);
}
- return(AUTH_FAILURE);
+ return AUTH_FAILURE;
}
Modified: trunk/contrib/sudo/auth/kerb5.c
===================================================================
--- trunk/contrib/sudo/auth/kerb5.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/auth/kerb5.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -110,7 +110,7 @@
error = krb5_init_context(&(sudo_krb5_data.sudo_context));
#endif
if (error)
- return(AUTH_FAILURE);
+ return AUTH_FAILURE;
sudo_context = sudo_krb5_data.sudo_context;
if ((error = krb5_parse_name(sudo_context, pw->pw_name,
@@ -118,7 +118,7 @@
log_error(NO_EXIT|NO_MAIL,
"%s: unable to parse '%s': %s", auth->name, pw->pw_name,
error_message(error));
- return(AUTH_FAILURE);
+ return AUTH_FAILURE;
}
princ = sudo_krb5_data.princ;
@@ -131,7 +131,7 @@
log_error(NO_EXIT|NO_MAIL,
"%s: unable to unparse princ ('%s'): %s", auth->name,
pw->pw_name, error_message(error));
- return(AUTH_FAILURE);
+ return AUTH_FAILURE;
}
/* Only rewrite prompt if user didn't specify their own. */
@@ -148,11 +148,11 @@
log_error(NO_EXIT|NO_MAIL,
"%s: unable to resolve ccache: %s", auth->name,
error_message(error));
- return(AUTH_FAILURE);
+ return AUTH_FAILURE;
}
ccache = sudo_krb5_data.ccache;
- return(AUTH_SUCCESS);
+ return AUTH_SUCCESS;
}
#ifdef HAVE_KRB5_VERIFY_USER
@@ -172,7 +172,7 @@
ccache = ((sudo_krb5_datap) auth->data)->ccache;
error = krb5_verify_user(sudo_context, princ, ccache, pass, 1, NULL);
- return (error ? AUTH_FAILURE : AUTH_SUCCESS);
+ return error ? AUTH_FAILURE : AUTH_SUCCESS;
}
#else
int
@@ -243,7 +243,7 @@
}
if (creds)
krb5_free_cred_contents(sudo_context, creds);
- return (error ? AUTH_FAILURE : AUTH_SUCCESS);
+ return error ? AUTH_FAILURE : AUTH_SUCCESS;
}
#endif
@@ -268,7 +268,7 @@
krb5_free_context(sudo_context);
}
- return(AUTH_SUCCESS);
+ return AUTH_SUCCESS;
}
#ifndef HAVE_KRB5_VERIFY_USER
@@ -299,7 +299,7 @@
log_error(NO_EXIT|NO_MAIL,
"%s: unable to get host principal: %s", auth_name,
error_message(error));
- return(-1);
+ return -1;
}
/* Initialize verify opts and set secure mode */
@@ -314,6 +314,6 @@
log_error(NO_EXIT|NO_MAIL,
"%s: Cannot verify TGT! Possible attack!: %s", auth_name,
error_message(error));
- return(error);
+ return error;
}
#endif
Modified: trunk/contrib/sudo/auth/pam.c
===================================================================
--- trunk/contrib/sudo/auth/pam.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/auth/pam.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -102,7 +102,7 @@
if (pam_status != PAM_SUCCESS) {
log_error(USE_ERRNO|NO_EXIT|NO_MAIL, "unable to initialize PAM");
- return(AUTH_FATAL);
+ return AUTH_FATAL;
}
/*
@@ -124,7 +124,7 @@
else
(void) pam_set_item(pamh, PAM_TTY, user_ttypath);
- return(AUTH_SUCCESS);
+ return AUTH_SUCCESS;
}
int
@@ -145,11 +145,11 @@
*pam_status = pam_acct_mgmt(pamh, PAM_SILENT);
switch (*pam_status) {
case PAM_SUCCESS:
- return(AUTH_SUCCESS);
+ return AUTH_SUCCESS;
case PAM_AUTH_ERR:
- log_error(NO_EXIT|NO_MAIL, "pam_acct_mgmt: %d",
- *pam_status);
- return(AUTH_FAILURE);
+ log_error(NO_EXIT|NO_MAIL,
+ "account validation failure, is your account locked?");
+ return AUTH_FATAL;
case PAM_NEW_AUTHTOK_REQD:
log_error(NO_EXIT|NO_MAIL, "%s, %s",
"Account or password is expired",
@@ -157,33 +157,33 @@
*pam_status = pam_chauthtok(pamh,
PAM_CHANGE_EXPIRED_AUTHTOK);
if (*pam_status == PAM_SUCCESS)
- return(AUTH_SUCCESS);
+ return AUTH_SUCCESS;
if ((s = pam_strerror(pamh, *pam_status)))
log_error(NO_EXIT|NO_MAIL, "pam_chauthtok: %s", s);
- return(AUTH_FAILURE);
+ return AUTH_FAILURE;
case PAM_AUTHTOK_EXPIRED:
log_error(NO_EXIT|NO_MAIL,
"Password expired, contact your system administrator");
- return(AUTH_FATAL);
+ return AUTH_FATAL;
case PAM_ACCT_EXPIRED:
log_error(NO_EXIT|NO_MAIL, "%s %s",
"Account expired or PAM config lacks an \"account\"",
"section for sudo, contact your system administrator");
- return(AUTH_FATAL);
+ return AUTH_FATAL;
}
/* FALLTHROUGH */
case PAM_AUTH_ERR:
if (gotintr) {
/* error or ^C from tgetpass() */
- return(AUTH_INTR);
+ return AUTH_INTR;
}
case PAM_MAXTRIES:
case PAM_PERM_DENIED:
- return(AUTH_FAILURE);
+ return AUTH_FAILURE;
default:
if ((s = pam_strerror(pamh, *pam_status)))
log_error(NO_EXIT|NO_MAIL, "pam_authenticate: %s", s);
- return(AUTH_FATAL);
+ return AUTH_FATAL;
}
}
@@ -196,10 +196,10 @@
/* If successful, we can't close the session until pam_prep_user() */
if (auth->status == AUTH_SUCCESS)
- return(AUTH_SUCCESS);
+ return AUTH_SUCCESS;
*pam_status = pam_end(pamh, *pam_status | PAM_DATA_SILENT);
- return(*pam_status == PAM_SUCCESS ? AUTH_SUCCESS : AUTH_FAILURE);
+ return *pam_status == PAM_SUCCESS ? AUTH_SUCCESS : AUTH_FAILURE;
}
int
@@ -235,7 +235,7 @@
pamh = NULL;
}
#endif
- return(status == PAM_SUCCESS ? AUTH_SUCCESS : AUTH_FAILURE);
+ return status == PAM_SUCCESS ? AUTH_SUCCESS : AUTH_FAILURE;
}
int
@@ -249,7 +249,7 @@
#endif
status = pam_end(pamh, PAM_SUCCESS | PAM_DATA_SILENT);
}
- return(status == PAM_SUCCESS ? AUTH_SUCCESS : AUTH_FAILURE);
+ return status == PAM_SUCCESS ? AUTH_SUCCESS : AUTH_FAILURE;
}
/*
@@ -270,7 +270,7 @@
int n, flags, std_prompt;
if ((*response = malloc(num_msg * sizeof(struct pam_response))) == NULL)
- return(PAM_SYSTEM_ERR);
+ return PAM_SYSTEM_ERR;
zero_bytes(*response, num_msg * sizeof(struct pam_response));
for (pr = *response, pm = *msg, n = num_msg; n--; pr++, pm++) {
@@ -332,7 +332,7 @@
}
}
- return(PAM_SUCCESS);
+ return PAM_SUCCESS;
err:
/* Zero and free allocated memory and return an error. */
@@ -346,5 +346,5 @@
zero_bytes(*response, num_msg * sizeof(struct pam_response));
free(*response);
*response = NULL;
- return(gotintr ? PAM_AUTH_ERR : PAM_CONV_ERR);
+ return gotintr ? PAM_AUTH_ERR : PAM_CONV_ERR;
}
Modified: trunk/contrib/sudo/auth/passwd.c
===================================================================
--- trunk/contrib/sudo/auth/passwd.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/auth/passwd.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -57,9 +57,12 @@
{
#ifdef HAVE_SKEYACCESS
if (skeyaccess(pw, user_tty, NULL, NULL) == 0)
- return(AUTH_FAILURE);
+ return AUTH_FAILURE;
#endif
- return(AUTH_SUCCESS);
+ sudo_setspent();
+ auth->data = sudo_getepw(pw);
+ sudo_endspent();
+ return AUTH_SUCCESS;
}
int
@@ -69,16 +72,17 @@
sudo_auth *auth;
{
char sav, *epass;
+ char *pw_epasswd = auth->data;
size_t pw_len;
int error;
- pw_len = strlen(pw->pw_passwd);
+ pw_len = strlen(pw_epasswd);
#ifdef HAVE_GETAUTHUID
/* Ultrix shadow passwords may use crypt16() */
- error = strcmp(pw->pw_passwd, (char *) crypt16(pass, pw->pw_passwd));
+ error = strcmp(pw_epasswd, (char *) crypt16(pass, pw_epasswd));
if (!error)
- return(AUTH_SUCCESS);
+ return AUTH_SUCCESS;
#endif /* HAVE_GETAUTHUID */
/*
@@ -86,7 +90,7 @@
* If this turns out not to be safe we will have to use OS #ifdef's (sigh).
*/
sav = pass[8];
- if (pw_len == DESLEN || HAS_AGEINFO(pw->pw_passwd, pw_len))
+ if (pw_len == DESLEN || HAS_AGEINFO(pw_epasswd, pw_len))
pass[8] = '\0';
/*
@@ -94,12 +98,26 @@
* HP-UX may add aging info (separated by a ',') at the end so
* only compare the first DESLEN characters in that case.
*/
- epass = (char *) crypt(pass, pw->pw_passwd);
+ epass = (char *) crypt(pass, pw_epasswd);
pass[8] = sav;
- if (HAS_AGEINFO(pw->pw_passwd, pw_len) && strlen(epass) == DESLEN)
- error = strncmp(pw->pw_passwd, epass, DESLEN);
+ if (HAS_AGEINFO(pw_epasswd, pw_len) && strlen(epass) == DESLEN)
+ error = strncmp(pw_epasswd, epass, DESLEN);
else
- error = strcmp(pw->pw_passwd, epass);
+ error = strcmp(pw_epasswd, epass);
- return(error ? AUTH_FAILURE : AUTH_SUCCESS);
+ return error ? AUTH_FAILURE : AUTH_SUCCESS;
}
+
+int
+passwd_cleanup(pw, auth)
+ struct passwd *pw;
+ sudo_auth *auth;
+{
+ char *pw_epasswd = auth->data;
+
+ if (pw_epasswd != NULL) {
+ zero_bytes(pw_epasswd, strlen(pw_epasswd));
+ efree(pw_epasswd);
+ }
+ return AUTH_SUCCESS;
+}
Modified: trunk/contrib/sudo/auth/rfc1938.c
===================================================================
--- trunk/contrib/sudo/auth/rfc1938.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/auth/rfc1938.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -104,9 +104,9 @@
if (rfc1938challenge(&rfc1938, pw->pw_name, challenge, sizeof(challenge))) {
if (IS_ONEANDONLY(auth)) {
warningx("you do not exist in the %s database", auth->name);
- return(AUTH_FATAL);
+ return AUTH_FATAL;
} else {
- return(AUTH_FAILURE);
+ return AUTH_FAILURE;
}
}
@@ -123,7 +123,7 @@
orig_prompt, challenge);
*promptp = new_prompt;
- return(AUTH_SUCCESS);
+ return AUTH_SUCCESS;
}
int
@@ -134,7 +134,7 @@
{
if (rfc1938verify((struct RFC1938 *) auth->data, pass) == 0)
- return(AUTH_SUCCESS);
+ return AUTH_SUCCESS;
else
- return(AUTH_FAILURE);
+ return AUTH_FAILURE;
}
Modified: trunk/contrib/sudo/auth/secureware.c
===================================================================
--- trunk/contrib/sudo/auth/secureware.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/auth/secureware.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -62,9 +62,12 @@
extern int crypt_type;
if (crypt_type == INT_MAX)
- return(AUTH_FAILURE); /* no shadow */
+ return AUTH_FAILURE; /* no shadow */
#endif
- return(AUTH_SUCCESS);
+ sudo_setspent();
+ auth->data = sudo_getepw(pw);
+ sudo_endspent();
+ return AUTH_SUCCESS;
}
int
@@ -73,25 +76,40 @@
char *pass;
sudo_auth *auth;
{
+ char *pw_epasswd = auth->data;
#ifdef __alpha
extern int crypt_type;
# ifdef HAVE_DISPCRYPT
- if (strcmp(user_passwd, dispcrypt(pass, user_passwd, crypt_type)) == 0)
- return(AUTH_SUCCESS);
+ if (strcmp(pw_epasswd, dispcrypt(pass, pw_epasswd, crypt_type)) == 0)
+ return AUTH_SUCCESS;
# else
if (crypt_type == AUTH_CRYPT_BIGCRYPT) {
- if (strcmp(user_passwd, bigcrypt(pass, user_passwd)) == 0)
- return(AUTH_SUCCESS);
+ if (strcmp(pw_epasswd, bigcrypt(pass, pw_epasswd)) == 0)
+ return AUTH_SUCCESS;
} else if (crypt_type == AUTH_CRYPT_CRYPT16) {
- if (strcmp(user_passwd, crypt(pass, user_passwd)) == 0)
- return(AUTH_SUCCESS);
+ if (strcmp(pw_epasswd, crypt(pass, pw_epasswd)) == 0)
+ return AUTH_SUCCESS;
}
# endif /* HAVE_DISPCRYPT */
#elif defined(HAVE_BIGCRYPT)
- if (strcmp(user_passwd, bigcrypt(pass, user_passwd)) == 0)
- return(AUTH_SUCCESS);
+ if (strcmp(pw_epasswd, bigcrypt(pass, pw_epasswd)) == 0)
+ return AUTH_SUCCESS;
#endif /* __alpha */
- return(AUTH_FAILURE);
+ return AUTH_FAILURE;
}
+
+int
+secureware_cleanup(pw, auth)
+ struct passwd *pw;
+ sudo_auth *auth;
+{
+ char *pw_epasswd = auth->data;
+
+ if (pw_epasswd != NULL) {
+ zero_bytes(pw_epasswd, strlen(pw_epasswd));
+ efree(pw_epasswd);
+ }
+ return AUTH_SUCCESS;
+}
Modified: trunk/contrib/sudo/auth/securid.c
===================================================================
--- trunk/contrib/sudo/auth/securid.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/auth/securid.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -66,9 +66,9 @@
auth->data = (void *) &sd_dat; /* For method-specific data */
if (creadcfg() == 0)
- return(AUTH_SUCCESS);
+ return AUTH_SUCCESS;
else
- return(AUTH_FATAL);
+ return AUTH_FATAL;
}
int
@@ -83,10 +83,10 @@
if (sd_init(sd) == 0) {
/* The programmer's guide says username is 32 bytes */
strlcpy(sd->username, pw->pw_name, 32);
- return(AUTH_SUCCESS);
+ return AUTH_SUCCESS;
} else {
warningx("unable to contact the SecurID server");
- return(AUTH_FATAL);
+ return AUTH_FATAL;
}
}
@@ -102,7 +102,7 @@
rval = sd_auth(sd);
sd_close();
if (rval == ACM_OK)
- return(AUTH_SUCCESS);
+ return AUTH_SUCCESS;
else
- return(AUTH_FAILURE);
+ return AUTH_FAILURE;
}
Modified: trunk/contrib/sudo/auth/securid5.c
===================================================================
--- trunk/contrib/sudo/auth/securid5.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/auth/securid5.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -79,10 +79,10 @@
/* Start communications */
if (AceInitialize() != SD_FALSE)
- return(AUTH_SUCCESS);
+ return AUTH_SUCCESS;
warningx("failed to initialise the ACE API library");
- return(AUTH_FATAL);
+ return AUTH_FATAL;
}
/*
@@ -110,7 +110,7 @@
/* Re-initialize SecurID every time. */
if (SD_Init(sd) != ACM_OK) {
warningx("unable to contact the SecurID server");
- return(AUTH_FATAL);
+ return AUTH_FATAL;
}
/* Lock new PIN code */
@@ -119,23 +119,23 @@
switch (retval) {
case ACM_OK:
warningx("User ID locked for SecurID Authentication");
- return(AUTH_SUCCESS);
+ return AUTH_SUCCESS;
case ACE_UNDEFINED_USERNAME:
warningx("invalid username length for SecurID");
- return(AUTH_FATAL);
+ return AUTH_FATAL;
case ACE_ERR_INVALID_HANDLE:
warningx("invalid Authentication Handle for SecurID");
- return(AUTH_FATAL);
+ return AUTH_FATAL;
case ACM_ACCESS_DENIED:
warningx("SecurID communication failed");
- return(AUTH_FATAL);
+ return AUTH_FATAL;
default:
warningx("unknown SecurID error");
- return(AUTH_FATAL);
+ return AUTH_FATAL;
}
}
@@ -228,5 +228,5 @@
SD_Close(*sd);
/* Return stored state to calling process */
- return(rval);
+ return rval;
}
Modified: trunk/contrib/sudo/auth/sia.c
===================================================================
--- trunk/contrib/sudo/auth/sia.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/auth/sia.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -101,11 +101,11 @@
log_error(USE_ERRNO|NO_EXIT|NO_MAIL,
"unable to initialize SIA session");
- return(AUTH_FATAL);
+ return AUTH_FATAL;
}
auth->data = (void *) siah;
- return(AUTH_SUCCESS);
+ return AUTH_SUCCESS;
}
int
@@ -120,9 +120,9 @@
/* XXX - need a way to detect user hitting return or EOF at prompt */
if (sia_ses_reauthent(sudo_collect, siah) == SIASUCCESS)
- return(AUTH_SUCCESS);
+ return AUTH_SUCCESS;
else
- return(AUTH_FAILURE);
+ return AUTH_FAILURE;
}
int
@@ -133,5 +133,5 @@
SIAENTITY *siah = (SIAENTITY *) auth->data;
(void) sia_ses_release(&siah);
- return(AUTH_SUCCESS);
+ return AUTH_SUCCESS;
}
Modified: trunk/contrib/sudo/auth/sudo_auth.c
===================================================================
--- trunk/contrib/sudo/auth/sudo_auth.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/auth/sudo_auth.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -53,10 +53,10 @@
AUTH_STANDALONE
#else
# ifndef WITHOUT_PASSWD
- AUTH_ENTRY(0, "passwd", passwd_init, NULL, passwd_verify, NULL)
+ AUTH_ENTRY(0, "passwd", passwd_init, NULL, passwd_verify, passwd_cleanup)
# endif
# if defined(HAVE_GETPRPWNAM) && !defined(WITHOUT_PASSWD)
- AUTH_ENTRY(0, "secureware", secureware_init, NULL, secureware_verify, NULL)
+ AUTH_ENTRY(0, "secureware", secureware_init, NULL, secureware_verify, secureware_cleanup)
# endif
# ifdef HAVE_AFS
AUTH_ENTRY(0, "afs", NULL, NULL, afs_verify, NULL)
Modified: trunk/contrib/sudo/auth/sudo_auth.h
===================================================================
--- trunk/contrib/sudo/auth/sudo_auth.h 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/auth/sudo_auth.h 2014-10-02 03:20:49 UTC (rev 6803)
@@ -64,8 +64,10 @@
/* Prototypes for normal methods */
int passwd_init __P((struct passwd *pw, char **prompt, sudo_auth *auth));
int passwd_verify __P((struct passwd *pw, char *pass, sudo_auth *auth));
+int passwd_cleanup __P((struct passwd *pw, sudo_auth *auth));
int secureware_init __P((struct passwd *pw, char **prompt, sudo_auth *auth));
int secureware_verify __P((struct passwd *pw, char *pass, sudo_auth *auth));
+int secureware_cleanup __P((struct passwd *pw, sudo_auth *auth));
int rfc1938_setup __P((struct passwd *pw, char **prompt, sudo_auth *auth));
int rfc1938_verify __P((struct passwd *pw, char *pass, sudo_auth *auth));
int afs_verify __P((struct passwd *pw, char *pass, sudo_auth *auth));
Modified: trunk/contrib/sudo/boottime.c
===================================================================
--- trunk/contrib/sudo/boottime.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/boottime.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -42,12 +42,16 @@
#if TIME_WITH_SYS_TIME
# include <time.h>
#endif
-
+#ifdef HAVE_GETUTXID
+# include <utmpx.h>
+#endif
+#ifdef HAVE_GETUTID
+# include <utmp.h>
+#endif
#ifdef HAVE_SYSCTL
# include <sys/sysctl.h>
#endif
-#include "compat.h"
#include "missing.h"
/*
@@ -102,7 +106,6 @@
#elif defined(HAVE_GETUTXID)
-#include <utmpx.h>
int
get_boottime(tv)
struct timeval *tv;
@@ -121,7 +124,6 @@
#elif defined(HAVE_GETUTID)
-#include <utmp.h>
int
get_boottime(tv)
struct timeval *tv;
Modified: trunk/contrib/sudo/bsm_audit.c
===================================================================
--- trunk/contrib/sudo/bsm_audit.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/bsm_audit.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,4 +1,5 @@
/*
+ * Copyright (c) 2009-2010 Todd C. Miller <Todd.Miller at courtesan.com>
* Copyright (c) 2009 Christian S.J. Peron
*
* Permission to use, copy, modify, and distribute this software for any
@@ -35,7 +36,7 @@
* Solaris auditon() returns EINVAL if BSM audit not configured.
* OpenBSM returns ENOSYS for unimplemented options.
*/
-#ifdef __sun__
+#ifdef __sun
# define AUDIT_NOT_CONFIGURED EINVAL
#else
# define AUDIT_NOT_CONFIGURED ENOSYS
@@ -62,7 +63,7 @@
mask = &ainfo_addr.ai_mask;
sorf = (sf == 0) ? AU_PRS_SUCCESS : AU_PRS_FAILURE;
rc = au_preselect(AUE_sudo, mask, sorf, AU_PRS_REREAD);
- return (rc);
+ return rc;
}
void
Modified: trunk/contrib/sudo/check.c
===================================================================
--- trunk/contrib/sudo/check.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/check.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1993-1996,1998-2005, 2007-2010
+ * Copyright (c) 1993-1996,1998-2005, 2007-2011
* Todd C. Miller <Todd.Miller at courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
@@ -90,6 +90,7 @@
static void lecture __P((int));
static void update_timestamp __P((char *, char *));
static int tty_is_devpts __P((const char *));
+static struct passwd *get_authpw __P((void));
/*
* This function only returns if the user can successfully
@@ -134,6 +135,8 @@
TS_MAKE_DIRS);
if (status != TS_CURRENT || ISSET(validated, FLAG_CHECK_USER)) {
+ struct passwd *auth_pw;
+
/* Bail out if we are non-interactive and a password is required */
if (ISSET(mode, MODE_NONINTERACTIVE))
errorx(1, "sorry, a password is required to run %s", getprogname());
@@ -162,7 +165,9 @@
prompt = expand_prompt(user_prompt ? user_prompt : def_passprompt,
user_name, user_shost);
+ auth_pw = get_authpw();
verify_user(auth_pw, prompt);
+ pw_delref(auth_pw);
}
/* Only update timestamp if user was validated. */
if (ISSET(validated, VALIDATE_OK) && !ISSET(mode, MODE_INVALIDATE) && status != TS_ERROR)
@@ -225,7 +230,8 @@
log_error(NO_EXIT|USE_ERRNO, "Can't open %s", timestampfile);
else {
lock_file(fd, SUDO_LOCK);
- write(fd, &tty_info, sizeof(tty_info));
+ if (write(fd, &tty_info, sizeof(tty_info)) != sizeof(tty_info))
+ log_error(NO_EXIT|USE_ERRNO, "Can't write %s", timestampfile);
close(fd);
}
} else {
@@ -299,7 +305,7 @@
}
if (subst) {
- new_prompt = (char *) emalloc(++len);
+ new_prompt = emalloc(++len);
endp = new_prompt + len;
for (p = old_prompt, np = new_prompt; *p; p++) {
if (p[0] =='%') {
@@ -361,7 +367,7 @@
} else
new_prompt = old_prompt;
- return(new_prompt);
+ return new_prompt;
oflow:
/* We pre-allocate enough space, so this should never happen. */
@@ -375,8 +381,8 @@
user_is_exempt()
{
if (!def_exempt_group)
- return(FALSE);
- return(user_in_group(sudo_user.pw, def_exempt_group));
+ return FALSE;
+ return user_in_group(sudo_user.pw, def_exempt_group);
}
/*
@@ -453,9 +459,9 @@
log_error(NO_EXIT, "%s exists but is not a directory (0%o)",
dirparent, (unsigned int) sb.st_mode);
else if (sb.st_uid != timestamp_uid)
- log_error(NO_EXIT, "%s owned by uid %lu, should be uid %lu",
- dirparent, (unsigned long) sb.st_uid,
- (unsigned long) timestamp_uid);
+ log_error(NO_EXIT, "%s owned by uid %u, should be uid %u",
+ dirparent, (unsigned int) sb.st_uid,
+ (unsigned int) timestamp_uid);
else if ((sb.st_mode & 0000022))
log_error(NO_EXIT,
"%s writable by non-owner (0%o), should be mode 0700",
@@ -480,7 +486,7 @@
if (status == TS_ERROR) {
if (timestamp_uid != 0)
set_perms(PERM_ROOT);
- return(status);
+ return status;
}
/*
@@ -500,9 +506,9 @@
log_error(NO_EXIT, "%s exists but is not a directory (0%o)",
timestampdir, (unsigned int) sb.st_mode);
} else if (sb.st_uid != timestamp_uid)
- log_error(NO_EXIT, "%s owned by uid %lu, should be uid %lu",
- timestampdir, (unsigned long) sb.st_uid,
- (unsigned long) timestamp_uid);
+ log_error(NO_EXIT, "%s owned by uid %u, should be uid %u",
+ timestampdir, (unsigned int) sb.st_uid,
+ (unsigned int) timestamp_uid);
else if ((sb.st_mode & 0000022))
log_error(NO_EXIT,
"%s writable by non-owner (0%o), should be mode 0700",
@@ -545,9 +551,9 @@
/* If bad uid or file mode, complain and kill the bogus file. */
if (sb.st_uid != timestamp_uid) {
log_error(NO_EXIT,
- "%s owned by uid %lu, should be uid %lu",
- timestampfile, (unsigned long) sb.st_uid,
- (unsigned long) timestamp_uid);
+ "%s owned by uid %u, should be uid %u",
+ timestampfile, (unsigned int) sb.st_uid,
+ (unsigned int) timestamp_uid);
(void) unlink(timestampfile);
} else if ((sb.st_mode & 0000022)) {
log_error(NO_EXIT,
@@ -624,7 +630,7 @@
done:
if (timestamp_uid != 0)
set_perms(PERM_ROOT);
- return(status);
+ return status;
}
/*
@@ -698,3 +704,33 @@
#endif /* __linux__ */
return retval;
}
+
+/*
+ * Get passwd entry for the user we are going to authenticate as.
+ * By default, this is the user invoking sudo. In the most common
+ * case, this matches sudo_user.pw or runas_pw.
+ */
+static struct passwd *
+get_authpw()
+{
+ struct passwd *pw;
+
+ if (def_rootpw) {
+ if ((pw = sudo_getpwuid(0)) == NULL)
+ log_error(0, "unknown uid: 0");
+ } else if (def_runaspw) {
+ if ((pw = sudo_getpwnam(def_runas_default)) == NULL)
+ log_error(0, "unknown user: %s", def_runas_default);
+ } else if (def_targetpw) {
+ if (runas_pw->pw_name == NULL)
+ log_error(NO_MAIL|MSG_ONLY, "unknown uid: %u",
+ (unsigned int) runas_pw->pw_uid);
+ pw_addref(runas_pw);
+ pw = runas_pw;
+ } else {
+ pw_addref(sudo_user.pw);
+ pw = sudo_user.pw;
+ }
+
+ return pw;
+}
Deleted: trunk/contrib/sudo/closeform.c
===================================================================
--- trunk/contrib/sudo/closeform.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/closeform.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,97 +0,0 @@
-/*
- * Copyright (c) 2004 Todd C. Miller <Todd.Miller at courtesan.com>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-#include "config.h"
-
-#include <sys/types.h>
-#include <sys/param.h>
-#include <unistd.h>
-#include <stdio.h>
-#ifdef STDC_HEADERS
-# include <stdlib.h>
-# include <stddef.h>
-#else
-# ifdef HAVE_STDLIB_H
-# include <stdlib.h>
-# endif
-#endif /* STDC_HEADERS */
-#ifdef HAVE_DIRENT_H
-# include <dirent.h>
-# define NAMLEN(dirent) strlen((dirent)->d_name)
-#else
-# define dirent direct
-# define NAMLEN(dirent) (dirent)->d_namlen
-# ifdef HAVE_SYS_NDIR_H
-# include <sys/ndir.h>
-# endif
-# ifdef HAVE_SYS_DIR_H
-# include <sys/dir.h>
-# endif
-# ifdef HAVE_NDIR_H
-# include <ndir.h>
-# endif
-#endif
-
-#include "sudo.h"
-
-#ifndef lint
-static const char rcsid[] = "$Sudo: closefrom.c,v 1.6 2004/06/01 20:51:56 millert Exp $";
-#endif /* lint */
-
-/*
- * Close all file descriptors greater than or equal to lowfd.
- */
-void
-closefrom(lowfd)
- int lowfd;
-{
- long fd, maxfd;
-#ifdef HAVE_DIRFD
- char fdpath[PATH_MAX], *endp;
- struct dirent *dent;
- DIR *dirp;
- int len;
-
- /* Check for a /proc/$$/fd directory. */
- len = snprintf(fdpath, sizeof(fdpath), "/proc/%ld/fd", (long)getpid());
- if (len != -1 && len <= sizeof(fdpath) && (dirp = opendir(fdpath))) {
- while ((dent = readdir(dirp)) != NULL) {
- fd = strtol(dent->d_name, &endp, 10);
- if (dent->d_name != endp && *endp == '\0' &&
- fd >= 0 && fd < INT_MAX && fd >= lowfd && fd != dirfd(dirp))
- (void) close((int) fd);
- }
- (void) closedir(dirp);
- } else
-#endif
- {
- /*
- * Fall back on sysconf() or getdtablesize(). We avoid checking
- * resource limits since it is possible to open a file descriptor
- * and then drop the rlimit such that it is below the open fd.
- */
-#ifdef HAVE_SYSCONF
- maxfd = sysconf(_SC_OPEN_MAX);
-#else
- maxfd = getdtablesize();
-#endif /* HAVE_SYSCONF */
- if (maxfd < 0)
- maxfd = OPEN_MAX;
-
- for (fd = lowfd; fd < maxfd; fd++)
- (void) close((int) fd);
- }
-}
Modified: trunk/contrib/sudo/closefrom.c
===================================================================
--- trunk/contrib/sudo/closefrom.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/closefrom.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2004-2005, 2007
+ * Copyright (c) 2004-2005, 2007, 2010
* Todd C. Miller <Todd.Miller at courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
@@ -47,7 +47,7 @@
# endif
#endif
-#include "sudo.h"
+#include "missing.h"
#ifndef HAVE_FCNTL_CLOSEM
# ifndef HAVE_DIRFD
Deleted: trunk/contrib/sudo/compat.h
===================================================================
--- trunk/contrib/sudo/compat.h 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/compat.h 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,312 +0,0 @@
-/*
- * Copyright (c) 1996, 1998-2005, 2008-2010
- * Todd C. Miller <Todd.Miller at courtesan.com>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- *
- * Sponsored in part by the Defense Advanced Research Projects
- * Agency (DARPA) and Air Force Research Laboratory, Air Force
- * Materiel Command, USAF, under agreement number F39502-99-1-0512.
- */
-
-#ifndef _SUDO_COMPAT_H
-#define _SUDO_COMPAT_H
-
-/*
- * Macros that may be missing on some Operating Systems
- */
-
-/* Deal with ANSI stuff reasonably. */
-#ifndef __P
-# if defined (__cplusplus) || defined (__STDC__)
-# define __P(args) args
-# else
-# define __P(args) ()
-# endif
-#endif /* __P */
-
-/* Define away __attribute__ for non-gcc or old gcc */
-#if !defined(__GNUC__) || __GNUC__ < 2 || __GNUC__ == 2 && __GNUC_MINOR__ < 5
-# define __attribute__(x)
-#endif
-
-/* For silencing gcc warnings about rcsids */
-#ifndef __unused
-# if defined(__GNUC__) && (__GNUC__ > 2 || __GNUC__ == 2 && __GNUC_MINOR__ > 7)
-# define __unused __attribute__((__unused__))
-# else
-# define __unused
-# endif
-#endif
-
-/* For catching format string mismatches */
-#ifndef __printflike
-# if defined(__GNUC__) && (__GNUC__ > 2 || __GNUC__ == 2 && __GNUC_MINOR__ >= 7)
-# define __printflike(f, v) __attribute__((__format__ (__printf__, f, v)))
-# else
-# define __printflike(f, v)
-# endif
-#endif
-
-/*
- * Some systems lack full limit definitions.
- */
-#ifndef OPEN_MAX
-# define OPEN_MAX 256
-#endif
-
-#ifndef INT_MAX
-# define INT_MAX 0x7fffffff
-#endif
-
-#ifndef PATH_MAX
-# ifdef MAXPATHLEN
-# define PATH_MAX MAXPATHLEN
-# else
-# ifdef _POSIX_PATH_MAX
-# define PATH_MAX _POSIX_PATH_MAX
-# else
-# define PATH_MAX 1024
-# endif
-# endif
-#endif
-
-#ifndef MAXHOSTNAMELEN
-# define MAXHOSTNAMELEN 64
-#endif
-
-/*
- * Posix versions for those without...
- */
-#ifndef _S_IFMT
-# define _S_IFMT S_IFMT
-#endif /* _S_IFMT */
-#ifndef _S_IFREG
-# define _S_IFREG S_IFREG
-#endif /* _S_IFREG */
-#ifndef _S_IFDIR
-# define _S_IFDIR S_IFDIR
-#endif /* _S_IFDIR */
-#ifndef _S_IFLNK
-# define _S_IFLNK S_IFLNK
-#endif /* _S_IFLNK */
-#ifndef S_ISREG
-# define S_ISREG(m) (((m) & _S_IFMT) == _S_IFREG)
-#endif /* S_ISREG */
-#ifndef S_ISDIR
-# define S_ISDIR(m) (((m) & _S_IFMT) == _S_IFDIR)
-#endif /* S_ISDIR */
-
-/*
- * Some OS's may not have this.
- */
-#ifndef S_IRWXU
-# define S_IRWXU 0000700 /* rwx for owner */
-#endif /* S_IRWXU */
-
-/*
- * These should be defined in <unistd.h> but not everyone has them.
- */
-#ifndef STDIN_FILENO
-# define STDIN_FILENO 0
-#endif
-#ifndef STDOUT_FILENO
-# define STDOUT_FILENO 1
-#endif
-#ifndef STDERR_FILENO
-# define STDERR_FILENO 2
-#endif
-
-/*
- * These should be defined in <unistd.h> but not everyone has them.
- */
-#ifndef SEEK_SET
-# define SEEK_SET 0
-#endif
-#ifndef SEEK_CUR
-# define SEEK_CUR 1
-#endif
-#ifndef SEEK_END
-# define SEEK_END 2
-#endif
-
-/*
- * BSD defines these in <sys/param.h> but others may not.
- */
-#ifndef MIN
-# define MIN(a,b) (((a)<(b))?(a):(b))
-#endif
-#ifndef MAX
-# define MAX(a,b) (((a)>(b))?(a):(b))
-#endif
-
-/*
- * Simple isblank() macro and function for systems without it.
- */
-#ifndef HAVE_ISBLANK
-int isblank __P((int));
-# define isblank(_x) ((_x) == ' ' || (_x) == '\t')
-#endif
-
-/*
- * Old BSD systems lack strchr(), strrchr(), memset() and memcpy()
- */
-#if !defined(HAVE_STRCHR) && !defined(strchr)
-# define strchr(_s, _c) index(_s, _c)
-#endif
-#if !defined(HAVE_STRRCHR) && !defined(strrchr)
-# define strrchr(_s, _c) rindex(_s, _c)
-#endif
-#if !defined(HAVE_MEMCPY) && !defined(memcpy)
-# define memcpy(_d, _s, _n) (bcopy(_s, _d, _n))
-#endif
-#if !defined(HAVE_MEMSET) && !defined(memset)
-# define memset(_s, _x, _n) (bzero(_s, _n))
-#endif
-
-/*
- * NCR's SVr4 has _innetgr(3) instead of innetgr(3) for some reason.
- */
-#ifdef HAVE__INNETGR
-# define innetgr(n, h, u, d) (_innetgr(n, h, u, d))
-# define HAVE_INNETGR 1
-#endif /* HAVE__INNETGR */
-
-/*
- * On POSIX systems, O_NOCTTY is the default so some OS's may lack this define.
- */
-#ifndef O_NOCTTY
-# define O_NOCTTY 0
-#endif /* O_NOCTTY */
-
-/*
- * Emulate POSIX signals via sigvec(2)
- */
-#ifndef HAVE_SIGACTION
-# define SA_ONSTACK SV_ONSTACK
-# define SA_RESTART SV_INTERRUPT /* opposite effect */
-# define SA_RESETHAND SV_RESETHAND
-# define sa_handler sv_handler
-# define sa_mask sv_mask
-# define sa_flags sv_flags
-typedef struct sigvec sigaction_t;
-typedef int sigset_t;
-int sigaction __P((int sig, const sigaction_t *act, sigaction_t *oact));
-int sigemptyset __P((sigset_t *));
-int sigfillset __P((sigset_t *));
-int sigaddset __P((sigset_t *, int));
-int sigdelset __P((sigset_t *, int));
-int sigismember __P((sigset_t *, int));
-int sigprocmask __P((int, const sigset_t *, sigset_t *));
-#endif
-
-/*
- * Extra sugar for POSIX signals to deal with the above emulation
- * as well as the fact that SunOS has a SA_INTERRUPT flag.
- */
-#ifdef HAVE_SIGACTION
-# ifndef HAVE_SIGACTION_T
-typedef struct sigaction sigaction_t;
-# endif
-# ifndef SA_INTERRUPT
-# define SA_INTERRUPT 0
-# endif
-# ifndef SA_RESTART
-# define SA_RESTART 0
-# endif
-#endif
-
-/*
- * If dirfd() does not exists, hopefully dd_fd does.
- */
-#if !defined(HAVE_DIRFD) && defined(HAVE_DD_FD)
-# define dirfd(_d) ((_d)->dd_fd)
-# define HAVE_DIRFD
-#endif
-
-/*
- * Define futimes() in terms of futimesat() if needed.
- */
-#if !defined(HAVE_FUTIMES) && defined(HAVE_FUTIMESAT)
-# define futimes(_f, _tv) futimesat(_f, NULL, _tv)
-# define HAVE_FUTIMES
-#endif
-
-#if !defined(HAVE_KILLPG) && !defined(killpg)
-# define killpg(s) kill(-(s))
-#endif
-
-/*
- * If we lack getprogname(), emulate with __progname if possible.
- * Otherwise, add a prototype for use with our own getprogname.c.
- */
-#ifndef HAVE_GETPROGNAME
-# ifdef HAVE___PROGNAME
-extern const char *__progname;
-# define getprogname() (__progname)
-# else
-const char *getprogname __P((void));
-#endif /* HAVE___PROGNAME */
-#endif /* !HAVE_GETPROGNAME */
-
-#ifndef timevalclear
-# define timevalclear(tv) ((tv)->tv_sec = (tv)->tv_usec = 0)
-#endif
-#ifndef timevalisset
-# define timevalisset(tv) ((tv)->tv_sec || (tv)->tv_usec)
-#endif
-#ifndef timevalcmp
-# define timevalcmp(tv1, tv2, op) \
- (((tv1)->tv_sec == (tv2)->tv_sec) ? \
- ((tv1)->tv_usec op (tv2)->tv_usec) : \
- ((tv1)->tv_sec op (tv2)->tv_sec))
-#endif
-#ifndef timevaladd
-# define timevaladd(tv1, tv2) \
- do { \
- (tv1)->tv_sec += (tv2)->tv_sec; \
- (tv1)->tv_usec += (tv2)->tv_usec; \
- if ((tv1)->tv_usec >= 1000000) { \
- (tv1)->tv_sec++; \
- (tv1)->tv_usec -= 1000000; \
- } \
- } while (0)
-#endif
-#ifndef timevalsub
-# define timevalsub(tv1, tv2) \
- do { \
- (tv1)->tv_sec -= (tv2)->tv_sec; \
- (tv1)->tv_usec -= (tv2)->tv_usec; \
- if ((tv1)->tv_usec < 0) { \
- (tv1)->tv_sec--; \
- (tv1)->tv_usec += 1000000; \
- } \
- } while (0)
-#endif
-
-/* Not all systems define NSIG in signal.h */
-#if !defined(NSIG)
-# if defined(_NSIG)
-# define NSIG _NSIG
-# elif defined(__NSIG)
-# define NSIG __NSIG
-# else
-# define NSIG 64
-# endif
-#endif
-
-#ifndef WCOREDUMP
-# define WCOREDUMP(x) ((x) & 0x80)
-#endif
-
-#endif /* _SUDO_COMPAT_H */
Deleted: trunk/contrib/sudo/config.h
===================================================================
--- trunk/contrib/sudo/config.h 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/config.h 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,866 +0,0 @@
-/* config.h. Generated from config.h.in by configure. */
-/* config.h.in. Generated from configure.in by autoheader. */
-
-#ifndef _SUDO_CONFIG_H
-#define _SUDO_CONFIG_H
-
-/* Define to 1 if the `syslog' function returns a non-zero int to denote
- failure. */
-/* #undef BROKEN_SYSLOG */
-
-/* Define to 1 if you want the insults from the "classic" version sudo. */
-#define CLASSIC_INSULTS 1
-
-/* Define to 1 if you want insults culled from the twisted minds of CSOps. */
-#define CSOPS_INSULTS 1
-
-/* Define to 1 if you want sudo to display "command not allowed" instead of
- "command not found" when a command cannot be found. */
-/* #undef DONT_LEAK_PATH_INFO */
-
-/* A colon-separated list of pathnames to be used as the editor for visudo. */
-#define EDITOR _PATH_VI
-
-/* Define to 1 to enable environment function debugging. */
-/* #undef ENV_DEBUG */
-
-/* Define to 1 if you want visudo to honor the EDITOR and VISUAL env
- variables. */
-/* #undef ENV_EDITOR */
-
-/* If defined, users in this group need not enter a passwd (ie "sudo"). */
-/* #undef EXEMPTGROUP */
-
-/* Define to 1 if you want to require fully qualified hosts in sudoers. */
-/* #undef FQDN */
-
-/* Define to the type of elements in the array set by `getgroups'. Usually
- this is either `int' or `gid_t'. */
-#define GETGROUPS_T gid_t
-
-/* Define to 1 if you want insults from the "Goon Show". */
-#define GOONS_INSULTS 1
-
-/* Define to 1 if you want 2001-like insults. */
-#define HAL_INSULTS 1
-
-/* Define to 1 if you use AFS. */
-/* #undef HAVE_AFS */
-
-/* Define to 1 if you use AIX general authentication. */
-/* #undef HAVE_AIXAUTH */
-
-/* Define to 1 if you have the `asprintf' function. */
-#define HAVE_ASPRINTF 1
-
-/* Define to 1 if you have the `authenticate' function. */
-/* #undef HAVE_AUTHENTICATE */
-
-/* Define to 1 if you have the `auth_challenge' function. */
-/* #undef HAVE_AUTH_CHALLENGE */
-
-/* Define to 1 if you have the `bigcrypt' function. */
-/* #undef HAVE_BIGCRYPT */
-
-/* Define to 1 if you use BSD authentication. */
-/* #undef HAVE_BSD_AUTH_H */
-
-/* Define to 1 to enable BSM audit support. */
-/* #undef HAVE_BSM_AUDIT */
-
-/* Define to 1 if you have the `closefrom' function. */
-/* #undef HAVE_CLOSEFROM */
-
-/* Define to 1 if you use OSF DCE. */
-/* #undef HAVE_DCE */
-
-/* Define to 1 if your `DIR' contains dd_fd. */
-/* #undef HAVE_DD_FD */
-
-/* Define to 1 if you have the declaration of `sys_siglist', and to 0 if you
- don't. */
-/* #undef HAVE_DECL_SYS_SIGLIST */
-
-/* Define to 1 if you have the declaration of `_sys_siglist', and to 0 if you
- don't. */
-/* #undef HAVE_DECL__SYS_SIGLIST */
-
-/* Define to 1 if you have the declaration of `__sys_siglist', and to 0 if you
- don't. */
-/* #undef HAVE_DECL___SYS_SIGLIST */
-
-/* Define to 1 if you have the `dgettext' function. */
-/* #undef HAVE_DGETTEXT */
-
-/* Define to 1 if you have the <dirent.h> header file, and it defines `DIR'.
- */
-#define HAVE_DIRENT_H 1
-
-/* Define to 1 if you have the `dirfd' function or macro. */
-#define HAVE_DIRFD 1
-
-/* Define to 1 if you have the `dispcrypt' function. */
-/* #undef HAVE_DISPCRYPT */
-
-/* Define to 1 if you have the <dlfcn.h> header file. */
-#define HAVE_DLFCN_H 1
-
-/* Define to 1 if your glob.h defines the GLOB_BRACE and GLOB_TILDE flags. */
-#define HAVE_EXTENDED_GLOB 1
-
-/* Define to 1 if your system has the F_CLOSEM fcntl. */
-/* #undef HAVE_FCNTL_CLOSEM */
-
-/* Define to 1 if you have the `fgetln' function. */
-#define HAVE_FGETLN 1
-
-/* Define to 1 if you have the `flock' function. */
-/* #undef HAVE_FLOCK */
-
-/* Define to 1 if you have the `fnmatch' function. */
-#define HAVE_FNMATCH 1
-
-/* Define to 1 if you have the `freeifaddrs' function. */
-#define HAVE_FREEIFADDRS 1
-
-/* Define to 1 if you have the `fstat' function. */
-#define HAVE_FSTAT 1
-
-/* Define to 1 if you have the `futime' function. */
-/* #undef HAVE_FUTIME */
-
-/* Define to 1 if you have the `futimes' function. */
-#define HAVE_FUTIMES 1
-
-/* Define to 1 if you have the `futimesat' function. */
-/* #undef HAVE_FUTIMESAT */
-
-/* Define to 1 if you use the FWTK authsrv daemon. */
-/* #undef HAVE_FWTK */
-
-/* Define to 1 if you have the `getaddrinfo' function. */
-#define HAVE_GETADDRINFO 1
-
-/* Define to 1 if you have the `getauthuid' function. (ULTRIX 4.x shadow
- passwords) */
-/* #undef HAVE_GETAUTHUID */
-
-/* Define to 1 if you have the `getcwd' function. */
-#define HAVE_GETCWD 1
-
-/* Define to 1 if you have the `getdomainname' function. */
-#define HAVE_GETDOMAINNAME 1
-
-/* Define to 1 if you have the `getgroups' function. */
-#define HAVE_GETGROUPS 1
-
-/* Define to 1 if you have the `getifaddrs' function. */
-#define HAVE_GETIFADDRS 1
-
-/* Define to 1 if you have the `getline' function. */
-/* #undef HAVE_GETLINE */
-
-/* Define to 1 if you have the `getprogname' function. */
-#define HAVE_GETPROGNAME 1
-
-/* Define to 1 if you have the `getprpwnam' function. (SecureWare-style shadow
- passwords) */
-/* #undef HAVE_GETPRPWNAM */
-
-/* Define to 1 if you have the `getpwanam' function. (SunOS 4.x shadow
- passwords) */
-/* #undef HAVE_GETPWANAM */
-
-/* Define to 1 if you have the `getspnam' function (SVR4-style shadow
- passwords) */
-/* #undef HAVE_GETSPNAM */
-
-/* Define to 1 if you have the `getspwuid' function. (HP-UX <= 9.X shadow
- passwords) */
-/* #undef HAVE_GETSPWUID */
-
-/* Define to 1 if you have the `gettimeofday' function. */
-#define HAVE_GETTIMEOFDAY 1
-
-/* Define to 1 if you have the `getuserattr' function. */
-/* #undef HAVE_GETUSERATTR */
-
-/* Define to 1 if you have the `getutid' function. */
-/* #undef HAVE_GETUTID */
-
-/* Define to 1 if you have the `getutxid' function. */
-/* #undef HAVE_GETUTXID */
-
-/* Define to 1 if you have the `glob' function. */
-#define HAVE_GLOB 1
-
-/* Define to 1 if you have the `grantpt' function. */
-/* #undef HAVE_GRANTPT */
-
-/* Define to 1 if you have the <gssapi/gssapi_krb5.h> header file. */
-/* #undef HAVE_GSSAPI_GSSAPI_KRB5_H */
-
-/* Define to 1 if you have the `gss_krb5_ccache_name' function. */
-/* #undef HAVE_GSS_KRB5_CCACHE_NAME */
-
-/* Define to 1 if your Kerberos is Heimdal. */
-/* #undef HAVE_HEIMDAL */
-
-/* Define to 1 if <netinet/in.h> contains struct in6_addr. */
-#define HAVE_IN6_ADDR 1
-
-/* Define to 1 if you have the `initgroups' function. */
-#define HAVE_INITGROUPS 1
-
-/* Define to 1 if you have the `initprivs' function. */
-/* #undef HAVE_INITPRIVS */
-
-/* Define to 1 if you have the `innetgr' function. */
-#define HAVE_INNETGR 1
-
-/* Define to 1 if you have the <inttypes.h> header file. */
-#define HAVE_INTTYPES_H 1
-
-/* Define if you have isblank(3). */
-#define HAVE_ISBLANK 1
-
-/* Define to 1 if you have the `iscomsec' function. (HP-UX >= 10.x check for
- shadow enabled) */
-/* #undef HAVE_ISCOMSEC */
-
-/* Define to 1 if you have the `issecure' function. (SunOS 4.x check for
- shadow enabled) */
-/* #undef HAVE_ISSECURE */
-
-/* Define to 1 if you use Kerberos IV. */
-/* #undef HAVE_KERB4 */
-
-/* Define to 1 if you use Kerberos V. */
-/* #undef HAVE_KERB5 */
-
-/* Define to 1 if you have the `killpg' function. */
-#define HAVE_KILLPG 1
-
-/* Define to 1 if you have the `krb5_get_init_creds_opt_alloc' function. */
-/* #undef HAVE_KRB5_GET_INIT_CREDS_OPT_ALLOC */
-
-/* Define to 1 if your `krb5_get_init_creds_opt_free' function takes two
- arguments. */
-/* #undef HAVE_KRB5_GET_INIT_CREDS_OPT_FREE_TWO_ARGS */
-
-/* Define to 1 if you have the `krb5_init_secure_context' function. */
-/* #undef HAVE_KRB5_INIT_SECURE_CONTEXT */
-
-/* Define to 1 if you have the `krb5_verify_user' function. */
-/* #undef HAVE_KRB5_VERIFY_USER */
-
-/* Define to 1 if your LDAP needs <lber.h>. (OpenLDAP does not) */
-/* #undef HAVE_LBER_H */
-
-/* Define to 1 if you use LDAP for sudoers. */
-/* #undef HAVE_LDAP */
-
-/* Define to 1 if you have the `ldapssl_init' function. */
-/* #undef HAVE_LDAPSSL_INIT */
-
-/* Define to 1 if you have the `ldapssl_set_strength' function. */
-/* #undef HAVE_LDAPSSL_SET_STRENGTH */
-
-/* Define to 1 if you have the `ldap_create' function. */
-/* #undef HAVE_LDAP_CREATE */
-
-/* Define to 1 if you have the `ldap_initialize' function. */
-/* #undef HAVE_LDAP_INITIALIZE */
-
-/* Define to 1 if you have the `ldap_sasl_bind_s' function. */
-/* #undef HAVE_LDAP_SASL_BIND_S */
-
-/* Define to 1 if you have the `ldap_sasl_interactive_bind_s' function. */
-/* #undef HAVE_LDAP_SASL_INTERACTIVE_BIND_S */
-
-/* Define to 1 if you have the `ldap_search_ext_s' function. */
-/* #undef HAVE_LDAP_SEARCH_EXT_S */
-
-/* Define to 1 if you have the `ldap_ssl_client_init' function. */
-/* #undef HAVE_LDAP_SSL_CLIENT_INIT */
-
-/* Define to 1 if you have the <ldap_ssl.h> header file. */
-/* #undef HAVE_LDAP_SSL_H */
-
-/* Define to 1 if you have the `ldap_start_tls_s' function. */
-/* #undef HAVE_LDAP_START_TLS_S */
-
-/* Define to 1 if you have the `ldap_start_tls_s_np' function. */
-/* #undef HAVE_LDAP_START_TLS_S_NP */
-
-/* Define to 1 if you have the `ldap_str2dn' function. */
-/* #undef HAVE_LDAP_STR2DN */
-
-/* Define to 1 if you have the `ldap_unbind_ext_s' function. */
-/* #undef HAVE_LDAP_UNBIND_EXT_S */
-
-/* Define to 1 if you have the `dl' library (-ldl). */
-/* #undef HAVE_LIBDL */
-
-/* Define to 1 to enable Linux audit support. */
-/* #undef HAVE_LINUX_AUDIT */
-
-/* Define to 1 if you have the `lockf' function. */
-#define HAVE_LOCKF 1
-
-/* Define to 1 if you have the <login_cap.h> header file. */
-#define HAVE_LOGIN_CAP_H 1
-
-/* Define to 1 if the system has the type `long long int'. */
-#define HAVE_LONG_LONG_INT 1
-
-/* Define to 1 if you have the `lrand48' function. */
-/* #undef HAVE_LRAND48 */
-
-/* Define to 1 if you have the <maillock.h> header file. */
-/* #undef HAVE_MAILLOCK_H */
-
-/* Define to 1 if you have the <malloc.h> header file. */
-/* #undef HAVE_MALLOC_H */
-
-/* Define to 1 if you have the `mbr_check_membership' function. */
-/* #undef HAVE_MBR_CHECK_MEMBERSHIP */
-
-/* Define to 1 if you have the `memchr' function. */
-#define HAVE_MEMCHR 1
-
-/* Define to 1 if you have the `memcpy' function. */
-#define HAVE_MEMCPY 1
-
-/* Define to 1 if you have the <memory.h> header file. */
-#define HAVE_MEMORY_H 1
-
-/* Define to 1 if you have the `memrchr' function. */
-/* #undef HAVE_MEMRCHR */
-
-/* Define to 1 if you have the `memset' function. */
-#define HAVE_MEMSET 1
-
-/* Define to 1 if you have the `mkstemps' function. */
-#define HAVE_MKSTEMPS 1
-
-/* Define to 1 if you have the <mps/ldap_ssl.h> header file. */
-/* #undef HAVE_MPS_LDAP_SSL_H */
-
-/* Define to 1 if you have the `nanosleep' function. */
-#define HAVE_NANOSLEEP 1
-
-/* Define to 1 if you have the <ndir.h> header file, and it defines `DIR'. */
-/* #undef HAVE_NDIR_H */
-
-/* Define to 1 if you have the <netgroup.h> header file. */
-/* #undef HAVE_NETGROUP_H */
-
-/* Define to 1 if you have the `openpty' function. */
-#define HAVE_OPENPTY 1
-
-/* Define to 1 if you use NRL OPIE. */
-/* #undef HAVE_OPIE */
-
-/* Define to 1 if you use PAM authentication. */
-#define HAVE_PAM 1
-
-/* Define to 1 if you use a specific PAM session for sudo -i. */
-/* #undef HAVE_PAM_LOGIN */
-
-/* Define to 1 if you have the <pam/pam_appl.h> header file. */
-/* #undef HAVE_PAM_PAM_APPL_H */
-
-/* Define to 1 if you have the <paths.h> header file. */
-#define HAVE_PATHS_H 1
-
-/* Define to 1 if you have the `posix_openpt' function. */
-/* #undef HAVE_POSIX_OPENPT */
-
-/* Define to 1 if you have the <project.h> header file. */
-/* #undef HAVE_PROJECT_H */
-
-/* Define to 1 if you have the <pty.h> header file. */
-/* #undef HAVE_PTY_H */
-
-/* Define to 1 if you have the `random' function. */
-/* #undef HAVE_RANDOM */
-
-/* Define to 1 if you have the `regcomp' function. */
-#define HAVE_REGCOMP 1
-
-/* Define to 1 if you have the `revoke' function. */
-/* #undef HAVE_REVOKE */
-
-/* Define to 1 if you have the <sasl.h> header file. */
-/* #undef HAVE_SASL_H */
-
-/* Define to 1 if you have the <sasl/sasl.h> header file. */
-/* #undef HAVE_SASL_SASL_H */
-
-/* Define if your struct sockadr has an sa_len field. */
-#define HAVE_SA_LEN 1
-
-/* Define to 1 if you use SecurID for authentication. */
-/* #undef HAVE_SECURID */
-
-/* Define to 1 if you have the <security/pam_appl.h> header file. */
-#define HAVE_SECURITY_PAM_APPL_H 1
-
-/* Define to 1 to enable SELinux RBAC support. */
-/* #undef HAVE_SELINUX */
-
-/* Define to 1 if you have the `setauthdb' function. */
-/* #undef HAVE_SETAUTHDB */
-
-/* Define to 1 if you have the `setenv' function. */
-#define HAVE_SETENV 1
-
-/* Define to 1 if you have the `seteuid' function. */
-#define HAVE_SETEUID 1
-
-/* Define to 1 if you have the `setkeycreatecon' function. */
-/* #undef HAVE_SETKEYCREATECON */
-
-/* Define to 1 if you have the `setlocale' function. */
-#define HAVE_SETLOCALE 1
-
-/* Define to 1 if you have the `setresuid' function. */
-#define HAVE_SETRESUID 1
-
-/* Define to 1 if you have the `setreuid' function. */
-/* #undef HAVE_SETREUID */
-
-/* Define to 1 if you have the `setrlimit' function. */
-#define HAVE_SETRLIMIT 1
-
-/* Define to 1 if you have the `setrlimit64' function. */
-/* #undef HAVE_SETRLIMIT64 */
-
-/* Define to 1 if you have the `setsid' function. */
-#define HAVE_SETSID 1
-
-/* Define to 1 if you have the `set_auth_parameters' function. */
-/* #undef HAVE_SET_AUTH_PARAMETERS */
-
-/* Define to 1 if you have the `sia_ses_init' function. */
-/* #undef HAVE_SIA_SES_INIT */
-
-/* Define to 1 if you have the `sigaction' function. */
-#define HAVE_SIGACTION 1
-
-/* Define to 1 if <signal.h> has the sigaction_t typedef. */
-/* #undef HAVE_SIGACTION_T */
-
-/* Define to 1 if you use S/Key. */
-/* #undef HAVE_SKEY */
-
-/* Define to 1 if your S/Key library has skeyaccess(). */
-/* #undef HAVE_SKEYACCESS */
-
-/* Define to 1 if you have the `snprintf' function. */
-#define HAVE_SNPRINTF 1
-
-/* Define to 1 if you have the <stdint.h> header file. */
-#define HAVE_STDINT_H 1
-
-/* Define to 1 if you have the <stdlib.h> header file. */
-#define HAVE_STDLIB_H 1
-
-/* Define to 1 if you have the `strcasecmp' function. */
-#define HAVE_STRCASECMP 1
-
-/* Define to 1 if you have the `strchr' function. */
-#define HAVE_STRCHR 1
-
-/* Define to 1 if you have the `strerror' function. */
-#define HAVE_STRERROR 1
-
-/* Define to 1 if you have the `strftime' function. */
-#define HAVE_STRFTIME 1
-
-/* Define to 1 if you have the <strings.h> header file. */
-#define HAVE_STRINGS_H 1
-
-/* Define to 1 if you have the <string.h> header file. */
-#define HAVE_STRING_H 1
-
-/* Define to 1 if you have the `strlcat' function. */
-#define HAVE_STRLCAT 1
-
-/* Define to 1 if you have the `strlcpy' function. */
-#define HAVE_STRLCPY 1
-
-/* Define to 1 if you have the `strrchr' function. */
-#define HAVE_STRRCHR 1
-
-/* Define to 1 if you have the `strsignal' function. */
-#define HAVE_STRSIGNAL 1
-
-/* Define to 1 if the system has the type `struct in6_addr'. */
-#define HAVE_STRUCT_IN6_ADDR 1
-
-/* Define to 1 if your struct stat has an st_mtim member */
-/* #undef HAVE_ST_MTIM */
-
-/* Define to 1 if your struct stat has an st_mtimespec member */
-#define HAVE_ST_MTIMESPEC 1
-
-/* Define to 1 if your struct stat uses an st__tim union */
-/* #undef HAVE_ST__TIM */
-
-/* Define to 1 if you have the `sysconf' function. */
-#define HAVE_SYSCONF 1
-
-/* Define to 1 if you have the `sysctl' function. */
-#define HAVE_SYSCTL 1
-
-/* Define to 1 if you have the <sys/bsdtypes.h> header file. */
-/* #undef HAVE_SYS_BSDTYPES_H */
-
-/* Define to 1 if you have the <sys/dir.h> header file, and it defines `DIR'.
- */
-/* #undef HAVE_SYS_DIR_H */
-
-/* Define to 1 if you have the <sys/ndir.h> header file, and it defines `DIR'.
- */
-/* #undef HAVE_SYS_NDIR_H */
-
-/* Define to 1 if you have the <sys/select.h> header file. */
-#define HAVE_SYS_SELECT_H 1
-
-/* Define to 1 if you have the <sys/sockio.h> header file. */
-#define HAVE_SYS_SOCKIO_H 1
-
-/* Define to 1 if you have the <sys/stat.h> header file. */
-#define HAVE_SYS_STAT_H 1
-
-/* Define to 1 if you have the <sys/stropts.h> header file. */
-/* #undef HAVE_SYS_STROPTS_H */
-
-/* Define to 1 if you have the <sys/types.h> header file. */
-#define HAVE_SYS_TYPES_H 1
-
-/* Define to 1 if you have the `tcsetpgrp' function. */
-#define HAVE_TCSETPGRP 1
-
-/* Define to 1 if you have the <termios.h> header file and the `tcgetattr'
- function. */
-#define HAVE_TERMIOS_H 1
-
-/* Define to 1 if you have the <termio.h> header file. */
-/* #undef HAVE_TERMIO_H */
-
-/* Define to 1 if you have struct timespec in sys/time.h */
-#define HAVE_TIMESPEC 1
-
-/* Define to 1 if you have the `tzset' function. */
-#define HAVE_TZSET 1
-
-/* Define to 1 if you have the <unistd.h> header file. */
-#define HAVE_UNISTD_H 1
-
-/* Define to 1 if you have the `unsetenv' function. */
-#define HAVE_UNSETENV 1
-
-/* Define to 1 if you have the <util.h> header file. */
-/* #undef HAVE_UTIL_H */
-
-/* Define to 1 if you have the `utimes' function. */
-#define HAVE_UTIMES 1
-
-/* Define to 1 if you have the <utime.h> header file. */
-#define HAVE_UTIME_H 1
-
-/* Define to 1 if you have the `vasprintf' function. */
-#define HAVE_VASPRINTF 1
-
-/* Define to 1 if you have the `vhangup' function. */
-/* #undef HAVE_VHANGUP */
-
-/* Define to 1 if you have the `vsnprintf' function. */
-#define HAVE_VSNPRINTF 1
-
-/* Define to 1 if you have the `wait3' function. */
-/* #undef HAVE_WAIT3 */
-
-/* Define to 1 if you have the `waitpid' function. */
-#define HAVE_WAITPID 1
-
-/* Define to 1 if you have the <zlib.h> header file. */
-#define HAVE_ZLIB_H 1
-
-/* Define to 1 if you have the `_getpty' function. */
-/* #undef HAVE__GETPTY */
-
-/* Define to 1 if you have the `_innetgr' function. */
-/* #undef HAVE__INNETGR */
-
-/* Define to 1 if your crt0.o defines the __progname symbol for you. */
-/* #undef HAVE___PROGNAME */
-
-/* Define to 1 if you want the hostname to be entered into the log file. */
-/* #undef HOST_IN_LOG */
-
-/* Define to 1 if you want to ignore '.' and empty PATH elements */
-/* #undef IGNORE_DOT_PATH */
-
-/* The message given when a bad password is entered. */
-#define INCORRECT_PASSWORD "Sorry, try again."
-
-/* The name of libvas.so */
-/* #undef LIBVAS_SO */
-
-/* The syslog facility sudo will use. */
-#define LOGFAC "authpriv"
-
-/* Define to SLOG_SYSLOG, SLOG_FILE, or SLOG_BOTH. */
-#define LOGGING SLOG_SYSLOG
-
-/* Define to 1 if you want a two line OTP (S/Key or OPIE) prompt. */
-/* #undef LONG_OTP_PROMPT */
-
-/* Define to the sub-directory in which libtool stores uninstalled libraries.
- */
-#define LT_OBJDIR ".libs/"
-
-/* The subject of the mail sent by sudo to the MAILTO user/address. */
-#define MAILSUBJECT "*** SECURITY information for %h ***"
-
-/* The user or email address that sudo mail is sent to. */
-#define MAILTO "root"
-
-/* The max number of chars per log file line (for line wrapping). */
-#define MAXLOGFILELEN 80
-
-/* Define to the max length of a uid_t in string context (excluding the NUL).
- */
-#define MAX_UID_T_LEN 10
-
-/* Define to 1 if you don't want sudo to prompt for a password by default. */
-/* #undef NO_AUTHENTICATION */
-
-/* Define to 1 if you don't want users to get the lecture the first they user
- sudo. */
-/* #undef NO_LECTURE */
-
-/* Define to 1 if you don't want to use sudo's PAM session support */
-/* #undef NO_PAM_SESSION */
-
-/* Define to avoid runing the mailer as root. */
-/* #undef NO_ROOT_MAILER */
-
-/* Define to 1 if root should not be allowed to use sudo. */
-/* #undef NO_ROOT_SUDO */
-
-/* Define to 1 if you want a single ticket file instead of per-tty files. */
-/* #undef NO_TTY_TICKETS */
-
-/* Define to the address where bug reports for this package should be sent. */
-#define PACKAGE_BUGREPORT "http://www.sudo.ws/bugs/"
-
-/* Define to the full name of this package. */
-#define PACKAGE_NAME "sudo"
-
-/* Define to the full name and version of this package. */
-#define PACKAGE_STRING "sudo 1.7.4p6"
-
-/* Define to the one symbol short name of this package. */
-#define PACKAGE_TARNAME "sudo"
-
-/* Define to the home page for this package. */
-#define PACKAGE_URL ""
-
-/* Define to the version of this package. */
-#define PACKAGE_VERSION "1.7.4p6"
-
-/* The default password prompt. */
-#define PASSPROMPT "Password:"
-
-/* The passwd prompt timeout (in minutes). */
-#define PASSWORD_TIMEOUT 5
-
-/* Define to 1 to replace politically incorrect insults with less offensive
- ones. */
-/* #undef PC_INSULTS */
-
-/* The syslog priority sudo will use for unsuccessful attempts/errors. */
-#define PRI_FAILURE "alert"
-
-/* The syslog priority sudo will use for successful attempts. */
-#define PRI_SUCCESS "notice"
-
-/* Define to 1 if the `putenv' has a const argument. */
-/* #undef PUTENV_CONST */
-
-/* Define as the return type of signal handlers (`int' or `void'). */
-#define RETSIGTYPE void
-
-/* The user sudo should run commands as by default. */
-#define RUNAS_DEFAULT "root"
-
-/* Define to 1 to override the user's path with a built-in one. */
-/* #undef SECURE_PATH */
-
-/* Define to 1 to send mail when the user is not allowed to run a command. */
-/* #undef SEND_MAIL_WHEN_NOT_OK */
-
-/* Define to 1 to send mail when the user is not allowed to run sudo on this
- host. */
-/* #undef SEND_MAIL_WHEN_NO_HOST */
-
-/* Define to 1 to send mail when the user is not in the sudoers file. */
-#define SEND_MAIL_WHEN_NO_USER 1
-
-/* Define to 1 if the `setpgrp' function takes no argument. */
-/* #undef SETPGRP_VOID */
-
-/* Define to 1 if you want sudo to start a shell if given no arguments. */
-/* #undef SHELL_IF_NO_ARGS */
-
-/* Define to 1 if you want sudo to set $HOME in shell mode. */
-/* #undef SHELL_SETS_HOME */
-
-/* The size of `long int', as computed by sizeof. */
-#define SIZEOF_LONG_INT 4
-
-/* Define to 1 if you have the ANSI C header files. */
-#define STDC_HEADERS 1
-
-/* Define to 1 if the code in interfaces.c does not compile for you. */
-/* #undef STUB_LOAD_INTERFACES */
-
-/* The umask that the root-run prog should use. */
-#define SUDO_UMASK 0022
-
-/* The number of minutes before sudo asks for a password again. */
-#define TIMEOUT 5
-
-/* Define to 1 if you can safely include both <sys/time.h> and <time.h>. */
-#define TIME_WITH_SYS_TIME 1
-
-/* The number of tries a user gets to enter their password. */
-#define TRIES_FOR_PASSWORD 3
-
-/* Define to 1 if the `unsetenv' function returns void instead of `int'. */
-/* #undef UNSETENV_VOID */
-
-/* Define to 1 if you want to create ~/.sudo_as_admin_successful if the user
- is in the admin group the first time they run sudo. */
-/* #undef USE_ADMIN_FLAG */
-
-/* Define to 1 if you want to insult the user for entering an incorrect
- password. */
-/* #undef USE_INSULTS */
-
-/* Define to 1 if you use GNU stow packaging. */
-/* #undef USE_STOW */
-
-/* Define to 1 if using a non-Unix group lookup implementation. */
-/* #undef USING_NONUNIX_GROUPS */
-
-/* Define to avoid using the passwd/shadow file for authentication. */
-#define WITHOUT_PASSWD 1
-
-/* Define to `signed' or nothing if compiler does not support a signed type
- qualifier. */
-/* #undef __signed */
-
-/* Define to empty if `const' does not conform to ANSI C. */
-/* #undef const */
-
-/* Define if your system lacks the dev_t type. */
-/* #undef dev_t */
-
-/* Define to `int' if <sys/types.h> doesn't define. */
-/* #undef gid_t */
-
-/* Define if your system lacks the ino_t type. */
-/* #undef ino_t */
-
-/* Define to `int' if <sys/types.h> does not define. */
-/* #undef mode_t */
-
-/* Define to `int' if <signal.h> does not define. */
-/* #undef sig_atomic_t */
-
-/* Define to `unsigned int' if <sys/types.h> does not define. */
-/* #undef size_t */
-
-/* Define if your system lacks the ssize_t type. */
-/* #undef ssize_t */
-
-/* Define to `int' if <sys/types.h> doesn't define. */
-/* #undef uid_t */
-
-/* Define to empty if the keyword `volatile' does not work. Warning: valid
- code using `volatile' can become incorrect without. Disable with care. */
-/* #undef volatile */
-
-/*
- * Macros to convert ctime and mtime into timevals.
- */
-#define timespec2timeval(_ts, _tv) do { \
- (_tv)->tv_sec = (_ts)->tv_sec; \
- (_tv)->tv_usec = (_ts)->tv_nsec / 1000; \
-} while (0)
-
-#ifdef HAVE_ST_MTIM
-# ifdef HAVE_ST__TIM
-# define ctim_get(_x, _y) timespec2timeval(&(_x)->st_ctim.st__tim, (_y))
-# define mtim_get(_x, _y) timespec2timeval(&(_x)->st_mtim.st__tim, (_y))
-# else
-# define ctim_get(_x, _y) timespec2timeval(&(_x)->st_ctim, (_y))
-# define mtim_get(_x, _y) timespec2timeval(&(_x)->st_mtim, (_y))
-# endif
-#else
-# ifdef HAVE_ST_MTIMESPEC
-# define ctim_get(_x, _y) timespec2timeval(&(_x)->st_ctimespec, (_y))
-# define mtim_get(_x, _y) timespec2timeval(&(_x)->st_mtimespec, (_y))
-# else
-# define ctim_get(_x, _y) do { (_y)->tv_sec = (_x)->st_ctime; (_y)->tv_usec = 0; } while (0)
-# define mtim_get(_x, _y) do { (_y)->tv_sec = (_x)->st_mtime; (_y)->tv_usec = 0; } while (0)
-# endif /* HAVE_ST_MTIMESPEC */
-#endif /* HAVE_ST_MTIM */
-
-/*
- * Emulate a subset of waitpid() if we don't have it.
- */
-#ifdef HAVE_WAITPID
-# define sudo_waitpid(p, s, o) waitpid(p, s, o)
-#else
-# ifdef HAVE_WAIT3
-# define sudo_waitpid(p, s, o) wait3(s, o, NULL)
-# endif
-#endif
-
-/* GNU stow needs /etc/sudoers to be a symlink. */
-#ifdef USE_STOW
-# define stat_sudoers stat
-#else
-# define stat_sudoers lstat
-#endif
-
-/* Macros to set/clear/test flags. */
-/* #undef SET */
-#define SET(t, f) ((t) |= (f))
-/* #undef CLR */
-#define CLR(t, f) ((t) &= ~(f))
-/* #undef ISSET */
-#define ISSET(t, f) ((t) & (f))
-
-/* New ANSI-style OS defs for HP-UX and ConvexOS. */
-#if defined(hpux) && !defined(__hpux)
-# define __hpux 1
-#endif /* hpux */
-
-#if defined(convex) && !defined(__convex__)
-# define __convex__ 1
-#endif /* convex */
-
-/* BSD compatibility on some SVR4 systems. */
-#ifdef __svr4__
-# define BSD_COMP
-#endif /* __svr4__ */
-
-#endif /* _SUDO_CONFIG_H */
Modified: trunk/contrib/sudo/config.h.in
===================================================================
--- trunk/contrib/sudo/config.h.in 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/config.h.in 2014-10-02 03:20:49 UTC (rev 6803)
@@ -27,6 +27,9 @@
variables. */
#undef ENV_EDITOR
+/* Define to 1 to enable environment resetting by default. */
+#undef ENV_RESET
+
/* If defined, users in this group need not enter a passwd (ie "sudo"). */
#undef EXEMPTGROUP
@@ -280,6 +283,9 @@
/* Define to 1 if you have the `ldap_search_ext_s' function. */
#undef HAVE_LDAP_SEARCH_EXT_S
+/* Define to 1 if you have the `ldap_search_st' function. */
+#undef HAVE_LDAP_SEARCH_ST
+
/* Define to 1 if you have the `ldap_ssl_client_init' function. */
#undef HAVE_LDAP_SSL_CLIENT_INIT
@@ -355,6 +361,9 @@
/* Define to 1 if you have the <netgroup.h> header file. */
#undef HAVE_NETGROUP_H
+/* Define to 1 if you have the `nl_langinfo' function. */
+#undef HAVE_NL_LANGINFO
+
/* Define to 1 if you have the `openpty' function. */
#undef HAVE_OPENPTY
@@ -537,6 +546,9 @@
/* Define to 1 if you have the <sys/stropts.h> header file. */
#undef HAVE_SYS_STROPTS_H
+/* Define to 1 if you have the <sys/sysmacros.h> header file. */
+#undef HAVE_SYS_SYSMACROS_H
+
/* Define to 1 if you have the <sys/types.h> header file. */
#undef HAVE_SYS_TYPES_H
@@ -574,9 +586,6 @@
/* Define to 1 if you have the `vasprintf' function. */
#undef HAVE_VASPRINTF
-/* Define to 1 if you have the `vhangup' function. */
-#undef HAVE_VHANGUP
-
/* Define to 1 if you have the `vsnprintf' function. */
#undef HAVE_VSNPRINTF
@@ -729,7 +738,7 @@
/* Define to 1 if the code in interfaces.c does not compile for you. */
#undef STUB_LOAD_INTERFACES
-/* The umask that the root-run prog should use. */
+/* The umask that the sudo-run prog should use. */
#undef SUDO_UMASK
/* The number of minutes before sudo asks for a password again. */
@@ -741,6 +750,10 @@
/* The number of tries a user gets to enter their password. */
#undef TRIES_FOR_PASSWORD
+/* Define to 1 to use the umask specified in sudoers even when it is less
+ restrictive than the invoking user's. */
+#undef UMASK_OVERRIDE
+
/* Define to 1 if the `unsetenv' function returns void instead of `int'. */
#undef UNSETENV_VOID
@@ -761,6 +774,12 @@
/* Define to avoid using the passwd/shadow file for authentication. */
#undef WITHOUT_PASSWD
+/* Number of bits in a file offset, on hosts where this is settable. */
+#undef _FILE_OFFSET_BITS
+
+/* Define for large files, on AIX-style hosts. */
+#undef _LARGE_FILES
+
/* Define to `signed' or nothing if compiler does not support a signed type
qualifier. */
#undef __signed
Modified: trunk/contrib/sudo/configure
===================================================================
--- trunk/contrib/sudo/configure 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/configure 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.65 for sudo 1.7.4p6.
+# Generated by GNU Autoconf 2.65 for sudo 1.7.5.
#
# Report bugs to <http://www.sudo.ws/bugs/>.
#
@@ -701,8 +701,8 @@
# Identity of this package.
PACKAGE_NAME='sudo'
PACKAGE_TARNAME='sudo'
-PACKAGE_VERSION='1.7.4p6'
-PACKAGE_STRING='sudo 1.7.4p6'
+PACKAGE_VERSION='1.7.5'
+PACKAGE_STRING='sudo 1.7.5'
PACKAGE_BUGREPORT='http://www.sudo.ws/bugs/'
PACKAGE_URL=''
@@ -794,6 +794,7 @@
insults
tty_tickets
passwd_tries
+env_reset
env_editor
runas_default
fqdn
@@ -811,11 +812,14 @@
lecture
long_otp_prompt
passprompt
+umask_override
sudo_umask
password_timeout
timeout
timedir
+iolog_dir
CONFIGURE_ARGS
+ZLIB_DEP
ZLIB
LOGINCAP_USAGE
REPLAY
@@ -947,6 +951,7 @@
with_sudoers_uid
with_sudoers_gid
with_umask
+with_umask_override
with_runas_default
with_exempt
with_editor
@@ -983,6 +988,7 @@
enable_shell_sets_home
enable_path_info
enable_env_debug
+enable_env_reset
enable_warnings
enable_admin_flag
with_selinux
@@ -996,6 +1002,7 @@
with_noexec
with_netsvc
enable_sia
+enable_largefile
with_pam_login
enable_pam_session
enable_zlib
@@ -1552,7 +1559,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures sudo 1.7.4p6 to adapt to many kinds of systems.
+\`configure' configures sudo 1.7.5 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1617,7 +1624,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of sudo 1.7.4p6:";;
+ short | recursive ) echo "Configuration of sudo 1.7.5:";;
esac
cat <<\_ACEOF
@@ -1638,6 +1645,7 @@
Set $HOME to target user in shell mode
--disable-path-info Print 'command not allowed' not 'command not found'
--enable-env-debug Whether to enable environment debugging.
+ --enable-env-reset Whether to enable environment resetting by default.
--enable-warnings Whether to enable compiler warnings
--enable-admin-flag Whether to create a Ubuntu-style admin flag file
--enable-gss-krb5-ccache-name
@@ -1648,6 +1656,7 @@
optimize for fast installation [default=yes]
--disable-libtool-lock avoid locking (might break parallel builds)
--disable-sia Disable SIA on Digital UNIX
+ --disable-largefile omit support for large files
--disable-pam-session Disable PAM session support
--enable-zlib[=PATH] Whether to enable or disable zlib
@@ -1709,6 +1718,8 @@
--with-umask umask with which the prog should run (default is
022)
--without-umask Preserves the umask of the user invoking sudo.
+ --with-umask-override Use the umask specified in sudoers even if it is
+ less restrictive than the user's.
--with-runas-default User to run commands as (default is "root")
--with-exempt=group no passwd needed for users in this group
--with-editor=path Default editor for visudo (defaults to vi)
@@ -1828,7 +1839,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-sudo configure 1.7.4p6
+sudo configure 1.7.5
generated by GNU Autoconf 2.65
Copyright (C) 2009 Free Software Foundation, Inc.
@@ -2527,7 +2538,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by sudo $as_me 1.7.4p6, which was
+It was created by sudo $as_me 1.7.5, which was
generated by GNU Autoconf 2.65. Invocation command line was
$ $0 $@
@@ -2874,7 +2885,7 @@
ac_compiler_gnu=$ac_cv_c_compiler_gnu
-ac_config_headers="$ac_config_headers config.h pathnames.h"
+ac_config_headers="$ac_config_headers config.h pathnames.h zlib/zconf.h"
{ $as_echo "$as_me:${as_lineno-$LINENO}: Configuring Sudo version $PACKAGE_VERSION" >&5
$as_echo "$as_me: Configuring Sudo version $PACKAGE_VERSION" >&6;}
@@ -2951,13 +2962,18 @@
+
+
+
#
# Begin initial values for man page substitution
#
+iolog_dir=/var/log/sudo-io
timedir=/var/adm/sudo
timeout=5
password_timeout=5
sudo_umask=0022
+umask_override=off
passprompt="Password:"
long_otp_prompt=off
lecture=once
@@ -2975,6 +2991,7 @@
fqdn=off
runas_default=root
env_editor=off
+env_reset=on
editor=vi
passwd_tries=3
tty_tickets=on
@@ -3005,6 +3022,7 @@
LCMAN=0
SEMAN=0
ZLIB=
+ZLIB_DEP=
AUTH_OBJS=
AUTH_REG=
AUTH_EXCL=
@@ -3916,8 +3934,7 @@
# Check whether --with-linux-audit was given.
if test "${with_linux_audit+set}" = set; then :
withval=$with_linux_audit; case $with_linux_audit in
- yes)
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+ yes) cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
#include <libaudit.h>
int
@@ -4775,6 +4792,22 @@
$as_echo "$sudo_umask" >&6; }
fi
+
+# Check whether --with-umask-override was given.
+if test "${with_umask_override+set}" = set; then :
+ withval=$with_umask_override; case $with_umask_override in
+ yes) $as_echo "#define UMASK_OVERRIDE 1" >>confdefs.h
+
+ umask_override=on
+ ;;
+ no) umask_override=off
+ ;;
+ *) as_fn_error "\"--with-umask-override does not take an argument.\"" "$LINENO" 5
+ ;;
+esac
+fi
+
+
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for default user to run commands as" >&5
$as_echo_n "checking for default user to run commands as... " >&6; }
@@ -5580,6 +5613,35 @@
fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to enable environment resetting by default" >&5
+$as_echo_n "checking whether to enable environment resetting by default... " >&6; }
+# Check whether --enable-env_reset was given.
+if test "${enable_env_reset+set}" = set; then :
+ enableval=$enable_env_reset; case "$enableval" in
+ yes) env_reset=on
+ ;;
+ no) env_reset=off
+ ;;
+ *) env_reset=on
+ { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Ignoring unknown argument to --enable-env-reset: $enableval" >&5
+$as_echo "$as_me: WARNING: Ignoring unknown argument to --enable-env-reset: $enableval" >&2;}
+ ;;
+ esac
+
+fi
+
+if test "$env_reset" = "on"; then
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+ $as_echo "#define ENV_RESET TRUE" >>confdefs.h
+
+else
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+ $as_echo "#define ENV_RESET FALSE" >>confdefs.h
+
+fi
+
# Check whether --enable-warnings was given.
if test "${enable_warnings+set}" = set; then :
enableval=$enable_warnings; case "$enableval" in
@@ -6056,6 +6118,9 @@
RANLIB="$ac_cv_prog_RANLIB"
fi
+if test X"$AR" = X"false"; then
+ as_fn_error "the \"ar\" utility is required to build sudo" "$LINENO" 5
+fi
ac_aux_dir=
for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do
@@ -6762,13 +6827,13 @@
else
lt_cv_nm_interface="BSD nm"
echo "int some_variable = 0;" > conftest.$ac_ext
- (eval echo "\"\$as_me:6765: $ac_compile\"" >&5)
+ (eval echo "\"\$as_me:6830: $ac_compile\"" >&5)
(eval "$ac_compile" 2>conftest.err)
cat conftest.err >&5
- (eval echo "\"\$as_me:6768: $NM \\\"conftest.$ac_objext\\\"\"" >&5)
+ (eval echo "\"\$as_me:6833: $NM \\\"conftest.$ac_objext\\\"\"" >&5)
(eval "$NM \"conftest.$ac_objext\"" 2>conftest.err > conftest.out)
cat conftest.err >&5
- (eval echo "\"\$as_me:6771: output\"" >&5)
+ (eval echo "\"\$as_me:6836: output\"" >&5)
cat conftest.out >&5
if $GREP 'External.*some_variable' conftest.out > /dev/null; then
lt_cv_nm_interface="MS dumpbin"
@@ -7973,7 +8038,7 @@
;;
*-*-irix6*)
# Find out which ABI we are using.
- echo '#line 7976 "configure"' > conftest.$ac_ext
+ echo '#line 8041 "configure"' > conftest.$ac_ext
if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5
(eval $ac_compile) 2>&5
ac_status=$?
@@ -9366,11 +9431,11 @@
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:9369: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:9434: $lt_compile\"" >&5)
(eval "$lt_compile" 2>conftest.err)
ac_status=$?
cat conftest.err >&5
- echo "$as_me:9373: \$? = $ac_status" >&5
+ echo "$as_me:9438: \$? = $ac_status" >&5
if (exit $ac_status) && test -s "$ac_outfile"; then
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings other than the usual output.
@@ -9705,11 +9770,11 @@
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:9708: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:9773: $lt_compile\"" >&5)
(eval "$lt_compile" 2>conftest.err)
ac_status=$?
cat conftest.err >&5
- echo "$as_me:9712: \$? = $ac_status" >&5
+ echo "$as_me:9777: \$? = $ac_status" >&5
if (exit $ac_status) && test -s "$ac_outfile"; then
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings other than the usual output.
@@ -9810,11 +9875,11 @@
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:9813: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:9878: $lt_compile\"" >&5)
(eval "$lt_compile" 2>out/conftest.err)
ac_status=$?
cat out/conftest.err >&5
- echo "$as_me:9817: \$? = $ac_status" >&5
+ echo "$as_me:9882: \$? = $ac_status" >&5
if (exit $ac_status) && test -s out/conftest2.$ac_objext
then
# The compiler can only warn and ignore the option if not recognized
@@ -9865,11 +9930,11 @@
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:9868: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:9933: $lt_compile\"" >&5)
(eval "$lt_compile" 2>out/conftest.err)
ac_status=$?
cat out/conftest.err >&5
- echo "$as_me:9872: \$? = $ac_status" >&5
+ echo "$as_me:9937: \$? = $ac_status" >&5
if (exit $ac_status) && test -s out/conftest2.$ac_objext
then
# The compiler can only warn and ignore the option if not recognized
@@ -12232,7 +12297,7 @@
lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
lt_status=$lt_dlunknown
cat > conftest.$ac_ext <<_LT_EOF
-#line 12235 "configure"
+#line 12300 "configure"
#include "confdefs.h"
#if HAVE_DLFCN_H
@@ -12328,7 +12393,7 @@
lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
lt_status=$lt_dlunknown
cat > conftest.$ac_ext <<_LT_EOF
-#line 12331 "configure"
+#line 12396 "configure"
#include "confdefs.h"
#if HAVE_DLFCN_H
@@ -12867,7 +12932,7 @@
if test -z "$GCC"; then
# HP-UX bundled compiler can't generate shared objects
- if -z "$pic_flag"; then
+ if test "x$ac_cv_prog_cc_c89" = "xno"; then
with_noexec=no
fi
@@ -12941,6 +13006,8 @@
*-*-hpux10.*)
shadow_funcs="getprpwnam iscomsec"
shadow_libs="-lsec"
+ # HP-UX 10.20 libc has an incompatible getline
+ ac_cv_func_getline="no"
;;
*)
shadow_funcs="getspnam iscomsec"
@@ -14019,7 +14086,7 @@
fi
-for ac_header in malloc.h paths.h utime.h netgroup.h sys/sockio.h sys/bsdtypes.h sys/select.h sys/stropts.h
+for ac_header in malloc.h paths.h utime.h netgroup.h sys/sockio.h sys/bsdtypes.h sys/select.h sys/stropts.h sys/sysmacros.h
do :
as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default"
@@ -14033,6 +14100,261 @@
done
+# Check whether --enable-largefile was given.
+if test "${enable_largefile+set}" = set; then :
+ enableval=$enable_largefile;
+fi
+
+if test "$enable_largefile" != no; then
+
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for special C compiler options needed for large files" >&5
+$as_echo_n "checking for special C compiler options needed for large files... " >&6; }
+if test "${ac_cv_sys_largefile_CC+set}" = set; then :
+ $as_echo_n "(cached) " >&6
+else
+ ac_cv_sys_largefile_CC=no
+ if test "$GCC" != yes; then
+ ac_save_CC=$CC
+ while :; do
+ # IRIX 6.2 and later do not support large files by default,
+ # so use the C compiler's -n32 option if that helps.
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#include <sys/types.h>
+ /* Check that off_t can represent 2**63 - 1 correctly.
+ We can't simply define LARGE_OFF_T to be 9223372036854775807,
+ since some C++ compilers masquerading as C compilers
+ incorrectly reject 9223372036854775807. */
+#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
+ int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
+ && LARGE_OFF_T % 2147483647 == 1)
+ ? 1 : -1];
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+ if ac_fn_c_try_compile "$LINENO"; then :
+ break
+fi
+rm -f core conftest.err conftest.$ac_objext
+ CC="$CC -n32"
+ if ac_fn_c_try_compile "$LINENO"; then :
+ ac_cv_sys_largefile_CC=' -n32'; break
+fi
+rm -f core conftest.err conftest.$ac_objext
+ break
+ done
+ CC=$ac_save_CC
+ rm -f conftest.$ac_ext
+ fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_largefile_CC" >&5
+$as_echo "$ac_cv_sys_largefile_CC" >&6; }
+ if test "$ac_cv_sys_largefile_CC" != no; then
+ CC=$CC$ac_cv_sys_largefile_CC
+ fi
+
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for _FILE_OFFSET_BITS value needed for large files" >&5
+$as_echo_n "checking for _FILE_OFFSET_BITS value needed for large files... " >&6; }
+if test "${ac_cv_sys_file_offset_bits+set}" = set; then :
+ $as_echo_n "(cached) " >&6
+else
+ while :; do
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#include <sys/types.h>
+ /* Check that off_t can represent 2**63 - 1 correctly.
+ We can't simply define LARGE_OFF_T to be 9223372036854775807,
+ since some C++ compilers masquerading as C compilers
+ incorrectly reject 9223372036854775807. */
+#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
+ int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
+ && LARGE_OFF_T % 2147483647 == 1)
+ ? 1 : -1];
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+ ac_cv_sys_file_offset_bits=no; break
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#define _FILE_OFFSET_BITS 64
+#include <sys/types.h>
+ /* Check that off_t can represent 2**63 - 1 correctly.
+ We can't simply define LARGE_OFF_T to be 9223372036854775807,
+ since some C++ compilers masquerading as C compilers
+ incorrectly reject 9223372036854775807. */
+#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
+ int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
+ && LARGE_OFF_T % 2147483647 == 1)
+ ? 1 : -1];
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+ ac_cv_sys_file_offset_bits=64; break
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ ac_cv_sys_file_offset_bits=unknown
+ break
+done
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_file_offset_bits" >&5
+$as_echo "$ac_cv_sys_file_offset_bits" >&6; }
+case $ac_cv_sys_file_offset_bits in #(
+ no | unknown) ;;
+ *)
+cat >>confdefs.h <<_ACEOF
+#define _FILE_OFFSET_BITS $ac_cv_sys_file_offset_bits
+_ACEOF
+;;
+esac
+rm -rf conftest*
+ if test $ac_cv_sys_file_offset_bits = unknown; then
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for _LARGE_FILES value needed for large files" >&5
+$as_echo_n "checking for _LARGE_FILES value needed for large files... " >&6; }
+if test "${ac_cv_sys_large_files+set}" = set; then :
+ $as_echo_n "(cached) " >&6
+else
+ while :; do
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#include <sys/types.h>
+ /* Check that off_t can represent 2**63 - 1 correctly.
+ We can't simply define LARGE_OFF_T to be 9223372036854775807,
+ since some C++ compilers masquerading as C compilers
+ incorrectly reject 9223372036854775807. */
+#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
+ int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
+ && LARGE_OFF_T % 2147483647 == 1)
+ ? 1 : -1];
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+ ac_cv_sys_large_files=no; break
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#define _LARGE_FILES 1
+#include <sys/types.h>
+ /* Check that off_t can represent 2**63 - 1 correctly.
+ We can't simply define LARGE_OFF_T to be 9223372036854775807,
+ since some C++ compilers masquerading as C compilers
+ incorrectly reject 9223372036854775807. */
+#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
+ int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
+ && LARGE_OFF_T % 2147483647 == 1)
+ ? 1 : -1];
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+ ac_cv_sys_large_files=1; break
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ ac_cv_sys_large_files=unknown
+ break
+done
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_large_files" >&5
+$as_echo "$ac_cv_sys_large_files" >&6; }
+case $ac_cv_sys_large_files in #(
+ no | unknown) ;;
+ *)
+cat >>confdefs.h <<_ACEOF
+#define _LARGE_FILES $ac_cv_sys_large_files
+_ACEOF
+;;
+esac
+rm -rf conftest*
+ fi
+fi
+
+case "$host" in
+ *-*-hpux11.*)
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether sys/types.h needs _XOPEN_SOURCE_EXTENDED" >&5
+$as_echo_n "checking whether sys/types.h needs _XOPEN_SOURCE_EXTENDED... " >&6; }
+if test "${sudo_cv_xopen_source_extended+set}" = set; then :
+ $as_echo_n "(cached) " >&6
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$ac_includes_default
+ #include <sys/socket.h>
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+ sudo_cv_xopen_source_extended=no
+else
+
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#define _XOPEN_SOURCE_EXTENDED
+ $ac_includes_default
+ #include <sys/socket.h>
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+ sudo_cv_xopen_source_extended=yes
+else
+ sudo_cv_xopen_source_extended=error
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $sudo_cv_xopen_source_extended" >&5
+$as_echo "$sudo_cv_xopen_source_extended" >&6; }
+ if test "$sudo_cv_xopen_source_extended" = "yes"; then
+ OSDEFS="${OSDEFS} -D_XOPEN_SOURCE_EXTENDED"
+ cat >>confdefs.h <<\EOF
+#define _XOPEN_SOURCE_EXTENDED 1
+EOF
+
+ fi
+ ;;
+esac
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking POSIX termios" >&5
$as_echo_n "checking POSIX termios... " >&6; }
if test "${ac_cv_sys_posix_termios+set}" = set; then :
@@ -14088,11 +14410,10 @@
/* end confdefs.h. */
$ac_includes_default
#include <paths.h>
-int main() {char *p = _PATH_MAILDIR;}
int
main ()
{
-
+char *p = _PATH_MAILDIR;
;
return 0;
}
@@ -14812,7 +15133,7 @@
for ac_func in strchr strrchr memchr memcpy memset sysconf tzset \
strftime setrlimit initgroups getgroups fstat gettimeofday \
- regcomp setlocale getaddrinfo setenv vhangup \
+ regcomp setlocale nl_langinfo getaddrinfo setenv \
mbr_check_membership setrlimit64
do :
as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
@@ -14918,7 +15239,7 @@
done
-for ac_func in sysctl getutid getutxid
+for ac_func in sysctl getutxid getutid
do :
as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
@@ -17574,7 +17895,7 @@
fi
if test ${with_passwd-'no'} != "no"; then
- if test -z "$LIB_CRYPT" -a "$with_passwd" != "no"; then
+ if test -z "$LIB_CRYPT"; then
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing crypt" >&5
$as_echo_n "checking for library containing crypt... " >&6; }
if test "${ac_cv_search_crypt+set}" = set; then :
@@ -18022,7 +18343,7 @@
done
- for ac_func in ldap_initialize ldap_start_tls_s ldapssl_init ldapssl_set_strength ldap_search_ext_s ldap_unbind_ext_s ldap_str2dn ldap_create ldap_sasl_bind_s ldap_ssl_client_init ldap_start_tls_s_np
+ for ac_func in ldap_initialize ldap_start_tls_s ldapssl_init ldapssl_set_strength ldap_unbind_ext_s ldap_str2dn ldap_create ldap_sasl_bind_s ldap_ssl_client_init ldap_start_tls_s_np
do :
as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
@@ -18035,7 +18356,20 @@
fi
done
+ for ac_func in ldap_search_ext_s ldap_search_st
+do :
+ as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
+ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
+eval as_val=\$$as_ac_var
+ if test "x$as_val" = x""yes; then :
+ cat >>confdefs.h <<_ACEOF
+#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+ break
+fi
+done
+
if test X"$check_gss_krb5_ccache_name" = X"yes"; then
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for gss_krb5_ccache_name in -lgssapi" >&5
$as_echo_n "checking for gss_krb5_ccache_name in -lgssapi... " >&6; }
@@ -18266,22 +18600,22 @@
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for I/O log dir location" >&5
$as_echo_n "checking for I/O log dir location... " >&6; }
if test "${with_iologdir-yes}" != "yes"; then
- :
+ iolog_dir="$with_iologdir"
elif test -d "/var/log"; then
- with_iologdir="/var/log/sudo-io"
+ iolog_dir="/var/log/sudo-io"
elif test -d "/var/adm"; then
- with_iologdir="/var/adm/sudo-io"
+ iolog_dir="/var/adm/sudo-io"
else
- with_iologdir="/usr/adm/sudo-io"
+ iolog_dir="/usr/adm/sudo-io"
fi
- if test "${with_iologdir-yes}" != "no"; then
+ if test "${with_iologdir}" != "no"; then
cat >>confdefs.h <<EOF
-#define _PATH_SUDO_IO_LOGDIR "$with_iologdir"
+#define _PATH_SUDO_IO_LOGDIR "$iolog_dir"
EOF
fi
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $with_iologdir" >&5
-$as_echo "$with_iologdir" >&6; }
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: $iolog_dir" >&5
+$as_echo "$iolog_dir" >&6; }
if test "${with_iologdir-yes}" != "no"; then
@@ -18300,38 +18634,12 @@
# Check whether --enable-zlib was given.
if test "${enable_zlib+set}" = set; then :
- enableval=$enable_zlib; case "$enable_zlib" in
- yes) $as_echo "#define HAVE_ZLIB_H 1" >>confdefs.h
-
- ZLIB="-lz"
- ;;
- no) ;;
- *) $as_echo "#define HAVE_ZLIB_H 1" >>confdefs.h
-
- CPPFLAGS="${CPPFLAGS} -I${enable_zlib}/include"
-
- if test X"$with_rpath" = X"yes"; then
- case "$host" in
- *-*-hpux*) ZLIB="${ZLIB} -L$enable_zlib/lib -Wl,+b,$enable_zlib/lib"
- ;;
- *) ZLIB="${ZLIB} -L$enable_zlib/lib -Wl,-R$enable_zlib/lib"
- ;;
- esac
- else
- ZLIB="${ZLIB} -L$enable_zlib/lib"
- fi
- if test X"$blibpath" != X"" -a "ZLIB" = "SUDO_LDFLAGS"; then
- blibpath_add="${blibpath_add}:$enable_zlib/lib"
- fi
-
- ZLIB="${ZLIB} -lz"
- ;;
- esac
-
+ enableval=$enable_zlib;
fi
- if test X"$enable_zlib" = X""; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for gzdopen in -lz" >&5
+ case ${enable_zlib-"yes"} in
+ yes)
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for gzdopen in -lz" >&5
$as_echo_n "checking for gzdopen in -lz... " >&6; }
if test "${ac_cv_lib_z_gzdopen+set}" = set; then :
$as_echo_n "(cached) " >&6
@@ -18369,7 +18677,7 @@
$as_echo "$ac_cv_lib_z_gzdopen" >&6; }
if test "x$ac_cv_lib_z_gzdopen" = x""yes; then :
- for ac_header in zlib.h
+ for ac_header in zlib.h
do :
ac_fn_c_check_header_mongrel "$LINENO" "zlib.h" "ac_cv_header_zlib_h" "$ac_includes_default"
if test "x$ac_cv_header_zlib_h" = x""yes; then :
@@ -18377,6 +18685,8 @@
#define HAVE_ZLIB_H 1
_ACEOF
ZLIB="-lz"
+else
+ enable_zlib=builtin
fi
done
@@ -18384,6 +18694,45 @@
fi
+ ;;
+ no)
+ ;;
+ system)
+ $as_echo "#define HAVE_ZLIB_H 1" >>confdefs.h
+
+ ZLIB="-lz"
+ ;;
+ builtin)
+ # handled below
+ ;;
+ *)
+ $as_echo "#define HAVE_ZLIB_H 1" >>confdefs.h
+
+ CPPFLAGS="${CPPFLAGS} -I${enable_zlib}/include"
+
+ if test X"$with_rpath" = X"yes"; then
+ case "$host" in
+ *-*-hpux*) ZLIB="${ZLIB} -L$enable_zlib/lib -Wl,+b,$enable_zlib/lib"
+ ;;
+ *) ZLIB="${ZLIB} -L$enable_zlib/lib -Wl,-R$enable_zlib/lib"
+ ;;
+ esac
+ else
+ ZLIB="${ZLIB} -L$enable_zlib/lib"
+ fi
+ if test X"$blibpath" != X"" -a "ZLIB" = "SUDO_LDFLAGS"; then
+ blibpath_add="${blibpath_add}:$enable_zlib/lib"
+ fi
+
+ ZLIB="${ZLIB} -lz"
+ ;;
+ esac
+ if test X"$enable_zlib" = X"builtin"; then
+ $as_echo "#define HAVE_ZLIB_H 1" >>confdefs.h
+
+ CPPFLAGS="${CPPFLAGS}"' -I$(srcdir)/zlib'
+ ZLIB="${ZLIB} libz.a"
+ ZLIB_DEP=libz.a
fi
else
@@ -18399,7 +18748,7 @@
case "$with_passwd" in
yes|maybe)
- AUTH_OBJS="$AUTH_OBJS passwd.o"
+ AUTH_OBJS="$AUTH_OBJS getspwuid.o passwd.o"
;;
*)
$as_echo "#define WITHOUT_PASSWD 1" >>confdefs.h
@@ -18410,7 +18759,7 @@
;;
esac
AUTH_OBJS=${AUTH_OBJS# }
-_AUTH=`echo "$AUTH_OBJS" | sed 's/\.o//g'`
+_AUTH=`echo "$AUTH_OBJS" | sed -e 's/\.o//g' -e 's/getspwuid *//'`
{ $as_echo "$as_me:${as_lineno-$LINENO}: using the following authentication methods: $_AUTH" >&5
$as_echo "$as_me: using the following authentication methods: $_AUTH" >&6;}
@@ -18977,7 +19326,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by sudo $as_me 1.7.4p6, which was
+This file was extended by sudo $as_me 1.7.5, which was
generated by GNU Autoconf 2.65. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -19043,7 +19392,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-sudo config.status 1.7.4p6
+sudo config.status 1.7.5
configured by $0, generated by GNU Autoconf 2.65,
with options \\"\$ac_cs_config\\"
@@ -19419,6 +19768,7 @@
case $ac_config_target in
"config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;;
"pathnames.h") CONFIG_HEADERS="$CONFIG_HEADERS pathnames.h" ;;
+ "zlib/zconf.h") CONFIG_HEADERS="$CONFIG_HEADERS zlib/zconf.h" ;;
"libtool") CONFIG_COMMANDS="$CONFIG_COMMANDS libtool" ;;
"Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;;
"sudo.man") CONFIG_FILES="$CONFIG_FILES sudo.man" ;;
@@ -20699,6 +21049,8 @@
+
+
Modified: trunk/contrib/sudo/configure.in
===================================================================
--- trunk/contrib/sudo/configure.in 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/configure.in 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,12 +1,12 @@
dnl
dnl Process this file with GNU autoconf to produce a configure script.
dnl
-dnl Copyright (c) 1994-1996,1998-2010 Todd C. Miller <Todd.Miller at courtesan.com>
+dnl Copyright (c) 1994-1996,1998-2011 Todd C. Miller <Todd.Miller at courtesan.com>
dnl
-AC_INIT([sudo], [1.7.4p6], [http://www.sudo.ws/bugs/], [sudo])
-AC_CONFIG_HEADER(config.h pathnames.h)
+AC_INIT([sudo], [1.7.5], [http://www.sudo.ws/bugs/], [sudo])
+AC_CONFIG_HEADER(config.h pathnames.h zlib/zconf.h)
dnl
-dnl This won't work before AC_INIT
+dnl Note: this must come after AC_INIT
dnl
AC_MSG_NOTICE([Configuring Sudo version $PACKAGE_VERSION])
dnl
@@ -53,14 +53,17 @@
AC_SUBST([REPLAY])
AC_SUBST([LOGINCAP_USAGE])
AC_SUBST([ZLIB])
+AC_SUBST([ZLIB_DEP])
AC_SUBST([CONFIGURE_ARGS])
dnl
dnl Variables that get substituted in docs (not overridden by environment)
dnl
+AC_SUBST([iolog_dir])dnl real initial value from SUDO_IO_LOGDIR
AC_SUBST([timedir])dnl real initial value from SUDO_TIMEDIR
AC_SUBST([timeout])
AC_SUBST([password_timeout])
AC_SUBST([sudo_umask])
+AC_SUBST([umask_override])
AC_SUBST([passprompt])
AC_SUBST([long_otp_prompt])
AC_SUBST([lecture])
@@ -78,6 +81,7 @@
AC_SUBST([fqdn])
AC_SUBST([runas_default])
AC_SUBST([env_editor])
+AC_SUBST([env_reset])
AC_SUBST([passwd_tries])
AC_SUBST([tty_tickets])
AC_SUBST([insults])
@@ -92,10 +96,12 @@
#
# Begin initial values for man page substitution
#
+iolog_dir=/var/log/sudo-io
timedir=/var/adm/sudo
timeout=5
password_timeout=5
sudo_umask=0022
+umask_override=off
passprompt="Password:"
long_otp_prompt=off
lecture=once
@@ -113,6 +119,7 @@
fqdn=off
runas_default=root
env_editor=off
+env_reset=on
editor=vi
passwd_tries=3
tty_tickets=on
@@ -147,6 +154,7 @@
LCMAN=0
SEMAN=0
ZLIB=
+ZLIB_DEP=
AUTH_OBJS=
AUTH_REG=
AUTH_EXCL=
@@ -245,8 +253,7 @@
dnl
AC_ARG_WITH(linux-audit, [AS_HELP_STRING([--with-linux-audit], [enable Linux audit support])],
[case $with_linux_audit in
- yes)
- AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <libaudit.h>]], [[int i = AUDIT_USER_CMD; (void)i;]])], [
+ yes) AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <libaudit.h>]], [[int i = AUDIT_USER_CMD; (void)i;]])], [
AC_DEFINE(HAVE_LINUX_AUDIT)
SUDO_LIBS="${SUDO_LIBS} -laudit"
SUDO_OBJS="${SUDO_OBJS} linux_audit.o"
@@ -784,7 +791,7 @@
*) AC_MSG_ERROR(["you must enter a numeric mask."])
;;
esac])
-AC_DEFINE_UNQUOTED(SUDO_UMASK, $sudo_umask, [The umask that the root-run prog should use.])
+AC_DEFINE_UNQUOTED(SUDO_UMASK, $sudo_umask, [The umask that the sudo-run prog should use.])
if test "$sudo_umask" = "0777"; then
AC_MSG_RESULT(user)
else
@@ -791,6 +798,17 @@
AC_MSG_RESULT($sudo_umask)
fi
+AC_ARG_WITH(umask-override, [AS_HELP_STRING([--with-umask-override], [Use the umask specified in sudoers even if it is less restrictive than the user's.])],
+[case $with_umask_override in
+ yes) AC_DEFINE(UMASK_OVERRIDE)
+ umask_override=on
+ ;;
+ no) umask_override=off
+ ;;
+ *) AC_MSG_ERROR(["--with-umask-override does not take an argument."])
+ ;;
+esac])
+
AC_MSG_CHECKING(for default user to run commands as)
AC_ARG_WITH(runas-default, [AS_HELP_STRING([--with-runas-default], [User to run commands as (default is "root")])],
[case $with_runas_default in
@@ -1256,6 +1274,27 @@
esac
], AC_MSG_RESULT(no))
+AC_MSG_CHECKING(whether to enable environment resetting by default)
+AC_ARG_ENABLE(env_reset,
+[AS_HELP_STRING([--enable-env-reset], [Whether to enable environment resetting by default.])],
+[ case "$enableval" in
+ yes) env_reset=on
+ ;;
+ no) env_reset=off
+ ;;
+ *) env_reset=on
+ AC_MSG_WARN([Ignoring unknown argument to --enable-env-reset: $enableval])
+ ;;
+ esac
+])
+if test "$env_reset" = "on"; then
+ AC_MSG_RESULT(yes)
+ AC_DEFINE(ENV_RESET, TRUE)
+else
+ AC_MSG_RESULT(no)
+ AC_DEFINE(ENV_RESET, FALSE)
+fi
+
AC_ARG_ENABLE(warnings,
[AS_HELP_STRING([--enable-warnings], [Whether to enable compiler warnings])],
[ case "$enableval" in
@@ -1310,6 +1349,9 @@
AC_PROG_CPP
AC_CHECK_TOOL(AR, ar, false)
AC_CHECK_TOOL(RANLIB, ranlib, :)
+if test X"$AR" = X"false"; then
+ AC_MSG_ERROR([the "ar" utility is required to build sudo])
+fi
dnl
dnl Libtool setup, we require libtool 2.2.6b or higher
@@ -1467,7 +1509,7 @@
if test -z "$GCC"; then
# HP-UX bundled compiler can't generate shared objects
- if -z "$pic_flag"; then
+ if test "x$ac_cv_prog_cc_c89" = "xno"; then
with_noexec=no
fi
@@ -1519,6 +1561,8 @@
*-*-hpux10.*)
shadow_funcs="getprpwnam iscomsec"
shadow_libs="-lsec"
+ # HP-UX 10.20 libc has an incompatible getline
+ ac_cv_func_getline="no"
;;
*)
shadow_funcs="getspnam iscomsec"
@@ -1854,7 +1898,28 @@
AC_HEADER_STDC
AC_HEADER_DIRENT
AC_HEADER_TIME
-AC_CHECK_HEADERS(malloc.h paths.h utime.h netgroup.h sys/sockio.h sys/bsdtypes.h sys/select.h sys/stropts.h)
+AC_CHECK_HEADERS(malloc.h paths.h utime.h netgroup.h sys/sockio.h sys/bsdtypes.h sys/select.h sys/stropts.h sys/sysmacros.h)
+dnl
+dnl Check for large file support. HP-UX 11.23 has a broken sys/type.h
+dnl when large files support is enabled so work around it.
+dnl
+AC_SYS_LARGEFILE
+case "$host" in
+ *-*-hpux11.*)
+ AC_CACHE_CHECK([whether sys/types.h needs _XOPEN_SOURCE_EXTENDED], [sudo_cv_xopen_source_extended],
+ [AC_COMPILE_IFELSE([AC_LANG_PROGRAM([AC_INCLUDES_DEFAULT
+ #include <sys/socket.h>], [])], [sudo_cv_xopen_source_extended=no], [
+ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([#define _XOPEN_SOURCE_EXTENDED
+ AC_INCLUDES_DEFAULT
+ #include <sys/socket.h>], [])], [sudo_cv_xopen_source_extended=yes],
+ [sudo_cv_xopen_source_extended=error])
+ ])])
+ if test "$sudo_cv_xopen_source_extended" = "yes"; then
+ OSDEFS="${OSDEFS} -D_XOPEN_SOURCE_EXTENDED"
+ SUDO_DEFINE(_XOPEN_SOURCE_EXTENDED)
+ fi
+ ;;
+esac
AC_SYS_POSIX_TERMIOS
if test "$ac_cv_sys_posix_termios" = "yes"; then
AC_DEFINE(HAVE_TERMIOS_H)
@@ -1912,7 +1977,7 @@
AC_FUNC_GETGROUPS
AC_CHECK_FUNCS(strchr strrchr memchr memcpy memset sysconf tzset \
strftime setrlimit initgroups getgroups fstat gettimeofday \
- regcomp setlocale getaddrinfo setenv vhangup \
+ regcomp setlocale nl_langinfo getaddrinfo setenv \
mbr_check_membership setrlimit64)
AC_CHECK_FUNCS(getline, [], [
AC_LIBOBJ(getline)
@@ -1923,7 +1988,7 @@
AC_FUNC_SETPGRP
])
-AC_CHECK_FUNCS(sysctl getutid getutxid, [break])
+AC_CHECK_FUNCS(sysctl getutxid getutid, [break])
AC_CHECK_FUNCS(openpty, [AC_CHECK_HEADERS(util.h pty.h, [break])], [
AC_CHECK_LIB(util, openpty, [
@@ -2526,7 +2591,7 @@
dnl
dnl if crypt(3) not in libc, look elsewhere
dnl
- if test -z "$LIB_CRYPT" -a "$with_passwd" != "no"; then
+ if test -z "$LIB_CRYPT"; then
AC_SEARCH_LIBS([crypt], [crypt crypt_d ufc], [test -n "$ac_lib" && SUDO_LIBS="${SUDO_LIBS} $ac_res"])
fi
@@ -2614,7 +2679,8 @@
AC_CHECK_HEADERS([sasl/sasl.h] [sasl.h], [AC_CHECK_FUNCS(ldap_sasl_interactive_bind_s)], [break])
AC_CHECK_HEADERS([ldap_ssl.h] [mps/ldap_ssl.h], [break], [], [#include <ldap.h>])
- AC_CHECK_FUNCS(ldap_initialize ldap_start_tls_s ldapssl_init ldapssl_set_strength ldap_search_ext_s ldap_unbind_ext_s ldap_str2dn ldap_create ldap_sasl_bind_s ldap_ssl_client_init ldap_start_tls_s_np)
+ AC_CHECK_FUNCS(ldap_initialize ldap_start_tls_s ldapssl_init ldapssl_set_strength ldap_unbind_ext_s ldap_str2dn ldap_create ldap_sasl_bind_s ldap_ssl_client_init ldap_start_tls_s_np)
+ AC_CHECK_FUNCS(ldap_search_ext_s ldap_search_st, [break])
if test X"$check_gss_krb5_ccache_name" = X"yes"; then
AC_CHECK_LIB(gssapi, gss_krb5_ccache_name,
@@ -2695,23 +2761,34 @@
REPLAY=""
AC_ARG_ENABLE(zlib,
- [AS_HELP_STRING([--enable-zlib[[=PATH]]], [Whether to enable or disable zlib])],
- [ case "$enable_zlib" in
- yes) AC_DEFINE(HAVE_ZLIB_H)
- ZLIB="-lz"
- ;;
- no) ;;
- *) AC_DEFINE(HAVE_ZLIB_H)
- CPPFLAGS="${CPPFLAGS} -I${enable_zlib}/include"
- SUDO_APPEND_LIBPATH(ZLIB, [$enable_zlib/lib])
- ZLIB="${ZLIB} -lz"
- ;;
- esac
- ])
- if test X"$enable_zlib" = X""; then
- AC_CHECK_LIB(z, gzdopen, [
- AC_CHECK_HEADERS(zlib.h, [ZLIB="-lz"])
- ])
+ [AS_HELP_STRING([--enable-zlib[[=PATH]]], [Whether to enable or disable zlib])], [])
+ case ${enable_zlib-"yes"} in
+ yes)
+ AC_CHECK_LIB(z, gzdopen, [
+ AC_CHECK_HEADERS(zlib.h, [ZLIB="-lz"], [enable_zlib=builtin])
+ ])
+ ;;
+ no)
+ ;;
+ system)
+ AC_DEFINE(HAVE_ZLIB_H)
+ ZLIB="-lz"
+ ;;
+ builtin)
+ # handled below
+ ;;
+ *)
+ AC_DEFINE(HAVE_ZLIB_H)
+ CPPFLAGS="${CPPFLAGS} -I${enable_zlib}/include"
+ SUDO_APPEND_LIBPATH(ZLIB, [$enable_zlib/lib])
+ ZLIB="${ZLIB} -lz"
+ ;;
+ esac
+ if test X"$enable_zlib" = X"builtin"; then
+ AC_DEFINE(HAVE_ZLIB_H)
+ CPPFLAGS="${CPPFLAGS}"' -I$(srcdir)/zlib'
+ ZLIB="${ZLIB} libz.a"
+ ZLIB_DEP=libz.a
fi
], [
AC_MSG_WARN([Disabling I/O log support due to lack of tcsetpgrp function])
@@ -2720,11 +2797,11 @@
fi
dnl
-dnl Use passwd (and secureware) auth modules?
+dnl Use passwd auth module?
dnl
case "$with_passwd" in
yes|maybe)
- AUTH_OBJS="$AUTH_OBJS passwd.o"
+ AUTH_OBJS="$AUTH_OBJS getspwuid.o passwd.o"
;;
*)
AC_DEFINE(WITHOUT_PASSWD)
@@ -2734,7 +2811,7 @@
;;
esac
AUTH_OBJS=${AUTH_OBJS# }
-_AUTH=`echo "$AUTH_OBJS" | sed 's/\.o//g'`
+_AUTH=`echo "$AUTH_OBJS" | sed -e 's/\.o//g' -e 's/getspwuid *//'`
AC_MSG_NOTICE([using the following authentication methods: $_AUTH])
dnl
@@ -2826,6 +2903,7 @@
AH_TEMPLATE(DONT_LEAK_PATH_INFO, [Define to 1 if you want sudo to display "command not allowed" instead of "command not found" when a command cannot be found.])
AH_TEMPLATE(ENV_EDITOR, [Define to 1 if you want visudo to honor the EDITOR and VISUAL env variables.])
AH_TEMPLATE(ENV_DEBUG, [Define to 1 to enable environment function debugging.])
+AH_TEMPLATE(ENV_RESET, [Define to 1 to enable environment resetting by default.])
AH_TEMPLATE(FQDN, [Define to 1 if you want to require fully qualified hosts in sudoers.])
AH_TEMPLATE(GOONS_INSULTS, [Define to 1 if you want insults from the "Goon Show".])
AH_TEMPLATE(HAL_INSULTS, [Define to 1 if you want 2001-like insults.])
@@ -2895,6 +2973,7 @@
AH_TEMPLATE(SHELL_IF_NO_ARGS, [Define to 1 if you want sudo to start a shell if given no arguments.])
AH_TEMPLATE(SHELL_SETS_HOME, [Define to 1 if you want sudo to set $HOME in shell mode.])
AH_TEMPLATE(STUB_LOAD_INTERFACES, [Define to 1 if the code in interfaces.c does not compile for you.])
+AH_TEMPLATE(UMASK_OVERRIDE, [Define to 1 to use the umask specified in sudoers even when it is less restrictive than the invoking user's.])
AH_TEMPLATE(USE_ADMIN_FLAG, [Define to 1 if you want to create ~/.sudo_as_admin_successful if the user is in the admin group the first time they run sudo.])
AH_TEMPLATE(USE_INSULTS, [Define to 1 if you want to insult the user for entering an incorrect password.])
AH_TEMPLATE(USE_STOW, [Define to 1 if you use GNU stow packaging.])
Modified: trunk/contrib/sudo/def_data.c
===================================================================
--- trunk/contrib/sudo/def_data.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/def_data.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -331,6 +331,10 @@
"Always run commands in a pseudo-tty",
NULL,
}, {
+ "iolog_dir", T_STR|T_PATH,
+ "Directory in which to store input/output logs",
+ NULL,
+ }, {
NULL, 0, NULL
}
};
Modified: trunk/contrib/sudo/def_data.h
===================================================================
--- trunk/contrib/sudo/def_data.h 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/def_data.h 2014-10-02 03:20:49 UTC (rev 6803)
@@ -152,6 +152,8 @@
#define I_COMPRESS_IO 75
#define def_use_pty (sudo_defs_table[76].sd_un.flag)
#define I_USE_PTY 76
+#define def_iolog_dir (sudo_defs_table[77].sd_un.str)
+#define I_IOLOG_DIR 77
enum def_tupple {
never,
Modified: trunk/contrib/sudo/def_data.in
===================================================================
--- trunk/contrib/sudo/def_data.in 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/def_data.in 2014-10-02 03:20:49 UTC (rev 6803)
@@ -244,3 +244,6 @@
use_pty
T_FLAG
"Always run commands in a pseudo-tty"
+iolog_dir
+ T_STR|T_PATH
+ "Directory in which to store input/output logs"
Modified: trunk/contrib/sudo/defaults.c
===================================================================
--- trunk/contrib/sudo/defaults.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/defaults.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -229,7 +229,7 @@
}
if (!cur->name) {
warningx("unknown defaults entry `%s'", var);
- return(FALSE);
+ return FALSE;
}
switch (cur->type & T_MASK) {
@@ -239,7 +239,7 @@
warningx("value `%s' is invalid for option `%s'", val, var);
else
warningx("no value specified for `%s'", var);
- return(FALSE);
+ return FALSE;
}
break;
case T_LOGPRI:
@@ -248,7 +248,7 @@
warningx("value `%s' is invalid for option `%s'", val, var);
else
warningx("no value specified for `%s'", var);
- return(FALSE);
+ return FALSE;
}
break;
case T_STR:
@@ -256,16 +256,16 @@
/* Check for bogus boolean usage or lack of a value. */
if (!ISSET(cur->type, T_BOOL) || op != FALSE) {
warningx("no value specified for `%s'", var);
- return(FALSE);
+ return FALSE;
}
}
if (ISSET(cur->type, T_PATH) && val && *val != '/') {
warningx("values for `%s' must start with a '/'", var);
- return(FALSE);
+ return FALSE;
}
if (!store_str(val, cur, op)) {
warningx("value `%s' is invalid for option `%s'", val, var);
- return(FALSE);
+ return FALSE;
}
break;
case T_INT:
@@ -273,12 +273,12 @@
/* Check for bogus boolean usage or lack of a value. */
if (!ISSET(cur->type, T_BOOL) || op != FALSE) {
warningx("no value specified for `%s'", var);
- return(FALSE);
+ return FALSE;
}
}
if (!store_int(val, cur, op)) {
warningx("value `%s' is invalid for option `%s'", val, var);
- return(FALSE);
+ return FALSE;
}
break;
case T_UINT:
@@ -286,12 +286,12 @@
/* Check for bogus boolean usage or lack of a value. */
if (!ISSET(cur->type, T_BOOL) || op != FALSE) {
warningx("no value specified for `%s'", var);
- return(FALSE);
+ return FALSE;
}
}
if (!store_uint(val, cur, op)) {
warningx("value `%s' is invalid for option `%s'", val, var);
- return(FALSE);
+ return FALSE;
}
break;
case T_FLOAT:
@@ -299,12 +299,12 @@
/* Check for bogus boolean usage or lack of a value. */
if (!ISSET(cur->type, T_BOOL) || op != FALSE) {
warningx("no value specified for `%s'", var);
- return(FALSE);
+ return FALSE;
}
}
if (!store_float(val, cur, op)) {
warningx("value `%s' is invalid for option `%s'", val, var);
- return(FALSE);
+ return FALSE;
}
break;
case T_MODE:
@@ -312,18 +312,18 @@
/* Check for bogus boolean usage or lack of a value. */
if (!ISSET(cur->type, T_BOOL) || op != FALSE) {
warningx("no value specified for `%s'", var);
- return(FALSE);
+ return FALSE;
}
}
if (!store_mode(val, cur, op)) {
warningx("value `%s' is invalid for option `%s'", val, var);
- return(FALSE);
+ return FALSE;
}
break;
case T_FLAG:
if (val) {
warningx("option `%s' does not take a value", var);
- return(FALSE);
+ return FALSE;
}
cur->sd_un.flag = op;
break;
@@ -332,27 +332,27 @@
/* Check for bogus boolean usage or lack of a value. */
if (!ISSET(cur->type, T_BOOL) || op != FALSE) {
warningx("no value specified for `%s'", var);
- return(FALSE);
+ return FALSE;
}
}
if (!store_list(val, cur, op)) {
warningx("value `%s' is invalid for option `%s'", val, var);
- return(FALSE);
+ return FALSE;
}
break;
case T_TUPLE:
if (!val && !ISSET(cur->type, T_BOOL)) {
warningx("no value specified for `%s'", var);
- return(FALSE);
+ return FALSE;
}
if (!store_tuple(val, cur, op)) {
warningx("value `%s' is invalid for option `%s'", val, var);
- return(FALSE);
+ return FALSE;
}
break;
}
- return(TRUE);
+ return TRUE;
}
/*
@@ -433,11 +433,15 @@
#ifdef ENV_EDITOR
def_env_editor = TRUE;
#endif
+#ifdef UMASK_OVERRIDE
+ def_umask_override = TRUE;
+#endif
#ifdef _PATH_SUDO_ASKPASS
def_askpass = estrdup(_PATH_SUDO_ASKPASS);
#endif
+ def_iolog_dir = estrdup(_PATH_SUDO_IO_LOGDIR);
def_sudoers_locale = estrdup("C");
- def_env_reset = TRUE;
+ def_env_reset = ENV_RESET;
def_set_logname = TRUE;
def_closefrom = STDERR_FILENO + 1;
@@ -543,7 +547,7 @@
break;
}
}
- return(rc);
+ return rc;
}
static int
@@ -560,13 +564,13 @@
} else {
l = strtol(val, &endp, 10);
if (*endp != '\0')
- return(FALSE);
+ return FALSE;
/* XXX - should check against INT_MAX */
def->sd_un.ival = (int)l;
}
if (def->callback)
- return(def->callback(val));
- return(TRUE);
+ return def->callback(val);
+ return TRUE;
}
static int
@@ -583,13 +587,13 @@
} else {
l = strtol(val, &endp, 10);
if (*endp != '\0' || l < 0)
- return(FALSE);
+ return FALSE;
/* XXX - should check against INT_MAX */
def->sd_un.ival = (unsigned int)l;
}
if (def->callback)
- return(def->callback(val));
- return(TRUE);
+ return def->callback(val);
+ return TRUE;
}
static int
@@ -606,13 +610,13 @@
} else {
d = strtod(val, &endp);
if (*endp != '\0')
- return(FALSE);
+ return FALSE;
/* XXX - should check against HUGE_VAL */
def->sd_un.fval = d;
}
if (def->callback)
- return(def->callback(val));
- return(TRUE);
+ return def->callback(val);
+ return TRUE;
}
static int
@@ -640,11 +644,11 @@
}
}
if (v->sval == NULL)
- return(FALSE);
+ return FALSE;
}
if (def->callback)
- return(def->callback(val));
- return(TRUE);
+ return def->callback(val);
+ return TRUE;
}
static int
@@ -660,8 +664,8 @@
else
def->sd_un.str = estrdup(val);
if (def->callback)
- return(def->callback(val));
- return(TRUE);
+ return def->callback(val);
+ return TRUE;
}
static int
@@ -681,18 +685,18 @@
end = str;
do {
/* Remove leading blanks, if nothing but blanks we are done. */
- for (start = end; isblank(*start); start++)
+ for (start = end; isblank((unsigned char)*start); start++)
;
if (*start == '\0')
break;
/* Find end position and perform operation. */
- for (end = start; *end && !isblank(*end); end++)
+ for (end = start; *end && !isblank((unsigned char)*end); end++)
;
list_op(start, end - start, def, op == '-' ? delete : add);
} while (*end++ != '\0');
}
- return(TRUE);
+ return TRUE;
}
static int
@@ -705,21 +709,21 @@
if (op == FALSE) {
def->sd_un.ival = FALSE;
- return(TRUE);
+ return TRUE;
}
#ifdef LOG_NFACILITIES
if (!val)
- return(FALSE);
+ return FALSE;
for (fac = facilities; fac->name && strcmp(val, fac->name); fac++)
;
if (fac->name == NULL)
- return(FALSE); /* not found */
+ return FALSE; /* not found */
def->sd_un.ival = fac->num;
#else
def->sd_un.ival = -1;
#endif /* LOG_NFACILITIES */
- return(TRUE);
+ return TRUE;
}
static const char *
@@ -731,9 +735,9 @@
for (fac = facilities; fac->name && fac->num != n; fac++)
;
- return(fac->name);
+ return fac->name;
#else
- return("default");
+ return "default";
#endif /* LOG_NFACILITIES */
}
@@ -746,15 +750,15 @@
struct strmap *pri;
if (op == FALSE || !val)
- return(FALSE);
+ return FALSE;
for (pri = priorities; pri->name && strcmp(val, pri->name); pri++)
;
if (pri->name == NULL)
- return(FALSE); /* not found */
+ return FALSE; /* not found */
def->sd_un.ival = pri->num;
- return(TRUE);
+ return TRUE;
}
static const char *
@@ -765,7 +769,7 @@
for (pri = priorities; pri->name && pri->num != n; pri++)
;
- return(pri->name);
+ return pri->name;
}
static int
@@ -782,12 +786,12 @@
} else {
l = strtol(val, &endp, 8);
if (*endp != '\0' || l < 0 || l > 0777)
- return(FALSE);
+ return FALSE;
def->sd_un.mode = (mode_t)l;
}
if (def->callback)
- return(def->callback(val));
- return(TRUE);
+ return def->callback(val);
+ return TRUE;
}
static void
Modified: trunk/contrib/sudo/env.c
===================================================================
--- trunk/contrib/sudo/env.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/env.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -205,6 +205,9 @@
"TZ",
"XAUTHORITY",
"XAUTHORIZATION",
+#ifdef _AIX
+ "ODMDIR",
+#endif
NULL
};
@@ -311,7 +314,7 @@
if (!var || *var == '\0') {
errno = EINVAL;
- return(-1);
+ return -1;
}
if (env.envp == NULL)
@@ -344,7 +347,7 @@
errorx(1, "setenv: corrupted envp, len mismatch");
#endif
sudo_putenv(estring, TRUE, overwrite);
- return(0);
+ return 0;
}
/*
@@ -366,7 +369,7 @@
#ifdef UNSETENV_VOID
return;
#else
- return(-1);
+ return -1;
#endif
}
@@ -392,7 +395,7 @@
}
env.env_len = ep - env.envp;
#ifndef UNSETENV_VOID
- return(0);
+ return 0;
#endif
}
@@ -412,7 +415,7 @@
if (strchr(string, '=') == NULL) {
errno = EINVAL;
- return(-1);
+ return -1;
}
#ifdef ENV_DEBUG
if (env.envp[env.env_len] != NULL)
@@ -419,7 +422,7 @@
errorx(1, "putenv: corrupted envp, len mismatch");
#endif
sudo_putenv((char *)string, TRUE, TRUE);
- return(0);
+ return 0;
}
/*
@@ -520,7 +523,7 @@
break;
}
}
- return(match);
+ return match;
}
/*
@@ -550,7 +553,7 @@
break;
}
}
- return(keepit);
+ return keepit;
}
/*
@@ -579,7 +582,7 @@
break;
}
}
- return(keepit);
+ return keepit;
}
/*
@@ -608,10 +611,16 @@
#ifdef ENV_DEBUG
memset(env.envp, 0, env.env_size * sizeof(char *));
#endif
+
+ /* Reset HOME based on target user if configured to. */
+ if (ISSET(sudo_mode, MODE_RUN)) {
+ if (def_always_set_home ||
+ ISSET(sudo_mode, MODE_RESET_HOME | MODE_LOGIN_SHELL) ||
+ (ISSET(sudo_mode, MODE_SHELL) && def_set_home))
+ reset_home = TRUE;
+ }
+
if (def_env_reset || ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
- /* Reset HOME based on target user unless keeping old value. */
- reset_home = TRUE;
-
/* Pull in vars we want to keep from the old environment. */
for (ep = old_envp; *ep; ep++) {
int keepit;
@@ -696,6 +705,11 @@
if (!ISSET(didvar, DID_USERNAME))
sudo_setenv("USERNAME", user_name, FALSE);
}
+
+ /* If we didn't keep HOME, reset it based on target user. */
+ if (!ISSET(didvar, KEPT_HOME))
+ reset_home = TRUE;
+
/*
* Set MAIL to target user in -i mode or if MAIL is not preserved
* from user's environment.
@@ -709,13 +723,6 @@
sudo_putenv(cp, ISSET(didvar, DID_MAIL), TRUE);
}
} else {
- /* Reset HOME based on target user if configured to. */
- if (ISSET(sudo_mode, MODE_RUN)) {
- if (def_always_set_home || ISSET(sudo_mode, MODE_RESET_HOME) ||
- (ISSET(sudo_mode, MODE_SHELL) && def_set_home))
- reset_home = TRUE;
- }
-
/*
* Copy environ entries as long as they don't match env_delete or
* env_check.
@@ -765,7 +772,7 @@
}
/* Set $HOME to target user if not preserving user's value. */
- if (reset_home && !ISSET(didvar, KEPT_HOME))
+ if (reset_home)
sudo_setenv("HOME", runas_pw->pw_dir, TRUE);
/* Provide default values for $TERM and $PATH if they are not set. */
@@ -813,9 +820,9 @@
/* Add the SUDO_USER, SUDO_UID, SUDO_GID environment variables. */
sudo_setenv("SUDO_USER", user_name, TRUE);
- snprintf(idbuf, sizeof(idbuf), "%lu", (unsigned long) user_uid);
+ snprintf(idbuf, sizeof(idbuf), "%u", (unsigned int) user_uid);
sudo_setenv("SUDO_UID", idbuf, TRUE);
- snprintf(idbuf, sizeof(idbuf), "%lu", (unsigned long) user_gid);
+ snprintf(idbuf, sizeof(idbuf), "%u", (unsigned int) user_gid);
sudo_setenv("SUDO_GID", idbuf, TRUE);
/* Free old environment. */
Modified: trunk/contrib/sudo/error.c
===================================================================
--- trunk/contrib/sudo/error.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/error.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -14,13 +14,16 @@
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
+#include <config.h>
+
+#include <sys/types.h>
+
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
-#include <config.h>
-#include <compat.h>
+#include "missing.h"
#include "error.h"
static void _warning __P((int, const char *, va_list));
Modified: trunk/contrib/sudo/exec.c
===================================================================
--- trunk/contrib/sudo/exec.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/exec.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -18,6 +18,9 @@
#include <sys/types.h>
#include <sys/param.h>
+#ifdef HAVE_SYS_SYSMACROS_H
+# include <sys/sysmacros.h>
+#endif
#include <sys/socket.h>
#include <sys/stat.h>
#include <sys/time.h>
@@ -65,10 +68,25 @@
#include "sudo.h"
#include "sudo_exec.h"
-/* shared with exec_pty.c */
-sig_atomic_t recvsig[NSIG];
-void handler __P((int s));
+/* Shared with exec_pty.c for use with handler(). */
+int signal_pipe[2];
+#ifdef _PATH_SUDO_IO_LOGDIR
+/* We keep a tailq of signals to forward to child. */
+struct sigforward {
+ struct sigforward *prev, *next;
+ int signo;
+};
+TQ_DECLARE(sigforward)
+static struct sigforward_list sigfwd_list;
+static void forward_signals __P((int fd));
+static void schedule_signal __P((int signo));
+static int log_io;
+#endif /* _PATH_SUDO_IO_LOGDIR */
+
+static int handle_signals __P((int fd, pid_t child,
+ struct command_status *cstat));
+
/*
* Like execve(2) but falls back to running through /bin/sh
* ala execvp(3) if we get ENOEXEC.
@@ -102,7 +120,7 @@
{
struct command_status cstat;
sigaction_t sa;
- int pid;
+ pid_t child;
zero_bytes(&sa, sizeof(sa));
sigemptyset(&sa.sa_mask);
@@ -110,8 +128,8 @@
sa.sa_handler = handler;
sigaction(SIGCONT, &sa, NULL);
- pid = fork();
- switch (pid) {
+ child = fork();
+ switch (child) {
case -1:
error(1, "fork");
break;
@@ -118,7 +136,10 @@
case 0:
/* child */
close(sv[0]);
+ close(signal_pipe[0]);
+ close(signal_pipe[1]);
fcntl(sv[1], F_SETFD, FD_CLOEXEC);
+ restore_signals();
if (exec_setup(rbac_enabled, user_ttypath, -1) == TRUE) {
/* headed for execve() */
closefrom(def_closefrom);
@@ -134,10 +155,54 @@
send(sv[1], &cstat, sizeof(cstat), 0);
_exit(1);
}
- return pid;
+ return child;
}
+static struct signal_state {
+ int signo;
+ sigaction_t sa;
+} saved_signals[] = {
+ { SIGALRM },
+ { SIGCHLD },
+ { SIGCONT },
+ { SIGHUP },
+ { SIGINT },
+ { SIGPIPE },
+ { SIGQUIT },
+ { SIGTERM },
+ { SIGTSTP },
+ { SIGTTIN },
+ { SIGTTOU },
+ { SIGUSR1 },
+ { SIGUSR2 },
+ { -1 }
+};
+
/*
+ * Save signal handler state so it can be restored before exec.
+ */
+void
+save_signals()
+{
+ struct signal_state *ss;
+
+ for (ss = saved_signals; ss->signo != -1; ss++)
+ sigaction(ss->signo, NULL, &ss->sa);
+}
+
+/*
+ * Restore signal handlers to initial state.
+ */
+void
+restore_signals()
+{
+ struct signal_state *ss;
+
+ for (ss = saved_signals; ss->signo != -1; ss++)
+ sigaction(ss->signo, &ss->sa, NULL);
+}
+
+/*
* Execute a command, potentially in a pty with I/O loggging.
* This is a little bit tricky due to how POSIX job control works and
* we fact that we have two different controlling terminals to deal with.
@@ -152,11 +217,10 @@
int dowait;
int bgmode;
{
+ int maxfd, n, nready, sv[2];
+ int rbac_enabled = 0;
+ fd_set *fdsr, *fdsw;
sigaction_t sa;
- fd_set *fdsr, *fdsw;
- int maxfd, n, nready, status, sv[2];
- int rbac_enabled = 0;
- int log_io;
pid_t child;
/* If running in background mode, fork and exit. */
@@ -200,7 +264,7 @@
my_execve(path, argv, envp);
cstat->type = CMD_ERRNO;
cstat->val = errno;
- return(127);
+ return 127;
}
/*
@@ -207,15 +271,26 @@
* We communicate with the child over a bi-directional pair of sockets.
* Parent sends signal info to child and child sends back wait status.
*/
- if (socketpair(PF_UNIX, SOCK_DGRAM, 0, sv) != 0)
+ if (socketpair(PF_UNIX, SOCK_DGRAM, 0, sv) == -1)
error(1, "cannot create sockets");
+ /*
+ * We use a pipe to atomically handle signal notification within
+ * the select() loop.
+ */
+ if (pipe_nonblock(signal_pipe) != 0)
+ error(1, "cannot create pipe");
+
zero_bytes(&sa, sizeof(sa));
sigemptyset(&sa.sa_mask);
- /* Note: HP-UX select() will not be interrupted if SA_RESTART set */
+ /*
+ * Signals for forward to the child process (excluding SIGCHLD).
+ * Note: HP-UX select() will not be interrupted if SA_RESTART set.
+ */
sa.sa_flags = SA_INTERRUPT; /* do not restart syscalls */
sa.sa_handler = handler;
+ sigaction(SIGALRM, &sa, NULL);
sigaction(SIGCHLD, &sa, NULL);
sigaction(SIGHUP, &sa, NULL);
sigaction(SIGINT, &sa, NULL);
@@ -222,9 +297,11 @@
sigaction(SIGPIPE, &sa, NULL);
sigaction(SIGQUIT, &sa, NULL);
sigaction(SIGTERM, &sa, NULL);
+ sigaction(SIGUSR1, &sa, NULL);
+ sigaction(SIGUSR2, &sa, NULL);
/* Max fd we will be selecting on. */
- maxfd = sv[0];
+ maxfd = MAX(sv[0], signal_pipe[0]);
/*
* Child will run the command in the pty, parent will pass data
@@ -253,60 +330,17 @@
fdsr = (fd_set *)emalloc2(howmany(maxfd + 1, NFDBITS), sizeof(fd_mask));
fdsw = (fd_set *)emalloc2(howmany(maxfd + 1, NFDBITS), sizeof(fd_mask));
for (;;) {
- if (recvsig[SIGCHLD]) {
- pid_t pid;
-
- /*
- * If logging I/O, child is the intermediate process,
- * otherwise it is the command itself.
- */
- recvsig[SIGCHLD] = FALSE;
- do {
-#ifdef sudo_waitpid
- pid = sudo_waitpid(child, &status, WUNTRACED|WNOHANG);
-#else
- pid = wait(&status);
-#endif
- } while (pid == -1 && errno == EINTR);
- if (pid == child) {
- /* If not logging I/O and child has exited we are done. */
- if (!log_io) {
- if (WIFSTOPPED(status)) {
- /* Child may not have privs to suspend us itself. */
- kill(getpid(), WSTOPSIG(status));
- } else {
- /* Child has exited, we are done. */
- cstat->type = CMD_WSTATUS;
- cstat->val = status;
- return 0;
- }
- }
- /* Else we get ECONNRESET on sv[0] if child dies. */
- }
- }
-
zero_bytes(fdsw, howmany(maxfd + 1, NFDBITS) * sizeof(fd_mask));
zero_bytes(fdsr, howmany(maxfd + 1, NFDBITS) * sizeof(fd_mask));
+ FD_SET(signal_pipe[0], fdsr);
FD_SET(sv[0], fdsr);
#ifdef _PATH_SUDO_IO_LOGDIR
+ if (!tq_empty(&sigfwd_list))
+ FD_SET(sv[0], fdsw);
if (log_io)
fd_set_iobs(fdsr, fdsw); /* XXX - better name */
#endif
- for (n = 0; n < NSIG; n++) {
- if (recvsig[n] && n != SIGCHLD) {
- if (log_io) {
- FD_SET(sv[0], fdsw);
- break;
- } else {
- /* nothing listening on sv[0], send directly */
- kill(child, n);
- }
- }
- }
-
- if (recvsig[SIGCHLD])
- continue;
nready = select(maxfd + 1, fdsr, fdsw, NULL, NULL);
if (nready == -1) {
if (errno == EINTR)
@@ -313,6 +347,26 @@
continue;
error(1, "select failed");
}
+#ifdef _PATH_SUDO_IO_LOGDIR
+ if (FD_ISSET(sv[0], fdsw)) {
+ forward_signals(sv[0]);
+ }
+#endif /* _PATH_SUDO_IO_LOGDIR */
+ if (FD_ISSET(signal_pipe[0], fdsr)) {
+ n = handle_signals(signal_pipe[0], child, cstat);
+ if (n == 0) {
+ /* Child has exited, cstat is set, we are done. */
+ goto done;
+ }
+ if (n == -1) {
+ if (errno == EAGAIN || errno == EINTR)
+ continue;
+ /* Error reading signal_pipe[0], should not happen. */
+ break;
+ }
+ /* Restart event loop so signals get sent to child immediately. */
+ continue;
+ }
if (FD_ISSET(sv[0], fdsr)) {
/* read child status */
n = recv(sv[0], cstat, sizeof(*cstat), 0);
@@ -319,6 +373,7 @@
if (n == -1) {
if (errno == EINTR)
continue;
+#ifdef _PATH_SUDO_IO_LOGDIR
/*
* If not logging I/O we will receive ECONNRESET when
* the command is executed. It is safe to ignore this.
@@ -328,6 +383,7 @@
cstat->val = errno;
break;
}
+#endif
}
#ifdef _PATH_SUDO_IO_LOGDIR /* XXX */
if (cstat->type == CMD_WSTATUS) {
@@ -334,7 +390,7 @@
if (WIFSTOPPED(cstat->val)) {
/* Suspend parent and tell child how to resume on return. */
n = suspend_parent(WSTOPSIG(cstat->val));
- recvsig[n] = TRUE;
+ schedule_signal(n);
continue;
} else {
/* Child exited or was killed, either way we are done. */
@@ -349,25 +405,12 @@
}
#ifdef _PATH_SUDO_IO_LOGDIR
- /* XXX - move this too */
- if (FD_ISSET(sv[0], fdsw)) {
- for (n = 0; n < NSIG; n++) {
- if (!recvsig[n])
- continue;
- recvsig[n] = FALSE;
- cstat->type = CMD_SIGNO;
- cstat->val = n;
- do {
- n = send(sv[0], cstat, sizeof(*cstat), 0);
- } while (n == -1 && errno == EINTR);
- if (n != sizeof(*cstat)) {
- recvsig[n] = TRUE;
- break;
- }
- }
+ if (perform_io(fdsr, fdsw, cstat) != 0) {
+ /* I/O error, kill child if still alive and finish. */
+ schedule_signal(SIGKILL);
+ forward_signals(sv[0]);
+ break;
}
- if (perform_io(fdsr, fdsw, cstat) != 0)
- break;
#endif /* _PATH_SUDO_IO_LOGDIR */
}
@@ -386,19 +429,205 @@
}
#endif
+done:
efree(fdsr);
efree(fdsw);
+#ifdef _PATH_SUDO_IO_LOGDIR
+ while (!tq_empty(&sigfwd_list)) {
+ struct sigforward *sigfwd = tq_first(&sigfwd_list);
+ tq_remove(&sigfwd_list, sigfwd);
+ efree(sigfwd);
+ }
+#endif /* _PATH_SUDO_IO_LOGDIR */
return cstat->type == CMD_ERRNO ? -1 : 0;
}
/*
+ * Read signals on fd written to by handler().
+ * Returns -1 on error (possibly non-fatal), 0 on child exit, else 1.
+ */
+static int
+handle_signals(fd, child, cstat)
+ int fd;
+ pid_t child;
+ struct command_status *cstat;
+{
+ unsigned char signo;
+ ssize_t nread;
+ int status;
+ pid_t pid;
+
+ for (;;) {
+ /* read signal pipe */
+ nread = read(signal_pipe[0], &signo, sizeof(signo));
+ if (nread <= 0) {
+ /* It should not be possible to get EOF but just in case. */
+ if (nread == 0)
+ errno = ECONNRESET;
+ if (errno != EINTR && errno != EAGAIN) {
+ cstat->type = CMD_ERRNO;
+ cstat->val = errno;
+ }
+ return -1;
+ }
+ if (signo == SIGCHLD) {
+ /*
+ * If logging I/O, child is the intermediate process,
+ * otherwise it is the command itself.
+ */
+ do {
+#ifdef sudo_waitpid
+ pid = sudo_waitpid(child, &status, WUNTRACED|WNOHANG);
+#else
+ pid = wait(&status);
+#endif
+ } while (pid == -1 && errno == EINTR);
+ if (pid == child) {
+ /* If not logging I/O and child has exited we are done. */
+#ifdef _PATH_SUDO_IO_LOGDIR
+ if (!log_io)
+#endif
+ {
+ if (WIFSTOPPED(status)) {
+ /* Child may not have privs to suspend us itself. */
+ if (kill(getpid(), WSTOPSIG(status)) != 0)
+ warning("kill(%d, %d)", getpid(), WSTOPSIG(status));
+ } else {
+ /* Child has exited, we are done. */
+ cstat->type = CMD_WSTATUS;
+ cstat->val = status;
+ return 0;
+ }
+ }
+ /* Else we get ECONNRESET on sv[0] if child dies. */
+ }
+ } else {
+#ifdef _PATH_SUDO_IO_LOGDIR
+ if (log_io) {
+ /* Schedule signo to be forwared to the child. */
+ schedule_signal(signo);
+ } else
+#endif
+ {
+#ifdef HAVE_TCSETPGRP
+ if (signo == SIGCONT) {
+ /*
+ * Before continuing the child, make it the foreground
+ * pgrp if possible. Fixes resuming a shell.
+ */
+ int fd = open(_PATH_TTY, O_RDWR|O_NOCTTY, 0);
+ if (fd != -1) {
+ if (tcgetpgrp(fd) == getpgrp())
+ (void)tcsetpgrp(fd, child);
+ close(fd);
+ }
+ }
+#endif
+ /* Nothing listening on sv[0], send directly. */
+ if (kill(child, signo) != 0)
+ warning("kill(%d, %d)", child, signo);
+ }
+ }
+ }
+ return 1;
+}
+
+#ifdef _PATH_SUDO_IO_LOGDIR
+/*
+ * Forward signals in sigfwd_list to child listening on fd.
+ */
+static void
+forward_signals(sock)
+ int sock;
+{
+ struct sigforward *sigfwd;
+ struct command_status cstat;
+ ssize_t nsent;
+
+ while (!tq_empty(&sigfwd_list)) {
+ sigfwd = tq_first(&sigfwd_list);
+ cstat.type = CMD_SIGNO;
+ cstat.val = sigfwd->signo;
+ do {
+ nsent = send(sock, &cstat, sizeof(cstat), 0);
+ } while (nsent == -1 && errno == EINTR);
+ tq_remove(&sigfwd_list, sigfwd);
+ efree(sigfwd);
+ if (nsent != sizeof(cstat)) {
+ if (errno == EPIPE) {
+ /* Other end of socket gone, empty out sigfwd_list. */
+ while (!tq_empty(&sigfwd_list)) {
+ sigfwd = tq_first(&sigfwd_list);
+ tq_remove(&sigfwd_list, sigfwd);
+ efree(sigfwd);
+ }
+ }
+ break;
+ }
+ }
+}
+
+/*
+ * Schedule a signal to be forwared.
+ */
+static void
+schedule_signal(signo)
+ int signo;
+{
+ struct sigforward *sigfwd;
+
+ sigfwd = emalloc(sizeof(*sigfwd));
+ sigfwd->prev = sigfwd;
+ sigfwd->next = NULL;
+ sigfwd->signo = signo;
+ tq_append(&sigfwd_list, sigfwd);
+}
+#endif /* _PATH_SUDO_IO_LOGDIR */
+
+/*
* Generic handler for signals passed from parent -> child.
- * The recvsig[] array is checked in the main event loop.
+ * The other end of signal_pipe is checked in the main event loop.
*/
-void
+RETSIGTYPE
handler(s)
int s;
{
- recvsig[s] = TRUE;
+ unsigned char signo = (unsigned char)s;
+
+ /*
+ * The pipe is non-blocking, if we overflow the kernel's pipe
+ * buffer we drop the signal. This is not a problem in practice.
+ */
+ if (write(signal_pipe[1], &signo, sizeof(signo)) == -1)
+ /* shut up glibc */;
}
+
+/*
+ * Open a pipe and make both ends non-blocking.
+ * Returns 0 on success and -1 on error.
+ */
+int
+pipe_nonblock(fds)
+ int fds[2];
+{
+ int flags, rval;
+
+ rval = pipe(fds);
+ if (rval != -1) {
+ flags = fcntl(fds[0], F_GETFL, 0);
+ if (flags != -1 && !ISSET(flags, O_NONBLOCK))
+ rval = fcntl(fds[0], F_SETFL, flags | O_NONBLOCK);
+ if (rval != -1) {
+ flags = fcntl(fds[1], F_GETFL, 0);
+ if (flags != -1 && !ISSET(flags, O_NONBLOCK))
+ rval = fcntl(fds[1], F_SETFL, flags | O_NONBLOCK);
+ }
+ if (rval == -1) {
+ close(fds[0]);
+ close(fds[1]);
+ }
+ }
+
+ return rval;
+}
Modified: trunk/contrib/sudo/exec_pty.c
===================================================================
--- trunk/contrib/sudo/exec_pty.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/exec_pty.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -18,6 +18,9 @@
#include <sys/types.h>
#include <sys/param.h>
+#ifdef HAVE_SYS_SYSMACROS_H
+# include <sys/sysmacros.h>
+#endif
#include <sys/socket.h>
#include <sys/time.h>
#include <sys/wait.h>
@@ -72,11 +75,10 @@
#define TERM_RAW 1
/* Compatibility with older tty systems. */
-#if !defined(TIOCGSIZE) && defined(TIOCGWINSZ)
-# define TIOCGSIZE TIOCGWINSZ
-# define TIOCSSIZE TIOCSWINSZ
-# define ttysize winsize
-# define ts_cols ws_col
+#if !defined(TIOCGWINSZ) && defined(TIOCGSIZE)
+# define TIOCGWINSZ TIOCGSIZE
+# define TIOCSWINSZ TIOCSSIZE
+# define winsize ttysize
#endif
struct io_buffer {
@@ -103,7 +105,7 @@
char *envp[], int, int));
static void exec_pty __P((const char *path, char *argv[],
char *envp[], int));
-static void sigwinch __P((int s));
+static RETSIGTYPE sigwinch __P((int s));
static void sync_ttysize __P((int src, int dst));
static void deliver_signal __P((pid_t pid, int signo));
static int safe_close __P((int fd));
@@ -146,7 +148,8 @@
/*
* Suspend sudo if the underlying command is suspended.
- * Returns SIGUSR1 if the child should be resume in foreground else SIGUSR2.
+ * Returns SIGCONT_FG if the child should be resume in the
+ * foreground or SIGCONT_BG if it is a background process.
*/
int
suspend_parent(signo)
@@ -171,7 +174,7 @@
} while (!n && errno == EINTR);
ttymode = TERM_RAW;
}
- rval = SIGUSR1; /* resume child in foreground */
+ rval = SIGCONT_FG; /* resume child in foreground */
break;
}
ttymode = TERM_RAW;
@@ -214,11 +217,11 @@
}
sigaction(signo, &osa, NULL);
- rval = ttymode == TERM_RAW ? SIGUSR1 : SIGUSR2;
+ rval = ttymode == TERM_RAW ? SIGCONT_FG : SIGCONT_BG;
break;
}
- return(rval);
+ return rval;
}
/*
@@ -448,6 +451,8 @@
case 0:
/* child */
close(sv[0]);
+ close(signal_pipe[0]);
+ close(signal_pipe[1]);
fcntl(sv[1], F_SETFD, FD_CLOEXEC);
if (exec_setup(rbac_enabled, slavename, io_fds[SFD_SLAVE]) == TRUE) {
/* Close the other end of the stdin/stdout/stderr pipes and exec. */
@@ -525,10 +530,14 @@
const char *reason = strsignal(signo);
n = io_fds[SFD_USERTTY] != -1 ?
io_fds[SFD_USERTTY] : STDOUT_FILENO;
- write(n, reason, strlen(reason));
- if (WCOREDUMP(cstat->val))
- write(n, " (core dumped)", 14);
- write(n, "\n", 1);
+ if (write(n, reason, strlen(reason)) != -1) {
+ if (WCOREDUMP(cstat->val)) {
+ if (write(n, " (core dumped)", 14) == -1)
+ /* shut up glibc */;
+ }
+ if (write(n, "\n", 1) == -1)
+ /* shut up glibc */;
+ }
}
}
}
@@ -582,37 +591,26 @@
/* Handle signal from parent. */
switch (signo) {
- case SIGKILL:
- _exit(1); /* XXX */
- /* NOTREACHED */
- case SIGPIPE:
- case SIGHUP:
- case SIGTERM:
- case SIGINT:
- case SIGQUIT:
- case SIGTSTP:
- /* relay signal to child */
- killpg(pid, signo);
- break;
- case SIGALRM:
- terminate_child(pid, TRUE);
- break;
- case SIGUSR1:
- /* foreground process, grant it controlling tty. */
+ case SIGCONT_FG:
+ /* Continue in foreground, grant it controlling tty. */
do {
status = tcsetpgrp(io_fds[SFD_SLAVE], pid);
} while (status == -1 && errno == EINTR);
killpg(pid, SIGCONT);
break;
- case SIGUSR2:
- /* background process, I take controlling tty. */
+ case SIGCONT_BG:
+ /* Continue in background, I take controlling tty. */
do {
status = tcsetpgrp(io_fds[SFD_SLAVE], getpid());
} while (status == -1 && errno == EINTR);
killpg(pid, SIGCONT);
break;
+ case SIGKILL:
+ _exit(1); /* XXX */
+ /* NOTREACHED */
default:
- warningx("unexpected signal from child: %d", signo);
+ /* Relay signal to child. */
+ killpg(pid, signo);
break;
}
}
@@ -695,6 +693,7 @@
sigaction_t sa;
int errpipe[2], maxfd, n, status;
int alive = TRUE;
+ unsigned char signo;
/* Close unused fds. */
if (io_fds[SFD_MASTER] != -1)
@@ -702,13 +701,19 @@
if (io_fds[SFD_USERTTY] != -1)
close(io_fds[SFD_USERTTY]);
- /* Reset SIGWINCH and SIGALRM. */
+ /*
+ * We use a pipe to atomically handle signal notification within
+ * the select() loop.
+ */
+ if (pipe_nonblock(signal_pipe) != 0)
+ error(1, "cannot create pipe");
+
+ /* Reset SIGWINCH. */
zero_bytes(&sa, sizeof(sa));
sigemptyset(&sa.sa_mask);
sa.sa_flags = SA_RESTART;
sa.sa_handler = SIG_DFL;
sigaction(SIGWINCH, &sa, NULL);
- sigaction(SIGALRM, &sa, NULL);
/* Ignore any SIGTTIN or SIGTTOU we get. */
sa.sa_handler = SIG_IGN;
@@ -760,14 +765,18 @@
if (child == 0) {
/* We pass errno back to our parent via pipe on exec failure. */
close(backchannel);
+ close(signal_pipe[0]);
+ close(signal_pipe[1]);
close(errpipe[0]);
fcntl(errpipe[1], F_SETFD, FD_CLOEXEC);
+ restore_signals();
/* setup tty and exec command */
exec_pty(path, argv, envp, rbac);
cstat.type = CMD_ERRNO;
cstat.val = errno;
- write(errpipe[1], &cstat, sizeof(cstat));
+ if (write(errpipe[1], &cstat, sizeof(cstat)) == -1)
+ /* shut up glibc */;
_exit(1);
}
close(errpipe[1]);
@@ -792,7 +801,7 @@
}
/* Wait for errno on pipe, signal on backchannel or for SIGCHLD */
- maxfd = MAX(errpipe[0], backchannel);
+ maxfd = MAX(MAX(errpipe[0], signal_pipe[0]), backchannel);
fdsr = (fd_set *)emalloc2(howmany(maxfd + 1, NFDBITS), sizeof(fd_mask));
zero_bytes(fdsr, howmany(maxfd + 1, NFDBITS) * sizeof(fd_mask));
zero_bytes(&cstat, sizeof(cstat));
@@ -799,20 +808,13 @@
tv.tv_sec = 0;
tv.tv_usec = 0;
for (;;) {
- /* Read child status. */
- if (recvsig[SIGCHLD]) {
- recvsig[SIGCHLD] = FALSE;
- alive = handle_sigchld(backchannel, &cstat);
- }
-
/* Check for signal on backchannel or errno on errpipe. */
FD_SET(backchannel, fdsr);
+ FD_SET(signal_pipe[0], fdsr);
if (errpipe[0] != -1)
FD_SET(errpipe[0], fdsr);
- maxfd = MAX(errpipe[0], backchannel);
+ maxfd = MAX(MAX(errpipe[0], signal_pipe[0]), backchannel);
- if (recvsig[SIGCHLD])
- continue;
/* If command exited we just poll, there may be data on errpipe. */
n = select(maxfd + 1, fdsr, NULL, NULL, alive ? NULL : &tv);
if (n <= 0) {
@@ -823,6 +825,24 @@
error(1, "select failed");
}
+ if (FD_ISSET(signal_pipe[0], fdsr)) {
+ n = read(signal_pipe[0], &signo, sizeof(signo));
+ if (n == -1) {
+ if (errno == EINTR || errno == EAGAIN)
+ continue;
+ warning("error reading from signal pipe");
+ goto done;
+ }
+ /*
+ * Handle SIGCHLD specially and deliver other signals
+ * directly to the child.
+ */
+ if (signo == SIGCHLD)
+ alive = handle_sigchld(backchannel, &cstat);
+ else
+ deliver_signal(child, signo);
+ continue;
+ }
if (errpipe[0] != -1 && FD_ISSET(errpipe[0], fdsr)) {
/* read errno or EOF from command pipe */
n = read(errpipe[0], &cstat, sizeof(cstat));
@@ -954,25 +974,8 @@
char *envp[];
int rbac_enabled;
{
- sigaction_t sa;
pid_t self = getpid();
- /* Reset signal handlers. */
- zero_bytes(&sa, sizeof(sa));
- sigemptyset(&sa.sa_mask);
- sa.sa_flags = SA_RESTART;
- sa.sa_handler = SIG_DFL;
- sigaction(SIGHUP, &sa, NULL);
- sigaction(SIGTERM, &sa, NULL);
- sigaction(SIGINT, &sa, NULL);
- sigaction(SIGQUIT, &sa, NULL);
- sigaction(SIGTSTP, &sa, NULL);
- sigaction(SIGTTIN, &sa, NULL);
- sigaction(SIGTTOU, &sa, NULL);
- sigaction(SIGUSR1, &sa, NULL);
- sigaction(SIGUSR2, &sa, NULL);
- sigaction(SIGCHLD, &sa, NULL);
-
/* Set child process group here too to avoid a race. */
setpgid(0, self);
@@ -1015,12 +1018,12 @@
int src;
int dst;
{
-#ifdef TIOCGSIZE
- struct ttysize tsize;
+#ifdef TIOCGWINSZ
+ struct winsize wsize;
pid_t pgrp;
- if (ioctl(src, TIOCGSIZE, &tsize) == 0) {
- ioctl(dst, TIOCSSIZE, &tsize);
+ if (ioctl(src, TIOCGWINSZ, &wsize) == 0) {
+ ioctl(dst, TIOCSWINSZ, &wsize);
if ((pgrp = tcgetpgrp(dst)) != -1)
killpg(pgrp, SIGWINCH);
}
Modified: trunk/contrib/sudo/fileops.c
===================================================================
--- trunk/contrib/sudo/fileops.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/fileops.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -44,7 +44,7 @@
# include <time.h>
#endif
#ifndef HAVE_TIMESPEC
-# include <emul/timespec.h>
+# include "emul/timespec.h"
#endif
#include "sudo.h"
@@ -71,13 +71,13 @@
#if defined(HAVE_FUTIME) || defined(HAVE_FUTIMES)
if (fd != -1)
- return(futimes(fd, tvp ? times : NULL));
+ return futimes(fd, tvp ? times : NULL);
else
#endif
if (path != NULL)
- return(utimes(path, tvp ? times : NULL));
+ return utimes(path, tvp ? times : NULL);
else
- return(-1);
+ return -1;
}
/*
@@ -102,7 +102,7 @@
op = F_ULOCK;
break;
}
- return(lockf(fd, op, 0) == 0);
+ return lockf(fd, op, 0) == 0;
}
#elif HAVE_FLOCK
int
@@ -123,7 +123,7 @@
op = LOCK_UN;
break;
}
- return(flock(fd, op) == 0);
+ return flock(fd, op) == 0;
}
#else
int
@@ -142,9 +142,9 @@
lock.l_whence = SEEK_SET;
func = (lockit == SUDO_LOCK) ? F_SETLKW : F_SETLK;
- return(fcntl(fd, func, &lock) == 0);
+ return fcntl(fd, func, &lock) == 0;
#else
- return(TRUE);
+ return TRUE;
#endif
}
#endif
@@ -170,8 +170,8 @@
len = strlen(buf);
while (len > 0 && isspace((unsigned char)buf[len - 1]))
buf[--len] = '\0';
- for (cp = buf; isblank(*cp); cp++)
+ for (cp = buf; isblank((unsigned char)*cp); cp++)
continue;
}
- return(cp);
+ return cp;
}
Modified: trunk/contrib/sudo/find_path.c
===================================================================
--- trunk/contrib/sudo/find_path.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/find_path.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -78,13 +78,13 @@
strlcpy(command, infile, sizeof(command)); /* paranoia */
if (sudo_goodpath(command, sbp)) {
*outfile = command;
- return(FOUND);
+ return FOUND;
} else
- return(NOT_FOUND);
+ return NOT_FOUND;
}
if (path == NULL)
- return(NOT_FOUND);
+ return NOT_FOUND;
path = estrdup(path);
origpath = path;
@@ -125,12 +125,12 @@
errorx(1, "%s: File name too long", infile);
result = sudo_goodpath(command, sbp);
if (result && ignore_dot)
- return(NOT_FOUND_DOT);
+ return NOT_FOUND_DOT;
}
if (result) {
*outfile = result;
- return(FOUND);
+ return FOUND;
} else
- return(NOT_FOUND);
+ return NOT_FOUND;
}
Modified: trunk/contrib/sudo/fnmatch.c
===================================================================
--- trunk/contrib/sudo/fnmatch.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/fnmatch.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -38,6 +38,8 @@
#include <config.h>
+#include <sys/types.h>
+
#include <stdio.h>
#include <ctype.h>
#ifdef HAVE_STRING_H
@@ -47,7 +49,7 @@
# include <strings.h>
#endif /* HAVE_STRINGS_H */
-#include <compat.h>
+#include "missing.h"
#include "emul/fnmatch.h"
#include "emul/charclass.h"
@@ -78,17 +80,17 @@
switch (c = *pattern++) {
case EOS:
if (ISSET(flags, FNM_LEADING_DIR) && *string == '/')
- return (0);
- return (*string == EOS ? 0 : FNM_NOMATCH);
+ return 0;
+ return *string == EOS ? 0 : FNM_NOMATCH;
case '?':
if (*string == EOS)
- return (FNM_NOMATCH);
+ return FNM_NOMATCH;
if (*string == '/' && ISSET(flags, FNM_PATHNAME))
- return (FNM_NOMATCH);
+ return FNM_NOMATCH;
if (*string == '.' && ISSET(flags, FNM_PERIOD) &&
(string == stringstart ||
(ISSET(flags, FNM_PATHNAME) && *(string - 1) == '/')))
- return (FNM_NOMATCH);
+ return FNM_NOMATCH;
++string;
break;
case '*':
@@ -100,19 +102,19 @@
if (*string == '.' && ISSET(flags, FNM_PERIOD) &&
(string == stringstart ||
(ISSET(flags, FNM_PATHNAME) && *(string - 1) == '/')))
- return (FNM_NOMATCH);
+ return FNM_NOMATCH;
/* Optimize for pattern with * at end or before /. */
if (c == EOS) {
if (ISSET(flags, FNM_PATHNAME))
- return (ISSET(flags, FNM_LEADING_DIR) ||
+ return ISSET(flags, FNM_LEADING_DIR) ||
strchr(string, '/') == NULL ?
- 0 : FNM_NOMATCH);
+ 0 : FNM_NOMATCH;
else
- return (0);
+ return 0;
} else if (c == '/' && ISSET(flags, FNM_PATHNAME)) {
if ((string = strchr(string, '/')) == NULL)
- return (FNM_NOMATCH);
+ return FNM_NOMATCH;
break;
}
@@ -119,21 +121,21 @@
/* General case, use recursion. */
while ((test = *string) != EOS) {
if (!fnmatch(pattern, string, flags & ~FNM_PERIOD))
- return (0);
+ return 0;
if (test == '/' && ISSET(flags, FNM_PATHNAME))
break;
++string;
}
- return (FNM_NOMATCH);
+ return FNM_NOMATCH;
case '[':
if (*string == EOS)
- return (FNM_NOMATCH);
+ return FNM_NOMATCH;
if (*string == '/' && ISSET(flags, FNM_PATHNAME))
- return (FNM_NOMATCH);
+ return FNM_NOMATCH;
if (*string == '.' && ISSET(flags, FNM_PERIOD) &&
(string == stringstart ||
(ISSET(flags, FNM_PATHNAME) && *(string - 1) == '/')))
- return (FNM_NOMATCH);
+ return FNM_NOMATCH;
switch (rangematch(pattern, *string, flags, &newp)) {
case RANGE_ERROR:
@@ -143,7 +145,7 @@
pattern = newp;
break;
case RANGE_NOMATCH:
- return (FNM_NOMATCH);
+ return FNM_NOMATCH;
}
++string;
break;
@@ -160,7 +162,7 @@
if (c != *string && !(ISSET(flags, FNM_CASEFOLD) &&
(tolower((unsigned char)c) ==
tolower((unsigned char)*string))))
- return (FNM_NOMATCH);
+ return FNM_NOMATCH;
++string;
break;
}
@@ -216,9 +218,9 @@
if (c == '\\' && !ISSET(flags, FNM_NOESCAPE))
c = *pattern++;
if (c == EOS)
- return (RANGE_ERROR);
+ return RANGE_ERROR;
if (c == '/' && ISSET(flags, FNM_PATHNAME))
- return (RANGE_NOMATCH);
+ return RANGE_NOMATCH;
if (ISSET(flags, FNM_CASEFOLD))
c = tolower((unsigned char)c);
if (*pattern == '-'
@@ -227,7 +229,7 @@
if (c2 == '\\' && !ISSET(flags, FNM_NOESCAPE))
c2 = *pattern++;
if (c2 == EOS)
- return (RANGE_ERROR);
+ return RANGE_ERROR;
if (ISSET(flags, FNM_CASEFOLD))
c2 = tolower((unsigned char)c2);
if (c <= test && test <= c2)
@@ -237,7 +239,7 @@
} while ((c = *pattern++) != ']');
*newp = (char *)pattern;
- return (ok == negate ? RANGE_NOMATCH : RANGE_MATCH);
+ return ok == negate ? RANGE_NOMATCH : RANGE_MATCH;
}
static int
@@ -258,7 +260,7 @@
if ((colon = strchr(pattern, ':')) == NULL || colon[1] != ']') {
*ep = pattern - 2;
- return(RANGE_ERROR);
+ return RANGE_ERROR;
}
*ep = colon + 2;
len = (size_t)(colon - pattern);
@@ -277,5 +279,5 @@
*ep = colon + strlen(colon);
rval = RANGE_ERROR;
}
- return(rval);
+ return rval;
}
Modified: trunk/contrib/sudo/get_pty.c
===================================================================
--- trunk/contrib/sudo/get_pty.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/get_pty.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -67,13 +67,16 @@
struct group *gr;
gid_t ttygid = -1;
- if ((gr = sudo_getgrnam("tty")) != NULL)
+ if ((gr = sudo_getgrnam("tty")) != NULL) {
ttygid = gr->gr_gid;
+ gr_delref(gr);
+ }
if (openpty(master, slave, name, NULL, NULL) != 0)
- return(0);
- (void) chown(name, ttyuid, ttygid);
- return(1);
+ return 0;
+ if (chown(name, ttyuid, ttygid) != 0)
+ return 0;
+ return 1;
}
#elif defined(HAVE__GETPTY)
@@ -90,15 +93,15 @@
/* IRIX-style dynamic ptys (may fork) */
line = _getpty(master, O_RDWR, S_IRUSR|S_IWUSR|S_IWGRP, 0);
if (line == NULL)
- return (0);
+ return 0;
*slave = open(line, O_RDWR|O_NOCTTY, 0);
if (*slave == -1) {
close(*master);
- return(0);
+ return 0;
}
(void) chown(line, ttyuid, -1);
strlcpy(name, line, namesz);
- return(1);
+ return 1;
}
#elif defined(HAVE_GRANTPT)
# ifndef HAVE_POSIX_OPENPT
@@ -113,7 +116,7 @@
# else
fd = open("/dev/ptmx", oflag);
# endif
- return(fd);
+ return fd;
}
# endif /* HAVE_POSIX_OPENPT */
@@ -129,22 +132,22 @@
*master = posix_openpt(O_RDWR|O_NOCTTY);
if (*master == -1)
- return(0);
+ return 0;
(void) grantpt(*master); /* may fork */
if (unlockpt(*master) != 0) {
close(*master);
- return(0);
+ return 0;
}
line = ptsname(*master);
if (line == NULL) {
close(*master);
- return(0);
+ return 0;
}
*slave = open(line, O_RDWR|O_NOCTTY, 0);
if (*slave == -1) {
close(*master);
- return(0);
+ return 0;
}
# if defined(I_PUSH) && !defined(_AIX)
ioctl(*slave, I_PUSH, "ptem"); /* pseudo tty emulation module */
@@ -152,7 +155,7 @@
# endif
(void) chown(line, ttyuid, -1);
strlcpy(name, line, namesz);
- return(1);
+ return 1;
}
#else /* Old-style BSD ptys */
@@ -181,7 +184,7 @@
*master = open(line, O_RDWR|O_NOCTTY, 0);
if (*master == -1) {
if (errno == ENOENT)
- return(0); /* out of ptys */
+ return 0; /* out of ptys */
continue; /* already in use */
}
line[sizeof("/dev/p") - 2] = 't';
@@ -193,11 +196,11 @@
*slave = open(line, O_RDWR|O_NOCTTY, 0);
if (*slave != -1) {
strlcpy(name, line, namesz);
- return(1); /* success */
+ return 1; /* success */
}
(void) close(*master);
}
}
- return(0);
+ return 0;
}
#endif /* HAVE_OPENPTY */
Modified: trunk/contrib/sudo/getcwd.c
===================================================================
--- trunk/contrib/sudo/getcwd.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/getcwd.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -71,7 +71,7 @@
# endif
#endif
-#include <compat.h>
+#include "missing.h"
#define ISDOT(dp) \
(dp->d_name[0] == '.' && (dp->d_name[1] == '\0' || \
@@ -104,12 +104,12 @@
ptsize = 0;
if (!size) {
errno = EINVAL;
- return (NULL);
+ return NULL;
}
ept = pt + size;
} else {
if ((pt = malloc(ptsize = 1024 - 4)) == NULL)
- return (NULL);
+ return NULL;
ept = pt + ptsize;
}
bpt = ept - 1;
@@ -154,7 +154,7 @@
*/
bcopy(bpt, pt, ept - bpt);
free(up);
- return (pt);
+ return pt;
}
/*
@@ -262,5 +262,5 @@
free(up);
if (dir)
(void)closedir(dir);
- return (NULL);
+ return NULL;
}
Modified: trunk/contrib/sudo/getdate.c
===================================================================
--- trunk/contrib/sudo/getdate.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/getdate.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,3 +1,4 @@
+#include <config.h>
#include <stdlib.h>
#include <string.h>
#define YYBYACC 1
@@ -50,7 +51,7 @@
#endif
#include <ctype.h>
-#include "compat.h"
+#include "missing.h"
#define EPOCH 1970
Modified: trunk/contrib/sudo/getdate.y
===================================================================
--- trunk/contrib/sudo/getdate.y 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/getdate.y 2014-10-02 03:20:49 UTC (rev 6803)
@@ -39,7 +39,7 @@
#endif
#include <ctype.h>
-#include "compat.h"
+#include "missing.h"
#define EPOCH 1970
Modified: trunk/contrib/sudo/getline.c
===================================================================
--- trunk/contrib/sudo/getline.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/getline.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -35,7 +35,7 @@
#endif /* HAVE_STRINGS_H */
#include <limits.h>
-#include "compat.h"
+#include "missing.h"
#include "alloc.h"
#ifndef LINE_MAX
@@ -64,7 +64,7 @@
memcpy(*bufp, buf, len);
(*bufp)[len] = '\0';
}
- return(buf ? len : -1);
+ return buf ? len : -1;
}
#else
ssize_t
@@ -97,6 +97,6 @@
}
*bufp = buf;
*bufsizep = bufsize;
- return(len);
+ return len;
}
#endif
Modified: trunk/contrib/sudo/getprogname.c
===================================================================
--- trunk/contrib/sudo/getprogname.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/getprogname.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -18,11 +18,14 @@
* Materiel Command, USAF, under agreement number F39502-99-1-0512.
*/
+#include <config.h>
+
+#include <sys/types.h>
+
#include <stdio.h>
#include <string.h>
-#include <config.h>
-#include <compat.h>
+#include "missing.h"
const char *
getprogname()
@@ -39,5 +42,5 @@
else
progname = Argv[0];
}
- return(progname);
+ return progname;
}
Modified: trunk/contrib/sudo/getspwuid.c
===================================================================
--- trunk/contrib/sudo/getspwuid.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/getspwuid.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -82,19 +82,18 @@
sudo_getepw(pw)
const struct passwd *pw;
{
- char *epw;
+ char *epw = NULL;
/* If there is a function to check for shadow enabled, use it... */
#ifdef HAVE_ISCOMSEC
if (!iscomsec())
- return(estrdup(pw->pw_passwd));
+ goto done;
#endif /* HAVE_ISCOMSEC */
#ifdef HAVE_ISSECURE
if (!issecure())
- return(estrdup(pw->pw_passwd));
+ goto done;
#endif /* HAVE_ISSECURE */
- epw = NULL;
#ifdef HAVE_GETPRPWNAM
{
struct pr_passwd *spw;
@@ -103,10 +102,8 @@
# ifdef __alpha
crypt_type = spw->ufld.fd_oldcrypt;
# endif /* __alpha */
- epw = estrdup(spw->ufld.fd_encrypt);
+ epw = spw->ufld.fd_encrypt;
}
- if (epw)
- return(epw);
}
#endif /* HAVE_GETPRPWNAM */
#ifdef HAVE_GETSPNAM
@@ -114,9 +111,7 @@
struct spwd *spw;
if ((spw = getspnam(pw->pw_name)) && spw->sp_pwdp)
- epw = estrdup(spw->sp_pwdp);
- if (epw)
- return(epw);
+ epw = spw->sp_pwdp;
}
#endif /* HAVE_GETSPNAM */
#ifdef HAVE_GETSPWUID
@@ -124,9 +119,7 @@
struct s_passwd *spw;
if ((spw = getspwuid(pw->pw_uid)) && spw->pw_passwd)
- epw = estrdup(spw->pw_passwd);
- if (epw)
- return(epw);
+ epw = spw->pw_passwd;
}
#endif /* HAVE_GETSPWUID */
#ifdef HAVE_GETPWANAM
@@ -134,9 +127,7 @@
struct passwd_adjunct *spw;
if ((spw = getpwanam(pw->pw_name)) && spw->pwa_passwd)
- epw = estrdup(spw->pwa_passwd);
- if (epw)
- return(epw);
+ epw = spw->pwa_passwd;
}
#endif /* HAVE_GETPWANAM */
#ifdef HAVE_GETAUTHUID
@@ -144,14 +135,15 @@
AUTHORIZATION *spw;
if ((spw = getauthuid(pw->pw_uid)) && spw->a_password)
- epw = estrdup(spw->a_password);
- if (epw)
- return(epw);
+ epw = spw->a_password;
}
#endif /* HAVE_GETAUTHUID */
- /* Fall back on normal password. */
- return(estrdup(pw->pw_passwd));
+#if defined(HAVE_ISCOMSEC) || defined(HAVE_ISSECURE)
+done:
+#endif
+ /* If no shadow password, fall back on regular password. */
+ return estrdup(epw ? epw : pw->pw_passwd);
}
void
Modified: trunk/contrib/sudo/gettime.c
===================================================================
--- trunk/contrib/sudo/gettime.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/gettime.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -24,7 +24,7 @@
# include <time.h>
#endif
-#include <compat.h>
+#include "missing.h"
/*
* Get the current time via gettimeofday() for systems with
@@ -41,5 +41,5 @@
rval = (int)time(&tv->tv_sec);
tv->tv_usec = 0;
#endif
- return (rval);
+ return rval;
}
Modified: trunk/contrib/sudo/glob.c
===================================================================
--- trunk/contrib/sudo/glob.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/glob.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -95,7 +95,7 @@
#include <limits.h>
#include <pwd.h>
-#include <compat.h>
+#include "missing.h"
#include "emul/glob.h"
#include "emul/charclass.h"
@@ -175,6 +175,7 @@
extern struct passwd *sudo_getpwnam __P((const char *));
extern struct passwd *sudo_getpwuid __P((uid_t));
+extern void pw_delref __P((struct passwd *));
int
glob(pattern, flags, errfunc, pglob)
@@ -367,7 +368,7 @@
size_t patbuf_len;
glob_t *pglob;
{
- struct passwd *pwd;
+ struct passwd *pwd = NULL;
char *h;
const Char *p;
Char *b, *eb;
@@ -413,6 +414,9 @@
continue;
*b = EOS;
+ if (pwd)
+ pw_delref(pwd);
+
return patbuf;
}
@@ -550,7 +554,7 @@
#endif
if ((err = glob1(patbuf, patbuf + PATH_MAX - 1, pglob)) != 0)
- return(err);
+ return err;
/*
* If there was no match we are going to append the pattern
@@ -558,14 +562,14 @@
*/
if (pglob->gl_pathc == oldpathc) {
if (pglob->gl_flags & GLOB_NOCHECK)
- return(globextend(pattern, pglob));
+ return globextend(pattern, pglob);
else
- return(GLOB_NOMATCH);
+ return GLOB_NOMATCH;
}
if (!(pglob->gl_flags & GLOB_NOSORT))
qsort(pglob->gl_pathv + pglob->gl_offs + oldpathc,
pglob->gl_pathc - oldpathc, sizeof(char *), compare);
- return(0);
+ return 0;
}
static int
@@ -572,7 +576,7 @@
compare(p, q)
const void *p, *q;
{
- return(strcmp(*(char **)p, *(char **)q));
+ return strcmp(*(char **)p, *(char **)q);
}
static int
@@ -584,10 +588,10 @@
/* A null pathname is invalid -- POSIX 1003.1 sect. 2.4. */
if (*pattern == EOS)
- return(0);
- return(glob2(pathbuf, pathbuf + PATH_MAX - 1,
+ return 0;
+ return glob2(pathbuf, pathbuf + PATH_MAX - 1,
pathbuf, pathbuf + PATH_MAX - 1,
- pattern, pattern_last, pglob));
+ pattern, pattern_last, pglob);
}
/*
@@ -614,7 +618,7 @@
if (*pattern == EOS) { /* End of pattern? */
*pathend = EOS;
if (g_lstat(pathbuf, &sb, pglob))
- return(0);
+ return 0;
if (((pglob->gl_flags & GLOB_MARK) &&
pathend[-1] != SEP) && (S_ISDIR(sb.st_mode) ||
@@ -622,12 +626,12 @@
(g_stat(pathbuf, &sb, pglob) == 0) &&
S_ISDIR(sb.st_mode)))) {
if (pathend+1 > pathend_last)
- return (1);
+ return 1;
*pathend++ = SEP;
*pathend = EOS;
}
++pglob->gl_matchc;
- return(globextend(pathbuf, pglob));
+ return globextend(pathbuf, pglob);
}
/* Find end of next segment, copy tentatively to pathend. */
@@ -637,7 +641,7 @@
if (ismeta(*p))
anymeta = 1;
if (q+1 > pathend_last)
- return (1);
+ return 1;
*q++ = *p++;
}
@@ -646,14 +650,14 @@
pattern = p;
while (*pattern == SEP) {
if (pathend+1 > pathend_last)
- return (1);
+ return 1;
*pathend++ = *pattern++;
}
} else
/* Need expansion, recurse. */
- return(glob3(pathbuf, pathbuf_last, pathend,
+ return glob3(pathbuf, pathbuf_last, pathend,
pathend_last, pattern, pattern_last,
- p, pattern_last, pglob));
+ p, pattern_last, pglob);
}
/* NOTREACHED */
}
@@ -671,7 +675,7 @@
char buf[PATH_MAX];
if (pathend > pathend_last)
- return (1);
+ return 1;
*pathend = EOS;
errno = 0;
@@ -679,12 +683,12 @@
/* TODO: don't call for ENOENT or ENOTDIR? */
if (pglob->gl_errfunc) {
if (g_Ctoc(pathbuf, buf, sizeof(buf)))
- return(GLOB_ABORTED);
+ return GLOB_ABORTED;
if (pglob->gl_errfunc(buf, errno) ||
pglob->gl_flags & GLOB_ERR)
- return(GLOB_ABORTED);
+ return GLOB_ABORTED;
}
- return(0);
+ return 0;
}
err = 0;
@@ -718,7 +722,7 @@
}
closedir(dirp);
- return(err);
+ return err;
}
/*
@@ -755,7 +759,7 @@
free(pglob->gl_pathv);
pglob->gl_pathv = NULL;
}
- return(GLOB_NOSPACE);
+ return GLOB_NOSPACE;
}
if (pglob->gl_pathv == NULL && pglob->gl_offs > 0) {
@@ -772,13 +776,13 @@
if ((copy = malloc(len)) != NULL) {
if (g_Ctoc(path, copy, len)) {
free(copy);
- return(GLOB_NOSPACE);
+ return GLOB_NOSPACE;
}
pathv[pglob->gl_offs + pglob->gl_pathc++] = copy;
}
pathv[pglob->gl_offs + pglob->gl_pathc] = NULL;
- return(copy == NULL ? GLOB_NOSPACE : 0);
+ return copy == NULL ? GLOB_NOSPACE : 0;
}
/*
@@ -797,20 +801,20 @@
switch (c & M_MASK) {
case M_ALL:
if (pat == patend)
- return(1);
+ return 1;
do {
if (match(name, pat, patend))
- return(1);
+ return 1;
} while (*name++ != EOS);
- return(0);
+ return 0;
case M_ONE:
if (*name++ == EOS)
- return(0);
+ return 0;
break;
case M_SET:
ok = 0;
if ((k = *name++) == EOS)
- return(0);
+ return 0;
if ((negate_range = ((*pat & M_MASK) == M_NOT)) != EOS)
++pat;
while (((c = *pat++) & M_MASK) != M_END) {
@@ -829,15 +833,15 @@
ok = 1;
}
if (ok == negate_range)
- return(0);
+ return 0;
break;
default:
if (*name++ != c)
- return(0);
+ return 0;
break;
}
}
- return(*name == EOS);
+ return *name == EOS;
}
/* Free allocated data belonging to a glob_t structure. */
@@ -870,9 +874,9 @@
buf[1] = '\0';
} else {
if (g_Ctoc(str, buf, sizeof(buf)))
- return(NULL);
+ return NULL;
}
- return(opendir(buf));
+ return opendir(buf);
}
static int
@@ -884,8 +888,8 @@
char buf[PATH_MAX];
if (g_Ctoc(fn, buf, sizeof(buf)))
- return(-1);
- return(lstat(buf, sb));
+ return -1;
+ return lstat(buf, sb);
}
static int
@@ -897,8 +901,8 @@
char buf[PATH_MAX];
if (g_Ctoc(fn, buf, sizeof(buf)))
- return(-1);
- return(stat(buf, sb));
+ return -1;
+ return stat(buf, sb);
}
static Char *
@@ -908,9 +912,9 @@
{
do {
if (*str == ch)
- return ((Char *)str);
+ return (Char *)str;
} while (*str++);
- return (NULL);
+ return NULL;
}
static int
@@ -922,9 +926,9 @@
while (len--) {
if ((*buf++ = *str++) == EOS)
- return (0);
+ return 0;
}
- return (1);
+ return 1;
}
#ifdef DEBUG
Modified: trunk/contrib/sudo/goodpath.c
===================================================================
--- trunk/contrib/sudo/goodpath.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/goodpath.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -50,18 +50,18 @@
/* Check for brain damage */
if (path == NULL || path[0] == '\0')
- return(NULL);
+ return NULL;
if (stat(path, &sb))
- return(NULL);
+ return NULL;
/* Make sure path describes an executable regular file. */
if (!S_ISREG(sb.st_mode) || !(sb.st_mode & 0000111)) {
errno = EACCES;
- return(NULL);
+ return NULL;
}
if (sbp != NULL)
(void) memcpy(sbp, &sb, sizeof(struct stat));
- return((char *)path);
+ return (char *)path;
}
Modified: trunk/contrib/sudo/gram.c
===================================================================
--- trunk/contrib/sudo/gram.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/gram.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,3 +1,4 @@
+#include <config.h>
#include <stdlib.h>
#include <string.h>
#define YYBYACC 1
@@ -650,7 +651,7 @@
d->prev = d;
d->next = NULL;
- return(d);
+ return d;
}
static struct member *
@@ -666,7 +667,7 @@
m->prev = m;
m->next = NULL;
- return(m);
+ return m;
}
/*
Modified: trunk/contrib/sudo/gram.y
===================================================================
--- trunk/contrib/sudo/gram.y 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/gram.y 2014-10-02 03:20:49 UTC (rev 6803)
@@ -620,7 +620,7 @@
d->prev = d;
d->next = NULL;
- return(d);
+ return d;
}
static struct member *
@@ -636,7 +636,7 @@
m->prev = m;
m->next = NULL;
- return(m);
+ return m;
}
/*
Modified: trunk/contrib/sudo/install-sh
===================================================================
--- trunk/contrib/sudo/install-sh 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/install-sh 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,7 +1,7 @@
#! /bin/sh
## (From INN-1.4, written by Rich Salz)
-## $Revision: 1.6 $
+## $Revision$
## A script to install files and directories.
PROGNAME=`basename $0`
Modified: trunk/contrib/sudo/iolog.c
===================================================================
--- trunk/contrib/sudo/iolog.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/iolog.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -89,27 +89,28 @@
{
struct stat sb;
char buf[32], *ep;
- int fd, i, ch;
+ int fd, i;
unsigned long id = 0;
int len;
ssize_t nread;
char pathbuf[PATH_MAX];
+ static const char b36char[] = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
/*
- * Create _PATH_SUDO_IO_LOGDIR if it doesn't already exist.
+ * Create I/O log directory if it doesn't already exist.
*/
- if (stat(_PATH_SUDO_IO_LOGDIR, &sb) != 0) {
- if (mkdir(_PATH_SUDO_IO_LOGDIR, S_IRWXU) != 0)
- log_error(USE_ERRNO, "Can't mkdir %s", _PATH_SUDO_IO_LOGDIR);
+ if (stat(def_iolog_dir, &sb) != 0) {
+ if (mkdir(def_iolog_dir, S_IRWXU) != 0)
+ log_error(USE_ERRNO, "Can't mkdir %s", def_iolog_dir);
} else if (!S_ISDIR(sb.st_mode)) {
log_error(0, "%s exists but is not a directory (0%o)",
- _PATH_SUDO_IO_LOGDIR, (unsigned int) sb.st_mode);
+ def_iolog_dir, (unsigned int) sb.st_mode);
}
/*
* Open sequence file
*/
- len = snprintf(pathbuf, sizeof(pathbuf), "%s/seq", _PATH_SUDO_IO_LOGDIR);
+ len = snprintf(pathbuf, sizeof(pathbuf), "%s/seq", def_iolog_dir);
if (len <= 0 || len >= sizeof(pathbuf)) {
errno = ENAMETOOLONG;
log_error(USE_ERRNO, "%s/seq", pathbuf);
@@ -135,9 +136,8 @@
* Note that that least significant digits go at the end of the string.
*/
for (i = 5; i >= 0; i--) {
- ch = id % 36;
+ buf[i] = b36char[id % 36];
id /= 36;
- buf[i] = ch < 10 ? ch + '0' : ch - 10 + 'A';
}
buf[6] = '\n';
@@ -163,14 +163,14 @@
log_error(0, "tried to build a session id path without a session id");
/*
- * Path is of the form /var/log/sudo-session/00/00/01.
+ * Path is of the form /var/log/sudo-io/00/00/01.
*/
- len = snprintf(pathbuf, pathsize, "%s/%c%c/%c%c/%c%c", _PATH_SUDO_IO_LOGDIR,
+ len = snprintf(pathbuf, pathsize, "%s/%c%c/%c%c/%c%c", def_iolog_dir,
sudo_user.sessid[0], sudo_user.sessid[1], sudo_user.sessid[2],
sudo_user.sessid[3], sudo_user.sessid[4], sudo_user.sessid[5]);
if (len <= 0 && len >= pathsize) {
errno = ENAMETOOLONG;
- log_error(USE_ERRNO, "%s/%s", _PATH_SUDO_IO_LOGDIR, sudo_user.sessid);
+ log_error(USE_ERRNO, "%s/%s", def_iolog_dir, sudo_user.sessid);
}
/*
@@ -187,7 +187,7 @@
pathbuf[len - i] = '/';
}
- return(len);
+ return len;
}
static void *
@@ -227,7 +227,7 @@
/*
* Build a path containing the session id split into two-digit subdirs,
- * so ID 000001 becomes /var/log/sudo-session/00/00/01.
+ * so ID 000001 becomes /var/log/sudo-io/00/00/01.
*/
len = build_idpath(pathbuf, sizeof(pathbuf));
if (len == -1)
Modified: trunk/contrib/sudo/isblank.c
===================================================================
--- trunk/contrib/sudo/isblank.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/isblank.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -15,12 +15,15 @@
*/
#include <config.h>
-#include <compat.h>
+#include <sys/types.h>
+
+#include "missing.h"
+
#undef isblank
int
isblank(ch)
int ch;
{
- return(ch == ' ' || ch == '\t');
+ return ch == ' ' || ch == '\t';
}
Modified: trunk/contrib/sudo/lbuf.c
===================================================================
--- trunk/contrib/sudo/lbuf.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/lbuf.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -31,6 +31,9 @@
# endif
#endif /* STDC_HEADERS */
#ifdef HAVE_STRING_H
+# if defined(HAVE_MEMORY_H) && !defined(STDC_HEADERS)
+# include <memory.h>
+# endif
# include <string.h>
#endif /* HAVE_STRING_H */
#ifdef HAVE_STRINGS_H
@@ -51,10 +54,11 @@
#include "sudo.h"
#include "lbuf.h"
-#if !defined(TIOCGSIZE) && defined(TIOCGWINSZ)
-# define TIOCGSIZE TIOCGWINSZ
-# define ttysize winsize
-# define ts_cols ws_col
+/* Compatibility with older tty systems. */
+#if !defined(TIOCGWINSZ) && defined(TIOCGSIZE)
+# define TIOCGWINSZ TIOCGSIZE
+# define winsize ttysize
+# define ws_col ts_cols
#endif
int
@@ -62,17 +66,17 @@
{
char *p;
int cols;
-#ifdef TIOCGSIZE
- struct ttysize win;
+#ifdef TIOCGWINSZ
+ struct winsize wsize;
- if (ioctl(STDERR_FILENO, TIOCGSIZE, &win) == 0 && win.ts_cols != 0)
- return((int)win.ts_cols);
+ if (ioctl(STDERR_FILENO, TIOCGWINSZ, &wsize) == 0 && wsize.ws_col != 0)
+ return (int)wsize.ws_col;
#endif
/* Fall back on $COLUMNS. */
if ((p = getenv("COLUMNS")) == NULL || (cols = atoi(p)) <= 0)
cols = 80;
- return(cols);
+ return cols;
}
void
@@ -282,8 +286,8 @@
/* For very small widths just give up... */
if (lbuf->cols <= lbuf->indent + contlen + 20) {
+ lbuf->buf[lbuf->len] = '\0';
lbuf->output(lbuf->buf);
- lbuf->output("\n");
goto done;
}
Modified: trunk/contrib/sudo/ldap.c
===================================================================
--- trunk/contrib/sudo/ldap.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/ldap.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003-2010 Todd C. Miller <Todd.Miller at courtesan.com>
+ * Copyright (c) 2003-2011 Todd C. Miller <Todd.Miller at courtesan.com>
*
* This code is derived from software contributed by Aaron Spangler.
*
@@ -37,12 +37,12 @@
#ifdef HAVE_STRINGS_H
# include <strings.h>
#endif /* HAVE_STRINGS_H */
-#if defined(HAVE_MALLOC_H) && !defined(STDC_HEADERS)
-# include <malloc.h>
-#endif /* HAVE_MALLOC_H && !STDC_HEADERS */
#ifdef HAVE_UNISTD_H
# include <unistd.h>
#endif /* HAVE_UNISTD_H */
+#if TIME_WITH_SYS_TIME
+# include <time.h>
+#endif
#include <ctype.h>
#include <pwd.h>
#include <grp.h>
@@ -97,8 +97,13 @@
#endif
#ifndef HAVE_LDAP_SEARCH_EXT_S
-#define ldap_search_ext_s(a, b, c, d, e, f, g, h, i, j, k) \
+# ifdef HAVE_LDAP_SEARCH_ST
+# define ldap_search_ext_s(a, b, c, d, e, f, g, h, i, j, k) \
+ ldap_search_st(a, b, c, d, e, f, i, k)
+# else
+# define ldap_search_ext_s(a, b, c, d, e, f, g, h, i, j, k) \
ldap_search_s(a, b, c, d, e, f, k)
+# endif
#endif
#define LDAP_FOREACH(var, ld, res) \
@@ -116,6 +121,53 @@
#define SUDO_LDAP_SSL 1
#define SUDO_LDAP_STARTTLS 2
+/* The TIMEFILTER_LENGTH includes the filter itself plus the global AND
+ wrapped around the user filter and the time filter when timed entries
+ are used. The length is computed as follows:
+ 85 for the filter
+ + 2 * 13 for the now timestamp
+ + 3 for the global AND
+*/
+#define TIMEFILTER_LENGTH 114
+
+/*
+ * The ldap_search structure implements a linked list of ldap and
+ * search result pointers, which allows us to remove them after
+ * all search results have been combined in memory.
+ * XXX - should probably be a tailq since we do appends
+ */
+struct ldap_search_list {
+ LDAP *ldap;
+ LDAPMessage *searchresult;
+ struct ldap_search_list *next;
+};
+
+/*
+ * The ldap_entry_wrapper structure is used to implement sorted result entries.
+ * A double is used for the order to allow for insertion of new entries
+ * without having to renumber everything.
+ * Note: there is no standard floating point type in LDAP.
+ * As a result, some LDAP servers will only allow an integer.
+ */
+struct ldap_entry_wrapper {
+ LDAPMessage *entry;
+ double order;
+};
+
+/*
+ * The ldap_result structure contains the list of matching searches as
+ * well as an array of all result entries sorted by the sudoOrder attribute.
+ */
+struct ldap_result {
+ struct ldap_search_list *searches;
+ struct ldap_entry_wrapper *entries;
+ int allocated_entries;
+ int nentries;
+ int user_matches;
+ int host_matches;
+};
+#define ALLOCATION_INCREMENT 100
+
struct ldap_config_table {
const char *conf_str; /* config file string */
short type; /* CONF_BOOL, CONF_INT, CONF_STR */
@@ -129,7 +181,7 @@
char val[1];
};
-/* ldap configuration structure */
+/* LDAP configuration structure */
static struct ldap_config {
int port;
int version;
@@ -137,10 +189,12 @@
int ldap_debug;
int tls_checkpeer;
int timelimit;
+ int timeout;
int bind_timelimit;
int use_sasl;
int rootuse_sasl;
int ssl_mode;
+ int timed;
char *host;
struct ldap_config_list_str *uri;
char *binddn;
@@ -213,15 +267,24 @@
#ifdef LDAP_OPT_NETWORK_TIMEOUT
{ "bind_timelimit", CONF_INT, TRUE, -1 /* needs timeval, set manually */,
&ldap_conf.bind_timelimit },
+ { "network_timeout", CONF_INT, TRUE, -1 /* needs timeval, set manually */,
+ &ldap_conf.bind_timelimit },
#elif defined(LDAP_X_OPT_CONNECT_TIMEOUT)
{ "bind_timelimit", CONF_INT, TRUE, LDAP_X_OPT_CONNECT_TIMEOUT,
&ldap_conf.bind_timelimit },
+ { "network_timeout", CONF_INT, TRUE, LDAP_X_OPT_CONNECT_TIMEOUT,
+ &ldap_conf.bind_timelimit },
#endif
{ "timelimit", CONF_INT, TRUE, LDAP_OPT_TIMELIMIT, &ldap_conf.timelimit },
+#ifdef LDAP_OPT_TIMEOUT
+ { "timeout", CONF_INT, TRUE, -1 /* needs timeval, set manually */,
+ &ldap_conf.timeout },
+#endif
{ "binddn", CONF_STR, FALSE, -1, &ldap_conf.binddn },
{ "bindpw", CONF_STR, FALSE, -1, &ldap_conf.bindpw },
{ "rootbinddn", CONF_STR, FALSE, -1, &ldap_conf.rootbinddn },
{ "sudoers_base", CONF_LIST_STR, FALSE, -1, &ldap_conf.base },
+ { "sudoers_timed", CONF_BOOL, FALSE, -1, &ldap_conf.timed },
#ifdef HAVE_LDAP_SASL_INTERACTIVE_BIND_S
{ "use_sasl", CONF_BOOL, FALSE, -1, &ldap_conf.use_sasl },
{ "sasl_auth_id", CONF_STR, FALSE, -1, &ldap_conf.sasl_auth_id },
@@ -250,7 +313,23 @@
struct passwd *pw, struct lbuf *lbuf));
static int sudo_ldap_display_privs __P((struct sudo_nss *nss,
struct passwd *pw, struct lbuf *lbuf));
+static struct ldap_result *sudo_ldap_result_get __P((struct sudo_nss *nss,
+ struct passwd *pw));
+/*
+ * LDAP sudo_nss handle.
+ * We store the connection to the LDAP server, the cached ldap_result object
+ * (if any), and the name of the user the query was performed for.
+ * If a new query is launched with sudo_ldap_result_get() that specifies a
+ * different user, the old cached result is freed before the new query is run.
+ */
+struct sudo_ldap_handle {
+ LDAP *ld;
+ struct ldap_result *result;
+ char *username;
+ GETGROUPS_T *groups;
+};
+
struct sudo_nss sudo_nss_ldap = {
&sudo_nss_ldap,
NULL,
@@ -298,7 +377,7 @@
}
}
- free(ldap_conf.host);
+ efree(ldap_conf.host);
ldap_conf.host = estrdup(hostbuf);
return;
@@ -378,7 +457,7 @@
ldap_conf.ssl_mode = SUDO_LDAP_SSL;
}
- free(ldap_conf.host);
+ efree(ldap_conf.host);
ldap_conf.host = estrdup(hostbuf);
efree(buf);
} while ((uri_list = uri_list->next));
@@ -388,7 +467,7 @@
done:
efree(buf);
- return(rc);
+ return rc;
toobig:
errorx(1, "sudo_ldap_parse_uri: out of space building hostbuf");
@@ -404,7 +483,7 @@
/* Usually just a single entry. */
if (uri_list->next == NULL)
- return(estrdup(uri_list->val));
+ return estrdup(uri_list->val);
for (uri = uri_list; uri != NULL; uri = uri->next) {
len += strlen(uri->val) + 1;
@@ -416,7 +495,7 @@
*cp++ = ' ';
}
cp[-1] = '\0';
- return(buf);
+ return buf;
}
#endif /* HAVE_LDAP_INITIALIZE */
@@ -485,7 +564,7 @@
done:
*ldp = ld;
- return(rc);
+ return rc;
}
/*
@@ -503,12 +582,12 @@
int ret = FALSE;
if (!entry)
- return(ret);
+ return ret;
/* get the values from the entry */
bv = ldap_get_values_len(ld, entry, "sudoUser");
if (bv == NULL)
- return(ret);
+ return ret;
/* walk through values */
for (p = bv; *p != NULL && !ret; p++) {
@@ -517,12 +596,12 @@
if (netgr_matches(val, NULL, NULL, user))
ret = TRUE;
DPRINTF(("ldap sudoUser netgroup '%s' ... %s", val,
- ret ? "MATCH!" : "not"), 2);
+ ret ? "MATCH!" : "not"), 2 + ((ret) ? 0 : 1));
}
ldap_value_free_len(bv); /* cleanup */
- return(ret);
+ return ret;
}
/*
@@ -539,12 +618,12 @@
int ret = FALSE;
if (!entry)
- return(ret);
+ return ret;
/* get the values from the entry */
bv = ldap_get_values_len(ld, entry, "sudoHost");
if (bv == NULL)
- return(ret);
+ return ret;
/* walk through values */
for (p = bv; *p != NULL && !ret; p++) {
@@ -560,7 +639,7 @@
ldap_value_free_len(bv); /* cleanup */
- return(ret);
+ return ret;
}
static int
@@ -573,7 +652,7 @@
int ret = FALSE;
if (!runas_pw)
- return(UNSPEC);
+ return UNSPEC;
/* get the runas user from the entry */
bv = ldap_get_values_len(ld, entry, "sudoRunAsUser");
@@ -602,7 +681,7 @@
* what the user specified on the command line.
*/
if (bv == NULL)
- return(!strcasecmp(runas_pw->pw_name, def_runas_default));
+ return !strcasecmp(runas_pw->pw_name, def_runas_default);
/* walk through values returned, looking for a match */
for (p = bv; *p != NULL && !ret; p++) {
@@ -633,7 +712,7 @@
ldap_value_free_len(bv); /* cleanup */
- return(ret);
+ return ret;
}
static int
@@ -647,12 +726,12 @@
/* runas_gr is only set if the user specified the -g flag */
if (!runas_gr)
- return(UNSPEC);
+ return UNSPEC;
/* get the values from the entry */
bv = ldap_get_values_len(ld, entry, "sudoRunAsGroup");
if (bv == NULL)
- return(ret);
+ return ret;
/* walk through values returned, looking for a match */
for (p = bv; *p != NULL && !ret; p++) {
@@ -665,7 +744,7 @@
ldap_value_free_len(bv); /* cleanup */
- return(ret);
+ return ret;
}
/*
@@ -680,12 +759,12 @@
int ret;
if (!entry)
- return(FALSE);
+ return FALSE;
ret = sudo_ldap_check_runas_user(ld, entry) != FALSE &&
sudo_ldap_check_runas_group(ld, entry) != FALSE;
- return(ret);
+ return ret;
}
/*
@@ -703,11 +782,11 @@
int foundbang, ret = UNSPEC;
if (!entry)
- return(ret);
+ return ret;
bv = ldap_get_values_len(ld, entry, "sudoCommand");
if (bv == NULL)
- return(ret);
+ return ret;
for (p = bv; *p != NULL && ret != FALSE; p++) {
val = (*p)->bv_val;
@@ -750,7 +829,7 @@
ldap_value_free_len(bv); /* more cleanup */
- return(ret);
+ return ret;
}
/*
@@ -768,11 +847,11 @@
int ret = UNSPEC;
if (entry == NULL)
- return(UNSPEC);
+ return UNSPEC;
bv = ldap_get_values_len(ld, entry, "sudoOption");
if (bv == NULL)
- return(ret);
+ return ret;
/* walk through options */
for (p = bv; *p != NULL; p++) {
@@ -787,7 +866,7 @@
ldap_value_free_len(bv);
- return(ret);
+ return ret;
}
/*
@@ -841,15 +920,72 @@
}
/*
- * builds together a filter to check against ldap
+ * Build an LDAP timefilter.
+ *
+ * Stores a filter in the buffer that makes sure only entries
+ * are selected that have a sudoNotBefore in the past and a
+ * sudoNotAfter in the future, i.e. a filter of the following
+ * structure (spaced out a little more for better readability:
+ *
+ * (&
+ * (|
+ * (!(sudoNotAfter=*))
+ * (sudoNotAfter>__now__)
+ * )
+ * (|
+ * (!(sudoNotBefore=*))
+ * (sudoNotBefore<__now__)
+ * )
+ * )
+ *
+ * If either the sudoNotAfter or sudoNotBefore attributes are missing,
+ * no time restriction shall be imposed.
*/
+static int
+sudo_ldap_timefilter(buffer, buffersize)
+ char *buffer;
+ size_t buffersize;
+{
+ struct tm *tp;
+ time_t now;
+ char timebuffer[16];
+ int bytes = 0;
+
+ /* Make sure we have a formatted timestamp for __now__. */
+ time(&now);
+ if ((tp = gmtime(&now)) == NULL) {
+ warning("unable to get GMT");
+ goto done;
+ }
+
+ /* Format the timestamp according to the RFC. */
+ if (strftime(timebuffer, sizeof(timebuffer), "%Y%m%d%H%MZ", tp) == 0) {
+ warning("unable to format timestamp");
+ goto done;
+ }
+
+ /* Build filter. */
+ bytes = snprintf(buffer, buffersize, "(&(|(!(sudoNotAfter=*))(sudoNotAfter>=%s))(|(!(sudoNotBefore=*))(sudoNotBefore<=%s)))",
+ timebuffer, timebuffer);
+ if (bytes < 0 || bytes >= buffersize) {
+ warning("unable to build time filter");
+ bytes = 0;
+ }
+
+done:
+ return bytes;
+}
+
+/*
+ * Builds up a filter to check against LDAP.
+ */
static char *
sudo_ldap_build_pass1(pw)
struct passwd *pw;
{
struct group *grp;
+ char *buf, timebuffer[TIMEFILTER_LENGTH];
size_t sz;
- char *buf;
int i;
/* Start with (|(sudoUser=USERNAME)(sudoUser=ALL)) + NUL */
@@ -856,18 +992,34 @@
sz = 29 + strlen(pw->pw_name);
/* Add space for groups */
- if ((grp = sudo_getgrgid(pw->pw_gid)) != NULL)
+ if ((grp = sudo_getgrgid(pw->pw_gid)) != NULL) {
sz += 12 + strlen(grp->gr_name); /* primary group */
+ gr_delref(grp);
+ }
for (i = 0; i < user_ngroups; i++) {
if (user_groups[i] == pw->pw_gid)
continue;
- if ((grp = sudo_getgrgid(user_groups[i])) != NULL)
+ if ((grp = sudo_getgrgid(user_groups[i])) != NULL) {
sz += 12 + strlen(grp->gr_name); /* supplementary group */
+ gr_delref(grp);
+ }
}
+
+ /* If timed, add space for time limits. */
+ if (ldap_conf.timed)
+ sz += TIMEFILTER_LENGTH;
buf = emalloc(sz);
+ *buf = '\0';
+ /*
+ * If timed, start a global AND clause that will have the time limits
+ * as the second leg.
+ */
+ if (ldap_conf.timed)
+ (void) strlcpy(buf, "(&", sz);
+
/* Global OR + sudoUser=user_name filter */
- (void) strlcpy(buf, "(|(sudoUser=", sz);
+ (void) strlcat(buf, "(|(sudoUser=", sz);
(void) strlcat(buf, pw->pw_name, sz);
(void) strlcat(buf, ")", sz);
@@ -876,6 +1028,7 @@
(void) strlcat(buf, "(sudoUser=%", sz);
(void) strlcat(buf, grp->gr_name, sz);
(void) strlcat(buf, ")", sz);
+ gr_delref(grp);
}
/* Append supplementary groups */
@@ -886,17 +1039,49 @@
(void) strlcat(buf, "(sudoUser=%", sz);
(void) strlcat(buf, grp->gr_name, sz);
(void) strlcat(buf, ")", sz);
+ gr_delref(grp);
}
}
/* Add ALL to list and end the global OR */
- if (strlcat(buf, "(sudoUser=ALL))", sz) >= sz)
+ if (strlcat(buf, "(sudoUser=ALL)", sz) >= sz)
errorx(1, "sudo_ldap_build_pass1 allocation mismatch");
- return(buf);
+ /* Add the time restriction, or simply end the global OR. */
+ if (ldap_conf.timed) {
+ strlcat(buf, ")", sz); /* closes the global OR */
+ sudo_ldap_timefilter(timebuffer, sizeof(timebuffer));
+ strlcat(buf, timebuffer, sz);
+ }
+ strlcat(buf, ")", sz); /* closes the global OR or the global AND */
+
+ return buf;
}
/*
+ * Builds up a filter to check against netgroup entries in LDAP.
+ */
+static char *
+sudo_ldap_build_pass2()
+{
+ char *buf, timebuffer[TIMEFILTER_LENGTH];
+
+ if (ldap_conf.timed) {
+ /*
+ * If timed, use a global AND clause that has the time limit as
+ * as the second leg.
+ */
+ sudo_ldap_timefilter(timebuffer, sizeof(timebuffer));
+ easprintf(&buf, "(&(sudoUser=+*)%s)", timebuffer);
+ } else {
+ /* No time limit, just the netgroup selection. */
+ buf = estrdup("sudoUser=+*");
+ }
+
+ return buf;
+}
+
+/*
* Map yes/true/on to TRUE, no/false/off to FALSE, else -1
*/
static int
@@ -907,32 +1092,32 @@
case 'y':
case 'Y':
if (strcasecmp(s, "yes") == 0)
- return(TRUE);
+ return TRUE;
break;
case 't':
case 'T':
if (strcasecmp(s, "true") == 0)
- return(TRUE);
+ return TRUE;
break;
case 'o':
case 'O':
if (strcasecmp(s, "on") == 0)
- return(TRUE);
+ return TRUE;
if (strcasecmp(s, "off") == 0)
- return(FALSE);
+ return FALSE;
break;
case 'n':
case 'N':
if (strcasecmp(s, "no") == 0)
- return(FALSE);
+ return FALSE;
break;
case 'f':
case 'F':
if (strcasecmp(s, "false") == 0)
- return(FALSE);
+ return FALSE;
break;
}
- return(-1);
+ return -1;
}
static void
@@ -969,12 +1154,13 @@
ldap_conf.port = -1;
ldap_conf.tls_checkpeer = -1;
ldap_conf.timelimit = -1;
+ ldap_conf.timeout = -1;
ldap_conf.bind_timelimit = -1;
ldap_conf.use_sasl = -1;
ldap_conf.rootuse_sasl = -1;
if ((fp = fopen(_PATH_LDAP_CONF, "r")) == NULL)
- return(FALSE);
+ return FALSE;
while ((cp = sudo_parseln(fp)) != NULL) {
if (*cp == '\0')
@@ -1031,9 +1217,6 @@
if (!ldap_conf.host)
ldap_conf.host = estrdup("localhost");
- if (ldap_conf.bind_timelimit > 0)
- ldap_conf.bind_timelimit *= 1000; /* convert to ms */
-
if (ldap_conf.debug > 1) {
fprintf(stderr, "LDAP Config Summary\n");
fprintf(stderr, "===================\n");
@@ -1067,6 +1250,8 @@
fprintf(stderr, "bind_timelimit %d\n", ldap_conf.bind_timelimit);
if (ldap_conf.timelimit > 0)
fprintf(stderr, "timelimit %d\n", ldap_conf.timelimit);
+ if (ldap_conf.timeout > 0)
+ fprintf(stderr, "timeout %d\n", ldap_conf.timeout);
fprintf(stderr, "ssl %s\n", ldap_conf.ssl ?
ldap_conf.ssl : "(no)");
if (ldap_conf.tls_checkpeer != -1)
@@ -1102,8 +1287,11 @@
fprintf(stderr, "===================\n");
}
if (!ldap_conf.base)
- return(FALSE); /* if no base is defined, ignore LDAP */
+ return FALSE; /* if no base is defined, ignore LDAP */
+ if (ldap_conf.bind_timelimit > 0)
+ ldap_conf.bind_timelimit *= 1000; /* convert to ms */
+
/*
* Interpret SSL option
*/
@@ -1126,7 +1314,7 @@
if (ldap_conf.uri) {
struct ldap_config_list_str *uri = ldap_conf.uri;
if (sudo_ldap_parse_uri(uri) != 0)
- return(FALSE);
+ return FALSE;
do {
ldap_conf.uri = uri->next;
efree(uri);
@@ -1176,7 +1364,7 @@
}
}
#endif
- return(TRUE);
+ return TRUE;
}
/*
@@ -1192,21 +1380,21 @@
LDAPDN tmpDN;
if ((dn = ldap_get_dn(ld, entry)) == NULL)
- return(NULL);
+ return NULL;
if (ldap_str2dn(dn, &tmpDN, LDAP_DN_FORMAT_LDAP) == LDAP_SUCCESS) {
ldap_rdn2str(tmpDN[0], &rdn, LDAP_DN_FORMAT_UFN);
ldap_dnfree(tmpDN);
}
ldap_memfree(dn);
- return(rdn);
+ return rdn;
#else
char *dn, **edn;
if ((dn = ldap_get_dn(ld, entry)) == NULL)
- return(NULL);
+ return NULL;
edn = ldap_explode_dn(dn, 1);
ldap_memfree(dn);
- return(edn ? edn[0] : NULL);
+ return edn ? edn[0] : NULL;
#endif
}
@@ -1220,19 +1408,27 @@
struct lbuf *lbuf;
{
struct berval **bv, **p;
+ struct timeval tv, *tvp = NULL;
struct ldap_config_list_str *base;
- LDAP *ld = (LDAP *) nss->handle;
+ struct sudo_ldap_handle *handle = nss->handle;
+ LDAP *ld;
LDAPMessage *entry, *result;
char *prefix;
int rc, count = 0;
- if (ld == NULL)
+ if (handle == NULL || handle->ld == NULL)
goto done;
+ ld = handle->ld;
for (base = ldap_conf.base; base != NULL; base = base->next) {
+ if (ldap_conf.timeout > 0) {
+ tv.tv_sec = ldap_conf.timeout;
+ tv.tv_usec = 0;
+ tvp = &tv;
+ }
result = NULL;
rc = ldap_search_ext_s(ld, base->val, LDAP_SCOPE_SUBTREE,
- "cn=defaults", NULL, 0, NULL, NULL, NULL, 0, &result);
+ "cn=defaults", NULL, 0, NULL, NULL, tvp, 0, &result);
if (rc == LDAP_SUCCESS && (entry = ldap_first_entry(ld, result))) {
bv = ldap_get_values_len(ld, entry, "sudoOption");
if (bv != NULL) {
@@ -1252,7 +1448,7 @@
ldap_msgfree(result);
}
done:
- return(count);
+ return count;
}
/*
@@ -1264,7 +1460,7 @@
struct passwd *pw;
struct lbuf *lbuf;
{
- return(0);
+ return 0;
}
/*
@@ -1329,7 +1525,6 @@
"NOSETENV: " : "SETENV: ";
if (tag != NULL)
lbuf_append(lbuf, tag, NULL);
- /* XXX - ignores other options */
}
ldap_value_free_len(bv);
}
@@ -1347,7 +1542,7 @@
}
lbuf_append(lbuf, "\n", NULL);
- return(count);
+ return count;
}
/*
@@ -1411,7 +1606,19 @@
lbuf_append(lbuf, "\n", NULL);
}
- /* get the Command Values from the entry */
+ /*
+ * Display order attribute if present. This attribute is single valued,
+ * so there is no need for a loop.
+ */
+ bv = ldap_get_values_len(ld, entry, "sudoOrder");
+ if (bv != NULL) {
+ if (*bv != NULL) {
+ lbuf_append(lbuf, " Order: ", (*bv)->bv_val, "\n", NULL);
+ }
+ ldap_value_free_len(bv);
+ }
+
+ /* Get the command values from the entry. */
bv = ldap_get_values_len(ld, entry, "sudoCommand");
if (bv != NULL) {
lbuf_append(lbuf, " Commands:\n", NULL);
@@ -1422,7 +1629,7 @@
ldap_value_free_len(bv);
}
- return(count);
+ return count;
}
/*
@@ -1434,57 +1641,30 @@
struct passwd *pw;
struct lbuf *lbuf;
{
- struct ldap_config_list_str *base;
- LDAP *ld = (LDAP *) nss->handle;
- LDAPMessage *entry, *result;
- char *filt;
- int rc, do_netgr, count = 0;
+ struct sudo_ldap_handle *handle = nss->handle;
+ LDAP *ld;
+ struct ldap_result *lres;
+ LDAPMessage *entry;
+ int i, count = 0;
- if (ld == NULL)
+ if (handle == NULL || handle->ld == NULL)
goto done;
+ ld = handle->ld;
- /*
- * Okay - time to search for anything that matches this user
- * Lets limit it to only two queries of the LDAP server
- *
- * The first pass will look by the username, groups, and
- * the keyword ALL. We will then inspect the results that
- * came back from the query. We don't need to inspect the
- * sudoUser in this pass since the LDAP server already scanned
- * it for us.
- *
- * The second pass will return all the entries that contain
- * user netgroups. Then we take the netgroups returned and
- * try to match them against the username.
- */
- for (do_netgr = 0; do_netgr < 2; do_netgr++) {
- filt = do_netgr ? estrdup("sudoUser=+*") : sudo_ldap_build_pass1(pw);
- DPRINTF(("ldap search '%s'", filt), 1);
- for (base = ldap_conf.base; base != NULL; base = base->next) {
- result = NULL;
- rc = ldap_search_ext_s(ld, base->val, LDAP_SCOPE_SUBTREE, filt,
- NULL, 0, NULL, NULL, NULL, 0, &result);
- if (rc != LDAP_SUCCESS)
- continue; /* no entries for this pass */
+ DPRINTF(("ldap search for command list"), 1);
+ lres = sudo_ldap_result_get(nss, pw);
- /* print each matching entry */
- LDAP_FOREACH(entry, ld, result) {
- if ((!do_netgr ||
- sudo_ldap_check_user_netgroup(ld, entry, pw->pw_name)) &&
- sudo_ldap_check_host(ld, entry)) {
+ /* Display all matching entries. */
+ for (i = 0; i < lres->nentries; i++) {
+ entry = lres->entries[i].entry;
+ if (long_list)
+ count += sudo_ldap_display_entry_long(ld, entry, lbuf);
+ else
+ count += sudo_ldap_display_entry_short(ld, entry, lbuf);
+ }
- if (long_list)
- count += sudo_ldap_display_entry_long(ld, entry, lbuf);
- else
- count += sudo_ldap_display_entry_short(ld, entry, lbuf);
- }
- }
- ldap_msgfree(result);
- }
- efree(filt);
- }
done:
- return(count);
+ return count;
}
static int
@@ -1492,59 +1672,36 @@
struct sudo_nss *nss;
struct passwd *pw;
{
- struct ldap_config_list_str *base;
- LDAP *ld = (LDAP *) nss->handle;
- LDAPMessage *entry, *result; /* used for searches */
- char *filt; /* used to parse attributes */
- int rc, found, do_netgr; /* temp/final return values */
+ struct sudo_ldap_handle *handle = nss->handle;
+ LDAP *ld;
+ struct ldap_result *lres;
+ LDAPMessage *entry;
+ int i, found = FALSE;
- if (ld == NULL)
- return(1);
+ if (handle == NULL || handle->ld == NULL)
+ goto done;
+ ld = handle->ld;
/*
- * Okay - time to search for anything that matches this user
- * Lets limit it to only two queries of the LDAP server
- *
- * The first pass will look by the username, groups, and
- * the keyword ALL. We will then inspect the results that
- * came back from the query. We don't need to inspect the
- * sudoUser in this pass since the LDAP server already scanned
- * it for us.
- *
- * The second pass will return all the entries that contain
- * user netgroups. Then we take the netgroups returned and
- * try to match them against the username.
+ * The sudo_ldap_result_get() function returns all nodes that match
+ * the user and the host.
*/
- for (found = FALSE, do_netgr = 0; !found && do_netgr < 2; do_netgr++) {
- filt = do_netgr ? estrdup("sudoUser=+*") : sudo_ldap_build_pass1(pw);
- DPRINTF(("ldap search '%s'", filt), 1);
- for (base = ldap_conf.base; base != NULL; base = base->next) {
- result = NULL;
- rc = ldap_search_ext_s(ld, base->val, LDAP_SCOPE_SUBTREE, filt,
- NULL, 0, NULL, NULL, NULL, 0, &result);
- if (rc != LDAP_SUCCESS)
- continue; /* no entries for this pass */
-
- LDAP_FOREACH(entry, ld, result) {
- if ((!do_netgr ||
- sudo_ldap_check_user_netgroup(ld, entry, pw->pw_name)) &&
- sudo_ldap_check_host(ld, entry) &&
- sudo_ldap_check_command(ld, entry, NULL) &&
- sudo_ldap_check_runas(ld, entry)) {
-
- found = TRUE;
- break;
- }
- }
- ldap_msgfree(result);
+ DPRINTF(("ldap search for command list"), 1);
+ lres = sudo_ldap_result_get(nss, pw);
+ for (i = 0; i < lres->nentries; i++) {
+ entry = lres->entries[i].entry;
+ if (sudo_ldap_check_command(ld, entry, NULL) &&
+ sudo_ldap_check_runas(ld, entry)) {
+ found = TRUE;
+ goto done;
}
- efree(filt);
}
+done:
if (found)
printf("%s%s%s\n", safe_cmnd ? safe_cmnd : user_cmnd,
user_args ? " " : "", user_args ? user_args : "");
- return(!found);
+ return !found;
}
#ifdef HAVE_LDAP_SASL_INTERACTIVE_BIND_S
@@ -1560,7 +1717,7 @@
for (; interact->id != SASL_CB_LIST_END; interact++) {
if (interact->id != SASL_CB_USER)
- return(LDAP_PARAM_ERROR);
+ return LDAP_PARAM_ERROR;
if (auth_id != NULL)
interact->result = auth_id;
@@ -1574,7 +1731,7 @@
interact->result = estrdup(interact->result);
#endif /* SASL_VERSION_MAJOR < 2 */
}
- return(LDAP_SUCCESS);
+ return LDAP_SUCCESS;
}
#endif /* HAVE_LDAP_SASL_INTERACTIVE_BIND_S */
@@ -1613,7 +1770,7 @@
if (rc != LDAP_OPT_SUCCESS) {
warningx("ldap_set_option: %s -> %d: %s",
cur->conf_str, ival, ldap_err2string(rc));
- return(-1);
+ return -1;
}
DPRINTF(("ldap_set_option: %s -> %d", cur->conf_str, ival), 1);
}
@@ -1625,7 +1782,7 @@
if (rc != LDAP_OPT_SUCCESS) {
warningx("ldap_set_option: %s -> %s: %s",
cur->conf_str, sval, ldap_err2string(rc));
- return(-1);
+ return -1;
}
DPRINTF(("ldap_set_option: %s -> %s", cur->conf_str, sval), 1);
}
@@ -1633,6 +1790,22 @@
}
}
+#ifdef LDAP_OPT_TIMEOUT
+ /* Convert timeout to a timeval */
+ if (ldap_conf.timeout > 0) {
+ struct timeval tv;
+ tv.tv_sec = ldap_conf.timeout;
+ tv.tv_usec = 0;
+ rc = ldap_set_option(ld, LDAP_OPT_TIMEOUT, &tv);
+ if (rc != LDAP_OPT_SUCCESS) {
+ warningx("ldap_set_option(TIMEOUT, %ld): %s",
+ (long)tv.tv_sec, ldap_err2string(rc));
+ return -1;
+ }
+ DPRINTF(("ldap_set_option(LDAP_OPT_TIMEOUT, %ld)",
+ (long)tv.tv_sec), 1);
+ }
+#endif
#ifdef LDAP_OPT_NETWORK_TIMEOUT
/* Convert bind_timelimit to a timeval */
if (ldap_conf.bind_timelimit > 0) {
@@ -1643,7 +1816,7 @@
if (rc != LDAP_OPT_SUCCESS) {
warningx("ldap_set_option(NETWORK_TIMEOUT, %ld): %s",
(long)tv.tv_sec, ldap_err2string(rc));
- return(-1);
+ return -1;
}
DPRINTF(("ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT, %ld)",
(long)tv.tv_sec), 1);
@@ -1657,15 +1830,85 @@
if (rc != LDAP_SUCCESS) {
warningx("ldap_set_option(LDAP_OPT_X_TLS, LDAP_OPT_X_TLS_HARD): %s",
ldap_err2string(rc));
- return(-1);
+ return -1;
}
DPRINTF(("ldap_set_option(LDAP_OPT_X_TLS, LDAP_OPT_X_TLS_HARD)"), 1);
}
#endif
- return(0);
+ return 0;
}
/*
+ * Create a new sudo_ldap_result structure.
+ */
+static struct ldap_result *
+sudo_ldap_result_alloc()
+{
+ struct ldap_result *result;
+
+ result = emalloc(sizeof(*result));
+ result->searches = NULL;
+ result->nentries = 0;
+ result->entries = NULL;
+ result->allocated_entries = 0;
+ result->user_matches = FALSE;
+ result->host_matches = FALSE;
+ return result;
+}
+
+/*
+ * Free the ldap result structure
+ */
+static void
+sudo_ldap_result_free(lres)
+ struct ldap_result *lres;
+{
+ struct ldap_search_list *s;
+
+ if (lres != NULL) {
+ if (lres->nentries) {
+ efree(lres->entries);
+ lres->entries = NULL;
+ }
+ if (lres->searches) {
+ while ((s = lres->searches) != NULL) {
+ ldap_msgfree(s->searchresult);
+ lres->searches = s->next;
+ efree(s);
+ }
+ }
+ efree(lres);
+ }
+}
+
+/*
+ * Add a search result to the ldap_result structure.
+ */
+static struct ldap_search_list *
+sudo_ldap_result_add_search(lres, ldap, searchresult)
+ struct ldap_result *lres;
+ LDAP *ldap;
+ LDAPMessage *searchresult;
+{
+ struct ldap_search_list *s, *news;
+
+ news = emalloc(sizeof(struct ldap_search_list));
+ news->next = NULL;
+ news->ldap = ldap;
+ news->searchresult = searchresult;
+
+ /* Add entry to the end of the chain (XXX - tailq instead?). */
+ if (lres->searches) {
+ for (s = lres->searches; s->next != NULL; s = s->next)
+ continue;
+ s->next = news;
+ } else {
+ lres->searches = news;
+ }
+ return news;
+}
+
+/*
* Connect to the LDAP server specified by ld
*/
static int
@@ -1712,7 +1955,7 @@
}
if (rc != LDAP_SUCCESS) {
warningx("ldap_sasl_interactive_bind_s(): %s", ldap_err2string(rc));
- return(-1);
+ return -1;
}
DPRINTF(("ldap_sasl_interactive_bind_s() ok"), 1);
} else
@@ -1728,7 +1971,7 @@
NULL, NULL, NULL);
if (rc != LDAP_SUCCESS) {
warningx("ldap_sasl_bind_s(): %s", ldap_err2string(rc));
- return(-1);
+ return -1;
}
DPRINTF(("ldap_sasl_bind_s() ok"), 1);
}
@@ -1737,12 +1980,12 @@
rc = ldap_simple_bind_s(ld, ldap_conf.binddn, ldap_conf.bindpw);
if (rc != LDAP_SUCCESS) {
warningx("ldap_simple_bind_s(): %s", ldap_err2string(rc));
- return(-1);
+ return -1;
}
DPRINTF(("ldap_simple_bind_s() ok"), 1);
}
#endif
- return(0);
+ return 0;
}
/*
@@ -1755,9 +1998,10 @@
{
LDAP *ld;
int rc, ldapnoinit = FALSE;
+ struct sudo_ldap_handle *handle;
if (!sudo_ldap_read_config())
- return(-1);
+ return -1;
/* Prevent reading of user ldaprc and system defaults. */
if (getenv("LDAPNOINIT") == NULL) {
@@ -1777,7 +2021,7 @@
rc = sudo_ldap_init(&ld, ldap_conf.host, ldap_conf.port);
if (rc != LDAP_SUCCESS) {
warningx("unable to initialize LDAP: %s", ldap_err2string(rc));
- return(-1);
+ return -1;
}
if (ldapnoinit)
@@ -1785,7 +2029,7 @@
/* Set LDAP options */
if (sudo_ldap_set_options(ld) < 0)
- return(-1);
+ return -1;
if (ldap_conf.ssl_mode == SUDO_LDAP_STARTTLS) {
#if defined(HAVE_LDAP_START_TLS_S)
@@ -1792,18 +2036,18 @@
rc = ldap_start_tls_s(ld, NULL, NULL);
if (rc != LDAP_SUCCESS) {
warningx("ldap_start_tls_s(): %s", ldap_err2string(rc));
- return(-1);
+ return -1;
}
DPRINTF(("ldap_start_tls_s() ok"), 1);
#elif defined(HAVE_LDAP_SSL_CLIENT_INIT) && defined(HAVE_LDAP_START_TLS_S_NP)
if (ldap_ssl_client_init(NULL, NULL, 0, &rc) != LDAP_SUCCESS) {
warningx("ldap_ssl_client_init(): %s", ldap_err2string(rc));
- return(-1);
+ return -1;
}
rc = ldap_start_tls_s_np(ld, NULL);
if (rc != LDAP_SUCCESS) {
warningx("ldap_start_tls_s_np(): %s", ldap_err2string(rc));
- return(-1);
+ return -1;
}
DPRINTF(("ldap_start_tls_s_np() ok"), 1);
#else
@@ -1813,10 +2057,17 @@
/* Actually connect */
if (sudo_ldap_bind_s(ld) != 0)
- return(-1);
+ return -1;
- nss->handle = ld;
- return(0);
+ /* Create a handle container. */
+ handle = emalloc(sizeof(struct sudo_ldap_handle));
+ handle->ld = ld;
+ handle->result = NULL;
+ handle->username = NULL;
+ handle->groups = NULL;
+ nss->handle = handle;
+
+ return 0;
}
static int
@@ -1824,14 +2075,22 @@
struct sudo_nss *nss;
{
struct ldap_config_list_str *base;
- LDAP *ld = (LDAP *) nss->handle;
- LDAPMessage *entry, *result; /* used for searches */
- int rc; /* temp return value */
+ struct sudo_ldap_handle *handle = nss->handle;
+ struct timeval tv, *tvp = NULL;
+ LDAP *ld;
+ LDAPMessage *entry, *result;
+ int rc;
- if (ld == NULL)
- return(-1);
+ if (handle == NULL || handle->ld == NULL)
+ return -1;
+ ld = handle->ld;
for (base = ldap_conf.base; base != NULL; base = base->next) {
+ if (ldap_conf.timeout > 0) {
+ tv.tv_sec = ldap_conf.timeout;
+ tv.tv_usec = 0;
+ tvp = &tv;
+ }
result = NULL;
rc = ldap_search_ext_s(ld, base->val, LDAP_SCOPE_SUBTREE,
"cn=defaults", NULL, 0, NULL, NULL, NULL, 0, &result);
@@ -1845,7 +2104,7 @@
ldap_msgfree(result);
}
- return(0);
+ return 0;
}
/*
@@ -1857,55 +2116,42 @@
int ret;
int pwflag;
{
- struct ldap_config_list_str *base;
- LDAP *ld = (LDAP *) nss->handle;
- LDAPMessage *entry, *result;
- char *filt;
- int do_netgr, rc, matched;
- int setenv_implied;
- int ldap_user_matches = FALSE, ldap_host_matches = FALSE;
- struct passwd *pw = list_pw ? list_pw : sudo_user.pw;
+ struct sudo_ldap_handle *handle = nss->handle;
+ LDAP *ld;
+ LDAPMessage *entry;
+ int i, rc, setenv_implied, matched = UNSPEC;
+ struct ldap_result *lres = NULL;
- if (ld == NULL)
- return(ret);
+ if (handle == NULL || handle->ld == NULL)
+ return ret;
+ ld = handle->ld;
+ /* Fetch list of sudoRole entries that match user and host. */
+ lres = sudo_ldap_result_get(nss, sudo_user.pw);
+
+ /*
+ * The following queries are only determine whether or not a
+ * password is required, so the order of the entries doesn't matter.
+ */
if (pwflag) {
+ DPRINTF(("perform search for pwflag %d", pwflag), 1);
int doauth = UNSPEC;
enum def_tupple pwcheck =
(pwflag == -1) ? never : sudo_defs_table[pwflag].sd_un.tuple;
- for (matched = 0, do_netgr = 0; !matched && do_netgr < 2; do_netgr++) {
- filt = do_netgr ? estrdup("sudoUser=+*") : sudo_ldap_build_pass1(pw);
- for (base = ldap_conf.base; base != NULL; base = base->next) {
- result = NULL;
- rc = ldap_search_ext_s(ld, base->val, LDAP_SCOPE_SUBTREE, filt,
- NULL, 0, NULL, NULL, NULL, 0, &result);
- if (rc != LDAP_SUCCESS)
- continue;
-
- LDAP_FOREACH(entry, ld, result) {
- /* only verify netgroup matches in pass 2 */
- if (do_netgr && !sudo_ldap_check_user_netgroup(ld, entry, pw->pw_name))
- continue;
-
- ldap_user_matches = TRUE;
- if (sudo_ldap_check_host(ld, entry)) {
- ldap_host_matches = TRUE;
- if ((pwcheck == any && doauth != FALSE) ||
- (pwcheck == all && doauth == FALSE))
- doauth = sudo_ldap_check_bool(ld, entry, "authenticate");
- /* Only check the command when listing another user. */
- if (user_uid == 0 || list_pw == NULL ||
- user_uid == list_pw->pw_uid ||
- sudo_ldap_check_command(ld, entry, NULL)) {
- matched = 1;
- break; /* end foreach */
- }
- }
- }
- ldap_msgfree(result);
+ for (i = 0; i < lres->nentries; i++) {
+ entry = lres->entries[i].entry;
+ if ((pwcheck == any && doauth != FALSE) ||
+ (pwcheck == all && doauth == FALSE)) {
+ doauth = sudo_ldap_check_bool(ld, entry, "authenticate");
}
- efree(filt);
+ /* Only check the command when listing another user. */
+ if (user_uid == 0 || list_pw == NULL ||
+ user_uid == list_pw->pw_uid ||
+ sudo_ldap_check_command(ld, entry, NULL)) {
+ matched = TRUE;
+ break;
+ }
}
if (matched || user_uid == 0) {
SET(ret, VALIDATE_OK);
@@ -1931,7 +2177,197 @@
goto done;
}
+ DPRINTF(("searching LDAP for sudoers entries"), 1);
+
+ setenv_implied = FALSE;
+ for (i = 0; i < lres->nentries; i++) {
+ entry = lres->entries[i].entry;
+ if (!sudo_ldap_check_runas(ld, entry))
+ continue;
+ rc = sudo_ldap_check_command(ld, entry, &setenv_implied);
+ if (rc != UNSPEC) {
+ /* We have a match. */
+ DPRINTF(("Command %sallowed", rc == TRUE ? "" : "NOT "), 1);
+ matched = TRUE;
+ if (rc == TRUE) {
+ DPRINTF(("LDAP entry: %p", entry), 1);
+ /* Apply entry-specific options. */
+ if (setenv_implied)
+ def_setenv = TRUE;
+ sudo_ldap_parse_options(ld, entry);
+#ifdef HAVE_SELINUX
+ /* Set role and type if not specified on command line. */
+ if (user_role == NULL)
+ user_role = def_role;
+ if (user_type == NULL)
+ user_type = def_type;
+#endif /* HAVE_SELINUX */
+ SET(ret, VALIDATE_OK);
+ CLR(ret, VALIDATE_NOT_OK);
+ } else {
+ SET(ret, VALIDATE_NOT_OK);
+ CLR(ret, VALIDATE_OK);
+ }
+ break;
+ }
+ }
+
+done:
+ DPRINTF(("done with LDAP searches"), 1);
+ DPRINTF(("user_matches=%d", lres->user_matches), 1);
+ DPRINTF(("host_matches=%d", lres->host_matches), 1);
+
+ if (!ISSET(ret, VALIDATE_OK)) {
+ /* No matching entries. */
+ if (pwflag && list_pw == NULL)
+ SET(ret, FLAG_NO_CHECK);
+ }
+ if (lres->user_matches)
+ CLR(ret, FLAG_NO_USER);
+ if (lres->host_matches)
+ CLR(ret, FLAG_NO_HOST);
+ DPRINTF(("sudo_ldap_lookup(%d)=0x%02x", pwflag, ret), 1);
+
+ return ret;
+}
+
+/*
+ * Comparison function for ldap_entry_wrapper structures, descending order.
+ */
+static int
+ldap_entry_compare(a, b)
+ const void *a;
+ const void *b;
+{
+ const struct ldap_entry_wrapper *aw = a;
+ const struct ldap_entry_wrapper *bw = b;
+
+ return bw->order < aw->order ? -1 :
+ (bw->order > aw->order ? 1 : 0);
+}
+
+/*
+ * Find the last entry in the list of searches, usually the
+ * one currently being used to add entries.
+ * XXX - use a tailq instead?
+ */
+static struct ldap_search_list *
+sudo_ldap_result_last_search(lres)
+ struct ldap_result *lres;
+{
+ struct ldap_search_list *result = lres->searches;
+
+ if (result) {
+ while (result->next)
+ result = result->next;
+ }
+ return result;
+}
+
+/*
+ * Add an entry to the result structure.
+ */
+static struct ldap_entry_wrapper *
+sudo_ldap_result_add_entry(lres, entry)
+ struct ldap_result *lres;
+ LDAPMessage *entry;
+{
+ struct ldap_search_list *last;
+ struct berval **bv;
+ double order = 0.0;
+ char *ep;
+
+ /* Determine whether the entry has the sudoOrder attribute. */
+ last = sudo_ldap_result_last_search(lres);
+ bv = ldap_get_values_len(last->ldap, entry, "sudoOrder");
+ if (bv != NULL) {
+ if (ldap_count_values_len(bv) > 0) {
+ /* Get the value of this attribute, 0 if not present. */
+ DPRINTF(("order attribute raw: %s", (*bv)->bv_val), 1);
+ order = strtod((*bv)->bv_val, &ep);
+ if (ep == (*bv)->bv_val || *ep != '\0') {
+ warningx("invalid sudoOrder attribute: %s", (*bv)->bv_val);
+ order = 0.0;
+ }
+ DPRINTF(("order attribute: %f", order), 1);
+ }
+ ldap_value_free_len(bv);
+ }
+
/*
+ * Enlarge the array of entry wrappers as needed, preallocating blocks
+ * of 100 entries to save on allocation time.
+ */
+ if (++lres->nentries > lres->allocated_entries) {
+ lres->allocated_entries += ALLOCATION_INCREMENT;
+ lres->entries = erealloc3(lres->entries, lres->allocated_entries,
+ sizeof(lres->entries[0]));
+ }
+
+ /* Fill in the new entry and return it. */
+ lres->entries[lres->nentries - 1].entry = entry;
+ lres->entries[lres->nentries - 1].order = order;
+
+ return &lres->entries[lres->nentries - 1];
+}
+
+/*
+ * Free the ldap result structure in the sudo_nss handle.
+ */
+static void
+sudo_ldap_result_free_nss(nss)
+ struct sudo_nss *nss;
+{
+ struct sudo_ldap_handle *handle = nss->handle;
+
+ if (handle->result != NULL) {
+ DPRINTF(("removing reusable search result"), 1);
+ sudo_ldap_result_free(handle->result);
+ if (handle->username) {
+ efree(handle->username);
+ handle->username = NULL;
+ }
+ handle->groups = NULL;
+ handle->result = NULL;
+ }
+}
+
+/*
+ * Perform the LDAP query for the user or return a cached query if
+ * there is one for this user.
+ */
+static struct ldap_result *
+sudo_ldap_result_get(nss, pw)
+ struct sudo_nss *nss;
+ struct passwd *pw;
+{
+ struct sudo_ldap_handle *handle = nss->handle;
+ struct ldap_config_list_str *base;
+ struct ldap_result *lres;
+ struct timeval tv, *tvp = NULL;
+ LDAPMessage *entry, *result;
+ LDAP *ld = handle->ld;
+ int do_netgr, rc;
+ char *filt;
+
+ /*
+ * If we already have a cached result, return it so we don't have to
+ * have to contact the LDAP server again.
+ */
+ if (handle->result) {
+ if (handle->groups == user_groups &&
+ strcmp(pw->pw_name, handle->username) == 0) {
+ DPRINTF(("reusing previous result (user %s) with %d entries",
+ handle->username, handle->result->nentries), 1);
+ return handle->result;
+ }
+ /* User mismatch, cached result cannot be used. */
+ DPRINTF(("removing result (user %s), new search (user %s)",
+ handle->username, pw->pw_name), 1);
+ sudo_ldap_result_free_nss(nss);
+ }
+
+ /*
* Okay - time to search for anything that matches this user
* Lets limit it to only two queries of the LDAP server
*
@@ -1944,12 +2380,22 @@
* The second pass will return all the entries that contain
* user netgroups. Then we take the netgroups returned and
* try to match them against the username.
+ *
+ * Since we have to sort the possible entries before we make a
+ * decision, we perform the queries and store all of the results in
+ * an ldap_result object. The results are then sorted by sudoOrder.
*/
- setenv_implied = FALSE;
- for (matched = 0, do_netgr = 0; !matched && do_netgr < 2; do_netgr++) {
- filt = do_netgr ? estrdup("sudoUser=+*") : sudo_ldap_build_pass1(pw);
+ lres = sudo_ldap_result_alloc();
+ for (do_netgr = 0; do_netgr < 2; do_netgr++) {
+ filt = do_netgr ? sudo_ldap_build_pass2() : sudo_ldap_build_pass1(pw);
DPRINTF(("ldap search '%s'", filt), 1);
for (base = ldap_conf.base; base != NULL; base = base->next) {
+ DPRINTF(("searching from base '%s'", base->val), 1);
+ if (ldap_conf.timeout > 0) {
+ tv.tv_sec = ldap_conf.timeout;
+ tv.tv_usec = 0;
+ tvp = &tv;
+ }
result = NULL;
rc = ldap_search_ext_s(ld, base->val, LDAP_SCOPE_SUBTREE, filt,
NULL, 0, NULL, NULL, NULL, 0, &result);
@@ -1957,85 +2403,61 @@
DPRINTF(("nothing found for '%s'", filt), 1);
continue;
}
+ lres->user_matches = TRUE;
- /* parse each entry returned from this most recent search */
+ /* Add the seach result to list of search results. */
+ DPRINTF(("adding search result"), 1);
+ sudo_ldap_result_add_search(lres, ld, result);
LDAP_FOREACH(entry, ld, result) {
- DPRINTF(("found:%s", ldap_get_dn(ld, entry)), 1);
- if (
- /* first verify user netgroup matches - only if in pass 2 */
- (!do_netgr || sudo_ldap_check_user_netgroup(ld, entry, pw->pw_name)) &&
- /* remember that user matched */
- (ldap_user_matches = TRUE) &&
- /* verify host match */
- sudo_ldap_check_host(ld, entry) &&
- /* remember that host matched */
- (ldap_host_matches = TRUE) &&
- /* verify runas match */
- sudo_ldap_check_runas(ld, entry) &&
- /* verify command match */
- (rc = sudo_ldap_check_command(ld, entry, &setenv_implied)) != UNSPEC
- ) {
- /* We have a match! */
- DPRINTF(("Command %sallowed", rc == TRUE ? "" : "NOT "), 1);
- matched = TRUE;
- if (rc == TRUE) {
- /* pick up any options */
- if (setenv_implied)
- def_setenv = TRUE;
- sudo_ldap_parse_options(ld, entry);
-#ifdef HAVE_SELINUX
- /* Set role and type if not specified on command line. */
- if (user_role == NULL)
- user_role = def_role;
- if (user_type == NULL)
- user_type = def_type;
-#endif /* HAVE_SELINUX */
- /* make sure we don't reenter loop */
- SET(ret, VALIDATE_OK);
- CLR(ret, VALIDATE_NOT_OK);
- } else {
- SET(ret, VALIDATE_NOT_OK);
- CLR(ret, VALIDATE_OK);
- }
- /* break from inside for loop */
- break;
+ if ((!do_netgr ||
+ sudo_ldap_check_user_netgroup(ld, entry, pw->pw_name)) &&
+ sudo_ldap_check_host(ld, entry)) {
+ lres->host_matches = TRUE;
+ sudo_ldap_result_add_entry(lres, entry);
}
}
- ldap_msgfree(result);
+ DPRINTF(("result now has %d entries", lres->nentries), 1);
}
efree(filt);
}
-done:
- DPRINTF(("user_matches=%d", ldap_user_matches), 1);
- DPRINTF(("host_matches=%d", ldap_host_matches), 1);
+ /* Sort the entries by the sudoOrder attribute. */
+ DPRINTF(("sorting remaining %d entries", lres->nentries), 1);
+ qsort(lres->entries, lres->nentries, sizeof(lres->entries[0]),
+ ldap_entry_compare);
- if (!ISSET(ret, VALIDATE_OK)) {
- /* we do not have a match */
- if (pwflag && list_pw == NULL)
- SET(ret, FLAG_NO_CHECK);
- }
- if (ldap_user_matches)
- CLR(ret, FLAG_NO_USER);
- if (ldap_host_matches)
- CLR(ret, FLAG_NO_HOST);
- DPRINTF(("sudo_ldap_lookup(%d)=0x%02x", pwflag, ret), 1);
+ /* Store everything in the sudo_nss handle. */
+ handle->result = lres;
+ handle->username = estrdup(pw->pw_name);
+ handle->groups = user_groups;
- return(ret);
+ return lres;
}
/*
- * shut down LDAP connection
+ * Shut down the LDAP connection.
*/
static int
sudo_ldap_close(nss)
struct sudo_nss *nss;
{
- if (nss->handle != NULL) {
- ldap_unbind_ext_s((LDAP *) nss->handle, NULL, NULL);
+ struct sudo_ldap_handle *handle = nss->handle;
+
+ if (handle != NULL) {
+ /* Free the result before unbinding; it may use the LDAP connection. */
+ sudo_ldap_result_free_nss(nss);
+
+ /* Unbind and close the LDAP connection. */
+ if (handle->ld != NULL) {
+ ldap_unbind_ext_s(handle->ld, NULL, NULL);
+ handle->ld = NULL;
+ }
+
+ /* Free the handle container. */
+ efree(nss->handle);
nss->handle = NULL;
}
- return(0);
+ return 0;
}
/*
@@ -2045,5 +2467,46 @@
sudo_ldap_parse(nss)
struct sudo_nss *nss;
{
- return(0);
+ return 0;
}
+
+#if 0
+/*
+ * Create an ldap_result from an LDAP search result.
+ *
+ * This function is currently not used anywhere, it is left here as
+ * an example of how to use the cached searches.
+ */
+static struct ldap_result *
+sudo_ldap_result_from_search(ldap, searchresult)
+ LDAP *ldap;
+ LDAPMessage *searchresult;
+{
+ /*
+ * An ldap_result is built from several search results, which are
+ * organized in a list. The head of the list is maintained in the
+ * ldap_result structure, together with the wrappers that point
+ * to individual entries, this has to be initialized first.
+ */
+ struct ldap_result *result = sudo_ldap_result_alloc();
+
+ /*
+ * Build a new list node for the search result, this creates the
+ * list node.
+ */
+ struct ldap_search_list *last = sudo_ldap_result_add_search(result,
+ ldap, searchresult);
+
+ /*
+ * Now add each entry in the search result to the array of of entries
+ * in the ldap_result object.
+ */
+ LDAPMessage *entry;
+ LDAP_FOREACH(entry, last->ldap, last->searchresult) {
+ sudo_ldap_result_add_entry(result, entry);
+ }
+ DPRINTF(("sudo_ldap_result_from_search: %d entries found",
+ result->nentries), 2);
+ return result;
+}
+#endif
Deleted: trunk/contrib/sudo/libtool
===================================================================
--- trunk/contrib/sudo/libtool 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/libtool 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,8891 +0,0 @@
-#! /bin/sh
-
-# libtool - Provide generalized library-building support services.
-# Generated automatically by config.status ()
-# Libtool was configured on host defiant.midnightbsd.org:
-# NOTE: Changes made to this file will be lost: look at ltmain.sh.
-#
-# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005,
-# 2006, 2007, 2008 Free Software Foundation, Inc.
-# Written by Gordon Matzigkeit, 1996
-#
-# This file is part of GNU Libtool.
-#
-# GNU Libtool is free software; you can redistribute it and/or
-# modify it under the terms of the GNU General Public License as
-# published by the Free Software Foundation; either version 2 of
-# the License, or (at your option) any later version.
-#
-# As a special exception to the GNU General Public License,
-# if you distribute this file as part of a program or library that
-# is built using GNU Libtool, you may include this file under the
-# same distribution terms that you use for the rest of that program.
-#
-# GNU Libtool is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with GNU Libtool; see the file COPYING. If not, a copy
-# can be downloaded from http://www.gnu.org/licenses/gpl.html, or
-# obtained by writing to the Free Software Foundation, Inc.,
-# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-
-
-# The names of the tagged configurations supported by this script.
-available_tags=""
-
-# ### BEGIN LIBTOOL CONFIG
-
-# Which release of libtool.m4 was used?
-macro_version=2.2.6b
-macro_revision=1.3017
-
-# Whether or not to build shared libraries.
-build_libtool_libs=yes
-
-# Whether or not to build static libraries.
-build_old_libs=yes
-
-# What type of objects to build.
-pic_mode=default
-
-# Whether or not to optimize for fast installation.
-fast_install=needless
-
-# The host system.
-host_alias=
-host=i386-midnightbsd-freebsd7.0
-host_os=freebsd7.0
-
-# The build system.
-build_alias=i386-midnightbsd-freebsd7.0
-build=i386-midnightbsd-freebsd7.0
-build_os=freebsd7.0
-
-# A sed program that does not truncate output.
-SED="/usr/bin/sed"
-
-# Sed that helps us avoid accidentally triggering echo(1) options like -n.
-Xsed="$SED -e 1s/^X//"
-
-# A grep program that handles long lines.
-GREP="/usr/bin/grep"
-
-# An ERE matcher.
-EGREP="/usr/bin/grep -E"
-
-# A literal string matcher.
-FGREP="/usr/bin/grep -F"
-
-# A BSD- or MS-compatible name lister.
-NM="/usr/bin/nm -B"
-
-# Whether we need soft or hard links.
-LN_S="ln -s"
-
-# What is the maximum length of a command?
-max_cmd_len=196608
-
-# Object file suffix (normally "o").
-objext=o
-
-# Executable file suffix (normally "").
-exeext=
-
-# whether the shell understands "unset".
-lt_unset=unset
-
-# turn spaces into newlines.
-SP2NL="tr \\040 \\012"
-
-# turn newlines into spaces.
-NL2SP="tr \\015\\012 \\040\\040"
-
-# How to create reloadable object files.
-reload_flag=" -r"
-reload_cmds="\$LD\$reload_flag -o \$output\$reload_objs"
-
-# An object symbol dumper.
-OBJDUMP="objdump"
-
-# Method to check whether dependent libraries are shared objects.
-deplibs_check_method="pass_all"
-
-# Command to use when deplibs_check_method == "file_magic".
-file_magic_cmd="\$MAGIC_CMD"
-
-# The archiver.
-AR="ar"
-AR_FLAGS="cru"
-
-# A symbol stripping program.
-STRIP="strip"
-
-# Commands used to install an old-style archive.
-RANLIB="ranlib"
-old_postinstall_cmds="chmod 644 \$oldlib~\$RANLIB \$oldlib"
-old_postuninstall_cmds=""
-
-# A C compiler.
-LTCC="gcc"
-
-# LTCC compiler flags.
-LTCFLAGS="-O2"
-
-# Take the output of nm and produce a listing of raw symbols and C names.
-global_symbol_pipe="sed -n -e 's/^.*[ ]\\([ABCDGIRSTW][ABCDGIRSTW]*\\)[ ][ ]*\\([_A-Za-z][_A-Za-z0-9]*\\)\$/\\1 \\2 \\2/p'"
-
-# Transform the output of nm in a proper C declaration.
-global_symbol_to_cdecl="sed -n -e 's/^T .* \\(.*\\)\$/extern int \\1();/p' -e 's/^[ABCDGIRSTW]* .* \\(.*\\)\$/extern char \\1;/p'"
-
-# Transform the output of nm in a C name address pair.
-global_symbol_to_c_name_address="sed -n -e 's/^: \\([^ ]*\\) \$/ {\\\"\\1\\\", (void *) 0},/p' -e 's/^[ABCDGIRSTW]* \\([^ ]*\\) \\([^ ]*\\)\$/ {\"\\2\", (void *) \\&\\2},/p'"
-
-# Transform the output of nm in a C name address pair when lib prefix is needed.
-global_symbol_to_c_name_address_lib_prefix="sed -n -e 's/^: \\([^ ]*\\) \$/ {\\\"\\1\\\", (void *) 0},/p' -e 's/^[ABCDGIRSTW]* \\([^ ]*\\) \\(lib[^ ]*\\)\$/ {\"\\2\", (void *) \\&\\2},/p' -e 's/^[ABCDGIRSTW]* \\([^ ]*\\) \\([^ ]*\\)\$/ {\"lib\\2\", (void *) \\&\\2},/p'"
-
-# The name of the directory that contains temporary libtool files.
-objdir=.libs
-
-# Shell to use when invoking shell scripts.
-SHELL="/bin/sh"
-
-# An echo program that does not interpret backslashes.
-ECHO="echo"
-
-# Used to examine libraries when file_magic_cmd begins with "file".
-MAGIC_CMD=file
-
-# Must we lock files when doing compilation?
-need_locks="no"
-
-# Tool to manipulate archived DWARF debug symbol files on Mac OS X.
-DSYMUTIL=""
-
-# Tool to change global to local symbols on Mac OS X.
-NMEDIT=""
-
-# Tool to manipulate fat objects and archives on Mac OS X.
-LIPO=""
-
-# ldd/readelf like tool for Mach-O binaries on Mac OS X.
-OTOOL=""
-
-# ldd/readelf like tool for 64 bit Mach-O binaries on Mac OS X 10.4.
-OTOOL64=""
-
-# Old archive suffix (normally "a").
-libext=a
-
-# Shared library suffix (normally ".so").
-shrext_cmds=".so"
-
-# The commands to extract the exported symbol list from a shared archive.
-extract_expsyms_cmds=""
-
-# Variables whose values should be saved in libtool wrapper scripts and
-# restored at link time.
-variables_saved_for_relink="PATH LD_LIBRARY_PATH LD_RUN_PATH GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH"
-
-# Do we need the "lib" prefix for modules?
-need_lib_prefix=no
-
-# Do we need a version for libraries?
-need_version=no
-
-# Library versioning type.
-version_type=freebsd-elf
-
-# Shared library runtime path variable.
-runpath_var=LD_RUN_PATH
-
-# Shared library path variable.
-shlibpath_var=LD_LIBRARY_PATH
-
-# Is shlibpath searched before the hard-coded library search path?
-shlibpath_overrides_runpath=yes
-
-# Format of library name prefix.
-libname_spec="lib\$name"
-
-# List of archive names. First name is the real one, the rest are links.
-# The last name is the one that the linker finds with -lNAME
-library_names_spec="\${libname}\${release}\${shared_ext}\$versuffix \${libname}\${release}\${shared_ext} \$libname\${shared_ext}"
-
-# The coded name of the library, if different from the real name.
-soname_spec=""
-
-# Command to use after installation of a shared archive.
-postinstall_cmds=""
-
-# Command to use after uninstallation of a shared archive.
-postuninstall_cmds=""
-
-# Commands used to finish a libtool library installation in a directory.
-finish_cmds=""
-
-# As "finish_cmds", except a single script fragment to be evaled but
-# not shown.
-finish_eval=""
-
-# Whether we should hardcode library paths into libraries.
-hardcode_into_libs=yes
-
-# Compile-time system search path for libraries.
-sys_lib_search_path_spec="/usr/lib"
-
-# Run-time system search path for libraries.
-sys_lib_dlsearch_path_spec="/lib /usr/lib"
-
-# Whether dlopen is supported.
-dlopen_support=unknown
-
-# Whether dlopen of programs is supported.
-dlopen_self=unknown
-
-# Whether dlopen of statically linked programs is supported.
-dlopen_self_static=unknown
-
-# Commands to strip libraries.
-old_striplib="strip --strip-debug"
-striplib="strip --strip-unneeded"
-
-
-# The linker used to build libraries.
-LD="/usr/bin/ld"
-
-# Commands used to build an old-style archive.
-old_archive_cmds="\$AR \$AR_FLAGS \$oldlib\$oldobjs~\$RANLIB \$oldlib"
-
-# A language specific compiler.
-CC="gcc"
-
-# Is the compiler the GNU compiler?
-with_gcc=yes
-
-# Compiler flag to turn off builtin functions.
-no_builtin_flag=" -fno-builtin"
-
-# How to pass a linker flag through the compiler.
-wl="-Wl,"
-
-# Additional compiler flags for building library objects.
-pic_flag=" -fPIC -DPIC"
-
-# Compiler flag to prevent dynamic linking.
-link_static_flag="-static"
-
-# Does compiler simultaneously support -c and -o options?
-compiler_c_o="yes"
-
-# Whether or not to add -lc for building shared libraries.
-build_libtool_need_lc=no
-
-# Whether or not to disallow shared libs when runtime libs are static.
-allow_libtool_libs_with_static_runtimes=no
-
-# Compiler flag to allow reflexive dlopens.
-export_dynamic_flag_spec="\${wl}--export-dynamic"
-
-# Compiler flag to generate shared objects directly from archives.
-whole_archive_flag_spec="\${wl}--whole-archive\$convenience \${wl}--no-whole-archive"
-
-# Whether the compiler copes with passing no objects directly.
-compiler_needs_object="no"
-
-# Create an old-style archive from a shared archive.
-old_archive_from_new_cmds=""
-
-# Create a temporary old-style archive to link instead of a shared archive.
-old_archive_from_expsyms_cmds=""
-
-# Commands used to build a shared archive.
-archive_cmds="\$CC -shared \$libobjs \$deplibs \$compiler_flags \${wl}-soname \$wl\$soname -o \$lib"
-archive_expsym_cmds="\$CC -shared \$libobjs \$deplibs \$compiler_flags \${wl}-soname \$wl\$soname \${wl}-retain-symbols-file \$wl\$export_symbols -o \$lib"
-
-# Commands used to build a loadable module if different from building
-# a shared archive.
-module_cmds=""
-module_expsym_cmds=""
-
-# Whether we are building with GNU ld or not.
-with_gnu_ld="yes"
-
-# Flag that allows shared libraries with undefined symbols to be built.
-allow_undefined_flag=""
-
-# Flag that enforces no undefined symbols.
-no_undefined_flag=""
-
-# Flag to hardcode $libdir into a binary during linking.
-# This must work even if $libdir does not exist
-hardcode_libdir_flag_spec="\${wl}-rpath \${wl}\$libdir"
-
-# If ld is used when linking, flag to hardcode $libdir into a binary
-# during linking. This must work even if $libdir does not exist.
-hardcode_libdir_flag_spec_ld=""
-
-# Whether we need a single "-rpath" flag with a separated argument.
-hardcode_libdir_separator=""
-
-# Set to "yes" if using DIR/libNAME${shared_ext} during linking hardcodes
-# DIR into the resulting binary.
-hardcode_direct=no
-
-# Set to "yes" if using DIR/libNAME${shared_ext} during linking hardcodes
-# DIR into the resulting binary and the resulting library dependency is
-# "absolute",i.e impossible to change by setting ${shlibpath_var} if the
-# library is relocated.
-hardcode_direct_absolute=no
-
-# Set to "yes" if using the -LDIR flag during linking hardcodes DIR
-# into the resulting binary.
-hardcode_minus_L=no
-
-# Set to "yes" if using SHLIBPATH_VAR=DIR during linking hardcodes DIR
-# into the resulting binary.
-hardcode_shlibpath_var=unsupported
-
-# Set to "yes" if building a shared library automatically hardcodes DIR
-# into the library and all subsequent libraries and executables linked
-# against it.
-hardcode_automatic=no
-
-# Set to yes if linker adds runtime paths of dependent libraries
-# to runtime path list.
-inherit_rpath=no
-
-# Whether libtool must link a program against all its dependency libraries.
-link_all_deplibs=unknown
-
-# Fix the shell variable $srcfile for the compiler.
-fix_srcfile_path=""
-
-# Set to "yes" if exported symbols are required.
-always_export_symbols=no
-
-# The commands to list exported symbols.
-export_symbols_cmds="\$NM \$libobjs \$convenience | \$global_symbol_pipe | \$SED 's/.* //' | sort | uniq > \$export_symbols"
-
-# Symbols that should not be listed in the preloaded symbols.
-exclude_expsyms="_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*"
-
-# Symbols that must always be exported.
-include_expsyms=""
-
-# Commands necessary for linking programs (against libraries) with templates.
-prelink_cmds=""
-
-# Specify filename containing input files.
-file_list_spec=""
-
-# How to hardcode a shared library path into an executable.
-hardcode_action=immediate
-
-# ### END LIBTOOL CONFIG
-
-# Generated from ltmain.m4sh.
-
-# ltmain.sh (GNU libtool) 2.2.6b
-# Written by Gordon Matzigkeit <gord at gnu.ai.mit.edu>, 1996
-
-# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, 2006, 2007 2008 Free Software Foundation, Inc.
-# This is free software; see the source for copying conditions. There is NO
-# warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
-
-# GNU Libtool is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-#
-# As a special exception to the GNU General Public License,
-# if you distribute this file as part of a program or library that
-# is built using GNU Libtool, you may include this file under the
-# same distribution terms that you use for the rest of that program.
-#
-# GNU Libtool is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with GNU Libtool; see the file COPYING. If not, a copy
-# can be downloaded from http://www.gnu.org/licenses/gpl.html,
-# or obtained by writing to the Free Software Foundation, Inc.,
-# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-
-# Usage: $progname [OPTION]... [MODE-ARG]...
-#
-# Provide generalized library-building support services.
-#
-# --config show all configuration variables
-# --debug enable verbose shell tracing
-# -n, --dry-run display commands without modifying any files
-# --features display basic configuration information and exit
-# --mode=MODE use operation mode MODE
-# --preserve-dup-deps don't remove duplicate dependency libraries
-# --quiet, --silent don't print informational messages
-# --tag=TAG use configuration variables from tag TAG
-# -v, --verbose print informational messages (default)
-# --version print version information
-# -h, --help print short or long help message
-#
-# MODE must be one of the following:
-#
-# clean remove files from the build directory
-# compile compile a source file into a libtool object
-# execute automatically set library path, then run a program
-# finish complete the installation of libtool libraries
-# install install libraries or executables
-# link create a library or an executable
-# uninstall remove libraries from an installed directory
-#
-# MODE-ARGS vary depending on the MODE.
-# Try `$progname --help --mode=MODE' for a more detailed description of MODE.
-#
-# When reporting a bug, please describe a test case to reproduce it and
-# include the following information:
-#
-# host-triplet: $host
-# shell: $SHELL
-# compiler: $LTCC
-# compiler flags: $LTCFLAGS
-# linker: $LD (gnu? $with_gnu_ld)
-# $progname: (GNU libtool) 2.2.6b
-# automake: $automake_version
-# autoconf: $autoconf_version
-#
-# Report bugs to <bug-libtool at gnu.org>.
-
-PROGRAM=ltmain.sh
-PACKAGE=libtool
-VERSION=2.2.6b
-TIMESTAMP=""
-package_revision=1.3017
-
-# Be Bourne compatible
-if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then
- emulate sh
- NULLCMD=:
- # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which
- # is contrary to our usage. Disable this feature.
- alias -g '${1+"$@"}'='"$@"'
- setopt NO_GLOB_SUBST
-else
- case `(set -o) 2>/dev/null` in *posix*) set -o posix;; esac
-fi
-BIN_SH=xpg4; export BIN_SH # for Tru64
-DUALCASE=1; export DUALCASE # for MKS sh
-
-# NLS nuisances: We save the old values to restore during execute mode.
-# Only set LANG and LC_ALL to C if already set.
-# These must not be set unconditionally because not all systems understand
-# e.g. LANG=C (notably SCO).
-lt_user_locale=
-lt_safe_locale=
-for lt_var in LANG LANGUAGE LC_ALL LC_CTYPE LC_COLLATE LC_MESSAGES
-do
- eval "if test \"\${$lt_var+set}\" = set; then
- save_$lt_var=\$$lt_var
- $lt_var=C
- export $lt_var
- lt_user_locale=\"$lt_var=\\\$save_\$lt_var; \$lt_user_locale\"
- lt_safe_locale=\"$lt_var=C; \$lt_safe_locale\"
- fi"
-done
-
-$lt_unset CDPATH
-
-
-
-
-
-: ${CP="cp -f"}
-: ${ECHO="echo"}
-: ${EGREP="/bin/grep -E"}
-: ${FGREP="/bin/grep -F"}
-: ${GREP="/bin/grep"}
-: ${LN_S="ln -s"}
-: ${MAKE="make"}
-: ${MKDIR="mkdir"}
-: ${MV="mv -f"}
-: ${RM="rm -f"}
-: ${SED="/bin/sed"}
-: ${SHELL="${CONFIG_SHELL-/bin/sh}"}
-: ${Xsed="$SED -e 1s/^X//"}
-
-# Global variables:
-EXIT_SUCCESS=0
-EXIT_FAILURE=1
-EXIT_MISMATCH=63 # $? = 63 is used to indicate version mismatch to missing.
-EXIT_SKIP=77 # $? = 77 is used to indicate a skipped test to automake.
-
-exit_status=$EXIT_SUCCESS
-
-# Make sure IFS has a sensible default
-lt_nl='
-'
-IFS=" $lt_nl"
-
-dirname="s,/[^/]*$,,"
-basename="s,^.*/,,"
-
-# func_dirname_and_basename file append nondir_replacement
-# perform func_basename and func_dirname in a single function
-# call:
-# dirname: Compute the dirname of FILE. If nonempty,
-# add APPEND to the result, otherwise set result
-# to NONDIR_REPLACEMENT.
-# value returned in "$func_dirname_result"
-# basename: Compute filename of FILE.
-# value retuned in "$func_basename_result"
-# Implementation must be kept synchronized with func_dirname
-# and func_basename. For efficiency, we do not delegate to
-# those functions but instead duplicate the functionality here.
-func_dirname_and_basename ()
-{
- # Extract subdirectory from the argument.
- func_dirname_result=`$ECHO "X${1}" | $Xsed -e "$dirname"`
- if test "X$func_dirname_result" = "X${1}"; then
- func_dirname_result="${3}"
- else
- func_dirname_result="$func_dirname_result${2}"
- fi
- func_basename_result=`$ECHO "X${1}" | $Xsed -e "$basename"`
-}
-
-# Generated shell functions inserted here.
-
-# func_dirname file append nondir_replacement
-# Compute the dirname of FILE. If nonempty, add APPEND to the result,
-# otherwise set result to NONDIR_REPLACEMENT.
-func_dirname ()
-{
- case ${1} in
- */*) func_dirname_result="${1%/*}${2}" ;;
- * ) func_dirname_result="${3}" ;;
- esac
-}
-
-# func_basename file
-func_basename ()
-{
- func_basename_result="${1##*/}"
-}
-
-# func_dirname_and_basename file append nondir_replacement
-# perform func_basename and func_dirname in a single function
-# call:
-# dirname: Compute the dirname of FILE. If nonempty,
-# add APPEND to the result, otherwise set result
-# to NONDIR_REPLACEMENT.
-# value returned in "$func_dirname_result"
-# basename: Compute filename of FILE.
-# value retuned in "$func_basename_result"
-# Implementation must be kept synchronized with func_dirname
-# and func_basename. For efficiency, we do not delegate to
-# those functions but instead duplicate the functionality here.
-func_dirname_and_basename ()
-{
- case ${1} in
- */*) func_dirname_result="${1%/*}${2}" ;;
- * ) func_dirname_result="${3}" ;;
- esac
- func_basename_result="${1##*/}"
-}
-
-# func_stripname prefix suffix name
-# strip PREFIX and SUFFIX off of NAME.
-# PREFIX and SUFFIX must not contain globbing or regex special
-# characters, hashes, percent signs, but SUFFIX may contain a leading
-# dot (in which case that matches only a dot).
-func_stripname ()
-{
- # pdksh 5.2.14 does not do ${X%$Y} correctly if both X and Y are
- # positional parameters, so assign one to ordinary parameter first.
- func_stripname_result=${3}
- func_stripname_result=${func_stripname_result#"${1}"}
- func_stripname_result=${func_stripname_result%"${2}"}
-}
-
-# func_opt_split
-func_opt_split ()
-{
- func_opt_split_opt=${1%%=*}
- func_opt_split_arg=${1#*=}
-}
-
-# func_lo2o object
-func_lo2o ()
-{
- case ${1} in
- *.lo) func_lo2o_result=${1%.lo}.${objext} ;;
- *) func_lo2o_result=${1} ;;
- esac
-}
-
-# func_xform libobj-or-source
-func_xform ()
-{
- func_xform_result=${1%.*}.lo
-}
-
-# func_arith arithmetic-term...
-func_arith ()
-{
- func_arith_result=$(( $* ))
-}
-
-# func_len string
-# STRING may not start with a hyphen.
-func_len ()
-{
- func_len_result=${#1}
-}
-
-
-# func_append var value
-# Append VALUE to the end of shell variable VAR.
-func_append ()
-{
- eval "$1=\$$1\$2"
-}
-
-# Generated shell functions inserted here.
-
-# Work around backward compatibility issue on IRIX 6.5. On IRIX 6.4+, sh
-# is ksh but when the shell is invoked as "sh" and the current value of
-# the _XPG environment variable is not equal to 1 (one), the special
-# positional parameter $0, within a function call, is the name of the
-# function.
-progpath="$0"
-
-# The name of this program:
-# In the unlikely event $progname began with a '-', it would play havoc with
-# func_echo (imagine progname=-n), so we prepend ./ in that case:
-func_dirname_and_basename "$progpath"
-progname=$func_basename_result
-case $progname in
- -*) progname=./$progname ;;
-esac
-
-# Make sure we have an absolute path for reexecution:
-case $progpath in
- [\\/]*|[A-Za-z]:\\*) ;;
- *[\\/]*)
- progdir=$func_dirname_result
- progdir=`cd "$progdir" && pwd`
- progpath="$progdir/$progname"
- ;;
- *)
- save_IFS="$IFS"
- IFS=:
- for progdir in $PATH; do
- IFS="$save_IFS"
- test -x "$progdir/$progname" && break
- done
- IFS="$save_IFS"
- test -n "$progdir" || progdir=`pwd`
- progpath="$progdir/$progname"
- ;;
-esac
-
-# Sed substitution that helps us do robust quoting. It backslashifies
-# metacharacters that are still active within double-quoted strings.
-Xsed="${SED}"' -e 1s/^X//'
-sed_quote_subst='s/\([`"$\\]\)/\\\1/g'
-
-# Same as above, but do not quote variable references.
-double_quote_subst='s/\(["`\\]\)/\\\1/g'
-
-# Re-`\' parameter expansions in output of double_quote_subst that were
-# `\'-ed in input to the same. If an odd number of `\' preceded a '$'
-# in input to double_quote_subst, that '$' was protected from expansion.
-# Since each input `\' is now two `\'s, look for any number of runs of
-# four `\'s followed by two `\'s and then a '$'. `\' that '$'.
-bs='\\'
-bs2='\\\\'
-bs4='\\\\\\\\'
-dollar='\$'
-sed_double_backslash="\
- s/$bs4/&\\
-/g
- s/^$bs2$dollar/$bs&/
- s/\\([^$bs]\\)$bs2$dollar/\\1$bs2$bs$dollar/g
- s/\n//g"
-
-# Standard options:
-opt_dry_run=false
-opt_help=false
-opt_quiet=false
-opt_verbose=false
-opt_warning=:
-
-# func_echo arg...
-# Echo program name prefixed message, along with the current mode
-# name if it has been set yet.
-func_echo ()
-{
- $ECHO "$progname${mode+: }$mode: $*"
-}
-
-# func_verbose arg...
-# Echo program name prefixed message in verbose mode only.
-func_verbose ()
-{
- $opt_verbose && func_echo ${1+"$@"}
-
- # A bug in bash halts the script if the last line of a function
- # fails when set -e is in force, so we need another command to
- # work around that:
- :
-}
-
-# func_error arg...
-# Echo program name prefixed message to standard error.
-func_error ()
-{
- $ECHO "$progname${mode+: }$mode: "${1+"$@"} 1>&2
-}
-
-# func_warning arg...
-# Echo program name prefixed warning message to standard error.
-func_warning ()
-{
- $opt_warning && $ECHO "$progname${mode+: }$mode: warning: "${1+"$@"} 1>&2
-
- # bash bug again:
- :
-}
-
-# func_fatal_error arg...
-# Echo program name prefixed message to standard error, and exit.
-func_fatal_error ()
-{
- func_error ${1+"$@"}
- exit $EXIT_FAILURE
-}
-
-# func_fatal_help arg...
-# Echo program name prefixed message to standard error, followed by
-# a help hint, and exit.
-func_fatal_help ()
-{
- func_error ${1+"$@"}
- func_fatal_error "$help"
-}
-help="Try \`$progname --help' for more information." ## default
-
-
-# func_grep expression filename
-# Check whether EXPRESSION matches any line of FILENAME, without output.
-func_grep ()
-{
- $GREP "$1" "$2" >/dev/null 2>&1
-}
-
-
-# func_mkdir_p directory-path
-# Make sure the entire path to DIRECTORY-PATH is available.
-func_mkdir_p ()
-{
- my_directory_path="$1"
- my_dir_list=
-
- if test -n "$my_directory_path" && test "$opt_dry_run" != ":"; then
-
- # Protect directory names starting with `-'
- case $my_directory_path in
- -*) my_directory_path="./$my_directory_path" ;;
- esac
-
- # While some portion of DIR does not yet exist...
- while test ! -d "$my_directory_path"; do
- # ...make a list in topmost first order. Use a colon delimited
- # list incase some portion of path contains whitespace.
- my_dir_list="$my_directory_path:$my_dir_list"
-
- # If the last portion added has no slash in it, the list is done
- case $my_directory_path in */*) ;; *) break ;; esac
-
- # ...otherwise throw away the child directory and loop
- my_directory_path=`$ECHO "X$my_directory_path" | $Xsed -e "$dirname"`
- done
- my_dir_list=`$ECHO "X$my_dir_list" | $Xsed -e 's,:*$,,'`
-
- save_mkdir_p_IFS="$IFS"; IFS=':'
- for my_dir in $my_dir_list; do
- IFS="$save_mkdir_p_IFS"
- # mkdir can fail with a `File exist' error if two processes
- # try to create one of the directories concurrently. Don't
- # stop in that case!
- $MKDIR "$my_dir" 2>/dev/null || :
- done
- IFS="$save_mkdir_p_IFS"
-
- # Bail out if we (or some other process) failed to create a directory.
- test -d "$my_directory_path" || \
- func_fatal_error "Failed to create \`$1'"
- fi
-}
-
-
-# func_mktempdir [string]
-# Make a temporary directory that won't clash with other running
-# libtool processes, and avoids race conditions if possible. If
-# given, STRING is the basename for that directory.
-func_mktempdir ()
-{
- my_template="${TMPDIR-/tmp}/${1-$progname}"
-
- if test "$opt_dry_run" = ":"; then
- # Return a directory name, but don't create it in dry-run mode
- my_tmpdir="${my_template}-$$"
- else
-
- # If mktemp works, use that first and foremost
- my_tmpdir=`mktemp -d "${my_template}-XXXXXXXX" 2>/dev/null`
-
- if test ! -d "$my_tmpdir"; then
- # Failing that, at least try and use $RANDOM to avoid a race
- my_tmpdir="${my_template}-${RANDOM-0}$$"
-
- save_mktempdir_umask=`umask`
- umask 0077
- $MKDIR "$my_tmpdir"
- umask $save_mktempdir_umask
- fi
-
- # If we're not in dry-run mode, bomb out on failure
- test -d "$my_tmpdir" || \
- func_fatal_error "cannot create temporary directory \`$my_tmpdir'"
- fi
-
- $ECHO "X$my_tmpdir" | $Xsed
-}
-
-
-# func_quote_for_eval arg
-# Aesthetically quote ARG to be evaled later.
-# This function returns two values: FUNC_QUOTE_FOR_EVAL_RESULT
-# is double-quoted, suitable for a subsequent eval, whereas
-# FUNC_QUOTE_FOR_EVAL_UNQUOTED_RESULT has merely all characters
-# which are still active within double quotes backslashified.
-func_quote_for_eval ()
-{
- case $1 in
- *[\\\`\"\$]*)
- func_quote_for_eval_unquoted_result=`$ECHO "X$1" | $Xsed -e "$sed_quote_subst"` ;;
- *)
- func_quote_for_eval_unquoted_result="$1" ;;
- esac
-
- case $func_quote_for_eval_unquoted_result in
- # Double-quote args containing shell metacharacters to delay
- # word splitting, command substitution and and variable
- # expansion for a subsequent eval.
- # Many Bourne shells cannot handle close brackets correctly
- # in scan sets, so we specify it separately.
- *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"")
- func_quote_for_eval_result="\"$func_quote_for_eval_unquoted_result\""
- ;;
- *)
- func_quote_for_eval_result="$func_quote_for_eval_unquoted_result"
- esac
-}
-
-
-# func_quote_for_expand arg
-# Aesthetically quote ARG to be evaled later; same as above,
-# but do not quote variable references.
-func_quote_for_expand ()
-{
- case $1 in
- *[\\\`\"]*)
- my_arg=`$ECHO "X$1" | $Xsed \
- -e "$double_quote_subst" -e "$sed_double_backslash"` ;;
- *)
- my_arg="$1" ;;
- esac
-
- case $my_arg in
- # Double-quote args containing shell metacharacters to delay
- # word splitting and command substitution for a subsequent eval.
- # Many Bourne shells cannot handle close brackets correctly
- # in scan sets, so we specify it separately.
- *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"")
- my_arg="\"$my_arg\""
- ;;
- esac
-
- func_quote_for_expand_result="$my_arg"
-}
-
-
-# func_show_eval cmd [fail_exp]
-# Unless opt_silent is true, then output CMD. Then, if opt_dryrun is
-# not true, evaluate CMD. If the evaluation of CMD fails, and FAIL_EXP
-# is given, then evaluate it.
-func_show_eval ()
-{
- my_cmd="$1"
- my_fail_exp="${2-:}"
-
- ${opt_silent-false} || {
- func_quote_for_expand "$my_cmd"
- eval "func_echo $func_quote_for_expand_result"
- }
-
- if ${opt_dry_run-false}; then :; else
- eval "$my_cmd"
- my_status=$?
- if test "$my_status" -eq 0; then :; else
- eval "(exit $my_status); $my_fail_exp"
- fi
- fi
-}
-
-
-# func_show_eval_locale cmd [fail_exp]
-# Unless opt_silent is true, then output CMD. Then, if opt_dryrun is
-# not true, evaluate CMD. If the evaluation of CMD fails, and FAIL_EXP
-# is given, then evaluate it. Use the saved locale for evaluation.
-func_show_eval_locale ()
-{
- my_cmd="$1"
- my_fail_exp="${2-:}"
-
- ${opt_silent-false} || {
- func_quote_for_expand "$my_cmd"
- eval "func_echo $func_quote_for_expand_result"
- }
-
- if ${opt_dry_run-false}; then :; else
- eval "$lt_user_locale
- $my_cmd"
- my_status=$?
- eval "$lt_safe_locale"
- if test "$my_status" -eq 0; then :; else
- eval "(exit $my_status); $my_fail_exp"
- fi
- fi
-}
-
-
-
-
-
-# func_version
-# Echo version message to standard output and exit.
-func_version ()
-{
- $SED -n '/^# '$PROGRAM' (GNU /,/# warranty; / {
- s/^# //
- s/^# *$//
- s/\((C)\)[ 0-9,-]*\( [1-9][0-9]*\)/\1\2/
- p
- }' < "$progpath"
- exit $?
-}
-
-# func_usage
-# Echo short help message to standard output and exit.
-func_usage ()
-{
- $SED -n '/^# Usage:/,/# -h/ {
- s/^# //
- s/^# *$//
- s/\$progname/'$progname'/
- p
- }' < "$progpath"
- $ECHO
- $ECHO "run \`$progname --help | more' for full usage"
- exit $?
-}
-
-# func_help
-# Echo long help message to standard output and exit.
-func_help ()
-{
- $SED -n '/^# Usage:/,/# Report bugs to/ {
- s/^# //
- s/^# *$//
- s*\$progname*'$progname'*
- s*\$host*'"$host"'*
- s*\$SHELL*'"$SHELL"'*
- s*\$LTCC*'"$LTCC"'*
- s*\$LTCFLAGS*'"$LTCFLAGS"'*
- s*\$LD*'"$LD"'*
- s/\$with_gnu_ld/'"$with_gnu_ld"'/
- s/\$automake_version/'"`(automake --version) 2>/dev/null |$SED 1q`"'/
- s/\$autoconf_version/'"`(autoconf --version) 2>/dev/null |$SED 1q`"'/
- p
- }' < "$progpath"
- exit $?
-}
-
-# func_missing_arg argname
-# Echo program name prefixed message to standard error and set global
-# exit_cmd.
-func_missing_arg ()
-{
- func_error "missing argument for $1"
- exit_cmd=exit
-}
-
-exit_cmd=:
-
-
-
-
-
-# Check that we have a working $ECHO.
-if test "X$1" = X--no-reexec; then
- # Discard the --no-reexec flag, and continue.
- shift
-elif test "X$1" = X--fallback-echo; then
- # Avoid inline document here, it may be left over
- :
-elif test "X`{ $ECHO '\t'; } 2>/dev/null`" = 'X\t'; then
- # Yippee, $ECHO works!
- :
-else
- # Restart under the correct shell, and then maybe $ECHO will work.
- exec $SHELL "$progpath" --no-reexec ${1+"$@"}
-fi
-
-if test "X$1" = X--fallback-echo; then
- # used as fallback echo
- shift
- cat <<EOF
-$*
-EOF
- exit $EXIT_SUCCESS
-fi
-
-magic="%%%MAGIC variable%%%"
-magic_exe="%%%MAGIC EXE variable%%%"
-
-# Global variables.
-# $mode is unset
-nonopt=
-execute_dlfiles=
-preserve_args=
-lo2o="s/\\.lo\$/.${objext}/"
-o2lo="s/\\.${objext}\$/.lo/"
-extracted_archives=
-extracted_serial=0
-
-opt_dry_run=false
-opt_duplicate_deps=false
-opt_silent=false
-opt_debug=:
-
-# If this variable is set in any of the actions, the command in it
-# will be execed at the end. This prevents here-documents from being
-# left over by shells.
-exec_cmd=
-
-# func_fatal_configuration arg...
-# Echo program name prefixed message to standard error, followed by
-# a configuration failure hint, and exit.
-func_fatal_configuration ()
-{
- func_error ${1+"$@"}
- func_error "See the $PACKAGE documentation for more information."
- func_fatal_error "Fatal configuration error."
-}
-
-
-# func_config
-# Display the configuration for all the tags in this script.
-func_config ()
-{
- re_begincf='^# ### BEGIN LIBTOOL'
- re_endcf='^# ### END LIBTOOL'
-
- # Default configuration.
- $SED "1,/$re_begincf CONFIG/d;/$re_endcf CONFIG/,\$d" < "$progpath"
-
- # Now print the configurations for the tags.
- for tagname in $taglist; do
- $SED -n "/$re_begincf TAG CONFIG: $tagname\$/,/$re_endcf TAG CONFIG: $tagname\$/p" < "$progpath"
- done
-
- exit $?
-}
-
-# func_features
-# Display the features supported by this script.
-func_features ()
-{
- $ECHO "host: $host"
- if test "$build_libtool_libs" = yes; then
- $ECHO "enable shared libraries"
- else
- $ECHO "disable shared libraries"
- fi
- if test "$build_old_libs" = yes; then
- $ECHO "enable static libraries"
- else
- $ECHO "disable static libraries"
- fi
-
- exit $?
-}
-
-# func_enable_tag tagname
-# Verify that TAGNAME is valid, and either flag an error and exit, or
-# enable the TAGNAME tag. We also add TAGNAME to the global $taglist
-# variable here.
-func_enable_tag ()
-{
- # Global variable:
- tagname="$1"
-
- re_begincf="^# ### BEGIN LIBTOOL TAG CONFIG: $tagname\$"
- re_endcf="^# ### END LIBTOOL TAG CONFIG: $tagname\$"
- sed_extractcf="/$re_begincf/,/$re_endcf/p"
-
- # Validate tagname.
- case $tagname in
- *[!-_A-Za-z0-9,/]*)
- func_fatal_error "invalid tag name: $tagname"
- ;;
- esac
-
- # Don't test for the "default" C tag, as we know it's
- # there but not specially marked.
- case $tagname in
- CC) ;;
- *)
- if $GREP "$re_begincf" "$progpath" >/dev/null 2>&1; then
- taglist="$taglist $tagname"
-
- # Evaluate the configuration. Be careful to quote the path
- # and the sed script, to avoid splitting on whitespace, but
- # also don't use non-portable quotes within backquotes within
- # quotes we have to do it in 2 steps:
- extractedcf=`$SED -n -e "$sed_extractcf" < "$progpath"`
- eval "$extractedcf"
- else
- func_error "ignoring unknown tag $tagname"
- fi
- ;;
- esac
-}
-
-# Parse options once, thoroughly. This comes as soon as possible in
-# the script to make things like `libtool --version' happen quickly.
-{
-
- # Shorthand for --mode=foo, only valid as the first argument
- case $1 in
- clean|clea|cle|cl)
- shift; set dummy --mode clean ${1+"$@"}; shift
- ;;
- compile|compil|compi|comp|com|co|c)
- shift; set dummy --mode compile ${1+"$@"}; shift
- ;;
- execute|execut|execu|exec|exe|ex|e)
- shift; set dummy --mode execute ${1+"$@"}; shift
- ;;
- finish|finis|fini|fin|fi|f)
- shift; set dummy --mode finish ${1+"$@"}; shift
- ;;
- install|instal|insta|inst|ins|in|i)
- shift; set dummy --mode install ${1+"$@"}; shift
- ;;
- link|lin|li|l)
- shift; set dummy --mode link ${1+"$@"}; shift
- ;;
- uninstall|uninstal|uninsta|uninst|unins|unin|uni|un|u)
- shift; set dummy --mode uninstall ${1+"$@"}; shift
- ;;
- esac
-
- # Parse non-mode specific arguments:
- while test "$#" -gt 0; do
- opt="$1"
- shift
-
- case $opt in
- --config) func_config ;;
-
- --debug) preserve_args="$preserve_args $opt"
- func_echo "enabling shell trace mode"
- opt_debug='set -x'
- $opt_debug
- ;;
-
- -dlopen) test "$#" -eq 0 && func_missing_arg "$opt" && break
- execute_dlfiles="$execute_dlfiles $1"
- shift
- ;;
-
- --dry-run | -n) opt_dry_run=: ;;
- --features) func_features ;;
- --finish) mode="finish" ;;
-
- --mode) test "$#" -eq 0 && func_missing_arg "$opt" && break
- case $1 in
- # Valid mode arguments:
- clean) ;;
- compile) ;;
- execute) ;;
- finish) ;;
- install) ;;
- link) ;;
- relink) ;;
- uninstall) ;;
-
- # Catch anything else as an error
- *) func_error "invalid argument for $opt"
- exit_cmd=exit
- break
- ;;
- esac
-
- mode="$1"
- shift
- ;;
-
- --preserve-dup-deps)
- opt_duplicate_deps=: ;;
-
- --quiet|--silent) preserve_args="$preserve_args $opt"
- opt_silent=:
- ;;
-
- --verbose| -v) preserve_args="$preserve_args $opt"
- opt_silent=false
- ;;
-
- --tag) test "$#" -eq 0 && func_missing_arg "$opt" && break
- preserve_args="$preserve_args $opt $1"
- func_enable_tag "$1" # tagname is set here
- shift
- ;;
-
- # Separate optargs to long options:
- -dlopen=*|--mode=*|--tag=*)
- func_opt_split "$opt"
- set dummy "$func_opt_split_opt" "$func_opt_split_arg" ${1+"$@"}
- shift
- ;;
-
- -\?|-h) func_usage ;;
- --help) opt_help=: ;;
- --version) func_version ;;
-
- -*) func_fatal_help "unrecognized option \`$opt'" ;;
-
- *) nonopt="$opt"
- break
- ;;
- esac
- done
-
-
- case $host in
- *cygwin* | *mingw* | *pw32* | *cegcc*)
- # don't eliminate duplications in $postdeps and $predeps
- opt_duplicate_compiler_generated_deps=:
- ;;
- *)
- opt_duplicate_compiler_generated_deps=$opt_duplicate_deps
- ;;
- esac
-
- # Having warned about all mis-specified options, bail out if
- # anything was wrong.
- $exit_cmd $EXIT_FAILURE
-}
-
-# func_check_version_match
-# Ensure that we are using m4 macros, and libtool script from the same
-# release of libtool.
-func_check_version_match ()
-{
- if test "$package_revision" != "$macro_revision"; then
- if test "$VERSION" != "$macro_version"; then
- if test -z "$macro_version"; then
- cat >&2 <<_LT_EOF
-$progname: Version mismatch error. This is $PACKAGE $VERSION, but the
-$progname: definition of this LT_INIT comes from an older release.
-$progname: You should recreate aclocal.m4 with macros from $PACKAGE $VERSION
-$progname: and run autoconf again.
-_LT_EOF
- else
- cat >&2 <<_LT_EOF
-$progname: Version mismatch error. This is $PACKAGE $VERSION, but the
-$progname: definition of this LT_INIT comes from $PACKAGE $macro_version.
-$progname: You should recreate aclocal.m4 with macros from $PACKAGE $VERSION
-$progname: and run autoconf again.
-_LT_EOF
- fi
- else
- cat >&2 <<_LT_EOF
-$progname: Version mismatch error. This is $PACKAGE $VERSION, revision $package_revision,
-$progname: but the definition of this LT_INIT comes from revision $macro_revision.
-$progname: You should recreate aclocal.m4 with macros from revision $package_revision
-$progname: of $PACKAGE $VERSION and run autoconf again.
-_LT_EOF
- fi
-
- exit $EXIT_MISMATCH
- fi
-}
-
-
-## ----------- ##
-## Main. ##
-## ----------- ##
-
-$opt_help || {
- # Sanity checks first:
- func_check_version_match
-
- if test "$build_libtool_libs" != yes && test "$build_old_libs" != yes; then
- func_fatal_configuration "not configured to build any kind of library"
- fi
-
- test -z "$mode" && func_fatal_error "error: you must specify a MODE."
-
-
- # Darwin sucks
- eval std_shrext=\"$shrext_cmds\"
-
-
- # Only execute mode is allowed to have -dlopen flags.
- if test -n "$execute_dlfiles" && test "$mode" != execute; then
- func_error "unrecognized option \`-dlopen'"
- $ECHO "$help" 1>&2
- exit $EXIT_FAILURE
- fi
-
- # Change the help message to a mode-specific one.
- generic_help="$help"
- help="Try \`$progname --help --mode=$mode' for more information."
-}
-
-
-# func_lalib_p file
-# True iff FILE is a libtool `.la' library or `.lo' object file.
-# This function is only a basic sanity check; it will hardly flush out
-# determined imposters.
-func_lalib_p ()
-{
- test -f "$1" &&
- $SED -e 4q "$1" 2>/dev/null \
- | $GREP "^# Generated by .*$PACKAGE" > /dev/null 2>&1
-}
-
-# func_lalib_unsafe_p file
-# True iff FILE is a libtool `.la' library or `.lo' object file.
-# This function implements the same check as func_lalib_p without
-# resorting to external programs. To this end, it redirects stdin and
-# closes it afterwards, without saving the original file descriptor.
-# As a safety measure, use it only where a negative result would be
-# fatal anyway. Works if `file' does not exist.
-func_lalib_unsafe_p ()
-{
- lalib_p=no
- if test -f "$1" && test -r "$1" && exec 5<&0 <"$1"; then
- for lalib_p_l in 1 2 3 4
- do
- read lalib_p_line
- case "$lalib_p_line" in
- \#\ Generated\ by\ *$PACKAGE* ) lalib_p=yes; break;;
- esac
- done
- exec 0<&5 5<&-
- fi
- test "$lalib_p" = yes
-}
-
-# func_ltwrapper_script_p file
-# True iff FILE is a libtool wrapper script
-# This function is only a basic sanity check; it will hardly flush out
-# determined imposters.
-func_ltwrapper_script_p ()
-{
- func_lalib_p "$1"
-}
-
-# func_ltwrapper_executable_p file
-# True iff FILE is a libtool wrapper executable
-# This function is only a basic sanity check; it will hardly flush out
-# determined imposters.
-func_ltwrapper_executable_p ()
-{
- func_ltwrapper_exec_suffix=
- case $1 in
- *.exe) ;;
- *) func_ltwrapper_exec_suffix=.exe ;;
- esac
- $GREP "$magic_exe" "$1$func_ltwrapper_exec_suffix" >/dev/null 2>&1
-}
-
-# func_ltwrapper_scriptname file
-# Assumes file is an ltwrapper_executable
-# uses $file to determine the appropriate filename for a
-# temporary ltwrapper_script.
-func_ltwrapper_scriptname ()
-{
- func_ltwrapper_scriptname_result=""
- if func_ltwrapper_executable_p "$1"; then
- func_dirname_and_basename "$1" "" "."
- func_stripname '' '.exe' "$func_basename_result"
- func_ltwrapper_scriptname_result="$func_dirname_result/$objdir/${func_stripname_result}_ltshwrapper"
- fi
-}
-
-# func_ltwrapper_p file
-# True iff FILE is a libtool wrapper script or wrapper executable
-# This function is only a basic sanity check; it will hardly flush out
-# determined imposters.
-func_ltwrapper_p ()
-{
- func_ltwrapper_script_p "$1" || func_ltwrapper_executable_p "$1"
-}
-
-
-# func_execute_cmds commands fail_cmd
-# Execute tilde-delimited COMMANDS.
-# If FAIL_CMD is given, eval that upon failure.
-# FAIL_CMD may read-access the current command in variable CMD!
-func_execute_cmds ()
-{
- $opt_debug
- save_ifs=$IFS; IFS='~'
- for cmd in $1; do
- IFS=$save_ifs
- eval cmd=\"$cmd\"
- func_show_eval "$cmd" "${2-:}"
- done
- IFS=$save_ifs
-}
-
-
-# func_source file
-# Source FILE, adding directory component if necessary.
-# Note that it is not necessary on cygwin/mingw to append a dot to
-# FILE even if both FILE and FILE.exe exist: automatic-append-.exe
-# behavior happens only for exec(3), not for open(2)! Also, sourcing
-# `FILE.' does not work on cygwin managed mounts.
-func_source ()
-{
- $opt_debug
- case $1 in
- */* | *\\*) . "$1" ;;
- *) . "./$1" ;;
- esac
-}
-
-
-# func_infer_tag arg
-# Infer tagged configuration to use if any are available and
-# if one wasn't chosen via the "--tag" command line option.
-# Only attempt this if the compiler in the base compile
-# command doesn't match the default compiler.
-# arg is usually of the form 'gcc ...'
-func_infer_tag ()
-{
- $opt_debug
- if test -n "$available_tags" && test -z "$tagname"; then
- CC_quoted=
- for arg in $CC; do
- func_quote_for_eval "$arg"
- CC_quoted="$CC_quoted $func_quote_for_eval_result"
- done
- case $@ in
- # Blanks in the command may have been stripped by the calling shell,
- # but not from the CC environment variable when configure was run.
- " $CC "* | "$CC "* | " `$ECHO $CC` "* | "`$ECHO $CC` "* | " $CC_quoted"* | "$CC_quoted "* | " `$ECHO $CC_quoted` "* | "`$ECHO $CC_quoted` "*) ;;
- # Blanks at the start of $base_compile will cause this to fail
- # if we don't check for them as well.
- *)
- for z in $available_tags; do
- if $GREP "^# ### BEGIN LIBTOOL TAG CONFIG: $z$" < "$progpath" > /dev/null; then
- # Evaluate the configuration.
- eval "`${SED} -n -e '/^# ### BEGIN LIBTOOL TAG CONFIG: '$z'$/,/^# ### END LIBTOOL TAG CONFIG: '$z'$/p' < $progpath`"
- CC_quoted=
- for arg in $CC; do
- # Double-quote args containing other shell metacharacters.
- func_quote_for_eval "$arg"
- CC_quoted="$CC_quoted $func_quote_for_eval_result"
- done
- case "$@ " in
- " $CC "* | "$CC "* | " `$ECHO $CC` "* | "`$ECHO $CC` "* | " $CC_quoted"* | "$CC_quoted "* | " `$ECHO $CC_quoted` "* | "`$ECHO $CC_quoted` "*)
- # The compiler in the base compile command matches
- # the one in the tagged configuration.
- # Assume this is the tagged configuration we want.
- tagname=$z
- break
- ;;
- esac
- fi
- done
- # If $tagname still isn't set, then no tagged configuration
- # was found and let the user know that the "--tag" command
- # line option must be used.
- if test -z "$tagname"; then
- func_echo "unable to infer tagged configuration"
- func_fatal_error "specify a tag with \`--tag'"
-# else
-# func_verbose "using $tagname tagged configuration"
- fi
- ;;
- esac
- fi
-}
-
-
-
-# func_write_libtool_object output_name pic_name nonpic_name
-# Create a libtool object file (analogous to a ".la" file),
-# but don't create it if we're doing a dry run.
-func_write_libtool_object ()
-{
- write_libobj=${1}
- if test "$build_libtool_libs" = yes; then
- write_lobj=\'${2}\'
- else
- write_lobj=none
- fi
-
- if test "$build_old_libs" = yes; then
- write_oldobj=\'${3}\'
- else
- write_oldobj=none
- fi
-
- $opt_dry_run || {
- cat >${write_libobj}T <<EOF
-# $write_libobj - a libtool object file
-# Generated by $PROGRAM (GNU $PACKAGE$TIMESTAMP) $VERSION
-#
-# Please DO NOT delete this file!
-# It is necessary for linking the library.
-
-# Name of the PIC object.
-pic_object=$write_lobj
-
-# Name of the non-PIC object
-non_pic_object=$write_oldobj
-
-EOF
- $MV "${write_libobj}T" "${write_libobj}"
- }
-}
-
-# func_mode_compile arg...
-func_mode_compile ()
-{
- $opt_debug
- # Get the compilation command and the source file.
- base_compile=
- srcfile="$nonopt" # always keep a non-empty value in "srcfile"
- suppress_opt=yes
- suppress_output=
- arg_mode=normal
- libobj=
- later=
- pie_flag=
-
- for arg
- do
- case $arg_mode in
- arg )
- # do not "continue". Instead, add this to base_compile
- lastarg="$arg"
- arg_mode=normal
- ;;
-
- target )
- libobj="$arg"
- arg_mode=normal
- continue
- ;;
-
- normal )
- # Accept any command-line options.
- case $arg in
- -o)
- test -n "$libobj" && \
- func_fatal_error "you cannot specify \`-o' more than once"
- arg_mode=target
- continue
- ;;
-
- -pie | -fpie | -fPIE)
- pie_flag="$pie_flag $arg"
- continue
- ;;
-
- -shared | -static | -prefer-pic | -prefer-non-pic)
- later="$later $arg"
- continue
- ;;
-
- -no-suppress)
- suppress_opt=no
- continue
- ;;
-
- -Xcompiler)
- arg_mode=arg # the next one goes into the "base_compile" arg list
- continue # The current "srcfile" will either be retained or
- ;; # replaced later. I would guess that would be a bug.
-
- -Wc,*)
- func_stripname '-Wc,' '' "$arg"
- args=$func_stripname_result
- lastarg=
- save_ifs="$IFS"; IFS=','
- for arg in $args; do
- IFS="$save_ifs"
- func_quote_for_eval "$arg"
- lastarg="$lastarg $func_quote_for_eval_result"
- done
- IFS="$save_ifs"
- func_stripname ' ' '' "$lastarg"
- lastarg=$func_stripname_result
-
- # Add the arguments to base_compile.
- base_compile="$base_compile $lastarg"
- continue
- ;;
-
- *)
- # Accept the current argument as the source file.
- # The previous "srcfile" becomes the current argument.
- #
- lastarg="$srcfile"
- srcfile="$arg"
- ;;
- esac # case $arg
- ;;
- esac # case $arg_mode
-
- # Aesthetically quote the previous argument.
- func_quote_for_eval "$lastarg"
- base_compile="$base_compile $func_quote_for_eval_result"
- done # for arg
-
- case $arg_mode in
- arg)
- func_fatal_error "you must specify an argument for -Xcompile"
- ;;
- target)
- func_fatal_error "you must specify a target with \`-o'"
- ;;
- *)
- # Get the name of the library object.
- test -z "$libobj" && {
- func_basename "$srcfile"
- libobj="$func_basename_result"
- }
- ;;
- esac
-
- # Recognize several different file suffixes.
- # If the user specifies -o file.o, it is replaced with file.lo
- case $libobj in
- *.[cCFSifmso] | \
- *.ada | *.adb | *.ads | *.asm | \
- *.c++ | *.cc | *.ii | *.class | *.cpp | *.cxx | \
- *.[fF][09]? | *.for | *.java | *.obj | *.sx)
- func_xform "$libobj"
- libobj=$func_xform_result
- ;;
- esac
-
- case $libobj in
- *.lo) func_lo2o "$libobj"; obj=$func_lo2o_result ;;
- *)
- func_fatal_error "cannot determine name of library object from \`$libobj'"
- ;;
- esac
-
- func_infer_tag $base_compile
-
- for arg in $later; do
- case $arg in
- -shared)
- test "$build_libtool_libs" != yes && \
- func_fatal_configuration "can not build a shared library"
- build_old_libs=no
- continue
- ;;
-
- -static)
- build_libtool_libs=no
- build_old_libs=yes
- continue
- ;;
-
- -prefer-pic)
- pic_mode=yes
- continue
- ;;
-
- -prefer-non-pic)
- pic_mode=no
- continue
- ;;
- esac
- done
-
- func_quote_for_eval "$libobj"
- test "X$libobj" != "X$func_quote_for_eval_result" \
- && $ECHO "X$libobj" | $GREP '[]~#^*{};<>?"'"'"' &()|`$[]' \
- && func_warning "libobj name \`$libobj' may not contain shell special characters."
- func_dirname_and_basename "$obj" "/" ""
- objname="$func_basename_result"
- xdir="$func_dirname_result"
- lobj=${xdir}$objdir/$objname
-
- test -z "$base_compile" && \
- func_fatal_help "you must specify a compilation command"
-
- # Delete any leftover library objects.
- if test "$build_old_libs" = yes; then
- removelist="$obj $lobj $libobj ${libobj}T"
- else
- removelist="$lobj $libobj ${libobj}T"
- fi
-
- # On Cygwin there's no "real" PIC flag so we must build both object types
- case $host_os in
- cygwin* | mingw* | pw32* | os2* | cegcc*)
- pic_mode=default
- ;;
- esac
- if test "$pic_mode" = no && test "$deplibs_check_method" != pass_all; then
- # non-PIC code in shared libraries is not supported
- pic_mode=default
- fi
-
- # Calculate the filename of the output object if compiler does
- # not support -o with -c
- if test "$compiler_c_o" = no; then
- output_obj=`$ECHO "X$srcfile" | $Xsed -e 's%^.*/%%' -e 's%\.[^.]*$%%'`.${objext}
- lockfile="$output_obj.lock"
- else
- output_obj=
- need_locks=no
- lockfile=
- fi
-
- # Lock this critical section if it is needed
- # We use this script file to make the link, it avoids creating a new file
- if test "$need_locks" = yes; then
- until $opt_dry_run || ln "$progpath" "$lockfile" 2>/dev/null; do
- func_echo "Waiting for $lockfile to be removed"
- sleep 2
- done
- elif test "$need_locks" = warn; then
- if test -f "$lockfile"; then
- $ECHO "\
-*** ERROR, $lockfile exists and contains:
-`cat $lockfile 2>/dev/null`
-
-This indicates that another process is trying to use the same
-temporary object file, and libtool could not work around it because
-your compiler does not support \`-c' and \`-o' together. If you
-repeat this compilation, it may succeed, by chance, but you had better
-avoid parallel builds (make -j) in this platform, or get a better
-compiler."
-
- $opt_dry_run || $RM $removelist
- exit $EXIT_FAILURE
- fi
- removelist="$removelist $output_obj"
- $ECHO "$srcfile" > "$lockfile"
- fi
-
- $opt_dry_run || $RM $removelist
- removelist="$removelist $lockfile"
- trap '$opt_dry_run || $RM $removelist; exit $EXIT_FAILURE' 1 2 15
-
- if test -n "$fix_srcfile_path"; then
- eval srcfile=\"$fix_srcfile_path\"
- fi
- func_quote_for_eval "$srcfile"
- qsrcfile=$func_quote_for_eval_result
-
- # Only build a PIC object if we are building libtool libraries.
- if test "$build_libtool_libs" = yes; then
- # Without this assignment, base_compile gets emptied.
- fbsd_hideous_sh_bug=$base_compile
-
- if test "$pic_mode" != no; then
- command="$base_compile $qsrcfile $pic_flag"
- else
- # Don't build PIC code
- command="$base_compile $qsrcfile"
- fi
-
- func_mkdir_p "$xdir$objdir"
-
- if test -z "$output_obj"; then
- # Place PIC objects in $objdir
- command="$command -o $lobj"
- fi
-
- func_show_eval_locale "$command" \
- 'test -n "$output_obj" && $RM $removelist; exit $EXIT_FAILURE'
-
- if test "$need_locks" = warn &&
- test "X`cat $lockfile 2>/dev/null`" != "X$srcfile"; then
- $ECHO "\
-*** ERROR, $lockfile contains:
-`cat $lockfile 2>/dev/null`
-
-but it should contain:
-$srcfile
-
-This indicates that another process is trying to use the same
-temporary object file, and libtool could not work around it because
-your compiler does not support \`-c' and \`-o' together. If you
-repeat this compilation, it may succeed, by chance, but you had better
-avoid parallel builds (make -j) in this platform, or get a better
-compiler."
-
- $opt_dry_run || $RM $removelist
- exit $EXIT_FAILURE
- fi
-
- # Just move the object if needed, then go on to compile the next one
- if test -n "$output_obj" && test "X$output_obj" != "X$lobj"; then
- func_show_eval '$MV "$output_obj" "$lobj"' \
- 'error=$?; $opt_dry_run || $RM $removelist; exit $error'
- fi
-
- # Allow error messages only from the first compilation.
- if test "$suppress_opt" = yes; then
- suppress_output=' >/dev/null 2>&1'
- fi
- fi
-
- # Only build a position-dependent object if we build old libraries.
- if test "$build_old_libs" = yes; then
- if test "$pic_mode" != yes; then
- # Don't build PIC code
- command="$base_compile $qsrcfile$pie_flag"
- else
- command="$base_compile $qsrcfile $pic_flag"
- fi
- if test "$compiler_c_o" = yes; then
- command="$command -o $obj"
- fi
-
- # Suppress compiler output if we already did a PIC compilation.
- command="$command$suppress_output"
- func_show_eval_locale "$command" \
- '$opt_dry_run || $RM $removelist; exit $EXIT_FAILURE'
-
- if test "$need_locks" = warn &&
- test "X`cat $lockfile 2>/dev/null`" != "X$srcfile"; then
- $ECHO "\
-*** ERROR, $lockfile contains:
-`cat $lockfile 2>/dev/null`
-
-but it should contain:
-$srcfile
-
-This indicates that another process is trying to use the same
-temporary object file, and libtool could not work around it because
-your compiler does not support \`-c' and \`-o' together. If you
-repeat this compilation, it may succeed, by chance, but you had better
-avoid parallel builds (make -j) in this platform, or get a better
-compiler."
-
- $opt_dry_run || $RM $removelist
- exit $EXIT_FAILURE
- fi
-
- # Just move the object if needed
- if test -n "$output_obj" && test "X$output_obj" != "X$obj"; then
- func_show_eval '$MV "$output_obj" "$obj"' \
- 'error=$?; $opt_dry_run || $RM $removelist; exit $error'
- fi
- fi
-
- $opt_dry_run || {
- func_write_libtool_object "$libobj" "$objdir/$objname" "$objname"
-
- # Unlock the critical section if it was locked
- if test "$need_locks" != no; then
- removelist=$lockfile
- $RM "$lockfile"
- fi
- }
-
- exit $EXIT_SUCCESS
-}
-
-$opt_help || {
-test "$mode" = compile && func_mode_compile ${1+"$@"}
-}
-
-func_mode_help ()
-{
- # We need to display help for each of the modes.
- case $mode in
- "")
- # Generic help is extracted from the usage comments
- # at the start of this file.
- func_help
- ;;
-
- clean)
- $ECHO \
-"Usage: $progname [OPTION]... --mode=clean RM [RM-OPTION]... FILE...
-
-Remove files from the build directory.
-
-RM is the name of the program to use to delete files associated with each FILE
-(typically \`/bin/rm'). RM-OPTIONS are options (such as \`-f') to be passed
-to RM.
-
-If FILE is a libtool library, object or program, all the files associated
-with it are deleted. Otherwise, only FILE itself is deleted using RM."
- ;;
-
- compile)
- $ECHO \
-"Usage: $progname [OPTION]... --mode=compile COMPILE-COMMAND... SOURCEFILE
-
-Compile a source file into a libtool library object.
-
-This mode accepts the following additional options:
-
- -o OUTPUT-FILE set the output file name to OUTPUT-FILE
- -no-suppress do not suppress compiler output for multiple passes
- -prefer-pic try to building PIC objects only
- -prefer-non-pic try to building non-PIC objects only
- -shared do not build a \`.o' file suitable for static linking
- -static only build a \`.o' file suitable for static linking
-
-COMPILE-COMMAND is a command to be used in creating a \`standard' object file
-from the given SOURCEFILE.
-
-The output file name is determined by removing the directory component from
-SOURCEFILE, then substituting the C source code suffix \`.c' with the
-library object suffix, \`.lo'."
- ;;
-
- execute)
- $ECHO \
-"Usage: $progname [OPTION]... --mode=execute COMMAND [ARGS]...
-
-Automatically set library path, then run a program.
-
-This mode accepts the following additional options:
-
- -dlopen FILE add the directory containing FILE to the library path
-
-This mode sets the library path environment variable according to \`-dlopen'
-flags.
-
-If any of the ARGS are libtool executable wrappers, then they are translated
-into their corresponding uninstalled binary, and any of their required library
-directories are added to the library path.
-
-Then, COMMAND is executed, with ARGS as arguments."
- ;;
-
- finish)
- $ECHO \
-"Usage: $progname [OPTION]... --mode=finish [LIBDIR]...
-
-Complete the installation of libtool libraries.
-
-Each LIBDIR is a directory that contains libtool libraries.
-
-The commands that this mode executes may require superuser privileges. Use
-the \`--dry-run' option if you just want to see what would be executed."
- ;;
-
- install)
- $ECHO \
-"Usage: $progname [OPTION]... --mode=install INSTALL-COMMAND...
-
-Install executables or libraries.
-
-INSTALL-COMMAND is the installation command. The first component should be
-either the \`install' or \`cp' program.
-
-The following components of INSTALL-COMMAND are treated specially:
-
- -inst-prefix PREFIX-DIR Use PREFIX-DIR as a staging area for installation
-
-The rest of the components are interpreted as arguments to that command (only
-BSD-compatible install options are recognized)."
- ;;
-
- link)
- $ECHO \
-"Usage: $progname [OPTION]... --mode=link LINK-COMMAND...
-
-Link object files or libraries together to form another library, or to
-create an executable program.
-
-LINK-COMMAND is a command using the C compiler that you would use to create
-a program from several object files.
-
-The following components of LINK-COMMAND are treated specially:
-
- -all-static do not do any dynamic linking at all
- -avoid-version do not add a version suffix if possible
- -dlopen FILE \`-dlpreopen' FILE if it cannot be dlopened at runtime
- -dlpreopen FILE link in FILE and add its symbols to lt_preloaded_symbols
- -export-dynamic allow symbols from OUTPUT-FILE to be resolved with dlsym(3)
- -export-symbols SYMFILE
- try to export only the symbols listed in SYMFILE
- -export-symbols-regex REGEX
- try to export only the symbols matching REGEX
- -LLIBDIR search LIBDIR for required installed libraries
- -lNAME OUTPUT-FILE requires the installed library libNAME
- -module build a library that can dlopened
- -no-fast-install disable the fast-install mode
- -no-install link a not-installable executable
- -no-undefined declare that a library does not refer to external symbols
- -o OUTPUT-FILE create OUTPUT-FILE from the specified objects
- -objectlist FILE Use a list of object files found in FILE to specify objects
- -precious-files-regex REGEX
- don't remove output files matching REGEX
- -release RELEASE specify package release information
- -rpath LIBDIR the created library will eventually be installed in LIBDIR
- -R[ ]LIBDIR add LIBDIR to the runtime path of programs and libraries
- -shared only do dynamic linking of libtool libraries
- -shrext SUFFIX override the standard shared library file extension
- -static do not do any dynamic linking of uninstalled libtool libraries
- -static-libtool-libs
- do not do any dynamic linking of libtool libraries
- -version-info CURRENT[:REVISION[:AGE]]
- specify library version info [each variable defaults to 0]
- -weak LIBNAME declare that the target provides the LIBNAME interface
-
-All other options (arguments beginning with \`-') are ignored.
-
-Every other argument is treated as a filename. Files ending in \`.la' are
-treated as uninstalled libtool libraries, other files are standard or library
-object files.
-
-If the OUTPUT-FILE ends in \`.la', then a libtool library is created,
-only library objects (\`.lo' files) may be specified, and \`-rpath' is
-required, except when creating a convenience library.
-
-If OUTPUT-FILE ends in \`.a' or \`.lib', then a standard library is created
-using \`ar' and \`ranlib', or on Windows using \`lib'.
-
-If OUTPUT-FILE ends in \`.lo' or \`.${objext}', then a reloadable object file
-is created, otherwise an executable program is created."
- ;;
-
- uninstall)
- $ECHO \
-"Usage: $progname [OPTION]... --mode=uninstall RM [RM-OPTION]... FILE...
-
-Remove libraries from an installation directory.
-
-RM is the name of the program to use to delete files associated with each FILE
-(typically \`/bin/rm'). RM-OPTIONS are options (such as \`-f') to be passed
-to RM.
-
-If FILE is a libtool library, all the files associated with it are deleted.
-Otherwise, only FILE itself is deleted using RM."
- ;;
-
- *)
- func_fatal_help "invalid operation mode \`$mode'"
- ;;
- esac
-
- $ECHO
- $ECHO "Try \`$progname --help' for more information about other modes."
-
- exit $?
-}
-
- # Now that we've collected a possible --mode arg, show help if necessary
- $opt_help && func_mode_help
-
-
-# func_mode_execute arg...
-func_mode_execute ()
-{
- $opt_debug
- # The first argument is the command name.
- cmd="$nonopt"
- test -z "$cmd" && \
- func_fatal_help "you must specify a COMMAND"
-
- # Handle -dlopen flags immediately.
- for file in $execute_dlfiles; do
- test -f "$file" \
- || func_fatal_help "\`$file' is not a file"
-
- dir=
- case $file in
- *.la)
- # Check to see that this really is a libtool archive.
- func_lalib_unsafe_p "$file" \
- || func_fatal_help "\`$lib' is not a valid libtool archive"
-
- # Read the libtool library.
- dlname=
- library_names=
- func_source "$file"
-
- # Skip this library if it cannot be dlopened.
- if test -z "$dlname"; then
- # Warn if it was a shared library.
- test -n "$library_names" && \
- func_warning "\`$file' was not linked with \`-export-dynamic'"
- continue
- fi
-
- func_dirname "$file" "" "."
- dir="$func_dirname_result"
-
- if test -f "$dir/$objdir/$dlname"; then
- dir="$dir/$objdir"
- else
- if test ! -f "$dir/$dlname"; then
- func_fatal_error "cannot find \`$dlname' in \`$dir' or \`$dir/$objdir'"
- fi
- fi
- ;;
-
- *.lo)
- # Just add the directory containing the .lo file.
- func_dirname "$file" "" "."
- dir="$func_dirname_result"
- ;;
-
- *)
- func_warning "\`-dlopen' is ignored for non-libtool libraries and objects"
- continue
- ;;
- esac
-
- # Get the absolute pathname.
- absdir=`cd "$dir" && pwd`
- test -n "$absdir" && dir="$absdir"
-
- # Now add the directory to shlibpath_var.
- if eval "test -z \"\$$shlibpath_var\""; then
- eval "$shlibpath_var=\"\$dir\""
- else
- eval "$shlibpath_var=\"\$dir:\$$shlibpath_var\""
- fi
- done
-
- # This variable tells wrapper scripts just to set shlibpath_var
- # rather than running their programs.
- libtool_execute_magic="$magic"
-
- # Check if any of the arguments is a wrapper script.
- args=
- for file
- do
- case $file in
- -*) ;;
- *)
- # Do a test to see if this is really a libtool program.
- if func_ltwrapper_script_p "$file"; then
- func_source "$file"
- # Transform arg to wrapped name.
- file="$progdir/$program"
- elif func_ltwrapper_executable_p "$file"; then
- func_ltwrapper_scriptname "$file"
- func_source "$func_ltwrapper_scriptname_result"
- # Transform arg to wrapped name.
- file="$progdir/$program"
- fi
- ;;
- esac
- # Quote arguments (to preserve shell metacharacters).
- func_quote_for_eval "$file"
- args="$args $func_quote_for_eval_result"
- done
-
- if test "X$opt_dry_run" = Xfalse; then
- if test -n "$shlibpath_var"; then
- # Export the shlibpath_var.
- eval "export $shlibpath_var"
- fi
-
- # Restore saved environment variables
- for lt_var in LANG LANGUAGE LC_ALL LC_CTYPE LC_COLLATE LC_MESSAGES
- do
- eval "if test \"\${save_$lt_var+set}\" = set; then
- $lt_var=\$save_$lt_var; export $lt_var
- else
- $lt_unset $lt_var
- fi"
- done
-
- # Now prepare to actually exec the command.
- exec_cmd="\$cmd$args"
- else
- # Display what would be done.
- if test -n "$shlibpath_var"; then
- eval "\$ECHO \"\$shlibpath_var=\$$shlibpath_var\""
- $ECHO "export $shlibpath_var"
- fi
- $ECHO "$cmd$args"
- exit $EXIT_SUCCESS
- fi
-}
-
-test "$mode" = execute && func_mode_execute ${1+"$@"}
-
-
-# func_mode_finish arg...
-func_mode_finish ()
-{
- $opt_debug
- libdirs="$nonopt"
- admincmds=
-
- if test -n "$finish_cmds$finish_eval" && test -n "$libdirs"; then
- for dir
- do
- libdirs="$libdirs $dir"
- done
-
- for libdir in $libdirs; do
- if test -n "$finish_cmds"; then
- # Do each command in the finish commands.
- func_execute_cmds "$finish_cmds" 'admincmds="$admincmds
-'"$cmd"'"'
- fi
- if test -n "$finish_eval"; then
- # Do the single finish_eval.
- eval cmds=\"$finish_eval\"
- $opt_dry_run || eval "$cmds" || admincmds="$admincmds
- $cmds"
- fi
- done
- fi
-
- # Exit here if they wanted silent mode.
- $opt_silent && exit $EXIT_SUCCESS
-
- $ECHO "X----------------------------------------------------------------------" | $Xsed
- $ECHO "Libraries have been installed in:"
- for libdir in $libdirs; do
- $ECHO " $libdir"
- done
- $ECHO
- $ECHO "If you ever happen to want to link against installed libraries"
- $ECHO "in a given directory, LIBDIR, you must either use libtool, and"
- $ECHO "specify the full pathname of the library, or use the \`-LLIBDIR'"
- $ECHO "flag during linking and do at least one of the following:"
- if test -n "$shlibpath_var"; then
- $ECHO " - add LIBDIR to the \`$shlibpath_var' environment variable"
- $ECHO " during execution"
- fi
- if test -n "$runpath_var"; then
- $ECHO " - add LIBDIR to the \`$runpath_var' environment variable"
- $ECHO " during linking"
- fi
- if test -n "$hardcode_libdir_flag_spec"; then
- libdir=LIBDIR
- eval flag=\"$hardcode_libdir_flag_spec\"
-
- $ECHO " - use the \`$flag' linker flag"
- fi
- if test -n "$admincmds"; then
- $ECHO " - have your system administrator run these commands:$admincmds"
- fi
- if test -f /etc/ld.so.conf; then
- $ECHO " - have your system administrator add LIBDIR to \`/etc/ld.so.conf'"
- fi
- $ECHO
-
- $ECHO "See any operating system documentation about shared libraries for"
- case $host in
- solaris2.[6789]|solaris2.1[0-9])
- $ECHO "more information, such as the ld(1), crle(1) and ld.so(8) manual"
- $ECHO "pages."
- ;;
- *)
- $ECHO "more information, such as the ld(1) and ld.so(8) manual pages."
- ;;
- esac
- $ECHO "X----------------------------------------------------------------------" | $Xsed
- exit $EXIT_SUCCESS
-}
-
-test "$mode" = finish && func_mode_finish ${1+"$@"}
-
-
-# func_mode_install arg...
-func_mode_install ()
-{
- $opt_debug
- # There may be an optional sh(1) argument at the beginning of
- # install_prog (especially on Windows NT).
- if test "$nonopt" = "$SHELL" || test "$nonopt" = /bin/sh ||
- # Allow the use of GNU shtool's install command.
- $ECHO "X$nonopt" | $GREP shtool >/dev/null; then
- # Aesthetically quote it.
- func_quote_for_eval "$nonopt"
- install_prog="$func_quote_for_eval_result "
- arg=$1
- shift
- else
- install_prog=
- arg=$nonopt
- fi
-
- # The real first argument should be the name of the installation program.
- # Aesthetically quote it.
- func_quote_for_eval "$arg"
- install_prog="$install_prog$func_quote_for_eval_result"
-
- # We need to accept at least all the BSD install flags.
- dest=
- files=
- opts=
- prev=
- install_type=
- isdir=no
- stripme=
- for arg
- do
- if test -n "$dest"; then
- files="$files $dest"
- dest=$arg
- continue
- fi
-
- case $arg in
- -d) isdir=yes ;;
- -f)
- case " $install_prog " in
- *[\\\ /]cp\ *) ;;
- *) prev=$arg ;;
- esac
- ;;
- -g | -m | -o)
- prev=$arg
- ;;
- -s)
- stripme=" -s"
- continue
- ;;
- -*)
- ;;
- *)
- # If the previous option needed an argument, then skip it.
- if test -n "$prev"; then
- prev=
- else
- dest=$arg
- continue
- fi
- ;;
- esac
-
- # Aesthetically quote the argument.
- func_quote_for_eval "$arg"
- install_prog="$install_prog $func_quote_for_eval_result"
- done
-
- test -z "$install_prog" && \
- func_fatal_help "you must specify an install program"
-
- test -n "$prev" && \
- func_fatal_help "the \`$prev' option requires an argument"
-
- if test -z "$files"; then
- if test -z "$dest"; then
- func_fatal_help "no file or destination specified"
- else
- func_fatal_help "you must specify a destination"
- fi
- fi
-
- # Strip any trailing slash from the destination.
- func_stripname '' '/' "$dest"
- dest=$func_stripname_result
-
- # Check to see that the destination is a directory.
- test -d "$dest" && isdir=yes
- if test "$isdir" = yes; then
- destdir="$dest"
- destname=
- else
- func_dirname_and_basename "$dest" "" "."
- destdir="$func_dirname_result"
- destname="$func_basename_result"
-
- # Not a directory, so check to see that there is only one file specified.
- set dummy $files; shift
- test "$#" -gt 1 && \
- func_fatal_help "\`$dest' is not a directory"
- fi
- case $destdir in
- [\\/]* | [A-Za-z]:[\\/]*) ;;
- *)
- for file in $files; do
- case $file in
- *.lo) ;;
- *)
- func_fatal_help "\`$destdir' must be an absolute directory name"
- ;;
- esac
- done
- ;;
- esac
-
- # This variable tells wrapper scripts just to set variables rather
- # than running their programs.
- libtool_install_magic="$magic"
-
- staticlibs=
- future_libdirs=
- current_libdirs=
- for file in $files; do
-
- # Do each installation.
- case $file in
- *.$libext)
- # Do the static libraries later.
- staticlibs="$staticlibs $file"
- ;;
-
- *.la)
- # Check to see that this really is a libtool archive.
- func_lalib_unsafe_p "$file" \
- || func_fatal_help "\`$file' is not a valid libtool archive"
-
- library_names=
- old_library=
- relink_command=
- func_source "$file"
-
- # Add the libdir to current_libdirs if it is the destination.
- if test "X$destdir" = "X$libdir"; then
- case "$current_libdirs " in
- *" $libdir "*) ;;
- *) current_libdirs="$current_libdirs $libdir" ;;
- esac
- else
- # Note the libdir as a future libdir.
- case "$future_libdirs " in
- *" $libdir "*) ;;
- *) future_libdirs="$future_libdirs $libdir" ;;
- esac
- fi
-
- func_dirname "$file" "/" ""
- dir="$func_dirname_result"
- dir="$dir$objdir"
-
- if test -n "$relink_command"; then
- # Determine the prefix the user has applied to our future dir.
- inst_prefix_dir=`$ECHO "X$destdir" | $Xsed -e "s%$libdir\$%%"`
-
- # Don't allow the user to place us outside of our expected
- # location b/c this prevents finding dependent libraries that
- # are installed to the same prefix.
- # At present, this check doesn't affect windows .dll's that
- # are installed into $libdir/../bin (currently, that works fine)
- # but it's something to keep an eye on.
- test "$inst_prefix_dir" = "$destdir" && \
- func_fatal_error "error: cannot install \`$file' to a directory not ending in $libdir"
-
- if test -n "$inst_prefix_dir"; then
- # Stick the inst_prefix_dir data into the link command.
- relink_command=`$ECHO "X$relink_command" | $Xsed -e "s%@inst_prefix_dir@%-inst-prefix-dir $inst_prefix_dir%"`
- else
- relink_command=`$ECHO "X$relink_command" | $Xsed -e "s%@inst_prefix_dir@%%"`
- fi
-
- func_warning "relinking \`$file'"
- func_show_eval "$relink_command" \
- 'func_fatal_error "error: relink \`$file'\'' with the above command before installing it"'
- fi
-
- # See the names of the shared library.
- set dummy $library_names; shift
- if test -n "$1"; then
- realname="$1"
- shift
-
- srcname="$realname"
- test -n "$relink_command" && srcname="$realname"T
-
- # Install the shared library and build the symlinks.
- func_show_eval "$install_prog $dir/$srcname $destdir/$realname" \
- 'exit $?'
- tstripme="$stripme"
- case $host_os in
- cygwin* | mingw* | pw32* | cegcc*)
- case $realname in
- *.dll.a)
- tstripme=""
- ;;
- esac
- ;;
- esac
- if test -n "$tstripme" && test -n "$striplib"; then
- func_show_eval "$striplib $destdir/$realname" 'exit $?'
- fi
-
- if test "$#" -gt 0; then
- # Delete the old symlinks, and create new ones.
- # Try `ln -sf' first, because the `ln' binary might depend on
- # the symlink we replace! Solaris /bin/ln does not understand -f,
- # so we also need to try rm && ln -s.
- for linkname
- do
- test "$linkname" != "$realname" \
- && func_show_eval "(cd $destdir && { $LN_S -f $realname $linkname || { $RM $linkname && $LN_S $realname $linkname; }; })"
- done
- fi
-
- # Do each command in the postinstall commands.
- lib="$destdir/$realname"
- func_execute_cmds "$postinstall_cmds" 'exit $?'
- fi
-
- # Install the pseudo-library for information purposes.
- func_basename "$file"
- name="$func_basename_result"
- instname="$dir/$name"i
- func_show_eval "$install_prog $instname $destdir/$name" 'exit $?'
-
- # Maybe install the static library, too.
- test -n "$old_library" && staticlibs="$staticlibs $dir/$old_library"
- ;;
-
- *.lo)
- # Install (i.e. copy) a libtool object.
-
- # Figure out destination file name, if it wasn't already specified.
- if test -n "$destname"; then
- destfile="$destdir/$destname"
- else
- func_basename "$file"
- destfile="$func_basename_result"
- destfile="$destdir/$destfile"
- fi
-
- # Deduce the name of the destination old-style object file.
- case $destfile in
- *.lo)
- func_lo2o "$destfile"
- staticdest=$func_lo2o_result
- ;;
- *.$objext)
- staticdest="$destfile"
- destfile=
- ;;
- *)
- func_fatal_help "cannot copy a libtool object to \`$destfile'"
- ;;
- esac
-
- # Install the libtool object if requested.
- test -n "$destfile" && \
- func_show_eval "$install_prog $file $destfile" 'exit $?'
-
- # Install the old object if enabled.
- if test "$build_old_libs" = yes; then
- # Deduce the name of the old-style object file.
- func_lo2o "$file"
- staticobj=$func_lo2o_result
- func_show_eval "$install_prog \$staticobj \$staticdest" 'exit $?'
- fi
- exit $EXIT_SUCCESS
- ;;
-
- *)
- # Figure out destination file name, if it wasn't already specified.
- if test -n "$destname"; then
- destfile="$destdir/$destname"
- else
- func_basename "$file"
- destfile="$func_basename_result"
- destfile="$destdir/$destfile"
- fi
-
- # If the file is missing, and there is a .exe on the end, strip it
- # because it is most likely a libtool script we actually want to
- # install
- stripped_ext=""
- case $file in
- *.exe)
- if test ! -f "$file"; then
- func_stripname '' '.exe' "$file"
- file=$func_stripname_result
- stripped_ext=".exe"
- fi
- ;;
- esac
-
- # Do a test to see if this is really a libtool program.
- case $host in
- *cygwin* | *mingw*)
- if func_ltwrapper_executable_p "$file"; then
- func_ltwrapper_scriptname "$file"
- wrapper=$func_ltwrapper_scriptname_result
- else
- func_stripname '' '.exe' "$file"
- wrapper=$func_stripname_result
- fi
- ;;
- *)
- wrapper=$file
- ;;
- esac
- if func_ltwrapper_script_p "$wrapper"; then
- notinst_deplibs=
- relink_command=
-
- func_source "$wrapper"
-
- # Check the variables that should have been set.
- test -z "$generated_by_libtool_version" && \
- func_fatal_error "invalid libtool wrapper script \`$wrapper'"
-
- finalize=yes
- for lib in $notinst_deplibs; do
- # Check to see that each library is installed.
- libdir=
- if test -f "$lib"; then
- func_source "$lib"
- fi
- libfile="$libdir/"`$ECHO "X$lib" | $Xsed -e 's%^.*/%%g'` ### testsuite: skip nested quoting test
- if test -n "$libdir" && test ! -f "$libfile"; then
- func_warning "\`$lib' has not been installed in \`$libdir'"
- finalize=no
- fi
- done
-
- relink_command=
- func_source "$wrapper"
-
- outputname=
- if test "$fast_install" = no && test -n "$relink_command"; then
- $opt_dry_run || {
- if test "$finalize" = yes; then
- tmpdir=`func_mktempdir`
- func_basename "$file$stripped_ext"
- file="$func_basename_result"
- outputname="$tmpdir/$file"
- # Replace the output file specification.
- relink_command=`$ECHO "X$relink_command" | $Xsed -e 's%@OUTPUT@%'"$outputname"'%g'`
-
- $opt_silent || {
- func_quote_for_expand "$relink_command"
- eval "func_echo $func_quote_for_expand_result"
- }
- if eval "$relink_command"; then :
- else
- func_error "error: relink \`$file' with the above command before installing it"
- $opt_dry_run || ${RM}r "$tmpdir"
- continue
- fi
- file="$outputname"
- else
- func_warning "cannot relink \`$file'"
- fi
- }
- else
- # Install the binary that we compiled earlier.
- file=`$ECHO "X$file$stripped_ext" | $Xsed -e "s%\([^/]*\)$%$objdir/\1%"`
- fi
- fi
-
- # remove .exe since cygwin /usr/bin/install will append another
- # one anyway
- case $install_prog,$host in
- */usr/bin/install*,*cygwin*)
- case $file:$destfile in
- *.exe:*.exe)
- # this is ok
- ;;
- *.exe:*)
- destfile=$destfile.exe
- ;;
- *:*.exe)
- func_stripname '' '.exe' "$destfile"
- destfile=$func_stripname_result
- ;;
- esac
- ;;
- esac
- func_show_eval "$install_prog\$stripme \$file \$destfile" 'exit $?'
- $opt_dry_run || if test -n "$outputname"; then
- ${RM}r "$tmpdir"
- fi
- ;;
- esac
- done
-
- for file in $staticlibs; do
- func_basename "$file"
- name="$func_basename_result"
-
- # Set up the ranlib parameters.
- oldlib="$destdir/$name"
-
- func_show_eval "$install_prog \$file \$oldlib" 'exit $?'
-
- if test -n "$stripme" && test -n "$old_striplib"; then
- func_show_eval "$old_striplib $oldlib" 'exit $?'
- fi
-
- # Do each command in the postinstall commands.
- func_execute_cmds "$old_postinstall_cmds" 'exit $?'
- done
-
- test -n "$future_libdirs" && \
- func_warning "remember to run \`$progname --finish$future_libdirs'"
-
- if test -n "$current_libdirs"; then
- # Maybe just do a dry run.
- $opt_dry_run && current_libdirs=" -n$current_libdirs"
- exec_cmd='$SHELL $progpath $preserve_args --finish$current_libdirs'
- else
- exit $EXIT_SUCCESS
- fi
-}
-
-test "$mode" = install && func_mode_install ${1+"$@"}
-
-
-# func_generate_dlsyms outputname originator pic_p
-# Extract symbols from dlprefiles and create ${outputname}S.o with
-# a dlpreopen symbol table.
-func_generate_dlsyms ()
-{
- $opt_debug
- my_outputname="$1"
- my_originator="$2"
- my_pic_p="${3-no}"
- my_prefix=`$ECHO "$my_originator" | sed 's%[^a-zA-Z0-9]%_%g'`
- my_dlsyms=
-
- if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then
- if test -n "$NM" && test -n "$global_symbol_pipe"; then
- my_dlsyms="${my_outputname}S.c"
- else
- func_error "not configured to extract global symbols from dlpreopened files"
- fi
- fi
-
- if test -n "$my_dlsyms"; then
- case $my_dlsyms in
- "") ;;
- *.c)
- # Discover the nlist of each of the dlfiles.
- nlist="$output_objdir/${my_outputname}.nm"
-
- func_show_eval "$RM $nlist ${nlist}S ${nlist}T"
-
- # Parse the name list into a source file.
- func_verbose "creating $output_objdir/$my_dlsyms"
-
- $opt_dry_run || $ECHO > "$output_objdir/$my_dlsyms" "\
-/* $my_dlsyms - symbol resolution table for \`$my_outputname' dlsym emulation. */
-/* Generated by $PROGRAM (GNU $PACKAGE$TIMESTAMP) $VERSION */
-
-#ifdef __cplusplus
-extern \"C\" {
-#endif
-
-/* External symbol declarations for the compiler. */\
-"
-
- if test "$dlself" = yes; then
- func_verbose "generating symbol list for \`$output'"
-
- $opt_dry_run || echo ': @PROGRAM@ ' > "$nlist"
-
- # Add our own program objects to the symbol list.
- progfiles=`$ECHO "X$objs$old_deplibs" | $SP2NL | $Xsed -e "$lo2o" | $NL2SP`
- for progfile in $progfiles; do
- func_verbose "extracting global C symbols from \`$progfile'"
- $opt_dry_run || eval "$NM $progfile | $global_symbol_pipe >> '$nlist'"
- done
-
- if test -n "$exclude_expsyms"; then
- $opt_dry_run || {
- eval '$EGREP -v " ($exclude_expsyms)$" "$nlist" > "$nlist"T'
- eval '$MV "$nlist"T "$nlist"'
- }
- fi
-
- if test -n "$export_symbols_regex"; then
- $opt_dry_run || {
- eval '$EGREP -e "$export_symbols_regex" "$nlist" > "$nlist"T'
- eval '$MV "$nlist"T "$nlist"'
- }
- fi
-
- # Prepare the list of exported symbols
- if test -z "$export_symbols"; then
- export_symbols="$output_objdir/$outputname.exp"
- $opt_dry_run || {
- $RM $export_symbols
- eval "${SED} -n -e '/^: @PROGRAM@ $/d' -e 's/^.* \(.*\)$/\1/p' "'< "$nlist" > "$export_symbols"'
- case $host in
- *cygwin* | *mingw* | *cegcc* )
- eval "echo EXPORTS "'> "$output_objdir/$outputname.def"'
- eval 'cat "$export_symbols" >> "$output_objdir/$outputname.def"'
- ;;
- esac
- }
- else
- $opt_dry_run || {
- eval "${SED} -e 's/\([].[*^$]\)/\\\\\1/g' -e 's/^/ /' -e 's/$/$/'"' < "$export_symbols" > "$output_objdir/$outputname.exp"'
- eval '$GREP -f "$output_objdir/$outputname.exp" < "$nlist" > "$nlist"T'
- eval '$MV "$nlist"T "$nlist"'
- case $host in
- *cygwin | *mingw* | *cegcc* )
- eval "echo EXPORTS "'> "$output_objdir/$outputname.def"'
- eval 'cat "$nlist" >> "$output_objdir/$outputname.def"'
- ;;
- esac
- }
- fi
- fi
-
- for dlprefile in $dlprefiles; do
- func_verbose "extracting global C symbols from \`$dlprefile'"
- func_basename "$dlprefile"
- name="$func_basename_result"
- $opt_dry_run || {
- eval '$ECHO ": $name " >> "$nlist"'
- eval "$NM $dlprefile 2>/dev/null | $global_symbol_pipe >> '$nlist'"
- }
- done
-
- $opt_dry_run || {
- # Make sure we have at least an empty file.
- test -f "$nlist" || : > "$nlist"
-
- if test -n "$exclude_expsyms"; then
- $EGREP -v " ($exclude_expsyms)$" "$nlist" > "$nlist"T
- $MV "$nlist"T "$nlist"
- fi
-
- # Try sorting and uniquifying the output.
- if $GREP -v "^: " < "$nlist" |
- if sort -k 3 </dev/null >/dev/null 2>&1; then
- sort -k 3
- else
- sort +2
- fi |
- uniq > "$nlist"S; then
- :
- else
- $GREP -v "^: " < "$nlist" > "$nlist"S
- fi
-
- if test -f "$nlist"S; then
- eval "$global_symbol_to_cdecl"' < "$nlist"S >> "$output_objdir/$my_dlsyms"'
- else
- $ECHO '/* NONE */' >> "$output_objdir/$my_dlsyms"
- fi
-
- $ECHO >> "$output_objdir/$my_dlsyms" "\
-
-/* The mapping between symbol names and symbols. */
-typedef struct {
- const char *name;
- void *address;
-} lt_dlsymlist;
-"
- case $host in
- *cygwin* | *mingw* | *cegcc* )
- $ECHO >> "$output_objdir/$my_dlsyms" "\
-/* DATA imports from DLLs on WIN32 con't be const, because
- runtime relocations are performed -- see ld's documentation
- on pseudo-relocs. */"
- lt_dlsym_const= ;;
- *osf5*)
- echo >> "$output_objdir/$my_dlsyms" "\
-/* This system does not cope well with relocations in const data */"
- lt_dlsym_const= ;;
- *)
- lt_dlsym_const=const ;;
- esac
-
- $ECHO >> "$output_objdir/$my_dlsyms" "\
-extern $lt_dlsym_const lt_dlsymlist
-lt_${my_prefix}_LTX_preloaded_symbols[];
-$lt_dlsym_const lt_dlsymlist
-lt_${my_prefix}_LTX_preloaded_symbols[] =
-{\
- { \"$my_originator\", (void *) 0 },"
-
- case $need_lib_prefix in
- no)
- eval "$global_symbol_to_c_name_address" < "$nlist" >> "$output_objdir/$my_dlsyms"
- ;;
- *)
- eval "$global_symbol_to_c_name_address_lib_prefix" < "$nlist" >> "$output_objdir/$my_dlsyms"
- ;;
- esac
- $ECHO >> "$output_objdir/$my_dlsyms" "\
- {0, (void *) 0}
-};
-
-/* This works around a problem in FreeBSD linker */
-#ifdef FREEBSD_WORKAROUND
-static const void *lt_preloaded_setup() {
- return lt_${my_prefix}_LTX_preloaded_symbols;
-}
-#endif
-
-#ifdef __cplusplus
-}
-#endif\
-"
- } # !$opt_dry_run
-
- pic_flag_for_symtable=
- case "$compile_command " in
- *" -static "*) ;;
- *)
- case $host in
- # compiling the symbol table file with pic_flag works around
- # a FreeBSD bug that causes programs to crash when -lm is
- # linked before any other PIC object. But we must not use
- # pic_flag when linking with -static. The problem exists in
- # FreeBSD 2.2.6 and is fixed in FreeBSD 3.1.
- *-*-freebsd2*|*-*-freebsd3.0*|*-*-freebsdelf3.0*)
- pic_flag_for_symtable=" $pic_flag -DFREEBSD_WORKAROUND" ;;
- *-*-hpux*)
- pic_flag_for_symtable=" $pic_flag" ;;
- *)
- if test "X$my_pic_p" != Xno; then
- pic_flag_for_symtable=" $pic_flag"
- fi
- ;;
- esac
- ;;
- esac
- symtab_cflags=
- for arg in $LTCFLAGS; do
- case $arg in
- -pie | -fpie | -fPIE) ;;
- *) symtab_cflags="$symtab_cflags $arg" ;;
- esac
- done
-
- # Now compile the dynamic symbol file.
- func_show_eval '(cd $output_objdir && $LTCC$symtab_cflags -c$no_builtin_flag$pic_flag_for_symtable "$my_dlsyms")' 'exit $?'
-
- # Clean up the generated files.
- func_show_eval '$RM "$output_objdir/$my_dlsyms" "$nlist" "${nlist}S" "${nlist}T"'
-
- # Transform the symbol file into the correct name.
- symfileobj="$output_objdir/${my_outputname}S.$objext"
- case $host in
- *cygwin* | *mingw* | *cegcc* )
- if test -f "$output_objdir/$my_outputname.def"; then
- compile_command=`$ECHO "X$compile_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/$my_outputname.def $symfileobj%"`
- finalize_command=`$ECHO "X$finalize_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/$my_outputname.def $symfileobj%"`
- else
- compile_command=`$ECHO "X$compile_command" | $Xsed -e "s%@SYMFILE@%$symfileobj%"`
- finalize_command=`$ECHO "X$finalize_command" | $Xsed -e "s%@SYMFILE@%$symfileobj%"`
- fi
- ;;
- *)
- compile_command=`$ECHO "X$compile_command" | $Xsed -e "s%@SYMFILE@%$symfileobj%"`
- finalize_command=`$ECHO "X$finalize_command" | $Xsed -e "s%@SYMFILE@%$symfileobj%"`
- ;;
- esac
- ;;
- *)
- func_fatal_error "unknown suffix for \`$my_dlsyms'"
- ;;
- esac
- else
- # We keep going just in case the user didn't refer to
- # lt_preloaded_symbols. The linker will fail if global_symbol_pipe
- # really was required.
-
- # Nullify the symbol file.
- compile_command=`$ECHO "X$compile_command" | $Xsed -e "s% @SYMFILE@%%"`
- finalize_command=`$ECHO "X$finalize_command" | $Xsed -e "s% @SYMFILE@%%"`
- fi
-}
-
-# func_win32_libid arg
-# return the library type of file 'arg'
-#
-# Need a lot of goo to handle *both* DLLs and import libs
-# Has to be a shell function in order to 'eat' the argument
-# that is supplied when $file_magic_command is called.
-func_win32_libid ()
-{
- $opt_debug
- win32_libid_type="unknown"
- win32_fileres=`file -L $1 2>/dev/null`
- case $win32_fileres in
- *ar\ archive\ import\ library*) # definitely import
- win32_libid_type="x86 archive import"
- ;;
- *ar\ archive*) # could be an import, or static
- if eval $OBJDUMP -f $1 | $SED -e '10q' 2>/dev/null |
- $EGREP 'file format pe-i386(.*architecture: i386)?' >/dev/null ; then
- win32_nmres=`eval $NM -f posix -A $1 |
- $SED -n -e '
- 1,100{
- / I /{
- s,.*,import,
- p
- q
- }
- }'`
- case $win32_nmres in
- import*) win32_libid_type="x86 archive import";;
- *) win32_libid_type="x86 archive static";;
- esac
- fi
- ;;
- *DLL*)
- win32_libid_type="x86 DLL"
- ;;
- *executable*) # but shell scripts are "executable" too...
- case $win32_fileres in
- *MS\ Windows\ PE\ Intel*)
- win32_libid_type="x86 DLL"
- ;;
- esac
- ;;
- esac
- $ECHO "$win32_libid_type"
-}
-
-
-
-# func_extract_an_archive dir oldlib
-func_extract_an_archive ()
-{
- $opt_debug
- f_ex_an_ar_dir="$1"; shift
- f_ex_an_ar_oldlib="$1"
- func_show_eval "(cd \$f_ex_an_ar_dir && $AR x \"\$f_ex_an_ar_oldlib\")" 'exit $?'
- if ($AR t "$f_ex_an_ar_oldlib" | sort | sort -uc >/dev/null 2>&1); then
- :
- else
- func_fatal_error "object name conflicts in archive: $f_ex_an_ar_dir/$f_ex_an_ar_oldlib"
- fi
-}
-
-
-# func_extract_archives gentop oldlib ...
-func_extract_archives ()
-{
- $opt_debug
- my_gentop="$1"; shift
- my_oldlibs=${1+"$@"}
- my_oldobjs=""
- my_xlib=""
- my_xabs=""
- my_xdir=""
-
- for my_xlib in $my_oldlibs; do
- # Extract the objects.
- case $my_xlib in
- [\\/]* | [A-Za-z]:[\\/]*) my_xabs="$my_xlib" ;;
- *) my_xabs=`pwd`"/$my_xlib" ;;
- esac
- func_basename "$my_xlib"
- my_xlib="$func_basename_result"
- my_xlib_u=$my_xlib
- while :; do
- case " $extracted_archives " in
- *" $my_xlib_u "*)
- func_arith $extracted_serial + 1
- extracted_serial=$func_arith_result
- my_xlib_u=lt$extracted_serial-$my_xlib ;;
- *) break ;;
- esac
- done
- extracted_archives="$extracted_archives $my_xlib_u"
- my_xdir="$my_gentop/$my_xlib_u"
-
- func_mkdir_p "$my_xdir"
-
- case $host in
- *-darwin*)
- func_verbose "Extracting $my_xabs"
- # Do not bother doing anything if just a dry run
- $opt_dry_run || {
- darwin_orig_dir=`pwd`
- cd $my_xdir || exit $?
- darwin_archive=$my_xabs
- darwin_curdir=`pwd`
- darwin_base_archive=`basename "$darwin_archive"`
- darwin_arches=`$LIPO -info "$darwin_archive" 2>/dev/null | $GREP Architectures 2>/dev/null || true`
- if test -n "$darwin_arches"; then
- darwin_arches=`$ECHO "$darwin_arches" | $SED -e 's/.*are://'`
- darwin_arch=
- func_verbose "$darwin_base_archive has multiple architectures $darwin_arches"
- for darwin_arch in $darwin_arches ; do
- func_mkdir_p "unfat-$$/${darwin_base_archive}-${darwin_arch}"
- $LIPO -thin $darwin_arch -output "unfat-$$/${darwin_base_archive}-${darwin_arch}/${darwin_base_archive}" "${darwin_archive}"
- cd "unfat-$$/${darwin_base_archive}-${darwin_arch}"
- func_extract_an_archive "`pwd`" "${darwin_base_archive}"
- cd "$darwin_curdir"
- $RM "unfat-$$/${darwin_base_archive}-${darwin_arch}/${darwin_base_archive}"
- done # $darwin_arches
- ## Okay now we've a bunch of thin objects, gotta fatten them up :)
- darwin_filelist=`find unfat-$$ -type f -name \*.o -print -o -name \*.lo -print | $SED -e "$basename" | sort -u`
- darwin_file=
- darwin_files=
- for darwin_file in $darwin_filelist; do
- darwin_files=`find unfat-$$ -name $darwin_file -print | $NL2SP`
- $LIPO -create -output "$darwin_file" $darwin_files
- done # $darwin_filelist
- $RM -rf unfat-$$
- cd "$darwin_orig_dir"
- else
- cd $darwin_orig_dir
- func_extract_an_archive "$my_xdir" "$my_xabs"
- fi # $darwin_arches
- } # !$opt_dry_run
- ;;
- *)
- func_extract_an_archive "$my_xdir" "$my_xabs"
- ;;
- esac
- my_oldobjs="$my_oldobjs "`find $my_xdir -name \*.$objext -print -o -name \*.lo -print | $NL2SP`
- done
-
- func_extract_archives_result="$my_oldobjs"
-}
-
-
-
-# func_emit_wrapper_part1 [arg=no]
-#
-# Emit the first part of a libtool wrapper script on stdout.
-# For more information, see the description associated with
-# func_emit_wrapper(), below.
-func_emit_wrapper_part1 ()
-{
- func_emit_wrapper_part1_arg1=no
- if test -n "$1" ; then
- func_emit_wrapper_part1_arg1=$1
- fi
-
- $ECHO "\
-#! $SHELL
-
-# $output - temporary wrapper script for $objdir/$outputname
-# Generated by $PROGRAM (GNU $PACKAGE$TIMESTAMP) $VERSION
-#
-# The $output program cannot be directly executed until all the libtool
-# libraries that it depends on are installed.
-#
-# This wrapper script should never be moved out of the build directory.
-# If it is, it will not operate correctly.
-
-# Sed substitution that helps us do robust quoting. It backslashifies
-# metacharacters that are still active within double-quoted strings.
-Xsed='${SED} -e 1s/^X//'
-sed_quote_subst='$sed_quote_subst'
-
-# Be Bourne compatible
-if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then
- emulate sh
- NULLCMD=:
- # Zsh 3.x and 4.x performs word splitting on \${1+\"\$@\"}, which
- # is contrary to our usage. Disable this feature.
- alias -g '\${1+\"\$@\"}'='\"\$@\"'
- setopt NO_GLOB_SUBST
-else
- case \`(set -o) 2>/dev/null\` in *posix*) set -o posix;; esac
-fi
-BIN_SH=xpg4; export BIN_SH # for Tru64
-DUALCASE=1; export DUALCASE # for MKS sh
-
-# The HP-UX ksh and POSIX shell print the target directory to stdout
-# if CDPATH is set.
-(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
-
-relink_command=\"$relink_command\"
-
-# This environment variable determines our operation mode.
-if test \"\$libtool_install_magic\" = \"$magic\"; then
- # install mode needs the following variables:
- generated_by_libtool_version='$macro_version'
- notinst_deplibs='$notinst_deplibs'
-else
- # When we are sourced in execute mode, \$file and \$ECHO are already set.
- if test \"\$libtool_execute_magic\" != \"$magic\"; then
- ECHO=\"$qecho\"
- file=\"\$0\"
- # Make sure echo works.
- if test \"X\$1\" = X--no-reexec; then
- # Discard the --no-reexec flag, and continue.
- shift
- elif test \"X\`{ \$ECHO '\t'; } 2>/dev/null\`\" = 'X\t'; then
- # Yippee, \$ECHO works!
- :
- else
- # Restart under the correct shell, and then maybe \$ECHO will work.
- exec $SHELL \"\$0\" --no-reexec \${1+\"\$@\"}
- fi
- fi\
-"
- $ECHO "\
-
- # Find the directory that this script lives in.
- thisdir=\`\$ECHO \"X\$file\" | \$Xsed -e 's%/[^/]*$%%'\`
- test \"x\$thisdir\" = \"x\$file\" && thisdir=.
-
- # Follow symbolic links until we get to the real thisdir.
- file=\`ls -ld \"\$file\" | ${SED} -n 's/.*-> //p'\`
- while test -n \"\$file\"; do
- destdir=\`\$ECHO \"X\$file\" | \$Xsed -e 's%/[^/]*\$%%'\`
-
- # If there was a directory component, then change thisdir.
- if test \"x\$destdir\" != \"x\$file\"; then
- case \"\$destdir\" in
- [\\\\/]* | [A-Za-z]:[\\\\/]*) thisdir=\"\$destdir\" ;;
- *) thisdir=\"\$thisdir/\$destdir\" ;;
- esac
- fi
-
- file=\`\$ECHO \"X\$file\" | \$Xsed -e 's%^.*/%%'\`
- file=\`ls -ld \"\$thisdir/\$file\" | ${SED} -n 's/.*-> //p'\`
- done
-"
-}
-# end: func_emit_wrapper_part1
-
-# func_emit_wrapper_part2 [arg=no]
-#
-# Emit the second part of a libtool wrapper script on stdout.
-# For more information, see the description associated with
-# func_emit_wrapper(), below.
-func_emit_wrapper_part2 ()
-{
- func_emit_wrapper_part2_arg1=no
- if test -n "$1" ; then
- func_emit_wrapper_part2_arg1=$1
- fi
-
- $ECHO "\
-
- # Usually 'no', except on cygwin/mingw when embedded into
- # the cwrapper.
- WRAPPER_SCRIPT_BELONGS_IN_OBJDIR=$func_emit_wrapper_part2_arg1
- if test \"\$WRAPPER_SCRIPT_BELONGS_IN_OBJDIR\" = \"yes\"; then
- # special case for '.'
- if test \"\$thisdir\" = \".\"; then
- thisdir=\`pwd\`
- fi
- # remove .libs from thisdir
- case \"\$thisdir\" in
- *[\\\\/]$objdir ) thisdir=\`\$ECHO \"X\$thisdir\" | \$Xsed -e 's%[\\\\/][^\\\\/]*$%%'\` ;;
- $objdir ) thisdir=. ;;
- esac
- fi
-
- # Try to get the absolute directory name.
- absdir=\`cd \"\$thisdir\" && pwd\`
- test -n \"\$absdir\" && thisdir=\"\$absdir\"
-"
-
- if test "$fast_install" = yes; then
- $ECHO "\
- program=lt-'$outputname'$exeext
- progdir=\"\$thisdir/$objdir\"
-
- if test ! -f \"\$progdir/\$program\" ||
- { file=\`ls -1dt \"\$progdir/\$program\" \"\$progdir/../\$program\" 2>/dev/null | ${SED} 1q\`; \\
- test \"X\$file\" != \"X\$progdir/\$program\"; }; then
-
- file=\"\$\$-\$program\"
-
- if test ! -d \"\$progdir\"; then
- $MKDIR \"\$progdir\"
- else
- $RM \"\$progdir/\$file\"
- fi"
-
- $ECHO "\
-
- # relink executable if necessary
- if test -n \"\$relink_command\"; then
- if relink_command_output=\`eval \$relink_command 2>&1\`; then :
- else
- $ECHO \"\$relink_command_output\" >&2
- $RM \"\$progdir/\$file\"
- exit 1
- fi
- fi
-
- $MV \"\$progdir/\$file\" \"\$progdir/\$program\" 2>/dev/null ||
- { $RM \"\$progdir/\$program\";
- $MV \"\$progdir/\$file\" \"\$progdir/\$program\"; }
- $RM \"\$progdir/\$file\"
- fi"
- else
- $ECHO "\
- program='$outputname'
- progdir=\"\$thisdir/$objdir\"
-"
- fi
-
- $ECHO "\
-
- if test -f \"\$progdir/\$program\"; then"
-
- # Export our shlibpath_var if we have one.
- if test "$shlibpath_overrides_runpath" = yes && test -n "$shlibpath_var" && test -n "$temp_rpath"; then
- $ECHO "\
- # Add our own library path to $shlibpath_var
- $shlibpath_var=\"$temp_rpath\$$shlibpath_var\"
-
- # Some systems cannot cope with colon-terminated $shlibpath_var
- # The second colon is a workaround for a bug in BeOS R4 sed
- $shlibpath_var=\`\$ECHO \"X\$$shlibpath_var\" | \$Xsed -e 's/::*\$//'\`
-
- export $shlibpath_var
-"
- fi
-
- # fixup the dll searchpath if we need to.
- if test -n "$dllsearchpath"; then
- $ECHO "\
- # Add the dll search path components to the executable PATH
- PATH=$dllsearchpath:\$PATH
-"
- fi
-
- $ECHO "\
- if test \"\$libtool_execute_magic\" != \"$magic\"; then
- # Run the actual program with our arguments.
-"
- case $host in
- # Backslashes separate directories on plain windows
- *-*-mingw | *-*-os2* | *-cegcc*)
- $ECHO "\
- exec \"\$progdir\\\\\$program\" \${1+\"\$@\"}
-"
- ;;
-
- *)
- $ECHO "\
- exec \"\$progdir/\$program\" \${1+\"\$@\"}
-"
- ;;
- esac
- $ECHO "\
- \$ECHO \"\$0: cannot exec \$program \$*\" 1>&2
- exit 1
- fi
- else
- # The program doesn't exist.
- \$ECHO \"\$0: error: \\\`\$progdir/\$program' does not exist\" 1>&2
- \$ECHO \"This script is just a wrapper for \$program.\" 1>&2
- $ECHO \"See the $PACKAGE documentation for more information.\" 1>&2
- exit 1
- fi
-fi\
-"
-}
-# end: func_emit_wrapper_part2
-
-
-# func_emit_wrapper [arg=no]
-#
-# Emit a libtool wrapper script on stdout.
-# Don't directly open a file because we may want to
-# incorporate the script contents within a cygwin/mingw
-# wrapper executable. Must ONLY be called from within
-# func_mode_link because it depends on a number of variables
-# set therein.
-#
-# ARG is the value that the WRAPPER_SCRIPT_BELONGS_IN_OBJDIR
-# variable will take. If 'yes', then the emitted script
-# will assume that the directory in which it is stored is
-# the $objdir directory. This is a cygwin/mingw-specific
-# behavior.
-func_emit_wrapper ()
-{
- func_emit_wrapper_arg1=no
- if test -n "$1" ; then
- func_emit_wrapper_arg1=$1
- fi
-
- # split this up so that func_emit_cwrapperexe_src
- # can call each part independently.
- func_emit_wrapper_part1 "${func_emit_wrapper_arg1}"
- func_emit_wrapper_part2 "${func_emit_wrapper_arg1}"
-}
-
-
-# func_to_host_path arg
-#
-# Convert paths to host format when used with build tools.
-# Intended for use with "native" mingw (where libtool itself
-# is running under the msys shell), or in the following cross-
-# build environments:
-# $build $host
-# mingw (msys) mingw [e.g. native]
-# cygwin mingw
-# *nix + wine mingw
-# where wine is equipped with the `winepath' executable.
-# In the native mingw case, the (msys) shell automatically
-# converts paths for any non-msys applications it launches,
-# but that facility isn't available from inside the cwrapper.
-# Similar accommodations are necessary for $host mingw and
-# $build cygwin. Calling this function does no harm for other
-# $host/$build combinations not listed above.
-#
-# ARG is the path (on $build) that should be converted to
-# the proper representation for $host. The result is stored
-# in $func_to_host_path_result.
-func_to_host_path ()
-{
- func_to_host_path_result="$1"
- if test -n "$1" ; then
- case $host in
- *mingw* )
- lt_sed_naive_backslashify='s|\\\\*|\\|g;s|/|\\|g;s|\\|\\\\|g'
- case $build in
- *mingw* ) # actually, msys
- # awkward: cmd appends spaces to result
- lt_sed_strip_trailing_spaces="s/[ ]*\$//"
- func_to_host_path_tmp1=`( cmd //c echo "$1" |\
- $SED -e "$lt_sed_strip_trailing_spaces" ) 2>/dev/null || echo ""`
- func_to_host_path_result=`echo "$func_to_host_path_tmp1" |\
- $SED -e "$lt_sed_naive_backslashify"`
- ;;
- *cygwin* )
- func_to_host_path_tmp1=`cygpath -w "$1"`
- func_to_host_path_result=`echo "$func_to_host_path_tmp1" |\
- $SED -e "$lt_sed_naive_backslashify"`
- ;;
- * )
- # Unfortunately, winepath does not exit with a non-zero
- # error code, so we are forced to check the contents of
- # stdout. On the other hand, if the command is not
- # found, the shell will set an exit code of 127 and print
- # *an error message* to stdout. So we must check for both
- # error code of zero AND non-empty stdout, which explains
- # the odd construction:
- func_to_host_path_tmp1=`winepath -w "$1" 2>/dev/null`
- if test "$?" -eq 0 && test -n "${func_to_host_path_tmp1}"; then
- func_to_host_path_result=`echo "$func_to_host_path_tmp1" |\
- $SED -e "$lt_sed_naive_backslashify"`
- else
- # Allow warning below.
- func_to_host_path_result=""
- fi
- ;;
- esac
- if test -z "$func_to_host_path_result" ; then
- func_error "Could not determine host path corresponding to"
- func_error " '$1'"
- func_error "Continuing, but uninstalled executables may not work."
- # Fallback:
- func_to_host_path_result="$1"
- fi
- ;;
- esac
- fi
-}
-# end: func_to_host_path
-
-# func_to_host_pathlist arg
-#
-# Convert pathlists to host format when used with build tools.
-# See func_to_host_path(), above. This function supports the
-# following $build/$host combinations (but does no harm for
-# combinations not listed here):
-# $build $host
-# mingw (msys) mingw [e.g. native]
-# cygwin mingw
-# *nix + wine mingw
-#
-# Path separators are also converted from $build format to
-# $host format. If ARG begins or ends with a path separator
-# character, it is preserved (but converted to $host format)
-# on output.
-#
-# ARG is a pathlist (on $build) that should be converted to
-# the proper representation on $host. The result is stored
-# in $func_to_host_pathlist_result.
-func_to_host_pathlist ()
-{
- func_to_host_pathlist_result="$1"
- if test -n "$1" ; then
- case $host in
- *mingw* )
- lt_sed_naive_backslashify='s|\\\\*|\\|g;s|/|\\|g;s|\\|\\\\|g'
- # Remove leading and trailing path separator characters from
- # ARG. msys behavior is inconsistent here, cygpath turns them
- # into '.;' and ';.', and winepath ignores them completely.
- func_to_host_pathlist_tmp2="$1"
- # Once set for this call, this variable should not be
- # reassigned. It is used in tha fallback case.
- func_to_host_pathlist_tmp1=`echo "$func_to_host_pathlist_tmp2" |\
- $SED -e 's|^:*||' -e 's|:*$||'`
- case $build in
- *mingw* ) # Actually, msys.
- # Awkward: cmd appends spaces to result.
- lt_sed_strip_trailing_spaces="s/[ ]*\$//"
- func_to_host_pathlist_tmp2=`( cmd //c echo "$func_to_host_pathlist_tmp1" |\
- $SED -e "$lt_sed_strip_trailing_spaces" ) 2>/dev/null || echo ""`
- func_to_host_pathlist_result=`echo "$func_to_host_pathlist_tmp2" |\
- $SED -e "$lt_sed_naive_backslashify"`
- ;;
- *cygwin* )
- func_to_host_pathlist_tmp2=`cygpath -w -p "$func_to_host_pathlist_tmp1"`
- func_to_host_pathlist_result=`echo "$func_to_host_pathlist_tmp2" |\
- $SED -e "$lt_sed_naive_backslashify"`
- ;;
- * )
- # unfortunately, winepath doesn't convert pathlists
- func_to_host_pathlist_result=""
- func_to_host_pathlist_oldIFS=$IFS
- IFS=:
- for func_to_host_pathlist_f in $func_to_host_pathlist_tmp1 ; do
- IFS=$func_to_host_pathlist_oldIFS
- if test -n "$func_to_host_pathlist_f" ; then
- func_to_host_path "$func_to_host_pathlist_f"
- if test -n "$func_to_host_path_result" ; then
- if test -z "$func_to_host_pathlist_result" ; then
- func_to_host_pathlist_result="$func_to_host_path_result"
- else
- func_to_host_pathlist_result="$func_to_host_pathlist_result;$func_to_host_path_result"
- fi
- fi
- fi
- IFS=:
- done
- IFS=$func_to_host_pathlist_oldIFS
- ;;
- esac
- if test -z "$func_to_host_pathlist_result" ; then
- func_error "Could not determine the host path(s) corresponding to"
- func_error " '$1'"
- func_error "Continuing, but uninstalled executables may not work."
- # Fallback. This may break if $1 contains DOS-style drive
- # specifications. The fix is not to complicate the expression
- # below, but for the user to provide a working wine installation
- # with winepath so that path translation in the cross-to-mingw
- # case works properly.
- lt_replace_pathsep_nix_to_dos="s|:|;|g"
- func_to_host_pathlist_result=`echo "$func_to_host_pathlist_tmp1" |\
- $SED -e "$lt_replace_pathsep_nix_to_dos"`
- fi
- # Now, add the leading and trailing path separators back
- case "$1" in
- :* ) func_to_host_pathlist_result=";$func_to_host_pathlist_result"
- ;;
- esac
- case "$1" in
- *: ) func_to_host_pathlist_result="$func_to_host_pathlist_result;"
- ;;
- esac
- ;;
- esac
- fi
-}
-# end: func_to_host_pathlist
-
-# func_emit_cwrapperexe_src
-# emit the source code for a wrapper executable on stdout
-# Must ONLY be called from within func_mode_link because
-# it depends on a number of variable set therein.
-func_emit_cwrapperexe_src ()
-{
- cat <<EOF
-
-/* $cwrappersource - temporary wrapper executable for $objdir/$outputname
- Generated by $PROGRAM (GNU $PACKAGE$TIMESTAMP) $VERSION
-
- The $output program cannot be directly executed until all the libtool
- libraries that it depends on are installed.
-
- This wrapper executable should never be moved out of the build directory.
- If it is, it will not operate correctly.
-
- Currently, it simply execs the wrapper *script* "$SHELL $output",
- but could eventually absorb all of the scripts functionality and
- exec $objdir/$outputname directly.
-*/
-EOF
- cat <<"EOF"
-#include <stdio.h>
-#include <stdlib.h>
-#ifdef _MSC_VER
-# include <direct.h>
-# include <process.h>
-# include <io.h>
-# define setmode _setmode
-#else
-# include <unistd.h>
-# include <stdint.h>
-# ifdef __CYGWIN__
-# include <io.h>
-# define HAVE_SETENV
-# ifdef __STRICT_ANSI__
-char *realpath (const char *, char *);
-int putenv (char *);
-int setenv (const char *, const char *, int);
-# endif
-# endif
-#endif
-#include <malloc.h>
-#include <stdarg.h>
-#include <assert.h>
-#include <string.h>
-#include <ctype.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <sys/stat.h>
-
-#if defined(PATH_MAX)
-# define LT_PATHMAX PATH_MAX
-#elif defined(MAXPATHLEN)
-# define LT_PATHMAX MAXPATHLEN
-#else
-# define LT_PATHMAX 1024
-#endif
-
-#ifndef S_IXOTH
-# define S_IXOTH 0
-#endif
-#ifndef S_IXGRP
-# define S_IXGRP 0
-#endif
-
-#ifdef _MSC_VER
-# define S_IXUSR _S_IEXEC
-# define stat _stat
-# ifndef _INTPTR_T_DEFINED
-# define intptr_t int
-# endif
-#endif
-
-#ifndef DIR_SEPARATOR
-# define DIR_SEPARATOR '/'
-# define PATH_SEPARATOR ':'
-#endif
-
-#if defined (_WIN32) || defined (__MSDOS__) || defined (__DJGPP__) || \
- defined (__OS2__)
-# define HAVE_DOS_BASED_FILE_SYSTEM
-# define FOPEN_WB "wb"
-# ifndef DIR_SEPARATOR_2
-# define DIR_SEPARATOR_2 '\\'
-# endif
-# ifndef PATH_SEPARATOR_2
-# define PATH_SEPARATOR_2 ';'
-# endif
-#endif
-
-#ifndef DIR_SEPARATOR_2
-# define IS_DIR_SEPARATOR(ch) ((ch) == DIR_SEPARATOR)
-#else /* DIR_SEPARATOR_2 */
-# define IS_DIR_SEPARATOR(ch) \
- (((ch) == DIR_SEPARATOR) || ((ch) == DIR_SEPARATOR_2))
-#endif /* DIR_SEPARATOR_2 */
-
-#ifndef PATH_SEPARATOR_2
-# define IS_PATH_SEPARATOR(ch) ((ch) == PATH_SEPARATOR)
-#else /* PATH_SEPARATOR_2 */
-# define IS_PATH_SEPARATOR(ch) ((ch) == PATH_SEPARATOR_2)
-#endif /* PATH_SEPARATOR_2 */
-
-#ifdef __CYGWIN__
-# define FOPEN_WB "wb"
-#endif
-
-#ifndef FOPEN_WB
-# define FOPEN_WB "w"
-#endif
-#ifndef _O_BINARY
-# define _O_BINARY 0
-#endif
-
-#define XMALLOC(type, num) ((type *) xmalloc ((num) * sizeof(type)))
-#define XFREE(stale) do { \
- if (stale) { free ((void *) stale); stale = 0; } \
-} while (0)
-
-#undef LTWRAPPER_DEBUGPRINTF
-#if defined DEBUGWRAPPER
-# define LTWRAPPER_DEBUGPRINTF(args) ltwrapper_debugprintf args
-static void
-ltwrapper_debugprintf (const char *fmt, ...)
-{
- va_list args;
- va_start (args, fmt);
- (void) vfprintf (stderr, fmt, args);
- va_end (args);
-}
-#else
-# define LTWRAPPER_DEBUGPRINTF(args)
-#endif
-
-const char *program_name = NULL;
-
-void *xmalloc (size_t num);
-char *xstrdup (const char *string);
-const char *base_name (const char *name);
-char *find_executable (const char *wrapper);
-char *chase_symlinks (const char *pathspec);
-int make_executable (const char *path);
-int check_executable (const char *path);
-char *strendzap (char *str, const char *pat);
-void lt_fatal (const char *message, ...);
-void lt_setenv (const char *name, const char *value);
-char *lt_extend_str (const char *orig_value, const char *add, int to_end);
-void lt_opt_process_env_set (const char *arg);
-void lt_opt_process_env_prepend (const char *arg);
-void lt_opt_process_env_append (const char *arg);
-int lt_split_name_value (const char *arg, char** name, char** value);
-void lt_update_exe_path (const char *name, const char *value);
-void lt_update_lib_path (const char *name, const char *value);
-
-static const char *script_text_part1 =
-EOF
-
- func_emit_wrapper_part1 yes |
- $SED -e 's/\([\\"]\)/\\\1/g' \
- -e 's/^/ "/' -e 's/$/\\n"/'
- echo ";"
- cat <<EOF
-
-static const char *script_text_part2 =
-EOF
- func_emit_wrapper_part2 yes |
- $SED -e 's/\([\\"]\)/\\\1/g' \
- -e 's/^/ "/' -e 's/$/\\n"/'
- echo ";"
-
- cat <<EOF
-const char * MAGIC_EXE = "$magic_exe";
-const char * LIB_PATH_VARNAME = "$shlibpath_var";
-EOF
-
- if test "$shlibpath_overrides_runpath" = yes && test -n "$shlibpath_var" && test -n "$temp_rpath"; then
- func_to_host_pathlist "$temp_rpath"
- cat <<EOF
-const char * LIB_PATH_VALUE = "$func_to_host_pathlist_result";
-EOF
- else
- cat <<"EOF"
-const char * LIB_PATH_VALUE = "";
-EOF
- fi
-
- if test -n "$dllsearchpath"; then
- func_to_host_pathlist "$dllsearchpath:"
- cat <<EOF
-const char * EXE_PATH_VARNAME = "PATH";
-const char * EXE_PATH_VALUE = "$func_to_host_pathlist_result";
-EOF
- else
- cat <<"EOF"
-const char * EXE_PATH_VARNAME = "";
-const char * EXE_PATH_VALUE = "";
-EOF
- fi
-
- if test "$fast_install" = yes; then
- cat <<EOF
-const char * TARGET_PROGRAM_NAME = "lt-$outputname"; /* hopefully, no .exe */
-EOF
- else
- cat <<EOF
-const char * TARGET_PROGRAM_NAME = "$outputname"; /* hopefully, no .exe */
-EOF
- fi
-
-
- cat <<"EOF"
-
-#define LTWRAPPER_OPTION_PREFIX "--lt-"
-#define LTWRAPPER_OPTION_PREFIX_LENGTH 5
-
-static const size_t opt_prefix_len = LTWRAPPER_OPTION_PREFIX_LENGTH;
-static const char *ltwrapper_option_prefix = LTWRAPPER_OPTION_PREFIX;
-
-static const char *dumpscript_opt = LTWRAPPER_OPTION_PREFIX "dump-script";
-
-static const size_t env_set_opt_len = LTWRAPPER_OPTION_PREFIX_LENGTH + 7;
-static const char *env_set_opt = LTWRAPPER_OPTION_PREFIX "env-set";
- /* argument is putenv-style "foo=bar", value of foo is set to bar */
-
-static const size_t env_prepend_opt_len = LTWRAPPER_OPTION_PREFIX_LENGTH + 11;
-static const char *env_prepend_opt = LTWRAPPER_OPTION_PREFIX "env-prepend";
- /* argument is putenv-style "foo=bar", new value of foo is bar${foo} */
-
-static const size_t env_append_opt_len = LTWRAPPER_OPTION_PREFIX_LENGTH + 10;
-static const char *env_append_opt = LTWRAPPER_OPTION_PREFIX "env-append";
- /* argument is putenv-style "foo=bar", new value of foo is ${foo}bar */
-
-int
-main (int argc, char *argv[])
-{
- char **newargz;
- int newargc;
- char *tmp_pathspec;
- char *actual_cwrapper_path;
- char *actual_cwrapper_name;
- char *target_name;
- char *lt_argv_zero;
- intptr_t rval = 127;
-
- int i;
-
- program_name = (char *) xstrdup (base_name (argv[0]));
- LTWRAPPER_DEBUGPRINTF (("(main) argv[0] : %s\n", argv[0]));
- LTWRAPPER_DEBUGPRINTF (("(main) program_name : %s\n", program_name));
-
- /* very simple arg parsing; don't want to rely on getopt */
- for (i = 1; i < argc; i++)
- {
- if (strcmp (argv[i], dumpscript_opt) == 0)
- {
-EOF
- case "$host" in
- *mingw* | *cygwin* )
- # make stdout use "unix" line endings
- echo " setmode(1,_O_BINARY);"
- ;;
- esac
-
- cat <<"EOF"
- printf ("%s", script_text_part1);
- printf ("%s", script_text_part2);
- return 0;
- }
- }
-
- newargz = XMALLOC (char *, argc + 1);
- tmp_pathspec = find_executable (argv[0]);
- if (tmp_pathspec == NULL)
- lt_fatal ("Couldn't find %s", argv[0]);
- LTWRAPPER_DEBUGPRINTF (("(main) found exe (before symlink chase) at : %s\n",
- tmp_pathspec));
-
- actual_cwrapper_path = chase_symlinks (tmp_pathspec);
- LTWRAPPER_DEBUGPRINTF (("(main) found exe (after symlink chase) at : %s\n",
- actual_cwrapper_path));
- XFREE (tmp_pathspec);
-
- actual_cwrapper_name = xstrdup( base_name (actual_cwrapper_path));
- strendzap (actual_cwrapper_path, actual_cwrapper_name);
-
- /* wrapper name transforms */
- strendzap (actual_cwrapper_name, ".exe");
- tmp_pathspec = lt_extend_str (actual_cwrapper_name, ".exe", 1);
- XFREE (actual_cwrapper_name);
- actual_cwrapper_name = tmp_pathspec;
- tmp_pathspec = 0;
-
- /* target_name transforms -- use actual target program name; might have lt- prefix */
- target_name = xstrdup (base_name (TARGET_PROGRAM_NAME));
- strendzap (target_name, ".exe");
- tmp_pathspec = lt_extend_str (target_name, ".exe", 1);
- XFREE (target_name);
- target_name = tmp_pathspec;
- tmp_pathspec = 0;
-
- LTWRAPPER_DEBUGPRINTF (("(main) libtool target name: %s\n",
- target_name));
-EOF
-
- cat <<EOF
- newargz[0] =
- XMALLOC (char, (strlen (actual_cwrapper_path) +
- strlen ("$objdir") + 1 + strlen (actual_cwrapper_name) + 1));
- strcpy (newargz[0], actual_cwrapper_path);
- strcat (newargz[0], "$objdir");
- strcat (newargz[0], "/");
-EOF
-
- cat <<"EOF"
- /* stop here, and copy so we don't have to do this twice */
- tmp_pathspec = xstrdup (newargz[0]);
-
- /* do NOT want the lt- prefix here, so use actual_cwrapper_name */
- strcat (newargz[0], actual_cwrapper_name);
-
- /* DO want the lt- prefix here if it exists, so use target_name */
- lt_argv_zero = lt_extend_str (tmp_pathspec, target_name, 1);
- XFREE (tmp_pathspec);
- tmp_pathspec = NULL;
-EOF
-
- case $host_os in
- mingw*)
- cat <<"EOF"
- {
- char* p;
- while ((p = strchr (newargz[0], '\\')) != NULL)
- {
- *p = '/';
- }
- while ((p = strchr (lt_argv_zero, '\\')) != NULL)
- {
- *p = '/';
- }
- }
-EOF
- ;;
- esac
-
- cat <<"EOF"
- XFREE (target_name);
- XFREE (actual_cwrapper_path);
- XFREE (actual_cwrapper_name);
-
- lt_setenv ("BIN_SH", "xpg4"); /* for Tru64 */
- lt_setenv ("DUALCASE", "1"); /* for MSK sh */
- lt_update_lib_path (LIB_PATH_VARNAME, LIB_PATH_VALUE);
- lt_update_exe_path (EXE_PATH_VARNAME, EXE_PATH_VALUE);
-
- newargc=0;
- for (i = 1; i < argc; i++)
- {
- if (strncmp (argv[i], env_set_opt, env_set_opt_len) == 0)
- {
- if (argv[i][env_set_opt_len] == '=')
- {
- const char *p = argv[i] + env_set_opt_len + 1;
- lt_opt_process_env_set (p);
- }
- else if (argv[i][env_set_opt_len] == '\0' && i + 1 < argc)
- {
- lt_opt_process_env_set (argv[++i]); /* don't copy */
- }
- else
- lt_fatal ("%s missing required argument", env_set_opt);
- continue;
- }
- if (strncmp (argv[i], env_prepend_opt, env_prepend_opt_len) == 0)
- {
- if (argv[i][env_prepend_opt_len] == '=')
- {
- const char *p = argv[i] + env_prepend_opt_len + 1;
- lt_opt_process_env_prepend (p);
- }
- else if (argv[i][env_prepend_opt_len] == '\0' && i + 1 < argc)
- {
- lt_opt_process_env_prepend (argv[++i]); /* don't copy */
- }
- else
- lt_fatal ("%s missing required argument", env_prepend_opt);
- continue;
- }
- if (strncmp (argv[i], env_append_opt, env_append_opt_len) == 0)
- {
- if (argv[i][env_append_opt_len] == '=')
- {
- const char *p = argv[i] + env_append_opt_len + 1;
- lt_opt_process_env_append (p);
- }
- else if (argv[i][env_append_opt_len] == '\0' && i + 1 < argc)
- {
- lt_opt_process_env_append (argv[++i]); /* don't copy */
- }
- else
- lt_fatal ("%s missing required argument", env_append_opt);
- continue;
- }
- if (strncmp (argv[i], ltwrapper_option_prefix, opt_prefix_len) == 0)
- {
- /* however, if there is an option in the LTWRAPPER_OPTION_PREFIX
- namespace, but it is not one of the ones we know about and
- have already dealt with, above (inluding dump-script), then
- report an error. Otherwise, targets might begin to believe
- they are allowed to use options in the LTWRAPPER_OPTION_PREFIX
- namespace. The first time any user complains about this, we'll
- need to make LTWRAPPER_OPTION_PREFIX a configure-time option
- or a configure.ac-settable value.
- */
- lt_fatal ("Unrecognized option in %s namespace: '%s'",
- ltwrapper_option_prefix, argv[i]);
- }
- /* otherwise ... */
- newargz[++newargc] = xstrdup (argv[i]);
- }
- newargz[++newargc] = NULL;
-
- LTWRAPPER_DEBUGPRINTF (("(main) lt_argv_zero : %s\n", (lt_argv_zero ? lt_argv_zero : "<NULL>")));
- for (i = 0; i < newargc; i++)
- {
- LTWRAPPER_DEBUGPRINTF (("(main) newargz[%d] : %s\n", i, (newargz[i] ? newargz[i] : "<NULL>")));
- }
-
-EOF
-
- case $host_os in
- mingw*)
- cat <<"EOF"
- /* execv doesn't actually work on mingw as expected on unix */
- rval = _spawnv (_P_WAIT, lt_argv_zero, (const char * const *) newargz);
- if (rval == -1)
- {
- /* failed to start process */
- LTWRAPPER_DEBUGPRINTF (("(main) failed to launch target \"%s\": errno = %d\n", lt_argv_zero, errno));
- return 127;
- }
- return rval;
-EOF
- ;;
- *)
- cat <<"EOF"
- execv (lt_argv_zero, newargz);
- return rval; /* =127, but avoids unused variable warning */
-EOF
- ;;
- esac
-
- cat <<"EOF"
-}
-
-void *
-xmalloc (size_t num)
-{
- void *p = (void *) malloc (num);
- if (!p)
- lt_fatal ("Memory exhausted");
-
- return p;
-}
-
-char *
-xstrdup (const char *string)
-{
- return string ? strcpy ((char *) xmalloc (strlen (string) + 1),
- string) : NULL;
-}
-
-const char *
-base_name (const char *name)
-{
- const char *base;
-
-#if defined (HAVE_DOS_BASED_FILE_SYSTEM)
- /* Skip over the disk name in MSDOS pathnames. */
- if (isalpha ((unsigned char) name[0]) && name[1] == ':')
- name += 2;
-#endif
-
- for (base = name; *name; name++)
- if (IS_DIR_SEPARATOR (*name))
- base = name + 1;
- return base;
-}
-
-int
-check_executable (const char *path)
-{
- struct stat st;
-
- LTWRAPPER_DEBUGPRINTF (("(check_executable) : %s\n",
- path ? (*path ? path : "EMPTY!") : "NULL!"));
- if ((!path) || (!*path))
- return 0;
-
- if ((stat (path, &st) >= 0)
- && (st.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH)))
- return 1;
- else
- return 0;
-}
-
-int
-make_executable (const char *path)
-{
- int rval = 0;
- struct stat st;
-
- LTWRAPPER_DEBUGPRINTF (("(make_executable) : %s\n",
- path ? (*path ? path : "EMPTY!") : "NULL!"));
- if ((!path) || (!*path))
- return 0;
-
- if (stat (path, &st) >= 0)
- {
- rval = chmod (path, st.st_mode | S_IXOTH | S_IXGRP | S_IXUSR);
- }
- return rval;
-}
-
-/* Searches for the full path of the wrapper. Returns
- newly allocated full path name if found, NULL otherwise
- Does not chase symlinks, even on platforms that support them.
-*/
-char *
-find_executable (const char *wrapper)
-{
- int has_slash = 0;
- const char *p;
- const char *p_next;
- /* static buffer for getcwd */
- char tmp[LT_PATHMAX + 1];
- int tmp_len;
- char *concat_name;
-
- LTWRAPPER_DEBUGPRINTF (("(find_executable) : %s\n",
- wrapper ? (*wrapper ? wrapper : "EMPTY!") : "NULL!"));
-
- if ((wrapper == NULL) || (*wrapper == '\0'))
- return NULL;
-
- /* Absolute path? */
-#if defined (HAVE_DOS_BASED_FILE_SYSTEM)
- if (isalpha ((unsigned char) wrapper[0]) && wrapper[1] == ':')
- {
- concat_name = xstrdup (wrapper);
- if (check_executable (concat_name))
- return concat_name;
- XFREE (concat_name);
- }
- else
- {
-#endif
- if (IS_DIR_SEPARATOR (wrapper[0]))
- {
- concat_name = xstrdup (wrapper);
- if (check_executable (concat_name))
- return concat_name;
- XFREE (concat_name);
- }
-#if defined (HAVE_DOS_BASED_FILE_SYSTEM)
- }
-#endif
-
- for (p = wrapper; *p; p++)
- if (*p == '/')
- {
- has_slash = 1;
- break;
- }
- if (!has_slash)
- {
- /* no slashes; search PATH */
- const char *path = getenv ("PATH");
- if (path != NULL)
- {
- for (p = path; *p; p = p_next)
- {
- const char *q;
- size_t p_len;
- for (q = p; *q; q++)
- if (IS_PATH_SEPARATOR (*q))
- break;
- p_len = q - p;
- p_next = (*q == '\0' ? q : q + 1);
- if (p_len == 0)
- {
- /* empty path: current directory */
- if (getcwd (tmp, LT_PATHMAX) == NULL)
- lt_fatal ("getcwd failed");
- tmp_len = strlen (tmp);
- concat_name =
- XMALLOC (char, tmp_len + 1 + strlen (wrapper) + 1);
- memcpy (concat_name, tmp, tmp_len);
- concat_name[tmp_len] = '/';
- strcpy (concat_name + tmp_len + 1, wrapper);
- }
- else
- {
- concat_name =
- XMALLOC (char, p_len + 1 + strlen (wrapper) + 1);
- memcpy (concat_name, p, p_len);
- concat_name[p_len] = '/';
- strcpy (concat_name + p_len + 1, wrapper);
- }
- if (check_executable (concat_name))
- return concat_name;
- XFREE (concat_name);
- }
- }
- /* not found in PATH; assume curdir */
- }
- /* Relative path | not found in path: prepend cwd */
- if (getcwd (tmp, LT_PATHMAX) == NULL)
- lt_fatal ("getcwd failed");
- tmp_len = strlen (tmp);
- concat_name = XMALLOC (char, tmp_len + 1 + strlen (wrapper) + 1);
- memcpy (concat_name, tmp, tmp_len);
- concat_name[tmp_len] = '/';
- strcpy (concat_name + tmp_len + 1, wrapper);
-
- if (check_executable (concat_name))
- return concat_name;
- XFREE (concat_name);
- return NULL;
-}
-
-char *
-chase_symlinks (const char *pathspec)
-{
-#ifndef S_ISLNK
- return xstrdup (pathspec);
-#else
- char buf[LT_PATHMAX];
- struct stat s;
- char *tmp_pathspec = xstrdup (pathspec);
- char *p;
- int has_symlinks = 0;
- while (strlen (tmp_pathspec) && !has_symlinks)
- {
- LTWRAPPER_DEBUGPRINTF (("checking path component for symlinks: %s\n",
- tmp_pathspec));
- if (lstat (tmp_pathspec, &s) == 0)
- {
- if (S_ISLNK (s.st_mode) != 0)
- {
- has_symlinks = 1;
- break;
- }
-
- /* search backwards for last DIR_SEPARATOR */
- p = tmp_pathspec + strlen (tmp_pathspec) - 1;
- while ((p > tmp_pathspec) && (!IS_DIR_SEPARATOR (*p)))
- p--;
- if ((p == tmp_pathspec) && (!IS_DIR_SEPARATOR (*p)))
- {
- /* no more DIR_SEPARATORS left */
- break;
- }
- *p = '\0';
- }
- else
- {
- char *errstr = strerror (errno);
- lt_fatal ("Error accessing file %s (%s)", tmp_pathspec, errstr);
- }
- }
- XFREE (tmp_pathspec);
-
- if (!has_symlinks)
- {
- return xstrdup (pathspec);
- }
-
- tmp_pathspec = realpath (pathspec, buf);
- if (tmp_pathspec == 0)
- {
- lt_fatal ("Could not follow symlinks for %s", pathspec);
- }
- return xstrdup (tmp_pathspec);
-#endif
-}
-
-char *
-strendzap (char *str, const char *pat)
-{
- size_t len, patlen;
-
- assert (str != NULL);
- assert (pat != NULL);
-
- len = strlen (str);
- patlen = strlen (pat);
-
- if (patlen <= len)
- {
- str += len - patlen;
- if (strcmp (str, pat) == 0)
- *str = '\0';
- }
- return str;
-}
-
-static void
-lt_error_core (int exit_status, const char *mode,
- const char *message, va_list ap)
-{
- fprintf (stderr, "%s: %s: ", program_name, mode);
- vfprintf (stderr, message, ap);
- fprintf (stderr, ".\n");
-
- if (exit_status >= 0)
- exit (exit_status);
-}
-
-void
-lt_fatal (const char *message, ...)
-{
- va_list ap;
- va_start (ap, message);
- lt_error_core (EXIT_FAILURE, "FATAL", message, ap);
- va_end (ap);
-}
-
-void
-lt_setenv (const char *name, const char *value)
-{
- LTWRAPPER_DEBUGPRINTF (("(lt_setenv) setting '%s' to '%s'\n",
- (name ? name : "<NULL>"),
- (value ? value : "<NULL>")));
- {
-#ifdef HAVE_SETENV
- /* always make a copy, for consistency with !HAVE_SETENV */
- char *str = xstrdup (value);
- setenv (name, str, 1);
-#else
- int len = strlen (name) + 1 + strlen (value) + 1;
- char *str = XMALLOC (char, len);
- sprintf (str, "%s=%s", name, value);
- if (putenv (str) != EXIT_SUCCESS)
- {
- XFREE (str);
- }
-#endif
- }
-}
-
-char *
-lt_extend_str (const char *orig_value, const char *add, int to_end)
-{
- char *new_value;
- if (orig_value && *orig_value)
- {
- int orig_value_len = strlen (orig_value);
- int add_len = strlen (add);
- new_value = XMALLOC (char, add_len + orig_value_len + 1);
- if (to_end)
- {
- strcpy (new_value, orig_value);
- strcpy (new_value + orig_value_len, add);
- }
- else
- {
- strcpy (new_value, add);
- strcpy (new_value + add_len, orig_value);
- }
- }
- else
- {
- new_value = xstrdup (add);
- }
- return new_value;
-}
-
-int
-lt_split_name_value (const char *arg, char** name, char** value)
-{
- const char *p;
- int len;
- if (!arg || !*arg)
- return 1;
-
- p = strchr (arg, (int)'=');
-
- if (!p)
- return 1;
-
- *value = xstrdup (++p);
-
- len = strlen (arg) - strlen (*value);
- *name = XMALLOC (char, len);
- strncpy (*name, arg, len-1);
- (*name)[len - 1] = '\0';
-
- return 0;
-}
-
-void
-lt_opt_process_env_set (const char *arg)
-{
- char *name = NULL;
- char *value = NULL;
-
- if (lt_split_name_value (arg, &name, &value) != 0)
- {
- XFREE (name);
- XFREE (value);
- lt_fatal ("bad argument for %s: '%s'", env_set_opt, arg);
- }
-
- lt_setenv (name, value);
- XFREE (name);
- XFREE (value);
-}
-
-void
-lt_opt_process_env_prepend (const char *arg)
-{
- char *name = NULL;
- char *value = NULL;
- char *new_value = NULL;
-
- if (lt_split_name_value (arg, &name, &value) != 0)
- {
- XFREE (name);
- XFREE (value);
- lt_fatal ("bad argument for %s: '%s'", env_prepend_opt, arg);
- }
-
- new_value = lt_extend_str (getenv (name), value, 0);
- lt_setenv (name, new_value);
- XFREE (new_value);
- XFREE (name);
- XFREE (value);
-}
-
-void
-lt_opt_process_env_append (const char *arg)
-{
- char *name = NULL;
- char *value = NULL;
- char *new_value = NULL;
-
- if (lt_split_name_value (arg, &name, &value) != 0)
- {
- XFREE (name);
- XFREE (value);
- lt_fatal ("bad argument for %s: '%s'", env_append_opt, arg);
- }
-
- new_value = lt_extend_str (getenv (name), value, 1);
- lt_setenv (name, new_value);
- XFREE (new_value);
- XFREE (name);
- XFREE (value);
-}
-
-void
-lt_update_exe_path (const char *name, const char *value)
-{
- LTWRAPPER_DEBUGPRINTF (("(lt_update_exe_path) modifying '%s' by prepending '%s'\n",
- (name ? name : "<NULL>"),
- (value ? value : "<NULL>")));
-
- if (name && *name && value && *value)
- {
- char *new_value = lt_extend_str (getenv (name), value, 0);
- /* some systems can't cope with a ':'-terminated path #' */
- int len = strlen (new_value);
- while (((len = strlen (new_value)) > 0) && IS_PATH_SEPARATOR (new_value[len-1]))
- {
- new_value[len-1] = '\0';
- }
- lt_setenv (name, new_value);
- XFREE (new_value);
- }
-}
-
-void
-lt_update_lib_path (const char *name, const char *value)
-{
- LTWRAPPER_DEBUGPRINTF (("(lt_update_lib_path) modifying '%s' by prepending '%s'\n",
- (name ? name : "<NULL>"),
- (value ? value : "<NULL>")));
-
- if (name && *name && value && *value)
- {
- char *new_value = lt_extend_str (getenv (name), value, 0);
- lt_setenv (name, new_value);
- XFREE (new_value);
- }
-}
-
-
-EOF
-}
-# end: func_emit_cwrapperexe_src
-
-# func_mode_link arg...
-func_mode_link ()
-{
- $opt_debug
- case $host in
- *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-cegcc*)
- # It is impossible to link a dll without this setting, and
- # we shouldn't force the makefile maintainer to figure out
- # which system we are compiling for in order to pass an extra
- # flag for every libtool invocation.
- # allow_undefined=no
-
- # FIXME: Unfortunately, there are problems with the above when trying
- # to make a dll which has undefined symbols, in which case not
- # even a static library is built. For now, we need to specify
- # -no-undefined on the libtool link line when we can be certain
- # that all symbols are satisfied, otherwise we get a static library.
- allow_undefined=yes
- ;;
- *)
- allow_undefined=yes
- ;;
- esac
- libtool_args=$nonopt
- base_compile="$nonopt $@"
- compile_command=$nonopt
- finalize_command=$nonopt
-
- compile_rpath=
- finalize_rpath=
- compile_shlibpath=
- finalize_shlibpath=
- convenience=
- old_convenience=
- deplibs=
- old_deplibs=
- compiler_flags=
- linker_flags=
- dllsearchpath=
- lib_search_path=`pwd`
- inst_prefix_dir=
- new_inherited_linker_flags=
-
- avoid_version=no
- dlfiles=
- dlprefiles=
- dlself=no
- export_dynamic=no
- export_symbols=
- export_symbols_regex=
- generated=
- libobjs=
- ltlibs=
- module=no
- no_install=no
- objs=
- non_pic_objects=
- precious_files_regex=
- prefer_static_libs=no
- preload=no
- prev=
- prevarg=
- release=
- rpath=
- xrpath=
- perm_rpath=
- temp_rpath=
- thread_safe=no
- vinfo=
- vinfo_number=no
- weak_libs=
- single_module="${wl}-single_module"
- func_infer_tag $base_compile
-
- # We need to know -static, to get the right output filenames.
- for arg
- do
- case $arg in
- -shared)
- test "$build_libtool_libs" != yes && \
- func_fatal_configuration "can not build a shared library"
- build_old_libs=no
- break
- ;;
- -all-static | -static | -static-libtool-libs)
- case $arg in
- -all-static)
- if test "$build_libtool_libs" = yes && test -z "$link_static_flag"; then
- func_warning "complete static linking is impossible in this configuration"
- fi
- if test -n "$link_static_flag"; then
- dlopen_self=$dlopen_self_static
- fi
- prefer_static_libs=yes
- ;;
- -static)
- if test -z "$pic_flag" && test -n "$link_static_flag"; then
- dlopen_self=$dlopen_self_static
- fi
- prefer_static_libs=built
- ;;
- -static-libtool-libs)
- if test -z "$pic_flag" && test -n "$link_static_flag"; then
- dlopen_self=$dlopen_self_static
- fi
- prefer_static_libs=yes
- ;;
- esac
- build_libtool_libs=no
- build_old_libs=yes
- break
- ;;
- esac
- done
-
- # See if our shared archives depend on static archives.
- test -n "$old_archive_from_new_cmds" && build_old_libs=yes
-
- # Go through the arguments, transforming them on the way.
- while test "$#" -gt 0; do
- arg="$1"
- shift
- func_quote_for_eval "$arg"
- qarg=$func_quote_for_eval_unquoted_result
- func_append libtool_args " $func_quote_for_eval_result"
-
- # If the previous option needs an argument, assign it.
- if test -n "$prev"; then
- case $prev in
- output)
- func_append compile_command " @OUTPUT@"
- func_append finalize_command " @OUTPUT@"
- ;;
- esac
-
- case $prev in
- dlfiles|dlprefiles)
- if test "$preload" = no; then
- # Add the symbol object into the linking commands.
- func_append compile_command " @SYMFILE@"
- func_append finalize_command " @SYMFILE@"
- preload=yes
- fi
- case $arg in
- *.la | *.lo) ;; # We handle these cases below.
- force)
- if test "$dlself" = no; then
- dlself=needless
- export_dynamic=yes
- fi
- prev=
- continue
- ;;
- self)
- if test "$prev" = dlprefiles; then
- dlself=yes
- elif test "$prev" = dlfiles && test "$dlopen_self" != yes; then
- dlself=yes
- else
- dlself=needless
- export_dynamic=yes
- fi
- prev=
- continue
- ;;
- *)
- if test "$prev" = dlfiles; then
- dlfiles="$dlfiles $arg"
- else
- dlprefiles="$dlprefiles $arg"
- fi
- prev=
- continue
- ;;
- esac
- ;;
- expsyms)
- export_symbols="$arg"
- test -f "$arg" \
- || func_fatal_error "symbol file \`$arg' does not exist"
- prev=
- continue
- ;;
- expsyms_regex)
- export_symbols_regex="$arg"
- prev=
- continue
- ;;
- framework)
- case $host in
- *-*-darwin*)
- case "$deplibs " in
- *" $qarg.ltframework "*) ;;
- *) deplibs="$deplibs $qarg.ltframework" # this is fixed later
- ;;
- esac
- ;;
- esac
- prev=
- continue
- ;;
- inst_prefix)
- inst_prefix_dir="$arg"
- prev=
- continue
- ;;
- objectlist)
- if test -f "$arg"; then
- save_arg=$arg
- moreargs=
- for fil in `cat "$save_arg"`
- do
-# moreargs="$moreargs $fil"
- arg=$fil
- # A libtool-controlled object.
-
- # Check to see that this really is a libtool object.
- if func_lalib_unsafe_p "$arg"; then
- pic_object=
- non_pic_object=
-
- # Read the .lo file
- func_source "$arg"
-
- if test -z "$pic_object" ||
- test -z "$non_pic_object" ||
- test "$pic_object" = none &&
- test "$non_pic_object" = none; then
- func_fatal_error "cannot find name of object for \`$arg'"
- fi
-
- # Extract subdirectory from the argument.
- func_dirname "$arg" "/" ""
- xdir="$func_dirname_result"
-
- if test "$pic_object" != none; then
- # Prepend the subdirectory the object is found in.
- pic_object="$xdir$pic_object"
-
- if test "$prev" = dlfiles; then
- if test "$build_libtool_libs" = yes && test "$dlopen_support" = yes; then
- dlfiles="$dlfiles $pic_object"
- prev=
- continue
- else
- # If libtool objects are unsupported, then we need to preload.
- prev=dlprefiles
- fi
- fi
-
- # CHECK ME: I think I busted this. -Ossama
- if test "$prev" = dlprefiles; then
- # Preload the old-style object.
- dlprefiles="$dlprefiles $pic_object"
- prev=
- fi
-
- # A PIC object.
- func_append libobjs " $pic_object"
- arg="$pic_object"
- fi
-
- # Non-PIC object.
- if test "$non_pic_object" != none; then
- # Prepend the subdirectory the object is found in.
- non_pic_object="$xdir$non_pic_object"
-
- # A standard non-PIC object
- func_append non_pic_objects " $non_pic_object"
- if test -z "$pic_object" || test "$pic_object" = none ; then
- arg="$non_pic_object"
- fi
- else
- # If the PIC object exists, use it instead.
- # $xdir was prepended to $pic_object above.
- non_pic_object="$pic_object"
- func_append non_pic_objects " $non_pic_object"
- fi
- else
- # Only an error if not doing a dry-run.
- if $opt_dry_run; then
- # Extract subdirectory from the argument.
- func_dirname "$arg" "/" ""
- xdir="$func_dirname_result"
-
- func_lo2o "$arg"
- pic_object=$xdir$objdir/$func_lo2o_result
- non_pic_object=$xdir$func_lo2o_result
- func_append libobjs " $pic_object"
- func_append non_pic_objects " $non_pic_object"
- else
- func_fatal_error "\`$arg' is not a valid libtool object"
- fi
- fi
- done
- else
- func_fatal_error "link input file \`$arg' does not exist"
- fi
- arg=$save_arg
- prev=
- continue
- ;;
- precious_regex)
- precious_files_regex="$arg"
- prev=
- continue
- ;;
- release)
- release="-$arg"
- prev=
- continue
- ;;
- rpath | xrpath)
- # We need an absolute path.
- case $arg in
- [\\/]* | [A-Za-z]:[\\/]*) ;;
- *)
- func_fatal_error "only absolute run-paths are allowed"
- ;;
- esac
- if test "$prev" = rpath; then
- case "$rpath " in
- *" $arg "*) ;;
- *) rpath="$rpath $arg" ;;
- esac
- else
- case "$xrpath " in
- *" $arg "*) ;;
- *) xrpath="$xrpath $arg" ;;
- esac
- fi
- prev=
- continue
- ;;
- shrext)
- shrext_cmds="$arg"
- prev=
- continue
- ;;
- weak)
- weak_libs="$weak_libs $arg"
- prev=
- continue
- ;;
- xcclinker)
- linker_flags="$linker_flags $qarg"
- compiler_flags="$compiler_flags $qarg"
- prev=
- func_append compile_command " $qarg"
- func_append finalize_command " $qarg"
- continue
- ;;
- xcompiler)
- compiler_flags="$compiler_flags $qarg"
- prev=
- func_append compile_command " $qarg"
- func_append finalize_command " $qarg"
- continue
- ;;
- xlinker)
- linker_flags="$linker_flags $qarg"
- compiler_flags="$compiler_flags $wl$qarg"
- prev=
- func_append compile_command " $wl$qarg"
- func_append finalize_command " $wl$qarg"
- continue
- ;;
- *)
- eval "$prev=\"\$arg\""
- prev=
- continue
- ;;
- esac
- fi # test -n "$prev"
-
- prevarg="$arg"
-
- case $arg in
- -all-static)
- if test -n "$link_static_flag"; then
- # See comment for -static flag below, for more details.
- func_append compile_command " $link_static_flag"
- func_append finalize_command " $link_static_flag"
- fi
- continue
- ;;
-
- -allow-undefined)
- # FIXME: remove this flag sometime in the future.
- func_fatal_error "\`-allow-undefined' must not be used because it is the default"
- ;;
-
- -avoid-version)
- avoid_version=yes
- continue
- ;;
-
- -dlopen)
- prev=dlfiles
- continue
- ;;
-
- -dlpreopen)
- prev=dlprefiles
- continue
- ;;
-
- -export-dynamic)
- export_dynamic=yes
- continue
- ;;
-
- -export-symbols | -export-symbols-regex)
- if test -n "$export_symbols" || test -n "$export_symbols_regex"; then
- func_fatal_error "more than one -exported-symbols argument is not allowed"
- fi
- if test "X$arg" = "X-export-symbols"; then
- prev=expsyms
- else
- prev=expsyms_regex
- fi
- continue
- ;;
-
- -framework)
- prev=framework
- continue
- ;;
-
- -inst-prefix-dir)
- prev=inst_prefix
- continue
- ;;
-
- # The native IRIX linker understands -LANG:*, -LIST:* and -LNO:*
- # so, if we see these flags be careful not to treat them like -L
- -L[A-Z][A-Z]*:*)
- case $with_gcc/$host in
- no/*-*-irix* | /*-*-irix*)
- func_append compile_command " $arg"
- func_append finalize_command " $arg"
- ;;
- esac
- continue
- ;;
-
- -L*)
- func_stripname '-L' '' "$arg"
- dir=$func_stripname_result
- if test -z "$dir"; then
- if test "$#" -gt 0; then
- func_fatal_error "require no space between \`-L' and \`$1'"
- else
- func_fatal_error "need path for \`-L' option"
- fi
- fi
- # We need an absolute path.
- case $dir in
- [\\/]* | [A-Za-z]:[\\/]*) ;;
- *)
- absdir=`cd "$dir" && pwd`
- test -z "$absdir" && \
- func_fatal_error "cannot determine absolute directory name of \`$dir'"
- dir="$absdir"
- ;;
- esac
- case "$deplibs " in
- *" -L$dir "*) ;;
- *)
- deplibs="$deplibs -L$dir"
- lib_search_path="$lib_search_path $dir"
- ;;
- esac
- case $host in
- *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-cegcc*)
- testbindir=`$ECHO "X$dir" | $Xsed -e 's*/lib$*/bin*'`
- case :$dllsearchpath: in
- *":$dir:"*) ;;
- ::) dllsearchpath=$dir;;
- *) dllsearchpath="$dllsearchpath:$dir";;
- esac
- case :$dllsearchpath: in
- *":$testbindir:"*) ;;
- ::) dllsearchpath=$testbindir;;
- *) dllsearchpath="$dllsearchpath:$testbindir";;
- esac
- ;;
- esac
- continue
- ;;
-
- -l*)
- if test "X$arg" = "X-lc" || test "X$arg" = "X-lm"; then
- case $host in
- *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-beos* | *-cegcc*)
- # These systems don't actually have a C or math library (as such)
- continue
- ;;
- *-*-os2*)
- # These systems don't actually have a C library (as such)
- test "X$arg" = "X-lc" && continue
- ;;
- *-*-openbsd* | *-*-freebsd* | *-*-dragonfly*)
- # Do not include libc due to us having libc/libc_r.
- test "X$arg" = "X-lc" && continue
- ;;
- *-*-rhapsody* | *-*-darwin1.[012])
- # Rhapsody C and math libraries are in the System framework
- deplibs="$deplibs System.ltframework"
- continue
- ;;
- *-*-sco3.2v5* | *-*-sco5v6*)
- # Causes problems with __ctype
- test "X$arg" = "X-lc" && continue
- ;;
- *-*-sysv4.2uw2* | *-*-sysv5* | *-*-unixware* | *-*-OpenUNIX*)
- # Compiler inserts libc in the correct place for threads to work
- test "X$arg" = "X-lc" && continue
- ;;
- esac
- elif test "X$arg" = "X-lc_r"; then
- case $host in
- *-*-openbsd* | *-*-freebsd* | *-*-dragonfly*)
- # Do not include libc_r directly, use -pthread flag.
- continue
- ;;
- esac
- fi
- deplibs="$deplibs $arg"
- continue
- ;;
-
- -module)
- module=yes
- continue
- ;;
-
- # Tru64 UNIX uses -model [arg] to determine the layout of C++
- # classes, name mangling, and exception handling.
- # Darwin uses the -arch flag to determine output architecture.
- -model|-arch|-isysroot)
- compiler_flags="$compiler_flags $arg"
- func_append compile_command " $arg"
- func_append finalize_command " $arg"
- prev=xcompiler
- continue
- ;;
-
- -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe|-threads)
- compiler_flags="$compiler_flags $arg"
- func_append compile_command " $arg"
- func_append finalize_command " $arg"
- case "$new_inherited_linker_flags " in
- *" $arg "*) ;;
- * ) new_inherited_linker_flags="$new_inherited_linker_flags $arg" ;;
- esac
- continue
- ;;
-
- -multi_module)
- single_module="${wl}-multi_module"
- continue
- ;;
-
- -no-fast-install)
- fast_install=no
- continue
- ;;
-
- -no-install)
- case $host in
- *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-*-darwin* | *-cegcc*)
- # The PATH hackery in wrapper scripts is required on Windows
- # and Darwin in order for the loader to find any dlls it needs.
- func_warning "\`-no-install' is ignored for $host"
- func_warning "assuming \`-no-fast-install' instead"
- fast_install=no
- ;;
- *) no_install=yes ;;
- esac
- continue
- ;;
-
- -no-undefined)
- allow_undefined=no
- continue
- ;;
-
- -objectlist)
- prev=objectlist
- continue
- ;;
-
- -o) prev=output ;;
-
- -precious-files-regex)
- prev=precious_regex
- continue
- ;;
-
- -release)
- prev=release
- continue
- ;;
-
- -rpath)
- prev=rpath
- continue
- ;;
-
- -R)
- prev=xrpath
- continue
- ;;
-
- -R*)
- func_stripname '-R' '' "$arg"
- dir=$func_stripname_result
- # We need an absolute path.
- case $dir in
- [\\/]* | [A-Za-z]:[\\/]*) ;;
- *)
- func_fatal_error "only absolute run-paths are allowed"
- ;;
- esac
- case "$xrpath " in
- *" $dir "*) ;;
- *) xrpath="$xrpath $dir" ;;
- esac
- continue
- ;;
-
- -shared)
- # The effects of -shared are defined in a previous loop.
- continue
- ;;
-
- -shrext)
- prev=shrext
- continue
- ;;
-
- -static | -static-libtool-libs)
- # The effects of -static are defined in a previous loop.
- # We used to do the same as -all-static on platforms that
- # didn't have a PIC flag, but the assumption that the effects
- # would be equivalent was wrong. It would break on at least
- # Digital Unix and AIX.
- continue
- ;;
-
- -thread-safe)
- thread_safe=yes
- continue
- ;;
-
- -version-info)
- prev=vinfo
- continue
- ;;
-
- -version-number)
- prev=vinfo
- vinfo_number=yes
- continue
- ;;
-
- -weak)
- prev=weak
- continue
- ;;
-
- -Wc,*)
- func_stripname '-Wc,' '' "$arg"
- args=$func_stripname_result
- arg=
- save_ifs="$IFS"; IFS=','
- for flag in $args; do
- IFS="$save_ifs"
- func_quote_for_eval "$flag"
- arg="$arg $wl$func_quote_for_eval_result"
- compiler_flags="$compiler_flags $func_quote_for_eval_result"
- done
- IFS="$save_ifs"
- func_stripname ' ' '' "$arg"
- arg=$func_stripname_result
- ;;
-
- -Wl,*)
- func_stripname '-Wl,' '' "$arg"
- args=$func_stripname_result
- arg=
- save_ifs="$IFS"; IFS=','
- for flag in $args; do
- IFS="$save_ifs"
- func_quote_for_eval "$flag"
- arg="$arg $wl$func_quote_for_eval_result"
- compiler_flags="$compiler_flags $wl$func_quote_for_eval_result"
- linker_flags="$linker_flags $func_quote_for_eval_result"
- done
- IFS="$save_ifs"
- func_stripname ' ' '' "$arg"
- arg=$func_stripname_result
- ;;
-
- -Xcompiler)
- prev=xcompiler
- continue
- ;;
-
- -Xlinker)
- prev=xlinker
- continue
- ;;
-
- -XCClinker)
- prev=xcclinker
- continue
- ;;
-
- # -msg_* for osf cc
- -msg_*)
- func_quote_for_eval "$arg"
- arg="$func_quote_for_eval_result"
- ;;
-
- # -64, -mips[0-9] enable 64-bit mode on the SGI compiler
- # -r[0-9][0-9]* specifies the processor on the SGI compiler
- # -xarch=*, -xtarget=* enable 64-bit mode on the Sun compiler
- # +DA*, +DD* enable 64-bit mode on the HP compiler
- # -q* pass through compiler args for the IBM compiler
- # -m*, -t[45]*, -txscale* pass through architecture-specific
- # compiler args for GCC
- # -F/path gives path to uninstalled frameworks, gcc on darwin
- # -p, -pg, --coverage, -fprofile-* pass through profiling flag for GCC
- # @file GCC response files
- -64|-mips[0-9]|-r[0-9][0-9]*|-xarch=*|-xtarget=*|+DA*|+DD*|-q*|-m*| \
- -t[45]*|-txscale*|-p|-pg|--coverage|-fprofile-*|-F*|@*)
- func_quote_for_eval "$arg"
- arg="$func_quote_for_eval_result"
- func_append compile_command " $arg"
- func_append finalize_command " $arg"
- compiler_flags="$compiler_flags $arg"
- continue
- ;;
-
- # Some other compiler flag.
- -* | +*)
- func_quote_for_eval "$arg"
- arg="$func_quote_for_eval_result"
- ;;
-
- *.$objext)
- # A standard object.
- objs="$objs $arg"
- ;;
-
- *.lo)
- # A libtool-controlled object.
-
- # Check to see that this really is a libtool object.
- if func_lalib_unsafe_p "$arg"; then
- pic_object=
- non_pic_object=
-
- # Read the .lo file
- func_source "$arg"
-
- if test -z "$pic_object" ||
- test -z "$non_pic_object" ||
- test "$pic_object" = none &&
- test "$non_pic_object" = none; then
- func_fatal_error "cannot find name of object for \`$arg'"
- fi
-
- # Extract subdirectory from the argument.
- func_dirname "$arg" "/" ""
- xdir="$func_dirname_result"
-
- if test "$pic_object" != none; then
- # Prepend the subdirectory the object is found in.
- pic_object="$xdir$pic_object"
-
- if test "$prev" = dlfiles; then
- if test "$build_libtool_libs" = yes && test "$dlopen_support" = yes; then
- dlfiles="$dlfiles $pic_object"
- prev=
- continue
- else
- # If libtool objects are unsupported, then we need to preload.
- prev=dlprefiles
- fi
- fi
-
- # CHECK ME: I think I busted this. -Ossama
- if test "$prev" = dlprefiles; then
- # Preload the old-style object.
- dlprefiles="$dlprefiles $pic_object"
- prev=
- fi
-
- # A PIC object.
- func_append libobjs " $pic_object"
- arg="$pic_object"
- fi
-
- # Non-PIC object.
- if test "$non_pic_object" != none; then
- # Prepend the subdirectory the object is found in.
- non_pic_object="$xdir$non_pic_object"
-
- # A standard non-PIC object
- func_append non_pic_objects " $non_pic_object"
- if test -z "$pic_object" || test "$pic_object" = none ; then
- arg="$non_pic_object"
- fi
- else
- # If the PIC object exists, use it instead.
- # $xdir was prepended to $pic_object above.
- non_pic_object="$pic_object"
- func_append non_pic_objects " $non_pic_object"
- fi
- else
- # Only an error if not doing a dry-run.
- if $opt_dry_run; then
- # Extract subdirectory from the argument.
- func_dirname "$arg" "/" ""
- xdir="$func_dirname_result"
-
- func_lo2o "$arg"
- pic_object=$xdir$objdir/$func_lo2o_result
- non_pic_object=$xdir$func_lo2o_result
- func_append libobjs " $pic_object"
- func_append non_pic_objects " $non_pic_object"
- else
- func_fatal_error "\`$arg' is not a valid libtool object"
- fi
- fi
- ;;
-
- *.$libext)
- # An archive.
- deplibs="$deplibs $arg"
- old_deplibs="$old_deplibs $arg"
- continue
- ;;
-
- *.la)
- # A libtool-controlled library.
-
- if test "$prev" = dlfiles; then
- # This library was specified with -dlopen.
- dlfiles="$dlfiles $arg"
- prev=
- elif test "$prev" = dlprefiles; then
- # The library was specified with -dlpreopen.
- dlprefiles="$dlprefiles $arg"
- prev=
- else
- deplibs="$deplibs $arg"
- fi
- continue
- ;;
-
- # Some other compiler argument.
- *)
- # Unknown arguments in both finalize_command and compile_command need
- # to be aesthetically quoted because they are evaled later.
- func_quote_for_eval "$arg"
- arg="$func_quote_for_eval_result"
- ;;
- esac # arg
-
- # Now actually substitute the argument into the commands.
- if test -n "$arg"; then
- func_append compile_command " $arg"
- func_append finalize_command " $arg"
- fi
- done # argument parsing loop
-
- test -n "$prev" && \
- func_fatal_help "the \`$prevarg' option requires an argument"
-
- if test "$export_dynamic" = yes && test -n "$export_dynamic_flag_spec"; then
- eval arg=\"$export_dynamic_flag_spec\"
- func_append compile_command " $arg"
- func_append finalize_command " $arg"
- fi
-
- oldlibs=
- # calculate the name of the file, without its directory
- func_basename "$output"
- outputname="$func_basename_result"
- libobjs_save="$libobjs"
-
- if test -n "$shlibpath_var"; then
- # get the directories listed in $shlibpath_var
- eval shlib_search_path=\`\$ECHO \"X\${$shlibpath_var}\" \| \$Xsed -e \'s/:/ /g\'\`
- else
- shlib_search_path=
- fi
- eval sys_lib_search_path=\"$sys_lib_search_path_spec\"
- eval sys_lib_dlsearch_path=\"$sys_lib_dlsearch_path_spec\"
-
- func_dirname "$output" "/" ""
- output_objdir="$func_dirname_result$objdir"
- # Create the object directory.
- func_mkdir_p "$output_objdir"
-
- # Determine the type of output
- case $output in
- "")
- func_fatal_help "you must specify an output file"
- ;;
- *.$libext) linkmode=oldlib ;;
- *.lo | *.$objext) linkmode=obj ;;
- *.la) linkmode=lib ;;
- *) linkmode=prog ;; # Anything else should be a program.
- esac
-
- specialdeplibs=
-
- libs=
- # Find all interdependent deplibs by searching for libraries
- # that are linked more than once (e.g. -la -lb -la)
- for deplib in $deplibs; do
- if $opt_duplicate_deps ; then
- case "$libs " in
- *" $deplib "*) specialdeplibs="$specialdeplibs $deplib" ;;
- esac
- fi
- libs="$libs $deplib"
- done
-
- if test "$linkmode" = lib; then
- libs="$predeps $libs $compiler_lib_search_path $postdeps"
-
- # Compute libraries that are listed more than once in $predeps
- # $postdeps and mark them as special (i.e., whose duplicates are
- # not to be eliminated).
- pre_post_deps=
- if $opt_duplicate_compiler_generated_deps; then
- for pre_post_dep in $predeps $postdeps; do
- case "$pre_post_deps " in
- *" $pre_post_dep "*) specialdeplibs="$specialdeplibs $pre_post_deps" ;;
- esac
- pre_post_deps="$pre_post_deps $pre_post_dep"
- done
- fi
- pre_post_deps=
- fi
-
- deplibs=
- newdependency_libs=
- newlib_search_path=
- need_relink=no # whether we're linking any uninstalled libtool libraries
- notinst_deplibs= # not-installed libtool libraries
- notinst_path= # paths that contain not-installed libtool libraries
-
- case $linkmode in
- lib)
- passes="conv dlpreopen link"
- for file in $dlfiles $dlprefiles; do
- case $file in
- *.la) ;;
- *)
- func_fatal_help "libraries can \`-dlopen' only libtool libraries: $file"
- ;;
- esac
- done
- ;;
- prog)
- compile_deplibs=
- finalize_deplibs=
- alldeplibs=no
- newdlfiles=
- newdlprefiles=
- passes="conv scan dlopen dlpreopen link"
- ;;
- *) passes="conv"
- ;;
- esac
-
- for pass in $passes; do
- # The preopen pass in lib mode reverses $deplibs; put it back here
- # so that -L comes before libs that need it for instance...
- if test "$linkmode,$pass" = "lib,link"; then
- ## FIXME: Find the place where the list is rebuilt in the wrong
- ## order, and fix it there properly
- tmp_deplibs=
- for deplib in $deplibs; do
- tmp_deplibs="$deplib $tmp_deplibs"
- done
- deplibs="$tmp_deplibs"
- fi
-
- if test "$linkmode,$pass" = "lib,link" ||
- test "$linkmode,$pass" = "prog,scan"; then
- libs="$deplibs"
- deplibs=
- fi
- if test "$linkmode" = prog; then
- case $pass in
- dlopen) libs="$dlfiles" ;;
- dlpreopen) libs="$dlprefiles" ;;
- link) libs="$deplibs %DEPLIBS% $dependency_libs" ;;
- esac
- fi
- if test "$linkmode,$pass" = "lib,dlpreopen"; then
- # Collect and forward deplibs of preopened libtool libs
- for lib in $dlprefiles; do
- # Ignore non-libtool-libs
- dependency_libs=
- case $lib in
- *.la) func_source "$lib" ;;
- esac
-
- # Collect preopened libtool deplibs, except any this library
- # has declared as weak libs
- for deplib in $dependency_libs; do
- deplib_base=`$ECHO "X$deplib" | $Xsed -e "$basename"`
- case " $weak_libs " in
- *" $deplib_base "*) ;;
- *) deplibs="$deplibs $deplib" ;;
- esac
- done
- done
- libs="$dlprefiles"
- fi
- if test "$pass" = dlopen; then
- # Collect dlpreopened libraries
- save_deplibs="$deplibs"
- deplibs=
- fi
-
- for deplib in $libs; do
- lib=
- found=no
- case $deplib in
- -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe|-threads)
- if test "$linkmode,$pass" = "prog,link"; then
- compile_deplibs="$deplib $compile_deplibs"
- finalize_deplibs="$deplib $finalize_deplibs"
- else
- compiler_flags="$compiler_flags $deplib"
- if test "$linkmode" = lib ; then
- case "$new_inherited_linker_flags " in
- *" $deplib "*) ;;
- * ) new_inherited_linker_flags="$new_inherited_linker_flags $deplib" ;;
- esac
- fi
- fi
- continue
- ;;
- -l*)
- if test "$linkmode" != lib && test "$linkmode" != prog; then
- func_warning "\`-l' is ignored for archives/objects"
- continue
- fi
- func_stripname '-l' '' "$deplib"
- name=$func_stripname_result
- if test "$linkmode" = lib; then
- searchdirs="$newlib_search_path $lib_search_path $compiler_lib_search_dirs $sys_lib_search_path $shlib_search_path"
- else
- searchdirs="$newlib_search_path $lib_search_path $sys_lib_search_path $shlib_search_path"
- fi
- for searchdir in $searchdirs; do
- for search_ext in .la $std_shrext .so .a; do
- # Search the libtool library
- lib="$searchdir/lib${name}${search_ext}"
- if test -f "$lib"; then
- if test "$search_ext" = ".la"; then
- found=yes
- else
- found=no
- fi
- break 2
- fi
- done
- done
- if test "$found" != yes; then
- # deplib doesn't seem to be a libtool library
- if test "$linkmode,$pass" = "prog,link"; then
- compile_deplibs="$deplib $compile_deplibs"
- finalize_deplibs="$deplib $finalize_deplibs"
- else
- deplibs="$deplib $deplibs"
- test "$linkmode" = lib && newdependency_libs="$deplib $newdependency_libs"
- fi
- continue
- else # deplib is a libtool library
- # If $allow_libtool_libs_with_static_runtimes && $deplib is a stdlib,
- # We need to do some special things here, and not later.
- if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then
- case " $predeps $postdeps " in
- *" $deplib "*)
- if func_lalib_p "$lib"; then
- library_names=
- old_library=
- func_source "$lib"
- for l in $old_library $library_names; do
- ll="$l"
- done
- if test "X$ll" = "X$old_library" ; then # only static version available
- found=no
- func_dirname "$lib" "" "."
- ladir="$func_dirname_result"
- lib=$ladir/$old_library
- if test "$linkmode,$pass" = "prog,link"; then
- compile_deplibs="$deplib $compile_deplibs"
- finalize_deplibs="$deplib $finalize_deplibs"
- else
- deplibs="$deplib $deplibs"
- test "$linkmode" = lib && newdependency_libs="$deplib $newdependency_libs"
- fi
- continue
- fi
- fi
- ;;
- *) ;;
- esac
- fi
- fi
- ;; # -l
- *.ltframework)
- if test "$linkmode,$pass" = "prog,link"; then
- compile_deplibs="$deplib $compile_deplibs"
- finalize_deplibs="$deplib $finalize_deplibs"
- else
- deplibs="$deplib $deplibs"
- if test "$linkmode" = lib ; then
- case "$new_inherited_linker_flags " in
- *" $deplib "*) ;;
- * ) new_inherited_linker_flags="$new_inherited_linker_flags $deplib" ;;
- esac
- fi
- fi
- continue
- ;;
- -L*)
- case $linkmode in
- lib)
- deplibs="$deplib $deplibs"
- test "$pass" = conv && continue
- newdependency_libs="$deplib $newdependency_libs"
- func_stripname '-L' '' "$deplib"
- newlib_search_path="$newlib_search_path $func_stripname_result"
- ;;
- prog)
- if test "$pass" = conv; then
- deplibs="$deplib $deplibs"
- continue
- fi
- if test "$pass" = scan; then
- deplibs="$deplib $deplibs"
- else
- compile_deplibs="$deplib $compile_deplibs"
- finalize_deplibs="$deplib $finalize_deplibs"
- fi
- func_stripname '-L' '' "$deplib"
- newlib_search_path="$newlib_search_path $func_stripname_result"
- ;;
- *)
- func_warning "\`-L' is ignored for archives/objects"
- ;;
- esac # linkmode
- continue
- ;; # -L
- -R*)
- if test "$pass" = link; then
- func_stripname '-R' '' "$deplib"
- dir=$func_stripname_result
- # Make sure the xrpath contains only unique directories.
- case "$xrpath " in
- *" $dir "*) ;;
- *) xrpath="$xrpath $dir" ;;
- esac
- fi
- deplibs="$deplib $deplibs"
- continue
- ;;
- *.la) lib="$deplib" ;;
- *.$libext)
- if test "$pass" = conv; then
- deplibs="$deplib $deplibs"
- continue
- fi
- case $linkmode in
- lib)
- # Linking convenience modules into shared libraries is allowed,
- # but linking other static libraries is non-portable.
- case " $dlpreconveniencelibs " in
- *" $deplib "*) ;;
- *)
- valid_a_lib=no
- case $deplibs_check_method in
- match_pattern*)
- set dummy $deplibs_check_method; shift
- match_pattern_regex=`expr "$deplibs_check_method" : "$1 \(.*\)"`
- if eval "\$ECHO \"X$deplib\"" 2>/dev/null | $Xsed -e 10q \
- | $EGREP "$match_pattern_regex" > /dev/null; then
- valid_a_lib=yes
- fi
- ;;
- pass_all)
- valid_a_lib=yes
- ;;
- esac
- if test "$valid_a_lib" != yes; then
- $ECHO
- $ECHO "*** Warning: Trying to link with static lib archive $deplib."
- $ECHO "*** I have the capability to make that library automatically link in when"
- $ECHO "*** you link to this library. But I can only do this if you have a"
- $ECHO "*** shared version of the library, which you do not appear to have"
- $ECHO "*** because the file extensions .$libext of this argument makes me believe"
- $ECHO "*** that it is just a static archive that I should not use here."
- else
- $ECHO
- $ECHO "*** Warning: Linking the shared library $output against the"
- $ECHO "*** static library $deplib is not portable!"
- deplibs="$deplib $deplibs"
- fi
- ;;
- esac
- continue
- ;;
- prog)
- if test "$pass" != link; then
- deplibs="$deplib $deplibs"
- else
- compile_deplibs="$deplib $compile_deplibs"
- finalize_deplibs="$deplib $finalize_deplibs"
- fi
- continue
- ;;
- esac # linkmode
- ;; # *.$libext
- *.lo | *.$objext)
- if test "$pass" = conv; then
- deplibs="$deplib $deplibs"
- elif test "$linkmode" = prog; then
- if test "$pass" = dlpreopen || test "$dlopen_support" != yes || test "$build_libtool_libs" = no; then
- # If there is no dlopen support or we're linking statically,
- # we need to preload.
- newdlprefiles="$newdlprefiles $deplib"
- compile_deplibs="$deplib $compile_deplibs"
- finalize_deplibs="$deplib $finalize_deplibs"
- else
- newdlfiles="$newdlfiles $deplib"
- fi
- fi
- continue
- ;;
- %DEPLIBS%)
- alldeplibs=yes
- continue
- ;;
- esac # case $deplib
-
- if test "$found" = yes || test -f "$lib"; then :
- else
- func_fatal_error "cannot find the library \`$lib' or unhandled argument \`$deplib'"
- fi
-
- # Check to see that this really is a libtool archive.
- func_lalib_unsafe_p "$lib" \
- || func_fatal_error "\`$lib' is not a valid libtool archive"
-
- func_dirname "$lib" "" "."
- ladir="$func_dirname_result"
-
- dlname=
- dlopen=
- dlpreopen=
- libdir=
- library_names=
- old_library=
- inherited_linker_flags=
- # If the library was installed with an old release of libtool,
- # it will not redefine variables installed, or shouldnotlink
- installed=yes
- shouldnotlink=no
- avoidtemprpath=
-
-
- # Read the .la file
- func_source "$lib"
-
- # Convert "-framework foo" to "foo.ltframework"
- if test -n "$inherited_linker_flags"; then
- tmp_inherited_linker_flags=`$ECHO "X$inherited_linker_flags" | $Xsed -e 's/-framework \([^ $]*\)/\1.ltframework/g'`
- for tmp_inherited_linker_flag in $tmp_inherited_linker_flags; do
- case " $new_inherited_linker_flags " in
- *" $tmp_inherited_linker_flag "*) ;;
- *) new_inherited_linker_flags="$new_inherited_linker_flags $tmp_inherited_linker_flag";;
- esac
- done
- fi
- dependency_libs=`$ECHO "X $dependency_libs" | $Xsed -e 's% \([^ $]*\).ltframework% -framework \1%g'`
- if test "$linkmode,$pass" = "lib,link" ||
- test "$linkmode,$pass" = "prog,scan" ||
- { test "$linkmode" != prog && test "$linkmode" != lib; }; then
- test -n "$dlopen" && dlfiles="$dlfiles $dlopen"
- test -n "$dlpreopen" && dlprefiles="$dlprefiles $dlpreopen"
- fi
-
- if test "$pass" = conv; then
- # Only check for convenience libraries
- deplibs="$lib $deplibs"
- if test -z "$libdir"; then
- if test -z "$old_library"; then
- func_fatal_error "cannot find name of link library for \`$lib'"
- fi
- # It is a libtool convenience library, so add in its objects.
- convenience="$convenience $ladir/$objdir/$old_library"
- old_convenience="$old_convenience $ladir/$objdir/$old_library"
- elif test "$linkmode" != prog && test "$linkmode" != lib; then
- func_fatal_error "\`$lib' is not a convenience library"
- fi
- tmp_libs=
- for deplib in $dependency_libs; do
- deplibs="$deplib $deplibs"
- if $opt_duplicate_deps ; then
- case "$tmp_libs " in
- *" $deplib "*) specialdeplibs="$specialdeplibs $deplib" ;;
- esac
- fi
- tmp_libs="$tmp_libs $deplib"
- done
- continue
- fi # $pass = conv
-
-
- # Get the name of the library we link against.
- linklib=
- for l in $old_library $library_names; do
- linklib="$l"
- done
- if test -z "$linklib"; then
- func_fatal_error "cannot find name of link library for \`$lib'"
- fi
-
- # This library was specified with -dlopen.
- if test "$pass" = dlopen; then
- if test -z "$libdir"; then
- func_fatal_error "cannot -dlopen a convenience library: \`$lib'"
- fi
- if test -z "$dlname" ||
- test "$dlopen_support" != yes ||
- test "$build_libtool_libs" = no; then
- # If there is no dlname, no dlopen support or we're linking
- # statically, we need to preload. We also need to preload any
- # dependent libraries so libltdl's deplib preloader doesn't
- # bomb out in the load deplibs phase.
- dlprefiles="$dlprefiles $lib $dependency_libs"
- else
- newdlfiles="$newdlfiles $lib"
- fi
- continue
- fi # $pass = dlopen
-
- # We need an absolute path.
- case $ladir in
- [\\/]* | [A-Za-z]:[\\/]*) abs_ladir="$ladir" ;;
- *)
- abs_ladir=`cd "$ladir" && pwd`
- if test -z "$abs_ladir"; then
- func_warning "cannot determine absolute directory name of \`$ladir'"
- func_warning "passing it literally to the linker, although it might fail"
- abs_ladir="$ladir"
- fi
- ;;
- esac
- func_basename "$lib"
- laname="$func_basename_result"
-
- # Find the relevant object directory and library name.
- if test "X$installed" = Xyes; then
- if test ! -f "$libdir/$linklib" && test -f "$abs_ladir/$linklib"; then
- func_warning "library \`$lib' was moved."
- dir="$ladir"
- absdir="$abs_ladir"
- libdir="$abs_ladir"
- else
- dir="$libdir"
- absdir="$libdir"
- fi
- test "X$hardcode_automatic" = Xyes && avoidtemprpath=yes
- else
- if test ! -f "$ladir/$objdir/$linklib" && test -f "$abs_ladir/$linklib"; then
- dir="$ladir"
- absdir="$abs_ladir"
- # Remove this search path later
- notinst_path="$notinst_path $abs_ladir"
- else
- dir="$ladir/$objdir"
- absdir="$abs_ladir/$objdir"
- # Remove this search path later
- notinst_path="$notinst_path $abs_ladir"
- fi
- fi # $installed = yes
- func_stripname 'lib' '.la' "$laname"
- name=$func_stripname_result
-
- # This library was specified with -dlpreopen.
- if test "$pass" = dlpreopen; then
- if test -z "$libdir" && test "$linkmode" = prog; then
- func_fatal_error "only libraries may -dlpreopen a convenience library: \`$lib'"
- fi
- # Prefer using a static library (so that no silly _DYNAMIC symbols
- # are required to link).
- if test -n "$old_library"; then
- newdlprefiles="$newdlprefiles $dir/$old_library"
- # Keep a list of preopened convenience libraries to check
- # that they are being used correctly in the link pass.
- test -z "$libdir" && \
- dlpreconveniencelibs="$dlpreconveniencelibs $dir/$old_library"
- # Otherwise, use the dlname, so that lt_dlopen finds it.
- elif test -n "$dlname"; then
- newdlprefiles="$newdlprefiles $dir/$dlname"
- else
- newdlprefiles="$newdlprefiles $dir/$linklib"
- fi
- fi # $pass = dlpreopen
-
- if test -z "$libdir"; then
- # Link the convenience library
- if test "$linkmode" = lib; then
- deplibs="$dir/$old_library $deplibs"
- elif test "$linkmode,$pass" = "prog,link"; then
- compile_deplibs="$dir/$old_library $compile_deplibs"
- finalize_deplibs="$dir/$old_library $finalize_deplibs"
- else
- deplibs="$lib $deplibs" # used for prog,scan pass
- fi
- continue
- fi
-
-
- if test "$linkmode" = prog && test "$pass" != link; then
- newlib_search_path="$newlib_search_path $ladir"
- deplibs="$lib $deplibs"
-
- linkalldeplibs=no
- if test "$link_all_deplibs" != no || test -z "$library_names" ||
- test "$build_libtool_libs" = no; then
- linkalldeplibs=yes
- fi
-
- tmp_libs=
- for deplib in $dependency_libs; do
- case $deplib in
- -L*) func_stripname '-L' '' "$deplib"
- newlib_search_path="$newlib_search_path $func_stripname_result"
- ;;
- esac
- # Need to link against all dependency_libs?
- if test "$linkalldeplibs" = yes; then
- deplibs="$deplib $deplibs"
- else
- # Need to hardcode shared library paths
- # or/and link against static libraries
- newdependency_libs="$deplib $newdependency_libs"
- fi
- if $opt_duplicate_deps ; then
- case "$tmp_libs " in
- *" $deplib "*) specialdeplibs="$specialdeplibs $deplib" ;;
- esac
- fi
- tmp_libs="$tmp_libs $deplib"
- done # for deplib
- continue
- fi # $linkmode = prog...
-
- if test "$linkmode,$pass" = "prog,link"; then
- if test -n "$library_names" &&
- { { test "$prefer_static_libs" = no ||
- test "$prefer_static_libs,$installed" = "built,yes"; } ||
- test -z "$old_library"; }; then
- # We need to hardcode the library path
- if test -n "$shlibpath_var" && test -z "$avoidtemprpath" ; then
- # Make sure the rpath contains only unique directories.
- case "$temp_rpath:" in
- *"$absdir:"*) ;;
- *) temp_rpath="$temp_rpath$absdir:" ;;
- esac
- fi
-
- # Hardcode the library path.
- # Skip directories that are in the system default run-time
- # search path.
- case " $sys_lib_dlsearch_path " in
- *" $absdir "*) ;;
- *)
- case "$compile_rpath " in
- *" $absdir "*) ;;
- *) compile_rpath="$compile_rpath $absdir"
- esac
- ;;
- esac
- case " $sys_lib_dlsearch_path " in
- *" $libdir "*) ;;
- *)
- case "$finalize_rpath " in
- *" $libdir "*) ;;
- *) finalize_rpath="$finalize_rpath $libdir"
- esac
- ;;
- esac
- fi # $linkmode,$pass = prog,link...
-
- if test "$alldeplibs" = yes &&
- { test "$deplibs_check_method" = pass_all ||
- { test "$build_libtool_libs" = yes &&
- test -n "$library_names"; }; }; then
- # We only need to search for static libraries
- continue
- fi
- fi
-
- link_static=no # Whether the deplib will be linked statically
- use_static_libs=$prefer_static_libs
- if test "$use_static_libs" = built && test "$installed" = yes; then
- use_static_libs=no
- fi
- if test -n "$library_names" &&
- { test "$use_static_libs" = no || test -z "$old_library"; }; then
- case $host in
- *cygwin* | *mingw* | *cegcc*)
- # No point in relinking DLLs because paths are not encoded
- notinst_deplibs="$notinst_deplibs $lib"
- need_relink=no
- ;;
- *)
- if test "$installed" = no; then
- notinst_deplibs="$notinst_deplibs $lib"
- need_relink=yes
- fi
- ;;
- esac
- # This is a shared library
-
- # Warn about portability, can't link against -module's on some
- # systems (darwin). Don't bleat about dlopened modules though!
- dlopenmodule=""
- for dlpremoduletest in $dlprefiles; do
- if test "X$dlpremoduletest" = "X$lib"; then
- dlopenmodule="$dlpremoduletest"
- break
- fi
- done
- if test -z "$dlopenmodule" && test "$shouldnotlink" = yes && test "$pass" = link; then
- $ECHO
- if test "$linkmode" = prog; then
- $ECHO "*** Warning: Linking the executable $output against the loadable module"
- else
- $ECHO "*** Warning: Linking the shared library $output against the loadable module"
- fi
- $ECHO "*** $linklib is not portable!"
- fi
- if test "$linkmode" = lib &&
- test "$hardcode_into_libs" = yes; then
- # Hardcode the library path.
- # Skip directories that are in the system default run-time
- # search path.
- case " $sys_lib_dlsearch_path " in
- *" $absdir "*) ;;
- *)
- case "$compile_rpath " in
- *" $absdir "*) ;;
- *) compile_rpath="$compile_rpath $absdir"
- esac
- ;;
- esac
- case " $sys_lib_dlsearch_path " in
- *" $libdir "*) ;;
- *)
- case "$finalize_rpath " in
- *" $libdir "*) ;;
- *) finalize_rpath="$finalize_rpath $libdir"
- esac
- ;;
- esac
- fi
-
- if test -n "$old_archive_from_expsyms_cmds"; then
- # figure out the soname
- set dummy $library_names
- shift
- realname="$1"
- shift
- libname=`eval "\\$ECHO \"$libname_spec\""`
- # use dlname if we got it. it's perfectly good, no?
- if test -n "$dlname"; then
- soname="$dlname"
- elif test -n "$soname_spec"; then
- # bleh windows
- case $host in
- *cygwin* | mingw* | *cegcc*)
- func_arith $current - $age
- major=$func_arith_result
- versuffix="-$major"
- ;;
- esac
- eval soname=\"$soname_spec\"
- else
- soname="$realname"
- fi
-
- # Make a new name for the extract_expsyms_cmds to use
- soroot="$soname"
- func_basename "$soroot"
- soname="$func_basename_result"
- func_stripname 'lib' '.dll' "$soname"
- newlib=libimp-$func_stripname_result.a
-
- # If the library has no export list, then create one now
- if test -f "$output_objdir/$soname-def"; then :
- else
- func_verbose "extracting exported symbol list from \`$soname'"
- func_execute_cmds "$extract_expsyms_cmds" 'exit $?'
- fi
-
- # Create $newlib
- if test -f "$output_objdir/$newlib"; then :; else
- func_verbose "generating import library for \`$soname'"
- func_execute_cmds "$old_archive_from_expsyms_cmds" 'exit $?'
- fi
- # make sure the library variables are pointing to the new library
- dir=$output_objdir
- linklib=$newlib
- fi # test -n "$old_archive_from_expsyms_cmds"
-
- if test "$linkmode" = prog || test "$mode" != relink; then
- add_shlibpath=
- add_dir=
- add=
- lib_linked=yes
- case $hardcode_action in
- immediate | unsupported)
- if test "$hardcode_direct" = no; then
- add="$dir/$linklib"
- case $host in
- *-*-sco3.2v5.0.[024]*) add_dir="-L$dir" ;;
- *-*-sysv4*uw2*) add_dir="-L$dir" ;;
- *-*-sysv5OpenUNIX* | *-*-sysv5UnixWare7.[01].[10]* | \
- *-*-unixware7*) add_dir="-L$dir" ;;
- *-*-darwin* )
- # if the lib is a (non-dlopened) module then we can not
- # link against it, someone is ignoring the earlier warnings
- if /usr/bin/file -L $add 2> /dev/null |
- $GREP ": [^:]* bundle" >/dev/null ; then
- if test "X$dlopenmodule" != "X$lib"; then
- $ECHO "*** Warning: lib $linklib is a module, not a shared library"
- if test -z "$old_library" ; then
- $ECHO
- $ECHO "*** And there doesn't seem to be a static archive available"
- $ECHO "*** The link will probably fail, sorry"
- else
- add="$dir/$old_library"
- fi
- elif test -n "$old_library"; then
- add="$dir/$old_library"
- fi
- fi
- esac
- elif test "$hardcode_minus_L" = no; then
- case $host in
- *-*-sunos*) add_shlibpath="$dir" ;;
- esac
- add_dir="-L$dir"
- add="-l$name"
- elif test "$hardcode_shlibpath_var" = no; then
- add_shlibpath="$dir"
- add="-l$name"
- else
- lib_linked=no
- fi
- ;;
- relink)
- if test "$hardcode_direct" = yes &&
- test "$hardcode_direct_absolute" = no; then
- add="$dir/$linklib"
- elif test "$hardcode_minus_L" = yes; then
- add_dir="-L$dir"
- # Try looking first in the location we're being installed to.
- if test -n "$inst_prefix_dir"; then
- case $libdir in
- [\\/]*)
- add_dir="$add_dir -L$inst_prefix_dir$libdir"
- ;;
- esac
- fi
- add="-l$name"
- elif test "$hardcode_shlibpath_var" = yes; then
- add_shlibpath="$dir"
- add="-l$name"
- else
- lib_linked=no
- fi
- ;;
- *) lib_linked=no ;;
- esac
-
- if test "$lib_linked" != yes; then
- func_fatal_configuration "unsupported hardcode properties"
- fi
-
- if test -n "$add_shlibpath"; then
- case :$compile_shlibpath: in
- *":$add_shlibpath:"*) ;;
- *) compile_shlibpath="$compile_shlibpath$add_shlibpath:" ;;
- esac
- fi
- if test "$linkmode" = prog; then
- test -n "$add_dir" && compile_deplibs="$add_dir $compile_deplibs"
- test -n "$add" && compile_deplibs="$add $compile_deplibs"
- else
- test -n "$add_dir" && deplibs="$add_dir $deplibs"
- test -n "$add" && deplibs="$add $deplibs"
- if test "$hardcode_direct" != yes &&
- test "$hardcode_minus_L" != yes &&
- test "$hardcode_shlibpath_var" = yes; then
- case :$finalize_shlibpath: in
- *":$libdir:"*) ;;
- *) finalize_shlibpath="$finalize_shlibpath$libdir:" ;;
- esac
- fi
- fi
- fi
-
- if test "$linkmode" = prog || test "$mode" = relink; then
- add_shlibpath=
- add_dir=
- add=
- # Finalize command for both is simple: just hardcode it.
- if test "$hardcode_direct" = yes &&
- test "$hardcode_direct_absolute" = no; then
- add="$libdir/$linklib"
- elif test "$hardcode_minus_L" = yes; then
- add_dir="-L$libdir"
- add="-l$name"
- elif test "$hardcode_shlibpath_var" = yes; then
- case :$finalize_shlibpath: in
- *":$libdir:"*) ;;
- *) finalize_shlibpath="$finalize_shlibpath$libdir:" ;;
- esac
- add="-l$name"
- elif test "$hardcode_automatic" = yes; then
- if test -n "$inst_prefix_dir" &&
- test -f "$inst_prefix_dir$libdir/$linklib" ; then
- add="$inst_prefix_dir$libdir/$linklib"
- else
- add="$libdir/$linklib"
- fi
- else
- # We cannot seem to hardcode it, guess we'll fake it.
- add_dir="-L$libdir"
- # Try looking first in the location we're being installed to.
- if test -n "$inst_prefix_dir"; then
- case $libdir in
- [\\/]*)
- add_dir="$add_dir -L$inst_prefix_dir$libdir"
- ;;
- esac
- fi
- add="-l$name"
- fi
-
- if test "$linkmode" = prog; then
- test -n "$add_dir" && finalize_deplibs="$add_dir $finalize_deplibs"
- test -n "$add" && finalize_deplibs="$add $finalize_deplibs"
- else
- test -n "$add_dir" && deplibs="$add_dir $deplibs"
- test -n "$add" && deplibs="$add $deplibs"
- fi
- fi
- elif test "$linkmode" = prog; then
- # Here we assume that one of hardcode_direct or hardcode_minus_L
- # is not unsupported. This is valid on all known static and
- # shared platforms.
- if test "$hardcode_direct" != unsupported; then
- test -n "$old_library" && linklib="$old_library"
- compile_deplibs="$dir/$linklib $compile_deplibs"
- finalize_deplibs="$dir/$linklib $finalize_deplibs"
- else
- compile_deplibs="-l$name -L$dir $compile_deplibs"
- finalize_deplibs="-l$name -L$dir $finalize_deplibs"
- fi
- elif test "$build_libtool_libs" = yes; then
- # Not a shared library
- if test "$deplibs_check_method" != pass_all; then
- # We're trying link a shared library against a static one
- # but the system doesn't support it.
-
- # Just print a warning and add the library to dependency_libs so
- # that the program can be linked against the static library.
- $ECHO
- $ECHO "*** Warning: This system can not link to static lib archive $lib."
- $ECHO "*** I have the capability to make that library automatically link in when"
- $ECHO "*** you link to this library. But I can only do this if you have a"
- $ECHO "*** shared version of the library, which you do not appear to have."
- if test "$module" = yes; then
- $ECHO "*** But as you try to build a module library, libtool will still create "
- $ECHO "*** a static module, that should work as long as the dlopening application"
- $ECHO "*** is linked with the -dlopen flag to resolve symbols at runtime."
- if test -z "$global_symbol_pipe"; then
- $ECHO
- $ECHO "*** However, this would only work if libtool was able to extract symbol"
- $ECHO "*** lists from a program, using \`nm' or equivalent, but libtool could"
- $ECHO "*** not find such a program. So, this module is probably useless."
- $ECHO "*** \`nm' from GNU binutils and a full rebuild may help."
- fi
- if test "$build_old_libs" = no; then
- build_libtool_libs=module
- build_old_libs=yes
- else
- build_libtool_libs=no
- fi
- fi
- else
- deplibs="$dir/$old_library $deplibs"
- link_static=yes
- fi
- fi # link shared/static library?
-
- if test "$linkmode" = lib; then
- if test -n "$dependency_libs" &&
- { test "$hardcode_into_libs" != yes ||
- test "$build_old_libs" = yes ||
- test "$link_static" = yes; }; then
- # Extract -R from dependency_libs
- temp_deplibs=
- for libdir in $dependency_libs; do
- case $libdir in
- -R*) func_stripname '-R' '' "$libdir"
- temp_xrpath=$func_stripname_result
- case " $xrpath " in
- *" $temp_xrpath "*) ;;
- *) xrpath="$xrpath $temp_xrpath";;
- esac;;
- *) temp_deplibs="$temp_deplibs $libdir";;
- esac
- done
- dependency_libs="$temp_deplibs"
- fi
-
- newlib_search_path="$newlib_search_path $absdir"
- # Link against this library
- test "$link_static" = no && newdependency_libs="$abs_ladir/$laname $newdependency_libs"
- # ... and its dependency_libs
- tmp_libs=
- for deplib in $dependency_libs; do
- newdependency_libs="$deplib $newdependency_libs"
- if $opt_duplicate_deps ; then
- case "$tmp_libs " in
- *" $deplib "*) specialdeplibs="$specialdeplibs $deplib" ;;
- esac
- fi
- tmp_libs="$tmp_libs $deplib"
- done
-
- if test "$link_all_deplibs" != no; then
- # Add the search paths of all dependency libraries
- for deplib in $dependency_libs; do
- case $deplib in
- -L*) path="$deplib" ;;
- *.la)
- func_dirname "$deplib" "" "."
- dir="$func_dirname_result"
- # We need an absolute path.
- case $dir in
- [\\/]* | [A-Za-z]:[\\/]*) absdir="$dir" ;;
- *)
- absdir=`cd "$dir" && pwd`
- if test -z "$absdir"; then
- func_warning "cannot determine absolute directory name of \`$dir'"
- absdir="$dir"
- fi
- ;;
- esac
- if $GREP "^installed=no" $deplib > /dev/null; then
- case $host in
- *-*-darwin*)
- depdepl=
- eval deplibrary_names=`${SED} -n -e 's/^library_names=\(.*\)$/\1/p' $deplib`
- if test -n "$deplibrary_names" ; then
- for tmp in $deplibrary_names ; do
- depdepl=$tmp
- done
- if test -f "$absdir/$objdir/$depdepl" ; then
- depdepl="$absdir/$objdir/$depdepl"
- darwin_install_name=`${OTOOL} -L $depdepl | awk '{if (NR == 2) {print $1;exit}}'`
- if test -z "$darwin_install_name"; then
- darwin_install_name=`${OTOOL64} -L $depdepl | awk '{if (NR == 2) {print $1;exit}}'`
- fi
- compiler_flags="$compiler_flags ${wl}-dylib_file ${wl}${darwin_install_name}:${depdepl}"
- linker_flags="$linker_flags -dylib_file ${darwin_install_name}:${depdepl}"
- path=
- fi
- fi
- ;;
- *)
- path="-L$absdir/$objdir"
- ;;
- esac
- else
- eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $deplib`
- test -z "$libdir" && \
- func_fatal_error "\`$deplib' is not a valid libtool archive"
- test "$absdir" != "$libdir" && \
- func_warning "\`$deplib' seems to be moved"
-
- path="-L$absdir"
- fi
- ;;
- esac
- case " $deplibs " in
- *" $path "*) ;;
- *) deplibs="$path $deplibs" ;;
- esac
- done
- fi # link_all_deplibs != no
- fi # linkmode = lib
- done # for deplib in $libs
- if test "$pass" = link; then
- if test "$linkmode" = "prog"; then
- compile_deplibs="$new_inherited_linker_flags $compile_deplibs"
- finalize_deplibs="$new_inherited_linker_flags $finalize_deplibs"
- else
- compiler_flags="$compiler_flags "`$ECHO "X $new_inherited_linker_flags" | $Xsed -e 's% \([^ $]*\).ltframework% -framework \1%g'`
- fi
- fi
- dependency_libs="$newdependency_libs"
- if test "$pass" = dlpreopen; then
- # Link the dlpreopened libraries before other libraries
- for deplib in $save_deplibs; do
- deplibs="$deplib $deplibs"
- done
- fi
- if test "$pass" != dlopen; then
- if test "$pass" != conv; then
- # Make sure lib_search_path contains only unique directories.
- lib_search_path=
- for dir in $newlib_search_path; do
- case "$lib_search_path " in
- *" $dir "*) ;;
- *) lib_search_path="$lib_search_path $dir" ;;
- esac
- done
- newlib_search_path=
- fi
-
- if test "$linkmode,$pass" != "prog,link"; then
- vars="deplibs"
- else
- vars="compile_deplibs finalize_deplibs"
- fi
- for var in $vars dependency_libs; do
- # Add libraries to $var in reverse order
- eval tmp_libs=\"\$$var\"
- new_libs=
- for deplib in $tmp_libs; do
- # FIXME: Pedantically, this is the right thing to do, so
- # that some nasty dependency loop isn't accidentally
- # broken:
- #new_libs="$deplib $new_libs"
- # Pragmatically, this seems to cause very few problems in
- # practice:
- case $deplib in
- -L*) new_libs="$deplib $new_libs" ;;
- -R*) ;;
- *)
- # And here is the reason: when a library appears more
- # than once as an explicit dependence of a library, or
- # is implicitly linked in more than once by the
- # compiler, it is considered special, and multiple
- # occurrences thereof are not removed. Compare this
- # with having the same library being listed as a
- # dependency of multiple other libraries: in this case,
- # we know (pedantically, we assume) the library does not
- # need to be listed more than once, so we keep only the
- # last copy. This is not always right, but it is rare
- # enough that we require users that really mean to play
- # such unportable linking tricks to link the library
- # using -Wl,-lname, so that libtool does not consider it
- # for duplicate removal.
- case " $specialdeplibs " in
- *" $deplib "*) new_libs="$deplib $new_libs" ;;
- *)
- case " $new_libs " in
- *" $deplib "*) ;;
- *) new_libs="$deplib $new_libs" ;;
- esac
- ;;
- esac
- ;;
- esac
- done
- tmp_libs=
- for deplib in $new_libs; do
- case $deplib in
- -L*)
- case " $tmp_libs " in
- *" $deplib "*) ;;
- *) tmp_libs="$tmp_libs $deplib" ;;
- esac
- ;;
- *) tmp_libs="$tmp_libs $deplib" ;;
- esac
- done
- eval $var=\"$tmp_libs\"
- done # for var
- fi
- # Last step: remove runtime libs from dependency_libs
- # (they stay in deplibs)
- tmp_libs=
- for i in $dependency_libs ; do
- case " $predeps $postdeps $compiler_lib_search_path " in
- *" $i "*)
- i=""
- ;;
- esac
- if test -n "$i" ; then
- tmp_libs="$tmp_libs $i"
- fi
- done
- dependency_libs=$tmp_libs
- done # for pass
- if test "$linkmode" = prog; then
- dlfiles="$newdlfiles"
- fi
- if test "$linkmode" = prog || test "$linkmode" = lib; then
- dlprefiles="$newdlprefiles"
- fi
-
- case $linkmode in
- oldlib)
- if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then
- func_warning "\`-dlopen' is ignored for archives"
- fi
-
- case " $deplibs" in
- *\ -l* | *\ -L*)
- func_warning "\`-l' and \`-L' are ignored for archives" ;;
- esac
-
- test -n "$rpath" && \
- func_warning "\`-rpath' is ignored for archives"
-
- test -n "$xrpath" && \
- func_warning "\`-R' is ignored for archives"
-
- test -n "$vinfo" && \
- func_warning "\`-version-info/-version-number' is ignored for archives"
-
- test -n "$release" && \
- func_warning "\`-release' is ignored for archives"
-
- test -n "$export_symbols$export_symbols_regex" && \
- func_warning "\`-export-symbols' is ignored for archives"
-
- # Now set the variables for building old libraries.
- build_libtool_libs=no
- oldlibs="$output"
- objs="$objs$old_deplibs"
- ;;
-
- lib)
- # Make sure we only generate libraries of the form `libNAME.la'.
- case $outputname in
- lib*)
- func_stripname 'lib' '.la' "$outputname"
- name=$func_stripname_result
- eval shared_ext=\"$shrext_cmds\"
- eval libname=\"$libname_spec\"
- ;;
- *)
- test "$module" = no && \
- func_fatal_help "libtool library \`$output' must begin with \`lib'"
-
- if test "$need_lib_prefix" != no; then
- # Add the "lib" prefix for modules if required
- func_stripname '' '.la' "$outputname"
- name=$func_stripname_result
- eval shared_ext=\"$shrext_cmds\"
- eval libname=\"$libname_spec\"
- else
- func_stripname '' '.la' "$outputname"
- libname=$func_stripname_result
- fi
- ;;
- esac
-
- if test -n "$objs"; then
- if test "$deplibs_check_method" != pass_all; then
- func_fatal_error "cannot build libtool library \`$output' from non-libtool objects on this host:$objs"
- else
- $ECHO
- $ECHO "*** Warning: Linking the shared library $output against the non-libtool"
- $ECHO "*** objects $objs is not portable!"
- libobjs="$libobjs $objs"
- fi
- fi
-
- test "$dlself" != no && \
- func_warning "\`-dlopen self' is ignored for libtool libraries"
-
- set dummy $rpath
- shift
- test "$#" -gt 1 && \
- func_warning "ignoring multiple \`-rpath's for a libtool library"
-
- install_libdir="$1"
-
- oldlibs=
- if test -z "$rpath"; then
- if test "$build_libtool_libs" = yes; then
- # Building a libtool convenience library.
- # Some compilers have problems with a `.al' extension so
- # convenience libraries should have the same extension an
- # archive normally would.
- oldlibs="$output_objdir/$libname.$libext $oldlibs"
- build_libtool_libs=convenience
- build_old_libs=yes
- fi
-
- test -n "$vinfo" && \
- func_warning "\`-version-info/-version-number' is ignored for convenience libraries"
-
- test -n "$release" && \
- func_warning "\`-release' is ignored for convenience libraries"
- else
-
- # Parse the version information argument.
- save_ifs="$IFS"; IFS=':'
- set dummy $vinfo 0 0 0
- shift
- IFS="$save_ifs"
-
- test -n "$7" && \
- func_fatal_help "too many parameters to \`-version-info'"
-
- # convert absolute version numbers to libtool ages
- # this retains compatibility with .la files and attempts
- # to make the code below a bit more comprehensible
-
- case $vinfo_number in
- yes)
- number_major="$1"
- number_minor="$2"
- number_revision="$3"
- #
- # There are really only two kinds -- those that
- # use the current revision as the major version
- # and those that subtract age and use age as
- # a minor version. But, then there is irix
- # which has an extra 1 added just for fun
- #
- case $version_type in
- darwin|linux|osf|windows|none)
- func_arith $number_major + $number_minor
- current=$func_arith_result
- age="$number_minor"
- revision="$number_revision"
- ;;
- freebsd-aout|freebsd-elf|sunos)
- current="$number_major"
- revision="$number_minor"
- age="0"
- ;;
- irix|nonstopux)
- func_arith $number_major + $number_minor
- current=$func_arith_result
- age="$number_minor"
- revision="$number_minor"
- lt_irix_increment=no
- ;;
- esac
- ;;
- no)
- current="$1"
- revision="$2"
- age="$3"
- ;;
- esac
-
- # Check that each of the things are valid numbers.
- case $current in
- 0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;;
- *)
- func_error "CURRENT \`$current' must be a nonnegative integer"
- func_fatal_error "\`$vinfo' is not valid version information"
- ;;
- esac
-
- case $revision in
- 0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;;
- *)
- func_error "REVISION \`$revision' must be a nonnegative integer"
- func_fatal_error "\`$vinfo' is not valid version information"
- ;;
- esac
-
- case $age in
- 0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;;
- *)
- func_error "AGE \`$age' must be a nonnegative integer"
- func_fatal_error "\`$vinfo' is not valid version information"
- ;;
- esac
-
- if test "$age" -gt "$current"; then
- func_error "AGE \`$age' is greater than the current interface number \`$current'"
- func_fatal_error "\`$vinfo' is not valid version information"
- fi
-
- # Calculate the version variables.
- major=
- versuffix=
- verstring=
- case $version_type in
- none) ;;
-
- darwin)
- # Like Linux, but with the current version available in
- # verstring for coding it into the library header
- func_arith $current - $age
- major=.$func_arith_result
- versuffix="$major.$age.$revision"
- # Darwin ld doesn't like 0 for these options...
- func_arith $current + 1
- minor_current=$func_arith_result
- xlcverstring="${wl}-compatibility_version ${wl}$minor_current ${wl}-current_version ${wl}$minor_current.$revision"
- verstring="-compatibility_version $minor_current -current_version $minor_current.$revision"
- ;;
-
- freebsd-aout)
- major=".$current"
- versuffix=".$current.$revision";
- ;;
-
- freebsd-elf)
- major=".$current"
- versuffix=".$current"
- ;;
-
- irix | nonstopux)
- if test "X$lt_irix_increment" = "Xno"; then
- func_arith $current - $age
- else
- func_arith $current - $age + 1
- fi
- major=$func_arith_result
-
- case $version_type in
- nonstopux) verstring_prefix=nonstopux ;;
- *) verstring_prefix=sgi ;;
- esac
- verstring="$verstring_prefix$major.$revision"
-
- # Add in all the interfaces that we are compatible with.
- loop=$revision
- while test "$loop" -ne 0; do
- func_arith $revision - $loop
- iface=$func_arith_result
- func_arith $loop - 1
- loop=$func_arith_result
- verstring="$verstring_prefix$major.$iface:$verstring"
- done
-
- # Before this point, $major must not contain `.'.
- major=.$major
- versuffix="$major.$revision"
- ;;
-
- linux)
- func_arith $current - $age
- major=.$func_arith_result
- versuffix="$major.$age.$revision"
- ;;
-
- osf)
- func_arith $current - $age
- major=.$func_arith_result
- versuffix=".$current.$age.$revision"
- verstring="$current.$age.$revision"
-
- # Add in all the interfaces that we are compatible with.
- loop=$age
- while test "$loop" -ne 0; do
- func_arith $current - $loop
- iface=$func_arith_result
- func_arith $loop - 1
- loop=$func_arith_result
- verstring="$verstring:${iface}.0"
- done
-
- # Make executables depend on our current version.
- verstring="$verstring:${current}.0"
- ;;
-
- qnx)
- major=".$current"
- versuffix=".$current"
- ;;
-
- sunos)
- major=".$current"
- versuffix=".$current.$revision"
- ;;
-
- windows)
- # Use '-' rather than '.', since we only want one
- # extension on DOS 8.3 filesystems.
- func_arith $current - $age
- major=$func_arith_result
- versuffix="-$major"
- ;;
-
- *)
- func_fatal_configuration "unknown library version type \`$version_type'"
- ;;
- esac
-
- # Clear the version info if we defaulted, and they specified a release.
- if test -z "$vinfo" && test -n "$release"; then
- major=
- case $version_type in
- darwin)
- # we can't check for "0.0" in archive_cmds due to quoting
- # problems, so we reset it completely
- verstring=
- ;;
- *)
- verstring="0.0"
- ;;
- esac
- if test "$need_version" = no; then
- versuffix=
- else
- versuffix=".0.0"
- fi
- fi
-
- # Remove version info from name if versioning should be avoided
- if test "$avoid_version" = yes && test "$need_version" = no; then
- major=
- versuffix=
- verstring=""
- fi
-
- # Check to see if the archive will have undefined symbols.
- if test "$allow_undefined" = yes; then
- if test "$allow_undefined_flag" = unsupported; then
- func_warning "undefined symbols not allowed in $host shared libraries"
- build_libtool_libs=no
- build_old_libs=yes
- fi
- else
- # Don't allow undefined symbols.
- allow_undefined_flag="$no_undefined_flag"
- fi
-
- fi
-
- func_generate_dlsyms "$libname" "$libname" "yes"
- libobjs="$libobjs $symfileobj"
- test "X$libobjs" = "X " && libobjs=
-
- if test "$mode" != relink; then
- # Remove our outputs, but don't remove object files since they
- # may have been created when compiling PIC objects.
- removelist=
- tempremovelist=`$ECHO "$output_objdir/*"`
- for p in $tempremovelist; do
- case $p in
- *.$objext | *.gcno)
- ;;
- $output_objdir/$outputname | $output_objdir/$libname.* | $output_objdir/${libname}${release}.*)
- if test "X$precious_files_regex" != "X"; then
- if $ECHO "$p" | $EGREP -e "$precious_files_regex" >/dev/null 2>&1
- then
- continue
- fi
- fi
- removelist="$removelist $p"
- ;;
- *) ;;
- esac
- done
- test -n "$removelist" && \
- func_show_eval "${RM}r \$removelist"
- fi
-
- # Now set the variables for building old libraries.
- if test "$build_old_libs" = yes && test "$build_libtool_libs" != convenience ; then
- oldlibs="$oldlibs $output_objdir/$libname.$libext"
-
- # Transform .lo files to .o files.
- oldobjs="$objs "`$ECHO "X$libobjs" | $SP2NL | $Xsed -e '/\.'${libext}'$/d' -e "$lo2o" | $NL2SP`
- fi
-
- # Eliminate all temporary directories.
- #for path in $notinst_path; do
- # lib_search_path=`$ECHO "X$lib_search_path " | $Xsed -e "s% $path % %g"`
- # deplibs=`$ECHO "X$deplibs " | $Xsed -e "s% -L$path % %g"`
- # dependency_libs=`$ECHO "X$dependency_libs " | $Xsed -e "s% -L$path % %g"`
- #done
-
- if test -n "$xrpath"; then
- # If the user specified any rpath flags, then add them.
- temp_xrpath=
- for libdir in $xrpath; do
- temp_xrpath="$temp_xrpath -R$libdir"
- case "$finalize_rpath " in
- *" $libdir "*) ;;
- *) finalize_rpath="$finalize_rpath $libdir" ;;
- esac
- done
- if test "$hardcode_into_libs" != yes || test "$build_old_libs" = yes; then
- dependency_libs="$temp_xrpath $dependency_libs"
- fi
- fi
-
- # Make sure dlfiles contains only unique files that won't be dlpreopened
- old_dlfiles="$dlfiles"
- dlfiles=
- for lib in $old_dlfiles; do
- case " $dlprefiles $dlfiles " in
- *" $lib "*) ;;
- *) dlfiles="$dlfiles $lib" ;;
- esac
- done
-
- # Make sure dlprefiles contains only unique files
- old_dlprefiles="$dlprefiles"
- dlprefiles=
- for lib in $old_dlprefiles; do
- case "$dlprefiles " in
- *" $lib "*) ;;
- *) dlprefiles="$dlprefiles $lib" ;;
- esac
- done
-
- if test "$build_libtool_libs" = yes; then
- if test -n "$rpath"; then
- case $host in
- *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-*-beos* | *-cegcc*)
- # these systems don't actually have a c library (as such)!
- ;;
- *-*-rhapsody* | *-*-darwin1.[012])
- # Rhapsody C library is in the System framework
- deplibs="$deplibs System.ltframework"
- ;;
- *-*-netbsd*)
- # Don't link with libc until the a.out ld.so is fixed.
- ;;
- *-*-openbsd* | *-*-freebsd* | *-*-dragonfly*)
- # Do not include libc due to us having libc/libc_r.
- ;;
- *-*-sco3.2v5* | *-*-sco5v6*)
- # Causes problems with __ctype
- ;;
- *-*-sysv4.2uw2* | *-*-sysv5* | *-*-unixware* | *-*-OpenUNIX*)
- # Compiler inserts libc in the correct place for threads to work
- ;;
- *)
- # Add libc to deplibs on all other systems if necessary.
- if test "$build_libtool_need_lc" = "yes"; then
- deplibs="$deplibs -lc"
- fi
- ;;
- esac
- fi
-
- # Transform deplibs into only deplibs that can be linked in shared.
- name_save=$name
- libname_save=$libname
- release_save=$release
- versuffix_save=$versuffix
- major_save=$major
- # I'm not sure if I'm treating the release correctly. I think
- # release should show up in the -l (ie -lgmp5) so we don't want to
- # add it in twice. Is that correct?
- release=""
- versuffix=""
- major=""
- newdeplibs=
- droppeddeps=no
- case $deplibs_check_method in
- pass_all)
- # Don't check for shared/static. Everything works.
- # This might be a little naive. We might want to check
- # whether the library exists or not. But this is on
- # osf3 & osf4 and I'm not really sure... Just
- # implementing what was already the behavior.
- newdeplibs=$deplibs
- ;;
- test_compile)
- # This code stresses the "libraries are programs" paradigm to its
- # limits. Maybe even breaks it. We compile a program, linking it
- # against the deplibs as a proxy for the library. Then we can check
- # whether they linked in statically or dynamically with ldd.
- $opt_dry_run || $RM conftest.c
- cat > conftest.c <<EOF
- int main() { return 0; }
-EOF
- $opt_dry_run || $RM conftest
- if $LTCC $LTCFLAGS -o conftest conftest.c $deplibs; then
- ldd_output=`ldd conftest`
- for i in $deplibs; do
- case $i in
- -l*)
- func_stripname -l '' "$i"
- name=$func_stripname_result
- if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then
- case " $predeps $postdeps " in
- *" $i "*)
- newdeplibs="$newdeplibs $i"
- i=""
- ;;
- esac
- fi
- if test -n "$i" ; then
- libname=`eval "\\$ECHO \"$libname_spec\""`
- deplib_matches=`eval "\\$ECHO \"$library_names_spec\""`
- set dummy $deplib_matches; shift
- deplib_match=$1
- if test `expr "$ldd_output" : ".*$deplib_match"` -ne 0 ; then
- newdeplibs="$newdeplibs $i"
- else
- droppeddeps=yes
- $ECHO
- $ECHO "*** Warning: dynamic linker does not accept needed library $i."
- $ECHO "*** I have the capability to make that library automatically link in when"
- $ECHO "*** you link to this library. But I can only do this if you have a"
- $ECHO "*** shared version of the library, which I believe you do not have"
- $ECHO "*** because a test_compile did reveal that the linker did not use it for"
- $ECHO "*** its dynamic dependency list that programs get resolved with at runtime."
- fi
- fi
- ;;
- *)
- newdeplibs="$newdeplibs $i"
- ;;
- esac
- done
- else
- # Error occurred in the first compile. Let's try to salvage
- # the situation: Compile a separate program for each library.
- for i in $deplibs; do
- case $i in
- -l*)
- func_stripname -l '' "$i"
- name=$func_stripname_result
- $opt_dry_run || $RM conftest
- if $LTCC $LTCFLAGS -o conftest conftest.c $i; then
- ldd_output=`ldd conftest`
- if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then
- case " $predeps $postdeps " in
- *" $i "*)
- newdeplibs="$newdeplibs $i"
- i=""
- ;;
- esac
- fi
- if test -n "$i" ; then
- libname=`eval "\\$ECHO \"$libname_spec\""`
- deplib_matches=`eval "\\$ECHO \"$library_names_spec\""`
- set dummy $deplib_matches; shift
- deplib_match=$1
- if test `expr "$ldd_output" : ".*$deplib_match"` -ne 0 ; then
- newdeplibs="$newdeplibs $i"
- else
- droppeddeps=yes
- $ECHO
- $ECHO "*** Warning: dynamic linker does not accept needed library $i."
- $ECHO "*** I have the capability to make that library automatically link in when"
- $ECHO "*** you link to this library. But I can only do this if you have a"
- $ECHO "*** shared version of the library, which you do not appear to have"
- $ECHO "*** because a test_compile did reveal that the linker did not use this one"
- $ECHO "*** as a dynamic dependency that programs can get resolved with at runtime."
- fi
- fi
- else
- droppeddeps=yes
- $ECHO
- $ECHO "*** Warning! Library $i is needed by this library but I was not able to"
- $ECHO "*** make it link in! You will probably need to install it or some"
- $ECHO "*** library that it depends on before this library will be fully"
- $ECHO "*** functional. Installing it before continuing would be even better."
- fi
- ;;
- *)
- newdeplibs="$newdeplibs $i"
- ;;
- esac
- done
- fi
- ;;
- file_magic*)
- set dummy $deplibs_check_method; shift
- file_magic_regex=`expr "$deplibs_check_method" : "$1 \(.*\)"`
- for a_deplib in $deplibs; do
- case $a_deplib in
- -l*)
- func_stripname -l '' "$a_deplib"
- name=$func_stripname_result
- if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then
- case " $predeps $postdeps " in
- *" $a_deplib "*)
- newdeplibs="$newdeplibs $a_deplib"
- a_deplib=""
- ;;
- esac
- fi
- if test -n "$a_deplib" ; then
- libname=`eval "\\$ECHO \"$libname_spec\""`
- for i in $lib_search_path $sys_lib_search_path $shlib_search_path; do
- potential_libs=`ls $i/$libname[.-]* 2>/dev/null`
- for potent_lib in $potential_libs; do
- # Follow soft links.
- if ls -lLd "$potent_lib" 2>/dev/null |
- $GREP " -> " >/dev/null; then
- continue
- fi
- # The statement above tries to avoid entering an
- # endless loop below, in case of cyclic links.
- # We might still enter an endless loop, since a link
- # loop can be closed while we follow links,
- # but so what?
- potlib="$potent_lib"
- while test -h "$potlib" 2>/dev/null; do
- potliblink=`ls -ld $potlib | ${SED} 's/.* -> //'`
- case $potliblink in
- [\\/]* | [A-Za-z]:[\\/]*) potlib="$potliblink";;
- *) potlib=`$ECHO "X$potlib" | $Xsed -e 's,[^/]*$,,'`"$potliblink";;
- esac
- done
- if eval $file_magic_cmd \"\$potlib\" 2>/dev/null |
- $SED -e 10q |
- $EGREP "$file_magic_regex" > /dev/null; then
- newdeplibs="$newdeplibs $a_deplib"
- a_deplib=""
- break 2
- fi
- done
- done
- fi
- if test -n "$a_deplib" ; then
- droppeddeps=yes
- $ECHO
- $ECHO "*** Warning: linker path does not have real file for library $a_deplib."
- $ECHO "*** I have the capability to make that library automatically link in when"
- $ECHO "*** you link to this library. But I can only do this if you have a"
- $ECHO "*** shared version of the library, which you do not appear to have"
- $ECHO "*** because I did check the linker path looking for a file starting"
- if test -z "$potlib" ; then
- $ECHO "*** with $libname but no candidates were found. (...for file magic test)"
- else
- $ECHO "*** with $libname and none of the candidates passed a file format test"
- $ECHO "*** using a file magic. Last file checked: $potlib"
- fi
- fi
- ;;
- *)
- # Add a -L argument.
- newdeplibs="$newdeplibs $a_deplib"
- ;;
- esac
- done # Gone through all deplibs.
- ;;
- match_pattern*)
- set dummy $deplibs_check_method; shift
- match_pattern_regex=`expr "$deplibs_check_method" : "$1 \(.*\)"`
- for a_deplib in $deplibs; do
- case $a_deplib in
- -l*)
- func_stripname -l '' "$a_deplib"
- name=$func_stripname_result
- if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then
- case " $predeps $postdeps " in
- *" $a_deplib "*)
- newdeplibs="$newdeplibs $a_deplib"
- a_deplib=""
- ;;
- esac
- fi
- if test -n "$a_deplib" ; then
- libname=`eval "\\$ECHO \"$libname_spec\""`
- for i in $lib_search_path $sys_lib_search_path $shlib_search_path; do
- potential_libs=`ls $i/$libname[.-]* 2>/dev/null`
- for potent_lib in $potential_libs; do
- potlib="$potent_lib" # see symlink-check above in file_magic test
- if eval "\$ECHO \"X$potent_lib\"" 2>/dev/null | $Xsed -e 10q | \
- $EGREP "$match_pattern_regex" > /dev/null; then
- newdeplibs="$newdeplibs $a_deplib"
- a_deplib=""
- break 2
- fi
- done
- done
- fi
- if test -n "$a_deplib" ; then
- droppeddeps=yes
- $ECHO
- $ECHO "*** Warning: linker path does not have real file for library $a_deplib."
- $ECHO "*** I have the capability to make that library automatically link in when"
- $ECHO "*** you link to this library. But I can only do this if you have a"
- $ECHO "*** shared version of the library, which you do not appear to have"
- $ECHO "*** because I did check the linker path looking for a file starting"
- if test -z "$potlib" ; then
- $ECHO "*** with $libname but no candidates were found. (...for regex pattern test)"
- else
- $ECHO "*** with $libname and none of the candidates passed a file format test"
- $ECHO "*** using a regex pattern. Last file checked: $potlib"
- fi
- fi
- ;;
- *)
- # Add a -L argument.
- newdeplibs="$newdeplibs $a_deplib"
- ;;
- esac
- done # Gone through all deplibs.
- ;;
- none | unknown | *)
- newdeplibs=""
- tmp_deplibs=`$ECHO "X $deplibs" | $Xsed \
- -e 's/ -lc$//' -e 's/ -[LR][^ ]*//g'`
- if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then
- for i in $predeps $postdeps ; do
- # can't use Xsed below, because $i might contain '/'
- tmp_deplibs=`$ECHO "X $tmp_deplibs" | $Xsed -e "s,$i,,"`
- done
- fi
- if $ECHO "X $tmp_deplibs" | $Xsed -e 's/[ ]//g' |
- $GREP . >/dev/null; then
- $ECHO
- if test "X$deplibs_check_method" = "Xnone"; then
- $ECHO "*** Warning: inter-library dependencies are not supported in this platform."
- else
- $ECHO "*** Warning: inter-library dependencies are not known to be supported."
- fi
- $ECHO "*** All declared inter-library dependencies are being dropped."
- droppeddeps=yes
- fi
- ;;
- esac
- versuffix=$versuffix_save
- major=$major_save
- release=$release_save
- libname=$libname_save
- name=$name_save
-
- case $host in
- *-*-rhapsody* | *-*-darwin1.[012])
- # On Rhapsody replace the C library with the System framework
- newdeplibs=`$ECHO "X $newdeplibs" | $Xsed -e 's/ -lc / System.ltframework /'`
- ;;
- esac
-
- if test "$droppeddeps" = yes; then
- if test "$module" = yes; then
- $ECHO
- $ECHO "*** Warning: libtool could not satisfy all declared inter-library"
- $ECHO "*** dependencies of module $libname. Therefore, libtool will create"
- $ECHO "*** a static module, that should work as long as the dlopening"
- $ECHO "*** application is linked with the -dlopen flag."
- if test -z "$global_symbol_pipe"; then
- $ECHO
- $ECHO "*** However, this would only work if libtool was able to extract symbol"
- $ECHO "*** lists from a program, using \`nm' or equivalent, but libtool could"
- $ECHO "*** not find such a program. So, this module is probably useless."
- $ECHO "*** \`nm' from GNU binutils and a full rebuild may help."
- fi
- if test "$build_old_libs" = no; then
- oldlibs="$output_objdir/$libname.$libext"
- build_libtool_libs=module
- build_old_libs=yes
- else
- build_libtool_libs=no
- fi
- else
- $ECHO "*** The inter-library dependencies that have been dropped here will be"
- $ECHO "*** automatically added whenever a program is linked with this library"
- $ECHO "*** or is declared to -dlopen it."
-
- if test "$allow_undefined" = no; then
- $ECHO
- $ECHO "*** Since this library must not contain undefined symbols,"
- $ECHO "*** because either the platform does not support them or"
- $ECHO "*** it was explicitly requested with -no-undefined,"
- $ECHO "*** libtool will only create a static version of it."
- if test "$build_old_libs" = no; then
- oldlibs="$output_objdir/$libname.$libext"
- build_libtool_libs=module
- build_old_libs=yes
- else
- build_libtool_libs=no
- fi
- fi
- fi
- fi
- # Done checking deplibs!
- deplibs=$newdeplibs
- fi
- # Time to change all our "foo.ltframework" stuff back to "-framework foo"
- case $host in
- *-*-darwin*)
- newdeplibs=`$ECHO "X $newdeplibs" | $Xsed -e 's% \([^ $]*\).ltframework% -framework \1%g'`
- new_inherited_linker_flags=`$ECHO "X $new_inherited_linker_flags" | $Xsed -e 's% \([^ $]*\).ltframework% -framework \1%g'`
- deplibs=`$ECHO "X $deplibs" | $Xsed -e 's% \([^ $]*\).ltframework% -framework \1%g'`
- ;;
- esac
-
- # move library search paths that coincide with paths to not yet
- # installed libraries to the beginning of the library search list
- new_libs=
- for path in $notinst_path; do
- case " $new_libs " in
- *" -L$path/$objdir "*) ;;
- *)
- case " $deplibs " in
- *" -L$path/$objdir "*)
- new_libs="$new_libs -L$path/$objdir" ;;
- esac
- ;;
- esac
- done
- for deplib in $deplibs; do
- case $deplib in
- -L*)
- case " $new_libs " in
- *" $deplib "*) ;;
- *) new_libs="$new_libs $deplib" ;;
- esac
- ;;
- *) new_libs="$new_libs $deplib" ;;
- esac
- done
- deplibs="$new_libs"
-
- # All the library-specific variables (install_libdir is set above).
- library_names=
- old_library=
- dlname=
-
- # Test again, we may have decided not to build it any more
- if test "$build_libtool_libs" = yes; then
- if test "$hardcode_into_libs" = yes; then
- # Hardcode the library paths
- hardcode_libdirs=
- dep_rpath=
- rpath="$finalize_rpath"
- test "$mode" != relink && rpath="$compile_rpath$rpath"
- for libdir in $rpath; do
- if test -n "$hardcode_libdir_flag_spec"; then
- if test -n "$hardcode_libdir_separator"; then
- if test -z "$hardcode_libdirs"; then
- hardcode_libdirs="$libdir"
- else
- # Just accumulate the unique libdirs.
- case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in
- *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*)
- ;;
- *)
- hardcode_libdirs="$hardcode_libdirs$hardcode_libdir_separator$libdir"
- ;;
- esac
- fi
- else
- eval flag=\"$hardcode_libdir_flag_spec\"
- dep_rpath="$dep_rpath $flag"
- fi
- elif test -n "$runpath_var"; then
- case "$perm_rpath " in
- *" $libdir "*) ;;
- *) perm_rpath="$perm_rpath $libdir" ;;
- esac
- fi
- done
- # Substitute the hardcoded libdirs into the rpath.
- if test -n "$hardcode_libdir_separator" &&
- test -n "$hardcode_libdirs"; then
- libdir="$hardcode_libdirs"
- if test -n "$hardcode_libdir_flag_spec_ld"; then
- eval dep_rpath=\"$hardcode_libdir_flag_spec_ld\"
- else
- eval dep_rpath=\"$hardcode_libdir_flag_spec\"
- fi
- fi
- if test -n "$runpath_var" && test -n "$perm_rpath"; then
- # We should set the runpath_var.
- rpath=
- for dir in $perm_rpath; do
- rpath="$rpath$dir:"
- done
- eval "$runpath_var='$rpath\$$runpath_var'; export $runpath_var"
- fi
- test -n "$dep_rpath" && deplibs="$dep_rpath $deplibs"
- fi
-
- shlibpath="$finalize_shlibpath"
- test "$mode" != relink && shlibpath="$compile_shlibpath$shlibpath"
- if test -n "$shlibpath"; then
- eval "$shlibpath_var='$shlibpath\$$shlibpath_var'; export $shlibpath_var"
- fi
-
- # Get the real and link names of the library.
- eval shared_ext=\"$shrext_cmds\"
- eval library_names=\"$library_names_spec\"
- set dummy $library_names
- shift
- realname="$1"
- shift
-
- if test -n "$soname_spec"; then
- eval soname=\"$soname_spec\"
- else
- soname="$realname"
- fi
- if test -z "$dlname"; then
- dlname=$soname
- fi
-
- lib="$output_objdir/$realname"
- linknames=
- for link
- do
- linknames="$linknames $link"
- done
-
- # Use standard objects if they are pic
- test -z "$pic_flag" && libobjs=`$ECHO "X$libobjs" | $SP2NL | $Xsed -e "$lo2o" | $NL2SP`
- test "X$libobjs" = "X " && libobjs=
-
- delfiles=
- if test -n "$export_symbols" && test -n "$include_expsyms"; then
- $opt_dry_run || cp "$export_symbols" "$output_objdir/$libname.uexp"
- export_symbols="$output_objdir/$libname.uexp"
- delfiles="$delfiles $export_symbols"
- fi
-
- orig_export_symbols=
- case $host_os in
- cygwin* | mingw* | cegcc*)
- if test -n "$export_symbols" && test -z "$export_symbols_regex"; then
- # exporting using user supplied symfile
- if test "x`$SED 1q $export_symbols`" != xEXPORTS; then
- # and it's NOT already a .def file. Must figure out
- # which of the given symbols are data symbols and tag
- # them as such. So, trigger use of export_symbols_cmds.
- # export_symbols gets reassigned inside the "prepare
- # the list of exported symbols" if statement, so the
- # include_expsyms logic still works.
- orig_export_symbols="$export_symbols"
- export_symbols=
- always_export_symbols=yes
- fi
- fi
- ;;
- esac
-
- # Prepare the list of exported symbols
- if test -z "$export_symbols"; then
- if test "$always_export_symbols" = yes || test -n "$export_symbols_regex"; then
- func_verbose "generating symbol list for \`$libname.la'"
- export_symbols="$output_objdir/$libname.exp"
- $opt_dry_run || $RM $export_symbols
- cmds=$export_symbols_cmds
- save_ifs="$IFS"; IFS='~'
- for cmd in $cmds; do
- IFS="$save_ifs"
- eval cmd=\"$cmd\"
- func_len " $cmd"
- len=$func_len_result
- if test "$len" -lt "$max_cmd_len" || test "$max_cmd_len" -le -1; then
- func_show_eval "$cmd" 'exit $?'
- skipped_export=false
- else
- # The command line is too long to execute in one step.
- func_verbose "using reloadable object file for export list..."
- skipped_export=:
- # Break out early, otherwise skipped_export may be
- # set to false by a later but shorter cmd.
- break
- fi
- done
- IFS="$save_ifs"
- if test -n "$export_symbols_regex" && test "X$skipped_export" != "X:"; then
- func_show_eval '$EGREP -e "$export_symbols_regex" "$export_symbols" > "${export_symbols}T"'
- func_show_eval '$MV "${export_symbols}T" "$export_symbols"'
- fi
- fi
- fi
-
- if test -n "$export_symbols" && test -n "$include_expsyms"; then
- tmp_export_symbols="$export_symbols"
- test -n "$orig_export_symbols" && tmp_export_symbols="$orig_export_symbols"
- $opt_dry_run || eval '$ECHO "X$include_expsyms" | $Xsed | $SP2NL >> "$tmp_export_symbols"'
- fi
-
- if test "X$skipped_export" != "X:" && test -n "$orig_export_symbols"; then
- # The given exports_symbols file has to be filtered, so filter it.
- func_verbose "filter symbol list for \`$libname.la' to tag DATA exports"
- # FIXME: $output_objdir/$libname.filter potentially contains lots of
- # 's' commands which not all seds can handle. GNU sed should be fine
- # though. Also, the filter scales superlinearly with the number of
- # global variables. join(1) would be nice here, but unfortunately
- # isn't a blessed tool.
- $opt_dry_run || $SED -e '/[ ,]DATA/!d;s,\(.*\)\([ \,].*\),s|^\1$|\1\2|,' < $export_symbols > $output_objdir/$libname.filter
- delfiles="$delfiles $export_symbols $output_objdir/$libname.filter"
- export_symbols=$output_objdir/$libname.def
- $opt_dry_run || $SED -f $output_objdir/$libname.filter < $orig_export_symbols > $export_symbols
- fi
-
- tmp_deplibs=
- for test_deplib in $deplibs; do
- case " $convenience " in
- *" $test_deplib "*) ;;
- *)
- tmp_deplibs="$tmp_deplibs $test_deplib"
- ;;
- esac
- done
- deplibs="$tmp_deplibs"
-
- if test -n "$convenience"; then
- if test -n "$whole_archive_flag_spec" &&
- test "$compiler_needs_object" = yes &&
- test -z "$libobjs"; then
- # extract the archives, so we have objects to list.
- # TODO: could optimize this to just extract one archive.
- whole_archive_flag_spec=
- fi
- if test -n "$whole_archive_flag_spec"; then
- save_libobjs=$libobjs
- eval libobjs=\"\$libobjs $whole_archive_flag_spec\"
- test "X$libobjs" = "X " && libobjs=
- else
- gentop="$output_objdir/${outputname}x"
- generated="$generated $gentop"
-
- func_extract_archives $gentop $convenience
- libobjs="$libobjs $func_extract_archives_result"
- test "X$libobjs" = "X " && libobjs=
- fi
- fi
-
- if test "$thread_safe" = yes && test -n "$thread_safe_flag_spec"; then
- eval flag=\"$thread_safe_flag_spec\"
- linker_flags="$linker_flags $flag"
- fi
-
- # Make a backup of the uninstalled library when relinking
- if test "$mode" = relink; then
- $opt_dry_run || eval '(cd $output_objdir && $RM ${realname}U && $MV $realname ${realname}U)' || exit $?
- fi
-
- # Do each of the archive commands.
- if test "$module" = yes && test -n "$module_cmds" ; then
- if test -n "$export_symbols" && test -n "$module_expsym_cmds"; then
- eval test_cmds=\"$module_expsym_cmds\"
- cmds=$module_expsym_cmds
- else
- eval test_cmds=\"$module_cmds\"
- cmds=$module_cmds
- fi
- else
- if test -n "$export_symbols" && test -n "$archive_expsym_cmds"; then
- eval test_cmds=\"$archive_expsym_cmds\"
- cmds=$archive_expsym_cmds
- else
- eval test_cmds=\"$archive_cmds\"
- cmds=$archive_cmds
- fi
- fi
-
- if test "X$skipped_export" != "X:" &&
- func_len " $test_cmds" &&
- len=$func_len_result &&
- test "$len" -lt "$max_cmd_len" || test "$max_cmd_len" -le -1; then
- :
- else
- # The command line is too long to link in one step, link piecewise
- # or, if using GNU ld and skipped_export is not :, use a linker
- # script.
-
- # Save the value of $output and $libobjs because we want to
- # use them later. If we have whole_archive_flag_spec, we
- # want to use save_libobjs as it was before
- # whole_archive_flag_spec was expanded, because we can't
- # assume the linker understands whole_archive_flag_spec.
- # This may have to be revisited, in case too many
- # convenience libraries get linked in and end up exceeding
- # the spec.
- if test -z "$convenience" || test -z "$whole_archive_flag_spec"; then
- save_libobjs=$libobjs
- fi
- save_output=$output
- output_la=`$ECHO "X$output" | $Xsed -e "$basename"`
-
- # Clear the reloadable object creation command queue and
- # initialize k to one.
- test_cmds=
- concat_cmds=
- objlist=
- last_robj=
- k=1
-
- if test -n "$save_libobjs" && test "X$skipped_export" != "X:" && test "$with_gnu_ld" = yes; then
- output=${output_objdir}/${output_la}.lnkscript
- func_verbose "creating GNU ld script: $output"
- $ECHO 'INPUT (' > $output
- for obj in $save_libobjs
- do
- $ECHO "$obj" >> $output
- done
- $ECHO ')' >> $output
- delfiles="$delfiles $output"
- elif test -n "$save_libobjs" && test "X$skipped_export" != "X:" && test "X$file_list_spec" != X; then
- output=${output_objdir}/${output_la}.lnk
- func_verbose "creating linker input file list: $output"
- : > $output
- set x $save_libobjs
- shift
- firstobj=
- if test "$compiler_needs_object" = yes; then
- firstobj="$1 "
- shift
- fi
- for obj
- do
- $ECHO "$obj" >> $output
- done
- delfiles="$delfiles $output"
- output=$firstobj\"$file_list_spec$output\"
- else
- if test -n "$save_libobjs"; then
- func_verbose "creating reloadable object files..."
- output=$output_objdir/$output_la-${k}.$objext
- eval test_cmds=\"$reload_cmds\"
- func_len " $test_cmds"
- len0=$func_len_result
- len=$len0
-
- # Loop over the list of objects to be linked.
- for obj in $save_libobjs
- do
- func_len " $obj"
- func_arith $len + $func_len_result
- len=$func_arith_result
- if test "X$objlist" = X ||
- test "$len" -lt "$max_cmd_len"; then
- func_append objlist " $obj"
- else
- # The command $test_cmds is almost too long, add a
- # command to the queue.
- if test "$k" -eq 1 ; then
- # The first file doesn't have a previous command to add.
- eval concat_cmds=\"$reload_cmds $objlist $last_robj\"
- else
- # All subsequent reloadable object files will link in
- # the last one created.
- eval concat_cmds=\"\$concat_cmds~$reload_cmds $objlist $last_robj~\$RM $last_robj\"
- fi
- last_robj=$output_objdir/$output_la-${k}.$objext
- func_arith $k + 1
- k=$func_arith_result
- output=$output_objdir/$output_la-${k}.$objext
- objlist=$obj
- func_len " $last_robj"
- func_arith $len0 + $func_len_result
- len=$func_arith_result
- fi
- done
- # Handle the remaining objects by creating one last
- # reloadable object file. All subsequent reloadable object
- # files will link in the last one created.
- test -z "$concat_cmds" || concat_cmds=$concat_cmds~
- eval concat_cmds=\"\${concat_cmds}$reload_cmds $objlist $last_robj\"
- if test -n "$last_robj"; then
- eval concat_cmds=\"\${concat_cmds}~\$RM $last_robj\"
- fi
- delfiles="$delfiles $output"
-
- else
- output=
- fi
-
- if ${skipped_export-false}; then
- func_verbose "generating symbol list for \`$libname.la'"
- export_symbols="$output_objdir/$libname.exp"
- $opt_dry_run || $RM $export_symbols
- libobjs=$output
- # Append the command to create the export file.
- test -z "$concat_cmds" || concat_cmds=$concat_cmds~
- eval concat_cmds=\"\$concat_cmds$export_symbols_cmds\"
- if test -n "$last_robj"; then
- eval concat_cmds=\"\$concat_cmds~\$RM $last_robj\"
- fi
- fi
-
- test -n "$save_libobjs" &&
- func_verbose "creating a temporary reloadable object file: $output"
-
- # Loop through the commands generated above and execute them.
- save_ifs="$IFS"; IFS='~'
- for cmd in $concat_cmds; do
- IFS="$save_ifs"
- $opt_silent || {
- func_quote_for_expand "$cmd"
- eval "func_echo $func_quote_for_expand_result"
- }
- $opt_dry_run || eval "$cmd" || {
- lt_exit=$?
-
- # Restore the uninstalled library and exit
- if test "$mode" = relink; then
- ( cd "$output_objdir" && \
- $RM "${realname}T" && \
- $MV "${realname}U" "$realname" )
- fi
-
- exit $lt_exit
- }
- done
- IFS="$save_ifs"
-
- if test -n "$export_symbols_regex" && ${skipped_export-false}; then
- func_show_eval '$EGREP -e "$export_symbols_regex" "$export_symbols" > "${export_symbols}T"'
- func_show_eval '$MV "${export_symbols}T" "$export_symbols"'
- fi
- fi
-
- if ${skipped_export-false}; then
- if test -n "$export_symbols" && test -n "$include_expsyms"; then
- tmp_export_symbols="$export_symbols"
- test -n "$orig_export_symbols" && tmp_export_symbols="$orig_export_symbols"
- $opt_dry_run || eval '$ECHO "X$include_expsyms" | $Xsed | $SP2NL >> "$tmp_export_symbols"'
- fi
-
- if test -n "$orig_export_symbols"; then
- # The given exports_symbols file has to be filtered, so filter it.
- func_verbose "filter symbol list for \`$libname.la' to tag DATA exports"
- # FIXME: $output_objdir/$libname.filter potentially contains lots of
- # 's' commands which not all seds can handle. GNU sed should be fine
- # though. Also, the filter scales superlinearly with the number of
- # global variables. join(1) would be nice here, but unfortunately
- # isn't a blessed tool.
- $opt_dry_run || $SED -e '/[ ,]DATA/!d;s,\(.*\)\([ \,].*\),s|^\1$|\1\2|,' < $export_symbols > $output_objdir/$libname.filter
- delfiles="$delfiles $export_symbols $output_objdir/$libname.filter"
- export_symbols=$output_objdir/$libname.def
- $opt_dry_run || $SED -f $output_objdir/$libname.filter < $orig_export_symbols > $export_symbols
- fi
- fi
-
- libobjs=$output
- # Restore the value of output.
- output=$save_output
-
- if test -n "$convenience" && test -n "$whole_archive_flag_spec"; then
- eval libobjs=\"\$libobjs $whole_archive_flag_spec\"
- test "X$libobjs" = "X " && libobjs=
- fi
- # Expand the library linking commands again to reset the
- # value of $libobjs for piecewise linking.
-
- # Do each of the archive commands.
- if test "$module" = yes && test -n "$module_cmds" ; then
- if test -n "$export_symbols" && test -n "$module_expsym_cmds"; then
- cmds=$module_expsym_cmds
- else
- cmds=$module_cmds
- fi
- else
- if test -n "$export_symbols" && test -n "$archive_expsym_cmds"; then
- cmds=$archive_expsym_cmds
- else
- cmds=$archive_cmds
- fi
- fi
- fi
-
- if test -n "$delfiles"; then
- # Append the command to remove temporary files to $cmds.
- eval cmds=\"\$cmds~\$RM $delfiles\"
- fi
-
- # Add any objects from preloaded convenience libraries
- if test -n "$dlprefiles"; then
- gentop="$output_objdir/${outputname}x"
- generated="$generated $gentop"
-
- func_extract_archives $gentop $dlprefiles
- libobjs="$libobjs $func_extract_archives_result"
- test "X$libobjs" = "X " && libobjs=
- fi
-
- save_ifs="$IFS"; IFS='~'
- for cmd in $cmds; do
- IFS="$save_ifs"
- eval cmd=\"$cmd\"
- $opt_silent || {
- func_quote_for_expand "$cmd"
- eval "func_echo $func_quote_for_expand_result"
- }
- $opt_dry_run || eval "$cmd" || {
- lt_exit=$?
-
- # Restore the uninstalled library and exit
- if test "$mode" = relink; then
- ( cd "$output_objdir" && \
- $RM "${realname}T" && \
- $MV "${realname}U" "$realname" )
- fi
-
- exit $lt_exit
- }
- done
- IFS="$save_ifs"
-
- # Restore the uninstalled library and exit
- if test "$mode" = relink; then
- $opt_dry_run || eval '(cd $output_objdir && $RM ${realname}T && $MV $realname ${realname}T && $MV ${realname}U $realname)' || exit $?
-
- if test -n "$convenience"; then
- if test -z "$whole_archive_flag_spec"; then
- func_show_eval '${RM}r "$gentop"'
- fi
- fi
-
- exit $EXIT_SUCCESS
- fi
-
- # Create links to the real library.
- for linkname in $linknames; do
- if test "$realname" != "$linkname"; then
- func_show_eval '(cd "$output_objdir" && $RM "$linkname" && $LN_S "$realname" "$linkname")' 'exit $?'
- fi
- done
-
- # If -module or -export-dynamic was specified, set the dlname.
- if test "$module" = yes || test "$export_dynamic" = yes; then
- # On all known operating systems, these are identical.
- dlname="$soname"
- fi
- fi
- ;;
-
- obj)
- if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then
- func_warning "\`-dlopen' is ignored for objects"
- fi
-
- case " $deplibs" in
- *\ -l* | *\ -L*)
- func_warning "\`-l' and \`-L' are ignored for objects" ;;
- esac
-
- test -n "$rpath" && \
- func_warning "\`-rpath' is ignored for objects"
-
- test -n "$xrpath" && \
- func_warning "\`-R' is ignored for objects"
-
- test -n "$vinfo" && \
- func_warning "\`-version-info' is ignored for objects"
-
- test -n "$release" && \
- func_warning "\`-release' is ignored for objects"
-
- case $output in
- *.lo)
- test -n "$objs$old_deplibs" && \
- func_fatal_error "cannot build library object \`$output' from non-libtool objects"
-
- libobj=$output
- func_lo2o "$libobj"
- obj=$func_lo2o_result
- ;;
- *)
- libobj=
- obj="$output"
- ;;
- esac
-
- # Delete the old objects.
- $opt_dry_run || $RM $obj $libobj
-
- # Objects from convenience libraries. This assumes
- # single-version convenience libraries. Whenever we create
- # different ones for PIC/non-PIC, this we'll have to duplicate
- # the extraction.
- reload_conv_objs=
- gentop=
- # reload_cmds runs $LD directly, so let us get rid of
- # -Wl from whole_archive_flag_spec and hope we can get by with
- # turning comma into space..
- wl=
-
- if test -n "$convenience"; then
- if test -n "$whole_archive_flag_spec"; then
- eval tmp_whole_archive_flags=\"$whole_archive_flag_spec\"
- reload_conv_objs=$reload_objs\ `$ECHO "X$tmp_whole_archive_flags" | $Xsed -e 's|,| |g'`
- else
- gentop="$output_objdir/${obj}x"
- generated="$generated $gentop"
-
- func_extract_archives $gentop $convenience
- reload_conv_objs="$reload_objs $func_extract_archives_result"
- fi
- fi
-
- # Create the old-style object.
- reload_objs="$objs$old_deplibs "`$ECHO "X$libobjs" | $SP2NL | $Xsed -e '/\.'${libext}$'/d' -e '/\.lib$/d' -e "$lo2o" | $NL2SP`" $reload_conv_objs" ### testsuite: skip nested quoting test
-
- output="$obj"
- func_execute_cmds "$reload_cmds" 'exit $?'
-
- # Exit if we aren't doing a library object file.
- if test -z "$libobj"; then
- if test -n "$gentop"; then
- func_show_eval '${RM}r "$gentop"'
- fi
-
- exit $EXIT_SUCCESS
- fi
-
- if test "$build_libtool_libs" != yes; then
- if test -n "$gentop"; then
- func_show_eval '${RM}r "$gentop"'
- fi
-
- # Create an invalid libtool object if no PIC, so that we don't
- # accidentally link it into a program.
- # $show "echo timestamp > $libobj"
- # $opt_dry_run || eval "echo timestamp > $libobj" || exit $?
- exit $EXIT_SUCCESS
- fi
-
- if test -n "$pic_flag" || test "$pic_mode" != default; then
- # Only do commands if we really have different PIC objects.
- reload_objs="$libobjs $reload_conv_objs"
- output="$libobj"
- func_execute_cmds "$reload_cmds" 'exit $?'
- fi
-
- if test -n "$gentop"; then
- func_show_eval '${RM}r "$gentop"'
- fi
-
- exit $EXIT_SUCCESS
- ;;
-
- prog)
- case $host in
- *cygwin*) func_stripname '' '.exe' "$output"
- output=$func_stripname_result.exe;;
- esac
- test -n "$vinfo" && \
- func_warning "\`-version-info' is ignored for programs"
-
- test -n "$release" && \
- func_warning "\`-release' is ignored for programs"
-
- test "$preload" = yes \
- && test "$dlopen_support" = unknown \
- && test "$dlopen_self" = unknown \
- && test "$dlopen_self_static" = unknown && \
- func_warning "\`LT_INIT([dlopen])' not used. Assuming no dlopen support."
-
- case $host in
- *-*-rhapsody* | *-*-darwin1.[012])
- # On Rhapsody replace the C library is the System framework
- compile_deplibs=`$ECHO "X $compile_deplibs" | $Xsed -e 's/ -lc / System.ltframework /'`
- finalize_deplibs=`$ECHO "X $finalize_deplibs" | $Xsed -e 's/ -lc / System.ltframework /'`
- ;;
- esac
-
- case $host in
- *-*-darwin*)
- # Don't allow lazy linking, it breaks C++ global constructors
- # But is supposedly fixed on 10.4 or later (yay!).
- if test "$tagname" = CXX ; then
- case ${MACOSX_DEPLOYMENT_TARGET-10.0} in
- 10.[0123])
- compile_command="$compile_command ${wl}-bind_at_load"
- finalize_command="$finalize_command ${wl}-bind_at_load"
- ;;
- esac
- fi
- # Time to change all our "foo.ltframework" stuff back to "-framework foo"
- compile_deplibs=`$ECHO "X $compile_deplibs" | $Xsed -e 's% \([^ $]*\).ltframework% -framework \1%g'`
- finalize_deplibs=`$ECHO "X $finalize_deplibs" | $Xsed -e 's% \([^ $]*\).ltframework% -framework \1%g'`
- ;;
- esac
-
-
- # move library search paths that coincide with paths to not yet
- # installed libraries to the beginning of the library search list
- new_libs=
- for path in $notinst_path; do
- case " $new_libs " in
- *" -L$path/$objdir "*) ;;
- *)
- case " $compile_deplibs " in
- *" -L$path/$objdir "*)
- new_libs="$new_libs -L$path/$objdir" ;;
- esac
- ;;
- esac
- done
- for deplib in $compile_deplibs; do
- case $deplib in
- -L*)
- case " $new_libs " in
- *" $deplib "*) ;;
- *) new_libs="$new_libs $deplib" ;;
- esac
- ;;
- *) new_libs="$new_libs $deplib" ;;
- esac
- done
- compile_deplibs="$new_libs"
-
-
- compile_command="$compile_command $compile_deplibs"
- finalize_command="$finalize_command $finalize_deplibs"
-
- if test -n "$rpath$xrpath"; then
- # If the user specified any rpath flags, then add them.
- for libdir in $rpath $xrpath; do
- # This is the magic to use -rpath.
- case "$finalize_rpath " in
- *" $libdir "*) ;;
- *) finalize_rpath="$finalize_rpath $libdir" ;;
- esac
- done
- fi
-
- # Now hardcode the library paths
- rpath=
- hardcode_libdirs=
- for libdir in $compile_rpath $finalize_rpath; do
- if test -n "$hardcode_libdir_flag_spec"; then
- if test -n "$hardcode_libdir_separator"; then
- if test -z "$hardcode_libdirs"; then
- hardcode_libdirs="$libdir"
- else
- # Just accumulate the unique libdirs.
- case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in
- *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*)
- ;;
- *)
- hardcode_libdirs="$hardcode_libdirs$hardcode_libdir_separator$libdir"
- ;;
- esac
- fi
- else
- eval flag=\"$hardcode_libdir_flag_spec\"
- rpath="$rpath $flag"
- fi
- elif test -n "$runpath_var"; then
- case "$perm_rpath " in
- *" $libdir "*) ;;
- *) perm_rpath="$perm_rpath $libdir" ;;
- esac
- fi
- case $host in
- *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-cegcc*)
- testbindir=`${ECHO} "$libdir" | ${SED} -e 's*/lib$*/bin*'`
- case :$dllsearchpath: in
- *":$libdir:"*) ;;
- ::) dllsearchpath=$libdir;;
- *) dllsearchpath="$dllsearchpath:$libdir";;
- esac
- case :$dllsearchpath: in
- *":$testbindir:"*) ;;
- ::) dllsearchpath=$testbindir;;
- *) dllsearchpath="$dllsearchpath:$testbindir";;
- esac
- ;;
- esac
- done
- # Substitute the hardcoded libdirs into the rpath.
- if test -n "$hardcode_libdir_separator" &&
- test -n "$hardcode_libdirs"; then
- libdir="$hardcode_libdirs"
- eval rpath=\" $hardcode_libdir_flag_spec\"
- fi
- compile_rpath="$rpath"
-
- rpath=
- hardcode_libdirs=
- for libdir in $finalize_rpath; do
- if test -n "$hardcode_libdir_flag_spec"; then
- if test -n "$hardcode_libdir_separator"; then
- if test -z "$hardcode_libdirs"; then
- hardcode_libdirs="$libdir"
- else
- # Just accumulate the unique libdirs.
- case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in
- *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*)
- ;;
- *)
- hardcode_libdirs="$hardcode_libdirs$hardcode_libdir_separator$libdir"
- ;;
- esac
- fi
- else
- eval flag=\"$hardcode_libdir_flag_spec\"
- rpath="$rpath $flag"
- fi
- elif test -n "$runpath_var"; then
- case "$finalize_perm_rpath " in
- *" $libdir "*) ;;
- *) finalize_perm_rpath="$finalize_perm_rpath $libdir" ;;
- esac
- fi
- done
- # Substitute the hardcoded libdirs into the rpath.
- if test -n "$hardcode_libdir_separator" &&
- test -n "$hardcode_libdirs"; then
- libdir="$hardcode_libdirs"
- eval rpath=\" $hardcode_libdir_flag_spec\"
- fi
- finalize_rpath="$rpath"
-
- if test -n "$libobjs" && test "$build_old_libs" = yes; then
- # Transform all the library objects into standard objects.
- compile_command=`$ECHO "X$compile_command" | $SP2NL | $Xsed -e "$lo2o" | $NL2SP`
- finalize_command=`$ECHO "X$finalize_command" | $SP2NL | $Xsed -e "$lo2o" | $NL2SP`
- fi
-
- func_generate_dlsyms "$outputname" "@PROGRAM@" "no"
-
- # template prelinking step
- if test -n "$prelink_cmds"; then
- func_execute_cmds "$prelink_cmds" 'exit $?'
- fi
-
- wrappers_required=yes
- case $host in
- *cygwin* | *mingw* )
- if test "$build_libtool_libs" != yes; then
- wrappers_required=no
- fi
- ;;
- *cegcc)
- # Disable wrappers for cegcc, we are cross compiling anyway.
- wrappers_required=no
- ;;
- *)
- if test "$need_relink" = no || test "$build_libtool_libs" != yes; then
- wrappers_required=no
- fi
- ;;
- esac
- if test "$wrappers_required" = no; then
- # Replace the output file specification.
- compile_command=`$ECHO "X$compile_command" | $Xsed -e 's%@OUTPUT@%'"$output"'%g'`
- link_command="$compile_command$compile_rpath"
-
- # We have no uninstalled library dependencies, so finalize right now.
- exit_status=0
- func_show_eval "$link_command" 'exit_status=$?'
-
- # Delete the generated files.
- if test -f "$output_objdir/${outputname}S.${objext}"; then
- func_show_eval '$RM "$output_objdir/${outputname}S.${objext}"'
- fi
-
- exit $exit_status
- fi
-
- if test -n "$compile_shlibpath$finalize_shlibpath"; then
- compile_command="$shlibpath_var=\"$compile_shlibpath$finalize_shlibpath\$$shlibpath_var\" $compile_command"
- fi
- if test -n "$finalize_shlibpath"; then
- finalize_command="$shlibpath_var=\"$finalize_shlibpath\$$shlibpath_var\" $finalize_command"
- fi
-
- compile_var=
- finalize_var=
- if test -n "$runpath_var"; then
- if test -n "$perm_rpath"; then
- # We should set the runpath_var.
- rpath=
- for dir in $perm_rpath; do
- rpath="$rpath$dir:"
- done
- compile_var="$runpath_var=\"$rpath\$$runpath_var\" "
- fi
- if test -n "$finalize_perm_rpath"; then
- # We should set the runpath_var.
- rpath=
- for dir in $finalize_perm_rpath; do
- rpath="$rpath$dir:"
- done
- finalize_var="$runpath_var=\"$rpath\$$runpath_var\" "
- fi
- fi
-
- if test "$no_install" = yes; then
- # We don't need to create a wrapper script.
- link_command="$compile_var$compile_command$compile_rpath"
- # Replace the output file specification.
- link_command=`$ECHO "X$link_command" | $Xsed -e 's%@OUTPUT@%'"$output"'%g'`
- # Delete the old output file.
- $opt_dry_run || $RM $output
- # Link the executable and exit
- func_show_eval "$link_command" 'exit $?'
- exit $EXIT_SUCCESS
- fi
-
- if test "$hardcode_action" = relink; then
- # Fast installation is not supported
- link_command="$compile_var$compile_command$compile_rpath"
- relink_command="$finalize_var$finalize_command$finalize_rpath"
-
- func_warning "this platform does not like uninstalled shared libraries"
- func_warning "\`$output' will be relinked during installation"
- else
- if test "$fast_install" != no; then
- link_command="$finalize_var$compile_command$finalize_rpath"
- if test "$fast_install" = yes; then
- relink_command=`$ECHO "X$compile_var$compile_command$compile_rpath" | $Xsed -e 's%@OUTPUT@%\$progdir/\$file%g'`
- else
- # fast_install is set to needless
- relink_command=
- fi
- else
- link_command="$compile_var$compile_command$compile_rpath"
- relink_command="$finalize_var$finalize_command$finalize_rpath"
- fi
- fi
-
- # Replace the output file specification.
- link_command=`$ECHO "X$link_command" | $Xsed -e 's%@OUTPUT@%'"$output_objdir/$outputname"'%g'`
-
- # Delete the old output files.
- $opt_dry_run || $RM $output $output_objdir/$outputname $output_objdir/lt-$outputname
-
- func_show_eval "$link_command" 'exit $?'
-
- # Now create the wrapper script.
- func_verbose "creating $output"
-
- # Quote the relink command for shipping.
- if test -n "$relink_command"; then
- # Preserve any variables that may affect compiler behavior
- for var in $variables_saved_for_relink; do
- if eval test -z \"\${$var+set}\"; then
- relink_command="{ test -z \"\${$var+set}\" || $lt_unset $var || { $var=; export $var; }; }; $relink_command"
- elif eval var_value=\$$var; test -z "$var_value"; then
- relink_command="$var=; export $var; $relink_command"
- else
- func_quote_for_eval "$var_value"
- relink_command="$var=$func_quote_for_eval_result; export $var; $relink_command"
- fi
- done
- relink_command="(cd `pwd`; $relink_command)"
- relink_command=`$ECHO "X$relink_command" | $Xsed -e "$sed_quote_subst"`
- fi
-
- # Quote $ECHO for shipping.
- if test "X$ECHO" = "X$SHELL $progpath --fallback-echo"; then
- case $progpath in
- [\\/]* | [A-Za-z]:[\\/]*) qecho="$SHELL $progpath --fallback-echo";;
- *) qecho="$SHELL `pwd`/$progpath --fallback-echo";;
- esac
- qecho=`$ECHO "X$qecho" | $Xsed -e "$sed_quote_subst"`
- else
- qecho=`$ECHO "X$ECHO" | $Xsed -e "$sed_quote_subst"`
- fi
-
- # Only actually do things if not in dry run mode.
- $opt_dry_run || {
- # win32 will think the script is a binary if it has
- # a .exe suffix, so we strip it off here.
- case $output in
- *.exe) func_stripname '' '.exe' "$output"
- output=$func_stripname_result ;;
- esac
- # test for cygwin because mv fails w/o .exe extensions
- case $host in
- *cygwin*)
- exeext=.exe
- func_stripname '' '.exe' "$outputname"
- outputname=$func_stripname_result ;;
- *) exeext= ;;
- esac
- case $host in
- *cygwin* | *mingw* )
- func_dirname_and_basename "$output" "" "."
- output_name=$func_basename_result
- output_path=$func_dirname_result
- cwrappersource="$output_path/$objdir/lt-$output_name.c"
- cwrapper="$output_path/$output_name.exe"
- $RM $cwrappersource $cwrapper
- trap "$RM $cwrappersource $cwrapper; exit $EXIT_FAILURE" 1 2 15
-
- func_emit_cwrapperexe_src > $cwrappersource
-
- # The wrapper executable is built using the $host compiler,
- # because it contains $host paths and files. If cross-
- # compiling, it, like the target executable, must be
- # executed on the $host or under an emulation environment.
- $opt_dry_run || {
- $LTCC $LTCFLAGS -o $cwrapper $cwrappersource
- $STRIP $cwrapper
- }
-
- # Now, create the wrapper script for func_source use:
- func_ltwrapper_scriptname $cwrapper
- $RM $func_ltwrapper_scriptname_result
- trap "$RM $func_ltwrapper_scriptname_result; exit $EXIT_FAILURE" 1 2 15
- $opt_dry_run || {
- # note: this script will not be executed, so do not chmod.
- if test "x$build" = "x$host" ; then
- $cwrapper --lt-dump-script > $func_ltwrapper_scriptname_result
- else
- func_emit_wrapper no > $func_ltwrapper_scriptname_result
- fi
- }
- ;;
- * )
- $RM $output
- trap "$RM $output; exit $EXIT_FAILURE" 1 2 15
-
- func_emit_wrapper no > $output
- chmod +x $output
- ;;
- esac
- }
- exit $EXIT_SUCCESS
- ;;
- esac
-
- # See if we need to build an old-fashioned archive.
- for oldlib in $oldlibs; do
-
- if test "$build_libtool_libs" = convenience; then
- oldobjs="$libobjs_save $symfileobj"
- addlibs="$convenience"
- build_libtool_libs=no
- else
- if test "$build_libtool_libs" = module; then
- oldobjs="$libobjs_save"
- build_libtool_libs=no
- else
- oldobjs="$old_deplibs $non_pic_objects"
- if test "$preload" = yes && test -f "$symfileobj"; then
- oldobjs="$oldobjs $symfileobj"
- fi
- fi
- addlibs="$old_convenience"
- fi
-
- if test -n "$addlibs"; then
- gentop="$output_objdir/${outputname}x"
- generated="$generated $gentop"
-
- func_extract_archives $gentop $addlibs
- oldobjs="$oldobjs $func_extract_archives_result"
- fi
-
- # Do each command in the archive commands.
- if test -n "$old_archive_from_new_cmds" && test "$build_libtool_libs" = yes; then
- cmds=$old_archive_from_new_cmds
- else
-
- # Add any objects from preloaded convenience libraries
- if test -n "$dlprefiles"; then
- gentop="$output_objdir/${outputname}x"
- generated="$generated $gentop"
-
- func_extract_archives $gentop $dlprefiles
- oldobjs="$oldobjs $func_extract_archives_result"
- fi
-
- # POSIX demands no paths to be encoded in archives. We have
- # to avoid creating archives with duplicate basenames if we
- # might have to extract them afterwards, e.g., when creating a
- # static archive out of a convenience library, or when linking
- # the entirety of a libtool archive into another (currently
- # not supported by libtool).
- if (for obj in $oldobjs
- do
- func_basename "$obj"
- $ECHO "$func_basename_result"
- done | sort | sort -uc >/dev/null 2>&1); then
- :
- else
- $ECHO "copying selected object files to avoid basename conflicts..."
- gentop="$output_objdir/${outputname}x"
- generated="$generated $gentop"
- func_mkdir_p "$gentop"
- save_oldobjs=$oldobjs
- oldobjs=
- counter=1
- for obj in $save_oldobjs
- do
- func_basename "$obj"
- objbase="$func_basename_result"
- case " $oldobjs " in
- " ") oldobjs=$obj ;;
- *[\ /]"$objbase "*)
- while :; do
- # Make sure we don't pick an alternate name that also
- # overlaps.
- newobj=lt$counter-$objbase
- func_arith $counter + 1
- counter=$func_arith_result
- case " $oldobjs " in
- *[\ /]"$newobj "*) ;;
- *) if test ! -f "$gentop/$newobj"; then break; fi ;;
- esac
- done
- func_show_eval "ln $obj $gentop/$newobj || cp $obj $gentop/$newobj"
- oldobjs="$oldobjs $gentop/$newobj"
- ;;
- *) oldobjs="$oldobjs $obj" ;;
- esac
- done
- fi
- eval cmds=\"$old_archive_cmds\"
-
- func_len " $cmds"
- len=$func_len_result
- if test "$len" -lt "$max_cmd_len" || test "$max_cmd_len" -le -1; then
- cmds=$old_archive_cmds
- else
- # the command line is too long to link in one step, link in parts
- func_verbose "using piecewise archive linking..."
- save_RANLIB=$RANLIB
- RANLIB=:
- objlist=
- concat_cmds=
- save_oldobjs=$oldobjs
- oldobjs=
- # Is there a better way of finding the last object in the list?
- for obj in $save_oldobjs
- do
- last_oldobj=$obj
- done
- eval test_cmds=\"$old_archive_cmds\"
- func_len " $test_cmds"
- len0=$func_len_result
- len=$len0
- for obj in $save_oldobjs
- do
- func_len " $obj"
- func_arith $len + $func_len_result
- len=$func_arith_result
- func_append objlist " $obj"
- if test "$len" -lt "$max_cmd_len"; then
- :
- else
- # the above command should be used before it gets too long
- oldobjs=$objlist
- if test "$obj" = "$last_oldobj" ; then
- RANLIB=$save_RANLIB
- fi
- test -z "$concat_cmds" || concat_cmds=$concat_cmds~
- eval concat_cmds=\"\${concat_cmds}$old_archive_cmds\"
- objlist=
- len=$len0
- fi
- done
- RANLIB=$save_RANLIB
- oldobjs=$objlist
- if test "X$oldobjs" = "X" ; then
- eval cmds=\"\$concat_cmds\"
- else
- eval cmds=\"\$concat_cmds~\$old_archive_cmds\"
- fi
- fi
- fi
- func_execute_cmds "$cmds" 'exit $?'
- done
-
- test -n "$generated" && \
- func_show_eval "${RM}r$generated"
-
- # Now create the libtool archive.
- case $output in
- *.la)
- old_library=
- test "$build_old_libs" = yes && old_library="$libname.$libext"
- func_verbose "creating $output"
-
- # Preserve any variables that may affect compiler behavior
- for var in $variables_saved_for_relink; do
- if eval test -z \"\${$var+set}\"; then
- relink_command="{ test -z \"\${$var+set}\" || $lt_unset $var || { $var=; export $var; }; }; $relink_command"
- elif eval var_value=\$$var; test -z "$var_value"; then
- relink_command="$var=; export $var; $relink_command"
- else
- func_quote_for_eval "$var_value"
- relink_command="$var=$func_quote_for_eval_result; export $var; $relink_command"
- fi
- done
- # Quote the link command for shipping.
- relink_command="(cd `pwd`; $SHELL $progpath $preserve_args --mode=relink $libtool_args @inst_prefix_dir@)"
- relink_command=`$ECHO "X$relink_command" | $Xsed -e "$sed_quote_subst"`
- if test "$hardcode_automatic" = yes ; then
- relink_command=
- fi
-
- # Only create the output if not a dry run.
- $opt_dry_run || {
- for installed in no yes; do
- if test "$installed" = yes; then
- if test -z "$install_libdir"; then
- break
- fi
- output="$output_objdir/$outputname"i
- # Replace all uninstalled libtool libraries with the installed ones
- newdependency_libs=
- for deplib in $dependency_libs; do
- case $deplib in
- *.la)
- func_basename "$deplib"
- name="$func_basename_result"
- eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $deplib`
- test -z "$libdir" && \
- func_fatal_error "\`$deplib' is not a valid libtool archive"
- newdependency_libs="$newdependency_libs $libdir/$name"
- ;;
- *) newdependency_libs="$newdependency_libs $deplib" ;;
- esac
- done
- dependency_libs="$newdependency_libs"
- newdlfiles=
-
- for lib in $dlfiles; do
- case $lib in
- *.la)
- func_basename "$lib"
- name="$func_basename_result"
- eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $lib`
- test -z "$libdir" && \
- func_fatal_error "\`$lib' is not a valid libtool archive"
- newdlfiles="$newdlfiles $libdir/$name"
- ;;
- *) newdlfiles="$newdlfiles $lib" ;;
- esac
- done
- dlfiles="$newdlfiles"
- newdlprefiles=
- for lib in $dlprefiles; do
- case $lib in
- *.la)
- # Only pass preopened files to the pseudo-archive (for
- # eventual linking with the app. that links it) if we
- # didn't already link the preopened objects directly into
- # the library:
- func_basename "$lib"
- name="$func_basename_result"
- eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $lib`
- test -z "$libdir" && \
- func_fatal_error "\`$lib' is not a valid libtool archive"
- newdlprefiles="$newdlprefiles $libdir/$name"
- ;;
- esac
- done
- dlprefiles="$newdlprefiles"
- else
- newdlfiles=
- for lib in $dlfiles; do
- case $lib in
- [\\/]* | [A-Za-z]:[\\/]*) abs="$lib" ;;
- *) abs=`pwd`"/$lib" ;;
- esac
- newdlfiles="$newdlfiles $abs"
- done
- dlfiles="$newdlfiles"
- newdlprefiles=
- for lib in $dlprefiles; do
- case $lib in
- [\\/]* | [A-Za-z]:[\\/]*) abs="$lib" ;;
- *) abs=`pwd`"/$lib" ;;
- esac
- newdlprefiles="$newdlprefiles $abs"
- done
- dlprefiles="$newdlprefiles"
- fi
- $RM $output
- # place dlname in correct position for cygwin
- tdlname=$dlname
- case $host,$output,$installed,$module,$dlname in
- *cygwin*,*lai,yes,no,*.dll | *mingw*,*lai,yes,no,*.dll | *cegcc*,*lai,yes,no,*.dll) tdlname=../bin/$dlname ;;
- esac
- $ECHO > $output "\
-# $outputname - a libtool library file
-# Generated by $PROGRAM (GNU $PACKAGE$TIMESTAMP) $VERSION
-#
-# Please DO NOT delete this file!
-# It is necessary for linking the library.
-
-# The name that we can dlopen(3).
-dlname='$tdlname'
-
-# Names of this library.
-library_names='$library_names'
-
-# The name of the static archive.
-old_library='$old_library'
-
-# Linker flags that can not go in dependency_libs.
-inherited_linker_flags='$new_inherited_linker_flags'
-
-# Libraries that this one depends upon.
-dependency_libs='$dependency_libs'
-
-# Names of additional weak libraries provided by this library
-weak_library_names='$weak_libs'
-
-# Version information for $libname.
-current=$current
-age=$age
-revision=$revision
-
-# Is this an already installed library?
-installed=$installed
-
-# Should we warn about portability when linking against -modules?
-shouldnotlink=$module
-
-# Files to dlopen/dlpreopen
-dlopen='$dlfiles'
-dlpreopen='$dlprefiles'
-
-# Directory that this library needs to be installed in:
-libdir='$install_libdir'"
- if test "$installed" = no && test "$need_relink" = yes; then
- $ECHO >> $output "\
-relink_command=\"$relink_command\""
- fi
- done
- }
-
- # Do a symbolic link so that the libtool archive can be found in
- # LD_LIBRARY_PATH before the program is installed.
- func_show_eval '( cd "$output_objdir" && $RM "$outputname" && $LN_S "../$outputname" "$outputname" )' 'exit $?'
- ;;
- esac
- exit $EXIT_SUCCESS
-}
-
-{ test "$mode" = link || test "$mode" = relink; } &&
- func_mode_link ${1+"$@"}
-
-
-# func_mode_uninstall arg...
-func_mode_uninstall ()
-{
- $opt_debug
- RM="$nonopt"
- files=
- rmforce=
- exit_status=0
-
- # This variable tells wrapper scripts just to set variables rather
- # than running their programs.
- libtool_install_magic="$magic"
-
- for arg
- do
- case $arg in
- -f) RM="$RM $arg"; rmforce=yes ;;
- -*) RM="$RM $arg" ;;
- *) files="$files $arg" ;;
- esac
- done
-
- test -z "$RM" && \
- func_fatal_help "you must specify an RM program"
-
- rmdirs=
-
- origobjdir="$objdir"
- for file in $files; do
- func_dirname "$file" "" "."
- dir="$func_dirname_result"
- if test "X$dir" = X.; then
- objdir="$origobjdir"
- else
- objdir="$dir/$origobjdir"
- fi
- func_basename "$file"
- name="$func_basename_result"
- test "$mode" = uninstall && objdir="$dir"
-
- # Remember objdir for removal later, being careful to avoid duplicates
- if test "$mode" = clean; then
- case " $rmdirs " in
- *" $objdir "*) ;;
- *) rmdirs="$rmdirs $objdir" ;;
- esac
- fi
-
- # Don't error if the file doesn't exist and rm -f was used.
- if { test -L "$file"; } >/dev/null 2>&1 ||
- { test -h "$file"; } >/dev/null 2>&1 ||
- test -f "$file"; then
- :
- elif test -d "$file"; then
- exit_status=1
- continue
- elif test "$rmforce" = yes; then
- continue
- fi
-
- rmfiles="$file"
-
- case $name in
- *.la)
- # Possibly a libtool archive, so verify it.
- if func_lalib_p "$file"; then
- func_source $dir/$name
-
- # Delete the libtool libraries and symlinks.
- for n in $library_names; do
- rmfiles="$rmfiles $objdir/$n"
- done
- test -n "$old_library" && rmfiles="$rmfiles $objdir/$old_library"
-
- case "$mode" in
- clean)
- case " $library_names " in
- # " " in the beginning catches empty $dlname
- *" $dlname "*) ;;
- *) rmfiles="$rmfiles $objdir/$dlname" ;;
- esac
- test -n "$libdir" && rmfiles="$rmfiles $objdir/$name $objdir/${name}i"
- ;;
- uninstall)
- if test -n "$library_names"; then
- # Do each command in the postuninstall commands.
- func_execute_cmds "$postuninstall_cmds" 'test "$rmforce" = yes || exit_status=1'
- fi
-
- if test -n "$old_library"; then
- # Do each command in the old_postuninstall commands.
- func_execute_cmds "$old_postuninstall_cmds" 'test "$rmforce" = yes || exit_status=1'
- fi
- # FIXME: should reinstall the best remaining shared library.
- ;;
- esac
- fi
- ;;
-
- *.lo)
- # Possibly a libtool object, so verify it.
- if func_lalib_p "$file"; then
-
- # Read the .lo file
- func_source $dir/$name
-
- # Add PIC object to the list of files to remove.
- if test -n "$pic_object" &&
- test "$pic_object" != none; then
- rmfiles="$rmfiles $dir/$pic_object"
- fi
-
- # Add non-PIC object to the list of files to remove.
- if test -n "$non_pic_object" &&
- test "$non_pic_object" != none; then
- rmfiles="$rmfiles $dir/$non_pic_object"
- fi
- fi
- ;;
-
- *)
- if test "$mode" = clean ; then
- noexename=$name
- case $file in
- *.exe)
- func_stripname '' '.exe' "$file"
- file=$func_stripname_result
- func_stripname '' '.exe' "$name"
- noexename=$func_stripname_result
- # $file with .exe has already been added to rmfiles,
- # add $file without .exe
- rmfiles="$rmfiles $file"
- ;;
- esac
- # Do a test to see if this is a libtool program.
- if func_ltwrapper_p "$file"; then
- if func_ltwrapper_executable_p "$file"; then
- func_ltwrapper_scriptname "$file"
- relink_command=
- func_source $func_ltwrapper_scriptname_result
- rmfiles="$rmfiles $func_ltwrapper_scriptname_result"
- else
- relink_command=
- func_source $dir/$noexename
- fi
-
- # note $name still contains .exe if it was in $file originally
- # as does the version of $file that was added into $rmfiles
- rmfiles="$rmfiles $objdir/$name $objdir/${name}S.${objext}"
- if test "$fast_install" = yes && test -n "$relink_command"; then
- rmfiles="$rmfiles $objdir/lt-$name"
- fi
- if test "X$noexename" != "X$name" ; then
- rmfiles="$rmfiles $objdir/lt-${noexename}.c"
- fi
- fi
- fi
- ;;
- esac
- func_show_eval "$RM $rmfiles" 'exit_status=1'
- done
- objdir="$origobjdir"
-
- # Try to remove the ${objdir}s in the directories where we deleted files
- for dir in $rmdirs; do
- if test -d "$dir"; then
- func_show_eval "rmdir $dir >/dev/null 2>&1"
- fi
- done
-
- exit $exit_status
-}
-
-{ test "$mode" = uninstall || test "$mode" = clean; } &&
- func_mode_uninstall ${1+"$@"}
-
-test -z "$mode" && {
- help="$generic_help"
- func_fatal_help "you must specify a MODE"
-}
-
-test -z "$exec_cmd" && \
- func_fatal_help "invalid operation mode \`$mode'"
-
-if test -n "$exec_cmd"; then
- eval exec "$exec_cmd"
- exit $EXIT_FAILURE
-fi
-
-exit $exit_status
-
-
-# The TAGs below are defined such that we never get into a situation
-# in which we disable both kinds of libraries. Given conflicting
-# choices, we go for a static library, that is the most portable,
-# since we can't tell whether shared libraries were disabled because
-# the user asked for that or because the platform doesn't support
-# them. This is particularly important on AIX, because we don't
-# support having both static and shared libraries enabled at the same
-# time on that platform, so we default to a shared-only configuration.
-# If a disable-shared tag is given, we'll fallback to a static-only
-# configuration. But we'll never go from static-only to shared-only.
-
-# ### BEGIN LIBTOOL TAG CONFIG: disable-shared
-build_libtool_libs=no
-build_old_libs=yes
-# ### END LIBTOOL TAG CONFIG: disable-shared
-
-# ### BEGIN LIBTOOL TAG CONFIG: disable-static
-build_old_libs=`case $build_libtool_libs in yes) echo no;; *) echo yes;; esac`
-# ### END LIBTOOL TAG CONFIG: disable-static
-
-# Local Variables:
-# mode:shell-script
-# sh-indentation:2
-# End:
-# vi:sw=2
-
Modified: trunk/contrib/sudo/linux_audit.c
===================================================================
--- trunk/contrib/sudo/linux_audit.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/linux_audit.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -31,10 +31,9 @@
#include <string.h>
#include <libaudit.h>
-#include "compat.h"
+#include "missing.h"
#include "error.h"
#include "alloc.h"
-#include "missing.h"
#include "linux_audit.h"
/*
Modified: trunk/contrib/sudo/list.c
===================================================================
--- trunk/contrib/sudo/list.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/list.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -62,7 +62,7 @@
h->last->next = NULL;
}
}
- return (last);
+ return last;
}
/*
@@ -131,3 +131,33 @@
l->prev = h->last;
h->last = tail;
}
+
+/*
+ * Remove element from the tail_queue
+ */
+void
+tq_remove(vh, vl)
+ void *vh;
+ void *vl;
+{
+ struct list_head_proto *h = (struct list_head_proto *)vh;
+ struct list_proto *l = (struct list_proto *)vl;
+
+ if (h->first == l && h->last == l) {
+ /* Single element in the list. */
+ h->first = NULL;
+ h->last = NULL;
+ } else {
+ /* At least two elements in the list. */
+ if (h->first == l) {
+ h->first = l->next;
+ h->first->prev = h->first;
+ } else if (h->last == l) {
+ h->last = l->prev;
+ h->last->next = NULL;
+ } else {
+ l->prev->next = l->next;
+ l->next->prev = l->prev;
+ }
+ }
+}
Modified: trunk/contrib/sudo/list.h
===================================================================
--- trunk/contrib/sudo/list.h 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/list.h 2014-10-02 03:20:49 UTC (rev 6803)
@@ -77,6 +77,7 @@
*/
void *tq_pop __P((void *));
void tq_append __P((void *, void *));
+void tq_remove __P((void *, void *));
void list_append __P((void *, void *));
void list2tq __P((void *, void *));
Modified: trunk/contrib/sudo/logging.c
===================================================================
--- trunk/contrib/sudo/logging.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/logging.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -47,6 +47,12 @@
#ifdef HAVE_UNISTD_H
# include <unistd.h>
#endif /* HAVE_UNISTD_H */
+#ifdef HAVE_SETLOCALE
+# include <locale.h>
+#endif /* HAVE_SETLOCALE */
+#ifdef HAVE_NL_LANGINFO
+# include <langinfo.h>
+#endif /* HAVE_NL_LANGINFO */
#include <pwd.h>
#include <grp.h>
#include <signal.h>
@@ -132,6 +138,12 @@
char *p, *tmp, save;
const char *fmt;
+#ifdef HAVE_SETLOCALE
+ const char *old_locale = estrdup(setlocale(LC_ALL, NULL));
+ if (!setlocale(LC_ALL, def_sudoers_locale))
+ setlocale(LC_ALL, "C");
+#endif /* HAVE_SETLOCALE */
+
/*
* Log the full line, breaking into multiple syslog(3) calls if necessary
*/
@@ -166,6 +178,11 @@
fmt = FMT_CONTD;
maxlen = MAXSYSLOGLEN - (sizeof(FMT_CONTD) - 6 + strlen(user_name));
}
+
+#ifdef HAVE_SETLOCALE
+ setlocale(LC_ALL, old_locale);
+ efree((void *)old_locale);
+#endif /* HAVE_SETLOCALE */
}
static void
@@ -189,6 +206,12 @@
} else {
time_t now;
+#ifdef HAVE_SETLOCALE
+ const char *old_locale = estrdup(setlocale(LC_ALL, NULL));
+ if (!setlocale(LC_ALL, def_sudoers_locale))
+ setlocale(LC_ALL, "C");
+#endif /* HAVE_SETLOCALE */
+
now = time(NULL);
if (def_loglinelen == 0) {
/* Don't pretty-print long log file lines (hard to grep) */
@@ -258,6 +281,11 @@
(void) fflush(fp);
(void) lock_file(fileno(fp), SUDO_UNLOCK);
(void) fclose(fp);
+
+#ifdef HAVE_SETLOCALE
+ setlocale(LC_ALL, old_locale);
+ efree((void *)old_locale);
+#endif /* HAVE_SETLOCALE */
}
}
@@ -437,7 +465,7 @@
"USER=root",
NULL
};
-#endif
+#endif /* NO_ROOT_MAILER */
/* Just return if mailer is disabled. */
if (!def_mailerpath || !def_mailto)
@@ -479,7 +507,8 @@
/* Daemonize - disassociate from session/tty. */
if (setsid() == -1)
warning("setsid");
- (void) chdir("/");
+ if (chdir("/") == -1)
+ warning("chdir(/)");
if ((fd = open(_PATH_DEVNULL, O_RDWR, 0644)) != -1) {
(void) dup2(fd, STDIN_FILENO);
(void) dup2(fd, STDOUT_FILENO);
@@ -486,6 +515,14 @@
(void) dup2(fd, STDERR_FILENO);
}
+#ifdef HAVE_SETLOCALE
+ if (!setlocale(LC_ALL, def_sudoers_locale)) {
+ setlocale(LC_ALL, "C");
+ efree(def_sudoers_locale);
+ def_sudoers_locale = estrdup("C");
+ }
+#endif /* HAVE_SETLOCALE */
+
/* Close password, group and other fds so we don't leak. */
sudo_endpwent();
sudo_endgrent();
@@ -582,6 +619,11 @@
(void) fputc(*p, mail);
}
+#ifdef HAVE_NL_LANGINFO
+ if (strcmp(def_sudoers_locale, "C") != 0)
+ (void) fprintf(mail, "\nContent-Type: text/plain; charset=\"%s\"\nContent-Transfer-Encoding: 8bit", nl_langinfo(CODESET));
+#endif /* HAVE_NL_LANGINFO */
+
(void) fprintf(mail, "\n\n%s : %s : %s : ", user_host,
get_timestr(time(NULL), def_log_year), user_name);
#ifdef __STDC__
@@ -612,10 +654,10 @@
int status;
{
- return(def_mail_always || ISSET(status, VALIDATE_ERROR) ||
+ return def_mail_always || ISSET(status, VALIDATE_ERROR) ||
(def_mail_no_user && ISSET(status, FLAG_NO_USER)) ||
(def_mail_no_host && ISSET(status, FLAG_NO_HOST)) ||
- (def_mail_no_perms && !ISSET(status, VALIDATE_OK)));
+ (def_mail_no_perms && !ISSET(status, VALIDATE_OK));
}
#define LL_TTY_STR "TTY="
@@ -669,7 +711,10 @@
}
len += sizeof(LL_ENV_STR) + 2 + evlen;
}
+ /* Note: we log "sudo -l command arg ..." as "list command arg ..." */
len += sizeof(LL_CMND_STR) - 1 + strlen(user_cmnd);
+ if (ISSET(sudo_mode, MODE_CHECK))
+ len += sizeof("list ") - 1;
if (user_args != NULL)
len += strlen(user_args) + 1;
@@ -722,9 +767,12 @@
goto toobig;
efree(evstr);
}
- if (strlcat(line, LL_CMND_STR, len) >= len ||
- strlcat(line, user_cmnd, len) >= len)
+ if (strlcat(line, LL_CMND_STR, len) >= len)
goto toobig;
+ if (ISSET(sudo_mode, MODE_CHECK) && strlcat(line, "list ", len) >= len)
+ goto toobig;
+ if (strlcat(line, user_cmnd, len) >= len)
+ goto toobig;
if (user_args != NULL) {
if (strlcat(line, " ", len) >= len ||
strlcat(line, user_args, len) >= len)
@@ -731,7 +779,7 @@
goto toobig;
}
- return (line);
+ return line;
toobig:
errorx(1, "internal error: insufficient space for log line");
}
Added: trunk/contrib/sudo/m4/libtool.m4
===================================================================
--- trunk/contrib/sudo/m4/libtool.m4 (rev 0)
+++ trunk/contrib/sudo/m4/libtool.m4 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,7357 @@
+# libtool.m4 - Configure libtool for the host system. -*-Autoconf-*-
+#
+# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005,
+# 2006, 2007, 2008 Free Software Foundation, Inc.
+# Written by Gordon Matzigkeit, 1996
+#
+# This file is free software; the Free Software Foundation gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+
+m4_define([_LT_COPYING], [dnl
+# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005,
+# 2006, 2007, 2008 Free Software Foundation, Inc.
+# Written by Gordon Matzigkeit, 1996
+#
+# This file is part of GNU Libtool.
+#
+# GNU Libtool is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; either version 2 of
+# the License, or (at your option) any later version.
+#
+# As a special exception to the GNU General Public License,
+# if you distribute this file as part of a program or library that
+# is built using GNU Libtool, you may include this file under the
+# same distribution terms that you use for the rest of that program.
+#
+# GNU Libtool is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GNU Libtool; see the file COPYING. If not, a copy
+# can be downloaded from http://www.gnu.org/licenses/gpl.html, or
+# obtained by writing to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+])
+
+# serial 56 LT_INIT
+
+
+# LT_PREREQ(VERSION)
+# ------------------
+# Complain and exit if this libtool version is less that VERSION.
+m4_defun([LT_PREREQ],
+[m4_if(m4_version_compare(m4_defn([LT_PACKAGE_VERSION]), [$1]), -1,
+ [m4_default([$3],
+ [m4_fatal([Libtool version $1 or higher is required],
+ 63)])],
+ [$2])])
+
+
+# _LT_CHECK_BUILDDIR
+# ------------------
+# Complain if the absolute build directory name contains unusual characters
+m4_defun([_LT_CHECK_BUILDDIR],
+[case `pwd` in
+ *\ * | *\ *)
+ AC_MSG_WARN([Libtool does not cope well with whitespace in `pwd`]) ;;
+esac
+])
+
+
+# LT_INIT([OPTIONS])
+# ------------------
+AC_DEFUN([LT_INIT],
+[AC_PREREQ([2.58])dnl We use AC_INCLUDES_DEFAULT
+AC_BEFORE([$0], [LT_LANG])dnl
+AC_BEFORE([$0], [LT_OUTPUT])dnl
+AC_BEFORE([$0], [LTDL_INIT])dnl
+m4_require([_LT_CHECK_BUILDDIR])dnl
+
+dnl Autoconf doesn't catch unexpanded LT_ macros by default:
+m4_pattern_forbid([^_?LT_[A-Z_]+$])dnl
+m4_pattern_allow([^(_LT_EOF|LT_DLGLOBAL|LT_DLLAZY_OR_NOW|LT_MULTI_MODULE)$])dnl
+dnl aclocal doesn't pull ltoptions.m4, ltsugar.m4, or ltversion.m4
+dnl unless we require an AC_DEFUNed macro:
+AC_REQUIRE([LTOPTIONS_VERSION])dnl
+AC_REQUIRE([LTSUGAR_VERSION])dnl
+AC_REQUIRE([LTVERSION_VERSION])dnl
+AC_REQUIRE([LTOBSOLETE_VERSION])dnl
+m4_require([_LT_PROG_LTMAIN])dnl
+
+dnl Parse OPTIONS
+_LT_SET_OPTIONS([$0], [$1])
+
+# This can be used to rebuild libtool when needed
+LIBTOOL_DEPS="$ltmain"
+
+# Always use our own libtool.
+LIBTOOL='$(SHELL) $(top_builddir)/libtool'
+AC_SUBST(LIBTOOL)dnl
+
+_LT_SETUP
+
+# Only expand once:
+m4_define([LT_INIT])
+])# LT_INIT
+
+# Old names:
+AU_ALIAS([AC_PROG_LIBTOOL], [LT_INIT])
+AU_ALIAS([AM_PROG_LIBTOOL], [LT_INIT])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_PROG_LIBTOOL], [])
+dnl AC_DEFUN([AM_PROG_LIBTOOL], [])
+
+
+# _LT_CC_BASENAME(CC)
+# -------------------
+# Calculate cc_basename. Skip known compiler wrappers and cross-prefix.
+m4_defun([_LT_CC_BASENAME],
+[for cc_temp in $1""; do
+ case $cc_temp in
+ compile | *[[\\/]]compile | ccache | *[[\\/]]ccache ) ;;
+ distcc | *[[\\/]]distcc | purify | *[[\\/]]purify ) ;;
+ \-*) ;;
+ *) break;;
+ esac
+done
+cc_basename=`$ECHO "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"`
+])
+
+
+# _LT_FILEUTILS_DEFAULTS
+# ----------------------
+# It is okay to use these file commands and assume they have been set
+# sensibly after `m4_require([_LT_FILEUTILS_DEFAULTS])'.
+m4_defun([_LT_FILEUTILS_DEFAULTS],
+[: ${CP="cp -f"}
+: ${MV="mv -f"}
+: ${RM="rm -f"}
+])# _LT_FILEUTILS_DEFAULTS
+
+
+# _LT_SETUP
+# ---------
+m4_defun([_LT_SETUP],
+[AC_REQUIRE([AC_CANONICAL_HOST])dnl
+AC_REQUIRE([AC_CANONICAL_BUILD])dnl
+_LT_DECL([], [host_alias], [0], [The host system])dnl
+_LT_DECL([], [host], [0])dnl
+_LT_DECL([], [host_os], [0])dnl
+dnl
+_LT_DECL([], [build_alias], [0], [The build system])dnl
+_LT_DECL([], [build], [0])dnl
+_LT_DECL([], [build_os], [0])dnl
+dnl
+AC_REQUIRE([AC_PROG_CC])dnl
+AC_REQUIRE([LT_PATH_LD])dnl
+AC_REQUIRE([LT_PATH_NM])dnl
+dnl
+AC_REQUIRE([AC_PROG_LN_S])dnl
+test -z "$LN_S" && LN_S="ln -s"
+_LT_DECL([], [LN_S], [1], [Whether we need soft or hard links])dnl
+dnl
+AC_REQUIRE([LT_CMD_MAX_LEN])dnl
+_LT_DECL([objext], [ac_objext], [0], [Object file suffix (normally "o")])dnl
+_LT_DECL([], [exeext], [0], [Executable file suffix (normally "")])dnl
+dnl
+m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+m4_require([_LT_CHECK_SHELL_FEATURES])dnl
+m4_require([_LT_CMD_RELOAD])dnl
+m4_require([_LT_CHECK_MAGIC_METHOD])dnl
+m4_require([_LT_CMD_OLD_ARCHIVE])dnl
+m4_require([_LT_CMD_GLOBAL_SYMBOLS])dnl
+
+_LT_CONFIG_LIBTOOL_INIT([
+# See if we are running on zsh, and set the options which allow our
+# commands through without removal of \ escapes INIT.
+if test -n "\${ZSH_VERSION+set}" ; then
+ setopt NO_GLOB_SUBST
+fi
+])
+if test -n "${ZSH_VERSION+set}" ; then
+ setopt NO_GLOB_SUBST
+fi
+
+_LT_CHECK_OBJDIR
+
+m4_require([_LT_TAG_COMPILER])dnl
+_LT_PROG_ECHO_BACKSLASH
+
+case $host_os in
+aix3*)
+ # AIX sometimes has problems with the GCC collect2 program. For some
+ # reason, if we set the COLLECT_NAMES environment variable, the problems
+ # vanish in a puff of smoke.
+ if test "X${COLLECT_NAMES+set}" != Xset; then
+ COLLECT_NAMES=
+ export COLLECT_NAMES
+ fi
+ ;;
+esac
+
+# Sed substitution that helps us do robust quoting. It backslashifies
+# metacharacters that are still active within double-quoted strings.
+sed_quote_subst='s/\([["`$\\]]\)/\\\1/g'
+
+# Same as above, but do not quote variable references.
+double_quote_subst='s/\([["`\\]]\)/\\\1/g'
+
+# Sed substitution to delay expansion of an escaped shell variable in a
+# double_quote_subst'ed string.
+delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g'
+
+# Sed substitution to delay expansion of an escaped single quote.
+delay_single_quote_subst='s/'\''/'\'\\\\\\\'\''/g'
+
+# Sed substitution to avoid accidental globbing in evaled expressions
+no_glob_subst='s/\*/\\\*/g'
+
+# Global variables:
+ofile=libtool
+can_build_shared=yes
+
+# All known linkers require a `.a' archive for static linking (except MSVC,
+# which needs '.lib').
+libext=a
+
+with_gnu_ld="$lt_cv_prog_gnu_ld"
+
+old_CC="$CC"
+old_CFLAGS="$CFLAGS"
+
+# Set sane defaults for various variables
+test -z "$CC" && CC=cc
+test -z "$LTCC" && LTCC=$CC
+test -z "$LTCFLAGS" && LTCFLAGS=$CFLAGS
+test -z "$LD" && LD=ld
+test -z "$ac_objext" && ac_objext=o
+
+_LT_CC_BASENAME([$compiler])
+
+# Only perform the check for file, if the check method requires it
+test -z "$MAGIC_CMD" && MAGIC_CMD=file
+case $deplibs_check_method in
+file_magic*)
+ if test "$file_magic_cmd" = '$MAGIC_CMD'; then
+ _LT_PATH_MAGIC
+ fi
+ ;;
+esac
+
+# Use C for the default configuration in the libtool script
+LT_SUPPORTED_TAG([CC])
+_LT_LANG_C_CONFIG
+_LT_LANG_DEFAULT_CONFIG
+_LT_CONFIG_COMMANDS
+])# _LT_SETUP
+
+
+# _LT_PROG_LTMAIN
+# ---------------
+# Note that this code is called both from `configure', and `config.status'
+# now that we use AC_CONFIG_COMMANDS to generate libtool. Notably,
+# `config.status' has no value for ac_aux_dir unless we are using Automake,
+# so we pass a copy along to make sure it has a sensible value anyway.
+m4_defun([_LT_PROG_LTMAIN],
+[m4_ifdef([AC_REQUIRE_AUX_FILE], [AC_REQUIRE_AUX_FILE([ltmain.sh])])dnl
+_LT_CONFIG_LIBTOOL_INIT([ac_aux_dir='$ac_aux_dir'])
+ltmain="$ac_aux_dir/ltmain.sh"
+])# _LT_PROG_LTMAIN
+
+
+## ------------------------------------- ##
+## Accumulate code for creating libtool. ##
+## ------------------------------------- ##
+
+# So that we can recreate a full libtool script including additional
+# tags, we accumulate the chunks of code to send to AC_CONFIG_COMMANDS
+# in macros and then make a single call at the end using the `libtool'
+# label.
+
+
+# _LT_CONFIG_LIBTOOL_INIT([INIT-COMMANDS])
+# ----------------------------------------
+# Register INIT-COMMANDS to be passed to AC_CONFIG_COMMANDS later.
+m4_define([_LT_CONFIG_LIBTOOL_INIT],
+[m4_ifval([$1],
+ [m4_append([_LT_OUTPUT_LIBTOOL_INIT],
+ [$1
+])])])
+
+# Initialize.
+m4_define([_LT_OUTPUT_LIBTOOL_INIT])
+
+
+# _LT_CONFIG_LIBTOOL([COMMANDS])
+# ------------------------------
+# Register COMMANDS to be passed to AC_CONFIG_COMMANDS later.
+m4_define([_LT_CONFIG_LIBTOOL],
+[m4_ifval([$1],
+ [m4_append([_LT_OUTPUT_LIBTOOL_COMMANDS],
+ [$1
+])])])
+
+# Initialize.
+m4_define([_LT_OUTPUT_LIBTOOL_COMMANDS])
+
+
+# _LT_CONFIG_SAVE_COMMANDS([COMMANDS], [INIT_COMMANDS])
+# -----------------------------------------------------
+m4_defun([_LT_CONFIG_SAVE_COMMANDS],
+[_LT_CONFIG_LIBTOOL([$1])
+_LT_CONFIG_LIBTOOL_INIT([$2])
+])
+
+
+# _LT_FORMAT_COMMENT([COMMENT])
+# -----------------------------
+# Add leading comment marks to the start of each line, and a trailing
+# full-stop to the whole comment if one is not present already.
+m4_define([_LT_FORMAT_COMMENT],
+[m4_ifval([$1], [
+m4_bpatsubst([m4_bpatsubst([$1], [^ *], [# ])],
+ [['`$\]], [\\\&])]m4_bmatch([$1], [[!?.]$], [], [.])
+)])
+
+
+
+## ------------------------ ##
+## FIXME: Eliminate VARNAME ##
+## ------------------------ ##
+
+
+# _LT_DECL([CONFIGNAME], VARNAME, VALUE, [DESCRIPTION], [IS-TAGGED?])
+# -------------------------------------------------------------------
+# CONFIGNAME is the name given to the value in the libtool script.
+# VARNAME is the (base) name used in the configure script.
+# VALUE may be 0, 1 or 2 for a computed quote escaped value based on
+# VARNAME. Any other value will be used directly.
+m4_define([_LT_DECL],
+[lt_if_append_uniq([lt_decl_varnames], [$2], [, ],
+ [lt_dict_add_subkey([lt_decl_dict], [$2], [libtool_name],
+ [m4_ifval([$1], [$1], [$2])])
+ lt_dict_add_subkey([lt_decl_dict], [$2], [value], [$3])
+ m4_ifval([$4],
+ [lt_dict_add_subkey([lt_decl_dict], [$2], [description], [$4])])
+ lt_dict_add_subkey([lt_decl_dict], [$2],
+ [tagged?], [m4_ifval([$5], [yes], [no])])])
+])
+
+
+# _LT_TAGDECL([CONFIGNAME], VARNAME, VALUE, [DESCRIPTION])
+# --------------------------------------------------------
+m4_define([_LT_TAGDECL], [_LT_DECL([$1], [$2], [$3], [$4], [yes])])
+
+
+# lt_decl_tag_varnames([SEPARATOR], [VARNAME1...])
+# ------------------------------------------------
+m4_define([lt_decl_tag_varnames],
+[_lt_decl_filter([tagged?], [yes], $@)])
+
+
+# _lt_decl_filter(SUBKEY, VALUE, [SEPARATOR], [VARNAME1..])
+# ---------------------------------------------------------
+m4_define([_lt_decl_filter],
+[m4_case([$#],
+ [0], [m4_fatal([$0: too few arguments: $#])],
+ [1], [m4_fatal([$0: too few arguments: $#: $1])],
+ [2], [lt_dict_filter([lt_decl_dict], [$1], [$2], [], lt_decl_varnames)],
+ [3], [lt_dict_filter([lt_decl_dict], [$1], [$2], [$3], lt_decl_varnames)],
+ [lt_dict_filter([lt_decl_dict], $@)])[]dnl
+])
+
+
+# lt_decl_quote_varnames([SEPARATOR], [VARNAME1...])
+# --------------------------------------------------
+m4_define([lt_decl_quote_varnames],
+[_lt_decl_filter([value], [1], $@)])
+
+
+# lt_decl_dquote_varnames([SEPARATOR], [VARNAME1...])
+# ---------------------------------------------------
+m4_define([lt_decl_dquote_varnames],
+[_lt_decl_filter([value], [2], $@)])
+
+
+# lt_decl_varnames_tagged([SEPARATOR], [VARNAME1...])
+# ---------------------------------------------------
+m4_define([lt_decl_varnames_tagged],
+[m4_assert([$# <= 2])dnl
+_$0(m4_quote(m4_default([$1], [[, ]])),
+ m4_ifval([$2], [[$2]], [m4_dquote(lt_decl_tag_varnames)]),
+ m4_split(m4_normalize(m4_quote(_LT_TAGS)), [ ]))])
+m4_define([_lt_decl_varnames_tagged],
+[m4_ifval([$3], [lt_combine([$1], [$2], [_], $3)])])
+
+
+# lt_decl_all_varnames([SEPARATOR], [VARNAME1...])
+# ------------------------------------------------
+m4_define([lt_decl_all_varnames],
+[_$0(m4_quote(m4_default([$1], [[, ]])),
+ m4_if([$2], [],
+ m4_quote(lt_decl_varnames),
+ m4_quote(m4_shift($@))))[]dnl
+])
+m4_define([_lt_decl_all_varnames],
+[lt_join($@, lt_decl_varnames_tagged([$1],
+ lt_decl_tag_varnames([[, ]], m4_shift($@))))dnl
+])
+
+
+# _LT_CONFIG_STATUS_DECLARE([VARNAME])
+# ------------------------------------
+# Quote a variable value, and forward it to `config.status' so that its
+# declaration there will have the same value as in `configure'. VARNAME
+# must have a single quote delimited value for this to work.
+m4_define([_LT_CONFIG_STATUS_DECLARE],
+[$1='`$ECHO "X$][$1" | $Xsed -e "$delay_single_quote_subst"`'])
+
+
+# _LT_CONFIG_STATUS_DECLARATIONS
+# ------------------------------
+# We delimit libtool config variables with single quotes, so when
+# we write them to config.status, we have to be sure to quote all
+# embedded single quotes properly. In configure, this macro expands
+# each variable declared with _LT_DECL (and _LT_TAGDECL) into:
+#
+# <var>='`$ECHO "X$<var>" | $Xsed -e "$delay_single_quote_subst"`'
+m4_defun([_LT_CONFIG_STATUS_DECLARATIONS],
+[m4_foreach([_lt_var], m4_quote(lt_decl_all_varnames),
+ [m4_n([_LT_CONFIG_STATUS_DECLARE(_lt_var)])])])
+
+
+# _LT_LIBTOOL_TAGS
+# ----------------
+# Output comment and list of tags supported by the script
+m4_defun([_LT_LIBTOOL_TAGS],
+[_LT_FORMAT_COMMENT([The names of the tagged configurations supported by this script])dnl
+available_tags="_LT_TAGS"dnl
+])
+
+
+# _LT_LIBTOOL_DECLARE(VARNAME, [TAG])
+# -----------------------------------
+# Extract the dictionary values for VARNAME (optionally with TAG) and
+# expand to a commented shell variable setting:
+#
+# # Some comment about what VAR is for.
+# visible_name=$lt_internal_name
+m4_define([_LT_LIBTOOL_DECLARE],
+[_LT_FORMAT_COMMENT(m4_quote(lt_dict_fetch([lt_decl_dict], [$1],
+ [description])))[]dnl
+m4_pushdef([_libtool_name],
+ m4_quote(lt_dict_fetch([lt_decl_dict], [$1], [libtool_name])))[]dnl
+m4_case(m4_quote(lt_dict_fetch([lt_decl_dict], [$1], [value])),
+ [0], [_libtool_name=[$]$1],
+ [1], [_libtool_name=$lt_[]$1],
+ [2], [_libtool_name=$lt_[]$1],
+ [_libtool_name=lt_dict_fetch([lt_decl_dict], [$1], [value])])[]dnl
+m4_ifval([$2], [_$2])[]m4_popdef([_libtool_name])[]dnl
+])
+
+
+# _LT_LIBTOOL_CONFIG_VARS
+# -----------------------
+# Produce commented declarations of non-tagged libtool config variables
+# suitable for insertion in the LIBTOOL CONFIG section of the `libtool'
+# script. Tagged libtool config variables (even for the LIBTOOL CONFIG
+# section) are produced by _LT_LIBTOOL_TAG_VARS.
+m4_defun([_LT_LIBTOOL_CONFIG_VARS],
+[m4_foreach([_lt_var],
+ m4_quote(_lt_decl_filter([tagged?], [no], [], lt_decl_varnames)),
+ [m4_n([_LT_LIBTOOL_DECLARE(_lt_var)])])])
+
+
+# _LT_LIBTOOL_TAG_VARS(TAG)
+# -------------------------
+m4_define([_LT_LIBTOOL_TAG_VARS],
+[m4_foreach([_lt_var], m4_quote(lt_decl_tag_varnames),
+ [m4_n([_LT_LIBTOOL_DECLARE(_lt_var, [$1])])])])
+
+
+# _LT_TAGVAR(VARNAME, [TAGNAME])
+# ------------------------------
+m4_define([_LT_TAGVAR], [m4_ifval([$2], [$1_$2], [$1])])
+
+
+# _LT_CONFIG_COMMANDS
+# -------------------
+# Send accumulated output to $CONFIG_STATUS. Thanks to the lists of
+# variables for single and double quote escaping we saved from calls
+# to _LT_DECL, we can put quote escaped variables declarations
+# into `config.status', and then the shell code to quote escape them in
+# for loops in `config.status'. Finally, any additional code accumulated
+# from calls to _LT_CONFIG_LIBTOOL_INIT is expanded.
+m4_defun([_LT_CONFIG_COMMANDS],
+[AC_PROVIDE_IFELSE([LT_OUTPUT],
+ dnl If the libtool generation code has been placed in $CONFIG_LT,
+ dnl instead of duplicating it all over again into config.status,
+ dnl then we will have config.status run $CONFIG_LT later, so it
+ dnl needs to know what name is stored there:
+ [AC_CONFIG_COMMANDS([libtool],
+ [$SHELL $CONFIG_LT || AS_EXIT(1)], [CONFIG_LT='$CONFIG_LT'])],
+ dnl If the libtool generation code is destined for config.status,
+ dnl expand the accumulated commands and init code now:
+ [AC_CONFIG_COMMANDS([libtool],
+ [_LT_OUTPUT_LIBTOOL_COMMANDS], [_LT_OUTPUT_LIBTOOL_COMMANDS_INIT])])
+])#_LT_CONFIG_COMMANDS
+
+
+# Initialize.
+m4_define([_LT_OUTPUT_LIBTOOL_COMMANDS_INIT],
+[
+
+# The HP-UX ksh and POSIX shell print the target directory to stdout
+# if CDPATH is set.
+(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
+
+sed_quote_subst='$sed_quote_subst'
+double_quote_subst='$double_quote_subst'
+delay_variable_subst='$delay_variable_subst'
+_LT_CONFIG_STATUS_DECLARATIONS
+LTCC='$LTCC'
+LTCFLAGS='$LTCFLAGS'
+compiler='$compiler_DEFAULT'
+
+# Quote evaled strings.
+for var in lt_decl_all_varnames([[ \
+]], lt_decl_quote_varnames); do
+ case \`eval \\\\\$ECHO "X\\\\\$\$var"\` in
+ *[[\\\\\\\`\\"\\\$]]*)
+ eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"X\\\$\$var\\" | \\\$Xsed -e \\"\\\$sed_quote_subst\\"\\\`\\\\\\""
+ ;;
+ *)
+ eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\""
+ ;;
+ esac
+done
+
+# Double-quote double-evaled strings.
+for var in lt_decl_all_varnames([[ \
+]], lt_decl_dquote_varnames); do
+ case \`eval \\\\\$ECHO "X\\\\\$\$var"\` in
+ *[[\\\\\\\`\\"\\\$]]*)
+ eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"X\\\$\$var\\" | \\\$Xsed -e \\"\\\$double_quote_subst\\" -e \\"\\\$sed_quote_subst\\" -e \\"\\\$delay_variable_subst\\"\\\`\\\\\\""
+ ;;
+ *)
+ eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\""
+ ;;
+ esac
+done
+
+# Fix-up fallback echo if it was mangled by the above quoting rules.
+case \$lt_ECHO in
+*'\\\[$]0 --fallback-echo"')dnl "
+ lt_ECHO=\`\$ECHO "X\$lt_ECHO" | \$Xsed -e 's/\\\\\\\\\\\\\\\[$]0 --fallback-echo"\[$]/\[$]0 --fallback-echo"/'\`
+ ;;
+esac
+
+_LT_OUTPUT_LIBTOOL_INIT
+])
+
+
+# LT_OUTPUT
+# ---------
+# This macro allows early generation of the libtool script (before
+# AC_OUTPUT is called), incase it is used in configure for compilation
+# tests.
+AC_DEFUN([LT_OUTPUT],
+[: ${CONFIG_LT=./config.lt}
+AC_MSG_NOTICE([creating $CONFIG_LT])
+cat >"$CONFIG_LT" <<_LTEOF
+#! $SHELL
+# Generated by $as_me.
+# Run this file to recreate a libtool stub with the current configuration.
+
+lt_cl_silent=false
+SHELL=\${CONFIG_SHELL-$SHELL}
+_LTEOF
+
+cat >>"$CONFIG_LT" <<\_LTEOF
+AS_SHELL_SANITIZE
+_AS_PREPARE
+
+exec AS_MESSAGE_FD>&1
+exec AS_MESSAGE_LOG_FD>>config.log
+{
+ echo
+ AS_BOX([Running $as_me.])
+} >&AS_MESSAGE_LOG_FD
+
+lt_cl_help="\
+\`$as_me' creates a local libtool stub from the current configuration,
+for use in further configure time tests before the real libtool is
+generated.
+
+Usage: $[0] [[OPTIONS]]
+
+ -h, --help print this help, then exit
+ -V, --version print version number, then exit
+ -q, --quiet do not print progress messages
+ -d, --debug don't remove temporary files
+
+Report bugs to <bug-libtool at gnu.org>."
+
+lt_cl_version="\
+m4_ifset([AC_PACKAGE_NAME], [AC_PACKAGE_NAME ])config.lt[]dnl
+m4_ifset([AC_PACKAGE_VERSION], [ AC_PACKAGE_VERSION])
+configured by $[0], generated by m4_PACKAGE_STRING.
+
+Copyright (C) 2008 Free Software Foundation, Inc.
+This config.lt script is free software; the Free Software Foundation
+gives unlimited permision to copy, distribute and modify it."
+
+while test $[#] != 0
+do
+ case $[1] in
+ --version | --v* | -V )
+ echo "$lt_cl_version"; exit 0 ;;
+ --help | --h* | -h )
+ echo "$lt_cl_help"; exit 0 ;;
+ --debug | --d* | -d )
+ debug=: ;;
+ --quiet | --q* | --silent | --s* | -q )
+ lt_cl_silent=: ;;
+
+ -*) AC_MSG_ERROR([unrecognized option: $[1]
+Try \`$[0] --help' for more information.]) ;;
+
+ *) AC_MSG_ERROR([unrecognized argument: $[1]
+Try \`$[0] --help' for more information.]) ;;
+ esac
+ shift
+done
+
+if $lt_cl_silent; then
+ exec AS_MESSAGE_FD>/dev/null
+fi
+_LTEOF
+
+cat >>"$CONFIG_LT" <<_LTEOF
+_LT_OUTPUT_LIBTOOL_COMMANDS_INIT
+_LTEOF
+
+cat >>"$CONFIG_LT" <<\_LTEOF
+AC_MSG_NOTICE([creating $ofile])
+_LT_OUTPUT_LIBTOOL_COMMANDS
+AS_EXIT(0)
+_LTEOF
+chmod +x "$CONFIG_LT"
+
+# configure is writing to config.log, but config.lt does its own redirection,
+# appending to config.log, which fails on DOS, as config.log is still kept
+# open by configure. Here we exec the FD to /dev/null, effectively closing
+# config.log, so it can be properly (re)opened and appended to by config.lt.
+if test "$no_create" != yes; then
+ lt_cl_success=:
+ test "$silent" = yes &&
+ lt_config_lt_args="$lt_config_lt_args --quiet"
+ exec AS_MESSAGE_LOG_FD>/dev/null
+ $SHELL "$CONFIG_LT" $lt_config_lt_args || lt_cl_success=false
+ exec AS_MESSAGE_LOG_FD>>config.log
+ $lt_cl_success || AS_EXIT(1)
+fi
+])# LT_OUTPUT
+
+
+# _LT_CONFIG(TAG)
+# ---------------
+# If TAG is the built-in tag, create an initial libtool script with a
+# default configuration from the untagged config vars. Otherwise add code
+# to config.status for appending the configuration named by TAG from the
+# matching tagged config vars.
+m4_defun([_LT_CONFIG],
+[m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+_LT_CONFIG_SAVE_COMMANDS([
+ m4_define([_LT_TAG], m4_if([$1], [], [C], [$1]))dnl
+ m4_if(_LT_TAG, [C], [
+ # See if we are running on zsh, and set the options which allow our
+ # commands through without removal of \ escapes.
+ if test -n "${ZSH_VERSION+set}" ; then
+ setopt NO_GLOB_SUBST
+ fi
+
+ cfgfile="${ofile}T"
+ trap "$RM \"$cfgfile\"; exit 1" 1 2 15
+ $RM "$cfgfile"
+
+ cat <<_LT_EOF >> "$cfgfile"
+#! $SHELL
+
+# `$ECHO "$ofile" | sed 's%^.*/%%'` - Provide generalized library-building support services.
+# Generated automatically by $as_me ($PACKAGE$TIMESTAMP) $VERSION
+# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`:
+# NOTE: Changes made to this file will be lost: look at ltmain.sh.
+#
+_LT_COPYING
+_LT_LIBTOOL_TAGS
+
+# ### BEGIN LIBTOOL CONFIG
+_LT_LIBTOOL_CONFIG_VARS
+_LT_LIBTOOL_TAG_VARS
+# ### END LIBTOOL CONFIG
+
+_LT_EOF
+
+ case $host_os in
+ aix3*)
+ cat <<\_LT_EOF >> "$cfgfile"
+# AIX sometimes has problems with the GCC collect2 program. For some
+# reason, if we set the COLLECT_NAMES environment variable, the problems
+# vanish in a puff of smoke.
+if test "X${COLLECT_NAMES+set}" != Xset; then
+ COLLECT_NAMES=
+ export COLLECT_NAMES
+fi
+_LT_EOF
+ ;;
+ esac
+
+ _LT_PROG_LTMAIN
+
+ # We use sed instead of cat because bash on DJGPP gets confused if
+ # if finds mixed CR/LF and LF-only lines. Since sed operates in
+ # text mode, it properly converts lines to CR/LF. This bash problem
+ # is reportedly fixed, but why not run on old versions too?
+ sed '/^# Generated shell functions inserted here/q' "$ltmain" >> "$cfgfile" \
+ || (rm -f "$cfgfile"; exit 1)
+
+ _LT_PROG_XSI_SHELLFNS
+
+ sed -n '/^# Generated shell functions inserted here/,$p' "$ltmain" >> "$cfgfile" \
+ || (rm -f "$cfgfile"; exit 1)
+
+ mv -f "$cfgfile" "$ofile" ||
+ (rm -f "$ofile" && cp "$cfgfile" "$ofile" && rm -f "$cfgfile")
+ chmod +x "$ofile"
+],
+[cat <<_LT_EOF >> "$ofile"
+
+dnl Unfortunately we have to use $1 here, since _LT_TAG is not expanded
+dnl in a comment (ie after a #).
+# ### BEGIN LIBTOOL TAG CONFIG: $1
+_LT_LIBTOOL_TAG_VARS(_LT_TAG)
+# ### END LIBTOOL TAG CONFIG: $1
+_LT_EOF
+])dnl /m4_if
+],
+[m4_if([$1], [], [
+ PACKAGE='$PACKAGE'
+ VERSION='$VERSION'
+ TIMESTAMP='$TIMESTAMP'
+ RM='$RM'
+ ofile='$ofile'], [])
+])dnl /_LT_CONFIG_SAVE_COMMANDS
+])# _LT_CONFIG
+
+
+# LT_SUPPORTED_TAG(TAG)
+# ---------------------
+# Trace this macro to discover what tags are supported by the libtool
+# --tag option, using:
+# autoconf --trace 'LT_SUPPORTED_TAG:$1'
+AC_DEFUN([LT_SUPPORTED_TAG], [])
+
+
+# C support is built-in for now
+m4_define([_LT_LANG_C_enabled], [])
+m4_define([_LT_TAGS], [])
+
+
+# LT_LANG(LANG)
+# -------------
+# Enable libtool support for the given language if not already enabled.
+AC_DEFUN([LT_LANG],
+[AC_BEFORE([$0], [LT_OUTPUT])dnl
+m4_case([$1],
+ [C], [_LT_LANG(C)],
+ [C++], [_LT_LANG(CXX)],
+ [Java], [_LT_LANG(GCJ)],
+ [Fortran 77], [_LT_LANG(F77)],
+ [Fortran], [_LT_LANG(FC)],
+ [Windows Resource], [_LT_LANG(RC)],
+ [m4_ifdef([_LT_LANG_]$1[_CONFIG],
+ [_LT_LANG($1)],
+ [m4_fatal([$0: unsupported language: "$1"])])])dnl
+])# LT_LANG
+
+
+# _LT_LANG(LANGNAME)
+# ------------------
+m4_defun([_LT_LANG],
+[m4_ifdef([_LT_LANG_]$1[_enabled], [],
+ [LT_SUPPORTED_TAG([$1])dnl
+ m4_append([_LT_TAGS], [$1 ])dnl
+ m4_define([_LT_LANG_]$1[_enabled], [])dnl
+ _LT_LANG_$1_CONFIG($1)])dnl
+])# _LT_LANG
+
+
+# _LT_LANG_DEFAULT_CONFIG
+# -----------------------
+m4_defun([_LT_LANG_DEFAULT_CONFIG],
+[AC_PROVIDE_IFELSE([AC_PROG_CXX],
+ [LT_LANG(CXX)],
+ [m4_define([AC_PROG_CXX], defn([AC_PROG_CXX])[LT_LANG(CXX)])])
+
+AC_PROVIDE_IFELSE([AC_PROG_F77],
+ [LT_LANG(F77)],
+ [m4_define([AC_PROG_F77], defn([AC_PROG_F77])[LT_LANG(F77)])])
+
+AC_PROVIDE_IFELSE([AC_PROG_FC],
+ [LT_LANG(FC)],
+ [m4_define([AC_PROG_FC], defn([AC_PROG_FC])[LT_LANG(FC)])])
+
+dnl The call to [A][M_PROG_GCJ] is quoted like that to stop aclocal
+dnl pulling things in needlessly.
+AC_PROVIDE_IFELSE([AC_PROG_GCJ],
+ [LT_LANG(GCJ)],
+ [AC_PROVIDE_IFELSE([A][M_PROG_GCJ],
+ [LT_LANG(GCJ)],
+ [AC_PROVIDE_IFELSE([LT_PROG_GCJ],
+ [LT_LANG(GCJ)],
+ [m4_ifdef([AC_PROG_GCJ],
+ [m4_define([AC_PROG_GCJ], defn([AC_PROG_GCJ])[LT_LANG(GCJ)])])
+ m4_ifdef([A][M_PROG_GCJ],
+ [m4_define([A][M_PROG_GCJ], defn([A][M_PROG_GCJ])[LT_LANG(GCJ)])])
+ m4_ifdef([LT_PROG_GCJ],
+ [m4_define([LT_PROG_GCJ], defn([LT_PROG_GCJ])[LT_LANG(GCJ)])])])])])
+
+AC_PROVIDE_IFELSE([LT_PROG_RC],
+ [LT_LANG(RC)],
+ [m4_define([LT_PROG_RC], defn([LT_PROG_RC])[LT_LANG(RC)])])
+])# _LT_LANG_DEFAULT_CONFIG
+
+# Obsolete macros:
+AU_DEFUN([AC_LIBTOOL_CXX], [LT_LANG(C++)])
+AU_DEFUN([AC_LIBTOOL_F77], [LT_LANG(Fortran 77)])
+AU_DEFUN([AC_LIBTOOL_FC], [LT_LANG(Fortran)])
+AU_DEFUN([AC_LIBTOOL_GCJ], [LT_LANG(Java)])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_LIBTOOL_CXX], [])
+dnl AC_DEFUN([AC_LIBTOOL_F77], [])
+dnl AC_DEFUN([AC_LIBTOOL_FC], [])
+dnl AC_DEFUN([AC_LIBTOOL_GCJ], [])
+
+
+# _LT_TAG_COMPILER
+# ----------------
+m4_defun([_LT_TAG_COMPILER],
+[AC_REQUIRE([AC_PROG_CC])dnl
+
+_LT_DECL([LTCC], [CC], [1], [A C compiler])dnl
+_LT_DECL([LTCFLAGS], [CFLAGS], [1], [LTCC compiler flags])dnl
+_LT_TAGDECL([CC], [compiler], [1], [A language specific compiler])dnl
+_LT_TAGDECL([with_gcc], [GCC], [0], [Is the compiler the GNU compiler?])dnl
+
+# If no C compiler was specified, use CC.
+LTCC=${LTCC-"$CC"}
+
+# If no C compiler flags were specified, use CFLAGS.
+LTCFLAGS=${LTCFLAGS-"$CFLAGS"}
+
+# Allow CC to be a program name with arguments.
+compiler=$CC
+])# _LT_TAG_COMPILER
+
+
+# _LT_COMPILER_BOILERPLATE
+# ------------------------
+# Check for compiler boilerplate output or warnings with
+# the simple compiler test code.
+m4_defun([_LT_COMPILER_BOILERPLATE],
+[m4_require([_LT_DECL_SED])dnl
+ac_outfile=conftest.$ac_objext
+echo "$lt_simple_compile_test_code" >conftest.$ac_ext
+eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
+_lt_compiler_boilerplate=`cat conftest.err`
+$RM conftest*
+])# _LT_COMPILER_BOILERPLATE
+
+
+# _LT_LINKER_BOILERPLATE
+# ----------------------
+# Check for linker boilerplate output or warnings with
+# the simple link test code.
+m4_defun([_LT_LINKER_BOILERPLATE],
+[m4_require([_LT_DECL_SED])dnl
+ac_outfile=conftest.$ac_objext
+echo "$lt_simple_link_test_code" >conftest.$ac_ext
+eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
+_lt_linker_boilerplate=`cat conftest.err`
+$RM -r conftest*
+])# _LT_LINKER_BOILERPLATE
+
+# _LT_REQUIRED_DARWIN_CHECKS
+# -------------------------
+m4_defun_once([_LT_REQUIRED_DARWIN_CHECKS],[
+ case $host_os in
+ rhapsody* | darwin*)
+ AC_CHECK_TOOL([DSYMUTIL], [dsymutil], [:])
+ AC_CHECK_TOOL([NMEDIT], [nmedit], [:])
+ AC_CHECK_TOOL([LIPO], [lipo], [:])
+ AC_CHECK_TOOL([OTOOL], [otool], [:])
+ AC_CHECK_TOOL([OTOOL64], [otool64], [:])
+ _LT_DECL([], [DSYMUTIL], [1],
+ [Tool to manipulate archived DWARF debug symbol files on Mac OS X])
+ _LT_DECL([], [NMEDIT], [1],
+ [Tool to change global to local symbols on Mac OS X])
+ _LT_DECL([], [LIPO], [1],
+ [Tool to manipulate fat objects and archives on Mac OS X])
+ _LT_DECL([], [OTOOL], [1],
+ [ldd/readelf like tool for Mach-O binaries on Mac OS X])
+ _LT_DECL([], [OTOOL64], [1],
+ [ldd/readelf like tool for 64 bit Mach-O binaries on Mac OS X 10.4])
+
+ AC_CACHE_CHECK([for -single_module linker flag],[lt_cv_apple_cc_single_mod],
+ [lt_cv_apple_cc_single_mod=no
+ if test -z "${LT_MULTI_MODULE}"; then
+ # By default we will add the -single_module flag. You can override
+ # by either setting the environment variable LT_MULTI_MODULE
+ # non-empty at configure time, or by adding -multi_module to the
+ # link flags.
+ rm -rf libconftest.dylib*
+ echo "int foo(void){return 1;}" > conftest.c
+ echo "$LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \
+-dynamiclib -Wl,-single_module conftest.c" >&AS_MESSAGE_LOG_FD
+ $LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \
+ -dynamiclib -Wl,-single_module conftest.c 2>conftest.err
+ _lt_result=$?
+ if test -f libconftest.dylib && test ! -s conftest.err && test $_lt_result = 0; then
+ lt_cv_apple_cc_single_mod=yes
+ else
+ cat conftest.err >&AS_MESSAGE_LOG_FD
+ fi
+ rm -rf libconftest.dylib*
+ rm -f conftest.*
+ fi])
+ AC_CACHE_CHECK([for -exported_symbols_list linker flag],
+ [lt_cv_ld_exported_symbols_list],
+ [lt_cv_ld_exported_symbols_list=no
+ save_LDFLAGS=$LDFLAGS
+ echo "_main" > conftest.sym
+ LDFLAGS="$LDFLAGS -Wl,-exported_symbols_list,conftest.sym"
+ AC_LINK_IFELSE([AC_LANG_PROGRAM([],[])],
+ [lt_cv_ld_exported_symbols_list=yes],
+ [lt_cv_ld_exported_symbols_list=no])
+ LDFLAGS="$save_LDFLAGS"
+ ])
+ case $host_os in
+ rhapsody* | darwin1.[[012]])
+ _lt_dar_allow_undefined='${wl}-undefined ${wl}suppress' ;;
+ darwin1.*)
+ _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;;
+ darwin*) # darwin 5.x on
+ # if running on 10.5 or later, the deployment target defaults
+ # to the OS version, if on x86, and 10.4, the deployment
+ # target defaults to 10.4. Don't you love it?
+ case ${MACOSX_DEPLOYMENT_TARGET-10.0},$host in
+ 10.0,*86*-darwin8*|10.0,*-darwin[[91]]*)
+ _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;;
+ 10.[[012]]*)
+ _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;;
+ 10.*)
+ _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;;
+ esac
+ ;;
+ esac
+ if test "$lt_cv_apple_cc_single_mod" = "yes"; then
+ _lt_dar_single_mod='$single_module'
+ fi
+ if test "$lt_cv_ld_exported_symbols_list" = "yes"; then
+ _lt_dar_export_syms=' ${wl}-exported_symbols_list,$output_objdir/${libname}-symbols.expsym'
+ else
+ _lt_dar_export_syms='~$NMEDIT -s $output_objdir/${libname}-symbols.expsym ${lib}'
+ fi
+ if test "$DSYMUTIL" != ":"; then
+ _lt_dsymutil='~$DSYMUTIL $lib || :'
+ else
+ _lt_dsymutil=
+ fi
+ ;;
+ esac
+])
+
+
+# _LT_DARWIN_LINKER_FEATURES
+# --------------------------
+# Checks for linker and compiler features on darwin
+m4_defun([_LT_DARWIN_LINKER_FEATURES],
+[
+ m4_require([_LT_REQUIRED_DARWIN_CHECKS])
+ _LT_TAGVAR(archive_cmds_need_lc, $1)=no
+ _LT_TAGVAR(hardcode_direct, $1)=no
+ _LT_TAGVAR(hardcode_automatic, $1)=yes
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported
+ _LT_TAGVAR(whole_archive_flag_spec, $1)=''
+ _LT_TAGVAR(link_all_deplibs, $1)=yes
+ _LT_TAGVAR(allow_undefined_flag, $1)="$_lt_dar_allow_undefined"
+ case $cc_basename in
+ ifort*) _lt_dar_can_shared=yes ;;
+ *) _lt_dar_can_shared=$GCC ;;
+ esac
+ if test "$_lt_dar_can_shared" = "yes"; then
+ output_verbose_link_cmd=echo
+ _LT_TAGVAR(archive_cmds, $1)="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod${_lt_dsymutil}"
+ _LT_TAGVAR(module_cmds, $1)="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dsymutil}"
+ _LT_TAGVAR(archive_expsym_cmds, $1)="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring ${_lt_dar_single_mod}${_lt_dar_export_syms}${_lt_dsymutil}"
+ _LT_TAGVAR(module_expsym_cmds, $1)="sed -e 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dar_export_syms}${_lt_dsymutil}"
+ m4_if([$1], [CXX],
+[ if test "$lt_cv_apple_cc_single_mod" != "yes"; then
+ _LT_TAGVAR(archive_cmds, $1)="\$CC -r -keep_private_externs -nostdlib -o \${lib}-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \${lib}-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring${_lt_dsymutil}"
+ _LT_TAGVAR(archive_expsym_cmds, $1)="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -r -keep_private_externs -nostdlib -o \${lib}-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \${lib}-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring${_lt_dar_export_syms}${_lt_dsymutil}"
+ fi
+],[])
+ else
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ fi
+])
+
+# _LT_SYS_MODULE_PATH_AIX
+# -----------------------
+# Links a minimal program and checks the executable
+# for the system default hardcoded library path. In most cases,
+# this is /usr/lib:/lib, but when the MPI compilers are used
+# the location of the communication and MPI libs are included too.
+# If we don't find anything, use the default library path according
+# to the aix ld manual.
+m4_defun([_LT_SYS_MODULE_PATH_AIX],
+[m4_require([_LT_DECL_SED])dnl
+AC_LINK_IFELSE(AC_LANG_PROGRAM,[
+lt_aix_libpath_sed='
+ /Import File Strings/,/^$/ {
+ /^0/ {
+ s/^0 *\(.*\)$/\1/
+ p
+ }
+ }'
+aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
+# Check for a 64-bit object if we didn't find anything.
+if test -z "$aix_libpath"; then
+ aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
+fi],[])
+if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi
+])# _LT_SYS_MODULE_PATH_AIX
+
+
+# _LT_SHELL_INIT(ARG)
+# -------------------
+m4_define([_LT_SHELL_INIT],
+[ifdef([AC_DIVERSION_NOTICE],
+ [AC_DIVERT_PUSH(AC_DIVERSION_NOTICE)],
+ [AC_DIVERT_PUSH(NOTICE)])
+$1
+AC_DIVERT_POP
+])# _LT_SHELL_INIT
+
+
+# _LT_PROG_ECHO_BACKSLASH
+# -----------------------
+# Add some code to the start of the generated configure script which
+# will find an echo command which doesn't interpret backslashes.
+m4_defun([_LT_PROG_ECHO_BACKSLASH],
+[_LT_SHELL_INIT([
+# Check that we are running under the correct shell.
+SHELL=${CONFIG_SHELL-/bin/sh}
+
+case X$lt_ECHO in
+X*--fallback-echo)
+ # Remove one level of quotation (which was required for Make).
+ ECHO=`echo "$lt_ECHO" | sed 's,\\\\\[$]\\[$]0,'[$]0','`
+ ;;
+esac
+
+ECHO=${lt_ECHO-echo}
+if test "X[$]1" = X--no-reexec; then
+ # Discard the --no-reexec flag, and continue.
+ shift
+elif test "X[$]1" = X--fallback-echo; then
+ # Avoid inline document here, it may be left over
+ :
+elif test "X`{ $ECHO '\t'; } 2>/dev/null`" = 'X\t' ; then
+ # Yippee, $ECHO works!
+ :
+else
+ # Restart under the correct shell.
+ exec $SHELL "[$]0" --no-reexec ${1+"[$]@"}
+fi
+
+if test "X[$]1" = X--fallback-echo; then
+ # used as fallback echo
+ shift
+ cat <<_LT_EOF
+[$]*
+_LT_EOF
+ exit 0
+fi
+
+# The HP-UX ksh and POSIX shell print the target directory to stdout
+# if CDPATH is set.
+(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
+
+if test -z "$lt_ECHO"; then
+ if test "X${echo_test_string+set}" != Xset; then
+ # find a string as large as possible, as long as the shell can cope with it
+ for cmd in 'sed 50q "[$]0"' 'sed 20q "[$]0"' 'sed 10q "[$]0"' 'sed 2q "[$]0"' 'echo test'; do
+ # expected sizes: less than 2Kb, 1Kb, 512 bytes, 16 bytes, ...
+ if { echo_test_string=`eval $cmd`; } 2>/dev/null &&
+ { test "X$echo_test_string" = "X$echo_test_string"; } 2>/dev/null
+ then
+ break
+ fi
+ done
+ fi
+
+ if test "X`{ $ECHO '\t'; } 2>/dev/null`" = 'X\t' &&
+ echo_testing_string=`{ $ECHO "$echo_test_string"; } 2>/dev/null` &&
+ test "X$echo_testing_string" = "X$echo_test_string"; then
+ :
+ else
+ # The Solaris, AIX, and Digital Unix default echo programs unquote
+ # backslashes. This makes it impossible to quote backslashes using
+ # echo "$something" | sed 's/\\/\\\\/g'
+ #
+ # So, first we look for a working echo in the user's PATH.
+
+ lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
+ for dir in $PATH /usr/ucb; do
+ IFS="$lt_save_ifs"
+ if (test -f $dir/echo || test -f $dir/echo$ac_exeext) &&
+ test "X`($dir/echo '\t') 2>/dev/null`" = 'X\t' &&
+ echo_testing_string=`($dir/echo "$echo_test_string") 2>/dev/null` &&
+ test "X$echo_testing_string" = "X$echo_test_string"; then
+ ECHO="$dir/echo"
+ break
+ fi
+ done
+ IFS="$lt_save_ifs"
+
+ if test "X$ECHO" = Xecho; then
+ # We didn't find a better echo, so look for alternatives.
+ if test "X`{ print -r '\t'; } 2>/dev/null`" = 'X\t' &&
+ echo_testing_string=`{ print -r "$echo_test_string"; } 2>/dev/null` &&
+ test "X$echo_testing_string" = "X$echo_test_string"; then
+ # This shell has a builtin print -r that does the trick.
+ ECHO='print -r'
+ elif { test -f /bin/ksh || test -f /bin/ksh$ac_exeext; } &&
+ test "X$CONFIG_SHELL" != X/bin/ksh; then
+ # If we have ksh, try running configure again with it.
+ ORIGINAL_CONFIG_SHELL=${CONFIG_SHELL-/bin/sh}
+ export ORIGINAL_CONFIG_SHELL
+ CONFIG_SHELL=/bin/ksh
+ export CONFIG_SHELL
+ exec $CONFIG_SHELL "[$]0" --no-reexec ${1+"[$]@"}
+ else
+ # Try using printf.
+ ECHO='printf %s\n'
+ if test "X`{ $ECHO '\t'; } 2>/dev/null`" = 'X\t' &&
+ echo_testing_string=`{ $ECHO "$echo_test_string"; } 2>/dev/null` &&
+ test "X$echo_testing_string" = "X$echo_test_string"; then
+ # Cool, printf works
+ :
+ elif echo_testing_string=`($ORIGINAL_CONFIG_SHELL "[$]0" --fallback-echo '\t') 2>/dev/null` &&
+ test "X$echo_testing_string" = 'X\t' &&
+ echo_testing_string=`($ORIGINAL_CONFIG_SHELL "[$]0" --fallback-echo "$echo_test_string") 2>/dev/null` &&
+ test "X$echo_testing_string" = "X$echo_test_string"; then
+ CONFIG_SHELL=$ORIGINAL_CONFIG_SHELL
+ export CONFIG_SHELL
+ SHELL="$CONFIG_SHELL"
+ export SHELL
+ ECHO="$CONFIG_SHELL [$]0 --fallback-echo"
+ elif echo_testing_string=`($CONFIG_SHELL "[$]0" --fallback-echo '\t') 2>/dev/null` &&
+ test "X$echo_testing_string" = 'X\t' &&
+ echo_testing_string=`($CONFIG_SHELL "[$]0" --fallback-echo "$echo_test_string") 2>/dev/null` &&
+ test "X$echo_testing_string" = "X$echo_test_string"; then
+ ECHO="$CONFIG_SHELL [$]0 --fallback-echo"
+ else
+ # maybe with a smaller string...
+ prev=:
+
+ for cmd in 'echo test' 'sed 2q "[$]0"' 'sed 10q "[$]0"' 'sed 20q "[$]0"' 'sed 50q "[$]0"'; do
+ if { test "X$echo_test_string" = "X`eval $cmd`"; } 2>/dev/null
+ then
+ break
+ fi
+ prev="$cmd"
+ done
+
+ if test "$prev" != 'sed 50q "[$]0"'; then
+ echo_test_string=`eval $prev`
+ export echo_test_string
+ exec ${ORIGINAL_CONFIG_SHELL-${CONFIG_SHELL-/bin/sh}} "[$]0" ${1+"[$]@"}
+ else
+ # Oops. We lost completely, so just stick with echo.
+ ECHO=echo
+ fi
+ fi
+ fi
+ fi
+ fi
+fi
+
+# Copy echo and quote the copy suitably for passing to libtool from
+# the Makefile, instead of quoting the original, which is used later.
+lt_ECHO=$ECHO
+if test "X$lt_ECHO" = "X$CONFIG_SHELL [$]0 --fallback-echo"; then
+ lt_ECHO="$CONFIG_SHELL \\\$\[$]0 --fallback-echo"
+fi
+
+AC_SUBST(lt_ECHO)
+])
+_LT_DECL([], [SHELL], [1], [Shell to use when invoking shell scripts])
+_LT_DECL([], [ECHO], [1],
+ [An echo program that does not interpret backslashes])
+])# _LT_PROG_ECHO_BACKSLASH
+
+
+# _LT_ENABLE_LOCK
+# ---------------
+m4_defun([_LT_ENABLE_LOCK],
+[AC_ARG_ENABLE([libtool-lock],
+ [AS_HELP_STRING([--disable-libtool-lock],
+ [avoid locking (might break parallel builds)])])
+test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes
+
+# Some flags need to be propagated to the compiler or linker for good
+# libtool support.
+case $host in
+ia64-*-hpux*)
+ # Find out which ABI we are using.
+ echo 'int i;' > conftest.$ac_ext
+ if AC_TRY_EVAL(ac_compile); then
+ case `/usr/bin/file conftest.$ac_objext` in
+ *ELF-32*)
+ HPUX_IA64_MODE="32"
+ ;;
+ *ELF-64*)
+ HPUX_IA64_MODE="64"
+ ;;
+ esac
+ fi
+ rm -rf conftest*
+ ;;
+*-*-irix6*)
+ # Find out which ABI we are using.
+ echo '[#]line __oline__ "configure"' > conftest.$ac_ext
+ if AC_TRY_EVAL(ac_compile); then
+ if test "$lt_cv_prog_gnu_ld" = yes; then
+ case `/usr/bin/file conftest.$ac_objext` in
+ *32-bit*)
+ LD="${LD-ld} -melf32bsmip"
+ ;;
+ *N32*)
+ LD="${LD-ld} -melf32bmipn32"
+ ;;
+ *64-bit*)
+ LD="${LD-ld} -melf64bmip"
+ ;;
+ esac
+ else
+ case `/usr/bin/file conftest.$ac_objext` in
+ *32-bit*)
+ LD="${LD-ld} -32"
+ ;;
+ *N32*)
+ LD="${LD-ld} -n32"
+ ;;
+ *64-bit*)
+ LD="${LD-ld} -64"
+ ;;
+ esac
+ fi
+ fi
+ rm -rf conftest*
+ ;;
+
+x86_64-*kfreebsd*-gnu|x86_64-*linux*|ppc*-*linux*|powerpc*-*linux*| \
+s390*-*linux*|s390*-*tpf*|sparc*-*linux*)
+ # Find out which ABI we are using.
+ echo 'int i;' > conftest.$ac_ext
+ if AC_TRY_EVAL(ac_compile); then
+ case `/usr/bin/file conftest.o` in
+ *32-bit*)
+ case $host in
+ x86_64-*kfreebsd*-gnu)
+ LD="${LD-ld} -m elf_i386_fbsd"
+ ;;
+ x86_64-*linux*)
+ LD="${LD-ld} -m elf_i386"
+ ;;
+ ppc64-*linux*|powerpc64-*linux*)
+ LD="${LD-ld} -m elf32ppclinux"
+ ;;
+ s390x-*linux*)
+ LD="${LD-ld} -m elf_s390"
+ ;;
+ sparc64-*linux*)
+ LD="${LD-ld} -m elf32_sparc"
+ ;;
+ esac
+ ;;
+ *64-bit*)
+ case $host in
+ x86_64-*kfreebsd*-gnu)
+ LD="${LD-ld} -m elf_x86_64_fbsd"
+ ;;
+ x86_64-*linux*)
+ LD="${LD-ld} -m elf_x86_64"
+ ;;
+ ppc*-*linux*|powerpc*-*linux*)
+ LD="${LD-ld} -m elf64ppc"
+ ;;
+ s390*-*linux*|s390*-*tpf*)
+ LD="${LD-ld} -m elf64_s390"
+ ;;
+ sparc*-*linux*)
+ LD="${LD-ld} -m elf64_sparc"
+ ;;
+ esac
+ ;;
+ esac
+ fi
+ rm -rf conftest*
+ ;;
+
+*-*-sco3.2v5*)
+ # On SCO OpenServer 5, we need -belf to get full-featured binaries.
+ SAVE_CFLAGS="$CFLAGS"
+ CFLAGS="$CFLAGS -belf"
+ AC_CACHE_CHECK([whether the C compiler needs -belf], lt_cv_cc_needs_belf,
+ [AC_LANG_PUSH(C)
+ AC_LINK_IFELSE([AC_LANG_PROGRAM([[]],[[]])],[lt_cv_cc_needs_belf=yes],[lt_cv_cc_needs_belf=no])
+ AC_LANG_POP])
+ if test x"$lt_cv_cc_needs_belf" != x"yes"; then
+ # this is probably gcc 2.8.0, egcs 1.0 or newer; no need for -belf
+ CFLAGS="$SAVE_CFLAGS"
+ fi
+ ;;
+sparc*-*solaris*)
+ # Find out which ABI we are using.
+ echo 'int i;' > conftest.$ac_ext
+ if AC_TRY_EVAL(ac_compile); then
+ case `/usr/bin/file conftest.o` in
+ *64-bit*)
+ case $lt_cv_prog_gnu_ld in
+ yes*) LD="${LD-ld} -m elf64_sparc" ;;
+ *)
+ if ${LD-ld} -64 -r -o conftest2.o conftest.o >/dev/null 2>&1; then
+ LD="${LD-ld} -64"
+ fi
+ ;;
+ esac
+ ;;
+ esac
+ fi
+ rm -rf conftest*
+ ;;
+esac
+
+need_locks="$enable_libtool_lock"
+])# _LT_ENABLE_LOCK
+
+
+# _LT_CMD_OLD_ARCHIVE
+# -------------------
+m4_defun([_LT_CMD_OLD_ARCHIVE],
+[AC_CHECK_TOOL(AR, ar, false)
+test -z "$AR" && AR=ar
+test -z "$AR_FLAGS" && AR_FLAGS=cru
+_LT_DECL([], [AR], [1], [The archiver])
+_LT_DECL([], [AR_FLAGS], [1])
+
+AC_CHECK_TOOL(STRIP, strip, :)
+test -z "$STRIP" && STRIP=:
+_LT_DECL([], [STRIP], [1], [A symbol stripping program])
+
+AC_CHECK_TOOL(RANLIB, ranlib, :)
+test -z "$RANLIB" && RANLIB=:
+_LT_DECL([], [RANLIB], [1],
+ [Commands used to install an old-style archive])
+
+# Determine commands to create old-style static archives.
+old_archive_cmds='$AR $AR_FLAGS $oldlib$oldobjs'
+old_postinstall_cmds='chmod 644 $oldlib'
+old_postuninstall_cmds=
+
+if test -n "$RANLIB"; then
+ case $host_os in
+ openbsd*)
+ old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$oldlib"
+ ;;
+ *)
+ old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$oldlib"
+ ;;
+ esac
+ old_archive_cmds="$old_archive_cmds~\$RANLIB \$oldlib"
+fi
+_LT_DECL([], [old_postinstall_cmds], [2])
+_LT_DECL([], [old_postuninstall_cmds], [2])
+_LT_TAGDECL([], [old_archive_cmds], [2],
+ [Commands used to build an old-style archive])
+])# _LT_CMD_OLD_ARCHIVE
+
+
+# _LT_COMPILER_OPTION(MESSAGE, VARIABLE-NAME, FLAGS,
+# [OUTPUT-FILE], [ACTION-SUCCESS], [ACTION-FAILURE])
+# ----------------------------------------------------------------
+# Check whether the given compiler option works
+AC_DEFUN([_LT_COMPILER_OPTION],
+[m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+m4_require([_LT_DECL_SED])dnl
+AC_CACHE_CHECK([$1], [$2],
+ [$2=no
+ m4_if([$4], , [ac_outfile=conftest.$ac_objext], [ac_outfile=$4])
+ echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+ lt_compiler_flag="$3"
+ # Insert the option either (1) after the last *FLAGS variable, or
+ # (2) before a word containing "conftest.", or (3) at the end.
+ # Note that $ac_compile itself does not contain backslashes and begins
+ # with a dollar sign (not a hyphen), so the echo should work correctly.
+ # The option is referenced via a variable to avoid confusing sed.
+ lt_compile=`echo "$ac_compile" | $SED \
+ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+ -e 's: [[^ ]]*conftest\.: $lt_compiler_flag&:; t' \
+ -e 's:$: $lt_compiler_flag:'`
+ (eval echo "\"\$as_me:__oline__: $lt_compile\"" >&AS_MESSAGE_LOG_FD)
+ (eval "$lt_compile" 2>conftest.err)
+ ac_status=$?
+ cat conftest.err >&AS_MESSAGE_LOG_FD
+ echo "$as_me:__oline__: \$? = $ac_status" >&AS_MESSAGE_LOG_FD
+ if (exit $ac_status) && test -s "$ac_outfile"; then
+ # The compiler can only warn and ignore the option if not recognized
+ # So say no if there are warnings other than the usual output.
+ $ECHO "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp
+ $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+ if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then
+ $2=yes
+ fi
+ fi
+ $RM conftest*
+])
+
+if test x"[$]$2" = xyes; then
+ m4_if([$5], , :, [$5])
+else
+ m4_if([$6], , :, [$6])
+fi
+])# _LT_COMPILER_OPTION
+
+# Old name:
+AU_ALIAS([AC_LIBTOOL_COMPILER_OPTION], [_LT_COMPILER_OPTION])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_LIBTOOL_COMPILER_OPTION], [])
+
+
+# _LT_LINKER_OPTION(MESSAGE, VARIABLE-NAME, FLAGS,
+# [ACTION-SUCCESS], [ACTION-FAILURE])
+# ----------------------------------------------------
+# Check whether the given linker option works
+AC_DEFUN([_LT_LINKER_OPTION],
+[m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+m4_require([_LT_DECL_SED])dnl
+AC_CACHE_CHECK([$1], [$2],
+ [$2=no
+ save_LDFLAGS="$LDFLAGS"
+ LDFLAGS="$LDFLAGS $3"
+ echo "$lt_simple_link_test_code" > conftest.$ac_ext
+ if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then
+ # The linker can only warn and ignore the option if not recognized
+ # So say no if there are warnings
+ if test -s conftest.err; then
+ # Append any errors to the config.log.
+ cat conftest.err 1>&AS_MESSAGE_LOG_FD
+ $ECHO "X$_lt_linker_boilerplate" | $Xsed -e '/^$/d' > conftest.exp
+ $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+ if diff conftest.exp conftest.er2 >/dev/null; then
+ $2=yes
+ fi
+ else
+ $2=yes
+ fi
+ fi
+ $RM -r conftest*
+ LDFLAGS="$save_LDFLAGS"
+])
+
+if test x"[$]$2" = xyes; then
+ m4_if([$4], , :, [$4])
+else
+ m4_if([$5], , :, [$5])
+fi
+])# _LT_LINKER_OPTION
+
+# Old name:
+AU_ALIAS([AC_LIBTOOL_LINKER_OPTION], [_LT_LINKER_OPTION])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_LIBTOOL_LINKER_OPTION], [])
+
+
+# LT_CMD_MAX_LEN
+#---------------
+AC_DEFUN([LT_CMD_MAX_LEN],
+[AC_REQUIRE([AC_CANONICAL_HOST])dnl
+# find the maximum length of command line arguments
+AC_MSG_CHECKING([the maximum length of command line arguments])
+AC_CACHE_VAL([lt_cv_sys_max_cmd_len], [dnl
+ i=0
+ teststring="ABCD"
+
+ case $build_os in
+ msdosdjgpp*)
+ # On DJGPP, this test can blow up pretty badly due to problems in libc
+ # (any single argument exceeding 2000 bytes causes a buffer overrun
+ # during glob expansion). Even if it were fixed, the result of this
+ # check would be larger than it should be.
+ lt_cv_sys_max_cmd_len=12288; # 12K is about right
+ ;;
+
+ gnu*)
+ # Under GNU Hurd, this test is not required because there is
+ # no limit to the length of command line arguments.
+ # Libtool will interpret -1 as no limit whatsoever
+ lt_cv_sys_max_cmd_len=-1;
+ ;;
+
+ cygwin* | mingw* | cegcc*)
+ # On Win9x/ME, this test blows up -- it succeeds, but takes
+ # about 5 minutes as the teststring grows exponentially.
+ # Worse, since 9x/ME are not pre-emptively multitasking,
+ # you end up with a "frozen" computer, even though with patience
+ # the test eventually succeeds (with a max line length of 256k).
+ # Instead, let's just punt: use the minimum linelength reported by
+ # all of the supported platforms: 8192 (on NT/2K/XP).
+ lt_cv_sys_max_cmd_len=8192;
+ ;;
+
+ amigaos*)
+ # On AmigaOS with pdksh, this test takes hours, literally.
+ # So we just punt and use a minimum line length of 8192.
+ lt_cv_sys_max_cmd_len=8192;
+ ;;
+
+ netbsd* | freebsd* | openbsd* | darwin* | dragonfly*)
+ # This has been around since 386BSD, at least. Likely further.
+ if test -x /sbin/sysctl; then
+ lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax`
+ elif test -x /usr/sbin/sysctl; then
+ lt_cv_sys_max_cmd_len=`/usr/sbin/sysctl -n kern.argmax`
+ else
+ lt_cv_sys_max_cmd_len=65536 # usable default for all BSDs
+ fi
+ # And add a safety zone
+ lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4`
+ lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3`
+ ;;
+
+ interix*)
+ # We know the value 262144 and hardcode it with a safety zone (like BSD)
+ lt_cv_sys_max_cmd_len=196608
+ ;;
+
+ osf*)
+ # Dr. Hans Ekkehard Plesser reports seeing a kernel panic running configure
+ # due to this test when exec_disable_arg_limit is 1 on Tru64. It is not
+ # nice to cause kernel panics so lets avoid the loop below.
+ # First set a reasonable default.
+ lt_cv_sys_max_cmd_len=16384
+ #
+ if test -x /sbin/sysconfig; then
+ case `/sbin/sysconfig -q proc exec_disable_arg_limit` in
+ *1*) lt_cv_sys_max_cmd_len=-1 ;;
+ esac
+ fi
+ ;;
+ sco3.2v5*)
+ lt_cv_sys_max_cmd_len=102400
+ ;;
+ sysv5* | sco5v6* | sysv4.2uw2*)
+ kargmax=`grep ARG_MAX /etc/conf/cf.d/stune 2>/dev/null`
+ if test -n "$kargmax"; then
+ lt_cv_sys_max_cmd_len=`echo $kargmax | sed 's/.*[[ ]]//'`
+ else
+ lt_cv_sys_max_cmd_len=32768
+ fi
+ ;;
+ *)
+ lt_cv_sys_max_cmd_len=`(getconf ARG_MAX) 2> /dev/null`
+ if test -n "$lt_cv_sys_max_cmd_len"; then
+ lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4`
+ lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3`
+ else
+ # Make teststring a little bigger before we do anything with it.
+ # a 1K string should be a reasonable start.
+ for i in 1 2 3 4 5 6 7 8 ; do
+ teststring=$teststring$teststring
+ done
+ SHELL=${SHELL-${CONFIG_SHELL-/bin/sh}}
+ # If test is not a shell built-in, we'll probably end up computing a
+ # maximum length that is only half of the actual maximum length, but
+ # we can't tell.
+ while { test "X"`$SHELL [$]0 --fallback-echo "X$teststring$teststring" 2>/dev/null` \
+ = "XX$teststring$teststring"; } >/dev/null 2>&1 &&
+ test $i != 17 # 1/2 MB should be enough
+ do
+ i=`expr $i + 1`
+ teststring=$teststring$teststring
+ done
+ # Only check the string length outside the loop.
+ lt_cv_sys_max_cmd_len=`expr "X$teststring" : ".*" 2>&1`
+ teststring=
+ # Add a significant safety factor because C++ compilers can tack on
+ # massive amounts of additional arguments before passing them to the
+ # linker. It appears as though 1/2 is a usable value.
+ lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 2`
+ fi
+ ;;
+ esac
+])
+if test -n $lt_cv_sys_max_cmd_len ; then
+ AC_MSG_RESULT($lt_cv_sys_max_cmd_len)
+else
+ AC_MSG_RESULT(none)
+fi
+max_cmd_len=$lt_cv_sys_max_cmd_len
+_LT_DECL([], [max_cmd_len], [0],
+ [What is the maximum length of a command?])
+])# LT_CMD_MAX_LEN
+
+# Old name:
+AU_ALIAS([AC_LIBTOOL_SYS_MAX_CMD_LEN], [LT_CMD_MAX_LEN])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_LIBTOOL_SYS_MAX_CMD_LEN], [])
+
+
+# _LT_HEADER_DLFCN
+# ----------------
+m4_defun([_LT_HEADER_DLFCN],
+[AC_CHECK_HEADERS([dlfcn.h], [], [], [AC_INCLUDES_DEFAULT])dnl
+])# _LT_HEADER_DLFCN
+
+
+# _LT_TRY_DLOPEN_SELF (ACTION-IF-TRUE, ACTION-IF-TRUE-W-USCORE,
+# ACTION-IF-FALSE, ACTION-IF-CROSS-COMPILING)
+# ----------------------------------------------------------------
+m4_defun([_LT_TRY_DLOPEN_SELF],
+[m4_require([_LT_HEADER_DLFCN])dnl
+if test "$cross_compiling" = yes; then :
+ [$4]
+else
+ lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
+ lt_status=$lt_dlunknown
+ cat > conftest.$ac_ext <<_LT_EOF
+[#line __oline__ "configure"
+#include "confdefs.h"
+
+#if HAVE_DLFCN_H
+#include <dlfcn.h>
+#endif
+
+#include <stdio.h>
+
+#ifdef RTLD_GLOBAL
+# define LT_DLGLOBAL RTLD_GLOBAL
+#else
+# ifdef DL_GLOBAL
+# define LT_DLGLOBAL DL_GLOBAL
+# else
+# define LT_DLGLOBAL 0
+# endif
+#endif
+
+/* We may have to define LT_DLLAZY_OR_NOW in the command line if we
+ find out it does not work in some platform. */
+#ifndef LT_DLLAZY_OR_NOW
+# ifdef RTLD_LAZY
+# define LT_DLLAZY_OR_NOW RTLD_LAZY
+# else
+# ifdef DL_LAZY
+# define LT_DLLAZY_OR_NOW DL_LAZY
+# else
+# ifdef RTLD_NOW
+# define LT_DLLAZY_OR_NOW RTLD_NOW
+# else
+# ifdef DL_NOW
+# define LT_DLLAZY_OR_NOW DL_NOW
+# else
+# define LT_DLLAZY_OR_NOW 0
+# endif
+# endif
+# endif
+# endif
+#endif
+
+void fnord() { int i=42;}
+int main ()
+{
+ void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW);
+ int status = $lt_dlunknown;
+
+ if (self)
+ {
+ if (dlsym (self,"fnord")) status = $lt_dlno_uscore;
+ else if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore;
+ /* dlclose (self); */
+ }
+ else
+ puts (dlerror ());
+
+ return status;
+}]
+_LT_EOF
+ if AC_TRY_EVAL(ac_link) && test -s conftest${ac_exeext} 2>/dev/null; then
+ (./conftest; exit; ) >&AS_MESSAGE_LOG_FD 2>/dev/null
+ lt_status=$?
+ case x$lt_status in
+ x$lt_dlno_uscore) $1 ;;
+ x$lt_dlneed_uscore) $2 ;;
+ x$lt_dlunknown|x*) $3 ;;
+ esac
+ else :
+ # compilation failed
+ $3
+ fi
+fi
+rm -fr conftest*
+])# _LT_TRY_DLOPEN_SELF
+
+
+# LT_SYS_DLOPEN_SELF
+# ------------------
+AC_DEFUN([LT_SYS_DLOPEN_SELF],
+[m4_require([_LT_HEADER_DLFCN])dnl
+if test "x$enable_dlopen" != xyes; then
+ enable_dlopen=unknown
+ enable_dlopen_self=unknown
+ enable_dlopen_self_static=unknown
+else
+ lt_cv_dlopen=no
+ lt_cv_dlopen_libs=
+
+ case $host_os in
+ beos*)
+ lt_cv_dlopen="load_add_on"
+ lt_cv_dlopen_libs=
+ lt_cv_dlopen_self=yes
+ ;;
+
+ mingw* | pw32* | cegcc*)
+ lt_cv_dlopen="LoadLibrary"
+ lt_cv_dlopen_libs=
+ ;;
+
+ cygwin*)
+ lt_cv_dlopen="dlopen"
+ lt_cv_dlopen_libs=
+ ;;
+
+ darwin*)
+ # if libdl is installed we need to link against it
+ AC_CHECK_LIB([dl], [dlopen],
+ [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"],[
+ lt_cv_dlopen="dyld"
+ lt_cv_dlopen_libs=
+ lt_cv_dlopen_self=yes
+ ])
+ ;;
+
+ *)
+ AC_CHECK_FUNC([shl_load],
+ [lt_cv_dlopen="shl_load"],
+ [AC_CHECK_LIB([dld], [shl_load],
+ [lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-ldld"],
+ [AC_CHECK_FUNC([dlopen],
+ [lt_cv_dlopen="dlopen"],
+ [AC_CHECK_LIB([dl], [dlopen],
+ [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"],
+ [AC_CHECK_LIB([svld], [dlopen],
+ [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-lsvld"],
+ [AC_CHECK_LIB([dld], [dld_link],
+ [lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-ldld"])
+ ])
+ ])
+ ])
+ ])
+ ])
+ ;;
+ esac
+
+ if test "x$lt_cv_dlopen" != xno; then
+ enable_dlopen=yes
+ else
+ enable_dlopen=no
+ fi
+
+ case $lt_cv_dlopen in
+ dlopen)
+ save_CPPFLAGS="$CPPFLAGS"
+ test "x$ac_cv_header_dlfcn_h" = xyes && CPPFLAGS="$CPPFLAGS -DHAVE_DLFCN_H"
+
+ save_LDFLAGS="$LDFLAGS"
+ wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $export_dynamic_flag_spec\"
+
+ save_LIBS="$LIBS"
+ LIBS="$lt_cv_dlopen_libs $LIBS"
+
+ AC_CACHE_CHECK([whether a program can dlopen itself],
+ lt_cv_dlopen_self, [dnl
+ _LT_TRY_DLOPEN_SELF(
+ lt_cv_dlopen_self=yes, lt_cv_dlopen_self=yes,
+ lt_cv_dlopen_self=no, lt_cv_dlopen_self=cross)
+ ])
+
+ if test "x$lt_cv_dlopen_self" = xyes; then
+ wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $lt_prog_compiler_static\"
+ AC_CACHE_CHECK([whether a statically linked program can dlopen itself],
+ lt_cv_dlopen_self_static, [dnl
+ _LT_TRY_DLOPEN_SELF(
+ lt_cv_dlopen_self_static=yes, lt_cv_dlopen_self_static=yes,
+ lt_cv_dlopen_self_static=no, lt_cv_dlopen_self_static=cross)
+ ])
+ fi
+
+ CPPFLAGS="$save_CPPFLAGS"
+ LDFLAGS="$save_LDFLAGS"
+ LIBS="$save_LIBS"
+ ;;
+ esac
+
+ case $lt_cv_dlopen_self in
+ yes|no) enable_dlopen_self=$lt_cv_dlopen_self ;;
+ *) enable_dlopen_self=unknown ;;
+ esac
+
+ case $lt_cv_dlopen_self_static in
+ yes|no) enable_dlopen_self_static=$lt_cv_dlopen_self_static ;;
+ *) enable_dlopen_self_static=unknown ;;
+ esac
+fi
+_LT_DECL([dlopen_support], [enable_dlopen], [0],
+ [Whether dlopen is supported])
+_LT_DECL([dlopen_self], [enable_dlopen_self], [0],
+ [Whether dlopen of programs is supported])
+_LT_DECL([dlopen_self_static], [enable_dlopen_self_static], [0],
+ [Whether dlopen of statically linked programs is supported])
+])# LT_SYS_DLOPEN_SELF
+
+# Old name:
+AU_ALIAS([AC_LIBTOOL_DLOPEN_SELF], [LT_SYS_DLOPEN_SELF])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_LIBTOOL_DLOPEN_SELF], [])
+
+
+# _LT_COMPILER_C_O([TAGNAME])
+# ---------------------------
+# Check to see if options -c and -o are simultaneously supported by compiler.
+# This macro does not hard code the compiler like AC_PROG_CC_C_O.
+m4_defun([_LT_COMPILER_C_O],
+[m4_require([_LT_DECL_SED])dnl
+m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+m4_require([_LT_TAG_COMPILER])dnl
+AC_CACHE_CHECK([if $compiler supports -c -o file.$ac_objext],
+ [_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)],
+ [_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)=no
+ $RM -r conftest 2>/dev/null
+ mkdir conftest
+ cd conftest
+ mkdir out
+ echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+ lt_compiler_flag="-o out/conftest2.$ac_objext"
+ # Insert the option either (1) after the last *FLAGS variable, or
+ # (2) before a word containing "conftest.", or (3) at the end.
+ # Note that $ac_compile itself does not contain backslashes and begins
+ # with a dollar sign (not a hyphen), so the echo should work correctly.
+ lt_compile=`echo "$ac_compile" | $SED \
+ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+ -e 's: [[^ ]]*conftest\.: $lt_compiler_flag&:; t' \
+ -e 's:$: $lt_compiler_flag:'`
+ (eval echo "\"\$as_me:__oline__: $lt_compile\"" >&AS_MESSAGE_LOG_FD)
+ (eval "$lt_compile" 2>out/conftest.err)
+ ac_status=$?
+ cat out/conftest.err >&AS_MESSAGE_LOG_FD
+ echo "$as_me:__oline__: \$? = $ac_status" >&AS_MESSAGE_LOG_FD
+ if (exit $ac_status) && test -s out/conftest2.$ac_objext
+ then
+ # The compiler can only warn and ignore the option if not recognized
+ # So say no if there are warnings
+ $ECHO "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' > out/conftest.exp
+ $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2
+ if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then
+ _LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)=yes
+ fi
+ fi
+ chmod u+w . 2>&AS_MESSAGE_LOG_FD
+ $RM conftest*
+ # SGI C++ compiler will create directory out/ii_files/ for
+ # template instantiation
+ test -d out/ii_files && $RM out/ii_files/* && rmdir out/ii_files
+ $RM out/* && rmdir out
+ cd ..
+ $RM -r conftest
+ $RM conftest*
+])
+_LT_TAGDECL([compiler_c_o], [lt_cv_prog_compiler_c_o], [1],
+ [Does compiler simultaneously support -c and -o options?])
+])# _LT_COMPILER_C_O
+
+
+# _LT_COMPILER_FILE_LOCKS([TAGNAME])
+# ----------------------------------
+# Check to see if we can do hard links to lock some files if needed
+m4_defun([_LT_COMPILER_FILE_LOCKS],
+[m4_require([_LT_ENABLE_LOCK])dnl
+m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+_LT_COMPILER_C_O([$1])
+
+hard_links="nottested"
+if test "$_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)" = no && test "$need_locks" != no; then
+ # do not overwrite the value of need_locks provided by the user
+ AC_MSG_CHECKING([if we can lock with hard links])
+ hard_links=yes
+ $RM conftest*
+ ln conftest.a conftest.b 2>/dev/null && hard_links=no
+ touch conftest.a
+ ln conftest.a conftest.b 2>&5 || hard_links=no
+ ln conftest.a conftest.b 2>/dev/null && hard_links=no
+ AC_MSG_RESULT([$hard_links])
+ if test "$hard_links" = no; then
+ AC_MSG_WARN([`$CC' does not support `-c -o', so `make -j' may be unsafe])
+ need_locks=warn
+ fi
+else
+ need_locks=no
+fi
+_LT_DECL([], [need_locks], [1], [Must we lock files when doing compilation?])
+])# _LT_COMPILER_FILE_LOCKS
+
+
+# _LT_CHECK_OBJDIR
+# ----------------
+m4_defun([_LT_CHECK_OBJDIR],
+[AC_CACHE_CHECK([for objdir], [lt_cv_objdir],
+[rm -f .libs 2>/dev/null
+mkdir .libs 2>/dev/null
+if test -d .libs; then
+ lt_cv_objdir=.libs
+else
+ # MS-DOS does not allow filenames that begin with a dot.
+ lt_cv_objdir=_libs
+fi
+rmdir .libs 2>/dev/null])
+objdir=$lt_cv_objdir
+_LT_DECL([], [objdir], [0],
+ [The name of the directory that contains temporary libtool files])dnl
+m4_pattern_allow([LT_OBJDIR])dnl
+AC_DEFINE_UNQUOTED(LT_OBJDIR, "$lt_cv_objdir/",
+ [Define to the sub-directory in which libtool stores uninstalled libraries.])
+])# _LT_CHECK_OBJDIR
+
+
+# _LT_LINKER_HARDCODE_LIBPATH([TAGNAME])
+# --------------------------------------
+# Check hardcoding attributes.
+m4_defun([_LT_LINKER_HARDCODE_LIBPATH],
+[AC_MSG_CHECKING([how to hardcode library paths into programs])
+_LT_TAGVAR(hardcode_action, $1)=
+if test -n "$_LT_TAGVAR(hardcode_libdir_flag_spec, $1)" ||
+ test -n "$_LT_TAGVAR(runpath_var, $1)" ||
+ test "X$_LT_TAGVAR(hardcode_automatic, $1)" = "Xyes" ; then
+
+ # We can hardcode non-existent directories.
+ if test "$_LT_TAGVAR(hardcode_direct, $1)" != no &&
+ # If the only mechanism to avoid hardcoding is shlibpath_var, we
+ # have to relink, otherwise we might link with an installed library
+ # when we should be linking with a yet-to-be-installed one
+ ## test "$_LT_TAGVAR(hardcode_shlibpath_var, $1)" != no &&
+ test "$_LT_TAGVAR(hardcode_minus_L, $1)" != no; then
+ # Linking always hardcodes the temporary library directory.
+ _LT_TAGVAR(hardcode_action, $1)=relink
+ else
+ # We can link without hardcoding, and we can hardcode nonexisting dirs.
+ _LT_TAGVAR(hardcode_action, $1)=immediate
+ fi
+else
+ # We cannot hardcode anything, or else we can only hardcode existing
+ # directories.
+ _LT_TAGVAR(hardcode_action, $1)=unsupported
+fi
+AC_MSG_RESULT([$_LT_TAGVAR(hardcode_action, $1)])
+
+if test "$_LT_TAGVAR(hardcode_action, $1)" = relink ||
+ test "$_LT_TAGVAR(inherit_rpath, $1)" = yes; then
+ # Fast installation is not supported
+ enable_fast_install=no
+elif test "$shlibpath_overrides_runpath" = yes ||
+ test "$enable_shared" = no; then
+ # Fast installation is not necessary
+ enable_fast_install=needless
+fi
+_LT_TAGDECL([], [hardcode_action], [0],
+ [How to hardcode a shared library path into an executable])
+])# _LT_LINKER_HARDCODE_LIBPATH
+
+
+# _LT_CMD_STRIPLIB
+# ----------------
+m4_defun([_LT_CMD_STRIPLIB],
+[m4_require([_LT_DECL_EGREP])
+striplib=
+old_striplib=
+AC_MSG_CHECKING([whether stripping libraries is possible])
+if test -n "$STRIP" && $STRIP -V 2>&1 | $GREP "GNU strip" >/dev/null; then
+ test -z "$old_striplib" && old_striplib="$STRIP --strip-debug"
+ test -z "$striplib" && striplib="$STRIP --strip-unneeded"
+ AC_MSG_RESULT([yes])
+else
+# FIXME - insert some real tests, host_os isn't really good enough
+ case $host_os in
+ darwin*)
+ if test -n "$STRIP" ; then
+ striplib="$STRIP -x"
+ old_striplib="$STRIP -S"
+ AC_MSG_RESULT([yes])
+ else
+ AC_MSG_RESULT([no])
+ fi
+ ;;
+ *)
+ AC_MSG_RESULT([no])
+ ;;
+ esac
+fi
+_LT_DECL([], [old_striplib], [1], [Commands to strip libraries])
+_LT_DECL([], [striplib], [1])
+])# _LT_CMD_STRIPLIB
+
+
+# _LT_SYS_DYNAMIC_LINKER([TAG])
+# -----------------------------
+# PORTME Fill in your ld.so characteristics
+m4_defun([_LT_SYS_DYNAMIC_LINKER],
+[AC_REQUIRE([AC_CANONICAL_HOST])dnl
+m4_require([_LT_DECL_EGREP])dnl
+m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+m4_require([_LT_DECL_OBJDUMP])dnl
+m4_require([_LT_DECL_SED])dnl
+AC_MSG_CHECKING([dynamic linker characteristics])
+m4_if([$1],
+ [], [
+if test "$GCC" = yes; then
+ case $host_os in
+ darwin*) lt_awk_arg="/^libraries:/,/LR/" ;;
+ *) lt_awk_arg="/^libraries:/" ;;
+ esac
+ lt_search_path_spec=`$CC -print-search-dirs | awk $lt_awk_arg | $SED -e "s/^libraries://" -e "s,=/,/,g"`
+ if $ECHO "$lt_search_path_spec" | $GREP ';' >/dev/null ; then
+ # if the path contains ";" then we assume it to be the separator
+ # otherwise default to the standard path separator (i.e. ":") - it is
+ # assumed that no part of a normal pathname contains ";" but that should
+ # okay in the real world where ";" in dirpaths is itself problematic.
+ lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED -e 's/;/ /g'`
+ else
+ lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
+ fi
+ # Ok, now we have the path, separated by spaces, we can step through it
+ # and add multilib dir if necessary.
+ lt_tmp_lt_search_path_spec=
+ lt_multi_os_dir=`$CC $CPPFLAGS $CFLAGS $LDFLAGS -print-multi-os-directory 2>/dev/null`
+ for lt_sys_path in $lt_search_path_spec; do
+ if test -d "$lt_sys_path/$lt_multi_os_dir"; then
+ lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path/$lt_multi_os_dir"
+ else
+ test -d "$lt_sys_path" && \
+ lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path"
+ fi
+ done
+ lt_search_path_spec=`$ECHO $lt_tmp_lt_search_path_spec | awk '
+BEGIN {RS=" "; FS="/|\n";} {
+ lt_foo="";
+ lt_count=0;
+ for (lt_i = NF; lt_i > 0; lt_i--) {
+ if ($lt_i != "" && $lt_i != ".") {
+ if ($lt_i == "..") {
+ lt_count++;
+ } else {
+ if (lt_count == 0) {
+ lt_foo="/" $lt_i lt_foo;
+ } else {
+ lt_count--;
+ }
+ }
+ }
+ }
+ if (lt_foo != "") { lt_freq[[lt_foo]]++; }
+ if (lt_freq[[lt_foo]] == 1) { print lt_foo; }
+}'`
+ sys_lib_search_path_spec=`$ECHO $lt_search_path_spec`
+else
+ sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib"
+fi])
+library_names_spec=
+libname_spec='lib$name'
+soname_spec=
+shrext_cmds=".so"
+postinstall_cmds=
+postuninstall_cmds=
+finish_cmds=
+finish_eval=
+shlibpath_var=
+shlibpath_overrides_runpath=unknown
+version_type=none
+dynamic_linker="$host_os ld.so"
+sys_lib_dlsearch_path_spec="/lib /usr/lib"
+need_lib_prefix=unknown
+hardcode_into_libs=no
+
+# when you set need_version to no, make sure it does not cause -set_version
+# flags to be left without arguments
+need_version=unknown
+
+case $host_os in
+aix3*)
+ version_type=linux
+ library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a'
+ shlibpath_var=LIBPATH
+
+ # AIX 3 has no versioning support, so we append a major version to the name.
+ soname_spec='${libname}${release}${shared_ext}$major'
+ ;;
+
+aix[[4-9]]*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ hardcode_into_libs=yes
+ if test "$host_cpu" = ia64; then
+ # AIX 5 supports IA64
+ library_names_spec='${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext}$versuffix $libname${shared_ext}'
+ shlibpath_var=LD_LIBRARY_PATH
+ else
+ # With GCC up to 2.95.x, collect2 would create an import file
+ # for dependence libraries. The import file would start with
+ # the line `#! .'. This would cause the generated library to
+ # depend on `.', always an invalid library. This was fixed in
+ # development snapshots of GCC prior to 3.0.
+ case $host_os in
+ aix4 | aix4.[[01]] | aix4.[[01]].*)
+ if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)'
+ echo ' yes '
+ echo '#endif'; } | ${CC} -E - | $GREP yes > /dev/null; then
+ :
+ else
+ can_build_shared=no
+ fi
+ ;;
+ esac
+ # AIX (on Power*) has no versioning support, so currently we can not hardcode correct
+ # soname into executable. Probably we can add versioning support to
+ # collect2, so additional links can be useful in future.
+ if test "$aix_use_runtimelinking" = yes; then
+ # If using run time linking (on AIX 4.2 or later) use lib<name>.so
+ # instead of lib<name>.a to let people know that these are not
+ # typical AIX shared libraries.
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ else
+ # We preserve .a as extension for shared libraries through AIX4.2
+ # and later when we are not doing run time linking.
+ library_names_spec='${libname}${release}.a $libname.a'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ fi
+ shlibpath_var=LIBPATH
+ fi
+ ;;
+
+amigaos*)
+ case $host_cpu in
+ powerpc)
+ # Since July 2007 AmigaOS4 officially supports .so libraries.
+ # When compiling the executable, add -use-dynld -Lsobjs: to the compileline.
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ ;;
+ m68k)
+ library_names_spec='$libname.ixlibrary $libname.a'
+ # Create ${libname}_ixlibrary.a entries in /sys/libs.
+ finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`$ECHO "X$lib" | $Xsed -e '\''s%^.*/\([[^/]]*\)\.ixlibrary$%\1%'\''`; test $RM /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done'
+ ;;
+ esac
+ ;;
+
+beos*)
+ library_names_spec='${libname}${shared_ext}'
+ dynamic_linker="$host_os ld.so"
+ shlibpath_var=LIBRARY_PATH
+ ;;
+
+bsdi[[45]]*)
+ version_type=linux
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib"
+ sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib"
+ # the default ld.so.conf also contains /usr/contrib/lib and
+ # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow
+ # libtool to hard-code these into programs
+ ;;
+
+cygwin* | mingw* | pw32* | cegcc*)
+ version_type=windows
+ shrext_cmds=".dll"
+ need_version=no
+ need_lib_prefix=no
+
+ case $GCC,$host_os in
+ yes,cygwin* | yes,mingw* | yes,pw32* | yes,cegcc*)
+ library_names_spec='$libname.dll.a'
+ # DLL is installed to $(libdir)/../bin by postinstall_cmds
+ postinstall_cmds='base_file=`basename \${file}`~
+ dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i; echo \$dlname'\''`~
+ dldir=$destdir/`dirname \$dlpath`~
+ test -d \$dldir || mkdir -p \$dldir~
+ $install_prog $dir/$dlname \$dldir/$dlname~
+ chmod a+x \$dldir/$dlname~
+ if test -n '\''$stripme'\'' && test -n '\''$striplib'\''; then
+ eval '\''$striplib \$dldir/$dlname'\'' || exit \$?;
+ fi'
+ postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~
+ dlpath=$dir/\$dldll~
+ $RM \$dlpath'
+ shlibpath_overrides_runpath=yes
+
+ case $host_os in
+ cygwin*)
+ # Cygwin DLLs use 'cyg' prefix rather than 'lib'
+ soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}'
+ sys_lib_search_path_spec="/usr/lib /lib/w32api /lib /usr/local/lib"
+ ;;
+ mingw* | cegcc*)
+ # MinGW DLLs use traditional 'lib' prefix
+ soname_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}'
+ sys_lib_search_path_spec=`$CC -print-search-dirs | $GREP "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"`
+ if $ECHO "$sys_lib_search_path_spec" | [$GREP ';[c-zC-Z]:/' >/dev/null]; then
+ # It is most probably a Windows format PATH printed by
+ # mingw gcc, but we are running on Cygwin. Gcc prints its search
+ # path with ; separators, and with drive letters. We can handle the
+ # drive letters (cygwin fileutils understands them), so leave them,
+ # especially as we might pass files found there to a mingw objdump,
+ # which wouldn't understand a cygwinified path. Ahh.
+ sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'`
+ else
+ sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
+ fi
+ ;;
+ pw32*)
+ # pw32 DLLs use 'pw' prefix rather than 'lib'
+ library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}'
+ ;;
+ esac
+ ;;
+
+ *)
+ library_names_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext} $libname.lib'
+ ;;
+ esac
+ dynamic_linker='Win32 ld.exe'
+ # FIXME: first we should search . and the directory the executable is in
+ shlibpath_var=PATH
+ ;;
+
+darwin* | rhapsody*)
+ dynamic_linker="$host_os dyld"
+ version_type=darwin
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${major}$shared_ext ${libname}$shared_ext'
+ soname_spec='${libname}${release}${major}$shared_ext'
+ shlibpath_overrides_runpath=yes
+ shlibpath_var=DYLD_LIBRARY_PATH
+ shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`'
+m4_if([$1], [],[
+ sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/local/lib"])
+ sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib'
+ ;;
+
+dgux*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ ;;
+
+freebsd1*)
+ dynamic_linker=no
+ ;;
+
+freebsd* | dragonfly*)
+ # DragonFly does not have aout. When/if they implement a new
+ # versioning mechanism, adjust this.
+ if test -x /usr/bin/objformat; then
+ objformat=`/usr/bin/objformat`
+ else
+ case $host_os in
+ freebsd[[123]]*) objformat=aout ;;
+ *) objformat=elf ;;
+ esac
+ fi
+ version_type=freebsd-$objformat
+ case $version_type in
+ freebsd-elf*)
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}'
+ need_version=no
+ need_lib_prefix=no
+ ;;
+ freebsd-*)
+ library_names_spec='${libname}${release}${shared_ext}$versuffix $libname${shared_ext}$versuffix'
+ need_version=yes
+ ;;
+ esac
+ shlibpath_var=LD_LIBRARY_PATH
+ case $host_os in
+ freebsd2*)
+ shlibpath_overrides_runpath=yes
+ ;;
+ freebsd3.[[01]]* | freebsdelf3.[[01]]*)
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ ;;
+ freebsd3.[[2-9]]* | freebsdelf3.[[2-9]]* | \
+ freebsd4.[[0-5]] | freebsdelf4.[[0-5]] | freebsd4.1.1 | freebsdelf4.1.1)
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ ;;
+ *) # from 4.6 on, and DragonFly
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ ;;
+ esac
+ ;;
+
+gnu*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ hardcode_into_libs=yes
+ ;;
+
+hpux9* | hpux10* | hpux11*)
+ # Give a soname corresponding to the major version so that dld.sl refuses to
+ # link against other versions.
+ version_type=sunos
+ need_lib_prefix=no
+ need_version=no
+ case $host_cpu in
+ ia64*)
+ shrext_cmds='.so'
+ hardcode_into_libs=yes
+ dynamic_linker="$host_os dld.so"
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ if test "X$HPUX_IA64_MODE" = X32; then
+ sys_lib_search_path_spec="/usr/lib/hpux32 /usr/local/lib/hpux32 /usr/local/lib"
+ else
+ sys_lib_search_path_spec="/usr/lib/hpux64 /usr/local/lib/hpux64"
+ fi
+ sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
+ ;;
+ hppa*64*)
+ shrext_cmds='.sl'
+ hardcode_into_libs=yes
+ dynamic_linker="$host_os dld.sl"
+ shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH
+ shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64"
+ sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
+ ;;
+ *)
+ shrext_cmds='.sl'
+ dynamic_linker="$host_os dld.sl"
+ shlibpath_var=SHLIB_PATH
+ shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ ;;
+ esac
+ # HP-UX runs *really* slowly unless shared libraries are mode 555.
+ postinstall_cmds='chmod 555 $lib'
+ ;;
+
+interix[[3-9]]*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ ;;
+
+irix5* | irix6* | nonstopux*)
+ case $host_os in
+ nonstopux*) version_type=nonstopux ;;
+ *)
+ if test "$lt_cv_prog_gnu_ld" = yes; then
+ version_type=linux
+ else
+ version_type=irix
+ fi ;;
+ esac
+ need_lib_prefix=no
+ need_version=no
+ soname_spec='${libname}${release}${shared_ext}$major'
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext} $libname${shared_ext}'
+ case $host_os in
+ irix5* | nonstopux*)
+ libsuff= shlibsuff=
+ ;;
+ *)
+ case $LD in # libtool.m4 will add one of these switches to LD
+ *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ")
+ libsuff= shlibsuff= libmagic=32-bit;;
+ *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ")
+ libsuff=32 shlibsuff=N32 libmagic=N32;;
+ *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ")
+ libsuff=64 shlibsuff=64 libmagic=64-bit;;
+ *) libsuff= shlibsuff= libmagic=never-match;;
+ esac
+ ;;
+ esac
+ shlibpath_var=LD_LIBRARY${shlibsuff}_PATH
+ shlibpath_overrides_runpath=no
+ sys_lib_search_path_spec="/usr/lib${libsuff} /lib${libsuff} /usr/local/lib${libsuff}"
+ sys_lib_dlsearch_path_spec="/usr/lib${libsuff} /lib${libsuff}"
+ hardcode_into_libs=yes
+ ;;
+
+# No shared lib support for Linux oldld, aout, or coff.
+linux*oldld* | linux*aout* | linux*coff*)
+ dynamic_linker=no
+ ;;
+
+# This must be Linux ELF.
+linux* | k*bsd*-gnu)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ # Some binutils ld are patched to set DT_RUNPATH
+ save_LDFLAGS=$LDFLAGS
+ save_libdir=$libdir
+ eval "libdir=/foo; wl=\"$_LT_TAGVAR(lt_prog_compiler_wl, $1)\"; \
+ LDFLAGS=\"\$LDFLAGS $_LT_TAGVAR(hardcode_libdir_flag_spec, $1)\""
+ AC_LINK_IFELSE([AC_LANG_PROGRAM([],[])],
+ [AS_IF([ ($OBJDUMP -p conftest$ac_exeext) 2>/dev/null | grep "RUNPATH.*$libdir" >/dev/null],
+ [shlibpath_overrides_runpath=yes])])
+ LDFLAGS=$save_LDFLAGS
+ libdir=$save_libdir
+
+ # This implies no fast_install, which is unacceptable.
+ # Some rework will be needed to allow for fast_install
+ # before this can be enabled.
+ hardcode_into_libs=yes
+
+ # Append ld.so.conf contents to the search path
+ if test -f /etc/ld.so.conf; then
+ lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \[$]2)); skip = 1; } { if (!skip) print \[$]0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
+ sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra"
+ fi
+
+ # We used to test for /lib/ld.so.1 and disable shared libraries on
+ # powerpc, because MkLinux only supported shared libraries with the
+ # GNU dynamic linker. Since this was broken with cross compilers,
+ # most powerpc-linux boxes support dynamic linking these days and
+ # people can always --disable-shared, the test was removed, and we
+ # assume the GNU/Linux dynamic linker is in use.
+ dynamic_linker='GNU/Linux ld.so'
+ ;;
+
+netbsd*)
+ version_type=sunos
+ need_lib_prefix=no
+ need_version=no
+ if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
+ dynamic_linker='NetBSD (a.out) ld.so'
+ else
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ dynamic_linker='NetBSD ld.elf_so'
+ fi
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ ;;
+
+newsos6)
+ version_type=linux
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ ;;
+
+*nto* | *qnx*)
+ version_type=qnx
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ dynamic_linker='ldqnx.so'
+ ;;
+
+openbsd*)
+ version_type=sunos
+ sys_lib_dlsearch_path_spec="/usr/lib"
+ need_lib_prefix=no
+ # Some older versions of OpenBSD (3.3 at least) *do* need versioned libs.
+ case $host_os in
+ openbsd3.3 | openbsd3.3.*) need_version=yes ;;
+ *) need_version=no ;;
+ esac
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+ case $host_os in
+ openbsd2.[[89]] | openbsd2.[[89]].*)
+ shlibpath_overrides_runpath=no
+ ;;
+ *)
+ shlibpath_overrides_runpath=yes
+ ;;
+ esac
+ else
+ shlibpath_overrides_runpath=yes
+ fi
+ ;;
+
+os2*)
+ libname_spec='$name'
+ shrext_cmds=".dll"
+ need_lib_prefix=no
+ library_names_spec='$libname${shared_ext} $libname.a'
+ dynamic_linker='OS/2 ld.exe'
+ shlibpath_var=LIBPATH
+ ;;
+
+osf3* | osf4* | osf5*)
+ version_type=osf
+ need_lib_prefix=no
+ need_version=no
+ soname_spec='${libname}${release}${shared_ext}$major'
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ shlibpath_var=LD_LIBRARY_PATH
+ sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib"
+ sys_lib_dlsearch_path_spec="$sys_lib_search_path_spec"
+ ;;
+
+rdos*)
+ dynamic_linker=no
+ ;;
+
+solaris*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ # ldd complains unless libraries are executable
+ postinstall_cmds='chmod +x $lib'
+ ;;
+
+sunos4*)
+ version_type=sunos
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+ finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ if test "$with_gnu_ld" = yes; then
+ need_lib_prefix=no
+ fi
+ need_version=yes
+ ;;
+
+sysv4 | sysv4.3*)
+ version_type=linux
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ case $host_vendor in
+ sni)
+ shlibpath_overrides_runpath=no
+ need_lib_prefix=no
+ runpath_var=LD_RUN_PATH
+ ;;
+ siemens)
+ need_lib_prefix=no
+ ;;
+ motorola)
+ need_lib_prefix=no
+ need_version=no
+ shlibpath_overrides_runpath=no
+ sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib'
+ ;;
+ esac
+ ;;
+
+sysv4*MP*)
+ if test -d /usr/nec ;then
+ version_type=linux
+ library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}'
+ soname_spec='$libname${shared_ext}.$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ fi
+ ;;
+
+sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*)
+ version_type=freebsd-elf
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ if test "$with_gnu_ld" = yes; then
+ sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib'
+ else
+ sys_lib_search_path_spec='/usr/ccs/lib /usr/lib'
+ case $host_os in
+ sco3.2v5*)
+ sys_lib_search_path_spec="$sys_lib_search_path_spec /lib"
+ ;;
+ esac
+ fi
+ sys_lib_dlsearch_path_spec='/usr/lib'
+ ;;
+
+tpf*)
+ # TPF is a cross-target only. Preferred cross-host = GNU/Linux.
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ ;;
+
+uts4*)
+ version_type=linux
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ ;;
+
+*)
+ dynamic_linker=no
+ ;;
+esac
+AC_MSG_RESULT([$dynamic_linker])
+test "$dynamic_linker" = no && can_build_shared=no
+
+variables_saved_for_relink="PATH $shlibpath_var $runpath_var"
+if test "$GCC" = yes; then
+ variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH"
+fi
+
+if test "${lt_cv_sys_lib_search_path_spec+set}" = set; then
+ sys_lib_search_path_spec="$lt_cv_sys_lib_search_path_spec"
+fi
+if test "${lt_cv_sys_lib_dlsearch_path_spec+set}" = set; then
+ sys_lib_dlsearch_path_spec="$lt_cv_sys_lib_dlsearch_path_spec"
+fi
+
+_LT_DECL([], [variables_saved_for_relink], [1],
+ [Variables whose values should be saved in libtool wrapper scripts and
+ restored at link time])
+_LT_DECL([], [need_lib_prefix], [0],
+ [Do we need the "lib" prefix for modules?])
+_LT_DECL([], [need_version], [0], [Do we need a version for libraries?])
+_LT_DECL([], [version_type], [0], [Library versioning type])
+_LT_DECL([], [runpath_var], [0], [Shared library runtime path variable])
+_LT_DECL([], [shlibpath_var], [0],[Shared library path variable])
+_LT_DECL([], [shlibpath_overrides_runpath], [0],
+ [Is shlibpath searched before the hard-coded library search path?])
+_LT_DECL([], [libname_spec], [1], [Format of library name prefix])
+_LT_DECL([], [library_names_spec], [1],
+ [[List of archive names. First name is the real one, the rest are links.
+ The last name is the one that the linker finds with -lNAME]])
+_LT_DECL([], [soname_spec], [1],
+ [[The coded name of the library, if different from the real name]])
+_LT_DECL([], [postinstall_cmds], [2],
+ [Command to use after installation of a shared archive])
+_LT_DECL([], [postuninstall_cmds], [2],
+ [Command to use after uninstallation of a shared archive])
+_LT_DECL([], [finish_cmds], [2],
+ [Commands used to finish a libtool library installation in a directory])
+_LT_DECL([], [finish_eval], [1],
+ [[As "finish_cmds", except a single script fragment to be evaled but
+ not shown]])
+_LT_DECL([], [hardcode_into_libs], [0],
+ [Whether we should hardcode library paths into libraries])
+_LT_DECL([], [sys_lib_search_path_spec], [2],
+ [Compile-time system search path for libraries])
+_LT_DECL([], [sys_lib_dlsearch_path_spec], [2],
+ [Run-time system search path for libraries])
+])# _LT_SYS_DYNAMIC_LINKER
+
+
+# _LT_PATH_TOOL_PREFIX(TOOL)
+# --------------------------
+# find a file program which can recognize shared library
+AC_DEFUN([_LT_PATH_TOOL_PREFIX],
+[m4_require([_LT_DECL_EGREP])dnl
+AC_MSG_CHECKING([for $1])
+AC_CACHE_VAL(lt_cv_path_MAGIC_CMD,
+[case $MAGIC_CMD in
+[[\\/*] | ?:[\\/]*])
+ lt_cv_path_MAGIC_CMD="$MAGIC_CMD" # Let the user override the test with a path.
+ ;;
+*)
+ lt_save_MAGIC_CMD="$MAGIC_CMD"
+ lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
+dnl $ac_dummy forces splitting on constant user-supplied paths.
+dnl POSIX.2 word splitting is done only on the output of word expansions,
+dnl not every word. This closes a longstanding sh security hole.
+ ac_dummy="m4_if([$2], , $PATH, [$2])"
+ for ac_dir in $ac_dummy; do
+ IFS="$lt_save_ifs"
+ test -z "$ac_dir" && ac_dir=.
+ if test -f $ac_dir/$1; then
+ lt_cv_path_MAGIC_CMD="$ac_dir/$1"
+ if test -n "$file_magic_test_file"; then
+ case $deplibs_check_method in
+ "file_magic "*)
+ file_magic_regex=`expr "$deplibs_check_method" : "file_magic \(.*\)"`
+ MAGIC_CMD="$lt_cv_path_MAGIC_CMD"
+ if eval $file_magic_cmd \$file_magic_test_file 2> /dev/null |
+ $EGREP "$file_magic_regex" > /dev/null; then
+ :
+ else
+ cat <<_LT_EOF 1>&2
+
+*** Warning: the command libtool uses to detect shared libraries,
+*** $file_magic_cmd, produces output that libtool cannot recognize.
+*** The result is that libtool may fail to recognize shared libraries
+*** as such. This will affect the creation of libtool libraries that
+*** depend on shared libraries, but programs linked with such libtool
+*** libraries will work regardless of this problem. Nevertheless, you
+*** may want to report the problem to your system manager and/or to
+*** bug-libtool at gnu.org
+
+_LT_EOF
+ fi ;;
+ esac
+ fi
+ break
+ fi
+ done
+ IFS="$lt_save_ifs"
+ MAGIC_CMD="$lt_save_MAGIC_CMD"
+ ;;
+esac])
+MAGIC_CMD="$lt_cv_path_MAGIC_CMD"
+if test -n "$MAGIC_CMD"; then
+ AC_MSG_RESULT($MAGIC_CMD)
+else
+ AC_MSG_RESULT(no)
+fi
+_LT_DECL([], [MAGIC_CMD], [0],
+ [Used to examine libraries when file_magic_cmd begins with "file"])dnl
+])# _LT_PATH_TOOL_PREFIX
+
+# Old name:
+AU_ALIAS([AC_PATH_TOOL_PREFIX], [_LT_PATH_TOOL_PREFIX])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_PATH_TOOL_PREFIX], [])
+
+
+# _LT_PATH_MAGIC
+# --------------
+# find a file program which can recognize a shared library
+m4_defun([_LT_PATH_MAGIC],
+[_LT_PATH_TOOL_PREFIX(${ac_tool_prefix}file, /usr/bin$PATH_SEPARATOR$PATH)
+if test -z "$lt_cv_path_MAGIC_CMD"; then
+ if test -n "$ac_tool_prefix"; then
+ _LT_PATH_TOOL_PREFIX(file, /usr/bin$PATH_SEPARATOR$PATH)
+ else
+ MAGIC_CMD=:
+ fi
+fi
+])# _LT_PATH_MAGIC
+
+
+# LT_PATH_LD
+# ----------
+# find the pathname to the GNU or non-GNU linker
+AC_DEFUN([LT_PATH_LD],
+[AC_REQUIRE([AC_PROG_CC])dnl
+AC_REQUIRE([AC_CANONICAL_HOST])dnl
+AC_REQUIRE([AC_CANONICAL_BUILD])dnl
+m4_require([_LT_DECL_SED])dnl
+m4_require([_LT_DECL_EGREP])dnl
+
+AC_ARG_WITH([gnu-ld],
+ [AS_HELP_STRING([--with-gnu-ld],
+ [assume the C compiler uses GNU ld @<:@default=no@:>@])],
+ [test "$withval" = no || with_gnu_ld=yes],
+ [with_gnu_ld=no])dnl
+
+ac_prog=ld
+if test "$GCC" = yes; then
+ # Check if gcc -print-prog-name=ld gives a path.
+ AC_MSG_CHECKING([for ld used by $CC])
+ case $host in
+ *-*-mingw*)
+ # gcc leaves a trailing carriage return which upsets mingw
+ ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;;
+ *)
+ ac_prog=`($CC -print-prog-name=ld) 2>&5` ;;
+ esac
+ case $ac_prog in
+ # Accept absolute paths.
+ [[\\/]]* | ?:[[\\/]]*)
+ re_direlt='/[[^/]][[^/]]*/\.\./'
+ # Canonicalize the pathname of ld
+ ac_prog=`$ECHO "$ac_prog"| $SED 's%\\\\%/%g'`
+ while $ECHO "$ac_prog" | $GREP "$re_direlt" > /dev/null 2>&1; do
+ ac_prog=`$ECHO $ac_prog| $SED "s%$re_direlt%/%"`
+ done
+ test -z "$LD" && LD="$ac_prog"
+ ;;
+ "")
+ # If it fails, then pretend we aren't using GCC.
+ ac_prog=ld
+ ;;
+ *)
+ # If it is relative, then search for the first ld in PATH.
+ with_gnu_ld=unknown
+ ;;
+ esac
+elif test "$with_gnu_ld" = yes; then
+ AC_MSG_CHECKING([for GNU ld])
+else
+ AC_MSG_CHECKING([for non-GNU ld])
+fi
+AC_CACHE_VAL(lt_cv_path_LD,
+[if test -z "$LD"; then
+ lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
+ for ac_dir in $PATH; do
+ IFS="$lt_save_ifs"
+ test -z "$ac_dir" && ac_dir=.
+ if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then
+ lt_cv_path_LD="$ac_dir/$ac_prog"
+ # Check to see if the program is GNU ld. I'd rather use --version,
+ # but apparently some variants of GNU ld only accept -v.
+ # Break only if it was the GNU/non-GNU ld that we prefer.
+ case `"$lt_cv_path_LD" -v 2>&1 </dev/null` in
+ *GNU* | *'with BFD'*)
+ test "$with_gnu_ld" != no && break
+ ;;
+ *)
+ test "$with_gnu_ld" != yes && break
+ ;;
+ esac
+ fi
+ done
+ IFS="$lt_save_ifs"
+else
+ lt_cv_path_LD="$LD" # Let the user override the test with a path.
+fi])
+LD="$lt_cv_path_LD"
+if test -n "$LD"; then
+ AC_MSG_RESULT($LD)
+else
+ AC_MSG_RESULT(no)
+fi
+test -z "$LD" && AC_MSG_ERROR([no acceptable ld found in \$PATH])
+_LT_PATH_LD_GNU
+AC_SUBST([LD])
+
+_LT_TAGDECL([], [LD], [1], [The linker used to build libraries])
+])# LT_PATH_LD
+
+# Old names:
+AU_ALIAS([AM_PROG_LD], [LT_PATH_LD])
+AU_ALIAS([AC_PROG_LD], [LT_PATH_LD])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AM_PROG_LD], [])
+dnl AC_DEFUN([AC_PROG_LD], [])
+
+
+# _LT_PATH_LD_GNU
+#- --------------
+m4_defun([_LT_PATH_LD_GNU],
+[AC_CACHE_CHECK([if the linker ($LD) is GNU ld], lt_cv_prog_gnu_ld,
+[# I'd rather use --version here, but apparently some GNU lds only accept -v.
+case `$LD -v 2>&1 </dev/null` in
+*GNU* | *'with BFD'*)
+ lt_cv_prog_gnu_ld=yes
+ ;;
+*)
+ lt_cv_prog_gnu_ld=no
+ ;;
+esac])
+with_gnu_ld=$lt_cv_prog_gnu_ld
+])# _LT_PATH_LD_GNU
+
+
+# _LT_CMD_RELOAD
+# --------------
+# find reload flag for linker
+# -- PORTME Some linkers may need a different reload flag.
+m4_defun([_LT_CMD_RELOAD],
+[AC_CACHE_CHECK([for $LD option to reload object files],
+ lt_cv_ld_reload_flag,
+ [lt_cv_ld_reload_flag='-r'])
+reload_flag=$lt_cv_ld_reload_flag
+case $reload_flag in
+"" | " "*) ;;
+*) reload_flag=" $reload_flag" ;;
+esac
+reload_cmds='$LD$reload_flag -o $output$reload_objs'
+case $host_os in
+ darwin*)
+ if test "$GCC" = yes; then
+ reload_cmds='$LTCC $LTCFLAGS -nostdlib ${wl}-r -o $output$reload_objs'
+ else
+ reload_cmds='$LD$reload_flag -o $output$reload_objs'
+ fi
+ ;;
+esac
+_LT_DECL([], [reload_flag], [1], [How to create reloadable object files])dnl
+_LT_DECL([], [reload_cmds], [2])dnl
+])# _LT_CMD_RELOAD
+
+
+# _LT_CHECK_MAGIC_METHOD
+# ----------------------
+# how to check for library dependencies
+# -- PORTME fill in with the dynamic library characteristics
+m4_defun([_LT_CHECK_MAGIC_METHOD],
+[m4_require([_LT_DECL_EGREP])
+m4_require([_LT_DECL_OBJDUMP])
+AC_CACHE_CHECK([how to recognize dependent libraries],
+lt_cv_deplibs_check_method,
+[lt_cv_file_magic_cmd='$MAGIC_CMD'
+lt_cv_file_magic_test_file=
+lt_cv_deplibs_check_method='unknown'
+# Need to set the preceding variable on all platforms that support
+# interlibrary dependencies.
+# 'none' -- dependencies not supported.
+# `unknown' -- same as none, but documents that we really don't know.
+# 'pass_all' -- all dependencies passed with no checks.
+# 'test_compile' -- check by making test program.
+# 'file_magic [[regex]]' -- check by looking for files in library path
+# which responds to the $file_magic_cmd with a given extended regex.
+# If you have `file' or equivalent on your system and you're not sure
+# whether `pass_all' will *always* work, you probably want this one.
+
+case $host_os in
+aix[[4-9]]*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+beos*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+bsdi[[45]]*)
+ lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (shared object|dynamic lib)'
+ lt_cv_file_magic_cmd='/usr/bin/file -L'
+ lt_cv_file_magic_test_file=/shlib/libc.so
+ ;;
+
+cygwin*)
+ # func_win32_libid is a shell function defined in ltmain.sh
+ lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL'
+ lt_cv_file_magic_cmd='func_win32_libid'
+ ;;
+
+mingw* | pw32*)
+ # Base MSYS/MinGW do not provide the 'file' command needed by
+ # func_win32_libid shell function, so use a weaker test based on 'objdump',
+ # unless we find 'file', for example because we are cross-compiling.
+ if ( file / ) >/dev/null 2>&1; then
+ lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL'
+ lt_cv_file_magic_cmd='func_win32_libid'
+ else
+ lt_cv_deplibs_check_method='file_magic file format pei*-i386(.*architecture: i386)?'
+ lt_cv_file_magic_cmd='$OBJDUMP -f'
+ fi
+ ;;
+
+cegcc)
+ # use the weaker test based on 'objdump'. See mingw*.
+ lt_cv_deplibs_check_method='file_magic file format pe-arm-.*little(.*architecture: arm)?'
+ lt_cv_file_magic_cmd='$OBJDUMP -f'
+ ;;
+
+darwin* | rhapsody*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+freebsd* | dragonfly*)
+ if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then
+ case $host_cpu in
+ i*86 )
+ # Not sure whether the presence of OpenBSD here was a mistake.
+ # Let's accept both of them until this is cleared up.
+ lt_cv_deplibs_check_method='file_magic (FreeBSD|OpenBSD|DragonFly)/i[[3-9]]86 (compact )?demand paged shared library'
+ lt_cv_file_magic_cmd=/usr/bin/file
+ lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*`
+ ;;
+ esac
+ else
+ lt_cv_deplibs_check_method=pass_all
+ fi
+ ;;
+
+gnu*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+hpux10.20* | hpux11*)
+ lt_cv_file_magic_cmd=/usr/bin/file
+ case $host_cpu in
+ ia64*)
+ lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|ELF-[[0-9]][[0-9]]) shared object file - IA64'
+ lt_cv_file_magic_test_file=/usr/lib/hpux32/libc.so
+ ;;
+ hppa*64*)
+ [lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF-[0-9][0-9]) shared object file - PA-RISC [0-9].[0-9]']
+ lt_cv_file_magic_test_file=/usr/lib/pa20_64/libc.sl
+ ;;
+ *)
+ lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|PA-RISC[[0-9]].[[0-9]]) shared library'
+ lt_cv_file_magic_test_file=/usr/lib/libc.sl
+ ;;
+ esac
+ ;;
+
+interix[[3-9]]*)
+ # PIC code is broken on Interix 3.x, that's why |\.a not |_pic\.a here
+ lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so|\.a)$'
+ ;;
+
+irix5* | irix6* | nonstopux*)
+ case $LD in
+ *-32|*"-32 ") libmagic=32-bit;;
+ *-n32|*"-n32 ") libmagic=N32;;
+ *-64|*"-64 ") libmagic=64-bit;;
+ *) libmagic=never-match;;
+ esac
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+# This must be Linux ELF.
+linux* | k*bsd*-gnu)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+netbsd*)
+ if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then
+ lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|_pic\.a)$'
+ else
+ lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so|_pic\.a)$'
+ fi
+ ;;
+
+newos6*)
+ lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (executable|dynamic lib)'
+ lt_cv_file_magic_cmd=/usr/bin/file
+ lt_cv_file_magic_test_file=/usr/lib/libnls.so
+ ;;
+
+*nto* | *qnx*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+openbsd*)
+ if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+ lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|\.so|_pic\.a)$'
+ else
+ lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|_pic\.a)$'
+ fi
+ ;;
+
+osf3* | osf4* | osf5*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+rdos*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+solaris*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+sysv4 | sysv4.3*)
+ case $host_vendor in
+ motorola)
+ lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (shared object|dynamic lib) M[[0-9]][[0-9]]* Version [[0-9]]'
+ lt_cv_file_magic_test_file=`echo /usr/lib/libc.so*`
+ ;;
+ ncr)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+ sequent)
+ lt_cv_file_magic_cmd='/bin/file'
+ lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[LM]]SB (shared object|dynamic lib )'
+ ;;
+ sni)
+ lt_cv_file_magic_cmd='/bin/file'
+ lt_cv_deplibs_check_method="file_magic ELF [[0-9]][[0-9]]*-bit [[LM]]SB dynamic lib"
+ lt_cv_file_magic_test_file=/lib/libc.so
+ ;;
+ siemens)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+ pc)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+ esac
+ ;;
+
+tpf*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+esac
+])
+file_magic_cmd=$lt_cv_file_magic_cmd
+deplibs_check_method=$lt_cv_deplibs_check_method
+test -z "$deplibs_check_method" && deplibs_check_method=unknown
+
+_LT_DECL([], [deplibs_check_method], [1],
+ [Method to check whether dependent libraries are shared objects])
+_LT_DECL([], [file_magic_cmd], [1],
+ [Command to use when deplibs_check_method == "file_magic"])
+])# _LT_CHECK_MAGIC_METHOD
+
+
+# LT_PATH_NM
+# ----------
+# find the pathname to a BSD- or MS-compatible name lister
+AC_DEFUN([LT_PATH_NM],
+[AC_REQUIRE([AC_PROG_CC])dnl
+AC_CACHE_CHECK([for BSD- or MS-compatible name lister (nm)], lt_cv_path_NM,
+[if test -n "$NM"; then
+ # Let the user override the test.
+ lt_cv_path_NM="$NM"
+else
+ lt_nm_to_check="${ac_tool_prefix}nm"
+ if test -n "$ac_tool_prefix" && test "$build" = "$host"; then
+ lt_nm_to_check="$lt_nm_to_check nm"
+ fi
+ for lt_tmp_nm in $lt_nm_to_check; do
+ lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
+ for ac_dir in $PATH /usr/ccs/bin/elf /usr/ccs/bin /usr/ucb /bin; do
+ IFS="$lt_save_ifs"
+ test -z "$ac_dir" && ac_dir=.
+ tmp_nm="$ac_dir/$lt_tmp_nm"
+ if test -f "$tmp_nm" || test -f "$tmp_nm$ac_exeext" ; then
+ # Check to see if the nm accepts a BSD-compat flag.
+ # Adding the `sed 1q' prevents false positives on HP-UX, which says:
+ # nm: unknown option "B" ignored
+ # Tru64's nm complains that /dev/null is an invalid object file
+ case `"$tmp_nm" -B /dev/null 2>&1 | sed '1q'` in
+ */dev/null* | *'Invalid file or object type'*)
+ lt_cv_path_NM="$tmp_nm -B"
+ break
+ ;;
+ *)
+ case `"$tmp_nm" -p /dev/null 2>&1 | sed '1q'` in
+ */dev/null*)
+ lt_cv_path_NM="$tmp_nm -p"
+ break
+ ;;
+ *)
+ lt_cv_path_NM=${lt_cv_path_NM="$tmp_nm"} # keep the first match, but
+ continue # so that we can try to find one that supports BSD flags
+ ;;
+ esac
+ ;;
+ esac
+ fi
+ done
+ IFS="$lt_save_ifs"
+ done
+ : ${lt_cv_path_NM=no}
+fi])
+if test "$lt_cv_path_NM" != "no"; then
+ NM="$lt_cv_path_NM"
+else
+ # Didn't find any BSD compatible name lister, look for dumpbin.
+ AC_CHECK_TOOLS(DUMPBIN, ["dumpbin -symbols" "link -dump -symbols"], :)
+ AC_SUBST([DUMPBIN])
+ if test "$DUMPBIN" != ":"; then
+ NM="$DUMPBIN"
+ fi
+fi
+test -z "$NM" && NM=nm
+AC_SUBST([NM])
+_LT_DECL([], [NM], [1], [A BSD- or MS-compatible name lister])dnl
+
+AC_CACHE_CHECK([the name lister ($NM) interface], [lt_cv_nm_interface],
+ [lt_cv_nm_interface="BSD nm"
+ echo "int some_variable = 0;" > conftest.$ac_ext
+ (eval echo "\"\$as_me:__oline__: $ac_compile\"" >&AS_MESSAGE_LOG_FD)
+ (eval "$ac_compile" 2>conftest.err)
+ cat conftest.err >&AS_MESSAGE_LOG_FD
+ (eval echo "\"\$as_me:__oline__: $NM \\\"conftest.$ac_objext\\\"\"" >&AS_MESSAGE_LOG_FD)
+ (eval "$NM \"conftest.$ac_objext\"" 2>conftest.err > conftest.out)
+ cat conftest.err >&AS_MESSAGE_LOG_FD
+ (eval echo "\"\$as_me:__oline__: output\"" >&AS_MESSAGE_LOG_FD)
+ cat conftest.out >&AS_MESSAGE_LOG_FD
+ if $GREP 'External.*some_variable' conftest.out > /dev/null; then
+ lt_cv_nm_interface="MS dumpbin"
+ fi
+ rm -f conftest*])
+])# LT_PATH_NM
+
+# Old names:
+AU_ALIAS([AM_PROG_NM], [LT_PATH_NM])
+AU_ALIAS([AC_PROG_NM], [LT_PATH_NM])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AM_PROG_NM], [])
+dnl AC_DEFUN([AC_PROG_NM], [])
+
+
+# LT_LIB_M
+# --------
+# check for math library
+AC_DEFUN([LT_LIB_M],
+[AC_REQUIRE([AC_CANONICAL_HOST])dnl
+LIBM=
+case $host in
+*-*-beos* | *-*-cygwin* | *-*-pw32* | *-*-darwin*)
+ # These system don't have libm, or don't need it
+ ;;
+*-ncr-sysv4.3*)
+ AC_CHECK_LIB(mw, _mwvalidcheckl, LIBM="-lmw")
+ AC_CHECK_LIB(m, cos, LIBM="$LIBM -lm")
+ ;;
+*)
+ AC_CHECK_LIB(m, cos, LIBM="-lm")
+ ;;
+esac
+AC_SUBST([LIBM])
+])# LT_LIB_M
+
+# Old name:
+AU_ALIAS([AC_CHECK_LIBM], [LT_LIB_M])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_CHECK_LIBM], [])
+
+
+# _LT_COMPILER_NO_RTTI([TAGNAME])
+# -------------------------------
+m4_defun([_LT_COMPILER_NO_RTTI],
+[m4_require([_LT_TAG_COMPILER])dnl
+
+_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=
+
+if test "$GCC" = yes; then
+ _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -fno-builtin'
+
+ _LT_COMPILER_OPTION([if $compiler supports -fno-rtti -fno-exceptions],
+ lt_cv_prog_compiler_rtti_exceptions,
+ [-fno-rtti -fno-exceptions], [],
+ [_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)="$_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1) -fno-rtti -fno-exceptions"])
+fi
+_LT_TAGDECL([no_builtin_flag], [lt_prog_compiler_no_builtin_flag], [1],
+ [Compiler flag to turn off builtin functions])
+])# _LT_COMPILER_NO_RTTI
+
+
+# _LT_CMD_GLOBAL_SYMBOLS
+# ----------------------
+m4_defun([_LT_CMD_GLOBAL_SYMBOLS],
+[AC_REQUIRE([AC_CANONICAL_HOST])dnl
+AC_REQUIRE([AC_PROG_CC])dnl
+AC_REQUIRE([LT_PATH_NM])dnl
+AC_REQUIRE([LT_PATH_LD])dnl
+m4_require([_LT_DECL_SED])dnl
+m4_require([_LT_DECL_EGREP])dnl
+m4_require([_LT_TAG_COMPILER])dnl
+
+# Check for command to grab the raw symbol name followed by C symbol from nm.
+AC_MSG_CHECKING([command to parse $NM output from $compiler object])
+AC_CACHE_VAL([lt_cv_sys_global_symbol_pipe],
+[
+# These are sane defaults that work on at least a few old systems.
+# [They come from Ultrix. What could be older than Ultrix?!! ;)]
+
+# Character class describing NM global symbol codes.
+symcode='[[BCDEGRST]]'
+
+# Regexp to match symbols that can be accessed directly from C.
+sympat='\([[_A-Za-z]][[_A-Za-z0-9]]*\)'
+
+# Define system-specific variables.
+case $host_os in
+aix*)
+ symcode='[[BCDT]]'
+ ;;
+cygwin* | mingw* | pw32* | cegcc*)
+ symcode='[[ABCDGISTW]]'
+ ;;
+hpux*)
+ if test "$host_cpu" = ia64; then
+ symcode='[[ABCDEGRST]]'
+ fi
+ ;;
+irix* | nonstopux*)
+ symcode='[[BCDEGRST]]'
+ ;;
+osf*)
+ symcode='[[BCDEGQRST]]'
+ ;;
+solaris*)
+ symcode='[[BDRT]]'
+ ;;
+sco3.2v5*)
+ symcode='[[DT]]'
+ ;;
+sysv4.2uw2*)
+ symcode='[[DT]]'
+ ;;
+sysv5* | sco5v6* | unixware* | OpenUNIX*)
+ symcode='[[ABDT]]'
+ ;;
+sysv4)
+ symcode='[[DFNSTU]]'
+ ;;
+esac
+
+# If we're using GNU nm, then use its standard symbol codes.
+case `$NM -V 2>&1` in
+*GNU* | *'with BFD'*)
+ symcode='[[ABCDGIRSTW]]' ;;
+esac
+
+# Transform an extracted symbol line into a proper C declaration.
+# Some systems (esp. on ia64) link data and code symbols differently,
+# so use this general approach.
+lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'"
+
+# Transform an extracted symbol line into symbol name and symbol address
+lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([[^ ]]*\) $/ {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/ {\"\2\", (void *) \&\2},/p'"
+lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="sed -n -e 's/^: \([[^ ]]*\) $/ {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \(lib[[^ ]]*\)$/ {\"\2\", (void *) \&\2},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/ {\"lib\2\", (void *) \&\2},/p'"
+
+# Handle CRLF in mingw tool chain
+opt_cr=
+case $build_os in
+mingw*)
+ opt_cr=`$ECHO 'x\{0,1\}' | tr x '\015'` # option cr in regexp
+ ;;
+esac
+
+# Try without a prefix underscore, then with it.
+for ac_symprfx in "" "_"; do
+
+ # Transform symcode, sympat, and symprfx into a raw symbol and a C symbol.
+ symxfrm="\\1 $ac_symprfx\\2 \\2"
+
+ # Write the raw and C identifiers.
+ if test "$lt_cv_nm_interface" = "MS dumpbin"; then
+ # Fake it for dumpbin and say T for any non-static function
+ # and D for any global variable.
+ # Also find C++ and __fastcall symbols from MSVC++,
+ # which start with @ or ?.
+ lt_cv_sys_global_symbol_pipe="$AWK ['"\
+" {last_section=section; section=\$ 3};"\
+" /Section length .*#relocs.*(pick any)/{hide[last_section]=1};"\
+" \$ 0!~/External *\|/{next};"\
+" / 0+ UNDEF /{next}; / UNDEF \([^|]\)*()/{next};"\
+" {if(hide[section]) next};"\
+" {f=0}; \$ 0~/\(\).*\|/{f=1}; {printf f ? \"T \" : \"D \"};"\
+" {split(\$ 0, a, /\||\r/); split(a[2], s)};"\
+" s[1]~/^[@?]/{print s[1], s[1]; next};"\
+" s[1]~prfx {split(s[1],t,\"@\"); print t[1], substr(t[1],length(prfx))}"\
+" ' prfx=^$ac_symprfx]"
+ else
+ lt_cv_sys_global_symbol_pipe="sed -n -e 's/^.*[[ ]]\($symcode$symcode*\)[[ ]][[ ]]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'"
+ fi
+
+ # Check to see that the pipe works correctly.
+ pipe_works=no
+
+ rm -f conftest*
+ cat > conftest.$ac_ext <<_LT_EOF
+#ifdef __cplusplus
+extern "C" {
+#endif
+char nm_test_var;
+void nm_test_func(void);
+void nm_test_func(void){}
+#ifdef __cplusplus
+}
+#endif
+int main(){nm_test_var='a';nm_test_func();return(0);}
+_LT_EOF
+
+ if AC_TRY_EVAL(ac_compile); then
+ # Now try to grab the symbols.
+ nlist=conftest.nm
+ if AC_TRY_EVAL(NM conftest.$ac_objext \| $lt_cv_sys_global_symbol_pipe \> $nlist) && test -s "$nlist"; then
+ # Try sorting and uniquifying the output.
+ if sort "$nlist" | uniq > "$nlist"T; then
+ mv -f "$nlist"T "$nlist"
+ else
+ rm -f "$nlist"T
+ fi
+
+ # Make sure that we snagged all the symbols we need.
+ if $GREP ' nm_test_var$' "$nlist" >/dev/null; then
+ if $GREP ' nm_test_func$' "$nlist" >/dev/null; then
+ cat <<_LT_EOF > conftest.$ac_ext
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+_LT_EOF
+ # Now generate the symbol file.
+ eval "$lt_cv_sys_global_symbol_to_cdecl"' < "$nlist" | $GREP -v main >> conftest.$ac_ext'
+
+ cat <<_LT_EOF >> conftest.$ac_ext
+
+/* The mapping between symbol names and symbols. */
+const struct {
+ const char *name;
+ void *address;
+}
+lt__PROGRAM__LTX_preloaded_symbols[[]] =
+{
+ { "@PROGRAM@", (void *) 0 },
+_LT_EOF
+ $SED "s/^$symcode$symcode* \(.*\) \(.*\)$/ {\"\2\", (void *) \&\2},/" < "$nlist" | $GREP -v main >> conftest.$ac_ext
+ cat <<\_LT_EOF >> conftest.$ac_ext
+ {0, (void *) 0}
+};
+
+/* This works around a problem in FreeBSD linker */
+#ifdef FREEBSD_WORKAROUND
+static const void *lt_preloaded_setup() {
+ return lt__PROGRAM__LTX_preloaded_symbols;
+}
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+_LT_EOF
+ # Now try linking the two files.
+ mv conftest.$ac_objext conftstm.$ac_objext
+ lt_save_LIBS="$LIBS"
+ lt_save_CFLAGS="$CFLAGS"
+ LIBS="conftstm.$ac_objext"
+ CFLAGS="$CFLAGS$_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)"
+ if AC_TRY_EVAL(ac_link) && test -s conftest${ac_exeext}; then
+ pipe_works=yes
+ fi
+ LIBS="$lt_save_LIBS"
+ CFLAGS="$lt_save_CFLAGS"
+ else
+ echo "cannot find nm_test_func in $nlist" >&AS_MESSAGE_LOG_FD
+ fi
+ else
+ echo "cannot find nm_test_var in $nlist" >&AS_MESSAGE_LOG_FD
+ fi
+ else
+ echo "cannot run $lt_cv_sys_global_symbol_pipe" >&AS_MESSAGE_LOG_FD
+ fi
+ else
+ echo "$progname: failed program was:" >&AS_MESSAGE_LOG_FD
+ cat conftest.$ac_ext >&5
+ fi
+ rm -rf conftest* conftst*
+
+ # Do not use the global_symbol_pipe unless it works.
+ if test "$pipe_works" = yes; then
+ break
+ else
+ lt_cv_sys_global_symbol_pipe=
+ fi
+done
+])
+if test -z "$lt_cv_sys_global_symbol_pipe"; then
+ lt_cv_sys_global_symbol_to_cdecl=
+fi
+if test -z "$lt_cv_sys_global_symbol_pipe$lt_cv_sys_global_symbol_to_cdecl"; then
+ AC_MSG_RESULT(failed)
+else
+ AC_MSG_RESULT(ok)
+fi
+
+_LT_DECL([global_symbol_pipe], [lt_cv_sys_global_symbol_pipe], [1],
+ [Take the output of nm and produce a listing of raw symbols and C names])
+_LT_DECL([global_symbol_to_cdecl], [lt_cv_sys_global_symbol_to_cdecl], [1],
+ [Transform the output of nm in a proper C declaration])
+_LT_DECL([global_symbol_to_c_name_address],
+ [lt_cv_sys_global_symbol_to_c_name_address], [1],
+ [Transform the output of nm in a C name address pair])
+_LT_DECL([global_symbol_to_c_name_address_lib_prefix],
+ [lt_cv_sys_global_symbol_to_c_name_address_lib_prefix], [1],
+ [Transform the output of nm in a C name address pair when lib prefix is needed])
+]) # _LT_CMD_GLOBAL_SYMBOLS
+
+
+# _LT_COMPILER_PIC([TAGNAME])
+# ---------------------------
+m4_defun([_LT_COMPILER_PIC],
+[m4_require([_LT_TAG_COMPILER])dnl
+_LT_TAGVAR(lt_prog_compiler_wl, $1)=
+_LT_TAGVAR(lt_prog_compiler_pic, $1)=
+_LT_TAGVAR(lt_prog_compiler_static, $1)=
+
+AC_MSG_CHECKING([for $compiler option to produce PIC])
+m4_if([$1], [CXX], [
+ # C++ specific cases for pic, static, wl, etc.
+ if test "$GXX" = yes; then
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
+
+ case $host_os in
+ aix*)
+ # All AIX code is PIC.
+ if test "$host_cpu" = ia64; then
+ # AIX 5 now supports IA64 processor
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ fi
+ ;;
+
+ amigaos*)
+ case $host_cpu in
+ powerpc)
+ # see comment about AmigaOS4 .so support
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+ ;;
+ m68k)
+ # FIXME: we need at least 68020 code to build shared libraries, but
+ # adding the `-m68020' flag to GCC prevents building anything better,
+ # like `-m68040'.
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-m68020 -resident32 -malways-restore-a4'
+ ;;
+ esac
+ ;;
+
+ beos* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*)
+ # PIC is the default for these OSes.
+ ;;
+ mingw* | cygwin* | os2* | pw32* | cegcc*)
+ # This hack is so that the source file can tell whether it is being
+ # built for inclusion in a dll (and should export symbols for example).
+ # Although the cygwin gcc ignores -fPIC, still need this for old-style
+ # (--disable-auto-import) libraries
+ m4_if([$1], [GCJ], [],
+ [_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT'])
+ ;;
+ darwin* | rhapsody*)
+ # PIC is the default on this platform
+ # Common symbols not allowed in MH_DYLIB files
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fno-common'
+ ;;
+ *djgpp*)
+ # DJGPP does not support shared libraries at all
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)=
+ ;;
+ interix[[3-9]]*)
+ # Interix 3.x gcc -fpic/-fPIC options generate broken code.
+ # Instead, we relocate shared libraries at runtime.
+ ;;
+ sysv4*MP*)
+ if test -d /usr/nec; then
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)=-Kconform_pic
+ fi
+ ;;
+ hpux*)
+ # PIC is the default for 64-bit PA HP-UX, but not for 32-bit
+ # PA HP-UX. On IA64 HP-UX, PIC is the default but the pic flag
+ # sets the default TLS model and affects inlining.
+ case $host_cpu in
+ hppa*64*)
+ ;;
+ *)
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+ ;;
+ esac
+ ;;
+ *qnx* | *nto*)
+ # QNX uses GNU C++, but need to define -shared option too, otherwise
+ # it will coredump.
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared'
+ ;;
+ *)
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+ ;;
+ esac
+ else
+ case $host_os in
+ aix[[4-9]]*)
+ # All AIX code is PIC.
+ if test "$host_cpu" = ia64; then
+ # AIX 5 now supports IA64 processor
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ else
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-bnso -bI:/lib/syscalls.exp'
+ fi
+ ;;
+ chorus*)
+ case $cc_basename in
+ cxch68*)
+ # Green Hills C++ Compiler
+ # _LT_TAGVAR(lt_prog_compiler_static, $1)="--no_auto_instantiation -u __main -u __premain -u _abort -r $COOL_DIR/lib/libOrb.a $MVME_DIR/lib/CC/libC.a $MVME_DIR/lib/classix/libcx.s.a"
+ ;;
+ esac
+ ;;
+ dgux*)
+ case $cc_basename in
+ ec++*)
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ ;;
+ ghcx*)
+ # Green Hills C++ Compiler
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ freebsd* | dragonfly*)
+ # FreeBSD uses GNU C++
+ ;;
+ hpux9* | hpux10* | hpux11*)
+ case $cc_basename in
+ CC*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive'
+ if test "$host_cpu" != ia64; then
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='+Z'
+ fi
+ ;;
+ aCC*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive'
+ case $host_cpu in
+ hppa*64*|ia64*)
+ # +Z the default
+ ;;
+ *)
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='+Z'
+ ;;
+ esac
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ interix*)
+ # This is c89, which is MS Visual C++ (no shared libs)
+ # Anyone wants to do a port?
+ ;;
+ irix5* | irix6* | nonstopux*)
+ case $cc_basename in
+ CC*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
+ # CC pic flag -KPIC is the default.
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ linux* | k*bsd*-gnu)
+ case $cc_basename in
+ KCC*)
+ # KAI C++ Compiler
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='--backend -Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+ ;;
+ ecpc* )
+ # old Intel C++ for x86_64 which still supported -KPIC.
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
+ ;;
+ icpc* )
+ # Intel C++, used to be incompatible with GCC.
+ # ICC 10 doesn't accept -KPIC any more.
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
+ ;;
+ pgCC* | pgcpp*)
+ # Portland Group C++ compiler
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fpic'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+ cxx*)
+ # Compaq C++
+ # Make sure the PIC flag is empty. It appears that all Alpha
+ # Linux and Compaq Tru64 Unix objects are PIC.
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)=
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
+ ;;
+ xlc* | xlC*)
+ # IBM XL 8.0 on PPC
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-qpic'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-qstaticlink'
+ ;;
+ *)
+ case `$CC -V 2>&1 | sed 5q` in
+ *Sun\ C*)
+ # Sun C++ 5.9
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld '
+ ;;
+ esac
+ ;;
+ esac
+ ;;
+ lynxos*)
+ ;;
+ m88k*)
+ ;;
+ mvs*)
+ case $cc_basename in
+ cxx*)
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-W c,exportall'
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ netbsd*)
+ ;;
+ *qnx* | *nto*)
+ # QNX uses GNU C++, but need to define -shared option too, otherwise
+ # it will coredump.
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared'
+ ;;
+ osf3* | osf4* | osf5*)
+ case $cc_basename in
+ KCC*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='--backend -Wl,'
+ ;;
+ RCC*)
+ # Rational C++ 2.4.1
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
+ ;;
+ cxx*)
+ # Digital/Compaq C++
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ # Make sure the PIC flag is empty. It appears that all Alpha
+ # Linux and Compaq Tru64 Unix objects are PIC.
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)=
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ psos*)
+ ;;
+ solaris*)
+ case $cc_basename in
+ CC*)
+ # Sun C++ 4.2, 5.x and Centerline C++
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld '
+ ;;
+ gcx*)
+ # Green Hills C++ Compiler
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-PIC'
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ sunos4*)
+ case $cc_basename in
+ CC*)
+ # Sun C++ 4.x
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+ lcc*)
+ # Lucid
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*)
+ case $cc_basename in
+ CC*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+ esac
+ ;;
+ tandem*)
+ case $cc_basename in
+ NCC*)
+ # NonStop-UX NCC 3.20
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ vxworks*)
+ ;;
+ *)
+ _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no
+ ;;
+ esac
+ fi
+],
+[
+ if test "$GCC" = yes; then
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
+
+ case $host_os in
+ aix*)
+ # All AIX code is PIC.
+ if test "$host_cpu" = ia64; then
+ # AIX 5 now supports IA64 processor
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ fi
+ ;;
+
+ amigaos*)
+ case $host_cpu in
+ powerpc)
+ # see comment about AmigaOS4 .so support
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+ ;;
+ m68k)
+ # FIXME: we need at least 68020 code to build shared libraries, but
+ # adding the `-m68020' flag to GCC prevents building anything better,
+ # like `-m68040'.
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-m68020 -resident32 -malways-restore-a4'
+ ;;
+ esac
+ ;;
+
+ beos* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*)
+ # PIC is the default for these OSes.
+ ;;
+
+ mingw* | cygwin* | pw32* | os2* | cegcc*)
+ # This hack is so that the source file can tell whether it is being
+ # built for inclusion in a dll (and should export symbols for example).
+ # Although the cygwin gcc ignores -fPIC, still need this for old-style
+ # (--disable-auto-import) libraries
+ m4_if([$1], [GCJ], [],
+ [_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT'])
+ ;;
+
+ darwin* | rhapsody*)
+ # PIC is the default on this platform
+ # Common symbols not allowed in MH_DYLIB files
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fno-common'
+ ;;
+
+ hpux*)
+ # PIC is the default for 64-bit PA HP-UX, but not for 32-bit
+ # PA HP-UX. On IA64 HP-UX, PIC is the default but the pic flag
+ # sets the default TLS model and affects inlining.
+ case $host_cpu in
+ hppa*64*)
+ # +Z the default
+ ;;
+ *)
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+ ;;
+ esac
+ ;;
+
+ interix[[3-9]]*)
+ # Interix 3.x gcc -fpic/-fPIC options generate broken code.
+ # Instead, we relocate shared libraries at runtime.
+ ;;
+
+ msdosdjgpp*)
+ # Just because we use GCC doesn't mean we suddenly get shared libraries
+ # on systems that don't support them.
+ _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no
+ enable_shared=no
+ ;;
+
+ *nto* | *qnx*)
+ # QNX uses GNU C++, but need to define -shared option too, otherwise
+ # it will coredump.
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared'
+ ;;
+
+ sysv4*MP*)
+ if test -d /usr/nec; then
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)=-Kconform_pic
+ fi
+ ;;
+
+ *)
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+ ;;
+ esac
+ else
+ # PORTME Check for flag to pass linker flags through the system compiler.
+ case $host_os in
+ aix*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ if test "$host_cpu" = ia64; then
+ # AIX 5 now supports IA64 processor
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ else
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-bnso -bI:/lib/syscalls.exp'
+ fi
+ ;;
+
+ mingw* | cygwin* | pw32* | os2* | cegcc*)
+ # This hack is so that the source file can tell whether it is being
+ # built for inclusion in a dll (and should export symbols for example).
+ m4_if([$1], [GCJ], [],
+ [_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT'])
+ ;;
+
+ hpux9* | hpux10* | hpux11*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but
+ # not for PA HP-UX.
+ case $host_cpu in
+ hppa*64*|ia64*)
+ # +Z the default
+ ;;
+ *)
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='+Z'
+ ;;
+ esac
+ # Is there a better lt_prog_compiler_static that works with the bundled CC?
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive'
+ ;;
+
+ irix5* | irix6* | nonstopux*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ # PIC (with -KPIC) is the default.
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
+ ;;
+
+ linux* | k*bsd*-gnu)
+ case $cc_basename in
+ # old Intel for x86_64 which still supported -KPIC.
+ ecc*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
+ ;;
+ # icc used to be incompatible with GCC.
+ # ICC 10 doesn't accept -KPIC any more.
+ icc* | ifort*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
+ ;;
+ # Lahey Fortran 8.1.
+ lf95*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='--shared'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='--static'
+ ;;
+ pgcc* | pgf77* | pgf90* | pgf95*)
+ # Portland Group compilers (*not* the Pentium gcc compiler,
+ # which looks to be a dead project)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fpic'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+ ccc*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ # All Alpha code is PIC.
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
+ ;;
+ xl*)
+ # IBM XL C 8.0/Fortran 10.1 on PPC
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-qpic'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-qstaticlink'
+ ;;
+ *)
+ case `$CC -V 2>&1 | sed 5q` in
+ *Sun\ C*)
+ # Sun C 5.9
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ ;;
+ *Sun\ F*)
+ # Sun Fortran 8.3 passes all unrecognized flags to the linker
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)=''
+ ;;
+ esac
+ ;;
+ esac
+ ;;
+
+ newsos6)
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+
+ *nto* | *qnx*)
+ # QNX uses GNU C++, but need to define -shared option too, otherwise
+ # it will coredump.
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared'
+ ;;
+
+ osf3* | osf4* | osf5*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ # All OSF/1 code is PIC.
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
+ ;;
+
+ rdos*)
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
+ ;;
+
+ solaris*)
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ case $cc_basename in
+ f77* | f90* | f95*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ';;
+ *)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,';;
+ esac
+ ;;
+
+ sunos4*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld '
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-PIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+
+ sysv4 | sysv4.2uw2* | sysv4.3*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+
+ sysv4*MP*)
+ if test -d /usr/nec ;then
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-Kconform_pic'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ fi
+ ;;
+
+ sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+
+ unicos*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no
+ ;;
+
+ uts4*)
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+
+ *)
+ _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no
+ ;;
+ esac
+ fi
+])
+case $host_os in
+ # For platforms which do not support PIC, -DPIC is meaningless:
+ *djgpp*)
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)=
+ ;;
+ *)
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)="$_LT_TAGVAR(lt_prog_compiler_pic, $1)@&t at m4_if([$1],[],[ -DPIC],[m4_if([$1],[CXX],[ -DPIC],[])])"
+ ;;
+esac
+AC_MSG_RESULT([$_LT_TAGVAR(lt_prog_compiler_pic, $1)])
+_LT_TAGDECL([wl], [lt_prog_compiler_wl], [1],
+ [How to pass a linker flag through the compiler])
+
+#
+# Check to make sure the PIC flag actually works.
+#
+if test -n "$_LT_TAGVAR(lt_prog_compiler_pic, $1)"; then
+ _LT_COMPILER_OPTION([if $compiler PIC flag $_LT_TAGVAR(lt_prog_compiler_pic, $1) works],
+ [_LT_TAGVAR(lt_cv_prog_compiler_pic_works, $1)],
+ [$_LT_TAGVAR(lt_prog_compiler_pic, $1)@&t at m4_if([$1],[],[ -DPIC],[m4_if([$1],[CXX],[ -DPIC],[])])], [],
+ [case $_LT_TAGVAR(lt_prog_compiler_pic, $1) in
+ "" | " "*) ;;
+ *) _LT_TAGVAR(lt_prog_compiler_pic, $1)=" $_LT_TAGVAR(lt_prog_compiler_pic, $1)" ;;
+ esac],
+ [_LT_TAGVAR(lt_prog_compiler_pic, $1)=
+ _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no])
+fi
+_LT_TAGDECL([pic_flag], [lt_prog_compiler_pic], [1],
+ [Additional compiler flags for building library objects])
+
+#
+# Check to make sure the static flag actually works.
+#
+wl=$_LT_TAGVAR(lt_prog_compiler_wl, $1) eval lt_tmp_static_flag=\"$_LT_TAGVAR(lt_prog_compiler_static, $1)\"
+_LT_LINKER_OPTION([if $compiler static flag $lt_tmp_static_flag works],
+ _LT_TAGVAR(lt_cv_prog_compiler_static_works, $1),
+ $lt_tmp_static_flag,
+ [],
+ [_LT_TAGVAR(lt_prog_compiler_static, $1)=])
+_LT_TAGDECL([link_static_flag], [lt_prog_compiler_static], [1],
+ [Compiler flag to prevent dynamic linking])
+])# _LT_COMPILER_PIC
+
+
+# _LT_LINKER_SHLIBS([TAGNAME])
+# ----------------------------
+# See if the linker supports building shared libraries.
+m4_defun([_LT_LINKER_SHLIBS],
+[AC_REQUIRE([LT_PATH_LD])dnl
+AC_REQUIRE([LT_PATH_NM])dnl
+m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+m4_require([_LT_DECL_EGREP])dnl
+m4_require([_LT_DECL_SED])dnl
+m4_require([_LT_CMD_GLOBAL_SYMBOLS])dnl
+m4_require([_LT_TAG_COMPILER])dnl
+AC_MSG_CHECKING([whether the $compiler linker ($LD) supports shared libraries])
+m4_if([$1], [CXX], [
+ _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
+ case $host_os in
+ aix[[4-9]]*)
+ # If we're using GNU nm, then we don't want the "-C" option.
+ # -C means demangle to AIX nm, but means don't demangle with GNU nm
+ if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then
+ _LT_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
+ else
+ _LT_TAGVAR(export_symbols_cmds, $1)='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
+ fi
+ ;;
+ pw32*)
+ _LT_TAGVAR(export_symbols_cmds, $1)="$ltdll_cmds"
+ ;;
+ cygwin* | mingw* | cegcc*)
+ _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/;/^.*[[ ]]__nm__/s/^.*[[ ]]__nm__\([[^ ]]*\)[[ ]][[^ ]]*/\1 DATA/;/^I[[ ]]/d;/^[[AITW]][[ ]]/s/.* //'\'' | sort | uniq > $export_symbols'
+ ;;
+ *)
+ _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
+ ;;
+ esac
+ _LT_TAGVAR(exclude_expsyms, $1)=['_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*']
+], [
+ runpath_var=
+ _LT_TAGVAR(allow_undefined_flag, $1)=
+ _LT_TAGVAR(always_export_symbols, $1)=no
+ _LT_TAGVAR(archive_cmds, $1)=
+ _LT_TAGVAR(archive_expsym_cmds, $1)=
+ _LT_TAGVAR(compiler_needs_object, $1)=no
+ _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)=
+ _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
+ _LT_TAGVAR(hardcode_automatic, $1)=no
+ _LT_TAGVAR(hardcode_direct, $1)=no
+ _LT_TAGVAR(hardcode_direct_absolute, $1)=no
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=
+ _LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)=
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=
+ _LT_TAGVAR(hardcode_minus_L, $1)=no
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported
+ _LT_TAGVAR(inherit_rpath, $1)=no
+ _LT_TAGVAR(link_all_deplibs, $1)=unknown
+ _LT_TAGVAR(module_cmds, $1)=
+ _LT_TAGVAR(module_expsym_cmds, $1)=
+ _LT_TAGVAR(old_archive_from_new_cmds, $1)=
+ _LT_TAGVAR(old_archive_from_expsyms_cmds, $1)=
+ _LT_TAGVAR(thread_safe_flag_spec, $1)=
+ _LT_TAGVAR(whole_archive_flag_spec, $1)=
+ # include_expsyms should be a list of space-separated symbols to be *always*
+ # included in the symbol list
+ _LT_TAGVAR(include_expsyms, $1)=
+ # exclude_expsyms can be an extended regexp of symbols to exclude
+ # it will be wrapped by ` (' and `)$', so one must not match beginning or
+ # end of line. Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc',
+ # as well as any symbol that contains `d'.
+ _LT_TAGVAR(exclude_expsyms, $1)=['_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*']
+ # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out
+ # platforms (ab)use it in PIC code, but their linkers get confused if
+ # the symbol is explicitly referenced. Since portable code cannot
+ # rely on this symbol name, it's probably fine to never include it in
+ # preloaded symbol tables.
+ # Exclude shared library initialization/finalization symbols.
+dnl Note also adjust exclude_expsyms for C++ above.
+ extract_expsyms_cmds=
+
+ case $host_os in
+ cygwin* | mingw* | pw32* | cegcc*)
+ # FIXME: the MSVC++ port hasn't been tested in a loooong time
+ # When not using gcc, we currently assume that we are using
+ # Microsoft Visual C++.
+ if test "$GCC" != yes; then
+ with_gnu_ld=no
+ fi
+ ;;
+ interix*)
+ # we just hope/assume this is gcc and not c89 (= MSVC++)
+ with_gnu_ld=yes
+ ;;
+ openbsd*)
+ with_gnu_ld=no
+ ;;
+ esac
+
+ _LT_TAGVAR(ld_shlibs, $1)=yes
+ if test "$with_gnu_ld" = yes; then
+ # If archive_cmds runs LD, not CC, wlarc should be empty
+ wlarc='${wl}'
+
+ # Set some defaults for GNU ld with shared library support. These
+ # are reset later if shared libraries are not supported. Putting them
+ # here allows them to be overridden if necessary.
+ runpath_var=LD_RUN_PATH
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
+ # ancient GNU ld didn't support --whole-archive et. al.
+ if $LD --help 2>&1 | $GREP 'no-whole-archive' > /dev/null; then
+ _LT_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive'
+ else
+ _LT_TAGVAR(whole_archive_flag_spec, $1)=
+ fi
+ supports_anon_versioning=no
+ case `$LD -v 2>&1` in
+ *\ [[01]].* | *\ 2.[[0-9]].* | *\ 2.10.*) ;; # catch versions < 2.11
+ *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ...
+ *\ 2.11.92.0.12\ *) supports_anon_versioning=yes ;; # Mandrake 8.2 ...
+ *\ 2.11.*) ;; # other 2.11 versions
+ *) supports_anon_versioning=yes ;;
+ esac
+
+ # See if GNU ld supports shared libraries.
+ case $host_os in
+ aix[[3-9]]*)
+ # On AIX/PPC, the GNU linker is very broken
+ if test "$host_cpu" != ia64; then
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ cat <<_LT_EOF 1>&2
+
+*** Warning: the GNU linker, at least up to release 2.9.1, is reported
+*** to be unable to reliably create shared libraries on AIX.
+*** Therefore, libtool is disabling shared libraries support. If you
+*** really care for shared libraries, you may want to modify your PATH
+*** so that a non-GNU linker is found, and then restart.
+
+_LT_EOF
+ fi
+ ;;
+
+ amigaos*)
+ case $host_cpu in
+ powerpc)
+ # see comment about AmigaOS4 .so support
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)=''
+ ;;
+ m68k)
+ _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_TAGVAR(hardcode_minus_L, $1)=yes
+ ;;
+ esac
+ ;;
+
+ beos*)
+ if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
+ _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+ # Joseph Beckenbach <jrb3 at best.com> says some releases of gcc
+ # support --undefined. This deserves some investigation. FIXME
+ _LT_TAGVAR(archive_cmds, $1)='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ else
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+
+ cygwin* | mingw* | pw32* | cegcc*)
+ # _LT_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless,
+ # as there is no search path for DLLs.
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+ _LT_TAGVAR(always_export_symbols, $1)=no
+ _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
+ _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/'\'' | $SED -e '\''/^[[AITW]][[ ]]/s/.*[[ ]]//'\'' | sort | uniq > $export_symbols'
+
+ if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+ # If the export-symbols file already is a .def file (1st line
+ # is EXPORTS), use it as is; otherwise, prepend...
+ _LT_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then
+ cp $export_symbols $output_objdir/$soname.def;
+ else
+ echo EXPORTS > $output_objdir/$soname.def;
+ cat $export_symbols >> $output_objdir/$soname.def;
+ fi~
+ $CC -shared $output_objdir/$soname.def $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+ else
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+
+ interix[[3-9]]*)
+ _LT_TAGVAR(hardcode_direct, $1)=no
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
+ # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc.
+ # Instead, shared libraries are loaded at an image base (0x10000000 by
+ # default) and relocated if they conflict, which is a slow very memory
+ # consuming and fragmenting process. To avoid this, we pick a random,
+ # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link
+ # time. Moving up from 0x10000000 also allows more sbrk(2) space.
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+ ;;
+
+ gnu* | linux* | tpf* | k*bsd*-gnu)
+ tmp_diet=no
+ if test "$host_os" = linux-dietlibc; then
+ case $cc_basename in
+ diet\ *) tmp_diet=yes;; # linux-dietlibc with static linking (!diet-dyn)
+ esac
+ fi
+ if $LD --help 2>&1 | $EGREP ': supported targets:.* elf' > /dev/null \
+ && test "$tmp_diet" = no
+ then
+ tmp_addflag=
+ tmp_sharedflag='-shared'
+ case $cc_basename,$host_cpu in
+ pgcc*) # Portland Group C compiler
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $ECHO \"$new_convenience\"` ${wl}--no-whole-archive'
+ tmp_addflag=' $pic_flag'
+ ;;
+ pgf77* | pgf90* | pgf95*) # Portland Group f77 and f90 compilers
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $ECHO \"$new_convenience\"` ${wl}--no-whole-archive'
+ tmp_addflag=' $pic_flag -Mnomain' ;;
+ ecc*,ia64* | icc*,ia64*) # Intel C compiler on ia64
+ tmp_addflag=' -i_dynamic' ;;
+ efc*,ia64* | ifort*,ia64*) # Intel Fortran compiler on ia64
+ tmp_addflag=' -i_dynamic -nofor_main' ;;
+ ifc* | ifort*) # Intel Fortran compiler
+ tmp_addflag=' -nofor_main' ;;
+ lf95*) # Lahey Fortran 8.1
+ _LT_TAGVAR(whole_archive_flag_spec, $1)=
+ tmp_sharedflag='--shared' ;;
+ xl[[cC]]*) # IBM XL C 8.0 on PPC (deal with xlf below)
+ tmp_sharedflag='-qmkshrobj'
+ tmp_addflag= ;;
+ esac
+ case `$CC -V 2>&1 | sed 5q` in
+ *Sun\ C*) # Sun C 5.9
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; $ECHO \"$new_convenience\"` ${wl}--no-whole-archive'
+ _LT_TAGVAR(compiler_needs_object, $1)=yes
+ tmp_sharedflag='-G' ;;
+ *Sun\ F*) # Sun Fortran 8.3
+ tmp_sharedflag='-G' ;;
+ esac
+ _LT_TAGVAR(archive_cmds, $1)='$CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+
+ if test "x$supports_anon_versioning" = xyes; then
+ _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~
+ cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
+ echo "local: *; };" >> $output_objdir/$libname.ver~
+ $CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib'
+ fi
+
+ case $cc_basename in
+ xlf*)
+ # IBM XL Fortran 10.1 on PPC cannot create shared libs itself
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='--whole-archive$convenience --no-whole-archive'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=
+ _LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)='-rpath $libdir'
+ _LT_TAGVAR(archive_cmds, $1)='$LD -shared $libobjs $deplibs $compiler_flags -soname $soname -o $lib'
+ if test "x$supports_anon_versioning" = xyes; then
+ _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~
+ cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
+ echo "local: *; };" >> $output_objdir/$libname.ver~
+ $LD -shared $libobjs $deplibs $compiler_flags -soname $soname -version-script $output_objdir/$libname.ver -o $lib'
+ fi
+ ;;
+ esac
+ else
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+
+ netbsd*)
+ if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
+ _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib'
+ wlarc=
+ else
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+ fi
+ ;;
+
+ solaris*)
+ if $LD -v 2>&1 | $GREP 'BFD 2\.8' > /dev/null; then
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ cat <<_LT_EOF 1>&2
+
+*** Warning: The releases 2.8.* of the GNU linker cannot reliably
+*** create shared libraries on Solaris systems. Therefore, libtool
+*** is disabling shared libraries support. We urge you to upgrade GNU
+*** binutils to release 2.9.1 or newer. Another option is to modify
+*** your PATH or compiler configuration so that the native linker is
+*** used, and then restart.
+
+_LT_EOF
+ elif $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+ else
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+
+ sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*)
+ case `$LD -v 2>&1` in
+ *\ [[01]].* | *\ 2.[[0-9]].* | *\ 2.1[[0-5]].*)
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ cat <<_LT_EOF 1>&2
+
+*** Warning: Releases of the GNU linker prior to 2.16.91.0.3 can not
+*** reliably create shared libraries on SCO systems. Therefore, libtool
+*** is disabling shared libraries support. We urge you to upgrade GNU
+*** binutils to release 2.16.91.0.3 or newer. Another option is to modify
+*** your PATH or compiler configuration so that the native linker is
+*** used, and then restart.
+
+_LT_EOF
+ ;;
+ *)
+ # For security reasons, it is highly recommended that you always
+ # use absolute paths for naming shared libraries, and exclude the
+ # DT_RUNPATH tag from executables and libraries. But doing so
+ # requires that you compile everything twice, which is a pain.
+ if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+ else
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+ esac
+ ;;
+
+ sunos4*)
+ _LT_TAGVAR(archive_cmds, $1)='$LD -assert pure-text -Bshareable -o $lib $libobjs $deplibs $linker_flags'
+ wlarc=
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ *)
+ if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+ else
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+ esac
+
+ if test "$_LT_TAGVAR(ld_shlibs, $1)" = no; then
+ runpath_var=
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)=
+ _LT_TAGVAR(whole_archive_flag_spec, $1)=
+ fi
+ else
+ # PORTME fill in a description of your system's linker (not GNU ld)
+ case $host_os in
+ aix3*)
+ _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+ _LT_TAGVAR(always_export_symbols, $1)=yes
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$LD -o $output_objdir/$soname $libobjs $deplibs $linker_flags -bE:$export_symbols -T512 -H512 -bM:SRE~$AR $AR_FLAGS $lib $output_objdir/$soname'
+ # Note: this linker hardcodes the directories in LIBPATH if there
+ # are no directories specified by -L.
+ _LT_TAGVAR(hardcode_minus_L, $1)=yes
+ if test "$GCC" = yes && test -z "$lt_prog_compiler_static"; then
+ # Neither direct hardcoding nor static linking is supported with a
+ # broken collect2.
+ _LT_TAGVAR(hardcode_direct, $1)=unsupported
+ fi
+ ;;
+
+ aix[[4-9]]*)
+ if test "$host_cpu" = ia64; then
+ # On IA64, the linker does run time linking by default, so we don't
+ # have to do anything special.
+ aix_use_runtimelinking=no
+ exp_sym_flag='-Bexport'
+ no_entry_flag=""
+ else
+ # If we're using GNU nm, then we don't want the "-C" option.
+ # -C means demangle to AIX nm, but means don't demangle with GNU nm
+ if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then
+ _LT_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
+ else
+ _LT_TAGVAR(export_symbols_cmds, $1)='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
+ fi
+ aix_use_runtimelinking=no
+
+ # Test if we are trying to use run time linking or normal
+ # AIX style linking. If -brtl is somewhere in LDFLAGS, we
+ # need to do runtime linking.
+ case $host_os in aix4.[[23]]|aix4.[[23]].*|aix[[5-9]]*)
+ for ld_flag in $LDFLAGS; do
+ if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then
+ aix_use_runtimelinking=yes
+ break
+ fi
+ done
+ ;;
+ esac
+
+ exp_sym_flag='-bexport'
+ no_entry_flag='-bnoentry'
+ fi
+
+ # When large executables or shared objects are built, AIX ld can
+ # have problems creating the table of contents. If linking a library
+ # or program results in "error TOC overflow" add -mminimal-toc to
+ # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not
+ # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS.
+
+ _LT_TAGVAR(archive_cmds, $1)=''
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_direct_absolute, $1)=yes
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=':'
+ _LT_TAGVAR(link_all_deplibs, $1)=yes
+ _LT_TAGVAR(file_list_spec, $1)='${wl}-f,'
+
+ if test "$GCC" = yes; then
+ case $host_os in aix4.[[012]]|aix4.[[012]].*)
+ # We only want to do this on AIX 4.2 and lower, the check
+ # below for broken collect2 doesn't work under 4.3+
+ collect2name=`${CC} -print-prog-name=collect2`
+ if test -f "$collect2name" &&
+ strings "$collect2name" | $GREP resolve_lib_name >/dev/null
+ then
+ # We have reworked collect2
+ :
+ else
+ # We have old collect2
+ _LT_TAGVAR(hardcode_direct, $1)=unsupported
+ # It fails to find uninstalled libraries when the uninstalled
+ # path is not listed in the libpath. Setting hardcode_minus_L
+ # to unsupported forces relinking
+ _LT_TAGVAR(hardcode_minus_L, $1)=yes
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=
+ fi
+ ;;
+ esac
+ shared_flag='-shared'
+ if test "$aix_use_runtimelinking" = yes; then
+ shared_flag="$shared_flag "'${wl}-G'
+ fi
+ else
+ # not using gcc
+ if test "$host_cpu" = ia64; then
+ # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release
+ # chokes on -Wl,-G. The following line is correct:
+ shared_flag='-G'
+ else
+ if test "$aix_use_runtimelinking" = yes; then
+ shared_flag='${wl}-G'
+ else
+ shared_flag='${wl}-bM:SRE'
+ fi
+ fi
+ fi
+
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-bexpall'
+ # It seems that -bexpall does not export symbols beginning with
+ # underscore (_), so it is better to generate a list of symbols to export.
+ _LT_TAGVAR(always_export_symbols, $1)=yes
+ if test "$aix_use_runtimelinking" = yes; then
+ # Warning - without using the other runtime loading flags (-brtl),
+ # -berok will link without error, but may produce a broken library.
+ _LT_TAGVAR(allow_undefined_flag, $1)='-berok'
+ # Determine the default libpath from the value encoded in an
+ # empty executable.
+ _LT_SYS_MODULE_PATH_AIX
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath"
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then $ECHO "X${wl}${allow_undefined_flag}" | $Xsed; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag"
+ else
+ if test "$host_cpu" = ia64; then
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $libdir:/usr/lib:/lib'
+ _LT_TAGVAR(allow_undefined_flag, $1)="-z nodefs"
+ _LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols"
+ else
+ # Determine the default libpath from the value encoded in an
+ # empty executable.
+ _LT_SYS_MODULE_PATH_AIX
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath"
+ # Warning - without using the other run time loading flags,
+ # -berok will link without error, but may produce a broken library.
+ _LT_TAGVAR(no_undefined_flag, $1)=' ${wl}-bernotok'
+ _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-berok'
+ # Exported symbols can be pulled into shared objects from archives
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='$convenience'
+ _LT_TAGVAR(archive_cmds_need_lc, $1)=yes
+ # This is similar to how AIX traditionally builds its shared libraries.
+ _LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname'
+ fi
+ fi
+ ;;
+
+ amigaos*)
+ case $host_cpu in
+ powerpc)
+ # see comment about AmigaOS4 .so support
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)=''
+ ;;
+ m68k)
+ _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_TAGVAR(hardcode_minus_L, $1)=yes
+ ;;
+ esac
+ ;;
+
+ bsdi[[45]]*)
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)=-rdynamic
+ ;;
+
+ cygwin* | mingw* | pw32* | cegcc*)
+ # When not using gcc, we currently assume that we are using
+ # Microsoft Visual C++.
+ # hardcode_libdir_flag_spec is actually meaningless, as there is
+ # no search path for DLLs.
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' '
+ _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+ # Tell ltmain to make .lib files, not .a files.
+ libext=lib
+ # Tell ltmain to make .dll files, not .so files.
+ shrext_cmds=".dll"
+ # FIXME: Setting linknames here is a bad hack.
+ _LT_TAGVAR(archive_cmds, $1)='$CC -o $lib $libobjs $compiler_flags `$ECHO "X$deplibs" | $Xsed -e '\''s/ -lc$//'\''` -link -dll~linknames='
+ # The linker will automatically build a .lib file if we build a DLL.
+ _LT_TAGVAR(old_archive_from_new_cmds, $1)='true'
+ # FIXME: Should let the user specify the lib program.
+ _LT_TAGVAR(old_archive_cmds, $1)='lib -OUT:$oldlib$oldobjs$old_deplibs'
+ _LT_TAGVAR(fix_srcfile_path, $1)='`cygpath -w "$srcfile"`'
+ _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
+ ;;
+
+ darwin* | rhapsody*)
+ _LT_DARWIN_LINKER_FEATURES($1)
+ ;;
+
+ dgux*)
+ _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ freebsd1*)
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+
+ # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor
+ # support. Future versions do this automatically, but an explicit c++rt0.o
+ # does not break anything, and helps significantly (at the cost of a little
+ # extra space).
+ freebsd2.2*)
+ _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags /usr/lib/c++rt0.o'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ # Unfortunately, older versions of FreeBSD 2 do not have this feature.
+ freebsd2*)
+ _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags'
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_minus_L, $1)=yes
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ # FreeBSD 3 and greater uses gcc -shared to do shared libraries.
+ freebsd* | dragonfly*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ hpux9*)
+ if test "$GCC" = yes; then
+ _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -shared -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
+ else
+ _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
+ fi
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ _LT_TAGVAR(hardcode_minus_L, $1)=yes
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
+ ;;
+
+ hpux10*)
+ if test "$GCC" = yes -a "$with_gnu_ld" = no; then
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ _LT_TAGVAR(archive_cmds, $1)='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags'
+ fi
+ if test "$with_gnu_ld" = no; then
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir'
+ _LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)='+b $libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_direct_absolute, $1)=yes
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ _LT_TAGVAR(hardcode_minus_L, $1)=yes
+ fi
+ ;;
+
+ hpux11*)
+ if test "$GCC" = yes -a "$with_gnu_ld" = no; then
+ case $host_cpu in
+ hppa*64*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ ia64*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ *)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ esac
+ else
+ case $host_cpu in
+ hppa*64*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ ia64*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ *)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ esac
+ fi
+ if test "$with_gnu_ld" = no; then
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+
+ case $host_cpu in
+ hppa*64*|ia64*)
+ _LT_TAGVAR(hardcode_direct, $1)=no
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+ *)
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_direct_absolute, $1)=yes
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
+
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ _LT_TAGVAR(hardcode_minus_L, $1)=yes
+ ;;
+ esac
+ fi
+ ;;
+
+ irix5* | irix6* | nonstopux*)
+ if test "$GCC" = yes; then
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+ # Try to use the -exported_symbol ld option, if it does not
+ # work, assume that -exports_file does not work either and
+ # implicitly export all symbols.
+ save_LDFLAGS="$LDFLAGS"
+ LDFLAGS="$LDFLAGS -shared ${wl}-exported_symbol ${wl}foo ${wl}-update_registry ${wl}/dev/null"
+ AC_LINK_IFELSE(int foo(void) {},
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations ${wl}-exports_file ${wl}$export_symbols -o $lib'
+ )
+ LDFLAGS="$save_LDFLAGS"
+ else
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -exports_file $export_symbols -o $lib'
+ fi
+ _LT_TAGVAR(archive_cmds_need_lc, $1)='no'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+ _LT_TAGVAR(inherit_rpath, $1)=yes
+ _LT_TAGVAR(link_all_deplibs, $1)=yes
+ ;;
+
+ netbsd*)
+ if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
+ _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out
+ else
+ _LT_TAGVAR(archive_cmds, $1)='$LD -shared -o $lib $libobjs $deplibs $linker_flags' # ELF
+ fi
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ newsos6)
+ _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ *nto* | *qnx*)
+ ;;
+
+ openbsd*)
+ if test -f /usr/libexec/ld.so; then
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ _LT_TAGVAR(hardcode_direct_absolute, $1)=yes
+ if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-retain-symbols-file,$export_symbols'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
+ else
+ case $host_os in
+ openbsd[[01]].* | openbsd2.[[0-7]] | openbsd2.[[0-7]].*)
+ _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+ ;;
+ *)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
+ ;;
+ esac
+ fi
+ else
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+
+ os2*)
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_TAGVAR(hardcode_minus_L, $1)=yes
+ _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+ _LT_TAGVAR(archive_cmds, $1)='$ECHO "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~$ECHO DATA >> $output_objdir/$libname.def~$ECHO " SINGLE NONSHARED" >> $output_objdir/$libname.def~$ECHO EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def'
+ _LT_TAGVAR(old_archive_from_new_cmds, $1)='emximp -o $output_objdir/$libname.a $output_objdir/$libname.def'
+ ;;
+
+ osf3*)
+ if test "$GCC" = yes; then
+ _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+ else
+ _LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib'
+ fi
+ _LT_TAGVAR(archive_cmds_need_lc, $1)='no'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+ ;;
+
+ osf4* | osf5*) # as osf3* with the addition of -msym flag
+ if test "$GCC" = yes; then
+ _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+ else
+ _LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -msym -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; printf "%s\\n" "-hidden">> $lib.exp~
+ $CC -shared${allow_undefined_flag} ${wl}-input ${wl}$lib.exp $compiler_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib~$RM $lib.exp'
+
+ # Both c and cxx compiler support -rpath directly
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir'
+ fi
+ _LT_TAGVAR(archive_cmds_need_lc, $1)='no'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+ ;;
+
+ solaris*)
+ _LT_TAGVAR(no_undefined_flag, $1)=' -z defs'
+ if test "$GCC" = yes; then
+ wlarc='${wl}'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-z ${wl}text ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+ $CC -shared ${wl}-z ${wl}text ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp'
+ else
+ case `$CC -V 2>&1` in
+ *"Compilers 5.0"*)
+ wlarc=''
+ _LT_TAGVAR(archive_cmds, $1)='$LD -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+ $LD -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $linker_flags~$RM $lib.exp'
+ ;;
+ *)
+ wlarc='${wl}'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+ $CC -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp'
+ ;;
+ esac
+ fi
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ case $host_os in
+ solaris2.[[0-5]] | solaris2.[[0-5]].*) ;;
+ *)
+ # The compiler driver will combine and reorder linker options,
+ # but understands `-z linker_flag'. GCC discards it without `$wl',
+ # but is careful enough not to reorder.
+ # Supported since Solaris 2.6 (maybe 2.5.1?)
+ if test "$GCC" = yes; then
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}-z ${wl}allextract$convenience ${wl}-z ${wl}defaultextract'
+ else
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='-z allextract$convenience -z defaultextract'
+ fi
+ ;;
+ esac
+ _LT_TAGVAR(link_all_deplibs, $1)=yes
+ ;;
+
+ sunos4*)
+ if test "x$host_vendor" = xsequent; then
+ # Use $CC to link under sequent, because it throws in some extra .o
+ # files that make .init and .fini sections work.
+ _LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h $soname -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ _LT_TAGVAR(archive_cmds, $1)='$LD -assert pure-text -Bstatic -o $lib $libobjs $deplibs $linker_flags'
+ fi
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_minus_L, $1)=yes
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ sysv4)
+ case $host_vendor in
+ sni)
+ _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ _LT_TAGVAR(hardcode_direct, $1)=yes # is this really true???
+ ;;
+ siemens)
+ ## LD is ld it makes a PLAMLIB
+ ## CC just makes a GrossModule.
+ _LT_TAGVAR(archive_cmds, $1)='$LD -G -o $lib $libobjs $deplibs $linker_flags'
+ _LT_TAGVAR(reload_cmds, $1)='$CC -r -o $output$reload_objs'
+ _LT_TAGVAR(hardcode_direct, $1)=no
+ ;;
+ motorola)
+ _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ _LT_TAGVAR(hardcode_direct, $1)=no #Motorola manual says yes, but my tests say they lie
+ ;;
+ esac
+ runpath_var='LD_RUN_PATH'
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ sysv4.3*)
+ _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='-Bexport'
+ ;;
+
+ sysv4*MP*)
+ if test -d /usr/nec; then
+ _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ runpath_var=LD_RUN_PATH
+ hardcode_runpath_var=yes
+ _LT_TAGVAR(ld_shlibs, $1)=yes
+ fi
+ ;;
+
+ sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[[01]].[[10]]* | unixware7* | sco3.2v5.0.[[024]]*)
+ _LT_TAGVAR(no_undefined_flag, $1)='${wl}-z,text'
+ _LT_TAGVAR(archive_cmds_need_lc, $1)=no
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ runpath_var='LD_RUN_PATH'
+
+ if test "$GCC" = yes; then
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ _LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ fi
+ ;;
+
+ sysv5* | sco3.2v5* | sco5v6*)
+ # Note: We can NOT use -z defs as we might desire, because we do not
+ # link with -lc, and that would cause any symbols used from libc to
+ # always be unresolved, which means just about no library would
+ # ever link correctly. If we're not using GNU ld we use -z text
+ # though, which does catch some bad symbols but isn't as heavy-handed
+ # as -z defs.
+ _LT_TAGVAR(no_undefined_flag, $1)='${wl}-z,text'
+ _LT_TAGVAR(allow_undefined_flag, $1)='${wl}-z,nodefs'
+ _LT_TAGVAR(archive_cmds_need_lc, $1)=no
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R,$libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=':'
+ _LT_TAGVAR(link_all_deplibs, $1)=yes
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-Bexport'
+ runpath_var='LD_RUN_PATH'
+
+ if test "$GCC" = yes; then
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ _LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ fi
+ ;;
+
+ uts4*)
+ _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ *)
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ esac
+
+ if test x$host_vendor = xsni; then
+ case $host in
+ sysv4 | sysv4.2uw2* | sysv4.3* | sysv5*)
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-Blargedynsym'
+ ;;
+ esac
+ fi
+ fi
+])
+AC_MSG_RESULT([$_LT_TAGVAR(ld_shlibs, $1)])
+test "$_LT_TAGVAR(ld_shlibs, $1)" = no && can_build_shared=no
+
+_LT_TAGVAR(with_gnu_ld, $1)=$with_gnu_ld
+
+_LT_DECL([], [libext], [0], [Old archive suffix (normally "a")])dnl
+_LT_DECL([], [shrext_cmds], [1], [Shared library suffix (normally ".so")])dnl
+_LT_DECL([], [extract_expsyms_cmds], [2],
+ [The commands to extract the exported symbol list from a shared archive])
+
+#
+# Do we need to explicitly link libc?
+#
+case "x$_LT_TAGVAR(archive_cmds_need_lc, $1)" in
+x|xyes)
+ # Assume -lc should be added
+ _LT_TAGVAR(archive_cmds_need_lc, $1)=yes
+
+ if test "$enable_shared" = yes && test "$GCC" = yes; then
+ case $_LT_TAGVAR(archive_cmds, $1) in
+ *'~'*)
+ # FIXME: we may have to deal with multi-command sequences.
+ ;;
+ '$CC '*)
+ # Test whether the compiler implicitly links with -lc since on some
+ # systems, -lgcc has to come before -lc. If gcc already passes -lc
+ # to ld, don't add -lc before -lgcc.
+ AC_MSG_CHECKING([whether -lc should be explicitly linked in])
+ $RM conftest*
+ echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+ if AC_TRY_EVAL(ac_compile) 2>conftest.err; then
+ soname=conftest
+ lib=conftest
+ libobjs=conftest.$ac_objext
+ deplibs=
+ wl=$_LT_TAGVAR(lt_prog_compiler_wl, $1)
+ pic_flag=$_LT_TAGVAR(lt_prog_compiler_pic, $1)
+ compiler_flags=-v
+ linker_flags=-v
+ verstring=
+ output_objdir=.
+ libname=conftest
+ lt_save_allow_undefined_flag=$_LT_TAGVAR(allow_undefined_flag, $1)
+ _LT_TAGVAR(allow_undefined_flag, $1)=
+ if AC_TRY_EVAL(_LT_TAGVAR(archive_cmds, $1) 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1)
+ then
+ _LT_TAGVAR(archive_cmds_need_lc, $1)=no
+ else
+ _LT_TAGVAR(archive_cmds_need_lc, $1)=yes
+ fi
+ _LT_TAGVAR(allow_undefined_flag, $1)=$lt_save_allow_undefined_flag
+ else
+ cat conftest.err 1>&5
+ fi
+ $RM conftest*
+ AC_MSG_RESULT([$_LT_TAGVAR(archive_cmds_need_lc, $1)])
+ ;;
+ esac
+ fi
+ ;;
+esac
+
+_LT_TAGDECL([build_libtool_need_lc], [archive_cmds_need_lc], [0],
+ [Whether or not to add -lc for building shared libraries])
+_LT_TAGDECL([allow_libtool_libs_with_static_runtimes],
+ [enable_shared_with_static_runtimes], [0],
+ [Whether or not to disallow shared libs when runtime libs are static])
+_LT_TAGDECL([], [export_dynamic_flag_spec], [1],
+ [Compiler flag to allow reflexive dlopens])
+_LT_TAGDECL([], [whole_archive_flag_spec], [1],
+ [Compiler flag to generate shared objects directly from archives])
+_LT_TAGDECL([], [compiler_needs_object], [1],
+ [Whether the compiler copes with passing no objects directly])
+_LT_TAGDECL([], [old_archive_from_new_cmds], [2],
+ [Create an old-style archive from a shared archive])
+_LT_TAGDECL([], [old_archive_from_expsyms_cmds], [2],
+ [Create a temporary old-style archive to link instead of a shared archive])
+_LT_TAGDECL([], [archive_cmds], [2], [Commands used to build a shared archive])
+_LT_TAGDECL([], [archive_expsym_cmds], [2])
+_LT_TAGDECL([], [module_cmds], [2],
+ [Commands used to build a loadable module if different from building
+ a shared archive.])
+_LT_TAGDECL([], [module_expsym_cmds], [2])
+_LT_TAGDECL([], [with_gnu_ld], [1],
+ [Whether we are building with GNU ld or not])
+_LT_TAGDECL([], [allow_undefined_flag], [1],
+ [Flag that allows shared libraries with undefined symbols to be built])
+_LT_TAGDECL([], [no_undefined_flag], [1],
+ [Flag that enforces no undefined symbols])
+_LT_TAGDECL([], [hardcode_libdir_flag_spec], [1],
+ [Flag to hardcode $libdir into a binary during linking.
+ This must work even if $libdir does not exist])
+_LT_TAGDECL([], [hardcode_libdir_flag_spec_ld], [1],
+ [[If ld is used when linking, flag to hardcode $libdir into a binary
+ during linking. This must work even if $libdir does not exist]])
+_LT_TAGDECL([], [hardcode_libdir_separator], [1],
+ [Whether we need a single "-rpath" flag with a separated argument])
+_LT_TAGDECL([], [hardcode_direct], [0],
+ [Set to "yes" if using DIR/libNAME${shared_ext} during linking hardcodes
+ DIR into the resulting binary])
+_LT_TAGDECL([], [hardcode_direct_absolute], [0],
+ [Set to "yes" if using DIR/libNAME${shared_ext} during linking hardcodes
+ DIR into the resulting binary and the resulting library dependency is
+ "absolute", i.e impossible to change by setting ${shlibpath_var} if the
+ library is relocated])
+_LT_TAGDECL([], [hardcode_minus_L], [0],
+ [Set to "yes" if using the -LDIR flag during linking hardcodes DIR
+ into the resulting binary])
+_LT_TAGDECL([], [hardcode_shlibpath_var], [0],
+ [Set to "yes" if using SHLIBPATH_VAR=DIR during linking hardcodes DIR
+ into the resulting binary])
+_LT_TAGDECL([], [hardcode_automatic], [0],
+ [Set to "yes" if building a shared library automatically hardcodes DIR
+ into the library and all subsequent libraries and executables linked
+ against it])
+_LT_TAGDECL([], [inherit_rpath], [0],
+ [Set to yes if linker adds runtime paths of dependent libraries
+ to runtime path list])
+_LT_TAGDECL([], [link_all_deplibs], [0],
+ [Whether libtool must link a program against all its dependency libraries])
+_LT_TAGDECL([], [fix_srcfile_path], [1],
+ [Fix the shell variable $srcfile for the compiler])
+_LT_TAGDECL([], [always_export_symbols], [0],
+ [Set to "yes" if exported symbols are required])
+_LT_TAGDECL([], [export_symbols_cmds], [2],
+ [The commands to list exported symbols])
+_LT_TAGDECL([], [exclude_expsyms], [1],
+ [Symbols that should not be listed in the preloaded symbols])
+_LT_TAGDECL([], [include_expsyms], [1],
+ [Symbols that must always be exported])
+_LT_TAGDECL([], [prelink_cmds], [2],
+ [Commands necessary for linking programs (against libraries) with templates])
+_LT_TAGDECL([], [file_list_spec], [1],
+ [Specify filename containing input files])
+dnl FIXME: Not yet implemented
+dnl _LT_TAGDECL([], [thread_safe_flag_spec], [1],
+dnl [Compiler flag to generate thread safe objects])
+])# _LT_LINKER_SHLIBS
+
+
+# _LT_LANG_C_CONFIG([TAG])
+# ------------------------
+# Ensure that the configuration variables for a C compiler are suitably
+# defined. These variables are subsequently used by _LT_CONFIG to write
+# the compiler configuration to `libtool'.
+m4_defun([_LT_LANG_C_CONFIG],
+[m4_require([_LT_DECL_EGREP])dnl
+lt_save_CC="$CC"
+AC_LANG_PUSH(C)
+
+# Source file extension for C test sources.
+ac_ext=c
+
+# Object file extension for compiled C test sources.
+objext=o
+_LT_TAGVAR(objext, $1)=$objext
+
+# Code to be used in simple compile tests
+lt_simple_compile_test_code="int some_variable = 0;"
+
+# Code to be used in simple link tests
+lt_simple_link_test_code='int main(){return(0);}'
+
+_LT_TAG_COMPILER
+# Save the default compiler, since it gets overwritten when the other
+# tags are being tested, and _LT_TAGVAR(compiler, []) is a NOP.
+compiler_DEFAULT=$CC
+
+# save warnings/boilerplate of simple test code
+_LT_COMPILER_BOILERPLATE
+_LT_LINKER_BOILERPLATE
+
+## CAVEAT EMPTOR:
+## There is no encapsulation within the following macros, do not change
+## the running order or otherwise move them around unless you know exactly
+## what you are doing...
+if test -n "$compiler"; then
+ _LT_COMPILER_NO_RTTI($1)
+ _LT_COMPILER_PIC($1)
+ _LT_COMPILER_C_O($1)
+ _LT_COMPILER_FILE_LOCKS($1)
+ _LT_LINKER_SHLIBS($1)
+ _LT_SYS_DYNAMIC_LINKER($1)
+ _LT_LINKER_HARDCODE_LIBPATH($1)
+ LT_SYS_DLOPEN_SELF
+ _LT_CMD_STRIPLIB
+
+ # Report which library types will actually be built
+ AC_MSG_CHECKING([if libtool supports shared libraries])
+ AC_MSG_RESULT([$can_build_shared])
+
+ AC_MSG_CHECKING([whether to build shared libraries])
+ test "$can_build_shared" = "no" && enable_shared=no
+
+ # On AIX, shared libraries and static libraries use the same namespace, and
+ # are all built from PIC.
+ case $host_os in
+ aix3*)
+ test "$enable_shared" = yes && enable_static=no
+ if test -n "$RANLIB"; then
+ archive_cmds="$archive_cmds~\$RANLIB \$lib"
+ postinstall_cmds='$RANLIB $lib'
+ fi
+ ;;
+
+ aix[[4-9]]*)
+ if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then
+ test "$enable_shared" = yes && enable_static=no
+ fi
+ ;;
+ esac
+ AC_MSG_RESULT([$enable_shared])
+
+ AC_MSG_CHECKING([whether to build static libraries])
+ # Make sure either enable_shared or enable_static is yes.
+ test "$enable_shared" = yes || enable_static=yes
+ AC_MSG_RESULT([$enable_static])
+
+ _LT_CONFIG($1)
+fi
+AC_LANG_POP
+CC="$lt_save_CC"
+])# _LT_LANG_C_CONFIG
+
+
+# _LT_PROG_CXX
+# ------------
+# Since AC_PROG_CXX is broken, in that it returns g++ if there is no c++
+# compiler, we have our own version here.
+m4_defun([_LT_PROG_CXX],
+[
+pushdef([AC_MSG_ERROR], [_lt_caught_CXX_error=yes])
+AC_PROG_CXX
+if test -n "$CXX" && ( test "X$CXX" != "Xno" &&
+ ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) ||
+ (test "X$CXX" != "Xg++"))) ; then
+ AC_PROG_CXXCPP
+else
+ _lt_caught_CXX_error=yes
+fi
+popdef([AC_MSG_ERROR])
+])# _LT_PROG_CXX
+
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([_LT_PROG_CXX], [])
+
+
+# _LT_LANG_CXX_CONFIG([TAG])
+# --------------------------
+# Ensure that the configuration variables for a C++ compiler are suitably
+# defined. These variables are subsequently used by _LT_CONFIG to write
+# the compiler configuration to `libtool'.
+m4_defun([_LT_LANG_CXX_CONFIG],
+[AC_REQUIRE([_LT_PROG_CXX])dnl
+m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+m4_require([_LT_DECL_EGREP])dnl
+
+AC_LANG_PUSH(C++)
+_LT_TAGVAR(archive_cmds_need_lc, $1)=no
+_LT_TAGVAR(allow_undefined_flag, $1)=
+_LT_TAGVAR(always_export_symbols, $1)=no
+_LT_TAGVAR(archive_expsym_cmds, $1)=
+_LT_TAGVAR(compiler_needs_object, $1)=no
+_LT_TAGVAR(export_dynamic_flag_spec, $1)=
+_LT_TAGVAR(hardcode_direct, $1)=no
+_LT_TAGVAR(hardcode_direct_absolute, $1)=no
+_LT_TAGVAR(hardcode_libdir_flag_spec, $1)=
+_LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)=
+_LT_TAGVAR(hardcode_libdir_separator, $1)=
+_LT_TAGVAR(hardcode_minus_L, $1)=no
+_LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported
+_LT_TAGVAR(hardcode_automatic, $1)=no
+_LT_TAGVAR(inherit_rpath, $1)=no
+_LT_TAGVAR(module_cmds, $1)=
+_LT_TAGVAR(module_expsym_cmds, $1)=
+_LT_TAGVAR(link_all_deplibs, $1)=unknown
+_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
+_LT_TAGVAR(no_undefined_flag, $1)=
+_LT_TAGVAR(whole_archive_flag_spec, $1)=
+_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no
+
+# Source file extension for C++ test sources.
+ac_ext=cpp
+
+# Object file extension for compiled C++ test sources.
+objext=o
+_LT_TAGVAR(objext, $1)=$objext
+
+# No sense in running all these tests if we already determined that
+# the CXX compiler isn't working. Some variables (like enable_shared)
+# are currently assumed to apply to all compilers on this platform,
+# and will be corrupted by setting them based on a non-working compiler.
+if test "$_lt_caught_CXX_error" != yes; then
+ # Code to be used in simple compile tests
+ lt_simple_compile_test_code="int some_variable = 0;"
+
+ # Code to be used in simple link tests
+ lt_simple_link_test_code='int main(int, char *[[]]) { return(0); }'
+
+ # ltmain only uses $CC for tagged configurations so make sure $CC is set.
+ _LT_TAG_COMPILER
+
+ # save warnings/boilerplate of simple test code
+ _LT_COMPILER_BOILERPLATE
+ _LT_LINKER_BOILERPLATE
+
+ # Allow CC to be a program name with arguments.
+ lt_save_CC=$CC
+ lt_save_LD=$LD
+ lt_save_GCC=$GCC
+ GCC=$GXX
+ lt_save_with_gnu_ld=$with_gnu_ld
+ lt_save_path_LD=$lt_cv_path_LD
+ if test -n "${lt_cv_prog_gnu_ldcxx+set}"; then
+ lt_cv_prog_gnu_ld=$lt_cv_prog_gnu_ldcxx
+ else
+ $as_unset lt_cv_prog_gnu_ld
+ fi
+ if test -n "${lt_cv_path_LDCXX+set}"; then
+ lt_cv_path_LD=$lt_cv_path_LDCXX
+ else
+ $as_unset lt_cv_path_LD
+ fi
+ test -z "${LDCXX+set}" || LD=$LDCXX
+ CC=${CXX-"c++"}
+ compiler=$CC
+ _LT_TAGVAR(compiler, $1)=$CC
+ _LT_CC_BASENAME([$compiler])
+
+ if test -n "$compiler"; then
+ # We don't want -fno-exception when compiling C++ code, so set the
+ # no_builtin_flag separately
+ if test "$GXX" = yes; then
+ _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -fno-builtin'
+ else
+ _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=
+ fi
+
+ if test "$GXX" = yes; then
+ # Set up default GNU C++ configuration
+
+ LT_PATH_LD
+
+ # Check if GNU C++ uses GNU ld as the underlying linker, since the
+ # archiving commands below assume that GNU ld is being used.
+ if test "$with_gnu_ld" = yes; then
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
+
+ # If archive_cmds runs LD, not CC, wlarc should be empty
+ # XXX I think wlarc can be eliminated in ltcf-cxx, but I need to
+ # investigate it a little bit more. (MM)
+ wlarc='${wl}'
+
+ # ancient GNU ld didn't support --whole-archive et. al.
+ if eval "`$CC -print-prog-name=ld` --help 2>&1" |
+ $GREP 'no-whole-archive' > /dev/null; then
+ _LT_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive'
+ else
+ _LT_TAGVAR(whole_archive_flag_spec, $1)=
+ fi
+ else
+ with_gnu_ld=no
+ wlarc=
+
+ # A generic and very simple default shared library creation
+ # command for GNU C++ for the case where it uses the native
+ # linker, instead of GNU ld. If possible, this setting should
+ # overridden to take advantage of the native linker features on
+ # the platform it is being used on.
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib'
+ fi
+
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "\-L"'
+
+ else
+ GXX=no
+ with_gnu_ld=no
+ wlarc=
+ fi
+
+ # PORTME: fill in a description of your system's C++ link characteristics
+ AC_MSG_CHECKING([whether the $compiler linker ($LD) supports shared libraries])
+ _LT_TAGVAR(ld_shlibs, $1)=yes
+ case $host_os in
+ aix3*)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ aix[[4-9]]*)
+ if test "$host_cpu" = ia64; then
+ # On IA64, the linker does run time linking by default, so we don't
+ # have to do anything special.
+ aix_use_runtimelinking=no
+ exp_sym_flag='-Bexport'
+ no_entry_flag=""
+ else
+ aix_use_runtimelinking=no
+
+ # Test if we are trying to use run time linking or normal
+ # AIX style linking. If -brtl is somewhere in LDFLAGS, we
+ # need to do runtime linking.
+ case $host_os in aix4.[[23]]|aix4.[[23]].*|aix[[5-9]]*)
+ for ld_flag in $LDFLAGS; do
+ case $ld_flag in
+ *-brtl*)
+ aix_use_runtimelinking=yes
+ break
+ ;;
+ esac
+ done
+ ;;
+ esac
+
+ exp_sym_flag='-bexport'
+ no_entry_flag='-bnoentry'
+ fi
+
+ # When large executables or shared objects are built, AIX ld can
+ # have problems creating the table of contents. If linking a library
+ # or program results in "error TOC overflow" add -mminimal-toc to
+ # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not
+ # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS.
+
+ _LT_TAGVAR(archive_cmds, $1)=''
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_direct_absolute, $1)=yes
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=':'
+ _LT_TAGVAR(link_all_deplibs, $1)=yes
+ _LT_TAGVAR(file_list_spec, $1)='${wl}-f,'
+
+ if test "$GXX" = yes; then
+ case $host_os in aix4.[[012]]|aix4.[[012]].*)
+ # We only want to do this on AIX 4.2 and lower, the check
+ # below for broken collect2 doesn't work under 4.3+
+ collect2name=`${CC} -print-prog-name=collect2`
+ if test -f "$collect2name" &&
+ strings "$collect2name" | $GREP resolve_lib_name >/dev/null
+ then
+ # We have reworked collect2
+ :
+ else
+ # We have old collect2
+ _LT_TAGVAR(hardcode_direct, $1)=unsupported
+ # It fails to find uninstalled libraries when the uninstalled
+ # path is not listed in the libpath. Setting hardcode_minus_L
+ # to unsupported forces relinking
+ _LT_TAGVAR(hardcode_minus_L, $1)=yes
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=
+ fi
+ esac
+ shared_flag='-shared'
+ if test "$aix_use_runtimelinking" = yes; then
+ shared_flag="$shared_flag "'${wl}-G'
+ fi
+ else
+ # not using gcc
+ if test "$host_cpu" = ia64; then
+ # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release
+ # chokes on -Wl,-G. The following line is correct:
+ shared_flag='-G'
+ else
+ if test "$aix_use_runtimelinking" = yes; then
+ shared_flag='${wl}-G'
+ else
+ shared_flag='${wl}-bM:SRE'
+ fi
+ fi
+ fi
+
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-bexpall'
+ # It seems that -bexpall does not export symbols beginning with
+ # underscore (_), so it is better to generate a list of symbols to
+ # export.
+ _LT_TAGVAR(always_export_symbols, $1)=yes
+ if test "$aix_use_runtimelinking" = yes; then
+ # Warning - without using the other runtime loading flags (-brtl),
+ # -berok will link without error, but may produce a broken library.
+ _LT_TAGVAR(allow_undefined_flag, $1)='-berok'
+ # Determine the default libpath from the value encoded in an empty
+ # executable.
+ _LT_SYS_MODULE_PATH_AIX
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath"
+
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then $ECHO "X${wl}${allow_undefined_flag}" | $Xsed; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag"
+ else
+ if test "$host_cpu" = ia64; then
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $libdir:/usr/lib:/lib'
+ _LT_TAGVAR(allow_undefined_flag, $1)="-z nodefs"
+ _LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols"
+ else
+ # Determine the default libpath from the value encoded in an
+ # empty executable.
+ _LT_SYS_MODULE_PATH_AIX
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath"
+ # Warning - without using the other run time loading flags,
+ # -berok will link without error, but may produce a broken library.
+ _LT_TAGVAR(no_undefined_flag, $1)=' ${wl}-bernotok'
+ _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-berok'
+ # Exported symbols can be pulled into shared objects from archives
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='$convenience'
+ _LT_TAGVAR(archive_cmds_need_lc, $1)=yes
+ # This is similar to how AIX traditionally builds its shared
+ # libraries.
+ _LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname'
+ fi
+ fi
+ ;;
+
+ beos*)
+ if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
+ _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+ # Joseph Beckenbach <jrb3 at best.com> says some releases of gcc
+ # support --undefined. This deserves some investigation. FIXME
+ _LT_TAGVAR(archive_cmds, $1)='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ else
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+
+ chorus*)
+ case $cc_basename in
+ *)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ esac
+ ;;
+
+ cygwin* | mingw* | pw32* | cegcc*)
+ # _LT_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless,
+ # as there is no search path for DLLs.
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+ _LT_TAGVAR(always_export_symbols, $1)=no
+ _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
+
+ if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+ # If the export-symbols file already is a .def file (1st line
+ # is EXPORTS), use it as is; otherwise, prepend...
+ _LT_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then
+ cp $export_symbols $output_objdir/$soname.def;
+ else
+ echo EXPORTS > $output_objdir/$soname.def;
+ cat $export_symbols >> $output_objdir/$soname.def;
+ fi~
+ $CC -shared -nostdlib $output_objdir/$soname.def $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+ else
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+ darwin* | rhapsody*)
+ _LT_DARWIN_LINKER_FEATURES($1)
+ ;;
+
+ dgux*)
+ case $cc_basename in
+ ec++*)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ ghcx*)
+ # Green Hills C++ Compiler
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ *)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ esac
+ ;;
+
+ freebsd[[12]]*)
+ # C++ shared libraries reported to be fairly broken before
+ # switch to ELF
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+
+ freebsd-elf*)
+ _LT_TAGVAR(archive_cmds_need_lc, $1)=no
+ ;;
+
+ freebsd* | dragonfly*)
+ # FreeBSD 3 and later use GNU C++ and GNU ld with standard ELF
+ # conventions
+ _LT_TAGVAR(ld_shlibs, $1)=yes
+ ;;
+
+ gnu*)
+ ;;
+
+ hpux9*)
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_minus_L, $1)=yes # Not in the search PATH,
+ # but as the default
+ # location of the library.
+
+ case $cc_basename in
+ CC*)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ aCC*)
+ _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -b ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ #
+ # There doesn't appear to be a way to prevent this compiler from
+ # explicitly linking system object files so we need to strip them
+ # from the output so that they don't get included in the library
+ # dependencies.
+ output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $EGREP "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; $ECHO "X$list" | $Xsed'
+ ;;
+ *)
+ if test "$GXX" = yes; then
+ _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -shared -nostdlib -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
+ else
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+ esac
+ ;;
+
+ hpux10*|hpux11*)
+ if test $with_gnu_ld = no; then
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+
+ case $host_cpu in
+ hppa*64*|ia64*)
+ ;;
+ *)
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
+ ;;
+ esac
+ fi
+ case $host_cpu in
+ hppa*64*|ia64*)
+ _LT_TAGVAR(hardcode_direct, $1)=no
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+ *)
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_direct_absolute, $1)=yes
+ _LT_TAGVAR(hardcode_minus_L, $1)=yes # Not in the search PATH,
+ # but as the default
+ # location of the library.
+ ;;
+ esac
+
+ case $cc_basename in
+ CC*)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ aCC*)
+ case $host_cpu in
+ hppa*64*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ ;;
+ ia64*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ ;;
+ *)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ ;;
+ esac
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ #
+ # There doesn't appear to be a way to prevent this compiler from
+ # explicitly linking system object files so we need to strip them
+ # from the output so that they don't get included in the library
+ # dependencies.
+ output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $GREP "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; $ECHO "X$list" | $Xsed'
+ ;;
+ *)
+ if test "$GXX" = yes; then
+ if test $with_gnu_ld = no; then
+ case $host_cpu in
+ hppa*64*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ ;;
+ ia64*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ ;;
+ *)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ ;;
+ esac
+ fi
+ else
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+ esac
+ ;;
+
+ interix[[3-9]]*)
+ _LT_TAGVAR(hardcode_direct, $1)=no
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
+ # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc.
+ # Instead, shared libraries are loaded at an image base (0x10000000 by
+ # default) and relocated if they conflict, which is a slow very memory
+ # consuming and fragmenting process. To avoid this, we pick a random,
+ # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link
+ # time. Moving up from 0x10000000 also allows more sbrk(2) space.
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+ ;;
+ irix5* | irix6*)
+ case $cc_basename in
+ CC*)
+ # SGI C++
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared -all -multigot $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib'
+
+ # Archives containing C++ object files must be created using
+ # "CC -ar", where "CC" is the IRIX C++ compiler. This is
+ # necessary to make sure instantiated templates are included
+ # in the archive.
+ _LT_TAGVAR(old_archive_cmds, $1)='$CC -ar -WR,-u -o $oldlib $oldobjs'
+ ;;
+ *)
+ if test "$GXX" = yes; then
+ if test "$with_gnu_ld" = no; then
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+ else
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` -o $lib'
+ fi
+ fi
+ _LT_TAGVAR(link_all_deplibs, $1)=yes
+ ;;
+ esac
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+ _LT_TAGVAR(inherit_rpath, $1)=yes
+ ;;
+
+ linux* | k*bsd*-gnu)
+ case $cc_basename in
+ KCC*)
+ # Kuck and Associates, Inc. (KAI) C++ Compiler
+
+ # KCC will only create a shared library if the output file
+ # ends with ".so" (or ".sl" for HP-UX), so rename the library
+ # to its proper name (with version) after linking.
+ _LT_TAGVAR(archive_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib ${wl}-retain-symbols-file,$export_symbols; mv \$templib $lib'
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ #
+ # There doesn't appear to be a way to prevent this compiler from
+ # explicitly linking system object files so we need to strip them
+ # from the output so that they don't get included in the library
+ # dependencies.
+ output_verbose_link_cmd='templist=`$CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1 | $GREP "ld"`; rm -f libconftest$shared_ext; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; $ECHO "X$list" | $Xsed'
+
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
+
+ # Archives containing C++ object files must be created using
+ # "CC -Bstatic", where "CC" is the KAI C++ compiler.
+ _LT_TAGVAR(old_archive_cmds, $1)='$CC -Bstatic -o $oldlib $oldobjs'
+ ;;
+ icpc* | ecpc* )
+ # Intel C++
+ with_gnu_ld=yes
+ # version 8.0 and above of icpc choke on multiply defined symbols
+ # if we add $predep_objects and $postdep_objects, however 7.1 and
+ # earlier do not add the objects themselves.
+ case `$CC -V 2>&1` in
+ *"Version 7."*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+ ;;
+ *) # Version 8.0 or newer
+ tmp_idyn=
+ case $host_cpu in
+ ia64*) tmp_idyn=' -i_dynamic';;
+ esac
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+ ;;
+ esac
+ _LT_TAGVAR(archive_cmds_need_lc, $1)=no
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive$convenience ${wl}--no-whole-archive'
+ ;;
+ pgCC* | pgcpp*)
+ # Portland Group C++ compiler
+ case `$CC -V` in
+ *pgCC\ [[1-5]]* | *pgcpp\ [[1-5]]*)
+ _LT_TAGVAR(prelink_cmds, $1)='tpldir=Template.dir~
+ rm -rf $tpldir~
+ $CC --prelink_objects --instantiation_dir $tpldir $objs $libobjs $compile_deplibs~
+ compile_command="$compile_command `find $tpldir -name \*.o | $NL2SP`"'
+ _LT_TAGVAR(old_archive_cmds, $1)='tpldir=Template.dir~
+ rm -rf $tpldir~
+ $CC --prelink_objects --instantiation_dir $tpldir $oldobjs$old_deplibs~
+ $AR $AR_FLAGS $oldlib$oldobjs$old_deplibs `find $tpldir -name \*.o | $NL2SP`~
+ $RANLIB $oldlib'
+ _LT_TAGVAR(archive_cmds, $1)='tpldir=Template.dir~
+ rm -rf $tpldir~
+ $CC --prelink_objects --instantiation_dir $tpldir $predep_objects $libobjs $deplibs $convenience $postdep_objects~
+ $CC -shared $pic_flag $predep_objects $libobjs $deplibs `find $tpldir -name \*.o | $NL2SP` $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='tpldir=Template.dir~
+ rm -rf $tpldir~
+ $CC --prelink_objects --instantiation_dir $tpldir $predep_objects $libobjs $deplibs $convenience $postdep_objects~
+ $CC -shared $pic_flag $predep_objects $libobjs $deplibs `find $tpldir -name \*.o | $NL2SP` $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib'
+ ;;
+ *) # Version 6 will use weak symbols
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib'
+ ;;
+ esac
+
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}--rpath ${wl}$libdir'
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $ECHO \"$new_convenience\"` ${wl}--no-whole-archive'
+ ;;
+ cxx*)
+ # Compaq C++
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib ${wl}-retain-symbols-file $wl$export_symbols'
+
+ runpath_var=LD_RUN_PATH
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ #
+ # There doesn't appear to be a way to prevent this compiler from
+ # explicitly linking system object files so we need to strip them
+ # from the output so that they don't get included in the library
+ # dependencies.
+ output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "ld"`; templist=`$ECHO "X$templist" | $Xsed -e "s/\(^.*ld.*\)\( .*ld .*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; $ECHO "X$list" | $Xsed'
+ ;;
+ xl*)
+ # IBM XL 8.0 on PPC, with GNU ld
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -qmkshrobj $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ if test "x$supports_anon_versioning" = xyes; then
+ _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~
+ cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
+ echo "local: *; };" >> $output_objdir/$libname.ver~
+ $CC -qmkshrobj $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib'
+ fi
+ ;;
+ *)
+ case `$CC -V 2>&1 | sed 5q` in
+ *Sun\ C*)
+ # Sun C++ 5.9
+ _LT_TAGVAR(no_undefined_flag, $1)=' -zdefs'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-retain-symbols-file ${wl}$export_symbols'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; $ECHO \"$new_convenience\"` ${wl}--no-whole-archive'
+ _LT_TAGVAR(compiler_needs_object, $1)=yes
+
+ # Not sure whether something based on
+ # $CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1
+ # would be better.
+ output_verbose_link_cmd='echo'
+
+ # Archives containing C++ object files must be created using
+ # "CC -xar", where "CC" is the Sun C++ compiler. This is
+ # necessary to make sure instantiated templates are included
+ # in the archive.
+ _LT_TAGVAR(old_archive_cmds, $1)='$CC -xar -o $oldlib $oldobjs'
+ ;;
+ esac
+ ;;
+ esac
+ ;;
+
+ lynxos*)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+
+ m88k*)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+
+ mvs*)
+ case $cc_basename in
+ cxx*)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ *)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ esac
+ ;;
+
+ netbsd*)
+ if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
+ _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $predep_objects $libobjs $deplibs $postdep_objects $linker_flags'
+ wlarc=
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ fi
+ # Workaround some broken pre-1.5 toolchains
+ output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP conftest.$objext | $SED -e "s:-lgcc -lc -lgcc::"'
+ ;;
+
+ *nto* | *qnx*)
+ _LT_TAGVAR(ld_shlibs, $1)=yes
+ ;;
+
+ openbsd2*)
+ # C++ shared libraries are fairly broken
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+
+ openbsd*)
+ if test -f /usr/libexec/ld.so; then
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ _LT_TAGVAR(hardcode_direct_absolute, $1)=yes
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
+ if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-retain-symbols-file,$export_symbols -o $lib'
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
+ _LT_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive'
+ fi
+ output_verbose_link_cmd=echo
+ else
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+
+ osf3* | osf4* | osf5*)
+ case $cc_basename in
+ KCC*)
+ # Kuck and Associates, Inc. (KAI) C++ Compiler
+
+ # KCC will only create a shared library if the output file
+ # ends with ".so" (or ".sl" for HP-UX), so rename the library
+ # to its proper name (with version) after linking.
+ _LT_TAGVAR(archive_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo "$lib" | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib'
+
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+
+ # Archives containing C++ object files must be created using
+ # the KAI C++ compiler.
+ case $host in
+ osf3*) _LT_TAGVAR(old_archive_cmds, $1)='$CC -Bstatic -o $oldlib $oldobjs' ;;
+ *) _LT_TAGVAR(old_archive_cmds, $1)='$CC -o $oldlib $oldobjs' ;;
+ esac
+ ;;
+ RCC*)
+ # Rational C++ 2.4.1
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ cxx*)
+ case $host in
+ osf3*)
+ _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $soname `test -n "$verstring" && $ECHO "X${wl}-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+ ;;
+ *)
+ _LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done~
+ echo "-hidden">> $lib.exp~
+ $CC -shared$allow_undefined_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname ${wl}-input ${wl}$lib.exp `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib~
+ $RM $lib.exp'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir'
+ ;;
+ esac
+
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ #
+ # There doesn't appear to be a way to prevent this compiler from
+ # explicitly linking system object files so we need to strip them
+ # from the output so that they don't get included in the library
+ # dependencies.
+ output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "ld" | $GREP -v "ld:"`; templist=`$ECHO "X$templist" | $Xsed -e "s/\(^.*ld.*\)\( .*ld.*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; $ECHO "X$list" | $Xsed'
+ ;;
+ *)
+ if test "$GXX" = yes && test "$with_gnu_ld" = no; then
+ _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
+ case $host in
+ osf3*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+ ;;
+ *)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+ ;;
+ esac
+
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "\-L"'
+
+ else
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+ esac
+ ;;
+
+ psos*)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+
+ sunos4*)
+ case $cc_basename in
+ CC*)
+ # Sun C++ 4.x
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ lcc*)
+ # Lucid
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ *)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ esac
+ ;;
+
+ solaris*)
+ case $cc_basename in
+ CC*)
+ # Sun C++ 4.2, 5.x and Centerline C++
+ _LT_TAGVAR(archive_cmds_need_lc,$1)=yes
+ _LT_TAGVAR(no_undefined_flag, $1)=' -zdefs'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+ $CC -G${allow_undefined_flag} ${wl}-M ${wl}$lib.exp -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp'
+
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ case $host_os in
+ solaris2.[[0-5]] | solaris2.[[0-5]].*) ;;
+ *)
+ # The compiler driver will combine and reorder linker options,
+ # but understands `-z linker_flag'.
+ # Supported since Solaris 2.6 (maybe 2.5.1?)
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='-z allextract$convenience -z defaultextract'
+ ;;
+ esac
+ _LT_TAGVAR(link_all_deplibs, $1)=yes
+
+ output_verbose_link_cmd='echo'
+
+ # Archives containing C++ object files must be created using
+ # "CC -xar", where "CC" is the Sun C++ compiler. This is
+ # necessary to make sure instantiated templates are included
+ # in the archive.
+ _LT_TAGVAR(old_archive_cmds, $1)='$CC -xar -o $oldlib $oldobjs'
+ ;;
+ gcx*)
+ # Green Hills C++ Compiler
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib'
+
+ # The C++ compiler must be used to create the archive.
+ _LT_TAGVAR(old_archive_cmds, $1)='$CC $LDFLAGS -archive -o $oldlib $oldobjs'
+ ;;
+ *)
+ # GNU C++ compiler with Solaris linker
+ if test "$GXX" = yes && test "$with_gnu_ld" = no; then
+ _LT_TAGVAR(no_undefined_flag, $1)=' ${wl}-z ${wl}defs'
+ if $CC --version | $GREP -v '^2\.7' > /dev/null; then
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+ $CC -shared -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp'
+
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "\-L"'
+ else
+ # g++ 2.7 appears to require `-G' NOT `-shared' on this
+ # platform.
+ _LT_TAGVAR(archive_cmds, $1)='$CC -G -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+ $CC -G -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp'
+
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ output_verbose_link_cmd='$CC -G $CFLAGS -v conftest.$objext 2>&1 | $GREP "\-L"'
+ fi
+
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $wl$libdir'
+ case $host_os in
+ solaris2.[[0-5]] | solaris2.[[0-5]].*) ;;
+ *)
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}-z ${wl}allextract$convenience ${wl}-z ${wl}defaultextract'
+ ;;
+ esac
+ fi
+ ;;
+ esac
+ ;;
+
+ sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[[01]].[[10]]* | unixware7* | sco3.2v5.0.[[024]]*)
+ _LT_TAGVAR(no_undefined_flag, $1)='${wl}-z,text'
+ _LT_TAGVAR(archive_cmds_need_lc, $1)=no
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ runpath_var='LD_RUN_PATH'
+
+ case $cc_basename in
+ CC*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ *)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ esac
+ ;;
+
+ sysv5* | sco3.2v5* | sco5v6*)
+ # Note: We can NOT use -z defs as we might desire, because we do not
+ # link with -lc, and that would cause any symbols used from libc to
+ # always be unresolved, which means just about no library would
+ # ever link correctly. If we're not using GNU ld we use -z text
+ # though, which does catch some bad symbols but isn't as heavy-handed
+ # as -z defs.
+ _LT_TAGVAR(no_undefined_flag, $1)='${wl}-z,text'
+ _LT_TAGVAR(allow_undefined_flag, $1)='${wl}-z,nodefs'
+ _LT_TAGVAR(archive_cmds_need_lc, $1)=no
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R,$libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=':'
+ _LT_TAGVAR(link_all_deplibs, $1)=yes
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-Bexport'
+ runpath_var='LD_RUN_PATH'
+
+ case $cc_basename in
+ CC*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ *)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ esac
+ ;;
+
+ tandem*)
+ case $cc_basename in
+ NCC*)
+ # NonStop-UX NCC 3.20
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ *)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ esac
+ ;;
+
+ vxworks*)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+
+ *)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ esac
+
+ AC_MSG_RESULT([$_LT_TAGVAR(ld_shlibs, $1)])
+ test "$_LT_TAGVAR(ld_shlibs, $1)" = no && can_build_shared=no
+
+ _LT_TAGVAR(GCC, $1)="$GXX"
+ _LT_TAGVAR(LD, $1)="$LD"
+
+ ## CAVEAT EMPTOR:
+ ## There is no encapsulation within the following macros, do not change
+ ## the running order or otherwise move them around unless you know exactly
+ ## what you are doing...
+ _LT_SYS_HIDDEN_LIBDEPS($1)
+ _LT_COMPILER_PIC($1)
+ _LT_COMPILER_C_O($1)
+ _LT_COMPILER_FILE_LOCKS($1)
+ _LT_LINKER_SHLIBS($1)
+ _LT_SYS_DYNAMIC_LINKER($1)
+ _LT_LINKER_HARDCODE_LIBPATH($1)
+
+ _LT_CONFIG($1)
+ fi # test -n "$compiler"
+
+ CC=$lt_save_CC
+ LDCXX=$LD
+ LD=$lt_save_LD
+ GCC=$lt_save_GCC
+ with_gnu_ld=$lt_save_with_gnu_ld
+ lt_cv_path_LDCXX=$lt_cv_path_LD
+ lt_cv_path_LD=$lt_save_path_LD
+ lt_cv_prog_gnu_ldcxx=$lt_cv_prog_gnu_ld
+ lt_cv_prog_gnu_ld=$lt_save_with_gnu_ld
+fi # test "$_lt_caught_CXX_error" != yes
+
+AC_LANG_POP
+])# _LT_LANG_CXX_CONFIG
+
+
+# _LT_SYS_HIDDEN_LIBDEPS([TAGNAME])
+# ---------------------------------
+# Figure out "hidden" library dependencies from verbose
+# compiler output when linking a shared library.
+# Parse the compiler output and extract the necessary
+# objects, libraries and library flags.
+m4_defun([_LT_SYS_HIDDEN_LIBDEPS],
+[m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+# Dependencies to place before and after the object being linked:
+_LT_TAGVAR(predep_objects, $1)=
+_LT_TAGVAR(postdep_objects, $1)=
+_LT_TAGVAR(predeps, $1)=
+_LT_TAGVAR(postdeps, $1)=
+_LT_TAGVAR(compiler_lib_search_path, $1)=
+
+dnl we can't use the lt_simple_compile_test_code here,
+dnl because it contains code intended for an executable,
+dnl not a library. It's possible we should let each
+dnl tag define a new lt_????_link_test_code variable,
+dnl but it's only used here...
+m4_if([$1], [], [cat > conftest.$ac_ext <<_LT_EOF
+int a;
+void foo (void) { a = 0; }
+_LT_EOF
+], [$1], [CXX], [cat > conftest.$ac_ext <<_LT_EOF
+class Foo
+{
+public:
+ Foo (void) { a = 0; }
+private:
+ int a;
+};
+_LT_EOF
+], [$1], [F77], [cat > conftest.$ac_ext <<_LT_EOF
+ subroutine foo
+ implicit none
+ integer*4 a
+ a=0
+ return
+ end
+_LT_EOF
+], [$1], [FC], [cat > conftest.$ac_ext <<_LT_EOF
+ subroutine foo
+ implicit none
+ integer a
+ a=0
+ return
+ end
+_LT_EOF
+], [$1], [GCJ], [cat > conftest.$ac_ext <<_LT_EOF
+public class foo {
+ private int a;
+ public void bar (void) {
+ a = 0;
+ }
+};
+_LT_EOF
+])
+dnl Parse the compiler output and extract the necessary
+dnl objects, libraries and library flags.
+if AC_TRY_EVAL(ac_compile); then
+ # Parse the compiler output and extract the necessary
+ # objects, libraries and library flags.
+
+ # Sentinel used to keep track of whether or not we are before
+ # the conftest object file.
+ pre_test_object_deps_done=no
+
+ for p in `eval "$output_verbose_link_cmd"`; do
+ case $p in
+
+ -L* | -R* | -l*)
+ # Some compilers place space between "-{L,R}" and the path.
+ # Remove the space.
+ if test $p = "-L" ||
+ test $p = "-R"; then
+ prev=$p
+ continue
+ else
+ prev=
+ fi
+
+ if test "$pre_test_object_deps_done" = no; then
+ case $p in
+ -L* | -R*)
+ # Internal compiler library paths should come after those
+ # provided the user. The postdeps already come after the
+ # user supplied libs so there is no need to process them.
+ if test -z "$_LT_TAGVAR(compiler_lib_search_path, $1)"; then
+ _LT_TAGVAR(compiler_lib_search_path, $1)="${prev}${p}"
+ else
+ _LT_TAGVAR(compiler_lib_search_path, $1)="${_LT_TAGVAR(compiler_lib_search_path, $1)} ${prev}${p}"
+ fi
+ ;;
+ # The "-l" case would never come before the object being
+ # linked, so don't bother handling this case.
+ esac
+ else
+ if test -z "$_LT_TAGVAR(postdeps, $1)"; then
+ _LT_TAGVAR(postdeps, $1)="${prev}${p}"
+ else
+ _LT_TAGVAR(postdeps, $1)="${_LT_TAGVAR(postdeps, $1)} ${prev}${p}"
+ fi
+ fi
+ ;;
+
+ *.$objext)
+ # This assumes that the test object file only shows up
+ # once in the compiler output.
+ if test "$p" = "conftest.$objext"; then
+ pre_test_object_deps_done=yes
+ continue
+ fi
+
+ if test "$pre_test_object_deps_done" = no; then
+ if test -z "$_LT_TAGVAR(predep_objects, $1)"; then
+ _LT_TAGVAR(predep_objects, $1)="$p"
+ else
+ _LT_TAGVAR(predep_objects, $1)="$_LT_TAGVAR(predep_objects, $1) $p"
+ fi
+ else
+ if test -z "$_LT_TAGVAR(postdep_objects, $1)"; then
+ _LT_TAGVAR(postdep_objects, $1)="$p"
+ else
+ _LT_TAGVAR(postdep_objects, $1)="$_LT_TAGVAR(postdep_objects, $1) $p"
+ fi
+ fi
+ ;;
+
+ *) ;; # Ignore the rest.
+
+ esac
+ done
+
+ # Clean up.
+ rm -f a.out a.exe
+else
+ echo "libtool.m4: error: problem compiling $1 test program"
+fi
+
+$RM -f confest.$objext
+
+# PORTME: override above test on systems where it is broken
+m4_if([$1], [CXX],
+[case $host_os in
+interix[[3-9]]*)
+ # Interix 3.5 installs completely hosed .la files for C++, so rather than
+ # hack all around it, let's just trust "g++" to DTRT.
+ _LT_TAGVAR(predep_objects,$1)=
+ _LT_TAGVAR(postdep_objects,$1)=
+ _LT_TAGVAR(postdeps,$1)=
+ ;;
+
+linux*)
+ case `$CC -V 2>&1 | sed 5q` in
+ *Sun\ C*)
+ # Sun C++ 5.9
+
+ # The more standards-conforming stlport4 library is
+ # incompatible with the Cstd library. Avoid specifying
+ # it if it's in CXXFLAGS. Ignore libCrun as
+ # -library=stlport4 depends on it.
+ case " $CXX $CXXFLAGS " in
+ *" -library=stlport4 "*)
+ solaris_use_stlport4=yes
+ ;;
+ esac
+
+ if test "$solaris_use_stlport4" != yes; then
+ _LT_TAGVAR(postdeps,$1)='-library=Cstd -library=Crun'
+ fi
+ ;;
+ esac
+ ;;
+
+solaris*)
+ case $cc_basename in
+ CC*)
+ # The more standards-conforming stlport4 library is
+ # incompatible with the Cstd library. Avoid specifying
+ # it if it's in CXXFLAGS. Ignore libCrun as
+ # -library=stlport4 depends on it.
+ case " $CXX $CXXFLAGS " in
+ *" -library=stlport4 "*)
+ solaris_use_stlport4=yes
+ ;;
+ esac
+
+ # Adding this requires a known-good setup of shared libraries for
+ # Sun compiler versions before 5.6, else PIC objects from an old
+ # archive will be linked into the output, leading to subtle bugs.
+ if test "$solaris_use_stlport4" != yes; then
+ _LT_TAGVAR(postdeps,$1)='-library=Cstd -library=Crun'
+ fi
+ ;;
+ esac
+ ;;
+esac
+])
+
+case " $_LT_TAGVAR(postdeps, $1) " in
+*" -lc "*) _LT_TAGVAR(archive_cmds_need_lc, $1)=no ;;
+esac
+ _LT_TAGVAR(compiler_lib_search_dirs, $1)=
+if test -n "${_LT_TAGVAR(compiler_lib_search_path, $1)}"; then
+ _LT_TAGVAR(compiler_lib_search_dirs, $1)=`echo " ${_LT_TAGVAR(compiler_lib_search_path, $1)}" | ${SED} -e 's! -L! !g' -e 's!^ !!'`
+fi
+_LT_TAGDECL([], [compiler_lib_search_dirs], [1],
+ [The directories searched by this compiler when creating a shared library])
+_LT_TAGDECL([], [predep_objects], [1],
+ [Dependencies to place before and after the objects being linked to
+ create a shared library])
+_LT_TAGDECL([], [postdep_objects], [1])
+_LT_TAGDECL([], [predeps], [1])
+_LT_TAGDECL([], [postdeps], [1])
+_LT_TAGDECL([], [compiler_lib_search_path], [1],
+ [The library search path used internally by the compiler when linking
+ a shared library])
+])# _LT_SYS_HIDDEN_LIBDEPS
+
+
+# _LT_PROG_F77
+# ------------
+# Since AC_PROG_F77 is broken, in that it returns the empty string
+# if there is no fortran compiler, we have our own version here.
+m4_defun([_LT_PROG_F77],
+[
+pushdef([AC_MSG_ERROR], [_lt_disable_F77=yes])
+AC_PROG_F77
+if test -z "$F77" || test "X$F77" = "Xno"; then
+ _lt_disable_F77=yes
+fi
+popdef([AC_MSG_ERROR])
+])# _LT_PROG_F77
+
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([_LT_PROG_F77], [])
+
+
+# _LT_LANG_F77_CONFIG([TAG])
+# --------------------------
+# Ensure that the configuration variables for a Fortran 77 compiler are
+# suitably defined. These variables are subsequently used by _LT_CONFIG
+# to write the compiler configuration to `libtool'.
+m4_defun([_LT_LANG_F77_CONFIG],
+[AC_REQUIRE([_LT_PROG_F77])dnl
+AC_LANG_PUSH(Fortran 77)
+
+_LT_TAGVAR(archive_cmds_need_lc, $1)=no
+_LT_TAGVAR(allow_undefined_flag, $1)=
+_LT_TAGVAR(always_export_symbols, $1)=no
+_LT_TAGVAR(archive_expsym_cmds, $1)=
+_LT_TAGVAR(export_dynamic_flag_spec, $1)=
+_LT_TAGVAR(hardcode_direct, $1)=no
+_LT_TAGVAR(hardcode_direct_absolute, $1)=no
+_LT_TAGVAR(hardcode_libdir_flag_spec, $1)=
+_LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)=
+_LT_TAGVAR(hardcode_libdir_separator, $1)=
+_LT_TAGVAR(hardcode_minus_L, $1)=no
+_LT_TAGVAR(hardcode_automatic, $1)=no
+_LT_TAGVAR(inherit_rpath, $1)=no
+_LT_TAGVAR(module_cmds, $1)=
+_LT_TAGVAR(module_expsym_cmds, $1)=
+_LT_TAGVAR(link_all_deplibs, $1)=unknown
+_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
+_LT_TAGVAR(no_undefined_flag, $1)=
+_LT_TAGVAR(whole_archive_flag_spec, $1)=
+_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no
+
+# Source file extension for f77 test sources.
+ac_ext=f
+
+# Object file extension for compiled f77 test sources.
+objext=o
+_LT_TAGVAR(objext, $1)=$objext
+
+# No sense in running all these tests if we already determined that
+# the F77 compiler isn't working. Some variables (like enable_shared)
+# are currently assumed to apply to all compilers on this platform,
+# and will be corrupted by setting them based on a non-working compiler.
+if test "$_lt_disable_F77" != yes; then
+ # Code to be used in simple compile tests
+ lt_simple_compile_test_code="\
+ subroutine t
+ return
+ end
+"
+
+ # Code to be used in simple link tests
+ lt_simple_link_test_code="\
+ program t
+ end
+"
+
+ # ltmain only uses $CC for tagged configurations so make sure $CC is set.
+ _LT_TAG_COMPILER
+
+ # save warnings/boilerplate of simple test code
+ _LT_COMPILER_BOILERPLATE
+ _LT_LINKER_BOILERPLATE
+
+ # Allow CC to be a program name with arguments.
+ lt_save_CC="$CC"
+ lt_save_GCC=$GCC
+ CC=${F77-"f77"}
+ compiler=$CC
+ _LT_TAGVAR(compiler, $1)=$CC
+ _LT_CC_BASENAME([$compiler])
+ GCC=$G77
+ if test -n "$compiler"; then
+ AC_MSG_CHECKING([if libtool supports shared libraries])
+ AC_MSG_RESULT([$can_build_shared])
+
+ AC_MSG_CHECKING([whether to build shared libraries])
+ test "$can_build_shared" = "no" && enable_shared=no
+
+ # On AIX, shared libraries and static libraries use the same namespace, and
+ # are all built from PIC.
+ case $host_os in
+ aix3*)
+ test "$enable_shared" = yes && enable_static=no
+ if test -n "$RANLIB"; then
+ archive_cmds="$archive_cmds~\$RANLIB \$lib"
+ postinstall_cmds='$RANLIB $lib'
+ fi
+ ;;
+ aix[[4-9]]*)
+ if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then
+ test "$enable_shared" = yes && enable_static=no
+ fi
+ ;;
+ esac
+ AC_MSG_RESULT([$enable_shared])
+
+ AC_MSG_CHECKING([whether to build static libraries])
+ # Make sure either enable_shared or enable_static is yes.
+ test "$enable_shared" = yes || enable_static=yes
+ AC_MSG_RESULT([$enable_static])
+
+ _LT_TAGVAR(GCC, $1)="$G77"
+ _LT_TAGVAR(LD, $1)="$LD"
+
+ ## CAVEAT EMPTOR:
+ ## There is no encapsulation within the following macros, do not change
+ ## the running order or otherwise move them around unless you know exactly
+ ## what you are doing...
+ _LT_COMPILER_PIC($1)
+ _LT_COMPILER_C_O($1)
+ _LT_COMPILER_FILE_LOCKS($1)
+ _LT_LINKER_SHLIBS($1)
+ _LT_SYS_DYNAMIC_LINKER($1)
+ _LT_LINKER_HARDCODE_LIBPATH($1)
+
+ _LT_CONFIG($1)
+ fi # test -n "$compiler"
+
+ GCC=$lt_save_GCC
+ CC="$lt_save_CC"
+fi # test "$_lt_disable_F77" != yes
+
+AC_LANG_POP
+])# _LT_LANG_F77_CONFIG
+
+
+# _LT_PROG_FC
+# -----------
+# Since AC_PROG_FC is broken, in that it returns the empty string
+# if there is no fortran compiler, we have our own version here.
+m4_defun([_LT_PROG_FC],
+[
+pushdef([AC_MSG_ERROR], [_lt_disable_FC=yes])
+AC_PROG_FC
+if test -z "$FC" || test "X$FC" = "Xno"; then
+ _lt_disable_FC=yes
+fi
+popdef([AC_MSG_ERROR])
+])# _LT_PROG_FC
+
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([_LT_PROG_FC], [])
+
+
+# _LT_LANG_FC_CONFIG([TAG])
+# -------------------------
+# Ensure that the configuration variables for a Fortran compiler are
+# suitably defined. These variables are subsequently used by _LT_CONFIG
+# to write the compiler configuration to `libtool'.
+m4_defun([_LT_LANG_FC_CONFIG],
+[AC_REQUIRE([_LT_PROG_FC])dnl
+AC_LANG_PUSH(Fortran)
+
+_LT_TAGVAR(archive_cmds_need_lc, $1)=no
+_LT_TAGVAR(allow_undefined_flag, $1)=
+_LT_TAGVAR(always_export_symbols, $1)=no
+_LT_TAGVAR(archive_expsym_cmds, $1)=
+_LT_TAGVAR(export_dynamic_flag_spec, $1)=
+_LT_TAGVAR(hardcode_direct, $1)=no
+_LT_TAGVAR(hardcode_direct_absolute, $1)=no
+_LT_TAGVAR(hardcode_libdir_flag_spec, $1)=
+_LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)=
+_LT_TAGVAR(hardcode_libdir_separator, $1)=
+_LT_TAGVAR(hardcode_minus_L, $1)=no
+_LT_TAGVAR(hardcode_automatic, $1)=no
+_LT_TAGVAR(inherit_rpath, $1)=no
+_LT_TAGVAR(module_cmds, $1)=
+_LT_TAGVAR(module_expsym_cmds, $1)=
+_LT_TAGVAR(link_all_deplibs, $1)=unknown
+_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
+_LT_TAGVAR(no_undefined_flag, $1)=
+_LT_TAGVAR(whole_archive_flag_spec, $1)=
+_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no
+
+# Source file extension for fc test sources.
+ac_ext=${ac_fc_srcext-f}
+
+# Object file extension for compiled fc test sources.
+objext=o
+_LT_TAGVAR(objext, $1)=$objext
+
+# No sense in running all these tests if we already determined that
+# the FC compiler isn't working. Some variables (like enable_shared)
+# are currently assumed to apply to all compilers on this platform,
+# and will be corrupted by setting them based on a non-working compiler.
+if test "$_lt_disable_FC" != yes; then
+ # Code to be used in simple compile tests
+ lt_simple_compile_test_code="\
+ subroutine t
+ return
+ end
+"
+
+ # Code to be used in simple link tests
+ lt_simple_link_test_code="\
+ program t
+ end
+"
+
+ # ltmain only uses $CC for tagged configurations so make sure $CC is set.
+ _LT_TAG_COMPILER
+
+ # save warnings/boilerplate of simple test code
+ _LT_COMPILER_BOILERPLATE
+ _LT_LINKER_BOILERPLATE
+
+ # Allow CC to be a program name with arguments.
+ lt_save_CC="$CC"
+ lt_save_GCC=$GCC
+ CC=${FC-"f95"}
+ compiler=$CC
+ GCC=$ac_cv_fc_compiler_gnu
+
+ _LT_TAGVAR(compiler, $1)=$CC
+ _LT_CC_BASENAME([$compiler])
+
+ if test -n "$compiler"; then
+ AC_MSG_CHECKING([if libtool supports shared libraries])
+ AC_MSG_RESULT([$can_build_shared])
+
+ AC_MSG_CHECKING([whether to build shared libraries])
+ test "$can_build_shared" = "no" && enable_shared=no
+
+ # On AIX, shared libraries and static libraries use the same namespace, and
+ # are all built from PIC.
+ case $host_os in
+ aix3*)
+ test "$enable_shared" = yes && enable_static=no
+ if test -n "$RANLIB"; then
+ archive_cmds="$archive_cmds~\$RANLIB \$lib"
+ postinstall_cmds='$RANLIB $lib'
+ fi
+ ;;
+ aix[[4-9]]*)
+ if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then
+ test "$enable_shared" = yes && enable_static=no
+ fi
+ ;;
+ esac
+ AC_MSG_RESULT([$enable_shared])
+
+ AC_MSG_CHECKING([whether to build static libraries])
+ # Make sure either enable_shared or enable_static is yes.
+ test "$enable_shared" = yes || enable_static=yes
+ AC_MSG_RESULT([$enable_static])
+
+ _LT_TAGVAR(GCC, $1)="$ac_cv_fc_compiler_gnu"
+ _LT_TAGVAR(LD, $1)="$LD"
+
+ ## CAVEAT EMPTOR:
+ ## There is no encapsulation within the following macros, do not change
+ ## the running order or otherwise move them around unless you know exactly
+ ## what you are doing...
+ _LT_SYS_HIDDEN_LIBDEPS($1)
+ _LT_COMPILER_PIC($1)
+ _LT_COMPILER_C_O($1)
+ _LT_COMPILER_FILE_LOCKS($1)
+ _LT_LINKER_SHLIBS($1)
+ _LT_SYS_DYNAMIC_LINKER($1)
+ _LT_LINKER_HARDCODE_LIBPATH($1)
+
+ _LT_CONFIG($1)
+ fi # test -n "$compiler"
+
+ GCC=$lt_save_GCC
+ CC="$lt_save_CC"
+fi # test "$_lt_disable_FC" != yes
+
+AC_LANG_POP
+])# _LT_LANG_FC_CONFIG
+
+
+# _LT_LANG_GCJ_CONFIG([TAG])
+# --------------------------
+# Ensure that the configuration variables for the GNU Java Compiler compiler
+# are suitably defined. These variables are subsequently used by _LT_CONFIG
+# to write the compiler configuration to `libtool'.
+m4_defun([_LT_LANG_GCJ_CONFIG],
+[AC_REQUIRE([LT_PROG_GCJ])dnl
+AC_LANG_SAVE
+
+# Source file extension for Java test sources.
+ac_ext=java
+
+# Object file extension for compiled Java test sources.
+objext=o
+_LT_TAGVAR(objext, $1)=$objext
+
+# Code to be used in simple compile tests
+lt_simple_compile_test_code="class foo {}"
+
+# Code to be used in simple link tests
+lt_simple_link_test_code='public class conftest { public static void main(String[[]] argv) {}; }'
+
+# ltmain only uses $CC for tagged configurations so make sure $CC is set.
+_LT_TAG_COMPILER
+
+# save warnings/boilerplate of simple test code
+_LT_COMPILER_BOILERPLATE
+_LT_LINKER_BOILERPLATE
+
+# Allow CC to be a program name with arguments.
+lt_save_CC="$CC"
+lt_save_GCC=$GCC
+GCC=yes
+CC=${GCJ-"gcj"}
+compiler=$CC
+_LT_TAGVAR(compiler, $1)=$CC
+_LT_TAGVAR(LD, $1)="$LD"
+_LT_CC_BASENAME([$compiler])
+
+# GCJ did not exist at the time GCC didn't implicitly link libc in.
+_LT_TAGVAR(archive_cmds_need_lc, $1)=no
+
+_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
+
+## CAVEAT EMPTOR:
+## There is no encapsulation within the following macros, do not change
+## the running order or otherwise move them around unless you know exactly
+## what you are doing...
+if test -n "$compiler"; then
+ _LT_COMPILER_NO_RTTI($1)
+ _LT_COMPILER_PIC($1)
+ _LT_COMPILER_C_O($1)
+ _LT_COMPILER_FILE_LOCKS($1)
+ _LT_LINKER_SHLIBS($1)
+ _LT_LINKER_HARDCODE_LIBPATH($1)
+
+ _LT_CONFIG($1)
+fi
+
+AC_LANG_RESTORE
+
+GCC=$lt_save_GCC
+CC="$lt_save_CC"
+])# _LT_LANG_GCJ_CONFIG
+
+
+# _LT_LANG_RC_CONFIG([TAG])
+# -------------------------
+# Ensure that the configuration variables for the Windows resource compiler
+# are suitably defined. These variables are subsequently used by _LT_CONFIG
+# to write the compiler configuration to `libtool'.
+m4_defun([_LT_LANG_RC_CONFIG],
+[AC_REQUIRE([LT_PROG_RC])dnl
+AC_LANG_SAVE
+
+# Source file extension for RC test sources.
+ac_ext=rc
+
+# Object file extension for compiled RC test sources.
+objext=o
+_LT_TAGVAR(objext, $1)=$objext
+
+# Code to be used in simple compile tests
+lt_simple_compile_test_code='sample MENU { MENUITEM "&Soup", 100, CHECKED }'
+
+# Code to be used in simple link tests
+lt_simple_link_test_code="$lt_simple_compile_test_code"
+
+# ltmain only uses $CC for tagged configurations so make sure $CC is set.
+_LT_TAG_COMPILER
+
+# save warnings/boilerplate of simple test code
+_LT_COMPILER_BOILERPLATE
+_LT_LINKER_BOILERPLATE
+
+# Allow CC to be a program name with arguments.
+lt_save_CC="$CC"
+lt_save_GCC=$GCC
+GCC=
+CC=${RC-"windres"}
+compiler=$CC
+_LT_TAGVAR(compiler, $1)=$CC
+_LT_CC_BASENAME([$compiler])
+_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)=yes
+
+if test -n "$compiler"; then
+ :
+ _LT_CONFIG($1)
+fi
+
+GCC=$lt_save_GCC
+AC_LANG_RESTORE
+CC="$lt_save_CC"
+])# _LT_LANG_RC_CONFIG
+
+
+# LT_PROG_GCJ
+# -----------
+AC_DEFUN([LT_PROG_GCJ],
+[m4_ifdef([AC_PROG_GCJ], [AC_PROG_GCJ],
+ [m4_ifdef([A][M_PROG_GCJ], [A][M_PROG_GCJ],
+ [AC_CHECK_TOOL(GCJ, gcj,)
+ test "x${GCJFLAGS+set}" = xset || GCJFLAGS="-g -O2"
+ AC_SUBST(GCJFLAGS)])])[]dnl
+])
+
+# Old name:
+AU_ALIAS([LT_AC_PROG_GCJ], [LT_PROG_GCJ])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([LT_AC_PROG_GCJ], [])
+
+
+# LT_PROG_RC
+# ----------
+AC_DEFUN([LT_PROG_RC],
+[AC_CHECK_TOOL(RC, windres,)
+])
+
+# Old name:
+AU_ALIAS([LT_AC_PROG_RC], [LT_PROG_RC])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([LT_AC_PROG_RC], [])
+
+
+# _LT_DECL_EGREP
+# --------------
+# If we don't have a new enough Autoconf to choose the best grep
+# available, choose the one first in the user's PATH.
+m4_defun([_LT_DECL_EGREP],
+[AC_REQUIRE([AC_PROG_EGREP])dnl
+AC_REQUIRE([AC_PROG_FGREP])dnl
+test -z "$GREP" && GREP=grep
+_LT_DECL([], [GREP], [1], [A grep program that handles long lines])
+_LT_DECL([], [EGREP], [1], [An ERE matcher])
+_LT_DECL([], [FGREP], [1], [A literal string matcher])
+dnl Non-bleeding-edge autoconf doesn't subst GREP, so do it here too
+AC_SUBST([GREP])
+])
+
+
+# _LT_DECL_OBJDUMP
+# --------------
+# If we don't have a new enough Autoconf to choose the best objdump
+# available, choose the one first in the user's PATH.
+m4_defun([_LT_DECL_OBJDUMP],
+[AC_CHECK_TOOL(OBJDUMP, objdump, false)
+test -z "$OBJDUMP" && OBJDUMP=objdump
+_LT_DECL([], [OBJDUMP], [1], [An object symbol dumper])
+AC_SUBST([OBJDUMP])
+])
+
+
+# _LT_DECL_SED
+# ------------
+# Check for a fully-functional sed program, that truncates
+# as few characters as possible. Prefer GNU sed if found.
+m4_defun([_LT_DECL_SED],
+[AC_PROG_SED
+test -z "$SED" && SED=sed
+Xsed="$SED -e 1s/^X//"
+_LT_DECL([], [SED], [1], [A sed program that does not truncate output])
+_LT_DECL([], [Xsed], ["\$SED -e 1s/^X//"],
+ [Sed that helps us avoid accidentally triggering echo(1) options like -n])
+])# _LT_DECL_SED
+
+m4_ifndef([AC_PROG_SED], [
+############################################################
+# NOTE: This macro has been submitted for inclusion into #
+# GNU Autoconf as AC_PROG_SED. When it is available in #
+# a released version of Autoconf we should remove this #
+# macro and use it instead. #
+############################################################
+
+m4_defun([AC_PROG_SED],
+[AC_MSG_CHECKING([for a sed that does not truncate output])
+AC_CACHE_VAL(lt_cv_path_SED,
+[# Loop through the user's path and test for sed and gsed.
+# Then use that list of sed's as ones to test for truncation.
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for lt_ac_prog in sed gsed; do
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if $as_executable_p "$as_dir/$lt_ac_prog$ac_exec_ext"; then
+ lt_ac_sed_list="$lt_ac_sed_list $as_dir/$lt_ac_prog$ac_exec_ext"
+ fi
+ done
+ done
+done
+IFS=$as_save_IFS
+lt_ac_max=0
+lt_ac_count=0
+# Add /usr/xpg4/bin/sed as it is typically found on Solaris
+# along with /bin/sed that truncates output.
+for lt_ac_sed in $lt_ac_sed_list /usr/xpg4/bin/sed; do
+ test ! -f $lt_ac_sed && continue
+ cat /dev/null > conftest.in
+ lt_ac_count=0
+ echo $ECHO_N "0123456789$ECHO_C" >conftest.in
+ # Check for GNU sed and select it if it is found.
+ if "$lt_ac_sed" --version 2>&1 < /dev/null | grep 'GNU' > /dev/null; then
+ lt_cv_path_SED=$lt_ac_sed
+ break
+ fi
+ while true; do
+ cat conftest.in conftest.in >conftest.tmp
+ mv conftest.tmp conftest.in
+ cp conftest.in conftest.nl
+ echo >>conftest.nl
+ $lt_ac_sed -e 's/a$//' < conftest.nl >conftest.out || break
+ cmp -s conftest.out conftest.nl || break
+ # 10000 chars as input seems more than enough
+ test $lt_ac_count -gt 10 && break
+ lt_ac_count=`expr $lt_ac_count + 1`
+ if test $lt_ac_count -gt $lt_ac_max; then
+ lt_ac_max=$lt_ac_count
+ lt_cv_path_SED=$lt_ac_sed
+ fi
+ done
+done
+])
+SED=$lt_cv_path_SED
+AC_SUBST([SED])
+AC_MSG_RESULT([$SED])
+])#AC_PROG_SED
+])#m4_ifndef
+
+# Old name:
+AU_ALIAS([LT_AC_PROG_SED], [AC_PROG_SED])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([LT_AC_PROG_SED], [])
+
+
+# _LT_CHECK_SHELL_FEATURES
+# ------------------------
+# Find out whether the shell is Bourne or XSI compatible,
+# or has some other useful features.
+m4_defun([_LT_CHECK_SHELL_FEATURES],
+[AC_MSG_CHECKING([whether the shell understands some XSI constructs])
+# Try some XSI features
+xsi_shell=no
+( _lt_dummy="a/b/c"
+ test "${_lt_dummy##*/},${_lt_dummy%/*},"${_lt_dummy%"$_lt_dummy"}, \
+ = c,a/b,, \
+ && eval 'test $(( 1 + 1 )) -eq 2 \
+ && test "${#_lt_dummy}" -eq 5' ) >/dev/null 2>&1 \
+ && xsi_shell=yes
+AC_MSG_RESULT([$xsi_shell])
+_LT_CONFIG_LIBTOOL_INIT([xsi_shell='$xsi_shell'])
+
+AC_MSG_CHECKING([whether the shell understands "+="])
+lt_shell_append=no
+( foo=bar; set foo baz; eval "$[1]+=\$[2]" && test "$foo" = barbaz ) \
+ >/dev/null 2>&1 \
+ && lt_shell_append=yes
+AC_MSG_RESULT([$lt_shell_append])
+_LT_CONFIG_LIBTOOL_INIT([lt_shell_append='$lt_shell_append'])
+
+if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then
+ lt_unset=unset
+else
+ lt_unset=false
+fi
+_LT_DECL([], [lt_unset], [0], [whether the shell understands "unset"])dnl
+
+# test EBCDIC or ASCII
+case `echo X|tr X '\101'` in
+ A) # ASCII based system
+ # \n is not interpreted correctly by Solaris 8 /usr/ucb/tr
+ lt_SP2NL='tr \040 \012'
+ lt_NL2SP='tr \015\012 \040\040'
+ ;;
+ *) # EBCDIC based system
+ lt_SP2NL='tr \100 \n'
+ lt_NL2SP='tr \r\n \100\100'
+ ;;
+esac
+_LT_DECL([SP2NL], [lt_SP2NL], [1], [turn spaces into newlines])dnl
+_LT_DECL([NL2SP], [lt_NL2SP], [1], [turn newlines into spaces])dnl
+])# _LT_CHECK_SHELL_FEATURES
+
+
+# _LT_PROG_XSI_SHELLFNS
+# ---------------------
+# Bourne and XSI compatible variants of some useful shell functions.
+m4_defun([_LT_PROG_XSI_SHELLFNS],
+[case $xsi_shell in
+ yes)
+ cat << \_LT_EOF >> "$cfgfile"
+
+# func_dirname file append nondir_replacement
+# Compute the dirname of FILE. If nonempty, add APPEND to the result,
+# otherwise set result to NONDIR_REPLACEMENT.
+func_dirname ()
+{
+ case ${1} in
+ */*) func_dirname_result="${1%/*}${2}" ;;
+ * ) func_dirname_result="${3}" ;;
+ esac
+}
+
+# func_basename file
+func_basename ()
+{
+ func_basename_result="${1##*/}"
+}
+
+# func_dirname_and_basename file append nondir_replacement
+# perform func_basename and func_dirname in a single function
+# call:
+# dirname: Compute the dirname of FILE. If nonempty,
+# add APPEND to the result, otherwise set result
+# to NONDIR_REPLACEMENT.
+# value returned in "$func_dirname_result"
+# basename: Compute filename of FILE.
+# value retuned in "$func_basename_result"
+# Implementation must be kept synchronized with func_dirname
+# and func_basename. For efficiency, we do not delegate to
+# those functions but instead duplicate the functionality here.
+func_dirname_and_basename ()
+{
+ case ${1} in
+ */*) func_dirname_result="${1%/*}${2}" ;;
+ * ) func_dirname_result="${3}" ;;
+ esac
+ func_basename_result="${1##*/}"
+}
+
+# func_stripname prefix suffix name
+# strip PREFIX and SUFFIX off of NAME.
+# PREFIX and SUFFIX must not contain globbing or regex special
+# characters, hashes, percent signs, but SUFFIX may contain a leading
+# dot (in which case that matches only a dot).
+func_stripname ()
+{
+ # pdksh 5.2.14 does not do ${X%$Y} correctly if both X and Y are
+ # positional parameters, so assign one to ordinary parameter first.
+ func_stripname_result=${3}
+ func_stripname_result=${func_stripname_result#"${1}"}
+ func_stripname_result=${func_stripname_result%"${2}"}
+}
+
+# func_opt_split
+func_opt_split ()
+{
+ func_opt_split_opt=${1%%=*}
+ func_opt_split_arg=${1#*=}
+}
+
+# func_lo2o object
+func_lo2o ()
+{
+ case ${1} in
+ *.lo) func_lo2o_result=${1%.lo}.${objext} ;;
+ *) func_lo2o_result=${1} ;;
+ esac
+}
+
+# func_xform libobj-or-source
+func_xform ()
+{
+ func_xform_result=${1%.*}.lo
+}
+
+# func_arith arithmetic-term...
+func_arith ()
+{
+ func_arith_result=$(( $[*] ))
+}
+
+# func_len string
+# STRING may not start with a hyphen.
+func_len ()
+{
+ func_len_result=${#1}
+}
+
+_LT_EOF
+ ;;
+ *) # Bourne compatible functions.
+ cat << \_LT_EOF >> "$cfgfile"
+
+# func_dirname file append nondir_replacement
+# Compute the dirname of FILE. If nonempty, add APPEND to the result,
+# otherwise set result to NONDIR_REPLACEMENT.
+func_dirname ()
+{
+ # Extract subdirectory from the argument.
+ func_dirname_result=`$ECHO "X${1}" | $Xsed -e "$dirname"`
+ if test "X$func_dirname_result" = "X${1}"; then
+ func_dirname_result="${3}"
+ else
+ func_dirname_result="$func_dirname_result${2}"
+ fi
+}
+
+# func_basename file
+func_basename ()
+{
+ func_basename_result=`$ECHO "X${1}" | $Xsed -e "$basename"`
+}
+
+dnl func_dirname_and_basename
+dnl A portable version of this function is already defined in general.m4sh
+dnl so there is no need for it here.
+
+# func_stripname prefix suffix name
+# strip PREFIX and SUFFIX off of NAME.
+# PREFIX and SUFFIX must not contain globbing or regex special
+# characters, hashes, percent signs, but SUFFIX may contain a leading
+# dot (in which case that matches only a dot).
+# func_strip_suffix prefix name
+func_stripname ()
+{
+ case ${2} in
+ .*) func_stripname_result=`$ECHO "X${3}" \
+ | $Xsed -e "s%^${1}%%" -e "s%\\\\${2}\$%%"`;;
+ *) func_stripname_result=`$ECHO "X${3}" \
+ | $Xsed -e "s%^${1}%%" -e "s%${2}\$%%"`;;
+ esac
+}
+
+# sed scripts:
+my_sed_long_opt='1s/^\(-[[^=]]*\)=.*/\1/;q'
+my_sed_long_arg='1s/^-[[^=]]*=//'
+
+# func_opt_split
+func_opt_split ()
+{
+ func_opt_split_opt=`$ECHO "X${1}" | $Xsed -e "$my_sed_long_opt"`
+ func_opt_split_arg=`$ECHO "X${1}" | $Xsed -e "$my_sed_long_arg"`
+}
+
+# func_lo2o object
+func_lo2o ()
+{
+ func_lo2o_result=`$ECHO "X${1}" | $Xsed -e "$lo2o"`
+}
+
+# func_xform libobj-or-source
+func_xform ()
+{
+ func_xform_result=`$ECHO "X${1}" | $Xsed -e 's/\.[[^.]]*$/.lo/'`
+}
+
+# func_arith arithmetic-term...
+func_arith ()
+{
+ func_arith_result=`expr "$[@]"`
+}
+
+# func_len string
+# STRING may not start with a hyphen.
+func_len ()
+{
+ func_len_result=`expr "$[1]" : ".*" 2>/dev/null || echo $max_cmd_len`
+}
+
+_LT_EOF
+esac
+
+case $lt_shell_append in
+ yes)
+ cat << \_LT_EOF >> "$cfgfile"
+
+# func_append var value
+# Append VALUE to the end of shell variable VAR.
+func_append ()
+{
+ eval "$[1]+=\$[2]"
+}
+_LT_EOF
+ ;;
+ *)
+ cat << \_LT_EOF >> "$cfgfile"
+
+# func_append var value
+# Append VALUE to the end of shell variable VAR.
+func_append ()
+{
+ eval "$[1]=\$$[1]\$[2]"
+}
+
+_LT_EOF
+ ;;
+ esac
+])
Added: trunk/contrib/sudo/m4/ltoptions.m4
===================================================================
--- trunk/contrib/sudo/m4/ltoptions.m4 (rev 0)
+++ trunk/contrib/sudo/m4/ltoptions.m4 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,368 @@
+# Helper functions for option handling. -*- Autoconf -*-
+#
+# Copyright (C) 2004, 2005, 2007, 2008 Free Software Foundation, Inc.
+# Written by Gary V. Vaughan, 2004
+#
+# This file is free software; the Free Software Foundation gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+
+# serial 6 ltoptions.m4
+
+# This is to help aclocal find these macros, as it can't see m4_define.
+AC_DEFUN([LTOPTIONS_VERSION], [m4_if([1])])
+
+
+# _LT_MANGLE_OPTION(MACRO-NAME, OPTION-NAME)
+# ------------------------------------------
+m4_define([_LT_MANGLE_OPTION],
+[[_LT_OPTION_]m4_bpatsubst($1__$2, [[^a-zA-Z0-9_]], [_])])
+
+
+# _LT_SET_OPTION(MACRO-NAME, OPTION-NAME)
+# ---------------------------------------
+# Set option OPTION-NAME for macro MACRO-NAME, and if there is a
+# matching handler defined, dispatch to it. Other OPTION-NAMEs are
+# saved as a flag.
+m4_define([_LT_SET_OPTION],
+[m4_define(_LT_MANGLE_OPTION([$1], [$2]))dnl
+m4_ifdef(_LT_MANGLE_DEFUN([$1], [$2]),
+ _LT_MANGLE_DEFUN([$1], [$2]),
+ [m4_warning([Unknown $1 option `$2'])])[]dnl
+])
+
+
+# _LT_IF_OPTION(MACRO-NAME, OPTION-NAME, IF-SET, [IF-NOT-SET])
+# ------------------------------------------------------------
+# Execute IF-SET if OPTION is set, IF-NOT-SET otherwise.
+m4_define([_LT_IF_OPTION],
+[m4_ifdef(_LT_MANGLE_OPTION([$1], [$2]), [$3], [$4])])
+
+
+# _LT_UNLESS_OPTIONS(MACRO-NAME, OPTION-LIST, IF-NOT-SET)
+# -------------------------------------------------------
+# Execute IF-NOT-SET unless all options in OPTION-LIST for MACRO-NAME
+# are set.
+m4_define([_LT_UNLESS_OPTIONS],
+[m4_foreach([_LT_Option], m4_split(m4_normalize([$2])),
+ [m4_ifdef(_LT_MANGLE_OPTION([$1], _LT_Option),
+ [m4_define([$0_found])])])[]dnl
+m4_ifdef([$0_found], [m4_undefine([$0_found])], [$3
+])[]dnl
+])
+
+
+# _LT_SET_OPTIONS(MACRO-NAME, OPTION-LIST)
+# ----------------------------------------
+# OPTION-LIST is a space-separated list of Libtool options associated
+# with MACRO-NAME. If any OPTION has a matching handler declared with
+# LT_OPTION_DEFINE, dispatch to that macro; otherwise complain about
+# the unknown option and exit.
+m4_defun([_LT_SET_OPTIONS],
+[# Set options
+m4_foreach([_LT_Option], m4_split(m4_normalize([$2])),
+ [_LT_SET_OPTION([$1], _LT_Option)])
+
+m4_if([$1],[LT_INIT],[
+ dnl
+ dnl Simply set some default values (i.e off) if boolean options were not
+ dnl specified:
+ _LT_UNLESS_OPTIONS([LT_INIT], [dlopen], [enable_dlopen=no
+ ])
+ _LT_UNLESS_OPTIONS([LT_INIT], [win32-dll], [enable_win32_dll=no
+ ])
+ dnl
+ dnl If no reference was made to various pairs of opposing options, then
+ dnl we run the default mode handler for the pair. For example, if neither
+ dnl `shared' nor `disable-shared' was passed, we enable building of shared
+ dnl archives by default:
+ _LT_UNLESS_OPTIONS([LT_INIT], [shared disable-shared], [_LT_ENABLE_SHARED])
+ _LT_UNLESS_OPTIONS([LT_INIT], [static disable-static], [_LT_ENABLE_STATIC])
+ _LT_UNLESS_OPTIONS([LT_INIT], [pic-only no-pic], [_LT_WITH_PIC])
+ _LT_UNLESS_OPTIONS([LT_INIT], [fast-install disable-fast-install],
+ [_LT_ENABLE_FAST_INSTALL])
+ ])
+])# _LT_SET_OPTIONS
+
+
+## --------------------------------- ##
+## Macros to handle LT_INIT options. ##
+## --------------------------------- ##
+
+# _LT_MANGLE_DEFUN(MACRO-NAME, OPTION-NAME)
+# -----------------------------------------
+m4_define([_LT_MANGLE_DEFUN],
+[[_LT_OPTION_DEFUN_]m4_bpatsubst(m4_toupper([$1__$2]), [[^A-Z0-9_]], [_])])
+
+
+# LT_OPTION_DEFINE(MACRO-NAME, OPTION-NAME, CODE)
+# -----------------------------------------------
+m4_define([LT_OPTION_DEFINE],
+[m4_define(_LT_MANGLE_DEFUN([$1], [$2]), [$3])[]dnl
+])# LT_OPTION_DEFINE
+
+
+# dlopen
+# ------
+LT_OPTION_DEFINE([LT_INIT], [dlopen], [enable_dlopen=yes
+])
+
+AU_DEFUN([AC_LIBTOOL_DLOPEN],
+[_LT_SET_OPTION([LT_INIT], [dlopen])
+AC_DIAGNOSE([obsolete],
+[$0: Remove this warning and the call to _LT_SET_OPTION when you
+put the `dlopen' option into LT_INIT's first parameter.])
+])
+
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_LIBTOOL_DLOPEN], [])
+
+
+# win32-dll
+# ---------
+# Declare package support for building win32 dll's.
+LT_OPTION_DEFINE([LT_INIT], [win32-dll],
+[enable_win32_dll=yes
+
+case $host in
+*-*-cygwin* | *-*-mingw* | *-*-pw32* | *-cegcc*)
+ AC_CHECK_TOOL(AS, as, false)
+ AC_CHECK_TOOL(DLLTOOL, dlltool, false)
+ AC_CHECK_TOOL(OBJDUMP, objdump, false)
+ ;;
+esac
+
+test -z "$AS" && AS=as
+_LT_DECL([], [AS], [0], [Assembler program])dnl
+
+test -z "$DLLTOOL" && DLLTOOL=dlltool
+_LT_DECL([], [DLLTOOL], [0], [DLL creation program])dnl
+
+test -z "$OBJDUMP" && OBJDUMP=objdump
+_LT_DECL([], [OBJDUMP], [0], [Object dumper program])dnl
+])# win32-dll
+
+AU_DEFUN([AC_LIBTOOL_WIN32_DLL],
+[AC_REQUIRE([AC_CANONICAL_HOST])dnl
+_LT_SET_OPTION([LT_INIT], [win32-dll])
+AC_DIAGNOSE([obsolete],
+[$0: Remove this warning and the call to _LT_SET_OPTION when you
+put the `win32-dll' option into LT_INIT's first parameter.])
+])
+
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_LIBTOOL_WIN32_DLL], [])
+
+
+# _LT_ENABLE_SHARED([DEFAULT])
+# ----------------------------
+# implement the --enable-shared flag, and supports the `shared' and
+# `disable-shared' LT_INIT options.
+# DEFAULT is either `yes' or `no'. If omitted, it defaults to `yes'.
+m4_define([_LT_ENABLE_SHARED],
+[m4_define([_LT_ENABLE_SHARED_DEFAULT], [m4_if($1, no, no, yes)])dnl
+AC_ARG_ENABLE([shared],
+ [AS_HELP_STRING([--enable-shared@<:@=PKGS@:>@],
+ [build shared libraries @<:@default=]_LT_ENABLE_SHARED_DEFAULT[@:>@])],
+ [p=${PACKAGE-default}
+ case $enableval in
+ yes) enable_shared=yes ;;
+ no) enable_shared=no ;;
+ *)
+ enable_shared=no
+ # Look at the argument we got. We use all the common list separators.
+ lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
+ for pkg in $enableval; do
+ IFS="$lt_save_ifs"
+ if test "X$pkg" = "X$p"; then
+ enable_shared=yes
+ fi
+ done
+ IFS="$lt_save_ifs"
+ ;;
+ esac],
+ [enable_shared=]_LT_ENABLE_SHARED_DEFAULT)
+
+ _LT_DECL([build_libtool_libs], [enable_shared], [0],
+ [Whether or not to build shared libraries])
+])# _LT_ENABLE_SHARED
+
+LT_OPTION_DEFINE([LT_INIT], [shared], [_LT_ENABLE_SHARED([yes])])
+LT_OPTION_DEFINE([LT_INIT], [disable-shared], [_LT_ENABLE_SHARED([no])])
+
+# Old names:
+AC_DEFUN([AC_ENABLE_SHARED],
+[_LT_SET_OPTION([LT_INIT], m4_if([$1], [no], [disable-])[shared])
+])
+
+AC_DEFUN([AC_DISABLE_SHARED],
+[_LT_SET_OPTION([LT_INIT], [disable-shared])
+])
+
+AU_DEFUN([AM_ENABLE_SHARED], [AC_ENABLE_SHARED($@)])
+AU_DEFUN([AM_DISABLE_SHARED], [AC_DISABLE_SHARED($@)])
+
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AM_ENABLE_SHARED], [])
+dnl AC_DEFUN([AM_DISABLE_SHARED], [])
+
+
+
+# _LT_ENABLE_STATIC([DEFAULT])
+# ----------------------------
+# implement the --enable-static flag, and support the `static' and
+# `disable-static' LT_INIT options.
+# DEFAULT is either `yes' or `no'. If omitted, it defaults to `yes'.
+m4_define([_LT_ENABLE_STATIC],
+[m4_define([_LT_ENABLE_STATIC_DEFAULT], [m4_if($1, no, no, yes)])dnl
+AC_ARG_ENABLE([static],
+ [AS_HELP_STRING([--enable-static@<:@=PKGS@:>@],
+ [build static libraries @<:@default=]_LT_ENABLE_STATIC_DEFAULT[@:>@])],
+ [p=${PACKAGE-default}
+ case $enableval in
+ yes) enable_static=yes ;;
+ no) enable_static=no ;;
+ *)
+ enable_static=no
+ # Look at the argument we got. We use all the common list separators.
+ lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
+ for pkg in $enableval; do
+ IFS="$lt_save_ifs"
+ if test "X$pkg" = "X$p"; then
+ enable_static=yes
+ fi
+ done
+ IFS="$lt_save_ifs"
+ ;;
+ esac],
+ [enable_static=]_LT_ENABLE_STATIC_DEFAULT)
+
+ _LT_DECL([build_old_libs], [enable_static], [0],
+ [Whether or not to build static libraries])
+])# _LT_ENABLE_STATIC
+
+LT_OPTION_DEFINE([LT_INIT], [static], [_LT_ENABLE_STATIC([yes])])
+LT_OPTION_DEFINE([LT_INIT], [disable-static], [_LT_ENABLE_STATIC([no])])
+
+# Old names:
+AC_DEFUN([AC_ENABLE_STATIC],
+[_LT_SET_OPTION([LT_INIT], m4_if([$1], [no], [disable-])[static])
+])
+
+AC_DEFUN([AC_DISABLE_STATIC],
+[_LT_SET_OPTION([LT_INIT], [disable-static])
+])
+
+AU_DEFUN([AM_ENABLE_STATIC], [AC_ENABLE_STATIC($@)])
+AU_DEFUN([AM_DISABLE_STATIC], [AC_DISABLE_STATIC($@)])
+
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AM_ENABLE_STATIC], [])
+dnl AC_DEFUN([AM_DISABLE_STATIC], [])
+
+
+
+# _LT_ENABLE_FAST_INSTALL([DEFAULT])
+# ----------------------------------
+# implement the --enable-fast-install flag, and support the `fast-install'
+# and `disable-fast-install' LT_INIT options.
+# DEFAULT is either `yes' or `no'. If omitted, it defaults to `yes'.
+m4_define([_LT_ENABLE_FAST_INSTALL],
+[m4_define([_LT_ENABLE_FAST_INSTALL_DEFAULT], [m4_if($1, no, no, yes)])dnl
+AC_ARG_ENABLE([fast-install],
+ [AS_HELP_STRING([--enable-fast-install@<:@=PKGS@:>@],
+ [optimize for fast installation @<:@default=]_LT_ENABLE_FAST_INSTALL_DEFAULT[@:>@])],
+ [p=${PACKAGE-default}
+ case $enableval in
+ yes) enable_fast_install=yes ;;
+ no) enable_fast_install=no ;;
+ *)
+ enable_fast_install=no
+ # Look at the argument we got. We use all the common list separators.
+ lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
+ for pkg in $enableval; do
+ IFS="$lt_save_ifs"
+ if test "X$pkg" = "X$p"; then
+ enable_fast_install=yes
+ fi
+ done
+ IFS="$lt_save_ifs"
+ ;;
+ esac],
+ [enable_fast_install=]_LT_ENABLE_FAST_INSTALL_DEFAULT)
+
+_LT_DECL([fast_install], [enable_fast_install], [0],
+ [Whether or not to optimize for fast installation])dnl
+])# _LT_ENABLE_FAST_INSTALL
+
+LT_OPTION_DEFINE([LT_INIT], [fast-install], [_LT_ENABLE_FAST_INSTALL([yes])])
+LT_OPTION_DEFINE([LT_INIT], [disable-fast-install], [_LT_ENABLE_FAST_INSTALL([no])])
+
+# Old names:
+AU_DEFUN([AC_ENABLE_FAST_INSTALL],
+[_LT_SET_OPTION([LT_INIT], m4_if([$1], [no], [disable-])[fast-install])
+AC_DIAGNOSE([obsolete],
+[$0: Remove this warning and the call to _LT_SET_OPTION when you put
+the `fast-install' option into LT_INIT's first parameter.])
+])
+
+AU_DEFUN([AC_DISABLE_FAST_INSTALL],
+[_LT_SET_OPTION([LT_INIT], [disable-fast-install])
+AC_DIAGNOSE([obsolete],
+[$0: Remove this warning and the call to _LT_SET_OPTION when you put
+the `disable-fast-install' option into LT_INIT's first parameter.])
+])
+
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_ENABLE_FAST_INSTALL], [])
+dnl AC_DEFUN([AM_DISABLE_FAST_INSTALL], [])
+
+
+# _LT_WITH_PIC([MODE])
+# --------------------
+# implement the --with-pic flag, and support the `pic-only' and `no-pic'
+# LT_INIT options.
+# MODE is either `yes' or `no'. If omitted, it defaults to `both'.
+m4_define([_LT_WITH_PIC],
+[AC_ARG_WITH([pic],
+ [AS_HELP_STRING([--with-pic],
+ [try to use only PIC/non-PIC objects @<:@default=use both@:>@])],
+ [pic_mode="$withval"],
+ [pic_mode=default])
+
+test -z "$pic_mode" && pic_mode=m4_default([$1], [default])
+
+_LT_DECL([], [pic_mode], [0], [What type of objects to build])dnl
+])# _LT_WITH_PIC
+
+LT_OPTION_DEFINE([LT_INIT], [pic-only], [_LT_WITH_PIC([yes])])
+LT_OPTION_DEFINE([LT_INIT], [no-pic], [_LT_WITH_PIC([no])])
+
+# Old name:
+AU_DEFUN([AC_LIBTOOL_PICMODE],
+[_LT_SET_OPTION([LT_INIT], [pic-only])
+AC_DIAGNOSE([obsolete],
+[$0: Remove this warning and the call to _LT_SET_OPTION when you
+put the `pic-only' option into LT_INIT's first parameter.])
+])
+
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_LIBTOOL_PICMODE], [])
+
+## ----------------- ##
+## LTDL_INIT Options ##
+## ----------------- ##
+
+m4_define([_LTDL_MODE], [])
+LT_OPTION_DEFINE([LTDL_INIT], [nonrecursive],
+ [m4_define([_LTDL_MODE], [nonrecursive])])
+LT_OPTION_DEFINE([LTDL_INIT], [recursive],
+ [m4_define([_LTDL_MODE], [recursive])])
+LT_OPTION_DEFINE([LTDL_INIT], [subproject],
+ [m4_define([_LTDL_MODE], [subproject])])
+
+m4_define([_LTDL_TYPE], [])
+LT_OPTION_DEFINE([LTDL_INIT], [installable],
+ [m4_define([_LTDL_TYPE], [installable])])
+LT_OPTION_DEFINE([LTDL_INIT], [convenience],
+ [m4_define([_LTDL_TYPE], [convenience])])
Added: trunk/contrib/sudo/m4/ltsugar.m4
===================================================================
--- trunk/contrib/sudo/m4/ltsugar.m4 (rev 0)
+++ trunk/contrib/sudo/m4/ltsugar.m4 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,123 @@
+# ltsugar.m4 -- libtool m4 base layer. -*-Autoconf-*-
+#
+# Copyright (C) 2004, 2005, 2007, 2008 Free Software Foundation, Inc.
+# Written by Gary V. Vaughan, 2004
+#
+# This file is free software; the Free Software Foundation gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+
+# serial 6 ltsugar.m4
+
+# This is to help aclocal find these macros, as it can't see m4_define.
+AC_DEFUN([LTSUGAR_VERSION], [m4_if([0.1])])
+
+
+# lt_join(SEP, ARG1, [ARG2...])
+# -----------------------------
+# Produce ARG1SEPARG2...SEPARGn, omitting [] arguments and their
+# associated separator.
+# Needed until we can rely on m4_join from Autoconf 2.62, since all earlier
+# versions in m4sugar had bugs.
+m4_define([lt_join],
+[m4_if([$#], [1], [],
+ [$#], [2], [[$2]],
+ [m4_if([$2], [], [], [[$2]_])$0([$1], m4_shift(m4_shift($@)))])])
+m4_define([_lt_join],
+[m4_if([$#$2], [2], [],
+ [m4_if([$2], [], [], [[$1$2]])$0([$1], m4_shift(m4_shift($@)))])])
+
+
+# lt_car(LIST)
+# lt_cdr(LIST)
+# ------------
+# Manipulate m4 lists.
+# These macros are necessary as long as will still need to support
+# Autoconf-2.59 which quotes differently.
+m4_define([lt_car], [[$1]])
+m4_define([lt_cdr],
+[m4_if([$#], 0, [m4_fatal([$0: cannot be called without arguments])],
+ [$#], 1, [],
+ [m4_dquote(m4_shift($@))])])
+m4_define([lt_unquote], $1)
+
+
+# lt_append(MACRO-NAME, STRING, [SEPARATOR])
+# ------------------------------------------
+# Redefine MACRO-NAME to hold its former content plus `SEPARATOR'`STRING'.
+# Note that neither SEPARATOR nor STRING are expanded; they are appended
+# to MACRO-NAME as is (leaving the expansion for when MACRO-NAME is invoked).
+# No SEPARATOR is output if MACRO-NAME was previously undefined (different
+# than defined and empty).
+#
+# This macro is needed until we can rely on Autoconf 2.62, since earlier
+# versions of m4sugar mistakenly expanded SEPARATOR but not STRING.
+m4_define([lt_append],
+[m4_define([$1],
+ m4_ifdef([$1], [m4_defn([$1])[$3]])[$2])])
+
+
+
+# lt_combine(SEP, PREFIX-LIST, INFIX, SUFFIX1, [SUFFIX2...])
+# ----------------------------------------------------------
+# Produce a SEP delimited list of all paired combinations of elements of
+# PREFIX-LIST with SUFFIX1 through SUFFIXn. Each element of the list
+# has the form PREFIXmINFIXSUFFIXn.
+# Needed until we can rely on m4_combine added in Autoconf 2.62.
+m4_define([lt_combine],
+[m4_if(m4_eval([$# > 3]), [1],
+ [m4_pushdef([_Lt_sep], [m4_define([_Lt_sep], m4_defn([lt_car]))])]]dnl
+[[m4_foreach([_Lt_prefix], [$2],
+ [m4_foreach([_Lt_suffix],
+ ]m4_dquote(m4_dquote(m4_shift(m4_shift(m4_shift($@)))))[,
+ [_Lt_sep([$1])[]m4_defn([_Lt_prefix])[$3]m4_defn([_Lt_suffix])])])])])
+
+
+# lt_if_append_uniq(MACRO-NAME, VARNAME, [SEPARATOR], [UNIQ], [NOT-UNIQ])
+# -----------------------------------------------------------------------
+# Iff MACRO-NAME does not yet contain VARNAME, then append it (delimited
+# by SEPARATOR if supplied) and expand UNIQ, else NOT-UNIQ.
+m4_define([lt_if_append_uniq],
+[m4_ifdef([$1],
+ [m4_if(m4_index([$3]m4_defn([$1])[$3], [$3$2$3]), [-1],
+ [lt_append([$1], [$2], [$3])$4],
+ [$5])],
+ [lt_append([$1], [$2], [$3])$4])])
+
+
+# lt_dict_add(DICT, KEY, VALUE)
+# -----------------------------
+m4_define([lt_dict_add],
+[m4_define([$1($2)], [$3])])
+
+
+# lt_dict_add_subkey(DICT, KEY, SUBKEY, VALUE)
+# --------------------------------------------
+m4_define([lt_dict_add_subkey],
+[m4_define([$1($2:$3)], [$4])])
+
+
+# lt_dict_fetch(DICT, KEY, [SUBKEY])
+# ----------------------------------
+m4_define([lt_dict_fetch],
+[m4_ifval([$3],
+ m4_ifdef([$1($2:$3)], [m4_defn([$1($2:$3)])]),
+ m4_ifdef([$1($2)], [m4_defn([$1($2)])]))])
+
+
+# lt_if_dict_fetch(DICT, KEY, [SUBKEY], VALUE, IF-TRUE, [IF-FALSE])
+# -----------------------------------------------------------------
+m4_define([lt_if_dict_fetch],
+[m4_if(lt_dict_fetch([$1], [$2], [$3]), [$4],
+ [$5],
+ [$6])])
+
+
+# lt_dict_filter(DICT, [SUBKEY], VALUE, [SEPARATOR], KEY, [...])
+# --------------------------------------------------------------
+m4_define([lt_dict_filter],
+[m4_if([$5], [], [],
+ [lt_join(m4_quote(m4_default([$4], [[, ]])),
+ lt_unquote(m4_split(m4_normalize(m4_foreach(_Lt_key, lt_car([m4_shiftn(4, $@)]),
+ [lt_if_dict_fetch([$1], _Lt_key, [$2], [$3], [_Lt_key ])])))))])[]dnl
+])
Added: trunk/contrib/sudo/m4/ltversion.m4
===================================================================
--- trunk/contrib/sudo/m4/ltversion.m4 (rev 0)
+++ trunk/contrib/sudo/m4/ltversion.m4 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,23 @@
+# ltversion.m4 -- version numbers -*- Autoconf -*-
+#
+# Copyright (C) 2004 Free Software Foundation, Inc.
+# Written by Scott James Remnant, 2004
+#
+# This file is free software; the Free Software Foundation gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+
+# Generated from ltversion.in.
+
+# serial 3017 ltversion.m4
+# This file is part of GNU Libtool
+
+m4_define([LT_PACKAGE_VERSION], [2.2.6b])
+m4_define([LT_PACKAGE_REVISION], [1.3017])
+
+AC_DEFUN([LTVERSION_VERSION],
+[macro_version='2.2.6b'
+macro_revision='1.3017'
+_LT_DECL(, macro_version, 0, [Which release of libtool.m4 was used?])
+_LT_DECL(, macro_revision, 0)
+])
Added: trunk/contrib/sudo/m4/lt~obsolete.m4
===================================================================
--- trunk/contrib/sudo/m4/lt~obsolete.m4 (rev 0)
+++ trunk/contrib/sudo/m4/lt~obsolete.m4 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,92 @@
+# lt~obsolete.m4 -- aclocal satisfying obsolete definitions. -*-Autoconf-*-
+#
+# Copyright (C) 2004, 2005, 2007 Free Software Foundation, Inc.
+# Written by Scott James Remnant, 2004.
+#
+# This file is free software; the Free Software Foundation gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+
+# serial 4 lt~obsolete.m4
+
+# These exist entirely to fool aclocal when bootstrapping libtool.
+#
+# In the past libtool.m4 has provided macros via AC_DEFUN (or AU_DEFUN)
+# which have later been changed to m4_define as they aren't part of the
+# exported API, or moved to Autoconf or Automake where they belong.
+#
+# The trouble is, aclocal is a bit thick. It'll see the old AC_DEFUN
+# in /usr/share/aclocal/libtool.m4 and remember it, then when it sees us
+# using a macro with the same name in our local m4/libtool.m4 it'll
+# pull the old libtool.m4 in (it doesn't see our shiny new m4_define
+# and doesn't know about Autoconf macros at all.)
+#
+# So we provide this file, which has a silly filename so it's always
+# included after everything else. This provides aclocal with the
+# AC_DEFUNs it wants, but when m4 processes it, it doesn't do anything
+# because those macros already exist, or will be overwritten later.
+# We use AC_DEFUN over AU_DEFUN for compatibility with aclocal-1.6.
+#
+# Anytime we withdraw an AC_DEFUN or AU_DEFUN, remember to add it here.
+# Yes, that means every name once taken will need to remain here until
+# we give up compatibility with versions before 1.7, at which point
+# we need to keep only those names which we still refer to.
+
+# This is to help aclocal find these macros, as it can't see m4_define.
+AC_DEFUN([LTOBSOLETE_VERSION], [m4_if([1])])
+
+m4_ifndef([AC_LIBTOOL_LINKER_OPTION], [AC_DEFUN([AC_LIBTOOL_LINKER_OPTION])])
+m4_ifndef([AC_PROG_EGREP], [AC_DEFUN([AC_PROG_EGREP])])
+m4_ifndef([_LT_AC_PROG_ECHO_BACKSLASH], [AC_DEFUN([_LT_AC_PROG_ECHO_BACKSLASH])])
+m4_ifndef([_LT_AC_SHELL_INIT], [AC_DEFUN([_LT_AC_SHELL_INIT])])
+m4_ifndef([_LT_AC_SYS_LIBPATH_AIX], [AC_DEFUN([_LT_AC_SYS_LIBPATH_AIX])])
+m4_ifndef([_LT_PROG_LTMAIN], [AC_DEFUN([_LT_PROG_LTMAIN])])
+m4_ifndef([_LT_AC_TAGVAR], [AC_DEFUN([_LT_AC_TAGVAR])])
+m4_ifndef([AC_LTDL_ENABLE_INSTALL], [AC_DEFUN([AC_LTDL_ENABLE_INSTALL])])
+m4_ifndef([AC_LTDL_PREOPEN], [AC_DEFUN([AC_LTDL_PREOPEN])])
+m4_ifndef([_LT_AC_SYS_COMPILER], [AC_DEFUN([_LT_AC_SYS_COMPILER])])
+m4_ifndef([_LT_AC_LOCK], [AC_DEFUN([_LT_AC_LOCK])])
+m4_ifndef([AC_LIBTOOL_SYS_OLD_ARCHIVE], [AC_DEFUN([AC_LIBTOOL_SYS_OLD_ARCHIVE])])
+m4_ifndef([_LT_AC_TRY_DLOPEN_SELF], [AC_DEFUN([_LT_AC_TRY_DLOPEN_SELF])])
+m4_ifndef([AC_LIBTOOL_PROG_CC_C_O], [AC_DEFUN([AC_LIBTOOL_PROG_CC_C_O])])
+m4_ifndef([AC_LIBTOOL_SYS_HARD_LINK_LOCKS], [AC_DEFUN([AC_LIBTOOL_SYS_HARD_LINK_LOCKS])])
+m4_ifndef([AC_LIBTOOL_OBJDIR], [AC_DEFUN([AC_LIBTOOL_OBJDIR])])
+m4_ifndef([AC_LTDL_OBJDIR], [AC_DEFUN([AC_LTDL_OBJDIR])])
+m4_ifndef([AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH], [AC_DEFUN([AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH])])
+m4_ifndef([AC_LIBTOOL_SYS_LIB_STRIP], [AC_DEFUN([AC_LIBTOOL_SYS_LIB_STRIP])])
+m4_ifndef([AC_PATH_MAGIC], [AC_DEFUN([AC_PATH_MAGIC])])
+m4_ifndef([AC_PROG_LD_GNU], [AC_DEFUN([AC_PROG_LD_GNU])])
+m4_ifndef([AC_PROG_LD_RELOAD_FLAG], [AC_DEFUN([AC_PROG_LD_RELOAD_FLAG])])
+m4_ifndef([AC_DEPLIBS_CHECK_METHOD], [AC_DEFUN([AC_DEPLIBS_CHECK_METHOD])])
+m4_ifndef([AC_LIBTOOL_PROG_COMPILER_NO_RTTI], [AC_DEFUN([AC_LIBTOOL_PROG_COMPILER_NO_RTTI])])
+m4_ifndef([AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE], [AC_DEFUN([AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE])])
+m4_ifndef([AC_LIBTOOL_PROG_COMPILER_PIC], [AC_DEFUN([AC_LIBTOOL_PROG_COMPILER_PIC])])
+m4_ifndef([AC_LIBTOOL_PROG_LD_SHLIBS], [AC_DEFUN([AC_LIBTOOL_PROG_LD_SHLIBS])])
+m4_ifndef([AC_LIBTOOL_POSTDEP_PREDEP], [AC_DEFUN([AC_LIBTOOL_POSTDEP_PREDEP])])
+m4_ifndef([LT_AC_PROG_EGREP], [AC_DEFUN([LT_AC_PROG_EGREP])])
+m4_ifndef([LT_AC_PROG_SED], [AC_DEFUN([LT_AC_PROG_SED])])
+m4_ifndef([_LT_CC_BASENAME], [AC_DEFUN([_LT_CC_BASENAME])])
+m4_ifndef([_LT_COMPILER_BOILERPLATE], [AC_DEFUN([_LT_COMPILER_BOILERPLATE])])
+m4_ifndef([_LT_LINKER_BOILERPLATE], [AC_DEFUN([_LT_LINKER_BOILERPLATE])])
+m4_ifndef([_AC_PROG_LIBTOOL], [AC_DEFUN([_AC_PROG_LIBTOOL])])
+m4_ifndef([AC_LIBTOOL_SETUP], [AC_DEFUN([AC_LIBTOOL_SETUP])])
+m4_ifndef([_LT_AC_CHECK_DLFCN], [AC_DEFUN([_LT_AC_CHECK_DLFCN])])
+m4_ifndef([AC_LIBTOOL_SYS_DYNAMIC_LINKER], [AC_DEFUN([AC_LIBTOOL_SYS_DYNAMIC_LINKER])])
+m4_ifndef([_LT_AC_TAGCONFIG], [AC_DEFUN([_LT_AC_TAGCONFIG])])
+m4_ifndef([AC_DISABLE_FAST_INSTALL], [AC_DEFUN([AC_DISABLE_FAST_INSTALL])])
+m4_ifndef([_LT_AC_LANG_CXX], [AC_DEFUN([_LT_AC_LANG_CXX])])
+m4_ifndef([_LT_AC_LANG_F77], [AC_DEFUN([_LT_AC_LANG_F77])])
+m4_ifndef([_LT_AC_LANG_GCJ], [AC_DEFUN([_LT_AC_LANG_GCJ])])
+m4_ifndef([AC_LIBTOOL_RC], [AC_DEFUN([AC_LIBTOOL_RC])])
+m4_ifndef([AC_LIBTOOL_LANG_C_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_C_CONFIG])])
+m4_ifndef([_LT_AC_LANG_C_CONFIG], [AC_DEFUN([_LT_AC_LANG_C_CONFIG])])
+m4_ifndef([AC_LIBTOOL_LANG_CXX_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_CXX_CONFIG])])
+m4_ifndef([_LT_AC_LANG_CXX_CONFIG], [AC_DEFUN([_LT_AC_LANG_CXX_CONFIG])])
+m4_ifndef([AC_LIBTOOL_LANG_F77_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_F77_CONFIG])])
+m4_ifndef([_LT_AC_LANG_F77_CONFIG], [AC_DEFUN([_LT_AC_LANG_F77_CONFIG])])
+m4_ifndef([AC_LIBTOOL_LANG_GCJ_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_GCJ_CONFIG])])
+m4_ifndef([_LT_AC_LANG_GCJ_CONFIG], [AC_DEFUN([_LT_AC_LANG_GCJ_CONFIG])])
+m4_ifndef([AC_LIBTOOL_LANG_RC_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_RC_CONFIG])])
+m4_ifndef([_LT_AC_LANG_RC_CONFIG], [AC_DEFUN([_LT_AC_LANG_RC_CONFIG])])
+m4_ifndef([AC_LIBTOOL_CONFIG], [AC_DEFUN([AC_LIBTOOL_CONFIG])])
+m4_ifndef([_LT_AC_FILE_LTDLL_C], [AC_DEFUN([_LT_AC_FILE_LTDLL_C])])
Modified: trunk/contrib/sudo/match.c
===================================================================
--- trunk/contrib/sudo/match.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/match.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1996, 1998-2005, 2007-2010
+ * Copyright (c) 1996, 1998-2005, 2007-2011
* Todd C. Miller <Todd.Miller at courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
@@ -146,7 +146,7 @@
if (matched != UNSPEC)
break;
}
- return(matched);
+ return matched;
}
int
@@ -155,7 +155,7 @@
struct member_list *list;
{
alias_seqno++;
- return(_userlist_matches(pw, list));
+ return _userlist_matches(pw, list);
}
/*
@@ -177,7 +177,7 @@
if (runas_pw != NULL) {
/* If no runas user or runas group listed in sudoers, use default. */
if (tq_empty(user_list) && tq_empty(group_list))
- return(userpw_matches(def_runas_default, runas_pw->pw_name, runas_pw));
+ return userpw_matches(def_runas_default, runas_pw->pw_name, runas_pw);
tq_foreach_rev(user_list, m) {
switch (m->type) {
@@ -239,10 +239,10 @@
}
if (user_matched == DENY || group_matched == DENY)
- return(DENY);
+ return DENY;
if (user_matched == group_matched || runas_gr == NULL)
- return(user_matched);
- return(UNSPEC);
+ return user_matched;
+ return UNSPEC;
}
int
@@ -251,8 +251,8 @@
struct member_list *group_list;
{
alias_seqno++;
- return(_runaslist_matches(user_list ? user_list : &empty,
- group_list ? group_list : &empty));
+ return _runaslist_matches(user_list ? user_list : &empty,
+ group_list ? group_list : &empty);
}
/*
@@ -296,7 +296,7 @@
if (matched != UNSPEC)
break;
}
- return(matched);
+ return matched;
}
int
@@ -304,7 +304,7 @@
struct member_list *list;
{
alias_seqno++;
- return(_hostlist_matches(list));
+ return _hostlist_matches(list);
}
/*
@@ -323,7 +323,7 @@
if (matched != UNSPEC)
break;
}
- return(matched);
+ return matched;
}
int
@@ -331,7 +331,7 @@
struct member_list *list;
{
alias_seqno++;
- return(_cmndlist_matches(list));
+ return _cmndlist_matches(list);
}
/*
@@ -364,9 +364,37 @@
matched = !m->negated;
break;
}
- return(matched);
+ return matched;
}
+static int
+command_args_match(sudoers_cmnd, sudoers_args)
+ char *sudoers_cmnd;
+ char *sudoers_args;
+{
+ int flags = 0;
+
+ /*
+ * If no args specified in sudoers, any user args are allowed.
+ * If the empty string is specified in sudoers, no user args are allowed.
+ */
+ if (!sudoers_args ||
+ (!user_args && sudoers_args && !strcmp("\"\"", sudoers_args)))
+ return TRUE;
+ /*
+ * If args are specified in sudoers, they must match the user args.
+ * If running as sudoedit, all args are assumed to be paths.
+ */
+ if (sudoers_args) {
+ /* For sudoedit, all args are assumed to be pathnames. */
+ if (strcmp(sudoers_cmnd, "sudoedit") == 0)
+ flags = FNM_PATHNAME;
+ if (fnmatch(sudoers_args, user_args ? user_args : "", flags) == 0)
+ return TRUE;
+ }
+ return FALSE;
+}
+
/*
* If path doesn't end in /, return TRUE iff cmnd & path name the same inode;
* otherwise, return TRUE if user_cmnd names one of the inodes in path.
@@ -386,16 +414,13 @@
*/
if (strcmp(sudoers_cmnd, "sudoedit") != 0 ||
strcmp(user_cmnd, "sudoedit") != 0)
- return(FALSE);
- if (!sudoers_args ||
- (!user_args && sudoers_args && !strcmp("\"\"", sudoers_args)) ||
- (sudoers_args &&
- fnmatch(sudoers_args, user_args ? user_args : "", 0) == 0)) {
+ return FALSE;
+ if (command_args_match(sudoers_cmnd, sudoers_args)) {
efree(safe_cmnd);
safe_cmnd = estrdup(sudoers_cmnd);
- return(TRUE);
+ return TRUE;
} else
- return(FALSE);
+ return FALSE;
}
if (has_meta(sudoers_cmnd)) {
@@ -404,10 +429,10 @@
* use glob(3) and/or fnmatch(3) to do the matching.
*/
if (def_fast_glob)
- return(command_matches_fnmatch(sudoers_cmnd, sudoers_args));
- return(command_matches_glob(sudoers_cmnd, sudoers_args));
+ return command_matches_fnmatch(sudoers_cmnd, sudoers_args);
+ return command_matches_glob(sudoers_cmnd, sudoers_args);
}
- return(command_matches_normal(sudoers_cmnd, sudoers_args));
+ return command_matches_normal(sudoers_cmnd, sudoers_args);
}
static int
@@ -423,17 +448,14 @@
* else return false.
*/
if (fnmatch(sudoers_cmnd, user_cmnd, FNM_PATHNAME) != 0)
- return(FALSE);
- if (!sudoers_args ||
- (!user_args && sudoers_args && !strcmp("\"\"", sudoers_args)) ||
- (sudoers_args &&
- fnmatch(sudoers_args, user_args ? user_args : "", 0) == 0)) {
+ return FALSE;
+ if (command_args_match(sudoers_cmnd, sudoers_args)) {
if (safe_cmnd)
free(safe_cmnd);
safe_cmnd = estrdup(user_cmnd);
- return(TRUE);
+ return TRUE;
} else
- return(FALSE);
+ return FALSE;
}
static int
@@ -456,7 +478,7 @@
if ((base = strrchr(sudoers_cmnd, '/')) != NULL) {
base++;
if (!has_meta(base) && strcmp(user_base, base) != 0)
- return(FALSE);
+ return FALSE;
}
}
/*
@@ -469,7 +491,7 @@
#define GLOB_FLAGS (GLOB_NOSORT | GLOB_MARK | GLOB_BRACE | GLOB_TILDE)
if (glob(sudoers_cmnd, GLOB_FLAGS, NULL, &gl) != 0 || gl.gl_pathc == 0) {
globfree(&gl);
- return(FALSE);
+ return FALSE;
}
/* For each glob match, compare basename, st_dev and st_ino. */
for (ap = gl.gl_pathv; (cp = *ap) != NULL; ap++) {
@@ -477,7 +499,7 @@
dlen = strlen(cp);
if (cp[dlen - 1] == '/') {
if (command_matches_dir(cp, dlen))
- return(TRUE);
+ return TRUE;
continue;
}
@@ -499,17 +521,14 @@
}
globfree(&gl);
if (cp == NULL)
- return(FALSE);
+ return FALSE;
- if (!sudoers_args ||
- (!user_args && sudoers_args && !strcmp("\"\"", sudoers_args)) ||
- (sudoers_args &&
- fnmatch(sudoers_args, user_args ? user_args : "", 0) == 0)) {
+ if (command_args_match(sudoers_cmnd, sudoers_args)) {
efree(safe_cmnd);
safe_cmnd = estrdup(user_cmnd);
- return(TRUE);
+ return TRUE;
}
- return(FALSE);
+ return FALSE;
}
static int
@@ -524,7 +543,7 @@
/* If it ends in '/' it is a directory spec. */
dlen = strlen(sudoers_cmnd);
if (sudoers_cmnd[dlen - 1] == '/')
- return(command_matches_dir(sudoers_cmnd, dlen));
+ return command_matches_dir(sudoers_cmnd, dlen);
/* Only proceed if user_base and basename(sudoers_cmnd) match */
if ((base = strrchr(sudoers_cmnd, '/')) == NULL)
@@ -533,7 +552,7 @@
base++;
if (strcmp(user_base, base) != 0 ||
stat(sudoers_cmnd, &sudoers_stat) == -1)
- return(FALSE);
+ return FALSE;
/*
* Return true if inode/device matches AND
@@ -544,16 +563,13 @@
if (user_stat != NULL &&
(user_stat->st_dev != sudoers_stat.st_dev ||
user_stat->st_ino != sudoers_stat.st_ino))
- return(FALSE);
- if (!sudoers_args ||
- (!user_args && sudoers_args && !strcmp("\"\"", sudoers_args)) ||
- (sudoers_args &&
- fnmatch(sudoers_args, user_args ? user_args : "", 0) == 0)) {
+ return FALSE;
+ if (command_args_match(sudoers_cmnd, sudoers_args)) {
efree(safe_cmnd);
safe_cmnd = estrdup(sudoers_cmnd);
- return(TRUE);
+ return TRUE;
}
- return(FALSE);
+ return FALSE;
}
/*
@@ -574,11 +590,11 @@
*/
dirp = opendir(sudoers_dir);
if (dirp == NULL)
- return(FALSE);
+ return FALSE;
if (strlcpy(buf, sudoers_dir, sizeof(buf)) >= sizeof(buf)) {
closedir(dirp);
- return(FALSE);
+ return FALSE;
}
while ((dent = readdir(dirp)) != NULL) {
/* ignore paths > PATH_MAX (XXX - log) */
@@ -599,7 +615,7 @@
}
closedir(dirp);
- return(dent != NULL);
+ return dent != NULL;
}
static int
@@ -633,24 +649,24 @@
if (ifp->addr.ip4.s_addr == addr.ip4.s_addr ||
(ifp->addr.ip4.s_addr & ifp->netmask.ip4.s_addr)
== addr.ip4.s_addr)
- return(TRUE);
+ return TRUE;
break;
#ifdef HAVE_IN6_ADDR
case AF_INET6:
if (memcmp(ifp->addr.ip6.s6_addr, addr.ip6.s6_addr,
sizeof(addr.ip6.s6_addr)) == 0)
- return(TRUE);
+ return TRUE;
for (j = 0; j < sizeof(addr.ip6.s6_addr); j++) {
if ((ifp->addr.ip6.s6_addr[j] & ifp->netmask.ip6.s6_addr[j]) != addr.ip6.s6_addr[j])
break;
}
if (j == sizeof(addr.ip6.s6_addr))
- return(TRUE);
+ return TRUE;
#endif
}
}
- return(FALSE);
+ return FALSE;
}
static int
@@ -710,7 +726,7 @@
switch(family) {
case AF_INET:
if ((ifp->addr.ip4.s_addr & mask.ip4.s_addr) == addr.ip4.s_addr)
- return(TRUE);
+ return TRUE;
#ifdef HAVE_IN6_ADDR
case AF_INET6:
for (j = 0; j < sizeof(addr.ip6.s6_addr); j++) {
@@ -718,12 +734,12 @@
break;
}
if (j == sizeof(addr.ip6.s6_addr))
- return(TRUE);
+ return TRUE;
#endif /* HAVE_IN6_ADDR */
}
}
- return(FALSE);
+ return FALSE;
}
/*
@@ -745,7 +761,7 @@
} else
retval = addr_matches_if(n);
- return(retval);
+ return retval;
}
/*
@@ -759,14 +775,14 @@
{
if (has_meta(pattern)) {
if (strchr(pattern, '.'))
- return(!fnmatch(pattern, lhost, FNM_CASEFOLD));
+ return !fnmatch(pattern, lhost, FNM_CASEFOLD);
else
- return(!fnmatch(pattern, shost, FNM_CASEFOLD));
+ return !fnmatch(pattern, shost, FNM_CASEFOLD);
} else {
if (strchr(pattern, '.'))
- return(!strcasecmp(lhost, pattern));
+ return !strcasecmp(lhost, pattern);
else
- return(!strcasecmp(shost, pattern));
+ return !strcasecmp(shost, pattern);
}
}
@@ -783,9 +799,9 @@
if (pw != NULL && *sudoers_user == '#') {
uid_t uid = (uid_t) atoi(sudoers_user + 1);
if (uid == pw->pw_uid)
- return(TRUE);
+ return TRUE;
}
- return(strcmp(sudoers_user, user) == 0);
+ return strcmp(sudoers_user, user) == 0;
}
/*
@@ -800,9 +816,9 @@
if (*sudoers_group == '#') {
gid_t gid = (gid_t) atoi(sudoers_group + 1);
if (gid == gr->gr_gid)
- return(TRUE);
+ return TRUE;
}
- return(strcmp(gr->gr_name, sudoers_group) == 0);
+ return strcmp(gr->gr_name, sudoers_group) == 0;
}
/*
@@ -815,30 +831,46 @@
char *user;
struct passwd *pw;
{
+ int matched = FALSE;
+ struct passwd *pw0 = NULL;
+
/* make sure we have a valid usergroup, sudo style */
if (*group++ != '%')
- return(FALSE);
+ goto done;
#ifdef USING_NONUNIX_GROUPS
- if (*group == ':')
- return(sudo_nonunix_groupcheck(++group, user, pw));
+ if (*group == ':') {
+ matched = sudo_nonunix_groupcheck(++group, user, pw);
+ goto done;
+ }
#endif /* USING_NONUNIX_GROUPS */
/* look up user's primary gid in the passwd file */
- if (pw == NULL && (pw = sudo_getpwnam(user)) == NULL)
- return(FALSE);
+ if (pw == NULL) {
+ if ((pw0 = sudo_getpwnam(user)) == NULL)
+ goto done;
+ pw = pw0;
+ }
- if (user_in_group(pw, group))
- return(TRUE);
+ if (user_in_group(pw, group)) {
+ matched = TRUE;
+ goto done;
+ }
#ifdef USING_NONUNIX_GROUPS
/* not a Unix group, could be an AD group */
if (sudo_nonunix_groupcheck_available() &&
- sudo_nonunix_groupcheck(group, user, pw))
- return(TRUE);
+ sudo_nonunix_groupcheck(group, user, pw)) {
+ matched = TRUE;
+ goto done;
+ }
#endif /* USING_NONUNIX_GROUPS */
- return(FALSE);
+done:
+ if (pw0 != NULL)
+ pw_delref(pw0);
+
+ return matched;
}
/*
@@ -862,7 +894,7 @@
/* make sure we have a valid netgroup, sudo style */
if (*netgr++ != '+')
- return(FALSE);
+ return FALSE;
#ifdef HAVE_GETDOMAINNAME
/* get the domain name (if any) */
@@ -878,10 +910,10 @@
#ifdef HAVE_INNETGR
if (innetgr(netgr, lhost, user, domain))
- return(TRUE);
+ return TRUE;
else if (lhost != shost && innetgr(netgr, shost, user, domain))
- return(TRUE);
+ return TRUE;
#endif /* HAVE_INNETGR */
- return(FALSE);
+ return FALSE;
}
Modified: trunk/contrib/sudo/memrchr.c
===================================================================
--- trunk/contrib/sudo/memrchr.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/memrchr.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -14,10 +14,12 @@
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
-#include <sys/types.h>
#include <config.h>
-#include <compat.h>
+#include <sys/types.h>
+
+#include "missing.h"
+
/*
* Reverse memchr()
* Find the last occurrence of 'c' in the buffer 's' of size 'n'.
@@ -34,8 +36,8 @@
cp = (unsigned char *)s + n;
do {
if (*(--cp) == (unsigned char)c)
- return((void *)cp);
+ return (void *)cp;
} while (--n != 0);
}
- return((void *)0);
+ return (void *)0;
}
Modified: trunk/contrib/sudo/missing.h
===================================================================
--- trunk/contrib/sudo/missing.h 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/missing.h 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,5 +1,6 @@
/*
- * Copyright (c) 2009-2010 Todd C. Miller <Todd.Miller at courtesan.com>
+ * Copyright (c) 1996, 1998-2005, 2008-2010
+ * Todd C. Miller <Todd.Miller at courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -12,11 +13,16 @@
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
*/
#ifndef _SUDO_MISSING_H
#define _SUDO_MISSING_H
+#include <stdio.h>
#ifdef __STDC__
# include <stdarg.h>
#else
@@ -23,6 +29,304 @@
# include <varargs.h>
#endif
+/*
+ * Macros that may be missing on some Operating Systems
+ */
+
+/* Deal with ANSI stuff reasonably. */
+#ifndef __P
+# if defined (__cplusplus) || defined (__STDC__)
+# define __P(args) args
+# else
+# define __P(args) ()
+# endif
+#endif /* __P */
+
+/* Define away __attribute__ for non-gcc or old gcc */
+#if !defined(__GNUC__) || __GNUC__ < 2 || __GNUC__ == 2 && __GNUC_MINOR__ < 5
+# define __attribute__(x)
+#endif
+
+/* For silencing gcc warnings about rcsids */
+#ifndef __unused
+# if defined(__GNUC__) && (__GNUC__ > 2 || __GNUC__ == 2 && __GNUC_MINOR__ > 7)
+# define __unused __attribute__((__unused__))
+# else
+# define __unused
+# endif
+#endif
+
+/* For catching format string mismatches */
+#ifndef __printflike
+# if defined(__GNUC__) && (__GNUC__ > 2 || __GNUC__ == 2 && __GNUC_MINOR__ >= 7)
+# define __printflike(f, v) __attribute__((__format__ (__printf__, f, v)))
+# else
+# define __printflike(f, v)
+# endif
+#endif
+
+/*
+ * Some systems lack full limit definitions.
+ */
+#ifndef OPEN_MAX
+# define OPEN_MAX 256
+#endif
+
+#ifndef INT_MAX
+# define INT_MAX 0x7fffffff
+#endif
+
+#ifndef PATH_MAX
+# ifdef MAXPATHLEN
+# define PATH_MAX MAXPATHLEN
+# else
+# ifdef _POSIX_PATH_MAX
+# define PATH_MAX _POSIX_PATH_MAX
+# else
+# define PATH_MAX 1024
+# endif
+# endif
+#endif
+
+#ifndef MAXHOSTNAMELEN
+# define MAXHOSTNAMELEN 64
+#endif
+
+/*
+ * Posix versions for those without...
+ */
+#ifndef _S_IFMT
+# define _S_IFMT S_IFMT
+#endif /* _S_IFMT */
+#ifndef _S_IFREG
+# define _S_IFREG S_IFREG
+#endif /* _S_IFREG */
+#ifndef _S_IFDIR
+# define _S_IFDIR S_IFDIR
+#endif /* _S_IFDIR */
+#ifndef _S_IFLNK
+# define _S_IFLNK S_IFLNK
+#endif /* _S_IFLNK */
+#ifndef S_ISREG
+# define S_ISREG(m) (((m) & _S_IFMT) == _S_IFREG)
+#endif /* S_ISREG */
+#ifndef S_ISDIR
+# define S_ISDIR(m) (((m) & _S_IFMT) == _S_IFDIR)
+#endif /* S_ISDIR */
+
+/*
+ * Some OS's may not have this.
+ */
+#ifndef S_IRWXU
+# define S_IRWXU 0000700 /* rwx for owner */
+#endif /* S_IRWXU */
+
+/*
+ * These should be defined in <unistd.h> but not everyone has them.
+ */
+#ifndef STDIN_FILENO
+# define STDIN_FILENO 0
+#endif
+#ifndef STDOUT_FILENO
+# define STDOUT_FILENO 1
+#endif
+#ifndef STDERR_FILENO
+# define STDERR_FILENO 2
+#endif
+
+/*
+ * These should be defined in <unistd.h> but not everyone has them.
+ */
+#ifndef SEEK_SET
+# define SEEK_SET 0
+#endif
+#ifndef SEEK_CUR
+# define SEEK_CUR 1
+#endif
+#ifndef SEEK_END
+# define SEEK_END 2
+#endif
+
+/*
+ * BSD defines these in <sys/param.h> but others may not.
+ */
+#ifndef MIN
+# define MIN(a,b) (((a)<(b))?(a):(b))
+#endif
+#ifndef MAX
+# define MAX(a,b) (((a)>(b))?(a):(b))
+#endif
+
+/*
+ * Simple isblank() macro and function for systems without it.
+ */
+#ifndef HAVE_ISBLANK
+int isblank __P((int));
+# define isblank(_x) ((_x) == ' ' || (_x) == '\t')
+#endif
+
+/*
+ * Old BSD systems lack strchr(), strrchr(), memset() and memcpy()
+ */
+#if !defined(HAVE_STRCHR) && !defined(strchr)
+# define strchr(_s, _c) index(_s, _c)
+#endif
+#if !defined(HAVE_STRRCHR) && !defined(strrchr)
+# define strrchr(_s, _c) rindex(_s, _c)
+#endif
+#if !defined(HAVE_MEMCPY) && !defined(memcpy)
+# define memcpy(_d, _s, _n) (bcopy(_s, _d, _n))
+#endif
+#if !defined(HAVE_MEMSET) && !defined(memset)
+# define memset(_s, _x, _n) (bzero(_s, _n))
+#endif
+
+/*
+ * NCR's SVr4 has _innetgr(3) instead of innetgr(3) for some reason.
+ */
+#ifdef HAVE__INNETGR
+# define innetgr(n, h, u, d) (_innetgr(n, h, u, d))
+# define HAVE_INNETGR 1
+#endif /* HAVE__INNETGR */
+
+/*
+ * On POSIX systems, O_NOCTTY is the default so some OS's may lack this define.
+ */
+#ifndef O_NOCTTY
+# define O_NOCTTY 0
+#endif /* O_NOCTTY */
+
+/*
+ * Emulate POSIX signals via sigvec(2)
+ */
+#ifndef HAVE_SIGACTION
+# define SA_ONSTACK SV_ONSTACK
+# define SA_RESTART SV_INTERRUPT /* opposite effect */
+# define SA_RESETHAND SV_RESETHAND
+# define sa_handler sv_handler
+# define sa_mask sv_mask
+# define sa_flags sv_flags
+typedef struct sigvec sigaction_t;
+typedef int sigset_t;
+int sigaction __P((int sig, const sigaction_t *act, sigaction_t *oact));
+int sigemptyset __P((sigset_t *));
+int sigfillset __P((sigset_t *));
+int sigaddset __P((sigset_t *, int));
+int sigdelset __P((sigset_t *, int));
+int sigismember __P((sigset_t *, int));
+int sigprocmask __P((int, const sigset_t *, sigset_t *));
+#endif
+
+/*
+ * Extra sugar for POSIX signals to deal with the above emulation
+ * as well as the fact that SunOS has a SA_INTERRUPT flag.
+ */
+#ifdef HAVE_SIGACTION
+# ifndef HAVE_SIGACTION_T
+typedef struct sigaction sigaction_t;
+# endif
+# ifndef SA_INTERRUPT
+# define SA_INTERRUPT 0
+# endif
+# ifndef SA_RESTART
+# define SA_RESTART 0
+# endif
+#endif
+
+/*
+ * If dirfd() does not exists, hopefully dd_fd does.
+ */
+#if !defined(HAVE_DIRFD) && defined(HAVE_DD_FD)
+# define dirfd(_d) ((_d)->dd_fd)
+# define HAVE_DIRFD
+#endif
+
+/*
+ * Define futimes() in terms of futimesat() if needed.
+ */
+#if !defined(HAVE_FUTIMES) && defined(HAVE_FUTIMESAT)
+# define futimes(_f, _tv) futimesat(_f, NULL, _tv)
+# define HAVE_FUTIMES
+#endif
+
+#if !defined(HAVE_KILLPG) && !defined(killpg)
+# define killpg(s) kill(-(s))
+#endif
+
+/*
+ * If we lack getprogname(), emulate with __progname if possible.
+ * Otherwise, add a prototype for use with our own getprogname.c.
+ */
+#ifndef HAVE_GETPROGNAME
+# ifdef HAVE___PROGNAME
+extern const char *__progname;
+# define getprogname() (__progname)
+# else
+const char *getprogname __P((void));
+#endif /* HAVE___PROGNAME */
+#endif /* !HAVE_GETPROGNAME */
+
+#ifndef timevalclear
+# define timevalclear(tv) ((tv)->tv_sec = (tv)->tv_usec = 0)
+#endif
+#ifndef timevalisset
+# define timevalisset(tv) ((tv)->tv_sec || (tv)->tv_usec)
+#endif
+#ifndef timevalcmp
+# define timevalcmp(tv1, tv2, op) \
+ (((tv1)->tv_sec == (tv2)->tv_sec) ? \
+ ((tv1)->tv_usec op (tv2)->tv_usec) : \
+ ((tv1)->tv_sec op (tv2)->tv_sec))
+#endif
+#ifndef timevaladd
+# define timevaladd(tv1, tv2) \
+ do { \
+ (tv1)->tv_sec += (tv2)->tv_sec; \
+ (tv1)->tv_usec += (tv2)->tv_usec; \
+ if ((tv1)->tv_usec >= 1000000) { \
+ (tv1)->tv_sec++; \
+ (tv1)->tv_usec -= 1000000; \
+ } \
+ } while (0)
+#endif
+#ifndef timevalsub
+# define timevalsub(tv1, tv2) \
+ do { \
+ (tv1)->tv_sec -= (tv2)->tv_sec; \
+ (tv1)->tv_usec -= (tv2)->tv_usec; \
+ if ((tv1)->tv_usec < 0) { \
+ (tv1)->tv_sec--; \
+ (tv1)->tv_usec += 1000000; \
+ } \
+ } while (0)
+#endif
+
+/* Not all systems define NSIG in signal.h */
+#if !defined(NSIG)
+# if defined(_NSIG)
+# define NSIG _NSIG
+# elif defined(__NSIG)
+# define NSIG __NSIG
+# else
+# define NSIG 64
+# endif
+#endif
+
+#ifndef WCOREDUMP
+# define WCOREDUMP(x) ((x) & 0x80)
+#endif
+
+/*
+ * HP-UX does not declare innetgr() or getdomainname().
+ * Solaris does not declare getdomainname().
+ */
+#if defined(__hpux)
+int innetgr __P((const char *, const char *, const char *, const char *));
+#endif
+#if defined(__hpux) || defined(__sun)
+int getdomainname __P((char *, size_t));
+#endif
+
/* Functions "missing" from libc. */
struct timeval;
Modified: trunk/contrib/sudo/mkpkg
===================================================================
--- trunk/contrib/sudo/mkpkg 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/mkpkg 2014-10-02 03:20:49 UTC (rev 6803)
@@ -83,8 +83,6 @@
if [ -z "$CFLAGS" ]; then
CFLAGS=-O; export CFLAGS
fi
- else
- configure_opts="${configure_opts}${configure_opts+$tab}--disable-zlib"
fi
;;
esac
@@ -98,6 +96,7 @@
# RHEL 5 and up build pies and have audit support
export CFLAGS="$F_PIE" LDFLAGS="-pie"
configure_opts="${configure_opts}${configure_opts+$tab}--with-linux-audit"
+ PPVARS="${PPVARS}${PPVARS+$space}linux_audit=1.4.0"
fi
# Note, must indent with tabs, not spaces due to IFS trickery
configure_opts="$configure_opts
@@ -106,7 +105,7 @@
--with-logfac=authpriv
--with-pam
--with-pam-login
- --enable-zlib
+ --enable-zlib=system
--with-editor=/bin/vi
--with-env-editor
--with-ignore-dot
@@ -143,7 +142,7 @@
--enable-shell-sets-home
--with-sudoers-mode=0440
--with-pam
- --enable-zlib
+ --enable-zlib=system
--with-ldap
--with-env-editor
--with-passprompt=%p\'s password: "
@@ -168,7 +167,7 @@
--with-all-insults
--with-exempt=sudo
--with-pam
- --enable-zlib
+ --enable-zlib=system
--with-fqdn
--with-logging=syslog
--with-logfac=authpriv
@@ -186,6 +185,12 @@
--with-secure-path=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/X11R6/bin"
;;
*)
+ # For Solaris, add project support and use let configure choose zlib.
+ # For all others, use the builtin zlib.
+ case "$platform" in
+ sol*) configure_opts="${configure_opts}${configure_opts+$tab}--with-project";;
+ *) configure_opts="${configure_opts}${configure_opts+$tab}--enable-zlib=builtin";;
+ esac
if test "$flavor" = "ldap"; then
configure_opts="${configure_opts}${configure_opts+$tab}--with-ldap"
fi
Property changes on: trunk/contrib/sudo/mkpkg
___________________________________________________________________
Deleted: svn:executable
## -1 +0,0 ##
-*
\ No newline at end of property
Modified: trunk/contrib/sudo/mksiglist.c
===================================================================
--- trunk/contrib/sudo/mksiglist.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/mksiglist.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -17,6 +17,8 @@
#include <config.h>
+#include <sys/types.h>
+
#include <stdio.h>
#ifdef STDC_HEADERS
# include <stdlib.h>
@@ -28,7 +30,7 @@
#endif /* STDC_HEADERS */
#include <signal.h>
-#include <compat.h>
+#include "missing.h"
int
main(argc, argv)
@@ -42,7 +44,7 @@
printf("#include <config.h>\n");
printf("#include <signal.h>\n");
- printf("#include <compat.h>\n\n");
+ printf("#include \"missing.h\"\n\n");
printf("const char *const my_sys_siglist[NSIG] = {\n");
for (i = 0; i < NSIG; i++) {
if (my_sys_siglist[i] != NULL) {
Deleted: trunk/contrib/sudo/mkstemp.c
===================================================================
--- trunk/contrib/sudo/mkstemp.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/mkstemp.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,112 +0,0 @@
-/*
- * Copyright (c) 2001, 2003, 2008 Todd C. Miller <Todd.Miller at courtesan.com>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-#include "config.h"
-
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <stdio.h>
-#ifdef HAVE_STDLIB_H
-# include <stdlib.h>
-#endif /* HAVE_STDLIB_H */
-#include <ctype.h>
-#ifdef HAVE_UNISTD_H
-# include <unistd.h>
-#endif /* HAVE_UNISTD_H */
-
-#include "sudo.h"
-
-static unsigned int get_random __P((void));
-static void seed_random __P((void));
-
-int
-mkstemp(path)
- char *path;
-{
- char *start, *cp;
- int fd, r;
- char *alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
-
- if (*path == '\0') {
- errno = EINVAL;
- return(0);
- }
-
- for (cp = path; *cp; cp++)
- ;
- do {
- cp--;
- } while (cp >= path && *cp == 'X');
- start = cp + 1;
-
- for (;;) {
- for (cp = start; *cp; cp++) {
- r = get_random % (26 + 26);
- *cp = alphabet[r];
- }
-
- fd = open(path, O_CREAT|O_EXCL|O_RDWR, S_IRUSR|S_IWUSR);
- if (fd != -1 || errno != EEXIST)
- return(fd);
- }
- /*NOTREACHED*/
-}
-
-#ifdef HAVE_RANDOM
-# define RAND random
-# define SRAND srandom
-# define SEED_T unsigned int
-#else
-# ifdef HAVE_LRAND48
-# define RAND lrand48
-# define SRAND srand48
-# define SEED_T long
-# else
-# define RAND rand
-# define SRAND srand
-# define SEED_T unsigned int
-# endif
-#endif
-
-static void
-seed_random()
-{
- SEED_T seed;
- struct timespec ts;
-
- /*
- * Seed from time of day and process id multiplied by small primes.
- */
- (void) gettime(&ts);
- seed = (ts.tv_sec % 10000) * 523 + ts.tv_nsec / 1000 * 13 +
- (getpid() % 1000) * 983;
- SRAND(seed);
-}
-
-static unsigned int
-get_random()
-{
- static int initialized;
-
- if (!initialized) {
- seed_random();
- initialized = 1;
- }
-
- return(RAND() & 0xffffffff);
-}
Modified: trunk/contrib/sudo/mkstemps.c
===================================================================
--- trunk/contrib/sudo/mkstemps.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/mkstemps.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -15,7 +15,7 @@
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
-#include "config.h"
+#include <config.h>
#include <sys/types.h>
#include <sys/time.h>
@@ -62,7 +62,7 @@
;
if (path + slen >= ep) {
errno = EINVAL;
- return(-1);
+ return -1;
}
ep -= slen;
@@ -81,11 +81,11 @@
fd = open(path, O_CREAT|O_EXCL|O_RDWR, S_IRUSR|S_IWUSR);
if (fd != -1 || errno != EEXIST)
- return(fd);
+ return fd;
} while (--tries);
errno = EEXIST;
- return(-1);
+ return -1;
}
#ifdef HAVE_RANDOM
@@ -129,5 +129,5 @@
initialized = 1;
}
- return(RAND() & 0xffffffff);
+ return RAND() & 0xffffffff;
}
Modified: trunk/contrib/sudo/nanosleep.c
===================================================================
--- trunk/contrib/sudo/nanosleep.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/nanosleep.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -25,11 +25,11 @@
# include <time.h>
#endif
#ifndef HAVE_TIMESPEC
-# include <emul/timespec.h>
+# include "emul/timespec.h"
#endif
#include <errno.h>
-#include "compat.h"
+#include "missing.h"
int
nanosleep(ts, rts)
@@ -52,5 +52,5 @@
rts->tv_sec = endtime.tv_sec;
rts->tv_nsec = endtime.tv_usec * 1000;
}
- return(rval);
+ return rval;
}
Modified: trunk/contrib/sudo/parse.c
===================================================================
--- trunk/contrib/sudo/parse.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/parse.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -83,9 +83,9 @@
struct sudo_nss *nss;
{
if (def_ignore_local_sudoers)
- return(-1);
+ return -1;
nss->handle = open_sudoers(_PATH_SUDOERS, FALSE, NULL);
- return(nss->handle ? 0 : -1);
+ return nss->handle ? 0 : -1;
}
int
@@ -99,7 +99,7 @@
nss->handle = NULL;
yyin = NULL;
}
- return(0);
+ return 0;
}
/*
@@ -110,7 +110,7 @@
struct sudo_nss *nss;
{
if (nss->handle == NULL)
- return(-1);
+ return -1;
init_parser(_PATH_SUDOERS, 0);
yyin = nss->handle;
@@ -117,9 +117,9 @@
if (yyparse() != 0 || parse_error) {
log_error(NO_EXIT, "parse error in %s near line %d",
errorfile, errorlineno);
- return(-1);
+ return -1;
}
- return(0);
+ return 0;
}
/*
@@ -130,11 +130,11 @@
struct sudo_nss *nss;
{
if (nss->handle == NULL)
- return(-1);
+ return -1;
if (!update_defaults(SETDEF_GENERIC|SETDEF_HOST|SETDEF_USER))
- return(-1);
- return(0);
+ return -1;
+ return 0;
}
/*
@@ -154,7 +154,7 @@
struct userspec *us;
if (nss->handle == NULL)
- return(validated);
+ return validated;
/*
* Only check the actual command if pwflag is not set.
@@ -200,7 +200,7 @@
SET(validated, FLAG_CHECK_USER);
else if (pwcheck == never || nopass == TRUE)
def_authenticate = FALSE;
- return(validated);
+ return validated;
}
/* Need to be runas user while stat'ing things. */
@@ -259,7 +259,7 @@
CLR(validated, VALIDATE_OK);
}
set_perms(PERM_ROOT);
- return(validated);
+ return validated;
}
#define TAG_CHANGED(t) \
@@ -361,7 +361,7 @@
}
lbuf_append(lbuf, "\n", NULL);
}
- return(nfound);
+ return nfound;
}
static int
@@ -416,7 +416,7 @@
nfound++;
}
}
- return(nfound);
+ return nfound;
}
int
@@ -441,7 +441,7 @@
nfound += sudo_file_display_priv_short(pw, us, lbuf);
}
done:
- return(nfound);
+ return nfound;
}
/*
@@ -495,7 +495,7 @@
nfound++;
}
done:
- return(nfound);
+ return nfound;
}
/*
@@ -513,7 +513,7 @@
nfound += display_bound_defaults(DEFAULTS_RUNAS, lbuf);
nfound += display_bound_defaults(DEFAULTS_CMND, lbuf);
- return(nfound);
+ return nfound;
}
/*
@@ -551,7 +551,7 @@
dsep = "!";
break;
default:
- return(-1);
+ return -1;
}
/* printf("Per-%s Defaults entries:\n", dname); */
tq_foreach_fwd(&defaults, d) {
@@ -579,7 +579,7 @@
lbuf_append(lbuf, d->op == FALSE ? "!" : "", d->var, NULL);
}
- return(nfound);
+ return nfound;
}
int
@@ -612,8 +612,7 @@
if (runas_match == ALLOW) {
cmnd_match = cmnd_matches(cs->cmnd);
if (cmnd_match != UNSPEC) {
- match = host_match && runas_match ?
- cs->cmnd : NULL;
+ match = host_match && runas_match ? cs->cmnd : NULL;
goto matched;
}
}
@@ -627,7 +626,7 @@
rval = 0;
}
done:
- return(rval);
+ return rval;
}
/*
Deleted: trunk/contrib/sudo/parse.lex
===================================================================
--- trunk/contrib/sudo/parse.lex 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/parse.lex 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,580 +0,0 @@
-%{
-/*
- * Copyright (c) 1996, 1998-2004, 2007
- * Todd C. Miller <Todd.Miller at courtesan.com>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
- * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
- * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- * Sponsored in part by the Defense Advanced Research Projects
- * Agency (DARPA) and Air Force Research Laboratory, Air Force
- * Materiel Command, USAF, under agreement number F39502-99-1-0512.
- */
-
-#include <config.h>
-
-#include <sys/types.h>
-#include <sys/param.h>
-#include <stdio.h>
-#ifdef STDC_HEADERS
-# include <stdlib.h>
-# include <stddef.h>
-#else
-# ifdef HAVE_STDLIB_H
-# include <stdlib.h>
-# endif
-#endif /* STDC_HEADERS */
-#ifdef HAVE_STRING_H
-# include <string.h>
-#else
-# ifdef HAVE_STRINGS_H
-# include <strings.h>
-# endif
-#endif /* HAVE_STRING_H */
-#ifdef HAVE_UNISTD_H
-# include <unistd.h>
-#endif /* HAVE_UNISTD_H */
-#if defined(HAVE_MALLOC_H) && !defined(STDC_HEADERS)
-# include <malloc.h>
-#endif /* HAVE_MALLOC_H && !STDC_HEADERS */
-#include <ctype.h>
-#include "sudo.h"
-#include "parse.h"
-#include <sudo.tab.h>
-
-#ifndef lint
-__unused static const char rcsid[] = "$Sudo: parse.lex,v 1.132.2.10 2008/06/26 11:53:50 millert Exp $";
-#endif /* lint */
-
-#undef yywrap /* guard against a yywrap macro */
-
-extern YYSTYPE yylval;
-extern int clearaliases;
-int sudolineno = 1;
-static int sawspace = 0;
-static int arg_len = 0;
-static int arg_size = 0;
-
-static int ipv6_valid __P((const char *s));
-static void _fill __P((char *, int, int));
-static void append __P((char *, int));
-static void fill_cmnd __P((char *, int));
-static void fill_args __P((char *, int, int));
-extern void reset_aliases __P((void));
-extern void yyerror __P((char *));
-
-#define fill(a, b) _fill(a, b, 0)
-
-/* realloc() to size + COMMANDARGINC to make room for command args */
-#define COMMANDARGINC 64
-
-#ifdef TRACELEXER
-#define LEXTRACE(msg) fputs(msg, stderr)
-#else
-#define LEXTRACE(msg)
-#endif
-%}
-
-HEX16 [0-9A-Fa-f]{1,4}
-OCTET (1?[0-9]{1,2})|(2[0-4][0-9])|(25[0-5])
-IPV4ADDR {OCTET}(\.{OCTET}){3}
-IPV6ADDR ({HEX16}?:){2,7}{HEX16}?|({HEX16}?:){2,6}:{IPV4ADDR}
-
-HOSTNAME [[:alnum:]_-]+
-WORD ([^#>@!=:,\(\) \t\n\\]|\\[^\n])+
-ENVAR ([^#!=, \t\n\\\"]|\\[^\n])([^#=, \t\n\\]|\\[^\n])*
-DEFVAR [a-z_]+
-
-/* XXX - convert GOTRUNAS to exclusive state (GOTDEFS cannot be) */
-%s GOTRUNAS
-%s GOTDEFS
-%x GOTCMND
-%x STARTDEFS
-%x INDEFS
-%x INSTR
-
-%%
-<GOTDEFS>[[:blank:]]+ BEGIN STARTDEFS;
-
-<STARTDEFS>{DEFVAR} {
- BEGIN INDEFS;
- LEXTRACE("DEFVAR ");
- fill(yytext, yyleng);
- return(DEFVAR);
- }
-
-<INDEFS>{
- , {
- BEGIN STARTDEFS;
- LEXTRACE(", ");
- return(',');
- } /* return ',' */
-
- = {
- LEXTRACE("= ");
- return('=');
- } /* return '=' */
-
- \+= {
- LEXTRACE("+= ");
- return('+');
- } /* return '+' */
-
- -= {
- LEXTRACE("-= ");
- return('-');
- } /* return '-' */
-
- \" {
- LEXTRACE("BEGINSTR ");
- yylval.string = NULL;
- BEGIN INSTR;
- }
-
- {ENVAR} {
- LEXTRACE("WORD(2) ");
- fill(yytext, yyleng);
- return(WORD);
- }
-}
-
-<INSTR>{
- \\[[:blank:]]*\n[[:blank:]]* {
- /* Line continuation char followed by newline. */
- ++sudolineno;
- LEXTRACE("\n");
- }
-
- \" {
- LEXTRACE("ENDSTR ");
- BEGIN INDEFS;
- return(WORD);
- }
-
- \\ {
- LEXTRACE("BACKSLASH ");
- append(yytext, yyleng);
- }
-
- ([^\"\n\\]|\\\")+ {
- LEXTRACE("STRBODY ");
- append(yytext, yyleng);
- }
-}
-
-<GOTCMND>{
- \\[\*\?\[\]\!] {
- /* quoted fnmatch glob char, pass verbatim */
- LEXTRACE("QUOTEDCHAR ");
- fill_args(yytext, 2, sawspace);
- sawspace = FALSE;
- }
-
- \\[:\\,= \t#] {
- /* quoted sudoers special char, strip backslash */
- LEXTRACE("QUOTEDCHAR ");
- fill_args(yytext + 1, 1, sawspace);
- sawspace = FALSE;
- }
-
- [#:\,=\n] {
- BEGIN INITIAL;
- unput(*yytext);
- return(COMMAND);
- } /* end of command line args */
-
- [^\\:, \t\n]+ {
- LEXTRACE("ARG ");
- fill_args(yytext, yyleng, sawspace);
- sawspace = FALSE;
- } /* a command line arg */
-}
-
-<INITIAL>^Defaults[:@>]? {
- BEGIN GOTDEFS;
- switch (yytext[8]) {
- case ':':
- LEXTRACE("DEFAULTS_USER ");
- return(DEFAULTS_USER);
- case '>':
- LEXTRACE("DEFAULTS_RUNAS ");
- return(DEFAULTS_RUNAS);
- case '@':
- LEXTRACE("DEFAULTS_HOST ");
- return(DEFAULTS_HOST);
- default:
- LEXTRACE("DEFAULTS ");
- return(DEFAULTS);
- }
- }
-
-<INITIAL>^(Host|Cmnd|User|Runas)_Alias {
- fill(yytext, yyleng);
- switch (*yytext) {
- case 'H':
- LEXTRACE("HOSTALIAS ");
- return(HOSTALIAS);
- case 'C':
- LEXTRACE("CMNDALIAS ");
- return(CMNDALIAS);
- case 'U':
- LEXTRACE("USERALIAS ");
- return(USERALIAS);
- case 'R':
- LEXTRACE("RUNASALIAS ");
- BEGIN GOTRUNAS;
- return(RUNASALIAS);
- }
- }
-
-NOPASSWD[[:blank:]]*: {
- /* cmnd does not require passwd for this user */
- LEXTRACE("NOPASSWD ");
- return(NOPASSWD);
- }
-
-PASSWD[[:blank:]]*: {
- /* cmnd requires passwd for this user */
- LEXTRACE("PASSWD ");
- return(PASSWD);
- }
-
-NOEXEC[[:blank:]]*: {
- LEXTRACE("NOEXEC ");
- return(NOEXEC);
- }
-
-EXEC[[:blank:]]*: {
- LEXTRACE("EXEC ");
- return(EXEC);
- }
-
-SETENV[[:blank:]]*: {
- LEXTRACE("SETENV ");
- return(SETENV);
- }
-
-NOSETENV[[:blank:]]*: {
- LEXTRACE("NOSETENV ");
- return(NOSETENV);
- }
-
-\+{WORD} {
- /* netgroup */
- fill(yytext, yyleng);
- LEXTRACE("NETGROUP ");
- return(NETGROUP);
- }
-
-\%{WORD} {
- /* UN*X group */
- fill(yytext, yyleng);
- LEXTRACE("GROUP ");
- return(USERGROUP);
- }
-
-{IPV4ADDR}(\/{IPV4ADDR})? {
- fill(yytext, yyleng);
- LEXTRACE("NTWKADDR ");
- return(NTWKADDR);
- }
-
-{IPV4ADDR}\/([12][0-9]*|3[0-2]*) {
- fill(yytext, yyleng);
- LEXTRACE("NTWKADDR ");
- return(NTWKADDR);
- }
-
-{IPV6ADDR}(\/{IPV6ADDR})? {
- if (!ipv6_valid(yytext)) {
- LEXTRACE("ERROR ");
- return(ERROR);
- }
- fill(yytext, yyleng);
- LEXTRACE("NTWKADDR ");
- return(NTWKADDR);
- }
-
-{IPV6ADDR}\/([0-9]|[1-9][0-9]|1[01][0-9]|12[0-8]) {
- if (!ipv6_valid(yytext)) {
- LEXTRACE("ERROR ");
- return(ERROR);
- }
- fill(yytext, yyleng);
- LEXTRACE("NTWKADDR ");
- return(NTWKADDR);
- }
-
-<INITIAL>\( {
- BEGIN GOTRUNAS;
- LEXTRACE("RUNAS ");
- return (RUNAS);
- }
-
-[[:upper:]][[:upper:][:digit:]_]* {
- if (strcmp(yytext, "ALL") == 0) {
- LEXTRACE("ALL ");
- return(ALL);
- }
-#ifdef HAVE_SELINUX
- /* XXX - restrict type/role to initial state */
- if (strcmp(yytext, "TYPE") == 0) {
- LEXTRACE("TYPE ");
- return(TYPE);
- }
- if (strcmp(yytext, "ROLE") == 0) {
- LEXTRACE("ROLE ");
- return(ROLE);
- }
-#endif /* HAVE_SELINUX */
- fill(yytext, yyleng);
- LEXTRACE("ALIAS ");
- return(ALIAS);
- }
-
-<GOTRUNAS>(#[0-9-]+|{WORD}) {
- /* username/uid that user can run command as */
- fill(yytext, yyleng);
- LEXTRACE("WORD(3) ");
- return(WORD);
- }
-
-<GOTRUNAS>#[^0-9-].*\n {
- BEGIN INITIAL;
- ++sudolineno;
- LEXTRACE("\n");
- return(COMMENT);
- }
-
-<GOTRUNAS>\) {
- BEGIN INITIAL;
- }
-
-sudoedit {
- BEGIN GOTCMND;
- LEXTRACE("COMMAND ");
- fill_cmnd(yytext, yyleng);
- } /* sudo -e */
-
-\/(\\[\,:= \t#]|[^\,:=\\ \t\n#])+ {
- /* directories can't have args... */
- if (yytext[yyleng - 1] == '/') {
- LEXTRACE("COMMAND ");
- fill_cmnd(yytext, yyleng);
- return(COMMAND);
- } else {
- BEGIN GOTCMND;
- LEXTRACE("COMMAND ");
- fill_cmnd(yytext, yyleng);
- }
- } /* a pathname */
-
-<INITIAL,GOTDEFS>{WORD} {
- /* a word */
- fill(yytext, yyleng);
- LEXTRACE("WORD(4) ");
- return(WORD);
- }
-
-, {
- LEXTRACE(", ");
- return(',');
- } /* return ',' */
-
-= {
- LEXTRACE("= ");
- return('=');
- } /* return '=' */
-
-: {
- LEXTRACE(": ");
- return(':');
- } /* return ':' */
-
-<*>!+ {
- if (yyleng % 2 == 1)
- return('!'); /* return '!' */
- }
-
-<*>\n {
- BEGIN INITIAL;
- ++sudolineno;
- LEXTRACE("\n");
- return(COMMENT);
- } /* return newline */
-
-<*>[[:blank:]]+ { /* throw away space/tabs */
- sawspace = TRUE; /* but remember for fill_args */
- }
-
-<*>\\[[:blank:]]*\n {
- sawspace = TRUE; /* remember for fill_args */
- ++sudolineno;
- LEXTRACE("\n\t");
- } /* throw away EOL after \ */
-
-<INITIAL,STARTDEFS,INDEFS>#.*\n {
- BEGIN INITIAL;
- ++sudolineno;
- LEXTRACE("\n");
- return(COMMENT);
- } /* return comments */
-
-<*>. {
- LEXTRACE("ERROR ");
- return(ERROR);
- } /* parse error */
-
-<*><<EOF>> {
- if (YY_START != INITIAL) {
- BEGIN INITIAL;
- LEXTRACE("ERROR ");
- return(ERROR);
- }
- yyterminate();
- }
-
-%%
-static void
-_fill(src, len, olen)
- char *src;
- int len, olen;
-{
- int i, j;
- char *dst;
-
- dst = olen ? realloc(yylval.string, olen + len + 1) : malloc(len + 1);
- if (dst == NULL) {
- yyerror("unable to allocate memory");
- return;
- }
- yylval.string = dst;
-
- /* Copy the string and collapse any escaped characters. */
- dst += olen;
- for (i = 0, j = 0; i < len; i++, j++) {
- if (src[i] == '\\' && i != len - 1)
- dst[j] = src[++i];
- else
- dst[j] = src[i];
- }
- dst[j] = '\0';
-}
-
-static void
-append(src, len)
- char *src;
- int len;
-{
- int olen = 0;
-
- if (yylval.string != NULL)
- olen = strlen(yylval.string);
-
- _fill(src, len, olen);
-}
-
-static void
-fill_cmnd(s, len)
- char *s;
- int len;
-{
- arg_len = arg_size = 0;
-
- yylval.command.cmnd = (char *) malloc(++len);
- if (yylval.command.cmnd == NULL) {
- yyerror("unable to allocate memory");
- return;
- }
-
- /* copy the string and NULL-terminate it (escapes handled by fnmatch) */
- (void) strlcpy(yylval.command.cmnd, s, len);
-
- yylval.command.args = NULL;
-}
-
-static void
-fill_args(s, len, addspace)
- char *s;
- int len;
- int addspace;
-{
- int new_len;
- char *p;
-
- if (yylval.command.args == NULL) {
- addspace = 0;
- new_len = len;
- } else
- new_len = arg_len + len + addspace;
-
- if (new_len >= arg_size) {
- /* Allocate more space than we need for subsequent args */
- while (new_len >= (arg_size += COMMANDARGINC))
- ;
-
- p = yylval.command.args ?
- (char *) realloc(yylval.command.args, arg_size) :
- (char *) malloc(arg_size);
- if (p == NULL) {
- efree(yylval.command.args);
- yyerror("unable to allocate memory");
- return;
- } else
- yylval.command.args = p;
- }
-
- /* Efficiently append the arg (with a leading space if needed). */
- p = yylval.command.args + arg_len;
- if (addspace)
- *p++ = ' ';
- if (strlcpy(p, s, arg_size - (p - yylval.command.args)) != len)
- yyerror("fill_args: buffer overflow"); /* paranoia */
- arg_len = new_len;
-}
-
-/*
- * Check to make sure an IPv6 address does not contain multiple instances
- * of the string "::". Assumes strlen(s) >= 1.
- * Returns TRUE if address is valid else FALSE.
- */
-static int
-ipv6_valid(s)
- const char *s;
-{
- int nmatch = 0;
-
- for (; *s != '\0'; s++) {
- if (s[0] == ':' && s[1] == ':') {
- if (++nmatch > 1)
- break;
- }
- if (s[0] == '/')
- nmatch = 0; /* reset if we hit netmask */
- }
-
- return (nmatch <= 1);
-}
-
-int
-yywrap()
-{
-
- /* Free space used by the aliases unless called by testsudoers. */
- if (clearaliases)
- reset_aliases();
-
- return(TRUE);
-}
Deleted: trunk/contrib/sudo/parse.yacc
===================================================================
--- trunk/contrib/sudo/parse.yacc 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/parse.yacc 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,1426 +0,0 @@
-%{
-/*
- * Copyright (c) 1996, 1998-2004, 2007
- * Todd C. Miller <Todd.Miller at courtesan.com>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
- * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- * Sponsored in part by the Defense Advanced Research Projects
- * Agency (DARPA) and Air Force Research Laboratory, Air Force
- * Materiel Command, USAF, under agreement number F39502-99-1-0512.
- */
-
-/*
- * XXX - the whole opFOO naming thing is somewhat bogus.
- *
- * XXX - the way things are stored for printmatches is stupid,
- * they should be stored as elements in an array and then
- * list_matches() can format things the way it wants.
- */
-
-#include <config.h>
-
-#include <sys/types.h>
-#include <sys/param.h>
-#include <stdio.h>
-#ifdef STDC_HEADERS
-# include <stdlib.h>
-# include <stddef.h>
-#else
-# ifdef HAVE_STDLIB_H
-# include <stdlib.h>
-# endif
-#endif /* STDC_HEADERS */
-#ifdef HAVE_STRING_H
-# include <string.h>
-#else
-# ifdef HAVE_STRINGS_H
-# include <strings.h>
-# endif
-#endif /* HAVE_STRING_H */
-#ifdef HAVE_UNISTD_H
-# include <unistd.h>
-#endif /* HAVE_UNISTD_H */
-#include <pwd.h>
-#if defined(YYBISON) && defined(HAVE_ALLOCA_H) && !defined(__GNUC__)
-# include <alloca.h>
-#endif /* YYBISON && HAVE_ALLOCA_H && !__GNUC__ */
-#ifdef HAVE_LSEARCH
-# include <search.h>
-#endif /* HAVE_LSEARCH */
-#include <limits.h>
-
-#include "sudo.h"
-#include "parse.h"
-
-#ifndef HAVE_LSEARCH
-#include "emul/search.h"
-#endif /* HAVE_LSEARCH */
-
-#ifndef lint
-__unused static const char rcsid[] = "$Sudo: parse.yacc,v 1.204.2.14 2008/10/30 14:40:04 millert Exp $";
-#endif /* lint */
-
-/*
- * We must define SIZE_MAX for yacc's skeleton.c.
- * If there is no SIZE_MAX or SIZE_T_MAX we have to assume that size_t
- * could be signed (as it is on SunOS 4.x).
- */
-#ifndef SIZE_MAX
-# ifdef SIZE_T_MAX
-# define SIZE_MAX SIZE_T_MAX
-# else
-# define SIZE_MAX INT_MAX
-# endif /* SIZE_T_MAX */
-#endif /* SIZE_MAX */
-
-/*
- * Globals
- */
-extern int sudolineno, parse_error;
-int errorlineno = -1;
-int clearaliases = TRUE;
-int printmatches = FALSE;
-int pedantic = FALSE;
-int keepall = FALSE;
-int quiet = FALSE;
-int used_runas = FALSE;
-
-/*
- * Alias types
- */
-#define HOST_ALIAS 1
-#define CMND_ALIAS 2
-#define USER_ALIAS 3
-#define RUNAS_ALIAS 4
-
-#define SETMATCH(_var, _val) do { \
- if ((_var) == UNSPEC || (_val) != NOMATCH) \
- (_var) = (_val); \
-} while (0)
-
-#define SETNMATCH(_var, _val) do { \
- if ((_val) != NOMATCH) \
- (_var) = ! (_val); \
- else if ((_var) == UNSPEC) \
- (_var) = NOMATCH; \
-} while (0)
-
-#define SETENV_RESET \
- if (setenv_ok == IMPLIED) setenv_ok = def_setenv ? TRUE : UNSPEC
-
-/*
- * The matching stack, initial space allocated in init_parser().
- */
-struct matchstack *match;
-int top = 0, stacksize = 0;
-
-#define push \
- do { \
- if (top >= stacksize) { \
- while ((stacksize += STACKINCREMENT) < top); \
- match = (struct matchstack *) erealloc3(match, stacksize, sizeof(struct matchstack)); \
- } \
- match[top].user = UNSPEC; \
- match[top].cmnd = UNSPEC; \
- match[top].host = UNSPEC; \
- match[top].runas = UNSPEC; \
- match[top].nopass = def_authenticate ? UNSPEC : TRUE; \
- match[top].noexec = def_noexec ? TRUE : UNSPEC; \
- match[top].setenv = def_setenv ? TRUE : UNSPEC; \
- match[top].role = NULL; \
- match[top].type = NULL; \
- top++; \
- } while (0)
-
-#define pushcp \
- do { \
- if (top >= stacksize) { \
- while ((stacksize += STACKINCREMENT) < top); \
- match = (struct matchstack *) erealloc3(match, stacksize, sizeof(struct matchstack)); \
- } \
- match[top].user = match[top-1].user; \
- match[top].cmnd = match[top-1].cmnd; \
- match[top].host = match[top-1].host; \
- match[top].runas = match[top-1].runas; \
- match[top].nopass = match[top-1].nopass; \
- match[top].noexec = match[top-1].noexec; \
- match[top].setenv = match[top-1].setenv; \
- match[top].role = estrdup(match[top-1].role); \
- match[top].type = estrdup(match[top-1].type); \
- top++; \
- } while (0)
-
-#define pop \
- do { \
- if (top == 0) \
- yyerror("matching stack underflow"); \
- else { \
- efree(match[top-1].role); \
- efree(match[top-1].type); \
- top--; \
- } \
- } while (0)
-
-
-/*
- * For testing if foo_matches variable was set to TRUE or FALSE
- */
-#define MATCHED(_v) ((_v) >= 0)
-
-/*
- * Shortcuts for append()
- */
-#define append_cmnd(s, p) append(s, &cm_list[cm_list_len].cmnd, \
- &cm_list[cm_list_len].cmnd_len, &cm_list[cm_list_len].cmnd_size, p)
-
-#define append_runas(s, p) append(s, &cm_list[cm_list_len].runas, \
- &cm_list[cm_list_len].runas_len, &cm_list[cm_list_len].runas_size, p)
-
-#define append_role(s, p) append(s, &cm_list[cm_list_len].role, \
- &cm_list[cm_list_len].role_len, &cm_list[cm_list_len].role_size, p)
-
-#define append_type(s, p) append(s, &cm_list[cm_list_len].type, \
- &cm_list[cm_list_len].type_len, &cm_list[cm_list_len].type_size, p)
-
-#define append_entries(s, p) append(s, &ga_list[ga_list_len-1].entries, \
- &ga_list[ga_list_len-1].entries_len, \
- &ga_list[ga_list_len-1].entries_size, p)
-
-/*
- * The stack for printmatches. A list of allowed commands for the user.
- */
-static struct command_match *cm_list = NULL;
-static size_t cm_list_len = 0, cm_list_size = 0;
-
-/*
- * List of Cmnd_Aliases and expansions for `sudo -l'
- */
-static int in_alias = FALSE;
-static size_t ga_list_len = 0, ga_list_size = 0;
-static struct generic_alias *ga_list = NULL;
-
-/*
- * Does this Defaults list pertain to this user?
- */
-static int defaults_matches = FALSE;
-
-/*
- * Local protoypes
- */
-static int add_alias __P((char *, int, int));
-static void append __P((char *, char **, size_t *, size_t *, char *));
-static void expand_ga_list __P((void));
-static void expand_match_list __P((void));
-static aliasinfo *find_alias __P((char *, int));
-static void more_aliases __P((void));
- void init_parser __P((void));
- void yyerror __P((char *));
-
-void
-yyerror(s)
- char *s;
-{
- /* Save the line the first error occurred on. */
- if (errorlineno == -1)
- errorlineno = sudolineno ? sudolineno - 1 : 0;
- if (s && !quiet) {
-#ifndef TRACELEXER
- (void) fprintf(stderr, ">>> sudoers file: %s, line %d <<<\n", s,
- sudolineno ? sudolineno - 1 : 0);
-#else
- (void) fprintf(stderr, "<*> ");
-#endif
- }
- parse_error = TRUE;
-}
-%}
-
-%union {
- char *string;
- int BOOLEAN;
- struct sudo_command command;
- int tok;
- struct selinux_info seinfo;
-}
-
-%start file /* special start symbol */
-%token <command> COMMAND /* absolute pathname w/ optional args */
-%token <string> ALIAS /* an UPPERCASE alias name */
-%token <string> DEFVAR /* a Defaults variable name */
-%token <string> NTWKADDR /* w.x.y.z or ipv6 address */
-%token <string> NETGROUP /* a netgroup (+NAME) */
-%token <string> USERGROUP /* a usergroup (%NAME) */
-%token <string> WORD /* a word */
-%token <tok> DEFAULTS /* Defaults entry */
-%token <tok> DEFAULTS_HOST /* Host-specific defaults entry */
-%token <tok> DEFAULTS_USER /* User-specific defaults entry */
-%token <tok> DEFAULTS_RUNAS /* Runas-specific defaults entry */
-%token <tok> RUNAS /* ( runas_list ) */
-%token <tok> NOPASSWD /* no passwd req for command */
-%token <tok> PASSWD /* passwd req for command (default) */
-%token <tok> NOEXEC /* preload dummy execve() for cmnd */
-%token <tok> EXEC /* don't preload dummy execve() */
-%token <tok> SETENV /* user may set environment for cmnd */
-%token <tok> NOSETENV /* user may not set environment */
-%token <tok> ALL /* ALL keyword */
-%token <tok> COMMENT /* comment and/or carriage return */
-%token <tok> HOSTALIAS /* Host_Alias keyword */
-%token <tok> CMNDALIAS /* Cmnd_Alias keyword */
-%token <tok> USERALIAS /* User_Alias keyword */
-%token <tok> RUNASALIAS /* Runas_Alias keyword */
-%token <tok> ':' '=' ',' '!' '+' '-' /* union member tokens */
-%token <tok> ERROR
-%token <tok> TYPE /* SELinux type */
-%token <tok> ROLE /* SELinux role */
-
-/*
- * NOTE: these are not true booleans as there are actually 4 possible values:
- * 1) TRUE (positive match)
- * 0) FALSE (negative match due to a '!' somewhere)
- * -1) NOMATCH (don't change the value of *_matches)
- * -2) UNSPEC (uninitialized value)
- */
-%type <BOOLEAN> cmnd
-%type <BOOLEAN> host
-%type <BOOLEAN> runasuser
-%type <BOOLEAN> oprunasuser
-%type <BOOLEAN> runaslist
-%type <BOOLEAN> user
-%type <seinfo> selinux
-%type <string> rolespec
-%type <string> typespec
-
-%%
-
-file : entry
- | file entry
- ;
-
-entry : COMMENT
- { ; }
- | error COMMENT
- { yyerrok; }
- | { push; } userlist privileges {
- while (top && user_matches != TRUE)
- pop;
- }
- | USERALIAS useraliases
- { ; }
- | HOSTALIAS hostaliases
- { ; }
- | CMNDALIAS cmndaliases
- { ; }
- | RUNASALIAS runasaliases
- { ; }
- | defaults_line
- { ; }
- ;
-
-defaults_line : defaults_type defaults_list
- ;
-
-defaults_type : DEFAULTS {
- defaults_matches = TRUE;
- }
- | DEFAULTS_USER { push; } userlist {
- defaults_matches = user_matches;
- pop;
- }
- | DEFAULTS_RUNAS { push; } runaslist {
- defaults_matches = $3 == TRUE;
- pop;
- }
- | DEFAULTS_HOST { push; } hostlist {
- defaults_matches = host_matches;
- pop;
- }
- ;
-
-defaults_list : defaults_entry
- | defaults_entry ',' defaults_list
- ;
-
-defaults_entry : DEFVAR {
- if (defaults_matches == TRUE &&
- !set_default($1, NULL, TRUE)) {
- yyerror(NULL);
- YYERROR;
- }
- efree($1);
- }
- | '!' DEFVAR {
- if (defaults_matches == TRUE &&
- !set_default($2, NULL, FALSE)) {
- yyerror(NULL);
- YYERROR;
- }
- efree($2);
- }
- | DEFVAR '=' WORD {
- if (defaults_matches == TRUE &&
- !set_default($1, $3, TRUE)) {
- yyerror(NULL);
- YYERROR;
- }
- efree($1);
- efree($3);
- }
- | DEFVAR '+' WORD {
- if (defaults_matches == TRUE &&
- !set_default($1, $3, '+')) {
- yyerror(NULL);
- YYERROR;
- }
- efree($1);
- efree($3);
- }
- | DEFVAR '-' WORD {
- if (defaults_matches == TRUE &&
- !set_default($1, $3, '-')) {
- yyerror(NULL);
- YYERROR;
- }
- efree($1);
- efree($3);
- }
- ;
-
-privileges : privilege
- | privileges ':' privilege
- ;
-
-privilege : hostlist '=' cmndspeclist {
- /*
- * We already did a push if necessary in
- * cmndspec so just reset some values so
- * the next 'privilege' gets a clean slate.
- */
- host_matches = UNSPEC;
- runas_matches = UNSPEC;
- no_passwd = def_authenticate ? UNSPEC : TRUE;
- no_execve = def_noexec ? TRUE : UNSPEC;
- setenv_ok = def_setenv ? TRUE : UNSPEC;
-#ifdef HAVE_SELINUX
- efree(match[top-1].role);
- match[top-1].role = NULL;
- efree(match[top-1].type);
- match[top-1].type = NULL;
-#endif
- }
- ;
-
-ophost : host {
- SETMATCH(host_matches, $1);
- }
- | '!' host {
- SETNMATCH(host_matches, $2);
- }
- ;
-
-host : ALL {
- $$ = TRUE;
- }
- | NTWKADDR {
- if (addr_matches($1))
- $$ = TRUE;
- else
- $$ = NOMATCH;
- efree($1);
- }
- | NETGROUP {
- if (netgr_matches($1, user_host, user_shost, NULL))
- $$ = TRUE;
- else
- $$ = NOMATCH;
- efree($1);
- }
- | WORD {
- if (hostname_matches(user_shost, user_host, $1) == 0)
- $$ = TRUE;
- else
- $$ = NOMATCH;
- efree($1);
- }
- | ALIAS {
- aliasinfo *aip = find_alias($1, HOST_ALIAS);
-
- /* could be an all-caps hostname */
- if (aip)
- $$ = aip->val;
- else if (strcasecmp(user_shost, $1) == 0)
- $$ = TRUE;
- else {
- if (pedantic) {
- (void) fprintf(stderr,
- "%s: undeclared Host_Alias `%s' referenced near line %d\n",
- (pedantic == 1) ? "Warning" : "Error", $1, sudolineno);
- if (pedantic > 1) {
- yyerror(NULL);
- YYERROR;
- }
- }
- $$ = NOMATCH;
- }
- efree($1);
- }
- ;
-
-cmndspeclist : cmndspec
- | cmndspeclist ',' cmndspec
- ;
-
-cmndspec : { SETENV_RESET; } runasspec selinux cmndtag opcmnd {
-#ifdef HAVE_SELINUX
- /* Replace inherited role/type as needed. */
- if ($3.role != NULL) {
- efree(match[top-1].role);
- match[top-1].role = $3.role;
- }
- if ($3.type != NULL) {
- efree(match[top-1].type);
- match[top-1].type = $3.type;
- }
-#endif
- /*
- * Push the entry onto the stack if it is worth
- * saving and reset cmnd_matches for next cmnd.
- *
- * We need to save at least one entry on
- * the stack so sudoers_lookup() can tell that
- * the user was listed in sudoers. Also, we
- * need to be able to tell whether or not a
- * user was listed for this specific host.
- *
- * If keepall is set and the user matches then
- * we need to keep entries around too...
- */
- if (MATCHED(user_matches) &&
- MATCHED(host_matches) &&
- MATCHED(cmnd_matches) &&
- MATCHED(runas_matches))
- pushcp;
- else if (MATCHED(user_matches) && (top == 1 ||
- (top == 2 && MATCHED(host_matches) &&
- !MATCHED(match[0].host))))
- pushcp;
- else if (user_matches == TRUE && keepall)
- pushcp;
-
- cmnd_matches = UNSPEC;
- }
- ;
-
-opcmnd : cmnd {
- SETMATCH(cmnd_matches, $1);
- }
- | '!' {
- if (printmatches == TRUE) {
- if (in_alias == TRUE)
- append_entries("!", ", ");
- else if (host_matches == TRUE &&
- user_matches == TRUE)
- append_cmnd("!", NULL);
- }
- } cmnd {
- SETNMATCH(cmnd_matches, $3);
- }
- ;
-
-rolespec : ROLE '=' WORD {
-#ifdef HAVE_SELINUX
- if (printmatches == TRUE && host_matches == TRUE &&
- user_matches == TRUE && runas_matches == TRUE)
- append_role($3, NULL);
- $$ = $3;
-#else
- free($3);
- $$ = NULL;
-#endif /* HAVE_SELINUX */
- }
- ;
-
-typespec : TYPE '=' WORD {
-#ifdef HAVE_SELINUX
- if (printmatches == TRUE && host_matches == TRUE &&
- user_matches == TRUE && runas_matches == TRUE)
- append_type($3, NULL);
- $$ = $3;
-#else
- free($3);
- $$ = NULL;
-#endif /* HAVE_SELINUX */
- }
- ;
-
-selinux : /* empty */ {
-#ifdef HAVE_SELINUX
- if (printmatches == TRUE && host_matches == TRUE &&
- user_matches == TRUE && runas_matches == TRUE) {
- if (match[top-1].role != NULL) {
- /* Inherit role. */
- cm_list[cm_list_len].role =
- estrdup(cm_list[cm_list_len-1].role);
- cm_list[cm_list_len].role_len =
- cm_list[cm_list_len-1].role_len;
- cm_list[cm_list_len].role_size =
- cm_list[cm_list_len-1].role_len + 1;
- }
- if (match[top-1].type != NULL) {
- /* Inherit type. */
- cm_list[cm_list_len].type =
- estrdup(cm_list[cm_list_len-1].type);
- cm_list[cm_list_len].type_len =
- cm_list[cm_list_len-1].type_len;
- cm_list[cm_list_len].type_size =
- cm_list[cm_list_len-1].type_len + 1;
- }
- }
-#endif /* HAVE_SELINUX */
- $$.role = NULL;
- $$.type = NULL;
- }
- | rolespec {
-#ifdef HAVE_SELINUX
- if (printmatches == TRUE && host_matches == TRUE &&
- user_matches == TRUE && runas_matches == TRUE) {
- if (match[top-1].type != NULL) {
- /* Inherit type. */
- cm_list[cm_list_len].type =
- estrdup(cm_list[cm_list_len-1].type);
- cm_list[cm_list_len].type_len =
- cm_list[cm_list_len-1].type_len;
- cm_list[cm_list_len].type_size =
- cm_list[cm_list_len-1].type_len + 1;
- }
- }
-#endif /* HAVE_SELINUX */
- $$.role = $1;
- $$.type = NULL;
- }
- | typespec {
-#ifdef HAVE_SELINUX
- if (printmatches == TRUE && host_matches == TRUE &&
- user_matches == TRUE && runas_matches == TRUE) {
- if (match[top-1].role != NULL) {
- /* Inherit role. */
- cm_list[cm_list_len].role =
- estrdup(cm_list[cm_list_len-1].role);
- cm_list[cm_list_len].role_len =
- cm_list[cm_list_len-1].role_len;
- cm_list[cm_list_len].role_size =
- cm_list[cm_list_len-1].role_len + 1;
- }
- }
-#endif /* HAVE_SELINUX */
- $$.type = $1;
- $$.role = NULL;
- }
- | rolespec typespec {
- $$.role = $1;
- $$.type = $2;
- }
- | typespec rolespec {
- $$.type = $1;
- $$.role = $2;
- }
- ;
-
-runasspec : /* empty */ {
- if (printmatches == TRUE && host_matches == TRUE &&
- user_matches == TRUE) {
- if (runas_matches == UNSPEC) {
- cm_list[cm_list_len].runas_len = 0;
- } else {
- /* Inherit runas data. */
- cm_list[cm_list_len].runas =
- estrdup(cm_list[cm_list_len-1].runas);
- cm_list[cm_list_len].runas_len =
- cm_list[cm_list_len-1].runas_len;
- cm_list[cm_list_len].runas_size =
- cm_list[cm_list_len-1].runas_len + 1;
- }
- }
- /*
- * If this is the first entry in a command list
- * then check against default runas user.
- */
- if (runas_matches == UNSPEC) {
- runas_matches = userpw_matches(def_runas_default,
- *user_runas, runas_pw) ? TRUE : NOMATCH;
- }
- }
- | RUNAS runaslist {
- runas_matches = $2;
- }
- ;
-
-runaslist : oprunasuser { ; }
- | runaslist ',' oprunasuser {
- /* Later entries override earlier ones. */
- if ($3 != NOMATCH)
- $$ = $3;
- else
- $$ = $1;
- }
- ;
-
-oprunasuser : runasuser { ; }
- | '!' {
- if (printmatches == TRUE) {
- if (in_alias == TRUE)
- append_entries("!", ", ");
- else if (host_matches == TRUE &&
- user_matches == TRUE)
- append_runas("!", ", ");
- }
- } runasuser {
- /* Set $$ to the negation of runasuser */
- $$ = ($3 == NOMATCH ? NOMATCH : ! $3);
- }
- ;
-
-runasuser : WORD {
- if (printmatches == TRUE) {
- if (in_alias == TRUE)
- append_entries($1, ", ");
- else if (host_matches == TRUE &&
- user_matches == TRUE)
- append_runas($1, ", ");
- }
- if (userpw_matches($1, *user_runas, runas_pw))
- $$ = TRUE;
- else
- $$ = NOMATCH;
- efree($1);
- used_runas = TRUE;
- }
- | USERGROUP {
- if (printmatches == TRUE) {
- if (in_alias == TRUE)
- append_entries($1, ", ");
- else if (host_matches == TRUE &&
- user_matches == TRUE)
- append_runas($1, ", ");
- }
- if (usergr_matches($1, *user_runas, runas_pw))
- $$ = TRUE;
- else
- $$ = NOMATCH;
- efree($1);
- used_runas = TRUE;
- }
- | NETGROUP {
- if (printmatches == TRUE) {
- if (in_alias == TRUE)
- append_entries($1, ", ");
- else if (host_matches == TRUE &&
- user_matches == TRUE)
- append_runas($1, ", ");
- }
- if (netgr_matches($1, NULL, NULL, *user_runas))
- $$ = TRUE;
- else
- $$ = NOMATCH;
- efree($1);
- used_runas = TRUE;
- }
- | ALIAS {
- aliasinfo *aip = find_alias($1, RUNAS_ALIAS);
-
- if (printmatches == TRUE) {
- if (in_alias == TRUE)
- append_entries($1, ", ");
- else if (host_matches == TRUE &&
- user_matches == TRUE)
- append_runas($1, ", ");
- }
- /* could be an all-caps username */
- if (aip)
- $$ = aip->val;
- else if (strcmp($1, *user_runas) == 0)
- $$ = TRUE;
- else {
- if (pedantic) {
- (void) fprintf(stderr,
- "%s: undeclared Runas_Alias `%s' referenced near line %d\n",
- (pedantic == 1) ? "Warning" : "Error", $1, sudolineno);
- if (pedantic > 1) {
- yyerror(NULL);
- YYERROR;
- }
- }
- $$ = NOMATCH;
- }
- efree($1);
- used_runas = TRUE;
- }
- | ALL {
- if (printmatches == TRUE) {
- if (in_alias == TRUE)
- append_entries("ALL", ", ");
- else if (host_matches == TRUE &&
- user_matches == TRUE)
- append_runas("ALL", ", ");
- }
- $$ = TRUE;
- }
- ;
-
-cmndtag : /* empty */ {
- /* Inherit {NO,}{PASSWD,EXEC,SETENV} status. */
- if (printmatches == TRUE && host_matches == TRUE &&
- user_matches == TRUE) {
- if (no_passwd == TRUE)
- cm_list[cm_list_len].nopasswd = TRUE;
- else
- cm_list[cm_list_len].nopasswd = FALSE;
- if (no_execve == TRUE)
- cm_list[cm_list_len].noexecve = TRUE;
- else
- cm_list[cm_list_len].noexecve = FALSE;
- if (setenv_ok == TRUE)
- cm_list[cm_list_len].setenv = TRUE;
- else
- cm_list[cm_list_len].setenv = FALSE;
- }
- }
- | cmndtag NOPASSWD {
- no_passwd = TRUE;
- if (printmatches == TRUE && host_matches == TRUE &&
- user_matches == TRUE)
- cm_list[cm_list_len].nopasswd = TRUE;
- }
- | cmndtag PASSWD {
- no_passwd = FALSE;
- if (printmatches == TRUE && host_matches == TRUE &&
- user_matches == TRUE)
- cm_list[cm_list_len].nopasswd = FALSE;
- }
- | cmndtag NOEXEC {
- no_execve = TRUE;
- if (printmatches == TRUE && host_matches == TRUE &&
- user_matches == TRUE)
- cm_list[cm_list_len].noexecve = TRUE;
- }
- | cmndtag EXEC {
- no_execve = FALSE;
- if (printmatches == TRUE && host_matches == TRUE &&
- user_matches == TRUE)
- cm_list[cm_list_len].noexecve = FALSE;
- }
- | cmndtag SETENV {
- setenv_ok = TRUE;
- if (printmatches == TRUE && host_matches == TRUE &&
- user_matches == TRUE)
- cm_list[cm_list_len].setenv = TRUE;
- }
- | cmndtag NOSETENV {
- setenv_ok = FALSE;
- if (printmatches == TRUE && host_matches == TRUE &&
- user_matches == TRUE)
- cm_list[cm_list_len].setenv = FALSE;
- }
- ;
-
-cmnd : ALL {
- if (printmatches == TRUE) {
- if (in_alias == TRUE)
- append_entries("ALL", ", ");
- else if (host_matches == TRUE &&
- user_matches == TRUE) {
- append_cmnd("ALL", NULL);
- expand_match_list();
- }
- }
- /* sudo "ALL" implies the SETENV tag */
- if (setenv_ok == UNSPEC)
- setenv_ok = IMPLIED;
-
- efree(safe_cmnd);
- safe_cmnd = NULL;
- $$ = TRUE;
- }
- | ALIAS {
- aliasinfo *aip;
-
- if (printmatches == TRUE) {
- if (in_alias == TRUE)
- append_entries($1, ", ");
- else if (host_matches == TRUE &&
- user_matches == TRUE) {
- append_cmnd($1, NULL);
- expand_match_list();
- }
- }
-
- if ((aip = find_alias($1, CMND_ALIAS)))
- $$ = aip->val;
- else {
- if (pedantic) {
- (void) fprintf(stderr,
- "%s: undeclared Cmnd_Alias `%s' referenced near line %d\n",
- (pedantic == 1) ? "Warning" : "Error", $1, sudolineno);
- if (pedantic > 1) {
- yyerror(NULL);
- YYERROR;
- }
- }
- $$ = NOMATCH;
- }
- efree($1);
- }
- | COMMAND {
- if (printmatches == TRUE) {
- if (in_alias == TRUE) {
- append_entries($1.cmnd, ", ");
- if ($1.args)
- append_entries($1.args, " ");
- }
- if (host_matches == TRUE &&
- user_matches == TRUE) {
- append_cmnd($1.cmnd, NULL);
- if ($1.args)
- append_cmnd($1.args, " ");
- expand_match_list();
- }
- }
-
- if (command_matches($1.cmnd, $1.args))
- $$ = TRUE;
- else
- $$ = NOMATCH;
-
- efree($1.cmnd);
- efree($1.args);
- }
- ;
-
-hostaliases : hostalias
- | hostaliases ':' hostalias
- ;
-
-hostalias : ALIAS { push; } '=' hostlist {
- if ((MATCHED(host_matches) || pedantic) &&
- !add_alias($1, HOST_ALIAS, host_matches)) {
- yyerror(NULL);
- YYERROR;
- }
- pop;
- }
- ;
-
-hostlist : ophost
- | hostlist ',' ophost
- ;
-
-cmndaliases : cmndalias
- | cmndaliases ':' cmndalias
- ;
-
-cmndalias : ALIAS {
- push;
- if (printmatches == TRUE) {
- in_alias = TRUE;
- /* Allocate space for ga_list if necessary. */
- expand_ga_list();
- ga_list[ga_list_len-1].type = CMND_ALIAS;
- ga_list[ga_list_len-1].alias = estrdup($1);
- }
- } '=' cmndlist {
- if ((MATCHED(cmnd_matches) || pedantic) &&
- !add_alias($1, CMND_ALIAS, cmnd_matches)) {
- yyerror(NULL);
- YYERROR;
- }
- pop;
- efree($1);
-
- if (printmatches == TRUE)
- in_alias = FALSE;
- }
- ;
-
-cmndlist : opcmnd { ; }
- | cmndlist ',' opcmnd
- ;
-
-runasaliases : runasalias
- | runasaliases ':' runasalias
- ;
-
-runasalias : ALIAS {
- if (printmatches == TRUE) {
- in_alias = TRUE;
- /* Allocate space for ga_list if necessary. */
- expand_ga_list();
- ga_list[ga_list_len-1].type = RUNAS_ALIAS;
- ga_list[ga_list_len-1].alias = estrdup($1);
- }
- } '=' runaslist {
- if (($4 != NOMATCH || pedantic) &&
- !add_alias($1, RUNAS_ALIAS, $4)) {
- yyerror(NULL);
- YYERROR;
- }
- efree($1);
-
- if (printmatches == TRUE)
- in_alias = FALSE;
- }
- ;
-
-useraliases : useralias
- | useraliases ':' useralias
- ;
-
-useralias : ALIAS { push; } '=' userlist {
- if ((MATCHED(user_matches) || pedantic) &&
- !add_alias($1, USER_ALIAS, user_matches)) {
- yyerror(NULL);
- YYERROR;
- }
- pop;
- efree($1);
- }
- ;
-
-userlist : opuser
- | userlist ',' opuser
- ;
-
-opuser : user {
- SETMATCH(user_matches, $1);
- }
- | '!' user {
- SETNMATCH(user_matches, $2);
- }
- ;
-
-user : WORD {
- if (userpw_matches($1, user_name, sudo_user.pw))
- $$ = TRUE;
- else
- $$ = NOMATCH;
- efree($1);
- }
- | USERGROUP {
- if (usergr_matches($1, user_name, sudo_user.pw))
- $$ = TRUE;
- else
- $$ = NOMATCH;
- efree($1);
- }
- | NETGROUP {
- if (netgr_matches($1, NULL, NULL, user_name))
- $$ = TRUE;
- else
- $$ = NOMATCH;
- efree($1);
- }
- | ALIAS {
- aliasinfo *aip = find_alias($1, USER_ALIAS);
-
- /* could be an all-caps username */
- if (aip)
- $$ = aip->val;
- else if (strcmp($1, user_name) == 0)
- $$ = TRUE;
- else {
- if (pedantic) {
- (void) fprintf(stderr,
- "%s: undeclared User_Alias `%s' referenced near line %d\n",
- (pedantic == 1) ? "Warning" : "Error", $1, sudolineno);
- if (pedantic > 1) {
- yyerror(NULL);
- YYERROR;
- }
- }
- $$ = NOMATCH;
- }
- efree($1);
- }
- | ALL {
- $$ = TRUE;
- }
- ;
-
-%%
-
-#define MOREALIASES (32)
-aliasinfo *aliases = NULL;
-size_t naliases = 0;
-size_t nslots = 0;
-
-
-/*
- * Compare two aliasinfo structures, strcmp() style.
- * Note that we do *not* compare their values.
- */
-static int
-aliascmp(a1, a2)
- const VOID *a1, *a2;
-{
- int r;
- aliasinfo *ai1, *ai2;
-
- ai1 = (aliasinfo *) a1;
- ai2 = (aliasinfo *) a2;
- if ((r = strcmp(ai1->name, ai2->name)) == 0)
- r = ai1->type - ai2->type;
-
- return(r);
-}
-
-/*
- * Compare two generic_alias structures, strcmp() style.
- */
-static int
-genaliascmp(entry, key)
- const VOID *entry, *key;
-{
- int r;
- struct generic_alias *ga1, *ga2;
-
- ga1 = (struct generic_alias *) key;
- ga2 = (struct generic_alias *) entry;
- if ((r = strcmp(ga1->alias, ga2->alias)) == 0)
- r = ga1->type - ga2->type;
-
- return(r);
-}
-
-
-/*
- * Adds the named alias of the specified type to the aliases list.
- */
-static int
-add_alias(alias, type, val)
- char *alias;
- int type;
- int val;
-{
- aliasinfo ai, *aip;
- size_t onaliases;
- char s[512];
-
- if (naliases >= nslots)
- more_aliases();
-
- ai.type = type;
- ai.val = val;
- ai.name = estrdup(alias);
- onaliases = naliases;
-
- aip = (aliasinfo *) lsearch((VOID *)&ai, (VOID *)aliases, &naliases,
- sizeof(ai), aliascmp);
- if (aip == NULL) {
- (void) snprintf(s, sizeof(s), "Aliases corrupted defining alias `%s'",
- alias);
- yyerror(s);
- return(FALSE);
- }
- if (onaliases == naliases) {
- (void) snprintf(s, sizeof(s), "Alias `%s' already defined", alias);
- yyerror(s);
- return(FALSE);
- }
-
- return(TRUE);
-}
-
-/*
- * Searches for the named alias of the specified type.
- */
-static aliasinfo *
-find_alias(alias, type)
- char *alias;
- int type;
-{
- aliasinfo ai;
-
- ai.name = alias;
- ai.type = type;
-
- return((aliasinfo *) lfind((VOID *)&ai, (VOID *)aliases, &naliases,
- sizeof(ai), aliascmp));
-}
-
-/*
- * Allocates more space for the aliases list.
- */
-static void
-more_aliases()
-{
-
- nslots += MOREALIASES;
- aliases = (aliasinfo *) erealloc3(aliases, nslots, sizeof(aliasinfo));
-}
-
-/*
- * Lists the contents of the aliases list.
- */
-void
-dumpaliases()
-{
- size_t n;
-
- for (n = 0; n < naliases; n++) {
- if (aliases[n].val == -1)
- continue;
-
- switch (aliases[n].type) {
- case HOST_ALIAS:
- (void) puts("HOST_ALIAS");
- break;
-
- case CMND_ALIAS:
- (void) puts("CMND_ALIAS");
- break;
-
- case USER_ALIAS:
- (void) puts("USER_ALIAS");
- break;
-
- case RUNAS_ALIAS:
- (void) puts("RUNAS_ALIAS");
- break;
- }
- (void) printf("\t%s: %d\n", aliases[n].name, aliases[n].val);
- }
-}
-
-/*
- * Lists the contents of cm_list and ga_list for `sudo -l'.
- */
-void
-list_matches()
-{
- size_t count;
- char *p;
- struct generic_alias *ga, key;
-
- (void) printf("User %s may run the following commands on this host:\n",
- user_name);
- for (count = 0; count < cm_list_len; count++) {
-
- /* Print the runas list. */
- (void) fputs(" ", stdout);
- if (cm_list[count].runas) {
- (void) putchar('(');
- p = strtok(cm_list[count].runas, ", ");
- do {
- if (p != cm_list[count].runas)
- (void) fputs(", ", stdout);
-
- key.alias = p;
- key.type = RUNAS_ALIAS;
- if ((ga = (struct generic_alias *) lfind((VOID *) &key,
- (VOID *) &ga_list[0], &ga_list_len, sizeof(key), genaliascmp)))
- (void) fputs(ga->entries, stdout);
- else
- (void) fputs(p, stdout);
- } while ((p = strtok(NULL, ", ")));
- (void) fputs(") ", stdout);
- } else {
- (void) printf("(%s) ", def_runas_default);
- }
-
-#ifdef HAVE_SELINUX
- /* SELinux role and type */
- if (cm_list[count].role != NULL)
- (void) printf("ROLE=%s ", cm_list[count].role);
- if (cm_list[count].type != NULL)
- (void) printf("TYPE=%s ", cm_list[count].type);
-#endif
-
- /* Is execve(2) disabled? */
- if (cm_list[count].noexecve == TRUE && !def_noexec)
- (void) fputs("NOEXEC: ", stdout);
- else if (cm_list[count].noexecve == FALSE && def_noexec)
- (void) fputs("EXEC: ", stdout);
-
- /* Is a password required? */
- if (cm_list[count].nopasswd == TRUE && def_authenticate)
- (void) fputs("NOPASSWD: ", stdout);
- else if (cm_list[count].nopasswd == FALSE && !def_authenticate)
- (void) fputs("PASSWD: ", stdout);
-
- /* Is setenv enabled? */
- if (cm_list[count].setenv == TRUE && !def_setenv)
- (void) fputs("SETENV: ", stdout);
- else if (cm_list[count].setenv == FALSE && def_setenv)
- (void) fputs("NOSETENV: ", stdout);
-
- /* Print the actual command or expanded Cmnd_Alias. */
- key.alias = cm_list[count].cmnd;
- key.type = CMND_ALIAS;
- if ((ga = (struct generic_alias *) lfind((VOID *) &key,
- (VOID *) &ga_list[0], &ga_list_len, sizeof(key), genaliascmp)))
- (void) puts(ga->entries);
- else
- (void) puts(cm_list[count].cmnd);
- }
-
- /* Be nice and free up space now that we are done. */
- for (count = 0; count < ga_list_len; count++) {
- efree(ga_list[count].alias);
- efree(ga_list[count].entries);
- }
- efree(ga_list);
- ga_list = NULL;
-
- for (count = 0; count < cm_list_len; count++) {
- efree(cm_list[count].runas);
- efree(cm_list[count].cmnd);
- efree(cm_list[count].role);
- efree(cm_list[count].type);
- }
- efree(cm_list);
- cm_list = NULL;
- cm_list_len = 0;
- cm_list_size = 0;
-}
-
-/*
- * Appends a source string to the destination, optionally prefixing a separator.
- */
-static void
-append(src, dstp, dst_len, dst_size, separator)
- char *src, **dstp;
- size_t *dst_len, *dst_size;
- char *separator;
-{
- size_t src_len = strlen(src);
- char *dst = *dstp;
-
- /*
- * Only add the separator if there is something to separate from.
- * If the last char is a '!', don't apply the separator (XXX).
- */
- if (separator && dst && dst[*dst_len - 1] != '!')
- src_len += strlen(separator);
- else
- separator = NULL;
-
- /* Assumes dst will be NULL if not set. */
- if (dst == NULL) {
- dst = (char *) emalloc(BUFSIZ);
- *dst = '\0';
- *dst_size = BUFSIZ;
- *dst_len = 0;
- *dstp = dst;
- }
-
- /* Allocate more space if necessary. */
- if (*dst_size <= *dst_len + src_len) {
- while (*dst_size <= *dst_len + src_len)
- *dst_size += BUFSIZ;
-
- dst = (char *) erealloc(dst, *dst_size);
- *dstp = dst;
- }
-
- /* Copy src -> dst adding a separator if appropriate and adjust len. */
- if (separator)
- (void) strlcat(dst, separator, *dst_size);
- (void) strlcat(dst, src, *dst_size);
- *dst_len += src_len;
-}
-
-/*
- * Frees up space used by the aliases list and resets the associated counters.
- */
-void
-reset_aliases()
-{
- size_t n;
-
- if (aliases) {
- for (n = 0; n < naliases; n++)
- efree(aliases[n].name);
- efree(aliases);
- aliases = NULL;
- }
- naliases = nslots = 0;
-}
-
-/*
- * Increments ga_list_len, allocating more space as necessary.
- */
-static void
-expand_ga_list()
-{
-
- if (++ga_list_len >= ga_list_size) {
- while ((ga_list_size += STACKINCREMENT) < ga_list_len)
- ;
- ga_list = (struct generic_alias *)
- erealloc3(ga_list, ga_list_size, sizeof(struct generic_alias));
- }
-
- ga_list[ga_list_len - 1].entries = NULL;
-}
-
-/*
- * Increments cm_list_len, allocating more space as necessary.
- */
-static void
-expand_match_list()
-{
-
- if (++cm_list_len >= cm_list_size) {
- while ((cm_list_size += STACKINCREMENT) < cm_list_len)
- ;
- if (cm_list == NULL)
- cm_list_len = 0; /* start at 0 since it is a subscript */
- cm_list = (struct command_match *)
- erealloc3(cm_list, cm_list_size, sizeof(struct command_match));
- }
-
- cm_list[cm_list_len].runas = cm_list[cm_list_len].cmnd = NULL;
- cm_list[cm_list_len].type = cm_list[cm_list_len].role = NULL;
- cm_list[cm_list_len].nopasswd = FALSE;
- cm_list[cm_list_len].noexecve = FALSE;
- cm_list[cm_list_len].setenv = FALSE;
-}
-
-/*
- * Frees up spaced used by a previous parser run and allocates new space
- * for various data structures.
- */
-void
-init_parser()
-{
-
- /* Free up old data structures if we run the parser more than once. */
- if (match) {
- efree(match);
- match = NULL;
- top = 0;
- parse_error = FALSE;
- used_runas = FALSE;
- errorlineno = -1;
- sudolineno = 1;
- }
-
- /* Allocate space for the matching stack. */
- stacksize = STACKINCREMENT;
- match = (struct matchstack *) emalloc2(stacksize, sizeof(struct matchstack));
-
- /* Allocate space for the match list (for `sudo -l'). */
- if (printmatches == TRUE)
- expand_match_list();
-}
Modified: trunk/contrib/sudo/parse_args.c
===================================================================
--- trunk/contrib/sudo/parse_args.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/parse_args.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -51,8 +51,7 @@
/*
* Local functions
*/
-static void usage_excl __P((int))
- __attribute__((__noreturn__));
+static void usage_excl __P((int));
/*
* For sudo.c
@@ -303,23 +302,30 @@
if (NewArgc == 0 && mode == MODE_RUN && !ISSET(flags, MODE_SHELL))
SET(flags, (MODE_IMPLIED_SHELL | MODE_SHELL));
- return(mode | flags);
+ return mode | flags;
}
static int
-usage_out(buf)
+usage_err(buf)
const char *buf;
{
return fputs(buf, stderr);
}
+static int
+usage_out(buf)
+ const char *buf;
+{
+ return fputs(buf, stdout);
+}
+
/*
* Give usage message and exit.
* The actual usage strings are in sudo_usage.h for configure substitution.
*/
void
-usage(exit_val)
- int exit_val;
+usage(fatal)
+ int fatal;
{
struct lbuf lbuf;
char *uvec[6];
@@ -345,13 +351,14 @@
* tty width.
*/
ulen = (int)strlen(getprogname()) + 8;
- lbuf_init(&lbuf, usage_out, ulen, NULL);
+ lbuf_init(&lbuf, fatal ? usage_err : usage_out, ulen, NULL);
for (i = 0; uvec[i] != NULL; i++) {
lbuf_append(&lbuf, "usage: ", getprogname(), uvec[i], NULL);
lbuf_print(&lbuf);
}
lbuf_destroy(&lbuf);
- exit(exit_val);
+ if (fatal)
+ exit(1);
}
/*
@@ -358,9 +365,100 @@
* Tell which options are mutually exclusive and exit.
*/
static void
-usage_excl(exit_val)
- int exit_val;
+usage_excl(fatal)
+ int fatal;
{
warningx("Only one of the -e, -h, -i, -K, -l, -s, -v or -V options may be specified");
- usage(exit_val);
+ usage(fatal);
}
+
+void
+help()
+{
+ struct lbuf lbuf;
+ int indent = 16;
+ const char *pname = getprogname();
+
+ lbuf_init(&lbuf, usage_out, indent, NULL);
+ if (strcmp(pname, "sudoedit") == 0)
+ lbuf_append(&lbuf, pname, " - edit files as another user\n\n", NULL);
+ else
+ lbuf_append(&lbuf, pname, " - execute a command as another user\n\n", NULL);
+ lbuf_print(&lbuf);
+
+ usage(0);
+
+ lbuf_append(&lbuf, "\nOptions:\n", NULL);
+#ifdef HAVE_BSD_AUTH_H
+ lbuf_append(&lbuf,
+ " -A use helper program for password prompting\n", NULL);
+#endif
+ lbuf_append(&lbuf,
+ " -a type use specified BSD authentication type\n", NULL);
+ lbuf_append(&lbuf,
+ " -b run command in the background\n", NULL);
+ lbuf_append(&lbuf,
+ " -C fd close all file descriptors >= fd\n", NULL);
+#ifdef HAVE_LOGIN_CAP_H
+ lbuf_append(&lbuf,
+ " -c class run command with specified login class\n", NULL);
+#endif
+ lbuf_append(&lbuf,
+ " -E preserve user environment when executing command\n",
+ NULL);
+ lbuf_append(&lbuf,
+ " -e edit files instead of running a command\n", NULL);
+ lbuf_append(&lbuf,
+ " -g group execute command as the specified group\n", NULL);
+ lbuf_append(&lbuf,
+ " -H set HOME variable to target user's home dir.\n",
+ NULL);
+ lbuf_append(&lbuf,
+ " -h display help message and exit\n", NULL);
+ lbuf_append(&lbuf,
+ " -i [command] run a login shell as target user\n", NULL);
+ lbuf_append(&lbuf,
+ " -K remove timestamp file completely\n", NULL);
+ lbuf_append(&lbuf,
+ " -k invalidate timestamp file\n", NULL);
+ lbuf_append(&lbuf,
+ " -L list supported sudoers Defaults values\n", NULL);
+ lbuf_append(&lbuf,
+ " -l[l] command list user's available commands\n", NULL);
+ lbuf_append(&lbuf,
+ " -n non-interactive mode, will not prompt user\n", NULL);
+ lbuf_append(&lbuf,
+ " -P preserve group vector instead of setting to target's\n",
+ NULL);
+ lbuf_append(&lbuf,
+ " -p prompt use specified password prompt\n", NULL);
+#ifdef HAVE_SELINUX
+ lbuf_append(&lbuf,
+ " -r role create SELinux security context with specified role\n",
+ NULL);
+#endif
+ lbuf_append(&lbuf,
+ " -S read password from standard input\n", NULL);
+ lbuf_append(&lbuf,
+ " -s [command] run a shell as target user\n", NULL);
+#ifdef HAVE_SELINUX
+ lbuf_append(&lbuf,
+ " -t type create SELinux security context with specified role\n",
+ NULL);
+#endif
+ lbuf_append(&lbuf,
+ " -U user when listing, list specified user's privileges\n",
+ NULL);
+ lbuf_append(&lbuf,
+ " -u user run command (or edit file) as specified user\n", NULL);
+ lbuf_append(&lbuf,
+ " -V display version information and exit\n", NULL);
+ lbuf_append(&lbuf,
+ " -v update user's timestamp without running a command\n",
+ NULL);
+ lbuf_append(&lbuf,
+ " -- stop processing command line arguments\n", NULL);
+ lbuf_print(&lbuf);
+ lbuf_destroy(&lbuf);
+ exit(0);
+}
Deleted: trunk/contrib/sudo/pathnames.h
===================================================================
--- trunk/contrib/sudo/pathnames.h 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/pathnames.h 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,152 +0,0 @@
-/* pathnames.h. Generated from pathnames.h.in by configure. */
-/*
- * Copyright (c) 1996, 1998, 1999, 2001, 2004, 2005, 2007-2010
- * Todd C. Miller <Todd.Miller at courtesan.com>.
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- *
- * Sponsored in part by the Defense Advanced Research Projects
- * Agency (DARPA) and Air Force Research Laboratory, Air Force
- * Materiel Command, USAF, under agreement number F39502-99-1-0512.
- */
-
-/*
- * Pathnames to programs and files used by sudo.
- */
-
-#ifdef HAVE_PATHS_H
-#include <paths.h>
-#endif /* HAVE_PATHS_H */
-
-#ifdef HAVE_MAILLOCK_H
-#include <maillock.h>
-#endif /* HAVE_MAILLOCK_H */
-
-#ifndef _PATH_DEV
-#define _PATH_DEV "/dev/"
-#endif /* _PATH_DEV */
-
-#ifndef _PATH_TTY
-#define _PATH_TTY "/dev/tty"
-#endif /* _PATH_TTY */
-
-#ifndef _PATH_DEVNULL
-#define _PATH_DEVNULL "/dev/null"
-#endif /* _PATH_DEVNULL */
-
-#ifndef _PATH_DEFPATH
-#define _PATH_DEFPATH "/usr/bin:/bin"
-#endif /* _PATH_DEFPATH */
-
-#ifndef _PATH_STDPATH
-#define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
-#endif /* _PATH_STDPATH */
-
-#ifndef _PATH_ENVIRONMENT
-#define _PATH_ENVIRONMENT "/etc/environment"
-#endif /* _PATH_ENVIRONMENT */
-
-/*
- * NOTE: _PATH_SUDOERS is usually overridden by the Makefile.
- */
-#ifndef _PATH_SUDOERS
-#define _PATH_SUDOERS "/etc/sudoers"
-#endif /* _PATH_SUDOERS */
-
-/*
- * The following paths are controlled via the configure script.
- */
-
-/*
- * Where to put the timestamp files. Defaults to /var/run/sudo,
- * /var/adm/sudo or /usr/adm/sudo depending on what exists.
- */
-#ifndef _PATH_SUDO_TIMEDIR
-#define _PATH_SUDO_TIMEDIR "/var/db/sudo"
-#endif /* _PATH_SUDO_TIMEDIR */
-
-/*
- * Where to put the I/O log files. Defaults to /var/log/sudo-io,
- * /var/adm/sudo-io or /usr/adm/sudo-io depending on what exists.
- */
-#ifndef _PATH_SUDO_IO_LOGDIR
-#define _PATH_SUDO_IO_LOGDIR "/var/log/sudo-io"
-#endif /* _PATH_SUDO_IO_LOGDIR */
-
-/*
- * Where to put the sudo log file when logging to a file. Defaults to
- * /var/log/sudo.log if /var/log exists, else /var/adm/sudo.log.
- */
-#ifndef _PATH_SUDO_LOGFILE
-#define _PATH_SUDO_LOGFILE "/var/log/sudo.log"
-#endif /* _PATH_SUDO_LOGFILE */
-
-#ifndef _PATH_SUDO_SENDMAIL
-#define _PATH_SUDO_SENDMAIL "/usr/sbin/sendmail"
-#endif /* _PATH_SUDO_SENDMAIL */
-
-#ifndef _PATH_SUDO_NOEXEC
-#define _PATH_SUDO_NOEXEC "/usr/local/libexec/sudo_noexec.so"
-#endif /* _PATH_SUDO_NOEXEC */
-
-#ifndef _PATH_SUDO_ASKPASS
-/* #undef _PATH_SUDO_ASKPASS */
-#endif /* _PATH_SUDO_ASKPASS */
-
-#ifndef _PATH_VI
-#define _PATH_VI "/usr/bin/vi"
-#endif /* _PATH_VI */
-
-#ifndef _PATH_MV
-#define _PATH_MV "/bin/mv"
-#endif /* _PATH_MV */
-
-#ifndef _PATH_BSHELL
-#define _PATH_BSHELL "/bin/sh"
-#endif /* _PATH_BSHELL */
-
-#ifndef _PATH_TMP
-#define _PATH_TMP "/tmp/"
-#endif /* _PATH_TMP */
-
-#ifndef _PATH_VARTMP
-#define _PATH_VARTMP "/var/tmp/"
-#endif /* _PATH_VARTMP */
-
-#ifndef _PATH_USRTMP
-#define _PATH_USRTMP "/usr/tmp/"
-#endif /* _PATH_USRTMP */
-
-#ifndef _PATH_MAILDIR
-#define _PATH_MAILDIR "/var/mail"
-#endif /* _PATH_MAILDIR */
-
-#ifndef _PATH_SUDO_SESH
-#define _PATH_SUDO_SESH "/usr/local/libexec/sesh"
-#endif /* _PATH_SUDO_SESH */
-
-#ifndef _PATH_LDAP_CONF
-#define _PATH_LDAP_CONF "/etc/ldap.conf"
-#endif /* _PATH_LDAP_CONF */
-
-#ifndef _PATH_LDAP_SECRET
-#define _PATH_LDAP_SECRET "/etc/ldap.secret"
-#endif /* _PATH_LDAP_SECRET */
-
-#ifndef _PATH_NSSWITCH_CONF
-#define _PATH_NSSWITCH_CONF "/etc/nsswitch.conf"
-#endif /* _PATH_NSSWITCH_CONF */
-
-#ifndef _PATH_NETSVC_CONF
-/* #undef _PATH_NETSVC_CONF */
-#endif /* _PATH_NETSVC_CONF */
Modified: trunk/contrib/sudo/pp
===================================================================
--- trunk/contrib/sudo/pp 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/pp 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,6 +1,6 @@
#!/bin/sh
-# (c) 2010 Quest Software, Inc. All rights reserved
-pp_revision="283"
+# (c) 2011 Quest Software, Inc. All rights reserved
+pp_revision="301"
# Copyright 2010 Quest Software, Inc. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
@@ -1435,8 +1435,8 @@
esac
# convert numeric uids into usernames; only works for /etc/passwd
- case "$_o" in [0-9]*) _o=`pp_getpwuid $_o`;; esac
- case "$_g" in [0-9]*) _g=`pp_getgrgid $_g`;; esac
+ #case "$_o" in [0-9]*) _o=`pp_getpwuid $_o`;; esac
+ #case "$_g" in [0-9]*) _g=`pp_getgrgid $_g`;; esac
pp_debug "$_type $_m $_o $_g $_f $_path" $_tgt
$_ignore || echo "$_type $_m $_o $_g $_f $_path" $_tgt
@@ -2224,6 +2224,7 @@
pp_sd_default_start=1 # config_file default start value
pp_readlink_fn=pp_ls_readlink # HPUX has no readlink
+ pp_shlib_suffix='.sl' # .so on most other platforms
pp_sd_detect_os
}
@@ -2249,11 +2250,21 @@
while read t m o g f p st; do
line=" file"
case "$f" in *v*) line="$line -v";; esac # FIXME for uninstall
- case $t in
- f) dm=644;;
- d) line="$line -t d"; p=${p%/}; dm=755;;
- s) line="$line -t s";;
- esac
+ case ${pp_sd_os} in
+ 10.*)
+ case $t in
+ f) dm=644;;
+ d) p=${p%/}; dm=755;;
+ esac
+ ;;
+ *)
+ case $t in
+ f) dm=644;;
+ d) line="$line -t d"; p=${p%/}; dm=755;;
+ s) line="$line -t s";;
+ esac
+ ;;
+ esac
test x"$o" = x"-" && o=root
test x"$g" = x"-" && g=sys
@@ -2439,11 +2450,16 @@
pp_sd_make_service () {
typeset level startpriority stoppriority startlevels stoplevels
- typeset svc svcvar
+ typeset svc svcvar symtype
svc="$1"
svcvar=`pp_makevar $svc`
+ case ${pp_sd_os} in
+ 10.*) symtype="file";;
+ *) symtype="file -t s";;
+ esac
+
# TODO: Figure out why this check is here
#-- don't do anything if the script exists
#if test -s "$pp_destdir/sbin/init.d/$svc"; then
@@ -2487,12 +2503,12 @@
# create the symlinks
test -z "$startlevels" || for level in $startlevels; do
- echo " file -t s" \
+ echo " ${symtype}" \
"/sbin/init.d/$svc" \
"/sbin/rc$level.d/S$startpriority$svc"
done
test -z "$stoplevels" || for level in $stoplevels; do
- echo " file -t s" \
+ echo " ${symtype}" \
"/sbin/init.d/$svc" \
"/sbin/rc$level.d/K$stoppriority$svc"
done
@@ -2514,9 +2530,10 @@
}
pp_backend_sd () {
- typeset psf cpt svc outfile
+ typeset psf cpt svc outfile release swp_flags
psf=$pp_wrkdir/psf
+ release="?.${pp_sd_os%.[0-9][0-9]}.*"
echo "depot" > $psf
echo "layout_version 1.0" >>$psf
@@ -2537,7 +2554,7 @@
copyright "$copyright"
machine_type *
os_name HP-UX
- os_release ?.11.*
+ os_release $release
os_version ?
directory /
is_locatable false
@@ -2618,10 +2635,15 @@
test -s $pp_wrkdir/%fixup && . $pp_wrkdir/%fixup
outfile=`pp_backend_sd_names`
- if pp_verbose ${pp_sd_sudo} /usr/sbin/swpackage \
- -s $psf \
- -x run_as_superuser=false \
- -x media_type=tape \
+ case ${pp_sd_os} in
+ 10.*)
+ swp_flags="-x target_type=tape"
+ ;;
+ *)
+ swp_flags="-x media_type=tape"
+ ;;
+ esac
+ if pp_verbose ${pp_sd_sudo} /usr/sbin/swpackage -s $psf $swp_flags \
@ $pp_wrkdir/$outfile
then
pp_verbose ${pp_sd_sudo} /usr/sbin/swlist -l file -s $pp_wrkdir/$outfile
@@ -2753,7 +2775,9 @@
pp_solaris_category=
pp_solaris_istates="s S 1 2 3" # run-states when install is ok
pp_solaris_rstates="s S 1 2 3" # run-states when remove is ok
+ pp_solaris_maxinst=
pp_solaris_vendor=
+ pp_solaris_pstamp=
pp_solaris_copyright=
pp_solaris_name=
pp_solaris_desc=
@@ -2982,8 +3006,12 @@
echo "RSTATES=$pp_solaris_rstates" >> $pkginfo
test -n "$pp_solaris_istates" &&
echo "ISTATES=$pp_solaris_istates" >> $pkginfo
+ test -n "$pp_solaris_maxinst" &&
+ echo "MAXINST=$pp_solaris_maxinst" >> $pkginfo
test -n "${pp_solaris_vendor:-$vendor}" &&
echo "VENDOR=${pp_solaris_vendor:-$vendor}" >> $pkginfo
+ test -n "$pp_solaris_pstamp" &&
+ echo "PSTAMP=$pp_solaris_pstamp" >> $pkginfo
if test -n "${pp_solaris_copyright:-$copyright}"; then
echo "${pp_solaris_copyright:-$copyright}" > $pp_wrkdir/copyright
@@ -3028,11 +3056,11 @@
test -n "$pp_services" &&
for _svc in $pp_services; do
pp_load_service_vars $_svc
+ pp_solaris_smf $_svc
pp_solaris_make_service $_svc
pp_solaris_install_service $_svc | pp_prepend $pp_wrkdir/postinstall
- pp_prepend $pp_wrkdir/preremove <<-.
- /etc/init.d/$_svc stop >/dev/null 2>/dev/null
-.
+ pp_solaris_remove_service $_svc | pp_prepend $pp_wrkdir/preremove
+ unset pp_svc_xml_file
done
test -n "$pp_service_groups" &&
@@ -3284,12 +3312,12 @@
}
pp_backend_solaris_init_svc_vars () {
- pp_solaris_smf_category=
+ _smf_category=${pp_solaris_smf_category:-application}
+ _smf_method_envvar_name=${smf_method_envvar_name:-"PP_SMF_SERVICE"}
pp_solaris_service_shell=/sbin/sh
}
pp_solaris_init_svc () {
- smf_category=${pp_solaris_smf_category:-application}
smf_version=1
smf_type=service
solaris_user=
@@ -3307,40 +3335,116 @@
}
pp_solaris_smf () {
- typeset f
- f=/var/svc/manifest/$smf_category/$1
+ typeset f _pp_solaris_service_script svc _pp_solaris_manpage
+
+ pp_solaris_name=${pp_solaris_name:-$name}
+ pp_solaris_manpath=${pp_solaris_manpath:-"/usr/share/man"}
+ smf_start_timeout=${smf_start_timeout:-60}
+ smf_stop_timeout=${smf_stop_timeout:-60}
+ smf_restart_timeout=${smf_restart_timeout:-60}
+
+ svc=${pp_solaris_smf_service_name:-$1}
+ _pp_solaris_service_script=${pp_solaris_service_script:-"/etc/init.d/${pp_solaris_service_script_name:-$svc}"}
+ _pp_solaris_manpage=${pp_solaris_manpage:-$pp_solaris_smf_service_name}
+
+ if [ -z $pp_svc_xml_file ]; then
+ pp_svc_xml_file="/var/svc/manifest/$_smf_category/$svc.xml"
+ echo "## Generating the smf service manifest file for $pp_svc_xml_file"
+ else
+ echo "## SMF service manifest file already defined at $pp_svc_xml_file"
+ if [ -z $pp_solaris_smf_service_name ] || [ -z $pp_solaris_smf_category ] || [ -z $pp_solaris_service_script ] || [ -z $smf_method_envvar_name ]; then
+ pp_error "All required variables are not set.\n"\
+ "When using a custom manifest file all of the following variables must be set:\n"\
+ "pp_solaris_smf_service_name, pp_solaris_smf_category, pp_solaris_service_script and smf_method_envvar_name.\n\n"\
+ "Example:\n"\
+ " \$pp_solaris_smf_category=application\n"\
+ " \$pp_solaris_smf_service_name=pp\n\n"\
+ " <service name='application/pp' type='service' version='1'>\n\n"\
+ "Example:\n"\
+ " \$pp_solaris_service_script=/etc/init.d/pp\n\n"\
+ " <exec_method type='method' name='start' exec='/etc/init.d/pp' />\n\n"\
+ "Example:\n"\
+ " \$smf_method_envvar_name=PP_SMF_SERVICE\n\n"\
+ " <method_environment>\n"\
+ " <envvar name='PP_SMF_SERVICE' value='1'/>\n"\
+ " </method_environment>\n"
+
+ return 1
+ fi
+ return 0
+ fi
+
+ f=$pp_svc_xml_file
pp_add_file_if_missing $f ||
return 0
+ _pp_solaris_smf_dependencies="
+ <dependency name='pp_local_filesystems'
+ grouping='require_all'
+ restart_on='none'
+ type='service'>
+ <service_fmri value='svc:/system/filesystem/local'/>
+ </dependency>
+
+ <dependency name='pp_single-user'
+ grouping='require_all'
+ restart_on='none'
+ type='service'>
+ <service_fmri value='svc:/milestone/single-user' />
+ </dependency>
+"
+ _pp_solaris_smf_dependencies=${pp_solaris_smf_dependencies:-$_pp_solaris_smf_dependencies}
+
cat <<-. >$pp_destdir$f
- <?xml version="1.0"?>
- <!--
- $copyright
- Generated by PolyPackage $pp_version
- -->
+<?xml version="1.0"?>
+<!DOCTYPE service_bundle SYSTEM '/usr/share/lib/xml/dtd/service_bundle.dtd.1'>
+<!--
+ $copyright
+ Generated by PolyPackage $pp_version
+-->
- <service name='$smf_category/$1'
- type='$smf_type'
- version='$smf_version'>
+ <service_bundle type='manifest' name='${pp_solaris_name}:${svc}' >
+ <service name='$_smf_category/$svc'
+ type='$smf_type'
+ version='$smf_version'>
- <single_instance />
+ <create_default_instance enabled='false'/>
- <exec_method type='method' name='start'
- exec=''
- timeout_seconds='60'>
- <method_context>
- <method_credential user='${solaris_user:-$user}' />
- </method_context>
- </exec>
+ <single_instance />
- <exec_method type='method' name='stop'
- exec=':kill -${solaris_stop_signal:-$stop_signal}'>
- <method_context>
- <method_credential user='${solaris_user:-$user}' />
- </method_context>
- </exec>
+ $_pp_solaris_smf_dependencies
+ $pp_solaris_smf_additional_dependencies
+
+ <method_context>
+ <method_credential user='${solaris_user:-$user}' />
+ <method_environment>
+ <envvar name='$_smf_method_envvar_name' value='1'/>
+ </method_environment>
+ </method_context>
+
+ <exec_method type='method' name='start'
+ exec='$_pp_solaris_service_script start'
+ timeout_seconds='$smf_start_timeout' />
+
+ <exec_method type='method' name='stop'
+ exec='$_pp_solaris_service_script stop'
+ timeout_seconds='$smf_stop_timeout' />
+
+ <exec_method type='method' name='restart'
+ exec='$_pp_solaris_service_script restart'
+ timeout_seconds='$smf_restart_timeout' />
+
+ <template>
+ <common_name>
+ <loctext xml:lang='C'>$description</loctext>
+ </common_name>
+ <documentation>
+ <manpage title='$pp_solaris_manpage' section='1' manpath='$pp_solaris_manpath'/>
+ </documentation>
+ </template>
</service>
+ </service_bundle>
.
}
@@ -3411,15 +3515,13 @@
.
}
-
pp_solaris_make_service () {
typeset file out _cmd svc
- svc="$1"
- file="/etc/init.d/$svc"
+ svc="${pp_solaris_smf_service_name:-$1}"
+ file=${pp_solaris_service_script:-"/etc/init.d/${pp_solaris_service_script_name:-$svc}"}
out="$pp_destdir$file"
-
#-- return if we don't need to create the init script
pp_add_file_if_missing "$file" run 755 ||
return 0
@@ -3427,6 +3529,43 @@
echo "#! /sbin/sh" >$out
echo "#-- This service init file generated by polypkg" >>$out
+ #-- Start SMF integration.
+ if [ -n "$pp_svc_xml_file" ] ; then
+ cat <<_EOF >>$out
+if [ -x /usr/sbin/svcadm ] && [ "x\$1" != "xstatus" ] && [ "t\$$_smf_method_envvar_name" = "t" ] ; then
+ case "\$1" in
+ start)
+ echo "starting $svc"
+ /usr/sbin/svcadm clear svc:/$_smf_category/$svc:default >/dev/null 2>&1
+ /usr/sbin/svcadm enable -s $_smf_category/$svc
+ RESULT=\$?
+ if [ "\$RESULT" -ne 0 ] ; then
+ echo "Error \$RESULT starting $svc"
+ fi
+ ;;
+ stop)
+ echo "stopping $svc"
+ /usr/sbin/svcadm disable -ts $_smf_category/$svc
+ ;;
+ restart)
+ echo "restarting $svc"
+ /usr/sbin/svcadm disable -ts $_smf_category/$svc
+ /usr/sbin/svcadm clear svc:/$_smf_category/$svc:default >/dev/null 2>&1
+ /usr/sbin/svcadm enable -s $_smf_category/$svc
+ RESULT=\$?
+ if [ "\$RESULT" -ne 0 ] ; then
+ echo "Error \$RESULT starting $svc"
+ fi
+ ;;
+ *)
+ echo "Usage: $file {start|stop|restart|status}"
+ exit 1
+ esac
+ exit 0
+fi
+_EOF
+ fi
+
#-- construct a start command that builds a pid file as needed
# and forks the daemon
_cmd="$cmd";
@@ -3528,13 +3667,33 @@
.
}
+pp_solaris_remove_service () {
+ typeset file svc
+ svc="${pp_solaris_smf_service_name:-$1}"
+ file=${pp_solaris_service_script:-"/etc/init.d/${pp_solaris_service_script_name:-$svc}"}
+
+ echo '
+'$file' stop >/dev/null 2>/dev/null
+if [ "x${PKG_INSTALL_ROOT}" = 'x' ]; then
+ if [ -x /usr/sbin/svcadm ] ; then
+ # Likely un-needed, but just in case.
+ /usr/sbin/svcadm disable -s '$svc' 2>/dev/null
+ /usr/sbin/svccfg delete '$svc' 2>/dev/null
+ fi
+fi
+ '
+}
+
pp_solaris_install_service () {
- typeset s k l
- s="${solaris_sysv_init_start}$1"
- k="${solaris_sysv_init_kill}$1"
+ typeset s k l file svc
- echo 'case " $SERVICES " in *" '$1' "*)'
+ svc="${pp_solaris_smf_service_name:-$1}"
+ file=${pp_solaris_service_script:-"/etc/init.d/${pp_solaris_service_script_name:-$svc}"}
+
+ s="${solaris_sysv_init_start}$svc"
+ k="${solaris_sysv_init_kill}$svc"
+
echo '
if [ "x${PKG_INSTALL_ROOT}" != "x" ]; then
if [ -x ${PKG_INSTALL_ROOT}/usr/sbin/svcadm ]; then
@@ -3544,7 +3703,7 @@
for state in ${solaris_sysv_init_start_states}; do
l="/etc/rc$state.d/$s"
echo "echo '$l'"
- echo "installf -c run \$PKGINST \$PKG_INSTALL_ROOT$l=../init.d/$1 s"
+ echo "installf -c run \$PKGINST \$PKG_INSTALL_ROOT$l=$file s"
pp_solaris_space /etc/rc$state.d 0 1
done
test -n "${solaris_sysv_init_kill_states}" &&
@@ -3551,7 +3710,7 @@
for state in ${solaris_sysv_init_kill_states}; do
l="/etc/rc$state.d/$k"
echo "echo '$l'"
- echo "installf -c run \$PKGINST \$PKG_INSTALL_ROOT$l=../init.d/$1 s"
+ echo "installf -c run \$PKGINST \$PKG_INSTALL_ROOT$l=$file s"
pp_solaris_space /etc/rc$state.d 0 1
done
echo '
@@ -3558,16 +3717,16 @@
fi
else
if [ -x /usr/sbin/svcadm ]; then
- echo "Registering '$1' with SMF"
- /usr/sbin/svcadm disable -s '$1' 2>/dev/null
- /usr/sbin/svccfg delete '$1' 2>/dev/null
- /usr/sbin/svccfg import '$pp_svc_xml_file' 2>/dev/null
+ echo "Registering '$svc' with SMF"
+ /usr/sbin/svcadm disable -s '$svc' 2>/dev/null
+ /usr/sbin/svccfg delete '$svc' 2>/dev/null
+ /usr/sbin/svccfg import '$pp_svc_xml_file'
else'
test -n "${solaris_sysv_init_start_states}" &&
for state in ${solaris_sysv_init_start_states}; do
l="/etc/rc$state.d/$s"
echo "echo '$l'"
- echo "installf -c run \$PKGINST \$PKG_INSTALL_ROOT$l=../init.d/$1 s"
+ echo "installf -c run \$PKGINST \$PKG_INSTALL_ROOT$l=$file s"
pp_solaris_space /etc/rc$state.d 0 1
done
test -n "${solaris_sysv_init_kill_states}" &&
@@ -3574,11 +3733,12 @@
for state in ${solaris_sysv_init_kill_states}; do
l="/etc/rc$state.d/$k"
echo "echo '$l'"
- echo "installf -c run \$PKGINST \$PKG_INSTALL_ROOT$l=../init.d/$1 s"
+ echo "installf -c run \$PKGINST \$PKG_INSTALL_ROOT$l=$file s"
pp_solaris_space /etc/rc$state.d 0 1
done
- echo " :;; esac"
-
+ echo '
+ fi
+fi'
}
pp_platforms="$pp_platforms deb"
@@ -3666,11 +3826,24 @@
pp_deb_arch_std=`uname -m`
}
+pp_deb_sanitize_version() {
+ echo "$@" | tr -d -c '[:alnum:].+-:~'
+}
+
+pp_deb_version_final() {
+ if test -n "$pp_deb_version"; then
+ # Don't sanitize; assume the user is sane (hah!)
+ echo "$pp_deb_version"
+ else
+ pp_deb_sanitize_version "$version"
+ fi
+}
+
pp_deb_make_control() {
package_name=`pp_deb_cmp_full_name "$1"`
cat <<-.
Package: ${package_name}
- Version: ${pp_deb_version:-$version}-${pp_deb_release:-1}
+ Version: `pp_deb_version_final`-${pp_deb_release:-1}
Section: ${pp_deb_section:-contrib}
Priority: optional
Architecture: ${pp_deb_arch}
@@ -3897,7 +4070,7 @@
pp_deb_name () {
local cmp="${1:-run}"
- echo `pp_deb_cmp_full_name $cmp`"_${pp_deb_version:-$version}-${pp_deb_release:-1}_${pp_deb_arch}.deb"
+ echo `pp_deb_cmp_full_name $cmp`"_"`pp_deb_version_final`"-${pp_deb_release:-1}_${pp_deb_arch}.deb"
}
pp_backend_deb_names () {
for cmp in $pp_components
@@ -5130,6 +5303,15 @@
pp_rpm_distro=`awk '
/^White Box Enterprise Linux release/ { print "wbel" $6; exit; }
' /etc/whitebox-release`
+ elif test -f /etc/mandrakelinux-release; then
+ pp_rpm_distro=`awk '
+ /^Mandrakelinux release/ { print "mand" $3; exit; }
+ ' /etc/mandrake-release`
+ elif test -f /etc/mandrake-release; then
+ pp_rpm_distro=`awk '
+ /^Linux Mandrake release/ { print "mand" $4; exit; }
+ /^Mandrake Linux release/ { print "mand" $4; exit; }
+ ' /etc/mandrake-release`
elif test -f /etc/fedora-release; then
pp_rpm_distro=`awk '
/^Fedora Core release/ { print "fc" $4; exit; }
@@ -5221,10 +5403,34 @@
*"executable (RISC System/6000)"*)
farch=ppc;;
*"64-bit XCOFF executable"*)
- fatch=ppc64;;
+ farch=ppc64;;
+ *" ELF "*)
+ farch=ELF;;
*)
farch=noarch;;
esac
+ # If file(1) doesn't provide enough info, try readelf(1)
+ if test "$farch" = "ELF"; then
+ fo=`readelf -h "${pp_destdir}$p" | awk '{if ($1 == "Class:") {class=$2} else if ($1 == "Machine:") {machine=$0; sub(/^ *Machine: */, "", machine)}} END {print class " " machine}' 2>/dev/null`
+ case "$fo" in
+ "ELF32 Intel 80386")
+ farch=i386;;
+ "ELF64 "*[xX]"86-64")
+ farch=x86_64;;
+ "ELF32 PowerPC")
+ farch=ppc;;
+ "ELF64 PowerPC")
+ farch=ppc64;;
+ "ELF64 IA-64")
+ farch=ia64;;
+ "ELF32 IBM S/390")
+ farch=s390;;
+ "ELF64 IBM S/390")
+ farch=s390x;;
+ *)
+ farch=noarch;;
+ esac
+ fi
pp_debug "file: $fo -> $farch"
test x"$farch" = x"noarch" || pp_add_to_list pp_rpm_arch_seen $farch
fi
@@ -6244,6 +6450,8 @@
pp_macos_prog_packagemaker=/Developer/usr/bin/packagemaker
pp_macos_pkg_domain=anywhere
pp_macos_pkg_extra_flags=
+ # OS X puts the library version *before* the .dylib extension
+ pp_shlib_suffix='*.dylib'
}
pp_macos_plist () {
@@ -6621,6 +6829,8 @@
)
rm -rf $pp_wrkdir/bom_stage
+
+ hdiutil create -fs HFS+ -srcfolder $pkgdir -volname $name ${name}-${version}.dmg
}
pp_backend_macos_cleanup () {
Property changes on: trunk/contrib/sudo/pp
___________________________________________________________________
Deleted: svn:executable
## -1 +0,0 ##
-*
\ No newline at end of property
Modified: trunk/contrib/sudo/pwutil.c
===================================================================
--- trunk/contrib/sudo/pwutil.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/pwutil.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1996, 1998-2005, 2007-2010
+ * Copyright (c) 1996, 1998-2005, 2007-2011
* Todd C. Miller <Todd.Miller at courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
@@ -63,8 +63,26 @@
static int cmp_pwuid __P((const void *, const void *));
static int cmp_pwnam __P((const void *, const void *));
static int cmp_grgid __P((const void *, const void *));
-static int cmp_grnam __P((const void *, const void *));
+#define cmp_grnam cmp_pwnam
+
+#define ptr_to_item(p) ((struct cache_item *)((char *)(p) - sizeof(struct cache_item)))
+
+struct cache_item {
+ unsigned int refcnt;
+ /* key */
+ union {
+ uid_t uid;
+ gid_t gid;
+ char *name;
+ } k;
+ /* datum */
+ union {
+ struct passwd *pw;
+ struct group *gr;
+ } d;
+};
+
/*
* Compare by uid.
*/
@@ -73,9 +91,9 @@
const void *v1;
const void *v2;
{
- const struct passwd *pw1 = (const struct passwd *) v1;
- const struct passwd *pw2 = (const struct passwd *) v2;
- return(pw1->pw_uid - pw2->pw_uid);
+ const struct cache_item *ci1 = (const struct cache_item *) v1;
+ const struct cache_item *ci2 = (const struct cache_item *) v2;
+ return ci1->k.uid - ci2->k.uid;
}
/*
@@ -86,9 +104,9 @@
const void *v1;
const void *v2;
{
- const struct passwd *pw1 = (const struct passwd *) v1;
- const struct passwd *pw2 = (const struct passwd *) v2;
- return(strcasecmp(pw1->pw_name, pw2->pw_name));
+ const struct cache_item *ci1 = (const struct cache_item *) v1;
+ const struct cache_item *ci2 = (const struct cache_item *) v2;
+ return strcmp(ci1->k.name, ci2->k.name);
}
#define FIELD_SIZE(src, name, size) \
@@ -109,16 +127,22 @@
} while (0)
/*
- * Dynamically allocate space for a struct password and the constituent parts
- * that we care about. Fills in pw_passwd from shadow file.
+ * Dynamically allocate space for a struct item plus the key and data
+ * elements. If name is non-NULL it is used as the key, else the
+ * uid is the key. Fills in datum from struct password.
+ *
+ * We would like to fill in the encrypted password too but the
+ * call to the shadow function could overwrite the pw buffer (NIS).
*/
-static struct passwd *
-sudo_pwdup(pw)
+static struct cache_item *
+make_pwitem(pw, name)
const struct passwd *pw;
+ const char *name;
{
char *cp;
const char *pw_shell;
size_t nsize, psize, csize, gsize, dsize, ssize, total;
+ struct cache_item *item;
struct passwd *newpw;
/* If shell field is empty, expand to _PATH_BSHELL. */
@@ -127,7 +151,7 @@
/* Allocate in one big chunk for easy freeing. */
nsize = psize = csize = gsize = dsize = ssize = 0;
- total = sizeof(struct passwd);
+ total = sizeof(struct cache_item) + sizeof(struct passwd);
FIELD_SIZE(pw, pw_name, nsize);
FIELD_SIZE(pw, pw_passwd, psize);
#ifdef HAVE_LOGIN_CAP_H
@@ -138,15 +162,19 @@
/* Treat shell specially since we expand "" -> _PATH_BSHELL */
ssize = strlen(pw_shell) + 1;
total += ssize;
+ if (name != NULL)
+ total += strlen(name) + 1;
- if ((cp = malloc(total)) == NULL)
- return(NULL);
- newpw = (struct passwd *) cp;
+ /* Allocate space for struct item, struct passwd and the strings. */
+ if ((item = malloc(total)) == NULL)
+ return NULL;
+ cp = (char *) item + sizeof(struct cache_item);
/*
* Copy in passwd contents and make strings relative to space
* at the end of the buffer.
*/
+ newpw = (struct passwd *) cp;
memcpy(newpw, pw, sizeof(struct passwd));
cp += sizeof(struct passwd);
FIELD_COPY(pw, newpw, pw_name, nsize);
@@ -159,10 +187,45 @@
/* Treat shell specially since we expand "" -> _PATH_BSHELL */
memcpy(cp, pw_shell, ssize);
newpw->pw_shell = cp;
+ cp += ssize;
- return(newpw);
+ /* Set key and datum. */
+ if (name != NULL) {
+ memcpy(cp, name, strlen(name) + 1);
+ item->k.name = cp;
+ } else {
+ item->k.uid = pw->pw_uid;
+ }
+ item->d.pw = newpw;
+ item->refcnt = 1;
+
+ return item;
}
+void
+pw_addref(pw)
+ struct passwd *pw;
+{
+ ptr_to_item(pw)->refcnt++;
+}
+
+static void
+pw_delref_item(v)
+ void *v;
+{
+ struct cache_item *item = v;
+
+ if (--item->refcnt == 0)
+ efree(item);
+}
+
+void
+pw_delref(pw)
+ struct passwd *pw;
+{
+ pw_delref_item(ptr_to_item(pw));
+}
+
/*
* Get a password entry by uid and allocate space for it.
* Fills in pw_passwd from shadow file if necessary.
@@ -171,13 +234,12 @@
sudo_getpwuid(uid)
uid_t uid;
{
- struct passwd key, *pw;
+ struct cache_item key, *item;
struct rbnode *node;
- char *cp;
- key.pw_uid = uid;
+ key.k.uid = uid;
if ((node = rbfind(pwcache_byuid, &key)) != NULL) {
- pw = (struct passwd *) node->data;
+ item = (struct cache_item *) node->data;
goto done;
}
/*
@@ -186,27 +248,26 @@
#ifdef HAVE_SETAUTHDB
aix_setauthdb(IDtouser(uid));
#endif
- if ((pw = getpwuid(uid)) != NULL) {
- pw = sudo_pwdup(pw);
- cp = sudo_getepw(pw); /* get shadow password */
- if (pw->pw_passwd != NULL)
- zero_bytes(pw->pw_passwd, strlen(pw->pw_passwd));
- pw->pw_passwd = cp;
- if (rbinsert(pwcache_byuid, (void *) pw) != NULL)
- errorx(1, "unable to cache uid %lu (%s), already exists",
- uid, pw->pw_name);
+ if ((key.d.pw = getpwuid(uid)) != NULL) {
+ item = make_pwitem(key.d.pw, NULL);
+ if (rbinsert(pwcache_byuid, item) != NULL)
+ errorx(1, "unable to cache uid %u (%s), already exists",
+ (unsigned int) uid, item->d.pw->pw_name);
} else {
- pw = emalloc(sizeof(*pw));
- zero_bytes(pw, sizeof(*pw));
- pw->pw_uid = uid;
- if (rbinsert(pwcache_byuid, (void *) pw) != NULL)
- errorx(1, "unable to cache uid %lu, already exists", uid);
+ item = emalloc(sizeof(*item));
+ item->refcnt = 1;
+ item->k.uid = uid;
+ item->d.pw = NULL;
+ if (rbinsert(pwcache_byuid, item) != NULL)
+ errorx(1, "unable to cache uid %u, already exists",
+ (unsigned int) uid);
}
#ifdef HAVE_SETAUTHDB
aix_restoreauthdb();
#endif
done:
- return(pw->pw_name != NULL ? pw : NULL);
+ item->refcnt++;
+ return item->d.pw;
}
/*
@@ -217,14 +278,13 @@
sudo_getpwnam(name)
const char *name;
{
- struct passwd key, *pw;
+ struct cache_item key, *item;
struct rbnode *node;
size_t len;
- char *cp;
- key.pw_name = (char *) name;
+ key.k.name = (char *) name;
if ((node = rbfind(pwcache_byname, &key)) != NULL) {
- pw = (struct passwd *) node->data;
+ item = (struct cache_item *) node->data;
goto done;
}
/*
@@ -233,24 +293,18 @@
#ifdef HAVE_SETAUTHDB
aix_setauthdb((char *) name);
#endif
- if ((pw = getpwnam(name)) != NULL) {
- pw = sudo_pwdup(pw);
- cp = sudo_getepw(pw); /* get shadow password */
- if (pw->pw_passwd != NULL)
- zero_bytes(pw->pw_passwd, strlen(pw->pw_passwd));
- pw->pw_passwd = cp;
- if (rbinsert(pwcache_byname, (void *) pw) != NULL)
+ if ((key.d.pw = getpwnam(name)) != NULL) {
+ item = make_pwitem(key.d.pw, name);
+ if (rbinsert(pwcache_byname, item) != NULL)
errorx(1, "unable to cache user %s, already exists", name);
} else {
len = strlen(name) + 1;
- cp = emalloc(sizeof(*pw) + len);
- zero_bytes(cp, sizeof(*pw));
- pw = (struct passwd *) cp;
- cp += sizeof(*pw);
- memcpy(cp, name, len);
- pw->pw_name = cp;
- pw->pw_uid = (uid_t) -1;
- if (rbinsert(pwcache_byname, (void *) pw) != NULL)
+ item = emalloc(sizeof(*item) + len);
+ item->refcnt = 1;
+ item->k.name = (char *) item + sizeof(*item);
+ memcpy(item->k.name, name, len);
+ item->d.pw = NULL;
+ if (rbinsert(pwcache_byname, item) != NULL)
errorx(1, "unable to cache user %s, already exists", name);
}
#ifdef HAVE_SETAUTHDB
@@ -257,7 +311,8 @@
aix_restoreauthdb();
#endif
done:
- return(pw->pw_uid != (uid_t) -1 ? pw : NULL);
+ item->refcnt++;
+ return item->d.pw;
}
/*
@@ -268,68 +323,54 @@
const char *user;
gid_t gid;
{
+ struct cache_item *item;
struct passwd *pw;
struct rbnode *node;
- size_t len;
+ size_t len, namelen;
+ int i;
- len = strlen(user);
- pw = emalloc(sizeof(struct passwd) + len + 1 /* pw_name */ +
+ namelen = strlen(user);
+ len = sizeof(*item) + sizeof(*pw) + namelen + 1 /* pw_name */ +
sizeof("*") /* pw_passwd */ + sizeof("") /* pw_gecos */ +
- sizeof("/") /* pw_dir */ + sizeof(_PATH_BSHELL));
- zero_bytes(pw, sizeof(struct passwd));
- pw->pw_uid = (uid_t) atoi(user + 1);
- pw->pw_gid = gid;
- pw->pw_name = (char *)pw + sizeof(struct passwd);
- memcpy(pw->pw_name, user, len + 1);
- pw->pw_passwd = pw->pw_name + len + 1;
- memcpy(pw->pw_passwd, "*", 2);
- pw->pw_gecos = pw->pw_passwd + 2;
- pw->pw_gecos[0] = '\0';
- pw->pw_dir = pw->pw_gecos + 1;
- memcpy(pw->pw_dir, "/", 2);
- pw->pw_shell = pw->pw_dir + 2;
- memcpy(pw->pw_shell, _PATH_BSHELL, sizeof(_PATH_BSHELL));
+ sizeof("/") /* pw_dir */ + sizeof(_PATH_BSHELL);
- /* Store by uid and by name, overwriting cached version. */
- if ((node = rbinsert(pwcache_byuid, pw)) != NULL) {
- efree(node->data);
- node->data = (void *) pw;
- }
- if ((node = rbinsert(pwcache_byname, pw)) != NULL) {
- efree(node->data);
- node->data = (void *) pw;
- }
- return(pw);
-}
+ for (i = 0; i < 2; i++) {
+ item = emalloc(len);
+ zero_bytes(item, sizeof(*item) + sizeof(*pw));
+ pw = (struct passwd *) ((char *)item + sizeof(*item));
+ pw->pw_uid = (uid_t) atoi(user + 1);
+ pw->pw_gid = gid;
+ pw->pw_name = (char *)pw + sizeof(struct passwd);
+ memcpy(pw->pw_name, user, namelen + 1);
+ pw->pw_passwd = pw->pw_name + namelen + 1;
+ memcpy(pw->pw_passwd, "*", 2);
+ pw->pw_gecos = pw->pw_passwd + 2;
+ pw->pw_gecos[0] = '\0';
+ pw->pw_dir = pw->pw_gecos + 1;
+ memcpy(pw->pw_dir, "/", 2);
+ pw->pw_shell = pw->pw_dir + 2;
+ memcpy(pw->pw_shell, _PATH_BSHELL, sizeof(_PATH_BSHELL));
-/*
- * Take a gid in string form "#123" and return a faked up group struct.
- */
-struct group *
-sudo_fakegrnam(group)
- const char *group;
-{
- struct group *gr;
- struct rbnode *node;
- size_t len;
-
- len = strlen(group);
- gr = emalloc(sizeof(struct group) + len + 1);
- zero_bytes(gr, sizeof(struct group));
- gr->gr_gid = (gid_t) atoi(group + 1);
- gr->gr_name = (char *)gr + sizeof(struct group);
- strlcpy(gr->gr_name, group, len + 1);
-
- /* Store by gid and by name, overwriting cached version. */
- if ((node = rbinsert(grcache_bygid, gr)) != NULL) {
- efree(node->data);
- node->data = (void *) gr;
+ item->refcnt = 1;
+ item->d.pw = pw;
+ if (i == 0) {
+ /* Store by uid, overwriting cached version. */
+ item->k.uid = pw->pw_uid;
+ if ((node = rbinsert(pwcache_byuid, item)) != NULL) {
+ pw_delref_item(node->data);
+ node->data = item;
+ }
+ } else {
+ /* Store by name, overwriting cached version. */
+ item->k.name = pw->pw_name;
+ if ((node = rbinsert(pwcache_byname, item)) != NULL) {
+ pw_delref_item(node->data);
+ node->data = item;
+ }
+ }
}
- if ((node = rbinsert(grcache_byname, gr)) != NULL) {
- efree(node->data);
- node->data = (void *) gr;
- }
- return(gr);
+ item->refcnt++;
+ return pw;
}
void
@@ -336,7 +377,6 @@
sudo_setpwent()
{
setpwent();
- sudo_setspent();
if (pwcache_byuid == NULL)
pwcache_byuid = rbcreate(cmp_pwuid);
if (pwcache_byname == NULL)
@@ -343,44 +383,24 @@
pwcache_byname = rbcreate(cmp_pwnam);
}
-#ifdef PURIFY
-static void pw_free __P((void *));
-
void
sudo_freepwcache()
{
if (pwcache_byuid != NULL) {
- rbdestroy(pwcache_byuid, pw_free);
+ rbdestroy(pwcache_byuid, pw_delref_item);
pwcache_byuid = NULL;
}
if (pwcache_byname != NULL) {
- rbdestroy(pwcache_byname, NULL);
+ rbdestroy(pwcache_byname, pw_delref_item);
pwcache_byname = NULL;
}
}
-static void
-pw_free(v)
- void *v;
-{
- struct passwd *pw = (struct passwd *) v;
-
- if (pw->pw_passwd != NULL) {
- zero_bytes(pw->pw_passwd, strlen(pw->pw_passwd));
- efree(pw->pw_passwd);
- }
- efree(pw);
-}
-#endif /* PURIFY */
-
void
sudo_endpwent()
{
endpwent();
- sudo_endspent();
-#ifdef PURIFY
sudo_freepwcache();
-#endif
}
/*
@@ -391,35 +411,29 @@
const void *v1;
const void *v2;
{
- const struct group *grp1 = (const struct group *) v1;
- const struct group *grp2 = (const struct group *) v2;
- return(grp1->gr_gid - grp2->gr_gid);
+ const struct cache_item *ci1 = (const struct cache_item *) v1;
+ const struct cache_item *ci2 = (const struct cache_item *) v2;
+ return ci1->k.gid - ci2->k.gid;
}
/*
- * Compare by group name.
+ * Dynamically allocate space for a struct item plus the key and data
+ * elements. If name is non-NULL it is used as the key, else the
+ * gid is the key. Fills in datum from struct group.
*/
-static int
-cmp_grnam(v1, v2)
- const void *v1;
- const void *v2;
-{
- const struct group *grp1 = (const struct group *) v1;
- const struct group *grp2 = (const struct group *) v2;
- return(strcasecmp(grp1->gr_name, grp2->gr_name));
-}
-
-struct group *
-sudo_grdup(gr)
+static struct cache_item *
+make_gritem(gr, name)
const struct group *gr;
+ const char *name;
{
char *cp;
size_t nsize, psize, nmem, total, len;
+ struct cache_item *item;
struct group *newgr;
/* Allocate in one big chunk for easy freeing. */
nsize = psize = nmem = 0;
- total = sizeof(struct group);
+ total = sizeof(struct cache_item) + sizeof(struct group);
FIELD_SIZE(gr, gr_name, nsize);
FIELD_SIZE(gr, gr_passwd, psize);
if (gr->gr_mem) {
@@ -428,16 +442,20 @@
nmem++;
total += sizeof(char *) * nmem;
}
- if ((cp = malloc(total)) == NULL)
- return(NULL);
- newgr = (struct group *)cp;
+ if (name != NULL)
+ total += strlen(name) + 1;
+ if ((item = malloc(total)) == NULL)
+ return NULL;
+ cp = (char *) item + sizeof(struct cache_item);
+
/*
* Copy in group contents and make strings relative to space
* at the end of the buffer. Note that gr_mem must come
* immediately after struct group to guarantee proper alignment.
*/
- (void)memcpy(newgr, gr, sizeof(struct group));
+ newgr = (struct group *)cp;
+ memcpy(newgr, gr, sizeof(struct group));
cp += sizeof(struct group);
if (gr->gr_mem) {
newgr->gr_mem = (char **)cp;
@@ -453,9 +471,43 @@
FIELD_COPY(gr, newgr, gr_passwd, psize);
FIELD_COPY(gr, newgr, gr_name, nsize);
- return(newgr);
+ /* Set key and datum. */
+ if (name != NULL) {
+ memcpy(cp, name, strlen(name) + 1);
+ item->k.name = cp;
+ } else {
+ item->k.gid = gr->gr_gid;
+ }
+ item->d.gr = newgr;
+ item->refcnt = 1;
+
+ return item;
}
+void
+gr_addref(gr)
+ struct group *gr;
+{
+ ptr_to_item(gr)->refcnt++;
+}
+
+static void
+gr_delref_item(v)
+ void *v;
+{
+ struct cache_item *item = v;
+
+ if (--item->refcnt == 0)
+ efree(item);
+}
+
+void
+gr_delref(gr)
+ struct group *gr;
+{
+ gr_delref_item(ptr_to_item(gr));
+}
+
/*
* Get a group entry by gid and allocate space for it.
*/
@@ -463,31 +515,34 @@
sudo_getgrgid(gid)
gid_t gid;
{
- struct group key, *gr;
+ struct cache_item key, *item;
struct rbnode *node;
- key.gr_gid = gid;
+ key.k.gid = gid;
if ((node = rbfind(grcache_bygid, &key)) != NULL) {
- gr = (struct group *) node->data;
+ item = (struct cache_item *) node->data;
goto done;
}
/*
* Cache group db entry if it exists or a negative response if not.
*/
- if ((gr = getgrgid(gid)) != NULL) {
- gr = sudo_grdup(gr);
- if (rbinsert(grcache_bygid, (void *) gr) != NULL)
- errorx(1, "unable to cache gid %lu (%s), already exists",
- gid, gr->gr_name);
+ if ((key.d.gr = getgrgid(gid)) != NULL) {
+ item = make_gritem(key.d.gr, NULL);
+ if (rbinsert(grcache_bygid, item) != NULL)
+ errorx(1, "unable to cache gid %u (%s), already exists",
+ (unsigned int) gid, key.d.gr->gr_name);
} else {
- gr = emalloc(sizeof(*gr));
- zero_bytes(gr, sizeof(*gr));
- gr->gr_gid = gid;
- if (rbinsert(grcache_bygid, (void *) gr) != NULL)
- errorx(1, "unable to cache gid %lu, already exists, gid");
+ item = emalloc(sizeof(*item));
+ item->refcnt = 1;
+ item->k.gid = gid;
+ item->d.gr = NULL;
+ if (rbinsert(grcache_bygid, item) != NULL)
+ errorx(1, "unable to cache gid %u, already exists",
+ (unsigned int) gid);
}
done:
- return(gr->gr_name != NULL ? gr : NULL);
+ item->refcnt++;
+ return item->d.gr;
}
/*
@@ -497,39 +552,83 @@
sudo_getgrnam(name)
const char *name;
{
- struct group key, *gr;
+ struct cache_item key, *item;
struct rbnode *node;
size_t len;
- char *cp;
- key.gr_name = (char *) name;
+ key.k.name = (char *) name;
if ((node = rbfind(grcache_byname, &key)) != NULL) {
- gr = (struct group *) node->data;
+ item = (struct cache_item *) node->data;
goto done;
}
/*
* Cache group db entry if it exists or a negative response if not.
*/
- if ((gr = getgrnam(name)) != NULL) {
- gr = sudo_grdup(gr);
- if (rbinsert(grcache_byname, (void *) gr) != NULL)
+ if ((key.d.gr = getgrnam(name)) != NULL) {
+ item = make_gritem(key.d.gr, name);
+ if (rbinsert(grcache_byname, item) != NULL)
errorx(1, "unable to cache group %s, already exists", name);
} else {
len = strlen(name) + 1;
- cp = emalloc(sizeof(*gr) + len);
- zero_bytes(cp, sizeof(*gr));
- gr = (struct group *) cp;
- cp += sizeof(*gr);
- memcpy(cp, name, len);
- gr->gr_name = cp;
- gr->gr_gid = (gid_t) -1;
- if (rbinsert(grcache_byname, (void *) gr) != NULL)
+ item = emalloc(sizeof(*item) + len);
+ item->refcnt = 1;
+ item->k.name = (char *) item + sizeof(*item);
+ memcpy(item->k.name, name, len);
+ item->d.gr = NULL;
+ if (rbinsert(grcache_byname, item) != NULL)
errorx(1, "unable to cache group %s, already exists", name);
}
done:
- return(gr->gr_gid != (gid_t) -1 ? gr : NULL);
+ item->refcnt++;
+ return item->d.gr;
}
+/*
+ * Take a gid in string form "#123" and return a faked up group struct.
+ */
+struct group *
+sudo_fakegrnam(group)
+ const char *group;
+{
+ struct cache_item *item;
+ struct group *gr;
+ struct rbnode *node;
+ size_t len, namelen;
+ int i;
+
+ namelen = strlen(group);
+ len = sizeof(*item) + sizeof(*gr) + namelen + 1;
+
+ for (i = 0; i < 2; i++) {
+ item = emalloc(len);
+ zero_bytes(item, sizeof(*item) + sizeof(*gr));
+ gr = (struct group *) ((char *)item + sizeof(*item));
+ gr->gr_gid = (gid_t) atoi(group + 1);
+ gr->gr_name = (char *)gr + sizeof(struct group);
+ memcpy(gr->gr_name, group, namelen + 1);
+
+ item->refcnt = 1;
+ item->d.gr = gr;
+ if (i == 0) {
+ /* Store by gid, overwriting cached version. */
+ item->k.gid = gr->gr_gid;
+ if ((node = rbinsert(grcache_bygid, item)) != NULL) {
+ gr_delref_item(node->data);
+ node->data = item;
+ }
+ } else {
+ /* Store by name, overwriting cached version. */
+ item->k.name = gr->gr_name;
+ if ((node = rbinsert(grcache_byname, item)) != NULL) {
+ gr_delref_item(node->data);
+ node->data = item;
+ }
+ }
+ }
+ item->refcnt++;
+ return gr;
+}
+
void
sudo_setgrent()
{
@@ -540,28 +639,24 @@
grcache_byname = rbcreate(cmp_grnam);
}
-#ifdef PURIFY
void
sudo_freegrcache()
{
if (grcache_bygid != NULL) {
- rbdestroy(grcache_bygid, free);
+ rbdestroy(grcache_bygid, gr_delref_item);
grcache_bygid = NULL;
}
if (grcache_byname != NULL) {
- rbdestroy(grcache_byname, NULL);
+ rbdestroy(grcache_byname, gr_delref_item);
grcache_byname = NULL;
}
}
-#endif /* PURIFY */
void
sudo_endgrent()
{
endgrent();
-#ifdef PURIFY
sudo_freegrcache();
-#endif
}
int
@@ -577,6 +672,7 @@
int i;
#endif
struct group *grp;
+ int retval = FALSE;
#ifdef HAVE_SETAUTHDB
aix_setauthdb(pw->pw_name);
@@ -586,23 +682,29 @@
aix_restoreauthdb();
#endif
if (grp == NULL)
- return(FALSE);
+ goto done;
/* check against user's primary (passwd file) gid */
- if (grp->gr_gid == pw->pw_gid)
- return(TRUE);
+ if (grp->gr_gid == pw->pw_gid) {
+ retval = TRUE;
+ goto done;
+ }
#ifdef HAVE_MBR_CHECK_MEMBERSHIP
/* If we are matching the invoking user use the stashed uuid. */
if (strcmp(pw->pw_name, user_name) == 0) {
if (mbr_gid_to_uuid(grp->gr_gid, gu) == 0 &&
- mbr_check_membership(user_uuid, gu, &ismember) == 0 && ismember)
- return(TRUE);
+ mbr_check_membership(user_uuid, gu, &ismember) == 0 && ismember) {
+ retval = TRUE;
+ goto done;
+ }
} else {
if (mbr_uid_to_uuid(pw->pw_uid, uu) == 0 &&
mbr_gid_to_uuid(grp->gr_gid, gu) == 0 &&
- mbr_check_membership(uu, gu, &ismember) == 0 && ismember)
- return(TRUE);
+ mbr_check_membership(uu, gu, &ismember) == 0 && ismember) {
+ retval = TRUE;
+ goto done;
+ }
}
#else /* HAVE_MBR_CHECK_MEMBERSHIP */
# ifdef HAVE_GETGROUPS
@@ -613,8 +715,10 @@
if (user_ngroups > 0 &&
strcmp(pw->pw_name, list_pw ? list_pw->pw_name : user_name) == 0) {
for (i = 0; i < user_ngroups; i++) {
- if (grp->gr_gid == user_groups[i])
- return(TRUE);
+ if (grp->gr_gid == user_groups[i]) {
+ retval = TRUE;
+ goto done;
+ }
}
} else
# endif /* HAVE_GETGROUPS */
@@ -621,12 +725,17 @@
{
if (grp != NULL && grp->gr_mem != NULL) {
for (gr_mem = grp->gr_mem; *gr_mem; gr_mem++) {
- if (strcmp(*gr_mem, pw->pw_name) == 0)
- return(TRUE);
+ if (strcmp(*gr_mem, pw->pw_name) == 0) {
+ retval = TRUE;
+ goto done;
+ }
}
}
}
#endif /* HAVE_MBR_CHECK_MEMBERSHIP */
- return(FALSE);
+done:
+ if (grp != NULL)
+ gr_delref(grp);
+ return retval;
}
Modified: trunk/contrib/sudo/redblack.c
===================================================================
--- trunk/contrib/sudo/redblack.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/redblack.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -110,7 +110,7 @@
tree->root.color = black;
tree->root.data = NULL;
- return(tree);
+ return tree;
}
/*
@@ -181,7 +181,7 @@
while (node != rbnil(tree)) {
parent = node;
if ((res = tree->compar(data, node->data)) == 0)
- return(node);
+ return node;
node = res < 0 ? node->left : node->right;
}
@@ -255,7 +255,7 @@
}
}
rbfirst(tree)->color = black; /* first node is always black */
- return(NULL);
+ return NULL;
}
/*
@@ -272,10 +272,10 @@
while (node != rbnil(tree)) {
if ((res = tree->compar(key, node->data)) == 0)
- return(node);
+ return node;
node = res < 0 ? node->left : node->right;
}
- return(NULL);
+ return NULL;
}
/*
@@ -296,19 +296,19 @@
if (node != rbnil(tree)) {
if (order == preorder)
if ((error = func(node->data, cookie)) != 0)
- return(error);
+ return error;
if ((error = rbapply_node(tree, node->left, func, cookie, order)) != 0)
- return(error);
+ return error;
if (order == inorder)
if ((error = func(node->data, cookie)) != 0)
- return(error);
+ return error;
if ((error = rbapply_node(tree, node->right, func, cookie, order)) != 0)
- return(error);
+ return error;
if (order == postorder)
if ((error = func(node->data, cookie)) != 0)
- return(error);
+ return error;
}
- return (0);
+ return 0;
}
/*
@@ -331,7 +331,7 @@
if (succ == rbroot(tree))
succ = rbnil(tree);
}
- return(succ);
+ return succ;
}
/*
@@ -404,7 +404,7 @@
}
free(z);
- return (data);
+ return data;
}
/*
Modified: trunk/contrib/sudo/schema.ActiveDirectory
===================================================================
--- trunk/contrib/sudo/schema.ActiveDirectory 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/schema.ActiveDirectory 2014-10-02 03:20:49 UTC (rev 6803)
@@ -158,6 +158,63 @@
schemaIDGUID:: xJhSt/Yd3RGJPTB1VtiVkw==
objectCategory: CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=X
+dn: CN=sudoNotBefore,CN=Schema,CN=Configuration,DC=X
+changetype: add
+objectClass: top
+objectClass: attributeSchema
+cn: sudoNotBefore
+distinguishedName: CN=sudoNotBefore,CN=Schema,CN=Configuration,DC=X
+instanceType: 4
+attributeID: 1.3.6.1.4.1.15953.9.1.8
+attributeSyntax: 1.3.6.1.4.1.1466.115.121.1.24
+isSingleValued: TRUE
+showInAdvancedViewOnly: TRUE
+adminDisplayName: sudoNotBefore
+adminDescription: Start of time interval for which the entry is valid
+oMSyntax: 22
+lDAPDisplayName: sudoNotBefore
+name: sudoNotBefore
+schemaIDGUID:: xJhSt/Yd3RGJPTB1VtiVkw==
+objectCategory: CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=X
+
+dn: CN=sudoNotAfter,CN=Schema,CN=Configuration,DC=X
+changetype: add
+objectClass: top
+objectClass: attributeSchema
+cn: sudoNotAfter
+distinguishedName: CN=sudoNotAfter,CN=Schema,CN=Configuration,DC=X
+instanceType: 4
+attributeID: 1.3.6.1.4.1.15953.9.1.9
+attributeSyntax: 1.3.6.1.4.1.1466.115.121.1.24
+isSingleValued: TRUE
+showInAdvancedViewOnly: TRUE
+adminDisplayName: sudoNotAfter
+adminDescription: End of time interval for which the entry is valid
+oMSyntax: 22
+lDAPDisplayName: sudoNotAfter
+name: sudoNotAfter
+schemaIDGUID:: xJhSt/Yd3RGJPTB1VtiVkw==
+objectCategory: CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=X
+
+dn: CN=sudoOrder,CN=Schema,CN=Configuration,DC=X
+changetype: add
+objectClass: top
+objectClass: attributeSchema
+cn: sudoOrder
+distinguishedName: CN=sudoOrder,CN=Schema,CN=Configuration,DC=X
+instanceType: 4
+attributeID: 1.3.6.1.4.1.15953.9.1.10
+attributeSyntax: 1.3.6.1.4.1.1466.115.121.1.27
+isSingleValued: TRUE
+showInAdvancedViewOnly: TRUE
+adminDisplayName: sudoOrder
+adminDescription: an integer to order the sudoRole entries
+oMSyntax: 22
+lDAPDisplayName: sudoOrder
+name: sudoOrder
+schemaIDGUID:: xJhSt/Yd3RGJPTB1VtiVkw==
+objectCategory: CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=X
+
dn:
changetype: modify
add: schemaUpdateNow
@@ -182,6 +239,9 @@
mayContain: sudoRunAsUser
mayContain: sudoRunAsGroup
mayContain: sudoUser
+mayContain: sudoNotBefore
+mayContain: sudoNotAfter
+mayContain: sudoOrder
rDNAttID: cn
showInAdvancedViewOnly: FALSE
adminDisplayName: sudoRole
Modified: trunk/contrib/sudo/schema.OpenLDAP
===================================================================
--- trunk/contrib/sudo/schema.OpenLDAP 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/schema.OpenLDAP 2014-10-02 03:20:49 UTC (rev 6803)
@@ -47,9 +47,30 @@
EQUALITY caseExactIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+attributetype ( 1.3.6.1.4.1.15953.9.1.8
+ NAME 'sudoNotBefore'
+ DESC 'Start of time interval for which the entry is valid'
+ EQUALITY generalizedTimeMatch
+ ORDERING generalizedTimeOrderingMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 )
+
+attributetype ( 1.3.6.1.4.1.15953.9.1.9
+ NAME 'sudoNotAfter'
+ DESC 'End of time interval for which the entry is valid'
+ EQUALITY generalizedTimeMatch
+ ORDERING generalizedTimeOrderingMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 )
+
+attributeTypes ( 1.3.6.1.4.1.15953.9.1.10
+ NAME 'sudoOrder'
+ DESC 'an integer to order the sudoRole entries'
+ EQUALITY integerMatch
+ ORDERING integerOrderingMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
+
objectclass ( 1.3.6.1.4.1.15953.9.2.1 NAME 'sudoRole' SUP top STRUCTURAL
DESC 'Sudoer Entries'
MUST ( cn )
- MAY ( sudoUser $ sudoHost $ sudoCommand $ sudoRunAs $ sudoRunAsUser $ sudoRunAsGroup $ sudoOption $
+ MAY ( sudoUser $ sudoHost $ sudoCommand $ sudoRunAs $ sudoRunAsUser $ sudoRunAsGroup $ sudoOption $ sudoOrder $ sudoNotBefore $ sudoNotAfter $
description )
)
Modified: trunk/contrib/sudo/schema.iPlanet
===================================================================
--- trunk/contrib/sudo/schema.iPlanet 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/schema.iPlanet 2014-10-02 03:20:49 UTC (rev 6803)
@@ -6,4 +6,7 @@
attributeTypes: ( 1.3.6.1.4.1.15953.9.1.5 NAME 'sudoOption' DESC 'Options(s) followed by sudo' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'SUDO' )
attributeTypes: ( 1.3.6.1.4.1.15953.9.1.6 NAME 'sudoRunAsUser' DESC 'User(s) impersonated by sudo' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'SUDO' )
attributeTypes: ( 1.3.6.1.4.1.15953.9.1.7 NAME 'sudoRunAsGroup' DESC 'Group(s) impersonated by sudo' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'SUDO' )
-objectClasses: ( 1.3.6.1.4.1.15953.9.2.1 NAME 'sudoRole' SUP top STRUCTURAL DESC 'Sudoer Entries' MUST ( cn ) MAY ( sudoUser $ sudoHost $ sudoCommand $ sudoRunAs $ sudoRunAsUser $ sudoRunAsGroup $ sudoOption $ description ) X-ORIGIN 'SUDO' )
+attributeTypes: ( 1.3.6.1.4.1.15953.9.1.8 NAME 'sudoNotBefore' DESC 'Start of time interval for which the entry is valid' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 )
+attributeTypes: ( 1.3.6.1.4.1.15953.9.1.9 NAME 'sudoNotAfter' DESC 'End of time interval for which the entry is valid' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 )
+attributeTypes: ( 1.3.6.1.4.1.15953.9.1.10 NAME 'sudoOrder' DESC 'an integer to order the sudoRole entries' EQUALITY integerMatch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
+objectClasses: ( 1.3.6.1.4.1.15953.9.2.1 NAME 'sudoRole' SUP top STRUCTURAL DESC 'Sudoer Entries' MUST ( cn ) MAY ( sudoUser $ sudoHost $ sudoCommand $ sudoRunAs $ sudoRunAsUser $ sudoRunAsGroup $ sudoOption $ sudoOrder $ sudoNotBefore $ sudoNotAfter $ description ) X-ORIGIN 'SUDO' )
Modified: trunk/contrib/sudo/sesh.c
===================================================================
--- trunk/contrib/sudo/sesh.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sesh.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -27,7 +27,7 @@
#include <string.h>
#include <unistd.h>
-#include "compat.h"
+#include "missing.h"
int
main (int argc, char **argv)
Modified: trunk/contrib/sudo/set_perms.c
===================================================================
--- trunk/contrib/sudo/set_perms.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/set_perms.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -87,7 +87,7 @@
CLR(perm, PERM_MASK);
if (perm == current_perm)
- return(1);
+ return 1;
switch (perm) {
case PERM_ROOT:
@@ -172,12 +172,12 @@
}
current_perm = perm;
- return(1);
+ return 1;
bad:
warningx("%s: %s", errstr,
errno == EAGAIN ? "too many processes" : strerror(errno));
if (noexit)
- return(0);
+ return 0;
exit(1);
}
@@ -201,7 +201,7 @@
CLR(perm, PERM_MASK);
if (perm == current_perm)
- return(1);
+ return 1;
switch (perm) {
case PERM_ROOT:
@@ -289,12 +289,12 @@
}
current_perm = perm;
- return(1);
+ return 1;
bad:
warningx("%s: %s", errstr,
errno == EAGAIN ? "too many processes" : strerror(errno));
if (noexit)
- return(0);
+ return 0;
exit(1);
}
@@ -316,7 +316,7 @@
CLR(perm, PERM_MASK);
if (perm == current_perm)
- return(1);
+ return 1;
/*
* Since we only have setuid() and seteuid() and semantics
@@ -408,12 +408,12 @@
}
current_perm = perm;
- return(1);
+ return 1;
bad:
warningx("%s: %s", errstr,
errno == EAGAIN ? "too many processes" : strerror(errno));
if (noexit)
- return(0);
+ return 0;
exit(1);
}
@@ -435,7 +435,7 @@
CLR(perm, PERM_MASK);
if (perm == current_perm)
- return(1);
+ return 1;
switch (perm) {
case PERM_ROOT:
@@ -472,12 +472,12 @@
}
current_perm = perm;
- return(1);
+ return 1;
bad:
warningx("%s: %s", errstr,
errno == EAGAIN ? "too many processes" : strerror(errno));
if (noexit)
- return(0);
+ return 0;
exit(1);
}
# endif /* HAVE_SETEUID */
Modified: trunk/contrib/sudo/setsid.c
===================================================================
--- trunk/contrib/sudo/setsid.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/setsid.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -26,7 +26,7 @@
#endif /* HAVE_UNISTD_H */
#include <pathnames.h>
-#include <compat.h>
+#include "missing.h"
pid_t
setsid()
Modified: trunk/contrib/sudo/sigaction.c
===================================================================
--- trunk/contrib/sudo/sigaction.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sigaction.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -18,10 +18,14 @@
* Materiel Command, USAF, under agreement number F39502-99-1-0512.
*/
+#include <config.h>
+
+#include <sys/types.h>
+
#include <signal.h>
#include <errno.h>
-#include <compat.h>
+#include "missing.h"
int
sigaction(signo, sa, osa)
@@ -43,7 +47,7 @@
if (!error && osa)
osa->sa_flags ^= SV_INTERRUPT; /* flip SV_INTERRUPT as above */
- return(error);
+ return error;
}
int
@@ -52,7 +56,7 @@
{
*set = 0;
- return(0);
+ return 0;
}
int
@@ -61,7 +65,7 @@
{
*set = ~0;;
- return(0);
+ return 0;
}
int
@@ -72,11 +76,11 @@
if (signo <= 0 || signo >= NSIG) {
errno = EINVAL;
- return(-1);
+ return -1;
}
SET(*set, sigmask(signo));
- return(0);
+ return 0;
}
int
@@ -87,11 +91,11 @@
if (signo <= 0 || signo >= NSIG) {
errno = EINVAL;
- return(-1);
+ return -1;
}
CLR(*set, sigmask(signo));
- return(0);
+ return 0;
}
int
@@ -100,7 +104,7 @@
int signo;
{
- return(ISSET(*set, sigmask(signo)));
+ return ISSET(*set, sigmask(signo));
}
int
@@ -120,18 +124,18 @@
mask = sigblock(*set);
break;
case SIG_UNBLOCK:
- mask = sigsetmask(~*set);
+ mask = sigsetmask(sigblock(0) & ~(*set));
break;
case SIG_SETMASK:
mask = sigsetmask(*set);
break;
default:
- return(-1);
+ return -1;
}
if (mask == -1)
- return(-1);
+ return -1;
if (oset)
*oset = mask;
- return(0);
+ return 0;
}
Modified: trunk/contrib/sudo/snprintf.c
===================================================================
--- trunk/contrib/sudo/snprintf.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/snprintf.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -76,7 +76,7 @@
# include <varargs.h>
#endif
-#include <compat.h>
+#include "missing.h"
static int xxxprintf __P((char **, size_t, int, const char *, va_list));
@@ -139,10 +139,10 @@
do {
if (*p++ == c)
- return ((void *)(p - 1));
+ return (void *)(p - 1);
} while (--n != 0);
}
- return (NULL);
+ return NULL;
}
#endif /* !HAVE_MEMCHR */
@@ -170,7 +170,7 @@
case 10:
if (val < 10) { /* many numbers are 1 digit */
*--cp = to_char(val);
- return (cp);
+ return cp;
}
/*
* On many machines, unsigned arithmetic is harder than
@@ -208,7 +208,7 @@
default: /* oops */
abort();
}
- return (cp);
+ return cp;
}
/* Identical to __ultoa, but for quads. */
@@ -229,12 +229,12 @@
/* quick test for small values; __ultoa is typically much faster */
/* (perhaps instead we should run until small, then call __ultoa?) */
if (val <= (unsigned long long)ULONG_MAX)
- return (__ultoa((unsigned long)val, endp, base, octzero, xdigs));
+ return __ultoa((unsigned long)val, endp, base, octzero, xdigs);
switch (base) {
case 10:
if (val < 10) {
*--cp = to_char(val % 10);
- return (cp);
+ return cp;
}
if (val > LLONG_MAX) {
*--cp = to_char(val % 10);
@@ -266,7 +266,7 @@
default: /* oops */
abort();
}
- return (cp);
+ return cp;
}
# endif /* !SIZEOF_LONG_INT */
#endif /* HAVE_LONG_LONG_INT */
@@ -291,9 +291,9 @@
int width; /* width from format (%8d), or 0 */
int prec; /* precision from format (%.3d), or -1 */
char sign; /* sign prefix (' ', '+', '-', or \0) */
- unsigned long ulval; /* integer arguments %[diouxX] */
+ unsigned long ulval = 0; /* integer arguments %[diouxX] */
#ifdef HAVE_LONG_LONG_INT
- unsigned long long uqval; /* %q (quad) integers */
+ unsigned long long uqval = 0; /* %q (quad) integers */
#endif
int base; /* base for [diouxX] conversion */
int dprec; /* a copy of prec if [diouxX], 0 otherwise */
@@ -300,7 +300,7 @@
int fieldsz; /* field size expanded by sign, etc */
int realsz; /* field size expanded by dprec */
int size; /* size of converted field or string */
- char *xdigs; /* digits for [xX] conversion */
+ char *xdigs = ""; /* digits for [xX] conversion */
char buf[BUF]; /* space for %c, %[diouxX], %[eEfgG] */
char ox[2]; /* space for 0x hex-prefix */
char *str; /* pointer to string to fill */
@@ -340,13 +340,13 @@
} while (0)
/* BEWARE, PAD uses `n'. */
-#define PAD(howmany, with) do { \
- if ((n = (howmany)) > 0) { \
+#define PAD(plen, pstr) do { \
+ if ((n = (plen)) > 0) { \
while (n > PADSIZE) { \
- PRINT(with, PADSIZE); \
+ PRINT(pstr, PADSIZE); \
n -= PADSIZE; \
} \
- PRINT(with, n); \
+ PRINT(pstr, n); \
} \
} while (0)
@@ -693,7 +693,7 @@
done:
if (strsize)
*str = '\0';
- return (ret);
+ return ret;
/* NOTREACHED */
}
@@ -706,7 +706,7 @@
va_list ap;
{
- return (xxxprintf(&str, n, 0, fmt, ap));
+ return xxxprintf(&str, n, 0, fmt, ap);
}
#endif /* HAVE_VSNPRINTF */
@@ -732,7 +732,7 @@
#endif
ret = xxxprintf(&str, n, 0, fmt, ap);
va_end(ap);
- return (ret);
+ return ret;
}
#endif /* HAVE_SNPRINTF */
@@ -744,7 +744,7 @@
va_list ap;
{
- return (xxxprintf(str, 0, 1, fmt, ap));
+ return xxxprintf(str, 0, 1, fmt, ap);
}
#endif /* HAVE_VASPRINTF */
@@ -769,6 +769,6 @@
#endif
ret = xxxprintf(str, 0, 1, fmt, ap);
va_end(ap);
- return (ret);
+ return ret;
}
#endif /* HAVE_ASPRINTF */
Modified: trunk/contrib/sudo/strcasecmp.c
===================================================================
--- trunk/contrib/sudo/strcasecmp.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/strcasecmp.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -14,10 +14,12 @@
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
-#include <sys/types.h>
#include <config.h>
-#include <compat.h>
+#include <sys/types.h>
+
+#include "missing.h"
+
/*
* Case insensitive string compare routines, same semantics as str[n]cmp()
* (assumes ASCII..).
Modified: trunk/contrib/sudo/strerror.c
===================================================================
--- trunk/contrib/sudo/strerror.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/strerror.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -18,11 +18,14 @@
* Materiel Command, USAF, under agreement number F39502-99-1-0512.
*/
+#include <config.h>
+
+#include <sys/types.h>
+
#include <stdio.h>
#include <errno.h>
-#include <config.h>
-#include <compat.h>
+#include "missing.h"
/*
* Map errno -> error string.
@@ -35,7 +38,7 @@
extern char *sys_errlist[];
if (n > 0 && n < sys_nerr)
- return(sys_errlist[n]);
+ return sys_errlist[n];
errno = EINVAL;
- return("Unknown error");
+ return "Unknown error";
}
Modified: trunk/contrib/sudo/strlcat.c
===================================================================
--- trunk/contrib/sudo/strlcat.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/strlcat.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -16,13 +16,13 @@
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
+#include <config.h>
+
#include <sys/types.h>
#include <string.h>
-#include <config.h>
-#include <compat.h>
+#include "missing.h"
-
/*
* Appends src to string dst of size siz (unlike strncat, siz is the
* full size of dst, not space left). At most siz-1 characters
@@ -48,7 +48,7 @@
n = siz - dlen;
if (n == 0)
- return(dlen + strlen(s));
+ return dlen + strlen(s);
while (*s != '\0') {
if (n != 1) {
*d++ = *s;
@@ -58,5 +58,5 @@
}
*d = '\0';
- return(dlen + (s - src)); /* count does not include NUL */
+ return dlen + (s - src); /* count does not include NUL */
}
Modified: trunk/contrib/sudo/strlcpy.c
===================================================================
--- trunk/contrib/sudo/strlcpy.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/strlcpy.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -16,10 +16,11 @@
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
+#include <config.h>
+
#include <sys/types.h>
-#include <config.h>
-#include <compat.h>
+#include "missing.h"
/*
* Copy src to string dst of size siz. At most siz-1 characters
@@ -52,5 +53,5 @@
;
}
- return(s - src - 1); /* count does not include NUL */
+ return s - src - 1; /* count does not include NUL */
}
Modified: trunk/contrib/sudo/strsignal.c
===================================================================
--- trunk/contrib/sudo/strsignal.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/strsignal.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -14,11 +14,14 @@
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
+#include <config.h>
+
+#include <sys/types.h>
+
#include <stdio.h>
#include <signal.h>
-#include <config.h>
-#include <compat.h>
+#include "missing.h"
#if defined(HAVE_DECL_SYS_SIGLIST) && HAVE_DECL_SYS_SIGLIST == 1
# define my_sys_siglist sys_siglist
@@ -38,6 +41,6 @@
int signo;
{
if (signo > 0 && signo < NSIG)
- return((char *)my_sys_siglist[signo]);
- return("Unknown signal");
+ return (char *)my_sys_siglist[signo];
+ return "Unknown signal";
}
Deleted: trunk/contrib/sudo/sudo.8
===================================================================
--- trunk/contrib/sudo/sudo.8 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudo.8 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,624 +0,0 @@
-.\" Copyright (c) 1994-1996,1998-2003 Todd C. Miller <Todd.Miller at courtesan.com>
-.\"
-.\" Permission to use, copy, modify, and distribute this software for any
-.\" purpose with or without fee is hereby granted, provided that the above
-.\" copyright notice and this permission notice appear in all copies.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-.\"
-.\" Sponsored in part by the Defense Advanced Research Projects
-.\" Agency (DARPA) and Air Force Research Laboratory, Air Force
-.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
-.\"
-.\" $Sudo: sudo.pod,v 1.73 2004/09/08 18:34:38 millert Exp $
-.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.14
-.\"
-.\" Standard preamble:
-.\" ========================================================================
-.de Sh \" Subsection heading
-.br
-.if t .Sp
-.ne 5
-.PP
-\fB\\$1\fR
-.PP
-..
-.de Sp \" Vertical space (when we can't use .PP)
-.if t .sp .5v
-.if n .sp
-..
-.de Vb \" Begin verbatim text
-.ft CW
-.nf
-.ne \\$1
-..
-.de Ve \" End verbatim text
-.ft R
-.fi
-..
-.\" Set up some character translations and predefined strings. \*(-- will
-.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
-.\" double quote, and \*(R" will give a right double quote. | will give a
-.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used to
-.\" do unbreakable dashes and therefore won't be available. \*(C` and \*(C'
-.\" expand to `' in nroff, nothing in troff, for use with C<>.
-.tr \(*W-|\(bv\*(Tr
-.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
-.ie n \{\
-. ds -- \(*W-
-. ds PI pi
-. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
-. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
-. ds L" ""
-. ds R" ""
-. ds C`
-. ds C'
-'br\}
-.el\{\
-. ds -- \|\(em\|
-. ds PI \(*p
-. ds L" ``
-. ds R" ''
-'br\}
-.\"
-.\" If the F register is turned on, we'll generate index entries on stderr for
-.\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index
-.\" entries marked with X<> in POD. Of course, you'll have to process the
-.\" output yourself in some meaningful fashion.
-.if \nF \{\
-. de IX
-. tm Index:\\$1\t\\n%\t"\\$2"
-..
-. nr % 0
-. rr F
-.\}
-.\"
-.\" For nroff, turn off justification. Always turn off hyphenation; it makes
-.\" way too many mistakes in technical documents.
-.hy 0
-.if n .na
-.\"
-.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
-.\" Fear. Run. Save yourself. No user-serviceable parts.
-. \" fudge factors for nroff and troff
-.if n \{\
-. ds #H 0
-. ds #V .8m
-. ds #F .3m
-. ds #[ \f1
-. ds #] \fP
-.\}
-.if t \{\
-. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
-. ds #V .6m
-. ds #F 0
-. ds #[ \&
-. ds #] \&
-.\}
-. \" simple accents for nroff and troff
-.if n \{\
-. ds ' \&
-. ds ` \&
-. ds ^ \&
-. ds , \&
-. ds ~ ~
-. ds /
-.\}
-.if t \{\
-. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
-. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
-. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
-. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
-. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
-. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
-.\}
-. \" troff and (daisy-wheel) nroff accents
-.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
-.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
-.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
-.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
-.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
-.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
-.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
-.ds ae a\h'-(\w'a'u*4/10)'e
-.ds Ae A\h'-(\w'A'u*4/10)'E
-. \" corrections for vroff
-.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
-.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
-. \" for low resolution devices (crt and lpr)
-.if \n(.H>23 .if \n(.V>19 \
-\{\
-. ds : e
-. ds 8 ss
-. ds o a
-. ds d- d\h'-1'\(ga
-. ds D- D\h'-1'\(hy
-. ds th \o'bp'
-. ds Th \o'LP'
-. ds ae ae
-. ds Ae AE
-.\}
-.rm #[ #] #H #V #F C
-.\" ========================================================================
-.\"
-.IX Title "SUDO 8"
-.TH SUDO 8 "June 20, 2005" "1.6.8p12" "MAINTENANCE COMMANDS"
-.SH "NAME"
-sudo, sudoedit \- execute a command as another user
-.SH "SYNOPSIS"
-.IX Header "SYNOPSIS"
-\&\fBsudo\fR \fB\-K\fR | \fB\-L\fR | \fB\-V\fR | \fB\-h\fR | \fB\-k\fR | \fB\-l\fR | \fB\-v\fR
-.PP
-\&\fBsudo\fR [\fB\-HPSb\fR] [\fB\-a\fR\ \fIauth_type\fR] [\fB\-c\fR\ \fIclass\fR|\fI\-\fR]
-[\fB\-p\fR\ \fIprompt\fR] [\fB\-u\fR\ \fIusername\fR|\fI#uid\fR]
-{\fB\-e\fR\ file\ [...]\ |\ \fB\-i\fR\ |\ \fB\-s\fR\ |\ \fIcommand\fR}
-.PP
-\&\fBsudoedit\fR [\fB\-S\fR] [\fB\-a\fR\ \fIauth_type\fR]
-[\fB\-p\fR\ \fIprompt\fR] [\fB\-u\fR\ \fIusername\fR|\fI#uid\fR]
-file [...]
-.SH "DESCRIPTION"
-.IX Header "DESCRIPTION"
-\&\fBsudo\fR allows a permitted user to execute a \fIcommand\fR as the
-superuser or another user, as specified in the \fIsudoers\fR file.
-The real and effective uid and gid are set to match those of the
-target user as specified in the passwd file and the group vector
-is initialized based on the group file (unless the \fB\-P\fR option was
-specified). If the invoking user is root or if the target user is
-the same as the invoking user, no password is required. Otherwise,
-\&\fBsudo\fR requires that users authenticate themselves with a password
-by default (\s-1NOTE:\s0 in the default configuration this is the user's
-password, not the root password). Once a user has been authenticated,
-a timestamp is updated and the user may then use sudo without a
-password for a short period of time (\f(CW\*(C`5\*(C'\fR minutes unless
-overridden in \fIsudoers\fR).
-.PP
-When invoked as \fBsudoedit\fR, the \fB\-e\fR option (described below),
-is implied.
-.PP
-\&\fBsudo\fR determines who is an authorized user by consulting the file
-\&\fI/etc/sudoers\fR. By giving \fBsudo\fR the \fB\-v\fR flag a user
-can update the time stamp without running a \fIcommand.\fR The password
-prompt itself will also time out if the user's password is not
-entered within \f(CW\*(C`5\*(C'\fR minutes (unless overridden via
-\&\fIsudoers\fR).
-.PP
-If a user who is not listed in the \fIsudoers\fR file tries to run a
-command via \fBsudo\fR, mail is sent to the proper authorities, as
-defined at configure time or in the \fIsudoers\fR file (defaults to
-\&\f(CW\*(C`root\*(C'\fR). Note that the mail will not be sent if an unauthorized
-user tries to run sudo with the \fB\-l\fR or \fB\-v\fR flags. This allows
-users to determine for themselves whether or not they are allowed
-to use \fBsudo\fR.
-.PP
-If \fBsudo\fR is run by root and the \f(CW\*(C`SUDO_USER\*(C'\fR environment variable
-is set, \fBsudo\fR will use this value to determine who the actual
-user is. This can be used by a user to log commands through sudo
-even when a root shell has been invoked. It also allows the \fB\-e\fR
-flag to remain useful even when being run via a sudo-run script or
-program. Note however, that the sudoers lookup is still done for
-root, not the user specified by \f(CW\*(C`SUDO_USER\*(C'\fR.
-.PP
-\&\fBsudo\fR can log both successful and unsuccessful attempts (as well
-as errors) to \fIsyslog\fR\|(3), a log file, or both. By default \fBsudo\fR
-will log via \fIsyslog\fR\|(3) but this is changeable at configure time
-or via the \fIsudoers\fR file.
-.SH "OPTIONS"
-.IX Header "OPTIONS"
-\&\fBsudo\fR accepts the following command line options:
-.IP "\-H" 4
-.IX Item "-H"
-The \fB\-H\fR (\fI\s-1HOME\s0\fR) option sets the \f(CW\*(C`HOME\*(C'\fR environment variable
-to the homedir of the target user (root by default) as specified
-in passwd(5). By default, \fBsudo\fR does not modify \f(CW\*(C`HOME\*(C'\fR
-(see \fIset_home\fR and \fIalways_set_home\fR in sudoers(5)).
-.IP "\-K" 4
-.IX Item "-K"
-The \fB\-K\fR (sure \fIkill\fR) option is like \fB\-k\fR except that it removes
-the user's timestamp entirely. Like \fB\-k\fR, this option does not
-require a password.
-.IP "\-L" 4
-.IX Item "-L"
-The \fB\-L\fR (\fIlist\fR defaults) option will list out the parameters
-that may be set in a \fIDefaults\fR line along with a short description
-for each. This option is useful in conjunction with \fIgrep\fR\|(1).
-.IP "\-P" 4
-.IX Item "-P"
-The \fB\-P\fR (\fIpreserve group vector\fR) option causes \fBsudo\fR to
-preserve the invoking user's group vector unaltered. By default,
-\&\fBsudo\fR will initialize the group vector to the list of groups the
-target user is in. The real and effective group IDs, however, are
-still set to match the target user.
-.IP "\-S" 4
-.IX Item "-S"
-The \fB\-S\fR (\fIstdin\fR) option causes \fBsudo\fR to read the password from
-the standard input instead of the terminal device.
-.IP "\-V" 4
-.IX Item "-V"
-The \fB\-V\fR (\fIversion\fR) option causes \fBsudo\fR to print the version
-number and exit. If the invoking user is already root the \fB\-V\fR
-option will print out a list of the defaults \fBsudo\fR was compiled
-with as well as the machine's local network addresses.
-.IP "\-a" 4
-.IX Item "-a"
-The \fB\-a\fR (\fIauthentication type\fR) option causes \fBsudo\fR to use the
-specified authentication type when validating the user, as allowed
-by /etc/login.conf. The system administrator may specify a list
-of sudo-specific authentication methods by adding an \*(L"auth\-sudo\*(R"
-entry in /etc/login.conf. This option is only available on systems
-that support \s-1BSD\s0 authentication where \fBsudo\fR has been configured
-with the \-\-with\-bsdauth option.
-.IP "\-b" 4
-.IX Item "-b"
-The \fB\-b\fR (\fIbackground\fR) option tells \fBsudo\fR to run the given
-command in the background. Note that if you use the \fB\-b\fR
-option you cannot use shell job control to manipulate the process.
-.IP "\-c" 4
-.IX Item "-c"
-The \fB\-c\fR (\fIclass\fR) option causes \fBsudo\fR to run the specified command
-with resources limited by the specified login class. The \fIclass\fR
-argument can be either a class name as defined in /etc/login.conf,
-or a single '\-' character. Specifying a \fIclass\fR of \f(CW\*(C`\-\*(C'\fR indicates
-that the command should be run restricted by the default login
-capabilities for the user the command is run as. If the \fIclass\fR
-argument specifies an existing user class, the command must be run
-as root, or the \fBsudo\fR command must be run from a shell that is already
-root. This option is only available on systems with \s-1BSD\s0 login classes
-where \fBsudo\fR has been configured with the \-\-with\-logincap option.
-.IP "\-e" 4
-.IX Item "-e"
-The \fB\-e\fR (\fIedit\fR) option indicates that, instead of running
-a command, the user wishes to edit one or more files. In lieu
-of a command, the string \*(L"sudoedit\*(R" is used when consulting
-the \fIsudoers\fR file. If the user is authorized by \fIsudoers\fR
-the following steps are taken:
-.RS 4
-.IP "1." 8
-Temporary copies are made of the files to be edited with the owner
-set to the invoking user.
-.IP "2." 8
-The editor specified by the \f(CW\*(C`VISUAL\*(C'\fR or \f(CW\*(C`EDITOR\*(C'\fR environment
-variables is run to edit the temporary files. If neither \f(CW\*(C`VISUAL\*(C'\fR
-nor \f(CW\*(C`EDITOR\*(C'\fR are set, the program listed in the \fIeditor\fR \fIsudoers\fR
-variable is used.
-.IP "3." 8
-If they have been modified, the temporary files are copied back to
-their original location and the temporary versions are removed.
-.RE
-.RS 4
-.Sp
-If the specified file does not exist, it will be created. Note
-that unlike most commands run by \fBsudo\fR, the editor is run with
-the invoking user's environment unmodified. If, for some reason,
-\&\fBsudo\fR is unable to update a file with its edited version, the
-user will receive a warning and the edited copy will remain in a
-temporary file.
-.RE
-.IP "\-h" 4
-.IX Item "-h"
-The \fB\-h\fR (\fIhelp\fR) option causes \fBsudo\fR to print a usage message and exit.
-.IP "\-i" 4
-.IX Item "-i"
-The \fB\-i\fR (\fIsimulate initial login\fR) option runs the shell specified
-in the passwd(5) entry of the user that the command is
-being run as. The command name argument given to the shell begins
-with a \f(CW\*(C`\-\*(C'\fR to tell the shell to run as a login shell. \fBsudo\fR
-attempts to change to that user's home directory before running the
-shell. It also initializes the environment, leaving \fI\s-1TERM\s0\fR
-unchanged, setting \fI\s-1HOME\s0\fR, \fI\s-1SHELL\s0\fR, \fI\s-1USER\s0\fR, \fI\s-1LOGNAME\s0\fR, and
-\&\fI\s-1PATH\s0\fR, and unsetting all other environment variables. Note that
-because the shell to use is determined before the \fIsudoers\fR file
-is parsed, a \fIrunas_default\fR setting in \fIsudoers\fR will specify
-the user to run the shell as but will not affect which shell is
-actually run.
-.IP "\-k" 4
-.IX Item "-k"
-The \fB\-k\fR (\fIkill\fR) option to \fBsudo\fR invalidates the user's timestamp
-by setting the time on it to the Epoch. The next time \fBsudo\fR is
-run a password will be required. This option does not require a password
-and was added to allow a user to revoke \fBsudo\fR permissions from a .logout
-file.
-.IP "\-l" 4
-.IX Item "-l"
-The \fB\-l\fR (\fIlist\fR) option will list out the allowed (and
-forbidden) commands for the user on the current host.
-.IP "\-p" 4
-.IX Item "-p"
-The \fB\-p\fR (\fIprompt\fR) option allows you to override the default
-password prompt and use a custom one. The following percent (`\f(CW\*(C`%\*(C'\fR')
-escapes are supported:
-.RS 4
-.ie n .IP "%u" 8
-.el .IP "\f(CW%u\fR" 8
-.IX Item "%u"
-expanded to the invoking user's login name
-.ie n .IP "%U" 8
-.el .IP "\f(CW%U\fR" 8
-.IX Item "%U"
-expanded to the login name of the user the command will
-be run as (defaults to root)
-.ie n .IP "%h" 8
-.el .IP "\f(CW%h\fR" 8
-.IX Item "%h"
-expanded to the local hostname without the domain name
-.ie n .IP "%H" 8
-.el .IP "\f(CW%H\fR" 8
-.IX Item "%H"
-expanded to the local hostname including the domain name
-(on if the machine's hostname is fully qualified or the \fIfqdn\fR
-sudoers option is set)
-.ie n .IP "\*(C`%%\*(C'" 8
-.el .IP "\f(CW\*(C`%%\*(C'\fR" 8
-.IX Item "%%"
-two consecutive \f(CW\*(C`%\*(C'\fR characters are collapsed into a single \f(CW\*(C`%\*(C'\fR character
-.RE
-.RS 4
-.RE
-.IP "\-s" 4
-.IX Item "-s"
-The \fB\-s\fR (\fIshell\fR) option runs the shell specified by the \fI\s-1SHELL\s0\fR
-environment variable if it is set or the shell as specified
-in passwd(5).
-.IP "\-u" 4
-.IX Item "-u"
-The \fB\-u\fR (\fIuser\fR) option causes \fBsudo\fR to run the specified command
-as a user other than \fIroot\fR. To specify a \fIuid\fR instead of a
-\&\fIusername\fR, use \fI#uid\fR. Note that if the \fItargetpw\fR Defaults
-option is set (see sudoers(5)) it is not possible
-to run commands with a uid not listed in the password database.
-.IP "\-v" 4
-.IX Item "-v"
-If given the \fB\-v\fR (\fIvalidate\fR) option, \fBsudo\fR will update the
-user's timestamp, prompting for the user's password if necessary.
-This extends the \fBsudo\fR timeout for another \f(CW\*(C`5\*(C'\fR minutes
-(or whatever the timeout is set to in \fIsudoers\fR) but does not run
-a command.
-.IP "\-\-" 4
-The \fB\-\-\fR flag indicates that \fBsudo\fR should stop processing command
-line arguments. It is most useful in conjunction with the \fB\-s\fR flag.
-.SH "RETURN VALUES"
-.IX Header "RETURN VALUES"
-Upon successful execution of a program, the return value from \fBsudo\fR
-will simply be the return value of the program that was executed.
-.PP
-Otherwise, \fBsudo\fR quits with an exit value of 1 if there is a
-configuration/permission problem or if \fBsudo\fR cannot execute the
-given command. In the latter case the error string is printed to
-stderr. If \fBsudo\fR cannot \fIstat\fR\|(2) one or more entries in the user's
-\&\f(CW\*(C`PATH\*(C'\fR an error is printed on stderr. (If the directory does not
-exist or if it is not really a directory, the entry is ignored and
-no error is printed.) This should not happen under normal
-circumstances. The most common reason for \fIstat\fR\|(2) to return
-\&\*(L"permission denied\*(R" is if you are running an automounter and one
-of the directories in your \f(CW\*(C`PATH\*(C'\fR is on a machine that is currently
-unreachable.
-.SH "SECURITY NOTES"
-.IX Header "SECURITY NOTES"
-\&\fBsudo\fR tries to be safe when executing external commands. Variables
-that control how dynamic loading and binding is done can be used
-to subvert the program that \fBsudo\fR runs. To combat this the
-\&\f(CW\*(C`LD_*\*(C'\fR, \f(CW\*(C`_RLD_*\*(C'\fR, \f(CW\*(C`SHLIB_PATH\*(C'\fR (\s-1HP\-UX\s0 only), and \f(CW\*(C`LIBPATH\*(C'\fR (\s-1AIX\s0
-only) environment variables are removed from the environment passed
-on to all commands executed. \fBsudo\fR will also remove the \f(CW\*(C`IFS\*(C'\fR,
-\&\f(CW\*(C`CDPATH\*(C'\fR, \f(CW\*(C`ENV\*(C'\fR, \f(CW\*(C`BASH_ENV\*(C'\fR, \f(CW\*(C`KRB_CONF\*(C'\fR, \f(CW\*(C`KRBCONFDIR\*(C'\fR, \f(CW\*(C`KRBTKFILE\*(C'\fR,
-\&\f(CW\*(C`KRB5_CONFIG\*(C'\fR, \f(CW\*(C`LOCALDOMAIN\*(C'\fR, \f(CW\*(C`RES_OPTIONS\*(C'\fR, \f(CW\*(C`HOSTALIASES\*(C'\fR,
-\&\f(CW\*(C`NLSPATH\*(C'\fR, \f(CW\*(C`PATH_LOCALE\*(C'\fR, \f(CW\*(C`TERMINFO\*(C'\fR, \f(CW\*(C`TERMINFO_DIRS\*(C'\fR and
-\&\f(CW\*(C`TERMPATH\*(C'\fR variables as they too can pose a threat. If the
-\&\f(CW\*(C`TERMCAP\*(C'\fR variable is set and is a pathname, it too is ignored.
-Additionally, if the \f(CW\*(C`LC_*\*(C'\fR or \f(CW\*(C`LANGUAGE\*(C'\fR variables contain the
-\&\f(CW\*(C`/\*(C'\fR or \f(CW\*(C`%\*(C'\fR characters, they are ignored. Environment variables
-with a value beginning with \f(CW\*(C`()\*(C'\fR are also removed as they could
-be interpreted as \fBbash\fR functions. If \fBsudo\fR has been
-compiled with SecurID support, the \f(CW\*(C`VAR_ACE\*(C'\fR, \f(CW\*(C`USR_ACE\*(C'\fR and
-\&\f(CW\*(C`DLC_ACE\*(C'\fR variables are cleared as well. The list of environment
-variables that \fBsudo\fR clears is contained in the output of
-\&\f(CW\*(C`sudo \-V\*(C'\fR when run as root.
-.PP
-To prevent command spoofing, \fBsudo\fR checks \*(L".\*(R" and "" (both denoting
-current directory) last when searching for a command in the user's
-\&\s-1PATH\s0 (if one or both are in the \s-1PATH\s0). Note, however, that the
-actual \f(CW\*(C`PATH\*(C'\fR environment variable is \fInot\fR modified and is passed
-unchanged to the program that \fBsudo\fR executes.
-.PP
-For security reasons, if your \s-1OS\s0 supports shared libraries and does
-not disable user-defined library search paths for setuid programs
-(most do), you should either use a linker option that disables this
-behavior or link \fBsudo\fR statically.
-.PP
-\&\fBsudo\fR will check the ownership of its timestamp directory
-(\fI/var/run/sudo\fR by default) and ignore the directory's contents if
-it is not owned by root and only writable by root. On systems that
-allow non-root users to give away files via \fIchown\fR\|(2), if the timestamp
-directory is located in a directory writable by anyone (e.g.: \fI/tmp\fR),
-it is possible for a user to create the timestamp directory before
-\&\fBsudo\fR is run. However, because \fBsudo\fR checks the ownership and
-mode of the directory and its contents, the only damage that can
-be done is to \*(L"hide\*(R" files by putting them in the timestamp dir.
-This is unlikely to happen since once the timestamp dir is owned
-by root and inaccessible by any other user the user placing files
-there would be unable to get them back out. To get around this
-issue you can use a directory that is not world-writable for the
-timestamps (\fI/var/adm/sudo\fR for instance) or create \fI/var/run/sudo\fR
-with the appropriate owner (root) and permissions (0700) in the
-system startup files.
-.PP
-\&\fBsudo\fR will not honor timestamps set far in the future.
-Timestamps with a date greater than current_time + 2 * \f(CW\*(C`TIMEOUT\*(C'\fR
-will be ignored and sudo will log and complain. This is done to
-keep a user from creating his/her own timestamp with a bogus
-date on systems that allow users to give away files.
-.PP
-Please note that \fBsudo\fR will only log the command it explicitly
-runs. If a user runs a command such as \f(CW\*(C`sudo su\*(C'\fR or \f(CW\*(C`sudo sh\*(C'\fR,
-subsequent commands run from that shell will \fInot\fR be logged, nor
-will \fBsudo\fR's access control affect them. The same is true for
-commands that offer shell escapes (including most editors). Because
-of this, care must be taken when giving users access to commands
-via \fBsudo\fR to verify that the command does not inadvertently give
-the user an effective root shell.
-.SH "ENVIRONMENT"
-.IX Header "ENVIRONMENT"
-\&\fBsudo\fR utilizes the following environment variables:
-.PP
-.Vb 2
-\& EDITOR Default editor to use in -e (sudoedit) mode if
-\& VISUAL is not set
-.Ve
-.PP
-.Vb 3
-\& HOME In -s or -H mode (or if sudo was configured with
-\& the --enable-shell-sets-home option), set to
-\& homedir of the target user
-.Ve
-.PP
-.Vb 2
-\& PATH Set to a sane value if sudo was configured with
-\& the --with-secure-path option
-.Ve
-.PP
-.Vb 1
-\& SHELL Used to determine shell to run with -s option
-.Ve
-.PP
-.Vb 1
-\& SUDO_PROMPT Used as the default password prompt
-.Ve
-.PP
-.Vb 1
-\& SUDO_COMMAND Set to the command run by sudo
-.Ve
-.PP
-.Vb 1
-\& SUDO_USER Set to the login of the user who invoked sudo
-.Ve
-.PP
-.Vb 1
-\& SUDO_UID Set to the uid of the user who invoked sudo
-.Ve
-.PP
-.Vb 1
-\& SUDO_GID Set to the gid of the user who invoked sudo
-.Ve
-.PP
-.Vb 1
-\& SUDO_PS1 If set, PS1 will be set to its value
-.Ve
-.PP
-.Vb 2
-\& USER Set to the target user (root unless the -u option
-\& is specified)
-.Ve
-.PP
-.Vb 1
-\& VISUAL Default editor to use in -e (sudoedit) mode
-.Ve
-.SH "FILES"
-.IX Header "FILES"
-.Vb 2
-\& /etc/sudoers List of who can run what
-\& /var/run/sudo Directory containing timestamps
-.Ve
-.SH "EXAMPLES"
-.IX Header "EXAMPLES"
-Note: the following examples assume suitable sudoers(5) entries.
-.PP
-To get a file listing of an unreadable directory:
-.PP
-.Vb 1
-\& $ sudo ls /usr/local/protected
-.Ve
-.PP
-To list the home directory of user yazza on a machine where the
-file system holding ~yazza is not exported as root:
-.PP
-.Vb 1
-\& $ sudo -u yazza ls ~yazza
-.Ve
-.PP
-To edit the \fIindex.html\fR file as user www:
-.PP
-.Vb 1
-\& $ sudo -u www vi ~www/htdocs/index.html
-.Ve
-.PP
-To shutdown a machine:
-.PP
-.Vb 1
-\& $ sudo shutdown -r +15 "quick reboot"
-.Ve
-.PP
-To make a usage listing of the directories in the /home
-partition. Note that this runs the commands in a sub-shell
-to make the \f(CW\*(C`cd\*(C'\fR and file redirection work.
-.PP
-.Vb 1
-\& $ sudo sh -c "cd /home ; du -s * | sort -rn > USAGE"
-.Ve
-.SH "SEE ALSO"
-.IX Header "SEE ALSO"
-\&\fIgrep\fR\|(1), \fIsu\fR\|(1), \fIstat\fR\|(2), \fIlogin_cap\fR\|(3), sudoers(5),
-passwd(5), visudo(8)
-.SH "AUTHORS"
-.IX Header "AUTHORS"
-Many people have worked on \fBsudo\fR over the years; this
-version consists of code written primarily by:
-.PP
-.Vb 2
-\& Todd Miller
-\& Chris Jepeway
-.Ve
-.PP
-See the \s-1HISTORY\s0 file in the \fBsudo\fR distribution or visit
-http://www.sudo.ws/sudo/history.html for a short history
-of \fBsudo\fR.
-.SH "CAVEATS"
-.IX Header "CAVEATS"
-There is no easy way to prevent a user from gaining a root shell
-if that user is allowed to run arbitrary commands via \fBsudo\fR.
-Also, many programs (such as editors) allow the user to run commands
-via shell escapes, thus avoiding \fBsudo\fR's checks. However, on
-most systems it is possible to prevent shell escapes with \fBsudo\fR's
-\&\fInoexec\fR functionality. See the sudoers(5) manual
-for details.
-.PP
-It is not meaningful to run the \f(CW\*(C`cd\*(C'\fR command directly via sudo, e.g.
-.PP
-.Vb 1
-\& $ sudo cd /usr/local/protected
-.Ve
-.PP
-since when the command exits the parent process (your shell) will
-still be the same. Please see the \s-1EXAMPLES\s0 section for more information.
-.PP
-If users have sudo \f(CW\*(C`ALL\*(C'\fR there is nothing to prevent them from
-creating their own program that gives them a root shell regardless
-of any '!' elements in the user specification.
-.PP
-Running shell scripts via \fBsudo\fR can expose the same kernel bugs that
-make setuid shell scripts unsafe on some operating systems (if your \s-1OS\s0
-has a /dev/fd/ directory, setuid shell scripts are generally safe).
-.SH "BUGS"
-.IX Header "BUGS"
-If you feel you have found a bug in \fBsudo\fR, please submit a bug report
-at http://www.sudo.ws/sudo/bugs/
-.SH "SUPPORT"
-.IX Header "SUPPORT"
-Commercial support is available for \fBsudo\fR, see
-http://www.sudo.ws/sudo/support.html for details.
-.PP
-Limited free support is available via the sudo-users mailing list,
-see http://www.sudo.ws/mailman/listinfo/sudo\-users to subscribe or
-search the archives.
-.SH "DISCLAIMER"
-.IX Header "DISCLAIMER"
-\&\fBSudo\fR is provided ``\s-1AS\s0 \s-1IS\s0'' and any express or implied warranties,
-including, but not limited to, the implied warranties of merchantability
-and fitness for a particular purpose are disclaimed. See the \s-1LICENSE\s0
-file distributed with \fBsudo\fR or http://www.sudo.ws/sudo/license.html
-for complete details.
Modified: trunk/contrib/sudo/sudo.c
===================================================================
--- trunk/contrib/sudo/sudo.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudo.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -117,7 +117,6 @@
static void set_runasgr __P((char *));
static void set_runaspw __P((char *));
static void show_version __P((void));
-static struct passwd *get_authpw __P((void));
static void create_admin_success_flag __P((void));
extern int sudo_edit __P((int, char **, char **));
int run_command __P((const char *path, char *argv[], char *envp[], uid_t uid, int dowait)); /* XXX should be in sudo.h */
@@ -130,7 +129,7 @@
char *prev_user;
int user_closefrom = -1;
struct sudo_user sudo_user;
-struct passwd *auth_pw, *list_pw;
+struct passwd *list_pw;
struct interface *interfaces;
int num_interfaces;
int tgetpass_flags;
@@ -236,7 +235,7 @@
show_version();
break;
case MODE_HELP:
- usage(0);
+ help();
break;
case MODE_VALIDATE:
case MODE_VALIDATE|MODE_INVALIDATE:
@@ -313,7 +312,7 @@
/* Update initial shell now that runas is set. */
if (ISSET(sudo_mode, MODE_LOGIN_SHELL))
- NewArgv[0] = runas_pw->pw_shell;
+ NewArgv[0] = estrdup(runas_pw->pw_shell);
/* This goes after sudoers is parsed since it may have timestamp options. */
if (sudo_mode == MODE_KILL || sudo_mode == MODE_INVALIDATE) {
@@ -388,6 +387,7 @@
log_error(0, "timestamp owner (%s): No such user",
def_timestampowner);
timestamp_uid = pw->pw_uid;
+ pw_delref(pw);
}
/* If given the -P option, set the "preserve_groups" flag. */
@@ -422,9 +422,6 @@
/* Build a new environment that avoids any nasty bits. */
rebuild_env(def_noexec);
- /* Fill in passwd struct based on user we are authenticating as. */
- auth_pw = get_authpw();
-
/* Require a password if sudoers says so. */
if (def_authenticate)
check_user(validated, sudo_mode);
@@ -436,6 +433,8 @@
struct passwd *pw;
if ((pw = sudo_getpwnam(prev_user)) != NULL) {
+ if (sudo_user.pw != NULL)
+ pw_delref(sudo_user.pw);
sudo_user.pw = pw;
#ifdef HAVE_MBR_CHECK_MEMBERSHIP
mbr_uid_to_uuid(user_uid, user_uuid);
@@ -487,8 +486,11 @@
#endif
/* Deferred exit due to sudo_ldap_close() */
- if (ISSET(sudo_mode, (MODE_VALIDATE|MODE_CHECK|MODE_LIST)))
+ if (ISSET(sudo_mode, (MODE_VALIDATE|MODE_CHECK|MODE_LIST))) {
+ if (list_pw != NULL)
+ pw_delref(list_pw);
exit(rc);
+ }
/* Must audit before uid change. */
audit_success(NewArgv);
@@ -558,6 +560,31 @@
}
/*
+ * Escape any non-alpha numeric or blank characters to make sure
+ * they are not interpreted specially by the shell.
+ */
+static char *
+escape_cmnd(src)
+ const char *src;
+{
+ char *cmnd, *dst;
+
+ /* Worst case scenario, we have to escape everything. */
+ cmnd = dst = emalloc((2 * strlen(src)) + 1);
+ while (*src != '\0') {
+ if (!isalnum((unsigned char)*src) && !isspace((unsigned char)*src) &&
+ *src != '_' && *src != '-') {
+ /* quote potential meta character */
+ *dst++ = '\\';
+ }
+ *dst++ = *src++;
+ }
+ *dst++ = '\0';
+
+ return cmnd;
+}
+
+/*
* Initialize timezone, set umask, fill in ``sudo_user'' struct and
* load the ``interfaces'' array.
*/
@@ -639,9 +666,7 @@
}
/*
- * Get a local copy of the user's struct passwd with the shadow password
- * if necessary. It is assumed that euid is 0 at this point so we
- * can read the shadow passwd file if necessary.
+ * Stash a local copy of the user's struct passwd.
*/
if ((sudo_user.pw = sudo_getpwuid(getuid())) == NULL) {
/* Need to make a fake struct passwd for logging to work. */
@@ -649,8 +674,8 @@
char pw_name[MAX_UID_T_LEN + 1];
pw.pw_uid = getuid();
- (void) snprintf(pw_name, sizeof(pw_name), "%lu",
- (unsigned long) pw.pw_uid);
+ (void) snprintf(pw_name, sizeof(pw_name), "%u",
+ (unsigned int) pw.pw_uid);
pw.pw_name = pw_name;
sudo_user.pw = &pw;
@@ -708,32 +733,14 @@
av[0] = user_shell; /* may be updated later */
if (NewArgc > 0) {
- size_t cmnd_size = 1024;
- char *cmnd, *src, *dst, **ap;
-
+ size_t cmnd_size;
+ char *cmnd, *src, *dst, *end;
+ cmnd_size = (size_t) (NewArgv[NewArgc - 1] - NewArgv[0]) +
+ strlen(NewArgv[NewArgc - 1]) + 1;
cmnd = dst = emalloc(cmnd_size);
- for (ap = NewArgv; *ap != NULL; ap++) {
- for (src = *ap; *src != '\0'; src++) {
- /* reserve room for an escaped char + space */
- if (cmnd_size < (dst - cmnd) + 3) {
- char *new_cmnd;
- cmnd_size <<= 1;
- new_cmnd = erealloc(cmnd, cmnd_size);
- dst = new_cmnd + (dst - cmnd);
- cmnd = new_cmnd;
- }
- if (isalnum((unsigned char)*src) || *src == '_' || *src == '-') {
- *dst++ = *src;
- } else {
- /* quote potential meta character */
- *dst++ = '\\';
- *dst++ = *src;
- }
- }
- *dst++ = ' ';
- }
- if (cmnd != dst)
- dst--; /* replace last space with a NUL */
+ src = NewArgv[0];
+ for (end = src + cmnd_size - 1; src < end; src++, dst++)
+ *dst = *src == '\0' ? ' ' : *src;
*dst = '\0';
av[1] = "-c";
av[2] = cmnd;
@@ -816,7 +823,7 @@
if (!runas_user && !runas_group)
set_runaspw(def_runas_default); /* may have been updated above */
- return(rval);
+ return rval;
}
/*
@@ -838,10 +845,6 @@
}
#endif
- /* Close the password and group files and free up memory. */
- sudo_endpwent();
- sudo_endgrent();
-
/*
* For sudoedit, the command runas a the user with no additional setup.
*/
@@ -898,10 +901,18 @@
}
#endif
+ /* Close the password and group files and free up memory. */
+ sudo_endpwent();
+ sudo_endgrent();
+ pw_delref(sudo_user.pw);
+ pw_delref(runas_pw);
+ if (runas_gr != NULL)
+ gr_delref(runas_gr);
+
rval = TRUE;
done:
- return(rval);
+ return rval;
}
/*
@@ -925,6 +936,13 @@
cstat.type = CMD_INVALID;
cstat.val = 0;
+ /* Escape meta chars if running a shell with args. */
+ if (ISSET(sudo_mode, MODE_SHELL) && argv[1] != NULL) {
+ char *cmnd = argv[2];
+ argv[2] = escape_cmnd(cmnd);
+ efree(cmnd);
+ }
+
sudo_execve(path, argv, envp, uid, &cstat, dowait,
ISSET(sudo_mode, MODE_BACKGROUND));
@@ -951,7 +969,13 @@
#ifdef _PATH_SUDO_IO_LOGDIR
io_log_close();
#endif
- return(exitcode);
+ sudo_endpwent();
+ sudo_endgrent();
+ pw_delref(sudo_user.pw);
+ pw_delref(runas_pw);
+ if (runas_gr != NULL)
+ gr_delref(runas_gr);
+ return exitcode;
}
/*
@@ -1001,16 +1025,16 @@
log_error(USE_ERRNO|NO_EXIT, "can't stat %s", sudoers);
else if (!S_ISREG(statbuf.st_mode))
log_error(NO_EXIT, "%s is not a regular file", sudoers);
- else if ((statbuf.st_mode & 07777) != SUDOERS_MODE)
+ else if ((statbuf.st_mode & 07577) != SUDOERS_MODE)
log_error(NO_EXIT, "%s is mode 0%o, should be 0%o", sudoers,
(unsigned int) (statbuf.st_mode & 07777),
(unsigned int) SUDOERS_MODE);
else if (statbuf.st_uid != SUDOERS_UID)
- log_error(NO_EXIT, "%s is owned by uid %lu, should be %lu", sudoers,
- (unsigned long) statbuf.st_uid, (unsigned long) SUDOERS_UID);
+ log_error(NO_EXIT, "%s is owned by uid %u, should be %u", sudoers,
+ (unsigned int) statbuf.st_uid, (unsigned int) SUDOERS_UID);
else if (statbuf.st_gid != SUDOERS_GID)
- log_error(NO_EXIT, "%s is owned by gid %lu, should be %lu", sudoers,
- (unsigned long) statbuf.st_gid, (unsigned long) SUDOERS_GID);
+ log_error(NO_EXIT, "%s is owned by gid %u, should be %u", sudoers,
+ (unsigned int) statbuf.st_gid, (unsigned int) SUDOERS_GID);
else if ((fp = fopen(sudoers, "r")) == NULL)
log_error(USE_ERRNO|NO_EXIT, "can't open %s", sudoers);
else {
@@ -1031,7 +1055,7 @@
}
set_perms(PERM_ROOT); /* change back to root */
- return(fp);
+ return fp;
}
/*
@@ -1042,10 +1066,15 @@
initial_setup()
{
int miss[3], devnull = -1;
+ sigset_t mask;
#if defined(__linux__) || (defined(RLIMIT_CORE) && !defined(SUDO_DEVEL))
struct rlimit rl;
#endif
+ /* Reset signal mask. */
+ (void) sigemptyset(&mask);
+ (void) sigprocmask(SIG_SETMASK, &mask, NULL);
+
#if defined(__linux__)
/*
* Unlimit the number of processes since Linux's setuid() will
@@ -1178,13 +1207,15 @@
}
/*
- * Get passwd entry for the user we are going to run commands as.
- * By default, this is "root". Updates runas_pw as a side effect.
+ * Get passwd entry for the user we are going to run commands as
+ * and store it in runas_pw. By default, commands run as "root".
*/
static void
set_runaspw(user)
char *user;
{
+ if (runas_pw != NULL)
+ pw_delref(runas_pw);
if (*user == '#') {
if ((runas_pw = sudo_getpwuid(atoi(user + 1))) == NULL)
runas_pw = sudo_fakepwnam(user, runas_gr ? runas_gr->gr_gid : 0);
@@ -1197,13 +1228,15 @@
}
/*
- * Get group entry for the group we are going to run commands as.
- * Updates runas_pw as a side effect.
+ * Get group entry for the group we are going to run commands as
+ * and store it in runas_gr.
*/
static void
set_runasgr(group)
char *group;
{
+ if (runas_gr != NULL)
+ gr_delref(runas_gr);
if (*group == '#') {
if ((runas_gr = sudo_getgrgid(atoi(group + 1))) == NULL)
runas_gr = sudo_fakegrnam(group);
@@ -1214,33 +1247,6 @@
}
/*
- * Get passwd entry for the user we are going to authenticate as.
- * By default, this is the user invoking sudo. In the most common
- * case, this matches sudo_user.pw or runas_pw.
- */
-static struct passwd *
-get_authpw()
-{
- struct passwd *pw;
-
- if (def_rootpw) {
- if ((pw = sudo_getpwuid(0)) == NULL)
- log_error(0, "unknown uid: 0");
- } else if (def_runaspw) {
- if ((pw = sudo_getpwnam(def_runas_default)) == NULL)
- log_error(0, "unknown user: %s", def_runas_default);
- } else if (def_targetpw) {
- if (runas_pw->pw_name == NULL)
- log_error(NO_MAIL|MSG_ONLY, "unknown uid: %lu",
- (unsigned long) runas_pw->pw_uid);
- pw = runas_pw;
- } else
- pw = sudo_user.pw;
-
- return(pw);
-}
-
-/*
* Cleanup hook for error()/errorx()
*/
void
Modified: trunk/contrib/sudo/sudo.cat
===================================================================
--- trunk/contrib/sudo/sudo.cat 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudo.cat 2014-10-02 03:20:49 UTC (rev 6803)
@@ -61,7 +61,7 @@
-1.7.4 July 19, 2010 1
+1.7.5rc1 February 21, 2011 1
@@ -127,7 +127,7 @@
-1.7.4 July 19, 2010 2
+1.7.5rc1 February 21, 2011 2
@@ -185,8 +185,8 @@
are set, or if _�s_�e_�t_�__�h_�o_�m_�e is set and the -�-s�s option is
specified on the command line.
- -h The -�-h�h (_�h_�e_�l_�p) option causes s�su�ud�do�o to print a usage message
- and exit.
+ -h The -�-h�h (_�h_�e_�l_�p) option causes s�su�ud�do�o to print a short help
+ message to the standard output and exit.
-i [command]
The -�-i�i (_�s_�i_�m_�u_�l_�a_�t_�e _�i_�n_�i_�t_�i_�a_�l _�l_�o_�g_�i_�n) option runs the shell
@@ -193,7 +193,7 @@
-1.7.4 July 19, 2010 3
+1.7.5rc1 February 21, 2011 3
@@ -259,7 +259,7 @@
-1.7.4 July 19, 2010 4
+1.7.5rc1 February 21, 2011 4
@@ -325,7 +325,7 @@
-1.7.4 July 19, 2010 5
+1.7.5rc1 February 21, 2011 5
@@ -391,7 +391,7 @@
-1.7.4 July 19, 2010 6
+1.7.5rc1 February 21, 2011 6
@@ -457,7 +457,7 @@
-1.7.4 July 19, 2010 7
+1.7.5rc1 February 21, 2011 7
@@ -523,7 +523,7 @@
-1.7.4 July 19, 2010 8
+1.7.5rc1 February 21, 2011 8
@@ -589,7 +589,7 @@
-1.7.4 July 19, 2010 9
+1.7.5rc1 February 21, 2011 9
@@ -655,6 +655,6 @@
-1.7.4 July 19, 2010 10
+1.7.5rc1 February 21, 2011 10
Modified: trunk/contrib/sudo/sudo.h
===================================================================
--- trunk/contrib/sudo/sudo.h 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudo.h 2014-10-02 03:20:49 UTC (rev 6803)
@@ -24,7 +24,7 @@
#include <pathnames.h>
#include <limits.h>
-#include "compat.h"
+#include "missing.h"
#include "alloc.h"
#include "defaults.h"
#include "error.h"
@@ -235,6 +235,8 @@
/* exec.c */
int sudo_execve __P((const char *path, char *argv[], char *envp[], uid_t uid,
struct command_status *cstat, int dowait, int bgmode));
+void save_signals __P((void));
+void restore_signals __P((void));
/* fileops.c */
char *sudo_parseln __P((FILE *));
@@ -301,6 +303,10 @@
void sudo_setgrent __P((void));
void sudo_setpwent __P((void));
void sudo_setspent __P((void));
+void gr_addref __P((struct group *));
+void gr_delref __P((struct group *));
+void pw_addref __P((struct passwd *));
+void pw_delref __P((struct passwd *));
/* selinux.c */
int selinux_restore_tty __P((void));
@@ -314,7 +320,7 @@
/* sudo.c */
FILE *open_sudoers __P((const char *, int, int *));
int exec_setup __P((int, const char *, int));
-void cleanup __P((int));
+RETSIGTYPE cleanup __P((int));
void set_fqdn __P((void));
/* sudo_auth.c */
@@ -350,7 +356,7 @@
/* Only provide extern declarations outside of sudo.c. */
#ifndef _SUDO_MAIN
extern struct sudo_user sudo_user;
-extern struct passwd *auth_pw, *list_pw;
+extern struct passwd *list_pw;
extern int tgetpass_flags;
extern int long_list;
Deleted: trunk/contrib/sudo/sudo.man
===================================================================
--- trunk/contrib/sudo/sudo.man 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudo.man 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,802 +0,0 @@
-.\" Copyright (c) 1994-1996, 1998-2005, 2007-2010
-.\" Todd C. Miller <Todd.Miller at courtesan.com>
-.\"
-.\" Permission to use, copy, modify, and distribute this software for any
-.\" purpose with or without fee is hereby granted, provided that the above
-.\" copyright notice and this permission notice appear in all copies.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-.\"
-.\" Sponsored in part by the Defense Advanced Research Projects
-.\" Agency (DARPA) and Air Force Research Laboratory, Air Force
-.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
-.\"
-.nr SL 0
-.nr BA 0
-.nr LC 1
-.nr PT 5
-.\"
-.\" Automatically generated by Pod::Man 2.22 (Pod::Simple 3.07)
-.\"
-.\" Standard preamble:
-.\" ========================================================================
-.de Sp \" Vertical space (when we can't use .PP)
-.if t .sp .5v
-.if n .sp
-..
-.de Vb \" Begin verbatim text
-.ft CW
-.nf
-.ne \\$1
-..
-.de Ve \" End verbatim text
-.ft R
-.fi
-..
-.\" Set up some character translations and predefined strings. \*(-- will
-.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
-.\" double quote, and \*(R" will give a right double quote. \*(C+ will
-.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
-.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
-.\" nothing in troff, for use with C<>.
-.tr \(*W-
-.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
-.ie n \{\
-. ds -- \(*W-
-. ds PI pi
-. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
-. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
-. ds L" ""
-. ds R" ""
-. ds C`
-. ds C'
-'br\}
-.el\{\
-. ds -- \|\(em\|
-. ds PI \(*p
-. ds L" ``
-. ds R" ''
-'br\}
-.\"
-.\" Escape single quotes in literal strings from groff's Unicode transform.
-.ie \n(.g .ds Aq \(aq
-.el .ds Aq '
-.\"
-.\" If the F register is turned on, we'll generate index entries on stderr for
-.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
-.\" entries marked with X<> in POD. Of course, you'll have to process the
-.\" output yourself in some meaningful fashion.
-.ie \nF \{\
-. de IX
-. tm Index:\\$1\t\\n%\t"\\$2"
-..
-. nr % 0
-. rr F
-.\}
-.el \{\
-. de IX
-..
-.\}
-.\"
-.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
-.\" Fear. Run. Save yourself. No user-serviceable parts.
-. \" fudge factors for nroff and troff
-.if n \{\
-. ds #H 0
-. ds #V .8m
-. ds #F .3m
-. ds #[ \f1
-. ds #] \fP
-.\}
-.if t \{\
-. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
-. ds #V .6m
-. ds #F 0
-. ds #[ \&
-. ds #] \&
-.\}
-. \" simple accents for nroff and troff
-.if n \{\
-. ds ' \&
-. ds ` \&
-. ds ^ \&
-. ds , \&
-. ds ~ ~
-. ds /
-.\}
-.if t \{\
-. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
-. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
-. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
-. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
-. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
-. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
-.\}
-. \" troff and (daisy-wheel) nroff accents
-.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
-.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
-.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
-.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
-.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
-.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
-.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
-.ds ae a\h'-(\w'a'u*4/10)'e
-.ds Ae A\h'-(\w'A'u*4/10)'E
-. \" corrections for vroff
-.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
-.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
-. \" for low resolution devices (crt and lpr)
-.if \n(.H>23 .if \n(.V>19 \
-\{\
-. ds : e
-. ds 8 ss
-. ds o a
-. ds d- d\h'-1'\(ga
-. ds D- D\h'-1'\(hy
-. ds th \o'bp'
-. ds Th \o'LP'
-. ds ae ae
-. ds Ae AE
-.\}
-.rm #[ #] #H #V #F C
-.\" ========================================================================
-.\"
-.IX Title "SUDO 8"
-.TH SUDO 8 "July 19, 2010" "1.7.4" "MAINTENANCE COMMANDS"
-.\" For nroff, turn off justification. Always turn off hyphenation; it makes
-.\" way too many mistakes in technical documents.
-.if n .ad l
-.nh
-.SH "NAME"
-sudo, sudoedit \- execute a command as another user
-.SH "SYNOPSIS"
-.IX Header "SYNOPSIS"
-\&\fBsudo\fR \fB\-h\fR | \fB\-K\fR | \fB\-k\fR | \fB\-L\fR | \fB\-V\fR
-.PP
-\&\fBsudo\fR \fB\-v\fR [\fB\-AknS\fR]
-.if \n(BA [\fB\-a\fR\ \fIauth_type\fR]
-[\fB\-g\fR\ \fIgroup\ name\fR|\fI#gid\fR] [\fB\-p\fR\ \fIprompt\fR]
-[\fB\-u\fR\ \fIusername\fR|\fI#uid\fR]
-.PP
-\&\fBsudo\fR \fB\-l[l]\fR [\fB\-AknS\fR]
-.if \n(BA [\fB\-a\fR\ \fIauth_type\fR]
-[\fB\-g\fR\ \fIgroup\ name\fR|\fI#gid\fR] [\fB\-p\fR\ \fIprompt\fR]
-[\fB\-U\fR\ \fIuser\ name\fR] [\fB\-u\fR\ \fIuser\ name\fR|\fI#uid\fR] [\fIcommand\fR]
-.PP
-\&\fBsudo\fR [\fB\-AbEHnPS\fR]
-.if \n(BA [\fB\-a\fR\ \fIauth_type\fR]
-[\fB\-C\fR\ \fIfd\fR]
-.if \n(LC [\fB\-c\fR\ \fIclass\fR|\fI\-\fR]
-[\fB\-g\fR\ \fIgroup\ name\fR|\fI#gid\fR] [\fB\-p\fR\ \fIprompt\fR]
-.if \n(SL [\fB\-r\fR\ \fIrole\fR] [\fB\-t\fR\ \fItype\fR]
-[\fB\-u\fR\ \fIuser\ name\fR|\fI#uid\fR]
-[\fB\s-1VAR\s0\fR=\fIvalue\fR] [\fB\-i\fR\ |\ \fB\-s\fR] [\fIcommand\fR]
-.PP
-\&\fBsudoedit\fR [\fB\-AnS\fR]
-.if \n(BA [\fB\-a\fR\ \fIauth_type\fR]
-[\fB\-C\fR\ \fIfd\fR]
-.if \n(LC [\fB\-c\fR\ \fIclass\fR|\fI\-\fR]
-[\fB\-g\fR\ \fIgroup\ name\fR|\fI#gid\fR] [\fB\-p\fR\ \fIprompt\fR]
-[\fB\-u\fR\ \fIuser\ name\fR|\fI#uid\fR] file ...
-.SH "DESCRIPTION"
-.IX Header "DESCRIPTION"
-\&\fBsudo\fR allows a permitted user to execute a \fIcommand\fR as the
-superuser or another user, as specified in the \fIsudoers\fR file.
-The real and effective uid and gid are set to match those of the
-target user as specified in the passwd file and the group vector
-is initialized based on the group file (unless the \fB\-P\fR option was
-specified). If the invoking user is root or if the target user is
-the same as the invoking user, no password is required. Otherwise,
-\&\fBsudo\fR requires that users authenticate themselves with a password
-by default (\s-1NOTE:\s0 in the default configuration this is the user's
-password, not the root password). Once a user has been authenticated,
-a time stamp is updated and the user may then use sudo without a
-password for a short period of time (\f(CW\*(C`5\*(C'\fR minutes unless
-overridden in \fIsudoers\fR).
-.PP
-When invoked as \fBsudoedit\fR, the \fB\-e\fR option (described below),
-is implied.
-.PP
-\&\fBsudo\fR determines who is an authorized user by consulting the file
-\&\fI/etc/sudoers\fR. By running \fBsudo\fR with the \fB\-v\fR option,
-a user can update the time stamp without running a \fIcommand\fR. If
-a password is required, \fBsudo\fR will exit if the user's password
-is not entered within a configurable time limit. The default
-password prompt timeout is
-.ie \n(PT \f(CW\*(C`5\*(C'\fR minutes.
-.el unlimited.
-.PP
-If a user who is not listed in the \fIsudoers\fR file tries to run a
-command via \fBsudo\fR, mail is sent to the proper authorities, as
-defined at configure time or in the \fIsudoers\fR file (defaults to
-\&\f(CW\*(C`root\*(C'\fR). Note that the mail will not be sent if an unauthorized
-user tries to run sudo with the \fB\-l\fR or \fB\-v\fR option. This allows
-users to determine for themselves whether or not they are allowed
-to use \fBsudo\fR.
-.PP
-If \fBsudo\fR is run by root and the \f(CW\*(C`SUDO_USER\*(C'\fR environment variable
-is set, \fBsudo\fR will use this value to determine who the actual
-user is. This can be used by a user to log commands through sudo
-even when a root shell has been invoked. It also allows the \fB\-e\fR
-option to remain useful even when being run via a sudo-run script or
-program. Note however, that the sudoers lookup is still done for
-root, not the user specified by \f(CW\*(C`SUDO_USER\*(C'\fR.
-.PP
-\&\fBsudo\fR can log both successful and unsuccessful attempts (as well
-as errors) to \fIsyslog\fR\|(3), a log file, or both. By default \fBsudo\fR
-will log via \fIsyslog\fR\|(3) but this is changeable at configure time
-or via the \fIsudoers\fR file.
-.SH "OPTIONS"
-.IX Header "OPTIONS"
-\&\fBsudo\fR accepts the following command line options:
-.IP "\-A" 12
-.IX Item "-A"
-Normally, if \fBsudo\fR requires a password, it will read it from the
-current terminal. If the \fB\-A\fR (\fIaskpass\fR) option is specified,
-a (possibly graphical) helper program is executed to read the
-user's password and output the password to the standard output. If
-the \f(CW\*(C`SUDO_ASKPASS\*(C'\fR environment variable is set, it specifies the
-path to the helper program. Otherwise, the value specified by the
-\&\fIaskpass\fR option in \fIsudoers\fR\|(5) is used.
-.if \n(BA \{\
-.IP "\-a \fItype\fR" 12
-.IX Item "-a type"
-The \fB\-a\fR (\fIauthentication type\fR) option causes \fBsudo\fR to use the
-specified authentication type when validating the user, as allowed
-by \fI/etc/login.conf\fR. The system administrator may specify a list
-of sudo-specific authentication methods by adding an \*(L"auth-sudo\*(R"
-entry in \fI/etc/login.conf\fR. This option is only available on systems
-that support \s-1BSD\s0 authentication.
-\}
-.IP "\-b" 12
-.IX Item "-b"
-The \fB\-b\fR (\fIbackground\fR) option tells \fBsudo\fR to run the given
-command in the background. Note that if you use the \fB\-b\fR
-option you cannot use shell job control to manipulate the process.
-.IP "\-C \fIfd\fR" 12
-.IX Item "-C fd"
-Normally, \fBsudo\fR will close all open file descriptors other than
-standard input, standard output and standard error. The \fB\-C\fR
-(\fIclose from\fR) option allows the user to specify a starting point
-above the standard error (file descriptor three). Values less than
-three are not permitted. This option is only available if the
-administrator has enabled the \fIclosefrom_override\fR option in
-\&\fIsudoers\fR\|(5).
-.if \n(LC \{\
-.IP "\-c \fIclass\fR" 12
-.IX Item "-c class"
-The \fB\-c\fR (\fIclass\fR) option causes \fBsudo\fR to run the specified command
-with resources limited by the specified login class. The \fIclass\fR
-argument can be either a class name as defined in \fI/etc/login.conf\fR,
-or a single '\-' character. Specifying a \fIclass\fR of \f(CW\*(C`\-\*(C'\fR indicates
-that the command should be run restricted by the default login
-capabilities for the user the command is run as. If the \fIclass\fR
-argument specifies an existing user class, the command must be run
-as root, or the \fBsudo\fR command must be run from a shell that is already
-root. This option is only available on systems with \s-1BSD\s0 login classes.
-\}
-.IP "\-E" 12
-.IX Item "-E"
-The \fB\-E\fR (\fIpreserve\fR \fIenvironment\fR) option will override the
-\&\fIenv_reset\fR option in \fIsudoers\fR\|(5)). It is only
-available when either the matching command has the \f(CW\*(C`SETENV\*(C'\fR tag
-or the \fIsetenv\fR option is set in \fIsudoers\fR\|(5).
-.IP "\-e" 12
-.IX Item "-e"
-The \fB\-e\fR (\fIedit\fR) option indicates that, instead of running
-a command, the user wishes to edit one or more files. In lieu
-of a command, the string \*(L"sudoedit\*(R" is used when consulting
-the \fIsudoers\fR file. If the user is authorized by \fIsudoers\fR
-the following steps are taken:
-.RS 12
-.IP "1." 4
-Temporary copies are made of the files to be edited with the owner
-set to the invoking user.
-.IP "2." 4
-The editor specified by the \f(CW\*(C`SUDO_EDITOR\*(C'\fR, \f(CW\*(C`VISUAL\*(C'\fR or \f(CW\*(C`EDITOR\*(C'\fR
-environment variables is run to edit the temporary files. If none
-of \f(CW\*(C`SUDO_EDITOR\*(C'\fR, \f(CW\*(C`VISUAL\*(C'\fR or \f(CW\*(C`EDITOR\*(C'\fR are set, the first program
-listed in the \fIeditor\fR \fIsudoers\fR variable is used.
-.IP "3." 4
-If they have been modified, the temporary files are copied back to
-their original location and the temporary versions are removed.
-.RE
-.RS 12
-.Sp
-If the specified file does not exist, it will be created. Note
-that unlike most commands run by \fBsudo\fR, the editor is run with
-the invoking user's environment unmodified. If, for some reason,
-\&\fBsudo\fR is unable to update a file with its edited version, the
-user will receive a warning and the edited copy will remain in a
-temporary file.
-.RE
-.IP "\-g \fIgroup\fR" 12
-.IX Item "-g group"
-Normally, \fBsudo\fR sets the primary group to the one specified by
-the passwd database for the user the command is being run as (by
-default, root). The \fB\-g\fR (\fIgroup\fR) option causes \fBsudo\fR to run
-the specified command with the primary group set to \fIgroup\fR. To
-specify a \fIgid\fR instead of a \fIgroup name\fR, use \fI#gid\fR. When
-running commands as a \fIgid\fR, many shells require that the '#' be
-escaped with a backslash ('\e'). If no \fB\-u\fR option is specified,
-the command will be run as the invoking user (not root). In either
-case, the primary group will be set to \fIgroup\fR.
-.IP "\-H" 12
-.IX Item "-H"
-The \fB\-H\fR (\fI\s-1HOME\s0\fR) option sets the \f(CW\*(C`HOME\*(C'\fR environment variable
-to the homedir of the target user (root by default) as specified
-in \fIpasswd\fR\|(5). The default handling of the \f(CW\*(C`HOME\*(C'\fR environment
-variable depends on \fIsudoers\fR\|(5) settings. By default, \fBsudo\fR
-will set \f(CW\*(C`HOME\*(C'\fR if \fIenv_reset\fR or \fIalways_set_home\fR are set, or
-if \fIset_home\fR is set and the \fB\-s\fR option is specified on the
-command line.
-.IP "\-h" 12
-.IX Item "-h"
-The \fB\-h\fR (\fIhelp\fR) option causes \fBsudo\fR to print a usage message and exit.
-.IP "\-i [command]" 12
-.IX Item "-i [command]"
-The \fB\-i\fR (\fIsimulate initial login\fR) option runs the shell specified
-in the \fIpasswd\fR\|(5) entry of the target user as a login shell. This
-means that login-specific resource files such as \f(CW\*(C`.profile\*(C'\fR or
-\&\f(CW\*(C`.login\*(C'\fR will be read by the shell. If a command is specified,
-it is passed to the shell for execution. Otherwise, an interactive
-shell is executed. \fBsudo\fR attempts to change to that user's home
-directory before running the shell. It also initializes the
-environment, leaving \fI\s-1DISPLAY\s0\fR and \fI\s-1TERM\s0\fR unchanged, setting
-\&\fI\s-1HOME\s0\fR, \fI\s-1MAIL\s0\fR, \fI\s-1SHELL\s0\fR, \fI\s-1USER\s0\fR, \fI\s-1LOGNAME\s0\fR, and \fI\s-1PATH\s0\fR, as well as
-the contents of \fI/etc/environment\fR on Linux and \s-1AIX\s0 systems.
-All other environment variables are removed.
-.IP "\-K" 12
-.IX Item "-K"
-The \fB\-K\fR (sure \fIkill\fR) option is like \fB\-k\fR except that it removes
-the user's time stamp entirely and may not be used in conjunction
-with a command or other option. This option does not require a
-password.
-.IP "\-k" 12
-.IX Item "-k"
-When used by itself, the \fB\-k\fR (\fIkill\fR) option to \fBsudo\fR invalidates
-the user's time stamp by setting the time on it to the Epoch. The
-next time \fBsudo\fR is run a password will be required. This option
-does not require a password and was added to allow a user to revoke
-\&\fBsudo\fR permissions from a .logout file.
-.Sp
-When used in conjunction with a command or an option that may require
-a password, the \fB\-k\fR option will cause \fBsudo\fR to ignore the user's
-time stamp file. As a result, \fBsudo\fR will prompt for a password
-(if one is required by \fIsudoers\fR) and will not update the user's
-time stamp file.
-.IP "\-L" 12
-.IX Item "-L"
-The \fB\-L\fR (\fIlist\fR defaults) option will list the parameters that
-may be set in a \fIDefaults\fR line along with a short description for
-each. This option will be removed from a future version of \fBsudo\fR.
-.IP "\-l[l] [\fIcommand\fR]" 12
-.IX Item "-l[l] [command]"
-If no \fIcommand\fR is specified, the \fB\-l\fR (\fIlist\fR) option will list
-the allowed (and forbidden) commands for the invoking user (or the
-user specified by the \fB\-U\fR option) on the current host. If a
-\&\fIcommand\fR is specified and is permitted by \fIsudoers\fR, the
-fully-qualified path to the command is displayed along with any
-command line arguments. If \fIcommand\fR is specified but not allowed,
-\&\fBsudo\fR will exit with a status value of 1. If the \fB\-l\fR option is
-specified with an \fBl\fR argument (i.e. \fB\-ll\fR), or if \fB\-l\fR
-is specified multiple times, a longer list format is used.
-.IP "\-n" 12
-.IX Item "-n"
-The \fB\-n\fR (\fInon-interactive\fR) option prevents \fBsudo\fR from prompting
-the user for a password. If a password is required for the command
-to run, \fBsudo\fR will display an error messages and exit.
-.IP "\-P" 12
-.IX Item "-P"
-The \fB\-P\fR (\fIpreserve\fR \fIgroup vector\fR) option causes \fBsudo\fR to
-preserve the invoking user's group vector unaltered. By default,
-\&\fBsudo\fR will initialize the group vector to the list of groups the
-target user is in. The real and effective group IDs, however, are
-still set to match the target user.
-.IP "\-p \fIprompt\fR" 12
-.IX Item "-p prompt"
-The \fB\-p\fR (\fIprompt\fR) option allows you to override the default
-password prompt and use a custom one. The following percent (`\f(CW\*(C`%\*(C'\fR')
-escapes are supported:
-.RS 12
-.ie n .IP "%H" 4
-.el .IP "\f(CW%H\fR" 4
-.IX Item "%H"
-expanded to the local host name including the domain name
-(on if the machine's host name is fully qualified or the \fIfqdn\fR
-\&\fIsudoers\fR option is set)
-.ie n .IP "%h" 4
-.el .IP "\f(CW%h\fR" 4
-.IX Item "%h"
-expanded to the local host name without the domain name
-.ie n .IP "%p" 4
-.el .IP "\f(CW%p\fR" 4
-.IX Item "%p"
-expanded to the user whose password is being asked for (respects the
-\&\fIrootpw\fR, \fItargetpw\fR and \fIrunaspw\fR flags in \fIsudoers\fR)
-.ie n .IP "%U" 4
-.el .IP "\f(CW%U\fR" 4
-.IX Item "%U"
-expanded to the login name of the user the command will
-be run as (defaults to root)
-.ie n .IP "%u" 4
-.el .IP "\f(CW%u\fR" 4
-.IX Item "%u"
-expanded to the invoking user's login name
-.ie n .IP "\*(C`%%\*(C'" 4
-.el .IP "\f(CW\*(C`%%\*(C'\fR" 4
-.IX Item "%%"
-two consecutive \f(CW\*(C`%\*(C'\fR characters are collapsed into a single \f(CW\*(C`%\*(C'\fR character
-.RE
-.RS 12
-.Sp
-The prompt specified by the \fB\-p\fR option will override the system
-password prompt on systems that support \s-1PAM\s0 unless the
-\&\fIpassprompt_override\fR flag is disabled in \fIsudoers\fR.
-.RE
-.if \n(SL \{\
-.IP "\-r \fIrole\fR" 12
-.IX Item "-r role"
-The \fB\-r\fR (\fIrole\fR) option causes the new (SELinux) security context to
-have the role specified by \fIrole\fR.
-\}
-.IP "\-S" 12
-.IX Item "-S"
-The \fB\-S\fR (\fIstdin\fR) option causes \fBsudo\fR to read the password from
-the standard input instead of the terminal device. The password must
-be followed by a newline character.
-.IP "\-s [command]" 12
-.IX Item "-s [command]"
-The \fB\-s\fR (\fIshell\fR) option runs the shell specified by the \fI\s-1SHELL\s0\fR
-environment variable if it is set or the shell as specified in
-\&\fIpasswd\fR\|(5). If a command is specified, it is passed to the shell
-for execution. Otherwise, an interactive shell is executed.
-.if \n(SL \{\
-.IP "\-t \fItype\fR" 12
-.IX Item "-t type"
-The \fB\-t\fR (\fItype\fR) option causes the new (SELinux) security context to
-have the type specified by \fItype\fR. If no type is specified, the default
-type is derived from the specified role.
-\}
-.IP "\-U \fIuser\fR" 12
-.IX Item "-U user"
-The \fB\-U\fR (\fIother user\fR) option is used in conjunction with the \fB\-l\fR
-option to specify the user whose privileges should be listed. Only
-root or a user with \fBsudo\fR \f(CW\*(C`ALL\*(C'\fR on the current host may use this
-option.
-.IP "\-u \fIuser\fR" 12
-.IX Item "-u user"
-The \fB\-u\fR (\fIuser\fR) option causes \fBsudo\fR to run the specified
-command as a user other than \fIroot\fR. To specify a \fIuid\fR instead
-of a \fIuser name\fR, use \fI#uid\fR. When running commands as a \fIuid\fR,
-many shells require that the '#' be escaped with a backslash ('\e').
-Note that if the \fItargetpw\fR Defaults option is set (see \fIsudoers\fR\|(5))
-it is not possible to run commands with a uid not listed in the
-password database.
-.IP "\-V" 12
-.IX Item "-V"
-The \fB\-V\fR (\fIversion\fR) option causes \fBsudo\fR to print the version
-number and exit. If the invoking user is already root the \fB\-V\fR
-option will print out a list of the defaults \fBsudo\fR was compiled
-with as well as the machine's local network addresses.
-.IP "\-v" 12
-.IX Item "-v"
-If given the \fB\-v\fR (\fIvalidate\fR) option, \fBsudo\fR will update the
-user's time stamp, prompting for the user's password if necessary.
-This extends the \fBsudo\fR timeout for another \f(CW\*(C`5\*(C'\fR minutes
-(or whatever the timeout is set to in \fIsudoers\fR) but does not run
-a command.
-.IP "\-\-" 12
-The \fB\-\-\fR option indicates that \fBsudo\fR should stop processing command
-line arguments.
-.PP
-Environment variables to be set for the command may also be passed
-on the command line in the form of \fB\s-1VAR\s0\fR=\fIvalue\fR, e.g.
-\&\fB\s-1LD_LIBRARY_PATH\s0\fR=\fI/usr/local/pkg/lib\fR. Variables passed on the
-command line are subject to the same restrictions as normal environment
-variables with one important exception. If the \fIsetenv\fR option
-is set in \fIsudoers\fR, the command to be run has the \f(CW\*(C`SETENV\*(C'\fR tag
-set or the command matched is \f(CW\*(C`ALL\*(C'\fR, the user may set variables
-that would overwise be forbidden. See \fIsudoers\fR\|(5) for more information.
-.SH "RETURN VALUES"
-.IX Header "RETURN VALUES"
-Upon successful execution of a program, the exit status from \fBsudo\fR
-will simply be the exit status of the program that was executed.
-.PP
-Otherwise, \fBsudo\fR quits with an exit value of 1 if there is a
-configuration/permission problem or if \fBsudo\fR cannot execute the
-given command. In the latter case the error string is printed to
-stderr. If \fBsudo\fR cannot \fIstat\fR\|(2) one or more entries in the user's
-\&\f(CW\*(C`PATH\*(C'\fR an error is printed on stderr. (If the directory does not
-exist or if it is not really a directory, the entry is ignored and
-no error is printed.) This should not happen under normal
-circumstances. The most common reason for \fIstat\fR\|(2) to return
-\&\*(L"permission denied\*(R" is if you are running an automounter and one
-of the directories in your \f(CW\*(C`PATH\*(C'\fR is on a machine that is currently
-unreachable.
-.SH "SECURITY NOTES"
-.IX Header "SECURITY NOTES"
-\&\fBsudo\fR tries to be safe when executing external commands.
-.PP
-There are two distinct ways to deal with environment variables.
-By default, the \fIenv_reset\fR \fIsudoers\fR option is enabled.
-This causes commands to be executed with a minimal environment
-containing \f(CW\*(C`TERM\*(C'\fR, \f(CW\*(C`PATH\*(C'\fR, \f(CW\*(C`HOME\*(C'\fR, \f(CW\*(C`SHELL\*(C'\fR, \f(CW\*(C`LOGNAME\*(C'\fR, \f(CW\*(C`USER\*(C'\fR
-and \f(CW\*(C`USERNAME\*(C'\fR in addition to variables from the invoking process
-permitted by the \fIenv_check\fR and \fIenv_keep\fR \fIsudoers\fR options.
-There is effectively a whitelist for environment variables.
-.PP
-If, however, the \fIenv_reset\fR option is disabled in \fIsudoers\fR, any
-variables not explicitly denied by the \fIenv_check\fR and \fIenv_delete\fR
-options are inherited from the invoking process. In this case,
-\&\fIenv_check\fR and \fIenv_delete\fR behave like a blacklist. Since it
-is not possible to blacklist all potentially dangerous environment
-variables, use of the default \fIenv_reset\fR behavior is encouraged.
-.PP
-In all cases, environment variables with a value beginning with
-\&\f(CW\*(C`()\*(C'\fR are removed as they could be interpreted as \fBbash\fR functions.
-The list of environment variables that \fBsudo\fR allows or denies is
-contained in the output of \f(CW\*(C`sudo \-V\*(C'\fR when run as root.
-.PP
-Note that the dynamic linker on most operating systems will remove
-variables that can control dynamic linking from the environment of
-setuid executables, including \fBsudo\fR. Depending on the operating
-system this may include \f(CW\*(C`_RLD*\*(C'\fR, \f(CW\*(C`DYLD_*\*(C'\fR, \f(CW\*(C`LD_*\*(C'\fR, \f(CW\*(C`LDR_*\*(C'\fR,
-\&\f(CW\*(C`LIBPATH\*(C'\fR, \f(CW\*(C`SHLIB_PATH\*(C'\fR, and others. These type of variables are
-removed from the environment before \fBsudo\fR even begins execution
-and, as such, it is not possible for \fBsudo\fR to preserve them.
-.PP
-To prevent command spoofing, \fBsudo\fR checks \*(L".\*(R" and "" (both denoting
-current directory) last when searching for a command in the user's
-\&\s-1PATH\s0 (if one or both are in the \s-1PATH\s0). Note, however, that the
-actual \f(CW\*(C`PATH\*(C'\fR environment variable is \fInot\fR modified and is passed
-unchanged to the program that \fBsudo\fR executes.
-.PP
-\&\fBsudo\fR will check the ownership of its time stamp directory
-(\fI/var/db/sudo\fR by default) and ignore the directory's contents if
-it is not owned by root or if it is writable by a user other than
-root. On systems that allow non-root users to give away files via
-\&\fIchown\fR\|(2), if the time stamp directory is located in a directory
-writable by anyone (e.g., \fI/tmp\fR), it is possible for a user to
-create the time stamp directory before \fBsudo\fR is run. However,
-because \fBsudo\fR checks the ownership and mode of the directory and
-its contents, the only damage that can be done is to \*(L"hide\*(R" files
-by putting them in the time stamp dir. This is unlikely to happen
-since once the time stamp dir is owned by root and inaccessible by
-any other user, the user placing files there would be unable to get
-them back out. To get around this issue you can use a directory
-that is not world-writable for the time stamps (\fI/var/adm/sudo\fR for
-instance) or create \fI/var/db/sudo\fR with the appropriate owner (root)
-and permissions (0700) in the system startup files.
-.PP
-\&\fBsudo\fR will not honor time stamps set far in the future.
-Timestamps with a date greater than current_time + 2 * \f(CW\*(C`TIMEOUT\*(C'\fR
-will be ignored and sudo will log and complain. This is done to
-keep a user from creating his/her own time stamp with a bogus
-date on systems that allow users to give away files.
-.PP
-On systems where the boot time is available, \fBsudo\fR will also not
-honor time stamps from before the machine booted.
-.PP
-Since time stamp files live in the file system, they can outlive a
-user's login session. As a result, a user may be able to login,
-run a command with \fBsudo\fR after authenticating, logout, login
-again, and run \fBsudo\fR without authenticating so long as the time
-stamp file's modification time is within \f(CW\*(C`5\*(C'\fR minutes (or
-whatever the timeout is set to in \fIsudoers\fR). When the \fItty_tickets\fR
-option is enabled in \fIsudoers\fR, the time stamp has per-tty granularity
-but still may outlive the user's session. On Linux systems where
-the devpts filesystem is used, Solaris systems with the devices
-filesystem, as well as other systems that utilize a devfs filesystem
-that monotonically increase the inode number of devices as they are
-created (such as Mac \s-1OS\s0 X), \fBsudo\fR is able to determine when a
-tty-based time stamp file is stale and will ignore it. Administrators
-should not rely on this feature as it is not universally available.
-.PP
-Please note that \fBsudo\fR will normally only log the command it
-explicitly runs. If a user runs a command such as \f(CW\*(C`sudo su\*(C'\fR or
-\&\f(CW\*(C`sudo sh\*(C'\fR, subsequent commands run from that shell will \fInot\fR be
-logged, nor will \fBsudo\fR's access control affect them. The same
-is true for commands that offer shell escapes (including most
-editors). Because of this, care must be taken when giving users
-access to commands via \fBsudo\fR to verify that the command does not
-inadvertently give the user an effective root shell. For more
-information, please see the \f(CW\*(C`PREVENTING SHELL ESCAPES\*(C'\fR section in
-\&\fIsudoers\fR\|(5).
-.SH "ENVIRONMENT"
-.IX Header "ENVIRONMENT"
-\&\fBsudo\fR utilizes the following environment variables:
-.ie n .IP "\*(C`EDITOR\*(C'" 16
-.el .IP "\f(CW\*(C`EDITOR\*(C'\fR" 16
-.IX Item "EDITOR"
-Default editor to use in \fB\-e\fR (sudoedit) mode if neither \f(CW\*(C`SUDO_EDITOR\*(C'\fR
-nor \f(CW\*(C`VISUAL\*(C'\fR is set
-.ie n .IP "\*(C`MAIL\*(C'" 16
-.el .IP "\f(CW\*(C`MAIL\*(C'\fR" 16
-.IX Item "MAIL"
-In \fB\-i\fR mode or when \fIenv_reset\fR is enabled in \fIsudoers\fR, set
-to the mail spool of the target user
-.ie n .IP "\*(C`HOME\*(C'" 16
-.el .IP "\f(CW\*(C`HOME\*(C'\fR" 16
-.IX Item "HOME"
-Set to the home directory of the target user if \fB\-i\fR or \fB\-H\fR are
-specified, \fIenv_reset\fR or \fIalways_set_home\fR are set in \fIsudoers\fR,
-or when the \fB\-s\fR option is specified and \fIset_home\fR is set in
-\&\fIsudoers\fR
-.ie n .IP "\*(C`PATH\*(C'" 16
-.el .IP "\f(CW\*(C`PATH\*(C'\fR" 16
-.IX Item "PATH"
-Set to a sane value if the \fIsecure_path\fR sudoers option is set.
-.ie n .IP "\*(C`SHELL\*(C'" 16
-.el .IP "\f(CW\*(C`SHELL\*(C'\fR" 16
-.IX Item "SHELL"
-Used to determine shell to run with \f(CW\*(C`\-s\*(C'\fR option
-.ie n .IP "\*(C`SUDO_ASKPASS\*(C'" 16
-.el .IP "\f(CW\*(C`SUDO_ASKPASS\*(C'\fR" 16
-.IX Item "SUDO_ASKPASS"
-Specifies the path to a helper program used to read the password
-if no terminal is available or if the \f(CW\*(C`\-A\*(C'\fR option is specified.
-.ie n .IP "\*(C`SUDO_COMMAND\*(C'" 16
-.el .IP "\f(CW\*(C`SUDO_COMMAND\*(C'\fR" 16
-.IX Item "SUDO_COMMAND"
-Set to the command run by sudo
-.ie n .IP "\*(C`SUDO_EDITOR\*(C'" 16
-.el .IP "\f(CW\*(C`SUDO_EDITOR\*(C'\fR" 16
-.IX Item "SUDO_EDITOR"
-Default editor to use in \fB\-e\fR (sudoedit) mode
-.ie n .IP "\*(C`SUDO_GID\*(C'" 16
-.el .IP "\f(CW\*(C`SUDO_GID\*(C'\fR" 16
-.IX Item "SUDO_GID"
-Set to the group \s-1ID\s0 of the user who invoked sudo
-.ie n .IP "\*(C`SUDO_PROMPT\*(C'" 16
-.el .IP "\f(CW\*(C`SUDO_PROMPT\*(C'\fR" 16
-.IX Item "SUDO_PROMPT"
-Used as the default password prompt
-.ie n .IP "\*(C`SUDO_PS1\*(C'" 16
-.el .IP "\f(CW\*(C`SUDO_PS1\*(C'\fR" 16
-.IX Item "SUDO_PS1"
-If set, \f(CW\*(C`PS1\*(C'\fR will be set to its value for the program being run
-.ie n .IP "\*(C`SUDO_UID\*(C'" 16
-.el .IP "\f(CW\*(C`SUDO_UID\*(C'\fR" 16
-.IX Item "SUDO_UID"
-Set to the user \s-1ID\s0 of the user who invoked sudo
-.ie n .IP "\*(C`SUDO_USER\*(C'" 16
-.el .IP "\f(CW\*(C`SUDO_USER\*(C'\fR" 16
-.IX Item "SUDO_USER"
-Set to the login of the user who invoked sudo
-.ie n .IP "\*(C`USER\*(C'" 16
-.el .IP "\f(CW\*(C`USER\*(C'\fR" 16
-.IX Item "USER"
-Set to the target user (root unless the \fB\-u\fR option is specified)
-.ie n .IP "\*(C`VISUAL\*(C'" 16
-.el .IP "\f(CW\*(C`VISUAL\*(C'\fR" 16
-.IX Item "VISUAL"
-Default editor to use in \fB\-e\fR (sudoedit) mode if \f(CW\*(C`SUDO_EDITOR\*(C'\fR
-is not set
-.SH "FILES"
-.IX Header "FILES"
-.ie n .IP "\fI/etc/sudoers\fR" 24
-.el .IP "\fI/etc/sudoers\fR" 24
-.IX Item "/etc/sudoers"
-List of who can run what
-.ie n .IP "\fI/var/db/sudo\fR" 24
-.el .IP "\fI/var/db/sudo\fR" 24
-.IX Item "/var/db/sudo"
-Directory containing time stamps
-.IP "\fI/etc/environment\fR" 24
-.IX Item "/etc/environment"
-Initial environment for \fB\-i\fR mode on Linux and \s-1AIX\s0
-.SH "EXAMPLES"
-.IX Header "EXAMPLES"
-Note: the following examples assume suitable \fIsudoers\fR\|(5) entries.
-.PP
-To get a file listing of an unreadable directory:
-.PP
-.Vb 1
-\& $ sudo ls /usr/local/protected
-.Ve
-.PP
-To list the home directory of user yaz on a machine where the
-file system holding ~yaz is not exported as root:
-.PP
-.Vb 1
-\& $ sudo \-u yaz ls ~yaz
-.Ve
-.PP
-To edit the \fIindex.html\fR file as user www:
-.PP
-.Vb 1
-\& $ sudo \-u www vi ~www/htdocs/index.html
-.Ve
-.PP
-To view system logs only accessible to root and users in the adm group:
-.PP
-.Vb 1
-\& $ sudo \-g adm view /var/log/syslog
-.Ve
-.PP
-To run an editor as jim with a different primary group:
-.PP
-.Vb 1
-\& $ sudo \-u jim \-g audio vi ~jim/sound.txt
-.Ve
-.PP
-To shutdown a machine:
-.PP
-.Vb 1
-\& $ sudo shutdown \-r +15 "quick reboot"
-.Ve
-.PP
-To make a usage listing of the directories in the /home
-partition. Note that this runs the commands in a sub-shell
-to make the \f(CW\*(C`cd\*(C'\fR and file redirection work.
-.PP
-.Vb 1
-\& $ sudo sh \-c "cd /home ; du \-s * | sort \-rn > USAGE"
-.Ve
-.SH "SEE ALSO"
-.IX Header "SEE ALSO"
-\&\fIgrep\fR\|(1), \fIsu\fR\|(1), \fIstat\fR\|(2),
-.if \n(LC \&\fIlogin_cap\fR\|(3),
-\&\fIpasswd\fR\|(5), \fIsudoers\fR\|(5), \fIvisudo\fR\|(8)
-.SH "AUTHORS"
-.IX Header "AUTHORS"
-Many people have worked on \fBsudo\fR over the years; this
-version consists of code written primarily by:
-.PP
-.Vb 1
-\& Todd C. Miller
-.Ve
-.PP
-See the \s-1HISTORY\s0 file in the \fBsudo\fR distribution or visit
-http://www.sudo.ws/sudo/history.html for a short history
-of \fBsudo\fR.
-.SH "CAVEATS"
-.IX Header "CAVEATS"
-There is no easy way to prevent a user from gaining a root shell
-if that user is allowed to run arbitrary commands via \fBsudo\fR.
-Also, many programs (such as editors) allow the user to run commands
-via shell escapes, thus avoiding \fBsudo\fR's checks. However, on
-most systems it is possible to prevent shell escapes with \fBsudo\fR's
-\&\fInoexec\fR functionality. See the \fIsudoers\fR\|(5) manual
-for details.
-.PP
-It is not meaningful to run the \f(CW\*(C`cd\*(C'\fR command directly via sudo, e.g.,
-.PP
-.Vb 1
-\& $ sudo cd /usr/local/protected
-.Ve
-.PP
-since when the command exits the parent process (your shell) will
-still be the same. Please see the \s-1EXAMPLES\s0 section for more information.
-.PP
-If users have sudo \f(CW\*(C`ALL\*(C'\fR there is nothing to prevent them from
-creating their own program that gives them a root shell regardless
-of any '!' elements in the user specification.
-.PP
-Running shell scripts via \fBsudo\fR can expose the same kernel bugs that
-make setuid shell scripts unsafe on some operating systems (if your \s-1OS\s0
-has a /dev/fd/ directory, setuid shell scripts are generally safe).
-.SH "BUGS"
-.IX Header "BUGS"
-If you feel you have found a bug in \fBsudo\fR, please submit a bug report
-at http://www.sudo.ws/sudo/bugs/
-.SH "SUPPORT"
-.IX Header "SUPPORT"
-Limited free support is available via the sudo-users mailing list,
-see http://www.sudo.ws/mailman/listinfo/sudo\-users to subscribe or
-search the archives.
-.SH "DISCLAIMER"
-.IX Header "DISCLAIMER"
-\&\fBsudo\fR is provided ``\s-1AS\s0 \s-1IS\s0'' and any express or implied warranties,
-including, but not limited to, the implied warranties of merchantability
-and fitness for a particular purpose are disclaimed. See the \s-1LICENSE\s0
-file distributed with \fBsudo\fR or http://www.sudo.ws/sudo/license.html
-for complete details.
Modified: trunk/contrib/sudo/sudo.man.in
===================================================================
--- trunk/contrib/sudo/sudo.man.in 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudo.man.in 2014-10-02 03:20:49 UTC (rev 6803)
@@ -23,7 +23,7 @@
.nr LC @LCMAN@
.nr PT @password_timeout@
.\"
-.\" Automatically generated by Pod::Man 2.22 (Pod::Simple 3.07)
+.\" Automatically generated by Pod::Man 2.23 (Pod::Simple 3.14)
.\"
.\" Standard preamble:
.\" ========================================================================
@@ -149,7 +149,7 @@
.\" ========================================================================
.\"
.IX Title "SUDO @mansectsu@"
-.TH SUDO @mansectsu@ "July 19, 2010" "1.7.4" "MAINTENANCE COMMANDS"
+.TH SUDO @mansectsu@ "February 21, 2011" "1.7.5rc1" "MAINTENANCE COMMANDS"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@@ -339,7 +339,8 @@
command line.
.IP "\-h" 12
.IX Item "-h"
-The \fB\-h\fR (\fIhelp\fR) option causes \fBsudo\fR to print a usage message and exit.
+The \fB\-h\fR (\fIhelp\fR) option causes \fBsudo\fR to print a short help message
+to the standard output and exit.
.IP "\-i [command]" 12
.IX Item "-i [command]"
The \fB\-i\fR (\fIsimulate initial login\fR) option runs the shell specified
Deleted: trunk/contrib/sudo/sudo.pod
===================================================================
--- trunk/contrib/sudo/sudo.pod 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudo.pod 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,701 +0,0 @@
-Copyright (c) 1994-1996, 1998-2005, 2007-2010
- Todd C. Miller <Todd.Miller at courtesan.com>
-
-Permission to use, copy, modify, and distribute this software for any
-purpose with or without fee is hereby granted, provided that the above
-copyright notice and this permission notice appear in all copies.
-
-THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-Sponsored in part by the Defense Advanced Research Projects
-Agency (DARPA) and Air Force Research Laboratory, Air Force
-Materiel Command, USAF, under agreement number F39502-99-1-0512.
-
-=pod
-
-=head1 NAME
-
-sudo, sudoedit - execute a command as another user
-
-=head1 SYNOPSIS
-
-B<sudo> B<-h> | B<-K> | B<-k> | B<-L> | B<-V>
-
-B<sudo> B<-v> [B<-AknS>]
-S<[B<-a> I<auth_type>]>
-S<[B<-g> I<group name>|I<#gid>]> S<[B<-p> I<prompt>]>
-S<[B<-u> I<username>|I<#uid>]>
-
-B<sudo> B<-l[l]> [B<-AknS>]
-S<[B<-a> I<auth_type>]>
-S<[B<-g> I<group name>|I<#gid>]> S<[B<-p> I<prompt>]>
-S<[B<-U> I<user name>]> S<[B<-u> I<user name>|I<#uid>]> [I<command>]
-
-B<sudo> [B<-AbEHnPS>]
-S<[B<-a> I<auth_type>]>
-S<[B<-C> I<fd>]>
-S<[B<-c> I<class>|I<->]>
-S<[B<-g> I<group name>|I<#gid>]> S<[B<-p> I<prompt>]>
-S<[B<-r> I<role>]> S<[B<-t> I<type>]>
-S<[B<-u> I<user name>|I<#uid>]>
-S<[B<VAR>=I<value>]> S<[B<-i> | B<-s>]> [I<command>]
-
-B<sudoedit> [B<-AnS>]
-S<[B<-a> I<auth_type>]>
-S<[B<-C> I<fd>]>
-S<[B<-c> I<class>|I<->]>
-S<[B<-g> I<group name>|I<#gid>]> S<[B<-p> I<prompt>]>
-S<[B<-u> I<user name>|I<#uid>]> file ...
-
-=head1 DESCRIPTION
-
-B<sudo> allows a permitted user to execute a I<command> as the
-superuser or another user, as specified in the I<sudoers> file.
-The real and effective uid and gid are set to match those of the
-target user as specified in the passwd file and the group vector
-is initialized based on the group file (unless the B<-P> option was
-specified). If the invoking user is root or if the target user is
-the same as the invoking user, no password is required. Otherwise,
-B<sudo> requires that users authenticate themselves with a password
-by default (NOTE: in the default configuration this is the user's
-password, not the root password). Once a user has been authenticated,
-a time stamp is updated and the user may then use sudo without a
-password for a short period of time (C<@timeout@> minutes unless
-overridden in I<sudoers>).
-
-When invoked as B<sudoedit>, the B<-e> option (described below),
-is implied.
-
-B<sudo> determines who is an authorized user by consulting the file
-F<@sysconfdir@/sudoers>. By running B<sudo> with the B<-v> option,
-a user can update the time stamp without running a I<command>. If
-a password is required, B<sudo> will exit if the user's password
-is not entered within a configurable time limit. The default
-password prompt timeout is C<@password_timeout@> minutes.
-
-If a user who is not listed in the I<sudoers> file tries to run a
-command via B<sudo>, mail is sent to the proper authorities, as
-defined at configure time or in the I<sudoers> file (defaults to
-C<@mailto@>). Note that the mail will not be sent if an unauthorized
-user tries to run sudo with the B<-l> or B<-v> option. This allows
-users to determine for themselves whether or not they are allowed
-to use B<sudo>.
-
-If B<sudo> is run by root and the C<SUDO_USER> environment variable
-is set, B<sudo> will use this value to determine who the actual
-user is. This can be used by a user to log commands through sudo
-even when a root shell has been invoked. It also allows the B<-e>
-option to remain useful even when being run via a sudo-run script or
-program. Note however, that the sudoers lookup is still done for
-root, not the user specified by C<SUDO_USER>.
-
-B<sudo> can log both successful and unsuccessful attempts (as well
-as errors) to syslog(3), a log file, or both. By default B<sudo>
-will log via syslog(3) but this is changeable at configure time
-or via the I<sudoers> file.
-
-=head1 OPTIONS
-
-B<sudo> accepts the following command line options:
-
-=over 12
-
-=item -A
-
-Normally, if B<sudo> requires a password, it will read it from the
-current terminal. If the B<-A> (I<askpass>) option is specified,
-a (possibly graphical) helper program is executed to read the
-user's password and output the password to the standard output. If
-the C<SUDO_ASKPASS> environment variable is set, it specifies the
-path to the helper program. Otherwise, the value specified by the
-I<askpass> option in L<sudoers(5)> is used.
-
-=item -a I<type>
-
-The B<-a> (I<authentication type>) option causes B<sudo> to use the
-specified authentication type when validating the user, as allowed
-by F</etc/login.conf>. The system administrator may specify a list
-of sudo-specific authentication methods by adding an "auth-sudo"
-entry in F</etc/login.conf>. This option is only available on systems
-that support BSD authentication.
-
-=item -b
-
-The B<-b> (I<background>) option tells B<sudo> to run the given
-command in the background. Note that if you use the B<-b>
-option you cannot use shell job control to manipulate the process.
-
-=item -C I<fd>
-
-Normally, B<sudo> will close all open file descriptors other than
-standard input, standard output and standard error. The B<-C>
-(I<close from>) option allows the user to specify a starting point
-above the standard error (file descriptor three). Values less than
-three are not permitted. This option is only available if the
-administrator has enabled the I<closefrom_override> option in
-L<sudoers(5)>.
-
-=item -c I<class>
-
-The B<-c> (I<class>) option causes B<sudo> to run the specified command
-with resources limited by the specified login class. The I<class>
-argument can be either a class name as defined in F</etc/login.conf>,
-or a single '-' character. Specifying a I<class> of C<-> indicates
-that the command should be run restricted by the default login
-capabilities for the user the command is run as. If the I<class>
-argument specifies an existing user class, the command must be run
-as root, or the B<sudo> command must be run from a shell that is already
-root. This option is only available on systems with BSD login classes.
-
-=item -E
-
-The B<-E> (I<preserve> I<environment>) option will override the
-I<env_reset> option in L<sudoers(5)>). It is only
-available when either the matching command has the C<SETENV> tag
-or the I<setenv> option is set in L<sudoers(5)>.
-
-=item -e
-
-The B<-e> (I<edit>) option indicates that, instead of running
-a command, the user wishes to edit one or more files. In lieu
-of a command, the string "sudoedit" is used when consulting
-the I<sudoers> file. If the user is authorized by I<sudoers>
-the following steps are taken:
-
-=over 4
-
-=item 1.
-
-Temporary copies are made of the files to be edited with the owner
-set to the invoking user.
-
-=item 2.
-
-The editor specified by the C<SUDO_EDITOR>, C<VISUAL> or C<EDITOR>
-environment variables is run to edit the temporary files. If none
-of C<SUDO_EDITOR>, C<VISUAL> or C<EDITOR> are set, the first program
-listed in the I<editor> I<sudoers> variable is used.
-
-=item 3.
-
-If they have been modified, the temporary files are copied back to
-their original location and the temporary versions are removed.
-
-=back
-
-If the specified file does not exist, it will be created. Note
-that unlike most commands run by B<sudo>, the editor is run with
-the invoking user's environment unmodified. If, for some reason,
-B<sudo> is unable to update a file with its edited version, the
-user will receive a warning and the edited copy will remain in a
-temporary file.
-
-=item -g I<group>
-
-Normally, B<sudo> sets the primary group to the one specified by
-the passwd database for the user the command is being run as (by
-default, root). The B<-g> (I<group>) option causes B<sudo> to run
-the specified command with the primary group set to I<group>. To
-specify a I<gid> instead of a I<group name>, use I<#gid>. When
-running commands as a I<gid>, many shells require that the '#' be
-escaped with a backslash ('\'). If no B<-u> option is specified,
-the command will be run as the invoking user (not root). In either
-case, the primary group will be set to I<group>.
-
-=item -H
-
-The B<-H> (I<HOME>) option sets the C<HOME> environment variable
-to the homedir of the target user (root by default) as specified
-in passwd(5). The default handling of the C<HOME> environment
-variable depends on L<sudoers(5)> settings. By default, B<sudo>
-will set C<HOME> if I<env_reset> or I<always_set_home> are set, or
-if I<set_home> is set and the B<-s> option is specified on the
-command line.
-
-=item -h
-
-The B<-h> (I<help>) option causes B<sudo> to print a usage message and exit.
-
-=item -i [command]
-
-The B<-i> (I<simulate initial login>) option runs the shell specified
-in the L<passwd(5)> entry of the target user as a login shell. This
-means that login-specific resource files such as C<.profile> or
-C<.login> will be read by the shell. If a command is specified,
-it is passed to the shell for execution. Otherwise, an interactive
-shell is executed. B<sudo> attempts to change to that user's home
-directory before running the shell. It also initializes the
-environment, leaving I<DISPLAY> and I<TERM> unchanged, setting
-I<HOME>, I<MAIL>, I<SHELL>, I<USER>, I<LOGNAME>, and I<PATH>, as well as
-the contents of F</etc/environment> on Linux and AIX systems.
-All other environment variables are removed.
-
-=item -K
-
-The B<-K> (sure I<kill>) option is like B<-k> except that it removes
-the user's time stamp entirely and may not be used in conjunction
-with a command or other option. This option does not require a
-password.
-
-=item -k
-
-When used by itself, the B<-k> (I<kill>) option to B<sudo> invalidates
-the user's time stamp by setting the time on it to the Epoch. The
-next time B<sudo> is run a password will be required. This option
-does not require a password and was added to allow a user to revoke
-B<sudo> permissions from a .logout file.
-
-When used in conjunction with a command or an option that may require
-a password, the B<-k> option will cause B<sudo> to ignore the user's
-time stamp file. As a result, B<sudo> will prompt for a password
-(if one is required by I<sudoers>) and will not update the user's
-time stamp file.
-
-=item -L
-
-The B<-L> (I<list> defaults) option will list the parameters that
-may be set in a I<Defaults> line along with a short description for
-each. This option will be removed from a future version of B<sudo>.
-
-=item -l[l] [I<command>]
-
-If no I<command> is specified, the B<-l> (I<list>) option will list
-the allowed (and forbidden) commands for the invoking user (or the
-user specified by the B<-U> option) on the current host. If a
-I<command> is specified and is permitted by I<sudoers>, the
-fully-qualified path to the command is displayed along with any
-command line arguments. If I<command> is specified but not allowed,
-B<sudo> will exit with a status value of 1. If the B<-l> option is
-specified with an B<l> argument (i.e. B<-ll>), or if B<-l>
-is specified multiple times, a longer list format is used.
-
-=item -n
-
-The B<-n> (I<non-interactive>) option prevents B<sudo> from prompting
-the user for a password. If a password is required for the command
-to run, B<sudo> will display an error messages and exit.
-
-=item -P
-
-The B<-P> (I<preserve> I<group vector>) option causes B<sudo> to
-preserve the invoking user's group vector unaltered. By default,
-B<sudo> will initialize the group vector to the list of groups the
-target user is in. The real and effective group IDs, however, are
-still set to match the target user.
-
-=item -p I<prompt>
-
-The B<-p> (I<prompt>) option allows you to override the default
-password prompt and use a custom one. The following percent (`C<%>')
-escapes are supported:
-
-=over 4
-
-=item C<%H>
-
-expanded to the local host name including the domain name
-(on if the machine's host name is fully qualified or the I<fqdn>
-I<sudoers> option is set)
-
-=item C<%h>
-
-expanded to the local host name without the domain name
-
-=item C<%p>
-
-expanded to the user whose password is being asked for (respects the
-I<rootpw>, I<targetpw> and I<runaspw> flags in I<sudoers>)
-
-=item C<%U>
-
-expanded to the login name of the user the command will
-be run as (defaults to root)
-
-=item C<%u>
-
-expanded to the invoking user's login name
-
-=item C<%%>
-
-two consecutive C<%> characters are collapsed into a single C<%> character
-
-=back
-
-The prompt specified by the B<-p> option will override the system
-password prompt on systems that support PAM unless the
-I<passprompt_override> flag is disabled in I<sudoers>.
-
-=item -r I<role>
-
-The B<-r> (I<role>) option causes the new (SELinux) security context to
-have the role specified by I<role>.
-
-=item -S
-
-The B<-S> (I<stdin>) option causes B<sudo> to read the password from
-the standard input instead of the terminal device. The password must
-be followed by a newline character.
-
-=item -s [command]
-
-The B<-s> (I<shell>) option runs the shell specified by the I<SHELL>
-environment variable if it is set or the shell as specified in
-L<passwd(5)>. If a command is specified, it is passed to the shell
-for execution. Otherwise, an interactive shell is executed.
-
-=item -t I<type>
-
-The B<-t> (I<type>) option causes the new (SELinux) security context to
-have the type specified by I<type>. If no type is specified, the default
-type is derived from the specified role.
-
-=item -U I<user>
-
-The B<-U> (I<other user>) option is used in conjunction with the B<-l>
-option to specify the user whose privileges should be listed. Only
-root or a user with B<sudo> C<ALL> on the current host may use this
-option.
-
-=item -u I<user>
-
-The B<-u> (I<user>) option causes B<sudo> to run the specified
-command as a user other than I<root>. To specify a I<uid> instead
-of a I<user name>, use I<#uid>. When running commands as a I<uid>,
-many shells require that the '#' be escaped with a backslash ('\').
-Note that if the I<targetpw> Defaults option is set (see L<sudoers(5)>)
-it is not possible to run commands with a uid not listed in the
-password database.
-
-=item -V
-
-The B<-V> (I<version>) option causes B<sudo> to print the version
-number and exit. If the invoking user is already root the B<-V>
-option will print out a list of the defaults B<sudo> was compiled
-with as well as the machine's local network addresses.
-
-=item -v
-
-If given the B<-v> (I<validate>) option, B<sudo> will update the
-user's time stamp, prompting for the user's password if necessary.
-This extends the B<sudo> timeout for another C<@timeout@> minutes
-(or whatever the timeout is set to in I<sudoers>) but does not run
-a command.
-
-=item --
-
-The B<--> option indicates that B<sudo> should stop processing command
-line arguments.
-
-=back
-
-Environment variables to be set for the command may also be passed
-on the command line in the form of B<VAR>=I<value>, e.g.
-B<LD_LIBRARY_PATH>=I</usr/local/pkg/lib>. Variables passed on the
-command line are subject to the same restrictions as normal environment
-variables with one important exception. If the I<setenv> option
-is set in I<sudoers>, the command to be run has the C<SETENV> tag
-set or the command matched is C<ALL>, the user may set variables
-that would overwise be forbidden. See L<sudoers(5)> for more information.
-
-=head1 RETURN VALUES
-
-Upon successful execution of a program, the exit status from B<sudo>
-will simply be the exit status of the program that was executed.
-
-Otherwise, B<sudo> quits with an exit value of 1 if there is a
-configuration/permission problem or if B<sudo> cannot execute the
-given command. In the latter case the error string is printed to
-stderr. If B<sudo> cannot L<stat(2)> one or more entries in the user's
-C<PATH> an error is printed on stderr. (If the directory does not
-exist or if it is not really a directory, the entry is ignored and
-no error is printed.) This should not happen under normal
-circumstances. The most common reason for L<stat(2)> to return
-"permission denied" is if you are running an automounter and one
-of the directories in your C<PATH> is on a machine that is currently
-unreachable.
-
-=head1 SECURITY NOTES
-
-B<sudo> tries to be safe when executing external commands.
-
-There are two distinct ways to deal with environment variables.
-By default, the I<env_reset> I<sudoers> option is enabled.
-This causes commands to be executed with a minimal environment
-containing C<TERM>, C<PATH>, C<HOME>, C<SHELL>, C<LOGNAME>, C<USER>
-and C<USERNAME> in addition to variables from the invoking process
-permitted by the I<env_check> and I<env_keep> I<sudoers> options.
-There is effectively a whitelist for environment variables.
-
-If, however, the I<env_reset> option is disabled in I<sudoers>, any
-variables not explicitly denied by the I<env_check> and I<env_delete>
-options are inherited from the invoking process. In this case,
-I<env_check> and I<env_delete> behave like a blacklist. Since it
-is not possible to blacklist all potentially dangerous environment
-variables, use of the default I<env_reset> behavior is encouraged.
-
-In all cases, environment variables with a value beginning with
-C<()> are removed as they could be interpreted as B<bash> functions.
-The list of environment variables that B<sudo> allows or denies is
-contained in the output of C<sudo -V> when run as root.
-
-Note that the dynamic linker on most operating systems will remove
-variables that can control dynamic linking from the environment of
-setuid executables, including B<sudo>. Depending on the operating
-system this may include C<_RLD*>, C<DYLD_*>, C<LD_*>, C<LDR_*>,
-C<LIBPATH>, C<SHLIB_PATH>, and others. These type of variables are
-removed from the environment before B<sudo> even begins execution
-and, as such, it is not possible for B<sudo> to preserve them.
-
-To prevent command spoofing, B<sudo> checks "." and "" (both denoting
-current directory) last when searching for a command in the user's
-PATH (if one or both are in the PATH). Note, however, that the
-actual C<PATH> environment variable is I<not> modified and is passed
-unchanged to the program that B<sudo> executes.
-
-B<sudo> will check the ownership of its time stamp directory
-(F<@timedir@> by default) and ignore the directory's contents if
-it is not owned by root or if it is writable by a user other than
-root. On systems that allow non-root users to give away files via
-L<chown(2)>, if the time stamp directory is located in a directory
-writable by anyone (e.g., F</tmp>), it is possible for a user to
-create the time stamp directory before B<sudo> is run. However,
-because B<sudo> checks the ownership and mode of the directory and
-its contents, the only damage that can be done is to "hide" files
-by putting them in the time stamp dir. This is unlikely to happen
-since once the time stamp dir is owned by root and inaccessible by
-any other user, the user placing files there would be unable to get
-them back out. To get around this issue you can use a directory
-that is not world-writable for the time stamps (F</var/adm/sudo> for
-instance) or create F<@timedir@> with the appropriate owner (root)
-and permissions (0700) in the system startup files.
-
-B<sudo> will not honor time stamps set far in the future.
-Timestamps with a date greater than current_time + 2 * C<TIMEOUT>
-will be ignored and sudo will log and complain. This is done to
-keep a user from creating his/her own time stamp with a bogus
-date on systems that allow users to give away files.
-
-On systems where the boot time is available, B<sudo> will also not
-honor time stamps from before the machine booted.
-
-Since time stamp files live in the file system, they can outlive a
-user's login session. As a result, a user may be able to login,
-run a command with B<sudo> after authenticating, logout, login
-again, and run B<sudo> without authenticating so long as the time
-stamp file's modification time is within C<@timeout@> minutes (or
-whatever the timeout is set to in I<sudoers>). When the I<tty_tickets>
-option is enabled in I<sudoers>, the time stamp has per-tty granularity
-but still may outlive the user's session. On Linux systems where
-the devpts filesystem is used, Solaris systems with the devices
-filesystem, as well as other systems that utilize a devfs filesystem
-that monotonically increase the inode number of devices as they are
-created (such as Mac OS X), B<sudo> is able to determine when a
-tty-based time stamp file is stale and will ignore it. Administrators
-should not rely on this feature as it is not universally available.
-
-Please note that B<sudo> will normally only log the command it
-explicitly runs. If a user runs a command such as C<sudo su> or
-C<sudo sh>, subsequent commands run from that shell will I<not> be
-logged, nor will B<sudo>'s access control affect them. The same
-is true for commands that offer shell escapes (including most
-editors). Because of this, care must be taken when giving users
-access to commands via B<sudo> to verify that the command does not
-inadvertently give the user an effective root shell. For more
-information, please see the C<PREVENTING SHELL ESCAPES> section in
-L<sudoers(5)>.
-
-=head1 ENVIRONMENT
-
-B<sudo> utilizes the following environment variables:
-
-=over 16
-
-=item C<EDITOR>
-
-Default editor to use in B<-e> (sudoedit) mode if neither C<SUDO_EDITOR>
-nor C<VISUAL> is set
-
-=item C<MAIL>
-
-In B<-i> mode or when I<env_reset> is enabled in I<sudoers>, set
-to the mail spool of the target user
-
-=item C<HOME>
-
-Set to the home directory of the target user if B<-i> or B<-H> are
-specified, I<env_reset> or I<always_set_home> are set in I<sudoers>,
-or when the B<-s> option is specified and I<set_home> is set in
-I<sudoers>
-
-=item C<PATH>
-
-Set to a sane value if the I<secure_path> sudoers option is set.
-
-=item C<SHELL>
-
-Used to determine shell to run with C<-s> option
-
-=item C<SUDO_ASKPASS>
-
-Specifies the path to a helper program used to read the password
-if no terminal is available or if the C<-A> option is specified.
-
-=item C<SUDO_COMMAND>
-
-Set to the command run by sudo
-
-=item C<SUDO_EDITOR>
-
-Default editor to use in B<-e> (sudoedit) mode
-
-=item C<SUDO_GID>
-
-Set to the group ID of the user who invoked sudo
-
-=item C<SUDO_PROMPT>
-
-Used as the default password prompt
-
-=item C<SUDO_PS1>
-
-If set, C<PS1> will be set to its value for the program being run
-
-=item C<SUDO_UID>
-
-Set to the user ID of the user who invoked sudo
-
-=item C<SUDO_USER>
-
-Set to the login of the user who invoked sudo
-
-=item C<USER>
-
-Set to the target user (root unless the B<-u> option is specified)
-
-=item C<VISUAL>
-
-Default editor to use in B<-e> (sudoedit) mode if C<SUDO_EDITOR>
-is not set
-
-=back
-
-=head1 FILES
-
-=over 24
-
-=item F<@sysconfdir@/sudoers>
-
-List of who can run what
-
-=item F<@timedir@>
-
-Directory containing time stamps
-
-=item F</etc/environment>
-
-Initial environment for B<-i> mode on Linux and AIX
-
-=back
-
-=head1 EXAMPLES
-
-Note: the following examples assume suitable L<sudoers(5)> entries.
-
-To get a file listing of an unreadable directory:
-
- $ sudo ls /usr/local/protected
-
-To list the home directory of user yaz on a machine where the
-file system holding ~yaz is not exported as root:
-
- $ sudo -u yaz ls ~yaz
-
-To edit the F<index.html> file as user www:
-
- $ sudo -u www vi ~www/htdocs/index.html
-
-To view system logs only accessible to root and users in the adm group:
-
- $ sudo -g adm view /var/log/syslog
-
-To run an editor as jim with a different primary group:
-
- $ sudo -u jim -g audio vi ~jim/sound.txt
-
-To shutdown a machine:
-
- $ sudo shutdown -r +15 "quick reboot"
-
-To make a usage listing of the directories in the /home
-partition. Note that this runs the commands in a sub-shell
-to make the C<cd> and file redirection work.
-
- $ sudo sh -c "cd /home ; du -s * | sort -rn > USAGE"
-
-=head1 SEE ALSO
-
-L<grep(1)>, L<su(1)>, L<stat(2)>,
-L<login_cap(3)>,
-L<passwd(5)>, L<sudoers(5)>, L<visudo(8)>
-
-=head1 AUTHORS
-
-Many people have worked on B<sudo> over the years; this
-version consists of code written primarily by:
-
- Todd C. Miller
-
-See the HISTORY file in the B<sudo> distribution or visit
-http://www.sudo.ws/sudo/history.html for a short history
-of B<sudo>.
-
-=head1 CAVEATS
-
-There is no easy way to prevent a user from gaining a root shell
-if that user is allowed to run arbitrary commands via B<sudo>.
-Also, many programs (such as editors) allow the user to run commands
-via shell escapes, thus avoiding B<sudo>'s checks. However, on
-most systems it is possible to prevent shell escapes with B<sudo>'s
-I<noexec> functionality. See the L<sudoers(5)> manual
-for details.
-
-It is not meaningful to run the C<cd> command directly via sudo, e.g.,
-
- $ sudo cd /usr/local/protected
-
-since when the command exits the parent process (your shell) will
-still be the same. Please see the EXAMPLES section for more information.
-
-If users have sudo C<ALL> there is nothing to prevent them from
-creating their own program that gives them a root shell regardless
-of any '!' elements in the user specification.
-
-Running shell scripts via B<sudo> can expose the same kernel bugs that
-make setuid shell scripts unsafe on some operating systems (if your OS
-has a /dev/fd/ directory, setuid shell scripts are generally safe).
-
-=head1 BUGS
-
-If you feel you have found a bug in B<sudo>, please submit a bug report
-at http://www.sudo.ws/sudo/bugs/
-
-=head1 SUPPORT
-
-Limited free support is available via the sudo-users mailing list,
-see http://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or
-search the archives.
-
-=head1 DISCLAIMER
-
-B<sudo> is provided ``AS IS'' and any express or implied warranties,
-including, but not limited to, the implied warranties of merchantability
-and fitness for a particular purpose are disclaimed. See the LICENSE
-file distributed with B<sudo> or http://www.sudo.ws/sudo/license.html
-for complete details.
Modified: trunk/contrib/sudo/sudo.pp
===================================================================
--- trunk/contrib/sudo/sudo.pp 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudo.pp 2014-10-02 03:20:49 UTC (rev 6803)
@@ -14,15 +14,29 @@
vendor="Todd C. Miller"
copyright="(c) 1993-1996,1998-2010 Todd C. Miller"
+%if [aix]
+ # AIX package summary is limited to 40 characters
+ summary="Configurable super-user privileges"
+
# Convert to 4 part version for AIX, including patch level
pp_aix_version=`echo $version|sed -e 's/\([0-9]*\.[0-9]*\.[0-9]*\)$/\1.0/' -e 's/[^0-9]*\([0-9]*\)$/.\1/'`
+%endif
- # Strip of patchlevel for kit which only supports x.y.z versions
- pp_kit_version="`echo $version|sed -e 's/\.//g' -e 's/p[0-9]*$//'`"
+%if [kit]
+ # Strip off patchlevel for kit which only supports xyz versions
+ pp_kit_version="`echo $version|sed -e 's/\.//g' -e 's/[bp][0-9]*$//'`"
pp_kit_name="TCM"
+%endif
+%if [sd]
pp_sd_vendor_tag="TCM"
+%endif
+
+%if [solaris]
pp_solaris_name="TCM${name}"
+ pp_solaris_pstamp=`/usr/bin/date "+%B %d, %Y"`
+%endif
+
%if [rpm,deb]
# Convert patch level into release and remove from version
pp_rpm_release="`echo $version|sed 's/^[0-9]*\.[0-9]*\.[0-9]*[^0-9]*//'`"
@@ -32,6 +46,9 @@
pp_rpm_url="http://www.sudo.ws/"
pp_rpm_group="Applications/System"
pp_rpm_packager="Todd.Miller at courtesan.com"
+ if test -n "$linux_audit"; then
+ pp_rpm_requires="audit-libs >= $linux_audit"
+ fi
pp_deb_maintainer="$pp_rpm_packager"
pp_deb_release="$pp_rpm_release"
@@ -42,7 +59,7 @@
mv ${pp_destdir}$sudoersdir/sudoers ${pp_destdir}$sudoersdir/sudoers.dist
%endif
-%set [rpm]
+%if [rpm]
# Add distro info to release
osrelease=`echo "$pp_rpm_distro" | sed -e 's/^[^0-9]*//' -e 's/-.*$//'`
case "$pp_rpm_distro" in
@@ -136,8 +153,9 @@
fi
;;
esac
+%endif
-%set [deb]
+%if [deb]
# Uncomment some Defaults and the %sudo rule in sudoers
# Note that the order must match that of sudoers and be tab-indented.
/bin/ed - ${pp_destdir}${sudoersdir}/sudoers <<-'EOF'
@@ -157,10 +175,8 @@
session required pam_permit.so
session required pam_limits.so
EOF
+%endif
-%set [aix]
- summary="Configurable super-user privileges"
-
%files
$bindir/sudo 4111 root:
$bindir/sudoedit 4111 root:
Deleted: trunk/contrib/sudo/sudo.psf
===================================================================
--- trunk/contrib/sudo/sudo.psf 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudo.psf 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,91 +0,0 @@
-# PSF file for sudo
-#
-# See http://www.software.hp.com/products/SD_AT_HP/docs/cookbook.html
-# for details.
-#
-# To create sudo.depot, run:
-#
-# swpackage -x target_type=tape -d sudo.depot -s sudo.psf
-#
-# To install, run:
-#
-# swinstall -s sudo.depot sudo
-#
-# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
-#
-vendor
- tag GratiSoft
- title "GratiSoft, Inc."
- description "GratiSoft, Inc., http://www.gratisoft.us/"
-end
-#
-# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
-#
-product
- tag sudo
- title "Sudo"
- description "execute a command as another user"
- revision @VERSION@
- #
- architecture S700/S800_HPUX_10/11
- machine_type 9000/[78]*
- os_name HP-UX
- os_release ?.10.*|?.11.*
- os_version *
- #
- fileset
- tag bin
- title "sudo binaries"
- revision @VERSION@
-
- file -m 4111 -o root -g root sudo /usr/local/bin/sudo
- file -m 111 -o root -g bin visudo /usr/local/sbin/visudo
-
- postinstall sudo-exec.postinstall
- end
- #
- fileset
- tag libexec
- title "sudo noexec library"
- revision @VERSION@
-
- file -m 555 -o root -g bin sudo_noexec.sl /usr/local/libexec/sudo_noexec.sl
- end
- #
- fileset
- tag manpages
- title "sudo manpages"
- revision @VERSION@
-
- file -m 444 -g bin -o root sudo.man /usr/local/man/man1m/sudo.1m
- file -m 444 -g bin -o root sudoers.man /usr/local/man/man4/sudoers.4
- file -m 444 -g bin -o root visudo.man /usr/local/man/man1m/visudo.1m
-
- postinstall sudo-man.postinstall
- end
- #
- fileset
- tag doc
- title "sudo doc"
- revision @VERSION@
-
- file -m 444 -g bin -o root BUGS /usr/local/doc/sudo/BUGS
- file -m 444 -g bin -o root CHANGES /usr/local/doc/sudo/CHANGES
- file -m 444 -g bin -o root HISTORY /usr/local/doc/sudo/HISTORY
- file -m 444 -g bin -o root LICENSE /usr/local/doc/sudo/LICENSE
- file -m 444 -g bin -o root README /usr/local/doc/sudo/README
- file -m 444 -g bin -o root TROUBLESHOOTING /usr/local/doc/sudo/TROUBLESHOOTING
- file -m 444 -g bin -o root UPGRADE /usr/local/doc/sudo/UPGRADE
- file -m 444 -g bin -o root sample.syslog.conf /usr/local/doc/sudo/sample.syslog.conf
- file -m 444 -g bin -o root sample.sudoers /usr/local/doc/sudo/sample.sudoers
- end
- #
- fileset
- tag config
- title "sudo config files"
- revision @VERSION@
- file -m 444 -g bin -o root sudoers /usr/local/doc/sudo/sudoers
-
- postinstall sudo-config.postinstall
- end
-end
Modified: trunk/contrib/sudo/sudo_exec.h
===================================================================
--- trunk/contrib/sudo/sudo_exec.h 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudo_exec.h 2014-10-02 03:20:49 UTC (rev 6803)
@@ -18,11 +18,18 @@
#define _SUDO_EXEC_H
/*
+ * Special values to indicate whether continuing in foreground or background.
+ */
+#define SIGCONT_FG -2
+#define SIGCONT_BG -3
+
+/*
* Symbols shared between exec.c and exec_pty.c
*/
/* exec.c */
int my_execve __P((const char *path, char *argv[], char *envp[]));
+int pipe_nonblock __P((int fds[2]));
/* exec_pty.c */
int fork_pty __P((const char *path, char *argv[], char *envp[], int sv[],
@@ -30,9 +37,9 @@
int perform_io __P((fd_set *fdsr, fd_set *fdsw, struct command_status *cstat));
int suspend_parent __P((int signo));
void fd_set_iobs __P((fd_set *fdsr, fd_set *fdsw));
-void handler __P((int s));
+RETSIGTYPE handler __P((int s));
void pty_close __P((struct command_status *cstat));
void pty_setup __P((uid_t uid));
-extern sig_atomic_t recvsig[NSIG];
+extern int signal_pipe[2];
#endif /* _SUDO_EXEC_H */
Modified: trunk/contrib/sudo/sudo_noexec.c
===================================================================
--- trunk/contrib/sudo/sudo_noexec.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudo_noexec.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -16,6 +16,8 @@
#include <config.h>
+#include <sys/types.h>
+
#include <errno.h>
#ifndef HAVE_TIMESPEC
# include <time.h>
@@ -26,7 +28,7 @@
# include <varargs.h>
#endif
-#include <compat.h>
+#include "missing.h"
/*
* Dummy versions of the execve() family of syscalls. We don't need
@@ -43,7 +45,7 @@
#define DUMMY_BODY \
{ \
errno = EACCES; \
- return(-1); \
+ return -1; \
}
#ifdef __STDC__
Modified: trunk/contrib/sudo/sudo_nss.c
===================================================================
--- trunk/contrib/sudo/sudo_nss.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudo_nss.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2007-2010 Todd C. Miller <Todd.Miller at courtesan.com>
+ * Copyright (c) 2007-2011 Todd C. Miller <Todd.Miller at courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -100,7 +100,7 @@
if (tq_empty(&snl))
tq_append(&snl, &sudo_nss_file);
- return(&snl);
+ return &snl;
}
#else /* HAVE_LDAP && _PATH_NSSWITCH_CONF */
@@ -179,7 +179,7 @@
if (tq_empty(&snl))
tq_append(&snl, &sudo_nss_file);
- return(&snl);
+ return &snl;
}
# else /* !_PATH_NETSVC_CONF && !_PATH_NSSWITCH_CONF */
@@ -197,7 +197,7 @@
# endif
tq_append(&snl, &sudo_nss_file);
- return(&snl);
+ return &snl;
}
# endif /* !HAVE_LDAP || !_PATH_NETSVC_CONF */
@@ -212,9 +212,10 @@
#if defined(HAVE_INITGROUPS) && defined(HAVE_GETGROUPS)
if (pw != sudo_user.pw) {
# ifdef HAVE_SETAUTHDB
- aix_setauthdb(pw->pw_name);
+ aix_setauthdb(pw->pw_name);
# endif
- (void) initgroups(pw->pw_name, pw->pw_gid);
+ if (initgroups(pw->pw_name, pw->pw_gid) == -1)
+ log_error(USE_ERRNO|MSG_ONLY, "can't reset group vector");
efree(user_groups);
user_groups = NULL;
if ((user_ngroups = getgroups(0, NULL)) > 0) {
@@ -223,7 +224,7 @@
log_error(USE_ERRNO|MSG_ONLY, "can't get group vector");
}
# ifdef HAVE_SETAUTHDB
- aix_restoreauthdb();
+ aix_restoreauthdb();
# endif
}
#endif /* HAVE_INITGROUPS && HAVE_GETGROUPS */
@@ -246,52 +247,57 @@
struct passwd *pw;
{
struct sudo_nss *nss;
- struct lbuf lbuf;
- int count;
+ struct lbuf defs, privs;
+ int count, olen;
/* Reset group vector so group matching works correctly. */
reset_groups(pw);
- lbuf_init(&lbuf, output, 4, NULL);
+ lbuf_init(&defs, output, 4, NULL);
+ lbuf_init(&privs, output, 4, NULL);
/* Display defaults from all sources. */
- lbuf_append(&lbuf, "Matching Defaults entries for ", pw->pw_name,
+ lbuf_append(&defs, "Matching Defaults entries for ", pw->pw_name,
" on this host:\n", NULL);
count = 0;
tq_foreach_fwd(snl, nss) {
- count += nss->display_defaults(nss, pw, &lbuf);
+ count += nss->display_defaults(nss, pw, &defs);
}
- if (count) {
- lbuf_append(&lbuf, "\n\n", NULL);
- lbuf_print(&lbuf);
- }
+ if (count)
+ lbuf_append(&defs, "\n\n", NULL);
+ else
+ defs.len = 0;
/* Display Runas and Cmnd-specific defaults from all sources. */
- lbuf.len = 0;
- lbuf_append(&lbuf, "Runas and Command-specific defaults for ", pw->pw_name,
+ olen = defs.len;
+ lbuf_append(&defs, "Runas and Command-specific defaults for ", pw->pw_name,
":\n", NULL);
count = 0;
tq_foreach_fwd(snl, nss) {
- count += nss->display_bound_defaults(nss, pw, &lbuf);
+ count += nss->display_bound_defaults(nss, pw, &defs);
}
- if (count) {
- lbuf_append(&lbuf, "\n\n", NULL);
- lbuf_print(&lbuf);
- }
+ if (count)
+ lbuf_append(&defs, "\n\n", NULL);
+ else
+ defs.len = olen;
/* Display privileges from all sources. */
- lbuf.len = 0;
- lbuf_append(&lbuf, "User ", pw->pw_name,
+ lbuf_append(&privs, "User ", pw->pw_name,
" may run the following commands on this host:\n", NULL);
count = 0;
tq_foreach_fwd(snl, nss) {
- count += nss->display_privs(nss, pw, &lbuf);
+ count += nss->display_privs(nss, pw, &privs);
}
if (count) {
- lbuf_print(&lbuf);
+ lbuf_print(&defs);
+ lbuf_print(&privs);
+ } else {
+ printf("User %s is not allowed to run sudo on %s.\n", pw->pw_name,
+ user_shost);
}
- lbuf_destroy(&lbuf);
+ lbuf_destroy(&defs);
+ lbuf_destroy(&privs);
}
/*
@@ -310,7 +316,7 @@
tq_foreach_fwd(snl, nss) {
if (nss->display_cmnd(nss, pw) == 0)
- return(0);
+ return 0;
}
- return(1);
+ return 1;
}
Deleted: trunk/contrib/sudo/sudo_usage.h
===================================================================
--- trunk/contrib/sudo/sudo_usage.h 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudo_usage.h 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,39 +0,0 @@
-/*
- * Copyright (c) 2007-2009 Todd C. Miller <Todd.Miller at courtesan.com>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
- * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#ifndef _SUDO_USAGE_H
-#define _SUDO_USAGE_H
-
-void usage __P((int)) __attribute__((__noreturn__));
-
-/*
- * Usage strings for sudo. These are here because we
- * need to be able to substitute values from configure.
- */
-#define SUDO_USAGE1 " -h | -K | -k | -L | -V"
-#define SUDO_USAGE2 " -v [-AknS] [-g groupname|#gid] [-p prompt] [-u user name|#uid]"
-#define SUDO_USAGE3 " -l[l] [-AknS] [-g groupname|#gid] [-p prompt] [-U user name] [-u user name|#uid] [-g groupname|#gid] [command]"
-#define SUDO_USAGE4 " [-AbEHknPS] [-C fd] [-c class|-] [-g groupname|#gid] [-p prompt] [-u user name|#uid] [-g groupname|#gid] [VAR=value] [-i|-s] [<command>]"
-#define SUDO_USAGE5 " -e [-AknS] [-C fd] [-c class|-] [-g groupname|#gid] [-p prompt] [-u user name|#uid] file ..."
-
-/*
- * Configure script arguments used to build sudo.
- */
-#define CONFIGURE_ARGS "--with-all-insults --build=i386-midnightbsd-freebsd7.0"
-
-#endif /* _SUDO_USAGE_H */
Modified: trunk/contrib/sudo/sudo_usage.h.in
===================================================================
--- trunk/contrib/sudo/sudo_usage.h.in 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudo_usage.h.in 2014-10-02 03:20:49 UTC (rev 6803)
@@ -19,7 +19,8 @@
#ifndef _SUDO_USAGE_H
#define _SUDO_USAGE_H
-void usage __P((int)) __attribute__((__noreturn__));
+void help __P((void)) __attribute__((__noreturn__));
+void usage __P((int));
/*
* Usage strings for sudo. These are here because we
Deleted: trunk/contrib/sudo/sudoers
===================================================================
--- trunk/contrib/sudo/sudoers 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudoers 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,86 +0,0 @@
-## sudoers file.
-##
-## This file MUST be edited with the 'visudo' command as root.
-## Failure to use 'visudo' may result in syntax or file permission errors
-## that prevent sudo from running.
-##
-## See the sudoers man page for the details on how to write a sudoers file.
-##
-
-##
-## Host alias specification
-##
-## Groups of machines. These may include host names (optionally with wildcards),
-## IP addresses, network numbers or netgroups.
-# Host_Alias WEBSERVERS = www1, www2, www3
-
-##
-## User alias specification
-##
-## Groups of users. These may consist of user names, uids, Unix groups,
-## or netgroups.
-# User_Alias ADMINS = millert, dowdy, mikef
-
-##
-## Cmnd alias specification
-##
-## Groups of commands. Often used to group related commands together.
-# Cmnd_Alias PROCESSES = /usr/bin/nice, /bin/kill, /usr/bin/renice, \
-# /usr/bin/pkill, /usr/bin/top
-
-##
-## Defaults specification
-##
-## You may wish to keep some of the following environment variables
-## when running commands via sudo.
-##
-## Locale settings
-# Defaults env_keep += "LANG LANGUAGE LINGUAS LC_* _XKB_CHARSET"
-##
-## Run X applications through sudo; HOME is used to find the
-## .Xauthority file. Note that other programs use HOME to find
-## configuration files and this may lead to privilege escalation!
-# Defaults env_keep += "HOME"
-##
-## X11 resource path settings
-# Defaults env_keep += "XAPPLRESDIR XFILESEARCHPATH XUSERFILESEARCHPATH"
-##
-## Desktop path settings
-# Defaults env_keep += "QTDIR KDEDIR"
-##
-## Allow sudo-run commands to inherit the callers' ConsoleKit session
-# Defaults env_keep += "XDG_SESSION_COOKIE"
-##
-## Uncomment to enable special input methods. Care should be taken as
-## this may allow users to subvert the command being run via sudo.
-# Defaults env_keep += "XMODIFIERS GTK_IM_MODULE QT_IM_MODULE QT_IM_SWITCHER"
-##
-## Uncomment to enable logging of a command's output, except for
-## sudoreplay and reboot. Use sudoreplay to play back logged sessions.
-# Defaults log_output
-# Defaults!/usr/bin/sudoreplay !log_output
-# Defaults!/usr/local/bin/sudoreplay !log_output
-# Defaults!/sbin/reboot !log_output
-
-##
-## Runas alias specification
-##
-
-##
-## User privilege specification
-##
-root ALL=(ALL) ALL
-
-## Uncomment to allow members of group wheel to execute any command
-# %wheel ALL=(ALL) ALL
-
-## Same thing without a password
-# %wheel ALL=(ALL) NOPASSWD: ALL
-
-## Uncomment to allow members of group sudo to execute any command
-# %sudo ALL=(ALL) ALL
-
-## Uncomment to allow any user to run sudo if they know the password
-## of the user they are running the command as (root by default).
-# Defaults targetpw # Ask for the password of the target user
-# ALL ALL=(ALL) ALL # WARNING: only use this together with 'Defaults targetpw'
Deleted: trunk/contrib/sudo/sudoers.5
===================================================================
--- trunk/contrib/sudo/sudoers.5 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudoers.5 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,1415 +0,0 @@
-.\" Copyright (c) 1994-1996,1998-2004 Todd C. Miller <Todd.Miller at courtesan.com>
-.\"
-.\" Permission to use, copy, modify, and distribute this software for any
-.\" purpose with or without fee is hereby granted, provided that the above
-.\" copyright notice and this permission notice appear in all copies.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-.\"
-.\" Sponsored in part by the Defense Advanced Research Projects
-.\" Agency (DARPA) and Air Force Research Laboratory, Air Force
-.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
-.\"
-.\" $Sudo: sudoers.pod,v 1.96 2004/09/06 20:45:27 millert Exp $
-.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.14
-.\"
-.\" Standard preamble:
-.\" ========================================================================
-.de Sh \" Subsection heading
-.br
-.if t .Sp
-.ne 5
-.PP
-\fB\\$1\fR
-.PP
-..
-.de Sp \" Vertical space (when we can't use .PP)
-.if t .sp .5v
-.if n .sp
-..
-.de Vb \" Begin verbatim text
-.ft CW
-.nf
-.ne \\$1
-..
-.de Ve \" End verbatim text
-.ft R
-.fi
-..
-.\" Set up some character translations and predefined strings. \*(-- will
-.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
-.\" double quote, and \*(R" will give a right double quote. | will give a
-.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used to
-.\" do unbreakable dashes and therefore won't be available. \*(C` and \*(C'
-.\" expand to `' in nroff, nothing in troff, for use with C<>.
-.tr \(*W-|\(bv\*(Tr
-.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
-.ie n \{\
-. ds -- \(*W-
-. ds PI pi
-. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
-. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
-. ds L" ""
-. ds R" ""
-. ds C`
-. ds C'
-'br\}
-.el\{\
-. ds -- \|\(em\|
-. ds PI \(*p
-. ds L" ``
-. ds R" ''
-'br\}
-.\"
-.\" If the F register is turned on, we'll generate index entries on stderr for
-.\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index
-.\" entries marked with X<> in POD. Of course, you'll have to process the
-.\" output yourself in some meaningful fashion.
-.if \nF \{\
-. de IX
-. tm Index:\\$1\t\\n%\t"\\$2"
-..
-. nr % 0
-. rr F
-.\}
-.\"
-.\" For nroff, turn off justification. Always turn off hyphenation; it makes
-.\" way too many mistakes in technical documents.
-.hy 0
-.if n .na
-.\"
-.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
-.\" Fear. Run. Save yourself. No user-serviceable parts.
-. \" fudge factors for nroff and troff
-.if n \{\
-. ds #H 0
-. ds #V .8m
-. ds #F .3m
-. ds #[ \f1
-. ds #] \fP
-.\}
-.if t \{\
-. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
-. ds #V .6m
-. ds #F 0
-. ds #[ \&
-. ds #] \&
-.\}
-. \" simple accents for nroff and troff
-.if n \{\
-. ds ' \&
-. ds ` \&
-. ds ^ \&
-. ds , \&
-. ds ~ ~
-. ds /
-.\}
-.if t \{\
-. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
-. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
-. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
-. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
-. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
-. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
-.\}
-. \" troff and (daisy-wheel) nroff accents
-.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
-.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
-.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
-.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
-.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
-.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
-.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
-.ds ae a\h'-(\w'a'u*4/10)'e
-.ds Ae A\h'-(\w'A'u*4/10)'E
-. \" corrections for vroff
-.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
-.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
-. \" for low resolution devices (crt and lpr)
-.if \n(.H>23 .if \n(.V>19 \
-\{\
-. ds : e
-. ds 8 ss
-. ds o a
-. ds d- d\h'-1'\(ga
-. ds D- D\h'-1'\(hy
-. ds th \o'bp'
-. ds Th \o'LP'
-. ds ae ae
-. ds Ae AE
-.\}
-.rm #[ #] #H #V #F C
-.\" ========================================================================
-.\"
-.IX Title "SUDOERS 5"
-.TH SUDOERS 5 "June 20, 2005" "1.6.8p12" "MAINTENANCE COMMANDS"
-.SH "NAME"
-sudoers \- list of which users may execute what
-.SH "DESCRIPTION"
-.IX Header "DESCRIPTION"
-The \fIsudoers\fR file is composed of two types of entries: aliases
-(basically variables) and user specifications (which specify who
-may run what).
-.PP
-When multiple entries match for a user, they are applied in order.
-Where there are conflicting values, the last match is used (which
-is not necessarily the most specific match).
-.PP
-The \fIsudoers\fR grammar will be described below in Extended Backus-Naur
-Form (\s-1EBNF\s0). Don't despair if you don't know what \s-1EBNF\s0 is; it is
-fairly simple, and the definitions below are annotated.
-.Sh "Quick guide to \s-1EBNF\s0"
-.IX Subsection "Quick guide to EBNF"
-\&\s-1EBNF\s0 is a concise and exact way of describing the grammar of a language.
-Each \s-1EBNF\s0 definition is made up of \fIproduction rules\fR. E.g.,
-.PP
-.Vb 1
-\& symbol ::= definition | alternate1 | alternate2 ...
-.Ve
-.PP
-Each \fIproduction rule\fR references others and thus makes up a
-grammar for the language. \s-1EBNF\s0 also contains the following
-operators, which many readers will recognize from regular
-expressions. Do not, however, confuse them with \*(L"wildcard\*(R"
-characters, which have different meanings.
-.ie n .IP "\*(C`?\*(C'" 8
-.el .IP "\f(CW\*(C`?\*(C'\fR" 8
-.IX Item "?"
-Means that the preceding symbol (or group of symbols) is optional.
-That is, it may appear once or not at all.
-.ie n .IP "\*(C`*\*(C'" 8
-.el .IP "\f(CW\*(C`*\*(C'\fR" 8
-.IX Item "*"
-Means that the preceding symbol (or group of symbols) may appear
-zero or more times.
-.ie n .IP "\*(C`+\*(C'" 8
-.el .IP "\f(CW\*(C`+\*(C'\fR" 8
-.IX Item "+"
-Means that the preceding symbol (or group of symbols) may appear
-one or more times.
-.PP
-Parentheses may be used to group symbols together. For clarity,
-we will use single quotes ('') to designate what is a verbatim character
-string (as opposed to a symbol name).
-.Sh "Aliases"
-.IX Subsection "Aliases"
-There are four kinds of aliases: \f(CW\*(C`User_Alias\*(C'\fR, \f(CW\*(C`Runas_Alias\*(C'\fR,
-\&\f(CW\*(C`Host_Alias\*(C'\fR and \f(CW\*(C`Cmnd_Alias\*(C'\fR.
-.PP
-.Vb 4
-\& Alias ::= 'User_Alias' User_Alias (':' User_Alias)* |
-\& 'Runas_Alias' Runas_Alias (':' Runas_Alias)* |
-\& 'Host_Alias' Host_Alias (':' Host_Alias)* |
-\& 'Cmnd_Alias' Cmnd_Alias (':' Cmnd_Alias)*
-.Ve
-.PP
-.Vb 1
-\& User_Alias ::= NAME '=' User_List
-.Ve
-.PP
-.Vb 1
-\& Runas_Alias ::= NAME '=' Runas_List
-.Ve
-.PP
-.Vb 1
-\& Host_Alias ::= NAME '=' Host_List
-.Ve
-.PP
-.Vb 1
-\& Cmnd_Alias ::= NAME '=' Cmnd_List
-.Ve
-.PP
-.Vb 1
-\& NAME ::= [A-Z]([A-Z][0-9]_)*
-.Ve
-.PP
-Each \fIalias\fR definition is of the form
-.PP
-.Vb 1
-\& Alias_Type NAME = item1, item2, ...
-.Ve
-.PP
-where \fIAlias_Type\fR is one of \f(CW\*(C`User_Alias\*(C'\fR, \f(CW\*(C`Runas_Alias\*(C'\fR, \f(CW\*(C`Host_Alias\*(C'\fR,
-or \f(CW\*(C`Cmnd_Alias\*(C'\fR. A \f(CW\*(C`NAME\*(C'\fR is a string of uppercase letters, numbers,
-and underscore characters ('_'). A \f(CW\*(C`NAME\*(C'\fR \fBmust\fR start with an
-uppercase letter. It is possible to put several alias definitions
-of the same type on a single line, joined by a colon (':'). E.g.,
-.PP
-.Vb 1
-\& Alias_Type NAME = item1, item2, item3 : NAME = item4, item5
-.Ve
-.PP
-The definitions of what constitutes a valid \fIalias\fR member follow.
-.PP
-.Vb 2
-\& User_List ::= User |
-\& User ',' User_List
-.Ve
-.PP
-.Vb 4
-\& User ::= '!'* username |
-\& '!'* '%'group |
-\& '!'* '+'netgroup |
-\& '!'* User_Alias
-.Ve
-.PP
-A \f(CW\*(C`User_List\*(C'\fR is made up of one or more usernames, system groups
-(prefixed with '%'), netgroups (prefixed with '+') and other aliases.
-Each list item may be prefixed with one or more '!' operators.
-An odd number of '!' operators negate the value of the item; an even
-number just cancel each other out.
-.PP
-.Vb 2
-\& Runas_List ::= Runas_User |
-\& Runas_User ',' Runas_List
-.Ve
-.PP
-.Vb 5
-\& Runas_User ::= '!'* username |
-\& '!'* '#'uid |
-\& '!'* '%'group |
-\& '!'* +netgroup |
-\& '!'* Runas_Alias
-.Ve
-.PP
-A \f(CW\*(C`Runas_List\*(C'\fR is similar to a \f(CW\*(C`User_List\*(C'\fR except that it can
-also contain uids (prefixed with '#') and instead of \f(CW\*(C`User_Alias\*(C'\fRes
-it can contain \f(CW\*(C`Runas_Alias\*(C'\fRes. Note that usernames and groups
-are matched as strings. In other words, two users (groups) with
-the same uid (gid) are considered to be distinct. If you wish to
-match all usernames with the same uid (e.g. root and toor), you
-can use a uid instead (#0 in the example given).
-.PP
-.Vb 2
-\& Host_List ::= Host |
-\& Host ',' Host_List
-.Ve
-.PP
-.Vb 5
-\& Host ::= '!'* hostname |
-\& '!'* ip_addr |
-\& '!'* network(/netmask)? |
-\& '!'* '+'netgroup |
-\& '!'* Host_Alias
-.Ve
-.PP
-A \f(CW\*(C`Host_List\*(C'\fR is made up of one or more hostnames, \s-1IP\s0 addresses,
-network numbers, netgroups (prefixed with '+') and other aliases.
-Again, the value of an item may be negated with the '!' operator.
-If you do not specify a netmask with a network number, the netmask
-of the host's ethernet interface(s) will be used when matching.
-The netmask may be specified either in dotted quad notation (e.g.
-255.255.255.0) or \s-1CIDR\s0 notation (number of bits, e.g. 24). A hostname
-may include shell-style wildcards (see the Wildcards section below),
-but unless the \f(CW\*(C`hostname\*(C'\fR command on your machine returns the fully
-qualified hostname, you'll need to use the \fIfqdn\fR option for wildcards
-to be useful.
-.PP
-.Vb 2
-\& Cmnd_List ::= Cmnd |
-\& Cmnd ',' Cmnd_List
-.Ve
-.PP
-.Vb 3
-\& commandname ::= filename |
-\& filename args |
-\& filename '""'
-.Ve
-.PP
-.Vb 4
-\& Cmnd ::= '!'* commandname |
-\& '!'* directory |
-\& '!'* "sudoedit" |
-\& '!'* Cmnd_Alias
-.Ve
-.PP
-A \f(CW\*(C`Cmnd_List\*(C'\fR is a list of one or more commandnames, directories, and other
-aliases. A commandname is a fully qualified filename which may include
-shell-style wildcards (see the Wildcards section below). A simple
-filename allows the user to run the command with any arguments he/she
-wishes. However, you may also specify command line arguments (including
-wildcards). Alternately, you can specify \f(CW""\fR to indicate that the command
-may only be run \fBwithout\fR command line arguments. A directory is a
-fully qualified pathname ending in a '/'. When you specify a directory
-in a \f(CW\*(C`Cmnd_List\*(C'\fR, the user will be able to run any file within that directory
-(but not in any subdirectories therein).
-.PP
-If a \f(CW\*(C`Cmnd\*(C'\fR has associated command line arguments, then the arguments
-in the \f(CW\*(C`Cmnd\*(C'\fR must match exactly those given by the user on the command line
-(or match the wildcards if there are any). Note that the following
-characters must be escaped with a '\e' if they are used in command
-arguments: ',', ':', '=', '\e'. The special command \f(CW"sudoedit"\fR
-is used to permit a user to run \fBsudo\fR with the \fB\-e\fR flag (or
-as \fBsudoedit\fR). It may take command line arguments just as
-a normal command does.
-.Sh "Defaults"
-.IX Subsection "Defaults"
-Certain configuration options may be changed from their default
-values at runtime via one or more \f(CW\*(C`Default_Entry\*(C'\fR lines. These
-may affect all users on any host, all users on a specific host, a
-specific user, or commands being run as a specific user.
-.PP
-.Vb 4
-\& Default_Type ::= 'Defaults' |
-\& 'Defaults' '@' Host |
-\& 'Defaults' ':' User |
-\& 'Defaults' '>' RunasUser
-.Ve
-.PP
-.Vb 1
-\& Default_Entry ::= Default_Type Parameter_List
-.Ve
-.PP
-.Vb 2
-\& Parameter_List ::= Parameter |
-\& Parameter ',' Parameter_List
-.Ve
-.PP
-.Vb 4
-\& Parameter ::= Parameter '=' Value |
-\& Parameter '+=' Value |
-\& Parameter '-=' Value |
-\& '!'* Parameter
-.Ve
-.PP
-Parameters may be \fBflags\fR, \fBinteger\fR values, \fBstrings\fR, or \fBlists\fR.
-Flags are implicitly boolean and can be turned off via the '!'
-operator. Some integer, string and list parameters may also be
-used in a boolean context to disable them. Values may be enclosed
-in double quotes (\f(CW\*(C`"\*(C'\fR) when they contain multiple words. Special
-characters may be escaped with a backslash (\f(CW\*(C`\e\*(C'\fR).
-.PP
-Lists have two additional assignment operators, \f(CW\*(C`+=\*(C'\fR and \f(CW\*(C`\-=\*(C'\fR.
-These operators are used to add to and delete from a list respectively.
-It is not an error to use the \f(CW\*(C`\-=\*(C'\fR operator to remove an element
-that does not exist in a list.
-.PP
-\&\fBFlags\fR:
-.IP "long_otp_prompt" 12
-.IX Item "long_otp_prompt"
-When validating with a One Time Password scheme (\fBS/Key\fR or \fB\s-1OPIE\s0\fR),
-a two-line prompt is used to make it easier to cut and paste the
-challenge to a local window. It's not as pretty as the default but
-some people find it more convenient. This flag is \fIoff\fR
-by default.
-.IP "ignore_dot" 12
-.IX Item "ignore_dot"
-If set, \fBsudo\fR will ignore '.' or '' (current dir) in the \f(CW\*(C`PATH\*(C'\fR
-environment variable; the \f(CW\*(C`PATH\*(C'\fR itself is not modified. This
-flag is \fIoff\fR by default. Currently, while it is possible
-to set \fIignore_dot\fR in \fIsudoers\fR, its value is not used. This option
-should be considered read-only (it will be fixed in a future version
-of \fBsudo\fR).
-.IP "mail_always" 12
-.IX Item "mail_always"
-Send mail to the \fImailto\fR user every time a users runs \fBsudo\fR.
-This flag is \fIoff\fR by default.
-.IP "mail_badpass" 12
-.IX Item "mail_badpass"
-Send mail to the \fImailto\fR user if the user running sudo does not
-enter the correct password. This flag is \fIoff\fR by default.
-.IP "mail_no_user" 12
-.IX Item "mail_no_user"
-If set, mail will be sent to the \fImailto\fR user if the invoking
-user is not in the \fIsudoers\fR file. This flag is \fIon\fR
-by default.
-.IP "mail_no_host" 12
-.IX Item "mail_no_host"
-If set, mail will be sent to the \fImailto\fR user if the invoking
-user exists in the \fIsudoers\fR file, but is not allowed to run
-commands on the current host. This flag is \fIoff\fR by default.
-.IP "mail_no_perms" 12
-.IX Item "mail_no_perms"
-If set, mail will be sent to the \fImailto\fR user if the invoking
-user is allowed to use \fBsudo\fR but the command they are trying is not
-listed in their \fIsudoers\fR file entry or is explicitly denied.
-This flag is \fIoff\fR by default.
-.IP "tty_tickets" 12
-.IX Item "tty_tickets"
-If set, users must authenticate on a per-tty basis. Normally,
-\&\fBsudo\fR uses a directory in the ticket dir with the same name as
-the user running it. With this flag enabled, \fBsudo\fR will use a
-file named for the tty the user is logged in on in that directory.
-This flag is \fIoff\fR by default.
-.IP "authenticate" 12
-.IX Item "authenticate"
-If set, users must authenticate themselves via a password (or other
-means of authentication) before they may run commands. This default
-may be overridden via the \f(CW\*(C`PASSWD\*(C'\fR and \f(CW\*(C`NOPASSWD\*(C'\fR tags.
-This flag is \fIon\fR by default.
-.IP "root_sudo" 12
-.IX Item "root_sudo"
-If set, root is allowed to run \fBsudo\fR too. Disabling this prevents users
-from \*(L"chaining\*(R" \fBsudo\fR commands to get a root shell by doing something
-like \f(CW"sudo sudo /bin/sh"\fR. Note, however, that turning off \fIroot_sudo\fR
-will also prevent root and from running \fBsudoedit\fR.
-Disabling \fIroot_sudo\fR provides no real additional security; it
-exists purely for historical reasons.
-This flag is \fIon\fR by default.
-.IP "log_host" 12
-.IX Item "log_host"
-If set, the hostname will be logged in the (non\-syslog) \fBsudo\fR log file.
-This flag is \fIoff\fR by default.
-.IP "log_year" 12
-.IX Item "log_year"
-If set, the four-digit year will be logged in the (non\-syslog) \fBsudo\fR log file.
-This flag is \fIoff\fR by default.
-.IP "shell_noargs" 12
-.IX Item "shell_noargs"
-If set and \fBsudo\fR is invoked with no arguments it acts as if the
-\&\fB\-s\fR flag had been given. That is, it runs a shell as root (the
-shell is determined by the \f(CW\*(C`SHELL\*(C'\fR environment variable if it is
-set, falling back on the shell listed in the invoking user's
-/etc/passwd entry if not). This flag is \fIoff\fR by default.
-.IP "set_home" 12
-.IX Item "set_home"
-If set and \fBsudo\fR is invoked with the \fB\-s\fR flag the \f(CW\*(C`HOME\*(C'\fR
-environment variable will be set to the home directory of the target
-user (which is root unless the \fB\-u\fR option is used). This effectively
-makes the \fB\-s\fR flag imply \fB\-H\fR. This flag is \fIoff\fR by default.
-.IP "always_set_home" 12
-.IX Item "always_set_home"
-If set, \fBsudo\fR will set the \f(CW\*(C`HOME\*(C'\fR environment variable to the home
-directory of the target user (which is root unless the \fB\-u\fR option is used).
-This effectively means that the \fB\-H\fR flag is always implied.
-This flag is \fIoff\fR by default.
-.IP "path_info" 12
-.IX Item "path_info"
-Normally, \fBsudo\fR will tell the user when a command could not be
-found in their \f(CW\*(C`PATH\*(C'\fR environment variable. Some sites may wish
-to disable this as it could be used to gather information on the
-location of executables that the normal user does not have access
-to. The disadvantage is that if the executable is simply not in
-the user's \f(CW\*(C`PATH\*(C'\fR, \fBsudo\fR will tell the user that they are not
-allowed to run it, which can be confusing. This flag is \fIoff\fR by
-default.
-.IP "preserve_groups" 12
-.IX Item "preserve_groups"
-By default \fBsudo\fR will initialize the group vector to the list of
-groups the target user is in. When \fIpreserve_groups\fR is set, the
-user's existing group vector is left unaltered. The real and
-effective group IDs, however, are still set to match the target
-user. This flag is \fIoff\fR by default.
-.IP "fqdn" 12
-.IX Item "fqdn"
-Set this flag if you want to put fully qualified hostnames in the
-\&\fIsudoers\fR file. I.e., instead of myhost you would use myhost.mydomain.edu.
-You may still use the short form if you wish (and even mix the two).
-Beware that turning on \fIfqdn\fR requires \fBsudo\fR to make \s-1DNS\s0 lookups
-which may make \fBsudo\fR unusable if \s-1DNS\s0 stops working (for example
-if the machine is not plugged into the network). Also note that
-you must use the host's official name as \s-1DNS\s0 knows it. That is,
-you may not use a host alias (\f(CW\*(C`CNAME\*(C'\fR entry) due to performance
-issues and the fact that there is no way to get all aliases from
-\&\s-1DNS\s0. If your machine's hostname (as returned by the \f(CW\*(C`hostname\*(C'\fR
-command) is already fully qualified you shouldn't need to set
-\&\fIfqdn\fR. This flag is \fIoff\fR by default.
-.IP "insults" 12
-.IX Item "insults"
-If set, \fBsudo\fR will insult users when they enter an incorrect
-password. This flag is \fIon\fR by default.
-.IP "requiretty" 12
-.IX Item "requiretty"
-If set, \fBsudo\fR will only run when the user is logged in to a real
-tty. This will disallow things like \f(CW"rsh somehost sudo ls"\fR since
-\&\fIrsh\fR\|(1) does not allocate a tty. Because it is not possible to turn
-off echo when there is no tty present, some sites may wish to set
-this flag to prevent a user from entering a visible password. This
-flag is \fIoff\fR by default.
-.IP "env_editor" 12
-.IX Item "env_editor"
-If set, \fBvisudo\fR will use the value of the \s-1EDITOR\s0 or \s-1VISUAL\s0
-environment variables before falling back on the default editor list.
-Note that this may create a security hole as it allows the user to
-run any arbitrary command as root without logging. A safer alternative
-is to place a colon-separated list of editors in the \f(CW\*(C`editor\*(C'\fR
-variable. \fBvisudo\fR will then only use the \s-1EDITOR\s0 or \s-1VISUAL\s0 if
-they match a value specified in \f(CW\*(C`editor\*(C'\fR. This flag is \f(CW\*(C`on\*(C'\fR by
-default.
-.IP "rootpw" 12
-.IX Item "rootpw"
-If set, \fBsudo\fR will prompt for the root password instead of the password
-of the invoking user. This flag is \fIoff\fR by default.
-.IP "runaspw" 12
-.IX Item "runaspw"
-If set, \fBsudo\fR will prompt for the password of the user defined by the
-\&\fIrunas_default\fR option (defaults to \f(CW\*(C`root\*(C'\fR) instead of the
-password of the invoking user. This flag is \fIoff\fR by default.
-.IP "targetpw" 12
-.IX Item "targetpw"
-If set, \fBsudo\fR will prompt for the password of the user specified by
-the \fB\-u\fR flag (defaults to \f(CW\*(C`root\*(C'\fR) instead of the password of the
-invoking user. Note that this precludes the use of a uid not listed
-in the passwd database as an argument to the \fB\-u\fR flag.
-This flag is \fIoff\fR by default.
-.IP "set_logname" 12
-.IX Item "set_logname"
-Normally, \fBsudo\fR will set the \f(CW\*(C`LOGNAME\*(C'\fR and \f(CW\*(C`USER\*(C'\fR environment variables
-to the name of the target user (usually root unless the \fB\-u\fR flag is given).
-However, since some programs (including the \s-1RCS\s0 revision control system)
-use \f(CW\*(C`LOGNAME\*(C'\fR to determine the real identity of the user, it may be desirable
-to change this behavior. This can be done by negating the set_logname option.
-.IP "stay_setuid" 12
-.IX Item "stay_setuid"
-Normally, when \fBsudo\fR executes a command the real and effective
-UIDs are set to the target user (root by default). This option
-changes that behavior such that the real \s-1UID\s0 is left as the invoking
-user's \s-1UID\s0. In other words, this makes \fBsudo\fR act as a setuid
-wrapper. This can be useful on systems that disable some potentially
-dangerous functionality when a program is run setuid. Note, however,
-that this means that sudo will run with the real uid of the invoking
-user which may allow that user to kill \fBsudo\fR before it can log a
-failure, depending on how your \s-1OS\s0 defines the interaction between
-signals and setuid processes.
-.IP "env_reset" 12
-.IX Item "env_reset"
-If set, \fBsudo\fR will reset the environment to only contain the
-following variables: \f(CW\*(C`HOME\*(C'\fR, \f(CW\*(C`LOGNAME\*(C'\fR, \f(CW\*(C`PATH\*(C'\fR, \f(CW\*(C`SHELL\*(C'\fR, \f(CW\*(C`TERM\*(C'\fR,
-and \f(CW\*(C`USER\*(C'\fR (in addition to the \f(CW\*(C`SUDO_*\*(C'\fR variables).
-Of these, only \f(CW\*(C`TERM\*(C'\fR is copied unaltered from the old environment.
-The other variables are set to default values (possibly modified
-by the value of the \fIset_logname\fR option). If \fBsudo\fR was compiled
-with the \f(CW\*(C`SECURE_PATH\*(C'\fR option, its value will be used for the \f(CW\*(C`PATH\*(C'\fR
-environment variable.
-Other variables may be preserved with the \fIenv_keep\fR option.
-.IP "use_loginclass" 12
-.IX Item "use_loginclass"
-If set, \fBsudo\fR will apply the defaults specified for the target user's
-login class if one exists. Only available if \fBsudo\fR is configured with
-the \-\-with\-logincap option. This flag is \fIoff\fR by default.
-.IP "noexec" 12
-.IX Item "noexec"
-If set, all commands run via sudo will behave as if the \f(CW\*(C`NOEXEC\*(C'\fR
-tag has been set, unless overridden by a \f(CW\*(C`EXEC\*(C'\fR tag. See the
-description of \fI\s-1NOEXEC\s0 and \s-1EXEC\s0\fR below as well as the \*(L"\s-1PREVENTING\s0 \s-1SHELL\s0 \s-1ESCAPES\s0\*(R" section at the end of this manual. This flag is \fIoff\fR by default.
-.IP "ignore_local_sudoers" 12
-.IX Item "ignore_local_sudoers"
-If set via \s-1LDAP\s0, parsing of \f(CW at sysconfdir\fR@/sudoers will be skipped.
-This is intended for an Enterprises that wish to prevent the usage of local
-sudoers files so that only \s-1LDAP\s0 is used. This thwarts the efforts of
-rogue operators who would attempt to add roles to \f(CW at sysconfdir\fR@/sudoers.
-When this option is present, \f(CW at sysconfdir\fR@/sudoers does not even need to exist.
-Since this option tells sudo how to behave when no specific \s-1LDAP\s0 entries
-have been matched, this sudoOption is only meaningful for the cn=defaults
-section. This flag is \fIoff\fR by default.
-.PP
-\&\fBIntegers\fR:
-.IP "passwd_tries" 12
-.IX Item "passwd_tries"
-The number of tries a user gets to enter his/her password before
-\&\fBsudo\fR logs the failure and exits. The default is \f(CW\*(C`3\*(C'\fR.
-.PP
-\&\fBIntegers that can be used in a boolean context\fR:
-.IP "loglinelen" 12
-.IX Item "loglinelen"
-Number of characters per line for the file log. This value is used
-to decide when to wrap lines for nicer log files. This has no
-effect on the syslog log file, only the file log. The default is
-\&\f(CW\*(C`80\*(C'\fR (use 0 or negate the option to disable word wrap).
-.IP "timestamp_timeout" 12
-.IX Item "timestamp_timeout"
-Number of minutes that can elapse before \fBsudo\fR will ask for a
-passwd again. The default is \f(CW\*(C`5\*(C'\fR. Set this to \f(CW0\fR to always
-prompt for a password.
-If set to a value less than \f(CW0\fR the user's timestamp will never
-expire. This can be used to allow users to create or delete their
-own timestamps via \f(CW\*(C`sudo \-v\*(C'\fR and \f(CW\*(C`sudo \-k\*(C'\fR respectively.
-.IP "passwd_timeout" 12
-.IX Item "passwd_timeout"
-Number of minutes before the \fBsudo\fR password prompt times out.
-The default is \f(CW\*(C`5\*(C'\fR, set this to \f(CW0\fR for no password timeout.
-.IP "umask" 12
-.IX Item "umask"
-Umask to use when running the command. Negate this option or set
-it to 0777 to preserve the user's umask. The default is \f(CW\*(C`0022\*(C'\fR.
-.PP
-\&\fBStrings\fR:
-.IP "mailsub" 12
-.IX Item "mailsub"
-Subject of the mail sent to the \fImailto\fR user. The escape \f(CW%h\fR
-will expand to the hostname of the machine.
-Default is \f(CW\*(C`*** SECURITY information for %h ***\*(C'\fR.
-.IP "badpass_message" 12
-.IX Item "badpass_message"
-Message that is displayed if a user enters an incorrect password.
-The default is \f(CW\*(C`Sorry, try again.\*(C'\fR unless insults are enabled.
-.IP "timestampdir" 12
-.IX Item "timestampdir"
-The directory in which \fBsudo\fR stores its timestamp files.
-The default is \fI/var/run/sudo\fR.
-.IP "timestampowner" 12
-.IX Item "timestampowner"
-The owner of the timestamp directory and the timestamps stored therein.
-The default is \f(CW\*(C`root\*(C'\fR.
-.IP "passprompt" 12
-.IX Item "passprompt"
-The default prompt to use when asking for a password; can be overridden
-via the \fB\-p\fR option or the \f(CW\*(C`SUDO_PROMPT\*(C'\fR environment variable.
-The following percent (`\f(CW\*(C`%\*(C'\fR') escapes are supported:
-.RS 12
-.ie n .IP "%u" 8
-.el .IP "\f(CW%u\fR" 8
-.IX Item "%u"
-expanded to the invoking user's login name
-.ie n .IP "%U" 8
-.el .IP "\f(CW%U\fR" 8
-.IX Item "%U"
-expanded to the login name of the user the command will
-be run as (defaults to root)
-.ie n .IP "%h" 8
-.el .IP "\f(CW%h\fR" 8
-.IX Item "%h"
-expanded to the local hostname without the domain name
-.ie n .IP "%H" 8
-.el .IP "\f(CW%H\fR" 8
-.IX Item "%H"
-expanded to the local hostname including the domain name
-(on if the machine's hostname is fully qualified or the \fIfqdn\fR
-option is set)
-.ie n .IP "\*(C`%%\*(C'" 8
-.el .IP "\f(CW\*(C`%%\*(C'\fR" 8
-.IX Item "%%"
-two consecutive \f(CW\*(C`%\*(C'\fR characters are collaped into a single \f(CW\*(C`%\*(C'\fR character
-.RE
-.RS 12
-.Sp
-The default value is \f(CW\*(C`Password:\*(C'\fR.
-.RE
-.IP "runas_default" 12
-.IX Item "runas_default"
-The default user to run commands as if the \fB\-u\fR flag is not specified
-on the command line. This defaults to \f(CW\*(C`root\*(C'\fR.
-Note that if \fIrunas_default\fR is set it \fBmust\fR occur before
-any \f(CW\*(C`Runas_Alias\*(C'\fR specifications.
-.IP "syslog_goodpri" 12
-.IX Item "syslog_goodpri"
-Syslog priority to use when user authenticates successfully.
-Defaults to \f(CW\*(C`notice\*(C'\fR.
-.IP "syslog_badpri" 12
-.IX Item "syslog_badpri"
-Syslog priority to use when user authenticates unsuccessfully.
-Defaults to \f(CW\*(C`alert\*(C'\fR.
-.IP "editor" 12
-.IX Item "editor"
-A colon (':') separated list of editors allowed to be used with
-\&\fBvisudo\fR. \fBvisudo\fR will choose the editor that matches the user's
-\&\s-1USER\s0 environment variable if possible, or the first editor in the
-list that exists and is executable. The default is the path to vi
-on your system.
-.IP "noexec_file" 12
-.IX Item "noexec_file"
-Path to a shared library containing dummy versions of the \fIexecv()\fR,
-\&\fIexecve()\fR and \fIfexecve()\fR library functions that just return an error.
-This is used to implement the \fInoexec\fR functionality on systems that
-support \f(CW\*(C`LD_PRELOAD\*(C'\fR or its equivalent. Defaults to \fI/usr/libexec/sudo_noexec.so\fR.
-.PP
-\&\fBStrings that can be used in a boolean context\fR:
-.IP "lecture" 12
-.IX Item "lecture"
-This option controls when a short lecture will be printed along with
-the password prompt. It has the following possible values:
-.RS 12
-.IP "never" 8
-.IX Item "never"
-Never lecture the user.
-.IP "once" 8
-.IX Item "once"
-Only lecture the user the first time they run \fBsudo\fR.
-.IP "always" 8
-.IX Item "always"
-Always lecture the user.
-.RE
-.RS 12
-.Sp
-If no value is specified, a value of \fIonce\fR is implied.
-Negating the option results in a value of \fInever\fR being used.
-The default value is \fIonce\fR.
-.RE
-.IP "lecture_file" 12
-.IX Item "lecture_file"
-Path to a file containing an alternate sudo lecture that will
-be used in place of the standard lecture if the named file exists.
-.IP "logfile" 12
-.IX Item "logfile"
-Path to the \fBsudo\fR log file (not the syslog log file). Setting a path
-turns on logging to a file; negating this option turns it off.
-.IP "syslog" 12
-.IX Item "syslog"
-Syslog facility if syslog is being used for logging (negate to
-disable syslog logging). Defaults to \f(CW\*(C`authpriv\*(C'\fR.
-.IP "mailerpath" 12
-.IX Item "mailerpath"
-Path to mail program used to send warning mail.
-Defaults to the path to sendmail found at configure time.
-.IP "mailerflags" 12
-.IX Item "mailerflags"
-Flags to use when invoking mailer. Defaults to \fB\-t\fR.
-.IP "mailto" 12
-.IX Item "mailto"
-Address to send warning and error mail to. The address should
-be enclosed in double quotes (\f(CW\*(C`"\*(C'\fR) to protect against sudo
-interpreting the \f(CW\*(C`@\*(C'\fR sign. Defaults to \f(CW\*(C`root\*(C'\fR.
-.IP "exempt_group" 12
-.IX Item "exempt_group"
-Users in this group are exempt from password and \s-1PATH\s0 requirements.
-This is not set by default.
-.IP "verifypw" 12
-.IX Item "verifypw"
-This option controls when a password will be required when a user runs
-\&\fBsudo\fR with the \fB\-v\fR flag. It has the following possible values:
-.RS 12
-.IP "all" 8
-.IX Item "all"
-All the user's \fIsudoers\fR entries for the current host must have
-the \f(CW\*(C`NOPASSWD\*(C'\fR flag set to avoid entering a password.
-.IP "any" 8
-.IX Item "any"
-At least one of the user's \fIsudoers\fR entries for the current host
-must have the \f(CW\*(C`NOPASSWD\*(C'\fR flag set to avoid entering a password.
-.IP "never" 8
-.IX Item "never"
-The user need never enter a password to use the \fB\-v\fR flag.
-.IP "always" 8
-.IX Item "always"
-The user must always enter a password to use the \fB\-v\fR flag.
-.RE
-.RS 12
-.Sp
-If no value is specified, a value of \fIall\fR is implied.
-Negating the option results in a value of \fInever\fR being used.
-The default value is \fIall\fR.
-.RE
-.IP "listpw" 12
-.IX Item "listpw"
-This option controls when a password will be required when a
-user runs \fBsudo\fR with the \fB\-l\fR flag. It has the following possible values:
-.RS 12
-.IP "all" 8
-.IX Item "all"
-All the user's \fIsudoers\fR entries for the current host must have
-the \f(CW\*(C`NOPASSWD\*(C'\fR flag set to avoid entering a password.
-.IP "any" 8
-.IX Item "any"
-At least one of the user's \fIsudoers\fR entries for the current host
-must have the \f(CW\*(C`NOPASSWD\*(C'\fR flag set to avoid entering a password.
-.IP "never" 8
-.IX Item "never"
-The user need never enter a password to use the \fB\-l\fR flag.
-.IP "always" 8
-.IX Item "always"
-The user must always enter a password to use the \fB\-l\fR flag.
-.RE
-.RS 12
-.Sp
-If no value is specified, a value of \fIany\fR is implied.
-Negating the option results in a value of \fInever\fR being used.
-The default value is \fIany\fR.
-.RE
-.PP
-\&\fBLists that can be used in a boolean context\fR:
-.IP "env_check" 12
-.IX Item "env_check"
-Environment variables to be removed from the user's environment if
-the variable's value contains \f(CW\*(C`%\*(C'\fR or \f(CW\*(C`/\*(C'\fR characters. This can
-be used to guard against printf-style format vulnerabilities in
-poorly-written programs. The argument may be a double\-quoted,
-space-separated list or a single value without double\-quotes. The
-list can be replaced, added to, deleted from, or disabled by using
-the \f(CW\*(C`=\*(C'\fR, \f(CW\*(C`+=\*(C'\fR, \f(CW\*(C`\-=\*(C'\fR, and \f(CW\*(C`!\*(C'\fR operators respectively. The default
-list of environment variables to check is printed when \fBsudo\fR is
-run by root with the \fI\-V\fR option.
-.IP "env_delete" 12
-.IX Item "env_delete"
-Environment variables to be removed from the user's environment.
-The argument may be a double\-quoted, space-separated list or a
-single value without double\-quotes. The list can be replaced, added
-to, deleted from, or disabled by using the \f(CW\*(C`=\*(C'\fR, \f(CW\*(C`+=\*(C'\fR, \f(CW\*(C`\-=\*(C'\fR, and
-\&\f(CW\*(C`!\*(C'\fR operators respectively. The default list of environment
-variables to remove is printed when \fBsudo\fR is run by root with the
-\&\fI\-V\fR option. Note that many operating systems will remove potentially
-dangerous variables from the environment of any setuid process (such
-as \fBsudo\fR).
-.IP "env_keep" 12
-.IX Item "env_keep"
-Environment variables to be preserved in the user's environment
-when the \fIenv_reset\fR option is in effect. This allows fine-grained
-control over the environment \fBsudo\fR\-spawned processes will receive.
-The argument may be a double\-quoted, space-separated list or a
-single value without double\-quotes. The list can be replaced, added
-to, deleted from, or disabled by using the \f(CW\*(C`=\*(C'\fR, \f(CW\*(C`+=\*(C'\fR, \f(CW\*(C`\-=\*(C'\fR, and
-\&\f(CW\*(C`!\*(C'\fR operators respectively. This list has no default members.
-.PP
-When logging via \fIsyslog\fR\|(3), \fBsudo\fR accepts the following values
-for the syslog facility (the value of the \fBsyslog\fR Parameter):
-\&\fBauthpriv\fR (if your \s-1OS\s0 supports it), \fBauth\fR, \fBdaemon\fR, \fBuser\fR,
-\&\fBlocal0\fR, \fBlocal1\fR, \fBlocal2\fR, \fBlocal3\fR, \fBlocal4\fR, \fBlocal5\fR,
-\&\fBlocal6\fR, and \fBlocal7\fR. The following syslog priorities are
-supported: \fBalert\fR, \fBcrit\fR, \fBdebug\fR, \fBemerg\fR, \fBerr\fR, \fBinfo\fR,
-\&\fBnotice\fR, and \fBwarning\fR.
-.Sh "User Specification"
-.IX Subsection "User Specification"
-.Vb 2
-\& User_Spec ::= User_List Host_List '=' Cmnd_Spec_List \e
-\& (':' Host_List '=' Cmnd_Spec_List)*
-.Ve
-.PP
-.Vb 2
-\& Cmnd_Spec_List ::= Cmnd_Spec |
-\& Cmnd_Spec ',' Cmnd_Spec_List
-.Ve
-.PP
-.Vb 1
-\& Cmnd_Spec ::= Runas_Spec? Tag_Spec* Cmnd
-.Ve
-.PP
-.Vb 1
-\& Runas_Spec ::= '(' Runas_List ')'
-.Ve
-.PP
-.Vb 1
-\& Tag_Spec ::= ('NOPASSWD:' | 'PASSWD:' | 'NOEXEC:' | 'EXEC:')
-.Ve
-.PP
-A \fBuser specification\fR determines which commands a user may run
-(and as what user) on specified hosts. By default, commands are
-run as \fBroot\fR, but this can be changed on a per-command basis.
-.PP
-Let's break that down into its constituent parts:
-.Sh "Runas_Spec"
-.IX Subsection "Runas_Spec"
-A \f(CW\*(C`Runas_Spec\*(C'\fR is simply a \f(CW\*(C`Runas_List\*(C'\fR (as defined above)
-enclosed in a set of parentheses. If you do not specify a
-\&\f(CW\*(C`Runas_Spec\*(C'\fR in the user specification, a default \f(CW\*(C`Runas_Spec\*(C'\fR
-of \fBroot\fR will be used. A \f(CW\*(C`Runas_Spec\*(C'\fR sets the default for
-commands that follow it. What this means is that for the entry:
-.PP
-.Vb 1
-\& dgb boulder = (operator) /bin/ls, /bin/kill, /usr/bin/lprm
-.Ve
-.PP
-The user \fBdgb\fR may run \fI/bin/ls\fR, \fI/bin/kill\fR, and
-\&\fI/usr/bin/lprm\fR \*(-- but only as \fBoperator\fR. E.g.,
-.PP
-.Vb 1
-\& $ sudo -u operator /bin/ls.
-.Ve
-.PP
-It is also possible to override a \f(CW\*(C`Runas_Spec\*(C'\fR later on in an
-entry. If we modify the entry like so:
-.PP
-.Vb 1
-\& dgb boulder = (operator) /bin/ls, (root) /bin/kill, /usr/bin/lprm
-.Ve
-.PP
-Then user \fBdgb\fR is now allowed to run \fI/bin/ls\fR as \fBoperator\fR,
-but \fI/bin/kill\fR and \fI/usr/bin/lprm\fR as \fBroot\fR.
-.Sh "Tag_Spec"
-.IX Subsection "Tag_Spec"
-A command may have zero or more tags associated with it. There are
-four possible tag values, \f(CW\*(C`NOPASSWD\*(C'\fR, \f(CW\*(C`PASSWD\*(C'\fR, \f(CW\*(C`NOEXEC\*(C'\fR, \f(CW\*(C`EXEC\*(C'\fR.
-Once a tag is set on a \f(CW\*(C`Cmnd\*(C'\fR, subsequent \f(CW\*(C`Cmnd\*(C'\fRs in the
-\&\f(CW\*(C`Cmnd_Spec_List\*(C'\fR, inherit the tag unless it is overridden by the
-opposite tag (ie: \f(CW\*(C`PASSWD\*(C'\fR overrides \f(CW\*(C`NOPASSWD\*(C'\fR and \f(CW\*(C`EXEC\*(C'\fR
-overrides \f(CW\*(C`NOEXEC\*(C'\fR).
-.PP
-\fI\s-1NOPASSWD\s0 and \s-1PASSWD\s0\fR
-.IX Subsection "NOPASSWD and PASSWD"
-.PP
-By default, \fBsudo\fR requires that a user authenticate him or herself
-before running a command. This behavior can be modified via the
-\&\f(CW\*(C`NOPASSWD\*(C'\fR tag. Like a \f(CW\*(C`Runas_Spec\*(C'\fR, the \f(CW\*(C`NOPASSWD\*(C'\fR tag sets
-a default for the commands that follow it in the \f(CW\*(C`Cmnd_Spec_List\*(C'\fR.
-Conversely, the \f(CW\*(C`PASSWD\*(C'\fR tag can be used to reverse things.
-For example:
-.PP
-.Vb 1
-\& ray rushmore = NOPASSWD: /bin/kill, /bin/ls, /usr/bin/lprm
-.Ve
-.PP
-would allow the user \fBray\fR to run \fI/bin/kill\fR, \fI/bin/ls\fR, and
-\&\fI/usr/bin/lprm\fR as root on the machine rushmore as \fBroot\fR without
-authenticating himself. If we only want \fBray\fR to be able to
-run \fI/bin/kill\fR without a password the entry would be:
-.PP
-.Vb 1
-\& ray rushmore = NOPASSWD: /bin/kill, PASSWD: /bin/ls, /usr/bin/lprm
-.Ve
-.PP
-Note, however, that the \f(CW\*(C`PASSWD\*(C'\fR tag has no effect on users who are
-in the group specified by the exempt_group option.
-.PP
-By default, if the \f(CW\*(C`NOPASSWD\*(C'\fR tag is applied to any of the entries
-for a user on the current host, he or she will be able to run
-\&\f(CW\*(C`sudo \-l\*(C'\fR without a password. Additionally, a user may only run
-\&\f(CW\*(C`sudo \-v\*(C'\fR without a password if the \f(CW\*(C`NOPASSWD\*(C'\fR tag is present
-for all a user's entries that pertain to the current host.
-This behavior may be overridden via the verifypw and listpw options.
-.PP
-\fI\s-1NOEXEC\s0 and \s-1EXEC\s0\fR
-.IX Subsection "NOEXEC and EXEC"
-.PP
-If sudo has been compiled with \fInoexec\fR support and the underlying
-operating system support it, the \f(CW\*(C`NOEXEC\*(C'\fR tag can be used to prevent
-a dynamically-linked executable from running further commands itself.
-.PP
-In the following example, user \fBaaron\fR may run \fI/usr/bin/more\fR
-and \fI/usr/bin/vi\fR but shell escapes will be disabled.
-.PP
-.Vb 1
-\& aaron shanty = NOEXEC: /usr/bin/more, /usr/bin/vi
-.Ve
-.PP
-See the \*(L"\s-1PREVENTING\s0 \s-1SHELL\s0 \s-1ESCAPES\s0\*(R" section below for more details
-on how \fInoexec\fR works and whether or not it will work on your system.
-.Sh "Wildcards"
-.IX Subsection "Wildcards"
-\&\fBsudo\fR allows shell-style \fIwildcards\fR (aka meta or glob characters)
-to be used in pathnames as well as command line arguments in the
-\&\fIsudoers\fR file. Wildcard matching is done via the \fB\s-1POSIX\s0\fR
-\&\fIfnmatch\fR\|(3) routine. Note that these are \fInot\fR regular expressions.
-.ie n .IP "\*(C`*\*(C'" 8
-.el .IP "\f(CW\*(C`*\*(C'\fR" 8
-.IX Item "*"
-Matches any set of zero or more characters.
-.ie n .IP "\*(C`?\*(C'" 8
-.el .IP "\f(CW\*(C`?\*(C'\fR" 8
-.IX Item "?"
-Matches any single character.
-.ie n .IP "\*(C`[...]\*(C'" 8
-.el .IP "\f(CW\*(C`[...]\*(C'\fR" 8
-.IX Item "[...]"
-Matches any character in the specified range.
-.ie n .IP "\*(C`[!...]\*(C'" 8
-.el .IP "\f(CW\*(C`[!...]\*(C'\fR" 8
-.IX Item "[!...]"
-Matches any character \fBnot\fR in the specified range.
-.ie n .IP "\*(C`\ex\*(C'" 8
-.el .IP "\f(CW\*(C`\ex\*(C'\fR" 8
-.IX Item "x"
-For any character \*(L"x\*(R", evaluates to \*(L"x\*(R". This is used to
-escape special characters such as: \*(L"*\*(R", \*(L"?\*(R", \*(L"[\*(R", and \*(L"}\*(R".
-.PP
-Note that a forward slash ('/') will \fBnot\fR be matched by
-wildcards used in the pathname. When matching the command
-line arguments, however, a slash \fBdoes\fR get matched by
-wildcards. This is to make a path like:
-.PP
-.Vb 1
-\& /usr/bin/*
-.Ve
-.PP
-match \fI/usr/bin/who\fR but not \fI/usr/bin/X11/xterm\fR.
-.PP
-\&\s-1WARNING:\s0 a pathname with wildcards will \fBnot\fR match a user command
-that consists of a relative path. In other words, given the
-following \fIsudoers\fR entry:
-.PP
-.Vb 1
-\& billy workstation = /usr/bin/*
-.Ve
-.PP
-user billy will be able to run any command in /usr/bin as root, such
-as \fI/usr/bin/w\fR. The following two command will be allowed (the first
-assumes that \fI/usr/bin\fR is in the user's path):
-.PP
-.Vb 2
-\& $ sudo w
-\& $ sudo /usr/bin/w
-.Ve
-.PP
-However, this will not:
-.PP
-.Vb 2
-\& $ cd /usr/bin
-\& $ sudo ./w
-.Ve
-.PP
-For this reason you should only \fBgrant\fR access to commands using
-wildcards and never \fBrestrict\fR access using them. This limitation
-will be removed in a future version of \fBsudo\fR.
-.Sh "Exceptions to wildcard rules"
-.IX Subsection "Exceptions to wildcard rules"
-The following exceptions apply to the above rules:
-.ie n .IP """""" 8
-.el .IP "\f(CW``''\fR" 8
-.IX Item """"""
-If the empty string \f(CW""\fR is the only command line argument in the
-\&\fIsudoers\fR entry it means that command is not allowed to be run
-with \fBany\fR arguments.
-.Sh "Other special characters and reserved words"
-.IX Subsection "Other special characters and reserved words"
-The pound sign ('#') is used to indicate a comment (unless it
-occurs in the context of a user name and is followed by one or
-more digits, in which case it is treated as a uid). Both the
-comment character and any text after it, up to the end of the line,
-are ignored.
-.PP
-The reserved word \fB\s-1ALL\s0\fR is a built-in \fIalias\fR that always causes
-a match to succeed. It can be used wherever one might otherwise
-use a \f(CW\*(C`Cmnd_Alias\*(C'\fR, \f(CW\*(C`User_Alias\*(C'\fR, \f(CW\*(C`Runas_Alias\*(C'\fR, or \f(CW\*(C`Host_Alias\*(C'\fR.
-You should not try to define your own \fIalias\fR called \fB\s-1ALL\s0\fR as the
-built-in alias will be used in preference to your own. Please note
-that using \fB\s-1ALL\s0\fR can be dangerous since in a command context, it
-allows the user to run \fBany\fR command on the system.
-.PP
-An exclamation point ('!') can be used as a logical \fInot\fR operator
-both in an \fIalias\fR and in front of a \f(CW\*(C`Cmnd\*(C'\fR. This allows one to
-exclude certain values. Note, however, that using a \f(CW\*(C`!\*(C'\fR in
-conjunction with the built-in \f(CW\*(C`ALL\*(C'\fR alias to allow a user to
-run \*(L"all but a few\*(R" commands rarely works as intended (see \s-1SECURITY\s0
-\&\s-1NOTES\s0 below).
-.PP
-Long lines can be continued with a backslash ('\e') as the last
-character on the line.
-.PP
-Whitespace between elements in a list as well as special syntactic
-characters in a \fIUser Specification\fR ('=', ':', '(', ')') is optional.
-.PP
-The following characters must be escaped with a backslash ('\e') when
-used as part of a word (e.g. a username or hostname):
-\&'@', '!', '=', ':', ',', '(', ')', '\e'.
-.SH "FILES"
-.IX Header "FILES"
-.Vb 3
-\& /etc/sudoers List of who can run what
-\& /etc/group Local groups file
-\& /etc/netgroup List of network groups
-.Ve
-.SH "EXAMPLES"
-.IX Header "EXAMPLES"
-Since the \fIsudoers\fR file is parsed in a single pass, order is
-important. In general, you should structure \fIsudoers\fR such that
-the \f(CW\*(C`Host_Alias\*(C'\fR, \f(CW\*(C`User_Alias\*(C'\fR, and \f(CW\*(C`Cmnd_Alias\*(C'\fR specifications
-come first, followed by any \f(CW\*(C`Default_Entry\*(C'\fR lines, and finally the
-\&\f(CW\*(C`Runas_Alias\*(C'\fR and user specifications. The basic rule of thumb
-is you cannot reference an Alias that has not already been defined.
-.PP
-Below are example \fIsudoers\fR entries. Admittedly, some of
-these are a bit contrived. First, we define our \fIaliases\fR:
-.PP
-.Vb 4
-\& # User alias specification
-\& User_Alias FULLTIMERS = millert, mikef, dowdy
-\& User_Alias PARTTIMERS = bostley, jwfox, crawl
-\& User_Alias WEBMASTERS = will, wendy, wim
-.Ve
-.PP
-.Vb 3
-\& # Runas alias specification
-\& Runas_Alias OP = root, operator
-\& Runas_Alias DB = oracle, sybase
-.Ve
-.PP
-.Vb 9
-\& # Host alias specification
-\& Host_Alias SPARC = bigtime, eclipse, moet, anchor :\e
-\& SGI = grolsch, dandelion, black :\e
-\& ALPHA = widget, thalamus, foobar :\e
-\& HPPA = boa, nag, python
-\& Host_Alias CUNETS = 128.138.0.0/255.255.0.0
-\& Host_Alias CSNETS = 128.138.243.0, 128.138.204.0/24, 128.138.242.0
-\& Host_Alias SERVERS = master, mail, www, ns
-\& Host_Alias CDROM = orion, perseus, hercules
-.Ve
-.PP
-.Vb 12
-\& # Cmnd alias specification
-\& Cmnd_Alias DUMPS = /usr/bin/mt, /usr/sbin/dump, /usr/sbin/rdump,\e
-\& /usr/sbin/restore, /usr/sbin/rrestore
-\& Cmnd_Alias KILL = /usr/bin/kill
-\& Cmnd_Alias PRINTING = /usr/sbin/lpc, /usr/bin/lprm
-\& Cmnd_Alias SHUTDOWN = /usr/sbin/shutdown
-\& Cmnd_Alias HALT = /usr/sbin/halt
-\& Cmnd_Alias REBOOT = /usr/sbin/reboot
-\& Cmnd_Alias SHELLS = /usr/bin/sh, /usr/bin/csh, /usr/bin/ksh, \e
-\& /usr/local/bin/tcsh, /usr/bin/rsh, \e
-\& /usr/local/bin/zsh
-\& Cmnd_Alias SU = /usr/bin/su
-.Ve
-.PP
-Here we override some of the compiled in default values. We want
-\&\fBsudo\fR to log via \fIsyslog\fR\|(3) using the \fIauth\fR facility in all
-cases. We don't want to subject the full time staff to the \fBsudo\fR
-lecture, user \fBmillert\fR need not give a password, and we don't
-want to reset the \f(CW\*(C`LOGNAME\*(C'\fR or \f(CW\*(C`USER\*(C'\fR environment variables when
-running commands as root. Additionally, on the machines in the
-\&\fI\s-1SERVERS\s0\fR \f(CW\*(C`Host_Alias\*(C'\fR, we keep an additional local log file and
-make sure we log the year in each log line since the log entries
-will be kept around for several years.
-.PP
-.Vb 6
-\& # Override built-in defaults
-\& Defaults syslog=auth
-\& Defaults>root !set_logname
-\& Defaults:FULLTIMERS !lecture
-\& Defaults:millert !authenticate
-\& Defaults at SERVERS log_year, logfile=/var/log/sudo.log
-.Ve
-.PP
-The \fIUser specification\fR is the part that actually determines who may
-run what.
-.PP
-.Vb 2
-\& root ALL = (ALL) ALL
-\& %wheel ALL = (ALL) ALL
-.Ve
-.PP
-We let \fBroot\fR and any user in group \fBwheel\fR run any command on any
-host as any user.
-.PP
-.Vb 1
-\& FULLTIMERS ALL = NOPASSWD: ALL
-.Ve
-.PP
-Full time sysadmins (\fBmillert\fR, \fBmikef\fR, and \fBdowdy\fR) may run any
-command on any host without authenticating themselves.
-.PP
-.Vb 1
-\& PARTTIMERS ALL = ALL
-.Ve
-.PP
-Part time sysadmins (\fBbostley\fR, \fBjwfox\fR, and \fBcrawl\fR) may run any
-command on any host but they must authenticate themselves first
-(since the entry lacks the \f(CW\*(C`NOPASSWD\*(C'\fR tag).
-.PP
-.Vb 1
-\& jack CSNETS = ALL
-.Ve
-.PP
-The user \fBjack\fR may run any command on the machines in the \fI\s-1CSNETS\s0\fR alias
-(the networks \f(CW128.138.243.0\fR, \f(CW128.138.204.0\fR, and \f(CW128.138.242.0\fR).
-Of those networks, only \f(CW128.138.204.0\fR has an explicit netmask (in
-\&\s-1CIDR\s0 notation) indicating it is a class C network. For the other
-networks in \fI\s-1CSNETS\s0\fR, the local machine's netmask will be used
-during matching.
-.PP
-.Vb 1
-\& lisa CUNETS = ALL
-.Ve
-.PP
-The user \fBlisa\fR may run any command on any host in the \fI\s-1CUNETS\s0\fR alias
-(the class B network \f(CW128.138.0.0\fR).
-.PP
-.Vb 2
-\& operator ALL = DUMPS, KILL, SHUTDOWN, HALT, REBOOT, PRINTING,\e
-\& sudoedit /etc/printcap, /usr/oper/bin/
-.Ve
-.PP
-The \fBoperator\fR user may run commands limited to simple maintenance.
-Here, those are commands related to backups, killing processes, the
-printing system, shutting down the system, and any commands in the
-directory \fI/usr/oper/bin/\fR.
-.PP
-.Vb 1
-\& joe ALL = /usr/bin/su operator
-.Ve
-.PP
-The user \fBjoe\fR may only \fIsu\fR\|(1) to operator.
-.PP
-.Vb 1
-\& pete HPPA = /usr/bin/passwd [A-z]*, !/usr/bin/passwd root
-.Ve
-.PP
-The user \fBpete\fR is allowed to change anyone's password except for
-root on the \fI\s-1HPPA\s0\fR machines. Note that this assumes \fIpasswd\fR\|(1)
-does not take multiple usernames on the command line.
-.PP
-.Vb 1
-\& bob SPARC = (OP) ALL : SGI = (OP) ALL
-.Ve
-.PP
-The user \fBbob\fR may run anything on the \fI\s-1SPARC\s0\fR and \fI\s-1SGI\s0\fR machines
-as any user listed in the \fI\s-1OP\s0\fR \f(CW\*(C`Runas_Alias\*(C'\fR (\fBroot\fR and \fBoperator\fR).
-.PP
-.Vb 1
-\& jim +biglab = ALL
-.Ve
-.PP
-The user \fBjim\fR may run any command on machines in the \fIbiglab\fR netgroup.
-\&\fBSudo\fR knows that \*(L"biglab\*(R" is a netgroup due to the '+' prefix.
-.PP
-.Vb 1
-\& +secretaries ALL = PRINTING, /usr/bin/adduser, /usr/bin/rmuser
-.Ve
-.PP
-Users in the \fBsecretaries\fR netgroup need to help manage the printers
-as well as add and remove users, so they are allowed to run those
-commands on all machines.
-.PP
-.Vb 1
-\& fred ALL = (DB) NOPASSWD: ALL
-.Ve
-.PP
-The user \fBfred\fR can run commands as any user in the \fI\s-1DB\s0\fR \f(CW\*(C`Runas_Alias\*(C'\fR
-(\fBoracle\fR or \fBsybase\fR) without giving a password.
-.PP
-.Vb 1
-\& john ALPHA = /usr/bin/su [!-]*, !/usr/bin/su *root*
-.Ve
-.PP
-On the \fI\s-1ALPHA\s0\fR machines, user \fBjohn\fR may su to anyone except root
-but he is not allowed to give \fIsu\fR\|(1) any flags.
-.PP
-.Vb 1
-\& jen ALL, !SERVERS = ALL
-.Ve
-.PP
-The user \fBjen\fR may run any command on any machine except for those
-in the \fI\s-1SERVERS\s0\fR \f(CW\*(C`Host_Alias\*(C'\fR (master, mail, www and ns).
-.PP
-.Vb 1
-\& jill SERVERS = /usr/bin/, !SU, !SHELLS
-.Ve
-.PP
-For any machine in the \fI\s-1SERVERS\s0\fR \f(CW\*(C`Host_Alias\*(C'\fR, \fBjill\fR may run
-any commands in the directory /usr/bin/ except for those commands
-belonging to the \fI\s-1SU\s0\fR and \fI\s-1SHELLS\s0\fR \f(CW\*(C`Cmnd_Aliases\*(C'\fR.
-.PP
-.Vb 1
-\& steve CSNETS = (operator) /usr/local/op_commands/
-.Ve
-.PP
-The user \fBsteve\fR may run any command in the directory /usr/local/op_commands/
-but only as user operator.
-.PP
-.Vb 1
-\& matt valkyrie = KILL
-.Ve
-.PP
-On his personal workstation, valkyrie, \fBmatt\fR needs to be able to
-kill hung processes.
-.PP
-.Vb 1
-\& WEBMASTERS www = (www) ALL, (root) /usr/bin/su www
-.Ve
-.PP
-On the host www, any user in the \fI\s-1WEBMASTERS\s0\fR \f(CW\*(C`User_Alias\*(C'\fR (will,
-wendy, and wim), may run any command as user www (which owns the
-web pages) or simply \fIsu\fR\|(1) to www.
-.PP
-.Vb 2
-\& ALL CDROM = NOPASSWD: /sbin/umount /CDROM,\e
-\& /sbin/mount -o nosuid\e,nodev /dev/cd0a /CDROM
-.Ve
-.PP
-Any user may mount or unmount a CD-ROM on the machines in the \s-1CDROM\s0
-\&\f(CW\*(C`Host_Alias\*(C'\fR (orion, perseus, hercules) without entering a password.
-This is a bit tedious for users to type, so it is a prime candidate
-for encapsulating in a shell script.
-.SH "SECURITY NOTES"
-.IX Header "SECURITY NOTES"
-It is generally not effective to \*(L"subtract\*(R" commands from \f(CW\*(C`ALL\*(C'\fR
-using the '!' operator. A user can trivially circumvent this
-by copying the desired command to a different name and then
-executing that. For example:
-.PP
-.Vb 1
-\& bill ALL = ALL, !SU, !SHELLS
-.Ve
-.PP
-Doesn't really prevent \fBbill\fR from running the commands listed in
-\&\fI\s-1SU\s0\fR or \fI\s-1SHELLS\s0\fR since he can simply copy those commands to a
-different name, or use a shell escape from an editor or other
-program. Therefore, these kind of restrictions should be considered
-advisory at best (and reinforced by policy).
-.SH "PREVENTING SHELL ESCAPES"
-.IX Header "PREVENTING SHELL ESCAPES"
-Once \fBsudo\fR executes a program, that program is free to do whatever
-it pleases, including run other programs. This can be a security
-issue since it is not uncommon for a program to allow shell escapes,
-which lets a user bypass \fBsudo\fR's restrictions. Common programs
-that permit shell escapes include shells (obviously), editors,
-paginators, mail and terminal programs.
-.PP
-Many systems that support shared libraries have the ability to
-override default library functions by pointing an environment
-variable (usually \f(CW\*(C`LD_PRELOAD\*(C'\fR) to an alternate shared library.
-On such systems, \fBsudo\fR's \fInoexec\fR functionality can be used to
-prevent a program run by sudo from executing any other programs.
-Note, however, that this applies only to native dynamically-linked
-executables. Statically-linked executables and foreign executables
-running under binary emulation are not affected.
-.PP
-To tell whether or not \fBsudo\fR supports \fInoexec\fR, you can run
-the following as root:
-.PP
-.Vb 1
-\& sudo -V | grep "dummy exec"
-.Ve
-.PP
-If the resulting output contains a line that begins with:
-.PP
-.Vb 1
-\& File containing dummy exec functions:
-.Ve
-.PP
-then \fBsudo\fR may be able to replace the exec family of functions
-in the standard library with its own that simply return an error.
-Unfortunately, there is no foolproof way to know whether or not
-\&\fInoexec\fR will work at compile\-time. \fINoexec\fR should work on
-SunOS, Solaris, *BSD, Linux, \s-1IRIX\s0, Tru64 \s-1UNIX\s0, MacOS X, and HP-UX
-11.x. It is known \fBnot\fR to work on \s-1AIX\s0 and UnixWare. \fINoexec\fR
-is expected to work on most operating systems that support the
-\&\f(CW\*(C`LD_PRELOAD\*(C'\fR environment variable. Check your operating system's
-manual pages for the dynamic linker (usually ld.so, ld.so.1, dyld,
-dld.sl, rld, or loader) to see if \f(CW\*(C`LD_PRELOAD\*(C'\fR is supported.
-.PP
-To enable \fInoexec\fR for a command, use the \f(CW\*(C`NOEXEC\*(C'\fR tag as documented
-in the User Specification section above. Here is that example again:
-.PP
-.Vb 1
-\& aaron shanty = NOEXEC: /usr/bin/more, /usr/bin/vi
-.Ve
-.PP
-This allows user \fBaaron\fR to run \fI/usr/bin/more\fR and \fI/usr/bin/vi\fR
-with \fInoexec\fR enabled. This will prevent those two commands from
-executing other commands (such as a shell). If you are unsure
-whether or not your system is capable of supporting \fInoexec\fR you
-can always just try it out and see if it works.
-.PP
-Note that disabling shell escapes is not a panacea. Programs running
-as root are still capable of many potentially hazardous operations
-(such as changing or overwriting files) that could lead to unintended
-privilege escalation. In the specific case of an editor, a safer
-approach is to give the user permission to run \fBsudoedit\fR.
-.SH "SEE ALSO"
-.IX Header "SEE ALSO"
-\&\fIrsh\fR\|(1), \fIsu\fR\|(1), \fIfnmatch\fR\|(3), sudo(8), visudo(8)
-.SH "CAVEATS"
-.IX Header "CAVEATS"
-The \fIsudoers\fR file should \fBalways\fR be edited by the \fBvisudo\fR
-command which locks the file and does grammatical checking. It is
-imperative that \fIsudoers\fR be free of syntax errors since \fBsudo\fR
-will not run with a syntactically incorrect \fIsudoers\fR file.
-.PP
-When using netgroups of machines (as opposed to users), if you
-store fully qualified hostnames in the netgroup (as is usually the
-case), you either need to have the machine's hostname be fully qualified
-as returned by the \f(CW\*(C`hostname\*(C'\fR command or use the \fIfqdn\fR option in
-\&\fIsudoers\fR.
-.SH "BUGS"
-.IX Header "BUGS"
-If you feel you have found a bug in \fBsudo\fR, please submit a bug report
-at http://www.sudo.ws/sudo/bugs/
-.SH "SUPPORT"
-.IX Header "SUPPORT"
-Commercial support is available for \fBsudo\fR, see
-http://www.sudo.ws/sudo/support.html for details.
-.PP
-Limited free support is available via the sudo-users mailing list,
-see http://www.sudo.ws/mailman/listinfo/sudo\-users to subscribe or
-search the archives.
-.SH "DISCLAIMER"
-.IX Header "DISCLAIMER"
-\&\fBSudo\fR is provided ``\s-1AS\s0 \s-1IS\s0'' and any express or implied warranties,
-including, but not limited to, the implied warranties of merchantability
-and fitness for a particular purpose are disclaimed. See the \s-1LICENSE\s0
-file distributed with \fBsudo\fR or http://www.sudo.ws/sudo/license.html
-for complete details.
Modified: trunk/contrib/sudo/sudoers.cat
===================================================================
--- trunk/contrib/sudo/sudoers.cat 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudoers.cat 2014-10-02 03:20:49 UTC (rev 6803)
@@ -61,7 +61,7 @@
-1.7.4 January 12, 2011 1
+1.7.5rc1 February 21, 2011 1
@@ -127,7 +127,7 @@
-1.7.4 January 12, 2011 2
+1.7.5rc1 February 21, 2011 2
@@ -193,7 +193,7 @@
-1.7.4 January 12, 2011 3
+1.7.5rc1 February 21, 2011 3
@@ -259,7 +259,7 @@
-1.7.4 January 12, 2011 4
+1.7.5rc1 February 21, 2011 4
@@ -320,12 +320,12 @@
The user d�dg�gb�b may run _�/_�b_�i_�n_�/_�l_�s, _�/_�b_�i_�n_�/_�k_�i_�l_�l, and _�/_�u_�s_�r_�/_�b_�i_�n_�/_�l_�p_�r_�m -- but only
as o�op�pe�er�ra�at�to�or�r. E.g.,
- $ sudo -u operator /bin/ls.
+ $ sudo -u operator /bin/ls
-1.7.4 January 12, 2011 5
+1.7.5rc1 February 21, 2011 5
@@ -348,13 +348,36 @@
dgb boulder = (operator : operator) /bin/ls, (root) /bin/kill, \
/usr/bin/lprm
+ Note that while the group portion of the Runas_Spec permits the user to
+ run as command with that group, it does not force the user to do so.
+ If no group is specified on the command line, the command will run with
+ the group listed in the target user's password database entry. The
+ following would all be permitted by the sudoers entry above:
+
+ $ sudo -u operator /bin/ls
+ $ sudo -u operator -g operator /bin/ls
+ $ sudo -g operator /bin/ls
+
In the following example, user t�tc�cm�m may run commands that access a modem
- device file with the dialer group. Note that in this example only the
- group will be set, the command still runs as user t�tc�cm�m.
+ device file with the dialer group.
tcm boulder = (:dialer) /usr/bin/tip, /usr/bin/cu, \
/usr/local/bin/minicom
+ Note that in this example only the group will be set, the command still
+ runs as user t�tc�cm�m. E.g.
+
+ $ sudo -g dialer /usr/bin/cu
+
+ Multiple users and groups may be present in a Runas_Spec, in which case
+ the user may select any combination of users and groups via the -�-u�u and
+ -�-g�g options. In this example:
+
+ alan ALL = (root, bin : operator, system) ALL
+
+ user a�al�la�an�n may run any command as either user root or bin, optionally
+ setting the group to operator or system.
+
S�SE�EL�Li�in�nu�ux�x_�_S�Sp�pe�ec�c
On systems with SELinux support, _�s_�u_�d_�o_�e_�r_�s entries may optionally have an
SELinux role and/or type associated with a command. If a role or type
@@ -365,6 +388,18 @@
T�Ta�ag�g_�_S�Sp�pe�ec�c
A command may have zero or more tags associated with it. There are
eight possible tag values, NOPASSWD, PASSWD, NOEXEC, EXEC, SETENV,
+
+
+
+1.7.5rc1 February 21, 2011 6
+
+
+
+
+
+SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+
+
NOSETENV, LOG_INPUT, NOLOG_INPUT, LOG_OUTPUT and NOLOG_OUTPUT. Once a
tag is set on a Cmnd, subsequent Cmnds in the Cmnd_Spec_List, inherit
the tag unless it is overridden by the opposite tag (i.e.: PASSWD
@@ -388,18 +423,6 @@
ray rushmore = NOPASSWD: /bin/kill, PASSWD: /bin/ls, /usr/bin/lprm
Note, however, that the PASSWD tag has no effect on users who are in
-
-
-
-1.7.4 January 12, 2011 6
-
-
-
-
-
-SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
-
-
the group specified by the _�e_�x_�e_�m_�p_�t_�__�g_�r_�o_�u_�p option.
By default, if the NOPASSWD tag is applied to any of the entries for a
@@ -431,6 +454,18 @@
restrictions imposed by _�e_�n_�v_�__�c_�h_�e_�c_�k, _�e_�n_�v_�__�d_�e_�l_�e_�t_�e, or _�e_�n_�v_�__�k_�e_�e_�p. As such,
only trusted users should be allowed to set variables in this manner.
If the command matched is A�AL�LL�L, the SETENV tag is implied for that
+
+
+
+1.7.5rc1 February 21, 2011 7
+
+
+
+
+
+SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+
+
command; this default may be overridden by use of the NOSETENV tag.
_�L_�O_�G_�__�I_�N_�P_�U_�T _�a_�n_�d _�N_�O_�L_�O_�G_�__�I_�N_�P_�U_�T
@@ -455,17 +490,6 @@
? Matches any single character.
-
-
-1.7.4 January 12, 2011 7
-
-
-
-
-
-SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
-
-
[...] Matches any character in the specified range.
[!...] Matches any character n�no�ot�t in the specified range.
@@ -496,6 +520,18 @@
_�s_�u_�d_�o_�e_�r_�s entry it means that command is not allowed to be run
with a�an�ny�y arguments.
+
+
+
+1.7.5rc1 February 21, 2011 8
+
+
+
+
+
+SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+
+
I�In�nc�cl�lu�ud�di�in�ng�g o�ot�th�he�er�r f�fi�il�le�es�s f�fr�ro�om�m w�wi�it�th�hi�in�n s�su�ud�do�oe�er�rs�s
It is possible to include other _�s_�u_�d_�o_�e_�r_�s files from within the _�s_�u_�d_�o_�e_�r_�s
file currently being parsed using the #include and #includedir
@@ -521,17 +557,6 @@
#include /etc/sudoers.%h
-
-
-1.7.4 January 12, 2011 8
-
-
-
-
-
-SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
-
-
will cause s�su�ud�do�o to include the file _�/_�e_�t_�c_�/_�s_�u_�d_�o_�e_�r_�s_�._�x_�e_�r_�x_�e_�s.
The #includedir directive can be used to create a _�s_�u_�d_�o_�._�d directory that
@@ -561,6 +586,18 @@
as a uid). Both the comment character and any text after it, up to the
end of the line, are ignored.
+
+
+
+1.7.5rc1 February 21, 2011 9
+
+
+
+
+
+SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+
+
The reserved word A�AL�LL�L is a built-in _�a_�l_�i_�a_�s that always causes a match to
succeed. It can be used wherever one might otherwise use a Cmnd_Alias,
User_Alias, Runas_Alias, or Host_Alias. You should not try to define
@@ -585,19 +622,6 @@
used as part of a word (e.g. a user name or host name): '@', '!', '=',
':', ',', '(', ')', '\'.
-
-
-
-
-1.7.4 January 12, 2011 9
-
-
-
-
-
-SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
-
-
S�SU�UD�DO�OE�ER�RS�S O�OP�PT�TI�IO�ON�NS�S
s�su�ud�do�o's behavior can be modified by Default_Entry lines, as explained
earlier. A list of all supported Defaults parameters, grouped by type,
@@ -611,8 +635,9 @@
that the -�-H�H option is always implied. Note that HOME
is already set when the the _�e_�n_�v_�__�r_�e_�s_�e_�t option is
enabled, so _�a_�l_�w_�a_�y_�s_�__�s_�e_�t_�__�h_�o_�m_�e is only effective for
- configurations where _�e_�n_�v_�__�r_�e_�s_�e_�t is disabled. This flag
- is _�o_�f_�f by default.
+ configurations where either _�e_�n_�v_�__�r_�e_�s_�e_�t is disabled or
+ HOME is present in the _�e_�n_�v_�__�k_�e_�e_�p list. This flag is _�o_�f_�f
+ by default.
authenticate If set, users must authenticate themselves via a
password (or other means of authentication) before they
@@ -627,6 +652,18 @@
by default.
compress_io If set, and s�su�ud�do�o is configured to log a command's input
+
+
+
+1.7.5rc1 February 21, 2011 10
+
+
+
+
+
+SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+
+
or output, the I/O logs will be compressed using z�zl�li�ib�b.
This flag is _�o_�n by default when s�su�ud�do�o is compiled with
z�zl�li�ib�b support.
@@ -652,18 +689,6 @@
variable. This flag is _�o_�n by default.
fast_glob Normally, s�su�ud�do�o uses the _�g_�l_�o_�b(3) function to do shell-
-
-
-
-1.7.4 January 12, 2011 10
-
-
-
-
-
-SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
-
-
style globbing when matching path names. However,
since it accesses the file system, _�g_�l_�o_�b(3) can take a
long time to complete for some patterns, especially
@@ -693,6 +718,18 @@
use a host alias (CNAME entry) due to performance
issues and the fact that there is no way to get all
aliases from DNS. If your machine's host name (as
+
+
+
+1.7.5rc1 February 21, 2011 11
+
+
+
+
+
+SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+
+
returned by the hostname command) is already fully
qualified you shouldn't need to set _�f_�q_�d_�n. This flag is
_�o_�f_�f by default.
@@ -718,18 +755,6 @@
incorrect password. This flag is _�o_�f_�f by default.
log_host If set, the host name will be logged in the (non-
-
-
-
-1.7.4 January 12, 2011 11
-
-
-
-
-
-SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
-
-
syslog) s�su�ud�do�o log file. This flag is _�o_�f_�f by default.
log_year If set, the four-digit year will be logged in the (non-
@@ -760,6 +785,17 @@
entry or is explicitly denied. This flag is _�o_�f_�f by
default.
+
+
+1.7.5rc1 February 21, 2011 12
+
+
+
+
+
+SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+
+
mail_no_user If set, mail will be sent to the _�m_�a_�i_�l_�t_�o user if the
invoking user is not in the _�s_�u_�d_�o_�e_�r_�s file. This flag is
_�o_�n by default.
@@ -784,18 +820,6 @@
The password prompt specified by _�p_�a_�s_�s_�p_�r_�o_�m_�p_�t will
normally only be used if the password prompt provided
by systems such as PAM matches the string "Password:".
-
-
-
-1.7.4 January 12, 2011 12
-
-
-
-
-
-SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
-
-
If _�p_�a_�s_�s_�p_�r_�o_�m_�p_�t_�__�o_�v_�e_�r_�r_�i_�d_�e is set, _�p_�a_�s_�s_�p_�r_�o_�m_�p_�t will always
be used. This flag is _�o_�f_�f by default.
@@ -826,6 +850,18 @@
this prevents users from "chaining" s�su�ud�do�o commands to
get a root shell by doing something like "sudo sudo
/bin/sh". Note, however, that turning off _�r_�o_�o_�t_�__�s_�u_�d_�o
+
+
+
+1.7.5rc1 February 21, 2011 13
+
+
+
+
+
+SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+
+
will also prevent root from running s�su�ud�do�oe�ed�di�it�t.
Disabling _�r_�o_�o_�t_�__�s_�u_�d_�o provides no real additional
security; it exists purely for historical reasons.
@@ -846,22 +882,11 @@
-�-u�u option is used). This effectively makes the -�-s�s
option imply -�-H�H. Note that HOME is already set when
the the _�e_�n_�v_�__�r_�e_�s_�e_�t option is enabled, so _�s_�e_�t_�__�h_�o_�m_�e is
- only effective for configurations where _�e_�n_�v_�__�r_�e_�s_�e_�t is
- disabled. This flag is _�o_�f_�f by default.
+ only effective for configurations where either
+ _�e_�n_�v_�__�r_�e_�s_�e_�t is disabled or HOME is present in the
+ _�e_�n_�v_�__�k_�e_�e_�p list. This flag is _�o_�f_�f by default.
set_logname Normally, s�su�ud�do�o will set the LOGNAME, USER and USERNAME
-
-
-
-1.7.4 January 12, 2011 13
-
-
-
-
-
-SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
-
-
environment variables to the name of the target user
(usually root unless the -�-u�u option is given). However,
since some programs (including the RCS revision control
@@ -891,6 +916,18 @@
effective UIDs are set to the target user (root by
default). This option changes that behavior such that
the real UID is left as the invoking user's UID. In
+
+
+
+1.7.5rc1 February 21, 2011 14
+
+
+
+
+
+SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+
+
other words, this makes s�su�ud�do�o act as a setuid wrapper.
This can be useful on systems that disable some
potentially dangerous functionality when a program is
@@ -916,18 +953,6 @@
a unique session ID that is included in the normal s�su�ud�do�o
log line, prefixed with _�T_�S_�I_�D_�=.
-
-
-
-1.7.4 January 12, 2011 14
-
-
-
-
-
-SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
-
-
log_output If set, s�su�ud�do�o will run the command in a _�p_�s_�e_�u_�d_�o _�t_�t_�y and
log all output that is sent to the screen, similar to
the _�s_�c_�r_�i_�p_�t(1) command. If the standard output or
@@ -958,6 +983,17 @@
be the union of the user's umask and what is specified
in _�s_�u_�d_�o_�e_�r_�s. This flag is _�o_�f_�f by default.
+
+
+1.7.5rc1 February 21, 2011 15
+
+
+
+
+
+SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+
+
use_loginclass If set, s�su�ud�do�o will apply the defaults specified for the
target user's login class if one exists. Only
available if s�su�ud�do�o is configured with the
@@ -982,18 +1018,6 @@
closefrom Before it executes a command, s�su�ud�do�o will close all open
file descriptors other than standard input, standard
-
-
-
-1.7.4 January 12, 2011 15
-
-
-
-
-
-SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
-
-
output and standard error (ie: file descriptors 0-2).
The _�c_�l_�o_�s_�e_�f_�r_�o_�m option can be used to specify a different
file descriptor at which to start closing. The default
@@ -1024,6 +1048,18 @@
this to 0 to always prompt for a password. If set to a
value less than 0 the user's timestamp will never
expire. This can be used to allow users to create or
+
+
+
+1.7.5rc1 February 21, 2011 16
+
+
+
+
+
+SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+
+
delete their own timestamps via sudo -v and sudo -k
respectively.
@@ -1049,17 +1085,11 @@
possible, or the first editor in the list that exists
and is executable. The default is "vi".
+ iolog_dir The directory in which to store input/output logs when
+ the _�l_�o_�g_�__�i_�n_�p_�u_�t or _�l_�o_�g_�__�o_�u_�t_�p_�u_�t options are enabled or when
+ the LOG_INPUT or LOG_OUTPUT tags are present for a
+ command. The default is "/var/log/sudo-io".
-
-1.7.4 January 12, 2011 16
-
-
-
-
-
-SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
-
-
mailsub Subject of the mail sent to the _�m_�a_�i_�l_�t_�o user. The escape
%h will expand to the host name of the machine.
Default is *** SECURITY information for %h ***.
@@ -1084,6 +1114,18 @@
name
%p expanded to the user whose password is being asked
+
+
+
+1.7.5rc1 February 21, 2011 17
+
+
+
+
+
+SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+
+
for (respects the _�r_�o_�o_�t_�p_�w, _�t_�a_�r_�g_�e_�t_�p_�w and _�r_�u_�n_�a_�s_�p_�w
flags in _�s_�u_�d_�o_�e_�r_�s)
@@ -1114,22 +1156,11 @@
syslog_goodpri Syslog priority to use when user authenticates
successfully. Defaults to notice.
+ sudoers_locale Locale to use when parsing the sudoers file, logging
+ commands, and sending email. Note that changing the
+ locale may affect how sudoers is interpreted. Defaults
+ to "C".
-
-
-1.7.4 January 12, 2011 17
-
-
-
-
-
-SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
-
-
- sudoers_locale Locale to use when parsing the sudoers file. Note that
- changing the locale may affect how sudoers is
- interpreted. Defaults to "C".
-
timestampdir The directory in which s�su�ud�do�o stores its timestamp files.
The default is _�/_�v_�a_�r_�/_�a_�d_�m_�/_�s_�u_�d_�o.
@@ -1149,6 +1180,18 @@
terminal is available. This may be the case when s�su�ud�do�o is
executed from a graphical (as opposed to text-based)
application. The program specified by _�a_�s_�k_�p_�a_�s_�s should
+
+
+
+1.7.5rc1 February 21, 2011 18
+
+
+
+
+
+SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+
+
display the argument passed to it as the prompt and write
the user's password to the standard output. The value of
_�a_�s_�k_�p_�a_�s_�s may be overridden by the SUDO_ASKPASS environment
@@ -1180,18 +1223,6 @@
Negating the option results in a value of _�n_�e_�v_�e_�r being used.
The default value is _�o_�n_�c_�e.
-
-
-
-1.7.4 January 12, 2011 18
-
-
-
-
-
-SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
-
-
lecture_file
Path to a file containing an alternate s�su�ud�do�o lecture that
will be used in place of the standard lecture if the named
@@ -1215,6 +1246,18 @@
never The user need never enter a password to use the -�-l�l
option.
+
+
+
+1.7.5rc1 February 21, 2011 19
+
+
+
+
+
+SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+
+
If no value is specified, a value of _�a_�n_�y is implied.
Negating the option results in a value of _�n_�e_�v_�e_�r being used.
The default value is _�a_�n_�y.
@@ -1246,18 +1289,6 @@
option is not set by default.
syslog Syslog facility if syslog is being used for logging (negate
-
-
-
-1.7.4 January 12, 2011 19
-
-
-
-
-
-SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
-
-
to disable syslog logging). Defaults to auth.
verifypw This option controls when a password will be required when
@@ -1282,6 +1313,17 @@
Negating the option results in a value of _�n_�e_�v_�e_�r being used.
The default value is _�a_�l_�l.
+
+
+1.7.5rc1 February 21, 2011 20
+
+
+
+
+
+SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+
+
L�Li�is�st�ts�s t�th�ha�at�t c�ca�an�n b�be�e u�us�se�ed�d i�in�n a�a b�bo�oo�ol�le�ea�an�n c�co�on�nt�te�ex�xt�t:
env_check Environment variables to be removed from the user's
@@ -1312,18 +1354,6 @@
any setuid process (such as s�su�ud�do�o).
env_keep Environment variables to be preserved in the user's
-
-
-
-1.7.4 January 12, 2011 20
-
-
-
-
-
-SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
-
-
environment when the _�e_�n_�v_�__�r_�e_�s_�e_�t option is in effect.
This allows fine-grained control over the environment
s�su�ud�do�o-spawned processes will receive. The argument may
@@ -1348,6 +1378,18 @@
_�/_�e_�t_�c_�/_�n_�e_�t_�g_�r_�o_�u_�p List of network groups
+
+
+
+1.7.5rc1 February 21, 2011 21
+
+
+
+
+
+SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+
+
_�/_�v_�a_�r_�/_�l_�o_�g_�/_�s_�u_�d_�o_�-_�i_�o I/O log files
E�EX�XA�AM�MP�PL�LE�ES�S
@@ -1378,18 +1420,6 @@
Host_Alias CUNETS = 128.138.0.0/255.255.0.0
Host_Alias CSNETS = 128.138.243.0, 128.138.204.0/24, 128.138.242.0
Host_Alias SERVERS = master, mail, www, ns
-
-
-
-1.7.4 January 12, 2011 21
-
-
-
-
-
-SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
-
-
Host_Alias CDROM = orion, perseus, hercules
# Cmnd alias specification
@@ -1414,6 +1444,18 @@
Additionally, on the machines in the _�S_�E_�R_�V_�E_�R_�S Host_Alias, we keep an
additional local log file and make sure we log the year in each log
line since the log entries will be kept around for several years.
+
+
+
+1.7.5rc1 February 21, 2011 22
+
+
+
+
+
+SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+
+
Lastly, we disable shell escapes for the commands in the PAGERS
Cmnd_Alias (_�/_�u_�s_�r_�/_�b_�i_�n_�/_�m_�o_�r_�e, _�/_�u_�s_�r_�/_�b_�i_�n_�/_�p_�g and _�/_�u_�s_�r_�/_�b_�i_�n_�/_�l_�e_�s_�s).
@@ -1445,17 +1487,6 @@
any host but they must authenticate themselves first (since the entry
lacks the NOPASSWD tag).
-
-
-1.7.4 January 12, 2011 22
-
-
-
-
-
-SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
-
-
jack CSNETS = ALL
The user j�ja�ac�ck�k may run any command on the machines in the _�C_�S_�N_�E_�T_�S alias
@@ -1479,6 +1510,18 @@
joe ALL = /usr/bin/su operator
+
+
+
+1.7.5rc1 February 21, 2011 23
+
+
+
+
+
+SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+
+
The user j�jo�oe�e may only _�s_�u(1) to operator.
pete HPPA = /usr/bin/passwd [A-Za-z]*, !/usr/bin/passwd root
@@ -1510,18 +1553,6 @@
fred ALL = (DB) NOPASSWD: ALL
-
-
-
-1.7.4 January 12, 2011 23
-
-
-
-
-
-SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
-
-
The user f�fr�re�ed�d can run commands as any user in the _�D_�B Runas_Alias
(o�or�ra�ac�cl�le�e or s�sy�yb�ba�as�se�e) without giving a password.
@@ -1546,6 +1577,17 @@
The user s�st�te�ev�ve�e may run any command in the directory
/usr/local/op_commands/ but only as user operator.
+
+
+1.7.5rc1 February 21, 2011 24
+
+
+
+
+
+SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+
+
matt valkyrie = KILL
On his personal workstation, valkyrie, m�ma�at�tt�t needs to be able to kill
@@ -1576,18 +1618,6 @@
Doesn't really prevent b�bi�il�ll�l from running the commands listed in _�S_�U or
_�S_�H_�E_�L_�L_�S since he can simply copy those commands to a different name, or
use a shell escape from an editor or other program. Therefore, these
-
-
-
-1.7.4 January 12, 2011 24
-
-
-
-
-
-SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
-
-
kind of restrictions should be considered advisory at best (and
reinforced by policy).
@@ -1612,6 +1642,18 @@
since it is not uncommon for a program to allow shell escapes, which
lets a user bypass s�su�ud�do�o's access control and logging. Common programs
that permit shell escapes include shells (obviously), editors,
+
+
+
+1.7.5rc1 February 21, 2011 25
+
+
+
+
+
+SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+
+
paginators, mail and terminal programs.
There are two basic approaches to this problem:
@@ -1642,18 +1684,6 @@
File containing dummy exec functions:
-
-
-
-1.7.4 January 12, 2011 25
-
-
-
-
-
-SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
-
-
then s�su�ud�do�o may be able to replace the exec family of functions
in the standard library with its own that simply return an
error. Unfortunately, there is no foolproof way to know
@@ -1678,6 +1708,18 @@
unsure whether or not your system is capable of supporting
_�n_�o_�e_�x_�e_�c you can always just try it out and see if it works.
+
+
+
+1.7.5rc1 February 21, 2011 26
+
+
+
+
+
+SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+
+
Note that restricting shell escapes is not a panacea. Programs running
as root are still capable of many potentially hazardous operations
(such as changing or overwriting files) that could lead to unintended
@@ -1707,19 +1749,6 @@
http://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or search
the archives.
-
-
-
-
-1.7.4 January 12, 2011 26
-
-
-
-
-
-SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
-
-
D�DI�IS�SC�CL�LA�AI�IM�ME�ER�R
s�su�ud�do�o is provided ``AS IS'' and any express or implied warranties,
including, but not limited to, the implied warranties of
@@ -1748,35 +1777,6 @@
+1.7.5rc1 February 21, 2011 27
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-1.7.4 January 12, 2011 27
-
-
Modified: trunk/contrib/sudo/sudoers.ldap.cat
===================================================================
--- trunk/contrib/sudo/sudoers.ldap.cat 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudoers.ldap.cat 2014-10-02 03:20:49 UTC (rev 6803)
@@ -43,7 +43,7 @@
For the most part, there is really no need for s�su�ud�do�o-specific Aliases.
Unix groups or user netgroups can be used in place of User_Aliases and
- RunasAliases. Host netgroups can be used in place of HostAliases.
+ Runas_Aliases. Host netgroups can be used in place of Host_Aliases.
Since Unix groups and netgroups can also be stored in LDAP there is no
real need for s�su�ud�do�o-specific aliases.
@@ -61,7 +61,7 @@
-1.7.4 July 12, 2010 1
+1.7.5rc1 February 21, 2011 1
@@ -82,7 +82,7 @@
sudoOption: env_keep+=SSH_AUTH_SOCK
The equivalent of a sudoer in LDAP is a sudoRole. It consists of the
- following components:
+ following attributes:
s�su�ud�do�oU�Us�se�er�r
A user name, uid (prefixed with '#'), Unix group (prefixed with a
@@ -109,33 +109,72 @@
with a '+') that contains a list of users that commands may be run
as. The special value ALL will match any user.
+ The sudoRunAsUser attribute is only available in s�su�ud�do�o versions
+ 1.7.0 and higher. Older versions of s�su�ud�do�o use the sudoRunAs
+ attribute instead.
+
s�su�ud�do�oR�Ru�un�nA�As�sG�Gr�ro�ou�up�p
A Unix group or gid (prefixed with '#') that commands may be run
as. The special value ALL will match any group.
- Each component listed above should contain a single value, but there
- may be multiple instances of each component type. A sudoRole must
- contain at least one sudoUser, sudoHost and sudoCommand.
+ The sudoRunAsGroup attribute is only available in s�su�ud�do�o versions
+ 1.7.0 and higher.
- The following example allows users in group wheel to run any command on
- any host via s�su�ud�do�o:
+ s�su�ud�do�oN�No�ot�tB�Be�ef�fo�or�re�e
+ A timestamp in the form yyyymmddHHMMZ that can be used to provide a
+ start date/time for when the sudoRole will be valid. If multiple
+ sudoNotBefore entries are present, the earliest is used. Note that
+1.7.5rc1 February 21, 2011 2
-1.7.4 July 12, 2010 2
+SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4)
+ timestamps must be in Coordinated Universal Time (UTC), not the
+ local timezone.
+ The sudoNotBefore attribute is only available in s�su�ud�do�o versions
+ 1.7.5 and higher and must be explicitly enabled via the
+ S�SU�UD�DO�OE�ER�RS�S_�_T�TI�IM�ME�ED�D option in _�/_�e_�t_�c_�/_�l_�d_�a_�p_�._�c_�o_�n_�f.
+ s�su�ud�do�oN�No�ot�tA�Af�ft�te�er�r
+ A timestamp in the form yyyymmddHHMMZ that indicates an expiration
+ date/time, after which the sudoRole will no longer be valid. If
+ multiple sudoNotBefore entries are present, the last one is used.
+ Note that timestamps must be in Coordinated Universal Time (UTC),
+ not the local timezone.
-SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4)
+ The sudoNotAfter attribute is only available in s�su�ud�do�o versions 1.7.5
+ and higher and must be explicitly enabled via the S�SU�UD�DO�OE�ER�RS�S_�_T�TI�IM�ME�ED�D
+ option in _�/_�e_�t_�c_�/_�l_�d_�a_�p_�._�c_�o_�n_�f.
+ s�su�ud�do�oO�Or�rd�de�er�r
+ The sudoRole entries retrieved from the LDAP directory have no
+ inherent order. The sudoOrder attribute is an integer (or floating
+ point value for LDAP servers that support it) that is used to sort
+ the matching entries. This allows LDAP-based sudoers entries to
+ more closely mimic the behaviour of the sudoers file, where the of
+ the entries influences the result. If multiple entries match, the
+ entry with the highest sudoOrder attribute is chosen. This
+ corresponds to the "last match" behavior of the sudoers file. If
+ the sudoOrder attribute is not present, a value of 0 is assumed.
+ The sudoOrder attribute is only available in s�su�ud�do�o versions 1.7.5
+ and higher.
+
+ Each attribute listed above should contain a single value, but there
+ may be multiple instances of each attribute type. A sudoRole must
+ contain at least one sudoUser, sudoHost and sudoCommand.
+
+ The following example allows users in group wheel to run any command on
+ any host via s�su�ud�do�o:
+
dn: cn=%wheel,ou=SUDOers,dc=example,dc=com
objectClass: top
objectClass: sudoRole
@@ -151,16 +190,36 @@
that the user belongs to. (The special ALL tag is matched in this
query too.) If no match is returned for the user's name and groups, a
third query returns all entries containing user netgroups and checks to
+
+
+
+1.7.5rc1 February 21, 2011 3
+
+
+
+
+
+SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4)
+
+
see if the user belongs to any of them.
+ If timed entries are enabled with the S�SU�UD�DO�OE�ER�RS�S_�_T�TI�IM�ME�ED�D configuration
+ directive, the LDAP queries include a subfilter that limits retrieval
+ to entries that satisfy the time constraints, if any.
+
D�Di�if�ff�fe�er�re�en�nc�ce�es�s b�be�et�tw�we�ee�en�n L�LD�DA�AP�P a�an�nd�d n�no�on�n-�-L�LD�DA�AP�P s�su�ud�do�oe�er�rs�s
There are some subtle differences in the way sudoers is handled once in
LDAP. Probably the biggest is that according to the RFC, LDAP ordering
is arbitrary and you cannot expect that Attributes and Entries are
- returned in any specific order. If there are conflicting command rules
- on an entry, the negative takes precedence. This is called paranoid
- behavior (not necessarily the most specific match).
+ returned in any specific order.
+ The order in which different entries are applied can be controlled
+ using the sudoOrder attribute, but there is no way to guarantee the
+ order of attributes within a specific entry. If there are conflicting
+ command rules in an entry, the negative takes precedence. This is
+ called paranoid behavior (not necessarily the most specific match).
+
Here is an example:
# /etc/sudoers:
@@ -190,24 +249,25 @@
sudoUser: puddles
sudoHost: ALL
sudoCommand: !/bin/sh
+ sudoCommand: ALL
+ Another difference is that negations on the Host, User or Runas are
+ currently ignored. For example, the following attributes do not behave
+ the way one might expect.
-1.7.4 July 12, 2010 3
+1.7.5rc1 February 21, 2011 4
-SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4)
- sudoCommand: ALL
- Another difference is that negations on the Host, User or Runas are
- currently ignorred. For example, the following attributes do not
- behave the way one might expect.
+SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4)
+
# does not match all but joe
# rather, does not match anyone
sudoUser: !joe
@@ -246,7 +306,7 @@
specified in _�/_�e_�t_�c_�/_�o_�p_�e_�n_�l_�d_�a_�p_�/_�l_�d_�a_�p_�._�c_�o_�n_�f or the user's _�._�l_�d_�a_�p_�r_�c files are
not used.
- Only those options explicitly listed in _�/_�e_�t_�c_�/_�l_�d_�a_�p_�._�c_�o_�n_�f that are
+ Only those options explicitly listed in _�/_�e_�t_�c_�/_�l_�d_�a_�p_�._�c_�o_�n_�f as being
supported by s�su�ud�do�o are honored. Configuration options are listed below
in upper case but are parsed in a case-independent manner.
@@ -256,10 +316,16 @@
either l�ld�da�ap�p or l�ld�da�ap�ps�s, the latter being for servers that support TLS
(SSL) encryption. If no _�p_�o_�r_�t is specified, the default is port 389
for ldap:// or port 636 for ldaps://. If no _�h_�o_�s_�t_�n_�a_�m_�e is specified,
+ s�su�ud�do�o will connect to l�lo�oc�ca�al�lh�ho�os�st�t. Multiple U�UR�RI�I lines are treated
+ identically to a U�UR�RI�I line containing multiple entries. Only
+ systems using the OpenSSL libraries support the mixing of ldap://
+ and ldaps:// URIs. The Netscape-derived libraries used on most
+ commercial versions of Unix are only capable of supporting one or
+ the other.
-1.7.4 July 12, 2010 4
+1.7.5rc1 February 21, 2011 5
@@ -268,13 +334,6 @@
SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4)
- s�su�ud�do�o will connect to l�lo�oc�ca�al�lh�ho�os�st�t. Multiple U�UR�RI�I lines are treated
- identically to a U�UR�RI�I line containing multiple entries. Only
- systems using the OpenSSL libraries support the mixing of ldap://
- and ldaps:// URIs. The Netscape-derived libraries used on most
- commercial versions of Unix are only capable of supporting one or
- the other.
-
H�HO�OS�ST�T name[:port] ...
If no U�UR�RI�I is specified, the H�HO�OS�ST�T parameter specifies a whitespace-
delimited list of LDAP servers to connect to. Each host may
@@ -296,10 +355,17 @@
multiple U�UR�RI�Is or H�HO�OS�ST�Ts are specified, this is the amount of time to
wait before trying the next one in the list.
+ N�NE�ET�TW�WO�OR�RK�K_�_T�TI�IM�ME�EO�OU�UT�T seconds
+ An alias for B�BI�IN�ND�D_�_T�TI�IM�ME�EL�LI�IM�MI�IT�T for OpenLDAP compatibility.
+
T�TI�IM�ME�EL�LI�IM�MI�IT�T seconds
The T�TI�IM�ME�EL�LI�IM�MI�IT�T parameter specifies the amount of time, in seconds,
to wait for a response to an LDAP query.
+ T�TI�IM�ME�EO�OU�UT�T seconds
+ The T�TI�IM�ME�EO�OU�UT�T parameter specifies the amount of time, in seconds, to
+ wait for a response from the various LDAP APIs.
+
S�SU�UD�DO�OE�ER�RS�S_�_B�BA�AS�SE�E base
The base DN to use when performing s�su�ud�do�o LDAP queries. Typically
this is of the form ou=SUDOers,dc=example,dc=com for the domain
@@ -306,6 +372,10 @@
example.com. Multiple S�SU�UD�DO�OE�ER�RS�S_�_B�BA�AS�SE�E lines may be specified, in
which case they are queried in the order specified.
+ S�SU�UD�DO�OE�ER�RS�S_�_T�TI�IM�ME�ED�D on/true/yes/off/false/no
+ Whether or not to evaluate the sudoNotBefore and sudoNotAfter
+ attributes that implement time-dependent sudoers entries.
+
S�SU�UD�DO�OE�ER�RS�S_�_D�DE�EB�BU�UG�G debug_level
This sets the debug level for s�su�ud�do�o LDAP queries. Debugging
information is printed to the standard error. A value of 1 results
@@ -318,22 +388,21 @@
The B�BI�IN�ND�DD�DN�N parameter specifies the identity, in the form of a
Distinguished Name (DN), to use when performing LDAP operations.
If not specified, LDAP operations are performed with an anonymous
- identity. By default, most LDAP servers will allow anonymous
- access.
+1.7.5rc1 February 21, 2011 6
-1.7.4 July 12, 2010 5
+SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4)
-SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4)
+ identity. By default, most LDAP servers will allow anonymous
+ access.
-
B�BI�IN�ND�DP�PW�W secret
The B�BI�IN�ND�DP�PW�W parameter specifies the password to use when performing
LDAP operations. This is typically used in conjunction with the
@@ -376,7 +445,7 @@
can be verified.
T�TL�LS�S_�_C�CA�AC�CE�ER�RT�T file name
- An alias for T�TL�LS�S_�_C�CA�AC�CE�ER�RT�TF�FI�IL�LE�E.
+ An alias for T�TL�LS�S_�_C�CA�AC�CE�ER�RT�TF�FI�IL�LE�E for OpenLDAP compatibility.
T�TL�LS�S_�_C�CA�AC�CE�ER�RT�TF�FI�IL�LE�E file name
The path to a certificate authority bundle which contains the
@@ -386,20 +455,19 @@
libraries use the same certificate database for CA and client
certificates (see T�TL�LS�S_�_C�CE�ER�RT�T).
- T�TL�LS�S_�_C�CA�AC�CE�ER�RT�TD�DI�IR�R directory
- Similar to T�TL�LS�S_�_C�CA�AC�CE�ER�RT�TF�FI�IL�LE�E but instead of a file, it is a directory
+1.7.5rc1 February 21, 2011 7
-1.7.4 July 12, 2010 6
-
SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4)
+ T�TL�LS�S_�_C�CA�AC�CE�ER�RT�TD�DI�IR�R directory
+ Similar to T�TL�LS�S_�_C�CA�AC�CE�ER�RT�TF�FI�IL�LE�E but instead of a file, it is a directory
containing individual Certificate Authority certificates, e.g.
_�/_�e_�t_�c_�/_�s_�s_�l_�/_�c_�e_�r_�t_�s. The directory specified by T�TL�LS�S_�_C�CA�AC�CE�ER�RT�TD�DI�IR�R is
checked after T�TL�LS�S_�_C�CA�AC�CE�ER�RT�TF�FI�IL�LE�E. This option is only supported by the
@@ -452,20 +520,20 @@
R�RO�OO�OT�TU�US�SE�E_�_S�SA�AS�SL�L on/true/yes/off/false/no
Enable R�RO�OO�OT�TU�US�SE�E_�_S�SA�AS�SL�L to enable SASL authentication when connecting
- to an LDAP server from a privileged process, such as s�su�ud�do�o.
+1.7.5rc1 February 21, 2011 8
-1.7.4 July 12, 2010 7
-
SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4)
+ to an LDAP server from a privileged process, such as s�su�ud�do�o.
+
R�RO�OO�OT�TS�SA�AS�SL�L_�_A�AU�UT�TH�H_�_I�ID�D identity
The SASL user name to use when R�RO�OO�OT�TU�US�SE�E_�_S�SA�AS�SL�L is enabled.
@@ -518,12 +586,10 @@
_�n_�s_�s_�w_�i_�t_�c_�h_�._�c_�o_�n_�f; information in the previous section unrelated to the
file format itself still applies.
- To consult LDAP first followed by the local sudoers file (if it
- exists), use:
-1.7.4 July 12, 2010 8
+1.7.5rc1 February 21, 2011 9
@@ -532,6 +598,9 @@
SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4)
+ To consult LDAP first followed by the local sudoers file (if it
+ exists), use:
+
sudoers = ldap, files
The local _�s_�u_�d_�o_�e_�r_�s file can be ignored completely by using:
@@ -583,13 +652,10 @@
#
# Must be set or sudo will ignore LDAP; may be specified multiple times.
sudoers_base ou=SUDOers,dc=example,dc=com
- #
- # verbose sudoers matching from ldap
- #sudoers_debug 2
-1.7.4 July 12, 2010 9
+1.7.5rc1 February 21, 2011 10
@@ -599,6 +665,12 @@
#
+ # verbose sudoers matching from ldap
+ #sudoers_debug 2
+ #
+ # Enable support for time-based entries in sudoers.
+ #sudoers_timed yes
+ #
# optional proxy credentials
#binddn <who to search as>
#bindpw <password>
@@ -646,16 +718,10 @@
# the LDAP server.
# Tips:
# * Enable both lines at the same time.
- # * Do not password protect the key file.
- # * Ensure the keyfile is only readable by root.
- #
- # For OpenLDAP:
- #tls_cert /etc/certs/client_cert.pem
- #tls_key /etc/certs/client_key.pem
-1.7.4 July 12, 2010 10
+1.7.5rc1 February 21, 2011 11
@@ -664,7 +730,13 @@
SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4)
+ # * Do not password protect the key file.
+ # * Ensure the keyfile is only readable by root.
#
+ # For OpenLDAP:
+ #tls_cert /etc/certs/client_cert.pem
+ #tls_key /etc/certs/client_key.pem
+ #
# For SunONE or iPlanet LDAP, tls_cert and tls_key may specify either
# a directory, in which case the files in the directory must have the
# default names (e.g. cert8.db and key4.db), or the path to the cert
@@ -689,7 +761,8 @@
# krb5_ccname /etc/.ldapcache
S�Su�ud�do�o s�sc�ch�he�em�ma�a f�fo�or�r O�Op�pe�en�nL�LD�DA�AP�P
- The following schema is in OpenLDAP format. Simply copy it to the
+ The following schema, in OpenLDAP format, is included with s�su�ud�do�o source
+ and binary distributions as _�s_�c_�h_�e_�m_�a_�._�O_�p_�e_�n_�L_�D_�A_�P. Simply copy it to the
schema directory (e.g. _�/_�e_�t_�c_�/_�o_�p_�e_�n_�l_�d_�a_�p_�/_�s_�c_�h_�e_�m_�a), add the proper include
line in slapd.conf and restart s�sl�la�ap�pd�d.
@@ -711,26 +784,26 @@
NAME 'sudoCommand'
DESC 'Command(s) to be executed by sudo'
EQUALITY caseExactIA5Match
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
- attributetype ( 1.3.6.1.4.1.15953.9.1.4
- NAME 'sudoRunAs'
- DESC 'User(s) impersonated by sudo'
- EQUALITY caseExactIA5Match
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+1.7.5rc1 February 21, 2011 12
-1.7.4 July 12, 2010 11
-
SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4)
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+ attributetype ( 1.3.6.1.4.1.15953.9.1.4
+ NAME 'sudoRunAs'
+ DESC 'User(s) impersonated by sudo'
+ EQUALITY caseExactIA5Match
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+
attributetype ( 1.3.6.1.4.1.15953.9.1.5
NAME 'sudoOption'
DESC 'Options(s) followed by sudo'
@@ -749,21 +822,53 @@
EQUALITY caseExactIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+ attributetype ( 1.3.6.1.4.1.15953.9.1.8
+ NAME 'sudoNotBefore'
+ DESC 'Start of time interval for which the entry is valid'
+ EQUALITY generalizedTimeMatch
+ ORDERING generalizedTimeOrderingMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 )
+
+ attributetype ( 1.3.6.1.4.1.15953.9.1.9
+ NAME 'sudoNotAfter'
+ DESC 'End of time interval for which the entry is valid'
+ EQUALITY generalizedTimeMatch
+ ORDERING generalizedTimeOrderingMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 )
+
+ attributeTypes ( 1.3.6.1.4.1.15953.9.1.10
+ NAME 'sudoOrder'
+ DESC 'an integer to order the sudoRole entries'
+ EQUALITY integerMatch
+ ORDERING integerOrderingMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
+
objectclass ( 1.3.6.1.4.1.15953.9.2.1 NAME 'sudoRole' SUP top STRUCTURAL
DESC 'Sudoer Entries'
MUST ( cn )
MAY ( sudoUser $ sudoHost $ sudoCommand $ sudoRunAs $ sudoRunAsUser $
- sudoRunAsGroup $ sudoOption $ description )
+ sudoRunAsGroup $ sudoOption $ sudoNotBefore $ sudoNotAfter $
+ sudoOrder $ description )
)
+
+
+1.7.5rc1 February 21, 2011 13
+
+
+
+
+
+SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4)
+
+
S�SE�EE�E A�AL�LS�SO�O
_�l_�d_�a_�p_�._�c_�o_�n_�f(4), _�s_�u_�d_�o_�e_�r_�s(5)
C�CA�AV�VE�EA�AT�TS�S
- The way that _�s_�u_�d_�o_�e_�r_�s is parsed differs between Note that there are
- differences in the way that LDAP-based _�s_�u_�d_�o_�e_�r_�s is parsed compared to
- file-based _�s_�u_�d_�o_�e_�r_�s. See the "Differences between LDAP and non-LDAP
- sudoers" section for more information.
+ Note that there are differences in the way that LDAP-based _�s_�u_�d_�o_�e_�r_�s is
+ parsed compared to file-based _�s_�u_�d_�o_�e_�r_�s. See the "Differences between
+ LDAP and non-LDAP sudoers" section for more information.
B�BU�UG�GS�S
If you feel you have found a bug in s�su�ud�do�o, please submit a bug report at
@@ -787,6 +892,33 @@
-1.7.4 July 12, 2010 12
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+1.7.5rc1 February 21, 2011 14
+
+
Deleted: trunk/contrib/sudo/sudoers.ldap.man
===================================================================
--- trunk/contrib/sudo/sudoers.ldap.man 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudoers.ldap.man 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,826 +0,0 @@
-.\" Copyright (c) 2003-2010
-.\" Todd C. Miller <Todd.Miller at courtesan.com>
-.\"
-.\" Permission to use, copy, modify, and distribute this software for any
-.\" purpose with or without fee is hereby granted, provided that the above
-.\" copyright notice and this permission notice appear in all copies.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-.\"
-.\" Automatically generated by Pod::Man 2.22 (Pod::Simple 3.07)
-.\"
-.\" Standard preamble:
-.\" ========================================================================
-.de Sp \" Vertical space (when we can't use .PP)
-.if t .sp .5v
-.if n .sp
-..
-.de Vb \" Begin verbatim text
-.ft CW
-.nf
-.ne \\$1
-..
-.de Ve \" End verbatim text
-.ft R
-.fi
-..
-.\" Set up some character translations and predefined strings. \*(-- will
-.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
-.\" double quote, and \*(R" will give a right double quote. \*(C+ will
-.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
-.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
-.\" nothing in troff, for use with C<>.
-.tr \(*W-
-.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
-.ie n \{\
-. ds -- \(*W-
-. ds PI pi
-. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
-. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
-. ds L" ""
-. ds R" ""
-. ds C`
-. ds C'
-'br\}
-.el\{\
-. ds -- \|\(em\|
-. ds PI \(*p
-. ds L" ``
-. ds R" ''
-'br\}
-.\"
-.\" Escape single quotes in literal strings from groff's Unicode transform.
-.ie \n(.g .ds Aq \(aq
-.el .ds Aq '
-.\"
-.\" If the F register is turned on, we'll generate index entries on stderr for
-.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
-.\" entries marked with X<> in POD. Of course, you'll have to process the
-.\" output yourself in some meaningful fashion.
-.ie \nF \{\
-. de IX
-. tm Index:\\$1\t\\n%\t"\\$2"
-..
-. nr % 0
-. rr F
-.\}
-.el \{\
-. de IX
-..
-.\}
-.\"
-.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
-.\" Fear. Run. Save yourself. No user-serviceable parts.
-. \" fudge factors for nroff and troff
-.if n \{\
-. ds #H 0
-. ds #V .8m
-. ds #F .3m
-. ds #[ \f1
-. ds #] \fP
-.\}
-.if t \{\
-. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
-. ds #V .6m
-. ds #F 0
-. ds #[ \&
-. ds #] \&
-.\}
-. \" simple accents for nroff and troff
-.if n \{\
-. ds ' \&
-. ds ` \&
-. ds ^ \&
-. ds , \&
-. ds ~ ~
-. ds /
-.\}
-.if t \{\
-. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
-. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
-. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
-. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
-. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
-. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
-.\}
-. \" troff and (daisy-wheel) nroff accents
-.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
-.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
-.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
-.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
-.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
-.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
-.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
-.ds ae a\h'-(\w'a'u*4/10)'e
-.ds Ae A\h'-(\w'A'u*4/10)'E
-. \" corrections for vroff
-.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
-.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
-. \" for low resolution devices (crt and lpr)
-.if \n(.H>23 .if \n(.V>19 \
-\{\
-. ds : e
-. ds 8 ss
-. ds o a
-. ds d- d\h'-1'\(ga
-. ds D- D\h'-1'\(hy
-. ds th \o'bp'
-. ds Th \o'LP'
-. ds ae ae
-. ds Ae AE
-.\}
-.rm #[ #] #H #V #F C
-.\" ========================================================================
-.\"
-.IX Title "SUDOERS.LDAP 5"
-.TH SUDOERS.LDAP 5 "July 12, 2010" "1.7.4" "MAINTENANCE COMMANDS"
-.\" For nroff, turn off justification. Always turn off hyphenation; it makes
-.\" way too many mistakes in technical documents.
-.if n .ad l
-.nh
-.SH "NAME"
-sudoers.ldap \- sudo LDAP configuration
-.SH "DESCRIPTION"
-.IX Header "DESCRIPTION"
-In addition to the standard \fIsudoers\fR file, \fBsudo\fR may be configured
-via \s-1LDAP\s0. This can be especially useful for synchronizing \fIsudoers\fR
-in a large, distributed environment.
-.PP
-Using \s-1LDAP\s0 for \fIsudoers\fR has several benefits:
-.IP "\(bu" 4
-\&\fBsudo\fR no longer needs to read \fIsudoers\fR in its entirety. When
-\&\s-1LDAP\s0 is used, there are only two or three \s-1LDAP\s0 queries per invocation.
-This makes it especially fast and particularly usable in \s-1LDAP\s0
-environments.
-.IP "\(bu" 4
-\&\fBsudo\fR no longer exits if there is a typo in \fIsudoers\fR.
-It is not possible to load \s-1LDAP\s0 data into the server that does
-not conform to the sudoers schema, so proper syntax is guaranteed.
-It is still possible to have typos in a user or host name, but
-this will not prevent \fBsudo\fR from running.
-.IP "\(bu" 4
-It is possible to specify per-entry options that override the global
-default options. \fI/etc/sudoers\fR only supports default options and
-limited options associated with user/host/commands/aliases. The
-syntax is complicated and can be difficult for users to understand.
-Placing the options directly in the entry is more natural.
-.IP "\(bu" 4
-The \fBvisudo\fR program is no longer needed. \fBvisudo\fR provides
-locking and syntax checking of the \fI/etc/sudoers\fR file.
-Since \s-1LDAP\s0 updates are atomic, locking is no longer necessary.
-Because syntax is checked when the data is inserted into \s-1LDAP\s0, there
-is no need for a specialized tool to check syntax.
-.PP
-Another major difference between \s-1LDAP\s0 and file-based \fIsudoers\fR
-is that in \s-1LDAP\s0, \fBsudo\fR\-specific Aliases are not supported.
-.PP
-For the most part, there is really no need for \fBsudo\fR\-specific
-Aliases. Unix groups or user netgroups can be used in place of
-User_Aliases and RunasAliases. Host netgroups can be used in place
-of HostAliases. Since Unix groups and netgroups can also be stored
-in \s-1LDAP\s0 there is no real need for \fBsudo\fR\-specific aliases.
-.PP
-Cmnd_Aliases are not really required either since it is possible
-to have multiple users listed in a sudoRole. Instead of defining
-a Cmnd_Alias that is referenced by multiple users, one can create
-a sudoRole that contains the commands and assign multiple users
-to it.
-.SS "SUDOers \s-1LDAP\s0 container"
-.IX Subsection "SUDOers LDAP container"
-The \fIsudoers\fR configuration is contained in the \f(CW\*(C`ou=SUDOers\*(C'\fR \s-1LDAP\s0
-container.
-.PP
-Sudo first looks for the \f(CW\*(C`cn=default\*(C'\fR entry in the SUDOers container.
-If found, the multi-valued \f(CW\*(C`sudoOption\*(C'\fR attribute is parsed in the
-same manner as a global \f(CW\*(C`Defaults\*(C'\fR line in \fI/etc/sudoers\fR. In
-the following example, the \f(CW\*(C`SSH_AUTH_SOCK\*(C'\fR variable will be preserved
-in the environment for all users.
-.PP
-.Vb 6
-\& dn: cn=defaults,ou=SUDOers,dc=example,dc=com
-\& objectClass: top
-\& objectClass: sudoRole
-\& cn: defaults
-\& description: Default sudoOption\*(Aqs go here
-\& sudoOption: env_keep+=SSH_AUTH_SOCK
-.Ve
-.PP
-The equivalent of a sudoer in \s-1LDAP\s0 is a \f(CW\*(C`sudoRole\*(C'\fR. It consists of
-the following components:
-.IP "\fBsudoUser\fR" 4
-.IX Item "sudoUser"
-A user name, uid (prefixed with \f(CW\*(Aq#\*(Aq\fR), Unix group (prefixed with
-a \f(CW\*(Aq%\*(Aq\fR) or user netgroup (prefixed with a \f(CW\*(Aq+\*(Aq\fR).
-.IP "\fBsudoHost\fR" 4
-.IX Item "sudoHost"
-A host name, \s-1IP\s0 address, \s-1IP\s0 network, or host netgroup (prefixed
-with a \f(CW\*(Aq+\*(Aq\fR).
-The special value \f(CW\*(C`ALL\*(C'\fR will match any host.
-.IP "\fBsudoCommand\fR" 4
-.IX Item "sudoCommand"
-A Unix command with optional command line arguments, potentially
-including globbing characters (aka wild cards).
-The special value \f(CW\*(C`ALL\*(C'\fR will match any command.
-If a command is prefixed with an exclamation point \f(CW\*(Aq!\*(Aq\fR, the
-user will be prohibited from running that command.
-.IP "\fBsudoOption\fR" 4
-.IX Item "sudoOption"
-Identical in function to the global options described above, but
-specific to the \f(CW\*(C`sudoRole\*(C'\fR in which it resides.
-.IP "\fBsudoRunAsUser\fR" 4
-.IX Item "sudoRunAsUser"
-A user name or uid (prefixed with \f(CW\*(Aq#\*(Aq\fR) that commands may be run
-as or a Unix group (prefixed with a \f(CW\*(Aq%\*(Aq\fR) or user netgroup (prefixed
-with a \f(CW\*(Aq+\*(Aq\fR) that contains a list of users that commands may be
-run as.
-The special value \f(CW\*(C`ALL\*(C'\fR will match any user.
-.IP "\fBsudoRunAsGroup\fR" 4
-.IX Item "sudoRunAsGroup"
-A Unix group or gid (prefixed with \f(CW\*(Aq#\*(Aq\fR) that commands may be run as.
-The special value \f(CW\*(C`ALL\*(C'\fR will match any group.
-.PP
-Each component listed above should contain a single value, but there
-may be multiple instances of each component type. A sudoRole must
-contain at least one \f(CW\*(C`sudoUser\*(C'\fR, \f(CW\*(C`sudoHost\*(C'\fR and \f(CW\*(C`sudoCommand\*(C'\fR.
-.PP
-The following example allows users in group wheel to run any command
-on any host via \fBsudo\fR:
-.PP
-.Vb 7
-\& dn: cn=%wheel,ou=SUDOers,dc=example,dc=com
-\& objectClass: top
-\& objectClass: sudoRole
-\& cn: %wheel
-\& sudoUser: %wheel
-\& sudoHost: ALL
-\& sudoCommand: ALL
-.Ve
-.SS "Anatomy of \s-1LDAP\s0 sudoers lookup"
-.IX Subsection "Anatomy of LDAP sudoers lookup"
-When looking up a sudoer using \s-1LDAP\s0 there are only two or three
-\&\s-1LDAP\s0 queries per invocation. The first query is to parse the global
-options. The second is to match against the user's name and the
-groups that the user belongs to. (The special \s-1ALL\s0 tag is matched
-in this query too.) If no match is returned for the user's name
-and groups, a third query returns all entries containing user
-netgroups and checks to see if the user belongs to any of them.
-.SS "Differences between \s-1LDAP\s0 and non-LDAP sudoers"
-.IX Subsection "Differences between LDAP and non-LDAP sudoers"
-There are some subtle differences in the way sudoers is handled
-once in \s-1LDAP\s0. Probably the biggest is that according to the \s-1RFC\s0,
-\&\s-1LDAP\s0 ordering is arbitrary and you cannot expect that Attributes
-and Entries are returned in any specific order. If there are
-conflicting command rules on an entry, the negative takes precedence.
-This is called paranoid behavior (not necessarily the most specific
-match).
-.PP
-Here is an example:
-.PP
-.Vb 5
-\& # /etc/sudoers:
-\& # Allow all commands except shell
-\& johnny ALL=(root) ALL,!/bin/sh
-\& # Always allows all commands because ALL is matched last
-\& puddles ALL=(root) !/bin/sh,ALL
-\&
-\& # LDAP equivalent of johnny
-\& # Allows all commands except shell
-\& dn: cn=role1,ou=Sudoers,dc=my\-domain,dc=com
-\& objectClass: sudoRole
-\& objectClass: top
-\& cn: role1
-\& sudoUser: johnny
-\& sudoHost: ALL
-\& sudoCommand: ALL
-\& sudoCommand: !/bin/sh
-\&
-\& # LDAP equivalent of puddles
-\& # Notice that even though ALL comes last, it still behaves like
-\& # role1 since the LDAP code assumes the more paranoid configuration
-\& dn: cn=role2,ou=Sudoers,dc=my\-domain,dc=com
-\& objectClass: sudoRole
-\& objectClass: top
-\& cn: role2
-\& sudoUser: puddles
-\& sudoHost: ALL
-\& sudoCommand: !/bin/sh
-\& sudoCommand: ALL
-.Ve
-.PP
-Another difference is that negations on the Host, User or Runas are
-currently ignorred. For example, the following attributes do not
-behave the way one might expect.
-.PP
-.Vb 3
-\& # does not match all but joe
-\& # rather, does not match anyone
-\& sudoUser: !joe
-\&
-\& # does not match all but joe
-\& # rather, matches everyone including Joe
-\& sudoUser: ALL
-\& sudoUser: !joe
-\&
-\& # does not match all but web01
-\& # rather, matches all hosts including web01
-\& sudoHost: ALL
-\& sudoHost: !web01
-.Ve
-.SS "Sudoers Schema"
-.IX Subsection "Sudoers Schema"
-In order to use \fBsudo\fR's \s-1LDAP\s0 support, the \fBsudo\fR schema must be
-installed on your \s-1LDAP\s0 server. In addition, be sure to index the
-\&'sudoUser' attribute.
-.PP
-Three versions of the schema: one for OpenLDAP servers (\fIschema.OpenLDAP\fR),
-one for Netscape-derived servers (\fIschema.iPlanet\fR), and one for
-Microsoft Active Directory (\fIschema.ActiveDirectory\fR) may
-be found in the \fBsudo\fR distribution.
-.PP
-The schema for \fBsudo\fR in OpenLDAP form is included in the \s-1EXAMPLES\s0
-section.
-.SS "Configuring ldap.conf"
-.IX Subsection "Configuring ldap.conf"
-Sudo reads the \fI/etc/ldap.conf\fR file for LDAP-specific configuration.
-Typically, this file is shared amongst different LDAP-aware clients.
-As such, most of the settings are not \fBsudo\fR\-specific. Note that
-\&\fBsudo\fR parses \fI/etc/ldap.conf\fR itself and may support options
-that differ from those described in the \fIldap.conf\fR\|(5) manual.
-.PP
-Also note that on systems using the OpenLDAP libraries, default
-values specified in \fI/etc/openldap/ldap.conf\fR or the user's
-\&\fI.ldaprc\fR files are not used.
-.PP
-Only those options explicitly listed in \fI/etc/ldap.conf\fR that are
-supported by \fBsudo\fR are honored. Configuration options are listed
-below in upper case but are parsed in a case-independent manner.
-.IP "\fB\s-1URI\s0\fR ldap[s]://[hostname[:port]] ..." 4
-.IX Item "URI ldap[s]://[hostname[:port]] ..."
-Specifies a whitespace-delimited list of one or more URIs describing
-the \s-1LDAP\s0 server(s) to connect to. The \fIprotocol\fR may be either
-\&\fBldap\fR or \fBldaps\fR, the latter being for servers that support \s-1TLS\s0
-(\s-1SSL\s0) encryption. If no \fIport\fR is specified, the default is port
-389 for \f(CW\*(C`ldap://\*(C'\fR or port 636 for \f(CW\*(C`ldaps://\*(C'\fR. If no \fIhostname\fR
-is specified, \fBsudo\fR will connect to \fBlocalhost\fR. Multiple \fB\s-1URI\s0\fR
-lines are treated identically to a \fB\s-1URI\s0\fR line containing multiple
-entries. Only systems using the OpenSSL libraries support the
-mixing of \f(CW\*(C`ldap://\*(C'\fR and \f(CW\*(C`ldaps://\*(C'\fR URIs. The Netscape-derived
-libraries used on most commercial versions of Unix are only capable
-of supporting one or the other.
-.IP "\fB\s-1HOST\s0\fR name[:port] ..." 4
-.IX Item "HOST name[:port] ..."
-If no \fB\s-1URI\s0\fR is specified, the \fB\s-1HOST\s0\fR parameter specifies a
-whitespace-delimited list of \s-1LDAP\s0 servers to connect to. Each host
-may include an optional \fIport\fR separated by a colon (':'). The
-\&\fB\s-1HOST\s0\fR parameter is deprecated in favor of the \fB\s-1URI\s0\fR specification
-and is included for backwards compatibility.
-.IP "\fB\s-1PORT\s0\fR port_number" 4
-.IX Item "PORT port_number"
-If no \fB\s-1URI\s0\fR is specified, the \fB\s-1PORT\s0\fR parameter specifies the
-default port to connect to on the \s-1LDAP\s0 server if a \fB\s-1HOST\s0\fR parameter
-does not specify the port itself. If no \fB\s-1PORT\s0\fR parameter is used,
-the default is port 389 for \s-1LDAP\s0 and port 636 for \s-1LDAP\s0 over \s-1TLS\s0
-(\s-1SSL\s0). The \fB\s-1PORT\s0\fR parameter is deprecated in favor of the \fB\s-1URI\s0\fR
-specification and is included for backwards compatibility.
-.IP "\fB\s-1BIND_TIMELIMIT\s0\fR seconds" 4
-.IX Item "BIND_TIMELIMIT seconds"
-The \fB\s-1BIND_TIMELIMIT\s0\fR parameter specifies the amount of time, in seconds,
-to wait while trying to connect to an \s-1LDAP\s0 server. If multiple \fB\s-1URI\s0\fRs or
-\&\fB\s-1HOST\s0\fRs are specified, this is the amount of time to wait before trying
-the next one in the list.
-.IP "\fB\s-1TIMELIMIT\s0\fR seconds" 4
-.IX Item "TIMELIMIT seconds"
-The \fB\s-1TIMELIMIT\s0\fR parameter specifies the amount of time, in seconds,
-to wait for a response to an \s-1LDAP\s0 query.
-.IP "\fB\s-1SUDOERS_BASE\s0\fR base" 4
-.IX Item "SUDOERS_BASE base"
-The base \s-1DN\s0 to use when performing \fBsudo\fR \s-1LDAP\s0 queries. Typically
-this is of the form \f(CW\*(C`ou=SUDOers,dc=example,dc=com\*(C'\fR for the domain
-\&\f(CW\*(C`example.com\*(C'\fR. Multiple \fB\s-1SUDOERS_BASE\s0\fR lines may be specified,
-in which case they are queried in the order specified.
-.IP "\fB\s-1SUDOERS_DEBUG\s0\fR debug_level" 4
-.IX Item "SUDOERS_DEBUG debug_level"
-This sets the debug level for \fBsudo\fR \s-1LDAP\s0 queries. Debugging
-information is printed to the standard error. A value of 1 results
-in a moderate amount of debugging information. A value of 2 shows
-the results of the matches themselves. This parameter should not
-be set in a production environment as the extra information is
-likely to confuse users.
-.IP "\fB\s-1BINDDN\s0\fR \s-1DN\s0" 4
-.IX Item "BINDDN DN"
-The \fB\s-1BINDDN\s0\fR parameter specifies the identity, in the form of a
-Distinguished Name (\s-1DN\s0), to use when performing \s-1LDAP\s0 operations.
-If not specified, \s-1LDAP\s0 operations are performed with an anonymous
-identity. By default, most \s-1LDAP\s0 servers will allow anonymous access.
-.IP "\fB\s-1BINDPW\s0\fR secret" 4
-.IX Item "BINDPW secret"
-The \fB\s-1BINDPW\s0\fR parameter specifies the password to use when performing
-\&\s-1LDAP\s0 operations. This is typically used in conjunction with the
-\&\fB\s-1BINDDN\s0\fR parameter.
-.IP "\fB\s-1ROOTBINDDN\s0\fR \s-1DN\s0" 4
-.IX Item "ROOTBINDDN DN"
-The \fB\s-1ROOTBINDDN\s0\fR parameter specifies the identity, in the form of
-a Distinguished Name (\s-1DN\s0), to use when performing privileged \s-1LDAP\s0
-operations, such as \fIsudoers\fR queries. The password corresponding
-to the identity should be stored in \fI/etc/ldap.secret\fR.
-If not specified, the \fB\s-1BINDDN\s0\fR identity is used (if any).
-.IP "\fB\s-1LDAP_VERSION\s0\fR number" 4
-.IX Item "LDAP_VERSION number"
-The version of the \s-1LDAP\s0 protocol to use when connecting to the server.
-The default value is protocol version 3.
-.IP "\fB\s-1SSL\s0\fR on/true/yes/off/false/no" 4
-.IX Item "SSL on/true/yes/off/false/no"
-If the \fB\s-1SSL\s0\fR parameter is set to \f(CW\*(C`on\*(C'\fR, \f(CW\*(C`true\*(C'\fR or \f(CW\*(C`yes\*(C'\fR, \s-1TLS\s0
-(\s-1SSL\s0) encryption is always used when communicating with the \s-1LDAP\s0
-server. Typically, this involves connecting to the server on port
-636 (ldaps).
-.IP "\fB\s-1SSL\s0\fR start_tls" 4
-.IX Item "SSL start_tls"
-If the \fB\s-1SSL\s0\fR parameter is set to \f(CW\*(C`start_tls\*(C'\fR, the \s-1LDAP\s0 server
-connection is initiated normally and \s-1TLS\s0 encryption is begun before
-the bind credentials are sent. This has the advantage of not
-requiring a dedicated port for encrypted communications. This
-parameter is only supported by \s-1LDAP\s0 servers that honor the \f(CW\*(C`start_tls\*(C'\fR
-extension, such as the OpenLDAP server.
-.IP "\fB\s-1TLS_CHECKPEER\s0\fR on/true/yes/off/false/no" 4
-.IX Item "TLS_CHECKPEER on/true/yes/off/false/no"
-If enabled, \fB\s-1TLS_CHECKPEER\s0\fR will cause the \s-1LDAP\s0 server's \s-1TLS\s0
-certificated to be verified. If the server's \s-1TLS\s0 certificate cannot
-be verified (usually because it is signed by an unknown certificate
-authority), \fBsudo\fR will be unable to connect to it. If \fB\s-1TLS_CHECKPEER\s0\fR
-is disabled, no check is made. Note that disabling the check creates
-an opportunity for man-in-the-middle attacks since the server's
-identity will not be authenticated. If possible, the \s-1CA\s0's certificate
-should be installed locally so it can be verified.
-.IP "\fB\s-1TLS_CACERT\s0\fR file name" 4
-.IX Item "TLS_CACERT file name"
-An alias for \fB\s-1TLS_CACERTFILE\s0\fR.
-.IP "\fB\s-1TLS_CACERTFILE\s0\fR file name" 4
-.IX Item "TLS_CACERTFILE file name"
-The path to a certificate authority bundle which contains the certificates
-for all the Certificate Authorities the client knows to be valid,
-e.g. \fI/etc/ssl/ca\-bundle.pem\fR.
-This option is only supported by the OpenLDAP libraries.
-Netscape-derived \s-1LDAP\s0 libraries use the same certificate
-database for \s-1CA\s0 and client certificates (see \fB\s-1TLS_CERT\s0\fR).
-.IP "\fB\s-1TLS_CACERTDIR\s0\fR directory" 4
-.IX Item "TLS_CACERTDIR directory"
-Similar to \fB\s-1TLS_CACERTFILE\s0\fR but instead of a file, it is a
-directory containing individual Certificate Authority certificates,
-e.g. \fI/etc/ssl/certs\fR.
-The directory specified by \fB\s-1TLS_CACERTDIR\s0\fR is checked after
-\&\fB\s-1TLS_CACERTFILE\s0\fR.
-This option is only supported by the OpenLDAP libraries.
-.IP "\fB\s-1TLS_CERT\s0\fR file name" 4
-.IX Item "TLS_CERT file name"
-The path to a file containing the client certificate which can
-be used to authenticate the client to the \s-1LDAP\s0 server.
-The certificate type depends on the \s-1LDAP\s0 libraries used.
-.Sp
-OpenLDAP:
- \f(CW\*(C`tls_cert /etc/ssl/client_cert.pem\*(C'\fR
-.Sp
-Netscape-derived:
- \f(CW\*(C`tls_cert /var/ldap/cert7.db\*(C'\fR
-.Sp
-When using Netscape-derived libraries, this file may also contain
-Certificate Authority certificates.
-.IP "\fB\s-1TLS_KEY\s0\fR file name" 4
-.IX Item "TLS_KEY file name"
-The path to a file containing the private key which matches the
-certificate specified by \fB\s-1TLS_CERT\s0\fR. The private key must not be
-password-protected. The key type depends on the \s-1LDAP\s0 libraries
-used.
-.Sp
-OpenLDAP:
- \f(CW\*(C`tls_key /etc/ssl/client_key.pem\*(C'\fR
-.Sp
-Netscape-derived:
- \f(CW\*(C`tls_key /var/ldap/key3.db\*(C'\fR
-.IP "\fB\s-1TLS_RANDFILE\s0\fR file name" 4
-.IX Item "TLS_RANDFILE file name"
-The \fB\s-1TLS_RANDFILE\s0\fR parameter specifies the path to an entropy
-source for systems that lack a random device. It is generally used
-in conjunction with \fIprngd\fR or \fIegd\fR.
-This option is only supported by the OpenLDAP libraries.
-.IP "\fB\s-1TLS_CIPHERS\s0\fR cipher list" 4
-.IX Item "TLS_CIPHERS cipher list"
-The \fB\s-1TLS_CIPHERS\s0\fR parameter allows the administer to restrict
-which encryption algorithms may be used for \s-1TLS\s0 (\s-1SSL\s0) connections.
-See the OpenSSL manual for a list of valid ciphers.
-This option is only supported by the OpenLDAP libraries.
-.IP "\fB\s-1USE_SASL\s0\fR on/true/yes/off/false/no" 4
-.IX Item "USE_SASL on/true/yes/off/false/no"
-Enable \fB\s-1USE_SASL\s0\fR for \s-1LDAP\s0 servers that support \s-1SASL\s0 authentication.
-.IP "\fB\s-1SASL_AUTH_ID\s0\fR identity" 4
-.IX Item "SASL_AUTH_ID identity"
-The \s-1SASL\s0 user name to use when connecting to the \s-1LDAP\s0 server.
-By default, \fBsudo\fR will use an anonymous connection.
-.IP "\fB\s-1ROOTUSE_SASL\s0\fR on/true/yes/off/false/no" 4
-.IX Item "ROOTUSE_SASL on/true/yes/off/false/no"
-Enable \fB\s-1ROOTUSE_SASL\s0\fR to enable \s-1SASL\s0 authentication when connecting
-to an \s-1LDAP\s0 server from a privileged process, such as \fBsudo\fR.
-.IP "\fB\s-1ROOTSASL_AUTH_ID\s0\fR identity" 4
-.IX Item "ROOTSASL_AUTH_ID identity"
-The \s-1SASL\s0 user name to use when \fB\s-1ROOTUSE_SASL\s0\fR is enabled.
-.IP "\fB\s-1SASL_SECPROPS\s0\fR none/properties" 4
-.IX Item "SASL_SECPROPS none/properties"
-\&\s-1SASL\s0 security properties or \fInone\fR for no properties. See the
-\&\s-1SASL\s0 programmer's manual for details.
-.IP "\fB\s-1KRB5_CCNAME\s0\fR file name" 4
-.IX Item "KRB5_CCNAME file name"
-The path to the Kerberos 5 credential cache to use when authenticating
-with the remote server.
-.PP
-See the \f(CW\*(C`ldap.conf\*(C'\fR entry in the \s-1EXAMPLES\s0 section.
-.SS "Configuring nsswitch.conf"
-.IX Subsection "Configuring nsswitch.conf"
-Unless it is disabled at build time, \fBsudo\fR consults the Name
-Service Switch file, \fI/etc/nsswitch.conf\fR, to specify the \fIsudoers\fR
-search order. Sudo looks for a line beginning with \f(CW\*(C`sudoers\*(C'\fR: and
-uses this to determine the search order. Note that \fBsudo\fR does
-not stop searching after the first match and later matches take
-precedence over earlier ones.
-.PP
-The following sources are recognized:
-.PP
-.Vb 2
-\& files read sudoers from F</etc/sudoers>
-\& ldap read sudoers from LDAP
-.Ve
-.PP
-In addition, the entry \f(CW\*(C`[NOTFOUND=return]\*(C'\fR will short-circuit the
-search if the user was not found in the preceding source.
-.PP
-To consult \s-1LDAP\s0 first followed by the local sudoers file (if it
-exists), use:
-.PP
-.Vb 1
-\& sudoers: ldap files
-.Ve
-.PP
-The local \fIsudoers\fR file can be ignored completely by using:
-.PP
-.Vb 1
-\& sudoers: ldap
-.Ve
-.PP
-If the \fI/etc/nsswitch.conf\fR file is not present or there is no
-sudoers line, the following default is assumed:
-.PP
-.Vb 1
-\& sudoers: files
-.Ve
-.PP
-Note that \fI/etc/nsswitch.conf\fR is supported even when the underlying
-operating system does not use an nsswitch.conf file.
-.SS "Configuring netsvc.conf"
-.IX Subsection "Configuring netsvc.conf"
-On \s-1AIX\s0 systems, the \fI/etc/netsvc.conf\fR file is consulted instead of
-\&\fI/etc/nsswitch.conf\fR. \fBsudo\fR simply treats \fInetsvc.conf\fR as a
-variant of \fInsswitch.conf\fR; information in the previous section
-unrelated to the file format itself still applies.
-.PP
-To consult \s-1LDAP\s0 first followed by the local sudoers file (if it
-exists), use:
-.PP
-.Vb 1
-\& sudoers = ldap, files
-.Ve
-.PP
-The local \fIsudoers\fR file can be ignored completely by using:
-.PP
-.Vb 1
-\& sudoers = ldap
-.Ve
-.PP
-To treat \s-1LDAP\s0 as authoratative and only use the local sudoers file
-if the user is not present in \s-1LDAP\s0, use:
-.PP
-.Vb 1
-\& sudoers = ldap = auth, files
-.Ve
-.PP
-Note that in the above example, the \f(CW\*(C`auth\*(C'\fR qualfier only affects
-user lookups; both \s-1LDAP\s0 and \fIsudoers\fR will be queried for \f(CW\*(C`Defaults\*(C'\fR
-entries.
-.PP
-If the \fI/etc/netsvc.conf\fR file is not present or there is no
-sudoers line, the following default is assumed:
-.PP
-.Vb 1
-\& sudoers = files
-.Ve
-.SH "FILES"
-.IX Header "FILES"
-.ie n .IP "\fI/etc/ldap.conf\fR" 24
-.el .IP "\fI/etc/ldap.conf\fR" 24
-.IX Item "/etc/ldap.conf"
-\&\s-1LDAP\s0 configuration file
-.ie n .IP "\fI/etc/nsswitch.conf\fR" 24
-.el .IP "\fI/etc/nsswitch.conf\fR" 24
-.IX Item "/etc/nsswitch.conf"
-determines sudoers source order
-.ie n .IP "\fI/etc/netsvc.conf\fR" 24
-.el .IP "\fI/etc/netsvc.conf\fR" 24
-.IX Item "/etc/netsvc.conf"
-determines sudoers source order on \s-1AIX\s0
-.SH "EXAMPLES"
-.IX Header "EXAMPLES"
-.SS "Example ldap.conf"
-.IX Subsection "Example ldap.conf"
-.Vb 10
-\& # Either specify one or more URIs or one or more host:port pairs.
-\& # If neither is specified sudo will default to localhost, port 389.
-\& #
-\& #host ldapserver
-\& #host ldapserver1 ldapserver2:390
-\& #
-\& # Default port if host is specified without one, defaults to 389.
-\& #port 389
-\& #
-\& # URI will override the host and port settings.
-\& uri ldap://ldapserver
-\& #uri ldaps://secureldapserver
-\& #uri ldaps://secureldapserver ldap://ldapserver
-\& #
-\& # The amount of time, in seconds, to wait while trying to connect to
-\& # an LDAP server.
-\& bind_timelimit 30
-\& #
-\& # The amount of time, in seconds, to wait while performing an LDAP query.
-\& timelimit 30
-\& #
-\& # Must be set or sudo will ignore LDAP; may be specified multiple times.
-\& sudoers_base ou=SUDOers,dc=example,dc=com
-\& #
-\& # verbose sudoers matching from ldap
-\& #sudoers_debug 2
-\& #
-\& # optional proxy credentials
-\& #binddn <who to search as>
-\& #bindpw <password>
-\& #rootbinddn <who to search as, uses /etc/ldap.secret for bindpw>
-\& #
-\& # LDAP protocol version, defaults to 3
-\& #ldap_version 3
-\& #
-\& # Define if you want to use an encrypted LDAP connection.
-\& # Typically, you must also set the port to 636 (ldaps).
-\& #ssl on
-\& #
-\& # Define if you want to use port 389 and switch to
-\& # encryption before the bind credentials are sent.
-\& # Only supported by LDAP servers that support the start_tls
-\& # extension such as OpenLDAP.
-\& #ssl start_tls
-\& #
-\& # Additional TLS options follow that allow tweaking of the
-\& # SSL/TLS connection.
-\& #
-\& #tls_checkpeer yes # verify server SSL certificate
-\& #tls_checkpeer no # ignore server SSL certificate
-\& #
-\& # If you enable tls_checkpeer, specify either tls_cacertfile
-\& # or tls_cacertdir. Only supported when using OpenLDAP.
-\& #
-\& #tls_cacertfile /etc/certs/trusted_signers.pem
-\& #tls_cacertdir /etc/certs
-\& #
-\& # For systems that don\*(Aqt have /dev/random
-\& # use this along with PRNGD or EGD.pl to seed the
-\& # random number pool to generate cryptographic session keys.
-\& # Only supported when using OpenLDAP.
-\& #
-\& #tls_randfile /etc/egd\-pool
-\& #
-\& # You may restrict which ciphers are used. Consult your SSL
-\& # documentation for which options go here.
-\& # Only supported when using OpenLDAP.
-\& #
-\& #tls_ciphers <cipher\-list>
-\& #
-\& # Sudo can provide a client certificate when communicating to
-\& # the LDAP server.
-\& # Tips:
-\& # * Enable both lines at the same time.
-\& # * Do not password protect the key file.
-\& # * Ensure the keyfile is only readable by root.
-\& #
-\& # For OpenLDAP:
-\& #tls_cert /etc/certs/client_cert.pem
-\& #tls_key /etc/certs/client_key.pem
-\& #
-\& # For SunONE or iPlanet LDAP, tls_cert and tls_key may specify either
-\& # a directory, in which case the files in the directory must have the
-\& # default names (e.g. cert8.db and key4.db), or the path to the cert
-\& # and key files themselves. However, a bug in version 5.0 of the LDAP
-\& # SDK will prevent specific file names from working. For this reason
-\& # it is suggested that tls_cert and tls_key be set to a directory,
-\& # not a file name.
-\& #
-\& # The certificate database specified by tls_cert may contain CA certs
-\& # and/or the client\*(Aqs cert. If the client\*(Aqs cert is included, tls_key
-\& # should be specified as well.
-\& # For backward compatibility, "sslpath" may be used in place of tls_cert.
-\& #tls_cert /var/ldap
-\& #tls_key /var/ldap
-\& #
-\& # If using SASL authentication for LDAP (OpenSSL)
-\& # use_sasl yes
-\& # sasl_auth_id <SASL user name>
-\& # rootuse_sasl yes
-\& # rootsasl_auth_id <SASL user name for root access>
-\& # sasl_secprops none
-\& # krb5_ccname /etc/.ldapcache
-.Ve
-.SS "Sudo schema for OpenLDAP"
-.IX Subsection "Sudo schema for OpenLDAP"
-The following schema is in OpenLDAP format. Simply copy it to the
-schema directory (e.g. \fI/etc/openldap/schema\fR), add the proper
-\&\f(CW\*(C`include\*(C'\fR line in \f(CW\*(C`slapd.conf\*(C'\fR and restart \fBslapd\fR.
-.PP
-.Vb 6
-\& attributetype ( 1.3.6.1.4.1.15953.9.1.1
-\& NAME \*(AqsudoUser\*(Aq
-\& DESC \*(AqUser(s) who may run sudo\*(Aq
-\& EQUALITY caseExactIA5Match
-\& SUBSTR caseExactIA5SubstringsMatch
-\& SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-\&
-\& attributetype ( 1.3.6.1.4.1.15953.9.1.2
-\& NAME \*(AqsudoHost\*(Aq
-\& DESC \*(AqHost(s) who may run sudo\*(Aq
-\& EQUALITY caseExactIA5Match
-\& SUBSTR caseExactIA5SubstringsMatch
-\& SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-\&
-\& attributetype ( 1.3.6.1.4.1.15953.9.1.3
-\& NAME \*(AqsudoCommand\*(Aq
-\& DESC \*(AqCommand(s) to be executed by sudo\*(Aq
-\& EQUALITY caseExactIA5Match
-\& SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-\&
-\& attributetype ( 1.3.6.1.4.1.15953.9.1.4
-\& NAME \*(AqsudoRunAs\*(Aq
-\& DESC \*(AqUser(s) impersonated by sudo\*(Aq
-\& EQUALITY caseExactIA5Match
-\& SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-\&
-\& attributetype ( 1.3.6.1.4.1.15953.9.1.5
-\& NAME \*(AqsudoOption\*(Aq
-\& DESC \*(AqOptions(s) followed by sudo\*(Aq
-\& EQUALITY caseExactIA5Match
-\& SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-\&
-\& attributetype ( 1.3.6.1.4.1.15953.9.1.6
-\& NAME \*(AqsudoRunAsUser\*(Aq
-\& DESC \*(AqUser(s) impersonated by sudo\*(Aq
-\& EQUALITY caseExactIA5Match
-\& SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-\&
-\& attributetype ( 1.3.6.1.4.1.15953.9.1.7
-\& NAME \*(AqsudoRunAsGroup\*(Aq
-\& DESC \*(AqGroup(s) impersonated by sudo\*(Aq
-\& EQUALITY caseExactIA5Match
-\& SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-\&
-\& objectclass ( 1.3.6.1.4.1.15953.9.2.1 NAME \*(AqsudoRole\*(Aq SUP top STRUCTURAL
-\& DESC \*(AqSudoer Entries\*(Aq
-\& MUST ( cn )
-\& MAY ( sudoUser $ sudoHost $ sudoCommand $ sudoRunAs $ sudoRunAsUser $
-\& sudoRunAsGroup $ sudoOption $ description )
-\& )
-.Ve
-.SH "SEE ALSO"
-.IX Header "SEE ALSO"
-\&\fIldap.conf\fR\|(5), \fIsudoers\fR\|(5)
-.SH "CAVEATS"
-.IX Header "CAVEATS"
-The way that \fIsudoers\fR is parsed differs between Note that there
-are differences in the way that LDAP-based \fIsudoers\fR is parsed
-compared to file-based \fIsudoers\fR. See the \*(L"Differences between
-\&\s-1LDAP\s0 and non-LDAP sudoers\*(R" section for more information.
-.SH "BUGS"
-.IX Header "BUGS"
-If you feel you have found a bug in \fBsudo\fR, please submit a bug report
-at http://www.sudo.ws/sudo/bugs/
-.SH "SUPPORT"
-.IX Header "SUPPORT"
-Limited free support is available via the sudo-users mailing list,
-see http://www.sudo.ws/mailman/listinfo/sudo\-users to subscribe or
-search the archives.
-.SH "DISCLAIMER"
-.IX Header "DISCLAIMER"
-\&\fBsudo\fR is provided ``\s-1AS\s0 \s-1IS\s0'' and any express or implied warranties,
-including, but not limited to, the implied warranties of merchantability
-and fitness for a particular purpose are disclaimed. See the \s-1LICENSE\s0
-file distributed with \fBsudo\fR or http://www.sudo.ws/sudo/license.html
-for complete details.
Modified: trunk/contrib/sudo/sudoers.ldap.man.in
===================================================================
--- trunk/contrib/sudo/sudoers.ldap.man.in 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudoers.ldap.man.in 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,4 +1,4 @@
-.\" Copyright (c) 2003-2010
+.\" Copyright (c) 2003-2011
.\" Todd C. Miller <Todd.Miller at courtesan.com>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
@@ -14,7 +14,7 @@
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" Automatically generated by Pod::Man 2.22 (Pod::Simple 3.07)
+.\" Automatically generated by Pod::Man 2.23 (Pod::Simple 3.14)
.\"
.\" Standard preamble:
.\" ========================================================================
@@ -140,7 +140,7 @@
.\" ========================================================================
.\"
.IX Title "SUDOERS.LDAP @mansectform@"
-.TH SUDOERS.LDAP @mansectform@ "July 12, 2010" "1.7.4" "MAINTENANCE COMMANDS"
+.TH SUDOERS.LDAP @mansectform@ "February 21, 2011" "1.7.5rc1" "MAINTENANCE COMMANDS"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@@ -183,14 +183,14 @@
.PP
For the most part, there is really no need for \fBsudo\fR\-specific
Aliases. Unix groups or user netgroups can be used in place of
-User_Aliases and RunasAliases. Host netgroups can be used in place
-of HostAliases. Since Unix groups and netgroups can also be stored
+User_Aliases and Runas_Aliases. Host netgroups can be used in place
+of Host_Aliases. Since Unix groups and netgroups can also be stored
in \s-1LDAP\s0 there is no real need for \fBsudo\fR\-specific aliases.
.PP
Cmnd_Aliases are not really required either since it is possible
-to have multiple users listed in a sudoRole. Instead of defining
+to have multiple users listed in a \f(CW\*(C`sudoRole\*(C'\fR. Instead of defining
a Cmnd_Alias that is referenced by multiple users, one can create
-a sudoRole that contains the commands and assign multiple users
+a \f(CW\*(C`sudoRole\*(C'\fR that contains the commands and assign multiple users
to it.
.SS "SUDOers \s-1LDAP\s0 container"
.IX Subsection "SUDOers LDAP container"
@@ -213,7 +213,7 @@
.Ve
.PP
The equivalent of a sudoer in \s-1LDAP\s0 is a \f(CW\*(C`sudoRole\*(C'\fR. It consists of
-the following components:
+the following attributes:
.IP "\fBsudoUser\fR" 4
.IX Item "sudoUser"
A user name, uid (prefixed with \f(CW\*(Aq#\*(Aq\fR), Unix group (prefixed with
@@ -241,13 +241,56 @@
with a \f(CW\*(Aq+\*(Aq\fR) that contains a list of users that commands may be
run as.
The special value \f(CW\*(C`ALL\*(C'\fR will match any user.
+.Sp
+The \f(CW\*(C`sudoRunAsUser\*(C'\fR attribute is only available in \fBsudo\fR versions
+1.7.0 and higher. Older versions of \fBsudo\fR use the \f(CW\*(C`sudoRunAs\*(C'\fR
+attribute instead.
.IP "\fBsudoRunAsGroup\fR" 4
.IX Item "sudoRunAsGroup"
A Unix group or gid (prefixed with \f(CW\*(Aq#\*(Aq\fR) that commands may be run as.
The special value \f(CW\*(C`ALL\*(C'\fR will match any group.
+.Sp
+The \f(CW\*(C`sudoRunAsGroup\*(C'\fR attribute is only available in \fBsudo\fR versions
+1.7.0 and higher.
+.IP "\fBsudoNotBefore\fR" 4
+.IX Item "sudoNotBefore"
+A timestamp in the form \f(CW\*(C`yyyymmddHHMMZ\*(C'\fR that can be used to provide
+a start date/time for when the \f(CW\*(C`sudoRole\*(C'\fR will be valid. If
+multiple \f(CW\*(C`sudoNotBefore\*(C'\fR entries are present, the earliest is used.
+Note that timestamps must be in Coordinated Universal Time (\s-1UTC\s0),
+not the local timezone.
+.Sp
+The \f(CW\*(C`sudoNotBefore\*(C'\fR attribute is only available in \fBsudo\fR versions
+1.7.5 and higher and must be explicitly enabled via the \fB\s-1SUDOERS_TIMED\s0\fR
+option in \fI at ldap_conf@\fR.
+.IP "\fBsudoNotAfter\fR" 4
+.IX Item "sudoNotAfter"
+A timestamp in the form \f(CW\*(C`yyyymmddHHMMZ\*(C'\fR that indicates an expiration
+date/time, after which the \f(CW\*(C`sudoRole\*(C'\fR will no longer be valid. If
+multiple \f(CW\*(C`sudoNotBefore\*(C'\fR entries are present, the last one is used.
+Note that timestamps must be in Coordinated Universal Time (\s-1UTC\s0),
+not the local timezone.
+.Sp
+The \f(CW\*(C`sudoNotAfter\*(C'\fR attribute is only available in \fBsudo\fR versions
+1.7.5 and higher and must be explicitly enabled via the \fB\s-1SUDOERS_TIMED\s0\fR
+option in \fI at ldap_conf@\fR.
+.IP "\fBsudoOrder\fR" 4
+.IX Item "sudoOrder"
+The \f(CW\*(C`sudoRole\*(C'\fR entries retrieved from the \s-1LDAP\s0 directory have no
+inherent order. The \f(CW\*(C`sudoOrder\*(C'\fR attribute is an integer (or
+floating point value for \s-1LDAP\s0 servers that support it) that is used
+to sort the matching entries. This allows LDAP-based sudoers entries
+to more closely mimic the behaviour of the sudoers file, where the
+of the entries influences the result. If multiple entries match,
+the entry with the highest \f(CW\*(C`sudoOrder\*(C'\fR attribute is chosen. This
+corresponds to the \*(L"last match\*(R" behavior of the sudoers file. If
+the \f(CW\*(C`sudoOrder\*(C'\fR attribute is not present, a value of 0 is assumed.
+.Sp
+The \f(CW\*(C`sudoOrder\*(C'\fR attribute is only available in \fBsudo\fR versions
+1.7.5 and higher.
.PP
-Each component listed above should contain a single value, but there
-may be multiple instances of each component type. A sudoRole must
+Each attribute listed above should contain a single value, but there
+may be multiple instances of each attribute type. A \f(CW\*(C`sudoRole\*(C'\fR must
contain at least one \f(CW\*(C`sudoUser\*(C'\fR, \f(CW\*(C`sudoHost\*(C'\fR and \f(CW\*(C`sudoCommand\*(C'\fR.
.PP
The following example allows users in group wheel to run any command
@@ -271,13 +314,21 @@
in this query too.) If no match is returned for the user's name
and groups, a third query returns all entries containing user
netgroups and checks to see if the user belongs to any of them.
+.PP
+If timed entries are enabled with the \fB\s-1SUDOERS_TIMED\s0\fR configuration
+directive, the \s-1LDAP\s0 queries include a subfilter that limits retrieval
+to entries that satisfy the time constraints, if any.
.SS "Differences between \s-1LDAP\s0 and non-LDAP sudoers"
.IX Subsection "Differences between LDAP and non-LDAP sudoers"
There are some subtle differences in the way sudoers is handled
once in \s-1LDAP\s0. Probably the biggest is that according to the \s-1RFC\s0,
\&\s-1LDAP\s0 ordering is arbitrary and you cannot expect that Attributes
-and Entries are returned in any specific order. If there are
-conflicting command rules on an entry, the negative takes precedence.
+and Entries are returned in any specific order.
+.PP
+The order in which different entries are applied can be controlled
+using the \f(CW\*(C`sudoOrder\*(C'\fR attribute, but there is no way to guarantee
+the order of attributes within a specific entry. If there are
+conflicting command rules in an entry, the negative takes precedence.
This is called paranoid behavior (not necessarily the most specific
match).
.PP
@@ -315,7 +366,7 @@
.Ve
.PP
Another difference is that negations on the Host, User or Runas are
-currently ignorred. For example, the following attributes do not
+currently ignored. For example, the following attributes do not
behave the way one might expect.
.PP
.Vb 3
@@ -358,7 +409,7 @@
values specified in \fI/etc/openldap/ldap.conf\fR or the user's
\&\fI.ldaprc\fR files are not used.
.PP
-Only those options explicitly listed in \fI at ldap_conf@\fR that are
+Only those options explicitly listed in \fI at ldap_conf@\fR as being
supported by \fBsudo\fR are honored. Configuration options are listed
below in upper case but are parsed in a case-independent manner.
.IP "\fB\s-1URI\s0\fR ldap[s]://[hostname[:port]] ..." 4
@@ -395,10 +446,17 @@
to wait while trying to connect to an \s-1LDAP\s0 server. If multiple \fB\s-1URI\s0\fRs or
\&\fB\s-1HOST\s0\fRs are specified, this is the amount of time to wait before trying
the next one in the list.
+.IP "\fB\s-1NETWORK_TIMEOUT\s0\fR seconds" 4
+.IX Item "NETWORK_TIMEOUT seconds"
+An alias for \fB\s-1BIND_TIMELIMIT\s0\fR for OpenLDAP compatibility.
.IP "\fB\s-1TIMELIMIT\s0\fR seconds" 4
.IX Item "TIMELIMIT seconds"
The \fB\s-1TIMELIMIT\s0\fR parameter specifies the amount of time, in seconds,
to wait for a response to an \s-1LDAP\s0 query.
+.IP "\fB\s-1TIMEOUT\s0\fR seconds" 4
+.IX Item "TIMEOUT seconds"
+The \fB\s-1TIMEOUT\s0\fR parameter specifies the amount of time, in seconds,
+to wait for a response from the various \s-1LDAP\s0 APIs.
.IP "\fB\s-1SUDOERS_BASE\s0\fR base" 4
.IX Item "SUDOERS_BASE base"
The base \s-1DN\s0 to use when performing \fBsudo\fR \s-1LDAP\s0 queries. Typically
@@ -405,6 +463,10 @@
this is of the form \f(CW\*(C`ou=SUDOers,dc=example,dc=com\*(C'\fR for the domain
\&\f(CW\*(C`example.com\*(C'\fR. Multiple \fB\s-1SUDOERS_BASE\s0\fR lines may be specified,
in which case they are queried in the order specified.
+.IP "\fB\s-1SUDOERS_TIMED\s0\fR on/true/yes/off/false/no" 4
+.IX Item "SUDOERS_TIMED on/true/yes/off/false/no"
+Whether or not to evaluate the \f(CW\*(C`sudoNotBefore\*(C'\fR and \f(CW\*(C`sudoNotAfter\*(C'\fR
+attributes that implement time-dependent sudoers entries.
.IP "\fB\s-1SUDOERS_DEBUG\s0\fR debug_level" 4
.IX Item "SUDOERS_DEBUG debug_level"
This sets the debug level for \fBsudo\fR \s-1LDAP\s0 queries. Debugging
@@ -461,7 +523,7 @@
should be installed locally so it can be verified.
.IP "\fB\s-1TLS_CACERT\s0\fR file name" 4
.IX Item "TLS_CACERT file name"
-An alias for \fB\s-1TLS_CACERTFILE\s0\fR.
+An alias for \fB\s-1TLS_CACERTFILE\s0\fR for OpenLDAP compatibility.
.IP "\fB\s-1TLS_CACERTFILE\s0\fR file name" 4
.IX Item "TLS_CACERTFILE file name"
The path to a certificate authority bundle which contains the certificates
@@ -664,6 +726,9 @@
\& # verbose sudoers matching from ldap
\& #sudoers_debug 2
\& #
+\& # Enable support for time\-based entries in sudoers.
+\& #sudoers_timed yes
+\& #
\& # optional proxy credentials
\& #binddn <who to search as>
\& #bindpw <password>
@@ -743,9 +808,10 @@
.Ve
.SS "Sudo schema for OpenLDAP"
.IX Subsection "Sudo schema for OpenLDAP"
-The following schema is in OpenLDAP format. Simply copy it to the
-schema directory (e.g. \fI/etc/openldap/schema\fR), add the proper
-\&\f(CW\*(C`include\*(C'\fR line in \f(CW\*(C`slapd.conf\*(C'\fR and restart \fBslapd\fR.
+The following schema, in OpenLDAP format, is included with \fBsudo\fR
+source and binary distributions as \fIschema.OpenLDAP\fR. Simply copy
+it to the schema directory (e.g. \fI/etc/openldap/schema\fR), add the
+proper \f(CW\*(C`include\*(C'\fR line in \f(CW\*(C`slapd.conf\*(C'\fR and restart \fBslapd\fR.
.PP
.Vb 6
\& attributetype ( 1.3.6.1.4.1.15953.9.1.1
@@ -792,11 +858,33 @@
\& EQUALITY caseExactIA5Match
\& SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
\&
+\& attributetype ( 1.3.6.1.4.1.15953.9.1.8
+\& NAME \*(AqsudoNotBefore\*(Aq
+\& DESC \*(AqStart of time interval for which the entry is valid\*(Aq
+\& EQUALITY generalizedTimeMatch
+\& ORDERING generalizedTimeOrderingMatch
+\& SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 )
+\&
+\& attributetype ( 1.3.6.1.4.1.15953.9.1.9
+\& NAME \*(AqsudoNotAfter\*(Aq
+\& DESC \*(AqEnd of time interval for which the entry is valid\*(Aq
+\& EQUALITY generalizedTimeMatch
+\& ORDERING generalizedTimeOrderingMatch
+\& SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 )
+\&
+\& attributeTypes ( 1.3.6.1.4.1.15953.9.1.10
+\& NAME \*(AqsudoOrder\*(Aq
+\& DESC \*(Aqan integer to order the sudoRole entries\*(Aq
+\& EQUALITY integerMatch
+\& ORDERING integerOrderingMatch
+\& SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
+\&
\& objectclass ( 1.3.6.1.4.1.15953.9.2.1 NAME \*(AqsudoRole\*(Aq SUP top STRUCTURAL
\& DESC \*(AqSudoer Entries\*(Aq
\& MUST ( cn )
\& MAY ( sudoUser $ sudoHost $ sudoCommand $ sudoRunAs $ sudoRunAsUser $
-\& sudoRunAsGroup $ sudoOption $ description )
+\& sudoRunAsGroup $ sudoOption $ sudoNotBefore $ sudoNotAfter $
+\& sudoOrder $ description )
\& )
.Ve
.SH "SEE ALSO"
@@ -804,10 +892,9 @@
\&\fIldap.conf\fR\|(@mansectform@), \fIsudoers\fR\|(5)
.SH "CAVEATS"
.IX Header "CAVEATS"
-The way that \fIsudoers\fR is parsed differs between Note that there
-are differences in the way that LDAP-based \fIsudoers\fR is parsed
-compared to file-based \fIsudoers\fR. See the \*(L"Differences between
-\&\s-1LDAP\s0 and non-LDAP sudoers\*(R" section for more information.
+Note that there are differences in the way that LDAP-based \fIsudoers\fR
+is parsed compared to file-based \fIsudoers\fR. See the \*(L"Differences
+between \s-1LDAP\s0 and non-LDAP sudoers\*(R" section for more information.
.SH "BUGS"
.IX Header "BUGS"
If you feel you have found a bug in \fBsudo\fR, please submit a bug report
Deleted: trunk/contrib/sudo/sudoers.ldap.pod
===================================================================
--- trunk/contrib/sudo/sudoers.ldap.pod 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudoers.ldap.pod 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,742 +0,0 @@
-Copyright (c) 2003-2010
- Todd C. Miller <Todd.Miller at courtesan.com>
-
-Permission to use, copy, modify, and distribute this software for any
-purpose with or without fee is hereby granted, provided that the above
-copyright notice and this permission notice appear in all copies.
-
-THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-=pod
-
-=head1 NAME
-
-sudoers.ldap - sudo LDAP configuration
-
-=head1 DESCRIPTION
-
-In addition to the standard I<sudoers> file, B<sudo> may be configured
-via LDAP. This can be especially useful for synchronizing I<sudoers>
-in a large, distributed environment.
-
-Using LDAP for I<sudoers> has several benefits:
-
-=over 4
-
-=item *
-
-B<sudo> no longer needs to read I<sudoers> in its entirety. When
-LDAP is used, there are only two or three LDAP queries per invocation.
-This makes it especially fast and particularly usable in LDAP
-environments.
-
-=item *
-
-B<sudo> no longer exits if there is a typo in I<sudoers>.
-It is not possible to load LDAP data into the server that does
-not conform to the sudoers schema, so proper syntax is guaranteed.
-It is still possible to have typos in a user or host name, but
-this will not prevent B<sudo> from running.
-
-=item *
-
-It is possible to specify per-entry options that override the global
-default options. F<@sysconfdir@/sudoers> only supports default options and
-limited options associated with user/host/commands/aliases. The
-syntax is complicated and can be difficult for users to understand.
-Placing the options directly in the entry is more natural.
-
-=item *
-
-The B<visudo> program is no longer needed. B<visudo> provides
-locking and syntax checking of the F<@sysconfdir@/sudoers> file.
-Since LDAP updates are atomic, locking is no longer necessary.
-Because syntax is checked when the data is inserted into LDAP, there
-is no need for a specialized tool to check syntax.
-
-=back
-
-Another major difference between LDAP and file-based I<sudoers>
-is that in LDAP, B<sudo>-specific Aliases are not supported.
-
-For the most part, there is really no need for B<sudo>-specific
-Aliases. Unix groups or user netgroups can be used in place of
-User_Aliases and RunasAliases. Host netgroups can be used in place
-of HostAliases. Since Unix groups and netgroups can also be stored
-in LDAP there is no real need for B<sudo>-specific aliases.
-
-Cmnd_Aliases are not really required either since it is possible
-to have multiple users listed in a sudoRole. Instead of defining
-a Cmnd_Alias that is referenced by multiple users, one can create
-a sudoRole that contains the commands and assign multiple users
-to it.
-
-=head2 SUDOers LDAP container
-
-The I<sudoers> configuration is contained in the C<ou=SUDOers> LDAP
-container.
-
-Sudo first looks for the C<cn=default> entry in the SUDOers container.
-If found, the multi-valued C<sudoOption> attribute is parsed in the
-same manner as a global C<Defaults> line in F<@sysconfdir@/sudoers>. In
-the following example, the C<SSH_AUTH_SOCK> variable will be preserved
-in the environment for all users.
-
- dn: cn=defaults,ou=SUDOers,dc=example,dc=com
- objectClass: top
- objectClass: sudoRole
- cn: defaults
- description: Default sudoOption's go here
- sudoOption: env_keep+=SSH_AUTH_SOCK
-
-The equivalent of a sudoer in LDAP is a C<sudoRole>. It consists of
-the following components:
-
-=over 4
-
-=item B<sudoUser>
-
-A user name, uid (prefixed with C<'#'>), Unix group (prefixed with
-a C<'%'>) or user netgroup (prefixed with a C<'+'>).
-
-=item B<sudoHost>
-
-A host name, IP address, IP network, or host netgroup (prefixed
-with a C<'+'>).
-The special value C<ALL> will match any host.
-
-=item B<sudoCommand>
-
-A Unix command with optional command line arguments, potentially
-including globbing characters (aka wild cards).
-The special value C<ALL> will match any command.
-If a command is prefixed with an exclamation point C<'!'>, the
-user will be prohibited from running that command.
-
-=item B<sudoOption>
-
-Identical in function to the global options described above, but
-specific to the C<sudoRole> in which it resides.
-
-=item B<sudoRunAsUser>
-
-A user name or uid (prefixed with C<'#'>) that commands may be run
-as or a Unix group (prefixed with a C<'%'>) or user netgroup (prefixed
-with a C<'+'>) that contains a list of users that commands may be
-run as.
-The special value C<ALL> will match any user.
-
-=item B<sudoRunAsGroup>
-
-A Unix group or gid (prefixed with C<'#'>) that commands may be run as.
-The special value C<ALL> will match any group.
-
-=back
-
-Each component listed above should contain a single value, but there
-may be multiple instances of each component type. A sudoRole must
-contain at least one C<sudoUser>, C<sudoHost> and C<sudoCommand>.
-
-The following example allows users in group wheel to run any command
-on any host via B<sudo>:
-
- dn: cn=%wheel,ou=SUDOers,dc=example,dc=com
- objectClass: top
- objectClass: sudoRole
- cn: %wheel
- sudoUser: %wheel
- sudoHost: ALL
- sudoCommand: ALL
-
-=head2 Anatomy of LDAP sudoers lookup
-
-When looking up a sudoer using LDAP there are only two or three
-LDAP queries per invocation. The first query is to parse the global
-options. The second is to match against the user's name and the
-groups that the user belongs to. (The special ALL tag is matched
-in this query too.) If no match is returned for the user's name
-and groups, a third query returns all entries containing user
-netgroups and checks to see if the user belongs to any of them.
-
-=head2 Differences between LDAP and non-LDAP sudoers
-
-There are some subtle differences in the way sudoers is handled
-once in LDAP. Probably the biggest is that according to the RFC,
-LDAP ordering is arbitrary and you cannot expect that Attributes
-and Entries are returned in any specific order. If there are
-conflicting command rules on an entry, the negative takes precedence.
-This is called paranoid behavior (not necessarily the most specific
-match).
-
-Here is an example:
-
- # /etc/sudoers:
- # Allow all commands except shell
- johnny ALL=(root) ALL,!/bin/sh
- # Always allows all commands because ALL is matched last
- puddles ALL=(root) !/bin/sh,ALL
-
- # LDAP equivalent of johnny
- # Allows all commands except shell
- dn: cn=role1,ou=Sudoers,dc=my-domain,dc=com
- objectClass: sudoRole
- objectClass: top
- cn: role1
- sudoUser: johnny
- sudoHost: ALL
- sudoCommand: ALL
- sudoCommand: !/bin/sh
-
- # LDAP equivalent of puddles
- # Notice that even though ALL comes last, it still behaves like
- # role1 since the LDAP code assumes the more paranoid configuration
- dn: cn=role2,ou=Sudoers,dc=my-domain,dc=com
- objectClass: sudoRole
- objectClass: top
- cn: role2
- sudoUser: puddles
- sudoHost: ALL
- sudoCommand: !/bin/sh
- sudoCommand: ALL
-
-Another difference is that negations on the Host, User or Runas are
-currently ignorred. For example, the following attributes do not
-behave the way one might expect.
-
- # does not match all but joe
- # rather, does not match anyone
- sudoUser: !joe
-
- # does not match all but joe
- # rather, matches everyone including Joe
- sudoUser: ALL
- sudoUser: !joe
-
- # does not match all but web01
- # rather, matches all hosts including web01
- sudoHost: ALL
- sudoHost: !web01
-
-=head2 Sudoers Schema
-
-In order to use B<sudo>'s LDAP support, the B<sudo> schema must be
-installed on your LDAP server. In addition, be sure to index the
-'sudoUser' attribute.
-
-Three versions of the schema: one for OpenLDAP servers (F<schema.OpenLDAP>),
-one for Netscape-derived servers (F<schema.iPlanet>), and one for
-Microsoft Active Directory (F<schema.ActiveDirectory>) may
-be found in the B<sudo> distribution.
-
-The schema for B<sudo> in OpenLDAP form is included in the L<EXAMPLES>
-section.
-
-=head2 Configuring ldap.conf
-
-Sudo reads the F<@ldap_conf@> file for LDAP-specific configuration.
-Typically, this file is shared amongst different LDAP-aware clients.
-As such, most of the settings are not B<sudo>-specific. Note that
-B<sudo> parses F<@ldap_conf@> itself and may support options
-that differ from those described in the L<ldap.conf(5)> manual.
-
-Also note that on systems using the OpenLDAP libraries, default
-values specified in F</etc/openldap/ldap.conf> or the user's
-F<.ldaprc> files are not used.
-
-Only those options explicitly listed in F<@ldap_conf@> that are
-supported by B<sudo> are honored. Configuration options are listed
-below in upper case but are parsed in a case-independent manner.
-
-=over 4
-
-=item B<URI> ldap[s]://[hostname[:port]] ...
-
-Specifies a whitespace-delimited list of one or more URIs describing
-the LDAP server(s) to connect to. The I<protocol> may be either
-B<ldap> or B<ldaps>, the latter being for servers that support TLS
-(SSL) encryption. If no I<port> is specified, the default is port
-389 for C<ldap://> or port 636 for C<ldaps://>. If no I<hostname>
-is specified, B<sudo> will connect to B<localhost>. Multiple B<URI>
-lines are treated identically to a B<URI> line containing multiple
-entries. Only systems using the OpenSSL libraries support the
-mixing of C<ldap://> and C<ldaps://> URIs. The Netscape-derived
-libraries used on most commercial versions of Unix are only capable
-of supporting one or the other.
-
-=item B<HOST> name[:port] ...
-
-If no B<URI> is specified, the B<HOST> parameter specifies a
-whitespace-delimited list of LDAP servers to connect to. Each host
-may include an optional I<port> separated by a colon (':'). The
-B<HOST> parameter is deprecated in favor of the B<URI> specification
-and is included for backwards compatibility.
-
-=item B<PORT> port_number
-
-If no B<URI> is specified, the B<PORT> parameter specifies the
-default port to connect to on the LDAP server if a B<HOST> parameter
-does not specify the port itself. If no B<PORT> parameter is used,
-the default is port 389 for LDAP and port 636 for LDAP over TLS
-(SSL). The B<PORT> parameter is deprecated in favor of the B<URI>
-specification and is included for backwards compatibility.
-
-=item B<BIND_TIMELIMIT> seconds
-
-The B<BIND_TIMELIMIT> parameter specifies the amount of time, in seconds,
-to wait while trying to connect to an LDAP server. If multiple B<URI>s or
-B<HOST>s are specified, this is the amount of time to wait before trying
-the next one in the list.
-
-=item B<TIMELIMIT> seconds
-
-The B<TIMELIMIT> parameter specifies the amount of time, in seconds,
-to wait for a response to an LDAP query.
-
-=item B<SUDOERS_BASE> base
-
-The base DN to use when performing B<sudo> LDAP queries. Typically
-this is of the form C<ou=SUDOers,dc=example,dc=com> for the domain
-C<example.com>. Multiple B<SUDOERS_BASE> lines may be specified,
-in which case they are queried in the order specified.
-
-=item B<SUDOERS_DEBUG> debug_level
-
-This sets the debug level for B<sudo> LDAP queries. Debugging
-information is printed to the standard error. A value of 1 results
-in a moderate amount of debugging information. A value of 2 shows
-the results of the matches themselves. This parameter should not
-be set in a production environment as the extra information is
-likely to confuse users.
-
-=item B<BINDDN> DN
-
-The B<BINDDN> parameter specifies the identity, in the form of a
-Distinguished Name (DN), to use when performing LDAP operations.
-If not specified, LDAP operations are performed with an anonymous
-identity. By default, most LDAP servers will allow anonymous access.
-
-=item B<BINDPW> secret
-
-The B<BINDPW> parameter specifies the password to use when performing
-LDAP operations. This is typically used in conjunction with the
-B<BINDDN> parameter.
-
-=item B<ROOTBINDDN> DN
-
-The B<ROOTBINDDN> parameter specifies the identity, in the form of
-a Distinguished Name (DN), to use when performing privileged LDAP
-operations, such as I<sudoers> queries. The password corresponding
-to the identity should be stored in F<@ldap_secret@>.
-If not specified, the B<BINDDN> identity is used (if any).
-
-=item B<LDAP_VERSION> number
-
-The version of the LDAP protocol to use when connecting to the server.
-The default value is protocol version 3.
-
-=item B<SSL> on/true/yes/off/false/no
-
-If the B<SSL> parameter is set to C<on>, C<true> or C<yes>, TLS
-(SSL) encryption is always used when communicating with the LDAP
-server. Typically, this involves connecting to the server on port
-636 (ldaps).
-
-=item B<SSL> start_tls
-
-If the B<SSL> parameter is set to C<start_tls>, the LDAP server
-connection is initiated normally and TLS encryption is begun before
-the bind credentials are sent. This has the advantage of not
-requiring a dedicated port for encrypted communications. This
-parameter is only supported by LDAP servers that honor the C<start_tls>
-extension, such as the OpenLDAP server.
-
-=item B<TLS_CHECKPEER> on/true/yes/off/false/no
-
-If enabled, B<TLS_CHECKPEER> will cause the LDAP server's TLS
-certificated to be verified. If the server's TLS certificate cannot
-be verified (usually because it is signed by an unknown certificate
-authority), B<sudo> will be unable to connect to it. If B<TLS_CHECKPEER>
-is disabled, no check is made. Note that disabling the check creates
-an opportunity for man-in-the-middle attacks since the server's
-identity will not be authenticated. If possible, the CA's certificate
-should be installed locally so it can be verified.
-
-=item B<TLS_CACERT> file name
-
-An alias for B<TLS_CACERTFILE>.
-
-=item B<TLS_CACERTFILE> file name
-
-The path to a certificate authority bundle which contains the certificates
-for all the Certificate Authorities the client knows to be valid,
-e.g. F</etc/ssl/ca-bundle.pem>.
-This option is only supported by the OpenLDAP libraries.
-Netscape-derived LDAP libraries use the same certificate
-database for CA and client certificates (see B<TLS_CERT>).
-
-=item B<TLS_CACERTDIR> directory
-
-Similar to B<TLS_CACERTFILE> but instead of a file, it is a
-directory containing individual Certificate Authority certificates,
-e.g. F</etc/ssl/certs>.
-The directory specified by B<TLS_CACERTDIR> is checked after
-B<TLS_CACERTFILE>.
-This option is only supported by the OpenLDAP libraries.
-
-=item B<TLS_CERT> file name
-
-The path to a file containing the client certificate which can
-be used to authenticate the client to the LDAP server.
-The certificate type depends on the LDAP libraries used.
-
-OpenLDAP:
- C<tls_cert /etc/ssl/client_cert.pem>
-
-Netscape-derived:
- C<tls_cert /var/ldap/cert7.db>
-
-When using Netscape-derived libraries, this file may also contain
-Certificate Authority certificates.
-
-=item B<TLS_KEY> file name
-
-The path to a file containing the private key which matches the
-certificate specified by B<TLS_CERT>. The private key must not be
-password-protected. The key type depends on the LDAP libraries
-used.
-
-OpenLDAP:
- C<tls_key /etc/ssl/client_key.pem>
-
-Netscape-derived:
- C<tls_key /var/ldap/key3.db>
-
-=item B<TLS_RANDFILE> file name
-
-The B<TLS_RANDFILE> parameter specifies the path to an entropy
-source for systems that lack a random device. It is generally used
-in conjunction with I<prngd> or I<egd>.
-This option is only supported by the OpenLDAP libraries.
-
-=item B<TLS_CIPHERS> cipher list
-
-The B<TLS_CIPHERS> parameter allows the administer to restrict
-which encryption algorithms may be used for TLS (SSL) connections.
-See the OpenSSL manual for a list of valid ciphers.
-This option is only supported by the OpenLDAP libraries.
-
-=item B<USE_SASL> on/true/yes/off/false/no
-
-Enable B<USE_SASL> for LDAP servers that support SASL authentication.
-
-=item B<SASL_AUTH_ID> identity
-
-The SASL user name to use when connecting to the LDAP server.
-By default, B<sudo> will use an anonymous connection.
-
-=item B<ROOTUSE_SASL> on/true/yes/off/false/no
-
-Enable B<ROOTUSE_SASL> to enable SASL authentication when connecting
-to an LDAP server from a privileged process, such as B<sudo>.
-
-=item B<ROOTSASL_AUTH_ID> identity
-
-The SASL user name to use when B<ROOTUSE_SASL> is enabled.
-
-=item B<SASL_SECPROPS> none/properties
-
-SASL security properties or I<none> for no properties. See the
-SASL programmer's manual for details.
-
-=item B<KRB5_CCNAME> file name
-
-The path to the Kerberos 5 credential cache to use when authenticating
-with the remote server.
-
-=back
-
-See the C<ldap.conf> entry in the L<EXAMPLES> section.
-
-=head2 Configuring nsswitch.conf
-
-Unless it is disabled at build time, B<sudo> consults the Name
-Service Switch file, F<@nsswitch_conf@>, to specify the I<sudoers>
-search order. Sudo looks for a line beginning with C<sudoers>: and
-uses this to determine the search order. Note that B<sudo> does
-not stop searching after the first match and later matches take
-precedence over earlier ones.
-
-The following sources are recognized:
-
- files read sudoers from F<@sysconfdir@/sudoers>
- ldap read sudoers from LDAP
-
-In addition, the entry C<[NOTFOUND=return]> will short-circuit the
-search if the user was not found in the preceding source.
-
-To consult LDAP first followed by the local sudoers file (if it
-exists), use:
-
- sudoers: ldap files
-
-The local I<sudoers> file can be ignored completely by using:
-
- sudoers: ldap
-
-If the F<@nsswitch_conf@> file is not present or there is no
-sudoers line, the following default is assumed:
-
- sudoers: files
-
-Note that F<@nsswitch_conf@> is supported even when the underlying
-operating system does not use an nsswitch.conf file.
-
-=head2 Configuring netsvc.conf
-
-On AIX systems, the F<@netsvc_conf@> file is consulted instead of
-F<@nsswitch_conf@>. B<sudo> simply treats I<netsvc.conf> as a
-variant of I<nsswitch.conf>; information in the previous section
-unrelated to the file format itself still applies.
-
-To consult LDAP first followed by the local sudoers file (if it
-exists), use:
-
- sudoers = ldap, files
-
-The local I<sudoers> file can be ignored completely by using:
-
- sudoers = ldap
-
-To treat LDAP as authoratative and only use the local sudoers file
-if the user is not present in LDAP, use:
-
- sudoers = ldap = auth, files
-
-Note that in the above example, the C<auth> qualfier only affects
-user lookups; both LDAP and I<sudoers> will be queried for C<Defaults>
-entries.
-
-If the F<@netsvc_conf@> file is not present or there is no
-sudoers line, the following default is assumed:
-
- sudoers = files
-
-=head1 FILES
-
-=over 24
-
-=item F<@ldap_conf@>
-
-LDAP configuration file
-
-=item F<@nsswitch_conf@>
-
-determines sudoers source order
-
-=item F<@netsvc_conf@>
-
-determines sudoers source order on AIX
-
-=back
-
-=head1 EXAMPLES
-
-=head2 Example ldap.conf
-
- # Either specify one or more URIs or one or more host:port pairs.
- # If neither is specified sudo will default to localhost, port 389.
- #
- #host ldapserver
- #host ldapserver1 ldapserver2:390
- #
- # Default port if host is specified without one, defaults to 389.
- #port 389
- #
- # URI will override the host and port settings.
- uri ldap://ldapserver
- #uri ldaps://secureldapserver
- #uri ldaps://secureldapserver ldap://ldapserver
- #
- # The amount of time, in seconds, to wait while trying to connect to
- # an LDAP server.
- bind_timelimit 30
- #
- # The amount of time, in seconds, to wait while performing an LDAP query.
- timelimit 30
- #
- # Must be set or sudo will ignore LDAP; may be specified multiple times.
- sudoers_base ou=SUDOers,dc=example,dc=com
- #
- # verbose sudoers matching from ldap
- #sudoers_debug 2
- #
- # optional proxy credentials
- #binddn <who to search as>
- #bindpw <password>
- #rootbinddn <who to search as, uses /etc/ldap.secret for bindpw>
- #
- # LDAP protocol version, defaults to 3
- #ldap_version 3
- #
- # Define if you want to use an encrypted LDAP connection.
- # Typically, you must also set the port to 636 (ldaps).
- #ssl on
- #
- # Define if you want to use port 389 and switch to
- # encryption before the bind credentials are sent.
- # Only supported by LDAP servers that support the start_tls
- # extension such as OpenLDAP.
- #ssl start_tls
- #
- # Additional TLS options follow that allow tweaking of the
- # SSL/TLS connection.
- #
- #tls_checkpeer yes # verify server SSL certificate
- #tls_checkpeer no # ignore server SSL certificate
- #
- # If you enable tls_checkpeer, specify either tls_cacertfile
- # or tls_cacertdir. Only supported when using OpenLDAP.
- #
- #tls_cacertfile /etc/certs/trusted_signers.pem
- #tls_cacertdir /etc/certs
- #
- # For systems that don't have /dev/random
- # use this along with PRNGD or EGD.pl to seed the
- # random number pool to generate cryptographic session keys.
- # Only supported when using OpenLDAP.
- #
- #tls_randfile /etc/egd-pool
- #
- # You may restrict which ciphers are used. Consult your SSL
- # documentation for which options go here.
- # Only supported when using OpenLDAP.
- #
- #tls_ciphers <cipher-list>
- #
- # Sudo can provide a client certificate when communicating to
- # the LDAP server.
- # Tips:
- # * Enable both lines at the same time.
- # * Do not password protect the key file.
- # * Ensure the keyfile is only readable by root.
- #
- # For OpenLDAP:
- #tls_cert /etc/certs/client_cert.pem
- #tls_key /etc/certs/client_key.pem
- #
- # For SunONE or iPlanet LDAP, tls_cert and tls_key may specify either
- # a directory, in which case the files in the directory must have the
- # default names (e.g. cert8.db and key4.db), or the path to the cert
- # and key files themselves. However, a bug in version 5.0 of the LDAP
- # SDK will prevent specific file names from working. For this reason
- # it is suggested that tls_cert and tls_key be set to a directory,
- # not a file name.
- #
- # The certificate database specified by tls_cert may contain CA certs
- # and/or the client's cert. If the client's cert is included, tls_key
- # should be specified as well.
- # For backward compatibility, "sslpath" may be used in place of tls_cert.
- #tls_cert /var/ldap
- #tls_key /var/ldap
- #
- # If using SASL authentication for LDAP (OpenSSL)
- # use_sasl yes
- # sasl_auth_id <SASL user name>
- # rootuse_sasl yes
- # rootsasl_auth_id <SASL user name for root access>
- # sasl_secprops none
- # krb5_ccname /etc/.ldapcache
-
-=head2 Sudo schema for OpenLDAP
-
-The following schema is in OpenLDAP format. Simply copy it to the
-schema directory (e.g. F</etc/openldap/schema>), add the proper
-C<include> line in C<slapd.conf> and restart B<slapd>.
-
- attributetype ( 1.3.6.1.4.1.15953.9.1.1
- NAME 'sudoUser'
- DESC 'User(s) who may run sudo'
- EQUALITY caseExactIA5Match
- SUBSTR caseExactIA5SubstringsMatch
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-
- attributetype ( 1.3.6.1.4.1.15953.9.1.2
- NAME 'sudoHost'
- DESC 'Host(s) who may run sudo'
- EQUALITY caseExactIA5Match
- SUBSTR caseExactIA5SubstringsMatch
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-
- attributetype ( 1.3.6.1.4.1.15953.9.1.3
- NAME 'sudoCommand'
- DESC 'Command(s) to be executed by sudo'
- EQUALITY caseExactIA5Match
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-
- attributetype ( 1.3.6.1.4.1.15953.9.1.4
- NAME 'sudoRunAs'
- DESC 'User(s) impersonated by sudo'
- EQUALITY caseExactIA5Match
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-
- attributetype ( 1.3.6.1.4.1.15953.9.1.5
- NAME 'sudoOption'
- DESC 'Options(s) followed by sudo'
- EQUALITY caseExactIA5Match
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-
- attributetype ( 1.3.6.1.4.1.15953.9.1.6
- NAME 'sudoRunAsUser'
- DESC 'User(s) impersonated by sudo'
- EQUALITY caseExactIA5Match
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-
- attributetype ( 1.3.6.1.4.1.15953.9.1.7
- NAME 'sudoRunAsGroup'
- DESC 'Group(s) impersonated by sudo'
- EQUALITY caseExactIA5Match
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-
- objectclass ( 1.3.6.1.4.1.15953.9.2.1 NAME 'sudoRole' SUP top STRUCTURAL
- DESC 'Sudoer Entries'
- MUST ( cn )
- MAY ( sudoUser $ sudoHost $ sudoCommand $ sudoRunAs $ sudoRunAsUser $
- sudoRunAsGroup $ sudoOption $ description )
- )
-
-=head1 SEE ALSO
-
-L<ldap.conf(5)>, L<sudoers(5)>
-
-=head1 CAVEATS
-
-The way that I<sudoers> is parsed differs between Note that there
-are differences in the way that LDAP-based I<sudoers> is parsed
-compared to file-based I<sudoers>. See the L<Differences between
-LDAP and non-LDAP sudoers> section for more information.
-
-=head1 BUGS
-
-If you feel you have found a bug in B<sudo>, please submit a bug report
-at http://www.sudo.ws/sudo/bugs/
-
-=head1 SUPPORT
-
-Limited free support is available via the sudo-users mailing list,
-see http://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or
-search the archives.
-
-=head1 DISCLAIMER
-
-B<sudo> is provided ``AS IS'' and any express or implied warranties,
-including, but not limited to, the implied warranties of merchantability
-and fitness for a particular purpose are disclaimed. See the LICENSE
-file distributed with B<sudo> or http://www.sudo.ws/sudo/license.html
-for complete details.
Deleted: trunk/contrib/sudo/sudoers.man
===================================================================
--- trunk/contrib/sudo/sudoers.man 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudoers.man 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,1758 +0,0 @@
-.\" Copyright (c) 1994-1996, 1998-2005, 2007-2010
-.\" Todd C. Miller <Todd.Miller at courtesan.com>
-.\"
-.\" Permission to use, copy, modify, and distribute this software for any
-.\" purpose with or without fee is hereby granted, provided that the above
-.\" copyright notice and this permission notice appear in all copies.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-.\"
-.\" Sponsored in part by the Defense Advanced Research Projects
-.\" Agency (DARPA) and Air Force Research Laboratory, Air Force
-.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
-.\"
-.nr SL 0
-.nr BA 0
-.nr LC 1
-.\"
-.\" Automatically generated by Pod::Man 2.23 (Pod::Simple 3.14)
-.\"
-.\" Standard preamble:
-.\" ========================================================================
-.de Sp \" Vertical space (when we can't use .PP)
-.if t .sp .5v
-.if n .sp
-..
-.de Vb \" Begin verbatim text
-.ft CW
-.nf
-.ne \\$1
-..
-.de Ve \" End verbatim text
-.ft R
-.fi
-..
-.\" Set up some character translations and predefined strings. \*(-- will
-.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
-.\" double quote, and \*(R" will give a right double quote. \*(C+ will
-.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
-.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
-.\" nothing in troff, for use with C<>.
-.tr \(*W-
-.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
-.ie n \{\
-. ds -- \(*W-
-. ds PI pi
-. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
-. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
-. ds L" ""
-. ds R" ""
-. ds C`
-. ds C'
-'br\}
-.el\{\
-. ds -- \|\(em\|
-. ds PI \(*p
-. ds L" ``
-. ds R" ''
-'br\}
-.\"
-.\" Escape single quotes in literal strings from groff's Unicode transform.
-.ie \n(.g .ds Aq \(aq
-.el .ds Aq '
-.\"
-.\" If the F register is turned on, we'll generate index entries on stderr for
-.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
-.\" entries marked with X<> in POD. Of course, you'll have to process the
-.\" output yourself in some meaningful fashion.
-.ie \nF \{\
-. de IX
-. tm Index:\\$1\t\\n%\t"\\$2"
-..
-. nr % 0
-. rr F
-.\}
-.el \{\
-. de IX
-..
-.\}
-.\"
-.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
-.\" Fear. Run. Save yourself. No user-serviceable parts.
-. \" fudge factors for nroff and troff
-.if n \{\
-. ds #H 0
-. ds #V .8m
-. ds #F .3m
-. ds #[ \f1
-. ds #] \fP
-.\}
-.if t \{\
-. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
-. ds #V .6m
-. ds #F 0
-. ds #[ \&
-. ds #] \&
-.\}
-. \" simple accents for nroff and troff
-.if n \{\
-. ds ' \&
-. ds ` \&
-. ds ^ \&
-. ds , \&
-. ds ~ ~
-. ds /
-.\}
-.if t \{\
-. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
-. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
-. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
-. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
-. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
-. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
-.\}
-. \" troff and (daisy-wheel) nroff accents
-.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
-.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
-.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
-.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
-.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
-.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
-.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
-.ds ae a\h'-(\w'a'u*4/10)'e
-.ds Ae A\h'-(\w'A'u*4/10)'E
-. \" corrections for vroff
-.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
-.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
-. \" for low resolution devices (crt and lpr)
-.if \n(.H>23 .if \n(.V>19 \
-\{\
-. ds : e
-. ds 8 ss
-. ds o a
-. ds d- d\h'-1'\(ga
-. ds D- D\h'-1'\(hy
-. ds th \o'bp'
-. ds Th \o'LP'
-. ds ae ae
-. ds Ae AE
-.\}
-.rm #[ #] #H #V #F C
-.\" ========================================================================
-.\"
-.IX Title "SUDOERS 5"
-.TH SUDOERS 5 "January 12, 2011" "1.7.4" "MAINTENANCE COMMANDS"
-.\" For nroff, turn off justification. Always turn off hyphenation; it makes
-.\" way too many mistakes in technical documents.
-.if n .ad l
-.nh
-.SH "NAME"
-sudoers \- list of which users may execute what
-.SH "DESCRIPTION"
-.IX Header "DESCRIPTION"
-The \fIsudoers\fR file is composed of two types of entries: aliases
-(basically variables) and user specifications (which specify who
-may run what).
-.PP
-When multiple entries match for a user, they are applied in order.
-Where there are multiple matches, the last match is used (which is
-not necessarily the most specific match).
-.PP
-The \fIsudoers\fR grammar will be described below in Extended Backus-Naur
-Form (\s-1EBNF\s0). Don't despair if you don't know what \s-1EBNF\s0 is; it is
-fairly simple, and the definitions below are annotated.
-.SS "Quick guide to \s-1EBNF\s0"
-.IX Subsection "Quick guide to EBNF"
-\&\s-1EBNF\s0 is a concise and exact way of describing the grammar of a language.
-Each \s-1EBNF\s0 definition is made up of \fIproduction rules\fR. E.g.,
-.PP
-.Vb 1
-\& symbol ::= definition | alternate1 | alternate2 ...
-.Ve
-.PP
-Each \fIproduction rule\fR references others and thus makes up a
-grammar for the language. \s-1EBNF\s0 also contains the following
-operators, which many readers will recognize from regular
-expressions. Do not, however, confuse them with \*(L"wildcard\*(R"
-characters, which have different meanings.
-.ie n .IP "\*(C`?\*(C'" 4
-.el .IP "\f(CW\*(C`?\*(C'\fR" 4
-.IX Item "?"
-Means that the preceding symbol (or group of symbols) is optional.
-That is, it may appear once or not at all.
-.ie n .IP "\*(C`*\*(C'" 4
-.el .IP "\f(CW\*(C`*\*(C'\fR" 4
-.IX Item "*"
-Means that the preceding symbol (or group of symbols) may appear
-zero or more times.
-.ie n .IP "\*(C`+\*(C'" 4
-.el .IP "\f(CW\*(C`+\*(C'\fR" 4
-.IX Item "+"
-Means that the preceding symbol (or group of symbols) may appear
-one or more times.
-.PP
-Parentheses may be used to group symbols together. For clarity,
-we will use single quotes ('') to designate what is a verbatim character
-string (as opposed to a symbol name).
-.SS "Aliases"
-.IX Subsection "Aliases"
-There are four kinds of aliases: \f(CW\*(C`User_Alias\*(C'\fR, \f(CW\*(C`Runas_Alias\*(C'\fR,
-\&\f(CW\*(C`Host_Alias\*(C'\fR and \f(CW\*(C`Cmnd_Alias\*(C'\fR.
-.PP
-.Vb 4
-\& Alias ::= \*(AqUser_Alias\*(Aq User_Alias (\*(Aq:\*(Aq User_Alias)* |
-\& \*(AqRunas_Alias\*(Aq Runas_Alias (\*(Aq:\*(Aq Runas_Alias)* |
-\& \*(AqHost_Alias\*(Aq Host_Alias (\*(Aq:\*(Aq Host_Alias)* |
-\& \*(AqCmnd_Alias\*(Aq Cmnd_Alias (\*(Aq:\*(Aq Cmnd_Alias)*
-\&
-\& User_Alias ::= NAME \*(Aq=\*(Aq User_List
-\&
-\& Runas_Alias ::= NAME \*(Aq=\*(Aq Runas_List
-\&
-\& Host_Alias ::= NAME \*(Aq=\*(Aq Host_List
-\&
-\& Cmnd_Alias ::= NAME \*(Aq=\*(Aq Cmnd_List
-\&
-\& NAME ::= [A\-Z]([A\-Z][0\-9]_)*
-.Ve
-.PP
-Each \fIalias\fR definition is of the form
-.PP
-.Vb 1
-\& Alias_Type NAME = item1, item2, ...
-.Ve
-.PP
-where \fIAlias_Type\fR is one of \f(CW\*(C`User_Alias\*(C'\fR, \f(CW\*(C`Runas_Alias\*(C'\fR, \f(CW\*(C`Host_Alias\*(C'\fR,
-or \f(CW\*(C`Cmnd_Alias\*(C'\fR. A \f(CW\*(C`NAME\*(C'\fR is a string of uppercase letters, numbers,
-and underscore characters ('_'). A \f(CW\*(C`NAME\*(C'\fR \fBmust\fR start with an
-uppercase letter. It is possible to put several alias definitions
-of the same type on a single line, joined by a colon (':'). E.g.,
-.PP
-.Vb 1
-\& Alias_Type NAME = item1, item2, item3 : NAME = item4, item5
-.Ve
-.PP
-The definitions of what constitutes a valid \fIalias\fR member follow.
-.PP
-.Vb 2
-\& User_List ::= User |
-\& User \*(Aq,\*(Aq User_List
-\&
-\& User ::= \*(Aq!\*(Aq* user name |
-\& \*(Aq!\*(Aq* \*(Aq#\*(Aquid |
-\& \*(Aq!\*(Aq* \*(Aq%\*(Aqgroup |
-\& \*(Aq!\*(Aq* \*(Aq+\*(Aqnetgroup |
-\& \*(Aq!\*(Aq* \*(Aq%:\*(Aqnonunix_group |
-\& \*(Aq!\*(Aq* User_Alias
-.Ve
-.PP
-A \f(CW\*(C`User_List\*(C'\fR is made up of one or more user names, uids (prefixed
-with '#'), system groups (prefixed with '%'), netgroups (prefixed
-with '+') and \f(CW\*(C`User_Alias\*(C'\fRes. Each list item may be prefixed with
-zero or more '!' operators. An odd number of '!' operators negate
-the value of the item; an even number just cancel each other out.
-.PP
-A \f(CW\*(C`user name\*(C'\fR, \f(CW\*(C`group\*(C'\fR, \f(CW\*(C`netgroup\*(C'\fR or \f(CW\*(C`nonunix_group\*(C'\fR may
-be enclosed in double quotes to avoid the need for escaping special
-characters. Alternately, special characters may be specified in
-escaped hex mode, e.g. \ex20 for space.
-.PP
-The \f(CW\*(C`nonunix_group\*(C'\fR syntax depends on the underlying implementation.
-For instance, the \s-1QAS\s0 \s-1AD\s0 backend supports the following formats:
-.IP "\(bu" 4
-Group in the same domain: \*(L"Group Name\*(R"
-.IP "\(bu" 4
-Group in any domain: \*(L"Group Name at FULLY.QUALIFIED.DOMAIN\*(R"
-.IP "\(bu" 4
-Group \s-1SID:\s0 \*(L"S\-1\-2\-34\-5678901234\-5678901234\-5678901234\-567\*(R"
-.PP
-Note that quotes around group names are optional. Unquoted strings must
-use a backslash (\e) to escape spaces and the '@' symbol.
-.PP
-.Vb 2
-\& Runas_List ::= Runas_Member |
-\& Runas_Member \*(Aq,\*(Aq Runas_List
-\&
-\& Runas_Member ::= \*(Aq!\*(Aq* user name |
-\& \*(Aq!\*(Aq* \*(Aq#\*(Aquid |
-\& \*(Aq!\*(Aq* \*(Aq%\*(Aqgroup |
-\& \*(Aq!\*(Aq* +netgroup |
-\& \*(Aq!\*(Aq* Runas_Alias
-.Ve
-.PP
-A \f(CW\*(C`Runas_List\*(C'\fR is similar to a \f(CW\*(C`User_List\*(C'\fR except that instead
-of \f(CW\*(C`User_Alias\*(C'\fRes it can contain \f(CW\*(C`Runas_Alias\*(C'\fRes. Note that
-user names and groups are matched as strings. In other words, two
-users (groups) with the same uid (gid) are considered to be distinct.
-If you wish to match all user names with the same uid (e.g.\ root
-and toor), you can use a uid instead (#0 in the example given).
-.PP
-.Vb 2
-\& Host_List ::= Host |
-\& Host \*(Aq,\*(Aq Host_List
-\&
-\& Host ::= \*(Aq!\*(Aq* host name |
-\& \*(Aq!\*(Aq* ip_addr |
-\& \*(Aq!\*(Aq* network(/netmask)? |
-\& \*(Aq!\*(Aq* \*(Aq+\*(Aqnetgroup |
-\& \*(Aq!\*(Aq* Host_Alias
-.Ve
-.PP
-A \f(CW\*(C`Host_List\*(C'\fR is made up of one or more host names, \s-1IP\s0 addresses,
-network numbers, netgroups (prefixed with '+') and other aliases.
-Again, the value of an item may be negated with the '!' operator.
-If you do not specify a netmask along with the network number,
-\&\fBsudo\fR will query each of the local host's network interfaces and,
-if the network number corresponds to one of the hosts's network
-interfaces, the corresponding netmask will be used. The netmask
-may be specified either in standard \s-1IP\s0 address notation
-(e.g.\ 255.255.255.0 or ffff:ffff:ffff:ffff::),
-or \s-1CIDR\s0 notation (number of bits, e.g.\ 24 or 64). A host name may
-include shell-style wildcards (see the Wildcards section below),
-but unless the \f(CW\*(C`host name\*(C'\fR command on your machine returns the fully
-qualified host name, you'll need to use the \fIfqdn\fR option for
-wildcards to be useful. Note \fBsudo\fR only inspects actual network
-interfaces; this means that \s-1IP\s0 address 127.0.0.1 (localhost) will
-never match. Also, the host name \*(L"localhost\*(R" will only match if
-that is the actual host name, which is usually only the case for
-non-networked systems.
-.PP
-.Vb 2
-\& Cmnd_List ::= Cmnd |
-\& Cmnd \*(Aq,\*(Aq Cmnd_List
-\&
-\& commandname ::= file name |
-\& file name args |
-\& file name \*(Aq""\*(Aq
-\&
-\& Cmnd ::= \*(Aq!\*(Aq* commandname |
-\& \*(Aq!\*(Aq* directory |
-\& \*(Aq!\*(Aq* "sudoedit" |
-\& \*(Aq!\*(Aq* Cmnd_Alias
-.Ve
-.PP
-A \f(CW\*(C`Cmnd_List\*(C'\fR is a list of one or more commandnames, directories, and other
-aliases. A commandname is a fully qualified file name which may include
-shell-style wildcards (see the Wildcards section below). A simple
-file name allows the user to run the command with any arguments he/she
-wishes. However, you may also specify command line arguments (including
-wildcards). Alternately, you can specify \f(CW""\fR to indicate that the command
-may only be run \fBwithout\fR command line arguments. A directory is a
-fully qualified path name ending in a '/'. When you specify a directory
-in a \f(CW\*(C`Cmnd_List\*(C'\fR, the user will be able to run any file within that directory
-(but not in any subdirectories therein).
-.PP
-If a \f(CW\*(C`Cmnd\*(C'\fR has associated command line arguments, then the arguments
-in the \f(CW\*(C`Cmnd\*(C'\fR must match exactly those given by the user on the command line
-(or match the wildcards if there are any). Note that the following
-characters must be escaped with a '\e' if they are used in command
-arguments: ',', ':', '=', '\e'. The special command \f(CW"sudoedit"\fR
-is used to permit a user to run \fBsudo\fR with the \fB\-e\fR option (or
-as \fBsudoedit\fR). It may take command line arguments just as
-a normal command does.
-.SS "Defaults"
-.IX Subsection "Defaults"
-Certain configuration options may be changed from their default
-values at runtime via one or more \f(CW\*(C`Default_Entry\*(C'\fR lines. These
-may affect all users on any host, all users on a specific host, a
-specific user, a specific command, or commands being run as a specific user.
-Note that per-command entries may not include command line arguments.
-If you need to specify arguments, define a \f(CW\*(C`Cmnd_Alias\*(C'\fR and reference
-that instead.
-.PP
-.Vb 5
-\& Default_Type ::= \*(AqDefaults\*(Aq |
-\& \*(AqDefaults\*(Aq \*(Aq@\*(Aq Host_List |
-\& \*(AqDefaults\*(Aq \*(Aq:\*(Aq User_List |
-\& \*(AqDefaults\*(Aq \*(Aq!\*(Aq Cmnd_List |
-\& \*(AqDefaults\*(Aq \*(Aq>\*(Aq Runas_List
-\&
-\& Default_Entry ::= Default_Type Parameter_List
-\&
-\& Parameter_List ::= Parameter |
-\& Parameter \*(Aq,\*(Aq Parameter_List
-\&
-\& Parameter ::= Parameter \*(Aq=\*(Aq Value |
-\& Parameter \*(Aq+=\*(Aq Value |
-\& Parameter \*(Aq\-=\*(Aq Value |
-\& \*(Aq!\*(Aq* Parameter
-.Ve
-.PP
-Parameters may be \fBflags\fR, \fBinteger\fR values, \fBstrings\fR, or \fBlists\fR.
-Flags are implicitly boolean and can be turned off via the '!'
-operator. Some integer, string and list parameters may also be
-used in a boolean context to disable them. Values may be enclosed
-in double quotes (\f(CW\*(C`"\*(C'\fR) when they contain multiple words. Special
-characters may be escaped with a backslash (\f(CW\*(C`\e\*(C'\fR).
-.PP
-Lists have two additional assignment operators, \f(CW\*(C`+=\*(C'\fR and \f(CW\*(C`\-=\*(C'\fR.
-These operators are used to add to and delete from a list respectively.
-It is not an error to use the \f(CW\*(C`\-=\*(C'\fR operator to remove an element
-that does not exist in a list.
-.PP
-Defaults entries are parsed in the following order: generic, host
-and user Defaults first, then runas Defaults and finally command
-defaults.
-.PP
-See \*(L"\s-1SUDOERS\s0 \s-1OPTIONS\s0\*(R" for a list of supported Defaults parameters.
-.SS "User Specification"
-.IX Subsection "User Specification"
-.Vb 2
-\& User_Spec ::= User_List Host_List \*(Aq=\*(Aq Cmnd_Spec_List \e
-\& (\*(Aq:\*(Aq Host_List \*(Aq=\*(Aq Cmnd_Spec_List)*
-\&
-\& Cmnd_Spec_List ::= Cmnd_Spec |
-\& Cmnd_Spec \*(Aq,\*(Aq Cmnd_Spec_List
-\&
-.ie \n(SL \& Cmnd_Spec ::= Runas_Spec? SELinux_Spec? Tag_Spec* Cmnd
-.el \& Cmnd_Spec ::= Runas_Spec? Tag_Spec* Cmnd
-\&
-\& Runas_Spec ::= \*(Aq(\*(Aq Runas_List? (\*(Aq:\*(Aq Runas_List)? \*(Aq)\*(Aq
-\&
-.if \n(SL \{\
-\& SELinux_Spec ::= (\*(AqROLE=role\*(Aq | \*(AqTYPE=type\*(Aq)
-\&
-\}
-\& Tag_Spec ::= (\*(AqNOPASSWD:\*(Aq | \*(AqPASSWD:\*(Aq | \*(AqNOEXEC:\*(Aq | \*(AqEXEC:\*(Aq |
-\& \*(AqSETENV:\*(Aq | \*(AqNOSETENV:\*(Aq | \*(AqLOG_INPUT:\*(Aq | \*(AqNOLOG_INPUT:\*(Aq |
-\& \*(AqLOG_OUTPUT:\*(Aq | \*(AqNOLOG_OUTPUT:\*(Aq)
-.Ve
-.PP
-A \fBuser specification\fR determines which commands a user may run
-(and as what user) on specified hosts. By default, commands are
-run as \fBroot\fR, but this can be changed on a per-command basis.
-.PP
-The basic structure of a user specification is `who = where (as_whom)
-what'. Let's break that down into its constituent parts:
-.SS "Runas_Spec"
-.IX Subsection "Runas_Spec"
-A \f(CW\*(C`Runas_Spec\*(C'\fR determines the user and/or the group that a command
-may be run as. A fully-specified \f(CW\*(C`Runas_Spec\*(C'\fR consists of two
-\&\f(CW\*(C`Runas_List\*(C'\fRs (as defined above) separated by a colon (':') and
-enclosed in a set of parentheses. The first \f(CW\*(C`Runas_List\*(C'\fR indicates
-which users the command may be run as via \fBsudo\fR's \fB\-u\fR option.
-The second defines a list of groups that can be specified via
-\&\fBsudo\fR's \fB\-g\fR option. If both \f(CW\*(C`Runas_List\*(C'\fRs are specified, the
-command may be run with any combination of users and groups listed
-in their respective \f(CW\*(C`Runas_List\*(C'\fRs. If only the first is specified,
-the command may be run as any user in the list but no \fB\-g\fR option
-may be specified. If the first \f(CW\*(C`Runas_List\*(C'\fR is empty but the
-second is specified, the command may be run as the invoking user
-with the group set to any listed in the \f(CW\*(C`Runas_List\*(C'\fR. If no
-\&\f(CW\*(C`Runas_Spec\*(C'\fR is specified the command may be run as \fBroot\fR and
-no group may be specified.
-.PP
-A \f(CW\*(C`Runas_Spec\*(C'\fR sets the default for the commands that follow it.
-What this means is that for the entry:
-.PP
-.Vb 1
-\& dgb boulder = (operator) /bin/ls, /bin/kill, /usr/bin/lprm
-.Ve
-.PP
-The user \fBdgb\fR may run \fI/bin/ls\fR, \fI/bin/kill\fR, and
-\&\fI/usr/bin/lprm\fR \*(-- but only as \fBoperator\fR. E.g.,
-.PP
-.Vb 1
-\& $ sudo \-u operator /bin/ls.
-.Ve
-.PP
-It is also possible to override a \f(CW\*(C`Runas_Spec\*(C'\fR later on in an
-entry. If we modify the entry like so:
-.PP
-.Vb 1
-\& dgb boulder = (operator) /bin/ls, (root) /bin/kill, /usr/bin/lprm
-.Ve
-.PP
-Then user \fBdgb\fR is now allowed to run \fI/bin/ls\fR as \fBoperator\fR,
-but \fI/bin/kill\fR and \fI/usr/bin/lprm\fR as \fBroot\fR.
-.PP
-We can extend this to allow \fBdgb\fR to run \f(CW\*(C`/bin/ls\*(C'\fR with either
-the user or group set to \fBoperator\fR:
-.PP
-.Vb 2
-\& dgb boulder = (operator : operator) /bin/ls, (root) /bin/kill, \e
-\& /usr/bin/lprm
-.Ve
-.PP
-In the following example, user \fBtcm\fR may run commands that access
-a modem device file with the dialer group. Note that in this example
-only the group will be set, the command still runs as user \fBtcm\fR.
-.PP
-.Vb 2
-\& tcm boulder = (:dialer) /usr/bin/tip, /usr/bin/cu, \e
-\& /usr/local/bin/minicom
-.Ve
-.if \n(SL \{\
-.SS "SELinux_Spec"
-.IX Subsection "SELinux_Spec"
-On systems with SELinux support, \fIsudoers\fR entries may optionally have
-an SELinux role and/or type associated with a command. If a role or
-type is specified with the command it will override any default values
-specified in \fIsudoers\fR. A role or type specified on the command line,
-however, will supercede the values in \fIsudoers\fR.
-\}
-.SS "Tag_Spec"
-.IX Subsection "Tag_Spec"
-A command may have zero or more tags associated with it. There are
-eight possible tag values, \f(CW\*(C`NOPASSWD\*(C'\fR, \f(CW\*(C`PASSWD\*(C'\fR, \f(CW\*(C`NOEXEC\*(C'\fR,
-\&\f(CW\*(C`EXEC\*(C'\fR, \f(CW\*(C`SETENV\*(C'\fR, \f(CW\*(C`NOSETENV\*(C'\fR, \f(CW\*(C`LOG_INPUT\*(C'\fR, \f(CW\*(C`NOLOG_INPUT\*(C'\fR,
-\&\f(CW\*(C`LOG_OUTPUT\*(C'\fR and \f(CW\*(C`NOLOG_OUTPUT\*(C'\fR. Once a tag is set on a \f(CW\*(C`Cmnd\*(C'\fR,
-subsequent \f(CW\*(C`Cmnd\*(C'\fRs in the \f(CW\*(C`Cmnd_Spec_List\*(C'\fR, inherit the tag unless
-it is overridden by the opposite tag (i.e.: \f(CW\*(C`PASSWD\*(C'\fR overrides
-\&\f(CW\*(C`NOPASSWD\*(C'\fR and \f(CW\*(C`NOEXEC\*(C'\fR overrides \f(CW\*(C`EXEC\*(C'\fR).
-.PP
-\fI\s-1NOPASSWD\s0 and \s-1PASSWD\s0\fR
-.IX Subsection "NOPASSWD and PASSWD"
-.PP
-By default, \fBsudo\fR requires that a user authenticate him or herself
-before running a command. This behavior can be modified via the
-\&\f(CW\*(C`NOPASSWD\*(C'\fR tag. Like a \f(CW\*(C`Runas_Spec\*(C'\fR, the \f(CW\*(C`NOPASSWD\*(C'\fR tag sets
-a default for the commands that follow it in the \f(CW\*(C`Cmnd_Spec_List\*(C'\fR.
-Conversely, the \f(CW\*(C`PASSWD\*(C'\fR tag can be used to reverse things.
-For example:
-.PP
-.Vb 1
-\& ray rushmore = NOPASSWD: /bin/kill, /bin/ls, /usr/bin/lprm
-.Ve
-.PP
-would allow the user \fBray\fR to run \fI/bin/kill\fR, \fI/bin/ls\fR, and
-\&\fI/usr/bin/lprm\fR as \fBroot\fR on the machine rushmore without
-authenticating himself. If we only want \fBray\fR to be able to
-run \fI/bin/kill\fR without a password the entry would be:
-.PP
-.Vb 1
-\& ray rushmore = NOPASSWD: /bin/kill, PASSWD: /bin/ls, /usr/bin/lprm
-.Ve
-.PP
-Note, however, that the \f(CW\*(C`PASSWD\*(C'\fR tag has no effect on users who are
-in the group specified by the \fIexempt_group\fR option.
-.PP
-By default, if the \f(CW\*(C`NOPASSWD\*(C'\fR tag is applied to any of the entries
-for a user on the current host, he or she will be able to run
-\&\f(CW\*(C`sudo \-l\*(C'\fR without a password. Additionally, a user may only run
-\&\f(CW\*(C`sudo \-v\*(C'\fR without a password if the \f(CW\*(C`NOPASSWD\*(C'\fR tag is present
-for all a user's entries that pertain to the current host.
-This behavior may be overridden via the verifypw and listpw options.
-.PP
-\fI\s-1NOEXEC\s0 and \s-1EXEC\s0\fR
-.IX Subsection "NOEXEC and EXEC"
-.PP
-If \fBsudo\fR has been compiled with \fInoexec\fR support and the underlying
-operating system supports it, the \f(CW\*(C`NOEXEC\*(C'\fR tag can be used to prevent
-a dynamically-linked executable from running further commands itself.
-.PP
-In the following example, user \fBaaron\fR may run \fI/usr/bin/more\fR
-and \fI/usr/bin/vi\fR but shell escapes will be disabled.
-.PP
-.Vb 1
-\& aaron shanty = NOEXEC: /usr/bin/more, /usr/bin/vi
-.Ve
-.PP
-See the \*(L"\s-1PREVENTING\s0 \s-1SHELL\s0 \s-1ESCAPES\s0\*(R" section below for more details
-on how \f(CW\*(C`NOEXEC\*(C'\fR works and whether or not it will work on your system.
-.PP
-\fI\s-1SETENV\s0 and \s-1NOSETENV\s0\fR
-.IX Subsection "SETENV and NOSETENV"
-.PP
-These tags override the value of the \fIsetenv\fR option on a per-command
-basis. Note that if \f(CW\*(C`SETENV\*(C'\fR has been set for a command, any
-environment variables set on the command line way are not subject
-to the restrictions imposed by \fIenv_check\fR, \fIenv_delete\fR, or
-\&\fIenv_keep\fR. As such, only trusted users should be allowed to set
-variables in this manner. If the command matched is \fB\s-1ALL\s0\fR, the
-\&\f(CW\*(C`SETENV\*(C'\fR tag is implied for that command; this default may
-be overridden by use of the \f(CW\*(C`NOSETENV\*(C'\fR tag.
-.PP
-\fI\s-1LOG_INPUT\s0 and \s-1NOLOG_INPUT\s0\fR
-.IX Subsection "LOG_INPUT and NOLOG_INPUT"
-.PP
-These tags override the value of the \fIlog_input\fR option on a
-per-command basis. For more information, see the description of
-\&\fIlog_input\fR in the \*(L"\s-1SUDOERS\s0 \s-1OPTIONS\s0\*(R" section below.
-.PP
-\fI\s-1LOG_OUTPUT\s0 and \s-1NOLOG_OUTPUT\s0\fR
-.IX Subsection "LOG_OUTPUT and NOLOG_OUTPUT"
-.PP
-These tags override the value of the \fIlog_output\fR option on a
-per-command basis. For more information, see the description of
-\&\fIlog_output\fR in the \*(L"\s-1SUDOERS\s0 \s-1OPTIONS\s0\*(R" section below.
-.SS "Wildcards"
-.IX Subsection "Wildcards"
-\&\fBsudo\fR allows shell-style \fIwildcards\fR (aka meta or glob characters)
-to be used in host names, path names and command line arguments in
-the \fIsudoers\fR file. Wildcard matching is done via the \fB\s-1POSIX\s0\fR
-\&\fIglob\fR\|(3) and \fIfnmatch\fR\|(3) routines. Note that these are \fInot\fR
-regular expressions.
-.ie n .IP "\*(C`*\*(C'" 8
-.el .IP "\f(CW\*(C`*\*(C'\fR" 8
-.IX Item "*"
-Matches any set of zero or more characters.
-.ie n .IP "\*(C`?\*(C'" 8
-.el .IP "\f(CW\*(C`?\*(C'\fR" 8
-.IX Item "?"
-Matches any single character.
-.ie n .IP "\*(C`[...]\*(C'" 8
-.el .IP "\f(CW\*(C`[...]\*(C'\fR" 8
-.IX Item "[...]"
-Matches any character in the specified range.
-.ie n .IP "\*(C`[!...]\*(C'" 8
-.el .IP "\f(CW\*(C`[!...]\*(C'\fR" 8
-.IX Item "[!...]"
-Matches any character \fBnot\fR in the specified range.
-.ie n .IP "\*(C`\ex\*(C'" 8
-.el .IP "\f(CW\*(C`\ex\*(C'\fR" 8
-.IX Item "x"
-For any character \*(L"x\*(R", evaluates to \*(L"x\*(R". This is used to
-escape special characters such as: \*(L"*\*(R", \*(L"?\*(R", \*(L"[\*(R", and \*(L"}\*(R".
-.PP
-\&\s-1POSIX\s0 character classes may also be used if your system's \fIglob\fR\|(3)
-and \fIfnmatch\fR\|(3) functions support them. However, because the
-\&\f(CW\*(Aq:\*(Aq\fR character has special meaning in \fIsudoers\fR, it must be
-escaped. For example:
-.PP
-.Vb 1
-\& /bin/ls [[\e:alpha\e:]]*
-.Ve
-.PP
-Would match any file name beginning with a letter.
-.PP
-Note that a forward slash ('/') will \fBnot\fR be matched by
-wildcards used in the path name. When matching the command
-line arguments, however, a slash \fBdoes\fR get matched by
-wildcards. This is to make a path like:
-.PP
-.Vb 1
-\& /usr/bin/*
-.Ve
-.PP
-match \fI/usr/bin/who\fR but not \fI/usr/bin/X11/xterm\fR.
-.SS "Exceptions to wildcard rules"
-.IX Subsection "Exceptions to wildcard rules"
-The following exceptions apply to the above rules:
-.ie n .IP """""" 8
-.el .IP "\f(CW``''\fR" 8
-.IX Item """"""
-If the empty string \f(CW""\fR is the only command line argument in the
-\&\fIsudoers\fR entry it means that command is not allowed to be run
-with \fBany\fR arguments.
-.SS "Including other files from within sudoers"
-.IX Subsection "Including other files from within sudoers"
-It is possible to include other \fIsudoers\fR files from within the
-\&\fIsudoers\fR file currently being parsed using the \f(CW\*(C`#include\*(C'\fR and
-\&\f(CW\*(C`#includedir\*(C'\fR directives.
-.PP
-This can be used, for example, to keep a site-wide \fIsudoers\fR file
-in addition to a local, per-machine file. For the sake of this
-example the site-wide \fIsudoers\fR will be \fI/etc/sudoers\fR and the
-per-machine one will be \fI/etc/sudoers.local\fR. To include
-\&\fI/etc/sudoers.local\fR from within \fI/etc/sudoers\fR we would use the
-following line in \fI/etc/sudoers\fR:
-.Sp
-.RS 4
-\&\f(CW\*(C`#include /etc/sudoers.local\*(C'\fR
-.RE
-.PP
-When \fBsudo\fR reaches this line it will suspend processing of the
-current file (\fI/etc/sudoers\fR) and switch to \fI/etc/sudoers.local\fR.
-Upon reaching the end of \fI/etc/sudoers.local\fR, the rest of
-\&\fI/etc/sudoers\fR will be processed. Files that are included may
-themselves include other files. A hard limit of 128 nested include
-files is enforced to prevent include file loops.
-.PP
-The file name may include the \f(CW%h\fR escape, signifying the short form
-of the host name. I.e., if the machine's host name is \*(L"xerxes\*(R", then
-.PP
-\&\f(CW\*(C`#include /etc/sudoers.%h\*(C'\fR
-.PP
-will cause \fBsudo\fR to include the file \fI/etc/sudoers.xerxes\fR.
-.PP
-The \f(CW\*(C`#includedir\*(C'\fR directive can be used to create a \fIsudo.d\fR
-directory that the system package manager can drop \fIsudoers\fR rules
-into as part of package installation. For example, given:
-.PP
-\&\f(CW\*(C`#includedir /etc/sudoers.d\*(C'\fR
-.PP
-\&\fBsudo\fR will read each file in \fI/etc/sudoers.d\fR, skipping file
-names that end in \f(CW\*(C`~\*(C'\fR or contain a \f(CW\*(C`.\*(C'\fR character to avoid causing
-problems with package manager or editor temporary/backup files.
-Files are parsed in sorted lexical order. That is,
-\&\fI/etc/sudoers.d/01_first\fR will be parsed before
-\&\fI/etc/sudoers.d/10_second\fR. Be aware that because the sorting is
-lexical, not numeric, \fI/etc/sudoers.d/1_whoops\fR would be loaded
-\&\fBafter\fR \fI/etc/sudoers.d/10_second\fR. Using a consistent number
-of leading zeroes in the file names can be used to avoid such
-problems.
-.PP
-Note that unlike files included via \f(CW\*(C`#include\*(C'\fR, \fBvisudo\fR will not
-edit the files in a \f(CW\*(C`#includedir\*(C'\fR directory unless one of them
-contains a syntax error. It is still possible to run \fBvisudo\fR
-with the \f(CW\*(C`\-f\*(C'\fR flag to edit the files directly.
-.SS "Other special characters and reserved words"
-.IX Subsection "Other special characters and reserved words"
-The pound sign ('#') is used to indicate a comment (unless it is
-part of a #include directive or unless it occurs in the context of
-a user name and is followed by one or more digits, in which case
-it is treated as a uid). Both the comment character and any text
-after it, up to the end of the line, are ignored.
-.PP
-The reserved word \fB\s-1ALL\s0\fR is a built-in \fIalias\fR that always causes
-a match to succeed. It can be used wherever one might otherwise
-use a \f(CW\*(C`Cmnd_Alias\*(C'\fR, \f(CW\*(C`User_Alias\*(C'\fR, \f(CW\*(C`Runas_Alias\*(C'\fR, or \f(CW\*(C`Host_Alias\*(C'\fR.
-You should not try to define your own \fIalias\fR called \fB\s-1ALL\s0\fR as the
-built-in alias will be used in preference to your own. Please note
-that using \fB\s-1ALL\s0\fR can be dangerous since in a command context, it
-allows the user to run \fBany\fR command on the system.
-.PP
-An exclamation point ('!') can be used as a logical \fInot\fR operator
-both in an \fIalias\fR and in front of a \f(CW\*(C`Cmnd\*(C'\fR. This allows one to
-exclude certain values. Note, however, that using a \f(CW\*(C`!\*(C'\fR in
-conjunction with the built-in \f(CW\*(C`ALL\*(C'\fR alias to allow a user to
-run \*(L"all but a few\*(R" commands rarely works as intended (see \s-1SECURITY\s0
-\&\s-1NOTES\s0 below).
-.PP
-Long lines can be continued with a backslash ('\e') as the last
-character on the line.
-.PP
-Whitespace between elements in a list as well as special syntactic
-characters in a \fIUser Specification\fR ('=', ':', '(', ')') is optional.
-.PP
-The following characters must be escaped with a backslash ('\e') when
-used as part of a word (e.g.\ a user name or host name):
-\&'@', '!', '=', ':', ',', '(', ')', '\e'.
-.SH "SUDOERS OPTIONS"
-.IX Header "SUDOERS OPTIONS"
-\&\fBsudo\fR's behavior can be modified by \f(CW\*(C`Default_Entry\*(C'\fR lines, as
-explained earlier. A list of all supported Defaults parameters,
-grouped by type, are listed below.
-.PP
-\&\fBBoolean Flags\fR:
-.IP "always_set_home" 16
-.IX Item "always_set_home"
-If enabled, \fBsudo\fR will set the \f(CW\*(C`HOME\*(C'\fR environment variable to the
-home directory of the target user (which is root unless the \fB\-u\fR
-option is used). This effectively means that the \fB\-H\fR option is
-always implied. Note that \f(CW\*(C`HOME\*(C'\fR is already set when the the
-\&\fIenv_reset\fR option is enabled, so \fIalways_set_home\fR is only
-effective for configurations where \fIenv_reset\fR is disabled.
-This flag is \fIoff\fR by default.
-.IP "authenticate" 16
-.IX Item "authenticate"
-If set, users must authenticate themselves via a password (or other
-means of authentication) before they may run commands. This default
-may be overridden via the \f(CW\*(C`PASSWD\*(C'\fR and \f(CW\*(C`NOPASSWD\*(C'\fR tags.
-This flag is \fIon\fR by default.
-.IP "closefrom_override" 16
-.IX Item "closefrom_override"
-If set, the user may use \fBsudo\fR's \fB\-C\fR option which
-overrides the default starting point at which \fBsudo\fR begins
-closing open file descriptors. This flag is \fIoff\fR by default.
-.IP "compress_io" 16
-.IX Item "compress_io"
-If set, and \fBsudo\fR is configured to log a command's input or output,
-the I/O logs will be compressed using \fBzlib\fR. This flag is \fIon\fR
-by default when \fBsudo\fR is compiled with \fBzlib\fR support.
-.IP "env_editor" 16
-.IX Item "env_editor"
-If set, \fBvisudo\fR will use the value of the \s-1EDITOR\s0 or \s-1VISUAL\s0
-environment variables before falling back on the default editor list.
-Note that this may create a security hole as it allows the user to
-run any arbitrary command as root without logging. A safer alternative
-is to place a colon-separated list of editors in the \f(CW\*(C`editor\*(C'\fR
-variable. \fBvisudo\fR will then only use the \s-1EDITOR\s0 or \s-1VISUAL\s0 if
-they match a value specified in \f(CW\*(C`editor\*(C'\fR. This flag is \fIoff\fR by
-default.
-.IP "env_reset" 16
-.IX Item "env_reset"
-If set, \fBsudo\fR will reset the environment to only contain the
-\&\s-1LOGNAME\s0, \s-1MAIL\s0, \s-1SHELL\s0, \s-1USER\s0, \s-1USERNAME\s0 and the \f(CW\*(C`SUDO_*\*(C'\fR variables. Any
-variables in the caller's environment that match the \f(CW\*(C`env_keep\*(C'\fR
-and \f(CW\*(C`env_check\*(C'\fR lists are then added. The default contents of the
-\&\f(CW\*(C`env_keep\*(C'\fR and \f(CW\*(C`env_check\*(C'\fR lists are displayed when \fBsudo\fR is
-run by root with the \fI\-V\fR option. If the \fIsecure_path\fR option
-is set, its value will be used for the \f(CW\*(C`PATH\*(C'\fR environment variable.
-This flag is \fIon\fR by default.
-.IP "fast_glob" 16
-.IX Item "fast_glob"
-Normally, \fBsudo\fR uses the \fIglob\fR\|(3) function to do shell-style
-globbing when matching path names. However, since it accesses the
-file system, \fIglob\fR\|(3) can take a long time to complete for some
-patterns, especially when the pattern references a network file
-system that is mounted on demand (automounted). The \fIfast_glob\fR
-option causes \fBsudo\fR to use the \fIfnmatch\fR\|(3) function, which does
-not access the file system to do its matching. The disadvantage
-of \fIfast_glob\fR is that it is unable to match relative path names
-such as \fI./ls\fR or \fI../bin/ls\fR. This has security implications
-when path names that include globbing characters are used with the
-negation operator, \f(CW\*(Aq!\*(Aq\fR, as such rules can be trivially bypassed.
-As such, this option should not be used when \fIsudoers\fR contains rules
-that contain negated path names which include globbing characters.
-This flag is \fIoff\fR by default.
-.IP "fqdn" 16
-.IX Item "fqdn"
-Set this flag if you want to put fully qualified host names in the
-\&\fIsudoers\fR file. I.e., instead of myhost you would use myhost.mydomain.edu.
-You may still use the short form if you wish (and even mix the two).
-Beware that turning on \fIfqdn\fR requires \fBsudo\fR to make \s-1DNS\s0 lookups
-which may make \fBsudo\fR unusable if \s-1DNS\s0 stops working (for example
-if the machine is not plugged into the network). Also note that
-you must use the host's official name as \s-1DNS\s0 knows it. That is,
-you may not use a host alias (\f(CW\*(C`CNAME\*(C'\fR entry) due to performance
-issues and the fact that there is no way to get all aliases from
-\&\s-1DNS\s0. If your machine's host name (as returned by the \f(CW\*(C`hostname\*(C'\fR
-command) is already fully qualified you shouldn't need to set
-\&\fIfqdn\fR. This flag is \fIoff\fR by default.
-.IP "ignore_dot" 16
-.IX Item "ignore_dot"
-If set, \fBsudo\fR will ignore '.' or '' (current dir) in the \f(CW\*(C`PATH\*(C'\fR
-environment variable; the \f(CW\*(C`PATH\*(C'\fR itself is not modified. This
-flag is \fIoff\fR by default.
-.IP "ignore_local_sudoers" 16
-.IX Item "ignore_local_sudoers"
-If set via \s-1LDAP\s0, parsing of \fI/etc/sudoers\fR will be skipped.
-This is intended for Enterprises that wish to prevent the usage of local
-sudoers files so that only \s-1LDAP\s0 is used. This thwarts the efforts of
-rogue operators who would attempt to add roles to \fI/etc/sudoers\fR.
-When this option is present, \fI/etc/sudoers\fR does not even need to
-exist. Since this option tells \fBsudo\fR how to behave when no specific \s-1LDAP\s0
-entries have been matched, this sudoOption is only meaningful for the
-\&\f(CW\*(C`cn=defaults\*(C'\fR section. This flag is \fIoff\fR by default.
-.IP "insults" 16
-.IX Item "insults"
-If set, \fBsudo\fR will insult users when they enter an incorrect
-password. This flag is \fIoff\fR by default.
-.IP "log_host" 16
-.IX Item "log_host"
-If set, the host name will be logged in the (non-syslog) \fBsudo\fR log file.
-This flag is \fIoff\fR by default.
-.IP "log_year" 16
-.IX Item "log_year"
-If set, the four-digit year will be logged in the (non-syslog) \fBsudo\fR log file.
-This flag is \fIoff\fR by default.
-.IP "long_otp_prompt" 16
-.IX Item "long_otp_prompt"
-When validating with a One Time Password (\s-1OPT\s0) scheme such as
-\&\fBS/Key\fR or \fB\s-1OPIE\s0\fR, a two-line prompt is used to make it easier
-to cut and paste the challenge to a local window. It's not as
-pretty as the default but some people find it more convenient. This
-flag is \fIoff\fR by default.
-.IP "mail_always" 16
-.IX Item "mail_always"
-Send mail to the \fImailto\fR user every time a users runs \fBsudo\fR.
-This flag is \fIoff\fR by default.
-.IP "mail_badpass" 16
-.IX Item "mail_badpass"
-Send mail to the \fImailto\fR user if the user running \fBsudo\fR does not
-enter the correct password. This flag is \fIoff\fR by default.
-.IP "mail_no_host" 16
-.IX Item "mail_no_host"
-If set, mail will be sent to the \fImailto\fR user if the invoking
-user exists in the \fIsudoers\fR file, but is not allowed to run
-commands on the current host. This flag is \fIoff\fR by default.
-.IP "mail_no_perms" 16
-.IX Item "mail_no_perms"
-If set, mail will be sent to the \fImailto\fR user if the invoking
-user is allowed to use \fBsudo\fR but the command they are trying is not
-listed in their \fIsudoers\fR file entry or is explicitly denied.
-This flag is \fIoff\fR by default.
-.IP "mail_no_user" 16
-.IX Item "mail_no_user"
-If set, mail will be sent to the \fImailto\fR user if the invoking
-user is not in the \fIsudoers\fR file. This flag is \fIon\fR
-by default.
-.IP "noexec" 16
-.IX Item "noexec"
-If set, all commands run via \fBsudo\fR will behave as if the \f(CW\*(C`NOEXEC\*(C'\fR
-tag has been set, unless overridden by a \f(CW\*(C`EXEC\*(C'\fR tag. See the
-description of \fI\s-1NOEXEC\s0 and \s-1EXEC\s0\fR below as well as the \*(L"\s-1PREVENTING\s0 \s-1SHELL\s0
-\&\s-1ESCAPES\s0\*(R" section at the end of this manual. This flag is \fIoff\fR by default.
-.IP "path_info" 16
-.IX Item "path_info"
-Normally, \fBsudo\fR will tell the user when a command could not be
-found in their \f(CW\*(C`PATH\*(C'\fR environment variable. Some sites may wish
-to disable this as it could be used to gather information on the
-location of executables that the normal user does not have access
-to. The disadvantage is that if the executable is simply not in
-the user's \f(CW\*(C`PATH\*(C'\fR, \fBsudo\fR will tell the user that they are not
-allowed to run it, which can be confusing. This flag is \fIon\fR
-by default.
-.IP "passprompt_override" 16
-.IX Item "passprompt_override"
-The password prompt specified by \fIpassprompt\fR will normally only
-be used if the password prompt provided by systems such as \s-1PAM\s0 matches
-the string \*(L"Password:\*(R". If \fIpassprompt_override\fR is set, \fIpassprompt\fR
-will always be used. This flag is \fIoff\fR by default.
-.IP "preserve_groups" 16
-.IX Item "preserve_groups"
-By default, \fBsudo\fR will initialize the group vector to the list of
-groups the target user is in. When \fIpreserve_groups\fR is set, the
-user's existing group vector is left unaltered. The real and
-effective group IDs, however, are still set to match the target
-user. This flag is \fIoff\fR by default.
-.IP "pwfeedback" 16
-.IX Item "pwfeedback"
-By default, \fBsudo\fR reads the password like most other Unix programs,
-by turning off echo until the user hits the return (or enter) key.
-Some users become confused by this as it appears to them that \fBsudo\fR
-has hung at this point. When \fIpwfeedback\fR is set, \fBsudo\fR will
-provide visual feedback when the user presses a key. Note that
-this does have a security impact as an onlooker may be able to
-determine the length of the password being entered.
-This flag is \fIoff\fR by default.
-.IP "requiretty" 16
-.IX Item "requiretty"
-If set, \fBsudo\fR will only run when the user is logged in to a real
-tty. When this flag is set, \fBsudo\fR can only be run from a login
-session and not via other means such as \fIcron\fR\|(8) or cgi-bin scripts.
-This flag is \fIoff\fR by default.
-.IP "root_sudo" 16
-.IX Item "root_sudo"
-If set, root is allowed to run \fBsudo\fR too. Disabling this prevents users
-from \*(L"chaining\*(R" \fBsudo\fR commands to get a root shell by doing something
-like \f(CW"sudo sudo /bin/sh"\fR. Note, however, that turning off \fIroot_sudo\fR
-will also prevent root from running \fBsudoedit\fR.
-Disabling \fIroot_sudo\fR provides no real additional security; it
-exists purely for historical reasons.
-This flag is \fIon\fR by default.
-.IP "rootpw" 16
-.IX Item "rootpw"
-If set, \fBsudo\fR will prompt for the root password instead of the password
-of the invoking user. This flag is \fIoff\fR by default.
-.IP "runaspw" 16
-.IX Item "runaspw"
-If set, \fBsudo\fR will prompt for the password of the user defined by the
-\&\fIrunas_default\fR option (defaults to \f(CW\*(C`root\*(C'\fR) instead of the
-password of the invoking user. This flag is \fIoff\fR by default.
-.IP "set_home" 16
-.IX Item "set_home"
-If enabled and \fBsudo\fR is invoked with the \fB\-s\fR option the \f(CW\*(C`HOME\*(C'\fR
-environment variable will be set to the home directory of the target
-user (which is root unless the \fB\-u\fR option is used). This effectively
-makes the \fB\-s\fR option imply \fB\-H\fR. Note that \f(CW\*(C`HOME\*(C'\fR is already
-set when the the \fIenv_reset\fR option is enabled, so \fIset_home\fR is
-only effective for configurations where \fIenv_reset\fR is disabled.
-This flag is \fIoff\fR by default.
-.IP "set_logname" 16
-.IX Item "set_logname"
-Normally, \fBsudo\fR will set the \f(CW\*(C`LOGNAME\*(C'\fR, \f(CW\*(C`USER\*(C'\fR and \f(CW\*(C`USERNAME\*(C'\fR
-environment variables to the name of the target user (usually root
-unless the \fB\-u\fR option is given). However, since some programs
-(including the \s-1RCS\s0 revision control system) use \f(CW\*(C`LOGNAME\*(C'\fR to
-determine the real identity of the user, it may be desirable to
-change this behavior. This can be done by negating the set_logname
-option. Note that if the \fIenv_reset\fR option has not been disabled,
-entries in the \fIenv_keep\fR list will override the value of
-\&\fIset_logname\fR. This flag is \fIon\fR by default.
-.IP "setenv" 16
-.IX Item "setenv"
-Allow the user to disable the \fIenv_reset\fR option from the command
-line. Additionally, environment variables set via the command line
-are not subject to the restrictions imposed by \fIenv_check\fR,
-\&\fIenv_delete\fR, or \fIenv_keep\fR. As such, only trusted users should
-be allowed to set variables in this manner. This flag is \fIoff\fR
-by default.
-.IP "shell_noargs" 16
-.IX Item "shell_noargs"
-If set and \fBsudo\fR is invoked with no arguments it acts as if the
-\&\fB\-s\fR option had been given. That is, it runs a shell as root (the
-shell is determined by the \f(CW\*(C`SHELL\*(C'\fR environment variable if it is
-set, falling back on the shell listed in the invoking user's
-/etc/passwd entry if not). This flag is \fIoff\fR by default.
-.IP "stay_setuid" 16
-.IX Item "stay_setuid"
-Normally, when \fBsudo\fR executes a command the real and effective
-UIDs are set to the target user (root by default). This option
-changes that behavior such that the real \s-1UID\s0 is left as the invoking
-user's \s-1UID\s0. In other words, this makes \fBsudo\fR act as a setuid
-wrapper. This can be useful on systems that disable some potentially
-dangerous functionality when a program is run setuid. This option
-is only effective on systems with either the \fIsetreuid()\fR or \fIsetresuid()\fR
-function. This flag is \fIoff\fR by default.
-.IP "targetpw" 16
-.IX Item "targetpw"
-If set, \fBsudo\fR will prompt for the password of the user specified
-by the \fB\-u\fR option (defaults to \f(CW\*(C`root\*(C'\fR) instead of the password
-of the invoking user. In addition, the timestamp file name will
-include the target user's name. Note that this flag precludes the
-use of a uid not listed in the passwd database as an argument to
-the \fB\-u\fR option. This flag is \fIoff\fR by default.
-.IP "log_input" 16
-.IX Item "log_input"
-If set, \fBsudo\fR will run the command in a \fIpseudo tty\fR and log all
-user input.
-If the standard input is not connected to the user's tty, due to
-I/O redirection or because the command is part of a pipeline, that
-input is also captured and stored in a separate log file.
-.Sp
-Input is logged to the \fI/var/log/sudo\-io\fR directory using a unique
-session \s-1ID\s0 that is included in the normal \fBsudo\fR log line, prefixed
-with \fITSID=\fR.
-.IP "log_output" 16
-.IX Item "log_output"
-If set, \fBsudo\fR will run the command in a \fIpseudo tty\fR and log all
-output that is sent to the screen, similar to the \fIscript\fR\|(1) command.
-If the standard output or standard error is not connected to the
-user's tty, due to I/O redirection or because the command is part
-of a pipeline, that output is also captured and stored in separate
-log files.
-.Sp
-Output is logged to the
-\&\fI/var/log/sudo\-io\fR directory using a unique session \s-1ID\s0 that is
-included in the normal \fBsudo\fR log line, prefixed with \fITSID=\fR.
-.Sp
-Output logs may be viewed with the \fIsudoreplay\fR\|(8) utility, which
-can also be used to list or search the available logs.
-.IP "tty_tickets" 16
-.IX Item "tty_tickets"
-If set, users must authenticate on a per-tty basis. With this flag
-enabled, \fBsudo\fR will use a file named for the tty the user is
-logged in on in the user's time stamp directory. If disabled, the
-time stamp of the directory is used instead. This flag is
-\&\fIon\fR by default.
-.IP "umask_override" 16
-.IX Item "umask_override"
-If set, \fBsudo\fR will set the umask as specified by \fIsudoers\fR without
-modification. This makes it possible to specify a more permissive
-umask in \fIsudoers\fR than the user's own umask and matches historical
-behavior. If \fIumask_override\fR is not set, \fBsudo\fR will set the
-umask to be the union of the user's umask and what is specified in
-\&\fIsudoers\fR. This flag is \fIoff\fR by default.
-.if \n(LC \{\
-.IP "use_loginclass" 16
-.IX Item "use_loginclass"
-If set, \fBsudo\fR will apply the defaults specified for the target user's
-login class if one exists. Only available if \fBsudo\fR is configured with
-the \-\-with\-logincap option. This flag is \fIoff\fR by default.
-\}
-.IP "use_pty" 16
-.IX Item "use_pty"
-If set, \fBsudo\fR will run the command in a pseudo-pty even if no I/O
-logging is being gone. A malicious program run under \fBsudo\fR could
-conceivably fork a background process that retains to the user's
-terminal device after the main program has finished executing. Use
-of this option will make that impossible.
-.IP "visiblepw" 16
-.IX Item "visiblepw"
-By default, \fBsudo\fR will refuse to run if the user must enter a
-password but it is not possible to disable echo on the terminal.
-If the \fIvisiblepw\fR flag is set, \fBsudo\fR will prompt for a password
-even when it would be visible on the screen. This makes it possible
-to run things like \f(CW"rsh somehost sudo ls"\fR since \fIrsh\fR\|(1) does
-not allocate a tty. This flag is \fIoff\fR by default.
-.PP
-\&\fBIntegers\fR:
-.IP "closefrom" 16
-.IX Item "closefrom"
-Before it executes a command, \fBsudo\fR will close all open file
-descriptors other than standard input, standard output and standard
-error (ie: file descriptors 0\-2). The \fIclosefrom\fR option can be used
-to specify a different file descriptor at which to start closing.
-The default is \f(CW3\fR.
-.IP "passwd_tries" 16
-.IX Item "passwd_tries"
-The number of tries a user gets to enter his/her password before
-\&\fBsudo\fR logs the failure and exits. The default is \f(CW\*(C`3\*(C'\fR.
-.PP
-\&\fBIntegers that can be used in a boolean context\fR:
-.IP "loglinelen" 16
-.IX Item "loglinelen"
-Number of characters per line for the file log. This value is used
-to decide when to wrap lines for nicer log files. This has no
-effect on the syslog log file, only the file log. The default is
-\&\f(CW\*(C`80\*(C'\fR (use 0 or negate the option to disable word wrap).
-.IP "passwd_timeout" 16
-.IX Item "passwd_timeout"
-Number of minutes before the \fBsudo\fR password prompt times out, or
-\&\f(CW0\fR for no timeout. The timeout may include a fractional component
-if minute granularity is insufficient, for example \f(CW2.5\fR. The
-default is \f(CW\*(C`5\*(C'\fR.
-.IP "timestamp_timeout" 16
-.IX Item "timestamp_timeout"
-Number of minutes that can elapse before \fBsudo\fR will ask for a
-passwd again. The timeout may include a fractional component if
-minute granularity is insufficient, for example \f(CW2.5\fR. The default
-is \f(CW\*(C`5\*(C'\fR. Set this to \f(CW0\fR to always prompt for a password.
-If set to a value less than \f(CW0\fR the user's timestamp will never
-expire. This can be used to allow users to create or delete their
-own timestamps via \f(CW\*(C`sudo \-v\*(C'\fR and \f(CW\*(C`sudo \-k\*(C'\fR respectively.
-.IP "umask" 16
-.IX Item "umask"
-Umask to use when running the command. Negate this option or set
-it to 0777 to preserve the user's umask. The actual umask that is
-used will be the union of the user's umask and the value of the
-\&\fIumask\fR option, which defaults to \f(CW\*(C`0022\*(C'\fR. This guarantees
-that \fBsudo\fR never lowers the umask when running a command. Note
-on systems that use \s-1PAM\s0, the default \s-1PAM\s0 configuration may specify
-its own umask which will override the value set in \fIsudoers\fR.
-.PP
-\&\fBStrings\fR:
-.IP "badpass_message" 16
-.IX Item "badpass_message"
-Message that is displayed if a user enters an incorrect password.
-The default is \f(CW\*(C`Sorry, try again.\*(C'\fR unless insults are enabled.
-.IP "editor" 16
-.IX Item "editor"
-A colon (':') separated list of editors allowed to be used with
-\&\fBvisudo\fR. \fBvisudo\fR will choose the editor that matches the user's
-\&\s-1EDITOR\s0 environment variable if possible, or the first editor in the
-list that exists and is executable. The default is \f(CW"/usr/bin/vi"\fR.
-.IP "mailsub" 16
-.IX Item "mailsub"
-Subject of the mail sent to the \fImailto\fR user. The escape \f(CW%h\fR
-will expand to the host name of the machine.
-Default is \f(CW\*(C`*** SECURITY information for %h ***\*(C'\fR.
-.IP "noexec_file" 16
-.IX Item "noexec_file"
-Path to a shared library containing dummy versions of the \fIexecv()\fR,
-\&\fIexecve()\fR and \fIfexecve()\fR library functions that just return an error.
-This is used to implement the \fInoexec\fR functionality on systems that
-support \f(CW\*(C`LD_PRELOAD\*(C'\fR or its equivalent. Defaults to \fI/usr/local/libexec/sudo_noexec.so\fR.
-.IP "passprompt" 16
-.IX Item "passprompt"
-The default prompt to use when asking for a password; can be overridden
-via the \fB\-p\fR option or the \f(CW\*(C`SUDO_PROMPT\*(C'\fR environment variable.
-The following percent (`\f(CW\*(C`%\*(C'\fR') escapes are supported:
-.RS 16
-.ie n .IP "%H" 4
-.el .IP "\f(CW%H\fR" 4
-.IX Item "%H"
-expanded to the local host name including the domain name
-(on if the machine's host name is fully qualified or the \fIfqdn\fR
-option is set)
-.ie n .IP "%h" 4
-.el .IP "\f(CW%h\fR" 4
-.IX Item "%h"
-expanded to the local host name without the domain name
-.ie n .IP "%p" 4
-.el .IP "\f(CW%p\fR" 4
-.IX Item "%p"
-expanded to the user whose password is being asked for (respects the
-\&\fIrootpw\fR, \fItargetpw\fR and \fIrunaspw\fR flags in \fIsudoers\fR)
-.ie n .IP "%U" 4
-.el .IP "\f(CW%U\fR" 4
-.IX Item "%U"
-expanded to the login name of the user the command will
-be run as (defaults to root)
-.ie n .IP "%u" 4
-.el .IP "\f(CW%u\fR" 4
-.IX Item "%u"
-expanded to the invoking user's login name
-.ie n .IP "\*(C`%%\*(C'" 4
-.el .IP "\f(CW\*(C`%%\*(C'\fR" 4
-.IX Item "%%"
-two consecutive \f(CW\*(C`%\*(C'\fR characters are collapsed into a single \f(CW\*(C`%\*(C'\fR character
-.RE
-.RS 16
-.Sp
-The default value is \f(CW\*(C`Password:\*(C'\fR.
-.RE
-.if \n(SL \{\
-.IP "role" 16
-.IX Item "role"
-The default SELinux role to use when constructing a new security
-context to run the command. The default role may be overridden on
-a per-command basis in \fIsudoers\fR or via command line options.
-This option is only available whe \fBsudo\fR is built with SELinux support.
-\}
-.IP "runas_default" 16
-.IX Item "runas_default"
-The default user to run commands as if the \fB\-u\fR option is not specified
-on the command line. This defaults to \f(CW\*(C`root\*(C'\fR.
-Note that if \fIrunas_default\fR is set it \fBmust\fR occur before
-any \f(CW\*(C`Runas_Alias\*(C'\fR specifications.
-.IP "syslog_badpri" 16
-.IX Item "syslog_badpri"
-Syslog priority to use when user authenticates unsuccessfully.
-Defaults to \f(CW\*(C`alert\*(C'\fR.
-.IP "syslog_goodpri" 16
-.IX Item "syslog_goodpri"
-Syslog priority to use when user authenticates successfully.
-Defaults to \f(CW\*(C`notice\*(C'\fR.
-.IP "sudoers_locale" 16
-.IX Item "sudoers_locale"
-Locale to use when parsing the sudoers file. Note that changing
-the locale may affect how sudoers is interpreted.
-Defaults to \f(CW"C"\fR.
-.IP "timestampdir" 16
-.IX Item "timestampdir"
-The directory in which \fBsudo\fR stores its timestamp files.
-The default is \fI/var/db/sudo\fR.
-.IP "timestampowner" 16
-.IX Item "timestampowner"
-The owner of the timestamp directory and the timestamps stored therein.
-The default is \f(CW\*(C`root\*(C'\fR.
-.if \n(SL \{\
-.IP "type" 16
-.IX Item "type"
-The default SELinux type to use when constructing a new security
-context to run the command. The default type may be overridden on
-a per-command basis in \fIsudoers\fR or via command line options.
-This option is only available whe \fBsudo\fR is built with SELinux support.
-\}
-.PP
-\&\fBStrings that can be used in a boolean context\fR:
-.IP "askpass" 12
-.IX Item "askpass"
-The \fIaskpass\fR option specifies the fully qualified path to a helper
-program used to read the user's password when no terminal is
-available. This may be the case when \fBsudo\fR is executed from a
-graphical (as opposed to text-based) application. The program
-specified by \fIaskpass\fR should display the argument passed to it
-as the prompt and write the user's password to the standard output.
-The value of \fIaskpass\fR may be overridden by the \f(CW\*(C`SUDO_ASKPASS\*(C'\fR
-environment variable.
-.IP "env_file" 12
-.IX Item "env_file"
-The \fIenv_file\fR options specifies the fully qualified path to a
-file containing variables to be set in the environment of the program
-being run. Entries in this file should either be of the form
-\&\f(CW\*(C`VARIABLE=value\*(C'\fR or \f(CW\*(C`export VARIABLE=value\*(C'\fR. The value may
-optionally be surrounded by single or double quotes. Variables in
-this file are subject to other \fBsudo\fR environment settings such
-as \fIenv_keep\fR and \fIenv_check\fR.
-.IP "exempt_group" 12
-.IX Item "exempt_group"
-Users in this group are exempt from password and \s-1PATH\s0 requirements.
-This is not set by default.
-.IP "lecture" 12
-.IX Item "lecture"
-This option controls when a short lecture will be printed along with
-the password prompt. It has the following possible values:
-.RS 12
-.IP "always" 8
-.IX Item "always"
-Always lecture the user.
-.IP "never" 8
-.IX Item "never"
-Never lecture the user.
-.IP "once" 8
-.IX Item "once"
-Only lecture the user the first time they run \fBsudo\fR.
-.RE
-.RS 12
-.Sp
-If no value is specified, a value of \fIonce\fR is implied.
-Negating the option results in a value of \fInever\fR being used.
-The default value is \fIonce\fR.
-.RE
-.IP "lecture_file" 12
-.IX Item "lecture_file"
-Path to a file containing an alternate \fBsudo\fR lecture that will
-be used in place of the standard lecture if the named file exists.
-By default, \fBsudo\fR uses a built-in lecture.
-.IP "listpw" 12
-.IX Item "listpw"
-This option controls when a password will be required when a
-user runs \fBsudo\fR with the \fB\-l\fR option. It has the following possible values:
-.RS 12
-.IP "all" 8
-.IX Item "all"
-All the user's \fIsudoers\fR entries for the current host must have
-the \f(CW\*(C`NOPASSWD\*(C'\fR flag set to avoid entering a password.
-.IP "always" 8
-.IX Item "always"
-The user must always enter a password to use the \fB\-l\fR option.
-.IP "any" 8
-.IX Item "any"
-At least one of the user's \fIsudoers\fR entries for the current host
-must have the \f(CW\*(C`NOPASSWD\*(C'\fR flag set to avoid entering a password.
-.IP "never" 8
-.IX Item "never"
-The user need never enter a password to use the \fB\-l\fR option.
-.RE
-.RS 12
-.Sp
-If no value is specified, a value of \fIany\fR is implied.
-Negating the option results in a value of \fInever\fR being used.
-The default value is \fIany\fR.
-.RE
-.IP "logfile" 12
-.IX Item "logfile"
-Path to the \fBsudo\fR log file (not the syslog log file). Setting a path
-turns on logging to a file; negating this option turns it off.
-By default, \fBsudo\fR logs via syslog.
-.IP "mailerflags" 12
-.IX Item "mailerflags"
-Flags to use when invoking mailer. Defaults to \fB\-t\fR.
-.IP "mailerpath" 12
-.IX Item "mailerpath"
-Path to mail program used to send warning mail.
-Defaults to the path to sendmail found at configure time.
-.IP "mailfrom" 12
-.IX Item "mailfrom"
-Address to use for the \*(L"from\*(R" address when sending warning and error
-mail. The address should be enclosed in double quotes (\f(CW\*(C`"\*(C'\fR) to
-protect against \fBsudo\fR interpreting the \f(CW\*(C`@\*(C'\fR sign. Defaults to
-the name of the user running \fBsudo\fR.
-.IP "mailto" 12
-.IX Item "mailto"
-Address to send warning and error mail to. The address should
-be enclosed in double quotes (\f(CW\*(C`"\*(C'\fR) to protect against \fBsudo\fR
-interpreting the \f(CW\*(C`@\*(C'\fR sign. Defaults to \f(CW\*(C`root\*(C'\fR.
-.IP "secure_path" 12
-.IX Item "secure_path"
-Path used for every command run from \fBsudo\fR. If you don't trust the
-people running \fBsudo\fR to have a sane \f(CW\*(C`PATH\*(C'\fR environment variable you may
-want to use this. Another use is if you want to have the \*(L"root path\*(R"
-be separate from the \*(L"user path.\*(R" Users in the group specified by the
-\&\fIexempt_group\fR option are not affected by \fIsecure_path\fR.
-This option is not set by default.
-.IP "syslog" 12
-.IX Item "syslog"
-Syslog facility if syslog is being used for logging (negate to
-disable syslog logging). Defaults to \f(CW\*(C`authpriv\*(C'\fR.
-.IP "verifypw" 12
-.IX Item "verifypw"
-This option controls when a password will be required when a user runs
-\&\fBsudo\fR with the \fB\-v\fR option. It has the following possible values:
-.RS 12
-.IP "all" 8
-.IX Item "all"
-All the user's \fIsudoers\fR entries for the current host must have
-the \f(CW\*(C`NOPASSWD\*(C'\fR flag set to avoid entering a password.
-.IP "always" 8
-.IX Item "always"
-The user must always enter a password to use the \fB\-v\fR option.
-.IP "any" 8
-.IX Item "any"
-At least one of the user's \fIsudoers\fR entries for the current host
-must have the \f(CW\*(C`NOPASSWD\*(C'\fR flag set to avoid entering a password.
-.IP "never" 8
-.IX Item "never"
-The user need never enter a password to use the \fB\-v\fR option.
-.RE
-.RS 12
-.Sp
-If no value is specified, a value of \fIall\fR is implied.
-Negating the option results in a value of \fInever\fR being used.
-The default value is \fIall\fR.
-.RE
-.PP
-\&\fBLists that can be used in a boolean context\fR:
-.IP "env_check" 16
-.IX Item "env_check"
-Environment variables to be removed from the user's environment if
-the variable's value contains \f(CW\*(C`%\*(C'\fR or \f(CW\*(C`/\*(C'\fR characters. This can
-be used to guard against printf-style format vulnerabilities in
-poorly-written programs. The argument may be a double-quoted,
-space-separated list or a single value without double-quotes. The
-list can be replaced, added to, deleted from, or disabled by using
-the \f(CW\*(C`=\*(C'\fR, \f(CW\*(C`+=\*(C'\fR, \f(CW\*(C`\-=\*(C'\fR, and \f(CW\*(C`!\*(C'\fR operators respectively. Regardless
-of whether the \f(CW\*(C`env_reset\*(C'\fR option is enabled or disabled, variables
-specified by \f(CW\*(C`env_check\*(C'\fR will be preserved in the environment if
-they pass the aforementioned check. The default list of environment
-variables to check is displayed when \fBsudo\fR is run by root with
-the \fI\-V\fR option.
-.IP "env_delete" 16
-.IX Item "env_delete"
-Environment variables to be removed from the user's environment
-when the \fIenv_reset\fR option is not in effect. The argument may
-be a double-quoted, space-separated list or a single value without
-double-quotes. The list can be replaced, added to, deleted from,
-or disabled by using the \f(CW\*(C`=\*(C'\fR, \f(CW\*(C`+=\*(C'\fR, \f(CW\*(C`\-=\*(C'\fR, and \f(CW\*(C`!\*(C'\fR operators
-respectively. The default list of environment variables to remove
-is displayed when \fBsudo\fR is run by root with the \fI\-V\fR option.
-Note that many operating systems will remove potentially dangerous
-variables from the environment of any setuid process (such as
-\&\fBsudo\fR).
-.IP "env_keep" 16
-.IX Item "env_keep"
-Environment variables to be preserved in the user's environment
-when the \fIenv_reset\fR option is in effect. This allows fine-grained
-control over the environment \fBsudo\fR\-spawned processes will receive.
-The argument may be a double-quoted, space-separated list or a
-single value without double-quotes. The list can be replaced, added
-to, deleted from, or disabled by using the \f(CW\*(C`=\*(C'\fR, \f(CW\*(C`+=\*(C'\fR, \f(CW\*(C`\-=\*(C'\fR, and
-\&\f(CW\*(C`!\*(C'\fR operators respectively. The default list of variables to keep
-is displayed when \fBsudo\fR is run by root with the \fI\-V\fR option.
-.PP
-When logging via \fIsyslog\fR\|(3), \fBsudo\fR accepts the following values
-for the syslog facility (the value of the \fBsyslog\fR Parameter):
-\&\fBauthpriv\fR (if your \s-1OS\s0 supports it), \fBauth\fR, \fBdaemon\fR, \fBuser\fR,
-\&\fBlocal0\fR, \fBlocal1\fR, \fBlocal2\fR, \fBlocal3\fR, \fBlocal4\fR, \fBlocal5\fR,
-\&\fBlocal6\fR, and \fBlocal7\fR. The following syslog priorities are
-supported: \fBalert\fR, \fBcrit\fR, \fBdebug\fR, \fBemerg\fR, \fBerr\fR, \fBinfo\fR,
-\&\fBnotice\fR, and \fBwarning\fR.
-.SH "FILES"
-.IX Header "FILES"
-.ie n .IP "\fI/etc/sudoers\fR" 24
-.el .IP "\fI/etc/sudoers\fR" 24
-.IX Item "/etc/sudoers"
-List of who can run what
-.IP "\fI/etc/group\fR" 24
-.IX Item "/etc/group"
-Local groups file
-.IP "\fI/etc/netgroup\fR" 24
-.IX Item "/etc/netgroup"
-List of network groups
-.IP "\fI/var/log/sudo\-io\fR" 24
-.IX Item "/var/log/sudo-io"
-I/O log files
-.SH "EXAMPLES"
-.IX Header "EXAMPLES"
-Below are example \fIsudoers\fR entries. Admittedly, some of
-these are a bit contrived. First, we allow a few environment
-variables to pass and then define our \fIaliases\fR:
-.PP
-.Vb 4
-\& # Run X applications through sudo; HOME is used to find the
-\& # .Xauthority file. Note that other programs use HOME to find
-\& # configuration files and this may lead to privilege escalation!
-\& Defaults env_keep += "DISPLAY HOME"
-\&
-\& # User alias specification
-\& User_Alias FULLTIMERS = millert, mikef, dowdy
-\& User_Alias PARTTIMERS = bostley, jwfox, crawl
-\& User_Alias WEBMASTERS = will, wendy, wim
-\&
-\& # Runas alias specification
-\& Runas_Alias OP = root, operator
-\& Runas_Alias DB = oracle, sybase
-\& Runas_Alias ADMINGRP = adm, oper
-\&
-\& # Host alias specification
-\& Host_Alias SPARC = bigtime, eclipse, moet, anchor :\e
-\& SGI = grolsch, dandelion, black :\e
-\& ALPHA = widget, thalamus, foobar :\e
-\& HPPA = boa, nag, python
-\& Host_Alias CUNETS = 128.138.0.0/255.255.0.0
-\& Host_Alias CSNETS = 128.138.243.0, 128.138.204.0/24, 128.138.242.0
-\& Host_Alias SERVERS = master, mail, www, ns
-\& Host_Alias CDROM = orion, perseus, hercules
-\&
-\& # Cmnd alias specification
-\& Cmnd_Alias DUMPS = /usr/bin/mt, /usr/sbin/dump, /usr/sbin/rdump,\e
-\& /usr/sbin/restore, /usr/sbin/rrestore
-\& Cmnd_Alias KILL = /usr/bin/kill
-\& Cmnd_Alias PRINTING = /usr/sbin/lpc, /usr/bin/lprm
-\& Cmnd_Alias SHUTDOWN = /usr/sbin/shutdown
-\& Cmnd_Alias HALT = /usr/sbin/halt
-\& Cmnd_Alias REBOOT = /usr/sbin/reboot
-\& Cmnd_Alias SHELLS = /usr/bin/sh, /usr/bin/csh, /usr/bin/ksh, \e
-\& /usr/local/bin/tcsh, /usr/bin/rsh, \e
-\& /usr/local/bin/zsh
-\& Cmnd_Alias SU = /usr/bin/su
-\& Cmnd_Alias PAGERS = /usr/bin/more, /usr/bin/pg, /usr/bin/less
-.Ve
-.PP
-Here we override some of the compiled in default values. We want
-\&\fBsudo\fR to log via \fIsyslog\fR\|(3) using the \fIauth\fR facility in all
-cases. We don't want to subject the full time staff to the \fBsudo\fR
-lecture, user \fBmillert\fR need not give a password, and we don't
-want to reset the \f(CW\*(C`LOGNAME\*(C'\fR, \f(CW\*(C`USER\*(C'\fR or \f(CW\*(C`USERNAME\*(C'\fR environment
-variables when running commands as root. Additionally, on the
-machines in the \fI\s-1SERVERS\s0\fR \f(CW\*(C`Host_Alias\*(C'\fR, we keep an additional
-local log file and make sure we log the year in each log line since
-the log entries will be kept around for several years. Lastly, we
-disable shell escapes for the commands in the \s-1PAGERS\s0 \f(CW\*(C`Cmnd_Alias\*(C'\fR
-(\fI/usr/bin/more\fR, \fI/usr/bin/pg\fR and \fI/usr/bin/less\fR).
-.PP
-.Vb 7
-\& # Override built\-in defaults
-\& Defaults syslog=auth
-\& Defaults>root !set_logname
-\& Defaults:FULLTIMERS !lecture
-\& Defaults:millert !authenticate
-\& Defaults at SERVERS log_year, logfile=/var/log/sudo.log
-\& Defaults!PAGERS noexec
-.Ve
-.PP
-The \fIUser specification\fR is the part that actually determines who may
-run what.
-.PP
-.Vb 2
-\& root ALL = (ALL) ALL
-\& %wheel ALL = (ALL) ALL
-.Ve
-.PP
-We let \fBroot\fR and any user in group \fBwheel\fR run any command on any
-host as any user.
-.PP
-.Vb 1
-\& FULLTIMERS ALL = NOPASSWD: ALL
-.Ve
-.PP
-Full time sysadmins (\fBmillert\fR, \fBmikef\fR, and \fBdowdy\fR) may run any
-command on any host without authenticating themselves.
-.PP
-.Vb 1
-\& PARTTIMERS ALL = ALL
-.Ve
-.PP
-Part time sysadmins (\fBbostley\fR, \fBjwfox\fR, and \fBcrawl\fR) may run any
-command on any host but they must authenticate themselves first
-(since the entry lacks the \f(CW\*(C`NOPASSWD\*(C'\fR tag).
-.PP
-.Vb 1
-\& jack CSNETS = ALL
-.Ve
-.PP
-The user \fBjack\fR may run any command on the machines in the \fI\s-1CSNETS\s0\fR alias
-(the networks \f(CW128.138.243.0\fR, \f(CW128.138.204.0\fR, and \f(CW128.138.242.0\fR).
-Of those networks, only \f(CW128.138.204.0\fR has an explicit netmask (in
-\&\s-1CIDR\s0 notation) indicating it is a class C network. For the other
-networks in \fI\s-1CSNETS\s0\fR, the local machine's netmask will be used
-during matching.
-.PP
-.Vb 1
-\& lisa CUNETS = ALL
-.Ve
-.PP
-The user \fBlisa\fR may run any command on any host in the \fI\s-1CUNETS\s0\fR alias
-(the class B network \f(CW128.138.0.0\fR).
-.PP
-.Vb 2
-\& operator ALL = DUMPS, KILL, SHUTDOWN, HALT, REBOOT, PRINTING,\e
-\& sudoedit /etc/printcap, /usr/oper/bin/
-.Ve
-.PP
-The \fBoperator\fR user may run commands limited to simple maintenance.
-Here, those are commands related to backups, killing processes, the
-printing system, shutting down the system, and any commands in the
-directory \fI/usr/oper/bin/\fR.
-.PP
-.Vb 1
-\& joe ALL = /usr/bin/su operator
-.Ve
-.PP
-The user \fBjoe\fR may only \fIsu\fR\|(1) to operator.
-.PP
-.Vb 1
-\& pete HPPA = /usr/bin/passwd [A\-Za\-z]*, !/usr/bin/passwd root
-\&
-\& %opers ALL = (: ADMINGRP) /usr/sbin/
-.Ve
-.PP
-Users in the \fBopers\fR group may run commands in \fI/usr/sbin/\fR as themselves
-with any group in the \fI\s-1ADMINGRP\s0\fR \f(CW\*(C`Runas_Alias\*(C'\fR (the \fBadm\fR and \fBoper\fR
-groups).
-.PP
-The user \fBpete\fR is allowed to change anyone's password except for
-root on the \fI\s-1HPPA\s0\fR machines. Note that this assumes \fIpasswd\fR\|(1)
-does not take multiple user names on the command line.
-.PP
-.Vb 1
-\& bob SPARC = (OP) ALL : SGI = (OP) ALL
-.Ve
-.PP
-The user \fBbob\fR may run anything on the \fI\s-1SPARC\s0\fR and \fI\s-1SGI\s0\fR machines
-as any user listed in the \fI\s-1OP\s0\fR \f(CW\*(C`Runas_Alias\*(C'\fR (\fBroot\fR and \fBoperator\fR).
-.PP
-.Vb 1
-\& jim +biglab = ALL
-.Ve
-.PP
-The user \fBjim\fR may run any command on machines in the \fIbiglab\fR netgroup.
-\&\fBsudo\fR knows that \*(L"biglab\*(R" is a netgroup due to the '+' prefix.
-.PP
-.Vb 1
-\& +secretaries ALL = PRINTING, /usr/bin/adduser, /usr/bin/rmuser
-.Ve
-.PP
-Users in the \fBsecretaries\fR netgroup need to help manage the printers
-as well as add and remove users, so they are allowed to run those
-commands on all machines.
-.PP
-.Vb 1
-\& fred ALL = (DB) NOPASSWD: ALL
-.Ve
-.PP
-The user \fBfred\fR can run commands as any user in the \fI\s-1DB\s0\fR \f(CW\*(C`Runas_Alias\*(C'\fR
-(\fBoracle\fR or \fBsybase\fR) without giving a password.
-.PP
-.Vb 1
-\& john ALPHA = /usr/bin/su [!\-]*, !/usr/bin/su *root*
-.Ve
-.PP
-On the \fI\s-1ALPHA\s0\fR machines, user \fBjohn\fR may su to anyone except root
-but he is not allowed to specify any options to the \fIsu\fR\|(1) command.
-.PP
-.Vb 1
-\& jen ALL, !SERVERS = ALL
-.Ve
-.PP
-The user \fBjen\fR may run any command on any machine except for those
-in the \fI\s-1SERVERS\s0\fR \f(CW\*(C`Host_Alias\*(C'\fR (master, mail, www and ns).
-.PP
-.Vb 1
-\& jill SERVERS = /usr/bin/, !SU, !SHELLS
-.Ve
-.PP
-For any machine in the \fI\s-1SERVERS\s0\fR \f(CW\*(C`Host_Alias\*(C'\fR, \fBjill\fR may run
-any commands in the directory \fI/usr/bin/\fR except for those commands
-belonging to the \fI\s-1SU\s0\fR and \fI\s-1SHELLS\s0\fR \f(CW\*(C`Cmnd_Aliases\*(C'\fR.
-.PP
-.Vb 1
-\& steve CSNETS = (operator) /usr/local/op_commands/
-.Ve
-.PP
-The user \fBsteve\fR may run any command in the directory /usr/local/op_commands/
-but only as user operator.
-.PP
-.Vb 1
-\& matt valkyrie = KILL
-.Ve
-.PP
-On his personal workstation, valkyrie, \fBmatt\fR needs to be able to
-kill hung processes.
-.PP
-.Vb 1
-\& WEBMASTERS www = (www) ALL, (root) /usr/bin/su www
-.Ve
-.PP
-On the host www, any user in the \fI\s-1WEBMASTERS\s0\fR \f(CW\*(C`User_Alias\*(C'\fR (will,
-wendy, and wim), may run any command as user www (which owns the
-web pages) or simply \fIsu\fR\|(1) to www.
-.PP
-.Vb 2
-\& ALL CDROM = NOPASSWD: /sbin/umount /CDROM,\e
-\& /sbin/mount \-o nosuid\e,nodev /dev/cd0a /CDROM
-.Ve
-.PP
-Any user may mount or unmount a CD-ROM on the machines in the \s-1CDROM\s0
-\&\f(CW\*(C`Host_Alias\*(C'\fR (orion, perseus, hercules) without entering a password.
-This is a bit tedious for users to type, so it is a prime candidate
-for encapsulating in a shell script.
-.SH "SECURITY NOTES"
-.IX Header "SECURITY NOTES"
-It is generally not effective to \*(L"subtract\*(R" commands from \f(CW\*(C`ALL\*(C'\fR
-using the '!' operator. A user can trivially circumvent this
-by copying the desired command to a different name and then
-executing that. For example:
-.PP
-.Vb 1
-\& bill ALL = ALL, !SU, !SHELLS
-.Ve
-.PP
-Doesn't really prevent \fBbill\fR from running the commands listed in
-\&\fI\s-1SU\s0\fR or \fI\s-1SHELLS\s0\fR since he can simply copy those commands to a
-different name, or use a shell escape from an editor or other
-program. Therefore, these kind of restrictions should be considered
-advisory at best (and reinforced by policy).
-.PP
-Furthermore, if the \fIfast_glob\fR option is in use, it is not possible
-to reliably negate commands where the path name includes globbing
-(aka wildcard) characters. This is because the C library's
-\&\fIfnmatch\fR\|(3) function cannot resolve relative paths. While this
-is typically only an inconvenience for rules that grant privileges,
-it can result in a security issue for rules that subtract or revoke
-privileges.
-.PP
-For example, given the following \fIsudoers\fR entry:
-.PP
-.Vb 2
-\& john ALL = /usr/bin/passwd [a\-zA\-Z0\-9]*, /usr/bin/chsh [a\-zA\-Z0\-9]*,
-\& /usr/bin/chfn [a\-zA\-Z0\-9]*, !/usr/bin/* root
-.Ve
-.PP
-User \fBjohn\fR can still run \f(CW\*(C`/usr/bin/passwd root\*(C'\fR if \fIfast_glob\fR is
-enabled by changing to \fI/usr/bin\fR and running \f(CW\*(C`./passwd root\*(C'\fR instead.
-.SH "PREVENTING SHELL ESCAPES"
-.IX Header "PREVENTING SHELL ESCAPES"
-Once \fBsudo\fR executes a program, that program is free to do whatever
-it pleases, including run other programs. This can be a security
-issue since it is not uncommon for a program to allow shell escapes,
-which lets a user bypass \fBsudo\fR's access control and logging.
-Common programs that permit shell escapes include shells (obviously),
-editors, paginators, mail and terminal programs.
-.PP
-There are two basic approaches to this problem:
-.IP "restrict" 10
-.IX Item "restrict"
-Avoid giving users access to commands that allow the user to run
-arbitrary commands. Many editors have a restricted mode where shell
-escapes are disabled, though \fBsudoedit\fR is a better solution to
-running editors via \fBsudo\fR. Due to the large number of programs that
-offer shell escapes, restricting users to the set of programs that
-do not is often unworkable.
-.IP "noexec" 10
-.IX Item "noexec"
-Many systems that support shared libraries have the ability to
-override default library functions by pointing an environment
-variable (usually \f(CW\*(C`LD_PRELOAD\*(C'\fR) to an alternate shared library.
-On such systems, \fBsudo\fR's \fInoexec\fR functionality can be used to
-prevent a program run by \fBsudo\fR from executing any other programs.
-Note, however, that this applies only to native dynamically-linked
-executables. Statically-linked executables and foreign executables
-running under binary emulation are not affected.
-.Sp
-To tell whether or not \fBsudo\fR supports \fInoexec\fR, you can run
-the following as root:
-.Sp
-.Vb 1
-\& sudo \-V | grep "dummy exec"
-.Ve
-.Sp
-If the resulting output contains a line that begins with:
-.Sp
-.Vb 1
-\& File containing dummy exec functions:
-.Ve
-.Sp
-then \fBsudo\fR may be able to replace the exec family of functions
-in the standard library with its own that simply return an error.
-Unfortunately, there is no foolproof way to know whether or not
-\&\fInoexec\fR will work at compile-time. \fInoexec\fR should work on
-SunOS, Solaris, *BSD, Linux, \s-1IRIX\s0, Tru64 \s-1UNIX\s0, MacOS X, and HP-UX
-11.x. It is known \fBnot\fR to work on \s-1AIX\s0 and UnixWare. \fInoexec\fR
-is expected to work on most operating systems that support the
-\&\f(CW\*(C`LD_PRELOAD\*(C'\fR environment variable. Check your operating system's
-manual pages for the dynamic linker (usually ld.so, ld.so.1, dyld,
-dld.sl, rld, or loader) to see if \f(CW\*(C`LD_PRELOAD\*(C'\fR is supported.
-.Sp
-To enable \fInoexec\fR for a command, use the \f(CW\*(C`NOEXEC\*(C'\fR tag as documented
-in the User Specification section above. Here is that example again:
-.Sp
-.Vb 1
-\& aaron shanty = NOEXEC: /usr/bin/more, /usr/bin/vi
-.Ve
-.Sp
-This allows user \fBaaron\fR to run \fI/usr/bin/more\fR and \fI/usr/bin/vi\fR
-with \fInoexec\fR enabled. This will prevent those two commands from
-executing other commands (such as a shell). If you are unsure
-whether or not your system is capable of supporting \fInoexec\fR you
-can always just try it out and see if it works.
-.PP
-Note that restricting shell escapes is not a panacea. Programs
-running as root are still capable of many potentially hazardous
-operations (such as changing or overwriting files) that could lead
-to unintended privilege escalation. In the specific case of an
-editor, a safer approach is to give the user permission to run
-\&\fBsudoedit\fR.
-.SH "SEE ALSO"
-.IX Header "SEE ALSO"
-\&\fIrsh\fR\|(1), \fIsu\fR\|(1), \fIfnmatch\fR\|(3), \fIglob\fR\|(3), \fIsudo\fR\|(8), \fIvisudo\fR\|(8)
-.SH "CAVEATS"
-.IX Header "CAVEATS"
-The \fIsudoers\fR file should \fBalways\fR be edited by the \fBvisudo\fR
-command which locks the file and does grammatical checking. It is
-imperative that \fIsudoers\fR be free of syntax errors since \fBsudo\fR
-will not run with a syntactically incorrect \fIsudoers\fR file.
-.PP
-When using netgroups of machines (as opposed to users), if you
-store fully qualified host name in the netgroup (as is usually the
-case), you either need to have the machine's host name be fully qualified
-as returned by the \f(CW\*(C`hostname\*(C'\fR command or use the \fIfqdn\fR option in
-\&\fIsudoers\fR.
-.SH "BUGS"
-.IX Header "BUGS"
-If you feel you have found a bug in \fBsudo\fR, please submit a bug report
-at http://www.sudo.ws/sudo/bugs/
-.SH "SUPPORT"
-.IX Header "SUPPORT"
-Limited free support is available via the sudo-users mailing list,
-see http://www.sudo.ws/mailman/listinfo/sudo\-users to subscribe or
-search the archives.
-.SH "DISCLAIMER"
-.IX Header "DISCLAIMER"
-\&\fBsudo\fR is provided ``\s-1AS\s0 \s-1IS\s0'' and any express or implied warranties,
-including, but not limited to, the implied warranties of merchantability
-and fitness for a particular purpose are disclaimed. See the \s-1LICENSE\s0
-file distributed with \fBsudo\fR or http://www.sudo.ws/sudo/license.html
-for complete details.
Modified: trunk/contrib/sudo/sudoers.man.in
===================================================================
--- trunk/contrib/sudo/sudoers.man.in 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudoers.man.in 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,4 +1,4 @@
-.\" Copyright (c) 1994-1996, 1998-2005, 2007-2010
+.\" Copyright (c) 1994-1996, 1998-2005, 2007-2011
.\" Todd C. Miller <Todd.Miller at courtesan.com>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
@@ -148,7 +148,7 @@
.\" ========================================================================
.\"
.IX Title "SUDOERS @mansectform@"
-.TH SUDOERS @mansectform@ "January 12, 2011" "1.7.4" "MAINTENANCE COMMANDS"
+.TH SUDOERS @mansectform@ "February 21, 2011" "1.7.5rc1" "MAINTENANCE COMMANDS"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@@ -460,7 +460,7 @@
\&\fI/usr/bin/lprm\fR \*(-- but only as \fBoperator\fR. E.g.,
.PP
.Vb 1
-\& $ sudo \-u operator /bin/ls.
+\& $ sudo \-u operator /bin/ls
.Ve
.PP
It is also possible to override a \f(CW\*(C`Runas_Spec\*(C'\fR later on in an
@@ -481,14 +481,43 @@
\& /usr/bin/lprm
.Ve
.PP
+Note that while the group portion of the \f(CW\*(C`Runas_Spec\*(C'\fR permits the
+user to run as command with that group, it does not force the user
+to do so. If no group is specified on the command line, the command
+will run with the group listed in the target user's password database
+entry. The following would all be permitted by the sudoers entry above:
+.PP
+.Vb 3
+\& $ sudo \-u operator /bin/ls
+\& $ sudo \-u operator \-g operator /bin/ls
+\& $ sudo \-g operator /bin/ls
+.Ve
+.PP
In the following example, user \fBtcm\fR may run commands that access
-a modem device file with the dialer group. Note that in this example
-only the group will be set, the command still runs as user \fBtcm\fR.
+a modem device file with the dialer group.
.PP
.Vb 2
\& tcm boulder = (:dialer) /usr/bin/tip, /usr/bin/cu, \e
\& /usr/local/bin/minicom
.Ve
+.PP
+Note that in this example only the group will be set, the command
+still runs as user \fBtcm\fR. E.g.
+.PP
+.Vb 1
+\& $ sudo \-g dialer /usr/bin/cu
+.Ve
+.PP
+Multiple users and groups may be present in a \f(CW\*(C`Runas_Spec\*(C'\fR, in
+which case the user may select any combination of users and groups
+via the \fB\-u\fR and \fB\-g\fR options. In this example:
+.PP
+.Vb 1
+\& alan ALL = (root, bin : operator, system) ALL
+.Ve
+.PP
+user \fBalan\fR may run any command as either user root or bin,
+optionally setting the group to operator or system.
.if \n(SL \{\
.SS "SELinux_Spec"
.IX Subsection "SELinux_Spec"
@@ -740,7 +769,8 @@
option is used). This effectively means that the \fB\-H\fR option is
always implied. Note that \f(CW\*(C`HOME\*(C'\fR is already set when the the
\&\fIenv_reset\fR option is enabled, so \fIalways_set_home\fR is only
-effective for configurations where \fIenv_reset\fR is disabled.
+effective for configurations where either \fIenv_reset\fR is disabled
+or \f(CW\*(C`HOME\*(C'\fR is present in the \fIenv_keep\fR list.
This flag is \fIoff\fR by default.
.IP "authenticate" 16
.IX Item "authenticate"
@@ -777,7 +807,7 @@
\&\f(CW\*(C`env_keep\*(C'\fR and \f(CW\*(C`env_check\*(C'\fR lists are displayed when \fBsudo\fR is
run by root with the \fI\-V\fR option. If the \fIsecure_path\fR option
is set, its value will be used for the \f(CW\*(C`PATH\*(C'\fR environment variable.
-This flag is \fIon\fR by default.
+This flag is \fI at env_reset@\fR by default.
.IP "fast_glob" 16
.IX Item "fast_glob"
Normally, \fBsudo\fR uses the \fIglob\fR\|(3) function to do shell-style
@@ -936,7 +966,8 @@
user (which is root unless the \fB\-u\fR option is used). This effectively
makes the \fB\-s\fR option imply \fB\-H\fR. Note that \f(CW\*(C`HOME\*(C'\fR is already
set when the the \fIenv_reset\fR option is enabled, so \fIset_home\fR is
-only effective for configurations where \fIenv_reset\fR is disabled.
+only effective for configurations where either \fIenv_reset\fR is disabled
+or \f(CW\*(C`HOME\*(C'\fR is present in the \fIenv_keep\fR list.
This flag is \fIoff\fR by default.
.IP "set_logname" 16
.IX Item "set_logname"
@@ -1022,7 +1053,7 @@
umask in \fIsudoers\fR than the user's own umask and matches historical
behavior. If \fIumask_override\fR is not set, \fBsudo\fR will set the
umask to be the union of the user's umask and what is specified in
-\&\fIsudoers\fR. This flag is \fIoff\fR by default.
+\&\fIsudoers\fR. This flag is \fI at umask_override@\fR by default.
.if \n(LC \{\
.IP "use_loginclass" 16
.IX Item "use_loginclass"
@@ -1102,6 +1133,12 @@
\&\fBvisudo\fR. \fBvisudo\fR will choose the editor that matches the user's
\&\s-1EDITOR\s0 environment variable if possible, or the first editor in the
list that exists and is executable. The default is \f(CW"@editor@"\fR.
+.IP "iolog_dir" 16
+.IX Item "iolog_dir"
+The directory in which to store input/output logs when the \fIlog_input\fR
+or \fIlog_output\fR options are enabled or when the \f(CW\*(C`LOG_INPUT\*(C'\fR or
+\&\f(CW\*(C`LOG_OUTPUT\*(C'\fR tags are present for a command.
+The default is \f(CW"@iolog_dir@"\fR.
.IP "mailsub" 16
.IX Item "mailsub"
Subject of the mail sent to the \fImailto\fR user. The escape \f(CW%h\fR
@@ -1176,9 +1213,9 @@
Defaults to \f(CW\*(C`@goodpri@\*(C'\fR.
.IP "sudoers_locale" 16
.IX Item "sudoers_locale"
-Locale to use when parsing the sudoers file. Note that changing
-the locale may affect how sudoers is interpreted.
-Defaults to \f(CW"C"\fR.
+Locale to use when parsing the sudoers file, logging commands, and
+sending email. Note that changing the locale may affect how sudoers
+is interpreted. Defaults to \f(CW"C"\fR.
.IP "timestampdir" 16
.IX Item "timestampdir"
The directory in which \fBsudo\fR stores its timestamp files.
@@ -1391,8 +1428,9 @@
.IP "\fI/etc/netgroup\fR" 24
.IX Item "/etc/netgroup"
List of network groups
-.IP "\fI/var/log/sudo\-io\fR" 24
-.IX Item "/var/log/sudo-io"
+.ie n .IP "\fI at iolog_dir@\fR" 24
+.el .IP "\fI at iolog_dir@\fR" 24
+.IX Item "@iolog_dir@"
I/O log files
.SH "EXAMPLES"
.IX Header "EXAMPLES"
Deleted: trunk/contrib/sudo/sudoers.pod
===================================================================
--- trunk/contrib/sudo/sudoers.pod 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudoers.pod 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,1688 +0,0 @@
-Copyright (c) 1994-1996, 1998-2005, 2007-2010
- Todd C. Miller <Todd.Miller at courtesan.com>
-
-Permission to use, copy, modify, and distribute this software for any
-purpose with or without fee is hereby granted, provided that the above
-copyright notice and this permission notice appear in all copies.
-
-THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-Sponsored in part by the Defense Advanced Research Projects
-Agency (DARPA) and Air Force Research Laboratory, Air Force
-Materiel Command, USAF, under agreement number F39502-99-1-0512.
-
-=pod
-
-=head1 NAME
-
-sudoers - list of which users may execute what
-
-=head1 DESCRIPTION
-
-The I<sudoers> file is composed of two types of entries: aliases
-(basically variables) and user specifications (which specify who
-may run what).
-
-When multiple entries match for a user, they are applied in order.
-Where there are multiple matches, the last match is used (which is
-not necessarily the most specific match).
-
-The I<sudoers> grammar will be described below in Extended Backus-Naur
-Form (EBNF). Don't despair if you don't know what EBNF is; it is
-fairly simple, and the definitions below are annotated.
-
-=head2 Quick guide to EBNF
-
-EBNF is a concise and exact way of describing the grammar of a language.
-Each EBNF definition is made up of I<production rules>. E.g.,
-
- symbol ::= definition | alternate1 | alternate2 ...
-
-Each I<production rule> references others and thus makes up a
-grammar for the language. EBNF also contains the following
-operators, which many readers will recognize from regular
-expressions. Do not, however, confuse them with "wildcard"
-characters, which have different meanings.
-
-=over 4
-
-=item C<?>
-
-Means that the preceding symbol (or group of symbols) is optional.
-That is, it may appear once or not at all.
-
-=item C<*>
-
-Means that the preceding symbol (or group of symbols) may appear
-zero or more times.
-
-=item C<+>
-
-Means that the preceding symbol (or group of symbols) may appear
-one or more times.
-
-=back
-
-Parentheses may be used to group symbols together. For clarity,
-we will use single quotes ('') to designate what is a verbatim character
-string (as opposed to a symbol name).
-
-=head2 Aliases
-
-There are four kinds of aliases: C<User_Alias>, C<Runas_Alias>,
-C<Host_Alias> and C<Cmnd_Alias>.
-
- Alias ::= 'User_Alias' User_Alias (':' User_Alias)* |
- 'Runas_Alias' Runas_Alias (':' Runas_Alias)* |
- 'Host_Alias' Host_Alias (':' Host_Alias)* |
- 'Cmnd_Alias' Cmnd_Alias (':' Cmnd_Alias)*
-
- User_Alias ::= NAME '=' User_List
-
- Runas_Alias ::= NAME '=' Runas_List
-
- Host_Alias ::= NAME '=' Host_List
-
- Cmnd_Alias ::= NAME '=' Cmnd_List
-
- NAME ::= [A-Z]([A-Z][0-9]_)*
-
-Each I<alias> definition is of the form
-
- Alias_Type NAME = item1, item2, ...
-
-where I<Alias_Type> is one of C<User_Alias>, C<Runas_Alias>, C<Host_Alias>,
-or C<Cmnd_Alias>. A C<NAME> is a string of uppercase letters, numbers,
-and underscore characters ('_'). A C<NAME> B<must> start with an
-uppercase letter. It is possible to put several alias definitions
-of the same type on a single line, joined by a colon (':'). E.g.,
-
- Alias_Type NAME = item1, item2, item3 : NAME = item4, item5
-
-The definitions of what constitutes a valid I<alias> member follow.
-
- User_List ::= User |
- User ',' User_List
-
- User ::= '!'* user name |
- '!'* '#'uid |
- '!'* '%'group |
- '!'* '+'netgroup |
- '!'* '%:'nonunix_group |
- '!'* User_Alias
-
-A C<User_List> is made up of one or more user names, uids (prefixed
-with '#'), system groups (prefixed with '%'), netgroups (prefixed
-with '+') and C<User_Alias>es. Each list item may be prefixed with
-zero or more '!' operators. An odd number of '!' operators negate
-the value of the item; an even number just cancel each other out.
-
-A C<user name>, C<group>, C<netgroup> or C<nonunix_group> may
-be enclosed in double quotes to avoid the need for escaping special
-characters. Alternately, special characters may be specified in
-escaped hex mode, e.g. \x20 for space.
-
-The C<nonunix_group> syntax depends on the underlying implementation.
-For instance, the QAS AD backend supports the following formats:
-
-=over 4
-
-=item *
-
-Group in the same domain: "Group Name"
-
-=item *
-
-Group in any domain: "Group Name at FULLY.QUALIFIED.DOMAIN"
-
-=item *
-
-Group SID: "S-1-2-34-5678901234-5678901234-5678901234-567"
-
-=back
-
-Note that quotes around group names are optional. Unquoted strings must
-use a backslash (\) to escape spaces and the '@' symbol.
-
- Runas_List ::= Runas_Member |
- Runas_Member ',' Runas_List
-
- Runas_Member ::= '!'* user name |
- '!'* '#'uid |
- '!'* '%'group |
- '!'* +netgroup |
- '!'* Runas_Alias
-
-A C<Runas_List> is similar to a C<User_List> except that instead
-of C<User_Alias>es it can contain C<Runas_Alias>es. Note that
-user names and groups are matched as strings. In other words, two
-users (groups) with the same uid (gid) are considered to be distinct.
-If you wish to match all user names with the same uid (e.g.E<nbsp>root
-and toor), you can use a uid instead (#0 in the example given).
-
- Host_List ::= Host |
- Host ',' Host_List
-
- Host ::= '!'* host name |
- '!'* ip_addr |
- '!'* network(/netmask)? |
- '!'* '+'netgroup |
- '!'* Host_Alias
-
-A C<Host_List> is made up of one or more host names, IP addresses,
-network numbers, netgroups (prefixed with '+') and other aliases.
-Again, the value of an item may be negated with the '!' operator.
-If you do not specify a netmask along with the network number,
-B<sudo> will query each of the local host's network interfaces and,
-if the network number corresponds to one of the hosts's network
-interfaces, the corresponding netmask will be used. The netmask
-may be specified either in standard IP address notation
-(e.g.E<nbsp>255.255.255.0 or ffff:ffff:ffff:ffff::),
-or CIDR notation (number of bits, e.g.E<nbsp>24 or 64). A host name may
-include shell-style wildcards (see the L<Wildcards> section below),
-but unless the C<host name> command on your machine returns the fully
-qualified host name, you'll need to use the I<fqdn> option for
-wildcards to be useful. Note B<sudo> only inspects actual network
-interfaces; this means that IP address 127.0.0.1 (localhost) will
-never match. Also, the host name "localhost" will only match if
-that is the actual host name, which is usually only the case for
-non-networked systems.
-
- Cmnd_List ::= Cmnd |
- Cmnd ',' Cmnd_List
-
- commandname ::= file name |
- file name args |
- file name '""'
-
- Cmnd ::= '!'* commandname |
- '!'* directory |
- '!'* "sudoedit" |
- '!'* Cmnd_Alias
-
-A C<Cmnd_List> is a list of one or more commandnames, directories, and other
-aliases. A commandname is a fully qualified file name which may include
-shell-style wildcards (see the L<Wildcards> section below). A simple
-file name allows the user to run the command with any arguments he/she
-wishes. However, you may also specify command line arguments (including
-wildcards). Alternately, you can specify C<""> to indicate that the command
-may only be run B<without> command line arguments. A directory is a
-fully qualified path name ending in a '/'. When you specify a directory
-in a C<Cmnd_List>, the user will be able to run any file within that directory
-(but not in any subdirectories therein).
-
-If a C<Cmnd> has associated command line arguments, then the arguments
-in the C<Cmnd> must match exactly those given by the user on the command line
-(or match the wildcards if there are any). Note that the following
-characters must be escaped with a '\' if they are used in command
-arguments: ',', ':', '=', '\'. The special command C<"sudoedit">
-is used to permit a user to run B<sudo> with the B<-e> option (or
-as B<sudoedit>). It may take command line arguments just as
-a normal command does.
-
-=head2 Defaults
-
-Certain configuration options may be changed from their default
-values at runtime via one or more C<Default_Entry> lines. These
-may affect all users on any host, all users on a specific host, a
-specific user, a specific command, or commands being run as a specific user.
-Note that per-command entries may not include command line arguments.
-If you need to specify arguments, define a C<Cmnd_Alias> and reference
-that instead.
-
- Default_Type ::= 'Defaults' |
- 'Defaults' '@' Host_List |
- 'Defaults' ':' User_List |
- 'Defaults' '!' Cmnd_List |
- 'Defaults' '>' Runas_List
-
- Default_Entry ::= Default_Type Parameter_List
-
- Parameter_List ::= Parameter |
- Parameter ',' Parameter_List
-
- Parameter ::= Parameter '=' Value |
- Parameter '+=' Value |
- Parameter '-=' Value |
- '!'* Parameter
-
-Parameters may be B<flags>, B<integer> values, B<strings>, or B<lists>.
-Flags are implicitly boolean and can be turned off via the '!'
-operator. Some integer, string and list parameters may also be
-used in a boolean context to disable them. Values may be enclosed
-in double quotes (C<">) when they contain multiple words. Special
-characters may be escaped with a backslash (C<\>).
-
-Lists have two additional assignment operators, C<+=> and C<-=>.
-These operators are used to add to and delete from a list respectively.
-It is not an error to use the C<-=> operator to remove an element
-that does not exist in a list.
-
-Defaults entries are parsed in the following order: generic, host
-and user Defaults first, then runas Defaults and finally command
-defaults.
-
-See L<"SUDOERS OPTIONS"> for a list of supported Defaults parameters.
-
-=head2 User Specification
-
- User_Spec ::= User_List Host_List '=' Cmnd_Spec_List \
- (':' Host_List '=' Cmnd_Spec_List)*
-
- Cmnd_Spec_List ::= Cmnd_Spec |
- Cmnd_Spec ',' Cmnd_Spec_List
-
- Cmnd_Spec ::= Runas_Spec? SELinux_Spec? Tag_Spec* Cmnd
-
- Runas_Spec ::= '(' Runas_List? (':' Runas_List)? ')'
-
- SELinux_Spec ::= ('ROLE=role' | 'TYPE=type')
-
- Tag_Spec ::= ('NOPASSWD:' | 'PASSWD:' | 'NOEXEC:' | 'EXEC:' |
- 'SETENV:' | 'NOSETENV:' | 'LOG_INPUT:' | 'NOLOG_INPUT:' |
- 'LOG_OUTPUT:' | 'NOLOG_OUTPUT:')
-
-A B<user specification> determines which commands a user may run
-(and as what user) on specified hosts. By default, commands are
-run as B<root>, but this can be changed on a per-command basis.
-
-The basic structure of a user specification is `who = where (as_whom)
-what'. Let's break that down into its constituent parts:
-
-=head2 Runas_Spec
-
-A C<Runas_Spec> determines the user and/or the group that a command
-may be run as. A fully-specified C<Runas_Spec> consists of two
-C<Runas_List>s (as defined above) separated by a colon (':') and
-enclosed in a set of parentheses. The first C<Runas_List> indicates
-which users the command may be run as via B<sudo>'s B<-u> option.
-The second defines a list of groups that can be specified via
-B<sudo>'s B<-g> option. If both C<Runas_List>s are specified, the
-command may be run with any combination of users and groups listed
-in their respective C<Runas_List>s. If only the first is specified,
-the command may be run as any user in the list but no B<-g> option
-may be specified. If the first C<Runas_List> is empty but the
-second is specified, the command may be run as the invoking user
-with the group set to any listed in the C<Runas_List>. If no
-C<Runas_Spec> is specified the command may be run as B<root> and
-no group may be specified.
-
-A C<Runas_Spec> sets the default for the commands that follow it.
-What this means is that for the entry:
-
- dgb boulder = (operator) /bin/ls, /bin/kill, /usr/bin/lprm
-
-The user B<dgb> may run F</bin/ls>, F</bin/kill>, and
-F</usr/bin/lprm> -- but only as B<operator>. E.g.,
-
- $ sudo -u operator /bin/ls.
-
-It is also possible to override a C<Runas_Spec> later on in an
-entry. If we modify the entry like so:
-
- dgb boulder = (operator) /bin/ls, (root) /bin/kill, /usr/bin/lprm
-
-Then user B<dgb> is now allowed to run F</bin/ls> as B<operator>,
-but F</bin/kill> and F</usr/bin/lprm> as B<root>.
-
-We can extend this to allow B<dgb> to run C</bin/ls> with either
-the user or group set to B<operator>:
-
- dgb boulder = (operator : operator) /bin/ls, (root) /bin/kill, \
- /usr/bin/lprm
-
-In the following example, user B<tcm> may run commands that access
-a modem device file with the dialer group. Note that in this example
-only the group will be set, the command still runs as user B<tcm>.
-
- tcm boulder = (:dialer) /usr/bin/tip, /usr/bin/cu, \
- /usr/local/bin/minicom
-
-=head2 SELinux_Spec
-
-On systems with SELinux support, I<sudoers> entries may optionally have
-an SELinux role and/or type associated with a command. If a role or
-type is specified with the command it will override any default values
-specified in I<sudoers>. A role or type specified on the command line,
-however, will supercede the values in I<sudoers>.
-
-=head2 Tag_Spec
-
-A command may have zero or more tags associated with it. There are
-eight possible tag values, C<NOPASSWD>, C<PASSWD>, C<NOEXEC>,
-C<EXEC>, C<SETENV>, C<NOSETENV>, C<LOG_INPUT>, C<NOLOG_INPUT>,
-C<LOG_OUTPUT> and C<NOLOG_OUTPUT>. Once a tag is set on a C<Cmnd>,
-subsequent C<Cmnd>s in the C<Cmnd_Spec_List>, inherit the tag unless
-it is overridden by the opposite tag (i.e.: C<PASSWD> overrides
-C<NOPASSWD> and C<NOEXEC> overrides C<EXEC>).
-
-=head3 NOPASSWD and PASSWD
-
-By default, B<sudo> requires that a user authenticate him or herself
-before running a command. This behavior can be modified via the
-C<NOPASSWD> tag. Like a C<Runas_Spec>, the C<NOPASSWD> tag sets
-a default for the commands that follow it in the C<Cmnd_Spec_List>.
-Conversely, the C<PASSWD> tag can be used to reverse things.
-For example:
-
- ray rushmore = NOPASSWD: /bin/kill, /bin/ls, /usr/bin/lprm
-
-would allow the user B<ray> to run F</bin/kill>, F</bin/ls>, and
-F</usr/bin/lprm> as B<root> on the machine rushmore without
-authenticating himself. If we only want B<ray> to be able to
-run F</bin/kill> without a password the entry would be:
-
- ray rushmore = NOPASSWD: /bin/kill, PASSWD: /bin/ls, /usr/bin/lprm
-
-Note, however, that the C<PASSWD> tag has no effect on users who are
-in the group specified by the I<exempt_group> option.
-
-By default, if the C<NOPASSWD> tag is applied to any of the entries
-for a user on the current host, he or she will be able to run
-C<sudo -l> without a password. Additionally, a user may only run
-C<sudo -v> without a password if the C<NOPASSWD> tag is present
-for all a user's entries that pertain to the current host.
-This behavior may be overridden via the verifypw and listpw options.
-
-=head3 NOEXEC and EXEC
-
-If B<sudo> has been compiled with I<noexec> support and the underlying
-operating system supports it, the C<NOEXEC> tag can be used to prevent
-a dynamically-linked executable from running further commands itself.
-
-In the following example, user B<aaron> may run F</usr/bin/more>
-and F</usr/bin/vi> but shell escapes will be disabled.
-
- aaron shanty = NOEXEC: /usr/bin/more, /usr/bin/vi
-
-See the L<PREVENTING SHELL ESCAPES> section below for more details
-on how C<NOEXEC> works and whether or not it will work on your system.
-
-=head3 SETENV and NOSETENV
-
-These tags override the value of the I<setenv> option on a per-command
-basis. Note that if C<SETENV> has been set for a command, any
-environment variables set on the command line way are not subject
-to the restrictions imposed by I<env_check>, I<env_delete>, or
-I<env_keep>. As such, only trusted users should be allowed to set
-variables in this manner. If the command matched is B<ALL>, the
-C<SETENV> tag is implied for that command; this default may
-be overridden by use of the C<NOSETENV> tag.
-
-=head3 LOG_INPUT and NOLOG_INPUT
-
-These tags override the value of the I<log_input> option on a
-per-command basis. For more information, see the description of
-I<log_input> in the L<"SUDOERS OPTIONS"> section below.
-
-=head3 LOG_OUTPUT and NOLOG_OUTPUT
-
-These tags override the value of the I<log_output> option on a
-per-command basis. For more information, see the description of
-I<log_output> in the L<"SUDOERS OPTIONS"> section below.
-
-=head2 Wildcards
-
-B<sudo> allows shell-style I<wildcards> (aka meta or glob characters)
-to be used in host names, path names and command line arguments in
-the I<sudoers> file. Wildcard matching is done via the B<POSIX>
-L<glob(3)> and L<fnmatch(3)> routines. Note that these are I<not>
-regular expressions.
-
-=over 8
-
-=item C<*>
-
-Matches any set of zero or more characters.
-
-=item C<?>
-
-Matches any single character.
-
-=item C<[...]>
-
-Matches any character in the specified range.
-
-=item C<[!...]>
-
-Matches any character B<not> in the specified range.
-
-=item C<\x>
-
-For any character "x", evaluates to "x". This is used to
-escape special characters such as: "*", "?", "[", and "}".
-
-=back
-
-POSIX character classes may also be used if your system's L<glob(3)>
-and L<fnmatch(3)> functions support them. However, because the
-C<':'> character has special meaning in I<sudoers>, it must be
-escaped. For example:
-
- /bin/ls [[\:alpha\:]]*
-
-Would match any file name beginning with a letter.
-
-Note that a forward slash ('/') will B<not> be matched by
-wildcards used in the path name. When matching the command
-line arguments, however, a slash B<does> get matched by
-wildcards. This is to make a path like:
-
- /usr/bin/*
-
-match F</usr/bin/who> but not F</usr/bin/X11/xterm>.
-
-=head2 Exceptions to wildcard rules
-
-The following exceptions apply to the above rules:
-
-=over 8
-
-=item C<"">
-
-If the empty string C<""> is the only command line argument in the
-I<sudoers> entry it means that command is not allowed to be run
-with B<any> arguments.
-
-=back
-
-=head2 Including other files from within sudoers
-
-It is possible to include other I<sudoers> files from within the
-I<sudoers> file currently being parsed using the C<#include> and
-C<#includedir> directives.
-
-This can be used, for example, to keep a site-wide I<sudoers> file
-in addition to a local, per-machine file. For the sake of this
-example the site-wide I<sudoers> will be F</etc/sudoers> and the
-per-machine one will be F</etc/sudoers.local>. To include
-F</etc/sudoers.local> from within F</etc/sudoers> we would use the
-following line in F</etc/sudoers>:
-
-=over 4
-
-C<#include /etc/sudoers.local>
-
-=back
-
-When B<sudo> reaches this line it will suspend processing of the
-current file (F</etc/sudoers>) and switch to F</etc/sudoers.local>.
-Upon reaching the end of F</etc/sudoers.local>, the rest of
-F</etc/sudoers> will be processed. Files that are included may
-themselves include other files. A hard limit of 128 nested include
-files is enforced to prevent include file loops.
-
-The file name may include the C<%h> escape, signifying the short form
-of the host name. I.e., if the machine's host name is "xerxes", then
-
-C<#include /etc/sudoers.%h>
-
-will cause B<sudo> to include the file F</etc/sudoers.xerxes>.
-
-The C<#includedir> directive can be used to create a F<sudo.d>
-directory that the system package manager can drop I<sudoers> rules
-into as part of package installation. For example, given:
-
-C<#includedir /etc/sudoers.d>
-
-B<sudo> will read each file in F</etc/sudoers.d>, skipping file
-names that end in C<~> or contain a C<.> character to avoid causing
-problems with package manager or editor temporary/backup files.
-Files are parsed in sorted lexical order. That is,
-F</etc/sudoers.d/01_first> will be parsed before
-F</etc/sudoers.d/10_second>. Be aware that because the sorting is
-lexical, not numeric, F</etc/sudoers.d/1_whoops> would be loaded
-B<after> F</etc/sudoers.d/10_second>. Using a consistent number
-of leading zeroes in the file names can be used to avoid such
-problems.
-
-Note that unlike files included via C<#include>, B<visudo> will not
-edit the files in a C<#includedir> directory unless one of them
-contains a syntax error. It is still possible to run B<visudo>
-with the C<-f> flag to edit the files directly.
-
-=head2 Other special characters and reserved words
-
-The pound sign ('#') is used to indicate a comment (unless it is
-part of a #include directive or unless it occurs in the context of
-a user name and is followed by one or more digits, in which case
-it is treated as a uid). Both the comment character and any text
-after it, up to the end of the line, are ignored.
-
-The reserved word B<ALL> is a built-in I<alias> that always causes
-a match to succeed. It can be used wherever one might otherwise
-use a C<Cmnd_Alias>, C<User_Alias>, C<Runas_Alias>, or C<Host_Alias>.
-You should not try to define your own I<alias> called B<ALL> as the
-built-in alias will be used in preference to your own. Please note
-that using B<ALL> can be dangerous since in a command context, it
-allows the user to run B<any> command on the system.
-
-An exclamation point ('!') can be used as a logical I<not> operator
-both in an I<alias> and in front of a C<Cmnd>. This allows one to
-exclude certain values. Note, however, that using a C<!> in
-conjunction with the built-in C<ALL> alias to allow a user to
-run "all but a few" commands rarely works as intended (see SECURITY
-NOTES below).
-
-Long lines can be continued with a backslash ('\') as the last
-character on the line.
-
-Whitespace between elements in a list as well as special syntactic
-characters in a I<User Specification> ('=', ':', '(', ')') is optional.
-
-The following characters must be escaped with a backslash ('\') when
-used as part of a word (e.g.E<nbsp>a user name or host name):
-'@', '!', '=', ':', ',', '(', ')', '\'.
-
-=head1 SUDOERS OPTIONS
-
-B<sudo>'s behavior can be modified by C<Default_Entry> lines, as
-explained earlier. A list of all supported Defaults parameters,
-grouped by type, are listed below.
-
-B<Boolean Flags>:
-
-=over 16
-
-=item always_set_home
-
-If enabled, B<sudo> will set the C<HOME> environment variable to the
-home directory of the target user (which is root unless the B<-u>
-option is used). This effectively means that the B<-H> option is
-always implied. Note that C<HOME> is already set when the the
-I<env_reset> option is enabled, so I<always_set_home> is only
-effective for configurations where I<env_reset> is disabled.
-This flag is I<off> by default.
-
-=item authenticate
-
-If set, users must authenticate themselves via a password (or other
-means of authentication) before they may run commands. This default
-may be overridden via the C<PASSWD> and C<NOPASSWD> tags.
-This flag is I<on> by default.
-
-=item closefrom_override
-
-If set, the user may use B<sudo>'s B<-C> option which
-overrides the default starting point at which B<sudo> begins
-closing open file descriptors. This flag is I<off> by default.
-
-=item compress_io
-
-If set, and B<sudo> is configured to log a command's input or output,
-the I/O logs will be compressed using B<zlib>. This flag is I<on>
-by default when B<sudo> is compiled with B<zlib> support.
-
-=item env_editor
-
-If set, B<visudo> will use the value of the EDITOR or VISUAL
-environment variables before falling back on the default editor list.
-Note that this may create a security hole as it allows the user to
-run any arbitrary command as root without logging. A safer alternative
-is to place a colon-separated list of editors in the C<editor>
-variable. B<visudo> will then only use the EDITOR or VISUAL if
-they match a value specified in C<editor>. This flag is I<@env_editor@> by
-default.
-
-=item env_reset
-
-If set, B<sudo> will reset the environment to only contain the
-LOGNAME, MAIL, SHELL, USER, USERNAME and the C<SUDO_*> variables. Any
-variables in the caller's environment that match the C<env_keep>
-and C<env_check> lists are then added. The default contents of the
-C<env_keep> and C<env_check> lists are displayed when B<sudo> is
-run by root with the I<-V> option. If the I<secure_path> option
-is set, its value will be used for the C<PATH> environment variable.
-This flag is I<on> by default.
-
-=item fast_glob
-
-Normally, B<sudo> uses the L<glob(3)> function to do shell-style
-globbing when matching path names. However, since it accesses the
-file system, L<glob(3)> can take a long time to complete for some
-patterns, especially when the pattern references a network file
-system that is mounted on demand (automounted). The I<fast_glob>
-option causes B<sudo> to use the L<fnmatch(3)> function, which does
-not access the file system to do its matching. The disadvantage
-of I<fast_glob> is that it is unable to match relative path names
-such as F<./ls> or F<../bin/ls>. This has security implications
-when path names that include globbing characters are used with the
-negation operator, C<'!'>, as such rules can be trivially bypassed.
-As such, this option should not be used when I<sudoers> contains rules
-that contain negated path names which include globbing characters.
-This flag is I<off> by default.
-
-=item fqdn
-
-Set this flag if you want to put fully qualified host names in the
-I<sudoers> file. I.e., instead of myhost you would use myhost.mydomain.edu.
-You may still use the short form if you wish (and even mix the two).
-Beware that turning on I<fqdn> requires B<sudo> to make DNS lookups
-which may make B<sudo> unusable if DNS stops working (for example
-if the machine is not plugged into the network). Also note that
-you must use the host's official name as DNS knows it. That is,
-you may not use a host alias (C<CNAME> entry) due to performance
-issues and the fact that there is no way to get all aliases from
-DNS. If your machine's host name (as returned by the C<hostname>
-command) is already fully qualified you shouldn't need to set
-I<fqdn>. This flag is I<@fqdn@> by default.
-
-=item ignore_dot
-
-If set, B<sudo> will ignore '.' or '' (current dir) in the C<PATH>
-environment variable; the C<PATH> itself is not modified. This
-flag is I<@ignore_dot@> by default.
-
-=item ignore_local_sudoers
-
-If set via LDAP, parsing of F<@sysconfdir@/sudoers> will be skipped.
-This is intended for Enterprises that wish to prevent the usage of local
-sudoers files so that only LDAP is used. This thwarts the efforts of
-rogue operators who would attempt to add roles to F<@sysconfdir@/sudoers>.
-When this option is present, F<@sysconfdir@/sudoers> does not even need to
-exist. Since this option tells B<sudo> how to behave when no specific LDAP
-entries have been matched, this sudoOption is only meaningful for the
-C<cn=defaults> section. This flag is I<off> by default.
-
-=item insults
-
-If set, B<sudo> will insult users when they enter an incorrect
-password. This flag is I<@insults@> by default.
-
-=item log_host
-
-If set, the host name will be logged in the (non-syslog) B<sudo> log file.
-This flag is I<off> by default.
-
-=item log_year
-
-If set, the four-digit year will be logged in the (non-syslog) B<sudo> log file.
-This flag is I<off> by default.
-
-=item long_otp_prompt
-
-When validating with a One Time Password (OPT) scheme such as
-B<S/Key> or B<OPIE>, a two-line prompt is used to make it easier
-to cut and paste the challenge to a local window. It's not as
-pretty as the default but some people find it more convenient. This
-flag is I<@long_otp_prompt@> by default.
-
-=item mail_always
-
-Send mail to the I<mailto> user every time a users runs B<sudo>.
-This flag is I<off> by default.
-
-=item mail_badpass
-
-Send mail to the I<mailto> user if the user running B<sudo> does not
-enter the correct password. This flag is I<off> by default.
-
-=item mail_no_host
-
-If set, mail will be sent to the I<mailto> user if the invoking
-user exists in the I<sudoers> file, but is not allowed to run
-commands on the current host. This flag is I<@mail_no_host@> by default.
-
-=item mail_no_perms
-
-If set, mail will be sent to the I<mailto> user if the invoking
-user is allowed to use B<sudo> but the command they are trying is not
-listed in their I<sudoers> file entry or is explicitly denied.
-This flag is I<@mail_no_perms@> by default.
-
-=item mail_no_user
-
-If set, mail will be sent to the I<mailto> user if the invoking
-user is not in the I<sudoers> file. This flag is I<@mail_no_user@>
-by default.
-
-=item noexec
-
-If set, all commands run via B<sudo> will behave as if the C<NOEXEC>
-tag has been set, unless overridden by a C<EXEC> tag. See the
-description of I<NOEXEC and EXEC> below as well as the L<PREVENTING SHELL
-ESCAPES> section at the end of this manual. This flag is I<off> by default.
-
-=item path_info
-
-Normally, B<sudo> will tell the user when a command could not be
-found in their C<PATH> environment variable. Some sites may wish
-to disable this as it could be used to gather information on the
-location of executables that the normal user does not have access
-to. The disadvantage is that if the executable is simply not in
-the user's C<PATH>, B<sudo> will tell the user that they are not
-allowed to run it, which can be confusing. This flag is I<@path_info@>
-by default.
-
-=item passprompt_override
-
-The password prompt specified by I<passprompt> will normally only
-be used if the password prompt provided by systems such as PAM matches
-the string "Password:". If I<passprompt_override> is set, I<passprompt>
-will always be used. This flag is I<off> by default.
-
-=item preserve_groups
-
-By default, B<sudo> will initialize the group vector to the list of
-groups the target user is in. When I<preserve_groups> is set, the
-user's existing group vector is left unaltered. The real and
-effective group IDs, however, are still set to match the target
-user. This flag is I<off> by default.
-
-=item pwfeedback
-
-By default, B<sudo> reads the password like most other Unix programs,
-by turning off echo until the user hits the return (or enter) key.
-Some users become confused by this as it appears to them that B<sudo>
-has hung at this point. When I<pwfeedback> is set, B<sudo> will
-provide visual feedback when the user presses a key. Note that
-this does have a security impact as an onlooker may be able to
-determine the length of the password being entered.
-This flag is I<off> by default.
-
-=item requiretty
-
-If set, B<sudo> will only run when the user is logged in to a real
-tty. When this flag is set, B<sudo> can only be run from a login
-session and not via other means such as L<cron(8)> or cgi-bin scripts.
-This flag is I<off> by default.
-
-=item root_sudo
-
-If set, root is allowed to run B<sudo> too. Disabling this prevents users
-from "chaining" B<sudo> commands to get a root shell by doing something
-like C<"sudo sudo /bin/sh">. Note, however, that turning off I<root_sudo>
-will also prevent root from running B<sudoedit>.
-Disabling I<root_sudo> provides no real additional security; it
-exists purely for historical reasons.
-This flag is I<@root_sudo@> by default.
-
-=item rootpw
-
-If set, B<sudo> will prompt for the root password instead of the password
-of the invoking user. This flag is I<off> by default.
-
-=item runaspw
-
-If set, B<sudo> will prompt for the password of the user defined by the
-I<runas_default> option (defaults to C<@runas_default@>) instead of the
-password of the invoking user. This flag is I<off> by default.
-
-=item set_home
-
-If enabled and B<sudo> is invoked with the B<-s> option the C<HOME>
-environment variable will be set to the home directory of the target
-user (which is root unless the B<-u> option is used). This effectively
-makes the B<-s> option imply B<-H>. Note that C<HOME> is already
-set when the the I<env_reset> option is enabled, so I<set_home> is
-only effective for configurations where I<env_reset> is disabled.
-This flag is I<off> by default.
-
-=item set_logname
-
-Normally, B<sudo> will set the C<LOGNAME>, C<USER> and C<USERNAME>
-environment variables to the name of the target user (usually root
-unless the B<-u> option is given). However, since some programs
-(including the RCS revision control system) use C<LOGNAME> to
-determine the real identity of the user, it may be desirable to
-change this behavior. This can be done by negating the set_logname
-option. Note that if the I<env_reset> option has not been disabled,
-entries in the I<env_keep> list will override the value of
-I<set_logname>. This flag is I<on> by default.
-
-=item setenv
-
-Allow the user to disable the I<env_reset> option from the command
-line. Additionally, environment variables set via the command line
-are not subject to the restrictions imposed by I<env_check>,
-I<env_delete>, or I<env_keep>. As such, only trusted users should
-be allowed to set variables in this manner. This flag is I<off>
-by default.
-
-=item shell_noargs
-
-If set and B<sudo> is invoked with no arguments it acts as if the
-B<-s> option had been given. That is, it runs a shell as root (the
-shell is determined by the C<SHELL> environment variable if it is
-set, falling back on the shell listed in the invoking user's
-/etc/passwd entry if not). This flag is I<off> by default.
-
-=item stay_setuid
-
-Normally, when B<sudo> executes a command the real and effective
-UIDs are set to the target user (root by default). This option
-changes that behavior such that the real UID is left as the invoking
-user's UID. In other words, this makes B<sudo> act as a setuid
-wrapper. This can be useful on systems that disable some potentially
-dangerous functionality when a program is run setuid. This option
-is only effective on systems with either the setreuid() or setresuid()
-function. This flag is I<off> by default.
-
-=item targetpw
-
-If set, B<sudo> will prompt for the password of the user specified
-by the B<-u> option (defaults to C<root>) instead of the password
-of the invoking user. In addition, the timestamp file name will
-include the target user's name. Note that this flag precludes the
-use of a uid not listed in the passwd database as an argument to
-the B<-u> option. This flag is I<off> by default.
-
-=item log_input
-
-If set, B<sudo> will run the command in a I<pseudo tty> and log all
-user input.
-If the standard input is not connected to the user's tty, due to
-I/O redirection or because the command is part of a pipeline, that
-input is also captured and stored in a separate log file.
-
-Input is logged to the F</var/log/sudo-io> directory using a unique
-session ID that is included in the normal B<sudo> log line, prefixed
-with I<TSID=>.
-
-=item log_output
-
-If set, B<sudo> will run the command in a I<pseudo tty> and log all
-output that is sent to the screen, similar to the script(1) command.
-If the standard output or standard error is not connected to the
-user's tty, due to I/O redirection or because the command is part
-of a pipeline, that output is also captured and stored in separate
-log files.
-
-Output is logged to the
-F</var/log/sudo-io> directory using a unique session ID that is
-included in the normal B<sudo> log line, prefixed with I<TSID=>.
-
-Output logs may be viewed with the L<sudoreplay(8)> utility, which
-can also be used to list or search the available logs.
-
-=item tty_tickets
-
-If set, users must authenticate on a per-tty basis. With this flag
-enabled, B<sudo> will use a file named for the tty the user is
-logged in on in the user's time stamp directory. If disabled, the
-time stamp of the directory is used instead. This flag is
-I<@tty_tickets@> by default.
-
-=item umask_override
-
-If set, B<sudo> will set the umask as specified by I<sudoers> without
-modification. This makes it possible to specify a more permissive
-umask in I<sudoers> than the user's own umask and matches historical
-behavior. If I<umask_override> is not set, B<sudo> will set the
-umask to be the union of the user's umask and what is specified in
-I<sudoers>. This flag is I<off> by default.
-
-=item use_loginclass
-
-If set, B<sudo> will apply the defaults specified for the target user's
-login class if one exists. Only available if B<sudo> is configured with
-the --with-logincap option. This flag is I<off> by default.
-
-=item use_pty
-
-If set, B<sudo> will run the command in a pseudo-pty even if no I/O
-logging is being gone. A malicious program run under B<sudo> could
-conceivably fork a background process that retains to the user's
-terminal device after the main program has finished executing. Use
-of this option will make that impossible.
-
-=item visiblepw
-
-By default, B<sudo> will refuse to run if the user must enter a
-password but it is not possible to disable echo on the terminal.
-If the I<visiblepw> flag is set, B<sudo> will prompt for a password
-even when it would be visible on the screen. This makes it possible
-to run things like C<"rsh somehost sudo ls"> since L<rsh(1)> does
-not allocate a tty. This flag is I<off> by default.
-
-=back
-
-B<Integers>:
-
-=over 16
-
-=item closefrom
-
-Before it executes a command, B<sudo> will close all open file
-descriptors other than standard input, standard output and standard
-error (ie: file descriptors 0-2). The I<closefrom> option can be used
-to specify a different file descriptor at which to start closing.
-The default is C<3>.
-
-=item passwd_tries
-
-The number of tries a user gets to enter his/her password before
-B<sudo> logs the failure and exits. The default is C<@passwd_tries@>.
-
-=back
-
-B<Integers that can be used in a boolean context>:
-
-=over 16
-
-=item loglinelen
-
-Number of characters per line for the file log. This value is used
-to decide when to wrap lines for nicer log files. This has no
-effect on the syslog log file, only the file log. The default is
-C<@loglen@> (use 0 or negate the option to disable word wrap).
-
-=item passwd_timeout
-
-Number of minutes before the B<sudo> password prompt times out, or
-C<0> for no timeout. The timeout may include a fractional component
-if minute granularity is insufficient, for example C<2.5>. The
-default is C<@password_timeout@>.
-
-=item timestamp_timeout
-
-Number of minutes that can elapse before B<sudo> will ask for a
-passwd again. The timeout may include a fractional component if
-minute granularity is insufficient, for example C<2.5>. The default
-is C<@timeout@>. Set this to C<0> to always prompt for a password.
-If set to a value less than C<0> the user's timestamp will never
-expire. This can be used to allow users to create or delete their
-own timestamps via C<sudo -v> and C<sudo -k> respectively.
-
-=item umask
-
-Umask to use when running the command. Negate this option or set
-it to 0777 to preserve the user's umask. The actual umask that is
-used will be the union of the user's umask and the value of the
-I<umask> option, which defaults to C<@sudo_umask@>. This guarantees
-that B<sudo> never lowers the umask when running a command. Note
-on systems that use PAM, the default PAM configuration may specify
-its own umask which will override the value set in I<sudoers>.
-
-=back
-
-B<Strings>:
-
-=over 16
-
-=item badpass_message
-
-Message that is displayed if a user enters an incorrect password.
-The default is C<@badpass_message@> unless insults are enabled.
-
-=item editor
-
-A colon (':') separated list of editors allowed to be used with
-B<visudo>. B<visudo> will choose the editor that matches the user's
-EDITOR environment variable if possible, or the first editor in the
-list that exists and is executable. The default is C<"@editor@">.
-
-=item mailsub
-
-Subject of the mail sent to the I<mailto> user. The escape C<%h>
-will expand to the host name of the machine.
-Default is C<@mailsub@>.
-
-=item noexec_file
-
-Path to a shared library containing dummy versions of the execv(),
-execve() and fexecve() library functions that just return an error.
-This is used to implement the I<noexec> functionality on systems that
-support C<LD_PRELOAD> or its equivalent. Defaults to F<@noexec_file@>.
-
-=item passprompt
-
-The default prompt to use when asking for a password; can be overridden
-via the B<-p> option or the C<SUDO_PROMPT> environment variable.
-The following percent (`C<%>') escapes are supported:
-
-=over 4
-
-=item C<%H>
-
-expanded to the local host name including the domain name
-(on if the machine's host name is fully qualified or the I<fqdn>
-option is set)
-
-=item C<%h>
-
-expanded to the local host name without the domain name
-
-=item C<%p>
-
-expanded to the user whose password is being asked for (respects the
-I<rootpw>, I<targetpw> and I<runaspw> flags in I<sudoers>)
-
-=item C<%U>
-
-expanded to the login name of the user the command will
-be run as (defaults to root)
-
-=item C<%u>
-
-expanded to the invoking user's login name
-
-=item C<%%>
-
-two consecutive C<%> characters are collapsed into a single C<%> character
-
-=back
-
-The default value is C<@passprompt@>.
-
-=item role
-
-The default SELinux role to use when constructing a new security
-context to run the command. The default role may be overridden on
-a per-command basis in I<sudoers> or via command line options.
-This option is only available whe B<sudo> is built with SELinux support.
-
-=item runas_default
-
-The default user to run commands as if the B<-u> option is not specified
-on the command line. This defaults to C<@runas_default@>.
-Note that if I<runas_default> is set it B<must> occur before
-any C<Runas_Alias> specifications.
-
-=item syslog_badpri
-
-Syslog priority to use when user authenticates unsuccessfully.
-Defaults to C<@badpri@>.
-
-=item syslog_goodpri
-
-Syslog priority to use when user authenticates successfully.
-Defaults to C<@goodpri@>.
-
-=item sudoers_locale
-
-Locale to use when parsing the sudoers file. Note that changing
-the locale may affect how sudoers is interpreted.
-Defaults to C<"C">.
-
-=item timestampdir
-
-The directory in which B<sudo> stores its timestamp files.
-The default is F<@timedir@>.
-
-=item timestampowner
-
-The owner of the timestamp directory and the timestamps stored therein.
-The default is C<root>.
-
-=item type
-
-The default SELinux type to use when constructing a new security
-context to run the command. The default type may be overridden on
-a per-command basis in I<sudoers> or via command line options.
-This option is only available whe B<sudo> is built with SELinux support.
-
-=back
-
-B<Strings that can be used in a boolean context>:
-
-=over 12
-
-=item askpass
-
-The I<askpass> option specifies the fully qualified path to a helper
-program used to read the user's password when no terminal is
-available. This may be the case when B<sudo> is executed from a
-graphical (as opposed to text-based) application. The program
-specified by I<askpass> should display the argument passed to it
-as the prompt and write the user's password to the standard output.
-The value of I<askpass> may be overridden by the C<SUDO_ASKPASS>
-environment variable.
-
-=item env_file
-
-The I<env_file> options specifies the fully qualified path to a
-file containing variables to be set in the environment of the program
-being run. Entries in this file should either be of the form
-C<VARIABLE=value> or C<export VARIABLE=value>. The value may
-optionally be surrounded by single or double quotes. Variables in
-this file are subject to other B<sudo> environment settings such
-as I<env_keep> and I<env_check>.
-
-=item exempt_group
-
-Users in this group are exempt from password and PATH requirements.
-This is not set by default.
-
-=item lecture
-
-This option controls when a short lecture will be printed along with
-the password prompt. It has the following possible values:
-
-=over 8
-
-=item always
-
-Always lecture the user.
-
-=item never
-
-Never lecture the user.
-
-=item once
-
-Only lecture the user the first time they run B<sudo>.
-
-=back
-
-If no value is specified, a value of I<once> is implied.
-Negating the option results in a value of I<never> being used.
-The default value is I<@lecture@>.
-
-=item lecture_file
-
-Path to a file containing an alternate B<sudo> lecture that will
-be used in place of the standard lecture if the named file exists.
-By default, B<sudo> uses a built-in lecture.
-
-=item listpw
-
-This option controls when a password will be required when a
-user runs B<sudo> with the B<-l> option. It has the following possible values:
-
-=over 8
-
-=item all
-
-All the user's I<sudoers> entries for the current host must have
-the C<NOPASSWD> flag set to avoid entering a password.
-
-=item always
-
-The user must always enter a password to use the B<-l> option.
-
-=item any
-
-At least one of the user's I<sudoers> entries for the current host
-must have the C<NOPASSWD> flag set to avoid entering a password.
-
-=item never
-
-The user need never enter a password to use the B<-l> option.
-
-=back
-
-If no value is specified, a value of I<any> is implied.
-Negating the option results in a value of I<never> being used.
-The default value is I<any>.
-
-=item logfile
-
-Path to the B<sudo> log file (not the syslog log file). Setting a path
-turns on logging to a file; negating this option turns it off.
-By default, B<sudo> logs via syslog.
-
-=item mailerflags
-
-Flags to use when invoking mailer. Defaults to B<-t>.
-
-=item mailerpath
-
-Path to mail program used to send warning mail.
-Defaults to the path to sendmail found at configure time.
-
-=item mailfrom
-
-Address to use for the "from" address when sending warning and error
-mail. The address should be enclosed in double quotes (C<">) to
-protect against B<sudo> interpreting the C<@> sign. Defaults to
-the name of the user running B<sudo>.
-
-=item mailto
-
-Address to send warning and error mail to. The address should
-be enclosed in double quotes (C<">) to protect against B<sudo>
-interpreting the C<@> sign. Defaults to C<@mailto@>.
-
-=item secure_path
-
-Path used for every command run from B<sudo>. If you don't trust the
-people running B<sudo> to have a sane C<PATH> environment variable you may
-want to use this. Another use is if you want to have the "root path"
-be separate from the "user path." Users in the group specified by the
-I<exempt_group> option are not affected by I<secure_path>.
-This option is @secure_path@ by default.
-
-=item syslog
-
-Syslog facility if syslog is being used for logging (negate to
-disable syslog logging). Defaults to C<@logfac@>.
-
-=item verifypw
-
-This option controls when a password will be required when a user runs
-B<sudo> with the B<-v> option. It has the following possible values:
-
-=over 8
-
-=item all
-
-All the user's I<sudoers> entries for the current host must have
-the C<NOPASSWD> flag set to avoid entering a password.
-
-=item always
-
-The user must always enter a password to use the B<-v> option.
-
-=item any
-
-At least one of the user's I<sudoers> entries for the current host
-must have the C<NOPASSWD> flag set to avoid entering a password.
-
-=item never
-
-The user need never enter a password to use the B<-v> option.
-
-=back
-
-If no value is specified, a value of I<all> is implied.
-Negating the option results in a value of I<never> being used.
-The default value is I<all>.
-
-=back
-
-B<Lists that can be used in a boolean context>:
-
-=over 16
-
-=item env_check
-
-Environment variables to be removed from the user's environment if
-the variable's value contains C<%> or C</> characters. This can
-be used to guard against printf-style format vulnerabilities in
-poorly-written programs. The argument may be a double-quoted,
-space-separated list or a single value without double-quotes. The
-list can be replaced, added to, deleted from, or disabled by using
-the C<=>, C<+=>, C<-=>, and C<!> operators respectively. Regardless
-of whether the C<env_reset> option is enabled or disabled, variables
-specified by C<env_check> will be preserved in the environment if
-they pass the aforementioned check. The default list of environment
-variables to check is displayed when B<sudo> is run by root with
-the I<-V> option.
-
-=item env_delete
-
-Environment variables to be removed from the user's environment
-when the I<env_reset> option is not in effect. The argument may
-be a double-quoted, space-separated list or a single value without
-double-quotes. The list can be replaced, added to, deleted from,
-or disabled by using the C<=>, C<+=>, C<-=>, and C<!> operators
-respectively. The default list of environment variables to remove
-is displayed when B<sudo> is run by root with the I<-V> option.
-Note that many operating systems will remove potentially dangerous
-variables from the environment of any setuid process (such as
-B<sudo>).
-
-=item env_keep
-
-Environment variables to be preserved in the user's environment
-when the I<env_reset> option is in effect. This allows fine-grained
-control over the environment B<sudo>-spawned processes will receive.
-The argument may be a double-quoted, space-separated list or a
-single value without double-quotes. The list can be replaced, added
-to, deleted from, or disabled by using the C<=>, C<+=>, C<-=>, and
-C<!> operators respectively. The default list of variables to keep
-is displayed when B<sudo> is run by root with the I<-V> option.
-
-=back
-
-When logging via L<syslog(3)>, B<sudo> accepts the following values
-for the syslog facility (the value of the B<syslog> Parameter):
-B<authpriv> (if your OS supports it), B<auth>, B<daemon>, B<user>,
-B<local0>, B<local1>, B<local2>, B<local3>, B<local4>, B<local5>,
-B<local6>, and B<local7>. The following syslog priorities are
-supported: B<alert>, B<crit>, B<debug>, B<emerg>, B<err>, B<info>,
-B<notice>, and B<warning>.
-
-=head1 FILES
-
-=over 24
-
-=item F<@sysconfdir@/sudoers>
-
-List of who can run what
-
-=item F</etc/group>
-
-Local groups file
-
-=item F</etc/netgroup>
-
-List of network groups
-
-=item F</var/log/sudo-io>
-
-I/O log files
-
-=back
-
-=head1 EXAMPLES
-
-Below are example I<sudoers> entries. Admittedly, some of
-these are a bit contrived. First, we allow a few environment
-variables to pass and then define our I<aliases>:
-
- # Run X applications through sudo; HOME is used to find the
- # .Xauthority file. Note that other programs use HOME to find
- # configuration files and this may lead to privilege escalation!
- Defaults env_keep += "DISPLAY HOME"
-
- # User alias specification
- User_Alias FULLTIMERS = millert, mikef, dowdy
- User_Alias PARTTIMERS = bostley, jwfox, crawl
- User_Alias WEBMASTERS = will, wendy, wim
-
- # Runas alias specification
- Runas_Alias OP = root, operator
- Runas_Alias DB = oracle, sybase
- Runas_Alias ADMINGRP = adm, oper
-
- # Host alias specification
- Host_Alias SPARC = bigtime, eclipse, moet, anchor :\
- SGI = grolsch, dandelion, black :\
- ALPHA = widget, thalamus, foobar :\
- HPPA = boa, nag, python
- Host_Alias CUNETS = 128.138.0.0/255.255.0.0
- Host_Alias CSNETS = 128.138.243.0, 128.138.204.0/24, 128.138.242.0
- Host_Alias SERVERS = master, mail, www, ns
- Host_Alias CDROM = orion, perseus, hercules
-
- # Cmnd alias specification
- Cmnd_Alias DUMPS = /usr/bin/mt, /usr/sbin/dump, /usr/sbin/rdump,\
- /usr/sbin/restore, /usr/sbin/rrestore
- Cmnd_Alias KILL = /usr/bin/kill
- Cmnd_Alias PRINTING = /usr/sbin/lpc, /usr/bin/lprm
- Cmnd_Alias SHUTDOWN = /usr/sbin/shutdown
- Cmnd_Alias HALT = /usr/sbin/halt
- Cmnd_Alias REBOOT = /usr/sbin/reboot
- Cmnd_Alias SHELLS = /usr/bin/sh, /usr/bin/csh, /usr/bin/ksh, \
- /usr/local/bin/tcsh, /usr/bin/rsh, \
- /usr/local/bin/zsh
- Cmnd_Alias SU = /usr/bin/su
- Cmnd_Alias PAGERS = /usr/bin/more, /usr/bin/pg, /usr/bin/less
-
-Here we override some of the compiled in default values. We want
-B<sudo> to log via L<syslog(3)> using the I<auth> facility in all
-cases. We don't want to subject the full time staff to the B<sudo>
-lecture, user B<millert> need not give a password, and we don't
-want to reset the C<LOGNAME>, C<USER> or C<USERNAME> environment
-variables when running commands as root. Additionally, on the
-machines in the I<SERVERS> C<Host_Alias>, we keep an additional
-local log file and make sure we log the year in each log line since
-the log entries will be kept around for several years. Lastly, we
-disable shell escapes for the commands in the PAGERS C<Cmnd_Alias>
-(F</usr/bin/more>, F</usr/bin/pg> and F</usr/bin/less>).
-
- # Override built-in defaults
- Defaults syslog=auth
- Defaults>root !set_logname
- Defaults:FULLTIMERS !lecture
- Defaults:millert !authenticate
- Defaults at SERVERS log_year, logfile=/var/log/sudo.log
- Defaults!PAGERS noexec
-
-The I<User specification> is the part that actually determines who may
-run what.
-
- root ALL = (ALL) ALL
- %wheel ALL = (ALL) ALL
-
-We let B<root> and any user in group B<wheel> run any command on any
-host as any user.
-
- FULLTIMERS ALL = NOPASSWD: ALL
-
-Full time sysadmins (B<millert>, B<mikef>, and B<dowdy>) may run any
-command on any host without authenticating themselves.
-
- PARTTIMERS ALL = ALL
-
-Part time sysadmins (B<bostley>, B<jwfox>, and B<crawl>) may run any
-command on any host but they must authenticate themselves first
-(since the entry lacks the C<NOPASSWD> tag).
-
- jack CSNETS = ALL
-
-The user B<jack> may run any command on the machines in the I<CSNETS> alias
-(the networks C<128.138.243.0>, C<128.138.204.0>, and C<128.138.242.0>).
-Of those networks, only C<128.138.204.0> has an explicit netmask (in
-CIDR notation) indicating it is a class C network. For the other
-networks in I<CSNETS>, the local machine's netmask will be used
-during matching.
-
- lisa CUNETS = ALL
-
-The user B<lisa> may run any command on any host in the I<CUNETS> alias
-(the class B network C<128.138.0.0>).
-
- operator ALL = DUMPS, KILL, SHUTDOWN, HALT, REBOOT, PRINTING,\
- sudoedit /etc/printcap, /usr/oper/bin/
-
-The B<operator> user may run commands limited to simple maintenance.
-Here, those are commands related to backups, killing processes, the
-printing system, shutting down the system, and any commands in the
-directory F</usr/oper/bin/>.
-
- joe ALL = /usr/bin/su operator
-
-The user B<joe> may only L<su(1)> to operator.
-
- pete HPPA = /usr/bin/passwd [A-Za-z]*, !/usr/bin/passwd root
-
- %opers ALL = (: ADMINGRP) /usr/sbin/
-
-Users in the B<opers> group may run commands in F</usr/sbin/> as themselves
-with any group in the I<ADMINGRP> C<Runas_Alias> (the B<adm> and B<oper>
-groups).
-
-The user B<pete> is allowed to change anyone's password except for
-root on the I<HPPA> machines. Note that this assumes L<passwd(1)>
-does not take multiple user names on the command line.
-
- bob SPARC = (OP) ALL : SGI = (OP) ALL
-
-The user B<bob> may run anything on the I<SPARC> and I<SGI> machines
-as any user listed in the I<OP> C<Runas_Alias> (B<root> and B<operator>).
-
- jim +biglab = ALL
-
-The user B<jim> may run any command on machines in the I<biglab> netgroup.
-B<sudo> knows that "biglab" is a netgroup due to the '+' prefix.
-
- +secretaries ALL = PRINTING, /usr/bin/adduser, /usr/bin/rmuser
-
-Users in the B<secretaries> netgroup need to help manage the printers
-as well as add and remove users, so they are allowed to run those
-commands on all machines.
-
- fred ALL = (DB) NOPASSWD: ALL
-
-The user B<fred> can run commands as any user in the I<DB> C<Runas_Alias>
-(B<oracle> or B<sybase>) without giving a password.
-
- john ALPHA = /usr/bin/su [!-]*, !/usr/bin/su *root*
-
-On the I<ALPHA> machines, user B<john> may su to anyone except root
-but he is not allowed to specify any options to the L<su(1)> command.
-
- jen ALL, !SERVERS = ALL
-
-The user B<jen> may run any command on any machine except for those
-in the I<SERVERS> C<Host_Alias> (master, mail, www and ns).
-
- jill SERVERS = /usr/bin/, !SU, !SHELLS
-
-For any machine in the I<SERVERS> C<Host_Alias>, B<jill> may run
-any commands in the directory F</usr/bin/> except for those commands
-belonging to the I<SU> and I<SHELLS> C<Cmnd_Aliases>.
-
- steve CSNETS = (operator) /usr/local/op_commands/
-
-The user B<steve> may run any command in the directory /usr/local/op_commands/
-but only as user operator.
-
- matt valkyrie = KILL
-
-On his personal workstation, valkyrie, B<matt> needs to be able to
-kill hung processes.
-
- WEBMASTERS www = (www) ALL, (root) /usr/bin/su www
-
-On the host www, any user in the I<WEBMASTERS> C<User_Alias> (will,
-wendy, and wim), may run any command as user www (which owns the
-web pages) or simply L<su(1)> to www.
-
- ALL CDROM = NOPASSWD: /sbin/umount /CDROM,\
- /sbin/mount -o nosuid\,nodev /dev/cd0a /CDROM
-
-Any user may mount or unmount a CD-ROM on the machines in the CDROM
-C<Host_Alias> (orion, perseus, hercules) without entering a password.
-This is a bit tedious for users to type, so it is a prime candidate
-for encapsulating in a shell script.
-
-=head1 SECURITY NOTES
-
-It is generally not effective to "subtract" commands from C<ALL>
-using the '!' operator. A user can trivially circumvent this
-by copying the desired command to a different name and then
-executing that. For example:
-
- bill ALL = ALL, !SU, !SHELLS
-
-Doesn't really prevent B<bill> from running the commands listed in
-I<SU> or I<SHELLS> since he can simply copy those commands to a
-different name, or use a shell escape from an editor or other
-program. Therefore, these kind of restrictions should be considered
-advisory at best (and reinforced by policy).
-
-Furthermore, if the I<fast_glob> option is in use, it is not possible
-to reliably negate commands where the path name includes globbing
-(aka wildcard) characters. This is because the C library's
-L<fnmatch(3)> function cannot resolve relative paths. While this
-is typically only an inconvenience for rules that grant privileges,
-it can result in a security issue for rules that subtract or revoke
-privileges.
-
-For example, given the following I<sudoers> entry:
-
- john ALL = /usr/bin/passwd [a-zA-Z0-9]*, /usr/bin/chsh [a-zA-Z0-9]*,
- /usr/bin/chfn [a-zA-Z0-9]*, !/usr/bin/* root
-
-User B<john> can still run C</usr/bin/passwd root> if I<fast_glob> is
-enabled by changing to F</usr/bin> and running C<./passwd root> instead.
-
-=head1 PREVENTING SHELL ESCAPES
-
-Once B<sudo> executes a program, that program is free to do whatever
-it pleases, including run other programs. This can be a security
-issue since it is not uncommon for a program to allow shell escapes,
-which lets a user bypass B<sudo>'s access control and logging.
-Common programs that permit shell escapes include shells (obviously),
-editors, paginators, mail and terminal programs.
-
-There are two basic approaches to this problem:
-
-=over 10
-
-=item restrict
-
-Avoid giving users access to commands that allow the user to run
-arbitrary commands. Many editors have a restricted mode where shell
-escapes are disabled, though B<sudoedit> is a better solution to
-running editors via B<sudo>. Due to the large number of programs that
-offer shell escapes, restricting users to the set of programs that
-do not is often unworkable.
-
-=item noexec
-
-Many systems that support shared libraries have the ability to
-override default library functions by pointing an environment
-variable (usually C<LD_PRELOAD>) to an alternate shared library.
-On such systems, B<sudo>'s I<noexec> functionality can be used to
-prevent a program run by B<sudo> from executing any other programs.
-Note, however, that this applies only to native dynamically-linked
-executables. Statically-linked executables and foreign executables
-running under binary emulation are not affected.
-
-To tell whether or not B<sudo> supports I<noexec>, you can run
-the following as root:
-
- sudo -V | grep "dummy exec"
-
-If the resulting output contains a line that begins with:
-
- File containing dummy exec functions:
-
-then B<sudo> may be able to replace the exec family of functions
-in the standard library with its own that simply return an error.
-Unfortunately, there is no foolproof way to know whether or not
-I<noexec> will work at compile-time. I<noexec> should work on
-SunOS, Solaris, *BSD, Linux, IRIX, Tru64 UNIX, MacOS X, and HP-UX
-11.x. It is known B<not> to work on AIX and UnixWare. I<noexec>
-is expected to work on most operating systems that support the
-C<LD_PRELOAD> environment variable. Check your operating system's
-manual pages for the dynamic linker (usually ld.so, ld.so.1, dyld,
-dld.sl, rld, or loader) to see if C<LD_PRELOAD> is supported.
-
-To enable I<noexec> for a command, use the C<NOEXEC> tag as documented
-in the User Specification section above. Here is that example again:
-
- aaron shanty = NOEXEC: /usr/bin/more, /usr/bin/vi
-
-This allows user B<aaron> to run F</usr/bin/more> and F</usr/bin/vi>
-with I<noexec> enabled. This will prevent those two commands from
-executing other commands (such as a shell). If you are unsure
-whether or not your system is capable of supporting I<noexec> you
-can always just try it out and see if it works.
-
-=back
-
-Note that restricting shell escapes is not a panacea. Programs
-running as root are still capable of many potentially hazardous
-operations (such as changing or overwriting files) that could lead
-to unintended privilege escalation. In the specific case of an
-editor, a safer approach is to give the user permission to run
-B<sudoedit>.
-
-=head1 SEE ALSO
-
-L<rsh(1)>, L<su(1)>, L<fnmatch(3)>, L<glob(3)>, L<sudo(8)>, L<visudo(8)>
-
-=head1 CAVEATS
-
-The I<sudoers> file should B<always> be edited by the B<visudo>
-command which locks the file and does grammatical checking. It is
-imperative that I<sudoers> be free of syntax errors since B<sudo>
-will not run with a syntactically incorrect I<sudoers> file.
-
-When using netgroups of machines (as opposed to users), if you
-store fully qualified host name in the netgroup (as is usually the
-case), you either need to have the machine's host name be fully qualified
-as returned by the C<hostname> command or use the I<fqdn> option in
-I<sudoers>.
-
-=head1 BUGS
-
-If you feel you have found a bug in B<sudo>, please submit a bug report
-at http://www.sudo.ws/sudo/bugs/
-
-=head1 SUPPORT
-
-Limited free support is available via the sudo-users mailing list,
-see http://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or
-search the archives.
-
-=head1 DISCLAIMER
-
-B<sudo> is provided ``AS IS'' and any express or implied warranties,
-including, but not limited to, the implied warranties of merchantability
-and fitness for a particular purpose are disclaimed. See the LICENSE
-file distributed with B<sudo> or http://www.sudo.ws/sudo/license.html
-for complete details.
Modified: trunk/contrib/sudo/sudoers2ldif
===================================================================
--- trunk/contrib/sudo/sudoers2ldif 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudoers2ldif 2014-10-02 03:20:49 UTC (rev 6803)
@@ -25,6 +25,7 @@
my @options=();
my $did_defaults=0;
+my $order = 0;
# parse sudoers one line at a time
while (<>){
@@ -67,8 +68,9 @@
print "objectClass: top\n";
print "objectClass: sudoRole\n";
print "cn: defaults\n";
- print "description: Default sudoOption's go here\n";
+ print "description: Default sudoOption's go here\n";
print "sudoOption: $_\n" foreach @options;
+ printf "sudoOrder: %d\n", ++$order;
print "\n";
}
# Definition
@@ -96,6 +98,7 @@
}
print "sudoCommand: $_\n" foreach expand(\%CA, at cmds);
print "sudoOption: $_\n" foreach @options;
+ printf "sudoOrder: %d\n", ++$order;
print "\n";
}
@@ -120,6 +123,10 @@
s/EXEC:\s*// && push @options,"!noexec";
s/SETENV:\s*// && push @options,"setenv";
s/NOSETENV:\s*// && push @options,"!setenv";
+ s/LOG_INPUT:\s*// && push @options,"log_input";
+ s/NOLOG_INPUT:\s*// && push @options,"!log_input";
+ s/LOG_OUTPUT:\s*// && push @options,"log_output";
+ s/NOLOG_OUTPUT:\s*// && push @options,"!log_output";
s/\w+://; # silently remove other directives
s/\s+$//; # right trim
}
Modified: trunk/contrib/sudo/sudoreplay.c
===================================================================
--- trunk/contrib/sudo/sudoreplay.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudoreplay.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -18,6 +18,9 @@
#include <sys/types.h>
#include <sys/param.h>
+#ifdef HAVE_SYS_SYSMACROS_H
+# include <sys/sysmacros.h>
+#endif
#include <sys/stat.h>
#include <sys/time.h>
#include <sys/wait.h>
@@ -50,7 +53,7 @@
# include <time.h>
#endif
#ifndef HAVE_TIMESPEC
-# include <emul/timespec.h>
+# include "emul/timespec.h"
#endif
#include <ctype.h>
#include <errno.h>
@@ -85,10 +88,9 @@
#include <pathnames.h>
-#include "compat.h"
+#include "missing.h"
#include "alloc.h"
#include "error.h"
-#include "missing.h"
#ifndef LINE_MAX
# define LINE_MAX 2048
@@ -191,13 +193,14 @@
extern int term_raw __P((int, int));
extern int term_restore __P((int, int));
extern void zero_bytes __P((volatile void *, size_t));
-void cleanup __P((int));
+RETSIGTYPE cleanup __P((int));
static int list_sessions __P((int, char **, const char *, const char *, const char *));
static int parse_expr __P((struct search_node **, char **));
static void check_input __P((int, double *));
static void delay __P((double));
-static void usage __P((void));
+static void help __P((void)) __attribute__((__noreturn__));
+static void usage __P((int));
static void *open_io_fd __P((char *pathbuf, int len, const char *suffix));
static int parse_timing __P((const char *buf, const char *decimal, int *idx, double *seconds, size_t *nbytes));
@@ -235,7 +238,7 @@
decimal = localeconv()->decimal_point;
#endif
- while ((ch = getopt(argc, argv, "d:f:lm:s:V")) != -1) {
+ while ((ch = getopt(argc, argv, "d:f:hlm:s:V")) != -1) {
switch(ch) {
case 'd':
session_dir = optarg;
@@ -254,6 +257,9 @@
errorx(1, "invalid filter option: %s", optarg);
}
break;
+ case 'h':
+ help();
+ /* NOTREACHED */
case 'l':
listonly = 1;
break;
@@ -273,7 +279,7 @@
(void) printf("%s version %s\n", getprogname(), PACKAGE_VERSION);
exit(0);
default:
- usage();
+ usage(1);
/* NOTREACHED */
}
@@ -285,7 +291,7 @@
exit(list_sessions(argc, argv, pattern, user, tty));
if (argc != 1)
- usage();
+ usage(1);
/* 6 digit ID in base 36, e.g. 01G712AB */
id = argv[0];
@@ -316,9 +322,12 @@
error(1, "unable to open %s", path);
cp = NULL;
len = 0;
- getline(&cp, &len, lfile); /* log */
- getline(&cp, &len, lfile); /* cwd */
- getline(&cp, &len, lfile); /* command */
+ /* Pull out command (third line). */
+ if (getline(&cp, &len, lfile) == -1 ||
+ getline(&cp, &len, lfile) == -1 ||
+ getline(&cp, &len, lfile) == -1) {
+ errorx(1, "invalid log file %s", path);
+ }
printf("Replaying sudo session: %s", cp);
free(cp);
fclose(lfile);
@@ -537,7 +546,7 @@
errorx(1, "unmatched ')' in expression");
if (node_stack[stack_top])
sn->next = node_stack[stack_top]->next;
- return(av - argv + 1);
+ return av - argv + 1;
bad:
default:
errorx(1, "unknown search term \"%s\"", *av);
@@ -583,7 +592,7 @@
if (not)
errorx(1, "illegal trailing \"!\"");
- return(av - argv);
+ return av - argv;
}
static int
@@ -641,7 +650,7 @@
if (sn->negated)
matched = !matched;
}
- return(matched);
+ return matched;
}
static int
@@ -662,7 +671,7 @@
d = opendir(pathbuf);
if (d == NULL && errno != ENOTDIR) {
warning("cannot opendir %s", pathbuf);
- return(-1);
+ return -1;
}
while ((dp = readdir(d)) != NULL) {
if (NAMLEN(dp) != 2 || !isalnum((unsigned char)dp->d_name[0]) ||
@@ -747,7 +756,7 @@
printf("GROUP=%s ; ", li.runas_group);
printf("TSID=%s ; COMMAND=%s\n", idstr, li.cmd);
}
- return(0);
+ return 0;
}
static int
@@ -819,7 +828,7 @@
closedir(d2);
}
closedir(d1);
- return(0);
+ return 0;
}
/*
@@ -934,21 +943,39 @@
}
static void
-usage()
+usage(fatal)
+ int fatal;
{
- fprintf(stderr,
- "usage: %s [-d directory] [-m max_wait] [-s speed_factor] ID\n",
+ fprintf(fatal ? stderr : stdout,
+ "usage: %s [-h] [-d directory] [-f filter] [-m max_wait] [-s speed_factor] ID\n",
getprogname());
- fprintf(stderr,
- "usage: %s [-d directory] -l [search expression]\n",
+ fprintf(fatal ? stderr : stdout,
+ "usage: %s [-h] [-d directory] -l [search expression]\n",
getprogname());
- exit(1);
+ if (fatal)
+ exit(1);
}
+static void
+help()
+{
+ (void) printf("%s - replay sudo session logs\n\n", getprogname());
+ usage(0);
+ (void) puts("\nOptions:");
+ (void) puts(" -d directory specify directory for session logs");
+ (void) puts(" -f filter specify which I/O type to display");
+ (void) puts(" -h display help message and exit");
+ (void) puts(" -l [expression] list available session IDs that match expression");
+ (void) puts(" -m max_wait max number of seconds to wait between events");
+ (void) puts(" -s speed_factor speed up or slow down output");
+ (void) puts(" -V display version information and exit");
+ exit(0);
+}
+
/*
* Cleanup hook for error()/errorx()
*/
-void
+RETSIGTYPE
cleanup(signo)
int signo;
{
Modified: trunk/contrib/sudo/sudoreplay.cat
===================================================================
--- trunk/contrib/sudo/sudoreplay.cat 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudoreplay.cat 2014-10-02 03:20:49 UTC (rev 6803)
@@ -8,10 +8,10 @@
sudoreplay - replay sudo session logs
S�SY�YN�NO�OP�PS�SI�IS�S
- s�su�ud�do�or�re�ep�pl�la�ay�y [-�-d�d _�d_�i_�r_�e_�c_�t_�o_�r_�y] [-�-f�f _�f_�i_�l_�t_�e_�r] [-�-m�m _�m_�a_�x_�__�w_�a_�i_�t] [-�-s�s _�s_�p_�e_�e_�d_�__�f_�a_�c_�t_�o_�r]
- ID
+ s�su�ud�do�or�re�ep�pl�la�ay�y [-�-h�h] [-�-d�d _�d_�i_�r_�e_�c_�t_�o_�r_�y] [-�-f�f _�f_�i_�l_�t_�e_�r] [-�-m�m _�m_�a_�x_�__�w_�a_�i_�t] [-�-s�s
+ _�s_�p_�e_�e_�d_�__�f_�a_�c_�t_�o_�r] ID
- s�su�ud�do�or�re�ep�pl�la�ay�y [-�-d�d _�d_�i_�r_�e_�c_�t_�o_�r_�y] -l [search expression]
+ s�su�ud�do�or�re�ep�pl�la�ay�y [-�-h�h] [-�-d�d _�d_�i_�r_�e_�c_�t_�o_�r_�y] -l [search expression]
D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
s�su�ud�do�or�re�ep�pl�la�ay�y plays back or lists the session logs created by s�su�ud�do�o. When
@@ -47,29 +47,34 @@
_�f_�i_�l_�t_�e_�r argument is a comma-separated list, consisting of
one or more of following: _�s_�t_�d_�o_�u_�t, _�s_�t_�d_�e_�r_�r, and _�t_�t_�y_�o_�u_�t.
- -l Enable "list mode". In this mode, s�su�ud�do�or�re�ep�pl�la�ay�y will list
+ -h The -�-h�h (_�h_�e_�l_�p) option causes s�su�ud�do�or�re�ep�pl�la�ay�y to print a short
+ help message to the standard output and exit.
+
+ -l [_�s_�e_�a_�r_�c_�h _�e_�x_�p_�r_�e_�s_�s_�i_�o_�n]
+ Enable "list mode". In this mode, s�su�ud�do�or�re�ep�pl�la�ay�y will list
available session IDs. If a _�s_�e_�a_�r_�c_�h _�e_�x_�p_�r_�e_�s_�s_�i_�o_�n is
specified, it will be used to restrict the IDs that are
displayed. An expression is composed of the following
predicates:
- command _�c_�o_�m_�m_�a_�n_�d _�p_�a_�t_�t_�e_�r_�n
- Evaluates to true if the command run matches
- _�c_�o_�m_�m_�a_�n_�d _�p_�a_�t_�t_�e_�r_�n. On systems with POSIX regular
- expression support, the pattern may be an extended
- regular expression. On systems without POSIX
-1.7.4 July 12, 2010 1
+1.7.5rc1 February 21, 2011 1
+
SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m)
+ command _�c_�o_�m_�m_�a_�n_�d _�p_�a_�t_�t_�e_�r_�n
+ Evaluates to true if the command run matches
+ _�c_�o_�m_�m_�a_�n_�d _�p_�a_�t_�t_�e_�r_�n. On systems with POSIX regular
+ expression support, the pattern may be an extended
+ regular expression. On systems without POSIX
regular expression support, a simple substring
match is performed instead.
@@ -119,15 +124,10 @@
-m _�m_�a_�x_�__�w_�a_�i_�t Specify an upper bound on how long to wait between key
presses or output data. By default, s�su�ud�do�o_�_r�re�ep�pl�la�ay�y will
- accurately reproduce the delays between key presses or
- program output. However, this can be tedious when the
- session includes long pauses. When the _�-_�m option is
- specified, s�su�ud�do�or�re�ep�pl�la�ay�y will limit these pauses to at most
- _�m_�a_�x_�__�w_�a_�i_�t seconds. The value may be specified as a floating
-1.7.4 July 12, 2010 2
+1.7.5rc1 February 21, 2011 2
@@ -136,6 +136,11 @@
SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m)
+ accurately reproduce the delays between key presses or
+ program output. However, this can be tedious when the
+ session includes long pauses. When the _�-_�m option is
+ specified, s�su�ud�do�or�re�ep�pl�la�ay�y will limit these pauses to at most
+ _�m_�a_�x_�__�w_�a_�i_�t seconds. The value may be specified as a floating
point number, .e.g. _�2_�._�5.
-s _�s_�p_�e_�e_�d_�__�f_�a_�c_�t_�o_�r
@@ -186,22 +191,20 @@
2 hours ago
2 hours ago.
- next Friday
- The first second of the next Friday.
+1.7.5rc1 February 21, 2011 3
-1.7.4 July 12, 2010 3
+SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m)
+ next Friday
+ The first second of the next Friday.
-SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m)
-
-
this week
The current time but the first day of the coming week.
@@ -254,20 +257,19 @@
sudoreplay -l user millert
- List sessions run by user _�b_�o_�b with a command containing the string vi:
+1.7.5rc1 February 21, 2011 4
-1.7.4 July 12, 2010 4
+SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m)
-SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m)
+ List sessions run by user _�b_�o_�b with a command containing the string vi:
-
sudoreplay -l user bob command vi
List sessions run by user _�j_�e_�f_�f that match a regular expression:
@@ -323,8 +325,6 @@
+1.7.5rc1 February 21, 2011 5
-1.7.4 July 12, 2010 5
-
-
Deleted: trunk/contrib/sudo/sudoreplay.man
===================================================================
--- trunk/contrib/sudo/sudoreplay.man 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudoreplay.man 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,404 +0,0 @@
-.\" Copyright (c) 2009-2010 Todd C. Miller <Todd.Miller at courtesan.com>
-.\"
-.\" Permission to use, copy, modify, and distribute this software for any
-.\" purpose with or without fee is hereby granted, provided that the above
-.\" copyright notice and this permission notice appear in all copies.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-.\"
-.\" Automatically generated by Pod::Man 2.22 (Pod::Simple 3.07)
-.\"
-.\" Standard preamble:
-.\" ========================================================================
-.de Sp \" Vertical space (when we can't use .PP)
-.if t .sp .5v
-.if n .sp
-..
-.de Vb \" Begin verbatim text
-.ft CW
-.nf
-.ne \\$1
-..
-.de Ve \" End verbatim text
-.ft R
-.fi
-..
-.\" Set up some character translations and predefined strings. \*(-- will
-.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
-.\" double quote, and \*(R" will give a right double quote. \*(C+ will
-.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
-.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
-.\" nothing in troff, for use with C<>.
-.tr \(*W-
-.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
-.ie n \{\
-. ds -- \(*W-
-. ds PI pi
-. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
-. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
-. ds L" ""
-. ds R" ""
-. ds C`
-. ds C'
-'br\}
-.el\{\
-. ds -- \|\(em\|
-. ds PI \(*p
-. ds L" ``
-. ds R" ''
-'br\}
-.\"
-.\" Escape single quotes in literal strings from groff's Unicode transform.
-.ie \n(.g .ds Aq \(aq
-.el .ds Aq '
-.\"
-.\" If the F register is turned on, we'll generate index entries on stderr for
-.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
-.\" entries marked with X<> in POD. Of course, you'll have to process the
-.\" output yourself in some meaningful fashion.
-.ie \nF \{\
-. de IX
-. tm Index:\\$1\t\\n%\t"\\$2"
-..
-. nr % 0
-. rr F
-.\}
-.el \{\
-. de IX
-..
-.\}
-.\"
-.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
-.\" Fear. Run. Save yourself. No user-serviceable parts.
-. \" fudge factors for nroff and troff
-.if n \{\
-. ds #H 0
-. ds #V .8m
-. ds #F .3m
-. ds #[ \f1
-. ds #] \fP
-.\}
-.if t \{\
-. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
-. ds #V .6m
-. ds #F 0
-. ds #[ \&
-. ds #] \&
-.\}
-. \" simple accents for nroff and troff
-.if n \{\
-. ds ' \&
-. ds ` \&
-. ds ^ \&
-. ds , \&
-. ds ~ ~
-. ds /
-.\}
-.if t \{\
-. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
-. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
-. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
-. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
-. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
-. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
-.\}
-. \" troff and (daisy-wheel) nroff accents
-.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
-.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
-.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
-.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
-.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
-.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
-.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
-.ds ae a\h'-(\w'a'u*4/10)'e
-.ds Ae A\h'-(\w'A'u*4/10)'E
-. \" corrections for vroff
-.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
-.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
-. \" for low resolution devices (crt and lpr)
-.if \n(.H>23 .if \n(.V>19 \
-\{\
-. ds : e
-. ds 8 ss
-. ds o a
-. ds d- d\h'-1'\(ga
-. ds D- D\h'-1'\(hy
-. ds th \o'bp'
-. ds Th \o'LP'
-. ds ae ae
-. ds Ae AE
-.\}
-.rm #[ #] #H #V #F C
-.\" ========================================================================
-.\"
-.IX Title "SUDOREPLAY 8"
-.TH SUDOREPLAY 8 "July 12, 2010" "1.7.4" "MAINTENANCE COMMANDS"
-.\" For nroff, turn off justification. Always turn off hyphenation; it makes
-.\" way too many mistakes in technical documents.
-.if n .ad l
-.nh
-.SH "NAME"
-sudoreplay \- replay sudo session logs
-.SH "SYNOPSIS"
-.IX Header "SYNOPSIS"
-\&\fBsudoreplay\fR [\fB\-d\fR \fIdirectory\fR] [\fB\-f\fR \fIfilter\fR] [\fB\-m\fR \fImax_wait\fR] [\fB\-s\fR \fIspeed_factor\fR] \s-1ID\s0
-.PP
-\&\fBsudoreplay\fR [\fB\-d\fR \fIdirectory\fR] \-l [search expression]
-.SH "DESCRIPTION"
-.IX Header "DESCRIPTION"
-\&\fBsudoreplay\fR plays back or lists the session logs created by
-\&\fBsudo\fR. When replaying, \fBsudoreplay\fR can play the session back
-in real-time, or the playback speed may be adjusted (faster or
-slower) based on the command line options. The \fI\s-1ID\s0\fR should be
-a six character sequence of digits and upper case letters, e.g.
-0100A5, which is logged by \fBsudo\fR when a command is run with
-session logging enabled.
-.PP
-In list mode, \fBsudoreplay\fR can be used to find the \s-1ID\s0 of a session
-based on a number of criteria such as the user, tty or command run.
-.PP
-In replay mode, if the standard output has not been redirected,
-\&\fBsudoreplay\fR will act on the following keys:
-.IP "' ' (space)" 8
-.IX Item "' ' (space)"
-Pause output; press any key to resume.
-.IP "'<'" 8
-Reduce the playback speed by one half.
-.IP "'>'" 8
-Double the playback speed.
-.SH "OPTIONS"
-.IX Header "OPTIONS"
-\&\fBsudoreplay\fR accepts the following command line options:
-.IP "\-d \fIdirectory\fR" 12
-.IX Item "-d directory"
-Use \fIdirectory\fR to for the session logs instead of the default,
-\&\fI/var/log/sudo\-io\fR.
-.IP "\-f \fIfilter\fR" 12
-.IX Item "-f filter"
-By default, \fBsudoreplay\fR will play back the command's standard
-output, standard error and tty output. The \fI\-f\fR option can be
-used to select which of these to output. The \fIfilter\fR argument
-is a comma-separated list, consisting of one or more of following:
-\&\fIstdout\fR, \fIstderr\fR, and \fIttyout\fR.
-.IP "\-l" 12
-.IX Item "-l"
-Enable \*(L"list mode\*(R". In this mode, \fBsudoreplay\fR will list available
-session IDs. If a \fIsearch expression\fR is specified, it will be
-used to restrict the IDs that are displayed. An expression is
-composed of the following predicates:
-.RS 12
-.IP "command \fIcommand pattern\fR" 8
-.IX Item "command command pattern"
-Evaluates to true if the command run matches \fIcommand pattern\fR.
-On systems with \s-1POSIX\s0 regular expression support, the pattern may
-be an extended regular expression. On systems without \s-1POSIX\s0 regular
-expression support, a simple substring match is performed instead.
-.IP "cwd \fIdirectory\fR" 8
-.IX Item "cwd directory"
-Evaluates to true if the command was run with the specified current
-working directory.
-.IP "fromdate \fIdate\fR" 8
-.IX Item "fromdate date"
-Evaluates to true if the command was run on or after \fIdate\fR.
-See \*(L"Date and time format\*(R" for a description of supported
-date and time formats.
-.IP "group \fIrunas_group\fR" 8
-.IX Item "group runas_group"
-Evaluates to true if the command was run with the specified
-\&\fIrunas_group\fR. Note that unless a \fIrunas_group\fR was explicitly
-specified when \fBsudo\fR was run this field will be empty in the log.
-.IP "runas \fIrunas_user\fR" 8
-.IX Item "runas runas_user"
-Evaluates to true if the command was run as the specified \fIrunas_user\fR.
-Note that \fBsudo\fR runs commands as user \fIroot\fR by default.
-.IP "todate \fIdate\fR" 8
-.IX Item "todate date"
-Evaluates to true if the command was run on or prior to \fIdate\fR.
-See \*(L"Date and time format\*(R" for a description of supported
-date and time formats.
-.IP "tty \fItty\fR" 8
-.IX Item "tty tty"
-Evaluates to true if the command was run on the specified terminal
-device. The \fItty\fR should be specified without the \fI/dev/\fR prefix,
-e.g. \fItty01\fR instead of \fI/dev/tty01\fR.
-.IP "user \fIuser name\fR" 8
-.IX Item "user user name"
-Evaluates to true if the \s-1ID\s0 matches a command run by \fIuser name\fR.
-.RE
-.RS 12
-.Sp
-Predicates may be abbreviated to the shortest unique string (currently
-all predicates may be shortened to a single character).
-.Sp
-Predicates may be combined using \fIand\fR, \fIor\fR and \fI!\fR operators
-as well as \f(CW\*(Aq(\*(Aq\fR and \f(CW\*(Aq)\*(Aq\fR for grouping (note that parentheses
-must generally be escaped from the shell). The \fIand\fR operator is
-optional, adjacent predicates have an implied \fIand\fR unless separated
-by an \fIor\fR.
-.RE
-.IP "\-m \fImax_wait\fR" 12
-.IX Item "-m max_wait"
-Specify an upper bound on how long to wait between key presses or
-output data. By default, \fBsudo_replay\fR will accurately reproduce
-the delays between key presses or program output. However, this
-can be tedious when the session includes long pauses. When the
-\&\fI\-m\fR option is specified, \fBsudoreplay\fR will limit these pauses
-to at most \fImax_wait\fR seconds. The value may be specified as a
-floating point number, .e.g. \fI2.5\fR.
-.IP "\-s \fIspeed_factor\fR" 12
-.IX Item "-s speed_factor"
-This option causes \fBsudoreplay\fR to adjust the number of seconds
-it will wait between key presses or program output. This can be
-used to slow down or speed up the display. For example, a
-\&\fIspeed_factor\fR of \fI2\fR would make the output twice as fast whereas
-a \fIspeed_factor\fR of <.5> would make the output twice as slow.
-.IP "\-V" 12
-.IX Item "-V"
-The \fB\-V\fR (version) option causes \fBsudoreplay\fR to print its version number
-and exit.
-.SS "Date and time format"
-.IX Subsection "Date and time format"
-The time and date may be specified multiple ways, common formats include:
-.IP "\s-1HH:MM:SS\s0 am \s-1MM/DD/CCYY\s0 timezone" 8
-.IX Item "HH:MM:SS am MM/DD/CCYY timezone"
-24 hour time may be used in place of am/pm.
-.IP "\s-1HH:MM:SS\s0 am Month, Day Year timezone" 8
-.IX Item "HH:MM:SS am Month, Day Year timezone"
-24 hour time may be used in place of am/pm, and month and day names
-may be abbreviated. Note that month and day of the week names must
-be specified in English.
-.IP "CCYY-MM-DD \s-1HH:MM:SS\s0" 8
-.IX Item "CCYY-MM-DD HH:MM:SS"
-\&\s-1ISO\s0 time format
-.IP "\s-1DD\s0 Month \s-1CCYY\s0 \s-1HH:MM:SS\s0" 8
-.IX Item "DD Month CCYY HH:MM:SS"
-The month name may be abbreviated.
-.PP
-Either time or date may be omitted, the am/pm and timezone are
-optional. If no date is specified, the current day is assumed; if
-no time is specified, the first second of the specified date is
-used. The less significant parts of both time and date may also
-be omitted, in which case zero is assumed. For example, the following
-are all valid:
-.PP
-The following are all valid time and date specifications:
-.IP "now" 8
-.IX Item "now"
-The current time and date.
-.IP "tomorrow" 8
-.IX Item "tomorrow"
-Exactly one day from now.
-.IP "yesterday" 8
-.IX Item "yesterday"
-24 hours ago.
-.IP "2 hours ago" 8
-.IX Item "2 hours ago"
-2 hours ago.
-.IP "next Friday" 8
-.IX Item "next Friday"
-The first second of the next Friday.
-.IP "this week" 8
-.IX Item "this week"
-The current time but the first day of the coming week.
-.IP "a fortnight ago" 8
-.IX Item "a fortnight ago"
-The current time but 14 days ago.
-.IP "10:01 am 9/17/2009" 8
-.IX Item "10:01 am 9/17/2009"
-10:01 am, September 17, 2009.
-.IP "10:01 am" 8
-.IX Item "10:01 am"
-10:01 am on the current day.
-.IP "10" 8
-.IX Item "10"
-10:00 am on the current day.
-.IP "9/17/2009" 8
-.IX Item "9/17/2009"
-00:00 am, September 17, 2009.
-.IP "10:01 am Sep 17, 2009" 8
-.IX Item "10:01 am Sep 17, 2009"
-10:01 am, September 17, 2009.
-.SH "FILES"
-.IX Header "FILES"
-.IP "\fI/var/log/sudo\-io\fR" 24
-.IX Item "/var/log/sudo-io"
-The default I/O log directory.
-.IP "\fI/var/log/sudo\-io/00/00/01/log\fR" 24
-.IX Item "/var/log/sudo-io/00/00/01/log"
-Example session log info.
-.IP "\fI/var/log/sudo\-io/00/00/01/stdin\fR" 24
-.IX Item "/var/log/sudo-io/00/00/01/stdin"
-Example session standard input log.
-.IP "\fI/var/log/sudo\-io/00/00/01/stdout\fR" 24
-.IX Item "/var/log/sudo-io/00/00/01/stdout"
-Example session standard output log.
-.IP "\fI/var/log/sudo\-io/00/00/01/stderr\fR" 24
-.IX Item "/var/log/sudo-io/00/00/01/stderr"
-Example session standard error log.
-.IP "\fI/var/log/sudo\-io/00/00/01/ttyin\fR" 24
-.IX Item "/var/log/sudo-io/00/00/01/ttyin"
-Example session tty input file.
-.IP "\fI/var/log/sudo\-io/00/00/01/ttyout\fR" 24
-.IX Item "/var/log/sudo-io/00/00/01/ttyout"
-Example session tty output file.
-.IP "\fI/var/log/sudo\-io/00/00/01/timing\fR" 24
-.IX Item "/var/log/sudo-io/00/00/01/timing"
-Example session timing file.
-.PP
-Note that the \fIstdin\fR, \fIstdout\fR and \fIstderr\fR files will be empty
-unless \fBsudo\fR was used as part of a pipeline for a particular
-command.
-.SH "EXAMPLES"
-.IX Header "EXAMPLES"
-List sessions run by user \fImillert\fR:
-.PP
-.Vb 1
-\& sudoreplay \-l user millert
-.Ve
-.PP
-List sessions run by user \fIbob\fR with a command containing the string vi:
-.PP
-.Vb 1
-\& sudoreplay \-l user bob command vi
-.Ve
-.PP
-List sessions run by user \fIjeff\fR that match a regular expression:
-.PP
-.Vb 1
-\& sudoreplay \-l user jeff command \*(Aq/bin/[a\-z]*sh\*(Aq
-.Ve
-.PP
-List sessions run by jeff or bob on the console:
-.PP
-.Vb 1
-\& sudoreplay \-l ( user jeff or user bob ) tty console
-.Ve
-.SH "SEE ALSO"
-.IX Header "SEE ALSO"
-\&\fIsudo\fR\|(8), \fIscript\fR\|(1)
-.SH "AUTHOR"
-.IX Header "AUTHOR"
-Todd C. Miller
-.SH "BUGS"
-.IX Header "BUGS"
-If you feel you have found a bug in \fBsudoreplay\fR, please submit a bug report
-at http://www.sudo.ws/sudo/bugs/
-.SH "SUPPORT"
-.IX Header "SUPPORT"
-Limited free support is available via the sudo-users mailing list,
-see http://www.sudo.ws/mailman/listinfo/sudo\-users to subscribe or
-search the archives.
-.SH "DISCLAIMER"
-.IX Header "DISCLAIMER"
-\&\fBsudoreplay\fR is provided ``\s-1AS\s0 \s-1IS\s0'' and any express or implied warranties,
-including, but not limited to, the implied warranties of merchantability
-and fitness for a particular purpose are disclaimed. See the \s-1LICENSE\s0
-file distributed with \fBsudo\fR or http://www.sudo.ws/sudo/license.html
-for complete details.
Modified: trunk/contrib/sudo/sudoreplay.man.in
===================================================================
--- trunk/contrib/sudo/sudoreplay.man.in 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudoreplay.man.in 2014-10-02 03:20:49 UTC (rev 6803)
@@ -13,7 +13,7 @@
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" Automatically generated by Pod::Man 2.22 (Pod::Simple 3.07)
+.\" Automatically generated by Pod::Man 2.23 (Pod::Simple 3.14)
.\"
.\" Standard preamble:
.\" ========================================================================
@@ -139,7 +139,7 @@
.\" ========================================================================
.\"
.IX Title "SUDOREPLAY @mansectsu@"
-.TH SUDOREPLAY @mansectsu@ "July 12, 2010" "1.7.4" "MAINTENANCE COMMANDS"
+.TH SUDOREPLAY @mansectsu@ "February 21, 2011" "1.7.5rc1" "MAINTENANCE COMMANDS"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@@ -148,9 +148,9 @@
sudoreplay \- replay sudo session logs
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
-\&\fBsudoreplay\fR [\fB\-d\fR \fIdirectory\fR] [\fB\-f\fR \fIfilter\fR] [\fB\-m\fR \fImax_wait\fR] [\fB\-s\fR \fIspeed_factor\fR] \s-1ID\s0
+\&\fBsudoreplay\fR [\fB\-h\fR] [\fB\-d\fR \fIdirectory\fR] [\fB\-f\fR \fIfilter\fR] [\fB\-m\fR \fImax_wait\fR] [\fB\-s\fR \fIspeed_factor\fR] \s-1ID\s0
.PP
-\&\fBsudoreplay\fR [\fB\-d\fR \fIdirectory\fR] \-l [search expression]
+\&\fBsudoreplay\fR [\fB\-h\fR] [\fB\-d\fR \fIdirectory\fR] \-l [search expression]
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
\&\fBsudoreplay\fR plays back or lists the session logs created by
@@ -187,8 +187,12 @@
used to select which of these to output. The \fIfilter\fR argument
is a comma-separated list, consisting of one or more of following:
\&\fIstdout\fR, \fIstderr\fR, and \fIttyout\fR.
-.IP "\-l" 12
-.IX Item "-l"
+.IP "\-h" 12
+.IX Item "-h"
+The \fB\-h\fR (\fIhelp\fR) option causes \fBsudoreplay\fR to print a short
+help message to the standard output and exit.
+.IP "\-l [\fIsearch expression\fR]" 12
+.IX Item "-l [search expression]"
Enable \*(L"list mode\*(R". In this mode, \fBsudoreplay\fR will list available
session IDs. If a \fIsearch expression\fR is specified, it will be
used to restrict the IDs that are displayed. An expression is
Deleted: trunk/contrib/sudo/sudoreplay.pod
===================================================================
--- trunk/contrib/sudo/sudoreplay.pod 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/sudoreplay.pod 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,341 +0,0 @@
-Copyright (c) 2009-2010 Todd C. Miller <Todd.Miller at courtesan.com>
-
-Permission to use, copy, modify, and distribute this software for any
-purpose with or without fee is hereby granted, provided that the above
-copyright notice and this permission notice appear in all copies.
-
-THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-=pod
-
-=head1 NAME
-
-sudoreplay - replay sudo session logs
-
-=head1 SYNOPSIS
-
-B<sudoreplay> [B<-d> I<directory>] [B<-f> I<filter>] [B<-m> I<max_wait>] [B<-s> I<speed_factor>] ID
-
-B<sudoreplay> [B<-d> I<directory>] -l [search expression]
-
-=head1 DESCRIPTION
-
-B<sudoreplay> plays back or lists the session logs created by
-B<sudo>. When replaying, B<sudoreplay> can play the session back
-in real-time, or the playback speed may be adjusted (faster or
-slower) based on the command line options. The I<ID> should be
-a six character sequence of digits and upper case letters, e.g.
-0100A5, which is logged by B<sudo> when a command is run with
-session logging enabled.
-
-In list mode, B<sudoreplay> can be used to find the ID of a session
-based on a number of criteria such as the user, tty or command run.
-
-In replay mode, if the standard output has not been redirected,
-B<sudoreplay> will act on the following keys:
-
-=over 8
-
-=item ' ' (space)
-
-Pause output; press any key to resume.
-
-=item '<'
-
-Reduce the playback speed by one half.
-
-=item '>'
-
-Double the playback speed.
-
-=back
-
-=head1 OPTIONS
-
-B<sudoreplay> accepts the following command line options:
-
-=over 12
-
-=item -d I<directory>
-
-Use I<directory> to for the session logs instead of the default,
-F</var/log/sudo-io>.
-
-=item -f I<filter>
-
-By default, B<sudoreplay> will play back the command's standard
-output, standard error and tty output. The I<-f> option can be
-used to select which of these to output. The I<filter> argument
-is a comma-separated list, consisting of one or more of following:
-I<stdout>, I<stderr>, and I<ttyout>.
-
-=item -l
-
-Enable "list mode". In this mode, B<sudoreplay> will list available
-session IDs. If a I<search expression> is specified, it will be
-used to restrict the IDs that are displayed. An expression is
-composed of the following predicates:
-
-=over 8
-
-=item command I<command pattern>
-
-Evaluates to true if the command run matches I<command pattern>.
-On systems with POSIX regular expression support, the pattern may
-be an extended regular expression. On systems without POSIX regular
-expression support, a simple substring match is performed instead.
-
-=item cwd I<directory>
-
-Evaluates to true if the command was run with the specified current
-working directory.
-
-=item fromdate I<date>
-
-Evaluates to true if the command was run on or after I<date>.
-See L<"Date and time format"> for a description of supported
-date and time formats.
-
-=item group I<runas_group>
-
-Evaluates to true if the command was run with the specified
-I<runas_group>. Note that unless a I<runas_group> was explicitly
-specified when B<sudo> was run this field will be empty in the log.
-
-=item runas I<runas_user>
-
-Evaluates to true if the command was run as the specified I<runas_user>.
-Note that B<sudo> runs commands as user I<root> by default.
-
-=item todate I<date>
-
-Evaluates to true if the command was run on or prior to I<date>.
-See L<"Date and time format"> for a description of supported
-date and time formats.
-
-=item tty I<tty>
-
-Evaluates to true if the command was run on the specified terminal
-device. The I<tty> should be specified without the F</dev/> prefix,
-e.g. F<tty01> instead of F</dev/tty01>.
-
-=item user I<user name>
-
-Evaluates to true if the ID matches a command run by I<user name>.
-
-=back
-
-Predicates may be abbreviated to the shortest unique string (currently
-all predicates may be shortened to a single character).
-
-Predicates may be combined using I<and>, I<or> and I<!> operators
-as well as C<'('> and C<')'> for grouping (note that parentheses
-must generally be escaped from the shell). The I<and> operator is
-optional, adjacent predicates have an implied I<and> unless separated
-by an I<or>.
-
-=item -m I<max_wait>
-
-Specify an upper bound on how long to wait between key presses or
-output data. By default, B<sudo_replay> will accurately reproduce
-the delays between key presses or program output. However, this
-can be tedious when the session includes long pauses. When the
-I<-m> option is specified, B<sudoreplay> will limit these pauses
-to at most I<max_wait> seconds. The value may be specified as a
-floating point number, .e.g. I<2.5>.
-
-=item -s I<speed_factor>
-
-This option causes B<sudoreplay> to adjust the number of seconds
-it will wait between key presses or program output. This can be
-used to slow down or speed up the display. For example, a
-I<speed_factor> of I<2> would make the output twice as fast whereas
-a I<speed_factor> of <.5> would make the output twice as slow.
-
-=item -V
-
-The B<-V> (version) option causes B<sudoreplay> to print its version number
-and exit.
-
-=back
-
-=head2 Date and time format
-
-The time and date may be specified multiple ways, common formats include:
-
-=over 8
-
-=item HH:MM:SS am MM/DD/CCYY timezone
-
-24 hour time may be used in place of am/pm.
-
-=item HH:MM:SS am Month, Day Year timezone
-
-24 hour time may be used in place of am/pm, and month and day names
-may be abbreviated. Note that month and day of the week names must
-be specified in English.
-
-=item CCYY-MM-DD HH:MM:SS
-
-ISO time format
-
-=item DD Month CCYY HH:MM:SS
-
-The month name may be abbreviated.
-
-=back
-
-Either time or date may be omitted, the am/pm and timezone are
-optional. If no date is specified, the current day is assumed; if
-no time is specified, the first second of the specified date is
-used. The less significant parts of both time and date may also
-be omitted, in which case zero is assumed. For example, the following
-are all valid:
-
-The following are all valid time and date specifications:
-
-=over 8
-
-=item now
-
-The current time and date.
-
-=item tomorrow
-
-Exactly one day from now.
-
-=item yesterday
-
-24 hours ago.
-
-=item 2 hours ago
-
-2 hours ago.
-
-=item next Friday
-
-The first second of the next Friday.
-
-=item this week
-
-The current time but the first day of the coming week.
-
-=item a fortnight ago
-
-The current time but 14 days ago.
-
-=item 10:01 am 9/17/2009
-
-10:01 am, September 17, 2009.
-
-=item 10:01 am
-
-10:01 am on the current day.
-
-=item 10
-
-10:00 am on the current day.
-
-=item 9/17/2009
-
-00:00 am, September 17, 2009.
-
-=item 10:01 am Sep 17, 2009
-
-10:01 am, September 17, 2009.
-
-=back
-
-=head1 FILES
-
-=over 24
-
-=item F</var/log/sudo-io>
-
-The default I/O log directory.
-
-=item F</var/log/sudo-io/00/00/01/log>
-
-Example session log info.
-
-=item F</var/log/sudo-io/00/00/01/stdin>
-
-Example session standard input log.
-
-=item F</var/log/sudo-io/00/00/01/stdout>
-
-Example session standard output log.
-
-=item F</var/log/sudo-io/00/00/01/stderr>
-
-Example session standard error log.
-
-=item F</var/log/sudo-io/00/00/01/ttyin>
-
-Example session tty input file.
-
-=item F</var/log/sudo-io/00/00/01/ttyout>
-
-Example session tty output file.
-
-=item F</var/log/sudo-io/00/00/01/timing>
-
-Example session timing file.
-
-=back
-
-Note that the I<stdin>, I<stdout> and I<stderr> files will be empty
-unless B<sudo> was used as part of a pipeline for a particular
-command.
-
-=head1 EXAMPLES
-
-List sessions run by user I<millert>:
-
- sudoreplay -l user millert
-
-List sessions run by user I<bob> with a command containing the string vi:
-
- sudoreplay -l user bob command vi
-
-List sessions run by user I<jeff> that match a regular expression:
-
- sudoreplay -l user jeff command '/bin/[a-z]*sh'
-
-List sessions run by jeff or bob on the console:
-
- sudoreplay -l ( user jeff or user bob ) tty console
-
-=head1 SEE ALSO
-
-L<sudo(8)>, L<script(1)>
-
-=head1 AUTHOR
-
-Todd C. Miller
-
-=head1 BUGS
-
-If you feel you have found a bug in B<sudoreplay>, please submit a bug report
-at http://www.sudo.ws/sudo/bugs/
-
-=head1 SUPPORT
-
-Limited free support is available via the sudo-users mailing list,
-see http://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or
-search the archives.
-
-=head1 DISCLAIMER
-
-B<sudoreplay> is provided ``AS IS'' and any express or implied warranties,
-including, but not limited to, the implied warranties of merchantability
-and fitness for a particular purpose are disclaimed. See the LICENSE
-file distributed with B<sudo> or http://www.sudo.ws/sudo/license.html
-for complete details.
Modified: trunk/contrib/sudo/term.c
===================================================================
--- trunk/contrib/sudo/term.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/term.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2009-2010 Todd C. Miller <Todd.Miller at courtesan.com>
+ * Copyright (c) 2009-2011 Todd C. Miller <Todd.Miller at courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -112,10 +112,10 @@
int flags = TCSASOFT;
flags |= flush ? TCSAFLUSH : TCSADRAIN;
if (tcsetattr(fd, flags, &oterm) != 0)
- return(0);
+ return 0;
changed = 0;
}
- return(1);
+ return 1;
}
int
@@ -123,7 +123,7 @@
int fd;
{
if (!changed && tcgetattr(fd, &oterm) != 0)
- return(0);
+ return 0;
(void) memcpy(&term, &oterm, sizeof(term));
CLR(term.c_lflag, ECHO|ECHONL);
#ifdef VSTATUS
@@ -131,9 +131,9 @@
#endif
if (tcsetattr(fd, TCSADRAIN|TCSASOFT, &term) == 0) {
changed = 1;
- return(1);
+ return 1;
}
- return(0);
+ return 0;
}
#if defined(HAVE_TERMIOS_H) || defined(HAVE_TERMIO_H)
@@ -146,7 +146,7 @@
struct termios term;
if (!changed && tcgetattr(fd, &oterm) != 0)
- return(0);
+ return 0;
(void) memcpy(&term, &oterm, sizeof(term));
/* Set terminal to raw mode */
term.c_cc[VMIN] = 1;
@@ -158,9 +158,9 @@
SET(term.c_lflag, ISIG);
if (tcsetattr(fd, TCSADRAIN|TCSASOFT, &term) == 0) {
changed = 1;
- return(1);
+ return 1;
}
- return(0);
+ return 0;
}
int
@@ -168,7 +168,7 @@
int fd;
{
if (!changed && tcgetattr(fd, &oterm) != 0)
- return(0);
+ return 0;
(void) memcpy(&term, &oterm, sizeof(term));
/* Set terminal to half-cooked mode */
term.c_cc[VMIN] = 1;
@@ -182,9 +182,9 @@
term_erase = term.c_cc[VERASE];
term_kill = term.c_cc[VKILL];
changed = 1;
- return(1);
+ return 1;
}
- return(0);
+ return 0;
}
int
@@ -195,11 +195,11 @@
struct termios tt;
if (tcgetattr(src, &tt) != 0)
- return(0);
+ return 0;
/* XXX - add TCSANOW compat define */
if (tcsetattr(dst, TCSANOW|TCSASOFT, &tt) != 0)
- return(0);
- return(1);
+ return 0;
+ return 1;
}
#else /* SGTTY */
@@ -210,7 +210,7 @@
int isig;
{
if (!changed && ioctl(fd, TIOCGETP, &oterm) != 0)
- return(0);
+ return 0;
(void) memcpy(&term, &oterm, sizeof(term));
/* Set terminal to raw mode */
/* XXX - how to support isig? */
@@ -218,9 +218,9 @@
SET(term.sg_flags, RAW);
if (ioctl(fd, TIOCSETP, &term) == 0) {
changed = 1;
- return(1);
+ return 1;
}
- return(0);
+ return 0;
}
int
@@ -228,7 +228,7 @@
int fd;
{
if (!changed && ioctl(fd, TIOCGETP, &oterm) != 0)
- return(0);
+ return 0;
(void) memcpy(&term, &oterm, sizeof(term));
/* Set terminal to half-cooked mode */
CLR(term.c_lflag, ECHO);
@@ -237,9 +237,9 @@
term_erase = term.sg_erase;
term_kill = term.sg_kill;
changed = 1;
- return(1);
+ return 1;
}
- return(0);
+ return 0;
}
int
@@ -255,14 +255,14 @@
if (ioctl(src, TIOCGETP, &b) != 0 || ioctl(src, TIOCGETC, &tc) != 0 ||
ioctl(src, TIOCGETD, &l) != 0 || ioctl(src, TIOCGLTC, &lc) != 0 ||
ioctl(src, TIOCLGET, &lb)) {
- return(0);
+ return 0;
}
if (ioctl(dst, TIOCSETP, &b) != 0 || ioctl(dst, TIOCSETC, &tc) != 0 ||
ioctl(dst, TIOCSLTC, &lc) != 0 || ioctl(dst, TIOCLSET, &lb) != 0 ||
ioctl(dst, TIOCSETD, &l) != 0) {
- return(0);
+ return 0;
}
- return(1);
+ return 1;
}
#endif
Modified: trunk/contrib/sudo/testsudoers.c
===================================================================
--- trunk/contrib/sudo/testsudoers.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/testsudoers.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -60,6 +60,7 @@
#include <arpa/inet.h>
#include <netdb.h>
+#include "tsgetgrpw.h"
#include "sudo.h"
#include "interfaces.h"
#include "parse.h"
@@ -100,19 +101,6 @@
void set_runasgr __P((char *));
void set_runaspw __P((char *));
-extern void setgrfile __P((const char *));
-extern void setgrent __P((void));
-extern void endgrent __P((void));
-extern struct group *getgrent __P((void));
-extern struct group *getgrnam __P((const char *));
-extern struct group *getgrgid __P((gid_t));
-extern void setpwfile __P((const char *));
-extern void setpwent __P((void));
-extern void endpwent __P((void));
-extern struct passwd *getpwent __P((void));
-extern struct passwd *getpwnam __P((const char *));
-extern struct passwd *getpwuid __P((uid_t));
-
int
main(argc, argv)
int argc;
@@ -337,7 +325,7 @@
sudo_getepw(pw)
const struct passwd *pw;
{
- return (pw->pw_passwd);
+ return pw->pw_passwd;
}
void
@@ -352,7 +340,7 @@
int isdir;
int *keepopen;
{
- return(fopen(path, "r"));
+ return fopen(path, "r");
}
void
@@ -365,7 +353,7 @@
set_perms(perm)
int perm;
{
- return(1);
+ return 1;
}
void
@@ -465,7 +453,7 @@
fputs(m->name, stdout);
}
putchar('\n');
- return(0);
+ return 0;
}
void
Modified: trunk/contrib/sudo/tgetpass.c
===================================================================
--- trunk/contrib/sudo/tgetpass.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/tgetpass.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -57,7 +57,7 @@
static volatile sig_atomic_t signo[NSIG];
-static void handler __P((int));
+static RETSIGTYPE handler __P((int));
static char *getln __P((int, char *, size_t, int));
static char *sudo_askpass __P((const char *));
@@ -80,7 +80,7 @@
/* If using a helper program to get the password, run it instead. */
if (ISSET(flags, TGP_ASKPASS) && user_askpass)
- return(sudo_askpass(prompt));
+ return sudo_askpass(prompt);
restart:
for (i = 0; i < NSIG; i++)
@@ -127,8 +127,10 @@
sa.sa_handler = SIG_IGN;
(void) sigaction(SIGPIPE, &sa, &savepipe);
- if (prompt)
- (void) write(output, prompt, strlen(prompt));
+ if (prompt) {
+ if (write(output, prompt, strlen(prompt)) == -1)
+ goto restore;
+ }
if (timeout > 0)
alarm(timeout);
@@ -136,9 +138,12 @@
alarm(0);
save_errno = errno;
- if (neednl || pass == NULL)
- (void) write(output, "\n", 1);
+ if (neednl || pass == NULL) {
+ if (write(output, "\n", 1) == -1)
+ goto restore;
+ }
+restore:
/* Restore old tty settings and signals. */
if (!ISSET(flags, TGP_ECHO))
term_restore(input, 1);
@@ -175,7 +180,7 @@
if (save_errno)
errno = save_errno;
- return(pass);
+ return pass;
}
/*
@@ -223,7 +228,7 @@
(void) close(pfd[0]);
(void) sigaction(SIGPIPE, &saved_sa_pipe, NULL);
- return(pass);
+ return pass;
}
extern int term_erase, term_kill;
@@ -242,7 +247,7 @@
if (left == 0) {
errno = EINVAL;
- return(NULL); /* sanity */
+ return NULL; /* sanity */
}
while (--left) {
@@ -252,7 +257,8 @@
if (feedback) {
if (c == term_kill) {
while (cp > buf) {
- (void) write(fd, "\b \b", 3);
+ if (write(fd, "\b \b", 3) == -1)
+ break;
--cp;
}
left = bufsiz;
@@ -259,13 +265,15 @@
continue;
} else if (c == term_erase) {
if (cp > buf) {
- (void) write(fd, "\b \b", 3);
+ if (write(fd, "\b \b", 3) == -1)
+ break;
--cp;
left++;
}
continue;
}
- (void) write(fd, "*", 1);
+ if (write(fd, "*", 1) == -1)
+ /* shut up glibc */;
}
*cp++ = c;
}
@@ -273,15 +281,16 @@
if (feedback) {
/* erase stars */
while (cp > buf) {
- (void) write(fd, "\b \b", 3);
+ if (write(fd, "\b \b", 3) == -1)
+ break;
--cp;
}
}
- return(nr == 1 ? buf : NULL);
+ return nr == 1 ? buf : NULL;
}
-static void
+static RETSIGTYPE
handler(s)
int s;
{
@@ -296,5 +305,5 @@
if ((fd = open(_PATH_TTY, O_RDWR|O_NOCTTY)) != -1)
close(fd);
- return(fd != -1);
+ return fd != -1;
}
Modified: trunk/contrib/sudo/timestr.c
===================================================================
--- trunk/contrib/sudo/timestr.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/timestr.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -28,7 +28,7 @@
#endif /* STDC_HEADERS */
#include <time.h>
-#include "compat.h"
+#include "missing.h"
char *get_timestr __P((time_t, int));
@@ -55,7 +55,7 @@
/* strftime() does not guarantee to NUL-terminate so we must check. */
buf[sizeof(buf) - 1] = '\0';
if (strftime(buf, sizeof(buf), s, timeptr) && buf[sizeof(buf) - 1] == '\0')
- return(buf);
+ return buf;
#endif /* HAVE_STRFTIME */
@@ -65,5 +65,5 @@
else
s[15] = '\0'; /* don't care about year */
- return(s);
+ return s;
}
Modified: trunk/contrib/sudo/toke.c
===================================================================
--- trunk/contrib/sudo/toke.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/toke.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,9 +1,10 @@
+#include <config.h>
/* $OpenBSD: flex.skl,v 1.11 2010/08/04 18:24:50 millert Exp $ */
/* A lexical scanner generated by flex */
/* Scanner skeleton version:
- * $Header: /home/cvs/src/contrib/sudo/toke.c,v 1.2 2011-01-20 22:18:06 laffer1 Exp $
+ * $Header: /home/cvs/openbsd/src/usr.bin/lex/flex.skl,v 1.11 2010/08/04 18:24:50 millert Exp $
*/
#define FLEX_SCANNER
@@ -290,74 +291,72 @@
#define YY_NUM_RULES 54
#define YY_END_OF_BUFFER 55
-static yyconst short int yy_accept[593] =
+static yyconst short int yy_accept[588] =
{ 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 55, 42, 50, 49, 48, 42, 53, 42,
+ 0, 0, 55, 42, 50, 49, 48, 53, 53, 42,
43, 44, 42, 45, 42, 42, 42, 42, 47, 46,
- 53, 37, 37, 37, 37, 37, 37, 37, 53, 42,
- 42, 50, 53, 37, 37, 37, 37, 37, 1, 53,
+ 37, 37, 37, 37, 37, 37, 37, 53, 42, 42,
+ 50, 41, 53, 37, 37, 37, 37, 37, 1, 53,
42, 42, 16, 15, 16, 15, 15, 53, 53, 53,
2, 8, 7, 8, 3, 8, 4, 53, 12, 12,
- 12, 10, 11, 42, 0, 50, 48, 42, 0, 0,
- 0, 52, 0, 42, 32, 0, 0, 31, 0, 40,
- 40, 0, 42, 42, 0, 42, 42, 42, 42, 0,
+ 12, 10, 11, 42, 0, 50, 48, 0, 52, 0,
+ 42, 32, 0, 0, 31, 0, 40, 40, 0, 42,
+ 42, 0, 42, 42, 42, 42, 0, 35, 37, 37,
- 35, 37, 37, 37, 37, 37, 37, 37, 42, 51,
- 42, 50, 0, 0, 0, 0, 0, 0, 42, 42,
- 42, 42, 42, 1, 0, 38, 38, 0, 42, 16,
- 16, 14, 13, 14, 0, 0, 2, 8, 0, 5,
- 6, 8, 8, 12, 0, 12, 12, 0, 9, 41,
- 41, 0, 0, 32, 0, 0, 42, 42, 42, 42,
- 42, 0, 0, 35, 35, 37, 37, 37, 37, 37,
- 37, 37, 37, 37, 42, 0, 0, 0, 0, 0,
- 0, 42, 42, 42, 42, 42, 0, 42, 9, 0,
- 42, 42, 42, 42, 42, 42, 0, 36, 36, 36,
-
- 0, 0, 35, 35, 35, 35, 35, 35, 35, 37,
- 37, 37, 37, 37, 37, 37, 37, 37, 42, 0,
+ 37, 37, 37, 37, 37, 42, 51, 42, 50, 0,
0, 0, 0, 0, 0, 42, 42, 42, 42, 42,
- 42, 42, 0, 0, 36, 36, 36, 0, 35, 35,
- 0, 35, 35, 35, 35, 35, 35, 35, 35, 35,
- 35, 35, 0, 24, 37, 37, 37, 37, 37, 37,
- 37, 37, 42, 0, 0, 0, 0, 42, 42, 42,
- 42, 42, 42, 42, 42, 0, 36, 0, 35, 35,
- 35, 0, 0, 0, 35, 35, 35, 35, 35, 35,
- 35, 35, 35, 35, 35, 35, 35, 37, 37, 37,
+ 1, 0, 38, 38, 0, 42, 16, 16, 14, 13,
+ 14, 0, 0, 2, 8, 0, 5, 6, 8, 8,
+ 12, 0, 12, 12, 0, 9, 0, 0, 32, 0,
+ 0, 42, 42, 42, 42, 42, 0, 0, 35, 35,
+ 37, 37, 37, 37, 37, 37, 37, 37, 37, 42,
+ 0, 0, 0, 0, 0, 0, 42, 42, 42, 42,
+ 42, 0, 42, 9, 0, 42, 42, 42, 42, 42,
+ 42, 0, 36, 36, 36, 0, 0, 35, 35, 35,
- 37, 37, 37, 37, 37, 42, 0, 0, 0, 42,
- 42, 42, 33, 33, 33, 0, 0, 35, 35, 35,
- 35, 35, 35, 35, 0, 0, 0, 0, 0, 35,
+ 35, 35, 35, 35, 37, 37, 37, 37, 37, 37,
+ 37, 37, 37, 42, 0, 0, 0, 0, 0, 0,
+ 42, 42, 42, 42, 42, 42, 42, 0, 0, 36,
+ 36, 36, 0, 35, 35, 0, 35, 35, 35, 35,
+ 35, 35, 35, 35, 35, 35, 35, 0, 24, 37,
+ 37, 37, 37, 37, 37, 37, 37, 42, 0, 0,
+ 0, 0, 42, 42, 42, 42, 42, 42, 42, 42,
+ 0, 36, 0, 35, 35, 35, 0, 0, 0, 35,
35, 35, 35, 35, 35, 35, 35, 35, 35, 35,
- 35, 35, 35, 37, 37, 0, 23, 37, 37, 37,
- 37, 0, 22, 0, 25, 42, 0, 0, 0, 42,
- 42, 42, 42, 33, 33, 33, 33, 0, 35, 0,
- 35, 35, 35, 35, 35, 35, 35, 35, 35, 35,
- 35, 0, 0, 0, 35, 35, 35, 35, 35, 35,
- 35, 35, 35, 35, 35, 35, 35, 37, 37, 37,
+ 35, 35, 37, 37, 37, 37, 37, 37, 37, 37,
- 37, 37, 37, 39, 0, 0, 0, 42, 19, 38,
- 42, 34, 34, 34, 35, 0, 0, 0, 35, 35,
+ 42, 0, 0, 0, 42, 42, 42, 33, 33, 33,
+ 0, 0, 35, 35, 35, 35, 35, 35, 35, 0,
+ 0, 0, 0, 0, 35, 35, 35, 35, 35, 35,
+ 35, 35, 35, 35, 35, 35, 35, 35, 37, 37,
+ 0, 23, 37, 37, 37, 37, 0, 22, 0, 25,
+ 42, 0, 0, 0, 42, 42, 42, 42, 33, 33,
+ 33, 33, 0, 35, 0, 35, 35, 35, 35, 35,
+ 35, 35, 35, 35, 35, 35, 0, 0, 0, 35,
35, 35, 35, 35, 35, 35, 35, 35, 35, 35,
- 35, 0, 0, 0, 0, 0, 35, 35, 35, 35,
- 35, 35, 35, 35, 37, 37, 37, 37, 0, 21,
- 0, 26, 0, 19, 0, 0, 42, 0, 42, 42,
- 42, 34, 34, 34, 34, 34, 0, 0, 0, 0,
- 0, 35, 35, 35, 35, 35, 35, 35, 35, 35,
- 35, 35, 35, 35, 35, 35, 35, 35, 35, 35,
- 35, 0, 29, 37, 37, 37, 0, 0, 0, 20,
+ 35, 35, 37, 37, 37, 37, 37, 37, 39, 0,
- 19, 0, 0, 19, 0, 42, 42, 42, 34, 34,
+ 0, 0, 42, 19, 38, 42, 34, 34, 34, 35,
0, 0, 0, 35, 35, 35, 35, 35, 35, 35,
+ 35, 35, 35, 35, 35, 35, 0, 0, 0, 0,
+ 0, 35, 35, 35, 35, 35, 35, 35, 35, 37,
+ 37, 37, 37, 0, 21, 0, 26, 0, 19, 0,
+ 0, 42, 0, 42, 42, 42, 34, 34, 34, 34,
+ 34, 0, 0, 0, 0, 0, 35, 35, 35, 35,
35, 35, 35, 35, 35, 35, 35, 35, 35, 35,
- 35, 0, 27, 37, 37, 20, 0, 17, 0, 42,
- 42, 42, 42, 42, 0, 0, 0, 0, 0, 35,
- 35, 35, 35, 35, 35, 35, 35, 0, 30, 37,
- 0, 42, 42, 42, 35, 35, 35, 35, 35, 35,
- 0, 28, 0, 42, 42, 42, 42, 42, 35, 35,
- 35, 35, 35, 0, 18, 33, 33, 33, 33, 33,
- 33, 0
+ 35, 35, 35, 35, 35, 35, 0, 29, 37, 37,
+ 37, 0, 0, 0, 20, 19, 0, 0, 19, 0,
+ 42, 42, 42, 34, 34, 0, 0, 0, 35, 35,
+ 35, 35, 35, 35, 35, 35, 35, 35, 35, 35,
+ 35, 35, 35, 35, 35, 35, 0, 27, 37, 37,
+ 20, 0, 17, 0, 42, 42, 42, 42, 42, 0,
+ 0, 0, 0, 0, 35, 35, 35, 35, 35, 35,
+ 35, 35, 0, 30, 37, 0, 42, 42, 42, 35,
+ 35, 35, 35, 35, 35, 0, 28, 0, 42, 42,
+ 42, 42, 42, 35, 35, 35, 35, 35, 0, 18,
+ 33, 33, 33, 33, 33, 33, 0
} ;
static yyconst int yy_ec[256] =
@@ -403,568 +402,570 @@
13, 13, 13, 13, 13
} ;
-static yyconst short int yy_base[659] =
+static yyconst short int yy_base[652] =
{ 0,
- 0, 64, 65, 66, 72, 87, 134, 198, 262, 309,
- 83, 98, 2616, 2548, 2586, 3619, 2562, 356, 402, 58,
- 3619, 3619, 2517, 3619, 106, 412, 139, 105, 2540, 3619,
- 3619, 467, 2516, 517, 2487, 2486, 2496, 2482, 571, 149,
- 44, 175, 595, 2444, 2446, 2438, 2433, 2434, 2494, 204,
- 268, 65, 0, 3619, 2474, 3619, 0, 276, 650, 114,
- 0, 2420, 3619, 79, 3619, 93, 3619, 131, 2417, 71,
- 103, 3619, 140, 2416, 206, 2461, 2458, 672, 2456, 2428,
- 2426, 3619, 217, 286, 125, 2380, 321, 2377, 347, 328,
- 2375, 382, 322, 705, 2398, 2407, 379, 429, 393, 2387,
+ 0, 64, 65, 70, 75, 100, 147, 211, 275, 322,
+ 86, 111, 2608, 2559, 2604, 3633, 2601, 3633, 368, 44,
+ 3633, 3633, 2542, 3633, 113, 378, 124, 146, 2551, 3633,
+ 433, 2521, 483, 2528, 2527, 2528, 2513, 537, 154, 36,
+ 150, 3633, 561, 2483, 2479, 2460, 2455, 2456, 2508, 203,
+ 288, 45, 0, 3633, 2503, 3633, 0, 305, 616, 71,
+ 0, 2458, 3633, 61, 3633, 71, 3633, 80, 2457, 109,
+ 131, 3633, 124, 2440, 638, 2485, 2482, 2482, 3633, 211,
+ 219, 83, 2436, 336, 2427, 663, 410, 2424, 688, 234,
+ 699, 2416, 2423, 356, 500, 169, 2412, 145, 739, 0,
- 124, 745, 0, 2366, 2361, 253, 2351, 2347, 241, 3619,
- 99, 558, 2329, 2333, 2325, 2319, 2320, 147, 116, 214,
- 233, 181, 29, 2380, 534, 555, 2325, 617, 126, 0,
- 2359, 178, 3619, 3619, 614, 268, 0, 2297, 677, 3619,
- 3619, 2296, 315, 2295, 2337, 243, 280, 295, 2339, 2292,
- 3619, 2336, 2320, 2274, 705, 777, 789, 824, 859, 894,
- 2307, 2259, 934, 129, 975, 1015, 2252, 2232, 2224, 2221,
- 2229, 2224, 2213, 2222, 287, 2193, 2197, 2162, 2162, 2167,
- 323, 321, 2170, 235, 163, 304, 811, 331, 2217, 2215,
- 638, 369, 1057, 1092, 724, 379, 2193, 2184, 730, 421,
+ 2403, 2401, 262, 2391, 2372, 134, 3633, 130, 524, 2346,
+ 2333, 2304, 2299, 2300, 94, 72, 229, 235, 198, 237,
+ 2330, 569, 567, 2277, 793, 196, 0, 2320, 153, 3633,
+ 3633, 578, 190, 0, 2275, 344, 3633, 3633, 2254, 303,
+ 2251, 2285, 310, 241, 245, 2278, 2276, 2264, 2215, 818,
+ 545, 831, 866, 901, 936, 2248, 2235, 976, 286, 1017,
+ 1057, 2226, 2206, 2198, 2193, 2199, 2192, 2179, 2188, 242,
+ 2158, 2162, 2134, 2134, 2139, 313, 265, 2142, 273, 272,
+ 295, 600, 271, 2189, 2187, 635, 345, 1099, 1134, 511,
+ 307, 2108, 2107, 685, 350, 2106, 2105, 339, 716, 1169,
- 2166, 2163, 363, 628, 1127, 808, 437, 1168, 834, 2162,
- 365, 434, 2153, 2151, 2141, 2139, 2119, 2117, 422, 2099,
- 2095, 2069, 2082, 2069, 413, 444, 542, 495, 528, 1210,
- 1245, 1280, 2106, 2105, 842, 2097, 2074, 2072, 2035, 563,
- 867, 570, 875, 586, 1315, 0, 885, 1326, 911, 674,
- 1367, 953, 603, 3619, 2006, 1993, 2006, 1986, 1962, 1965,
- 1965, 1929, 538, 1922, 1905, 1906, 328, 431, 21, 556,
- 920, 592, 1409, 1444, 994, 1944, 1942, 1874, 1872, 1477,
- 684, 1034, 1067, 1077, 686, 691, 756, 1000, 767, 1519,
- 0, 1102, 1530, 1111, 961, 1571, 1146, 1854, 1831, 663,
+ 724, 404, 1210, 758, 2077, 358, 377, 2054, 2046, 2036,
+ 2034, 2015, 2022, 357, 2006, 2008, 1993, 2005, 1977, 377,
+ 355, 580, 379, 391, 1252, 1287, 1322, 2014, 1992, 790,
+ 1990, 1988, 1987, 1985, 529, 815, 593, 839, 596, 1357,
+ 0, 849, 1368, 874, 660, 1409, 884, 435, 3633, 1941,
+ 1932, 1945, 1925, 1915, 1886, 1886, 1854, 561, 1828, 1811,
+ 1783, 557, 110, 508, 568, 912, 369, 1451, 1486, 922,
+ 1818, 1800, 1799, 1782, 1519, 646, 955, 995, 1036, 658,
+ 671, 749, 1074, 772, 1561, 0, 1109, 1572, 1082, 892,
+ 1613, 1118, 1744, 1740, 603, 513, 1723, 1729, 624, 724,
- 526, 1809, 1816, 790, 791, 655, 1823, 1742, 239, 580,
- 640, 721, 1612, 1646, 1680, 1774, 1765, 1757, 1185, 1715,
- 1193, 1042, 1755, 1220, 1228, 1766, 1255, 1265, 1290, 770,
- 985, 1025, 1298, 1298, 1337, 1797, 0, 1348, 1808, 1384,
- 1154, 1849, 1419, 1697, 1690, 847, 3619, 1689, 1682, 1693,
- 1632, 959, 3619, 1000, 3619, 652, 1618, 1595, 539, 1044,
- 576, 740, 1427, 670, 1890, 1924, 1462, 1634, 1633, 1392,
- 808, 1468, 1058, 1959, 0, 764, 1970, 1495, 1236, 2010,
- 1549, 1590, 1622, 1632, 1137, 1265, 1656, 1658, 1503, 1660,
- 2052, 0, 1690, 2063, 1669, 1435, 1699, 1534, 1531, 1534,
+ 768, 1719, 1673, 570, 555, 460, 824, 1654, 1688, 1722,
+ 1690, 1677, 1676, 1142, 1757, 1150, 963, 1797, 1188, 1158,
+ 1626, 1229, 1262, 1272, 901, 922, 1243, 1297, 1297, 1308,
+ 1839, 0, 1310, 1850, 1330, 1003, 1891, 1340, 1595, 1598,
+ 764, 3633, 1579, 1571, 1535, 1519, 780, 3633, 875, 3633,
+ 736, 1504, 1482, 656, 953, 636, 897, 1386, 626, 1932,
+ 1966, 1395, 1487, 1431, 1428, 815, 1459, 1037, 2001, 0,
+ 487, 2012, 1467, 1196, 2052, 1496, 1506, 1538, 1591, 1179,
+ 1220, 1442, 1477, 1630, 1664, 2094, 0, 1666, 2105, 1638,
+ 1278, 1675, 1411, 1409, 1354, 1350, 924, 961, 1318, 1307,
- 1530, 1100, 1101, 1509, 1447, 1439, 816, 572, 1849, 1428,
- 2105, 2140, 2175, 2210, 1450, 1734, 1774, 1827, 1368, 1211,
- 1246, 1866, 1281, 2245, 0, 798, 2256, 1898, 1452, 2296,
- 1908, 1932, 1346, 1942, 1989, 2029, 1540, 1581, 2073, 819,
- 853, 2338, 0, 896, 1152, 1284, 1248, 1113, 1193, 3619,
- 1351, 3619, 1089, 1552, 2087, 813, 872, 671, 1322, 2087,
- 1090, 2348, 2383, 2418, 2453, 1785, 2035, 1123, 2120, 2150,
- 2130, 1083, 1040, 1410, 1623, 2158, 1669, 2488, 0, 937,
- 2499, 2183, 1598, 2539, 2193, 2219, 2228, 2274, 1725, 1026,
- 1121, 1369, 3619, 1392, 958, 877, 811, 836, 1594, 742,
+ 1274, 1061, 675, 1708, 1254, 2147, 2182, 2217, 2252, 1212,
+ 1699, 1732, 1743, 1171, 1263, 1341, 1707, 1428, 2287, 0,
+ 608, 2298, 1774, 1477, 2338, 1816, 1782, 1135, 1869, 1910,
+ 1942, 1506, 1529, 1901, 826, 860, 2380, 0, 980, 1041,
+ 1103, 1087, 1041, 1042, 3633, 1058, 3633, 992, 1541, 1962,
+ 708, 899, 291, 1058, 1950, 1319, 2390, 2425, 2460, 2495,
+ 1827, 1974, 1011, 1985, 2031, 2071, 927, 920, 1592, 1744,
+ 2077, 1758, 2530, 0, 1061, 2541, 2122, 1877, 2581, 2157,
+ 2131, 2166, 2191, 1807, 912, 1128, 1194, 3633, 1235, 835,
+ 802, 765, 818, 721, 767, 1614, 1836, 2217, 1930, 2252,
- 1455, 1675, 2383, 1677, 2418, 2581, 2616, 2651, 2282, 1875,
- 2315, 2358, 2396, 760, 715, 1828, 1943, 2429, 1971, 2686,
- 0, 1171, 2697, 2437, 1742, 2463, 717, 2472, 2517, 1998,
- 649, 1596, 3619, 1740, 619, 3619, 559, 3619, 1288, 2525,
- 1311, 2739, 2774, 2558, 2564, 530, 2591, 2601, 2626, 451,
- 437, 2087, 371, 363, 2634, 0, 1301, 1780, 3619, 1832,
- 2097, 2809, 2844, 2879, 2659, 2667, 2675, 326, 0, 305,
- 1833, 3619, 200, 2715, 1664, 2914, 2949, 2725, 3619, 2748,
- 2758, 1916, 3619, 175, 3619, 2785, 2793, 2826, 127, 2859,
- 2835, 3619, 2997, 3011, 3025, 3039, 3053, 3067, 3081, 3095,
+ 2623, 2658, 2693, 2265, 1515, 2230, 2275, 2317, 779, 761,
+ 1986, 2013, 2355, 2032, 2728, 0, 1122, 2739, 2363, 1919,
+ 2400, 683, 2409, 2434, 2326, 676, 1393, 3633, 1434, 623,
+ 3633, 657, 3633, 1251, 2442, 1387, 2781, 2816, 2475, 2481,
+ 635, 2508, 2518, 2560, 543, 526, 2148, 427, 424, 2600,
+ 0, 1233, 1595, 3633, 1596, 2213, 2851, 2886, 2921, 2566,
+ 2631, 2639, 389, 0, 350, 1597, 3633, 349, 2647, 1685,
+ 2956, 2991, 2669, 3633, 2680, 2702, 2450, 3633, 215, 3633,
+ 2715, 2757, 2765, 82, 2798, 2806, 3633, 3039, 3053, 3067,
+ 3081, 3095, 3109, 3123, 3137, 3151, 3157, 3171, 3185, 1355,
- 3109, 3123, 3129, 3143, 3157, 1360, 3171, 3185, 3199, 3213,
- 3227, 3241, 3255, 3269, 3275, 3282, 3296, 3310, 3316, 3323,
- 3329, 3335, 3341, 3348, 3354, 3360, 3366, 3373, 3381, 3387,
- 3393, 3399, 3406, 3414, 3420, 3426, 3433, 3441, 3447, 3455,
- 3462, 3470, 3476, 3484, 3491, 3499, 3513, 3527, 3533, 3541,
- 3548, 3562, 3568, 3576, 3582, 3590, 1881, 3604
+ 3199, 3213, 3227, 3241, 3255, 3269, 3283, 3289, 3296, 3310,
+ 3324, 3330, 3337, 3343, 3349, 3355, 3362, 3368, 3374, 3380,
+ 3387, 3395, 3401, 3407, 3413, 3420, 3428, 3434, 3440, 3447,
+ 3455, 3461, 3469, 3476, 3484, 3490, 3498, 3505, 3513, 3527,
+ 3541, 3547, 3555, 3562, 3576, 3582, 3590, 3596, 3604, 862,
+ 3618
} ;
-static yyconst short int yy_def[659] =
+static yyconst short int yy_def[652] =
{ 0,
- 592, 1, 1, 1, 593, 593, 594, 594, 595, 595,
- 596, 596, 592, 597, 592, 592, 592, 598, 599, 600,
- 592, 592, 601, 592, 602, 597, 26, 26, 603, 592,
- 592, 592, 32, 32, 34, 34, 34, 34, 597, 26,
- 597, 592, 599, 32, 32, 34, 34, 34, 592, 592,
- 604, 597, 605, 592, 605, 592, 605, 592, 599, 592,
- 606, 607, 592, 607, 592, 607, 592, 608, 609, 609,
- 609, 592, 592, 597, 597, 592, 592, 598, 610, 598,
- 611, 592, 612, 592, 600, 613, 600, 601, 601, 602,
- 614, 597, 597, 26, 603, 94, 94, 94, 94, 615,
+ 587, 1, 1, 1, 588, 588, 589, 589, 590, 590,
+ 591, 591, 587, 592, 587, 587, 587, 587, 593, 594,
+ 587, 587, 595, 587, 596, 592, 26, 26, 597, 587,
+ 587, 31, 31, 33, 33, 33, 33, 592, 26, 592,
+ 587, 587, 593, 31, 31, 33, 33, 33, 587, 587,
+ 598, 592, 599, 587, 599, 587, 599, 587, 593, 587,
+ 600, 601, 587, 601, 587, 601, 587, 602, 603, 603,
+ 603, 587, 587, 592, 592, 587, 587, 604, 587, 605,
+ 587, 594, 606, 594, 595, 595, 596, 607, 592, 592,
+ 26, 597, 91, 91, 91, 91, 608, 609, 31, 33,
- 616, 32, 34, 34, 34, 34, 34, 34, 597, 592,
- 597, 592, 592, 592, 592, 592, 592, 611, 597, 94,
- 597, 597, 597, 592, 592, 604, 617, 597, 597, 605,
- 605, 592, 592, 592, 612, 592, 606, 607, 607, 592,
- 592, 607, 607, 609, 592, 609, 609, 592, 592, 597,
- 592, 611, 618, 613, 613, 592, 597, 597, 597, 94,
- 160, 619, 592, 620, 592, 32, 34, 34, 34, 34,
- 34, 34, 34, 34, 597, 592, 592, 592, 592, 592,
- 611, 597, 160, 597, 597, 597, 592, 597, 592, 618,
- 597, 597, 597, 597, 597, 597, 621, 622, 622, 199,
+ 33, 33, 33, 33, 33, 592, 587, 592, 587, 587,
+ 587, 587, 587, 587, 604, 592, 91, 592, 592, 592,
+ 587, 587, 598, 610, 592, 592, 599, 599, 587, 587,
+ 587, 605, 587, 600, 601, 601, 587, 587, 601, 601,
+ 603, 587, 603, 603, 587, 587, 604, 611, 606, 606,
+ 587, 592, 592, 592, 91, 155, 612, 587, 613, 587,
+ 31, 33, 33, 33, 33, 33, 33, 33, 33, 592,
+ 587, 587, 587, 587, 587, 604, 592, 155, 592, 592,
+ 592, 587, 592, 587, 611, 592, 592, 592, 592, 592,
+ 592, 614, 615, 615, 194, 616, 615, 617, 160, 587,
- 623, 622, 624, 165, 592, 205, 205, 592, 205, 34,
- 34, 34, 34, 34, 34, 34, 34, 34, 597, 592,
- 592, 592, 592, 592, 611, 597, 597, 597, 597, 597,
- 597, 597, 592, 625, 625, 235, 625, 626, 627, 628,
- 592, 629, 208, 629, 629, 245, 629, 592, 248, 248,
- 592, 248, 592, 592, 34, 34, 34, 34, 34, 34,
- 34, 34, 597, 592, 592, 592, 611, 597, 597, 597,
- 597, 597, 597, 597, 597, 630, 630, 631, 632, 592,
- 592, 592, 592, 592, 633, 633, 634, 251, 634, 634,
- 290, 634, 592, 293, 293, 592, 293, 34, 34, 34,
+ 200, 200, 587, 200, 33, 33, 33, 33, 33, 33,
+ 33, 33, 33, 592, 587, 587, 587, 587, 587, 604,
+ 592, 592, 592, 592, 592, 592, 592, 587, 618, 618,
+ 230, 618, 619, 620, 621, 587, 622, 203, 622, 622,
+ 240, 622, 587, 243, 243, 587, 243, 587, 587, 33,
+ 33, 33, 33, 33, 33, 33, 33, 592, 587, 587,
+ 587, 604, 592, 592, 592, 592, 592, 592, 592, 592,
+ 623, 623, 624, 625, 587, 587, 587, 587, 587, 626,
+ 626, 627, 246, 627, 627, 285, 627, 587, 288, 288,
+ 587, 288, 33, 33, 33, 33, 33, 33, 33, 33,
- 34, 34, 34, 34, 34, 597, 592, 592, 611, 597,
- 597, 597, 597, 597, 597, 592, 635, 636, 280, 592,
- 320, 320, 592, 320, 592, 592, 592, 592, 592, 592,
- 637, 637, 638, 296, 638, 638, 336, 638, 592, 339,
- 339, 592, 339, 34, 34, 592, 592, 34, 34, 34,
- 34, 592, 592, 592, 592, 597, 592, 592, 611, 597,
- 597, 597, 597, 597, 597, 597, 597, 592, 639, 592,
- 640, 323, 640, 640, 374, 374, 592, 377, 377, 592,
- 377, 592, 592, 592, 592, 641, 641, 642, 342, 642,
- 642, 391, 642, 592, 394, 394, 394, 34, 34, 34,
+ 592, 587, 587, 604, 592, 592, 592, 592, 592, 592,
+ 587, 628, 629, 275, 587, 315, 315, 587, 315, 587,
+ 587, 587, 587, 587, 587, 630, 630, 631, 291, 631,
+ 631, 331, 631, 587, 334, 334, 587, 334, 33, 33,
+ 587, 587, 33, 33, 33, 33, 587, 587, 587, 587,
+ 592, 587, 587, 604, 592, 592, 592, 592, 592, 592,
+ 592, 592, 587, 632, 587, 633, 318, 633, 633, 369,
+ 369, 587, 372, 372, 587, 372, 587, 587, 587, 587,
+ 634, 634, 635, 337, 635, 635, 386, 635, 587, 389,
+ 389, 389, 33, 33, 33, 33, 33, 33, 592, 587,
- 34, 34, 34, 597, 592, 592, 611, 597, 597, 597,
- 597, 597, 597, 597, 592, 592, 592, 592, 643, 643,
- 644, 380, 644, 644, 424, 424, 592, 427, 427, 592,
- 427, 592, 592, 592, 592, 592, 592, 645, 645, 646,
- 646, 646, 442, 442, 34, 34, 34, 34, 592, 592,
- 592, 592, 592, 592, 611, 611, 597, 647, 648, 597,
- 597, 597, 597, 597, 597, 597, 592, 592, 592, 592,
- 592, 592, 649, 649, 650, 430, 650, 650, 478, 478,
- 592, 481, 481, 592, 481, 592, 592, 592, 592, 651,
- 651, 592, 592, 34, 34, 34, 592, 652, 611, 597,
+ 587, 604, 592, 592, 592, 592, 592, 592, 592, 587,
+ 587, 587, 587, 636, 636, 637, 375, 637, 637, 419,
+ 419, 587, 422, 422, 587, 422, 587, 587, 587, 587,
+ 587, 587, 638, 638, 639, 639, 639, 437, 437, 33,
+ 33, 33, 33, 587, 587, 587, 587, 587, 587, 604,
+ 604, 592, 640, 641, 592, 592, 592, 592, 592, 592,
+ 592, 587, 587, 587, 587, 587, 587, 642, 642, 643,
+ 425, 643, 643, 473, 473, 587, 476, 476, 587, 476,
+ 587, 587, 587, 587, 644, 644, 587, 587, 33, 33,
+ 33, 587, 645, 604, 592, 640, 640, 640, 641, 641,
- 647, 647, 647, 648, 648, 597, 597, 597, 597, 597,
- 592, 592, 592, 592, 653, 653, 654, 484, 654, 654,
- 520, 520, 592, 523, 523, 523, 592, 592, 592, 592,
- 592, 592, 592, 34, 34, 592, 652, 592, 611, 597,
- 597, 597, 597, 597, 592, 592, 592, 592, 592, 592,
- 655, 655, 656, 656, 656, 555, 555, 592, 592, 34,
- 611, 597, 597, 597, 592, 592, 592, 592, 657, 657,
- 592, 592, 658, 597, 597, 597, 597, 597, 592, 592,
- 592, 592, 592, 658, 592, 597, 597, 597, 597, 597,
- 597, 0, 592, 592, 592, 592, 592, 592, 592, 592,
+ 592, 592, 592, 592, 592, 587, 587, 587, 587, 646,
+ 646, 647, 479, 647, 647, 515, 515, 587, 518, 518,
+ 518, 587, 587, 587, 587, 587, 587, 587, 33, 33,
+ 587, 645, 587, 604, 592, 592, 592, 592, 592, 587,
+ 587, 587, 587, 587, 587, 648, 648, 649, 649, 649,
+ 550, 550, 587, 587, 33, 604, 592, 592, 592, 587,
+ 587, 587, 587, 650, 650, 587, 587, 651, 592, 592,
+ 592, 592, 592, 587, 587, 587, 587, 587, 651, 587,
+ 592, 592, 592, 592, 592, 592, 0, 587, 587, 587,
+ 587, 587, 587, 587, 587, 587, 587, 587, 587, 587,
- 592, 592, 592, 592, 592, 592, 592, 592, 592, 592,
- 592, 592, 592, 592, 592, 592, 592, 592, 592, 592,
- 592, 592, 592, 592, 592, 592, 592, 592, 592, 592,
- 592, 592, 592, 592, 592, 592, 592, 592, 592, 592,
- 592, 592, 592, 592, 592, 592, 592, 592, 592, 592,
- 592, 592, 592, 592, 592, 592, 592, 592
+ 587, 587, 587, 587, 587, 587, 587, 587, 587, 587,
+ 587, 587, 587, 587, 587, 587, 587, 587, 587, 587,
+ 587, 587, 587, 587, 587, 587, 587, 587, 587, 587,
+ 587, 587, 587, 587, 587, 587, 587, 587, 587, 587,
+ 587, 587, 587, 587, 587, 587, 587, 587, 587, 587,
+ 587
} ;
-static yyconst short int yy_nxt[3685] =
+static yyconst short int yy_nxt[3699] =
{ 0,
14, 15, 16, 17, 18, 19, 20, 21, 22, 14,
23, 24, 14, 14, 25, 26, 27, 28, 26, 26,
- 26, 26, 26, 29, 30, 31, 14, 32, 32, 32,
- 32, 33, 34, 34, 34, 34, 35, 36, 34, 37,
- 34, 38, 34, 34, 34, 34, 34, 39, 14, 40,
- 40, 40, 40, 40, 40, 14, 14, 14, 14, 14,
- 14, 14, 41, 14, 14, 42, 49, 49, 75, 43,
- 50, 50, 146, 15, 54, 55, 75, 56, 311, 51,
- 51, 86, 186, 56, 70, 16, 71, 72, 15, 54,
- 55, 75, 56, 44, 45, 56, 57, 46, 56, 70,
+ 26, 26, 26, 29, 30, 18, 14, 31, 31, 31,
+ 31, 32, 33, 33, 33, 33, 34, 35, 33, 36,
+ 33, 37, 33, 33, 33, 33, 33, 38, 14, 39,
+ 39, 39, 39, 39, 39, 14, 14, 14, 14, 14,
+ 14, 14, 40, 14, 14, 41, 49, 83, 42, 43,
+ 50, 49, 133, 107, 42, 50, 15, 54, 55, 51,
+ 56, 140, 107, 75, 51, 137, 56, 70, 16, 71,
+ 72, 84, 75, 44, 45, 138, 79, 46, 56, 57,
- 16, 71, 72, 140, 47, 87, 147, 48, 111, 91,
- 56, 57, 75, 91, 91, 136, 110, 141, 145, 58,
- 98, 98, 98, 98, 98, 99, 139, 52, 52, 129,
- 73, 91, 143, 110, 58, 15, 16, 17, 163, 59,
- 139, 148, 149, 163, 144, 73, 75, 165, 592, 82,
- 145, 175, 204, 92, 97, 97, 97, 97, 97, 97,
- 97, 97, 74, 75, 96, 96, 96, 96, 96, 96,
- 96, 96, 87, 75, 75, 182, 112, 585, 188, 136,
- 110, 60, 61, 61, 61, 61, 61, 61, 61, 61,
- 61, 61, 61, 61, 61, 61, 61, 61, 61, 15,
+ 108, 15, 54, 55, 47, 56, 587, 48, 136, 126,
+ 143, 56, 70, 16, 71, 72, 88, 88, 136, 75,
+ 88, 88, 58, 56, 57, 145, 146, 52, 141, 75,
+ 84, 177, 52, 73, 144, 133, 107, 305, 88, 94,
+ 94, 94, 94, 94, 94, 94, 94, 58, 15, 16,
+ 17, 109, 59, 176, 133, 107, 142, 75, 73, 158,
+ 89, 95, 95, 95, 95, 95, 96, 74, 160, 93,
+ 93, 93, 93, 93, 93, 93, 93, 75, 142, 110,
+ 111, 75, 170, 112, 156, 156, 156, 156, 156, 156,
+ 113, 133, 107, 114, 60, 61, 61, 61, 61, 61,
- 16, 17, 585, 59, 113, 114, 181, 74, 115, 74,
- 75, 74, 228, 74, 74, 116, 125, 74, 117, 84,
- 84, 84, 84, 84, 84, 84, 84, 74, 75, 74,
- 74, 74, 84, 84, 84, 84, 84, 84, 84, 84,
- 185, 82, 136, 110, 146, 60, 61, 61, 61, 61,
61, 61, 61, 61, 61, 61, 61, 61, 61, 61,
- 61, 61, 61, 15, 16, 17, 63, 59, 183, 136,
- 110, 127, 64, 65, 66, 127, 127, 132, 110, 133,
- 75, 134, 75, 147, 169, 133, 67, 134, 75, 170,
- 145, 359, 171, 127, 172, 184, 148, 149, 226, 134,
+ 61, 61, 15, 16, 17, 122, 59, 580, 81, 81,
+ 81, 81, 81, 81, 81, 81, 81, 81, 81, 81,
+ 81, 81, 81, 81, 81, 81, 81, 81, 81, 81,
+ 81, 81, 74, 75, 144, 75, 145, 146, 183, 152,
+ 153, 154, 152, 152, 152, 152, 152, 180, 60, 61,
+ 61, 61, 61, 61, 61, 61, 61, 61, 61, 61,
+ 61, 61, 61, 61, 61, 61, 15, 16, 17, 63,
+ 59, 75, 75, 178, 75, 64, 65, 66, 142, 75,
+ 181, 124, 124, 164, 497, 124, 124, 179, 165, 67,
- 134, 84, 84, 84, 84, 84, 84, 84, 84, 68,
- 15, 16, 17, 63, 59, 128, 136, 110, 370, 64,
- 65, 66, 85, 134, 85, 82, 85, 145, 85, 85,
- 82, 91, 85, 67, 75, 91, 91, 157, 158, 159,
- 157, 157, 157, 157, 157, 85, 85, 219, 88, 518,
- 88, 75, 88, 91, 88, 88, 68, 79, 88, 79,
- 74, 79, 139, 79, 79, 226, 253, 79, 75, 75,
- 88, 88, 88, 226, 225, 92, 592, 163, 75, 79,
- 79, 79, 191, 90, 370, 74, 204, 90, 254, 74,
- 74, 229, 309, 90, 161, 161, 161, 161, 161, 161,
+ 158, 166, 214, 167, 133, 107, 129, 107, 130, 199,
+ 131, 143, 75, 124, 130, 79, 131, 221, 75, 75,
+ 75, 223, 68, 15, 16, 17, 63, 59, 131, 131,
+ 92, 224, 64, 65, 66, 125, 221, 82, 498, 82,
+ 82, 82, 75, 82, 82, 135, 67, 82, 135, 135,
+ 136, 580, 131, 158, 75, 135, 221, 142, 186, 248,
+ 82, 82, 199, 365, 220, 232, 232, 232, 135, 68,
+ 79, 156, 156, 156, 156, 156, 156, 156, 156, 79,
+ 80, 249, 266, 81, 81, 81, 81, 81, 81, 81,
+ 81, 90, 75, 91, 91, 91, 91, 91, 91, 91,
- 161, 161, 95, 80, 82, 90, 90, 74, 161, 161,
- 161, 161, 161, 161, 83, 82, 75, 84, 84, 84,
- 84, 84, 84, 84, 84, 93, 75, 94, 94, 94,
- 94, 94, 94, 94, 94, 95, 237, 237, 237, 96,
- 96, 96, 96, 96, 161, 161, 161, 161, 161, 161,
- 161, 161, 246, 246, 246, 246, 246, 247, 310, 75,
- 518, 96, 96, 96, 96, 96, 96, 74, 255, 75,
- 267, 74, 256, 74, 476, 263, 74, 74, 75, 74,
- 74, 74, 102, 102, 102, 102, 102, 102, 102, 102,
- 95, 75, 268, 74, 102, 102, 102, 102, 102, 103,
+ 91, 92, 75, 263, 75, 93, 93, 93, 93, 93,
+ 258, 250, 513, 88, 88, 251, 75, 88, 88, 241,
+ 241, 241, 241, 241, 242, 75, 75, 93, 93, 93,
+ 93, 93, 93, 74, 262, 88, 248, 587, 75, 74,
+ 365, 221, 74, 74, 265, 74, 74, 74, 99, 99,
+ 99, 99, 99, 99, 99, 99, 92, 89, 249, 74,
+ 99, 99, 99, 99, 99, 100, 100, 100, 100, 100,
+ 100, 100, 100, 100, 100, 100, 100, 100, 100, 100,
+ 75, 100, 93, 93, 93, 93, 93, 93, 74, 74,
+ 74, 74, 74, 74, 74, 74, 74, 74, 100, 100,
- 103, 103, 103, 103, 103, 103, 103, 103, 103, 103,
- 103, 103, 103, 103, 75, 103, 96, 96, 96, 96,
- 96, 96, 74, 74, 74, 74, 74, 74, 74, 74,
- 74, 74, 103, 103, 103, 103, 103, 103, 103, 103,
- 592, 82, 75, 545, 103, 103, 103, 103, 103, 84,
- 84, 84, 84, 84, 84, 84, 84, 226, 127, 112,
- 348, 538, 127, 127, 349, 95, 74, 74, 74, 74,
- 74, 74, 109, 110, 74, 75, 74, 163, 74, 74,
- 127, 270, 74, 241, 163, 75, 204, 113, 114, 75,
- 306, 115, 407, 243, 74, 74, 74, 82, 116, 592,
+ 100, 100, 100, 100, 100, 100, 587, 75, 414, 414,
+ 100, 100, 100, 100, 100, 156, 156, 156, 156, 156,
+ 156, 156, 156, 356, 186, 109, 187, 187, 187, 187,
+ 187, 187, 74, 74, 74, 74, 74, 74, 106, 107,
+ 74, 74, 74, 158, 74, 74, 88, 343, 74, 513,
+ 88, 344, 199, 110, 111, 75, 88, 112, 75, 79,
+ 74, 74, 74, 79, 113, 306, 471, 114, 88, 88,
+ 124, 124, 79, 80, 124, 124, 81, 81, 81, 81,
+ 81, 81, 81, 81, 81, 81, 81, 81, 81, 81,
+ 81, 81, 124, 587, 587, 587, 587, 587, 587, 587,
- 163, 117, 128, 75, 253, 271, 269, 83, 312, 243,
- 84, 84, 84, 84, 84, 84, 84, 84, 126, 75,
- 74, 457, 126, 75, 74, 74, 254, 75, 126, 592,
- 592, 592, 592, 592, 592, 592, 592, 360, 409, 75,
- 126, 126, 74, 209, 209, 209, 209, 209, 209, 209,
- 209, 118, 82, 230, 231, 232, 230, 230, 230, 230,
- 230, 560, 135, 163, 346, 592, 592, 592, 592, 592,
- 592, 592, 592, 79, 502, 79, 150, 79, 138, 79,
- 79, 138, 138, 79, 363, 75, 347, 75, 138, 291,
- 291, 291, 291, 291, 292, 79, 79, 79, 163, 75,
+ 587, 124, 75, 92, 341, 124, 236, 158, 75, 587,
+ 158, 124, 355, 301, 125, 75, 238, 115, 79, 238,
+ 307, 304, 354, 124, 124, 347, 342, 75, 132, 468,
+ 468, 587, 587, 587, 587, 587, 587, 587, 587, 74,
+ 358, 74, 74, 74, 264, 74, 74, 348, 540, 74,
+ 225, 226, 227, 225, 225, 225, 225, 225, 79, 533,
+ 158, 74, 74, 74, 85, 555, 85, 85, 85, 199,
+ 85, 85, 158, 75, 85, 286, 286, 286, 286, 286,
+ 287, 238, 75, 75, 236, 158, 85, 85, 85, 87,
+ 158, 74, 74, 87, 238, 74, 74, 158, 404, 87,
- 163, 138, 75, 361, 241, 163, 154, 204, 154, 243,
- 154, 356, 154, 154, 243, 404, 154, 75, 503, 80,
- 160, 160, 160, 160, 160, 160, 160, 160, 154, 154,
- 154, 163, 160, 160, 160, 160, 160, 191, 476, 192,
- 192, 192, 192, 192, 192, 235, 235, 236, 237, 237,
- 237, 237, 237, 201, 160, 160, 160, 160, 160, 160,
- 166, 166, 166, 166, 166, 166, 166, 166, 75, 241,
- 163, 75, 166, 166, 166, 166, 166, 362, 91, 288,
- 592, 163, 91, 422, 163, 419, 419, 75, 91, 75,
- 288, 352, 354, 243, 160, 160, 160, 160, 160, 160,
+ 230, 230, 231, 232, 232, 232, 232, 232, 196, 402,
+ 79, 87, 87, 74, 155, 155, 155, 155, 155, 155,
+ 155, 155, 75, 79, 452, 349, 155, 155, 155, 155,
+ 155, 204, 204, 204, 204, 204, 204, 204, 204, 240,
+ 240, 240, 240, 240, 240, 240, 240, 350, 155, 155,
+ 155, 155, 155, 155, 161, 161, 161, 161, 161, 161,
+ 161, 161, 236, 158, 494, 341, 161, 161, 161, 161,
+ 161, 587, 283, 239, 239, 239, 239, 239, 239, 239,
+ 239, 347, 534, 75, 471, 587, 158, 342, 155, 155,
+ 155, 155, 155, 155, 123, 283, 74, 74, 123, 399,
- 91, 91, 191, 410, 192, 192, 192, 192, 192, 192,
- 192, 192, 127, 353, 355, 82, 127, 455, 82, 473,
- 473, 370, 127, 245, 245, 245, 245, 245, 245, 245,
- 245, 372, 241, 163, 127, 127, 75, 191, 538, 193,
- 193, 193, 193, 193, 193, 193, 193, 592, 346, 244,
- 244, 244, 244, 244, 244, 244, 244, 277, 277, 277,
- 277, 277, 277, 277, 277, 201, 592, 163, 456, 499,
- 347, 75, 191, 536, 194, 194, 194, 194, 194, 195,
- 192, 192, 282, 283, 284, 282, 282, 282, 282, 282,
- 252, 252, 252, 252, 252, 252, 252, 252, 241, 163,
+ 74, 74, 417, 348, 123, 272, 272, 272, 272, 272,
+ 272, 272, 272, 196, 75, 75, 123, 123, 74, 149,
+ 533, 149, 149, 149, 351, 149, 149, 531, 365, 149,
+ 277, 278, 279, 277, 277, 277, 277, 277, 367, 236,
+ 158, 149, 149, 149, 186, 530, 187, 187, 187, 187,
+ 187, 187, 187, 187, 247, 247, 247, 247, 247, 247,
+ 247, 247, 236, 158, 281, 281, 281, 281, 281, 281,
+ 578, 75, 238, 587, 158, 578, 349, 529, 75, 186,
+ 357, 188, 188, 188, 188, 188, 188, 188, 188, 285,
+ 285, 285, 285, 285, 285, 285, 285, 587, 350, 284,
- 286, 286, 286, 286, 286, 286, 75, 74, 243, 196,
- 196, 196, 196, 196, 196, 196, 196, 490, 490, 75,
- 535, 196, 196, 196, 196, 196, 290, 290, 290, 290,
- 290, 290, 290, 290, 500, 313, 314, 315, 313, 313,
- 313, 313, 313, 196, 196, 196, 196, 196, 196, 198,
- 199, 200, 200, 200, 200, 200, 200, 201, 515, 515,
- 352, 202, 202, 202, 202, 202, 592, 75, 289, 289,
- 289, 289, 289, 289, 289, 289, 337, 337, 337, 337,
- 337, 338, 353, 202, 202, 202, 202, 202, 202, 163,
- 205, 206, 207, 205, 205, 205, 205, 205, 208, 163,
+ 284, 284, 284, 284, 284, 284, 284, 332, 332, 332,
+ 332, 332, 333, 75, 186, 158, 189, 189, 189, 189,
+ 189, 190, 187, 187, 238, 444, 158, 308, 309, 310,
+ 308, 308, 308, 308, 308, 266, 158, 267, 267, 267,
+ 267, 267, 267, 417, 75, 283, 75, 445, 75, 74,
+ 367, 191, 191, 191, 191, 191, 191, 191, 191, 75,
+ 405, 495, 446, 191, 191, 191, 191, 191, 320, 75,
+ 321, 321, 321, 321, 321, 321, 321, 321, 370, 370,
+ 370, 370, 370, 371, 447, 191, 191, 191, 191, 191,
+ 191, 193, 194, 195, 195, 195, 195, 195, 195, 196,
- 534, 354, 209, 209, 209, 209, 209, 271, 288, 272,
- 272, 272, 272, 272, 272, 297, 297, 297, 297, 297,
- 297, 297, 297, 355, 209, 209, 209, 209, 209, 209,
- 210, 210, 210, 210, 210, 210, 210, 210, 241, 163,
- 163, 75, 210, 210, 210, 210, 210, 325, 288, 326,
- 326, 326, 326, 326, 326, 326, 326, 375, 375, 375,
- 375, 375, 376, 422, 196, 196, 196, 196, 196, 196,
- 191, 592, 192, 192, 192, 192, 192, 192, 192, 192,
- 325, 372, 327, 327, 327, 327, 327, 327, 327, 327,
- 325, 75, 328, 328, 328, 328, 328, 329, 326, 326,
+ 75, 485, 485, 197, 197, 197, 197, 197, 320, 403,
+ 322, 322, 322, 322, 322, 322, 322, 322, 387, 387,
+ 387, 387, 387, 388, 462, 197, 197, 197, 197, 197,
+ 197, 158, 200, 201, 202, 200, 200, 200, 200, 200,
+ 203, 492, 487, 444, 204, 204, 204, 204, 204, 320,
+ 587, 323, 323, 323, 323, 323, 324, 321, 321, 446,
+ 367, 497, 450, 79, 488, 445, 204, 204, 204, 204,
+ 204, 204, 205, 205, 205, 205, 205, 205, 205, 205,
+ 491, 447, 510, 510, 205, 205, 205, 205, 205, 292,
+ 292, 292, 292, 292, 292, 292, 292, 331, 331, 331,
- 408, 449, 451, 460, 75, 191, 372, 192, 192, 192,
- 192, 192, 192, 192, 192, 241, 163, 332, 332, 332,
- 332, 332, 332, 450, 452, 288, 336, 336, 336, 336,
- 336, 336, 336, 336, 241, 163, 467, 75, 497, 75,
- 241, 163, 242, 242, 242, 242, 242, 242, 242, 242,
- 243, 163, 496, 492, 244, 244, 244, 244, 244, 592,
- 288, 335, 335, 335, 335, 335, 335, 335, 335, 392,
- 392, 392, 392, 392, 393, 493, 244, 244, 244, 244,
- 244, 244, 163, 248, 249, 250, 248, 248, 248, 248,
- 248, 251, 551, 551, 449, 252, 252, 252, 252, 252,
+ 331, 331, 331, 331, 331, 500, 191, 191, 191, 191,
+ 191, 191, 186, 451, 187, 187, 187, 187, 187, 187,
+ 187, 187, 236, 158, 327, 327, 327, 327, 327, 327,
+ 490, 587, 283, 330, 330, 330, 330, 330, 330, 330,
+ 330, 236, 158, 546, 546, 489, 75, 186, 427, 187,
+ 187, 187, 187, 187, 187, 187, 187, 319, 319, 319,
+ 319, 319, 319, 319, 319, 369, 369, 369, 369, 369,
+ 369, 369, 369, 377, 378, 379, 377, 377, 377, 377,
+ 377, 75, 236, 158, 237, 237, 237, 237, 237, 237,
+ 237, 237, 238, 158, 367, 487, 239, 239, 239, 239,
- 324, 324, 324, 324, 324, 324, 324, 324, 374, 374,
- 374, 374, 374, 374, 374, 374, 450, 252, 252, 252,
- 252, 252, 252, 271, 370, 272, 272, 272, 272, 272,
- 272, 272, 272, 592, 372, 373, 373, 373, 373, 373,
- 373, 373, 373, 382, 383, 384, 382, 382, 382, 382,
- 382, 425, 425, 425, 425, 425, 426, 75, 271, 370,
- 273, 273, 273, 273, 273, 273, 273, 273, 325, 422,
- 326, 326, 326, 326, 326, 326, 326, 326, 325, 163,
- 326, 326, 326, 326, 326, 326, 326, 326, 334, 561,
- 82, 495, 75, 271, 592, 274, 274, 274, 274, 274,
+ 239, 587, 283, 368, 368, 368, 368, 368, 368, 368,
+ 368, 420, 420, 420, 420, 420, 421, 488, 239, 239,
+ 239, 239, 239, 239, 158, 243, 244, 245, 243, 243,
+ 243, 243, 243, 246, 158, 314, 527, 247, 247, 247,
+ 247, 247, 320, 329, 321, 321, 321, 321, 321, 321,
+ 321, 321, 556, 79, 564, 564, 236, 158, 528, 247,
+ 247, 247, 247, 247, 247, 266, 283, 267, 267, 267,
+ 267, 267, 267, 267, 267, 320, 365, 321, 321, 321,
+ 321, 321, 321, 321, 321, 320, 367, 321, 321, 321,
+ 321, 321, 321, 438, 438, 438, 438, 438, 439, 75,
- 275, 272, 272, 325, 422, 326, 326, 326, 326, 326,
- 326, 241, 163, 343, 343, 343, 343, 343, 343, 343,
- 343, 334, 569, 569, 540, 502, 494, 75, 241, 163,
- 286, 286, 286, 286, 286, 286, 286, 286, 243, 241,
- 163, 287, 287, 287, 287, 287, 287, 287, 287, 288,
- 592, 163, 451, 289, 289, 289, 289, 289, 75, 432,
- 334, 241, 163, 387, 387, 387, 387, 387, 387, 505,
- 492, 334, 137, 137, 452, 289, 289, 289, 289, 289,
- 289, 163, 293, 294, 295, 293, 293, 293, 293, 293,
- 296, 372, 493, 532, 297, 297, 297, 297, 297, 391,
+ 266, 75, 268, 268, 268, 268, 268, 268, 268, 268,
+ 236, 158, 338, 338, 338, 338, 338, 338, 338, 338,
+ 329, 587, 158, 236, 158, 382, 382, 382, 382, 382,
+ 382, 329, 455, 329, 75, 266, 449, 269, 269, 269,
+ 269, 269, 270, 267, 267, 386, 386, 386, 386, 386,
+ 386, 386, 386, 587, 365, 385, 385, 385, 385, 385,
+ 385, 385, 385, 448, 417, 75, 75, 134, 134, 75,
+ 236, 158, 281, 281, 281, 281, 281, 281, 281, 281,
+ 238, 236, 158, 282, 282, 282, 282, 282, 282, 282,
+ 282, 283, 443, 442, 527, 284, 284, 284, 284, 284,
- 391, 391, 391, 391, 391, 391, 391, 416, 417, 418,
- 416, 416, 416, 416, 416, 533, 297, 297, 297, 297,
- 297, 297, 271, 370, 272, 272, 272, 272, 272, 272,
- 272, 272, 592, 422, 390, 390, 390, 390, 390, 390,
- 390, 390, 411, 412, 413, 414, 411, 411, 411, 411,
- 443, 443, 443, 443, 443, 444, 75, 271, 592, 272,
- 272, 272, 272, 272, 272, 272, 272, 479, 479, 479,
- 479, 479, 480, 319, 75, 75, 363, 364, 364, 364,
- 364, 364, 364, 381, 381, 381, 381, 381, 381, 381,
- 381, 75, 320, 321, 322, 320, 320, 320, 320, 320,
+ 535, 406, 407, 408, 409, 406, 406, 406, 406, 358,
+ 359, 359, 359, 359, 359, 359, 528, 284, 284, 284,
+ 284, 284, 284, 158, 288, 289, 290, 288, 288, 288,
+ 288, 288, 291, 75, 75, 553, 292, 292, 292, 292,
+ 292, 587, 75, 411, 412, 413, 411, 411, 411, 411,
+ 411, 417, 441, 440, 314, 236, 158, 554, 292, 292,
+ 292, 292, 292, 292, 266, 329, 267, 267, 267, 267,
+ 267, 267, 267, 267, 376, 376, 376, 376, 376, 376,
+ 376, 376, 419, 419, 419, 419, 419, 419, 419, 419,
+ 236, 158, 474, 474, 474, 474, 474, 475, 75, 266,
- 323, 454, 503, 453, 324, 324, 324, 324, 324, 75,
- 424, 424, 424, 424, 424, 424, 424, 424, 397, 397,
- 397, 397, 397, 397, 397, 397, 324, 324, 324, 324,
- 324, 324, 241, 163, 332, 332, 332, 332, 332, 332,
- 332, 332, 288, 241, 163, 333, 333, 333, 333, 333,
- 333, 333, 333, 334, 163, 458, 75, 335, 335, 335,
- 335, 335, 592, 334, 423, 423, 423, 423, 423, 423,
- 423, 423, 448, 447, 446, 458, 445, 458, 458, 335,
- 335, 335, 335, 335, 335, 163, 339, 340, 341, 339,
- 339, 339, 339, 339, 342, 163, 82, 532, 343, 343,
+ 384, 267, 267, 267, 267, 267, 267, 267, 267, 587,
+ 234, 418, 418, 418, 418, 418, 418, 418, 418, 427,
+ 158, 428, 428, 428, 428, 428, 428, 428, 428, 329,
+ 505, 505, 505, 75, 315, 316, 317, 315, 315, 315,
+ 315, 315, 318, 158, 453, 401, 319, 319, 319, 319,
+ 319, 427, 384, 429, 429, 429, 429, 429, 429, 429,
+ 429, 400, 75, 398, 453, 397, 453, 453, 319, 319,
+ 319, 319, 319, 319, 236, 158, 327, 327, 327, 327,
+ 327, 327, 327, 327, 283, 236, 158, 328, 328, 328,
+ 328, 328, 328, 328, 328, 329, 553, 566, 566, 330,
- 343, 343, 343, 432, 389, 433, 433, 433, 433, 433,
- 433, 433, 433, 521, 521, 521, 521, 521, 522, 533,
- 343, 343, 343, 343, 343, 343, 363, 364, 364, 364,
- 364, 364, 364, 364, 364, 432, 370, 434, 434, 434,
- 434, 434, 434, 434, 434, 432, 476, 435, 435, 435,
- 435, 435, 436, 433, 433, 539, 319, 239, 406, 75,
- 363, 365, 365, 365, 365, 365, 365, 365, 365, 241,
- 163, 241, 163, 592, 163, 405, 403, 574, 592, 334,
- 592, 389, 592, 389, 442, 442, 442, 442, 442, 442,
- 442, 442, 476, 75, 363, 366, 366, 366, 366, 366,
+ 330, 330, 330, 330, 427, 365, 430, 430, 430, 430,
+ 430, 431, 428, 428, 396, 417, 395, 587, 554, 567,
+ 567, 330, 330, 330, 330, 330, 330, 158, 334, 335,
+ 336, 334, 334, 334, 334, 334, 337, 394, 393, 320,
+ 338, 338, 338, 338, 338, 392, 392, 392, 392, 392,
+ 392, 392, 392, 437, 437, 437, 437, 437, 437, 437,
+ 437, 498, 338, 338, 338, 338, 338, 338, 358, 359,
+ 359, 359, 359, 359, 359, 359, 359, 587, 158, 236,
+ 158, 434, 434, 434, 434, 434, 434, 384, 587, 384,
+ 436, 436, 436, 436, 436, 436, 436, 436, 569, 314,
- 367, 364, 364, 241, 163, 439, 439, 439, 439, 439,
- 439, 75, 592, 389, 441, 441, 441, 441, 441, 441,
- 441, 441, 503, 402, 505, 401, 400, 75, 370, 399,
- 371, 371, 371, 371, 371, 371, 371, 371, 372, 163,
- 398, 558, 373, 373, 373, 373, 373, 467, 389, 468,
- 468, 468, 468, 468, 468, 468, 468, 556, 556, 556,
- 556, 556, 557, 559, 373, 373, 373, 373, 373, 373,
- 377, 378, 379, 377, 377, 377, 377, 377, 380, 325,
- 319, 558, 381, 381, 381, 381, 381, 467, 239, 469,
- 469, 469, 469, 469, 469, 469, 469, 201, 460, 358,
+ 234, 75, 358, 360, 360, 360, 360, 360, 360, 360,
+ 360, 453, 462, 196, 463, 463, 463, 463, 463, 463,
+ 463, 463, 426, 426, 426, 426, 426, 426, 426, 426,
+ 353, 453, 75, 453, 454, 75, 358, 361, 361, 361,
+ 361, 361, 362, 359, 359, 462, 352, 464, 464, 464,
+ 464, 464, 464, 464, 464, 75, 462, 365, 465, 465,
+ 465, 465, 465, 466, 463, 463, 346, 471, 345, 75,
+ 365, 587, 366, 366, 366, 366, 366, 366, 366, 366,
+ 367, 471, 340, 339, 368, 368, 368, 368, 368, 473,
+ 473, 473, 473, 473, 473, 473, 473, 481, 482, 483,
- 510, 510, 510, 559, 381, 381, 381, 381, 381, 381,
- 241, 163, 387, 387, 387, 387, 387, 387, 387, 387,
- 334, 241, 163, 388, 388, 388, 388, 388, 388, 388,
- 388, 389, 75, 571, 571, 390, 390, 390, 390, 390,
- 467, 370, 470, 470, 470, 470, 470, 471, 468, 468,
- 357, 476, 458, 351, 350, 572, 572, 390, 390, 390,
- 390, 390, 390, 163, 394, 395, 396, 394, 394, 394,
- 394, 394, 458, 345, 458, 459, 397, 397, 397, 397,
- 397, 431, 431, 431, 431, 431, 431, 431, 431, 583,
- 510, 510, 510, 344, 583, 319, 75, 239, 397, 397,
+ 481, 481, 481, 481, 481, 314, 368, 368, 368, 368,
+ 368, 368, 372, 373, 374, 372, 372, 372, 372, 372,
+ 375, 158, 234, 196, 376, 376, 376, 376, 376, 587,
+ 384, 472, 472, 472, 472, 472, 472, 472, 472, 587,
+ 455, 196, 505, 505, 505, 259, 376, 376, 376, 376,
+ 376, 376, 236, 158, 382, 382, 382, 382, 382, 382,
+ 382, 382, 329, 236, 158, 383, 383, 383, 383, 383,
+ 383, 383, 383, 384, 75, 303, 302, 385, 385, 385,
+ 385, 385, 427, 498, 428, 428, 428, 428, 428, 428,
+ 428, 428, 516, 516, 516, 516, 516, 517, 300, 385,
- 397, 397, 397, 397, 363, 364, 364, 364, 364, 364,
- 364, 364, 364, 478, 478, 478, 478, 478, 478, 478,
- 478, 592, 75, 477, 477, 477, 477, 477, 477, 477,
- 477, 579, 579, 579, 579, 579, 579, 75, 363, 364,
- 364, 364, 364, 364, 364, 364, 364, 486, 487, 488,
- 486, 486, 486, 486, 486, 432, 370, 433, 433, 433,
- 433, 433, 433, 433, 433, 201, 518, 201, 264, 308,
- 307, 75, 370, 305, 420, 420, 420, 420, 420, 420,
- 420, 420, 372, 370, 592, 421, 421, 421, 421, 421,
- 421, 421, 421, 422, 518, 304, 303, 423, 423, 423,
+ 385, 385, 385, 385, 385, 158, 389, 390, 391, 389,
+ 389, 389, 389, 389, 236, 158, 299, 298, 392, 392,
+ 392, 392, 392, 427, 384, 428, 428, 428, 428, 428,
+ 428, 428, 428, 587, 551, 551, 551, 551, 551, 552,
+ 392, 392, 392, 392, 392, 392, 358, 359, 359, 359,
+ 359, 359, 359, 359, 359, 427, 297, 428, 428, 428,
+ 428, 428, 428, 450, 79, 501, 502, 503, 501, 501,
+ 501, 501, 501, 296, 295, 294, 493, 500, 293, 75,
+ 358, 359, 359, 359, 359, 359, 359, 359, 359, 506,
+ 507, 508, 506, 506, 506, 506, 506, 75, 462, 365,
- 423, 423, 432, 302, 433, 433, 433, 433, 433, 433,
- 433, 433, 163, 527, 527, 527, 527, 527, 527, 423,
- 423, 423, 423, 423, 423, 427, 428, 429, 427, 427,
- 427, 427, 427, 430, 301, 300, 299, 431, 431, 431,
- 431, 431, 432, 298, 433, 433, 433, 433, 433, 433,
- 511, 512, 513, 511, 511, 511, 511, 511, 280, 431,
- 431, 431, 431, 431, 431, 241, 163, 439, 439, 439,
- 439, 439, 439, 439, 439, 389, 241, 163, 440, 440,
- 440, 440, 440, 440, 440, 440, 241, 163, 455, 82,
- 441, 441, 441, 441, 441, 239, 389, 201, 561, 82,
+ 463, 463, 463, 463, 463, 463, 463, 463, 275, 471,
+ 234, 196, 271, 75, 365, 196, 415, 415, 415, 415,
+ 415, 415, 415, 415, 367, 365, 365, 416, 416, 416,
+ 416, 416, 416, 416, 416, 417, 513, 98, 259, 418,
+ 418, 418, 418, 418, 462, 587, 463, 463, 463, 463,
+ 463, 463, 463, 463, 261, 513, 259, 260, 259, 257,
+ 256, 418, 418, 418, 418, 418, 418, 422, 423, 424,
+ 422, 422, 422, 422, 422, 425, 255, 254, 253, 426,
+ 426, 426, 426, 426, 462, 252, 463, 463, 463, 463,
+ 463, 463, 480, 480, 480, 480, 480, 480, 480, 480,
- 370, 498, 506, 507, 508, 506, 506, 506, 506, 506,
- 518, 573, 441, 441, 441, 441, 441, 441, 460, 276,
- 461, 461, 461, 461, 461, 461, 461, 461, 201, 101,
- 264, 266, 264, 467, 75, 468, 468, 468, 468, 468,
- 468, 468, 468, 467, 265, 468, 468, 468, 468, 468,
- 468, 264, 75, 460, 262, 462, 462, 462, 462, 462,
- 462, 462, 462, 467, 261, 468, 468, 468, 468, 468,
- 468, 468, 468, 485, 485, 485, 485, 485, 485, 485,
- 485, 260, 259, 258, 257, 95, 201, 75, 460, 239,
- 463, 463, 463, 463, 463, 464, 465, 465, 520, 520,
+ 92, 426, 426, 426, 426, 426, 426, 236, 158, 434,
+ 434, 434, 434, 434, 434, 434, 434, 384, 236, 158,
+ 435, 435, 435, 435, 435, 435, 435, 435, 196, 234,
+ 196, 98, 436, 436, 436, 436, 436, 515, 515, 515,
+ 515, 515, 515, 515, 515, 158, 522, 522, 522, 522,
+ 522, 522, 522, 522, 436, 436, 436, 436, 436, 436,
+ 455, 365, 456, 456, 456, 456, 456, 456, 456, 456,
+ 587, 513, 514, 514, 514, 514, 514, 514, 514, 514,
+ 158, 523, 523, 523, 523, 523, 523, 523, 523, 79,
+ 184, 222, 219, 218, 75, 455, 217, 457, 457, 457,
- 520, 520, 520, 520, 520, 520, 592, 201, 519, 519,
- 519, 519, 519, 519, 519, 519, 101, 82, 189, 227,
- 224, 223, 75, 460, 222, 466, 466, 466, 461, 461,
- 461, 461, 461, 163, 527, 527, 527, 527, 527, 527,
- 527, 527, 163, 528, 528, 528, 528, 528, 528, 528,
- 528, 221, 220, 218, 217, 216, 215, 75, 370, 214,
- 474, 474, 474, 474, 474, 474, 474, 474, 422, 370,
- 213, 475, 475, 475, 475, 475, 475, 475, 475, 476,
- 212, 211, 101, 477, 477, 477, 477, 477, 163, 529,
- 529, 529, 529, 529, 530, 527, 527, 509, 509, 509,
+ 457, 457, 457, 457, 457, 158, 524, 524, 524, 524,
+ 524, 525, 522, 522, 556, 79, 216, 215, 496, 213,
+ 212, 496, 496, 211, 496, 496, 210, 568, 496, 75,
+ 455, 209, 458, 458, 458, 458, 458, 459, 460, 460,
+ 496, 496, 496, 540, 208, 541, 541, 541, 541, 541,
+ 541, 541, 541, 499, 207, 206, 499, 499, 98, 499,
+ 499, 90, 150, 499, 75, 455, 79, 461, 461, 461,
+ 456, 456, 456, 456, 456, 499, 499, 499, 79, 184,
+ 504, 504, 504, 504, 504, 504, 504, 504, 540, 141,
+ 542, 542, 542, 542, 542, 542, 542, 542, 142, 75,
- 509, 509, 509, 509, 509, 477, 477, 477, 477, 477,
- 477, 481, 482, 483, 481, 481, 481, 481, 481, 484,
- 93, 155, 82, 485, 485, 485, 485, 485, 545, 75,
- 546, 546, 546, 546, 546, 546, 546, 546, 82, 75,
- 189, 144, 145, 139, 139, 485, 485, 485, 485, 485,
- 485, 241, 163, 491, 491, 491, 491, 491, 491, 491,
- 491, 460, 131, 465, 465, 465, 465, 465, 465, 465,
- 465, 545, 187, 547, 547, 547, 547, 547, 547, 547,
- 547, 124, 180, 179, 501, 178, 177, 176, 501, 174,
- 501, 501, 173, 168, 501, 75, 460, 167, 465, 465,
+ 365, 136, 469, 469, 469, 469, 469, 469, 469, 469,
+ 417, 365, 75, 470, 470, 470, 470, 470, 470, 470,
+ 470, 471, 136, 128, 182, 472, 472, 472, 472, 472,
+ 540, 121, 543, 543, 543, 543, 543, 544, 541, 541,
+ 158, 522, 522, 522, 522, 522, 522, 472, 472, 472,
+ 472, 472, 472, 476, 477, 478, 476, 476, 476, 476,
+ 476, 479, 175, 174, 173, 480, 480, 480, 480, 480,
+ 521, 521, 521, 521, 521, 521, 521, 521, 550, 550,
+ 550, 550, 550, 550, 550, 550, 172, 480, 480, 480,
+ 480, 480, 480, 236, 158, 486, 486, 486, 486, 486,
- 465, 465, 465, 465, 465, 465, 501, 501, 501, 545,
- 101, 548, 548, 548, 548, 548, 549, 546, 546, 504,
- 74, 101, 156, 504, 89, 504, 504, 155, 82, 504,
- 75, 460, 150, 465, 465, 465, 465, 465, 465, 509,
- 509, 504, 504, 504, 526, 526, 526, 526, 526, 526,
- 526, 526, 555, 555, 555, 555, 555, 555, 555, 555,
- 151, 77, 76, 75, 145, 75, 460, 139, 509, 509,
- 509, 509, 509, 509, 509, 509, 592, 131, 554, 554,
- 554, 554, 554, 554, 554, 554, 163, 527, 527, 527,
- 527, 527, 527, 527, 527, 124, 123, 122, 121, 120,
+ 486, 486, 486, 455, 171, 460, 460, 460, 460, 460,
+ 460, 460, 460, 587, 169, 549, 549, 549, 549, 549,
+ 549, 549, 549, 158, 522, 522, 522, 522, 522, 522,
+ 522, 522, 168, 163, 162, 98, 74, 75, 455, 98,
+ 460, 460, 460, 460, 460, 460, 460, 460, 158, 522,
+ 522, 522, 522, 522, 522, 522, 522, 557, 558, 559,
+ 557, 557, 557, 557, 557, 574, 574, 574, 574, 574,
+ 574, 151, 75, 455, 86, 460, 460, 460, 460, 460,
+ 460, 504, 504, 150, 79, 77, 76, 75, 535, 75,
+ 536, 536, 536, 536, 536, 536, 560, 561, 562, 560,
- 75, 370, 119, 516, 516, 516, 516, 516, 516, 516,
- 516, 476, 370, 108, 517, 517, 517, 517, 517, 517,
- 517, 517, 518, 107, 106, 105, 519, 519, 519, 519,
- 519, 163, 527, 527, 527, 527, 527, 527, 527, 527,
- 562, 563, 564, 562, 562, 562, 562, 562, 519, 519,
- 519, 519, 519, 519, 523, 524, 525, 523, 523, 523,
- 523, 523, 104, 101, 89, 77, 526, 526, 526, 526,
- 526, 540, 75, 541, 541, 541, 541, 541, 541, 565,
- 566, 567, 565, 565, 565, 565, 565, 76, 526, 526,
- 526, 526, 526, 526, 540, 75, 541, 541, 541, 541,
+ 560, 560, 560, 560, 142, 136, 128, 75, 455, 121,
+ 504, 504, 504, 504, 504, 504, 504, 504, 120, 119,
+ 118, 540, 75, 541, 541, 541, 541, 541, 541, 541,
+ 541, 540, 117, 541, 541, 541, 541, 541, 541, 541,
+ 541, 116, 75, 365, 105, 511, 511, 511, 511, 511,
+ 511, 511, 511, 471, 365, 104, 512, 512, 512, 512,
+ 512, 512, 512, 512, 513, 103, 102, 101, 514, 514,
+ 514, 514, 514, 540, 98, 541, 541, 541, 541, 541,
+ 541, 574, 574, 574, 574, 574, 574, 574, 574, 86,
+ 514, 514, 514, 514, 514, 514, 518, 519, 520, 518,
- 541, 541, 541, 541, 545, 75, 546, 546, 546, 546,
- 546, 546, 546, 546, 545, 592, 546, 546, 546, 546,
- 546, 546, 546, 546, 592, 592, 592, 592, 75, 540,
- 592, 542, 542, 542, 542, 542, 542, 542, 542, 545,
- 592, 546, 546, 546, 546, 546, 546, 370, 592, 570,
- 570, 570, 570, 570, 570, 570, 570, 592, 592, 592,
- 592, 592, 592, 75, 540, 592, 543, 543, 543, 543,
- 543, 544, 541, 541, 579, 579, 579, 579, 579, 579,
- 579, 579, 580, 580, 580, 580, 580, 580, 580, 580,
- 581, 581, 581, 581, 581, 582, 579, 579, 75, 370,
+ 518, 518, 518, 518, 77, 76, 75, 587, 521, 521,
+ 521, 521, 521, 365, 587, 565, 565, 565, 565, 565,
+ 565, 565, 565, 587, 587, 587, 587, 587, 587, 587,
+ 521, 521, 521, 521, 521, 521, 535, 587, 536, 536,
+ 536, 536, 536, 536, 536, 536, 575, 575, 575, 575,
+ 575, 575, 575, 575, 576, 576, 576, 576, 576, 577,
+ 574, 574, 581, 582, 583, 581, 581, 581, 581, 581,
+ 75, 535, 587, 537, 537, 537, 537, 537, 537, 537,
+ 537, 587, 569, 587, 570, 570, 570, 570, 570, 570,
+ 587, 587, 587, 587, 75, 574, 574, 574, 574, 574,
- 592, 552, 552, 552, 552, 552, 552, 552, 552, 518,
- 370, 592, 553, 553, 553, 553, 553, 553, 553, 553,
- 592, 592, 592, 592, 554, 554, 554, 554, 554, 592,
- 586, 587, 588, 586, 586, 586, 586, 586, 574, 592,
- 575, 575, 575, 575, 575, 575, 554, 554, 554, 554,
- 554, 554, 540, 592, 541, 541, 541, 541, 541, 541,
- 541, 541, 75, 579, 579, 579, 579, 579, 579, 579,
- 579, 592, 75, 579, 579, 579, 579, 579, 579, 579,
- 579, 592, 592, 592, 592, 592, 75, 540, 592, 541,
- 541, 541, 541, 541, 541, 541, 541, 592, 592, 592,
+ 574, 574, 574, 587, 587, 75, 535, 587, 538, 538,
+ 538, 538, 538, 539, 536, 536, 75, 574, 574, 574,
+ 574, 574, 574, 574, 574, 587, 587, 587, 587, 587,
+ 584, 584, 584, 584, 584, 584, 584, 584, 587, 587,
+ 75, 365, 587, 547, 547, 547, 547, 547, 547, 547,
+ 547, 513, 365, 587, 548, 548, 548, 548, 548, 548,
+ 548, 548, 75, 587, 587, 587, 549, 549, 549, 549,
+ 549, 587, 581, 581, 581, 581, 581, 581, 581, 581,
+ 585, 585, 585, 585, 585, 586, 584, 584, 549, 549,
+ 549, 549, 549, 549, 535, 587, 536, 536, 536, 536,
- 589, 589, 589, 589, 589, 589, 589, 589, 586, 586,
- 586, 586, 586, 586, 586, 586, 592, 592, 592, 592,
- 592, 75, 574, 592, 575, 575, 575, 575, 575, 575,
- 575, 575, 75, 592, 592, 592, 592, 592, 592, 592,
- 75, 590, 590, 590, 590, 590, 591, 589, 589, 592,
- 589, 589, 589, 589, 589, 589, 75, 574, 592, 576,
- 576, 576, 576, 576, 576, 576, 576, 592, 592, 592,
- 592, 592, 592, 75, 589, 589, 589, 589, 589, 589,
- 589, 589, 75, 592, 592, 592, 592, 592, 592, 592,
- 592, 75, 574, 592, 577, 577, 577, 577, 577, 578,
+ 536, 536, 536, 536, 75, 587, 587, 587, 587, 587,
+ 587, 587, 75, 584, 584, 584, 584, 584, 584, 584,
+ 584, 584, 584, 584, 584, 584, 584, 587, 75, 535,
+ 587, 536, 536, 536, 536, 536, 536, 536, 536, 587,
+ 587, 587, 587, 587, 587, 75, 587, 587, 587, 587,
+ 587, 587, 587, 75, 587, 587, 587, 587, 587, 587,
+ 587, 587, 587, 75, 569, 587, 570, 570, 570, 570,
+ 570, 570, 570, 570, 587, 587, 587, 587, 587, 587,
+ 587, 587, 587, 587, 587, 587, 587, 587, 587, 587,
+ 587, 587, 587, 587, 587, 587, 587, 587, 75, 569,
- 575, 575, 592, 592, 592, 592, 75, 592, 592, 592,
- 592, 592, 592, 592, 592, 592, 592, 592, 592, 592,
- 592, 592, 592, 592, 592, 592, 75, 574, 592, 575,
- 575, 575, 575, 575, 575, 575, 575, 592, 592, 592,
- 592, 592, 592, 592, 592, 592, 592, 592, 592, 592,
- 592, 592, 592, 592, 592, 592, 592, 592, 592, 592,
- 592, 75, 574, 592, 575, 575, 575, 575, 575, 575,
- 575, 575, 592, 592, 592, 592, 592, 592, 592, 592,
- 592, 592, 592, 592, 592, 592, 592, 592, 592, 592,
- 592, 592, 592, 592, 592, 592, 75, 53, 53, 53,
+ 587, 571, 571, 571, 571, 571, 571, 571, 571, 587,
+ 587, 587, 587, 587, 587, 587, 587, 587, 587, 587,
+ 587, 587, 587, 587, 587, 587, 587, 587, 587, 587,
+ 587, 587, 587, 75, 569, 587, 572, 572, 572, 572,
+ 572, 573, 570, 570, 587, 587, 587, 587, 587, 587,
+ 587, 587, 587, 587, 587, 587, 587, 587, 587, 587,
+ 587, 587, 587, 587, 587, 587, 587, 587, 75, 569,
+ 587, 570, 570, 570, 570, 570, 570, 570, 570, 587,
+ 587, 587, 587, 587, 587, 587, 587, 587, 587, 587,
+ 587, 587, 587, 587, 587, 587, 587, 587, 587, 587,
+ 587, 587, 587, 75, 569, 587, 570, 570, 570, 570,
+ 570, 570, 570, 570, 587, 587, 587, 587, 587, 587,
+ 587, 587, 587, 587, 587, 587, 587, 587, 587, 587,
+ 587, 587, 587, 587, 587, 587, 587, 587, 75, 53,
53, 53, 53, 53, 53, 53, 53, 53, 53, 53,
- 53, 31, 31, 31, 31, 31, 31, 31, 31, 31,
- 31, 31, 31, 31, 31, 62, 62, 62, 62, 62,
- 62, 62, 62, 62, 62, 62, 62, 62, 62, 69,
- 69, 69, 69, 69, 69, 69, 69, 69, 69, 69,
- 69, 69, 69, 74, 592, 592, 592, 74, 592, 74,
- 74, 74, 592, 592, 74, 74, 74, 78, 78, 592,
+ 53, 53, 53, 18, 18, 18, 18, 18, 18, 18,
+ 18, 18, 18, 18, 18, 18, 18, 62, 62, 62,
+ 62, 62, 62, 62, 62, 62, 62, 62, 62, 62,
+ 62, 69, 69, 69, 69, 69, 69, 69, 69, 69,
+ 69, 69, 69, 69, 69, 74, 587, 587, 587, 587,
+
+ 587, 74, 74, 74, 587, 587, 74, 74, 74, 78,
78, 78, 78, 78, 78, 78, 78, 78, 78, 78,
- 78, 81, 81, 81, 81, 81, 81, 81, 81, 81,
- 81, 81, 81, 81, 81, 85, 592, 592, 592, 85,
+ 78, 78, 78, 82, 587, 587, 587, 587, 587, 82,
+ 82, 82, 82, 587, 82, 82, 82, 85, 587, 587,
+ 587, 587, 587, 85, 85, 85, 587, 587, 85, 85,
+ 85, 87, 587, 587, 87, 87, 87, 87, 87, 87,
+ 587, 587, 87, 87, 87, 97, 97, 587, 587, 587,
+ 97, 123, 587, 587, 123, 123, 123, 123, 123, 123,
+ 587, 587, 123, 123, 123, 127, 587, 587, 127, 127,
+ 127, 127, 127, 127, 587, 127, 587, 127, 127, 135,
- 592, 85, 85, 85, 85, 592, 85, 85, 85, 88,
- 592, 592, 592, 88, 592, 88, 88, 88, 592, 592,
- 88, 88, 88, 90, 592, 592, 90, 90, 90, 90,
- 90, 90, 592, 592, 90, 90, 90, 100, 100, 592,
- 592, 592, 100, 126, 592, 592, 126, 126, 126, 126,
- 126, 126, 592, 592, 126, 126, 126, 130, 592, 592,
- 130, 130, 130, 130, 130, 130, 592, 130, 592, 130,
- 130, 138, 592, 592, 138, 592, 138, 138, 138, 138,
- 138, 592, 138, 138, 138, 142, 142, 142, 142, 142,
- 142, 142, 142, 142, 142, 142, 142, 142, 142, 144,
+ 587, 587, 135, 587, 135, 135, 135, 135, 135, 587,
+ 135, 135, 135, 139, 139, 139, 139, 139, 139, 139,
+ 139, 139, 139, 139, 139, 139, 139, 141, 141, 587,
+ 141, 587, 141, 141, 141, 141, 141, 141, 141, 141,
+ 141, 147, 147, 147, 147, 147, 147, 147, 147, 147,
+ 147, 147, 147, 147, 147, 148, 148, 587, 148, 148,
+ 148, 148, 148, 148, 148, 148, 148, 148, 148, 149,
+ 587, 587, 587, 587, 587, 149, 149, 149, 587, 587,
+ 149, 149, 149, 88, 587, 587, 88, 88, 88, 88,
+ 88, 88, 587, 587, 88, 88, 88, 157, 157, 587,
- 144, 592, 144, 592, 144, 144, 144, 144, 144, 144,
- 144, 144, 144, 79, 79, 592, 79, 79, 79, 79,
- 79, 79, 79, 79, 79, 79, 79, 152, 152, 152,
- 152, 152, 152, 152, 152, 152, 152, 152, 152, 152,
- 152, 153, 153, 592, 153, 153, 153, 153, 153, 153,
- 153, 153, 153, 153, 153, 154, 592, 592, 592, 154,
- 592, 154, 154, 154, 592, 592, 154, 154, 154, 91,
- 592, 592, 91, 91, 91, 91, 91, 91, 592, 592,
- 91, 91, 91, 162, 162, 592, 592, 592, 162, 164,
- 164, 164, 592, 592, 592, 164, 127, 592, 592, 127,
+ 587, 587, 157, 159, 159, 159, 587, 587, 587, 159,
+ 124, 587, 587, 124, 124, 124, 124, 124, 124, 587,
+ 587, 124, 124, 124, 185, 185, 185, 185, 185, 185,
+ 185, 185, 185, 185, 185, 185, 185, 185, 192, 192,
+ 587, 587, 587, 192, 198, 198, 198, 587, 587, 587,
+ 198, 228, 228, 587, 587, 587, 228, 229, 229, 587,
+ 587, 587, 229, 233, 233, 587, 587, 587, 233, 235,
+ 235, 235, 587, 587, 587, 235, 271, 271, 587, 587,
+ 587, 271, 273, 273, 587, 587, 587, 273, 274, 274,
+ 587, 587, 587, 274, 276, 276, 276, 587, 587, 587,
- 127, 127, 127, 127, 127, 592, 592, 127, 127, 127,
- 190, 190, 190, 190, 190, 190, 190, 190, 190, 190,
- 190, 190, 190, 190, 197, 197, 592, 592, 592, 197,
- 203, 203, 203, 592, 592, 592, 203, 233, 233, 592,
- 592, 592, 233, 234, 234, 592, 592, 592, 234, 238,
- 238, 592, 592, 592, 238, 240, 240, 240, 592, 592,
- 592, 240, 276, 276, 592, 592, 592, 276, 278, 278,
- 592, 592, 592, 278, 279, 279, 592, 592, 592, 279,
- 281, 281, 281, 592, 592, 592, 281, 285, 285, 285,
- 285, 592, 592, 592, 285, 316, 316, 592, 592, 592,
+ 276, 280, 280, 280, 280, 587, 587, 587, 280, 311,
+ 311, 587, 587, 587, 311, 312, 312, 587, 587, 587,
+ 312, 313, 313, 587, 587, 587, 313, 325, 325, 325,
+ 587, 587, 587, 325, 326, 326, 326, 326, 587, 587,
+ 587, 326, 363, 363, 587, 587, 587, 363, 364, 364,
+ 587, 587, 587, 364, 380, 380, 380, 587, 587, 587,
+ 380, 381, 381, 381, 381, 587, 587, 587, 381, 410,
+ 410, 587, 587, 587, 410, 414, 587, 414, 414, 587,
+ 587, 587, 414, 432, 432, 432, 587, 587, 587, 432,
+ 433, 433, 433, 433, 587, 587, 587, 433, 467, 467,
- 316, 317, 317, 592, 592, 592, 317, 318, 318, 592,
- 592, 592, 318, 330, 330, 330, 592, 592, 592, 330,
- 331, 331, 331, 331, 592, 592, 592, 331, 368, 368,
- 592, 592, 592, 368, 369, 369, 592, 592, 592, 369,
- 385, 385, 385, 592, 592, 592, 385, 386, 386, 386,
- 386, 592, 592, 592, 386, 415, 415, 592, 592, 592,
- 415, 419, 592, 419, 419, 592, 592, 592, 419, 437,
- 437, 437, 592, 592, 592, 437, 438, 438, 438, 438,
- 592, 592, 592, 438, 472, 472, 592, 592, 592, 472,
- 473, 592, 473, 473, 592, 592, 592, 473, 489, 489,
+ 587, 587, 587, 467, 468, 587, 468, 468, 587, 587,
+ 587, 468, 484, 484, 484, 587, 587, 587, 484, 485,
+ 485, 485, 587, 587, 587, 587, 485, 496, 587, 587,
+ 496, 587, 587, 496, 496, 496, 587, 587, 496, 496,
+ 496, 499, 587, 587, 499, 587, 587, 499, 499, 499,
+ 587, 587, 499, 499, 499, 509, 509, 587, 587, 587,
+ 509, 510, 587, 510, 510, 587, 587, 587, 510, 526,
+ 526, 587, 587, 587, 587, 526, 532, 532, 532, 532,
+ 532, 532, 532, 532, 532, 532, 532, 532, 532, 532,
+ 545, 545, 587, 587, 587, 545, 546, 587, 546, 546,
- 489, 592, 592, 592, 489, 490, 490, 490, 592, 592,
- 592, 592, 490, 501, 592, 592, 501, 501, 592, 501,
- 501, 501, 592, 592, 501, 501, 501, 504, 592, 592,
- 504, 504, 592, 504, 504, 504, 592, 592, 504, 504,
- 504, 514, 514, 592, 592, 592, 514, 515, 592, 515,
- 515, 592, 592, 592, 515, 531, 531, 592, 592, 592,
- 592, 531, 537, 537, 537, 537, 537, 537, 537, 537,
- 537, 537, 537, 537, 537, 537, 550, 550, 592, 592,
- 592, 550, 551, 592, 551, 551, 592, 592, 592, 551,
- 568, 568, 592, 592, 592, 568, 569, 592, 569, 592,
+ 587, 587, 587, 546, 563, 563, 587, 587, 587, 563,
+ 564, 587, 564, 587, 587, 587, 587, 564, 579, 579,
+ 579, 579, 579, 579, 579, 579, 579, 579, 579, 579,
+ 579, 579, 13, 587, 587, 587, 587, 587, 587, 587,
+ 587, 587, 587, 587, 587, 587, 587, 587, 587, 587,
+ 587, 587, 587, 587, 587, 587, 587, 587, 587, 587,
+ 587, 587, 587, 587, 587, 587, 587, 587, 587, 587,
+ 587, 587, 587, 587, 587, 587, 587, 587, 587, 587,
+ 587, 587, 587, 587, 587, 587, 587, 587, 587, 587,
+ 587, 587, 587, 587, 587, 587, 587, 587
- 592, 592, 592, 569, 584, 584, 584, 584, 584, 584,
- 584, 584, 584, 584, 584, 584, 584, 584, 13, 592,
- 592, 592, 592, 592, 592, 592, 592, 592, 592, 592,
- 592, 592, 592, 592, 592, 592, 592, 592, 592, 592,
- 592, 592, 592, 592, 592, 592, 592, 592, 592, 592,
- 592, 592, 592, 592, 592, 592, 592, 592, 592, 592,
- 592, 592, 592, 592, 592, 592, 592, 592, 592, 592,
- 592, 592, 592, 592, 592, 592, 592, 592, 592, 592,
- 592, 592, 592, 592
} ;
-static yyconst short int yy_chk[3685] =
+static yyconst short int yy_chk[3699] =
{ 0,
1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
@@ -972,405 +973,407 @@
1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 2, 3, 4, 269, 2,
- 3, 4, 70, 5, 5, 5, 123, 5, 269, 3,
- 4, 20, 123, 5, 11, 11, 11, 11, 6, 6,
- 6, 41, 6, 2, 2, 5, 5, 2, 6, 12,
+ 1, 1, 1, 1, 1, 2, 3, 20, 2, 2,
+ 3, 4, 60, 60, 4, 4, 5, 5, 5, 3,
+ 5, 68, 68, 40, 4, 64, 5, 11, 11, 11,
+ 11, 20, 52, 2, 2, 66, 115, 2, 5, 5,
- 12, 12, 12, 64, 2, 20, 71, 2, 41, 25,
- 6, 6, 52, 25, 25, 60, 60, 66, 70, 5,
- 28, 28, 28, 28, 28, 28, 64, 3, 4, 52,
- 11, 25, 68, 68, 6, 7, 7, 7, 101, 7,
- 66, 73, 73, 164, 73, 12, 111, 101, 85, 118,
- 71, 111, 164, 25, 27, 27, 27, 27, 27, 27,
- 27, 27, 40, 119, 40, 40, 40, 40, 40, 40,
- 40, 40, 85, 129, 589, 119, 42, 584, 129, 132,
- 132, 7, 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7, 7, 8,
+ 40, 6, 6, 6, 2, 6, 82, 2, 64, 52,
+ 70, 6, 12, 12, 12, 12, 25, 25, 66, 116,
+ 25, 25, 5, 6, 6, 73, 73, 3, 73, 584,
+ 82, 116, 4, 11, 71, 106, 106, 263, 25, 27,
+ 27, 27, 27, 27, 27, 27, 27, 6, 7, 7,
+ 7, 41, 7, 115, 129, 129, 70, 263, 12, 98,
+ 25, 28, 28, 28, 28, 28, 28, 39, 98, 39,
+ 39, 39, 39, 39, 39, 39, 39, 108, 71, 41,
+ 41, 106, 108, 41, 96, 96, 96, 96, 96, 96,
+ 41, 133, 133, 41, 7, 7, 7, 7, 7, 7,
- 8, 8, 573, 8, 42, 42, 118, 75, 42, 75,
- 185, 75, 185, 75, 75, 42, 50, 75, 42, 50,
- 50, 50, 50, 50, 50, 50, 50, 120, 122, 75,
- 75, 75, 83, 83, 83, 83, 83, 83, 83, 83,
- 122, 309, 109, 109, 146, 8, 8, 8, 8, 8,
+ 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
+ 7, 7, 8, 8, 8, 50, 8, 579, 50, 50,
+ 50, 50, 50, 50, 50, 50, 80, 80, 80, 80,
+ 80, 80, 80, 80, 81, 81, 81, 81, 81, 81,
+ 81, 81, 117, 126, 144, 119, 145, 145, 126, 90,
+ 90, 90, 90, 90, 90, 90, 90, 119, 8, 8,
8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 9, 9, 9, 9, 9, 120, 136,
- 136, 51, 9, 9, 9, 51, 51, 58, 58, 58,
- 121, 58, 184, 147, 106, 58, 9, 58, 109, 106,
- 146, 309, 106, 51, 106, 121, 148, 148, 184, 58,
+ 8, 8, 8, 8, 8, 8, 9, 9, 9, 9,
+ 9, 90, 118, 117, 120, 9, 9, 9, 144, 170,
+ 120, 51, 51, 103, 453, 51, 51, 118, 103, 9,
- 58, 84, 84, 84, 84, 84, 84, 84, 84, 9,
- 10, 10, 10, 10, 10, 51, 143, 143, 570, 10,
- 10, 10, 87, 58, 87, 181, 87, 147, 87, 87,
- 267, 90, 87, 10, 175, 90, 90, 93, 93, 93,
- 93, 93, 93, 93, 93, 87, 87, 175, 89, 568,
- 89, 186, 89, 90, 89, 89, 10, 18, 89, 18,
- 18, 18, 143, 18, 18, 186, 211, 18, 182, 93,
- 89, 89, 89, 182, 181, 90, 554, 203, 188, 18,
- 18, 18, 192, 92, 553, 92, 203, 92, 211, 92,
- 92, 188, 267, 92, 97, 97, 97, 97, 97, 97,
+ 159, 103, 170, 103, 140, 140, 58, 58, 58, 159,
+ 58, 143, 177, 51, 58, 176, 58, 177, 183, 180,
+ 179, 180, 9, 10, 10, 10, 10, 10, 58, 58,
+ 191, 183, 10, 10, 10, 51, 179, 84, 453, 84,
+ 84, 84, 181, 84, 84, 136, 10, 84, 136, 136,
+ 140, 568, 58, 198, 191, 136, 181, 143, 187, 206,
+ 84, 84, 198, 565, 176, 195, 195, 195, 136, 10,
+ 19, 94, 94, 94, 94, 94, 94, 94, 94, 220,
+ 19, 206, 267, 19, 19, 19, 19, 19, 19, 19,
+ 19, 26, 187, 26, 26, 26, 26, 26, 26, 26,
- 97, 97, 196, 18, 19, 92, 92, 92, 99, 99,
- 99, 99, 99, 99, 19, 225, 192, 19, 19, 19,
- 19, 19, 19, 19, 19, 26, 196, 26, 26, 26,
- 26, 26, 26, 26, 26, 26, 200, 200, 200, 26,
- 26, 26, 26, 26, 98, 98, 98, 98, 98, 98,
- 98, 98, 207, 207, 207, 207, 207, 207, 268, 26,
- 551, 26, 26, 26, 26, 26, 26, 32, 212, 219,
- 225, 32, 212, 32, 550, 219, 32, 32, 268, 32,
- 32, 32, 32, 32, 32, 32, 32, 32, 32, 32,
- 32, 226, 226, 32, 32, 32, 32, 32, 32, 32,
+ 26, 26, 221, 221, 214, 26, 26, 26, 26, 26,
+ 214, 207, 563, 87, 87, 207, 267, 87, 87, 202,
+ 202, 202, 202, 202, 202, 26, 223, 26, 26, 26,
+ 26, 26, 26, 31, 220, 87, 248, 549, 224, 31,
+ 548, 223, 31, 31, 224, 31, 31, 31, 31, 31,
+ 31, 31, 31, 31, 31, 31, 31, 87, 248, 31,
+ 31, 31, 31, 31, 31, 31, 31, 31, 31, 31,
+ 31, 31, 31, 31, 31, 31, 31, 31, 31, 31,
+ 31, 31, 31, 31, 31, 31, 31, 31, 31, 31,
+ 31, 31, 31, 31, 31, 31, 31, 31, 33, 33,
- 32, 32, 32, 32, 32, 32, 32, 32, 32, 32,
- 32, 32, 32, 32, 32, 32, 32, 32, 32, 32,
- 32, 32, 32, 32, 32, 32, 32, 32, 32, 32,
- 32, 32, 34, 34, 34, 34, 34, 34, 34, 34,
- 34, 359, 228, 546, 34, 34, 34, 34, 34, 125,
- 125, 125, 125, 125, 125, 125, 125, 228, 126, 112,
- 301, 537, 126, 126, 301, 227, 34, 34, 34, 34,
- 34, 34, 39, 39, 39, 229, 39, 240, 39, 39,
- 126, 229, 39, 242, 242, 263, 240, 112, 112, 227,
- 263, 112, 359, 242, 39, 39, 39, 43, 112, 244,
+ 33, 33, 33, 33, 33, 33, 33, 306, 371, 371,
+ 33, 33, 33, 33, 33, 95, 95, 95, 95, 95,
+ 95, 95, 95, 306, 190, 109, 190, 190, 190, 190,
+ 190, 190, 33, 33, 33, 33, 33, 33, 38, 38,
+ 38, 38, 38, 235, 38, 38, 151, 296, 38, 546,
+ 151, 296, 235, 109, 109, 264, 151, 109, 190, 262,
+ 38, 38, 38, 43, 109, 264, 545, 109, 151, 151,
+ 123, 123, 304, 43, 123, 123, 43, 43, 43, 43,
+ 43, 43, 43, 43, 122, 122, 122, 122, 122, 122,
+ 122, 122, 123, 132, 132, 132, 132, 132, 132, 132,
- 244, 112, 126, 270, 253, 272, 227, 43, 270, 244,
- 43, 43, 43, 43, 43, 43, 43, 43, 128, 408,
- 128, 408, 128, 361, 128, 128, 253, 310, 128, 135,
- 135, 135, 135, 135, 135, 135, 135, 310, 361, 272,
- 128, 128, 128, 204, 204, 204, 204, 204, 204, 204,
- 204, 43, 59, 191, 191, 191, 191, 191, 191, 191,
- 191, 535, 59, 531, 300, 59, 59, 59, 59, 59,
- 59, 59, 59, 78, 458, 78, 78, 78, 139, 78,
- 78, 139, 139, 78, 364, 191, 300, 311, 139, 250,
- 250, 250, 250, 250, 250, 78, 78, 78, 281, 356,
+ 132, 182, 305, 222, 295, 182, 237, 237, 258, 239,
+ 239, 182, 305, 258, 123, 265, 237, 43, 59, 239,
+ 265, 262, 304, 182, 182, 299, 295, 222, 59, 421,
+ 421, 59, 59, 59, 59, 59, 59, 59, 59, 75,
+ 359, 75, 75, 75, 222, 75, 75, 299, 541, 75,
+ 186, 186, 186, 186, 186, 186, 186, 186, 354, 532,
+ 276, 75, 75, 75, 86, 530, 86, 86, 86, 276,
+ 86, 86, 280, 359, 86, 245, 245, 245, 245, 245,
+ 245, 280, 186, 356, 281, 281, 86, 86, 86, 89,
+ 526, 89, 89, 89, 281, 89, 89, 522, 356, 89,
- 285, 139, 306, 311, 286, 286, 155, 281, 155, 285,
- 155, 306, 155, 155, 286, 356, 155, 364, 458, 78,
- 94, 94, 94, 94, 94, 94, 94, 94, 155, 155,
- 155, 527, 94, 94, 94, 94, 94, 195, 515, 195,
- 195, 195, 195, 195, 195, 199, 199, 199, 199, 199,
- 199, 199, 199, 199, 94, 94, 94, 94, 94, 94,
- 102, 102, 102, 102, 102, 102, 102, 102, 312, 287,
- 287, 195, 102, 102, 102, 102, 102, 312, 156, 287,
- 289, 289, 156, 514, 330, 376, 376, 362, 156, 500,
- 289, 304, 305, 330, 102, 102, 102, 102, 102, 102,
+ 194, 194, 194, 194, 194, 194, 194, 194, 194, 354,
+ 451, 89, 89, 89, 91, 91, 91, 91, 91, 91,
+ 91, 91, 403, 494, 403, 300, 91, 91, 91, 91,
+ 91, 199, 199, 199, 199, 199, 199, 199, 199, 201,
+ 201, 201, 201, 201, 201, 201, 201, 300, 91, 91,
+ 91, 91, 91, 91, 99, 99, 99, 99, 99, 99,
+ 99, 99, 282, 282, 451, 341, 99, 99, 99, 99,
+ 99, 204, 282, 204, 204, 204, 204, 204, 204, 204,
+ 204, 347, 494, 351, 510, 284, 284, 341, 99, 99,
+ 99, 99, 99, 99, 125, 284, 125, 125, 125, 351,
- 156, 156, 157, 362, 157, 157, 157, 157, 157, 157,
- 157, 157, 187, 304, 305, 456, 187, 407, 407, 426,
- 426, 371, 187, 206, 206, 206, 206, 206, 206, 206,
- 206, 371, 440, 440, 187, 187, 157, 158, 498, 158,
- 158, 158, 158, 158, 158, 158, 158, 209, 346, 209,
- 209, 209, 209, 209, 209, 209, 209, 235, 235, 235,
- 235, 235, 235, 235, 235, 235, 441, 441, 407, 456,
- 346, 158, 159, 497, 159, 159, 159, 159, 159, 159,
- 159, 159, 241, 241, 241, 241, 241, 241, 241, 241,
- 243, 243, 243, 243, 243, 243, 243, 243, 247, 247,
+ 125, 125, 509, 347, 125, 230, 230, 230, 230, 230,
+ 230, 230, 230, 230, 495, 301, 125, 125, 125, 150,
+ 493, 150, 150, 150, 301, 150, 150, 492, 366, 150,
+ 236, 236, 236, 236, 236, 236, 236, 236, 366, 435,
+ 435, 150, 150, 150, 152, 491, 152, 152, 152, 152,
+ 152, 152, 152, 152, 238, 238, 238, 238, 238, 238,
+ 238, 238, 242, 242, 242, 242, 242, 242, 242, 242,
+ 650, 307, 242, 436, 436, 650, 349, 490, 152, 153,
+ 307, 153, 153, 153, 153, 153, 153, 153, 153, 244,
+ 244, 244, 244, 244, 244, 244, 244, 247, 349, 247,
- 247, 247, 247, 247, 247, 247, 159, 160, 247, 160,
- 160, 160, 160, 160, 160, 160, 160, 444, 444, 457,
- 496, 160, 160, 160, 160, 160, 249, 249, 249, 249,
- 249, 249, 249, 249, 457, 271, 271, 271, 271, 271,
- 271, 271, 271, 160, 160, 160, 160, 160, 160, 163,
- 163, 163, 163, 163, 163, 163, 163, 163, 480, 480,
- 352, 163, 163, 163, 163, 163, 252, 271, 252, 252,
- 252, 252, 252, 252, 252, 252, 295, 295, 295, 295,
- 295, 295, 352, 163, 163, 163, 163, 163, 163, 165,
- 165, 165, 165, 165, 165, 165, 165, 165, 165, 331,
+ 247, 247, 247, 247, 247, 247, 247, 290, 290, 290,
+ 290, 290, 290, 153, 154, 325, 154, 154, 154, 154,
+ 154, 154, 154, 154, 325, 397, 485, 266, 266, 266,
+ 266, 266, 266, 266, 266, 270, 326, 270, 270, 270,
+ 270, 270, 270, 468, 357, 326, 452, 397, 154, 155,
+ 467, 155, 155, 155, 155, 155, 155, 155, 155, 266,
+ 357, 452, 398, 155, 155, 155, 155, 155, 277, 270,
+ 277, 277, 277, 277, 277, 277, 277, 277, 317, 317,
+ 317, 317, 317, 317, 398, 155, 155, 155, 155, 155,
+ 155, 158, 158, 158, 158, 158, 158, 158, 158, 158,
- 495, 354, 165, 165, 165, 165, 165, 275, 331, 275,
- 275, 275, 275, 275, 275, 288, 288, 288, 288, 288,
- 288, 288, 288, 354, 165, 165, 165, 165, 165, 165,
- 166, 166, 166, 166, 166, 166, 166, 166, 332, 332,
- 490, 275, 166, 166, 166, 166, 166, 282, 332, 282,
- 282, 282, 282, 282, 282, 282, 282, 322, 322, 322,
- 322, 322, 322, 473, 166, 166, 166, 166, 166, 166,
- 193, 373, 193, 193, 193, 193, 193, 193, 193, 193,
- 283, 373, 283, 283, 283, 283, 283, 283, 283, 283,
- 284, 360, 284, 284, 284, 284, 284, 284, 284, 284,
+ 355, 439, 439, 158, 158, 158, 158, 158, 278, 355,
+ 278, 278, 278, 278, 278, 278, 278, 278, 336, 336,
+ 336, 336, 336, 336, 463, 158, 158, 158, 158, 158,
+ 158, 160, 160, 160, 160, 160, 160, 160, 160, 160,
+ 160, 448, 440, 444, 160, 160, 160, 160, 160, 279,
+ 368, 279, 279, 279, 279, 279, 279, 279, 279, 446,
+ 368, 454, 402, 402, 440, 444, 160, 160, 160, 160,
+ 160, 160, 161, 161, 161, 161, 161, 161, 161, 161,
+ 443, 446, 475, 475, 161, 161, 161, 161, 161, 283,
+ 283, 283, 283, 283, 283, 283, 283, 289, 289, 289,
- 360, 402, 403, 461, 193, 194, 472, 194, 194, 194,
- 194, 194, 194, 194, 194, 292, 292, 292, 292, 292,
- 292, 292, 292, 402, 403, 292, 294, 294, 294, 294,
- 294, 294, 294, 294, 491, 491, 468, 461, 453, 194,
- 205, 205, 205, 205, 205, 205, 205, 205, 205, 205,
- 205, 385, 448, 445, 205, 205, 205, 205, 205, 297,
- 385, 297, 297, 297, 297, 297, 297, 297, 297, 341,
- 341, 341, 341, 341, 341, 445, 205, 205, 205, 205,
- 205, 205, 208, 208, 208, 208, 208, 208, 208, 208,
- 208, 208, 522, 522, 449, 208, 208, 208, 208, 208,
+ 289, 289, 289, 289, 289, 454, 161, 161, 161, 161,
+ 161, 161, 188, 402, 188, 188, 188, 188, 188, 188,
+ 188, 188, 287, 287, 287, 287, 287, 287, 287, 287,
+ 442, 292, 287, 292, 292, 292, 292, 292, 292, 292,
+ 292, 486, 486, 517, 517, 441, 188, 189, 428, 189,
+ 189, 189, 189, 189, 189, 189, 189, 314, 314, 314,
+ 314, 314, 314, 314, 314, 316, 316, 316, 316, 316,
+ 316, 316, 316, 320, 320, 320, 320, 320, 320, 320,
+ 320, 189, 200, 200, 200, 200, 200, 200, 200, 200,
+ 200, 200, 200, 380, 414, 487, 200, 200, 200, 200,
- 319, 319, 319, 319, 319, 319, 319, 319, 321, 321,
- 321, 321, 321, 321, 321, 321, 449, 208, 208, 208,
- 208, 208, 208, 230, 420, 230, 230, 230, 230, 230,
- 230, 230, 230, 324, 420, 324, 324, 324, 324, 324,
- 324, 324, 324, 325, 325, 325, 325, 325, 325, 325,
- 325, 379, 379, 379, 379, 379, 379, 230, 231, 421,
- 231, 231, 231, 231, 231, 231, 231, 231, 327, 421,
- 327, 327, 327, 327, 327, 327, 327, 327, 328, 386,
- 328, 328, 328, 328, 328, 328, 328, 328, 386, 539,
- 539, 447, 231, 232, 423, 232, 232, 232, 232, 232,
+ 200, 319, 380, 319, 319, 319, 319, 319, 319, 319,
+ 319, 374, 374, 374, 374, 374, 374, 487, 200, 200,
+ 200, 200, 200, 200, 203, 203, 203, 203, 203, 203,
+ 203, 203, 203, 203, 381, 410, 489, 203, 203, 203,
+ 203, 203, 322, 381, 322, 322, 322, 322, 322, 322,
+ 322, 322, 534, 534, 552, 552, 327, 327, 489, 203,
+ 203, 203, 203, 203, 203, 225, 327, 225, 225, 225,
+ 225, 225, 225, 225, 225, 323, 415, 323, 323, 323,
+ 323, 323, 323, 323, 323, 324, 415, 324, 324, 324,
+ 324, 324, 324, 391, 391, 391, 391, 391, 391, 225,
- 232, 232, 232, 329, 423, 329, 329, 329, 329, 329,
- 329, 333, 333, 334, 334, 334, 334, 334, 334, 334,
- 334, 333, 557, 557, 541, 459, 446, 232, 245, 245,
- 245, 245, 245, 245, 245, 245, 245, 245, 245, 248,
- 248, 248, 248, 248, 248, 248, 248, 248, 248, 248,
- 335, 335, 451, 248, 248, 248, 248, 248, 541, 433,
- 335, 338, 338, 338, 338, 338, 338, 338, 338, 459,
- 492, 338, 606, 606, 451, 248, 248, 248, 248, 248,
- 248, 251, 251, 251, 251, 251, 251, 251, 251, 251,
- 251, 419, 492, 494, 251, 251, 251, 251, 251, 340,
+ 226, 405, 226, 226, 226, 226, 226, 226, 226, 226,
+ 328, 328, 329, 329, 329, 329, 329, 329, 329, 329,
+ 328, 330, 330, 333, 333, 333, 333, 333, 333, 333,
+ 333, 330, 456, 333, 226, 227, 401, 227, 227, 227,
+ 227, 227, 227, 227, 227, 335, 335, 335, 335, 335,
+ 335, 335, 335, 338, 416, 338, 338, 338, 338, 338,
+ 338, 338, 338, 400, 416, 399, 456, 600, 600, 227,
+ 240, 240, 240, 240, 240, 240, 240, 240, 240, 240,
+ 240, 243, 243, 243, 243, 243, 243, 243, 243, 243,
+ 243, 243, 396, 395, 527, 243, 243, 243, 243, 243,
- 340, 340, 340, 340, 340, 340, 340, 370, 370, 370,
- 370, 370, 370, 370, 370, 494, 251, 251, 251, 251,
- 251, 251, 273, 474, 273, 273, 273, 273, 273, 273,
- 273, 273, 343, 474, 343, 343, 343, 343, 343, 343,
- 343, 343, 363, 363, 363, 363, 363, 363, 363, 363,
- 396, 396, 396, 396, 396, 396, 273, 274, 501, 274,
- 274, 274, 274, 274, 274, 274, 274, 429, 429, 429,
- 429, 429, 429, 415, 363, 410, 367, 367, 367, 367,
- 367, 367, 367, 372, 372, 372, 372, 372, 372, 372,
- 372, 274, 280, 280, 280, 280, 280, 280, 280, 280,
+ 536, 358, 358, 358, 358, 358, 358, 358, 358, 362,
+ 362, 362, 362, 362, 362, 362, 527, 243, 243, 243,
+ 243, 243, 243, 246, 246, 246, 246, 246, 246, 246,
+ 246, 246, 246, 358, 536, 529, 246, 246, 246, 246,
+ 246, 418, 362, 365, 365, 365, 365, 365, 365, 365,
+ 365, 418, 394, 393, 364, 382, 382, 529, 246, 246,
+ 246, 246, 246, 246, 268, 382, 268, 268, 268, 268,
+ 268, 268, 268, 268, 367, 367, 367, 367, 367, 367,
+ 367, 367, 373, 373, 373, 373, 373, 373, 373, 373,
+ 383, 383, 424, 424, 424, 424, 424, 424, 268, 269,
- 280, 406, 501, 405, 280, 280, 280, 280, 280, 367,
- 378, 378, 378, 378, 378, 378, 378, 378, 389, 389,
- 389, 389, 389, 389, 389, 389, 280, 280, 280, 280,
- 280, 280, 290, 290, 290, 290, 290, 290, 290, 290,
- 290, 290, 290, 293, 293, 293, 293, 293, 293, 293,
- 293, 293, 293, 293, 437, 454, 404, 293, 293, 293,
- 293, 293, 381, 437, 381, 381, 381, 381, 381, 381,
- 381, 381, 401, 400, 399, 454, 398, 454, 454, 293,
- 293, 293, 293, 293, 293, 296, 296, 296, 296, 296,
- 296, 296, 296, 296, 296, 438, 499, 532, 296, 296,
+ 383, 269, 269, 269, 269, 269, 269, 269, 269, 376,
+ 363, 376, 376, 376, 376, 376, 376, 376, 376, 377,
+ 432, 377, 377, 377, 377, 377, 377, 377, 377, 432,
+ 505, 505, 505, 269, 275, 275, 275, 275, 275, 275,
+ 275, 275, 275, 433, 449, 353, 275, 275, 275, 275,
+ 275, 378, 433, 378, 378, 378, 378, 378, 378, 378,
+ 378, 352, 505, 346, 449, 345, 449, 449, 275, 275,
+ 275, 275, 275, 275, 285, 285, 285, 285, 285, 285,
+ 285, 285, 285, 285, 285, 288, 288, 288, 288, 288,
+ 288, 288, 288, 288, 288, 288, 553, 555, 566, 288,
- 296, 296, 296, 382, 438, 382, 382, 382, 382, 382,
- 382, 382, 382, 483, 483, 483, 483, 483, 483, 532,
- 296, 296, 296, 296, 296, 296, 313, 313, 313, 313,
- 313, 313, 313, 313, 313, 383, 475, 383, 383, 383,
- 383, 383, 383, 383, 383, 384, 475, 384, 384, 384,
- 384, 384, 384, 384, 384, 499, 369, 368, 358, 313,
- 314, 314, 314, 314, 314, 314, 314, 314, 314, 387,
- 387, 388, 388, 390, 390, 357, 351, 575, 502, 387,
- 504, 388, 477, 390, 395, 395, 395, 395, 395, 395,
- 395, 395, 477, 314, 315, 315, 315, 315, 315, 315,
+ 288, 288, 288, 288, 379, 469, 379, 379, 379, 379,
+ 379, 379, 379, 379, 344, 469, 343, 496, 553, 555,
+ 566, 288, 288, 288, 288, 288, 288, 291, 291, 291,
+ 291, 291, 291, 291, 291, 291, 291, 340, 339, 321,
+ 291, 291, 291, 291, 291, 384, 384, 384, 384, 384,
+ 384, 384, 384, 390, 390, 390, 390, 390, 390, 390,
+ 390, 496, 291, 291, 291, 291, 291, 291, 308, 308,
+ 308, 308, 308, 308, 308, 308, 308, 385, 385, 388,
+ 388, 388, 388, 388, 388, 388, 388, 385, 392, 388,
+ 392, 392, 392, 392, 392, 392, 392, 392, 570, 313,
- 315, 315, 315, 393, 393, 393, 393, 393, 393, 393,
- 393, 575, 397, 393, 397, 397, 397, 397, 397, 397,
- 397, 397, 502, 350, 504, 349, 348, 315, 320, 345,
- 320, 320, 320, 320, 320, 320, 320, 320, 320, 489,
- 344, 534, 320, 320, 320, 320, 320, 416, 489, 416,
- 416, 416, 416, 416, 416, 416, 416, 525, 525, 525,
- 525, 525, 525, 534, 320, 320, 320, 320, 320, 320,
- 323, 323, 323, 323, 323, 323, 323, 323, 323, 326,
- 318, 558, 323, 323, 323, 323, 323, 417, 317, 417,
- 417, 417, 417, 417, 417, 417, 417, 316, 466, 308,
+ 312, 308, 309, 309, 309, 309, 309, 309, 309, 309,
+ 309, 404, 411, 311, 411, 411, 411, 411, 411, 411,
+ 411, 411, 417, 417, 417, 417, 417, 417, 417, 417,
+ 303, 404, 570, 404, 404, 309, 310, 310, 310, 310,
+ 310, 310, 310, 310, 310, 412, 302, 412, 412, 412,
+ 412, 412, 412, 412, 412, 404, 413, 470, 413, 413,
+ 413, 413, 413, 413, 413, 413, 298, 470, 297, 310,
+ 315, 472, 315, 315, 315, 315, 315, 315, 315, 315,
+ 315, 472, 294, 293, 315, 315, 315, 315, 315, 423,
+ 423, 423, 423, 423, 423, 423, 423, 427, 427, 427,
- 466, 466, 466, 558, 323, 323, 323, 323, 323, 323,
- 336, 336, 336, 336, 336, 336, 336, 336, 336, 336,
- 336, 339, 339, 339, 339, 339, 339, 339, 339, 339,
- 339, 339, 466, 560, 571, 339, 339, 339, 339, 339,
- 418, 516, 418, 418, 418, 418, 418, 418, 418, 418,
- 307, 516, 409, 303, 302, 560, 571, 339, 339, 339,
- 339, 339, 339, 342, 342, 342, 342, 342, 342, 342,
- 342, 342, 409, 299, 409, 409, 342, 342, 342, 342,
- 342, 422, 422, 422, 422, 422, 422, 422, 422, 657,
- 510, 510, 510, 298, 657, 279, 409, 278, 342, 342,
+ 427, 427, 427, 427, 427, 274, 315, 315, 315, 315,
+ 315, 315, 318, 318, 318, 318, 318, 318, 318, 318,
+ 318, 484, 273, 272, 318, 318, 318, 318, 318, 426,
+ 484, 426, 426, 426, 426, 426, 426, 426, 426, 497,
+ 461, 271, 461, 461, 461, 261, 318, 318, 318, 318,
+ 318, 318, 331, 331, 331, 331, 331, 331, 331, 331,
+ 331, 331, 331, 334, 334, 334, 334, 334, 334, 334,
+ 334, 334, 334, 334, 461, 260, 259, 334, 334, 334,
+ 334, 334, 429, 497, 429, 429, 429, 429, 429, 429,
+ 429, 429, 478, 478, 478, 478, 478, 478, 257, 334,
- 342, 342, 342, 342, 365, 365, 365, 365, 365, 365,
- 365, 365, 365, 428, 428, 428, 428, 428, 428, 428,
- 428, 431, 510, 431, 431, 431, 431, 431, 431, 431,
- 431, 582, 582, 582, 582, 582, 582, 365, 366, 366,
- 366, 366, 366, 366, 366, 366, 366, 432, 432, 432,
- 432, 432, 432, 432, 432, 434, 517, 434, 434, 434,
- 434, 434, 434, 434, 434, 277, 517, 276, 266, 265,
- 264, 366, 374, 262, 374, 374, 374, 374, 374, 374,
- 374, 374, 374, 377, 519, 377, 377, 377, 377, 377,
- 377, 377, 377, 377, 519, 261, 260, 377, 377, 377,
+ 334, 334, 334, 334, 334, 337, 337, 337, 337, 337,
+ 337, 337, 337, 337, 434, 434, 256, 255, 337, 337,
+ 337, 337, 337, 430, 434, 430, 430, 430, 430, 430,
+ 430, 430, 430, 499, 520, 520, 520, 520, 520, 520,
+ 337, 337, 337, 337, 337, 337, 360, 360, 360, 360,
+ 360, 360, 360, 360, 360, 431, 254, 431, 431, 431,
+ 431, 431, 431, 450, 450, 455, 455, 455, 455, 455,
+ 455, 455, 455, 253, 252, 251, 450, 499, 250, 360,
+ 361, 361, 361, 361, 361, 361, 361, 361, 361, 462,
+ 462, 462, 462, 462, 462, 462, 462, 455, 464, 511,
- 377, 377, 435, 259, 435, 435, 435, 435, 435, 435,
- 435, 435, 530, 530, 530, 530, 530, 530, 530, 377,
- 377, 377, 377, 377, 377, 380, 380, 380, 380, 380,
- 380, 380, 380, 380, 258, 257, 256, 380, 380, 380,
- 380, 380, 436, 255, 436, 436, 436, 436, 436, 436,
- 467, 467, 467, 467, 467, 467, 467, 467, 239, 380,
- 380, 380, 380, 380, 380, 391, 391, 391, 391, 391,
- 391, 391, 391, 391, 391, 391, 394, 394, 394, 394,
- 394, 394, 394, 394, 394, 394, 439, 439, 455, 455,
- 394, 394, 394, 394, 394, 238, 439, 237, 561, 561,
+ 464, 464, 464, 464, 464, 464, 464, 464, 234, 511,
+ 233, 232, 231, 361, 369, 229, 369, 369, 369, 369,
+ 369, 369, 369, 369, 369, 372, 512, 372, 372, 372,
+ 372, 372, 372, 372, 372, 372, 512, 228, 219, 372,
+ 372, 372, 372, 372, 465, 514, 465, 465, 465, 465,
+ 465, 465, 465, 465, 218, 514, 217, 216, 215, 213,
+ 212, 372, 372, 372, 372, 372, 372, 375, 375, 375,
+ 375, 375, 375, 375, 375, 375, 211, 210, 209, 375,
+ 375, 375, 375, 375, 466, 208, 466, 466, 466, 466,
+ 466, 466, 471, 471, 471, 471, 471, 471, 471, 471,
- 552, 455, 460, 460, 460, 460, 460, 460, 460, 460,
- 552, 561, 394, 394, 394, 394, 394, 394, 411, 236,
- 411, 411, 411, 411, 411, 411, 411, 411, 234, 233,
- 224, 223, 222, 469, 460, 469, 469, 469, 469, 469,
- 469, 469, 469, 471, 221, 471, 471, 471, 471, 471,
- 471, 220, 411, 412, 218, 412, 412, 412, 412, 412,
- 412, 412, 412, 470, 217, 470, 470, 470, 470, 470,
- 470, 470, 470, 476, 476, 476, 476, 476, 476, 476,
- 476, 216, 215, 214, 213, 210, 202, 412, 413, 201,
- 413, 413, 413, 413, 413, 413, 413, 413, 482, 482,
+ 205, 375, 375, 375, 375, 375, 375, 386, 386, 386,
+ 386, 386, 386, 386, 386, 386, 386, 386, 389, 389,
+ 389, 389, 389, 389, 389, 389, 389, 389, 197, 196,
+ 193, 192, 389, 389, 389, 389, 389, 477, 477, 477,
+ 477, 477, 477, 477, 477, 481, 481, 481, 481, 481,
+ 481, 481, 481, 481, 389, 389, 389, 389, 389, 389,
+ 406, 547, 406, 406, 406, 406, 406, 406, 406, 406,
+ 480, 547, 480, 480, 480, 480, 480, 480, 480, 480,
+ 482, 482, 482, 482, 482, 482, 482, 482, 482, 185,
+ 184, 178, 175, 174, 406, 407, 173, 407, 407, 407,
- 482, 482, 482, 482, 482, 482, 485, 198, 485, 485,
- 485, 485, 485, 485, 485, 485, 197, 190, 189, 183,
- 180, 179, 413, 414, 178, 414, 414, 414, 414, 414,
- 414, 414, 414, 486, 486, 486, 486, 486, 486, 486,
- 486, 486, 487, 487, 487, 487, 487, 487, 487, 487,
- 487, 177, 176, 174, 173, 172, 171, 414, 424, 170,
- 424, 424, 424, 424, 424, 424, 424, 424, 424, 427,
- 169, 427, 427, 427, 427, 427, 427, 427, 427, 427,
- 168, 167, 162, 427, 427, 427, 427, 427, 488, 488,
- 488, 488, 488, 488, 488, 488, 488, 509, 509, 509,
+ 407, 407, 407, 407, 407, 483, 483, 483, 483, 483,
+ 483, 483, 483, 483, 556, 556, 172, 171, 498, 169,
+ 168, 498, 498, 167, 498, 498, 166, 556, 498, 407,
+ 408, 165, 408, 408, 408, 408, 408, 408, 408, 408,
+ 498, 498, 498, 506, 164, 506, 506, 506, 506, 506,
+ 506, 506, 506, 500, 163, 162, 500, 500, 157, 500,
+ 500, 156, 149, 500, 408, 409, 148, 409, 409, 409,
+ 409, 409, 409, 409, 409, 500, 500, 500, 147, 146,
+ 504, 504, 504, 504, 504, 504, 504, 504, 507, 142,
+ 507, 507, 507, 507, 507, 507, 507, 507, 141, 409,
- 509, 509, 509, 509, 509, 427, 427, 427, 427, 427,
- 427, 430, 430, 430, 430, 430, 430, 430, 430, 430,
- 161, 154, 153, 430, 430, 430, 430, 430, 511, 509,
- 511, 511, 511, 511, 511, 511, 511, 511, 152, 150,
- 149, 145, 144, 142, 138, 430, 430, 430, 430, 430,
- 430, 442, 442, 442, 442, 442, 442, 442, 442, 442,
- 442, 462, 131, 462, 462, 462, 462, 462, 462, 462,
- 462, 512, 127, 512, 512, 512, 512, 512, 512, 512,
- 512, 124, 117, 116, 503, 115, 114, 113, 503, 108,
- 503, 503, 107, 105, 503, 462, 463, 104, 463, 463,
+ 419, 139, 419, 419, 419, 419, 419, 419, 419, 419,
+ 419, 422, 504, 422, 422, 422, 422, 422, 422, 422,
+ 422, 422, 135, 128, 124, 422, 422, 422, 422, 422,
+ 508, 121, 508, 508, 508, 508, 508, 508, 508, 508,
+ 525, 525, 525, 525, 525, 525, 525, 422, 422, 422,
+ 422, 422, 422, 425, 425, 425, 425, 425, 425, 425,
+ 425, 425, 114, 113, 112, 425, 425, 425, 425, 425,
+ 513, 513, 513, 513, 513, 513, 513, 513, 519, 519,
+ 519, 519, 519, 519, 519, 519, 111, 425, 425, 425,
+ 425, 425, 425, 437, 437, 437, 437, 437, 437, 437,
- 463, 463, 463, 463, 463, 463, 503, 503, 503, 513,
- 100, 513, 513, 513, 513, 513, 513, 513, 513, 505,
- 96, 95, 91, 505, 88, 505, 505, 86, 81, 505,
- 463, 464, 80, 464, 464, 464, 464, 464, 464, 464,
- 464, 505, 505, 505, 518, 518, 518, 518, 518, 518,
- 518, 518, 524, 524, 524, 524, 524, 524, 524, 524,
- 79, 77, 76, 74, 69, 464, 465, 62, 465, 465,
- 465, 465, 465, 465, 465, 465, 526, 55, 526, 526,
- 526, 526, 526, 526, 526, 526, 528, 528, 528, 528,
- 528, 528, 528, 528, 528, 49, 48, 47, 46, 45,
+ 437, 437, 437, 457, 110, 457, 457, 457, 457, 457,
+ 457, 457, 457, 521, 105, 521, 521, 521, 521, 521,
+ 521, 521, 521, 523, 523, 523, 523, 523, 523, 523,
+ 523, 523, 104, 102, 101, 97, 93, 457, 458, 92,
+ 458, 458, 458, 458, 458, 458, 458, 458, 524, 524,
+ 524, 524, 524, 524, 524, 524, 524, 535, 535, 535,
+ 535, 535, 535, 535, 535, 577, 577, 577, 577, 577,
+ 577, 88, 458, 459, 85, 459, 459, 459, 459, 459,
+ 459, 459, 459, 83, 78, 77, 76, 74, 539, 535,
+ 539, 539, 539, 539, 539, 539, 540, 540, 540, 540,
- 465, 478, 44, 478, 478, 478, 478, 478, 478, 478,
- 478, 478, 481, 38, 481, 481, 481, 481, 481, 481,
- 481, 481, 481, 37, 36, 35, 481, 481, 481, 481,
- 481, 529, 529, 529, 529, 529, 529, 529, 529, 529,
- 540, 540, 540, 540, 540, 540, 540, 540, 481, 481,
- 481, 481, 481, 481, 484, 484, 484, 484, 484, 484,
- 484, 484, 33, 29, 23, 17, 484, 484, 484, 484,
- 484, 544, 540, 544, 544, 544, 544, 544, 544, 545,
- 545, 545, 545, 545, 545, 545, 545, 15, 484, 484,
- 484, 484, 484, 484, 506, 14, 506, 506, 506, 506,
+ 540, 540, 540, 540, 69, 62, 55, 459, 460, 49,
+ 460, 460, 460, 460, 460, 460, 460, 460, 48, 47,
+ 46, 542, 539, 542, 542, 542, 542, 542, 542, 542,
+ 542, 543, 45, 543, 543, 543, 543, 543, 543, 543,
+ 543, 44, 460, 473, 37, 473, 473, 473, 473, 473,
+ 473, 473, 473, 473, 476, 36, 476, 476, 476, 476,
+ 476, 476, 476, 476, 476, 35, 34, 32, 476, 476,
+ 476, 476, 476, 544, 29, 544, 544, 544, 544, 544,
+ 544, 560, 560, 560, 560, 560, 560, 560, 560, 23,
+ 476, 476, 476, 476, 476, 476, 479, 479, 479, 479,
- 506, 506, 506, 506, 547, 544, 547, 547, 547, 547,
- 547, 547, 547, 547, 548, 13, 548, 548, 548, 548,
- 548, 548, 548, 548, 0, 0, 0, 0, 506, 507,
- 0, 507, 507, 507, 507, 507, 507, 507, 507, 549,
- 0, 549, 549, 549, 549, 549, 549, 555, 0, 555,
- 555, 555, 555, 555, 555, 555, 555, 0, 0, 0,
- 0, 0, 0, 507, 508, 0, 508, 508, 508, 508,
- 508, 508, 508, 508, 565, 565, 565, 565, 565, 565,
- 565, 565, 566, 566, 566, 566, 566, 566, 566, 566,
- 567, 567, 567, 567, 567, 567, 567, 567, 508, 520,
+ 479, 479, 479, 479, 17, 15, 14, 13, 479, 479,
+ 479, 479, 479, 550, 0, 550, 550, 550, 550, 550,
+ 550, 550, 550, 0, 0, 0, 0, 0, 0, 0,
+ 479, 479, 479, 479, 479, 479, 501, 0, 501, 501,
+ 501, 501, 501, 501, 501, 501, 561, 561, 561, 561,
+ 561, 561, 561, 561, 562, 562, 562, 562, 562, 562,
+ 562, 562, 569, 569, 569, 569, 569, 569, 569, 569,
+ 501, 502, 0, 502, 502, 502, 502, 502, 502, 502,
+ 502, 0, 573, 0, 573, 573, 573, 573, 573, 573,
+ 0, 0, 0, 0, 569, 575, 575, 575, 575, 575,
- 0, 520, 520, 520, 520, 520, 520, 520, 520, 520,
- 523, 0, 523, 523, 523, 523, 523, 523, 523, 523,
- 0, 0, 0, 0, 523, 523, 523, 523, 523, 0,
- 574, 574, 574, 574, 574, 574, 574, 574, 578, 0,
- 578, 578, 578, 578, 578, 578, 523, 523, 523, 523,
- 523, 523, 542, 0, 542, 542, 542, 542, 542, 542,
- 542, 542, 574, 580, 580, 580, 580, 580, 580, 580,
- 580, 0, 578, 581, 581, 581, 581, 581, 581, 581,
- 581, 0, 0, 0, 0, 0, 542, 543, 0, 543,
- 543, 543, 543, 543, 543, 543, 543, 0, 0, 0,
+ 575, 575, 575, 0, 0, 502, 503, 0, 503, 503,
+ 503, 503, 503, 503, 503, 503, 573, 576, 576, 576,
+ 576, 576, 576, 576, 576, 0, 0, 0, 0, 0,
+ 581, 581, 581, 581, 581, 581, 581, 581, 0, 0,
+ 503, 515, 0, 515, 515, 515, 515, 515, 515, 515,
+ 515, 515, 518, 0, 518, 518, 518, 518, 518, 518,
+ 518, 518, 581, 0, 0, 0, 518, 518, 518, 518,
+ 518, 0, 582, 582, 582, 582, 582, 582, 582, 582,
+ 583, 583, 583, 583, 583, 583, 583, 583, 518, 518,
+ 518, 518, 518, 518, 537, 0, 537, 537, 537, 537,
- 586, 586, 586, 586, 586, 586, 586, 586, 587, 587,
- 587, 587, 587, 587, 587, 587, 0, 0, 0, 0,
- 0, 543, 562, 0, 562, 562, 562, 562, 562, 562,
- 562, 562, 586, 0, 0, 0, 0, 0, 0, 0,
- 587, 588, 588, 588, 588, 588, 588, 588, 588, 0,
- 591, 591, 591, 591, 591, 591, 562, 563, 0, 563,
- 563, 563, 563, 563, 563, 563, 563, 0, 0, 0,
- 0, 0, 0, 588, 590, 590, 590, 590, 590, 590,
- 590, 590, 591, 0, 0, 0, 0, 0, 0, 0,
- 0, 563, 564, 0, 564, 564, 564, 564, 564, 564,
+ 537, 537, 537, 537, 582, 0, 0, 0, 0, 0,
+ 0, 0, 583, 585, 585, 585, 585, 585, 585, 585,
+ 585, 586, 586, 586, 586, 586, 586, 0, 537, 538,
+ 0, 538, 538, 538, 538, 538, 538, 538, 538, 0,
+ 0, 0, 0, 0, 0, 585, 0, 0, 0, 0,
+ 0, 0, 0, 586, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 538, 557, 0, 557, 557, 557, 557,
+ 557, 557, 557, 557, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 557, 558,
- 564, 564, 0, 0, 0, 0, 590, 0, 0, 0,
+ 0, 558, 558, 558, 558, 558, 558, 558, 558, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 564, 576, 0, 576,
- 576, 576, 576, 576, 576, 576, 576, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 558, 559, 0, 559, 559, 559, 559,
+ 559, 559, 559, 559, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 576, 577, 0, 577, 577, 577, 577, 577, 577,
- 577, 577, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 559, 571,
+ 0, 571, 571, 571, 571, 571, 571, 571, 571, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 577, 593, 593, 593,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 571, 572, 0, 572, 572, 572, 572,
+ 572, 572, 572, 572, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 572, 588,
+ 588, 588, 588, 588, 588, 588, 588, 588, 588, 588,
+ 588, 588, 588, 589, 589, 589, 589, 589, 589, 589,
+ 589, 589, 589, 589, 589, 589, 589, 590, 590, 590,
+ 590, 590, 590, 590, 590, 590, 590, 590, 590, 590,
+ 590, 591, 591, 591, 591, 591, 591, 591, 591, 591,
+ 591, 591, 591, 591, 591, 592, 0, 0, 0, 0,
+
+ 0, 592, 592, 592, 0, 0, 592, 592, 592, 593,
593, 593, 593, 593, 593, 593, 593, 593, 593, 593,
- 593, 594, 594, 594, 594, 594, 594, 594, 594, 594,
- 594, 594, 594, 594, 594, 595, 595, 595, 595, 595,
- 595, 595, 595, 595, 595, 595, 595, 595, 595, 596,
- 596, 596, 596, 596, 596, 596, 596, 596, 596, 596,
- 596, 596, 596, 597, 0, 0, 0, 597, 0, 597,
- 597, 597, 0, 0, 597, 597, 597, 598, 598, 0,
- 598, 598, 598, 598, 598, 598, 598, 598, 598, 598,
- 598, 599, 599, 599, 599, 599, 599, 599, 599, 599,
- 599, 599, 599, 599, 599, 600, 0, 0, 0, 600,
+ 593, 593, 593, 594, 0, 0, 0, 0, 0, 594,
+ 594, 594, 594, 0, 594, 594, 594, 595, 0, 0,
+ 0, 0, 0, 595, 595, 595, 0, 0, 595, 595,
+ 595, 596, 0, 0, 596, 596, 596, 596, 596, 596,
+ 0, 0, 596, 596, 596, 597, 597, 0, 0, 0,
+ 597, 598, 0, 0, 598, 598, 598, 598, 598, 598,
+ 0, 0, 598, 598, 598, 599, 0, 0, 599, 599,
+ 599, 599, 599, 599, 0, 599, 0, 599, 599, 601,
- 0, 600, 600, 600, 600, 0, 600, 600, 600, 601,
- 0, 0, 0, 601, 0, 601, 601, 601, 0, 0,
- 601, 601, 601, 602, 0, 0, 602, 602, 602, 602,
- 602, 602, 0, 0, 602, 602, 602, 603, 603, 0,
- 0, 0, 603, 604, 0, 0, 604, 604, 604, 604,
- 604, 604, 0, 0, 604, 604, 604, 605, 0, 0,
- 605, 605, 605, 605, 605, 605, 0, 605, 0, 605,
- 605, 607, 0, 0, 607, 0, 607, 607, 607, 607,
- 607, 0, 607, 607, 607, 608, 608, 608, 608, 608,
- 608, 608, 608, 608, 608, 608, 608, 608, 608, 609,
+ 0, 0, 601, 0, 601, 601, 601, 601, 601, 0,
+ 601, 601, 601, 602, 602, 602, 602, 602, 602, 602,
+ 602, 602, 602, 602, 602, 602, 602, 603, 603, 0,
+ 603, 0, 603, 603, 603, 603, 603, 603, 603, 603,
+ 603, 604, 604, 604, 604, 604, 604, 604, 604, 604,
+ 604, 604, 604, 604, 604, 605, 605, 0, 605, 605,
+ 605, 605, 605, 605, 605, 605, 605, 605, 605, 606,
+ 0, 0, 0, 0, 0, 606, 606, 606, 0, 0,
+ 606, 606, 606, 607, 0, 0, 607, 607, 607, 607,
+ 607, 607, 0, 0, 607, 607, 607, 608, 608, 0,
- 609, 0, 609, 0, 609, 609, 609, 609, 609, 609,
- 609, 609, 609, 610, 610, 0, 610, 610, 610, 610,
- 610, 610, 610, 610, 610, 610, 610, 611, 611, 611,
- 611, 611, 611, 611, 611, 611, 611, 611, 611, 611,
- 611, 612, 612, 0, 612, 612, 612, 612, 612, 612,
- 612, 612, 612, 612, 612, 613, 0, 0, 0, 613,
- 0, 613, 613, 613, 0, 0, 613, 613, 613, 614,
- 0, 0, 614, 614, 614, 614, 614, 614, 0, 0,
- 614, 614, 614, 615, 615, 0, 0, 0, 615, 616,
- 616, 616, 0, 0, 0, 616, 617, 0, 0, 617,
+ 0, 0, 608, 609, 609, 609, 0, 0, 0, 609,
+ 610, 0, 0, 610, 610, 610, 610, 610, 610, 0,
+ 0, 610, 610, 610, 611, 611, 611, 611, 611, 611,
+ 611, 611, 611, 611, 611, 611, 611, 611, 612, 612,
+ 0, 0, 0, 612, 613, 613, 613, 0, 0, 0,
+ 613, 614, 614, 0, 0, 0, 614, 615, 615, 0,
+ 0, 0, 615, 616, 616, 0, 0, 0, 616, 617,
+ 617, 617, 0, 0, 0, 617, 618, 618, 0, 0,
+ 0, 618, 619, 619, 0, 0, 0, 619, 620, 620,
+ 0, 0, 0, 620, 621, 621, 621, 0, 0, 0,
- 617, 617, 617, 617, 617, 0, 0, 617, 617, 617,
- 618, 618, 618, 618, 618, 618, 618, 618, 618, 618,
- 618, 618, 618, 618, 619, 619, 0, 0, 0, 619,
- 620, 620, 620, 0, 0, 0, 620, 621, 621, 0,
- 0, 0, 621, 622, 622, 0, 0, 0, 622, 623,
- 623, 0, 0, 0, 623, 624, 624, 624, 0, 0,
- 0, 624, 625, 625, 0, 0, 0, 625, 626, 626,
- 0, 0, 0, 626, 627, 627, 0, 0, 0, 627,
- 628, 628, 628, 0, 0, 0, 628, 629, 629, 629,
- 629, 0, 0, 0, 629, 630, 630, 0, 0, 0,
+ 621, 622, 622, 622, 622, 0, 0, 0, 622, 623,
+ 623, 0, 0, 0, 623, 624, 624, 0, 0, 0,
+ 624, 625, 625, 0, 0, 0, 625, 626, 626, 626,
+ 0, 0, 0, 626, 627, 627, 627, 627, 0, 0,
+ 0, 627, 628, 628, 0, 0, 0, 628, 629, 629,
+ 0, 0, 0, 629, 630, 630, 630, 0, 0, 0,
+ 630, 631, 631, 631, 631, 0, 0, 0, 631, 632,
+ 632, 0, 0, 0, 632, 633, 0, 633, 633, 0,
+ 0, 0, 633, 634, 634, 634, 0, 0, 0, 634,
+ 635, 635, 635, 635, 0, 0, 0, 635, 636, 636,
- 630, 631, 631, 0, 0, 0, 631, 632, 632, 0,
- 0, 0, 632, 633, 633, 633, 0, 0, 0, 633,
- 634, 634, 634, 634, 0, 0, 0, 634, 635, 635,
- 0, 0, 0, 635, 636, 636, 0, 0, 0, 636,
- 637, 637, 637, 0, 0, 0, 637, 638, 638, 638,
- 638, 0, 0, 0, 638, 639, 639, 0, 0, 0,
- 639, 640, 0, 640, 640, 0, 0, 0, 640, 641,
- 641, 641, 0, 0, 0, 641, 642, 642, 642, 642,
- 0, 0, 0, 642, 643, 643, 0, 0, 0, 643,
- 644, 0, 644, 644, 0, 0, 0, 644, 645, 645,
+ 0, 0, 0, 636, 637, 0, 637, 637, 0, 0,
+ 0, 637, 638, 638, 638, 0, 0, 0, 638, 639,
+ 639, 639, 0, 0, 0, 0, 639, 640, 0, 0,
+ 640, 0, 0, 640, 640, 640, 0, 0, 640, 640,
+ 640, 641, 0, 0, 641, 0, 0, 641, 641, 641,
+ 0, 0, 641, 641, 641, 642, 642, 0, 0, 0,
+ 642, 643, 0, 643, 643, 0, 0, 0, 643, 644,
+ 644, 0, 0, 0, 0, 644, 645, 645, 645, 645,
+ 645, 645, 645, 645, 645, 645, 645, 645, 645, 645,
+ 646, 646, 0, 0, 0, 646, 647, 0, 647, 647,
- 645, 0, 0, 0, 645, 646, 646, 646, 0, 0,
- 0, 0, 646, 647, 0, 0, 647, 647, 0, 647,
- 647, 647, 0, 0, 647, 647, 647, 648, 0, 0,
- 648, 648, 0, 648, 648, 648, 0, 0, 648, 648,
- 648, 649, 649, 0, 0, 0, 649, 650, 0, 650,
- 650, 0, 0, 0, 650, 651, 651, 0, 0, 0,
- 0, 651, 652, 652, 652, 652, 652, 652, 652, 652,
- 652, 652, 652, 652, 652, 652, 653, 653, 0, 0,
- 0, 653, 654, 0, 654, 654, 0, 0, 0, 654,
- 655, 655, 0, 0, 0, 655, 656, 0, 656, 0,
+ 0, 0, 0, 647, 648, 648, 0, 0, 0, 648,
+ 649, 0, 649, 0, 0, 0, 0, 649, 651, 651,
+ 651, 651, 651, 651, 651, 651, 651, 651, 651, 651,
+ 651, 651, 587, 587, 587, 587, 587, 587, 587, 587,
+ 587, 587, 587, 587, 587, 587, 587, 587, 587, 587,
+ 587, 587, 587, 587, 587, 587, 587, 587, 587, 587,
+ 587, 587, 587, 587, 587, 587, 587, 587, 587, 587,
+ 587, 587, 587, 587, 587, 587, 587, 587, 587, 587,
+ 587, 587, 587, 587, 587, 587, 587, 587, 587, 587,
+ 587, 587, 587, 587, 587, 587, 587, 587
- 0, 0, 0, 656, 658, 658, 658, 658, 658, 658,
- 658, 658, 658, 658, 658, 658, 658, 658, 592, 592,
- 592, 592, 592, 592, 592, 592, 592, 592, 592, 592,
- 592, 592, 592, 592, 592, 592, 592, 592, 592, 592,
- 592, 592, 592, 592, 592, 592, 592, 592, 592, 592,
- 592, 592, 592, 592, 592, 592, 592, 592, 592, 592,
- 592, 592, 592, 592, 592, 592, 592, 592, 592, 592,
- 592, 592, 592, 592, 592, 592, 592, 592, 592, 592,
- 592, 592, 592, 592
} ;
static yy_state_type yy_last_accepting_state;
@@ -1463,6 +1466,7 @@
int sudolineno = 1;
char *sudoers;
static int sawspace = 0;
+static int prev_state = INITIAL;
static int arg_len = 0;
static int arg_size = 0;
@@ -1489,6 +1493,7 @@
#else
#define LEXTRACE(msg)
#endif
+#define YY_NO_INPUT 1
#define YY_NO_UNPUT 1
#define GOTDEFS 1
@@ -1500,7 +1505,7 @@
#define INSTR 5
-#line 1504 "lex.yy.c"
+#line 1508 "lex.yy.c"
/* Macros after this point can all be overridden by user definitions in
* section 1.
@@ -1654,9 +1659,9 @@
register char *yy_cp, *yy_bp;
register int yy_act;
-#line 127 "toke.l"
+#line 129 "toke.l"
-#line 1660 "lex.yy.c"
+#line 1664 "lex.yy.c"
if ( yy_init )
{
@@ -1708,13 +1713,13 @@
while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state )
{
yy_current_state = (int) yy_def[yy_current_state];
- if ( yy_current_state >= 593 )
+ if ( yy_current_state >= 588 )
yy_c = yy_meta[(unsigned int) yy_c];
}
yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
++yy_cp;
}
- while ( yy_base[yy_current_state] != 3619 );
+ while ( yy_base[yy_current_state] != 3633 );
yy_find_action:
yy_act = yy_accept[yy_current_state];
@@ -1742,71 +1747,72 @@
case 1:
YY_RULE_SETUP
-#line 128 "toke.l"
+#line 130 "toke.l"
BEGIN STARTDEFS;
YY_BREAK
case 2:
YY_RULE_SETUP
-#line 130 "toke.l"
+#line 132 "toke.l"
{
BEGIN INDEFS;
LEXTRACE("DEFVAR ");
if (!fill(yytext, yyleng))
yyterminate();
- return(DEFVAR);
+ return DEFVAR;
}
YY_BREAK
case 3:
YY_RULE_SETUP
-#line 139 "toke.l"
+#line 141 "toke.l"
{
BEGIN STARTDEFS;
LEXTRACE(", ");
- return(',');
+ return ',';
} /* return ',' */
YY_BREAK
case 4:
YY_RULE_SETUP
-#line 145 "toke.l"
+#line 147 "toke.l"
{
LEXTRACE("= ");
- return('=');
+ return '=';
} /* return '=' */
YY_BREAK
case 5:
YY_RULE_SETUP
-#line 150 "toke.l"
+#line 152 "toke.l"
{
LEXTRACE("+= ");
- return('+');
+ return '+';
} /* return '+' */
YY_BREAK
case 6:
YY_RULE_SETUP
-#line 155 "toke.l"
+#line 157 "toke.l"
{
LEXTRACE("-= ");
- return('-');
+ return '-';
} /* return '-' */
YY_BREAK
case 7:
YY_RULE_SETUP
-#line 160 "toke.l"
+#line 162 "toke.l"
{
LEXTRACE("BEGINSTR ");
yylval.string = NULL;
+ prev_state = YY_START;
BEGIN INSTR;
}
YY_BREAK
case 8:
YY_RULE_SETUP
-#line 166 "toke.l"
+#line 169 "toke.l"
{
LEXTRACE("WORD(2) ");
if (!fill(yytext, yyleng))
yyterminate();
- return(WORD);
+ return WORD;
}
YY_BREAK
@@ -1813,7 +1819,7 @@
case 9:
YY_RULE_SETUP
-#line 175 "toke.l"
+#line 178 "toke.l"
{
/* Line continuation char followed by newline. */
++sudolineno;
@@ -1822,16 +1828,27 @@
YY_BREAK
case 10:
YY_RULE_SETUP
-#line 181 "toke.l"
+#line 184 "toke.l"
{
LEXTRACE("ENDSTR ");
- BEGIN INDEFS;
- return(WORD);
+ BEGIN prev_state;
+ if (prev_state == INITIAL) {
+ switch (yylval.string[0]) {
+ case '%':
+ LEXTRACE("USERGROUP ");
+ return USERGROUP;
+ case '+':
+ LEXTRACE("NETGROUP ");
+ return NETGROUP;
+ }
+ }
+ LEXTRACE("WORD(4) ");
+ return WORD;
}
YY_BREAK
case 11:
YY_RULE_SETUP
-#line 187 "toke.l"
+#line 201 "toke.l"
{
LEXTRACE("BACKSLASH ");
if (!append(yytext, yyleng))
@@ -1840,7 +1857,7 @@
YY_BREAK
case 12:
YY_RULE_SETUP
-#line 193 "toke.l"
+#line 207 "toke.l"
{
LEXTRACE("STRBODY ");
if (!append(yytext, yyleng))
@@ -1851,7 +1868,7 @@
case 13:
YY_RULE_SETUP
-#line 201 "toke.l"
+#line 215 "toke.l"
{
/* quoted fnmatch glob char, pass verbatim */
LEXTRACE("QUOTEDCHAR ");
@@ -1862,7 +1879,7 @@
YY_BREAK
case 14:
YY_RULE_SETUP
-#line 209 "toke.l"
+#line 223 "toke.l"
{
/* quoted sudoers special char, strip backslash */
LEXTRACE("QUOTEDCHAR ");
@@ -1873,16 +1890,16 @@
YY_BREAK
case 15:
YY_RULE_SETUP
-#line 217 "toke.l"
+#line 231 "toke.l"
{
BEGIN INITIAL;
yyless(0);
- return(COMMAND);
+ return COMMAND;
} /* end of command line args */
YY_BREAK
case 16:
YY_RULE_SETUP
-#line 223 "toke.l"
+#line 237 "toke.l"
{
LEXTRACE("ARG ");
if (!fill_args(yytext, yyleng, sawspace))
@@ -1893,7 +1910,7 @@
case 17:
YY_RULE_SETUP
-#line 231 "toke.l"
+#line 245 "toke.l"
{
char *path;
@@ -1909,7 +1926,7 @@
YY_BREAK
case 18:
YY_RULE_SETUP
-#line 244 "toke.l"
+#line 258 "toke.l"
{
char *path;
@@ -1928,7 +1945,7 @@
YY_BREAK
case 19:
YY_RULE_SETUP
-#line 260 "toke.l"
+#line 274 "toke.l"
{
int n;
for (n = 0; isblank((unsigned char)yytext[n]); n++)
@@ -1939,28 +1956,28 @@
case ':':
yyless(n);
LEXTRACE("DEFAULTS_USER ");
- return(DEFAULTS_USER);
+ return DEFAULTS_USER;
case '>':
yyless(n);
LEXTRACE("DEFAULTS_RUNAS ");
- return(DEFAULTS_RUNAS);
+ return DEFAULTS_RUNAS;
case '@':
yyless(n);
LEXTRACE("DEFAULTS_HOST ");
- return(DEFAULTS_HOST);
+ return DEFAULTS_HOST;
case '!':
yyless(n);
LEXTRACE("DEFAULTS_CMND ");
- return(DEFAULTS_CMND);
+ return DEFAULTS_CMND;
default:
LEXTRACE("DEFAULTS ");
- return(DEFAULTS);
+ return DEFAULTS;
}
}
YY_BREAK
case 20:
YY_RULE_SETUP
-#line 289 "toke.l"
+#line 303 "toke.l"
{
int n;
for (n = 0; isblank((unsigned char)yytext[n]); n++)
@@ -1968,210 +1985,210 @@
switch (yytext[n]) {
case 'H':
LEXTRACE("HOSTALIAS ");
- return(HOSTALIAS);
+ return HOSTALIAS;
case 'C':
LEXTRACE("CMNDALIAS ");
- return(CMNDALIAS);
+ return CMNDALIAS;
case 'U':
LEXTRACE("USERALIAS ");
- return(USERALIAS);
+ return USERALIAS;
case 'R':
LEXTRACE("RUNASALIAS ");
- return(RUNASALIAS);
+ return RUNASALIAS;
}
}
YY_BREAK
case 21:
YY_RULE_SETUP
-#line 309 "toke.l"
+#line 323 "toke.l"
{
/* cmnd does not require passwd for this user */
LEXTRACE("NOPASSWD ");
- return(NOPASSWD);
+ return NOPASSWD;
}
YY_BREAK
case 22:
YY_RULE_SETUP
-#line 315 "toke.l"
+#line 329 "toke.l"
{
/* cmnd requires passwd for this user */
LEXTRACE("PASSWD ");
- return(PASSWD);
+ return PASSWD;
}
YY_BREAK
case 23:
YY_RULE_SETUP
-#line 321 "toke.l"
+#line 335 "toke.l"
{
LEXTRACE("NOEXEC ");
- return(NOEXEC);
+ return NOEXEC;
}
YY_BREAK
case 24:
YY_RULE_SETUP
-#line 326 "toke.l"
+#line 340 "toke.l"
{
LEXTRACE("EXEC ");
- return(EXEC);
+ return EXEC;
}
YY_BREAK
case 25:
YY_RULE_SETUP
-#line 331 "toke.l"
+#line 345 "toke.l"
{
LEXTRACE("SETENV ");
- return(SETENV);
+ return SETENV;
}
YY_BREAK
case 26:
YY_RULE_SETUP
-#line 336 "toke.l"
+#line 350 "toke.l"
{
LEXTRACE("NOSETENV ");
- return(NOSETENV);
+ return NOSETENV;
}
YY_BREAK
case 27:
YY_RULE_SETUP
-#line 341 "toke.l"
+#line 355 "toke.l"
{
LEXTRACE("LOG_OUTPUT ");
- return(LOG_OUTPUT);
+ return LOG_OUTPUT;
}
YY_BREAK
case 28:
YY_RULE_SETUP
-#line 346 "toke.l"
+#line 360 "toke.l"
{
LEXTRACE("NOLOG_OUTPUT ");
- return(NOLOG_OUTPUT);
+ return NOLOG_OUTPUT;
}
YY_BREAK
case 29:
YY_RULE_SETUP
-#line 351 "toke.l"
+#line 365 "toke.l"
{
LEXTRACE("LOG_INPUT ");
- return(LOG_INPUT);
+ return LOG_INPUT;
}
YY_BREAK
case 30:
YY_RULE_SETUP
-#line 356 "toke.l"
+#line 370 "toke.l"
{
LEXTRACE("NOLOG_INPUT ");
- return(NOLOG_INPUT);
+ return NOLOG_INPUT;
}
YY_BREAK
case 31:
YY_RULE_SETUP
-#line 361 "toke.l"
+#line 375 "toke.l"
{
/* netgroup */
if (!fill(yytext, yyleng))
yyterminate();
LEXTRACE("NETGROUP ");
- return(NETGROUP);
+ return NETGROUP;
}
YY_BREAK
case 32:
YY_RULE_SETUP
-#line 369 "toke.l"
+#line 383 "toke.l"
{
/* UN*X group */
if (!fill(yytext, yyleng))
yyterminate();
LEXTRACE("USERGROUP ");
- return(USERGROUP);
+ return USERGROUP;
}
YY_BREAK
case 33:
YY_RULE_SETUP
-#line 377 "toke.l"
+#line 391 "toke.l"
{
if (!fill(yytext, yyleng))
yyterminate();
LEXTRACE("NTWKADDR ");
- return(NTWKADDR);
+ return NTWKADDR;
}
YY_BREAK
case 34:
YY_RULE_SETUP
-#line 384 "toke.l"
+#line 398 "toke.l"
{
if (!fill(yytext, yyleng))
yyterminate();
LEXTRACE("NTWKADDR ");
- return(NTWKADDR);
+ return NTWKADDR;
}
YY_BREAK
case 35:
YY_RULE_SETUP
-#line 391 "toke.l"
+#line 405 "toke.l"
{
if (!ipv6_valid(yytext)) {
LEXTRACE("ERROR ");
- return(ERROR);
+ return ERROR;
}
if (!fill(yytext, yyleng))
yyterminate();
LEXTRACE("NTWKADDR ");
- return(NTWKADDR);
+ return NTWKADDR;
}
YY_BREAK
case 36:
YY_RULE_SETUP
-#line 402 "toke.l"
+#line 416 "toke.l"
{
if (!ipv6_valid(yytext)) {
LEXTRACE("ERROR ");
- return(ERROR);
+ return ERROR;
}
if (!fill(yytext, yyleng))
yyterminate();
LEXTRACE("NTWKADDR ");
- return(NTWKADDR);
+ return NTWKADDR;
}
YY_BREAK
case 37:
YY_RULE_SETUP
-#line 413 "toke.l"
+#line 427 "toke.l"
{
if (strcmp(yytext, "ALL") == 0) {
LEXTRACE("ALL ");
- return(ALL);
+ return ALL;
}
#ifdef HAVE_SELINUX
/* XXX - restrict type/role to initial state */
if (strcmp(yytext, "TYPE") == 0) {
LEXTRACE("TYPE ");
- return(TYPE);
+ return TYPE;
}
if (strcmp(yytext, "ROLE") == 0) {
LEXTRACE("ROLE ");
- return(ROLE);
+ return ROLE;
}
#endif /* HAVE_SELINUX */
if (!fill(yytext, yyleng))
yyterminate();
LEXTRACE("ALIAS ");
- return(ALIAS);
+ return ALIAS;
}
YY_BREAK
case 38:
YY_RULE_SETUP
-#line 435 "toke.l"
+#line 449 "toke.l"
{
/* no command args allowed for Defaults!/path */
if (!fill_cmnd(yytext, yyleng))
yyterminate();
LEXTRACE("COMMAND ");
- return(COMMAND);
+ return COMMAND;
}
YY_BREAK
case 39:
YY_RULE_SETUP
-#line 443 "toke.l"
+#line 457 "toke.l"
{
BEGIN GOTCMND;
LEXTRACE("COMMAND ");
@@ -2181,7 +2198,7 @@
YY_BREAK
case 40:
YY_RULE_SETUP
-#line 450 "toke.l"
+#line 464 "toke.l"
{
/* directories can't have args... */
if (yytext[yyleng - 1] == '/') {
@@ -2188,7 +2205,7 @@
LEXTRACE("COMMAND ");
if (!fill_cmnd(yytext, yyleng))
yyterminate();
- return(COMMAND);
+ return COMMAND;
} else {
BEGIN GOTCMND;
LEXTRACE("COMMAND ");
@@ -2199,96 +2216,86 @@
YY_BREAK
case 41:
YY_RULE_SETUP
-#line 465 "toke.l"
+#line 479 "toke.l"
{
- /* a quoted user/group name */
- if (!fill(yytext + 1, yyleng - 2))
- yyterminate();
- switch (yytext[1]) {
- case '%':
- LEXTRACE("USERGROUP ");
- return(USERGROUP);
- case '+':
- LEXTRACE("NETGROUP ");
- return(NETGROUP);
- default:
- LEXTRACE("WORD(4) ");
- return(WORD);
- }
+ LEXTRACE("BEGINSTR ");
+ yylval.string = NULL;
+ prev_state = YY_START;
+ BEGIN INSTR;
}
YY_BREAK
case 42:
YY_RULE_SETUP
-#line 482 "toke.l"
+#line 486 "toke.l"
{
/* a word */
if (!fill(yytext, yyleng))
yyterminate();
LEXTRACE("WORD(5) ");
- return(WORD);
+ return WORD;
}
YY_BREAK
case 43:
YY_RULE_SETUP
-#line 490 "toke.l"
+#line 494 "toke.l"
{
LEXTRACE("( ");
- return ('(');
+ return '(';
}
YY_BREAK
case 44:
YY_RULE_SETUP
-#line 495 "toke.l"
+#line 499 "toke.l"
{
LEXTRACE(") ");
- return(')');
+ return ')';
}
YY_BREAK
case 45:
YY_RULE_SETUP
-#line 500 "toke.l"
+#line 504 "toke.l"
{
LEXTRACE(", ");
- return(',');
+ return ',';
} /* return ',' */
YY_BREAK
case 46:
YY_RULE_SETUP
-#line 505 "toke.l"
+#line 509 "toke.l"
{
LEXTRACE("= ");
- return('=');
+ return '=';
} /* return '=' */
YY_BREAK
case 47:
YY_RULE_SETUP
-#line 510 "toke.l"
+#line 514 "toke.l"
{
LEXTRACE(": ");
- return(':');
+ return ':';
} /* return ':' */
YY_BREAK
case 48:
YY_RULE_SETUP
-#line 515 "toke.l"
+#line 519 "toke.l"
{
if (yyleng % 2 == 1)
- return('!'); /* return '!' */
+ return '!'; /* return '!' */
}
YY_BREAK
case 49:
YY_RULE_SETUP
-#line 520 "toke.l"
+#line 524 "toke.l"
{
BEGIN INITIAL;
++sudolineno;
LEXTRACE("\n");
- return(COMMENT);
+ return COMMENT;
} /* return newline */
YY_BREAK
case 50:
YY_RULE_SETUP
-#line 527 "toke.l"
+#line 531 "toke.l"
{ /* throw away space/tabs */
sawspace = TRUE; /* but remember for fill_args */
}
@@ -2295,7 +2302,7 @@
YY_BREAK
case 51:
YY_RULE_SETUP
-#line 531 "toke.l"
+#line 535 "toke.l"
{
sawspace = TRUE; /* remember for fill_args */
++sudolineno;
@@ -2304,20 +2311,20 @@
YY_BREAK
case 52:
YY_RULE_SETUP
-#line 537 "toke.l"
+#line 541 "toke.l"
{
BEGIN INITIAL;
++sudolineno;
LEXTRACE("\n");
- return(COMMENT);
+ return COMMENT;
} /* comment, not uid/gid */
YY_BREAK
case 53:
YY_RULE_SETUP
-#line 544 "toke.l"
+#line 548 "toke.l"
{
LEXTRACE("ERROR ");
- return(ERROR);
+ return ERROR;
} /* parse error */
YY_BREAK
case YY_STATE_EOF(INITIAL):
@@ -2326,12 +2333,12 @@
case YY_STATE_EOF(STARTDEFS):
case YY_STATE_EOF(INDEFS):
case YY_STATE_EOF(INSTR):
-#line 549 "toke.l"
+#line 553 "toke.l"
{
if (YY_START != INITIAL) {
BEGIN INITIAL;
LEXTRACE("ERROR ");
- return(ERROR);
+ return ERROR;
}
if (!pop_include())
yyterminate();
@@ -2339,10 +2346,10 @@
YY_BREAK
case 54:
YY_RULE_SETUP
-#line 559 "toke.l"
+#line 563 "toke.l"
ECHO;
YY_BREAK
-#line 2346 "lex.yy.c"
+#line 2352 "lex.yy.c"
case YY_END_OF_BUFFER:
{
@@ -2633,7 +2640,7 @@
while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state )
{
yy_current_state = (int) yy_def[yy_current_state];
- if ( yy_current_state >= 593 )
+ if ( yy_current_state >= 588 )
yy_c = yy_meta[(unsigned int) yy_c];
}
yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
@@ -2668,11 +2675,11 @@
while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state )
{
yy_current_state = (int) yy_def[yy_current_state];
- if ( yy_current_state >= 593 )
+ if ( yy_current_state >= 588 )
yy_c = yy_meta[(unsigned int) yy_c];
}
yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
- yy_is_jam = (yy_current_state == 592);
+ yy_is_jam = (yy_current_state == 587);
return yy_is_jam ? 0 : yy_current_state;
}
@@ -3233,7 +3240,7 @@
return 0;
}
#endif
-#line 559 "toke.l"
+#line 563 "toke.l"
static unsigned char
hexchar(s)
@@ -3278,7 +3285,7 @@
s++;
}
}
- return((unsigned char)result);
+ return (unsigned char)result;
}
static int
@@ -3291,7 +3298,7 @@
dst = olen ? realloc(yylval.string, olen + len + 1) : malloc(len + 1);
if (dst == NULL) {
yyerror("unable to allocate memory");
- return(FALSE);
+ return FALSE;
}
yylval.string = dst;
@@ -3315,7 +3322,7 @@
}
}
*dst = '\0';
- return(TRUE);
+ return TRUE;
}
static int
@@ -3328,7 +3335,7 @@
if (yylval.string != NULL)
olen = strlen(yylval.string);
- return(_fill(src, len, olen));
+ return _fill(src, len, olen);
}
#define SPECIAL(c) \
@@ -3347,7 +3354,7 @@
dst = yylval.command.cmnd = (char *) malloc(len + 1);
if (yylval.command.cmnd == NULL) {
yyerror("unable to allocate memory");
- return(FALSE);
+ return FALSE;
}
/* Copy the string and collapse any escaped sudo-specific characters. */
@@ -3360,7 +3367,7 @@
*dst = '\0';
yylval.command.args = NULL;
- return(TRUE);
+ return TRUE;
}
static int
@@ -3389,7 +3396,7 @@
if (p == NULL) {
efree(yylval.command.args);
yyerror("unable to allocate memory");
- return(FALSE);
+ return FALSE;
} else
yylval.command.args = p;
}
@@ -3400,10 +3407,10 @@
*p++ = ' ';
if (strlcpy(p, s, arg_size - (p - yylval.command.args)) != len) {
yyerror("fill_args: buffer overflow"); /* paranoia */
- return(FALSE);
+ return FALSE;
}
arg_len = new_len;
- return(TRUE);
+ return TRUE;
}
struct path_list {
@@ -3427,7 +3434,7 @@
const struct path_list * const *p1 = v1;
const struct path_list * const *p2 = v2;
- return(strcmp((*p1)->path, (*p2)->path));
+ return strcmp((*p1)->path, (*p2)->path);
}
static char *
@@ -3445,7 +3452,7 @@
if (!(dir = opendir(dirpath))) {
yyerror(dirpath);
- return(NULL);
+ return NULL;
}
while ((dent = readdir(dir))) {
/* Ignore files that end in '~' or have a '.' in them. */
@@ -3503,7 +3510,7 @@
}
done:
efree(dirpath);
- return(path);
+ return path;
bad:
while (first != NULL) {
pl = first;
@@ -3514,7 +3521,7 @@
efree(sorted);
efree(dirpath);
efree(path);
- return(NULL);
+ return NULL;
}
#define MAX_SUDOERS_DEPTH 128
@@ -3559,7 +3566,7 @@
if (idepth >= istacksize) {
if (idepth > MAX_SUDOERS_DEPTH) {
yyerror("too many levels of includes");
- return(FALSE);
+ return FALSE;
}
istacksize += SUDOERS_STACK_INCREMENT;
istack = (struct include_stack *) realloc(istack,
@@ -3566,19 +3573,19 @@
sizeof(*istack) * istacksize);
if (istack == NULL) {
yyerror("unable to allocate memory");
- return(FALSE);
+ return FALSE;
}
}
if (isdir) {
if (!(path = switch_dir(&istack[idepth], path))) {
/* switch_dir() called yyerror() for us */
- return(FALSE);
+ return FALSE;
}
while ((fp = open_sudoers(path, FALSE, &keepopen)) == NULL) {
/* Unable to open path in includedir, go to next one, if any. */
efree(path);
if ((pl = istack[idepth].more) == NULL)
- return(FALSE);
+ return FALSE;
path = pl->path;
istack[idepth].more = pl->next;
efree(pl);
@@ -3586,7 +3593,7 @@
} else {
if ((fp = open_sudoers(path, TRUE, &keepopen)) == NULL) {
yyerror(path);
- return(FALSE);
+ return FALSE;
}
istack[idepth].more = NULL;
}
@@ -3600,7 +3607,7 @@
sudoers = path;
yy_switch_to_buffer(yy_create_buffer(fp, YY_BUF_SIZE));
- return(TRUE);
+ return TRUE;
}
static int
@@ -3610,7 +3617,7 @@
FILE *fp;
if (idepth == 0)
- return(FALSE);
+ return FALSE;
if (!keepopen)
fclose(YY_CURRENT_BUFFER->yy_input_file);
@@ -3641,7 +3648,7 @@
sudolineno = istack[idepth].lineno;
keepopen = istack[idepth].keepopen;
}
- return(TRUE);
+ return TRUE;
}
static char *
@@ -3694,7 +3701,7 @@
if (*ep != '\0')
yyless((int)(ep - base));
- return(path);
+ return path;
}
/*
@@ -3717,5 +3724,5 @@
nmatch = 0; /* reset if we hit netmask */
}
- return (nmatch <= 1);
+ return nmatch <= 1;
}
Added: trunk/contrib/sudo/toke.h
===================================================================
--- trunk/contrib/sudo/toke.h (rev 0)
+++ trunk/contrib/sudo/toke.h 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,30 @@
+/*
+ * Copyright (c) 2011 Todd C. Miller <Todd.Miller at courtesan.com>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef _SUDO_TOKE_H
+#define _SUDO_TOKE_H
+
+int append __P((char *, int));
+int fill_args __P((char *, int, int));
+int fill_cmnd __P((char *, int));
+int fill_txt __P((char *, int, int));
+int ipv6_valid __P((const char *s));
+void yyerror __P((const char *));
+
+/* realloc() to size + COMMANDARGINC to make room for command args */
+#define COMMANDARGINC 64
+
+#endif /* _SUDO_TOKE_H */
Modified: trunk/contrib/sudo/toke.l
===================================================================
--- trunk/contrib/sudo/toke.l 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/toke.l 2014-10-02 03:20:49 UTC (rev 6803)
@@ -68,6 +68,7 @@
#include <ctype.h>
#include "sudo.h"
#include "parse.h"
+#include "toke.h"
#include <gram.h>
extern YYSTYPE yylval;
@@ -75,27 +76,17 @@
int sudolineno = 1;
char *sudoers;
static int sawspace = 0;
-static int arg_len = 0;
-static int arg_size = 0;
+static int prev_state = INITIAL;
-static int append __P((char *, int));
-static int _fill __P((char *, int, int));
-static int fill_cmnd __P((char *, int));
-static int fill_args __P((char *, int, int));
static int _push_include __P((char *, int));
static int pop_include __P((void));
-static int ipv6_valid __P((const char *s));
static char *parse_include __P((char *));
-extern void yyerror __P((const char *));
-#define fill(a, b) _fill(a, b, 0)
+#define fill(a, b) fill_txt(a, b, 0)
#define push_include(_p) (_push_include((_p), FALSE))
#define push_includedir(_p) (_push_include((_p), TRUE))
-/* realloc() to size + COMMANDARGINC to make room for command args */
-#define COMMANDARGINC 64
-
#ifdef TRACELEXER
#define LEXTRACE(msg) fputs(msg, stderr)
#else
@@ -109,12 +100,13 @@
IPV6ADDR ({HEX16}?:){2,7}{HEX16}?|({HEX16}?:){2,6}:{IPV4ADDR}
HOSTNAME [[:alnum:]_-]+
-WORD ([^#>!=:,\(\) \t\n\\]|\\[^\n])+
+WORD ([^#>!=:,\(\) \t\n\\\"]|\\[^\n])+
ID #-?[0-9]+
PATH \/(\\[\,:= \t#]|[^\,:=\\ \t\n#])+
ENVAR ([^#!=, \t\n\\\"]|\\[^\n])([^#=, \t\n\\\"]|\\[^\n])*
DEFVAR [a-z_]+
+%option noinput
%option nounput
%option noyywrap
@@ -132,7 +124,7 @@
LEXTRACE("DEFVAR ");
if (!fill(yytext, yyleng))
yyterminate();
- return(DEFVAR);
+ return DEFVAR;
}
<INDEFS>{
@@ -139,27 +131,28 @@
, {
BEGIN STARTDEFS;
LEXTRACE(", ");
- return(',');
+ return ',';
} /* return ',' */
= {
LEXTRACE("= ");
- return('=');
+ return '=';
} /* return '=' */
\+= {
LEXTRACE("+= ");
- return('+');
+ return '+';
} /* return '+' */
-= {
LEXTRACE("-= ");
- return('-');
+ return '-';
} /* return '-' */
\" {
LEXTRACE("BEGINSTR ");
yylval.string = NULL;
+ prev_state = YY_START;
BEGIN INSTR;
}
@@ -167,7 +160,7 @@
LEXTRACE("WORD(2) ");
if (!fill(yytext, yyleng))
yyterminate();
- return(WORD);
+ return WORD;
}
}
@@ -180,8 +173,19 @@
\" {
LEXTRACE("ENDSTR ");
- BEGIN INDEFS;
- return(WORD);
+ BEGIN prev_state;
+ if (prev_state == INITIAL) {
+ switch (yylval.string[0]) {
+ case '%':
+ LEXTRACE("USERGROUP ");
+ return USERGROUP;
+ case '+':
+ LEXTRACE("NETGROUP ");
+ return NETGROUP;
+ }
+ }
+ LEXTRACE("WORD(4) ");
+ return WORD;
}
\\ {
@@ -217,7 +221,7 @@
[#:\,=\n] {
BEGIN INITIAL;
yyless(0);
- return(COMMAND);
+ return COMMAND;
} /* end of command line args */
[^#\\:, \t\n]+ {
@@ -267,22 +271,22 @@
case ':':
yyless(n);
LEXTRACE("DEFAULTS_USER ");
- return(DEFAULTS_USER);
+ return DEFAULTS_USER;
case '>':
yyless(n);
LEXTRACE("DEFAULTS_RUNAS ");
- return(DEFAULTS_RUNAS);
+ return DEFAULTS_RUNAS;
case '@':
yyless(n);
LEXTRACE("DEFAULTS_HOST ");
- return(DEFAULTS_HOST);
+ return DEFAULTS_HOST;
case '!':
yyless(n);
LEXTRACE("DEFAULTS_CMND ");
- return(DEFAULTS_CMND);
+ return DEFAULTS_CMND;
default:
LEXTRACE("DEFAULTS ");
- return(DEFAULTS);
+ return DEFAULTS;
}
}
@@ -293,16 +297,16 @@
switch (yytext[n]) {
case 'H':
LEXTRACE("HOSTALIAS ");
- return(HOSTALIAS);
+ return HOSTALIAS;
case 'C':
LEXTRACE("CMNDALIAS ");
- return(CMNDALIAS);
+ return CMNDALIAS;
case 'U':
LEXTRACE("USERALIAS ");
- return(USERALIAS);
+ return USERALIAS;
case 'R':
LEXTRACE("RUNASALIAS ");
- return(RUNASALIAS);
+ return RUNASALIAS;
}
}
@@ -309,53 +313,53 @@
NOPASSWD[[:blank:]]*: {
/* cmnd does not require passwd for this user */
LEXTRACE("NOPASSWD ");
- return(NOPASSWD);
+ return NOPASSWD;
}
PASSWD[[:blank:]]*: {
/* cmnd requires passwd for this user */
LEXTRACE("PASSWD ");
- return(PASSWD);
+ return PASSWD;
}
NOEXEC[[:blank:]]*: {
LEXTRACE("NOEXEC ");
- return(NOEXEC);
+ return NOEXEC;
}
EXEC[[:blank:]]*: {
LEXTRACE("EXEC ");
- return(EXEC);
+ return EXEC;
}
SETENV[[:blank:]]*: {
LEXTRACE("SETENV ");
- return(SETENV);
+ return SETENV;
}
NOSETENV[[:blank:]]*: {
LEXTRACE("NOSETENV ");
- return(NOSETENV);
+ return NOSETENV;
}
LOG_OUTPUT[[:blank:]]*: {
LEXTRACE("LOG_OUTPUT ");
- return(LOG_OUTPUT);
+ return LOG_OUTPUT;
}
NOLOG_OUTPUT[[:blank:]]*: {
LEXTRACE("NOLOG_OUTPUT ");
- return(NOLOG_OUTPUT);
+ return NOLOG_OUTPUT;
}
LOG_INPUT[[:blank:]]*: {
LEXTRACE("LOG_INPUT ");
- return(LOG_INPUT);
+ return LOG_INPUT;
}
NOLOG_INPUT[[:blank:]]*: {
LEXTRACE("NOLOG_INPUT ");
- return(NOLOG_INPUT);
+ return NOLOG_INPUT;
}
\+{WORD} {
@@ -363,7 +367,7 @@
if (!fill(yytext, yyleng))
yyterminate();
LEXTRACE("NETGROUP ");
- return(NETGROUP);
+ return NETGROUP;
}
\%:?{WORD} {
@@ -371,7 +375,7 @@
if (!fill(yytext, yyleng))
yyterminate();
LEXTRACE("USERGROUP ");
- return(USERGROUP);
+ return USERGROUP;
}
{IPV4ADDR}(\/{IPV4ADDR})? {
@@ -378,7 +382,7 @@
if (!fill(yytext, yyleng))
yyterminate();
LEXTRACE("NTWKADDR ");
- return(NTWKADDR);
+ return NTWKADDR;
}
{IPV4ADDR}\/([12][0-9]*|3[0-2]*) {
@@ -385,51 +389,51 @@
if (!fill(yytext, yyleng))
yyterminate();
LEXTRACE("NTWKADDR ");
- return(NTWKADDR);
+ return NTWKADDR;
}
{IPV6ADDR}(\/{IPV6ADDR})? {
if (!ipv6_valid(yytext)) {
LEXTRACE("ERROR ");
- return(ERROR);
+ return ERROR;
}
if (!fill(yytext, yyleng))
yyterminate();
LEXTRACE("NTWKADDR ");
- return(NTWKADDR);
+ return NTWKADDR;
}
{IPV6ADDR}\/([0-9]|[1-9][0-9]|1[01][0-9]|12[0-8]) {
if (!ipv6_valid(yytext)) {
LEXTRACE("ERROR ");
- return(ERROR);
+ return ERROR;
}
if (!fill(yytext, yyleng))
yyterminate();
LEXTRACE("NTWKADDR ");
- return(NTWKADDR);
+ return NTWKADDR;
}
[[:upper:]][[:upper:][:digit:]_]* {
if (strcmp(yytext, "ALL") == 0) {
LEXTRACE("ALL ");
- return(ALL);
+ return ALL;
}
#ifdef HAVE_SELINUX
/* XXX - restrict type/role to initial state */
if (strcmp(yytext, "TYPE") == 0) {
LEXTRACE("TYPE ");
- return(TYPE);
+ return TYPE;
}
if (strcmp(yytext, "ROLE") == 0) {
LEXTRACE("ROLE ");
- return(ROLE);
+ return ROLE;
}
#endif /* HAVE_SELINUX */
if (!fill(yytext, yyleng))
yyterminate();
LEXTRACE("ALIAS ");
- return(ALIAS);
+ return ALIAS;
}
<GOTDEFS>({PATH}|sudoedit) {
@@ -437,7 +441,7 @@
if (!fill_cmnd(yytext, yyleng))
yyterminate();
LEXTRACE("COMMAND ");
- return(COMMAND);
+ return COMMAND;
}
sudoedit {
@@ -453,7 +457,7 @@
LEXTRACE("COMMAND ");
if (!fill_cmnd(yytext, yyleng))
yyterminate();
- return(COMMAND);
+ return COMMAND;
} else {
BEGIN GOTCMND;
LEXTRACE("COMMAND ");
@@ -462,21 +466,11 @@
}
} /* a pathname */
-<INITIAL,GOTDEFS>\"[^"\n]+\" {
- /* a quoted user/group name */
- if (!fill(yytext + 1, yyleng - 2))
- yyterminate();
- switch (yytext[1]) {
- case '%':
- LEXTRACE("USERGROUP ");
- return(USERGROUP);
- case '+':
- LEXTRACE("NETGROUP ");
- return(NETGROUP);
- default:
- LEXTRACE("WORD(4) ");
- return(WORD);
- }
+<INITIAL,GOTDEFS>^\" {
+ LEXTRACE("BEGINSTR ");
+ yylval.string = NULL;
+ prev_state = YY_START;
+ BEGIN INSTR;
}
<INITIAL,GOTDEFS>({ID}|{WORD}) {
@@ -484,37 +478,37 @@
if (!fill(yytext, yyleng))
yyterminate();
LEXTRACE("WORD(5) ");
- return(WORD);
+ return WORD;
}
\( {
LEXTRACE("( ");
- return ('(');
+ return '(';
}
\) {
LEXTRACE(") ");
- return(')');
+ return ')';
}
, {
LEXTRACE(", ");
- return(',');
+ return ',';
} /* return ',' */
= {
LEXTRACE("= ");
- return('=');
+ return '=';
} /* return '=' */
: {
LEXTRACE(": ");
- return(':');
+ return ':';
} /* return ':' */
<*>!+ {
if (yyleng % 2 == 1)
- return('!'); /* return '!' */
+ return '!'; /* return '!' */
}
<*>\n {
@@ -521,7 +515,7 @@
BEGIN INITIAL;
++sudolineno;
LEXTRACE("\n");
- return(COMMENT);
+ return COMMENT;
} /* return newline */
<*>[[:blank:]]+ { /* throw away space/tabs */
@@ -538,12 +532,12 @@
BEGIN INITIAL;
++sudolineno;
LEXTRACE("\n");
- return(COMMENT);
+ return COMMENT;
} /* comment, not uid/gid */
<*>. {
LEXTRACE("ERROR ");
- return(ERROR);
+ return ERROR;
} /* parse error */
<*><<EOF>> {
@@ -550,7 +544,7 @@
if (YY_START != INITIAL) {
BEGIN INITIAL;
LEXTRACE("ERROR ");
- return(ERROR);
+ return ERROR;
}
if (!pop_include())
yyterminate();
@@ -557,177 +551,6 @@
}
%%
-static unsigned char
-hexchar(s)
- const char *s;
-{
- int i;
- int result = 0;
-
- s += 2; /* skip \\x */
- for (i = 0; i < 2; i++) {
- switch (*s) {
- case 'A':
- case 'a':
- result += 10;
- break;
- case 'B':
- case 'b':
- result += 11;
- break;
- case 'C':
- case 'c':
- result += 12;
- break;
- case 'D':
- case 'd':
- result += 13;
- break;
- case 'E':
- case 'e':
- result += 14;
- break;
- case 'F':
- case 'f':
- result += 15;
- break;
- default:
- result += *s - '0';
- break;
- }
- if (i == 0) {
- result *= 16;
- s++;
- }
- }
- return((unsigned char)result);
-}
-
-static int
-_fill(src, len, olen)
- char *src;
- int len, olen;
-{
- char *dst;
-
- dst = olen ? realloc(yylval.string, olen + len + 1) : malloc(len + 1);
- if (dst == NULL) {
- yyerror("unable to allocate memory");
- return(FALSE);
- }
- yylval.string = dst;
-
- /* Copy the string and collapse any escaped characters. */
- dst += olen;
- while (len--) {
- if (*src == '\\' && len) {
- if (src[1] == 'x' && len >= 3 &&
- isxdigit((unsigned char) src[2]) &&
- isxdigit((unsigned char) src[3])) {
- *dst++ = hexchar(src);
- src += 4;
- len -= 3;
- } else {
- src++;
- len--;
- *dst++ = *src++;
- }
- } else {
- *dst++ = *src++;
- }
- }
- *dst = '\0';
- return(TRUE);
-}
-
-static int
-append(src, len)
- char *src;
- int len;
-{
- int olen = 0;
-
- if (yylval.string != NULL)
- olen = strlen(yylval.string);
-
- return(_fill(src, len, olen));
-}
-
-#define SPECIAL(c) \
- ((c) == ',' || (c) == ':' || (c) == '=' || (c) == ' ' || (c) == '\t' || (c) == '#')
-
-static int
-fill_cmnd(src, len)
- char *src;
- int len;
-{
- char *dst;
- int i;
-
- arg_len = arg_size = 0;
-
- dst = yylval.command.cmnd = (char *) malloc(len + 1);
- if (yylval.command.cmnd == NULL) {
- yyerror("unable to allocate memory");
- return(FALSE);
- }
-
- /* Copy the string and collapse any escaped sudo-specific characters. */
- for (i = 0; i < len; i++) {
- if (src[i] == '\\' && i != len - 1 && SPECIAL(src[i + 1]))
- *dst++ = src[++i];
- else
- *dst++ = src[i];
- }
- *dst = '\0';
-
- yylval.command.args = NULL;
- return(TRUE);
-}
-
-static int
-fill_args(s, len, addspace)
- char *s;
- int len;
- int addspace;
-{
- int new_len;
- char *p;
-
- if (yylval.command.args == NULL) {
- addspace = 0;
- new_len = len;
- } else
- new_len = arg_len + len + addspace;
-
- if (new_len >= arg_size) {
- /* Allocate more space than we need for subsequent args */
- while (new_len >= (arg_size += COMMANDARGINC))
- ;
-
- p = yylval.command.args ?
- (char *) realloc(yylval.command.args, arg_size) :
- (char *) malloc(arg_size);
- if (p == NULL) {
- efree(yylval.command.args);
- yyerror("unable to allocate memory");
- return(FALSE);
- } else
- yylval.command.args = p;
- }
-
- /* Efficiently append the arg (with a leading space if needed). */
- p = yylval.command.args + arg_len;
- if (addspace)
- *p++ = ' ';
- if (strlcpy(p, s, arg_size - (p - yylval.command.args)) != len) {
- yyerror("fill_args: buffer overflow"); /* paranoia */
- return(FALSE);
- }
- arg_len = new_len;
- return(TRUE);
-}
-
struct path_list {
char *path;
struct path_list *next;
@@ -749,7 +572,7 @@
const struct path_list * const *p1 = v1;
const struct path_list * const *p2 = v2;
- return(strcmp((*p1)->path, (*p2)->path));
+ return strcmp((*p1)->path, (*p2)->path);
}
static char *
@@ -767,7 +590,7 @@
if (!(dir = opendir(dirpath))) {
yyerror(dirpath);
- return(NULL);
+ return NULL;
}
while ((dent = readdir(dir))) {
/* Ignore files that end in '~' or have a '.' in them. */
@@ -825,7 +648,7 @@
}
done:
efree(dirpath);
- return(path);
+ return path;
bad:
while (first != NULL) {
pl = first;
@@ -836,7 +659,7 @@
efree(sorted);
efree(dirpath);
efree(path);
- return(NULL);
+ return NULL;
}
#define MAX_SUDOERS_DEPTH 128
@@ -881,7 +704,7 @@
if (idepth >= istacksize) {
if (idepth > MAX_SUDOERS_DEPTH) {
yyerror("too many levels of includes");
- return(FALSE);
+ return FALSE;
}
istacksize += SUDOERS_STACK_INCREMENT;
istack = (struct include_stack *) realloc(istack,
@@ -888,19 +711,19 @@
sizeof(*istack) * istacksize);
if (istack == NULL) {
yyerror("unable to allocate memory");
- return(FALSE);
+ return FALSE;
}
}
if (isdir) {
if (!(path = switch_dir(&istack[idepth], path))) {
/* switch_dir() called yyerror() for us */
- return(FALSE);
+ return FALSE;
}
while ((fp = open_sudoers(path, FALSE, &keepopen)) == NULL) {
/* Unable to open path in includedir, go to next one, if any. */
efree(path);
if ((pl = istack[idepth].more) == NULL)
- return(FALSE);
+ return FALSE;
path = pl->path;
istack[idepth].more = pl->next;
efree(pl);
@@ -908,7 +731,7 @@
} else {
if ((fp = open_sudoers(path, TRUE, &keepopen)) == NULL) {
yyerror(path);
- return(FALSE);
+ return FALSE;
}
istack[idepth].more = NULL;
}
@@ -922,7 +745,7 @@
sudoers = path;
yy_switch_to_buffer(yy_create_buffer(fp, YY_BUF_SIZE));
- return(TRUE);
+ return TRUE;
}
static int
@@ -932,7 +755,7 @@
FILE *fp;
if (idepth == 0)
- return(FALSE);
+ return FALSE;
if (!keepopen)
fclose(YY_CURRENT_BUFFER->yy_input_file);
@@ -963,7 +786,7 @@
sudolineno = istack[idepth].lineno;
keepopen = istack[idepth].keepopen;
}
- return(TRUE);
+ return TRUE;
}
static char *
@@ -1016,28 +839,5 @@
if (*ep != '\0')
yyless((int)(ep - base));
- return(path);
+ return path;
}
-
-/*
- * Check to make sure an IPv6 address does not contain multiple instances
- * of the string "::". Assumes strlen(s) >= 1.
- * Returns TRUE if address is valid else FALSE.
- */
-static int
-ipv6_valid(s)
- const char *s;
-{
- int nmatch = 0;
-
- for (; *s != '\0'; s++) {
- if (s[0] == ':' && s[1] == ':') {
- if (++nmatch > 1)
- break;
- }
- if (s[0] == '/')
- nmatch = 0; /* reset if we hit netmask */
- }
-
- return (nmatch <= 1);
-}
Added: trunk/contrib/sudo/toke_util.c
===================================================================
--- trunk/contrib/sudo/toke_util.c (rev 0)
+++ trunk/contrib/sudo/toke_util.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,251 @@
+/*
+ * Copyright (c) 1996, 1998-2005, 2007-2011
+ * Todd C. Miller <Todd.Miller at courtesan.com>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/param.h>
+#include <stdio.h>
+#ifdef STDC_HEADERS
+# include <stdlib.h>
+# include <stddef.h>
+#else
+# ifdef HAVE_STDLIB_H
+# include <stdlib.h>
+# endif
+#endif /* STDC_HEADERS */
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#ifdef HAVE_UNISTD_H
+# include <unistd.h>
+#endif /* HAVE_UNISTD_H */
+#if defined(HAVE_MALLOC_H) && !defined(STDC_HEADERS)
+# include <malloc.h>
+#endif /* HAVE_MALLOC_H && !STDC_HEADERS */
+#include <ctype.h>
+#include "sudo.h"
+#include "parse.h"
+#include "toke.h"
+#include <gram.h>
+
+static int arg_len = 0;
+static int arg_size = 0;
+
+static unsigned char
+hexchar(s)
+ const char *s;
+{
+ int i;
+ int result = 0;
+
+ s += 2; /* skip \\x */
+ for (i = 0; i < 2; i++) {
+ switch (*s) {
+ case 'A':
+ case 'a':
+ result += 10;
+ break;
+ case 'B':
+ case 'b':
+ result += 11;
+ break;
+ case 'C':
+ case 'c':
+ result += 12;
+ break;
+ case 'D':
+ case 'd':
+ result += 13;
+ break;
+ case 'E':
+ case 'e':
+ result += 14;
+ break;
+ case 'F':
+ case 'f':
+ result += 15;
+ break;
+ default:
+ result += *s - '0';
+ break;
+ }
+ if (i == 0) {
+ result *= 16;
+ s++;
+ }
+ }
+ return (unsigned char)result;
+}
+
+int
+fill_txt(src, len, olen)
+ char *src;
+ int len, olen;
+{
+ char *dst;
+
+ dst = olen ? realloc(yylval.string, olen + len + 1) : malloc(len + 1);
+ if (dst == NULL) {
+ yyerror("unable to allocate memory");
+ return FALSE;
+ }
+ yylval.string = dst;
+
+ /* Copy the string and collapse any escaped characters. */
+ dst += olen;
+ while (len--) {
+ if (*src == '\\' && len) {
+ if (src[1] == 'x' && len >= 3 &&
+ isxdigit((unsigned char) src[2]) &&
+ isxdigit((unsigned char) src[3])) {
+ *dst++ = hexchar(src);
+ src += 4;
+ len -= 3;
+ } else {
+ src++;
+ len--;
+ *dst++ = *src++;
+ }
+ } else {
+ *dst++ = *src++;
+ }
+ }
+ *dst = '\0';
+ return TRUE;
+}
+
+int
+append(src, len)
+ char *src;
+ int len;
+{
+ int olen = 0;
+
+ if (yylval.string != NULL)
+ olen = strlen(yylval.string);
+
+ return fill_txt(src, len, olen);
+}
+
+#define SPECIAL(c) \
+ ((c) == ',' || (c) == ':' || (c) == '=' || (c) == ' ' || (c) == '\t' || (c) == '#')
+
+int
+fill_cmnd(src, len)
+ char *src;
+ int len;
+{
+ char *dst;
+ int i;
+
+ arg_len = arg_size = 0;
+
+ dst = yylval.command.cmnd = (char *) malloc(len + 1);
+ if (yylval.command.cmnd == NULL) {
+ yyerror("unable to allocate memory");
+ return FALSE;
+ }
+
+ /* Copy the string and collapse any escaped sudo-specific characters. */
+ for (i = 0; i < len; i++) {
+ if (src[i] == '\\' && i != len - 1 && SPECIAL(src[i + 1]))
+ *dst++ = src[++i];
+ else
+ *dst++ = src[i];
+ }
+ *dst = '\0';
+
+ yylval.command.args = NULL;
+ return TRUE;
+}
+
+int
+fill_args(s, len, addspace)
+ char *s;
+ int len;
+ int addspace;
+{
+ int new_len;
+ char *p;
+
+ if (yylval.command.args == NULL) {
+ addspace = 0;
+ new_len = len;
+ } else
+ new_len = arg_len + len + addspace;
+
+ if (new_len >= arg_size) {
+ /* Allocate more space than we need for subsequent args */
+ while (new_len >= (arg_size += COMMANDARGINC))
+ ;
+
+ p = yylval.command.args ?
+ (char *) realloc(yylval.command.args, arg_size) :
+ (char *) malloc(arg_size);
+ if (p == NULL) {
+ efree(yylval.command.args);
+ yyerror("unable to allocate memory");
+ return FALSE;
+ } else
+ yylval.command.args = p;
+ }
+
+ /* Efficiently append the arg (with a leading space if needed). */
+ p = yylval.command.args + arg_len;
+ if (addspace)
+ *p++ = ' ';
+ if (strlcpy(p, s, arg_size - (p - yylval.command.args)) != len) {
+ yyerror("fill_args: buffer overflow"); /* paranoia */
+ return FALSE;
+ }
+ arg_len = new_len;
+ return TRUE;
+}
+
+/*
+ * Check to make sure an IPv6 address does not contain multiple instances
+ * of the string "::". Assumes strlen(s) >= 1.
+ * Returns TRUE if address is valid else FALSE.
+ */
+int
+ipv6_valid(s)
+ const char *s;
+{
+ int nmatch = 0;
+
+ for (; *s != '\0'; s++) {
+ if (s[0] == ':' && s[1] == ':') {
+ if (++nmatch > 1)
+ break;
+ }
+ if (s[0] == '/')
+ nmatch = 0; /* reset if we hit netmask */
+ }
+
+ return nmatch <= 1;
+}
Modified: trunk/contrib/sudo/tsgetgrpw.c
===================================================================
--- trunk/contrib/sudo/tsgetgrpw.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/tsgetgrpw.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -44,9 +44,8 @@
#endif /* HAVE_STRINGS_H */
#include <fcntl.h>
#include <limits.h>
-#include <pwd.h>
-#include <grp.h>
+#include "tsgetgrpw.h"
#include "sudo.h"
#ifndef LINE_MAX
@@ -64,20 +63,6 @@
static const char *grfile = "/etc/group";
static int gr_stayopen;
-void setgrfile __P((const char *));
-void setgrent __P((void));
-void endgrent __P((void));
-struct group *getgrent __P((void));
-struct group *getgrnam __P((const char *));
-struct group *getgrgid __P((gid_t));
-
-void setpwfile __P((const char *));
-void setpwent __P((void));
-void endpwent __P((void));
-struct passwd *getpwent __P((void));
-struct passwd *getpwnam __P((const char *));
-struct passwd *getpwuid __P((uid_t));
-
void
setpwfile(file)
const char *file;
@@ -119,31 +104,31 @@
char *cp, *colon;
if ((colon = fgets(pwbuf, sizeof(pwbuf), pwf)) == NULL)
- return(NULL);
+ return NULL;
zero_bytes(&pw, sizeof(pw));
if ((colon = strchr(cp = colon, ':')) == NULL)
- return(NULL);
+ return NULL;
*colon++ = '\0';
pw.pw_name = cp;
if ((colon = strchr(cp = colon, ':')) == NULL)
- return(NULL);
+ return NULL;
*colon++ = '\0';
pw.pw_passwd = cp;
if ((colon = strchr(cp = colon, ':')) == NULL)
- return(NULL);
+ return NULL;
*colon++ = '\0';
pw.pw_uid = atoi(cp);
if ((colon = strchr(cp = colon, ':')) == NULL)
- return(NULL);
+ return NULL;
*colon++ = '\0';
pw.pw_gid = atoi(cp);
if ((colon = strchr(cp = colon, ':')) == NULL)
- return(NULL);
+ return NULL;
*colon++ = '\0';
pw.pw_gecos = cp;
if ((colon = strchr(cp = colon, ':')) == NULL)
- return(NULL);
+ return NULL;
*colon++ = '\0';
pw.pw_dir = cp;
pw.pw_shell = colon;
@@ -150,7 +135,7 @@
len = strlen(colon);
if (len > 0 && colon[len - 1] == '\n')
colon[len - 1] = '\0';
- return(&pw);
+ return &pw;
}
struct passwd *
@@ -161,7 +146,7 @@
if (pwf == NULL) {
if ((pwf = fopen(pwfile, "r")) == NULL)
- return(NULL);
+ return NULL;
fcntl(fileno(pwf), F_SETFD, FD_CLOEXEC);
} else {
rewind(pwf);
@@ -174,7 +159,7 @@
fclose(pwf);
pwf = NULL;
}
- return(pw);
+ return pw;
}
struct passwd *
@@ -185,7 +170,7 @@
if (pwf == NULL) {
if ((pwf = fopen(pwfile, "r")) == NULL)
- return(NULL);
+ return NULL;
fcntl(fileno(pwf), F_SETFD, FD_CLOEXEC);
} else {
rewind(pwf);
@@ -198,7 +183,7 @@
fclose(pwf);
pwf = NULL;
}
- return(pw);
+ return pw;
}
void
@@ -243,19 +228,19 @@
int n;
if ((colon = fgets(grbuf, sizeof(grbuf), grf)) == NULL)
- return(NULL);
+ return NULL;
zero_bytes(&gr, sizeof(gr));
if ((colon = strchr(cp = colon, ':')) == NULL)
- return(NULL);
+ return NULL;
*colon++ = '\0';
gr.gr_name = cp;
if ((colon = strchr(cp = colon, ':')) == NULL)
- return(NULL);
+ return NULL;
*colon++ = '\0';
gr.gr_passwd = cp;
if ((colon = strchr(cp = colon, ':')) == NULL)
- return(NULL);
+ return NULL;
*colon++ = '\0';
gr.gr_gid = atoi(cp);
len = strlen(colon);
@@ -271,7 +256,7 @@
gr.gr_mem[n++] = NULL;
} else
gr.gr_mem = NULL;
- return(&gr);
+ return &gr;
}
struct group *
@@ -282,7 +267,7 @@
if (grf == NULL) {
if ((grf = fopen(grfile, "r")) == NULL)
- return(NULL);
+ return NULL;
fcntl(fileno(grf), F_SETFD, FD_CLOEXEC);
} else {
rewind(grf);
@@ -295,7 +280,7 @@
fclose(grf);
grf = NULL;
}
- return(gr);
+ return gr;
}
struct group *
@@ -306,7 +291,7 @@
if (grf == NULL) {
if ((grf = fopen(grfile, "r")) == NULL)
- return(NULL);
+ return NULL;
fcntl(fileno(grf), F_SETFD, FD_CLOEXEC);
} else {
rewind(grf);
@@ -319,5 +304,5 @@
fclose(grf);
grf = NULL;
}
- return(gr);
+ return gr;
}
Modified: trunk/contrib/sudo/utimes.c
===================================================================
--- trunk/contrib/sudo/utimes.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/utimes.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -26,10 +26,10 @@
#ifdef HAVE_UTIME_H
# include <utime.h>
#else
-# include <emul/utime.h>
+# include "emul/utime.h"
#endif
-#include <compat.h>
+#include "missing.h"
#ifndef HAVE_UTIMES
/*
@@ -45,9 +45,9 @@
utb.actime = (time_t)(times[0].tv_sec + times[0].tv_usec / 1000000);
utb.modtime = (time_t)(times[1].tv_sec + times[1].tv_usec / 1000000);
- return(utime(file, &utb));
+ return utime(file, &utb);
} else
- return(utime(file, NULL));
+ return utime(file, NULL);
}
#endif /* !HAVE_UTIMES */
@@ -65,8 +65,8 @@
utb.actime = (time_t)(times[0].tv_sec + times[0].tv_usec / 1000000);
utb.modtime = (time_t)(times[1].tv_sec + times[1].tv_usec / 1000000);
- return(futime(fd, &utb));
+ return futime(fd, &utb);
} else
- return(futime(fd, NULL));
+ return futime(fd, NULL);
}
#endif /* HAVE_FUTIME */
Deleted: trunk/contrib/sudo/varsub
===================================================================
--- trunk/contrib/sudo/varsub 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/varsub 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,32 +0,0 @@
-/^=head1 OPTIONS$/d
-s/^.*accepts the following command line options:.*$/The options are as follows:/
-s/@passprompt@/Password:/g
-s:@badpass_message@:Sorry, try again.:g
-s:@badpri@:alert:g
-s:@env_editor@:on:g
-s:@fqdn@:off:g
-s:@goodpri@:notice:g
-s:@ignore_dot@:off:g
-s:@insults@:on:g
-s:@lecture@:on:g
-s:@logfac@:authpriv:g
-s:@loglen@:80:g
-s:@long_otp_prompt@:off:g
-s:@mail_no_host@:off:g
-s:@mail_no_perms@:off:g
-s:@mail_no_user@:on:g
-s:@mailsub@:*** SECURITY information for %h ***:g
-s:@mailto@:root:g
-s:@mansectform@:5:g
-s:@mansectsu@:8:g
-s:@noexec_file@:/usr/libexec/sudo_noexec.so.:g
-s:@passwd_tries@:3:g
-s:@password_timeout@:5:g
-s:@root_sudo@:on:g
-s:@runas_default@:root:g
-s:@sudo_umask@:022:g
-s:@sysconfdir@:/etc:g
-s:@timedir@:/var/run/sudo:g
-s:@timeout@:5:g
-s:@tty_tickets@:off:g
-s:@path_info@:off:g
Modified: trunk/contrib/sudo/vasgroups.c
===================================================================
--- trunk/contrib/sudo/vasgroups.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/vasgroups.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -28,7 +28,7 @@
* POSSIBILITY OF SUCH DAMAGE.
*/
-#include "config.h"
+#include <config.h>
#include <stdlib.h>
#include <sys/types.h>
@@ -40,7 +40,7 @@
#include <vas.h>
-#include "compat.h"
+#include "missing.h"
#include "logging.h"
#include "nonunix.h"
#include "sudo.h"
@@ -165,7 +165,7 @@
if( vas_group ) v_group_free( sudo_vas_ctx, vas_group );
if( vas_user ) v_user_free( sudo_vas_ctx, vas_user );
- return(rval);
+ return rval;
}
Deleted: trunk/contrib/sudo/version.h
===================================================================
--- trunk/contrib/sudo/version.h 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/version.h 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,28 +0,0 @@
-/*
- * Copyright (c) 1996, 1998-2005 Todd C. Miller <Todd.Miller at courtesan.com>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- *
- * Sponsored in part by the Defense Advanced Research Projects
- * Agency (DARPA) and Air Force Research Laboratory, Air Force
- * Materiel Command, USAF, under agreement number F39502-99-1-0512.
- *
- * $Sudo: version.h,v 1.66.2.23 2009/01/28 16:16:50 millert Exp $
- */
-
-#ifndef _SUDO_VERSION_H
-#define _SUDO_VERSION_H
-
-static const char version[] = "1.6.9p20";
-
-#endif /* _SUDO_VERSION_H */
Deleted: trunk/contrib/sudo/visudo.8
===================================================================
--- trunk/contrib/sudo/visudo.8 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/visudo.8 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,305 +0,0 @@
-.\" Copyright (c) 1996,1998-2003 Todd C. Miller <Todd.Miller at courtesan.com>
-.\"
-.\" Permission to use, copy, modify, and distribute this software for any
-.\" purpose with or without fee is hereby granted, provided that the above
-.\" copyright notice and this permission notice appear in all copies.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-.\"
-.\" Sponsored in part by the Defense Advanced Research Projects
-.\" Agency (DARPA) and Air Force Research Laboratory, Air Force
-.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
-.\"
-.\" $Sudo: visudo.pod,v 1.39 2004/09/06 20:45:27 millert Exp $
-.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.14
-.\"
-.\" Standard preamble:
-.\" ========================================================================
-.de Sh \" Subsection heading
-.br
-.if t .Sp
-.ne 5
-.PP
-\fB\\$1\fR
-.PP
-..
-.de Sp \" Vertical space (when we can't use .PP)
-.if t .sp .5v
-.if n .sp
-..
-.de Vb \" Begin verbatim text
-.ft CW
-.nf
-.ne \\$1
-..
-.de Ve \" End verbatim text
-.ft R
-.fi
-..
-.\" Set up some character translations and predefined strings. \*(-- will
-.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
-.\" double quote, and \*(R" will give a right double quote. | will give a
-.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used to
-.\" do unbreakable dashes and therefore won't be available. \*(C` and \*(C'
-.\" expand to `' in nroff, nothing in troff, for use with C<>.
-.tr \(*W-|\(bv\*(Tr
-.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
-.ie n \{\
-. ds -- \(*W-
-. ds PI pi
-. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
-. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
-. ds L" ""
-. ds R" ""
-. ds C`
-. ds C'
-'br\}
-.el\{\
-. ds -- \|\(em\|
-. ds PI \(*p
-. ds L" ``
-. ds R" ''
-'br\}
-.\"
-.\" If the F register is turned on, we'll generate index entries on stderr for
-.\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index
-.\" entries marked with X<> in POD. Of course, you'll have to process the
-.\" output yourself in some meaningful fashion.
-.if \nF \{\
-. de IX
-. tm Index:\\$1\t\\n%\t"\\$2"
-..
-. nr % 0
-. rr F
-.\}
-.\"
-.\" For nroff, turn off justification. Always turn off hyphenation; it makes
-.\" way too many mistakes in technical documents.
-.hy 0
-.if n .na
-.\"
-.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
-.\" Fear. Run. Save yourself. No user-serviceable parts.
-. \" fudge factors for nroff and troff
-.if n \{\
-. ds #H 0
-. ds #V .8m
-. ds #F .3m
-. ds #[ \f1
-. ds #] \fP
-.\}
-.if t \{\
-. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
-. ds #V .6m
-. ds #F 0
-. ds #[ \&
-. ds #] \&
-.\}
-. \" simple accents for nroff and troff
-.if n \{\
-. ds ' \&
-. ds ` \&
-. ds ^ \&
-. ds , \&
-. ds ~ ~
-. ds /
-.\}
-.if t \{\
-. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
-. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
-. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
-. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
-. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
-. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
-.\}
-. \" troff and (daisy-wheel) nroff accents
-.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
-.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
-.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
-.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
-.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
-.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
-.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
-.ds ae a\h'-(\w'a'u*4/10)'e
-.ds Ae A\h'-(\w'A'u*4/10)'E
-. \" corrections for vroff
-.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
-.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
-. \" for low resolution devices (crt and lpr)
-.if \n(.H>23 .if \n(.V>19 \
-\{\
-. ds : e
-. ds 8 ss
-. ds o a
-. ds d- d\h'-1'\(ga
-. ds D- D\h'-1'\(hy
-. ds th \o'bp'
-. ds Th \o'LP'
-. ds ae ae
-. ds Ae AE
-.\}
-.rm #[ #] #H #V #F C
-.\" ========================================================================
-.\"
-.IX Title "VISUDO 8"
-.TH VISUDO 8 "June 20, 2005" "1.6.8p12" "MAINTENANCE COMMANDS"
-.SH "NAME"
-visudo \- edit the sudoers file
-.SH "SYNOPSIS"
-.IX Header "SYNOPSIS"
-\&\fBvisudo\fR [ \fB\-c\fR ] [ \fB\-f\fR \fIsudoers\fR ] [ \fB\-q\fR ] [ \fB\-s\fR ] [ \fB\-V\fR ]
-.SH "DESCRIPTION"
-.IX Header "DESCRIPTION"
-\&\fBvisudo\fR edits the \fIsudoers\fR file in a safe fashion, analogous to
-vipw(8). \fBvisudo\fR locks the \fIsudoers\fR file against multiple
-simultaneous edits, provides basic sanity checks, and checks
-for parse errors. If the \fIsudoers\fR file is currently being
-edited you will receive a message to try again later.
-.PP
-There is a hard-coded list of editors that \fBvisudo\fR will use set
-at compile-time that may be overridden via the \fIeditor\fR \fIsudoers\fR
-\&\f(CW\*(C`Default\*(C'\fR variable. This list defaults to the path to \fIvi\fR\|(1) on
-your system, as determined by the \fIconfigure\fR script. Normally,
-\&\fBvisudo\fR does not honor the \f(CW\*(C`VISUAL\*(C'\fR or \f(CW\*(C`EDITOR\*(C'\fR environment
-variables unless they contain an editor in the aforementioned editors
-list. However, if \fBvisudo\fR is configured with the \fI\-\-with\-enveditor\fR
-flag or the \fIenveditor\fR \f(CW\*(C`Default\*(C'\fR variable is set in \fIsudoers\fR,
-\&\fBvisudo\fR will use any the editor defines by \f(CW\*(C`VISUAL\*(C'\fR or \f(CW\*(C`EDITOR\*(C'\fR.
-Note that this can be a security hole since it allows the user to
-execute any program they wish simply by setting \f(CW\*(C`VISUAL\*(C'\fR or \f(CW\*(C`EDITOR\*(C'\fR.
-.PP
-\&\fBvisudo\fR parses the \fIsudoers\fR file after the edit and will
-not save the changes if there is a syntax error. Upon finding
-an error, \fBvisudo\fR will print a message stating the line number(s)
-where the error occurred and the user will receive the
-\&\*(L"What now?\*(R" prompt. At this point the user may enter \*(L"e\*(R"
-to re-edit the \fIsudoers\fR file, \*(L"x\*(R" to exit without
-saving the changes, or \*(L"Q\*(R" to quit and save changes. The
-\&\*(L"Q\*(R" option should be used with extreme care because if \fBvisudo\fR
-believes there to be a parse error, so will \fBsudo\fR and no one
-will be able to \fBsudo\fR again until the error is fixed.
-If \*(L"e\*(R" is typed to edit the \fIsudoers\fR file after a parse error
-has been detected, the cursor will be placed on the line where the
-error occurred (if the editor supports this feature).
-.SH "OPTIONS"
-.IX Header "OPTIONS"
-\&\fBvisudo\fR accepts the following command line options:
-.IP "\-c" 4
-.IX Item "-c"
-Enable \fBcheck-only\fR mode. The existing \fIsudoers\fR file will be
-checked for syntax and a message will be printed to the
-standard output detailing the status of \fIsudoers\fR.
-If the syntax check completes successfully, \fBvisudo\fR will
-exit with a value of 0. If a syntax error is encountered,
-\&\fBvisudo\fR will exit with a value of 1.
-.IP "\-f" 4
-.IX Item "-f"
-Specify and alternate \fIsudoers\fR file location. With this option
-\&\fBvisudo\fR will edit (or check) the \fIsudoers\fR file of your choice,
-instead of the default, \fI/etc/sudoers\fR. The lock file used
-is the specified \fIsudoers\fR file with \*(L".tmp\*(R" appended to it.
-.IP "\-q" 4
-.IX Item "-q"
-Enable \fBquiet\fR mode. In this mode details about syntax errors
-are not printed. This option is only useful when combined with
-the \fB\-c\fR flag.
-.IP "\-s" 4
-.IX Item "-s"
-Enable \fBstrict\fR checking of the \fIsudoers\fR file. If an alias is
-used before it is defined, \fBvisudo\fR will consider this a parse
-error. Note that it is not possible to differentiate between an
-alias and a hostname or username that consists solely of uppercase
-letters, digits, and the underscore ('_') character.
-.IP "\-V" 4
-.IX Item "-V"
-The \fB\-V\fR (version) option causes \fBvisudo\fR to print its version number
-and exit.
-.SH "ENVIRONMENT"
-.IX Header "ENVIRONMENT"
-The following environment variables are used only if \fBvisudo\fR
-was configured with the \fI\-\-with\-env\-editor\fR option:
-.PP
-.Vb 2
-\& VISUAL Invoked by visudo as the editor to use
-\& EDITOR Used by visudo if VISUAL is not set
-.Ve
-.SH "FILES"
-.IX Header "FILES"
-.Vb 2
-\& /etc/sudoers List of who can run what
-\& /etc/sudoers.tmp Lock file for visudo
-.Ve
-.SH "DIAGNOSTICS"
-.IX Header "DIAGNOSTICS"
-.IP "sudoers file busy, try again later." 4
-.IX Item "sudoers file busy, try again later."
-Someone else is currently editing the \fIsudoers\fR file.
-.IP "/etc/sudoers.tmp: Permission denied" 4
-.IX Item "/etc/sudoers.tmp: Permission denied"
-You didn't run \fBvisudo\fR as root.
-.IP "Can't find you in the passwd database" 4
-.IX Item "Can't find you in the passwd database"
-Your userid does not appear in the system passwd file.
-.IP "Warning: undeclared Alias referenced near ..." 4
-.IX Item "Warning: undeclared Alias referenced near ..."
-Either you are using a {User,Runas,Host,Cmnd}_Alias before
-defining it or you have a user or hostname listed that
-consists solely of uppercase letters, digits, and the
-underscore ('_') character. If the latter, you can ignore
-the warnings (\fBsudo\fR will not complain). In \fB\-s\fR (strict)
-mode these are errors, not warnings.
-.IP "Warning: runas_default set after old value is in use ..." 4
-.IX Item "Warning: runas_default set after old value is in use ..."
-You have a \fIrunas_default\fR Defaults setting listed in the \fIsudoers\fR
-file after its value has already been used. This means that entries
-prior to the \fIrunas_default\fR setting will match based on the default
-value of \fIrunas_default\fR (\f(CW\*(C`root\*(C'\fR) whereas entries
-\&\fBafter\fR the \fIrunas_default\fR setting will match based on the new
-value. This is usually unintentional and in most cases the
-<runas_default> setting should be placed before any \f(CW\*(C`Runas_Alias\*(C'\fR
-or User specifications. In \fB\-s\fR (strict) mode this is an error,
-not a warning.
-.SH "SEE ALSO"
-.IX Header "SEE ALSO"
-\&\fIvi\fR\|(1), sudoers(5), sudo(8), vipw(8)
-.SH "AUTHOR"
-.IX Header "AUTHOR"
-Many people have worked on \fIsudo\fR over the years; this version of
-\&\fBvisudo\fR was written by:
-.PP
-.Vb 1
-\& Todd Miller
-.Ve
-.PP
-See the \s-1HISTORY\s0 file in the sudo distribution or visit
-http://www.sudo.ws/sudo/history.html for more details.
-.SH "CAVEATS"
-.IX Header "CAVEATS"
-There is no easy way to prevent a user from gaining a root shell if
-the editor used by \fBvisudo\fR allows shell escapes.
-.SH "BUGS"
-.IX Header "BUGS"
-If you feel you have found a bug in \fBvisudo\fR, please submit a bug report
-at http://www.sudo.ws/sudo/bugs/
-.SH "SUPPORT"
-.IX Header "SUPPORT"
-Commercial support is available for \fBsudo\fR, see
-http://www.sudo.ws/sudo/support.html for details.
-.PP
-Limited free support is available via the sudo-users mailing list,
-see http://www.sudo.ws/mailman/listinfo/sudo\-users to subscribe or
-search the archives.
-.SH "DISCLAIMER"
-.IX Header "DISCLAIMER"
-\&\fBVisudo\fR is provided ``\s-1AS\s0 \s-1IS\s0'' and any express or implied warranties,
-including, but not limited to, the implied warranties of merchantability
-and fitness for a particular purpose are disclaimed. See the \s-1LICENSE\s0
-file distributed with \fBsudo\fR or http://www.sudo.ws/sudo/license.html
-for complete details.
Modified: trunk/contrib/sudo/visudo.c
===================================================================
--- trunk/contrib/sudo/visudo.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/visudo.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -90,7 +90,7 @@
int modified;
int doedit;
};
-TQ_DECLARE(sudoersfile);
+TQ_DECLARE(sudoersfile)
/*
* Function prototypes
@@ -110,7 +110,8 @@
static void print_selfref __P((char *, int, int, int));
static void print_undefined __P((char *, int, int, int));
static void setup_signals __P((void));
-static void usage __P((void)) __attribute__((__noreturn__));
+static void help __P((void)) __attribute__((__noreturn__));
+static void usage __P((int));
extern void yyerror __P((const char *));
extern void yyrestart __P((FILE *));
@@ -153,7 +154,7 @@
Argv = argv;
if ((Argc = argc) < 1)
- usage();
+ usage(1);
/*
* Arg handling.
@@ -160,7 +161,7 @@
*/
checkonly = oldperms = quiet = strict = FALSE;
sudoers_path = _PATH_SUDOERS;
- while ((ch = getopt(argc, argv, "Vcf:sq")) != -1) {
+ while ((ch = getopt(argc, argv, "Vcf:hsq")) != -1) {
switch (ch) {
case 'V':
(void) printf("%s version %s\n", getprogname(), PACKAGE_VERSION);
@@ -172,6 +173,9 @@
sudoers_path = optarg; /* sudoers file path */
oldperms = TRUE;
break;
+ case 'h':
+ help();
+ break;
case 's':
strict++; /* strict mode */
break;
@@ -179,13 +183,13 @@
quiet++; /* quiet mode */
break;
default:
- usage();
+ usage(1);
}
}
argc -= optind;
argv += optind;
if (argc)
- usage();
+ usage(1);
sudo_setpwent();
sudo_setgrent();
@@ -293,7 +297,8 @@
/* Add missing newline at EOF if needed. */
if (nread > 0 && buf[nread - 1] != '\n') {
buf[0] = '\n';
- write(tfd, buf, 1);
+ if (write(tfd, buf, 1) != 1)
+ error(1, "write error");
}
}
(void) close(tfd);
@@ -349,17 +354,17 @@
if (stat(sp->tpath, &sb) < 0) {
warningx("cannot stat temporary file (%s), %s unchanged",
sp->tpath, sp->path);
- return(FALSE);
+ return FALSE;
}
if (sb.st_size == 0 && orig_size != 0) {
warningx("zero length temporary file (%s), %s unchanged",
sp->tpath, sp->path);
sp->modified = TRUE;
- return(FALSE);
+ return FALSE;
}
} else {
warningx("editor (%s) failed, %s unchanged", editor, sp->path);
- return(FALSE);
+ return FALSE;
}
/* Set modified bit if use changed the file. */
@@ -383,7 +388,7 @@
else
warningx("%s unchanged", sp->tpath);
- return(TRUE);
+ return TRUE;
}
/*
@@ -464,7 +469,7 @@
}
} while (parse_error);
- return(TRUE);
+ return TRUE;
}
/*
@@ -490,18 +495,24 @@
if (stat(sp->path, &sb) == -1)
#endif
error(1, "can't stat %s", sp->path);
- (void) chown(sp->tpath, sb.st_uid, sb.st_gid);
- (void) chmod(sp->tpath, sb.st_mode & 0777);
+ if (chown(sp->tpath, sb.st_uid, sb.st_gid) != 0) {
+ warning("unable to set (uid, gid) of %s to (%d, %d)",
+ sp->tpath, sb.st_uid, sb.st_gid);
+ }
+ if (chmod(sp->tpath, sb.st_mode & 0777) != 0) {
+ warning("unable to change mode of %s to 0%o", sp->tpath,
+ (sb.st_mode & 0777));
+ }
} else {
if (chown(sp->tpath, SUDOERS_UID, SUDOERS_GID) != 0) {
warning("unable to set (uid, gid) of %s to (%d, %d)",
sp->tpath, SUDOERS_UID, SUDOERS_GID);
- return(FALSE);
+ return FALSE;
}
if (chmod(sp->tpath, SUDOERS_MODE) != 0) {
warning("unable to change mode of %s to 0%o", sp->tpath,
SUDOERS_MODE);
- return(FALSE);
+ return FALSE;
}
}
@@ -535,7 +546,7 @@
(void) unlink(sp->tpath);
efree(sp->tpath);
sp->tpath = NULL;
- return(FALSE);
+ return FALSE;
}
efree(sp->tpath);
sp->tpath = NULL;
@@ -542,10 +553,10 @@
} else {
warning("error renaming %s, %s unchanged", sp->tpath, sp->path);
(void) unlink(sp->tpath);
- return(FALSE);
+ return FALSE;
}
}
- return(TRUE);
+ return TRUE;
}
/* STUB */
@@ -566,7 +577,7 @@
int
user_is_exempt()
{
- return(FALSE);
+ return FALSE;
}
/* STUB */
@@ -587,7 +598,7 @@
sudo_getepw(pw)
const struct passwd *pw;
{
- return (pw->pw_passwd);
+ return pw->pw_passwd;
}
/*
@@ -612,7 +623,7 @@
case 'e':
case 'x':
case 'Q':
- return(choice);
+ return choice;
default:
(void) puts("Options are:");
(void) puts(" (e)dit sudoers file again");
@@ -674,8 +685,8 @@
} while (rv == -1 && errno == EINTR);
if (rv == -1 || !WIFEXITED(status))
- return(-1);
- return(WEXITSTATUS(status));
+ return -1;
+ return WEXITSTATUS(status);
}
static int
@@ -687,7 +698,10 @@
struct stat sb;
int error;
- if ((yyin = fopen(sudoers_path, "r")) == NULL) {
+ if (strcmp(sudoers_path, "-") == 0) {
+ yyin = stdin;
+ sudoers_path = "stdin";
+ } else if ((yyin = fopen(sudoers_path, "r")) == NULL) {
if (!quiet)
warning("unable to open %s", sudoers_path);
exit(1);
@@ -717,9 +731,9 @@
}
/* Check mode and owner in strict mode. */
#ifdef HAVE_FSTAT
- if (strict && fstat(fileno(yyin), &sb) == 0)
+ if (strict && yyin != stdin && fstat(fileno(yyin), &sb) == 0)
#else
- if (strict && stat(sudoers_path, &sb) == 0)
+ if (strict && yyin != stdin && stat(sudoers_path, &sb) == 0)
#endif
{
if (sb.st_uid != SUDOERS_UID || sb.st_gid != SUDOERS_GID) {
@@ -738,7 +752,7 @@
}
}
- return(error);
+ return error;
}
/*
@@ -771,7 +785,7 @@
if (entry->fd == -1) {
warning("%s", entry->path);
efree(entry);
- return(NULL);
+ return NULL;
}
if (!lock_file(entry->fd, SUDO_TLOCK))
errorx(1, "%s busy, try again later", entry->path);
@@ -791,7 +805,7 @@
}
if (keepopen != NULL)
*keepopen = TRUE;
- return(fp);
+ return fp;
}
static char *
@@ -892,7 +906,7 @@
errorx(1, "no editor found (editor path = %s)", def_editor);
}
*args = EditorArgs;
- return(Editor);
+ return Editor;
}
/*
@@ -912,7 +926,7 @@
while (*args && isblank((unsigned char) *args))
args++;
}
- return(*args ? args : NULL);
+ return *args ? args : NULL;
}
/*
@@ -967,7 +981,7 @@
a = alias_remove(name, type);
if (a)
rbinsert(alias_freelist, a);
- return(error);
+ return error;
}
/*
@@ -1041,7 +1055,7 @@
tq_foreach_fwd(&us->privileges, priv) {
tq_foreach_fwd(&priv->hostlist, m) {
if (m->type == ALIAS)
- if (!alias_remove_recursive(m->name, HOSTALIAS, strict,
+ if (!alias_remove_recursive(m->name, HOSTALIAS, strict,
quiet))
error++;
}
@@ -1090,7 +1104,7 @@
if (!no_aliases() && !quiet)
alias_apply(print_unused, strict ? "Error" : "Warning");
- return (strict ? error : 0);
+ return strict ? error : 0;
}
static void
@@ -1137,7 +1151,7 @@
a->type == HOSTALIAS ? "Host" : a->type == CMNDALIAS ? "Cmnd" :
a->type == USERALIAS ? "User" : a->type == RUNASALIAS ? "Runas" :
"Unknown", a->name);
- return(0);
+ return 0;
}
/*
@@ -1168,15 +1182,33 @@
{
cleanup(signo);
#define emsg " exiting due to signal.\n"
- write(STDERR_FILENO, getprogname(), strlen(getprogname()));
- write(STDERR_FILENO, emsg, sizeof(emsg) - 1);
+ if (write(STDERR_FILENO, getprogname(), strlen(getprogname())) == -1 ||
+ write(STDERR_FILENO, emsg, sizeof(emsg) - 1) == -1)
+ /* shut up glibc */;
_exit(signo);
}
static void
-usage()
+usage(fatal)
+ int fatal;
{
- (void) fprintf(stderr, "usage: %s [-c] [-q] [-s] [-V] [-f sudoers]\n",
- getprogname());
- exit(1);
+ (void) fprintf(fatal ? stderr : stdout,
+ "usage: %s [-chqsV] [-f sudoers]\n", getprogname());
+ if (fatal)
+ exit(1);
}
+
+static void
+help()
+{
+ (void) printf("%s - safely edit the sudoers file\n\n", getprogname());
+ usage(0);
+ (void) puts("\nOptions:");
+ (void) puts(" -c check-only mode");
+ (void) puts(" -f sudoers specify sudoers file location");
+ (void) puts(" -h display help message and exit");
+ (void) puts(" -q less verbose (quiet) syntax error messages");
+ (void) puts(" -s strict syntax checking");
+ (void) puts(" -V display version information and exit");
+ exit(0);
+}
Modified: trunk/contrib/sudo/visudo.cat
===================================================================
--- trunk/contrib/sudo/visudo.cat 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/visudo.cat 2014-10-02 03:20:49 UTC (rev 6803)
@@ -8,7 +8,7 @@
visudo - edit the sudoers file
S�SY�YN�NO�OP�PS�SI�IS�S
- v�vi�is�su�ud�do�o [-�-c�c] [-�-q�q] [-�-s�s] [-�-V�V] [-�-f�f _�s_�u_�d_�o_�e_�r_�s]
+ v�vi�is�su�ud�do�o [-�-c�ch�hq�qs�sV�V] [-�-f�f _�s_�u_�d_�o_�e_�r_�s]
D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
v�vi�is�su�ud�do�o edits the _�s_�u_�d_�o_�e_�r_�s file in a safe fashion, analogous to _�v_�i_�p_�w(1m).
@@ -54,14 +54,14 @@
option v�vi�is�su�ud�do�o will edit (or check) the _�s_�u_�d_�o_�e_�r_�s file of your
choice, instead of the default, _�/_�e_�t_�c_�/_�s_�u_�d_�o_�e_�r_�s. The lock
file used is the specified _�s_�u_�d_�o_�e_�r_�s file with ".tmp"
- appended to it.
+ appended to it. In c�ch�he�ec�ck�k-�-o�on�nl�ly�y mode only, the argument to
+ -�-f�f may be "-", indicating that _�s_�u_�d_�o_�e_�r_�s will be read from
+ the standard input.
- -q Enable q�qu�ui�ie�et�t mode. In this mode details about syntax
- errors are not printed. This option is only useful when
-1.7.4 July 14, 2010 1
+1.7.5rc1 February 21, 2011 1
@@ -70,6 +70,11 @@
VISUDO(1m) MAINTENANCE COMMANDS VISUDO(1m)
+ -h The -�-h�h (_�h_�e_�l_�p) option causes v�vi�is�su�ud�do�o to print a short help
+ message to the standard output and exit.
+
+ -q Enable q�qu�ui�ie�et�t mode. In this mode details about syntax
+ errors are not printed. This option is only useful when
combined with the -�-c�c option.
-s Enable s�st�tr�ri�ic�ct�t checking of the _�s_�u_�d_�o_�e_�r_�s file. If an alias is
@@ -118,16 +123,11 @@
used. You may wish to comment out or remove the unused alias. In
-�-s�s (strict) mode this is an error, not a warning.
-S�SE�EE�E A�AL�LS�SO�O
- _�v_�i(1), _�s_�u_�d_�o_�e_�r_�s(4), _�s_�u_�d_�o(1m), _�v_�i_�p_�w(8)
-A�AU�UT�TH�HO�OR�R
- Many people have worked on _�s_�u_�d_�o over the years; this version of v�vi�is�su�ud�do�o
- was written by:
-1.7.4 July 14, 2010 2
+1.7.5rc1 February 21, 2011 2
@@ -136,6 +136,13 @@
VISUDO(1m) MAINTENANCE COMMANDS VISUDO(1m)
+S�SE�EE�E A�AL�LS�SO�O
+ _�v_�i(1), _�s_�u_�d_�o_�e_�r_�s(4), _�s_�u_�d_�o(1m), _�v_�i_�p_�w(8)
+
+A�AU�UT�TH�HO�OR�R
+ Many people have worked on _�s_�u_�d_�o over the years; this version of v�vi�is�su�ud�do�o
+ was written by:
+
Todd Miller
See the HISTORY file in the sudo distribution or visit
@@ -186,13 +193,6 @@
+1.7.5rc1 February 21, 2011 3
-
-
-
-
-
-1.7.4 July 14, 2010 3
-
-
Deleted: trunk/contrib/sudo/visudo.man
===================================================================
--- trunk/contrib/sudo/visudo.man 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/visudo.man 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,301 +0,0 @@
-.\" Copyright (c) 1996,1998-2005, 2007-2010
-.\" Todd C. Miller <Todd.Miller at courtesan.com>
-.\"
-.\" Permission to use, copy, modify, and distribute this software for any
-.\" purpose with or without fee is hereby granted, provided that the above
-.\" copyright notice and this permission notice appear in all copies.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-.\"
-.\" Sponsored in part by the Defense Advanced Research Projects
-.\" Agency (DARPA) and Air Force Research Laboratory, Air Force
-.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
-.\"
-.\" Automatically generated by Pod::Man 2.22 (Pod::Simple 3.07)
-.\"
-.\" Standard preamble:
-.\" ========================================================================
-.de Sp \" Vertical space (when we can't use .PP)
-.if t .sp .5v
-.if n .sp
-..
-.de Vb \" Begin verbatim text
-.ft CW
-.nf
-.ne \\$1
-..
-.de Ve \" End verbatim text
-.ft R
-.fi
-..
-.\" Set up some character translations and predefined strings. \*(-- will
-.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
-.\" double quote, and \*(R" will give a right double quote. \*(C+ will
-.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
-.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
-.\" nothing in troff, for use with C<>.
-.tr \(*W-
-.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
-.ie n \{\
-. ds -- \(*W-
-. ds PI pi
-. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
-. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
-. ds L" ""
-. ds R" ""
-. ds C`
-. ds C'
-'br\}
-.el\{\
-. ds -- \|\(em\|
-. ds PI \(*p
-. ds L" ``
-. ds R" ''
-'br\}
-.\"
-.\" Escape single quotes in literal strings from groff's Unicode transform.
-.ie \n(.g .ds Aq \(aq
-.el .ds Aq '
-.\"
-.\" If the F register is turned on, we'll generate index entries on stderr for
-.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
-.\" entries marked with X<> in POD. Of course, you'll have to process the
-.\" output yourself in some meaningful fashion.
-.ie \nF \{\
-. de IX
-. tm Index:\\$1\t\\n%\t"\\$2"
-..
-. nr % 0
-. rr F
-.\}
-.el \{\
-. de IX
-..
-.\}
-.\"
-.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
-.\" Fear. Run. Save yourself. No user-serviceable parts.
-. \" fudge factors for nroff and troff
-.if n \{\
-. ds #H 0
-. ds #V .8m
-. ds #F .3m
-. ds #[ \f1
-. ds #] \fP
-.\}
-.if t \{\
-. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
-. ds #V .6m
-. ds #F 0
-. ds #[ \&
-. ds #] \&
-.\}
-. \" simple accents for nroff and troff
-.if n \{\
-. ds ' \&
-. ds ` \&
-. ds ^ \&
-. ds , \&
-. ds ~ ~
-. ds /
-.\}
-.if t \{\
-. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
-. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
-. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
-. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
-. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
-. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
-.\}
-. \" troff and (daisy-wheel) nroff accents
-.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
-.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
-.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
-.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
-.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
-.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
-.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
-.ds ae a\h'-(\w'a'u*4/10)'e
-.ds Ae A\h'-(\w'A'u*4/10)'E
-. \" corrections for vroff
-.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
-.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
-. \" for low resolution devices (crt and lpr)
-.if \n(.H>23 .if \n(.V>19 \
-\{\
-. ds : e
-. ds 8 ss
-. ds o a
-. ds d- d\h'-1'\(ga
-. ds D- D\h'-1'\(hy
-. ds th \o'bp'
-. ds Th \o'LP'
-. ds ae ae
-. ds Ae AE
-.\}
-.rm #[ #] #H #V #F C
-.\" ========================================================================
-.\"
-.IX Title "VISUDO 8"
-.TH VISUDO 8 "July 14, 2010" "1.7.4" "MAINTENANCE COMMANDS"
-.\" For nroff, turn off justification. Always turn off hyphenation; it makes
-.\" way too many mistakes in technical documents.
-.if n .ad l
-.nh
-.SH "NAME"
-visudo \- edit the sudoers file
-.SH "SYNOPSIS"
-.IX Header "SYNOPSIS"
-\&\fBvisudo\fR [\fB\-c\fR] [\fB\-q\fR] [\fB\-s\fR] [\fB\-V\fR] [\fB\-f\fR \fIsudoers\fR]
-.SH "DESCRIPTION"
-.IX Header "DESCRIPTION"
-\&\fBvisudo\fR edits the \fIsudoers\fR file in a safe fashion, analogous to
-\&\fIvipw\fR\|(8). \fBvisudo\fR locks the \fIsudoers\fR file against multiple
-simultaneous edits, provides basic sanity checks, and checks
-for parse errors. If the \fIsudoers\fR file is currently being
-edited you will receive a message to try again later.
-.PP
-There is a hard-coded list of one or more editors that \fBvisudo\fR will
-use set at compile-time that may be overridden via the \fIeditor\fR \fIsudoers\fR
-\&\f(CW\*(C`Default\*(C'\fR variable. This list defaults to \f(CW"/usr/bin/vi"\fR. Normally,
-\&\fBvisudo\fR does not honor the \f(CW\*(C`VISUAL\*(C'\fR or \f(CW\*(C`EDITOR\*(C'\fR environment
-variables unless they contain an editor in the aforementioned editors
-list. However, if \fBvisudo\fR is configured with the \fI\-\-with\-env\-editor\fR
-option or the \fIenv_editor\fR \f(CW\*(C`Default\*(C'\fR variable is set in \fIsudoers\fR,
-\&\fBvisudo\fR will use any the editor defines by \f(CW\*(C`VISUAL\*(C'\fR or \f(CW\*(C`EDITOR\*(C'\fR.
-Note that this can be a security hole since it allows the user to
-execute any program they wish simply by setting \f(CW\*(C`VISUAL\*(C'\fR or \f(CW\*(C`EDITOR\*(C'\fR.
-.PP
-\&\fBvisudo\fR parses the \fIsudoers\fR file after the edit and will
-not save the changes if there is a syntax error. Upon finding
-an error, \fBvisudo\fR will print a message stating the line number(s)
-where the error occurred and the user will receive the
-\&\*(L"What now?\*(R" prompt. At this point the user may enter \*(L"e\*(R"
-to re-edit the \fIsudoers\fR file, \*(L"x\*(R" to exit without
-saving the changes, or \*(L"Q\*(R" to quit and save changes. The
-\&\*(L"Q\*(R" option should be used with extreme care because if \fBvisudo\fR
-believes there to be a parse error, so will \fBsudo\fR and no one
-will be able to \fBsudo\fR again until the error is fixed.
-If \*(L"e\*(R" is typed to edit the \fIsudoers\fR file after a parse error
-has been detected, the cursor will be placed on the line where the
-error occurred (if the editor supports this feature).
-.SH "OPTIONS"
-.IX Header "OPTIONS"
-\&\fBvisudo\fR accepts the following command line options:
-.IP "\-c" 12
-.IX Item "-c"
-Enable \fBcheck-only\fR mode. The existing \fIsudoers\fR file will be
-checked for syntax and a message will be printed to the
-standard output detailing the status of \fIsudoers\fR.
-If the syntax check completes successfully, \fBvisudo\fR will
-exit with a value of 0. If a syntax error is encountered,
-\&\fBvisudo\fR will exit with a value of 1.
-.IP "\-f \fIsudoers\fR" 12
-.IX Item "-f sudoers"
-Specify and alternate \fIsudoers\fR file location. With this option
-\&\fBvisudo\fR will edit (or check) the \fIsudoers\fR file of your choice,
-instead of the default, \fI/etc/sudoers\fR. The lock file used
-is the specified \fIsudoers\fR file with \*(L".tmp\*(R" appended to it.
-.IP "\-q" 12
-.IX Item "-q"
-Enable \fBquiet\fR mode. In this mode details about syntax errors
-are not printed. This option is only useful when combined with
-the \fB\-c\fR option.
-.IP "\-s" 12
-.IX Item "-s"
-Enable \fBstrict\fR checking of the \fIsudoers\fR file. If an alias is
-used before it is defined, \fBvisudo\fR will consider this a parse
-error. Note that it is not possible to differentiate between an
-alias and a host name or user name that consists solely of uppercase
-letters, digits, and the underscore ('_') character.
-.IP "\-V" 12
-.IX Item "-V"
-The \fB\-V\fR (version) option causes \fBvisudo\fR to print its version number
-and exit.
-.SH "ENVIRONMENT"
-.IX Header "ENVIRONMENT"
-The following environment variables may be consulted depending on
-the value of the \fIeditor\fR and \fIenv_editor\fR \fIsudoers\fR variables:
-.ie n .IP "\*(C`VISUAL\*(C'" 16
-.el .IP "\f(CW\*(C`VISUAL\*(C'\fR" 16
-.IX Item "VISUAL"
-Invoked by visudo as the editor to use
-.ie n .IP "\*(C`EDITOR\*(C'" 16
-.el .IP "\f(CW\*(C`EDITOR\*(C'\fR" 16
-.IX Item "EDITOR"
-Used by visudo if \s-1VISUAL\s0 is not set
-.SH "FILES"
-.IX Header "FILES"
-.ie n .IP "\fI/etc/sudoers\fR" 24
-.el .IP "\fI/etc/sudoers\fR" 24
-.IX Item "/etc/sudoers"
-List of who can run what
-.ie n .IP "\fI/etc/sudoers.tmp\fR" 24
-.el .IP "\fI/etc/sudoers.tmp\fR" 24
-.IX Item "/etc/sudoers.tmp"
-Lock file for visudo
-.SH "DIAGNOSTICS"
-.IX Header "DIAGNOSTICS"
-.IP "sudoers file busy, try again later." 4
-.IX Item "sudoers file busy, try again later."
-Someone else is currently editing the \fIsudoers\fR file.
-.ie n .IP "/etc/sudoers.tmp: Permission denied" 4
-.el .IP "\f(CW at sysconfdir\fR@/sudoers.tmp: Permission denied" 4
-.IX Item "/etc/sudoers.tmp: Permission denied"
-You didn't run \fBvisudo\fR as root.
-.IP "Can't find you in the passwd database" 4
-.IX Item "Can't find you in the passwd database"
-Your userid does not appear in the system passwd file.
-.IP "Warning: {User,Runas,Host,Cmnd}_Alias referenced but not defined" 4
-.IX Item "Warning: {User,Runas,Host,Cmnd}_Alias referenced but not defined"
-Either you are trying to use an undeclare {User,Runas,Host,Cmnd}_Alias
-or you have a user or host name listed that consists solely of
-uppercase letters, digits, and the underscore ('_') character. In
-the latter case, you can ignore the warnings (\fBsudo\fR will not
-complain). In \fB\-s\fR (strict) mode these are errors, not warnings.
-.IP "Warning: unused {User,Runas,Host,Cmnd}_Alias" 4
-.IX Item "Warning: unused {User,Runas,Host,Cmnd}_Alias"
-The specified {User,Runas,Host,Cmnd}_Alias was defined but never
-used. You may wish to comment out or remove the unused alias. In
-\&\fB\-s\fR (strict) mode this is an error, not a warning.
-.SH "SEE ALSO"
-.IX Header "SEE ALSO"
-\&\fIvi\fR\|(1), \fIsudoers\fR\|(5), \fIsudo\fR\|(8), \fIvipw\fR\|(8)
-.SH "AUTHOR"
-.IX Header "AUTHOR"
-Many people have worked on \fIsudo\fR over the years; this version of
-\&\fBvisudo\fR was written by:
-.PP
-.Vb 1
-\& Todd Miller
-.Ve
-.PP
-See the \s-1HISTORY\s0 file in the sudo distribution or visit
-http://www.sudo.ws/sudo/history.html for more details.
-.SH "CAVEATS"
-.IX Header "CAVEATS"
-There is no easy way to prevent a user from gaining a root shell if
-the editor used by \fBvisudo\fR allows shell escapes.
-.SH "BUGS"
-.IX Header "BUGS"
-If you feel you have found a bug in \fBvisudo\fR, please submit a bug report
-at http://www.sudo.ws/sudo/bugs/
-.SH "SUPPORT"
-.IX Header "SUPPORT"
-Limited free support is available via the sudo-users mailing list,
-see http://www.sudo.ws/mailman/listinfo/sudo\-users to subscribe or
-search the archives.
-.SH "DISCLAIMER"
-.IX Header "DISCLAIMER"
-\&\fBvisudo\fR is provided ``\s-1AS\s0 \s-1IS\s0'' and any express or implied warranties,
-including, but not limited to, the implied warranties of merchantability
-and fitness for a particular purpose are disclaimed. See the \s-1LICENSE\s0
-file distributed with \fBsudo\fR or http://www.sudo.ws/sudo/license.html
-for complete details.
Modified: trunk/contrib/sudo/visudo.man.in
===================================================================
--- trunk/contrib/sudo/visudo.man.in 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/visudo.man.in 2014-10-02 03:20:49 UTC (rev 6803)
@@ -18,7 +18,7 @@
.\" Agency (DARPA) and Air Force Research Laboratory, Air Force
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
.\"
-.\" Automatically generated by Pod::Man 2.22 (Pod::Simple 3.07)
+.\" Automatically generated by Pod::Man 2.23 (Pod::Simple 3.14)
.\"
.\" Standard preamble:
.\" ========================================================================
@@ -144,7 +144,7 @@
.\" ========================================================================
.\"
.IX Title "VISUDO @mansectsu@"
-.TH VISUDO @mansectsu@ "July 14, 2010" "1.7.4" "MAINTENANCE COMMANDS"
+.TH VISUDO @mansectsu@ "February 21, 2011" "1.7.5rc1" "MAINTENANCE COMMANDS"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@@ -153,7 +153,7 @@
visudo \- edit the sudoers file
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
-\&\fBvisudo\fR [\fB\-c\fR] [\fB\-q\fR] [\fB\-s\fR] [\fB\-V\fR] [\fB\-f\fR \fIsudoers\fR]
+\&\fBvisudo\fR [\fB\-chqsV\fR] [\fB\-f\fR \fIsudoers\fR]
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
\&\fBvisudo\fR edits the \fIsudoers\fR file in a safe fashion, analogous to
@@ -203,6 +203,12 @@
\&\fBvisudo\fR will edit (or check) the \fIsudoers\fR file of your choice,
instead of the default, \fI at sysconfdir@/sudoers\fR. The lock file used
is the specified \fIsudoers\fR file with \*(L".tmp\*(R" appended to it.
+In \fBcheck-only\fR mode only, the argument to \fB\-f\fR may be \*(L"\-\*(R",
+indicating that \fIsudoers\fR will be read from the standard input.
+.IP "\-h" 12
+.IX Item "-h"
+The \fB\-h\fR (\fIhelp\fR) option causes \fBvisudo\fR to print a short help message
+to the standard output and exit.
.IP "\-q" 12
.IX Item "-q"
Enable \fBquiet\fR mode. In this mode details about syntax errors
Deleted: trunk/contrib/sudo/visudo.pod
===================================================================
--- trunk/contrib/sudo/visudo.pod 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/visudo.pod 2014-10-02 03:20:49 UTC (rev 6803)
@@ -1,206 +0,0 @@
-Copyright (c) 1996,1998-2005, 2007-2010
- Todd C. Miller <Todd.Miller at courtesan.com>
-
-Permission to use, copy, modify, and distribute this software for any
-purpose with or without fee is hereby granted, provided that the above
-copyright notice and this permission notice appear in all copies.
-
-THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-Sponsored in part by the Defense Advanced Research Projects
-Agency (DARPA) and Air Force Research Laboratory, Air Force
-Materiel Command, USAF, under agreement number F39502-99-1-0512.
-
-=pod
-
-=head1 NAME
-
-visudo - edit the sudoers file
-
-=head1 SYNOPSIS
-
-B<visudo> [B<-c>] [B<-q>] [B<-s>] [B<-V>] [B<-f> I<sudoers>]
-
-=head1 DESCRIPTION
-
-B<visudo> edits the I<sudoers> file in a safe fashion, analogous to
-L<vipw(8)>. B<visudo> locks the I<sudoers> file against multiple
-simultaneous edits, provides basic sanity checks, and checks
-for parse errors. If the I<sudoers> file is currently being
-edited you will receive a message to try again later.
-
-There is a hard-coded list of one or more editors that B<visudo> will
-use set at compile-time that may be overridden via the I<editor> I<sudoers>
-C<Default> variable. This list defaults to C<"@editor@">. Normally,
-B<visudo> does not honor the C<VISUAL> or C<EDITOR> environment
-variables unless they contain an editor in the aforementioned editors
-list. However, if B<visudo> is configured with the I<--with-env-editor>
-option or the I<env_editor> C<Default> variable is set in I<sudoers>,
-B<visudo> will use any the editor defines by C<VISUAL> or C<EDITOR>.
-Note that this can be a security hole since it allows the user to
-execute any program they wish simply by setting C<VISUAL> or C<EDITOR>.
-
-B<visudo> parses the I<sudoers> file after the edit and will
-not save the changes if there is a syntax error. Upon finding
-an error, B<visudo> will print a message stating the line number(s)
-where the error occurred and the user will receive the
-"What now?" prompt. At this point the user may enter "e"
-to re-edit the I<sudoers> file, "x" to exit without
-saving the changes, or "Q" to quit and save changes. The
-"Q" option should be used with extreme care because if B<visudo>
-believes there to be a parse error, so will B<sudo> and no one
-will be able to B<sudo> again until the error is fixed.
-If "e" is typed to edit the I<sudoers> file after a parse error
-has been detected, the cursor will be placed on the line where the
-error occurred (if the editor supports this feature).
-
-=head1 OPTIONS
-
-B<visudo> accepts the following command line options:
-
-=over 12
-
-=item -c
-
-Enable B<check-only> mode. The existing I<sudoers> file will be
-checked for syntax and a message will be printed to the
-standard output detailing the status of I<sudoers>.
-If the syntax check completes successfully, B<visudo> will
-exit with a value of 0. If a syntax error is encountered,
-B<visudo> will exit with a value of 1.
-
-=item -f I<sudoers>
-
-Specify and alternate I<sudoers> file location. With this option
-B<visudo> will edit (or check) the I<sudoers> file of your choice,
-instead of the default, F<@sysconfdir@/sudoers>. The lock file used
-is the specified I<sudoers> file with ".tmp" appended to it.
-
-=item -q
-
-Enable B<quiet> mode. In this mode details about syntax errors
-are not printed. This option is only useful when combined with
-the B<-c> option.
-
-=item -s
-
-Enable B<strict> checking of the I<sudoers> file. If an alias is
-used before it is defined, B<visudo> will consider this a parse
-error. Note that it is not possible to differentiate between an
-alias and a host name or user name that consists solely of uppercase
-letters, digits, and the underscore ('_') character.
-
-=item -V
-
-The B<-V> (version) option causes B<visudo> to print its version number
-and exit.
-
-=back
-
-=head1 ENVIRONMENT
-
-The following environment variables may be consulted depending on
-the value of the I<editor> and I<env_editor> I<sudoers> variables:
-
-=over 16
-
-=item C<VISUAL>
-
-Invoked by visudo as the editor to use
-
-=item C<EDITOR>
-
-Used by visudo if VISUAL is not set
-
-=back
-
-=head1 FILES
-
-=over 24
-
-=item F<@sysconfdir@/sudoers>
-
-List of who can run what
-
-=item F<@sysconfdir@/sudoers.tmp>
-
-Lock file for visudo
-
-=back
-
-=head1 DIAGNOSTICS
-
-=over 4
-
-=item sudoers file busy, try again later.
-
-Someone else is currently editing the I<sudoers> file.
-
-=item @sysconfdir@/sudoers.tmp: Permission denied
-
-You didn't run B<visudo> as root.
-
-=item Can't find you in the passwd database
-
-Your userid does not appear in the system passwd file.
-
-=item Warning: {User,Runas,Host,Cmnd}_Alias referenced but not defined
-
-Either you are trying to use an undeclare {User,Runas,Host,Cmnd}_Alias
-or you have a user or host name listed that consists solely of
-uppercase letters, digits, and the underscore ('_') character. In
-the latter case, you can ignore the warnings (B<sudo> will not
-complain). In B<-s> (strict) mode these are errors, not warnings.
-
-=item Warning: unused {User,Runas,Host,Cmnd}_Alias
-
-The specified {User,Runas,Host,Cmnd}_Alias was defined but never
-used. You may wish to comment out or remove the unused alias. In
-B<-s> (strict) mode this is an error, not a warning.
-
-=back
-
-=head1 SEE ALSO
-
-L<vi(1)>, L<sudoers(5)>, L<sudo(8)>, L<vipw(8)>
-
-=head1 AUTHOR
-
-Many people have worked on I<sudo> over the years; this version of
-B<visudo> was written by:
-
- Todd Miller
-
-See the HISTORY file in the sudo distribution or visit
-http://www.sudo.ws/sudo/history.html for more details.
-
-=head1 CAVEATS
-
-There is no easy way to prevent a user from gaining a root shell if
-the editor used by B<visudo> allows shell escapes.
-
-=head1 BUGS
-
-If you feel you have found a bug in B<visudo>, please submit a bug report
-at http://www.sudo.ws/sudo/bugs/
-
-=head1 SUPPORT
-
-Limited free support is available via the sudo-users mailing list,
-see http://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or
-search the archives.
-
-=head1 DISCLAIMER
-
-B<visudo> is provided ``AS IS'' and any express or implied warranties,
-including, but not limited to, the implied warranties of merchantability
-and fitness for a particular purpose are disclaimed. See the LICENSE
-file distributed with B<sudo> or http://www.sudo.ws/sudo/license.html
-for complete details.
Modified: trunk/contrib/sudo/zero_bytes.c
===================================================================
--- trunk/contrib/sudo/zero_bytes.c 2014-10-02 03:17:17 UTC (rev 6802)
+++ trunk/contrib/sudo/zero_bytes.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -14,10 +14,11 @@
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
+#include <config.h>
+
#include <sys/types.h>
-#include <config.h>
-#include <compat.h>
+#include "missing.h"
/*
* Like bzero(3) but with a volatile pointer. The hope is that
Added: trunk/contrib/sudo/zlib/adler32.c
===================================================================
--- trunk/contrib/sudo/zlib/adler32.c (rev 0)
+++ trunk/contrib/sudo/zlib/adler32.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,169 @@
+/* adler32.c -- compute the Adler-32 checksum of a data stream
+ * Copyright (C) 1995-2007 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/* @(#) $Id$ */
+
+#include "zutil.h"
+
+#define local static
+
+local uLong adler32_combine_(uLong adler1, uLong adler2, z_off64_t len2);
+
+#define BASE 65521UL /* largest prime smaller than 65536 */
+#define NMAX 5552
+/* NMAX is the largest n such that 255n(n+1)/2 + (n+1)(BASE-1) <= 2^32-1 */
+
+#define DO1(buf,i) {adler += (buf)[i]; sum2 += adler;}
+#define DO2(buf,i) DO1(buf,i); DO1(buf,i+1);
+#define DO4(buf,i) DO2(buf,i); DO2(buf,i+2);
+#define DO8(buf,i) DO4(buf,i); DO4(buf,i+4);
+#define DO16(buf) DO8(buf,0); DO8(buf,8);
+
+/* use NO_DIVIDE if your processor does not do division in hardware */
+#ifdef NO_DIVIDE
+# define MOD(a) \
+ do { \
+ if (a >= (BASE << 16)) a -= (BASE << 16); \
+ if (a >= (BASE << 15)) a -= (BASE << 15); \
+ if (a >= (BASE << 14)) a -= (BASE << 14); \
+ if (a >= (BASE << 13)) a -= (BASE << 13); \
+ if (a >= (BASE << 12)) a -= (BASE << 12); \
+ if (a >= (BASE << 11)) a -= (BASE << 11); \
+ if (a >= (BASE << 10)) a -= (BASE << 10); \
+ if (a >= (BASE << 9)) a -= (BASE << 9); \
+ if (a >= (BASE << 8)) a -= (BASE << 8); \
+ if (a >= (BASE << 7)) a -= (BASE << 7); \
+ if (a >= (BASE << 6)) a -= (BASE << 6); \
+ if (a >= (BASE << 5)) a -= (BASE << 5); \
+ if (a >= (BASE << 4)) a -= (BASE << 4); \
+ if (a >= (BASE << 3)) a -= (BASE << 3); \
+ if (a >= (BASE << 2)) a -= (BASE << 2); \
+ if (a >= (BASE << 1)) a -= (BASE << 1); \
+ if (a >= BASE) a -= BASE; \
+ } while (0)
+# define MOD4(a) \
+ do { \
+ if (a >= (BASE << 4)) a -= (BASE << 4); \
+ if (a >= (BASE << 3)) a -= (BASE << 3); \
+ if (a >= (BASE << 2)) a -= (BASE << 2); \
+ if (a >= (BASE << 1)) a -= (BASE << 1); \
+ if (a >= BASE) a -= BASE; \
+ } while (0)
+#else
+# define MOD(a) a %= BASE
+# define MOD4(a) a %= BASE
+#endif
+
+/* ========================================================================= */
+uLong ZEXPORT adler32(adler, buf, len)
+ uLong adler;
+ const Bytef *buf;
+ uInt len;
+{
+ unsigned long sum2;
+ unsigned n;
+
+ /* split Adler-32 into component sums */
+ sum2 = (adler >> 16) & 0xffff;
+ adler &= 0xffff;
+
+ /* in case user likes doing a byte at a time, keep it fast */
+ if (len == 1) {
+ adler += buf[0];
+ if (adler >= BASE)
+ adler -= BASE;
+ sum2 += adler;
+ if (sum2 >= BASE)
+ sum2 -= BASE;
+ return adler | (sum2 << 16);
+ }
+
+ /* initial Adler-32 value (deferred check for len == 1 speed) */
+ if (buf == Z_NULL)
+ return 1L;
+
+ /* in case short lengths are provided, keep it somewhat fast */
+ if (len < 16) {
+ while (len--) {
+ adler += *buf++;
+ sum2 += adler;
+ }
+ if (adler >= BASE)
+ adler -= BASE;
+ MOD4(sum2); /* only added so many BASE's */
+ return adler | (sum2 << 16);
+ }
+
+ /* do length NMAX blocks -- requires just one modulo operation */
+ while (len >= NMAX) {
+ len -= NMAX;
+ n = NMAX / 16; /* NMAX is divisible by 16 */
+ do {
+ DO16(buf); /* 16 sums unrolled */
+ buf += 16;
+ } while (--n);
+ MOD(adler);
+ MOD(sum2);
+ }
+
+ /* do remaining bytes (less than NMAX, still just one modulo) */
+ if (len) { /* avoid modulos if none remaining */
+ while (len >= 16) {
+ len -= 16;
+ DO16(buf);
+ buf += 16;
+ }
+ while (len--) {
+ adler += *buf++;
+ sum2 += adler;
+ }
+ MOD(adler);
+ MOD(sum2);
+ }
+
+ /* return recombined sums */
+ return adler | (sum2 << 16);
+}
+
+/* ========================================================================= */
+local uLong adler32_combine_(adler1, adler2, len2)
+ uLong adler1;
+ uLong adler2;
+ z_off64_t len2;
+{
+ unsigned long sum1;
+ unsigned long sum2;
+ unsigned rem;
+
+ /* the derivation of this formula is left as an exercise for the reader */
+ rem = (unsigned)(len2 % BASE);
+ sum1 = adler1 & 0xffff;
+ sum2 = rem * sum1;
+ MOD(sum2);
+ sum1 += (adler2 & 0xffff) + BASE - 1;
+ sum2 += ((adler1 >> 16) & 0xffff) + ((adler2 >> 16) & 0xffff) + BASE - rem;
+ if (sum1 >= BASE) sum1 -= BASE;
+ if (sum1 >= BASE) sum1 -= BASE;
+ if (sum2 >= (BASE << 1)) sum2 -= (BASE << 1);
+ if (sum2 >= BASE) sum2 -= BASE;
+ return sum1 | (sum2 << 16);
+}
+
+/* ========================================================================= */
+uLong ZEXPORT adler32_combine(adler1, adler2, len2)
+ uLong adler1;
+ uLong adler2;
+ z_off_t len2;
+{
+ return adler32_combine_(adler1, adler2, len2);
+}
+
+uLong ZEXPORT adler32_combine64(adler1, adler2, len2)
+ uLong adler1;
+ uLong adler2;
+ z_off64_t len2;
+{
+ return adler32_combine_(adler1, adler2, len2);
+}
Added: trunk/contrib/sudo/zlib/compress.c
===================================================================
--- trunk/contrib/sudo/zlib/compress.c (rev 0)
+++ trunk/contrib/sudo/zlib/compress.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,80 @@
+/* compress.c -- compress a memory buffer
+ * Copyright (C) 1995-2005 Jean-loup Gailly.
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/* @(#) $Id$ */
+
+#define ZLIB_INTERNAL
+#include "zlib.h"
+
+/* ===========================================================================
+ Compresses the source buffer into the destination buffer. The level
+ parameter has the same meaning as in deflateInit. sourceLen is the byte
+ length of the source buffer. Upon entry, destLen is the total size of the
+ destination buffer, which must be at least 0.1% larger than sourceLen plus
+ 12 bytes. Upon exit, destLen is the actual size of the compressed buffer.
+
+ compress2 returns Z_OK if success, Z_MEM_ERROR if there was not enough
+ memory, Z_BUF_ERROR if there was not enough room in the output buffer,
+ Z_STREAM_ERROR if the level parameter is invalid.
+*/
+int ZEXPORT compress2 (dest, destLen, source, sourceLen, level)
+ Bytef *dest;
+ uLongf *destLen;
+ const Bytef *source;
+ uLong sourceLen;
+ int level;
+{
+ z_stream stream;
+ int err;
+
+ stream.next_in = (Bytef*)source;
+ stream.avail_in = (uInt)sourceLen;
+#ifdef MAXSEG_64K
+ /* Check for source > 64K on 16-bit machine: */
+ if ((uLong)stream.avail_in != sourceLen) return Z_BUF_ERROR;
+#endif
+ stream.next_out = dest;
+ stream.avail_out = (uInt)*destLen;
+ if ((uLong)stream.avail_out != *destLen) return Z_BUF_ERROR;
+
+ stream.zalloc = (alloc_func)0;
+ stream.zfree = (free_func)0;
+ stream.opaque = (voidpf)0;
+
+ err = deflateInit(&stream, level);
+ if (err != Z_OK) return err;
+
+ err = deflate(&stream, Z_FINISH);
+ if (err != Z_STREAM_END) {
+ deflateEnd(&stream);
+ return err == Z_OK ? Z_BUF_ERROR : err;
+ }
+ *destLen = stream.total_out;
+
+ err = deflateEnd(&stream);
+ return err;
+}
+
+/* ===========================================================================
+ */
+int ZEXPORT compress (dest, destLen, source, sourceLen)
+ Bytef *dest;
+ uLongf *destLen;
+ const Bytef *source;
+ uLong sourceLen;
+{
+ return compress2(dest, destLen, source, sourceLen, Z_DEFAULT_COMPRESSION);
+}
+
+/* ===========================================================================
+ If the default memLevel or windowBits for deflateInit() is changed, then
+ this function needs to be updated.
+ */
+uLong ZEXPORT compressBound (sourceLen)
+ uLong sourceLen;
+{
+ return sourceLen + (sourceLen >> 12) + (sourceLen >> 14) +
+ (sourceLen >> 25) + 13;
+}
Added: trunk/contrib/sudo/zlib/crc32.c
===================================================================
--- trunk/contrib/sudo/zlib/crc32.c (rev 0)
+++ trunk/contrib/sudo/zlib/crc32.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,442 @@
+/* crc32.c -- compute the CRC-32 of a data stream
+ * Copyright (C) 1995-2006, 2010 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ *
+ * Thanks to Rodney Brown <rbrown64 at csc.com.au> for his contribution of faster
+ * CRC methods: exclusive-oring 32 bits of data at a time, and pre-computing
+ * tables for updating the shift register in one step with three exclusive-ors
+ * instead of four steps with four exclusive-ors. This results in about a
+ * factor of two increase in speed on a Power PC G4 (PPC7455) using gcc -O3.
+ */
+
+/* @(#) $Id$ */
+
+/*
+ Note on the use of DYNAMIC_CRC_TABLE: there is no mutex or semaphore
+ protection on the static variables used to control the first-use generation
+ of the crc tables. Therefore, if you #define DYNAMIC_CRC_TABLE, you should
+ first call get_crc_table() to initialize the tables before allowing more than
+ one thread to use crc32().
+ */
+
+#ifdef MAKECRCH
+# include <stdio.h>
+# ifndef DYNAMIC_CRC_TABLE
+# define DYNAMIC_CRC_TABLE
+# endif /* !DYNAMIC_CRC_TABLE */
+#endif /* MAKECRCH */
+
+#include "zutil.h" /* for STDC and FAR definitions */
+
+#define local static
+
+/* Find a four-byte integer type for crc32_little() and crc32_big(). */
+#ifndef NOBYFOUR
+# ifdef STDC /* need ANSI C limits.h to determine sizes */
+# include <limits.h>
+# define BYFOUR
+# if (UINT_MAX == 0xffffffffUL)
+ typedef unsigned int u4;
+# else
+# if (ULONG_MAX == 0xffffffffUL)
+ typedef unsigned long u4;
+# else
+# if (USHRT_MAX == 0xffffffffUL)
+ typedef unsigned short u4;
+# else
+# undef BYFOUR /* can't find a four-byte integer type! */
+# endif
+# endif
+# endif
+# endif /* STDC */
+#endif /* !NOBYFOUR */
+
+/* Definitions for doing the crc four data bytes at a time. */
+#ifdef BYFOUR
+# define REV(w) ((((w)>>24)&0xff)+(((w)>>8)&0xff00)+ \
+ (((w)&0xff00)<<8)+(((w)&0xff)<<24))
+ local unsigned long crc32_little OF((unsigned long,
+ const unsigned char FAR *, unsigned));
+ local unsigned long crc32_big OF((unsigned long,
+ const unsigned char FAR *, unsigned));
+# define TBLS 8
+#else
+# define TBLS 1
+#endif /* BYFOUR */
+
+/* Local functions for crc concatenation */
+local unsigned long gf2_matrix_times OF((unsigned long *mat,
+ unsigned long vec));
+local void gf2_matrix_square OF((unsigned long *square, unsigned long *mat));
+local uLong crc32_combine_(uLong crc1, uLong crc2, z_off64_t len2);
+
+
+#ifdef DYNAMIC_CRC_TABLE
+
+local volatile int crc_table_empty = 1;
+local unsigned long FAR crc_table[TBLS][256];
+local void make_crc_table OF((void));
+#ifdef MAKECRCH
+ local void write_table OF((FILE *, const unsigned long FAR *));
+#endif /* MAKECRCH */
+/*
+ Generate tables for a byte-wise 32-bit CRC calculation on the polynomial:
+ x^32+x^26+x^23+x^22+x^16+x^12+x^11+x^10+x^8+x^7+x^5+x^4+x^2+x+1.
+
+ Polynomials over GF(2) are represented in binary, one bit per coefficient,
+ with the lowest powers in the most significant bit. Then adding polynomials
+ is just exclusive-or, and multiplying a polynomial by x is a right shift by
+ one. If we call the above polynomial p, and represent a byte as the
+ polynomial q, also with the lowest power in the most significant bit (so the
+ byte 0xb1 is the polynomial x^7+x^3+x+1), then the CRC is (q*x^32) mod p,
+ where a mod b means the remainder after dividing a by b.
+
+ This calculation is done using the shift-register method of multiplying and
+ taking the remainder. The register is initialized to zero, and for each
+ incoming bit, x^32 is added mod p to the register if the bit is a one (where
+ x^32 mod p is p+x^32 = x^26+...+1), and the register is multiplied mod p by
+ x (which is shifting right by one and adding x^32 mod p if the bit shifted
+ out is a one). We start with the highest power (least significant bit) of
+ q and repeat for all eight bits of q.
+
+ The first table is simply the CRC of all possible eight bit values. This is
+ all the information needed to generate CRCs on data a byte at a time for all
+ combinations of CRC register values and incoming bytes. The remaining tables
+ allow for word-at-a-time CRC calculation for both big-endian and little-
+ endian machines, where a word is four bytes.
+*/
+local void make_crc_table()
+{
+ unsigned long c;
+ int n, k;
+ unsigned long poly; /* polynomial exclusive-or pattern */
+ /* terms of polynomial defining this crc (except x^32): */
+ static volatile int first = 1; /* flag to limit concurrent making */
+ static const unsigned char p[] = {0,1,2,4,5,7,8,10,11,12,16,22,23,26};
+
+ /* See if another task is already doing this (not thread-safe, but better
+ than nothing -- significantly reduces duration of vulnerability in
+ case the advice about DYNAMIC_CRC_TABLE is ignored) */
+ if (first) {
+ first = 0;
+
+ /* make exclusive-or pattern from polynomial (0xedb88320UL) */
+ poly = 0UL;
+ for (n = 0; n < sizeof(p)/sizeof(unsigned char); n++)
+ poly |= 1UL << (31 - p[n]);
+
+ /* generate a crc for every 8-bit value */
+ for (n = 0; n < 256; n++) {
+ c = (unsigned long)n;
+ for (k = 0; k < 8; k++)
+ c = c & 1 ? poly ^ (c >> 1) : c >> 1;
+ crc_table[0][n] = c;
+ }
+
+#ifdef BYFOUR
+ /* generate crc for each value followed by one, two, and three zeros,
+ and then the byte reversal of those as well as the first table */
+ for (n = 0; n < 256; n++) {
+ c = crc_table[0][n];
+ crc_table[4][n] = REV(c);
+ for (k = 1; k < 4; k++) {
+ c = crc_table[0][c & 0xff] ^ (c >> 8);
+ crc_table[k][n] = c;
+ crc_table[k + 4][n] = REV(c);
+ }
+ }
+#endif /* BYFOUR */
+
+ crc_table_empty = 0;
+ }
+ else { /* not first */
+ /* wait for the other guy to finish (not efficient, but rare) */
+ while (crc_table_empty)
+ ;
+ }
+
+#ifdef MAKECRCH
+ /* write out CRC tables to crc32.h */
+ {
+ FILE *out;
+
+ out = fopen("crc32.h", "w");
+ if (out == NULL) return;
+ fprintf(out, "/* crc32.h -- tables for rapid CRC calculation\n");
+ fprintf(out, " * Generated automatically by crc32.c\n */\n\n");
+ fprintf(out, "local const unsigned long FAR ");
+ fprintf(out, "crc_table[TBLS][256] =\n{\n {\n");
+ write_table(out, crc_table[0]);
+# ifdef BYFOUR
+ fprintf(out, "#ifdef BYFOUR\n");
+ for (k = 1; k < 8; k++) {
+ fprintf(out, " },\n {\n");
+ write_table(out, crc_table[k]);
+ }
+ fprintf(out, "#endif\n");
+# endif /* BYFOUR */
+ fprintf(out, " }\n};\n");
+ fclose(out);
+ }
+#endif /* MAKECRCH */
+}
+
+#ifdef MAKECRCH
+local void write_table(out, table)
+ FILE *out;
+ const unsigned long FAR *table;
+{
+ int n;
+
+ for (n = 0; n < 256; n++)
+ fprintf(out, "%s0x%08lxUL%s", n % 5 ? "" : " ", table[n],
+ n == 255 ? "\n" : (n % 5 == 4 ? ",\n" : ", "));
+}
+#endif /* MAKECRCH */
+
+#else /* !DYNAMIC_CRC_TABLE */
+/* ========================================================================
+ * Tables of CRC-32s of all single-byte values, made by make_crc_table().
+ */
+#include "crc32.h"
+#endif /* DYNAMIC_CRC_TABLE */
+
+/* =========================================================================
+ * This function can be used by asm versions of crc32()
+ */
+const unsigned long FAR * ZEXPORT get_crc_table()
+{
+#ifdef DYNAMIC_CRC_TABLE
+ if (crc_table_empty)
+ make_crc_table();
+#endif /* DYNAMIC_CRC_TABLE */
+ return (const unsigned long FAR *)crc_table;
+}
+
+/* ========================================================================= */
+#define DO1 crc = crc_table[0][((int)crc ^ (*buf++)) & 0xff] ^ (crc >> 8)
+#define DO8 DO1; DO1; DO1; DO1; DO1; DO1; DO1; DO1
+
+/* ========================================================================= */
+unsigned long ZEXPORT crc32(crc, buf, len)
+ unsigned long crc;
+ const unsigned char FAR *buf;
+ uInt len;
+{
+ if (buf == Z_NULL) return 0UL;
+
+#ifdef DYNAMIC_CRC_TABLE
+ if (crc_table_empty)
+ make_crc_table();
+#endif /* DYNAMIC_CRC_TABLE */
+
+#ifdef BYFOUR
+ if (sizeof(void *) == sizeof(ptrdiff_t)) {
+ u4 endian;
+
+ endian = 1;
+ if (*((unsigned char *)(&endian)))
+ return crc32_little(crc, buf, len);
+ else
+ return crc32_big(crc, buf, len);
+ }
+#endif /* BYFOUR */
+ crc = crc ^ 0xffffffffUL;
+ while (len >= 8) {
+ DO8;
+ len -= 8;
+ }
+ if (len) do {
+ DO1;
+ } while (--len);
+ return crc ^ 0xffffffffUL;
+}
+
+#ifdef BYFOUR
+
+/* ========================================================================= */
+#define DOLIT4 c ^= *buf4++; \
+ c = crc_table[3][c & 0xff] ^ crc_table[2][(c >> 8) & 0xff] ^ \
+ crc_table[1][(c >> 16) & 0xff] ^ crc_table[0][c >> 24]
+#define DOLIT32 DOLIT4; DOLIT4; DOLIT4; DOLIT4; DOLIT4; DOLIT4; DOLIT4; DOLIT4
+
+/* ========================================================================= */
+local unsigned long crc32_little(crc, buf, len)
+ unsigned long crc;
+ const unsigned char FAR *buf;
+ unsigned len;
+{
+ register u4 c;
+ register const u4 FAR *buf4;
+
+ c = (u4)crc;
+ c = ~c;
+ while (len && ((ptrdiff_t)buf & 3)) {
+ c = crc_table[0][(c ^ *buf++) & 0xff] ^ (c >> 8);
+ len--;
+ }
+
+ buf4 = (const u4 FAR *)(const void FAR *)buf;
+ while (len >= 32) {
+ DOLIT32;
+ len -= 32;
+ }
+ while (len >= 4) {
+ DOLIT4;
+ len -= 4;
+ }
+ buf = (const unsigned char FAR *)buf4;
+
+ if (len) do {
+ c = crc_table[0][(c ^ *buf++) & 0xff] ^ (c >> 8);
+ } while (--len);
+ c = ~c;
+ return (unsigned long)c;
+}
+
+/* ========================================================================= */
+#define DOBIG4 c ^= *++buf4; \
+ c = crc_table[4][c & 0xff] ^ crc_table[5][(c >> 8) & 0xff] ^ \
+ crc_table[6][(c >> 16) & 0xff] ^ crc_table[7][c >> 24]
+#define DOBIG32 DOBIG4; DOBIG4; DOBIG4; DOBIG4; DOBIG4; DOBIG4; DOBIG4; DOBIG4
+
+/* ========================================================================= */
+local unsigned long crc32_big(crc, buf, len)
+ unsigned long crc;
+ const unsigned char FAR *buf;
+ unsigned len;
+{
+ register u4 c;
+ register const u4 FAR *buf4;
+
+ c = REV((u4)crc);
+ c = ~c;
+ while (len && ((ptrdiff_t)buf & 3)) {
+ c = crc_table[4][(c >> 24) ^ *buf++] ^ (c << 8);
+ len--;
+ }
+
+ buf4 = (const u4 FAR *)(const void FAR *)buf;
+ buf4--;
+ while (len >= 32) {
+ DOBIG32;
+ len -= 32;
+ }
+ while (len >= 4) {
+ DOBIG4;
+ len -= 4;
+ }
+ buf4++;
+ buf = (const unsigned char FAR *)buf4;
+
+ if (len) do {
+ c = crc_table[4][(c >> 24) ^ *buf++] ^ (c << 8);
+ } while (--len);
+ c = ~c;
+ return (unsigned long)(REV(c));
+}
+
+#endif /* BYFOUR */
+
+#define GF2_DIM 32 /* dimension of GF(2) vectors (length of CRC) */
+
+/* ========================================================================= */
+local unsigned long gf2_matrix_times(mat, vec)
+ unsigned long *mat;
+ unsigned long vec;
+{
+ unsigned long sum;
+
+ sum = 0;
+ while (vec) {
+ if (vec & 1)
+ sum ^= *mat;
+ vec >>= 1;
+ mat++;
+ }
+ return sum;
+}
+
+/* ========================================================================= */
+local void gf2_matrix_square(square, mat)
+ unsigned long *square;
+ unsigned long *mat;
+{
+ int n;
+
+ for (n = 0; n < GF2_DIM; n++)
+ square[n] = gf2_matrix_times(mat, mat[n]);
+}
+
+/* ========================================================================= */
+local uLong crc32_combine_(crc1, crc2, len2)
+ uLong crc1;
+ uLong crc2;
+ z_off64_t len2;
+{
+ int n;
+ unsigned long row;
+ unsigned long even[GF2_DIM]; /* even-power-of-two zeros operator */
+ unsigned long odd[GF2_DIM]; /* odd-power-of-two zeros operator */
+
+ /* degenerate case (also disallow negative lengths) */
+ if (len2 <= 0)
+ return crc1;
+
+ /* put operator for one zero bit in odd */
+ odd[0] = 0xedb88320UL; /* CRC-32 polynomial */
+ row = 1;
+ for (n = 1; n < GF2_DIM; n++) {
+ odd[n] = row;
+ row <<= 1;
+ }
+
+ /* put operator for two zero bits in even */
+ gf2_matrix_square(even, odd);
+
+ /* put operator for four zero bits in odd */
+ gf2_matrix_square(odd, even);
+
+ /* apply len2 zeros to crc1 (first square will put the operator for one
+ zero byte, eight zero bits, in even) */
+ do {
+ /* apply zeros operator for this bit of len2 */
+ gf2_matrix_square(even, odd);
+ if (len2 & 1)
+ crc1 = gf2_matrix_times(even, crc1);
+ len2 >>= 1;
+
+ /* if no more bits set, then done */
+ if (len2 == 0)
+ break;
+
+ /* another iteration of the loop with odd and even swapped */
+ gf2_matrix_square(odd, even);
+ if (len2 & 1)
+ crc1 = gf2_matrix_times(odd, crc1);
+ len2 >>= 1;
+
+ /* if no more bits set, then done */
+ } while (len2 != 0);
+
+ /* return combined crc */
+ crc1 ^= crc2;
+ return crc1;
+}
+
+/* ========================================================================= */
+uLong ZEXPORT crc32_combine(crc1, crc2, len2)
+ uLong crc1;
+ uLong crc2;
+ z_off_t len2;
+{
+ return crc32_combine_(crc1, crc2, len2);
+}
+
+uLong ZEXPORT crc32_combine64(crc1, crc2, len2)
+ uLong crc1;
+ uLong crc2;
+ z_off64_t len2;
+{
+ return crc32_combine_(crc1, crc2, len2);
+}
Added: trunk/contrib/sudo/zlib/crc32.h
===================================================================
--- trunk/contrib/sudo/zlib/crc32.h (rev 0)
+++ trunk/contrib/sudo/zlib/crc32.h 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,441 @@
+/* crc32.h -- tables for rapid CRC calculation
+ * Generated automatically by crc32.c
+ */
+
+local const unsigned long FAR crc_table[TBLS][256] =
+{
+ {
+ 0x00000000UL, 0x77073096UL, 0xee0e612cUL, 0x990951baUL, 0x076dc419UL,
+ 0x706af48fUL, 0xe963a535UL, 0x9e6495a3UL, 0x0edb8832UL, 0x79dcb8a4UL,
+ 0xe0d5e91eUL, 0x97d2d988UL, 0x09b64c2bUL, 0x7eb17cbdUL, 0xe7b82d07UL,
+ 0x90bf1d91UL, 0x1db71064UL, 0x6ab020f2UL, 0xf3b97148UL, 0x84be41deUL,
+ 0x1adad47dUL, 0x6ddde4ebUL, 0xf4d4b551UL, 0x83d385c7UL, 0x136c9856UL,
+ 0x646ba8c0UL, 0xfd62f97aUL, 0x8a65c9ecUL, 0x14015c4fUL, 0x63066cd9UL,
+ 0xfa0f3d63UL, 0x8d080df5UL, 0x3b6e20c8UL, 0x4c69105eUL, 0xd56041e4UL,
+ 0xa2677172UL, 0x3c03e4d1UL, 0x4b04d447UL, 0xd20d85fdUL, 0xa50ab56bUL,
+ 0x35b5a8faUL, 0x42b2986cUL, 0xdbbbc9d6UL, 0xacbcf940UL, 0x32d86ce3UL,
+ 0x45df5c75UL, 0xdcd60dcfUL, 0xabd13d59UL, 0x26d930acUL, 0x51de003aUL,
+ 0xc8d75180UL, 0xbfd06116UL, 0x21b4f4b5UL, 0x56b3c423UL, 0xcfba9599UL,
+ 0xb8bda50fUL, 0x2802b89eUL, 0x5f058808UL, 0xc60cd9b2UL, 0xb10be924UL,
+ 0x2f6f7c87UL, 0x58684c11UL, 0xc1611dabUL, 0xb6662d3dUL, 0x76dc4190UL,
+ 0x01db7106UL, 0x98d220bcUL, 0xefd5102aUL, 0x71b18589UL, 0x06b6b51fUL,
+ 0x9fbfe4a5UL, 0xe8b8d433UL, 0x7807c9a2UL, 0x0f00f934UL, 0x9609a88eUL,
+ 0xe10e9818UL, 0x7f6a0dbbUL, 0x086d3d2dUL, 0x91646c97UL, 0xe6635c01UL,
+ 0x6b6b51f4UL, 0x1c6c6162UL, 0x856530d8UL, 0xf262004eUL, 0x6c0695edUL,
+ 0x1b01a57bUL, 0x8208f4c1UL, 0xf50fc457UL, 0x65b0d9c6UL, 0x12b7e950UL,
+ 0x8bbeb8eaUL, 0xfcb9887cUL, 0x62dd1ddfUL, 0x15da2d49UL, 0x8cd37cf3UL,
+ 0xfbd44c65UL, 0x4db26158UL, 0x3ab551ceUL, 0xa3bc0074UL, 0xd4bb30e2UL,
+ 0x4adfa541UL, 0x3dd895d7UL, 0xa4d1c46dUL, 0xd3d6f4fbUL, 0x4369e96aUL,
+ 0x346ed9fcUL, 0xad678846UL, 0xda60b8d0UL, 0x44042d73UL, 0x33031de5UL,
+ 0xaa0a4c5fUL, 0xdd0d7cc9UL, 0x5005713cUL, 0x270241aaUL, 0xbe0b1010UL,
+ 0xc90c2086UL, 0x5768b525UL, 0x206f85b3UL, 0xb966d409UL, 0xce61e49fUL,
+ 0x5edef90eUL, 0x29d9c998UL, 0xb0d09822UL, 0xc7d7a8b4UL, 0x59b33d17UL,
+ 0x2eb40d81UL, 0xb7bd5c3bUL, 0xc0ba6cadUL, 0xedb88320UL, 0x9abfb3b6UL,
+ 0x03b6e20cUL, 0x74b1d29aUL, 0xead54739UL, 0x9dd277afUL, 0x04db2615UL,
+ 0x73dc1683UL, 0xe3630b12UL, 0x94643b84UL, 0x0d6d6a3eUL, 0x7a6a5aa8UL,
+ 0xe40ecf0bUL, 0x9309ff9dUL, 0x0a00ae27UL, 0x7d079eb1UL, 0xf00f9344UL,
+ 0x8708a3d2UL, 0x1e01f268UL, 0x6906c2feUL, 0xf762575dUL, 0x806567cbUL,
+ 0x196c3671UL, 0x6e6b06e7UL, 0xfed41b76UL, 0x89d32be0UL, 0x10da7a5aUL,
+ 0x67dd4accUL, 0xf9b9df6fUL, 0x8ebeeff9UL, 0x17b7be43UL, 0x60b08ed5UL,
+ 0xd6d6a3e8UL, 0xa1d1937eUL, 0x38d8c2c4UL, 0x4fdff252UL, 0xd1bb67f1UL,
+ 0xa6bc5767UL, 0x3fb506ddUL, 0x48b2364bUL, 0xd80d2bdaUL, 0xaf0a1b4cUL,
+ 0x36034af6UL, 0x41047a60UL, 0xdf60efc3UL, 0xa867df55UL, 0x316e8eefUL,
+ 0x4669be79UL, 0xcb61b38cUL, 0xbc66831aUL, 0x256fd2a0UL, 0x5268e236UL,
+ 0xcc0c7795UL, 0xbb0b4703UL, 0x220216b9UL, 0x5505262fUL, 0xc5ba3bbeUL,
+ 0xb2bd0b28UL, 0x2bb45a92UL, 0x5cb36a04UL, 0xc2d7ffa7UL, 0xb5d0cf31UL,
+ 0x2cd99e8bUL, 0x5bdeae1dUL, 0x9b64c2b0UL, 0xec63f226UL, 0x756aa39cUL,
+ 0x026d930aUL, 0x9c0906a9UL, 0xeb0e363fUL, 0x72076785UL, 0x05005713UL,
+ 0x95bf4a82UL, 0xe2b87a14UL, 0x7bb12baeUL, 0x0cb61b38UL, 0x92d28e9bUL,
+ 0xe5d5be0dUL, 0x7cdcefb7UL, 0x0bdbdf21UL, 0x86d3d2d4UL, 0xf1d4e242UL,
+ 0x68ddb3f8UL, 0x1fda836eUL, 0x81be16cdUL, 0xf6b9265bUL, 0x6fb077e1UL,
+ 0x18b74777UL, 0x88085ae6UL, 0xff0f6a70UL, 0x66063bcaUL, 0x11010b5cUL,
+ 0x8f659effUL, 0xf862ae69UL, 0x616bffd3UL, 0x166ccf45UL, 0xa00ae278UL,
+ 0xd70dd2eeUL, 0x4e048354UL, 0x3903b3c2UL, 0xa7672661UL, 0xd06016f7UL,
+ 0x4969474dUL, 0x3e6e77dbUL, 0xaed16a4aUL, 0xd9d65adcUL, 0x40df0b66UL,
+ 0x37d83bf0UL, 0xa9bcae53UL, 0xdebb9ec5UL, 0x47b2cf7fUL, 0x30b5ffe9UL,
+ 0xbdbdf21cUL, 0xcabac28aUL, 0x53b39330UL, 0x24b4a3a6UL, 0xbad03605UL,
+ 0xcdd70693UL, 0x54de5729UL, 0x23d967bfUL, 0xb3667a2eUL, 0xc4614ab8UL,
+ 0x5d681b02UL, 0x2a6f2b94UL, 0xb40bbe37UL, 0xc30c8ea1UL, 0x5a05df1bUL,
+ 0x2d02ef8dUL
+#ifdef BYFOUR
+ },
+ {
+ 0x00000000UL, 0x191b3141UL, 0x32366282UL, 0x2b2d53c3UL, 0x646cc504UL,
+ 0x7d77f445UL, 0x565aa786UL, 0x4f4196c7UL, 0xc8d98a08UL, 0xd1c2bb49UL,
+ 0xfaefe88aUL, 0xe3f4d9cbUL, 0xacb54f0cUL, 0xb5ae7e4dUL, 0x9e832d8eUL,
+ 0x87981ccfUL, 0x4ac21251UL, 0x53d92310UL, 0x78f470d3UL, 0x61ef4192UL,
+ 0x2eaed755UL, 0x37b5e614UL, 0x1c98b5d7UL, 0x05838496UL, 0x821b9859UL,
+ 0x9b00a918UL, 0xb02dfadbUL, 0xa936cb9aUL, 0xe6775d5dUL, 0xff6c6c1cUL,
+ 0xd4413fdfUL, 0xcd5a0e9eUL, 0x958424a2UL, 0x8c9f15e3UL, 0xa7b24620UL,
+ 0xbea97761UL, 0xf1e8e1a6UL, 0xe8f3d0e7UL, 0xc3de8324UL, 0xdac5b265UL,
+ 0x5d5daeaaUL, 0x44469febUL, 0x6f6bcc28UL, 0x7670fd69UL, 0x39316baeUL,
+ 0x202a5aefUL, 0x0b07092cUL, 0x121c386dUL, 0xdf4636f3UL, 0xc65d07b2UL,
+ 0xed705471UL, 0xf46b6530UL, 0xbb2af3f7UL, 0xa231c2b6UL, 0x891c9175UL,
+ 0x9007a034UL, 0x179fbcfbUL, 0x0e848dbaUL, 0x25a9de79UL, 0x3cb2ef38UL,
+ 0x73f379ffUL, 0x6ae848beUL, 0x41c51b7dUL, 0x58de2a3cUL, 0xf0794f05UL,
+ 0xe9627e44UL, 0xc24f2d87UL, 0xdb541cc6UL, 0x94158a01UL, 0x8d0ebb40UL,
+ 0xa623e883UL, 0xbf38d9c2UL, 0x38a0c50dUL, 0x21bbf44cUL, 0x0a96a78fUL,
+ 0x138d96ceUL, 0x5ccc0009UL, 0x45d73148UL, 0x6efa628bUL, 0x77e153caUL,
+ 0xbabb5d54UL, 0xa3a06c15UL, 0x888d3fd6UL, 0x91960e97UL, 0xded79850UL,
+ 0xc7cca911UL, 0xece1fad2UL, 0xf5facb93UL, 0x7262d75cUL, 0x6b79e61dUL,
+ 0x4054b5deUL, 0x594f849fUL, 0x160e1258UL, 0x0f152319UL, 0x243870daUL,
+ 0x3d23419bUL, 0x65fd6ba7UL, 0x7ce65ae6UL, 0x57cb0925UL, 0x4ed03864UL,
+ 0x0191aea3UL, 0x188a9fe2UL, 0x33a7cc21UL, 0x2abcfd60UL, 0xad24e1afUL,
+ 0xb43fd0eeUL, 0x9f12832dUL, 0x8609b26cUL, 0xc94824abUL, 0xd05315eaUL,
+ 0xfb7e4629UL, 0xe2657768UL, 0x2f3f79f6UL, 0x362448b7UL, 0x1d091b74UL,
+ 0x04122a35UL, 0x4b53bcf2UL, 0x52488db3UL, 0x7965de70UL, 0x607eef31UL,
+ 0xe7e6f3feUL, 0xfefdc2bfUL, 0xd5d0917cUL, 0xcccba03dUL, 0x838a36faUL,
+ 0x9a9107bbUL, 0xb1bc5478UL, 0xa8a76539UL, 0x3b83984bUL, 0x2298a90aUL,
+ 0x09b5fac9UL, 0x10aecb88UL, 0x5fef5d4fUL, 0x46f46c0eUL, 0x6dd93fcdUL,
+ 0x74c20e8cUL, 0xf35a1243UL, 0xea412302UL, 0xc16c70c1UL, 0xd8774180UL,
+ 0x9736d747UL, 0x8e2de606UL, 0xa500b5c5UL, 0xbc1b8484UL, 0x71418a1aUL,
+ 0x685abb5bUL, 0x4377e898UL, 0x5a6cd9d9UL, 0x152d4f1eUL, 0x0c367e5fUL,
+ 0x271b2d9cUL, 0x3e001cddUL, 0xb9980012UL, 0xa0833153UL, 0x8bae6290UL,
+ 0x92b553d1UL, 0xddf4c516UL, 0xc4eff457UL, 0xefc2a794UL, 0xf6d996d5UL,
+ 0xae07bce9UL, 0xb71c8da8UL, 0x9c31de6bUL, 0x852aef2aUL, 0xca6b79edUL,
+ 0xd37048acUL, 0xf85d1b6fUL, 0xe1462a2eUL, 0x66de36e1UL, 0x7fc507a0UL,
+ 0x54e85463UL, 0x4df36522UL, 0x02b2f3e5UL, 0x1ba9c2a4UL, 0x30849167UL,
+ 0x299fa026UL, 0xe4c5aeb8UL, 0xfdde9ff9UL, 0xd6f3cc3aUL, 0xcfe8fd7bUL,
+ 0x80a96bbcUL, 0x99b25afdUL, 0xb29f093eUL, 0xab84387fUL, 0x2c1c24b0UL,
+ 0x350715f1UL, 0x1e2a4632UL, 0x07317773UL, 0x4870e1b4UL, 0x516bd0f5UL,
+ 0x7a468336UL, 0x635db277UL, 0xcbfad74eUL, 0xd2e1e60fUL, 0xf9ccb5ccUL,
+ 0xe0d7848dUL, 0xaf96124aUL, 0xb68d230bUL, 0x9da070c8UL, 0x84bb4189UL,
+ 0x03235d46UL, 0x1a386c07UL, 0x31153fc4UL, 0x280e0e85UL, 0x674f9842UL,
+ 0x7e54a903UL, 0x5579fac0UL, 0x4c62cb81UL, 0x8138c51fUL, 0x9823f45eUL,
+ 0xb30ea79dUL, 0xaa1596dcUL, 0xe554001bUL, 0xfc4f315aUL, 0xd7626299UL,
+ 0xce7953d8UL, 0x49e14f17UL, 0x50fa7e56UL, 0x7bd72d95UL, 0x62cc1cd4UL,
+ 0x2d8d8a13UL, 0x3496bb52UL, 0x1fbbe891UL, 0x06a0d9d0UL, 0x5e7ef3ecUL,
+ 0x4765c2adUL, 0x6c48916eUL, 0x7553a02fUL, 0x3a1236e8UL, 0x230907a9UL,
+ 0x0824546aUL, 0x113f652bUL, 0x96a779e4UL, 0x8fbc48a5UL, 0xa4911b66UL,
+ 0xbd8a2a27UL, 0xf2cbbce0UL, 0xebd08da1UL, 0xc0fdde62UL, 0xd9e6ef23UL,
+ 0x14bce1bdUL, 0x0da7d0fcUL, 0x268a833fUL, 0x3f91b27eUL, 0x70d024b9UL,
+ 0x69cb15f8UL, 0x42e6463bUL, 0x5bfd777aUL, 0xdc656bb5UL, 0xc57e5af4UL,
+ 0xee530937UL, 0xf7483876UL, 0xb809aeb1UL, 0xa1129ff0UL, 0x8a3fcc33UL,
+ 0x9324fd72UL
+ },
+ {
+ 0x00000000UL, 0x01c26a37UL, 0x0384d46eUL, 0x0246be59UL, 0x0709a8dcUL,
+ 0x06cbc2ebUL, 0x048d7cb2UL, 0x054f1685UL, 0x0e1351b8UL, 0x0fd13b8fUL,
+ 0x0d9785d6UL, 0x0c55efe1UL, 0x091af964UL, 0x08d89353UL, 0x0a9e2d0aUL,
+ 0x0b5c473dUL, 0x1c26a370UL, 0x1de4c947UL, 0x1fa2771eUL, 0x1e601d29UL,
+ 0x1b2f0bacUL, 0x1aed619bUL, 0x18abdfc2UL, 0x1969b5f5UL, 0x1235f2c8UL,
+ 0x13f798ffUL, 0x11b126a6UL, 0x10734c91UL, 0x153c5a14UL, 0x14fe3023UL,
+ 0x16b88e7aUL, 0x177ae44dUL, 0x384d46e0UL, 0x398f2cd7UL, 0x3bc9928eUL,
+ 0x3a0bf8b9UL, 0x3f44ee3cUL, 0x3e86840bUL, 0x3cc03a52UL, 0x3d025065UL,
+ 0x365e1758UL, 0x379c7d6fUL, 0x35dac336UL, 0x3418a901UL, 0x3157bf84UL,
+ 0x3095d5b3UL, 0x32d36beaUL, 0x331101ddUL, 0x246be590UL, 0x25a98fa7UL,
+ 0x27ef31feUL, 0x262d5bc9UL, 0x23624d4cUL, 0x22a0277bUL, 0x20e69922UL,
+ 0x2124f315UL, 0x2a78b428UL, 0x2bbade1fUL, 0x29fc6046UL, 0x283e0a71UL,
+ 0x2d711cf4UL, 0x2cb376c3UL, 0x2ef5c89aUL, 0x2f37a2adUL, 0x709a8dc0UL,
+ 0x7158e7f7UL, 0x731e59aeUL, 0x72dc3399UL, 0x7793251cUL, 0x76514f2bUL,
+ 0x7417f172UL, 0x75d59b45UL, 0x7e89dc78UL, 0x7f4bb64fUL, 0x7d0d0816UL,
+ 0x7ccf6221UL, 0x798074a4UL, 0x78421e93UL, 0x7a04a0caUL, 0x7bc6cafdUL,
+ 0x6cbc2eb0UL, 0x6d7e4487UL, 0x6f38fadeUL, 0x6efa90e9UL, 0x6bb5866cUL,
+ 0x6a77ec5bUL, 0x68315202UL, 0x69f33835UL, 0x62af7f08UL, 0x636d153fUL,
+ 0x612bab66UL, 0x60e9c151UL, 0x65a6d7d4UL, 0x6464bde3UL, 0x662203baUL,
+ 0x67e0698dUL, 0x48d7cb20UL, 0x4915a117UL, 0x4b531f4eUL, 0x4a917579UL,
+ 0x4fde63fcUL, 0x4e1c09cbUL, 0x4c5ab792UL, 0x4d98dda5UL, 0x46c49a98UL,
+ 0x4706f0afUL, 0x45404ef6UL, 0x448224c1UL, 0x41cd3244UL, 0x400f5873UL,
+ 0x4249e62aUL, 0x438b8c1dUL, 0x54f16850UL, 0x55330267UL, 0x5775bc3eUL,
+ 0x56b7d609UL, 0x53f8c08cUL, 0x523aaabbUL, 0x507c14e2UL, 0x51be7ed5UL,
+ 0x5ae239e8UL, 0x5b2053dfUL, 0x5966ed86UL, 0x58a487b1UL, 0x5deb9134UL,
+ 0x5c29fb03UL, 0x5e6f455aUL, 0x5fad2f6dUL, 0xe1351b80UL, 0xe0f771b7UL,
+ 0xe2b1cfeeUL, 0xe373a5d9UL, 0xe63cb35cUL, 0xe7fed96bUL, 0xe5b86732UL,
+ 0xe47a0d05UL, 0xef264a38UL, 0xeee4200fUL, 0xeca29e56UL, 0xed60f461UL,
+ 0xe82fe2e4UL, 0xe9ed88d3UL, 0xebab368aUL, 0xea695cbdUL, 0xfd13b8f0UL,
+ 0xfcd1d2c7UL, 0xfe976c9eUL, 0xff5506a9UL, 0xfa1a102cUL, 0xfbd87a1bUL,
+ 0xf99ec442UL, 0xf85cae75UL, 0xf300e948UL, 0xf2c2837fUL, 0xf0843d26UL,
+ 0xf1465711UL, 0xf4094194UL, 0xf5cb2ba3UL, 0xf78d95faUL, 0xf64fffcdUL,
+ 0xd9785d60UL, 0xd8ba3757UL, 0xdafc890eUL, 0xdb3ee339UL, 0xde71f5bcUL,
+ 0xdfb39f8bUL, 0xddf521d2UL, 0xdc374be5UL, 0xd76b0cd8UL, 0xd6a966efUL,
+ 0xd4efd8b6UL, 0xd52db281UL, 0xd062a404UL, 0xd1a0ce33UL, 0xd3e6706aUL,
+ 0xd2241a5dUL, 0xc55efe10UL, 0xc49c9427UL, 0xc6da2a7eUL, 0xc7184049UL,
+ 0xc25756ccUL, 0xc3953cfbUL, 0xc1d382a2UL, 0xc011e895UL, 0xcb4dafa8UL,
+ 0xca8fc59fUL, 0xc8c97bc6UL, 0xc90b11f1UL, 0xcc440774UL, 0xcd866d43UL,
+ 0xcfc0d31aUL, 0xce02b92dUL, 0x91af9640UL, 0x906dfc77UL, 0x922b422eUL,
+ 0x93e92819UL, 0x96a63e9cUL, 0x976454abUL, 0x9522eaf2UL, 0x94e080c5UL,
+ 0x9fbcc7f8UL, 0x9e7eadcfUL, 0x9c381396UL, 0x9dfa79a1UL, 0x98b56f24UL,
+ 0x99770513UL, 0x9b31bb4aUL, 0x9af3d17dUL, 0x8d893530UL, 0x8c4b5f07UL,
+ 0x8e0de15eUL, 0x8fcf8b69UL, 0x8a809decUL, 0x8b42f7dbUL, 0x89044982UL,
+ 0x88c623b5UL, 0x839a6488UL, 0x82580ebfUL, 0x801eb0e6UL, 0x81dcdad1UL,
+ 0x8493cc54UL, 0x8551a663UL, 0x8717183aUL, 0x86d5720dUL, 0xa9e2d0a0UL,
+ 0xa820ba97UL, 0xaa6604ceUL, 0xaba46ef9UL, 0xaeeb787cUL, 0xaf29124bUL,
+ 0xad6fac12UL, 0xacadc625UL, 0xa7f18118UL, 0xa633eb2fUL, 0xa4755576UL,
+ 0xa5b73f41UL, 0xa0f829c4UL, 0xa13a43f3UL, 0xa37cfdaaUL, 0xa2be979dUL,
+ 0xb5c473d0UL, 0xb40619e7UL, 0xb640a7beUL, 0xb782cd89UL, 0xb2cddb0cUL,
+ 0xb30fb13bUL, 0xb1490f62UL, 0xb08b6555UL, 0xbbd72268UL, 0xba15485fUL,
+ 0xb853f606UL, 0xb9919c31UL, 0xbcde8ab4UL, 0xbd1ce083UL, 0xbf5a5edaUL,
+ 0xbe9834edUL
+ },
+ {
+ 0x00000000UL, 0xb8bc6765UL, 0xaa09c88bUL, 0x12b5afeeUL, 0x8f629757UL,
+ 0x37def032UL, 0x256b5fdcUL, 0x9dd738b9UL, 0xc5b428efUL, 0x7d084f8aUL,
+ 0x6fbde064UL, 0xd7018701UL, 0x4ad6bfb8UL, 0xf26ad8ddUL, 0xe0df7733UL,
+ 0x58631056UL, 0x5019579fUL, 0xe8a530faUL, 0xfa109f14UL, 0x42acf871UL,
+ 0xdf7bc0c8UL, 0x67c7a7adUL, 0x75720843UL, 0xcdce6f26UL, 0x95ad7f70UL,
+ 0x2d111815UL, 0x3fa4b7fbUL, 0x8718d09eUL, 0x1acfe827UL, 0xa2738f42UL,
+ 0xb0c620acUL, 0x087a47c9UL, 0xa032af3eUL, 0x188ec85bUL, 0x0a3b67b5UL,
+ 0xb28700d0UL, 0x2f503869UL, 0x97ec5f0cUL, 0x8559f0e2UL, 0x3de59787UL,
+ 0x658687d1UL, 0xdd3ae0b4UL, 0xcf8f4f5aUL, 0x7733283fUL, 0xeae41086UL,
+ 0x525877e3UL, 0x40edd80dUL, 0xf851bf68UL, 0xf02bf8a1UL, 0x48979fc4UL,
+ 0x5a22302aUL, 0xe29e574fUL, 0x7f496ff6UL, 0xc7f50893UL, 0xd540a77dUL,
+ 0x6dfcc018UL, 0x359fd04eUL, 0x8d23b72bUL, 0x9f9618c5UL, 0x272a7fa0UL,
+ 0xbafd4719UL, 0x0241207cUL, 0x10f48f92UL, 0xa848e8f7UL, 0x9b14583dUL,
+ 0x23a83f58UL, 0x311d90b6UL, 0x89a1f7d3UL, 0x1476cf6aUL, 0xaccaa80fUL,
+ 0xbe7f07e1UL, 0x06c36084UL, 0x5ea070d2UL, 0xe61c17b7UL, 0xf4a9b859UL,
+ 0x4c15df3cUL, 0xd1c2e785UL, 0x697e80e0UL, 0x7bcb2f0eUL, 0xc377486bUL,
+ 0xcb0d0fa2UL, 0x73b168c7UL, 0x6104c729UL, 0xd9b8a04cUL, 0x446f98f5UL,
+ 0xfcd3ff90UL, 0xee66507eUL, 0x56da371bUL, 0x0eb9274dUL, 0xb6054028UL,
+ 0xa4b0efc6UL, 0x1c0c88a3UL, 0x81dbb01aUL, 0x3967d77fUL, 0x2bd27891UL,
+ 0x936e1ff4UL, 0x3b26f703UL, 0x839a9066UL, 0x912f3f88UL, 0x299358edUL,
+ 0xb4446054UL, 0x0cf80731UL, 0x1e4da8dfUL, 0xa6f1cfbaUL, 0xfe92dfecUL,
+ 0x462eb889UL, 0x549b1767UL, 0xec277002UL, 0x71f048bbUL, 0xc94c2fdeUL,
+ 0xdbf98030UL, 0x6345e755UL, 0x6b3fa09cUL, 0xd383c7f9UL, 0xc1366817UL,
+ 0x798a0f72UL, 0xe45d37cbUL, 0x5ce150aeUL, 0x4e54ff40UL, 0xf6e89825UL,
+ 0xae8b8873UL, 0x1637ef16UL, 0x048240f8UL, 0xbc3e279dUL, 0x21e91f24UL,
+ 0x99557841UL, 0x8be0d7afUL, 0x335cb0caUL, 0xed59b63bUL, 0x55e5d15eUL,
+ 0x47507eb0UL, 0xffec19d5UL, 0x623b216cUL, 0xda874609UL, 0xc832e9e7UL,
+ 0x708e8e82UL, 0x28ed9ed4UL, 0x9051f9b1UL, 0x82e4565fUL, 0x3a58313aUL,
+ 0xa78f0983UL, 0x1f336ee6UL, 0x0d86c108UL, 0xb53aa66dUL, 0xbd40e1a4UL,
+ 0x05fc86c1UL, 0x1749292fUL, 0xaff54e4aUL, 0x322276f3UL, 0x8a9e1196UL,
+ 0x982bbe78UL, 0x2097d91dUL, 0x78f4c94bUL, 0xc048ae2eUL, 0xd2fd01c0UL,
+ 0x6a4166a5UL, 0xf7965e1cUL, 0x4f2a3979UL, 0x5d9f9697UL, 0xe523f1f2UL,
+ 0x4d6b1905UL, 0xf5d77e60UL, 0xe762d18eUL, 0x5fdeb6ebUL, 0xc2098e52UL,
+ 0x7ab5e937UL, 0x680046d9UL, 0xd0bc21bcUL, 0x88df31eaUL, 0x3063568fUL,
+ 0x22d6f961UL, 0x9a6a9e04UL, 0x07bda6bdUL, 0xbf01c1d8UL, 0xadb46e36UL,
+ 0x15080953UL, 0x1d724e9aUL, 0xa5ce29ffUL, 0xb77b8611UL, 0x0fc7e174UL,
+ 0x9210d9cdUL, 0x2aacbea8UL, 0x38191146UL, 0x80a57623UL, 0xd8c66675UL,
+ 0x607a0110UL, 0x72cfaefeUL, 0xca73c99bUL, 0x57a4f122UL, 0xef189647UL,
+ 0xfdad39a9UL, 0x45115eccUL, 0x764dee06UL, 0xcef18963UL, 0xdc44268dUL,
+ 0x64f841e8UL, 0xf92f7951UL, 0x41931e34UL, 0x5326b1daUL, 0xeb9ad6bfUL,
+ 0xb3f9c6e9UL, 0x0b45a18cUL, 0x19f00e62UL, 0xa14c6907UL, 0x3c9b51beUL,
+ 0x842736dbUL, 0x96929935UL, 0x2e2efe50UL, 0x2654b999UL, 0x9ee8defcUL,
+ 0x8c5d7112UL, 0x34e11677UL, 0xa9362eceUL, 0x118a49abUL, 0x033fe645UL,
+ 0xbb838120UL, 0xe3e09176UL, 0x5b5cf613UL, 0x49e959fdUL, 0xf1553e98UL,
+ 0x6c820621UL, 0xd43e6144UL, 0xc68bceaaUL, 0x7e37a9cfUL, 0xd67f4138UL,
+ 0x6ec3265dUL, 0x7c7689b3UL, 0xc4caeed6UL, 0x591dd66fUL, 0xe1a1b10aUL,
+ 0xf3141ee4UL, 0x4ba87981UL, 0x13cb69d7UL, 0xab770eb2UL, 0xb9c2a15cUL,
+ 0x017ec639UL, 0x9ca9fe80UL, 0x241599e5UL, 0x36a0360bUL, 0x8e1c516eUL,
+ 0x866616a7UL, 0x3eda71c2UL, 0x2c6fde2cUL, 0x94d3b949UL, 0x090481f0UL,
+ 0xb1b8e695UL, 0xa30d497bUL, 0x1bb12e1eUL, 0x43d23e48UL, 0xfb6e592dUL,
+ 0xe9dbf6c3UL, 0x516791a6UL, 0xccb0a91fUL, 0x740cce7aUL, 0x66b96194UL,
+ 0xde0506f1UL
+ },
+ {
+ 0x00000000UL, 0x96300777UL, 0x2c610eeeUL, 0xba510999UL, 0x19c46d07UL,
+ 0x8ff46a70UL, 0x35a563e9UL, 0xa395649eUL, 0x3288db0eUL, 0xa4b8dc79UL,
+ 0x1ee9d5e0UL, 0x88d9d297UL, 0x2b4cb609UL, 0xbd7cb17eUL, 0x072db8e7UL,
+ 0x911dbf90UL, 0x6410b71dUL, 0xf220b06aUL, 0x4871b9f3UL, 0xde41be84UL,
+ 0x7dd4da1aUL, 0xebe4dd6dUL, 0x51b5d4f4UL, 0xc785d383UL, 0x56986c13UL,
+ 0xc0a86b64UL, 0x7af962fdUL, 0xecc9658aUL, 0x4f5c0114UL, 0xd96c0663UL,
+ 0x633d0ffaUL, 0xf50d088dUL, 0xc8206e3bUL, 0x5e10694cUL, 0xe44160d5UL,
+ 0x727167a2UL, 0xd1e4033cUL, 0x47d4044bUL, 0xfd850dd2UL, 0x6bb50aa5UL,
+ 0xfaa8b535UL, 0x6c98b242UL, 0xd6c9bbdbUL, 0x40f9bcacUL, 0xe36cd832UL,
+ 0x755cdf45UL, 0xcf0dd6dcUL, 0x593dd1abUL, 0xac30d926UL, 0x3a00de51UL,
+ 0x8051d7c8UL, 0x1661d0bfUL, 0xb5f4b421UL, 0x23c4b356UL, 0x9995bacfUL,
+ 0x0fa5bdb8UL, 0x9eb80228UL, 0x0888055fUL, 0xb2d90cc6UL, 0x24e90bb1UL,
+ 0x877c6f2fUL, 0x114c6858UL, 0xab1d61c1UL, 0x3d2d66b6UL, 0x9041dc76UL,
+ 0x0671db01UL, 0xbc20d298UL, 0x2a10d5efUL, 0x8985b171UL, 0x1fb5b606UL,
+ 0xa5e4bf9fUL, 0x33d4b8e8UL, 0xa2c90778UL, 0x34f9000fUL, 0x8ea80996UL,
+ 0x18980ee1UL, 0xbb0d6a7fUL, 0x2d3d6d08UL, 0x976c6491UL, 0x015c63e6UL,
+ 0xf4516b6bUL, 0x62616c1cUL, 0xd8306585UL, 0x4e0062f2UL, 0xed95066cUL,
+ 0x7ba5011bUL, 0xc1f40882UL, 0x57c40ff5UL, 0xc6d9b065UL, 0x50e9b712UL,
+ 0xeab8be8bUL, 0x7c88b9fcUL, 0xdf1ddd62UL, 0x492dda15UL, 0xf37cd38cUL,
+ 0x654cd4fbUL, 0x5861b24dUL, 0xce51b53aUL, 0x7400bca3UL, 0xe230bbd4UL,
+ 0x41a5df4aUL, 0xd795d83dUL, 0x6dc4d1a4UL, 0xfbf4d6d3UL, 0x6ae96943UL,
+ 0xfcd96e34UL, 0x468867adUL, 0xd0b860daUL, 0x732d0444UL, 0xe51d0333UL,
+ 0x5f4c0aaaUL, 0xc97c0dddUL, 0x3c710550UL, 0xaa410227UL, 0x10100bbeUL,
+ 0x86200cc9UL, 0x25b56857UL, 0xb3856f20UL, 0x09d466b9UL, 0x9fe461ceUL,
+ 0x0ef9de5eUL, 0x98c9d929UL, 0x2298d0b0UL, 0xb4a8d7c7UL, 0x173db359UL,
+ 0x810db42eUL, 0x3b5cbdb7UL, 0xad6cbac0UL, 0x2083b8edUL, 0xb6b3bf9aUL,
+ 0x0ce2b603UL, 0x9ad2b174UL, 0x3947d5eaUL, 0xaf77d29dUL, 0x1526db04UL,
+ 0x8316dc73UL, 0x120b63e3UL, 0x843b6494UL, 0x3e6a6d0dUL, 0xa85a6a7aUL,
+ 0x0bcf0ee4UL, 0x9dff0993UL, 0x27ae000aUL, 0xb19e077dUL, 0x44930ff0UL,
+ 0xd2a30887UL, 0x68f2011eUL, 0xfec20669UL, 0x5d5762f7UL, 0xcb676580UL,
+ 0x71366c19UL, 0xe7066b6eUL, 0x761bd4feUL, 0xe02bd389UL, 0x5a7ada10UL,
+ 0xcc4add67UL, 0x6fdfb9f9UL, 0xf9efbe8eUL, 0x43beb717UL, 0xd58eb060UL,
+ 0xe8a3d6d6UL, 0x7e93d1a1UL, 0xc4c2d838UL, 0x52f2df4fUL, 0xf167bbd1UL,
+ 0x6757bca6UL, 0xdd06b53fUL, 0x4b36b248UL, 0xda2b0dd8UL, 0x4c1b0aafUL,
+ 0xf64a0336UL, 0x607a0441UL, 0xc3ef60dfUL, 0x55df67a8UL, 0xef8e6e31UL,
+ 0x79be6946UL, 0x8cb361cbUL, 0x1a8366bcUL, 0xa0d26f25UL, 0x36e26852UL,
+ 0x95770cccUL, 0x03470bbbUL, 0xb9160222UL, 0x2f260555UL, 0xbe3bbac5UL,
+ 0x280bbdb2UL, 0x925ab42bUL, 0x046ab35cUL, 0xa7ffd7c2UL, 0x31cfd0b5UL,
+ 0x8b9ed92cUL, 0x1daede5bUL, 0xb0c2649bUL, 0x26f263ecUL, 0x9ca36a75UL,
+ 0x0a936d02UL, 0xa906099cUL, 0x3f360eebUL, 0x85670772UL, 0x13570005UL,
+ 0x824abf95UL, 0x147ab8e2UL, 0xae2bb17bUL, 0x381bb60cUL, 0x9b8ed292UL,
+ 0x0dbed5e5UL, 0xb7efdc7cUL, 0x21dfdb0bUL, 0xd4d2d386UL, 0x42e2d4f1UL,
+ 0xf8b3dd68UL, 0x6e83da1fUL, 0xcd16be81UL, 0x5b26b9f6UL, 0xe177b06fUL,
+ 0x7747b718UL, 0xe65a0888UL, 0x706a0fffUL, 0xca3b0666UL, 0x5c0b0111UL,
+ 0xff9e658fUL, 0x69ae62f8UL, 0xd3ff6b61UL, 0x45cf6c16UL, 0x78e20aa0UL,
+ 0xeed20dd7UL, 0x5483044eUL, 0xc2b30339UL, 0x612667a7UL, 0xf71660d0UL,
+ 0x4d476949UL, 0xdb776e3eUL, 0x4a6ad1aeUL, 0xdc5ad6d9UL, 0x660bdf40UL,
+ 0xf03bd837UL, 0x53aebca9UL, 0xc59ebbdeUL, 0x7fcfb247UL, 0xe9ffb530UL,
+ 0x1cf2bdbdUL, 0x8ac2bacaUL, 0x3093b353UL, 0xa6a3b424UL, 0x0536d0baUL,
+ 0x9306d7cdUL, 0x2957de54UL, 0xbf67d923UL, 0x2e7a66b3UL, 0xb84a61c4UL,
+ 0x021b685dUL, 0x942b6f2aUL, 0x37be0bb4UL, 0xa18e0cc3UL, 0x1bdf055aUL,
+ 0x8def022dUL
+ },
+ {
+ 0x00000000UL, 0x41311b19UL, 0x82623632UL, 0xc3532d2bUL, 0x04c56c64UL,
+ 0x45f4777dUL, 0x86a75a56UL, 0xc796414fUL, 0x088ad9c8UL, 0x49bbc2d1UL,
+ 0x8ae8effaUL, 0xcbd9f4e3UL, 0x0c4fb5acUL, 0x4d7eaeb5UL, 0x8e2d839eUL,
+ 0xcf1c9887UL, 0x5112c24aUL, 0x1023d953UL, 0xd370f478UL, 0x9241ef61UL,
+ 0x55d7ae2eUL, 0x14e6b537UL, 0xd7b5981cUL, 0x96848305UL, 0x59981b82UL,
+ 0x18a9009bUL, 0xdbfa2db0UL, 0x9acb36a9UL, 0x5d5d77e6UL, 0x1c6c6cffUL,
+ 0xdf3f41d4UL, 0x9e0e5acdUL, 0xa2248495UL, 0xe3159f8cUL, 0x2046b2a7UL,
+ 0x6177a9beUL, 0xa6e1e8f1UL, 0xe7d0f3e8UL, 0x2483dec3UL, 0x65b2c5daUL,
+ 0xaaae5d5dUL, 0xeb9f4644UL, 0x28cc6b6fUL, 0x69fd7076UL, 0xae6b3139UL,
+ 0xef5a2a20UL, 0x2c09070bUL, 0x6d381c12UL, 0xf33646dfUL, 0xb2075dc6UL,
+ 0x715470edUL, 0x30656bf4UL, 0xf7f32abbUL, 0xb6c231a2UL, 0x75911c89UL,
+ 0x34a00790UL, 0xfbbc9f17UL, 0xba8d840eUL, 0x79dea925UL, 0x38efb23cUL,
+ 0xff79f373UL, 0xbe48e86aUL, 0x7d1bc541UL, 0x3c2ade58UL, 0x054f79f0UL,
+ 0x447e62e9UL, 0x872d4fc2UL, 0xc61c54dbUL, 0x018a1594UL, 0x40bb0e8dUL,
+ 0x83e823a6UL, 0xc2d938bfUL, 0x0dc5a038UL, 0x4cf4bb21UL, 0x8fa7960aUL,
+ 0xce968d13UL, 0x0900cc5cUL, 0x4831d745UL, 0x8b62fa6eUL, 0xca53e177UL,
+ 0x545dbbbaUL, 0x156ca0a3UL, 0xd63f8d88UL, 0x970e9691UL, 0x5098d7deUL,
+ 0x11a9ccc7UL, 0xd2fae1ecUL, 0x93cbfaf5UL, 0x5cd76272UL, 0x1de6796bUL,
+ 0xdeb55440UL, 0x9f844f59UL, 0x58120e16UL, 0x1923150fUL, 0xda703824UL,
+ 0x9b41233dUL, 0xa76bfd65UL, 0xe65ae67cUL, 0x2509cb57UL, 0x6438d04eUL,
+ 0xa3ae9101UL, 0xe29f8a18UL, 0x21cca733UL, 0x60fdbc2aUL, 0xafe124adUL,
+ 0xeed03fb4UL, 0x2d83129fUL, 0x6cb20986UL, 0xab2448c9UL, 0xea1553d0UL,
+ 0x29467efbUL, 0x687765e2UL, 0xf6793f2fUL, 0xb7482436UL, 0x741b091dUL,
+ 0x352a1204UL, 0xf2bc534bUL, 0xb38d4852UL, 0x70de6579UL, 0x31ef7e60UL,
+ 0xfef3e6e7UL, 0xbfc2fdfeUL, 0x7c91d0d5UL, 0x3da0cbccUL, 0xfa368a83UL,
+ 0xbb07919aUL, 0x7854bcb1UL, 0x3965a7a8UL, 0x4b98833bUL, 0x0aa99822UL,
+ 0xc9fab509UL, 0x88cbae10UL, 0x4f5def5fUL, 0x0e6cf446UL, 0xcd3fd96dUL,
+ 0x8c0ec274UL, 0x43125af3UL, 0x022341eaUL, 0xc1706cc1UL, 0x804177d8UL,
+ 0x47d73697UL, 0x06e62d8eUL, 0xc5b500a5UL, 0x84841bbcUL, 0x1a8a4171UL,
+ 0x5bbb5a68UL, 0x98e87743UL, 0xd9d96c5aUL, 0x1e4f2d15UL, 0x5f7e360cUL,
+ 0x9c2d1b27UL, 0xdd1c003eUL, 0x120098b9UL, 0x533183a0UL, 0x9062ae8bUL,
+ 0xd153b592UL, 0x16c5f4ddUL, 0x57f4efc4UL, 0x94a7c2efUL, 0xd596d9f6UL,
+ 0xe9bc07aeUL, 0xa88d1cb7UL, 0x6bde319cUL, 0x2aef2a85UL, 0xed796bcaUL,
+ 0xac4870d3UL, 0x6f1b5df8UL, 0x2e2a46e1UL, 0xe136de66UL, 0xa007c57fUL,
+ 0x6354e854UL, 0x2265f34dUL, 0xe5f3b202UL, 0xa4c2a91bUL, 0x67918430UL,
+ 0x26a09f29UL, 0xb8aec5e4UL, 0xf99fdefdUL, 0x3accf3d6UL, 0x7bfde8cfUL,
+ 0xbc6ba980UL, 0xfd5ab299UL, 0x3e099fb2UL, 0x7f3884abUL, 0xb0241c2cUL,
+ 0xf1150735UL, 0x32462a1eUL, 0x73773107UL, 0xb4e17048UL, 0xf5d06b51UL,
+ 0x3683467aUL, 0x77b25d63UL, 0x4ed7facbUL, 0x0fe6e1d2UL, 0xccb5ccf9UL,
+ 0x8d84d7e0UL, 0x4a1296afUL, 0x0b238db6UL, 0xc870a09dUL, 0x8941bb84UL,
+ 0x465d2303UL, 0x076c381aUL, 0xc43f1531UL, 0x850e0e28UL, 0x42984f67UL,
+ 0x03a9547eUL, 0xc0fa7955UL, 0x81cb624cUL, 0x1fc53881UL, 0x5ef42398UL,
+ 0x9da70eb3UL, 0xdc9615aaUL, 0x1b0054e5UL, 0x5a314ffcUL, 0x996262d7UL,
+ 0xd85379ceUL, 0x174fe149UL, 0x567efa50UL, 0x952dd77bUL, 0xd41ccc62UL,
+ 0x138a8d2dUL, 0x52bb9634UL, 0x91e8bb1fUL, 0xd0d9a006UL, 0xecf37e5eUL,
+ 0xadc26547UL, 0x6e91486cUL, 0x2fa05375UL, 0xe836123aUL, 0xa9070923UL,
+ 0x6a542408UL, 0x2b653f11UL, 0xe479a796UL, 0xa548bc8fUL, 0x661b91a4UL,
+ 0x272a8abdUL, 0xe0bccbf2UL, 0xa18dd0ebUL, 0x62defdc0UL, 0x23efe6d9UL,
+ 0xbde1bc14UL, 0xfcd0a70dUL, 0x3f838a26UL, 0x7eb2913fUL, 0xb924d070UL,
+ 0xf815cb69UL, 0x3b46e642UL, 0x7a77fd5bUL, 0xb56b65dcUL, 0xf45a7ec5UL,
+ 0x370953eeUL, 0x763848f7UL, 0xb1ae09b8UL, 0xf09f12a1UL, 0x33cc3f8aUL,
+ 0x72fd2493UL
+ },
+ {
+ 0x00000000UL, 0x376ac201UL, 0x6ed48403UL, 0x59be4602UL, 0xdca80907UL,
+ 0xebc2cb06UL, 0xb27c8d04UL, 0x85164f05UL, 0xb851130eUL, 0x8f3bd10fUL,
+ 0xd685970dUL, 0xe1ef550cUL, 0x64f91a09UL, 0x5393d808UL, 0x0a2d9e0aUL,
+ 0x3d475c0bUL, 0x70a3261cUL, 0x47c9e41dUL, 0x1e77a21fUL, 0x291d601eUL,
+ 0xac0b2f1bUL, 0x9b61ed1aUL, 0xc2dfab18UL, 0xf5b56919UL, 0xc8f23512UL,
+ 0xff98f713UL, 0xa626b111UL, 0x914c7310UL, 0x145a3c15UL, 0x2330fe14UL,
+ 0x7a8eb816UL, 0x4de47a17UL, 0xe0464d38UL, 0xd72c8f39UL, 0x8e92c93bUL,
+ 0xb9f80b3aUL, 0x3cee443fUL, 0x0b84863eUL, 0x523ac03cUL, 0x6550023dUL,
+ 0x58175e36UL, 0x6f7d9c37UL, 0x36c3da35UL, 0x01a91834UL, 0x84bf5731UL,
+ 0xb3d59530UL, 0xea6bd332UL, 0xdd011133UL, 0x90e56b24UL, 0xa78fa925UL,
+ 0xfe31ef27UL, 0xc95b2d26UL, 0x4c4d6223UL, 0x7b27a022UL, 0x2299e620UL,
+ 0x15f32421UL, 0x28b4782aUL, 0x1fdeba2bUL, 0x4660fc29UL, 0x710a3e28UL,
+ 0xf41c712dUL, 0xc376b32cUL, 0x9ac8f52eUL, 0xada2372fUL, 0xc08d9a70UL,
+ 0xf7e75871UL, 0xae591e73UL, 0x9933dc72UL, 0x1c259377UL, 0x2b4f5176UL,
+ 0x72f11774UL, 0x459bd575UL, 0x78dc897eUL, 0x4fb64b7fUL, 0x16080d7dUL,
+ 0x2162cf7cUL, 0xa4748079UL, 0x931e4278UL, 0xcaa0047aUL, 0xfdcac67bUL,
+ 0xb02ebc6cUL, 0x87447e6dUL, 0xdefa386fUL, 0xe990fa6eUL, 0x6c86b56bUL,
+ 0x5bec776aUL, 0x02523168UL, 0x3538f369UL, 0x087faf62UL, 0x3f156d63UL,
+ 0x66ab2b61UL, 0x51c1e960UL, 0xd4d7a665UL, 0xe3bd6464UL, 0xba032266UL,
+ 0x8d69e067UL, 0x20cbd748UL, 0x17a11549UL, 0x4e1f534bUL, 0x7975914aUL,
+ 0xfc63de4fUL, 0xcb091c4eUL, 0x92b75a4cUL, 0xa5dd984dUL, 0x989ac446UL,
+ 0xaff00647UL, 0xf64e4045UL, 0xc1248244UL, 0x4432cd41UL, 0x73580f40UL,
+ 0x2ae64942UL, 0x1d8c8b43UL, 0x5068f154UL, 0x67023355UL, 0x3ebc7557UL,
+ 0x09d6b756UL, 0x8cc0f853UL, 0xbbaa3a52UL, 0xe2147c50UL, 0xd57ebe51UL,
+ 0xe839e25aUL, 0xdf53205bUL, 0x86ed6659UL, 0xb187a458UL, 0x3491eb5dUL,
+ 0x03fb295cUL, 0x5a456f5eUL, 0x6d2fad5fUL, 0x801b35e1UL, 0xb771f7e0UL,
+ 0xeecfb1e2UL, 0xd9a573e3UL, 0x5cb33ce6UL, 0x6bd9fee7UL, 0x3267b8e5UL,
+ 0x050d7ae4UL, 0x384a26efUL, 0x0f20e4eeUL, 0x569ea2ecUL, 0x61f460edUL,
+ 0xe4e22fe8UL, 0xd388ede9UL, 0x8a36abebUL, 0xbd5c69eaUL, 0xf0b813fdUL,
+ 0xc7d2d1fcUL, 0x9e6c97feUL, 0xa90655ffUL, 0x2c101afaUL, 0x1b7ad8fbUL,
+ 0x42c49ef9UL, 0x75ae5cf8UL, 0x48e900f3UL, 0x7f83c2f2UL, 0x263d84f0UL,
+ 0x115746f1UL, 0x944109f4UL, 0xa32bcbf5UL, 0xfa958df7UL, 0xcdff4ff6UL,
+ 0x605d78d9UL, 0x5737bad8UL, 0x0e89fcdaUL, 0x39e33edbUL, 0xbcf571deUL,
+ 0x8b9fb3dfUL, 0xd221f5ddUL, 0xe54b37dcUL, 0xd80c6bd7UL, 0xef66a9d6UL,
+ 0xb6d8efd4UL, 0x81b22dd5UL, 0x04a462d0UL, 0x33cea0d1UL, 0x6a70e6d3UL,
+ 0x5d1a24d2UL, 0x10fe5ec5UL, 0x27949cc4UL, 0x7e2adac6UL, 0x494018c7UL,
+ 0xcc5657c2UL, 0xfb3c95c3UL, 0xa282d3c1UL, 0x95e811c0UL, 0xa8af4dcbUL,
+ 0x9fc58fcaUL, 0xc67bc9c8UL, 0xf1110bc9UL, 0x740744ccUL, 0x436d86cdUL,
+ 0x1ad3c0cfUL, 0x2db902ceUL, 0x4096af91UL, 0x77fc6d90UL, 0x2e422b92UL,
+ 0x1928e993UL, 0x9c3ea696UL, 0xab546497UL, 0xf2ea2295UL, 0xc580e094UL,
+ 0xf8c7bc9fUL, 0xcfad7e9eUL, 0x9613389cUL, 0xa179fa9dUL, 0x246fb598UL,
+ 0x13057799UL, 0x4abb319bUL, 0x7dd1f39aUL, 0x3035898dUL, 0x075f4b8cUL,
+ 0x5ee10d8eUL, 0x698bcf8fUL, 0xec9d808aUL, 0xdbf7428bUL, 0x82490489UL,
+ 0xb523c688UL, 0x88649a83UL, 0xbf0e5882UL, 0xe6b01e80UL, 0xd1dadc81UL,
+ 0x54cc9384UL, 0x63a65185UL, 0x3a181787UL, 0x0d72d586UL, 0xa0d0e2a9UL,
+ 0x97ba20a8UL, 0xce0466aaUL, 0xf96ea4abUL, 0x7c78ebaeUL, 0x4b1229afUL,
+ 0x12ac6fadUL, 0x25c6adacUL, 0x1881f1a7UL, 0x2feb33a6UL, 0x765575a4UL,
+ 0x413fb7a5UL, 0xc429f8a0UL, 0xf3433aa1UL, 0xaafd7ca3UL, 0x9d97bea2UL,
+ 0xd073c4b5UL, 0xe71906b4UL, 0xbea740b6UL, 0x89cd82b7UL, 0x0cdbcdb2UL,
+ 0x3bb10fb3UL, 0x620f49b1UL, 0x55658bb0UL, 0x6822d7bbUL, 0x5f4815baUL,
+ 0x06f653b8UL, 0x319c91b9UL, 0xb48adebcUL, 0x83e01cbdUL, 0xda5e5abfUL,
+ 0xed3498beUL
+ },
+ {
+ 0x00000000UL, 0x6567bcb8UL, 0x8bc809aaUL, 0xeeafb512UL, 0x5797628fUL,
+ 0x32f0de37UL, 0xdc5f6b25UL, 0xb938d79dUL, 0xef28b4c5UL, 0x8a4f087dUL,
+ 0x64e0bd6fUL, 0x018701d7UL, 0xb8bfd64aUL, 0xddd86af2UL, 0x3377dfe0UL,
+ 0x56106358UL, 0x9f571950UL, 0xfa30a5e8UL, 0x149f10faUL, 0x71f8ac42UL,
+ 0xc8c07bdfUL, 0xada7c767UL, 0x43087275UL, 0x266fcecdUL, 0x707fad95UL,
+ 0x1518112dUL, 0xfbb7a43fUL, 0x9ed01887UL, 0x27e8cf1aUL, 0x428f73a2UL,
+ 0xac20c6b0UL, 0xc9477a08UL, 0x3eaf32a0UL, 0x5bc88e18UL, 0xb5673b0aUL,
+ 0xd00087b2UL, 0x6938502fUL, 0x0c5fec97UL, 0xe2f05985UL, 0x8797e53dUL,
+ 0xd1878665UL, 0xb4e03addUL, 0x5a4f8fcfUL, 0x3f283377UL, 0x8610e4eaUL,
+ 0xe3775852UL, 0x0dd8ed40UL, 0x68bf51f8UL, 0xa1f82bf0UL, 0xc49f9748UL,
+ 0x2a30225aUL, 0x4f579ee2UL, 0xf66f497fUL, 0x9308f5c7UL, 0x7da740d5UL,
+ 0x18c0fc6dUL, 0x4ed09f35UL, 0x2bb7238dUL, 0xc518969fUL, 0xa07f2a27UL,
+ 0x1947fdbaUL, 0x7c204102UL, 0x928ff410UL, 0xf7e848a8UL, 0x3d58149bUL,
+ 0x583fa823UL, 0xb6901d31UL, 0xd3f7a189UL, 0x6acf7614UL, 0x0fa8caacUL,
+ 0xe1077fbeUL, 0x8460c306UL, 0xd270a05eUL, 0xb7171ce6UL, 0x59b8a9f4UL,
+ 0x3cdf154cUL, 0x85e7c2d1UL, 0xe0807e69UL, 0x0e2fcb7bUL, 0x6b4877c3UL,
+ 0xa20f0dcbUL, 0xc768b173UL, 0x29c70461UL, 0x4ca0b8d9UL, 0xf5986f44UL,
+ 0x90ffd3fcUL, 0x7e5066eeUL, 0x1b37da56UL, 0x4d27b90eUL, 0x284005b6UL,
+ 0xc6efb0a4UL, 0xa3880c1cUL, 0x1ab0db81UL, 0x7fd76739UL, 0x9178d22bUL,
+ 0xf41f6e93UL, 0x03f7263bUL, 0x66909a83UL, 0x883f2f91UL, 0xed589329UL,
+ 0x546044b4UL, 0x3107f80cUL, 0xdfa84d1eUL, 0xbacff1a6UL, 0xecdf92feUL,
+ 0x89b82e46UL, 0x67179b54UL, 0x027027ecUL, 0xbb48f071UL, 0xde2f4cc9UL,
+ 0x3080f9dbUL, 0x55e74563UL, 0x9ca03f6bUL, 0xf9c783d3UL, 0x176836c1UL,
+ 0x720f8a79UL, 0xcb375de4UL, 0xae50e15cUL, 0x40ff544eUL, 0x2598e8f6UL,
+ 0x73888baeUL, 0x16ef3716UL, 0xf8408204UL, 0x9d273ebcUL, 0x241fe921UL,
+ 0x41785599UL, 0xafd7e08bUL, 0xcab05c33UL, 0x3bb659edUL, 0x5ed1e555UL,
+ 0xb07e5047UL, 0xd519ecffUL, 0x6c213b62UL, 0x094687daUL, 0xe7e932c8UL,
+ 0x828e8e70UL, 0xd49eed28UL, 0xb1f95190UL, 0x5f56e482UL, 0x3a31583aUL,
+ 0x83098fa7UL, 0xe66e331fUL, 0x08c1860dUL, 0x6da63ab5UL, 0xa4e140bdUL,
+ 0xc186fc05UL, 0x2f294917UL, 0x4a4ef5afUL, 0xf3762232UL, 0x96119e8aUL,
+ 0x78be2b98UL, 0x1dd99720UL, 0x4bc9f478UL, 0x2eae48c0UL, 0xc001fdd2UL,
+ 0xa566416aUL, 0x1c5e96f7UL, 0x79392a4fUL, 0x97969f5dUL, 0xf2f123e5UL,
+ 0x05196b4dUL, 0x607ed7f5UL, 0x8ed162e7UL, 0xebb6de5fUL, 0x528e09c2UL,
+ 0x37e9b57aUL, 0xd9460068UL, 0xbc21bcd0UL, 0xea31df88UL, 0x8f566330UL,
+ 0x61f9d622UL, 0x049e6a9aUL, 0xbda6bd07UL, 0xd8c101bfUL, 0x366eb4adUL,
+ 0x53090815UL, 0x9a4e721dUL, 0xff29cea5UL, 0x11867bb7UL, 0x74e1c70fUL,
+ 0xcdd91092UL, 0xa8beac2aUL, 0x46111938UL, 0x2376a580UL, 0x7566c6d8UL,
+ 0x10017a60UL, 0xfeaecf72UL, 0x9bc973caUL, 0x22f1a457UL, 0x479618efUL,
+ 0xa939adfdUL, 0xcc5e1145UL, 0x06ee4d76UL, 0x6389f1ceUL, 0x8d2644dcUL,
+ 0xe841f864UL, 0x51792ff9UL, 0x341e9341UL, 0xdab12653UL, 0xbfd69aebUL,
+ 0xe9c6f9b3UL, 0x8ca1450bUL, 0x620ef019UL, 0x07694ca1UL, 0xbe519b3cUL,
+ 0xdb362784UL, 0x35999296UL, 0x50fe2e2eUL, 0x99b95426UL, 0xfcdee89eUL,
+ 0x12715d8cUL, 0x7716e134UL, 0xce2e36a9UL, 0xab498a11UL, 0x45e63f03UL,
+ 0x208183bbUL, 0x7691e0e3UL, 0x13f65c5bUL, 0xfd59e949UL, 0x983e55f1UL,
+ 0x2106826cUL, 0x44613ed4UL, 0xaace8bc6UL, 0xcfa9377eUL, 0x38417fd6UL,
+ 0x5d26c36eUL, 0xb389767cUL, 0xd6eecac4UL, 0x6fd61d59UL, 0x0ab1a1e1UL,
+ 0xe41e14f3UL, 0x8179a84bUL, 0xd769cb13UL, 0xb20e77abUL, 0x5ca1c2b9UL,
+ 0x39c67e01UL, 0x80fea99cUL, 0xe5991524UL, 0x0b36a036UL, 0x6e511c8eUL,
+ 0xa7166686UL, 0xc271da3eUL, 0x2cde6f2cUL, 0x49b9d394UL, 0xf0810409UL,
+ 0x95e6b8b1UL, 0x7b490da3UL, 0x1e2eb11bUL, 0x483ed243UL, 0x2d596efbUL,
+ 0xc3f6dbe9UL, 0xa6916751UL, 0x1fa9b0ccUL, 0x7ace0c74UL, 0x9461b966UL,
+ 0xf10605deUL
+#endif
+ }
+};
Added: trunk/contrib/sudo/zlib/deflate.c
===================================================================
--- trunk/contrib/sudo/zlib/deflate.c (rev 0)
+++ trunk/contrib/sudo/zlib/deflate.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,1834 @@
+/* deflate.c -- compress data using the deflation algorithm
+ * Copyright (C) 1995-2010 Jean-loup Gailly and Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/*
+ * ALGORITHM
+ *
+ * The "deflation" process depends on being able to identify portions
+ * of the input text which are identical to earlier input (within a
+ * sliding window trailing behind the input currently being processed).
+ *
+ * The most straightforward technique turns out to be the fastest for
+ * most input files: try all possible matches and select the longest.
+ * The key feature of this algorithm is that insertions into the string
+ * dictionary are very simple and thus fast, and deletions are avoided
+ * completely. Insertions are performed at each input character, whereas
+ * string matches are performed only when the previous match ends. So it
+ * is preferable to spend more time in matches to allow very fast string
+ * insertions and avoid deletions. The matching algorithm for small
+ * strings is inspired from that of Rabin & Karp. A brute force approach
+ * is used to find longer strings when a small match has been found.
+ * A similar algorithm is used in comic (by Jan-Mark Wams) and freeze
+ * (by Leonid Broukhis).
+ * A previous version of this file used a more sophisticated algorithm
+ * (by Fiala and Greene) which is guaranteed to run in linear amortized
+ * time, but has a larger average cost, uses more memory and is patented.
+ * However the F&G algorithm may be faster for some highly redundant
+ * files if the parameter max_chain_length (described below) is too large.
+ *
+ * ACKNOWLEDGEMENTS
+ *
+ * The idea of lazy evaluation of matches is due to Jan-Mark Wams, and
+ * I found it in 'freeze' written by Leonid Broukhis.
+ * Thanks to many people for bug reports and testing.
+ *
+ * REFERENCES
+ *
+ * Deutsch, L.P.,"DEFLATE Compressed Data Format Specification".
+ * Available in http://www.ietf.org/rfc/rfc1951.txt
+ *
+ * A description of the Rabin and Karp algorithm is given in the book
+ * "Algorithms" by R. Sedgewick, Addison-Wesley, p252.
+ *
+ * Fiala,E.R., and Greene,D.H.
+ * Data Compression with Finite Windows, Comm.ACM, 32,4 (1989) 490-595
+ *
+ */
+
+/* @(#) $Id$ */
+
+#include "deflate.h"
+
+const char deflate_copyright[] =
+ " deflate 1.2.5 Copyright 1995-2010 Jean-loup Gailly and Mark Adler ";
+/*
+ If you use the zlib library in a product, an acknowledgment is welcome
+ in the documentation of your product. If for some reason you cannot
+ include such an acknowledgment, I would appreciate that you keep this
+ copyright string in the executable of your product.
+ */
+
+/* ===========================================================================
+ * Function prototypes.
+ */
+typedef enum {
+ need_more, /* block not completed, need more input or more output */
+ block_done, /* block flush performed */
+ finish_started, /* finish started, need only more output at next deflate */
+ finish_done /* finish done, accept no more input or output */
+} block_state;
+
+typedef block_state (*compress_func) OF((deflate_state *s, int flush));
+/* Compression function. Returns the block state after the call. */
+
+local void fill_window OF((deflate_state *s));
+local block_state deflate_stored OF((deflate_state *s, int flush));
+local block_state deflate_fast OF((deflate_state *s, int flush));
+#ifndef FASTEST
+local block_state deflate_slow OF((deflate_state *s, int flush));
+#endif
+local block_state deflate_rle OF((deflate_state *s, int flush));
+local block_state deflate_huff OF((deflate_state *s, int flush));
+local void lm_init OF((deflate_state *s));
+local void putShortMSB OF((deflate_state *s, uInt b));
+local void flush_pending OF((z_streamp strm));
+local int read_buf OF((z_streamp strm, Bytef *buf, unsigned size));
+#ifdef ASMV
+ void match_init OF((void)); /* asm code initialization */
+ uInt longest_match OF((deflate_state *s, IPos cur_match));
+#else
+local uInt longest_match OF((deflate_state *s, IPos cur_match));
+#endif
+
+#ifdef DEBUG
+local void check_match OF((deflate_state *s, IPos start, IPos match,
+ int length));
+#endif
+
+/* ===========================================================================
+ * Local data
+ */
+
+#define NIL 0
+/* Tail of hash chains */
+
+#ifndef TOO_FAR
+# define TOO_FAR 4096
+#endif
+/* Matches of length 3 are discarded if their distance exceeds TOO_FAR */
+
+/* Values for max_lazy_match, good_match and max_chain_length, depending on
+ * the desired pack level (0..9). The values given below have been tuned to
+ * exclude worst case performance for pathological files. Better values may be
+ * found for specific files.
+ */
+typedef struct config_s {
+ ush good_length; /* reduce lazy search above this match length */
+ ush max_lazy; /* do not perform lazy search above this match length */
+ ush nice_length; /* quit search above this match length */
+ ush max_chain;
+ compress_func func;
+} config;
+
+#ifdef FASTEST
+local const config configuration_table[2] = {
+/* good lazy nice chain */
+/* 0 */ {0, 0, 0, 0, deflate_stored}, /* store only */
+/* 1 */ {4, 4, 8, 4, deflate_fast}}; /* max speed, no lazy matches */
+#else
+local const config configuration_table[10] = {
+/* good lazy nice chain */
+/* 0 */ {0, 0, 0, 0, deflate_stored}, /* store only */
+/* 1 */ {4, 4, 8, 4, deflate_fast}, /* max speed, no lazy matches */
+/* 2 */ {4, 5, 16, 8, deflate_fast},
+/* 3 */ {4, 6, 32, 32, deflate_fast},
+
+/* 4 */ {4, 4, 16, 16, deflate_slow}, /* lazy matches */
+/* 5 */ {8, 16, 32, 32, deflate_slow},
+/* 6 */ {8, 16, 128, 128, deflate_slow},
+/* 7 */ {8, 32, 128, 256, deflate_slow},
+/* 8 */ {32, 128, 258, 1024, deflate_slow},
+/* 9 */ {32, 258, 258, 4096, deflate_slow}}; /* max compression */
+#endif
+
+/* Note: the deflate() code requires max_lazy >= MIN_MATCH and max_chain >= 4
+ * For deflate_fast() (levels <= 3) good is ignored and lazy has a different
+ * meaning.
+ */
+
+#define EQUAL 0
+/* result of memcmp for equal strings */
+
+#ifndef NO_DUMMY_DECL
+struct static_tree_desc_s {int dummy;}; /* for buggy compilers */
+#endif
+
+/* ===========================================================================
+ * Update a hash value with the given input byte
+ * IN assertion: all calls to to UPDATE_HASH are made with consecutive
+ * input characters, so that a running hash key can be computed from the
+ * previous key instead of complete recalculation each time.
+ */
+#define UPDATE_HASH(s,h,c) (h = (((h)<<s->hash_shift) ^ (c)) & s->hash_mask)
+
+
+/* ===========================================================================
+ * Insert string str in the dictionary and set match_head to the previous head
+ * of the hash chain (the most recent string with same hash key). Return
+ * the previous length of the hash chain.
+ * If this file is compiled with -DFASTEST, the compression level is forced
+ * to 1, and no hash chains are maintained.
+ * IN assertion: all calls to to INSERT_STRING are made with consecutive
+ * input characters and the first MIN_MATCH bytes of str are valid
+ * (except for the last MIN_MATCH-1 bytes of the input file).
+ */
+#ifdef FASTEST
+#define INSERT_STRING(s, str, match_head) \
+ (UPDATE_HASH(s, s->ins_h, s->window[(str) + (MIN_MATCH-1)]), \
+ match_head = s->head[s->ins_h], \
+ s->head[s->ins_h] = (Pos)(str))
+#else
+#define INSERT_STRING(s, str, match_head) \
+ (UPDATE_HASH(s, s->ins_h, s->window[(str) + (MIN_MATCH-1)]), \
+ match_head = s->prev[(str) & s->w_mask] = s->head[s->ins_h], \
+ s->head[s->ins_h] = (Pos)(str))
+#endif
+
+/* ===========================================================================
+ * Initialize the hash table (avoiding 64K overflow for 16 bit systems).
+ * prev[] will be initialized on the fly.
+ */
+#define CLEAR_HASH(s) \
+ s->head[s->hash_size-1] = NIL; \
+ zmemzero((Bytef *)s->head, (unsigned)(s->hash_size-1)*sizeof(*s->head));
+
+/* ========================================================================= */
+int ZEXPORT deflateInit_(strm, level, version, stream_size)
+ z_streamp strm;
+ int level;
+ const char *version;
+ int stream_size;
+{
+ return deflateInit2_(strm, level, Z_DEFLATED, MAX_WBITS, DEF_MEM_LEVEL,
+ Z_DEFAULT_STRATEGY, version, stream_size);
+ /* To do: ignore strm->next_in if we use it as window */
+}
+
+/* ========================================================================= */
+int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy,
+ version, stream_size)
+ z_streamp strm;
+ int level;
+ int method;
+ int windowBits;
+ int memLevel;
+ int strategy;
+ const char *version;
+ int stream_size;
+{
+ deflate_state *s;
+ int wrap = 1;
+ static const char my_version[] = ZLIB_VERSION;
+
+ ushf *overlay;
+ /* We overlay pending_buf and d_buf+l_buf. This works since the average
+ * output size for (length,distance) codes is <= 24 bits.
+ */
+
+ if (version == Z_NULL || version[0] != my_version[0] ||
+ stream_size != sizeof(z_stream)) {
+ return Z_VERSION_ERROR;
+ }
+ if (strm == Z_NULL) return Z_STREAM_ERROR;
+
+ strm->msg = Z_NULL;
+ if (strm->zalloc == (alloc_func)0) {
+ strm->zalloc = zcalloc;
+ strm->opaque = (voidpf)0;
+ }
+ if (strm->zfree == (free_func)0) strm->zfree = zcfree;
+
+#ifdef FASTEST
+ if (level != 0) level = 1;
+#else
+ if (level == Z_DEFAULT_COMPRESSION) level = 6;
+#endif
+
+ if (windowBits < 0) { /* suppress zlib wrapper */
+ wrap = 0;
+ windowBits = -windowBits;
+ }
+#ifdef GZIP
+ else if (windowBits > 15) {
+ wrap = 2; /* write gzip wrapper instead */
+ windowBits -= 16;
+ }
+#endif
+ if (memLevel < 1 || memLevel > MAX_MEM_LEVEL || method != Z_DEFLATED ||
+ windowBits < 8 || windowBits > 15 || level < 0 || level > 9 ||
+ strategy < 0 || strategy > Z_FIXED) {
+ return Z_STREAM_ERROR;
+ }
+ if (windowBits == 8) windowBits = 9; /* until 256-byte window bug fixed */
+ s = (deflate_state *) ZALLOC(strm, 1, sizeof(deflate_state));
+ if (s == Z_NULL) return Z_MEM_ERROR;
+ strm->state = (struct internal_state FAR *)s;
+ s->strm = strm;
+
+ s->wrap = wrap;
+ s->gzhead = Z_NULL;
+ s->w_bits = windowBits;
+ s->w_size = 1 << s->w_bits;
+ s->w_mask = s->w_size - 1;
+
+ s->hash_bits = memLevel + 7;
+ s->hash_size = 1 << s->hash_bits;
+ s->hash_mask = s->hash_size - 1;
+ s->hash_shift = ((s->hash_bits+MIN_MATCH-1)/MIN_MATCH);
+
+ s->window = (Bytef *) ZALLOC(strm, s->w_size, 2*sizeof(Byte));
+ s->prev = (Posf *) ZALLOC(strm, s->w_size, sizeof(Pos));
+ s->head = (Posf *) ZALLOC(strm, s->hash_size, sizeof(Pos));
+
+ s->high_water = 0; /* nothing written to s->window yet */
+
+ s->lit_bufsize = 1 << (memLevel + 6); /* 16K elements by default */
+
+ overlay = (ushf *) ZALLOC(strm, s->lit_bufsize, sizeof(ush)+2);
+ s->pending_buf = (uchf *) overlay;
+ s->pending_buf_size = (ulg)s->lit_bufsize * (sizeof(ush)+2L);
+
+ if (s->window == Z_NULL || s->prev == Z_NULL || s->head == Z_NULL ||
+ s->pending_buf == Z_NULL) {
+ s->status = FINISH_STATE;
+ strm->msg = (char*)ERR_MSG(Z_MEM_ERROR);
+ deflateEnd (strm);
+ return Z_MEM_ERROR;
+ }
+ s->d_buf = overlay + s->lit_bufsize/sizeof(ush);
+ s->l_buf = s->pending_buf + (1+sizeof(ush))*s->lit_bufsize;
+
+ s->level = level;
+ s->strategy = strategy;
+ s->method = (Byte)method;
+
+ return deflateReset(strm);
+}
+
+/* ========================================================================= */
+int ZEXPORT deflateSetDictionary (strm, dictionary, dictLength)
+ z_streamp strm;
+ const Bytef *dictionary;
+ uInt dictLength;
+{
+ deflate_state *s;
+ uInt length = dictLength;
+ uInt n;
+ IPos hash_head = 0;
+
+ if (strm == Z_NULL || strm->state == Z_NULL || dictionary == Z_NULL ||
+ strm->state->wrap == 2 ||
+ (strm->state->wrap == 1 && strm->state->status != INIT_STATE))
+ return Z_STREAM_ERROR;
+
+ s = strm->state;
+ if (s->wrap)
+ strm->adler = adler32(strm->adler, dictionary, dictLength);
+
+ if (length < MIN_MATCH) return Z_OK;
+ if (length > s->w_size) {
+ length = s->w_size;
+ dictionary += dictLength - length; /* use the tail of the dictionary */
+ }
+ zmemcpy(s->window, dictionary, length);
+ s->strstart = length;
+ s->block_start = (long)length;
+
+ /* Insert all strings in the hash table (except for the last two bytes).
+ * s->lookahead stays null, so s->ins_h will be recomputed at the next
+ * call of fill_window.
+ */
+ s->ins_h = s->window[0];
+ UPDATE_HASH(s, s->ins_h, s->window[1]);
+ for (n = 0; n <= length - MIN_MATCH; n++) {
+ INSERT_STRING(s, n, hash_head);
+ }
+ if (hash_head) hash_head = 0; /* to make compiler happy */
+ return Z_OK;
+}
+
+/* ========================================================================= */
+int ZEXPORT deflateReset (strm)
+ z_streamp strm;
+{
+ deflate_state *s;
+
+ if (strm == Z_NULL || strm->state == Z_NULL ||
+ strm->zalloc == (alloc_func)0 || strm->zfree == (free_func)0) {
+ return Z_STREAM_ERROR;
+ }
+
+ strm->total_in = strm->total_out = 0;
+ strm->msg = Z_NULL; /* use zfree if we ever allocate msg dynamically */
+ strm->data_type = Z_UNKNOWN;
+
+ s = (deflate_state *)strm->state;
+ s->pending = 0;
+ s->pending_out = s->pending_buf;
+
+ if (s->wrap < 0) {
+ s->wrap = -s->wrap; /* was made negative by deflate(..., Z_FINISH); */
+ }
+ s->status = s->wrap ? INIT_STATE : BUSY_STATE;
+ strm->adler =
+#ifdef GZIP
+ s->wrap == 2 ? crc32(0L, Z_NULL, 0) :
+#endif
+ adler32(0L, Z_NULL, 0);
+ s->last_flush = Z_NO_FLUSH;
+
+ _tr_init(s);
+ lm_init(s);
+
+ return Z_OK;
+}
+
+/* ========================================================================= */
+int ZEXPORT deflateSetHeader (strm, head)
+ z_streamp strm;
+ gz_headerp head;
+{
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ if (strm->state->wrap != 2) return Z_STREAM_ERROR;
+ strm->state->gzhead = head;
+ return Z_OK;
+}
+
+/* ========================================================================= */
+int ZEXPORT deflatePrime (strm, bits, value)
+ z_streamp strm;
+ int bits;
+ int value;
+{
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ strm->state->bi_valid = bits;
+ strm->state->bi_buf = (ush)(value & ((1 << bits) - 1));
+ return Z_OK;
+}
+
+/* ========================================================================= */
+int ZEXPORT deflateParams(strm, level, strategy)
+ z_streamp strm;
+ int level;
+ int strategy;
+{
+ deflate_state *s;
+ compress_func func;
+ int err = Z_OK;
+
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ s = strm->state;
+
+#ifdef FASTEST
+ if (level != 0) level = 1;
+#else
+ if (level == Z_DEFAULT_COMPRESSION) level = 6;
+#endif
+ if (level < 0 || level > 9 || strategy < 0 || strategy > Z_FIXED) {
+ return Z_STREAM_ERROR;
+ }
+ func = configuration_table[s->level].func;
+
+ if ((strategy != s->strategy || func != configuration_table[level].func) &&
+ strm->total_in != 0) {
+ /* Flush the last buffer: */
+ err = deflate(strm, Z_BLOCK);
+ }
+ if (s->level != level) {
+ s->level = level;
+ s->max_lazy_match = configuration_table[level].max_lazy;
+ s->good_match = configuration_table[level].good_length;
+ s->nice_match = configuration_table[level].nice_length;
+ s->max_chain_length = configuration_table[level].max_chain;
+ }
+ s->strategy = strategy;
+ return err;
+}
+
+/* ========================================================================= */
+int ZEXPORT deflateTune(strm, good_length, max_lazy, nice_length, max_chain)
+ z_streamp strm;
+ int good_length;
+ int max_lazy;
+ int nice_length;
+ int max_chain;
+{
+ deflate_state *s;
+
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ s = strm->state;
+ s->good_match = good_length;
+ s->max_lazy_match = max_lazy;
+ s->nice_match = nice_length;
+ s->max_chain_length = max_chain;
+ return Z_OK;
+}
+
+/* =========================================================================
+ * For the default windowBits of 15 and memLevel of 8, this function returns
+ * a close to exact, as well as small, upper bound on the compressed size.
+ * They are coded as constants here for a reason--if the #define's are
+ * changed, then this function needs to be changed as well. The return
+ * value for 15 and 8 only works for those exact settings.
+ *
+ * For any setting other than those defaults for windowBits and memLevel,
+ * the value returned is a conservative worst case for the maximum expansion
+ * resulting from using fixed blocks instead of stored blocks, which deflate
+ * can emit on compressed data for some combinations of the parameters.
+ *
+ * This function could be more sophisticated to provide closer upper bounds for
+ * every combination of windowBits and memLevel. But even the conservative
+ * upper bound of about 14% expansion does not seem onerous for output buffer
+ * allocation.
+ */
+uLong ZEXPORT deflateBound(strm, sourceLen)
+ z_streamp strm;
+ uLong sourceLen;
+{
+ deflate_state *s;
+ uLong complen, wraplen;
+ Bytef *str;
+
+ /* conservative upper bound for compressed data */
+ complen = sourceLen +
+ ((sourceLen + 7) >> 3) + ((sourceLen + 63) >> 6) + 5;
+
+ /* if can't get parameters, return conservative bound plus zlib wrapper */
+ if (strm == Z_NULL || strm->state == Z_NULL)
+ return complen + 6;
+
+ /* compute wrapper length */
+ s = strm->state;
+ switch (s->wrap) {
+ case 0: /* raw deflate */
+ wraplen = 0;
+ break;
+ case 1: /* zlib wrapper */
+ wraplen = 6 + (s->strstart ? 4 : 0);
+ break;
+ case 2: /* gzip wrapper */
+ wraplen = 18;
+ if (s->gzhead != Z_NULL) { /* user-supplied gzip header */
+ if (s->gzhead->extra != Z_NULL)
+ wraplen += 2 + s->gzhead->extra_len;
+ str = s->gzhead->name;
+ if (str != Z_NULL)
+ do {
+ wraplen++;
+ } while (*str++);
+ str = s->gzhead->comment;
+ if (str != Z_NULL)
+ do {
+ wraplen++;
+ } while (*str++);
+ if (s->gzhead->hcrc)
+ wraplen += 2;
+ }
+ break;
+ default: /* for compiler happiness */
+ wraplen = 6;
+ }
+
+ /* if not default parameters, return conservative bound */
+ if (s->w_bits != 15 || s->hash_bits != 8 + 7)
+ return complen + wraplen;
+
+ /* default settings: return tight bound for that case */
+ return sourceLen + (sourceLen >> 12) + (sourceLen >> 14) +
+ (sourceLen >> 25) + 13 - 6 + wraplen;
+}
+
+/* =========================================================================
+ * Put a short in the pending buffer. The 16-bit value is put in MSB order.
+ * IN assertion: the stream state is correct and there is enough room in
+ * pending_buf.
+ */
+local void putShortMSB (s, b)
+ deflate_state *s;
+ uInt b;
+{
+ put_byte(s, (Byte)(b >> 8));
+ put_byte(s, (Byte)(b & 0xff));
+}
+
+/* =========================================================================
+ * Flush as much pending output as possible. All deflate() output goes
+ * through this function so some applications may wish to modify it
+ * to avoid allocating a large strm->next_out buffer and copying into it.
+ * (See also read_buf()).
+ */
+local void flush_pending(strm)
+ z_streamp strm;
+{
+ unsigned len = strm->state->pending;
+
+ if (len > strm->avail_out) len = strm->avail_out;
+ if (len == 0) return;
+
+ zmemcpy(strm->next_out, strm->state->pending_out, len);
+ strm->next_out += len;
+ strm->state->pending_out += len;
+ strm->total_out += len;
+ strm->avail_out -= len;
+ strm->state->pending -= len;
+ if (strm->state->pending == 0) {
+ strm->state->pending_out = strm->state->pending_buf;
+ }
+}
+
+/* ========================================================================= */
+int ZEXPORT deflate (strm, flush)
+ z_streamp strm;
+ int flush;
+{
+ int old_flush; /* value of flush param for previous deflate call */
+ deflate_state *s;
+
+ if (strm == Z_NULL || strm->state == Z_NULL ||
+ flush > Z_BLOCK || flush < 0) {
+ return Z_STREAM_ERROR;
+ }
+ s = strm->state;
+
+ if (strm->next_out == Z_NULL ||
+ (strm->next_in == Z_NULL && strm->avail_in != 0) ||
+ (s->status == FINISH_STATE && flush != Z_FINISH)) {
+ ERR_RETURN(strm, Z_STREAM_ERROR);
+ }
+ if (strm->avail_out == 0) ERR_RETURN(strm, Z_BUF_ERROR);
+
+ s->strm = strm; /* just in case */
+ old_flush = s->last_flush;
+ s->last_flush = flush;
+
+ /* Write the header */
+ if (s->status == INIT_STATE) {
+#ifdef GZIP
+ if (s->wrap == 2) {
+ strm->adler = crc32(0L, Z_NULL, 0);
+ put_byte(s, 31);
+ put_byte(s, 139);
+ put_byte(s, 8);
+ if (s->gzhead == Z_NULL) {
+ put_byte(s, 0);
+ put_byte(s, 0);
+ put_byte(s, 0);
+ put_byte(s, 0);
+ put_byte(s, 0);
+ put_byte(s, s->level == 9 ? 2 :
+ (s->strategy >= Z_HUFFMAN_ONLY || s->level < 2 ?
+ 4 : 0));
+ put_byte(s, OS_CODE);
+ s->status = BUSY_STATE;
+ }
+ else {
+ put_byte(s, (s->gzhead->text ? 1 : 0) +
+ (s->gzhead->hcrc ? 2 : 0) +
+ (s->gzhead->extra == Z_NULL ? 0 : 4) +
+ (s->gzhead->name == Z_NULL ? 0 : 8) +
+ (s->gzhead->comment == Z_NULL ? 0 : 16)
+ );
+ put_byte(s, (Byte)(s->gzhead->time & 0xff));
+ put_byte(s, (Byte)((s->gzhead->time >> 8) & 0xff));
+ put_byte(s, (Byte)((s->gzhead->time >> 16) & 0xff));
+ put_byte(s, (Byte)((s->gzhead->time >> 24) & 0xff));
+ put_byte(s, s->level == 9 ? 2 :
+ (s->strategy >= Z_HUFFMAN_ONLY || s->level < 2 ?
+ 4 : 0));
+ put_byte(s, s->gzhead->os & 0xff);
+ if (s->gzhead->extra != Z_NULL) {
+ put_byte(s, s->gzhead->extra_len & 0xff);
+ put_byte(s, (s->gzhead->extra_len >> 8) & 0xff);
+ }
+ if (s->gzhead->hcrc)
+ strm->adler = crc32(strm->adler, s->pending_buf,
+ s->pending);
+ s->gzindex = 0;
+ s->status = EXTRA_STATE;
+ }
+ }
+ else
+#endif
+ {
+ uInt header = (Z_DEFLATED + ((s->w_bits-8)<<4)) << 8;
+ uInt level_flags;
+
+ if (s->strategy >= Z_HUFFMAN_ONLY || s->level < 2)
+ level_flags = 0;
+ else if (s->level < 6)
+ level_flags = 1;
+ else if (s->level == 6)
+ level_flags = 2;
+ else
+ level_flags = 3;
+ header |= (level_flags << 6);
+ if (s->strstart != 0) header |= PRESET_DICT;
+ header += 31 - (header % 31);
+
+ s->status = BUSY_STATE;
+ putShortMSB(s, header);
+
+ /* Save the adler32 of the preset dictionary: */
+ if (s->strstart != 0) {
+ putShortMSB(s, (uInt)(strm->adler >> 16));
+ putShortMSB(s, (uInt)(strm->adler & 0xffff));
+ }
+ strm->adler = adler32(0L, Z_NULL, 0);
+ }
+ }
+#ifdef GZIP
+ if (s->status == EXTRA_STATE) {
+ if (s->gzhead->extra != Z_NULL) {
+ uInt beg = s->pending; /* start of bytes to update crc */
+
+ while (s->gzindex < (s->gzhead->extra_len & 0xffff)) {
+ if (s->pending == s->pending_buf_size) {
+ if (s->gzhead->hcrc && s->pending > beg)
+ strm->adler = crc32(strm->adler, s->pending_buf + beg,
+ s->pending - beg);
+ flush_pending(strm);
+ beg = s->pending;
+ if (s->pending == s->pending_buf_size)
+ break;
+ }
+ put_byte(s, s->gzhead->extra[s->gzindex]);
+ s->gzindex++;
+ }
+ if (s->gzhead->hcrc && s->pending > beg)
+ strm->adler = crc32(strm->adler, s->pending_buf + beg,
+ s->pending - beg);
+ if (s->gzindex == s->gzhead->extra_len) {
+ s->gzindex = 0;
+ s->status = NAME_STATE;
+ }
+ }
+ else
+ s->status = NAME_STATE;
+ }
+ if (s->status == NAME_STATE) {
+ if (s->gzhead->name != Z_NULL) {
+ uInt beg = s->pending; /* start of bytes to update crc */
+ int val;
+
+ do {
+ if (s->pending == s->pending_buf_size) {
+ if (s->gzhead->hcrc && s->pending > beg)
+ strm->adler = crc32(strm->adler, s->pending_buf + beg,
+ s->pending - beg);
+ flush_pending(strm);
+ beg = s->pending;
+ if (s->pending == s->pending_buf_size) {
+ val = 1;
+ break;
+ }
+ }
+ val = s->gzhead->name[s->gzindex++];
+ put_byte(s, val);
+ } while (val != 0);
+ if (s->gzhead->hcrc && s->pending > beg)
+ strm->adler = crc32(strm->adler, s->pending_buf + beg,
+ s->pending - beg);
+ if (val == 0) {
+ s->gzindex = 0;
+ s->status = COMMENT_STATE;
+ }
+ }
+ else
+ s->status = COMMENT_STATE;
+ }
+ if (s->status == COMMENT_STATE) {
+ if (s->gzhead->comment != Z_NULL) {
+ uInt beg = s->pending; /* start of bytes to update crc */
+ int val;
+
+ do {
+ if (s->pending == s->pending_buf_size) {
+ if (s->gzhead->hcrc && s->pending > beg)
+ strm->adler = crc32(strm->adler, s->pending_buf + beg,
+ s->pending - beg);
+ flush_pending(strm);
+ beg = s->pending;
+ if (s->pending == s->pending_buf_size) {
+ val = 1;
+ break;
+ }
+ }
+ val = s->gzhead->comment[s->gzindex++];
+ put_byte(s, val);
+ } while (val != 0);
+ if (s->gzhead->hcrc && s->pending > beg)
+ strm->adler = crc32(strm->adler, s->pending_buf + beg,
+ s->pending - beg);
+ if (val == 0)
+ s->status = HCRC_STATE;
+ }
+ else
+ s->status = HCRC_STATE;
+ }
+ if (s->status == HCRC_STATE) {
+ if (s->gzhead->hcrc) {
+ if (s->pending + 2 > s->pending_buf_size)
+ flush_pending(strm);
+ if (s->pending + 2 <= s->pending_buf_size) {
+ put_byte(s, (Byte)(strm->adler & 0xff));
+ put_byte(s, (Byte)((strm->adler >> 8) & 0xff));
+ strm->adler = crc32(0L, Z_NULL, 0);
+ s->status = BUSY_STATE;
+ }
+ }
+ else
+ s->status = BUSY_STATE;
+ }
+#endif
+
+ /* Flush as much pending output as possible */
+ if (s->pending != 0) {
+ flush_pending(strm);
+ if (strm->avail_out == 0) {
+ /* Since avail_out is 0, deflate will be called again with
+ * more output space, but possibly with both pending and
+ * avail_in equal to zero. There won't be anything to do,
+ * but this is not an error situation so make sure we
+ * return OK instead of BUF_ERROR at next call of deflate:
+ */
+ s->last_flush = -1;
+ return Z_OK;
+ }
+
+ /* Make sure there is something to do and avoid duplicate consecutive
+ * flushes. For repeated and useless calls with Z_FINISH, we keep
+ * returning Z_STREAM_END instead of Z_BUF_ERROR.
+ */
+ } else if (strm->avail_in == 0 && flush <= old_flush &&
+ flush != Z_FINISH) {
+ ERR_RETURN(strm, Z_BUF_ERROR);
+ }
+
+ /* User must not provide more input after the first FINISH: */
+ if (s->status == FINISH_STATE && strm->avail_in != 0) {
+ ERR_RETURN(strm, Z_BUF_ERROR);
+ }
+
+ /* Start a new block or continue the current one.
+ */
+ if (strm->avail_in != 0 || s->lookahead != 0 ||
+ (flush != Z_NO_FLUSH && s->status != FINISH_STATE)) {
+ block_state bstate;
+
+ bstate = s->strategy == Z_HUFFMAN_ONLY ? deflate_huff(s, flush) :
+ (s->strategy == Z_RLE ? deflate_rle(s, flush) :
+ (*(configuration_table[s->level].func))(s, flush));
+
+ if (bstate == finish_started || bstate == finish_done) {
+ s->status = FINISH_STATE;
+ }
+ if (bstate == need_more || bstate == finish_started) {
+ if (strm->avail_out == 0) {
+ s->last_flush = -1; /* avoid BUF_ERROR next call, see above */
+ }
+ return Z_OK;
+ /* If flush != Z_NO_FLUSH && avail_out == 0, the next call
+ * of deflate should use the same flush parameter to make sure
+ * that the flush is complete. So we don't have to output an
+ * empty block here, this will be done at next call. This also
+ * ensures that for a very small output buffer, we emit at most
+ * one empty block.
+ */
+ }
+ if (bstate == block_done) {
+ if (flush == Z_PARTIAL_FLUSH) {
+ _tr_align(s);
+ } else if (flush != Z_BLOCK) { /* FULL_FLUSH or SYNC_FLUSH */
+ _tr_stored_block(s, (char*)0, 0L, 0);
+ /* For a full flush, this empty block will be recognized
+ * as a special marker by inflate_sync().
+ */
+ if (flush == Z_FULL_FLUSH) {
+ CLEAR_HASH(s); /* forget history */
+ if (s->lookahead == 0) {
+ s->strstart = 0;
+ s->block_start = 0L;
+ }
+ }
+ }
+ flush_pending(strm);
+ if (strm->avail_out == 0) {
+ s->last_flush = -1; /* avoid BUF_ERROR at next call, see above */
+ return Z_OK;
+ }
+ }
+ }
+ Assert(strm->avail_out > 0, "bug2");
+
+ if (flush != Z_FINISH) return Z_OK;
+ if (s->wrap <= 0) return Z_STREAM_END;
+
+ /* Write the trailer */
+#ifdef GZIP
+ if (s->wrap == 2) {
+ put_byte(s, (Byte)(strm->adler & 0xff));
+ put_byte(s, (Byte)((strm->adler >> 8) & 0xff));
+ put_byte(s, (Byte)((strm->adler >> 16) & 0xff));
+ put_byte(s, (Byte)((strm->adler >> 24) & 0xff));
+ put_byte(s, (Byte)(strm->total_in & 0xff));
+ put_byte(s, (Byte)((strm->total_in >> 8) & 0xff));
+ put_byte(s, (Byte)((strm->total_in >> 16) & 0xff));
+ put_byte(s, (Byte)((strm->total_in >> 24) & 0xff));
+ }
+ else
+#endif
+ {
+ putShortMSB(s, (uInt)(strm->adler >> 16));
+ putShortMSB(s, (uInt)(strm->adler & 0xffff));
+ }
+ flush_pending(strm);
+ /* If avail_out is zero, the application will call deflate again
+ * to flush the rest.
+ */
+ if (s->wrap > 0) s->wrap = -s->wrap; /* write the trailer only once! */
+ return s->pending != 0 ? Z_OK : Z_STREAM_END;
+}
+
+/* ========================================================================= */
+int ZEXPORT deflateEnd (strm)
+ z_streamp strm;
+{
+ int status;
+
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+
+ status = strm->state->status;
+ if (status != INIT_STATE &&
+ status != EXTRA_STATE &&
+ status != NAME_STATE &&
+ status != COMMENT_STATE &&
+ status != HCRC_STATE &&
+ status != BUSY_STATE &&
+ status != FINISH_STATE) {
+ return Z_STREAM_ERROR;
+ }
+
+ /* Deallocate in reverse order of allocations: */
+ TRY_FREE(strm, strm->state->pending_buf);
+ TRY_FREE(strm, strm->state->head);
+ TRY_FREE(strm, strm->state->prev);
+ TRY_FREE(strm, strm->state->window);
+
+ ZFREE(strm, strm->state);
+ strm->state = Z_NULL;
+
+ return status == BUSY_STATE ? Z_DATA_ERROR : Z_OK;
+}
+
+/* =========================================================================
+ * Copy the source state to the destination state.
+ * To simplify the source, this is not supported for 16-bit MSDOS (which
+ * doesn't have enough memory anyway to duplicate compression states).
+ */
+int ZEXPORT deflateCopy (dest, source)
+ z_streamp dest;
+ z_streamp source;
+{
+#ifdef MAXSEG_64K
+ return Z_STREAM_ERROR;
+#else
+ deflate_state *ds;
+ deflate_state *ss;
+ ushf *overlay;
+
+
+ if (source == Z_NULL || dest == Z_NULL || source->state == Z_NULL) {
+ return Z_STREAM_ERROR;
+ }
+
+ ss = source->state;
+
+ zmemcpy(dest, source, sizeof(z_stream));
+
+ ds = (deflate_state *) ZALLOC(dest, 1, sizeof(deflate_state));
+ if (ds == Z_NULL) return Z_MEM_ERROR;
+ dest->state = (struct internal_state FAR *) ds;
+ zmemcpy(ds, ss, sizeof(deflate_state));
+ ds->strm = dest;
+
+ ds->window = (Bytef *) ZALLOC(dest, ds->w_size, 2*sizeof(Byte));
+ ds->prev = (Posf *) ZALLOC(dest, ds->w_size, sizeof(Pos));
+ ds->head = (Posf *) ZALLOC(dest, ds->hash_size, sizeof(Pos));
+ overlay = (ushf *) ZALLOC(dest, ds->lit_bufsize, sizeof(ush)+2);
+ ds->pending_buf = (uchf *) overlay;
+
+ if (ds->window == Z_NULL || ds->prev == Z_NULL || ds->head == Z_NULL ||
+ ds->pending_buf == Z_NULL) {
+ deflateEnd (dest);
+ return Z_MEM_ERROR;
+ }
+ /* following zmemcpy do not work for 16-bit MSDOS */
+ zmemcpy(ds->window, ss->window, ds->w_size * 2 * sizeof(Byte));
+ zmemcpy(ds->prev, ss->prev, ds->w_size * sizeof(Pos));
+ zmemcpy(ds->head, ss->head, ds->hash_size * sizeof(Pos));
+ zmemcpy(ds->pending_buf, ss->pending_buf, (uInt)ds->pending_buf_size);
+
+ ds->pending_out = ds->pending_buf + (ss->pending_out - ss->pending_buf);
+ ds->d_buf = overlay + ds->lit_bufsize/sizeof(ush);
+ ds->l_buf = ds->pending_buf + (1+sizeof(ush))*ds->lit_bufsize;
+
+ ds->l_desc.dyn_tree = ds->dyn_ltree;
+ ds->d_desc.dyn_tree = ds->dyn_dtree;
+ ds->bl_desc.dyn_tree = ds->bl_tree;
+
+ return Z_OK;
+#endif /* MAXSEG_64K */
+}
+
+/* ===========================================================================
+ * Read a new buffer from the current input stream, update the adler32
+ * and total number of bytes read. All deflate() input goes through
+ * this function so some applications may wish to modify it to avoid
+ * allocating a large strm->next_in buffer and copying from it.
+ * (See also flush_pending()).
+ */
+local int read_buf(strm, buf, size)
+ z_streamp strm;
+ Bytef *buf;
+ unsigned size;
+{
+ unsigned len = strm->avail_in;
+
+ if (len > size) len = size;
+ if (len == 0) return 0;
+
+ strm->avail_in -= len;
+
+ if (strm->state->wrap == 1) {
+ strm->adler = adler32(strm->adler, strm->next_in, len);
+ }
+#ifdef GZIP
+ else if (strm->state->wrap == 2) {
+ strm->adler = crc32(strm->adler, strm->next_in, len);
+ }
+#endif
+ zmemcpy(buf, strm->next_in, len);
+ strm->next_in += len;
+ strm->total_in += len;
+
+ return (int)len;
+}
+
+/* ===========================================================================
+ * Initialize the "longest match" routines for a new zlib stream
+ */
+local void lm_init (s)
+ deflate_state *s;
+{
+ s->window_size = (ulg)2L*s->w_size;
+
+ CLEAR_HASH(s);
+
+ /* Set the default configuration parameters:
+ */
+ s->max_lazy_match = configuration_table[s->level].max_lazy;
+ s->good_match = configuration_table[s->level].good_length;
+ s->nice_match = configuration_table[s->level].nice_length;
+ s->max_chain_length = configuration_table[s->level].max_chain;
+
+ s->strstart = 0;
+ s->block_start = 0L;
+ s->lookahead = 0;
+ s->match_length = s->prev_length = MIN_MATCH-1;
+ s->match_available = 0;
+ s->ins_h = 0;
+#ifndef FASTEST
+#ifdef ASMV
+ match_init(); /* initialize the asm code */
+#endif
+#endif
+}
+
+#ifndef FASTEST
+/* ===========================================================================
+ * Set match_start to the longest match starting at the given string and
+ * return its length. Matches shorter or equal to prev_length are discarded,
+ * in which case the result is equal to prev_length and match_start is
+ * garbage.
+ * IN assertions: cur_match is the head of the hash chain for the current
+ * string (strstart) and its distance is <= MAX_DIST, and prev_length >= 1
+ * OUT assertion: the match length is not greater than s->lookahead.
+ */
+#ifndef ASMV
+/* For 80x86 and 680x0, an optimized version will be provided in match.asm or
+ * match.S. The code will be functionally equivalent.
+ */
+local uInt longest_match(s, cur_match)
+ deflate_state *s;
+ IPos cur_match; /* current match */
+{
+ unsigned chain_length = s->max_chain_length;/* max hash chain length */
+ register Bytef *scan = s->window + s->strstart; /* current string */
+ register Bytef *match; /* matched string */
+ register int len; /* length of current match */
+ int best_len = s->prev_length; /* best match length so far */
+ int nice_match = s->nice_match; /* stop if match long enough */
+ IPos limit = s->strstart > (IPos)MAX_DIST(s) ?
+ s->strstart - (IPos)MAX_DIST(s) : NIL;
+ /* Stop when cur_match becomes <= limit. To simplify the code,
+ * we prevent matches with the string of window index 0.
+ */
+ Posf *prev = s->prev;
+ uInt wmask = s->w_mask;
+
+#ifdef UNALIGNED_OK
+ /* Compare two bytes at a time. Note: this is not always beneficial.
+ * Try with and without -DUNALIGNED_OK to check.
+ */
+ register Bytef *strend = s->window + s->strstart + MAX_MATCH - 1;
+ register ush scan_start = *(ushf*)scan;
+ register ush scan_end = *(ushf*)(scan+best_len-1);
+#else
+ register Bytef *strend = s->window + s->strstart + MAX_MATCH;
+ register Byte scan_end1 = scan[best_len-1];
+ register Byte scan_end = scan[best_len];
+#endif
+
+ /* The code is optimized for HASH_BITS >= 8 and MAX_MATCH-2 multiple of 16.
+ * It is easy to get rid of this optimization if necessary.
+ */
+ Assert(s->hash_bits >= 8 && MAX_MATCH == 258, "Code too clever");
+
+ /* Do not waste too much time if we already have a good match: */
+ if (s->prev_length >= s->good_match) {
+ chain_length >>= 2;
+ }
+ /* Do not look for matches beyond the end of the input. This is necessary
+ * to make deflate deterministic.
+ */
+ if ((uInt)nice_match > s->lookahead) nice_match = s->lookahead;
+
+ Assert((ulg)s->strstart <= s->window_size-MIN_LOOKAHEAD, "need lookahead");
+
+ do {
+ Assert(cur_match < s->strstart, "no future");
+ match = s->window + cur_match;
+
+ /* Skip to next match if the match length cannot increase
+ * or if the match length is less than 2. Note that the checks below
+ * for insufficient lookahead only occur occasionally for performance
+ * reasons. Therefore uninitialized memory will be accessed, and
+ * conditional jumps will be made that depend on those values.
+ * However the length of the match is limited to the lookahead, so
+ * the output of deflate is not affected by the uninitialized values.
+ */
+#if (defined(UNALIGNED_OK) && MAX_MATCH == 258)
+ /* This code assumes sizeof(unsigned short) == 2. Do not use
+ * UNALIGNED_OK if your compiler uses a different size.
+ */
+ if (*(ushf*)(match+best_len-1) != scan_end ||
+ *(ushf*)match != scan_start) continue;
+
+ /* It is not necessary to compare scan[2] and match[2] since they are
+ * always equal when the other bytes match, given that the hash keys
+ * are equal and that HASH_BITS >= 8. Compare 2 bytes at a time at
+ * strstart+3, +5, ... up to strstart+257. We check for insufficient
+ * lookahead only every 4th comparison; the 128th check will be made
+ * at strstart+257. If MAX_MATCH-2 is not a multiple of 8, it is
+ * necessary to put more guard bytes at the end of the window, or
+ * to check more often for insufficient lookahead.
+ */
+ Assert(scan[2] == match[2], "scan[2]?");
+ scan++, match++;
+ do {
+ } while (*(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
+ *(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
+ *(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
+ *(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
+ scan < strend);
+ /* The funny "do {}" generates better code on most compilers */
+
+ /* Here, scan <= window+strstart+257 */
+ Assert(scan <= s->window+(unsigned)(s->window_size-1), "wild scan");
+ if (*scan == *match) scan++;
+
+ len = (MAX_MATCH - 1) - (int)(strend-scan);
+ scan = strend - (MAX_MATCH-1);
+
+#else /* UNALIGNED_OK */
+
+ if (match[best_len] != scan_end ||
+ match[best_len-1] != scan_end1 ||
+ *match != *scan ||
+ *++match != scan[1]) continue;
+
+ /* The check at best_len-1 can be removed because it will be made
+ * again later. (This heuristic is not always a win.)
+ * It is not necessary to compare scan[2] and match[2] since they
+ * are always equal when the other bytes match, given that
+ * the hash keys are equal and that HASH_BITS >= 8.
+ */
+ scan += 2, match++;
+ Assert(*scan == *match, "match[2]?");
+
+ /* We check for insufficient lookahead only every 8th comparison;
+ * the 256th check will be made at strstart+258.
+ */
+ do {
+ } while (*++scan == *++match && *++scan == *++match &&
+ *++scan == *++match && *++scan == *++match &&
+ *++scan == *++match && *++scan == *++match &&
+ *++scan == *++match && *++scan == *++match &&
+ scan < strend);
+
+ Assert(scan <= s->window+(unsigned)(s->window_size-1), "wild scan");
+
+ len = MAX_MATCH - (int)(strend - scan);
+ scan = strend - MAX_MATCH;
+
+#endif /* UNALIGNED_OK */
+
+ if (len > best_len) {
+ s->match_start = cur_match;
+ best_len = len;
+ if (len >= nice_match) break;
+#ifdef UNALIGNED_OK
+ scan_end = *(ushf*)(scan+best_len-1);
+#else
+ scan_end1 = scan[best_len-1];
+ scan_end = scan[best_len];
+#endif
+ }
+ } while ((cur_match = prev[cur_match & wmask]) > limit
+ && --chain_length != 0);
+
+ if ((uInt)best_len <= s->lookahead) return (uInt)best_len;
+ return s->lookahead;
+}
+#endif /* ASMV */
+
+#else /* FASTEST */
+
+/* ---------------------------------------------------------------------------
+ * Optimized version for FASTEST only
+ */
+local uInt longest_match(s, cur_match)
+ deflate_state *s;
+ IPos cur_match; /* current match */
+{
+ register Bytef *scan = s->window + s->strstart; /* current string */
+ register Bytef *match; /* matched string */
+ register int len; /* length of current match */
+ register Bytef *strend = s->window + s->strstart + MAX_MATCH;
+
+ /* The code is optimized for HASH_BITS >= 8 and MAX_MATCH-2 multiple of 16.
+ * It is easy to get rid of this optimization if necessary.
+ */
+ Assert(s->hash_bits >= 8 && MAX_MATCH == 258, "Code too clever");
+
+ Assert((ulg)s->strstart <= s->window_size-MIN_LOOKAHEAD, "need lookahead");
+
+ Assert(cur_match < s->strstart, "no future");
+
+ match = s->window + cur_match;
+
+ /* Return failure if the match length is less than 2:
+ */
+ if (match[0] != scan[0] || match[1] != scan[1]) return MIN_MATCH-1;
+
+ /* The check at best_len-1 can be removed because it will be made
+ * again later. (This heuristic is not always a win.)
+ * It is not necessary to compare scan[2] and match[2] since they
+ * are always equal when the other bytes match, given that
+ * the hash keys are equal and that HASH_BITS >= 8.
+ */
+ scan += 2, match += 2;
+ Assert(*scan == *match, "match[2]?");
+
+ /* We check for insufficient lookahead only every 8th comparison;
+ * the 256th check will be made at strstart+258.
+ */
+ do {
+ } while (*++scan == *++match && *++scan == *++match &&
+ *++scan == *++match && *++scan == *++match &&
+ *++scan == *++match && *++scan == *++match &&
+ *++scan == *++match && *++scan == *++match &&
+ scan < strend);
+
+ Assert(scan <= s->window+(unsigned)(s->window_size-1), "wild scan");
+
+ len = MAX_MATCH - (int)(strend - scan);
+
+ if (len < MIN_MATCH) return MIN_MATCH - 1;
+
+ s->match_start = cur_match;
+ return (uInt)len <= s->lookahead ? (uInt)len : s->lookahead;
+}
+
+#endif /* FASTEST */
+
+#ifdef DEBUG
+/* ===========================================================================
+ * Check that the match at match_start is indeed a match.
+ */
+local void check_match(s, start, match, length)
+ deflate_state *s;
+ IPos start, match;
+ int length;
+{
+ /* check that the match is indeed a match */
+ if (zmemcmp(s->window + match,
+ s->window + start, length) != EQUAL) {
+ fprintf(stderr, " start %u, match %u, length %d\n",
+ start, match, length);
+ do {
+ fprintf(stderr, "%c%c", s->window[match++], s->window[start++]);
+ } while (--length != 0);
+ z_error("invalid match");
+ }
+ if (z_verbose > 1) {
+ fprintf(stderr,"\\[%d,%d]", start-match, length);
+ do { putc(s->window[start++], stderr); } while (--length != 0);
+ }
+}
+#else
+# define check_match(s, start, match, length)
+#endif /* DEBUG */
+
+/* ===========================================================================
+ * Fill the window when the lookahead becomes insufficient.
+ * Updates strstart and lookahead.
+ *
+ * IN assertion: lookahead < MIN_LOOKAHEAD
+ * OUT assertions: strstart <= window_size-MIN_LOOKAHEAD
+ * At least one byte has been read, or avail_in == 0; reads are
+ * performed for at least two bytes (required for the zip translate_eol
+ * option -- not supported here).
+ */
+local void fill_window(s)
+ deflate_state *s;
+{
+ register unsigned n, m;
+ register Posf *p;
+ unsigned more; /* Amount of free space at the end of the window. */
+ uInt wsize = s->w_size;
+
+ do {
+ more = (unsigned)(s->window_size -(ulg)s->lookahead -(ulg)s->strstart);
+
+ /* Deal with !@#$% 64K limit: */
+ if (sizeof(int) <= 2) {
+ if (more == 0 && s->strstart == 0 && s->lookahead == 0) {
+ more = wsize;
+
+ } else if (more == (unsigned)(-1)) {
+ /* Very unlikely, but possible on 16 bit machine if
+ * strstart == 0 && lookahead == 1 (input done a byte at time)
+ */
+ more--;
+ }
+ }
+
+ /* If the window is almost full and there is insufficient lookahead,
+ * move the upper half to the lower one to make room in the upper half.
+ */
+ if (s->strstart >= wsize+MAX_DIST(s)) {
+
+ zmemcpy(s->window, s->window+wsize, (unsigned)wsize);
+ s->match_start -= wsize;
+ s->strstart -= wsize; /* we now have strstart >= MAX_DIST */
+ s->block_start -= (long) wsize;
+
+ /* Slide the hash table (could be avoided with 32 bit values
+ at the expense of memory usage). We slide even when level == 0
+ to keep the hash table consistent if we switch back to level > 0
+ later. (Using level 0 permanently is not an optimal usage of
+ zlib, so we don't care about this pathological case.)
+ */
+ n = s->hash_size;
+ p = &s->head[n];
+ do {
+ m = *--p;
+ *p = (Pos)(m >= wsize ? m-wsize : NIL);
+ } while (--n);
+
+ n = wsize;
+#ifndef FASTEST
+ p = &s->prev[n];
+ do {
+ m = *--p;
+ *p = (Pos)(m >= wsize ? m-wsize : NIL);
+ /* If n is not on any hash chain, prev[n] is garbage but
+ * its value will never be used.
+ */
+ } while (--n);
+#endif
+ more += wsize;
+ }
+ if (s->strm->avail_in == 0) return;
+
+ /* If there was no sliding:
+ * strstart <= WSIZE+MAX_DIST-1 && lookahead <= MIN_LOOKAHEAD - 1 &&
+ * more == window_size - lookahead - strstart
+ * => more >= window_size - (MIN_LOOKAHEAD-1 + WSIZE + MAX_DIST-1)
+ * => more >= window_size - 2*WSIZE + 2
+ * In the BIG_MEM or MMAP case (not yet supported),
+ * window_size == input_size + MIN_LOOKAHEAD &&
+ * strstart + s->lookahead <= input_size => more >= MIN_LOOKAHEAD.
+ * Otherwise, window_size == 2*WSIZE so more >= 2.
+ * If there was sliding, more >= WSIZE. So in all cases, more >= 2.
+ */
+ Assert(more >= 2, "more < 2");
+
+ n = read_buf(s->strm, s->window + s->strstart + s->lookahead, more);
+ s->lookahead += n;
+
+ /* Initialize the hash value now that we have some input: */
+ if (s->lookahead >= MIN_MATCH) {
+ s->ins_h = s->window[s->strstart];
+ UPDATE_HASH(s, s->ins_h, s->window[s->strstart+1]);
+#if MIN_MATCH != 3
+ Call UPDATE_HASH() MIN_MATCH-3 more times
+#endif
+ }
+ /* If the whole input has less than MIN_MATCH bytes, ins_h is garbage,
+ * but this is not important since only literal bytes will be emitted.
+ */
+
+ } while (s->lookahead < MIN_LOOKAHEAD && s->strm->avail_in != 0);
+
+ /* If the WIN_INIT bytes after the end of the current data have never been
+ * written, then zero those bytes in order to avoid memory check reports of
+ * the use of uninitialized (or uninitialised as Julian writes) bytes by
+ * the longest match routines. Update the high water mark for the next
+ * time through here. WIN_INIT is set to MAX_MATCH since the longest match
+ * routines allow scanning to strstart + MAX_MATCH, ignoring lookahead.
+ */
+ if (s->high_water < s->window_size) {
+ ulg curr = s->strstart + (ulg)(s->lookahead);
+ ulg init;
+
+ if (s->high_water < curr) {
+ /* Previous high water mark below current data -- zero WIN_INIT
+ * bytes or up to end of window, whichever is less.
+ */
+ init = s->window_size - curr;
+ if (init > WIN_INIT)
+ init = WIN_INIT;
+ zmemzero(s->window + curr, (unsigned)init);
+ s->high_water = curr + init;
+ }
+ else if (s->high_water < (ulg)curr + WIN_INIT) {
+ /* High water mark at or above current data, but below current data
+ * plus WIN_INIT -- zero out to current data plus WIN_INIT, or up
+ * to end of window, whichever is less.
+ */
+ init = (ulg)curr + WIN_INIT - s->high_water;
+ if (init > s->window_size - s->high_water)
+ init = s->window_size - s->high_water;
+ zmemzero(s->window + s->high_water, (unsigned)init);
+ s->high_water += init;
+ }
+ }
+}
+
+/* ===========================================================================
+ * Flush the current block, with given end-of-file flag.
+ * IN assertion: strstart is set to the end of the current match.
+ */
+#define FLUSH_BLOCK_ONLY(s, last) { \
+ _tr_flush_block(s, (s->block_start >= 0L ? \
+ (charf *)&s->window[(unsigned)s->block_start] : \
+ (charf *)Z_NULL), \
+ (ulg)((long)s->strstart - s->block_start), \
+ (last)); \
+ s->block_start = s->strstart; \
+ flush_pending(s->strm); \
+ Tracev((stderr,"[FLUSH]")); \
+}
+
+/* Same but force premature exit if necessary. */
+#define FLUSH_BLOCK(s, last) { \
+ FLUSH_BLOCK_ONLY(s, last); \
+ if (s->strm->avail_out == 0) return (last) ? finish_started : need_more; \
+}
+
+/* ===========================================================================
+ * Copy without compression as much as possible from the input stream, return
+ * the current block state.
+ * This function does not insert new strings in the dictionary since
+ * uncompressible data is probably not useful. This function is used
+ * only for the level=0 compression option.
+ * NOTE: this function should be optimized to avoid extra copying from
+ * window to pending_buf.
+ */
+local block_state deflate_stored(s, flush)
+ deflate_state *s;
+ int flush;
+{
+ /* Stored blocks are limited to 0xffff bytes, pending_buf is limited
+ * to pending_buf_size, and each stored block has a 5 byte header:
+ */
+ ulg max_block_size = 0xffff;
+ ulg max_start;
+
+ if (max_block_size > s->pending_buf_size - 5) {
+ max_block_size = s->pending_buf_size - 5;
+ }
+
+ /* Copy as much as possible from input to output: */
+ for (;;) {
+ /* Fill the window as much as possible: */
+ if (s->lookahead <= 1) {
+
+ Assert(s->strstart < s->w_size+MAX_DIST(s) ||
+ s->block_start >= (long)s->w_size, "slide too late");
+
+ fill_window(s);
+ if (s->lookahead == 0 && flush == Z_NO_FLUSH) return need_more;
+
+ if (s->lookahead == 0) break; /* flush the current block */
+ }
+ Assert(s->block_start >= 0L, "block gone");
+
+ s->strstart += s->lookahead;
+ s->lookahead = 0;
+
+ /* Emit a stored block if pending_buf will be full: */
+ max_start = s->block_start + max_block_size;
+ if (s->strstart == 0 || (ulg)s->strstart >= max_start) {
+ /* strstart == 0 is possible when wraparound on 16-bit machine */
+ s->lookahead = (uInt)(s->strstart - max_start);
+ s->strstart = (uInt)max_start;
+ FLUSH_BLOCK(s, 0);
+ }
+ /* Flush if we may have to slide, otherwise block_start may become
+ * negative and the data will be gone:
+ */
+ if (s->strstart - (uInt)s->block_start >= MAX_DIST(s)) {
+ FLUSH_BLOCK(s, 0);
+ }
+ }
+ FLUSH_BLOCK(s, flush == Z_FINISH);
+ return flush == Z_FINISH ? finish_done : block_done;
+}
+
+/* ===========================================================================
+ * Compress as much as possible from the input stream, return the current
+ * block state.
+ * This function does not perform lazy evaluation of matches and inserts
+ * new strings in the dictionary only for unmatched strings or for short
+ * matches. It is used only for the fast compression options.
+ */
+local block_state deflate_fast(s, flush)
+ deflate_state *s;
+ int flush;
+{
+ IPos hash_head; /* head of the hash chain */
+ int bflush; /* set if current block must be flushed */
+
+ for (;;) {
+ /* Make sure that we always have enough lookahead, except
+ * at the end of the input file. We need MAX_MATCH bytes
+ * for the next match, plus MIN_MATCH bytes to insert the
+ * string following the next match.
+ */
+ if (s->lookahead < MIN_LOOKAHEAD) {
+ fill_window(s);
+ if (s->lookahead < MIN_LOOKAHEAD && flush == Z_NO_FLUSH) {
+ return need_more;
+ }
+ if (s->lookahead == 0) break; /* flush the current block */
+ }
+
+ /* Insert the string window[strstart .. strstart+2] in the
+ * dictionary, and set hash_head to the head of the hash chain:
+ */
+ hash_head = NIL;
+ if (s->lookahead >= MIN_MATCH) {
+ INSERT_STRING(s, s->strstart, hash_head);
+ }
+
+ /* Find the longest match, discarding those <= prev_length.
+ * At this point we have always match_length < MIN_MATCH
+ */
+ if (hash_head != NIL && s->strstart - hash_head <= MAX_DIST(s)) {
+ /* To simplify the code, we prevent matches with the string
+ * of window index 0 (in particular we have to avoid a match
+ * of the string with itself at the start of the input file).
+ */
+ s->match_length = longest_match (s, hash_head);
+ /* longest_match() sets match_start */
+ }
+ if (s->match_length >= MIN_MATCH) {
+ check_match(s, s->strstart, s->match_start, s->match_length);
+
+ _tr_tally_dist(s, s->strstart - s->match_start,
+ s->match_length - MIN_MATCH, bflush);
+
+ s->lookahead -= s->match_length;
+
+ /* Insert new strings in the hash table only if the match length
+ * is not too large. This saves time but degrades compression.
+ */
+#ifndef FASTEST
+ if (s->match_length <= s->max_insert_length &&
+ s->lookahead >= MIN_MATCH) {
+ s->match_length--; /* string at strstart already in table */
+ do {
+ s->strstart++;
+ INSERT_STRING(s, s->strstart, hash_head);
+ /* strstart never exceeds WSIZE-MAX_MATCH, so there are
+ * always MIN_MATCH bytes ahead.
+ */
+ } while (--s->match_length != 0);
+ s->strstart++;
+ } else
+#endif
+ {
+ s->strstart += s->match_length;
+ s->match_length = 0;
+ s->ins_h = s->window[s->strstart];
+ UPDATE_HASH(s, s->ins_h, s->window[s->strstart+1]);
+#if MIN_MATCH != 3
+ Call UPDATE_HASH() MIN_MATCH-3 more times
+#endif
+ /* If lookahead < MIN_MATCH, ins_h is garbage, but it does not
+ * matter since it will be recomputed at next deflate call.
+ */
+ }
+ } else {
+ /* No match, output a literal byte */
+ Tracevv((stderr,"%c", s->window[s->strstart]));
+ _tr_tally_lit (s, s->window[s->strstart], bflush);
+ s->lookahead--;
+ s->strstart++;
+ }
+ if (bflush) FLUSH_BLOCK(s, 0);
+ }
+ FLUSH_BLOCK(s, flush == Z_FINISH);
+ return flush == Z_FINISH ? finish_done : block_done;
+}
+
+#ifndef FASTEST
+/* ===========================================================================
+ * Same as above, but achieves better compression. We use a lazy
+ * evaluation for matches: a match is finally adopted only if there is
+ * no better match at the next window position.
+ */
+local block_state deflate_slow(s, flush)
+ deflate_state *s;
+ int flush;
+{
+ IPos hash_head; /* head of hash chain */
+ int bflush; /* set if current block must be flushed */
+
+ /* Process the input block. */
+ for (;;) {
+ /* Make sure that we always have enough lookahead, except
+ * at the end of the input file. We need MAX_MATCH bytes
+ * for the next match, plus MIN_MATCH bytes to insert the
+ * string following the next match.
+ */
+ if (s->lookahead < MIN_LOOKAHEAD) {
+ fill_window(s);
+ if (s->lookahead < MIN_LOOKAHEAD && flush == Z_NO_FLUSH) {
+ return need_more;
+ }
+ if (s->lookahead == 0) break; /* flush the current block */
+ }
+
+ /* Insert the string window[strstart .. strstart+2] in the
+ * dictionary, and set hash_head to the head of the hash chain:
+ */
+ hash_head = NIL;
+ if (s->lookahead >= MIN_MATCH) {
+ INSERT_STRING(s, s->strstart, hash_head);
+ }
+
+ /* Find the longest match, discarding those <= prev_length.
+ */
+ s->prev_length = s->match_length, s->prev_match = s->match_start;
+ s->match_length = MIN_MATCH-1;
+
+ if (hash_head != NIL && s->prev_length < s->max_lazy_match &&
+ s->strstart - hash_head <= MAX_DIST(s)) {
+ /* To simplify the code, we prevent matches with the string
+ * of window index 0 (in particular we have to avoid a match
+ * of the string with itself at the start of the input file).
+ */
+ s->match_length = longest_match (s, hash_head);
+ /* longest_match() sets match_start */
+
+ if (s->match_length <= 5 && (s->strategy == Z_FILTERED
+#if TOO_FAR <= 32767
+ || (s->match_length == MIN_MATCH &&
+ s->strstart - s->match_start > TOO_FAR)
+#endif
+ )) {
+
+ /* If prev_match is also MIN_MATCH, match_start is garbage
+ * but we will ignore the current match anyway.
+ */
+ s->match_length = MIN_MATCH-1;
+ }
+ }
+ /* If there was a match at the previous step and the current
+ * match is not better, output the previous match:
+ */
+ if (s->prev_length >= MIN_MATCH && s->match_length <= s->prev_length) {
+ uInt max_insert = s->strstart + s->lookahead - MIN_MATCH;
+ /* Do not insert strings in hash table beyond this. */
+
+ check_match(s, s->strstart-1, s->prev_match, s->prev_length);
+
+ _tr_tally_dist(s, s->strstart -1 - s->prev_match,
+ s->prev_length - MIN_MATCH, bflush);
+
+ /* Insert in hash table all strings up to the end of the match.
+ * strstart-1 and strstart are already inserted. If there is not
+ * enough lookahead, the last two strings are not inserted in
+ * the hash table.
+ */
+ s->lookahead -= s->prev_length-1;
+ s->prev_length -= 2;
+ do {
+ if (++s->strstart <= max_insert) {
+ INSERT_STRING(s, s->strstart, hash_head);
+ }
+ } while (--s->prev_length != 0);
+ s->match_available = 0;
+ s->match_length = MIN_MATCH-1;
+ s->strstart++;
+
+ if (bflush) FLUSH_BLOCK(s, 0);
+
+ } else if (s->match_available) {
+ /* If there was no match at the previous position, output a
+ * single literal. If there was a match but the current match
+ * is longer, truncate the previous match to a single literal.
+ */
+ Tracevv((stderr,"%c", s->window[s->strstart-1]));
+ _tr_tally_lit(s, s->window[s->strstart-1], bflush);
+ if (bflush) {
+ FLUSH_BLOCK_ONLY(s, 0);
+ }
+ s->strstart++;
+ s->lookahead--;
+ if (s->strm->avail_out == 0) return need_more;
+ } else {
+ /* There is no previous match to compare with, wait for
+ * the next step to decide.
+ */
+ s->match_available = 1;
+ s->strstart++;
+ s->lookahead--;
+ }
+ }
+ Assert (flush != Z_NO_FLUSH, "no flush?");
+ if (s->match_available) {
+ Tracevv((stderr,"%c", s->window[s->strstart-1]));
+ _tr_tally_lit(s, s->window[s->strstart-1], bflush);
+ s->match_available = 0;
+ }
+ FLUSH_BLOCK(s, flush == Z_FINISH);
+ return flush == Z_FINISH ? finish_done : block_done;
+}
+#endif /* FASTEST */
+
+/* ===========================================================================
+ * For Z_RLE, simply look for runs of bytes, generate matches only of distance
+ * one. Do not maintain a hash table. (It will be regenerated if this run of
+ * deflate switches away from Z_RLE.)
+ */
+local block_state deflate_rle(s, flush)
+ deflate_state *s;
+ int flush;
+{
+ int bflush; /* set if current block must be flushed */
+ uInt prev; /* byte at distance one to match */
+ Bytef *scan, *strend; /* scan goes up to strend for length of run */
+
+ for (;;) {
+ /* Make sure that we always have enough lookahead, except
+ * at the end of the input file. We need MAX_MATCH bytes
+ * for the longest encodable run.
+ */
+ if (s->lookahead < MAX_MATCH) {
+ fill_window(s);
+ if (s->lookahead < MAX_MATCH && flush == Z_NO_FLUSH) {
+ return need_more;
+ }
+ if (s->lookahead == 0) break; /* flush the current block */
+ }
+
+ /* See how many times the previous byte repeats */
+ s->match_length = 0;
+ if (s->lookahead >= MIN_MATCH && s->strstart > 0) {
+ scan = s->window + s->strstart - 1;
+ prev = *scan;
+ if (prev == *++scan && prev == *++scan && prev == *++scan) {
+ strend = s->window + s->strstart + MAX_MATCH;
+ do {
+ } while (prev == *++scan && prev == *++scan &&
+ prev == *++scan && prev == *++scan &&
+ prev == *++scan && prev == *++scan &&
+ prev == *++scan && prev == *++scan &&
+ scan < strend);
+ s->match_length = MAX_MATCH - (int)(strend - scan);
+ if (s->match_length > s->lookahead)
+ s->match_length = s->lookahead;
+ }
+ }
+
+ /* Emit match if have run of MIN_MATCH or longer, else emit literal */
+ if (s->match_length >= MIN_MATCH) {
+ check_match(s, s->strstart, s->strstart - 1, s->match_length);
+
+ _tr_tally_dist(s, 1, s->match_length - MIN_MATCH, bflush);
+
+ s->lookahead -= s->match_length;
+ s->strstart += s->match_length;
+ s->match_length = 0;
+ } else {
+ /* No match, output a literal byte */
+ Tracevv((stderr,"%c", s->window[s->strstart]));
+ _tr_tally_lit (s, s->window[s->strstart], bflush);
+ s->lookahead--;
+ s->strstart++;
+ }
+ if (bflush) FLUSH_BLOCK(s, 0);
+ }
+ FLUSH_BLOCK(s, flush == Z_FINISH);
+ return flush == Z_FINISH ? finish_done : block_done;
+}
+
+/* ===========================================================================
+ * For Z_HUFFMAN_ONLY, do not look for matches. Do not maintain a hash table.
+ * (It will be regenerated if this run of deflate switches away from Huffman.)
+ */
+local block_state deflate_huff(s, flush)
+ deflate_state *s;
+ int flush;
+{
+ int bflush; /* set if current block must be flushed */
+
+ for (;;) {
+ /* Make sure that we have a literal to write. */
+ if (s->lookahead == 0) {
+ fill_window(s);
+ if (s->lookahead == 0) {
+ if (flush == Z_NO_FLUSH)
+ return need_more;
+ break; /* flush the current block */
+ }
+ }
+
+ /* Output a literal byte */
+ s->match_length = 0;
+ Tracevv((stderr,"%c", s->window[s->strstart]));
+ _tr_tally_lit (s, s->window[s->strstart], bflush);
+ s->lookahead--;
+ s->strstart++;
+ if (bflush) FLUSH_BLOCK(s, 0);
+ }
+ FLUSH_BLOCK(s, flush == Z_FINISH);
+ return flush == Z_FINISH ? finish_done : block_done;
+}
Added: trunk/contrib/sudo/zlib/deflate.h
===================================================================
--- trunk/contrib/sudo/zlib/deflate.h (rev 0)
+++ trunk/contrib/sudo/zlib/deflate.h 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,342 @@
+/* deflate.h -- internal compression state
+ * Copyright (C) 1995-2010 Jean-loup Gailly
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/* WARNING: this file should *not* be used by applications. It is
+ part of the implementation of the compression library and is
+ subject to change. Applications should only use zlib.h.
+ */
+
+/* @(#) $Id$ */
+
+#ifndef DEFLATE_H
+#define DEFLATE_H
+
+#include "zutil.h"
+
+/* define NO_GZIP when compiling if you want to disable gzip header and
+ trailer creation by deflate(). NO_GZIP would be used to avoid linking in
+ the crc code when it is not needed. For shared libraries, gzip encoding
+ should be left enabled. */
+#ifndef NO_GZIP
+# define GZIP
+#endif
+
+/* ===========================================================================
+ * Internal compression state.
+ */
+
+#define LENGTH_CODES 29
+/* number of length codes, not counting the special END_BLOCK code */
+
+#define LITERALS 256
+/* number of literal bytes 0..255 */
+
+#define L_CODES (LITERALS+1+LENGTH_CODES)
+/* number of Literal or Length codes, including the END_BLOCK code */
+
+#define D_CODES 30
+/* number of distance codes */
+
+#define BL_CODES 19
+/* number of codes used to transfer the bit lengths */
+
+#define HEAP_SIZE (2*L_CODES+1)
+/* maximum heap size */
+
+#define MAX_BITS 15
+/* All codes must not exceed MAX_BITS bits */
+
+#define INIT_STATE 42
+#define EXTRA_STATE 69
+#define NAME_STATE 73
+#define COMMENT_STATE 91
+#define HCRC_STATE 103
+#define BUSY_STATE 113
+#define FINISH_STATE 666
+/* Stream status */
+
+
+/* Data structure describing a single value and its code string. */
+typedef struct ct_data_s {
+ union {
+ ush freq; /* frequency count */
+ ush code; /* bit string */
+ } fc;
+ union {
+ ush dad; /* father node in Huffman tree */
+ ush len; /* length of bit string */
+ } dl;
+} FAR ct_data;
+
+#define Freq fc.freq
+#define Code fc.code
+#define Dad dl.dad
+#define Len dl.len
+
+typedef struct static_tree_desc_s static_tree_desc;
+
+typedef struct tree_desc_s {
+ ct_data *dyn_tree; /* the dynamic tree */
+ int max_code; /* largest code with non zero frequency */
+ static_tree_desc *stat_desc; /* the corresponding static tree */
+} FAR tree_desc;
+
+typedef ush Pos;
+typedef Pos FAR Posf;
+typedef unsigned IPos;
+
+/* A Pos is an index in the character window. We use short instead of int to
+ * save space in the various tables. IPos is used only for parameter passing.
+ */
+
+typedef struct internal_state {
+ z_streamp strm; /* pointer back to this zlib stream */
+ int status; /* as the name implies */
+ Bytef *pending_buf; /* output still pending */
+ ulg pending_buf_size; /* size of pending_buf */
+ Bytef *pending_out; /* next pending byte to output to the stream */
+ uInt pending; /* nb of bytes in the pending buffer */
+ int wrap; /* bit 0 true for zlib, bit 1 true for gzip */
+ gz_headerp gzhead; /* gzip header information to write */
+ uInt gzindex; /* where in extra, name, or comment */
+ Byte method; /* STORED (for zip only) or DEFLATED */
+ int last_flush; /* value of flush param for previous deflate call */
+
+ /* used by deflate.c: */
+
+ uInt w_size; /* LZ77 window size (32K by default) */
+ uInt w_bits; /* log2(w_size) (8..16) */
+ uInt w_mask; /* w_size - 1 */
+
+ Bytef *window;
+ /* Sliding window. Input bytes are read into the second half of the window,
+ * and move to the first half later to keep a dictionary of at least wSize
+ * bytes. With this organization, matches are limited to a distance of
+ * wSize-MAX_MATCH bytes, but this ensures that IO is always
+ * performed with a length multiple of the block size. Also, it limits
+ * the window size to 64K, which is quite useful on MSDOS.
+ * To do: use the user input buffer as sliding window.
+ */
+
+ ulg window_size;
+ /* Actual size of window: 2*wSize, except when the user input buffer
+ * is directly used as sliding window.
+ */
+
+ Posf *prev;
+ /* Link to older string with same hash index. To limit the size of this
+ * array to 64K, this link is maintained only for the last 32K strings.
+ * An index in this array is thus a window index modulo 32K.
+ */
+
+ Posf *head; /* Heads of the hash chains or NIL. */
+
+ uInt ins_h; /* hash index of string to be inserted */
+ uInt hash_size; /* number of elements in hash table */
+ uInt hash_bits; /* log2(hash_size) */
+ uInt hash_mask; /* hash_size-1 */
+
+ uInt hash_shift;
+ /* Number of bits by which ins_h must be shifted at each input
+ * step. It must be such that after MIN_MATCH steps, the oldest
+ * byte no longer takes part in the hash key, that is:
+ * hash_shift * MIN_MATCH >= hash_bits
+ */
+
+ long block_start;
+ /* Window position at the beginning of the current output block. Gets
+ * negative when the window is moved backwards.
+ */
+
+ uInt match_length; /* length of best match */
+ IPos prev_match; /* previous match */
+ int match_available; /* set if previous match exists */
+ uInt strstart; /* start of string to insert */
+ uInt match_start; /* start of matching string */
+ uInt lookahead; /* number of valid bytes ahead in window */
+
+ uInt prev_length;
+ /* Length of the best match at previous step. Matches not greater than this
+ * are discarded. This is used in the lazy match evaluation.
+ */
+
+ uInt max_chain_length;
+ /* To speed up deflation, hash chains are never searched beyond this
+ * length. A higher limit improves compression ratio but degrades the
+ * speed.
+ */
+
+ uInt max_lazy_match;
+ /* Attempt to find a better match only when the current match is strictly
+ * smaller than this value. This mechanism is used only for compression
+ * levels >= 4.
+ */
+# define max_insert_length max_lazy_match
+ /* Insert new strings in the hash table only if the match length is not
+ * greater than this length. This saves time but degrades compression.
+ * max_insert_length is used only for compression levels <= 3.
+ */
+
+ int level; /* compression level (1..9) */
+ int strategy; /* favor or force Huffman coding*/
+
+ uInt good_match;
+ /* Use a faster search when the previous match is longer than this */
+
+ int nice_match; /* Stop searching when current match exceeds this */
+
+ /* used by trees.c: */
+ /* Didn't use ct_data typedef below to supress compiler warning */
+ struct ct_data_s dyn_ltree[HEAP_SIZE]; /* literal and length tree */
+ struct ct_data_s dyn_dtree[2*D_CODES+1]; /* distance tree */
+ struct ct_data_s bl_tree[2*BL_CODES+1]; /* Huffman tree for bit lengths */
+
+ struct tree_desc_s l_desc; /* desc. for literal tree */
+ struct tree_desc_s d_desc; /* desc. for distance tree */
+ struct tree_desc_s bl_desc; /* desc. for bit length tree */
+
+ ush bl_count[MAX_BITS+1];
+ /* number of codes at each bit length for an optimal tree */
+
+ int heap[2*L_CODES+1]; /* heap used to build the Huffman trees */
+ int heap_len; /* number of elements in the heap */
+ int heap_max; /* element of largest frequency */
+ /* The sons of heap[n] are heap[2*n] and heap[2*n+1]. heap[0] is not used.
+ * The same heap array is used to build all trees.
+ */
+
+ uch depth[2*L_CODES+1];
+ /* Depth of each subtree used as tie breaker for trees of equal frequency
+ */
+
+ uchf *l_buf; /* buffer for literals or lengths */
+
+ uInt lit_bufsize;
+ /* Size of match buffer for literals/lengths. There are 4 reasons for
+ * limiting lit_bufsize to 64K:
+ * - frequencies can be kept in 16 bit counters
+ * - if compression is not successful for the first block, all input
+ * data is still in the window so we can still emit a stored block even
+ * when input comes from standard input. (This can also be done for
+ * all blocks if lit_bufsize is not greater than 32K.)
+ * - if compression is not successful for a file smaller than 64K, we can
+ * even emit a stored file instead of a stored block (saving 5 bytes).
+ * This is applicable only for zip (not gzip or zlib).
+ * - creating new Huffman trees less frequently may not provide fast
+ * adaptation to changes in the input data statistics. (Take for
+ * example a binary file with poorly compressible code followed by
+ * a highly compressible string table.) Smaller buffer sizes give
+ * fast adaptation but have of course the overhead of transmitting
+ * trees more frequently.
+ * - I can't count above 4
+ */
+
+ uInt last_lit; /* running index in l_buf */
+
+ ushf *d_buf;
+ /* Buffer for distances. To simplify the code, d_buf and l_buf have
+ * the same number of elements. To use different lengths, an extra flag
+ * array would be necessary.
+ */
+
+ ulg opt_len; /* bit length of current block with optimal trees */
+ ulg static_len; /* bit length of current block with static trees */
+ uInt matches; /* number of string matches in current block */
+ int last_eob_len; /* bit length of EOB code for last block */
+
+#ifdef DEBUG
+ ulg compressed_len; /* total bit length of compressed file mod 2^32 */
+ ulg bits_sent; /* bit length of compressed data sent mod 2^32 */
+#endif
+
+ ush bi_buf;
+ /* Output buffer. bits are inserted starting at the bottom (least
+ * significant bits).
+ */
+ int bi_valid;
+ /* Number of valid bits in bi_buf. All bits above the last valid bit
+ * are always zero.
+ */
+
+ ulg high_water;
+ /* High water mark offset in window for initialized bytes -- bytes above
+ * this are set to zero in order to avoid memory check warnings when
+ * longest match routines access bytes past the input. This is then
+ * updated to the new high water mark.
+ */
+
+} FAR deflate_state;
+
+/* Output a byte on the stream.
+ * IN assertion: there is enough room in pending_buf.
+ */
+#define put_byte(s, c) {s->pending_buf[s->pending++] = (c);}
+
+
+#define MIN_LOOKAHEAD (MAX_MATCH+MIN_MATCH+1)
+/* Minimum amount of lookahead, except at the end of the input file.
+ * See deflate.c for comments about the MIN_MATCH+1.
+ */
+
+#define MAX_DIST(s) ((s)->w_size-MIN_LOOKAHEAD)
+/* In order to simplify the code, particularly on 16 bit machines, match
+ * distances are limited to MAX_DIST instead of WSIZE.
+ */
+
+#define WIN_INIT MAX_MATCH
+/* Number of bytes after end of data in window to initialize in order to avoid
+ memory checker errors from longest match routines */
+
+ /* in trees.c */
+void ZLIB_INTERNAL _tr_init OF((deflate_state *s));
+int ZLIB_INTERNAL _tr_tally OF((deflate_state *s, unsigned dist, unsigned lc));
+void ZLIB_INTERNAL _tr_flush_block OF((deflate_state *s, charf *buf,
+ ulg stored_len, int last));
+void ZLIB_INTERNAL _tr_align OF((deflate_state *s));
+void ZLIB_INTERNAL _tr_stored_block OF((deflate_state *s, charf *buf,
+ ulg stored_len, int last));
+
+#define d_code(dist) \
+ ((dist) < 256 ? _dist_code[dist] : _dist_code[256+((dist)>>7)])
+/* Mapping from a distance to a distance code. dist is the distance - 1 and
+ * must not have side effects. _dist_code[256] and _dist_code[257] are never
+ * used.
+ */
+
+#ifndef DEBUG
+/* Inline versions of _tr_tally for speed: */
+
+#if defined(GEN_TREES_H) || !defined(STDC)
+ extern uch ZLIB_INTERNAL _length_code[];
+ extern uch ZLIB_INTERNAL _dist_code[];
+#else
+ extern const uch ZLIB_INTERNAL _length_code[];
+ extern const uch ZLIB_INTERNAL _dist_code[];
+#endif
+
+# define _tr_tally_lit(s, c, flush) \
+ { uch cc = (c); \
+ s->d_buf[s->last_lit] = 0; \
+ s->l_buf[s->last_lit++] = cc; \
+ s->dyn_ltree[cc].Freq++; \
+ flush = (s->last_lit == s->lit_bufsize-1); \
+ }
+# define _tr_tally_dist(s, distance, length, flush) \
+ { uch len = (length); \
+ ush dist = (distance); \
+ s->d_buf[s->last_lit] = dist; \
+ s->l_buf[s->last_lit++] = len; \
+ dist--; \
+ s->dyn_ltree[_length_code[len]+LITERALS+1].Freq++; \
+ s->dyn_dtree[d_code(dist)].Freq++; \
+ flush = (s->last_lit == s->lit_bufsize-1); \
+ }
+#else
+# define _tr_tally_lit(s, c, flush) flush = _tr_tally(s, 0, c)
+# define _tr_tally_dist(s, distance, length, flush) \
+ flush = _tr_tally(s, distance, length)
+#endif
+
+#endif /* DEFLATE_H */
Added: trunk/contrib/sudo/zlib/gzclose.c
===================================================================
--- trunk/contrib/sudo/zlib/gzclose.c (rev 0)
+++ trunk/contrib/sudo/zlib/gzclose.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,25 @@
+/* gzclose.c -- zlib gzclose() function
+ * Copyright (C) 2004, 2010 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+#include "gzguts.h"
+
+/* gzclose() is in a separate file so that it is linked in only if it is used.
+ That way the other gzclose functions can be used instead to avoid linking in
+ unneeded compression or decompression routines. */
+int ZEXPORT gzclose(file)
+ gzFile file;
+{
+#ifndef NO_GZCOMPRESS
+ gz_statep state;
+
+ if (file == NULL)
+ return Z_STREAM_ERROR;
+ state = (gz_statep)file;
+
+ return state->mode == GZ_READ ? gzclose_r(file) : gzclose_w(file);
+#else
+ return gzclose_r(file);
+#endif
+}
Added: trunk/contrib/sudo/zlib/gzguts.h
===================================================================
--- trunk/contrib/sudo/zlib/gzguts.h (rev 0)
+++ trunk/contrib/sudo/zlib/gzguts.h 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,132 @@
+/* gzguts.h -- zlib internal header definitions for gz* operations
+ * Copyright (C) 2004, 2005, 2010 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+#ifdef _LARGEFILE64_SOURCE
+# ifndef _LARGEFILE_SOURCE
+# define _LARGEFILE_SOURCE 1
+# endif
+# ifdef _FILE_OFFSET_BITS
+# undef _FILE_OFFSET_BITS
+# endif
+#endif
+
+#if ((__GNUC__-0) * 10 + __GNUC_MINOR__-0 >= 33) && !defined(NO_VIZ)
+# define ZLIB_INTERNAL __attribute__((visibility ("hidden")))
+#else
+# define ZLIB_INTERNAL
+#endif
+
+#include "zlib.h"
+#include <stdio.h>
+#ifdef STDC
+# include <string.h>
+# include <stdlib.h>
+# include <limits.h>
+#endif
+#include <fcntl.h>
+
+#ifdef NO_DEFLATE /* for compatibility with old definition */
+# define NO_GZCOMPRESS
+#endif
+
+#ifdef _MSC_VER
+# include <io.h>
+# define vsnprintf _vsnprintf
+#endif
+
+#ifndef local
+# define local static
+#endif
+/* compile with -Dlocal if your debugger can't find static symbols */
+
+/* gz* functions always use library allocation functions */
+#ifndef STDC
+ extern voidp malloc OF((uInt size));
+ extern void free OF((voidpf ptr));
+#endif
+
+/* get errno and strerror definition */
+#if defined UNDER_CE
+# include <windows.h>
+# define zstrerror() gz_strwinerror((DWORD)GetLastError())
+#else
+# ifdef STDC
+# include <errno.h>
+# define zstrerror() strerror(errno)
+# else
+# define zstrerror() "stdio error (consult errno)"
+# endif
+#endif
+
+/* provide prototypes for these when building zlib without LFS */
+#if !defined(_LARGEFILE64_SOURCE) || _LFS64_LARGEFILE-0 == 0
+ ZEXTERN gzFile ZEXPORT gzopen64 OF((const char *, const char *));
+ ZEXTERN z_off64_t ZEXPORT gzseek64 OF((gzFile, z_off64_t, int));
+ ZEXTERN z_off64_t ZEXPORT gztell64 OF((gzFile));
+ ZEXTERN z_off64_t ZEXPORT gzoffset64 OF((gzFile));
+#endif
+
+/* default i/o buffer size -- double this for output when reading */
+#define GZBUFSIZE 8192
+
+/* gzip modes, also provide a little integrity check on the passed structure */
+#define GZ_NONE 0
+#define GZ_READ 7247
+#define GZ_WRITE 31153
+#define GZ_APPEND 1 /* mode set to GZ_WRITE after the file is opened */
+
+/* values for gz_state how */
+#define LOOK 0 /* look for a gzip header */
+#define COPY 1 /* copy input directly */
+#define GZIP 2 /* decompress a gzip stream */
+
+/* internal gzip file state data structure */
+typedef struct {
+ /* used for both reading and writing */
+ int mode; /* see gzip modes above */
+ int fd; /* file descriptor */
+ char *path; /* path or fd for error messages */
+ z_off64_t pos; /* current position in uncompressed data */
+ unsigned size; /* buffer size, zero if not allocated yet */
+ unsigned want; /* requested buffer size, default is GZBUFSIZE */
+ unsigned char *in; /* input buffer */
+ unsigned char *out; /* output buffer (double-sized when reading) */
+ unsigned char *next; /* next output data to deliver or write */
+ /* just for reading */
+ unsigned have; /* amount of output data unused at next */
+ int eof; /* true if end of input file reached */
+ z_off64_t start; /* where the gzip data started, for rewinding */
+ z_off64_t raw; /* where the raw data started, for seeking */
+ int how; /* 0: get header, 1: copy, 2: decompress */
+ int direct; /* true if last read direct, false if gzip */
+ /* just for writing */
+ int level; /* compression level */
+ int strategy; /* compression strategy */
+ /* seek request */
+ z_off64_t skip; /* amount to skip (already rewound if backwards) */
+ int seek; /* true if seek request pending */
+ /* error information */
+ int err; /* error code */
+ char *msg; /* error message */
+ /* zlib inflate or deflate stream */
+ z_stream strm; /* stream structure in-place (not a pointer) */
+} gz_state;
+typedef gz_state FAR *gz_statep;
+
+/* shared functions */
+void ZLIB_INTERNAL gz_error OF((gz_statep, int, const char *));
+#if defined UNDER_CE
+char ZLIB_INTERNAL *gz_strwinerror OF((DWORD error));
+#endif
+
+/* GT_OFF(x), where x is an unsigned value, is true if x > maximum z_off64_t
+ value -- needed when comparing unsigned to z_off64_t, which is signed
+ (possible z_off64_t types off_t, off64_t, and long are all signed) */
+#ifdef INT_MAX
+# define GT_OFF(x) (sizeof(int) == sizeof(z_off64_t) && (x) > INT_MAX)
+#else
+unsigned ZLIB_INTERNAL gz_intmax OF((void));
+# define GT_OFF(x) (sizeof(int) == sizeof(z_off64_t) && (x) > gz_intmax())
+#endif
Added: trunk/contrib/sudo/zlib/gzlib.c
===================================================================
--- trunk/contrib/sudo/zlib/gzlib.c (rev 0)
+++ trunk/contrib/sudo/zlib/gzlib.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,537 @@
+/* gzlib.c -- zlib functions common to reading and writing gzip files
+ * Copyright (C) 2004, 2010 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+#include "gzguts.h"
+
+#if defined(_LARGEFILE64_SOURCE) && _LFS64_LARGEFILE-0
+# define LSEEK lseek64
+#else
+# define LSEEK lseek
+#endif
+
+/* Local functions */
+local void gz_reset OF((gz_statep));
+local gzFile gz_open OF((const char *, int, const char *));
+
+#if defined UNDER_CE
+
+/* Map the Windows error number in ERROR to a locale-dependent error message
+ string and return a pointer to it. Typically, the values for ERROR come
+ from GetLastError.
+
+ The string pointed to shall not be modified by the application, but may be
+ overwritten by a subsequent call to gz_strwinerror
+
+ The gz_strwinerror function does not change the current setting of
+ GetLastError. */
+char ZLIB_INTERNAL *gz_strwinerror (error)
+ DWORD error;
+{
+ static char buf[1024];
+
+ wchar_t *msgbuf;
+ DWORD lasterr = GetLastError();
+ DWORD chars = FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM
+ | FORMAT_MESSAGE_ALLOCATE_BUFFER,
+ NULL,
+ error,
+ 0, /* Default language */
+ (LPVOID)&msgbuf,
+ 0,
+ NULL);
+ if (chars != 0) {
+ /* If there is an \r\n appended, zap it. */
+ if (chars >= 2
+ && msgbuf[chars - 2] == '\r' && msgbuf[chars - 1] == '\n') {
+ chars -= 2;
+ msgbuf[chars] = 0;
+ }
+
+ if (chars > sizeof (buf) - 1) {
+ chars = sizeof (buf) - 1;
+ msgbuf[chars] = 0;
+ }
+
+ wcstombs(buf, msgbuf, chars + 1);
+ LocalFree(msgbuf);
+ }
+ else {
+ sprintf(buf, "unknown win32 error (%ld)", error);
+ }
+
+ SetLastError(lasterr);
+ return buf;
+}
+
+#endif /* UNDER_CE */
+
+/* Reset gzip file state */
+local void gz_reset(state)
+ gz_statep state;
+{
+ if (state->mode == GZ_READ) { /* for reading ... */
+ state->have = 0; /* no output data available */
+ state->eof = 0; /* not at end of file */
+ state->how = LOOK; /* look for gzip header */
+ state->direct = 1; /* default for empty file */
+ }
+ state->seek = 0; /* no seek request pending */
+ gz_error(state, Z_OK, NULL); /* clear error */
+ state->pos = 0; /* no uncompressed data yet */
+ state->strm.avail_in = 0; /* no input data yet */
+}
+
+/* Open a gzip file either by name or file descriptor. */
+local gzFile gz_open(path, fd, mode)
+ const char *path;
+ int fd;
+ const char *mode;
+{
+ gz_statep state;
+
+ /* allocate gzFile structure to return */
+ state = malloc(sizeof(gz_state));
+ if (state == NULL)
+ return NULL;
+ state->size = 0; /* no buffers allocated yet */
+ state->want = GZBUFSIZE; /* requested buffer size */
+ state->msg = NULL; /* no error message yet */
+
+ /* interpret mode */
+ state->mode = GZ_NONE;
+ state->level = Z_DEFAULT_COMPRESSION;
+ state->strategy = Z_DEFAULT_STRATEGY;
+ while (*mode) {
+ if (*mode >= '0' && *mode <= '9')
+ state->level = *mode - '0';
+ else
+ switch (*mode) {
+ case 'r':
+ state->mode = GZ_READ;
+ break;
+#ifndef NO_GZCOMPRESS
+ case 'w':
+ state->mode = GZ_WRITE;
+ break;
+ case 'a':
+ state->mode = GZ_APPEND;
+ break;
+#endif
+ case '+': /* can't read and write at the same time */
+ free(state);
+ return NULL;
+ case 'b': /* ignore -- will request binary anyway */
+ break;
+ case 'f':
+ state->strategy = Z_FILTERED;
+ break;
+ case 'h':
+ state->strategy = Z_HUFFMAN_ONLY;
+ break;
+ case 'R':
+ state->strategy = Z_RLE;
+ break;
+ case 'F':
+ state->strategy = Z_FIXED;
+ default: /* could consider as an error, but just ignore */
+ ;
+ }
+ mode++;
+ }
+
+ /* must provide an "r", "w", or "a" */
+ if (state->mode == GZ_NONE) {
+ free(state);
+ return NULL;
+ }
+
+ /* save the path name for error messages */
+ state->path = malloc(strlen(path) + 1);
+ if (state->path == NULL) {
+ free(state);
+ return NULL;
+ }
+ strcpy(state->path, path);
+
+ /* open the file with the appropriate mode (or just use fd) */
+ state->fd = fd != -1 ? fd :
+ open(path,
+#ifdef O_LARGEFILE
+ O_LARGEFILE |
+#endif
+#ifdef O_BINARY
+ O_BINARY |
+#endif
+ (state->mode == GZ_READ ?
+ O_RDONLY :
+ (O_WRONLY | O_CREAT | (
+ state->mode == GZ_WRITE ?
+ O_TRUNC :
+ O_APPEND))),
+ 0666);
+ if (state->fd == -1) {
+ free(state->path);
+ free(state);
+ return NULL;
+ }
+ if (state->mode == GZ_APPEND)
+ state->mode = GZ_WRITE; /* simplify later checks */
+
+ /* save the current position for rewinding (only if reading) */
+ if (state->mode == GZ_READ) {
+ state->start = LSEEK(state->fd, 0, SEEK_CUR);
+ if (state->start == -1) state->start = 0;
+ }
+
+ /* initialize stream */
+ gz_reset(state);
+
+ /* return stream */
+ return (gzFile)state;
+}
+
+/* -- see zlib.h -- */
+gzFile ZEXPORT gzopen(path, mode)
+ const char *path;
+ const char *mode;
+{
+ return gz_open(path, -1, mode);
+}
+
+/* -- see zlib.h -- */
+gzFile ZEXPORT gzopen64(path, mode)
+ const char *path;
+ const char *mode;
+{
+ return gz_open(path, -1, mode);
+}
+
+/* -- see zlib.h -- */
+gzFile ZEXPORT gzdopen(fd, mode)
+ int fd;
+ const char *mode;
+{
+ char *path; /* identifier for error messages */
+ gzFile gz;
+
+ if (fd == -1 || (path = malloc(7 + 3 * sizeof(int))) == NULL)
+ return NULL;
+ sprintf(path, "<fd:%d>", fd); /* for debugging */
+ gz = gz_open(path, fd, mode);
+ free(path);
+ return gz;
+}
+
+/* -- see zlib.h -- */
+int ZEXPORT gzbuffer(file, size)
+ gzFile file;
+ unsigned size;
+{
+ gz_statep state;
+
+ /* get internal structure and check integrity */
+ if (file == NULL)
+ return -1;
+ state = (gz_statep)file;
+ if (state->mode != GZ_READ && state->mode != GZ_WRITE)
+ return -1;
+
+ /* make sure we haven't already allocated memory */
+ if (state->size != 0)
+ return -1;
+
+ /* check and set requested size */
+ if (size == 0)
+ return -1;
+ state->want = size;
+ return 0;
+}
+
+/* -- see zlib.h -- */
+int ZEXPORT gzrewind(file)
+ gzFile file;
+{
+ gz_statep state;
+
+ /* get internal structure */
+ if (file == NULL)
+ return -1;
+ state = (gz_statep)file;
+
+ /* check that we're reading and that there's no error */
+ if (state->mode != GZ_READ || state->err != Z_OK)
+ return -1;
+
+ /* back up and start over */
+ if (LSEEK(state->fd, state->start, SEEK_SET) == -1)
+ return -1;
+ gz_reset(state);
+ return 0;
+}
+
+/* -- see zlib.h -- */
+z_off64_t ZEXPORT gzseek64(file, offset, whence)
+ gzFile file;
+ z_off64_t offset;
+ int whence;
+{
+ unsigned n;
+ z_off64_t ret;
+ gz_statep state;
+
+ /* get internal structure and check integrity */
+ if (file == NULL)
+ return -1;
+ state = (gz_statep)file;
+ if (state->mode != GZ_READ && state->mode != GZ_WRITE)
+ return -1;
+
+ /* check that there's no error */
+ if (state->err != Z_OK)
+ return -1;
+
+ /* can only seek from start or relative to current position */
+ if (whence != SEEK_SET && whence != SEEK_CUR)
+ return -1;
+
+ /* normalize offset to a SEEK_CUR specification */
+ if (whence == SEEK_SET)
+ offset -= state->pos;
+ else if (state->seek)
+ offset += state->skip;
+ state->seek = 0;
+
+ /* if within raw area while reading, just go there */
+ if (state->mode == GZ_READ && state->how == COPY &&
+ state->pos + offset >= state->raw) {
+ ret = LSEEK(state->fd, offset - state->have, SEEK_CUR);
+ if (ret == -1)
+ return -1;
+ state->have = 0;
+ state->eof = 0;
+ state->seek = 0;
+ gz_error(state, Z_OK, NULL);
+ state->strm.avail_in = 0;
+ state->pos += offset;
+ return state->pos;
+ }
+
+ /* calculate skip amount, rewinding if needed for back seek when reading */
+ if (offset < 0) {
+ if (state->mode != GZ_READ) /* writing -- can't go backwards */
+ return -1;
+ offset += state->pos;
+ if (offset < 0) /* before start of file! */
+ return -1;
+ if (gzrewind(file) == -1) /* rewind, then skip to offset */
+ return -1;
+ }
+
+ /* if reading, skip what's in output buffer (one less gzgetc() check) */
+ if (state->mode == GZ_READ) {
+ n = GT_OFF(state->have) || (z_off64_t)state->have > offset ?
+ (unsigned)offset : state->have;
+ state->have -= n;
+ state->next += n;
+ state->pos += n;
+ offset -= n;
+ }
+
+ /* request skip (if not zero) */
+ if (offset) {
+ state->seek = 1;
+ state->skip = offset;
+ }
+ return state->pos + offset;
+}
+
+/* -- see zlib.h -- */
+z_off_t ZEXPORT gzseek(file, offset, whence)
+ gzFile file;
+ z_off_t offset;
+ int whence;
+{
+ z_off64_t ret;
+
+ ret = gzseek64(file, (z_off64_t)offset, whence);
+ return ret == (z_off_t)ret ? (z_off_t)ret : -1;
+}
+
+/* -- see zlib.h -- */
+z_off64_t ZEXPORT gztell64(file)
+ gzFile file;
+{
+ gz_statep state;
+
+ /* get internal structure and check integrity */
+ if (file == NULL)
+ return -1;
+ state = (gz_statep)file;
+ if (state->mode != GZ_READ && state->mode != GZ_WRITE)
+ return -1;
+
+ /* return position */
+ return state->pos + (state->seek ? state->skip : 0);
+}
+
+/* -- see zlib.h -- */
+z_off_t ZEXPORT gztell(file)
+ gzFile file;
+{
+ z_off64_t ret;
+
+ ret = gztell64(file);
+ return ret == (z_off_t)ret ? (z_off_t)ret : -1;
+}
+
+/* -- see zlib.h -- */
+z_off64_t ZEXPORT gzoffset64(file)
+ gzFile file;
+{
+ z_off64_t offset;
+ gz_statep state;
+
+ /* get internal structure and check integrity */
+ if (file == NULL)
+ return -1;
+ state = (gz_statep)file;
+ if (state->mode != GZ_READ && state->mode != GZ_WRITE)
+ return -1;
+
+ /* compute and return effective offset in file */
+ offset = LSEEK(state->fd, 0, SEEK_CUR);
+ if (offset == -1)
+ return -1;
+ if (state->mode == GZ_READ) /* reading */
+ offset -= state->strm.avail_in; /* don't count buffered input */
+ return offset;
+}
+
+/* -- see zlib.h -- */
+z_off_t ZEXPORT gzoffset(file)
+ gzFile file;
+{
+ z_off64_t ret;
+
+ ret = gzoffset64(file);
+ return ret == (z_off_t)ret ? (z_off_t)ret : -1;
+}
+
+/* -- see zlib.h -- */
+int ZEXPORT gzeof(file)
+ gzFile file;
+{
+ gz_statep state;
+
+ /* get internal structure and check integrity */
+ if (file == NULL)
+ return 0;
+ state = (gz_statep)file;
+ if (state->mode != GZ_READ && state->mode != GZ_WRITE)
+ return 0;
+
+ /* return end-of-file state */
+ return state->mode == GZ_READ ?
+ (state->eof && state->strm.avail_in == 0 && state->have == 0) : 0;
+}
+
+/* -- see zlib.h -- */
+const char * ZEXPORT gzerror(file, errnum)
+ gzFile file;
+ int *errnum;
+{
+ gz_statep state;
+
+ /* get internal structure and check integrity */
+ if (file == NULL)
+ return NULL;
+ state = (gz_statep)file;
+ if (state->mode != GZ_READ && state->mode != GZ_WRITE)
+ return NULL;
+
+ /* return error information */
+ if (errnum != NULL)
+ *errnum = state->err;
+ return state->msg == NULL ? "" : state->msg;
+}
+
+/* -- see zlib.h -- */
+void ZEXPORT gzclearerr(file)
+ gzFile file;
+{
+ gz_statep state;
+
+ /* get internal structure and check integrity */
+ if (file == NULL)
+ return;
+ state = (gz_statep)file;
+ if (state->mode != GZ_READ && state->mode != GZ_WRITE)
+ return;
+
+ /* clear error and end-of-file */
+ if (state->mode == GZ_READ)
+ state->eof = 0;
+ gz_error(state, Z_OK, NULL);
+}
+
+/* Create an error message in allocated memory and set state->err and
+ state->msg accordingly. Free any previous error message already there. Do
+ not try to free or allocate space if the error is Z_MEM_ERROR (out of
+ memory). Simply save the error message as a static string. If there is an
+ allocation failure constructing the error message, then convert the error to
+ out of memory. */
+void ZLIB_INTERNAL gz_error(state, err, msg)
+ gz_statep state;
+ int err;
+ const char *msg;
+{
+ /* free previously allocated message and clear */
+ if (state->msg != NULL) {
+ if (state->err != Z_MEM_ERROR)
+ free(state->msg);
+ state->msg = NULL;
+ }
+
+ /* set error code, and if no message, then done */
+ state->err = err;
+ if (msg == NULL)
+ return;
+
+ /* for an out of memory error, save as static string */
+ if (err == Z_MEM_ERROR) {
+ state->msg = (char *)msg;
+ return;
+ }
+
+ /* construct error message with path */
+ if ((state->msg = malloc(strlen(state->path) + strlen(msg) + 3)) == NULL) {
+ state->err = Z_MEM_ERROR;
+ state->msg = (char *)"out of memory";
+ return;
+ }
+ strcpy(state->msg, state->path);
+ strcat(state->msg, ": ");
+ strcat(state->msg, msg);
+ return;
+}
+
+#ifndef INT_MAX
+/* portably return maximum value for an int (when limits.h presumed not
+ available) -- we need to do this to cover cases where 2's complement not
+ used, since C standard permits 1's complement and sign-bit representations,
+ otherwise we could just use ((unsigned)-1) >> 1 */
+unsigned ZLIB_INTERNAL gz_intmax()
+{
+ unsigned p, q;
+
+ p = 1;
+ do {
+ q = p;
+ p <<= 1;
+ p++;
+ } while (p > q);
+ return q >> 1;
+}
+#endif
Added: trunk/contrib/sudo/zlib/gzread.c
===================================================================
--- trunk/contrib/sudo/zlib/gzread.c (rev 0)
+++ trunk/contrib/sudo/zlib/gzread.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,653 @@
+/* gzread.c -- zlib functions for reading gzip files
+ * Copyright (C) 2004, 2005, 2010 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+#include "gzguts.h"
+
+/* Local functions */
+local int gz_load OF((gz_statep, unsigned char *, unsigned, unsigned *));
+local int gz_avail OF((gz_statep));
+local int gz_next4 OF((gz_statep, unsigned long *));
+local int gz_head OF((gz_statep));
+local int gz_decomp OF((gz_statep));
+local int gz_make OF((gz_statep));
+local int gz_skip OF((gz_statep, z_off64_t));
+
+/* Use read() to load a buffer -- return -1 on error, otherwise 0. Read from
+ state->fd, and update state->eof, state->err, and state->msg as appropriate.
+ This function needs to loop on read(), since read() is not guaranteed to
+ read the number of bytes requested, depending on the type of descriptor. */
+local int gz_load(state, buf, len, have)
+ gz_statep state;
+ unsigned char *buf;
+ unsigned len;
+ unsigned *have;
+{
+ int ret;
+
+ *have = 0;
+ do {
+ ret = read(state->fd, buf + *have, len - *have);
+ if (ret <= 0)
+ break;
+ *have += ret;
+ } while (*have < len);
+ if (ret < 0) {
+ gz_error(state, Z_ERRNO, zstrerror());
+ return -1;
+ }
+ if (ret == 0)
+ state->eof = 1;
+ return 0;
+}
+
+/* Load up input buffer and set eof flag if last data loaded -- return -1 on
+ error, 0 otherwise. Note that the eof flag is set when the end of the input
+ file is reached, even though there may be unused data in the buffer. Once
+ that data has been used, no more attempts will be made to read the file.
+ gz_avail() assumes that strm->avail_in == 0. */
+local int gz_avail(state)
+ gz_statep state;
+{
+ z_streamp strm = &(state->strm);
+
+ if (state->err != Z_OK)
+ return -1;
+ if (state->eof == 0) {
+ if (gz_load(state, state->in, state->size,
+ (unsigned *)&(strm->avail_in)) == -1)
+ return -1;
+ strm->next_in = state->in;
+ }
+ return 0;
+}
+
+/* Get next byte from input, or -1 if end or error. */
+#define NEXT() ((strm->avail_in == 0 && gz_avail(state) == -1) ? -1 : \
+ (strm->avail_in == 0 ? -1 : \
+ (strm->avail_in--, *(strm->next_in)++)))
+
+/* Get a four-byte little-endian integer and return 0 on success and the value
+ in *ret. Otherwise -1 is returned and *ret is not modified. */
+local int gz_next4(state, ret)
+ gz_statep state;
+ unsigned long *ret;
+{
+ int ch;
+ unsigned long val;
+ z_streamp strm = &(state->strm);
+
+ val = NEXT();
+ val += (unsigned)NEXT() << 8;
+ val += (unsigned long)NEXT() << 16;
+ ch = NEXT();
+ if (ch == -1)
+ return -1;
+ val += (unsigned long)ch << 24;
+ *ret = val;
+ return 0;
+}
+
+/* Look for gzip header, set up for inflate or copy. state->have must be zero.
+ If this is the first time in, allocate required memory. state->how will be
+ left unchanged if there is no more input data available, will be set to COPY
+ if there is no gzip header and direct copying will be performed, or it will
+ be set to GZIP for decompression, and the gzip header will be skipped so
+ that the next available input data is the raw deflate stream. If direct
+ copying, then leftover input data from the input buffer will be copied to
+ the output buffer. In that case, all further file reads will be directly to
+ either the output buffer or a user buffer. If decompressing, the inflate
+ state and the check value will be initialized. gz_head() will return 0 on
+ success or -1 on failure. Failures may include read errors or gzip header
+ errors. */
+local int gz_head(state)
+ gz_statep state;
+{
+ z_streamp strm = &(state->strm);
+ int flags;
+ unsigned len;
+
+ /* allocate read buffers and inflate memory */
+ if (state->size == 0) {
+ /* allocate buffers */
+ state->in = malloc(state->want);
+ state->out = malloc(state->want << 1);
+ if (state->in == NULL || state->out == NULL) {
+ if (state->out != NULL)
+ free(state->out);
+ if (state->in != NULL)
+ free(state->in);
+ gz_error(state, Z_MEM_ERROR, "out of memory");
+ return -1;
+ }
+ state->size = state->want;
+
+ /* allocate inflate memory */
+ state->strm.zalloc = Z_NULL;
+ state->strm.zfree = Z_NULL;
+ state->strm.opaque = Z_NULL;
+ state->strm.avail_in = 0;
+ state->strm.next_in = Z_NULL;
+ if (inflateInit2(&(state->strm), -15) != Z_OK) { /* raw inflate */
+ free(state->out);
+ free(state->in);
+ state->size = 0;
+ gz_error(state, Z_MEM_ERROR, "out of memory");
+ return -1;
+ }
+ }
+
+ /* get some data in the input buffer */
+ if (strm->avail_in == 0) {
+ if (gz_avail(state) == -1)
+ return -1;
+ if (strm->avail_in == 0)
+ return 0;
+ }
+
+ /* look for the gzip magic header bytes 31 and 139 */
+ if (strm->next_in[0] == 31) {
+ strm->avail_in--;
+ strm->next_in++;
+ if (strm->avail_in == 0 && gz_avail(state) == -1)
+ return -1;
+ if (strm->avail_in && strm->next_in[0] == 139) {
+ /* we have a gzip header, woo hoo! */
+ strm->avail_in--;
+ strm->next_in++;
+
+ /* skip rest of header */
+ if (NEXT() != 8) { /* compression method */
+ gz_error(state, Z_DATA_ERROR, "unknown compression method");
+ return -1;
+ }
+ flags = NEXT();
+ if (flags & 0xe0) { /* reserved flag bits */
+ gz_error(state, Z_DATA_ERROR, "unknown header flags set");
+ return -1;
+ }
+ NEXT(); /* modification time */
+ NEXT();
+ NEXT();
+ NEXT();
+ NEXT(); /* extra flags */
+ NEXT(); /* operating system */
+ if (flags & 4) { /* extra field */
+ len = (unsigned)NEXT();
+ len += (unsigned)NEXT() << 8;
+ while (len--)
+ if (NEXT() < 0)
+ break;
+ }
+ if (flags & 8) /* file name */
+ while (NEXT() > 0)
+ ;
+ if (flags & 16) /* comment */
+ while (NEXT() > 0)
+ ;
+ if (flags & 2) { /* header crc */
+ NEXT();
+ NEXT();
+ }
+ /* an unexpected end of file is not checked for here -- it will be
+ noticed on the first request for uncompressed data */
+
+ /* set up for decompression */
+ inflateReset(strm);
+ strm->adler = crc32(0L, Z_NULL, 0);
+ state->how = GZIP;
+ state->direct = 0;
+ return 0;
+ }
+ else {
+ /* not a gzip file -- save first byte (31) and fall to raw i/o */
+ state->out[0] = 31;
+ state->have = 1;
+ }
+ }
+
+ /* doing raw i/o, save start of raw data for seeking, copy any leftover
+ input to output -- this assumes that the output buffer is larger than
+ the input buffer, which also assures space for gzungetc() */
+ state->raw = state->pos;
+ state->next = state->out;
+ if (strm->avail_in) {
+ memcpy(state->next + state->have, strm->next_in, strm->avail_in);
+ state->have += strm->avail_in;
+ strm->avail_in = 0;
+ }
+ state->how = COPY;
+ state->direct = 1;
+ return 0;
+}
+
+/* Decompress from input to the provided next_out and avail_out in the state.
+ If the end of the compressed data is reached, then verify the gzip trailer
+ check value and length (modulo 2^32). state->have and state->next are set
+ to point to the just decompressed data, and the crc is updated. If the
+ trailer is verified, state->how is reset to LOOK to look for the next gzip
+ stream or raw data, once state->have is depleted. Returns 0 on success, -1
+ on failure. Failures may include invalid compressed data or a failed gzip
+ trailer verification. */
+local int gz_decomp(state)
+ gz_statep state;
+{
+ int ret;
+ unsigned had;
+ unsigned long crc, len;
+ z_streamp strm = &(state->strm);
+
+ /* fill output buffer up to end of deflate stream */
+ had = strm->avail_out;
+ do {
+ /* get more input for inflate() */
+ if (strm->avail_in == 0 && gz_avail(state) == -1)
+ return -1;
+ if (strm->avail_in == 0) {
+ gz_error(state, Z_DATA_ERROR, "unexpected end of file");
+ return -1;
+ }
+
+ /* decompress and handle errors */
+ ret = inflate(strm, Z_NO_FLUSH);
+ if (ret == Z_STREAM_ERROR || ret == Z_NEED_DICT) {
+ gz_error(state, Z_STREAM_ERROR,
+ "internal error: inflate stream corrupt");
+ return -1;
+ }
+ if (ret == Z_MEM_ERROR) {
+ gz_error(state, Z_MEM_ERROR, "out of memory");
+ return -1;
+ }
+ if (ret == Z_DATA_ERROR) { /* deflate stream invalid */
+ gz_error(state, Z_DATA_ERROR,
+ strm->msg == NULL ? "compressed data error" : strm->msg);
+ return -1;
+ }
+ } while (strm->avail_out && ret != Z_STREAM_END);
+
+ /* update available output and crc check value */
+ state->have = had - strm->avail_out;
+ state->next = strm->next_out - state->have;
+ strm->adler = crc32(strm->adler, state->next, state->have);
+
+ /* check gzip trailer if at end of deflate stream */
+ if (ret == Z_STREAM_END) {
+ if (gz_next4(state, &crc) == -1 || gz_next4(state, &len) == -1) {
+ gz_error(state, Z_DATA_ERROR, "unexpected end of file");
+ return -1;
+ }
+ if (crc != strm->adler) {
+ gz_error(state, Z_DATA_ERROR, "incorrect data check");
+ return -1;
+ }
+ if (len != (strm->total_out & 0xffffffffL)) {
+ gz_error(state, Z_DATA_ERROR, "incorrect length check");
+ return -1;
+ }
+ state->how = LOOK; /* ready for next stream, once have is 0 (leave
+ state->direct unchanged to remember how) */
+ }
+
+ /* good decompression */
+ return 0;
+}
+
+/* Make data and put in the output buffer. Assumes that state->have == 0.
+ Data is either copied from the input file or decompressed from the input
+ file depending on state->how. If state->how is LOOK, then a gzip header is
+ looked for (and skipped if found) to determine wither to copy or decompress.
+ Returns -1 on error, otherwise 0. gz_make() will leave state->have as COPY
+ or GZIP unless the end of the input file has been reached and all data has
+ been processed. */
+local int gz_make(state)
+ gz_statep state;
+{
+ z_streamp strm = &(state->strm);
+
+ if (state->how == LOOK) { /* look for gzip header */
+ if (gz_head(state) == -1)
+ return -1;
+ if (state->have) /* got some data from gz_head() */
+ return 0;
+ }
+ if (state->how == COPY) { /* straight copy */
+ if (gz_load(state, state->out, state->size << 1, &(state->have)) == -1)
+ return -1;
+ state->next = state->out;
+ }
+ else if (state->how == GZIP) { /* decompress */
+ strm->avail_out = state->size << 1;
+ strm->next_out = state->out;
+ if (gz_decomp(state) == -1)
+ return -1;
+ }
+ return 0;
+}
+
+/* Skip len uncompressed bytes of output. Return -1 on error, 0 on success. */
+local int gz_skip(state, len)
+ gz_statep state;
+ z_off64_t len;
+{
+ unsigned n;
+
+ /* skip over len bytes or reach end-of-file, whichever comes first */
+ while (len)
+ /* skip over whatever is in output buffer */
+ if (state->have) {
+ n = GT_OFF(state->have) || (z_off64_t)state->have > len ?
+ (unsigned)len : state->have;
+ state->have -= n;
+ state->next += n;
+ state->pos += n;
+ len -= n;
+ }
+
+ /* output buffer empty -- return if we're at the end of the input */
+ else if (state->eof && state->strm.avail_in == 0)
+ break;
+
+ /* need more data to skip -- load up output buffer */
+ else {
+ /* get more output, looking for header if required */
+ if (gz_make(state) == -1)
+ return -1;
+ }
+ return 0;
+}
+
+/* -- see zlib.h -- */
+int ZEXPORT gzread(file, buf, len)
+ gzFile file;
+ voidp buf;
+ unsigned len;
+{
+ unsigned got, n;
+ gz_statep state;
+ z_streamp strm;
+
+ /* get internal structure */
+ if (file == NULL)
+ return -1;
+ state = (gz_statep)file;
+ strm = &(state->strm);
+
+ /* check that we're reading and that there's no error */
+ if (state->mode != GZ_READ || state->err != Z_OK)
+ return -1;
+
+ /* since an int is returned, make sure len fits in one, otherwise return
+ with an error (this avoids the flaw in the interface) */
+ if ((int)len < 0) {
+ gz_error(state, Z_BUF_ERROR, "requested length does not fit in int");
+ return -1;
+ }
+
+ /* if len is zero, avoid unnecessary operations */
+ if (len == 0)
+ return 0;
+
+ /* process a skip request */
+ if (state->seek) {
+ state->seek = 0;
+ if (gz_skip(state, state->skip) == -1)
+ return -1;
+ }
+
+ /* get len bytes to buf, or less than len if at the end */
+ got = 0;
+ do {
+ /* first just try copying data from the output buffer */
+ if (state->have) {
+ n = state->have > len ? len : state->have;
+ memcpy(buf, state->next, n);
+ state->next += n;
+ state->have -= n;
+ }
+
+ /* output buffer empty -- return if we're at the end of the input */
+ else if (state->eof && strm->avail_in == 0)
+ break;
+
+ /* need output data -- for small len or new stream load up our output
+ buffer */
+ else if (state->how == LOOK || len < (state->size << 1)) {
+ /* get more output, looking for header if required */
+ if (gz_make(state) == -1)
+ return -1;
+ continue; /* no progress yet -- go back to memcpy() above */
+ /* the copy above assures that we will leave with space in the
+ output buffer, allowing at least one gzungetc() to succeed */
+ }
+
+ /* large len -- read directly into user buffer */
+ else if (state->how == COPY) { /* read directly */
+ if (gz_load(state, buf, len, &n) == -1)
+ return -1;
+ }
+
+ /* large len -- decompress directly into user buffer */
+ else { /* state->how == GZIP */
+ strm->avail_out = len;
+ strm->next_out = buf;
+ if (gz_decomp(state) == -1)
+ return -1;
+ n = state->have;
+ state->have = 0;
+ }
+
+ /* update progress */
+ len -= n;
+ buf = (char *)buf + n;
+ got += n;
+ state->pos += n;
+ } while (len);
+
+ /* return number of bytes read into user buffer (will fit in int) */
+ return (int)got;
+}
+
+/* -- see zlib.h -- */
+int ZEXPORT gzgetc(file)
+ gzFile file;
+{
+ int ret;
+ unsigned char buf[1];
+ gz_statep state;
+
+ /* get internal structure */
+ if (file == NULL)
+ return -1;
+ state = (gz_statep)file;
+
+ /* check that we're reading and that there's no error */
+ if (state->mode != GZ_READ || state->err != Z_OK)
+ return -1;
+
+ /* try output buffer (no need to check for skip request) */
+ if (state->have) {
+ state->have--;
+ state->pos++;
+ return *(state->next)++;
+ }
+
+ /* nothing there -- try gzread() */
+ ret = gzread(file, buf, 1);
+ return ret < 1 ? -1 : buf[0];
+}
+
+/* -- see zlib.h -- */
+int ZEXPORT gzungetc(c, file)
+ int c;
+ gzFile file;
+{
+ gz_statep state;
+
+ /* get internal structure */
+ if (file == NULL)
+ return -1;
+ state = (gz_statep)file;
+
+ /* check that we're reading and that there's no error */
+ if (state->mode != GZ_READ || state->err != Z_OK)
+ return -1;
+
+ /* process a skip request */
+ if (state->seek) {
+ state->seek = 0;
+ if (gz_skip(state, state->skip) == -1)
+ return -1;
+ }
+
+ /* can't push EOF */
+ if (c < 0)
+ return -1;
+
+ /* if output buffer empty, put byte at end (allows more pushing) */
+ if (state->have == 0) {
+ state->have = 1;
+ state->next = state->out + (state->size << 1) - 1;
+ state->next[0] = c;
+ state->pos--;
+ return c;
+ }
+
+ /* if no room, give up (must have already done a gzungetc()) */
+ if (state->have == (state->size << 1)) {
+ gz_error(state, Z_BUF_ERROR, "out of room to push characters");
+ return -1;
+ }
+
+ /* slide output data if needed and insert byte before existing data */
+ if (state->next == state->out) {
+ unsigned char *src = state->out + state->have;
+ unsigned char *dest = state->out + (state->size << 1);
+ while (src > state->out)
+ *--dest = *--src;
+ state->next = dest;
+ }
+ state->have++;
+ state->next--;
+ state->next[0] = c;
+ state->pos--;
+ return c;
+}
+
+/* -- see zlib.h -- */
+char * ZEXPORT gzgets(file, buf, len)
+ gzFile file;
+ char *buf;
+ int len;
+{
+ unsigned left, n;
+ char *str;
+ unsigned char *eol;
+ gz_statep state;
+
+ /* check parameters and get internal structure */
+ if (file == NULL || buf == NULL || len < 1)
+ return NULL;
+ state = (gz_statep)file;
+
+ /* check that we're reading and that there's no error */
+ if (state->mode != GZ_READ || state->err != Z_OK)
+ return NULL;
+
+ /* process a skip request */
+ if (state->seek) {
+ state->seek = 0;
+ if (gz_skip(state, state->skip) == -1)
+ return NULL;
+ }
+
+ /* copy output bytes up to new line or len - 1, whichever comes first --
+ append a terminating zero to the string (we don't check for a zero in
+ the contents, let the user worry about that) */
+ str = buf;
+ left = (unsigned)len - 1;
+ if (left) do {
+ /* assure that something is in the output buffer */
+ if (state->have == 0) {
+ if (gz_make(state) == -1)
+ return NULL; /* error */
+ if (state->have == 0) { /* end of file */
+ if (buf == str) /* got bupkus */
+ return NULL;
+ break; /* got something -- return it */
+ }
+ }
+
+ /* look for end-of-line in current output buffer */
+ n = state->have > left ? left : state->have;
+ eol = memchr(state->next, '\n', n);
+ if (eol != NULL)
+ n = (unsigned)(eol - state->next) + 1;
+
+ /* copy through end-of-line, or remainder if not found */
+ memcpy(buf, state->next, n);
+ state->have -= n;
+ state->next += n;
+ state->pos += n;
+ left -= n;
+ buf += n;
+ } while (left && eol == NULL);
+
+ /* found end-of-line or out of space -- terminate string and return it */
+ buf[0] = 0;
+ return str;
+}
+
+/* -- see zlib.h -- */
+int ZEXPORT gzdirect(file)
+ gzFile file;
+{
+ gz_statep state;
+
+ /* get internal structure */
+ if (file == NULL)
+ return 0;
+ state = (gz_statep)file;
+
+ /* check that we're reading */
+ if (state->mode != GZ_READ)
+ return 0;
+
+ /* if the state is not known, but we can find out, then do so (this is
+ mainly for right after a gzopen() or gzdopen()) */
+ if (state->how == LOOK && state->have == 0)
+ (void)gz_head(state);
+
+ /* return 1 if reading direct, 0 if decompressing a gzip stream */
+ return state->direct;
+}
+
+/* -- see zlib.h -- */
+int ZEXPORT gzclose_r(file)
+ gzFile file;
+{
+ int ret;
+ gz_statep state;
+
+ /* get internal structure */
+ if (file == NULL)
+ return Z_STREAM_ERROR;
+ state = (gz_statep)file;
+
+ /* check that we're reading */
+ if (state->mode != GZ_READ)
+ return Z_STREAM_ERROR;
+
+ /* free memory and close file */
+ if (state->size) {
+ inflateEnd(&(state->strm));
+ free(state->out);
+ free(state->in);
+ }
+ gz_error(state, Z_OK, NULL);
+ free(state->path);
+ ret = close(state->fd);
+ free(state);
+ return ret ? Z_ERRNO : Z_OK;
+}
Added: trunk/contrib/sudo/zlib/gzwrite.c
===================================================================
--- trunk/contrib/sudo/zlib/gzwrite.c (rev 0)
+++ trunk/contrib/sudo/zlib/gzwrite.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,531 @@
+/* gzwrite.c -- zlib functions for writing gzip files
+ * Copyright (C) 2004, 2005, 2010 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+#include "gzguts.h"
+
+/* Local functions */
+local int gz_init OF((gz_statep));
+local int gz_comp OF((gz_statep, int));
+local int gz_zero OF((gz_statep, z_off64_t));
+
+/* Initialize state for writing a gzip file. Mark initialization by setting
+ state->size to non-zero. Return -1 on failure or 0 on success. */
+local int gz_init(state)
+ gz_statep state;
+{
+ int ret;
+ z_streamp strm = &(state->strm);
+
+ /* allocate input and output buffers */
+ state->in = malloc(state->want);
+ state->out = malloc(state->want);
+ if (state->in == NULL || state->out == NULL) {
+ if (state->out != NULL)
+ free(state->out);
+ if (state->in != NULL)
+ free(state->in);
+ gz_error(state, Z_MEM_ERROR, "out of memory");
+ return -1;
+ }
+
+ /* allocate deflate memory, set up for gzip compression */
+ strm->zalloc = Z_NULL;
+ strm->zfree = Z_NULL;
+ strm->opaque = Z_NULL;
+ ret = deflateInit2(strm, state->level, Z_DEFLATED,
+ 15 + 16, 8, state->strategy);
+ if (ret != Z_OK) {
+ free(state->in);
+ gz_error(state, Z_MEM_ERROR, "out of memory");
+ return -1;
+ }
+
+ /* mark state as initialized */
+ state->size = state->want;
+
+ /* initialize write buffer */
+ strm->avail_out = state->size;
+ strm->next_out = state->out;
+ state->next = strm->next_out;
+ return 0;
+}
+
+/* Compress whatever is at avail_in and next_in and write to the output file.
+ Return -1 if there is an error writing to the output file, otherwise 0.
+ flush is assumed to be a valid deflate() flush value. If flush is Z_FINISH,
+ then the deflate() state is reset to start a new gzip stream. */
+local int gz_comp(state, flush)
+ gz_statep state;
+ int flush;
+{
+ int ret, got;
+ unsigned have;
+ z_streamp strm = &(state->strm);
+
+ /* allocate memory if this is the first time through */
+ if (state->size == 0 && gz_init(state) == -1)
+ return -1;
+
+ /* run deflate() on provided input until it produces no more output */
+ ret = Z_OK;
+ do {
+ /* write out current buffer contents if full, or if flushing, but if
+ doing Z_FINISH then don't write until we get to Z_STREAM_END */
+ if (strm->avail_out == 0 || (flush != Z_NO_FLUSH &&
+ (flush != Z_FINISH || ret == Z_STREAM_END))) {
+ have = (unsigned)(strm->next_out - state->next);
+ if (have && ((got = write(state->fd, state->next, have)) < 0 ||
+ (unsigned)got != have)) {
+ gz_error(state, Z_ERRNO, zstrerror());
+ return -1;
+ }
+ if (strm->avail_out == 0) {
+ strm->avail_out = state->size;
+ strm->next_out = state->out;
+ }
+ state->next = strm->next_out;
+ }
+
+ /* compress */
+ have = strm->avail_out;
+ ret = deflate(strm, flush);
+ if (ret == Z_STREAM_ERROR) {
+ gz_error(state, Z_STREAM_ERROR,
+ "internal error: deflate stream corrupt");
+ return -1;
+ }
+ have -= strm->avail_out;
+ } while (have);
+
+ /* if that completed a deflate stream, allow another to start */
+ if (flush == Z_FINISH)
+ deflateReset(strm);
+
+ /* all done, no errors */
+ return 0;
+}
+
+/* Compress len zeros to output. Return -1 on error, 0 on success. */
+local int gz_zero(state, len)
+ gz_statep state;
+ z_off64_t len;
+{
+ int first;
+ unsigned n;
+ z_streamp strm = &(state->strm);
+
+ /* consume whatever's left in the input buffer */
+ if (strm->avail_in && gz_comp(state, Z_NO_FLUSH) == -1)
+ return -1;
+
+ /* compress len zeros (len guaranteed > 0) */
+ first = 1;
+ while (len) {
+ n = GT_OFF(state->size) || (z_off64_t)state->size > len ?
+ (unsigned)len : state->size;
+ if (first) {
+ memset(state->in, 0, n);
+ first = 0;
+ }
+ strm->avail_in = n;
+ strm->next_in = state->in;
+ state->pos += n;
+ if (gz_comp(state, Z_NO_FLUSH) == -1)
+ return -1;
+ len -= n;
+ }
+ return 0;
+}
+
+/* -- see zlib.h -- */
+int ZEXPORT gzwrite(file, buf, len)
+ gzFile file;
+ voidpc buf;
+ unsigned len;
+{
+ unsigned put = len;
+ unsigned n;
+ gz_statep state;
+ z_streamp strm;
+
+ /* get internal structure */
+ if (file == NULL)
+ return 0;
+ state = (gz_statep)file;
+ strm = &(state->strm);
+
+ /* check that we're writing and that there's no error */
+ if (state->mode != GZ_WRITE || state->err != Z_OK)
+ return 0;
+
+ /* since an int is returned, make sure len fits in one, otherwise return
+ with an error (this avoids the flaw in the interface) */
+ if ((int)len < 0) {
+ gz_error(state, Z_BUF_ERROR, "requested length does not fit in int");
+ return 0;
+ }
+
+ /* if len is zero, avoid unnecessary operations */
+ if (len == 0)
+ return 0;
+
+ /* allocate memory if this is the first time through */
+ if (state->size == 0 && gz_init(state) == -1)
+ return 0;
+
+ /* check for seek request */
+ if (state->seek) {
+ state->seek = 0;
+ if (gz_zero(state, state->skip) == -1)
+ return 0;
+ }
+
+ /* for small len, copy to input buffer, otherwise compress directly */
+ if (len < state->size) {
+ /* copy to input buffer, compress when full */
+ do {
+ if (strm->avail_in == 0)
+ strm->next_in = state->in;
+ n = state->size - strm->avail_in;
+ if (n > len)
+ n = len;
+ memcpy(strm->next_in + strm->avail_in, buf, n);
+ strm->avail_in += n;
+ state->pos += n;
+ buf = (char *)buf + n;
+ len -= n;
+ if (len && gz_comp(state, Z_NO_FLUSH) == -1)
+ return 0;
+ } while (len);
+ }
+ else {
+ /* consume whatever's left in the input buffer */
+ if (strm->avail_in && gz_comp(state, Z_NO_FLUSH) == -1)
+ return 0;
+
+ /* directly compress user buffer to file */
+ strm->avail_in = len;
+ strm->next_in = (voidp)buf;
+ state->pos += len;
+ if (gz_comp(state, Z_NO_FLUSH) == -1)
+ return 0;
+ }
+
+ /* input was all buffered or compressed (put will fit in int) */
+ return (int)put;
+}
+
+/* -- see zlib.h -- */
+int ZEXPORT gzputc(file, c)
+ gzFile file;
+ int c;
+{
+ unsigned char buf[1];
+ gz_statep state;
+ z_streamp strm;
+
+ /* get internal structure */
+ if (file == NULL)
+ return -1;
+ state = (gz_statep)file;
+ strm = &(state->strm);
+
+ /* check that we're writing and that there's no error */
+ if (state->mode != GZ_WRITE || state->err != Z_OK)
+ return -1;
+
+ /* check for seek request */
+ if (state->seek) {
+ state->seek = 0;
+ if (gz_zero(state, state->skip) == -1)
+ return -1;
+ }
+
+ /* try writing to input buffer for speed (state->size == 0 if buffer not
+ initialized) */
+ if (strm->avail_in < state->size) {
+ if (strm->avail_in == 0)
+ strm->next_in = state->in;
+ strm->next_in[strm->avail_in++] = c;
+ state->pos++;
+ return c;
+ }
+
+ /* no room in buffer or not initialized, use gz_write() */
+ buf[0] = c;
+ if (gzwrite(file, buf, 1) != 1)
+ return -1;
+ return c;
+}
+
+/* -- see zlib.h -- */
+int ZEXPORT gzputs(file, str)
+ gzFile file;
+ const char *str;
+{
+ int ret;
+ unsigned len;
+
+ /* write string */
+ len = (unsigned)strlen(str);
+ ret = gzwrite(file, str, len);
+ return ret == 0 && len != 0 ? -1 : ret;
+}
+
+#ifdef STDC
+#include <stdarg.h>
+
+/* -- see zlib.h -- */
+int ZEXPORTVA gzprintf (gzFile file, const char *format, ...)
+{
+ int size, len;
+ gz_statep state;
+ z_streamp strm;
+ va_list va;
+
+ /* get internal structure */
+ if (file == NULL)
+ return -1;
+ state = (gz_statep)file;
+ strm = &(state->strm);
+
+ /* check that we're writing and that there's no error */
+ if (state->mode != GZ_WRITE || state->err != Z_OK)
+ return 0;
+
+ /* make sure we have some buffer space */
+ if (state->size == 0 && gz_init(state) == -1)
+ return 0;
+
+ /* check for seek request */
+ if (state->seek) {
+ state->seek = 0;
+ if (gz_zero(state, state->skip) == -1)
+ return 0;
+ }
+
+ /* consume whatever's left in the input buffer */
+ if (strm->avail_in && gz_comp(state, Z_NO_FLUSH) == -1)
+ return 0;
+
+ /* do the printf() into the input buffer, put length in len */
+ size = (int)(state->size);
+ state->in[size - 1] = 0;
+ va_start(va, format);
+#ifdef NO_vsnprintf
+# ifdef HAS_vsprintf_void
+ (void)vsprintf(state->in, format, va);
+ va_end(va);
+ for (len = 0; len < size; len++)
+ if (state->in[len] == 0) break;
+# else
+ len = vsprintf(state->in, format, va);
+ va_end(va);
+# endif
+#else
+# ifdef HAS_vsnprintf_void
+ (void)vsnprintf(state->in, size, format, va);
+ va_end(va);
+ len = strlen(state->in);
+# else
+ len = vsnprintf((char *)(state->in), size, format, va);
+ va_end(va);
+# endif
+#endif
+
+ /* check that printf() results fit in buffer */
+ if (len <= 0 || len >= (int)size || state->in[size - 1] != 0)
+ return 0;
+
+ /* update buffer and position, defer compression until needed */
+ strm->avail_in = (unsigned)len;
+ strm->next_in = state->in;
+ state->pos += len;
+ return len;
+}
+
+#else /* !STDC */
+
+/* -- see zlib.h -- */
+int ZEXPORTVA gzprintf (file, format, a1, a2, a3, a4, a5, a6, a7, a8, a9, a10,
+ a11, a12, a13, a14, a15, a16, a17, a18, a19, a20)
+ gzFile file;
+ const char *format;
+ int a1, a2, a3, a4, a5, a6, a7, a8, a9, a10,
+ a11, a12, a13, a14, a15, a16, a17, a18, a19, a20;
+{
+ int size, len;
+ gz_statep state;
+ z_streamp strm;
+
+ /* get internal structure */
+ if (file == NULL)
+ return -1;
+ state = (gz_statep)file;
+ strm = &(state->strm);
+
+ /* check that we're writing and that there's no error */
+ if (state->mode != GZ_WRITE || state->err != Z_OK)
+ return 0;
+
+ /* make sure we have some buffer space */
+ if (state->size == 0 && gz_init(state) == -1)
+ return 0;
+
+ /* check for seek request */
+ if (state->seek) {
+ state->seek = 0;
+ if (gz_zero(state, state->skip) == -1)
+ return 0;
+ }
+
+ /* consume whatever's left in the input buffer */
+ if (strm->avail_in && gz_comp(state, Z_NO_FLUSH) == -1)
+ return 0;
+
+ /* do the printf() into the input buffer, put length in len */
+ size = (int)(state->size);
+ state->in[size - 1] = 0;
+#ifdef NO_snprintf
+# ifdef HAS_sprintf_void
+ sprintf(state->in, format, a1, a2, a3, a4, a5, a6, a7, a8,
+ a9, a10, a11, a12, a13, a14, a15, a16, a17, a18, a19, a20);
+ for (len = 0; len < size; len++)
+ if (state->in[len] == 0) break;
+# else
+ len = sprintf(state->in, format, a1, a2, a3, a4, a5, a6, a7, a8,
+ a9, a10, a11, a12, a13, a14, a15, a16, a17, a18, a19, a20);
+# endif
+#else
+# ifdef HAS_snprintf_void
+ snprintf(state->in, size, format, a1, a2, a3, a4, a5, a6, a7, a8,
+ a9, a10, a11, a12, a13, a14, a15, a16, a17, a18, a19, a20);
+ len = strlen(state->in);
+# else
+ len = snprintf(state->in, size, format, a1, a2, a3, a4, a5, a6, a7, a8,
+ a9, a10, a11, a12, a13, a14, a15, a16, a17, a18, a19, a20);
+# endif
+#endif
+
+ /* check that printf() results fit in buffer */
+ if (len <= 0 || len >= (int)size || state->in[size - 1] != 0)
+ return 0;
+
+ /* update buffer and position, defer compression until needed */
+ strm->avail_in = (unsigned)len;
+ strm->next_in = state->in;
+ state->pos += len;
+ return len;
+}
+
+#endif
+
+/* -- see zlib.h -- */
+int ZEXPORT gzflush(file, flush)
+ gzFile file;
+ int flush;
+{
+ gz_statep state;
+
+ /* get internal structure */
+ if (file == NULL)
+ return -1;
+ state = (gz_statep)file;
+
+ /* check that we're writing and that there's no error */
+ if (state->mode != GZ_WRITE || state->err != Z_OK)
+ return Z_STREAM_ERROR;
+
+ /* check flush parameter */
+ if (flush < 0 || flush > Z_FINISH)
+ return Z_STREAM_ERROR;
+
+ /* check for seek request */
+ if (state->seek) {
+ state->seek = 0;
+ if (gz_zero(state, state->skip) == -1)
+ return -1;
+ }
+
+ /* compress remaining data with requested flush */
+ gz_comp(state, flush);
+ return state->err;
+}
+
+/* -- see zlib.h -- */
+int ZEXPORT gzsetparams(file, level, strategy)
+ gzFile file;
+ int level;
+ int strategy;
+{
+ gz_statep state;
+ z_streamp strm;
+
+ /* get internal structure */
+ if (file == NULL)
+ return Z_STREAM_ERROR;
+ state = (gz_statep)file;
+ strm = &(state->strm);
+
+ /* check that we're writing and that there's no error */
+ if (state->mode != GZ_WRITE || state->err != Z_OK)
+ return Z_STREAM_ERROR;
+
+ /* if no change is requested, then do nothing */
+ if (level == state->level && strategy == state->strategy)
+ return Z_OK;
+
+ /* check for seek request */
+ if (state->seek) {
+ state->seek = 0;
+ if (gz_zero(state, state->skip) == -1)
+ return -1;
+ }
+
+ /* change compression parameters for subsequent input */
+ if (state->size) {
+ /* flush previous input with previous parameters before changing */
+ if (strm->avail_in && gz_comp(state, Z_PARTIAL_FLUSH) == -1)
+ return state->err;
+ deflateParams(strm, level, strategy);
+ }
+ state->level = level;
+ state->strategy = strategy;
+ return Z_OK;
+}
+
+/* -- see zlib.h -- */
+int ZEXPORT gzclose_w(file)
+ gzFile file;
+{
+ int ret = 0;
+ gz_statep state;
+
+ /* get internal structure */
+ if (file == NULL)
+ return Z_STREAM_ERROR;
+ state = (gz_statep)file;
+
+ /* check that we're writing */
+ if (state->mode != GZ_WRITE)
+ return Z_STREAM_ERROR;
+
+ /* check for seek request */
+ if (state->seek) {
+ state->seek = 0;
+ ret += gz_zero(state, state->skip);
+ }
+
+ /* flush, free memory, and close file */
+ ret += gz_comp(state, Z_FINISH);
+ (void)deflateEnd(&(state->strm));
+ free(state->out);
+ free(state->in);
+ gz_error(state, Z_OK, NULL);
+ free(state->path);
+ ret += close(state->fd);
+ free(state);
+ return ret ? Z_ERRNO : Z_OK;
+}
Added: trunk/contrib/sudo/zlib/infback.c
===================================================================
--- trunk/contrib/sudo/zlib/infback.c (rev 0)
+++ trunk/contrib/sudo/zlib/infback.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,632 @@
+/* infback.c -- inflate using a call-back interface
+ * Copyright (C) 1995-2009 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/*
+ This code is largely copied from inflate.c. Normally either infback.o or
+ inflate.o would be linked into an application--not both. The interface
+ with inffast.c is retained so that optimized assembler-coded versions of
+ inflate_fast() can be used with either inflate.c or infback.c.
+ */
+
+#include "zutil.h"
+#include "inftrees.h"
+#include "inflate.h"
+#include "inffast.h"
+
+/* function prototypes */
+local void fixedtables OF((struct inflate_state FAR *state));
+
+/*
+ strm provides memory allocation functions in zalloc and zfree, or
+ Z_NULL to use the library memory allocation functions.
+
+ windowBits is in the range 8..15, and window is a user-supplied
+ window and output buffer that is 2**windowBits bytes.
+ */
+int ZEXPORT inflateBackInit_(strm, windowBits, window, version, stream_size)
+z_streamp strm;
+int windowBits;
+unsigned char FAR *window;
+const char *version;
+int stream_size;
+{
+ struct inflate_state FAR *state;
+
+ if (version == Z_NULL || version[0] != ZLIB_VERSION[0] ||
+ stream_size != (int)(sizeof(z_stream)))
+ return Z_VERSION_ERROR;
+ if (strm == Z_NULL || window == Z_NULL ||
+ windowBits < 8 || windowBits > 15)
+ return Z_STREAM_ERROR;
+ strm->msg = Z_NULL; /* in case we return an error */
+ if (strm->zalloc == (alloc_func)0) {
+ strm->zalloc = zcalloc;
+ strm->opaque = (voidpf)0;
+ }
+ if (strm->zfree == (free_func)0) strm->zfree = zcfree;
+ state = (struct inflate_state FAR *)ZALLOC(strm, 1,
+ sizeof(struct inflate_state));
+ if (state == Z_NULL) return Z_MEM_ERROR;
+ Tracev((stderr, "inflate: allocated\n"));
+ strm->state = (struct internal_state FAR *)state;
+ state->dmax = 32768U;
+ state->wbits = windowBits;
+ state->wsize = 1U << windowBits;
+ state->window = window;
+ state->wnext = 0;
+ state->whave = 0;
+ return Z_OK;
+}
+
+/*
+ Return state with length and distance decoding tables and index sizes set to
+ fixed code decoding. Normally this returns fixed tables from inffixed.h.
+ If BUILDFIXED is defined, then instead this routine builds the tables the
+ first time it's called, and returns those tables the first time and
+ thereafter. This reduces the size of the code by about 2K bytes, in
+ exchange for a little execution time. However, BUILDFIXED should not be
+ used for threaded applications, since the rewriting of the tables and virgin
+ may not be thread-safe.
+ */
+local void fixedtables(state)
+struct inflate_state FAR *state;
+{
+#ifdef BUILDFIXED
+ static int virgin = 1;
+ static code *lenfix, *distfix;
+ static code fixed[544];
+
+ /* build fixed huffman tables if first call (may not be thread safe) */
+ if (virgin) {
+ unsigned sym, bits;
+ static code *next;
+
+ /* literal/length table */
+ sym = 0;
+ while (sym < 144) state->lens[sym++] = 8;
+ while (sym < 256) state->lens[sym++] = 9;
+ while (sym < 280) state->lens[sym++] = 7;
+ while (sym < 288) state->lens[sym++] = 8;
+ next = fixed;
+ lenfix = next;
+ bits = 9;
+ inflate_table(LENS, state->lens, 288, &(next), &(bits), state->work);
+
+ /* distance table */
+ sym = 0;
+ while (sym < 32) state->lens[sym++] = 5;
+ distfix = next;
+ bits = 5;
+ inflate_table(DISTS, state->lens, 32, &(next), &(bits), state->work);
+
+ /* do this just once */
+ virgin = 0;
+ }
+#else /* !BUILDFIXED */
+# include "inffixed.h"
+#endif /* BUILDFIXED */
+ state->lencode = lenfix;
+ state->lenbits = 9;
+ state->distcode = distfix;
+ state->distbits = 5;
+}
+
+/* Macros for inflateBack(): */
+
+/* Load returned state from inflate_fast() */
+#define LOAD() \
+ do { \
+ put = strm->next_out; \
+ left = strm->avail_out; \
+ next = strm->next_in; \
+ have = strm->avail_in; \
+ hold = state->hold; \
+ bits = state->bits; \
+ } while (0)
+
+/* Set state from registers for inflate_fast() */
+#define RESTORE() \
+ do { \
+ strm->next_out = put; \
+ strm->avail_out = left; \
+ strm->next_in = next; \
+ strm->avail_in = have; \
+ state->hold = hold; \
+ state->bits = bits; \
+ } while (0)
+
+/* Clear the input bit accumulator */
+#define INITBITS() \
+ do { \
+ hold = 0; \
+ bits = 0; \
+ } while (0)
+
+/* Assure that some input is available. If input is requested, but denied,
+ then return a Z_BUF_ERROR from inflateBack(). */
+#define PULL() \
+ do { \
+ if (have == 0) { \
+ have = in(in_desc, &next); \
+ if (have == 0) { \
+ next = Z_NULL; \
+ ret = Z_BUF_ERROR; \
+ goto inf_leave; \
+ } \
+ } \
+ } while (0)
+
+/* Get a byte of input into the bit accumulator, or return from inflateBack()
+ with an error if there is no input available. */
+#define PULLBYTE() \
+ do { \
+ PULL(); \
+ have--; \
+ hold += (unsigned long)(*next++) << bits; \
+ bits += 8; \
+ } while (0)
+
+/* Assure that there are at least n bits in the bit accumulator. If there is
+ not enough available input to do that, then return from inflateBack() with
+ an error. */
+#define NEEDBITS(n) \
+ do { \
+ while (bits < (unsigned)(n)) \
+ PULLBYTE(); \
+ } while (0)
+
+/* Return the low n bits of the bit accumulator (n < 16) */
+#define BITS(n) \
+ ((unsigned)hold & ((1U << (n)) - 1))
+
+/* Remove n bits from the bit accumulator */
+#define DROPBITS(n) \
+ do { \
+ hold >>= (n); \
+ bits -= (unsigned)(n); \
+ } while (0)
+
+/* Remove zero to seven bits as needed to go to a byte boundary */
+#define BYTEBITS() \
+ do { \
+ hold >>= bits & 7; \
+ bits -= bits & 7; \
+ } while (0)
+
+/* Assure that some output space is available, by writing out the window
+ if it's full. If the write fails, return from inflateBack() with a
+ Z_BUF_ERROR. */
+#define ROOM() \
+ do { \
+ if (left == 0) { \
+ put = state->window; \
+ left = state->wsize; \
+ state->whave = left; \
+ if (out(out_desc, put, left)) { \
+ ret = Z_BUF_ERROR; \
+ goto inf_leave; \
+ } \
+ } \
+ } while (0)
+
+/*
+ strm provides the memory allocation functions and window buffer on input,
+ and provides information on the unused input on return. For Z_DATA_ERROR
+ returns, strm will also provide an error message.
+
+ in() and out() are the call-back input and output functions. When
+ inflateBack() needs more input, it calls in(). When inflateBack() has
+ filled the window with output, or when it completes with data in the
+ window, it calls out() to write out the data. The application must not
+ change the provided input until in() is called again or inflateBack()
+ returns. The application must not change the window/output buffer until
+ inflateBack() returns.
+
+ in() and out() are called with a descriptor parameter provided in the
+ inflateBack() call. This parameter can be a structure that provides the
+ information required to do the read or write, as well as accumulated
+ information on the input and output such as totals and check values.
+
+ in() should return zero on failure. out() should return non-zero on
+ failure. If either in() or out() fails, than inflateBack() returns a
+ Z_BUF_ERROR. strm->next_in can be checked for Z_NULL to see whether it
+ was in() or out() that caused in the error. Otherwise, inflateBack()
+ returns Z_STREAM_END on success, Z_DATA_ERROR for an deflate format
+ error, or Z_MEM_ERROR if it could not allocate memory for the state.
+ inflateBack() can also return Z_STREAM_ERROR if the input parameters
+ are not correct, i.e. strm is Z_NULL or the state was not initialized.
+ */
+int ZEXPORT inflateBack(strm, in, in_desc, out, out_desc)
+z_streamp strm;
+in_func in;
+void FAR *in_desc;
+out_func out;
+void FAR *out_desc;
+{
+ struct inflate_state FAR *state;
+ unsigned char FAR *next; /* next input */
+ unsigned char FAR *put; /* next output */
+ unsigned have, left; /* available input and output */
+ unsigned long hold; /* bit buffer */
+ unsigned bits; /* bits in bit buffer */
+ unsigned copy; /* number of stored or match bytes to copy */
+ unsigned char FAR *from; /* where to copy match bytes from */
+ code here; /* current decoding table entry */
+ code last; /* parent table entry */
+ unsigned len; /* length to copy for repeats, bits to drop */
+ int ret; /* return code */
+ static const unsigned short order[19] = /* permutation of code lengths */
+ {16, 17, 18, 0, 8, 7, 9, 6, 10, 5, 11, 4, 12, 3, 13, 2, 14, 1, 15};
+
+ /* Check that the strm exists and that the state was initialized */
+ if (strm == Z_NULL || strm->state == Z_NULL)
+ return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+
+ /* Reset the state */
+ strm->msg = Z_NULL;
+ state->mode = TYPE;
+ state->last = 0;
+ state->whave = 0;
+ next = strm->next_in;
+ have = next != Z_NULL ? strm->avail_in : 0;
+ hold = 0;
+ bits = 0;
+ put = state->window;
+ left = state->wsize;
+
+ /* Inflate until end of block marked as last */
+ for (;;)
+ switch (state->mode) {
+ case TYPE:
+ /* determine and dispatch block type */
+ if (state->last) {
+ BYTEBITS();
+ state->mode = DONE;
+ break;
+ }
+ NEEDBITS(3);
+ state->last = BITS(1);
+ DROPBITS(1);
+ switch (BITS(2)) {
+ case 0: /* stored block */
+ Tracev((stderr, "inflate: stored block%s\n",
+ state->last ? " (last)" : ""));
+ state->mode = STORED;
+ break;
+ case 1: /* fixed block */
+ fixedtables(state);
+ Tracev((stderr, "inflate: fixed codes block%s\n",
+ state->last ? " (last)" : ""));
+ state->mode = LEN; /* decode codes */
+ break;
+ case 2: /* dynamic block */
+ Tracev((stderr, "inflate: dynamic codes block%s\n",
+ state->last ? " (last)" : ""));
+ state->mode = TABLE;
+ break;
+ case 3:
+ strm->msg = (char *)"invalid block type";
+ state->mode = BAD;
+ }
+ DROPBITS(2);
+ break;
+
+ case STORED:
+ /* get and verify stored block length */
+ BYTEBITS(); /* go to byte boundary */
+ NEEDBITS(32);
+ if ((hold & 0xffff) != ((hold >> 16) ^ 0xffff)) {
+ strm->msg = (char *)"invalid stored block lengths";
+ state->mode = BAD;
+ break;
+ }
+ state->length = (unsigned)hold & 0xffff;
+ Tracev((stderr, "inflate: stored length %u\n",
+ state->length));
+ INITBITS();
+
+ /* copy stored block from input to output */
+ while (state->length != 0) {
+ copy = state->length;
+ PULL();
+ ROOM();
+ if (copy > have) copy = have;
+ if (copy > left) copy = left;
+ zmemcpy(put, next, copy);
+ have -= copy;
+ next += copy;
+ left -= copy;
+ put += copy;
+ state->length -= copy;
+ }
+ Tracev((stderr, "inflate: stored end\n"));
+ state->mode = TYPE;
+ break;
+
+ case TABLE:
+ /* get dynamic table entries descriptor */
+ NEEDBITS(14);
+ state->nlen = BITS(5) + 257;
+ DROPBITS(5);
+ state->ndist = BITS(5) + 1;
+ DROPBITS(5);
+ state->ncode = BITS(4) + 4;
+ DROPBITS(4);
+#ifndef PKZIP_BUG_WORKAROUND
+ if (state->nlen > 286 || state->ndist > 30) {
+ strm->msg = (char *)"too many length or distance symbols";
+ state->mode = BAD;
+ break;
+ }
+#endif
+ Tracev((stderr, "inflate: table sizes ok\n"));
+
+ /* get code length code lengths (not a typo) */
+ state->have = 0;
+ while (state->have < state->ncode) {
+ NEEDBITS(3);
+ state->lens[order[state->have++]] = (unsigned short)BITS(3);
+ DROPBITS(3);
+ }
+ while (state->have < 19)
+ state->lens[order[state->have++]] = 0;
+ state->next = state->codes;
+ state->lencode = (code const FAR *)(state->next);
+ state->lenbits = 7;
+ ret = inflate_table(CODES, state->lens, 19, &(state->next),
+ &(state->lenbits), state->work);
+ if (ret) {
+ strm->msg = (char *)"invalid code lengths set";
+ state->mode = BAD;
+ break;
+ }
+ Tracev((stderr, "inflate: code lengths ok\n"));
+
+ /* get length and distance code code lengths */
+ state->have = 0;
+ while (state->have < state->nlen + state->ndist) {
+ for (;;) {
+ here = state->lencode[BITS(state->lenbits)];
+ if ((unsigned)(here.bits) <= bits) break;
+ PULLBYTE();
+ }
+ if (here.val < 16) {
+ NEEDBITS(here.bits);
+ DROPBITS(here.bits);
+ state->lens[state->have++] = here.val;
+ }
+ else {
+ if (here.val == 16) {
+ NEEDBITS(here.bits + 2);
+ DROPBITS(here.bits);
+ if (state->have == 0) {
+ strm->msg = (char *)"invalid bit length repeat";
+ state->mode = BAD;
+ break;
+ }
+ len = (unsigned)(state->lens[state->have - 1]);
+ copy = 3 + BITS(2);
+ DROPBITS(2);
+ }
+ else if (here.val == 17) {
+ NEEDBITS(here.bits + 3);
+ DROPBITS(here.bits);
+ len = 0;
+ copy = 3 + BITS(3);
+ DROPBITS(3);
+ }
+ else {
+ NEEDBITS(here.bits + 7);
+ DROPBITS(here.bits);
+ len = 0;
+ copy = 11 + BITS(7);
+ DROPBITS(7);
+ }
+ if (state->have + copy > state->nlen + state->ndist) {
+ strm->msg = (char *)"invalid bit length repeat";
+ state->mode = BAD;
+ break;
+ }
+ while (copy--)
+ state->lens[state->have++] = (unsigned short)len;
+ }
+ }
+
+ /* handle error breaks in while */
+ if (state->mode == BAD) break;
+
+ /* check for end-of-block code (better have one) */
+ if (state->lens[256] == 0) {
+ strm->msg = (char *)"invalid code -- missing end-of-block";
+ state->mode = BAD;
+ break;
+ }
+
+ /* build code tables -- note: do not change the lenbits or distbits
+ values here (9 and 6) without reading the comments in inftrees.h
+ concerning the ENOUGH constants, which depend on those values */
+ state->next = state->codes;
+ state->lencode = (code const FAR *)(state->next);
+ state->lenbits = 9;
+ ret = inflate_table(LENS, state->lens, state->nlen, &(state->next),
+ &(state->lenbits), state->work);
+ if (ret) {
+ strm->msg = (char *)"invalid literal/lengths set";
+ state->mode = BAD;
+ break;
+ }
+ state->distcode = (code const FAR *)(state->next);
+ state->distbits = 6;
+ ret = inflate_table(DISTS, state->lens + state->nlen, state->ndist,
+ &(state->next), &(state->distbits), state->work);
+ if (ret) {
+ strm->msg = (char *)"invalid distances set";
+ state->mode = BAD;
+ break;
+ }
+ Tracev((stderr, "inflate: codes ok\n"));
+ state->mode = LEN;
+
+ case LEN:
+ /* use inflate_fast() if we have enough input and output */
+ if (have >= 6 && left >= 258) {
+ RESTORE();
+ if (state->whave < state->wsize)
+ state->whave = state->wsize - left;
+ inflate_fast(strm, state->wsize);
+ LOAD();
+ break;
+ }
+
+ /* get a literal, length, or end-of-block code */
+ for (;;) {
+ here = state->lencode[BITS(state->lenbits)];
+ if ((unsigned)(here.bits) <= bits) break;
+ PULLBYTE();
+ }
+ if (here.op && (here.op & 0xf0) == 0) {
+ last = here;
+ for (;;) {
+ here = state->lencode[last.val +
+ (BITS(last.bits + last.op) >> last.bits)];
+ if ((unsigned)(last.bits + here.bits) <= bits) break;
+ PULLBYTE();
+ }
+ DROPBITS(last.bits);
+ }
+ DROPBITS(here.bits);
+ state->length = (unsigned)here.val;
+
+ /* process literal */
+ if (here.op == 0) {
+ Tracevv((stderr, here.val >= 0x20 && here.val < 0x7f ?
+ "inflate: literal '%c'\n" :
+ "inflate: literal 0x%02x\n", here.val));
+ ROOM();
+ *put++ = (unsigned char)(state->length);
+ left--;
+ state->mode = LEN;
+ break;
+ }
+
+ /* process end of block */
+ if (here.op & 32) {
+ Tracevv((stderr, "inflate: end of block\n"));
+ state->mode = TYPE;
+ break;
+ }
+
+ /* invalid code */
+ if (here.op & 64) {
+ strm->msg = (char *)"invalid literal/length code";
+ state->mode = BAD;
+ break;
+ }
+
+ /* length code -- get extra bits, if any */
+ state->extra = (unsigned)(here.op) & 15;
+ if (state->extra != 0) {
+ NEEDBITS(state->extra);
+ state->length += BITS(state->extra);
+ DROPBITS(state->extra);
+ }
+ Tracevv((stderr, "inflate: length %u\n", state->length));
+
+ /* get distance code */
+ for (;;) {
+ here = state->distcode[BITS(state->distbits)];
+ if ((unsigned)(here.bits) <= bits) break;
+ PULLBYTE();
+ }
+ if ((here.op & 0xf0) == 0) {
+ last = here;
+ for (;;) {
+ here = state->distcode[last.val +
+ (BITS(last.bits + last.op) >> last.bits)];
+ if ((unsigned)(last.bits + here.bits) <= bits) break;
+ PULLBYTE();
+ }
+ DROPBITS(last.bits);
+ }
+ DROPBITS(here.bits);
+ if (here.op & 64) {
+ strm->msg = (char *)"invalid distance code";
+ state->mode = BAD;
+ break;
+ }
+ state->offset = (unsigned)here.val;
+
+ /* get distance extra bits, if any */
+ state->extra = (unsigned)(here.op) & 15;
+ if (state->extra != 0) {
+ NEEDBITS(state->extra);
+ state->offset += BITS(state->extra);
+ DROPBITS(state->extra);
+ }
+ if (state->offset > state->wsize - (state->whave < state->wsize ?
+ left : 0)) {
+ strm->msg = (char *)"invalid distance too far back";
+ state->mode = BAD;
+ break;
+ }
+ Tracevv((stderr, "inflate: distance %u\n", state->offset));
+
+ /* copy match from window to output */
+ do {
+ ROOM();
+ copy = state->wsize - state->offset;
+ if (copy < left) {
+ from = put + copy;
+ copy = left - copy;
+ }
+ else {
+ from = put - state->offset;
+ copy = left;
+ }
+ if (copy > state->length) copy = state->length;
+ state->length -= copy;
+ left -= copy;
+ do {
+ *put++ = *from++;
+ } while (--copy);
+ } while (state->length != 0);
+ break;
+
+ case DONE:
+ /* inflate stream terminated properly -- write leftover output */
+ ret = Z_STREAM_END;
+ if (left < state->wsize) {
+ if (out(out_desc, state->window, state->wsize - left))
+ ret = Z_BUF_ERROR;
+ }
+ goto inf_leave;
+
+ case BAD:
+ ret = Z_DATA_ERROR;
+ goto inf_leave;
+
+ default: /* can't happen, but makes compilers happy */
+ ret = Z_STREAM_ERROR;
+ goto inf_leave;
+ }
+
+ /* Return unused input */
+ inf_leave:
+ strm->next_in = next;
+ strm->avail_in = have;
+ return ret;
+}
+
+int ZEXPORT inflateBackEnd(strm)
+z_streamp strm;
+{
+ if (strm == Z_NULL || strm->state == Z_NULL || strm->zfree == (free_func)0)
+ return Z_STREAM_ERROR;
+ ZFREE(strm, strm->state);
+ strm->state = Z_NULL;
+ Tracev((stderr, "inflate: end\n"));
+ return Z_OK;
+}
Added: trunk/contrib/sudo/zlib/inffast.c
===================================================================
--- trunk/contrib/sudo/zlib/inffast.c (rev 0)
+++ trunk/contrib/sudo/zlib/inffast.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,340 @@
+/* inffast.c -- fast decoding
+ * Copyright (C) 1995-2008, 2010 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+#include "zutil.h"
+#include "inftrees.h"
+#include "inflate.h"
+#include "inffast.h"
+
+#ifndef ASMINF
+
+/* Allow machine dependent optimization for post-increment or pre-increment.
+ Based on testing to date,
+ Pre-increment preferred for:
+ - PowerPC G3 (Adler)
+ - MIPS R5000 (Randers-Pehrson)
+ Post-increment preferred for:
+ - none
+ No measurable difference:
+ - Pentium III (Anderson)
+ - M68060 (Nikl)
+ */
+#ifdef POSTINC
+# define OFF 0
+# define PUP(a) *(a)++
+#else
+# define OFF 1
+# define PUP(a) *++(a)
+#endif
+
+/*
+ Decode literal, length, and distance codes and write out the resulting
+ literal and match bytes until either not enough input or output is
+ available, an end-of-block is encountered, or a data error is encountered.
+ When large enough input and output buffers are supplied to inflate(), for
+ example, a 16K input buffer and a 64K output buffer, more than 95% of the
+ inflate execution time is spent in this routine.
+
+ Entry assumptions:
+
+ state->mode == LEN
+ strm->avail_in >= 6
+ strm->avail_out >= 258
+ start >= strm->avail_out
+ state->bits < 8
+
+ On return, state->mode is one of:
+
+ LEN -- ran out of enough output space or enough available input
+ TYPE -- reached end of block code, inflate() to interpret next block
+ BAD -- error in block data
+
+ Notes:
+
+ - The maximum input bits used by a length/distance pair is 15 bits for the
+ length code, 5 bits for the length extra, 15 bits for the distance code,
+ and 13 bits for the distance extra. This totals 48 bits, or six bytes.
+ Therefore if strm->avail_in >= 6, then there is enough input to avoid
+ checking for available input while decoding.
+
+ - The maximum bytes that a single length/distance pair can output is 258
+ bytes, which is the maximum length that can be coded. inflate_fast()
+ requires strm->avail_out >= 258 for each loop to avoid checking for
+ output space.
+ */
+void ZLIB_INTERNAL inflate_fast(strm, start)
+z_streamp strm;
+unsigned start; /* inflate()'s starting value for strm->avail_out */
+{
+ struct inflate_state FAR *state;
+ unsigned char FAR *in; /* local strm->next_in */
+ unsigned char FAR *last; /* while in < last, enough input available */
+ unsigned char FAR *out; /* local strm->next_out */
+ unsigned char FAR *beg; /* inflate()'s initial strm->next_out */
+ unsigned char FAR *end; /* while out < end, enough space available */
+#ifdef INFLATE_STRICT
+ unsigned dmax; /* maximum distance from zlib header */
+#endif
+ unsigned wsize; /* window size or zero if not using window */
+ unsigned whave; /* valid bytes in the window */
+ unsigned wnext; /* window write index */
+ unsigned char FAR *window; /* allocated sliding window, if wsize != 0 */
+ unsigned long hold; /* local strm->hold */
+ unsigned bits; /* local strm->bits */
+ code const FAR *lcode; /* local strm->lencode */
+ code const FAR *dcode; /* local strm->distcode */
+ unsigned lmask; /* mask for first level of length codes */
+ unsigned dmask; /* mask for first level of distance codes */
+ code here; /* retrieved table entry */
+ unsigned op; /* code bits, operation, extra bits, or */
+ /* window position, window bytes to copy */
+ unsigned len; /* match length, unused bytes */
+ unsigned dist; /* match distance */
+ unsigned char FAR *from; /* where to copy match from */
+
+ /* copy state to local variables */
+ state = (struct inflate_state FAR *)strm->state;
+ in = strm->next_in - OFF;
+ last = in + (strm->avail_in - 5);
+ out = strm->next_out - OFF;
+ beg = out - (start - strm->avail_out);
+ end = out + (strm->avail_out - 257);
+#ifdef INFLATE_STRICT
+ dmax = state->dmax;
+#endif
+ wsize = state->wsize;
+ whave = state->whave;
+ wnext = state->wnext;
+ window = state->window;
+ hold = state->hold;
+ bits = state->bits;
+ lcode = state->lencode;
+ dcode = state->distcode;
+ lmask = (1U << state->lenbits) - 1;
+ dmask = (1U << state->distbits) - 1;
+
+ /* decode literals and length/distances until end-of-block or not enough
+ input data or output space */
+ do {
+ if (bits < 15) {
+ hold += (unsigned long)(PUP(in)) << bits;
+ bits += 8;
+ hold += (unsigned long)(PUP(in)) << bits;
+ bits += 8;
+ }
+ here = lcode[hold & lmask];
+ dolen:
+ op = (unsigned)(here.bits);
+ hold >>= op;
+ bits -= op;
+ op = (unsigned)(here.op);
+ if (op == 0) { /* literal */
+ Tracevv((stderr, here.val >= 0x20 && here.val < 0x7f ?
+ "inflate: literal '%c'\n" :
+ "inflate: literal 0x%02x\n", here.val));
+ PUP(out) = (unsigned char)(here.val);
+ }
+ else if (op & 16) { /* length base */
+ len = (unsigned)(here.val);
+ op &= 15; /* number of extra bits */
+ if (op) {
+ if (bits < op) {
+ hold += (unsigned long)(PUP(in)) << bits;
+ bits += 8;
+ }
+ len += (unsigned)hold & ((1U << op) - 1);
+ hold >>= op;
+ bits -= op;
+ }
+ Tracevv((stderr, "inflate: length %u\n", len));
+ if (bits < 15) {
+ hold += (unsigned long)(PUP(in)) << bits;
+ bits += 8;
+ hold += (unsigned long)(PUP(in)) << bits;
+ bits += 8;
+ }
+ here = dcode[hold & dmask];
+ dodist:
+ op = (unsigned)(here.bits);
+ hold >>= op;
+ bits -= op;
+ op = (unsigned)(here.op);
+ if (op & 16) { /* distance base */
+ dist = (unsigned)(here.val);
+ op &= 15; /* number of extra bits */
+ if (bits < op) {
+ hold += (unsigned long)(PUP(in)) << bits;
+ bits += 8;
+ if (bits < op) {
+ hold += (unsigned long)(PUP(in)) << bits;
+ bits += 8;
+ }
+ }
+ dist += (unsigned)hold & ((1U << op) - 1);
+#ifdef INFLATE_STRICT
+ if (dist > dmax) {
+ strm->msg = (char *)"invalid distance too far back";
+ state->mode = BAD;
+ break;
+ }
+#endif
+ hold >>= op;
+ bits -= op;
+ Tracevv((stderr, "inflate: distance %u\n", dist));
+ op = (unsigned)(out - beg); /* max distance in output */
+ if (dist > op) { /* see if copy from window */
+ op = dist - op; /* distance back in window */
+ if (op > whave) {
+ if (state->sane) {
+ strm->msg =
+ (char *)"invalid distance too far back";
+ state->mode = BAD;
+ break;
+ }
+#ifdef INFLATE_ALLOW_INVALID_DISTANCE_TOOFAR_ARRR
+ if (len <= op - whave) {
+ do {
+ PUP(out) = 0;
+ } while (--len);
+ continue;
+ }
+ len -= op - whave;
+ do {
+ PUP(out) = 0;
+ } while (--op > whave);
+ if (op == 0) {
+ from = out - dist;
+ do {
+ PUP(out) = PUP(from);
+ } while (--len);
+ continue;
+ }
+#endif
+ }
+ from = window - OFF;
+ if (wnext == 0) { /* very common case */
+ from += wsize - op;
+ if (op < len) { /* some from window */
+ len -= op;
+ do {
+ PUP(out) = PUP(from);
+ } while (--op);
+ from = out - dist; /* rest from output */
+ }
+ }
+ else if (wnext < op) { /* wrap around window */
+ from += wsize + wnext - op;
+ op -= wnext;
+ if (op < len) { /* some from end of window */
+ len -= op;
+ do {
+ PUP(out) = PUP(from);
+ } while (--op);
+ from = window - OFF;
+ if (wnext < len) { /* some from start of window */
+ op = wnext;
+ len -= op;
+ do {
+ PUP(out) = PUP(from);
+ } while (--op);
+ from = out - dist; /* rest from output */
+ }
+ }
+ }
+ else { /* contiguous in window */
+ from += wnext - op;
+ if (op < len) { /* some from window */
+ len -= op;
+ do {
+ PUP(out) = PUP(from);
+ } while (--op);
+ from = out - dist; /* rest from output */
+ }
+ }
+ while (len > 2) {
+ PUP(out) = PUP(from);
+ PUP(out) = PUP(from);
+ PUP(out) = PUP(from);
+ len -= 3;
+ }
+ if (len) {
+ PUP(out) = PUP(from);
+ if (len > 1)
+ PUP(out) = PUP(from);
+ }
+ }
+ else {
+ from = out - dist; /* copy direct from output */
+ do { /* minimum length is three */
+ PUP(out) = PUP(from);
+ PUP(out) = PUP(from);
+ PUP(out) = PUP(from);
+ len -= 3;
+ } while (len > 2);
+ if (len) {
+ PUP(out) = PUP(from);
+ if (len > 1)
+ PUP(out) = PUP(from);
+ }
+ }
+ }
+ else if ((op & 64) == 0) { /* 2nd level distance code */
+ here = dcode[here.val + (hold & ((1U << op) - 1))];
+ goto dodist;
+ }
+ else {
+ strm->msg = (char *)"invalid distance code";
+ state->mode = BAD;
+ break;
+ }
+ }
+ else if ((op & 64) == 0) { /* 2nd level length code */
+ here = lcode[here.val + (hold & ((1U << op) - 1))];
+ goto dolen;
+ }
+ else if (op & 32) { /* end-of-block */
+ Tracevv((stderr, "inflate: end of block\n"));
+ state->mode = TYPE;
+ break;
+ }
+ else {
+ strm->msg = (char *)"invalid literal/length code";
+ state->mode = BAD;
+ break;
+ }
+ } while (in < last && out < end);
+
+ /* return unused bytes (on entry, bits < 8, so in won't go too far back) */
+ len = bits >> 3;
+ in -= len;
+ bits -= len << 3;
+ hold &= (1U << bits) - 1;
+
+ /* update state and return */
+ strm->next_in = in + OFF;
+ strm->next_out = out + OFF;
+ strm->avail_in = (unsigned)(in < last ? 5 + (last - in) : 5 - (in - last));
+ strm->avail_out = (unsigned)(out < end ?
+ 257 + (end - out) : 257 - (out - end));
+ state->hold = hold;
+ state->bits = bits;
+ return;
+}
+
+/*
+ inflate_fast() speedups that turned out slower (on a PowerPC G3 750CXe):
+ - Using bit fields for code structure
+ - Different op definition to avoid & for extra bits (do & for table bits)
+ - Three separate decoding do-loops for direct, window, and wnext == 0
+ - Special case for distance > 1 copies to do overlapped load and store copy
+ - Explicit branch predictions (based on measured branch probabilities)
+ - Deferring match copy and interspersed it with decoding subsequent codes
+ - Swapping literal/length else
+ - Swapping window/direct else
+ - Larger unrolled copy loops (three is about right)
+ - Moving len -= 3 statement into middle of loop
+ */
+
+#endif /* !ASMINF */
Added: trunk/contrib/sudo/zlib/inffast.h
===================================================================
--- trunk/contrib/sudo/zlib/inffast.h (rev 0)
+++ trunk/contrib/sudo/zlib/inffast.h 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,11 @@
+/* inffast.h -- header to use inffast.c
+ * Copyright (C) 1995-2003, 2010 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/* WARNING: this file should *not* be used by applications. It is
+ part of the implementation of the compression library and is
+ subject to change. Applications should only use zlib.h.
+ */
+
+void ZLIB_INTERNAL inflate_fast OF((z_streamp strm, unsigned start));
Added: trunk/contrib/sudo/zlib/inffixed.h
===================================================================
--- trunk/contrib/sudo/zlib/inffixed.h (rev 0)
+++ trunk/contrib/sudo/zlib/inffixed.h 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,94 @@
+ /* inffixed.h -- table for decoding fixed codes
+ * Generated automatically by makefixed().
+ */
+
+ /* WARNING: this file should *not* be used by applications. It
+ is part of the implementation of the compression library and
+ is subject to change. Applications should only use zlib.h.
+ */
+
+ static const code lenfix[512] = {
+ {96,7,0},{0,8,80},{0,8,16},{20,8,115},{18,7,31},{0,8,112},{0,8,48},
+ {0,9,192},{16,7,10},{0,8,96},{0,8,32},{0,9,160},{0,8,0},{0,8,128},
+ {0,8,64},{0,9,224},{16,7,6},{0,8,88},{0,8,24},{0,9,144},{19,7,59},
+ {0,8,120},{0,8,56},{0,9,208},{17,7,17},{0,8,104},{0,8,40},{0,9,176},
+ {0,8,8},{0,8,136},{0,8,72},{0,9,240},{16,7,4},{0,8,84},{0,8,20},
+ {21,8,227},{19,7,43},{0,8,116},{0,8,52},{0,9,200},{17,7,13},{0,8,100},
+ {0,8,36},{0,9,168},{0,8,4},{0,8,132},{0,8,68},{0,9,232},{16,7,8},
+ {0,8,92},{0,8,28},{0,9,152},{20,7,83},{0,8,124},{0,8,60},{0,9,216},
+ {18,7,23},{0,8,108},{0,8,44},{0,9,184},{0,8,12},{0,8,140},{0,8,76},
+ {0,9,248},{16,7,3},{0,8,82},{0,8,18},{21,8,163},{19,7,35},{0,8,114},
+ {0,8,50},{0,9,196},{17,7,11},{0,8,98},{0,8,34},{0,9,164},{0,8,2},
+ {0,8,130},{0,8,66},{0,9,228},{16,7,7},{0,8,90},{0,8,26},{0,9,148},
+ {20,7,67},{0,8,122},{0,8,58},{0,9,212},{18,7,19},{0,8,106},{0,8,42},
+ {0,9,180},{0,8,10},{0,8,138},{0,8,74},{0,9,244},{16,7,5},{0,8,86},
+ {0,8,22},{64,8,0},{19,7,51},{0,8,118},{0,8,54},{0,9,204},{17,7,15},
+ {0,8,102},{0,8,38},{0,9,172},{0,8,6},{0,8,134},{0,8,70},{0,9,236},
+ {16,7,9},{0,8,94},{0,8,30},{0,9,156},{20,7,99},{0,8,126},{0,8,62},
+ {0,9,220},{18,7,27},{0,8,110},{0,8,46},{0,9,188},{0,8,14},{0,8,142},
+ {0,8,78},{0,9,252},{96,7,0},{0,8,81},{0,8,17},{21,8,131},{18,7,31},
+ {0,8,113},{0,8,49},{0,9,194},{16,7,10},{0,8,97},{0,8,33},{0,9,162},
+ {0,8,1},{0,8,129},{0,8,65},{0,9,226},{16,7,6},{0,8,89},{0,8,25},
+ {0,9,146},{19,7,59},{0,8,121},{0,8,57},{0,9,210},{17,7,17},{0,8,105},
+ {0,8,41},{0,9,178},{0,8,9},{0,8,137},{0,8,73},{0,9,242},{16,7,4},
+ {0,8,85},{0,8,21},{16,8,258},{19,7,43},{0,8,117},{0,8,53},{0,9,202},
+ {17,7,13},{0,8,101},{0,8,37},{0,9,170},{0,8,5},{0,8,133},{0,8,69},
+ {0,9,234},{16,7,8},{0,8,93},{0,8,29},{0,9,154},{20,7,83},{0,8,125},
+ {0,8,61},{0,9,218},{18,7,23},{0,8,109},{0,8,45},{0,9,186},{0,8,13},
+ {0,8,141},{0,8,77},{0,9,250},{16,7,3},{0,8,83},{0,8,19},{21,8,195},
+ {19,7,35},{0,8,115},{0,8,51},{0,9,198},{17,7,11},{0,8,99},{0,8,35},
+ {0,9,166},{0,8,3},{0,8,131},{0,8,67},{0,9,230},{16,7,7},{0,8,91},
+ {0,8,27},{0,9,150},{20,7,67},{0,8,123},{0,8,59},{0,9,214},{18,7,19},
+ {0,8,107},{0,8,43},{0,9,182},{0,8,11},{0,8,139},{0,8,75},{0,9,246},
+ {16,7,5},{0,8,87},{0,8,23},{64,8,0},{19,7,51},{0,8,119},{0,8,55},
+ {0,9,206},{17,7,15},{0,8,103},{0,8,39},{0,9,174},{0,8,7},{0,8,135},
+ {0,8,71},{0,9,238},{16,7,9},{0,8,95},{0,8,31},{0,9,158},{20,7,99},
+ {0,8,127},{0,8,63},{0,9,222},{18,7,27},{0,8,111},{0,8,47},{0,9,190},
+ {0,8,15},{0,8,143},{0,8,79},{0,9,254},{96,7,0},{0,8,80},{0,8,16},
+ {20,8,115},{18,7,31},{0,8,112},{0,8,48},{0,9,193},{16,7,10},{0,8,96},
+ {0,8,32},{0,9,161},{0,8,0},{0,8,128},{0,8,64},{0,9,225},{16,7,6},
+ {0,8,88},{0,8,24},{0,9,145},{19,7,59},{0,8,120},{0,8,56},{0,9,209},
+ {17,7,17},{0,8,104},{0,8,40},{0,9,177},{0,8,8},{0,8,136},{0,8,72},
+ {0,9,241},{16,7,4},{0,8,84},{0,8,20},{21,8,227},{19,7,43},{0,8,116},
+ {0,8,52},{0,9,201},{17,7,13},{0,8,100},{0,8,36},{0,9,169},{0,8,4},
+ {0,8,132},{0,8,68},{0,9,233},{16,7,8},{0,8,92},{0,8,28},{0,9,153},
+ {20,7,83},{0,8,124},{0,8,60},{0,9,217},{18,7,23},{0,8,108},{0,8,44},
+ {0,9,185},{0,8,12},{0,8,140},{0,8,76},{0,9,249},{16,7,3},{0,8,82},
+ {0,8,18},{21,8,163},{19,7,35},{0,8,114},{0,8,50},{0,9,197},{17,7,11},
+ {0,8,98},{0,8,34},{0,9,165},{0,8,2},{0,8,130},{0,8,66},{0,9,229},
+ {16,7,7},{0,8,90},{0,8,26},{0,9,149},{20,7,67},{0,8,122},{0,8,58},
+ {0,9,213},{18,7,19},{0,8,106},{0,8,42},{0,9,181},{0,8,10},{0,8,138},
+ {0,8,74},{0,9,245},{16,7,5},{0,8,86},{0,8,22},{64,8,0},{19,7,51},
+ {0,8,118},{0,8,54},{0,9,205},{17,7,15},{0,8,102},{0,8,38},{0,9,173},
+ {0,8,6},{0,8,134},{0,8,70},{0,9,237},{16,7,9},{0,8,94},{0,8,30},
+ {0,9,157},{20,7,99},{0,8,126},{0,8,62},{0,9,221},{18,7,27},{0,8,110},
+ {0,8,46},{0,9,189},{0,8,14},{0,8,142},{0,8,78},{0,9,253},{96,7,0},
+ {0,8,81},{0,8,17},{21,8,131},{18,7,31},{0,8,113},{0,8,49},{0,9,195},
+ {16,7,10},{0,8,97},{0,8,33},{0,9,163},{0,8,1},{0,8,129},{0,8,65},
+ {0,9,227},{16,7,6},{0,8,89},{0,8,25},{0,9,147},{19,7,59},{0,8,121},
+ {0,8,57},{0,9,211},{17,7,17},{0,8,105},{0,8,41},{0,9,179},{0,8,9},
+ {0,8,137},{0,8,73},{0,9,243},{16,7,4},{0,8,85},{0,8,21},{16,8,258},
+ {19,7,43},{0,8,117},{0,8,53},{0,9,203},{17,7,13},{0,8,101},{0,8,37},
+ {0,9,171},{0,8,5},{0,8,133},{0,8,69},{0,9,235},{16,7,8},{0,8,93},
+ {0,8,29},{0,9,155},{20,7,83},{0,8,125},{0,8,61},{0,9,219},{18,7,23},
+ {0,8,109},{0,8,45},{0,9,187},{0,8,13},{0,8,141},{0,8,77},{0,9,251},
+ {16,7,3},{0,8,83},{0,8,19},{21,8,195},{19,7,35},{0,8,115},{0,8,51},
+ {0,9,199},{17,7,11},{0,8,99},{0,8,35},{0,9,167},{0,8,3},{0,8,131},
+ {0,8,67},{0,9,231},{16,7,7},{0,8,91},{0,8,27},{0,9,151},{20,7,67},
+ {0,8,123},{0,8,59},{0,9,215},{18,7,19},{0,8,107},{0,8,43},{0,9,183},
+ {0,8,11},{0,8,139},{0,8,75},{0,9,247},{16,7,5},{0,8,87},{0,8,23},
+ {64,8,0},{19,7,51},{0,8,119},{0,8,55},{0,9,207},{17,7,15},{0,8,103},
+ {0,8,39},{0,9,175},{0,8,7},{0,8,135},{0,8,71},{0,9,239},{16,7,9},
+ {0,8,95},{0,8,31},{0,9,159},{20,7,99},{0,8,127},{0,8,63},{0,9,223},
+ {18,7,27},{0,8,111},{0,8,47},{0,9,191},{0,8,15},{0,8,143},{0,8,79},
+ {0,9,255}
+ };
+
+ static const code distfix[32] = {
+ {16,5,1},{23,5,257},{19,5,17},{27,5,4097},{17,5,5},{25,5,1025},
+ {21,5,65},{29,5,16385},{16,5,3},{24,5,513},{20,5,33},{28,5,8193},
+ {18,5,9},{26,5,2049},{22,5,129},{64,5,0},{16,5,2},{23,5,385},
+ {19,5,25},{27,5,6145},{17,5,7},{25,5,1537},{21,5,97},{29,5,24577},
+ {16,5,4},{24,5,769},{20,5,49},{28,5,12289},{18,5,13},{26,5,3073},
+ {22,5,193},{64,5,0}
+ };
Added: trunk/contrib/sudo/zlib/inflate.c
===================================================================
--- trunk/contrib/sudo/zlib/inflate.c (rev 0)
+++ trunk/contrib/sudo/zlib/inflate.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,1480 @@
+/* inflate.c -- zlib decompression
+ * Copyright (C) 1995-2010 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/*
+ * Change history:
+ *
+ * 1.2.beta0 24 Nov 2002
+ * - First version -- complete rewrite of inflate to simplify code, avoid
+ * creation of window when not needed, minimize use of window when it is
+ * needed, make inffast.c even faster, implement gzip decoding, and to
+ * improve code readability and style over the previous zlib inflate code
+ *
+ * 1.2.beta1 25 Nov 2002
+ * - Use pointers for available input and output checking in inffast.c
+ * - Remove input and output counters in inffast.c
+ * - Change inffast.c entry and loop from avail_in >= 7 to >= 6
+ * - Remove unnecessary second byte pull from length extra in inffast.c
+ * - Unroll direct copy to three copies per loop in inffast.c
+ *
+ * 1.2.beta2 4 Dec 2002
+ * - Change external routine names to reduce potential conflicts
+ * - Correct filename to inffixed.h for fixed tables in inflate.c
+ * - Make hbuf[] unsigned char to match parameter type in inflate.c
+ * - Change strm->next_out[-state->offset] to *(strm->next_out - state->offset)
+ * to avoid negation problem on Alphas (64 bit) in inflate.c
+ *
+ * 1.2.beta3 22 Dec 2002
+ * - Add comments on state->bits assertion in inffast.c
+ * - Add comments on op field in inftrees.h
+ * - Fix bug in reuse of allocated window after inflateReset()
+ * - Remove bit fields--back to byte structure for speed
+ * - Remove distance extra == 0 check in inflate_fast()--only helps for lengths
+ * - Change post-increments to pre-increments in inflate_fast(), PPC biased?
+ * - Add compile time option, POSTINC, to use post-increments instead (Intel?)
+ * - Make MATCH copy in inflate() much faster for when inflate_fast() not used
+ * - Use local copies of stream next and avail values, as well as local bit
+ * buffer and bit count in inflate()--for speed when inflate_fast() not used
+ *
+ * 1.2.beta4 1 Jan 2003
+ * - Split ptr - 257 statements in inflate_table() to avoid compiler warnings
+ * - Move a comment on output buffer sizes from inffast.c to inflate.c
+ * - Add comments in inffast.c to introduce the inflate_fast() routine
+ * - Rearrange window copies in inflate_fast() for speed and simplification
+ * - Unroll last copy for window match in inflate_fast()
+ * - Use local copies of window variables in inflate_fast() for speed
+ * - Pull out common wnext == 0 case for speed in inflate_fast()
+ * - Make op and len in inflate_fast() unsigned for consistency
+ * - Add FAR to lcode and dcode declarations in inflate_fast()
+ * - Simplified bad distance check in inflate_fast()
+ * - Added inflateBackInit(), inflateBack(), and inflateBackEnd() in new
+ * source file infback.c to provide a call-back interface to inflate for
+ * programs like gzip and unzip -- uses window as output buffer to avoid
+ * window copying
+ *
+ * 1.2.beta5 1 Jan 2003
+ * - Improved inflateBack() interface to allow the caller to provide initial
+ * input in strm.
+ * - Fixed stored blocks bug in inflateBack()
+ *
+ * 1.2.beta6 4 Jan 2003
+ * - Added comments in inffast.c on effectiveness of POSTINC
+ * - Typecasting all around to reduce compiler warnings
+ * - Changed loops from while (1) or do {} while (1) to for (;;), again to
+ * make compilers happy
+ * - Changed type of window in inflateBackInit() to unsigned char *
+ *
+ * 1.2.beta7 27 Jan 2003
+ * - Changed many types to unsigned or unsigned short to avoid warnings
+ * - Added inflateCopy() function
+ *
+ * 1.2.0 9 Mar 2003
+ * - Changed inflateBack() interface to provide separate opaque descriptors
+ * for the in() and out() functions
+ * - Changed inflateBack() argument and in_func typedef to swap the length
+ * and buffer address return values for the input function
+ * - Check next_in and next_out for Z_NULL on entry to inflate()
+ *
+ * The history for versions after 1.2.0 are in ChangeLog in zlib distribution.
+ */
+
+#include "zutil.h"
+#include "inftrees.h"
+#include "inflate.h"
+#include "inffast.h"
+
+#ifdef MAKEFIXED
+# ifndef BUILDFIXED
+# define BUILDFIXED
+# endif
+#endif
+
+/* function prototypes */
+local void fixedtables OF((struct inflate_state FAR *state));
+local int updatewindow OF((z_streamp strm, unsigned out));
+#ifdef BUILDFIXED
+ void makefixed OF((void));
+#endif
+local unsigned syncsearch OF((unsigned FAR *have, unsigned char FAR *buf,
+ unsigned len));
+
+int ZEXPORT inflateReset(strm)
+z_streamp strm;
+{
+ struct inflate_state FAR *state;
+
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+ strm->total_in = strm->total_out = state->total = 0;
+ strm->msg = Z_NULL;
+ strm->adler = 1; /* to support ill-conceived Java test suite */
+ state->mode = HEAD;
+ state->last = 0;
+ state->havedict = 0;
+ state->dmax = 32768U;
+ state->head = Z_NULL;
+ state->wsize = 0;
+ state->whave = 0;
+ state->wnext = 0;
+ state->hold = 0;
+ state->bits = 0;
+ state->lencode = state->distcode = state->next = state->codes;
+ state->sane = 1;
+ state->back = -1;
+ Tracev((stderr, "inflate: reset\n"));
+ return Z_OK;
+}
+
+int ZEXPORT inflateReset2(strm, windowBits)
+z_streamp strm;
+int windowBits;
+{
+ int wrap;
+ struct inflate_state FAR *state;
+
+ /* get the state */
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+
+ /* extract wrap request from windowBits parameter */
+ if (windowBits < 0) {
+ wrap = 0;
+ windowBits = -windowBits;
+ }
+ else {
+ wrap = (windowBits >> 4) + 1;
+#ifdef GUNZIP
+ if (windowBits < 48)
+ windowBits &= 15;
+#endif
+ }
+
+ /* set number of window bits, free window if different */
+ if (windowBits && (windowBits < 8 || windowBits > 15))
+ return Z_STREAM_ERROR;
+ if (state->window != Z_NULL && state->wbits != (unsigned)windowBits) {
+ ZFREE(strm, state->window);
+ state->window = Z_NULL;
+ }
+
+ /* update state and reset the rest of it */
+ state->wrap = wrap;
+ state->wbits = (unsigned)windowBits;
+ return inflateReset(strm);
+}
+
+int ZEXPORT inflateInit2_(strm, windowBits, version, stream_size)
+z_streamp strm;
+int windowBits;
+const char *version;
+int stream_size;
+{
+ int ret;
+ struct inflate_state FAR *state;
+
+ if (version == Z_NULL || version[0] != ZLIB_VERSION[0] ||
+ stream_size != (int)(sizeof(z_stream)))
+ return Z_VERSION_ERROR;
+ if (strm == Z_NULL) return Z_STREAM_ERROR;
+ strm->msg = Z_NULL; /* in case we return an error */
+ if (strm->zalloc == (alloc_func)0) {
+ strm->zalloc = zcalloc;
+ strm->opaque = (voidpf)0;
+ }
+ if (strm->zfree == (free_func)0) strm->zfree = zcfree;
+ state = (struct inflate_state FAR *)
+ ZALLOC(strm, 1, sizeof(struct inflate_state));
+ if (state == Z_NULL) return Z_MEM_ERROR;
+ Tracev((stderr, "inflate: allocated\n"));
+ strm->state = (struct internal_state FAR *)state;
+ state->window = Z_NULL;
+ ret = inflateReset2(strm, windowBits);
+ if (ret != Z_OK) {
+ ZFREE(strm, state);
+ strm->state = Z_NULL;
+ }
+ return ret;
+}
+
+int ZEXPORT inflateInit_(strm, version, stream_size)
+z_streamp strm;
+const char *version;
+int stream_size;
+{
+ return inflateInit2_(strm, DEF_WBITS, version, stream_size);
+}
+
+int ZEXPORT inflatePrime(strm, bits, value)
+z_streamp strm;
+int bits;
+int value;
+{
+ struct inflate_state FAR *state;
+
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+ if (bits < 0) {
+ state->hold = 0;
+ state->bits = 0;
+ return Z_OK;
+ }
+ if (bits > 16 || state->bits + bits > 32) return Z_STREAM_ERROR;
+ value &= (1L << bits) - 1;
+ state->hold += value << state->bits;
+ state->bits += bits;
+ return Z_OK;
+}
+
+/*
+ Return state with length and distance decoding tables and index sizes set to
+ fixed code decoding. Normally this returns fixed tables from inffixed.h.
+ If BUILDFIXED is defined, then instead this routine builds the tables the
+ first time it's called, and returns those tables the first time and
+ thereafter. This reduces the size of the code by about 2K bytes, in
+ exchange for a little execution time. However, BUILDFIXED should not be
+ used for threaded applications, since the rewriting of the tables and virgin
+ may not be thread-safe.
+ */
+local void fixedtables(state)
+struct inflate_state FAR *state;
+{
+#ifdef BUILDFIXED
+ static int virgin = 1;
+ static code *lenfix, *distfix;
+ static code fixed[544];
+
+ /* build fixed huffman tables if first call (may not be thread safe) */
+ if (virgin) {
+ unsigned sym, bits;
+ static code *next;
+
+ /* literal/length table */
+ sym = 0;
+ while (sym < 144) state->lens[sym++] = 8;
+ while (sym < 256) state->lens[sym++] = 9;
+ while (sym < 280) state->lens[sym++] = 7;
+ while (sym < 288) state->lens[sym++] = 8;
+ next = fixed;
+ lenfix = next;
+ bits = 9;
+ inflate_table(LENS, state->lens, 288, &(next), &(bits), state->work);
+
+ /* distance table */
+ sym = 0;
+ while (sym < 32) state->lens[sym++] = 5;
+ distfix = next;
+ bits = 5;
+ inflate_table(DISTS, state->lens, 32, &(next), &(bits), state->work);
+
+ /* do this just once */
+ virgin = 0;
+ }
+#else /* !BUILDFIXED */
+# include "inffixed.h"
+#endif /* BUILDFIXED */
+ state->lencode = lenfix;
+ state->lenbits = 9;
+ state->distcode = distfix;
+ state->distbits = 5;
+}
+
+#ifdef MAKEFIXED
+#include <stdio.h>
+
+/*
+ Write out the inffixed.h that is #include'd above. Defining MAKEFIXED also
+ defines BUILDFIXED, so the tables are built on the fly. makefixed() writes
+ those tables to stdout, which would be piped to inffixed.h. A small program
+ can simply call makefixed to do this:
+
+ void makefixed(void);
+
+ int main(void)
+ {
+ makefixed();
+ return 0;
+ }
+
+ Then that can be linked with zlib built with MAKEFIXED defined and run:
+
+ a.out > inffixed.h
+ */
+void makefixed()
+{
+ unsigned low, size;
+ struct inflate_state state;
+
+ fixedtables(&state);
+ puts(" /* inffixed.h -- table for decoding fixed codes");
+ puts(" * Generated automatically by makefixed().");
+ puts(" */");
+ puts("");
+ puts(" /* WARNING: this file should *not* be used by applications.");
+ puts(" It is part of the implementation of this library and is");
+ puts(" subject to change. Applications should only use zlib.h.");
+ puts(" */");
+ puts("");
+ size = 1U << 9;
+ printf(" static const code lenfix[%u] = {", size);
+ low = 0;
+ for (;;) {
+ if ((low % 7) == 0) printf("\n ");
+ printf("{%u,%u,%d}", state.lencode[low].op, state.lencode[low].bits,
+ state.lencode[low].val);
+ if (++low == size) break;
+ putchar(',');
+ }
+ puts("\n };");
+ size = 1U << 5;
+ printf("\n static const code distfix[%u] = {", size);
+ low = 0;
+ for (;;) {
+ if ((low % 6) == 0) printf("\n ");
+ printf("{%u,%u,%d}", state.distcode[low].op, state.distcode[low].bits,
+ state.distcode[low].val);
+ if (++low == size) break;
+ putchar(',');
+ }
+ puts("\n };");
+}
+#endif /* MAKEFIXED */
+
+/*
+ Update the window with the last wsize (normally 32K) bytes written before
+ returning. If window does not exist yet, create it. This is only called
+ when a window is already in use, or when output has been written during this
+ inflate call, but the end of the deflate stream has not been reached yet.
+ It is also called to create a window for dictionary data when a dictionary
+ is loaded.
+
+ Providing output buffers larger than 32K to inflate() should provide a speed
+ advantage, since only the last 32K of output is copied to the sliding window
+ upon return from inflate(), and since all distances after the first 32K of
+ output will fall in the output data, making match copies simpler and faster.
+ The advantage may be dependent on the size of the processor's data caches.
+ */
+local int updatewindow(strm, out)
+z_streamp strm;
+unsigned out;
+{
+ struct inflate_state FAR *state;
+ unsigned copy, dist;
+
+ state = (struct inflate_state FAR *)strm->state;
+
+ /* if it hasn't been done already, allocate space for the window */
+ if (state->window == Z_NULL) {
+ state->window = (unsigned char FAR *)
+ ZALLOC(strm, 1U << state->wbits,
+ sizeof(unsigned char));
+ if (state->window == Z_NULL) return 1;
+ }
+
+ /* if window not in use yet, initialize */
+ if (state->wsize == 0) {
+ state->wsize = 1U << state->wbits;
+ state->wnext = 0;
+ state->whave = 0;
+ }
+
+ /* copy state->wsize or less output bytes into the circular window */
+ copy = out - strm->avail_out;
+ if (copy >= state->wsize) {
+ zmemcpy(state->window, strm->next_out - state->wsize, state->wsize);
+ state->wnext = 0;
+ state->whave = state->wsize;
+ }
+ else {
+ dist = state->wsize - state->wnext;
+ if (dist > copy) dist = copy;
+ zmemcpy(state->window + state->wnext, strm->next_out - copy, dist);
+ copy -= dist;
+ if (copy) {
+ zmemcpy(state->window, strm->next_out - copy, copy);
+ state->wnext = copy;
+ state->whave = state->wsize;
+ }
+ else {
+ state->wnext += dist;
+ if (state->wnext == state->wsize) state->wnext = 0;
+ if (state->whave < state->wsize) state->whave += dist;
+ }
+ }
+ return 0;
+}
+
+/* Macros for inflate(): */
+
+/* check function to use adler32() for zlib or crc32() for gzip */
+#ifdef GUNZIP
+# define UPDATE(check, buf, len) \
+ (state->flags ? crc32(check, buf, len) : adler32(check, buf, len))
+#else
+# define UPDATE(check, buf, len) adler32(check, buf, len)
+#endif
+
+/* check macros for header crc */
+#ifdef GUNZIP
+# define CRC2(check, word) \
+ do { \
+ hbuf[0] = (unsigned char)(word); \
+ hbuf[1] = (unsigned char)((word) >> 8); \
+ check = crc32(check, hbuf, 2); \
+ } while (0)
+
+# define CRC4(check, word) \
+ do { \
+ hbuf[0] = (unsigned char)(word); \
+ hbuf[1] = (unsigned char)((word) >> 8); \
+ hbuf[2] = (unsigned char)((word) >> 16); \
+ hbuf[3] = (unsigned char)((word) >> 24); \
+ check = crc32(check, hbuf, 4); \
+ } while (0)
+#endif
+
+/* Load registers with state in inflate() for speed */
+#define LOAD() \
+ do { \
+ put = strm->next_out; \
+ left = strm->avail_out; \
+ next = strm->next_in; \
+ have = strm->avail_in; \
+ hold = state->hold; \
+ bits = state->bits; \
+ } while (0)
+
+/* Restore state from registers in inflate() */
+#define RESTORE() \
+ do { \
+ strm->next_out = put; \
+ strm->avail_out = left; \
+ strm->next_in = next; \
+ strm->avail_in = have; \
+ state->hold = hold; \
+ state->bits = bits; \
+ } while (0)
+
+/* Clear the input bit accumulator */
+#define INITBITS() \
+ do { \
+ hold = 0; \
+ bits = 0; \
+ } while (0)
+
+/* Get a byte of input into the bit accumulator, or return from inflate()
+ if there is no input available. */
+#define PULLBYTE() \
+ do { \
+ if (have == 0) goto inf_leave; \
+ have--; \
+ hold += (unsigned long)(*next++) << bits; \
+ bits += 8; \
+ } while (0)
+
+/* Assure that there are at least n bits in the bit accumulator. If there is
+ not enough available input to do that, then return from inflate(). */
+#define NEEDBITS(n) \
+ do { \
+ while (bits < (unsigned)(n)) \
+ PULLBYTE(); \
+ } while (0)
+
+/* Return the low n bits of the bit accumulator (n < 16) */
+#define BITS(n) \
+ ((unsigned)hold & ((1U << (n)) - 1))
+
+/* Remove n bits from the bit accumulator */
+#define DROPBITS(n) \
+ do { \
+ hold >>= (n); \
+ bits -= (unsigned)(n); \
+ } while (0)
+
+/* Remove zero to seven bits as needed to go to a byte boundary */
+#define BYTEBITS() \
+ do { \
+ hold >>= bits & 7; \
+ bits -= bits & 7; \
+ } while (0)
+
+/* Reverse the bytes in a 32-bit value */
+#define REVERSE(q) \
+ ((((q) >> 24) & 0xff) + (((q) >> 8) & 0xff00) + \
+ (((q) & 0xff00) << 8) + (((q) & 0xff) << 24))
+
+/*
+ inflate() uses a state machine to process as much input data and generate as
+ much output data as possible before returning. The state machine is
+ structured roughly as follows:
+
+ for (;;) switch (state) {
+ ...
+ case STATEn:
+ if (not enough input data or output space to make progress)
+ return;
+ ... make progress ...
+ state = STATEm;
+ break;
+ ...
+ }
+
+ so when inflate() is called again, the same case is attempted again, and
+ if the appropriate resources are provided, the machine proceeds to the
+ next state. The NEEDBITS() macro is usually the way the state evaluates
+ whether it can proceed or should return. NEEDBITS() does the return if
+ the requested bits are not available. The typical use of the BITS macros
+ is:
+
+ NEEDBITS(n);
+ ... do something with BITS(n) ...
+ DROPBITS(n);
+
+ where NEEDBITS(n) either returns from inflate() if there isn't enough
+ input left to load n bits into the accumulator, or it continues. BITS(n)
+ gives the low n bits in the accumulator. When done, DROPBITS(n) drops
+ the low n bits off the accumulator. INITBITS() clears the accumulator
+ and sets the number of available bits to zero. BYTEBITS() discards just
+ enough bits to put the accumulator on a byte boundary. After BYTEBITS()
+ and a NEEDBITS(8), then BITS(8) would return the next byte in the stream.
+
+ NEEDBITS(n) uses PULLBYTE() to get an available byte of input, or to return
+ if there is no input available. The decoding of variable length codes uses
+ PULLBYTE() directly in order to pull just enough bytes to decode the next
+ code, and no more.
+
+ Some states loop until they get enough input, making sure that enough
+ state information is maintained to continue the loop where it left off
+ if NEEDBITS() returns in the loop. For example, want, need, and keep
+ would all have to actually be part of the saved state in case NEEDBITS()
+ returns:
+
+ case STATEw:
+ while (want < need) {
+ NEEDBITS(n);
+ keep[want++] = BITS(n);
+ DROPBITS(n);
+ }
+ state = STATEx;
+ case STATEx:
+
+ As shown above, if the next state is also the next case, then the break
+ is omitted.
+
+ A state may also return if there is not enough output space available to
+ complete that state. Those states are copying stored data, writing a
+ literal byte, and copying a matching string.
+
+ When returning, a "goto inf_leave" is used to update the total counters,
+ update the check value, and determine whether any progress has been made
+ during that inflate() call in order to return the proper return code.
+ Progress is defined as a change in either strm->avail_in or strm->avail_out.
+ When there is a window, goto inf_leave will update the window with the last
+ output written. If a goto inf_leave occurs in the middle of decompression
+ and there is no window currently, goto inf_leave will create one and copy
+ output to the window for the next call of inflate().
+
+ In this implementation, the flush parameter of inflate() only affects the
+ return code (per zlib.h). inflate() always writes as much as possible to
+ strm->next_out, given the space available and the provided input--the effect
+ documented in zlib.h of Z_SYNC_FLUSH. Furthermore, inflate() always defers
+ the allocation of and copying into a sliding window until necessary, which
+ provides the effect documented in zlib.h for Z_FINISH when the entire input
+ stream available. So the only thing the flush parameter actually does is:
+ when flush is set to Z_FINISH, inflate() cannot return Z_OK. Instead it
+ will return Z_BUF_ERROR if it has not reached the end of the stream.
+ */
+
+int ZEXPORT inflate(strm, flush)
+z_streamp strm;
+int flush;
+{
+ struct inflate_state FAR *state;
+ unsigned char FAR *next; /* next input */
+ unsigned char FAR *put; /* next output */
+ unsigned have, left; /* available input and output */
+ unsigned long hold; /* bit buffer */
+ unsigned bits; /* bits in bit buffer */
+ unsigned in, out; /* save starting available input and output */
+ unsigned copy; /* number of stored or match bytes to copy */
+ unsigned char FAR *from; /* where to copy match bytes from */
+ code here; /* current decoding table entry */
+ code last; /* parent table entry */
+ unsigned len; /* length to copy for repeats, bits to drop */
+ int ret; /* return code */
+#ifdef GUNZIP
+ unsigned char hbuf[4]; /* buffer for gzip header crc calculation */
+#endif
+ static const unsigned short order[19] = /* permutation of code lengths */
+ {16, 17, 18, 0, 8, 7, 9, 6, 10, 5, 11, 4, 12, 3, 13, 2, 14, 1, 15};
+
+ if (strm == Z_NULL || strm->state == Z_NULL || strm->next_out == Z_NULL ||
+ (strm->next_in == Z_NULL && strm->avail_in != 0))
+ return Z_STREAM_ERROR;
+
+ state = (struct inflate_state FAR *)strm->state;
+ if (state->mode == TYPE) state->mode = TYPEDO; /* skip check */
+ LOAD();
+ in = have;
+ out = left;
+ ret = Z_OK;
+ for (;;)
+ switch (state->mode) {
+ case HEAD:
+ if (state->wrap == 0) {
+ state->mode = TYPEDO;
+ break;
+ }
+ NEEDBITS(16);
+#ifdef GUNZIP
+ if ((state->wrap & 2) && hold == 0x8b1f) { /* gzip header */
+ state->check = crc32(0L, Z_NULL, 0);
+ CRC2(state->check, hold);
+ INITBITS();
+ state->mode = FLAGS;
+ break;
+ }
+ state->flags = 0; /* expect zlib header */
+ if (state->head != Z_NULL)
+ state->head->done = -1;
+ if (!(state->wrap & 1) || /* check if zlib header allowed */
+#else
+ if (
+#endif
+ ((BITS(8) << 8) + (hold >> 8)) % 31) {
+ strm->msg = (char *)"incorrect header check";
+ state->mode = BAD;
+ break;
+ }
+ if (BITS(4) != Z_DEFLATED) {
+ strm->msg = (char *)"unknown compression method";
+ state->mode = BAD;
+ break;
+ }
+ DROPBITS(4);
+ len = BITS(4) + 8;
+ if (state->wbits == 0)
+ state->wbits = len;
+ else if (len > state->wbits) {
+ strm->msg = (char *)"invalid window size";
+ state->mode = BAD;
+ break;
+ }
+ state->dmax = 1U << len;
+ Tracev((stderr, "inflate: zlib header ok\n"));
+ strm->adler = state->check = adler32(0L, Z_NULL, 0);
+ state->mode = hold & 0x200 ? DICTID : TYPE;
+ INITBITS();
+ break;
+#ifdef GUNZIP
+ case FLAGS:
+ NEEDBITS(16);
+ state->flags = (int)(hold);
+ if ((state->flags & 0xff) != Z_DEFLATED) {
+ strm->msg = (char *)"unknown compression method";
+ state->mode = BAD;
+ break;
+ }
+ if (state->flags & 0xe000) {
+ strm->msg = (char *)"unknown header flags set";
+ state->mode = BAD;
+ break;
+ }
+ if (state->head != Z_NULL)
+ state->head->text = (int)((hold >> 8) & 1);
+ if (state->flags & 0x0200) CRC2(state->check, hold);
+ INITBITS();
+ state->mode = TIME;
+ case TIME:
+ NEEDBITS(32);
+ if (state->head != Z_NULL)
+ state->head->time = hold;
+ if (state->flags & 0x0200) CRC4(state->check, hold);
+ INITBITS();
+ state->mode = OS;
+ case OS:
+ NEEDBITS(16);
+ if (state->head != Z_NULL) {
+ state->head->xflags = (int)(hold & 0xff);
+ state->head->os = (int)(hold >> 8);
+ }
+ if (state->flags & 0x0200) CRC2(state->check, hold);
+ INITBITS();
+ state->mode = EXLEN;
+ case EXLEN:
+ if (state->flags & 0x0400) {
+ NEEDBITS(16);
+ state->length = (unsigned)(hold);
+ if (state->head != Z_NULL)
+ state->head->extra_len = (unsigned)hold;
+ if (state->flags & 0x0200) CRC2(state->check, hold);
+ INITBITS();
+ }
+ else if (state->head != Z_NULL)
+ state->head->extra = Z_NULL;
+ state->mode = EXTRA;
+ case EXTRA:
+ if (state->flags & 0x0400) {
+ copy = state->length;
+ if (copy > have) copy = have;
+ if (copy) {
+ if (state->head != Z_NULL &&
+ state->head->extra != Z_NULL) {
+ len = state->head->extra_len - state->length;
+ zmemcpy(state->head->extra + len, next,
+ len + copy > state->head->extra_max ?
+ state->head->extra_max - len : copy);
+ }
+ if (state->flags & 0x0200)
+ state->check = crc32(state->check, next, copy);
+ have -= copy;
+ next += copy;
+ state->length -= copy;
+ }
+ if (state->length) goto inf_leave;
+ }
+ state->length = 0;
+ state->mode = NAME;
+ case NAME:
+ if (state->flags & 0x0800) {
+ if (have == 0) goto inf_leave;
+ copy = 0;
+ do {
+ len = (unsigned)(next[copy++]);
+ if (state->head != Z_NULL &&
+ state->head->name != Z_NULL &&
+ state->length < state->head->name_max)
+ state->head->name[state->length++] = len;
+ } while (len && copy < have);
+ if (state->flags & 0x0200)
+ state->check = crc32(state->check, next, copy);
+ have -= copy;
+ next += copy;
+ if (len) goto inf_leave;
+ }
+ else if (state->head != Z_NULL)
+ state->head->name = Z_NULL;
+ state->length = 0;
+ state->mode = COMMENT;
+ case COMMENT:
+ if (state->flags & 0x1000) {
+ if (have == 0) goto inf_leave;
+ copy = 0;
+ do {
+ len = (unsigned)(next[copy++]);
+ if (state->head != Z_NULL &&
+ state->head->comment != Z_NULL &&
+ state->length < state->head->comm_max)
+ state->head->comment[state->length++] = len;
+ } while (len && copy < have);
+ if (state->flags & 0x0200)
+ state->check = crc32(state->check, next, copy);
+ have -= copy;
+ next += copy;
+ if (len) goto inf_leave;
+ }
+ else if (state->head != Z_NULL)
+ state->head->comment = Z_NULL;
+ state->mode = HCRC;
+ case HCRC:
+ if (state->flags & 0x0200) {
+ NEEDBITS(16);
+ if (hold != (state->check & 0xffff)) {
+ strm->msg = (char *)"header crc mismatch";
+ state->mode = BAD;
+ break;
+ }
+ INITBITS();
+ }
+ if (state->head != Z_NULL) {
+ state->head->hcrc = (int)((state->flags >> 9) & 1);
+ state->head->done = 1;
+ }
+ strm->adler = state->check = crc32(0L, Z_NULL, 0);
+ state->mode = TYPE;
+ break;
+#endif
+ case DICTID:
+ NEEDBITS(32);
+ strm->adler = state->check = REVERSE(hold);
+ INITBITS();
+ state->mode = DICT;
+ case DICT:
+ if (state->havedict == 0) {
+ RESTORE();
+ return Z_NEED_DICT;
+ }
+ strm->adler = state->check = adler32(0L, Z_NULL, 0);
+ state->mode = TYPE;
+ case TYPE:
+ if (flush == Z_BLOCK || flush == Z_TREES) goto inf_leave;
+ case TYPEDO:
+ if (state->last) {
+ BYTEBITS();
+ state->mode = CHECK;
+ break;
+ }
+ NEEDBITS(3);
+ state->last = BITS(1);
+ DROPBITS(1);
+ switch (BITS(2)) {
+ case 0: /* stored block */
+ Tracev((stderr, "inflate: stored block%s\n",
+ state->last ? " (last)" : ""));
+ state->mode = STORED;
+ break;
+ case 1: /* fixed block */
+ fixedtables(state);
+ Tracev((stderr, "inflate: fixed codes block%s\n",
+ state->last ? " (last)" : ""));
+ state->mode = LEN_; /* decode codes */
+ if (flush == Z_TREES) {
+ DROPBITS(2);
+ goto inf_leave;
+ }
+ break;
+ case 2: /* dynamic block */
+ Tracev((stderr, "inflate: dynamic codes block%s\n",
+ state->last ? " (last)" : ""));
+ state->mode = TABLE;
+ break;
+ case 3:
+ strm->msg = (char *)"invalid block type";
+ state->mode = BAD;
+ }
+ DROPBITS(2);
+ break;
+ case STORED:
+ BYTEBITS(); /* go to byte boundary */
+ NEEDBITS(32);
+ if ((hold & 0xffff) != ((hold >> 16) ^ 0xffff)) {
+ strm->msg = (char *)"invalid stored block lengths";
+ state->mode = BAD;
+ break;
+ }
+ state->length = (unsigned)hold & 0xffff;
+ Tracev((stderr, "inflate: stored length %u\n",
+ state->length));
+ INITBITS();
+ state->mode = COPY_;
+ if (flush == Z_TREES) goto inf_leave;
+ case COPY_:
+ state->mode = COPY;
+ case COPY:
+ copy = state->length;
+ if (copy) {
+ if (copy > have) copy = have;
+ if (copy > left) copy = left;
+ if (copy == 0) goto inf_leave;
+ zmemcpy(put, next, copy);
+ have -= copy;
+ next += copy;
+ left -= copy;
+ put += copy;
+ state->length -= copy;
+ break;
+ }
+ Tracev((stderr, "inflate: stored end\n"));
+ state->mode = TYPE;
+ break;
+ case TABLE:
+ NEEDBITS(14);
+ state->nlen = BITS(5) + 257;
+ DROPBITS(5);
+ state->ndist = BITS(5) + 1;
+ DROPBITS(5);
+ state->ncode = BITS(4) + 4;
+ DROPBITS(4);
+#ifndef PKZIP_BUG_WORKAROUND
+ if (state->nlen > 286 || state->ndist > 30) {
+ strm->msg = (char *)"too many length or distance symbols";
+ state->mode = BAD;
+ break;
+ }
+#endif
+ Tracev((stderr, "inflate: table sizes ok\n"));
+ state->have = 0;
+ state->mode = LENLENS;
+ case LENLENS:
+ while (state->have < state->ncode) {
+ NEEDBITS(3);
+ state->lens[order[state->have++]] = (unsigned short)BITS(3);
+ DROPBITS(3);
+ }
+ while (state->have < 19)
+ state->lens[order[state->have++]] = 0;
+ state->next = state->codes;
+ state->lencode = (code const FAR *)(state->next);
+ state->lenbits = 7;
+ ret = inflate_table(CODES, state->lens, 19, &(state->next),
+ &(state->lenbits), state->work);
+ if (ret) {
+ strm->msg = (char *)"invalid code lengths set";
+ state->mode = BAD;
+ break;
+ }
+ Tracev((stderr, "inflate: code lengths ok\n"));
+ state->have = 0;
+ state->mode = CODELENS;
+ case CODELENS:
+ while (state->have < state->nlen + state->ndist) {
+ for (;;) {
+ here = state->lencode[BITS(state->lenbits)];
+ if ((unsigned)(here.bits) <= bits) break;
+ PULLBYTE();
+ }
+ if (here.val < 16) {
+ NEEDBITS(here.bits);
+ DROPBITS(here.bits);
+ state->lens[state->have++] = here.val;
+ }
+ else {
+ if (here.val == 16) {
+ NEEDBITS(here.bits + 2);
+ DROPBITS(here.bits);
+ if (state->have == 0) {
+ strm->msg = (char *)"invalid bit length repeat";
+ state->mode = BAD;
+ break;
+ }
+ len = state->lens[state->have - 1];
+ copy = 3 + BITS(2);
+ DROPBITS(2);
+ }
+ else if (here.val == 17) {
+ NEEDBITS(here.bits + 3);
+ DROPBITS(here.bits);
+ len = 0;
+ copy = 3 + BITS(3);
+ DROPBITS(3);
+ }
+ else {
+ NEEDBITS(here.bits + 7);
+ DROPBITS(here.bits);
+ len = 0;
+ copy = 11 + BITS(7);
+ DROPBITS(7);
+ }
+ if (state->have + copy > state->nlen + state->ndist) {
+ strm->msg = (char *)"invalid bit length repeat";
+ state->mode = BAD;
+ break;
+ }
+ while (copy--)
+ state->lens[state->have++] = (unsigned short)len;
+ }
+ }
+
+ /* handle error breaks in while */
+ if (state->mode == BAD) break;
+
+ /* check for end-of-block code (better have one) */
+ if (state->lens[256] == 0) {
+ strm->msg = (char *)"invalid code -- missing end-of-block";
+ state->mode = BAD;
+ break;
+ }
+
+ /* build code tables -- note: do not change the lenbits or distbits
+ values here (9 and 6) without reading the comments in inftrees.h
+ concerning the ENOUGH constants, which depend on those values */
+ state->next = state->codes;
+ state->lencode = (code const FAR *)(state->next);
+ state->lenbits = 9;
+ ret = inflate_table(LENS, state->lens, state->nlen, &(state->next),
+ &(state->lenbits), state->work);
+ if (ret) {
+ strm->msg = (char *)"invalid literal/lengths set";
+ state->mode = BAD;
+ break;
+ }
+ state->distcode = (code const FAR *)(state->next);
+ state->distbits = 6;
+ ret = inflate_table(DISTS, state->lens + state->nlen, state->ndist,
+ &(state->next), &(state->distbits), state->work);
+ if (ret) {
+ strm->msg = (char *)"invalid distances set";
+ state->mode = BAD;
+ break;
+ }
+ Tracev((stderr, "inflate: codes ok\n"));
+ state->mode = LEN_;
+ if (flush == Z_TREES) goto inf_leave;
+ case LEN_:
+ state->mode = LEN;
+ case LEN:
+ if (have >= 6 && left >= 258) {
+ RESTORE();
+ inflate_fast(strm, out);
+ LOAD();
+ if (state->mode == TYPE)
+ state->back = -1;
+ break;
+ }
+ state->back = 0;
+ for (;;) {
+ here = state->lencode[BITS(state->lenbits)];
+ if ((unsigned)(here.bits) <= bits) break;
+ PULLBYTE();
+ }
+ if (here.op && (here.op & 0xf0) == 0) {
+ last = here;
+ for (;;) {
+ here = state->lencode[last.val +
+ (BITS(last.bits + last.op) >> last.bits)];
+ if ((unsigned)(last.bits + here.bits) <= bits) break;
+ PULLBYTE();
+ }
+ DROPBITS(last.bits);
+ state->back += last.bits;
+ }
+ DROPBITS(here.bits);
+ state->back += here.bits;
+ state->length = (unsigned)here.val;
+ if ((int)(here.op) == 0) {
+ Tracevv((stderr, here.val >= 0x20 && here.val < 0x7f ?
+ "inflate: literal '%c'\n" :
+ "inflate: literal 0x%02x\n", here.val));
+ state->mode = LIT;
+ break;
+ }
+ if (here.op & 32) {
+ Tracevv((stderr, "inflate: end of block\n"));
+ state->back = -1;
+ state->mode = TYPE;
+ break;
+ }
+ if (here.op & 64) {
+ strm->msg = (char *)"invalid literal/length code";
+ state->mode = BAD;
+ break;
+ }
+ state->extra = (unsigned)(here.op) & 15;
+ state->mode = LENEXT;
+ case LENEXT:
+ if (state->extra) {
+ NEEDBITS(state->extra);
+ state->length += BITS(state->extra);
+ DROPBITS(state->extra);
+ state->back += state->extra;
+ }
+ Tracevv((stderr, "inflate: length %u\n", state->length));
+ state->was = state->length;
+ state->mode = DIST;
+ case DIST:
+ for (;;) {
+ here = state->distcode[BITS(state->distbits)];
+ if ((unsigned)(here.bits) <= bits) break;
+ PULLBYTE();
+ }
+ if ((here.op & 0xf0) == 0) {
+ last = here;
+ for (;;) {
+ here = state->distcode[last.val +
+ (BITS(last.bits + last.op) >> last.bits)];
+ if ((unsigned)(last.bits + here.bits) <= bits) break;
+ PULLBYTE();
+ }
+ DROPBITS(last.bits);
+ state->back += last.bits;
+ }
+ DROPBITS(here.bits);
+ state->back += here.bits;
+ if (here.op & 64) {
+ strm->msg = (char *)"invalid distance code";
+ state->mode = BAD;
+ break;
+ }
+ state->offset = (unsigned)here.val;
+ state->extra = (unsigned)(here.op) & 15;
+ state->mode = DISTEXT;
+ case DISTEXT:
+ if (state->extra) {
+ NEEDBITS(state->extra);
+ state->offset += BITS(state->extra);
+ DROPBITS(state->extra);
+ state->back += state->extra;
+ }
+#ifdef INFLATE_STRICT
+ if (state->offset > state->dmax) {
+ strm->msg = (char *)"invalid distance too far back";
+ state->mode = BAD;
+ break;
+ }
+#endif
+ Tracevv((stderr, "inflate: distance %u\n", state->offset));
+ state->mode = MATCH;
+ case MATCH:
+ if (left == 0) goto inf_leave;
+ copy = out - left;
+ if (state->offset > copy) { /* copy from window */
+ copy = state->offset - copy;
+ if (copy > state->whave) {
+ if (state->sane) {
+ strm->msg = (char *)"invalid distance too far back";
+ state->mode = BAD;
+ break;
+ }
+#ifdef INFLATE_ALLOW_INVALID_DISTANCE_TOOFAR_ARRR
+ Trace((stderr, "inflate.c too far\n"));
+ copy -= state->whave;
+ if (copy > state->length) copy = state->length;
+ if (copy > left) copy = left;
+ left -= copy;
+ state->length -= copy;
+ do {
+ *put++ = 0;
+ } while (--copy);
+ if (state->length == 0) state->mode = LEN;
+ break;
+#endif
+ }
+ if (copy > state->wnext) {
+ copy -= state->wnext;
+ from = state->window + (state->wsize - copy);
+ }
+ else
+ from = state->window + (state->wnext - copy);
+ if (copy > state->length) copy = state->length;
+ }
+ else { /* copy from output */
+ from = put - state->offset;
+ copy = state->length;
+ }
+ if (copy > left) copy = left;
+ left -= copy;
+ state->length -= copy;
+ do {
+ *put++ = *from++;
+ } while (--copy);
+ if (state->length == 0) state->mode = LEN;
+ break;
+ case LIT:
+ if (left == 0) goto inf_leave;
+ *put++ = (unsigned char)(state->length);
+ left--;
+ state->mode = LEN;
+ break;
+ case CHECK:
+ if (state->wrap) {
+ NEEDBITS(32);
+ out -= left;
+ strm->total_out += out;
+ state->total += out;
+ if (out)
+ strm->adler = state->check =
+ UPDATE(state->check, put - out, out);
+ out = left;
+ if ((
+#ifdef GUNZIP
+ state->flags ? hold :
+#endif
+ REVERSE(hold)) != state->check) {
+ strm->msg = (char *)"incorrect data check";
+ state->mode = BAD;
+ break;
+ }
+ INITBITS();
+ Tracev((stderr, "inflate: check matches trailer\n"));
+ }
+#ifdef GUNZIP
+ state->mode = LENGTH;
+ case LENGTH:
+ if (state->wrap && state->flags) {
+ NEEDBITS(32);
+ if (hold != (state->total & 0xffffffffUL)) {
+ strm->msg = (char *)"incorrect length check";
+ state->mode = BAD;
+ break;
+ }
+ INITBITS();
+ Tracev((stderr, "inflate: length matches trailer\n"));
+ }
+#endif
+ state->mode = DONE;
+ case DONE:
+ ret = Z_STREAM_END;
+ goto inf_leave;
+ case BAD:
+ ret = Z_DATA_ERROR;
+ goto inf_leave;
+ case MEM:
+ return Z_MEM_ERROR;
+ case SYNC:
+ default:
+ return Z_STREAM_ERROR;
+ }
+
+ /*
+ Return from inflate(), updating the total counts and the check value.
+ If there was no progress during the inflate() call, return a buffer
+ error. Call updatewindow() to create and/or update the window state.
+ Note: a memory error from inflate() is non-recoverable.
+ */
+ inf_leave:
+ RESTORE();
+ if (state->wsize || (state->mode < CHECK && out != strm->avail_out))
+ if (updatewindow(strm, out)) {
+ state->mode = MEM;
+ return Z_MEM_ERROR;
+ }
+ in -= strm->avail_in;
+ out -= strm->avail_out;
+ strm->total_in += in;
+ strm->total_out += out;
+ state->total += out;
+ if (state->wrap && out)
+ strm->adler = state->check =
+ UPDATE(state->check, strm->next_out - out, out);
+ strm->data_type = state->bits + (state->last ? 64 : 0) +
+ (state->mode == TYPE ? 128 : 0) +
+ (state->mode == LEN_ || state->mode == COPY_ ? 256 : 0);
+ if (((in == 0 && out == 0) || flush == Z_FINISH) && ret == Z_OK)
+ ret = Z_BUF_ERROR;
+ return ret;
+}
+
+int ZEXPORT inflateEnd(strm)
+z_streamp strm;
+{
+ struct inflate_state FAR *state;
+ if (strm == Z_NULL || strm->state == Z_NULL || strm->zfree == (free_func)0)
+ return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+ if (state->window != Z_NULL) ZFREE(strm, state->window);
+ ZFREE(strm, strm->state);
+ strm->state = Z_NULL;
+ Tracev((stderr, "inflate: end\n"));
+ return Z_OK;
+}
+
+int ZEXPORT inflateSetDictionary(strm, dictionary, dictLength)
+z_streamp strm;
+const Bytef *dictionary;
+uInt dictLength;
+{
+ struct inflate_state FAR *state;
+ unsigned long id;
+
+ /* check state */
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+ if (state->wrap != 0 && state->mode != DICT)
+ return Z_STREAM_ERROR;
+
+ /* check for correct dictionary id */
+ if (state->mode == DICT) {
+ id = adler32(0L, Z_NULL, 0);
+ id = adler32(id, dictionary, dictLength);
+ if (id != state->check)
+ return Z_DATA_ERROR;
+ }
+
+ /* copy dictionary to window */
+ if (updatewindow(strm, strm->avail_out)) {
+ state->mode = MEM;
+ return Z_MEM_ERROR;
+ }
+ if (dictLength > state->wsize) {
+ zmemcpy(state->window, dictionary + dictLength - state->wsize,
+ state->wsize);
+ state->whave = state->wsize;
+ }
+ else {
+ zmemcpy(state->window + state->wsize - dictLength, dictionary,
+ dictLength);
+ state->whave = dictLength;
+ }
+ state->havedict = 1;
+ Tracev((stderr, "inflate: dictionary set\n"));
+ return Z_OK;
+}
+
+int ZEXPORT inflateGetHeader(strm, head)
+z_streamp strm;
+gz_headerp head;
+{
+ struct inflate_state FAR *state;
+
+ /* check state */
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+ if ((state->wrap & 2) == 0) return Z_STREAM_ERROR;
+
+ /* save header structure */
+ state->head = head;
+ head->done = 0;
+ return Z_OK;
+}
+
+/*
+ Search buf[0..len-1] for the pattern: 0, 0, 0xff, 0xff. Return when found
+ or when out of input. When called, *have is the number of pattern bytes
+ found in order so far, in 0..3. On return *have is updated to the new
+ state. If on return *have equals four, then the pattern was found and the
+ return value is how many bytes were read including the last byte of the
+ pattern. If *have is less than four, then the pattern has not been found
+ yet and the return value is len. In the latter case, syncsearch() can be
+ called again with more data and the *have state. *have is initialized to
+ zero for the first call.
+ */
+local unsigned syncsearch(have, buf, len)
+unsigned FAR *have;
+unsigned char FAR *buf;
+unsigned len;
+{
+ unsigned got;
+ unsigned next;
+
+ got = *have;
+ next = 0;
+ while (next < len && got < 4) {
+ if ((int)(buf[next]) == (got < 2 ? 0 : 0xff))
+ got++;
+ else if (buf[next])
+ got = 0;
+ else
+ got = 4 - got;
+ next++;
+ }
+ *have = got;
+ return next;
+}
+
+int ZEXPORT inflateSync(strm)
+z_streamp strm;
+{
+ unsigned len; /* number of bytes to look at or looked at */
+ unsigned long in, out; /* temporary to save total_in and total_out */
+ unsigned char buf[4]; /* to restore bit buffer to byte string */
+ struct inflate_state FAR *state;
+
+ /* check parameters */
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+ if (strm->avail_in == 0 && state->bits < 8) return Z_BUF_ERROR;
+
+ /* if first time, start search in bit buffer */
+ if (state->mode != SYNC) {
+ state->mode = SYNC;
+ state->hold <<= state->bits & 7;
+ state->bits -= state->bits & 7;
+ len = 0;
+ while (state->bits >= 8) {
+ buf[len++] = (unsigned char)(state->hold);
+ state->hold >>= 8;
+ state->bits -= 8;
+ }
+ state->have = 0;
+ syncsearch(&(state->have), buf, len);
+ }
+
+ /* search available input */
+ len = syncsearch(&(state->have), strm->next_in, strm->avail_in);
+ strm->avail_in -= len;
+ strm->next_in += len;
+ strm->total_in += len;
+
+ /* return no joy or set up to restart inflate() on a new block */
+ if (state->have != 4) return Z_DATA_ERROR;
+ in = strm->total_in; out = strm->total_out;
+ inflateReset(strm);
+ strm->total_in = in; strm->total_out = out;
+ state->mode = TYPE;
+ return Z_OK;
+}
+
+/*
+ Returns true if inflate is currently at the end of a block generated by
+ Z_SYNC_FLUSH or Z_FULL_FLUSH. This function is used by one PPP
+ implementation to provide an additional safety check. PPP uses
+ Z_SYNC_FLUSH but removes the length bytes of the resulting empty stored
+ block. When decompressing, PPP checks that at the end of input packet,
+ inflate is waiting for these length bytes.
+ */
+int ZEXPORT inflateSyncPoint(strm)
+z_streamp strm;
+{
+ struct inflate_state FAR *state;
+
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+ return state->mode == STORED && state->bits == 0;
+}
+
+int ZEXPORT inflateCopy(dest, source)
+z_streamp dest;
+z_streamp source;
+{
+ struct inflate_state FAR *state;
+ struct inflate_state FAR *copy;
+ unsigned char FAR *window;
+ unsigned wsize;
+
+ /* check input */
+ if (dest == Z_NULL || source == Z_NULL || source->state == Z_NULL ||
+ source->zalloc == (alloc_func)0 || source->zfree == (free_func)0)
+ return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)source->state;
+
+ /* allocate space */
+ copy = (struct inflate_state FAR *)
+ ZALLOC(source, 1, sizeof(struct inflate_state));
+ if (copy == Z_NULL) return Z_MEM_ERROR;
+ window = Z_NULL;
+ if (state->window != Z_NULL) {
+ window = (unsigned char FAR *)
+ ZALLOC(source, 1U << state->wbits, sizeof(unsigned char));
+ if (window == Z_NULL) {
+ ZFREE(source, copy);
+ return Z_MEM_ERROR;
+ }
+ }
+
+ /* copy state */
+ zmemcpy(dest, source, sizeof(z_stream));
+ zmemcpy(copy, state, sizeof(struct inflate_state));
+ if (state->lencode >= state->codes &&
+ state->lencode <= state->codes + ENOUGH - 1) {
+ copy->lencode = copy->codes + (state->lencode - state->codes);
+ copy->distcode = copy->codes + (state->distcode - state->codes);
+ }
+ copy->next = copy->codes + (state->next - state->codes);
+ if (window != Z_NULL) {
+ wsize = 1U << state->wbits;
+ zmemcpy(window, state->window, wsize);
+ }
+ copy->window = window;
+ dest->state = (struct internal_state FAR *)copy;
+ return Z_OK;
+}
+
+int ZEXPORT inflateUndermine(strm, subvert)
+z_streamp strm;
+int subvert;
+{
+ struct inflate_state FAR *state;
+
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+ state->sane = !subvert;
+#ifdef INFLATE_ALLOW_INVALID_DISTANCE_TOOFAR_ARRR
+ return Z_OK;
+#else
+ state->sane = 1;
+ return Z_DATA_ERROR;
+#endif
+}
+
+long ZEXPORT inflateMark(strm)
+z_streamp strm;
+{
+ struct inflate_state FAR *state;
+
+ if (strm == Z_NULL || strm->state == Z_NULL) return -1L << 16;
+ state = (struct inflate_state FAR *)strm->state;
+ return ((long)(state->back) << 16) +
+ (state->mode == COPY ? state->length :
+ (state->mode == MATCH ? state->was - state->length : 0));
+}
Added: trunk/contrib/sudo/zlib/inflate.h
===================================================================
--- trunk/contrib/sudo/zlib/inflate.h (rev 0)
+++ trunk/contrib/sudo/zlib/inflate.h 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,122 @@
+/* inflate.h -- internal inflate state definition
+ * Copyright (C) 1995-2009 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/* WARNING: this file should *not* be used by applications. It is
+ part of the implementation of the compression library and is
+ subject to change. Applications should only use zlib.h.
+ */
+
+/* define NO_GZIP when compiling if you want to disable gzip header and
+ trailer decoding by inflate(). NO_GZIP would be used to avoid linking in
+ the crc code when it is not needed. For shared libraries, gzip decoding
+ should be left enabled. */
+#ifndef NO_GZIP
+# define GUNZIP
+#endif
+
+/* Possible inflate modes between inflate() calls */
+typedef enum {
+ HEAD, /* i: waiting for magic header */
+ FLAGS, /* i: waiting for method and flags (gzip) */
+ TIME, /* i: waiting for modification time (gzip) */
+ OS, /* i: waiting for extra flags and operating system (gzip) */
+ EXLEN, /* i: waiting for extra length (gzip) */
+ EXTRA, /* i: waiting for extra bytes (gzip) */
+ NAME, /* i: waiting for end of file name (gzip) */
+ COMMENT, /* i: waiting for end of comment (gzip) */
+ HCRC, /* i: waiting for header crc (gzip) */
+ DICTID, /* i: waiting for dictionary check value */
+ DICT, /* waiting for inflateSetDictionary() call */
+ TYPE, /* i: waiting for type bits, including last-flag bit */
+ TYPEDO, /* i: same, but skip check to exit inflate on new block */
+ STORED, /* i: waiting for stored size (length and complement) */
+ COPY_, /* i/o: same as COPY below, but only first time in */
+ COPY, /* i/o: waiting for input or output to copy stored block */
+ TABLE, /* i: waiting for dynamic block table lengths */
+ LENLENS, /* i: waiting for code length code lengths */
+ CODELENS, /* i: waiting for length/lit and distance code lengths */
+ LEN_, /* i: same as LEN below, but only first time in */
+ LEN, /* i: waiting for length/lit/eob code */
+ LENEXT, /* i: waiting for length extra bits */
+ DIST, /* i: waiting for distance code */
+ DISTEXT, /* i: waiting for distance extra bits */
+ MATCH, /* o: waiting for output space to copy string */
+ LIT, /* o: waiting for output space to write literal */
+ CHECK, /* i: waiting for 32-bit check value */
+ LENGTH, /* i: waiting for 32-bit length (gzip) */
+ DONE, /* finished check, done -- remain here until reset */
+ BAD, /* got a data error -- remain here until reset */
+ MEM, /* got an inflate() memory error -- remain here until reset */
+ SYNC /* looking for synchronization bytes to restart inflate() */
+} inflate_mode;
+
+/*
+ State transitions between above modes -
+
+ (most modes can go to BAD or MEM on error -- not shown for clarity)
+
+ Process header:
+ HEAD -> (gzip) or (zlib) or (raw)
+ (gzip) -> FLAGS -> TIME -> OS -> EXLEN -> EXTRA -> NAME -> COMMENT ->
+ HCRC -> TYPE
+ (zlib) -> DICTID or TYPE
+ DICTID -> DICT -> TYPE
+ (raw) -> TYPEDO
+ Read deflate blocks:
+ TYPE -> TYPEDO -> STORED or TABLE or LEN_ or CHECK
+ STORED -> COPY_ -> COPY -> TYPE
+ TABLE -> LENLENS -> CODELENS -> LEN_
+ LEN_ -> LEN
+ Read deflate codes in fixed or dynamic block:
+ LEN -> LENEXT or LIT or TYPE
+ LENEXT -> DIST -> DISTEXT -> MATCH -> LEN
+ LIT -> LEN
+ Process trailer:
+ CHECK -> LENGTH -> DONE
+ */
+
+/* state maintained between inflate() calls. Approximately 10K bytes. */
+struct inflate_state {
+ inflate_mode mode; /* current inflate mode */
+ int last; /* true if processing last block */
+ int wrap; /* bit 0 true for zlib, bit 1 true for gzip */
+ int havedict; /* true if dictionary provided */
+ int flags; /* gzip header method and flags (0 if zlib) */
+ unsigned dmax; /* zlib header max distance (INFLATE_STRICT) */
+ unsigned long check; /* protected copy of check value */
+ unsigned long total; /* protected copy of output count */
+ gz_headerp head; /* where to save gzip header information */
+ /* sliding window */
+ unsigned wbits; /* log base 2 of requested window size */
+ unsigned wsize; /* window size or zero if not using window */
+ unsigned whave; /* valid bytes in the window */
+ unsigned wnext; /* window write index */
+ unsigned char FAR *window; /* allocated sliding window, if needed */
+ /* bit accumulator */
+ unsigned long hold; /* input bit accumulator */
+ unsigned bits; /* number of bits in "in" */
+ /* for string and stored block copying */
+ unsigned length; /* literal or length of data to copy */
+ unsigned offset; /* distance back to copy string from */
+ /* for table and code decoding */
+ unsigned extra; /* extra bits needed */
+ /* fixed and dynamic code tables */
+ code const FAR *lencode; /* starting table for length/literal codes */
+ code const FAR *distcode; /* starting table for distance codes */
+ unsigned lenbits; /* index bits for lencode */
+ unsigned distbits; /* index bits for distcode */
+ /* dynamic table building */
+ unsigned ncode; /* number of code length code lengths */
+ unsigned nlen; /* number of length code lengths */
+ unsigned ndist; /* number of distance code lengths */
+ unsigned have; /* number of code lengths in lens[] */
+ code FAR *next; /* next available space in codes[] */
+ unsigned short lens[320]; /* temporary storage for code lengths */
+ unsigned short work[288]; /* work area for code table building */
+ code codes[ENOUGH]; /* space for code tables */
+ int sane; /* if false, allow invalid distance too far */
+ int back; /* bits back of last unprocessed length/lit */
+ unsigned was; /* initial length of match */
+};
Added: trunk/contrib/sudo/zlib/inftrees.c
===================================================================
--- trunk/contrib/sudo/zlib/inftrees.c (rev 0)
+++ trunk/contrib/sudo/zlib/inftrees.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,330 @@
+/* inftrees.c -- generate Huffman trees for efficient decoding
+ * Copyright (C) 1995-2010 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+#include "zutil.h"
+#include "inftrees.h"
+
+#define MAXBITS 15
+
+const char inflate_copyright[] =
+ " inflate 1.2.5 Copyright 1995-2010 Mark Adler ";
+/*
+ If you use the zlib library in a product, an acknowledgment is welcome
+ in the documentation of your product. If for some reason you cannot
+ include such an acknowledgment, I would appreciate that you keep this
+ copyright string in the executable of your product.
+ */
+
+/*
+ Build a set of tables to decode the provided canonical Huffman code.
+ The code lengths are lens[0..codes-1]. The result starts at *table,
+ whose indices are 0..2^bits-1. work is a writable array of at least
+ lens shorts, which is used as a work area. type is the type of code
+ to be generated, CODES, LENS, or DISTS. On return, zero is success,
+ -1 is an invalid code, and +1 means that ENOUGH isn't enough. table
+ on return points to the next available entry's address. bits is the
+ requested root table index bits, and on return it is the actual root
+ table index bits. It will differ if the request is greater than the
+ longest code or if it is less than the shortest code.
+ */
+int ZLIB_INTERNAL inflate_table(type, lens, codes, table, bits, work)
+codetype type;
+unsigned short FAR *lens;
+unsigned codes;
+code FAR * FAR *table;
+unsigned FAR *bits;
+unsigned short FAR *work;
+{
+ unsigned len; /* a code's length in bits */
+ unsigned sym; /* index of code symbols */
+ unsigned min, max; /* minimum and maximum code lengths */
+ unsigned root; /* number of index bits for root table */
+ unsigned curr; /* number of index bits for current table */
+ unsigned drop; /* code bits to drop for sub-table */
+ int left; /* number of prefix codes available */
+ unsigned used; /* code entries in table used */
+ unsigned huff; /* Huffman code */
+ unsigned incr; /* for incrementing code, index */
+ unsigned fill; /* index for replicating entries */
+ unsigned low; /* low bits for current root entry */
+ unsigned mask; /* mask for low root bits */
+ code here; /* table entry for duplication */
+ code FAR *next; /* next available space in table */
+ const unsigned short FAR *base; /* base value table to use */
+ const unsigned short FAR *extra; /* extra bits table to use */
+ int end; /* use base and extra for symbol > end */
+ unsigned short count[MAXBITS+1]; /* number of codes of each length */
+ unsigned short offs[MAXBITS+1]; /* offsets in table for each length */
+ static const unsigned short lbase[31] = { /* Length codes 257..285 base */
+ 3, 4, 5, 6, 7, 8, 9, 10, 11, 13, 15, 17, 19, 23, 27, 31,
+ 35, 43, 51, 59, 67, 83, 99, 115, 131, 163, 195, 227, 258, 0, 0};
+ static const unsigned short lext[31] = { /* Length codes 257..285 extra */
+ 16, 16, 16, 16, 16, 16, 16, 16, 17, 17, 17, 17, 18, 18, 18, 18,
+ 19, 19, 19, 19, 20, 20, 20, 20, 21, 21, 21, 21, 16, 73, 195};
+ static const unsigned short dbase[32] = { /* Distance codes 0..29 base */
+ 1, 2, 3, 4, 5, 7, 9, 13, 17, 25, 33, 49, 65, 97, 129, 193,
+ 257, 385, 513, 769, 1025, 1537, 2049, 3073, 4097, 6145,
+ 8193, 12289, 16385, 24577, 0, 0};
+ static const unsigned short dext[32] = { /* Distance codes 0..29 extra */
+ 16, 16, 16, 16, 17, 17, 18, 18, 19, 19, 20, 20, 21, 21, 22, 22,
+ 23, 23, 24, 24, 25, 25, 26, 26, 27, 27,
+ 28, 28, 29, 29, 64, 64};
+
+ /*
+ Process a set of code lengths to create a canonical Huffman code. The
+ code lengths are lens[0..codes-1]. Each length corresponds to the
+ symbols 0..codes-1. The Huffman code is generated by first sorting the
+ symbols by length from short to long, and retaining the symbol order
+ for codes with equal lengths. Then the code starts with all zero bits
+ for the first code of the shortest length, and the codes are integer
+ increments for the same length, and zeros are appended as the length
+ increases. For the deflate format, these bits are stored backwards
+ from their more natural integer increment ordering, and so when the
+ decoding tables are built in the large loop below, the integer codes
+ are incremented backwards.
+
+ This routine assumes, but does not check, that all of the entries in
+ lens[] are in the range 0..MAXBITS. The caller must assure this.
+ 1..MAXBITS is interpreted as that code length. zero means that that
+ symbol does not occur in this code.
+
+ The codes are sorted by computing a count of codes for each length,
+ creating from that a table of starting indices for each length in the
+ sorted table, and then entering the symbols in order in the sorted
+ table. The sorted table is work[], with that space being provided by
+ the caller.
+
+ The length counts are used for other purposes as well, i.e. finding
+ the minimum and maximum length codes, determining if there are any
+ codes at all, checking for a valid set of lengths, and looking ahead
+ at length counts to determine sub-table sizes when building the
+ decoding tables.
+ */
+
+ /* accumulate lengths for codes (assumes lens[] all in 0..MAXBITS) */
+ for (len = 0; len <= MAXBITS; len++)
+ count[len] = 0;
+ for (sym = 0; sym < codes; sym++)
+ count[lens[sym]]++;
+
+ /* bound code lengths, force root to be within code lengths */
+ root = *bits;
+ for (max = MAXBITS; max >= 1; max--)
+ if (count[max] != 0) break;
+ if (root > max) root = max;
+ if (max == 0) { /* no symbols to code at all */
+ here.op = (unsigned char)64; /* invalid code marker */
+ here.bits = (unsigned char)1;
+ here.val = (unsigned short)0;
+ *(*table)++ = here; /* make a table to force an error */
+ *(*table)++ = here;
+ *bits = 1;
+ return 0; /* no symbols, but wait for decoding to report error */
+ }
+ for (min = 1; min < max; min++)
+ if (count[min] != 0) break;
+ if (root < min) root = min;
+
+ /* check for an over-subscribed or incomplete set of lengths */
+ left = 1;
+ for (len = 1; len <= MAXBITS; len++) {
+ left <<= 1;
+ left -= count[len];
+ if (left < 0) return -1; /* over-subscribed */
+ }
+ if (left > 0 && (type == CODES || max != 1))
+ return -1; /* incomplete set */
+
+ /* generate offsets into symbol table for each length for sorting */
+ offs[1] = 0;
+ for (len = 1; len < MAXBITS; len++)
+ offs[len + 1] = offs[len] + count[len];
+
+ /* sort symbols by length, by symbol order within each length */
+ for (sym = 0; sym < codes; sym++)
+ if (lens[sym] != 0) work[offs[lens[sym]]++] = (unsigned short)sym;
+
+ /*
+ Create and fill in decoding tables. In this loop, the table being
+ filled is at next and has curr index bits. The code being used is huff
+ with length len. That code is converted to an index by dropping drop
+ bits off of the bottom. For codes where len is less than drop + curr,
+ those top drop + curr - len bits are incremented through all values to
+ fill the table with replicated entries.
+
+ root is the number of index bits for the root table. When len exceeds
+ root, sub-tables are created pointed to by the root entry with an index
+ of the low root bits of huff. This is saved in low to check for when a
+ new sub-table should be started. drop is zero when the root table is
+ being filled, and drop is root when sub-tables are being filled.
+
+ When a new sub-table is needed, it is necessary to look ahead in the
+ code lengths to determine what size sub-table is needed. The length
+ counts are used for this, and so count[] is decremented as codes are
+ entered in the tables.
+
+ used keeps track of how many table entries have been allocated from the
+ provided *table space. It is checked for LENS and DIST tables against
+ the constants ENOUGH_LENS and ENOUGH_DISTS to guard against changes in
+ the initial root table size constants. See the comments in inftrees.h
+ for more information.
+
+ sym increments through all symbols, and the loop terminates when
+ all codes of length max, i.e. all codes, have been processed. This
+ routine permits incomplete codes, so another loop after this one fills
+ in the rest of the decoding tables with invalid code markers.
+ */
+
+ /* set up for code type */
+ switch (type) {
+ case CODES:
+ base = extra = work; /* dummy value--not used */
+ end = 19;
+ break;
+ case LENS:
+ base = lbase;
+ base -= 257;
+ extra = lext;
+ extra -= 257;
+ end = 256;
+ break;
+ default: /* DISTS */
+ base = dbase;
+ extra = dext;
+ end = -1;
+ }
+
+ /* initialize state for loop */
+ huff = 0; /* starting code */
+ sym = 0; /* starting code symbol */
+ len = min; /* starting code length */
+ next = *table; /* current table to fill in */
+ curr = root; /* current table index bits */
+ drop = 0; /* current bits to drop from code for index */
+ low = (unsigned)(-1); /* trigger new sub-table when len > root */
+ used = 1U << root; /* use root table entries */
+ mask = used - 1; /* mask for comparing low */
+
+ /* check available table space */
+ if ((type == LENS && used >= ENOUGH_LENS) ||
+ (type == DISTS && used >= ENOUGH_DISTS))
+ return 1;
+
+ /* process all codes and make table entries */
+ for (;;) {
+ /* create table entry */
+ here.bits = (unsigned char)(len - drop);
+ if ((int)(work[sym]) < end) {
+ here.op = (unsigned char)0;
+ here.val = work[sym];
+ }
+ else if ((int)(work[sym]) > end) {
+ here.op = (unsigned char)(extra[work[sym]]);
+ here.val = base[work[sym]];
+ }
+ else {
+ here.op = (unsigned char)(32 + 64); /* end of block */
+ here.val = 0;
+ }
+
+ /* replicate for those indices with low len bits equal to huff */
+ incr = 1U << (len - drop);
+ fill = 1U << curr;
+ min = fill; /* save offset to next table */
+ do {
+ fill -= incr;
+ next[(huff >> drop) + fill] = here;
+ } while (fill != 0);
+
+ /* backwards increment the len-bit code huff */
+ incr = 1U << (len - 1);
+ while (huff & incr)
+ incr >>= 1;
+ if (incr != 0) {
+ huff &= incr - 1;
+ huff += incr;
+ }
+ else
+ huff = 0;
+
+ /* go to next symbol, update count, len */
+ sym++;
+ if (--(count[len]) == 0) {
+ if (len == max) break;
+ len = lens[work[sym]];
+ }
+
+ /* create new sub-table if needed */
+ if (len > root && (huff & mask) != low) {
+ /* if first time, transition to sub-tables */
+ if (drop == 0)
+ drop = root;
+
+ /* increment past last table */
+ next += min; /* here min is 1 << curr */
+
+ /* determine length of next table */
+ curr = len - drop;
+ left = (int)(1 << curr);
+ while (curr + drop < max) {
+ left -= count[curr + drop];
+ if (left <= 0) break;
+ curr++;
+ left <<= 1;
+ }
+
+ /* check for enough space */
+ used += 1U << curr;
+ if ((type == LENS && used >= ENOUGH_LENS) ||
+ (type == DISTS && used >= ENOUGH_DISTS))
+ return 1;
+
+ /* point entry in root table to sub-table */
+ low = huff & mask;
+ (*table)[low].op = (unsigned char)curr;
+ (*table)[low].bits = (unsigned char)root;
+ (*table)[low].val = (unsigned short)(next - *table);
+ }
+ }
+
+ /*
+ Fill in rest of table for incomplete codes. This loop is similar to the
+ loop above in incrementing huff for table indices. It is assumed that
+ len is equal to curr + drop, so there is no loop needed to increment
+ through high index bits. When the current sub-table is filled, the loop
+ drops back to the root table to fill in any remaining entries there.
+ */
+ here.op = (unsigned char)64; /* invalid code marker */
+ here.bits = (unsigned char)(len - drop);
+ here.val = (unsigned short)0;
+ while (huff != 0) {
+ /* when done with sub-table, drop back to root table */
+ if (drop != 0 && (huff & mask) != low) {
+ drop = 0;
+ len = root;
+ next = *table;
+ here.bits = (unsigned char)len;
+ }
+
+ /* put invalid code marker in table */
+ next[huff >> drop] = here;
+
+ /* backwards increment the len-bit code huff */
+ incr = 1U << (len - 1);
+ while (huff & incr)
+ incr >>= 1;
+ if (incr != 0) {
+ huff &= incr - 1;
+ huff += incr;
+ }
+ else
+ huff = 0;
+ }
+
+ /* set return parameters */
+ *table += used;
+ *bits = root;
+ return 0;
+}
Added: trunk/contrib/sudo/zlib/inftrees.h
===================================================================
--- trunk/contrib/sudo/zlib/inftrees.h (rev 0)
+++ trunk/contrib/sudo/zlib/inftrees.h 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,62 @@
+/* inftrees.h -- header to use inftrees.c
+ * Copyright (C) 1995-2005, 2010 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/* WARNING: this file should *not* be used by applications. It is
+ part of the implementation of the compression library and is
+ subject to change. Applications should only use zlib.h.
+ */
+
+/* Structure for decoding tables. Each entry provides either the
+ information needed to do the operation requested by the code that
+ indexed that table entry, or it provides a pointer to another
+ table that indexes more bits of the code. op indicates whether
+ the entry is a pointer to another table, a literal, a length or
+ distance, an end-of-block, or an invalid code. For a table
+ pointer, the low four bits of op is the number of index bits of
+ that table. For a length or distance, the low four bits of op
+ is the number of extra bits to get after the code. bits is
+ the number of bits in this code or part of the code to drop off
+ of the bit buffer. val is the actual byte to output in the case
+ of a literal, the base length or distance, or the offset from
+ the current table to the next table. Each entry is four bytes. */
+typedef struct {
+ unsigned char op; /* operation, extra bits, table bits */
+ unsigned char bits; /* bits in this part of the code */
+ unsigned short val; /* offset in table or code value */
+} code;
+
+/* op values as set by inflate_table():
+ 00000000 - literal
+ 0000tttt - table link, tttt != 0 is the number of table index bits
+ 0001eeee - length or distance, eeee is the number of extra bits
+ 01100000 - end of block
+ 01000000 - invalid code
+ */
+
+/* Maximum size of the dynamic table. The maximum number of code structures is
+ 1444, which is the sum of 852 for literal/length codes and 592 for distance
+ codes. These values were found by exhaustive searches using the program
+ examples/enough.c found in the zlib distribtution. The arguments to that
+ program are the number of symbols, the initial root table size, and the
+ maximum bit length of a code. "enough 286 9 15" for literal/length codes
+ returns returns 852, and "enough 30 6 15" for distance codes returns 592.
+ The initial root table size (9 or 6) is found in the fifth argument of the
+ inflate_table() calls in inflate.c and infback.c. If the root table size is
+ changed, then these maximum sizes would be need to be recalculated and
+ updated. */
+#define ENOUGH_LENS 852
+#define ENOUGH_DISTS 592
+#define ENOUGH (ENOUGH_LENS+ENOUGH_DISTS)
+
+/* Type of code to build for inflate_table() */
+typedef enum {
+ CODES,
+ LENS,
+ DISTS
+} codetype;
+
+int ZLIB_INTERNAL inflate_table OF((codetype type, unsigned short FAR *lens,
+ unsigned codes, code FAR * FAR *table,
+ unsigned FAR *bits, unsigned short FAR *work));
Added: trunk/contrib/sudo/zlib/trees.c
===================================================================
--- trunk/contrib/sudo/zlib/trees.c (rev 0)
+++ trunk/contrib/sudo/zlib/trees.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,1244 @@
+/* trees.c -- output deflated data using Huffman coding
+ * Copyright (C) 1995-2010 Jean-loup Gailly
+ * detect_data_type() function provided freely by Cosmin Truta, 2006
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/*
+ * ALGORITHM
+ *
+ * The "deflation" process uses several Huffman trees. The more
+ * common source values are represented by shorter bit sequences.
+ *
+ * Each code tree is stored in a compressed form which is itself
+ * a Huffman encoding of the lengths of all the code strings (in
+ * ascending order by source values). The actual code strings are
+ * reconstructed from the lengths in the inflate process, as described
+ * in the deflate specification.
+ *
+ * REFERENCES
+ *
+ * Deutsch, L.P.,"'Deflate' Compressed Data Format Specification".
+ * Available in ftp.uu.net:/pub/archiving/zip/doc/deflate-1.1.doc
+ *
+ * Storer, James A.
+ * Data Compression: Methods and Theory, pp. 49-50.
+ * Computer Science Press, 1988. ISBN 0-7167-8156-5.
+ *
+ * Sedgewick, R.
+ * Algorithms, p290.
+ * Addison-Wesley, 1983. ISBN 0-201-06672-6.
+ */
+
+/* @(#) $Id$ */
+
+/* #define GEN_TREES_H */
+
+#include "deflate.h"
+
+#ifdef DEBUG
+# include <ctype.h>
+#endif
+
+/* ===========================================================================
+ * Constants
+ */
+
+#define MAX_BL_BITS 7
+/* Bit length codes must not exceed MAX_BL_BITS bits */
+
+#define END_BLOCK 256
+/* end of block literal code */
+
+#define REP_3_6 16
+/* repeat previous bit length 3-6 times (2 bits of repeat count) */
+
+#define REPZ_3_10 17
+/* repeat a zero length 3-10 times (3 bits of repeat count) */
+
+#define REPZ_11_138 18
+/* repeat a zero length 11-138 times (7 bits of repeat count) */
+
+local const int extra_lbits[LENGTH_CODES] /* extra bits for each length code */
+ = {0,0,0,0,0,0,0,0,1,1,1,1,2,2,2,2,3,3,3,3,4,4,4,4,5,5,5,5,0};
+
+local const int extra_dbits[D_CODES] /* extra bits for each distance code */
+ = {0,0,0,0,1,1,2,2,3,3,4,4,5,5,6,6,7,7,8,8,9,9,10,10,11,11,12,12,13,13};
+
+local const int extra_blbits[BL_CODES]/* extra bits for each bit length code */
+ = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,3,7};
+
+local const uch bl_order[BL_CODES]
+ = {16,17,18,0,8,7,9,6,10,5,11,4,12,3,13,2,14,1,15};
+/* The lengths of the bit length codes are sent in order of decreasing
+ * probability, to avoid transmitting the lengths for unused bit length codes.
+ */
+
+#define Buf_size (8 * 2*sizeof(char))
+/* Number of bits used within bi_buf. (bi_buf might be implemented on
+ * more than 16 bits on some systems.)
+ */
+
+/* ===========================================================================
+ * Local data. These are initialized only once.
+ */
+
+#define DIST_CODE_LEN 512 /* see definition of array dist_code below */
+
+#if defined(GEN_TREES_H) || !defined(STDC)
+/* non ANSI compilers may not accept trees.h */
+
+local ct_data static_ltree[L_CODES+2];
+/* The static literal tree. Since the bit lengths are imposed, there is no
+ * need for the L_CODES extra codes used during heap construction. However
+ * The codes 286 and 287 are needed to build a canonical tree (see _tr_init
+ * below).
+ */
+
+local ct_data static_dtree[D_CODES];
+/* The static distance tree. (Actually a trivial tree since all codes use
+ * 5 bits.)
+ */
+
+uch _dist_code[DIST_CODE_LEN];
+/* Distance codes. The first 256 values correspond to the distances
+ * 3 .. 258, the last 256 values correspond to the top 8 bits of
+ * the 15 bit distances.
+ */
+
+uch _length_code[MAX_MATCH-MIN_MATCH+1];
+/* length code for each normalized match length (0 == MIN_MATCH) */
+
+local int base_length[LENGTH_CODES];
+/* First normalized length for each code (0 = MIN_MATCH) */
+
+local int base_dist[D_CODES];
+/* First normalized distance for each code (0 = distance of 1) */
+
+#else
+# include "trees.h"
+#endif /* GEN_TREES_H */
+
+struct static_tree_desc_s {
+ const ct_data *static_tree; /* static tree or NULL */
+ const intf *extra_bits; /* extra bits for each code or NULL */
+ int extra_base; /* base index for extra_bits */
+ int elems; /* max number of elements in the tree */
+ int max_length; /* max bit length for the codes */
+};
+
+local static_tree_desc static_l_desc =
+{static_ltree, extra_lbits, LITERALS+1, L_CODES, MAX_BITS};
+
+local static_tree_desc static_d_desc =
+{static_dtree, extra_dbits, 0, D_CODES, MAX_BITS};
+
+local static_tree_desc static_bl_desc =
+{(const ct_data *)0, extra_blbits, 0, BL_CODES, MAX_BL_BITS};
+
+/* ===========================================================================
+ * Local (static) routines in this file.
+ */
+
+local void tr_static_init OF((void));
+local void init_block OF((deflate_state *s));
+local void pqdownheap OF((deflate_state *s, ct_data *tree, int k));
+local void gen_bitlen OF((deflate_state *s, tree_desc *desc));
+local void gen_codes OF((ct_data *tree, int max_code, ushf *bl_count));
+local void build_tree OF((deflate_state *s, tree_desc *desc));
+local void scan_tree OF((deflate_state *s, ct_data *tree, int max_code));
+local void send_tree OF((deflate_state *s, ct_data *tree, int max_code));
+local int build_bl_tree OF((deflate_state *s));
+local void send_all_trees OF((deflate_state *s, int lcodes, int dcodes,
+ int blcodes));
+local void compress_block OF((deflate_state *s, ct_data *ltree,
+ ct_data *dtree));
+local int detect_data_type OF((deflate_state *s));
+local unsigned bi_reverse OF((unsigned value, int length));
+local void bi_windup OF((deflate_state *s));
+local void bi_flush OF((deflate_state *s));
+local void copy_block OF((deflate_state *s, charf *buf, unsigned len,
+ int header));
+
+#ifdef GEN_TREES_H
+local void gen_trees_header OF((void));
+#endif
+
+#ifndef DEBUG
+# define send_code(s, c, tree) send_bits(s, tree[c].Code, tree[c].Len)
+ /* Send a code of the given tree. c and tree must not have side effects */
+
+#else /* DEBUG */
+# define send_code(s, c, tree) \
+ { if (z_verbose>2) fprintf(stderr,"\ncd %3d ",(c)); \
+ send_bits(s, tree[c].Code, tree[c].Len); }
+#endif
+
+/* ===========================================================================
+ * Output a short LSB first on the stream.
+ * IN assertion: there is enough room in pendingBuf.
+ */
+#define put_short(s, w) { \
+ put_byte(s, (uch)((w) & 0xff)); \
+ put_byte(s, (uch)((ush)(w) >> 8)); \
+}
+
+/* ===========================================================================
+ * Send a value on a given number of bits.
+ * IN assertion: length <= 16 and value fits in length bits.
+ */
+#ifdef DEBUG
+local void send_bits OF((deflate_state *s, int value, int length));
+
+local void send_bits(s, value, length)
+ deflate_state *s;
+ int value; /* value to send */
+ int length; /* number of bits */
+{
+ Tracevv((stderr," l %2d v %4x ", length, value));
+ Assert(length > 0 && length <= 15, "invalid length");
+ s->bits_sent += (ulg)length;
+
+ /* If not enough room in bi_buf, use (valid) bits from bi_buf and
+ * (16 - bi_valid) bits from value, leaving (width - (16-bi_valid))
+ * unused bits in value.
+ */
+ if (s->bi_valid > (int)Buf_size - length) {
+ s->bi_buf |= (ush)value << s->bi_valid;
+ put_short(s, s->bi_buf);
+ s->bi_buf = (ush)value >> (Buf_size - s->bi_valid);
+ s->bi_valid += length - Buf_size;
+ } else {
+ s->bi_buf |= (ush)value << s->bi_valid;
+ s->bi_valid += length;
+ }
+}
+#else /* !DEBUG */
+
+#define send_bits(s, value, length) \
+{ int len = length;\
+ if (s->bi_valid > (int)Buf_size - len) {\
+ int val = value;\
+ s->bi_buf |= (ush)val << s->bi_valid;\
+ put_short(s, s->bi_buf);\
+ s->bi_buf = (ush)val >> (Buf_size - s->bi_valid);\
+ s->bi_valid += len - Buf_size;\
+ } else {\
+ s->bi_buf |= (ush)(value) << s->bi_valid;\
+ s->bi_valid += len;\
+ }\
+}
+#endif /* DEBUG */
+
+
+/* the arguments must not have side effects */
+
+/* ===========================================================================
+ * Initialize the various 'constant' tables.
+ */
+local void tr_static_init()
+{
+#if defined(GEN_TREES_H) || !defined(STDC)
+ static int static_init_done = 0;
+ int n; /* iterates over tree elements */
+ int bits; /* bit counter */
+ int length; /* length value */
+ int code; /* code value */
+ int dist; /* distance index */
+ ush bl_count[MAX_BITS+1];
+ /* number of codes at each bit length for an optimal tree */
+
+ if (static_init_done) return;
+
+ /* For some embedded targets, global variables are not initialized: */
+#ifdef NO_INIT_GLOBAL_POINTERS
+ static_l_desc.static_tree = static_ltree;
+ static_l_desc.extra_bits = extra_lbits;
+ static_d_desc.static_tree = static_dtree;
+ static_d_desc.extra_bits = extra_dbits;
+ static_bl_desc.extra_bits = extra_blbits;
+#endif
+
+ /* Initialize the mapping length (0..255) -> length code (0..28) */
+ length = 0;
+ for (code = 0; code < LENGTH_CODES-1; code++) {
+ base_length[code] = length;
+ for (n = 0; n < (1<<extra_lbits[code]); n++) {
+ _length_code[length++] = (uch)code;
+ }
+ }
+ Assert (length == 256, "tr_static_init: length != 256");
+ /* Note that the length 255 (match length 258) can be represented
+ * in two different ways: code 284 + 5 bits or code 285, so we
+ * overwrite length_code[255] to use the best encoding:
+ */
+ _length_code[length-1] = (uch)code;
+
+ /* Initialize the mapping dist (0..32K) -> dist code (0..29) */
+ dist = 0;
+ for (code = 0 ; code < 16; code++) {
+ base_dist[code] = dist;
+ for (n = 0; n < (1<<extra_dbits[code]); n++) {
+ _dist_code[dist++] = (uch)code;
+ }
+ }
+ Assert (dist == 256, "tr_static_init: dist != 256");
+ dist >>= 7; /* from now on, all distances are divided by 128 */
+ for ( ; code < D_CODES; code++) {
+ base_dist[code] = dist << 7;
+ for (n = 0; n < (1<<(extra_dbits[code]-7)); n++) {
+ _dist_code[256 + dist++] = (uch)code;
+ }
+ }
+ Assert (dist == 256, "tr_static_init: 256+dist != 512");
+
+ /* Construct the codes of the static literal tree */
+ for (bits = 0; bits <= MAX_BITS; bits++) bl_count[bits] = 0;
+ n = 0;
+ while (n <= 143) static_ltree[n++].Len = 8, bl_count[8]++;
+ while (n <= 255) static_ltree[n++].Len = 9, bl_count[9]++;
+ while (n <= 279) static_ltree[n++].Len = 7, bl_count[7]++;
+ while (n <= 287) static_ltree[n++].Len = 8, bl_count[8]++;
+ /* Codes 286 and 287 do not exist, but we must include them in the
+ * tree construction to get a canonical Huffman tree (longest code
+ * all ones)
+ */
+ gen_codes((ct_data *)static_ltree, L_CODES+1, bl_count);
+
+ /* The static distance tree is trivial: */
+ for (n = 0; n < D_CODES; n++) {
+ static_dtree[n].Len = 5;
+ static_dtree[n].Code = bi_reverse((unsigned)n, 5);
+ }
+ static_init_done = 1;
+
+# ifdef GEN_TREES_H
+ gen_trees_header();
+# endif
+#endif /* defined(GEN_TREES_H) || !defined(STDC) */
+}
+
+/* ===========================================================================
+ * Genererate the file trees.h describing the static trees.
+ */
+#ifdef GEN_TREES_H
+# ifndef DEBUG
+# include <stdio.h>
+# endif
+
+# define SEPARATOR(i, last, width) \
+ ((i) == (last)? "\n};\n\n" : \
+ ((i) % (width) == (width)-1 ? ",\n" : ", "))
+
+void gen_trees_header()
+{
+ FILE *header = fopen("trees.h", "w");
+ int i;
+
+ Assert (header != NULL, "Can't open trees.h");
+ fprintf(header,
+ "/* header created automatically with -DGEN_TREES_H */\n\n");
+
+ fprintf(header, "local const ct_data static_ltree[L_CODES+2] = {\n");
+ for (i = 0; i < L_CODES+2; i++) {
+ fprintf(header, "{{%3u},{%3u}}%s", static_ltree[i].Code,
+ static_ltree[i].Len, SEPARATOR(i, L_CODES+1, 5));
+ }
+
+ fprintf(header, "local const ct_data static_dtree[D_CODES] = {\n");
+ for (i = 0; i < D_CODES; i++) {
+ fprintf(header, "{{%2u},{%2u}}%s", static_dtree[i].Code,
+ static_dtree[i].Len, SEPARATOR(i, D_CODES-1, 5));
+ }
+
+ fprintf(header, "const uch ZLIB_INTERNAL _dist_code[DIST_CODE_LEN] = {\n");
+ for (i = 0; i < DIST_CODE_LEN; i++) {
+ fprintf(header, "%2u%s", _dist_code[i],
+ SEPARATOR(i, DIST_CODE_LEN-1, 20));
+ }
+
+ fprintf(header,
+ "const uch ZLIB_INTERNAL _length_code[MAX_MATCH-MIN_MATCH+1]= {\n");
+ for (i = 0; i < MAX_MATCH-MIN_MATCH+1; i++) {
+ fprintf(header, "%2u%s", _length_code[i],
+ SEPARATOR(i, MAX_MATCH-MIN_MATCH, 20));
+ }
+
+ fprintf(header, "local const int base_length[LENGTH_CODES] = {\n");
+ for (i = 0; i < LENGTH_CODES; i++) {
+ fprintf(header, "%1u%s", base_length[i],
+ SEPARATOR(i, LENGTH_CODES-1, 20));
+ }
+
+ fprintf(header, "local const int base_dist[D_CODES] = {\n");
+ for (i = 0; i < D_CODES; i++) {
+ fprintf(header, "%5u%s", base_dist[i],
+ SEPARATOR(i, D_CODES-1, 10));
+ }
+
+ fclose(header);
+}
+#endif /* GEN_TREES_H */
+
+/* ===========================================================================
+ * Initialize the tree data structures for a new zlib stream.
+ */
+void ZLIB_INTERNAL _tr_init(s)
+ deflate_state *s;
+{
+ tr_static_init();
+
+ s->l_desc.dyn_tree = s->dyn_ltree;
+ s->l_desc.stat_desc = &static_l_desc;
+
+ s->d_desc.dyn_tree = s->dyn_dtree;
+ s->d_desc.stat_desc = &static_d_desc;
+
+ s->bl_desc.dyn_tree = s->bl_tree;
+ s->bl_desc.stat_desc = &static_bl_desc;
+
+ s->bi_buf = 0;
+ s->bi_valid = 0;
+ s->last_eob_len = 8; /* enough lookahead for inflate */
+#ifdef DEBUG
+ s->compressed_len = 0L;
+ s->bits_sent = 0L;
+#endif
+
+ /* Initialize the first block of the first file: */
+ init_block(s);
+}
+
+/* ===========================================================================
+ * Initialize a new block.
+ */
+local void init_block(s)
+ deflate_state *s;
+{
+ int n; /* iterates over tree elements */
+
+ /* Initialize the trees. */
+ for (n = 0; n < L_CODES; n++) s->dyn_ltree[n].Freq = 0;
+ for (n = 0; n < D_CODES; n++) s->dyn_dtree[n].Freq = 0;
+ for (n = 0; n < BL_CODES; n++) s->bl_tree[n].Freq = 0;
+
+ s->dyn_ltree[END_BLOCK].Freq = 1;
+ s->opt_len = s->static_len = 0L;
+ s->last_lit = s->matches = 0;
+}
+
+#define SMALLEST 1
+/* Index within the heap array of least frequent node in the Huffman tree */
+
+
+/* ===========================================================================
+ * Remove the smallest element from the heap and recreate the heap with
+ * one less element. Updates heap and heap_len.
+ */
+#define pqremove(s, tree, top) \
+{\
+ top = s->heap[SMALLEST]; \
+ s->heap[SMALLEST] = s->heap[s->heap_len--]; \
+ pqdownheap(s, tree, SMALLEST); \
+}
+
+/* ===========================================================================
+ * Compares to subtrees, using the tree depth as tie breaker when
+ * the subtrees have equal frequency. This minimizes the worst case length.
+ */
+#define smaller(tree, n, m, depth) \
+ (tree[n].Freq < tree[m].Freq || \
+ (tree[n].Freq == tree[m].Freq && depth[n] <= depth[m]))
+
+/* ===========================================================================
+ * Restore the heap property by moving down the tree starting at node k,
+ * exchanging a node with the smallest of its two sons if necessary, stopping
+ * when the heap property is re-established (each father smaller than its
+ * two sons).
+ */
+local void pqdownheap(s, tree, k)
+ deflate_state *s;
+ ct_data *tree; /* the tree to restore */
+ int k; /* node to move down */
+{
+ int v = s->heap[k];
+ int j = k << 1; /* left son of k */
+ while (j <= s->heap_len) {
+ /* Set j to the smallest of the two sons: */
+ if (j < s->heap_len &&
+ smaller(tree, s->heap[j+1], s->heap[j], s->depth)) {
+ j++;
+ }
+ /* Exit if v is smaller than both sons */
+ if (smaller(tree, v, s->heap[j], s->depth)) break;
+
+ /* Exchange v with the smallest son */
+ s->heap[k] = s->heap[j]; k = j;
+
+ /* And continue down the tree, setting j to the left son of k */
+ j <<= 1;
+ }
+ s->heap[k] = v;
+}
+
+/* ===========================================================================
+ * Compute the optimal bit lengths for a tree and update the total bit length
+ * for the current block.
+ * IN assertion: the fields freq and dad are set, heap[heap_max] and
+ * above are the tree nodes sorted by increasing frequency.
+ * OUT assertions: the field len is set to the optimal bit length, the
+ * array bl_count contains the frequencies for each bit length.
+ * The length opt_len is updated; static_len is also updated if stree is
+ * not null.
+ */
+local void gen_bitlen(s, desc)
+ deflate_state *s;
+ tree_desc *desc; /* the tree descriptor */
+{
+ ct_data *tree = desc->dyn_tree;
+ int max_code = desc->max_code;
+ const ct_data *stree = desc->stat_desc->static_tree;
+ const intf *extra = desc->stat_desc->extra_bits;
+ int base = desc->stat_desc->extra_base;
+ int max_length = desc->stat_desc->max_length;
+ int h; /* heap index */
+ int n, m; /* iterate over the tree elements */
+ int bits; /* bit length */
+ int xbits; /* extra bits */
+ ush f; /* frequency */
+ int overflow = 0; /* number of elements with bit length too large */
+
+ for (bits = 0; bits <= MAX_BITS; bits++) s->bl_count[bits] = 0;
+
+ /* In a first pass, compute the optimal bit lengths (which may
+ * overflow in the case of the bit length tree).
+ */
+ tree[s->heap[s->heap_max]].Len = 0; /* root of the heap */
+
+ for (h = s->heap_max+1; h < HEAP_SIZE; h++) {
+ n = s->heap[h];
+ bits = tree[tree[n].Dad].Len + 1;
+ if (bits > max_length) bits = max_length, overflow++;
+ tree[n].Len = (ush)bits;
+ /* We overwrite tree[n].Dad which is no longer needed */
+
+ if (n > max_code) continue; /* not a leaf node */
+
+ s->bl_count[bits]++;
+ xbits = 0;
+ if (n >= base) xbits = extra[n-base];
+ f = tree[n].Freq;
+ s->opt_len += (ulg)f * (bits + xbits);
+ if (stree) s->static_len += (ulg)f * (stree[n].Len + xbits);
+ }
+ if (overflow == 0) return;
+
+ Trace((stderr,"\nbit length overflow\n"));
+ /* This happens for example on obj2 and pic of the Calgary corpus */
+
+ /* Find the first bit length which could increase: */
+ do {
+ bits = max_length-1;
+ while (s->bl_count[bits] == 0) bits--;
+ s->bl_count[bits]--; /* move one leaf down the tree */
+ s->bl_count[bits+1] += 2; /* move one overflow item as its brother */
+ s->bl_count[max_length]--;
+ /* The brother of the overflow item also moves one step up,
+ * but this does not affect bl_count[max_length]
+ */
+ overflow -= 2;
+ } while (overflow > 0);
+
+ /* Now recompute all bit lengths, scanning in increasing frequency.
+ * h is still equal to HEAP_SIZE. (It is simpler to reconstruct all
+ * lengths instead of fixing only the wrong ones. This idea is taken
+ * from 'ar' written by Haruhiko Okumura.)
+ */
+ for (bits = max_length; bits != 0; bits--) {
+ n = s->bl_count[bits];
+ while (n != 0) {
+ m = s->heap[--h];
+ if (m > max_code) continue;
+ if ((unsigned) tree[m].Len != (unsigned) bits) {
+ Trace((stderr,"code %d bits %d->%d\n", m, tree[m].Len, bits));
+ s->opt_len += ((long)bits - (long)tree[m].Len)
+ *(long)tree[m].Freq;
+ tree[m].Len = (ush)bits;
+ }
+ n--;
+ }
+ }
+}
+
+/* ===========================================================================
+ * Generate the codes for a given tree and bit counts (which need not be
+ * optimal).
+ * IN assertion: the array bl_count contains the bit length statistics for
+ * the given tree and the field len is set for all tree elements.
+ * OUT assertion: the field code is set for all tree elements of non
+ * zero code length.
+ */
+local void gen_codes (tree, max_code, bl_count)
+ ct_data *tree; /* the tree to decorate */
+ int max_code; /* largest code with non zero frequency */
+ ushf *bl_count; /* number of codes at each bit length */
+{
+ ush next_code[MAX_BITS+1]; /* next code value for each bit length */
+ ush code = 0; /* running code value */
+ int bits; /* bit index */
+ int n; /* code index */
+
+ /* The distribution counts are first used to generate the code values
+ * without bit reversal.
+ */
+ for (bits = 1; bits <= MAX_BITS; bits++) {
+ next_code[bits] = code = (code + bl_count[bits-1]) << 1;
+ }
+ /* Check that the bit counts in bl_count are consistent. The last code
+ * must be all ones.
+ */
+ Assert (code + bl_count[MAX_BITS]-1 == (1<<MAX_BITS)-1,
+ "inconsistent bit counts");
+ Tracev((stderr,"\ngen_codes: max_code %d ", max_code));
+
+ for (n = 0; n <= max_code; n++) {
+ int len = tree[n].Len;
+ if (len == 0) continue;
+ /* Now reverse the bits */
+ tree[n].Code = bi_reverse(next_code[len]++, len);
+
+ Tracecv(tree != static_ltree, (stderr,"\nn %3d %c l %2d c %4x (%x) ",
+ n, (isgraph(n) ? n : ' '), len, tree[n].Code, next_code[len]-1));
+ }
+}
+
+/* ===========================================================================
+ * Construct one Huffman tree and assigns the code bit strings and lengths.
+ * Update the total bit length for the current block.
+ * IN assertion: the field freq is set for all tree elements.
+ * OUT assertions: the fields len and code are set to the optimal bit length
+ * and corresponding code. The length opt_len is updated; static_len is
+ * also updated if stree is not null. The field max_code is set.
+ */
+local void build_tree(s, desc)
+ deflate_state *s;
+ tree_desc *desc; /* the tree descriptor */
+{
+ ct_data *tree = desc->dyn_tree;
+ const ct_data *stree = desc->stat_desc->static_tree;
+ int elems = desc->stat_desc->elems;
+ int n, m; /* iterate over heap elements */
+ int max_code = -1; /* largest code with non zero frequency */
+ int node; /* new node being created */
+
+ /* Construct the initial heap, with least frequent element in
+ * heap[SMALLEST]. The sons of heap[n] are heap[2*n] and heap[2*n+1].
+ * heap[0] is not used.
+ */
+ s->heap_len = 0, s->heap_max = HEAP_SIZE;
+
+ for (n = 0; n < elems; n++) {
+ if (tree[n].Freq != 0) {
+ s->heap[++(s->heap_len)] = max_code = n;
+ s->depth[n] = 0;
+ } else {
+ tree[n].Len = 0;
+ }
+ }
+
+ /* The pkzip format requires that at least one distance code exists,
+ * and that at least one bit should be sent even if there is only one
+ * possible code. So to avoid special checks later on we force at least
+ * two codes of non zero frequency.
+ */
+ while (s->heap_len < 2) {
+ node = s->heap[++(s->heap_len)] = (max_code < 2 ? ++max_code : 0);
+ tree[node].Freq = 1;
+ s->depth[node] = 0;
+ s->opt_len--; if (stree) s->static_len -= stree[node].Len;
+ /* node is 0 or 1 so it does not have extra bits */
+ }
+ desc->max_code = max_code;
+
+ /* The elements heap[heap_len/2+1 .. heap_len] are leaves of the tree,
+ * establish sub-heaps of increasing lengths:
+ */
+ for (n = s->heap_len/2; n >= 1; n--) pqdownheap(s, tree, n);
+
+ /* Construct the Huffman tree by repeatedly combining the least two
+ * frequent nodes.
+ */
+ node = elems; /* next internal node of the tree */
+ do {
+ pqremove(s, tree, n); /* n = node of least frequency */
+ m = s->heap[SMALLEST]; /* m = node of next least frequency */
+
+ s->heap[--(s->heap_max)] = n; /* keep the nodes sorted by frequency */
+ s->heap[--(s->heap_max)] = m;
+
+ /* Create a new node father of n and m */
+ tree[node].Freq = tree[n].Freq + tree[m].Freq;
+ s->depth[node] = (uch)((s->depth[n] >= s->depth[m] ?
+ s->depth[n] : s->depth[m]) + 1);
+ tree[n].Dad = tree[m].Dad = (ush)node;
+#ifdef DUMP_BL_TREE
+ if (tree == s->bl_tree) {
+ fprintf(stderr,"\nnode %d(%d), sons %d(%d) %d(%d)",
+ node, tree[node].Freq, n, tree[n].Freq, m, tree[m].Freq);
+ }
+#endif
+ /* and insert the new node in the heap */
+ s->heap[SMALLEST] = node++;
+ pqdownheap(s, tree, SMALLEST);
+
+ } while (s->heap_len >= 2);
+
+ s->heap[--(s->heap_max)] = s->heap[SMALLEST];
+
+ /* At this point, the fields freq and dad are set. We can now
+ * generate the bit lengths.
+ */
+ gen_bitlen(s, (tree_desc *)desc);
+
+ /* The field len is now set, we can generate the bit codes */
+ gen_codes ((ct_data *)tree, max_code, s->bl_count);
+}
+
+/* ===========================================================================
+ * Scan a literal or distance tree to determine the frequencies of the codes
+ * in the bit length tree.
+ */
+local void scan_tree (s, tree, max_code)
+ deflate_state *s;
+ ct_data *tree; /* the tree to be scanned */
+ int max_code; /* and its largest code of non zero frequency */
+{
+ int n; /* iterates over all tree elements */
+ int prevlen = -1; /* last emitted length */
+ int curlen; /* length of current code */
+ int nextlen = tree[0].Len; /* length of next code */
+ int count = 0; /* repeat count of the current code */
+ int max_count = 7; /* max repeat count */
+ int min_count = 4; /* min repeat count */
+
+ if (nextlen == 0) max_count = 138, min_count = 3;
+ tree[max_code+1].Len = (ush)0xffff; /* guard */
+
+ for (n = 0; n <= max_code; n++) {
+ curlen = nextlen; nextlen = tree[n+1].Len;
+ if (++count < max_count && curlen == nextlen) {
+ continue;
+ } else if (count < min_count) {
+ s->bl_tree[curlen].Freq += count;
+ } else if (curlen != 0) {
+ if (curlen != prevlen) s->bl_tree[curlen].Freq++;
+ s->bl_tree[REP_3_6].Freq++;
+ } else if (count <= 10) {
+ s->bl_tree[REPZ_3_10].Freq++;
+ } else {
+ s->bl_tree[REPZ_11_138].Freq++;
+ }
+ count = 0; prevlen = curlen;
+ if (nextlen == 0) {
+ max_count = 138, min_count = 3;
+ } else if (curlen == nextlen) {
+ max_count = 6, min_count = 3;
+ } else {
+ max_count = 7, min_count = 4;
+ }
+ }
+}
+
+/* ===========================================================================
+ * Send a literal or distance tree in compressed form, using the codes in
+ * bl_tree.
+ */
+local void send_tree (s, tree, max_code)
+ deflate_state *s;
+ ct_data *tree; /* the tree to be scanned */
+ int max_code; /* and its largest code of non zero frequency */
+{
+ int n; /* iterates over all tree elements */
+ int prevlen = -1; /* last emitted length */
+ int curlen; /* length of current code */
+ int nextlen = tree[0].Len; /* length of next code */
+ int count = 0; /* repeat count of the current code */
+ int max_count = 7; /* max repeat count */
+ int min_count = 4; /* min repeat count */
+
+ /* tree[max_code+1].Len = -1; */ /* guard already set */
+ if (nextlen == 0) max_count = 138, min_count = 3;
+
+ for (n = 0; n <= max_code; n++) {
+ curlen = nextlen; nextlen = tree[n+1].Len;
+ if (++count < max_count && curlen == nextlen) {
+ continue;
+ } else if (count < min_count) {
+ do { send_code(s, curlen, s->bl_tree); } while (--count != 0);
+
+ } else if (curlen != 0) {
+ if (curlen != prevlen) {
+ send_code(s, curlen, s->bl_tree); count--;
+ }
+ Assert(count >= 3 && count <= 6, " 3_6?");
+ send_code(s, REP_3_6, s->bl_tree); send_bits(s, count-3, 2);
+
+ } else if (count <= 10) {
+ send_code(s, REPZ_3_10, s->bl_tree); send_bits(s, count-3, 3);
+
+ } else {
+ send_code(s, REPZ_11_138, s->bl_tree); send_bits(s, count-11, 7);
+ }
+ count = 0; prevlen = curlen;
+ if (nextlen == 0) {
+ max_count = 138, min_count = 3;
+ } else if (curlen == nextlen) {
+ max_count = 6, min_count = 3;
+ } else {
+ max_count = 7, min_count = 4;
+ }
+ }
+}
+
+/* ===========================================================================
+ * Construct the Huffman tree for the bit lengths and return the index in
+ * bl_order of the last bit length code to send.
+ */
+local int build_bl_tree(s)
+ deflate_state *s;
+{
+ int max_blindex; /* index of last bit length code of non zero freq */
+
+ /* Determine the bit length frequencies for literal and distance trees */
+ scan_tree(s, (ct_data *)s->dyn_ltree, s->l_desc.max_code);
+ scan_tree(s, (ct_data *)s->dyn_dtree, s->d_desc.max_code);
+
+ /* Build the bit length tree: */
+ build_tree(s, (tree_desc *)(&(s->bl_desc)));
+ /* opt_len now includes the length of the tree representations, except
+ * the lengths of the bit lengths codes and the 5+5+4 bits for the counts.
+ */
+
+ /* Determine the number of bit length codes to send. The pkzip format
+ * requires that at least 4 bit length codes be sent. (appnote.txt says
+ * 3 but the actual value used is 4.)
+ */
+ for (max_blindex = BL_CODES-1; max_blindex >= 3; max_blindex--) {
+ if (s->bl_tree[bl_order[max_blindex]].Len != 0) break;
+ }
+ /* Update opt_len to include the bit length tree and counts */
+ s->opt_len += 3*(max_blindex+1) + 5+5+4;
+ Tracev((stderr, "\ndyn trees: dyn %ld, stat %ld",
+ s->opt_len, s->static_len));
+
+ return max_blindex;
+}
+
+/* ===========================================================================
+ * Send the header for a block using dynamic Huffman trees: the counts, the
+ * lengths of the bit length codes, the literal tree and the distance tree.
+ * IN assertion: lcodes >= 257, dcodes >= 1, blcodes >= 4.
+ */
+local void send_all_trees(s, lcodes, dcodes, blcodes)
+ deflate_state *s;
+ int lcodes, dcodes, blcodes; /* number of codes for each tree */
+{
+ int rank; /* index in bl_order */
+
+ Assert (lcodes >= 257 && dcodes >= 1 && blcodes >= 4, "not enough codes");
+ Assert (lcodes <= L_CODES && dcodes <= D_CODES && blcodes <= BL_CODES,
+ "too many codes");
+ Tracev((stderr, "\nbl counts: "));
+ send_bits(s, lcodes-257, 5); /* not +255 as stated in appnote.txt */
+ send_bits(s, dcodes-1, 5);
+ send_bits(s, blcodes-4, 4); /* not -3 as stated in appnote.txt */
+ for (rank = 0; rank < blcodes; rank++) {
+ Tracev((stderr, "\nbl code %2d ", bl_order[rank]));
+ send_bits(s, s->bl_tree[bl_order[rank]].Len, 3);
+ }
+ Tracev((stderr, "\nbl tree: sent %ld", s->bits_sent));
+
+ send_tree(s, (ct_data *)s->dyn_ltree, lcodes-1); /* literal tree */
+ Tracev((stderr, "\nlit tree: sent %ld", s->bits_sent));
+
+ send_tree(s, (ct_data *)s->dyn_dtree, dcodes-1); /* distance tree */
+ Tracev((stderr, "\ndist tree: sent %ld", s->bits_sent));
+}
+
+/* ===========================================================================
+ * Send a stored block
+ */
+void ZLIB_INTERNAL _tr_stored_block(s, buf, stored_len, last)
+ deflate_state *s;
+ charf *buf; /* input block */
+ ulg stored_len; /* length of input block */
+ int last; /* one if this is the last block for a file */
+{
+ send_bits(s, (STORED_BLOCK<<1)+last, 3); /* send block type */
+#ifdef DEBUG
+ s->compressed_len = (s->compressed_len + 3 + 7) & (ulg)~7L;
+ s->compressed_len += (stored_len + 4) << 3;
+#endif
+ copy_block(s, buf, (unsigned)stored_len, 1); /* with header */
+}
+
+/* ===========================================================================
+ * Send one empty static block to give enough lookahead for inflate.
+ * This takes 10 bits, of which 7 may remain in the bit buffer.
+ * The current inflate code requires 9 bits of lookahead. If the
+ * last two codes for the previous block (real code plus EOB) were coded
+ * on 5 bits or less, inflate may have only 5+3 bits of lookahead to decode
+ * the last real code. In this case we send two empty static blocks instead
+ * of one. (There are no problems if the previous block is stored or fixed.)
+ * To simplify the code, we assume the worst case of last real code encoded
+ * on one bit only.
+ */
+void ZLIB_INTERNAL _tr_align(s)
+ deflate_state *s;
+{
+ send_bits(s, STATIC_TREES<<1, 3);
+ send_code(s, END_BLOCK, static_ltree);
+#ifdef DEBUG
+ s->compressed_len += 10L; /* 3 for block type, 7 for EOB */
+#endif
+ bi_flush(s);
+ /* Of the 10 bits for the empty block, we have already sent
+ * (10 - bi_valid) bits. The lookahead for the last real code (before
+ * the EOB of the previous block) was thus at least one plus the length
+ * of the EOB plus what we have just sent of the empty static block.
+ */
+ if (1 + s->last_eob_len + 10 - s->bi_valid < 9) {
+ send_bits(s, STATIC_TREES<<1, 3);
+ send_code(s, END_BLOCK, static_ltree);
+#ifdef DEBUG
+ s->compressed_len += 10L;
+#endif
+ bi_flush(s);
+ }
+ s->last_eob_len = 7;
+}
+
+/* ===========================================================================
+ * Determine the best encoding for the current block: dynamic trees, static
+ * trees or store, and output the encoded block to the zip file.
+ */
+void ZLIB_INTERNAL _tr_flush_block(s, buf, stored_len, last)
+ deflate_state *s;
+ charf *buf; /* input block, or NULL if too old */
+ ulg stored_len; /* length of input block */
+ int last; /* one if this is the last block for a file */
+{
+ ulg opt_lenb, static_lenb; /* opt_len and static_len in bytes */
+ int max_blindex = 0; /* index of last bit length code of non zero freq */
+
+ /* Build the Huffman trees unless a stored block is forced */
+ if (s->level > 0) {
+
+ /* Check if the file is binary or text */
+ if (s->strm->data_type == Z_UNKNOWN)
+ s->strm->data_type = detect_data_type(s);
+
+ /* Construct the literal and distance trees */
+ build_tree(s, (tree_desc *)(&(s->l_desc)));
+ Tracev((stderr, "\nlit data: dyn %ld, stat %ld", s->opt_len,
+ s->static_len));
+
+ build_tree(s, (tree_desc *)(&(s->d_desc)));
+ Tracev((stderr, "\ndist data: dyn %ld, stat %ld", s->opt_len,
+ s->static_len));
+ /* At this point, opt_len and static_len are the total bit lengths of
+ * the compressed block data, excluding the tree representations.
+ */
+
+ /* Build the bit length tree for the above two trees, and get the index
+ * in bl_order of the last bit length code to send.
+ */
+ max_blindex = build_bl_tree(s);
+
+ /* Determine the best encoding. Compute the block lengths in bytes. */
+ opt_lenb = (s->opt_len+3+7)>>3;
+ static_lenb = (s->static_len+3+7)>>3;
+
+ Tracev((stderr, "\nopt %lu(%lu) stat %lu(%lu) stored %lu lit %u ",
+ opt_lenb, s->opt_len, static_lenb, s->static_len, stored_len,
+ s->last_lit));
+
+ if (static_lenb <= opt_lenb) opt_lenb = static_lenb;
+
+ } else {
+ Assert(buf != (char*)0, "lost buf");
+ opt_lenb = static_lenb = stored_len + 5; /* force a stored block */
+ }
+
+#ifdef FORCE_STORED
+ if (buf != (char*)0) { /* force stored block */
+#else
+ if (stored_len+4 <= opt_lenb && buf != (char*)0) {
+ /* 4: two words for the lengths */
+#endif
+ /* The test buf != NULL is only necessary if LIT_BUFSIZE > WSIZE.
+ * Otherwise we can't have processed more than WSIZE input bytes since
+ * the last block flush, because compression would have been
+ * successful. If LIT_BUFSIZE <= WSIZE, it is never too late to
+ * transform a block into a stored block.
+ */
+ _tr_stored_block(s, buf, stored_len, last);
+
+#ifdef FORCE_STATIC
+ } else if (static_lenb >= 0) { /* force static trees */
+#else
+ } else if (s->strategy == Z_FIXED || static_lenb == opt_lenb) {
+#endif
+ send_bits(s, (STATIC_TREES<<1)+last, 3);
+ compress_block(s, (ct_data *)static_ltree, (ct_data *)static_dtree);
+#ifdef DEBUG
+ s->compressed_len += 3 + s->static_len;
+#endif
+ } else {
+ send_bits(s, (DYN_TREES<<1)+last, 3);
+ send_all_trees(s, s->l_desc.max_code+1, s->d_desc.max_code+1,
+ max_blindex+1);
+ compress_block(s, (ct_data *)s->dyn_ltree, (ct_data *)s->dyn_dtree);
+#ifdef DEBUG
+ s->compressed_len += 3 + s->opt_len;
+#endif
+ }
+ Assert (s->compressed_len == s->bits_sent, "bad compressed size");
+ /* The above check is made mod 2^32, for files larger than 512 MB
+ * and uLong implemented on 32 bits.
+ */
+ init_block(s);
+
+ if (last) {
+ bi_windup(s);
+#ifdef DEBUG
+ s->compressed_len += 7; /* align on byte boundary */
+#endif
+ }
+ Tracev((stderr,"\ncomprlen %lu(%lu) ", s->compressed_len>>3,
+ s->compressed_len-7*last));
+}
+
+/* ===========================================================================
+ * Save the match info and tally the frequency counts. Return true if
+ * the current block must be flushed.
+ */
+int ZLIB_INTERNAL _tr_tally (s, dist, lc)
+ deflate_state *s;
+ unsigned dist; /* distance of matched string */
+ unsigned lc; /* match length-MIN_MATCH or unmatched char (if dist==0) */
+{
+ s->d_buf[s->last_lit] = (ush)dist;
+ s->l_buf[s->last_lit++] = (uch)lc;
+ if (dist == 0) {
+ /* lc is the unmatched char */
+ s->dyn_ltree[lc].Freq++;
+ } else {
+ s->matches++;
+ /* Here, lc is the match length - MIN_MATCH */
+ dist--; /* dist = match distance - 1 */
+ Assert((ush)dist < (ush)MAX_DIST(s) &&
+ (ush)lc <= (ush)(MAX_MATCH-MIN_MATCH) &&
+ (ush)d_code(dist) < (ush)D_CODES, "_tr_tally: bad match");
+
+ s->dyn_ltree[_length_code[lc]+LITERALS+1].Freq++;
+ s->dyn_dtree[d_code(dist)].Freq++;
+ }
+
+#ifdef TRUNCATE_BLOCK
+ /* Try to guess if it is profitable to stop the current block here */
+ if ((s->last_lit & 0x1fff) == 0 && s->level > 2) {
+ /* Compute an upper bound for the compressed length */
+ ulg out_length = (ulg)s->last_lit*8L;
+ ulg in_length = (ulg)((long)s->strstart - s->block_start);
+ int dcode;
+ for (dcode = 0; dcode < D_CODES; dcode++) {
+ out_length += (ulg)s->dyn_dtree[dcode].Freq *
+ (5L+extra_dbits[dcode]);
+ }
+ out_length >>= 3;
+ Tracev((stderr,"\nlast_lit %u, in %ld, out ~%ld(%ld%%) ",
+ s->last_lit, in_length, out_length,
+ 100L - out_length*100L/in_length));
+ if (s->matches < s->last_lit/2 && out_length < in_length/2) return 1;
+ }
+#endif
+ return (s->last_lit == s->lit_bufsize-1);
+ /* We avoid equality with lit_bufsize because of wraparound at 64K
+ * on 16 bit machines and because stored blocks are restricted to
+ * 64K-1 bytes.
+ */
+}
+
+/* ===========================================================================
+ * Send the block data compressed using the given Huffman trees
+ */
+local void compress_block(s, ltree, dtree)
+ deflate_state *s;
+ ct_data *ltree; /* literal tree */
+ ct_data *dtree; /* distance tree */
+{
+ unsigned dist; /* distance of matched string */
+ int lc; /* match length or unmatched char (if dist == 0) */
+ unsigned lx = 0; /* running index in l_buf */
+ unsigned code; /* the code to send */
+ int extra; /* number of extra bits to send */
+
+ if (s->last_lit != 0) do {
+ dist = s->d_buf[lx];
+ lc = s->l_buf[lx++];
+ if (dist == 0) {
+ send_code(s, lc, ltree); /* send a literal byte */
+ Tracecv(isgraph(lc), (stderr," '%c' ", lc));
+ } else {
+ /* Here, lc is the match length - MIN_MATCH */
+ code = _length_code[lc];
+ send_code(s, code+LITERALS+1, ltree); /* send the length code */
+ extra = extra_lbits[code];
+ if (extra != 0) {
+ lc -= base_length[code];
+ send_bits(s, lc, extra); /* send the extra length bits */
+ }
+ dist--; /* dist is now the match distance - 1 */
+ code = d_code(dist);
+ Assert (code < D_CODES, "bad d_code");
+
+ send_code(s, code, dtree); /* send the distance code */
+ extra = extra_dbits[code];
+ if (extra != 0) {
+ dist -= base_dist[code];
+ send_bits(s, dist, extra); /* send the extra distance bits */
+ }
+ } /* literal or match pair ? */
+
+ /* Check that the overlay between pending_buf and d_buf+l_buf is ok: */
+ Assert((uInt)(s->pending) < s->lit_bufsize + 2*lx,
+ "pendingBuf overflow");
+
+ } while (lx < s->last_lit);
+
+ send_code(s, END_BLOCK, ltree);
+ s->last_eob_len = ltree[END_BLOCK].Len;
+}
+
+/* ===========================================================================
+ * Check if the data type is TEXT or BINARY, using the following algorithm:
+ * - TEXT if the two conditions below are satisfied:
+ * a) There are no non-portable control characters belonging to the
+ * "black list" (0..6, 14..25, 28..31).
+ * b) There is at least one printable character belonging to the
+ * "white list" (9 {TAB}, 10 {LF}, 13 {CR}, 32..255).
+ * - BINARY otherwise.
+ * - The following partially-portable control characters form a
+ * "gray list" that is ignored in this detection algorithm:
+ * (7 {BEL}, 8 {BS}, 11 {VT}, 12 {FF}, 26 {SUB}, 27 {ESC}).
+ * IN assertion: the fields Freq of dyn_ltree are set.
+ */
+local int detect_data_type(s)
+ deflate_state *s;
+{
+ /* black_mask is the bit mask of black-listed bytes
+ * set bits 0..6, 14..25, and 28..31
+ * 0xf3ffc07f = binary 11110011111111111100000001111111
+ */
+ unsigned long black_mask = 0xf3ffc07fUL;
+ int n;
+
+ /* Check for non-textual ("black-listed") bytes. */
+ for (n = 0; n <= 31; n++, black_mask >>= 1)
+ if ((black_mask & 1) && (s->dyn_ltree[n].Freq != 0))
+ return Z_BINARY;
+
+ /* Check for textual ("white-listed") bytes. */
+ if (s->dyn_ltree[9].Freq != 0 || s->dyn_ltree[10].Freq != 0
+ || s->dyn_ltree[13].Freq != 0)
+ return Z_TEXT;
+ for (n = 32; n < LITERALS; n++)
+ if (s->dyn_ltree[n].Freq != 0)
+ return Z_TEXT;
+
+ /* There are no "black-listed" or "white-listed" bytes:
+ * this stream either is empty or has tolerated ("gray-listed") bytes only.
+ */
+ return Z_BINARY;
+}
+
+/* ===========================================================================
+ * Reverse the first len bits of a code, using straightforward code (a faster
+ * method would use a table)
+ * IN assertion: 1 <= len <= 15
+ */
+local unsigned bi_reverse(code, len)
+ unsigned code; /* the value to invert */
+ int len; /* its bit length */
+{
+ register unsigned res = 0;
+ do {
+ res |= code & 1;
+ code >>= 1, res <<= 1;
+ } while (--len > 0);
+ return res >> 1;
+}
+
+/* ===========================================================================
+ * Flush the bit buffer, keeping at most 7 bits in it.
+ */
+local void bi_flush(s)
+ deflate_state *s;
+{
+ if (s->bi_valid == 16) {
+ put_short(s, s->bi_buf);
+ s->bi_buf = 0;
+ s->bi_valid = 0;
+ } else if (s->bi_valid >= 8) {
+ put_byte(s, (Byte)s->bi_buf);
+ s->bi_buf >>= 8;
+ s->bi_valid -= 8;
+ }
+}
+
+/* ===========================================================================
+ * Flush the bit buffer and align the output on a byte boundary
+ */
+local void bi_windup(s)
+ deflate_state *s;
+{
+ if (s->bi_valid > 8) {
+ put_short(s, s->bi_buf);
+ } else if (s->bi_valid > 0) {
+ put_byte(s, (Byte)s->bi_buf);
+ }
+ s->bi_buf = 0;
+ s->bi_valid = 0;
+#ifdef DEBUG
+ s->bits_sent = (s->bits_sent+7) & ~7;
+#endif
+}
+
+/* ===========================================================================
+ * Copy a stored block, storing first the length and its
+ * one's complement if requested.
+ */
+local void copy_block(s, buf, len, header)
+ deflate_state *s;
+ charf *buf; /* the input data */
+ unsigned len; /* its length */
+ int header; /* true if block header must be written */
+{
+ bi_windup(s); /* align on byte boundary */
+ s->last_eob_len = 8; /* enough lookahead for inflate */
+
+ if (header) {
+ put_short(s, (ush)len);
+ put_short(s, (ush)~len);
+#ifdef DEBUG
+ s->bits_sent += 2*16;
+#endif
+ }
+#ifdef DEBUG
+ s->bits_sent += (ulg)len<<3;
+#endif
+ while (len--) {
+ put_byte(s, *buf++);
+ }
+}
Added: trunk/contrib/sudo/zlib/trees.h
===================================================================
--- trunk/contrib/sudo/zlib/trees.h (rev 0)
+++ trunk/contrib/sudo/zlib/trees.h 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,128 @@
+/* header created automatically with -DGEN_TREES_H */
+
+local const ct_data static_ltree[L_CODES+2] = {
+{{ 12},{ 8}}, {{140},{ 8}}, {{ 76},{ 8}}, {{204},{ 8}}, {{ 44},{ 8}},
+{{172},{ 8}}, {{108},{ 8}}, {{236},{ 8}}, {{ 28},{ 8}}, {{156},{ 8}},
+{{ 92},{ 8}}, {{220},{ 8}}, {{ 60},{ 8}}, {{188},{ 8}}, {{124},{ 8}},
+{{252},{ 8}}, {{ 2},{ 8}}, {{130},{ 8}}, {{ 66},{ 8}}, {{194},{ 8}},
+{{ 34},{ 8}}, {{162},{ 8}}, {{ 98},{ 8}}, {{226},{ 8}}, {{ 18},{ 8}},
+{{146},{ 8}}, {{ 82},{ 8}}, {{210},{ 8}}, {{ 50},{ 8}}, {{178},{ 8}},
+{{114},{ 8}}, {{242},{ 8}}, {{ 10},{ 8}}, {{138},{ 8}}, {{ 74},{ 8}},
+{{202},{ 8}}, {{ 42},{ 8}}, {{170},{ 8}}, {{106},{ 8}}, {{234},{ 8}},
+{{ 26},{ 8}}, {{154},{ 8}}, {{ 90},{ 8}}, {{218},{ 8}}, {{ 58},{ 8}},
+{{186},{ 8}}, {{122},{ 8}}, {{250},{ 8}}, {{ 6},{ 8}}, {{134},{ 8}},
+{{ 70},{ 8}}, {{198},{ 8}}, {{ 38},{ 8}}, {{166},{ 8}}, {{102},{ 8}},
+{{230},{ 8}}, {{ 22},{ 8}}, {{150},{ 8}}, {{ 86},{ 8}}, {{214},{ 8}},
+{{ 54},{ 8}}, {{182},{ 8}}, {{118},{ 8}}, {{246},{ 8}}, {{ 14},{ 8}},
+{{142},{ 8}}, {{ 78},{ 8}}, {{206},{ 8}}, {{ 46},{ 8}}, {{174},{ 8}},
+{{110},{ 8}}, {{238},{ 8}}, {{ 30},{ 8}}, {{158},{ 8}}, {{ 94},{ 8}},
+{{222},{ 8}}, {{ 62},{ 8}}, {{190},{ 8}}, {{126},{ 8}}, {{254},{ 8}},
+{{ 1},{ 8}}, {{129},{ 8}}, {{ 65},{ 8}}, {{193},{ 8}}, {{ 33},{ 8}},
+{{161},{ 8}}, {{ 97},{ 8}}, {{225},{ 8}}, {{ 17},{ 8}}, {{145},{ 8}},
+{{ 81},{ 8}}, {{209},{ 8}}, {{ 49},{ 8}}, {{177},{ 8}}, {{113},{ 8}},
+{{241},{ 8}}, {{ 9},{ 8}}, {{137},{ 8}}, {{ 73},{ 8}}, {{201},{ 8}},
+{{ 41},{ 8}}, {{169},{ 8}}, {{105},{ 8}}, {{233},{ 8}}, {{ 25},{ 8}},
+{{153},{ 8}}, {{ 89},{ 8}}, {{217},{ 8}}, {{ 57},{ 8}}, {{185},{ 8}},
+{{121},{ 8}}, {{249},{ 8}}, {{ 5},{ 8}}, {{133},{ 8}}, {{ 69},{ 8}},
+{{197},{ 8}}, {{ 37},{ 8}}, {{165},{ 8}}, {{101},{ 8}}, {{229},{ 8}},
+{{ 21},{ 8}}, {{149},{ 8}}, {{ 85},{ 8}}, {{213},{ 8}}, {{ 53},{ 8}},
+{{181},{ 8}}, {{117},{ 8}}, {{245},{ 8}}, {{ 13},{ 8}}, {{141},{ 8}},
+{{ 77},{ 8}}, {{205},{ 8}}, {{ 45},{ 8}}, {{173},{ 8}}, {{109},{ 8}},
+{{237},{ 8}}, {{ 29},{ 8}}, {{157},{ 8}}, {{ 93},{ 8}}, {{221},{ 8}},
+{{ 61},{ 8}}, {{189},{ 8}}, {{125},{ 8}}, {{253},{ 8}}, {{ 19},{ 9}},
+{{275},{ 9}}, {{147},{ 9}}, {{403},{ 9}}, {{ 83},{ 9}}, {{339},{ 9}},
+{{211},{ 9}}, {{467},{ 9}}, {{ 51},{ 9}}, {{307},{ 9}}, {{179},{ 9}},
+{{435},{ 9}}, {{115},{ 9}}, {{371},{ 9}}, {{243},{ 9}}, {{499},{ 9}},
+{{ 11},{ 9}}, {{267},{ 9}}, {{139},{ 9}}, {{395},{ 9}}, {{ 75},{ 9}},
+{{331},{ 9}}, {{203},{ 9}}, {{459},{ 9}}, {{ 43},{ 9}}, {{299},{ 9}},
+{{171},{ 9}}, {{427},{ 9}}, {{107},{ 9}}, {{363},{ 9}}, {{235},{ 9}},
+{{491},{ 9}}, {{ 27},{ 9}}, {{283},{ 9}}, {{155},{ 9}}, {{411},{ 9}},
+{{ 91},{ 9}}, {{347},{ 9}}, {{219},{ 9}}, {{475},{ 9}}, {{ 59},{ 9}},
+{{315},{ 9}}, {{187},{ 9}}, {{443},{ 9}}, {{123},{ 9}}, {{379},{ 9}},
+{{251},{ 9}}, {{507},{ 9}}, {{ 7},{ 9}}, {{263},{ 9}}, {{135},{ 9}},
+{{391},{ 9}}, {{ 71},{ 9}}, {{327},{ 9}}, {{199},{ 9}}, {{455},{ 9}},
+{{ 39},{ 9}}, {{295},{ 9}}, {{167},{ 9}}, {{423},{ 9}}, {{103},{ 9}},
+{{359},{ 9}}, {{231},{ 9}}, {{487},{ 9}}, {{ 23},{ 9}}, {{279},{ 9}},
+{{151},{ 9}}, {{407},{ 9}}, {{ 87},{ 9}}, {{343},{ 9}}, {{215},{ 9}},
+{{471},{ 9}}, {{ 55},{ 9}}, {{311},{ 9}}, {{183},{ 9}}, {{439},{ 9}},
+{{119},{ 9}}, {{375},{ 9}}, {{247},{ 9}}, {{503},{ 9}}, {{ 15},{ 9}},
+{{271},{ 9}}, {{143},{ 9}}, {{399},{ 9}}, {{ 79},{ 9}}, {{335},{ 9}},
+{{207},{ 9}}, {{463},{ 9}}, {{ 47},{ 9}}, {{303},{ 9}}, {{175},{ 9}},
+{{431},{ 9}}, {{111},{ 9}}, {{367},{ 9}}, {{239},{ 9}}, {{495},{ 9}},
+{{ 31},{ 9}}, {{287},{ 9}}, {{159},{ 9}}, {{415},{ 9}}, {{ 95},{ 9}},
+{{351},{ 9}}, {{223},{ 9}}, {{479},{ 9}}, {{ 63},{ 9}}, {{319},{ 9}},
+{{191},{ 9}}, {{447},{ 9}}, {{127},{ 9}}, {{383},{ 9}}, {{255},{ 9}},
+{{511},{ 9}}, {{ 0},{ 7}}, {{ 64},{ 7}}, {{ 32},{ 7}}, {{ 96},{ 7}},
+{{ 16},{ 7}}, {{ 80},{ 7}}, {{ 48},{ 7}}, {{112},{ 7}}, {{ 8},{ 7}},
+{{ 72},{ 7}}, {{ 40},{ 7}}, {{104},{ 7}}, {{ 24},{ 7}}, {{ 88},{ 7}},
+{{ 56},{ 7}}, {{120},{ 7}}, {{ 4},{ 7}}, {{ 68},{ 7}}, {{ 36},{ 7}},
+{{100},{ 7}}, {{ 20},{ 7}}, {{ 84},{ 7}}, {{ 52},{ 7}}, {{116},{ 7}},
+{{ 3},{ 8}}, {{131},{ 8}}, {{ 67},{ 8}}, {{195},{ 8}}, {{ 35},{ 8}},
+{{163},{ 8}}, {{ 99},{ 8}}, {{227},{ 8}}
+};
+
+local const ct_data static_dtree[D_CODES] = {
+{{ 0},{ 5}}, {{16},{ 5}}, {{ 8},{ 5}}, {{24},{ 5}}, {{ 4},{ 5}},
+{{20},{ 5}}, {{12},{ 5}}, {{28},{ 5}}, {{ 2},{ 5}}, {{18},{ 5}},
+{{10},{ 5}}, {{26},{ 5}}, {{ 6},{ 5}}, {{22},{ 5}}, {{14},{ 5}},
+{{30},{ 5}}, {{ 1},{ 5}}, {{17},{ 5}}, {{ 9},{ 5}}, {{25},{ 5}},
+{{ 5},{ 5}}, {{21},{ 5}}, {{13},{ 5}}, {{29},{ 5}}, {{ 3},{ 5}},
+{{19},{ 5}}, {{11},{ 5}}, {{27},{ 5}}, {{ 7},{ 5}}, {{23},{ 5}}
+};
+
+const uch ZLIB_INTERNAL _dist_code[DIST_CODE_LEN] = {
+ 0, 1, 2, 3, 4, 4, 5, 5, 6, 6, 6, 6, 7, 7, 7, 7, 8, 8, 8, 8,
+ 8, 8, 8, 8, 9, 9, 9, 9, 9, 9, 9, 9, 10, 10, 10, 10, 10, 10, 10, 10,
+10, 10, 10, 10, 10, 10, 10, 10, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
+11, 11, 11, 11, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
+12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 13, 13, 13, 13,
+13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
+13, 13, 13, 13, 13, 13, 13, 13, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
+14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
+14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
+14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 15, 15, 15, 15, 15, 15, 15, 15,
+15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
+15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
+15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 0, 0, 16, 17,
+18, 18, 19, 19, 20, 20, 20, 20, 21, 21, 21, 21, 22, 22, 22, 22, 22, 22, 22, 22,
+23, 23, 23, 23, 23, 23, 23, 23, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
+24, 24, 24, 24, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25,
+26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26,
+26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 27, 27, 27, 27, 27, 27, 27, 27,
+27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27,
+27, 27, 27, 27, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28,
+28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28,
+28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28,
+28, 28, 28, 28, 28, 28, 28, 28, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29,
+29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29,
+29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29,
+29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29
+};
+
+const uch ZLIB_INTERNAL _length_code[MAX_MATCH-MIN_MATCH+1]= {
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 8, 9, 9, 10, 10, 11, 11, 12, 12, 12, 12,
+13, 13, 13, 13, 14, 14, 14, 14, 15, 15, 15, 15, 16, 16, 16, 16, 16, 16, 16, 16,
+17, 17, 17, 17, 17, 17, 17, 17, 18, 18, 18, 18, 18, 18, 18, 18, 19, 19, 19, 19,
+19, 19, 19, 19, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20,
+21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 22, 22, 22, 22,
+22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 23, 23, 23, 23, 23, 23, 23, 23,
+23, 23, 23, 23, 23, 23, 23, 23, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
+24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
+25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25,
+25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 26, 26, 26, 26, 26, 26, 26, 26,
+26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26,
+26, 26, 26, 26, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27,
+27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 28
+};
+
+local const int base_length[LENGTH_CODES] = {
+0, 1, 2, 3, 4, 5, 6, 7, 8, 10, 12, 14, 16, 20, 24, 28, 32, 40, 48, 56,
+64, 80, 96, 112, 128, 160, 192, 224, 0
+};
+
+local const int base_dist[D_CODES] = {
+ 0, 1, 2, 3, 4, 6, 8, 12, 16, 24,
+ 32, 48, 64, 96, 128, 192, 256, 384, 512, 768,
+ 1024, 1536, 2048, 3072, 4096, 6144, 8192, 12288, 16384, 24576
+};
+
Added: trunk/contrib/sudo/zlib/uncompr.c
===================================================================
--- trunk/contrib/sudo/zlib/uncompr.c (rev 0)
+++ trunk/contrib/sudo/zlib/uncompr.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,59 @@
+/* uncompr.c -- decompress a memory buffer
+ * Copyright (C) 1995-2003, 2010 Jean-loup Gailly.
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/* @(#) $Id$ */
+
+#define ZLIB_INTERNAL
+#include "zlib.h"
+
+/* ===========================================================================
+ Decompresses the source buffer into the destination buffer. sourceLen is
+ the byte length of the source buffer. Upon entry, destLen is the total
+ size of the destination buffer, which must be large enough to hold the
+ entire uncompressed data. (The size of the uncompressed data must have
+ been saved previously by the compressor and transmitted to the decompressor
+ by some mechanism outside the scope of this compression library.)
+ Upon exit, destLen is the actual size of the compressed buffer.
+
+ uncompress returns Z_OK if success, Z_MEM_ERROR if there was not
+ enough memory, Z_BUF_ERROR if there was not enough room in the output
+ buffer, or Z_DATA_ERROR if the input data was corrupted.
+*/
+int ZEXPORT uncompress (dest, destLen, source, sourceLen)
+ Bytef *dest;
+ uLongf *destLen;
+ const Bytef *source;
+ uLong sourceLen;
+{
+ z_stream stream;
+ int err;
+
+ stream.next_in = (Bytef*)source;
+ stream.avail_in = (uInt)sourceLen;
+ /* Check for source > 64K on 16-bit machine: */
+ if ((uLong)stream.avail_in != sourceLen) return Z_BUF_ERROR;
+
+ stream.next_out = dest;
+ stream.avail_out = (uInt)*destLen;
+ if ((uLong)stream.avail_out != *destLen) return Z_BUF_ERROR;
+
+ stream.zalloc = (alloc_func)0;
+ stream.zfree = (free_func)0;
+
+ err = inflateInit(&stream);
+ if (err != Z_OK) return err;
+
+ err = inflate(&stream, Z_FINISH);
+ if (err != Z_STREAM_END) {
+ inflateEnd(&stream);
+ if (err == Z_NEED_DICT || (err == Z_BUF_ERROR && stream.avail_in == 0))
+ return Z_DATA_ERROR;
+ return err;
+ }
+ *destLen = stream.total_out;
+
+ err = inflateEnd(&stream);
+ return err;
+}
Added: trunk/contrib/sudo/zlib/zconf.h.in
===================================================================
--- trunk/contrib/sudo/zlib/zconf.h.in (rev 0)
+++ trunk/contrib/sudo/zlib/zconf.h.in 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,436 @@
+/* zconf.h -- configuration of the zlib compression library
+ * Copyright (C) 1995-2010 Jean-loup Gailly.
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/* @(#) $Id$ */
+
+#ifndef ZCONF_H
+#define ZCONF_H
+
+/* The following four defines are enabled by sudo's configure script. */
+#undef HAVE_UNISTD_H
+#undef HAVE_VSNPRINTF
+#undef HAVE_MEMCPY
+#undef _FILE_OFFSET_BITS
+#undef _LARGE_FILES
+#undef const
+
+/*
+ * If you *really* need a unique prefix for all types and library functions,
+ * compile with -DZ_PREFIX. The "standard" zlib should be compiled without it.
+ * Even better than compiling with -DZ_PREFIX would be to use configure to set
+ * this permanently in zconf.h using "./configure --zprefix".
+ */
+#ifdef Z_PREFIX /* may be set to #if 1 by ./configure */
+
+/* all linked symbols */
+# define _dist_code z__dist_code
+# define _length_code z__length_code
+# define _tr_align z__tr_align
+# define _tr_flush_block z__tr_flush_block
+# define _tr_init z__tr_init
+# define _tr_stored_block z__tr_stored_block
+# define _tr_tally z__tr_tally
+# define adler32 z_adler32
+# define adler32_combine z_adler32_combine
+# define adler32_combine64 z_adler32_combine64
+# define compress z_compress
+# define compress2 z_compress2
+# define compressBound z_compressBound
+# define crc32 z_crc32
+# define crc32_combine z_crc32_combine
+# define crc32_combine64 z_crc32_combine64
+# define deflate z_deflate
+# define deflateBound z_deflateBound
+# define deflateCopy z_deflateCopy
+# define deflateEnd z_deflateEnd
+# define deflateInit2_ z_deflateInit2_
+# define deflateInit_ z_deflateInit_
+# define deflateParams z_deflateParams
+# define deflatePrime z_deflatePrime
+# define deflateReset z_deflateReset
+# define deflateSetDictionary z_deflateSetDictionary
+# define deflateSetHeader z_deflateSetHeader
+# define deflateTune z_deflateTune
+# define deflate_copyright z_deflate_copyright
+# define get_crc_table z_get_crc_table
+# define gz_error z_gz_error
+# define gz_intmax z_gz_intmax
+# define gz_strwinerror z_gz_strwinerror
+# define gzbuffer z_gzbuffer
+# define gzclearerr z_gzclearerr
+# define gzclose z_gzclose
+# define gzclose_r z_gzclose_r
+# define gzclose_w z_gzclose_w
+# define gzdirect z_gzdirect
+# define gzdopen z_gzdopen
+# define gzeof z_gzeof
+# define gzerror z_gzerror
+# define gzflush z_gzflush
+# define gzgetc z_gzgetc
+# define gzgets z_gzgets
+# define gzoffset z_gzoffset
+# define gzoffset64 z_gzoffset64
+# define gzopen z_gzopen
+# define gzopen64 z_gzopen64
+# define gzprintf z_gzprintf
+# define gzputc z_gzputc
+# define gzputs z_gzputs
+# define gzread z_gzread
+# define gzrewind z_gzrewind
+# define gzseek z_gzseek
+# define gzseek64 z_gzseek64
+# define gzsetparams z_gzsetparams
+# define gztell z_gztell
+# define gztell64 z_gztell64
+# define gzungetc z_gzungetc
+# define gzwrite z_gzwrite
+# define inflate z_inflate
+# define inflateBack z_inflateBack
+# define inflateBackEnd z_inflateBackEnd
+# define inflateBackInit_ z_inflateBackInit_
+# define inflateCopy z_inflateCopy
+# define inflateEnd z_inflateEnd
+# define inflateGetHeader z_inflateGetHeader
+# define inflateInit2_ z_inflateInit2_
+# define inflateInit_ z_inflateInit_
+# define inflateMark z_inflateMark
+# define inflatePrime z_inflatePrime
+# define inflateReset z_inflateReset
+# define inflateReset2 z_inflateReset2
+# define inflateSetDictionary z_inflateSetDictionary
+# define inflateSync z_inflateSync
+# define inflateSyncPoint z_inflateSyncPoint
+# define inflateUndermine z_inflateUndermine
+# define inflate_copyright z_inflate_copyright
+# define inflate_fast z_inflate_fast
+# define inflate_table z_inflate_table
+# define uncompress z_uncompress
+# define zError z_zError
+# define zcalloc z_zcalloc
+# define zcfree z_zcfree
+# define zlibCompileFlags z_zlibCompileFlags
+# define zlibVersion z_zlibVersion
+
+/* all zlib typedefs in zlib.h and zconf.h */
+# define Byte z_Byte
+# define Bytef z_Bytef
+# define alloc_func z_alloc_func
+# define charf z_charf
+# define free_func z_free_func
+# define gzFile z_gzFile
+# define gz_header z_gz_header
+# define gz_headerp z_gz_headerp
+# define in_func z_in_func
+# define intf z_intf
+# define out_func z_out_func
+# define uInt z_uInt
+# define uIntf z_uIntf
+# define uLong z_uLong
+# define uLongf z_uLongf
+# define voidp z_voidp
+# define voidpc z_voidpc
+# define voidpf z_voidpf
+
+/* all zlib structs in zlib.h and zconf.h */
+# define gz_header_s z_gz_header_s
+# define internal_state z_internal_state
+
+#endif
+
+#if defined(__MSDOS__) && !defined(MSDOS)
+# define MSDOS
+#endif
+#if (defined(OS_2) || defined(__OS2__)) && !defined(OS2)
+# define OS2
+#endif
+#if defined(_WINDOWS) && !defined(WINDOWS)
+# define WINDOWS
+#endif
+#if defined(_WIN32) || defined(_WIN32_WCE) || defined(__WIN32__)
+# ifndef WIN32
+# define WIN32
+# endif
+#endif
+#if (defined(MSDOS) || defined(OS2) || defined(WINDOWS)) && !defined(WIN32)
+# if !defined(__GNUC__) && !defined(__FLAT__) && !defined(__386__)
+# ifndef SYS16BIT
+# define SYS16BIT
+# endif
+# endif
+#endif
+
+/*
+ * Compile with -DMAXSEG_64K if the alloc function cannot allocate more
+ * than 64k bytes at a time (needed on systems with 16-bit int).
+ */
+#ifdef SYS16BIT
+# define MAXSEG_64K
+#endif
+#ifdef MSDOS
+# define UNALIGNED_OK
+#endif
+
+#ifdef __STDC_VERSION__
+# ifndef STDC
+# define STDC
+# endif
+# if __STDC_VERSION__ >= 199901L
+# ifndef STDC99
+# define STDC99
+# endif
+# endif
+#endif
+#if !defined(STDC) && (defined(__STDC__) || defined(__cplusplus))
+# define STDC
+#endif
+#if !defined(STDC) && (defined(__GNUC__) || defined(__BORLANDC__))
+# define STDC
+#endif
+#if !defined(STDC) && (defined(MSDOS) || defined(WINDOWS) || defined(WIN32))
+# define STDC
+#endif
+#if !defined(STDC) && (defined(OS2) || defined(__HOS_AIX__))
+# define STDC
+#endif
+
+#if defined(__OS400__) && !defined(STDC) /* iSeries (formerly AS/400). */
+# define STDC
+#endif
+
+#ifndef STDC
+# ifndef const /* cannot use !defined(STDC) && !defined(const) on Mac */
+# define const /* note: need a more gentle solution here */
+# endif
+#endif
+
+/* Some Mac compilers merge all .h files incorrectly: */
+#if defined(__MWERKS__)||defined(applec)||defined(THINK_C)||defined(__SC__)
+# define NO_DUMMY_DECL
+#endif
+
+/* Maximum value for memLevel in deflateInit2 */
+#ifndef MAX_MEM_LEVEL
+# ifdef MAXSEG_64K
+# define MAX_MEM_LEVEL 8
+# else
+# define MAX_MEM_LEVEL 9
+# endif
+#endif
+
+/* Maximum value for windowBits in deflateInit2 and inflateInit2.
+ * WARNING: reducing MAX_WBITS makes minigzip unable to extract .gz files
+ * created by gzip. (Files created by minigzip can still be extracted by
+ * gzip.)
+ */
+#ifndef MAX_WBITS
+# define MAX_WBITS 15 /* 32K LZ77 window */
+#endif
+
+/* The memory requirements for deflate are (in bytes):
+ (1 << (windowBits+2)) + (1 << (memLevel+9))
+ that is: 128K for windowBits=15 + 128K for memLevel = 8 (default values)
+ plus a few kilobytes for small objects. For example, if you want to reduce
+ the default memory requirements from 256K to 128K, compile with
+ make CFLAGS="-O -DMAX_WBITS=14 -DMAX_MEM_LEVEL=7"
+ Of course this will generally degrade compression (there's no free lunch).
+
+ The memory requirements for inflate are (in bytes) 1 << windowBits
+ that is, 32K for windowBits=15 (default value) plus a few kilobytes
+ for small objects.
+*/
+
+ /* Type declarations */
+
+#ifndef OF /* function prototypes */
+# ifdef STDC
+# define OF(args) args
+# else
+# define OF(args) ()
+# endif
+#endif
+
+/* The following definitions for FAR are needed only for MSDOS mixed
+ * model programming (small or medium model with some far allocations).
+ * This was tested only with MSC; for other MSDOS compilers you may have
+ * to define NO_MEMCPY in zutil.h. If you don't need the mixed model,
+ * just define FAR to be empty.
+ */
+#ifdef SYS16BIT
+# if defined(M_I86SM) || defined(M_I86MM)
+ /* MSC small or medium model */
+# define SMALL_MEDIUM
+# ifdef _MSC_VER
+# define FAR _far
+# else
+# define FAR far
+# endif
+# endif
+# if (defined(__SMALL__) || defined(__MEDIUM__))
+ /* Turbo C small or medium model */
+# define SMALL_MEDIUM
+# ifdef __BORLANDC__
+# define FAR _far
+# else
+# define FAR far
+# endif
+# endif
+#endif
+
+#if defined(WINDOWS) || defined(WIN32)
+ /* If building or using zlib as a DLL, define ZLIB_DLL.
+ * This is not mandatory, but it offers a little performance increase.
+ */
+# ifdef ZLIB_DLL
+# if defined(WIN32) && (!defined(__BORLANDC__) || (__BORLANDC__ >= 0x500))
+# ifdef ZLIB_INTERNAL
+# define ZEXTERN extern __declspec(dllexport)
+# else
+# define ZEXTERN extern __declspec(dllimport)
+# endif
+# endif
+# endif /* ZLIB_DLL */
+ /* If building or using zlib with the WINAPI/WINAPIV calling convention,
+ * define ZLIB_WINAPI.
+ * Caution: the standard ZLIB1.DLL is NOT compiled using ZLIB_WINAPI.
+ */
+# ifdef ZLIB_WINAPI
+# ifdef FAR
+# undef FAR
+# endif
+# include <windows.h>
+ /* No need for _export, use ZLIB.DEF instead. */
+ /* For complete Windows compatibility, use WINAPI, not __stdcall. */
+# define ZEXPORT WINAPI
+# ifdef WIN32
+# define ZEXPORTVA WINAPIV
+# else
+# define ZEXPORTVA FAR CDECL
+# endif
+# endif
+#endif
+
+#if defined (__BEOS__)
+# ifdef ZLIB_DLL
+# ifdef ZLIB_INTERNAL
+# define ZEXPORT __declspec(dllexport)
+# define ZEXPORTVA __declspec(dllexport)
+# else
+# define ZEXPORT __declspec(dllimport)
+# define ZEXPORTVA __declspec(dllimport)
+# endif
+# endif
+#endif
+
+#ifndef ZEXTERN
+# define ZEXTERN extern
+#endif
+#ifndef ZEXPORT
+# define ZEXPORT
+#endif
+#ifndef ZEXPORTVA
+# define ZEXPORTVA
+#endif
+
+#ifndef FAR
+# define FAR
+#endif
+
+#if !defined(__MACTYPES__)
+typedef unsigned char Byte; /* 8 bits */
+#endif
+typedef unsigned int uInt; /* 16 bits or more */
+typedef unsigned long uLong; /* 32 bits or more */
+
+#ifdef SMALL_MEDIUM
+ /* Borland C/C++ and some old MSC versions ignore FAR inside typedef */
+# define Bytef Byte FAR
+#else
+ typedef Byte FAR Bytef;
+#endif
+typedef char FAR charf;
+typedef int FAR intf;
+typedef uInt FAR uIntf;
+typedef uLong FAR uLongf;
+
+#ifdef STDC
+ typedef void const *voidpc;
+ typedef void FAR *voidpf;
+ typedef void *voidp;
+#else
+ typedef Byte const *voidpc;
+ typedef Byte FAR *voidpf;
+ typedef Byte *voidp;
+#endif
+
+#ifdef HAVE_UNISTD_H /* may be set to #if 1 by ./configure */
+# define Z_HAVE_UNISTD_H
+#endif
+
+#ifdef STDC
+# include <sys/types.h> /* for off_t */
+#endif
+
+/* a little trick to accommodate both "#define _LARGEFILE64_SOURCE" and
+ * "#define _LARGEFILE64_SOURCE 1" as requesting 64-bit operations, (even
+ * though the former does not conform to the LFS document), but considering
+ * both "#undef _LARGEFILE64_SOURCE" and "#define _LARGEFILE64_SOURCE 0" as
+ * equivalently requesting no 64-bit operations
+ */
+#if -_LARGEFILE64_SOURCE - -1 == 1
+# undef _LARGEFILE64_SOURCE
+#endif
+
+#if defined(Z_HAVE_UNISTD_H) || defined(_LARGEFILE64_SOURCE)
+# include <unistd.h> /* for SEEK_* and off_t */
+# ifdef VMS
+# include <unixio.h> /* for off_t */
+# endif
+# ifndef z_off_t
+# define z_off_t off_t
+# endif
+#endif
+
+#ifndef SEEK_SET
+# define SEEK_SET 0 /* Seek from beginning of file. */
+# define SEEK_CUR 1 /* Seek from current position. */
+# define SEEK_END 2 /* Set file pointer to EOF plus "offset" */
+#endif
+
+#ifndef z_off_t
+# define z_off_t long
+#endif
+
+#if defined(_LARGEFILE64_SOURCE) && _LFS64_LARGEFILE-0
+# define z_off64_t off64_t
+#else
+# define z_off64_t z_off_t
+#endif
+
+#if defined(__OS400__)
+# define NO_vsnprintf
+#endif
+
+#if defined(__MVS__)
+# define NO_vsnprintf
+#endif
+
+/* MVS linker does not support external names larger than 8 bytes */
+#if defined(__MVS__)
+ #pragma map(deflateInit_,"DEIN")
+ #pragma map(deflateInit2_,"DEIN2")
+ #pragma map(deflateEnd,"DEEND")
+ #pragma map(deflateBound,"DEBND")
+ #pragma map(inflateInit_,"ININ")
+ #pragma map(inflateInit2_,"ININ2")
+ #pragma map(inflateEnd,"INEND")
+ #pragma map(inflateSync,"INSY")
+ #pragma map(inflateSetDictionary,"INSEDI")
+ #pragma map(compressBound,"CMBND")
+ #pragma map(inflate_table,"INTABL")
+ #pragma map(inflate_fast,"INFA")
+ #pragma map(inflate_copyright,"INCOPY")
+#endif
+
+#endif /* ZCONF_H */
Added: trunk/contrib/sudo/zlib/zlib.h
===================================================================
--- trunk/contrib/sudo/zlib/zlib.h (rev 0)
+++ trunk/contrib/sudo/zlib/zlib.h 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,1613 @@
+/* zlib.h -- interface of the 'zlib' general purpose compression library
+ version 1.2.5, April 19th, 2010
+
+ Copyright (C) 1995-2010 Jean-loup Gailly and Mark Adler
+
+ This software is provided 'as-is', without any express or implied
+ warranty. In no event will the authors be held liable for any damages
+ arising from the use of this software.
+
+ Permission is granted to anyone to use this software for any purpose,
+ including commercial applications, and to alter it and redistribute it
+ freely, subject to the following restrictions:
+
+ 1. The origin of this software must not be misrepresented; you must not
+ claim that you wrote the original software. If you use this software
+ in a product, an acknowledgment in the product documentation would be
+ appreciated but is not required.
+ 2. Altered source versions must be plainly marked as such, and must not be
+ misrepresented as being the original software.
+ 3. This notice may not be removed or altered from any source distribution.
+
+ Jean-loup Gailly Mark Adler
+ jloup at gzip.org madler at alumni.caltech.edu
+
+
+ The data format used by the zlib library is described by RFCs (Request for
+ Comments) 1950 to 1952 in the files http://www.ietf.org/rfc/rfc1950.txt
+ (zlib format), rfc1951.txt (deflate format) and rfc1952.txt (gzip format).
+*/
+
+#ifndef ZLIB_H
+#define ZLIB_H
+
+#include "zconf.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define ZLIB_VERSION "1.2.5"
+#define ZLIB_VERNUM 0x1250
+#define ZLIB_VER_MAJOR 1
+#define ZLIB_VER_MINOR 2
+#define ZLIB_VER_REVISION 5
+#define ZLIB_VER_SUBREVISION 0
+
+/*
+ The 'zlib' compression library provides in-memory compression and
+ decompression functions, including integrity checks of the uncompressed data.
+ This version of the library supports only one compression method (deflation)
+ but other algorithms will be added later and will have the same stream
+ interface.
+
+ Compression can be done in a single step if the buffers are large enough,
+ or can be done by repeated calls of the compression function. In the latter
+ case, the application must provide more input and/or consume the output
+ (providing more output space) before each call.
+
+ The compressed data format used by default by the in-memory functions is
+ the zlib format, which is a zlib wrapper documented in RFC 1950, wrapped
+ around a deflate stream, which is itself documented in RFC 1951.
+
+ The library also supports reading and writing files in gzip (.gz) format
+ with an interface similar to that of stdio using the functions that start
+ with "gz". The gzip format is different from the zlib format. gzip is a
+ gzip wrapper, documented in RFC 1952, wrapped around a deflate stream.
+
+ This library can optionally read and write gzip streams in memory as well.
+
+ The zlib format was designed to be compact and fast for use in memory
+ and on communications channels. The gzip format was designed for single-
+ file compression on file systems, has a larger header than zlib to maintain
+ directory information, and uses a different, slower check method than zlib.
+
+ The library does not install any signal handler. The decoder checks
+ the consistency of the compressed data, so the library should never crash
+ even in case of corrupted input.
+*/
+
+typedef voidpf (*alloc_func) OF((voidpf opaque, uInt items, uInt size));
+typedef void (*free_func) OF((voidpf opaque, voidpf address));
+
+struct internal_state;
+
+typedef struct z_stream_s {
+ Bytef *next_in; /* next input byte */
+ uInt avail_in; /* number of bytes available at next_in */
+ uLong total_in; /* total nb of input bytes read so far */
+
+ Bytef *next_out; /* next output byte should be put there */
+ uInt avail_out; /* remaining free space at next_out */
+ uLong total_out; /* total nb of bytes output so far */
+
+ char *msg; /* last error message, NULL if no error */
+ struct internal_state FAR *state; /* not visible by applications */
+
+ alloc_func zalloc; /* used to allocate the internal state */
+ free_func zfree; /* used to free the internal state */
+ voidpf opaque; /* private data object passed to zalloc and zfree */
+
+ int data_type; /* best guess about the data type: binary or text */
+ uLong adler; /* adler32 value of the uncompressed data */
+ uLong reserved; /* reserved for future use */
+} z_stream;
+
+typedef z_stream FAR *z_streamp;
+
+/*
+ gzip header information passed to and from zlib routines. See RFC 1952
+ for more details on the meanings of these fields.
+*/
+typedef struct gz_header_s {
+ int text; /* true if compressed data believed to be text */
+ uLong time; /* modification time */
+ int xflags; /* extra flags (not used when writing a gzip file) */
+ int os; /* operating system */
+ Bytef *extra; /* pointer to extra field or Z_NULL if none */
+ uInt extra_len; /* extra field length (valid if extra != Z_NULL) */
+ uInt extra_max; /* space at extra (only when reading header) */
+ Bytef *name; /* pointer to zero-terminated file name or Z_NULL */
+ uInt name_max; /* space at name (only when reading header) */
+ Bytef *comment; /* pointer to zero-terminated comment or Z_NULL */
+ uInt comm_max; /* space at comment (only when reading header) */
+ int hcrc; /* true if there was or will be a header crc */
+ int done; /* true when done reading gzip header (not used
+ when writing a gzip file) */
+} gz_header;
+
+typedef gz_header FAR *gz_headerp;
+
+/*
+ The application must update next_in and avail_in when avail_in has dropped
+ to zero. It must update next_out and avail_out when avail_out has dropped
+ to zero. The application must initialize zalloc, zfree and opaque before
+ calling the init function. All other fields are set by the compression
+ library and must not be updated by the application.
+
+ The opaque value provided by the application will be passed as the first
+ parameter for calls of zalloc and zfree. This can be useful for custom
+ memory management. The compression library attaches no meaning to the
+ opaque value.
+
+ zalloc must return Z_NULL if there is not enough memory for the object.
+ If zlib is used in a multi-threaded application, zalloc and zfree must be
+ thread safe.
+
+ On 16-bit systems, the functions zalloc and zfree must be able to allocate
+ exactly 65536 bytes, but will not be required to allocate more than this if
+ the symbol MAXSEG_64K is defined (see zconf.h). WARNING: On MSDOS, pointers
+ returned by zalloc for objects of exactly 65536 bytes *must* have their
+ offset normalized to zero. The default allocation function provided by this
+ library ensures this (see zutil.c). To reduce memory requirements and avoid
+ any allocation of 64K objects, at the expense of compression ratio, compile
+ the library with -DMAX_WBITS=14 (see zconf.h).
+
+ The fields total_in and total_out can be used for statistics or progress
+ reports. After compression, total_in holds the total size of the
+ uncompressed data and may be saved for use in the decompressor (particularly
+ if the decompressor wants to decompress everything in a single step).
+*/
+
+ /* constants */
+
+#define Z_NO_FLUSH 0
+#define Z_PARTIAL_FLUSH 1
+#define Z_SYNC_FLUSH 2
+#define Z_FULL_FLUSH 3
+#define Z_FINISH 4
+#define Z_BLOCK 5
+#define Z_TREES 6
+/* Allowed flush values; see deflate() and inflate() below for details */
+
+#define Z_OK 0
+#define Z_STREAM_END 1
+#define Z_NEED_DICT 2
+#define Z_ERRNO (-1)
+#define Z_STREAM_ERROR (-2)
+#define Z_DATA_ERROR (-3)
+#define Z_MEM_ERROR (-4)
+#define Z_BUF_ERROR (-5)
+#define Z_VERSION_ERROR (-6)
+/* Return codes for the compression/decompression functions. Negative values
+ * are errors, positive values are used for special but normal events.
+ */
+
+#define Z_NO_COMPRESSION 0
+#define Z_BEST_SPEED 1
+#define Z_BEST_COMPRESSION 9
+#define Z_DEFAULT_COMPRESSION (-1)
+/* compression levels */
+
+#define Z_FILTERED 1
+#define Z_HUFFMAN_ONLY 2
+#define Z_RLE 3
+#define Z_FIXED 4
+#define Z_DEFAULT_STRATEGY 0
+/* compression strategy; see deflateInit2() below for details */
+
+#define Z_BINARY 0
+#define Z_TEXT 1
+#define Z_ASCII Z_TEXT /* for compatibility with 1.2.2 and earlier */
+#define Z_UNKNOWN 2
+/* Possible values of the data_type field (though see inflate()) */
+
+#define Z_DEFLATED 8
+/* The deflate compression method (the only one supported in this version) */
+
+#define Z_NULL 0 /* for initializing zalloc, zfree, opaque */
+
+#define zlib_version zlibVersion()
+/* for compatibility with versions < 1.0.2 */
+
+
+ /* basic functions */
+
+ZEXTERN const char * ZEXPORT zlibVersion OF((void));
+/* The application can compare zlibVersion and ZLIB_VERSION for consistency.
+ If the first character differs, the library code actually used is not
+ compatible with the zlib.h header file used by the application. This check
+ is automatically made by deflateInit and inflateInit.
+ */
+
+/*
+ZEXTERN int ZEXPORT deflateInit OF((z_streamp strm, int level));
+
+ Initializes the internal stream state for compression. The fields
+ zalloc, zfree and opaque must be initialized before by the caller. If
+ zalloc and zfree are set to Z_NULL, deflateInit updates them to use default
+ allocation functions.
+
+ The compression level must be Z_DEFAULT_COMPRESSION, or between 0 and 9:
+ 1 gives best speed, 9 gives best compression, 0 gives no compression at all
+ (the input data is simply copied a block at a time). Z_DEFAULT_COMPRESSION
+ requests a default compromise between speed and compression (currently
+ equivalent to level 6).
+
+ deflateInit returns Z_OK if success, Z_MEM_ERROR if there was not enough
+ memory, Z_STREAM_ERROR if level is not a valid compression level, or
+ Z_VERSION_ERROR if the zlib library version (zlib_version) is incompatible
+ with the version assumed by the caller (ZLIB_VERSION). msg is set to null
+ if there is no error message. deflateInit does not perform any compression:
+ this will be done by deflate().
+*/
+
+
+ZEXTERN int ZEXPORT deflate OF((z_streamp strm, int flush));
+/*
+ deflate compresses as much data as possible, and stops when the input
+ buffer becomes empty or the output buffer becomes full. It may introduce
+ some output latency (reading input without producing any output) except when
+ forced to flush.
+
+ The detailed semantics are as follows. deflate performs one or both of the
+ following actions:
+
+ - Compress more input starting at next_in and update next_in and avail_in
+ accordingly. If not all input can be processed (because there is not
+ enough room in the output buffer), next_in and avail_in are updated and
+ processing will resume at this point for the next call of deflate().
+
+ - Provide more output starting at next_out and update next_out and avail_out
+ accordingly. This action is forced if the parameter flush is non zero.
+ Forcing flush frequently degrades the compression ratio, so this parameter
+ should be set only when necessary (in interactive applications). Some
+ output may be provided even if flush is not set.
+
+ Before the call of deflate(), the application should ensure that at least
+ one of the actions is possible, by providing more input and/or consuming more
+ output, and updating avail_in or avail_out accordingly; avail_out should
+ never be zero before the call. The application can consume the compressed
+ output when it wants, for example when the output buffer is full (avail_out
+ == 0), or after each call of deflate(). If deflate returns Z_OK and with
+ zero avail_out, it must be called again after making room in the output
+ buffer because there might be more output pending.
+
+ Normally the parameter flush is set to Z_NO_FLUSH, which allows deflate to
+ decide how much data to accumulate before producing output, in order to
+ maximize compression.
+
+ If the parameter flush is set to Z_SYNC_FLUSH, all pending output is
+ flushed to the output buffer and the output is aligned on a byte boundary, so
+ that the decompressor can get all input data available so far. (In
+ particular avail_in is zero after the call if enough output space has been
+ provided before the call.) Flushing may degrade compression for some
+ compression algorithms and so it should be used only when necessary. This
+ completes the current deflate block and follows it with an empty stored block
+ that is three bits plus filler bits to the next byte, followed by four bytes
+ (00 00 ff ff).
+
+ If flush is set to Z_PARTIAL_FLUSH, all pending output is flushed to the
+ output buffer, but the output is not aligned to a byte boundary. All of the
+ input data so far will be available to the decompressor, as for Z_SYNC_FLUSH.
+ This completes the current deflate block and follows it with an empty fixed
+ codes block that is 10 bits long. This assures that enough bytes are output
+ in order for the decompressor to finish the block before the empty fixed code
+ block.
+
+ If flush is set to Z_BLOCK, a deflate block is completed and emitted, as
+ for Z_SYNC_FLUSH, but the output is not aligned on a byte boundary, and up to
+ seven bits of the current block are held to be written as the next byte after
+ the next deflate block is completed. In this case, the decompressor may not
+ be provided enough bits at this point in order to complete decompression of
+ the data provided so far to the compressor. It may need to wait for the next
+ block to be emitted. This is for advanced applications that need to control
+ the emission of deflate blocks.
+
+ If flush is set to Z_FULL_FLUSH, all output is flushed as with
+ Z_SYNC_FLUSH, and the compression state is reset so that decompression can
+ restart from this point if previous compressed data has been damaged or if
+ random access is desired. Using Z_FULL_FLUSH too often can seriously degrade
+ compression.
+
+ If deflate returns with avail_out == 0, this function must be called again
+ with the same value of the flush parameter and more output space (updated
+ avail_out), until the flush is complete (deflate returns with non-zero
+ avail_out). In the case of a Z_FULL_FLUSH or Z_SYNC_FLUSH, make sure that
+ avail_out is greater than six to avoid repeated flush markers due to
+ avail_out == 0 on return.
+
+ If the parameter flush is set to Z_FINISH, pending input is processed,
+ pending output is flushed and deflate returns with Z_STREAM_END if there was
+ enough output space; if deflate returns with Z_OK, this function must be
+ called again with Z_FINISH and more output space (updated avail_out) but no
+ more input data, until it returns with Z_STREAM_END or an error. After
+ deflate has returned Z_STREAM_END, the only possible operations on the stream
+ are deflateReset or deflateEnd.
+
+ Z_FINISH can be used immediately after deflateInit if all the compression
+ is to be done in a single step. In this case, avail_out must be at least the
+ value returned by deflateBound (see below). If deflate does not return
+ Z_STREAM_END, then it must be called again as described above.
+
+ deflate() sets strm->adler to the adler32 checksum of all input read
+ so far (that is, total_in bytes).
+
+ deflate() may update strm->data_type if it can make a good guess about
+ the input data type (Z_BINARY or Z_TEXT). In doubt, the data is considered
+ binary. This field is only for information purposes and does not affect the
+ compression algorithm in any manner.
+
+ deflate() returns Z_OK if some progress has been made (more input
+ processed or more output produced), Z_STREAM_END if all input has been
+ consumed and all output has been produced (only when flush is set to
+ Z_FINISH), Z_STREAM_ERROR if the stream state was inconsistent (for example
+ if next_in or next_out was Z_NULL), Z_BUF_ERROR if no progress is possible
+ (for example avail_in or avail_out was zero). Note that Z_BUF_ERROR is not
+ fatal, and deflate() can be called again with more input and more output
+ space to continue compressing.
+*/
+
+
+ZEXTERN int ZEXPORT deflateEnd OF((z_streamp strm));
+/*
+ All dynamically allocated data structures for this stream are freed.
+ This function discards any unprocessed input and does not flush any pending
+ output.
+
+ deflateEnd returns Z_OK if success, Z_STREAM_ERROR if the
+ stream state was inconsistent, Z_DATA_ERROR if the stream was freed
+ prematurely (some input or output was discarded). In the error case, msg
+ may be set but then points to a static string (which must not be
+ deallocated).
+*/
+
+
+/*
+ZEXTERN int ZEXPORT inflateInit OF((z_streamp strm));
+
+ Initializes the internal stream state for decompression. The fields
+ next_in, avail_in, zalloc, zfree and opaque must be initialized before by
+ the caller. If next_in is not Z_NULL and avail_in is large enough (the
+ exact value depends on the compression method), inflateInit determines the
+ compression method from the zlib header and allocates all data structures
+ accordingly; otherwise the allocation will be deferred to the first call of
+ inflate. If zalloc and zfree are set to Z_NULL, inflateInit updates them to
+ use default allocation functions.
+
+ inflateInit returns Z_OK if success, Z_MEM_ERROR if there was not enough
+ memory, Z_VERSION_ERROR if the zlib library version is incompatible with the
+ version assumed by the caller, or Z_STREAM_ERROR if the parameters are
+ invalid, such as a null pointer to the structure. msg is set to null if
+ there is no error message. inflateInit does not perform any decompression
+ apart from possibly reading the zlib header if present: actual decompression
+ will be done by inflate(). (So next_in and avail_in may be modified, but
+ next_out and avail_out are unused and unchanged.) The current implementation
+ of inflateInit() does not process any header information -- that is deferred
+ until inflate() is called.
+*/
+
+
+ZEXTERN int ZEXPORT inflate OF((z_streamp strm, int flush));
+/*
+ inflate decompresses as much data as possible, and stops when the input
+ buffer becomes empty or the output buffer becomes full. It may introduce
+ some output latency (reading input without producing any output) except when
+ forced to flush.
+
+ The detailed semantics are as follows. inflate performs one or both of the
+ following actions:
+
+ - Decompress more input starting at next_in and update next_in and avail_in
+ accordingly. If not all input can be processed (because there is not
+ enough room in the output buffer), next_in is updated and processing will
+ resume at this point for the next call of inflate().
+
+ - Provide more output starting at next_out and update next_out and avail_out
+ accordingly. inflate() provides as much output as possible, until there is
+ no more input data or no more space in the output buffer (see below about
+ the flush parameter).
+
+ Before the call of inflate(), the application should ensure that at least
+ one of the actions is possible, by providing more input and/or consuming more
+ output, and updating the next_* and avail_* values accordingly. The
+ application can consume the uncompressed output when it wants, for example
+ when the output buffer is full (avail_out == 0), or after each call of
+ inflate(). If inflate returns Z_OK and with zero avail_out, it must be
+ called again after making room in the output buffer because there might be
+ more output pending.
+
+ The flush parameter of inflate() can be Z_NO_FLUSH, Z_SYNC_FLUSH, Z_FINISH,
+ Z_BLOCK, or Z_TREES. Z_SYNC_FLUSH requests that inflate() flush as much
+ output as possible to the output buffer. Z_BLOCK requests that inflate()
+ stop if and when it gets to the next deflate block boundary. When decoding
+ the zlib or gzip format, this will cause inflate() to return immediately
+ after the header and before the first block. When doing a raw inflate,
+ inflate() will go ahead and process the first block, and will return when it
+ gets to the end of that block, or when it runs out of data.
+
+ The Z_BLOCK option assists in appending to or combining deflate streams.
+ Also to assist in this, on return inflate() will set strm->data_type to the
+ number of unused bits in the last byte taken from strm->next_in, plus 64 if
+ inflate() is currently decoding the last block in the deflate stream, plus
+ 128 if inflate() returned immediately after decoding an end-of-block code or
+ decoding the complete header up to just before the first byte of the deflate
+ stream. The end-of-block will not be indicated until all of the uncompressed
+ data from that block has been written to strm->next_out. The number of
+ unused bits may in general be greater than seven, except when bit 7 of
+ data_type is set, in which case the number of unused bits will be less than
+ eight. data_type is set as noted here every time inflate() returns for all
+ flush options, and so can be used to determine the amount of currently
+ consumed input in bits.
+
+ The Z_TREES option behaves as Z_BLOCK does, but it also returns when the
+ end of each deflate block header is reached, before any actual data in that
+ block is decoded. This allows the caller to determine the length of the
+ deflate block header for later use in random access within a deflate block.
+ 256 is added to the value of strm->data_type when inflate() returns
+ immediately after reaching the end of the deflate block header.
+
+ inflate() should normally be called until it returns Z_STREAM_END or an
+ error. However if all decompression is to be performed in a single step (a
+ single call of inflate), the parameter flush should be set to Z_FINISH. In
+ this case all pending input is processed and all pending output is flushed;
+ avail_out must be large enough to hold all the uncompressed data. (The size
+ of the uncompressed data may have been saved by the compressor for this
+ purpose.) The next operation on this stream must be inflateEnd to deallocate
+ the decompression state. The use of Z_FINISH is never required, but can be
+ used to inform inflate that a faster approach may be used for the single
+ inflate() call.
+
+ In this implementation, inflate() always flushes as much output as
+ possible to the output buffer, and always uses the faster approach on the
+ first call. So the only effect of the flush parameter in this implementation
+ is on the return value of inflate(), as noted below, or when it returns early
+ because Z_BLOCK or Z_TREES is used.
+
+ If a preset dictionary is needed after this call (see inflateSetDictionary
+ below), inflate sets strm->adler to the adler32 checksum of the dictionary
+ chosen by the compressor and returns Z_NEED_DICT; otherwise it sets
+ strm->adler to the adler32 checksum of all output produced so far (that is,
+ total_out bytes) and returns Z_OK, Z_STREAM_END or an error code as described
+ below. At the end of the stream, inflate() checks that its computed adler32
+ checksum is equal to that saved by the compressor and returns Z_STREAM_END
+ only if the checksum is correct.
+
+ inflate() can decompress and check either zlib-wrapped or gzip-wrapped
+ deflate data. The header type is detected automatically, if requested when
+ initializing with inflateInit2(). Any information contained in the gzip
+ header is not retained, so applications that need that information should
+ instead use raw inflate, see inflateInit2() below, or inflateBack() and
+ perform their own processing of the gzip header and trailer.
+
+ inflate() returns Z_OK if some progress has been made (more input processed
+ or more output produced), Z_STREAM_END if the end of the compressed data has
+ been reached and all uncompressed output has been produced, Z_NEED_DICT if a
+ preset dictionary is needed at this point, Z_DATA_ERROR if the input data was
+ corrupted (input stream not conforming to the zlib format or incorrect check
+ value), Z_STREAM_ERROR if the stream structure was inconsistent (for example
+ next_in or next_out was Z_NULL), Z_MEM_ERROR if there was not enough memory,
+ Z_BUF_ERROR if no progress is possible or if there was not enough room in the
+ output buffer when Z_FINISH is used. Note that Z_BUF_ERROR is not fatal, and
+ inflate() can be called again with more input and more output space to
+ continue decompressing. If Z_DATA_ERROR is returned, the application may
+ then call inflateSync() to look for a good compression block if a partial
+ recovery of the data is desired.
+*/
+
+
+ZEXTERN int ZEXPORT inflateEnd OF((z_streamp strm));
+/*
+ All dynamically allocated data structures for this stream are freed.
+ This function discards any unprocessed input and does not flush any pending
+ output.
+
+ inflateEnd returns Z_OK if success, Z_STREAM_ERROR if the stream state
+ was inconsistent. In the error case, msg may be set but then points to a
+ static string (which must not be deallocated).
+*/
+
+
+ /* Advanced functions */
+
+/*
+ The following functions are needed only in some special applications.
+*/
+
+/*
+ZEXTERN int ZEXPORT deflateInit2 OF((z_streamp strm,
+ int level,
+ int method,
+ int windowBits,
+ int memLevel,
+ int strategy));
+
+ This is another version of deflateInit with more compression options. The
+ fields next_in, zalloc, zfree and opaque must be initialized before by the
+ caller.
+
+ The method parameter is the compression method. It must be Z_DEFLATED in
+ this version of the library.
+
+ The windowBits parameter is the base two logarithm of the window size
+ (the size of the history buffer). It should be in the range 8..15 for this
+ version of the library. Larger values of this parameter result in better
+ compression at the expense of memory usage. The default value is 15 if
+ deflateInit is used instead.
+
+ windowBits can also be -8..-15 for raw deflate. In this case, -windowBits
+ determines the window size. deflate() will then generate raw deflate data
+ with no zlib header or trailer, and will not compute an adler32 check value.
+
+ windowBits can also be greater than 15 for optional gzip encoding. Add
+ 16 to windowBits to write a simple gzip header and trailer around the
+ compressed data instead of a zlib wrapper. The gzip header will have no
+ file name, no extra data, no comment, no modification time (set to zero), no
+ header crc, and the operating system will be set to 255 (unknown). If a
+ gzip stream is being written, strm->adler is a crc32 instead of an adler32.
+
+ The memLevel parameter specifies how much memory should be allocated
+ for the internal compression state. memLevel=1 uses minimum memory but is
+ slow and reduces compression ratio; memLevel=9 uses maximum memory for
+ optimal speed. The default value is 8. See zconf.h for total memory usage
+ as a function of windowBits and memLevel.
+
+ The strategy parameter is used to tune the compression algorithm. Use the
+ value Z_DEFAULT_STRATEGY for normal data, Z_FILTERED for data produced by a
+ filter (or predictor), Z_HUFFMAN_ONLY to force Huffman encoding only (no
+ string match), or Z_RLE to limit match distances to one (run-length
+ encoding). Filtered data consists mostly of small values with a somewhat
+ random distribution. In this case, the compression algorithm is tuned to
+ compress them better. The effect of Z_FILTERED is to force more Huffman
+ coding and less string matching; it is somewhat intermediate between
+ Z_DEFAULT_STRATEGY and Z_HUFFMAN_ONLY. Z_RLE is designed to be almost as
+ fast as Z_HUFFMAN_ONLY, but give better compression for PNG image data. The
+ strategy parameter only affects the compression ratio but not the
+ correctness of the compressed output even if it is not set appropriately.
+ Z_FIXED prevents the use of dynamic Huffman codes, allowing for a simpler
+ decoder for special applications.
+
+ deflateInit2 returns Z_OK if success, Z_MEM_ERROR if there was not enough
+ memory, Z_STREAM_ERROR if any parameter is invalid (such as an invalid
+ method), or Z_VERSION_ERROR if the zlib library version (zlib_version) is
+ incompatible with the version assumed by the caller (ZLIB_VERSION). msg is
+ set to null if there is no error message. deflateInit2 does not perform any
+ compression: this will be done by deflate().
+*/
+
+ZEXTERN int ZEXPORT deflateSetDictionary OF((z_streamp strm,
+ const Bytef *dictionary,
+ uInt dictLength));
+/*
+ Initializes the compression dictionary from the given byte sequence
+ without producing any compressed output. This function must be called
+ immediately after deflateInit, deflateInit2 or deflateReset, before any call
+ of deflate. The compressor and decompressor must use exactly the same
+ dictionary (see inflateSetDictionary).
+
+ The dictionary should consist of strings (byte sequences) that are likely
+ to be encountered later in the data to be compressed, with the most commonly
+ used strings preferably put towards the end of the dictionary. Using a
+ dictionary is most useful when the data to be compressed is short and can be
+ predicted with good accuracy; the data can then be compressed better than
+ with the default empty dictionary.
+
+ Depending on the size of the compression data structures selected by
+ deflateInit or deflateInit2, a part of the dictionary may in effect be
+ discarded, for example if the dictionary is larger than the window size
+ provided in deflateInit or deflateInit2. Thus the strings most likely to be
+ useful should be put at the end of the dictionary, not at the front. In
+ addition, the current implementation of deflate will use at most the window
+ size minus 262 bytes of the provided dictionary.
+
+ Upon return of this function, strm->adler is set to the adler32 value
+ of the dictionary; the decompressor may later use this value to determine
+ which dictionary has been used by the compressor. (The adler32 value
+ applies to the whole dictionary even if only a subset of the dictionary is
+ actually used by the compressor.) If a raw deflate was requested, then the
+ adler32 value is not computed and strm->adler is not set.
+
+ deflateSetDictionary returns Z_OK if success, or Z_STREAM_ERROR if a
+ parameter is invalid (e.g. dictionary being Z_NULL) or the stream state is
+ inconsistent (for example if deflate has already been called for this stream
+ or if the compression method is bsort). deflateSetDictionary does not
+ perform any compression: this will be done by deflate().
+*/
+
+ZEXTERN int ZEXPORT deflateCopy OF((z_streamp dest,
+ z_streamp source));
+/*
+ Sets the destination stream as a complete copy of the source stream.
+
+ This function can be useful when several compression strategies will be
+ tried, for example when there are several ways of pre-processing the input
+ data with a filter. The streams that will be discarded should then be freed
+ by calling deflateEnd. Note that deflateCopy duplicates the internal
+ compression state which can be quite large, so this strategy is slow and can
+ consume lots of memory.
+
+ deflateCopy returns Z_OK if success, Z_MEM_ERROR if there was not
+ enough memory, Z_STREAM_ERROR if the source stream state was inconsistent
+ (such as zalloc being Z_NULL). msg is left unchanged in both source and
+ destination.
+*/
+
+ZEXTERN int ZEXPORT deflateReset OF((z_streamp strm));
+/*
+ This function is equivalent to deflateEnd followed by deflateInit,
+ but does not free and reallocate all the internal compression state. The
+ stream will keep the same compression level and any other attributes that
+ may have been set by deflateInit2.
+
+ deflateReset returns Z_OK if success, or Z_STREAM_ERROR if the source
+ stream state was inconsistent (such as zalloc or state being Z_NULL).
+*/
+
+ZEXTERN int ZEXPORT deflateParams OF((z_streamp strm,
+ int level,
+ int strategy));
+/*
+ Dynamically update the compression level and compression strategy. The
+ interpretation of level and strategy is as in deflateInit2. This can be
+ used to switch between compression and straight copy of the input data, or
+ to switch to a different kind of input data requiring a different strategy.
+ If the compression level is changed, the input available so far is
+ compressed with the old level (and may be flushed); the new level will take
+ effect only at the next call of deflate().
+
+ Before the call of deflateParams, the stream state must be set as for
+ a call of deflate(), since the currently available input may have to be
+ compressed and flushed. In particular, strm->avail_out must be non-zero.
+
+ deflateParams returns Z_OK if success, Z_STREAM_ERROR if the source
+ stream state was inconsistent or if a parameter was invalid, Z_BUF_ERROR if
+ strm->avail_out was zero.
+*/
+
+ZEXTERN int ZEXPORT deflateTune OF((z_streamp strm,
+ int good_length,
+ int max_lazy,
+ int nice_length,
+ int max_chain));
+/*
+ Fine tune deflate's internal compression parameters. This should only be
+ used by someone who understands the algorithm used by zlib's deflate for
+ searching for the best matching string, and even then only by the most
+ fanatic optimizer trying to squeeze out the last compressed bit for their
+ specific input data. Read the deflate.c source code for the meaning of the
+ max_lazy, good_length, nice_length, and max_chain parameters.
+
+ deflateTune() can be called after deflateInit() or deflateInit2(), and
+ returns Z_OK on success, or Z_STREAM_ERROR for an invalid deflate stream.
+ */
+
+ZEXTERN uLong ZEXPORT deflateBound OF((z_streamp strm,
+ uLong sourceLen));
+/*
+ deflateBound() returns an upper bound on the compressed size after
+ deflation of sourceLen bytes. It must be called after deflateInit() or
+ deflateInit2(), and after deflateSetHeader(), if used. This would be used
+ to allocate an output buffer for deflation in a single pass, and so would be
+ called before deflate().
+*/
+
+ZEXTERN int ZEXPORT deflatePrime OF((z_streamp strm,
+ int bits,
+ int value));
+/*
+ deflatePrime() inserts bits in the deflate output stream. The intent
+ is that this function is used to start off the deflate output with the bits
+ leftover from a previous deflate stream when appending to it. As such, this
+ function can only be used for raw deflate, and must be used before the first
+ deflate() call after a deflateInit2() or deflateReset(). bits must be less
+ than or equal to 16, and that many of the least significant bits of value
+ will be inserted in the output.
+
+ deflatePrime returns Z_OK if success, or Z_STREAM_ERROR if the source
+ stream state was inconsistent.
+*/
+
+ZEXTERN int ZEXPORT deflateSetHeader OF((z_streamp strm,
+ gz_headerp head));
+/*
+ deflateSetHeader() provides gzip header information for when a gzip
+ stream is requested by deflateInit2(). deflateSetHeader() may be called
+ after deflateInit2() or deflateReset() and before the first call of
+ deflate(). The text, time, os, extra field, name, and comment information
+ in the provided gz_header structure are written to the gzip header (xflag is
+ ignored -- the extra flags are set according to the compression level). The
+ caller must assure that, if not Z_NULL, name and comment are terminated with
+ a zero byte, and that if extra is not Z_NULL, that extra_len bytes are
+ available there. If hcrc is true, a gzip header crc is included. Note that
+ the current versions of the command-line version of gzip (up through version
+ 1.3.x) do not support header crc's, and will report that it is a "multi-part
+ gzip file" and give up.
+
+ If deflateSetHeader is not used, the default gzip header has text false,
+ the time set to zero, and os set to 255, with no extra, name, or comment
+ fields. The gzip header is returned to the default state by deflateReset().
+
+ deflateSetHeader returns Z_OK if success, or Z_STREAM_ERROR if the source
+ stream state was inconsistent.
+*/
+
+/*
+ZEXTERN int ZEXPORT inflateInit2 OF((z_streamp strm,
+ int windowBits));
+
+ This is another version of inflateInit with an extra parameter. The
+ fields next_in, avail_in, zalloc, zfree and opaque must be initialized
+ before by the caller.
+
+ The windowBits parameter is the base two logarithm of the maximum window
+ size (the size of the history buffer). It should be in the range 8..15 for
+ this version of the library. The default value is 15 if inflateInit is used
+ instead. windowBits must be greater than or equal to the windowBits value
+ provided to deflateInit2() while compressing, or it must be equal to 15 if
+ deflateInit2() was not used. If a compressed stream with a larger window
+ size is given as input, inflate() will return with the error code
+ Z_DATA_ERROR instead of trying to allocate a larger window.
+
+ windowBits can also be zero to request that inflate use the window size in
+ the zlib header of the compressed stream.
+
+ windowBits can also be -8..-15 for raw inflate. In this case, -windowBits
+ determines the window size. inflate() will then process raw deflate data,
+ not looking for a zlib or gzip header, not generating a check value, and not
+ looking for any check values for comparison at the end of the stream. This
+ is for use with other formats that use the deflate compressed data format
+ such as zip. Those formats provide their own check values. If a custom
+ format is developed using the raw deflate format for compressed data, it is
+ recommended that a check value such as an adler32 or a crc32 be applied to
+ the uncompressed data as is done in the zlib, gzip, and zip formats. For
+ most applications, the zlib format should be used as is. Note that comments
+ above on the use in deflateInit2() applies to the magnitude of windowBits.
+
+ windowBits can also be greater than 15 for optional gzip decoding. Add
+ 32 to windowBits to enable zlib and gzip decoding with automatic header
+ detection, or add 16 to decode only the gzip format (the zlib format will
+ return a Z_DATA_ERROR). If a gzip stream is being decoded, strm->adler is a
+ crc32 instead of an adler32.
+
+ inflateInit2 returns Z_OK if success, Z_MEM_ERROR if there was not enough
+ memory, Z_VERSION_ERROR if the zlib library version is incompatible with the
+ version assumed by the caller, or Z_STREAM_ERROR if the parameters are
+ invalid, such as a null pointer to the structure. msg is set to null if
+ there is no error message. inflateInit2 does not perform any decompression
+ apart from possibly reading the zlib header if present: actual decompression
+ will be done by inflate(). (So next_in and avail_in may be modified, but
+ next_out and avail_out are unused and unchanged.) The current implementation
+ of inflateInit2() does not process any header information -- that is
+ deferred until inflate() is called.
+*/
+
+ZEXTERN int ZEXPORT inflateSetDictionary OF((z_streamp strm,
+ const Bytef *dictionary,
+ uInt dictLength));
+/*
+ Initializes the decompression dictionary from the given uncompressed byte
+ sequence. This function must be called immediately after a call of inflate,
+ if that call returned Z_NEED_DICT. The dictionary chosen by the compressor
+ can be determined from the adler32 value returned by that call of inflate.
+ The compressor and decompressor must use exactly the same dictionary (see
+ deflateSetDictionary). For raw inflate, this function can be called
+ immediately after inflateInit2() or inflateReset() and before any call of
+ inflate() to set the dictionary. The application must insure that the
+ dictionary that was used for compression is provided.
+
+ inflateSetDictionary returns Z_OK if success, Z_STREAM_ERROR if a
+ parameter is invalid (e.g. dictionary being Z_NULL) or the stream state is
+ inconsistent, Z_DATA_ERROR if the given dictionary doesn't match the
+ expected one (incorrect adler32 value). inflateSetDictionary does not
+ perform any decompression: this will be done by subsequent calls of
+ inflate().
+*/
+
+ZEXTERN int ZEXPORT inflateSync OF((z_streamp strm));
+/*
+ Skips invalid compressed data until a full flush point (see above the
+ description of deflate with Z_FULL_FLUSH) can be found, or until all
+ available input is skipped. No output is provided.
+
+ inflateSync returns Z_OK if a full flush point has been found, Z_BUF_ERROR
+ if no more input was provided, Z_DATA_ERROR if no flush point has been
+ found, or Z_STREAM_ERROR if the stream structure was inconsistent. In the
+ success case, the application may save the current current value of total_in
+ which indicates where valid compressed data was found. In the error case,
+ the application may repeatedly call inflateSync, providing more input each
+ time, until success or end of the input data.
+*/
+
+ZEXTERN int ZEXPORT inflateCopy OF((z_streamp dest,
+ z_streamp source));
+/*
+ Sets the destination stream as a complete copy of the source stream.
+
+ This function can be useful when randomly accessing a large stream. The
+ first pass through the stream can periodically record the inflate state,
+ allowing restarting inflate at those points when randomly accessing the
+ stream.
+
+ inflateCopy returns Z_OK if success, Z_MEM_ERROR if there was not
+ enough memory, Z_STREAM_ERROR if the source stream state was inconsistent
+ (such as zalloc being Z_NULL). msg is left unchanged in both source and
+ destination.
+*/
+
+ZEXTERN int ZEXPORT inflateReset OF((z_streamp strm));
+/*
+ This function is equivalent to inflateEnd followed by inflateInit,
+ but does not free and reallocate all the internal decompression state. The
+ stream will keep attributes that may have been set by inflateInit2.
+
+ inflateReset returns Z_OK if success, or Z_STREAM_ERROR if the source
+ stream state was inconsistent (such as zalloc or state being Z_NULL).
+*/
+
+ZEXTERN int ZEXPORT inflateReset2 OF((z_streamp strm,
+ int windowBits));
+/*
+ This function is the same as inflateReset, but it also permits changing
+ the wrap and window size requests. The windowBits parameter is interpreted
+ the same as it is for inflateInit2.
+
+ inflateReset2 returns Z_OK if success, or Z_STREAM_ERROR if the source
+ stream state was inconsistent (such as zalloc or state being Z_NULL), or if
+ the windowBits parameter is invalid.
+*/
+
+ZEXTERN int ZEXPORT inflatePrime OF((z_streamp strm,
+ int bits,
+ int value));
+/*
+ This function inserts bits in the inflate input stream. The intent is
+ that this function is used to start inflating at a bit position in the
+ middle of a byte. The provided bits will be used before any bytes are used
+ from next_in. This function should only be used with raw inflate, and
+ should be used before the first inflate() call after inflateInit2() or
+ inflateReset(). bits must be less than or equal to 16, and that many of the
+ least significant bits of value will be inserted in the input.
+
+ If bits is negative, then the input stream bit buffer is emptied. Then
+ inflatePrime() can be called again to put bits in the buffer. This is used
+ to clear out bits leftover after feeding inflate a block description prior
+ to feeding inflate codes.
+
+ inflatePrime returns Z_OK if success, or Z_STREAM_ERROR if the source
+ stream state was inconsistent.
+*/
+
+ZEXTERN long ZEXPORT inflateMark OF((z_streamp strm));
+/*
+ This function returns two values, one in the lower 16 bits of the return
+ value, and the other in the remaining upper bits, obtained by shifting the
+ return value down 16 bits. If the upper value is -1 and the lower value is
+ zero, then inflate() is currently decoding information outside of a block.
+ If the upper value is -1 and the lower value is non-zero, then inflate is in
+ the middle of a stored block, with the lower value equaling the number of
+ bytes from the input remaining to copy. If the upper value is not -1, then
+ it is the number of bits back from the current bit position in the input of
+ the code (literal or length/distance pair) currently being processed. In
+ that case the lower value is the number of bytes already emitted for that
+ code.
+
+ A code is being processed if inflate is waiting for more input to complete
+ decoding of the code, or if it has completed decoding but is waiting for
+ more output space to write the literal or match data.
+
+ inflateMark() is used to mark locations in the input data for random
+ access, which may be at bit positions, and to note those cases where the
+ output of a code may span boundaries of random access blocks. The current
+ location in the input stream can be determined from avail_in and data_type
+ as noted in the description for the Z_BLOCK flush parameter for inflate.
+
+ inflateMark returns the value noted above or -1 << 16 if the provided
+ source stream state was inconsistent.
+*/
+
+ZEXTERN int ZEXPORT inflateGetHeader OF((z_streamp strm,
+ gz_headerp head));
+/*
+ inflateGetHeader() requests that gzip header information be stored in the
+ provided gz_header structure. inflateGetHeader() may be called after
+ inflateInit2() or inflateReset(), and before the first call of inflate().
+ As inflate() processes the gzip stream, head->done is zero until the header
+ is completed, at which time head->done is set to one. If a zlib stream is
+ being decoded, then head->done is set to -1 to indicate that there will be
+ no gzip header information forthcoming. Note that Z_BLOCK or Z_TREES can be
+ used to force inflate() to return immediately after header processing is
+ complete and before any actual data is decompressed.
+
+ The text, time, xflags, and os fields are filled in with the gzip header
+ contents. hcrc is set to true if there is a header CRC. (The header CRC
+ was valid if done is set to one.) If extra is not Z_NULL, then extra_max
+ contains the maximum number of bytes to write to extra. Once done is true,
+ extra_len contains the actual extra field length, and extra contains the
+ extra field, or that field truncated if extra_max is less than extra_len.
+ If name is not Z_NULL, then up to name_max characters are written there,
+ terminated with a zero unless the length is greater than name_max. If
+ comment is not Z_NULL, then up to comm_max characters are written there,
+ terminated with a zero unless the length is greater than comm_max. When any
+ of extra, name, or comment are not Z_NULL and the respective field is not
+ present in the header, then that field is set to Z_NULL to signal its
+ absence. This allows the use of deflateSetHeader() with the returned
+ structure to duplicate the header. However if those fields are set to
+ allocated memory, then the application will need to save those pointers
+ elsewhere so that they can be eventually freed.
+
+ If inflateGetHeader is not used, then the header information is simply
+ discarded. The header is always checked for validity, including the header
+ CRC if present. inflateReset() will reset the process to discard the header
+ information. The application would need to call inflateGetHeader() again to
+ retrieve the header from the next gzip stream.
+
+ inflateGetHeader returns Z_OK if success, or Z_STREAM_ERROR if the source
+ stream state was inconsistent.
+*/
+
+/*
+ZEXTERN int ZEXPORT inflateBackInit OF((z_streamp strm, int windowBits,
+ unsigned char FAR *window));
+
+ Initialize the internal stream state for decompression using inflateBack()
+ calls. The fields zalloc, zfree and opaque in strm must be initialized
+ before the call. If zalloc and zfree are Z_NULL, then the default library-
+ derived memory allocation routines are used. windowBits is the base two
+ logarithm of the window size, in the range 8..15. window is a caller
+ supplied buffer of that size. Except for special applications where it is
+ assured that deflate was used with small window sizes, windowBits must be 15
+ and a 32K byte window must be supplied to be able to decompress general
+ deflate streams.
+
+ See inflateBack() for the usage of these routines.
+
+ inflateBackInit will return Z_OK on success, Z_STREAM_ERROR if any of
+ the paramaters are invalid, Z_MEM_ERROR if the internal state could not be
+ allocated, or Z_VERSION_ERROR if the version of the library does not match
+ the version of the header file.
+*/
+
+typedef unsigned (*in_func) OF((void FAR *, unsigned char FAR * FAR *));
+typedef int (*out_func) OF((void FAR *, unsigned char FAR *, unsigned));
+
+ZEXTERN int ZEXPORT inflateBack OF((z_streamp strm,
+ in_func in, void FAR *in_desc,
+ out_func out, void FAR *out_desc));
+/*
+ inflateBack() does a raw inflate with a single call using a call-back
+ interface for input and output. This is more efficient than inflate() for
+ file i/o applications in that it avoids copying between the output and the
+ sliding window by simply making the window itself the output buffer. This
+ function trusts the application to not change the output buffer passed by
+ the output function, at least until inflateBack() returns.
+
+ inflateBackInit() must be called first to allocate the internal state
+ and to initialize the state with the user-provided window buffer.
+ inflateBack() may then be used multiple times to inflate a complete, raw
+ deflate stream with each call. inflateBackEnd() is then called to free the
+ allocated state.
+
+ A raw deflate stream is one with no zlib or gzip header or trailer.
+ This routine would normally be used in a utility that reads zip or gzip
+ files and writes out uncompressed files. The utility would decode the
+ header and process the trailer on its own, hence this routine expects only
+ the raw deflate stream to decompress. This is different from the normal
+ behavior of inflate(), which expects either a zlib or gzip header and
+ trailer around the deflate stream.
+
+ inflateBack() uses two subroutines supplied by the caller that are then
+ called by inflateBack() for input and output. inflateBack() calls those
+ routines until it reads a complete deflate stream and writes out all of the
+ uncompressed data, or until it encounters an error. The function's
+ parameters and return types are defined above in the in_func and out_func
+ typedefs. inflateBack() will call in(in_desc, &buf) which should return the
+ number of bytes of provided input, and a pointer to that input in buf. If
+ there is no input available, in() must return zero--buf is ignored in that
+ case--and inflateBack() will return a buffer error. inflateBack() will call
+ out(out_desc, buf, len) to write the uncompressed data buf[0..len-1]. out()
+ should return zero on success, or non-zero on failure. If out() returns
+ non-zero, inflateBack() will return with an error. Neither in() nor out()
+ are permitted to change the contents of the window provided to
+ inflateBackInit(), which is also the buffer that out() uses to write from.
+ The length written by out() will be at most the window size. Any non-zero
+ amount of input may be provided by in().
+
+ For convenience, inflateBack() can be provided input on the first call by
+ setting strm->next_in and strm->avail_in. If that input is exhausted, then
+ in() will be called. Therefore strm->next_in must be initialized before
+ calling inflateBack(). If strm->next_in is Z_NULL, then in() will be called
+ immediately for input. If strm->next_in is not Z_NULL, then strm->avail_in
+ must also be initialized, and then if strm->avail_in is not zero, input will
+ initially be taken from strm->next_in[0 .. strm->avail_in - 1].
+
+ The in_desc and out_desc parameters of inflateBack() is passed as the
+ first parameter of in() and out() respectively when they are called. These
+ descriptors can be optionally used to pass any information that the caller-
+ supplied in() and out() functions need to do their job.
+
+ On return, inflateBack() will set strm->next_in and strm->avail_in to
+ pass back any unused input that was provided by the last in() call. The
+ return values of inflateBack() can be Z_STREAM_END on success, Z_BUF_ERROR
+ if in() or out() returned an error, Z_DATA_ERROR if there was a format error
+ in the deflate stream (in which case strm->msg is set to indicate the nature
+ of the error), or Z_STREAM_ERROR if the stream was not properly initialized.
+ In the case of Z_BUF_ERROR, an input or output error can be distinguished
+ using strm->next_in which will be Z_NULL only if in() returned an error. If
+ strm->next_in is not Z_NULL, then the Z_BUF_ERROR was due to out() returning
+ non-zero. (in() will always be called before out(), so strm->next_in is
+ assured to be defined if out() returns non-zero.) Note that inflateBack()
+ cannot return Z_OK.
+*/
+
+ZEXTERN int ZEXPORT inflateBackEnd OF((z_streamp strm));
+/*
+ All memory allocated by inflateBackInit() is freed.
+
+ inflateBackEnd() returns Z_OK on success, or Z_STREAM_ERROR if the stream
+ state was inconsistent.
+*/
+
+ZEXTERN uLong ZEXPORT zlibCompileFlags OF((void));
+/* Return flags indicating compile-time options.
+
+ Type sizes, two bits each, 00 = 16 bits, 01 = 32, 10 = 64, 11 = other:
+ 1.0: size of uInt
+ 3.2: size of uLong
+ 5.4: size of voidpf (pointer)
+ 7.6: size of z_off_t
+
+ Compiler, assembler, and debug options:
+ 8: DEBUG
+ 9: ASMV or ASMINF -- use ASM code
+ 10: ZLIB_WINAPI -- exported functions use the WINAPI calling convention
+ 11: 0 (reserved)
+
+ One-time table building (smaller code, but not thread-safe if true):
+ 12: BUILDFIXED -- build static block decoding tables when needed
+ 13: DYNAMIC_CRC_TABLE -- build CRC calculation tables when needed
+ 14,15: 0 (reserved)
+
+ Library content (indicates missing functionality):
+ 16: NO_GZCOMPRESS -- gz* functions cannot compress (to avoid linking
+ deflate code when not needed)
+ 17: NO_GZIP -- deflate can't write gzip streams, and inflate can't detect
+ and decode gzip streams (to avoid linking crc code)
+ 18-19: 0 (reserved)
+
+ Operation variations (changes in library functionality):
+ 20: PKZIP_BUG_WORKAROUND -- slightly more permissive inflate
+ 21: FASTEST -- deflate algorithm with only one, lowest compression level
+ 22,23: 0 (reserved)
+
+ The sprintf variant used by gzprintf (zero is best):
+ 24: 0 = vs*, 1 = s* -- 1 means limited to 20 arguments after the format
+ 25: 0 = *nprintf, 1 = *printf -- 1 means gzprintf() not secure!
+ 26: 0 = returns value, 1 = void -- 1 means inferred string length returned
+
+ Remainder:
+ 27-31: 0 (reserved)
+ */
+
+
+ /* utility functions */
+
+/*
+ The following utility functions are implemented on top of the basic
+ stream-oriented functions. To simplify the interface, some default options
+ are assumed (compression level and memory usage, standard memory allocation
+ functions). The source code of these utility functions can be modified if
+ you need special options.
+*/
+
+ZEXTERN int ZEXPORT compress OF((Bytef *dest, uLongf *destLen,
+ const Bytef *source, uLong sourceLen));
+/*
+ Compresses the source buffer into the destination buffer. sourceLen is
+ the byte length of the source buffer. Upon entry, destLen is the total size
+ of the destination buffer, which must be at least the value returned by
+ compressBound(sourceLen). Upon exit, destLen is the actual size of the
+ compressed buffer.
+
+ compress returns Z_OK if success, Z_MEM_ERROR if there was not
+ enough memory, Z_BUF_ERROR if there was not enough room in the output
+ buffer.
+*/
+
+ZEXTERN int ZEXPORT compress2 OF((Bytef *dest, uLongf *destLen,
+ const Bytef *source, uLong sourceLen,
+ int level));
+/*
+ Compresses the source buffer into the destination buffer. The level
+ parameter has the same meaning as in deflateInit. sourceLen is the byte
+ length of the source buffer. Upon entry, destLen is the total size of the
+ destination buffer, which must be at least the value returned by
+ compressBound(sourceLen). Upon exit, destLen is the actual size of the
+ compressed buffer.
+
+ compress2 returns Z_OK if success, Z_MEM_ERROR if there was not enough
+ memory, Z_BUF_ERROR if there was not enough room in the output buffer,
+ Z_STREAM_ERROR if the level parameter is invalid.
+*/
+
+ZEXTERN uLong ZEXPORT compressBound OF((uLong sourceLen));
+/*
+ compressBound() returns an upper bound on the compressed size after
+ compress() or compress2() on sourceLen bytes. It would be used before a
+ compress() or compress2() call to allocate the destination buffer.
+*/
+
+ZEXTERN int ZEXPORT uncompress OF((Bytef *dest, uLongf *destLen,
+ const Bytef *source, uLong sourceLen));
+/*
+ Decompresses the source buffer into the destination buffer. sourceLen is
+ the byte length of the source buffer. Upon entry, destLen is the total size
+ of the destination buffer, which must be large enough to hold the entire
+ uncompressed data. (The size of the uncompressed data must have been saved
+ previously by the compressor and transmitted to the decompressor by some
+ mechanism outside the scope of this compression library.) Upon exit, destLen
+ is the actual size of the uncompressed buffer.
+
+ uncompress returns Z_OK if success, Z_MEM_ERROR if there was not
+ enough memory, Z_BUF_ERROR if there was not enough room in the output
+ buffer, or Z_DATA_ERROR if the input data was corrupted or incomplete.
+*/
+
+
+ /* gzip file access functions */
+
+/*
+ This library supports reading and writing files in gzip (.gz) format with
+ an interface similar to that of stdio, using the functions that start with
+ "gz". The gzip format is different from the zlib format. gzip is a gzip
+ wrapper, documented in RFC 1952, wrapped around a deflate stream.
+*/
+
+typedef voidp gzFile; /* opaque gzip file descriptor */
+
+/*
+ZEXTERN gzFile ZEXPORT gzopen OF((const char *path, const char *mode));
+
+ Opens a gzip (.gz) file for reading or writing. The mode parameter is as
+ in fopen ("rb" or "wb") but can also include a compression level ("wb9") or
+ a strategy: 'f' for filtered data as in "wb6f", 'h' for Huffman-only
+ compression as in "wb1h", 'R' for run-length encoding as in "wb1R", or 'F'
+ for fixed code compression as in "wb9F". (See the description of
+ deflateInit2 for more information about the strategy parameter.) Also "a"
+ can be used instead of "w" to request that the gzip stream that will be
+ written be appended to the file. "+" will result in an error, since reading
+ and writing to the same gzip file is not supported.
+
+ gzopen can be used to read a file which is not in gzip format; in this
+ case gzread will directly read from the file without decompression.
+
+ gzopen returns NULL if the file could not be opened, if there was
+ insufficient memory to allocate the gzFile state, or if an invalid mode was
+ specified (an 'r', 'w', or 'a' was not provided, or '+' was provided).
+ errno can be checked to determine if the reason gzopen failed was that the
+ file could not be opened.
+*/
+
+ZEXTERN gzFile ZEXPORT gzdopen OF((int fd, const char *mode));
+/*
+ gzdopen associates a gzFile with the file descriptor fd. File descriptors
+ are obtained from calls like open, dup, creat, pipe or fileno (if the file
+ has been previously opened with fopen). The mode parameter is as in gzopen.
+
+ The next call of gzclose on the returned gzFile will also close the file
+ descriptor fd, just like fclose(fdopen(fd, mode)) closes the file descriptor
+ fd. If you want to keep fd open, use fd = dup(fd_keep); gz = gzdopen(fd,
+ mode);. The duplicated descriptor should be saved to avoid a leak, since
+ gzdopen does not close fd if it fails.
+
+ gzdopen returns NULL if there was insufficient memory to allocate the
+ gzFile state, if an invalid mode was specified (an 'r', 'w', or 'a' was not
+ provided, or '+' was provided), or if fd is -1. The file descriptor is not
+ used until the next gz* read, write, seek, or close operation, so gzdopen
+ will not detect if fd is invalid (unless fd is -1).
+*/
+
+ZEXTERN int ZEXPORT gzbuffer OF((gzFile file, unsigned size));
+/*
+ Set the internal buffer size used by this library's functions. The
+ default buffer size is 8192 bytes. This function must be called after
+ gzopen() or gzdopen(), and before any other calls that read or write the
+ file. The buffer memory allocation is always deferred to the first read or
+ write. Two buffers are allocated, either both of the specified size when
+ writing, or one of the specified size and the other twice that size when
+ reading. A larger buffer size of, for example, 64K or 128K bytes will
+ noticeably increase the speed of decompression (reading).
+
+ The new buffer size also affects the maximum length for gzprintf().
+
+ gzbuffer() returns 0 on success, or -1 on failure, such as being called
+ too late.
+*/
+
+ZEXTERN int ZEXPORT gzsetparams OF((gzFile file, int level, int strategy));
+/*
+ Dynamically update the compression level or strategy. See the description
+ of deflateInit2 for the meaning of these parameters.
+
+ gzsetparams returns Z_OK if success, or Z_STREAM_ERROR if the file was not
+ opened for writing.
+*/
+
+ZEXTERN int ZEXPORT gzread OF((gzFile file, voidp buf, unsigned len));
+/*
+ Reads the given number of uncompressed bytes from the compressed file. If
+ the input file was not in gzip format, gzread copies the given number of
+ bytes into the buffer.
+
+ After reaching the end of a gzip stream in the input, gzread will continue
+ to read, looking for another gzip stream, or failing that, reading the rest
+ of the input file directly without decompression. The entire input file
+ will be read if gzread is called until it returns less than the requested
+ len.
+
+ gzread returns the number of uncompressed bytes actually read, less than
+ len for end of file, or -1 for error.
+*/
+
+ZEXTERN int ZEXPORT gzwrite OF((gzFile file,
+ voidpc buf, unsigned len));
+/*
+ Writes the given number of uncompressed bytes into the compressed file.
+ gzwrite returns the number of uncompressed bytes written or 0 in case of
+ error.
+*/
+
+ZEXTERN int ZEXPORTVA gzprintf OF((gzFile file, const char *format, ...));
+/*
+ Converts, formats, and writes the arguments to the compressed file under
+ control of the format string, as in fprintf. gzprintf returns the number of
+ uncompressed bytes actually written, or 0 in case of error. The number of
+ uncompressed bytes written is limited to 8191, or one less than the buffer
+ size given to gzbuffer(). The caller should assure that this limit is not
+ exceeded. If it is exceeded, then gzprintf() will return an error (0) with
+ nothing written. In this case, there may also be a buffer overflow with
+ unpredictable consequences, which is possible only if zlib was compiled with
+ the insecure functions sprintf() or vsprintf() because the secure snprintf()
+ or vsnprintf() functions were not available. This can be determined using
+ zlibCompileFlags().
+*/
+
+ZEXTERN int ZEXPORT gzputs OF((gzFile file, const char *s));
+/*
+ Writes the given null-terminated string to the compressed file, excluding
+ the terminating null character.
+
+ gzputs returns the number of characters written, or -1 in case of error.
+*/
+
+ZEXTERN char * ZEXPORT gzgets OF((gzFile file, char *buf, int len));
+/*
+ Reads bytes from the compressed file until len-1 characters are read, or a
+ newline character is read and transferred to buf, or an end-of-file
+ condition is encountered. If any characters are read or if len == 1, the
+ string is terminated with a null character. If no characters are read due
+ to an end-of-file or len < 1, then the buffer is left untouched.
+
+ gzgets returns buf which is a null-terminated string, or it returns NULL
+ for end-of-file or in case of error. If there was an error, the contents at
+ buf are indeterminate.
+*/
+
+ZEXTERN int ZEXPORT gzputc OF((gzFile file, int c));
+/*
+ Writes c, converted to an unsigned char, into the compressed file. gzputc
+ returns the value that was written, or -1 in case of error.
+*/
+
+ZEXTERN int ZEXPORT gzgetc OF((gzFile file));
+/*
+ Reads one byte from the compressed file. gzgetc returns this byte or -1
+ in case of end of file or error.
+*/
+
+ZEXTERN int ZEXPORT gzungetc OF((int c, gzFile file));
+/*
+ Push one character back onto the stream to be read as the first character
+ on the next read. At least one character of push-back is allowed.
+ gzungetc() returns the character pushed, or -1 on failure. gzungetc() will
+ fail if c is -1, and may fail if a character has been pushed but not read
+ yet. If gzungetc is used immediately after gzopen or gzdopen, at least the
+ output buffer size of pushed characters is allowed. (See gzbuffer above.)
+ The pushed character will be discarded if the stream is repositioned with
+ gzseek() or gzrewind().
+*/
+
+ZEXTERN int ZEXPORT gzflush OF((gzFile file, int flush));
+/*
+ Flushes all pending output into the compressed file. The parameter flush
+ is as in the deflate() function. The return value is the zlib error number
+ (see function gzerror below). gzflush is only permitted when writing.
+
+ If the flush parameter is Z_FINISH, the remaining data is written and the
+ gzip stream is completed in the output. If gzwrite() is called again, a new
+ gzip stream will be started in the output. gzread() is able to read such
+ concatented gzip streams.
+
+ gzflush should be called only when strictly necessary because it will
+ degrade compression if called too often.
+*/
+
+/*
+ZEXTERN z_off_t ZEXPORT gzseek OF((gzFile file,
+ z_off_t offset, int whence));
+
+ Sets the starting position for the next gzread or gzwrite on the given
+ compressed file. The offset represents a number of bytes in the
+ uncompressed data stream. The whence parameter is defined as in lseek(2);
+ the value SEEK_END is not supported.
+
+ If the file is opened for reading, this function is emulated but can be
+ extremely slow. If the file is opened for writing, only forward seeks are
+ supported; gzseek then compresses a sequence of zeroes up to the new
+ starting position.
+
+ gzseek returns the resulting offset location as measured in bytes from
+ the beginning of the uncompressed stream, or -1 in case of error, in
+ particular if the file is opened for writing and the new starting position
+ would be before the current position.
+*/
+
+ZEXTERN int ZEXPORT gzrewind OF((gzFile file));
+/*
+ Rewinds the given file. This function is supported only for reading.
+
+ gzrewind(file) is equivalent to (int)gzseek(file, 0L, SEEK_SET)
+*/
+
+/*
+ZEXTERN z_off_t ZEXPORT gztell OF((gzFile file));
+
+ Returns the starting position for the next gzread or gzwrite on the given
+ compressed file. This position represents a number of bytes in the
+ uncompressed data stream, and is zero when starting, even if appending or
+ reading a gzip stream from the middle of a file using gzdopen().
+
+ gztell(file) is equivalent to gzseek(file, 0L, SEEK_CUR)
+*/
+
+/*
+ZEXTERN z_off_t ZEXPORT gzoffset OF((gzFile file));
+
+ Returns the current offset in the file being read or written. This offset
+ includes the count of bytes that precede the gzip stream, for example when
+ appending or when using gzdopen() for reading. When reading, the offset
+ does not include as yet unused buffered input. This information can be used
+ for a progress indicator. On error, gzoffset() returns -1.
+*/
+
+ZEXTERN int ZEXPORT gzeof OF((gzFile file));
+/*
+ Returns true (1) if the end-of-file indicator has been set while reading,
+ false (0) otherwise. Note that the end-of-file indicator is set only if the
+ read tried to go past the end of the input, but came up short. Therefore,
+ just like feof(), gzeof() may return false even if there is no more data to
+ read, in the event that the last read request was for the exact number of
+ bytes remaining in the input file. This will happen if the input file size
+ is an exact multiple of the buffer size.
+
+ If gzeof() returns true, then the read functions will return no more data,
+ unless the end-of-file indicator is reset by gzclearerr() and the input file
+ has grown since the previous end of file was detected.
+*/
+
+ZEXTERN int ZEXPORT gzdirect OF((gzFile file));
+/*
+ Returns true (1) if file is being copied directly while reading, or false
+ (0) if file is a gzip stream being decompressed. This state can change from
+ false to true while reading the input file if the end of a gzip stream is
+ reached, but is followed by data that is not another gzip stream.
+
+ If the input file is empty, gzdirect() will return true, since the input
+ does not contain a gzip stream.
+
+ If gzdirect() is used immediately after gzopen() or gzdopen() it will
+ cause buffers to be allocated to allow reading the file to determine if it
+ is a gzip file. Therefore if gzbuffer() is used, it should be called before
+ gzdirect().
+*/
+
+ZEXTERN int ZEXPORT gzclose OF((gzFile file));
+/*
+ Flushes all pending output if necessary, closes the compressed file and
+ deallocates the (de)compression state. Note that once file is closed, you
+ cannot call gzerror with file, since its structures have been deallocated.
+ gzclose must not be called more than once on the same file, just as free
+ must not be called more than once on the same allocation.
+
+ gzclose will return Z_STREAM_ERROR if file is not valid, Z_ERRNO on a
+ file operation error, or Z_OK on success.
+*/
+
+ZEXTERN int ZEXPORT gzclose_r OF((gzFile file));
+ZEXTERN int ZEXPORT gzclose_w OF((gzFile file));
+/*
+ Same as gzclose(), but gzclose_r() is only for use when reading, and
+ gzclose_w() is only for use when writing or appending. The advantage to
+ using these instead of gzclose() is that they avoid linking in zlib
+ compression or decompression code that is not used when only reading or only
+ writing respectively. If gzclose() is used, then both compression and
+ decompression code will be included the application when linking to a static
+ zlib library.
+*/
+
+ZEXTERN const char * ZEXPORT gzerror OF((gzFile file, int *errnum));
+/*
+ Returns the error message for the last error which occurred on the given
+ compressed file. errnum is set to zlib error number. If an error occurred
+ in the file system and not in the compression library, errnum is set to
+ Z_ERRNO and the application may consult errno to get the exact error code.
+
+ The application must not modify the returned string. Future calls to
+ this function may invalidate the previously returned string. If file is
+ closed, then the string previously returned by gzerror will no longer be
+ available.
+
+ gzerror() should be used to distinguish errors from end-of-file for those
+ functions above that do not distinguish those cases in their return values.
+*/
+
+ZEXTERN void ZEXPORT gzclearerr OF((gzFile file));
+/*
+ Clears the error and end-of-file flags for file. This is analogous to the
+ clearerr() function in stdio. This is useful for continuing to read a gzip
+ file that is being written concurrently.
+*/
+
+
+ /* checksum functions */
+
+/*
+ These functions are not related to compression but are exported
+ anyway because they might be useful in applications using the compression
+ library.
+*/
+
+ZEXTERN uLong ZEXPORT adler32 OF((uLong adler, const Bytef *buf, uInt len));
+/*
+ Update a running Adler-32 checksum with the bytes buf[0..len-1] and
+ return the updated checksum. If buf is Z_NULL, this function returns the
+ required initial value for the checksum.
+
+ An Adler-32 checksum is almost as reliable as a CRC32 but can be computed
+ much faster.
+
+ Usage example:
+
+ uLong adler = adler32(0L, Z_NULL, 0);
+
+ while (read_buffer(buffer, length) != EOF) {
+ adler = adler32(adler, buffer, length);
+ }
+ if (adler != original_adler) error();
+*/
+
+/*
+ZEXTERN uLong ZEXPORT adler32_combine OF((uLong adler1, uLong adler2,
+ z_off_t len2));
+
+ Combine two Adler-32 checksums into one. For two sequences of bytes, seq1
+ and seq2 with lengths len1 and len2, Adler-32 checksums were calculated for
+ each, adler1 and adler2. adler32_combine() returns the Adler-32 checksum of
+ seq1 and seq2 concatenated, requiring only adler1, adler2, and len2.
+*/
+
+ZEXTERN uLong ZEXPORT crc32 OF((uLong crc, const Bytef *buf, uInt len));
+/*
+ Update a running CRC-32 with the bytes buf[0..len-1] and return the
+ updated CRC-32. If buf is Z_NULL, this function returns the required
+ initial value for the for the crc. Pre- and post-conditioning (one's
+ complement) is performed within this function so it shouldn't be done by the
+ application.
+
+ Usage example:
+
+ uLong crc = crc32(0L, Z_NULL, 0);
+
+ while (read_buffer(buffer, length) != EOF) {
+ crc = crc32(crc, buffer, length);
+ }
+ if (crc != original_crc) error();
+*/
+
+/*
+ZEXTERN uLong ZEXPORT crc32_combine OF((uLong crc1, uLong crc2, z_off_t len2));
+
+ Combine two CRC-32 check values into one. For two sequences of bytes,
+ seq1 and seq2 with lengths len1 and len2, CRC-32 check values were
+ calculated for each, crc1 and crc2. crc32_combine() returns the CRC-32
+ check value of seq1 and seq2 concatenated, requiring only crc1, crc2, and
+ len2.
+*/
+
+
+ /* various hacks, don't look :) */
+
+/* deflateInit and inflateInit are macros to allow checking the zlib version
+ * and the compiler's view of z_stream:
+ */
+ZEXTERN int ZEXPORT deflateInit_ OF((z_streamp strm, int level,
+ const char *version, int stream_size));
+ZEXTERN int ZEXPORT inflateInit_ OF((z_streamp strm,
+ const char *version, int stream_size));
+ZEXTERN int ZEXPORT deflateInit2_ OF((z_streamp strm, int level, int method,
+ int windowBits, int memLevel,
+ int strategy, const char *version,
+ int stream_size));
+ZEXTERN int ZEXPORT inflateInit2_ OF((z_streamp strm, int windowBits,
+ const char *version, int stream_size));
+ZEXTERN int ZEXPORT inflateBackInit_ OF((z_streamp strm, int windowBits,
+ unsigned char FAR *window,
+ const char *version,
+ int stream_size));
+#define deflateInit(strm, level) \
+ deflateInit_((strm), (level), ZLIB_VERSION, sizeof(z_stream))
+#define inflateInit(strm) \
+ inflateInit_((strm), ZLIB_VERSION, sizeof(z_stream))
+#define deflateInit2(strm, level, method, windowBits, memLevel, strategy) \
+ deflateInit2_((strm),(level),(method),(windowBits),(memLevel),\
+ (strategy), ZLIB_VERSION, sizeof(z_stream))
+#define inflateInit2(strm, windowBits) \
+ inflateInit2_((strm), (windowBits), ZLIB_VERSION, sizeof(z_stream))
+#define inflateBackInit(strm, windowBits, window) \
+ inflateBackInit_((strm), (windowBits), (window), \
+ ZLIB_VERSION, sizeof(z_stream))
+
+/* provide 64-bit offset functions if _LARGEFILE64_SOURCE defined, and/or
+ * change the regular functions to 64 bits if _FILE_OFFSET_BITS is 64 (if
+ * both are true, the application gets the *64 functions, and the regular
+ * functions are changed to 64 bits) -- in case these are set on systems
+ * without large file support, _LFS64_LARGEFILE must also be true
+ */
+#if defined(_LARGEFILE64_SOURCE) && _LFS64_LARGEFILE-0
+ ZEXTERN gzFile ZEXPORT gzopen64 OF((const char *, const char *));
+ ZEXTERN z_off64_t ZEXPORT gzseek64 OF((gzFile, z_off64_t, int));
+ ZEXTERN z_off64_t ZEXPORT gztell64 OF((gzFile));
+ ZEXTERN z_off64_t ZEXPORT gzoffset64 OF((gzFile));
+ ZEXTERN uLong ZEXPORT adler32_combine64 OF((uLong, uLong, z_off64_t));
+ ZEXTERN uLong ZEXPORT crc32_combine64 OF((uLong, uLong, z_off64_t));
+#endif
+
+#if !defined(ZLIB_INTERNAL) && _FILE_OFFSET_BITS-0 == 64 && _LFS64_LARGEFILE-0
+# define gzopen gzopen64
+# define gzseek gzseek64
+# define gztell gztell64
+# define gzoffset gzoffset64
+# define adler32_combine adler32_combine64
+# define crc32_combine crc32_combine64
+# ifdef _LARGEFILE64_SOURCE
+ ZEXTERN gzFile ZEXPORT gzopen64 OF((const char *, const char *));
+ ZEXTERN z_off_t ZEXPORT gzseek64 OF((gzFile, z_off_t, int));
+ ZEXTERN z_off_t ZEXPORT gztell64 OF((gzFile));
+ ZEXTERN z_off_t ZEXPORT gzoffset64 OF((gzFile));
+ ZEXTERN uLong ZEXPORT adler32_combine64 OF((uLong, uLong, z_off_t));
+ ZEXTERN uLong ZEXPORT crc32_combine64 OF((uLong, uLong, z_off_t));
+# endif
+#else
+ ZEXTERN gzFile ZEXPORT gzopen OF((const char *, const char *));
+ ZEXTERN z_off_t ZEXPORT gzseek OF((gzFile, z_off_t, int));
+ ZEXTERN z_off_t ZEXPORT gztell OF((gzFile));
+ ZEXTERN z_off_t ZEXPORT gzoffset OF((gzFile));
+ ZEXTERN uLong ZEXPORT adler32_combine OF((uLong, uLong, z_off_t));
+ ZEXTERN uLong ZEXPORT crc32_combine OF((uLong, uLong, z_off_t));
+#endif
+
+/* hack for buggy compilers */
+#if !defined(ZUTIL_H) && !defined(NO_DUMMY_DECL)
+ struct internal_state {int dummy;};
+#endif
+
+/* undocumented functions */
+ZEXTERN const char * ZEXPORT zError OF((int));
+ZEXTERN int ZEXPORT inflateSyncPoint OF((z_streamp));
+ZEXTERN const uLongf * ZEXPORT get_crc_table OF((void));
+ZEXTERN int ZEXPORT inflateUndermine OF((z_streamp, int));
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* ZLIB_H */
Added: trunk/contrib/sudo/zlib/zutil.c
===================================================================
--- trunk/contrib/sudo/zlib/zutil.c (rev 0)
+++ trunk/contrib/sudo/zlib/zutil.c 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,318 @@
+/* zutil.c -- target dependent utility functions for the compression library
+ * Copyright (C) 1995-2005, 2010 Jean-loup Gailly.
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/* @(#) $Id$ */
+
+#include "zutil.h"
+
+#ifndef NO_DUMMY_DECL
+struct internal_state {int dummy;}; /* for buggy compilers */
+#endif
+
+const char * const z_errmsg[10] = {
+"need dictionary", /* Z_NEED_DICT 2 */
+"stream end", /* Z_STREAM_END 1 */
+"", /* Z_OK 0 */
+"file error", /* Z_ERRNO (-1) */
+"stream error", /* Z_STREAM_ERROR (-2) */
+"data error", /* Z_DATA_ERROR (-3) */
+"insufficient memory", /* Z_MEM_ERROR (-4) */
+"buffer error", /* Z_BUF_ERROR (-5) */
+"incompatible version",/* Z_VERSION_ERROR (-6) */
+""};
+
+
+const char * ZEXPORT zlibVersion()
+{
+ return ZLIB_VERSION;
+}
+
+uLong ZEXPORT zlibCompileFlags()
+{
+ uLong flags;
+
+ flags = 0;
+ switch ((int)(sizeof(uInt))) {
+ case 2: break;
+ case 4: flags += 1; break;
+ case 8: flags += 2; break;
+ default: flags += 3;
+ }
+ switch ((int)(sizeof(uLong))) {
+ case 2: break;
+ case 4: flags += 1 << 2; break;
+ case 8: flags += 2 << 2; break;
+ default: flags += 3 << 2;
+ }
+ switch ((int)(sizeof(voidpf))) {
+ case 2: break;
+ case 4: flags += 1 << 4; break;
+ case 8: flags += 2 << 4; break;
+ default: flags += 3 << 4;
+ }
+ switch ((int)(sizeof(z_off_t))) {
+ case 2: break;
+ case 4: flags += 1 << 6; break;
+ case 8: flags += 2 << 6; break;
+ default: flags += 3 << 6;
+ }
+#ifdef DEBUG
+ flags += 1 << 8;
+#endif
+#if defined(ASMV) || defined(ASMINF)
+ flags += 1 << 9;
+#endif
+#ifdef ZLIB_WINAPI
+ flags += 1 << 10;
+#endif
+#ifdef BUILDFIXED
+ flags += 1 << 12;
+#endif
+#ifdef DYNAMIC_CRC_TABLE
+ flags += 1 << 13;
+#endif
+#ifdef NO_GZCOMPRESS
+ flags += 1L << 16;
+#endif
+#ifdef NO_GZIP
+ flags += 1L << 17;
+#endif
+#ifdef PKZIP_BUG_WORKAROUND
+ flags += 1L << 20;
+#endif
+#ifdef FASTEST
+ flags += 1L << 21;
+#endif
+#ifdef STDC
+# ifdef NO_vsnprintf
+ flags += 1L << 25;
+# ifdef HAS_vsprintf_void
+ flags += 1L << 26;
+# endif
+# else
+# ifdef HAS_vsnprintf_void
+ flags += 1L << 26;
+# endif
+# endif
+#else
+ flags += 1L << 24;
+# ifdef NO_snprintf
+ flags += 1L << 25;
+# ifdef HAS_sprintf_void
+ flags += 1L << 26;
+# endif
+# else
+# ifdef HAS_snprintf_void
+ flags += 1L << 26;
+# endif
+# endif
+#endif
+ return flags;
+}
+
+#ifdef DEBUG
+
+# ifndef verbose
+# define verbose 0
+# endif
+int ZLIB_INTERNAL z_verbose = verbose;
+
+void ZLIB_INTERNAL z_error (m)
+ char *m;
+{
+ fprintf(stderr, "%s\n", m);
+ exit(1);
+}
+#endif
+
+/* exported to allow conversion of error code to string for compress() and
+ * uncompress()
+ */
+const char * ZEXPORT zError(err)
+ int err;
+{
+ return ERR_MSG(err);
+}
+
+#if defined(_WIN32_WCE)
+ /* The Microsoft C Run-Time Library for Windows CE doesn't have
+ * errno. We define it as a global variable to simplify porting.
+ * Its value is always 0 and should not be used.
+ */
+ int errno = 0;
+#endif
+
+#ifndef HAVE_MEMCPY
+
+void ZLIB_INTERNAL zmemcpy(dest, source, len)
+ Bytef* dest;
+ const Bytef* source;
+ uInt len;
+{
+ if (len == 0) return;
+ do {
+ *dest++ = *source++; /* ??? to be unrolled */
+ } while (--len != 0);
+}
+
+int ZLIB_INTERNAL zmemcmp(s1, s2, len)
+ const Bytef* s1;
+ const Bytef* s2;
+ uInt len;
+{
+ uInt j;
+
+ for (j = 0; j < len; j++) {
+ if (s1[j] != s2[j]) return 2*(s1[j] > s2[j])-1;
+ }
+ return 0;
+}
+
+void ZLIB_INTERNAL zmemzero(dest, len)
+ Bytef* dest;
+ uInt len;
+{
+ if (len == 0) return;
+ do {
+ *dest++ = 0; /* ??? to be unrolled */
+ } while (--len != 0);
+}
+#endif
+
+
+#ifdef SYS16BIT
+
+#ifdef __TURBOC__
+/* Turbo C in 16-bit mode */
+
+# define MY_ZCALLOC
+
+/* Turbo C malloc() does not allow dynamic allocation of 64K bytes
+ * and farmalloc(64K) returns a pointer with an offset of 8, so we
+ * must fix the pointer. Warning: the pointer must be put back to its
+ * original form in order to free it, use zcfree().
+ */
+
+#define MAX_PTR 10
+/* 10*64K = 640K */
+
+local int next_ptr = 0;
+
+typedef struct ptr_table_s {
+ voidpf org_ptr;
+ voidpf new_ptr;
+} ptr_table;
+
+local ptr_table table[MAX_PTR];
+/* This table is used to remember the original form of pointers
+ * to large buffers (64K). Such pointers are normalized with a zero offset.
+ * Since MSDOS is not a preemptive multitasking OS, this table is not
+ * protected from concurrent access. This hack doesn't work anyway on
+ * a protected system like OS/2. Use Microsoft C instead.
+ */
+
+voidpf ZLIB_INTERNAL zcalloc (voidpf opaque, unsigned items, unsigned size)
+{
+ voidpf buf = opaque; /* just to make some compilers happy */
+ ulg bsize = (ulg)items*size;
+
+ /* If we allocate less than 65520 bytes, we assume that farmalloc
+ * will return a usable pointer which doesn't have to be normalized.
+ */
+ if (bsize < 65520L) {
+ buf = farmalloc(bsize);
+ if (*(ush*)&buf != 0) return buf;
+ } else {
+ buf = farmalloc(bsize + 16L);
+ }
+ if (buf == NULL || next_ptr >= MAX_PTR) return NULL;
+ table[next_ptr].org_ptr = buf;
+
+ /* Normalize the pointer to seg:0 */
+ *((ush*)&buf+1) += ((ush)((uch*)buf-0) + 15) >> 4;
+ *(ush*)&buf = 0;
+ table[next_ptr++].new_ptr = buf;
+ return buf;
+}
+
+void ZLIB_INTERNAL zcfree (voidpf opaque, voidpf ptr)
+{
+ int n;
+ if (*(ush*)&ptr != 0) { /* object < 64K */
+ farfree(ptr);
+ return;
+ }
+ /* Find the original pointer */
+ for (n = 0; n < next_ptr; n++) {
+ if (ptr != table[n].new_ptr) continue;
+
+ farfree(table[n].org_ptr);
+ while (++n < next_ptr) {
+ table[n-1] = table[n];
+ }
+ next_ptr--;
+ return;
+ }
+ ptr = opaque; /* just to make some compilers happy */
+ Assert(0, "zcfree: ptr not found");
+}
+
+#endif /* __TURBOC__ */
+
+
+#ifdef M_I86
+/* Microsoft C in 16-bit mode */
+
+# define MY_ZCALLOC
+
+#if (!defined(_MSC_VER) || (_MSC_VER <= 600))
+# define _halloc halloc
+# define _hfree hfree
+#endif
+
+voidpf ZLIB_INTERNAL zcalloc (voidpf opaque, uInt items, uInt size)
+{
+ if (opaque) opaque = 0; /* to make compiler happy */
+ return _halloc((long)items, size);
+}
+
+void ZLIB_INTERNAL zcfree (voidpf opaque, voidpf ptr)
+{
+ if (opaque) opaque = 0; /* to make compiler happy */
+ _hfree(ptr);
+}
+
+#endif /* M_I86 */
+
+#endif /* SYS16BIT */
+
+
+#ifndef MY_ZCALLOC /* Any system without a special alloc function */
+
+#ifndef STDC
+extern voidp malloc OF((uInt size));
+extern voidp calloc OF((uInt items, uInt size));
+extern void free OF((voidpf ptr));
+#endif
+
+voidpf ZLIB_INTERNAL zcalloc (opaque, items, size)
+ voidpf opaque;
+ unsigned items;
+ unsigned size;
+{
+ if (opaque) items += size - size; /* make compiler happy */
+ return sizeof(uInt) > 2 ? (voidpf)malloc(items * size) :
+ (voidpf)calloc(items, size);
+}
+
+void ZLIB_INTERNAL zcfree (opaque, ptr)
+ voidpf opaque;
+ voidpf ptr;
+{
+ free(ptr);
+ if (opaque) return; /* make compiler happy */
+}
+
+#endif /* MY_ZCALLOC */
Added: trunk/contrib/sudo/zlib/zutil.h
===================================================================
--- trunk/contrib/sudo/zlib/zutil.h (rev 0)
+++ trunk/contrib/sudo/zlib/zutil.h 2014-10-02 03:20:49 UTC (rev 6803)
@@ -0,0 +1,274 @@
+/* zutil.h -- internal interface and configuration of the compression library
+ * Copyright (C) 1995-2010 Jean-loup Gailly.
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/* WARNING: this file should *not* be used by applications. It is
+ part of the implementation of the compression library and is
+ subject to change. Applications should only use zlib.h.
+ */
+
+/* @(#) $Id$ */
+
+#ifndef ZUTIL_H
+#define ZUTIL_H
+
+#if ((__GNUC__-0) * 10 + __GNUC_MINOR__-0 >= 33) && !defined(NO_VIZ)
+# define ZLIB_INTERNAL __attribute__((visibility ("hidden")))
+#else
+# define ZLIB_INTERNAL
+#endif
+
+#include "zlib.h"
+
+#ifdef STDC
+# if !(defined(_WIN32_WCE) && defined(_MSC_VER))
+# include <stddef.h>
+# endif
+# include <string.h>
+# include <stdlib.h>
+#endif
+
+#ifndef local
+# define local static
+#endif
+/* compile with -Dlocal if your debugger can't find static symbols */
+
+typedef unsigned char uch;
+typedef uch FAR uchf;
+typedef unsigned short ush;
+typedef ush FAR ushf;
+typedef unsigned long ulg;
+
+extern const char * const z_errmsg[10]; /* indexed by 2-zlib_error */
+/* (size given to avoid silly warnings with Visual C++) */
+
+#define ERR_MSG(err) z_errmsg[Z_NEED_DICT-(err)]
+
+#define ERR_RETURN(strm,err) \
+ return (strm->msg = (char*)ERR_MSG(err), (err))
+/* To be used only when the state is known to be valid */
+
+ /* common constants */
+
+#ifndef DEF_WBITS
+# define DEF_WBITS MAX_WBITS
+#endif
+/* default windowBits for decompression. MAX_WBITS is for compression only */
+
+#if MAX_MEM_LEVEL >= 8
+# define DEF_MEM_LEVEL 8
+#else
+# define DEF_MEM_LEVEL MAX_MEM_LEVEL
+#endif
+/* default memLevel */
+
+#define STORED_BLOCK 0
+#define STATIC_TREES 1
+#define DYN_TREES 2
+/* The three kinds of block type */
+
+#define MIN_MATCH 3
+#define MAX_MATCH 258
+/* The minimum and maximum match lengths */
+
+#define PRESET_DICT 0x20 /* preset dictionary flag in zlib header */
+
+ /* target dependencies */
+
+#if defined(MSDOS) || (defined(WINDOWS) && !defined(WIN32))
+# define OS_CODE 0x00
+# if defined(__TURBOC__) || defined(__BORLANDC__)
+# if (__STDC__ == 1) && (defined(__LARGE__) || defined(__COMPACT__))
+ /* Allow compilation with ANSI keywords only enabled */
+ void _Cdecl farfree( void *block );
+ void *_Cdecl farmalloc( unsigned long nbytes );
+# else
+# include <alloc.h>
+# endif
+# else /* MSC or DJGPP */
+# include <malloc.h>
+# endif
+#endif
+
+#ifdef AMIGA
+# define OS_CODE 0x01
+#endif
+
+#if defined(VAXC) || defined(VMS)
+# define OS_CODE 0x02
+# define F_OPEN(name, mode) \
+ fopen((name), (mode), "mbc=60", "ctx=stm", "rfm=fix", "mrs=512")
+#endif
+
+#if defined(ATARI) || defined(atarist)
+# define OS_CODE 0x05
+#endif
+
+#ifdef OS2
+# define OS_CODE 0x06
+# ifdef M_I86
+# include <malloc.h>
+# endif
+#endif
+
+#if defined(MACOS) || defined(TARGET_OS_MAC)
+# define OS_CODE 0x07
+# if defined(__MWERKS__) && __dest_os != __be_os && __dest_os != __win32_os
+# include <unix.h> /* for fdopen */
+# else
+# ifndef fdopen
+# define fdopen(fd,mode) NULL /* No fdopen() */
+# endif
+# endif
+#endif
+
+#ifdef TOPS20
+# define OS_CODE 0x0a
+#endif
+
+#ifdef WIN32
+# ifndef __CYGWIN__ /* Cygwin is Unix, not Win32 */
+# define OS_CODE 0x0b
+# endif
+#endif
+
+#ifdef __50SERIES /* Prime/PRIMOS */
+# define OS_CODE 0x0f
+#endif
+
+#if defined(_BEOS_) || defined(RISCOS)
+# define fdopen(fd,mode) NULL /* No fdopen() */
+#endif
+
+#if (defined(_MSC_VER) && (_MSC_VER > 600)) && !defined __INTERIX
+# if defined(_WIN32_WCE)
+# define fdopen(fd,mode) NULL /* No fdopen() */
+# ifndef _PTRDIFF_T_DEFINED
+ typedef int ptrdiff_t;
+# define _PTRDIFF_T_DEFINED
+# endif
+# else
+# define fdopen(fd,type) _fdopen(fd,type)
+# endif
+#endif
+
+#if defined(__BORLANDC__)
+ #pragma warn -8004
+ #pragma warn -8008
+ #pragma warn -8066
+#endif
+
+/* provide prototypes for these when building zlib without LFS */
+#if !defined(_LARGEFILE64_SOURCE) || _LFS64_LARGEFILE-0 == 0
+ ZEXTERN uLong ZEXPORT adler32_combine64 OF((uLong, uLong, z_off_t));
+ ZEXTERN uLong ZEXPORT crc32_combine64 OF((uLong, uLong, z_off_t));
+#endif
+
+ /* common defaults */
+
+#ifndef OS_CODE
+# define OS_CODE 0x03 /* assume Unix */
+#endif
+
+#ifndef F_OPEN
+# define F_OPEN(name, mode) fopen((name), (mode))
+#endif
+
+ /* functions */
+
+#if defined(STDC99) || (defined(__TURBOC__) && __TURBOC__ >= 0x550)
+# ifndef HAVE_VSNPRINTF
+# define HAVE_VSNPRINTF
+# endif
+#endif
+#if defined(__CYGWIN__)
+# ifndef HAVE_VSNPRINTF
+# define HAVE_VSNPRINTF
+# endif
+#endif
+#ifndef HAVE_VSNPRINTF
+# ifdef MSDOS
+ /* vsnprintf may exist on some MS-DOS compilers (DJGPP?),
+ but for now we just assume it doesn't. */
+# define NO_vsnprintf
+# endif
+# ifdef __TURBOC__
+# define NO_vsnprintf
+# endif
+# ifdef WIN32
+ /* In Win32, vsnprintf is available as the "non-ANSI" _vsnprintf. */
+# if !defined(vsnprintf) && !defined(NO_vsnprintf)
+# if !defined(_MSC_VER) || ( defined(_MSC_VER) && _MSC_VER < 1500 )
+# define vsnprintf _vsnprintf
+# endif
+# endif
+# endif
+# ifdef __SASC
+# define NO_vsnprintf
+# endif
+#endif
+#ifdef VMS
+# define NO_vsnprintf
+#endif
+
+#if defined(pyr)
+# define NO_MEMCPY
+#endif
+#if defined(SMALL_MEDIUM) && !defined(_MSC_VER) && !defined(__SC__)
+ /* Use our own functions for small and medium model with MSC <= 5.0.
+ * You may have to use the same strategy for Borland C (untested).
+ * The __SC__ check is for Symantec.
+ */
+# define NO_MEMCPY
+#endif
+#if defined(STDC) && !defined(HAVE_MEMCPY) && !defined(NO_MEMCPY)
+# define HAVE_MEMCPY
+#endif
+#ifdef HAVE_MEMCPY
+# ifdef SMALL_MEDIUM /* MSDOS small or medium model */
+# define zmemcpy _fmemcpy
+# define zmemcmp _fmemcmp
+# define zmemzero(dest, len) _fmemset(dest, 0, len)
+# else
+# define zmemcpy memcpy
+# define zmemcmp memcmp
+# define zmemzero(dest, len) memset(dest, 0, len)
+# endif
+#else
+ void ZLIB_INTERNAL zmemcpy OF((Bytef* dest, const Bytef* source, uInt len));
+ int ZLIB_INTERNAL zmemcmp OF((const Bytef* s1, const Bytef* s2, uInt len));
+ void ZLIB_INTERNAL zmemzero OF((Bytef* dest, uInt len));
+#endif
+
+/* Diagnostic functions */
+#ifdef DEBUG
+# include <stdio.h>
+ extern int ZLIB_INTERNAL z_verbose;
+ extern void ZLIB_INTERNAL z_error OF((char *m));
+# define Assert(cond,msg) {if(!(cond)) z_error(msg);}
+# define Trace(x) {if (z_verbose>=0) fprintf x ;}
+# define Tracev(x) {if (z_verbose>0) fprintf x ;}
+# define Tracevv(x) {if (z_verbose>1) fprintf x ;}
+# define Tracec(c,x) {if (z_verbose>0 && (c)) fprintf x ;}
+# define Tracecv(c,x) {if (z_verbose>1 && (c)) fprintf x ;}
+#else
+# define Assert(cond,msg)
+# define Trace(x)
+# define Tracev(x)
+# define Tracevv(x)
+# define Tracec(c,x)
+# define Tracecv(c,x)
+#endif
+
+
+voidpf ZLIB_INTERNAL zcalloc OF((voidpf opaque, unsigned items,
+ unsigned size));
+void ZLIB_INTERNAL zcfree OF((voidpf opaque, voidpf ptr));
+
+#define ZALLOC(strm, items, size) \
+ (*((strm)->zalloc))((strm)->opaque, (items), (size))
+#define ZFREE(strm, addr) (*((strm)->zfree))((strm)->opaque, (voidpf)(addr))
+#define TRY_FREE(s, p) {if (p) ZFREE(s, p);}
+
+#endif /* ZUTIL_H */
More information about the Midnightbsd-cvs
mailing list